Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Connectivity / a07cef10592c208f95277de8176b3289e3cc1159^! / .
commita07cef10592c208f95277de8176b3289e3cc1159[log] [tgz]
authorchiachangwang <chiachangwang@google.com>Wed Dec 07 10:44:35 2022 +0000
committerchiachangwang <chiachangwang@google.com>Tue Dec 13 10:15:49 2022 +0000
treea30c93668da3cbc56b17ee757d97f27284dd3929
parentb865214380d86d6001324fd003d63ccf0a11ece8 [diff]
Add areLongLivedTcpConnectionsExpensive in VpnTransportInfo

Add VpnTransportInfo.areLongLivedTcpConnectionsExpensive() in API
surface to allow privileged apps to know whether the long-lived
TCP connections should be expensive in the VPN network.

This is expected to be used combined with getBypassable()
because connections should always go through a VPN that is not
bypassable.

Bug: 259000745
Test: atest FrameworksNetTests
Change-Id: Ic9bcdf43f252f22d12a1136902cc8bbf9cc731f5

diff --git a/framework/api/system-current.txt b/framework/api/system-current.txt
index c7872a0..0b0f2bb 100644
--- a/framework/api/system-current.txt
+++ b/framework/api/system-current.txt

@@ -512,7 +512,8 @@
   }
 
   public final class VpnTransportInfo implements android.os.Parcelable android.net.TransportInfo {
-    ctor public VpnTransportInfo(int, @Nullable String, boolean);
+    ctor public VpnTransportInfo(int, @Nullable String, boolean, boolean);
+    method public boolean areLongLivedTcpConnectionsExpensive();
     method public int describeContents();
     method public boolean getBypassable();
     method public int getType();

diff --git a/framework/src/android/net/VpnTransportInfo.java b/framework/src/android/net/VpnTransportInfo.java
index ebad477..e335c0f 100644
--- a/framework/src/android/net/VpnTransportInfo.java
+++ b/framework/src/android/net/VpnTransportInfo.java

@@ -52,6 +52,8 @@
 
     private final boolean mBypassable;
 
+    private final boolean mLongLivedTcpConnectionsExpensive;
+
     // TODO: Refer to Build.VERSION_CODES when it's available in every branch.
     private static final int UPSIDE_DOWN_CAKE = 34;
 
@@ -70,11 +72,12 @@
     @SystemApi(client = MODULE_LIBRARIES)
     public VpnTransportInfo makeCopy(@RedactionType long redactions) {
         return new VpnTransportInfo(mType,
-            ((redactions & REDACT_FOR_NETWORK_SETTINGS) != 0) ? null : mSessionId, mBypassable);
+            ((redactions & REDACT_FOR_NETWORK_SETTINGS) != 0) ? null : mSessionId,
+            mBypassable, mLongLivedTcpConnectionsExpensive);
     }
 
     /**
-     * @deprecated please use {@link VpnTransportInfo(int,String,boolean)} instead.
+     * @deprecated please use {@link VpnTransportInfo(int,String,boolean,boolean)}.
      * @hide
      */
     @Deprecated
@@ -87,13 +90,18 @@
         // available anyway, so this should be harmless. False is a better choice than true here
         // regardless because it is the default value for both VpnManager and VpnService if the app
         // does not do anything about it.
-        this(type, sessionId, false /* bypassable */);
+        this(type, sessionId, false /* bypassable */, false /* longLivedTcpConnectionsExpensive */);
     }
 
-    public VpnTransportInfo(int type, @Nullable String sessionId, boolean bypassable) {
+    /**
+     * Construct a new VpnTransportInfo object.
+     */
+    public VpnTransportInfo(int type, @Nullable String sessionId, boolean bypassable,
+            boolean longLivedTcpConnectionsExpensive) {
         this.mType = type;
         this.mSessionId = sessionId;
         this.mBypassable = bypassable;
+        this.mLongLivedTcpConnectionsExpensive = longLivedTcpConnectionsExpensive;
     }
 
     /**
@@ -112,6 +120,37 @@
     }
 
     /**
+     * Returns whether long-lived TCP connections are expensive on the VPN network.
+     *
+     * If there are long-lived TCP connections over the VPN, over some networks the
+     * VPN needs to regularly send packets to keep the network alive to keep these
+     * connections working, which wakes up the device radio. On some networks, this
+     * can become extremely expensive in terms of battery. The system knows to send
+     * these keepalive packets only when necessary, i.e. when there are long-lived
+     * TCP connections opened over the VPN, meaning on these networks establishing
+     * a long-lived TCP connection will have a very noticeable impact on battery
+     * life.
+     *
+     * VPNs can be bypassable or not. When the VPN is not bypassable, the user has
+     * expressed explicit intent to have no connection outside of the VPN, so even
+     * privileged apps with permission to bypass non-bypassable VPNs should not do
+     * so. See {@link #getBypassable()}.
+     * For bypassable VPNs however, the user expects apps choose reasonable tradeoffs
+     * about whether they use the VPN.
+     *
+     * Components that establish long-lived, encrypted TCP connections are encouraged
+     * to look up this value to decide whether to open their connection over a VPN
+     * or to bypass it. While VPNs do not typically provide privacy or security
+     * benefits to encrypted connections, the user generally still expects the
+     * connections to choose to use the VPN by default, but also do not expect this
+     * comes at the price of drastically reduced battery life. This method provides
+     * a hint about whether the battery cost of opening such a connection is high.
+     */
+    public boolean areLongLivedTcpConnectionsExpensive() {
+        return mLongLivedTcpConnectionsExpensive;
+    }
+
+    /**
      * Returns the session Id of this VpnTransportInfo.
      * @hide
      */
@@ -134,18 +173,21 @@
 
         VpnTransportInfo that = (VpnTransportInfo) o;
         return (this.mType == that.mType) && TextUtils.equals(this.mSessionId, that.mSessionId)
-                && (this.mBypassable == that.mBypassable);
+                && (this.mBypassable == that.mBypassable)
+                && (this.mLongLivedTcpConnectionsExpensive
+                == that.mLongLivedTcpConnectionsExpensive);
     }
 
     @Override
     public int hashCode() {
-        return Objects.hash(mType, mSessionId, mBypassable);
+        return Objects.hash(mType, mSessionId, mBypassable, mLongLivedTcpConnectionsExpensive);
     }
 
     @Override
     public String toString() {
-        return String.format("VpnTransportInfo{type=%d, sessionId=%s, bypassable=%b}",
-                mType, mSessionId, mBypassable);
+        return String.format("VpnTransportInfo{type=%d, sessionId=%s, bypassable=%b "
+                        + "longLivedTcpConnectionsExpensive=%b}",
+                mType, mSessionId, mBypassable, mLongLivedTcpConnectionsExpensive);
     }
 
     @Override
@@ -158,12 +200,14 @@
         dest.writeInt(mType);
         dest.writeString(mSessionId);
         dest.writeBoolean(mBypassable);
+        dest.writeBoolean(mLongLivedTcpConnectionsExpensive);
     }
 
     public static final @NonNull Creator<VpnTransportInfo> CREATOR =
             new Creator<VpnTransportInfo>() {
         public VpnTransportInfo createFromParcel(Parcel in) {
-            return new VpnTransportInfo(in.readInt(), in.readString(), in.readBoolean());
+            return new VpnTransportInfo(
+                    in.readInt(), in.readString(), in.readBoolean(), in.readBoolean());
         }
         public VpnTransportInfo[] newArray(int size) {
             return new VpnTransportInfo[size];

diff --git a/tests/common/java/android/net/VpnTransportInfoTest.java b/tests/common/java/android/net/VpnTransportInfoTest.java
index 161f9ee..f32ab8b 100644
--- a/tests/common/java/android/net/VpnTransportInfoTest.java
+++ b/tests/common/java/android/net/VpnTransportInfoTest.java

@@ -53,7 +53,7 @@
         assertParcelingIsLossless(v);
 
         final VpnTransportInfo v2 =
-                new VpnTransportInfo(VpnManager.TYPE_VPN_PLATFORM, "12345", true);
+                new VpnTransportInfo(VpnManager.TYPE_VPN_PLATFORM, "12345", true, true);
         assertParcelingIsLossless(v2);
     }
 
@@ -66,8 +66,10 @@
         final VpnTransportInfo v13 = new VpnTransportInfo(VpnManager.TYPE_VPN_PLATFORM, session1);
         final VpnTransportInfo v14 = new VpnTransportInfo(VpnManager.TYPE_VPN_LEGACY, session1);
         final VpnTransportInfo v15 = new VpnTransportInfo(VpnManager.TYPE_VPN_OEM, session1);
-        final VpnTransportInfo v16 = new VpnTransportInfo(VpnManager.TYPE_VPN_OEM, session1, true);
-        final VpnTransportInfo v17 = new VpnTransportInfo(VpnManager.TYPE_VPN_OEM, session1, true);
+        final VpnTransportInfo v16 = new VpnTransportInfo(
+                VpnManager.TYPE_VPN_OEM, session1, true, true);
+        final VpnTransportInfo v17 = new VpnTransportInfo(
+                VpnManager.TYPE_VPN_OEM, session1, true, true);
         final VpnTransportInfo v21 = new VpnTransportInfo(VpnManager.TYPE_VPN_LEGACY, session2);
 
         final VpnTransportInfo v31 = v11.makeCopy(REDACT_FOR_NETWORK_SETTINGS);
@@ -104,7 +106,18 @@
         assertFalse(v.getBypassable());
 
         final VpnTransportInfo v2 =
-                new VpnTransportInfo(VpnManager.TYPE_VPN_PLATFORM, "12345", true);
+                new VpnTransportInfo(VpnManager.TYPE_VPN_PLATFORM, "12345", true, false);
         assertTrue(v2.getBypassable());
     }
+
+    @DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.TIRAMISU)
+    @Test
+    public void testShouldLongLivedTcpExcluded() {
+        final VpnTransportInfo v = new VpnTransportInfo(VpnManager.TYPE_VPN_PLATFORM, "12345");
+        assertFalse(v.areLongLivedTcpConnectionsExpensive());
+
+        final VpnTransportInfo v2 = new VpnTransportInfo(
+                VpnManager.TYPE_VPN_PLATFORM, "12345", true, true);
+        assertTrue(v2.areLongLivedTcpConnectionsExpensive());
+    }
 }