Merge "Update PrivateDnsMode from StringDef to IntDef"
diff --git a/framework/Android.bp b/framework/Android.bp
index 017ff51..657d5a3 100644
--- a/framework/Android.bp
+++ b/framework/Android.bp
@@ -25,6 +25,7 @@
java_library {
name: "framework-connectivity-protos",
+ sdk_version: "module_current",
proto: {
type: "nano",
},
@@ -82,8 +83,7 @@
name: "framework-connectivity",
api_only: true,
defaults: ["framework-module-defaults"],
- // TODO: build against module API
- platform_apis: true,
+ installable: true,
srcs: [
":framework-connectivity-sources",
],
@@ -100,18 +100,56 @@
libs: [
"unsupportedappusage",
],
- permitted_packages: ["android.net", "com.android.connectivity.aidl"],
+ permitted_packages: ["android.net"],
+}
+
+cc_defaults {
+ name: "libframework-connectivity-defaults",
+ cflags: [
+ "-Wall",
+ "-Werror",
+ "-Wno-unused-parameter",
+ "-Wthread-safety",
+ ],
+ shared_libs: [
+ "libbase",
+ "liblog",
+ "libnativehelper",
+ "libnetd_client",
+ ],
+ header_libs: [
+ "dnsproxyd_protocol_headers",
+ ],
+}
+
+cc_library_static {
+ name: "libconnectivityframeworkutils",
+ defaults: ["libframework-connectivity-defaults"],
+ srcs: [
+ "jni/android_net_NetworkUtils.cpp",
+ ],
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.tethering",
+ ],
+}
+
+cc_library_shared {
+ name: "libframework-connectivity-jni",
+ defaults: ["libframework-connectivity-defaults"],
+ srcs: [
+ "jni/onload.cpp",
+ ],
+ static_libs: ["libconnectivityframeworkutils"],
+ apex_available: [
+ "//apex_available:platform",
+ "com.android.tethering",
+ ],
}
java_library {
name: "framework-connectivity.impl",
- // Instead of building against private API (framework.jar),
- // build against core_platform + framework-minus-apex + module
- // stub libs. This allows framework.jar to depend on this library,
- // so it can be part of the private API until all clients have been migrated.
- // TODO: just build against module_api, and remove this jar from
- // the private API.
- sdk_version: "core_platform",
+ sdk_version: "module_current",
srcs: [
":framework-connectivity-sources",
],
@@ -122,12 +160,11 @@
],
},
libs: [
- "framework-minus-apex",
- // TODO: just framework-tethering, framework-wifi when building against module_api
- "framework-tethering.stubs.module_lib",
- "framework-wifi.stubs.module_lib",
+ // TODO (b/183097033) remove once module_current includes core_current
+ "stable.core.platform.api.stubs",
+ "framework-tethering",
+ "framework-wifi",
"unsupportedappusage",
- "ServiceConnectivityResources",
],
static_libs: [
"framework-connectivity-protos",
@@ -136,5 +173,5 @@
jarjar_rules: "jarjar-rules.txt",
apex_available: ["com.android.tethering"],
installable: true,
- permitted_packages: ["android.net", "com.android.connectivity.aidl"],
+ permitted_packages: ["android.net"],
}
diff --git a/framework/api/module-lib-current.txt b/framework/api/module-lib-current.txt
index 90580fa..78dff21 100644
--- a/framework/api/module-lib-current.txt
+++ b/framework/api/module-lib-current.txt
@@ -109,7 +109,7 @@
public final class NetworkCapabilities implements android.os.Parcelable {
method @Nullable public java.util.Set<android.util.Range<java.lang.Integer>> getUids();
- method public boolean hasUnwantedCapability(int);
+ method public boolean hasForbiddenCapability(int);
field public static final long REDACT_ALL = -1L; // 0xffffffffffffffffL
field public static final long REDACT_FOR_ACCESS_FINE_LOCATION = 1L; // 0x1L
field public static final long REDACT_FOR_LOCAL_MAC_ADDRESS = 2L; // 0x2L
@@ -123,13 +123,13 @@
}
public class NetworkRequest implements android.os.Parcelable {
- method @NonNull public int[] getUnwantedCapabilities();
- method public boolean hasUnwantedCapability(int);
+ method @NonNull public int[] getForbiddenCapabilities();
+ method public boolean hasForbiddenCapability(int);
}
public static class NetworkRequest.Builder {
- method @NonNull public android.net.NetworkRequest.Builder addUnwantedCapability(int);
- method @NonNull public android.net.NetworkRequest.Builder removeUnwantedCapability(int);
+ method @NonNull public android.net.NetworkRequest.Builder addForbiddenCapability(int);
+ method @NonNull public android.net.NetworkRequest.Builder removeForbiddenCapability(int);
method @NonNull public android.net.NetworkRequest.Builder setUids(@Nullable java.util.Set<android.util.Range<java.lang.Integer>>);
}
diff --git a/framework/jni/android_net_NetworkUtils.cpp b/framework/jni/android_net_NetworkUtils.cpp
new file mode 100644
index 0000000..48e262a
--- /dev/null
+++ b/framework/jni/android_net_NetworkUtils.cpp
@@ -0,0 +1,274 @@
+/*
+ * Copyright 2020, The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "NetworkUtils"
+
+#include <vector>
+
+#include <android/file_descriptor_jni.h>
+#include <arpa/inet.h>
+#include <linux/filter.h>
+#include <linux/if_arp.h>
+#include <linux/tcp.h>
+#include <net/if.h>
+#include <netinet/ether.h>
+#include <netinet/ip.h>
+#include <netinet/udp.h>
+
+#include <DnsProxydProtocol.h> // NETID_USE_LOCAL_NAMESERVERS
+#include <cutils/properties.h>
+#include <nativehelper/JNIHelp.h>
+#include <nativehelper/JNIPlatformHelp.h>
+#include <nativehelper/ScopedLocalRef.h>
+#include <utils/Log.h>
+#include <utils/misc.h>
+
+#include "NetdClient.h"
+#include "jni.h"
+
+extern "C" {
+int ifc_enable(const char *ifname);
+int ifc_disable(const char *ifname);
+}
+
+#define NETUTILS_PKG_NAME "android/net/NetworkUtils"
+
+namespace android {
+
+constexpr int MAXPACKETSIZE = 8 * 1024;
+// FrameworkListener limits the size of commands to 4096 bytes.
+constexpr int MAXCMDSIZE = 4096;
+
+static inline jclass FindClassOrDie(JNIEnv* env, const char* class_name) {
+ jclass clazz = env->FindClass(class_name);
+ LOG_ALWAYS_FATAL_IF(clazz == NULL, "Unable to find class %s", class_name);
+ return clazz;
+}
+
+template <typename T>
+static inline T MakeGlobalRefOrDie(JNIEnv* env, T in) {
+ jobject res = env->NewGlobalRef(in);
+ LOG_ALWAYS_FATAL_IF(res == NULL, "Unable to create global reference.");
+ return static_cast<T>(res);
+}
+
+static void android_net_utils_attachDropAllBPFFilter(JNIEnv *env, jobject clazz, jobject javaFd)
+{
+ struct sock_filter filter_code[] = {
+ // Reject all.
+ BPF_STMT(BPF_RET | BPF_K, 0)
+ };
+ struct sock_fprog filter = {
+ sizeof(filter_code) / sizeof(filter_code[0]),
+ filter_code,
+ };
+
+ int fd = AFileDescriptor_getFD(env, javaFd);
+ if (setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)) != 0) {
+ jniThrowExceptionFmt(env, "java/net/SocketException",
+ "setsockopt(SO_ATTACH_FILTER): %s", strerror(errno));
+ }
+}
+
+static void android_net_utils_detachBPFFilter(JNIEnv *env, jobject clazz, jobject javaFd)
+{
+ int optval_ignored = 0;
+ int fd = AFileDescriptor_getFD(env, javaFd);
+ if (setsockopt(fd, SOL_SOCKET, SO_DETACH_FILTER, &optval_ignored, sizeof(optval_ignored)) !=
+ 0) {
+ jniThrowExceptionFmt(env, "java/net/SocketException",
+ "setsockopt(SO_DETACH_FILTER): %s", strerror(errno));
+ }
+}
+
+static jboolean android_net_utils_bindProcessToNetwork(JNIEnv *env, jobject thiz, jint netId)
+{
+ return (jboolean) !setNetworkForProcess(netId);
+}
+
+static jint android_net_utils_getBoundNetworkForProcess(JNIEnv *env, jobject thiz)
+{
+ return getNetworkForProcess();
+}
+
+static jboolean android_net_utils_bindProcessToNetworkForHostResolution(JNIEnv *env, jobject thiz,
+ jint netId)
+{
+ return (jboolean) !setNetworkForResolv(netId);
+}
+
+static jint android_net_utils_bindSocketToNetwork(JNIEnv *env, jobject thiz, jobject javaFd,
+ jint netId) {
+ return setNetworkForSocket(netId, AFileDescriptor_getFD(env, javaFd));
+}
+
+static bool checkLenAndCopy(JNIEnv* env, const jbyteArray& addr, int len, void* dst)
+{
+ if (env->GetArrayLength(addr) != len) {
+ return false;
+ }
+ env->GetByteArrayRegion(addr, 0, len, reinterpret_cast<jbyte*>(dst));
+ return true;
+}
+
+static jobject android_net_utils_resNetworkQuery(JNIEnv *env, jobject thiz, jint netId,
+ jstring dname, jint ns_class, jint ns_type, jint flags) {
+ const jsize javaCharsCount = env->GetStringLength(dname);
+ const jsize byteCountUTF8 = env->GetStringUTFLength(dname);
+
+ // Only allow dname which could be simply formatted to UTF8.
+ // In native layer, res_mkquery would re-format the input char array to packet.
+ std::vector<char> queryname(byteCountUTF8 + 1, 0);
+
+ env->GetStringUTFRegion(dname, 0, javaCharsCount, queryname.data());
+ int fd = resNetworkQuery(netId, queryname.data(), ns_class, ns_type, flags);
+
+ if (fd < 0) {
+ jniThrowErrnoException(env, "resNetworkQuery", -fd);
+ return nullptr;
+ }
+
+ return jniCreateFileDescriptor(env, fd);
+}
+
+static jobject android_net_utils_resNetworkSend(JNIEnv *env, jobject thiz, jint netId,
+ jbyteArray msg, jint msgLen, jint flags) {
+ uint8_t data[MAXCMDSIZE];
+
+ checkLenAndCopy(env, msg, msgLen, data);
+ int fd = resNetworkSend(netId, data, msgLen, flags);
+
+ if (fd < 0) {
+ jniThrowErrnoException(env, "resNetworkSend", -fd);
+ return nullptr;
+ }
+
+ return jniCreateFileDescriptor(env, fd);
+}
+
+static jobject android_net_utils_resNetworkResult(JNIEnv *env, jobject thiz, jobject javaFd) {
+ int fd = AFileDescriptor_getFD(env, javaFd);
+ int rcode;
+ std::vector<uint8_t> buf(MAXPACKETSIZE, 0);
+
+ int res = resNetworkResult(fd, &rcode, buf.data(), MAXPACKETSIZE);
+ jniSetFileDescriptorOfFD(env, javaFd, -1);
+ if (res < 0) {
+ jniThrowErrnoException(env, "resNetworkResult", -res);
+ return nullptr;
+ }
+
+ jbyteArray answer = env->NewByteArray(res);
+ if (answer == nullptr) {
+ jniThrowErrnoException(env, "resNetworkResult", ENOMEM);
+ return nullptr;
+ } else {
+ env->SetByteArrayRegion(answer, 0, res,
+ reinterpret_cast<jbyte*>(buf.data()));
+ }
+
+ jclass class_DnsResponse = env->FindClass("android/net/DnsResolver$DnsResponse");
+ jmethodID ctor = env->GetMethodID(class_DnsResponse, "<init>", "([BI)V");
+
+ return env->NewObject(class_DnsResponse, ctor, answer, rcode);
+}
+
+static void android_net_utils_resNetworkCancel(JNIEnv *env, jobject thiz, jobject javaFd) {
+ int fd = AFileDescriptor_getFD(env, javaFd);
+ resNetworkCancel(fd);
+ jniSetFileDescriptorOfFD(env, javaFd, -1);
+}
+
+static jobject android_net_utils_getDnsNetwork(JNIEnv *env, jobject thiz) {
+ unsigned dnsNetId = 0;
+ if (int res = getNetworkForDns(&dnsNetId) < 0) {
+ jniThrowErrnoException(env, "getDnsNetId", -res);
+ return nullptr;
+ }
+ bool privateDnsBypass = dnsNetId & NETID_USE_LOCAL_NAMESERVERS;
+
+ static jclass class_Network = MakeGlobalRefOrDie(
+ env, FindClassOrDie(env, "android/net/Network"));
+ static jmethodID ctor = env->GetMethodID(class_Network, "<init>", "(IZ)V");
+ return env->NewObject(
+ class_Network, ctor, dnsNetId & ~NETID_USE_LOCAL_NAMESERVERS, privateDnsBypass);
+}
+
+static jobject android_net_utils_getTcpRepairWindow(JNIEnv *env, jobject thiz, jobject javaFd) {
+ if (javaFd == NULL) {
+ jniThrowNullPointerException(env, NULL);
+ return NULL;
+ }
+
+ int fd = AFileDescriptor_getFD(env, javaFd);
+ struct tcp_repair_window trw = {};
+ socklen_t size = sizeof(trw);
+
+ // Obtain the parameters of the TCP repair window.
+ int rc = getsockopt(fd, IPPROTO_TCP, TCP_REPAIR_WINDOW, &trw, &size);
+ if (rc == -1) {
+ jniThrowErrnoException(env, "getsockopt : TCP_REPAIR_WINDOW", errno);
+ return NULL;
+ }
+
+ struct tcp_info tcpinfo = {};
+ socklen_t tcpinfo_size = sizeof(tcp_info);
+
+ // Obtain the window scale from the tcp info structure. This contains a scale factor that
+ // should be applied to the window size.
+ rc = getsockopt(fd, IPPROTO_TCP, TCP_INFO, &tcpinfo, &tcpinfo_size);
+ if (rc == -1) {
+ jniThrowErrnoException(env, "getsockopt : TCP_INFO", errno);
+ return NULL;
+ }
+
+ jclass class_TcpRepairWindow = env->FindClass("android/net/TcpRepairWindow");
+ jmethodID ctor = env->GetMethodID(class_TcpRepairWindow, "<init>", "(IIIIII)V");
+
+ return env->NewObject(class_TcpRepairWindow, ctor, trw.snd_wl1, trw.snd_wnd, trw.max_window,
+ trw.rcv_wnd, trw.rcv_wup, tcpinfo.tcpi_rcv_wscale);
+}
+
+// ----------------------------------------------------------------------------
+
+/*
+ * JNI registration.
+ */
+// clang-format off
+static const JNINativeMethod gNetworkUtilMethods[] = {
+ /* name, signature, funcPtr */
+ { "bindProcessToNetwork", "(I)Z", (void*) android_net_utils_bindProcessToNetwork },
+ { "getBoundNetworkForProcess", "()I", (void*) android_net_utils_getBoundNetworkForProcess },
+ { "bindProcessToNetworkForHostResolution", "(I)Z", (void*) android_net_utils_bindProcessToNetworkForHostResolution },
+ { "bindSocketToNetwork", "(Ljava/io/FileDescriptor;I)I", (void*) android_net_utils_bindSocketToNetwork },
+ { "attachDropAllBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_attachDropAllBPFFilter },
+ { "detachBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_detachBPFFilter },
+ { "getTcpRepairWindow", "(Ljava/io/FileDescriptor;)Landroid/net/TcpRepairWindow;", (void*) android_net_utils_getTcpRepairWindow },
+ { "resNetworkSend", "(I[BII)Ljava/io/FileDescriptor;", (void*) android_net_utils_resNetworkSend },
+ { "resNetworkQuery", "(ILjava/lang/String;III)Ljava/io/FileDescriptor;", (void*) android_net_utils_resNetworkQuery },
+ { "resNetworkResult", "(Ljava/io/FileDescriptor;)Landroid/net/DnsResolver$DnsResponse;", (void*) android_net_utils_resNetworkResult },
+ { "resNetworkCancel", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_resNetworkCancel },
+ { "getDnsNetwork", "()Landroid/net/Network;", (void*) android_net_utils_getDnsNetwork },
+};
+// clang-format on
+
+int register_android_net_NetworkUtils(JNIEnv* env)
+{
+ return jniRegisterNativeMethods(env, NETUTILS_PKG_NAME, gNetworkUtilMethods,
+ NELEM(gNetworkUtilMethods));
+}
+
+}; // namespace android
diff --git a/framework/jni/onload.cpp b/framework/jni/onload.cpp
new file mode 100644
index 0000000..435f434
--- /dev/null
+++ b/framework/jni/onload.cpp
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <nativehelper/JNIHelp.h>
+#include <log/log.h>
+
+namespace android {
+
+int register_android_net_NetworkUtils(JNIEnv* env);
+
+extern "C" jint JNI_OnLoad(JavaVM* vm, void*) {
+ JNIEnv *env;
+ if (vm->GetEnv(reinterpret_cast<void**>(&env), JNI_VERSION_1_6) != JNI_OK) {
+ ALOGE("GetEnv failed");
+ return JNI_ERR;
+ }
+
+ if (register_android_net_NetworkUtils(env) < 0) {
+ return JNI_ERR;
+ }
+
+ return JNI_VERSION_1_6;
+}
+
+};
\ No newline at end of file
diff --git a/framework/src/android/net/NetworkCapabilities.java b/framework/src/android/net/NetworkCapabilities.java
index 937a9d2..4a99d29 100644
--- a/framework/src/android/net/NetworkCapabilities.java
+++ b/framework/src/android/net/NetworkCapabilities.java
@@ -183,7 +183,7 @@
throw new UnsupportedOperationException(
"Cannot clear NetworkCapabilities when mRedactions is set");
}
- mNetworkCapabilities = mTransportTypes = mUnwantedNetworkCapabilities = 0;
+ mNetworkCapabilities = mTransportTypes = mForbiddenNetworkCapabilities = 0;
mLinkUpBandwidthKbps = mLinkDownBandwidthKbps = LINK_BANDWIDTH_UNSPECIFIED;
mNetworkSpecifier = null;
mTransportInfo = null;
@@ -219,7 +219,7 @@
mUids = (nc.mUids == null) ? null : new ArraySet<>(nc.mUids);
setAdministratorUids(nc.getAdministratorUids());
mOwnerUid = nc.mOwnerUid;
- mUnwantedNetworkCapabilities = nc.mUnwantedNetworkCapabilities;
+ mForbiddenNetworkCapabilities = nc.mForbiddenNetworkCapabilities;
mSSID = nc.mSSID;
mPrivateDnsBroken = nc.mPrivateDnsBroken;
mRequestorUid = nc.mRequestorUid;
@@ -237,7 +237,7 @@
/**
* If any capabilities specified here they must not exist in the matching Network.
*/
- private long mUnwantedNetworkCapabilities;
+ private long mForbiddenNetworkCapabilities;
/** @hide */
@Retention(RetentionPolicy.SOURCE)
@@ -586,21 +586,21 @@
* @hide
*/
public @NonNull NetworkCapabilities addCapability(@NetCapability int capability) {
- // If the given capability was previously added to the list of unwanted capabilities
- // then the capability will also be removed from the list of unwanted capabilities.
- // TODO: Consider adding unwanted capabilities to the public API and mention this
+ // If the given capability was previously added to the list of forbidden capabilities
+ // then the capability will also be removed from the list of forbidden capabilities.
+ // TODO: Consider adding forbidden capabilities to the public API and mention this
// in the documentation.
checkValidCapability(capability);
mNetworkCapabilities |= 1L << capability;
- // remove from unwanted capability list
- mUnwantedNetworkCapabilities &= ~(1L << capability);
+ // remove from forbidden capability list
+ mForbiddenNetworkCapabilities &= ~(1L << capability);
return this;
}
/**
- * Adds the given capability to the list of unwanted capabilities of this
+ * Adds the given capability to the list of forbidden capabilities of this
* {@code NetworkCapability} instance. Note that when searching for a network to
- * satisfy a request, the network must not contain any capability from unwanted capability
+ * satisfy a request, the network must not contain any capability from forbidden capability
* list.
* <p>
* If the capability was previously added to the list of required capabilities (for
@@ -610,9 +610,9 @@
* @see #addCapability(int)
* @hide
*/
- public void addUnwantedCapability(@NetCapability int capability) {
+ public void addForbiddenCapability(@NetCapability int capability) {
checkValidCapability(capability);
- mUnwantedNetworkCapabilities |= 1L << capability;
+ mForbiddenNetworkCapabilities |= 1L << capability;
mNetworkCapabilities &= ~(1L << capability); // remove from requested capabilities
}
@@ -632,16 +632,16 @@
}
/**
- * Removes (if found) the given unwanted capability from this {@code NetworkCapability}
- * instance that were added via addUnwantedCapability(int) or setCapabilities(int[], int[]).
+ * Removes (if found) the given forbidden capability from this {@code NetworkCapability}
+ * instance that were added via addForbiddenCapability(int) or setCapabilities(int[], int[]).
*
* @param capability the capability to be removed.
* @return This NetworkCapabilities instance, to facilitate chaining.
* @hide
*/
- public @NonNull NetworkCapabilities removeUnwantedCapability(@NetCapability int capability) {
+ public @NonNull NetworkCapabilities removeForbiddenCapability(@NetCapability int capability) {
checkValidCapability(capability);
- mUnwantedNetworkCapabilities &= ~(1L << capability);
+ mForbiddenNetworkCapabilities &= ~(1L << capability);
return this;
}
@@ -670,13 +670,13 @@
}
/**
- * Gets all the unwanted capabilities set on this {@code NetworkCapability} instance.
+ * Gets all the forbidden capabilities set on this {@code NetworkCapability} instance.
*
- * @return an array of unwanted capability values for this instance.
+ * @return an array of forbidden capability values for this instance.
* @hide
*/
- public @NetCapability int[] getUnwantedCapabilities() {
- return NetworkCapabilitiesUtils.unpackBits(mUnwantedNetworkCapabilities);
+ public @NetCapability int[] getForbiddenCapabilities() {
+ return NetworkCapabilitiesUtils.unpackBits(mForbiddenNetworkCapabilities);
}
@@ -687,9 +687,9 @@
* @hide
*/
public void setCapabilities(@NetCapability int[] capabilities,
- @NetCapability int[] unwantedCapabilities) {
+ @NetCapability int[] forbiddenCapabilities) {
mNetworkCapabilities = NetworkCapabilitiesUtils.packBits(capabilities);
- mUnwantedNetworkCapabilities = NetworkCapabilitiesUtils.packBits(unwantedCapabilities);
+ mForbiddenNetworkCapabilities = NetworkCapabilitiesUtils.packBits(forbiddenCapabilities);
}
/**
@@ -714,9 +714,9 @@
/** @hide */
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
- public boolean hasUnwantedCapability(@NetCapability int capability) {
+ public boolean hasForbiddenCapability(@NetCapability int capability) {
return isValidCapability(capability)
- && ((mUnwantedNetworkCapabilities & (1L << capability)) != 0);
+ && ((mForbiddenNetworkCapabilities & (1L << capability)) != 0);
}
/**
@@ -746,14 +746,14 @@
private void combineNetCapabilities(@NonNull NetworkCapabilities nc) {
final long wantedCaps = this.mNetworkCapabilities | nc.mNetworkCapabilities;
- final long unwantedCaps =
- this.mUnwantedNetworkCapabilities | nc.mUnwantedNetworkCapabilities;
- if ((wantedCaps & unwantedCaps) != 0) {
+ final long forbiddenCaps =
+ this.mForbiddenNetworkCapabilities | nc.mForbiddenNetworkCapabilities;
+ if ((wantedCaps & forbiddenCaps) != 0) {
throw new IllegalArgumentException(
- "Cannot have the same capability in wanted and unwanted lists.");
+ "Cannot have the same capability in wanted and forbidden lists.");
}
this.mNetworkCapabilities = wantedCaps;
- this.mUnwantedNetworkCapabilities = unwantedCaps;
+ this.mForbiddenNetworkCapabilities = forbiddenCaps;
}
/**
@@ -764,7 +764,7 @@
* @hide
*/
public @Nullable String describeFirstNonRequestableCapability() {
- final long nonRequestable = (mNetworkCapabilities | mUnwantedNetworkCapabilities)
+ final long nonRequestable = (mNetworkCapabilities | mForbiddenNetworkCapabilities)
& NON_REQUESTABLE_CAPABILITIES;
if (nonRequestable != 0) {
@@ -781,28 +781,28 @@
private boolean satisfiedByNetCapabilities(@NonNull NetworkCapabilities nc,
boolean onlyImmutable) {
long requestedCapabilities = mNetworkCapabilities;
- long requestedUnwantedCapabilities = mUnwantedNetworkCapabilities;
+ long requestedForbiddenCapabilities = mForbiddenNetworkCapabilities;
long providedCapabilities = nc.mNetworkCapabilities;
if (onlyImmutable) {
requestedCapabilities &= ~MUTABLE_CAPABILITIES;
- requestedUnwantedCapabilities &= ~MUTABLE_CAPABILITIES;
+ requestedForbiddenCapabilities &= ~MUTABLE_CAPABILITIES;
}
return ((providedCapabilities & requestedCapabilities) == requestedCapabilities)
- && ((requestedUnwantedCapabilities & providedCapabilities) == 0);
+ && ((requestedForbiddenCapabilities & providedCapabilities) == 0);
}
/** @hide */
public boolean equalsNetCapabilities(@NonNull NetworkCapabilities nc) {
return (nc.mNetworkCapabilities == this.mNetworkCapabilities)
- && (nc.mUnwantedNetworkCapabilities == this.mUnwantedNetworkCapabilities);
+ && (nc.mForbiddenNetworkCapabilities == this.mForbiddenNetworkCapabilities);
}
private boolean equalsNetCapabilitiesRequestable(@NonNull NetworkCapabilities that) {
- return ((this.mNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES) ==
- (that.mNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES))
- && ((this.mUnwantedNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES) ==
- (that.mUnwantedNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES));
+ return ((this.mNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES)
+ == (that.mNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES))
+ && ((this.mForbiddenNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES)
+ == (that.mForbiddenNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES));
}
/**
@@ -830,8 +830,17 @@
final int[] originalAdministratorUids = getAdministratorUids();
final TransportInfo originalTransportInfo = getTransportInfo();
clearAll();
- mTransportTypes = (originalTransportTypes & TEST_NETWORKS_ALLOWED_TRANSPORTS)
- | (1 << TRANSPORT_TEST);
+ if (0 != (originalCapabilities & NET_CAPABILITY_NOT_RESTRICTED)) {
+ // If the test network is not restricted, then it is only allowed to declare some
+ // specific transports. This is to minimize impact on running apps in case an app
+ // run from the shell creates a test a network.
+ mTransportTypes =
+ (originalTransportTypes & UNRESTRICTED_TEST_NETWORKS_ALLOWED_TRANSPORTS)
+ | (1 << TRANSPORT_TEST);
+ } else {
+ // If the test transport is restricted, then it may declare any transport.
+ mTransportTypes = (originalTransportTypes | (1 << TRANSPORT_TEST));
+ }
mNetworkCapabilities = originalCapabilities & TEST_NETWORKS_ALLOWED_CAPABILITIES;
mNetworkSpecifier = originalSpecifier;
mSignalStrength = originalSignalStrength;
@@ -935,9 +944,10 @@
};
/**
- * Allowed transports on a test network, in addition to TRANSPORT_TEST.
+ * Allowed transports on an unrestricted test network (in addition to TRANSPORT_TEST).
*/
- private static final int TEST_NETWORKS_ALLOWED_TRANSPORTS = 1 << TRANSPORT_TEST
+ private static final int UNRESTRICTED_TEST_NETWORKS_ALLOWED_TRANSPORTS =
+ 1 << TRANSPORT_TEST
// Test ethernet networks can be created with EthernetManager#setIncludeTestInterfaces
| 1 << TRANSPORT_ETHERNET
// Test VPN networks can be created but their UID ranges must be empty.
@@ -1718,7 +1728,7 @@
* Combine a set of Capabilities to this one. Useful for coming up with the complete set.
* <p>
* Note that this method may break an invariant of having a particular capability in either
- * wanted or unwanted lists but never in both. Requests that have the same capability in
+ * wanted or forbidden lists but never in both. Requests that have the same capability in
* both lists will never be satisfied.
* @hide
*/
@@ -1859,8 +1869,8 @@
public int hashCode() {
return (int) (mNetworkCapabilities & 0xFFFFFFFF)
+ ((int) (mNetworkCapabilities >> 32) * 3)
- + ((int) (mUnwantedNetworkCapabilities & 0xFFFFFFFF) * 5)
- + ((int) (mUnwantedNetworkCapabilities >> 32) * 7)
+ + ((int) (mForbiddenNetworkCapabilities & 0xFFFFFFFF) * 5)
+ + ((int) (mForbiddenNetworkCapabilities >> 32) * 7)
+ ((int) (mTransportTypes & 0xFFFFFFFF) * 11)
+ ((int) (mTransportTypes >> 32) * 13)
+ mLinkUpBandwidthKbps * 17
@@ -1895,7 +1905,7 @@
@Override
public void writeToParcel(Parcel dest, int flags) {
dest.writeLong(mNetworkCapabilities);
- dest.writeLong(mUnwantedNetworkCapabilities);
+ dest.writeLong(mForbiddenNetworkCapabilities);
dest.writeLong(mTransportTypes);
dest.writeInt(mLinkUpBandwidthKbps);
dest.writeInt(mLinkDownBandwidthKbps);
@@ -1919,7 +1929,7 @@
NetworkCapabilities netCap = new NetworkCapabilities();
netCap.mNetworkCapabilities = in.readLong();
- netCap.mUnwantedNetworkCapabilities = in.readLong();
+ netCap.mForbiddenNetworkCapabilities = in.readLong();
netCap.mTransportTypes = in.readLong();
netCap.mLinkUpBandwidthKbps = in.readInt();
netCap.mLinkDownBandwidthKbps = in.readInt();
@@ -1973,9 +1983,9 @@
appendStringRepresentationOfBitMaskToStringBuilder(sb, mNetworkCapabilities,
NetworkCapabilities::capabilityNameOf, "&");
}
- if (0 != mUnwantedNetworkCapabilities) {
- sb.append(" Unwanted: ");
- appendStringRepresentationOfBitMaskToStringBuilder(sb, mUnwantedNetworkCapabilities,
+ if (0 != mForbiddenNetworkCapabilities) {
+ sb.append(" Forbidden: ");
+ appendStringRepresentationOfBitMaskToStringBuilder(sb, mForbiddenNetworkCapabilities,
NetworkCapabilities::capabilityNameOf, "&");
}
if (mLinkUpBandwidthKbps > 0) {
@@ -2444,7 +2454,8 @@
* For example {@code TRANSPORT_WIFI} and {@code TRANSPORT_ETHERNET} added to a
* {@code NetworkCapabilities} would cause either a Wi-Fi network or an Ethernet network
* to be selected. This is logically different than
- * {@code NetworkCapabilities.NET_CAPABILITY_*}.
+ * {@code NetworkCapabilities.NET_CAPABILITY_*}. Also note that multiple networks with the
+ * same transport type may be active concurrently.
*
* @param transportType the transport type to be added or removed.
* @return this builder
diff --git a/framework/src/android/net/NetworkRequest.java b/framework/src/android/net/NetworkRequest.java
index 8c4f419..dd88c5a 100644
--- a/framework/src/android/net/NetworkRequest.java
+++ b/framework/src/android/net/NetworkRequest.java
@@ -311,7 +311,7 @@
*
* @see #addCapability(int)
*
- * @param capability The capability to add to unwanted capability list.
+ * @param capability The capability to add to forbidden capability list.
* @return The builder to facilitate chaining.
*
* @hide
@@ -319,15 +319,15 @@
@NonNull
@SuppressLint("MissingGetterMatchingBuilder")
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
- public Builder addUnwantedCapability(@NetworkCapabilities.NetCapability int capability) {
- mNetworkCapabilities.addUnwantedCapability(capability);
+ public Builder addForbiddenCapability(@NetworkCapabilities.NetCapability int capability) {
+ mNetworkCapabilities.addForbiddenCapability(capability);
return this;
}
/**
- * Removes (if found) the given unwanted capability from this builder instance.
+ * Removes (if found) the given forbidden capability from this builder instance.
*
- * @param capability The unwanted capability to remove.
+ * @param capability The forbidden capability to remove.
* @return The builder to facilitate chaining.
*
* @hide
@@ -335,8 +335,9 @@
@NonNull
@SuppressLint("BuilderSetStyle")
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
- public Builder removeUnwantedCapability(@NetworkCapabilities.NetCapability int capability) {
- mNetworkCapabilities.removeUnwantedCapability(capability);
+ public Builder removeForbiddenCapability(
+ @NetworkCapabilities.NetCapability int capability) {
+ mNetworkCapabilities.removeForbiddenCapability(capability);
return this;
}
@@ -598,13 +599,13 @@
}
/**
- * @see Builder#addUnwantedCapability(int)
+ * @see Builder#addForbiddenCapability(int)
*
* @hide
*/
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
- public boolean hasUnwantedCapability(@NetCapability int capability) {
- return networkCapabilities.hasUnwantedCapability(capability);
+ public boolean hasForbiddenCapability(@NetCapability int capability) {
+ return networkCapabilities.hasForbiddenCapability(capability);
}
/**
@@ -709,18 +710,18 @@
}
/**
- * Gets all the unwanted capabilities set on this {@code NetworkRequest} instance.
+ * Gets all the forbidden capabilities set on this {@code NetworkRequest} instance.
*
- * @return an array of unwanted capability values for this instance.
+ * @return an array of forbidden capability values for this instance.
*
* @hide
*/
@NonNull
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
- public @NetCapability int[] getUnwantedCapabilities() {
- // No need to make a defensive copy here as NC#getUnwantedCapabilities() already returns
+ public @NetCapability int[] getForbiddenCapabilities() {
+ // No need to make a defensive copy here as NC#getForbiddenCapabilities() already returns
// a new array.
- return networkCapabilities.getUnwantedCapabilities();
+ return networkCapabilities.getForbiddenCapabilities();
}
/**