Merge "Print human-readable OEM managed states"
diff --git a/core/java/android/app/usage/NetworkStatsManager.java b/core/java/android/app/usage/NetworkStatsManager.java
index 098d8b6..fe99f85 100644
--- a/core/java/android/app/usage/NetworkStatsManager.java
+++ b/core/java/android/app/usage/NetworkStatsManager.java
@@ -24,6 +24,7 @@
import android.annotation.SystemApi;
import android.annotation.SystemService;
import android.annotation.TestApi;
+import android.annotation.WorkerThread;
import android.app.usage.NetworkStats.Bucket;
import android.compat.annotation.UnsupportedAppUsage;
import android.content.Context;
@@ -201,6 +202,7 @@
* default network {@link NetworkStats.Bucket#DEFAULT_NETWORK_ALL},
* metered {@link NetworkStats.Bucket#METERED_ALL},
* and roaming {@link NetworkStats.Bucket#ROAMING_ALL}.
+ * This may take a long time, and apps should avoid calling this on their main thread.
*
* @param networkType As defined in {@link ConnectivityManager}, e.g.
* {@link ConnectivityManager#TYPE_MOBILE}, {@link ConnectivityManager#TYPE_WIFI}
@@ -219,6 +221,7 @@
* @return Bucket object or null if permissions are insufficient or error happened during
* statistics collection.
*/
+ @WorkerThread
public Bucket querySummaryForDevice(int networkType, String subscriberId,
long startTime, long endTime) throws SecurityException, RemoteException {
NetworkTemplate template;
@@ -240,6 +243,7 @@
* uid {@link NetworkStats.Bucket#UID_ALL}, tag {@link NetworkStats.Bucket#TAG_NONE},
* metered {@link NetworkStats.Bucket#METERED_ALL}, and roaming
* {@link NetworkStats.Bucket#ROAMING_ALL}.
+ * This may take a long time, and apps should avoid calling this on their main thread.
*
* @param networkType As defined in {@link ConnectivityManager}, e.g.
* {@link ConnectivityManager#TYPE_MOBILE}, {@link ConnectivityManager#TYPE_WIFI}
@@ -258,6 +262,7 @@
* @return Bucket object or null if permissions are insufficient or error happened during
* statistics collection.
*/
+ @WorkerThread
public Bucket querySummaryForUser(int networkType, String subscriberId, long startTime,
long endTime) throws SecurityException, RemoteException {
NetworkTemplate template;
@@ -283,6 +288,7 @@
* means buckets' start and end timestamps are going to be the same as the 'startTime' and
* 'endTime' parameters. State, uid, metered, and roaming are going to vary, and tag is going to
* be the same.
+ * This may take a long time, and apps should avoid calling this on their main thread.
*
* @param networkType As defined in {@link ConnectivityManager}, e.g.
* {@link ConnectivityManager#TYPE_MOBILE}, {@link ConnectivityManager#TYPE_WIFI}
@@ -301,6 +307,7 @@
* @return Statistics object or null if permissions are insufficient or error happened during
* statistics collection.
*/
+ @WorkerThread
public NetworkStats querySummary(int networkType, String subscriberId, long startTime,
long endTime) throws SecurityException, RemoteException {
NetworkTemplate template;
@@ -326,9 +333,11 @@
/**
* Query network usage statistics details for a given uid.
+ * This may take a long time, and apps should avoid calling this on their main thread.
*
* @see #queryDetailsForUidTagState(int, String, long, long, int, int, int)
*/
+ @WorkerThread
public NetworkStats queryDetailsForUid(int networkType, String subscriberId,
long startTime, long endTime, int uid) throws SecurityException {
return queryDetailsForUidTagState(networkType, subscriberId, startTime, endTime, uid,
@@ -344,9 +353,11 @@
/**
* Query network usage statistics details for a given uid and tag.
+ * This may take a long time, and apps should avoid calling this on their main thread.
*
* @see #queryDetailsForUidTagState(int, String, long, long, int, int, int)
*/
+ @WorkerThread
public NetworkStats queryDetailsForUidTag(int networkType, String subscriberId,
long startTime, long endTime, int uid, int tag) throws SecurityException {
return queryDetailsForUidTagState(networkType, subscriberId, startTime, endTime, uid,
@@ -365,6 +376,7 @@
* <p>Only includes buckets that atomically occur in the inclusive time range. Doesn't
* interpolate across partial buckets. Since bucket length is in the order of hours, this
* method cannot be used to measure data usage on a fine grained time scale.
+ * This may take a long time, and apps should avoid calling this on their main thread.
*
* @param networkType As defined in {@link ConnectivityManager}, e.g.
* {@link ConnectivityManager#TYPE_MOBILE}, {@link ConnectivityManager#TYPE_WIFI}
@@ -387,6 +399,7 @@
* @return Statistics object or null if an error happened during statistics collection.
* @throws SecurityException if permissions are insufficient to read network statistics.
*/
+ @WorkerThread
public NetworkStats queryDetailsForUidTagState(int networkType, String subscriberId,
long startTime, long endTime, int uid, int tag, int state) throws SecurityException {
NetworkTemplate template;
@@ -425,6 +438,7 @@
* <p>Only includes buckets that atomically occur in the inclusive time range. Doesn't
* interpolate across partial buckets. Since bucket length is in the order of hours, this
* method cannot be used to measure data usage on a fine grained time scale.
+ * This may take a long time, and apps should avoid calling this on their main thread.
*
* @param networkType As defined in {@link ConnectivityManager}, e.g.
* {@link ConnectivityManager#TYPE_MOBILE}, {@link ConnectivityManager#TYPE_WIFI}
@@ -443,6 +457,7 @@
* @return Statistics object or null if permissions are insufficient or error happened during
* statistics collection.
*/
+ @WorkerThread
public NetworkStats queryDetails(int networkType, String subscriberId, long startTime,
long endTime) throws SecurityException, RemoteException {
NetworkTemplate template;
@@ -629,7 +644,10 @@
: NetworkTemplate.buildTemplateMobileAll(subscriberId);
break;
case ConnectivityManager.TYPE_WIFI:
- template = NetworkTemplate.buildTemplateWifiWildcard();
+ template = subscriberId == null
+ ? NetworkTemplate.buildTemplateWifiWildcard()
+ : NetworkTemplate.buildTemplateWifi(NetworkTemplate.WIFI_NETWORKID_ALL,
+ subscriberId);
break;
default:
throw new IllegalArgumentException("Cannot create template for network type "
@@ -640,14 +658,14 @@
}
/**
- * Notify {@code NetworkStatsService} about network status changed.
+ * Notify {@code NetworkStatsService} about network status changed.
*
- * Notifies NetworkStatsService of network state changes for data usage accounting purposes.
+ * Notifies NetworkStatsService of network state changes for data usage accounting purposes.
*
- * To avoid races that attribute data usage to wrong network, such as new network with
- * the same interface after SIM hot-swap, this function will not return until
- * {@code NetworkStatsService} finishes its work of retrieving traffic statistics from
- * all data sources.
+ * To avoid races that attribute data usage to wrong network, such as new network with
+ * the same interface after SIM hot-swap, this function will not return until
+ * {@code NetworkStatsService} finishes its work of retrieving traffic statistics from
+ * all data sources.
*
* @param defaultNetworks the list of all networks that could be used by network traffic that
* does not explicitly select a network.
@@ -674,8 +692,7 @@
Objects.requireNonNull(defaultNetworks);
Objects.requireNonNull(networkStateSnapshots);
Objects.requireNonNull(underlyingNetworkInfos);
- // TODO: Change internal namings after the name is decided.
- mService.forceUpdateIfaces(defaultNetworks.toArray(new Network[0]),
+ mService.notifyNetworkStatus(defaultNetworks.toArray(new Network[0]),
networkStateSnapshots.toArray(new NetworkStateSnapshot[0]), activeIface,
underlyingNetworkInfos.toArray(new UnderlyingNetworkInfo[0]));
} catch (RemoteException e) {
diff --git a/core/java/android/net/EthernetNetworkSpecifier.java b/core/java/android/net/EthernetNetworkSpecifier.java
index e168588..62c5761 100644
--- a/core/java/android/net/EthernetNetworkSpecifier.java
+++ b/core/java/android/net/EthernetNetworkSpecifier.java
@@ -42,15 +42,22 @@
@NonNull
private final String mInterfaceName;
+ /**
+ * Create a new EthernetNetworkSpecifier.
+ * @param interfaceName Name of the ethernet interface the specifier refers to.
+ */
public EthernetNetworkSpecifier(@NonNull String interfaceName) {
Preconditions.checkStringNotEmpty(interfaceName);
mInterfaceName = interfaceName;
}
- // This may be null in the future to support specifiers based on data other than the interface
- // name.
+ /**
+ * Get the name of the ethernet interface the specifier refers to.
+ */
@Nullable
public String getInterfaceName() {
+ // This may be null in the future to support specifiers based on data other than the
+ // interface name.
return mInterfaceName;
}
diff --git a/core/java/android/net/INetworkStatsService.aidl b/core/java/android/net/INetworkStatsService.aidl
index dc3b88a..12937b5 100644
--- a/core/java/android/net/INetworkStatsService.aidl
+++ b/core/java/android/net/INetworkStatsService.aidl
@@ -65,8 +65,8 @@
/** Increment data layer count of operations performed for UID and tag. */
void incrementOperationCount(int uid, int tag, int operationCount);
- /** Force update of ifaces. */
- void forceUpdateIfaces(
+ /** Notify {@code NetworkStatsService} about network status changed. */
+ void notifyNetworkStatus(
in Network[] defaultNetworks,
in NetworkStateSnapshot[] snapshots,
in String activeIface,
diff --git a/core/java/android/net/IpSecManager.java b/core/java/android/net/IpSecManager.java
index 98acd98..01d1aa5 100644
--- a/core/java/android/net/IpSecManager.java
+++ b/core/java/android/net/IpSecManager.java
@@ -79,6 +79,16 @@
public static final int DIRECTION_OUT = 1;
/**
+ * Used when applying a transform to direct traffic through an {@link IpSecTransform} for
+ * forwarding between interfaces.
+ *
+ * <p>See {@link #applyTransportModeTransform(Socket, int, IpSecTransform)}.
+ *
+ * @hide
+ */
+ public static final int DIRECTION_FWD = 2;
+
+ /**
* The Security Parameter Index (SPI) 0 indicates an unknown or invalid index.
*
* <p>No IPsec packet may contain an SPI of 0.
diff --git a/core/java/android/net/NetworkIdentity.java b/core/java/android/net/NetworkIdentity.java
index 13408bf..1d07a03 100644
--- a/core/java/android/net/NetworkIdentity.java
+++ b/core/java/android/net/NetworkIdentity.java
@@ -214,27 +214,23 @@
*/
public static NetworkIdentity buildNetworkIdentity(Context context,
NetworkStateSnapshot snapshot, boolean defaultNetwork, @NetworkType int subType) {
- final int legacyType = snapshot.legacyType;
+ final int legacyType = snapshot.getLegacyType();
- final String subscriberId = snapshot.subscriberId;
+ final String subscriberId = snapshot.getSubscriberId();
String networkId = null;
- boolean roaming = !snapshot.networkCapabilities.hasCapability(
+ boolean roaming = !snapshot.getNetworkCapabilities().hasCapability(
NetworkCapabilities.NET_CAPABILITY_NOT_ROAMING);
- boolean metered = !snapshot.networkCapabilities.hasCapability(
+ boolean metered = !snapshot.getNetworkCapabilities().hasCapability(
NetworkCapabilities.NET_CAPABILITY_NOT_METERED);
- final int oemManaged = getOemBitfield(snapshot.networkCapabilities);
+ final int oemManaged = getOemBitfield(snapshot.getNetworkCapabilities());
if (legacyType == TYPE_WIFI) {
- if (snapshot.networkCapabilities.getSsid() != null) {
- networkId = snapshot.networkCapabilities.getSsid();
- if (networkId == null) {
- // TODO: Figure out if this code path never runs. If so, remove them.
- final WifiManager wifi = (WifiManager) context.getSystemService(
- Context.WIFI_SERVICE);
- final WifiInfo info = wifi.getConnectionInfo();
- networkId = info != null ? info.getSSID() : null;
- }
+ networkId = snapshot.getNetworkCapabilities().getSsid();
+ if (networkId == null) {
+ final WifiManager wifi = context.getSystemService(WifiManager.class);
+ final WifiInfo info = wifi.getConnectionInfo();
+ networkId = info != null ? info.getSSID() : null;
}
}
diff --git a/core/java/android/net/NetworkStateSnapshot.java b/core/java/android/net/NetworkStateSnapshot.java
index 0d26c2d..9df861a 100644
--- a/core/java/android/net/NetworkStateSnapshot.java
+++ b/core/java/android/net/NetworkStateSnapshot.java
@@ -37,47 +37,76 @@
public final class NetworkStateSnapshot implements Parcelable {
/** The network associated with this snapshot. */
@NonNull
- public final Network network;
+ private final Network mNetwork;
/** The {@link NetworkCapabilities} of the network associated with this snapshot. */
@NonNull
- public final NetworkCapabilities networkCapabilities;
+ private final NetworkCapabilities mNetworkCapabilities;
/** The {@link LinkProperties} of the network associated with this snapshot. */
@NonNull
- public final LinkProperties linkProperties;
+ private final LinkProperties mLinkProperties;
/**
* The Subscriber Id of the network associated with this snapshot. See
* {@link android.telephony.TelephonyManager#getSubscriberId()}.
*/
@Nullable
- public final String subscriberId;
+ private final String mSubscriberId;
/**
* The legacy type of the network associated with this snapshot. See
* {@code ConnectivityManager#TYPE_*}.
*/
- public final int legacyType;
+ private final int mLegacyType;
public NetworkStateSnapshot(@NonNull Network network,
@NonNull NetworkCapabilities networkCapabilities,
@NonNull LinkProperties linkProperties,
@Nullable String subscriberId, int legacyType) {
- this.network = Objects.requireNonNull(network);
- this.networkCapabilities = Objects.requireNonNull(networkCapabilities);
- this.linkProperties = Objects.requireNonNull(linkProperties);
- this.subscriberId = subscriberId;
- this.legacyType = legacyType;
+ mNetwork = Objects.requireNonNull(network);
+ mNetworkCapabilities = Objects.requireNonNull(networkCapabilities);
+ mLinkProperties = Objects.requireNonNull(linkProperties);
+ mSubscriberId = subscriberId;
+ mLegacyType = legacyType;
}
/** @hide */
public NetworkStateSnapshot(@NonNull Parcel in) {
- network = in.readParcelable(null);
- networkCapabilities = in.readParcelable(null);
- linkProperties = in.readParcelable(null);
- subscriberId = in.readString();
- legacyType = in.readInt();
+ mNetwork = in.readParcelable(null);
+ mNetworkCapabilities = in.readParcelable(null);
+ mLinkProperties = in.readParcelable(null);
+ mSubscriberId = in.readString();
+ mLegacyType = in.readInt();
+ }
+
+ /** Get the network associated with this snapshot */
+ @NonNull
+ public Network getNetwork() {
+ return mNetwork;
+ }
+
+ /** Get {@link NetworkCapabilities} of the network associated with this snapshot. */
+ @NonNull
+ public NetworkCapabilities getNetworkCapabilities() {
+ return mNetworkCapabilities;
+ }
+
+ /** Get the {@link LinkProperties} of the network associated with this snapshot. */
+ @NonNull
+ public LinkProperties getLinkProperties() {
+ return mLinkProperties;
+ }
+
+ /** Get the Subscriber Id of the network associated with this snapshot. */
+ @Nullable
+ public String getSubscriberId() {
+ return mSubscriberId;
+ }
+
+ /** Get the legacy type of the network associated with this snapshot. */
+ public int getLegacyType() {
+ return mLegacyType;
}
@Override
@@ -87,11 +116,11 @@
@Override
public void writeToParcel(@NonNull Parcel out, int flags) {
- out.writeParcelable(network, flags);
- out.writeParcelable(networkCapabilities, flags);
- out.writeParcelable(linkProperties, flags);
- out.writeString(subscriberId);
- out.writeInt(legacyType);
+ out.writeParcelable(mNetwork, flags);
+ out.writeParcelable(mNetworkCapabilities, flags);
+ out.writeParcelable(mLinkProperties, flags);
+ out.writeString(mSubscriberId);
+ out.writeInt(mLegacyType);
}
@NonNull
@@ -115,26 +144,27 @@
if (this == o) return true;
if (!(o instanceof NetworkStateSnapshot)) return false;
NetworkStateSnapshot that = (NetworkStateSnapshot) o;
- return legacyType == that.legacyType
- && Objects.equals(network, that.network)
- && Objects.equals(networkCapabilities, that.networkCapabilities)
- && Objects.equals(linkProperties, that.linkProperties)
- && Objects.equals(subscriberId, that.subscriberId);
+ return mLegacyType == that.mLegacyType
+ && Objects.equals(mNetwork, that.mNetwork)
+ && Objects.equals(mNetworkCapabilities, that.mNetworkCapabilities)
+ && Objects.equals(mLinkProperties, that.mLinkProperties)
+ && Objects.equals(mSubscriberId, that.mSubscriberId);
}
@Override
public int hashCode() {
- return Objects.hash(network, networkCapabilities, linkProperties, subscriberId, legacyType);
+ return Objects.hash(mNetwork,
+ mNetworkCapabilities, mLinkProperties, mSubscriberId, mLegacyType);
}
@Override
public String toString() {
return "NetworkStateSnapshot{"
- + "network=" + network
- + ", networkCapabilities=" + networkCapabilities
- + ", linkProperties=" + linkProperties
- + ", subscriberId='" + NetworkIdentityUtils.scrubSubscriberId(subscriberId) + '\''
- + ", legacyType=" + legacyType
+ + "network=" + mNetwork
+ + ", networkCapabilities=" + mNetworkCapabilities
+ + ", linkProperties=" + mLinkProperties
+ + ", subscriberId='" + NetworkIdentityUtils.scrubSubscriberId(mSubscriberId) + '\''
+ + ", legacyType=" + mLegacyType
+ '}';
}
}
diff --git a/core/java/android/net/NetworkStats.java b/core/java/android/net/NetworkStats.java
index d42beae..6ccbab7 100644
--- a/core/java/android/net/NetworkStats.java
+++ b/core/java/android/net/NetworkStats.java
@@ -38,6 +38,7 @@
import java.lang.annotation.RetentionPolicy;
import java.util.Arrays;
import java.util.HashSet;
+import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.Predicate;
@@ -1423,11 +1424,11 @@
* @hide
*/
public void migrateTun(int tunUid, @NonNull String tunIface,
- @NonNull String[] underlyingIfaces) {
+ @NonNull List<String> underlyingIfaces) {
// Combined usage by all apps using VPN.
final Entry tunIfaceTotal = new Entry();
// Usage by VPN, grouped by its {@code underlyingIfaces}.
- final Entry[] perInterfaceTotal = new Entry[underlyingIfaces.length];
+ final Entry[] perInterfaceTotal = new Entry[underlyingIfaces.size()];
// Usage by VPN, summed across all its {@code underlyingIfaces}.
final Entry underlyingIfacesTotal = new Entry();
@@ -1468,7 +1469,7 @@
* {@code underlyingIfaces}
*/
private void tunAdjustmentInit(int tunUid, @NonNull String tunIface,
- @NonNull String[] underlyingIfaces, @NonNull Entry tunIfaceTotal,
+ @NonNull List<String> underlyingIfaces, @NonNull Entry tunIfaceTotal,
@NonNull Entry[] perInterfaceTotal, @NonNull Entry underlyingIfacesTotal) {
final Entry recycle = new Entry();
for (int i = 0; i < size; i++) {
@@ -1488,8 +1489,8 @@
if (recycle.uid == tunUid) {
// Add up traffic through tunUid's underlying interfaces.
- for (int j = 0; j < underlyingIfaces.length; j++) {
- if (Objects.equals(underlyingIfaces[j], recycle.iface)) {
+ for (int j = 0; j < underlyingIfaces.size(); j++) {
+ if (Objects.equals(underlyingIfaces.get(j), recycle.iface)) {
perInterfaceTotal[j].add(recycle);
underlyingIfacesTotal.add(recycle);
break;
@@ -1515,12 +1516,12 @@
* underlyingIfaces}
*/
private Entry[] addTrafficToApplications(int tunUid, @NonNull String tunIface,
- @NonNull String[] underlyingIfaces, @NonNull Entry tunIfaceTotal,
+ @NonNull List<String> underlyingIfaces, @NonNull Entry tunIfaceTotal,
@NonNull Entry[] perInterfaceTotal, @NonNull Entry underlyingIfacesTotal) {
// Traffic that should be moved off of each underlying interface for tunUid (see
// deductTrafficFromVpnApp below).
- final Entry[] moved = new Entry[underlyingIfaces.length];
- for (int i = 0; i < underlyingIfaces.length; i++) {
+ final Entry[] moved = new Entry[underlyingIfaces.size()];
+ for (int i = 0; i < underlyingIfaces.size(); i++) {
moved[i] = new Entry();
}
@@ -1582,8 +1583,8 @@
}
// In a second pass, distribute these values across interfaces in the proportion that
// each interface represents of the total traffic of the underlying interfaces.
- for (int j = 0; j < underlyingIfaces.length; j++) {
- tmpEntry.iface = underlyingIfaces[j];
+ for (int j = 0; j < underlyingIfaces.size(); j++) {
+ tmpEntry.iface = underlyingIfaces.get(j);
tmpEntry.rxBytes = 0;
// Reset 'set' to correct value since it gets updated when adding debug info below.
tmpEntry.set = set[i];
@@ -1638,14 +1639,14 @@
private void deductTrafficFromVpnApp(
int tunUid,
- @NonNull String[] underlyingIfaces,
+ @NonNull List<String> underlyingIfaces,
@NonNull Entry[] moved) {
- for (int i = 0; i < underlyingIfaces.length; i++) {
+ for (int i = 0; i < underlyingIfaces.size(); i++) {
moved[i].uid = tunUid;
// Add debug info
moved[i].set = SET_DBG_VPN_OUT;
moved[i].tag = TAG_NONE;
- moved[i].iface = underlyingIfaces[i];
+ moved[i].iface = underlyingIfaces.get(i);
moved[i].metered = METERED_ALL;
moved[i].roaming = ROAMING_ALL;
moved[i].defaultNetwork = DEFAULT_NETWORK_ALL;
@@ -1658,7 +1659,7 @@
// METERED_NO, which should be the case as it comes directly from the /proc file.
// We only blend in the roaming data after applying these adjustments, by checking the
// NetworkIdentity of the underlying iface.
- final int idxVpnBackground = findIndex(underlyingIfaces[i], tunUid, SET_DEFAULT,
+ final int idxVpnBackground = findIndex(underlyingIfaces.get(i), tunUid, SET_DEFAULT,
TAG_NONE, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO);
if (idxVpnBackground != -1) {
// Note - tunSubtract also updates moved[i]; whatever traffic that's left is removed
@@ -1666,7 +1667,7 @@
tunSubtract(idxVpnBackground, this, moved[i]);
}
- final int idxVpnForeground = findIndex(underlyingIfaces[i], tunUid, SET_FOREGROUND,
+ final int idxVpnForeground = findIndex(underlyingIfaces.get(i), tunUid, SET_FOREGROUND,
TAG_NONE, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO);
if (idxVpnForeground != -1) {
tunSubtract(idxVpnForeground, this, moved[i]);
diff --git a/core/java/android/net/NetworkTemplate.java b/core/java/android/net/NetworkTemplate.java
index 755e8fd..352f2e9 100644
--- a/core/java/android/net/NetworkTemplate.java
+++ b/core/java/android/net/NetworkTemplate.java
@@ -82,6 +82,24 @@
public static final int MATCH_WIFI_WILDCARD = 7;
public static final int MATCH_BLUETOOTH = 8;
public static final int MATCH_PROXY = 9;
+ public static final int MATCH_CARRIER = 10;
+
+ /**
+ * Value of the match rule of the subscriberId to match networks with specific subscriberId.
+ */
+ public static final int SUBSCRIBER_ID_MATCH_RULE_EXACT = 0;
+ /**
+ * Value of the match rule of the subscriberId to match networks with any subscriberId which
+ * includes null and non-null.
+ */
+ public static final int SUBSCRIBER_ID_MATCH_RULE_ALL = 1;
+
+ /**
+ * Wi-Fi Network ID is never supposed to be null (if it is, it is a bug that
+ * should be fixed), so it's not possible to want to match null vs
+ * non-null. Therefore it's fine to use null as a sentinel for Network ID.
+ */
+ public static final String WIFI_NETWORKID_ALL = null;
/**
* Include all network types when filtering. This is meant to merge in with the
@@ -125,6 +143,7 @@
case MATCH_WIFI_WILDCARD:
case MATCH_BLUETOOTH:
case MATCH_PROXY:
+ case MATCH_CARRIER:
return true;
default:
@@ -168,10 +187,12 @@
@NetworkType int ratType) {
if (TextUtils.isEmpty(subscriberId)) {
return new NetworkTemplate(MATCH_MOBILE_WILDCARD, null, null, null,
- METERED_ALL, ROAMING_ALL, DEFAULT_NETWORK_ALL, ratType, OEM_MANAGED_ALL);
+ METERED_ALL, ROAMING_ALL, DEFAULT_NETWORK_ALL, ratType, OEM_MANAGED_ALL,
+ SUBSCRIBER_ID_MATCH_RULE_EXACT);
}
return new NetworkTemplate(MATCH_MOBILE, subscriberId, new String[]{subscriberId}, null,
- METERED_ALL, ROAMING_ALL, DEFAULT_NETWORK_ALL, ratType, OEM_MANAGED_ALL);
+ METERED_ALL, ROAMING_ALL, DEFAULT_NETWORK_ALL, ratType, OEM_MANAGED_ALL,
+ SUBSCRIBER_ID_MATCH_RULE_EXACT);
}
/**
@@ -189,6 +210,8 @@
*/
@UnsupportedAppUsage
public static NetworkTemplate buildTemplateWifiWildcard() {
+ // TODO: Consider replace this with MATCH_WIFI with NETWORK_ID_ALL
+ // and SUBSCRIBER_ID_MATCH_RULE_ALL.
return new NetworkTemplate(MATCH_WIFI_WILDCARD, null, null);
}
@@ -202,8 +225,27 @@
* Template to match {@link ConnectivityManager#TYPE_WIFI} networks with the
* given SSID.
*/
- public static NetworkTemplate buildTemplateWifi(String networkId) {
- return new NetworkTemplate(MATCH_WIFI, null, networkId);
+ public static NetworkTemplate buildTemplateWifi(@NonNull String networkId) {
+ Objects.requireNonNull(networkId);
+ return new NetworkTemplate(MATCH_WIFI, null /* subscriberId */,
+ new String[] { null } /* matchSubscriberIds */,
+ networkId, METERED_ALL, ROAMING_ALL,
+ DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_MANAGED_ALL,
+ SUBSCRIBER_ID_MATCH_RULE_ALL);
+ }
+
+ /**
+ * Template to match all {@link ConnectivityManager#TYPE_WIFI} networks with the given SSID,
+ * and IMSI.
+ *
+ * Call with {@link #WIFI_NETWORKID_ALL} for {@code networkId} to get result regardless of SSID.
+ */
+ public static NetworkTemplate buildTemplateWifi(@Nullable String networkId,
+ @Nullable String subscriberId) {
+ return new NetworkTemplate(MATCH_WIFI, subscriberId, new String[] { subscriberId },
+ networkId, METERED_ALL, ROAMING_ALL,
+ DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_MANAGED_ALL,
+ SUBSCRIBER_ID_MATCH_RULE_EXACT);
}
/**
@@ -231,6 +273,17 @@
return new NetworkTemplate(MATCH_PROXY, null, null);
}
+ /**
+ * Template to match all metered carrier networks with the given IMSI.
+ */
+ public static NetworkTemplate buildTemplateCarrierMetered(@NonNull String subscriberId) {
+ Objects.requireNonNull(subscriberId);
+ return new NetworkTemplate(MATCH_CARRIER, subscriberId,
+ new String[] { subscriberId }, null /* networkId */, METERED_YES, ROAMING_ALL,
+ DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_MANAGED_ALL,
+ SUBSCRIBER_ID_MATCH_RULE_EXACT);
+ }
+
private final int mMatchRule;
private final String mSubscriberId;
@@ -251,10 +304,26 @@
private final int mRoaming;
private final int mDefaultNetwork;
private final int mSubType;
+ private final int mSubscriberIdMatchRule;
// Bitfield containing OEM network properties{@code NetworkIdentity#OEM_*}.
private final int mOemManaged;
+ private void checkValidSubscriberIdMatchRule() {
+ switch (mMatchRule) {
+ case MATCH_MOBILE:
+ case MATCH_CARRIER:
+ // MOBILE and CARRIER templates must always specify a subscriber ID.
+ if (mSubscriberIdMatchRule == SUBSCRIBER_ID_MATCH_RULE_ALL) {
+ throw new IllegalArgumentException("Invalid SubscriberIdMatchRule"
+ + "on match rule: " + getMatchRuleName(mMatchRule));
+ }
+ return;
+ default:
+ return;
+ }
+ }
+
@UnsupportedAppUsage
public NetworkTemplate(int matchRule, String subscriberId, String networkId) {
this(matchRule, subscriberId, new String[] { subscriberId }, networkId);
@@ -263,14 +332,25 @@
public NetworkTemplate(int matchRule, String subscriberId, String[] matchSubscriberIds,
String networkId) {
this(matchRule, subscriberId, matchSubscriberIds, networkId, METERED_ALL, ROAMING_ALL,
- DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_MANAGED_ALL);
+ DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_MANAGED_ALL,
+ SUBSCRIBER_ID_MATCH_RULE_EXACT);
+ }
+
+ // TODO: Remove it after updating all of the caller.
+ public NetworkTemplate(int matchRule, String subscriberId, String[] matchSubscriberIds,
+ String networkId, int metered, int roaming, int defaultNetwork, int subType,
+ int oemManaged) {
+ this(matchRule, subscriberId, matchSubscriberIds, networkId, metered, roaming,
+ defaultNetwork, subType, oemManaged, SUBSCRIBER_ID_MATCH_RULE_EXACT);
}
public NetworkTemplate(int matchRule, String subscriberId, String[] matchSubscriberIds,
String networkId, int metered, int roaming, int defaultNetwork, int subType,
- int oemManaged) {
+ int oemManaged, int subscriberIdMatchRule) {
mMatchRule = matchRule;
mSubscriberId = subscriberId;
+ // TODO: Check whether mMatchSubscriberIds = null or mMatchSubscriberIds = {null} when
+ // mSubscriberId is null
mMatchSubscriberIds = matchSubscriberIds;
mNetworkId = networkId;
mMetered = metered;
@@ -278,7 +358,8 @@
mDefaultNetwork = defaultNetwork;
mSubType = subType;
mOemManaged = oemManaged;
-
+ mSubscriberIdMatchRule = subscriberIdMatchRule;
+ checkValidSubscriberIdMatchRule();
if (!isKnownMatchRule(matchRule)) {
Log.e(TAG, "Unknown network template rule " + matchRule
+ " will not match any identity.");
@@ -295,6 +376,7 @@
mDefaultNetwork = in.readInt();
mSubType = in.readInt();
mOemManaged = in.readInt();
+ mSubscriberIdMatchRule = in.readInt();
}
@Override
@@ -308,6 +390,7 @@
dest.writeInt(mDefaultNetwork);
dest.writeInt(mSubType);
dest.writeInt(mOemManaged);
+ dest.writeInt(mSubscriberIdMatchRule);
}
@Override
@@ -346,13 +429,15 @@
if (mOemManaged != OEM_MANAGED_ALL) {
builder.append(", oemManaged=").append(getOemManagedNames(mOemManaged));
}
+ builder.append(", subscriberIdMatchRule=")
+ .append(subscriberIdMatchRuleToString(mSubscriberIdMatchRule));
return builder.toString();
}
@Override
public int hashCode() {
return Objects.hash(mMatchRule, mSubscriberId, mNetworkId, mMetered, mRoaming,
- mDefaultNetwork, mSubType, mOemManaged);
+ mDefaultNetwork, mSubType, mOemManaged, mSubscriberIdMatchRule);
}
@Override
@@ -366,11 +451,23 @@
&& mRoaming == other.mRoaming
&& mDefaultNetwork == other.mDefaultNetwork
&& mSubType == other.mSubType
- && mOemManaged == other.mOemManaged;
+ && mOemManaged == other.mOemManaged
+ && mSubscriberIdMatchRule == other.mSubscriberIdMatchRule;
}
return false;
}
+ private String subscriberIdMatchRuleToString(int rule) {
+ switch (rule) {
+ case SUBSCRIBER_ID_MATCH_RULE_EXACT:
+ return "EXACT_MATCH";
+ case SUBSCRIBER_ID_MATCH_RULE_ALL:
+ return "ALL";
+ default:
+ return "Unknown rule " + rule;
+ }
+ }
+
public boolean isMatchRuleMobile() {
switch (mMatchRule) {
case MATCH_MOBILE:
@@ -386,6 +483,14 @@
case MATCH_MOBILE_WILDCARD:
case MATCH_WIFI_WILDCARD:
return false;
+ case MATCH_CARRIER:
+ return mSubscriberId != null;
+ case MATCH_WIFI:
+ if (Objects.equals(mNetworkId, WIFI_NETWORKID_ALL)
+ && mSubscriberIdMatchRule == SUBSCRIBER_ID_MATCH_RULE_ALL) {
+ return false;
+ }
+ return true;
default:
return true;
}
@@ -405,6 +510,10 @@
return mNetworkId;
}
+ public int getSubscriberIdMatchRule() {
+ return mSubscriberIdMatchRule;
+ }
+
/**
* Test if given {@link NetworkIdentity} matches this template.
*/
@@ -429,6 +538,8 @@
return matchesBluetooth(ident);
case MATCH_PROXY:
return matchesProxy(ident);
+ case MATCH_CARRIER:
+ return matchesCarrier(ident);
default:
// We have no idea what kind of network template we are, so we
// just claim not to match anything.
@@ -466,8 +577,23 @@
|| getCollapsedRatType(mSubType) == getCollapsedRatType(ident.mSubType);
}
- public boolean matchesSubscriberId(String subscriberId) {
- return ArrayUtils.contains(mMatchSubscriberIds, subscriberId);
+ /**
+ * Check if this template matches {@code subscriberId}. Returns true if this
+ * template was created with {@code SUBSCRIBER_ID_MATCH_RULE_ALL}, or with a
+ * {@code mMatchSubscriberIds} array that contains {@code subscriberId}.
+ */
+ public boolean matchesSubscriberId(@Nullable String subscriberId) {
+ return mSubscriberIdMatchRule == SUBSCRIBER_ID_MATCH_RULE_ALL
+ || ArrayUtils.contains(mMatchSubscriberIds, subscriberId);
+ }
+
+ /**
+ * Check if network with matching SSID. Returns true when the SSID matches, or when
+ * {@code mNetworkId} is {@code WIFI_NETWORKID_ALL}.
+ */
+ private boolean matchesWifiNetworkId(@Nullable String networkId) {
+ return Objects.equals(mNetworkId, WIFI_NETWORKID_ALL)
+ || Objects.equals(sanitizeSsid(mNetworkId), sanitizeSsid(networkId));
}
/**
@@ -566,8 +692,8 @@
private boolean matchesWifi(NetworkIdentity ident) {
switch (ident.mType) {
case TYPE_WIFI:
- return Objects.equals(
- sanitizeSsid(mNetworkId), sanitizeSsid(ident.mNetworkId));
+ return matchesSubscriberId(ident.mSubscriberId)
+ && matchesWifiNetworkId(ident.mNetworkId);
default:
return false;
}
@@ -583,6 +709,15 @@
return false;
}
+ /**
+ * Check if matches carrier network. The carrier networks means it includes the subscriberId.
+ */
+ private boolean matchesCarrier(NetworkIdentity ident) {
+ return ident.mSubscriberId != null
+ && !ArrayUtils.isEmpty(mMatchSubscriberIds)
+ && ArrayUtils.contains(mMatchSubscriberIds, ident.mSubscriberId);
+ }
+
private boolean matchesMobileWildcard(NetworkIdentity ident) {
if (ident.mType == TYPE_WIMAX) {
return true;
@@ -635,6 +770,8 @@
return "BLUETOOTH";
case MATCH_PROXY:
return "PROXY";
+ case MATCH_CARRIER:
+ return "CARRIER";
default:
return "UNKNOWN(" + matchRule + ")";
}
diff --git a/core/java/android/net/UnderlyingNetworkInfo.java b/core/java/android/net/UnderlyingNetworkInfo.java
index 7bf9231..33f9375 100644
--- a/core/java/android/net/UnderlyingNetworkInfo.java
+++ b/core/java/android/net/UnderlyingNetworkInfo.java
@@ -37,36 +37,56 @@
@SystemApi(client = MODULE_LIBRARIES)
public final class UnderlyingNetworkInfo implements Parcelable {
/** The owner of this network. */
- public final int ownerUid;
+ private final int mOwnerUid;
+
/** The interface name of this network. */
@NonNull
- public final String iface;
+ private final String mIface;
+
/** The names of the interfaces underlying this network. */
@NonNull
- public final List<String> underlyingIfaces;
+ private final List<String> mUnderlyingIfaces;
public UnderlyingNetworkInfo(int ownerUid, @NonNull String iface,
@NonNull List<String> underlyingIfaces) {
Objects.requireNonNull(iface);
Objects.requireNonNull(underlyingIfaces);
- this.ownerUid = ownerUid;
- this.iface = iface;
- this.underlyingIfaces = Collections.unmodifiableList(new ArrayList<>(underlyingIfaces));
+ mOwnerUid = ownerUid;
+ mIface = iface;
+ mUnderlyingIfaces = Collections.unmodifiableList(new ArrayList<>(underlyingIfaces));
}
private UnderlyingNetworkInfo(@NonNull Parcel in) {
- this.ownerUid = in.readInt();
- this.iface = in.readString();
- this.underlyingIfaces = new ArrayList<>();
- in.readList(this.underlyingIfaces, null /*classLoader*/);
+ mOwnerUid = in.readInt();
+ mIface = in.readString();
+ List<String> underlyingIfaces = new ArrayList<>();
+ in.readList(underlyingIfaces, null /*classLoader*/);
+ mUnderlyingIfaces = Collections.unmodifiableList(underlyingIfaces);
+ }
+
+ /** Get the owner of this network. */
+ public int getOwnerUid() {
+ return mOwnerUid;
+ }
+
+ /** Get the interface name of this network. */
+ @NonNull
+ public String getInterface() {
+ return mIface;
+ }
+
+ /** Get the names of the interfaces underlying this network. */
+ @NonNull
+ public List<String> getUnderlyingInterfaces() {
+ return mUnderlyingIfaces;
}
@Override
public String toString() {
return "UnderlyingNetworkInfo{"
- + "ownerUid=" + ownerUid
- + ", iface='" + iface + '\''
- + ", underlyingIfaces='" + underlyingIfaces.toString() + '\''
+ + "ownerUid=" + mOwnerUid
+ + ", iface='" + mIface + '\''
+ + ", underlyingIfaces='" + mUnderlyingIfaces.toString() + '\''
+ '}';
}
@@ -77,9 +97,9 @@
@Override
public void writeToParcel(@NonNull Parcel dest, int flags) {
- dest.writeInt(ownerUid);
- dest.writeString(iface);
- dest.writeList(underlyingIfaces);
+ dest.writeInt(mOwnerUid);
+ dest.writeString(mIface);
+ dest.writeList(mUnderlyingIfaces);
}
@NonNull
@@ -103,13 +123,13 @@
if (this == o) return true;
if (!(o instanceof UnderlyingNetworkInfo)) return false;
final UnderlyingNetworkInfo that = (UnderlyingNetworkInfo) o;
- return ownerUid == that.ownerUid
- && Objects.equals(iface, that.iface)
- && Objects.equals(underlyingIfaces, that.underlyingIfaces);
+ return mOwnerUid == that.getOwnerUid()
+ && Objects.equals(mIface, that.getInterface())
+ && Objects.equals(mUnderlyingIfaces, that.getUnderlyingInterfaces());
}
@Override
public int hashCode() {
- return Objects.hash(ownerUid, iface, underlyingIfaces);
+ return Objects.hash(mOwnerUid, mIface, mUnderlyingIfaces);
}
}
diff --git a/core/java/android/net/netstats/provider/INetworkStatsProvider.aidl b/core/java/android/net/netstats/provider/INetworkStatsProvider.aidl
index 4078b24..74c3ba4 100644
--- a/core/java/android/net/netstats/provider/INetworkStatsProvider.aidl
+++ b/core/java/android/net/netstats/provider/INetworkStatsProvider.aidl
@@ -23,6 +23,6 @@
*/
oneway interface INetworkStatsProvider {
void onRequestStatsUpdate(int token);
- void onSetLimit(String iface, long quotaBytes);
void onSetAlert(long quotaBytes);
+ void onSetWarningAndLimit(String iface, long warningBytes, long limitBytes);
}
diff --git a/core/java/android/net/netstats/provider/INetworkStatsProviderCallback.aidl b/core/java/android/net/netstats/provider/INetworkStatsProviderCallback.aidl
index bd336dd..7eaa01e 100644
--- a/core/java/android/net/netstats/provider/INetworkStatsProviderCallback.aidl
+++ b/core/java/android/net/netstats/provider/INetworkStatsProviderCallback.aidl
@@ -26,6 +26,6 @@
oneway interface INetworkStatsProviderCallback {
void notifyStatsUpdated(int token, in NetworkStats ifaceStats, in NetworkStats uidStats);
void notifyAlertReached();
- void notifyLimitReached();
+ void notifyWarningOrLimitReached();
void unregister();
}
diff --git a/core/java/android/net/netstats/provider/NetworkStatsProvider.java b/core/java/android/net/netstats/provider/NetworkStatsProvider.java
index 7639d22..23fc069 100644
--- a/core/java/android/net/netstats/provider/NetworkStatsProvider.java
+++ b/core/java/android/net/netstats/provider/NetworkStatsProvider.java
@@ -29,7 +29,8 @@
@SystemApi
public abstract class NetworkStatsProvider {
/**
- * A value used by {@link #onSetLimit} and {@link #onSetAlert} indicates there is no limit.
+ * A value used by {@link #onSetLimit}, {@link #onSetAlert} and {@link #onSetWarningAndLimit}
+ * indicates there is no limit.
*/
public static final int QUOTA_UNLIMITED = -1;
@@ -42,13 +43,13 @@
}
@Override
- public void onSetLimit(String iface, long quotaBytes) {
- NetworkStatsProvider.this.onSetLimit(iface, quotaBytes);
+ public void onSetAlert(long quotaBytes) {
+ NetworkStatsProvider.this.onSetAlert(quotaBytes);
}
@Override
- public void onSetAlert(long quotaBytes) {
- NetworkStatsProvider.this.onSetAlert(quotaBytes);
+ public void onSetWarningAndLimit(String iface, long warningBytes, long limitBytes) {
+ NetworkStatsProvider.this.onSetWarningAndLimit(iface, warningBytes, limitBytes);
}
};
@@ -145,11 +146,25 @@
}
/**
- * Notify system that the quota set by {@code onSetLimit} has been reached.
+ * Notify system that the warning set by {@link #onSetWarningAndLimit} has been reached.
+ */
+ public void notifyWarningReached() {
+ try {
+ // Reuse the code path to notify warning reached with limit reached
+ // since framework handles them in the same way.
+ getProviderCallbackBinderOrThrow().notifyWarningOrLimitReached();
+ } catch (RemoteException e) {
+ e.rethrowAsRuntimeException();
+ }
+ }
+
+ /**
+ * Notify system that the quota set by {@link #onSetLimit} or limit set by
+ * {@link #onSetWarningAndLimit} has been reached.
*/
public void notifyLimitReached() {
try {
- getProviderCallbackBinderOrThrow().notifyLimitReached();
+ getProviderCallbackBinderOrThrow().notifyWarningOrLimitReached();
} catch (RemoteException e) {
e.rethrowAsRuntimeException();
}
@@ -183,6 +198,28 @@
public abstract void onSetLimit(@NonNull String iface, long quotaBytes);
/**
+ * Called by {@code NetworkStatsService} when setting the interface quotas for the specified
+ * upstream interface. If a provider implements {@link #onSetWarningAndLimit}, the system
+ * will not call {@link #onSetLimit}. When this method is called, the implementation
+ * should behave as follows:
+ * 1. If {@code warningBytes} is reached on {@code iface}, block all further traffic on
+ * {@code iface} and call {@link NetworkStatsProvider@notifyWarningReached()}.
+ * 2. If {@code limitBytes} is reached on {@code iface}, block all further traffic on
+ * {@code iface} and call {@link NetworkStatsProvider#notifyLimitReached()}.
+ *
+ * @param iface the interface requiring the operation.
+ * @param warningBytes the warning defined as the number of bytes, starting from zero and
+ * counting from now. A value of {@link #QUOTA_UNLIMITED} indicates
+ * there is no warning.
+ * @param limitBytes the limit defined as the number of bytes, starting from zero and counting
+ * from now. A value of {@link #QUOTA_UNLIMITED} indicates there is no limit.
+ */
+ public void onSetWarningAndLimit(@NonNull String iface, long warningBytes, long limitBytes) {
+ // Backward compatibility for those who didn't override this function.
+ onSetLimit(iface, limitBytes);
+ }
+
+ /**
* Called by {@code NetworkStatsService} when setting the alert bytes. Custom implementations
* MUST call {@link NetworkStatsProvider#notifyAlertReached()} when {@code quotaBytes} bytes
* have been reached. Unlike {@link #onSetLimit(String, long)}, the custom implementation should
diff --git a/services/core/java/com/android/server/IpSecService.java b/services/core/java/com/android/server/IpSecService.java
index 4c3c6ef..d6ee951 100644
--- a/services/core/java/com/android/server/IpSecService.java
+++ b/services/core/java/com/android/server/IpSecService.java
@@ -49,6 +49,7 @@
import android.os.Binder;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
+import android.os.Process;
import android.os.RemoteException;
import android.os.ServiceSpecificException;
import android.system.ErrnoException;
@@ -65,6 +66,7 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.util.Preconditions;
import com.android.net.module.util.NetdUtils;
+import com.android.net.module.util.PermissionUtils;
import libcore.io.IoUtils;
@@ -466,8 +468,7 @@
/** Safety method; guards against access of other user's UserRecords */
private void checkCallerUid(int uid) {
- if (uid != Binder.getCallingUid()
- && android.os.Process.SYSTEM_UID != Binder.getCallingUid()) {
+ if (uid != Binder.getCallingUid() && Process.SYSTEM_UID != Binder.getCallingUid()) {
throw new SecurityException("Attempted access of unowned resources");
}
}
@@ -1105,11 +1106,15 @@
* Checks the user-provided direction field and throws an IllegalArgumentException if it is not
* DIRECTION_IN or DIRECTION_OUT
*/
- private static void checkDirection(int direction) {
+ private void checkDirection(int direction) {
switch (direction) {
case IpSecManager.DIRECTION_OUT:
case IpSecManager.DIRECTION_IN:
return;
+ case IpSecManager.DIRECTION_FWD:
+ // Only NETWORK_STACK or MAINLINE_NETWORK_STACK allowed to use forward policies
+ PermissionUtils.enforceNetworkStackPermission(mContext);
+ return;
}
throw new IllegalArgumentException("Invalid Direction: " + direction);
}
@@ -1353,6 +1358,26 @@
ikey,
0xffffffff,
resourceId);
+
+ // Add a forwarding policy on the tunnel interface. In order to support forwarding
+ // the IpSecTunnelInterface must have a forwarding policy matching the incoming SA.
+ //
+ // Unless a IpSecTransform is also applied against this interface in DIRECTION_FWD,
+ // forwarding will be blocked by default (as would be the case if this policy was
+ // absent).
+ //
+ // This is necessary only on the tunnel interface, and not any the interface to
+ // which traffic will be forwarded to.
+ netd.ipSecAddSecurityPolicy(
+ callerUid,
+ selAddrFamily,
+ IpSecManager.DIRECTION_FWD,
+ remoteAddr,
+ localAddr,
+ 0,
+ ikey,
+ 0xffffffff,
+ resourceId);
}
userRecord.mTunnelInterfaceRecords.put(
@@ -1651,7 +1676,7 @@
c.getMode(),
c.getSourceAddress(),
c.getDestinationAddress(),
- (c.getNetwork() != null) ? c.getNetwork().netId : 0,
+ (c.getNetwork() != null) ? c.getNetwork().getNetId() : 0,
spiRecord.getSpi(),
c.getMarkValue(),
c.getMarkMask(),
@@ -1820,7 +1845,7 @@
int mark =
(direction == IpSecManager.DIRECTION_OUT)
? tunnelInterfaceInfo.getOkey()
- : tunnelInterfaceInfo.getIkey();
+ : tunnelInterfaceInfo.getIkey(); // Ikey also used for FWD policies
try {
// Default to using the invalid SPI of 0 for inbound SAs. This allows policies to skip
diff --git a/services/core/java/com/android/server/net/IpConfigStore.java b/services/core/java/com/android/server/net/IpConfigStore.java
index cc3a002..df1eb6d 100644
--- a/services/core/java/com/android/server/net/IpConfigStore.java
+++ b/services/core/java/com/android/server/net/IpConfigStore.java
@@ -22,7 +22,6 @@
import android.net.IpConfiguration.ProxySettings;
import android.net.LinkAddress;
import android.net.ProxyInfo;
-import android.net.RouteInfo;
import android.net.StaticIpConfiguration;
import android.net.Uri;
import android.util.ArrayMap;
@@ -42,6 +41,8 @@
import java.io.InputStream;
import java.net.Inet4Address;
import java.net.InetAddress;
+import java.util.ArrayList;
+import java.util.List;
public class IpConfigStore {
private static final String TAG = "IpConfigStore";
@@ -83,25 +84,25 @@
boolean written = false;
try {
- switch (config.ipAssignment) {
+ switch (config.getIpAssignment()) {
case STATIC:
out.writeUTF(IP_ASSIGNMENT_KEY);
- out.writeUTF(config.ipAssignment.toString());
- StaticIpConfiguration staticIpConfiguration = config.staticIpConfiguration;
+ out.writeUTF(config.getIpAssignment().toString());
+ StaticIpConfiguration staticIpConfiguration = config.getStaticIpConfiguration();
if (staticIpConfiguration != null) {
- if (staticIpConfiguration.ipAddress != null) {
- LinkAddress ipAddress = staticIpConfiguration.ipAddress;
+ if (staticIpConfiguration.getIpAddress() != null) {
+ LinkAddress ipAddress = staticIpConfiguration.getIpAddress();
out.writeUTF(LINK_ADDRESS_KEY);
out.writeUTF(ipAddress.getAddress().getHostAddress());
out.writeInt(ipAddress.getPrefixLength());
}
- if (staticIpConfiguration.gateway != null) {
+ if (staticIpConfiguration.getGateway() != null) {
out.writeUTF(GATEWAY_KEY);
out.writeInt(0); // Default route.
out.writeInt(1); // Have a gateway.
- out.writeUTF(staticIpConfiguration.gateway.getHostAddress());
+ out.writeUTF(staticIpConfiguration.getGateway().getHostAddress());
}
- for (InetAddress inetAddr : staticIpConfiguration.dnsServers) {
+ for (InetAddress inetAddr : staticIpConfiguration.getDnsServers()) {
out.writeUTF(DNS_KEY);
out.writeUTF(inetAddr.getHostAddress());
}
@@ -110,7 +111,7 @@
break;
case DHCP:
out.writeUTF(IP_ASSIGNMENT_KEY);
- out.writeUTF(config.ipAssignment.toString());
+ out.writeUTF(config.getIpAssignment().toString());
written = true;
break;
case UNASSIGNED:
@@ -121,13 +122,13 @@
break;
}
- switch (config.proxySettings) {
+ switch (config.getProxySettings()) {
case STATIC:
- ProxyInfo proxyProperties = config.httpProxy;
+ ProxyInfo proxyProperties = config.getHttpProxy();
String exclusionList = ProxyUtils.exclusionListAsString(
proxyProperties.getExclusionList());
out.writeUTF(PROXY_SETTINGS_KEY);
- out.writeUTF(config.proxySettings.toString());
+ out.writeUTF(config.getProxySettings().toString());
out.writeUTF(PROXY_HOST_KEY);
out.writeUTF(proxyProperties.getHost());
out.writeUTF(PROXY_PORT_KEY);
@@ -139,16 +140,16 @@
written = true;
break;
case PAC:
- ProxyInfo proxyPacProperties = config.httpProxy;
+ ProxyInfo proxyPacProperties = config.getHttpProxy();
out.writeUTF(PROXY_SETTINGS_KEY);
- out.writeUTF(config.proxySettings.toString());
+ out.writeUTF(config.getProxySettings().toString());
out.writeUTF(PROXY_PAC_FILE);
out.writeUTF(proxyPacProperties.getPacFileUrl().toString());
written = true;
break;
case NONE:
out.writeUTF(PROXY_SETTINGS_KEY);
- out.writeUTF(config.proxySettings.toString());
+ out.writeUTF(config.getProxySettings().toString());
written = true;
break;
case UNASSIGNED:
@@ -267,11 +268,14 @@
IpAssignment ipAssignment = IpAssignment.DHCP;
ProxySettings proxySettings = ProxySettings.NONE;
StaticIpConfiguration staticIpConfiguration = new StaticIpConfiguration();
+ LinkAddress linkAddress = null;
+ InetAddress gatewayAddress = null;
String proxyHost = null;
String pacFileUrl = null;
int proxyPort = -1;
String exclusionList = null;
String key;
+ final List<InetAddress> dnsServers = new ArrayList<>();
do {
key = in.readUTF();
@@ -286,15 +290,15 @@
} else if (key.equals(IP_ASSIGNMENT_KEY)) {
ipAssignment = IpAssignment.valueOf(in.readUTF());
} else if (key.equals(LINK_ADDRESS_KEY)) {
- LinkAddress linkAddr =
+ LinkAddress parsedLinkAddress =
new LinkAddress(
InetAddresses.parseNumericAddress(in.readUTF()),
in.readInt());
- if (linkAddr.getAddress() instanceof Inet4Address &&
- staticIpConfiguration.ipAddress == null) {
- staticIpConfiguration.ipAddress = linkAddr;
+ if (parsedLinkAddress.getAddress() instanceof Inet4Address
+ && linkAddress == null) {
+ linkAddress = parsedLinkAddress;
} else {
- loge("Non-IPv4 or duplicate address: " + linkAddr);
+ loge("Non-IPv4 or duplicate address: " + parsedLinkAddress);
}
} else if (key.equals(GATEWAY_KEY)) {
LinkAddress dest = null;
@@ -302,8 +306,8 @@
if (version == 1) {
// only supported default gateways - leave the dest/prefix empty
gateway = InetAddresses.parseNumericAddress(in.readUTF());
- if (staticIpConfiguration.gateway == null) {
- staticIpConfiguration.gateway = gateway;
+ if (gatewayAddress == null) {
+ gatewayAddress = gateway;
} else {
loge("Duplicate gateway: " + gateway.getHostAddress());
}
@@ -317,17 +321,18 @@
if (in.readInt() == 1) {
gateway = InetAddresses.parseNumericAddress(in.readUTF());
}
- RouteInfo route = new RouteInfo(dest, gateway);
- if (route.isIPv4Default() &&
- staticIpConfiguration.gateway == null) {
- staticIpConfiguration.gateway = gateway;
+ // If the destination is a default IPv4 route, use the gateway
+ // address unless already set.
+ if (dest.getAddress() instanceof Inet4Address
+ && dest.getPrefixLength() == 0 && gatewayAddress == null) {
+ gatewayAddress = gateway;
} else {
- loge("Non-IPv4 default or duplicate route: " + route);
+ loge("Non-IPv4 default or duplicate route: "
+ + dest.getAddress());
}
}
} else if (key.equals(DNS_KEY)) {
- staticIpConfiguration.dnsServers.add(
- InetAddresses.parseNumericAddress(in.readUTF()));
+ dnsServers.add(InetAddresses.parseNumericAddress(in.readUTF()));
} else if (key.equals(PROXY_SETTINGS_KEY)) {
proxySettings = ProxySettings.valueOf(in.readUTF());
} else if (key.equals(PROXY_HOST_KEY)) {
@@ -348,25 +353,31 @@
}
} while (true);
+ staticIpConfiguration = new StaticIpConfiguration.Builder()
+ .setIpAddress(linkAddress)
+ .setGateway(gatewayAddress)
+ .setDnsServers(dnsServers)
+ .build();
+
if (uniqueToken != null) {
IpConfiguration config = new IpConfiguration();
networks.put(uniqueToken, config);
switch (ipAssignment) {
case STATIC:
- config.staticIpConfiguration = staticIpConfiguration;
- config.ipAssignment = ipAssignment;
+ config.setStaticIpConfiguration(staticIpConfiguration);
+ config.setIpAssignment(ipAssignment);
break;
case DHCP:
- config.ipAssignment = ipAssignment;
+ config.setIpAssignment(ipAssignment);
break;
case UNASSIGNED:
loge("BUG: Found UNASSIGNED IP on file, use DHCP");
- config.ipAssignment = IpAssignment.DHCP;
+ config.setIpAssignment(IpAssignment.DHCP);
break;
default:
loge("Ignore invalid ip assignment while reading.");
- config.ipAssignment = IpAssignment.UNASSIGNED;
+ config.setIpAssignment(IpAssignment.UNASSIGNED);
break;
}
@@ -374,25 +385,25 @@
case STATIC:
ProxyInfo proxyInfo = ProxyInfo.buildDirectProxy(proxyHost, proxyPort,
ProxyUtils.exclusionStringAsList(exclusionList));
- config.proxySettings = proxySettings;
- config.httpProxy = proxyInfo;
+ config.setProxySettings(proxySettings);
+ config.setHttpProxy(proxyInfo);
break;
case PAC:
ProxyInfo proxyPacProperties =
ProxyInfo.buildPacProxy(Uri.parse(pacFileUrl));
- config.proxySettings = proxySettings;
- config.httpProxy = proxyPacProperties;
+ config.setProxySettings(proxySettings);
+ config.setHttpProxy(proxyPacProperties);
break;
case NONE:
- config.proxySettings = proxySettings;
+ config.setProxySettings(proxySettings);
break;
case UNASSIGNED:
loge("BUG: Found UNASSIGNED proxy on file, use NONE");
- config.proxySettings = ProxySettings.NONE;
+ config.setProxySettings(ProxySettings.NONE);
break;
default:
loge("Ignore invalid proxy settings while reading");
- config.proxySettings = ProxySettings.UNASSIGNED;
+ config.setProxySettings(ProxySettings.UNASSIGNED);
break;
}
} else {
diff --git a/services/core/java/com/android/server/net/NetworkStatsFactory.java b/services/core/java/com/android/server/net/NetworkStatsFactory.java
index d042b88..431b009 100644
--- a/services/core/java/com/android/server/net/NetworkStatsFactory.java
+++ b/services/core/java/com/android/server/net/NetworkStatsFactory.java
@@ -382,8 +382,8 @@
// Migrate data usage over a VPN to the TUN network.
for (UnderlyingNetworkInfo info : vpnArray) {
- delta.migrateTun(info.ownerUid, info.iface,
- info.underlyingIfaces.toArray(new String[0]));
+ delta.migrateTun(info.getOwnerUid(), info.getInterface(),
+ info.getUnderlyingInterfaces());
// Filter out debug entries as that may lead to over counting.
delta.filterDebugEntries();
}
diff --git a/services/core/java/com/android/server/net/NetworkStatsService.java b/services/core/java/com/android/server/net/NetworkStatsService.java
index 7b37684..4ee867b 100644
--- a/services/core/java/com/android/server/net/NetworkStatsService.java
+++ b/services/core/java/com/android/server/net/NetworkStatsService.java
@@ -65,6 +65,7 @@
import static android.provider.Settings.Global.NETSTATS_UID_TAG_DELETE_AGE;
import static android.provider.Settings.Global.NETSTATS_UID_TAG_PERSIST_BYTES;
import static android.provider.Settings.Global.NETSTATS_UID_TAG_ROTATE_AGE;
+import static android.telephony.SubscriptionManager.INVALID_SUBSCRIPTION_ID;
import static android.text.format.DateUtils.DAY_IN_MILLIS;
import static android.text.format.DateUtils.HOUR_IN_MILLIS;
import static android.text.format.DateUtils.MINUTE_IN_MILLIS;
@@ -92,16 +93,17 @@
import android.net.INetworkManagementEventObserver;
import android.net.INetworkStatsService;
import android.net.INetworkStatsSession;
-import android.net.LinkProperties;
import android.net.Network;
import android.net.NetworkCapabilities;
import android.net.NetworkIdentity;
+import android.net.NetworkSpecifier;
import android.net.NetworkStack;
import android.net.NetworkStateSnapshot;
import android.net.NetworkStats;
import android.net.NetworkStats.NonMonotonicObserver;
import android.net.NetworkStatsHistory;
import android.net.NetworkTemplate;
+import android.net.TelephonyNetworkSpecifier;
import android.net.TrafficStats;
import android.net.UnderlyingNetworkInfo;
import android.net.Uri;
@@ -131,6 +133,7 @@
import android.service.NetworkStatsServiceDumpProto;
import android.telephony.PhoneStateListener;
import android.telephony.SubscriptionPlan;
+import android.text.TextUtils;
import android.text.format.DateUtils;
import android.util.ArrayMap;
import android.util.ArraySet;
@@ -178,7 +181,7 @@
private static final int MSG_PERFORM_POLL = 1;
// Perform polling, persist network, and register the global alert again.
private static final int MSG_PERFORM_POLL_REGISTER_ALERT = 2;
- private static final int MSG_UPDATE_IFACES = 3;
+ private static final int MSG_NOTIFY_NETWORK_STATUS = 3;
// A message for broadcasting ACTION_NETWORK_STATS_UPDATED in handler thread to prevent
// deadlock.
private static final int MSG_BROADCAST_NETWORK_STATS_UPDATED = 4;
@@ -376,11 +379,12 @@
performPoll(FLAG_PERSIST_ALL);
break;
}
- case MSG_UPDATE_IFACES: {
+ case MSG_NOTIFY_NETWORK_STATUS: {
// If no cached states, ignore.
if (mLastNetworkStateSnapshots == null) break;
// TODO (b/181642673): Protect mDefaultNetworks from concurrent accessing.
- updateIfaces(mDefaultNetworks, mLastNetworkStateSnapshots, mActiveIface);
+ handleNotifyNetworkStatus(
+ mDefaultNetworks, mLastNetworkStateSnapshots, mActiveIface);
break;
}
case MSG_PERFORM_POLL_REGISTER_ALERT: {
@@ -471,7 +475,7 @@
@NonNull Looper looper, @NonNull Executor executor,
@NonNull NetworkStatsService service) {
// TODO: Update RatType passively in NSS, instead of querying into the monitor
- // when forceUpdateIface.
+ // when notifyNetworkStatus.
return new NetworkStatsSubscriptionsMonitor(context, looper, executor,
(subscriberId, type) -> service.handleOnCollapsedRatTypeChanged());
}
@@ -968,16 +972,19 @@
}
}
- public void forceUpdateIfaces(
- Network[] defaultNetworks,
- NetworkStateSnapshot[] networkStates,
- String activeIface,
- UnderlyingNetworkInfo[] underlyingNetworkInfos) {
+ /**
+ * Notify {@code NetworkStatsService} about network status changed.
+ */
+ public void notifyNetworkStatus(
+ @NonNull Network[] defaultNetworks,
+ @NonNull NetworkStateSnapshot[] networkStates,
+ @Nullable String activeIface,
+ @NonNull UnderlyingNetworkInfo[] underlyingNetworkInfos) {
checkNetworkStackPermission(mContext);
final long token = Binder.clearCallingIdentity();
try {
- updateIfaces(defaultNetworks, networkStates, activeIface);
+ handleNotifyNetworkStatus(defaultNetworks, networkStates, activeIface);
} finally {
Binder.restoreCallingIdentity(token);
}
@@ -1241,12 +1248,12 @@
@VisibleForTesting
public void handleOnCollapsedRatTypeChanged() {
// Protect service from frequently updating. Remove pending messages if any.
- mHandler.removeMessages(MSG_UPDATE_IFACES);
+ mHandler.removeMessages(MSG_NOTIFY_NETWORK_STATUS);
mHandler.sendMessageDelayed(
- mHandler.obtainMessage(MSG_UPDATE_IFACES), mSettings.getPollDelay());
+ mHandler.obtainMessage(MSG_NOTIFY_NETWORK_STATUS), mSettings.getPollDelay());
}
- private void updateIfaces(
+ private void handleNotifyNetworkStatus(
Network[] defaultNetworks,
NetworkStateSnapshot[] snapshots,
String activeIface) {
@@ -1254,7 +1261,7 @@
mWakeLock.acquire();
try {
mActiveIface = activeIface;
- updateIfacesLocked(defaultNetworks, snapshots);
+ handleNotifyNetworkStatusLocked(defaultNetworks, snapshots);
} finally {
mWakeLock.release();
}
@@ -1267,10 +1274,10 @@
* they are combined under a single {@link NetworkIdentitySet}.
*/
@GuardedBy("mStatsLock")
- private void updateIfacesLocked(@NonNull Network[] defaultNetworks,
+ private void handleNotifyNetworkStatusLocked(@NonNull Network[] defaultNetworks,
@NonNull NetworkStateSnapshot[] snapshots) {
if (!mSystemReady) return;
- if (LOGV) Slog.v(TAG, "updateIfacesLocked()");
+ if (LOGV) Slog.v(TAG, "handleNotifyNetworkStatusLocked()");
// take one last stats snapshot before updating iface mapping. this
// isn't perfect, since the kernel may already be counting traffic from
@@ -1292,9 +1299,9 @@
final ArraySet<String> mobileIfaces = new ArraySet<>();
for (NetworkStateSnapshot snapshot : snapshots) {
final int displayTransport =
- getDisplayTransport(snapshot.networkCapabilities.getTransportTypes());
+ getDisplayTransport(snapshot.getNetworkCapabilities().getTransportTypes());
final boolean isMobile = (NetworkCapabilities.TRANSPORT_CELLULAR == displayTransport);
- final boolean isDefault = ArrayUtils.contains(mDefaultNetworks, snapshot.network);
+ final boolean isDefault = ArrayUtils.contains(mDefaultNetworks, snapshot.getNetwork());
final int subType = combineSubtypeEnabled ? SUBTYPE_COMBINED
: getSubTypeForStateSnapshot(snapshot);
final NetworkIdentity ident = NetworkIdentity.buildNetworkIdentity(mContext, snapshot,
@@ -1302,7 +1309,7 @@
// Traffic occurring on the base interface is always counted for
// both total usage and UID details.
- final String baseIface = snapshot.linkProperties.getInterfaceName();
+ final String baseIface = snapshot.getLinkProperties().getInterfaceName();
if (baseIface != null) {
findOrCreateNetworkIdentitySet(mActiveIfaces, baseIface).add(ident);
findOrCreateNetworkIdentitySet(mActiveUidIfaces, baseIface).add(ident);
@@ -1312,7 +1319,7 @@
// If IMS is metered, then the IMS network usage has already included VT usage.
// VT is considered always metered in framework's layer. If VT is not metered
// per carrier's policy, modem will report 0 usage for VT calls.
- if (snapshot.networkCapabilities.hasCapability(
+ if (snapshot.getNetworkCapabilities().hasCapability(
NetworkCapabilities.NET_CAPABILITY_IMS) && !ident.getMetered()) {
// Copy the identify from IMS one but mark it as metered.
@@ -1320,8 +1327,9 @@
ident.getSubType(), ident.getSubscriberId(), ident.getNetworkId(),
ident.getRoaming(), true /* metered */,
true /* onDefaultNetwork */, ident.getOemManaged());
- findOrCreateNetworkIdentitySet(mActiveIfaces, IFACE_VT).add(vtIdent);
- findOrCreateNetworkIdentitySet(mActiveUidIfaces, IFACE_VT).add(vtIdent);
+ final String ifaceVt = IFACE_VT + getSubIdForMobile(snapshot);
+ findOrCreateNetworkIdentitySet(mActiveIfaces, ifaceVt).add(vtIdent);
+ findOrCreateNetworkIdentitySet(mActiveUidIfaces, ifaceVt).add(vtIdent);
}
if (isMobile) {
@@ -1358,17 +1366,18 @@
// (or non eBPF offloaded) TX they would appear on both, however egress interface
// accounting is explicitly bypassed for traffic from the clat uid.
//
- final List<LinkProperties> stackedLinks = snapshot.linkProperties.getStackedLinks();
- for (LinkProperties stackedLink : stackedLinks) {
- final String stackedIface = stackedLink.getInterfaceName();
- if (stackedIface != null) {
- findOrCreateNetworkIdentitySet(mActiveIfaces, stackedIface).add(ident);
- findOrCreateNetworkIdentitySet(mActiveUidIfaces, stackedIface).add(ident);
+ // TODO: This code might be combined to above code.
+ for (String iface : snapshot.getLinkProperties().getAllInterfaceNames()) {
+ // baseIface has been handled, so ignore it.
+ if (TextUtils.equals(baseIface, iface)) continue;
+ if (iface != null) {
+ findOrCreateNetworkIdentitySet(mActiveIfaces, iface).add(ident);
+ findOrCreateNetworkIdentitySet(mActiveUidIfaces, iface).add(ident);
if (isMobile) {
- mobileIfaces.add(stackedIface);
+ mobileIfaces.add(iface);
}
- mStatsFactory.noteStackedIface(stackedIface, baseIface);
+ mStatsFactory.noteStackedIface(iface, baseIface);
}
}
}
@@ -1376,17 +1385,31 @@
mMobileIfaces = mobileIfaces.toArray(new String[mobileIfaces.size()]);
}
+ private static int getSubIdForMobile(@NonNull NetworkStateSnapshot state) {
+ if (!state.getNetworkCapabilities().hasTransport(NetworkCapabilities.TRANSPORT_CELLULAR)) {
+ throw new IllegalArgumentException("Mobile state need capability TRANSPORT_CELLULAR");
+ }
+
+ final NetworkSpecifier spec = state.getNetworkCapabilities().getNetworkSpecifier();
+ if (spec instanceof TelephonyNetworkSpecifier) {
+ return ((TelephonyNetworkSpecifier) spec).getSubscriptionId();
+ } else {
+ Slog.wtf(TAG, "getSubIdForState invalid NetworkSpecifier");
+ return INVALID_SUBSCRIPTION_ID;
+ }
+ }
+
/**
* For networks with {@code TRANSPORT_CELLULAR}, get subType that was obtained through
* {@link PhoneStateListener}. Otherwise, return 0 given that other networks with different
* transport types do not actually fill this value.
*/
private int getSubTypeForStateSnapshot(@NonNull NetworkStateSnapshot state) {
- if (!state.networkCapabilities.hasTransport(NetworkCapabilities.TRANSPORT_CELLULAR)) {
+ if (!state.getNetworkCapabilities().hasTransport(NetworkCapabilities.TRANSPORT_CELLULAR)) {
return 0;
}
- return mNetworkStatsSubscriptionsMonitor.getRatTypeForSubscriberId(state.subscriberId);
+ return mNetworkStatsSubscriptionsMonitor.getRatTypeForSubscriberId(state.getSubscriberId());
}
private static <K> NetworkIdentitySet findOrCreateNetworkIdentitySet(
@@ -1673,9 +1696,14 @@
}
@Override
- public void setStatsProviderLimitAsync(@NonNull String iface, long quota) {
- if (LOGV) Slog.v(TAG, "setStatsProviderLimitAsync(" + iface + "," + quota + ")");
- invokeForAllStatsProviderCallbacks((cb) -> cb.mProvider.onSetLimit(iface, quota));
+ public void setStatsProviderWarningAndLimitAsync(
+ @NonNull String iface, long warning, long limit) {
+ if (LOGV) {
+ Slog.v(TAG, "setStatsProviderWarningAndLimitAsync("
+ + iface + "," + warning + "," + limit + ")");
+ }
+ invokeForAllStatsProviderCallbacks((cb) -> cb.mProvider.onSetWarningAndLimit(iface,
+ warning, limit));
}
}
@@ -2070,10 +2098,10 @@
}
@Override
- public void notifyLimitReached() {
- Log.d(TAG, mTag + ": onLimitReached");
+ public void notifyWarningOrLimitReached() {
+ Log.d(TAG, mTag + ": notifyWarningOrLimitReached");
LocalServices.getService(NetworkPolicyManagerInternal.class)
- .onStatsProviderLimitReached(mTag);
+ .onStatsProviderWarningOrLimitReached(mTag);
}
@Override