Cross Reference: /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java

History log of /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
ee27cabe343a665bc2224cdb598857d143b567b2	21-Jun-2016	Felipe Leme <felipeal@google.com>	Ignore system apps on enforceMeteredApnPolicy(). BUG: 29514913 Fixes: 29448383 Change-Id: I19eb004c937e1c872bbf82caa7a919e43d48a259 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
99d5d3d7759883119665d928d110edb14df44ecc	16-May-2016	Felipe Leme <felipeal@google.com>	Added a onRestrictBackgroundBlacklistChanged() callback. When an UID is added / removed to the Data Saver blacklist, it's necessary to notify internal components such as the Settings UI (which was erroneously listening to UID rules changes instead). BUG: 28743623 BUG: 28791717 Change-Id: I11c85e141dfe074ad390fd324309d2412bfbbd45 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
781ba14af2a8c8e85f684208055dba0ebfd5db30	10-May-2016	Felipe Leme <felipeal@google.com>	Fixed connectivity state in some power saving scenarios. NetworkPolicyManagerService (NPMS) manages 4 type of network restriction when apps are running on background: - Data Saver Mode (data usage restriction on metered-networks) - Battery Saver Mode (power restriction on all networks) - Doze Mode (power restriction on all networks) - App Idle (power restriction on all networks) These restrictions affects 2 parts of the system: - Internal framework state on NPMS which is propagated to other internal classes. - External firewall rules (managed by netd). Although each of the power-related restrictions have their own external firewall rules, internally apps are whitelisted to them through the same whitelist, and the current code is only updating the internal state (and notifying the internal listeners) when Battery Saver Mode is on. As a consequence of this problem, there are scenarios where an app correctly does not have internet access (because the firewall rules are properly set), but the NetworkInfo state returns the wrong state (like CONNECTED / CONNECTED). This CL fixes this problem by splitting the power-related logic from updateRulesForRestrictBackgroundLocked() into its own method (updateRulesForPowerRestrictionsLocked()), and making sure such method is called whenever the firewall rules are updated. Externally to this change, the CTS tests were also improved to verify the apps get the proper connection state; it can be verified by running: cts-tradefed run commandAndExit cts -m CtsHostsideNetworkTests \ -t com.android.cts.net.HostsideRestrictBackgroundNetworkTests BUG: 28521946 Change-Id: Id5187eb7a59c549ef30e2b17627ae2d734afa789 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
d31a97fd83468d27d0f4c6e1455c2f6f59d5a7c9	06-May-2016	Felipe Leme <felipeal@google.com>	Fixed connectivity state in some restricted network scenarios. NetworkPolicyManagerService (NMPS) keeps an internal list of uid rules (mUidRules) for network restrictions, and when these rules changes it needs to notify external listeners (such as ConnectivityService / CS). Prior to Android N, both Data Saver mode (the feature previously known as "Restrict Baground Data") and Battery Save mode used the same set of firewall rules to implement their restrictions: when Battery Saver mode NPMS would mark all networks as metered and set the proper firewall rules externally. Recently, these 2 modes were split in 2 distinct firewall rules and NMPS.updateRuleForRestrictBackgroundLocked() was changed to update the mUidRules logic based on the Data Saver firewall (since the Battery Saver firewall changes are handled externally, on updateRuleForRestrictPowerLocked()). As such, CS was not notified when the power-related changes were made, which would cause apps to get a state of CONNECTED / CONNECTED when querying its active connection. Another scenario that is not properly handled is when a UID whitelisted for Data Saver is brought back to foreground: although the proper firewall rules are set, CS is not notified, and the apps state would be DISCONNECTED / BLOCKED. This CL introduces many changes that fix this issue: - Fixed updateRuleForRestrictBackgroundLocked() to invoke onUidRulesChanged() when the Battery Saver status changed. - Fixed updateRuleForRestrictBackgroundLocked() to invoke onUidRulesChanged() when an app whitelisted for Data Saver is brought back to the foreground. - Added a new API (onRestrictPowerChanged() and getRestrictPower()) to notify external services about Battery Saver mode changes. - Fixed CS logic to properly handle the Battery Saver changes. Externally to this change, the CTS tests were also improved to verify the apps get the proper connection state; they can be verified running: cts-tradefed run commandAndExit cts -m CtsHostsideNetworkTests \ -t com.android.cts.net.HostsideRestrictBackgroundNetworkTests BUG: 28521946 Change-Id: I8eaccd39968eb4b8c6b34f462fbc541e5daf55f1 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
46c4fc357ce8e686b6e7c2adda573e9870a8221f	04-May-2016	Felipe Leme <felipeal@google.com>	Refactored NetworkPolicyManagerService mUidRules. NetworkPolicyManagerService (NMPS) keeps an internal list of uid rules (mUidRules) for network restrictions, and when these rules changes it needs to notify external listeners (such as ConnectivityService / CS). Prior to Android N, both Data Saver mode (the feature previously known as "Restrict Baground Data") and Battery Save mode used the same set of firewall rules to implement their restrictions: when Battery Saver mode NPMS would mark all networks as metered and set the proper firewall rules externally. Recently, these 2 modes were split in 2 distinct firewall rules and NMPS.updateRuleForRestrictBackgroundLocked() was changed to update the mUidRules logic based on the Data Saver firewall (since the Battery Saver firewall changes are handled externally, on updateRuleForRestrictPowerLocked()). As such, CS was not notified when the power-related changes were made, which would cause apps to get a state of CONNECTED / CONNECTED when querying its active connection. This change refactores the mUidRules to use bitmasks, in preparation for another change that will fix the issue. It also fixes a minor bug that was preventing removed packages to be removed from the whitelist. BUG: 28521946 Change-Id: I9f0e1509a6192cad403f740c1cd76a6b7dab7d26 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
d17fda40cdcf875002086fbe98bf34ba7cbdb03c	29-Apr-2016	Felipe Leme <felipeal@google.com>	Added option to reset network policies for a given user. BUG: 28429571 Change-Id: I675e4ee5484a865f6819d7a0eef34133be11306f /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
a110eec77f226965cf14d2a2385dae6b22565ec4	29-Apr-2016	Felipe Leme <felipeal@google.com>	Multi-user Data Saver fixes: - When adding a new user, adds its default whitelist apps. - When removing an user, clears its revoked default whitelist apps. BUG: 28451218 Change-Id: Ic30a3d6d30c7575620edd3ad32c3221203626f8d /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
1b6519bd87a59a10e9928e5772a17976692611da	28-Apr-2016	Jeff Sharkey <jsharkey@android.com>	Flag to mark foreground jobs, fix data saver. When a job will eventually run in the foreground, the internal scheduling needs to ignore any background network restrictions when satisfying constraints. This also means the job should ignore the current device doze state, since the requesting app could get the same behavior by starting their own foreground service. Always dispatch network policy changes to ConnectivityService first to ensure that it has up-to-date information. Fix bugs around data saver that were causing networks to not be marked as BLOCKED for background apps; before this fix apps would have been spinning in internal connectivity loops, thinking that the network was actually connected when the kernel was actually blocking their traffic. Offer new ConnectivityService method overloads to ignore the blocked state for a specific UID. Print unsatisfied job constraints to aid debugging. Bug: 26571724 Change-Id: Iaaa17933e6dc1bf6d3dff26d0bfc12222e51e241 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
61731854329a6331ae055bb20d98caf6a71ea5b6	29-Apr-2016	Felipe Leme <felipeal@google.com>	Fixed wrong loop variable (AKA: I, Y U NO J?) BUG: 27366993 BUG: 28451218 Change-Id: I8455ada4194e7fc44ae7448e5cd763d22065fd2e /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
70c8b9b66027409f9dec91872cbe8ae8756d5ea4	25-Apr-2016	Felipe Leme <felipeal@google.com>	Tethering and Data Saver: There Can Be Only One! If tethering is on when Data Saver mode is turned on, tethering should be disabled, and vice-versa. BUG: 28313291 Change-Id: I7f3dadbd97ea1492ab76b41043dea7487c1db02d /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
f07c7b9fd0a640bff4bf7690373613da217fe69b	22-Apr-2016	Jeff Sharkey <jsharkey@android.com>	API changes for DownloadManager and JobScheduler. To support moving DownloadManager, add new JobScheduler network type constraint that matches "any network except roaming." Also add an API to get a specific JobInfo by ID. Since the default network can be different on a per-app basis, and individual apps may be blocked due to app standby, evaluate job connectivity constraints on a per-UID basis. To implement this cleanly, add NetworkInfo.isMetered() to match the isRoaming() API. Add new DownloadManager APIs to support charging and device idle constraints, which are plumbed through to JobScheduler under the hood when scheduled. Add filtering to JobScheduler dumpsys to omit noisy details for packages the caller isn't interested in. Bug: 28098882, 26571724, 19821935 Change-Id: I09ca7184ef7ce6adba399f579d415a5fb2ea6110 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
019fcd2bec414fbb730c0bb0fa62995ee692c5bf	19-Apr-2016	Felipe Leme <felipeal@google.com>	Added onRestrictBackgroundWhitelistChanged callback. When users add or remove an app to the Data Saver Mode whitelist, the app is notified through a ConnectivityManager.ACTION_RESTRICT_BACKGROUND_CHANGED. But besides this broadcast, it's also necessary to notify internal apps such Settings, hence a new method is being added to INetworkPolicyListener. BUG: 27481520 Change-Id: I1537a77becf6b7da1535ed5faabdc894fd9f7084 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
3646cbdfe77ff37475259b39171aa49686c5501a	13-Apr-2016	Amith Yamasani <yamasani@google.com>	Update interface quota on the handler This avoids making expensive netd calls while holding the mRulesLock Doesn't fix the problem of turning on hotspot while WiFi was connected. It is no longer blocked on isNetworkMetered() call though. Partial fix for following bugs... Bug: 27857665 Bug: 28201280 Change-Id: I62f3c0b0571292cc1e156b48ce3329def41cdd07 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
66a6be3a4c955e52ea61e0d35f338983f632abf8	30-Mar-2016	Jack Yu <jackyu@google.com>	Excluded certain APNs (e.g. IMS) from mobile data usage. Added not_metered capability to a mobile network if none of its associated APN types are metered. Also used not_metered capability to determine if a network should be accounted for data usage or not instead of using network type, which is always MOBILE after refactoring. Will add VT usage support in next phase. bug: 20888836 Change-Id: Id692cb856be9a47d0e918371112630128965b1bb /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
01e05e741e2d0b4ec40a54fe50e8c90fdaaa0b46	31-Mar-2016	Felipe Leme <felipeal@google.com>	Save whitelist status of all apps. When app is asked to be whitelisted (or removed from the whitelist), NMPS checks if the app has internet permission, since if it doesn't the firewall rules do not need to be changed. But even if the optimization kicks in, it should still mark the app as whitelisted, otherwise it will leave to inconsistencies like the UI never displaying it as whitelisted. BUG: 26685616 Change-Id: I6e287092d7bf8b7aa3a1bda707b58b128a22bffa /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
ef89c9097893123c5eebe464e6650fbd249cd837	31-Mar-2016	Felipe Leme <felipeal@google.com>	Data Saver Mode should automatically allow foreground services. BUG: 27324964 Change-Id: I8f09b9c9673f3ed697daca14902123a81ce41085 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
70c57c2810eb5004ac6487921bfdf0880f818e3c	29-Mar-2016	Felipe Leme <felipeal@google.com>	Uses bw_happy_box and bw_penalty_box for Data Saver. bw_penalty_box is a blacklist-based firewall chain used to determine which UIDs do not have access to metered interfaces. It can be used alone or with bw_happy_box, which is a whitelist-based chain: when bw_happy_box is enabled, it's included in the bw_penalty_box chain. Currently, NMPS and NMS uses just bw_penalty_box for both blacklist and whitelist, so when Data Saver is turned on, it has to build a extensive list of UIDs to be blacklisted, which can take seconds (since it makes dozens of iptables, and which forks an iptables process) This CL changes this behavior so it uses both chain (plus a new bw_data_saver chain, which is added to the end of bw_happy_box), in which case the Data Saver switch is much faster (around 120-160ms), since it requires just 1 or 2 iptables calls (one to switch the bw_data_saver rule, and another to whitelist the foreground app if it's not whitelisted yet). BUG: 27127112 BUG: 26685616 Change-Id: If10222aef9f49a924b07b978d4bdccdd92f9acdb /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
f28983d3a071d4b420886306853617c0264ca342	25-Mar-2016	Felipe Leme <felipeal@google.com>	More Data Saver / Battery Saver modes cleanup When Battery Saver mode was first implemented, there were no firewall rules on netd, so the solution was to make all network interface metered and re-use the bw_penalty_box chain. Recently, a fw_powersave chain was created with the purpose of separating these 2 concerns, but some scenarios were no properly handled. This change further cleans up the code by: - Creating a updateRestrictionRulesForUidLocked() to be used when both Battery Saver and Power Save rules need to be re-evaluated. - Renaming some methods to be more consistent with others. - Disabling rules for apps that do not have internet permissions. - Updating network stats only when process status changes. - Only updating Battery Saver rules when they changed. BUG: 27127112 BUG: 26685616 Change-Id: I75fbc9733b8989fadcb10ebc154e214e3d256fe9 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
65be3025fd07d53137f5434794d1d1b3a0933aab	22-Mar-2016	Felipe Leme <felipeal@google.com>	Refactored NetworkManagerService to support Data Saver. Netd provides 2 bandwidth control rules to restrict which uids can use metered networks: - bw_penalty_box is a blacklist-based firewall chain used to determine which uids do not have access to metered interfaces. - bw_happy_box is whitelist-based firewall chain used to determine which uids have access to metered interfaces. Currently, both NetworkManagerService (NMS) and NetworkPolicyManagerService (NPMS) uses just the bw_penalty_box rule, which makes turning Data Saver mode on / off too slow (since NPMS needs to build the bw_penalty_box on demand); this CL adds support for both rules on NMS, although NPMS doesn't take advantage of it yet (it will be refactored in a separate CL). BUG: 27127112 BUG: 26685616 Change-Id: Ib954574f7c86269fc9b4cf8ce4ba72ba5878c23d /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
7474fe7b421dcc190c4602389ca0f9c910382260	21-Mar-2016	Jeff Sharkey <jsharkey@android.com>	Ignore wildcard network policies. They never should have been persisted to disk in the first place. Bug: 24972775 Change-Id: If9254f74455823f9fda9545fdf543fc7250a4016 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
71c56189682d22472a1564897dfb55080718f87b	18-Mar-2016	Felipe Leme <felipeal@google.com>	Merge "Cleaned up dependency to data saver mode." into nyc-dev
76010a33025fea69f0c1daf0436bd967e47a69a9	17-Mar-2016	Felipe Leme <felipeal@google.com>	Cleaned up dependency to data saver mode. When power-save mode was first implemented, there were no firewall rules on netd, so the solution was to make all network interface metered and re-use the bw_penalty_box chain. Recently, a fw_powersave chain was created with the purpose of separating these 2 concerns, but the initial implementation left a lot of dead code around; this change cleans up that code. Changes: - Renamed updateRulesForUidLocked() to updateRestrictDataRulesForUidLocked(). - Simplified updateRestrictDataRulesForUidLocked() implementation. - Removed calls to updateRestrictDataRulesForUidLocked() from places that don't touch the data saver rules. - Refactored the data saver part of updateRulesForGlobalChangeLocked() into a updateRulesForRestrictDataLocked(), which is similar to the existing methods for iddle and restricted power. - Changed setRestrictBackground() to use updateRulesForRestrictDataLocked() instead of updateRulesForGlobalChangeLocked(). - Removed redundant calls to updateRestrictDataRulesForUidLocked() and updateRulesForGlobalChangeLocked() when an user id deleted. BUG: 27127112 BUG: 26685616 Change-Id: I621d20139742cc0dd3bbf6fe9cbfe889ddcc1fd7 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
8a372a0a280127743ce9a7ce4b6198c7a02d2a4f	16-Mar-2016	Jeff Sharkey <jsharkey@android.com>	Refactoring FBE APIs based on council feedback. Mostly consists of removing the word "encryption" from most APIs, since we can't actually make promises about the data being encrypted. Bug: 27531029 Change-Id: Iace9d7c4e64716abf86ed11847c40f3947e1d625 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
4f3fc215050bb52d470fc7d6b1fd2eeb39c2119b	04-Mar-2016	Rakesh Iyer <rni@google.com>	Fix ActivityManager watchdog kill. Typo caused an infinite loop causing a watchdog kill. Change-Id: If9a8973c28e284d993d81ba7d6724f9575a30c92 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
7af0be288e3bce8c97e8e830025e011f9686bb42	04-Mar-2016	Felipe Leme <felipeal@google.com>	Merge "Handles blacklist on getRestrictBackgroundStatus()." into nyc-dev
923845fdaa03a3f807a759d0eef3d0decca107d6	02-Mar-2016	Felipe Leme <felipeal@google.com>	Handles blacklist on getRestrictBackgroundStatus(). Initial implementation of getRestrictBackgroundStatus() was just handling the whitelist status of apps when data saver is turned on, but when an app is blacklisted, it should return RESTRICT_BACKGROUND_STATUS_ENABLED regardless of the data saver status. BUG: 27432317 Change-Id: I5a027d8b7d17a13075510ff8f29d41eaa5a6beb8 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
3ce000e647da42c0f39b70dceabbaa52b8ef5ca3	04-Mar-2016	Felipe Leme <felipeal@google.com>	Merge "Code cleanup on NMPS and NMS." into nyc-dev
03e689db51284d37145b8af2e750d6bbd22312b2	03-Mar-2016	Felipe Leme <felipeal@google.com>	Code cleanup on NMPS and NMS. - Always check for DBG before using Slog.d. - Logs duration of NMS.systemReady() when debugging. - Logs duration of NMPS.updateRulesForGlobalChangeLocked() when debugging. - Removed redundant toString() calls. - Catch multiple exceptions. - Replaced enhanced for on nested Iterable iterations. BUG: 21725996 Change-Id: Ia775a394b59de7a0570ad4954d1fe3a2698c66d6 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
011b98f93a4e0f609f9f3a83be784021c8b593a6	11-Feb-2016	Felipe Leme <felipeal@google.com>	Created a firewall chain for power save mode. When power-save mode was first implemented, there were no firewall rules on netd, so the solution was to make all network interface metered and re-use the bw_penalty_box chain. This change removes that workaround by creating a explicit fw_powersave chain, whose behavior is similar to fw_dozable (in fact, it reuses some of its code); such change not only makes network restrictions on power-save mode simpler, but it also allows to optimze how the restrict network rules are changed (which will be done in a separate change). BUG: 27127112 BUG: 26685616 Change-Id: I7f7a7b1c1855e916c6651ad90da29fe187a7bea2 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
a9505cc39b770a1ee4524d05efb859a9500d892f	26-Feb-2016	Felipe Leme <felipeal@google.com>	Add pre-defined apps to the restrict background whitelist. System config can defined apps to be automatically whitelisted for restricted background data, but the user can remove the whitelist. Implementation-wise, NPMS now keeps a list of <revoked-restrict-background> UIDs in the netpolicy.xml file, and when it starts it compares the UIDs returned by SystemConfig against this list, and only whitelist them if they are not revoked. The revoked-restrict-background is then updated as users change the whitelist status of UIDs. BUG: 27366993 Change-Id: I427024fd058924fc9831e409da6636e1bf8e4219 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
f23aa99270606b227d007b8f7c1619f564c55b0f	22-Jan-2016	Jason Monk <jmonk@google.com>	Move background data notif to data saver status icon Bug: 26796370 Change-Id: Ibf53c3affa63100b603e362b58ca6d2958791321 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
6a05eee2bdbabb844f1d63741a0680477ec63546	19-Feb-2016	Felipe Leme <felipeal@google.com>	Fixed permissions so Shell can call netpolicy methods. BUG: 27127112 Change-Id: I5548aba70a1c25be139462fbabe9a854fa96d2a6 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
2b5087b381ee6417e9c6a146c75931c154129a57	17-Feb-2016	Felipe Leme <felipeal@google.com>	Merge "Added extra check to avoid NPE if package does not exist." into nyc-dev
86e5a01708256901cb81d5daeeb24fe946436cf2	17-Feb-2016	Felipe Leme <felipeal@google.com>	Added extra check to avoid NPE if package does not exist. BUG: 26685616 Change-Id: I244e479fd9668bc4f07b8797ce2fc1e1df7a4d28 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
2a4ac4e5ef2a755e74f62a2974c6069a87520d05	12-Feb-2016	Amith Yamasani <yamasani@google.com>	Use hasInternetPermission method Followup to Bug: 27165396 Change-Id: Ibdf6f5dd15197d4e19d7c7729612c13a02cdbf2b /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
b8849e6891dd91bc62e90b5ccd78621dbf6e4093	12-Feb-2016	Amith Yamasani <yamasani@google.com>	Merge "When the device boots up, netd works more than required" into nyc-dev
a065da1703406c7e45acf7b3f16feed3b6a558a6	21-Dec-2015	Soi, Yoshinari <yoshinari.x.soi@sonymobile.com>	When the device boots up, netd works more than required When the device boots up, netd adds rules for applications which do not have the NETWORK permission to iptables. Therefore, optimize NetworkPolicyManagerService to not touch uids that do not have the NETWORK permission. This modification is similar to Google commit 88e98dfa5. Cherry picked from AOSP commit to master. Bug: 27165396 Change-Id: Ic8bb837143b9e349859210654248195d62b73d17 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
47585ba14352d20f8e8633f5409f1fe954cc8511	10-Feb-2016	Felipe Leme <felipeal@google.com>	Optimized add\|removeRestrictBackgroundWhitelistedUid(). The initial implementation of these methods was calling updateRulesForGlobalChangeLocked(), which is expensive. The new implementation is optimized by: - quitting earlier if there is no change - only calling setUidNetworkRules - only broadcasting a ACTION_RESTRICT_BACKGROUND_CHANGED it the status of the app changed. This change also removed the unnecessary onPackageRemovedAllUsers() callback (just onPackageRemoved() is enough). BUG: 26685616 Change-Id: If38b8b870e992c48e40b4362e8170c64ff8b2a9d /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
b1a65ee161d2dd1bb5fee752659350d43102fd0c	08-Feb-2016	Felipe Leme <felipeal@google.com>	Changed list metered-networks so it returns all networks. Prior to this change it was relying on NMPS.getNetworkPolicies(), which would not return networks that never had any policy attribute (like metered) set. This change fix this problem by also querying the WifiManager for the list of saved wi-fi networks. In fact, the new logic is very similar to what's done on SettingLib's NetworkPolicyEditor. BUG: 26685616 Change-Id: I42f37de3a7367718036f45b15c6b5d37b67e7d01 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
95f6280bf13272b0dd345ef8f07f956710c02791	04-Feb-2016	Felipe Leme <felipeal@google.com>	Merge "Propagate changes when uids are added or removed to the restricted background whitelist."
3f52cd5f2a0fb29b9dd65b7dee6d84b6fc9e2e88	03-Feb-2016	Felipe Leme <felipeal@google.com>	Propagate changes when uids are added or removed to the restricted background whitelist. BUG: 26451391 Change-Id: I21eb4959d9f60e83ef96d8d7d1c92e38ddeb2b78 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
de4e8e3a8eee1fb86ccef9e4e3966db4089f9b2e	03-Feb-2016	Felipe Leme <felipeal@google.com>	Created commands to manage metered networks. These commands will be used primarily in the CTS tests: - list metered-networks [BOOLEAN] - get metered-network ID - set metered-network ID BOOLEAN For example, assuming the device has 2 wi-fi networks, and neither is metered: // list all non-mobile networks $ adb shell cmd netpolicy list metered-networks wifi-A;false wifi-B;false // set wifi-A metered $ adb shell cmd netpolicy set metered-network wifi-A true // get wifi-A status $ adb shell cmd netpolicy get metered-network wifi-A true // list only metered non-mobile networks $ adb shell cmd netpolicy list metered-networks true wifi-A;true BUG: 26685616 Change-Id: I1ec8be4579477448fcb7f0d6cfa6b9cc6887fa97 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
f933871976b4dc4c8e71a364b66f5208cefad3d3	03-Feb-2016	Felipe Leme <felipeal@google.com>	Merge "Created a ACTION_RESTRICT_BACKGROUND_CHANGED intent."
a31c591f257c942f22de6dac4c981837179b10de	22-Jan-2016	Fyodor Kupolov <fkupolov@google.com>	Purge all state for a removed user Bug: 26687570 Change-Id: Icd516a871c274ce8986129654081b6dec3850856 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
9778f761237b2533903bacc091b1597990110a7e	27-Jan-2016	Felipe Leme <felipeal@google.com>	Created a ACTION_RESTRICT_BACKGROUND_CHANGED intent. This intent will be broadcasted when: - Global restrict background setting is changed (sent to all packages) - An individual uid is added to or removed from the whitelist (sent just to the packages belonging to that uid). This intent is only sent to registered receivers. BUG: 26451391 Change-Id: Ic0a5771f88baa52076ad04764f29098a386463cc /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
8ab775956720c10277203105d697de771ad6d9ca	26-Jan-2016	Wei Liu <luciferleo@google.com>	Add a null check before reference networkInfo. am: b8eaf45e1d am: dca8f10031 am: a12d383117 am: 21e0927b47 * commit '21e0927b474a686d5827e059476291370c0b306e': Add a null check before reference networkInfo.
b8eaf45e1df007fc4f5a11bb58491abaef39cd57	25-Jan-2016	Wei Liu <luciferleo@google.com>	Add a null check before reference networkInfo. b/26758858 Change-Id: If335ece223114dbfb6b08391f18a09467f377cf1 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
50a235e6c94733659a8cede9ddce8fe8e1cf7124	16-Jan-2016	Felipe Leme <felipeal@google.com>	Initial implementation of onShellCommand(). Only the commands related to restrict background whitelisting were initially added, so they can be used in the CTS test for the new APIs. BUG: 26451391 Change-Id: I5479073d85c44b99368497448f1f8e36cd99e63c /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
1b103238b90ca0aa7a2dcaaf0912361d583367a9	22-Jan-2016	Felipe Leme <felipeal@google.com>	Created new public API so applications can customize its metered network usage while running in background. The new API is 'int getRestrictBackgroundStatus()' and returns the following values: - RESTRICT_BACKGROUND_STATUS_DISABLED: no restrictions - RESTRICT_BACKGROUND_STATUS_WHITELISTED: restriction but app is whitelisted - RESTRICT_BACKGROUND_STATUS_ENABLED: full restriction The proper way to interprete these values for using metered networks while running on background is: - When disabled, there is no restriction and the application could use the metered networks freely. - When whitelisted, the application can use the metered network, but should try to minimize the usage. - When enabled, the application should not try to use metered networks at all, since the usage will be denied. BUG: 26451391 Change-Id: If07d42bb88e4c02802df0234861f38aef2cfead7 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
b85a637eac7714dcbbcf179ef38e5edc11557b78	15-Jan-2016	Felipe Leme <felipeal@google.com>	Added API to whitelist apps for background restriction. The new APIs are: void addRestrictBackgroundWhitelistedUid(int uid); void removeRestrictBackgroundWhitelistedUid(int uid); int[] getRestrictBackgroundWhitelistedUids(); The whitelist is persisted in the same XML used for the other policies, using the new 'whitelist and 'restrict-background' tags. Examples: 3 whitelisted apps: <whitelist> <restrict-background uid="10001" /> <restrict-background uid="10009" /> <restrict-background uid="10086" /> </whitelist> No whitelisted app: <whitelist /> BUG: 26451391 Change-Id: I01b114c346fd8abc05433ad43d010379384f8c2b /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
377ded0fce449f77cd7efae35f97722cdab52693	10-Jan-2016	Jeff Sharkey <jsharkey@android.com>	Fix NPE when UID has no packages. Bug: 25224723 Change-Id: I637214666a1f02bd23474c27a285eea9152cfa9d /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
c5967e9862489024c932b0c7fcb84ed0af2a7fd7	08-Jan-2016	Jeff Sharkey <jsharkey@android.com>	More progress on triaging PackageManager callers. Catch a bunch of simple cases where the PackageManager flags are obvious. Add the ability to use the MATCH_SYSTEM_ONLY flag on PackageInfo and ApplicationInfo queries. Re-examine recent tasks after a user is unlocked, since some of the activities may now be available and runnable. Bug: 26471205, 26253870 Change-Id: I989d9f8409070e5cae13202b47e2c7de85bf4a5b /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
e06b4d1d9f718b9fe02980fea794a36831a16db2	06-Jan-2016	Jeff Sharkey <jsharkey@android.com>	Consistent naming for PackageManager methods. When hidden PackageManager methods take a userId argument, they should be named explicitly with the "AsUser" suffix. This fixes several lagging examples so that we can pave the way to safely start passing flags to new methods without scary overloading. Also fix spacing issues in various logging statements. Change-Id: I1e42f7f66427410275df713bea04f6e0445fba28 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
2a9e3f8e6813716ab88ca54fd04ae047dc9aaaeb	18-Dec-2015	Jeff Sharkey <jsharkey@android.com>	Better named encryption flags, start triaging. Create distinct flags for encryption aware, unaware, and both, and name them like the other MATCH_ flags. Start adding logic to help triage all system internal callers to verify that they've done their homework and thought about how to handle apps while locked. Call sites in the system should either ask for explicit matching behavior, or explicitly use the DEFAULT match flag to indicate that they've been triaged to use the default state-based matching. Bug: 26250295 Change-Id: I86214e5c4f71a6dc72f06930800388713aecd107 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
bef28feba57be7fd6a4d14a85a8229154338b2ed	30-Oct-2015	Dianne Hackborn <hackbod@google.com>	Initial stab at background check. Actually, this implementation is more what we want for ephemeral apps. I am realizing the two are not really the same thing. :( For this implementation, we now keep track of how long a uid has been in the background, and after a certain amount of time (currently 1 minute) we mark it as "idle". Any packages associated with that uid are then no longer allowed to run in the background. This means, until the app next goes in the foreground: - No manifest broadcast receivers in the app will execute. - No services can be started (binding services is still okay, as this is outside dependencies on the app that should still be represented). - All alarms for the app are cancelled and no more can be set. - All jobs for the app are cancelled and no more can be scheduled. - All syncs for the app are cancelled and no more can be requested. Change-Id: If53714ca4beed35faf2e89f916ce9eaaabd9290d /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
24937d235da1648ece1866ce326da539c0ccb4bf	03-Nov-2015	Dianne Hackborn <hackbod@google.com>	resolve merge conflicts of 3aee38c86e to master. Change-Id: I9ff3f92b37e24f5f0527a0034b159920f6d7ffe1
9a13cc69926c90fe75b624a9a781dc56706a6091	03-Nov-2015	Dianne Hackborn <hackbod@google.com>	Merge "Fix issue #25357209: Could not send SMS or MMS messages, had to reboot" into mnc-dr-dev am: 71e4984505 * commit '71e49845054a3a7dacc51efc4fe658818caec048': Fix issue #25357209: Could not send SMS or MMS messages, had to reboot
fcc95a6d2c749d6b77eca14bf301d665d858a840	02-Nov-2015	Dianne Hackborn <hackbod@google.com>	Fix issue #25357209: Could not send SMS or MMS messages, had to reboot I think what probably happened is that since we only report an app going in to the "interaction" state as an interaction event to usage stats, apps that sit around in that state forever will only see one interaction at the start and never again. So usage stats could start thinking they are idle. Fix this by having the activity manager report an interaction event for such long running applications at least once a day. Also, because it is correct and for paranoia by protected us another way, system uids should never go in to standby. Change-Id: I8a3805bfca86cbe78560488a649ecd07427da99a /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
d166333eb5d3886a18a3a951d833a6d01cb8340d	21-Oct-2015	Kevin Cernekee <cernekee@google.com>	Merge "ignore initial request to disable iptable chain" into mnc-dr-dev am: 3554d62ca0 * commit '3554d62ca02bf6bc7777d1b22699876ec388fe6c': ignore initial request to disable iptable chain
690f18a5648e292c29f17b248644e7b887c1f52c	20-Oct-2015	Xiaohui Chen <xiaohuic@google.com>	ignore initial request to disable iptable chain iptable child chains are disabled by default. Ignore the initial disable request so netd won't throw errors when it cannot detach chains that do not exist. Bug: 22800189 Change-Id: I70b4b8b9e6a5dbffe32841941922b7fd92dcd3d6 Original-Change-Id: I9312dd558ba6d59dc6aa394afeb66a222daafcf9 [cernekee: backported from master branch] /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
7c3e44265147073e5949c42c27134274472990a1	13-Oct-2015	Jeff Sharkey <jsharkey@android.com>	Maybe we can build? Change-Id: Id0ea9da94f8672cc18430903cd8e9c8a6b8ef8e7 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
75f47866066d5b06924530417c7cb72296753ccb	13-Oct-2015	Jeff Sharkey <jsharkey@android.com>	resolved conflicts for f20a5700 to master Change-Id: I1f13a63c3680901fac58ef709118c9242032b11f
7f6d8754e6d509bf17fe0c46130c884b16706b12	12-Oct-2015	Jeff Sharkey <jsharkey@google.com>	am a03ecf7d: Merge "Push firewall rules up to ConnectivityService." into mnc-dr-dev * commit 'a03ecf7d7c8ff2844caf5feecc6d29f1f7346ff9': Push firewall rules up to ConnectivityService.
dc988061ac145c86d6871e249d65ca326aaff99f	14-Sep-2015	Jeff Sharkey <jsharkey@android.com>	Push firewall rules up to ConnectivityService. getActiveNetworkInfo() and friends already know how to augment their results to help apps detect when network access is blocked. This change wires up the new app-idle and device-idle firewall rules to be reported through these APIs. This also causes other platform tools like DownloadManager and SyncManager to respect these new policies. Bug: 24050462 Change-Id: Id9517b0b70be7e3ca2ab27bed8049db916e4d829 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
be3b06766a1ed0e8cecb78c98f08dc2c2703a6d8	02-Sep-2015	Xiaohui Chen <xiaohuic@google.com>	Clean up USER_OWNER in NetworkPolicyManagerSvc Removed some TODOs about network usage warnings going to OWNER only. It is updated to send the warning to all users. Bug: 19913735 Change-Id: Ie49703626a10a530ede28062090d39a3d23dff48 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
7619dba79e3aa422962898920547ac18573ac9c9	13-Aug-2015	Jeff Sharkey <jsharkey@google.com>	am 59a18530: am b4ac3781: am d913d78a: am ea68c4ce: am c97509c0: Merge "Update ifaces when global restriction changes." into mnc-dev * commit '59a18530f5fc0152b7a7609bd2ed2128fa8e7fc7': Update ifaces when global restriction changes.
d913d78a331de5e488b27810d8dd18399f50de48	13-Aug-2015	Jeff Sharkey <jsharkey@google.com>	am ea68c4ce: am c97509c0: Merge "Update ifaces when global restriction changes." into mnc-dev * commit 'ea68c4ceacbe235c4d8688437010d855ef02e1fb': Update ifaces when global restriction changes.
9d14206594c0b50a539ee73e37804542694937d6	13-Aug-2015	Jeff Sharkey <jsharkey@android.com>	Update ifaces when global restriction changes. Global restriction of background data only applies to metered interfaces, but battery saver applies to all interfaces. In the very specific case where global background had been turned on while battery saver was enabled, we'd end up with a stale battery saver rule floating around. This change triggers an update of iface rules when the global restriction changes, giving us consistent behavior. Bug: 23098198 Change-Id: I454dc71cf11d50a2e9e6122e8a801ff17039b43a /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
143ebdb94e13f7a9fee2c9f3801bda1df17844c1	11-Aug-2015	Zach Johnson <zachoverflow@google.com>	DO NOT MERGE Allow a custom component to handle network policy notifications Broadcasts information about network policy notifications to a custom component, if specified, so it can handle them. Also exposes an API to snooze warning notifications. Change-Id: Ic89478fa437861e2d4b6a9443858bcaf12122fba /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
908109c1f909cbeeb766f551c16121ddd1a3adba	08-Aug-2015	Dianne Hackborn <hackbod@google.com>	am 0385e3e9: am 8e63bbfd: am efa4dee1: am 977d421a: am f0e5501e: Merge "Fix issue #22989030: Separate battery whitelists" into mnc-dev * commit '0385e3e908fb9988bb2d2d0d15e32cb6a819b34e': Fix issue #22989030: Separate battery whitelists
4a503b1ece485d44c15eb02ec2bcd464b46e6f7f	07-Aug-2015	Dianne Hackborn <hackbod@google.com>	Fix issue #22989030: Separate battery whitelists We now have a new whitelist you can put apps in, which opts them out of the old battery saver mode and new app idle, but doesn't keep them from going in to doze. This is for a few special cases that we had previously whitelisted for battery saver, and inherited to the new modes... ultimately we should figure out how to get these apps out of the whitelist completely, but this will help for now. Apps in this new whitelist are not shown in the UI, because they are still significantly restricted by not being able to operate normally in doze. This also means they are still visible in the list of all apps for the user to be able to put them on/off the complete whitelist if that is what they really want. In the course of doing this, I needed to clean up code in the network policy manager to better separate management of the two firewall rules that now have different whitelists applied to them. This also hopefully just generally simplifies and cleans up that code. Hopefully! Change-Id: I92e15f2f85899571dd8b049b5e3eb1354f55f353 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
896b49ad02b20cf0723241f1f28dd9bee43f2b99	29-Jul-2015	Xiaohui Chen <xiaohuic@google.com>	ignore initial request to disable iptable chain iptable child chains are disabled by default. Ignore the initial request so netd won't throw errors when it cannot detach chains that does not exist. Bug: 22800189 Change-Id: I9312dd558ba6d59dc6aa394afeb66a222daafcf9 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
a9e72a7653d25ae1974dac3f1156d126c807e40c	31-Jul-2015	Amit Mahajan <amitmahajan@google.com>	Add OrSelf to privileged permission check. Bug: 22857263 Change-Id: Ide7105dfd653e3c271330822fb8cee7cf620e35d /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
72f83d6a05ddecd516787cedb3b49839bb287c6d	27-Jul-2015	Julia Reynolds <juliacr@google.com>	Allow Settings to set background data restrict on secondary users. Bug: 22721091 Change-Id: Iadfbd25f75f233f2c3c080e0de05b0244572b6cd /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
fd854ee58c5d56f84047007ead9f88a767ae956f	14-Jul-2015	Dianne Hackborn <hackbod@google.com>	Fix issue #21626564: MMS should be receivied while Dozing We now place whoever is receiving the MMS on the temporary whitelist while doing so, so they can get network access to download it. There was also an issue that needed to be fixed where we were no longer updating the list of allowed uids while dozing based on their proc states... we now do that. Also did a bit of optimization of the temp white list update path do the network policy manager, instead of going through a broadcast we now directly call in to the network policy manager. This also allows us to have a synchronous version of updating the list, so we can know the app has network access before we tell it to do anything. Finally added battery stats events for things going on and off the whitelist so we can diagnose the behavior there. Change-Id: Ic7fe010af680034d9f8cb014bb135b2addef7455 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
7c5befa4a7ccd6e7e91ffdd93264b717259ec863	14-Jul-2015	Amit Mahajan <amitmahajan@google.com>	Add checks for READ_PRIVILEGED_PHONE_STATE. Callers will have either PRIVILEGED or regular READ_PHONE_STATE. Bug: 22468536 Change-Id: I60251f61250a975f4147b027d2539824a728e3b5 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
3b16cf4f47142a845bf0ede54ef8ef956506c6c3	02-Jul-2015	Dianne Hackborn <hackbod@google.com>	Device idle fixes: issue #22209630 and issue #22225665 Issue #22209630: Only allow whitelisted apps to put apps on the temp whitelist We now check whether the calling app is a system uid or in the whitelist and, if not, throw an exception. Issue #22225665: Alarm still goes off in idle mode (doze) Fix a bug where we were not clearing the calling identity when coming through the dump command to the service, and as a result when we would eventually call out to the alarm manager it wouldn't do what we want. This was only broken when being controlled by the shell. Also adjust the network policy manager service's handling of device idle transitions to only toggle the device idle state, which gets rid of the long delay we have coming out of idle mode. And add in a bit of logging around going in/out of idle mode to try to understand where things may be slow in the future. Change-Id: I4a41f790e9b0bb31330314b94111557d479f2ba5 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
c915eebbf8782f64c5d7167a72c4c4f1d35f6e83	27-Jun-2015	Xiaohui Chen <xiaohuic@google.com>	fix temp white list update in device idle It appears firewall rules for temp white list is updated differently from the non temp one. The non temp one will trigger a global update but the temp one is updating only the uids in the list one by one. The individual uid firewall rule update does not work well with dozable chain. This cl moves the dozable chain update logic out and put it where the white list is updated. BUG:22094135 Change-Id: I425c82da6231b1ef119664907705d0880365f339 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
8dca36dc8a5d17315775ce216689addc5bd9be00	19-Jun-2015	Xiaohui Chen <xiaohuic@google.com>	system_server: optimize app idle parole state change Currently when app idle parole state changes, all idle apps' states are updated one by one including firewall modifications which are very expensive. This optimization gets rid of individual firewall rule changes and makes sure we only modify the firewall once at child chain level. BUG: 21446713 Change-Id: Iafc415fe0bc127826fe17894d4fedcf1755cb17d /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
802ece61399e94bbe98cafaa277c71bee73c03ba	18-Jun-2015	Xiaohui Chen <xiaohuic@google.com>	Merge "system_server: add two child chains to firewall" into mnc-dev
b41c9f7f39939cee8d226eb5e506c3f0573f44f5	18-Jun-2015	Xiaohui Chen <xiaohuic@google.com>	system_server: add two child chains to firewall This is an attempt to speed up getting out of device idle. It groups uid firewall rules in these child chains so we can attach/detach a whole chain instead of individual uid rules. BUG:21446713 Change-Id: Ie8f392da2deabe7cc86a9ecf4ed080163861d41e /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
1958e5e7870579337f1d1d3e6c6fae096ba3abb9	13-Jun-2015	Dianne Hackborn <hackbod@google.com>	Fix issue #21813831: Need API for asking to be added to power whitelist Add the API. Clean up a few related things. Change-Id: I190adad1812f36f6095b98a1001fedb94874e8b5 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
06f0806bd54e907f3d6d2069d263c700bd91260c	12-Jun-2015	Amith Yamasani <yamasani@google.com>	Update network state of apps leaving the whitelist Bug: 21787562 Change-Id: I9f45acc58ba0b4b6cfed08aecbf081a5f57eb217 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
af575b9f8e1b59be9c8862b6a65c0dcb88145a23	30-May-2015	Amith Yamasani <yamasani@google.com>	Temporarily whitelist an app for network during doze API to allow an app to be whitelisted for network and wakelock access for a short period. So even if the device is in idle mode, such apps can be given a chance to download the payload related to a high priority cloud-to-device message. This API is meant for system apps only. A new permission CHANGE_DEVICE_IDLE_TEMP_WHITELIST is required to make this call. Bug: 21525864 Change-Id: Id7a761a664f21af5d7ff55aa56e8df98d15511ca /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
e3e314df4d52881225326d426a76e3e7f1bc40d3	20-Apr-2015	Stuart Scott <stuartscott@google.com>	Network Reset should have a lockdown like Factory Reset. bug:20332322 Change-Id: I7c61a011d11e89513757f112abf320bb2a785edb (cherry picked from commit 94b038bbb291431a7b39611d72f206b07e839891) /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
d23e0d6901935588f9472bd7073fea0009581e9b	16-May-2015	Dianne Hackborn <hackbod@google.com>	Update power manager to track uid state like netstats. To follow the correct semantics for when restricts due to device idle can be applied, power manager need to know about uid process states like net policy so that it can allow wake locks from apps that are in the foreground. Since this is being added to a second place, I reworked things so that the activity manager now keeps track of per-uid process states and allows apps to register to listen to those, rather than having to track lower-level process states and transform them into an overall uid state. Both net policy and power manager use this new facility. Change-Id: I77359164c40d0f36fe1ef296dd9f9c3062431148 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
9e9e2e73c6ec7bece20268196dc89ad0c8bafad4	08-May-2015	Wojciech Staszkiewicz <staszkiewicz@google.com>	Pass charset to XmlPullParser.setInput instead of null Passing null to XmlPullParser.setInput forces it to do additional work, which can be easily avoided if we know the charset beforehand. bug: b/20849543 Change-Id: Iaff97be9df2d0f99d7af8f19f65934439c9658e2 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
f7b795ca1a552909d333ed3f2d5ec881a8b23144	30-Apr-2015	Dianne Hackborn <hackbod@google.com>	Merge "Update use of procstate for services." into mnc-dev
d69e4c1460017062e7c36be55801cb434ad19d97	24-Apr-2015	Dianne Hackborn <hackbod@google.com>	Update use of procstate for services. Now that we have a separate foreground service proc state (above a sleeping top app), update various system services to put their bindings into this state when appropriate. There are two new bind flags for this -- one that just always makes it a foreground service, another that only does it when the device is awake (useful for things like the wallpaper). And with all of that, tweak network policy manager to only include apps that are at least foreground service state when in power save and device idle modes. This will allow us to further reduce the set of apps that have network access (in particular not giving access to the current top app when the screen is off), hopefully leading to even better battery life. Change-Id: I91d85a5c5ed64e856149e9a5d94a634a7925ec7f /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
15e47235c055495ec0ccc24768a6746a960d3a61	25-Apr-2015	Amith Yamasani <yamasani@google.com>	Remove network access for idle apps Track apps going in and out of idle in the NetworkPolicyManagerService. Apply DROP rules in firewall controller if app is to be blacklisted for network access. Firewall can now be in whitelist (old) or blacklist mode. When in blacklist, it allows all by default and we can selectively DENY some uids. Track app idle in UsageStats and update periodically. Track charging/discharging states. TODO: Check for appidle temporary parole state Bug: 20066058 Change-Id: Ia65d7544204b3bcb78a517310ef4adcc05aac6fb /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
0b4daca9ba54b7252ea8c159218391380eb00c8a	27-Apr-2015	Dianne Hackborn <hackbod@google.com>	Implement user-settable power save whitelist. The whitelist is now maintained by DeviceIdleController, which is moving out into its own independent system service. Network stats now queries it for the whitelist, instead of collecting that itself. Also did a few improvements in alarm manager -- made the code for moving alarms out of the pending list more robust, and fixed the debug output to always print the contents of the pending list even if we aren't in a pending state. (That would have helped me identify the problem much earlier.) Change-Id: I0f7119d4c553c3af4d77b2f71246fa6e2c13c561 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
9a9a1d923d476ab21624fa9c5da69e0a4daf51fc	20-Apr-2015	Stuart Scott <stuartscott@google.com>	Fixing build break Change-Id: I7ab3673627d1fda2d96a17c7e1823417fcb5cfef /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
f1fb39763d87dabe254b6ed64ac8f20145035bc0	03-Apr-2015	Stuart Scott <stuartscott@google.com>	Move factoryReset to service and protect. bug:16161518 Change-Id: I02d1bbae1887c62ee426e6f03e8bc1f18c6666bf /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
f851d6dd2a15b74f63c85403afad0ed747f7311c	20-Apr-2015	Erik Kline <ek@google.com>	CONNECTIVITY_ACTION is the new _IMMEDIATE Bug: 20013379 Change-Id: I3e904dc0a0ddb30c7bb8cdb24d0762052ddc59eb /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
16a16899505ec0a9ede5b76650bfb8817b3227c7	16-Apr-2015	Svet Ganov <svetoslavganov@google.com>	Add OP_READ_PHONE_STATE app op - framework The READ_PHONE_STATE permission protects PII information and is in the Phone group. This change is adding the corrseponding app op for gating access to the API guarded by READ_POHNE state which will be used instead as an access control for legacy apps. Change-Id: I2ff895a5a0e529f26ec0ad706266a30d829268ba /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
88e98dfa59e68a860d8c3b462ec03bc0b06d6b5c	23-Mar-2015	Dianne Hackborn <hackbod@google.com>	More work on device idle mode. - There is now an API for people to find out about its state. - Moved DeviceIdleController to be closer to the power manager implementation, since they are closely related. - Job scheduler now knows about idle state and doesn't run jobs while the device is idle. - Battery stats now keeps track of "idling" vs "idle mode". Idling is when we consider the device to be idle, independent of whether we are actually in deep idle mode. This allows us to keep track of longer-term changes independently of cycling in and out of idle mode. - Battery stats also now keeps track of package changes in its daily stats. - Small optimization to network policy manager service to not touch uids that do not have the NETWORK permission. Change-Id: I0b3304fb3722c78cdfdd0c1eada7369ece7cbcf9 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
79ec42e6a3c6a6f6a00ef3ad92221a5ad2149aa9	20-Mar-2015	Dianne Hackborn <hackbod@google.com>	Merge "First stab at device idle mode."
8ad2af7e5b28f71e7bdfc1bb097937c6c1d22b18	18-Mar-2015	Dianne Hackborn <hackbod@google.com>	First stab at device idle mode. Introduce a new device idle controller service that monitor's the device state and determines when to go in to idle mode. When in idle mode, all we do right now is turn off network access the same as we do for power save mode. Many more things should come in the future -- stopping the alarm manager from scheduling (most) alarms, telling GmsCore for it to stop doing stuff, etc. Battery stats now has state tracking for devie idle mode, as well as events for the reasons we can come out of idle mode (significant motion or the device becoming active). Also added new events noting when packages are installed. Renamed the "low power" event in battery stats to "power save" because the former was just way too confusing. Finally, fix buffer size reading kernel wake locks. (Stupidly, just increasing the buffer size. Ideally we should try to be smarter and grow our buffer to fit the data available, but I'll leave that for another time.) Change-Id: I0be2062466c83ee9d890c6cf5a228d9cc4090eca /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
4a357cd2e55293402d7172766f7f9419815fc1e8	19-Mar-2015	Alan Viverette <alanv@google.com>	Replace usages of deprecated Resources.getColor() and getColorStateList() Change-Id: I8f64fe6c4c44a92ff6d07250223ba590a1d691b0 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
08c7116ab9cd04ad6dd3c04aa1017237e7f409ac	28-Feb-2015	John Spurlock <jspurlock@google.com>	Remove unused imports in frameworks/base. Change-Id: I031443de83f93eb57a98863001826671b18f3b17 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
3256601f5e4d94713f59e97b9d4912875c1bdcaf	03-Dec-2014	Jeff Sharkey <jsharkey@android.com>	Offer to "merge" subscribers for data usage. There are some cases where multiple subscriber identities (IMSI) should be treated as "merged together" from a data usage perspective. This is done by extending the template used for matching purposes to support multiple subscribers. Then, when we query historical usage or set network policies, we normalize the matching template to merge to any other identities that should be included. When normalizing, the "lowest" identity is always used for equality and storage purposes, which allows identities to come and go over time. This change also fixes data usage recording for multi-SIM devices by passing along the concrete subscriber identity for each network interface. Also correctly create default policies for multi-SIM devices. This change also drops setPolicyDataEnable() until it can be wired up to the right underlying NetworkAgent. (This means we still bring up the network, and then rely on iptables rules to block traffic when over the limit, instead of proactively disabling the connection.) Bug: 18012787 Change-Id: If6acf32009fdfea2b836f5aff8e2f3e5e0248b4a /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
92d141fbc2f6bfc85dca1056e40512cba6d1dddb	11-Sep-2014	Vinit Deshpande <vinitd@google.com>	Don't require CONNECTIVITY_INTERNAL check for protected broadcasts This change removes requirement that sender has this permission for protected broadcasts (since they can only come from framework) Bug: 17409667 Change-Id: I3431c20a4ed28b3ba2bfc3cf53772e63a3424a2c /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
255dd04271088590fedc46c8e22b2fd4ab142d39	19-Aug-2014	Selim Cinek <cinek@google.com>	Added notification color to all system notifications Bug: 17128331 Change-Id: I81a94510ef51b99916f314c0dd65852426a1fbeb /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
9da2f1e007268a42248a1778aa9b560e3ce3b704	14-Aug-2014	Jeff Sharkey <jsharkey@android.com>	Some networks may have null ifaces, I guess? Seems like a bug further upstream, but guard ourselves against it for now. Bug: 17033841 Change-Id: Id0e5895c3389b63d4e34b1fb064efef8b72cd609 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
eb2c2c790c4b86c9c09245e0b87a38972713434a	12-Aug-2014	Jeff Sharkey <jsharkey@android.com>	Hack and ship: NetworkStats edition. Some devices use clatd for catching raw IPv4 traffic when running on a pure-IPv6 carrier network. In those situations, the per-UID stats are accounted against the clat iface, so framework users need to combine both the "base" and "stacked" iface usage together. This also means that policy rules (like restricting background data or battery saver) need to apply to the stacked ifaces. Finally, we need to massage stats data slightly: -- Currently xt_qtaguid double-counts the clatd traffic leaving the device; both against the original UID on the clat iface, and against UID 0 on the final egress interface. -- All clatd traffic arriving at the device is missing the extra IPv6 packet header overhead when accounted against the final UID. Bug: 12249687, 15459248, 16296564 Change-Id: I0ee59d96831f52782de7a980e4cce9b061902fff /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
aedebda776ee3a68eda498a79bf14855e5f5d62e	14-Jul-2014	John Spurlock <jspurlock@google.com>	Update data limit notification icon + strings. - Use a more specific disabled cellular data icon. - Reword framework strings to use "Cellular" instead of "Mobile" and avoid "enabled/disabled" - Update SystemUI's network limit dialog to follow suit. Bug:16185238 Change-Id: Ie9191990fab17cd7dc04395fad39f84bfff8349d /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
497175beffe26336c092ee11a67b90f79dcdaca7	01-Jul-2014	Dianne Hackborn <hackbod@google.com>	Rework network stats to use proc state for fg/bg. Switch to using the process state to determine whether a process should be foreground or background, instead of the boolean foreground given by the activity manager. This is for battery save mode, where we can now allow more apps to havenetwork access: everything whose process state is at least IMPORTANT_FOREGROUND, which allows music playback and other use-visible things to continue to have network access. Note this also impact the traditional background data disabled state, where now we allow anything top or better to have network access. This automatically includes all persistent processes, the current top activity, and any other processes hosting the top activity or being used by the top activity. So it broadens the set of apps that get network access, but I think this increases it to a reasonable set of things that may actually be needed for the foreground app to work correctly. Change-Id: Icb609a2cea280dc3fa3e83417f478ed77f3685aa /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
be7c50e0a14e91330ce13161bc14a33d34ff6aca	30-Jun-2014	Dianne Hackborn <hackbod@google.com>	Add network access blocking when in battery save mode. The network policy manager now monitors battery save mode and, when in battery save, uses its facility to block access to metered networks to block access to all networks. That is, it tells the network management service that all networks have an (infinite) quota, and puts various app uids to be restricted under quota interfaces as appropriate. This new network blocking needs a new facility to be able to white list apps, such as GmsCore. To do this, I refactored the package manager's permission configuration stuff into a separate SystemConfig class that can be used by others, and it now has a new tag to specify package names that should be white-listed for power save mode. These are retrieved by the network policy manager and used to build a whitelist of uids. The new general config files can now go in system/etc/config, though currently everything still remains in the permissions dir. Still left to be done is changing the semantics of what uids are allowed in this mode, to include all perceptable uids. (So that we can still do things like background music playback.) This will be done in a follow-on CL. Change-Id: I9bb7029f61dae62e6236da5ca60765439f8d76d2 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
684bf34ee8acc41931fac23762b13e14a22011db	30-Apr-2014	Dianne Hackborn <hackbod@google.com>	Switch IProcessObserver to report process state When IProcessObserver was created, the only information we had for the state of a process was its "importance". Now we have the process state, which is much more useful. Switch to reporting that. Change-Id: Icdb3eea8cf96f4eff7ed3d584f940a1bd9cc3884 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
037c33eae74bee2774897d969d48947f9abe254f	09-Apr-2014	Jeff Brown <jeffbrown@google.com>	Plumb display power state through display manager. Declare a new method, Display.getState() to retrieve the actual power state of a display. Improved documentation for Intent.ACTION_SCREEN_ON and Intent.ACTION_SCREEN_OFF to clarify what they really mean in terms of the interactive state of the device. Deprecated PowerManager.isScreenOn() and replaced it with PowerManager.isInteractive() with a more suggestive name and better documentation. Redirect display power state changes to go through the display manager first and only then head over to the power manager for legacy compatibility. Eliminated the bright here and woke here policy flags since they were unused. Simplified the input dispatch policy somewhat. Ensure that screen wake locks are respected up until the point when dozing really begins. Fixed a regression in DreamService where onDreamingStarted might be called before onWindowAttached. Bug: 13133142 Bug: 13472578 Bug: 13929355 Bug: 13760290 Change-Id: Iabef96921dd554ce3768fb18619cefc3230b5fb0 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
9158825f9c41869689d6b1786d7c7aa8bdd524ce	22-Nov-2013	Amith Yamasani <yamasani@google.com>	Move some system services to separate directories Refactored the directory structure so that services can be optionally excluded. This is step 1. Will be followed by another change that makes it possible to remove services from the build. Change-Id: Ideacedfd34b5e213217ad3ff4ebb21c4a8e73f85 /frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java