ee27cabe343a665bc2224cdb598857d143b567b2 |
|
21-Jun-2016 |
Felipe Leme <felipeal@google.com> |
Ignore system apps on enforceMeteredApnPolicy(). BUG: 29514913 Fixes: 29448383 Change-Id: I19eb004c937e1c872bbf82caa7a919e43d48a259
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
99d5d3d7759883119665d928d110edb14df44ecc |
|
16-May-2016 |
Felipe Leme <felipeal@google.com> |
Added a onRestrictBackgroundBlacklistChanged() callback. When an UID is added / removed to the Data Saver blacklist, it's necessary to notify internal components such as the Settings UI (which was erroneously listening to UID rules changes instead). BUG: 28743623 BUG: 28791717 Change-Id: I11c85e141dfe074ad390fd324309d2412bfbbd45
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
781ba14af2a8c8e85f684208055dba0ebfd5db30 |
|
10-May-2016 |
Felipe Leme <felipeal@google.com> |
Fixed connectivity state in some power saving scenarios. NetworkPolicyManagerService (NPMS) manages 4 type of network restriction when apps are running on background: - Data Saver Mode (data usage restriction on metered-networks) - Battery Saver Mode (power restriction on all networks) - Doze Mode (power restriction on all networks) - App Idle (power restriction on all networks) These restrictions affects 2 parts of the system: - Internal framework state on NPMS which is propagated to other internal classes. - External firewall rules (managed by netd). Although each of the power-related restrictions have their own external firewall rules, internally apps are whitelisted to them through the same whitelist, and the current code is only updating the internal state (and notifying the internal listeners) when Battery Saver Mode is on. As a consequence of this problem, there are scenarios where an app correctly does not have internet access (because the firewall rules are properly set), but the NetworkInfo state returns the wrong state (like CONNECTED / CONNECTED). This CL fixes this problem by splitting the power-related logic from updateRulesForRestrictBackgroundLocked() into its own method (updateRulesForPowerRestrictionsLocked()), and making sure such method is called whenever the firewall rules are updated. Externally to this change, the CTS tests were also improved to verify the apps get the proper connection state; it can be verified by running: cts-tradefed run commandAndExit cts -m CtsHostsideNetworkTests \ -t com.android.cts.net.HostsideRestrictBackgroundNetworkTests BUG: 28521946 Change-Id: Id5187eb7a59c549ef30e2b17627ae2d734afa789
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
d31a97fd83468d27d0f4c6e1455c2f6f59d5a7c9 |
|
06-May-2016 |
Felipe Leme <felipeal@google.com> |
Fixed connectivity state in some restricted network scenarios. NetworkPolicyManagerService (NMPS) keeps an internal list of uid rules (mUidRules) for network restrictions, and when these rules changes it needs to notify external listeners (such as ConnectivityService / CS). Prior to Android N, both Data Saver mode (the feature previously known as "Restrict Baground Data") and Battery Save mode used the same set of firewall rules to implement their restrictions: when Battery Saver mode NPMS would mark all networks as metered and set the proper firewall rules externally. Recently, these 2 modes were split in 2 distinct firewall rules and NMPS.updateRuleForRestrictBackgroundLocked() was changed to update the mUidRules logic based on the Data Saver firewall (since the Battery Saver firewall changes are handled externally, on updateRuleForRestrictPowerLocked()). As such, CS was not notified when the power-related changes were made, which would cause apps to get a state of CONNECTED / CONNECTED when querying its active connection. Another scenario that is not properly handled is when a UID whitelisted for Data Saver is brought back to foreground: although the proper firewall rules are set, CS is not notified, and the apps state would be DISCONNECTED / BLOCKED. This CL introduces many changes that fix this issue: - Fixed updateRuleForRestrictBackgroundLocked() to invoke onUidRulesChanged() when the Battery Saver status changed. - Fixed updateRuleForRestrictBackgroundLocked() to invoke onUidRulesChanged() when an app whitelisted for Data Saver is brought back to the foreground. - Added a new API (onRestrictPowerChanged() and getRestrictPower()) to notify external services about Battery Saver mode changes. - Fixed CS logic to properly handle the Battery Saver changes. Externally to this change, the CTS tests were also improved to verify the apps get the proper connection state; they can be verified running: cts-tradefed run commandAndExit cts -m CtsHostsideNetworkTests \ -t com.android.cts.net.HostsideRestrictBackgroundNetworkTests BUG: 28521946 Change-Id: I8eaccd39968eb4b8c6b34f462fbc541e5daf55f1
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
46c4fc357ce8e686b6e7c2adda573e9870a8221f |
|
04-May-2016 |
Felipe Leme <felipeal@google.com> |
Refactored NetworkPolicyManagerService mUidRules. NetworkPolicyManagerService (NMPS) keeps an internal list of uid rules (mUidRules) for network restrictions, and when these rules changes it needs to notify external listeners (such as ConnectivityService / CS). Prior to Android N, both Data Saver mode (the feature previously known as "Restrict Baground Data") and Battery Save mode used the same set of firewall rules to implement their restrictions: when Battery Saver mode NPMS would mark all networks as metered and set the proper firewall rules externally. Recently, these 2 modes were split in 2 distinct firewall rules and NMPS.updateRuleForRestrictBackgroundLocked() was changed to update the mUidRules logic based on the Data Saver firewall (since the Battery Saver firewall changes are handled externally, on updateRuleForRestrictPowerLocked()). As such, CS was not notified when the power-related changes were made, which would cause apps to get a state of CONNECTED / CONNECTED when querying its active connection. This change refactores the mUidRules to use bitmasks, in preparation for another change that will fix the issue. It also fixes a minor bug that was preventing removed packages to be removed from the whitelist. BUG: 28521946 Change-Id: I9f0e1509a6192cad403f740c1cd76a6b7dab7d26
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
d17fda40cdcf875002086fbe98bf34ba7cbdb03c |
|
29-Apr-2016 |
Felipe Leme <felipeal@google.com> |
Added option to reset network policies for a given user. BUG: 28429571 Change-Id: I675e4ee5484a865f6819d7a0eef34133be11306f
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
a110eec77f226965cf14d2a2385dae6b22565ec4 |
|
29-Apr-2016 |
Felipe Leme <felipeal@google.com> |
Multi-user Data Saver fixes: - When adding a new user, adds its default whitelist apps. - When removing an user, clears its revoked default whitelist apps. BUG: 28451218 Change-Id: Ic30a3d6d30c7575620edd3ad32c3221203626f8d
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
1b6519bd87a59a10e9928e5772a17976692611da |
|
28-Apr-2016 |
Jeff Sharkey <jsharkey@android.com> |
Flag to mark foreground jobs, fix data saver. When a job will eventually run in the foreground, the internal scheduling needs to ignore any background network restrictions when satisfying constraints. This also means the job should ignore the current device doze state, since the requesting app could get the same behavior by starting their own foreground service. Always dispatch network policy changes to ConnectivityService first to ensure that it has up-to-date information. Fix bugs around data saver that were causing networks to not be marked as BLOCKED for background apps; before this fix apps would have been spinning in internal connectivity loops, thinking that the network was actually connected when the kernel was actually blocking their traffic. Offer new ConnectivityService method overloads to ignore the blocked state for a specific UID. Print unsatisfied job constraints to aid debugging. Bug: 26571724 Change-Id: Iaaa17933e6dc1bf6d3dff26d0bfc12222e51e241
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
61731854329a6331ae055bb20d98caf6a71ea5b6 |
|
29-Apr-2016 |
Felipe Leme <felipeal@google.com> |
Fixed wrong loop variable (AKA: I, Y U NO J?) BUG: 27366993 BUG: 28451218 Change-Id: I8455ada4194e7fc44ae7448e5cd763d22065fd2e
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
70c8b9b66027409f9dec91872cbe8ae8756d5ea4 |
|
25-Apr-2016 |
Felipe Leme <felipeal@google.com> |
Tethering and Data Saver: There Can Be Only One! If tethering is on when Data Saver mode is turned on, tethering should be disabled, and vice-versa. BUG: 28313291 Change-Id: I7f3dadbd97ea1492ab76b41043dea7487c1db02d
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
f07c7b9fd0a640bff4bf7690373613da217fe69b |
|
22-Apr-2016 |
Jeff Sharkey <jsharkey@android.com> |
API changes for DownloadManager and JobScheduler. To support moving DownloadManager, add new JobScheduler network type constraint that matches "any network except roaming." Also add an API to get a specific JobInfo by ID. Since the default network can be different on a per-app basis, and individual apps may be blocked due to app standby, evaluate job connectivity constraints on a per-UID basis. To implement this cleanly, add NetworkInfo.isMetered() to match the isRoaming() API. Add new DownloadManager APIs to support charging and device idle constraints, which are plumbed through to JobScheduler under the hood when scheduled. Add filtering to JobScheduler dumpsys to omit noisy details for packages the caller isn't interested in. Bug: 28098882, 26571724, 19821935 Change-Id: I09ca7184ef7ce6adba399f579d415a5fb2ea6110
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
019fcd2bec414fbb730c0bb0fa62995ee692c5bf |
|
19-Apr-2016 |
Felipe Leme <felipeal@google.com> |
Added onRestrictBackgroundWhitelistChanged callback. When users add or remove an app to the Data Saver Mode whitelist, the app is notified through a ConnectivityManager.ACTION_RESTRICT_BACKGROUND_CHANGED. But besides this broadcast, it's also necessary to notify internal apps such Settings, hence a new method is being added to INetworkPolicyListener. BUG: 27481520 Change-Id: I1537a77becf6b7da1535ed5faabdc894fd9f7084
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
3646cbdfe77ff37475259b39171aa49686c5501a |
|
13-Apr-2016 |
Amith Yamasani <yamasani@google.com> |
Update interface quota on the handler This avoids making expensive netd calls while holding the mRulesLock Doesn't fix the problem of turning on hotspot while WiFi was connected. It is no longer blocked on isNetworkMetered() call though. Partial fix for following bugs... Bug: 27857665 Bug: 28201280 Change-Id: I62f3c0b0571292cc1e156b48ce3329def41cdd07
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
66a6be3a4c955e52ea61e0d35f338983f632abf8 |
|
30-Mar-2016 |
Jack Yu <jackyu@google.com> |
Excluded certain APNs (e.g. IMS) from mobile data usage. Added not_metered capability to a mobile network if none of its associated APN types are metered. Also used not_metered capability to determine if a network should be accounted for data usage or not instead of using network type, which is always MOBILE after refactoring. Will add VT usage support in next phase. bug: 20888836 Change-Id: Id692cb856be9a47d0e918371112630128965b1bb
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
01e05e741e2d0b4ec40a54fe50e8c90fdaaa0b46 |
|
31-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Save whitelist status of all apps. When app is asked to be whitelisted (or removed from the whitelist), NMPS checks if the app has internet permission, since if it doesn't the firewall rules do not need to be changed. But even if the optimization kicks in, it should still mark the app as whitelisted, otherwise it will leave to inconsistencies like the UI never displaying it as whitelisted. BUG: 26685616 Change-Id: I6e287092d7bf8b7aa3a1bda707b58b128a22bffa
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
ef89c9097893123c5eebe464e6650fbd249cd837 |
|
31-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Data Saver Mode should automatically allow foreground services. BUG: 27324964 Change-Id: I8f09b9c9673f3ed697daca14902123a81ce41085
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
70c57c2810eb5004ac6487921bfdf0880f818e3c |
|
29-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Uses bw_happy_box and bw_penalty_box for Data Saver. bw_penalty_box is a blacklist-based firewall chain used to determine which UIDs do not have access to metered interfaces. It can be used alone or with bw_happy_box, which is a whitelist-based chain: when bw_happy_box is enabled, it's included in the bw_penalty_box chain. Currently, NMPS and NMS uses just bw_penalty_box for both blacklist and whitelist, so when Data Saver is turned on, it has to build a extensive list of UIDs to be blacklisted, which can take seconds (since it makes dozens of iptables, and which forks an iptables process) This CL changes this behavior so it uses both chain (plus a new bw_data_saver chain, which is added to the end of bw_happy_box), in which case the Data Saver switch is much faster (around 120-160ms), since it requires just 1 or 2 iptables calls (one to switch the bw_data_saver rule, and another to whitelist the foreground app if it's not whitelisted yet). BUG: 27127112 BUG: 26685616 Change-Id: If10222aef9f49a924b07b978d4bdccdd92f9acdb
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
f28983d3a071d4b420886306853617c0264ca342 |
|
25-Mar-2016 |
Felipe Leme <felipeal@google.com> |
More Data Saver / Battery Saver modes cleanup When Battery Saver mode was first implemented, there were no firewall rules on netd, so the solution was to make all network interface metered and re-use the bw_penalty_box chain. Recently, a fw_powersave chain was created with the purpose of separating these 2 concerns, but some scenarios were no properly handled. This change further cleans up the code by: - Creating a updateRestrictionRulesForUidLocked() to be used when both Battery Saver and Power Save rules need to be re-evaluated. - Renaming some methods to be more consistent with others. - Disabling rules for apps that do not have internet permissions. - Updating network stats only when process status changes. - Only updating Battery Saver rules when they changed. BUG: 27127112 BUG: 26685616 Change-Id: I75fbc9733b8989fadcb10ebc154e214e3d256fe9
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
65be3025fd07d53137f5434794d1d1b3a0933aab |
|
22-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Refactored NetworkManagerService to support Data Saver. Netd provides 2 bandwidth control rules to restrict which uids can use metered networks: - bw_penalty_box is a blacklist-based firewall chain used to determine which uids do not have access to metered interfaces. - bw_happy_box is whitelist-based firewall chain used to determine which uids have access to metered interfaces. Currently, both NetworkManagerService (NMS) and NetworkPolicyManagerService (NPMS) uses just the bw_penalty_box rule, which makes turning Data Saver mode on / off too slow (since NPMS needs to build the bw_penalty_box on demand); this CL adds support for both rules on NMS, although NPMS doesn't take advantage of it yet (it will be refactored in a separate CL). BUG: 27127112 BUG: 26685616 Change-Id: Ib954574f7c86269fc9b4cf8ce4ba72ba5878c23d
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
7474fe7b421dcc190c4602389ca0f9c910382260 |
|
21-Mar-2016 |
Jeff Sharkey <jsharkey@android.com> |
Ignore wildcard network policies. They never should have been persisted to disk in the first place. Bug: 24972775 Change-Id: If9254f74455823f9fda9545fdf543fc7250a4016
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
71c56189682d22472a1564897dfb55080718f87b |
|
18-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Merge "Cleaned up dependency to data saver mode." into nyc-dev
|
76010a33025fea69f0c1daf0436bd967e47a69a9 |
|
17-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Cleaned up dependency to data saver mode. When power-save mode was first implemented, there were no firewall rules on netd, so the solution was to make all network interface metered and re-use the bw_penalty_box chain. Recently, a fw_powersave chain was created with the purpose of separating these 2 concerns, but the initial implementation left a lot of dead code around; this change cleans up that code. Changes: - Renamed updateRulesForUidLocked() to updateRestrictDataRulesForUidLocked(). - Simplified updateRestrictDataRulesForUidLocked() implementation. - Removed calls to updateRestrictDataRulesForUidLocked() from places that don't touch the data saver rules. - Refactored the data saver part of updateRulesForGlobalChangeLocked() into a updateRulesForRestrictDataLocked(), which is similar to the existing methods for iddle and restricted power. - Changed setRestrictBackground() to use updateRulesForRestrictDataLocked() instead of updateRulesForGlobalChangeLocked(). - Removed redundant calls to updateRestrictDataRulesForUidLocked() and updateRulesForGlobalChangeLocked() when an user id deleted. BUG: 27127112 BUG: 26685616 Change-Id: I621d20139742cc0dd3bbf6fe9cbfe889ddcc1fd7
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
8a372a0a280127743ce9a7ce4b6198c7a02d2a4f |
|
16-Mar-2016 |
Jeff Sharkey <jsharkey@android.com> |
Refactoring FBE APIs based on council feedback. Mostly consists of removing the word "encryption" from most APIs, since we can't actually make promises about the data being encrypted. Bug: 27531029 Change-Id: Iace9d7c4e64716abf86ed11847c40f3947e1d625
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
4f3fc215050bb52d470fc7d6b1fd2eeb39c2119b |
|
04-Mar-2016 |
Rakesh Iyer <rni@google.com> |
Fix ActivityManager watchdog kill. Typo caused an infinite loop causing a watchdog kill. Change-Id: If9a8973c28e284d993d81ba7d6724f9575a30c92
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
7af0be288e3bce8c97e8e830025e011f9686bb42 |
|
04-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Merge "Handles blacklist on getRestrictBackgroundStatus()." into nyc-dev
|
923845fdaa03a3f807a759d0eef3d0decca107d6 |
|
02-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Handles blacklist on getRestrictBackgroundStatus(). Initial implementation of getRestrictBackgroundStatus() was just handling the whitelist status of apps when data saver is turned on, but when an app is blacklisted, it should return RESTRICT_BACKGROUND_STATUS_ENABLED regardless of the data saver status. BUG: 27432317 Change-Id: I5a027d8b7d17a13075510ff8f29d41eaa5a6beb8
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
3ce000e647da42c0f39b70dceabbaa52b8ef5ca3 |
|
04-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Merge "Code cleanup on NMPS and NMS." into nyc-dev
|
03e689db51284d37145b8af2e750d6bbd22312b2 |
|
03-Mar-2016 |
Felipe Leme <felipeal@google.com> |
Code cleanup on NMPS and NMS. - Always check for DBG before using Slog.d. - Logs duration of NMS.systemReady() when debugging. - Logs duration of NMPS.updateRulesForGlobalChangeLocked() when debugging. - Removed redundant toString() calls. - Catch multiple exceptions. - Replaced enhanced for on nested Iterable iterations. BUG: 21725996 Change-Id: Ia775a394b59de7a0570ad4954d1fe3a2698c66d6
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
011b98f93a4e0f609f9f3a83be784021c8b593a6 |
|
11-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Created a firewall chain for power save mode. When power-save mode was first implemented, there were no firewall rules on netd, so the solution was to make all network interface metered and re-use the bw_penalty_box chain. This change removes that workaround by creating a explicit fw_powersave chain, whose behavior is similar to fw_dozable (in fact, it reuses some of its code); such change not only makes network restrictions on power-save mode simpler, but it also allows to optimze how the restrict network rules are changed (which will be done in a separate change). BUG: 27127112 BUG: 26685616 Change-Id: I7f7a7b1c1855e916c6651ad90da29fe187a7bea2
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
a9505cc39b770a1ee4524d05efb859a9500d892f |
|
26-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Add pre-defined apps to the restrict background whitelist. System config can defined apps to be automatically whitelisted for restricted background data, but the user can remove the whitelist. Implementation-wise, NPMS now keeps a list of <revoked-restrict-background> UIDs in the netpolicy.xml file, and when it starts it compares the UIDs returned by SystemConfig against this list, and only whitelist them if they are not revoked. The revoked-restrict-background is then updated as users change the whitelist status of UIDs. BUG: 27366993 Change-Id: I427024fd058924fc9831e409da6636e1bf8e4219
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
f23aa99270606b227d007b8f7c1619f564c55b0f |
|
22-Jan-2016 |
Jason Monk <jmonk@google.com> |
Move background data notif to data saver status icon Bug: 26796370 Change-Id: Ibf53c3affa63100b603e362b58ca6d2958791321
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
6a05eee2bdbabb844f1d63741a0680477ec63546 |
|
19-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Fixed permissions so Shell can call netpolicy methods. BUG: 27127112 Change-Id: I5548aba70a1c25be139462fbabe9a854fa96d2a6
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
2b5087b381ee6417e9c6a146c75931c154129a57 |
|
17-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Merge "Added extra check to avoid NPE if package does not exist." into nyc-dev
|
86e5a01708256901cb81d5daeeb24fe946436cf2 |
|
17-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Added extra check to avoid NPE if package does not exist. BUG: 26685616 Change-Id: I244e479fd9668bc4f07b8797ce2fc1e1df7a4d28
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
2a4ac4e5ef2a755e74f62a2974c6069a87520d05 |
|
12-Feb-2016 |
Amith Yamasani <yamasani@google.com> |
Use hasInternetPermission method Followup to Bug: 27165396 Change-Id: Ibdf6f5dd15197d4e19d7c7729612c13a02cdbf2b
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
b8849e6891dd91bc62e90b5ccd78621dbf6e4093 |
|
12-Feb-2016 |
Amith Yamasani <yamasani@google.com> |
Merge "When the device boots up, netd works more than required" into nyc-dev
|
a065da1703406c7e45acf7b3f16feed3b6a558a6 |
|
21-Dec-2015 |
Soi, Yoshinari <yoshinari.x.soi@sonymobile.com> |
When the device boots up, netd works more than required When the device boots up, netd adds rules for applications which do not have the NETWORK permission to iptables. Therefore, optimize NetworkPolicyManagerService to not touch uids that do not have the NETWORK permission. This modification is similar to Google commit 88e98dfa5. Cherry picked from AOSP commit to master. Bug: 27165396 Change-Id: Ic8bb837143b9e349859210654248195d62b73d17
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
47585ba14352d20f8e8633f5409f1fe954cc8511 |
|
10-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Optimized add|removeRestrictBackgroundWhitelistedUid(). The initial implementation of these methods was calling updateRulesForGlobalChangeLocked(), which is expensive. The new implementation is optimized by: - quitting earlier if there is no change - only calling setUidNetworkRules - only broadcasting a ACTION_RESTRICT_BACKGROUND_CHANGED it the status of the app changed. This change also removed the unnecessary onPackageRemovedAllUsers() callback (just onPackageRemoved() is enough). BUG: 26685616 Change-Id: If38b8b870e992c48e40b4362e8170c64ff8b2a9d
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
b1a65ee161d2dd1bb5fee752659350d43102fd0c |
|
08-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Changed list metered-networks so it returns all networks. Prior to this change it was relying on NMPS.getNetworkPolicies(), which would not return networks that never had any policy attribute (like metered) set. This change fix this problem by also querying the WifiManager for the list of saved wi-fi networks. In fact, the new logic is very similar to what's done on SettingLib's NetworkPolicyEditor. BUG: 26685616 Change-Id: I42f37de3a7367718036f45b15c6b5d37b67e7d01
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
95f6280bf13272b0dd345ef8f07f956710c02791 |
|
04-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Merge "Propagate changes when uids are added or removed to the restricted background whitelist."
|
3f52cd5f2a0fb29b9dd65b7dee6d84b6fc9e2e88 |
|
03-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Propagate changes when uids are added or removed to the restricted background whitelist. BUG: 26451391 Change-Id: I21eb4959d9f60e83ef96d8d7d1c92e38ddeb2b78
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
de4e8e3a8eee1fb86ccef9e4e3966db4089f9b2e |
|
03-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Created commands to manage metered networks. These commands will be used primarily in the CTS tests: - list metered-networks [BOOLEAN] - get metered-network ID - set metered-network ID BOOLEAN For example, assuming the device has 2 wi-fi networks, and neither is metered: // list all non-mobile networks $ adb shell cmd netpolicy list metered-networks wifi-A;false wifi-B;false // set wifi-A metered $ adb shell cmd netpolicy set metered-network wifi-A true // get wifi-A status $ adb shell cmd netpolicy get metered-network wifi-A true // list only metered non-mobile networks $ adb shell cmd netpolicy list metered-networks true wifi-A;true BUG: 26685616 Change-Id: I1ec8be4579477448fcb7f0d6cfa6b9cc6887fa97
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
f933871976b4dc4c8e71a364b66f5208cefad3d3 |
|
03-Feb-2016 |
Felipe Leme <felipeal@google.com> |
Merge "Created a ACTION_RESTRICT_BACKGROUND_CHANGED intent."
|
a31c591f257c942f22de6dac4c981837179b10de |
|
22-Jan-2016 |
Fyodor Kupolov <fkupolov@google.com> |
Purge all state for a removed user Bug: 26687570 Change-Id: Icd516a871c274ce8986129654081b6dec3850856
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
9778f761237b2533903bacc091b1597990110a7e |
|
27-Jan-2016 |
Felipe Leme <felipeal@google.com> |
Created a ACTION_RESTRICT_BACKGROUND_CHANGED intent. This intent will be broadcasted when: - Global restrict background setting is changed (sent to all packages) - An individual uid is added to or removed from the whitelist (sent just to the packages belonging to that uid). This intent is only sent to registered receivers. BUG: 26451391 Change-Id: Ic0a5771f88baa52076ad04764f29098a386463cc
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
8ab775956720c10277203105d697de771ad6d9ca |
|
26-Jan-2016 |
Wei Liu <luciferleo@google.com> |
Add a null check before reference networkInfo. am: b8eaf45e1d am: dca8f10031 am: a12d383117 am: 21e0927b47 * commit '21e0927b474a686d5827e059476291370c0b306e': Add a null check before reference networkInfo.
|
b8eaf45e1df007fc4f5a11bb58491abaef39cd57 |
|
25-Jan-2016 |
Wei Liu <luciferleo@google.com> |
Add a null check before reference networkInfo. b/26758858 Change-Id: If335ece223114dbfb6b08391f18a09467f377cf1
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
50a235e6c94733659a8cede9ddce8fe8e1cf7124 |
|
16-Jan-2016 |
Felipe Leme <felipeal@google.com> |
Initial implementation of onShellCommand(). Only the commands related to restrict background whitelisting were initially added, so they can be used in the CTS test for the new APIs. BUG: 26451391 Change-Id: I5479073d85c44b99368497448f1f8e36cd99e63c
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
1b103238b90ca0aa7a2dcaaf0912361d583367a9 |
|
22-Jan-2016 |
Felipe Leme <felipeal@google.com> |
Created new public API so applications can customize its metered network usage while running in background. The new API is 'int getRestrictBackgroundStatus()' and returns the following values: - RESTRICT_BACKGROUND_STATUS_DISABLED: no restrictions - RESTRICT_BACKGROUND_STATUS_WHITELISTED: restriction but app is whitelisted - RESTRICT_BACKGROUND_STATUS_ENABLED: full restriction The proper way to interprete these values for using metered networks while running on background is: - When disabled, there is no restriction and the application could use the metered networks freely. - When whitelisted, the application can use the metered network, but should try to minimize the usage. - When enabled, the application should not try to use metered networks at all, since the usage will be denied. BUG: 26451391 Change-Id: If07d42bb88e4c02802df0234861f38aef2cfead7
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
b85a637eac7714dcbbcf179ef38e5edc11557b78 |
|
15-Jan-2016 |
Felipe Leme <felipeal@google.com> |
Added API to whitelist apps for background restriction. The new APIs are: void addRestrictBackgroundWhitelistedUid(int uid); void removeRestrictBackgroundWhitelistedUid(int uid); int[] getRestrictBackgroundWhitelistedUids(); The whitelist is persisted in the same XML used for the other policies, using the new 'whitelist and 'restrict-background' tags. Examples: 3 whitelisted apps: <whitelist> <restrict-background uid="10001" /> <restrict-background uid="10009" /> <restrict-background uid="10086" /> </whitelist> No whitelisted app: <whitelist /> BUG: 26451391 Change-Id: I01b114c346fd8abc05433ad43d010379384f8c2b
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
377ded0fce449f77cd7efae35f97722cdab52693 |
|
10-Jan-2016 |
Jeff Sharkey <jsharkey@android.com> |
Fix NPE when UID has no packages. Bug: 25224723 Change-Id: I637214666a1f02bd23474c27a285eea9152cfa9d
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
c5967e9862489024c932b0c7fcb84ed0af2a7fd7 |
|
08-Jan-2016 |
Jeff Sharkey <jsharkey@android.com> |
More progress on triaging PackageManager callers. Catch a bunch of simple cases where the PackageManager flags are obvious. Add the ability to use the MATCH_SYSTEM_ONLY flag on PackageInfo and ApplicationInfo queries. Re-examine recent tasks after a user is unlocked, since some of the activities may now be available and runnable. Bug: 26471205, 26253870 Change-Id: I989d9f8409070e5cae13202b47e2c7de85bf4a5b
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
e06b4d1d9f718b9fe02980fea794a36831a16db2 |
|
06-Jan-2016 |
Jeff Sharkey <jsharkey@android.com> |
Consistent naming for PackageManager methods. When hidden PackageManager methods take a userId argument, they should be named explicitly with the "AsUser" suffix. This fixes several lagging examples so that we can pave the way to safely start passing flags to new methods without scary overloading. Also fix spacing issues in various logging statements. Change-Id: I1e42f7f66427410275df713bea04f6e0445fba28
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
2a9e3f8e6813716ab88ca54fd04ae047dc9aaaeb |
|
18-Dec-2015 |
Jeff Sharkey <jsharkey@android.com> |
Better named encryption flags, start triaging. Create distinct flags for encryption aware, unaware, and both, and name them like the other MATCH_ flags. Start adding logic to help triage all system internal callers to verify that they've done their homework and thought about how to handle apps while locked. Call sites in the system should either ask for explicit matching behavior, or explicitly use the DEFAULT match flag to indicate that they've been triaged to use the default state-based matching. Bug: 26250295 Change-Id: I86214e5c4f71a6dc72f06930800388713aecd107
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
bef28feba57be7fd6a4d14a85a8229154338b2ed |
|
30-Oct-2015 |
Dianne Hackborn <hackbod@google.com> |
Initial stab at background check. Actually, this implementation is more what we want for ephemeral apps. I am realizing the two are not really the same thing. :( For this implementation, we now keep track of how long a uid has been in the background, and after a certain amount of time (currently 1 minute) we mark it as "idle". Any packages associated with that uid are then no longer allowed to run in the background. This means, until the app next goes in the foreground: - No manifest broadcast receivers in the app will execute. - No services can be started (binding services is still okay, as this is outside dependencies on the app that should still be represented). - All alarms for the app are cancelled and no more can be set. - All jobs for the app are cancelled and no more can be scheduled. - All syncs for the app are cancelled and no more can be requested. Change-Id: If53714ca4beed35faf2e89f916ce9eaaabd9290d
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
24937d235da1648ece1866ce326da539c0ccb4bf |
|
03-Nov-2015 |
Dianne Hackborn <hackbod@google.com> |
resolve merge conflicts of 3aee38c86e to master. Change-Id: I9ff3f92b37e24f5f0527a0034b159920f6d7ffe1
|
9a13cc69926c90fe75b624a9a781dc56706a6091 |
|
03-Nov-2015 |
Dianne Hackborn <hackbod@google.com> |
Merge "Fix issue #25357209: Could not send SMS or MMS messages, had to reboot" into mnc-dr-dev am: 71e4984505 * commit '71e49845054a3a7dacc51efc4fe658818caec048': Fix issue #25357209: Could not send SMS or MMS messages, had to reboot
|
fcc95a6d2c749d6b77eca14bf301d665d858a840 |
|
02-Nov-2015 |
Dianne Hackborn <hackbod@google.com> |
Fix issue #25357209: Could not send SMS or MMS messages, had to reboot I think what probably happened is that since we only report an app going in to the "interaction" state as an interaction event to usage stats, apps that sit around in that state forever will only see one interaction at the start and never again. So usage stats could start thinking they are idle. Fix this by having the activity manager report an interaction event for such long running applications at least once a day. Also, because it is correct and for paranoia by protected us another way, system uids should never go in to standby. Change-Id: I8a3805bfca86cbe78560488a649ecd07427da99a
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
d166333eb5d3886a18a3a951d833a6d01cb8340d |
|
21-Oct-2015 |
Kevin Cernekee <cernekee@google.com> |
Merge "ignore initial request to disable iptable chain" into mnc-dr-dev am: 3554d62ca0 * commit '3554d62ca02bf6bc7777d1b22699876ec388fe6c': ignore initial request to disable iptable chain
|
690f18a5648e292c29f17b248644e7b887c1f52c |
|
20-Oct-2015 |
Xiaohui Chen <xiaohuic@google.com> |
ignore initial request to disable iptable chain iptable child chains are disabled by default. Ignore the initial disable request so netd won't throw errors when it cannot detach chains that do not exist. Bug: 22800189 Change-Id: I70b4b8b9e6a5dbffe32841941922b7fd92dcd3d6 Original-Change-Id: I9312dd558ba6d59dc6aa394afeb66a222daafcf9 [cernekee: backported from master branch]
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
7c3e44265147073e5949c42c27134274472990a1 |
|
13-Oct-2015 |
Jeff Sharkey <jsharkey@android.com> |
Maybe we can build? Change-Id: Id0ea9da94f8672cc18430903cd8e9c8a6b8ef8e7
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
75f47866066d5b06924530417c7cb72296753ccb |
|
13-Oct-2015 |
Jeff Sharkey <jsharkey@android.com> |
resolved conflicts for f20a5700 to master Change-Id: I1f13a63c3680901fac58ef709118c9242032b11f
|
7f6d8754e6d509bf17fe0c46130c884b16706b12 |
|
12-Oct-2015 |
Jeff Sharkey <jsharkey@google.com> |
am a03ecf7d: Merge "Push firewall rules up to ConnectivityService." into mnc-dr-dev * commit 'a03ecf7d7c8ff2844caf5feecc6d29f1f7346ff9': Push firewall rules up to ConnectivityService.
|
dc988061ac145c86d6871e249d65ca326aaff99f |
|
14-Sep-2015 |
Jeff Sharkey <jsharkey@android.com> |
Push firewall rules up to ConnectivityService. getActiveNetworkInfo() and friends already know how to augment their results to help apps detect when network access is blocked. This change wires up the new app-idle and device-idle firewall rules to be reported through these APIs. This also causes other platform tools like DownloadManager and SyncManager to respect these new policies. Bug: 24050462 Change-Id: Id9517b0b70be7e3ca2ab27bed8049db916e4d829
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
be3b06766a1ed0e8cecb78c98f08dc2c2703a6d8 |
|
02-Sep-2015 |
Xiaohui Chen <xiaohuic@google.com> |
Clean up USER_OWNER in NetworkPolicyManagerSvc Removed some TODOs about network usage warnings going to OWNER only. It is updated to send the warning to all users. Bug: 19913735 Change-Id: Ie49703626a10a530ede28062090d39a3d23dff48
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
7619dba79e3aa422962898920547ac18573ac9c9 |
|
13-Aug-2015 |
Jeff Sharkey <jsharkey@google.com> |
am 59a18530: am b4ac3781: am d913d78a: am ea68c4ce: am c97509c0: Merge "Update ifaces when global restriction changes." into mnc-dev * commit '59a18530f5fc0152b7a7609bd2ed2128fa8e7fc7': Update ifaces when global restriction changes.
|
d913d78a331de5e488b27810d8dd18399f50de48 |
|
13-Aug-2015 |
Jeff Sharkey <jsharkey@google.com> |
am ea68c4ce: am c97509c0: Merge "Update ifaces when global restriction changes." into mnc-dev * commit 'ea68c4ceacbe235c4d8688437010d855ef02e1fb': Update ifaces when global restriction changes.
|
9d14206594c0b50a539ee73e37804542694937d6 |
|
13-Aug-2015 |
Jeff Sharkey <jsharkey@android.com> |
Update ifaces when global restriction changes. Global restriction of background data only applies to metered interfaces, but battery saver applies to all interfaces. In the very specific case where global background had been turned on while battery saver was enabled, we'd end up with a stale battery saver rule floating around. This change triggers an update of iface rules when the global restriction changes, giving us consistent behavior. Bug: 23098198 Change-Id: I454dc71cf11d50a2e9e6122e8a801ff17039b43a
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
143ebdb94e13f7a9fee2c9f3801bda1df17844c1 |
|
11-Aug-2015 |
Zach Johnson <zachoverflow@google.com> |
DO NOT MERGE Allow a custom component to handle network policy notifications Broadcasts information about network policy notifications to a custom component, if specified, so it can handle them. Also exposes an API to snooze warning notifications. Change-Id: Ic89478fa437861e2d4b6a9443858bcaf12122fba
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
908109c1f909cbeeb766f551c16121ddd1a3adba |
|
08-Aug-2015 |
Dianne Hackborn <hackbod@google.com> |
am 0385e3e9: am 8e63bbfd: am efa4dee1: am 977d421a: am f0e5501e: Merge "Fix issue #22989030: Separate battery whitelists" into mnc-dev * commit '0385e3e908fb9988bb2d2d0d15e32cb6a819b34e': Fix issue #22989030: Separate battery whitelists
|
4a503b1ece485d44c15eb02ec2bcd464b46e6f7f |
|
07-Aug-2015 |
Dianne Hackborn <hackbod@google.com> |
Fix issue #22989030: Separate battery whitelists We now have a new whitelist you can put apps in, which opts them out of the old battery saver mode and new app idle, but doesn't keep them from going in to doze. This is for a few special cases that we had previously whitelisted for battery saver, and inherited to the new modes... ultimately we should figure out how to get these apps out of the whitelist completely, but this will help for now. Apps in this new whitelist are not shown in the UI, because they are still significantly restricted by not being able to operate normally in doze. This also means they are still visible in the list of all apps for the user to be able to put them on/off the complete whitelist if that is what they really want. In the course of doing this, I needed to clean up code in the network policy manager to better separate management of the two firewall rules that now have different whitelists applied to them. This also hopefully just generally simplifies and cleans up that code. Hopefully! Change-Id: I92e15f2f85899571dd8b049b5e3eb1354f55f353
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
896b49ad02b20cf0723241f1f28dd9bee43f2b99 |
|
29-Jul-2015 |
Xiaohui Chen <xiaohuic@google.com> |
ignore initial request to disable iptable chain iptable child chains are disabled by default. Ignore the initial request so netd won't throw errors when it cannot detach chains that does not exist. Bug: 22800189 Change-Id: I9312dd558ba6d59dc6aa394afeb66a222daafcf9
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
a9e72a7653d25ae1974dac3f1156d126c807e40c |
|
31-Jul-2015 |
Amit Mahajan <amitmahajan@google.com> |
Add OrSelf to privileged permission check. Bug: 22857263 Change-Id: Ide7105dfd653e3c271330822fb8cee7cf620e35d
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
72f83d6a05ddecd516787cedb3b49839bb287c6d |
|
27-Jul-2015 |
Julia Reynolds <juliacr@google.com> |
Allow Settings to set background data restrict on secondary users. Bug: 22721091 Change-Id: Iadfbd25f75f233f2c3c080e0de05b0244572b6cd
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
fd854ee58c5d56f84047007ead9f88a767ae956f |
|
14-Jul-2015 |
Dianne Hackborn <hackbod@google.com> |
Fix issue #21626564: MMS should be receivied while Dozing We now place whoever is receiving the MMS on the temporary whitelist while doing so, so they can get network access to download it. There was also an issue that needed to be fixed where we were no longer updating the list of allowed uids while dozing based on their proc states... we now do that. Also did a bit of optimization of the temp white list update path do the network policy manager, instead of going through a broadcast we now directly call in to the network policy manager. This also allows us to have a synchronous version of updating the list, so we can know the app has network access before we tell it to do anything. Finally added battery stats events for things going on and off the whitelist so we can diagnose the behavior there. Change-Id: Ic7fe010af680034d9f8cb014bb135b2addef7455
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
7c5befa4a7ccd6e7e91ffdd93264b717259ec863 |
|
14-Jul-2015 |
Amit Mahajan <amitmahajan@google.com> |
Add checks for READ_PRIVILEGED_PHONE_STATE. Callers will have either PRIVILEGED or regular READ_PHONE_STATE. Bug: 22468536 Change-Id: I60251f61250a975f4147b027d2539824a728e3b5
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
3b16cf4f47142a845bf0ede54ef8ef956506c6c3 |
|
02-Jul-2015 |
Dianne Hackborn <hackbod@google.com> |
Device idle fixes: issue #22209630 and issue #22225665 Issue #22209630: Only allow whitelisted apps to put apps on the temp whitelist We now check whether the calling app is a system uid or in the whitelist and, if not, throw an exception. Issue #22225665: Alarm still goes off in idle mode (doze) Fix a bug where we were not clearing the calling identity when coming through the dump command to the service, and as a result when we would eventually call out to the alarm manager it wouldn't do what we want. This was only broken when being controlled by the shell. Also adjust the network policy manager service's handling of device idle transitions to only toggle the device idle state, which gets rid of the long delay we have coming out of idle mode. And add in a bit of logging around going in/out of idle mode to try to understand where things may be slow in the future. Change-Id: I4a41f790e9b0bb31330314b94111557d479f2ba5
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
c915eebbf8782f64c5d7167a72c4c4f1d35f6e83 |
|
27-Jun-2015 |
Xiaohui Chen <xiaohuic@google.com> |
fix temp white list update in device idle It appears firewall rules for temp white list is updated differently from the non temp one. The non temp one will trigger a global update but the temp one is updating only the uids in the list one by one. The individual uid firewall rule update does not work well with dozable chain. This cl moves the dozable chain update logic out and put it where the white list is updated. BUG:22094135 Change-Id: I425c82da6231b1ef119664907705d0880365f339
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
8dca36dc8a5d17315775ce216689addc5bd9be00 |
|
19-Jun-2015 |
Xiaohui Chen <xiaohuic@google.com> |
system_server: optimize app idle parole state change Currently when app idle parole state changes, all idle apps' states are updated one by one including firewall modifications which are very expensive. This optimization gets rid of individual firewall rule changes and makes sure we only modify the firewall once at child chain level. BUG: 21446713 Change-Id: Iafc415fe0bc127826fe17894d4fedcf1755cb17d
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
802ece61399e94bbe98cafaa277c71bee73c03ba |
|
18-Jun-2015 |
Xiaohui Chen <xiaohuic@google.com> |
Merge "system_server: add two child chains to firewall" into mnc-dev
|
b41c9f7f39939cee8d226eb5e506c3f0573f44f5 |
|
18-Jun-2015 |
Xiaohui Chen <xiaohuic@google.com> |
system_server: add two child chains to firewall This is an attempt to speed up getting out of device idle. It groups uid firewall rules in these child chains so we can attach/detach a whole chain instead of individual uid rules. BUG:21446713 Change-Id: Ie8f392da2deabe7cc86a9ecf4ed080163861d41e
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
1958e5e7870579337f1d1d3e6c6fae096ba3abb9 |
|
13-Jun-2015 |
Dianne Hackborn <hackbod@google.com> |
Fix issue #21813831: Need API for asking to be added to power whitelist Add the API. Clean up a few related things. Change-Id: I190adad1812f36f6095b98a1001fedb94874e8b5
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
06f0806bd54e907f3d6d2069d263c700bd91260c |
|
12-Jun-2015 |
Amith Yamasani <yamasani@google.com> |
Update network state of apps leaving the whitelist Bug: 21787562 Change-Id: I9f45acc58ba0b4b6cfed08aecbf081a5f57eb217
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
af575b9f8e1b59be9c8862b6a65c0dcb88145a23 |
|
30-May-2015 |
Amith Yamasani <yamasani@google.com> |
Temporarily whitelist an app for network during doze API to allow an app to be whitelisted for network and wakelock access for a short period. So even if the device is in idle mode, such apps can be given a chance to download the payload related to a high priority cloud-to-device message. This API is meant for system apps only. A new permission CHANGE_DEVICE_IDLE_TEMP_WHITELIST is required to make this call. Bug: 21525864 Change-Id: Id7a761a664f21af5d7ff55aa56e8df98d15511ca
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
e3e314df4d52881225326d426a76e3e7f1bc40d3 |
|
20-Apr-2015 |
Stuart Scott <stuartscott@google.com> |
Network Reset should have a lockdown like Factory Reset. bug:20332322 Change-Id: I7c61a011d11e89513757f112abf320bb2a785edb (cherry picked from commit 94b038bbb291431a7b39611d72f206b07e839891)
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
d23e0d6901935588f9472bd7073fea0009581e9b |
|
16-May-2015 |
Dianne Hackborn <hackbod@google.com> |
Update power manager to track uid state like netstats. To follow the correct semantics for when restricts due to device idle can be applied, power manager need to know about uid process states like net policy so that it can allow wake locks from apps that are in the foreground. Since this is being added to a second place, I reworked things so that the activity manager now keeps track of per-uid process states and allows apps to register to listen to those, rather than having to track lower-level process states and transform them into an overall uid state. Both net policy and power manager use this new facility. Change-Id: I77359164c40d0f36fe1ef296dd9f9c3062431148
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
9e9e2e73c6ec7bece20268196dc89ad0c8bafad4 |
|
08-May-2015 |
Wojciech Staszkiewicz <staszkiewicz@google.com> |
Pass charset to XmlPullParser.setInput instead of null Passing null to XmlPullParser.setInput forces it to do additional work, which can be easily avoided if we know the charset beforehand. bug: b/20849543 Change-Id: Iaff97be9df2d0f99d7af8f19f65934439c9658e2
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
f7b795ca1a552909d333ed3f2d5ec881a8b23144 |
|
30-Apr-2015 |
Dianne Hackborn <hackbod@google.com> |
Merge "Update use of procstate for services." into mnc-dev
|
d69e4c1460017062e7c36be55801cb434ad19d97 |
|
24-Apr-2015 |
Dianne Hackborn <hackbod@google.com> |
Update use of procstate for services. Now that we have a separate foreground service proc state (above a sleeping top app), update various system services to put their bindings into this state when appropriate. There are two new bind flags for this -- one that just always makes it a foreground service, another that only does it when the device is awake (useful for things like the wallpaper). And with all of that, tweak network policy manager to only include apps that are at least foreground service state when in power save and device idle modes. This will allow us to further reduce the set of apps that have network access (in particular not giving access to the current top app when the screen is off), hopefully leading to even better battery life. Change-Id: I91d85a5c5ed64e856149e9a5d94a634a7925ec7f
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
15e47235c055495ec0ccc24768a6746a960d3a61 |
|
25-Apr-2015 |
Amith Yamasani <yamasani@google.com> |
Remove network access for idle apps Track apps going in and out of idle in the NetworkPolicyManagerService. Apply DROP rules in firewall controller if app is to be blacklisted for network access. Firewall can now be in whitelist (old) or blacklist mode. When in blacklist, it allows all by default and we can selectively DENY some uids. Track app idle in UsageStats and update periodically. Track charging/discharging states. TODO: Check for appidle temporary parole state Bug: 20066058 Change-Id: Ia65d7544204b3bcb78a517310ef4adcc05aac6fb
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
0b4daca9ba54b7252ea8c159218391380eb00c8a |
|
27-Apr-2015 |
Dianne Hackborn <hackbod@google.com> |
Implement user-settable power save whitelist. The whitelist is now maintained by DeviceIdleController, which is moving out into its own independent system service. Network stats now queries it for the whitelist, instead of collecting that itself. Also did a few improvements in alarm manager -- made the code for moving alarms out of the pending list more robust, and fixed the debug output to always print the contents of the pending list even if we aren't in a pending state. (That would have helped me identify the problem much earlier.) Change-Id: I0f7119d4c553c3af4d77b2f71246fa6e2c13c561
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
9a9a1d923d476ab21624fa9c5da69e0a4daf51fc |
|
20-Apr-2015 |
Stuart Scott <stuartscott@google.com> |
Fixing build break Change-Id: I7ab3673627d1fda2d96a17c7e1823417fcb5cfef
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
f1fb39763d87dabe254b6ed64ac8f20145035bc0 |
|
03-Apr-2015 |
Stuart Scott <stuartscott@google.com> |
Move factoryReset to service and protect. bug:16161518 Change-Id: I02d1bbae1887c62ee426e6f03e8bc1f18c6666bf
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
f851d6dd2a15b74f63c85403afad0ed747f7311c |
|
20-Apr-2015 |
Erik Kline <ek@google.com> |
CONNECTIVITY_ACTION is the new _IMMEDIATE Bug: 20013379 Change-Id: I3e904dc0a0ddb30c7bb8cdb24d0762052ddc59eb
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
16a16899505ec0a9ede5b76650bfb8817b3227c7 |
|
16-Apr-2015 |
Svet Ganov <svetoslavganov@google.com> |
Add OP_READ_PHONE_STATE app op - framework The READ_PHONE_STATE permission protects PII information and is in the Phone group. This change is adding the corrseponding app op for gating access to the API guarded by READ_POHNE state which will be used instead as an access control for legacy apps. Change-Id: I2ff895a5a0e529f26ec0ad706266a30d829268ba
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
88e98dfa59e68a860d8c3b462ec03bc0b06d6b5c |
|
23-Mar-2015 |
Dianne Hackborn <hackbod@google.com> |
More work on device idle mode. - There is now an API for people to find out about its state. - Moved DeviceIdleController to be closer to the power manager implementation, since they are closely related. - Job scheduler now knows about idle state and doesn't run jobs while the device is idle. - Battery stats now keeps track of "idling" vs "idle mode". Idling is when we consider the device to be idle, independent of whether we are actually in deep idle mode. This allows us to keep track of longer-term changes independently of cycling in and out of idle mode. - Battery stats also now keeps track of package changes in its daily stats. - Small optimization to network policy manager service to not touch uids that do not have the NETWORK permission. Change-Id: I0b3304fb3722c78cdfdd0c1eada7369ece7cbcf9
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
79ec42e6a3c6a6f6a00ef3ad92221a5ad2149aa9 |
|
20-Mar-2015 |
Dianne Hackborn <hackbod@google.com> |
Merge "First stab at device idle mode."
|
8ad2af7e5b28f71e7bdfc1bb097937c6c1d22b18 |
|
18-Mar-2015 |
Dianne Hackborn <hackbod@google.com> |
First stab at device idle mode. Introduce a new device idle controller service that monitor's the device state and determines when to go in to idle mode. When in idle mode, all we do right now is turn off network access the same as we do for power save mode. Many more things should come in the future -- stopping the alarm manager from scheduling (most) alarms, telling GmsCore for it to stop doing stuff, etc. Battery stats now has state tracking for devie idle mode, as well as events for the reasons we can come out of idle mode (significant motion or the device becoming active). Also added new events noting when packages are installed. Renamed the "low power" event in battery stats to "power save" because the former was just way too confusing. Finally, fix buffer size reading kernel wake locks. (Stupidly, just increasing the buffer size. Ideally we should try to be smarter and grow our buffer to fit the data available, but I'll leave that for another time.) Change-Id: I0be2062466c83ee9d890c6cf5a228d9cc4090eca
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
4a357cd2e55293402d7172766f7f9419815fc1e8 |
|
19-Mar-2015 |
Alan Viverette <alanv@google.com> |
Replace usages of deprecated Resources.getColor() and getColorStateList() Change-Id: I8f64fe6c4c44a92ff6d07250223ba590a1d691b0
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
08c7116ab9cd04ad6dd3c04aa1017237e7f409ac |
|
28-Feb-2015 |
John Spurlock <jspurlock@google.com> |
Remove unused imports in frameworks/base. Change-Id: I031443de83f93eb57a98863001826671b18f3b17
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
3256601f5e4d94713f59e97b9d4912875c1bdcaf |
|
03-Dec-2014 |
Jeff Sharkey <jsharkey@android.com> |
Offer to "merge" subscribers for data usage. There are some cases where multiple subscriber identities (IMSI) should be treated as "merged together" from a data usage perspective. This is done by extending the template used for matching purposes to support multiple subscribers. Then, when we query historical usage or set network policies, we normalize the matching template to merge to any other identities that should be included. When normalizing, the "lowest" identity is always used for equality and storage purposes, which allows identities to come and go over time. This change also fixes data usage recording for multi-SIM devices by passing along the concrete subscriber identity for each network interface. Also correctly create default policies for multi-SIM devices. This change also drops setPolicyDataEnable() until it can be wired up to the right underlying NetworkAgent. (This means we still bring up the network, and then rely on iptables rules to block traffic when over the limit, instead of proactively disabling the connection.) Bug: 18012787 Change-Id: If6acf32009fdfea2b836f5aff8e2f3e5e0248b4a
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
92d141fbc2f6bfc85dca1056e40512cba6d1dddb |
|
11-Sep-2014 |
Vinit Deshpande <vinitd@google.com> |
Don't require CONNECTIVITY_INTERNAL check for protected broadcasts This change removes requirement that sender has this permission for protected broadcasts (since they can only come from framework) Bug: 17409667 Change-Id: I3431c20a4ed28b3ba2bfc3cf53772e63a3424a2c
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
255dd04271088590fedc46c8e22b2fd4ab142d39 |
|
19-Aug-2014 |
Selim Cinek <cinek@google.com> |
Added notification color to all system notifications Bug: 17128331 Change-Id: I81a94510ef51b99916f314c0dd65852426a1fbeb
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
9da2f1e007268a42248a1778aa9b560e3ce3b704 |
|
14-Aug-2014 |
Jeff Sharkey <jsharkey@android.com> |
Some networks may have null ifaces, I guess? Seems like a bug further upstream, but guard ourselves against it for now. Bug: 17033841 Change-Id: Id0e5895c3389b63d4e34b1fb064efef8b72cd609
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
eb2c2c790c4b86c9c09245e0b87a38972713434a |
|
12-Aug-2014 |
Jeff Sharkey <jsharkey@android.com> |
Hack and ship: NetworkStats edition. Some devices use clatd for catching raw IPv4 traffic when running on a pure-IPv6 carrier network. In those situations, the per-UID stats are accounted against the clat iface, so framework users need to combine both the "base" and "stacked" iface usage together. This also means that policy rules (like restricting background data or battery saver) need to apply to the stacked ifaces. Finally, we need to massage stats data slightly: -- Currently xt_qtaguid double-counts the clatd traffic *leaving* the device; both against the original UID on the clat iface, and against UID 0 on the final egress interface. -- All clatd traffic *arriving* at the device is missing the extra IPv6 packet header overhead when accounted against the final UID. Bug: 12249687, 15459248, 16296564 Change-Id: I0ee59d96831f52782de7a980e4cce9b061902fff
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
aedebda776ee3a68eda498a79bf14855e5f5d62e |
|
14-Jul-2014 |
John Spurlock <jspurlock@google.com> |
Update data limit notification icon + strings. - Use a more specific disabled cellular data icon. - Reword framework strings to use "Cellular" instead of "Mobile" and avoid "enabled/disabled" - Update SystemUI's network limit dialog to follow suit. Bug:16185238 Change-Id: Ie9191990fab17cd7dc04395fad39f84bfff8349d
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
497175beffe26336c092ee11a67b90f79dcdaca7 |
|
01-Jul-2014 |
Dianne Hackborn <hackbod@google.com> |
Rework network stats to use proc state for fg/bg. Switch to using the process state to determine whether a process should be foreground or background, instead of the boolean foreground given by the activity manager. This is for battery save mode, where we can now allow more apps to havenetwork access: everything whose process state is at least IMPORTANT_FOREGROUND, which allows music playback and other use-visible things to continue to have network access. Note this also impact the traditional background data disabled state, where now we allow anything top or better to have network access. This automatically includes all persistent processes, the current top activity, and any other processes hosting the top activity or being used by the top activity. So it broadens the set of apps that get network access, but I think this increases it to a reasonable set of things that may actually be needed for the foreground app to work correctly. Change-Id: Icb609a2cea280dc3fa3e83417f478ed77f3685aa
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
be7c50e0a14e91330ce13161bc14a33d34ff6aca |
|
30-Jun-2014 |
Dianne Hackborn <hackbod@google.com> |
Add network access blocking when in battery save mode. The network policy manager now monitors battery save mode and, when in battery save, uses its facility to block access to metered networks to block access to all networks. That is, it tells the network management service that all networks have an (infinite) quota, and puts various app uids to be restricted under quota interfaces as appropriate. This new network blocking needs a new facility to be able to white list apps, such as GmsCore. To do this, I refactored the package manager's permission configuration stuff into a separate SystemConfig class that can be used by others, and it now has a new tag to specify package names that should be white-listed for power save mode. These are retrieved by the network policy manager and used to build a whitelist of uids. The new general config files can now go in system/etc/config, though currently everything still remains in the permissions dir. Still left to be done is changing the semantics of what uids are allowed in this mode, to include all perceptable uids. (So that we can still do things like background music playback.) This will be done in a follow-on CL. Change-Id: I9bb7029f61dae62e6236da5ca60765439f8d76d2
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
684bf34ee8acc41931fac23762b13e14a22011db |
|
30-Apr-2014 |
Dianne Hackborn <hackbod@google.com> |
Switch IProcessObserver to report process state When IProcessObserver was created, the only information we had for the state of a process was its "importance". Now we have the process state, which is much more useful. Switch to reporting that. Change-Id: Icdb3eea8cf96f4eff7ed3d584f940a1bd9cc3884
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
037c33eae74bee2774897d969d48947f9abe254f |
|
09-Apr-2014 |
Jeff Brown <jeffbrown@google.com> |
Plumb display power state through display manager. Declare a new method, Display.getState() to retrieve the actual power state of a display. Improved documentation for Intent.ACTION_SCREEN_ON and Intent.ACTION_SCREEN_OFF to clarify what they really mean in terms of the interactive state of the device. Deprecated PowerManager.isScreenOn() and replaced it with PowerManager.isInteractive() with a more suggestive name and better documentation. Redirect display power state changes to go through the display manager first and only then head over to the power manager for legacy compatibility. Eliminated the bright here and woke here policy flags since they were unused. Simplified the input dispatch policy somewhat. Ensure that screen wake locks are respected up until the point when dozing really begins. Fixed a regression in DreamService where onDreamingStarted might be called before onWindowAttached. Bug: 13133142 Bug: 13472578 Bug: 13929355 Bug: 13760290 Change-Id: Iabef96921dd554ce3768fb18619cefc3230b5fb0
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|
9158825f9c41869689d6b1786d7c7aa8bdd524ce |
|
22-Nov-2013 |
Amith Yamasani <yamasani@google.com> |
Move some system services to separate directories Refactored the directory structure so that services can be optionally excluded. This is step 1. Will be followed by another change that makes it possible to remove services from the build. Change-Id: Ideacedfd34b5e213217ad3ff4ebb21c4a8e73f85
/frameworks/base/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
|