Merge "Add tests for PermissionMonitor"
diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java
index 4a64128..6ba4a30 100644
--- a/core/java/android/net/ConnectivityManager.java
+++ b/core/java/android/net/ConnectivityManager.java
@@ -3234,7 +3234,7 @@
*
* @hide
*/
- public void onPreCheck(Network network) {}
+ public void onPreCheck(@NonNull Network network) {}
/**
* Called when the framework connects and has declared a new network ready for use.
@@ -3247,8 +3247,9 @@
* @param blocked Whether access to the {@link Network} is blocked due to system policy.
* @hide
*/
- public void onAvailable(Network network, NetworkCapabilities networkCapabilities,
- LinkProperties linkProperties, boolean blocked) {
+ public void onAvailable(@NonNull Network network,
+ @NonNull NetworkCapabilities networkCapabilities,
+ @NonNull LinkProperties linkProperties, boolean blocked) {
// Internally only this method is called when a new network is available, and
// it calls the callback in the same way and order that older versions used
// to call so as not to change the behavior.
@@ -3272,7 +3273,7 @@
*
* @param network The {@link Network} of the satisfying network.
*/
- public void onAvailable(Network network) {}
+ public void onAvailable(@NonNull Network network) {}
/**
* Called when the network is about to be disconnected. Often paired with an
@@ -3288,7 +3289,7 @@
* network connected. Note that the network may suffer a
* hard loss at any time.
*/
- public void onLosing(Network network, int maxMsToLive) {}
+ public void onLosing(@NonNull Network network, int maxMsToLive) {}
/**
* Called when the framework has a hard loss of the network or when the
@@ -3296,7 +3297,7 @@
*
* @param network The {@link Network} lost.
*/
- public void onLost(Network network) {}
+ public void onLost(@NonNull Network network) {}
/**
* Called if no network is found in the timeout time specified in
@@ -3316,8 +3317,8 @@
* @param networkCapabilities The new {@link android.net.NetworkCapabilities} for this
* network.
*/
- public void onCapabilitiesChanged(Network network,
- NetworkCapabilities networkCapabilities) {}
+ public void onCapabilitiesChanged(@NonNull Network network,
+ @NonNull NetworkCapabilities networkCapabilities) {}
/**
* Called when the network the framework connected to for this request
@@ -3326,7 +3327,8 @@
* @param network The {@link Network} whose link properties have changed.
* @param linkProperties The new {@link LinkProperties} for this network.
*/
- public void onLinkPropertiesChanged(Network network, LinkProperties linkProperties) {}
+ public void onLinkPropertiesChanged(@NonNull Network network,
+ @NonNull LinkProperties linkProperties) {}
/**
* Called when the network the framework connected to for this request
@@ -3337,7 +3339,7 @@
* a tunnel, etc.
* @hide
*/
- public void onNetworkSuspended(Network network) {}
+ public void onNetworkSuspended(@NonNull Network network) {}
/**
* Called when the network the framework connected to for this request
@@ -3345,7 +3347,7 @@
* preceded by a matching {@link NetworkCallback#onNetworkSuspended} call.
* @hide
*/
- public void onNetworkResumed(Network network) {}
+ public void onNetworkResumed(@NonNull Network network) {}
/**
* Called when access to the specified network is blocked or unblocked.
diff --git a/core/java/android/net/LinkProperties.java b/core/java/android/net/LinkProperties.java
index 03d6d48..ad67763 100644
--- a/core/java/android/net/LinkProperties.java
+++ b/core/java/android/net/LinkProperties.java
@@ -316,9 +316,6 @@
@SystemApi
@TestApi
public boolean removeLinkAddress(@NonNull LinkAddress toRemove) {
- if (toRemove == null) {
- return false;
- }
int i = findLinkAddressIndex(toRemove);
if (i >= 0) {
mLinkAddresses.remove(i);
@@ -391,10 +388,7 @@
@TestApi
@SystemApi
public boolean removeDnsServer(@NonNull InetAddress dnsServer) {
- if (dnsServer != null) {
- return mDnses.remove(dnsServer);
- }
- return false;
+ return mDnses.remove(dnsServer);
}
/**
diff --git a/core/java/android/net/NetworkRequest.java b/core/java/android/net/NetworkRequest.java
index 3a41a07..acafa13 100644
--- a/core/java/android/net/NetworkRequest.java
+++ b/core/java/android/net/NetworkRequest.java
@@ -17,6 +17,7 @@
package android.net;
import android.annotation.NonNull;
+import android.annotation.RequiresPermission;
import android.annotation.SystemApi;
import android.annotation.UnsupportedAppUsage;
import android.net.NetworkCapabilities.NetCapability;
@@ -343,10 +344,14 @@
* current value. A value of {@code SIGNAL_STRENGTH_UNSPECIFIED} means no value when
* received and has no effect when requesting a callback.
*
+ * <p>This method requires the caller to hold the
+ * {@link android.Manifest.permission#NETWORK_SIGNAL_STRENGTH_WAKEUP} permission
+ *
* @param signalStrength the bearer-specific signal strength.
* @hide
*/
@SystemApi
+ @RequiresPermission(android.Manifest.permission.NETWORK_SIGNAL_STRENGTH_WAKEUP)
public @NonNull Builder setSignalStrength(int signalStrength) {
mNetworkCapabilities.setSignalStrength(signalStrength);
return this;
diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index bd93184..946c81f 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java
@@ -1892,6 +1892,15 @@
return false;
}
+ private boolean checkAnyPermissionOf(int pid, int uid, String... permissions) {
+ for (String permission : permissions) {
+ if (mContext.checkPermission(permission, pid, uid) == PERMISSION_GRANTED) {
+ return true;
+ }
+ }
+ return false;
+ }
+
private void enforceAnyPermissionOf(String... permissions) {
if (!checkAnyPermissionOf(permissions)) {
throw new SecurityException("Requires one of the following permissions: "
@@ -1966,6 +1975,12 @@
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
}
+ private boolean checkNetworkSignalStrengthWakeupPermission(int pid, int uid) {
+ return checkAnyPermissionOf(pid, uid,
+ android.Manifest.permission.NETWORK_SIGNAL_STRENGTH_WAKEUP,
+ NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
+ }
+
private void enforceConnectivityRestrictedNetworksPermission() {
try {
mContext.enforceCallingOrSelfPermission(
@@ -3738,16 +3753,6 @@
break;
}
case EVENT_SYSTEM_READY: {
- for (NetworkAgentInfo nai : mNetworkAgentInfos.values()) {
- // Might have been called already in handleRegisterNetworkAgent since
- // mSystemReady is set before sending EVENT_SYSTEM_READY, but calling
- // this several times is fine.
- try {
- nai.networkMonitor().notifySystemReady();
- } catch (RemoteException e) {
- e.rethrowFromSystemServer();
- }
- }
mMultipathPolicyTracker.start();
break;
}
@@ -4969,13 +4974,19 @@
}
}
- // This checks that the passed capabilities either do not request a specific SSID, or the
- // calling app has permission to do so.
+ // This checks that the passed capabilities either do not request a specific SSID/SignalStrength
+ // , or the calling app has permission to do so.
private void ensureSufficientPermissionsForRequest(NetworkCapabilities nc,
int callerPid, int callerUid) {
if (null != nc.getSSID() && !checkSettingsPermission(callerPid, callerUid)) {
throw new SecurityException("Insufficient permissions to request a specific SSID");
}
+
+ if (nc.hasSignalStrength()
+ && !checkNetworkSignalStrengthWakeupPermission(callerPid, callerUid)) {
+ throw new SecurityException(
+ "Insufficient permissions to request a specific signal strength");
+ }
}
private ArrayList<Integer> getSignalStrengthThresholds(NetworkAgentInfo nai) {
@@ -5423,15 +5434,6 @@
synchronized (mNetworkForNetId) {
mNetworkForNetId.put(nai.network.netId, nai);
}
- synchronized (this) {
- if (mSystemReady) {
- try {
- networkMonitor.notifySystemReady();
- } catch (RemoteException e) {
- e.rethrowFromSystemServer();
- }
- }
- }
try {
networkMonitor.start();
diff --git a/services/core/java/com/android/server/connectivity/KeepaliveTracker.java b/services/core/java/com/android/server/connectivity/KeepaliveTracker.java
index d7a57b9..35f7ea3 100644
--- a/services/core/java/com/android/server/connectivity/KeepaliveTracker.java
+++ b/services/core/java/com/android/server/connectivity/KeepaliveTracker.java
@@ -132,6 +132,7 @@
private static final int NOT_STARTED = 1;
private static final int STARTING = 2;
private static final int STARTED = 3;
+ private static final int STOPPING = 4;
private int mStartedState = NOT_STARTED;
KeepaliveInfo(@NonNull ISocketKeepaliveCallback callback,
@@ -314,6 +315,7 @@
}
}
if (NOT_STARTED != mStartedState) {
+ mStartedState = STOPPING;
Log.d(TAG, "Stopping keepalive " + mSlot + " on " + mNai.name());
if (mType == TYPE_NATT) {
mNai.asyncChannel.sendMessage(CMD_STOP_SOCKET_KEEPALIVE, mSlot);
@@ -456,8 +458,8 @@
ki = mKeepalives.get(nai).get(slot);
} catch(NullPointerException e) {}
if (ki == null) {
- Log.e(TAG, "Event " + message.what + " for unknown keepalive " + slot + " on "
- + nai.name());
+ Log.e(TAG, "Event " + message.what + "," + slot + "," + reason
+ + " for unknown keepalive " + slot + " on " + nai.name());
return;
}
@@ -476,27 +478,30 @@
// messages in order.
// TODO : clarify this code and get rid of mStartedState. Using a StateMachine is an
// option.
- if (reason == SUCCESS && KeepaliveInfo.STARTING == ki.mStartedState) {
- // Keepalive successfully started.
- if (DBG) Log.d(TAG, "Started keepalive " + slot + " on " + nai.name());
- ki.mStartedState = KeepaliveInfo.STARTED;
- try {
- ki.mCallback.onStarted(slot);
- } catch (RemoteException e) {
- Log.w(TAG, "Discarded onStarted(" + slot + ") callback");
- }
- } else {
- // Keepalive successfully stopped, or error.
- if (reason == SUCCESS) {
- // The message indicated success stopping : don't call handleStopKeepalive.
- if (DBG) Log.d(TAG, "Successfully stopped keepalive " + slot + " on " + nai.name());
+ if (KeepaliveInfo.STARTING == ki.mStartedState) {
+ if (SUCCESS == reason) {
+ // Keepalive successfully started.
+ if (DBG) Log.d(TAG, "Started keepalive " + slot + " on " + nai.name());
+ ki.mStartedState = KeepaliveInfo.STARTED;
+ try {
+ ki.mCallback.onStarted(slot);
+ } catch (RemoteException e) {
+ Log.w(TAG, "Discarded onStarted(" + slot + ") callback");
+ }
} else {
- // The message indicated some error trying to start or during the course of
- // keepalive : do call handleStopKeepalive.
+ Log.d(TAG, "Failed to start keepalive " + slot + " on " + nai.name()
+ + ": " + reason);
+ // The message indicated some error trying to start: do call handleStopKeepalive.
handleStopKeepalive(nai, slot, reason);
- if (DBG) Log.d(TAG, "Keepalive " + slot + " on " + nai.name() + " error " + reason);
}
+ } else if (KeepaliveInfo.STOPPING == ki.mStartedState) {
+ // The message indicated result of stopping : don't call handleStopKeepalive.
+ Log.d(TAG, "Stopped keepalive " + slot + " on " + nai.name()
+ + " stopped: " + reason);
ki.mStartedState = KeepaliveInfo.NOT_STARTED;
+ } else {
+ Log.wtf(TAG, "Event " + message.what + "," + slot + "," + reason
+ + " for keepalive in wrong state: " + ki.toString());
}
}
diff --git a/tests/net/java/android/net/IpPrefixTest.java b/tests/net/java/android/net/IpPrefixTest.java
index 3cc0e36..abf019a 100644
--- a/tests/net/java/android/net/IpPrefixTest.java
+++ b/tests/net/java/android/net/IpPrefixTest.java
@@ -231,7 +231,6 @@
assertFalse(p.contains(Address("2001:db8:f00::ace:d00e")));
assertFalse(p.contains(Address("2001:db8:f00::bad:d00d")));
assertFalse(p.contains(Address("2001:4868:4860::8888")));
- assertFalse(p.contains((InetAddress)null));
assertFalse(p.contains(Address("8.8.8.8")));
p = new IpPrefix("192.0.2.0/23");
diff --git a/tests/net/java/com/android/server/ConnectivityServiceTest.java b/tests/net/java/com/android/server/ConnectivityServiceTest.java
index 46a8955..c2fc0b3 100644
--- a/tests/net/java/com/android/server/ConnectivityServiceTest.java
+++ b/tests/net/java/com/android/server/ConnectivityServiceTest.java
@@ -3047,6 +3047,47 @@
}
@Test
+ public void testInvalidSignalStrength() {
+ NetworkRequest r = new NetworkRequest.Builder()
+ .addCapability(NET_CAPABILITY_INTERNET)
+ .addTransportType(TRANSPORT_WIFI)
+ .setSignalStrength(-75)
+ .build();
+ // Registering a NetworkCallback with signal strength but w/o NETWORK_SIGNAL_STRENGTH_WAKEUP
+ // permission should get SecurityException.
+ try {
+ mCm.registerNetworkCallback(r, new NetworkCallback());
+ fail("Expected SecurityException filing a callback with signal strength");
+ } catch (SecurityException expected) {
+ // expected
+ }
+
+ try {
+ mCm.registerNetworkCallback(r, PendingIntent.getService(
+ mServiceContext, 0, new Intent(), 0));
+ fail("Expected SecurityException filing a callback with signal strength");
+ } catch (SecurityException expected) {
+ // expected
+ }
+
+ // Requesting a Network with signal strength should get IllegalArgumentException.
+ try {
+ mCm.requestNetwork(r, new NetworkCallback());
+ fail("Expected IllegalArgumentException filing a request with signal strength");
+ } catch (IllegalArgumentException expected) {
+ // expected
+ }
+
+ try {
+ mCm.requestNetwork(r, PendingIntent.getService(
+ mServiceContext, 0, new Intent(), 0));
+ fail("Expected IllegalArgumentException filing a request with signal strength");
+ } catch (IllegalArgumentException expected) {
+ // expected
+ }
+ }
+
+ @Test
public void testRegisterDefaultNetworkCallback() throws Exception {
final TestNetworkCallback defaultNetworkCallback = new TestNetworkCallback();
mCm.registerDefaultNetworkCallback(defaultNetworkCallback);