Migrate networking, storage, battery, DropBox, and PackageManager
related Secure settings to Global table.
Bug: 7232014, 7231331, 7231198
Change-Id: I772c2a9586a2f708c9db95622477f235064b8f4d
When a user is removed, migrate all network stats belonging to that
user into special UID_REMOVED bucket. Also removes those stats from
kernel to avoid double-counting if another user is created.
Bug: 7194784
Change-Id: I03f1d660fe3754566326b7749cae8068fc224ea9
For multi-user devices, switch to storing policy per-user instead of
per-app. Also watch for user added/removed broadcasts to clean up
policies and apply global restrictions.
Bug: 7121279
Change-Id: Ia7326bd0ebe0586fa4ec6d3a62f6313dc8814007
Replaced all remaining places that used it with explicit user
specification.
While doing this, I ran into stuff that was creating PendingIntent
objects (that now need to specify the explicit user they are for),
which are also posting notifications... but have no way to specify
the user for the notification.
So the notification manager in the system process now also gets a
formal concept of a user associated with the notification, which
is passed in to all the necessary aidl calls. I also removed the
old deprecated aidl interface for posting/cancelling notifications,
since we now always need a user supplied.
There is more work that needs to be done here, though. For example
I think we need to be able to specify USER_ALL for a notification that
should be shown to all users (such as low storage or low battery).
Along with that, the PendingIntent creation needs to be tweaked to
be able to handle USER_CURRENT by evaluating the user at the point the
pending intent is sent.
That's for another change, however.
Change-Id: I468e14dce8def0e13e0870571e7c31ed32b6310c
You can now use ALL and CURRENT when sending broadcasts, to specify
where the broadcast goes.
Sticky broadcasts are now correctly separated per user, and registered
receivers are filtered based on the requested target user.
New Context APIs for more kinds of sending broadcasts as users.
Updating a bunch of system code that sends broadcasts to explicitly
specify which user the broadcast goes to.
Made a single version of the code for interpreting the requested
target user ID that all entries to activity manager (start activity,
send broadcast, start service) use.
Change-Id: Ie29f02dd5242ef8c8fa56c54593a315cd2574e1c
Adds support for always-on VPN profiles, also called "lockdown." When
enabled, LockdownVpnTracker manages the netd firewall to prevent
unencrypted traffic from leaving the device. It creates narrow rules
to only allow traffic to the selected VPN server. When an egress
network becomes available, LockdownVpnTracker will try bringing up
the VPN connection, and will reconnect if disconnected.
ConnectivityService augments any NetworkInfo based on the lockdown
VPN status to help apps wait until the VPN is connected.
This feature requires that VPN profiles use an IP address for both
VPN server and DNS. It also blocks non-default APN access when
enabled. Waits for USER_PRESENT after boot to check KeyStore status.
Bug: 5756357
Change-Id: If615f206b1634000d78a8350a17e88bfcac8e0d0
Moved a bunch of methods from PackageManager to UserManager.
Fix launching of activities from recents to correct user.
Guest creation APIs
Change-Id: I0733405e6eb2829675665e225c759d6baa2b708f
The activity notification is received from netd, an intent
DATA_ACTIVITY_CHANGE is then raised for other part of the system to
consume.
Change-Id: Idfcc4763c51c5b314c57f546c12557082f06bebf
NetworkPolicy currently uses a single background thread to process
various broadcasts. When processing other broadcasts, this thread
can block our handling of SCREEN_ON/OFF, which are sent as ordered
broadcasts.
This change moves SCREEN_ON/OFF handling to the main thread, and
dispatches a one-way message to the background thread, allowing the
ordered broadcast to always proceed.
Bug: 6677047
Change-Id: I52de2c7b75beb8059bb87e123689ba4a9c4ae349
Continues to check MANAGE_NETWORK_POLICY permission. This allows
SystemUI to invoke snoozeLimit() without CONNECTIVITY_INTERNAL.
Bug: 6653091
Change-Id: I464bf62b79f2647c6b6db151251a0036897d0cc0
It now has a new callback to report changes in the "importance"
of processes. Rewrote the dispatching code to be a bit more
efficient now that we are sending more reports.
Change-Id: Ie865cfd286455819f04e8c14e9b6fd54d028f8f2
When XT stats are available, transition to prefer them over DEV,
since they aren't subject to hardware driver bugs. Only switches at
the first atomic XT bucket, and adds a Settings.Secure flag to force
back to DEV if needed. Includes tests to cover transition.
Fix tests where device overlay would change which network types
reflected data usage. Test both history and summary APIs. Fixed
collection timestamps to reflect full buckets.
Bug: 6504744
Change-Id: Idd7f3b2fdb064c36547c85c51c214fd938c59b7e
In rewriteSingle(), catch Throwable to rollback to backup file,
instead of just IOException. Also add dumpAll() to pack up contents
for later debugging, and use it when encountering bad stats.
Bug: 6467868
Change-Id: Ic8e287cf5a235706811a304a88d71d11d3a79cd4
Default is 2MB persist threshold, but even that can be substantial
for devices on 100MB/month plans. This change gradually reduces the
persist threshold up to 8x lower (256kb outstanding) based on lowest
active policy.
Bug: 5382676
Change-Id: Ief4e8cdb169bfb151a3d1b45722a8eaa01926508
Add method to parse new iface_stat_fmt proc stats, or return null
when kernel support is unavailable. Add test and remove older, unused
parsing code. Create new "xt" recorder to persist the new xtables
counters when available.
Add SSID support to NetworkIdentity to fix policy tests.
Bug: 6422414
Change-Id: I77f70e9acb79a559ab626f3af5c4f3599801ed43
Always treat roaming connections as metered, and relax DHCP test to
match any substring for forward compatibility.
Bug: 6382737, 6375399
Change-Id: I9781a60f55fbe35da6f8bfc7a1d609608e8f0951
Since we control system services, we can ensure they are using little
data when data usage is globally restricted. Continue restricting
AID_MEDIA and AID_DRM, since they respond to app requests.
Bug: 6377903, 5772564
Change-Id: I196bf334f903397ea6a67e6802240ee792e47b54
When DHCP lease includes vendor info indicating that remote Wi-Fi
network is metered, advise NetworkPolicy. Users can still manually
change the metered flag in Settings.
Also remove any policies belonging to removed Wi-Fi networks, and
teach isNetworkMetered() about ethernet networks.
Bug: 6344821, 6369307, 6365872
Change-Id: I108606c6fddf2d02828fcab011f3a1501415f1bc
Report to developers if active network is "metered" and define it
as the user being sensitive to heavy data usage.
Bug: 3001465
Change-Id: I855ca3cd3eb1de3c4814148d70ccf24957af898a
Use xt_qtaguid iface_stat_all counters, which are monotonic during
a single boot.
Track all ifaces associated with mobile networks since boot, and
move TrafficStats to using these ifaces. This will include usage of
networks omitted from config_data_usage_network_types, specifically
on devices that recycle network interfaces across APNs.
Split wildcard template matching, and move NetworkStatsService to
use mobile wildcard when logging stats.
Bug: 5324515
Change-Id: I2211c374c05d1b598cc647f2f873630538955ffe
Users outside system_server now explicitly communicate their
lifecycle, which keeps a strong-reference chain to any fully loaded
NetworkStatsCollection histories.
Bug: 6236498
Change-Id: I8e22739b6e89a626b676967a736d7117fd000778
Add networkId field to NetworkIdentity to identify Wi-Fi networks by
SSID. Add support for policies without usage cycles.
Only apply mobile policies when SIM state is ready, which is cleaner
than just checking for airplane mode. Also avoids creating no-op
default policies when subscriberId is null.
Bug: 3001465, 3291052
Change-Id: I1f8aaa49a5db306df022c402ea7f3f5d4bc0cfc7
To support multi-user, store network policy per-appId and expand to
apply rules to all UserInfo on device.
Bug: 6140462
Change-Id: Ic0866b4d41c8c60cc1c0a597f0de927b92b65b1e
Subtype controls (3G-vs-4G) aren't exposed in the UI, so tracking
data with that granularity creates unnecessary overhead. For example,
some GSM networks can regularly flap between two subtypes.
Bug: 6118868
Change-Id: Id098891dba52336d00d0f96632a7924e228b4713
Instead of cycle reset at midnight UTC, use midnight of timezone
active when user last set cycle reset date. Tests to verify, and
also to test leap year behavior.
Bug: 5938567
Change-Id: Ie06f7f0fa242d23110f9586a3f4f7037af87b31b
