After a reboot, KeyStore is locked, and certificates encrypted with user
PIN are not accessible. So statemachines are not able to connect to
EAP-TLS networks. This change makes the problem less severe by
1. Not signing certificates with user PIN on devices with hardware backed
KeyStore.
2. Issuing a reconnect upon first USER_PRESENT event.
This means HH (which has a hardware backed keystore) can connect to
EAP-TLS networks without requiring user intervention and other devices
will automatically connect to those networks after user punches PIN.
Bug: 10325089
Change-Id: I023d60e58d8214152f051bd9ec84b85b702d829a
This ignores any previous setting and instead uses
a value set at build time. This does not preclude
us from using some other signal to determine country
for wifi channel limits.
bug:10513734
Change-Id: Ib82c07285af70fbd82eb0466b7391979ebc8be10
ScanModeState is trying to undo whatever it did in its enter(), in its
exit() function. But doing that is incorrect because it is possible to
transition to multiple states that require different conditions.
In this bug, the state machine transitioned from ScanModeState to
WaitForP2pDisabled state; in response to Stop Supplicant command. Well,
when we are trying to stop supplicant, there is clearly no need to
enable P2P or load all networks. But since this code exists in exit(),
it is executed nonetheless, causing race conditions accessing the
wpa_supplicant (WifiStateMachine is trying to shut it down, but
P2pStateMachine is trying to bring up the p2p interfaces).
We solve that problem by moving this code to the place where we transition
to DisconnectedState - since that's the state that needs this as a
precondition.
Bug: 10761752
Change-Id: Iaf0ffd8056de8533b5d2bfdf8c440fbb7e406dac
Framework sets allowedKeyManagement to WPA_EAP + WPA_PSK, if
WifiConfiguration didn't supply any value for it. It should probably
change to NONE; but that is post K thing. I am allowing that
combination for now.
Bug: 10843500
Change-Id: Id0c28f4aaf32c6a7e7dca07114a2452ce194a798
Scanning while dhcp is running breaks dhcp, so stop the batched scans
when we need dhcp and start it up again after.
bug:10691401
Change-Id: Ifdeb6f35cfe4509b90fed1e1e694d0c107f24a7e
There used to be some STOPSHIP code in WifiWatchdogStateMachine for debug
purposes. We don't need them for the release.
Bug: 10841961
Change-Id: I501d62e9891ace52317e6c1d399b877175099a3c
Multiple authentication methods are currently considered invalid; but
WPA_EAP and IEEE8021X are set simultaneously. This means we need to
fix code to consider them a valid combination.
Bug: 10325089
Change-Id: I2b4f4d75f21df78bfca66a930e85214c0cd6922e
It was introduced to debug the disappearing APs; now that we think that
we've got to the bottom of it, it is being disabled by default. Set VDBG
to true to get it back.
Bug: 10568538
Change-Id: I226cacf48cccba9671f09164bbb50380adc6b322
ScanResult should have timestamp in uS but we are getting age in ms
from the wifi driver - multiply to have the same units though not
the implied precision.
bug: 10410465
Change-Id: Idf5c5996d69a4793dae3d74edb790d40b9bd3298
java.lang.SecurityException: Operation not allowed
There was a situation I wasn't taking into account -- components
declared by the system has a special ability to run in the processes
of other uids. This means that if that code loaded into another
process tries to do anything needing an app op verification, it will
fail, because it will say it is calling as the system package name but
it is not actually coming from the system uid.
To fix this, we add a new Context.getOpPackageName() to go along-side
getBasePackageName(). This is a special call for use by all app ops
verification, which will be initialized with either the base package
name, the actual package name, or now the default package name of the
process if we are creating a context for system code being loaded into
a non-system process.
I had to update all of the code doing app ops checks to switch to this
method to get the calling package name.
Also improve the security exception throw to have a more descriptive
error message.
Change-Id: Ic04f77b3938585b02fccabbc12d2f0dc62b9ef25
- Guard all field accesses in WifiMonitorSingleton with
a lock.
- WifiMonitorSingleton is now responsible for dispatching
events to a given monitor (or all monitors if it can't
find a matching monitor).
- Individual WifiMonitors are now responsible for dispatching
events sent to them. This makes WifiMonitorThread a dumb
object. All it does is wait for events and feed them back
into the WifiMonitorSingleton.
- Also fixes a bug where we weren't telling the WifiMonitor
that we're disconnected and another where we don't check whether
a monitor is connected or not before asking it to dispatch
an event.
- Also, replaces a few uses of entrySet() with a values() iterator
when the keys are never used. The performance of both methods
is identical for a HashMap, but the latter is a bit more concise
and easier to read.
Change-Id: I7ce00174a78c72836666d25ccc5e6e9e687c2570
This change will set country code on P2p interfaces as well, so the
drivers are free to use channels that are permitted regionally. This
is required for FCC style compliance and Miracast certification.
Bug: 10513263
Change-Id: I88c645bd488066d5167e23e2772f2e0e1f40fa8a
