Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2011 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.server.net; |
| 18 | |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 19 | import static android.Manifest.permission.ACCESS_NETWORK_STATE; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 20 | import static android.Manifest.permission.CONNECTIVITY_INTERNAL; |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 21 | import static android.Manifest.permission.DUMP; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 22 | import static android.Manifest.permission.MANAGE_NETWORK_POLICY; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 23 | import static android.Manifest.permission.READ_NETWORK_USAGE_HISTORY; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 24 | import static android.Manifest.permission.READ_PHONE_STATE; |
Amit Mahajan | 7c5befa | 2015-07-14 10:26:00 -0700 | [diff] [blame] | 25 | import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE; |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 26 | import static android.content.Intent.ACTION_PACKAGE_ADDED; |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 27 | import static android.content.Intent.ACTION_UID_REMOVED; |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 28 | import static android.content.Intent.ACTION_USER_ADDED; |
| 29 | import static android.content.Intent.ACTION_USER_REMOVED; |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 30 | import static android.content.Intent.EXTRA_UID; |
Erik Kline | f851d6d | 2015-04-20 16:03:48 +0900 | [diff] [blame] | 31 | import static android.net.ConnectivityManager.CONNECTIVITY_ACTION; |
Felipe Leme | 1b10323 | 2016-01-22 09:44:57 -0800 | [diff] [blame] | 32 | import static android.net.ConnectivityManager.RESTRICT_BACKGROUND_STATUS_DISABLED; |
| 33 | import static android.net.ConnectivityManager.RESTRICT_BACKGROUND_STATUS_ENABLED; |
| 34 | import static android.net.ConnectivityManager.RESTRICT_BACKGROUND_STATUS_WHITELISTED; |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 35 | import static android.net.ConnectivityManager.TYPE_MOBILE; |
| 36 | import static android.net.ConnectivityManager.TYPE_WIMAX; |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 37 | import static android.net.ConnectivityManager.isNetworkTypeMobile; |
| 38 | import static android.net.NetworkPolicy.CYCLE_NONE; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 39 | import static android.net.NetworkPolicy.LIMIT_DISABLED; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 40 | import static android.net.NetworkPolicy.SNOOZE_NEVER; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 41 | import static android.net.NetworkPolicy.WARNING_DISABLED; |
Jeff Sharkey | 14711eb | 2011-06-15 10:29:17 -0700 | [diff] [blame] | 42 | import static android.net.NetworkPolicyManager.EXTRA_NETWORK_TEMPLATE; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 43 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE; |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 44 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_POWERSAVE; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 45 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_STANDBY; |
| 46 | import static android.net.NetworkPolicyManager.FIREWALL_RULE_ALLOW; |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 47 | import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT; |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 48 | import static android.net.NetworkPolicyManager.FIREWALL_RULE_DENY; |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 49 | import static android.net.NetworkPolicyManager.POLICY_NONE; |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 50 | import static android.net.NetworkPolicyManager.POLICY_REJECT_METERED_BACKGROUND; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 51 | import static android.net.NetworkPolicyManager.RULE_ALLOW_ALL; |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 52 | import static android.net.NetworkPolicyManager.RULE_ALLOW_METERED; |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 53 | import static android.net.NetworkPolicyManager.MASK_METERED_NETWORKS; |
| 54 | import static android.net.NetworkPolicyManager.MASK_ALL_NETWORKS; |
| 55 | import static android.net.NetworkPolicyManager.RULE_NONE; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 56 | import static android.net.NetworkPolicyManager.RULE_REJECT_ALL; |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 57 | import static android.net.NetworkPolicyManager.RULE_REJECT_METERED; |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 58 | import static android.net.NetworkPolicyManager.RULE_TEMPORARY_ALLOW_METERED; |
Jeff Sharkey | cd2ca40 | 2011-06-10 15:14:07 -0700 | [diff] [blame] | 59 | import static android.net.NetworkPolicyManager.computeLastCycleBoundary; |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 60 | import static android.net.NetworkPolicyManager.uidRulesToString; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 61 | import static android.net.NetworkTemplate.MATCH_MOBILE_3G_LOWER; |
| 62 | import static android.net.NetworkTemplate.MATCH_MOBILE_4G; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 63 | import static android.net.NetworkTemplate.MATCH_MOBILE_ALL; |
| 64 | import static android.net.NetworkTemplate.MATCH_WIFI; |
Jeff Sharkey | 4e814c3 | 2011-07-14 20:37:37 -0700 | [diff] [blame] | 65 | import static android.net.NetworkTemplate.buildTemplateMobileAll; |
Jeff Sharkey | 241dde2 | 2012-02-03 14:50:07 -0800 | [diff] [blame] | 66 | import static android.net.TrafficStats.MB_IN_BYTES; |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 67 | import static android.net.wifi.WifiManager.CHANGE_REASON_ADDED; |
| 68 | import static android.net.wifi.WifiManager.CHANGE_REASON_REMOVED; |
| 69 | import static android.net.wifi.WifiManager.CONFIGURED_NETWORKS_CHANGED_ACTION; |
| 70 | import static android.net.wifi.WifiManager.EXTRA_CHANGE_REASON; |
| 71 | import static android.net.wifi.WifiManager.EXTRA_NETWORK_INFO; |
| 72 | import static android.net.wifi.WifiManager.EXTRA_WIFI_CONFIGURATION; |
| 73 | import static android.net.wifi.WifiManager.EXTRA_WIFI_INFO; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 74 | import static android.text.format.DateUtils.DAY_IN_MILLIS; |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 75 | |
Jeff Sharkey | 854b2b1 | 2012-04-13 16:03:40 -0700 | [diff] [blame] | 76 | import static com.android.internal.util.ArrayUtils.appendInt; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 77 | import static com.android.internal.util.Preconditions.checkNotNull; |
Jeff Sharkey | ded7b75 | 2013-03-22 13:43:41 -0700 | [diff] [blame] | 78 | import static com.android.internal.util.XmlUtils.readBooleanAttribute; |
| 79 | import static com.android.internal.util.XmlUtils.readIntAttribute; |
| 80 | import static com.android.internal.util.XmlUtils.readLongAttribute; |
| 81 | import static com.android.internal.util.XmlUtils.writeBooleanAttribute; |
| 82 | import static com.android.internal.util.XmlUtils.writeIntAttribute; |
| 83 | import static com.android.internal.util.XmlUtils.writeLongAttribute; |
Jeff Sharkey | 961e304 | 2011-08-29 16:02:57 -0700 | [diff] [blame] | 84 | import static com.android.server.NetworkManagementService.LIMIT_GLOBAL_ALERT; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 85 | import static com.android.server.net.NetworkStatsService.ACTION_NETWORK_STATS_UPDATED; |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 86 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 87 | import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT; |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 88 | import static org.xmlpull.v1.XmlPullParser.END_TAG; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 89 | import static org.xmlpull.v1.XmlPullParser.START_TAG; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 90 | |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 91 | import android.Manifest; |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 92 | import android.annotation.IntDef; |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 93 | import android.app.ActivityManager; |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 94 | import android.app.AppGlobals; |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 95 | import android.app.AppOpsManager; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 96 | import android.app.IActivityManager; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 97 | import android.app.INotificationManager; |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 98 | import android.app.IUidObserver; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 99 | import android.app.Notification; |
| 100 | import android.app.PendingIntent; |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 101 | import android.app.usage.UsageStatsManagerInternal; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 102 | import android.content.BroadcastReceiver; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 103 | import android.content.ComponentName; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 104 | import android.content.Context; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 105 | import android.content.Intent; |
| 106 | import android.content.IntentFilter; |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 107 | import android.content.pm.ApplicationInfo; |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 108 | import android.content.pm.IPackageManager; |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 109 | import android.content.pm.PackageManager; |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 110 | import android.content.pm.PackageManager.NameNotFoundException; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 111 | import android.content.pm.UserInfo; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 112 | import android.content.res.Resources; |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 113 | import android.net.ConnectivityManager; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 114 | import android.net.IConnectivityManager; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 115 | import android.net.INetworkManagementEventObserver; |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 116 | import android.net.INetworkPolicyListener; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 117 | import android.net.INetworkPolicyManager; |
Jeff Sharkey | 7527990 | 2011-05-24 18:39:45 -0700 | [diff] [blame] | 118 | import android.net.INetworkStatsService; |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 119 | import android.net.LinkProperties; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 120 | import android.net.NetworkIdentity; |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 121 | import android.net.NetworkInfo; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 122 | import android.net.NetworkPolicy; |
Jeff Sharkey | 7c3e442 | 2015-10-12 18:07:38 -0700 | [diff] [blame] | 123 | import android.net.NetworkPolicyManager; |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 124 | import android.net.NetworkQuotaInfo; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 125 | import android.net.NetworkState; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 126 | import android.net.NetworkTemplate; |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 127 | import android.net.wifi.WifiConfiguration; |
| 128 | import android.net.wifi.WifiInfo; |
| 129 | import android.net.wifi.WifiManager; |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 130 | import android.os.Binder; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 131 | import android.os.Environment; |
| 132 | import android.os.Handler; |
Amith Yamasani | 450a16b | 2013-09-18 16:28:50 -0700 | [diff] [blame] | 133 | import android.os.HandlerThread; |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 134 | import android.os.IDeviceIdleController; |
Ashish Sharma | 50fd36d | 2011-06-15 19:34:53 -0700 | [diff] [blame] | 135 | import android.os.INetworkManagementService; |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 136 | import android.os.Message; |
Jeff Sharkey | 163e644 | 2011-10-31 16:37:52 -0700 | [diff] [blame] | 137 | import android.os.MessageQueue.IdleHandler; |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 138 | import android.os.PowerManager; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 139 | import android.os.PowerManagerInternal; |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 140 | import android.os.RemoteCallbackList; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 141 | import android.os.RemoteException; |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 142 | import android.os.ResultReceiver; |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 143 | import android.os.ServiceManager; |
Dianne Hackborn | f02b60a | 2012-08-16 10:48:27 -0700 | [diff] [blame] | 144 | import android.os.UserHandle; |
Amith Yamasani | 258848d | 2012-08-10 17:06:33 -0700 | [diff] [blame] | 145 | import android.os.UserManager; |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 146 | import android.provider.Settings; |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 147 | import android.telephony.SubscriptionManager; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 148 | import android.telephony.TelephonyManager; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 149 | import android.text.format.Formatter; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 150 | import android.text.format.Time; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 151 | import android.util.ArrayMap; |
| 152 | import android.util.ArraySet; |
Dianne Hackborn | 39606a0 | 2012-07-31 17:54:35 -0700 | [diff] [blame] | 153 | import android.util.AtomicFile; |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 154 | import android.util.DebugUtils; |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 155 | import android.util.Log; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 156 | import android.util.NtpTrustedTime; |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 157 | import android.util.Pair; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 158 | import android.util.Slog; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 159 | import android.util.SparseBooleanArray; |
| 160 | import android.util.SparseIntArray; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 161 | import android.util.TrustedTime; |
| 162 | import android.util.Xml; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 163 | |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 164 | import com.android.internal.R; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 165 | import com.android.internal.annotations.GuardedBy; |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 166 | import com.android.internal.annotations.VisibleForTesting; |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 167 | import com.android.internal.content.PackageMonitor; |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 168 | import com.android.internal.util.ArrayUtils; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 169 | import com.android.internal.util.FastXmlSerializer; |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 170 | import com.android.internal.util.IndentingPrintWriter; |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 171 | import com.android.server.DeviceIdleController; |
| 172 | import com.android.server.EventLogTags; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 173 | import com.android.server.LocalServices; |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 174 | import com.android.server.SystemConfig; |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 175 | |
| 176 | import libcore.io.IoUtils; |
| 177 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 178 | import com.google.android.collect.Lists; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 179 | |
| 180 | import org.xmlpull.v1.XmlPullParser; |
| 181 | import org.xmlpull.v1.XmlPullParserException; |
| 182 | import org.xmlpull.v1.XmlSerializer; |
| 183 | |
| 184 | import java.io.File; |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 185 | import java.io.FileDescriptor; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 186 | import java.io.FileInputStream; |
| 187 | import java.io.FileNotFoundException; |
| 188 | import java.io.FileOutputStream; |
| 189 | import java.io.IOException; |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 190 | import java.io.PrintWriter; |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 191 | import java.lang.annotation.Retention; |
| 192 | import java.lang.annotation.RetentionPolicy; |
Wojciech Staszkiewicz | 9e9e2e7 | 2015-05-08 14:58:46 +0100 | [diff] [blame] | 193 | import java.nio.charset.StandardCharsets; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 194 | import java.util.ArrayList; |
| 195 | import java.util.Arrays; |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 196 | import java.util.List; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 197 | |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 198 | /** |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 199 | * Service that maintains low-level network policy rules, using |
| 200 | * {@link NetworkStatsService} statistics to drive those rules. |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 201 | * <p> |
| 202 | * Derives active rules by combining a given policy with other system status, |
| 203 | * and delivers to listeners, such as {@link ConnectivityManager}, for |
| 204 | * enforcement. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 205 | * |
| 206 | * <p> |
| 207 | * This class uses 2-3 locks to synchronize state: |
| 208 | * <ul> |
| 209 | * <li>{@code mUidRulesFirstLock}: used to guard state related to individual UIDs (such as firewall |
| 210 | * rules). |
| 211 | * <li>{@code mNetworkPoliciesSecondLock}: used to guard state related to network interfaces (such |
| 212 | * as network policies). |
| 213 | * <li>{@code allLocks}: not a "real" lock, but an indication (through @GuardedBy) that all locks |
| 214 | * must be held. |
| 215 | * </ul> |
| 216 | * |
| 217 | * <p> |
| 218 | * As such, methods that require synchronization have the following prefixes: |
| 219 | * <ul> |
| 220 | * <li>{@code UL()}: require the "UID" lock ({@code mUidRulesFirstLock}). |
| 221 | * <li>{@code NL()}: require the "Network" lock ({@code mNetworkPoliciesSecondLock}). |
| 222 | * <li>{@code AL()}: require all locks, which must be obtained in order ({@code mUidRulesFirstLock} |
| 223 | * first, then {@code mNetworkPoliciesSecondLock}, then {@code mYetAnotherGuardThirdLock}, etc.. |
| 224 | * </ul> |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 225 | */ |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 226 | public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { |
Felipe Leme | de4e8e3 | 2016-02-02 18:55:22 -0800 | [diff] [blame] | 227 | static final String TAG = "NetworkPolicy"; |
Jeff Sharkey | ac3fcb1 | 2012-05-02 18:11:52 -0700 | [diff] [blame] | 228 | private static final boolean LOGD = false; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 229 | private static final boolean LOGV = false; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 230 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 231 | private static final int VERSION_INIT = 1; |
| 232 | private static final int VERSION_ADDED_SNOOZE = 2; |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 233 | private static final int VERSION_ADDED_RESTRICT_BACKGROUND = 3; |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 234 | private static final int VERSION_ADDED_METERED = 4; |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 235 | private static final int VERSION_SPLIT_SNOOZE = 5; |
Jeff Sharkey | 9bf3150 | 2012-03-09 17:07:21 -0800 | [diff] [blame] | 236 | private static final int VERSION_ADDED_TIMEZONE = 6; |
Jeff Sharkey | 837f924 | 2012-03-20 16:52:20 -0700 | [diff] [blame] | 237 | private static final int VERSION_ADDED_INFERRED = 7; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 238 | private static final int VERSION_SWITCH_APP_ID = 8; |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 239 | private static final int VERSION_ADDED_NETWORK_ID = 9; |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 240 | private static final int VERSION_SWITCH_UID = 10; |
| 241 | private static final int VERSION_LATEST = VERSION_SWITCH_UID; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 242 | |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 243 | @VisibleForTesting |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 244 | public static final int TYPE_WARNING = 0x1; |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 245 | @VisibleForTesting |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 246 | public static final int TYPE_LIMIT = 0x2; |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 247 | @VisibleForTesting |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 248 | public static final int TYPE_LIMIT_SNOOZED = 0x3; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 249 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 250 | private static final String TAG_POLICY_LIST = "policy-list"; |
| 251 | private static final String TAG_NETWORK_POLICY = "network-policy"; |
| 252 | private static final String TAG_UID_POLICY = "uid-policy"; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 253 | private static final String TAG_APP_POLICY = "app-policy"; |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 254 | private static final String TAG_WHITELIST = "whitelist"; |
| 255 | private static final String TAG_RESTRICT_BACKGROUND = "restrict-background"; |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 256 | private static final String TAG_REVOKED_RESTRICT_BACKGROUND = "revoked-restrict-background"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 257 | |
| 258 | private static final String ATTR_VERSION = "version"; |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 259 | private static final String ATTR_RESTRICT_BACKGROUND = "restrictBackground"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 260 | private static final String ATTR_NETWORK_TEMPLATE = "networkTemplate"; |
| 261 | private static final String ATTR_SUBSCRIBER_ID = "subscriberId"; |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 262 | private static final String ATTR_NETWORK_ID = "networkId"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 263 | private static final String ATTR_CYCLE_DAY = "cycleDay"; |
Jeff Sharkey | 9bf3150 | 2012-03-09 17:07:21 -0800 | [diff] [blame] | 264 | private static final String ATTR_CYCLE_TIMEZONE = "cycleTimezone"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 265 | private static final String ATTR_WARNING_BYTES = "warningBytes"; |
| 266 | private static final String ATTR_LIMIT_BYTES = "limitBytes"; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 267 | private static final String ATTR_LAST_SNOOZE = "lastSnooze"; |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 268 | private static final String ATTR_LAST_WARNING_SNOOZE = "lastWarningSnooze"; |
| 269 | private static final String ATTR_LAST_LIMIT_SNOOZE = "lastLimitSnooze"; |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 270 | private static final String ATTR_METERED = "metered"; |
Jeff Sharkey | 837f924 | 2012-03-20 16:52:20 -0700 | [diff] [blame] | 271 | private static final String ATTR_INFERRED = "inferred"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 272 | private static final String ATTR_UID = "uid"; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 273 | private static final String ATTR_APP_ID = "appId"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 274 | private static final String ATTR_POLICY = "policy"; |
| 275 | |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 276 | private static final String ACTION_ALLOW_BACKGROUND = |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 277 | "com.android.server.net.action.ALLOW_BACKGROUND"; |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 278 | private static final String ACTION_SNOOZE_WARNING = |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 279 | "com.android.server.net.action.SNOOZE_WARNING"; |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 280 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 281 | private static final long TIME_CACHE_MAX_AGE = DAY_IN_MILLIS; |
| 282 | |
Jeff Sharkey | 6f7af03 | 2011-11-01 18:25:15 -0700 | [diff] [blame] | 283 | private static final int MSG_RULES_CHANGED = 1; |
| 284 | private static final int MSG_METERED_IFACES_CHANGED = 2; |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 285 | private static final int MSG_LIMIT_REACHED = 5; |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 286 | private static final int MSG_RESTRICT_BACKGROUND_CHANGED = 6; |
Jeff Sharkey | e19f39b | 2012-05-24 10:21:16 -0700 | [diff] [blame] | 287 | private static final int MSG_ADVISE_PERSIST_THRESHOLD = 7; |
Felipe Leme | 9778f76 | 2016-01-27 14:46:39 -0800 | [diff] [blame] | 288 | private static final int MSG_RESTRICT_BACKGROUND_WHITELIST_CHANGED = 9; |
Amith Yamasani | 3646cbd | 2016-04-13 14:04:53 -0700 | [diff] [blame] | 289 | private static final int MSG_UPDATE_INTERFACE_QUOTA = 10; |
| 290 | private static final int MSG_REMOVE_INTERFACE_QUOTA = 11; |
Felipe Leme | 99d5d3d | 2016-05-16 13:30:57 -0700 | [diff] [blame] | 291 | private static final int MSG_RESTRICT_BACKGROUND_BLACKLIST_CHANGED = 12; |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 292 | |
Jeff Sharkey | 7527990 | 2011-05-24 18:39:45 -0700 | [diff] [blame] | 293 | private final Context mContext; |
| 294 | private final IActivityManager mActivityManager; |
Jeff Sharkey | 7527990 | 2011-05-24 18:39:45 -0700 | [diff] [blame] | 295 | private final INetworkStatsService mNetworkStats; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 296 | private final INetworkManagementService mNetworkManager; |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 297 | private UsageStatsManagerInternal mUsageStats; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 298 | private final TrustedTime mTime; |
Stuart Scott | e3e314d | 2015-04-20 14:07:45 -0700 | [diff] [blame] | 299 | private final UserManager mUserManager; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 300 | |
| 301 | private IConnectivityManager mConnManager; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 302 | private INotificationManager mNotifManager; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 303 | private PowerManagerInternal mPowerManagerInternal; |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 304 | private IDeviceIdleController mDeviceIdleController; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 305 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 306 | // See main javadoc for instructions on how to use these locks. |
| 307 | final Object mUidRulesFirstLock = new Object(); |
| 308 | final Object mNetworkPoliciesSecondLock = new Object(); |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 309 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 310 | @GuardedBy("allLocks") volatile boolean mSystemReady; |
| 311 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 312 | @GuardedBy("mUidRulesFirstLock") volatile boolean mRestrictBackground; |
| 313 | @GuardedBy("mUidRulesFirstLock") volatile boolean mRestrictPower; |
| 314 | @GuardedBy("mUidRulesFirstLock") volatile boolean mDeviceIdleMode; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 315 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 316 | private final boolean mSuppressDefaultPolicy; |
| 317 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 318 | /** Defined network policies. */ |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 319 | final ArrayMap<NetworkTemplate, NetworkPolicy> mNetworkPolicy = new ArrayMap<>(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 320 | /** Currently active network rules for ifaces. */ |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 321 | final ArrayMap<NetworkPolicy, String[]> mNetworkRules = new ArrayMap<>(); |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 322 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 323 | /** Defined UID policies. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 324 | @GuardedBy("mUidRulesFirstLock") final SparseIntArray mUidPolicy = new SparseIntArray(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 325 | /** Currently derived rules for each UID. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 326 | @GuardedBy("mUidRulesFirstLock") final SparseIntArray mUidRules = new SparseIntArray(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 327 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 328 | @GuardedBy("mUidRulesFirstLock") |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 329 | final SparseIntArray mUidFirewallStandbyRules = new SparseIntArray(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 330 | @GuardedBy("mUidRulesFirstLock") |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 331 | final SparseIntArray mUidFirewallDozableRules = new SparseIntArray(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 332 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 333 | final SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray(); |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 334 | |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 335 | /** Set of states for the child firewall chains. True if the chain is active. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 336 | @GuardedBy("mUidRulesFirstLock") |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 337 | final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray(); |
| 338 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 339 | /** |
| 340 | * UIDs that have been white-listed to always be able to have network access |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 341 | * in power save mode, except device idle (doze) still applies. |
| 342 | * TODO: An int array might be sufficient |
| 343 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 344 | @GuardedBy("mUidRulesFirstLock") |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 345 | private final SparseBooleanArray mPowerSaveWhitelistExceptIdleAppIds = new SparseBooleanArray(); |
| 346 | |
| 347 | /** |
| 348 | * UIDs that have been white-listed to always be able to have network access |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 349 | * in power save mode. |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 350 | * TODO: An int array might be sufficient |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 351 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 352 | @GuardedBy("mUidRulesFirstLock") |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 353 | private final SparseBooleanArray mPowerSaveWhitelistAppIds = new SparseBooleanArray(); |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 354 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 355 | @GuardedBy("mUidRulesFirstLock") |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 356 | private final SparseBooleanArray mPowerSaveTempWhitelistAppIds = new SparseBooleanArray(); |
| 357 | |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 358 | /** |
| 359 | * UIDs that have been white-listed to avoid restricted background. |
| 360 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 361 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 362 | private final SparseBooleanArray mRestrictBackgroundWhitelistUids = new SparseBooleanArray(); |
| 363 | |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 364 | /** |
| 365 | * UIDs that have been initially white-listed by system to avoid restricted background. |
| 366 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 367 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 368 | private final SparseBooleanArray mDefaultRestrictBackgroundWhitelistUids = |
| 369 | new SparseBooleanArray(); |
| 370 | |
| 371 | /** |
| 372 | * UIDs that have been initially white-listed by system to avoid restricted background, |
| 373 | * but later revoked by user. |
| 374 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 375 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 376 | private final SparseBooleanArray mRestrictBackgroundWhitelistRevokedUids = |
| 377 | new SparseBooleanArray(); |
| 378 | |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 379 | /** Set of ifaces that are metered. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 380 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 381 | private ArraySet<String> mMeteredIfaces = new ArraySet<>(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 382 | /** Set of over-limit templates that have been notified. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 383 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 384 | private final ArraySet<NetworkTemplate> mOverLimitNotified = new ArraySet<>(); |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 385 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 386 | /** Set of currently active {@link Notification} tags. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 387 | @GuardedBy("mNetworkPoliciesSecondLock") |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 388 | private final ArraySet<String> mActiveNotifs = new ArraySet<String>(); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 389 | |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 390 | /** Foreground at UID granularity. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 391 | @GuardedBy("mUidRulesFirstLock") |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 392 | final SparseIntArray mUidState = new SparseIntArray(); |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 393 | |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 394 | /** Higher priority listener before general event dispatch */ |
| 395 | private INetworkPolicyListener mConnectivityListener; |
| 396 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 397 | private final RemoteCallbackList<INetworkPolicyListener> |
| 398 | mListeners = new RemoteCallbackList<>(); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 399 | |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 400 | final Handler mHandler; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 401 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 402 | @GuardedBy("allLocks") |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 403 | private final AtomicFile mPolicyFile; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 404 | |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 405 | private final AppOpsManager mAppOps; |
| 406 | |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 407 | private final MyPackageMonitor mPackageMonitor; |
Amith Yamasani | 2a4ac4e | 2016-02-12 12:43:15 -0800 | [diff] [blame] | 408 | private final IPackageManager mIPm; |
| 409 | |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 410 | |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 411 | // TODO: keep whitelist of system-critical services that should never have |
| 412 | // rules enforced, such as system, phone, and radio UIDs. |
| 413 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 414 | // TODO: migrate notifications to SystemUI |
| 415 | |
Jeff Sharkey | 7527990 | 2011-05-24 18:39:45 -0700 | [diff] [blame] | 416 | public NetworkPolicyManagerService(Context context, IActivityManager activityManager, |
Felipe Leme | f8dd7b4 | 2016-08-10 13:00:32 -0700 | [diff] [blame] | 417 | INetworkStatsService networkStats, INetworkManagementService networkManagement) { |
| 418 | this(context, activityManager, networkStats, networkManagement, |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 419 | NtpTrustedTime.getInstance(context), getSystemDir(), false); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 420 | } |
| 421 | |
| 422 | private static File getSystemDir() { |
| 423 | return new File(Environment.getDataDirectory(), "system"); |
| 424 | } |
| 425 | |
| 426 | public NetworkPolicyManagerService(Context context, IActivityManager activityManager, |
Felipe Leme | f8dd7b4 | 2016-08-10 13:00:32 -0700 | [diff] [blame] | 427 | INetworkStatsService networkStats, INetworkManagementService networkManagement, |
| 428 | TrustedTime time, File systemDir, boolean suppressDefaultPolicy) { |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 429 | mContext = checkNotNull(context, "missing context"); |
| 430 | mActivityManager = checkNotNull(activityManager, "missing activityManager"); |
Jeff Sharkey | 7527990 | 2011-05-24 18:39:45 -0700 | [diff] [blame] | 431 | mNetworkStats = checkNotNull(networkStats, "missing networkStats"); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 432 | mNetworkManager = checkNotNull(networkManagement, "missing networkManagement"); |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 433 | mDeviceIdleController = IDeviceIdleController.Stub.asInterface(ServiceManager.getService( |
Dianne Hackborn | 1958e5e | 2015-06-12 18:11:41 -0700 | [diff] [blame] | 434 | Context.DEVICE_IDLE_CONTROLLER)); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 435 | mTime = checkNotNull(time, "missing TrustedTime"); |
Stuart Scott | e3e314d | 2015-04-20 14:07:45 -0700 | [diff] [blame] | 436 | mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE); |
Amith Yamasani | 2a4ac4e | 2016-02-12 12:43:15 -0800 | [diff] [blame] | 437 | mIPm = AppGlobals.getPackageManager(); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 438 | |
Amith Yamasani | 450a16b | 2013-09-18 16:28:50 -0700 | [diff] [blame] | 439 | HandlerThread thread = new HandlerThread(TAG); |
| 440 | thread.start(); |
| 441 | mHandler = new Handler(thread.getLooper(), mHandlerCallback); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 442 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 443 | mSuppressDefaultPolicy = suppressDefaultPolicy; |
| 444 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 445 | mPolicyFile = new AtomicFile(new File(systemDir, "netpolicy.xml")); |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 446 | |
| 447 | mAppOps = context.getSystemService(AppOpsManager.class); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 448 | |
| 449 | mPackageMonitor = new MyPackageMonitor(); |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 450 | |
| 451 | // Expose private service for system components to use. |
| 452 | LocalServices.addService(NetworkPolicyManagerInternal.class, |
| 453 | new NetworkPolicyManagerInternalImpl()); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 454 | } |
| 455 | |
| 456 | public void bindConnectivityManager(IConnectivityManager connManager) { |
| 457 | mConnManager = checkNotNull(connManager, "missing IConnectivityManager"); |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 458 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 459 | |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 460 | public void bindNotificationManager(INotificationManager notifManager) { |
| 461 | mNotifManager = checkNotNull(notifManager, "missing INotificationManager"); |
| 462 | } |
| 463 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 464 | void updatePowerSaveWhitelistUL() { |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 465 | try { |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 466 | int[] whitelist = mDeviceIdleController.getAppIdWhitelistExceptIdle(); |
| 467 | mPowerSaveWhitelistExceptIdleAppIds.clear(); |
| 468 | if (whitelist != null) { |
| 469 | for (int uid : whitelist) { |
| 470 | mPowerSaveWhitelistExceptIdleAppIds.put(uid, true); |
| 471 | } |
| 472 | } |
| 473 | whitelist = mDeviceIdleController.getAppIdWhitelist(); |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 474 | mPowerSaveWhitelistAppIds.clear(); |
| 475 | if (whitelist != null) { |
| 476 | for (int uid : whitelist) { |
| 477 | mPowerSaveWhitelistAppIds.put(uid, true); |
| 478 | } |
| 479 | } |
| 480 | } catch (RemoteException e) { |
| 481 | } |
| 482 | } |
| 483 | |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 484 | /** |
| 485 | * Whitelists pre-defined apps for restrict background, but only if the user didn't already |
| 486 | * revoke the whitelist. |
| 487 | * |
| 488 | * @return whether any uid has been added to {@link #mRestrictBackgroundWhitelistUids}. |
| 489 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 490 | boolean addDefaultRestrictBackgroundWhitelistUidsUL() { |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 491 | final List<UserInfo> users = mUserManager.getUsers(); |
| 492 | final int numberUsers = users.size(); |
| 493 | |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 494 | boolean changed = false; |
| 495 | for (int i = 0; i < numberUsers; i++) { |
| 496 | final UserInfo user = users.get(i); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 497 | changed = addDefaultRestrictBackgroundWhitelistUidsUL(user.id) || changed; |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 498 | } |
| 499 | return changed; |
| 500 | } |
| 501 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 502 | private boolean addDefaultRestrictBackgroundWhitelistUidsUL(int userId) { |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 503 | final SystemConfig sysConfig = SystemConfig.getInstance(); |
| 504 | final PackageManager pm = mContext.getPackageManager(); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 505 | final ArraySet<String> allowDataUsage = sysConfig.getAllowInDataUsageSave(); |
| 506 | boolean changed = false; |
| 507 | for (int i = 0; i < allowDataUsage.size(); i++) { |
| 508 | final String pkg = allowDataUsage.valueAt(i); |
| 509 | if (LOGD) |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 510 | Slog.d(TAG, "checking restricted background whitelisting for package " + pkg |
| 511 | + " and user " + userId); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 512 | final ApplicationInfo app; |
| 513 | try { |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 514 | app = pm.getApplicationInfoAsUser(pkg, PackageManager.MATCH_SYSTEM_ONLY, userId); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 515 | } catch (PackageManager.NameNotFoundException e) { |
Felipe Leme | 6fa02e9 | 2016-08-31 08:47:50 -0700 | [diff] [blame] | 516 | if (LOGD) Slog.d(TAG, "No ApplicationInfo for package " + pkg); |
| 517 | // Ignore it - some apps on allow-in-data-usage-save are optional. |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 518 | continue; |
| 519 | } |
| 520 | if (!app.isPrivilegedApp()) { |
Felipe Leme | 6fa02e9 | 2016-08-31 08:47:50 -0700 | [diff] [blame] | 521 | Slog.e(TAG, "addDefaultRestrictBackgroundWhitelistUidsUL(): " |
| 522 | + "skipping non-privileged app " + pkg); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 523 | continue; |
| 524 | } |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 525 | final int uid = UserHandle.getUid(userId, app.uid); |
| 526 | mDefaultRestrictBackgroundWhitelistUids.append(uid, true); |
| 527 | if (LOGD) |
| 528 | Slog.d(TAG, "Adding uid " + uid + " (user " + userId + ") to default restricted " |
| 529 | + "background whitelist. Revoked status: " |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 530 | + mRestrictBackgroundWhitelistRevokedUids.get(uid)); |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 531 | if (!mRestrictBackgroundWhitelistRevokedUids.get(uid)) { |
Felipe Leme | 6fa02e9 | 2016-08-31 08:47:50 -0700 | [diff] [blame] | 532 | if (LOGD) |
| 533 | Slog.d(TAG, "adding default package " + pkg + " (uid " + uid + " for user " |
| 534 | + userId + ") to restrict background whitelist"); |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 535 | mRestrictBackgroundWhitelistUids.append(uid, true); |
| 536 | changed = true; |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 537 | } |
| 538 | } |
| 539 | return changed; |
| 540 | } |
| 541 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 542 | void updatePowerSaveTempWhitelistUL() { |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 543 | try { |
Amith Yamasani | 06f0806 | 2015-06-12 13:23:33 -0700 | [diff] [blame] | 544 | // Clear the states of the current whitelist |
| 545 | final int N = mPowerSaveTempWhitelistAppIds.size(); |
| 546 | for (int i = 0; i < N; i++) { |
| 547 | mPowerSaveTempWhitelistAppIds.setValueAt(i, false); |
| 548 | } |
| 549 | // Update the states with the new whitelist |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 550 | final int[] whitelist = mDeviceIdleController.getAppIdTempWhitelist(); |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 551 | if (whitelist != null) { |
| 552 | for (int uid : whitelist) { |
| 553 | mPowerSaveTempWhitelistAppIds.put(uid, true); |
| 554 | } |
| 555 | } |
| 556 | } catch (RemoteException e) { |
| 557 | } |
| 558 | } |
| 559 | |
Amith Yamasani | 06f0806 | 2015-06-12 13:23:33 -0700 | [diff] [blame] | 560 | /** |
| 561 | * Remove unnecessary entries in the temp whitelist |
| 562 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 563 | void purgePowerSaveTempWhitelistUL() { |
Amith Yamasani | 06f0806 | 2015-06-12 13:23:33 -0700 | [diff] [blame] | 564 | final int N = mPowerSaveTempWhitelistAppIds.size(); |
| 565 | for (int i = N - 1; i >= 0; i--) { |
| 566 | if (mPowerSaveTempWhitelistAppIds.valueAt(i) == false) { |
| 567 | mPowerSaveTempWhitelistAppIds.removeAt(i); |
| 568 | } |
| 569 | } |
| 570 | } |
| 571 | |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 572 | public void systemReady() { |
Jeff Sharkey | 8c1dc72 | 2012-05-04 14:49:37 -0700 | [diff] [blame] | 573 | if (!isBandwidthControlEnabled()) { |
| 574 | Slog.w(TAG, "bandwidth controls disabled, unable to enforce policy"); |
| 575 | return; |
| 576 | } |
| 577 | |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 578 | mUsageStats = LocalServices.getService(UsageStatsManagerInternal.class); |
| 579 | |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 580 | mPackageMonitor.register(mContext, mHandler.getLooper(), UserHandle.ALL, true); |
| 581 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 582 | synchronized (mUidRulesFirstLock) { |
| 583 | synchronized (mNetworkPoliciesSecondLock) { |
| 584 | updatePowerSaveWhitelistUL(); |
| 585 | mPowerManagerInternal = LocalServices.getService(PowerManagerInternal.class); |
| 586 | mPowerManagerInternal.registerLowPowerModeObserver( |
| 587 | new PowerManagerInternal.LowPowerModeListener() { |
| 588 | @Override |
| 589 | public void onLowPowerModeChanged(boolean enabled) { |
| 590 | if (LOGD) Slog.d(TAG, "onLowPowerModeChanged(" + enabled + ")"); |
| 591 | synchronized (mUidRulesFirstLock) { |
| 592 | if (mRestrictPower != enabled) { |
| 593 | mRestrictPower = enabled; |
| 594 | updateRulesForRestrictPowerUL(); |
| 595 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 596 | } |
| 597 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 598 | }); |
| 599 | mRestrictPower = mPowerManagerInternal.getLowPowerModeEnabled(); |
| 600 | |
| 601 | mSystemReady = true; |
| 602 | |
| 603 | // read policy from disk |
| 604 | readPolicyAL(); |
| 605 | |
| 606 | if (addDefaultRestrictBackgroundWhitelistUidsUL()) { |
| 607 | writePolicyAL(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 608 | } |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 609 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 610 | setRestrictBackgroundUL(mRestrictBackground); |
| 611 | updateRulesForGlobalChangeAL(false); |
| 612 | updateNotificationsNL(); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 613 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 614 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 615 | |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 616 | try { |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 617 | mActivityManager.registerUidObserver(mUidObserver, |
| 618 | ActivityManager.UID_OBSERVER_PROCSTATE|ActivityManager.UID_OBSERVER_GONE); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 619 | mNetworkManager.registerObserver(mAlertObserver); |
| 620 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 621 | // ignored; both services live in system_server |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 622 | } |
| 623 | |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 624 | // listen for changes to power save whitelist |
| 625 | final IntentFilter whitelistFilter = new IntentFilter( |
| 626 | PowerManager.ACTION_POWER_SAVE_WHITELIST_CHANGED); |
| 627 | mContext.registerReceiver(mPowerSaveWhitelistReceiver, whitelistFilter, null, mHandler); |
| 628 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 629 | DeviceIdleController.LocalService deviceIdleService |
| 630 | = LocalServices.getService(DeviceIdleController.LocalService.class); |
| 631 | deviceIdleService.setNetworkPolicyTempWhitelistCallback(mTempPowerSaveChangedCallback); |
| 632 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 633 | // watch for network interfaces to be claimed |
Erik Kline | f851d6d | 2015-04-20 16:03:48 +0900 | [diff] [blame] | 634 | final IntentFilter connFilter = new IntentFilter(CONNECTIVITY_ACTION); |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 635 | mContext.registerReceiver(mConnReceiver, connFilter, CONNECTIVITY_INTERNAL, mHandler); |
| 636 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 637 | // listen for package changes to update policy |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 638 | final IntentFilter packageFilter = new IntentFilter(); |
| 639 | packageFilter.addAction(ACTION_PACKAGE_ADDED); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 640 | packageFilter.addDataScheme("package"); |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 641 | mContext.registerReceiver(mPackageReceiver, packageFilter, null, mHandler); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 642 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 643 | // listen for UID changes to update policy |
| 644 | mContext.registerReceiver( |
| 645 | mUidRemovedReceiver, new IntentFilter(ACTION_UID_REMOVED), null, mHandler); |
| 646 | |
| 647 | // listen for user changes to update policy |
| 648 | final IntentFilter userFilter = new IntentFilter(); |
| 649 | userFilter.addAction(ACTION_USER_ADDED); |
| 650 | userFilter.addAction(ACTION_USER_REMOVED); |
| 651 | mContext.registerReceiver(mUserReceiver, userFilter, null, mHandler); |
| 652 | |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 653 | // listen for stats update events |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 654 | final IntentFilter statsFilter = new IntentFilter(ACTION_NETWORK_STATS_UPDATED); |
| 655 | mContext.registerReceiver( |
| 656 | mStatsReceiver, statsFilter, READ_NETWORK_USAGE_HISTORY, mHandler); |
| 657 | |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 658 | // listen for restrict background changes from notifications |
| 659 | final IntentFilter allowFilter = new IntentFilter(ACTION_ALLOW_BACKGROUND); |
| 660 | mContext.registerReceiver(mAllowReceiver, allowFilter, MANAGE_NETWORK_POLICY, mHandler); |
| 661 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 662 | // listen for snooze warning from notifications |
| 663 | final IntentFilter snoozeWarningFilter = new IntentFilter(ACTION_SNOOZE_WARNING); |
| 664 | mContext.registerReceiver(mSnoozeWarningReceiver, snoozeWarningFilter, |
| 665 | MANAGE_NETWORK_POLICY, mHandler); |
| 666 | |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 667 | // listen for configured wifi networks to be removed |
| 668 | final IntentFilter wifiConfigFilter = new IntentFilter(CONFIGURED_NETWORKS_CHANGED_ACTION); |
Vinit Deshpande | 92d141f | 2014-09-10 18:05:10 -0700 | [diff] [blame] | 669 | mContext.registerReceiver(mWifiConfigReceiver, wifiConfigFilter, null, mHandler); |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 670 | |
| 671 | // listen for wifi state changes to catch metered hint |
| 672 | final IntentFilter wifiStateFilter = new IntentFilter( |
| 673 | WifiManager.NETWORK_STATE_CHANGED_ACTION); |
Vinit Deshpande | 92d141f | 2014-09-10 18:05:10 -0700 | [diff] [blame] | 674 | mContext.registerReceiver(mWifiStateReceiver, wifiStateFilter, null, mHandler); |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 675 | |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 676 | mUsageStats.addAppIdleStateChangeListener(new AppIdleStateChangeListener()); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 677 | |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 678 | } |
| 679 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 680 | final private IUidObserver mUidObserver = new IUidObserver.Stub() { |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 681 | @Override public void onUidStateChanged(int uid, int procState) throws RemoteException { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 682 | synchronized (mUidRulesFirstLock) { |
| 683 | updateUidStateUL(uid, procState); |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 684 | } |
Dianne Hackborn | a93c2c1 | 2012-05-31 15:29:36 -0700 | [diff] [blame] | 685 | } |
| 686 | |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 687 | @Override public void onUidGone(int uid) throws RemoteException { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 688 | synchronized (mUidRulesFirstLock) { |
| 689 | removeUidStateUL(uid); |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 690 | } |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 691 | } |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 692 | |
| 693 | @Override public void onUidActive(int uid) throws RemoteException { |
| 694 | } |
| 695 | |
| 696 | @Override public void onUidIdle(int uid) throws RemoteException { |
| 697 | } |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 698 | }; |
| 699 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 700 | final private BroadcastReceiver mPowerSaveWhitelistReceiver = new BroadcastReceiver() { |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 701 | @Override |
| 702 | public void onReceive(Context context, Intent intent) { |
| 703 | // on background handler thread, and POWER_SAVE_WHITELIST_CHANGED is protected |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 704 | synchronized (mUidRulesFirstLock) { |
| 705 | updatePowerSaveWhitelistUL(); |
| 706 | updateRulesForRestrictPowerUL(); |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 707 | } |
| 708 | } |
| 709 | }; |
| 710 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 711 | final private Runnable mTempPowerSaveChangedCallback = new Runnable() { |
| 712 | @Override |
| 713 | public void run() { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 714 | synchronized (mUidRulesFirstLock) { |
| 715 | updatePowerSaveTempWhitelistUL(); |
| 716 | updateRulesForTempWhitelistChangeUL(); |
| 717 | purgePowerSaveTempWhitelistUL(); |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 718 | } |
| 719 | } |
| 720 | }; |
| 721 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 722 | final private BroadcastReceiver mPackageReceiver = new BroadcastReceiver() { |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 723 | @Override |
| 724 | public void onReceive(Context context, Intent intent) { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 725 | // on background handler thread, and PACKAGE_ADDED is protected |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 726 | |
| 727 | final String action = intent.getAction(); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 728 | final int uid = intent.getIntExtra(EXTRA_UID, -1); |
| 729 | if (uid == -1) return; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 730 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 731 | if (ACTION_PACKAGE_ADDED.equals(action)) { |
| 732 | // update rules for UID, since it might be subject to |
| 733 | // global background data policy |
| 734 | if (LOGV) Slog.v(TAG, "ACTION_PACKAGE_ADDED for uid=" + uid); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 735 | synchronized (mUidRulesFirstLock) { |
| 736 | updateRestrictionRulesForUidUL(uid); |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 737 | } |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 738 | } |
| 739 | } |
| 740 | }; |
| 741 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 742 | final private BroadcastReceiver mUidRemovedReceiver = new BroadcastReceiver() { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 743 | @Override |
| 744 | public void onReceive(Context context, Intent intent) { |
| 745 | // on background handler thread, and UID_REMOVED is protected |
| 746 | |
| 747 | final int uid = intent.getIntExtra(EXTRA_UID, -1); |
| 748 | if (uid == -1) return; |
| 749 | |
| 750 | // remove any policy and update rules to clean up |
| 751 | if (LOGV) Slog.v(TAG, "ACTION_UID_REMOVED for uid=" + uid); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 752 | synchronized (mUidRulesFirstLock) { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 753 | mUidPolicy.delete(uid); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 754 | updateRestrictionRulesForUidUL(uid); |
| 755 | synchronized (mNetworkPoliciesSecondLock) { |
| 756 | writePolicyAL(); |
| 757 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 758 | } |
| 759 | } |
| 760 | }; |
| 761 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 762 | final private BroadcastReceiver mUserReceiver = new BroadcastReceiver() { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 763 | @Override |
| 764 | public void onReceive(Context context, Intent intent) { |
| 765 | // on background handler thread, and USER_ADDED and USER_REMOVED |
| 766 | // broadcasts are protected |
| 767 | |
| 768 | final String action = intent.getAction(); |
| 769 | final int userId = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, -1); |
| 770 | if (userId == -1) return; |
| 771 | |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 772 | switch (action) { |
| 773 | case ACTION_USER_REMOVED: |
| 774 | case ACTION_USER_ADDED: |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 775 | synchronized (mUidRulesFirstLock) { |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 776 | // Remove any persistable state for the given user; both cleaning up after a |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 777 | // USER_REMOVED, and one last sanity check during USER_ADDED |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 778 | removeUserStateUL(userId, true); |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 779 | if (action == ACTION_USER_ADDED) { |
| 780 | // Add apps that are whitelisted by default. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 781 | addDefaultRestrictBackgroundWhitelistUidsUL(userId); |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 782 | } |
| 783 | // Update global restrict for that user |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 784 | synchronized (mNetworkPoliciesSecondLock) { |
| 785 | updateRulesForGlobalChangeAL(true); |
| 786 | } |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 787 | } |
| 788 | break; |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 789 | } |
| 790 | } |
| 791 | }; |
| 792 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 793 | /** |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 794 | * Receiver that watches for {@link INetworkStatsService} updates, which we |
| 795 | * use to check against {@link NetworkPolicy#warningBytes}. |
| 796 | */ |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 797 | final private BroadcastReceiver mStatsReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 798 | @Override |
| 799 | public void onReceive(Context context, Intent intent) { |
| 800 | // on background handler thread, and verified |
| 801 | // READ_NETWORK_USAGE_HISTORY permission above. |
| 802 | |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 803 | maybeRefreshTrustedTime(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 804 | synchronized (mNetworkPoliciesSecondLock) { |
| 805 | updateNetworkEnabledNL(); |
| 806 | updateNotificationsNL(); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 807 | } |
| 808 | } |
| 809 | }; |
| 810 | |
| 811 | /** |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 812 | * Receiver that watches for {@link Notification} control of |
| 813 | * {@link #mRestrictBackground}. |
| 814 | */ |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 815 | final private BroadcastReceiver mAllowReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 816 | @Override |
| 817 | public void onReceive(Context context, Intent intent) { |
| 818 | // on background handler thread, and verified MANAGE_NETWORK_POLICY |
| 819 | // permission above. |
| 820 | |
| 821 | setRestrictBackground(false); |
| 822 | } |
| 823 | }; |
| 824 | |
| 825 | /** |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 826 | * Receiver that watches for {@link Notification} control of |
| 827 | * {@link NetworkPolicy#lastWarningSnooze}. |
| 828 | */ |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 829 | final private BroadcastReceiver mSnoozeWarningReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 830 | @Override |
| 831 | public void onReceive(Context context, Intent intent) { |
| 832 | // on background handler thread, and verified MANAGE_NETWORK_POLICY |
| 833 | // permission above. |
| 834 | |
| 835 | final NetworkTemplate template = intent.getParcelableExtra(EXTRA_NETWORK_TEMPLATE); |
| 836 | performSnooze(template, TYPE_WARNING); |
| 837 | } |
| 838 | }; |
| 839 | |
| 840 | /** |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 841 | * Receiver that watches for {@link WifiConfiguration} to be changed. |
| 842 | */ |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 843 | final private BroadcastReceiver mWifiConfigReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 844 | @Override |
| 845 | public void onReceive(Context context, Intent intent) { |
| 846 | // on background handler thread, and verified CONNECTIVITY_INTERNAL |
| 847 | // permission above. |
| 848 | |
| 849 | final int reason = intent.getIntExtra(EXTRA_CHANGE_REASON, CHANGE_REASON_ADDED); |
| 850 | if (reason == CHANGE_REASON_REMOVED) { |
| 851 | final WifiConfiguration config = intent.getParcelableExtra( |
| 852 | EXTRA_WIFI_CONFIGURATION); |
Irfan Sheriff | 00a10a1 | 2012-04-27 21:24:17 -0700 | [diff] [blame] | 853 | if (config.SSID != null) { |
Jeff Sharkey | 2e4dce0 | 2012-12-18 17:06:06 -0800 | [diff] [blame] | 854 | final NetworkTemplate template = NetworkTemplate.buildTemplateWifi(config.SSID); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 855 | synchronized (mUidRulesFirstLock) { |
| 856 | synchronized (mNetworkPoliciesSecondLock) { |
| 857 | if (mNetworkPolicy.containsKey(template)) { |
| 858 | mNetworkPolicy.remove(template); |
| 859 | writePolicyAL(); |
| 860 | } |
Irfan Sheriff | 00a10a1 | 2012-04-27 21:24:17 -0700 | [diff] [blame] | 861 | } |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 862 | } |
| 863 | } |
| 864 | } |
| 865 | } |
| 866 | }; |
| 867 | |
| 868 | /** |
| 869 | * Receiver that watches {@link WifiInfo} state changes to infer metered |
| 870 | * state. Ignores hints when policy is user-defined. |
| 871 | */ |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 872 | final private BroadcastReceiver mWifiStateReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 873 | @Override |
| 874 | public void onReceive(Context context, Intent intent) { |
| 875 | // on background handler thread, and verified CONNECTIVITY_INTERNAL |
| 876 | // permission above. |
| 877 | |
| 878 | // ignore when not connected |
| 879 | final NetworkInfo netInfo = intent.getParcelableExtra(EXTRA_NETWORK_INFO); |
| 880 | if (!netInfo.isConnected()) return; |
| 881 | |
| 882 | final WifiInfo info = intent.getParcelableExtra(EXTRA_WIFI_INFO); |
| 883 | final boolean meteredHint = info.getMeteredHint(); |
| 884 | |
Jeff Sharkey | 2e4dce0 | 2012-12-18 17:06:06 -0800 | [diff] [blame] | 885 | final NetworkTemplate template = NetworkTemplate.buildTemplateWifi(info.getSSID()); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 886 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 887 | NetworkPolicy policy = mNetworkPolicy.get(template); |
| 888 | if (policy == null && meteredHint) { |
| 889 | // policy doesn't exist, and AP is hinting that it's |
| 890 | // metered: create an inferred policy. |
Felipe Leme | b1a65ee | 2016-02-08 10:12:01 -0800 | [diff] [blame] | 891 | policy = newWifiPolicy(template, meteredHint); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 892 | addNetworkPolicyNL(policy); |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 893 | |
| 894 | } else if (policy != null && policy.inferred) { |
| 895 | // policy exists, and was inferred: update its current |
| 896 | // metered state. |
| 897 | policy.metered = meteredHint; |
| 898 | |
| 899 | // since this is inferred for each wifi session, just update |
| 900 | // rules without persisting. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 901 | updateNetworkRulesNL(); |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 902 | } |
| 903 | } |
| 904 | } |
| 905 | }; |
| 906 | |
Felipe Leme | b1a65ee | 2016-02-08 10:12:01 -0800 | [diff] [blame] | 907 | static NetworkPolicy newWifiPolicy(NetworkTemplate template, boolean metered) { |
| 908 | return new NetworkPolicy(template, CYCLE_NONE, Time.TIMEZONE_UTC, |
| 909 | WARNING_DISABLED, LIMIT_DISABLED, SNOOZE_NEVER, SNOOZE_NEVER, |
| 910 | metered, true); |
| 911 | } |
| 912 | |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 913 | /** |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 914 | * Observer that watches for {@link INetworkManagementService} alerts. |
| 915 | */ |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 916 | final private INetworkManagementEventObserver mAlertObserver |
| 917 | = new BaseNetworkObserver() { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 918 | @Override |
| 919 | public void limitReached(String limitName, String iface) { |
| 920 | // only someone like NMS should be calling us |
| 921 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 922 | |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 923 | if (!LIMIT_GLOBAL_ALERT.equals(limitName)) { |
| 924 | mHandler.obtainMessage(MSG_LIMIT_REACHED, iface).sendToTarget(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 925 | } |
| 926 | } |
| 927 | }; |
| 928 | |
| 929 | /** |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 930 | * Check {@link NetworkPolicy} against current {@link INetworkStatsService} |
| 931 | * to show visible notifications as needed. |
| 932 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 933 | void updateNotificationsNL() { |
| 934 | if (LOGV) Slog.v(TAG, "updateNotificationsNL()"); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 935 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 936 | // keep track of previously active notifications |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 937 | final ArraySet<String> beforeNotifs = new ArraySet<String>(mActiveNotifs); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 938 | mActiveNotifs.clear(); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 939 | |
| 940 | // TODO: when switching to kernel notifications, compute next future |
| 941 | // cycle boundary to recompute notifications. |
| 942 | |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 943 | // examine stats for each active policy |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 944 | final long currentTime = currentTimeMillis(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 945 | for (int i = mNetworkPolicy.size()-1; i >= 0; i--) { |
| 946 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 947 | // ignore policies that aren't relevant to user |
| 948 | if (!isTemplateRelevant(policy.template)) continue; |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 949 | if (!policy.hasCycle()) continue; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 950 | |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 951 | final long start = computeLastCycleBoundary(currentTime, policy); |
| 952 | final long end = currentTime; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 953 | final long totalBytes = getTotalBytes(policy.template, start, end); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 954 | |
Jeff Sharkey | 50e7e51 | 2011-10-10 16:50:35 -0700 | [diff] [blame] | 955 | if (policy.isOverLimit(totalBytes)) { |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 956 | if (policy.lastLimitSnooze >= start) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 957 | enqueueNotification(policy, TYPE_LIMIT_SNOOZED, totalBytes); |
| 958 | } else { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 959 | enqueueNotification(policy, TYPE_LIMIT, totalBytes); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 960 | notifyOverLimitNL(policy.template); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 961 | } |
| 962 | |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 963 | } else { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 964 | notifyUnderLimitNL(policy.template); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 965 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 966 | if (policy.isOverWarning(totalBytes) && policy.lastWarningSnooze < start) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 967 | enqueueNotification(policy, TYPE_WARNING, totalBytes); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 968 | } |
| 969 | } |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 970 | } |
| 971 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 972 | // cancel stale notifications that we didn't renew above |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 973 | for (int i = beforeNotifs.size()-1; i >= 0; i--) { |
| 974 | final String tag = beforeNotifs.valueAt(i); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 975 | if (!mActiveNotifs.contains(tag)) { |
| 976 | cancelNotification(tag); |
| 977 | } |
| 978 | } |
| 979 | } |
| 980 | |
| 981 | /** |
| 982 | * Test if given {@link NetworkTemplate} is relevant to user based on |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 983 | * current device state, such as when |
| 984 | * {@link TelephonyManager#getSubscriberId()} matches. This is regardless of |
| 985 | * data connection status. |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 986 | */ |
| 987 | private boolean isTemplateRelevant(NetworkTemplate template) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 988 | if (template.isMatchRuleMobile()) { |
| 989 | final TelephonyManager tele = TelephonyManager.from(mContext); |
| 990 | final SubscriptionManager sub = SubscriptionManager.from(mContext); |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 991 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 992 | // Mobile template is relevant when any active subscriber matches |
| 993 | final int[] subIds = sub.getActiveSubscriptionIdList(); |
| 994 | for (int subId : subIds) { |
| 995 | final String subscriberId = tele.getSubscriberId(subId); |
| 996 | final NetworkIdentity probeIdent = new NetworkIdentity(TYPE_MOBILE, |
Jack Yu | 66a6be3 | 2016-03-30 11:14:39 -0700 | [diff] [blame] | 997 | TelephonyManager.NETWORK_TYPE_UNKNOWN, subscriberId, null, false, true); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 998 | if (template.matches(probeIdent)) { |
| 999 | return true; |
Jeff Sharkey | 3a66cf3 | 2012-03-20 17:00:01 -0700 | [diff] [blame] | 1000 | } |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1001 | } |
| 1002 | return false; |
| 1003 | } else { |
| 1004 | return true; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1005 | } |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1006 | } |
| 1007 | |
| 1008 | /** |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1009 | * Notify that given {@link NetworkTemplate} is over |
| 1010 | * {@link NetworkPolicy#limitBytes}, potentially showing dialog to user. |
| 1011 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1012 | private void notifyOverLimitNL(NetworkTemplate template) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1013 | if (!mOverLimitNotified.contains(template)) { |
| 1014 | mContext.startActivity(buildNetworkOverLimitIntent(template)); |
| 1015 | mOverLimitNotified.add(template); |
| 1016 | } |
| 1017 | } |
| 1018 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1019 | private void notifyUnderLimitNL(NetworkTemplate template) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1020 | mOverLimitNotified.remove(template); |
| 1021 | } |
| 1022 | |
| 1023 | /** |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1024 | * Build unique tag that identifies an active {@link NetworkPolicy} |
| 1025 | * notification of a specific type, like {@link #TYPE_LIMIT}. |
| 1026 | */ |
| 1027 | private String buildNotificationTag(NetworkPolicy policy, int type) { |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 1028 | return TAG + ":" + policy.template.hashCode() + ":" + type; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1029 | } |
| 1030 | |
| 1031 | /** |
| 1032 | * Show notification for combined {@link NetworkPolicy} and specific type, |
| 1033 | * like {@link #TYPE_LIMIT}. Okay to call multiple times. |
| 1034 | */ |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1035 | private void enqueueNotification(NetworkPolicy policy, int type, long totalBytes) { |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1036 | final String tag = buildNotificationTag(policy, type); |
| 1037 | final Notification.Builder builder = new Notification.Builder(mContext); |
| 1038 | builder.setOnlyAlertOnce(true); |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1039 | builder.setWhen(0L); |
Alan Viverette | 4a357cd | 2015-03-18 18:37:18 -0700 | [diff] [blame] | 1040 | builder.setColor(mContext.getColor( |
Selim Cinek | 255dd04 | 2014-08-19 22:29:02 +0200 | [diff] [blame] | 1041 | com.android.internal.R.color.system_notification_accent_color)); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1042 | |
| 1043 | final Resources res = mContext.getResources(); |
| 1044 | switch (type) { |
| 1045 | case TYPE_WARNING: { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1046 | final CharSequence title = res.getText(R.string.data_usage_warning_title); |
Jeff Sharkey | 8ca953d | 2011-09-14 19:56:11 -0700 | [diff] [blame] | 1047 | final CharSequence body = res.getString(R.string.data_usage_warning_body); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1048 | |
Jeff Sharkey | 50e7e51 | 2011-10-10 16:50:35 -0700 | [diff] [blame] | 1049 | builder.setSmallIcon(R.drawable.stat_notify_error); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1050 | builder.setTicker(title); |
| 1051 | builder.setContentTitle(title); |
| 1052 | builder.setContentText(body); |
Sanket Padawe | c015e1c | 2016-08-11 16:34:10 -0700 | [diff] [blame] | 1053 | builder.setDefaults(Notification.DEFAULT_ALL); |
| 1054 | builder.setPriority(Notification.PRIORITY_HIGH); |
Jeff Sharkey | 14711eb | 2011-06-15 10:29:17 -0700 | [diff] [blame] | 1055 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1056 | final Intent snoozeIntent = buildSnoozeWarningIntent(policy.template); |
| 1057 | builder.setDeleteIntent(PendingIntent.getBroadcast( |
| 1058 | mContext, 0, snoozeIntent, PendingIntent.FLAG_UPDATE_CURRENT)); |
| 1059 | |
| 1060 | final Intent viewIntent = buildViewDataUsageIntent(policy.template); |
Jeff Sharkey | 14711eb | 2011-06-15 10:29:17 -0700 | [diff] [blame] | 1061 | builder.setContentIntent(PendingIntent.getActivity( |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1062 | mContext, 0, viewIntent, PendingIntent.FLAG_UPDATE_CURRENT)); |
| 1063 | |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1064 | break; |
| 1065 | } |
| 1066 | case TYPE_LIMIT: { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1067 | final CharSequence body = res.getText(R.string.data_usage_limit_body); |
| 1068 | |
| 1069 | final CharSequence title; |
John Spurlock | aedebda | 2014-07-14 14:36:32 -0400 | [diff] [blame] | 1070 | int icon = R.drawable.stat_notify_disabled_data; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 1071 | switch (policy.template.getMatchRule()) { |
| 1072 | case MATCH_MOBILE_3G_LOWER: |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1073 | title = res.getText(R.string.data_usage_3g_limit_title); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1074 | break; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 1075 | case MATCH_MOBILE_4G: |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1076 | title = res.getText(R.string.data_usage_4g_limit_title); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1077 | break; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1078 | case MATCH_MOBILE_ALL: |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1079 | title = res.getText(R.string.data_usage_mobile_limit_title); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1080 | break; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1081 | case MATCH_WIFI: |
| 1082 | title = res.getText(R.string.data_usage_wifi_limit_title); |
John Spurlock | aedebda | 2014-07-14 14:36:32 -0400 | [diff] [blame] | 1083 | icon = R.drawable.stat_notify_error; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1084 | break; |
| 1085 | default: |
| 1086 | title = null; |
| 1087 | break; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1088 | } |
| 1089 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1090 | builder.setOngoing(true); |
John Spurlock | aedebda | 2014-07-14 14:36:32 -0400 | [diff] [blame] | 1091 | builder.setSmallIcon(icon); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1092 | builder.setTicker(title); |
| 1093 | builder.setContentTitle(title); |
| 1094 | builder.setContentText(body); |
Jeff Sharkey | 14711eb | 2011-06-15 10:29:17 -0700 | [diff] [blame] | 1095 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1096 | final Intent intent = buildNetworkOverLimitIntent(policy.template); |
| 1097 | builder.setContentIntent(PendingIntent.getActivity( |
| 1098 | mContext, 0, intent, PendingIntent.FLAG_UPDATE_CURRENT)); |
| 1099 | break; |
| 1100 | } |
| 1101 | case TYPE_LIMIT_SNOOZED: { |
| 1102 | final long overBytes = totalBytes - policy.limitBytes; |
| 1103 | final CharSequence body = res.getString(R.string.data_usage_limit_snoozed_body, |
| 1104 | Formatter.formatFileSize(mContext, overBytes)); |
| 1105 | |
| 1106 | final CharSequence title; |
| 1107 | switch (policy.template.getMatchRule()) { |
| 1108 | case MATCH_MOBILE_3G_LOWER: |
| 1109 | title = res.getText(R.string.data_usage_3g_limit_snoozed_title); |
| 1110 | break; |
| 1111 | case MATCH_MOBILE_4G: |
| 1112 | title = res.getText(R.string.data_usage_4g_limit_snoozed_title); |
| 1113 | break; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1114 | case MATCH_MOBILE_ALL: |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1115 | title = res.getText(R.string.data_usage_mobile_limit_snoozed_title); |
| 1116 | break; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1117 | case MATCH_WIFI: |
| 1118 | title = res.getText(R.string.data_usage_wifi_limit_snoozed_title); |
| 1119 | break; |
| 1120 | default: |
| 1121 | title = null; |
| 1122 | break; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1123 | } |
| 1124 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1125 | builder.setOngoing(true); |
Jeff Sharkey | 50e7e51 | 2011-10-10 16:50:35 -0700 | [diff] [blame] | 1126 | builder.setSmallIcon(R.drawable.stat_notify_error); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1127 | builder.setTicker(title); |
| 1128 | builder.setContentTitle(title); |
| 1129 | builder.setContentText(body); |
| 1130 | |
| 1131 | final Intent intent = buildViewDataUsageIntent(policy.template); |
Jeff Sharkey | 14711eb | 2011-06-15 10:29:17 -0700 | [diff] [blame] | 1132 | builder.setContentIntent(PendingIntent.getActivity( |
| 1133 | mContext, 0, intent, PendingIntent.FLAG_UPDATE_CURRENT)); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1134 | break; |
| 1135 | } |
| 1136 | } |
| 1137 | |
| 1138 | // TODO: move to NotificationManager once we can mock it |
| 1139 | try { |
| 1140 | final String packageName = mContext.getPackageName(); |
| 1141 | final int[] idReceived = new int[1]; |
| 1142 | mNotifManager.enqueueNotificationWithTag( |
Dianne Hackborn | f265ea9 | 2013-01-31 15:00:51 -0800 | [diff] [blame] | 1143 | packageName, packageName, tag, 0x0, builder.getNotification(), idReceived, |
Xiaohui Chen | be3b067 | 2015-09-02 13:29:22 -0700 | [diff] [blame] | 1144 | UserHandle.USER_ALL); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1145 | mActiveNotifs.add(tag); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1146 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 1147 | // ignored; service lives in system_server |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1148 | } |
| 1149 | } |
| 1150 | |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 1151 | private void cancelNotification(String tag) { |
| 1152 | // TODO: move to NotificationManager once we can mock it |
| 1153 | try { |
| 1154 | final String packageName = mContext.getPackageName(); |
| 1155 | mNotifManager.cancelNotificationWithTag( |
Xiaohui Chen | be3b067 | 2015-09-02 13:29:22 -0700 | [diff] [blame] | 1156 | packageName, tag, 0x0, UserHandle.USER_ALL); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1157 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 1158 | // ignored; service lives in system_server |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1159 | } |
| 1160 | } |
| 1161 | |
| 1162 | /** |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1163 | * Receiver that watches for {@link IConnectivityManager} to claim network |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 1164 | * interfaces. Used to apply {@link NetworkPolicy} to matching networks. |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1165 | */ |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 1166 | private BroadcastReceiver mConnReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1167 | @Override |
| 1168 | public void onReceive(Context context, Intent intent) { |
| 1169 | // on background handler thread, and verified CONNECTIVITY_INTERNAL |
| 1170 | // permission above. |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 1171 | |
| 1172 | maybeRefreshTrustedTime(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1173 | synchronized (mNetworkPoliciesSecondLock) { |
| 1174 | ensureActiveMobilePolicyNL(); |
| 1175 | normalizePoliciesNL(); |
| 1176 | updateNetworkEnabledNL(); |
| 1177 | updateNetworkRulesNL(); |
| 1178 | updateNotificationsNL(); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1179 | } |
| 1180 | } |
| 1181 | }; |
| 1182 | |
| 1183 | /** |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1184 | * Proactively control network data connections when they exceed |
| 1185 | * {@link NetworkPolicy#limitBytes}. |
| 1186 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1187 | void updateNetworkEnabledNL() { |
| 1188 | if (LOGV) Slog.v(TAG, "updateNetworkEnabledNL()"); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1189 | |
| 1190 | // TODO: reset any policy-disabled networks when any policy is removed |
| 1191 | // completely, which is currently rare case. |
| 1192 | |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 1193 | final long currentTime = currentTimeMillis(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1194 | for (int i = mNetworkPolicy.size()-1; i >= 0; i--) { |
| 1195 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1196 | // shortcut when policy has no limit |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1197 | if (policy.limitBytes == LIMIT_DISABLED || !policy.hasCycle()) { |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1198 | setNetworkTemplateEnabled(policy.template, true); |
| 1199 | continue; |
| 1200 | } |
| 1201 | |
| 1202 | final long start = computeLastCycleBoundary(currentTime, policy); |
| 1203 | final long end = currentTime; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1204 | final long totalBytes = getTotalBytes(policy.template, start, end); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1205 | |
| 1206 | // disable data connection when over limit and not snoozed |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1207 | final boolean overLimitWithoutSnooze = policy.isOverLimit(totalBytes) |
| 1208 | && policy.lastLimitSnooze < start; |
| 1209 | final boolean networkEnabled = !overLimitWithoutSnooze; |
Jeff Sharkey | 8e9992a | 2011-08-23 18:37:23 -0700 | [diff] [blame] | 1210 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1211 | setNetworkTemplateEnabled(policy.template, networkEnabled); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1212 | } |
| 1213 | } |
| 1214 | |
| 1215 | /** |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1216 | * Proactively disable networks that match the given |
| 1217 | * {@link NetworkTemplate}. |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1218 | */ |
| 1219 | private void setNetworkTemplateEnabled(NetworkTemplate template, boolean enabled) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1220 | // TODO: reach into ConnectivityManager to proactively disable bringing |
| 1221 | // up this network, since we know that traffic will be blocked. |
Jack Yu | 8781b68 | 2016-07-08 14:28:51 -0700 | [diff] [blame] | 1222 | |
| 1223 | if (template.getMatchRule() == MATCH_MOBILE_ALL) { |
| 1224 | // If mobile data usage hits the limit or if the user resumes the data, we need to |
| 1225 | // notify telephony. |
| 1226 | final SubscriptionManager sm = SubscriptionManager.from(mContext); |
| 1227 | final TelephonyManager tm = TelephonyManager.from(mContext); |
| 1228 | |
| 1229 | final int[] subIds = sm.getActiveSubscriptionIdList(); |
| 1230 | for (int subId : subIds) { |
| 1231 | final String subscriberId = tm.getSubscriberId(subId); |
| 1232 | final NetworkIdentity probeIdent = new NetworkIdentity(TYPE_MOBILE, |
| 1233 | TelephonyManager.NETWORK_TYPE_UNKNOWN, subscriberId, null, false, true); |
| 1234 | // Template is matched when subscriber id matches. |
| 1235 | if (template.matches(probeIdent)) { |
| 1236 | tm.setPolicyDataEnabled(enabled, subId); |
| 1237 | } |
| 1238 | } |
| 1239 | } |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1240 | } |
| 1241 | |
| 1242 | /** |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1243 | * Examine all connected {@link NetworkState}, looking for |
| 1244 | * {@link NetworkPolicy} that need to be enforced. When matches found, set |
| 1245 | * remaining quota based on usage cycle and historical stats. |
| 1246 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1247 | void updateNetworkRulesNL() { |
| 1248 | if (LOGV) Slog.v(TAG, "updateNetworkRulesNL()"); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1249 | |
| 1250 | final NetworkState[] states; |
| 1251 | try { |
| 1252 | states = mConnManager.getAllNetworkState(); |
| 1253 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 1254 | // ignored; service lives in system_server |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1255 | return; |
| 1256 | } |
| 1257 | |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 1258 | // First, generate identities of all connected networks so we can |
| 1259 | // quickly compare them against all defined policies below. |
| 1260 | final ArrayList<Pair<String, NetworkIdentity>> connIdents = new ArrayList<>(states.length); |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 1261 | final ArraySet<String> connIfaces = new ArraySet<String>(states.length); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1262 | for (NetworkState state : states) { |
Wei Liu | b8eaf45 | 2016-01-25 10:32:27 -0800 | [diff] [blame] | 1263 | if (state.networkInfo != null && state.networkInfo.isConnected()) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1264 | final NetworkIdentity ident = NetworkIdentity.buildNetworkIdentity(mContext, state); |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 1265 | |
| 1266 | final String baseIface = state.linkProperties.getInterfaceName(); |
Jeff Sharkey | 9da2f1e | 2014-08-14 12:55:00 -0700 | [diff] [blame] | 1267 | if (baseIface != null) { |
| 1268 | connIdents.add(Pair.create(baseIface, ident)); |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 1269 | } |
| 1270 | |
| 1271 | // Stacked interfaces are considered to have same identity as |
| 1272 | // their parent network. |
| 1273 | final List<LinkProperties> stackedLinks = state.linkProperties.getStackedLinks(); |
| 1274 | for (LinkProperties stackedLink : stackedLinks) { |
| 1275 | final String stackedIface = stackedLink.getInterfaceName(); |
Jeff Sharkey | 9da2f1e | 2014-08-14 12:55:00 -0700 | [diff] [blame] | 1276 | if (stackedIface != null) { |
| 1277 | connIdents.add(Pair.create(stackedIface, ident)); |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 1278 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1279 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1280 | } |
| 1281 | } |
| 1282 | |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 1283 | // Apply policies against all connected interfaces found above |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 1284 | mNetworkRules.clear(); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1285 | final ArrayList<String> ifaceList = Lists.newArrayList(); |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 1286 | for (int i = mNetworkPolicy.size() - 1; i >= 0; i--) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1287 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1288 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1289 | ifaceList.clear(); |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 1290 | for (int j = connIdents.size() - 1; j >= 0; j--) { |
| 1291 | final Pair<String, NetworkIdentity> ident = connIdents.get(j); |
| 1292 | if (policy.template.matches(ident.second)) { |
| 1293 | ifaceList.add(ident.first); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1294 | } |
| 1295 | } |
| 1296 | |
| 1297 | if (ifaceList.size() > 0) { |
| 1298 | final String[] ifaces = ifaceList.toArray(new String[ifaceList.size()]); |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 1299 | mNetworkRules.put(policy, ifaces); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1300 | } |
| 1301 | } |
| 1302 | |
Jeff Sharkey | ac3fcb1 | 2012-05-02 18:11:52 -0700 | [diff] [blame] | 1303 | long lowestRule = Long.MAX_VALUE; |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 1304 | final ArraySet<String> newMeteredIfaces = new ArraySet<String>(states.length); |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 1305 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1306 | // apply each policy that we found ifaces for; compute remaining data |
| 1307 | // based on current cycle and historical stats, and push to kernel. |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 1308 | final long currentTime = currentTimeMillis(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1309 | for (int i = mNetworkRules.size()-1; i >= 0; i--) { |
| 1310 | final NetworkPolicy policy = mNetworkRules.keyAt(i); |
| 1311 | final String[] ifaces = mNetworkRules.valueAt(i); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1312 | |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1313 | final long start; |
| 1314 | final long totalBytes; |
| 1315 | if (policy.hasCycle()) { |
| 1316 | start = computeLastCycleBoundary(currentTime, policy); |
| 1317 | totalBytes = getTotalBytes(policy.template, start, currentTime); |
| 1318 | } else { |
| 1319 | start = Long.MAX_VALUE; |
| 1320 | totalBytes = 0; |
| 1321 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1322 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1323 | if (LOGD) { |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 1324 | Slog.d(TAG, "applying policy " + policy + " to ifaces " + Arrays.toString(ifaces)); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1325 | } |
| 1326 | |
Jeff Sharkey | ac3fcb1 | 2012-05-02 18:11:52 -0700 | [diff] [blame] | 1327 | final boolean hasWarning = policy.warningBytes != LIMIT_DISABLED; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1328 | final boolean hasLimit = policy.limitBytes != LIMIT_DISABLED; |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 1329 | if (hasLimit || policy.metered) { |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1330 | final long quotaBytes; |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 1331 | if (!hasLimit) { |
| 1332 | // metered network, but no policy limit; we still need to |
| 1333 | // restrict apps, so push really high quota. |
| 1334 | quotaBytes = Long.MAX_VALUE; |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1335 | } else if (policy.lastLimitSnooze >= start) { |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1336 | // snoozing past quota, but we still need to restrict apps, |
| 1337 | // so push really high quota. |
| 1338 | quotaBytes = Long.MAX_VALUE; |
| 1339 | } else { |
| 1340 | // remaining "quota" bytes are based on total usage in |
| 1341 | // current cycle. kernel doesn't like 0-byte rules, so we |
| 1342 | // set 1-byte quota and disable the radio later. |
| 1343 | quotaBytes = Math.max(1, policy.limitBytes - totalBytes); |
| 1344 | } |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1345 | |
| 1346 | if (ifaces.length > 1) { |
| 1347 | // TODO: switch to shared quota once NMS supports |
| 1348 | Slog.w(TAG, "shared quota unsupported; generating rule for each iface"); |
Ashish Sharma | 50fd36d | 2011-06-15 19:34:53 -0700 | [diff] [blame] | 1349 | } |
| 1350 | |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 1351 | for (String iface : ifaces) { |
Amith Yamasani | 3646cbd | 2016-04-13 14:04:53 -0700 | [diff] [blame] | 1352 | // long quotaBytes split up into two ints to fit in message |
| 1353 | mHandler.obtainMessage(MSG_UPDATE_INTERFACE_QUOTA, |
| 1354 | (int) (quotaBytes >> 32), (int) (quotaBytes & 0xFFFFFFFF), iface) |
| 1355 | .sendToTarget(); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1356 | newMeteredIfaces.add(iface); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1357 | } |
| 1358 | } |
Jeff Sharkey | ac3fcb1 | 2012-05-02 18:11:52 -0700 | [diff] [blame] | 1359 | |
| 1360 | // keep track of lowest warning or limit of active policies |
| 1361 | if (hasWarning && policy.warningBytes < lowestRule) { |
| 1362 | lowestRule = policy.warningBytes; |
| 1363 | } |
| 1364 | if (hasLimit && policy.limitBytes < lowestRule) { |
| 1365 | lowestRule = policy.limitBytes; |
| 1366 | } |
| 1367 | } |
| 1368 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1369 | for (int i = connIfaces.size()-1; i >= 0; i--) { |
| 1370 | String iface = connIfaces.valueAt(i); |
Amith Yamasani | 3646cbd | 2016-04-13 14:04:53 -0700 | [diff] [blame] | 1371 | // long quotaBytes split up into two ints to fit in message |
| 1372 | mHandler.obtainMessage(MSG_UPDATE_INTERFACE_QUOTA, |
| 1373 | (int) (Long.MAX_VALUE >> 32), (int) (Long.MAX_VALUE & 0xFFFFFFFF), iface) |
| 1374 | .sendToTarget(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1375 | newMeteredIfaces.add(iface); |
| 1376 | } |
| 1377 | |
Jeff Sharkey | e19f39b | 2012-05-24 10:21:16 -0700 | [diff] [blame] | 1378 | mHandler.obtainMessage(MSG_ADVISE_PERSIST_THRESHOLD, lowestRule).sendToTarget(); |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 1379 | |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1380 | // remove quota on any trailing interfaces |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 1381 | for (int i = mMeteredIfaces.size() - 1; i >= 0; i--) { |
| 1382 | final String iface = mMeteredIfaces.valueAt(i); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1383 | if (!newMeteredIfaces.contains(iface)) { |
Amith Yamasani | 3646cbd | 2016-04-13 14:04:53 -0700 | [diff] [blame] | 1384 | mHandler.obtainMessage(MSG_REMOVE_INTERFACE_QUOTA, iface) |
| 1385 | .sendToTarget(); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1386 | } |
| 1387 | } |
| 1388 | mMeteredIfaces = newMeteredIfaces; |
| 1389 | |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 1390 | final String[] meteredIfaces = mMeteredIfaces.toArray(new String[mMeteredIfaces.size()]); |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 1391 | mHandler.obtainMessage(MSG_METERED_IFACES_CHANGED, meteredIfaces).sendToTarget(); |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 1392 | } |
| 1393 | |
| 1394 | /** |
| 1395 | * Once any {@link #mNetworkPolicy} are loaded from disk, ensure that we |
| 1396 | * have at least a default mobile policy defined. |
| 1397 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1398 | private void ensureActiveMobilePolicyNL() { |
| 1399 | if (LOGV) Slog.v(TAG, "ensureActiveMobilePolicyNL()"); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1400 | if (mSuppressDefaultPolicy) return; |
| 1401 | |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1402 | final TelephonyManager tele = TelephonyManager.from(mContext); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1403 | final SubscriptionManager sub = SubscriptionManager.from(mContext); |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1404 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1405 | final int[] subIds = sub.getActiveSubscriptionIdList(); |
| 1406 | for (int subId : subIds) { |
| 1407 | final String subscriberId = tele.getSubscriberId(subId); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1408 | ensureActiveMobilePolicyNL(subscriberId); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1409 | } |
| 1410 | } |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1411 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1412 | private void ensureActiveMobilePolicyNL(String subscriberId) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1413 | // Poke around to see if we already have a policy |
| 1414 | final NetworkIdentity probeIdent = new NetworkIdentity(TYPE_MOBILE, |
Jack Yu | 66a6be3 | 2016-03-30 11:14:39 -0700 | [diff] [blame] | 1415 | TelephonyManager.NETWORK_TYPE_UNKNOWN, subscriberId, null, false, true); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1416 | for (int i = mNetworkPolicy.size() - 1; i >= 0; i--) { |
| 1417 | final NetworkTemplate template = mNetworkPolicy.keyAt(i); |
| 1418 | if (template.matches(probeIdent)) { |
| 1419 | if (LOGD) { |
| 1420 | Slog.d(TAG, "Found template " + template + " which matches subscriber " |
| 1421 | + NetworkIdentity.scrubSubscriberId(subscriberId)); |
| 1422 | } |
| 1423 | return; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 1424 | } |
| 1425 | } |
| 1426 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1427 | Slog.i(TAG, "No policy for subscriber " + NetworkIdentity.scrubSubscriberId(subscriberId) |
| 1428 | + "; generating default policy"); |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 1429 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1430 | // Build default mobile policy, and assume usage cycle starts today |
| 1431 | final long warningBytes = mContext.getResources().getInteger( |
| 1432 | com.android.internal.R.integer.config_networkPolicyDefaultWarning) * MB_IN_BYTES; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 1433 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1434 | final Time time = new Time(); |
| 1435 | time.setToNow(); |
Jeff Sharkey | 9bf3150 | 2012-03-09 17:07:21 -0800 | [diff] [blame] | 1436 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1437 | final int cycleDay = time.monthDay; |
| 1438 | final String cycleTimezone = time.timezone; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 1439 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1440 | final NetworkTemplate template = buildTemplateMobileAll(subscriberId); |
| 1441 | final NetworkPolicy policy = new NetworkPolicy(template, cycleDay, cycleTimezone, |
| 1442 | warningBytes, LIMIT_DISABLED, SNOOZE_NEVER, SNOOZE_NEVER, true, true); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1443 | addNetworkPolicyNL(policy); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1444 | } |
| 1445 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1446 | private void readPolicyAL() { |
| 1447 | if (LOGV) Slog.v(TAG, "readPolicyAL()"); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1448 | |
| 1449 | // clear any existing policy and read from disk |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 1450 | mNetworkPolicy.clear(); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1451 | mUidPolicy.clear(); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1452 | |
| 1453 | FileInputStream fis = null; |
| 1454 | try { |
| 1455 | fis = mPolicyFile.openRead(); |
| 1456 | final XmlPullParser in = Xml.newPullParser(); |
Wojciech Staszkiewicz | 9e9e2e7 | 2015-05-08 14:58:46 +0100 | [diff] [blame] | 1457 | in.setInput(fis, StandardCharsets.UTF_8.name()); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1458 | |
| 1459 | int type; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1460 | int version = VERSION_INIT; |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 1461 | boolean insideWhitelist = false; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1462 | while ((type = in.next()) != END_DOCUMENT) { |
| 1463 | final String tag = in.getName(); |
| 1464 | if (type == START_TAG) { |
| 1465 | if (TAG_POLICY_LIST.equals(tag)) { |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 1466 | final boolean oldValue = mRestrictBackground; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1467 | version = readIntAttribute(in, ATTR_VERSION); |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 1468 | if (version >= VERSION_ADDED_RESTRICT_BACKGROUND) { |
| 1469 | mRestrictBackground = readBooleanAttribute( |
| 1470 | in, ATTR_RESTRICT_BACKGROUND); |
| 1471 | } else { |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 1472 | mRestrictBackground = false; |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 1473 | } |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 1474 | if (mRestrictBackground != oldValue) { |
| 1475 | // Some early services may have read the default value, |
| 1476 | // so notify them that it's changed |
| 1477 | mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_CHANGED, |
| 1478 | mRestrictBackground ? 1 : 0, 0).sendToTarget(); |
| 1479 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1480 | |
| 1481 | } else if (TAG_NETWORK_POLICY.equals(tag)) { |
| 1482 | final int networkTemplate = readIntAttribute(in, ATTR_NETWORK_TEMPLATE); |
| 1483 | final String subscriberId = in.getAttributeValue(null, ATTR_SUBSCRIBER_ID); |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1484 | final String networkId; |
| 1485 | if (version >= VERSION_ADDED_NETWORK_ID) { |
| 1486 | networkId = in.getAttributeValue(null, ATTR_NETWORK_ID); |
| 1487 | } else { |
| 1488 | networkId = null; |
| 1489 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1490 | final int cycleDay = readIntAttribute(in, ATTR_CYCLE_DAY); |
Jeff Sharkey | 9bf3150 | 2012-03-09 17:07:21 -0800 | [diff] [blame] | 1491 | final String cycleTimezone; |
| 1492 | if (version >= VERSION_ADDED_TIMEZONE) { |
| 1493 | cycleTimezone = in.getAttributeValue(null, ATTR_CYCLE_TIMEZONE); |
| 1494 | } else { |
| 1495 | cycleTimezone = Time.TIMEZONE_UTC; |
| 1496 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1497 | final long warningBytes = readLongAttribute(in, ATTR_WARNING_BYTES); |
| 1498 | final long limitBytes = readLongAttribute(in, ATTR_LIMIT_BYTES); |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1499 | final long lastLimitSnooze; |
| 1500 | if (version >= VERSION_SPLIT_SNOOZE) { |
| 1501 | lastLimitSnooze = readLongAttribute(in, ATTR_LAST_LIMIT_SNOOZE); |
| 1502 | } else if (version >= VERSION_ADDED_SNOOZE) { |
| 1503 | lastLimitSnooze = readLongAttribute(in, ATTR_LAST_SNOOZE); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1504 | } else { |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1505 | lastLimitSnooze = SNOOZE_NEVER; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1506 | } |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 1507 | final boolean metered; |
| 1508 | if (version >= VERSION_ADDED_METERED) { |
| 1509 | metered = readBooleanAttribute(in, ATTR_METERED); |
| 1510 | } else { |
| 1511 | switch (networkTemplate) { |
| 1512 | case MATCH_MOBILE_3G_LOWER: |
| 1513 | case MATCH_MOBILE_4G: |
| 1514 | case MATCH_MOBILE_ALL: |
| 1515 | metered = true; |
| 1516 | break; |
| 1517 | default: |
| 1518 | metered = false; |
| 1519 | } |
| 1520 | } |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1521 | final long lastWarningSnooze; |
| 1522 | if (version >= VERSION_SPLIT_SNOOZE) { |
| 1523 | lastWarningSnooze = readLongAttribute(in, ATTR_LAST_WARNING_SNOOZE); |
| 1524 | } else { |
| 1525 | lastWarningSnooze = SNOOZE_NEVER; |
| 1526 | } |
Jeff Sharkey | 837f924 | 2012-03-20 16:52:20 -0700 | [diff] [blame] | 1527 | final boolean inferred; |
| 1528 | if (version >= VERSION_ADDED_INFERRED) { |
| 1529 | inferred = readBooleanAttribute(in, ATTR_INFERRED); |
| 1530 | } else { |
| 1531 | inferred = false; |
| 1532 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1533 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1534 | final NetworkTemplate template = new NetworkTemplate(networkTemplate, |
| 1535 | subscriberId, networkId); |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 1536 | if (template.isPersistable()) { |
| 1537 | mNetworkPolicy.put(template, new NetworkPolicy(template, cycleDay, |
| 1538 | cycleTimezone, warningBytes, limitBytes, lastWarningSnooze, |
| 1539 | lastLimitSnooze, metered, inferred)); |
| 1540 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1541 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1542 | } else if (TAG_UID_POLICY.equals(tag)) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1543 | final int uid = readIntAttribute(in, ATTR_UID); |
| 1544 | final int policy = readIntAttribute(in, ATTR_POLICY); |
| 1545 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1546 | if (UserHandle.isApp(uid)) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1547 | setUidPolicyUncheckedUL(uid, policy, false); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1548 | } else { |
| 1549 | Slog.w(TAG, "unable to apply policy to UID " + uid + "; ignoring"); |
| 1550 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1551 | } else if (TAG_APP_POLICY.equals(tag)) { |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 1552 | final int appId = readIntAttribute(in, ATTR_APP_ID); |
| 1553 | final int policy = readIntAttribute(in, ATTR_POLICY); |
| 1554 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1555 | // TODO: set for other users during upgrade |
Xiaohui Chen | be3b067 | 2015-09-02 13:29:22 -0700 | [diff] [blame] | 1556 | // app policy is deprecated so this is only used in pre system user split. |
| 1557 | final int uid = UserHandle.getUid(UserHandle.USER_SYSTEM, appId); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1558 | if (UserHandle.isApp(uid)) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1559 | setUidPolicyUncheckedUL(uid, policy, false); |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 1560 | } else { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1561 | Slog.w(TAG, "unable to apply policy to UID " + uid + "; ignoring"); |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 1562 | } |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 1563 | } else if (TAG_WHITELIST.equals(tag)) { |
| 1564 | insideWhitelist = true; |
| 1565 | } else if (TAG_RESTRICT_BACKGROUND.equals(tag) && insideWhitelist) { |
| 1566 | final int uid = readIntAttribute(in, ATTR_UID); |
| 1567 | mRestrictBackgroundWhitelistUids.put(uid, true); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 1568 | } else if (TAG_REVOKED_RESTRICT_BACKGROUND.equals(tag) && insideWhitelist) { |
| 1569 | final int uid = readIntAttribute(in, ATTR_UID); |
| 1570 | mRestrictBackgroundWhitelistRevokedUids.put(uid, true); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1571 | } |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 1572 | } else if (type == END_TAG) { |
| 1573 | if (TAG_WHITELIST.equals(tag)) { |
| 1574 | insideWhitelist = false; |
| 1575 | } |
| 1576 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1577 | } |
| 1578 | } |
| 1579 | |
| 1580 | } catch (FileNotFoundException e) { |
| 1581 | // missing policy is okay, probably first boot |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1582 | upgradeLegacyBackgroundDataUL(); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1583 | } catch (IOException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 1584 | Log.wtf(TAG, "problem reading network policy", e); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1585 | } catch (XmlPullParserException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 1586 | Log.wtf(TAG, "problem reading network policy", e); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1587 | } finally { |
| 1588 | IoUtils.closeQuietly(fis); |
| 1589 | } |
| 1590 | } |
| 1591 | |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 1592 | /** |
| 1593 | * Upgrade legacy background data flags, notifying listeners of one last |
| 1594 | * change to always-true. |
| 1595 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1596 | private void upgradeLegacyBackgroundDataUL() { |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 1597 | mRestrictBackground = Settings.Secure.getInt( |
| 1598 | mContext.getContentResolver(), Settings.Secure.BACKGROUND_DATA, 1) != 1; |
| 1599 | |
| 1600 | // kick off one last broadcast if restricted |
| 1601 | if (mRestrictBackground) { |
| 1602 | final Intent broadcast = new Intent( |
| 1603 | ConnectivityManager.ACTION_BACKGROUND_DATA_SETTING_CHANGED); |
Dianne Hackborn | 5ac72a2 | 2012-08-29 18:32:08 -0700 | [diff] [blame] | 1604 | mContext.sendBroadcastAsUser(broadcast, UserHandle.ALL); |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 1605 | } |
| 1606 | } |
| 1607 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1608 | void writePolicyAL() { |
| 1609 | if (LOGV) Slog.v(TAG, "writePolicyAL()"); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1610 | |
| 1611 | FileOutputStream fos = null; |
| 1612 | try { |
| 1613 | fos = mPolicyFile.startWrite(); |
| 1614 | |
| 1615 | XmlSerializer out = new FastXmlSerializer(); |
Wojciech Staszkiewicz | 9e9e2e7 | 2015-05-08 14:58:46 +0100 | [diff] [blame] | 1616 | out.setOutput(fos, StandardCharsets.UTF_8.name()); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1617 | out.startDocument(null, true); |
| 1618 | |
| 1619 | out.startTag(null, TAG_POLICY_LIST); |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1620 | writeIntAttribute(out, ATTR_VERSION, VERSION_LATEST); |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 1621 | writeBooleanAttribute(out, ATTR_RESTRICT_BACKGROUND, mRestrictBackground); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1622 | |
| 1623 | // write all known network policies |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1624 | for (int i = 0; i < mNetworkPolicy.size(); i++) { |
| 1625 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 1626 | final NetworkTemplate template = policy.template; |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 1627 | if (!template.isPersistable()) continue; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 1628 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1629 | out.startTag(null, TAG_NETWORK_POLICY); |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 1630 | writeIntAttribute(out, ATTR_NETWORK_TEMPLATE, template.getMatchRule()); |
| 1631 | final String subscriberId = template.getSubscriberId(); |
| 1632 | if (subscriberId != null) { |
| 1633 | out.attribute(null, ATTR_SUBSCRIBER_ID, subscriberId); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1634 | } |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1635 | final String networkId = template.getNetworkId(); |
| 1636 | if (networkId != null) { |
| 1637 | out.attribute(null, ATTR_NETWORK_ID, networkId); |
| 1638 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1639 | writeIntAttribute(out, ATTR_CYCLE_DAY, policy.cycleDay); |
Jeff Sharkey | 9bf3150 | 2012-03-09 17:07:21 -0800 | [diff] [blame] | 1640 | out.attribute(null, ATTR_CYCLE_TIMEZONE, policy.cycleTimezone); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1641 | writeLongAttribute(out, ATTR_WARNING_BYTES, policy.warningBytes); |
| 1642 | writeLongAttribute(out, ATTR_LIMIT_BYTES, policy.limitBytes); |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1643 | writeLongAttribute(out, ATTR_LAST_WARNING_SNOOZE, policy.lastWarningSnooze); |
| 1644 | writeLongAttribute(out, ATTR_LAST_LIMIT_SNOOZE, policy.lastLimitSnooze); |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 1645 | writeBooleanAttribute(out, ATTR_METERED, policy.metered); |
Jeff Sharkey | 837f924 | 2012-03-20 16:52:20 -0700 | [diff] [blame] | 1646 | writeBooleanAttribute(out, ATTR_INFERRED, policy.inferred); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1647 | out.endTag(null, TAG_NETWORK_POLICY); |
| 1648 | } |
| 1649 | |
| 1650 | // write all known uid policies |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1651 | for (int i = 0; i < mUidPolicy.size(); i++) { |
| 1652 | final int uid = mUidPolicy.keyAt(i); |
| 1653 | final int policy = mUidPolicy.valueAt(i); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1654 | |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1655 | // skip writing empty policies |
| 1656 | if (policy == POLICY_NONE) continue; |
| 1657 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1658 | out.startTag(null, TAG_UID_POLICY); |
| 1659 | writeIntAttribute(out, ATTR_UID, uid); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1660 | writeIntAttribute(out, ATTR_POLICY, policy); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1661 | out.endTag(null, TAG_UID_POLICY); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1662 | } |
| 1663 | |
| 1664 | out.endTag(null, TAG_POLICY_LIST); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 1665 | |
| 1666 | // write all whitelists |
| 1667 | out.startTag(null, TAG_WHITELIST); |
| 1668 | |
| 1669 | // restrict background whitelist |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 1670 | int size = mRestrictBackgroundWhitelistUids.size(); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 1671 | for (int i = 0; i < size; i++) { |
| 1672 | final int uid = mRestrictBackgroundWhitelistUids.keyAt(i); |
| 1673 | out.startTag(null, TAG_RESTRICT_BACKGROUND); |
| 1674 | writeIntAttribute(out, ATTR_UID, uid); |
| 1675 | out.endTag(null, TAG_RESTRICT_BACKGROUND); |
| 1676 | } |
| 1677 | |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 1678 | // revoked restrict background whitelist |
| 1679 | size = mRestrictBackgroundWhitelistRevokedUids.size(); |
| 1680 | for (int i = 0; i < size; i++) { |
| 1681 | final int uid = mRestrictBackgroundWhitelistRevokedUids.keyAt(i); |
| 1682 | out.startTag(null, TAG_REVOKED_RESTRICT_BACKGROUND); |
| 1683 | writeIntAttribute(out, ATTR_UID, uid); |
| 1684 | out.endTag(null, TAG_REVOKED_RESTRICT_BACKGROUND); |
| 1685 | } |
| 1686 | |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 1687 | out.endTag(null, TAG_WHITELIST); |
| 1688 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1689 | out.endDocument(); |
| 1690 | |
| 1691 | mPolicyFile.finishWrite(fos); |
| 1692 | } catch (IOException e) { |
| 1693 | if (fos != null) { |
| 1694 | mPolicyFile.failWrite(fos); |
| 1695 | } |
| 1696 | } |
| 1697 | } |
| 1698 | |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 1699 | @Override |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1700 | public void setUidPolicy(int uid, int policy) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1701 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 1702 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1703 | if (!UserHandle.isApp(uid)) { |
| 1704 | throw new IllegalArgumentException("cannot apply policy to UID " + uid); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1705 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1706 | synchronized (mUidRulesFirstLock) { |
Julia Reynolds | 72f83d6 | 2015-07-27 15:10:42 -0400 | [diff] [blame] | 1707 | final long token = Binder.clearCallingIdentity(); |
| 1708 | try { |
| 1709 | final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE); |
| 1710 | if (oldPolicy != policy) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1711 | setUidPolicyUncheckedUL(uid, oldPolicy, policy, true); |
Julia Reynolds | 72f83d6 | 2015-07-27 15:10:42 -0400 | [diff] [blame] | 1712 | } |
| 1713 | } finally { |
| 1714 | Binder.restoreCallingIdentity(token); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1715 | } |
| 1716 | } |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1717 | } |
| 1718 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1719 | @Override |
| 1720 | public void addUidPolicy(int uid, int policy) { |
| 1721 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 1722 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1723 | if (!UserHandle.isApp(uid)) { |
| 1724 | throw new IllegalArgumentException("cannot apply policy to UID " + uid); |
| 1725 | } |
| 1726 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1727 | synchronized (mUidRulesFirstLock) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1728 | final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE); |
| 1729 | policy |= oldPolicy; |
| 1730 | if (oldPolicy != policy) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1731 | setUidPolicyUncheckedUL(uid, oldPolicy, policy, true); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1732 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1733 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 1734 | } |
| 1735 | |
| 1736 | @Override |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1737 | public void removeUidPolicy(int uid, int policy) { |
| 1738 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 1739 | |
| 1740 | if (!UserHandle.isApp(uid)) { |
| 1741 | throw new IllegalArgumentException("cannot apply policy to UID " + uid); |
| 1742 | } |
| 1743 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1744 | synchronized (mUidRulesFirstLock) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1745 | final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE); |
| 1746 | policy = oldPolicy & ~policy; |
| 1747 | if (oldPolicy != policy) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1748 | setUidPolicyUncheckedUL(uid, oldPolicy, policy, true); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1749 | } |
| 1750 | } |
| 1751 | } |
| 1752 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1753 | private void setUidPolicyUncheckedUL(int uid, int oldPolicy, int policy, boolean persist) { |
| 1754 | setUidPolicyUncheckedUL(uid, policy, persist); |
Felipe Leme | 923845f | 2016-03-02 13:42:48 -0800 | [diff] [blame] | 1755 | |
Felipe Leme | 99d5d3d | 2016-05-16 13:30:57 -0700 | [diff] [blame] | 1756 | final boolean isBlacklisted = policy == POLICY_REJECT_METERED_BACKGROUND; |
| 1757 | mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_BLACKLIST_CHANGED, uid, |
| 1758 | isBlacklisted ? 1 : 0).sendToTarget(); |
| 1759 | |
| 1760 | final boolean wasBlacklisted = oldPolicy == POLICY_REJECT_METERED_BACKGROUND; |
Felipe Leme | 923845f | 2016-03-02 13:42:48 -0800 | [diff] [blame] | 1761 | // Checks if app was added or removed to the blacklist. |
Felipe Leme | 99d5d3d | 2016-05-16 13:30:57 -0700 | [diff] [blame] | 1762 | if ((oldPolicy == POLICY_NONE && isBlacklisted) |
| 1763 | || (wasBlacklisted && policy == POLICY_NONE)) { |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 1764 | mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_WHITELIST_CHANGED, uid, 1, null) |
Felipe Leme | 923845f | 2016-03-02 13:42:48 -0800 | [diff] [blame] | 1765 | .sendToTarget(); |
| 1766 | } |
| 1767 | } |
| 1768 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1769 | private void setUidPolicyUncheckedUL(int uid, int policy, boolean persist) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1770 | mUidPolicy.put(uid, policy); |
| 1771 | |
| 1772 | // uid policy changed, recompute rules and persist policy. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1773 | updateRulesForDataUsageRestrictionsUL(uid); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1774 | if (persist) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1775 | synchronized (mNetworkPoliciesSecondLock) { |
| 1776 | writePolicyAL(); |
| 1777 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1778 | } |
| 1779 | } |
| 1780 | |
| 1781 | @Override |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1782 | public int getUidPolicy(int uid) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1783 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 1784 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1785 | synchronized (mUidRulesFirstLock) { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1786 | return mUidPolicy.get(uid, POLICY_NONE); |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 1787 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 1788 | } |
| 1789 | |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 1790 | @Override |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1791 | public int[] getUidsWithPolicy(int policy) { |
Jeff Sharkey | 854b2b1 | 2012-04-13 16:03:40 -0700 | [diff] [blame] | 1792 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 1793 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1794 | int[] uids = new int[0]; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1795 | synchronized (mUidRulesFirstLock) { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1796 | for (int i = 0; i < mUidPolicy.size(); i++) { |
| 1797 | final int uid = mUidPolicy.keyAt(i); |
| 1798 | final int uidPolicy = mUidPolicy.valueAt(i); |
| 1799 | if (uidPolicy == policy) { |
| 1800 | uids = appendInt(uids, uid); |
Jeff Sharkey | 854b2b1 | 2012-04-13 16:03:40 -0700 | [diff] [blame] | 1801 | } |
| 1802 | } |
| 1803 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1804 | return uids; |
| 1805 | } |
| 1806 | |
| 1807 | /** |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 1808 | * Removes any persistable state associated with given {@link UserHandle}, persisting |
| 1809 | * if any changes that are made. |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1810 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1811 | boolean removeUserStateUL(int userId, boolean writePolicy) { |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 1812 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1813 | if (LOGV) Slog.v(TAG, "removeUserStateUL()"); |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 1814 | boolean changed = false; |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1815 | |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 1816 | // Remove entries from restricted background UID whitelist |
| 1817 | int[] wlUids = new int[0]; |
| 1818 | for (int i = 0; i < mRestrictBackgroundWhitelistUids.size(); i++) { |
| 1819 | final int uid = mRestrictBackgroundWhitelistUids.keyAt(i); |
| 1820 | if (UserHandle.getUserId(uid) == userId) { |
| 1821 | wlUids = appendInt(wlUids, uid); |
| 1822 | } |
| 1823 | } |
| 1824 | |
| 1825 | if (wlUids.length > 0) { |
| 1826 | for (int uid : wlUids) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1827 | removeRestrictBackgroundWhitelistedUidUL(uid, false, false); |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 1828 | } |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 1829 | changed = true; |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 1830 | } |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 1831 | |
| 1832 | // Remove entries from revoked default restricted background UID whitelist |
| 1833 | for (int i = mRestrictBackgroundWhitelistRevokedUids.size() - 1; i >= 0; i--) { |
| 1834 | final int uid = mRestrictBackgroundWhitelistRevokedUids.keyAt(i); |
| 1835 | if (UserHandle.getUserId(uid) == userId) { |
| 1836 | mRestrictBackgroundWhitelistRevokedUids.removeAt(i); |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 1837 | changed = true; |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 1838 | } |
| 1839 | } |
| 1840 | |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 1841 | // Remove associated UID policies |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1842 | int[] uids = new int[0]; |
| 1843 | for (int i = 0; i < mUidPolicy.size(); i++) { |
| 1844 | final int uid = mUidPolicy.keyAt(i); |
| 1845 | if (UserHandle.getUserId(uid) == userId) { |
| 1846 | uids = appendInt(uids, uid); |
| 1847 | } |
| 1848 | } |
| 1849 | |
| 1850 | if (uids.length > 0) { |
| 1851 | for (int uid : uids) { |
| 1852 | mUidPolicy.delete(uid); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1853 | } |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 1854 | changed = true; |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 1855 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1856 | synchronized (mNetworkPoliciesSecondLock) { |
| 1857 | updateRulesForGlobalChangeAL(true); |
| 1858 | if (writePolicy && changed) { |
| 1859 | writePolicyAL(); |
| 1860 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1861 | } |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 1862 | return changed; |
Jeff Sharkey | 854b2b1 | 2012-04-13 16:03:40 -0700 | [diff] [blame] | 1863 | } |
| 1864 | |
| 1865 | @Override |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 1866 | public void setConnectivityListener(INetworkPolicyListener listener) { |
| 1867 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 1868 | if (mConnectivityListener != null) { |
| 1869 | throw new IllegalStateException("Connectivity listener already registered"); |
| 1870 | } |
| 1871 | mConnectivityListener = listener; |
| 1872 | } |
| 1873 | |
| 1874 | @Override |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 1875 | public void registerListener(INetworkPolicyListener listener) { |
Jeff Sharkey | 1a30395 | 2011-06-16 13:04:20 -0700 | [diff] [blame] | 1876 | // TODO: create permission for observing network policy |
| 1877 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 1878 | mListeners.register(listener); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 1879 | } |
| 1880 | |
| 1881 | @Override |
| 1882 | public void unregisterListener(INetworkPolicyListener listener) { |
Jeff Sharkey | 1a30395 | 2011-06-16 13:04:20 -0700 | [diff] [blame] | 1883 | // TODO: create permission for observing network policy |
| 1884 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 1885 | mListeners.unregister(listener); |
| 1886 | } |
| 1887 | |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 1888 | @Override |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 1889 | public void setNetworkPolicies(NetworkPolicy[] policies) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1890 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 1891 | |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 1892 | final long token = Binder.clearCallingIdentity(); |
| 1893 | try { |
| 1894 | maybeRefreshTrustedTime(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1895 | synchronized (mUidRulesFirstLock) { |
| 1896 | synchronized (mNetworkPoliciesSecondLock) { |
| 1897 | normalizePoliciesNL(policies); |
| 1898 | updateNetworkEnabledNL(); |
| 1899 | updateNetworkRulesNL(); |
| 1900 | updateNotificationsNL(); |
| 1901 | writePolicyAL(); |
| 1902 | } |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 1903 | } |
| 1904 | } finally { |
| 1905 | Binder.restoreCallingIdentity(token); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1906 | } |
| 1907 | } |
| 1908 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1909 | void addNetworkPolicyNL(NetworkPolicy policy) { |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 1910 | NetworkPolicy[] policies = getNetworkPolicies(mContext.getOpPackageName()); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1911 | policies = ArrayUtils.appendElement(NetworkPolicy.class, policies, policy); |
| 1912 | setNetworkPolicies(policies); |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 1913 | } |
| 1914 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1915 | @Override |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 1916 | public NetworkPolicy[] getNetworkPolicies(String callingPackage) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1917 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Amit Mahajan | 7c5befa | 2015-07-14 10:26:00 -0700 | [diff] [blame] | 1918 | try { |
Amit Mahajan | a9e72a7 | 2015-07-30 16:04:13 -0700 | [diff] [blame] | 1919 | mContext.enforceCallingOrSelfPermission(READ_PRIVILEGED_PHONE_STATE, TAG); |
| 1920 | // SKIP checking run-time OP_READ_PHONE_STATE since caller or self has PRIVILEGED |
| 1921 | // permission |
Amit Mahajan | 7c5befa | 2015-07-14 10:26:00 -0700 | [diff] [blame] | 1922 | } catch (SecurityException e) { |
| 1923 | mContext.enforceCallingOrSelfPermission(READ_PHONE_STATE, TAG); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1924 | |
Amit Mahajan | 7c5befa | 2015-07-14 10:26:00 -0700 | [diff] [blame] | 1925 | if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(), |
| 1926 | callingPackage) != AppOpsManager.MODE_ALLOWED) { |
| 1927 | return new NetworkPolicy[0]; |
| 1928 | } |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 1929 | } |
| 1930 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1931 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1932 | final int size = mNetworkPolicy.size(); |
| 1933 | final NetworkPolicy[] policies = new NetworkPolicy[size]; |
| 1934 | for (int i = 0; i < size; i++) { |
| 1935 | policies[i] = mNetworkPolicy.valueAt(i); |
| 1936 | } |
| 1937 | return policies; |
| 1938 | } |
| 1939 | } |
| 1940 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1941 | private void normalizePoliciesNL() { |
| 1942 | normalizePoliciesNL(getNetworkPolicies(mContext.getOpPackageName())); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1943 | } |
| 1944 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1945 | private void normalizePoliciesNL(NetworkPolicy[] policies) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1946 | final TelephonyManager tele = TelephonyManager.from(mContext); |
| 1947 | final String[] merged = tele.getMergedSubscriberIds(); |
| 1948 | |
| 1949 | mNetworkPolicy.clear(); |
| 1950 | for (NetworkPolicy policy : policies) { |
| 1951 | // When two normalized templates conflict, prefer the most |
| 1952 | // restrictive policy |
| 1953 | policy.template = NetworkTemplate.normalize(policy.template, merged); |
| 1954 | final NetworkPolicy existing = mNetworkPolicy.get(policy.template); |
| 1955 | if (existing == null || existing.compareTo(policy) > 0) { |
| 1956 | if (existing != null) { |
| 1957 | Slog.d(TAG, "Normalization replaced " + existing + " with " + policy); |
| 1958 | } |
| 1959 | mNetworkPolicy.put(policy.template, policy); |
| 1960 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1961 | } |
| 1962 | } |
| 1963 | |
| 1964 | @Override |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1965 | public void snoozeLimit(NetworkTemplate template) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1966 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Jeff Sharkey | 6c0b4f3 | 2012-06-12 21:06:30 -0700 | [diff] [blame] | 1967 | |
| 1968 | final long token = Binder.clearCallingIdentity(); |
| 1969 | try { |
| 1970 | performSnooze(template, TYPE_LIMIT); |
| 1971 | } finally { |
| 1972 | Binder.restoreCallingIdentity(token); |
| 1973 | } |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1974 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1975 | |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 1976 | void performSnooze(NetworkTemplate template, int type) { |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 1977 | maybeRefreshTrustedTime(); |
| 1978 | final long currentTime = currentTimeMillis(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1979 | synchronized (mUidRulesFirstLock) { |
| 1980 | synchronized (mNetworkPoliciesSecondLock) { |
| 1981 | // find and snooze local policy that matches |
| 1982 | final NetworkPolicy policy = mNetworkPolicy.get(template); |
| 1983 | if (policy == null) { |
| 1984 | throw new IllegalArgumentException("unable to find policy for " + template); |
| 1985 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1986 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1987 | switch (type) { |
| 1988 | case TYPE_WARNING: |
| 1989 | policy.lastWarningSnooze = currentTime; |
| 1990 | break; |
| 1991 | case TYPE_LIMIT: |
| 1992 | policy.lastLimitSnooze = currentTime; |
| 1993 | break; |
| 1994 | default: |
| 1995 | throw new IllegalArgumentException("unexpected type"); |
| 1996 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1997 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1998 | normalizePoliciesNL(); |
| 1999 | updateNetworkEnabledNL(); |
| 2000 | updateNetworkRulesNL(); |
| 2001 | updateNotificationsNL(); |
| 2002 | writePolicyAL(); |
| 2003 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2004 | } |
| 2005 | } |
| 2006 | |
| 2007 | @Override |
Felipe Leme | 70c8b9b | 2016-04-25 14:41:31 -0700 | [diff] [blame] | 2008 | public void onTetheringChanged(String iface, boolean tethering) { |
| 2009 | // No need to enforce permission because setRestrictBackground() will do it. |
| 2010 | if (LOGD) Log.d(TAG, "onTetherStateChanged(" + iface + ", " + tethering + ")"); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2011 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | 70c8b9b | 2016-04-25 14:41:31 -0700 | [diff] [blame] | 2012 | if (mRestrictBackground && tethering) { |
| 2013 | Log.d(TAG, "Tethering on (" + iface +"); disable Data Saver"); |
| 2014 | setRestrictBackground(false); |
| 2015 | } |
| 2016 | } |
| 2017 | } |
| 2018 | |
| 2019 | @Override |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2020 | public void setRestrictBackground(boolean restrictBackground) { |
| 2021 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 2022 | final long token = Binder.clearCallingIdentity(); |
| 2023 | try { |
| 2024 | maybeRefreshTrustedTime(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2025 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2026 | if (restrictBackground == mRestrictBackground) { |
| 2027 | // Ideally, UI should never allow this scenario... |
| 2028 | Slog.w(TAG, "setRestrictBackground: already " + restrictBackground); |
| 2029 | return; |
| 2030 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2031 | setRestrictBackgroundUL(restrictBackground); |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 2032 | } |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2033 | |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 2034 | } finally { |
| 2035 | Binder.restoreCallingIdentity(token); |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2036 | } |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 2037 | |
| 2038 | mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_CHANGED, restrictBackground ? 1 : 0, 0) |
| 2039 | .sendToTarget(); |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2040 | } |
| 2041 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2042 | private void setRestrictBackgroundUL(boolean restrictBackground) { |
Felipe Leme | a154089 | 2016-06-21 13:08:55 -0700 | [diff] [blame] | 2043 | Slog.d(TAG, "setRestrictBackgroundUL(): " + restrictBackground); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2044 | final boolean oldRestrictBackground = mRestrictBackground; |
| 2045 | mRestrictBackground = restrictBackground; |
| 2046 | // Must whitelist foreground apps before turning data saver mode on. |
| 2047 | // TODO: there is no need to iterate through all apps here, just those in the foreground, |
| 2048 | // so it could call AM to get the UIDs of such apps, and iterate through them instead. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2049 | updateRulesForAllAppsUL(TYPE_RESTRICT_BACKGROUND); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2050 | try { |
| 2051 | if (!mNetworkManager.setDataSaverModeEnabled(mRestrictBackground)) { |
| 2052 | Slog.e(TAG, "Could not change Data Saver Mode on NMS to " + mRestrictBackground); |
| 2053 | mRestrictBackground = oldRestrictBackground; |
| 2054 | // TODO: if it knew the foreground apps (see TODO above), it could call |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2055 | // updateRulesForRestrictBackgroundUL() again to restore state. |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2056 | return; |
| 2057 | } |
| 2058 | } catch (RemoteException e) { |
| 2059 | // ignored; service lives in system_server |
| 2060 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2061 | synchronized (mNetworkPoliciesSecondLock) { |
| 2062 | updateNotificationsNL(); |
| 2063 | writePolicyAL(); |
| 2064 | } |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2065 | } |
| 2066 | |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2067 | @Override |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2068 | public void addRestrictBackgroundWhitelistedUid(int uid) { |
| 2069 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2070 | final boolean oldStatus; |
Felipe Leme | 01e05e7 | 2016-03-31 10:09:24 -0700 | [diff] [blame] | 2071 | final boolean needFirewallRules; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2072 | int changed; |
| 2073 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2074 | oldStatus = mRestrictBackgroundWhitelistUids.get(uid); |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2075 | if (oldStatus) { |
| 2076 | if (LOGD) Slog.d(TAG, "uid " + uid + " is already whitelisted"); |
| 2077 | return; |
| 2078 | } |
Felipe Leme | 01e05e7 | 2016-03-31 10:09:24 -0700 | [diff] [blame] | 2079 | needFirewallRules = isUidValidForWhitelistRules(uid); |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2080 | Slog.i(TAG, "adding uid " + uid + " to restrict background whitelist"); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2081 | mRestrictBackgroundWhitelistUids.append(uid, true); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 2082 | if (mDefaultRestrictBackgroundWhitelistUids.get(uid) |
| 2083 | && mRestrictBackgroundWhitelistRevokedUids.get(uid)) { |
| 2084 | if (LOGD) Slog.d(TAG, "Removing uid " + uid |
| 2085 | + " from revoked restrict background whitelist"); |
| 2086 | mRestrictBackgroundWhitelistRevokedUids.delete(uid); |
| 2087 | } |
Felipe Leme | 01e05e7 | 2016-03-31 10:09:24 -0700 | [diff] [blame] | 2088 | if (needFirewallRules) { |
| 2089 | // Only update firewall rules if necessary... |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2090 | updateRulesForDataUsageRestrictionsUL(uid); |
Felipe Leme | 01e05e7 | 2016-03-31 10:09:24 -0700 | [diff] [blame] | 2091 | } |
| 2092 | // ...but always persists the whitelist request. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2093 | synchronized (mNetworkPoliciesSecondLock) { |
| 2094 | writePolicyAL(); |
| 2095 | } |
| 2096 | changed = (mRestrictBackground && !oldStatus && needFirewallRules) ? 1 : 0; |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2097 | } |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 2098 | mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_WHITELIST_CHANGED, uid, changed, |
| 2099 | Boolean.TRUE).sendToTarget(); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2100 | } |
| 2101 | |
| 2102 | @Override |
| 2103 | public void removeRestrictBackgroundWhitelistedUid(int uid) { |
| 2104 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2105 | final boolean changed; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2106 | synchronized (mUidRulesFirstLock) { |
| 2107 | changed = removeRestrictBackgroundWhitelistedUidUL(uid, false, true); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2108 | } |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 2109 | mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_WHITELIST_CHANGED, uid, changed ? 1 : 0, |
| 2110 | Boolean.FALSE).sendToTarget(); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2111 | } |
| 2112 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2113 | /** |
| 2114 | * Removes a uid from the restricted background whitelist, returning whether its current |
| 2115 | * {@link ConnectivityManager.RestrictBackgroundStatus} changed. |
| 2116 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2117 | private boolean removeRestrictBackgroundWhitelistedUidUL(int uid, boolean uidDeleted, |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2118 | boolean updateNow) { |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2119 | final boolean oldStatus = mRestrictBackgroundWhitelistUids.get(uid); |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 2120 | if (!oldStatus && !uidDeleted) { |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2121 | if (LOGD) Slog.d(TAG, "uid " + uid + " was not whitelisted before"); |
| 2122 | return false; |
| 2123 | } |
Felipe Leme | 01e05e7 | 2016-03-31 10:09:24 -0700 | [diff] [blame] | 2124 | final boolean needFirewallRules = uidDeleted || isUidValidForWhitelistRules(uid); |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 2125 | if (oldStatus) { |
| 2126 | Slog.i(TAG, "removing uid " + uid + " from restrict background whitelist"); |
| 2127 | mRestrictBackgroundWhitelistUids.delete(uid); |
| 2128 | } |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 2129 | if (mDefaultRestrictBackgroundWhitelistUids.get(uid) |
| 2130 | && !mRestrictBackgroundWhitelistRevokedUids.get(uid)) { |
| 2131 | if (LOGD) Slog.d(TAG, "Adding uid " + uid |
| 2132 | + " to revoked restrict background whitelist"); |
| 2133 | mRestrictBackgroundWhitelistRevokedUids.append(uid, true); |
| 2134 | } |
Felipe Leme | 01e05e7 | 2016-03-31 10:09:24 -0700 | [diff] [blame] | 2135 | if (needFirewallRules) { |
| 2136 | // Only update firewall rules if necessary... |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2137 | updateRulesForDataUsageRestrictionsUL(uid, uidDeleted); |
Felipe Leme | 01e05e7 | 2016-03-31 10:09:24 -0700 | [diff] [blame] | 2138 | } |
Felipe Leme | 3f52cd5 | 2016-02-03 13:36:30 -0800 | [diff] [blame] | 2139 | if (updateNow) { |
Felipe Leme | 01e05e7 | 2016-03-31 10:09:24 -0700 | [diff] [blame] | 2140 | // ...but always persists the whitelist request. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2141 | synchronized (mNetworkPoliciesSecondLock) { |
| 2142 | writePolicyAL(); |
| 2143 | } |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 2144 | } |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2145 | // Status only changes if Data Saver is turned on (otherwise it is DISABLED, even if the |
| 2146 | // app was whitelisted before). |
Felipe Leme | 01e05e7 | 2016-03-31 10:09:24 -0700 | [diff] [blame] | 2147 | return mRestrictBackground && needFirewallRules; |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2148 | } |
| 2149 | |
| 2150 | @Override |
| 2151 | public int[] getRestrictBackgroundWhitelistedUids() { |
| 2152 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2153 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2154 | final int size = mRestrictBackgroundWhitelistUids.size(); |
| 2155 | final int[] whitelist = new int[size]; |
| 2156 | for (int i = 0; i < size; i++) { |
| 2157 | whitelist[i] = mRestrictBackgroundWhitelistUids.keyAt(i); |
| 2158 | } |
| 2159 | if (LOGV) { |
| 2160 | Slog.v(TAG, "getRestrictBackgroundWhitelistedUids(): " |
| 2161 | + mRestrictBackgroundWhitelistUids); |
| 2162 | } |
| 2163 | return whitelist; |
| 2164 | } |
| 2165 | } |
| 2166 | |
| 2167 | @Override |
Felipe Leme | 1b10323 | 2016-01-22 09:44:57 -0800 | [diff] [blame] | 2168 | public int getRestrictBackgroundByCaller() { |
| 2169 | mContext.enforceCallingOrSelfPermission(ACCESS_NETWORK_STATE, TAG); |
| 2170 | final int uid = Binder.getCallingUid(); |
Felipe Leme | 923845f | 2016-03-02 13:42:48 -0800 | [diff] [blame] | 2171 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2172 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | 923845f | 2016-03-02 13:42:48 -0800 | [diff] [blame] | 2173 | // Must clear identity because getUidPolicy() is restricted to system. |
| 2174 | final long token = Binder.clearCallingIdentity(); |
| 2175 | final int policy; |
| 2176 | try { |
| 2177 | policy = getUidPolicy(uid); |
| 2178 | } finally { |
| 2179 | Binder.restoreCallingIdentity(token); |
| 2180 | } |
| 2181 | if (policy == POLICY_REJECT_METERED_BACKGROUND) { |
| 2182 | // App is blacklisted. |
| 2183 | return RESTRICT_BACKGROUND_STATUS_ENABLED; |
| 2184 | } |
Felipe Leme | 1b10323 | 2016-01-22 09:44:57 -0800 | [diff] [blame] | 2185 | if (!mRestrictBackground) { |
| 2186 | return RESTRICT_BACKGROUND_STATUS_DISABLED; |
| 2187 | } |
| 2188 | return mRestrictBackgroundWhitelistUids.get(uid) |
| 2189 | ? RESTRICT_BACKGROUND_STATUS_WHITELISTED |
| 2190 | : RESTRICT_BACKGROUND_STATUS_ENABLED; |
| 2191 | } |
| 2192 | } |
| 2193 | |
| 2194 | @Override |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2195 | public boolean getRestrictBackground() { |
| 2196 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 2197 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2198 | synchronized (mUidRulesFirstLock) { |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2199 | return mRestrictBackground; |
| 2200 | } |
| 2201 | } |
| 2202 | |
Dianne Hackborn | 8ad2af7 | 2015-03-17 17:00:24 -0700 | [diff] [blame] | 2203 | @Override |
| 2204 | public void setDeviceIdleMode(boolean enabled) { |
| 2205 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 2206 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2207 | synchronized (mUidRulesFirstLock) { |
Dianne Hackborn | 8ad2af7 | 2015-03-17 17:00:24 -0700 | [diff] [blame] | 2208 | if (mDeviceIdleMode != enabled) { |
| 2209 | mDeviceIdleMode = enabled; |
| 2210 | if (mSystemReady) { |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 2211 | // Device idle change means we need to rebuild rules for all |
| 2212 | // known apps, so do a global refresh. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2213 | updateRulesForRestrictPowerUL(); |
Dianne Hackborn | 3b16cf4 | 2015-07-01 15:05:04 -0700 | [diff] [blame] | 2214 | } |
| 2215 | if (enabled) { |
| 2216 | EventLogTags.writeDeviceIdleOnPhase("net"); |
| 2217 | } else { |
| 2218 | EventLogTags.writeDeviceIdleOffPhase("net"); |
Dianne Hackborn | 8ad2af7 | 2015-03-17 17:00:24 -0700 | [diff] [blame] | 2219 | } |
| 2220 | } |
| 2221 | } |
| 2222 | } |
| 2223 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2224 | private NetworkPolicy findPolicyForNetworkNL(NetworkIdentity ident) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2225 | for (int i = mNetworkPolicy.size()-1; i >= 0; i--) { |
| 2226 | NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 2227 | if (policy.template.matches(ident)) { |
| 2228 | return policy; |
| 2229 | } |
| 2230 | } |
| 2231 | return null; |
| 2232 | } |
| 2233 | |
| 2234 | @Override |
| 2235 | public NetworkQuotaInfo getNetworkQuotaInfo(NetworkState state) { |
| 2236 | mContext.enforceCallingOrSelfPermission(ACCESS_NETWORK_STATE, TAG); |
| 2237 | |
| 2238 | // only returns usage summary, so we don't require caller to have |
| 2239 | // READ_NETWORK_USAGE_HISTORY. |
| 2240 | final long token = Binder.clearCallingIdentity(); |
| 2241 | try { |
| 2242 | return getNetworkQuotaInfoUnchecked(state); |
| 2243 | } finally { |
| 2244 | Binder.restoreCallingIdentity(token); |
| 2245 | } |
| 2246 | } |
| 2247 | |
| 2248 | private NetworkQuotaInfo getNetworkQuotaInfoUnchecked(NetworkState state) { |
| 2249 | final NetworkIdentity ident = NetworkIdentity.buildNetworkIdentity(mContext, state); |
| 2250 | |
| 2251 | final NetworkPolicy policy; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2252 | synchronized (mNetworkPoliciesSecondLock) { |
| 2253 | policy = findPolicyForNetworkNL(ident); |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 2254 | } |
| 2255 | |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 2256 | if (policy == null || !policy.hasCycle()) { |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 2257 | // missing policy means we can't derive useful quota info |
| 2258 | return null; |
| 2259 | } |
| 2260 | |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 2261 | final long currentTime = currentTimeMillis(); |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 2262 | |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 2263 | // find total bytes used under policy |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 2264 | final long start = computeLastCycleBoundary(currentTime, policy); |
| 2265 | final long end = currentTime; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 2266 | final long totalBytes = getTotalBytes(policy.template, start, end); |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 2267 | |
| 2268 | // report soft and hard limits under policy |
| 2269 | final long softLimitBytes = policy.warningBytes != WARNING_DISABLED ? policy.warningBytes |
| 2270 | : NetworkQuotaInfo.NO_LIMIT; |
| 2271 | final long hardLimitBytes = policy.limitBytes != LIMIT_DISABLED ? policy.limitBytes |
| 2272 | : NetworkQuotaInfo.NO_LIMIT; |
| 2273 | |
| 2274 | return new NetworkQuotaInfo(totalBytes, softLimitBytes, hardLimitBytes); |
| 2275 | } |
| 2276 | |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2277 | @Override |
Jeff Sharkey | 9f7cbf0 | 2012-04-12 18:34:54 -0700 | [diff] [blame] | 2278 | public boolean isNetworkMetered(NetworkState state) { |
Jeff Sharkey | f07c7b9 | 2016-04-22 09:50:16 -0600 | [diff] [blame] | 2279 | if (state.networkInfo == null) { |
| 2280 | return false; |
| 2281 | } |
| 2282 | |
Jeff Sharkey | 9f7cbf0 | 2012-04-12 18:34:54 -0700 | [diff] [blame] | 2283 | final NetworkIdentity ident = NetworkIdentity.buildNetworkIdentity(mContext, state); |
| 2284 | |
| 2285 | final NetworkPolicy policy; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2286 | synchronized (mNetworkPoliciesSecondLock) { |
| 2287 | policy = findPolicyForNetworkNL(ident); |
Jeff Sharkey | 9f7cbf0 | 2012-04-12 18:34:54 -0700 | [diff] [blame] | 2288 | } |
| 2289 | |
| 2290 | if (policy != null) { |
| 2291 | return policy.metered; |
| 2292 | } else { |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 2293 | final int type = state.networkInfo.getType(); |
Jack Yu | b6587ea | 2016-06-22 11:35:10 -0700 | [diff] [blame] | 2294 | if ((isNetworkTypeMobile(type) && ident.getMetered()) || type == TYPE_WIMAX) { |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 2295 | return true; |
| 2296 | } |
Jeff Sharkey | 9f7cbf0 | 2012-04-12 18:34:54 -0700 | [diff] [blame] | 2297 | return false; |
| 2298 | } |
| 2299 | } |
| 2300 | |
| 2301 | @Override |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 2302 | protected void dump(FileDescriptor fd, PrintWriter writer, String[] args) { |
Jeff Sharkey | 7527990 | 2011-05-24 18:39:45 -0700 | [diff] [blame] | 2303 | mContext.enforceCallingOrSelfPermission(DUMP, TAG); |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 2304 | |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 2305 | final IndentingPrintWriter fout = new IndentingPrintWriter(writer, " "); |
| 2306 | |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 2307 | final ArraySet<String> argSet = new ArraySet<String>(args.length); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2308 | for (String arg : args) { |
| 2309 | argSet.add(arg); |
| 2310 | } |
| 2311 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2312 | synchronized (mUidRulesFirstLock) { |
| 2313 | synchronized (mNetworkPoliciesSecondLock) { |
| 2314 | if (argSet.contains("--unsnooze")) { |
| 2315 | for (int i = mNetworkPolicy.size()-1; i >= 0; i--) { |
| 2316 | mNetworkPolicy.valueAt(i).clearSnooze(); |
| 2317 | } |
| 2318 | |
| 2319 | normalizePoliciesNL(); |
| 2320 | updateNetworkEnabledNL(); |
| 2321 | updateNetworkRulesNL(); |
| 2322 | updateNotificationsNL(); |
| 2323 | writePolicyAL(); |
| 2324 | |
| 2325 | fout.println("Cleared snooze timestamps"); |
| 2326 | return; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2327 | } |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 2328 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2329 | fout.print("System ready: "); fout.println(mSystemReady); |
| 2330 | fout.print("Restrict background: "); fout.println(mRestrictBackground); |
| 2331 | fout.print("Restrict power: "); fout.println(mRestrictPower); |
| 2332 | fout.print("Device idle: "); fout.println(mDeviceIdleMode); |
| 2333 | fout.println("Network policies:"); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2334 | fout.increaseIndent(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2335 | for (int i = 0; i < mNetworkPolicy.size(); i++) { |
| 2336 | fout.println(mNetworkPolicy.valueAt(i).toString()); |
| 2337 | } |
| 2338 | fout.decreaseIndent(); |
| 2339 | |
| 2340 | fout.print("Metered ifaces: "); fout.println(String.valueOf(mMeteredIfaces)); |
| 2341 | |
| 2342 | fout.println("Policy for UIDs:"); |
| 2343 | fout.increaseIndent(); |
| 2344 | int size = mUidPolicy.size(); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2345 | for (int i = 0; i < size; i++) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2346 | final int uid = mUidPolicy.keyAt(i); |
| 2347 | final int policy = mUidPolicy.valueAt(i); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2348 | fout.print("UID="); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2349 | fout.print(uid); |
| 2350 | fout.print(" policy="); |
| 2351 | fout.print(DebugUtils.flagsToString(NetworkPolicyManager.class, "POLICY_", policy)); |
| 2352 | fout.println(); |
| 2353 | } |
| 2354 | fout.decreaseIndent(); |
| 2355 | |
| 2356 | size = mPowerSaveWhitelistExceptIdleAppIds.size(); |
| 2357 | if (size > 0) { |
| 2358 | fout.println("Power save whitelist (except idle) app ids:"); |
| 2359 | fout.increaseIndent(); |
| 2360 | for (int i = 0; i < size; i++) { |
| 2361 | fout.print("UID="); |
| 2362 | fout.print(mPowerSaveWhitelistExceptIdleAppIds.keyAt(i)); |
| 2363 | fout.print(": "); |
| 2364 | fout.print(mPowerSaveWhitelistExceptIdleAppIds.valueAt(i)); |
| 2365 | fout.println(); |
| 2366 | } |
| 2367 | fout.decreaseIndent(); |
| 2368 | } |
| 2369 | |
| 2370 | size = mPowerSaveWhitelistAppIds.size(); |
| 2371 | if (size > 0) { |
| 2372 | fout.println("Power save whitelist app ids:"); |
| 2373 | fout.increaseIndent(); |
| 2374 | for (int i = 0; i < size; i++) { |
| 2375 | fout.print("UID="); |
| 2376 | fout.print(mPowerSaveWhitelistAppIds.keyAt(i)); |
| 2377 | fout.print(": "); |
| 2378 | fout.print(mPowerSaveWhitelistAppIds.valueAt(i)); |
| 2379 | fout.println(); |
| 2380 | } |
| 2381 | fout.decreaseIndent(); |
| 2382 | } |
| 2383 | |
| 2384 | size = mRestrictBackgroundWhitelistUids.size(); |
| 2385 | if (size > 0) { |
| 2386 | fout.println("Restrict background whitelist uids:"); |
| 2387 | fout.increaseIndent(); |
| 2388 | for (int i = 0; i < size; i++) { |
| 2389 | fout.print("UID="); |
| 2390 | fout.print(mRestrictBackgroundWhitelistUids.keyAt(i)); |
| 2391 | fout.println(); |
| 2392 | } |
| 2393 | fout.decreaseIndent(); |
| 2394 | } |
| 2395 | |
| 2396 | size = mDefaultRestrictBackgroundWhitelistUids.size(); |
| 2397 | if (size > 0) { |
| 2398 | fout.println("Default restrict background whitelist uids:"); |
| 2399 | fout.increaseIndent(); |
| 2400 | for (int i = 0; i < size; i++) { |
| 2401 | fout.print("UID="); |
| 2402 | fout.print(mDefaultRestrictBackgroundWhitelistUids.keyAt(i)); |
| 2403 | fout.println(); |
| 2404 | } |
| 2405 | fout.decreaseIndent(); |
| 2406 | } |
| 2407 | |
| 2408 | size = mRestrictBackgroundWhitelistRevokedUids.size(); |
| 2409 | if (size > 0) { |
| 2410 | fout.println("Default restrict background whitelist uids revoked by users:"); |
| 2411 | fout.increaseIndent(); |
| 2412 | for (int i = 0; i < size; i++) { |
| 2413 | fout.print("UID="); |
| 2414 | fout.print(mRestrictBackgroundWhitelistRevokedUids.keyAt(i)); |
| 2415 | fout.println(); |
| 2416 | } |
| 2417 | fout.decreaseIndent(); |
| 2418 | } |
| 2419 | |
| 2420 | final SparseBooleanArray knownUids = new SparseBooleanArray(); |
| 2421 | collectKeys(mUidState, knownUids); |
| 2422 | collectKeys(mUidRules, knownUids); |
| 2423 | |
| 2424 | fout.println("Status for all known UIDs:"); |
| 2425 | fout.increaseIndent(); |
| 2426 | size = knownUids.size(); |
| 2427 | for (int i = 0; i < size; i++) { |
| 2428 | final int uid = knownUids.keyAt(i); |
| 2429 | fout.print("UID="); |
| 2430 | fout.print(uid); |
| 2431 | |
| 2432 | final int state = mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
| 2433 | fout.print(" state="); |
| 2434 | fout.print(state); |
| 2435 | if (state <= ActivityManager.PROCESS_STATE_TOP) { |
| 2436 | fout.print(" (fg)"); |
| 2437 | } else { |
| 2438 | fout.print(state <= ActivityManager.PROCESS_STATE_FOREGROUND_SERVICE |
| 2439 | ? " (fg svc)" : " (bg)"); |
| 2440 | } |
| 2441 | |
| 2442 | final int uidRules = mUidRules.get(uid, RULE_NONE); |
| 2443 | fout.print(" rules="); |
| 2444 | fout.print(uidRulesToString(uidRules)); |
| 2445 | fout.println(); |
| 2446 | } |
| 2447 | fout.decreaseIndent(); |
| 2448 | |
| 2449 | fout.println("Status for just UIDs with rules:"); |
| 2450 | fout.increaseIndent(); |
| 2451 | size = mUidRules.size(); |
| 2452 | for (int i = 0; i < size; i++) { |
| 2453 | final int uid = mUidRules.keyAt(i); |
| 2454 | fout.print("UID="); |
| 2455 | fout.print(uid); |
| 2456 | final int uidRules = mUidRules.get(uid, RULE_NONE); |
| 2457 | fout.print(" rules="); |
| 2458 | fout.print(uidRulesToString(uidRules)); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2459 | fout.println(); |
| 2460 | } |
| 2461 | fout.decreaseIndent(); |
| 2462 | } |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 2463 | } |
| 2464 | } |
Jeff Sharkey | 9599cc5 | 2011-05-22 14:59:31 -0700 | [diff] [blame] | 2465 | |
| 2466 | @Override |
Felipe Leme | 50a235e | 2016-01-15 18:37:06 -0800 | [diff] [blame] | 2467 | public void onShellCommand(FileDescriptor in, FileDescriptor out, FileDescriptor err, |
| 2468 | String[] args, ResultReceiver resultReceiver) throws RemoteException { |
Felipe Leme | b1a65ee | 2016-02-08 10:12:01 -0800 | [diff] [blame] | 2469 | (new NetworkPolicyManagerShellCommand(mContext, this)).exec( |
Felipe Leme | 50a235e | 2016-01-15 18:37:06 -0800 | [diff] [blame] | 2470 | this, in, out, err, args, resultReceiver); |
| 2471 | } |
| 2472 | |
| 2473 | @Override |
Jeff Sharkey | 9599cc5 | 2011-05-22 14:59:31 -0700 | [diff] [blame] | 2474 | public boolean isUidForeground(int uid) { |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 2475 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 2476 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2477 | synchronized (mUidRulesFirstLock) { |
| 2478 | return isUidForegroundUL(uid); |
Jeff Sharkey | 9599cc5 | 2011-05-22 14:59:31 -0700 | [diff] [blame] | 2479 | } |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 2480 | } |
| 2481 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2482 | private boolean isUidForegroundUL(int uid) { |
| 2483 | return isUidStateForegroundUL( |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2484 | mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY)); |
| 2485 | } |
| 2486 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2487 | private boolean isUidForegroundOnRestrictBackgroundUL(int uid) { |
Felipe Leme | ef89c90 | 2016-03-30 15:11:31 -0700 | [diff] [blame] | 2488 | final int procState = mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2489 | return isProcStateAllowedWhileOnRestrictBackground(procState); |
Felipe Leme | ef89c90 | 2016-03-30 15:11:31 -0700 | [diff] [blame] | 2490 | } |
| 2491 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2492 | private boolean isUidForegroundOnRestrictPowerUL(int uid) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2493 | final int procState = mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
| 2494 | return isProcStateAllowedWhileIdleOrPowerSaveMode(procState); |
| 2495 | } |
| 2496 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2497 | private boolean isUidStateForegroundUL(int state) { |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 2498 | // only really in foreground when screen is also on |
Felipe Leme | f8dd7b4 | 2016-08-10 13:00:32 -0700 | [diff] [blame] | 2499 | return state <= ActivityManager.PROCESS_STATE_TOP; |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 2500 | } |
| 2501 | |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 2502 | /** |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 2503 | * Process state of UID changed; if needed, will trigger |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2504 | * {@link #updateRulesForDataUsageRestrictionsUL(int)} and |
| 2505 | * {@link #updateRulesForPowerRestrictionsUL(int)} |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 2506 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2507 | private void updateUidStateUL(int uid, int uidState) { |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 2508 | final int oldUidState = mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
| 2509 | if (oldUidState != uidState) { |
| 2510 | // state changed, push updated rules |
| 2511 | mUidState.put(uid, uidState); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2512 | updateRestrictBackgroundRulesOnUidStatusChangedUL(uid, oldUidState, uidState); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2513 | if (isProcStateAllowedWhileIdleOrPowerSaveMode(oldUidState) |
| 2514 | != isProcStateAllowedWhileIdleOrPowerSaveMode(uidState) ) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2515 | if (isUidIdle(uid)) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2516 | updateRuleForAppIdleUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2517 | } |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2518 | if (mDeviceIdleMode) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2519 | updateRuleForDeviceIdleUL(uid); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2520 | } |
| 2521 | if (mRestrictPower) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2522 | updateRuleForRestrictPowerUL(uid); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2523 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2524 | updateRulesForPowerRestrictionsUL(uid); |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 2525 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2526 | updateNetworkStats(uid, isUidStateForegroundUL(uidState)); |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 2527 | } |
| 2528 | } |
| 2529 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2530 | private void removeUidStateUL(int uid) { |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 2531 | final int index = mUidState.indexOfKey(uid); |
| 2532 | if (index >= 0) { |
| 2533 | final int oldUidState = mUidState.valueAt(index); |
| 2534 | mUidState.removeAt(index); |
| 2535 | if (oldUidState != ActivityManager.PROCESS_STATE_CACHED_EMPTY) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2536 | updateRestrictBackgroundRulesOnUidStatusChangedUL(uid, oldUidState, |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 2537 | ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 2538 | if (mDeviceIdleMode) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2539 | updateRuleForDeviceIdleUL(uid); |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 2540 | } |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2541 | if (mRestrictPower) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2542 | updateRuleForRestrictPowerUL(uid); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2543 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2544 | updateRulesForPowerRestrictionsUL(uid); |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2545 | updateNetworkStats(uid, false); |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 2546 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 2547 | } |
| 2548 | } |
| 2549 | |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2550 | // adjust stats accounting based on foreground status |
| 2551 | private void updateNetworkStats(int uid, boolean uidForeground) { |
| 2552 | try { |
| 2553 | mNetworkStats.setUidForeground(uid, uidForeground); |
| 2554 | } catch (RemoteException e) { |
| 2555 | // ignored; service lives in system_server |
| 2556 | } |
| 2557 | } |
| 2558 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2559 | private void updateRestrictBackgroundRulesOnUidStatusChangedUL(int uid, int oldUidState, |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2560 | int newUidState) { |
Felipe Leme | ef89c90 | 2016-03-30 15:11:31 -0700 | [diff] [blame] | 2561 | final boolean oldForeground = |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2562 | isProcStateAllowedWhileOnRestrictBackground(oldUidState); |
Felipe Leme | ef89c90 | 2016-03-30 15:11:31 -0700 | [diff] [blame] | 2563 | final boolean newForeground = |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2564 | isProcStateAllowedWhileOnRestrictBackground(newUidState); |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 2565 | if (oldForeground != newForeground) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2566 | updateRulesForDataUsageRestrictionsUL(uid); |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 2567 | } |
| 2568 | } |
| 2569 | |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2570 | static boolean isProcStateAllowedWhileIdleOrPowerSaveMode(int procState) { |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 2571 | return procState <= ActivityManager.PROCESS_STATE_FOREGROUND_SERVICE; |
| 2572 | } |
| 2573 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2574 | static boolean isProcStateAllowedWhileOnRestrictBackground(int procState) { |
Felipe Leme | ef89c90 | 2016-03-30 15:11:31 -0700 | [diff] [blame] | 2575 | return procState <= ActivityManager.PROCESS_STATE_FOREGROUND_SERVICE; |
| 2576 | } |
| 2577 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2578 | void updateRulesForPowerSaveUL() { |
| 2579 | updateRulesForWhitelistedPowerSaveUL(mRestrictPower, FIREWALL_CHAIN_POWERSAVE, |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2580 | mUidFirewallPowerSaveRules); |
| 2581 | } |
| 2582 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2583 | void updateRuleForRestrictPowerUL(int uid) { |
| 2584 | updateRulesForWhitelistedPowerSaveUL(uid, mRestrictPower, FIREWALL_CHAIN_POWERSAVE); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2585 | } |
| 2586 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2587 | void updateRulesForDeviceIdleUL() { |
| 2588 | updateRulesForWhitelistedPowerSaveUL(mDeviceIdleMode, FIREWALL_CHAIN_DOZABLE, |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2589 | mUidFirewallDozableRules); |
| 2590 | } |
| 2591 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2592 | void updateRuleForDeviceIdleUL(int uid) { |
| 2593 | updateRulesForWhitelistedPowerSaveUL(uid, mDeviceIdleMode, FIREWALL_CHAIN_DOZABLE); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2594 | } |
| 2595 | |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2596 | // NOTE: since both fw_dozable and fw_powersave uses the same map |
| 2597 | // (mPowerSaveTempWhitelistAppIds) for whitelisting, we can reuse their logic in this method. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2598 | private void updateRulesForWhitelistedPowerSaveUL(boolean enabled, int chain, |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2599 | SparseIntArray rules) { |
| 2600 | if (enabled) { |
| 2601 | // Sync the whitelists before enabling the chain. We don't care about the rules if |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2602 | // we are disabling the chain. |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2603 | final SparseIntArray uidRules = rules; |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 2604 | uidRules.clear(); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2605 | final List<UserInfo> users = mUserManager.getUsers(); |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 2606 | for (int ui = users.size() - 1; ui >= 0; ui--) { |
| 2607 | UserInfo user = users.get(ui); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2608 | for (int i = mPowerSaveTempWhitelistAppIds.size() - 1; i >= 0; i--) { |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2609 | if (mPowerSaveTempWhitelistAppIds.valueAt(i)) { |
| 2610 | int appId = mPowerSaveTempWhitelistAppIds.keyAt(i); |
| 2611 | int uid = UserHandle.getUid(user.id, appId); |
| 2612 | uidRules.put(uid, FIREWALL_RULE_ALLOW); |
| 2613 | } |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2614 | } |
| 2615 | for (int i = mPowerSaveWhitelistAppIds.size() - 1; i >= 0; i--) { |
| 2616 | int appId = mPowerSaveWhitelistAppIds.keyAt(i); |
| 2617 | int uid = UserHandle.getUid(user.id, appId); |
| 2618 | uidRules.put(uid, FIREWALL_RULE_ALLOW); |
| 2619 | } |
| 2620 | } |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 2621 | for (int i = mUidState.size() - 1; i >= 0; i--) { |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2622 | if (isProcStateAllowedWhileIdleOrPowerSaveMode(mUidState.valueAt(i))) { |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 2623 | uidRules.put(mUidState.keyAt(i), FIREWALL_RULE_ALLOW); |
| 2624 | } |
| 2625 | } |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2626 | setUidFirewallRules(chain, uidRules); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2627 | } |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 2628 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2629 | enableFirewallChainUL(chain, enabled); |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2630 | } |
| 2631 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2632 | private boolean isWhitelistedBatterySaverUL(int uid) { |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 2633 | final int appId = UserHandle.getAppId(uid); |
| 2634 | return mPowerSaveTempWhitelistAppIds.get(appId) || mPowerSaveWhitelistAppIds.get(appId); |
| 2635 | } |
| 2636 | |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2637 | // NOTE: since both fw_dozable and fw_powersave uses the same map |
| 2638 | // (mPowerSaveTempWhitelistAppIds) for whitelisting, we can reuse their logic in this method. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2639 | private void updateRulesForWhitelistedPowerSaveUL(int uid, boolean enabled, int chain) { |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2640 | if (enabled) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2641 | if (isWhitelistedBatterySaverUL(uid) |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2642 | || isProcStateAllowedWhileIdleOrPowerSaveMode(mUidState.get(uid))) { |
| 2643 | setUidFirewallRule(chain, uid, FIREWALL_RULE_ALLOW); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2644 | } else { |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2645 | setUidFirewallRule(chain, uid, FIREWALL_RULE_DEFAULT); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2646 | } |
| 2647 | } |
| 2648 | } |
| 2649 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2650 | void updateRulesForAppIdleUL() { |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 2651 | final SparseIntArray uidRules = mUidFirewallStandbyRules; |
| 2652 | uidRules.clear(); |
| 2653 | |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2654 | // Fully update the app idle firewall chain. |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2655 | final List<UserInfo> users = mUserManager.getUsers(); |
| 2656 | for (int ui = users.size() - 1; ui >= 0; ui--) { |
| 2657 | UserInfo user = users.get(ui); |
| 2658 | int[] idleUids = mUsageStats.getIdleUidsForUser(user.id); |
| 2659 | for (int uid : idleUids) { |
| 2660 | if (!mPowerSaveTempWhitelistAppIds.get(UserHandle.getAppId(uid), false)) { |
Soi, Yoshinari | a065da1 | 2015-12-22 12:02:18 +0900 | [diff] [blame] | 2661 | // quick check: if this uid doesn't have INTERNET permission, it |
| 2662 | // doesn't have network access anyway, so it is a waste to mess |
| 2663 | // with it here. |
Amith Yamasani | 2a4ac4e | 2016-02-12 12:43:15 -0800 | [diff] [blame] | 2664 | if (hasInternetPermissions(uid)) { |
| 2665 | uidRules.put(uid, FIREWALL_RULE_DENY); |
Soi, Yoshinari | a065da1 | 2015-12-22 12:02:18 +0900 | [diff] [blame] | 2666 | } |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2667 | } |
| 2668 | } |
| 2669 | } |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 2670 | |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2671 | setUidFirewallRules(FIREWALL_CHAIN_STANDBY, uidRules); |
| 2672 | } |
| 2673 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2674 | void updateRuleForAppIdleUL(int uid) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2675 | if (!isUidValidForBlacklistRules(uid)) return; |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2676 | |
| 2677 | int appId = UserHandle.getAppId(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2678 | if (!mPowerSaveTempWhitelistAppIds.get(appId) && isUidIdle(uid) |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2679 | && !isUidForegroundOnRestrictPowerUL(uid)) { |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 2680 | setUidFirewallRule(FIREWALL_CHAIN_STANDBY, uid, FIREWALL_RULE_DENY); |
| 2681 | } else { |
| 2682 | setUidFirewallRule(FIREWALL_CHAIN_STANDBY, uid, FIREWALL_RULE_DEFAULT); |
| 2683 | } |
| 2684 | } |
| 2685 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2686 | void updateRulesForAppIdleParoleUL() { |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2687 | boolean enableChain = !mUsageStats.isAppIdleParoleOn(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2688 | enableFirewallChainUL(FIREWALL_CHAIN_STANDBY, enableChain); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2689 | } |
| 2690 | |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 2691 | /** |
Dianne Hackborn | 8ad2af7 | 2015-03-17 17:00:24 -0700 | [diff] [blame] | 2692 | * Update rules that might be changed by {@link #mRestrictBackground}, |
| 2693 | * {@link #mRestrictPower}, or {@link #mDeviceIdleMode} value. |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 2694 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2695 | private void updateRulesForGlobalChangeAL(boolean restrictedNetworksChanged) { |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 2696 | long start; |
| 2697 | if (LOGD) start = System.currentTimeMillis(); |
| 2698 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2699 | updateRulesForRestrictPowerUL(); |
| 2700 | updateRulesForRestrictBackgroundUL(); |
Felipe Leme | 76010a3 | 2016-03-17 13:03:11 -0700 | [diff] [blame] | 2701 | |
| 2702 | // If the set of restricted networks may have changed, re-evaluate those. |
| 2703 | if (restrictedNetworksChanged) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2704 | normalizePoliciesNL(); |
| 2705 | updateNetworkRulesNL(); |
Felipe Leme | 76010a3 | 2016-03-17 13:03:11 -0700 | [diff] [blame] | 2706 | } |
| 2707 | if (LOGD) { |
| 2708 | final long delta = System.currentTimeMillis() - start; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2709 | Slog.d(TAG, "updateRulesForGlobalChangeAL(" + restrictedNetworksChanged + ") took " |
Felipe Leme | 76010a3 | 2016-03-17 13:03:11 -0700 | [diff] [blame] | 2710 | + delta + "ms"); |
| 2711 | } |
| 2712 | } |
| 2713 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2714 | private void updateRulesForRestrictPowerUL() { |
| 2715 | updateRulesForDeviceIdleUL(); |
| 2716 | updateRulesForAppIdleUL(); |
| 2717 | updateRulesForPowerSaveUL(); |
| 2718 | updateRulesForAllAppsUL(TYPE_RESTRICT_POWER); |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 2719 | } |
| 2720 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2721 | private void updateRulesForRestrictBackgroundUL() { |
| 2722 | updateRulesForAllAppsUL(TYPE_RESTRICT_BACKGROUND); |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 2723 | } |
| 2724 | |
| 2725 | private static final int TYPE_RESTRICT_BACKGROUND = 1; |
| 2726 | private static final int TYPE_RESTRICT_POWER = 2; |
| 2727 | @Retention(RetentionPolicy.SOURCE) |
| 2728 | @IntDef(flag = false, value = { |
| 2729 | TYPE_RESTRICT_BACKGROUND, |
| 2730 | TYPE_RESTRICT_POWER, |
| 2731 | }) |
| 2732 | public @interface RestrictType { |
| 2733 | } |
| 2734 | |
| 2735 | // TODO: refactor / consolidate all those updateXyz methods, there are way too many of them... |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2736 | private void updateRulesForAllAppsUL(@RestrictType int type) { |
Felipe Leme | 76010a3 | 2016-03-17 13:03:11 -0700 | [diff] [blame] | 2737 | final PackageManager pm = mContext.getPackageManager(); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2738 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2739 | // update rules for all installed applications |
Stuart Scott | e3e314d | 2015-04-20 14:07:45 -0700 | [diff] [blame] | 2740 | final List<UserInfo> users = mUserManager.getUsers(); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2741 | final List<ApplicationInfo> apps = pm.getInstalledApplications( |
Jeff Sharkey | 8a372a0 | 2016-03-16 16:25:45 -0600 | [diff] [blame] | 2742 | PackageManager.MATCH_UNINSTALLED_PACKAGES | PackageManager.MATCH_DISABLED_COMPONENTS |
| 2743 | | PackageManager.MATCH_DIRECT_BOOT_AWARE |
| 2744 | | PackageManager.MATCH_DIRECT_BOOT_UNAWARE); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2745 | |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 2746 | final int usersSize = users.size(); |
| 2747 | final int appsSize = apps.size(); |
| 2748 | for (int i = 0; i < usersSize; i++) { |
| 2749 | final UserInfo user = users.get(i); |
| 2750 | for (int j = 0; j < appsSize; j++) { |
| 2751 | final ApplicationInfo app = apps.get(j); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2752 | final int uid = UserHandle.getUid(user.id, app.uid); |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 2753 | switch (type) { |
| 2754 | case TYPE_RESTRICT_BACKGROUND: |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2755 | updateRulesForDataUsageRestrictionsUL(uid); |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 2756 | break; |
| 2757 | case TYPE_RESTRICT_POWER: |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2758 | updateRulesForPowerRestrictionsUL(uid); |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 2759 | break; |
| 2760 | default: |
| 2761 | Slog.w(TAG, "Invalid type for updateRulesForAllApps: " + type); |
| 2762 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2763 | } |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 2764 | } |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 2765 | } |
| 2766 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2767 | private void updateRulesForTempWhitelistChangeUL() { |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 2768 | final List<UserInfo> users = mUserManager.getUsers(); |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 2769 | for (int i = 0; i < users.size(); i++) { |
| 2770 | final UserInfo user = users.get(i); |
Rakesh Iyer | 4f3fc21 | 2016-03-03 20:16:41 -0800 | [diff] [blame] | 2771 | for (int j = mPowerSaveTempWhitelistAppIds.size() - 1; j >= 0; j--) { |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 2772 | int appId = mPowerSaveTempWhitelistAppIds.keyAt(j); |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 2773 | int uid = UserHandle.getUid(user.id, appId); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2774 | // Update external firewall rules. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2775 | updateRuleForAppIdleUL(uid); |
| 2776 | updateRuleForDeviceIdleUL(uid); |
| 2777 | updateRuleForRestrictPowerUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2778 | // Update internal rules. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2779 | updateRulesForPowerRestrictionsUL(uid); |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 2780 | } |
| 2781 | } |
| 2782 | } |
| 2783 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2784 | // TODO: the MEDIA / DRM restriction might not be needed anymore, in which case both |
| 2785 | // methods below could be merged into a isUidValidForRules() method. |
| 2786 | private boolean isUidValidForBlacklistRules(int uid) { |
| 2787 | // allow rules on specific system services, and any apps |
Jeff Sharkey | 5294a2f | 2012-04-24 17:07:22 -0700 | [diff] [blame] | 2788 | if (uid == android.os.Process.MEDIA_UID || uid == android.os.Process.DRM_UID |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2789 | || (UserHandle.isApp(uid) && hasInternetPermissions(uid))) { |
Jeff Sharkey | 5294a2f | 2012-04-24 17:07:22 -0700 | [diff] [blame] | 2790 | return true; |
| 2791 | } |
| 2792 | |
| 2793 | return false; |
| 2794 | } |
| 2795 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2796 | private boolean isUidValidForWhitelistRules(int uid) { |
| 2797 | return UserHandle.isApp(uid) && hasInternetPermissions(uid); |
| 2798 | } |
| 2799 | |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 2800 | private boolean isUidIdle(int uid) { |
| 2801 | final String[] packages = mContext.getPackageManager().getPackagesForUid(uid); |
| 2802 | final int userId = UserHandle.getUserId(uid); |
| 2803 | |
Jeff Sharkey | 377ded0f | 2016-01-10 13:15:41 -0700 | [diff] [blame] | 2804 | if (!ArrayUtils.isEmpty(packages)) { |
| 2805 | for (String packageName : packages) { |
| 2806 | if (!mUsageStats.isAppIdle(packageName, uid, userId)) { |
| 2807 | return false; |
| 2808 | } |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 2809 | } |
| 2810 | } |
| 2811 | return true; |
| 2812 | } |
| 2813 | |
| 2814 | /** |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2815 | * Checks if an uid has INTERNET permissions. |
| 2816 | * <p> |
| 2817 | * Useful for the cases where the lack of network access can simplify the rules. |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 2818 | */ |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2819 | private boolean hasInternetPermissions(int uid) { |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 2820 | try { |
Amith Yamasani | 2a4ac4e | 2016-02-12 12:43:15 -0800 | [diff] [blame] | 2821 | if (mIPm.checkUidPermission(Manifest.permission.INTERNET, uid) |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 2822 | != PackageManager.PERMISSION_GRANTED) { |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2823 | return false; |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 2824 | } |
| 2825 | } catch (RemoteException e) { |
| 2826 | } |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2827 | return true; |
| 2828 | } |
| 2829 | |
| 2830 | /** |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2831 | * Applies network rules to bandwidth and firewall controllers based on uid policy. |
Felipe Leme | 76010a3 | 2016-03-17 13:03:11 -0700 | [diff] [blame] | 2832 | * |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2833 | * <p>There are currently 4 types of restriction rules: |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2834 | * <ul> |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2835 | * <li>Doze mode |
| 2836 | * <li>App idle mode |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2837 | * <li>Battery Saver Mode (also referred as power save). |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 2838 | * <li>Data Saver Mode (The Feature Formerly Known As 'Restrict Background Data'). |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2839 | * </ul> |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2840 | * |
| 2841 | * <p>This method changes both the external firewall rules and the internal state. |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 2842 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2843 | private void updateRestrictionRulesForUidUL(int uid) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2844 | // Methods below only changes the firewall rules for the power-related modes. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2845 | updateRuleForDeviceIdleUL(uid); |
| 2846 | updateRuleForAppIdleUL(uid); |
| 2847 | updateRuleForRestrictPowerUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2848 | |
| 2849 | // Update internal state for power-related modes. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2850 | updateRulesForPowerRestrictionsUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2851 | |
| 2852 | // Update firewall and internal rules for Data Saver Mode. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2853 | updateRulesForDataUsageRestrictionsUL(uid); |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2854 | } |
| 2855 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2856 | /** |
| 2857 | * Applies network rules to bandwidth controllers based on process state and user-defined |
| 2858 | * restrictions (blacklist / whitelist). |
| 2859 | * |
| 2860 | * <p> |
| 2861 | * {@code netd} defines 3 firewall chains that govern whether an app has access to metered |
| 2862 | * networks: |
| 2863 | * <ul> |
| 2864 | * <li>@{code bw_penalty_box}: UIDs added to this chain do not have access (blacklist). |
| 2865 | * <li>@{code bw_happy_box}: UIDs added to this chain have access (whitelist), unless they're |
| 2866 | * also blacklisted. |
| 2867 | * <li>@{code bw_data_saver}: when enabled (through {@link #setRestrictBackground(boolean)}), |
| 2868 | * no UIDs other those whitelisted will have access. |
| 2869 | * <ul> |
| 2870 | * |
| 2871 | * <p>The @{code bw_penalty_box} and @{code bw_happy_box} are primarily managed through the |
| 2872 | * {@link #setUidPolicy(int, int)} and {@link #addRestrictBackgroundWhitelistedUid(int)} / |
| 2873 | * {@link #removeRestrictBackgroundWhitelistedUid(int)} methods (for blacklist and whitelist |
| 2874 | * respectively): these methods set the proper internal state (blacklist / whitelist), then call |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2875 | * this ({@link #updateRulesForDataUsageRestrictionsUL(int)}) to propagate the rules to |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2876 | * {@link INetworkManagementService}, but this method should also be called in events (like |
| 2877 | * Data Saver Mode flips or UID state changes) that might affect the foreground app, since the |
| 2878 | * following rules should also be applied: |
| 2879 | * |
| 2880 | * <ul> |
| 2881 | * <li>When Data Saver mode is on, the foreground app should be temporarily added to |
| 2882 | * {@code bw_happy_box} before the @{code bw_data_saver} chain is enabled. |
| 2883 | * <li>If the foreground app is blacklisted by the user, it should be temporarily removed from |
| 2884 | * {@code bw_penalty_box}. |
| 2885 | * <li>When the app leaves foreground state, the temporary changes above should be reverted. |
| 2886 | * </ul> |
| 2887 | * |
| 2888 | * <p>For optimization, the rules are only applied on user apps that have internet access |
| 2889 | * permission, since there is no need to change the {@code iptables} rule if the app does not |
| 2890 | * have permission to use the internet. |
| 2891 | * |
| 2892 | * <p>The {@link #mUidRules} map is used to define the transtion of states of an UID. |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 2893 | * |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2894 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2895 | private void updateRulesForDataUsageRestrictionsUL(int uid) { |
| 2896 | updateRulesForDataUsageRestrictionsUL(uid, false); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2897 | } |
| 2898 | |
| 2899 | /** |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2900 | * Overloaded version of {@link #updateRulesForDataUsageRestrictionsUL(int)} called when an |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2901 | * app is removed - it ignores the UID validity check. |
| 2902 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2903 | private void updateRulesForDataUsageRestrictionsUL(int uid, boolean uidDeleted) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2904 | if (!uidDeleted && !isUidValidForWhitelistRules(uid)) { |
| 2905 | if (LOGD) Slog.d(TAG, "no need to update restrict data rules for uid " + uid); |
| 2906 | return; |
| 2907 | } |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 2908 | |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 2909 | final int uidPolicy = mUidPolicy.get(uid, POLICY_NONE); |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 2910 | final int oldUidRules = mUidRules.get(uid, RULE_NONE); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2911 | final boolean isForeground = isUidForegroundOnRestrictBackgroundUL(uid); |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 2912 | |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2913 | final boolean isBlacklisted = (uidPolicy & POLICY_REJECT_METERED_BACKGROUND) != 0; |
| 2914 | final boolean isWhitelisted = mRestrictBackgroundWhitelistUids.get(uid); |
| 2915 | final int oldRule = oldUidRules & MASK_METERED_NETWORKS; |
| 2916 | int newRule = RULE_NONE; |
Felipe Leme | 76010a3 | 2016-03-17 13:03:11 -0700 | [diff] [blame] | 2917 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2918 | // First step: define the new rule based on user restrictions and foreground state. |
| 2919 | if (isForeground) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2920 | if (isBlacklisted || (mRestrictBackground && !isWhitelisted)) { |
| 2921 | newRule = RULE_TEMPORARY_ALLOW_METERED; |
| 2922 | } else if (isWhitelisted) { |
| 2923 | newRule = RULE_ALLOW_METERED; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 2924 | } |
| 2925 | } else { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2926 | if (isBlacklisted) { |
| 2927 | newRule = RULE_REJECT_METERED; |
| 2928 | } else if (mRestrictBackground && isWhitelisted) { |
| 2929 | newRule = RULE_ALLOW_METERED; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 2930 | } |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 2931 | } |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2932 | final int newUidRules = newRule | (oldUidRules & MASK_ALL_NETWORKS); |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 2933 | |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2934 | if (LOGV) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2935 | Log.v(TAG, "updateRuleForRestrictBackgroundUL(" + uid + ")" |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2936 | + ": isForeground=" +isForeground |
| 2937 | + ", isBlacklisted=" + isBlacklisted |
| 2938 | + ", isWhitelisted=" + isWhitelisted |
| 2939 | + ", oldRule=" + uidRulesToString(oldRule) |
| 2940 | + ", newRule=" + uidRulesToString(newRule) |
| 2941 | + ", newUidRules=" + uidRulesToString(newUidRules) |
| 2942 | + ", oldUidRules=" + uidRulesToString(oldUidRules)); |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 2943 | } |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 2944 | |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 2945 | if (newUidRules == RULE_NONE) { |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 2946 | mUidRules.delete(uid); |
| 2947 | } else { |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 2948 | mUidRules.put(uid, newUidRules); |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 2949 | } |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 2950 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2951 | // Second step: apply bw changes based on change of state. |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2952 | if (newRule != oldRule) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2953 | if ((newRule & RULE_TEMPORARY_ALLOW_METERED) != 0) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2954 | // Temporarily whitelist foreground app, removing from blacklist if necessary |
| 2955 | // (since bw_penalty_box prevails over bw_happy_box). |
| 2956 | |
| 2957 | setMeteredNetworkWhitelist(uid, true); |
| 2958 | // TODO: if statement below is used to avoid an unnecessary call to netd / iptables, |
| 2959 | // but ideally it should be just: |
| 2960 | // setMeteredNetworkBlacklist(uid, isBlacklisted); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2961 | if (isBlacklisted) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2962 | setMeteredNetworkBlacklist(uid, false); |
| 2963 | } |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2964 | } else if ((oldRule & RULE_TEMPORARY_ALLOW_METERED) != 0) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2965 | // Remove temporary whitelist from app that is not on foreground anymore. |
| 2966 | |
| 2967 | // TODO: if statements below are used to avoid unnecessary calls to netd / iptables, |
| 2968 | // but ideally they should be just: |
| 2969 | // setMeteredNetworkWhitelist(uid, isWhitelisted); |
| 2970 | // setMeteredNetworkBlacklist(uid, isBlacklisted); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2971 | if (!isWhitelisted) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2972 | setMeteredNetworkWhitelist(uid, false); |
| 2973 | } |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2974 | if (isBlacklisted) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2975 | setMeteredNetworkBlacklist(uid, true); |
| 2976 | } |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2977 | } else if ((newRule & RULE_REJECT_METERED) != 0 |
| 2978 | || (oldRule & RULE_REJECT_METERED) != 0) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2979 | // Flip state because app was explicitly added or removed to blacklist. |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2980 | setMeteredNetworkBlacklist(uid, isBlacklisted); |
| 2981 | if ((oldRule & RULE_REJECT_METERED) != 0 && isWhitelisted) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2982 | // Since blacklist prevails over whitelist, we need to handle the special case |
| 2983 | // where app is whitelisted and blacklisted at the same time (although such |
| 2984 | // scenario should be blocked by the UI), then blacklist is removed. |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2985 | setMeteredNetworkWhitelist(uid, isWhitelisted); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2986 | } |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2987 | } else if ((newRule & RULE_ALLOW_METERED) != 0 |
| 2988 | || (oldRule & RULE_ALLOW_METERED) != 0) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2989 | // Flip state because app was explicitly added or removed to whitelist. |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2990 | setMeteredNetworkWhitelist(uid, isWhitelisted); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2991 | } else { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2992 | // All scenarios should have been covered above. |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 2993 | Log.wtf(TAG, "Unexpected change of metered UID state for " + uid |
| 2994 | + ": foreground=" + isForeground |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 2995 | + ", whitelisted=" + isWhitelisted |
| 2996 | + ", blacklisted=" + isBlacklisted |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 2997 | + ", newRule=" + uidRulesToString(newUidRules) |
| 2998 | + ", oldRule=" + uidRulesToString(oldUidRules)); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2999 | } |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3000 | |
| 3001 | // Dispatch changed rule to existing listeners. |
| 3002 | mHandler.obtainMessage(MSG_RULES_CHANGED, uid, newUidRules).sendToTarget(); |
| 3003 | } |
| 3004 | } |
| 3005 | |
| 3006 | /** |
| 3007 | * Updates the power-related part of the {@link #mUidRules} for a given map, and notify external |
| 3008 | * listeners in case of change. |
| 3009 | * <p> |
| 3010 | * There are 3 power-related rules that affects whether an app has background access on |
| 3011 | * non-metered networks, and when the condition applies and the UID is not whitelisted for power |
| 3012 | * restriction, it's added to the equivalent firewall chain: |
| 3013 | * <ul> |
| 3014 | * <li>App is idle: {@code fw_standby} firewall chain. |
| 3015 | * <li>Device is idle: {@code fw_dozable} firewall chain. |
| 3016 | * <li>Battery Saver Mode is on: {@code fw_powersave} firewall chain. |
| 3017 | * </ul> |
| 3018 | * <p> |
| 3019 | * This method updates the power-related part of the {@link #mUidRules} for a given uid based on |
| 3020 | * these modes, the UID process state (foreground or not), and the UIDwhitelist state. |
| 3021 | * <p> |
| 3022 | * <strong>NOTE: </strong>This method does not update the firewall rules on {@code netd}. |
| 3023 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3024 | private void updateRulesForPowerRestrictionsUL(int uid) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3025 | if (!isUidValidForBlacklistRules(uid)) { |
| 3026 | if (LOGD) Slog.d(TAG, "no need to update restrict power rules for uid " + uid); |
| 3027 | return; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 3028 | } |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 3029 | |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3030 | final boolean isIdle = isUidIdle(uid); |
| 3031 | final boolean restrictMode = isIdle || mRestrictPower || mDeviceIdleMode; |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3032 | final int oldUidRules = mUidRules.get(uid, RULE_NONE); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3033 | final boolean isForeground = isUidForegroundOnRestrictPowerUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3034 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3035 | final boolean isWhitelisted = isWhitelistedBatterySaverUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3036 | final int oldRule = oldUidRules & MASK_ALL_NETWORKS; |
| 3037 | int newRule = RULE_NONE; |
| 3038 | |
| 3039 | // First step: define the new rule based on user restrictions and foreground state. |
| 3040 | |
| 3041 | // NOTE: if statements below could be inlined, but it's easier to understand the logic |
| 3042 | // by considering the foreground and non-foreground states. |
| 3043 | if (isForeground) { |
| 3044 | if (restrictMode) { |
| 3045 | newRule = RULE_ALLOW_ALL; |
| 3046 | } |
| 3047 | } else if (restrictMode) { |
| 3048 | newRule = isWhitelisted ? RULE_ALLOW_ALL : RULE_REJECT_ALL; |
| 3049 | } |
| 3050 | |
| 3051 | final int newUidRules = (oldUidRules & MASK_METERED_NETWORKS) | newRule; |
| 3052 | |
| 3053 | if (LOGV) { |
Felipe Leme | f8dd7b4 | 2016-08-10 13:00:32 -0700 | [diff] [blame] | 3054 | Log.v(TAG, "updateRulesForPowerRestrictionsUL(" + uid + ")" |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3055 | + ", isIdle: " + isIdle |
| 3056 | + ", mRestrictPower: " + mRestrictPower |
| 3057 | + ", mDeviceIdleMode: " + mDeviceIdleMode |
| 3058 | + ", isForeground=" + isForeground |
| 3059 | + ", isWhitelisted=" + isWhitelisted |
| 3060 | + ", oldRule=" + uidRulesToString(oldRule) |
| 3061 | + ", newRule=" + uidRulesToString(newRule) |
| 3062 | + ", newUidRules=" + uidRulesToString(newUidRules) |
| 3063 | + ", oldUidRules=" + uidRulesToString(oldUidRules)); |
| 3064 | } |
| 3065 | |
| 3066 | if (newUidRules == RULE_NONE) { |
| 3067 | mUidRules.delete(uid); |
| 3068 | } else { |
| 3069 | mUidRules.put(uid, newUidRules); |
| 3070 | } |
| 3071 | |
| 3072 | // Second step: notify listeners if state changed. |
| 3073 | if (newRule != oldRule) { |
| 3074 | if (newRule == RULE_NONE || (newRule & RULE_ALLOW_ALL) != 0) { |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 3075 | if (LOGV) Log.v(TAG, "Allowing non-metered access for UID " + uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3076 | } else if ((newRule & RULE_REJECT_ALL) != 0) { |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 3077 | if (LOGV) Log.v(TAG, "Rejecting non-metered access for UID " + uid); |
| 3078 | } else { |
| 3079 | // All scenarios should have been covered above |
| 3080 | Log.wtf(TAG, "Unexpected change of non-metered UID state for " + uid |
| 3081 | + ": foreground=" + isForeground |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3082 | + ", whitelisted=" + isWhitelisted |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 3083 | + ", newRule=" + uidRulesToString(newUidRules) |
| 3084 | + ", oldRule=" + uidRulesToString(oldUidRules)); |
| 3085 | } |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 3086 | mHandler.obtainMessage(MSG_RULES_CHANGED, uid, newUidRules).sendToTarget(); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 3087 | } |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 3088 | } |
| 3089 | |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 3090 | private class AppIdleStateChangeListener |
| 3091 | extends UsageStatsManagerInternal.AppIdleStateChangeListener { |
| 3092 | |
| 3093 | @Override |
| 3094 | public void onAppIdleStateChanged(String packageName, int userId, boolean idle) { |
| 3095 | try { |
Jeff Sharkey | c5967e9 | 2016-01-07 18:50:29 -0700 | [diff] [blame] | 3096 | final int uid = mContext.getPackageManager().getPackageUidAsUser(packageName, |
| 3097 | PackageManager.MATCH_UNINSTALLED_PACKAGES, userId); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3098 | if (LOGV) Log.v(TAG, "onAppIdleStateChanged(): uid=" + uid + ", idle=" + idle); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3099 | synchronized (mUidRulesFirstLock) { |
| 3100 | updateRuleForAppIdleUL(uid); |
| 3101 | updateRulesForPowerRestrictionsUL(uid); |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 3102 | } |
| 3103 | } catch (NameNotFoundException nnfe) { |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 3104 | } |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 3105 | } |
| 3106 | |
| 3107 | @Override |
| 3108 | public void onParoleStateChanged(boolean isParoleOn) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3109 | synchronized (mUidRulesFirstLock) { |
| 3110 | updateRulesForAppIdleParoleUL(); |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 3111 | } |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 3112 | } |
| 3113 | } |
| 3114 | |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3115 | private void dispatchUidRulesChanged(INetworkPolicyListener listener, int uid, int uidRules) { |
| 3116 | if (listener != null) { |
| 3117 | try { |
| 3118 | listener.onUidRulesChanged(uid, uidRules); |
| 3119 | } catch (RemoteException ignored) { |
| 3120 | } |
| 3121 | } |
| 3122 | } |
| 3123 | |
| 3124 | private void dispatchMeteredIfacesChanged(INetworkPolicyListener listener, |
| 3125 | String[] meteredIfaces) { |
| 3126 | if (listener != null) { |
| 3127 | try { |
| 3128 | listener.onMeteredIfacesChanged(meteredIfaces); |
| 3129 | } catch (RemoteException ignored) { |
| 3130 | } |
| 3131 | } |
| 3132 | } |
| 3133 | |
| 3134 | private void dispatchRestrictBackgroundChanged(INetworkPolicyListener listener, |
| 3135 | boolean restrictBackground) { |
| 3136 | if (listener != null) { |
| 3137 | try { |
| 3138 | listener.onRestrictBackgroundChanged(restrictBackground); |
| 3139 | } catch (RemoteException ignored) { |
| 3140 | } |
| 3141 | } |
| 3142 | } |
| 3143 | |
| 3144 | private void dispatchRestrictBackgroundWhitelistChanged(INetworkPolicyListener listener, |
| 3145 | int uid, boolean whitelisted) { |
| 3146 | if (listener != null) { |
| 3147 | try { |
| 3148 | listener.onRestrictBackgroundWhitelistChanged(uid, whitelisted); |
| 3149 | } catch (RemoteException ignored) { |
| 3150 | } |
| 3151 | } |
| 3152 | } |
| 3153 | |
Felipe Leme | 99d5d3d | 2016-05-16 13:30:57 -0700 | [diff] [blame] | 3154 | private void dispatchRestrictBackgroundBlacklistChanged(INetworkPolicyListener listener, |
| 3155 | int uid, boolean blacklisted) { |
| 3156 | if (listener != null) { |
| 3157 | try { |
| 3158 | listener.onRestrictBackgroundBlacklistChanged(uid, blacklisted); |
| 3159 | } catch (RemoteException ignored) { |
| 3160 | } |
| 3161 | } |
| 3162 | } |
| 3163 | |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 3164 | private Handler.Callback mHandlerCallback = new Handler.Callback() { |
Jeff Sharkey | bfdd680 | 2012-04-09 10:49:19 -0700 | [diff] [blame] | 3165 | @Override |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 3166 | public boolean handleMessage(Message msg) { |
| 3167 | switch (msg.what) { |
| 3168 | case MSG_RULES_CHANGED: { |
| 3169 | final int uid = msg.arg1; |
| 3170 | final int uidRules = msg.arg2; |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3171 | dispatchUidRulesChanged(mConnectivityListener, uid, uidRules); |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 3172 | final int length = mListeners.beginBroadcast(); |
| 3173 | for (int i = 0; i < length; i++) { |
| 3174 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3175 | dispatchUidRulesChanged(listener, uid, uidRules); |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 3176 | } |
| 3177 | mListeners.finishBroadcast(); |
| 3178 | return true; |
| 3179 | } |
| 3180 | case MSG_METERED_IFACES_CHANGED: { |
| 3181 | final String[] meteredIfaces = (String[]) msg.obj; |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3182 | dispatchMeteredIfacesChanged(mConnectivityListener, meteredIfaces); |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 3183 | final int length = mListeners.beginBroadcast(); |
| 3184 | for (int i = 0; i < length; i++) { |
| 3185 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3186 | dispatchMeteredIfacesChanged(listener, meteredIfaces); |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 3187 | } |
| 3188 | mListeners.finishBroadcast(); |
| 3189 | return true; |
| 3190 | } |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 3191 | case MSG_LIMIT_REACHED: { |
| 3192 | final String iface = (String) msg.obj; |
| 3193 | |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 3194 | maybeRefreshTrustedTime(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3195 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 3196 | if (mMeteredIfaces.contains(iface)) { |
| 3197 | try { |
| 3198 | // force stats update to make sure we have |
| 3199 | // numbers that caused alert to trigger. |
| 3200 | mNetworkStats.forceUpdate(); |
| 3201 | } catch (RemoteException e) { |
| 3202 | // ignored; service lives in system_server |
| 3203 | } |
| 3204 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3205 | updateNetworkEnabledNL(); |
| 3206 | updateNotificationsNL(); |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 3207 | } |
| 3208 | } |
| 3209 | return true; |
| 3210 | } |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 3211 | case MSG_RESTRICT_BACKGROUND_CHANGED: { |
| 3212 | final boolean restrictBackground = msg.arg1 != 0; |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3213 | dispatchRestrictBackgroundChanged(mConnectivityListener, restrictBackground); |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 3214 | final int length = mListeners.beginBroadcast(); |
| 3215 | for (int i = 0; i < length; i++) { |
| 3216 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3217 | dispatchRestrictBackgroundChanged(listener, restrictBackground); |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 3218 | } |
| 3219 | mListeners.finishBroadcast(); |
Felipe Leme | 9778f76 | 2016-01-27 14:46:39 -0800 | [diff] [blame] | 3220 | final Intent intent = |
| 3221 | new Intent(ConnectivityManager.ACTION_RESTRICT_BACKGROUND_CHANGED); |
| 3222 | intent.setFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); |
| 3223 | mContext.sendBroadcastAsUser(intent, UserHandle.ALL); |
| 3224 | return true; |
| 3225 | } |
| 3226 | case MSG_RESTRICT_BACKGROUND_WHITELIST_CHANGED: { |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 3227 | // MSG_RESTRICT_BACKGROUND_WHITELIST_CHANGED can be called in 2 occasions: |
| 3228 | // - when an app is whitelisted |
| 3229 | // - when an app is blacklisted |
| 3230 | // |
| 3231 | // Whether the internal listeners (INetworkPolicyListener implementations) or |
| 3232 | // app broadcast receivers are notified depend on the following rules: |
| 3233 | // |
| 3234 | // - App receivers are only notified when the app status changed (msg.arg2 = 1) |
| 3235 | // - Listeners are only notified when app was whitelisted (msg.obj is not null), |
| 3236 | // since blacklist notifications are handled through MSG_RULES_CHANGED). |
Felipe Leme | 9778f76 | 2016-01-27 14:46:39 -0800 | [diff] [blame] | 3237 | final int uid = msg.arg1; |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 3238 | final boolean changed = msg.arg2 == 1; |
| 3239 | final Boolean whitelisted = (Boolean) msg.obj; |
| 3240 | |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3241 | // First notify internal listeners... |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 3242 | if (whitelisted != null) { |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3243 | final boolean whitelistedBool = whitelisted.booleanValue(); |
| 3244 | dispatchRestrictBackgroundWhitelistChanged(mConnectivityListener, uid, |
| 3245 | whitelistedBool); |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 3246 | final int length = mListeners.beginBroadcast(); |
| 3247 | for (int i = 0; i < length; i++) { |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 3248 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 3249 | dispatchRestrictBackgroundWhitelistChanged(listener, uid, |
| 3250 | whitelistedBool); |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 3251 | } |
| 3252 | mListeners.finishBroadcast(); |
| 3253 | } |
Felipe Leme | 9778f76 | 2016-01-27 14:46:39 -0800 | [diff] [blame] | 3254 | final PackageManager pm = mContext.getPackageManager(); |
| 3255 | final String[] packages = pm.getPackagesForUid(uid); |
Felipe Leme | 019fcd2 | 2016-04-19 10:24:39 -0700 | [diff] [blame] | 3256 | if (changed && packages != null) { |
| 3257 | // ...then notify apps listening to ACTION_RESTRICT_BACKGROUND_CHANGED |
Felipe Leme | 86e5a01 | 2016-02-16 16:26:05 -0800 | [diff] [blame] | 3258 | final int userId = UserHandle.getUserId(uid); |
| 3259 | for (String packageName : packages) { |
| 3260 | final Intent intent = new Intent( |
| 3261 | ConnectivityManager.ACTION_RESTRICT_BACKGROUND_CHANGED); |
| 3262 | intent.setPackage(packageName); |
| 3263 | intent.setFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); |
| 3264 | mContext.sendBroadcastAsUser(intent, UserHandle.of(userId)); |
| 3265 | } |
Felipe Leme | 9778f76 | 2016-01-27 14:46:39 -0800 | [diff] [blame] | 3266 | } |
Jeff Sharkey | e19f39b | 2012-05-24 10:21:16 -0700 | [diff] [blame] | 3267 | return true; |
| 3268 | } |
Felipe Leme | 99d5d3d | 2016-05-16 13:30:57 -0700 | [diff] [blame] | 3269 | case MSG_RESTRICT_BACKGROUND_BLACKLIST_CHANGED: { |
| 3270 | final int uid = msg.arg1; |
| 3271 | final boolean blacklisted = msg.arg2 == 1; |
| 3272 | |
| 3273 | dispatchRestrictBackgroundBlacklistChanged(mConnectivityListener, uid, |
| 3274 | blacklisted); |
| 3275 | final int length = mListeners.beginBroadcast(); |
| 3276 | for (int i = 0; i < length; i++) { |
| 3277 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
| 3278 | dispatchRestrictBackgroundBlacklistChanged(listener, uid, |
| 3279 | blacklisted); |
| 3280 | } |
| 3281 | mListeners.finishBroadcast(); |
| 3282 | return true; |
| 3283 | } |
Jeff Sharkey | e19f39b | 2012-05-24 10:21:16 -0700 | [diff] [blame] | 3284 | case MSG_ADVISE_PERSIST_THRESHOLD: { |
| 3285 | final long lowestRule = (Long) msg.obj; |
| 3286 | try { |
| 3287 | // make sure stats are recorded frequently enough; we aim |
| 3288 | // for 2MB threshold for 2GB/month rules. |
| 3289 | final long persistThreshold = lowestRule / 1000; |
| 3290 | mNetworkStats.advisePersistThreshold(persistThreshold); |
| 3291 | } catch (RemoteException e) { |
| 3292 | // ignored; service lives in system_server |
| 3293 | } |
| 3294 | return true; |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 3295 | } |
Amith Yamasani | 3646cbd | 2016-04-13 14:04:53 -0700 | [diff] [blame] | 3296 | case MSG_UPDATE_INTERFACE_QUOTA: { |
| 3297 | removeInterfaceQuota((String) msg.obj); |
| 3298 | // int params need to be stitched back into a long |
| 3299 | setInterfaceQuota((String) msg.obj, |
| 3300 | ((long) msg.arg1 << 32) | (msg.arg2 & 0xFFFFFFFFL)); |
| 3301 | return true; |
| 3302 | } |
| 3303 | case MSG_REMOVE_INTERFACE_QUOTA: { |
| 3304 | removeInterfaceQuota((String) msg.obj); |
| 3305 | return true; |
| 3306 | } |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 3307 | default: { |
| 3308 | return false; |
Jeff Sharkey | af11d48 | 2011-06-13 00:14:31 -0700 | [diff] [blame] | 3309 | } |
| 3310 | } |
| 3311 | } |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 3312 | }; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 3313 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 3314 | private void setInterfaceQuota(String iface, long quotaBytes) { |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3315 | try { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 3316 | mNetworkManager.setInterfaceQuota(iface, quotaBytes); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3317 | } catch (IllegalStateException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 3318 | Log.wtf(TAG, "problem setting interface quota", e); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3319 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 3320 | // ignored; service lives in system_server |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3321 | } |
| 3322 | } |
| 3323 | |
| 3324 | private void removeInterfaceQuota(String iface) { |
| 3325 | try { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 3326 | mNetworkManager.removeInterfaceQuota(iface); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3327 | } catch (IllegalStateException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 3328 | Log.wtf(TAG, "problem removing interface quota", e); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3329 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 3330 | // ignored; service lives in system_server |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 3331 | } |
| 3332 | } |
| 3333 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 3334 | private void setMeteredNetworkBlacklist(int uid, boolean enable) { |
| 3335 | if (LOGV) Slog.v(TAG, "setMeteredNetworkBlacklist " + uid + ": " + enable); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3336 | try { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 3337 | mNetworkManager.setUidMeteredNetworkBlacklist(uid, enable); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3338 | } catch (IllegalStateException e) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 3339 | Log.wtf(TAG, "problem setting blacklist (" + enable + ") rules for " + uid, e); |
| 3340 | } catch (RemoteException e) { |
| 3341 | // ignored; service lives in system_server |
| 3342 | } |
| 3343 | } |
| 3344 | |
| 3345 | private void setMeteredNetworkWhitelist(int uid, boolean enable) { |
| 3346 | if (LOGV) Slog.v(TAG, "setMeteredNetworkWhitelist " + uid + ": " + enable); |
| 3347 | try { |
| 3348 | mNetworkManager.setUidMeteredNetworkWhitelist(uid, enable); |
| 3349 | } catch (IllegalStateException e) { |
| 3350 | Log.wtf(TAG, "problem setting whitelist (" + enable + ") rules for " + uid, e); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3351 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 3352 | // ignored; service lives in system_server |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3353 | } |
| 3354 | } |
| 3355 | |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 3356 | /** |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3357 | * Set uid rules on a particular firewall chain. This is going to synchronize the rules given |
| 3358 | * here to netd. It will clean up dead rules and make sure the target chain only contains rules |
| 3359 | * specified here. |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 3360 | */ |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3361 | private void setUidFirewallRules(int chain, SparseIntArray uidRules) { |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 3362 | try { |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3363 | int size = uidRules.size(); |
| 3364 | int[] uids = new int[size]; |
| 3365 | int[] rules = new int[size]; |
| 3366 | for(int index = size - 1; index >= 0; --index) { |
| 3367 | uids[index] = uidRules.keyAt(index); |
| 3368 | rules[index] = uidRules.valueAt(index); |
| 3369 | } |
| 3370 | mNetworkManager.setFirewallUidRules(chain, uids, rules); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 3371 | } catch (IllegalStateException e) { |
| 3372 | Log.wtf(TAG, "problem setting firewall uid rules", e); |
| 3373 | } catch (RemoteException e) { |
| 3374 | // ignored; service lives in system_server |
| 3375 | } |
| 3376 | } |
| 3377 | |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3378 | /** |
| 3379 | * Add or remove a uid to the firewall blacklist for all network ifaces. |
| 3380 | */ |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3381 | private void setUidFirewallRule(int chain, int uid, int rule) { |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 3382 | if (chain == FIREWALL_CHAIN_DOZABLE) { |
| 3383 | mUidFirewallDozableRules.put(uid, rule); |
| 3384 | } else if (chain == FIREWALL_CHAIN_STANDBY) { |
| 3385 | mUidFirewallStandbyRules.put(uid, rule); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3386 | } else if (chain == FIREWALL_CHAIN_POWERSAVE) { |
| 3387 | mUidFirewallPowerSaveRules.put(uid, rule); |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 3388 | } |
| 3389 | |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3390 | try { |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3391 | mNetworkManager.setFirewallUidRule(chain, uid, rule); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3392 | } catch (IllegalStateException e) { |
| 3393 | Log.wtf(TAG, "problem setting firewall uid rules", e); |
| 3394 | } catch (RemoteException e) { |
| 3395 | // ignored; service lives in system_server |
| 3396 | } |
| 3397 | } |
| 3398 | |
| 3399 | /** |
| 3400 | * Add or remove a uid to the firewall blacklist for all network ifaces. |
| 3401 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3402 | private void enableFirewallChainUL(int chain, boolean enable) { |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3403 | if (mFirewallChainStates.indexOfKey(chain) >= 0 && |
| 3404 | mFirewallChainStates.get(chain) == enable) { |
| 3405 | // All is the same, nothing to do. |
| 3406 | return; |
| 3407 | } |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 3408 | mFirewallChainStates.put(chain, enable); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3409 | try { |
| 3410 | mNetworkManager.setFirewallChainEnabled(chain, enable); |
| 3411 | } catch (IllegalStateException e) { |
| 3412 | Log.wtf(TAG, "problem enable firewall chain", e); |
| 3413 | } catch (RemoteException e) { |
| 3414 | // ignored; service lives in system_server |
| 3415 | } |
| 3416 | } |
| 3417 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 3418 | private long getTotalBytes(NetworkTemplate template, long start, long end) { |
| 3419 | try { |
Jeff Sharkey | b52e3e5 | 2012-04-06 11:12:08 -0700 | [diff] [blame] | 3420 | return mNetworkStats.getNetworkTotalBytes(template, start, end); |
Jeff Sharkey | 63abc37 | 2012-01-11 18:38:16 -0800 | [diff] [blame] | 3421 | } catch (RuntimeException e) { |
| 3422 | Slog.w(TAG, "problem reading network stats: " + e); |
| 3423 | return 0; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 3424 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 3425 | // ignored; service lives in system_server |
| 3426 | return 0; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 3427 | } |
| 3428 | } |
| 3429 | |
Jeff Sharkey | 8c1dc72 | 2012-05-04 14:49:37 -0700 | [diff] [blame] | 3430 | private boolean isBandwidthControlEnabled() { |
| 3431 | final long token = Binder.clearCallingIdentity(); |
| 3432 | try { |
| 3433 | return mNetworkManager.isBandwidthControlEnabled(); |
| 3434 | } catch (RemoteException e) { |
| 3435 | // ignored; service lives in system_server |
| 3436 | return false; |
| 3437 | } finally { |
| 3438 | Binder.restoreCallingIdentity(token); |
| 3439 | } |
| 3440 | } |
| 3441 | |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 3442 | /** |
| 3443 | * Try refreshing {@link #mTime} when stale. |
| 3444 | */ |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 3445 | void maybeRefreshTrustedTime() { |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 3446 | if (mTime.getCacheAge() > TIME_CACHE_MAX_AGE) { |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 3447 | mTime.forceRefresh(); |
| 3448 | } |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 3449 | } |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 3450 | |
Jeff Sharkey | 684c54a | 2011-11-16 17:46:30 -0800 | [diff] [blame] | 3451 | private long currentTimeMillis() { |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 3452 | return mTime.hasCache() ? mTime.currentTimeMillis() : System.currentTimeMillis(); |
| 3453 | } |
| 3454 | |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 3455 | private static Intent buildAllowBackgroundDataIntent() { |
| 3456 | return new Intent(ACTION_ALLOW_BACKGROUND); |
| 3457 | } |
| 3458 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 3459 | private static Intent buildSnoozeWarningIntent(NetworkTemplate template) { |
| 3460 | final Intent intent = new Intent(ACTION_SNOOZE_WARNING); |
| 3461 | intent.putExtra(EXTRA_NETWORK_TEMPLATE, template); |
| 3462 | return intent; |
| 3463 | } |
| 3464 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 3465 | private static Intent buildNetworkOverLimitIntent(NetworkTemplate template) { |
| 3466 | final Intent intent = new Intent(); |
| 3467 | intent.setComponent(new ComponentName( |
| 3468 | "com.android.systemui", "com.android.systemui.net.NetworkOverLimitActivity")); |
| 3469 | intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); |
| 3470 | intent.putExtra(EXTRA_NETWORK_TEMPLATE, template); |
| 3471 | return intent; |
| 3472 | } |
| 3473 | |
| 3474 | private static Intent buildViewDataUsageIntent(NetworkTemplate template) { |
| 3475 | final Intent intent = new Intent(); |
| 3476 | intent.setComponent(new ComponentName( |
| 3477 | "com.android.settings", "com.android.settings.Settings$DataUsageSummaryActivity")); |
| 3478 | intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); |
| 3479 | intent.putExtra(EXTRA_NETWORK_TEMPLATE, template); |
| 3480 | return intent; |
| 3481 | } |
| 3482 | |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 3483 | @VisibleForTesting |
Jeff Sharkey | 163e644 | 2011-10-31 16:37:52 -0700 | [diff] [blame] | 3484 | public void addIdleHandler(IdleHandler handler) { |
| 3485 | mHandler.getLooper().getQueue().addIdleHandler(handler); |
| 3486 | } |
| 3487 | |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 3488 | private static void collectKeys(SparseIntArray source, SparseBooleanArray target) { |
| 3489 | final int size = source.size(); |
| 3490 | for (int i = 0; i < size; i++) { |
| 3491 | target.put(source.keyAt(i), true); |
| 3492 | } |
| 3493 | } |
| 3494 | |
Stuart Scott | f1fb397 | 2015-04-02 18:00:02 -0700 | [diff] [blame] | 3495 | @Override |
| 3496 | public void factoryReset(String subscriber) { |
| 3497 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 3498 | |
Stuart Scott | e3e314d | 2015-04-20 14:07:45 -0700 | [diff] [blame] | 3499 | if (mUserManager.hasUserRestriction(UserManager.DISALLOW_NETWORK_RESET)) { |
| 3500 | return; |
| 3501 | } |
| 3502 | |
Stuart Scott | f1fb397 | 2015-04-02 18:00:02 -0700 | [diff] [blame] | 3503 | // Turn mobile data limit off |
Stuart Scott | 9a9a1d9 | 2015-04-20 11:33:06 -0700 | [diff] [blame] | 3504 | NetworkPolicy[] policies = getNetworkPolicies(mContext.getOpPackageName()); |
Stuart Scott | f1fb397 | 2015-04-02 18:00:02 -0700 | [diff] [blame] | 3505 | NetworkTemplate template = NetworkTemplate.buildTemplateMobileAll(subscriber); |
| 3506 | for (NetworkPolicy policy : policies) { |
| 3507 | if (policy.template.equals(template)) { |
| 3508 | policy.limitBytes = NetworkPolicy.LIMIT_DISABLED; |
| 3509 | policy.inferred = false; |
| 3510 | policy.clearSnooze(); |
| 3511 | } |
| 3512 | } |
| 3513 | setNetworkPolicies(policies); |
| 3514 | |
| 3515 | // Turn restrict background data off |
| 3516 | setRestrictBackground(false); |
| 3517 | |
Stuart Scott | e3e314d | 2015-04-20 14:07:45 -0700 | [diff] [blame] | 3518 | if (!mUserManager.hasUserRestriction(UserManager.DISALLOW_APPS_CONTROL)) { |
| 3519 | // Remove app's "restrict background data" flag |
| 3520 | for (int uid : getUidsWithPolicy(POLICY_REJECT_METERED_BACKGROUND)) { |
| 3521 | setUidPolicy(uid, POLICY_NONE); |
| 3522 | } |
Stuart Scott | f1fb397 | 2015-04-02 18:00:02 -0700 | [diff] [blame] | 3523 | } |
| 3524 | } |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 3525 | |
| 3526 | private class MyPackageMonitor extends PackageMonitor { |
| 3527 | |
| 3528 | @Override |
| 3529 | public void onPackageRemoved(String packageName, int uid) { |
| 3530 | if (LOGV) Slog.v(TAG, "onPackageRemoved: " + packageName + " ->" + uid); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3531 | synchronized (mUidRulesFirstLock) { |
| 3532 | removeRestrictBackgroundWhitelistedUidUL(uid, true, true); |
| 3533 | updateRestrictionRulesForUidUL(uid); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 3534 | } |
| 3535 | } |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 3536 | } |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 3537 | |
| 3538 | private class NetworkPolicyManagerInternalImpl extends NetworkPolicyManagerInternal { |
| 3539 | |
| 3540 | @Override |
| 3541 | public void resetUserState(int userId) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3542 | synchronized (mUidRulesFirstLock) { |
| 3543 | boolean changed = removeUserStateUL(userId, false); |
| 3544 | changed = addDefaultRestrictBackgroundWhitelistUidsUL(userId) || changed; |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 3545 | if (changed) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3546 | synchronized (mNetworkPoliciesSecondLock) { |
| 3547 | writePolicyAL(); |
| 3548 | } |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 3549 | } |
| 3550 | } |
| 3551 | } |
| 3552 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 3553 | } |