Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2011 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.server.net; |
| 18 | |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 19 | import static android.Manifest.permission.ACCESS_NETWORK_STATE; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 20 | import static android.Manifest.permission.CONNECTIVITY_INTERNAL; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 21 | import static android.Manifest.permission.MANAGE_NETWORK_POLICY; |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 22 | import static android.Manifest.permission.MANAGE_SUBSCRIPTION_PLANS; |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 23 | import static android.Manifest.permission.NETWORK_SETTINGS; |
| 24 | import static android.Manifest.permission.NETWORK_STACK; |
| 25 | import static android.Manifest.permission.OBSERVE_NETWORK_POLICY; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 26 | import static android.Manifest.permission.READ_NETWORK_USAGE_HISTORY; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 27 | import static android.Manifest.permission.READ_PHONE_STATE; |
Amit Mahajan | 7c5befa | 2015-07-14 10:26:00 -0700 | [diff] [blame] | 28 | import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE; |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 29 | import static android.content.Intent.ACTION_PACKAGE_ADDED; |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 30 | import static android.content.Intent.ACTION_UID_REMOVED; |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 31 | import static android.content.Intent.ACTION_USER_ADDED; |
| 32 | import static android.content.Intent.ACTION_USER_REMOVED; |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 33 | import static android.content.Intent.EXTRA_UID; |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 34 | import static android.content.pm.PackageManager.MATCH_ANY_USER; |
| 35 | import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_AWARE; |
| 36 | import static android.content.pm.PackageManager.MATCH_DIRECT_BOOT_UNAWARE; |
| 37 | import static android.content.pm.PackageManager.MATCH_DISABLED_COMPONENTS; |
| 38 | import static android.content.pm.PackageManager.MATCH_UNINSTALLED_PACKAGES; |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 39 | import static android.content.pm.PackageManager.PERMISSION_GRANTED; |
Erik Kline | f851d6d | 2015-04-20 16:03:48 +0900 | [diff] [blame] | 40 | import static android.net.ConnectivityManager.CONNECTIVITY_ACTION; |
Felipe Leme | 1b10323 | 2016-01-22 09:44:57 -0800 | [diff] [blame] | 41 | import static android.net.ConnectivityManager.RESTRICT_BACKGROUND_STATUS_DISABLED; |
| 42 | import static android.net.ConnectivityManager.RESTRICT_BACKGROUND_STATUS_ENABLED; |
| 43 | import static android.net.ConnectivityManager.RESTRICT_BACKGROUND_STATUS_WHITELISTED; |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 44 | import static android.net.ConnectivityManager.TYPE_MOBILE; |
Remi NGUYEN VAN | f9a8c2e | 2019-02-13 18:28:35 +0900 | [diff] [blame] | 45 | import static android.net.INetd.FIREWALL_CHAIN_DOZABLE; |
| 46 | import static android.net.INetd.FIREWALL_CHAIN_POWERSAVE; |
| 47 | import static android.net.INetd.FIREWALL_CHAIN_STANDBY; |
| 48 | import static android.net.INetd.FIREWALL_RULE_ALLOW; |
| 49 | import static android.net.INetd.FIREWALL_RULE_DENY; |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 50 | import static android.net.NetworkCapabilities.NET_CAPABILITY_NOT_METERED; |
Remi NGUYEN VAN | ed6d2ca | 2018-04-04 11:12:51 +0900 | [diff] [blame] | 51 | import static android.net.NetworkCapabilities.NET_CAPABILITY_NOT_ROAMING; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 52 | import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 53 | import static android.net.NetworkPolicy.LIMIT_DISABLED; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 54 | import static android.net.NetworkPolicy.SNOOZE_NEVER; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 55 | import static android.net.NetworkPolicy.WARNING_DISABLED; |
Jeff Sharkey | 14711eb | 2011-06-15 10:29:17 -0700 | [diff] [blame] | 56 | import static android.net.NetworkPolicyManager.EXTRA_NETWORK_TEMPLATE; |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 57 | import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT; |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 58 | import static android.net.NetworkPolicyManager.MASK_ALL_NETWORKS; |
| 59 | import static android.net.NetworkPolicyManager.MASK_METERED_NETWORKS; |
Felipe Leme | 46b451f | 2016-08-19 08:46:17 -0700 | [diff] [blame] | 60 | import static android.net.NetworkPolicyManager.POLICY_ALLOW_METERED_BACKGROUND; |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 61 | import static android.net.NetworkPolicyManager.POLICY_NONE; |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 62 | import static android.net.NetworkPolicyManager.POLICY_REJECT_METERED_BACKGROUND; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 63 | import static android.net.NetworkPolicyManager.RULE_ALLOW_ALL; |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 64 | import static android.net.NetworkPolicyManager.RULE_ALLOW_METERED; |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 65 | import static android.net.NetworkPolicyManager.RULE_NONE; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 66 | import static android.net.NetworkPolicyManager.RULE_REJECT_ALL; |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 67 | import static android.net.NetworkPolicyManager.RULE_REJECT_METERED; |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 68 | import static android.net.NetworkPolicyManager.RULE_TEMPORARY_ALLOW_METERED; |
Sudheer Shanka | e359c3d | 2017-02-22 18:41:29 -0800 | [diff] [blame] | 69 | import static android.net.NetworkPolicyManager.isProcStateAllowedWhileIdleOrPowerSaveMode; |
| 70 | import static android.net.NetworkPolicyManager.isProcStateAllowedWhileOnRestrictBackground; |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 71 | import static android.net.NetworkPolicyManager.resolveNetworkId; |
Felipe Leme | b146f76 | 2016-08-19 09:52:16 -0700 | [diff] [blame] | 72 | import static android.net.NetworkPolicyManager.uidPoliciesToString; |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 73 | import static android.net.NetworkPolicyManager.uidRulesToString; |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 74 | import static android.net.NetworkTemplate.MATCH_MOBILE; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 75 | import static android.net.NetworkTemplate.MATCH_WIFI; |
Jeff Sharkey | 4e814c3 | 2011-07-14 20:37:37 -0700 | [diff] [blame] | 76 | import static android.net.NetworkTemplate.buildTemplateMobileAll; |
Jeff Sharkey | 241dde2 | 2012-02-03 14:50:07 -0800 | [diff] [blame] | 77 | import static android.net.TrafficStats.MB_IN_BYTES; |
Jeff Sharkey | 0007239 | 2018-04-12 14:26:32 -0600 | [diff] [blame] | 78 | import static android.os.Trace.TRACE_TAG_NETWORK; |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 79 | import static android.provider.Settings.Global.NETPOLICY_OVERRIDE_ENABLED; |
| 80 | import static android.provider.Settings.Global.NETPOLICY_QUOTA_ENABLED; |
| 81 | import static android.provider.Settings.Global.NETPOLICY_QUOTA_FRAC_JOBS; |
| 82 | import static android.provider.Settings.Global.NETPOLICY_QUOTA_FRAC_MULTIPATH; |
| 83 | import static android.provider.Settings.Global.NETPOLICY_QUOTA_LIMITED; |
| 84 | import static android.provider.Settings.Global.NETPOLICY_QUOTA_UNLIMITED; |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 85 | import static android.telephony.CarrierConfigManager.ACTION_CARRIER_CONFIG_CHANGED; |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 86 | import static android.telephony.CarrierConfigManager.DATA_CYCLE_THRESHOLD_DISABLED; |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 87 | import static android.telephony.CarrierConfigManager.DATA_CYCLE_USE_PLATFORM_DEFAULT; |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 88 | import static android.telephony.CarrierConfigManager.KEY_DATA_LIMIT_NOTIFICATION_BOOL; |
| 89 | import static android.telephony.CarrierConfigManager.KEY_DATA_RAPID_NOTIFICATION_BOOL; |
| 90 | import static android.telephony.CarrierConfigManager.KEY_DATA_WARNING_NOTIFICATION_BOOL; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 91 | import static android.telephony.SubscriptionManager.INVALID_SUBSCRIPTION_ID; |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 92 | |
Jeff Sharkey | 854b2b1 | 2012-04-13 16:03:40 -0700 | [diff] [blame] | 93 | import static com.android.internal.util.ArrayUtils.appendInt; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 94 | import static com.android.internal.util.Preconditions.checkNotNull; |
Jeff Sharkey | ded7b75 | 2013-03-22 13:43:41 -0700 | [diff] [blame] | 95 | import static com.android.internal.util.XmlUtils.readBooleanAttribute; |
| 96 | import static com.android.internal.util.XmlUtils.readIntAttribute; |
| 97 | import static com.android.internal.util.XmlUtils.readLongAttribute; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 98 | import static com.android.internal.util.XmlUtils.readStringAttribute; |
Jeff Sharkey | ded7b75 | 2013-03-22 13:43:41 -0700 | [diff] [blame] | 99 | import static com.android.internal.util.XmlUtils.writeBooleanAttribute; |
| 100 | import static com.android.internal.util.XmlUtils.writeIntAttribute; |
| 101 | import static com.android.internal.util.XmlUtils.writeLongAttribute; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 102 | import static com.android.internal.util.XmlUtils.writeStringAttribute; |
Jeff Sharkey | 961e304 | 2011-08-29 16:02:57 -0700 | [diff] [blame] | 103 | import static com.android.server.NetworkManagementService.LIMIT_GLOBAL_ALERT; |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 104 | import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_DEFAULT; |
| 105 | import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_NON_METERED; |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 106 | import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_SYSTEM; |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 107 | import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_TMP_WHITELIST; |
| 108 | import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_WHITELIST; |
| 109 | import static com.android.server.net.NetworkPolicyLogger.NTWK_BLOCKED_BG_RESTRICT; |
| 110 | import static com.android.server.net.NetworkPolicyLogger.NTWK_BLOCKED_BLACKLIST; |
| 111 | import static com.android.server.net.NetworkPolicyLogger.NTWK_BLOCKED_POWER; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 112 | import static com.android.server.net.NetworkStatsService.ACTION_NETWORK_STATS_UPDATED; |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 113 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 114 | import static org.xmlpull.v1.XmlPullParser.END_DOCUMENT; |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 115 | import static org.xmlpull.v1.XmlPullParser.END_TAG; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 116 | import static org.xmlpull.v1.XmlPullParser.START_TAG; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 117 | |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 118 | import android.Manifest; |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 119 | import android.annotation.IntDef; |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 120 | import android.annotation.NonNull; |
Felipe Leme | bc853dd | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 121 | import android.annotation.Nullable; |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 122 | import android.app.ActivityManager; |
Sudheer Shanka | e736185 | 2017-03-07 11:51:46 -0800 | [diff] [blame] | 123 | import android.app.ActivityManagerInternal; |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 124 | import android.app.AppGlobals; |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 125 | import android.app.AppOpsManager; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 126 | import android.app.IActivityManager; |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 127 | import android.app.IUidObserver; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 128 | import android.app.Notification; |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 129 | import android.app.NotificationManager; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 130 | import android.app.PendingIntent; |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 131 | import android.app.usage.UsageStatsManagerInternal; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 132 | import android.content.BroadcastReceiver; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 133 | import android.content.ComponentName; |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 134 | import android.content.ContentResolver; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 135 | import android.content.Context; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 136 | import android.content.Intent; |
| 137 | import android.content.IntentFilter; |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 138 | import android.content.pm.ApplicationInfo; |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 139 | import android.content.pm.IPackageManager; |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 140 | import android.content.pm.PackageManager; |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 141 | import android.content.pm.PackageManager.NameNotFoundException; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 142 | import android.content.pm.UserInfo; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 143 | import android.content.res.Resources; |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 144 | import android.net.ConnectivityManager; |
Jeff Sharkey | b43a292 | 2017-09-13 17:30:45 -0600 | [diff] [blame] | 145 | import android.net.ConnectivityManager.NetworkCallback; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 146 | import android.net.IConnectivityManager; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 147 | import android.net.INetworkManagementEventObserver; |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 148 | import android.net.INetworkPolicyListener; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 149 | import android.net.INetworkPolicyManager; |
Jeff Sharkey | 7527990 | 2011-05-24 18:39:45 -0700 | [diff] [blame] | 150 | import android.net.INetworkStatsService; |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 151 | import android.net.LinkProperties; |
Jeff Sharkey | b43a292 | 2017-09-13 17:30:45 -0600 | [diff] [blame] | 152 | import android.net.Network; |
| 153 | import android.net.NetworkCapabilities; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 154 | import android.net.NetworkIdentity; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 155 | import android.net.NetworkPolicy; |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 156 | import android.net.NetworkPolicyManager; |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 157 | import android.net.NetworkQuotaInfo; |
Jeff Sharkey | b43a292 | 2017-09-13 17:30:45 -0600 | [diff] [blame] | 158 | import android.net.NetworkRequest; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 159 | import android.net.NetworkSpecifier; |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 160 | import android.net.NetworkStack; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 161 | import android.net.NetworkState; |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 162 | import android.net.NetworkStats; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 163 | import android.net.NetworkTemplate; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 164 | import android.net.StringNetworkSpecifier; |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 165 | import android.net.TrafficStats; |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 166 | import android.net.wifi.WifiConfiguration; |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 167 | import android.net.wifi.WifiManager; |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 168 | import android.os.BestClock; |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 169 | import android.os.Binder; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 170 | import android.os.Environment; |
| 171 | import android.os.Handler; |
Amith Yamasani | 450a16b | 2013-09-18 16:28:50 -0700 | [diff] [blame] | 172 | import android.os.HandlerThread; |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 173 | import android.os.IDeviceIdleController; |
Ashish Sharma | 50fd36d | 2011-06-15 19:34:53 -0700 | [diff] [blame] | 174 | import android.os.INetworkManagementService; |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 175 | import android.os.Message; |
Jeff Sharkey | 163e644 | 2011-10-31 16:37:52 -0700 | [diff] [blame] | 176 | import android.os.MessageQueue.IdleHandler; |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 177 | import android.os.PersistableBundle; |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 178 | import android.os.PowerManager; |
Makoto Onuki | 2eccd02 | 2017-11-01 13:44:23 -0700 | [diff] [blame] | 179 | import android.os.PowerManager.ServiceType; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 180 | import android.os.PowerManagerInternal; |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 181 | import android.os.PowerSaveState; |
Fyodor Kupolov | 311b9fa | 2016-12-02 16:24:35 -0800 | [diff] [blame] | 182 | import android.os.Process; |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 183 | import android.os.RemoteCallbackList; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 184 | import android.os.RemoteException; |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 185 | import android.os.ResultReceiver; |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 186 | import android.os.ServiceManager; |
Dianne Hackborn | 354736e | 2016-08-22 17:00:05 -0700 | [diff] [blame] | 187 | import android.os.ShellCallback; |
Jeff Sharkey | 9911a28 | 2018-02-14 22:29:11 -0700 | [diff] [blame] | 188 | import android.os.SystemClock; |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 189 | import android.os.SystemProperties; |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 190 | import android.os.Trace; |
Dianne Hackborn | f02b60a | 2012-08-16 10:48:27 -0700 | [diff] [blame] | 191 | import android.os.UserHandle; |
Amith Yamasani | 258848d | 2012-08-10 17:06:33 -0700 | [diff] [blame] | 192 | import android.os.UserManager; |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 193 | import android.provider.Settings; |
Narayan Kamath | 94bcdbc | 2017-07-17 15:32:53 +0100 | [diff] [blame] | 194 | import android.provider.Settings.Global; |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 195 | import android.telephony.CarrierConfigManager; |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 196 | import android.telephony.SubscriptionInfo; |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 197 | import android.telephony.SubscriptionManager; |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 198 | import android.telephony.SubscriptionManager.OnSubscriptionsChangedListener; |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 199 | import android.telephony.SubscriptionPlan; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 200 | import android.telephony.TelephonyManager; |
Chris Wren | 8a3d56c | 2016-08-01 15:52:52 -0400 | [diff] [blame] | 201 | import android.text.TextUtils; |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 202 | import android.text.format.DateUtils; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 203 | import android.text.format.Formatter; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 204 | import android.util.ArrayMap; |
| 205 | import android.util.ArraySet; |
Dianne Hackborn | 39606a0 | 2012-07-31 17:54:35 -0700 | [diff] [blame] | 206 | import android.util.AtomicFile; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 207 | import android.util.DataUnit; |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 208 | import android.util.IntArray; |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 209 | import android.util.Log; |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 210 | import android.util.Pair; |
Jeff Sharkey | 0fc6d03 | 2018-03-30 16:25:11 -0600 | [diff] [blame] | 211 | import android.util.Range; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 212 | import android.util.RecurrenceRule; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 213 | import android.util.Slog; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 214 | import android.util.SparseArray; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 215 | import android.util.SparseBooleanArray; |
| 216 | import android.util.SparseIntArray; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 217 | import android.util.SparseLongArray; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 218 | import android.util.Xml; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 219 | |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 220 | import com.android.internal.R; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 221 | import com.android.internal.annotations.GuardedBy; |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 222 | import com.android.internal.annotations.VisibleForTesting; |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 223 | import com.android.internal.messages.nano.SystemMessageProto.SystemMessage; |
Geoffrey Pitsch | af759c5 | 2017-02-15 09:35:38 -0500 | [diff] [blame] | 224 | import com.android.internal.notification.SystemNotificationChannels; |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 225 | import com.android.internal.telephony.PhoneConstants; |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 226 | import com.android.internal.util.ArrayUtils; |
Sudheer Shanka | c53c47f | 2018-01-16 12:01:00 -0800 | [diff] [blame] | 227 | import com.android.internal.util.ConcurrentUtils; |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 228 | import com.android.internal.util.DumpUtils; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 229 | import com.android.internal.util.FastXmlSerializer; |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 230 | import com.android.internal.util.IndentingPrintWriter; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 231 | import com.android.internal.util.Preconditions; |
Makoto Onuki | 49392d3 | 2018-04-11 13:51:02 -0700 | [diff] [blame] | 232 | import com.android.internal.util.StatLogger; |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 233 | import com.android.server.EventLogTags; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 234 | import com.android.server.LocalServices; |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 235 | import com.android.server.ServiceThread; |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 236 | import com.android.server.SystemConfig; |
Christopher Tate | b909c4d5 | 2019-10-21 12:50:37 -0700 | [diff] [blame] | 237 | import com.android.server.usage.AppStandbyInternal; |
| 238 | import com.android.server.usage.AppStandbyInternal.AppIdleStateChangeListener; |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 239 | |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 240 | import libcore.io.IoUtils; |
| 241 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 242 | import org.xmlpull.v1.XmlPullParser; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 243 | import org.xmlpull.v1.XmlSerializer; |
| 244 | |
| 245 | import java.io.File; |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 246 | import java.io.FileDescriptor; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 247 | import java.io.FileInputStream; |
| 248 | import java.io.FileNotFoundException; |
| 249 | import java.io.FileOutputStream; |
| 250 | import java.io.IOException; |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 251 | import java.io.PrintWriter; |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 252 | import java.lang.annotation.Retention; |
| 253 | import java.lang.annotation.RetentionPolicy; |
Wojciech Staszkiewicz | 9e9e2e7 | 2015-05-08 14:58:46 +0100 | [diff] [blame] | 254 | import java.nio.charset.StandardCharsets; |
Jeff Sharkey | 9911a28 | 2018-02-14 22:29:11 -0700 | [diff] [blame] | 255 | import java.time.Clock; |
Remi NGUYEN VAN | bed7b97 | 2018-04-02 15:48:19 +0900 | [diff] [blame] | 256 | import java.time.Instant; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 257 | import java.time.ZoneId; |
Jeff Sharkey | 9911a28 | 2018-02-14 22:29:11 -0700 | [diff] [blame] | 258 | import java.time.ZoneOffset; |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 259 | import java.time.ZonedDateTime; |
Remi NGUYEN VAN | bed7b97 | 2018-04-02 15:48:19 +0900 | [diff] [blame] | 260 | import java.time.temporal.ChronoUnit; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 261 | import java.util.ArrayList; |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 262 | import java.util.Arrays; |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 263 | import java.util.Calendar; |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 264 | import java.util.List; |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 265 | import java.util.Objects; |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 266 | import java.util.Set; |
Fyodor Kupolov | 311b9fa | 2016-12-02 16:24:35 -0800 | [diff] [blame] | 267 | import java.util.concurrent.CountDownLatch; |
| 268 | import java.util.concurrent.TimeUnit; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 269 | |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 270 | /** |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 271 | * Service that maintains low-level network policy rules, using |
| 272 | * {@link NetworkStatsService} statistics to drive those rules. |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 273 | * <p> |
| 274 | * Derives active rules by combining a given policy with other system status, |
| 275 | * and delivers to listeners, such as {@link ConnectivityManager}, for |
| 276 | * enforcement. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 277 | * |
| 278 | * <p> |
Andreas Gampe | e8e2ebd | 2018-10-24 19:42:52 -0700 | [diff] [blame] | 279 | * This class uses 2 locks to synchronize state: |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 280 | * <ul> |
| 281 | * <li>{@code mUidRulesFirstLock}: used to guard state related to individual UIDs (such as firewall |
| 282 | * rules). |
| 283 | * <li>{@code mNetworkPoliciesSecondLock}: used to guard state related to network interfaces (such |
| 284 | * as network policies). |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 285 | * </ul> |
| 286 | * |
| 287 | * <p> |
| 288 | * As such, methods that require synchronization have the following prefixes: |
| 289 | * <ul> |
| 290 | * <li>{@code UL()}: require the "UID" lock ({@code mUidRulesFirstLock}). |
| 291 | * <li>{@code NL()}: require the "Network" lock ({@code mNetworkPoliciesSecondLock}). |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 292 | * <li>{@code AL()}: require all locks, which must be obtained in order ({@code mUidRulesFirstLock} |
| 293 | * first, then {@code mNetworkPoliciesSecondLock}, then {@code mYetAnotherGuardThirdLock}, etc.. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 294 | * </ul> |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 295 | */ |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 296 | public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 297 | static final String TAG = NetworkPolicyLogger.TAG; |
| 298 | private static final boolean LOGD = NetworkPolicyLogger.LOGD; |
| 299 | private static final boolean LOGV = NetworkPolicyLogger.LOGV; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 300 | |
Remi NGUYEN VAN | 5a89f94 | 2018-03-30 21:17:42 +0900 | [diff] [blame] | 301 | /** |
| 302 | * No opportunistic quota could be calculated from user data plan or data settings. |
| 303 | */ |
| 304 | public static final int OPPORTUNISTIC_QUOTA_UNKNOWN = -1; |
| 305 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 306 | private static final int VERSION_INIT = 1; |
| 307 | private static final int VERSION_ADDED_SNOOZE = 2; |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 308 | private static final int VERSION_ADDED_RESTRICT_BACKGROUND = 3; |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 309 | private static final int VERSION_ADDED_METERED = 4; |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 310 | private static final int VERSION_SPLIT_SNOOZE = 5; |
Jeff Sharkey | 9bf3150 | 2012-03-09 17:07:21 -0800 | [diff] [blame] | 311 | private static final int VERSION_ADDED_TIMEZONE = 6; |
Jeff Sharkey | 837f924 | 2012-03-20 16:52:20 -0700 | [diff] [blame] | 312 | private static final int VERSION_ADDED_INFERRED = 7; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 313 | private static final int VERSION_SWITCH_APP_ID = 8; |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 314 | private static final int VERSION_ADDED_NETWORK_ID = 9; |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 315 | private static final int VERSION_SWITCH_UID = 10; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 316 | private static final int VERSION_ADDED_CYCLE = 11; |
| 317 | private static final int VERSION_LATEST = VERSION_ADDED_CYCLE; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 318 | |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 319 | @VisibleForTesting |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 320 | public static final int TYPE_WARNING = SystemMessage.NOTE_NET_WARNING; |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 321 | @VisibleForTesting |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 322 | public static final int TYPE_LIMIT = SystemMessage.NOTE_NET_LIMIT; |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 323 | @VisibleForTesting |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 324 | public static final int TYPE_LIMIT_SNOOZED = SystemMessage.NOTE_NET_LIMIT_SNOOZED; |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 325 | @VisibleForTesting |
| 326 | public static final int TYPE_RAPID = SystemMessage.NOTE_NET_RAPID; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 327 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 328 | private static final String TAG_POLICY_LIST = "policy-list"; |
| 329 | private static final String TAG_NETWORK_POLICY = "network-policy"; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 330 | private static final String TAG_SUBSCRIPTION_PLAN = "subscription-plan"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 331 | private static final String TAG_UID_POLICY = "uid-policy"; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 332 | private static final String TAG_APP_POLICY = "app-policy"; |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 333 | private static final String TAG_WHITELIST = "whitelist"; |
| 334 | private static final String TAG_RESTRICT_BACKGROUND = "restrict-background"; |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 335 | private static final String TAG_REVOKED_RESTRICT_BACKGROUND = "revoked-restrict-background"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 336 | |
| 337 | private static final String ATTR_VERSION = "version"; |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 338 | private static final String ATTR_RESTRICT_BACKGROUND = "restrictBackground"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 339 | private static final String ATTR_NETWORK_TEMPLATE = "networkTemplate"; |
| 340 | private static final String ATTR_SUBSCRIBER_ID = "subscriberId"; |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 341 | private static final String ATTR_NETWORK_ID = "networkId"; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 342 | @Deprecated private static final String ATTR_CYCLE_DAY = "cycleDay"; |
| 343 | @Deprecated private static final String ATTR_CYCLE_TIMEZONE = "cycleTimezone"; |
| 344 | private static final String ATTR_CYCLE_START = "cycleStart"; |
| 345 | private static final String ATTR_CYCLE_END = "cycleEnd"; |
| 346 | private static final String ATTR_CYCLE_PERIOD = "cyclePeriod"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 347 | private static final String ATTR_WARNING_BYTES = "warningBytes"; |
| 348 | private static final String ATTR_LIMIT_BYTES = "limitBytes"; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 349 | private static final String ATTR_LAST_SNOOZE = "lastSnooze"; |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 350 | private static final String ATTR_LAST_WARNING_SNOOZE = "lastWarningSnooze"; |
| 351 | private static final String ATTR_LAST_LIMIT_SNOOZE = "lastLimitSnooze"; |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 352 | private static final String ATTR_METERED = "metered"; |
Jeff Sharkey | 837f924 | 2012-03-20 16:52:20 -0700 | [diff] [blame] | 353 | private static final String ATTR_INFERRED = "inferred"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 354 | private static final String ATTR_UID = "uid"; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 355 | private static final String ATTR_APP_ID = "appId"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 356 | private static final String ATTR_POLICY = "policy"; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 357 | private static final String ATTR_SUB_ID = "subId"; |
| 358 | private static final String ATTR_TITLE = "title"; |
| 359 | private static final String ATTR_SUMMARY = "summary"; |
| 360 | private static final String ATTR_LIMIT_BEHAVIOR = "limitBehavior"; |
| 361 | private static final String ATTR_USAGE_BYTES = "usageBytes"; |
| 362 | private static final String ATTR_USAGE_TIME = "usageTime"; |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 363 | private static final String ATTR_OWNER_PACKAGE = "ownerPackage"; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 364 | |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 365 | private static final String ACTION_ALLOW_BACKGROUND = |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 366 | "com.android.server.net.action.ALLOW_BACKGROUND"; |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 367 | private static final String ACTION_SNOOZE_WARNING = |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 368 | "com.android.server.net.action.SNOOZE_WARNING"; |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 369 | private static final String ACTION_SNOOZE_RAPID = |
| 370 | "com.android.server.net.action.SNOOZE_RAPID"; |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 371 | |
Sudheer Shanka | c53c47f | 2018-01-16 12:01:00 -0800 | [diff] [blame] | 372 | /** |
Sudheer Shanka | b2ed1c3 | 2019-10-07 11:42:59 -0700 | [diff] [blame] | 373 | * Indicates the maximum wait time for admin data to be available. |
Sudheer Shanka | c53c47f | 2018-01-16 12:01:00 -0800 | [diff] [blame] | 374 | */ |
| 375 | private static final long WAIT_FOR_ADMIN_DATA_TIMEOUT_MS = 10_000; |
| 376 | |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 377 | private static final long QUOTA_UNLIMITED_DEFAULT = DataUnit.MEBIBYTES.toBytes(20); |
| 378 | private static final float QUOTA_LIMITED_DEFAULT = 0.1f; |
| 379 | private static final float QUOTA_FRAC_JOBS_DEFAULT = 0.5f; |
| 380 | private static final float QUOTA_FRAC_MULTIPATH_DEFAULT = 0.5f; |
| 381 | |
Svetoslav Ganov | 24c2775 | 2016-08-31 18:09:00 -0700 | [diff] [blame] | 382 | private static final int MSG_RULES_CHANGED = 1; |
Jeff Sharkey | 6f7af03 | 2011-11-01 18:25:15 -0700 | [diff] [blame] | 383 | private static final int MSG_METERED_IFACES_CHANGED = 2; |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 384 | private static final int MSG_LIMIT_REACHED = 5; |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 385 | private static final int MSG_RESTRICT_BACKGROUND_CHANGED = 6; |
Jeff Sharkey | e19f39b | 2012-05-24 10:21:16 -0700 | [diff] [blame] | 386 | private static final int MSG_ADVISE_PERSIST_THRESHOLD = 7; |
Amith Yamasani | 3646cbd | 2016-04-13 14:04:53 -0700 | [diff] [blame] | 387 | private static final int MSG_UPDATE_INTERFACE_QUOTA = 10; |
| 388 | private static final int MSG_REMOVE_INTERFACE_QUOTA = 11; |
Felipe Leme | 0ecfcd1 | 2016-09-06 12:49:48 -0700 | [diff] [blame] | 389 | private static final int MSG_POLICIES_CHANGED = 13; |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 390 | private static final int MSG_RESET_FIREWALL_RULES_BY_UID = 15; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 391 | private static final int MSG_SUBSCRIPTION_OVERRIDE = 16; |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 392 | private static final int MSG_METERED_RESTRICTED_PACKAGES_CHANGED = 17; |
Makoto Onuki | 3f1bf5f | 2018-04-04 15:29:00 -0700 | [diff] [blame] | 393 | private static final int MSG_SET_NETWORK_TEMPLATE_ENABLED = 18; |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 394 | private static final int MSG_SUBSCRIPTION_PLANS_CHANGED = 19; |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 395 | |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 396 | private static final int UID_MSG_STATE_CHANGED = 100; |
| 397 | private static final int UID_MSG_GONE = 101; |
| 398 | |
Jeff Sharkey | 003d3e6 | 2018-03-30 14:35:04 -0600 | [diff] [blame] | 399 | private static final String PROP_SUB_PLAN_OWNER = "persist.sys.sub_plan_owner"; |
| 400 | |
Jeff Sharkey | 7527990 | 2011-05-24 18:39:45 -0700 | [diff] [blame] | 401 | private final Context mContext; |
| 402 | private final IActivityManager mActivityManager; |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 403 | private NetworkStatsManagerInternal mNetworkStats; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 404 | private final INetworkManagementService mNetworkManager; |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 405 | private UsageStatsManagerInternal mUsageStats; |
Christopher Tate | b909c4d5 | 2019-10-21 12:50:37 -0700 | [diff] [blame] | 406 | private AppStandbyInternal mAppStandby; |
Jeff Sharkey | 9911a28 | 2018-02-14 22:29:11 -0700 | [diff] [blame] | 407 | private final Clock mClock; |
Stuart Scott | e3e314d | 2015-04-20 14:07:45 -0700 | [diff] [blame] | 408 | private final UserManager mUserManager; |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 409 | private final CarrierConfigManager mCarrierConfigManager; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 410 | |
| 411 | private IConnectivityManager mConnManager; |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 412 | private PowerManagerInternal mPowerManagerInternal; |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 413 | private IDeviceIdleController mDeviceIdleController; |
Kweku Adams | 25fa3a7 | 2019-07-12 17:00:17 -0700 | [diff] [blame] | 414 | |
| 415 | /** Current cached value of the current Battery Saver mode's setting for restrict background. */ |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 416 | @GuardedBy("mUidRulesFirstLock") |
Kweku Adams | 25fa3a7 | 2019-07-12 17:00:17 -0700 | [diff] [blame] | 417 | private boolean mRestrictBackgroundLowPowerMode; |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 418 | |
| 419 | // Store the status of restrict background before turning on battery saver. |
| 420 | // Used to restore mRestrictBackground when battery saver is turned off. |
| 421 | private boolean mRestrictBackgroundBeforeBsm; |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 422 | |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 423 | // Denotes the status of restrict background read from disk. |
| 424 | private boolean mLoadedRestrictBackground; |
| 425 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 426 | // See main javadoc for instructions on how to use these locks. |
| 427 | final Object mUidRulesFirstLock = new Object(); |
| 428 | final Object mNetworkPoliciesSecondLock = new Object(); |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 429 | |
Andreas Gampe | e8e2ebd | 2018-10-24 19:42:52 -0700 | [diff] [blame] | 430 | @GuardedBy({"mUidRulesFirstLock", "mNetworkPoliciesSecondLock"}) |
| 431 | volatile boolean mSystemReady; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 432 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 433 | @GuardedBy("mUidRulesFirstLock") volatile boolean mRestrictBackground; |
| 434 | @GuardedBy("mUidRulesFirstLock") volatile boolean mRestrictPower; |
| 435 | @GuardedBy("mUidRulesFirstLock") volatile boolean mDeviceIdleMode; |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 436 | // Store whether user flipped restrict background in battery saver mode |
| 437 | @GuardedBy("mUidRulesFirstLock") volatile boolean mRestrictBackgroundChangedInBsm; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 438 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 439 | private final boolean mSuppressDefaultPolicy; |
| 440 | |
Sudheer Shanka | c53c47f | 2018-01-16 12:01:00 -0800 | [diff] [blame] | 441 | private final CountDownLatch mAdminDataAvailableLatch = new CountDownLatch(1); |
| 442 | |
Sudheer Shanka | 1536fb6 | 2018-07-05 11:52:36 -0700 | [diff] [blame] | 443 | private volatile boolean mNetworkManagerReady; |
| 444 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 445 | /** Defined network policies. */ |
Jeff Sharkey | 4635f10 | 2017-09-01 11:27:13 -0600 | [diff] [blame] | 446 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 447 | final ArrayMap<NetworkTemplate, NetworkPolicy> mNetworkPolicy = new ArrayMap<>(); |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 448 | |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 449 | /** Map from subId to subscription plans. */ |
Jeff Sharkey | 4635f10 | 2017-09-01 11:27:13 -0600 | [diff] [blame] | 450 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 451 | final SparseArray<SubscriptionPlan[]> mSubscriptionPlans = new SparseArray<>(); |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 452 | /** Map from subId to package name that owns subscription plans. */ |
Jeff Sharkey | 4635f10 | 2017-09-01 11:27:13 -0600 | [diff] [blame] | 453 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 454 | final SparseArray<String> mSubscriptionPlansOwner = new SparseArray<>(); |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 455 | |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 456 | /** Map from subId to daily opportunistic quota. */ |
| 457 | @GuardedBy("mNetworkPoliciesSecondLock") |
| 458 | final SparseLongArray mSubscriptionOpportunisticQuota = new SparseLongArray(); |
| 459 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 460 | /** Defined UID policies. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 461 | @GuardedBy("mUidRulesFirstLock") final SparseIntArray mUidPolicy = new SparseIntArray(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 462 | /** Currently derived rules for each UID. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 463 | @GuardedBy("mUidRulesFirstLock") final SparseIntArray mUidRules = new SparseIntArray(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 464 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 465 | @GuardedBy("mUidRulesFirstLock") |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 466 | final SparseIntArray mUidFirewallStandbyRules = new SparseIntArray(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 467 | @GuardedBy("mUidRulesFirstLock") |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 468 | final SparseIntArray mUidFirewallDozableRules = new SparseIntArray(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 469 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 470 | final SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray(); |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 471 | |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 472 | /** Set of states for the child firewall chains. True if the chain is active. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 473 | @GuardedBy("mUidRulesFirstLock") |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 474 | final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray(); |
| 475 | |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 476 | // "Power save mode" is the concept used in the DeviceIdleController that includes various |
| 477 | // features including Doze and Battery Saver. It include Battery Saver, but "power save mode" |
| 478 | // and "battery saver" are not equivalent. |
| 479 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 480 | /** |
| 481 | * UIDs that have been white-listed to always be able to have network access |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 482 | * in power save mode, except device idle (doze) still applies. |
| 483 | * TODO: An int array might be sufficient |
| 484 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 485 | @GuardedBy("mUidRulesFirstLock") |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 486 | private final SparseBooleanArray mPowerSaveWhitelistExceptIdleAppIds = new SparseBooleanArray(); |
| 487 | |
| 488 | /** |
| 489 | * UIDs that have been white-listed to always be able to have network access |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 490 | * in power save mode. |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 491 | * TODO: An int array might be sufficient |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 492 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 493 | @GuardedBy("mUidRulesFirstLock") |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 494 | private final SparseBooleanArray mPowerSaveWhitelistAppIds = new SparseBooleanArray(); |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 495 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 496 | @GuardedBy("mUidRulesFirstLock") |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 497 | private final SparseBooleanArray mPowerSaveTempWhitelistAppIds = new SparseBooleanArray(); |
| 498 | |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 499 | /** |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 500 | * UIDs that have been white-listed temporarily to be able to have network access despite being |
| 501 | * idle. Other power saving restrictions still apply. |
| 502 | */ |
| 503 | @GuardedBy("mUidRulesFirstLock") |
| 504 | private final SparseBooleanArray mAppIdleTempWhitelistAppIds = new SparseBooleanArray(); |
| 505 | |
| 506 | /** |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 507 | * UIDs that have been initially white-listed by system to avoid restricted background. |
| 508 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 509 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 510 | private final SparseBooleanArray mDefaultRestrictBackgroundWhitelistUids = |
| 511 | new SparseBooleanArray(); |
| 512 | |
| 513 | /** |
| 514 | * UIDs that have been initially white-listed by system to avoid restricted background, |
| 515 | * but later revoked by user. |
| 516 | */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 517 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 518 | private final SparseBooleanArray mRestrictBackgroundWhitelistRevokedUids = |
| 519 | new SparseBooleanArray(); |
| 520 | |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 521 | /** Set of ifaces that are metered. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 522 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 523 | private ArraySet<String> mMeteredIfaces = new ArraySet<>(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 524 | /** Set of over-limit templates that have been notified. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 525 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 526 | private final ArraySet<NetworkTemplate> mOverLimitNotified = new ArraySet<>(); |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 527 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 528 | /** Set of currently active {@link Notification} tags. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 529 | @GuardedBy("mNetworkPoliciesSecondLock") |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 530 | private final ArraySet<NotificationId> mActiveNotifs = new ArraySet<>(); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 531 | |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 532 | /** Foreground at UID granularity. */ |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 533 | @GuardedBy("mUidRulesFirstLock") |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 534 | final SparseIntArray mUidState = new SparseIntArray(); |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 535 | |
Jeff Sharkey | b43a292 | 2017-09-13 17:30:45 -0600 | [diff] [blame] | 536 | /** Map from network ID to last observed meteredness state */ |
| 537 | @GuardedBy("mNetworkPoliciesSecondLock") |
| 538 | private final SparseBooleanArray mNetworkMetered = new SparseBooleanArray(); |
Remi NGUYEN VAN | ed6d2ca | 2018-04-04 11:12:51 +0900 | [diff] [blame] | 539 | /** Map from network ID to last observed roaming state */ |
| 540 | @GuardedBy("mNetworkPoliciesSecondLock") |
| 541 | private final SparseBooleanArray mNetworkRoaming = new SparseBooleanArray(); |
| 542 | |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 543 | /** Map from netId to subId as of last update */ |
| 544 | @GuardedBy("mNetworkPoliciesSecondLock") |
| 545 | private final SparseIntArray mNetIdToSubId = new SparseIntArray(); |
| 546 | |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 547 | /** Map from subId to subscriberId as of last update */ |
| 548 | @GuardedBy("mNetworkPoliciesSecondLock") |
| 549 | private final SparseArray<String> mSubIdToSubscriberId = new SparseArray<>(); |
| 550 | /** Set of all merged subscriberId as of last update */ |
| 551 | @GuardedBy("mNetworkPoliciesSecondLock") |
Malcolm Chen | 07fcb5b | 2019-07-02 22:29:35 -0700 | [diff] [blame] | 552 | private List<String[]> mMergedSubscriberIds = new ArrayList<>(); |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 553 | |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 554 | /** |
| 555 | * Indicates the uids restricted by admin from accessing metered data. It's a mapping from |
| 556 | * userId to restricted uids which belong to that user. |
| 557 | */ |
| 558 | @GuardedBy("mUidRulesFirstLock") |
| 559 | private final SparseArray<Set<Integer>> mMeteredRestrictedUids = new SparseArray<>(); |
| 560 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 561 | private final RemoteCallbackList<INetworkPolicyListener> |
| 562 | mListeners = new RemoteCallbackList<>(); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 563 | |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 564 | final Handler mHandler; |
Sudheer Shanka | ed25ce6 | 2017-03-29 20:46:30 -0700 | [diff] [blame] | 565 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 566 | final Handler mUidEventHandler; |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 567 | |
| 568 | private final ServiceThread mUidEventThread; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 569 | |
Andreas Gampe | e8e2ebd | 2018-10-24 19:42:52 -0700 | [diff] [blame] | 570 | @GuardedBy({"mUidRulesFirstLock", "mNetworkPoliciesSecondLock"}) |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 571 | private final AtomicFile mPolicyFile; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 572 | |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 573 | private final AppOpsManager mAppOps; |
| 574 | |
Amith Yamasani | 2a4ac4e | 2016-02-12 12:43:15 -0800 | [diff] [blame] | 575 | private final IPackageManager mIPm; |
| 576 | |
Sudheer Shanka | e736185 | 2017-03-07 11:51:46 -0800 | [diff] [blame] | 577 | private ActivityManagerInternal mActivityManagerInternal; |
| 578 | |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 579 | private final NetworkPolicyLogger mLogger = new NetworkPolicyLogger(); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 580 | |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 581 | // TODO: keep whitelist of system-critical services that should never have |
| 582 | // rules enforced, such as system, phone, and radio UIDs. |
| 583 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 584 | // TODO: migrate notifications to SystemUI |
| 585 | |
Makoto Onuki | 49392d3 | 2018-04-11 13:51:02 -0700 | [diff] [blame] | 586 | |
| 587 | interface Stats { |
| 588 | int UPDATE_NETWORK_ENABLED = 0; |
| 589 | int IS_UID_NETWORKING_BLOCKED = 1; |
| 590 | |
| 591 | int COUNT = IS_UID_NETWORKING_BLOCKED + 1; |
| 592 | } |
| 593 | |
| 594 | public final StatLogger mStatLogger = new StatLogger(new String[] { |
| 595 | "updateNetworkEnabledNL()", |
| 596 | "isUidNetworkingBlocked()", |
| 597 | }); |
| 598 | |
Jeff Sharkey | 7527990 | 2011-05-24 18:39:45 -0700 | [diff] [blame] | 599 | public NetworkPolicyManagerService(Context context, IActivityManager activityManager, |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 600 | INetworkManagementService networkManagement) { |
| 601 | this(context, activityManager, networkManagement, AppGlobals.getPackageManager(), |
| 602 | getDefaultClock(), getDefaultSystemDir(), false); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 603 | } |
| 604 | |
Jeff Sharkey | 9911a28 | 2018-02-14 22:29:11 -0700 | [diff] [blame] | 605 | private static @NonNull File getDefaultSystemDir() { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 606 | return new File(Environment.getDataDirectory(), "system"); |
| 607 | } |
| 608 | |
Jeff Sharkey | 9911a28 | 2018-02-14 22:29:11 -0700 | [diff] [blame] | 609 | private static @NonNull Clock getDefaultClock() { |
| 610 | return new BestClock(ZoneOffset.UTC, SystemClock.currentNetworkTimeClock(), |
| 611 | Clock.systemUTC()); |
| 612 | } |
| 613 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 614 | public NetworkPolicyManagerService(Context context, IActivityManager activityManager, |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 615 | INetworkManagementService networkManagement, IPackageManager pm, Clock clock, |
| 616 | File systemDir, boolean suppressDefaultPolicy) { |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 617 | mContext = checkNotNull(context, "missing context"); |
| 618 | mActivityManager = checkNotNull(activityManager, "missing activityManager"); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 619 | mNetworkManager = checkNotNull(networkManagement, "missing networkManagement"); |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 620 | mDeviceIdleController = IDeviceIdleController.Stub.asInterface(ServiceManager.getService( |
Dianne Hackborn | 1958e5e | 2015-06-12 18:11:41 -0700 | [diff] [blame] | 621 | Context.DEVICE_IDLE_CONTROLLER)); |
Jeff Sharkey | 9911a28 | 2018-02-14 22:29:11 -0700 | [diff] [blame] | 622 | mClock = checkNotNull(clock, "missing Clock"); |
Stuart Scott | e3e314d | 2015-04-20 14:07:45 -0700 | [diff] [blame] | 623 | mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE); |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 624 | mCarrierConfigManager = mContext.getSystemService(CarrierConfigManager.class); |
Felipe Leme | 3d3308d | 2016-08-23 17:41:47 -0700 | [diff] [blame] | 625 | mIPm = pm; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 626 | |
Amith Yamasani | 450a16b | 2013-09-18 16:28:50 -0700 | [diff] [blame] | 627 | HandlerThread thread = new HandlerThread(TAG); |
| 628 | thread.start(); |
| 629 | mHandler = new Handler(thread.getLooper(), mHandlerCallback); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 630 | |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 631 | // We create another thread for the UID events, which are more time-critical. |
| 632 | mUidEventThread = new ServiceThread(TAG + ".uid", Process.THREAD_PRIORITY_FOREGROUND, |
| 633 | /*allowIo=*/ false); |
| 634 | mUidEventThread.start(); |
| 635 | mUidEventHandler = new Handler(mUidEventThread.getLooper(), mUidEventHandlerCallback); |
| 636 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 637 | mSuppressDefaultPolicy = suppressDefaultPolicy; |
| 638 | |
Dianne Hackborn | e17b445 | 2018-01-10 13:15:40 -0800 | [diff] [blame] | 639 | mPolicyFile = new AtomicFile(new File(systemDir, "netpolicy.xml"), "net-policy"); |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 640 | |
| 641 | mAppOps = context.getSystemService(AppOpsManager.class); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 642 | |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 643 | // Expose private service for system components to use. |
| 644 | LocalServices.addService(NetworkPolicyManagerInternal.class, |
| 645 | new NetworkPolicyManagerInternalImpl()); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 646 | } |
| 647 | |
| 648 | public void bindConnectivityManager(IConnectivityManager connManager) { |
| 649 | mConnManager = checkNotNull(connManager, "missing IConnectivityManager"); |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 650 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 651 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 652 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 653 | void updatePowerSaveWhitelistUL() { |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 654 | try { |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 655 | int[] whitelist = mDeviceIdleController.getAppIdWhitelistExceptIdle(); |
| 656 | mPowerSaveWhitelistExceptIdleAppIds.clear(); |
| 657 | if (whitelist != null) { |
| 658 | for (int uid : whitelist) { |
| 659 | mPowerSaveWhitelistExceptIdleAppIds.put(uid, true); |
| 660 | } |
| 661 | } |
| 662 | whitelist = mDeviceIdleController.getAppIdWhitelist(); |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 663 | mPowerSaveWhitelistAppIds.clear(); |
| 664 | if (whitelist != null) { |
| 665 | for (int uid : whitelist) { |
| 666 | mPowerSaveWhitelistAppIds.put(uid, true); |
| 667 | } |
| 668 | } |
| 669 | } catch (RemoteException e) { |
| 670 | } |
| 671 | } |
| 672 | |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 673 | /** |
| 674 | * Whitelists pre-defined apps for restrict background, but only if the user didn't already |
| 675 | * revoke the whitelist. |
| 676 | * |
Felipe Leme | 46b451f | 2016-08-19 08:46:17 -0700 | [diff] [blame] | 677 | * @return whether any uid has been whitelisted. |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 678 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 679 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 680 | boolean addDefaultRestrictBackgroundWhitelistUidsUL() { |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 681 | final List<UserInfo> users = mUserManager.getUsers(); |
| 682 | final int numberUsers = users.size(); |
| 683 | |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 684 | boolean changed = false; |
| 685 | for (int i = 0; i < numberUsers; i++) { |
| 686 | final UserInfo user = users.get(i); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 687 | changed = addDefaultRestrictBackgroundWhitelistUidsUL(user.id) || changed; |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 688 | } |
| 689 | return changed; |
| 690 | } |
| 691 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 692 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 693 | private boolean addDefaultRestrictBackgroundWhitelistUidsUL(int userId) { |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 694 | final SystemConfig sysConfig = SystemConfig.getInstance(); |
| 695 | final PackageManager pm = mContext.getPackageManager(); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 696 | final ArraySet<String> allowDataUsage = sysConfig.getAllowInDataUsageSave(); |
| 697 | boolean changed = false; |
| 698 | for (int i = 0; i < allowDataUsage.size(); i++) { |
| 699 | final String pkg = allowDataUsage.valueAt(i); |
| 700 | if (LOGD) |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 701 | Slog.d(TAG, "checking restricted background whitelisting for package " + pkg |
| 702 | + " and user " + userId); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 703 | final ApplicationInfo app; |
| 704 | try { |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 705 | app = pm.getApplicationInfoAsUser(pkg, PackageManager.MATCH_SYSTEM_ONLY, userId); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 706 | } catch (PackageManager.NameNotFoundException e) { |
Felipe Leme | a1252b2 | 2016-08-31 08:47:50 -0700 | [diff] [blame] | 707 | if (LOGD) Slog.d(TAG, "No ApplicationInfo for package " + pkg); |
| 708 | // Ignore it - some apps on allow-in-data-usage-save are optional. |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 709 | continue; |
| 710 | } |
| 711 | if (!app.isPrivilegedApp()) { |
Felipe Leme | a1252b2 | 2016-08-31 08:47:50 -0700 | [diff] [blame] | 712 | Slog.e(TAG, "addDefaultRestrictBackgroundWhitelistUidsUL(): " |
| 713 | + "skipping non-privileged app " + pkg); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 714 | continue; |
| 715 | } |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 716 | final int uid = UserHandle.getUid(userId, app.uid); |
| 717 | mDefaultRestrictBackgroundWhitelistUids.append(uid, true); |
| 718 | if (LOGD) |
| 719 | Slog.d(TAG, "Adding uid " + uid + " (user " + userId + ") to default restricted " |
| 720 | + "background whitelist. Revoked status: " |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 721 | + mRestrictBackgroundWhitelistRevokedUids.get(uid)); |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 722 | if (!mRestrictBackgroundWhitelistRevokedUids.get(uid)) { |
Felipe Leme | a1252b2 | 2016-08-31 08:47:50 -0700 | [diff] [blame] | 723 | if (LOGD) |
| 724 | Slog.d(TAG, "adding default package " + pkg + " (uid " + uid + " for user " |
| 725 | + userId + ") to restrict background whitelist"); |
Felipe Leme | 46b451f | 2016-08-19 08:46:17 -0700 | [diff] [blame] | 726 | setUidPolicyUncheckedUL(uid, POLICY_ALLOW_METERED_BACKGROUND, false); |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 727 | changed = true; |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 728 | } |
| 729 | } |
| 730 | return changed; |
| 731 | } |
| 732 | |
Fyodor Kupolov | 311b9fa | 2016-12-02 16:24:35 -0800 | [diff] [blame] | 733 | private void initService(CountDownLatch initCompleteSignal) { |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 734 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "systemReady"); |
Fyodor Kupolov | 311b9fa | 2016-12-02 16:24:35 -0800 | [diff] [blame] | 735 | final int oldPriority = Process.getThreadPriority(Process.myTid()); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 736 | try { |
Fyodor Kupolov | 311b9fa | 2016-12-02 16:24:35 -0800 | [diff] [blame] | 737 | // Boost thread's priority during system server init |
| 738 | Process.setThreadPriority(Process.THREAD_PRIORITY_FOREGROUND); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 739 | if (!isBandwidthControlEnabled()) { |
| 740 | Slog.w(TAG, "bandwidth controls disabled, unable to enforce policy"); |
| 741 | return; |
| 742 | } |
Jeff Sharkey | 8c1dc72 | 2012-05-04 14:49:37 -0700 | [diff] [blame] | 743 | |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 744 | mUsageStats = LocalServices.getService(UsageStatsManagerInternal.class); |
Christopher Tate | b909c4d5 | 2019-10-21 12:50:37 -0700 | [diff] [blame] | 745 | mAppStandby = LocalServices.getService(AppStandbyInternal.class); |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 746 | mNetworkStats = LocalServices.getService(NetworkStatsManagerInternal.class); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 747 | |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 748 | synchronized (mUidRulesFirstLock) { |
| 749 | synchronized (mNetworkPoliciesSecondLock) { |
| 750 | updatePowerSaveWhitelistUL(); |
| 751 | mPowerManagerInternal = LocalServices.getService(PowerManagerInternal.class); |
| 752 | mPowerManagerInternal.registerLowPowerModeObserver( |
| 753 | new PowerManagerInternal.LowPowerModeListener() { |
jackqdyulei | 455e90a | 2017-02-09 15:29:16 -0800 | [diff] [blame] | 754 | @Override |
| 755 | public int getServiceType() { |
| 756 | return ServiceType.NETWORK_FIREWALL; |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 757 | } |
jackqdyulei | 455e90a | 2017-02-09 15:29:16 -0800 | [diff] [blame] | 758 | |
| 759 | @Override |
| 760 | public void onLowPowerModeChanged(PowerSaveState result) { |
| 761 | final boolean enabled = result.batterySaverEnabled; |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 762 | if (LOGD) { |
| 763 | Slog.d(TAG, "onLowPowerModeChanged(" + enabled + ")"); |
| 764 | } |
jackqdyulei | 455e90a | 2017-02-09 15:29:16 -0800 | [diff] [blame] | 765 | synchronized (mUidRulesFirstLock) { |
| 766 | if (mRestrictPower != enabled) { |
| 767 | mRestrictPower = enabled; |
| 768 | updateRulesForRestrictPowerUL(); |
| 769 | } |
| 770 | } |
| 771 | } |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 772 | }); |
jackqdyulei | 455e90a | 2017-02-09 15:29:16 -0800 | [diff] [blame] | 773 | mRestrictPower = mPowerManagerInternal.getLowPowerState( |
| 774 | ServiceType.NETWORK_FIREWALL).batterySaverEnabled; |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 775 | |
| 776 | mSystemReady = true; |
| 777 | |
Sudheer Shanka | c53c47f | 2018-01-16 12:01:00 -0800 | [diff] [blame] | 778 | waitForAdminData(); |
| 779 | |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 780 | // read policy from disk |
| 781 | readPolicyAL(); |
| 782 | |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 783 | // Update the restrictBackground if battery saver is turned on |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 784 | mRestrictBackgroundBeforeBsm = mLoadedRestrictBackground; |
Kweku Adams | 25fa3a7 | 2019-07-12 17:00:17 -0700 | [diff] [blame] | 785 | mRestrictBackgroundLowPowerMode = mPowerManagerInternal |
| 786 | .getLowPowerState(ServiceType.DATA_SAVER).batterySaverEnabled; |
| 787 | if (mRestrictBackgroundLowPowerMode && !mLoadedRestrictBackground) { |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 788 | mLoadedRestrictBackground = true; |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 789 | } |
| 790 | mPowerManagerInternal.registerLowPowerModeObserver( |
| 791 | new PowerManagerInternal.LowPowerModeListener() { |
| 792 | @Override |
| 793 | public int getServiceType() { |
| 794 | return ServiceType.DATA_SAVER; |
| 795 | } |
| 796 | |
| 797 | @Override |
| 798 | public void onLowPowerModeChanged(PowerSaveState result) { |
| 799 | synchronized (mUidRulesFirstLock) { |
| 800 | updateRestrictBackgroundByLowPowerModeUL(result); |
| 801 | } |
| 802 | } |
| 803 | }); |
| 804 | |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 805 | if (addDefaultRestrictBackgroundWhitelistUidsUL()) { |
| 806 | writePolicyAL(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 807 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 808 | |
Kweku Adams | df33ae1 | 2019-10-08 11:51:41 -0700 | [diff] [blame] | 809 | enableFirewallChainUL(FIREWALL_CHAIN_STANDBY, true); |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 810 | setRestrictBackgroundUL(mLoadedRestrictBackground); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 811 | updateRulesForGlobalChangeAL(false); |
| 812 | updateNotificationsNL(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 813 | } |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 814 | } |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 815 | |
Sudheer Shanka | e736185 | 2017-03-07 11:51:46 -0800 | [diff] [blame] | 816 | mActivityManagerInternal = LocalServices.getService(ActivityManagerInternal.class); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 817 | try { |
| 818 | mActivityManager.registerUidObserver(mUidObserver, |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 819 | ActivityManager.UID_OBSERVER_PROCSTATE|ActivityManager.UID_OBSERVER_GONE, |
Sudheer Shanka | 6a3c07e | 2018-09-11 15:21:22 -0700 | [diff] [blame] | 820 | NetworkPolicyManager.FOREGROUND_THRESHOLD_STATE, "android"); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 821 | mNetworkManager.registerObserver(mAlertObserver); |
| 822 | } catch (RemoteException e) { |
| 823 | // ignored; both services live in system_server |
| 824 | } |
| 825 | |
| 826 | // listen for changes to power save whitelist |
| 827 | final IntentFilter whitelistFilter = new IntentFilter( |
| 828 | PowerManager.ACTION_POWER_SAVE_WHITELIST_CHANGED); |
| 829 | mContext.registerReceiver(mPowerSaveWhitelistReceiver, whitelistFilter, null, mHandler); |
| 830 | |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 831 | // watch for network interfaces to be claimed |
| 832 | final IntentFilter connFilter = new IntentFilter(CONNECTIVITY_ACTION); |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 833 | mContext.registerReceiver(mConnReceiver, connFilter, NETWORK_STACK, mHandler); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 834 | |
| 835 | // listen for package changes to update policy |
| 836 | final IntentFilter packageFilter = new IntentFilter(); |
| 837 | packageFilter.addAction(ACTION_PACKAGE_ADDED); |
| 838 | packageFilter.addDataScheme("package"); |
| 839 | mContext.registerReceiver(mPackageReceiver, packageFilter, null, mHandler); |
| 840 | |
| 841 | // listen for UID changes to update policy |
| 842 | mContext.registerReceiver( |
| 843 | mUidRemovedReceiver, new IntentFilter(ACTION_UID_REMOVED), null, mHandler); |
| 844 | |
| 845 | // listen for user changes to update policy |
| 846 | final IntentFilter userFilter = new IntentFilter(); |
| 847 | userFilter.addAction(ACTION_USER_ADDED); |
| 848 | userFilter.addAction(ACTION_USER_REMOVED); |
| 849 | mContext.registerReceiver(mUserReceiver, userFilter, null, mHandler); |
| 850 | |
| 851 | // listen for stats update events |
| 852 | final IntentFilter statsFilter = new IntentFilter(ACTION_NETWORK_STATS_UPDATED); |
| 853 | mContext.registerReceiver( |
| 854 | mStatsReceiver, statsFilter, READ_NETWORK_USAGE_HISTORY, mHandler); |
| 855 | |
| 856 | // listen for restrict background changes from notifications |
| 857 | final IntentFilter allowFilter = new IntentFilter(ACTION_ALLOW_BACKGROUND); |
| 858 | mContext.registerReceiver(mAllowReceiver, allowFilter, MANAGE_NETWORK_POLICY, mHandler); |
| 859 | |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 860 | // Listen for snooze from notifications |
| 861 | mContext.registerReceiver(mSnoozeReceiver, |
| 862 | new IntentFilter(ACTION_SNOOZE_WARNING), MANAGE_NETWORK_POLICY, mHandler); |
| 863 | mContext.registerReceiver(mSnoozeReceiver, |
| 864 | new IntentFilter(ACTION_SNOOZE_RAPID), MANAGE_NETWORK_POLICY, mHandler); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 865 | |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 866 | // listen for configured wifi networks to be loaded |
| 867 | final IntentFilter wifiFilter = |
| 868 | new IntentFilter(WifiManager.CONFIGURED_NETWORKS_CHANGED_ACTION); |
| 869 | mContext.registerReceiver(mWifiReceiver, wifiFilter, null, mHandler); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 870 | |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 871 | // listen for carrier config changes to update data cycle information |
| 872 | final IntentFilter carrierConfigFilter = new IntentFilter( |
| 873 | ACTION_CARRIER_CONFIG_CHANGED); |
| 874 | mContext.registerReceiver(mCarrierConfigReceiver, carrierConfigFilter, null, mHandler); |
| 875 | |
Jeff Sharkey | b43a292 | 2017-09-13 17:30:45 -0600 | [diff] [blame] | 876 | // listen for meteredness changes |
| 877 | mContext.getSystemService(ConnectivityManager.class).registerNetworkCallback( |
| 878 | new NetworkRequest.Builder().build(), mNetworkCallback); |
| 879 | |
Christopher Tate | b909c4d5 | 2019-10-21 12:50:37 -0700 | [diff] [blame] | 880 | mAppStandby.addListener(new NetPolicyAppIdleStateChangeListener()); |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 881 | |
| 882 | // Listen for subscriber changes |
| 883 | mContext.getSystemService(SubscriptionManager.class).addOnSubscriptionsChangedListener( |
| 884 | new OnSubscriptionsChangedListener(mHandler.getLooper()) { |
| 885 | @Override |
| 886 | public void onSubscriptionsChanged() { |
| 887 | updateNetworksInternal(); |
| 888 | } |
| 889 | }); |
| 890 | |
Fyodor Kupolov | 311b9fa | 2016-12-02 16:24:35 -0800 | [diff] [blame] | 891 | // tell systemReady() that the service has been initialized |
| 892 | initCompleteSignal.countDown(); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 893 | } finally { |
Fyodor Kupolov | 311b9fa | 2016-12-02 16:24:35 -0800 | [diff] [blame] | 894 | // Restore the default priority after init is done |
| 895 | Process.setThreadPriority(oldPriority); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 896 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 897 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 898 | } |
| 899 | |
Fyodor Kupolov | 311b9fa | 2016-12-02 16:24:35 -0800 | [diff] [blame] | 900 | public CountDownLatch networkScoreAndNetworkManagementServiceReady() { |
Sudheer Shanka | 1536fb6 | 2018-07-05 11:52:36 -0700 | [diff] [blame] | 901 | mNetworkManagerReady = true; |
Fyodor Kupolov | 311b9fa | 2016-12-02 16:24:35 -0800 | [diff] [blame] | 902 | final CountDownLatch initCompleteSignal = new CountDownLatch(1); |
| 903 | mHandler.post(() -> initService(initCompleteSignal)); |
| 904 | return initCompleteSignal; |
| 905 | } |
| 906 | |
| 907 | public void systemReady(CountDownLatch initCompleteSignal) { |
| 908 | // wait for initService to complete |
| 909 | try { |
| 910 | if (!initCompleteSignal.await(30, TimeUnit.SECONDS)) { |
| 911 | throw new IllegalStateException("Service " + TAG +" init timeout"); |
| 912 | } |
| 913 | } catch (InterruptedException e) { |
| 914 | Thread.currentThread().interrupt(); |
| 915 | throw new IllegalStateException("Service " + TAG + " init interrupted", e); |
| 916 | } |
| 917 | } |
| 918 | |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 919 | final private IUidObserver mUidObserver = new IUidObserver.Stub() { |
Hui Yu | 2696932 | 2019-08-21 14:56:35 -0700 | [diff] [blame] | 920 | @Override public void onUidStateChanged(int uid, int procState, long procStateSeq, |
| 921 | int capability) { |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 922 | mUidEventHandler.obtainMessage(UID_MSG_STATE_CHANGED, |
| 923 | uid, procState, procStateSeq).sendToTarget(); |
Dianne Hackborn | a93c2c1 | 2012-05-31 15:29:36 -0700 | [diff] [blame] | 924 | } |
| 925 | |
Dianne Hackborn | 3e99f65 | 2017-07-05 16:33:56 -0700 | [diff] [blame] | 926 | @Override public void onUidGone(int uid, boolean disabled) { |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 927 | mUidEventHandler.obtainMessage(UID_MSG_GONE, uid, 0).sendToTarget(); |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 928 | } |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 929 | |
Dianne Hackborn | 3e99f65 | 2017-07-05 16:33:56 -0700 | [diff] [blame] | 930 | @Override public void onUidActive(int uid) { |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 931 | } |
| 932 | |
Dianne Hackborn | 3e99f65 | 2017-07-05 16:33:56 -0700 | [diff] [blame] | 933 | @Override public void onUidIdle(int uid, boolean disabled) { |
| 934 | } |
| 935 | |
| 936 | @Override public void onUidCachedChanged(int uid, boolean cached) { |
Dianne Hackborn | bef28fe | 2015-10-29 17:57:11 -0700 | [diff] [blame] | 937 | } |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 938 | }; |
| 939 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 940 | final private BroadcastReceiver mPowerSaveWhitelistReceiver = new BroadcastReceiver() { |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 941 | @Override |
| 942 | public void onReceive(Context context, Intent intent) { |
| 943 | // on background handler thread, and POWER_SAVE_WHITELIST_CHANGED is protected |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 944 | synchronized (mUidRulesFirstLock) { |
| 945 | updatePowerSaveWhitelistUL(); |
| 946 | updateRulesForRestrictPowerUL(); |
Felipe Leme | 0970046 | 2016-09-08 09:33:48 -0700 | [diff] [blame] | 947 | updateRulesForAppIdleUL(); |
Dianne Hackborn | 0b4daca | 2015-04-27 09:47:32 -0700 | [diff] [blame] | 948 | } |
| 949 | } |
| 950 | }; |
| 951 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 952 | final private BroadcastReceiver mPackageReceiver = new BroadcastReceiver() { |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 953 | @Override |
| 954 | public void onReceive(Context context, Intent intent) { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 955 | // on background handler thread, and PACKAGE_ADDED is protected |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 956 | |
| 957 | final String action = intent.getAction(); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 958 | final int uid = intent.getIntExtra(EXTRA_UID, -1); |
| 959 | if (uid == -1) return; |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 960 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 961 | if (ACTION_PACKAGE_ADDED.equals(action)) { |
| 962 | // update rules for UID, since it might be subject to |
| 963 | // global background data policy |
| 964 | if (LOGV) Slog.v(TAG, "ACTION_PACKAGE_ADDED for uid=" + uid); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 965 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 966 | updateRestrictionRulesForUidUL(uid); |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 967 | } |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 968 | } |
| 969 | } |
| 970 | }; |
| 971 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 972 | final private BroadcastReceiver mUidRemovedReceiver = new BroadcastReceiver() { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 973 | @Override |
| 974 | public void onReceive(Context context, Intent intent) { |
| 975 | // on background handler thread, and UID_REMOVED is protected |
| 976 | |
| 977 | final int uid = intent.getIntExtra(EXTRA_UID, -1); |
| 978 | if (uid == -1) return; |
| 979 | |
| 980 | // remove any policy and update rules to clean up |
| 981 | if (LOGV) Slog.v(TAG, "ACTION_UID_REMOVED for uid=" + uid); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 982 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 983 | onUidDeletedUL(uid); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 984 | synchronized (mNetworkPoliciesSecondLock) { |
| 985 | writePolicyAL(); |
| 986 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 987 | } |
| 988 | } |
| 989 | }; |
| 990 | |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 991 | final private BroadcastReceiver mUserReceiver = new BroadcastReceiver() { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 992 | @Override |
| 993 | public void onReceive(Context context, Intent intent) { |
| 994 | // on background handler thread, and USER_ADDED and USER_REMOVED |
| 995 | // broadcasts are protected |
| 996 | |
| 997 | final String action = intent.getAction(); |
| 998 | final int userId = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, -1); |
| 999 | if (userId == -1) return; |
| 1000 | |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 1001 | switch (action) { |
| 1002 | case ACTION_USER_REMOVED: |
| 1003 | case ACTION_USER_ADDED: |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1004 | synchronized (mUidRulesFirstLock) { |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 1005 | // Remove any persistable state for the given user; both cleaning up after a |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 1006 | // USER_REMOVED, and one last sanity check during USER_ADDED |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1007 | removeUserStateUL(userId, true); |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 1008 | // Removing outside removeUserStateUL since that can also be called when |
| 1009 | // user resets app preferences. |
| 1010 | mMeteredRestrictedUids.remove(userId); |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 1011 | if (action == ACTION_USER_ADDED) { |
| 1012 | // Add apps that are whitelisted by default. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1013 | addDefaultRestrictBackgroundWhitelistUidsUL(userId); |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 1014 | } |
| 1015 | // Update global restrict for that user |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1016 | synchronized (mNetworkPoliciesSecondLock) { |
| 1017 | updateRulesForGlobalChangeAL(true); |
| 1018 | } |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 1019 | } |
| 1020 | break; |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 1021 | } |
| 1022 | } |
| 1023 | }; |
| 1024 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1025 | /** |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1026 | * Receiver that watches for {@link INetworkStatsService} updates, which we |
| 1027 | * use to check against {@link NetworkPolicy#warningBytes}. |
| 1028 | */ |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 1029 | final private BroadcastReceiver mStatsReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1030 | @Override |
| 1031 | public void onReceive(Context context, Intent intent) { |
| 1032 | // on background handler thread, and verified |
| 1033 | // READ_NETWORK_USAGE_HISTORY permission above. |
| 1034 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1035 | synchronized (mNetworkPoliciesSecondLock) { |
| 1036 | updateNetworkEnabledNL(); |
| 1037 | updateNotificationsNL(); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1038 | } |
| 1039 | } |
| 1040 | }; |
| 1041 | |
| 1042 | /** |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 1043 | * Receiver that watches for {@link Notification} control of |
| 1044 | * {@link #mRestrictBackground}. |
| 1045 | */ |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 1046 | final private BroadcastReceiver mAllowReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 1047 | @Override |
| 1048 | public void onReceive(Context context, Intent intent) { |
| 1049 | // on background handler thread, and verified MANAGE_NETWORK_POLICY |
| 1050 | // permission above. |
| 1051 | |
| 1052 | setRestrictBackground(false); |
| 1053 | } |
| 1054 | }; |
| 1055 | |
| 1056 | /** |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1057 | * Receiver that watches for {@link Notification} control of |
| 1058 | * {@link NetworkPolicy#lastWarningSnooze}. |
| 1059 | */ |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1060 | final private BroadcastReceiver mSnoozeReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1061 | @Override |
| 1062 | public void onReceive(Context context, Intent intent) { |
| 1063 | // on background handler thread, and verified MANAGE_NETWORK_POLICY |
| 1064 | // permission above. |
| 1065 | |
| 1066 | final NetworkTemplate template = intent.getParcelableExtra(EXTRA_NETWORK_TEMPLATE); |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1067 | if (ACTION_SNOOZE_WARNING.equals(intent.getAction())) { |
| 1068 | performSnooze(template, TYPE_WARNING); |
| 1069 | } else if (ACTION_SNOOZE_RAPID.equals(intent.getAction())) { |
| 1070 | performSnooze(template, TYPE_RAPID); |
| 1071 | } |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1072 | } |
| 1073 | }; |
| 1074 | |
| 1075 | /** |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 1076 | * Receiver that watches for {@link WifiConfiguration} to be loaded so that |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1077 | * we can perform upgrade logic. After initial upgrade logic, it updates |
| 1078 | * {@link #mMeteredIfaces} based on configuration changes. |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 1079 | */ |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 1080 | final private BroadcastReceiver mWifiReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 1081 | @Override |
| 1082 | public void onReceive(Context context, Intent intent) { |
Hugo Benichi | 446c9c9 | 2017-04-10 09:41:10 +0900 | [diff] [blame] | 1083 | synchronized (mUidRulesFirstLock) { |
| 1084 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 1085 | upgradeWifiMeteredOverrideAL(); |
Jeff Sharkey | b43a292 | 2017-09-13 17:30:45 -0600 | [diff] [blame] | 1086 | } |
| 1087 | } |
| 1088 | // Only need to perform upgrade logic once |
| 1089 | mContext.unregisterReceiver(this); |
| 1090 | } |
| 1091 | }; |
| 1092 | |
Remi NGUYEN VAN | ed6d2ca | 2018-04-04 11:12:51 +0900 | [diff] [blame] | 1093 | private static boolean updateCapabilityChange(SparseBooleanArray lastValues, boolean newValue, |
| 1094 | Network network) { |
| 1095 | final boolean lastValue = lastValues.get(network.netId, false); |
| 1096 | final boolean changed = (lastValue != newValue) || lastValues.indexOfKey(network.netId) < 0; |
| 1097 | if (changed) { |
| 1098 | lastValues.put(network.netId, newValue); |
| 1099 | } |
| 1100 | return changed; |
| 1101 | } |
| 1102 | |
Jeff Sharkey | b43a292 | 2017-09-13 17:30:45 -0600 | [diff] [blame] | 1103 | private final NetworkCallback mNetworkCallback = new NetworkCallback() { |
| 1104 | @Override |
| 1105 | public void onCapabilitiesChanged(Network network, |
| 1106 | NetworkCapabilities networkCapabilities) { |
| 1107 | if (network == null || networkCapabilities == null) return; |
| 1108 | |
| 1109 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | b43a292 | 2017-09-13 17:30:45 -0600 | [diff] [blame] | 1110 | final boolean newMetered = !networkCapabilities |
| 1111 | .hasCapability(NetworkCapabilities.NET_CAPABILITY_NOT_METERED); |
Remi NGUYEN VAN | ed6d2ca | 2018-04-04 11:12:51 +0900 | [diff] [blame] | 1112 | final boolean meteredChanged = updateCapabilityChange( |
| 1113 | mNetworkMetered, newMetered, network); |
Jeff Sharkey | b43a292 | 2017-09-13 17:30:45 -0600 | [diff] [blame] | 1114 | |
Remi NGUYEN VAN | ed6d2ca | 2018-04-04 11:12:51 +0900 | [diff] [blame] | 1115 | final boolean newRoaming = !networkCapabilities |
| 1116 | .hasCapability(NetworkCapabilities.NET_CAPABILITY_NOT_ROAMING); |
| 1117 | final boolean roamingChanged = updateCapabilityChange( |
| 1118 | mNetworkRoaming, newRoaming, network); |
| 1119 | |
| 1120 | if (meteredChanged || roamingChanged) { |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 1121 | mLogger.meterednessChanged(network.netId, newMetered); |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1122 | updateNetworkRulesNL(); |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 1123 | } |
| 1124 | } |
| 1125 | } |
| 1126 | }; |
| 1127 | |
| 1128 | /** |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1129 | * Observer that watches for {@link INetworkManagementService} alerts. |
| 1130 | */ |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 1131 | final private INetworkManagementEventObserver mAlertObserver |
| 1132 | = new BaseNetworkObserver() { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1133 | @Override |
| 1134 | public void limitReached(String limitName, String iface) { |
| 1135 | // only someone like NMS should be calling us |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 1136 | NetworkStack.checkNetworkStackPermission(mContext); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1137 | |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 1138 | if (!LIMIT_GLOBAL_ALERT.equals(limitName)) { |
| 1139 | mHandler.obtainMessage(MSG_LIMIT_REACHED, iface).sendToTarget(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1140 | } |
| 1141 | } |
| 1142 | }; |
| 1143 | |
| 1144 | /** |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1145 | * Check {@link NetworkPolicy} against current {@link INetworkStatsService} |
| 1146 | * to show visible notifications as needed. |
| 1147 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 1148 | @GuardedBy("mNetworkPoliciesSecondLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1149 | void updateNotificationsNL() { |
| 1150 | if (LOGV) Slog.v(TAG, "updateNotificationsNL()"); |
Jeff Sharkey | 0007239 | 2018-04-12 14:26:32 -0600 | [diff] [blame] | 1151 | Trace.traceBegin(TRACE_TAG_NETWORK, "updateNotificationsNL"); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1152 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1153 | // keep track of previously active notifications |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 1154 | final ArraySet<NotificationId> beforeNotifs = new ArraySet<NotificationId>(mActiveNotifs); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1155 | mActiveNotifs.clear(); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1156 | |
| 1157 | // TODO: when switching to kernel notifications, compute next future |
| 1158 | // cycle boundary to recompute notifications. |
| 1159 | |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 1160 | // examine stats for each active policy |
Jeff Sharkey | 9911a28 | 2018-02-14 22:29:11 -0700 | [diff] [blame] | 1161 | final long now = mClock.millis(); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1162 | for (int i = mNetworkPolicy.size()-1; i >= 0; i--) { |
| 1163 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1164 | final int subId = findRelevantSubIdNL(policy.template); |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1165 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1166 | // ignore policies that aren't relevant to user |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1167 | if (subId == INVALID_SUBSCRIPTION_ID) continue; |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1168 | if (!policy.hasCycle()) continue; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1169 | |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 1170 | final Pair<ZonedDateTime, ZonedDateTime> cycle = NetworkPolicyManager |
| 1171 | .cycleIterator(policy).next(); |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1172 | final long cycleStart = cycle.first.toInstant().toEpochMilli(); |
| 1173 | final long cycleEnd = cycle.second.toInstant().toEpochMilli(); |
| 1174 | final long totalBytes = getTotalBytes(policy.template, cycleStart, cycleEnd); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1175 | |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1176 | // Carrier might want to manage notifications themselves |
| 1177 | final PersistableBundle config = mCarrierConfigManager.getConfigForSubId(subId); |
Ammar Aijazi | b0941aa | 2019-04-26 18:39:50 -0700 | [diff] [blame] | 1178 | if (!CarrierConfigManager.isConfigForIdentifiedCarrier(config)) { |
| 1179 | if (LOGV) Slog.v(TAG, "isConfigForIdentifiedCarrier returned false"); |
| 1180 | // Don't show notifications until we confirm that the loaded config is from an |
| 1181 | // identified carrier, which may want to manage their own notifications. This method |
| 1182 | // should be called every time the carrier config changes anyways, and there's no |
| 1183 | // reason to alert if there isn't a carrier. |
| 1184 | return; |
| 1185 | } |
| 1186 | |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1187 | final boolean notifyWarning = getBooleanDefeatingNullable(config, |
| 1188 | KEY_DATA_WARNING_NOTIFICATION_BOOL, true); |
| 1189 | final boolean notifyLimit = getBooleanDefeatingNullable(config, |
| 1190 | KEY_DATA_LIMIT_NOTIFICATION_BOOL, true); |
| 1191 | final boolean notifyRapid = getBooleanDefeatingNullable(config, |
| 1192 | KEY_DATA_RAPID_NOTIFICATION_BOOL, true); |
| 1193 | |
| 1194 | // Notify when data usage is over warning |
| 1195 | if (notifyWarning) { |
| 1196 | if (policy.isOverWarning(totalBytes) && !policy.isOverLimit(totalBytes)) { |
| 1197 | final boolean snoozedThisCycle = policy.lastWarningSnooze >= cycleStart; |
| 1198 | if (!snoozedThisCycle) { |
| 1199 | enqueueNotification(policy, TYPE_WARNING, totalBytes, null); |
| 1200 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1201 | } |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1202 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1203 | |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1204 | // Notify when data usage is over limit |
| 1205 | if (notifyLimit) { |
| 1206 | if (policy.isOverLimit(totalBytes)) { |
| 1207 | final boolean snoozedThisCycle = policy.lastLimitSnooze >= cycleStart; |
| 1208 | if (snoozedThisCycle) { |
| 1209 | enqueueNotification(policy, TYPE_LIMIT_SNOOZED, totalBytes, null); |
| 1210 | } else { |
| 1211 | enqueueNotification(policy, TYPE_LIMIT, totalBytes, null); |
| 1212 | notifyOverLimitNL(policy.template); |
| 1213 | } |
| 1214 | } else { |
| 1215 | notifyUnderLimitNL(policy.template); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1216 | } |
| 1217 | } |
Jeff Sharkey | 02e21d6 | 2011-07-17 15:53:33 -0700 | [diff] [blame] | 1218 | |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1219 | // Warn if average usage over last 4 days is on track to blow pretty |
| 1220 | // far past the plan limits. |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1221 | if (notifyRapid && policy.limitBytes != LIMIT_DISABLED) { |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1222 | final long recentDuration = TimeUnit.DAYS.toMillis(4); |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1223 | final long recentStart = now - recentDuration; |
| 1224 | final long recentEnd = now; |
| 1225 | final long recentBytes = getTotalBytes(policy.template, recentStart, recentEnd); |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1226 | |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1227 | final long cycleDuration = cycleEnd - cycleStart; |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1228 | final long projectedBytes = (recentBytes * cycleDuration) / recentDuration; |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1229 | final long alertBytes = (policy.limitBytes * 3) / 2; |
| 1230 | |
| 1231 | if (LOGD) { |
| 1232 | Slog.d(TAG, "Rapid usage considering recent " + recentBytes + " projected " |
| 1233 | + projectedBytes + " alert " + alertBytes); |
| 1234 | } |
| 1235 | |
| 1236 | final boolean snoozedRecently = policy.lastRapidSnooze >= now |
| 1237 | - DateUtils.DAY_IN_MILLIS; |
| 1238 | if (projectedBytes > alertBytes && !snoozedRecently) { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1239 | enqueueNotification(policy, TYPE_RAPID, 0, |
| 1240 | findRapidBlame(policy.template, recentStart, recentEnd)); |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1241 | } |
| 1242 | } |
| 1243 | } |
| 1244 | |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1245 | // cancel stale notifications that we didn't renew above |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 1246 | for (int i = beforeNotifs.size()-1; i >= 0; i--) { |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 1247 | final NotificationId notificationId = beforeNotifs.valueAt(i); |
| 1248 | if (!mActiveNotifs.contains(notificationId)) { |
| 1249 | cancelNotification(notificationId); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1250 | } |
| 1251 | } |
Jeff Sharkey | 0007239 | 2018-04-12 14:26:32 -0600 | [diff] [blame] | 1252 | |
| 1253 | Trace.traceEnd(TRACE_TAG_NETWORK); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1254 | } |
| 1255 | |
| 1256 | /** |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1257 | * Attempt to find a specific app to blame for rapid data usage during the |
| 1258 | * given time period. |
| 1259 | */ |
| 1260 | private @Nullable ApplicationInfo findRapidBlame(NetworkTemplate template, |
| 1261 | long start, long end) { |
| 1262 | long totalBytes = 0; |
| 1263 | long maxBytes = 0; |
| 1264 | int maxUid = 0; |
| 1265 | |
| 1266 | final NetworkStats stats = getNetworkUidBytes(template, start, end); |
| 1267 | NetworkStats.Entry entry = null; |
| 1268 | for (int i = 0; i < stats.size(); i++) { |
| 1269 | entry = stats.getValues(i, entry); |
| 1270 | final long bytes = entry.rxBytes + entry.txBytes; |
| 1271 | totalBytes += bytes; |
| 1272 | if (bytes > maxBytes) { |
| 1273 | maxBytes = bytes; |
| 1274 | maxUid = entry.uid; |
| 1275 | } |
| 1276 | } |
| 1277 | |
| 1278 | // Only point blame if the majority of usage was done by a single app. |
| 1279 | // TODO: support shared UIDs |
| 1280 | if (maxBytes > 0 && maxBytes > totalBytes / 2) { |
| 1281 | final String[] packageNames = mContext.getPackageManager().getPackagesForUid(maxUid); |
Jeff Sharkey | d37154e | 2018-03-26 16:50:59 -0600 | [diff] [blame] | 1282 | if (packageNames != null && packageNames.length == 1) { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1283 | try { |
| 1284 | return mContext.getPackageManager().getApplicationInfo(packageNames[0], |
| 1285 | MATCH_ANY_USER | MATCH_DISABLED_COMPONENTS | MATCH_DIRECT_BOOT_AWARE |
| 1286 | | MATCH_DIRECT_BOOT_UNAWARE | MATCH_UNINSTALLED_PACKAGES); |
| 1287 | } catch (NameNotFoundException ignored) { |
| 1288 | } |
| 1289 | } |
| 1290 | } |
| 1291 | |
| 1292 | return null; |
| 1293 | } |
| 1294 | |
| 1295 | /** |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1296 | * Test if given {@link NetworkTemplate} is relevant to user based on |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1297 | * current device state, such as when |
| 1298 | * {@link TelephonyManager#getSubscriberId()} matches. This is regardless of |
| 1299 | * data connection status. |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1300 | * |
| 1301 | * @return relevant subId, or {@link #INVALID_SUBSCRIPTION_ID} when no |
| 1302 | * matching subId found. |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1303 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 1304 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1305 | private int findRelevantSubIdNL(NetworkTemplate template) { |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1306 | // Mobile template is relevant when any active subscriber matches |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1307 | for (int i = 0; i < mSubIdToSubscriberId.size(); i++) { |
| 1308 | final int subId = mSubIdToSubscriberId.keyAt(i); |
| 1309 | final String subscriberId = mSubIdToSubscriberId.valueAt(i); |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1310 | final NetworkIdentity probeIdent = new NetworkIdentity(TYPE_MOBILE, |
| 1311 | TelephonyManager.NETWORK_TYPE_UNKNOWN, subscriberId, null, false, true, |
| 1312 | true); |
| 1313 | if (template.matches(probeIdent)) { |
| 1314 | return subId; |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1315 | } |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1316 | } |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 1317 | return INVALID_SUBSCRIPTION_ID; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1318 | } |
| 1319 | |
| 1320 | /** |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1321 | * Notify that given {@link NetworkTemplate} is over |
| 1322 | * {@link NetworkPolicy#limitBytes}, potentially showing dialog to user. |
| 1323 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 1324 | @GuardedBy("mNetworkPoliciesSecondLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1325 | private void notifyOverLimitNL(NetworkTemplate template) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1326 | if (!mOverLimitNotified.contains(template)) { |
Wei Liu | 546cb77 | 2016-07-21 16:19:01 -0700 | [diff] [blame] | 1327 | mContext.startActivity(buildNetworkOverLimitIntent(mContext.getResources(), template)); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1328 | mOverLimitNotified.add(template); |
| 1329 | } |
| 1330 | } |
| 1331 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 1332 | @GuardedBy("mNetworkPoliciesSecondLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1333 | private void notifyUnderLimitNL(NetworkTemplate template) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1334 | mOverLimitNotified.remove(template); |
| 1335 | } |
| 1336 | |
| 1337 | /** |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1338 | * Show notification for combined {@link NetworkPolicy} and specific type, |
| 1339 | * like {@link #TYPE_LIMIT}. Okay to call multiple times. |
| 1340 | */ |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1341 | private void enqueueNotification(NetworkPolicy policy, int type, long totalBytes, |
| 1342 | ApplicationInfo rapidBlame) { |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 1343 | final NotificationId notificationId = new NotificationId(policy, type); |
Geoffrey Pitsch | af759c5 | 2017-02-15 09:35:38 -0500 | [diff] [blame] | 1344 | final Notification.Builder builder = |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1345 | new Notification.Builder(mContext, SystemNotificationChannels.NETWORK_ALERTS); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1346 | builder.setOnlyAlertOnce(true); |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1347 | builder.setWhen(0L); |
Alan Viverette | 4a357cd | 2015-03-18 18:37:18 -0700 | [diff] [blame] | 1348 | builder.setColor(mContext.getColor( |
Selim Cinek | 255dd04 | 2014-08-19 22:29:02 +0200 | [diff] [blame] | 1349 | com.android.internal.R.color.system_notification_accent_color)); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1350 | |
| 1351 | final Resources res = mContext.getResources(); |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1352 | final CharSequence title; |
| 1353 | final CharSequence body; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1354 | switch (type) { |
| 1355 | case TYPE_WARNING: { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1356 | title = res.getText(R.string.data_usage_warning_title); |
| 1357 | body = res.getString(R.string.data_usage_warning_body, |
Anton Hansson | a6101e8 | 2019-03-29 15:50:09 +0000 | [diff] [blame] | 1358 | Formatter.formatFileSize(mContext, totalBytes, Formatter.FLAG_IEC_UNITS)); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1359 | |
Jeff Sharkey | 50e7e51 | 2011-10-10 16:50:35 -0700 | [diff] [blame] | 1360 | builder.setSmallIcon(R.drawable.stat_notify_error); |
Jeff Sharkey | 14711eb | 2011-06-15 10:29:17 -0700 | [diff] [blame] | 1361 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1362 | final Intent snoozeIntent = buildSnoozeWarningIntent(policy.template); |
| 1363 | builder.setDeleteIntent(PendingIntent.getBroadcast( |
| 1364 | mContext, 0, snoozeIntent, PendingIntent.FLAG_UPDATE_CURRENT)); |
| 1365 | |
Wei Liu | 546cb77 | 2016-07-21 16:19:01 -0700 | [diff] [blame] | 1366 | final Intent viewIntent = buildViewDataUsageIntent(res, policy.template); |
Heemin Seog | b9820d4 | 2019-05-21 16:17:43 -0700 | [diff] [blame] | 1367 | // TODO: Resolve to single code path. |
Eric Jeong | e7ead1b | 2019-07-18 09:37:08 -0700 | [diff] [blame] | 1368 | if (UserManager.isHeadlessSystemUserMode()) { |
Heemin Seog | b9820d4 | 2019-05-21 16:17:43 -0700 | [diff] [blame] | 1369 | builder.setContentIntent(PendingIntent.getActivityAsUser( |
| 1370 | mContext, 0, viewIntent, PendingIntent.FLAG_UPDATE_CURRENT, |
| 1371 | /* options= */ null, UserHandle.CURRENT)); |
| 1372 | } else { |
| 1373 | builder.setContentIntent(PendingIntent.getActivity( |
| 1374 | mContext, 0, viewIntent, PendingIntent.FLAG_UPDATE_CURRENT)); |
| 1375 | } |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1376 | break; |
| 1377 | } |
| 1378 | case TYPE_LIMIT: { |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 1379 | switch (policy.template.getMatchRule()) { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1380 | case MATCH_MOBILE: |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1381 | title = res.getText(R.string.data_usage_mobile_limit_title); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1382 | break; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1383 | case MATCH_WIFI: |
| 1384 | title = res.getText(R.string.data_usage_wifi_limit_title); |
| 1385 | break; |
| 1386 | default: |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1387 | return; |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1388 | } |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1389 | body = res.getText(R.string.data_usage_limit_body); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1390 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1391 | builder.setOngoing(true); |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1392 | builder.setSmallIcon(R.drawable.stat_notify_disabled_data); |
Jeff Sharkey | 14711eb | 2011-06-15 10:29:17 -0700 | [diff] [blame] | 1393 | |
Wei Liu | 546cb77 | 2016-07-21 16:19:01 -0700 | [diff] [blame] | 1394 | final Intent intent = buildNetworkOverLimitIntent(res, policy.template); |
Heemin Seog | b9820d4 | 2019-05-21 16:17:43 -0700 | [diff] [blame] | 1395 | // TODO: Resolve to single code path. |
Eric Jeong | e7ead1b | 2019-07-18 09:37:08 -0700 | [diff] [blame] | 1396 | if (UserManager.isHeadlessSystemUserMode()) { |
Heemin Seog | b9820d4 | 2019-05-21 16:17:43 -0700 | [diff] [blame] | 1397 | builder.setContentIntent(PendingIntent.getActivityAsUser( |
| 1398 | mContext, 0, intent, PendingIntent.FLAG_UPDATE_CURRENT, |
| 1399 | /* options= */ null, UserHandle.CURRENT)); |
| 1400 | } else { |
| 1401 | builder.setContentIntent(PendingIntent.getActivity( |
| 1402 | mContext, 0, intent, PendingIntent.FLAG_UPDATE_CURRENT)); |
| 1403 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1404 | break; |
| 1405 | } |
| 1406 | case TYPE_LIMIT_SNOOZED: { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1407 | switch (policy.template.getMatchRule()) { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1408 | case MATCH_MOBILE: |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1409 | title = res.getText(R.string.data_usage_mobile_limit_snoozed_title); |
| 1410 | break; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1411 | case MATCH_WIFI: |
| 1412 | title = res.getText(R.string.data_usage_wifi_limit_snoozed_title); |
| 1413 | break; |
| 1414 | default: |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1415 | return; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1416 | } |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1417 | final long overBytes = totalBytes - policy.limitBytes; |
| 1418 | body = res.getString(R.string.data_usage_limit_snoozed_body, |
Anton Hansson | a6101e8 | 2019-03-29 15:50:09 +0000 | [diff] [blame] | 1419 | Formatter.formatFileSize(mContext, overBytes, Formatter.FLAG_IEC_UNITS)); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1420 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1421 | builder.setOngoing(true); |
Jeff Sharkey | 50e7e51 | 2011-10-10 16:50:35 -0700 | [diff] [blame] | 1422 | builder.setSmallIcon(R.drawable.stat_notify_error); |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1423 | builder.setChannelId(SystemNotificationChannels.NETWORK_STATUS); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1424 | |
Wei Liu | 546cb77 | 2016-07-21 16:19:01 -0700 | [diff] [blame] | 1425 | final Intent intent = buildViewDataUsageIntent(res, policy.template); |
Heemin Seog | b9820d4 | 2019-05-21 16:17:43 -0700 | [diff] [blame] | 1426 | // TODO: Resolve to single code path. |
Eric Jeong | e7ead1b | 2019-07-18 09:37:08 -0700 | [diff] [blame] | 1427 | if (UserManager.isHeadlessSystemUserMode()) { |
Heemin Seog | b9820d4 | 2019-05-21 16:17:43 -0700 | [diff] [blame] | 1428 | builder.setContentIntent(PendingIntent.getActivityAsUser( |
| 1429 | mContext, 0, intent, PendingIntent.FLAG_UPDATE_CURRENT, |
| 1430 | /* options= */ null, UserHandle.CURRENT)); |
| 1431 | } else { |
| 1432 | builder.setContentIntent(PendingIntent.getActivity( |
| 1433 | mContext, 0, intent, PendingIntent.FLAG_UPDATE_CURRENT)); |
| 1434 | } |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1435 | break; |
| 1436 | } |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1437 | case TYPE_RAPID: { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1438 | title = res.getText(R.string.data_usage_rapid_title); |
| 1439 | if (rapidBlame != null) { |
| 1440 | body = res.getString(R.string.data_usage_rapid_app_body, |
| 1441 | rapidBlame.loadLabel(mContext.getPackageManager())); |
| 1442 | } else { |
| 1443 | body = res.getString(R.string.data_usage_rapid_body); |
| 1444 | } |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1445 | |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1446 | builder.setSmallIcon(R.drawable.stat_notify_error); |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1447 | |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1448 | final Intent snoozeIntent = buildSnoozeRapidIntent(policy.template); |
| 1449 | builder.setDeleteIntent(PendingIntent.getBroadcast( |
| 1450 | mContext, 0, snoozeIntent, PendingIntent.FLAG_UPDATE_CURRENT)); |
| 1451 | |
| 1452 | final Intent viewIntent = buildViewDataUsageIntent(res, policy.template); |
Heemin Seog | b9820d4 | 2019-05-21 16:17:43 -0700 | [diff] [blame] | 1453 | // TODO: Resolve to single code path. |
Eric Jeong | e7ead1b | 2019-07-18 09:37:08 -0700 | [diff] [blame] | 1454 | if (UserManager.isHeadlessSystemUserMode()) { |
Heemin Seog | b9820d4 | 2019-05-21 16:17:43 -0700 | [diff] [blame] | 1455 | builder.setContentIntent(PendingIntent.getActivityAsUser( |
| 1456 | mContext, 0, viewIntent, PendingIntent.FLAG_UPDATE_CURRENT, |
| 1457 | /* options= */ null, UserHandle.CURRENT)); |
| 1458 | } else { |
| 1459 | builder.setContentIntent(PendingIntent.getActivity( |
| 1460 | mContext, 0, viewIntent, PendingIntent.FLAG_UPDATE_CURRENT)); |
| 1461 | } |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1462 | break; |
| 1463 | } |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1464 | default: { |
| 1465 | return; |
| 1466 | } |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1467 | } |
| 1468 | |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1469 | builder.setTicker(title); |
| 1470 | builder.setContentTitle(title); |
| 1471 | builder.setContentText(body); |
| 1472 | builder.setStyle(new Notification.BigTextStyle().bigText(body)); |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1473 | |
| 1474 | mContext.getSystemService(NotificationManager.class).notifyAsUser(notificationId.getTag(), |
| 1475 | notificationId.getId(), builder.build(), UserHandle.ALL); |
| 1476 | mActiveNotifs.add(notificationId); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1477 | } |
| 1478 | |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 1479 | private void cancelNotification(NotificationId notificationId) { |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1480 | mContext.getSystemService(NotificationManager.class).cancel(notificationId.getTag(), |
| 1481 | notificationId.getId()); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 1482 | } |
| 1483 | |
| 1484 | /** |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1485 | * Receiver that watches for {@link IConnectivityManager} to claim network |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 1486 | * interfaces. Used to apply {@link NetworkPolicy} to matching networks. |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1487 | */ |
Jeff Sharkey | b09540f | 2011-06-19 01:08:12 -0700 | [diff] [blame] | 1488 | private BroadcastReceiver mConnReceiver = new BroadcastReceiver() { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1489 | @Override |
| 1490 | public void onReceive(Context context, Intent intent) { |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 1491 | // on background handler thread, and verified NETWORK_STACK |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1492 | // permission above. |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1493 | updateNetworksInternal(); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1494 | } |
| 1495 | }; |
| 1496 | |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1497 | private void updateNetworksInternal() { |
| 1498 | // Get all of our cross-process communication with telephony out of |
| 1499 | // the way before we acquire internal locks. |
| 1500 | updateSubscriptions(); |
| 1501 | |
| 1502 | synchronized (mUidRulesFirstLock) { |
| 1503 | synchronized (mNetworkPoliciesSecondLock) { |
| 1504 | ensureActiveMobilePolicyAL(); |
| 1505 | normalizePoliciesNL(); |
| 1506 | updateNetworkEnabledNL(); |
| 1507 | updateNetworkRulesNL(); |
| 1508 | updateNotificationsNL(); |
| 1509 | } |
| 1510 | } |
| 1511 | } |
| 1512 | |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1513 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 1514 | void updateNetworks() throws InterruptedException { |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1515 | updateNetworksInternal(); |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 1516 | final CountDownLatch latch = new CountDownLatch(1); |
| 1517 | mHandler.post(() -> { |
| 1518 | latch.countDown(); |
| 1519 | }); |
| 1520 | latch.await(5, TimeUnit.SECONDS); |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1521 | } |
| 1522 | |
Sudheer Shanka | c0f85c1 | 2019-10-12 15:01:44 -0700 | [diff] [blame] | 1523 | @VisibleForTesting |
| 1524 | Handler getHandlerForTesting() { |
| 1525 | return mHandler; |
| 1526 | } |
| 1527 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1528 | /** |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1529 | * Update mobile policies with data cycle information from {@link CarrierConfigManager} |
| 1530 | * if necessary. |
| 1531 | * |
| 1532 | * @param subId that has its associated NetworkPolicy updated if necessary |
| 1533 | * @return if any policies were updated |
| 1534 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 1535 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1536 | private boolean maybeUpdateMobilePolicyCycleAL(int subId, String subscriberId) { |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 1537 | if (LOGV) Slog.v(TAG, "maybeUpdateMobilePolicyCycleAL()"); |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1538 | |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1539 | // find and update the mobile NetworkPolicy for this subscriber id |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1540 | boolean policyUpdated = false; |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1541 | final NetworkIdentity probeIdent = new NetworkIdentity(TYPE_MOBILE, |
Lorenzo Colitti | d3e4a1e | 2018-01-19 01:12:04 +0900 | [diff] [blame] | 1542 | TelephonyManager.NETWORK_TYPE_UNKNOWN, subscriberId, null, false, true, true); |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1543 | for (int i = mNetworkPolicy.size() - 1; i >= 0; i--) { |
| 1544 | final NetworkTemplate template = mNetworkPolicy.keyAt(i); |
| 1545 | if (template.matches(probeIdent)) { |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 1546 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
| 1547 | policyUpdated |= updateDefaultMobilePolicyAL(subId, policy); |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1548 | } |
| 1549 | } |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1550 | return policyUpdated; |
| 1551 | } |
| 1552 | |
| 1553 | /** |
| 1554 | * Returns the cycle day that should be used for a mobile NetworkPolicy. |
| 1555 | * |
| 1556 | * It attempts to get an appropriate cycle day from the passed in CarrierConfig. If it's unable |
| 1557 | * to do so, it returns the fallback value. |
| 1558 | * |
| 1559 | * @param config The CarrierConfig to read the value from. |
| 1560 | * @param fallbackCycleDay to return if the CarrierConfig can't be read. |
| 1561 | * @return cycleDay to use in the mobile NetworkPolicy. |
| 1562 | */ |
| 1563 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 1564 | int getCycleDayFromCarrierConfig(@Nullable PersistableBundle config, |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1565 | int fallbackCycleDay) { |
| 1566 | if (config == null) { |
| 1567 | return fallbackCycleDay; |
| 1568 | } |
| 1569 | int cycleDay = |
| 1570 | config.getInt(CarrierConfigManager.KEY_MONTHLY_DATA_CYCLE_DAY_INT); |
| 1571 | if (cycleDay == DATA_CYCLE_USE_PLATFORM_DEFAULT) { |
| 1572 | return fallbackCycleDay; |
| 1573 | } |
| 1574 | // validate cycleDay value |
| 1575 | final Calendar cal = Calendar.getInstance(); |
| 1576 | if (cycleDay < cal.getMinimum(Calendar.DAY_OF_MONTH) || |
| 1577 | cycleDay > cal.getMaximum(Calendar.DAY_OF_MONTH)) { |
| 1578 | Slog.e(TAG, "Invalid date in " |
| 1579 | + "CarrierConfigManager.KEY_MONTHLY_DATA_CYCLE_DAY_INT: " + cycleDay); |
| 1580 | return fallbackCycleDay; |
| 1581 | } |
| 1582 | return cycleDay; |
| 1583 | } |
| 1584 | |
| 1585 | /** |
| 1586 | * Returns the warning bytes that should be used for a mobile NetworkPolicy. |
| 1587 | * |
| 1588 | * It attempts to get an appropriate value from the passed in CarrierConfig. If it's unable |
| 1589 | * to do so, it returns the fallback value. |
| 1590 | * |
| 1591 | * @param config The CarrierConfig to read the value from. |
| 1592 | * @param fallbackWarningBytes to return if the CarrierConfig can't be read. |
| 1593 | * @return warningBytes to use in the mobile NetworkPolicy. |
| 1594 | */ |
| 1595 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 1596 | long getWarningBytesFromCarrierConfig(@Nullable PersistableBundle config, |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1597 | long fallbackWarningBytes) { |
| 1598 | if (config == null) { |
| 1599 | return fallbackWarningBytes; |
| 1600 | } |
| 1601 | long warningBytes = |
| 1602 | config.getLong(CarrierConfigManager.KEY_DATA_WARNING_THRESHOLD_BYTES_LONG); |
| 1603 | |
| 1604 | if (warningBytes == DATA_CYCLE_THRESHOLD_DISABLED) { |
| 1605 | return WARNING_DISABLED; |
| 1606 | } else if (warningBytes == DATA_CYCLE_USE_PLATFORM_DEFAULT) { |
| 1607 | return getPlatformDefaultWarningBytes(); |
| 1608 | } else if (warningBytes < 0) { |
| 1609 | Slog.e(TAG, "Invalid value in " |
| 1610 | + "CarrierConfigManager.KEY_DATA_WARNING_THRESHOLD_BYTES_LONG; expected a " |
| 1611 | + "non-negative value but got: " + warningBytes); |
| 1612 | return fallbackWarningBytes; |
| 1613 | } |
| 1614 | |
| 1615 | return warningBytes; |
| 1616 | } |
| 1617 | |
| 1618 | /** |
| 1619 | * Returns the limit bytes that should be used for a mobile NetworkPolicy. |
| 1620 | * |
| 1621 | * It attempts to get an appropriate value from the passed in CarrierConfig. If it's unable |
| 1622 | * to do so, it returns the fallback value. |
| 1623 | * |
| 1624 | * @param config The CarrierConfig to read the value from. |
| 1625 | * @param fallbackLimitBytes to return if the CarrierConfig can't be read. |
| 1626 | * @return limitBytes to use in the mobile NetworkPolicy. |
| 1627 | */ |
| 1628 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 1629 | long getLimitBytesFromCarrierConfig(@Nullable PersistableBundle config, |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1630 | long fallbackLimitBytes) { |
| 1631 | if (config == null) { |
| 1632 | return fallbackLimitBytes; |
| 1633 | } |
| 1634 | long limitBytes = |
| 1635 | config.getLong(CarrierConfigManager.KEY_DATA_LIMIT_THRESHOLD_BYTES_LONG); |
| 1636 | |
| 1637 | if (limitBytes == DATA_CYCLE_THRESHOLD_DISABLED) { |
| 1638 | return LIMIT_DISABLED; |
| 1639 | } else if (limitBytes == DATA_CYCLE_USE_PLATFORM_DEFAULT) { |
| 1640 | return getPlatformDefaultLimitBytes(); |
| 1641 | } else if (limitBytes < 0) { |
| 1642 | Slog.e(TAG, "Invalid value in " |
| 1643 | + "CarrierConfigManager.KEY_DATA_LIMIT_THRESHOLD_BYTES_LONG; expected a " |
| 1644 | + "non-negative value but got: " + limitBytes); |
| 1645 | return fallbackLimitBytes; |
| 1646 | } |
| 1647 | return limitBytes; |
| 1648 | } |
| 1649 | |
| 1650 | /** |
| 1651 | * Receiver that watches for {@link CarrierConfigManager} to be changed. |
| 1652 | */ |
| 1653 | private BroadcastReceiver mCarrierConfigReceiver = new BroadcastReceiver() { |
| 1654 | @Override |
| 1655 | public void onReceive(Context context, Intent intent) { |
| 1656 | // No need to do a permission check, because the ACTION_CARRIER_CONFIG_CHANGED |
| 1657 | // broadcast is protected and can't be spoofed. Runs on a background handler thread. |
| 1658 | |
| 1659 | if (!intent.hasExtra(PhoneConstants.SUBSCRIPTION_KEY)) { |
| 1660 | return; |
| 1661 | } |
| 1662 | final int subId = intent.getIntExtra(PhoneConstants.SUBSCRIPTION_KEY, -1); |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1663 | |
| 1664 | // Get all of our cross-process communication with telephony out of |
| 1665 | // the way before we acquire internal locks. |
| 1666 | updateSubscriptions(); |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1667 | |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1668 | synchronized (mUidRulesFirstLock) { |
| 1669 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1670 | final String subscriberId = mSubIdToSubscriberId.get(subId, null); |
| 1671 | if (subscriberId != null) { |
| 1672 | ensureActiveMobilePolicyAL(subId, subscriberId); |
| 1673 | maybeUpdateMobilePolicyCycleAL(subId, subscriberId); |
| 1674 | } else { |
| 1675 | Slog.wtf(TAG, "Missing subscriberId for subId " + subId); |
| 1676 | } |
| 1677 | |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1678 | // update network and notification rules, as the data cycle changed and it's |
| 1679 | // possible that we should be triggering warnings/limits now |
| 1680 | handleNetworkPoliciesUpdateAL(true); |
| 1681 | } |
| 1682 | } |
| 1683 | } |
| 1684 | }; |
| 1685 | |
| 1686 | /** |
| 1687 | * Handles all tasks that need to be run after a new network policy has been set, or an existing |
| 1688 | * one has been updated. |
| 1689 | * |
| 1690 | * @param shouldNormalizePolicies true iff network policies need to be normalized after the |
| 1691 | * update. |
| 1692 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 1693 | @GuardedBy({"mUidRulesFirstLock", "mNetworkPoliciesSecondLock"}) |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 1694 | void handleNetworkPoliciesUpdateAL(boolean shouldNormalizePolicies) { |
| 1695 | if (shouldNormalizePolicies) { |
| 1696 | normalizePoliciesNL(); |
| 1697 | } |
| 1698 | updateNetworkEnabledNL(); |
| 1699 | updateNetworkRulesNL(); |
| 1700 | updateNotificationsNL(); |
| 1701 | writePolicyAL(); |
| 1702 | } |
| 1703 | |
| 1704 | /** |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1705 | * Proactively control network data connections when they exceed |
| 1706 | * {@link NetworkPolicy#limitBytes}. |
| 1707 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 1708 | @GuardedBy("mNetworkPoliciesSecondLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1709 | void updateNetworkEnabledNL() { |
| 1710 | if (LOGV) Slog.v(TAG, "updateNetworkEnabledNL()"); |
Jeff Sharkey | 0007239 | 2018-04-12 14:26:32 -0600 | [diff] [blame] | 1711 | Trace.traceBegin(TRACE_TAG_NETWORK, "updateNetworkEnabledNL"); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1712 | |
| 1713 | // TODO: reset any policy-disabled networks when any policy is removed |
| 1714 | // completely, which is currently rare case. |
| 1715 | |
Makoto Onuki | 49392d3 | 2018-04-11 13:51:02 -0700 | [diff] [blame] | 1716 | final long startTime = mStatLogger.getTime(); |
| 1717 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1718 | for (int i = mNetworkPolicy.size()-1; i >= 0; i--) { |
| 1719 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1720 | // shortcut when policy has no limit |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 1721 | if (policy.limitBytes == LIMIT_DISABLED || !policy.hasCycle()) { |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1722 | setNetworkTemplateEnabled(policy.template, true); |
| 1723 | continue; |
| 1724 | } |
| 1725 | |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 1726 | final Pair<ZonedDateTime, ZonedDateTime> cycle = NetworkPolicyManager |
| 1727 | .cycleIterator(policy).next(); |
| 1728 | final long start = cycle.first.toInstant().toEpochMilli(); |
| 1729 | final long end = cycle.second.toInstant().toEpochMilli(); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1730 | final long totalBytes = getTotalBytes(policy.template, start, end); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1731 | |
| 1732 | // disable data connection when over limit and not snoozed |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1733 | final boolean overLimitWithoutSnooze = policy.isOverLimit(totalBytes) |
| 1734 | && policy.lastLimitSnooze < start; |
| 1735 | final boolean networkEnabled = !overLimitWithoutSnooze; |
Jeff Sharkey | 8e9992a | 2011-08-23 18:37:23 -0700 | [diff] [blame] | 1736 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 1737 | setNetworkTemplateEnabled(policy.template, networkEnabled); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1738 | } |
Makoto Onuki | 49392d3 | 2018-04-11 13:51:02 -0700 | [diff] [blame] | 1739 | |
| 1740 | mStatLogger.logDurationStat(Stats.UPDATE_NETWORK_ENABLED, startTime); |
Jeff Sharkey | 0007239 | 2018-04-12 14:26:32 -0600 | [diff] [blame] | 1741 | Trace.traceEnd(TRACE_TAG_NETWORK); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1742 | } |
| 1743 | |
| 1744 | /** |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1745 | * Proactively disable networks that match the given |
| 1746 | * {@link NetworkTemplate}. |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1747 | */ |
| 1748 | private void setNetworkTemplateEnabled(NetworkTemplate template, boolean enabled) { |
Makoto Onuki | 3f1bf5f | 2018-04-04 15:29:00 -0700 | [diff] [blame] | 1749 | // Don't call setNetworkTemplateEnabledInner() directly because we may have a lock |
| 1750 | // held. Call it via the handler. |
| 1751 | mHandler.obtainMessage(MSG_SET_NETWORK_TEMPLATE_ENABLED, enabled ? 1 : 0, 0, template) |
| 1752 | .sendToTarget(); |
| 1753 | } |
| 1754 | |
| 1755 | private void setNetworkTemplateEnabledInner(NetworkTemplate template, boolean enabled) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 1756 | // TODO: reach into ConnectivityManager to proactively disable bringing |
| 1757 | // up this network, since we know that traffic will be blocked. |
Jack Yu | 8781b68 | 2016-07-08 14:28:51 -0700 | [diff] [blame] | 1758 | |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 1759 | if (template.getMatchRule() == MATCH_MOBILE) { |
Jack Yu | 8781b68 | 2016-07-08 14:28:51 -0700 | [diff] [blame] | 1760 | // If mobile data usage hits the limit or if the user resumes the data, we need to |
| 1761 | // notify telephony. |
Jack Yu | 8781b68 | 2016-07-08 14:28:51 -0700 | [diff] [blame] | 1762 | |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1763 | final IntArray matchingSubIds = new IntArray(); |
| 1764 | synchronized (mNetworkPoliciesSecondLock) { |
| 1765 | for (int i = 0; i < mSubIdToSubscriberId.size(); i++) { |
| 1766 | final int subId = mSubIdToSubscriberId.keyAt(i); |
| 1767 | final String subscriberId = mSubIdToSubscriberId.valueAt(i); |
| 1768 | |
| 1769 | final NetworkIdentity probeIdent = new NetworkIdentity(TYPE_MOBILE, |
| 1770 | TelephonyManager.NETWORK_TYPE_UNKNOWN, subscriberId, null, false, true, |
| 1771 | true); |
| 1772 | // Template is matched when subscriber id matches. |
| 1773 | if (template.matches(probeIdent)) { |
| 1774 | matchingSubIds.add(subId); |
| 1775 | } |
Jack Yu | 8781b68 | 2016-07-08 14:28:51 -0700 | [diff] [blame] | 1776 | } |
| 1777 | } |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1778 | |
| 1779 | // Only talk with telephony outside of locks |
| 1780 | final TelephonyManager tm = mContext.getSystemService(TelephonyManager.class); |
| 1781 | for (int i = 0; i < matchingSubIds.size(); i++) { |
| 1782 | final int subId = matchingSubIds.get(i); |
| 1783 | tm.setPolicyDataEnabled(enabled, subId); |
| 1784 | } |
Jack Yu | 8781b68 | 2016-07-08 14:28:51 -0700 | [diff] [blame] | 1785 | } |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1786 | } |
| 1787 | |
| 1788 | /** |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1789 | * Collect all ifaces from a {@link NetworkState} into the given set. |
| 1790 | */ |
| 1791 | private static void collectIfaces(ArraySet<String> ifaces, NetworkState state) { |
| 1792 | final String baseIface = state.linkProperties.getInterfaceName(); |
| 1793 | if (baseIface != null) { |
| 1794 | ifaces.add(baseIface); |
| 1795 | } |
| 1796 | for (LinkProperties stackedLink : state.linkProperties.getStackedLinks()) { |
| 1797 | final String stackedIface = stackedLink.getInterfaceName(); |
| 1798 | if (stackedIface != null) { |
| 1799 | ifaces.add(stackedIface); |
| 1800 | } |
| 1801 | } |
| 1802 | } |
| 1803 | |
| 1804 | /** |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1805 | * Examine all currently active subscriptions from |
| 1806 | * {@link SubscriptionManager#getActiveSubscriptionIdList()} and update |
| 1807 | * internal data structures. |
| 1808 | * <p> |
| 1809 | * Callers <em>must not</em> hold any locks when this method called. |
| 1810 | */ |
| 1811 | void updateSubscriptions() { |
| 1812 | if (LOGV) Slog.v(TAG, "updateSubscriptions()"); |
| 1813 | Trace.traceBegin(TRACE_TAG_NETWORK, "updateSubscriptions"); |
| 1814 | |
| 1815 | final TelephonyManager tm = mContext.getSystemService(TelephonyManager.class); |
| 1816 | final SubscriptionManager sm = mContext.getSystemService(SubscriptionManager.class); |
| 1817 | |
| 1818 | final int[] subIds = ArrayUtils.defeatNullable(sm.getActiveSubscriptionIdList()); |
Malcolm Chen | 07fcb5b | 2019-07-02 22:29:35 -0700 | [diff] [blame] | 1819 | final List<String[]> mergedSubscriberIdsList = new ArrayList(); |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1820 | |
| 1821 | final SparseArray<String> subIdToSubscriberId = new SparseArray<>(subIds.length); |
| 1822 | for (int subId : subIds) { |
| 1823 | final String subscriberId = tm.getSubscriberId(subId); |
| 1824 | if (!TextUtils.isEmpty(subscriberId)) { |
| 1825 | subIdToSubscriberId.put(subId, subscriberId); |
| 1826 | } else { |
| 1827 | Slog.wtf(TAG, "Missing subscriberId for subId " + subId); |
| 1828 | } |
Malcolm Chen | 07fcb5b | 2019-07-02 22:29:35 -0700 | [diff] [blame] | 1829 | |
| 1830 | String[] mergedSubscriberId = ArrayUtils.defeatNullable( |
| 1831 | tm.createForSubscriptionId(subId).getMergedSubscriberIdsFromGroup()); |
| 1832 | mergedSubscriberIdsList.add(mergedSubscriberId); |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1833 | } |
| 1834 | |
| 1835 | synchronized (mNetworkPoliciesSecondLock) { |
| 1836 | mSubIdToSubscriberId.clear(); |
| 1837 | for (int i = 0; i < subIdToSubscriberId.size(); i++) { |
| 1838 | mSubIdToSubscriberId.put(subIdToSubscriberId.keyAt(i), |
| 1839 | subIdToSubscriberId.valueAt(i)); |
| 1840 | } |
| 1841 | |
Malcolm Chen | 07fcb5b | 2019-07-02 22:29:35 -0700 | [diff] [blame] | 1842 | mMergedSubscriberIds = mergedSubscriberIdsList; |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 1843 | } |
| 1844 | |
| 1845 | Trace.traceEnd(TRACE_TAG_NETWORK); |
| 1846 | } |
| 1847 | |
| 1848 | /** |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1849 | * Examine all connected {@link NetworkState}, looking for |
| 1850 | * {@link NetworkPolicy} that need to be enforced. When matches found, set |
| 1851 | * remaining quota based on usage cycle and historical stats. |
| 1852 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 1853 | @GuardedBy("mNetworkPoliciesSecondLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 1854 | void updateNetworkRulesNL() { |
| 1855 | if (LOGV) Slog.v(TAG, "updateNetworkRulesNL()"); |
Jeff Sharkey | 0007239 | 2018-04-12 14:26:32 -0600 | [diff] [blame] | 1856 | Trace.traceBegin(TRACE_TAG_NETWORK, "updateNetworkRulesNL"); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1857 | |
| 1858 | final NetworkState[] states; |
| 1859 | try { |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1860 | states = defeatNullable(mConnManager.getAllNetworkState()); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1861 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 1862 | // ignored; service lives in system_server |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1863 | return; |
| 1864 | } |
| 1865 | |
Jeff Sharkey | eb2c2c7 | 2014-08-11 15:22:51 -0700 | [diff] [blame] | 1866 | // First, generate identities of all connected networks so we can |
| 1867 | // quickly compare them against all defined policies below. |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 1868 | mNetIdToSubId.clear(); |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1869 | final ArrayMap<NetworkState, NetworkIdentity> identified = new ArrayMap<>(); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1870 | for (NetworkState state : states) { |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1871 | if (state.network != null) { |
| 1872 | mNetIdToSubId.put(state.network.netId, parseSubId(state)); |
| 1873 | } |
Wei Liu | b8eaf45 | 2016-01-25 10:32:27 -0800 | [diff] [blame] | 1874 | if (state.networkInfo != null && state.networkInfo.isConnected()) { |
Lorenzo Colitti | d3e4a1e | 2018-01-19 01:12:04 +0900 | [diff] [blame] | 1875 | final NetworkIdentity ident = NetworkIdentity.buildNetworkIdentity(mContext, state, |
| 1876 | true); |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1877 | identified.put(state, ident); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1878 | } |
| 1879 | } |
| 1880 | |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1881 | final ArraySet<String> newMeteredIfaces = new ArraySet<>(); |
Jeff Sharkey | ac3fcb1 | 2012-05-02 18:11:52 -0700 | [diff] [blame] | 1882 | long lowestRule = Long.MAX_VALUE; |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 1883 | |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1884 | // For every well-defined policy, compute remaining data based on |
| 1885 | // current cycle and historical stats, and push to kernel. |
| 1886 | final ArraySet<String> matchingIfaces = new ArraySet<>(); |
| 1887 | for (int i = mNetworkPolicy.size() - 1; i >= 0; i--) { |
| 1888 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
| 1889 | |
| 1890 | // Collect all ifaces that match this policy |
| 1891 | matchingIfaces.clear(); |
| 1892 | for (int j = identified.size() - 1; j >= 0; j--) { |
| 1893 | if (policy.template.matches(identified.valueAt(j))) { |
| 1894 | collectIfaces(matchingIfaces, identified.keyAt(j)); |
| 1895 | } |
| 1896 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1897 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1898 | if (LOGD) { |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1899 | Slog.d(TAG, "Applying " + policy + " to ifaces " + matchingIfaces); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 1900 | } |
| 1901 | |
Jeff Sharkey | ac3fcb1 | 2012-05-02 18:11:52 -0700 | [diff] [blame] | 1902 | final boolean hasWarning = policy.warningBytes != LIMIT_DISABLED; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1903 | final boolean hasLimit = policy.limitBytes != LIMIT_DISABLED; |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 1904 | if (hasLimit || policy.metered) { |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1905 | final long quotaBytes; |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 1906 | if (hasLimit && policy.hasCycle()) { |
| 1907 | final Pair<ZonedDateTime, ZonedDateTime> cycle = NetworkPolicyManager |
| 1908 | .cycleIterator(policy).next(); |
| 1909 | final long start = cycle.first.toInstant().toEpochMilli(); |
| 1910 | final long end = cycle.second.toInstant().toEpochMilli(); |
| 1911 | final long totalBytes = getTotalBytes(policy.template, start, end); |
| 1912 | |
| 1913 | if (policy.lastLimitSnooze >= start) { |
| 1914 | // snoozing past quota, but we still need to restrict apps, |
| 1915 | // so push really high quota. |
| 1916 | quotaBytes = Long.MAX_VALUE; |
| 1917 | } else { |
| 1918 | // remaining "quota" bytes are based on total usage in |
| 1919 | // current cycle. kernel doesn't like 0-byte rules, so we |
| 1920 | // set 1-byte quota and disable the radio later. |
| 1921 | quotaBytes = Math.max(1, policy.limitBytes - totalBytes); |
| 1922 | } |
| 1923 | } else { |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 1924 | // metered network, but no policy limit; we still need to |
| 1925 | // restrict apps, so push really high quota. |
| 1926 | quotaBytes = Long.MAX_VALUE; |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1927 | } |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1928 | |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1929 | if (matchingIfaces.size() > 1) { |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1930 | // TODO: switch to shared quota once NMS supports |
| 1931 | Slog.w(TAG, "shared quota unsupported; generating rule for each iface"); |
Ashish Sharma | 50fd36d | 2011-06-15 19:34:53 -0700 | [diff] [blame] | 1932 | } |
| 1933 | |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1934 | for (int j = matchingIfaces.size() - 1; j >= 0; j--) { |
| 1935 | final String iface = matchingIfaces.valueAt(j); |
| 1936 | setInterfaceQuotaAsync(iface, quotaBytes); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 1937 | newMeteredIfaces.add(iface); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1938 | } |
| 1939 | } |
Jeff Sharkey | ac3fcb1 | 2012-05-02 18:11:52 -0700 | [diff] [blame] | 1940 | |
| 1941 | // keep track of lowest warning or limit of active policies |
| 1942 | if (hasWarning && policy.warningBytes < lowestRule) { |
| 1943 | lowestRule = policy.warningBytes; |
| 1944 | } |
| 1945 | if (hasLimit && policy.limitBytes < lowestRule) { |
| 1946 | lowestRule = policy.limitBytes; |
| 1947 | } |
| 1948 | } |
| 1949 | |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1950 | // One final pass to catch any metered ifaces that don't have explicitly |
| 1951 | // defined policies; typically Wi-Fi networks. |
| 1952 | for (NetworkState state : states) { |
| 1953 | if (state.networkInfo != null && state.networkInfo.isConnected() |
| 1954 | && !state.networkCapabilities.hasCapability(NET_CAPABILITY_NOT_METERED)) { |
| 1955 | matchingIfaces.clear(); |
| 1956 | collectIfaces(matchingIfaces, state); |
| 1957 | for (int j = matchingIfaces.size() - 1; j >= 0; j--) { |
| 1958 | final String iface = matchingIfaces.valueAt(j); |
| 1959 | if (!newMeteredIfaces.contains(iface)) { |
| 1960 | setInterfaceQuotaAsync(iface, Long.MAX_VALUE); |
| 1961 | newMeteredIfaces.add(iface); |
| 1962 | } |
| 1963 | } |
| 1964 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 1965 | } |
| 1966 | |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1967 | // Remove quota from any interfaces that are no longer metered. |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 1968 | for (int i = mMeteredIfaces.size() - 1; i >= 0; i--) { |
| 1969 | final String iface = mMeteredIfaces.valueAt(i); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1970 | if (!newMeteredIfaces.contains(iface)) { |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 1971 | removeInterfaceQuotaAsync(iface); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1972 | } |
| 1973 | } |
| 1974 | mMeteredIfaces = newMeteredIfaces; |
| 1975 | |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 1976 | final ContentResolver cr = mContext.getContentResolver(); |
| 1977 | final boolean quotaEnabled = Settings.Global.getInt(cr, |
| 1978 | NETPOLICY_QUOTA_ENABLED, 1) != 0; |
| 1979 | final long quotaUnlimited = Settings.Global.getLong(cr, |
| 1980 | NETPOLICY_QUOTA_UNLIMITED, QUOTA_UNLIMITED_DEFAULT); |
| 1981 | final float quotaLimited = Settings.Global.getFloat(cr, |
| 1982 | NETPOLICY_QUOTA_LIMITED, QUOTA_LIMITED_DEFAULT); |
| 1983 | |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 1984 | // Finally, calculate our opportunistic quotas |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 1985 | mSubscriptionOpportunisticQuota.clear(); |
| 1986 | for (NetworkState state : states) { |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 1987 | if (!quotaEnabled) continue; |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1988 | if (state.network == null) continue; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 1989 | final int subId = getSubIdLocked(state.network); |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1990 | final SubscriptionPlan plan = getPrimarySubscriptionPlanLocked(subId); |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 1991 | if (plan == null) continue; |
| 1992 | |
Remi NGUYEN VAN | 5a89f94 | 2018-03-30 21:17:42 +0900 | [diff] [blame] | 1993 | final long quotaBytes; |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 1994 | final long limitBytes = plan.getDataLimitBytes(); |
Remi NGUYEN VAN | ed6d2ca | 2018-04-04 11:12:51 +0900 | [diff] [blame] | 1995 | if (!state.networkCapabilities.hasCapability(NET_CAPABILITY_NOT_ROAMING)) { |
| 1996 | // Clamp to 0 when roaming |
| 1997 | quotaBytes = 0; |
| 1998 | } else if (limitBytes == SubscriptionPlan.BYTES_UNKNOWN) { |
Remi NGUYEN VAN | 5a89f94 | 2018-03-30 21:17:42 +0900 | [diff] [blame] | 1999 | quotaBytes = OPPORTUNISTIC_QUOTA_UNKNOWN; |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 2000 | } else if (limitBytes == SubscriptionPlan.BYTES_UNLIMITED) { |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 2001 | // Unlimited data; let's use 20MiB/day (600MiB/month) |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 2002 | quotaBytes = quotaUnlimited; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 2003 | } else { |
| 2004 | // Limited data; let's only use 10% of remaining budget |
Jeff Sharkey | 0fc6d03 | 2018-03-30 16:25:11 -0600 | [diff] [blame] | 2005 | final Range<ZonedDateTime> cycle = plan.cycleIterator().next(); |
| 2006 | final long start = cycle.getLower().toInstant().toEpochMilli(); |
| 2007 | final long end = cycle.getUpper().toInstant().toEpochMilli(); |
Remi NGUYEN VAN | bed7b97 | 2018-04-02 15:48:19 +0900 | [diff] [blame] | 2008 | final Instant now = mClock.instant(); |
Jeff Sharkey | 0fc6d03 | 2018-03-30 16:25:11 -0600 | [diff] [blame] | 2009 | final long startOfDay = ZonedDateTime.ofInstant(now, cycle.getLower().getZone()) |
Remi NGUYEN VAN | bed7b97 | 2018-04-02 15:48:19 +0900 | [diff] [blame] | 2010 | .truncatedTo(ChronoUnit.DAYS) |
| 2011 | .toInstant().toEpochMilli(); |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 2012 | final long totalBytes = getTotalBytes( |
Remi NGUYEN VAN | bed7b97 | 2018-04-02 15:48:19 +0900 | [diff] [blame] | 2013 | NetworkTemplate.buildTemplateMobileAll(state.subscriberId), |
| 2014 | start, startOfDay); |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 2015 | final long remainingBytes = limitBytes - totalBytes; |
Remi NGUYEN VAN | bed7b97 | 2018-04-02 15:48:19 +0900 | [diff] [blame] | 2016 | // Number of remaining days including current day |
| 2017 | final long remainingDays = |
| 2018 | 1 + ((end - now.toEpochMilli() - 1) / TimeUnit.DAYS.toMillis(1)); |
Remi NGUYEN VAN | 5a89f94 | 2018-03-30 21:17:42 +0900 | [diff] [blame] | 2019 | |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 2020 | quotaBytes = Math.max(0, (long) ((remainingBytes / remainingDays) * quotaLimited)); |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 2021 | } |
| 2022 | |
| 2023 | mSubscriptionOpportunisticQuota.put(subId, quotaBytes); |
| 2024 | } |
| 2025 | |
Jeff Sharkey | fdfef57 | 2011-06-16 15:07:48 -0700 | [diff] [blame] | 2026 | final String[] meteredIfaces = mMeteredIfaces.toArray(new String[mMeteredIfaces.size()]); |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 2027 | mHandler.obtainMessage(MSG_METERED_IFACES_CHANGED, meteredIfaces).sendToTarget(); |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 2028 | |
| 2029 | mHandler.obtainMessage(MSG_ADVISE_PERSIST_THRESHOLD, lowestRule).sendToTarget(); |
Jeff Sharkey | 0007239 | 2018-04-12 14:26:32 -0600 | [diff] [blame] | 2030 | |
| 2031 | Trace.traceEnd(TRACE_TAG_NETWORK); |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 2032 | } |
| 2033 | |
| 2034 | /** |
| 2035 | * Once any {@link #mNetworkPolicy} are loaded from disk, ensure that we |
| 2036 | * have at least a default mobile policy defined. |
| 2037 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2038 | @GuardedBy("mNetworkPoliciesSecondLock") |
Hugo Benichi | 446c9c9 | 2017-04-10 09:41:10 +0900 | [diff] [blame] | 2039 | private void ensureActiveMobilePolicyAL() { |
| 2040 | if (LOGV) Slog.v(TAG, "ensureActiveMobilePolicyAL()"); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 2041 | if (mSuppressDefaultPolicy) return; |
| 2042 | |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 2043 | for (int i = 0; i < mSubIdToSubscriberId.size(); i++) { |
| 2044 | final int subId = mSubIdToSubscriberId.keyAt(i); |
| 2045 | final String subscriberId = mSubIdToSubscriberId.valueAt(i); |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 2046 | |
Hugo Benichi | 446c9c9 | 2017-04-10 09:41:10 +0900 | [diff] [blame] | 2047 | ensureActiveMobilePolicyAL(subId, subscriberId); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2048 | } |
| 2049 | } |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 2050 | |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2051 | /** |
| 2052 | * Once any {@link #mNetworkPolicy} are loaded from disk, ensure that we |
| 2053 | * have at least a default mobile policy defined. |
| 2054 | * |
| 2055 | * @param subId to build a default policy for |
| 2056 | * @param subscriberId that we check for an existing policy |
| 2057 | * @return true if a mobile network policy was added, or false one already existed. |
| 2058 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2059 | @GuardedBy("mNetworkPoliciesSecondLock") |
Hugo Benichi | 446c9c9 | 2017-04-10 09:41:10 +0900 | [diff] [blame] | 2060 | private boolean ensureActiveMobilePolicyAL(int subId, String subscriberId) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2061 | // Poke around to see if we already have a policy |
| 2062 | final NetworkIdentity probeIdent = new NetworkIdentity(TYPE_MOBILE, |
Lorenzo Colitti | d3e4a1e | 2018-01-19 01:12:04 +0900 | [diff] [blame] | 2063 | TelephonyManager.NETWORK_TYPE_UNKNOWN, subscriberId, null, false, true, true); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2064 | for (int i = mNetworkPolicy.size() - 1; i >= 0; i--) { |
| 2065 | final NetworkTemplate template = mNetworkPolicy.keyAt(i); |
| 2066 | if (template.matches(probeIdent)) { |
| 2067 | if (LOGD) { |
| 2068 | Slog.d(TAG, "Found template " + template + " which matches subscriber " |
| 2069 | + NetworkIdentity.scrubSubscriberId(subscriberId)); |
| 2070 | } |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2071 | return false; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 2072 | } |
| 2073 | } |
| 2074 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2075 | Slog.i(TAG, "No policy for subscriber " + NetworkIdentity.scrubSubscriberId(subscriberId) |
| 2076 | + "; generating default policy"); |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2077 | final NetworkPolicy policy = buildDefaultMobilePolicy(subId, subscriberId); |
Hugo Benichi | 446c9c9 | 2017-04-10 09:41:10 +0900 | [diff] [blame] | 2078 | addNetworkPolicyAL(policy); |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2079 | return true; |
| 2080 | } |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 2081 | |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2082 | private long getPlatformDefaultWarningBytes() { |
Fan Zhang | da71ca0 | 2016-09-12 17:36:22 -0700 | [diff] [blame] | 2083 | final int dataWarningConfig = mContext.getResources().getInteger( |
| 2084 | com.android.internal.R.integer.config_networkPolicyDefaultWarning); |
Fan Zhang | da71ca0 | 2016-09-12 17:36:22 -0700 | [diff] [blame] | 2085 | if (dataWarningConfig == WARNING_DISABLED) { |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2086 | return WARNING_DISABLED; |
Fan Zhang | da71ca0 | 2016-09-12 17:36:22 -0700 | [diff] [blame] | 2087 | } else { |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2088 | return dataWarningConfig * MB_IN_BYTES; |
Fan Zhang | da71ca0 | 2016-09-12 17:36:22 -0700 | [diff] [blame] | 2089 | } |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2090 | } |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 2091 | |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2092 | private long getPlatformDefaultLimitBytes() { |
| 2093 | return LIMIT_DISABLED; |
| 2094 | } |
| 2095 | |
| 2096 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 2097 | NetworkPolicy buildDefaultMobilePolicy(int subId, String subscriberId) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2098 | final NetworkTemplate template = buildTemplateMobileAll(subscriberId); |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 2099 | final RecurrenceRule cycleRule = NetworkPolicy |
| 2100 | .buildRule(ZonedDateTime.now().getDayOfMonth(), ZoneId.systemDefault()); |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2101 | final NetworkPolicy policy = new NetworkPolicy(template, cycleRule, |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 2102 | getPlatformDefaultWarningBytes(), getPlatformDefaultLimitBytes(), |
| 2103 | SNOOZE_NEVER, SNOOZE_NEVER, true, true); |
| 2104 | synchronized (mUidRulesFirstLock) { |
| 2105 | synchronized (mNetworkPoliciesSecondLock) { |
| 2106 | updateDefaultMobilePolicyAL(subId, policy); |
| 2107 | } |
| 2108 | } |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2109 | return policy; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2110 | } |
| 2111 | |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 2112 | /** |
| 2113 | * Update the given {@link NetworkPolicy} based on any carrier-provided |
| 2114 | * defaults via {@link SubscriptionPlan} or {@link CarrierConfigManager}. |
| 2115 | * Leaves policy untouched if the user has modified it. |
| 2116 | * |
| 2117 | * @return if the policy was modified |
| 2118 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2119 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 2120 | private boolean updateDefaultMobilePolicyAL(int subId, NetworkPolicy policy) { |
| 2121 | if (!policy.inferred) { |
| 2122 | if (LOGD) Slog.d(TAG, "Ignoring user-defined policy " + policy); |
| 2123 | return false; |
| 2124 | } |
| 2125 | |
| 2126 | final NetworkPolicy original = new NetworkPolicy(policy.template, policy.cycleRule, |
| 2127 | policy.warningBytes, policy.limitBytes, policy.lastWarningSnooze, |
| 2128 | policy.lastLimitSnooze, policy.metered, policy.inferred); |
| 2129 | |
| 2130 | final SubscriptionPlan[] plans = mSubscriptionPlans.get(subId); |
| 2131 | if (!ArrayUtils.isEmpty(plans)) { |
| 2132 | final SubscriptionPlan plan = plans[0]; |
| 2133 | policy.cycleRule = plan.getCycleRule(); |
| 2134 | final long planLimitBytes = plan.getDataLimitBytes(); |
| 2135 | if (planLimitBytes == SubscriptionPlan.BYTES_UNKNOWN) { |
| 2136 | policy.warningBytes = getPlatformDefaultWarningBytes(); |
| 2137 | policy.limitBytes = getPlatformDefaultLimitBytes(); |
| 2138 | } else if (planLimitBytes == SubscriptionPlan.BYTES_UNLIMITED) { |
| 2139 | policy.warningBytes = NetworkPolicy.WARNING_DISABLED; |
| 2140 | policy.limitBytes = NetworkPolicy.LIMIT_DISABLED; |
| 2141 | } else { |
| 2142 | policy.warningBytes = (planLimitBytes * 9) / 10; |
| 2143 | switch (plan.getDataLimitBehavior()) { |
| 2144 | case SubscriptionPlan.LIMIT_BEHAVIOR_BILLED: |
| 2145 | case SubscriptionPlan.LIMIT_BEHAVIOR_DISABLED: |
| 2146 | policy.limitBytes = planLimitBytes; |
| 2147 | break; |
| 2148 | default: |
| 2149 | policy.limitBytes = NetworkPolicy.LIMIT_DISABLED; |
| 2150 | break; |
| 2151 | } |
| 2152 | } |
| 2153 | } else { |
| 2154 | final PersistableBundle config = mCarrierConfigManager.getConfigForSubId(subId); |
| 2155 | final int currentCycleDay; |
| 2156 | if (policy.cycleRule.isMonthly()) { |
| 2157 | currentCycleDay = policy.cycleRule.start.getDayOfMonth(); |
| 2158 | } else { |
| 2159 | currentCycleDay = NetworkPolicy.CYCLE_NONE; |
| 2160 | } |
| 2161 | final int cycleDay = getCycleDayFromCarrierConfig(config, currentCycleDay); |
| 2162 | policy.cycleRule = NetworkPolicy.buildRule(cycleDay, ZoneId.systemDefault()); |
| 2163 | policy.warningBytes = getWarningBytesFromCarrierConfig(config, policy.warningBytes); |
| 2164 | policy.limitBytes = getLimitBytesFromCarrierConfig(config, policy.limitBytes); |
| 2165 | } |
| 2166 | |
| 2167 | if (policy.equals(original)) { |
| 2168 | return false; |
| 2169 | } else { |
| 2170 | Slog.d(TAG, "Updated " + original + " to " + policy); |
| 2171 | return true; |
| 2172 | } |
| 2173 | } |
| 2174 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2175 | @GuardedBy({"mUidRulesFirstLock", "mNetworkPoliciesSecondLock"}) |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2176 | private void readPolicyAL() { |
| 2177 | if (LOGV) Slog.v(TAG, "readPolicyAL()"); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2178 | |
| 2179 | // clear any existing policy and read from disk |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 2180 | mNetworkPolicy.clear(); |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2181 | mSubscriptionPlans.clear(); |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 2182 | mSubscriptionPlansOwner.clear(); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2183 | mUidPolicy.clear(); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2184 | |
| 2185 | FileInputStream fis = null; |
| 2186 | try { |
| 2187 | fis = mPolicyFile.openRead(); |
| 2188 | final XmlPullParser in = Xml.newPullParser(); |
Wojciech Staszkiewicz | 9e9e2e7 | 2015-05-08 14:58:46 +0100 | [diff] [blame] | 2189 | in.setInput(fis, StandardCharsets.UTF_8.name()); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2190 | |
Felipe Leme | 46b451f | 2016-08-19 08:46:17 -0700 | [diff] [blame] | 2191 | // Must save the <restrict-background> tags and convert them to <uid-policy> later, |
| 2192 | // to skip UIDs that were explicitly blacklisted. |
| 2193 | final SparseBooleanArray whitelistedRestrictBackground = new SparseBooleanArray(); |
| 2194 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2195 | int type; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2196 | int version = VERSION_INIT; |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2197 | boolean insideWhitelist = false; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2198 | while ((type = in.next()) != END_DOCUMENT) { |
| 2199 | final String tag = in.getName(); |
| 2200 | if (type == START_TAG) { |
| 2201 | if (TAG_POLICY_LIST.equals(tag)) { |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 2202 | final boolean oldValue = mRestrictBackground; |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2203 | version = readIntAttribute(in, ATTR_VERSION); |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 2204 | mLoadedRestrictBackground = (version >= VERSION_ADDED_RESTRICT_BACKGROUND) |
| 2205 | && readBooleanAttribute(in, ATTR_RESTRICT_BACKGROUND); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2206 | } else if (TAG_NETWORK_POLICY.equals(tag)) { |
| 2207 | final int networkTemplate = readIntAttribute(in, ATTR_NETWORK_TEMPLATE); |
| 2208 | final String subscriberId = in.getAttributeValue(null, ATTR_SUBSCRIBER_ID); |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 2209 | final String networkId; |
| 2210 | if (version >= VERSION_ADDED_NETWORK_ID) { |
| 2211 | networkId = in.getAttributeValue(null, ATTR_NETWORK_ID); |
| 2212 | } else { |
| 2213 | networkId = null; |
| 2214 | } |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2215 | final RecurrenceRule cycleRule; |
| 2216 | if (version >= VERSION_ADDED_CYCLE) { |
| 2217 | final String start = readStringAttribute(in, ATTR_CYCLE_START); |
| 2218 | final String end = readStringAttribute(in, ATTR_CYCLE_END); |
| 2219 | final String period = readStringAttribute(in, ATTR_CYCLE_PERIOD); |
| 2220 | cycleRule = new RecurrenceRule( |
| 2221 | RecurrenceRule.convertZonedDateTime(start), |
| 2222 | RecurrenceRule.convertZonedDateTime(end), |
| 2223 | RecurrenceRule.convertPeriod(period)); |
Jeff Sharkey | 9bf3150 | 2012-03-09 17:07:21 -0800 | [diff] [blame] | 2224 | } else { |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2225 | final int cycleDay = readIntAttribute(in, ATTR_CYCLE_DAY); |
| 2226 | final String cycleTimezone; |
| 2227 | if (version >= VERSION_ADDED_TIMEZONE) { |
| 2228 | cycleTimezone = in.getAttributeValue(null, ATTR_CYCLE_TIMEZONE); |
| 2229 | } else { |
| 2230 | cycleTimezone = "UTC"; |
| 2231 | } |
| 2232 | cycleRule = NetworkPolicy.buildRule(cycleDay, ZoneId.of(cycleTimezone)); |
Jeff Sharkey | 9bf3150 | 2012-03-09 17:07:21 -0800 | [diff] [blame] | 2233 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2234 | final long warningBytes = readLongAttribute(in, ATTR_WARNING_BYTES); |
| 2235 | final long limitBytes = readLongAttribute(in, ATTR_LIMIT_BYTES); |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 2236 | final long lastLimitSnooze; |
| 2237 | if (version >= VERSION_SPLIT_SNOOZE) { |
| 2238 | lastLimitSnooze = readLongAttribute(in, ATTR_LAST_LIMIT_SNOOZE); |
| 2239 | } else if (version >= VERSION_ADDED_SNOOZE) { |
| 2240 | lastLimitSnooze = readLongAttribute(in, ATTR_LAST_SNOOZE); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2241 | } else { |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 2242 | lastLimitSnooze = SNOOZE_NEVER; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2243 | } |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 2244 | final boolean metered; |
| 2245 | if (version >= VERSION_ADDED_METERED) { |
| 2246 | metered = readBooleanAttribute(in, ATTR_METERED); |
| 2247 | } else { |
| 2248 | switch (networkTemplate) { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 2249 | case MATCH_MOBILE: |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 2250 | metered = true; |
| 2251 | break; |
| 2252 | default: |
| 2253 | metered = false; |
| 2254 | } |
| 2255 | } |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 2256 | final long lastWarningSnooze; |
| 2257 | if (version >= VERSION_SPLIT_SNOOZE) { |
| 2258 | lastWarningSnooze = readLongAttribute(in, ATTR_LAST_WARNING_SNOOZE); |
| 2259 | } else { |
| 2260 | lastWarningSnooze = SNOOZE_NEVER; |
| 2261 | } |
Jeff Sharkey | 837f924 | 2012-03-20 16:52:20 -0700 | [diff] [blame] | 2262 | final boolean inferred; |
| 2263 | if (version >= VERSION_ADDED_INFERRED) { |
| 2264 | inferred = readBooleanAttribute(in, ATTR_INFERRED); |
| 2265 | } else { |
| 2266 | inferred = false; |
| 2267 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2268 | |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2269 | final NetworkTemplate template = new NetworkTemplate(networkTemplate, |
| 2270 | subscriberId, networkId); |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 2271 | if (template.isPersistable()) { |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2272 | mNetworkPolicy.put(template, new NetworkPolicy(template, cycleRule, |
| 2273 | warningBytes, limitBytes, lastWarningSnooze, |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 2274 | lastLimitSnooze, metered, inferred)); |
| 2275 | } |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2276 | |
| 2277 | } else if (TAG_SUBSCRIPTION_PLAN.equals(tag)) { |
| 2278 | final String start = readStringAttribute(in, ATTR_CYCLE_START); |
| 2279 | final String end = readStringAttribute(in, ATTR_CYCLE_END); |
| 2280 | final String period = readStringAttribute(in, ATTR_CYCLE_PERIOD); |
| 2281 | final SubscriptionPlan.Builder builder = new SubscriptionPlan.Builder( |
| 2282 | RecurrenceRule.convertZonedDateTime(start), |
| 2283 | RecurrenceRule.convertZonedDateTime(end), |
| 2284 | RecurrenceRule.convertPeriod(period)); |
| 2285 | builder.setTitle(readStringAttribute(in, ATTR_TITLE)); |
| 2286 | builder.setSummary(readStringAttribute(in, ATTR_SUMMARY)); |
| 2287 | |
| 2288 | final long limitBytes = readLongAttribute(in, ATTR_LIMIT_BYTES, |
| 2289 | SubscriptionPlan.BYTES_UNKNOWN); |
| 2290 | final int limitBehavior = readIntAttribute(in, ATTR_LIMIT_BEHAVIOR, |
| 2291 | SubscriptionPlan.LIMIT_BEHAVIOR_UNKNOWN); |
| 2292 | if (limitBytes != SubscriptionPlan.BYTES_UNKNOWN |
| 2293 | && limitBehavior != SubscriptionPlan.LIMIT_BEHAVIOR_UNKNOWN) { |
| 2294 | builder.setDataLimit(limitBytes, limitBehavior); |
| 2295 | } |
| 2296 | |
| 2297 | final long usageBytes = readLongAttribute(in, ATTR_USAGE_BYTES, |
| 2298 | SubscriptionPlan.BYTES_UNKNOWN); |
| 2299 | final long usageTime = readLongAttribute(in, ATTR_USAGE_TIME, |
| 2300 | SubscriptionPlan.TIME_UNKNOWN); |
| 2301 | if (usageBytes != SubscriptionPlan.BYTES_UNKNOWN |
| 2302 | && usageTime != SubscriptionPlan.TIME_UNKNOWN) { |
| 2303 | builder.setDataUsage(usageBytes, usageTime); |
| 2304 | } |
| 2305 | |
| 2306 | final int subId = readIntAttribute(in, ATTR_SUB_ID); |
| 2307 | final SubscriptionPlan plan = builder.build(); |
| 2308 | mSubscriptionPlans.put(subId, ArrayUtils.appendElement( |
| 2309 | SubscriptionPlan.class, mSubscriptionPlans.get(subId), plan)); |
| 2310 | |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 2311 | final String ownerPackage = readStringAttribute(in, ATTR_OWNER_PACKAGE); |
| 2312 | mSubscriptionPlansOwner.put(subId, ownerPackage); |
| 2313 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2314 | } else if (TAG_UID_POLICY.equals(tag)) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2315 | final int uid = readIntAttribute(in, ATTR_UID); |
| 2316 | final int policy = readIntAttribute(in, ATTR_POLICY); |
| 2317 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2318 | if (UserHandle.isApp(uid)) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2319 | setUidPolicyUncheckedUL(uid, policy, false); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 2320 | } else { |
| 2321 | Slog.w(TAG, "unable to apply policy to UID " + uid + "; ignoring"); |
| 2322 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2323 | } else if (TAG_APP_POLICY.equals(tag)) { |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 2324 | final int appId = readIntAttribute(in, ATTR_APP_ID); |
| 2325 | final int policy = readIntAttribute(in, ATTR_POLICY); |
| 2326 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2327 | // TODO: set for other users during upgrade |
Xiaohui Chen | be3b067 | 2015-09-02 13:29:22 -0700 | [diff] [blame] | 2328 | // app policy is deprecated so this is only used in pre system user split. |
| 2329 | final int uid = UserHandle.getUid(UserHandle.USER_SYSTEM, appId); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2330 | if (UserHandle.isApp(uid)) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2331 | setUidPolicyUncheckedUL(uid, policy, false); |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 2332 | } else { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2333 | Slog.w(TAG, "unable to apply policy to UID " + uid + "; ignoring"); |
Jeff Sharkey | 8a8b581 | 2012-03-21 18:13:36 -0700 | [diff] [blame] | 2334 | } |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2335 | } else if (TAG_WHITELIST.equals(tag)) { |
| 2336 | insideWhitelist = true; |
| 2337 | } else if (TAG_RESTRICT_BACKGROUND.equals(tag) && insideWhitelist) { |
| 2338 | final int uid = readIntAttribute(in, ATTR_UID); |
Felipe Leme | 46b451f | 2016-08-19 08:46:17 -0700 | [diff] [blame] | 2339 | whitelistedRestrictBackground.append(uid, true); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 2340 | } else if (TAG_REVOKED_RESTRICT_BACKGROUND.equals(tag) && insideWhitelist) { |
| 2341 | final int uid = readIntAttribute(in, ATTR_UID); |
| 2342 | mRestrictBackgroundWhitelistRevokedUids.put(uid, true); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2343 | } |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2344 | } else if (type == END_TAG) { |
| 2345 | if (TAG_WHITELIST.equals(tag)) { |
| 2346 | insideWhitelist = false; |
| 2347 | } |
| 2348 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2349 | } |
| 2350 | } |
| 2351 | |
Felipe Leme | 46b451f | 2016-08-19 08:46:17 -0700 | [diff] [blame] | 2352 | final int size = whitelistedRestrictBackground.size(); |
| 2353 | for (int i = 0; i < size; i++) { |
| 2354 | final int uid = whitelistedRestrictBackground.keyAt(i); |
| 2355 | final int policy = mUidPolicy.get(uid, POLICY_NONE); |
| 2356 | if ((policy & POLICY_REJECT_METERED_BACKGROUND) != 0) { |
| 2357 | Slog.w(TAG, "ignoring restrict-background-whitelist for " + uid |
| 2358 | + " because its policy is " + uidPoliciesToString(policy)); |
| 2359 | continue; |
| 2360 | } |
| 2361 | if (UserHandle.isApp(uid)) { |
| 2362 | final int newPolicy = policy | POLICY_ALLOW_METERED_BACKGROUND; |
| 2363 | if (LOGV) |
| 2364 | Log.v(TAG, "new policy for " + uid + ": " + uidPoliciesToString(newPolicy)); |
| 2365 | setUidPolicyUncheckedUL(uid, newPolicy, false); |
| 2366 | } else { |
| 2367 | Slog.w(TAG, "unable to update policy on UID " + uid); |
| 2368 | } |
| 2369 | } |
| 2370 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2371 | } catch (FileNotFoundException e) { |
| 2372 | // missing policy is okay, probably first boot |
Narayan Kamath | 94bcdbc | 2017-07-17 15:32:53 +0100 | [diff] [blame] | 2373 | upgradeDefaultBackgroundDataUL(); |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2374 | } catch (Exception e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 2375 | Log.wtf(TAG, "problem reading network policy", e); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2376 | } finally { |
| 2377 | IoUtils.closeQuietly(fis); |
| 2378 | } |
| 2379 | } |
| 2380 | |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 2381 | /** |
| 2382 | * Upgrade legacy background data flags, notifying listeners of one last |
| 2383 | * change to always-true. |
| 2384 | */ |
Narayan Kamath | 94bcdbc | 2017-07-17 15:32:53 +0100 | [diff] [blame] | 2385 | private void upgradeDefaultBackgroundDataUL() { |
| 2386 | // This method is only called when we're unable to find the network policy flag, which |
| 2387 | // usually happens on first boot of a new device and not one that has received an OTA. |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 2388 | |
Narayan Kamath | 94bcdbc | 2017-07-17 15:32:53 +0100 | [diff] [blame] | 2389 | // Seed from the default value configured for this device. |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 2390 | mLoadedRestrictBackground = Settings.Global.getInt( |
Narayan Kamath | 94bcdbc | 2017-07-17 15:32:53 +0100 | [diff] [blame] | 2391 | mContext.getContentResolver(), Global.DEFAULT_RESTRICT_BACKGROUND_DATA, 0) == 1; |
| 2392 | |
| 2393 | // NOTE: We used to read the legacy setting here : |
| 2394 | // |
| 2395 | // final int legacyFlagValue = Settings.Secure.getInt( |
| 2396 | // mContext.getContentResolver(), Settings.Secure.BACKGROUND_DATA, ..); |
| 2397 | // |
| 2398 | // This is no longer necessary because we will never upgrade directly from Gingerbread |
| 2399 | // to O+. Devices upgrading from ICS onwards to O will have a netpolicy.xml file that |
| 2400 | // contains the correct value that we will continue to use. |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 2401 | } |
| 2402 | |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 2403 | /** |
| 2404 | * Perform upgrade step of moving any user-defined meterness overrides over |
| 2405 | * into {@link WifiConfiguration}. |
| 2406 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2407 | @GuardedBy({"mNetworkPoliciesSecondLock", "mUidRulesFirstLock"}) |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 2408 | private void upgradeWifiMeteredOverrideAL() { |
| 2409 | boolean modified = false; |
| 2410 | final WifiManager wm = mContext.getSystemService(WifiManager.class); |
| 2411 | final List<WifiConfiguration> configs = wm.getConfiguredNetworks(); |
| 2412 | for (int i = 0; i < mNetworkPolicy.size(); ) { |
| 2413 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
| 2414 | if (policy.template.getMatchRule() == NetworkTemplate.MATCH_WIFI |
| 2415 | && !policy.inferred) { |
| 2416 | mNetworkPolicy.removeAt(i); |
| 2417 | modified = true; |
| 2418 | |
| 2419 | final String networkId = resolveNetworkId(policy.template.getNetworkId()); |
| 2420 | for (WifiConfiguration config : configs) { |
| 2421 | if (Objects.equals(resolveNetworkId(config), networkId)) { |
| 2422 | Slog.d(TAG, "Found network " + networkId + "; upgrading metered hint"); |
| 2423 | config.meteredOverride = policy.metered |
| 2424 | ? WifiConfiguration.METERED_OVERRIDE_METERED |
| 2425 | : WifiConfiguration.METERED_OVERRIDE_NOT_METERED; |
| 2426 | wm.updateNetwork(config); |
| 2427 | } |
| 2428 | } |
| 2429 | } else { |
| 2430 | i++; |
| 2431 | } |
| 2432 | } |
| 2433 | if (modified) { |
| 2434 | writePolicyAL(); |
| 2435 | } |
| 2436 | } |
| 2437 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2438 | @GuardedBy({"mUidRulesFirstLock", "mNetworkPoliciesSecondLock"}) |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2439 | void writePolicyAL() { |
| 2440 | if (LOGV) Slog.v(TAG, "writePolicyAL()"); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2441 | |
| 2442 | FileOutputStream fos = null; |
| 2443 | try { |
| 2444 | fos = mPolicyFile.startWrite(); |
| 2445 | |
| 2446 | XmlSerializer out = new FastXmlSerializer(); |
Wojciech Staszkiewicz | 9e9e2e7 | 2015-05-08 14:58:46 +0100 | [diff] [blame] | 2447 | out.setOutput(fos, StandardCharsets.UTF_8.name()); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2448 | out.startDocument(null, true); |
| 2449 | |
| 2450 | out.startTag(null, TAG_POLICY_LIST); |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 2451 | writeIntAttribute(out, ATTR_VERSION, VERSION_LATEST); |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2452 | writeBooleanAttribute(out, ATTR_RESTRICT_BACKGROUND, mRestrictBackground); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2453 | |
| 2454 | // write all known network policies |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2455 | for (int i = 0; i < mNetworkPolicy.size(); i++) { |
| 2456 | final NetworkPolicy policy = mNetworkPolicy.valueAt(i); |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 2457 | final NetworkTemplate template = policy.template; |
Jeff Sharkey | 7474fe7b | 2016-03-21 13:12:59 -0600 | [diff] [blame] | 2458 | if (!template.isPersistable()) continue; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 2459 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2460 | out.startTag(null, TAG_NETWORK_POLICY); |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 2461 | writeIntAttribute(out, ATTR_NETWORK_TEMPLATE, template.getMatchRule()); |
| 2462 | final String subscriberId = template.getSubscriberId(); |
| 2463 | if (subscriberId != null) { |
| 2464 | out.attribute(null, ATTR_SUBSCRIBER_ID, subscriberId); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2465 | } |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 2466 | final String networkId = template.getNetworkId(); |
| 2467 | if (networkId != null) { |
| 2468 | out.attribute(null, ATTR_NETWORK_ID, networkId); |
| 2469 | } |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2470 | writeStringAttribute(out, ATTR_CYCLE_START, |
| 2471 | RecurrenceRule.convertZonedDateTime(policy.cycleRule.start)); |
| 2472 | writeStringAttribute(out, ATTR_CYCLE_END, |
| 2473 | RecurrenceRule.convertZonedDateTime(policy.cycleRule.end)); |
| 2474 | writeStringAttribute(out, ATTR_CYCLE_PERIOD, |
| 2475 | RecurrenceRule.convertPeriod(policy.cycleRule.period)); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2476 | writeLongAttribute(out, ATTR_WARNING_BYTES, policy.warningBytes); |
| 2477 | writeLongAttribute(out, ATTR_LIMIT_BYTES, policy.limitBytes); |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 2478 | writeLongAttribute(out, ATTR_LAST_WARNING_SNOOZE, policy.lastWarningSnooze); |
| 2479 | writeLongAttribute(out, ATTR_LAST_LIMIT_SNOOZE, policy.lastLimitSnooze); |
Jeff Sharkey | f60d0af | 2011-11-30 15:28:02 -0800 | [diff] [blame] | 2480 | writeBooleanAttribute(out, ATTR_METERED, policy.metered); |
Jeff Sharkey | 837f924 | 2012-03-20 16:52:20 -0700 | [diff] [blame] | 2481 | writeBooleanAttribute(out, ATTR_INFERRED, policy.inferred); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2482 | out.endTag(null, TAG_NETWORK_POLICY); |
| 2483 | } |
| 2484 | |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2485 | // write all known subscription plans |
| 2486 | for (int i = 0; i < mSubscriptionPlans.size(); i++) { |
| 2487 | final int subId = mSubscriptionPlans.keyAt(i); |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 2488 | final String ownerPackage = mSubscriptionPlansOwner.get(subId); |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2489 | final SubscriptionPlan[] plans = mSubscriptionPlans.valueAt(i); |
| 2490 | if (ArrayUtils.isEmpty(plans)) continue; |
| 2491 | |
| 2492 | for (SubscriptionPlan plan : plans) { |
| 2493 | out.startTag(null, TAG_SUBSCRIPTION_PLAN); |
| 2494 | writeIntAttribute(out, ATTR_SUB_ID, subId); |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 2495 | writeStringAttribute(out, ATTR_OWNER_PACKAGE, ownerPackage); |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 2496 | final RecurrenceRule cycleRule = plan.getCycleRule(); |
| 2497 | writeStringAttribute(out, ATTR_CYCLE_START, |
| 2498 | RecurrenceRule.convertZonedDateTime(cycleRule.start)); |
| 2499 | writeStringAttribute(out, ATTR_CYCLE_END, |
| 2500 | RecurrenceRule.convertZonedDateTime(cycleRule.end)); |
| 2501 | writeStringAttribute(out, ATTR_CYCLE_PERIOD, |
| 2502 | RecurrenceRule.convertPeriod(cycleRule.period)); |
| 2503 | writeStringAttribute(out, ATTR_TITLE, plan.getTitle()); |
| 2504 | writeStringAttribute(out, ATTR_SUMMARY, plan.getSummary()); |
| 2505 | writeLongAttribute(out, ATTR_LIMIT_BYTES, plan.getDataLimitBytes()); |
| 2506 | writeIntAttribute(out, ATTR_LIMIT_BEHAVIOR, plan.getDataLimitBehavior()); |
| 2507 | writeLongAttribute(out, ATTR_USAGE_BYTES, plan.getDataUsageBytes()); |
| 2508 | writeLongAttribute(out, ATTR_USAGE_TIME, plan.getDataUsageTime()); |
| 2509 | out.endTag(null, TAG_SUBSCRIPTION_PLAN); |
| 2510 | } |
| 2511 | } |
| 2512 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2513 | // write all known uid policies |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2514 | for (int i = 0; i < mUidPolicy.size(); i++) { |
| 2515 | final int uid = mUidPolicy.keyAt(i); |
| 2516 | final int policy = mUidPolicy.valueAt(i); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2517 | |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 2518 | // skip writing empty policies |
| 2519 | if (policy == POLICY_NONE) continue; |
| 2520 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2521 | out.startTag(null, TAG_UID_POLICY); |
| 2522 | writeIntAttribute(out, ATTR_UID, uid); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2523 | writeIntAttribute(out, ATTR_POLICY, policy); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2524 | out.endTag(null, TAG_UID_POLICY); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2525 | } |
| 2526 | |
| 2527 | out.endTag(null, TAG_POLICY_LIST); |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2528 | |
| 2529 | // write all whitelists |
| 2530 | out.startTag(null, TAG_WHITELIST); |
| 2531 | |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 2532 | // revoked restrict background whitelist |
Felipe Leme | 46b451f | 2016-08-19 08:46:17 -0700 | [diff] [blame] | 2533 | int size = mRestrictBackgroundWhitelistRevokedUids.size(); |
Felipe Leme | a9505cc | 2016-02-26 10:28:41 -0800 | [diff] [blame] | 2534 | for (int i = 0; i < size; i++) { |
| 2535 | final int uid = mRestrictBackgroundWhitelistRevokedUids.keyAt(i); |
| 2536 | out.startTag(null, TAG_REVOKED_RESTRICT_BACKGROUND); |
| 2537 | writeIntAttribute(out, ATTR_UID, uid); |
| 2538 | out.endTag(null, TAG_REVOKED_RESTRICT_BACKGROUND); |
| 2539 | } |
| 2540 | |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2541 | out.endTag(null, TAG_WHITELIST); |
| 2542 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2543 | out.endDocument(); |
| 2544 | |
| 2545 | mPolicyFile.finishWrite(fos); |
| 2546 | } catch (IOException e) { |
| 2547 | if (fos != null) { |
| 2548 | mPolicyFile.failWrite(fos); |
| 2549 | } |
| 2550 | } |
| 2551 | } |
| 2552 | |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 2553 | @Override |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2554 | public void setUidPolicy(int uid, int policy) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2555 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 2556 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2557 | if (!UserHandle.isApp(uid)) { |
| 2558 | throw new IllegalArgumentException("cannot apply policy to UID " + uid); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 2559 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2560 | synchronized (mUidRulesFirstLock) { |
Julia Reynolds | 72f83d6 | 2015-07-27 15:10:42 -0400 | [diff] [blame] | 2561 | final long token = Binder.clearCallingIdentity(); |
| 2562 | try { |
| 2563 | final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE); |
| 2564 | if (oldPolicy != policy) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2565 | setUidPolicyUncheckedUL(uid, oldPolicy, policy, true); |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 2566 | mLogger.uidPolicyChanged(uid, oldPolicy, policy); |
Julia Reynolds | 72f83d6 | 2015-07-27 15:10:42 -0400 | [diff] [blame] | 2567 | } |
| 2568 | } finally { |
| 2569 | Binder.restoreCallingIdentity(token); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2570 | } |
| 2571 | } |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 2572 | } |
| 2573 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2574 | @Override |
| 2575 | public void addUidPolicy(int uid, int policy) { |
| 2576 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 2577 | |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2578 | if (!UserHandle.isApp(uid)) { |
| 2579 | throw new IllegalArgumentException("cannot apply policy to UID " + uid); |
| 2580 | } |
| 2581 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2582 | synchronized (mUidRulesFirstLock) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2583 | final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE); |
| 2584 | policy |= oldPolicy; |
| 2585 | if (oldPolicy != policy) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2586 | setUidPolicyUncheckedUL(uid, oldPolicy, policy, true); |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 2587 | mLogger.uidPolicyChanged(uid, oldPolicy, policy); |
Jeff Sharkey | 497e443 | 2011-06-14 17:27:29 -0700 | [diff] [blame] | 2588 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2589 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 2590 | } |
| 2591 | |
| 2592 | @Override |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2593 | public void removeUidPolicy(int uid, int policy) { |
| 2594 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 2595 | |
| 2596 | if (!UserHandle.isApp(uid)) { |
| 2597 | throw new IllegalArgumentException("cannot apply policy to UID " + uid); |
| 2598 | } |
| 2599 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2600 | synchronized (mUidRulesFirstLock) { |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2601 | final int oldPolicy = mUidPolicy.get(uid, POLICY_NONE); |
| 2602 | policy = oldPolicy & ~policy; |
| 2603 | if (oldPolicy != policy) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2604 | setUidPolicyUncheckedUL(uid, oldPolicy, policy, true); |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 2605 | mLogger.uidPolicyChanged(uid, oldPolicy, policy); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2606 | } |
| 2607 | } |
| 2608 | } |
| 2609 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2610 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2611 | private void setUidPolicyUncheckedUL(int uid, int oldPolicy, int policy, boolean persist) { |
Sudheer Shanka | 5723ccb | 2018-02-13 11:08:19 -0800 | [diff] [blame] | 2612 | setUidPolicyUncheckedUL(uid, policy, false); |
Felipe Leme | 923845f | 2016-03-02 13:42:48 -0800 | [diff] [blame] | 2613 | |
Felipe Leme | 57e3d31 | 2016-08-23 14:42:52 -0700 | [diff] [blame] | 2614 | final boolean notifyApp; |
| 2615 | if (!isUidValidForWhitelistRules(uid)) { |
| 2616 | notifyApp = false; |
| 2617 | } else { |
Felipe Leme | 0ecfcd1 | 2016-09-06 12:49:48 -0700 | [diff] [blame] | 2618 | final boolean wasBlacklisted = oldPolicy == POLICY_REJECT_METERED_BACKGROUND; |
| 2619 | final boolean isBlacklisted = policy == POLICY_REJECT_METERED_BACKGROUND; |
| 2620 | final boolean wasWhitelisted = oldPolicy == POLICY_ALLOW_METERED_BACKGROUND; |
| 2621 | final boolean isWhitelisted = policy == POLICY_ALLOW_METERED_BACKGROUND; |
Felipe Leme | 57e3d31 | 2016-08-23 14:42:52 -0700 | [diff] [blame] | 2622 | final boolean wasBlocked = wasBlacklisted || (mRestrictBackground && !wasWhitelisted); |
| 2623 | final boolean isBlocked = isBlacklisted || (mRestrictBackground && !isWhitelisted); |
Felipe Leme | 03f9029 | 2016-09-08 18:10:32 -0700 | [diff] [blame] | 2624 | if ((wasWhitelisted && (!isWhitelisted || isBlacklisted)) |
| 2625 | && mDefaultRestrictBackgroundWhitelistUids.get(uid) |
| 2626 | && !mRestrictBackgroundWhitelistRevokedUids.get(uid)) { |
| 2627 | if (LOGD) |
| 2628 | Slog.d(TAG, "Adding uid " + uid + " to revoked restrict background whitelist"); |
| 2629 | mRestrictBackgroundWhitelistRevokedUids.append(uid, true); |
| 2630 | } |
Felipe Leme | 57e3d31 | 2016-08-23 14:42:52 -0700 | [diff] [blame] | 2631 | notifyApp = wasBlocked != isBlocked; |
| 2632 | } |
Felipe Leme | 0ecfcd1 | 2016-09-06 12:49:48 -0700 | [diff] [blame] | 2633 | mHandler.obtainMessage(MSG_POLICIES_CHANGED, uid, policy, Boolean.valueOf(notifyApp)) |
| 2634 | .sendToTarget(); |
Sudheer Shanka | 5723ccb | 2018-02-13 11:08:19 -0800 | [diff] [blame] | 2635 | if (persist) { |
| 2636 | synchronized (mNetworkPoliciesSecondLock) { |
| 2637 | writePolicyAL(); |
| 2638 | } |
| 2639 | } |
Felipe Leme | 923845f | 2016-03-02 13:42:48 -0800 | [diff] [blame] | 2640 | } |
| 2641 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2642 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2643 | private void setUidPolicyUncheckedUL(int uid, int policy, boolean persist) { |
Felipe Leme | 03f9029 | 2016-09-08 18:10:32 -0700 | [diff] [blame] | 2644 | if (policy == POLICY_NONE) { |
| 2645 | mUidPolicy.delete(uid); |
| 2646 | } else { |
| 2647 | mUidPolicy.put(uid, policy); |
| 2648 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2649 | |
| 2650 | // uid policy changed, recompute rules and persist policy. |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 2651 | updateRulesForDataUsageRestrictionsUL(uid); |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2652 | if (persist) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2653 | synchronized (mNetworkPoliciesSecondLock) { |
| 2654 | writePolicyAL(); |
| 2655 | } |
Dianne Hackborn | be7c50e | 2014-06-30 14:43:28 -0700 | [diff] [blame] | 2656 | } |
| 2657 | } |
| 2658 | |
| 2659 | @Override |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2660 | public int getUidPolicy(int uid) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2661 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 2662 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2663 | synchronized (mUidRulesFirstLock) { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2664 | return mUidPolicy.get(uid, POLICY_NONE); |
Jeff Sharkey | a462079 | 2011-05-20 15:29:23 -0700 | [diff] [blame] | 2665 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 2666 | } |
| 2667 | |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 2668 | @Override |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2669 | public int[] getUidsWithPolicy(int policy) { |
Jeff Sharkey | 854b2b1 | 2012-04-13 16:03:40 -0700 | [diff] [blame] | 2670 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 2671 | |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2672 | int[] uids = new int[0]; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2673 | synchronized (mUidRulesFirstLock) { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2674 | for (int i = 0; i < mUidPolicy.size(); i++) { |
| 2675 | final int uid = mUidPolicy.keyAt(i); |
| 2676 | final int uidPolicy = mUidPolicy.valueAt(i); |
Felipe Leme | 6f51a0a | 2016-08-24 15:11:51 -0700 | [diff] [blame] | 2677 | if ((policy == POLICY_NONE && uidPolicy == POLICY_NONE) || |
| 2678 | (uidPolicy & policy) != 0) { |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2679 | uids = appendInt(uids, uid); |
Jeff Sharkey | 854b2b1 | 2012-04-13 16:03:40 -0700 | [diff] [blame] | 2680 | } |
| 2681 | } |
| 2682 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2683 | return uids; |
| 2684 | } |
| 2685 | |
| 2686 | /** |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 2687 | * Removes any persistable state associated with given {@link UserHandle}, persisting |
| 2688 | * if any changes that are made. |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2689 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2690 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2691 | boolean removeUserStateUL(int userId, boolean writePolicy) { |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 2692 | |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 2693 | mLogger.removingUserState(userId); |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 2694 | boolean changed = false; |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2695 | |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 2696 | // Remove entries from revoked default restricted background UID whitelist |
| 2697 | for (int i = mRestrictBackgroundWhitelistRevokedUids.size() - 1; i >= 0; i--) { |
| 2698 | final int uid = mRestrictBackgroundWhitelistRevokedUids.keyAt(i); |
| 2699 | if (UserHandle.getUserId(uid) == userId) { |
| 2700 | mRestrictBackgroundWhitelistRevokedUids.removeAt(i); |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 2701 | changed = true; |
Felipe Leme | a110eec | 2016-04-29 09:58:06 -0700 | [diff] [blame] | 2702 | } |
| 2703 | } |
| 2704 | |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 2705 | // Remove associated UID policies |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2706 | int[] uids = new int[0]; |
| 2707 | for (int i = 0; i < mUidPolicy.size(); i++) { |
| 2708 | final int uid = mUidPolicy.keyAt(i); |
| 2709 | if (UserHandle.getUserId(uid) == userId) { |
| 2710 | uids = appendInt(uids, uid); |
| 2711 | } |
| 2712 | } |
| 2713 | |
| 2714 | if (uids.length > 0) { |
| 2715 | for (int uid : uids) { |
| 2716 | mUidPolicy.delete(uid); |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2717 | } |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 2718 | changed = true; |
Fyodor Kupolov | a31c591 | 2016-01-22 11:26:09 -0800 | [diff] [blame] | 2719 | } |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2720 | synchronized (mNetworkPoliciesSecondLock) { |
| 2721 | updateRulesForGlobalChangeAL(true); |
| 2722 | if (writePolicy && changed) { |
| 2723 | writePolicyAL(); |
| 2724 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 2725 | } |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 2726 | return changed; |
Jeff Sharkey | 854b2b1 | 2012-04-13 16:03:40 -0700 | [diff] [blame] | 2727 | } |
| 2728 | |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 2729 | private boolean checkAnyPermissionOf(String... permissions) { |
| 2730 | for (String permission : permissions) { |
| 2731 | if (mContext.checkCallingOrSelfPermission(permission) == PERMISSION_GRANTED) { |
| 2732 | return true; |
| 2733 | } |
| 2734 | } |
| 2735 | return false; |
| 2736 | } |
| 2737 | |
| 2738 | private void enforceAnyPermissionOf(String... permissions) { |
| 2739 | if (!checkAnyPermissionOf(permissions)) { |
| 2740 | throw new SecurityException("Requires one of the following permissions: " |
| 2741 | + String.join(", ", permissions) + "."); |
| 2742 | } |
| 2743 | } |
| 2744 | |
Jeff Sharkey | 854b2b1 | 2012-04-13 16:03:40 -0700 | [diff] [blame] | 2745 | @Override |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 2746 | public void registerListener(INetworkPolicyListener listener) { |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 2747 | // TODO: Remove CONNECTIVITY_INTERNAL and the *AnyPermissionOf methods above after all apps |
| 2748 | // have declared OBSERVE_NETWORK_POLICY. |
| 2749 | enforceAnyPermissionOf(CONNECTIVITY_INTERNAL, OBSERVE_NETWORK_POLICY); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 2750 | mListeners.register(listener); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 2751 | } |
| 2752 | |
| 2753 | @Override |
| 2754 | public void unregisterListener(INetworkPolicyListener listener) { |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 2755 | // TODO: Remove CONNECTIVITY_INTERNAL and the *AnyPermissionOf methods above after all apps |
| 2756 | // have declared OBSERVE_NETWORK_POLICY. |
| 2757 | enforceAnyPermissionOf(CONNECTIVITY_INTERNAL, OBSERVE_NETWORK_POLICY); |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 2758 | mListeners.unregister(listener); |
| 2759 | } |
| 2760 | |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 2761 | @Override |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 2762 | public void setNetworkPolicies(NetworkPolicy[] policies) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2763 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 2764 | |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 2765 | final long token = Binder.clearCallingIdentity(); |
| 2766 | try { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2767 | synchronized (mUidRulesFirstLock) { |
| 2768 | synchronized (mNetworkPoliciesSecondLock) { |
| 2769 | normalizePoliciesNL(policies); |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2770 | handleNetworkPoliciesUpdateAL(false); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2771 | } |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 2772 | } |
| 2773 | } finally { |
| 2774 | Binder.restoreCallingIdentity(token); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2775 | } |
| 2776 | } |
| 2777 | |
Hugo Benichi | 446c9c9 | 2017-04-10 09:41:10 +0900 | [diff] [blame] | 2778 | void addNetworkPolicyAL(NetworkPolicy policy) { |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 2779 | NetworkPolicy[] policies = getNetworkPolicies(mContext.getOpPackageName()); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2780 | policies = ArrayUtils.appendElement(NetworkPolicy.class, policies, policy); |
| 2781 | setNetworkPolicies(policies); |
Jeff Sharkey | 9f6e4ba | 2012-04-19 23:01:08 -0700 | [diff] [blame] | 2782 | } |
| 2783 | |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2784 | @Override |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 2785 | public NetworkPolicy[] getNetworkPolicies(String callingPackage) { |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2786 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Amit Mahajan | 7c5befa | 2015-07-14 10:26:00 -0700 | [diff] [blame] | 2787 | try { |
Amit Mahajan | a9e72a7 | 2015-07-30 16:04:13 -0700 | [diff] [blame] | 2788 | mContext.enforceCallingOrSelfPermission(READ_PRIVILEGED_PHONE_STATE, TAG); |
| 2789 | // SKIP checking run-time OP_READ_PHONE_STATE since caller or self has PRIVILEGED |
| 2790 | // permission |
Amit Mahajan | 7c5befa | 2015-07-14 10:26:00 -0700 | [diff] [blame] | 2791 | } catch (SecurityException e) { |
| 2792 | mContext.enforceCallingOrSelfPermission(READ_PHONE_STATE, TAG); |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2793 | |
Amit Mahajan | 7c5befa | 2015-07-14 10:26:00 -0700 | [diff] [blame] | 2794 | if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(), |
| 2795 | callingPackage) != AppOpsManager.MODE_ALLOWED) { |
| 2796 | return new NetworkPolicy[0]; |
| 2797 | } |
Svet Ganov | 16a1689 | 2015-04-16 10:32:04 -0700 | [diff] [blame] | 2798 | } |
| 2799 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2800 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2801 | final int size = mNetworkPolicy.size(); |
| 2802 | final NetworkPolicy[] policies = new NetworkPolicy[size]; |
| 2803 | for (int i = 0; i < size; i++) { |
| 2804 | policies[i] = mNetworkPolicy.valueAt(i); |
| 2805 | } |
| 2806 | return policies; |
| 2807 | } |
| 2808 | } |
| 2809 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2810 | @GuardedBy("mNetworkPoliciesSecondLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2811 | private void normalizePoliciesNL() { |
| 2812 | normalizePoliciesNL(getNetworkPolicies(mContext.getOpPackageName())); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2813 | } |
| 2814 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2815 | @GuardedBy("mNetworkPoliciesSecondLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2816 | private void normalizePoliciesNL(NetworkPolicy[] policies) { |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2817 | mNetworkPolicy.clear(); |
| 2818 | for (NetworkPolicy policy : policies) { |
Annie Meng | 20b4d84 | 2018-05-18 15:00:49 +0100 | [diff] [blame] | 2819 | if (policy == null) { |
| 2820 | continue; |
| 2821 | } |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2822 | // When two normalized templates conflict, prefer the most |
| 2823 | // restrictive policy |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 2824 | policy.template = NetworkTemplate.normalize(policy.template, mMergedSubscriberIds); |
Jeff Sharkey | 3256601 | 2014-12-02 18:30:14 -0800 | [diff] [blame] | 2825 | final NetworkPolicy existing = mNetworkPolicy.get(policy.template); |
| 2826 | if (existing == null || existing.compareTo(policy) > 0) { |
| 2827 | if (existing != null) { |
| 2828 | Slog.d(TAG, "Normalization replaced " + existing + " with " + policy); |
| 2829 | } |
| 2830 | mNetworkPolicy.put(policy.template, policy); |
| 2831 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2832 | } |
| 2833 | } |
| 2834 | |
| 2835 | @Override |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 2836 | public void snoozeLimit(NetworkTemplate template) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2837 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Jeff Sharkey | 6c0b4f3 | 2012-06-12 21:06:30 -0700 | [diff] [blame] | 2838 | |
| 2839 | final long token = Binder.clearCallingIdentity(); |
| 2840 | try { |
| 2841 | performSnooze(template, TYPE_LIMIT); |
| 2842 | } finally { |
| 2843 | Binder.restoreCallingIdentity(token); |
| 2844 | } |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 2845 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2846 | |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 2847 | void performSnooze(NetworkTemplate template, int type) { |
Jeff Sharkey | 9911a28 | 2018-02-14 22:29:11 -0700 | [diff] [blame] | 2848 | final long currentTime = mClock.millis(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2849 | synchronized (mUidRulesFirstLock) { |
| 2850 | synchronized (mNetworkPoliciesSecondLock) { |
| 2851 | // find and snooze local policy that matches |
| 2852 | final NetworkPolicy policy = mNetworkPolicy.get(template); |
| 2853 | if (policy == null) { |
| 2854 | throw new IllegalArgumentException("unable to find policy for " + template); |
| 2855 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2856 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2857 | switch (type) { |
| 2858 | case TYPE_WARNING: |
| 2859 | policy.lastWarningSnooze = currentTime; |
| 2860 | break; |
| 2861 | case TYPE_LIMIT: |
| 2862 | policy.lastLimitSnooze = currentTime; |
| 2863 | break; |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 2864 | case TYPE_RAPID: |
| 2865 | policy.lastRapidSnooze = currentTime; |
| 2866 | break; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2867 | default: |
| 2868 | throw new IllegalArgumentException("unexpected type"); |
| 2869 | } |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 2870 | |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 2871 | handleNetworkPoliciesUpdateAL(true); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2872 | } |
Jeff Sharkey | 21c9c45 | 2011-06-07 12:26:43 -0700 | [diff] [blame] | 2873 | } |
| 2874 | } |
| 2875 | |
| 2876 | @Override |
Felipe Leme | 70c8b9b | 2016-04-25 14:41:31 -0700 | [diff] [blame] | 2877 | public void onTetheringChanged(String iface, boolean tethering) { |
| 2878 | // No need to enforce permission because setRestrictBackground() will do it. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2879 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | 70c8b9b | 2016-04-25 14:41:31 -0700 | [diff] [blame] | 2880 | if (mRestrictBackground && tethering) { |
| 2881 | Log.d(TAG, "Tethering on (" + iface +"); disable Data Saver"); |
| 2882 | setRestrictBackground(false); |
| 2883 | } |
| 2884 | } |
| 2885 | } |
| 2886 | |
| 2887 | @Override |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2888 | public void setRestrictBackground(boolean restrictBackground) { |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 2889 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "setRestrictBackground"); |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 2890 | try { |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 2891 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 2892 | final long token = Binder.clearCallingIdentity(); |
| 2893 | try { |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 2894 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 2895 | setRestrictBackgroundUL(restrictBackground); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2896 | } |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 2897 | } finally { |
| 2898 | Binder.restoreCallingIdentity(token); |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 2899 | } |
Felipe Leme | 6a05eee | 2016-02-19 14:43:51 -0800 | [diff] [blame] | 2900 | } finally { |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 2901 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2902 | } |
| 2903 | } |
| 2904 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 2905 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2906 | private void setRestrictBackgroundUL(boolean restrictBackground) { |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 2907 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "setRestrictBackgroundUL"); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2908 | try { |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 2909 | if (restrictBackground == mRestrictBackground) { |
| 2910 | // Ideally, UI should never allow this scenario... |
| 2911 | Slog.w(TAG, "setRestrictBackgroundUL: already " + restrictBackground); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2912 | return; |
| 2913 | } |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 2914 | Slog.d(TAG, "setRestrictBackgroundUL(): " + restrictBackground); |
| 2915 | final boolean oldRestrictBackground = mRestrictBackground; |
| 2916 | mRestrictBackground = restrictBackground; |
| 2917 | // Must whitelist foreground apps before turning data saver mode on. |
| 2918 | // TODO: there is no need to iterate through all apps here, just those in the foreground, |
| 2919 | // so it could call AM to get the UIDs of such apps, and iterate through them instead. |
| 2920 | updateRulesForRestrictBackgroundUL(); |
| 2921 | try { |
| 2922 | if (!mNetworkManager.setDataSaverModeEnabled(mRestrictBackground)) { |
| 2923 | Slog.e(TAG, |
| 2924 | "Could not change Data Saver Mode on NMS to " + mRestrictBackground); |
| 2925 | mRestrictBackground = oldRestrictBackground; |
| 2926 | // TODO: if it knew the foreground apps (see TODO above), it could call |
| 2927 | // updateRulesForRestrictBackgroundUL() again to restore state. |
| 2928 | return; |
| 2929 | } |
| 2930 | } catch (RemoteException e) { |
| 2931 | // ignored; service lives in system_server |
| 2932 | } |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 2933 | |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 2934 | sendRestrictBackgroundChangedMsg(); |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 2935 | mLogger.restrictBackgroundChanged(oldRestrictBackground, mRestrictBackground); |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 2936 | |
Kweku Adams | 25fa3a7 | 2019-07-12 17:00:17 -0700 | [diff] [blame] | 2937 | if (mRestrictBackgroundLowPowerMode) { |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 2938 | mRestrictBackgroundChangedInBsm = true; |
| 2939 | } |
| 2940 | synchronized (mNetworkPoliciesSecondLock) { |
| 2941 | updateNotificationsNL(); |
| 2942 | writePolicyAL(); |
| 2943 | } |
| 2944 | } finally { |
| 2945 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 2946 | } |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 2947 | } |
| 2948 | |
| 2949 | private void sendRestrictBackgroundChangedMsg() { |
| 2950 | mHandler.removeMessages(MSG_RESTRICT_BACKGROUND_CHANGED); |
| 2951 | mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_CHANGED, mRestrictBackground ? 1 : 0, 0) |
| 2952 | .sendToTarget(); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 2953 | } |
| 2954 | |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 2955 | @Override |
Felipe Leme | 1b10323 | 2016-01-22 09:44:57 -0800 | [diff] [blame] | 2956 | public int getRestrictBackgroundByCaller() { |
| 2957 | mContext.enforceCallingOrSelfPermission(ACCESS_NETWORK_STATE, TAG); |
| 2958 | final int uid = Binder.getCallingUid(); |
Felipe Leme | 923845f | 2016-03-02 13:42:48 -0800 | [diff] [blame] | 2959 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2960 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | 923845f | 2016-03-02 13:42:48 -0800 | [diff] [blame] | 2961 | // Must clear identity because getUidPolicy() is restricted to system. |
| 2962 | final long token = Binder.clearCallingIdentity(); |
| 2963 | final int policy; |
| 2964 | try { |
| 2965 | policy = getUidPolicy(uid); |
| 2966 | } finally { |
| 2967 | Binder.restoreCallingIdentity(token); |
| 2968 | } |
| 2969 | if (policy == POLICY_REJECT_METERED_BACKGROUND) { |
| 2970 | // App is blacklisted. |
| 2971 | return RESTRICT_BACKGROUND_STATUS_ENABLED; |
| 2972 | } |
Felipe Leme | 1b10323 | 2016-01-22 09:44:57 -0800 | [diff] [blame] | 2973 | if (!mRestrictBackground) { |
| 2974 | return RESTRICT_BACKGROUND_STATUS_DISABLED; |
| 2975 | } |
Felipe Leme | 46b451f | 2016-08-19 08:46:17 -0700 | [diff] [blame] | 2976 | return (mUidPolicy.get(uid) & POLICY_ALLOW_METERED_BACKGROUND) != 0 |
Felipe Leme | 1b10323 | 2016-01-22 09:44:57 -0800 | [diff] [blame] | 2977 | ? RESTRICT_BACKGROUND_STATUS_WHITELISTED |
| 2978 | : RESTRICT_BACKGROUND_STATUS_ENABLED; |
| 2979 | } |
| 2980 | } |
| 2981 | |
| 2982 | @Override |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2983 | public boolean getRestrictBackground() { |
| 2984 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 2985 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 2986 | synchronized (mUidRulesFirstLock) { |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 2987 | return mRestrictBackground; |
| 2988 | } |
| 2989 | } |
| 2990 | |
Dianne Hackborn | 8ad2af7 | 2015-03-17 17:00:24 -0700 | [diff] [blame] | 2991 | @Override |
| 2992 | public void setDeviceIdleMode(boolean enabled) { |
| 2993 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 2994 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "setDeviceIdleMode"); |
| 2995 | try { |
| 2996 | synchronized (mUidRulesFirstLock) { |
Felipe Leme | ea01439 | 2016-09-06 13:59:54 -0700 | [diff] [blame] | 2997 | if (mDeviceIdleMode == enabled) { |
| 2998 | return; |
Dianne Hackborn | 8ad2af7 | 2015-03-17 17:00:24 -0700 | [diff] [blame] | 2999 | } |
Felipe Leme | ea01439 | 2016-09-06 13:59:54 -0700 | [diff] [blame] | 3000 | mDeviceIdleMode = enabled; |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 3001 | mLogger.deviceIdleModeEnabled(enabled); |
Felipe Leme | ea01439 | 2016-09-06 13:59:54 -0700 | [diff] [blame] | 3002 | if (mSystemReady) { |
| 3003 | // Device idle change means we need to rebuild rules for all |
| 3004 | // known apps, so do a global refresh. |
| 3005 | updateRulesForRestrictPowerUL(); |
| 3006 | } |
| 3007 | } |
| 3008 | if (enabled) { |
| 3009 | EventLogTags.writeDeviceIdleOnPhase("net"); |
| 3010 | } else { |
| 3011 | EventLogTags.writeDeviceIdleOffPhase("net"); |
Dianne Hackborn | 8ad2af7 | 2015-03-17 17:00:24 -0700 | [diff] [blame] | 3012 | } |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3013 | } finally { |
| 3014 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Dianne Hackborn | 8ad2af7 | 2015-03-17 17:00:24 -0700 | [diff] [blame] | 3015 | } |
| 3016 | } |
| 3017 | |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 3018 | @Override |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 3019 | public void setWifiMeteredOverride(String networkId, int meteredOverride) { |
| 3020 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 3021 | final long token = Binder.clearCallingIdentity(); |
| 3022 | try { |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 3023 | final WifiManager wm = mContext.getSystemService(WifiManager.class); |
| 3024 | final List<WifiConfiguration> configs = wm.getConfiguredNetworks(); |
| 3025 | for (WifiConfiguration config : configs) { |
| 3026 | if (Objects.equals(resolveNetworkId(config), networkId)) { |
| 3027 | config.meteredOverride = meteredOverride; |
| 3028 | wm.updateNetwork(config); |
| 3029 | } |
| 3030 | } |
Jeff Sharkey | f0ceede | 2011-08-02 17:22:34 -0700 | [diff] [blame] | 3031 | } finally { |
| 3032 | Binder.restoreCallingIdentity(token); |
| 3033 | } |
| 3034 | } |
| 3035 | |
Jeff Sharkey | 4664500 | 2011-07-27 21:11:21 -0700 | [diff] [blame] | 3036 | @Override |
Jeff Sharkey | 43d2a17 | 2017-07-12 10:50:42 -0600 | [diff] [blame] | 3037 | @Deprecated |
| 3038 | public NetworkQuotaInfo getNetworkQuotaInfo(NetworkState state) { |
| 3039 | Log.w(TAG, "Shame on UID " + Binder.getCallingUid() |
| 3040 | + " for calling the hidden API getNetworkQuotaInfo(). Shame!"); |
| 3041 | return new NetworkQuotaInfo(); |
Jeff Sharkey | 9f7cbf0 | 2012-04-12 18:34:54 -0700 | [diff] [blame] | 3042 | } |
| 3043 | |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3044 | private void enforceSubscriptionPlanAccess(int subId, int callingUid, String callingPackage) { |
| 3045 | // Verify they're not lying about package name |
| 3046 | mAppOps.checkPackage(callingUid, callingPackage); |
| 3047 | |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3048 | final SubscriptionInfo si; |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 3049 | final PersistableBundle config; |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3050 | final long token = Binder.clearCallingIdentity(); |
| 3051 | try { |
| 3052 | si = mContext.getSystemService(SubscriptionManager.class) |
| 3053 | .getActiveSubscriptionInfo(subId); |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 3054 | config = mCarrierConfigManager.getConfigForSubId(subId); |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3055 | } finally { |
| 3056 | Binder.restoreCallingIdentity(token); |
| 3057 | } |
| 3058 | |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 3059 | // First check: is caller the CarrierService? |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 3060 | if (si != null) { |
| 3061 | if (si.isEmbedded() && si.canManageSubscription(mContext, callingPackage)) { |
| 3062 | return; |
| 3063 | } |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3064 | } |
| 3065 | |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 3066 | // Second check: has the CarrierService delegated access? |
| 3067 | if (config != null) { |
| 3068 | final String overridePackage = config |
| 3069 | .getString(CarrierConfigManager.KEY_CONFIG_PLANS_PACKAGE_OVERRIDE_STRING, null); |
| 3070 | if (!TextUtils.isEmpty(overridePackage) |
| 3071 | && Objects.equals(overridePackage, callingPackage)) { |
| 3072 | return; |
| 3073 | } |
| 3074 | } |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3075 | |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 3076 | // Third check: is caller the fallback/default CarrierService? |
| 3077 | final String defaultPackage = mCarrierConfigManager.getDefaultCarrierServicePackageName(); |
| 3078 | if (!TextUtils.isEmpty(defaultPackage) |
| 3079 | && Objects.equals(defaultPackage, callingPackage)) { |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3080 | return; |
| 3081 | } |
| 3082 | |
Jeff Sharkey | 003d3e6 | 2018-03-30 14:35:04 -0600 | [diff] [blame] | 3083 | // Fourth check: is caller a testing app? |
| 3084 | final String testPackage = SystemProperties.get(PROP_SUB_PLAN_OWNER + "." + subId, null); |
| 3085 | if (!TextUtils.isEmpty(testPackage) |
| 3086 | && Objects.equals(testPackage, callingPackage)) { |
| 3087 | return; |
| 3088 | } |
| 3089 | |
| 3090 | // Fifth check: is caller a legacy testing app? |
| 3091 | final String legacyTestPackage = SystemProperties.get("fw.sub_plan_owner." + subId, null); |
| 3092 | if (!TextUtils.isEmpty(legacyTestPackage) |
| 3093 | && Objects.equals(legacyTestPackage, callingPackage)) { |
Jeff Sharkey | a7f5046 | 2018-02-14 14:26:10 -0700 | [diff] [blame] | 3094 | return; |
| 3095 | } |
| 3096 | |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 3097 | // Final check: does the caller hold a permission? |
| 3098 | mContext.enforceCallingOrSelfPermission(MANAGE_SUBSCRIPTION_PLANS, TAG); |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3099 | } |
| 3100 | |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 3101 | private void enforceSubscriptionPlanValidity(SubscriptionPlan[] plans) { |
| 3102 | // nothing to check if no plans |
| 3103 | if (plans.length == 0) { |
| 3104 | return; |
| 3105 | } |
| 3106 | |
| 3107 | long applicableNetworkTypes = 0; |
| 3108 | boolean allNetworks = false; |
| 3109 | for (SubscriptionPlan plan : plans) { |
| 3110 | if (plan.getNetworkTypes() == null) { |
| 3111 | allNetworks = true; |
| 3112 | } else { |
| 3113 | if ((applicableNetworkTypes & plan.getNetworkTypesBitMask()) != 0) { |
| 3114 | throw new IllegalArgumentException( |
| 3115 | "Multiple subscription plans defined for a single network type."); |
| 3116 | } else { |
| 3117 | applicableNetworkTypes |= plan.getNetworkTypesBitMask(); |
| 3118 | } |
| 3119 | } |
| 3120 | } |
| 3121 | |
| 3122 | // ensure at least one plan applies for every network type |
| 3123 | if (!allNetworks) { |
| 3124 | throw new IllegalArgumentException( |
| 3125 | "No generic subscription plan that applies to all network types."); |
| 3126 | } |
| 3127 | } |
| 3128 | |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3129 | @Override |
| 3130 | public SubscriptionPlan[] getSubscriptionPlans(int subId, String callingPackage) { |
| 3131 | enforceSubscriptionPlanAccess(subId, Binder.getCallingUid(), callingPackage); |
| 3132 | |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3133 | final String fake = SystemProperties.get("fw.fake_plan"); |
| 3134 | if (!TextUtils.isEmpty(fake)) { |
| 3135 | final List<SubscriptionPlan> plans = new ArrayList<>(); |
| 3136 | if ("month_hard".equals(fake)) { |
| 3137 | plans.add(SubscriptionPlan.Builder |
| 3138 | .createRecurringMonthly(ZonedDateTime.parse("2007-03-14T00:00:00.000Z")) |
| 3139 | .setTitle("G-Mobile") |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3140 | .setDataLimit(5 * TrafficStats.GB_IN_BYTES, |
| 3141 | SubscriptionPlan.LIMIT_BEHAVIOR_BILLED) |
| 3142 | .setDataUsage(1 * TrafficStats.GB_IN_BYTES, |
| 3143 | ZonedDateTime.now().minusHours(36).toInstant().toEpochMilli()) |
| 3144 | .build()); |
Rajeev Kumar | 4701beb | 2017-07-26 17:03:45 -0700 | [diff] [blame] | 3145 | plans.add(SubscriptionPlan.Builder |
| 3146 | .createRecurringMonthly(ZonedDateTime.parse("2017-03-14T00:00:00.000Z")) |
| 3147 | .setTitle("G-Mobile Happy") |
| 3148 | .setDataLimit(SubscriptionPlan.BYTES_UNLIMITED, |
| 3149 | SubscriptionPlan.LIMIT_BEHAVIOR_BILLED) |
| 3150 | .setDataUsage(5 * TrafficStats.GB_IN_BYTES, |
| 3151 | ZonedDateTime.now().minusHours(36).toInstant().toEpochMilli()) |
| 3152 | .build()); |
| 3153 | plans.add(SubscriptionPlan.Builder |
| 3154 | .createRecurringMonthly(ZonedDateTime.parse("2017-03-14T00:00:00.000Z")) |
| 3155 | .setTitle("G-Mobile, Charged after limit") |
| 3156 | .setDataLimit(5 * TrafficStats.GB_IN_BYTES, |
| 3157 | SubscriptionPlan.LIMIT_BEHAVIOR_BILLED) |
| 3158 | .setDataUsage(5 * TrafficStats.GB_IN_BYTES, |
| 3159 | ZonedDateTime.now().minusHours(36).toInstant().toEpochMilli()) |
| 3160 | .build()); |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3161 | } else if ("month_soft".equals(fake)) { |
| 3162 | plans.add(SubscriptionPlan.Builder |
| 3163 | .createRecurringMonthly(ZonedDateTime.parse("2007-03-14T00:00:00.000Z")) |
| 3164 | .setTitle("G-Mobile is the carriers name who this plan belongs to") |
| 3165 | .setSummary("Crazy unlimited bandwidth plan with incredibly long title " |
| 3166 | + "that should be cut off to prevent UI from looking terrible") |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3167 | .setDataLimit(5 * TrafficStats.GB_IN_BYTES, |
| 3168 | SubscriptionPlan.LIMIT_BEHAVIOR_THROTTLED) |
| 3169 | .setDataUsage(1 * TrafficStats.GB_IN_BYTES, |
| 3170 | ZonedDateTime.now().minusHours(1).toInstant().toEpochMilli()) |
| 3171 | .build()); |
Rajeev Kumar | 4701beb | 2017-07-26 17:03:45 -0700 | [diff] [blame] | 3172 | plans.add(SubscriptionPlan.Builder |
| 3173 | .createRecurringMonthly(ZonedDateTime.parse("2017-03-14T00:00:00.000Z")) |
| 3174 | .setTitle("G-Mobile, Throttled after limit") |
| 3175 | .setDataLimit(5 * TrafficStats.GB_IN_BYTES, |
| 3176 | SubscriptionPlan.LIMIT_BEHAVIOR_THROTTLED) |
| 3177 | .setDataUsage(5 * TrafficStats.GB_IN_BYTES, |
| 3178 | ZonedDateTime.now().minusHours(1).toInstant().toEpochMilli()) |
| 3179 | .build()); |
| 3180 | plans.add(SubscriptionPlan.Builder |
| 3181 | .createRecurringMonthly(ZonedDateTime.parse("2017-03-14T00:00:00.000Z")) |
| 3182 | .setTitle("G-Mobile, No data connection after limit") |
| 3183 | .setDataLimit(5 * TrafficStats.GB_IN_BYTES, |
| 3184 | SubscriptionPlan.LIMIT_BEHAVIOR_DISABLED) |
| 3185 | .setDataUsage(5 * TrafficStats.GB_IN_BYTES, |
| 3186 | ZonedDateTime.now().minusHours(1).toInstant().toEpochMilli()) |
| 3187 | .build()); |
| 3188 | |
Sundeep Ghuman | 09e0f57 | 2018-03-14 23:20:23 -0700 | [diff] [blame] | 3189 | } else if ("month_over".equals(fake)) { |
| 3190 | plans.add(SubscriptionPlan.Builder |
| 3191 | .createRecurringMonthly(ZonedDateTime.parse("2007-03-14T00:00:00.000Z")) |
| 3192 | .setTitle("G-Mobile is the carriers name who this plan belongs to") |
| 3193 | .setDataLimit(5 * TrafficStats.GB_IN_BYTES, |
| 3194 | SubscriptionPlan.LIMIT_BEHAVIOR_THROTTLED) |
| 3195 | .setDataUsage(6 * TrafficStats.GB_IN_BYTES, |
| 3196 | ZonedDateTime.now().minusHours(1).toInstant().toEpochMilli()) |
| 3197 | .build()); |
| 3198 | plans.add(SubscriptionPlan.Builder |
| 3199 | .createRecurringMonthly(ZonedDateTime.parse("2017-03-14T00:00:00.000Z")) |
| 3200 | .setTitle("G-Mobile, Throttled after limit") |
| 3201 | .setDataLimit(5 * TrafficStats.GB_IN_BYTES, |
| 3202 | SubscriptionPlan.LIMIT_BEHAVIOR_THROTTLED) |
| 3203 | .setDataUsage(5 * TrafficStats.GB_IN_BYTES, |
| 3204 | ZonedDateTime.now().minusHours(1).toInstant().toEpochMilli()) |
| 3205 | .build()); |
| 3206 | plans.add(SubscriptionPlan.Builder |
| 3207 | .createRecurringMonthly(ZonedDateTime.parse("2017-03-14T00:00:00.000Z")) |
| 3208 | .setTitle("G-Mobile, No data connection after limit") |
| 3209 | .setDataLimit(5 * TrafficStats.GB_IN_BYTES, |
| 3210 | SubscriptionPlan.LIMIT_BEHAVIOR_DISABLED) |
| 3211 | .setDataUsage(5 * TrafficStats.GB_IN_BYTES, |
| 3212 | ZonedDateTime.now().minusHours(1).toInstant().toEpochMilli()) |
| 3213 | .build()); |
| 3214 | |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3215 | } else if ("month_none".equals(fake)) { |
| 3216 | plans.add(SubscriptionPlan.Builder |
| 3217 | .createRecurringMonthly(ZonedDateTime.parse("2007-03-14T00:00:00.000Z")) |
| 3218 | .setTitle("G-Mobile") |
| 3219 | .build()); |
| 3220 | } else if ("prepaid".equals(fake)) { |
| 3221 | plans.add(SubscriptionPlan.Builder |
| 3222 | .createNonrecurring(ZonedDateTime.now().minusDays(20), |
| 3223 | ZonedDateTime.now().plusDays(10)) |
| 3224 | .setTitle("G-Mobile") |
| 3225 | .setDataLimit(512 * TrafficStats.MB_IN_BYTES, |
| 3226 | SubscriptionPlan.LIMIT_BEHAVIOR_DISABLED) |
| 3227 | .setDataUsage(100 * TrafficStats.MB_IN_BYTES, |
| 3228 | ZonedDateTime.now().minusHours(3).toInstant().toEpochMilli()) |
| 3229 | .build()); |
| 3230 | } else if ("prepaid_crazy".equals(fake)) { |
| 3231 | plans.add(SubscriptionPlan.Builder |
| 3232 | .createNonrecurring(ZonedDateTime.now().minusDays(20), |
| 3233 | ZonedDateTime.now().plusDays(10)) |
| 3234 | .setTitle("G-Mobile Anytime") |
| 3235 | .setDataLimit(512 * TrafficStats.MB_IN_BYTES, |
| 3236 | SubscriptionPlan.LIMIT_BEHAVIOR_DISABLED) |
| 3237 | .setDataUsage(100 * TrafficStats.MB_IN_BYTES, |
| 3238 | ZonedDateTime.now().minusHours(3).toInstant().toEpochMilli()) |
| 3239 | .build()); |
| 3240 | plans.add(SubscriptionPlan.Builder |
| 3241 | .createNonrecurring(ZonedDateTime.now().minusDays(10), |
| 3242 | ZonedDateTime.now().plusDays(20)) |
| 3243 | .setTitle("G-Mobile Nickel Nights") |
| 3244 | .setSummary("5¢/GB between 1-5AM") |
Rajeev Kumar | 4701beb | 2017-07-26 17:03:45 -0700 | [diff] [blame] | 3245 | .setDataLimit(5 * TrafficStats.GB_IN_BYTES, |
| 3246 | SubscriptionPlan.LIMIT_BEHAVIOR_THROTTLED) |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3247 | .setDataUsage(15 * TrafficStats.MB_IN_BYTES, |
| 3248 | ZonedDateTime.now().minusHours(30).toInstant().toEpochMilli()) |
| 3249 | .build()); |
| 3250 | plans.add(SubscriptionPlan.Builder |
| 3251 | .createNonrecurring(ZonedDateTime.now().minusDays(10), |
| 3252 | ZonedDateTime.now().plusDays(20)) |
| 3253 | .setTitle("G-Mobile Bonus 3G") |
| 3254 | .setSummary("Unlimited 3G data") |
Rajeev Kumar | 4701beb | 2017-07-26 17:03:45 -0700 | [diff] [blame] | 3255 | .setDataLimit(1 * TrafficStats.GB_IN_BYTES, |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3256 | SubscriptionPlan.LIMIT_BEHAVIOR_THROTTLED) |
| 3257 | .setDataUsage(300 * TrafficStats.MB_IN_BYTES, |
| 3258 | ZonedDateTime.now().minusHours(1).toInstant().toEpochMilli()) |
| 3259 | .build()); |
Rajeev Kumar | 4701beb | 2017-07-26 17:03:45 -0700 | [diff] [blame] | 3260 | } else if ("unlimited".equals(fake)) { |
| 3261 | plans.add(SubscriptionPlan.Builder |
| 3262 | .createNonrecurring(ZonedDateTime.now().minusDays(20), |
| 3263 | ZonedDateTime.now().plusDays(10)) |
| 3264 | .setTitle("G-Mobile Awesome") |
| 3265 | .setDataLimit(SubscriptionPlan.BYTES_UNLIMITED, |
| 3266 | SubscriptionPlan.LIMIT_BEHAVIOR_THROTTLED) |
| 3267 | .setDataUsage(50 * TrafficStats.MB_IN_BYTES, |
| 3268 | ZonedDateTime.now().minusHours(3).toInstant().toEpochMilli()) |
| 3269 | .build()); |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3270 | } |
| 3271 | return plans.toArray(new SubscriptionPlan[plans.size()]); |
| 3272 | } |
| 3273 | |
Jeff Sharkey | 4635f10 | 2017-09-01 11:27:13 -0600 | [diff] [blame] | 3274 | synchronized (mNetworkPoliciesSecondLock) { |
| 3275 | // Only give out plan details to the package that defined them, |
| 3276 | // so that we don't risk leaking plans between apps. We always |
| 3277 | // let in core system components (like the Settings app). |
| 3278 | final String ownerPackage = mSubscriptionPlansOwner.get(subId); |
| 3279 | if (Objects.equals(ownerPackage, callingPackage) |
| 3280 | || (UserHandle.getCallingAppId() == android.os.Process.SYSTEM_UID)) { |
| 3281 | return mSubscriptionPlans.get(subId); |
| 3282 | } else { |
| 3283 | Log.w(TAG, "Not returning plans because caller " + callingPackage |
| 3284 | + " doesn't match owner " + ownerPackage); |
| 3285 | return null; |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3286 | } |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3287 | } |
| 3288 | } |
| 3289 | |
| 3290 | @Override |
| 3291 | public void setSubscriptionPlans(int subId, SubscriptionPlan[] plans, String callingPackage) { |
| 3292 | enforceSubscriptionPlanAccess(subId, Binder.getCallingUid(), callingPackage); |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 3293 | enforceSubscriptionPlanValidity(plans); |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3294 | |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 3295 | for (SubscriptionPlan plan : plans) { |
| 3296 | Preconditions.checkNotNull(plan); |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3297 | } |
| 3298 | |
| 3299 | final long token = Binder.clearCallingIdentity(); |
| 3300 | try { |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 3301 | synchronized (mUidRulesFirstLock) { |
| 3302 | synchronized (mNetworkPoliciesSecondLock) { |
| 3303 | mSubscriptionPlans.put(subId, plans); |
Jeff Sharkey | b7479988 | 2017-07-28 16:55:41 -0600 | [diff] [blame] | 3304 | mSubscriptionPlansOwner.put(subId, callingPackage); |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 3305 | |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 3306 | final String subscriberId = mSubIdToSubscriberId.get(subId, null); |
| 3307 | if (subscriberId != null) { |
| 3308 | ensureActiveMobilePolicyAL(subId, subscriberId); |
| 3309 | maybeUpdateMobilePolicyCycleAL(subId, subscriberId); |
| 3310 | } else { |
| 3311 | Slog.wtf(TAG, "Missing subscriberId for subId " + subId); |
| 3312 | } |
| 3313 | |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 3314 | handleNetworkPoliciesUpdateAL(true); |
Jeff Sharkey | 17bebd2 | 2017-07-19 21:00:38 -0600 | [diff] [blame] | 3315 | } |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3316 | } |
Jeff Sharkey | e92ed6f | 2018-01-10 20:47:42 -0700 | [diff] [blame] | 3317 | |
| 3318 | final Intent intent = new Intent(SubscriptionManager.ACTION_SUBSCRIPTION_PLANS_CHANGED); |
| 3319 | intent.addFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); |
| 3320 | intent.putExtra(SubscriptionManager.EXTRA_SUBSCRIPTION_INDEX, subId); |
| 3321 | mContext.sendBroadcast(intent, android.Manifest.permission.MANAGE_SUBSCRIPTION_PLANS); |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 3322 | mHandler.sendMessage( |
| 3323 | mHandler.obtainMessage(MSG_SUBSCRIPTION_PLANS_CHANGED, subId, 0, plans)); |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3324 | } finally { |
| 3325 | Binder.restoreCallingIdentity(token); |
| 3326 | } |
| 3327 | } |
| 3328 | |
Jeff Sharkey | 003d3e6 | 2018-03-30 14:35:04 -0600 | [diff] [blame] | 3329 | /** |
| 3330 | * Only visible for testing purposes. This doesn't give any access to |
| 3331 | * existing plans; it simply lets the debug package define new plans. |
| 3332 | */ |
| 3333 | void setSubscriptionPlansOwner(int subId, String packageName) { |
| 3334 | SystemProperties.set(PROP_SUB_PLAN_OWNER + "." + subId, packageName); |
| 3335 | } |
| 3336 | |
Jeff Sharkey | 53313d7 | 2017-07-13 16:47:32 -0600 | [diff] [blame] | 3337 | @Override |
Jeff Sharkey | 717f52f | 2018-01-04 16:04:11 -0700 | [diff] [blame] | 3338 | public String getSubscriptionPlansOwner(int subId) { |
| 3339 | if (UserHandle.getCallingAppId() != android.os.Process.SYSTEM_UID) { |
| 3340 | throw new SecurityException(); |
| 3341 | } |
| 3342 | |
| 3343 | synchronized (mNetworkPoliciesSecondLock) { |
| 3344 | return mSubscriptionPlansOwner.get(subId); |
| 3345 | } |
| 3346 | } |
| 3347 | |
| 3348 | @Override |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 3349 | public void setSubscriptionOverride(int subId, int overrideMask, int overrideValue, |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 3350 | long timeoutMillis, String callingPackage) { |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 3351 | enforceSubscriptionPlanAccess(subId, Binder.getCallingUid(), callingPackage); |
| 3352 | |
| 3353 | // We can only override when carrier told us about plans |
| 3354 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 3355 | final SubscriptionPlan plan = getPrimarySubscriptionPlanLocked(subId); |
| 3356 | if (plan == null |
| 3357 | || plan.getDataLimitBehavior() == SubscriptionPlan.LIMIT_BEHAVIOR_UNKNOWN) { |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 3358 | throw new IllegalStateException( |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 3359 | "Must provide valid SubscriptionPlan to enable overriding"); |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 3360 | } |
| 3361 | } |
| 3362 | |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 3363 | // Only allow overrides when feature is enabled. However, we always |
| 3364 | // allow disabling of overrides for safety reasons. |
| 3365 | final boolean overrideEnabled = Settings.Global.getInt(mContext.getContentResolver(), |
| 3366 | NETPOLICY_OVERRIDE_ENABLED, 1) != 0; |
| 3367 | if (overrideEnabled || overrideValue == 0) { |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 3368 | mHandler.sendMessage(mHandler.obtainMessage(MSG_SUBSCRIPTION_OVERRIDE, |
| 3369 | overrideMask, overrideValue, subId)); |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 3370 | if (timeoutMillis > 0) { |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 3371 | mHandler.sendMessageDelayed(mHandler.obtainMessage(MSG_SUBSCRIPTION_OVERRIDE, |
| 3372 | overrideMask, 0, subId), timeoutMillis); |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 3373 | } |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 3374 | } |
| 3375 | } |
| 3376 | |
| 3377 | @Override |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 3378 | protected void dump(FileDescriptor fd, PrintWriter writer, String[] args) { |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 3379 | if (!DumpUtils.checkDumpPermission(mContext, TAG, writer)) return; |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 3380 | |
Jeff Sharkey | 8fc27e8 | 2012-04-04 20:40:58 -0700 | [diff] [blame] | 3381 | final IndentingPrintWriter fout = new IndentingPrintWriter(writer, " "); |
| 3382 | |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 3383 | final ArraySet<String> argSet = new ArraySet<String>(args.length); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 3384 | for (String arg : args) { |
| 3385 | argSet.add(arg); |
| 3386 | } |
| 3387 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3388 | synchronized (mUidRulesFirstLock) { |
| 3389 | synchronized (mNetworkPoliciesSecondLock) { |
| 3390 | if (argSet.contains("--unsnooze")) { |
| 3391 | for (int i = mNetworkPolicy.size()-1; i >= 0; i--) { |
| 3392 | mNetworkPolicy.valueAt(i).clearSnooze(); |
| 3393 | } |
| 3394 | |
Ammar Aijazi | 6ce48e2 | 2017-03-28 15:43:22 -0700 | [diff] [blame] | 3395 | handleNetworkPoliciesUpdateAL(true); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3396 | |
| 3397 | fout.println("Cleared snooze timestamps"); |
| 3398 | return; |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 3399 | } |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 3400 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3401 | fout.print("System ready: "); fout.println(mSystemReady); |
| 3402 | fout.print("Restrict background: "); fout.println(mRestrictBackground); |
| 3403 | fout.print("Restrict power: "); fout.println(mRestrictPower); |
| 3404 | fout.print("Device idle: "); fout.println(mDeviceIdleMode); |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 3405 | fout.print("Metered ifaces: "); fout.println(String.valueOf(mMeteredIfaces)); |
| 3406 | |
| 3407 | fout.println(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3408 | fout.println("Network policies:"); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3409 | fout.increaseIndent(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3410 | for (int i = 0; i < mNetworkPolicy.size(); i++) { |
| 3411 | fout.println(mNetworkPolicy.valueAt(i).toString()); |
| 3412 | } |
| 3413 | fout.decreaseIndent(); |
| 3414 | |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 3415 | fout.println(); |
| 3416 | fout.println("Subscription plans:"); |
| 3417 | fout.increaseIndent(); |
| 3418 | for (int i = 0; i < mSubscriptionPlans.size(); i++) { |
| 3419 | final int subId = mSubscriptionPlans.keyAt(i); |
| 3420 | fout.println("Subscriber ID " + subId + ":"); |
| 3421 | fout.increaseIndent(); |
| 3422 | final SubscriptionPlan[] plans = mSubscriptionPlans.valueAt(i); |
| 3423 | if (!ArrayUtils.isEmpty(plans)) { |
| 3424 | for (SubscriptionPlan plan : plans) { |
| 3425 | fout.println(plan); |
| 3426 | } |
| 3427 | } |
| 3428 | fout.decreaseIndent(); |
| 3429 | } |
| 3430 | fout.decreaseIndent(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3431 | |
Jeff Sharkey | 0f2910c | 2017-07-30 16:52:51 -0600 | [diff] [blame] | 3432 | fout.println(); |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 3433 | fout.println("Active subscriptions:"); |
| 3434 | fout.increaseIndent(); |
| 3435 | for (int i = 0; i < mSubIdToSubscriberId.size(); i++) { |
| 3436 | final int subId = mSubIdToSubscriberId.keyAt(i); |
| 3437 | final String subscriberId = mSubIdToSubscriberId.valueAt(i); |
| 3438 | |
| 3439 | fout.println(subId + "=" + NetworkIdentity.scrubSubscriberId(subscriberId)); |
| 3440 | } |
| 3441 | fout.decreaseIndent(); |
| 3442 | |
| 3443 | fout.println(); |
Malcolm Chen | 07fcb5b | 2019-07-02 22:29:35 -0700 | [diff] [blame] | 3444 | for (String[] mergedSubscribers : mMergedSubscriberIds) { |
| 3445 | fout.println("Merged subscriptions: " + Arrays.toString( |
| 3446 | NetworkIdentity.scrubSubscriberId(mergedSubscribers))); |
| 3447 | } |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 3448 | |
| 3449 | fout.println(); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3450 | fout.println("Policy for UIDs:"); |
| 3451 | fout.increaseIndent(); |
| 3452 | int size = mUidPolicy.size(); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3453 | for (int i = 0; i < size; i++) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3454 | final int uid = mUidPolicy.keyAt(i); |
| 3455 | final int policy = mUidPolicy.valueAt(i); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3456 | fout.print("UID="); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3457 | fout.print(uid); |
| 3458 | fout.print(" policy="); |
Felipe Leme | b146f76 | 2016-08-19 09:52:16 -0700 | [diff] [blame] | 3459 | fout.print(uidPoliciesToString(policy)); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3460 | fout.println(); |
| 3461 | } |
| 3462 | fout.decreaseIndent(); |
| 3463 | |
| 3464 | size = mPowerSaveWhitelistExceptIdleAppIds.size(); |
| 3465 | if (size > 0) { |
| 3466 | fout.println("Power save whitelist (except idle) app ids:"); |
| 3467 | fout.increaseIndent(); |
| 3468 | for (int i = 0; i < size; i++) { |
| 3469 | fout.print("UID="); |
| 3470 | fout.print(mPowerSaveWhitelistExceptIdleAppIds.keyAt(i)); |
| 3471 | fout.print(": "); |
| 3472 | fout.print(mPowerSaveWhitelistExceptIdleAppIds.valueAt(i)); |
| 3473 | fout.println(); |
| 3474 | } |
| 3475 | fout.decreaseIndent(); |
| 3476 | } |
| 3477 | |
| 3478 | size = mPowerSaveWhitelistAppIds.size(); |
| 3479 | if (size > 0) { |
| 3480 | fout.println("Power save whitelist app ids:"); |
| 3481 | fout.increaseIndent(); |
| 3482 | for (int i = 0; i < size; i++) { |
| 3483 | fout.print("UID="); |
| 3484 | fout.print(mPowerSaveWhitelistAppIds.keyAt(i)); |
| 3485 | fout.print(": "); |
| 3486 | fout.print(mPowerSaveWhitelistAppIds.valueAt(i)); |
| 3487 | fout.println(); |
| 3488 | } |
| 3489 | fout.decreaseIndent(); |
| 3490 | } |
| 3491 | |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 3492 | size = mAppIdleTempWhitelistAppIds.size(); |
| 3493 | if (size > 0) { |
| 3494 | fout.println("App idle whitelist app ids:"); |
| 3495 | fout.increaseIndent(); |
| 3496 | for (int i = 0; i < size; i++) { |
| 3497 | fout.print("UID="); |
| 3498 | fout.print(mAppIdleTempWhitelistAppIds.keyAt(i)); |
| 3499 | fout.print(": "); |
| 3500 | fout.print(mAppIdleTempWhitelistAppIds.valueAt(i)); |
| 3501 | fout.println(); |
| 3502 | } |
| 3503 | fout.decreaseIndent(); |
| 3504 | } |
| 3505 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3506 | size = mDefaultRestrictBackgroundWhitelistUids.size(); |
| 3507 | if (size > 0) { |
| 3508 | fout.println("Default restrict background whitelist uids:"); |
| 3509 | fout.increaseIndent(); |
| 3510 | for (int i = 0; i < size; i++) { |
| 3511 | fout.print("UID="); |
| 3512 | fout.print(mDefaultRestrictBackgroundWhitelistUids.keyAt(i)); |
| 3513 | fout.println(); |
| 3514 | } |
| 3515 | fout.decreaseIndent(); |
| 3516 | } |
| 3517 | |
| 3518 | size = mRestrictBackgroundWhitelistRevokedUids.size(); |
| 3519 | if (size > 0) { |
| 3520 | fout.println("Default restrict background whitelist uids revoked by users:"); |
| 3521 | fout.increaseIndent(); |
| 3522 | for (int i = 0; i < size; i++) { |
| 3523 | fout.print("UID="); |
| 3524 | fout.print(mRestrictBackgroundWhitelistRevokedUids.keyAt(i)); |
| 3525 | fout.println(); |
| 3526 | } |
| 3527 | fout.decreaseIndent(); |
| 3528 | } |
| 3529 | |
| 3530 | final SparseBooleanArray knownUids = new SparseBooleanArray(); |
| 3531 | collectKeys(mUidState, knownUids); |
| 3532 | collectKeys(mUidRules, knownUids); |
| 3533 | |
| 3534 | fout.println("Status for all known UIDs:"); |
| 3535 | fout.increaseIndent(); |
| 3536 | size = knownUids.size(); |
| 3537 | for (int i = 0; i < size; i++) { |
| 3538 | final int uid = knownUids.keyAt(i); |
| 3539 | fout.print("UID="); |
| 3540 | fout.print(uid); |
| 3541 | |
| 3542 | final int state = mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
| 3543 | fout.print(" state="); |
| 3544 | fout.print(state); |
| 3545 | if (state <= ActivityManager.PROCESS_STATE_TOP) { |
| 3546 | fout.print(" (fg)"); |
| 3547 | } else { |
Dianne Hackborn | 10fc4fd | 2017-12-19 17:23:13 -0800 | [diff] [blame] | 3548 | fout.print(state <= ActivityManager.PROCESS_STATE_BOUND_FOREGROUND_SERVICE |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3549 | ? " (fg svc)" : " (bg)"); |
| 3550 | } |
| 3551 | |
| 3552 | final int uidRules = mUidRules.get(uid, RULE_NONE); |
| 3553 | fout.print(" rules="); |
| 3554 | fout.print(uidRulesToString(uidRules)); |
| 3555 | fout.println(); |
| 3556 | } |
| 3557 | fout.decreaseIndent(); |
| 3558 | |
| 3559 | fout.println("Status for just UIDs with rules:"); |
| 3560 | fout.increaseIndent(); |
| 3561 | size = mUidRules.size(); |
| 3562 | for (int i = 0; i < size; i++) { |
| 3563 | final int uid = mUidRules.keyAt(i); |
| 3564 | fout.print("UID="); |
| 3565 | fout.print(uid); |
| 3566 | final int uidRules = mUidRules.get(uid, RULE_NONE); |
| 3567 | fout.print(" rules="); |
| 3568 | fout.print(uidRulesToString(uidRules)); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3569 | fout.println(); |
| 3570 | } |
| 3571 | fout.decreaseIndent(); |
Sudheer Shanka | e736185 | 2017-03-07 11:51:46 -0800 | [diff] [blame] | 3572 | |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 3573 | fout.println("Admin restricted uids for metered data:"); |
| 3574 | fout.increaseIndent(); |
| 3575 | size = mMeteredRestrictedUids.size(); |
| 3576 | for (int i = 0; i < size; ++i) { |
| 3577 | fout.print("u" + mMeteredRestrictedUids.keyAt(i) + ": "); |
| 3578 | fout.println(mMeteredRestrictedUids.valueAt(i)); |
| 3579 | } |
| 3580 | fout.decreaseIndent(); |
| 3581 | |
Makoto Onuki | 49392d3 | 2018-04-11 13:51:02 -0700 | [diff] [blame] | 3582 | fout.println(); |
| 3583 | mStatLogger.dump(fout); |
| 3584 | |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 3585 | mLogger.dumpLogs(fout); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3586 | } |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 3587 | } |
| 3588 | } |
Jeff Sharkey | 9599cc5 | 2011-05-22 14:59:31 -0700 | [diff] [blame] | 3589 | |
| 3590 | @Override |
Felipe Leme | 50a235e | 2016-01-15 18:37:06 -0800 | [diff] [blame] | 3591 | public void onShellCommand(FileDescriptor in, FileDescriptor out, FileDescriptor err, |
Dianne Hackborn | 354736e | 2016-08-22 17:00:05 -0700 | [diff] [blame] | 3592 | String[] args, ShellCallback callback, ResultReceiver resultReceiver) { |
Felipe Leme | b1a65ee | 2016-02-08 10:12:01 -0800 | [diff] [blame] | 3593 | (new NetworkPolicyManagerShellCommand(mContext, this)).exec( |
Dianne Hackborn | 354736e | 2016-08-22 17:00:05 -0700 | [diff] [blame] | 3594 | this, in, out, err, args, callback, resultReceiver); |
Felipe Leme | 50a235e | 2016-01-15 18:37:06 -0800 | [diff] [blame] | 3595 | } |
| 3596 | |
Sudheer Shanka | d993dcf | 2018-02-11 12:22:16 -0800 | [diff] [blame] | 3597 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 3598 | boolean isUidForeground(int uid) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3599 | synchronized (mUidRulesFirstLock) { |
Sudheer Shanka | d993dcf | 2018-02-11 12:22:16 -0800 | [diff] [blame] | 3600 | return isUidStateForeground( |
| 3601 | mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY)); |
Jeff Sharkey | 9599cc5 | 2011-05-22 14:59:31 -0700 | [diff] [blame] | 3602 | } |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 3603 | } |
| 3604 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3605 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3606 | private boolean isUidForegroundOnRestrictBackgroundUL(int uid) { |
Felipe Leme | ef89c90 | 2016-03-30 15:11:31 -0700 | [diff] [blame] | 3607 | final int procState = mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3608 | return isProcStateAllowedWhileOnRestrictBackground(procState); |
Felipe Leme | ef89c90 | 2016-03-30 15:11:31 -0700 | [diff] [blame] | 3609 | } |
| 3610 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3611 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3612 | private boolean isUidForegroundOnRestrictPowerUL(int uid) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3613 | final int procState = mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
| 3614 | return isProcStateAllowedWhileIdleOrPowerSaveMode(procState); |
| 3615 | } |
| 3616 | |
Sudheer Shanka | d993dcf | 2018-02-11 12:22:16 -0800 | [diff] [blame] | 3617 | private boolean isUidStateForeground(int state) { |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 3618 | // only really in foreground when screen is also on |
Sudheer Shanka | d993dcf | 2018-02-11 12:22:16 -0800 | [diff] [blame] | 3619 | return state <= NetworkPolicyManager.FOREGROUND_THRESHOLD_STATE; |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 3620 | } |
| 3621 | |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 3622 | /** |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 3623 | * Process state of UID changed; if needed, will trigger |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3624 | * {@link #updateRulesForDataUsageRestrictionsUL(int)} and |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 3625 | * {@link #updateRulesForPowerRestrictionsUL(int)}. Returns true if the state was updated. |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 3626 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3627 | @GuardedBy("mUidRulesFirstLock") |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 3628 | private boolean updateUidStateUL(int uid, int uidState) { |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3629 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "updateUidStateUL"); |
| 3630 | try { |
| 3631 | final int oldUidState = mUidState.get(uid, ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
| 3632 | if (oldUidState != uidState) { |
| 3633 | // state changed, push updated rules |
| 3634 | mUidState.put(uid, uidState); |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3635 | updateRestrictBackgroundRulesOnUidStatusChangedUL(uid, oldUidState, uidState); |
| 3636 | if (isProcStateAllowedWhileIdleOrPowerSaveMode(oldUidState) |
| 3637 | != isProcStateAllowedWhileIdleOrPowerSaveMode(uidState) ) { |
Sudheer Shanka | 9e77d23 | 2017-08-14 14:43:11 -0700 | [diff] [blame] | 3638 | updateRuleForAppIdleUL(uid); |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3639 | if (mDeviceIdleMode) { |
| 3640 | updateRuleForDeviceIdleUL(uid); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3641 | } |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3642 | if (mRestrictPower) { |
| 3643 | updateRuleForRestrictPowerUL(uid); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3644 | } |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3645 | updateRulesForPowerRestrictionsUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 3646 | } |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 3647 | return true; |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 3648 | } |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3649 | } finally { |
| 3650 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 3651 | } |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 3652 | return false; |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 3653 | } |
| 3654 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3655 | @GuardedBy("mUidRulesFirstLock") |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 3656 | private boolean removeUidStateUL(int uid) { |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 3657 | final int index = mUidState.indexOfKey(uid); |
| 3658 | if (index >= 0) { |
| 3659 | final int oldUidState = mUidState.valueAt(index); |
| 3660 | mUidState.removeAt(index); |
| 3661 | if (oldUidState != ActivityManager.PROCESS_STATE_CACHED_EMPTY) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3662 | updateRestrictBackgroundRulesOnUidStatusChangedUL(uid, oldUidState, |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3663 | ActivityManager.PROCESS_STATE_CACHED_EMPTY); |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 3664 | if (mDeviceIdleMode) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3665 | updateRuleForDeviceIdleUL(uid); |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 3666 | } |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3667 | if (mRestrictPower) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3668 | updateRuleForRestrictPowerUL(uid); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3669 | } |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3670 | updateRulesForPowerRestrictionsUL(uid); |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 3671 | return true; |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 3672 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 3673 | } |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 3674 | return false; |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 3675 | } |
| 3676 | |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 3677 | // adjust stats accounting based on foreground status |
| 3678 | private void updateNetworkStats(int uid, boolean uidForeground) { |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 3679 | if (Trace.isTagEnabled(Trace.TRACE_TAG_NETWORK)) { |
| 3680 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, |
| 3681 | "updateNetworkStats: " + uid + "/" + (uidForeground ? "F" : "B")); |
| 3682 | } |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 3683 | try { |
| 3684 | mNetworkStats.setUidForeground(uid, uidForeground); |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 3685 | } finally { |
| 3686 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 3687 | } |
| 3688 | } |
| 3689 | |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3690 | private void updateRestrictBackgroundRulesOnUidStatusChangedUL(int uid, int oldUidState, |
| 3691 | int newUidState) { |
Felipe Leme | ef89c90 | 2016-03-30 15:11:31 -0700 | [diff] [blame] | 3692 | final boolean oldForeground = |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3693 | isProcStateAllowedWhileOnRestrictBackground(oldUidState); |
Felipe Leme | ef89c90 | 2016-03-30 15:11:31 -0700 | [diff] [blame] | 3694 | final boolean newForeground = |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3695 | isProcStateAllowedWhileOnRestrictBackground(newUidState); |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 3696 | if (oldForeground != newForeground) { |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3697 | updateRulesForDataUsageRestrictionsUL(uid); |
Dianne Hackborn | d23e0d6 | 2015-05-15 16:36:12 -0700 | [diff] [blame] | 3698 | } |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3699 | } |
| 3700 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3701 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3702 | void updateRulesForPowerSaveUL() { |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3703 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "updateRulesForPowerSaveUL"); |
| 3704 | try { |
| 3705 | updateRulesForWhitelistedPowerSaveUL(mRestrictPower, FIREWALL_CHAIN_POWERSAVE, |
| 3706 | mUidFirewallPowerSaveRules); |
| 3707 | } finally { |
| 3708 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 3709 | } |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3710 | } |
| 3711 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3712 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3713 | void updateRuleForRestrictPowerUL(int uid) { |
| 3714 | updateRulesForWhitelistedPowerSaveUL(uid, mRestrictPower, FIREWALL_CHAIN_POWERSAVE); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3715 | } |
| 3716 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3717 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3718 | void updateRulesForDeviceIdleUL() { |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3719 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "updateRulesForDeviceIdleUL"); |
| 3720 | try { |
| 3721 | updateRulesForWhitelistedPowerSaveUL(mDeviceIdleMode, FIREWALL_CHAIN_DOZABLE, |
| 3722 | mUidFirewallDozableRules); |
| 3723 | } finally { |
| 3724 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 3725 | } |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3726 | } |
| 3727 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3728 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3729 | void updateRuleForDeviceIdleUL(int uid) { |
| 3730 | updateRulesForWhitelistedPowerSaveUL(uid, mDeviceIdleMode, FIREWALL_CHAIN_DOZABLE); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3731 | } |
| 3732 | |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 3733 | // NOTE: since both fw_dozable and fw_powersave uses the same map |
| 3734 | // (mPowerSaveTempWhitelistAppIds) for whitelisting, we can reuse their logic in this method. |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3735 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3736 | private void updateRulesForWhitelistedPowerSaveUL(boolean enabled, int chain, |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3737 | SparseIntArray rules) { |
| 3738 | if (enabled) { |
| 3739 | // Sync the whitelists before enabling the chain. We don't care about the rules if |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3740 | // we are disabling the chain. |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3741 | final SparseIntArray uidRules = rules; |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 3742 | uidRules.clear(); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3743 | final List<UserInfo> users = mUserManager.getUsers(); |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 3744 | for (int ui = users.size() - 1; ui >= 0; ui--) { |
| 3745 | UserInfo user = users.get(ui); |
Sudheer Shanka | 54a92fd | 2017-04-26 10:43:23 -0700 | [diff] [blame] | 3746 | updateRulesForWhitelistedAppIds(uidRules, mPowerSaveTempWhitelistAppIds, user.id); |
| 3747 | updateRulesForWhitelistedAppIds(uidRules, mPowerSaveWhitelistAppIds, user.id); |
| 3748 | if (chain == FIREWALL_CHAIN_POWERSAVE) { |
| 3749 | updateRulesForWhitelistedAppIds(uidRules, |
| 3750 | mPowerSaveWhitelistExceptIdleAppIds, user.id); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3751 | } |
| 3752 | } |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 3753 | for (int i = mUidState.size() - 1; i >= 0; i--) { |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3754 | if (isProcStateAllowedWhileIdleOrPowerSaveMode(mUidState.valueAt(i))) { |
Dianne Hackborn | fd854ee | 2015-07-13 18:00:37 -0700 | [diff] [blame] | 3755 | uidRules.put(mUidState.keyAt(i), FIREWALL_RULE_ALLOW); |
| 3756 | } |
| 3757 | } |
Sudheer Shanka | addebcc | 2017-10-03 09:43:20 -0700 | [diff] [blame] | 3758 | setUidFirewallRulesUL(chain, uidRules, CHAIN_TOGGLE_ENABLE); |
Felipe Leme | bc853dd | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 3759 | } else { |
Sudheer Shanka | addebcc | 2017-10-03 09:43:20 -0700 | [diff] [blame] | 3760 | setUidFirewallRulesUL(chain, null, CHAIN_TOGGLE_DISABLE); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 3761 | } |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 3762 | } |
| 3763 | |
Sudheer Shanka | 54a92fd | 2017-04-26 10:43:23 -0700 | [diff] [blame] | 3764 | private void updateRulesForWhitelistedAppIds(final SparseIntArray uidRules, |
| 3765 | final SparseBooleanArray whitelistedAppIds, int userId) { |
| 3766 | for (int i = whitelistedAppIds.size() - 1; i >= 0; --i) { |
| 3767 | if (whitelistedAppIds.valueAt(i)) { |
| 3768 | final int appId = whitelistedAppIds.keyAt(i); |
| 3769 | final int uid = UserHandle.getUid(userId, appId); |
| 3770 | uidRules.put(uid, FIREWALL_RULE_ALLOW); |
| 3771 | } |
| 3772 | } |
| 3773 | } |
| 3774 | |
| 3775 | /** |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 3776 | * Returns whether a uid is whitelisted from power saving restrictions (eg: Battery Saver, Doze |
| 3777 | * mode, and app idle). |
| 3778 | * |
Sudheer Shanka | 54a92fd | 2017-04-26 10:43:23 -0700 | [diff] [blame] | 3779 | * @param deviceIdleMode if true then we don't consider |
| 3780 | * {@link #mPowerSaveWhitelistExceptIdleAppIds} for checking if the {@param uid} is |
| 3781 | * whitelisted. |
| 3782 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3783 | @GuardedBy("mUidRulesFirstLock") |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 3784 | private boolean isWhitelistedFromPowerSaveUL(int uid, boolean deviceIdleMode) { |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 3785 | final int appId = UserHandle.getAppId(uid); |
Sudheer Shanka | 54a92fd | 2017-04-26 10:43:23 -0700 | [diff] [blame] | 3786 | boolean isWhitelisted = mPowerSaveTempWhitelistAppIds.get(appId) |
| 3787 | || mPowerSaveWhitelistAppIds.get(appId); |
| 3788 | if (!deviceIdleMode) { |
| 3789 | isWhitelisted = isWhitelisted || mPowerSaveWhitelistExceptIdleAppIds.get(appId); |
| 3790 | } |
| 3791 | return isWhitelisted; |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 3792 | } |
| 3793 | |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 3794 | // NOTE: since both fw_dozable and fw_powersave uses the same map |
| 3795 | // (mPowerSaveTempWhitelistAppIds) for whitelisting, we can reuse their logic in this method. |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3796 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3797 | private void updateRulesForWhitelistedPowerSaveUL(int uid, boolean enabled, int chain) { |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3798 | if (enabled) { |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 3799 | final boolean isWhitelisted = isWhitelistedFromPowerSaveUL(uid, |
Sudheer Shanka | 54a92fd | 2017-04-26 10:43:23 -0700 | [diff] [blame] | 3800 | chain == FIREWALL_CHAIN_DOZABLE); |
| 3801 | if (isWhitelisted || isUidForegroundOnRestrictPowerUL(uid)) { |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3802 | setUidFirewallRule(chain, uid, FIREWALL_RULE_ALLOW); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3803 | } else { |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 3804 | setUidFirewallRule(chain, uid, FIREWALL_RULE_DEFAULT); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3805 | } |
| 3806 | } |
| 3807 | } |
| 3808 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3809 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3810 | void updateRulesForAppIdleUL() { |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3811 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "updateRulesForAppIdleUL"); |
| 3812 | try { |
| 3813 | final SparseIntArray uidRules = mUidFirewallStandbyRules; |
| 3814 | uidRules.clear(); |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 3815 | |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3816 | // Fully update the app idle firewall chain. |
| 3817 | final List<UserInfo> users = mUserManager.getUsers(); |
| 3818 | for (int ui = users.size() - 1; ui >= 0; ui--) { |
| 3819 | UserInfo user = users.get(ui); |
| 3820 | int[] idleUids = mUsageStats.getIdleUidsForUser(user.id); |
| 3821 | for (int uid : idleUids) { |
| 3822 | if (!mPowerSaveTempWhitelistAppIds.get(UserHandle.getAppId(uid), false)) { |
| 3823 | // quick check: if this uid doesn't have INTERNET permission, it |
| 3824 | // doesn't have network access anyway, so it is a waste to mess |
| 3825 | // with it here. |
| 3826 | if (hasInternetPermissions(uid)) { |
| 3827 | uidRules.put(uid, FIREWALL_RULE_DENY); |
| 3828 | } |
Soi, Yoshinari | a065da1 | 2015-12-22 12:02:18 +0900 | [diff] [blame] | 3829 | } |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3830 | } |
| 3831 | } |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 3832 | |
Sudheer Shanka | addebcc | 2017-10-03 09:43:20 -0700 | [diff] [blame] | 3833 | setUidFirewallRulesUL(FIREWALL_CHAIN_STANDBY, uidRules, CHAIN_TOGGLE_NONE); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3834 | } finally { |
| 3835 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 3836 | } |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3837 | } |
| 3838 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3839 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3840 | void updateRuleForAppIdleUL(int uid) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 3841 | if (!isUidValidForBlacklistRules(uid)) return; |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3842 | |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 3843 | if (Trace.isTagEnabled(Trace.TRACE_TAG_NETWORK)) { |
| 3844 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "updateRuleForAppIdleUL: " + uid ); |
| 3845 | } |
| 3846 | try { |
| 3847 | int appId = UserHandle.getAppId(uid); |
| 3848 | if (!mPowerSaveTempWhitelistAppIds.get(appId) && isUidIdle(uid) |
| 3849 | && !isUidForegroundOnRestrictPowerUL(uid)) { |
| 3850 | setUidFirewallRule(FIREWALL_CHAIN_STANDBY, uid, FIREWALL_RULE_DENY); |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 3851 | if (LOGD) Log.d(TAG, "updateRuleForAppIdleUL DENY " + uid); |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 3852 | } else { |
| 3853 | setUidFirewallRule(FIREWALL_CHAIN_STANDBY, uid, FIREWALL_RULE_DEFAULT); |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 3854 | if (LOGD) Log.d(TAG, "updateRuleForAppIdleUL " + uid + " to DEFAULT"); |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 3855 | } |
| 3856 | } finally { |
| 3857 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 3858 | } |
| 3859 | } |
| 3860 | |
Amith Yamasani | 0938f2f | 2016-09-16 12:46:31 -0700 | [diff] [blame] | 3861 | /** |
Dianne Hackborn | 8ad2af7 | 2015-03-17 17:00:24 -0700 | [diff] [blame] | 3862 | * Update rules that might be changed by {@link #mRestrictBackground}, |
| 3863 | * {@link #mRestrictPower}, or {@link #mDeviceIdleMode} value. |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3864 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3865 | @GuardedBy({"mUidRulesFirstLock", "mNetworkPoliciesSecondLock"}) |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3866 | private void updateRulesForGlobalChangeAL(boolean restrictedNetworksChanged) { |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 3867 | if (Trace.isTagEnabled(Trace.TRACE_TAG_NETWORK)) { |
| 3868 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, |
| 3869 | "updateRulesForGlobalChangeAL: " + (restrictedNetworksChanged ? "R" : "-")); |
| 3870 | } |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3871 | try { |
Felipe Leme | 0970046 | 2016-09-08 09:33:48 -0700 | [diff] [blame] | 3872 | updateRulesForAppIdleUL(); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3873 | updateRulesForRestrictPowerUL(); |
| 3874 | updateRulesForRestrictBackgroundUL(); |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 3875 | |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3876 | // If the set of restricted networks may have changed, re-evaluate those. |
| 3877 | if (restrictedNetworksChanged) { |
| 3878 | normalizePoliciesNL(); |
| 3879 | updateNetworkRulesNL(); |
| 3880 | } |
| 3881 | } finally { |
| 3882 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Felipe Leme | 76010a3 | 2016-03-17 13:03:11 -0700 | [diff] [blame] | 3883 | } |
| 3884 | } |
| 3885 | |
Felipe Leme | 0970046 | 2016-09-08 09:33:48 -0700 | [diff] [blame] | 3886 | // TODO: rename / document to make it clear these are global (not app-specific) rules |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3887 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3888 | private void updateRulesForRestrictPowerUL() { |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3889 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "updateRulesForRestrictPowerUL"); |
| 3890 | try { |
| 3891 | updateRulesForDeviceIdleUL(); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3892 | updateRulesForPowerSaveUL(); |
| 3893 | updateRulesForAllAppsUL(TYPE_RESTRICT_POWER); |
| 3894 | } finally { |
| 3895 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 3896 | } |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 3897 | } |
| 3898 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3899 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3900 | private void updateRulesForRestrictBackgroundUL() { |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3901 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "updateRulesForRestrictBackgroundUL"); |
| 3902 | try { |
| 3903 | updateRulesForAllAppsUL(TYPE_RESTRICT_BACKGROUND); |
| 3904 | } finally { |
| 3905 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 3906 | } |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 3907 | } |
| 3908 | |
| 3909 | private static final int TYPE_RESTRICT_BACKGROUND = 1; |
| 3910 | private static final int TYPE_RESTRICT_POWER = 2; |
| 3911 | @Retention(RetentionPolicy.SOURCE) |
| 3912 | @IntDef(flag = false, value = { |
| 3913 | TYPE_RESTRICT_BACKGROUND, |
| 3914 | TYPE_RESTRICT_POWER, |
| 3915 | }) |
| 3916 | public @interface RestrictType { |
| 3917 | } |
| 3918 | |
| 3919 | // TODO: refactor / consolidate all those updateXyz methods, there are way too many of them... |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3920 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 3921 | private void updateRulesForAllAppsUL(@RestrictType int type) { |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3922 | if (Trace.isTagEnabled(Trace.TRACE_TAG_NETWORK)) { |
| 3923 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "updateRulesForRestrictPowerUL-" + type); |
| 3924 | } |
| 3925 | try { |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3926 | // update rules for all installed applications |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 3927 | |
| 3928 | final PackageManager pm = mContext.getPackageManager(); |
| 3929 | final List<UserInfo> users; |
| 3930 | final List<ApplicationInfo> apps; |
| 3931 | |
| 3932 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "list-users"); |
| 3933 | try { |
| 3934 | users = mUserManager.getUsers(); |
| 3935 | } finally { |
| 3936 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 3937 | } |
| 3938 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "list-uids"); |
| 3939 | try { |
| 3940 | apps = pm.getInstalledApplications( |
| 3941 | PackageManager.MATCH_ANY_USER | PackageManager.MATCH_DISABLED_COMPONENTS |
| 3942 | | PackageManager.MATCH_DIRECT_BOOT_AWARE |
| 3943 | | PackageManager.MATCH_DIRECT_BOOT_UNAWARE); |
| 3944 | } finally { |
| 3945 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 3946 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 3947 | |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3948 | final int usersSize = users.size(); |
| 3949 | final int appsSize = apps.size(); |
| 3950 | for (int i = 0; i < usersSize; i++) { |
| 3951 | final UserInfo user = users.get(i); |
| 3952 | for (int j = 0; j < appsSize; j++) { |
| 3953 | final ApplicationInfo app = apps.get(j); |
| 3954 | final int uid = UserHandle.getUid(user.id, app.uid); |
| 3955 | switch (type) { |
| 3956 | case TYPE_RESTRICT_BACKGROUND: |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3957 | updateRulesForDataUsageRestrictionsUL(uid); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3958 | break; |
| 3959 | case TYPE_RESTRICT_POWER: |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 3960 | updateRulesForPowerRestrictionsUL(uid); |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3961 | break; |
| 3962 | default: |
| 3963 | Slog.w(TAG, "Invalid type for updateRulesForAllApps: " + type); |
| 3964 | } |
Felipe Leme | f3e4064 | 2016-06-07 17:28:08 -0700 | [diff] [blame] | 3965 | } |
Jeff Sharkey | d0c6ccb | 2012-09-14 16:26:37 -0700 | [diff] [blame] | 3966 | } |
Felipe Leme | 873a83a | 2016-09-07 11:34:10 -0700 | [diff] [blame] | 3967 | } finally { |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 3968 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3969 | } |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 3970 | } |
| 3971 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 3972 | @GuardedBy("mUidRulesFirstLock") |
Sudheer Shanka | f34f3ec | 2017-08-03 11:02:56 -0700 | [diff] [blame] | 3973 | private void updateRulesForTempWhitelistChangeUL(int appId) { |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 3974 | final List<UserInfo> users = mUserManager.getUsers(); |
Sudheer Shanka | f34f3ec | 2017-08-03 11:02:56 -0700 | [diff] [blame] | 3975 | final int numUsers = users.size(); |
| 3976 | for (int i = 0; i < numUsers; i++) { |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 3977 | final UserInfo user = users.get(i); |
Sudheer Shanka | f34f3ec | 2017-08-03 11:02:56 -0700 | [diff] [blame] | 3978 | int uid = UserHandle.getUid(user.id, appId); |
| 3979 | // Update external firewall rules. |
| 3980 | updateRuleForAppIdleUL(uid); |
| 3981 | updateRuleForDeviceIdleUL(uid); |
| 3982 | updateRuleForRestrictPowerUL(uid); |
| 3983 | // Update internal rules. |
| 3984 | updateRulesForPowerRestrictionsUL(uid); |
Amith Yamasani | af575b9 | 2015-05-29 15:35:26 -0700 | [diff] [blame] | 3985 | } |
| 3986 | } |
| 3987 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 3988 | // TODO: the MEDIA / DRM restriction might not be needed anymore, in which case both |
| 3989 | // methods below could be merged into a isUidValidForRules() method. |
| 3990 | private boolean isUidValidForBlacklistRules(int uid) { |
| 3991 | // allow rules on specific system services, and any apps |
Jeff Sharkey | 5294a2f | 2012-04-24 17:07:22 -0700 | [diff] [blame] | 3992 | if (uid == android.os.Process.MEDIA_UID || uid == android.os.Process.DRM_UID |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 3993 | || (UserHandle.isApp(uid) && hasInternetPermissions(uid))) { |
Jeff Sharkey | 5294a2f | 2012-04-24 17:07:22 -0700 | [diff] [blame] | 3994 | return true; |
| 3995 | } |
| 3996 | |
| 3997 | return false; |
| 3998 | } |
| 3999 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4000 | private boolean isUidValidForWhitelistRules(int uid) { |
| 4001 | return UserHandle.isApp(uid) && hasInternetPermissions(uid); |
| 4002 | } |
| 4003 | |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 4004 | /** |
| 4005 | * Set whether or not an app should be whitelisted for network access while in app idle. Other |
| 4006 | * power saving restrictions may still apply. |
| 4007 | */ |
| 4008 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 4009 | void setAppIdleWhitelist(int uid, boolean shouldWhitelist) { |
Sudheer Shanka | db02ccd | 2018-11-29 11:27:21 -0800 | [diff] [blame] | 4010 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 4011 | |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 4012 | synchronized (mUidRulesFirstLock) { |
| 4013 | if (mAppIdleTempWhitelistAppIds.get(uid) == shouldWhitelist) { |
| 4014 | // No change. |
| 4015 | return; |
| 4016 | } |
| 4017 | |
| 4018 | final long token = Binder.clearCallingIdentity(); |
| 4019 | try { |
| 4020 | mLogger.appIdleWlChanged(uid, shouldWhitelist); |
| 4021 | if (shouldWhitelist) { |
| 4022 | mAppIdleTempWhitelistAppIds.put(uid, true); |
| 4023 | } else { |
| 4024 | mAppIdleTempWhitelistAppIds.delete(uid); |
| 4025 | } |
| 4026 | updateRuleForAppIdleUL(uid); |
| 4027 | updateRulesForPowerRestrictionsUL(uid); |
| 4028 | } finally { |
| 4029 | Binder.restoreCallingIdentity(token); |
| 4030 | } |
| 4031 | } |
| 4032 | } |
| 4033 | |
| 4034 | /** Return the list of UIDs currently in the app idle whitelist. */ |
| 4035 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 4036 | int[] getAppIdleWhitelist() { |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 4037 | mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); |
| 4038 | |
| 4039 | synchronized (mUidRulesFirstLock) { |
| 4040 | final int len = mAppIdleTempWhitelistAppIds.size(); |
| 4041 | int[] uids = new int[len]; |
| 4042 | for (int i = 0; i < len; ++i) { |
| 4043 | uids[i] = mAppIdleTempWhitelistAppIds.keyAt(i); |
| 4044 | } |
| 4045 | return uids; |
| 4046 | } |
| 4047 | } |
| 4048 | |
| 4049 | /** Returns if the UID is currently considered idle. */ |
| 4050 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 4051 | boolean isUidIdle(int uid) { |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 4052 | synchronized (mUidRulesFirstLock) { |
| 4053 | if (mAppIdleTempWhitelistAppIds.get(uid)) { |
| 4054 | // UID is temporarily whitelisted. |
| 4055 | return false; |
| 4056 | } |
| 4057 | } |
| 4058 | |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4059 | final String[] packages = mContext.getPackageManager().getPackagesForUid(uid); |
| 4060 | final int userId = UserHandle.getUserId(uid); |
| 4061 | |
songjinshi | 0655edd | 2016-05-18 19:55:32 +0800 | [diff] [blame] | 4062 | if (packages != null) { |
Jeff Sharkey | 377ded0f | 2016-01-10 13:15:41 -0700 | [diff] [blame] | 4063 | for (String packageName : packages) { |
| 4064 | if (!mUsageStats.isAppIdle(packageName, uid, userId)) { |
| 4065 | return false; |
| 4066 | } |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4067 | } |
| 4068 | } |
| 4069 | return true; |
| 4070 | } |
| 4071 | |
| 4072 | /** |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 4073 | * Checks if an uid has INTERNET permissions. |
| 4074 | * <p> |
| 4075 | * Useful for the cases where the lack of network access can simplify the rules. |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4076 | */ |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 4077 | private boolean hasInternetPermissions(int uid) { |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 4078 | try { |
Amith Yamasani | 2a4ac4e | 2016-02-12 12:43:15 -0800 | [diff] [blame] | 4079 | if (mIPm.checkUidPermission(Manifest.permission.INTERNET, uid) |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 4080 | != PackageManager.PERMISSION_GRANTED) { |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 4081 | return false; |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 4082 | } |
| 4083 | } catch (RemoteException e) { |
| 4084 | } |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 4085 | return true; |
| 4086 | } |
| 4087 | |
| 4088 | /** |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 4089 | * Clears all state - internal and external - associated with an UID. |
| 4090 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 4091 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 4092 | private void onUidDeletedUL(int uid) { |
| 4093 | // First cleanup in-memory state synchronously... |
| 4094 | mUidRules.delete(uid); |
| 4095 | mUidPolicy.delete(uid); |
| 4096 | mUidFirewallStandbyRules.delete(uid); |
| 4097 | mUidFirewallDozableRules.delete(uid); |
| 4098 | mUidFirewallPowerSaveRules.delete(uid); |
| 4099 | mPowerSaveWhitelistExceptIdleAppIds.delete(uid); |
| 4100 | mPowerSaveWhitelistAppIds.delete(uid); |
| 4101 | mPowerSaveTempWhitelistAppIds.delete(uid); |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 4102 | mAppIdleTempWhitelistAppIds.delete(uid); |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 4103 | |
| 4104 | // ...then update iptables asynchronously. |
| 4105 | mHandler.obtainMessage(MSG_RESET_FIREWALL_RULES_BY_UID, uid, 0).sendToTarget(); |
| 4106 | } |
| 4107 | |
| 4108 | /** |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 4109 | * Applies network rules to bandwidth and firewall controllers based on uid policy. |
Felipe Leme | 76010a3 | 2016-03-17 13:03:11 -0700 | [diff] [blame] | 4110 | * |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4111 | * <p>There are currently 4 types of restriction rules: |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 4112 | * <ul> |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4113 | * <li>Doze mode |
| 4114 | * <li>App idle mode |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 4115 | * <li>Battery Saver Mode (also referred as power save). |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 4116 | * <li>Data Saver Mode (The Feature Formerly Known As 'Restrict Background Data'). |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 4117 | * </ul> |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4118 | * |
| 4119 | * <p>This method changes both the external firewall rules and the internal state. |
Felipe Leme | 47585ba | 2016-02-09 16:56:32 -0800 | [diff] [blame] | 4120 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 4121 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 4122 | private void updateRestrictionRulesForUidUL(int uid) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4123 | // Methods below only changes the firewall rules for the power-related modes. |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4124 | updateRuleForDeviceIdleUL(uid); |
| 4125 | updateRuleForAppIdleUL(uid); |
| 4126 | updateRuleForRestrictPowerUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4127 | |
| 4128 | // Update internal state for power-related modes. |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4129 | updateRulesForPowerRestrictionsUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4130 | |
| 4131 | // Update firewall and internal rules for Data Saver Mode. |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4132 | updateRulesForDataUsageRestrictionsUL(uid); |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 4133 | } |
| 4134 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4135 | /** |
| 4136 | * Applies network rules to bandwidth controllers based on process state and user-defined |
| 4137 | * restrictions (blacklist / whitelist). |
| 4138 | * |
| 4139 | * <p> |
| 4140 | * {@code netd} defines 3 firewall chains that govern whether an app has access to metered |
| 4141 | * networks: |
| 4142 | * <ul> |
| 4143 | * <li>@{code bw_penalty_box}: UIDs added to this chain do not have access (blacklist). |
| 4144 | * <li>@{code bw_happy_box}: UIDs added to this chain have access (whitelist), unless they're |
| 4145 | * also blacklisted. |
| 4146 | * <li>@{code bw_data_saver}: when enabled (through {@link #setRestrictBackground(boolean)}), |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 4147 | * no UIDs other than those whitelisted will have access. |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4148 | * <ul> |
| 4149 | * |
| 4150 | * <p>The @{code bw_penalty_box} and @{code bw_happy_box} are primarily managed through the |
| 4151 | * {@link #setUidPolicy(int, int)} and {@link #addRestrictBackgroundWhitelistedUid(int)} / |
| 4152 | * {@link #removeRestrictBackgroundWhitelistedUid(int)} methods (for blacklist and whitelist |
| 4153 | * respectively): these methods set the proper internal state (blacklist / whitelist), then call |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4154 | * this ({@link #updateRulesForDataUsageRestrictionsUL(int)}) to propagate the rules to |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4155 | * {@link INetworkManagementService}, but this method should also be called in events (like |
| 4156 | * Data Saver Mode flips or UID state changes) that might affect the foreground app, since the |
| 4157 | * following rules should also be applied: |
| 4158 | * |
| 4159 | * <ul> |
| 4160 | * <li>When Data Saver mode is on, the foreground app should be temporarily added to |
| 4161 | * {@code bw_happy_box} before the @{code bw_data_saver} chain is enabled. |
| 4162 | * <li>If the foreground app is blacklisted by the user, it should be temporarily removed from |
| 4163 | * {@code bw_penalty_box}. |
| 4164 | * <li>When the app leaves foreground state, the temporary changes above should be reverted. |
| 4165 | * </ul> |
| 4166 | * |
| 4167 | * <p>For optimization, the rules are only applied on user apps that have internet access |
| 4168 | * permission, since there is no need to change the {@code iptables} rule if the app does not |
| 4169 | * have permission to use the internet. |
| 4170 | * |
| 4171 | * <p>The {@link #mUidRules} map is used to define the transtion of states of an UID. |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 4172 | * |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4173 | */ |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4174 | private void updateRulesForDataUsageRestrictionsUL(int uid) { |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 4175 | if (Trace.isTagEnabled(Trace.TRACE_TAG_NETWORK)) { |
| 4176 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, |
| 4177 | "updateRulesForDataUsageRestrictionsUL: " + uid); |
| 4178 | } |
| 4179 | try { |
| 4180 | updateRulesForDataUsageRestrictionsULInner(uid); |
| 4181 | } finally { |
| 4182 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 4183 | } |
| 4184 | } |
| 4185 | |
| 4186 | private void updateRulesForDataUsageRestrictionsULInner(int uid) { |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 4187 | if (!isUidValidForWhitelistRules(uid)) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4188 | if (LOGD) Slog.d(TAG, "no need to update restrict data rules for uid " + uid); |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4189 | return; |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4190 | } |
Dianne Hackborn | 88e98df | 2015-03-23 13:29:14 -0700 | [diff] [blame] | 4191 | |
Dianne Hackborn | 497175b | 2014-07-01 12:56:08 -0700 | [diff] [blame] | 4192 | final int uidPolicy = mUidPolicy.get(uid, POLICY_NONE); |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 4193 | final int oldUidRules = mUidRules.get(uid, RULE_NONE); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4194 | final boolean isForeground = isUidForegroundOnRestrictBackgroundUL(uid); |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 4195 | final boolean isRestrictedByAdmin = isRestrictedByAdminUL(uid); |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 4196 | |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4197 | final boolean isBlacklisted = (uidPolicy & POLICY_REJECT_METERED_BACKGROUND) != 0; |
Felipe Leme | 46b451f | 2016-08-19 08:46:17 -0700 | [diff] [blame] | 4198 | final boolean isWhitelisted = (uidPolicy & POLICY_ALLOW_METERED_BACKGROUND) != 0; |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4199 | final int oldRule = oldUidRules & MASK_METERED_NETWORKS; |
| 4200 | int newRule = RULE_NONE; |
Felipe Leme | 76010a3 | 2016-03-17 13:03:11 -0700 | [diff] [blame] | 4201 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4202 | // First step: define the new rule based on user restrictions and foreground state. |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 4203 | if (isRestrictedByAdmin) { |
| 4204 | newRule = RULE_REJECT_METERED; |
| 4205 | } else if (isForeground) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4206 | if (isBlacklisted || (mRestrictBackground && !isWhitelisted)) { |
| 4207 | newRule = RULE_TEMPORARY_ALLOW_METERED; |
| 4208 | } else if (isWhitelisted) { |
| 4209 | newRule = RULE_ALLOW_METERED; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 4210 | } |
| 4211 | } else { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4212 | if (isBlacklisted) { |
| 4213 | newRule = RULE_REJECT_METERED; |
| 4214 | } else if (mRestrictBackground && isWhitelisted) { |
| 4215 | newRule = RULE_ALLOW_METERED; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 4216 | } |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4217 | } |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4218 | final int newUidRules = newRule | (oldUidRules & MASK_ALL_NETWORKS); |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 4219 | |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 4220 | if (LOGV) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4221 | Log.v(TAG, "updateRuleForRestrictBackgroundUL(" + uid + ")" |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4222 | + ": isForeground=" +isForeground |
| 4223 | + ", isBlacklisted=" + isBlacklisted |
| 4224 | + ", isWhitelisted=" + isWhitelisted |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 4225 | + ", isRestrictedByAdmin=" + isRestrictedByAdmin |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4226 | + ", oldRule=" + uidRulesToString(oldRule) |
| 4227 | + ", newRule=" + uidRulesToString(newRule) |
| 4228 | + ", newUidRules=" + uidRulesToString(newUidRules) |
| 4229 | + ", oldUidRules=" + uidRulesToString(oldUidRules)); |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 4230 | } |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 4231 | |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 4232 | if (newUidRules == RULE_NONE) { |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 4233 | mUidRules.delete(uid); |
| 4234 | } else { |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 4235 | mUidRules.put(uid, newUidRules); |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 4236 | } |
Jeff Sharkey | c006f1a | 2011-05-19 17:12:49 -0700 | [diff] [blame] | 4237 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4238 | // Second step: apply bw changes based on change of state. |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4239 | if (newRule != oldRule) { |
Hugo Benichi | 2966c18 | 2017-03-28 17:17:13 +0900 | [diff] [blame] | 4240 | if (hasRule(newRule, RULE_TEMPORARY_ALLOW_METERED)) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4241 | // Temporarily whitelist foreground app, removing from blacklist if necessary |
| 4242 | // (since bw_penalty_box prevails over bw_happy_box). |
| 4243 | |
| 4244 | setMeteredNetworkWhitelist(uid, true); |
| 4245 | // TODO: if statement below is used to avoid an unnecessary call to netd / iptables, |
| 4246 | // but ideally it should be just: |
| 4247 | // setMeteredNetworkBlacklist(uid, isBlacklisted); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4248 | if (isBlacklisted) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4249 | setMeteredNetworkBlacklist(uid, false); |
| 4250 | } |
Hugo Benichi | 2966c18 | 2017-03-28 17:17:13 +0900 | [diff] [blame] | 4251 | } else if (hasRule(oldRule, RULE_TEMPORARY_ALLOW_METERED)) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4252 | // Remove temporary whitelist from app that is not on foreground anymore. |
| 4253 | |
| 4254 | // TODO: if statements below are used to avoid unnecessary calls to netd / iptables, |
| 4255 | // but ideally they should be just: |
| 4256 | // setMeteredNetworkWhitelist(uid, isWhitelisted); |
| 4257 | // setMeteredNetworkBlacklist(uid, isBlacklisted); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4258 | if (!isWhitelisted) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4259 | setMeteredNetworkWhitelist(uid, false); |
| 4260 | } |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 4261 | if (isBlacklisted || isRestrictedByAdmin) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4262 | setMeteredNetworkBlacklist(uid, true); |
| 4263 | } |
Hugo Benichi | 2966c18 | 2017-03-28 17:17:13 +0900 | [diff] [blame] | 4264 | } else if (hasRule(newRule, RULE_REJECT_METERED) |
| 4265 | || hasRule(oldRule, RULE_REJECT_METERED)) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4266 | // Flip state because app was explicitly added or removed to blacklist. |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 4267 | setMeteredNetworkBlacklist(uid, (isBlacklisted || isRestrictedByAdmin)); |
Hugo Benichi | 2966c18 | 2017-03-28 17:17:13 +0900 | [diff] [blame] | 4268 | if (hasRule(oldRule, RULE_REJECT_METERED) && isWhitelisted) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4269 | // Since blacklist prevails over whitelist, we need to handle the special case |
| 4270 | // where app is whitelisted and blacklisted at the same time (although such |
| 4271 | // scenario should be blocked by the UI), then blacklist is removed. |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4272 | setMeteredNetworkWhitelist(uid, isWhitelisted); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4273 | } |
Hugo Benichi | 2966c18 | 2017-03-28 17:17:13 +0900 | [diff] [blame] | 4274 | } else if (hasRule(newRule, RULE_ALLOW_METERED) |
| 4275 | || hasRule(oldRule, RULE_ALLOW_METERED)) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4276 | // Flip state because app was explicitly added or removed to whitelist. |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4277 | setMeteredNetworkWhitelist(uid, isWhitelisted); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4278 | } else { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4279 | // All scenarios should have been covered above. |
Felipe Leme | 46c4fc3 | 2016-05-04 09:21:43 -0700 | [diff] [blame] | 4280 | Log.wtf(TAG, "Unexpected change of metered UID state for " + uid |
| 4281 | + ": foreground=" + isForeground |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4282 | + ", whitelisted=" + isWhitelisted |
| 4283 | + ", blacklisted=" + isBlacklisted |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 4284 | + ", isRestrictedByAdmin=" + isRestrictedByAdmin |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 4285 | + ", newRule=" + uidRulesToString(newUidRules) |
| 4286 | + ", oldRule=" + uidRulesToString(oldUidRules)); |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4287 | } |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4288 | |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4289 | // Dispatch changed rule to existing listeners. |
| 4290 | mHandler.obtainMessage(MSG_RULES_CHANGED, uid, newUidRules).sendToTarget(); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4291 | } |
| 4292 | } |
| 4293 | |
| 4294 | /** |
| 4295 | * Updates the power-related part of the {@link #mUidRules} for a given map, and notify external |
| 4296 | * listeners in case of change. |
| 4297 | * <p> |
| 4298 | * There are 3 power-related rules that affects whether an app has background access on |
| 4299 | * non-metered networks, and when the condition applies and the UID is not whitelisted for power |
| 4300 | * restriction, it's added to the equivalent firewall chain: |
| 4301 | * <ul> |
| 4302 | * <li>App is idle: {@code fw_standby} firewall chain. |
| 4303 | * <li>Device is idle: {@code fw_dozable} firewall chain. |
| 4304 | * <li>Battery Saver Mode is on: {@code fw_powersave} firewall chain. |
| 4305 | * </ul> |
| 4306 | * <p> |
| 4307 | * This method updates the power-related part of the {@link #mUidRules} for a given uid based on |
| 4308 | * these modes, the UID process state (foreground or not), and the UIDwhitelist state. |
| 4309 | * <p> |
| 4310 | * <strong>NOTE: </strong>This method does not update the firewall rules on {@code netd}. |
| 4311 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 4312 | @GuardedBy("mUidRulesFirstLock") |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4313 | private void updateRulesForPowerRestrictionsUL(int uid) { |
Amith Yamasani | 0938f2f | 2016-09-16 12:46:31 -0700 | [diff] [blame] | 4314 | final int oldUidRules = mUidRules.get(uid, RULE_NONE); |
| 4315 | |
Kweku Adams | df33ae1 | 2019-10-08 11:51:41 -0700 | [diff] [blame] | 4316 | final int newUidRules = updateRulesForPowerRestrictionsUL(uid, oldUidRules); |
Amith Yamasani | 0938f2f | 2016-09-16 12:46:31 -0700 | [diff] [blame] | 4317 | |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4318 | if (newUidRules == RULE_NONE) { |
Amith Yamasani | 0938f2f | 2016-09-16 12:46:31 -0700 | [diff] [blame] | 4319 | mUidRules.delete(uid); |
| 4320 | } else { |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4321 | mUidRules.put(uid, newUidRules); |
Amith Yamasani | 0938f2f | 2016-09-16 12:46:31 -0700 | [diff] [blame] | 4322 | } |
| 4323 | } |
| 4324 | |
| 4325 | /** |
| 4326 | * Similar to above but ignores idle state if app standby is currently disabled by parole. |
| 4327 | * |
| 4328 | * @param uid the uid of the app to update rules for |
| 4329 | * @param oldUidRules the current rules for the uid, in order to determine if there's a change |
Amith Yamasani | 0938f2f | 2016-09-16 12:46:31 -0700 | [diff] [blame] | 4330 | * |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4331 | * @return the new computed rules for the uid |
Amith Yamasani | 0938f2f | 2016-09-16 12:46:31 -0700 | [diff] [blame] | 4332 | */ |
Kweku Adams | df33ae1 | 2019-10-08 11:51:41 -0700 | [diff] [blame] | 4333 | private int updateRulesForPowerRestrictionsUL(int uid, int oldUidRules) { |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 4334 | if (Trace.isTagEnabled(Trace.TRACE_TAG_NETWORK)) { |
| 4335 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, |
Kweku Adams | df33ae1 | 2019-10-08 11:51:41 -0700 | [diff] [blame] | 4336 | "updateRulesForPowerRestrictionsUL: " + uid + "/" + oldUidRules); |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 4337 | } |
| 4338 | try { |
Kweku Adams | df33ae1 | 2019-10-08 11:51:41 -0700 | [diff] [blame] | 4339 | return updateRulesForPowerRestrictionsULInner(uid, oldUidRules); |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 4340 | } finally { |
| 4341 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 4342 | } |
| 4343 | } |
| 4344 | |
Kweku Adams | df33ae1 | 2019-10-08 11:51:41 -0700 | [diff] [blame] | 4345 | private int updateRulesForPowerRestrictionsULInner(int uid, int oldUidRules) { |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4346 | if (!isUidValidForBlacklistRules(uid)) { |
| 4347 | if (LOGD) Slog.d(TAG, "no need to update restrict power rules for uid " + uid); |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4348 | return RULE_NONE; |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 4349 | } |
Felipe Leme | f28983d | 2016-03-25 12:18:23 -0700 | [diff] [blame] | 4350 | |
Kweku Adams | df33ae1 | 2019-10-08 11:51:41 -0700 | [diff] [blame] | 4351 | final boolean isIdle = isUidIdle(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4352 | final boolean restrictMode = isIdle || mRestrictPower || mDeviceIdleMode; |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4353 | final boolean isForeground = isUidForegroundOnRestrictPowerUL(uid); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4354 | |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 4355 | final boolean isWhitelisted = isWhitelistedFromPowerSaveUL(uid, mDeviceIdleMode); |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4356 | final int oldRule = oldUidRules & MASK_ALL_NETWORKS; |
| 4357 | int newRule = RULE_NONE; |
| 4358 | |
| 4359 | // First step: define the new rule based on user restrictions and foreground state. |
| 4360 | |
| 4361 | // NOTE: if statements below could be inlined, but it's easier to understand the logic |
| 4362 | // by considering the foreground and non-foreground states. |
| 4363 | if (isForeground) { |
| 4364 | if (restrictMode) { |
| 4365 | newRule = RULE_ALLOW_ALL; |
| 4366 | } |
| 4367 | } else if (restrictMode) { |
| 4368 | newRule = isWhitelisted ? RULE_ALLOW_ALL : RULE_REJECT_ALL; |
| 4369 | } |
| 4370 | |
| 4371 | final int newUidRules = (oldUidRules & MASK_METERED_NETWORKS) | newRule; |
| 4372 | |
| 4373 | if (LOGV) { |
Felipe Leme | 88f40ad | 2016-08-10 13:00:32 -0700 | [diff] [blame] | 4374 | Log.v(TAG, "updateRulesForPowerRestrictionsUL(" + uid + ")" |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4375 | + ", isIdle: " + isIdle |
| 4376 | + ", mRestrictPower: " + mRestrictPower |
| 4377 | + ", mDeviceIdleMode: " + mDeviceIdleMode |
| 4378 | + ", isForeground=" + isForeground |
| 4379 | + ", isWhitelisted=" + isWhitelisted |
| 4380 | + ", oldRule=" + uidRulesToString(oldRule) |
| 4381 | + ", newRule=" + uidRulesToString(newRule) |
| 4382 | + ", newUidRules=" + uidRulesToString(newUidRules) |
| 4383 | + ", oldUidRules=" + uidRulesToString(oldUidRules)); |
| 4384 | } |
| 4385 | |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4386 | // Second step: notify listeners if state changed. |
| 4387 | if (newRule != oldRule) { |
Hugo Benichi | 2966c18 | 2017-03-28 17:17:13 +0900 | [diff] [blame] | 4388 | if (newRule == RULE_NONE || hasRule(newRule, RULE_ALLOW_ALL)) { |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 4389 | if (LOGV) Log.v(TAG, "Allowing non-metered access for UID " + uid); |
Hugo Benichi | 2966c18 | 2017-03-28 17:17:13 +0900 | [diff] [blame] | 4390 | } else if (hasRule(newRule, RULE_REJECT_ALL)) { |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 4391 | if (LOGV) Log.v(TAG, "Rejecting non-metered access for UID " + uid); |
| 4392 | } else { |
| 4393 | // All scenarios should have been covered above |
| 4394 | Log.wtf(TAG, "Unexpected change of non-metered UID state for " + uid |
| 4395 | + ": foreground=" + isForeground |
Felipe Leme | 781ba14 | 2016-05-09 16:24:48 -0700 | [diff] [blame] | 4396 | + ", whitelisted=" + isWhitelisted |
Felipe Leme | d31a97f | 2016-05-06 14:53:50 -0700 | [diff] [blame] | 4397 | + ", newRule=" + uidRulesToString(newUidRules) |
| 4398 | + ", oldRule=" + uidRulesToString(oldUidRules)); |
| 4399 | } |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4400 | mHandler.obtainMessage(MSG_RULES_CHANGED, uid, newUidRules).sendToTarget(); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4401 | } |
Amith Yamasani | 0938f2f | 2016-09-16 12:46:31 -0700 | [diff] [blame] | 4402 | |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4403 | return newUidRules; |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 4404 | } |
| 4405 | |
Christopher Tate | b909c4d5 | 2019-10-21 12:50:37 -0700 | [diff] [blame] | 4406 | private class NetPolicyAppIdleStateChangeListener extends AppIdleStateChangeListener { |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 4407 | @Override |
Amith Yamasani | 119be9a | 2018-02-18 22:23:00 -0800 | [diff] [blame] | 4408 | public void onAppIdleStateChanged(String packageName, int userId, boolean idle, int bucket, |
| 4409 | int reason) { |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 4410 | try { |
Jeff Sharkey | c5967e9 | 2016-01-07 18:50:29 -0700 | [diff] [blame] | 4411 | final int uid = mContext.getPackageManager().getPackageUidAsUser(packageName, |
| 4412 | PackageManager.MATCH_UNINSTALLED_PACKAGES, userId); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4413 | synchronized (mUidRulesFirstLock) { |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 4414 | mLogger.appIdleStateChanged(uid, idle); |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4415 | updateRuleForAppIdleUL(uid); |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4416 | updateRulesForPowerRestrictionsUL(uid); |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 4417 | } |
| 4418 | } catch (NameNotFoundException nnfe) { |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4419 | } |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 4420 | } |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4421 | } |
| 4422 | |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 4423 | private void dispatchUidRulesChanged(INetworkPolicyListener listener, int uid, int uidRules) { |
| 4424 | if (listener != null) { |
| 4425 | try { |
| 4426 | listener.onUidRulesChanged(uid, uidRules); |
| 4427 | } catch (RemoteException ignored) { |
| 4428 | } |
| 4429 | } |
| 4430 | } |
| 4431 | |
| 4432 | private void dispatchMeteredIfacesChanged(INetworkPolicyListener listener, |
| 4433 | String[] meteredIfaces) { |
| 4434 | if (listener != null) { |
| 4435 | try { |
| 4436 | listener.onMeteredIfacesChanged(meteredIfaces); |
| 4437 | } catch (RemoteException ignored) { |
| 4438 | } |
| 4439 | } |
| 4440 | } |
| 4441 | |
| 4442 | private void dispatchRestrictBackgroundChanged(INetworkPolicyListener listener, |
| 4443 | boolean restrictBackground) { |
| 4444 | if (listener != null) { |
| 4445 | try { |
| 4446 | listener.onRestrictBackgroundChanged(restrictBackground); |
| 4447 | } catch (RemoteException ignored) { |
| 4448 | } |
| 4449 | } |
| 4450 | } |
| 4451 | |
Felipe Leme | 0ecfcd1 | 2016-09-06 12:49:48 -0700 | [diff] [blame] | 4452 | private void dispatchUidPoliciesChanged(INetworkPolicyListener listener, int uid, |
| 4453 | int uidPolicies) { |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 4454 | if (listener != null) { |
| 4455 | try { |
Felipe Leme | 0ecfcd1 | 2016-09-06 12:49:48 -0700 | [diff] [blame] | 4456 | listener.onUidPoliciesChanged(uid, uidPolicies); |
Felipe Leme | 99d5d3d | 2016-05-16 13:30:57 -0700 | [diff] [blame] | 4457 | } catch (RemoteException ignored) { |
| 4458 | } |
| 4459 | } |
| 4460 | } |
| 4461 | |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 4462 | private void dispatchSubscriptionOverride(INetworkPolicyListener listener, int subId, |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 4463 | int overrideMask, int overrideValue) { |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 4464 | if (listener != null) { |
| 4465 | try { |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 4466 | listener.onSubscriptionOverride(subId, overrideMask, overrideValue); |
| 4467 | } catch (RemoteException ignored) { |
| 4468 | } |
| 4469 | } |
| 4470 | } |
| 4471 | |
| 4472 | private void dispatchSubscriptionPlansChanged(INetworkPolicyListener listener, int subId, |
| 4473 | SubscriptionPlan[] plans) { |
| 4474 | if (listener != null) { |
| 4475 | try { |
| 4476 | listener.onSubscriptionPlansChanged(subId, plans); |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 4477 | } catch (RemoteException ignored) { |
| 4478 | } |
| 4479 | } |
| 4480 | } |
| 4481 | |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 4482 | private final Handler.Callback mHandlerCallback = new Handler.Callback() { |
Jeff Sharkey | bfdd680 | 2012-04-09 10:49:19 -0700 | [diff] [blame] | 4483 | @Override |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 4484 | public boolean handleMessage(Message msg) { |
| 4485 | switch (msg.what) { |
| 4486 | case MSG_RULES_CHANGED: { |
| 4487 | final int uid = msg.arg1; |
| 4488 | final int uidRules = msg.arg2; |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4489 | final int length = mListeners.beginBroadcast(); |
| 4490 | for (int i = 0; i < length; i++) { |
| 4491 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
| 4492 | dispatchUidRulesChanged(listener, uid, uidRules); |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 4493 | } |
Sudheer Shanka | c9d9407 | 2017-02-22 22:13:55 +0000 | [diff] [blame] | 4494 | mListeners.finishBroadcast(); |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 4495 | return true; |
| 4496 | } |
| 4497 | case MSG_METERED_IFACES_CHANGED: { |
| 4498 | final String[] meteredIfaces = (String[]) msg.obj; |
| 4499 | final int length = mListeners.beginBroadcast(); |
| 4500 | for (int i = 0; i < length; i++) { |
| 4501 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 4502 | dispatchMeteredIfacesChanged(listener, meteredIfaces); |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 4503 | } |
| 4504 | mListeners.finishBroadcast(); |
| 4505 | return true; |
| 4506 | } |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 4507 | case MSG_LIMIT_REACHED: { |
| 4508 | final String iface = (String) msg.obj; |
| 4509 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4510 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 4511 | if (mMeteredIfaces.contains(iface)) { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 4512 | // force stats update to make sure we have |
| 4513 | // numbers that caused alert to trigger. |
| 4514 | mNetworkStats.forceUpdate(); |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 4515 | |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4516 | updateNetworkEnabledNL(); |
| 4517 | updateNotificationsNL(); |
Jeff Sharkey | 7e25b0e | 2011-11-08 15:43:12 -0800 | [diff] [blame] | 4518 | } |
| 4519 | } |
| 4520 | return true; |
| 4521 | } |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 4522 | case MSG_RESTRICT_BACKGROUND_CHANGED: { |
| 4523 | final boolean restrictBackground = msg.arg1 != 0; |
| 4524 | final int length = mListeners.beginBroadcast(); |
| 4525 | for (int i = 0; i < length; i++) { |
| 4526 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 4527 | dispatchRestrictBackgroundChanged(listener, restrictBackground); |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 4528 | } |
| 4529 | mListeners.finishBroadcast(); |
Felipe Leme | 9778f76 | 2016-01-27 14:46:39 -0800 | [diff] [blame] | 4530 | final Intent intent = |
| 4531 | new Intent(ConnectivityManager.ACTION_RESTRICT_BACKGROUND_CHANGED); |
| 4532 | intent.setFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); |
| 4533 | mContext.sendBroadcastAsUser(intent, UserHandle.ALL); |
| 4534 | return true; |
| 4535 | } |
Felipe Leme | 0ecfcd1 | 2016-09-06 12:49:48 -0700 | [diff] [blame] | 4536 | case MSG_POLICIES_CHANGED: { |
Felipe Leme | 9778f76 | 2016-01-27 14:46:39 -0800 | [diff] [blame] | 4537 | final int uid = msg.arg1; |
Felipe Leme | 0ecfcd1 | 2016-09-06 12:49:48 -0700 | [diff] [blame] | 4538 | final int policy = msg.arg2; |
Felipe Leme | 57e3d31 | 2016-08-23 14:42:52 -0700 | [diff] [blame] | 4539 | final Boolean notifyApp = (Boolean) msg.obj; |
Jeff Sharkey | 1b6519b | 2016-04-28 15:33:18 -0600 | [diff] [blame] | 4540 | // First notify internal listeners... |
Felipe Leme | 57e3d31 | 2016-08-23 14:42:52 -0700 | [diff] [blame] | 4541 | final int length = mListeners.beginBroadcast(); |
| 4542 | for (int i = 0; i < length; i++) { |
| 4543 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
Felipe Leme | 0ecfcd1 | 2016-09-06 12:49:48 -0700 | [diff] [blame] | 4544 | dispatchUidPoliciesChanged(listener, uid, policy); |
Felipe Leme | 99d5d3d | 2016-05-16 13:30:57 -0700 | [diff] [blame] | 4545 | } |
| 4546 | mListeners.finishBroadcast(); |
Felipe Leme | 57e3d31 | 2016-08-23 14:42:52 -0700 | [diff] [blame] | 4547 | // ...then apps listening to ACTION_RESTRICT_BACKGROUND_CHANGED |
| 4548 | if (notifyApp.booleanValue()) { |
| 4549 | broadcastRestrictBackgroundChanged(uid, notifyApp); |
| 4550 | } |
Felipe Leme | 99d5d3d | 2016-05-16 13:30:57 -0700 | [diff] [blame] | 4551 | return true; |
| 4552 | } |
Jeff Sharkey | e19f39b | 2012-05-24 10:21:16 -0700 | [diff] [blame] | 4553 | case MSG_ADVISE_PERSIST_THRESHOLD: { |
| 4554 | final long lowestRule = (Long) msg.obj; |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 4555 | // make sure stats are recorded frequently enough; we aim |
| 4556 | // for 2MB threshold for 2GB/month rules. |
| 4557 | final long persistThreshold = lowestRule / 1000; |
| 4558 | mNetworkStats.advisePersistThreshold(persistThreshold); |
Jeff Sharkey | e19f39b | 2012-05-24 10:21:16 -0700 | [diff] [blame] | 4559 | return true; |
Jeff Sharkey | 1f8ea2d | 2012-02-07 12:05:43 -0800 | [diff] [blame] | 4560 | } |
Amith Yamasani | 3646cbd | 2016-04-13 14:04:53 -0700 | [diff] [blame] | 4561 | case MSG_UPDATE_INTERFACE_QUOTA: { |
| 4562 | removeInterfaceQuota((String) msg.obj); |
| 4563 | // int params need to be stitched back into a long |
| 4564 | setInterfaceQuota((String) msg.obj, |
| 4565 | ((long) msg.arg1 << 32) | (msg.arg2 & 0xFFFFFFFFL)); |
| 4566 | return true; |
| 4567 | } |
| 4568 | case MSG_REMOVE_INTERFACE_QUOTA: { |
| 4569 | removeInterfaceQuota((String) msg.obj); |
| 4570 | return true; |
| 4571 | } |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 4572 | case MSG_RESET_FIREWALL_RULES_BY_UID: { |
| 4573 | resetUidFirewallRules(msg.arg1); |
| 4574 | return true; |
| 4575 | } |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 4576 | case MSG_SUBSCRIPTION_OVERRIDE: { |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 4577 | final int overrideMask = msg.arg1; |
| 4578 | final int overrideValue = msg.arg2; |
| 4579 | final int subId = (int) msg.obj; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 4580 | final int length = mListeners.beginBroadcast(); |
| 4581 | for (int i = 0; i < length; i++) { |
| 4582 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 4583 | dispatchSubscriptionOverride(listener, subId, overrideMask, overrideValue); |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 4584 | } |
| 4585 | mListeners.finishBroadcast(); |
| 4586 | return true; |
| 4587 | } |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 4588 | case MSG_METERED_RESTRICTED_PACKAGES_CHANGED: { |
| 4589 | final int userId = msg.arg1; |
| 4590 | final Set<String> packageNames = (Set<String>) msg.obj; |
| 4591 | setMeteredRestrictedPackagesInternal(packageNames, userId); |
| 4592 | return true; |
| 4593 | } |
Makoto Onuki | 3f1bf5f | 2018-04-04 15:29:00 -0700 | [diff] [blame] | 4594 | case MSG_SET_NETWORK_TEMPLATE_ENABLED: { |
| 4595 | final NetworkTemplate template = (NetworkTemplate) msg.obj; |
| 4596 | final boolean enabled = msg.arg1 != 0; |
| 4597 | setNetworkTemplateEnabledInner(template, enabled); |
| 4598 | return true; |
| 4599 | } |
Sarah Chin | 7af1fd0 | 2019-09-26 11:37:13 -0700 | [diff] [blame] | 4600 | case MSG_SUBSCRIPTION_PLANS_CHANGED: { |
| 4601 | final SubscriptionPlan[] plans = (SubscriptionPlan[]) msg.obj; |
| 4602 | final int subId = msg.arg1; |
| 4603 | final int length = mListeners.beginBroadcast(); |
| 4604 | for (int i = 0; i < length; i++) { |
| 4605 | final INetworkPolicyListener listener = mListeners.getBroadcastItem(i); |
| 4606 | dispatchSubscriptionPlansChanged(listener, subId, plans); |
| 4607 | } |
| 4608 | mListeners.finishBroadcast(); |
| 4609 | return true; |
| 4610 | } |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 4611 | default: { |
| 4612 | return false; |
Jeff Sharkey | af11d48 | 2011-06-13 00:14:31 -0700 | [diff] [blame] | 4613 | } |
| 4614 | } |
| 4615 | } |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 4616 | }; |
| 4617 | |
| 4618 | private final Handler.Callback mUidEventHandlerCallback = new Handler.Callback() { |
| 4619 | @Override |
| 4620 | public boolean handleMessage(Message msg) { |
| 4621 | switch (msg.what) { |
| 4622 | case UID_MSG_STATE_CHANGED: { |
| 4623 | final int uid = msg.arg1; |
| 4624 | final int procState = msg.arg2; |
| 4625 | final long procStateSeq = (Long) msg.obj; |
| 4626 | |
| 4627 | handleUidChanged(uid, procState, procStateSeq); |
| 4628 | return true; |
| 4629 | } |
| 4630 | case UID_MSG_GONE: { |
| 4631 | final int uid = msg.arg1; |
| 4632 | handleUidGone(uid); |
| 4633 | return true; |
| 4634 | } |
| 4635 | default: { |
| 4636 | return false; |
| 4637 | } |
| 4638 | } |
| 4639 | } |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 4640 | }; |
Jeff Sharkey | 22c055e | 2011-06-12 21:13:51 -0700 | [diff] [blame] | 4641 | |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 4642 | void handleUidChanged(int uid, int procState, long procStateSeq) { |
| 4643 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "onUidStateChanged"); |
| 4644 | try { |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 4645 | boolean updated; |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 4646 | synchronized (mUidRulesFirstLock) { |
| 4647 | // We received a uid state change callback, add it to the history so that it |
| 4648 | // will be useful for debugging. |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 4649 | mLogger.uidStateChanged(uid, procState, procStateSeq); |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 4650 | // Now update the network policy rules as per the updated uid state. |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 4651 | updated = updateUidStateUL(uid, procState); |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 4652 | // Updating the network rules is done, so notify AMS about this. |
| 4653 | mActivityManagerInternal.notifyNetworkPolicyRulesUpdated(uid, procStateSeq); |
| 4654 | } |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 4655 | // Do this without the lock held. handleUidChanged() and handleUidGone() are |
| 4656 | // called from the handler, so there's no multi-threading issue. |
| 4657 | if (updated) { |
| 4658 | updateNetworkStats(uid, isUidStateForeground(procState)); |
| 4659 | } |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 4660 | } finally { |
| 4661 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 4662 | } |
| 4663 | } |
| 4664 | |
| 4665 | void handleUidGone(int uid) { |
| 4666 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "onUidGone"); |
| 4667 | try { |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 4668 | boolean updated; |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 4669 | synchronized (mUidRulesFirstLock) { |
Amith Yamasani | d78542b | 2019-02-19 09:57:32 -0800 | [diff] [blame] | 4670 | updated = removeUidStateUL(uid); |
| 4671 | } |
| 4672 | // Do this without the lock held. handleUidChanged() and handleUidGone() are |
| 4673 | // called from the handler, so there's no multi-threading issue. |
| 4674 | if (updated) { |
| 4675 | updateNetworkStats(uid, false); |
Makoto Onuki | 8e77733 | 2017-03-28 11:25:47 -0700 | [diff] [blame] | 4676 | } |
| 4677 | } finally { |
| 4678 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
| 4679 | } |
| 4680 | } |
| 4681 | |
Felipe Leme | 57e3d31 | 2016-08-23 14:42:52 -0700 | [diff] [blame] | 4682 | private void broadcastRestrictBackgroundChanged(int uid, Boolean changed) { |
| 4683 | final PackageManager pm = mContext.getPackageManager(); |
| 4684 | final String[] packages = pm.getPackagesForUid(uid); |
| 4685 | if (packages != null) { |
| 4686 | final int userId = UserHandle.getUserId(uid); |
| 4687 | for (String packageName : packages) { |
| 4688 | final Intent intent = |
| 4689 | new Intent(ConnectivityManager.ACTION_RESTRICT_BACKGROUND_CHANGED); |
| 4690 | intent.setPackage(packageName); |
| 4691 | intent.setFlags(Intent.FLAG_RECEIVER_REGISTERED_ONLY); |
| 4692 | mContext.sendBroadcastAsUser(intent, UserHandle.of(userId)); |
| 4693 | } |
| 4694 | } |
| 4695 | } |
| 4696 | |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 4697 | private void setInterfaceQuotaAsync(String iface, long quotaBytes) { |
| 4698 | // long quotaBytes split up into two ints to fit in message |
| 4699 | mHandler.obtainMessage(MSG_UPDATE_INTERFACE_QUOTA, (int) (quotaBytes >> 32), |
| 4700 | (int) (quotaBytes & 0xFFFFFFFF), iface).sendToTarget(); |
| 4701 | } |
| 4702 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 4703 | private void setInterfaceQuota(String iface, long quotaBytes) { |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4704 | try { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 4705 | mNetworkManager.setInterfaceQuota(iface, quotaBytes); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4706 | } catch (IllegalStateException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 4707 | Log.wtf(TAG, "problem setting interface quota", e); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4708 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 4709 | // ignored; service lives in system_server |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4710 | } |
| 4711 | } |
| 4712 | |
Jeff Sharkey | 64c96ec | 2017-08-30 16:28:26 -0600 | [diff] [blame] | 4713 | private void removeInterfaceQuotaAsync(String iface) { |
| 4714 | mHandler.obtainMessage(MSG_REMOVE_INTERFACE_QUOTA, iface).sendToTarget(); |
| 4715 | } |
| 4716 | |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4717 | private void removeInterfaceQuota(String iface) { |
| 4718 | try { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 4719 | mNetworkManager.removeInterfaceQuota(iface); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4720 | } catch (IllegalStateException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 4721 | Log.wtf(TAG, "problem removing interface quota", e); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4722 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 4723 | // ignored; service lives in system_server |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 4724 | } |
| 4725 | } |
| 4726 | |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4727 | private void setMeteredNetworkBlacklist(int uid, boolean enable) { |
| 4728 | if (LOGV) Slog.v(TAG, "setMeteredNetworkBlacklist " + uid + ": " + enable); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4729 | try { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4730 | mNetworkManager.setUidMeteredNetworkBlacklist(uid, enable); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4731 | } catch (IllegalStateException e) { |
Felipe Leme | 70c57c2 | 2016-03-29 10:45:13 -0700 | [diff] [blame] | 4732 | Log.wtf(TAG, "problem setting blacklist (" + enable + ") rules for " + uid, e); |
| 4733 | } catch (RemoteException e) { |
| 4734 | // ignored; service lives in system_server |
| 4735 | } |
| 4736 | } |
| 4737 | |
| 4738 | private void setMeteredNetworkWhitelist(int uid, boolean enable) { |
| 4739 | if (LOGV) Slog.v(TAG, "setMeteredNetworkWhitelist " + uid + ": " + enable); |
| 4740 | try { |
| 4741 | mNetworkManager.setUidMeteredNetworkWhitelist(uid, enable); |
| 4742 | } catch (IllegalStateException e) { |
| 4743 | Log.wtf(TAG, "problem setting whitelist (" + enable + ") rules for " + uid, e); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4744 | } catch (RemoteException e) { |
Jeff Sharkey | b3d5957 | 2011-09-07 17:20:27 -0700 | [diff] [blame] | 4745 | // ignored; service lives in system_server |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 4746 | } |
| 4747 | } |
| 4748 | |
Felipe Leme | bc853dd | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 4749 | private static final int CHAIN_TOGGLE_NONE = 0; |
| 4750 | private static final int CHAIN_TOGGLE_ENABLE = 1; |
| 4751 | private static final int CHAIN_TOGGLE_DISABLE = 2; |
| 4752 | @Retention(RetentionPolicy.SOURCE) |
| 4753 | @IntDef(flag = false, value = { |
| 4754 | CHAIN_TOGGLE_NONE, |
| 4755 | CHAIN_TOGGLE_ENABLE, |
| 4756 | CHAIN_TOGGLE_DISABLE |
| 4757 | }) |
| 4758 | public @interface ChainToggleType { |
| 4759 | } |
| 4760 | |
| 4761 | /** |
Kweku Adams | df33ae1 | 2019-10-08 11:51:41 -0700 | [diff] [blame] | 4762 | * Calls {@link #setUidFirewallRulesUL(int, SparseIntArray)} and |
Sudheer Shanka | addebcc | 2017-10-03 09:43:20 -0700 | [diff] [blame] | 4763 | * {@link #enableFirewallChainUL(int, boolean)} synchronously. |
Felipe Leme | bc853dd | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 4764 | * |
| 4765 | * @param chain firewall chain. |
| 4766 | * @param uidRules new UID rules; if {@code null}, only toggles chain state. |
| 4767 | * @param toggle whether the chain should be enabled, disabled, or not changed. |
| 4768 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 4769 | @GuardedBy("mUidRulesFirstLock") |
Sudheer Shanka | addebcc | 2017-10-03 09:43:20 -0700 | [diff] [blame] | 4770 | private void setUidFirewallRulesUL(int chain, @Nullable SparseIntArray uidRules, |
Felipe Leme | bc853dd | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 4771 | @ChainToggleType int toggle) { |
Sudheer Shanka | addebcc | 2017-10-03 09:43:20 -0700 | [diff] [blame] | 4772 | if (uidRules != null) { |
| 4773 | setUidFirewallRulesUL(chain, uidRules); |
| 4774 | } |
| 4775 | if (toggle != CHAIN_TOGGLE_NONE) { |
| 4776 | enableFirewallChainUL(chain, toggle == CHAIN_TOGGLE_ENABLE); |
| 4777 | } |
Felipe Leme | bc853dd | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 4778 | } |
| 4779 | |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4780 | /** |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 4781 | * Set uid rules on a particular firewall chain. This is going to synchronize the rules given |
| 4782 | * here to netd. It will clean up dead rules and make sure the target chain only contains rules |
| 4783 | * specified here. |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4784 | */ |
Sudheer Shanka | addebcc | 2017-10-03 09:43:20 -0700 | [diff] [blame] | 4785 | private void setUidFirewallRulesUL(int chain, SparseIntArray uidRules) { |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4786 | try { |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 4787 | int size = uidRules.size(); |
| 4788 | int[] uids = new int[size]; |
| 4789 | int[] rules = new int[size]; |
| 4790 | for(int index = size - 1; index >= 0; --index) { |
| 4791 | uids[index] = uidRules.keyAt(index); |
| 4792 | rules[index] = uidRules.valueAt(index); |
| 4793 | } |
| 4794 | mNetworkManager.setFirewallUidRules(chain, uids, rules); |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 4795 | mLogger.firewallRulesChanged(chain, uids, rules); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 4796 | } catch (IllegalStateException e) { |
| 4797 | Log.wtf(TAG, "problem setting firewall uid rules", e); |
| 4798 | } catch (RemoteException e) { |
| 4799 | // ignored; service lives in system_server |
| 4800 | } |
| 4801 | } |
| 4802 | |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 4803 | /** |
| 4804 | * Add or remove a uid to the firewall blacklist for all network ifaces. |
| 4805 | */ |
Dianne Hackborn | 4a503b1 | 2015-08-06 22:19:06 -0700 | [diff] [blame] | 4806 | private void setUidFirewallRule(int chain, int uid, int rule) { |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 4807 | if (Trace.isTagEnabled(Trace.TRACE_TAG_NETWORK)) { |
| 4808 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, |
| 4809 | "setUidFirewallRule: " + chain + "/" + uid + "/" + rule); |
Jeff Sharkey | dc98806 | 2015-09-14 10:09:47 -0700 | [diff] [blame] | 4810 | } |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 4811 | try { |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 4812 | if (chain == FIREWALL_CHAIN_DOZABLE) { |
| 4813 | mUidFirewallDozableRules.put(uid, rule); |
| 4814 | } else if (chain == FIREWALL_CHAIN_STANDBY) { |
| 4815 | mUidFirewallStandbyRules.put(uid, rule); |
| 4816 | } else if (chain == FIREWALL_CHAIN_POWERSAVE) { |
| 4817 | mUidFirewallPowerSaveRules.put(uid, rule); |
| 4818 | } |
| 4819 | |
| 4820 | try { |
| 4821 | mNetworkManager.setFirewallUidRule(chain, uid, rule); |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 4822 | mLogger.uidFirewallRuleChanged(chain, uid, rule); |
Makoto Onuki | 0e6e3bd | 2017-03-20 14:53:00 -0700 | [diff] [blame] | 4823 | } catch (IllegalStateException e) { |
| 4824 | Log.wtf(TAG, "problem setting firewall uid rules", e); |
| 4825 | } catch (RemoteException e) { |
| 4826 | // ignored; service lives in system_server |
| 4827 | } |
| 4828 | } finally { |
| 4829 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 4830 | } |
| 4831 | } |
| 4832 | |
| 4833 | /** |
| 4834 | * Add or remove a uid to the firewall blacklist for all network ifaces. |
| 4835 | */ |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 4836 | @GuardedBy("mUidRulesFirstLock") |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 4837 | private void enableFirewallChainUL(int chain, boolean enable) { |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 4838 | if (mFirewallChainStates.indexOfKey(chain) >= 0 && |
| 4839 | mFirewallChainStates.get(chain) == enable) { |
| 4840 | // All is the same, nothing to do. |
| 4841 | return; |
| 4842 | } |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 4843 | mFirewallChainStates.put(chain, enable); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 4844 | try { |
| 4845 | mNetworkManager.setFirewallChainEnabled(chain, enable); |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 4846 | mLogger.firewallChainEnabled(chain, enable); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 4847 | } catch (IllegalStateException e) { |
| 4848 | Log.wtf(TAG, "problem enable firewall chain", e); |
| 4849 | } catch (RemoteException e) { |
| 4850 | // ignored; service lives in system_server |
| 4851 | } |
| 4852 | } |
| 4853 | |
Felipe Leme | 03e95e2 | 2016-09-09 09:25:31 -0700 | [diff] [blame] | 4854 | /** |
| 4855 | * Resets all firewall rules associated with an UID. |
| 4856 | */ |
| 4857 | private void resetUidFirewallRules(int uid) { |
| 4858 | try { |
| 4859 | mNetworkManager.setFirewallUidRule(FIREWALL_CHAIN_DOZABLE, uid, FIREWALL_RULE_DEFAULT); |
| 4860 | mNetworkManager.setFirewallUidRule(FIREWALL_CHAIN_STANDBY, uid, FIREWALL_RULE_DEFAULT); |
| 4861 | mNetworkManager |
| 4862 | .setFirewallUidRule(FIREWALL_CHAIN_POWERSAVE, uid, FIREWALL_RULE_DEFAULT); |
| 4863 | mNetworkManager.setUidMeteredNetworkWhitelist(uid, false); |
| 4864 | mNetworkManager.setUidMeteredNetworkBlacklist(uid, false); |
| 4865 | } catch (IllegalStateException e) { |
| 4866 | Log.wtf(TAG, "problem resetting firewall uid rules for " + uid, e); |
| 4867 | } catch (RemoteException e) { |
| 4868 | // ignored; service lives in system_server |
| 4869 | } |
| 4870 | } |
| 4871 | |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 4872 | @Deprecated |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 4873 | private long getTotalBytes(NetworkTemplate template, long start, long end) { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 4874 | return getNetworkTotalBytes(template, start, end); |
| 4875 | } |
| 4876 | |
| 4877 | private long getNetworkTotalBytes(NetworkTemplate template, long start, long end) { |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 4878 | try { |
Jeff Sharkey | b52e3e5 | 2012-04-06 11:12:08 -0700 | [diff] [blame] | 4879 | return mNetworkStats.getNetworkTotalBytes(template, start, end); |
Jeff Sharkey | 63abc37 | 2012-01-11 18:38:16 -0800 | [diff] [blame] | 4880 | } catch (RuntimeException e) { |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 4881 | Slog.w(TAG, "Failed to read network stats: " + e); |
Jeff Sharkey | 63abc37 | 2012-01-11 18:38:16 -0800 | [diff] [blame] | 4882 | return 0; |
Jeff Sharkey | e0c2995 | 2018-02-20 17:24:55 -0700 | [diff] [blame] | 4883 | } |
| 4884 | } |
| 4885 | |
| 4886 | private NetworkStats getNetworkUidBytes(NetworkTemplate template, long start, long end) { |
| 4887 | try { |
| 4888 | return mNetworkStats.getNetworkUidBytes(template, start, end); |
| 4889 | } catch (RuntimeException e) { |
| 4890 | Slog.w(TAG, "Failed to read network stats: " + e); |
| 4891 | return new NetworkStats(SystemClock.elapsedRealtime(), 0); |
Jeff Sharkey | 8e28b7d | 2011-08-19 02:24:24 -0700 | [diff] [blame] | 4892 | } |
| 4893 | } |
| 4894 | |
Jeff Sharkey | 8c1dc72 | 2012-05-04 14:49:37 -0700 | [diff] [blame] | 4895 | private boolean isBandwidthControlEnabled() { |
| 4896 | final long token = Binder.clearCallingIdentity(); |
| 4897 | try { |
| 4898 | return mNetworkManager.isBandwidthControlEnabled(); |
| 4899 | } catch (RemoteException e) { |
| 4900 | // ignored; service lives in system_server |
| 4901 | return false; |
| 4902 | } finally { |
| 4903 | Binder.restoreCallingIdentity(token); |
| 4904 | } |
| 4905 | } |
| 4906 | |
Jeff Sharkey | 3a844fc | 2011-08-16 14:37:57 -0700 | [diff] [blame] | 4907 | private static Intent buildAllowBackgroundDataIntent() { |
| 4908 | return new Intent(ACTION_ALLOW_BACKGROUND); |
| 4909 | } |
| 4910 | |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 4911 | private static Intent buildSnoozeWarningIntent(NetworkTemplate template) { |
| 4912 | final Intent intent = new Intent(ACTION_SNOOZE_WARNING); |
Jeff Sharkey | bfb43ea | 2018-02-03 12:08:16 -0700 | [diff] [blame] | 4913 | intent.addFlags(Intent.FLAG_RECEIVER_FOREGROUND); |
| 4914 | intent.putExtra(EXTRA_NETWORK_TEMPLATE, template); |
| 4915 | return intent; |
| 4916 | } |
| 4917 | |
| 4918 | private static Intent buildSnoozeRapidIntent(NetworkTemplate template) { |
| 4919 | final Intent intent = new Intent(ACTION_SNOOZE_RAPID); |
| 4920 | intent.addFlags(Intent.FLAG_RECEIVER_FOREGROUND); |
Jeff Sharkey | 0e2e5f8 | 2012-02-02 16:02:51 -0800 | [diff] [blame] | 4921 | intent.putExtra(EXTRA_NETWORK_TEMPLATE, template); |
| 4922 | return intent; |
| 4923 | } |
| 4924 | |
Wei Liu | 546cb77 | 2016-07-21 16:19:01 -0700 | [diff] [blame] | 4925 | private static Intent buildNetworkOverLimitIntent(Resources res, NetworkTemplate template) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 4926 | final Intent intent = new Intent(); |
Wei Liu | 546cb77 | 2016-07-21 16:19:01 -0700 | [diff] [blame] | 4927 | intent.setComponent(ComponentName.unflattenFromString( |
| 4928 | res.getString(R.string.config_networkOverLimitComponent))); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 4929 | intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); |
| 4930 | intent.putExtra(EXTRA_NETWORK_TEMPLATE, template); |
| 4931 | return intent; |
| 4932 | } |
| 4933 | |
Wei Liu | 546cb77 | 2016-07-21 16:19:01 -0700 | [diff] [blame] | 4934 | private static Intent buildViewDataUsageIntent(Resources res, NetworkTemplate template) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 4935 | final Intent intent = new Intent(); |
Wei Liu | 546cb77 | 2016-07-21 16:19:01 -0700 | [diff] [blame] | 4936 | intent.setComponent(ComponentName.unflattenFromString( |
| 4937 | res.getString(R.string.config_dataUsageSummaryComponent))); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 4938 | intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); |
| 4939 | intent.putExtra(EXTRA_NETWORK_TEMPLATE, template); |
| 4940 | return intent; |
| 4941 | } |
| 4942 | |
Jeff Sharkey | 8b2c3a14 | 2012-11-12 11:45:05 -0800 | [diff] [blame] | 4943 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 4944 | void addIdleHandler(IdleHandler handler) { |
Jeff Sharkey | 163e644 | 2011-10-31 16:37:52 -0700 | [diff] [blame] | 4945 | mHandler.getLooper().getQueue().addIdleHandler(handler); |
| 4946 | } |
| 4947 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 4948 | @GuardedBy("mUidRulesFirstLock") |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 4949 | @VisibleForTesting |
Sudheer Shanka | 8ab2299 | 2018-11-29 00:08:58 -0800 | [diff] [blame] | 4950 | void updateRestrictBackgroundByLowPowerModeUL(final PowerSaveState result) { |
Kweku Adams | 25fa3a7 | 2019-07-12 17:00:17 -0700 | [diff] [blame] | 4951 | if (mRestrictBackgroundLowPowerMode == result.batterySaverEnabled) { |
| 4952 | // Nothing changed. Nothing to do. |
| 4953 | return; |
| 4954 | } |
| 4955 | mRestrictBackgroundLowPowerMode = result.batterySaverEnabled; |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 4956 | |
Kweku Adams | 25fa3a7 | 2019-07-12 17:00:17 -0700 | [diff] [blame] | 4957 | boolean restrictBackground = mRestrictBackgroundLowPowerMode; |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 4958 | boolean shouldInvokeRestrictBackground; |
Kweku Adams | 25fa3a7 | 2019-07-12 17:00:17 -0700 | [diff] [blame] | 4959 | // store the temporary mRestrictBackgroundChangedInBsm and update it at the end. |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 4960 | boolean localRestrictBgChangedInBsm = mRestrictBackgroundChangedInBsm; |
| 4961 | |
Kweku Adams | 25fa3a7 | 2019-07-12 17:00:17 -0700 | [diff] [blame] | 4962 | if (mRestrictBackgroundLowPowerMode) { |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 4963 | // Try to turn on restrictBackground if (1) it is off and (2) batter saver need to |
| 4964 | // turn it on. |
Kweku Adams | 25fa3a7 | 2019-07-12 17:00:17 -0700 | [diff] [blame] | 4965 | shouldInvokeRestrictBackground = !mRestrictBackground; |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 4966 | mRestrictBackgroundBeforeBsm = mRestrictBackground; |
| 4967 | localRestrictBgChangedInBsm = false; |
| 4968 | } else { |
| 4969 | // Try to restore the restrictBackground if it doesn't change in bsm |
| 4970 | shouldInvokeRestrictBackground = !mRestrictBackgroundChangedInBsm; |
| 4971 | restrictBackground = mRestrictBackgroundBeforeBsm; |
| 4972 | } |
| 4973 | |
| 4974 | if (shouldInvokeRestrictBackground) { |
Sudheer Shanka | 543339f | 2017-07-28 15:18:07 -0700 | [diff] [blame] | 4975 | setRestrictBackgroundUL(restrictBackground); |
jackqdyulei | 29c82ab | 2017-03-10 14:09:16 -0800 | [diff] [blame] | 4976 | } |
| 4977 | |
| 4978 | // Change it at last so setRestrictBackground() won't affect this variable |
| 4979 | mRestrictBackgroundChangedInBsm = localRestrictBgChangedInBsm; |
| 4980 | } |
| 4981 | |
Jeff Sharkey | 1b86127 | 2011-05-22 00:34:52 -0700 | [diff] [blame] | 4982 | private static void collectKeys(SparseIntArray source, SparseBooleanArray target) { |
| 4983 | final int size = source.size(); |
| 4984 | for (int i = 0; i < size; i++) { |
| 4985 | target.put(source.keyAt(i), true); |
| 4986 | } |
| 4987 | } |
| 4988 | |
Stuart Scott | f1fb397 | 2015-04-02 18:00:02 -0700 | [diff] [blame] | 4989 | @Override |
| 4990 | public void factoryReset(String subscriber) { |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 4991 | mContext.enforceCallingOrSelfPermission(NETWORK_SETTINGS, TAG); |
Stuart Scott | f1fb397 | 2015-04-02 18:00:02 -0700 | [diff] [blame] | 4992 | |
Stuart Scott | e3e314d | 2015-04-20 14:07:45 -0700 | [diff] [blame] | 4993 | if (mUserManager.hasUserRestriction(UserManager.DISALLOW_NETWORK_RESET)) { |
| 4994 | return; |
| 4995 | } |
| 4996 | |
Stuart Scott | f1fb397 | 2015-04-02 18:00:02 -0700 | [diff] [blame] | 4997 | // Turn mobile data limit off |
Stuart Scott | 9a9a1d9 | 2015-04-20 11:33:06 -0700 | [diff] [blame] | 4998 | NetworkPolicy[] policies = getNetworkPolicies(mContext.getOpPackageName()); |
Stuart Scott | f1fb397 | 2015-04-02 18:00:02 -0700 | [diff] [blame] | 4999 | NetworkTemplate template = NetworkTemplate.buildTemplateMobileAll(subscriber); |
| 5000 | for (NetworkPolicy policy : policies) { |
| 5001 | if (policy.template.equals(template)) { |
| 5002 | policy.limitBytes = NetworkPolicy.LIMIT_DISABLED; |
| 5003 | policy.inferred = false; |
| 5004 | policy.clearSnooze(); |
| 5005 | } |
| 5006 | } |
| 5007 | setNetworkPolicies(policies); |
| 5008 | |
| 5009 | // Turn restrict background data off |
| 5010 | setRestrictBackground(false); |
| 5011 | |
Stuart Scott | e3e314d | 2015-04-20 14:07:45 -0700 | [diff] [blame] | 5012 | if (!mUserManager.hasUserRestriction(UserManager.DISALLOW_APPS_CONTROL)) { |
| 5013 | // Remove app's "restrict background data" flag |
| 5014 | for (int uid : getUidsWithPolicy(POLICY_REJECT_METERED_BACKGROUND)) { |
| 5015 | setUidPolicy(uid, POLICY_NONE); |
| 5016 | } |
Stuart Scott | f1fb397 | 2015-04-02 18:00:02 -0700 | [diff] [blame] | 5017 | } |
| 5018 | } |
Felipe Leme | b85a637 | 2016-01-14 16:16:16 -0800 | [diff] [blame] | 5019 | |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5020 | @Override |
| 5021 | public boolean isUidNetworkingBlocked(int uid, boolean isNetworkMetered) { |
Makoto Onuki | 49392d3 | 2018-04-11 13:51:02 -0700 | [diff] [blame] | 5022 | final long startTime = mStatLogger.getTime(); |
| 5023 | |
paulhu | a6af6b6 | 2019-08-12 16:25:11 +0800 | [diff] [blame] | 5024 | mContext.enforceCallingOrSelfPermission(OBSERVE_NETWORK_POLICY, TAG); |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5025 | final int uidRules; |
| 5026 | final boolean isBackgroundRestricted; |
| 5027 | synchronized (mUidRulesFirstLock) { |
| 5028 | uidRules = mUidRules.get(uid, RULE_NONE); |
| 5029 | isBackgroundRestricted = mRestrictBackground; |
| 5030 | } |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 5031 | final boolean ret = isUidNetworkingBlockedInternal(uid, uidRules, isNetworkMetered, |
| 5032 | isBackgroundRestricted, mLogger); |
| 5033 | |
| 5034 | mStatLogger.logDurationStat(Stats.IS_UID_NETWORKING_BLOCKED, startTime); |
| 5035 | |
| 5036 | return ret; |
| 5037 | } |
| 5038 | |
| 5039 | private static boolean isSystem(int uid) { |
| 5040 | return uid < Process.FIRST_APPLICATION_UID; |
| 5041 | } |
| 5042 | |
| 5043 | static boolean isUidNetworkingBlockedInternal(int uid, int uidRules, boolean isNetworkMetered, |
| 5044 | boolean isBackgroundRestricted, @Nullable NetworkPolicyLogger logger) { |
| 5045 | final int reason; |
| 5046 | // Networks are never blocked for system components |
| 5047 | if (isSystem(uid)) { |
| 5048 | reason = NTWK_ALLOWED_SYSTEM; |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5049 | } |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 5050 | else if (hasRule(uidRules, RULE_REJECT_ALL)) { |
| 5051 | reason = NTWK_BLOCKED_POWER; |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5052 | } |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 5053 | else if (!isNetworkMetered) { |
| 5054 | reason = NTWK_ALLOWED_NON_METERED; |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5055 | } |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 5056 | else if (hasRule(uidRules, RULE_REJECT_METERED)) { |
| 5057 | reason = NTWK_BLOCKED_BLACKLIST; |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5058 | } |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 5059 | else if (hasRule(uidRules, RULE_ALLOW_METERED)) { |
| 5060 | reason = NTWK_ALLOWED_WHITELIST; |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5061 | } |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 5062 | else if (hasRule(uidRules, RULE_TEMPORARY_ALLOW_METERED)) { |
| 5063 | reason = NTWK_ALLOWED_TMP_WHITELIST; |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5064 | } |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 5065 | else if (isBackgroundRestricted) { |
| 5066 | reason = NTWK_BLOCKED_BG_RESTRICT; |
| 5067 | } |
| 5068 | else { |
| 5069 | reason = NTWK_ALLOWED_DEFAULT; |
| 5070 | } |
| 5071 | |
| 5072 | final boolean blocked; |
| 5073 | switch(reason) { |
| 5074 | case NTWK_ALLOWED_DEFAULT: |
| 5075 | case NTWK_ALLOWED_NON_METERED: |
| 5076 | case NTWK_ALLOWED_TMP_WHITELIST: |
| 5077 | case NTWK_ALLOWED_WHITELIST: |
| 5078 | case NTWK_ALLOWED_SYSTEM: |
| 5079 | blocked = false; |
| 5080 | break; |
| 5081 | case NTWK_BLOCKED_POWER: |
| 5082 | case NTWK_BLOCKED_BLACKLIST: |
| 5083 | case NTWK_BLOCKED_BG_RESTRICT: |
| 5084 | blocked = true; |
| 5085 | break; |
| 5086 | default: |
| 5087 | throw new IllegalArgumentException(); |
| 5088 | } |
| 5089 | if (logger != null) { |
| 5090 | logger.networkBlocked(uid, reason); |
| 5091 | } |
| 5092 | |
| 5093 | return blocked; |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5094 | } |
| 5095 | |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 5096 | private class NetworkPolicyManagerInternalImpl extends NetworkPolicyManagerInternal { |
| 5097 | |
| 5098 | @Override |
| 5099 | public void resetUserState(int userId) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 5100 | synchronized (mUidRulesFirstLock) { |
| 5101 | boolean changed = removeUserStateUL(userId, false); |
| 5102 | changed = addDefaultRestrictBackgroundWhitelistUidsUL(userId) || changed; |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 5103 | if (changed) { |
Felipe Leme | f082385 | 2016-06-08 13:43:08 -0700 | [diff] [blame] | 5104 | synchronized (mNetworkPoliciesSecondLock) { |
| 5105 | writePolicyAL(); |
| 5106 | } |
Felipe Leme | d17fda4 | 2016-04-29 11:12:45 -0700 | [diff] [blame] | 5107 | } |
| 5108 | } |
| 5109 | } |
Hugo Benichi | 938ab4f | 2017-02-11 17:04:43 +0900 | [diff] [blame] | 5110 | |
| 5111 | /** |
| 5112 | * @return true if the given uid is restricted from doing networking on metered networks. |
| 5113 | */ |
| 5114 | @Override |
| 5115 | public boolean isUidRestrictedOnMeteredNetworks(int uid) { |
| 5116 | final int uidRules; |
| 5117 | final boolean isBackgroundRestricted; |
| 5118 | synchronized (mUidRulesFirstLock) { |
| 5119 | uidRules = mUidRules.get(uid, RULE_ALLOW_ALL); |
| 5120 | isBackgroundRestricted = mRestrictBackground; |
| 5121 | } |
| 5122 | return isBackgroundRestricted |
| 5123 | && !hasRule(uidRules, RULE_ALLOW_METERED) |
| 5124 | && !hasRule(uidRules, RULE_TEMPORARY_ALLOW_METERED); |
| 5125 | } |
| 5126 | |
| 5127 | /** |
| 5128 | * @return true if networking is blocked on the given interface for the given uid according |
| 5129 | * to current networking policies. |
| 5130 | */ |
| 5131 | @Override |
| 5132 | public boolean isUidNetworkingBlocked(int uid, String ifname) { |
Makoto Onuki | 49392d3 | 2018-04-11 13:51:02 -0700 | [diff] [blame] | 5133 | final long startTime = mStatLogger.getTime(); |
| 5134 | |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 5135 | final int uidRules; |
| 5136 | final boolean isBackgroundRestricted; |
| 5137 | synchronized (mUidRulesFirstLock) { |
| 5138 | uidRules = mUidRules.get(uid, RULE_NONE); |
| 5139 | isBackgroundRestricted = mRestrictBackground; |
| 5140 | } |
Hugo Benichi | 938ab4f | 2017-02-11 17:04:43 +0900 | [diff] [blame] | 5141 | final boolean isNetworkMetered; |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 5142 | synchronized (mNetworkPoliciesSecondLock) { |
| 5143 | isNetworkMetered = mMeteredIfaces.contains(ifname); |
Hugo Benichi | 938ab4f | 2017-02-11 17:04:43 +0900 | [diff] [blame] | 5144 | } |
junyulai | 05986c6 | 2018-08-07 19:50:45 +0800 | [diff] [blame] | 5145 | final boolean ret = isUidNetworkingBlockedInternal(uid, uidRules, isNetworkMetered, |
| 5146 | isBackgroundRestricted, mLogger); |
Makoto Onuki | 49392d3 | 2018-04-11 13:51:02 -0700 | [diff] [blame] | 5147 | |
| 5148 | mStatLogger.logDurationStat(Stats.IS_UID_NETWORKING_BLOCKED, startTime); |
| 5149 | |
| 5150 | return ret; |
Hugo Benichi | 938ab4f | 2017-02-11 17:04:43 +0900 | [diff] [blame] | 5151 | } |
Sudheer Shanka | f34f3ec | 2017-08-03 11:02:56 -0700 | [diff] [blame] | 5152 | |
| 5153 | @Override |
| 5154 | public void onTempPowerSaveWhitelistChange(int appId, boolean added) { |
| 5155 | synchronized (mUidRulesFirstLock) { |
Sudheer Shanka | 352dc57 | 2017-09-22 17:09:38 -0700 | [diff] [blame] | 5156 | mLogger.tempPowerSaveWlChanged(appId, added); |
Sudheer Shanka | f34f3ec | 2017-08-03 11:02:56 -0700 | [diff] [blame] | 5157 | if (added) { |
| 5158 | mPowerSaveTempWhitelistAppIds.put(appId, true); |
| 5159 | } else { |
| 5160 | mPowerSaveTempWhitelistAppIds.delete(appId); |
| 5161 | } |
| 5162 | updateRulesForTempWhitelistChangeUL(appId); |
| 5163 | } |
| 5164 | } |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 5165 | |
| 5166 | @Override |
| 5167 | public SubscriptionPlan getSubscriptionPlan(Network network) { |
| 5168 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 5169 | final int subId = getSubIdLocked(network); |
| 5170 | return getPrimarySubscriptionPlanLocked(subId); |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 5171 | } |
| 5172 | } |
| 5173 | |
| 5174 | @Override |
Jeff Sharkey | 146bb33 | 2018-04-18 15:42:57 -0600 | [diff] [blame] | 5175 | public SubscriptionPlan getSubscriptionPlan(NetworkTemplate template) { |
| 5176 | synchronized (mNetworkPoliciesSecondLock) { |
| 5177 | final int subId = findRelevantSubIdNL(template); |
| 5178 | return getPrimarySubscriptionPlanLocked(subId); |
| 5179 | } |
| 5180 | } |
| 5181 | |
| 5182 | @Override |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 5183 | public long getSubscriptionOpportunisticQuota(Network network, int quotaType) { |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 5184 | final long quotaBytes; |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 5185 | synchronized (mNetworkPoliciesSecondLock) { |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 5186 | quotaBytes = mSubscriptionOpportunisticQuota.get(getSubIdLocked(network), |
Remi NGUYEN VAN | 5a89f94 | 2018-03-30 21:17:42 +0900 | [diff] [blame] | 5187 | OPPORTUNISTIC_QUOTA_UNKNOWN); |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 5188 | } |
Jeff Sharkey | 36b414b | 2018-03-30 11:00:03 -0600 | [diff] [blame] | 5189 | if (quotaBytes == OPPORTUNISTIC_QUOTA_UNKNOWN) { |
| 5190 | return OPPORTUNISTIC_QUOTA_UNKNOWN; |
| 5191 | } |
| 5192 | |
| 5193 | if (quotaType == QUOTA_TYPE_JOBS) { |
| 5194 | return (long) (quotaBytes * Settings.Global.getFloat(mContext.getContentResolver(), |
| 5195 | NETPOLICY_QUOTA_FRAC_JOBS, QUOTA_FRAC_JOBS_DEFAULT)); |
| 5196 | } else if (quotaType == QUOTA_TYPE_MULTIPATH) { |
| 5197 | return (long) (quotaBytes * Settings.Global.getFloat(mContext.getContentResolver(), |
| 5198 | NETPOLICY_QUOTA_FRAC_MULTIPATH, QUOTA_FRAC_MULTIPATH_DEFAULT)); |
| 5199 | } else { |
| 5200 | return OPPORTUNISTIC_QUOTA_UNKNOWN; |
| 5201 | } |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 5202 | } |
Sudheer Shanka | c53c47f | 2018-01-16 12:01:00 -0800 | [diff] [blame] | 5203 | |
| 5204 | @Override |
| 5205 | public void onAdminDataAvailable() { |
| 5206 | mAdminDataAvailableLatch.countDown(); |
| 5207 | } |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 5208 | |
| 5209 | @Override |
Kweku Adams | a9e55bc | 2018-11-19 14:59:15 -0800 | [diff] [blame] | 5210 | public void setAppIdleWhitelist(int uid, boolean shouldWhitelist) { |
| 5211 | NetworkPolicyManagerService.this.setAppIdleWhitelist(uid, shouldWhitelist); |
| 5212 | } |
| 5213 | |
| 5214 | @Override |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 5215 | public void setMeteredRestrictedPackages(Set<String> packageNames, int userId) { |
| 5216 | setMeteredRestrictedPackagesInternal(packageNames, userId); |
| 5217 | } |
| 5218 | |
| 5219 | @Override |
| 5220 | public void setMeteredRestrictedPackagesAsync(Set<String> packageNames, int userId) { |
| 5221 | mHandler.obtainMessage(MSG_METERED_RESTRICTED_PACKAGES_CHANGED, |
| 5222 | userId, 0, packageNames).sendToTarget(); |
| 5223 | } |
| 5224 | } |
| 5225 | |
| 5226 | private void setMeteredRestrictedPackagesInternal(Set<String> packageNames, int userId) { |
| 5227 | synchronized (mUidRulesFirstLock) { |
| 5228 | final Set<Integer> newRestrictedUids = new ArraySet<>(); |
| 5229 | for (String packageName : packageNames) { |
| 5230 | final int uid = getUidForPackage(packageName, userId); |
| 5231 | if (uid >= 0) { |
| 5232 | newRestrictedUids.add(uid); |
| 5233 | } |
| 5234 | } |
| 5235 | final Set<Integer> oldRestrictedUids = mMeteredRestrictedUids.get(userId); |
| 5236 | mMeteredRestrictedUids.put(userId, newRestrictedUids); |
| 5237 | handleRestrictedPackagesChangeUL(oldRestrictedUids, newRestrictedUids); |
| 5238 | mLogger.meteredRestrictedPkgsChanged(newRestrictedUids); |
| 5239 | } |
| 5240 | } |
| 5241 | |
| 5242 | private int getUidForPackage(String packageName, int userId) { |
| 5243 | try { |
| 5244 | return mContext.getPackageManager().getPackageUidAsUser(packageName, |
| 5245 | PackageManager.MATCH_KNOWN_PACKAGES, userId); |
| 5246 | } catch (NameNotFoundException e) { |
| 5247 | return -1; |
| 5248 | } |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 5249 | } |
| 5250 | |
| 5251 | private int parseSubId(NetworkState state) { |
| 5252 | // TODO: moved to using a legitimate NetworkSpecifier instead of string parsing |
| 5253 | int subId = INVALID_SUBSCRIPTION_ID; |
| 5254 | if (state != null && state.networkCapabilities != null |
| 5255 | && state.networkCapabilities.hasTransport(TRANSPORT_CELLULAR)) { |
| 5256 | NetworkSpecifier spec = state.networkCapabilities.getNetworkSpecifier(); |
| 5257 | if (spec instanceof StringNetworkSpecifier) { |
| 5258 | try { |
| 5259 | subId = Integer.parseInt(((StringNetworkSpecifier) spec).specifier); |
| 5260 | } catch (NumberFormatException e) { |
| 5261 | } |
| 5262 | } |
| 5263 | } |
| 5264 | return subId; |
| 5265 | } |
| 5266 | |
Andreas Gampe | a36dc62 | 2018-02-05 17:19:22 -0800 | [diff] [blame] | 5267 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 9252b34 | 2018-01-19 07:58:35 +0900 | [diff] [blame] | 5268 | private int getSubIdLocked(Network network) { |
| 5269 | return mNetIdToSubId.get(network.netId, INVALID_SUBSCRIPTION_ID); |
Hugo Benichi | 938ab4f | 2017-02-11 17:04:43 +0900 | [diff] [blame] | 5270 | } |
| 5271 | |
Andreas Gampe | a36dc62 | 2018-02-05 17:19:22 -0800 | [diff] [blame] | 5272 | @GuardedBy("mNetworkPoliciesSecondLock") |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 5273 | private SubscriptionPlan getPrimarySubscriptionPlanLocked(int subId) { |
| 5274 | final SubscriptionPlan[] plans = mSubscriptionPlans.get(subId); |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 5275 | if (!ArrayUtils.isEmpty(plans)) { |
| 5276 | for (SubscriptionPlan plan : plans) { |
| 5277 | if (plan.getCycleRule().isRecurring()) { |
| 5278 | // Recurring plans will always have an active cycle |
| 5279 | return plan; |
| 5280 | } else { |
| 5281 | // Non-recurring plans need manual test for active cycle |
| 5282 | final Range<ZonedDateTime> cycle = plan.cycleIterator().next(); |
| 5283 | if (cycle.contains(ZonedDateTime.now(mClock))) { |
| 5284 | return plan; |
| 5285 | } |
| 5286 | } |
| 5287 | } |
| 5288 | } |
| 5289 | return null; |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 5290 | } |
| 5291 | |
Sudheer Shanka | c53c47f | 2018-01-16 12:01:00 -0800 | [diff] [blame] | 5292 | /** |
| 5293 | * This will only ever be called once - during device boot. |
| 5294 | */ |
| 5295 | private void waitForAdminData() { |
| 5296 | if (mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_DEVICE_ADMIN)) { |
| 5297 | ConcurrentUtils.waitForCountDownNoInterrupt(mAdminDataAvailableLatch, |
| 5298 | WAIT_FOR_ADMIN_DATA_TIMEOUT_MS, "Wait for admin data"); |
| 5299 | } |
| 5300 | } |
| 5301 | |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 5302 | private void handleRestrictedPackagesChangeUL(Set<Integer> oldRestrictedUids, |
| 5303 | Set<Integer> newRestrictedUids) { |
Sudheer Shanka | 1536fb6 | 2018-07-05 11:52:36 -0700 | [diff] [blame] | 5304 | if (!mNetworkManagerReady) { |
| 5305 | return; |
| 5306 | } |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 5307 | if (oldRestrictedUids == null) { |
| 5308 | for (int uid : newRestrictedUids) { |
| 5309 | updateRulesForDataUsageRestrictionsUL(uid); |
| 5310 | } |
| 5311 | return; |
| 5312 | } |
| 5313 | for (int uid : oldRestrictedUids) { |
| 5314 | if (!newRestrictedUids.contains(uid)) { |
| 5315 | updateRulesForDataUsageRestrictionsUL(uid); |
| 5316 | } |
| 5317 | } |
| 5318 | for (int uid : newRestrictedUids) { |
| 5319 | if (!oldRestrictedUids.contains(uid)) { |
| 5320 | updateRulesForDataUsageRestrictionsUL(uid); |
| 5321 | } |
| 5322 | } |
| 5323 | } |
| 5324 | |
Andreas Gampe | aae5aa3 | 2018-07-20 12:55:38 -0700 | [diff] [blame] | 5325 | @GuardedBy("mUidRulesFirstLock") |
Sudheer Shanka | 04d61ae | 2018-01-17 12:16:57 -0800 | [diff] [blame] | 5326 | private boolean isRestrictedByAdminUL(int uid) { |
| 5327 | final Set<Integer> restrictedUids = mMeteredRestrictedUids.get( |
| 5328 | UserHandle.getUserId(uid)); |
| 5329 | return restrictedUids != null && restrictedUids.contains(uid); |
| 5330 | } |
| 5331 | |
Hugo Benichi | 938ab4f | 2017-02-11 17:04:43 +0900 | [diff] [blame] | 5332 | private static boolean hasRule(int uidRules, int rule) { |
| 5333 | return (uidRules & rule) != 0; |
| 5334 | } |
| 5335 | |
Jeff Sharkey | 2e47145 | 2018-01-19 18:02:47 +0900 | [diff] [blame] | 5336 | private static @NonNull NetworkState[] defeatNullable(@Nullable NetworkState[] val) { |
| 5337 | return (val != null) ? val : new NetworkState[0]; |
| 5338 | } |
| 5339 | |
Jeff Sharkey | 0a5570d | 2018-04-10 12:38:29 -0600 | [diff] [blame] | 5340 | private static boolean getBooleanDefeatingNullable(@Nullable PersistableBundle bundle, |
| 5341 | String key, boolean defaultValue) { |
| 5342 | return (bundle != null) ? bundle.getBoolean(key, defaultValue) : defaultValue; |
| 5343 | } |
| 5344 | |
Chris Wren | 193ae6b | 2017-03-31 15:17:11 -0400 | [diff] [blame] | 5345 | private class NotificationId { |
| 5346 | private final String mTag; |
| 5347 | private final int mId; |
| 5348 | |
| 5349 | NotificationId(NetworkPolicy policy, int type) { |
| 5350 | mTag = buildNotificationTag(policy, type); |
| 5351 | mId = type; |
| 5352 | } |
| 5353 | |
| 5354 | @Override |
| 5355 | public boolean equals(Object o) { |
| 5356 | if (this == o) return true; |
| 5357 | if (!(o instanceof NotificationId)) return false; |
| 5358 | NotificationId that = (NotificationId) o; |
| 5359 | return Objects.equals(mTag, that.mTag); |
| 5360 | } |
| 5361 | |
| 5362 | @Override |
| 5363 | public int hashCode() { |
| 5364 | return Objects.hash(mTag); |
| 5365 | } |
| 5366 | |
| 5367 | /** |
| 5368 | * Build unique tag that identifies an active {@link NetworkPolicy} |
| 5369 | * notification of a specific type, like {@link #TYPE_LIMIT}. |
| 5370 | */ |
| 5371 | private String buildNotificationTag(NetworkPolicy policy, int type) { |
| 5372 | return TAG + ":" + policy.template.hashCode() + ":" + type; |
| 5373 | } |
| 5374 | |
| 5375 | public String getTag() { |
| 5376 | return mTag; |
| 5377 | } |
| 5378 | |
| 5379 | public int getId() { |
| 5380 | return mId; |
| 5381 | } |
| 5382 | } |
Jeff Sharkey | d5cdd59 | 2011-05-03 20:27:17 -0700 | [diff] [blame] | 5383 | } |