Merge "Add SDK check to check NOT_VCN_MANAGED"
diff --git a/Android.bp b/Android.bp
index d9d84c0..dd2d391 100644
--- a/Android.bp
+++ b/Android.bp
@@ -220,6 +220,7 @@
libs: ["unsupportedappusage"],
static_libs: [
"androidx.annotation_annotation",
+ "modules-utils-build_system",
"netd_aidl_interface-lateststable-java",
"netlink-client",
"networkstack-client",
diff --git a/common/moduleutils/Android.bp b/common/moduleutils/Android.bp
index 54f4b22..2230549 100644
--- a/common/moduleutils/Android.bp
+++ b/common/moduleutils/Android.bp
@@ -21,18 +21,29 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
+// TODO: remove this filegroup together with services.net
filegroup {
name: "net-module-utils-srcs",
srcs: [
+ "src/android/net/shared/NetdUtils.java",
+ "src/android/net/shared/RouteUtils.java",
+ "src/android/net/util/InterfaceParams.java",
+ "src/android/net/util/SharedLog.java",
+ ],
+ visibility: [
+ "//frameworks/base/services/net",
+ ]
+}
+
+filegroup {
+ name: "connectivity-module-utils-srcs",
+ srcs: [
"src/android/net/util/SharedLog.java",
"src/android/net/shared/NetdUtils.java",
"src/android/net/shared/NetworkMonitorUtils.java",
"src/android/net/shared/RouteUtils.java",
- "src/android/net/util/InterfaceParams.java",
],
visibility: [
- "//frameworks/base/services/net",
- "//frameworks/base/packages/Connectivity/service",
"//packages/modules/Connectivity/service",
]
}
diff --git a/common/moduleutils/src/android/net/shared/NetworkMonitorUtils.java b/common/moduleutils/src/android/net/shared/NetworkMonitorUtils.java
index 18138a7..0cd9f65 100644
--- a/common/moduleutils/src/android/net/shared/NetworkMonitorUtils.java
+++ b/common/moduleutils/src/android/net/shared/NetworkMonitorUtils.java
@@ -28,6 +28,8 @@
import android.net.NetworkCapabilities;
+import com.android.modules.utils.build.SdkLevel;
+
/** @hide */
public class NetworkMonitorUtils {
// This class is used by both NetworkMonitor and ConnectivityService, so it cannot use
@@ -68,7 +70,8 @@
public static boolean isPrivateDnsValidationRequired(NetworkCapabilities nc) {
if (nc == null) return false;
- final boolean isVcnManaged = !nc.hasCapability(NET_CAPABILITY_NOT_VCN_MANAGED);
+ final boolean isVcnManaged = SdkLevel.isAtLeastS()
+ && !nc.hasCapability(NET_CAPABILITY_NOT_VCN_MANAGED);
final boolean isOemPaid = nc.hasCapability(NET_CAPABILITY_OEM_PAID)
&& nc.hasCapability(NET_CAPABILITY_TRUSTED);
final boolean isDefaultCapable = nc.hasCapability(NET_CAPABILITY_NOT_RESTRICTED)
diff --git a/tests/unit/src/com/android/server/connectivity/NetworkMonitorTest.java b/tests/unit/src/com/android/server/connectivity/NetworkMonitorTest.java
index d15c18f..66d1c71 100644
--- a/tests/unit/src/com/android/server/connectivity/NetworkMonitorTest.java
+++ b/tests/unit/src/com/android/server/connectivity/NetworkMonitorTest.java
@@ -30,7 +30,9 @@
import static android.net.NetworkCapabilities.NET_CAPABILITY_INTERNET;
import static android.net.NetworkCapabilities.NET_CAPABILITY_NOT_METERED;
import static android.net.NetworkCapabilities.NET_CAPABILITY_NOT_RESTRICTED;
+import static android.net.NetworkCapabilities.NET_CAPABILITY_NOT_VCN_MANAGED;
import static android.net.NetworkCapabilities.NET_CAPABILITY_OEM_PAID;
+import static android.net.NetworkCapabilities.NET_CAPABILITY_TRUSTED;
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
import static android.net.NetworkCapabilities.TRANSPORT_VPN;
import static android.net.NetworkCapabilities.TRANSPORT_WIFI;
@@ -116,7 +118,6 @@
import android.net.Uri;
import android.net.captiveportal.CaptivePortalProbeResult;
import android.net.metrics.IpConnectivityLog;
-import android.net.shared.NetworkMonitorUtils;
import android.net.shared.PrivateDnsConfig;
import android.net.util.SharedLog;
import android.net.wifi.WifiInfo;
@@ -1794,24 +1795,52 @@
runFailedNetworkTest();
}
- @Test
- public void testNoInternetCapabilityValidated() throws Exception {
+ private void doValidationSkippedTest(NetworkCapabilities nc) throws Exception {
// For S+, the RESULT_SKIPPED bit will be included on networks that both do not require
// validation and for which validation is not performed.
final int validationResult = ShimUtils.isAtLeastS()
? NETWORK_VALIDATION_RESULT_VALID | NETWORK_VALIDATION_RESULT_SKIPPED
: NETWORK_VALIDATION_RESULT_VALID;
- runNetworkTest(TEST_LINK_PROPERTIES, CELL_NO_INTERNET_CAPABILITIES, validationResult,
+ runNetworkTest(TEST_LINK_PROPERTIES, nc, validationResult,
0 /* probesSucceeded */, null /* redirectUrl */);
verify(mCleartextDnsNetwork, never()).openConnection(any());
}
+ @Test
+ public void testNoInternetCapabilityValidated() throws Exception {
+ doValidationSkippedTest(CELL_NO_INTERNET_CAPABILITIES);
+ }
+
+ @Test
+ public void testNoTrustedCapabilityValidated() throws Exception {
+ final NetworkCapabilities.Builder nc = new NetworkCapabilities.Builder()
+ .addCapability(NET_CAPABILITY_INTERNET)
+ .removeCapability(NET_CAPABILITY_TRUSTED)
+ .addTransportType(TRANSPORT_CELLULAR);
+ if (ShimUtils.isAtLeastS()) {
+ nc.addCapability(NET_CAPABILITY_NOT_VCN_MANAGED);
+ }
+ doValidationSkippedTest(nc.build());
+ }
+
+ @Test
+ public void testRestrictedCapabilityValidated() throws Exception {
+ final NetworkCapabilities.Builder nc = new NetworkCapabilities.Builder()
+ .addCapability(NET_CAPABILITY_INTERNET)
+ .removeCapability(NET_CAPABILITY_NOT_RESTRICTED)
+ .addTransportType(TRANSPORT_CELLULAR);
+ if (ShimUtils.isAtLeastS()) {
+ nc.addCapability(NET_CAPABILITY_NOT_VCN_MANAGED);
+ }
+ doValidationSkippedTest(nc.build());
+ }
+
private NetworkCapabilities getVcnUnderlyingCarrierWifiCaps() {
// Must be called from within the test because NOT_VCN_MANAGED is an invalid capability
// value up to Android R. Thus, this must be guarded by an SDK check in tests that use this.
return new NetworkCapabilities.Builder()
.addTransportType(NetworkCapabilities.TRANSPORT_WIFI)
- .removeCapability(NetworkMonitorUtils.NET_CAPABILITY_NOT_VCN_MANAGED)
+ .removeCapability(NetworkCapabilities.NET_CAPABILITY_NOT_VCN_MANAGED)
.removeCapability(NetworkCapabilities.NET_CAPABILITY_NOT_RESTRICTED)
.removeCapability(NetworkCapabilities.NET_CAPABILITY_TRUSTED)
.addCapability(NET_CAPABILITY_INTERNET)