diff options
| -rw-r--r-- | core/api/current.txt | 3 | ||||
| -rw-r--r-- | core/api/system-current.txt | 1 | ||||
| -rw-r--r-- | core/java/android/os/Parcel.java | 4 | ||||
| -rw-r--r-- | core/java/android/os/UserManager.java | 17 | ||||
| -rw-r--r-- | core/res/res/values/config.xml | 8 | ||||
| -rw-r--r-- | core/res/res/values/dimens.xml | 4 | ||||
| -rw-r--r-- | media/jni/android_media_MediaCodec.cpp | 32 | ||||
| -rw-r--r-- | services/core/java/com/android/server/connectivity/Vpn.java | 217 | ||||
| -rw-r--r-- | services/core/java/com/android/server/pm/UserRestrictionsUtils.java | 9 | ||||
| -rw-r--r-- | services/core/java/com/android/server/wm/ActivityTaskManagerService.java | 2 | ||||
| -rw-r--r-- | telephony/java/android/telephony/CarrierConfigManager.java | 27 | ||||
| -rw-r--r-- | telephony/java/android/telephony/TelephonyManager.java | 13 |
12 files changed, 263 insertions, 74 deletions
diff --git a/core/api/current.txt b/core/api/current.txt index 93cb7e45a047..ffecc090067f 100644 --- a/core/api/current.txt +++ b/core/api/current.txt @@ -32238,6 +32238,7 @@ package android.os { field public static final String DISALLOW_BLUETOOTH = "no_bluetooth"; field public static final String DISALLOW_BLUETOOTH_SHARING = "no_bluetooth_sharing"; field public static final String DISALLOW_CAMERA_TOGGLE = "disallow_camera_toggle"; + field public static final String DISALLOW_CELLULAR_2G = "no_cellular_2g"; field public static final String DISALLOW_CHANGE_WIFI_STATE = "no_change_wifi_state"; field public static final String DISALLOW_CONFIG_BLUETOOTH = "no_config_bluetooth"; field public static final String DISALLOW_CONFIG_BRIGHTNESS = "no_config_brightness"; @@ -41226,7 +41227,7 @@ package android.telephony { field public static final String KEY_CARRIER_CONFIG_APPLIED_BOOL = "carrier_config_applied_bool"; field public static final String KEY_CARRIER_CONFIG_VERSION_STRING = "carrier_config_version_string"; field public static final String KEY_CARRIER_CROSS_SIM_IMS_AVAILABLE_BOOL = "carrier_cross_sim_ims_available_bool"; - field public static final String KEY_CARRIER_DATA_CALL_PERMANENT_FAILURE_STRINGS = "carrier_data_call_permanent_failure_strings"; + field @Deprecated public static final String KEY_CARRIER_DATA_CALL_PERMANENT_FAILURE_STRINGS = "carrier_data_call_permanent_failure_strings"; field public static final String KEY_CARRIER_DEFAULT_ACTIONS_ON_DCFAILURE_STRING_ARRAY = "carrier_default_actions_on_dcfailure_string_array"; field public static final String KEY_CARRIER_DEFAULT_ACTIONS_ON_DEFAULT_NETWORK_AVAILABLE = "carrier_default_actions_on_default_network_available_string_array"; field public static final String KEY_CARRIER_DEFAULT_ACTIONS_ON_REDIRECTION_STRING_ARRAY = "carrier_default_actions_on_redirection_string_array"; diff --git a/core/api/system-current.txt b/core/api/system-current.txt index dad772abc771..4a0d7711769d 100644 --- a/core/api/system-current.txt +++ b/core/api/system-current.txt @@ -13553,6 +13553,7 @@ package android.telephony { field public static final String ACTION_SIM_SLOT_STATUS_CHANGED = "android.telephony.action.SIM_SLOT_STATUS_CHANGED"; field public static final int ALLOWED_NETWORK_TYPES_REASON_ENABLE_2G = 3; // 0x3 field public static final int ALLOWED_NETWORK_TYPES_REASON_POWER = 1; // 0x1 + field public static final int ALLOWED_NETWORK_TYPES_REASON_USER_RESTRICTIONS = 4; // 0x4 field public static final int CALL_WAITING_STATUS_DISABLED = 2; // 0x2 field public static final int CALL_WAITING_STATUS_ENABLED = 1; // 0x1 field public static final int CALL_WAITING_STATUS_FDN_CHECK_FAILURE = 5; // 0x5 diff --git a/core/java/android/os/Parcel.java b/core/java/android/os/Parcel.java index 8ffb94b6ffd1..7e15f07be05a 100644 --- a/core/java/android/os/Parcel.java +++ b/core/java/android/os/Parcel.java @@ -562,9 +562,11 @@ public final class Parcel { */ public final void recycle() { if (mRecycled) { - Log.w(TAG, "Recycle called on unowned Parcel. (recycle twice?) Here: " + Log.wtf(TAG, "Recycle called on unowned Parcel. (recycle twice?) Here: " + Log.getStackTraceString(new Throwable()) + " Original recycle call (if DEBUG_RECYCLE): ", mStack); + + return; } mRecycled = true; diff --git a/core/java/android/os/UserManager.java b/core/java/android/os/UserManager.java index 0ffdfc6cbcb1..4b9f8921d34f 100644 --- a/core/java/android/os/UserManager.java +++ b/core/java/android/os/UserManager.java @@ -1485,6 +1485,22 @@ public class UserManager { public static final String KEY_RESTRICTIONS_PENDING = "restrictions_pending"; /** + * Specifies if a user is not allowed to use 2g networks. + * + * <p>This restriction can only be set by a device owner or a profile owner of an + * organization-owned managed profile on the parent profile. + * In all cases, the setting applies globally on the device and will prevent the device from + * scanning for or connecting to 2g networks, except in the case of an emergency. + * + * <p>The default value is <code>false</code>. + * + * @see DevicePolicyManager#addUserRestriction(ComponentName, String) + * @see DevicePolicyManager#clearUserRestriction(ComponentName, String) + * @see #getUserRestrictions() + */ + public static final String DISALLOW_CELLULAR_2G = "no_cellular_2g"; + + /** * List of key values that can be passed into the various user restriction related methods * in {@link UserManager} & {@link DevicePolicyManager}. * Note: This is slightly different from the real set of user restrictions listed in {@link @@ -1565,6 +1581,7 @@ public class UserManager { DISALLOW_SHARING_ADMIN_CONFIGURED_WIFI, DISALLOW_WIFI_DIRECT, DISALLOW_ADD_WIFI_CONFIG, + DISALLOW_CELLULAR_2G, }) @Retention(RetentionPolicy.SOURCE) public @interface UserRestrictionKey {} diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml index 689620c13918..cf1050461d68 100644 --- a/core/res/res/values/config.xml +++ b/core/res/res/values/config.xml @@ -4320,13 +4320,13 @@ <string name="config_mediaProjectionPermissionDialogComponent" translatable="false">com.android.systemui/com.android.systemui.media.MediaProjectionPermissionActivity</string> <!-- Corner radius of system dialogs --> - <dimen name="config_dialogCornerRadius">2dp</dimen> + <dimen name="config_dialogCornerRadius">28dp</dimen> <!-- Corner radius of system buttons --> - <dimen name="config_buttonCornerRadius">@dimen/control_corner_material</dimen> + <dimen name="config_buttonCornerRadius">4dp</dimen> <!-- Corner radius for bottom sheet system dialogs --> - <dimen name="config_bottomDialogCornerRadius">@dimen/config_dialogCornerRadius</dimen> + <dimen name="config_bottomDialogCornerRadius">16dp</dimen> <!-- Corner radius of system progress bars --> - <dimen name="config_progressBarCornerRadius">@dimen/progress_bar_corner_material</dimen> + <dimen name="config_progressBarCornerRadius">1000dp</dimen> <!-- Controls whether system buttons use all caps for text --> <bool name="config_buttonTextAllCaps">true</bool> <!-- Name of the font family used for system surfaces where the font should use medium weight --> diff --git a/core/res/res/values/dimens.xml b/core/res/res/values/dimens.xml index b754100a3ed6..8697acd71304 100644 --- a/core/res/res/values/dimens.xml +++ b/core/res/res/values/dimens.xml @@ -979,9 +979,9 @@ <dimen name="controls_thumbnail_image_max_width">280dp</dimen> <!-- System-provided radius for the background view of app widgets. The resolved value of this resource may change at runtime. --> - <dimen name="system_app_widget_background_radius">16dp</dimen> + <dimen name="system_app_widget_background_radius">28dp</dimen> <!-- System-provided radius for inner views on app widgets. The resolved value of this resource may change at runtime. --> - <dimen name="system_app_widget_inner_radius">8dp</dimen> + <dimen name="system_app_widget_inner_radius">20dp</dimen> <!-- System-provided padding for inner views on app widgets. The resolved value of this resource may change at runtime. @removed --> <dimen name="__removed_system_app_widget_internal_padding">16dp</dimen> diff --git a/media/jni/android_media_MediaCodec.cpp b/media/jni/android_media_MediaCodec.cpp index 95599bd41e8d..1183ca3b4977 100644 --- a/media/jni/android_media_MediaCodec.cpp +++ b/media/jni/android_media_MediaCodec.cpp @@ -174,6 +174,12 @@ static struct { jfieldID typeId; } gDescriptorInfo; +static struct { + jclass clazz; + jmethodID ctorId; + jmethodID setId; +} gBufferInfo; + struct fields_t { jmethodID postEventFromNativeID; jmethodID lockAndGetContextID; @@ -460,11 +466,7 @@ status_t JMediaCodec::dequeueOutputBuffer( return err; } - ScopedLocalRef<jclass> clazz( - env, env->FindClass("android/media/MediaCodec$BufferInfo")); - - jmethodID method = env->GetMethodID(clazz.get(), "set", "(IIJI)V"); - env->CallVoidMethod(bufferInfo, method, (jint)offset, (jint)size, timeUs, flags); + env->CallVoidMethod(bufferInfo, gBufferInfo.setId, (jint)offset, (jint)size, timeUs, flags); return OK; } @@ -1091,13 +1093,7 @@ void JMediaCodec::handleCallback(const sp<AMessage> &msg) { CHECK(msg->findInt64("timeUs", &timeUs)); CHECK(msg->findInt32("flags", (int32_t *)&flags)); - ScopedLocalRef<jclass> clazz( - env, env->FindClass("android/media/MediaCodec$BufferInfo")); - jmethodID ctor = env->GetMethodID(clazz.get(), "<init>", "()V"); - jmethodID method = env->GetMethodID(clazz.get(), "set", "(IIJI)V"); - - obj = env->NewObject(clazz.get(), ctor); - + obj = env->NewObject(gBufferInfo.clazz, gBufferInfo.ctorId); if (obj == NULL) { if (env->ExceptionCheck()) { ALOGE("Could not create MediaCodec.BufferInfo."); @@ -1107,7 +1103,7 @@ void JMediaCodec::handleCallback(const sp<AMessage> &msg) { return; } - env->CallVoidMethod(obj, method, (jint)offset, (jint)size, timeUs, flags); + env->CallVoidMethod(obj, gBufferInfo.setId, (jint)offset, (jint)size, timeUs, flags); break; } @@ -3235,6 +3231,16 @@ static void android_media_MediaCodec_native_init(JNIEnv *env, jclass) { gDescriptorInfo.typeId = env->GetFieldID(clazz.get(), "mType", "I"); CHECK(gDescriptorInfo.typeId != NULL); + + clazz.reset(env->FindClass("android/media/MediaCodec$BufferInfo")); + CHECK(clazz.get() != NULL); + gBufferInfo.clazz = (jclass)env->NewGlobalRef(clazz.get()); + + gBufferInfo.ctorId = env->GetMethodID(clazz.get(), "<init>", "()V"); + CHECK(gBufferInfo.ctorId != NULL); + + gBufferInfo.setId = env->GetMethodID(clazz.get(), "set", "(IIJI)V"); + CHECK(gBufferInfo.setId != NULL); } static void android_media_MediaCodec_native_setup( diff --git a/services/core/java/com/android/server/connectivity/Vpn.java b/services/core/java/com/android/server/connectivity/Vpn.java index 45b0f0a6d04a..c671a2c0cdad 100644 --- a/services/core/java/com/android/server/connectivity/Vpn.java +++ b/services/core/java/com/android/server/connectivity/Vpn.java @@ -28,6 +28,7 @@ import static android.net.VpnManager.NOTIFICATION_CHANNEL_VPN; import static android.os.PowerWhitelistManager.REASON_VPN; import static android.os.UserHandle.PER_USER_RANGE; +import static com.android.net.module.util.NetworkStackConstants.IPV6_MIN_MTU; import static com.android.server.vcn.util.PersistableBundleUtils.STRING_DESERIALIZER; import static java.util.Objects.requireNonNull; @@ -84,6 +85,7 @@ import android.net.VpnManager; import android.net.VpnProfileState; import android.net.VpnService; import android.net.VpnTransportInfo; +import android.net.ipsec.ike.ChildSaProposal; import android.net.ipsec.ike.ChildSessionCallback; import android.net.ipsec.ike.ChildSessionConfiguration; import android.net.ipsec.ike.ChildSessionParams; @@ -93,6 +95,7 @@ import android.net.ipsec.ike.IkeSessionConfiguration; import android.net.ipsec.ike.IkeSessionConnectionInfo; import android.net.ipsec.ike.IkeSessionParams; import android.net.ipsec.ike.IkeTunnelConnectionParams; +import android.net.ipsec.ike.exceptions.IkeIOException; import android.net.ipsec.ike.exceptions.IkeNetworkLostException; import android.net.ipsec.ike.exceptions.IkeNonProtocolException; import android.net.ipsec.ike.exceptions.IkeProtocolException; @@ -140,6 +143,7 @@ import com.android.net.module.util.NetworkStackConstants; import com.android.server.DeviceIdleInternal; import com.android.server.LocalServices; import com.android.server.net.BaseNetworkObserver; +import com.android.server.vcn.util.MtuUtils; import com.android.server.vcn.util.PersistableBundleUtils; import libcore.io.IoUtils; @@ -152,6 +156,8 @@ import java.io.OutputStream; import java.net.Inet4Address; import java.net.Inet6Address; import java.net.InetAddress; +import java.net.NetworkInterface; +import java.net.SocketException; import java.net.UnknownHostException; import java.nio.charset.StandardCharsets; import java.security.GeneralSecurityException; @@ -165,6 +171,7 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; import java.util.Collections; +import java.util.HashSet; import java.util.List; import java.util.Objects; import java.util.Set; @@ -551,6 +558,24 @@ public class Vpn { return DATA_STALL_RESET_DELAYS_SEC[count]; } } + + /** Gets the MTU of an interface using Java NetworkInterface primitives */ + public int getJavaNetworkInterfaceMtu(@Nullable String iface, int defaultValue) + throws SocketException { + if (iface == null) return defaultValue; + + final NetworkInterface networkInterface = NetworkInterface.getByName(iface); + return networkInterface == null ? defaultValue : networkInterface.getMTU(); + } + + /** Calculates the VPN Network's max MTU based on underlying network and configuration */ + public int calculateVpnMtu( + @NonNull List<ChildSaProposal> childProposals, + int maxMtu, + int underlyingMtu, + boolean isIpv4) { + return MtuUtils.getMtu(childProposals, maxMtu, underlyingMtu, isIpv4); + } } @VisibleForTesting @@ -1397,6 +1422,11 @@ public class Vpn { } private LinkProperties makeLinkProperties() { + // The design of disabling IPv6 is only enabled for IKEv2 VPN because it needs additional + // logic to handle IPv6 only VPN, and the IPv6 only VPN may be restarted when its MTU + // is lower than 1280. The logic is controlled by IKEv2VpnRunner, so the design is only + // enabled for IKEv2 VPN. + final boolean disableIPV6 = (isIkev2VpnRunner() && mConfig.mtu < IPV6_MIN_MTU); boolean allowIPv4 = mConfig.allowIPv4; boolean allowIPv6 = mConfig.allowIPv6; @@ -1406,6 +1436,7 @@ public class Vpn { if (mConfig.addresses != null) { for (LinkAddress address : mConfig.addresses) { + if (disableIPV6 && address.isIpv6()) continue; lp.addLinkAddress(address); allowIPv4 |= address.getAddress() instanceof Inet4Address; allowIPv6 |= address.getAddress() instanceof Inet6Address; @@ -1414,8 +1445,9 @@ public class Vpn { if (mConfig.routes != null) { for (RouteInfo route : mConfig.routes) { + final InetAddress address = route.getDestination().getAddress(); + if (disableIPV6 && address instanceof Inet6Address) continue; lp.addRoute(route); - InetAddress address = route.getDestination().getAddress(); if (route.getType() == RouteInfo.RTN_UNICAST) { allowIPv4 |= address instanceof Inet4Address; @@ -1426,7 +1458,8 @@ public class Vpn { if (mConfig.dnsServers != null) { for (String dnsServer : mConfig.dnsServers) { - InetAddress address = InetAddresses.parseNumericAddress(dnsServer); + final InetAddress address = InetAddresses.parseNumericAddress(dnsServer); + if (disableIPV6 && address instanceof Inet6Address) continue; lp.addDnsServer(address); allowIPv4 |= address instanceof Inet4Address; allowIPv6 |= address instanceof Inet6Address; @@ -1440,7 +1473,7 @@ public class Vpn { NetworkStackConstants.IPV4_ADDR_ANY, 0), null /*gateway*/, null /*iface*/, RTN_UNREACHABLE)); } - if (!allowIPv6) { + if (!allowIPv6 || disableIPV6) { lp.addRoute(new RouteInfo(new IpPrefix( NetworkStackConstants.IPV6_ADDR_ANY, 0), null /*gateway*/, null /*iface*/, RTN_UNREACHABLE)); @@ -1576,6 +1609,18 @@ public class Vpn { updateState(DetailedState.DISCONNECTED, "agentDisconnect"); } + @GuardedBy("this") + private void startNewNetworkAgent(NetworkAgent oldNetworkAgent, String reason) { + // Initialize the state for a new agent, while keeping the old one connected + // in case this new connection fails. + mNetworkAgent = null; + updateState(DetailedState.CONNECTING, reason); + // Bringing up a new NetworkAgent to prevent the data leakage before tearing down the old + // NetworkAgent. + agentConnect(); + agentDisconnect(oldNetworkAgent); + } + /** * Establish a VPN network and return the file descriptor of the VPN interface. This methods * returns {@code null} if the application is revoked or not prepared. @@ -1665,16 +1710,7 @@ public class Vpn { setUnderlyingNetworks(config.underlyingNetworks); } } else { - // Initialize the state for a new agent, while keeping the old one connected - // in case this new connection fails. - mNetworkAgent = null; - updateState(DetailedState.CONNECTING, "establish"); - // Set up forwarding and DNS rules. - agentConnect(); - // Remove the old tun's user forwarding rules - // The new tun's user rules have already been added above so they will take over - // as rules are deleted. This prevents data leakage as the rules are moved over. - agentDisconnect(oldNetworkAgent); + startNewNetworkAgent(oldNetworkAgent, "establish"); } if (oldConnection != null) { @@ -2711,6 +2747,17 @@ public class Vpn { void onSessionLost(int token, @Nullable Exception exception); } + private static boolean isIPv6Only(List<LinkAddress> linkAddresses) { + boolean hasIPV6 = false; + boolean hasIPV4 = false; + for (final LinkAddress address : linkAddresses) { + hasIPV6 |= address.isIpv6(); + hasIPV4 |= address.isIpv4(); + } + + return hasIPV6 && !hasIPV4; + } + /** * Internal class managing IKEv2/IPsec VPN connectivity * @@ -2924,15 +2971,27 @@ public class Vpn { try { final String interfaceName = mTunnelIface.getInterfaceName(); - final int maxMtu = mProfile.getMaxMtu(); final List<LinkAddress> internalAddresses = childConfig.getInternalAddresses(); final List<String> dnsAddrStrings = new ArrayList<>(); + int vpnMtu; + vpnMtu = calculateVpnMtu(); + + // If the VPN is IPv6 only and its MTU is lower than 1280, mark the network as lost + // and send the VpnManager event to the VPN app. + if (isIPv6Only(internalAddresses) && vpnMtu < IPV6_MIN_MTU) { + onSessionLost( + token, + new IkeIOException( + new IOException("No valid addresses for MTU < 1280"))); + return; + } final Collection<RouteInfo> newRoutes = VpnIkev2Utils.getRoutesFromTrafficSelectors( childConfig.getOutboundTrafficSelectors()); for (final LinkAddress address : internalAddresses) { mTunnelIface.addAddress(address.getAddress(), address.getPrefixLength()); } + for (InetAddress addr : childConfig.getInternalDnsServers()) { dnsAddrStrings.add(addr.getHostAddress()); } @@ -2950,7 +3009,7 @@ public class Vpn { if (mVpnRunner != this) return; mInterface = interfaceName; - mConfig.mtu = maxMtu; + mConfig.mtu = vpnMtu; mConfig.interfaze = mInterface; mConfig.addresses.clear(); @@ -3053,12 +3112,54 @@ public class Vpn { // Ignore stale runner. if (mVpnRunner != this) return; + final LinkProperties oldLp = makeLinkProperties(); + + final boolean underlyingNetworkHasChanged = + !Arrays.equals(mConfig.underlyingNetworks, new Network[]{network}); mConfig.underlyingNetworks = new Network[] {network}; - mNetworkCapabilities = - new NetworkCapabilities.Builder(mNetworkCapabilities) - .setUnderlyingNetworks(Collections.singletonList(network)) - .build(); - doSetUnderlyingNetworks(mNetworkAgent, Collections.singletonList(network)); + mConfig.mtu = calculateVpnMtu(); + + final LinkProperties newLp = makeLinkProperties(); + + // If MTU is < 1280, IPv6 addresses will be removed. If there are no addresses + // left (e.g. IPv6-only VPN network), mark VPN as having lost the session. + if (newLp.getLinkAddresses().isEmpty()) { + onSessionLost( + token, + new IkeIOException( + new IOException("No valid addresses for MTU < 1280"))); + return; + } + + final Set<LinkAddress> removedAddrs = new HashSet<>(oldLp.getLinkAddresses()); + removedAddrs.removeAll(newLp.getLinkAddresses()); + + // If addresses were removed despite no IKE config change, IPv6 addresses must + // have been removed due to MTU size. Restart the VPN to ensure all IPv6 + // unconnected sockets on the new VPN network are closed and retried on the new + // VPN network. + if (!removedAddrs.isEmpty()) { + startNewNetworkAgent( + mNetworkAgent, "MTU too low for IPv6; restarting network agent"); + + for (LinkAddress removed : removedAddrs) { + mTunnelIface.removeAddress( + removed.getAddress(), removed.getPrefixLength()); + } + } else { + // Put below 3 updates into else block is because agentConnect() will do + // those things, so there is no need to do the redundant work. + if (!newLp.equals(oldLp)) doSendLinkProperties(mNetworkAgent, newLp); + if (underlyingNetworkHasChanged) { + mNetworkCapabilities = + new NetworkCapabilities.Builder(mNetworkCapabilities) + .setUnderlyingNetworks( + Collections.singletonList(network)) + .build(); + doSetUnderlyingNetworks(mNetworkAgent, + Collections.singletonList(network)); + } + } } mTunnelIface.setUnderlyingNetwork(network); @@ -3108,6 +3209,60 @@ public class Vpn { startOrMigrateIkeSession(network); } + @NonNull + private IkeSessionParams getIkeSessionParams(@NonNull Network underlyingNetwork) { + final IkeTunnelConnectionParams ikeTunConnParams = + mProfile.getIkeTunnelConnectionParams(); + if (ikeTunConnParams != null) { + final IkeSessionParams.Builder builder = + new IkeSessionParams.Builder(ikeTunConnParams.getIkeSessionParams()) + .setNetwork(underlyingNetwork); + return builder.build(); + } else { + return VpnIkev2Utils.buildIkeSessionParams(mContext, mProfile, underlyingNetwork); + } + } + + @NonNull + private ChildSessionParams getChildSessionParams() { + final IkeTunnelConnectionParams ikeTunConnParams = + mProfile.getIkeTunnelConnectionParams(); + if (ikeTunConnParams != null) { + return ikeTunConnParams.getTunnelModeChildSessionParams(); + } else { + return VpnIkev2Utils.buildChildSessionParams(mProfile.getAllowedAlgorithms()); + } + } + + private int calculateVpnMtu() { + final Network underlyingNetwork = mIkeConnectionInfo.getNetwork(); + final LinkProperties lp = mConnectivityManager.getLinkProperties(underlyingNetwork); + if (underlyingNetwork == null || lp == null) { + // Return the max MTU defined in VpnProfile as the fallback option when there is no + // underlying network or LinkProperties is null. + return mProfile.getMaxMtu(); + } + + int underlyingMtu = lp.getMtu(); + + // Try to get MTU from kernel if MTU is not set in LinkProperties. + if (underlyingMtu == 0) { + try { + underlyingMtu = mDeps.getJavaNetworkInterfaceMtu(lp.getInterfaceName(), + mProfile.getMaxMtu()); + } catch (SocketException e) { + Log.d(TAG, "Got a SocketException when getting MTU from kernel: " + e); + return mProfile.getMaxMtu(); + } + } + + return mDeps.calculateVpnMtu( + getChildSessionParams().getSaProposals(), + mProfile.getMaxMtu(), + underlyingMtu, + mIkeConnectionInfo.getLocalAddress() instanceof Inet4Address); + } + /** * Start a new IKE session. * @@ -3158,24 +3313,6 @@ public class Vpn { // (non-default) network, and start the new one. resetIkeState(); - // Get Ike options from IkeTunnelConnectionParams if it's available in the - // profile. - final IkeTunnelConnectionParams ikeTunConnParams = - mProfile.getIkeTunnelConnectionParams(); - final IkeSessionParams ikeSessionParams; - final ChildSessionParams childSessionParams; - if (ikeTunConnParams != null) { - final IkeSessionParams.Builder builder = new IkeSessionParams.Builder( - ikeTunConnParams.getIkeSessionParams()).setNetwork(underlyingNetwork); - ikeSessionParams = builder.build(); - childSessionParams = ikeTunConnParams.getTunnelModeChildSessionParams(); - } else { - ikeSessionParams = VpnIkev2Utils.buildIkeSessionParams( - mContext, mProfile, underlyingNetwork); - childSessionParams = VpnIkev2Utils.buildChildSessionParams( - mProfile.getAllowedAlgorithms()); - } - // TODO: Remove the need for adding two unused addresses with // IPsec tunnels. final InetAddress address = InetAddress.getLocalHost(); @@ -3193,8 +3330,8 @@ public class Vpn { mSession = mIkev2SessionCreator.createIkeSession( mContext, - ikeSessionParams, - childSessionParams, + getIkeSessionParams(underlyingNetwork), + getChildSessionParams(), mExecutor, new VpnIkev2Utils.IkeSessionCallbackImpl( TAG, IkeV2VpnRunner.this, token), diff --git a/services/core/java/com/android/server/pm/UserRestrictionsUtils.java b/services/core/java/com/android/server/pm/UserRestrictionsUtils.java index 016c1cb7bdf0..fe797d211a8c 100644 --- a/services/core/java/com/android/server/pm/UserRestrictionsUtils.java +++ b/services/core/java/com/android/server/pm/UserRestrictionsUtils.java @@ -147,7 +147,8 @@ public class UserRestrictionsUtils { UserManager.DISALLOW_WIFI_TETHERING, UserManager.DISALLOW_SHARING_ADMIN_CONFIGURED_WIFI, UserManager.DISALLOW_WIFI_DIRECT, - UserManager.DISALLOW_ADD_WIFI_CONFIG + UserManager.DISALLOW_ADD_WIFI_CONFIG, + UserManager.DISALLOW_CELLULAR_2G }); public static final Set<String> DEPRECATED_USER_RESTRICTIONS = Sets.newArraySet( @@ -195,7 +196,8 @@ public class UserRestrictionsUtils { UserManager.DISALLOW_CHANGE_WIFI_STATE, UserManager.DISALLOW_WIFI_TETHERING, UserManager.DISALLOW_WIFI_DIRECT, - UserManager.DISALLOW_ADD_WIFI_CONFIG + UserManager.DISALLOW_ADD_WIFI_CONFIG, + UserManager.DISALLOW_CELLULAR_2G ); /** @@ -234,7 +236,8 @@ public class UserRestrictionsUtils { UserManager.DISALLOW_CHANGE_WIFI_STATE, UserManager.DISALLOW_WIFI_TETHERING, UserManager.DISALLOW_WIFI_DIRECT, - UserManager.DISALLOW_ADD_WIFI_CONFIG + UserManager.DISALLOW_ADD_WIFI_CONFIG, + UserManager.DISALLOW_CELLULAR_2G ); /** diff --git a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java index 8d831d72c05b..91dcc8e412dc 100644 --- a/services/core/java/com/android/server/wm/ActivityTaskManagerService.java +++ b/services/core/java/com/android/server/wm/ActivityTaskManagerService.java @@ -1441,7 +1441,7 @@ public class ActivityTaskManagerService extends IActivityTaskManager.Stub { a.colorMode = ActivityInfo.COLOR_MODE_DEFAULT; a.flags |= ActivityInfo.FLAG_EXCLUDE_FROM_RECENTS; a.resizeMode = RESIZE_MODE_UNRESIZEABLE; - a.configChanges = ActivityInfo.CONFIG_ORIENTATION; + a.configChanges = 0xffffffff; final ActivityOptions options = ActivityOptions.makeBasic(); options.setLaunchActivityType(ACTIVITY_TYPE_DREAM); diff --git a/telephony/java/android/telephony/CarrierConfigManager.java b/telephony/java/android/telephony/CarrierConfigManager.java index 8e6d6a81e579..bb0522c4dec9 100644 --- a/telephony/java/android/telephony/CarrierConfigManager.java +++ b/telephony/java/android/telephony/CarrierConfigManager.java @@ -1180,8 +1180,12 @@ public class CarrierConfigManager { "carrier_data_call_retry_network_requested_max_count_int"; /** - * Data call setup permanent failure causes by the carrier + * Data call setup permanent failure causes by the carrier. + * + * @deprecated This API key was added in mistake and is not used anymore by the telephony data + * frameworks. */ + @Deprecated public static final String KEY_CARRIER_DATA_CALL_PERMANENT_FAILURE_STRINGS = "carrier_data_call_permanent_failure_strings"; @@ -8308,7 +8312,8 @@ public class CarrierConfigManager { * * The syntax of the retry rule: * 1. Retry based on {@link NetworkCapabilities}. Note that only APN-type network capabilities - * are supported. + * are supported. If the capabilities are not specified, then the retry rule only applies + * to the current failed APN used in setup data call request. * "capabilities=[netCaps1|netCaps2|...], [retry_interval=n1|n2|n3|n4...], [maximum_retries=n]" * * 2. Retry based on {@link DataFailCause} @@ -8319,15 +8324,16 @@ public class CarrierConfigManager { * "capabilities=[netCaps1|netCaps2|...], fail_causes=[cause1|cause2|cause3|...], * [retry_interval=n1|n2|n3|n4...], [maximum_retries=n]" * + * 4. Permanent fail causes (no timer-based retry) on the current failed APN. Retry interval + * is specified for retrying the next available APN. + * "permanent_fail_causes=8|27|28|29|30|32|33|35|50|51|111|-5|-6|65537|65538|-3|65543|65547| + * 2252|2253|2254, retry_interval=2500" + * * For example, * "capabilities=eims, retry_interval=1000, maximum_retries=20" means if the attached * network request is emergency, then retry data network setup every 1 second for up to 20 * times. * - * "fail_causes=8|27|28|29|30|32|33|35|50|51|111|-5|-6|65537|65538|-3|2253|2254 - * , maximum_retries=0" means for those fail causes, never retry with timers. Note that - * when environment changes, retry can still happen. - * * "capabilities=internet|enterprise|dun|ims|fota, retry_interval=2500|3000|" * "5000|10000|15000|20000|40000|60000|120000|240000|600000|1200000|1800000" * "1800000, maximum_retries=20" means for those capabilities, retry happens in 2.5s, 3s, 5s, @@ -9205,8 +9211,13 @@ public class CarrierConfigManager { sDefaults.putStringArray( KEY_TELEPHONY_DATA_SETUP_RETRY_RULES_STRING_ARRAY, new String[] { "capabilities=eims, retry_interval=1000, maximum_retries=20", - "fail_causes=8|27|28|29|30|32|33|35|50|51|111|-5|-6|65537|65538|-3|2252|" - + "2253|2254, maximum_retries=0", // No retry for those causes + // Permanent fail causes. When setup data call fails with the following + // fail causes, telephony data frameworks will stop timer-based retry on + // the failed APN until power cycle, APM, or some special events. Note that + // even timer-based retry is not performed, condition-based (RAT changes, + // registration state changes) retry can still happen. + "permanent_fail_causes=8|27|28|29|30|32|33|35|50|51|111|-5|-6|65537|65538|" + + "-3|65543|65547|2252|2253|2254, retry_interval=2500", "capabilities=mms|supl|cbs, retry_interval=2000", "capabilities=internet|enterprise|dun|ims|fota, retry_interval=2500|3000|" + "5000|10000|15000|20000|40000|60000|120000|240000|" diff --git a/telephony/java/android/telephony/TelephonyManager.java b/telephony/java/android/telephony/TelephonyManager.java index 70d82701da66..a081bc320921 100644 --- a/telephony/java/android/telephony/TelephonyManager.java +++ b/telephony/java/android/telephony/TelephonyManager.java @@ -9358,7 +9358,8 @@ public class TelephonyManager { ALLOWED_NETWORK_TYPES_REASON_USER, ALLOWED_NETWORK_TYPES_REASON_POWER, ALLOWED_NETWORK_TYPES_REASON_CARRIER, - ALLOWED_NETWORK_TYPES_REASON_ENABLE_2G + ALLOWED_NETWORK_TYPES_REASON_ENABLE_2G, + ALLOWED_NETWORK_TYPES_REASON_USER_RESTRICTIONS, }) @Retention(RetentionPolicy.SOURCE) public @interface AllowedNetworkTypesReason { @@ -9397,6 +9398,15 @@ public class TelephonyManager { public static final int ALLOWED_NETWORK_TYPES_REASON_ENABLE_2G = 3; /** + * To indicate allowed network type change is requested by an update to the + * {@link android.os.UserManager.DISALLOW_CELLULAR_2G} user restriction. + * + * @hide + */ + @SystemApi + public static final int ALLOWED_NETWORK_TYPES_REASON_USER_RESTRICTIONS = 4; + + /** * Set the allowed network types of the device and provide the reason triggering the allowed * network change. * <p>Requires permission: android.Manifest.MODIFY_PHONE_STATE or @@ -9488,6 +9498,7 @@ public class TelephonyManager { case TelephonyManager.ALLOWED_NETWORK_TYPES_REASON_POWER: case TelephonyManager.ALLOWED_NETWORK_TYPES_REASON_CARRIER: case TelephonyManager.ALLOWED_NETWORK_TYPES_REASON_ENABLE_2G: + case ALLOWED_NETWORK_TYPES_REASON_USER_RESTRICTIONS: return true; } return false; |