1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.net; 18 19 import static com.android.internal.annotations.VisibleForTesting.Visibility.PRIVATE; 20 21 import android.annotation.IntDef; 22 import android.annotation.NonNull; 23 import android.annotation.Nullable; 24 import android.annotation.RequiresPermission; 25 import android.annotation.SystemApi; 26 import android.annotation.TestApi; 27 import android.compat.annotation.UnsupportedAppUsage; 28 import android.net.ConnectivityManager.NetworkCallback; 29 import android.os.Build; 30 import android.os.Parcel; 31 import android.os.Parcelable; 32 import android.os.Process; 33 import android.text.TextUtils; 34 import android.util.ArraySet; 35 import android.util.proto.ProtoOutputStream; 36 37 import com.android.internal.annotations.VisibleForTesting; 38 import com.android.internal.util.ArrayUtils; 39 import com.android.internal.util.BitUtils; 40 import com.android.internal.util.Preconditions; 41 42 import java.lang.annotation.Retention; 43 import java.lang.annotation.RetentionPolicy; 44 import java.util.Arrays; 45 import java.util.Objects; 46 import java.util.Set; 47 import java.util.StringJoiner; 48 49 /** 50 * Representation of the capabilities of an active network. Instances are 51 * typically obtained through 52 * {@link NetworkCallback#onCapabilitiesChanged(Network, NetworkCapabilities)} 53 * or {@link ConnectivityManager#getNetworkCapabilities(Network)}. 54 * <p> 55 * This replaces the old {@link ConnectivityManager#TYPE_MOBILE} method of 56 * network selection. Rather than indicate a need for Wi-Fi because an 57 * application needs high bandwidth and risk obsolescence when a new, fast 58 * network appears (like LTE), the application should specify it needs high 59 * bandwidth. Similarly if an application needs an unmetered network for a bulk 60 * transfer it can specify that rather than assuming all cellular based 61 * connections are metered and all Wi-Fi based connections are not. 62 */ 63 public final class NetworkCapabilities implements Parcelable { 64 private static final String TAG = "NetworkCapabilities"; 65 66 // Set to true when private DNS is broken. 67 private boolean mPrivateDnsBroken; 68 69 /** 70 * Uid of the app making the request. 71 */ 72 private int mRequestorUid; 73 74 /** 75 * Package name of the app making the request. 76 */ 77 private String mRequestorPackageName; 78 NetworkCapabilities()79 public NetworkCapabilities() { 80 clearAll(); 81 mNetworkCapabilities = DEFAULT_CAPABILITIES; 82 } 83 NetworkCapabilities(NetworkCapabilities nc)84 public NetworkCapabilities(NetworkCapabilities nc) { 85 if (nc != null) { 86 set(nc); 87 } 88 } 89 90 /** 91 * Completely clears the contents of this object, removing even the capabilities that are set 92 * by default when the object is constructed. 93 * @hide 94 */ clearAll()95 public void clearAll() { 96 mNetworkCapabilities = mTransportTypes = mUnwantedNetworkCapabilities = 0; 97 mLinkUpBandwidthKbps = mLinkDownBandwidthKbps = LINK_BANDWIDTH_UNSPECIFIED; 98 mNetworkSpecifier = null; 99 mTransportInfo = null; 100 mSignalStrength = SIGNAL_STRENGTH_UNSPECIFIED; 101 mUids = null; 102 mAdministratorUids = new int[0]; 103 mOwnerUid = Process.INVALID_UID; 104 mSSID = null; 105 mPrivateDnsBroken = false; 106 mRequestorUid = Process.INVALID_UID; 107 mRequestorPackageName = null; 108 } 109 110 /** 111 * Set all contents of this object to the contents of a NetworkCapabilities. 112 * @hide 113 */ set(@onNull NetworkCapabilities nc)114 public void set(@NonNull NetworkCapabilities nc) { 115 mNetworkCapabilities = nc.mNetworkCapabilities; 116 mTransportTypes = nc.mTransportTypes; 117 mLinkUpBandwidthKbps = nc.mLinkUpBandwidthKbps; 118 mLinkDownBandwidthKbps = nc.mLinkDownBandwidthKbps; 119 mNetworkSpecifier = nc.mNetworkSpecifier; 120 mTransportInfo = nc.mTransportInfo; 121 mSignalStrength = nc.mSignalStrength; 122 setUids(nc.mUids); // Will make the defensive copy 123 setAdministratorUids(nc.getAdministratorUids()); 124 mOwnerUid = nc.mOwnerUid; 125 mUnwantedNetworkCapabilities = nc.mUnwantedNetworkCapabilities; 126 mSSID = nc.mSSID; 127 mPrivateDnsBroken = nc.mPrivateDnsBroken; 128 mRequestorUid = nc.mRequestorUid; 129 mRequestorPackageName = nc.mRequestorPackageName; 130 } 131 132 /** 133 * Represents the network's capabilities. If any are specified they will be satisfied 134 * by any Network that matches all of them. 135 */ 136 @UnsupportedAppUsage 137 private long mNetworkCapabilities; 138 139 /** 140 * If any capabilities specified here they must not exist in the matching Network. 141 */ 142 private long mUnwantedNetworkCapabilities; 143 144 /** @hide */ 145 @Retention(RetentionPolicy.SOURCE) 146 @IntDef(prefix = { "NET_CAPABILITY_" }, value = { 147 NET_CAPABILITY_MMS, 148 NET_CAPABILITY_SUPL, 149 NET_CAPABILITY_DUN, 150 NET_CAPABILITY_FOTA, 151 NET_CAPABILITY_IMS, 152 NET_CAPABILITY_CBS, 153 NET_CAPABILITY_WIFI_P2P, 154 NET_CAPABILITY_IA, 155 NET_CAPABILITY_RCS, 156 NET_CAPABILITY_XCAP, 157 NET_CAPABILITY_EIMS, 158 NET_CAPABILITY_NOT_METERED, 159 NET_CAPABILITY_INTERNET, 160 NET_CAPABILITY_NOT_RESTRICTED, 161 NET_CAPABILITY_TRUSTED, 162 NET_CAPABILITY_NOT_VPN, 163 NET_CAPABILITY_VALIDATED, 164 NET_CAPABILITY_CAPTIVE_PORTAL, 165 NET_CAPABILITY_NOT_ROAMING, 166 NET_CAPABILITY_FOREGROUND, 167 NET_CAPABILITY_NOT_CONGESTED, 168 NET_CAPABILITY_NOT_SUSPENDED, 169 NET_CAPABILITY_OEM_PAID, 170 NET_CAPABILITY_MCX, 171 NET_CAPABILITY_PARTIAL_CONNECTIVITY, 172 NET_CAPABILITY_TEMPORARILY_NOT_METERED, 173 }) 174 public @interface NetCapability { } 175 176 /** 177 * Indicates this is a network that has the ability to reach the 178 * carrier's MMSC for sending and receiving MMS messages. 179 */ 180 public static final int NET_CAPABILITY_MMS = 0; 181 182 /** 183 * Indicates this is a network that has the ability to reach the carrier's 184 * SUPL server, used to retrieve GPS information. 185 */ 186 public static final int NET_CAPABILITY_SUPL = 1; 187 188 /** 189 * Indicates this is a network that has the ability to reach the carrier's 190 * DUN or tethering gateway. 191 */ 192 public static final int NET_CAPABILITY_DUN = 2; 193 194 /** 195 * Indicates this is a network that has the ability to reach the carrier's 196 * FOTA portal, used for over the air updates. 197 */ 198 public static final int NET_CAPABILITY_FOTA = 3; 199 200 /** 201 * Indicates this is a network that has the ability to reach the carrier's 202 * IMS servers, used for network registration and signaling. 203 */ 204 public static final int NET_CAPABILITY_IMS = 4; 205 206 /** 207 * Indicates this is a network that has the ability to reach the carrier's 208 * CBS servers, used for carrier specific services. 209 */ 210 public static final int NET_CAPABILITY_CBS = 5; 211 212 /** 213 * Indicates this is a network that has the ability to reach a Wi-Fi direct 214 * peer. 215 */ 216 public static final int NET_CAPABILITY_WIFI_P2P = 6; 217 218 /** 219 * Indicates this is a network that has the ability to reach a carrier's 220 * Initial Attach servers. 221 */ 222 public static final int NET_CAPABILITY_IA = 7; 223 224 /** 225 * Indicates this is a network that has the ability to reach a carrier's 226 * RCS servers, used for Rich Communication Services. 227 */ 228 public static final int NET_CAPABILITY_RCS = 8; 229 230 /** 231 * Indicates this is a network that has the ability to reach a carrier's 232 * XCAP servers, used for configuration and control. 233 */ 234 public static final int NET_CAPABILITY_XCAP = 9; 235 236 /** 237 * Indicates this is a network that has the ability to reach a carrier's 238 * Emergency IMS servers or other services, used for network signaling 239 * during emergency calls. 240 */ 241 public static final int NET_CAPABILITY_EIMS = 10; 242 243 /** 244 * Indicates that this network is unmetered. 245 */ 246 public static final int NET_CAPABILITY_NOT_METERED = 11; 247 248 /** 249 * Indicates that this network should be able to reach the internet. 250 */ 251 public static final int NET_CAPABILITY_INTERNET = 12; 252 253 /** 254 * Indicates that this network is available for general use. If this is not set 255 * applications should not attempt to communicate on this network. Note that this 256 * is simply informative and not enforcement - enforcement is handled via other means. 257 * Set by default. 258 */ 259 public static final int NET_CAPABILITY_NOT_RESTRICTED = 13; 260 261 /** 262 * Indicates that the user has indicated implicit trust of this network. This 263 * generally means it's a sim-selected carrier, a plugged in ethernet, a paired 264 * BT device or a wifi the user asked to connect to. Untrusted networks 265 * are probably limited to unknown wifi AP. Set by default. 266 */ 267 public static final int NET_CAPABILITY_TRUSTED = 14; 268 269 /** 270 * Indicates that this network is not a VPN. This capability is set by default and should be 271 * explicitly cleared for VPN networks. 272 */ 273 public static final int NET_CAPABILITY_NOT_VPN = 15; 274 275 /** 276 * Indicates that connectivity on this network was successfully validated. For example, for a 277 * network with NET_CAPABILITY_INTERNET, it means that Internet connectivity was successfully 278 * detected. 279 */ 280 public static final int NET_CAPABILITY_VALIDATED = 16; 281 282 /** 283 * Indicates that this network was found to have a captive portal in place last time it was 284 * probed. 285 */ 286 public static final int NET_CAPABILITY_CAPTIVE_PORTAL = 17; 287 288 /** 289 * Indicates that this network is not roaming. 290 */ 291 public static final int NET_CAPABILITY_NOT_ROAMING = 18; 292 293 /** 294 * Indicates that this network is available for use by apps, and not a network that is being 295 * kept up in the background to facilitate fast network switching. 296 */ 297 public static final int NET_CAPABILITY_FOREGROUND = 19; 298 299 /** 300 * Indicates that this network is not congested. 301 * <p> 302 * When a network is congested, applications should defer network traffic 303 * that can be done at a later time, such as uploading analytics. 304 */ 305 public static final int NET_CAPABILITY_NOT_CONGESTED = 20; 306 307 /** 308 * Indicates that this network is not currently suspended. 309 * <p> 310 * When a network is suspended, the network's IP addresses and any connections 311 * established on the network remain valid, but the network is temporarily unable 312 * to transfer data. This can happen, for example, if a cellular network experiences 313 * a temporary loss of signal, such as when driving through a tunnel, etc. 314 * A network with this capability is not suspended, so is expected to be able to 315 * transfer data. 316 */ 317 public static final int NET_CAPABILITY_NOT_SUSPENDED = 21; 318 319 /** 320 * Indicates that traffic that goes through this network is paid by oem. For example, 321 * this network can be used by system apps to upload telemetry data. 322 * @hide 323 */ 324 @SystemApi 325 public static final int NET_CAPABILITY_OEM_PAID = 22; 326 327 /** 328 * Indicates this is a network that has the ability to reach a carrier's Mission Critical 329 * servers. 330 */ 331 public static final int NET_CAPABILITY_MCX = 23; 332 333 /** 334 * Indicates that this network was tested to only provide partial connectivity. 335 * @hide 336 */ 337 @SystemApi 338 public static final int NET_CAPABILITY_PARTIAL_CONNECTIVITY = 24; 339 340 /** 341 * This capability will be set for networks that are generally metered, but are currently 342 * unmetered, e.g., because the user is in a particular area. This capability can be changed at 343 * any time. When it is removed, applications are responsible for stopping any data transfer 344 * that should not occur on a metered network. 345 */ 346 public static final int NET_CAPABILITY_TEMPORARILY_NOT_METERED = 25; 347 348 private static final int MIN_NET_CAPABILITY = NET_CAPABILITY_MMS; 349 private static final int MAX_NET_CAPABILITY = NET_CAPABILITY_TEMPORARILY_NOT_METERED; 350 351 /** 352 * Network capabilities that are expected to be mutable, i.e., can change while a particular 353 * network is connected. 354 */ 355 private static final long MUTABLE_CAPABILITIES = 356 // TRUSTED can change when user explicitly connects to an untrusted network in Settings. 357 // http://b/18206275 358 (1 << NET_CAPABILITY_TRUSTED) 359 | (1 << NET_CAPABILITY_VALIDATED) 360 | (1 << NET_CAPABILITY_CAPTIVE_PORTAL) 361 | (1 << NET_CAPABILITY_NOT_ROAMING) 362 | (1 << NET_CAPABILITY_FOREGROUND) 363 | (1 << NET_CAPABILITY_NOT_CONGESTED) 364 | (1 << NET_CAPABILITY_NOT_SUSPENDED) 365 | (1 << NET_CAPABILITY_PARTIAL_CONNECTIVITY 366 | (1 << NET_CAPABILITY_TEMPORARILY_NOT_METERED)); 367 368 /** 369 * Network capabilities that are not allowed in NetworkRequests. This exists because the 370 * NetworkFactory / NetworkAgent model does not deal well with the situation where a 371 * capability's presence cannot be known in advance. If such a capability is requested, then we 372 * can get into a cycle where the NetworkFactory endlessly churns out NetworkAgents that then 373 * get immediately torn down because they do not have the requested capability. 374 */ 375 private static final long NON_REQUESTABLE_CAPABILITIES = 376 MUTABLE_CAPABILITIES & ~(1 << NET_CAPABILITY_TRUSTED); 377 378 /** 379 * Capabilities that are set by default when the object is constructed. 380 */ 381 private static final long DEFAULT_CAPABILITIES = 382 (1 << NET_CAPABILITY_NOT_RESTRICTED) | 383 (1 << NET_CAPABILITY_TRUSTED) | 384 (1 << NET_CAPABILITY_NOT_VPN); 385 386 /** 387 * Capabilities that suggest that a network is restricted. 388 * {@see #maybeMarkCapabilitiesRestricted}, {@see #FORCE_RESTRICTED_CAPABILITIES} 389 */ 390 @VisibleForTesting 391 /* package */ static final long RESTRICTED_CAPABILITIES = 392 (1 << NET_CAPABILITY_CBS) | 393 (1 << NET_CAPABILITY_DUN) | 394 (1 << NET_CAPABILITY_EIMS) | 395 (1 << NET_CAPABILITY_FOTA) | 396 (1 << NET_CAPABILITY_IA) | 397 (1 << NET_CAPABILITY_IMS) | 398 (1 << NET_CAPABILITY_RCS) | 399 (1 << NET_CAPABILITY_XCAP) | 400 (1 << NET_CAPABILITY_MCX); 401 402 /** 403 * Capabilities that force network to be restricted. 404 * {@see #maybeMarkCapabilitiesRestricted}. 405 */ 406 private static final long FORCE_RESTRICTED_CAPABILITIES = 407 (1 << NET_CAPABILITY_OEM_PAID); 408 409 /** 410 * Capabilities that suggest that a network is unrestricted. 411 * {@see #maybeMarkCapabilitiesRestricted}. 412 */ 413 @VisibleForTesting 414 /* package */ static final long UNRESTRICTED_CAPABILITIES = 415 (1 << NET_CAPABILITY_INTERNET) | 416 (1 << NET_CAPABILITY_MMS) | 417 (1 << NET_CAPABILITY_SUPL) | 418 (1 << NET_CAPABILITY_WIFI_P2P); 419 420 /** 421 * Capabilities that are managed by ConnectivityService. 422 */ 423 private static final long CONNECTIVITY_MANAGED_CAPABILITIES = 424 (1 << NET_CAPABILITY_VALIDATED) 425 | (1 << NET_CAPABILITY_CAPTIVE_PORTAL) 426 | (1 << NET_CAPABILITY_FOREGROUND) 427 | (1 << NET_CAPABILITY_PARTIAL_CONNECTIVITY); 428 429 /** 430 * Capabilities that are allowed for test networks. This list must be set so that it is safe 431 * for an unprivileged user to create a network with these capabilities via shell. As such, 432 * it must never contain capabilities that are generally useful to the system, such as 433 * INTERNET, IMS, SUPL, etc. 434 */ 435 private static final long TEST_NETWORKS_ALLOWED_CAPABILITIES = 436 (1 << NET_CAPABILITY_NOT_METERED) 437 | (1 << NET_CAPABILITY_TEMPORARILY_NOT_METERED) 438 | (1 << NET_CAPABILITY_NOT_RESTRICTED) 439 | (1 << NET_CAPABILITY_NOT_VPN) 440 | (1 << NET_CAPABILITY_NOT_ROAMING) 441 | (1 << NET_CAPABILITY_NOT_CONGESTED) 442 | (1 << NET_CAPABILITY_NOT_SUSPENDED); 443 444 /** 445 * Adds the given capability to this {@code NetworkCapability} instance. 446 * Note that when searching for a network to satisfy a request, all capabilities 447 * requested must be satisfied. 448 * 449 * @param capability the capability to be added. 450 * @return This NetworkCapabilities instance, to facilitate chaining. 451 * @hide 452 */ addCapability(@etCapability int capability)453 public @NonNull NetworkCapabilities addCapability(@NetCapability int capability) { 454 // If the given capability was previously added to the list of unwanted capabilities 455 // then the capability will also be removed from the list of unwanted capabilities. 456 // TODO: Consider adding unwanted capabilities to the public API and mention this 457 // in the documentation. 458 checkValidCapability(capability); 459 mNetworkCapabilities |= 1 << capability; 460 mUnwantedNetworkCapabilities &= ~(1 << capability); // remove from unwanted capability list 461 return this; 462 } 463 464 /** 465 * Adds the given capability to the list of unwanted capabilities of this 466 * {@code NetworkCapability} instance. Note that when searching for a network to 467 * satisfy a request, the network must not contain any capability from unwanted capability 468 * list. 469 * <p> 470 * If the capability was previously added to the list of required capabilities (for 471 * example, it was there by default or added using {@link #addCapability(int)} method), then 472 * it will be removed from the list of required capabilities as well. 473 * 474 * @see #addCapability(int) 475 * @hide 476 */ addUnwantedCapability(@etCapability int capability)477 public void addUnwantedCapability(@NetCapability int capability) { 478 checkValidCapability(capability); 479 mUnwantedNetworkCapabilities |= 1 << capability; 480 mNetworkCapabilities &= ~(1 << capability); // remove from requested capabilities 481 } 482 483 /** 484 * Removes (if found) the given capability from this {@code NetworkCapability} instance. 485 * 486 * @param capability the capability to be removed. 487 * @return This NetworkCapabilities instance, to facilitate chaining. 488 * @hide 489 */ removeCapability(@etCapability int capability)490 public @NonNull NetworkCapabilities removeCapability(@NetCapability int capability) { 491 // Note that this method removes capabilities that were added via addCapability(int), 492 // addUnwantedCapability(int) or setCapabilities(int[], int[]). 493 checkValidCapability(capability); 494 final long mask = ~(1 << capability); 495 mNetworkCapabilities &= mask; 496 mUnwantedNetworkCapabilities &= mask; 497 return this; 498 } 499 500 /** 501 * Sets (or clears) the given capability on this {@link NetworkCapabilities} 502 * instance. 503 * @hide 504 */ setCapability(@etCapability int capability, boolean value)505 public @NonNull NetworkCapabilities setCapability(@NetCapability int capability, 506 boolean value) { 507 if (value) { 508 addCapability(capability); 509 } else { 510 removeCapability(capability); 511 } 512 return this; 513 } 514 515 /** 516 * Gets all the capabilities set on this {@code NetworkCapability} instance. 517 * 518 * @return an array of capability values for this instance. 519 * @hide 520 */ 521 @UnsupportedAppUsage 522 @TestApi getCapabilities()523 public @NetCapability int[] getCapabilities() { 524 return BitUtils.unpackBits(mNetworkCapabilities); 525 } 526 527 /** 528 * Gets all the unwanted capabilities set on this {@code NetworkCapability} instance. 529 * 530 * @return an array of unwanted capability values for this instance. 531 * @hide 532 */ getUnwantedCapabilities()533 public @NetCapability int[] getUnwantedCapabilities() { 534 return BitUtils.unpackBits(mUnwantedNetworkCapabilities); 535 } 536 537 538 /** 539 * Sets all the capabilities set on this {@code NetworkCapability} instance. 540 * This overwrites any existing capabilities. 541 * 542 * @hide 543 */ setCapabilities(@etCapability int[] capabilities, @NetCapability int[] unwantedCapabilities)544 public void setCapabilities(@NetCapability int[] capabilities, 545 @NetCapability int[] unwantedCapabilities) { 546 mNetworkCapabilities = BitUtils.packBits(capabilities); 547 mUnwantedNetworkCapabilities = BitUtils.packBits(unwantedCapabilities); 548 } 549 550 /** 551 * @deprecated use {@link #setCapabilities(int[], int[])} 552 * @hide 553 */ 554 @Deprecated setCapabilities(@etCapability int[] capabilities)555 public void setCapabilities(@NetCapability int[] capabilities) { 556 setCapabilities(capabilities, new int[] {}); 557 } 558 559 /** 560 * Tests for the presence of a capability on this instance. 561 * 562 * @param capability the capabilities to be tested for. 563 * @return {@code true} if set on this instance. 564 */ hasCapability(@etCapability int capability)565 public boolean hasCapability(@NetCapability int capability) { 566 return isValidCapability(capability) 567 && ((mNetworkCapabilities & (1 << capability)) != 0); 568 } 569 570 /** @hide */ hasUnwantedCapability(@etCapability int capability)571 public boolean hasUnwantedCapability(@NetCapability int capability) { 572 return isValidCapability(capability) 573 && ((mUnwantedNetworkCapabilities & (1 << capability)) != 0); 574 } 575 576 /** 577 * Check if this NetworkCapabilities has system managed capabilities or not. 578 * @hide 579 */ hasConnectivityManagedCapability()580 public boolean hasConnectivityManagedCapability() { 581 return ((mNetworkCapabilities & CONNECTIVITY_MANAGED_CAPABILITIES) != 0); 582 } 583 584 /** Note this method may result in having the same capability in wanted and unwanted lists. */ combineNetCapabilities(@onNull NetworkCapabilities nc)585 private void combineNetCapabilities(@NonNull NetworkCapabilities nc) { 586 this.mNetworkCapabilities |= nc.mNetworkCapabilities; 587 this.mUnwantedNetworkCapabilities |= nc.mUnwantedNetworkCapabilities; 588 } 589 590 /** 591 * Convenience function that returns a human-readable description of the first mutable 592 * capability we find. Used to present an error message to apps that request mutable 593 * capabilities. 594 * 595 * @hide 596 */ describeFirstNonRequestableCapability()597 public @Nullable String describeFirstNonRequestableCapability() { 598 final long nonRequestable = (mNetworkCapabilities | mUnwantedNetworkCapabilities) 599 & NON_REQUESTABLE_CAPABILITIES; 600 601 if (nonRequestable != 0) { 602 return capabilityNameOf(BitUtils.unpackBits(nonRequestable)[0]); 603 } 604 if (mLinkUpBandwidthKbps != 0 || mLinkDownBandwidthKbps != 0) return "link bandwidth"; 605 if (hasSignalStrength()) return "signalStrength"; 606 if (isPrivateDnsBroken()) { 607 return "privateDnsBroken"; 608 } 609 return null; 610 } 611 satisfiedByNetCapabilities(@onNull NetworkCapabilities nc, boolean onlyImmutable)612 private boolean satisfiedByNetCapabilities(@NonNull NetworkCapabilities nc, 613 boolean onlyImmutable) { 614 long requestedCapabilities = mNetworkCapabilities; 615 long requestedUnwantedCapabilities = mUnwantedNetworkCapabilities; 616 long providedCapabilities = nc.mNetworkCapabilities; 617 618 if (onlyImmutable) { 619 requestedCapabilities &= ~MUTABLE_CAPABILITIES; 620 requestedUnwantedCapabilities &= ~MUTABLE_CAPABILITIES; 621 } 622 return ((providedCapabilities & requestedCapabilities) == requestedCapabilities) 623 && ((requestedUnwantedCapabilities & providedCapabilities) == 0); 624 } 625 626 /** @hide */ equalsNetCapabilities(@onNull NetworkCapabilities nc)627 public boolean equalsNetCapabilities(@NonNull NetworkCapabilities nc) { 628 return (nc.mNetworkCapabilities == this.mNetworkCapabilities) 629 && (nc.mUnwantedNetworkCapabilities == this.mUnwantedNetworkCapabilities); 630 } 631 equalsNetCapabilitiesRequestable(@onNull NetworkCapabilities that)632 private boolean equalsNetCapabilitiesRequestable(@NonNull NetworkCapabilities that) { 633 return ((this.mNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES) == 634 (that.mNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES)) 635 && ((this.mUnwantedNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES) == 636 (that.mUnwantedNetworkCapabilities & ~NON_REQUESTABLE_CAPABILITIES)); 637 } 638 639 /** 640 * Deduces that all the capabilities it provides are typically provided by restricted networks 641 * or not. 642 * 643 * @return {@code true} if the network should be restricted. 644 * @hide 645 */ deduceRestrictedCapability()646 public boolean deduceRestrictedCapability() { 647 // Check if we have any capability that forces the network to be restricted. 648 final boolean forceRestrictedCapability = 649 (mNetworkCapabilities & FORCE_RESTRICTED_CAPABILITIES) != 0; 650 651 // Verify there aren't any unrestricted capabilities. If there are we say 652 // the whole thing is unrestricted unless it is forced to be restricted. 653 final boolean hasUnrestrictedCapabilities = 654 (mNetworkCapabilities & UNRESTRICTED_CAPABILITIES) != 0; 655 656 // Must have at least some restricted capabilities. 657 final boolean hasRestrictedCapabilities = 658 (mNetworkCapabilities & RESTRICTED_CAPABILITIES) != 0; 659 660 return forceRestrictedCapability 661 || (hasRestrictedCapabilities && !hasUnrestrictedCapabilities); 662 } 663 664 /** 665 * Removes the NET_CAPABILITY_NOT_RESTRICTED capability if deducing the network is restricted. 666 * 667 * @hide 668 */ maybeMarkCapabilitiesRestricted()669 public void maybeMarkCapabilitiesRestricted() { 670 if (deduceRestrictedCapability()) { 671 removeCapability(NET_CAPABILITY_NOT_RESTRICTED); 672 } 673 } 674 675 /** 676 * Test networks have strong restrictions on what capabilities they can have. Enforce these 677 * restrictions. 678 * @hide 679 */ restrictCapabilitesForTestNetwork(int creatorUid)680 public void restrictCapabilitesForTestNetwork(int creatorUid) { 681 final long originalCapabilities = mNetworkCapabilities; 682 final long originalTransportTypes = mTransportTypes; 683 final NetworkSpecifier originalSpecifier = mNetworkSpecifier; 684 final int originalSignalStrength = mSignalStrength; 685 final int originalOwnerUid = getOwnerUid(); 686 final int[] originalAdministratorUids = getAdministratorUids(); 687 clearAll(); 688 mTransportTypes = (originalTransportTypes & TEST_NETWORKS_ALLOWED_TRANSPORTS) 689 | (1 << TRANSPORT_TEST); 690 mNetworkCapabilities = originalCapabilities & TEST_NETWORKS_ALLOWED_CAPABILITIES; 691 mNetworkSpecifier = originalSpecifier; 692 mSignalStrength = originalSignalStrength; 693 694 // Only retain the owner and administrator UIDs if they match the app registering the remote 695 // caller that registered the network. 696 if (originalOwnerUid == creatorUid) { 697 setOwnerUid(creatorUid); 698 } 699 if (ArrayUtils.contains(originalAdministratorUids, creatorUid)) { 700 setAdministratorUids(new int[] {creatorUid}); 701 } 702 } 703 704 /** 705 * Representing the transport type. Apps should generally not care about transport. A 706 * request for a fast internet connection could be satisfied by a number of different 707 * transports. If any are specified here it will be satisfied a Network that matches 708 * any of them. If a caller doesn't care about the transport it should not specify any. 709 */ 710 private long mTransportTypes; 711 712 /** @hide */ 713 @Retention(RetentionPolicy.SOURCE) 714 @IntDef(prefix = { "TRANSPORT_" }, value = { 715 TRANSPORT_CELLULAR, 716 TRANSPORT_WIFI, 717 TRANSPORT_BLUETOOTH, 718 TRANSPORT_ETHERNET, 719 TRANSPORT_VPN, 720 TRANSPORT_WIFI_AWARE, 721 TRANSPORT_LOWPAN, 722 TRANSPORT_TEST, 723 }) 724 public @interface Transport { } 725 726 /** 727 * Indicates this network uses a Cellular transport. 728 */ 729 public static final int TRANSPORT_CELLULAR = 0; 730 731 /** 732 * Indicates this network uses a Wi-Fi transport. 733 */ 734 public static final int TRANSPORT_WIFI = 1; 735 736 /** 737 * Indicates this network uses a Bluetooth transport. 738 */ 739 public static final int TRANSPORT_BLUETOOTH = 2; 740 741 /** 742 * Indicates this network uses an Ethernet transport. 743 */ 744 public static final int TRANSPORT_ETHERNET = 3; 745 746 /** 747 * Indicates this network uses a VPN transport. 748 */ 749 public static final int TRANSPORT_VPN = 4; 750 751 /** 752 * Indicates this network uses a Wi-Fi Aware transport. 753 */ 754 public static final int TRANSPORT_WIFI_AWARE = 5; 755 756 /** 757 * Indicates this network uses a LoWPAN transport. 758 */ 759 public static final int TRANSPORT_LOWPAN = 6; 760 761 /** 762 * Indicates this network uses a Test-only virtual interface as a transport. 763 * 764 * @hide 765 */ 766 @TestApi 767 public static final int TRANSPORT_TEST = 7; 768 769 /** @hide */ 770 public static final int MIN_TRANSPORT = TRANSPORT_CELLULAR; 771 /** @hide */ 772 public static final int MAX_TRANSPORT = TRANSPORT_TEST; 773 774 /** @hide */ isValidTransport(@ransport int transportType)775 public static boolean isValidTransport(@Transport int transportType) { 776 return (MIN_TRANSPORT <= transportType) && (transportType <= MAX_TRANSPORT); 777 } 778 779 private static final String[] TRANSPORT_NAMES = { 780 "CELLULAR", 781 "WIFI", 782 "BLUETOOTH", 783 "ETHERNET", 784 "VPN", 785 "WIFI_AWARE", 786 "LOWPAN", 787 "TEST" 788 }; 789 790 /** 791 * Allowed transports on a test network, in addition to TRANSPORT_TEST. 792 */ 793 private static final int TEST_NETWORKS_ALLOWED_TRANSPORTS = 1 << TRANSPORT_TEST 794 // Test ethernet networks can be created with EthernetManager#setIncludeTestInterfaces 795 | 1 << TRANSPORT_ETHERNET; 796 797 /** 798 * Adds the given transport type to this {@code NetworkCapability} instance. 799 * Multiple transports may be applied. Note that when searching 800 * for a network to satisfy a request, any listed in the request will satisfy the request. 801 * For example {@code TRANSPORT_WIFI} and {@code TRANSPORT_ETHERNET} added to a 802 * {@code NetworkCapabilities} would cause either a Wi-Fi network or an Ethernet network 803 * to be selected. This is logically different than 804 * {@code NetworkCapabilities.NET_CAPABILITY_*} listed above. 805 * 806 * @param transportType the transport type to be added. 807 * @return This NetworkCapabilities instance, to facilitate chaining. 808 * @hide 809 */ addTransportType(@ransport int transportType)810 public @NonNull NetworkCapabilities addTransportType(@Transport int transportType) { 811 checkValidTransportType(transportType); 812 mTransportTypes |= 1 << transportType; 813 setNetworkSpecifier(mNetworkSpecifier); // used for exception checking 814 return this; 815 } 816 817 /** 818 * Removes (if found) the given transport from this {@code NetworkCapability} instance. 819 * 820 * @param transportType the transport type to be removed. 821 * @return This NetworkCapabilities instance, to facilitate chaining. 822 * @hide 823 */ removeTransportType(@ransport int transportType)824 public @NonNull NetworkCapabilities removeTransportType(@Transport int transportType) { 825 checkValidTransportType(transportType); 826 mTransportTypes &= ~(1 << transportType); 827 setNetworkSpecifier(mNetworkSpecifier); // used for exception checking 828 return this; 829 } 830 831 /** 832 * Sets (or clears) the given transport on this {@link NetworkCapabilities} 833 * instance. 834 * 835 * @hide 836 */ setTransportType(@ransport int transportType, boolean value)837 public @NonNull NetworkCapabilities setTransportType(@Transport int transportType, 838 boolean value) { 839 if (value) { 840 addTransportType(transportType); 841 } else { 842 removeTransportType(transportType); 843 } 844 return this; 845 } 846 847 /** 848 * Gets all the transports set on this {@code NetworkCapability} instance. 849 * 850 * @return an array of transport type values for this instance. 851 * @hide 852 */ 853 @TestApi 854 @SystemApi getTransportTypes()855 @NonNull public @Transport int[] getTransportTypes() { 856 return BitUtils.unpackBits(mTransportTypes); 857 } 858 859 /** 860 * Sets all the transports set on this {@code NetworkCapability} instance. 861 * This overwrites any existing transports. 862 * 863 * @hide 864 */ setTransportTypes(@ransport int[] transportTypes)865 public void setTransportTypes(@Transport int[] transportTypes) { 866 mTransportTypes = BitUtils.packBits(transportTypes); 867 } 868 869 /** 870 * Tests for the presence of a transport on this instance. 871 * 872 * @param transportType the transport type to be tested for. 873 * @return {@code true} if set on this instance. 874 */ hasTransport(@ransport int transportType)875 public boolean hasTransport(@Transport int transportType) { 876 return isValidTransport(transportType) && ((mTransportTypes & (1 << transportType)) != 0); 877 } 878 combineTransportTypes(NetworkCapabilities nc)879 private void combineTransportTypes(NetworkCapabilities nc) { 880 this.mTransportTypes |= nc.mTransportTypes; 881 } 882 satisfiedByTransportTypes(NetworkCapabilities nc)883 private boolean satisfiedByTransportTypes(NetworkCapabilities nc) { 884 return ((this.mTransportTypes == 0) || 885 ((this.mTransportTypes & nc.mTransportTypes) != 0)); 886 } 887 888 /** @hide */ equalsTransportTypes(NetworkCapabilities nc)889 public boolean equalsTransportTypes(NetworkCapabilities nc) { 890 return (nc.mTransportTypes == this.mTransportTypes); 891 } 892 893 /** 894 * UID of the app that owns this network, or Process#INVALID_UID if none/unknown. 895 * 896 * <p>This field keeps track of the UID of the app that created this network and is in charge of 897 * its lifecycle. This could be the UID of apps such as the Wifi network suggestor, the running 898 * VPN, or Carrier Service app managing a cellular data connection. 899 * 900 * <p>For NetworkCapability instances being sent from ConnectivityService, this value MUST be 901 * reset to Process.INVALID_UID unless all the following conditions are met: 902 * 903 * <p>The caller is the network owner, AND one of the following sets of requirements is met: 904 * 905 * <ol> 906 * <li>The described Network is a VPN 907 * </ol> 908 * 909 * <p>OR: 910 * 911 * <ol> 912 * <li>The calling app is the network owner 913 * <li>The calling app has the ACCESS_FINE_LOCATION permission granted 914 * <li>The user's location toggle is on 915 * </ol> 916 * 917 * This is because the owner UID is location-sensitive. The apps that request a network could 918 * know where the device is if they can tell for sure the system has connected to the network 919 * they requested. 920 * 921 * <p>This is populated by the network agents and for the NetworkCapabilities instance sent by 922 * an app to the System Server, the value MUST be reset to Process.INVALID_UID by the system 923 * server. 924 */ 925 private int mOwnerUid = Process.INVALID_UID; 926 927 /** 928 * Set the UID of the owner app. 929 * @hide 930 */ setOwnerUid(final int uid)931 public @NonNull NetworkCapabilities setOwnerUid(final int uid) { 932 mOwnerUid = uid; 933 return this; 934 } 935 936 /** 937 * Retrieves the UID of the app that owns this network. 938 * 939 * <p>For user privacy reasons, this field will only be populated if the following conditions 940 * are met: 941 * 942 * <p>The caller is the network owner, AND one of the following sets of requirements is met: 943 * 944 * <ol> 945 * <li>The described Network is a VPN 946 * </ol> 947 * 948 * <p>OR: 949 * 950 * <ol> 951 * <li>The calling app is the network owner 952 * <li>The calling app has the ACCESS_FINE_LOCATION permission granted 953 * <li>The user's location toggle is on 954 * </ol> 955 * 956 * Instances of NetworkCapabilities sent to apps without the appropriate permissions will have 957 * this field cleared out. 958 */ getOwnerUid()959 public int getOwnerUid() { 960 return mOwnerUid; 961 } 962 963 /** 964 * UIDs of packages that are administrators of this network, or empty if none. 965 * 966 * <p>This field tracks the UIDs of packages that have permission to manage this network. 967 * 968 * <p>Network owners will also be listed as administrators. 969 * 970 * <p>For NetworkCapability instances being sent from the System Server, this value MUST be 971 * empty unless the destination is 1) the System Server, or 2) Telephony. In either case, the 972 * receiving entity must have the ACCESS_FINE_LOCATION permission and target R+. 973 * 974 * <p>When received from an app in a NetworkRequest this is always cleared out by the system 975 * server. This field is never used for matching NetworkRequests to NetworkAgents. 976 */ 977 @NonNull private int[] mAdministratorUids = new int[0]; 978 979 /** 980 * Sets the int[] of UIDs that are administrators of this network. 981 * 982 * <p>UIDs included in administratorUids gain administrator privileges over this Network. 983 * Examples of UIDs that should be included in administratorUids are: 984 * 985 * <ul> 986 * <li>Carrier apps with privileges for the relevant subscription 987 * <li>Active VPN apps 988 * <li>Other application groups with a particular Network-related role 989 * </ul> 990 * 991 * <p>In general, user-supplied networks (such as WiFi networks) do not have an administrator. 992 * 993 * <p>An app is granted owner privileges over Networks that it supplies. The owner UID MUST 994 * always be included in administratorUids. 995 * 996 * <p>The administrator UIDs are set by network agents. 997 * 998 * @param administratorUids the UIDs to be set as administrators of this Network. 999 * @throws IllegalArgumentException if duplicate UIDs are contained in administratorUids 1000 * @see #mAdministratorUids 1001 * @hide 1002 */ 1003 @NonNull setAdministratorUids(@onNull final int[] administratorUids)1004 public NetworkCapabilities setAdministratorUids(@NonNull final int[] administratorUids) { 1005 mAdministratorUids = Arrays.copyOf(administratorUids, administratorUids.length); 1006 Arrays.sort(mAdministratorUids); 1007 for (int i = 0; i < mAdministratorUids.length - 1; i++) { 1008 if (mAdministratorUids[i] >= mAdministratorUids[i + 1]) { 1009 throw new IllegalArgumentException("All administrator UIDs must be unique"); 1010 } 1011 } 1012 return this; 1013 } 1014 1015 /** 1016 * Retrieves the UIDs that are administrators of this Network. 1017 * 1018 * <p>This is only populated in NetworkCapabilities objects that come from network agents for 1019 * networks that are managed by specific apps on the system, such as carrier privileged apps or 1020 * wifi suggestion apps. This will include the network owner. 1021 * 1022 * @return the int[] of UIDs that are administrators of this Network 1023 * @see #mAdministratorUids 1024 * @hide 1025 */ 1026 @NonNull 1027 @SystemApi 1028 @TestApi getAdministratorUids()1029 public int[] getAdministratorUids() { 1030 return Arrays.copyOf(mAdministratorUids, mAdministratorUids.length); 1031 } 1032 1033 /** 1034 * Tests if the set of administrator UIDs of this network is the same as that of the passed one. 1035 * 1036 * <p>The administrator UIDs must be in sorted order. 1037 * 1038 * <p>nc is assumed non-null. Else, NPE. 1039 * 1040 * @hide 1041 */ 1042 @VisibleForTesting(visibility = PRIVATE) equalsAdministratorUids(@onNull final NetworkCapabilities nc)1043 public boolean equalsAdministratorUids(@NonNull final NetworkCapabilities nc) { 1044 return Arrays.equals(mAdministratorUids, nc.mAdministratorUids); 1045 } 1046 1047 /** 1048 * Combine the administrator UIDs of the capabilities. 1049 * 1050 * <p>This is only legal if either of the administrators lists are empty, or if they are equal. 1051 * Combining administrator UIDs is only possible for combining non-overlapping sets of UIDs. 1052 * 1053 * <p>If both administrator lists are non-empty but not equal, they conflict with each other. In 1054 * this case, it would not make sense to add them together. 1055 */ combineAdministratorUids(@onNull final NetworkCapabilities nc)1056 private void combineAdministratorUids(@NonNull final NetworkCapabilities nc) { 1057 if (nc.mAdministratorUids.length == 0) return; 1058 if (mAdministratorUids.length == 0) { 1059 mAdministratorUids = Arrays.copyOf(nc.mAdministratorUids, nc.mAdministratorUids.length); 1060 return; 1061 } 1062 if (!equalsAdministratorUids(nc)) { 1063 throw new IllegalStateException("Can't combine two different administrator UID lists"); 1064 } 1065 } 1066 1067 /** 1068 * Value indicating that link bandwidth is unspecified. 1069 * @hide 1070 */ 1071 public static final int LINK_BANDWIDTH_UNSPECIFIED = 0; 1072 1073 /** 1074 * Passive link bandwidth. This is a rough guide of the expected peak bandwidth 1075 * for the first hop on the given transport. It is not measured, but may take into account 1076 * link parameters (Radio technology, allocated channels, etc). 1077 */ 1078 private int mLinkUpBandwidthKbps = LINK_BANDWIDTH_UNSPECIFIED; 1079 private int mLinkDownBandwidthKbps = LINK_BANDWIDTH_UNSPECIFIED; 1080 1081 /** 1082 * Sets the upstream bandwidth for this network in Kbps. This always only refers to 1083 * the estimated first hop transport bandwidth. 1084 * <p> 1085 * {@see Builder#setLinkUpstreamBandwidthKbps} 1086 * 1087 * @param upKbps the estimated first hop upstream (device to network) bandwidth. 1088 * @hide 1089 */ setLinkUpstreamBandwidthKbps(int upKbps)1090 public @NonNull NetworkCapabilities setLinkUpstreamBandwidthKbps(int upKbps) { 1091 mLinkUpBandwidthKbps = upKbps; 1092 return this; 1093 } 1094 1095 /** 1096 * Retrieves the upstream bandwidth for this network in Kbps. This always only refers to 1097 * the estimated first hop transport bandwidth. 1098 * 1099 * @return The estimated first hop upstream (device to network) bandwidth. 1100 */ getLinkUpstreamBandwidthKbps()1101 public int getLinkUpstreamBandwidthKbps() { 1102 return mLinkUpBandwidthKbps; 1103 } 1104 1105 /** 1106 * Sets the downstream bandwidth for this network in Kbps. This always only refers to 1107 * the estimated first hop transport bandwidth. 1108 * <p> 1109 * {@see Builder#setLinkUpstreamBandwidthKbps} 1110 * 1111 * @param downKbps the estimated first hop downstream (network to device) bandwidth. 1112 * @hide 1113 */ setLinkDownstreamBandwidthKbps(int downKbps)1114 public @NonNull NetworkCapabilities setLinkDownstreamBandwidthKbps(int downKbps) { 1115 mLinkDownBandwidthKbps = downKbps; 1116 return this; 1117 } 1118 1119 /** 1120 * Retrieves the downstream bandwidth for this network in Kbps. This always only refers to 1121 * the estimated first hop transport bandwidth. 1122 * 1123 * @return The estimated first hop downstream (network to device) bandwidth. 1124 */ getLinkDownstreamBandwidthKbps()1125 public int getLinkDownstreamBandwidthKbps() { 1126 return mLinkDownBandwidthKbps; 1127 } 1128 combineLinkBandwidths(NetworkCapabilities nc)1129 private void combineLinkBandwidths(NetworkCapabilities nc) { 1130 this.mLinkUpBandwidthKbps = 1131 Math.max(this.mLinkUpBandwidthKbps, nc.mLinkUpBandwidthKbps); 1132 this.mLinkDownBandwidthKbps = 1133 Math.max(this.mLinkDownBandwidthKbps, nc.mLinkDownBandwidthKbps); 1134 } satisfiedByLinkBandwidths(NetworkCapabilities nc)1135 private boolean satisfiedByLinkBandwidths(NetworkCapabilities nc) { 1136 return !(this.mLinkUpBandwidthKbps > nc.mLinkUpBandwidthKbps || 1137 this.mLinkDownBandwidthKbps > nc.mLinkDownBandwidthKbps); 1138 } equalsLinkBandwidths(NetworkCapabilities nc)1139 private boolean equalsLinkBandwidths(NetworkCapabilities nc) { 1140 return (this.mLinkUpBandwidthKbps == nc.mLinkUpBandwidthKbps && 1141 this.mLinkDownBandwidthKbps == nc.mLinkDownBandwidthKbps); 1142 } 1143 /** @hide */ minBandwidth(int a, int b)1144 public static int minBandwidth(int a, int b) { 1145 if (a == LINK_BANDWIDTH_UNSPECIFIED) { 1146 return b; 1147 } else if (b == LINK_BANDWIDTH_UNSPECIFIED) { 1148 return a; 1149 } else { 1150 return Math.min(a, b); 1151 } 1152 } 1153 /** @hide */ maxBandwidth(int a, int b)1154 public static int maxBandwidth(int a, int b) { 1155 return Math.max(a, b); 1156 } 1157 1158 private NetworkSpecifier mNetworkSpecifier = null; 1159 private TransportInfo mTransportInfo = null; 1160 1161 /** 1162 * Sets the optional bearer specific network specifier. 1163 * This has no meaning if a single transport is also not specified, so calling 1164 * this without a single transport set will generate an exception, as will 1165 * subsequently adding or removing transports after this is set. 1166 * </p> 1167 * 1168 * @param networkSpecifier A concrete, parcelable framework class that extends 1169 * NetworkSpecifier. 1170 * @return This NetworkCapabilities instance, to facilitate chaining. 1171 * @hide 1172 */ setNetworkSpecifier( @onNull NetworkSpecifier networkSpecifier)1173 public @NonNull NetworkCapabilities setNetworkSpecifier( 1174 @NonNull NetworkSpecifier networkSpecifier) { 1175 if (networkSpecifier != null && Long.bitCount(mTransportTypes) != 1) { 1176 throw new IllegalStateException("Must have a single transport specified to use " + 1177 "setNetworkSpecifier"); 1178 } 1179 1180 mNetworkSpecifier = networkSpecifier; 1181 1182 return this; 1183 } 1184 1185 /** 1186 * Sets the optional transport specific information. 1187 * 1188 * @param transportInfo A concrete, parcelable framework class that extends 1189 * {@link TransportInfo}. 1190 * @return This NetworkCapabilities instance, to facilitate chaining. 1191 * @hide 1192 */ setTransportInfo(@onNull TransportInfo transportInfo)1193 public @NonNull NetworkCapabilities setTransportInfo(@NonNull TransportInfo transportInfo) { 1194 mTransportInfo = transportInfo; 1195 return this; 1196 } 1197 1198 /** 1199 * Gets the optional bearer specific network specifier. May be {@code null} if not set. 1200 * 1201 * @return The optional {@link NetworkSpecifier} specifying the bearer specific network 1202 * specifier or {@code null}. 1203 */ getNetworkSpecifier()1204 public @Nullable NetworkSpecifier getNetworkSpecifier() { 1205 return mNetworkSpecifier; 1206 } 1207 1208 /** 1209 * Returns a transport-specific information container. The application may cast this 1210 * container to a concrete sub-class based on its knowledge of the network request. The 1211 * application should be able to deal with a {@code null} return value or an invalid case, 1212 * e.g. use {@code instanceof} operator to verify expected type. 1213 * 1214 * @return A concrete implementation of the {@link TransportInfo} class or null if not 1215 * available for the network. 1216 */ getTransportInfo()1217 @Nullable public TransportInfo getTransportInfo() { 1218 return mTransportInfo; 1219 } 1220 combineSpecifiers(NetworkCapabilities nc)1221 private void combineSpecifiers(NetworkCapabilities nc) { 1222 if (mNetworkSpecifier != null && !mNetworkSpecifier.equals(nc.mNetworkSpecifier)) { 1223 throw new IllegalStateException("Can't combine two networkSpecifiers"); 1224 } 1225 setNetworkSpecifier(nc.mNetworkSpecifier); 1226 } 1227 satisfiedBySpecifier(NetworkCapabilities nc)1228 private boolean satisfiedBySpecifier(NetworkCapabilities nc) { 1229 return mNetworkSpecifier == null || mNetworkSpecifier.canBeSatisfiedBy(nc.mNetworkSpecifier) 1230 || nc.mNetworkSpecifier instanceof MatchAllNetworkSpecifier; 1231 } 1232 equalsSpecifier(NetworkCapabilities nc)1233 private boolean equalsSpecifier(NetworkCapabilities nc) { 1234 return Objects.equals(mNetworkSpecifier, nc.mNetworkSpecifier); 1235 } 1236 combineTransportInfos(NetworkCapabilities nc)1237 private void combineTransportInfos(NetworkCapabilities nc) { 1238 if (mTransportInfo != null && !mTransportInfo.equals(nc.mTransportInfo)) { 1239 throw new IllegalStateException("Can't combine two TransportInfos"); 1240 } 1241 setTransportInfo(nc.mTransportInfo); 1242 } 1243 equalsTransportInfo(NetworkCapabilities nc)1244 private boolean equalsTransportInfo(NetworkCapabilities nc) { 1245 return Objects.equals(mTransportInfo, nc.mTransportInfo); 1246 } 1247 1248 /** 1249 * Magic value that indicates no signal strength provided. A request specifying this value is 1250 * always satisfied. 1251 */ 1252 public static final int SIGNAL_STRENGTH_UNSPECIFIED = Integer.MIN_VALUE; 1253 1254 /** 1255 * Signal strength. This is a signed integer, and higher values indicate better signal. 1256 * The exact units are bearer-dependent. For example, Wi-Fi uses RSSI. 1257 */ 1258 @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.P) 1259 private int mSignalStrength = SIGNAL_STRENGTH_UNSPECIFIED; 1260 1261 /** 1262 * Sets the signal strength. This is a signed integer, with higher values indicating a stronger 1263 * signal. The exact units are bearer-dependent. For example, Wi-Fi uses the same RSSI units 1264 * reported by wifi code. 1265 * <p> 1266 * Note that when used to register a network callback, this specifies the minimum acceptable 1267 * signal strength. When received as the state of an existing network it specifies the current 1268 * value. A value of code SIGNAL_STRENGTH_UNSPECIFIED} means no value when received and has no 1269 * effect when requesting a callback. 1270 * 1271 * @param signalStrength the bearer-specific signal strength. 1272 * @hide 1273 */ setSignalStrength(int signalStrength)1274 public @NonNull NetworkCapabilities setSignalStrength(int signalStrength) { 1275 mSignalStrength = signalStrength; 1276 return this; 1277 } 1278 1279 /** 1280 * Returns {@code true} if this object specifies a signal strength. 1281 * 1282 * @hide 1283 */ 1284 @UnsupportedAppUsage hasSignalStrength()1285 public boolean hasSignalStrength() { 1286 return mSignalStrength > SIGNAL_STRENGTH_UNSPECIFIED; 1287 } 1288 1289 /** 1290 * Retrieves the signal strength. 1291 * 1292 * @return The bearer-specific signal strength. 1293 */ getSignalStrength()1294 public int getSignalStrength() { 1295 return mSignalStrength; 1296 } 1297 combineSignalStrength(NetworkCapabilities nc)1298 private void combineSignalStrength(NetworkCapabilities nc) { 1299 this.mSignalStrength = Math.max(this.mSignalStrength, nc.mSignalStrength); 1300 } 1301 satisfiedBySignalStrength(NetworkCapabilities nc)1302 private boolean satisfiedBySignalStrength(NetworkCapabilities nc) { 1303 return this.mSignalStrength <= nc.mSignalStrength; 1304 } 1305 equalsSignalStrength(NetworkCapabilities nc)1306 private boolean equalsSignalStrength(NetworkCapabilities nc) { 1307 return this.mSignalStrength == nc.mSignalStrength; 1308 } 1309 1310 /** 1311 * List of UIDs this network applies to. No restriction if null. 1312 * <p> 1313 * For networks, mUids represent the list of network this applies to, and null means this 1314 * network applies to all UIDs. 1315 * For requests, mUids is the list of UIDs this network MUST apply to to match ; ALL UIDs 1316 * must be included in a network so that they match. As an exception to the general rule, 1317 * a null mUids field for requests mean "no requirements" rather than what the general rule 1318 * would suggest ("must apply to all UIDs") : this is because this has shown to be what users 1319 * of this API expect in practice. A network that must match all UIDs can still be 1320 * expressed with a set ranging the entire set of possible UIDs. 1321 * <p> 1322 * mUids is typically (and at this time, only) used by VPN. This network is only available to 1323 * the UIDs in this list, and it is their default network. Apps in this list that wish to 1324 * bypass the VPN can do so iff the VPN app allows them to or if they are privileged. If this 1325 * member is null, then the network is not restricted by app UID. If it's an empty list, then 1326 * it means nobody can use it. 1327 * As a special exception, the app managing this network (as identified by its UID stored in 1328 * mOwnerUid) can always see this network. This is embodied by a special check in 1329 * satisfiedByUids. That still does not mean the network necessarily <strong>applies</strong> 1330 * to the app that manages it as determined by #appliesToUid. 1331 * <p> 1332 * Please note that in principle a single app can be associated with multiple UIDs because 1333 * each app will have a different UID when it's run as a different (macro-)user. A single 1334 * macro user can only have a single active VPN app at any given time however. 1335 * <p> 1336 * Also please be aware this class does not try to enforce any normalization on this. Callers 1337 * can only alter the UIDs by setting them wholesale : this class does not provide any utility 1338 * to add or remove individual UIDs or ranges. If callers have any normalization needs on 1339 * their own (like requiring sortedness or no overlap) they need to enforce it 1340 * themselves. Some of the internal methods also assume this is normalized as in no adjacent 1341 * or overlapping ranges are present. 1342 * 1343 * @hide 1344 */ 1345 private ArraySet<UidRange> mUids = null; 1346 1347 /** 1348 * Convenience method to set the UIDs this network applies to to a single UID. 1349 * @hide 1350 */ setSingleUid(int uid)1351 public @NonNull NetworkCapabilities setSingleUid(int uid) { 1352 final ArraySet<UidRange> identity = new ArraySet<>(1); 1353 identity.add(new UidRange(uid, uid)); 1354 setUids(identity); 1355 return this; 1356 } 1357 1358 /** 1359 * Set the list of UIDs this network applies to. 1360 * This makes a copy of the set so that callers can't modify it after the call. 1361 * @hide 1362 */ setUids(Set<UidRange> uids)1363 public @NonNull NetworkCapabilities setUids(Set<UidRange> uids) { 1364 if (null == uids) { 1365 mUids = null; 1366 } else { 1367 mUids = new ArraySet<>(uids); 1368 } 1369 return this; 1370 } 1371 1372 /** 1373 * Get the list of UIDs this network applies to. 1374 * This returns a copy of the set so that callers can't modify the original object. 1375 * @hide 1376 */ getUids()1377 public @Nullable Set<UidRange> getUids() { 1378 return null == mUids ? null : new ArraySet<>(mUids); 1379 } 1380 1381 /** 1382 * Test whether this network applies to this UID. 1383 * @hide 1384 */ appliesToUid(int uid)1385 public boolean appliesToUid(int uid) { 1386 if (null == mUids) return true; 1387 for (UidRange range : mUids) { 1388 if (range.contains(uid)) { 1389 return true; 1390 } 1391 } 1392 return false; 1393 } 1394 1395 /** 1396 * Tests if the set of UIDs that this network applies to is the same as the passed network. 1397 * <p> 1398 * This test only checks whether equal range objects are in both sets. It will 1399 * return false if the ranges are not exactly the same, even if the covered UIDs 1400 * are for an equivalent result. 1401 * <p> 1402 * Note that this method is not very optimized, which is fine as long as it's not used very 1403 * often. 1404 * <p> 1405 * nc is assumed nonnull. 1406 * 1407 * @hide 1408 */ 1409 @VisibleForTesting equalsUids(@onNull NetworkCapabilities nc)1410 public boolean equalsUids(@NonNull NetworkCapabilities nc) { 1411 Set<UidRange> comparedUids = nc.mUids; 1412 if (null == comparedUids) return null == mUids; 1413 if (null == mUids) return false; 1414 // Make a copy so it can be mutated to check that all ranges in mUids 1415 // also are in uids. 1416 final Set<UidRange> uids = new ArraySet<>(mUids); 1417 for (UidRange range : comparedUids) { 1418 if (!uids.contains(range)) { 1419 return false; 1420 } 1421 uids.remove(range); 1422 } 1423 return uids.isEmpty(); 1424 } 1425 1426 /** 1427 * Test whether the passed NetworkCapabilities satisfies the UIDs this capabilities require. 1428 * 1429 * This method is called on the NetworkCapabilities embedded in a request with the 1430 * capabilities of an available network. It checks whether all the UIDs from this listen 1431 * (representing the UIDs that must have access to the network) are satisfied by the UIDs 1432 * in the passed nc (representing the UIDs that this network is available to). 1433 * <p> 1434 * As a special exception, the UID that created the passed network (as represented by its 1435 * mOwnerUid field) always satisfies a NetworkRequest requiring it (of LISTEN 1436 * or REQUEST types alike), even if the network does not apply to it. That is so a VPN app 1437 * can see its own network when it listens for it. 1438 * <p> 1439 * nc is assumed nonnull. Else, NPE. 1440 * @see #appliesToUid 1441 * @hide 1442 */ satisfiedByUids(@onNull NetworkCapabilities nc)1443 public boolean satisfiedByUids(@NonNull NetworkCapabilities nc) { 1444 if (null == nc.mUids || null == mUids) return true; // The network satisfies everything. 1445 for (UidRange requiredRange : mUids) { 1446 if (requiredRange.contains(nc.mOwnerUid)) return true; 1447 if (!nc.appliesToUidRange(requiredRange)) { 1448 return false; 1449 } 1450 } 1451 return true; 1452 } 1453 1454 /** 1455 * Returns whether this network applies to the passed ranges. 1456 * This assumes that to apply, the passed range has to be entirely contained 1457 * within one of the ranges this network applies to. If the ranges are not normalized, 1458 * this method may return false even though all required UIDs are covered because no 1459 * single range contained them all. 1460 * @hide 1461 */ 1462 @VisibleForTesting appliesToUidRange(@ullable UidRange requiredRange)1463 public boolean appliesToUidRange(@Nullable UidRange requiredRange) { 1464 if (null == mUids) return true; 1465 for (UidRange uidRange : mUids) { 1466 if (uidRange.containsRange(requiredRange)) { 1467 return true; 1468 } 1469 } 1470 return false; 1471 } 1472 1473 /** 1474 * Combine the UIDs this network currently applies to with the UIDs the passed 1475 * NetworkCapabilities apply to. 1476 * nc is assumed nonnull. 1477 */ combineUids(@onNull NetworkCapabilities nc)1478 private void combineUids(@NonNull NetworkCapabilities nc) { 1479 if (null == nc.mUids || null == mUids) { 1480 mUids = null; 1481 return; 1482 } 1483 mUids.addAll(nc.mUids); 1484 } 1485 1486 1487 /** 1488 * The SSID of the network, or null if not applicable or unknown. 1489 * <p> 1490 * This is filled in by wifi code. 1491 * @hide 1492 */ 1493 private String mSSID; 1494 1495 /** 1496 * Sets the SSID of this network. 1497 * @hide 1498 */ setSSID(@ullable String ssid)1499 public @NonNull NetworkCapabilities setSSID(@Nullable String ssid) { 1500 mSSID = ssid; 1501 return this; 1502 } 1503 1504 /** 1505 * Gets the SSID of this network, or null if none or unknown. 1506 * @hide 1507 */ 1508 @SystemApi 1509 @TestApi getSsid()1510 public @Nullable String getSsid() { 1511 return mSSID; 1512 } 1513 1514 /** 1515 * Tests if the SSID of this network is the same as the SSID of the passed network. 1516 * @hide 1517 */ equalsSSID(@onNull NetworkCapabilities nc)1518 public boolean equalsSSID(@NonNull NetworkCapabilities nc) { 1519 return Objects.equals(mSSID, nc.mSSID); 1520 } 1521 1522 /** 1523 * Check if the SSID requirements of this object are matched by the passed object. 1524 * @hide 1525 */ satisfiedBySSID(@onNull NetworkCapabilities nc)1526 public boolean satisfiedBySSID(@NonNull NetworkCapabilities nc) { 1527 return mSSID == null || mSSID.equals(nc.mSSID); 1528 } 1529 1530 /** 1531 * Combine SSIDs of the capabilities. 1532 * <p> 1533 * This is only legal if either the SSID of this object is null, or both SSIDs are 1534 * equal. 1535 * @hide 1536 */ combineSSIDs(@onNull NetworkCapabilities nc)1537 private void combineSSIDs(@NonNull NetworkCapabilities nc) { 1538 if (mSSID != null && !mSSID.equals(nc.mSSID)) { 1539 throw new IllegalStateException("Can't combine two SSIDs"); 1540 } 1541 setSSID(nc.mSSID); 1542 } 1543 1544 /** 1545 * Combine a set of Capabilities to this one. Useful for coming up with the complete set. 1546 * <p> 1547 * Note that this method may break an invariant of having a particular capability in either 1548 * wanted or unwanted lists but never in both. Requests that have the same capability in 1549 * both lists will never be satisfied. 1550 * @hide 1551 */ combineCapabilities(@onNull NetworkCapabilities nc)1552 public void combineCapabilities(@NonNull NetworkCapabilities nc) { 1553 combineNetCapabilities(nc); 1554 combineTransportTypes(nc); 1555 combineLinkBandwidths(nc); 1556 combineSpecifiers(nc); 1557 combineTransportInfos(nc); 1558 combineSignalStrength(nc); 1559 combineUids(nc); 1560 combineSSIDs(nc); 1561 combineRequestor(nc); 1562 combineAdministratorUids(nc); 1563 } 1564 1565 /** 1566 * Check if our requirements are satisfied by the given {@code NetworkCapabilities}. 1567 * 1568 * @param nc the {@code NetworkCapabilities} that may or may not satisfy our requirements. 1569 * @param onlyImmutable if {@code true}, do not consider mutable requirements such as link 1570 * bandwidth, signal strength, or validation / captive portal status. 1571 * 1572 * @hide 1573 */ satisfiedByNetworkCapabilities(NetworkCapabilities nc, boolean onlyImmutable)1574 private boolean satisfiedByNetworkCapabilities(NetworkCapabilities nc, boolean onlyImmutable) { 1575 return (nc != null 1576 && satisfiedByNetCapabilities(nc, onlyImmutable) 1577 && satisfiedByTransportTypes(nc) 1578 && (onlyImmutable || satisfiedByLinkBandwidths(nc)) 1579 && satisfiedBySpecifier(nc) 1580 && (onlyImmutable || satisfiedBySignalStrength(nc)) 1581 && (onlyImmutable || satisfiedByUids(nc)) 1582 && (onlyImmutable || satisfiedBySSID(nc))) 1583 && (onlyImmutable || satisfiedByRequestor(nc)); 1584 } 1585 1586 /** 1587 * Check if our requirements are satisfied by the given {@code NetworkCapabilities}. 1588 * 1589 * @param nc the {@code NetworkCapabilities} that may or may not satisfy our requirements. 1590 * 1591 * @hide 1592 */ 1593 @TestApi 1594 @SystemApi satisfiedByNetworkCapabilities(@ullable NetworkCapabilities nc)1595 public boolean satisfiedByNetworkCapabilities(@Nullable NetworkCapabilities nc) { 1596 return satisfiedByNetworkCapabilities(nc, false); 1597 } 1598 1599 /** 1600 * Check if our immutable requirements are satisfied by the given {@code NetworkCapabilities}. 1601 * 1602 * @param nc the {@code NetworkCapabilities} that may or may not satisfy our requirements. 1603 * 1604 * @hide 1605 */ satisfiedByImmutableNetworkCapabilities(@ullable NetworkCapabilities nc)1606 public boolean satisfiedByImmutableNetworkCapabilities(@Nullable NetworkCapabilities nc) { 1607 return satisfiedByNetworkCapabilities(nc, true); 1608 } 1609 1610 /** 1611 * Checks that our immutable capabilities are the same as those of the given 1612 * {@code NetworkCapabilities} and return a String describing any difference. 1613 * The returned String is empty if there is no difference. 1614 * 1615 * @hide 1616 */ describeImmutableDifferences(@ullable NetworkCapabilities that)1617 public String describeImmutableDifferences(@Nullable NetworkCapabilities that) { 1618 if (that == null) { 1619 return "other NetworkCapabilities was null"; 1620 } 1621 1622 StringJoiner joiner = new StringJoiner(", "); 1623 1624 // Ignore NOT_METERED being added or removed as it is effectively dynamic. http://b/63326103 1625 // TODO: properly support NOT_METERED as a mutable and requestable capability. 1626 final long mask = ~MUTABLE_CAPABILITIES & ~(1 << NET_CAPABILITY_NOT_METERED); 1627 long oldImmutableCapabilities = this.mNetworkCapabilities & mask; 1628 long newImmutableCapabilities = that.mNetworkCapabilities & mask; 1629 if (oldImmutableCapabilities != newImmutableCapabilities) { 1630 String before = capabilityNamesOf(BitUtils.unpackBits(oldImmutableCapabilities)); 1631 String after = capabilityNamesOf(BitUtils.unpackBits(newImmutableCapabilities)); 1632 joiner.add(String.format("immutable capabilities changed: %s -> %s", before, after)); 1633 } 1634 1635 if (!equalsSpecifier(that)) { 1636 NetworkSpecifier before = this.getNetworkSpecifier(); 1637 NetworkSpecifier after = that.getNetworkSpecifier(); 1638 joiner.add(String.format("specifier changed: %s -> %s", before, after)); 1639 } 1640 1641 if (!equalsTransportTypes(that)) { 1642 String before = transportNamesOf(this.getTransportTypes()); 1643 String after = transportNamesOf(that.getTransportTypes()); 1644 joiner.add(String.format("transports changed: %s -> %s", before, after)); 1645 } 1646 1647 return joiner.toString(); 1648 } 1649 1650 /** 1651 * Checks that our requestable capabilities are the same as those of the given 1652 * {@code NetworkCapabilities}. 1653 * 1654 * @hide 1655 */ equalRequestableCapabilities(@ullable NetworkCapabilities nc)1656 public boolean equalRequestableCapabilities(@Nullable NetworkCapabilities nc) { 1657 if (nc == null) return false; 1658 return (equalsNetCapabilitiesRequestable(nc) && 1659 equalsTransportTypes(nc) && 1660 equalsSpecifier(nc)); 1661 } 1662 1663 @Override equals(@ullable Object obj)1664 public boolean equals(@Nullable Object obj) { 1665 if (obj == null || (obj instanceof NetworkCapabilities == false)) return false; 1666 NetworkCapabilities that = (NetworkCapabilities) obj; 1667 return equalsNetCapabilities(that) 1668 && equalsTransportTypes(that) 1669 && equalsLinkBandwidths(that) 1670 && equalsSignalStrength(that) 1671 && equalsSpecifier(that) 1672 && equalsTransportInfo(that) 1673 && equalsUids(that) 1674 && equalsSSID(that) 1675 && equalsPrivateDnsBroken(that) 1676 && equalsRequestor(that) 1677 && equalsAdministratorUids(that); 1678 } 1679 1680 @Override hashCode()1681 public int hashCode() { 1682 return (int) (mNetworkCapabilities & 0xFFFFFFFF) 1683 + ((int) (mNetworkCapabilities >> 32) * 3) 1684 + ((int) (mUnwantedNetworkCapabilities & 0xFFFFFFFF) * 5) 1685 + ((int) (mUnwantedNetworkCapabilities >> 32) * 7) 1686 + ((int) (mTransportTypes & 0xFFFFFFFF) * 11) 1687 + ((int) (mTransportTypes >> 32) * 13) 1688 + (mLinkUpBandwidthKbps * 17) 1689 + (mLinkDownBandwidthKbps * 19) 1690 + Objects.hashCode(mNetworkSpecifier) * 23 1691 + (mSignalStrength * 29) 1692 + Objects.hashCode(mUids) * 31 1693 + Objects.hashCode(mSSID) * 37 1694 + Objects.hashCode(mTransportInfo) * 41 1695 + Objects.hashCode(mPrivateDnsBroken) * 43 1696 + Objects.hashCode(mRequestorUid) * 47 1697 + Objects.hashCode(mRequestorPackageName) * 53 1698 + Arrays.hashCode(mAdministratorUids) * 59; 1699 } 1700 1701 @Override describeContents()1702 public int describeContents() { 1703 return 0; 1704 } 1705 1706 @Override writeToParcel(Parcel dest, int flags)1707 public void writeToParcel(Parcel dest, int flags) { 1708 dest.writeLong(mNetworkCapabilities); 1709 dest.writeLong(mUnwantedNetworkCapabilities); 1710 dest.writeLong(mTransportTypes); 1711 dest.writeInt(mLinkUpBandwidthKbps); 1712 dest.writeInt(mLinkDownBandwidthKbps); 1713 dest.writeParcelable((Parcelable) mNetworkSpecifier, flags); 1714 dest.writeParcelable((Parcelable) mTransportInfo, flags); 1715 dest.writeInt(mSignalStrength); 1716 dest.writeArraySet(mUids); 1717 dest.writeString(mSSID); 1718 dest.writeBoolean(mPrivateDnsBroken); 1719 dest.writeIntArray(getAdministratorUids()); 1720 dest.writeInt(mOwnerUid); 1721 dest.writeInt(mRequestorUid); 1722 dest.writeString(mRequestorPackageName); 1723 } 1724 1725 public static final @android.annotation.NonNull Creator<NetworkCapabilities> CREATOR = 1726 new Creator<NetworkCapabilities>() { 1727 @Override 1728 public NetworkCapabilities createFromParcel(Parcel in) { 1729 NetworkCapabilities netCap = new NetworkCapabilities(); 1730 1731 netCap.mNetworkCapabilities = in.readLong(); 1732 netCap.mUnwantedNetworkCapabilities = in.readLong(); 1733 netCap.mTransportTypes = in.readLong(); 1734 netCap.mLinkUpBandwidthKbps = in.readInt(); 1735 netCap.mLinkDownBandwidthKbps = in.readInt(); 1736 netCap.mNetworkSpecifier = in.readParcelable(null); 1737 netCap.mTransportInfo = in.readParcelable(null); 1738 netCap.mSignalStrength = in.readInt(); 1739 netCap.mUids = (ArraySet<UidRange>) in.readArraySet( 1740 null /* ClassLoader, null for default */); 1741 netCap.mSSID = in.readString(); 1742 netCap.mPrivateDnsBroken = in.readBoolean(); 1743 netCap.setAdministratorUids(in.createIntArray()); 1744 netCap.mOwnerUid = in.readInt(); 1745 netCap.mRequestorUid = in.readInt(); 1746 netCap.mRequestorPackageName = in.readString(); 1747 return netCap; 1748 } 1749 @Override 1750 public NetworkCapabilities[] newArray(int size) { 1751 return new NetworkCapabilities[size]; 1752 } 1753 }; 1754 1755 @Override toString()1756 public @NonNull String toString() { 1757 final StringBuilder sb = new StringBuilder("["); 1758 if (0 != mTransportTypes) { 1759 sb.append(" Transports: "); 1760 appendStringRepresentationOfBitMaskToStringBuilder(sb, mTransportTypes, 1761 NetworkCapabilities::transportNameOf, "|"); 1762 } 1763 if (0 != mNetworkCapabilities) { 1764 sb.append(" Capabilities: "); 1765 appendStringRepresentationOfBitMaskToStringBuilder(sb, mNetworkCapabilities, 1766 NetworkCapabilities::capabilityNameOf, "&"); 1767 } 1768 if (0 != mUnwantedNetworkCapabilities) { 1769 sb.append(" Unwanted: "); 1770 appendStringRepresentationOfBitMaskToStringBuilder(sb, mUnwantedNetworkCapabilities, 1771 NetworkCapabilities::capabilityNameOf, "&"); 1772 } 1773 if (mLinkUpBandwidthKbps > 0) { 1774 sb.append(" LinkUpBandwidth>=").append(mLinkUpBandwidthKbps).append("Kbps"); 1775 } 1776 if (mLinkDownBandwidthKbps > 0) { 1777 sb.append(" LinkDnBandwidth>=").append(mLinkDownBandwidthKbps).append("Kbps"); 1778 } 1779 if (mNetworkSpecifier != null) { 1780 sb.append(" Specifier: <").append(mNetworkSpecifier).append(">"); 1781 } 1782 if (mTransportInfo != null) { 1783 sb.append(" TransportInfo: <").append(mTransportInfo).append(">"); 1784 } 1785 if (hasSignalStrength()) { 1786 sb.append(" SignalStrength: ").append(mSignalStrength); 1787 } 1788 1789 if (null != mUids) { 1790 if ((1 == mUids.size()) && (mUids.valueAt(0).count() == 1)) { 1791 sb.append(" Uid: ").append(mUids.valueAt(0).start); 1792 } else { 1793 sb.append(" Uids: <").append(mUids).append(">"); 1794 } 1795 } 1796 if (mOwnerUid != Process.INVALID_UID) { 1797 sb.append(" OwnerUid: ").append(mOwnerUid); 1798 } 1799 1800 if (mAdministratorUids.length == 0) { 1801 sb.append(" AdministratorUids: ").append(Arrays.toString(mAdministratorUids)); 1802 } 1803 1804 if (null != mSSID) { 1805 sb.append(" SSID: ").append(mSSID); 1806 } 1807 1808 if (mPrivateDnsBroken) { 1809 sb.append(" Private DNS is broken"); 1810 } 1811 1812 sb.append(" RequestorUid: ").append(mRequestorUid); 1813 sb.append(" RequestorPackageName: ").append(mRequestorPackageName); 1814 1815 sb.append("]"); 1816 return sb.toString(); 1817 } 1818 1819 1820 private interface NameOf { nameOf(int value)1821 String nameOf(int value); 1822 } 1823 1824 /** 1825 * @hide 1826 */ appendStringRepresentationOfBitMaskToStringBuilder(@onNull StringBuilder sb, long bitMask, @NonNull NameOf nameFetcher, @NonNull String separator)1827 public static void appendStringRepresentationOfBitMaskToStringBuilder(@NonNull StringBuilder sb, 1828 long bitMask, @NonNull NameOf nameFetcher, @NonNull String separator) { 1829 int bitPos = 0; 1830 boolean firstElementAdded = false; 1831 while (bitMask != 0) { 1832 if ((bitMask & 1) != 0) { 1833 if (firstElementAdded) { 1834 sb.append(separator); 1835 } else { 1836 firstElementAdded = true; 1837 } 1838 sb.append(nameFetcher.nameOf(bitPos)); 1839 } 1840 bitMask >>= 1; 1841 ++bitPos; 1842 } 1843 } 1844 1845 /** @hide */ writeToProto(@onNull ProtoOutputStream proto, long fieldId)1846 public void writeToProto(@NonNull ProtoOutputStream proto, long fieldId) { 1847 final long token = proto.start(fieldId); 1848 1849 for (int transport : getTransportTypes()) { 1850 proto.write(NetworkCapabilitiesProto.TRANSPORTS, transport); 1851 } 1852 1853 for (int capability : getCapabilities()) { 1854 proto.write(NetworkCapabilitiesProto.CAPABILITIES, capability); 1855 } 1856 1857 proto.write(NetworkCapabilitiesProto.LINK_UP_BANDWIDTH_KBPS, mLinkUpBandwidthKbps); 1858 proto.write(NetworkCapabilitiesProto.LINK_DOWN_BANDWIDTH_KBPS, mLinkDownBandwidthKbps); 1859 1860 if (mNetworkSpecifier != null) { 1861 proto.write(NetworkCapabilitiesProto.NETWORK_SPECIFIER, mNetworkSpecifier.toString()); 1862 } 1863 if (mTransportInfo != null) { 1864 // TODO b/120653863: write transport-specific info to proto? 1865 } 1866 1867 proto.write(NetworkCapabilitiesProto.CAN_REPORT_SIGNAL_STRENGTH, hasSignalStrength()); 1868 proto.write(NetworkCapabilitiesProto.SIGNAL_STRENGTH, mSignalStrength); 1869 1870 proto.end(token); 1871 } 1872 1873 /** 1874 * @hide 1875 */ capabilityNamesOf(@ullable @etCapability int[] capabilities)1876 public static @NonNull String capabilityNamesOf(@Nullable @NetCapability int[] capabilities) { 1877 StringJoiner joiner = new StringJoiner("|"); 1878 if (capabilities != null) { 1879 for (int c : capabilities) { 1880 joiner.add(capabilityNameOf(c)); 1881 } 1882 } 1883 return joiner.toString(); 1884 } 1885 1886 /** 1887 * @hide 1888 */ capabilityNameOf(@etCapability int capability)1889 public static @NonNull String capabilityNameOf(@NetCapability int capability) { 1890 switch (capability) { 1891 case NET_CAPABILITY_MMS: return "MMS"; 1892 case NET_CAPABILITY_SUPL: return "SUPL"; 1893 case NET_CAPABILITY_DUN: return "DUN"; 1894 case NET_CAPABILITY_FOTA: return "FOTA"; 1895 case NET_CAPABILITY_IMS: return "IMS"; 1896 case NET_CAPABILITY_CBS: return "CBS"; 1897 case NET_CAPABILITY_WIFI_P2P: return "WIFI_P2P"; 1898 case NET_CAPABILITY_IA: return "IA"; 1899 case NET_CAPABILITY_RCS: return "RCS"; 1900 case NET_CAPABILITY_XCAP: return "XCAP"; 1901 case NET_CAPABILITY_EIMS: return "EIMS"; 1902 case NET_CAPABILITY_NOT_METERED: return "NOT_METERED"; 1903 case NET_CAPABILITY_INTERNET: return "INTERNET"; 1904 case NET_CAPABILITY_NOT_RESTRICTED: return "NOT_RESTRICTED"; 1905 case NET_CAPABILITY_TRUSTED: return "TRUSTED"; 1906 case NET_CAPABILITY_NOT_VPN: return "NOT_VPN"; 1907 case NET_CAPABILITY_VALIDATED: return "VALIDATED"; 1908 case NET_CAPABILITY_CAPTIVE_PORTAL: return "CAPTIVE_PORTAL"; 1909 case NET_CAPABILITY_NOT_ROAMING: return "NOT_ROAMING"; 1910 case NET_CAPABILITY_FOREGROUND: return "FOREGROUND"; 1911 case NET_CAPABILITY_NOT_CONGESTED: return "NOT_CONGESTED"; 1912 case NET_CAPABILITY_NOT_SUSPENDED: return "NOT_SUSPENDED"; 1913 case NET_CAPABILITY_OEM_PAID: return "OEM_PAID"; 1914 case NET_CAPABILITY_MCX: return "MCX"; 1915 case NET_CAPABILITY_PARTIAL_CONNECTIVITY: return "PARTIAL_CONNECTIVITY"; 1916 case NET_CAPABILITY_TEMPORARILY_NOT_METERED: return "TEMPORARILY_NOT_METERED"; 1917 default: return Integer.toString(capability); 1918 } 1919 } 1920 1921 /** 1922 * @hide 1923 */ 1924 @UnsupportedAppUsage transportNamesOf(@ullable @ransport int[] types)1925 public static @NonNull String transportNamesOf(@Nullable @Transport int[] types) { 1926 StringJoiner joiner = new StringJoiner("|"); 1927 if (types != null) { 1928 for (int t : types) { 1929 joiner.add(transportNameOf(t)); 1930 } 1931 } 1932 return joiner.toString(); 1933 } 1934 1935 /** 1936 * @hide 1937 */ transportNameOf(@ransport int transport)1938 public static @NonNull String transportNameOf(@Transport int transport) { 1939 if (!isValidTransport(transport)) { 1940 return "UNKNOWN"; 1941 } 1942 return TRANSPORT_NAMES[transport]; 1943 } 1944 checkValidTransportType(@ransport int transport)1945 private static void checkValidTransportType(@Transport int transport) { 1946 Preconditions.checkArgument( 1947 isValidTransport(transport), "Invalid TransportType " + transport); 1948 } 1949 isValidCapability(@etworkCapabilities.NetCapability int capability)1950 private static boolean isValidCapability(@NetworkCapabilities.NetCapability int capability) { 1951 return capability >= MIN_NET_CAPABILITY && capability <= MAX_NET_CAPABILITY; 1952 } 1953 checkValidCapability(@etworkCapabilities.NetCapability int capability)1954 private static void checkValidCapability(@NetworkCapabilities.NetCapability int capability) { 1955 Preconditions.checkArgument(isValidCapability(capability), 1956 "NetworkCapability " + capability + "out of range"); 1957 } 1958 1959 /** 1960 * Check if this {@code NetworkCapability} instance is metered. 1961 * 1962 * @return {@code true} if {@code NET_CAPABILITY_NOT_METERED} is not set on this instance. 1963 * @hide 1964 */ isMetered()1965 public boolean isMetered() { 1966 return !hasCapability(NET_CAPABILITY_NOT_METERED); 1967 } 1968 1969 /** 1970 * Check if private dns is broken. 1971 * 1972 * @return {@code true} if {@code mPrivateDnsBroken} is set when private DNS is broken. 1973 * @hide 1974 */ isPrivateDnsBroken()1975 public boolean isPrivateDnsBroken() { 1976 return mPrivateDnsBroken; 1977 } 1978 1979 /** 1980 * Set mPrivateDnsBroken to true when private dns is broken. 1981 * 1982 * @param broken the status of private DNS to be set. 1983 * @hide 1984 */ setPrivateDnsBroken(boolean broken)1985 public void setPrivateDnsBroken(boolean broken) { 1986 mPrivateDnsBroken = broken; 1987 } 1988 equalsPrivateDnsBroken(NetworkCapabilities nc)1989 private boolean equalsPrivateDnsBroken(NetworkCapabilities nc) { 1990 return mPrivateDnsBroken == nc.mPrivateDnsBroken; 1991 } 1992 1993 /** 1994 * Set the UID of the app making the request. 1995 * 1996 * For instances of NetworkCapabilities representing a request, sets the 1997 * UID of the app making the request. For a network created by the system, 1998 * sets the UID of the only app whose requests can match this network. 1999 * This can be set to {@link Process#INVALID_UID} if there is no such app, 2000 * or if this instance of NetworkCapabilities is about to be sent to a 2001 * party that should not learn about this. 2002 * 2003 * @param uid UID of the app. 2004 * @hide 2005 */ setRequestorUid(int uid)2006 public @NonNull NetworkCapabilities setRequestorUid(int uid) { 2007 mRequestorUid = uid; 2008 return this; 2009 } 2010 2011 /** 2012 * Returns the UID of the app making the request. 2013 * 2014 * For a NetworkRequest being made by an app, contains the app's UID. For a network 2015 * created by the system, contains the UID of the only app whose requests can match 2016 * this network, or {@link Process#INVALID_UID} if none or if the 2017 * caller does not have permission to learn about this. 2018 * 2019 * @return the uid of the app making the request. 2020 * @hide 2021 */ getRequestorUid()2022 public int getRequestorUid() { 2023 return mRequestorUid; 2024 } 2025 2026 /** 2027 * Set the package name of the app making the request. 2028 * 2029 * For instances of NetworkCapabilities representing a request, sets the 2030 * package name of the app making the request. For a network created by the system, 2031 * sets the package name of the only app whose requests can match this network. 2032 * This can be set to null if there is no such app, or if this instance of 2033 * NetworkCapabilities is about to be sent to a party that should not learn about this. 2034 * 2035 * @param packageName package name of the app. 2036 * @hide 2037 */ setRequestorPackageName(@onNull String packageName)2038 public @NonNull NetworkCapabilities setRequestorPackageName(@NonNull String packageName) { 2039 mRequestorPackageName = packageName; 2040 return this; 2041 } 2042 2043 /** 2044 * Returns the package name of the app making the request. 2045 * 2046 * For a NetworkRequest being made by an app, contains the app's package name. For a 2047 * network created by the system, contains the package name of the only app whose 2048 * requests can match this network, or null if none or if the caller does not have 2049 * permission to learn about this. 2050 * 2051 * @return the package name of the app making the request. 2052 * @hide 2053 */ 2054 @Nullable getRequestorPackageName()2055 public String getRequestorPackageName() { 2056 return mRequestorPackageName; 2057 } 2058 2059 /** 2060 * Set the uid and package name of the app causing this network to exist. 2061 * 2062 * {@see #setRequestorUid} and {@link #setRequestorPackageName} 2063 * 2064 * @param uid UID of the app. 2065 * @param packageName package name of the app. 2066 * @hide 2067 */ setRequestorUidAndPackageName( int uid, @NonNull String packageName)2068 public @NonNull NetworkCapabilities setRequestorUidAndPackageName( 2069 int uid, @NonNull String packageName) { 2070 return setRequestorUid(uid).setRequestorPackageName(packageName); 2071 } 2072 2073 /** 2074 * Test whether the passed NetworkCapabilities satisfies the requestor restrictions of this 2075 * capabilities. 2076 * 2077 * This method is called on the NetworkCapabilities embedded in a request with the 2078 * capabilities of an available network. If the available network, sets a specific 2079 * requestor (by uid and optionally package name), then this will only match a request from the 2080 * same app. If either of the capabilities have an unset uid or package name, then it matches 2081 * everything. 2082 * <p> 2083 * nc is assumed nonnull. Else, NPE. 2084 */ satisfiedByRequestor(NetworkCapabilities nc)2085 private boolean satisfiedByRequestor(NetworkCapabilities nc) { 2086 // No uid set, matches everything. 2087 if (mRequestorUid == Process.INVALID_UID || nc.mRequestorUid == Process.INVALID_UID) { 2088 return true; 2089 } 2090 // uids don't match. 2091 if (mRequestorUid != nc.mRequestorUid) return false; 2092 // No package names set, matches everything 2093 if (null == nc.mRequestorPackageName || null == mRequestorPackageName) return true; 2094 // check for package name match. 2095 return TextUtils.equals(mRequestorPackageName, nc.mRequestorPackageName); 2096 } 2097 2098 /** 2099 * Combine requestor info of the capabilities. 2100 * <p> 2101 * This is only legal if either the requestor info of this object is reset, or both info are 2102 * equal. 2103 * nc is assumed nonnull. 2104 */ combineRequestor(@onNull NetworkCapabilities nc)2105 private void combineRequestor(@NonNull NetworkCapabilities nc) { 2106 if (mRequestorUid != Process.INVALID_UID && mRequestorUid != nc.mOwnerUid) { 2107 throw new IllegalStateException("Can't combine two uids"); 2108 } 2109 if (mRequestorPackageName != null 2110 && !mRequestorPackageName.equals(nc.mRequestorPackageName)) { 2111 throw new IllegalStateException("Can't combine two package names"); 2112 } 2113 setRequestorUid(nc.mRequestorUid); 2114 setRequestorPackageName(nc.mRequestorPackageName); 2115 } 2116 equalsRequestor(NetworkCapabilities nc)2117 private boolean equalsRequestor(NetworkCapabilities nc) { 2118 return mRequestorUid == nc.mRequestorUid 2119 && TextUtils.equals(mRequestorPackageName, nc.mRequestorPackageName); 2120 } 2121 2122 /** 2123 * Builder class for NetworkCapabilities. 2124 * 2125 * This class is mainly for for {@link NetworkAgent} instances to use. Many fields in 2126 * the built class require holding a signature permission to use - mostly 2127 * {@link android.Manifest.permission.NETWORK_FACTORY}, but refer to the specific 2128 * description of each setter. As this class lives entirely in app space it does not 2129 * enforce these restrictions itself but the system server clears out the relevant 2130 * fields when receiving a NetworkCapabilities object from a caller without the 2131 * appropriate permission. 2132 * 2133 * Apps don't use this builder directly. Instead, they use {@link NetworkRequest} via 2134 * its builder object. 2135 * 2136 * @hide 2137 */ 2138 @SystemApi 2139 @TestApi 2140 public static class Builder { 2141 private final NetworkCapabilities mCaps; 2142 2143 /** 2144 * Creates a new Builder to construct NetworkCapabilities objects. 2145 */ Builder()2146 public Builder() { 2147 mCaps = new NetworkCapabilities(); 2148 } 2149 2150 /** 2151 * Creates a new Builder of NetworkCapabilities from an existing instance. 2152 */ Builder(@onNull final NetworkCapabilities nc)2153 public Builder(@NonNull final NetworkCapabilities nc) { 2154 Objects.requireNonNull(nc); 2155 mCaps = new NetworkCapabilities(nc); 2156 } 2157 2158 /** 2159 * Adds the given transport type. 2160 * 2161 * Multiple transports may be added. Note that when searching for a network to satisfy a 2162 * request, satisfying any of the transports listed in the request will satisfy the request. 2163 * For example {@code TRANSPORT_WIFI} and {@code TRANSPORT_ETHERNET} added to a 2164 * {@code NetworkCapabilities} would cause either a Wi-Fi network or an Ethernet network 2165 * to be selected. This is logically different than 2166 * {@code NetworkCapabilities.NET_CAPABILITY_*}. 2167 * 2168 * @param transportType the transport type to be added or removed. 2169 * @return this builder 2170 */ 2171 @NonNull addTransportType(@ransport int transportType)2172 public Builder addTransportType(@Transport int transportType) { 2173 checkValidTransportType(transportType); 2174 mCaps.addTransportType(transportType); 2175 return this; 2176 } 2177 2178 /** 2179 * Removes the given transport type. 2180 * 2181 * {@see #addTransportType}. 2182 * 2183 * @param transportType the transport type to be added or removed. 2184 * @return this builder 2185 */ 2186 @NonNull removeTransportType(@ransport int transportType)2187 public Builder removeTransportType(@Transport int transportType) { 2188 checkValidTransportType(transportType); 2189 mCaps.removeTransportType(transportType); 2190 return this; 2191 } 2192 2193 /** 2194 * Adds the given capability. 2195 * 2196 * @param capability the capability 2197 * @return this builder 2198 */ 2199 @NonNull addCapability(@etCapability final int capability)2200 public Builder addCapability(@NetCapability final int capability) { 2201 mCaps.setCapability(capability, true); 2202 return this; 2203 } 2204 2205 /** 2206 * Removes the given capability. 2207 * 2208 * @param capability the capability 2209 * @return this builder 2210 */ 2211 @NonNull removeCapability(@etCapability final int capability)2212 public Builder removeCapability(@NetCapability final int capability) { 2213 mCaps.setCapability(capability, false); 2214 return this; 2215 } 2216 2217 /** 2218 * Sets the owner UID. 2219 * 2220 * The default value is {@link Process#INVALID_UID}. Pass this value to reset. 2221 * 2222 * Note: for security the system will clear out this field when received from a 2223 * non-privileged source. 2224 * 2225 * @param ownerUid the owner UID 2226 * @return this builder 2227 */ 2228 @NonNull 2229 @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) setOwnerUid(final int ownerUid)2230 public Builder setOwnerUid(final int ownerUid) { 2231 mCaps.setOwnerUid(ownerUid); 2232 return this; 2233 } 2234 2235 /** 2236 * Sets the list of UIDs that are administrators of this network. 2237 * 2238 * <p>UIDs included in administratorUids gain administrator privileges over this 2239 * Network. Examples of UIDs that should be included in administratorUids are: 2240 * <ul> 2241 * <li>Carrier apps with privileges for the relevant subscription 2242 * <li>Active VPN apps 2243 * <li>Other application groups with a particular Network-related role 2244 * </ul> 2245 * 2246 * <p>In general, user-supplied networks (such as WiFi networks) do not have 2247 * administrators. 2248 * 2249 * <p>An app is granted owner privileges over Networks that it supplies. The owner 2250 * UID MUST always be included in administratorUids. 2251 * 2252 * The default value is the empty array. Pass an empty array to reset. 2253 * 2254 * Note: for security the system will clear out this field when received from a 2255 * non-privileged source, such as an app using reflection to call this or 2256 * mutate the member in the built object. 2257 * 2258 * @param administratorUids the UIDs to be set as administrators of this Network. 2259 * @return this builder 2260 */ 2261 @NonNull 2262 @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) setAdministratorUids(@onNull final int[] administratorUids)2263 public Builder setAdministratorUids(@NonNull final int[] administratorUids) { 2264 Objects.requireNonNull(administratorUids); 2265 mCaps.setAdministratorUids(administratorUids); 2266 return this; 2267 } 2268 2269 /** 2270 * Sets the upstream bandwidth of the link. 2271 * 2272 * Sets the upstream bandwidth for this network in Kbps. This always only refers to 2273 * the estimated first hop transport bandwidth. 2274 * <p> 2275 * Note that when used to request a network, this specifies the minimum acceptable. 2276 * When received as the state of an existing network this specifies the typical 2277 * first hop bandwidth expected. This is never measured, but rather is inferred 2278 * from technology type and other link parameters. It could be used to differentiate 2279 * between very slow 1xRTT cellular links and other faster networks or even between 2280 * 802.11b vs 802.11AC wifi technologies. It should not be used to differentiate between 2281 * fast backhauls and slow backhauls. 2282 * 2283 * @param upKbps the estimated first hop upstream (device to network) bandwidth. 2284 * @return this builder 2285 */ 2286 @NonNull setLinkUpstreamBandwidthKbps(final int upKbps)2287 public Builder setLinkUpstreamBandwidthKbps(final int upKbps) { 2288 mCaps.setLinkUpstreamBandwidthKbps(upKbps); 2289 return this; 2290 } 2291 2292 /** 2293 * Sets the downstream bandwidth for this network in Kbps. This always only refers to 2294 * the estimated first hop transport bandwidth. 2295 * <p> 2296 * Note that when used to request a network, this specifies the minimum acceptable. 2297 * When received as the state of an existing network this specifies the typical 2298 * first hop bandwidth expected. This is never measured, but rather is inferred 2299 * from technology type and other link parameters. It could be used to differentiate 2300 * between very slow 1xRTT cellular links and other faster networks or even between 2301 * 802.11b vs 802.11AC wifi technologies. It should not be used to differentiate between 2302 * fast backhauls and slow backhauls. 2303 * 2304 * @param downKbps the estimated first hop downstream (network to device) bandwidth. 2305 * @return this builder 2306 */ 2307 @NonNull setLinkDownstreamBandwidthKbps(final int downKbps)2308 public Builder setLinkDownstreamBandwidthKbps(final int downKbps) { 2309 mCaps.setLinkDownstreamBandwidthKbps(downKbps); 2310 return this; 2311 } 2312 2313 /** 2314 * Sets the optional bearer specific network specifier. 2315 * This has no meaning if a single transport is also not specified, so calling 2316 * this without a single transport set will generate an exception, as will 2317 * subsequently adding or removing transports after this is set. 2318 * </p> 2319 * 2320 * @param specifier a concrete, parcelable framework class that extends NetworkSpecifier, 2321 * or null to clear it. 2322 * @return this builder 2323 */ 2324 @NonNull setNetworkSpecifier(@ullable final NetworkSpecifier specifier)2325 public Builder setNetworkSpecifier(@Nullable final NetworkSpecifier specifier) { 2326 mCaps.setNetworkSpecifier(specifier); 2327 return this; 2328 } 2329 2330 /** 2331 * Sets the optional transport specific information. 2332 * 2333 * @param info A concrete, parcelable framework class that extends {@link TransportInfo}, 2334 * or null to clear it. 2335 * @return this builder 2336 */ 2337 @NonNull setTransportInfo(@ullable final TransportInfo info)2338 public Builder setTransportInfo(@Nullable final TransportInfo info) { 2339 mCaps.setTransportInfo(info); 2340 return this; 2341 } 2342 2343 /** 2344 * Sets the signal strength. This is a signed integer, with higher values indicating a 2345 * stronger signal. The exact units are bearer-dependent. For example, Wi-Fi uses the 2346 * same RSSI units reported by wifi code. 2347 * <p> 2348 * Note that when used to register a network callback, this specifies the minimum 2349 * acceptable signal strength. When received as the state of an existing network it 2350 * specifies the current value. A value of code SIGNAL_STRENGTH_UNSPECIFIED} means 2351 * no value when received and has no effect when requesting a callback. 2352 * 2353 * Note: for security the system will throw if it receives a NetworkRequest where 2354 * the underlying NetworkCapabilities has this member set from a source that does 2355 * not hold the {@link android.Manifest.permission.NETWORK_SIGNAL_STRENGTH_WAKEUP} 2356 * permission. Apps with this permission can use this indirectly through 2357 * {@link android.net.NetworkRequest}. 2358 * 2359 * @param signalStrength the bearer-specific signal strength. 2360 * @return this builder 2361 */ 2362 @NonNull 2363 @RequiresPermission(android.Manifest.permission.NETWORK_SIGNAL_STRENGTH_WAKEUP) setSignalStrength(final int signalStrength)2364 public Builder setSignalStrength(final int signalStrength) { 2365 mCaps.setSignalStrength(signalStrength); 2366 return this; 2367 } 2368 2369 /** 2370 * Sets the SSID of this network. 2371 * 2372 * Note: for security the system will clear out this field when received from a 2373 * non-privileged source, like an app using reflection to set this. 2374 * 2375 * @param ssid the SSID, or null to clear it. 2376 * @return this builder 2377 */ 2378 @NonNull 2379 @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) setSsid(@ullable final String ssid)2380 public Builder setSsid(@Nullable final String ssid) { 2381 mCaps.setSSID(ssid); 2382 return this; 2383 } 2384 2385 /** 2386 * Set the uid of the app causing this network to exist. 2387 * 2388 * Note: for security the system will clear out this field when received from a 2389 * non-privileged source. 2390 * 2391 * @param uid UID of the app. 2392 * @return this builder 2393 */ 2394 @NonNull 2395 @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) setRequestorUid(final int uid)2396 public Builder setRequestorUid(final int uid) { 2397 mCaps.setRequestorUid(uid); 2398 return this; 2399 } 2400 2401 /** 2402 * Set the package name of the app causing this network to exist. 2403 * 2404 * Note: for security the system will clear out this field when received from a 2405 * non-privileged source. 2406 * 2407 * @param packageName package name of the app, or null to clear it. 2408 * @return this builder 2409 */ 2410 @NonNull 2411 @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) setRequestorPackageName(@ullable final String packageName)2412 public Builder setRequestorPackageName(@Nullable final String packageName) { 2413 mCaps.setRequestorPackageName(packageName); 2414 return this; 2415 } 2416 2417 /** 2418 * Builds the instance of the capabilities. 2419 * 2420 * @return the built instance of NetworkCapabilities. 2421 */ 2422 @NonNull build()2423 public NetworkCapabilities build() { 2424 if (mCaps.getOwnerUid() != Process.INVALID_UID) { 2425 if (!ArrayUtils.contains(mCaps.getAdministratorUids(), mCaps.getOwnerUid())) { 2426 throw new IllegalStateException("The owner UID must be included in " 2427 + " administrator UIDs."); 2428 } 2429 } 2430 return new NetworkCapabilities(mCaps); 2431 } 2432 } 2433 } 2434