Merge "Add imsi protection notification for saved network" into rvc-dev

author: Nate Jiang <qiangjiang@google.com> 2020-04-10 01:00:06 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2020-04-10 01:00:06 +0000
commit: b5d1783bbb2cf9e2ca8f3d060c112a82ab2f12f5 (patch)
tree: 47d01aefc025c185c2bb667d6f0b41fbf821accd /service
parent: 66ed6f4c29a78457585afe5d5734ba6035d70e08 (diff)
parent: 3c9e5da2db2da5ee03c2c765fa33b9aecb1add85 (diff)
3 files changed, 83 insertions, 24 deletions
diff --git a/service/java/com/android/server/wifi/SavedNetworkNominator.java b/service/java/com/android/server/wifi/SavedNetworkNominator.java
index cbc2c323e..2d91881a0 100644
--- a/service/java/com/android/server/wifi/SavedNetworkNominator.java
+++ b/service/java/com/android/server/wifi/SavedNetworkNominator.java
@@ -19,10 +19,12 @@ package com.android.server.wifi;
 import android.annotation.NonNull;
 import android.net.wifi.ScanResult;
 import android.net.wifi.WifiConfiguration;
+import android.telephony.TelephonyManager;
 import android.util.LocalLog;
 import android.util.Pair;
 
 import com.android.server.wifi.hotspot2.PasspointNetworkNominateHelper;
+import com.android.server.wifi.util.WifiPermissionsUtil;
 
 import java.util.List;
 
@@ -36,14 +38,17 @@ public class SavedNetworkNominator implements WifiNetworkSelector.NetworkNominat
     private final LocalLog mLocalLog;
     private final WifiCarrierInfoManager mWifiCarrierInfoManager;
     private final PasspointNetworkNominateHelper mPasspointNetworkNominateHelper;
+    private final WifiPermissionsUtil mWifiPermissionsUtil;
 
     SavedNetworkNominator(WifiConfigManager configManager,
-            PasspointNetworkNominateHelper nominateHelper,
-            LocalLog localLog, WifiCarrierInfoManager wifiCarrierInfoManager) {
+            PasspointNetworkNominateHelper nominateHelper, LocalLog localLog,
+            WifiCarrierInfoManager wifiCarrierInfoManager,
+            WifiPermissionsUtil wifiPermissionsUtil) {
         mWifiConfigManager = configManager;
         mPasspointNetworkNominateHelper = nominateHelper;
         mLocalLog = localLog;
         mWifiCarrierInfoManager = wifiCarrierInfoManager;
+        mWifiPermissionsUtil = wifiPermissionsUtil;
     }
 
     private void localLog(String log) {
@@ -127,7 +132,8 @@ public class SavedNetworkNominator implements WifiNetworkSelector.NetworkNominat
 
             if (!status.isNetworkEnabled()) {
                 continue;
-            } else if (network.BSSID != null &&  !network.BSSID.equals("any")
+            }
+            if (network.BSSID != null &&  !network.BSSID.equals("any")
                     && !network.BSSID.equals(scanResult.BSSID)) {
                 // App has specified the only BSSID to connect for this
                 // configuration. So only the matching ScanResult can be a candidate.
@@ -135,20 +141,9 @@ public class SavedNetworkNominator implements WifiNetworkSelector.NetworkNominat
                         + " has specified BSSID " + network.BSSID + ". Skip "
                         + scanResult.BSSID);
                 continue;
-            } else if (network.enterpriseConfig != null
-                    && network.enterpriseConfig.isAuthenticationSimBased()) {
-                int subId = mWifiCarrierInfoManager.getBestMatchSubscriptionId(network);
-                if (!mWifiCarrierInfoManager.isSimPresent(subId)) {
-                    // Don't select if security type is EAP SIM/AKA/AKA' when SIM is not present.
-                    localLog("No SIM card is good for Network "
-                            + WifiNetworkSelector.toNetworkString(network));
-                    continue;
-                }
-                // Ignore metered network with non-data Sim, ignore.
-                if (WifiConfiguration.isMetered(network, null)
-                        && mWifiCarrierInfoManager.isCarrierNetworkFromNonDefaultDataSim(network)) {
-                    continue;
-                }
+            }
+            if (isNetworkSimBasedCredential(network) && !isSimBasedNetworkAbleToAutoJoin(network)) {
+                continue;
             }
 
             // If the network is marked to use external scores, or is an open network with
@@ -170,12 +165,60 @@ public class SavedNetworkNominator implements WifiNetworkSelector.NetworkNominat
                 mPasspointNetworkNominateHelper.getPasspointNetworkCandidates(scanDetails, false);
         for (Pair<ScanDetail, WifiConfiguration> candidate : candidates) {
             WifiConfiguration config = candidate.second;
-            // Ignore metered network with non-data Sim, ignore.
-            if (WifiConfiguration.isMetered(config, null)
-                    && mWifiCarrierInfoManager.isCarrierNetworkFromNonDefaultDataSim(config)) {
+            if (isNetworkSimBasedCredential(config) && !isSimBasedNetworkAbleToAutoJoin(config)) {
                 continue;
             }
             onConnectableListener.onConnectable(candidate.first, config);
         }
     }
+
+    private boolean isSimBasedNetworkAbleToAutoJoin(WifiConfiguration network) {
+        int carrierId = network.carrierId == TelephonyManager.UNKNOWN_CARRIER_ID
+                ? mWifiCarrierInfoManager.getDefaultDataSimCarrierId() : network.carrierId;
+        int subId = mWifiCarrierInfoManager.getMatchingSubId(carrierId);
+        // Ignore security type is EAP SIM/AKA/AKA' when SIM is not present.
+        if (!mWifiCarrierInfoManager.isSimPresent(subId)) {
+            localLog("No SIM card is good for Network "
+                    + WifiNetworkSelector.toNetworkString(network));
+            return false;
+        }
+        // Ignore IMSI info not available or protection exemption pending network.
+        if (mWifiCarrierInfoManager.requiresImsiEncryption(subId)) {
+            if (!mWifiCarrierInfoManager.isImsiEncryptionInfoAvailable(subId)) {
+                localLog("Imsi protection required but not available for Network "
+                        + WifiNetworkSelector.toNetworkString(network));
+                return false;
+            }
+        } else if (isImsiProtectionApprovalNeeded(network.creatorUid, carrierId)) {
+            localLog("Imsi protection exemption needed for Network "
+                    + WifiNetworkSelector.toNetworkString(network));
+            return false;
+        }
+        // Ignore metered network with non-data Sim.
+        if (WifiConfiguration.isMetered(network, null)
+                && mWifiCarrierInfoManager.isCarrierNetworkFromNonDefaultDataSim(network)) {
+            localLog("No default SIM is used for metered Network: "
+                    + WifiNetworkSelector.toNetworkString(network));
+            return false;
+        }
+        return true;
+    }
+
+    private boolean isNetworkSimBasedCredential(WifiConfiguration network) {
+        return network != null && network.enterpriseConfig != null
+                && network.enterpriseConfig.isAuthenticationSimBased();
+    }
+
+    private boolean isImsiProtectionApprovalNeeded(int creatorUid, int carrierId) {
+        // User saved network got exemption.
+        if (mWifiPermissionsUtil.checkNetworkSettingsPermission(creatorUid)
+                || mWifiPermissionsUtil.checkNetworkSetupWizardPermission(creatorUid)) {
+            return false;
+        }
+        if (mWifiCarrierInfoManager.hasUserApprovedImsiPrivacyExemptionForCarrier(carrierId)) {
+            return false;
+        }
+        mWifiCarrierInfoManager.sendImsiProtectionExemptionNotificationIfRequired(carrierId);
+        return true;
+    }
 }
diff --git a/service/java/com/android/server/wifi/WifiCarrierInfoManager.java b/service/java/com/android/server/wifi/WifiCarrierInfoManager.java
index 63786f920..a0dcfe9f5 100644
--- a/service/java/com/android/server/wifi/WifiCarrierInfoManager.java
+++ b/service/java/com/android/server/wifi/WifiCarrierInfoManager.java
@@ -146,8 +146,9 @@ public class WifiCarrierInfoManager {
             mOnUserApproveCarrierListeners =
             new ArrayList<>();
 
-    private boolean mUserApprovalUiActive;
-    private boolean mHasNewDataToSerialize;
+    private boolean mUserApprovalUiActive = false;
+    private boolean mHasNewDataToSerialize = false;
+    private boolean mUserDataLoaded = false;
 
     /**
      * Interface for other modules to listen to the user approve IMSI protection exemption.
@@ -175,11 +176,13 @@ public class WifiCarrierInfoManager {
 
         @Override
         public void fromDeserialized(Map<Integer, Boolean> imsiProtectionExemptionMap) {
+            mUserDataLoaded = true;
             mImsiPrivacyProtectionExemptionMap.putAll(imsiProtectionExemptionMap);
         }
 
         @Override
         public void reset() {
+            mUserDataLoaded = false;
             mImsiPrivacyProtectionExemptionMap.clear();
         }
 
@@ -268,7 +271,6 @@ public class WifiCarrierInfoManager {
         mIntentFilter.addAction(NOTIFICATION_USER_DISMISSED_INTENT_ACTION);
         mIntentFilter.addAction(NOTIFICATION_USER_ALLOWED_CARRIER_INTENT_ACTION);
         mIntentFilter.addAction(NOTIFICATION_USER_DISALLOWED_CARRIER_INTENT_ACTION);
-        mUserApprovalUiActive = false;
 
         mContext.registerReceiver(mBroadcastReceiver, mIntentFilter, null, handler);
         configStore.registerStoreData(wifiInjector.makeImsiProtectionExemptionStoreData(
@@ -1341,6 +1343,15 @@ public class WifiCarrierInfoManager {
     }
 
     /**
+     * Get the carrier Id of the default data sim.
+     */
+    public int getDefaultDataSimCarrierId() {
+        int subId = SubscriptionManager.getDefaultDataSubscriptionId();
+        TelephonyManager specifiedTm = mTelephonyManager.createForSubscriptionId(subId);
+        return specifiedTm.getSimCarrierId();
+    }
+
+    /**
      * Add a listener to monitor user approval IMSI protection exemption.
      */
     public void addImsiExemptionUserApprovalListener(
@@ -1463,6 +1474,10 @@ public class WifiCarrierInfoManager {
      */
     public void sendImsiProtectionExemptionNotificationIfRequired(int carrierId) {
         int subId = getMatchingSubId(carrierId);
+        // If user data isn't loaded, don't send notification.
+        if (!mUserDataLoaded) {
+            return;
+        }
         if (requiresImsiEncryption(subId)) {
             return;
         }
diff --git a/service/java/com/android/server/wifi/WifiInjector.java b/service/java/com/android/server/wifi/WifiInjector.java
index 78bacc56d..23bb75ad0 100644
--- a/service/java/com/android/server/wifi/WifiInjector.java
+++ b/service/java/com/android/server/wifi/WifiInjector.java
@@ -309,7 +309,8 @@ public class WifiInjector {
                 new PasspointNetworkNominateHelper(mPasspointManager, mWifiConfigManager,
                         mConnectivityLocalLog);
         mSavedNetworkNominator = new SavedNetworkNominator(
-                mWifiConfigManager, nominateHelper, mConnectivityLocalLog, mWifiCarrierInfoManager);
+                mWifiConfigManager, nominateHelper, mConnectivityLocalLog, mWifiCarrierInfoManager,
+                mWifiPermissionsUtil);
         mNetworkSuggestionNominator = new NetworkSuggestionNominator(mWifiNetworkSuggestionsManager,
                 mWifiConfigManager, nominateHelper, mConnectivityLocalLog, mWifiCarrierInfoManager);
         mScoredNetworkNominator = new ScoredNetworkNominator(mContext, wifiHandler,
author	Nate Jiang <qiangjiang@google.com>	2020-04-10 01:00:06 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2020-04-10 01:00:06 +0000
commit	b5d1783bbb2cf9e2ca8f3d060c112a82ab2f12f5 (patch)
tree	47d01aefc025c185c2bb667d6f0b41fbf821accd /service
parent	66ed6f4c29a78457585afe5d5734ba6035d70e08 (diff)
parent	3c9e5da2db2da5ee03c2c765fa33b9aecb1add85 (diff)