Fix NOT_RESTRICTED network capability and enforce it.
Paul Jensen [Fri, 31 Jul 2015 15:00:26 +0000 (11:00 -0400)]
With this change:
1. NOT_RESTRICTED should be removed from NetworkRequests that bring up
   special restricted carrier networks (e.g. IMS, FOTA).
2. NetworkRequests without NOT_RESTRICTED require CONNECTIVITY_INTERNAL
   permission to register
3. Binding sockets to networks without NOT_RESTRICTED requires
   CONNECTIVITY_INTERNAL permission

Bug:21637535
Change-Id: I5991d39facaa6b690e969fe15dcbeec52e918321

src/java/com/android/internal/telephony/dataconnection/DataConnection.java
src/java/com/android/internal/telephony/dataconnection/DctController.java

index 65ea0a4..15e2f87 100644 (file)
@@ -963,7 +963,7 @@ public final class DataConnection extends StateMachine {
                     default:
                 }
             }
-            ConnectivityManager.maybeMarkCapabilitiesRestricted(result);
+            result.maybeMarkCapabilitiesRestricted();
         }
         int up = 14;
         int down = 14;
index c2a08af..f00c9a7 100644 (file)
@@ -597,6 +597,10 @@ public class DctController extends Handler {
             type = ConnectivityManager.TYPE_MOBILE_EMERGENCY;
         }
         if (error) {
+            // TODO: If this error condition is removed, the framework's handling of
+            // NET_CAPABILITY_NOT_RESTRICTED will need to be updated so requests for
+            // say FOTA and INTERNET are marked as restricted.  This is not how
+            // NetworkCapabilities.maybeMarkCapabilitiesRestricted currently works.
             loge("Multiple apn types specified in request - result is unspecified!");
         }
         if (type == -1 || name == null) {