When building SDKs that include some, but not all @FlaggedApis, a few
Javadoc @see/@link references will point to objects that are
inaccessible, which will trigger Lint 101 errors.

The correct fix is to update the Javadoc. However, to unblock the SDK
build for now, temporarily hide Lint 101 errors.

Bug: 319541666
Test: m sdk dist
Change-Id: Icbd1d99d5fcd6cee37bf588ef45443e7e946f742

This CL creates an abstract class NetworkMetricMonitor and a
subclass IpSecPacketLossDetector. IpSecPacketLossDetector
is responsible for continuously monitoring IPsec packet loss
and reporting to the caller when the data loss rate surpass
a threshold. This detector allows the VCN to switch from
the underlying network that has bad quality.

This CL also defines new carrier configs that specify the
data loss threshold and detecting frequency

Bug: 282996138
Test: atest FrameworksVcnTests(new tests), CtsVcnTestCases
Change-Id: I5f4b8e1821bdbb37f0a6de6e1584f8e3c87273f3

Bug: 307556883
Test: n/a
Change-Id: I2836908a00981d54e884a495a662bc293219c0e4

Allow specifying default combined api properties. This would be currently used to control the enablement of new mainline modules

Bug:b/289203818
Test: verified locally
Change-Id: I9415140453ce04efd5461cb8684c70e987810ecc

* changes:
  Adjust the NetworkRequest configuration used by SecurityController
  Design of the VPN icon reflects the invalidated status
  Update the VPN icon to reflect the validation status of the VPN network

The package name was changed. Change the use-sites to reflect that.

Test: TreeHugger
Change-Id: I039d02f599692efd51ca8a3316338914eb30a3b9

This is a preparation CL that allows followup CLs to add network
metric monitors. This CL does a pure refactoring without
introducing any behavior changes

Specific changes include:
- UnderlyingNetworkEvaluator now encapsulates the calculation of
  mPriorityClass
- mIsSelected is moved from UnderlyingNetworkRecord to
  UnderlyingNetworkEvaluator
- UnderlyingNetworkListener is simplified by moving the network
  candidate out to the UnderlyingNetworkController
- NetworkPriorityClassifier now takes a "isSelected" boolean
  instead of the currently selected network candidate

Bug: 282996138
Bug: 315858972
Test: atest FrameworksVcnTests, CtsVcnTestCases
Change-Id: I8461a68f1c4260b253d84d3efed2b09c41116656

Fixes: 319307772
Test: no
Change-Id: I75ae84a0a1e588cb33ea5895a338066858053edd

Merge "Implementation of Dedicated card mode APIs changes (Discovery tech and Change Routing)" into main

(Discovery tech and Change Routing)

Bug: 300351519
Bug: 319156577
Test: n/a
Merged-In: If664910d00fc673c0329e0cd4489174260eb4f1e
Merged-In: I3035f8b4fac331d827afa8e7bda6109d91ee510a
Change-Id: If664910d00fc673c0329e0cd4489174260eb4f1e

* changes:
  Remove serialNumber parameter from prepareUserStorage
  Remove serialNumber parameter from createUserStorageKeys
  Remove serialNumber parameter from unlockCeStorage

Bug: 262605832
Test: n/a

Change-Id: Ib1f61a9ab8bda28f9031ddc9bcc1beddfecda53d

This change restricts the NetworkRequest used by SecurityControllerImpl
to only include network types that SecurityControllerImpl is truly
concerned about, by adding the transport type TRANSPORT_VPN.

Bug: 319197157
Test: manually check the monitored networks listed in the dumpsys output.
Change-Id: I8d93ff8ca84329a4d2ce5fa9df97131ac29ca35c

Some test cases in TrustManagerServiceTest are failing on internal main
because http://ag/23669695 changed how PackageMonitor works.  Sending an
ACTION_PACKAGE_CHANGED intent no longer causes
PackageMonitor#onPackageChanged to be called.  This CL fixes the test
failures by making TrustManagerServiceTest call the onPackageChanged
method of TrustManagerService's PackageMonitor directly.

Bug: 29385425
Test: atest TrustManagerServiceTest # on both AOSP and internal main
Change-Id: I0b4708e4223452430ff10e422a71b223656a3360

This android.bp file was moved, and the comment needs to be updated
to reflect that.

Test: Presubmits
Change-Id: I225690505ccbf0f2234e65cbc668ade9bfbd5e17

After compatibility check at boot time, the VintfObject is
usually no longer needed. Hence, at boot time, we actively
release the VintfObject object after compatibility check
by not using the shared instance in the first place.

Test: TH
Bug: 270169217
Change-Id: I9b3383cd52fa67eb18dd5837f96caf2b0eab2ce5

* changes:
  vintf: Disable kernel compat check at boot time.
  vintf: delete deprecated VintfObject.verify.

Before this change, if the kernel has a set of CONFIGs
that is not compatible with the system image, a dialog
is displayed for user / userdebug builds at boot time.

This check has been doing more harm than good because:

- This check is already enforced at build time and during
  VTS tests (See vts_treble_vintf_framework_test).
- The dialog blocks UI automation for tests. For these UI
  automation tests, they need to respond to the dialog.
- GKI has been enforced ecosystem-wide except for a few
  low-end devices of other verticals. For these non-GKI
  devices, the check enforced by VTS should guard this.
  Hence, the check does not give us any signal.
- During development, a kernel that corresponds to the latest
  release (android15 as of now) might not have valid kernel
  config requirements in userspace. Kernel development schedule
  is usually ahead of the userspace development schedule.
  It does not always carry the string "-mainline-", because
  it is not a mainline kernel. To unblock test automation on
  these latest, bleeding-edge kernels, this kernel check should
  go away.
- This is a small steps towards dropping the dependency on libvintf
  on libandroid_runtime. libvintf links to libselinux, which is
  huge. libandroid_runtime loads this, and the memory stays there
  forever. Ideally, we should disable the whole VINTF check at
  boot time, but let's do this one step at a time.

Bug: 272479887
Bug: 270169217
Test: TH
Change-Id: If24cdca9fb535b8f443c0d21f9a46c7ea25c1f9f

It is not used anywhere.

Test: TH
Bug: 270169217
Change-Id: Ifcc8412ed3629d2447908513faf1d6f5ed3f483c