Because there is no way using the Java sockets API to actually
get a socket of AF_INET on mode machines, it is necessary to
provide a way to apply transforms to sockets made using the
native wrapper API, which uses POSIX APIs and will create a
socket that is AF_INET.
Bug: 36073210
Test: b/34811227
Change-Id: I28ac7cc4f36045ce523a54111e5be975b0331356
-Add a reserveSecurityParamterIndex() function that allows the
system to select an SPI.
-Disallow INVALID_SECURITY_PARAMETER_INDEX from being passed as
an explicit SPI request.
-Remove the ALGO_ prefix from constants in IpSecAlgorithm
Bug: 36073210
Test: Updated CTS tests still pass on bullhead
Change-Id: Ic94809996076b0718f153f550b82192fe7048a2e
Minor cleanups in switches of processMessage and handleNativeEvent.
Test: no functional changes
Bug: 33074219
Change-Id: I9ad4ce812c0d2c02a671a7a871ad427e4ce29b4a
This patch adds basic logging to NsdManager and NsdService, and improves
the facilities for pretty printing the event ids defined in NsdManager.
It also includes a few minor cleanups:
- adding 'final' on effectively final instance variables of NsdManager
and NsdService.
- similarly, adding 'static' on effectively static class fields.
- regrouping instance variables together.
Test: no functional changes
Bug: 33074219
Change-Id: I360d539e73cc8e4b45d4e0d20b2e345455fdb10c
-Plumb IpSecManager APIs to NetD
-Add Resource Management to IpSecService
Bug: 33695893
Test: CTS verifies nearly all of these paths
Change-Id: Ic43965c6158f28cac53810adbf5cf50d2c54f920
-Remove Int-based SPI usage from the IpSecTransform.Builder
This is essentially a less-safe method overload, and it is both
unnecessary and difficult to implement: the cross-validation
between SPI and Transform is actually useful, and the kernel
requires two different mechanisms to use an unreserved vs a
reserved (alloc'd) SPI: CREATESA vs UPDATESA, which makes this
hard to support. API Council has questioned the value of this,
and they are right: everything points to "remove this". In the
future, if we find that SPI reservation is overhead, we can
always add it back.
-Hiding the TunnelMode builder method and application/remove
methods. These will not land by the time the next API
stabilizes, so better to hide them now that this is a
near-certainty. Expectation is to un-hide them in the subsequent
API bump.
Bug: 36073210
Test: Compilation, verified nobody is calling these stubs
Change-Id: Ic1a3f2cf7128633318ac175d6b56b45eb8d21cab
To make the SPI reservation more semantically consistent with the
transform creation API, and to ensure that we always create SPI
reservations relative to a well-known remote, we should take the
SPI request relative to a remote (rather than to a destination).
This necessitates that we now consider direction separately, which
is used for keying the SA-Id.
Bug: 36073210
Test: compilation
Change-Id: I81e955c20128c1f8e04fd68eb26669561f827a78
-Add IpSecService with the necessary glue to connect to netd
-Add code to retrieve IpSecService from System Server
Bug: 34811227
Test: Service boots (and dumpsys works), more via b/34811227
Merged-In: I4cdcb643421141202f77a0e2f87a37012de0cd92
Change-Id: I4cdcb643421141202f77a0e2f87a37012de0cd92
Symptom:
NPE occurred while performing NetworkStatsService.removeUidsLocked().
Root cause:
NetworkStatsService refers to mUidRecorder at
NetworkStatsService.removeUidsLocked() when mUserReceiver received
Intent.ACTION_USER_REMOVED.
However NetworkStatsService sets mUidRecorder to null without
unregistering mUserReceiver when mShutdownReceiver received
Intent.ACTION_SHUTDOWN.
Therefore NPE occurred when mUserReceiver received
Intent.ACTION_USER_REMOVED after mShutdownReceiver received
Intent.ACTION_SHUTDOWN.
Solution:
Unregister mUserReceiver before setting mUidRecorder to null when
mShutdownReceiver received Intent.ACTION_SHUTDOWN.
Bug: 36015339
Change-Id: I9279e4c6ae07d94e7ec519c40b2d973c84d8fef1
This CL adds an API to set up an IPSec Security Association
and Security Policy to perform Transport-Mode and Tunnel-Mode encapuslation
of IP Packets.
Bug: 30984788
Bug: 34811752
Test: 34812052, 34811227
Change-Id: Ic9f63c7bb366302a24baa3e1b79020210910ac0a
* commit 'a19056c35d16ddb5a6c1d3343729701b8939f1e1': (35 commits)
NetworkMonitor: send one DNS probe per web probe
NetworkMonitor metrics: add first validation information
APF: also drop any ICMPv6 RSs
ConnectivityServiceTest: fix testAvoidBadWifiSettings
Fix ConnectivityServiceTest testRequestBenchmark
Switch over to new "time.android.com" NTP pool.
Define API for metering network stats buckets.
Refactored NetworkStatsServiceTest to use Mockito instead of EasyMock.
Use @Ignore to explicitly disable a @Test method.
Fixed NetworkStatsServiceTest and converted it to JUnit4.
VPN network stat accounting changes.
ConnectivityThread: use lazy holder idiom
ConnectivityManager: use ConnectivityThread looper
ConnectivityManager: a simpler CallbackHandler
Indicate the NsdServiceInfo attributes are only filled in for a resolved service.
Add a null check for the OnStartTetheringCallback.
TokenBucket for rate-limiting and throttling
IpConnectivityMetrics reads buffer size in settings
CaptivePortalLogin: set mixed content policy to compatibility.
Add IP conn metrics to dumpsys and bug reports
...
Dependent on ag/1550196 where API is defined.
Bug: 31015360
Bug: 26545374
Test: runtest --path
frameworks/base/core/tests/coretests/src/android/net/NetworkStatsTest.java,
other test classes.
(cherry picked from commit 357f8fabc8)
Change-Id: I46da93ba4afa968facf98f7c3d844fd0c469095a
This is a continuation of b/26545374, since now we can also set the
metered bit with NetworkScorer. The tracking of metered state changes
will be implemented in a seperate CL.
Bug: 31015360
Bug: 26545374
Test: N/A
(cherry picked from commit ed7fcb4d26)
Change-Id: I6a2fcc8577d62daa8823dff9e0128a5cf39ede7b
Properly account for VPN apps that make heavy use of the tun
interface. Prior to this change a VPN app could be incorrectly charged
for more data than it actually used if it sent more traffic through
the tun interface than the underlying interface.
This change excludes VPN app traffic on the tun interface from the
adjustment pool and doesn't redistribute traffic to the VPN app.
Instead all of the redistributed traffic is deducted from the VPN app
which effectively represents any overhead incurred by the VPN app.
BUG: 30557871
(cherry picked from commit 12255e3655)
Change-Id: I06f01aa8fe5fdc06b2d36cfb9c68feb244c2e5de
Dependent on ag/1550196 where API is defined.
Bug: 31015360
Bug: 26545374
Test: runtest --path
frameworks/base/core/tests/coretests/src/android/net/NetworkStatsTest.java,
other test classes.
(cherry picked from commit 357f8fabc8)
(cherry picked from commit 92b6175069)
Change-Id: I79e401fc4159264a075febba82bd8c295b8e677f
This is a continuation of b/26545374, since now we can also set the
metered bit with NetworkScorer. The tracking of metered state changes
will be implemented in a seperate CL.
Bug: 31015360
Bug: 26545374
Test: N/A
(cherry picked from commit ed7fcb4d26)
(cherry picked from commit ebace40092)
Change-Id: I01ebb270c5bf7f2383e8923cce72545ca1bee118
* changes:
DO NOT MERGE: frameworks-test: adding missing @SmallTest
DO NOT MERGE: Netd events: record connect() success/errno
DO NOT MERGE: Add missing dependency.
DO NOT MERGE: Show notification for always-on app VPN
DO NOT MERGE: Implement metered tracking for NetworkStats summary queries.
DO NOT MERGE: NetworkMonitor: send one DNS probe per web probe
DO NOT MERGE: NetworkMonitor metrics: add first validation information
DO NOT MERGE: APF: also drop any ICMPv6 RSs
DO NOT MERGE: ConnectivityServiceTest: fix testAvoidBadWifiSettings
DO NOT MERGE: Fix ConnectivityServiceTest testRequestBenchmark
DO NOT MERGE: Switch over to new "time.android.com" NTP pool.
DO NOT MERGE: Define API for metering network stats buckets.
DO NOT MERGE: Refactored NetworkStatsServiceTest to use Mockito instead of EasyMock.
DO NOT MERGE: Use @Ignore to explicitly disable a @Test method.
DO NOT MERGE: Fixed NetworkStatsServiceTest and converted it to JUnit4.
DO NOT MERGE: VPN network stat accounting changes.
DO NOT MERGE: ConnectivityThread: use lazy holder idiom
DO NOT MERGE: ConnectivityManager: use ConnectivityThread looper
DO NOT MERGE: ConnectivityManager: a simpler CallbackHandler
DO NOT MERGE: Indicate the NsdServiceInfo attributes are only filled in for a resolved service.
DO NOT MERGE: Add a null check for the OnStartTetheringCallback.
Dependent on ag/1550196 where API is defined.
Bug: 31015360
Bug: 26545374
Test: runtest --path
frameworks/base/core/tests/coretests/src/android/net/NetworkStatsTest.java,
other test classes.
(cherry picked from commit 357f8fabc8)
Change-Id: I46da93ba4afa968facf98f7c3d844fd0c469095a
This is a continuation of b/26545374, since now we can also set the
metered bit with NetworkScorer. The tracking of metered state changes
will be implemented in a seperate CL.
Bug: 31015360
Bug: 26545374
Test: N/A
(cherry picked from commit ed7fcb4d26)
Change-Id: I6a2fcc8577d62daa8823dff9e0128a5cf39ede7b
Properly account for VPN apps that make heavy use of the tun
interface. Prior to this change a VPN app could be incorrectly charged
for more data than it actually used if it sent more traffic through
the tun interface than the underlying interface.
This change excludes VPN app traffic on the tun interface from the
adjustment pool and doesn't redistribute traffic to the VPN app.
Instead all of the redistributed traffic is deducted from the VPN app
which effectively represents any overhead incurred by the VPN app.
BUG: 30557871
(cherry picked from commit 12255e3655)
Change-Id: I06f01aa8fe5fdc06b2d36cfb9c68feb244c2e5de
Define some constants for early use in AOSP code.
Test: builds, boots, all common traffic tagged
Bug: 30943431
Change-Id: Ia58a8933bccfddbc027afb78c63ae65bd71ce562
Wifi Display is configured using the AIDL call setMiracastMode()
and using a message over the async channel SET_WFD_INFO.
Enforce permissions on the calling uid before updating the config
Bug: 18668877
Test: Unit tests
Change-Id: I0be2d2af49070aad759f24bd31331f7df39a0422
Merged-In: I0be2d2af49070aad759f24bd31331f7df39a0422
Properly account for VPN apps that make heavy use of the tun
interface. Prior to this change a VPN app could be incorrectly charged
for more data than it actually used if it sent more traffic through
the tun interface than the underlying interface.
This change excludes VPN app traffic on the tun interface from the
adjustment pool and doesn't redistribute traffic to the VPN app.
Instead all of the redistributed traffic is deducted from the VPN app
which effectively represents any overhead incurred by the VPN app.
BUG: 30557871
Change-Id: I62a75a0c0c0111e052b7903baa9f5d6d94ef57fd
Some changes in IpConfigStore to parse old backup data. The old backup
data contained a raw byte dump of the ipconfig.txt. So, make changes in
IpConfigStore to parse the inputstream from backup data into
IpConfiguration objects.
Changes in the CL:
1. Make the |readIpAndProxyConfigurations| method static so that
it can be used as a utility for parsing the backup data.
2. Create a new version of |readIpAndProxyConfigurations| method to
accept an input stream parameter.
3. Make |writeConfig| method static so that it can be used for
unit-testing the backup migration logic.
BUG: 29075035
Change-Id: Ic074952d9f9ef143089a371e6c527470cb1c229c
(cherry picked from commit ad683cadb2)
When the mobile network is not active, querying the network
information might trigger the misleading debug messages. Added
some condition checks to prevent this.
bug: 30850733
Change-Id: Ice6d548a56f98bac7fe2ca6a06148350b505533d
