This commit cleans up and upates comments with regard to changes in
aosp/721999, clarifying the restrictions and potential pitfalls we would
see with regards to IPsec tunnel mode without updatable SAs.
Bug: 111854872
Test: Compiles, comment-only change
Change-Id: I07b0063987463c1a3cf42e112839a31739947c80
This change adds support for XFRM-I to all IpSecService netd calls.
Fallback logic is in netd, and thus both VTI and XFRM-I parameters are
always passed down to IpSecService.
Bug: 78589502
Test: All java, CTS tests passing
Change-Id: Ie4186f0ad7e50763b21831f6fa411b5ee436de78
SA marks are never updated during the UPDSA call. This change disables
the attempts to update the specified SAs, ensuring that the config
stored in IpSecService matches that of the allocated kernel resources.
Bug: 111854872
Test: Unit, CTS tests passing
Change-Id: Ic1fb862c8021ffa260c3e262ec698d8af0a826d9
Currently, NetworkStats use int to handle uid, set and tag,
while native side using unsigned int mixing with signed int
with that. This commit make necessary changes in JNI part while
libnetdbpf unifying the types of fields.
Bug: 112226716
Bug: 119193941
Test: 1. manually reconnect vpn
2. update apps from playstore
3. atest libnetdbpf_test
4. runtest frameworks-net
5. cts-tradefed run cts -m CtsUsageStatsTestCases -t \
android.app.usage.cts.NetworkUsageStatsTest
Change-Id: I6c27124db8292e2825fba51b8994f013897cb566
Merged-In: I6c27124db8292e2825fba51b8994f013897cb566
(cherry picked from commit bf7803eed8283d5a1caa2efe90aa449590ddb94f)
Currently, NetworkStats use int to handle uid, set and tag,
while native side using unsigned int mixing with signed int
with that. This commit make necessary changes in JNI part while
libnetdbpf unifying the types of fields.
Bug: 112226716
Test: 1. manually reconnect vpn
2. update apps from playstore
3. atest libnetdbpf_test
4. runtest frameworks-net
5. cts-tradefed run cts -m CtsUsageStatsTestCases -t \
android.app.usage.cts.NetworkUsageStatsTest
Change-Id: I6c27124db8292e2825fba51b8994f013897cb566
When using xt_qtaguid to count per uid stats,
NetworkStatsService needs to adjust the 464xlat traffic since
iptables module would double count for ipv4 and ipv6 packet.
But for eBPF, the per uid stats is collected in a different
hook, so the adjustment on root uid would only be needed in tx
direction.
Bug: 112226716
Test: 1. Make ipv4 traffic in ipv6-only network and check data
usage.
2. Make ipv4 traffic in a client which connect to
ipv6-only hotspot.
3. runtest frameworks-net
4. cts-tradefed run cts -m CtsNetTestCases -t \
android.net.cts.TrafficStatsTest
5. cts-tradefed run cts -m CtsUsageStatsTestCases
Change-Id: Ic9a84f5446eddc943c255d5f3b89dad171f53cac
Merged-In: Ic9a84f5446eddc943c255d5f3b89dad171f53cac
(cherry picked from commit c33ac0d43b594f6154accf03ae7e3fd34dedc79d)
When using xt_qtaguid to count per uid stats,
NetworkStatsService needs to adjust the 464xlat traffic since
iptables module would double count for ipv4 and ipv6 packet.
But for eBPF, the per uid stats is collected in a different
hook, so the adjustment on root uid would only be needed in tx
direction.
Bug: 112226716
Test: 1. Make ipv4 traffic in ipv6-only network and check data
usage.
2. Make ipv4 traffic in a client which connect to
ipv6-only hotspot.
3. runtest frameworks-net
4. cts-tradefed run cts -m CtsNetTestCases -t \
android.net.cts.TrafficStatsTest
5. cts-tradefed run cts -m CtsUsageStatsTestCases
Change-Id: Ic9a84f5446eddc943c255d5f3b89dad171f53cac
Use stable aidl generated structure instead of UidRange
Test: runtest frameworks-net passes
Test: manual testing of UidRange related function works
Change-Id: Iaf1c10777dc1e71df2be2a57533a10257b12626b
The bpf project now have a new project directory in system/bpf instead
of inside netd. The network related bpf library is renamed to
libnetdbpf. Fix the dependency issue in framework to make sure no
regression.
Test: -m CtsNetTestCases -t android.net.cts.TrafficStatsTest
Bug: 112334572
Change-Id: Ibd477bf17d18d516aa520fb1569f4a395ef9abf0
This is a cherry-pick of aosp/735725 with a minor conflict.
By skipping updates if an alert is already scheduled, this avoids firing
the global alert too often on devices with high transfer speeds and high
quota.
Test: with tethering watching videos. Also runtest frameworks-net
Bug: 117243748
Change-Id: Ia0ed76141dfb33546529786eb0118138ef3708c2
Merged-In: Ie0ba5c1d1a2139606e63fcfe46ec77a89accd8d9
Merged-In: Iaabb31586e9e747871a526dc7ebb7deeb65d8f83
This commit checks if UDP-encapsulation is used
for unsupported address family and throws
IllegalArgumentException when it happens.
Bug: 74213459
Test: Tests added in testCreateTransportModeTransformWithEncap
and testCreateTunnelModeTransformWithEncap.
Command: runtest frameworks-net
Verified on taimen.
Change-Id: I10c01f2bad6aca23430849ea9ef6c1eb157ae131
