In order to let external module report their network stats,
expose necessary APIs to construct NetworkStats object.
Test: atest FrameworksNetTests CtsUsageStatsTestCases
Test: m doc-comment-check-docs
Bug: 130855321
Change-Id: Id3ec8aaff3df67948c25eac2319a74cf33a27979
This is part of 3 commits in 3 diff git repos, the main one is:
https://android-review.googlesource.com/c/platform/system/netd/+/1200479
"share eBPF struct definitions between ebpf and C++ netd"
as a side effect of which 'android::bpf::Stats' becomes simply '::Stats'
Test: builds
Bug: 146787904
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I8548b27d1d8a7938f96c9fd9a185dae882e406f6
Not only is it more concise, but it's also just a tad more correct:
since it really should have been 'sizeof(stats)' not 'sizeof(Stats)'.
Test: builds, atest
Bug: 146787904
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I6cf0295878c7b34cedfe3ae44ff7410ef419f8b9
In previous design, interface quota limit does not changed
when network stats are updated. However, this is incorrect
today since there are some offloaded traffic that cannot
be seen by kernel. If the limit is not updated, the offloaded
traffic might still be able to use whole quota as if there is
no embedded traffic.
This change also removes the re-arm global alert after
advising persist threshold if not changed, given that it will
cause an additional alert while updating interface quota limit.
Bug: 145792619
Test: 1. atest NetworkStatsServiceTest
2. atest NetworkPolicyManagerServiceTest
3. manual test: run speedtest, check dumpsys netd
Change-Id: I8d2203e713730d536430a234b1aa8b2468badee3
We want to eventually migrate some of these APIs to be @SystemApi for mainline modules.
The #dumpDebug name is more appropriate than #writeToProto.
Bug: 142279786
Test: Manual
Change-Id: I60793e91cedf6b720d4ecef6a8484f4fed4ff30f
A number of connectivity checks that protect system-only methods
check for CONNECTIVITY_INTERNAL, but CONNECTIVITY_INTERNAL is a
signature|privileged permission. We should audit the permission
checks, and convert checks that protect code that should not be
called outside the system to a signature permission. So replace
all CONNECTIVITY_INTERNAL to other proper permissions.
Bug: 32963470
Test: atest FrameworksNetTests NetworkPolicyManagerServiceTest
Change-Id: I8f2dd1cd0609056494eaf612d39820e273ae093f
A number of connectivity checks that protect system-only methods
check for CONNECTIVITY_INTERNAL, but CONNECTIVITY_INTERNAL is a
signature|privileged permission. We should audit the permission
checks, and convert checks that protect code that should not be
called outside the system to a signature permission. So replace
all CONNECTIVITY_INTERNAL to other proper permissions.
Bug: 32963470
Test: atest FrameworksNetTests NetworkPolicyManagerServiceTest
Change-Id: I8f2dd1cd0609056494eaf612d39820e273ae093f
Merged-In: I8f2dd1cd0609056494eaf612d39820e273ae093f
Now tethering would be run in dedicated service.
TetheringManager is the interface used to communicate with
TetheringService. The new call flow would be: ConnectivityManager
-> ConnectivityService -> TetheringManager -> TetheringService.
Note: the return value of #tether(), #untether() and #setUsbTethering()
APIs would always be no error. Client can use #getLastTetherError()
or #getTetheredIfaces or listen tether state change to check
status of corresponding interface.
Bug: 136040414
Bug: 144742179
Test: -build, flash, boot
-atest TetheringTests
-atest FrameworksNetTests
Change-Id: I7e78c0e0a3e70f940a749ba2a39ece7c7ec5b9b3
Merged-In: I7e78c0e0a3e70f940a749ba2a39ece7c7ec5b9b3
Now tethering would be run in dedicated service.
TetheringManager is the interface used to communicate with
TetheringService. The new call flow would be: ConnectivityManager
-> ConnectivityService -> TetheringManager -> TetheringService.
Note: the return value of #tether(), #untether() and #setUsbTethering()
APIs would always be no error. Client can use #getLastTetherError()
or #getTetheredIfaces or listen tether state change to check
status of corresponding interface.
Bug: 136040414
Bug: 144742179
Test: -build, flash, boot
-atest TetheringTests
-atest FrameworksNetTests
Change-Id: I7e78c0e0a3e70f940a749ba2a39ece7c7ec5b9b3
IpSecService.applyTunnelModeTransform() currently does not take an
SpiRecord instance, yet implicitly requires that the SpiRecord instance
is still alive based on the stored SpiRecord resourceId in
the TransformRecord's IpSecConfig.
This check is unnecessary, as the SpiRecord has been subsumed into the
TransformRecord, and the kernel resources are kept alive whether or
not the SpiRecord is still held by the user.
This allows users of the IpSecManager API to allocate short-lived SPIs
during the creation of an IpSecTransform, without having to keep track
of both of them (even though the SPI is no longer usable).
The TransformRecord.getSpiRecord() call is already used in
multiple other places in the same method.
Bug: 142072071
Test: New tests added, passing.
Change-Id: I1959f3080946267243564459ff4207647922566e
The utilities help using ConnectivityService in tests, and will be used
to write integration tests for ConnectivityService.
Test: atest FrameworksNetTests
Change-Id: Ie895ad05139cd5768d3d8a9bd5589d72571f47e6
Interface stats on stacked interfaces is usually clatd. For
xt_qtaguid supported device, the stats is already accounted
against its final egress interface by the kernel.
Framework side does not need to handle stats on statcked
interface at all.
However, on devices that support BPF offload, xlat464
packets are seen by the iptables rules as arriving on stack
interface only. Thus, add stack interface into accounting is
needed.
Bug: 136193260
Test: 1. atest FrameworksNetTests
2. atest android.app.usage.cts.NetworkUsageStatsTest
3. manual test on ipv6-only wifi network
Change-Id: I8ebbefbe4df00e40f4896a17fa52c8438d41286e
NetworkStatsFactory is owned by NetworkStatsService, and any
accesses to NSF data should go through NSS.
Test: atest FrameworksNetTests
Change-Id: Idbd0dbbaeb11313f63474e7ec0e01f974349fc89
NetworkStatsService is the only consumer of the data coming from
NetworkStatsFactory, but the factory itself is instantiated and
owned by NetworkManagementService.
Move it into NetworkStatsService instead.
Test: atest FrameworksNetTests
Change-Id: I52df1e545c646927952579da22845a12d1d7563b
This ensures the constructor takes the necessary lock before
accessing memmber variables.
Bug: 113122541
Test: atest FrameworksNetTests
Change-Id: Ibd324ed922c738b8d77d4eb74f45b75c6645bdc7
NetworkStatsService uses an internal boolean to know when it has
started for the purpose of preventing access to other internal
variables before they are initialized.
However that boolean is set to true in systemReady() non-atomically
with respect to the initialization of the other variables it guards,
which can cause the system server to crash.
This patch fixes this concurrency bug by moving setting the internal
boolean flag and the variable it guards in one atomic synchronized
block.
This patch also removes code checking if bandwidth control is enabled,
because this is now always true.
Bug: 132767673
Test: Compiled.
Change-Id: Ia089b5767ce271d669879c975508654d4dd03429
This change inlines the logic from readNetworkStatsDetailInternal, and
reduces reundant checks in mUseBpfStats
Bug: 113122541
Test: atest FrameworksNetTests run, passing
Change-Id: If2ef8d8f038f32c8cf974aa02cfc1dc7e44dbad3
This change removes the now-unused VPN arrays in the network stats
observer and recorder classes. These are always null values in every
call site.
Bug: 113122541
Bug: 120145746
Bug: 129264869
Bug: 134244752
Test: FrameworksNetTest passing
Test: Manual tests show data usage fixes maintained.
Change-Id: Ieb8645acc400fdaeb0df7092c5369b96f9f35af9
This change fixes detailed UID stats to ensure network and battery stats
both take VPNs into account. NetworkStatsFactory is being made aware of
VPNs enabled, and the full set of underlying networks present.
Since traffic can only be migrated over a NetworkStats delta, NSF
maintains a NetworkStats snapshot across all UIDs/ifaces/tags.
This snapshot gets updated whenever NSF records a new snapshot
(based on various hooks such as VPN updating its underlying networks,
network getting lost, etc.), or NetworkStatsService's
getDetailedUidStats() method being called.
This change widens the scope of the existing mPersistentSnapshot lock,
renaming it to mPersistentDataLock, and ensures that TUN migrations are
not done in parallel. Additionally, mVpnInfos is updated via
pointer-swapping, to reduce the scope of the mPersistentDataLock.
The safety of this change is predicated on:
1. NetworkStatsFactory lock not held, so services cannot deadlock through
the cyclical lock.
2. The broadening of the scope of the lock in NetworkStatsFactory has no
threading implications, as it is always the last (leaf node) lock held,
and therefore is impossible to have lock inversion.
Additionally, to ensure VPNs work with 464xlat, the VPN info passed to
the NetworkStatsFactory includes all underlying interfaces, instead of
only passing the first one.
This (partially) re-applies changes from:
aosp/972848: Add one more test for VPN usage stats.
aosp/972847: Addressing comments for http://ag/7700679.
aosp/885338: NetworkStatsService: Fix getDetailedUidStats to take VPNs
into account.
Co-developed with: Varun Anand <vaanand@google.com>
Bug: 113122541
Bug: 120145746
Bug: 129264869
Bug: 134244752
Test: FrameworksNetTest passing
Test: Manual tests show data usage fixes maintained.
Change-Id: I6466ec1411fc5ed6954125d27d353b6cd1be719e
This change removes an unused parameter that is always null in
getNetworkStatsUidDetail
Bug: 134244752
Test: FrameworksNetTest passing
Change-Id: I995b108ef30e1fbd6190131ed4db40a3d9327eb5
This reverts commit c8dbdf35de.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: I2f1839d7776a613ca571af8a542755ddc5fc8760
Merged-In: Ibdaad3a4cbf0d8ef1ed53cfab1e454b9b878bae9
This reverts commit 720133f79d.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: I37f75c2b243ea548a88ef1dae88287405c6ef55f
Merged-In: I0c00e8f0e30cee987b71b561079a97bf09d4dae4
This reverts commit 921b3f3e85.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: Ibdaad3a4cbf0d8ef1ed53cfab1e454b9b878bae9
This reverts commit 8481d9d55d.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: I0c00e8f0e30cee987b71b561079a97bf09d4dae4
(cherry picked from commit 720133f79d)
This API is similar to one provided by NetworkStatsFactory with the
difference that NSS also migrates traffic from VPN UID to other apps.
Since traffic can only be migrated over NetworkStats delta, NSS
therefore maintains NetworkStats snapshot across all UIDs/ifaces/tags.
This snapshot gets updated whenever NSS records a new snapshot
(based on various hooks such as VPN updating its underlying networks,
network getting lost, etc.), or getDetailedUidStats API is invoked by
one of its callers.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: manually verified that battery stats are migrating traffic off of
TUN (after patching above CL where we point BatteryStats to use this
API).
Change-Id: I4b8d7c5b6905a4a12c1806dfd35c2c4c63610404
VPN uid.
(cherry picked from commit c8dbdf35de)
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: Manually verified on device that stats from VPN UID are moved
appropriately based on its declared underlying network set.
Test: vogar --mode app_process --benchmark NetworkStatsBenchmark.java
Change-Id: I7f368c5970b2dcb969fe0daf5ef44edb1f51d09d
