BPF needs upstream prefixes information to filter spoofing IPv6 source
addresses carried in downstream traffic.
We retrieve prefixes from upstream interface's LinkProperties and pass
it to the BpfCoordinator. Forwarding rules will also be updated when
upstream interface's IPv6 link addresses change.
Test: atest TetheringTests
Bug: 261923493
Change-Id: If8cfc3b191e520ca838654d1b5211ab9e9ec021d
This can make it easier to adopt SM shim replacement in follow up change,
as both SyncSM and AsyncSM will process the same message without any
difference.
This change also fix a problem that bring up downstream before it's
IpServer completely disabled.
Previous:
CMD_NOTIFY_PREFIX_CONFLICT -> requestEnableTethering(false) ->
requestEnableTethering(true) -> IpServer stopped ->
reportTetherStateChanged(downstream inactive) -> IpServer started
-> reportTetherStateChanged(downstream active)
New:
CMD_NOTIFY_PREFIX_CONFLICT -> requestEnableTethering(false) ->
IpServer stopped -> reportTetherStateChanged(downstream inactive)
-> requestEnableTethering(true) -> IpServer started
-> reportTetherStateChanged(downstream active)
Test: atest MtsTetheringTestLatestSdk
Change-Id: Ibe22b300c56125359f4fa452bd01a0a2381fda23
After this change, all synchronous state machine functions are
implemented.
There are some intentional limiations:
1. Allow setup states before machine thread started or inside machine
thread but states can only be setup once before calling #start.
2. The behavior of transitionTo is defined so that the destination
state can never change during state transitions. Once a destination
has been specified, it cannot be changed until the previous state
transition is complete. In other words, SyncStateMachine does not
support calling transitionTo in State enter or exit.
3. Support sendSelfMessage in State#processMessage(), #enter() and
#exit(). This allow automaton to decide the follow up action by
itself. For example: if something wrong happens during state
transition, the implementation can enqueue an error message then
process the error message after finishing the current state
transition.
Test: atest SynStateMachineTest
Change-Id: I0790df4eeab2dccdb9f407d9131a62c3c12d123b
Currently, Ipv6UpstreamRule is added follows the adding of
Ipv6DownstreamRule when it is the first rule from a downstream
interface to the upstream interface.
This CL changed it to:
1. Upstream interface change updates both IPv6 upstream and downstream
forwarding rules.
2. Neighbor events updates only IPv6 downstream forwarding rules.
Data limit setting on the upstream interface is now depend on the
upstream rules instead of the downstream rules. This CL also updates
corresponding test cases in IpServerTest and BpfCoordinatorTest.
Test: atest TetheringTests
Bug: 261923493
Change-Id: I5b4df64a3d276afb7a24bbef3a0432f53377e8b2
Implement performTransitions which does state transitions.
1. Determine the common ancestor state of current/destination states
2. Invoke state exit list from current state to common ancestor state.
3. Invoke state enter list from common ancestor state to destState by
going through mEnterStateStack.
The state transition is always defined so that the target can never be
changed mid-way of a state transition. In other words, calling
transitionTo in State enter and exit is not allowed.
Test: atest SyncStateMachineTest
Change-Id: I51e8c5440a8b9ac25715c3d030717421f68c15b3
This change adds SyncStateMachine class and provides the user
interface but doesn't have the details implementation.
Test: m
Change-Id: Ic2fa69b9e6424601fc2df2d07a052f48a6a46370
This CL also updates not to use isTetheringFeatureEnabled for
TETHER_FORCE_UPSTREAM_AUTOMATIC_VERSION which is wrongly configured in
Connectivity namespace.
Test: m
Bug: 279108992
Change-Id: If4f3a57c749bbaeb85454c31248c5bc5feaab936
In current code, IpServer will ensure bpf offload is supported before
calling BpfCoordinator's APIs. But those APIs already have the same
checks inside the function. This CL removed duplicated checks in
IpServer.
After this change, the BPF offload support status is only determined
inside BpfCoordinator and it won't change during the life cycle of
Tethering. Tethering initializes mBpfCoordinator just once in the
constructor. After that point, the value of isUsingBpf can never
change, because mIsBpfEnabled is final and
mBpfCoordinatorShim.isInitialized() is either always true (api30) or
can either never change (api31).
Also fixed a bug in IpServerTest upon this change.
Test: atest TetheringTests
Bug: 261923493
Change-Id: I50f231a83bf678b90eae4fd9bfa6035e86978bb3
The original code requires updating mLastIPv6LinkProperties before
calling updateIpv6ForwardingRules because mLastIPv6LinkProperties will
be used inside an internal function later. Remove this unnecessary
dependency by passing the interface name into the function.
Bug: 294025403
Test: atest TetheringTests
Change-Id: I5699fba3d7caf3314d102b643b02da2b2797dd66
Replaced startUpstreamIpv6Forwarding and stopUpstreamIpv6Forwarding
with add/remove Ipv6UpstreamRule. This is a preparation for following
CLs which will pass the upstream's prefixes to the bpf map. We might
have more than one upstream rules.
Also renamed Ipv6ForwardingRule to Ipv6DownstreamRule since we have
defined the Ipv6UpstreamRule.
No logic changes are being made in this CL.
Test: atest TetheringTests
Bug: 261923493
Change-Id: I022f97c2daf468bbd4a4279a069ccf498013e7e7
DeviceConfigUtils has isFeatureEnabled for NetworkStack and Tethering
which were confusing since the difference was only the arguments.
This CL renames isFeatureEnabled for Tethering module to
isTetheringFeatureEnabled to avoid confusion.
Bug: 279108992
Test: m
Change-Id: I05255bb38619afbe621d29524d7910d206a149f1
This patch is based on aosp/2535559 from maze@.
Add source prefix into the upstream key such that only packets which
source IPv6 address matches it will be forwarded to the upstream
interface.
In this patch, the source prefix is set to zero so there is no
behavior changes. Next CL in patch series will use the real source
prefixes retrieved from upstream interface.
Test: atest TetheringTests
Bug: 261923493
Change-Id: I43d068a29b937c7dfeb6fab632a8effb47ee2263
When fail to init offload AIDL service, OFFLOAD_HAL_VERSION_NONE is
returned. Not as expected, it go to close the FDs for AIDL service and
causes a NE.
Bug: 277834236
Test: atest com.android.networkstack.tethering
Change-Id: I26a7412cb7d88f0d56b713db18af5cd9583a7942
Different network objects with the same network ID should be
treated as the same network.
chooseUpstreamType compares the current upstream and new upstream
by object (comparison operator) instead of network id
(Network#equals). This implies that different objects with the
same network id still trigger upstream changed report.
Since this commit, reportUpstreamChanged is only called when upsteam
has really changed (connected, switched or disconnected) in
chooseUpstreamType. In previous code, reportUpstreamChanged is also
called if EVENT_ON_CAPABILITIES is called when the upstream is the
same but its capabilities changed.
The NotificationUpdater#onUpstreamCapabilitiesChanged method only
needs to be called by chooseUpstreamType when it chooses a new
upstream. If the upstream remains the same but its capabilities
change, the EVENT_ON_CAPABILITIES will call
onUpstreamCapabilitiesChanged.
Bug: 243516306
Test: atest TetheringTest
Change-Id: I009383a61a5fabd249ba78fcffd524a5bbe4602e
Use type + scope as key to build cached address map so that
SAP (key: TETHERING_WIFI + INTERNET) and LOHS
(key: TETHERING_WIFI + LOCAL) can use different address.
Bug: 233175023
Test: atest TetheringTests
Change-Id: I46a4b3ee919628092b7540202a43d79f407b09b6
This change store localOnly wifi clients in its own field so that
tethered and localOnly hotspot clients can exist at the same time.
Currently, there are no tethered and localOnly hotspot clients at
the same time because PrivateAddressCoordinator does not support
SAP + LOHS. A follow-up change will be made to allow this.
When both SAP and LOHS are enabled, the SAP and LOHS clients from
TetheringEventCallback#onClientsChanged are all TETHERING_WIFI.
Currently, there is no way for the listeners to distinguish between
SAP and LOHS clients.
Bug: 233175023
Test: atest TetheringTests
Change-Id: I01b0a6abb084f7135f7825e0c5303e49c16a4c39
As the suggestion from:
https://android-review.git.corp.google.com/c/platform/packages/modules/Connectivity/+/2489359/9/Tethering/src/android/net/ip/IpServer.java#b1176
Make BaseServingState an abstract class to prevent it from being used
directly. Additionally, move the handleNewPrefixRequest method into
BaseServingState because it is the only class that uses it.
To avoid TetheredState and LocalHotspotState from having to implement
their own enter function, add the mDesiredInterfaceState field to
BaseServingState.
Bug: 233175023
Test: atest TetheringTests
Change-Id: I03269c37e666345efb0c61039a2bb213f223a5a2
Starting with U, only explicit intents will be allowed to
launch non-exported internal components. Set package name
to entitlement recheck intent so that the intent could be
delivered to tethering itself successfully.
Bug: 278482046
Test: atest TetheringTests
manual verify entitlement recheck work in U
Change-Id: Ife30eee13fe39509ccb5786d2a76fbb7baa022a8
Address a TODO in TetheringConfiguration to use a dependency object
instead of static mocking on DeviceConfig.
This avoids TetheringConfiguration dependencies on internal
implementation of DeviceConfigUtils, unblocking changes in
DeviceConfigUtils.
Bug: 279108992
Test: atest TetheringTests
Change-Id: I252eaadff85fa47b894e989b4f2527b00c5dca56
This commit adds two new fields, tx_bytes and rx_bytes, to the
UpstreamEvent message. These fields provide information about the
amount of data transferred during the event, which can be useful for
network performance analysis. The current tx/rx usages are always
zero, but it will be updated in a later change to reflect the actual
usage. No changes were made to the existing fields upstream_type and
duration_millis.
Test: atest TetheringMetricsTest
Change-Id: I9e1043b3fff5aa3f548b8696bac7e5bc4271c77c
The information can be useful for issue debugging, it shows the
accumulated traffic offloaded to the hardware for all upstreams.
$ dumpsys tethering
....
ForwardedStats:
rmnet_data2: rx:155686981 tx:799922
....
Bug: b/205762647
Test: adb shell dumpsys tethering
Change-Id: I94143329bdc8ad0eff79c32f329fae95ad3acf8a
The TODO is used to track to dynamically pass down the TTL from the
upstream interface. Remove it as it was already done in IpServer.
Test: No code changes
Change-Id: Idb12f82023315661f1bf4c767b9b7744a151e821
Add the AIDL HAL service interface support and abstract the HIDL/AIDL
interface implementations to allow OffloadController to talk to both
interfaces.
Bug: b/205762647
Test: atest com.android.networkstack.tethering
atest ConnectivityCoverageTests
atest ConntrackSocketTest
Change-Id: If7634a298d03668ed70b328f1ad6ca0ac0fe170b
This is a preparation for CLAT offload.
Move the getting the MTU into a function for refactoring
updateUpstreamNetworkState() which could be simpler.
Bug: 258637850
Test: atest BpfCoordinatorTest
Change-Id: I8f22b022d4d00597810b56ab6e3e55ed7ab9076d
Currently we have 300s..600s RA interval, so ~450 seconds,
and a 6 * 600s, ie. 3600s (1h) lifetime.
This means on average about 8 RAs during the lifetime.
APF's FRACTION_OF_LIFETIME_TO_FILTER is 6, so the first
3600s / 6 = 600s of RAs are filtered out by a hotspot client
Android device. This means we really only get 3600s - 600s = 3000s
worth of RAs (after the initial one).
Hence, the client will get approximately 3000s / 450s = 6.666 RAs.
Thus, assuming a clientside DTIM multiplier of just 2, the client
phone only needs to fail a 50/50 coin toss 6 times in a row to
lose all 6 of those RAs.
That's a 1 in 2**6 = 64 chance, and it gets rerolled every ~450s.
Per https://www.codechef.com/wiki/tutorial-expectation
expected number of coin flips for getting N consecutive heads is:
2**(N+1) - 2
N=6 --> 2**7-2 = 126
126 * ~450s = 56700s = 15.75h
This means failure is expected roughly on the order of 16 hours.
By doubling the lifetime from 1h to 2h, we effectively double
the number of RAs, and lower the failure chance from 1 in 2**6,
to 1 in 2**13, which is 1 in 8K and thus much less failure prone.
N=13 -> 2**14-2 = 16382 --> failure expected after ~85 days
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I70db3096db5666bca0c248f2d49f801f333514b3
onUpstreamCapabilitiesChanged not only be called inside
reportUpstreamChange. Separate onUpstreamCapabilitiesChanged out
of reportUpstreamChange so that reportUpstreamChange can focus
on upstream network change callback.
Bug: 243516306
Test: atest TetheringTests
Change-Id: Ie2ba9805fc43f921100c0286a9300df02f63e35d
The variable mTetheringUpstreamNetwork is unused.
Remove the dead variable and its related setter setCurrentUpstream().
History:
aosp/507635: add mTetheringUpstreamNetwork
aosp/1183410: some functions stop using mTetheringUpstreamNetwork
aosp/1203243: stop using mTetheringUpstreamNetwork completely
Bug: 243516306
Test: atest TetheringTest
Change-Id: I07784c47e49dd9ef034f91bef9089ca48c187f30
* changes:
Tethering: deprecate CONNECTIVITY_ACTION on U+ device
Test: add tests to testChooseDunUpstreamByAutomaticMode_*
TetheringTest: separate setup func from chooseDunUpstreamTestCommon
