The tether_enable_select_all_prefix_ranges is added from M2020-12
for quick roll back the feature. Since feature is landed over a year
without any problem, remove the flag now.
Bug: 171269957
Test: atest TetheringTests
Change-Id: I3ef414a47dd0a1f80ea2d378601ccd7c14067318
In scenarios where linkproperties event is received on default internet
callback, linkproperties are cached and network state is updated with
new link properties but Tethering class is notified about the change.
Later when event is received on mobile request or listen all cb, since
the network state is already updated with these linkproperties, change
in link properties will not be notified. This results in tethering
failures where the ip addresses of the tethering interface will not be
updated.
This change handles this issue by triggering the link properties change
in all scenarios.
Update the correponding test case as well.
Tests: Builds, Boots, TetheringTests
Bug: 216281561
Change-Id: I7452ed07d2665843c86141764b71aab0c00417fe
This is preparation for tetherOffloadRule4Clear test.
- Upstream interface can be set {null, cellular (rawip), wifi (ether)}
- Allow that add up to two downstream interfaces which has one client
on each of them.
- Change mBpfDownstream4Map and mBpfUpstream4Map from mocked instance
to TestBpfMap for further rule check.
- Remove startPolling() from initBpfCoordinatorForRule4() because
upstream information is updated by updateUpstreamNetworkState now.
Test: atest TetheringCoverageTests
Change-Id: Ibc1f68131410b7cec379ab4e310b90ad85f25d31
EthernetTetheringTest needs to parse BPF map content for IPv4
forwarding rule tests. Move the struct class files to common
libs.
Compare Tether4{Key, Value}.java between frameworks/libs/net/common
and packages/modules/Connectivity/Tethering.
There is only the package name change as expected.
$ diff packages/modules/Connectivity/Tethering/src/com/android/networkstack/tethering/Tether4Key.java frameworks/libs/net/common/device/com/android/net/module/util/bpf/Tether4Key.java
17c17
< package com.android.networkstack.tethering;
---
> package com.android.net.module.util.bpf;
$ diff packages/modules/Connectivity/Tethering/src/com/android/networkstack/tethering/Tether4Value.java frameworks/libs/net/common/device/com/android/net/module/util/bpf/Tether4Value.java
17c17
< package com.android.networkstack.tethering;
---
> package com.android.net.module.util.bpf;
Test: atest TetheringCoverageTests
Change-Id: I73c180fa4129aefde1e64ecbafe928f388b061d6
This change only apply to the device after T.
Use new bluetooth API to change bluetooth tethering settings and the
new API provide the callback to to notify Tethering when bluetooth
interface is ready. Tethering doesn't use bluetooth interface status
change event from netlink to add/remove IpServer anymore.
Tag: #feature
Bug: 190438212
Test: TetheringTest
Change-Id: Iae92d98d500f83b116da7282cf1130fb8fecf53d
1. Instead of create BluetoothPan every time when tethering need to use
it, store it with mBluetoothPan and resue it.
2. Call BluetoothPan function under tethering handler thread.
Bug: 190438212
Test: atest TetheringTests
Change-Id: I40adece59960ec44a02dc438d6bd95483a0788af
Move tethering util files from android.net.util into
com.android.networkstack.tethering.util. The goal is move all of
tethering internal files into its own namespace
com.android.networkstack.tethering.util.
Bug: 205088391
Test: atest TetheringTests
atest CtsTetheringTest
atest TetheringPrivilegedTests
Change-Id: I6559fb4f873b3cad5b210b10e49df1b6c6914a70
With the network selection rewrite in S, rematching a single request can
now easily be done; this can be used as an optimization in
handleRegisterNetworkRequests to avoid rematching all requests when
registering a new one.
This can be disabled by a flag that is unset by default,
REMATCH_ALL_REQUESTS_ON_REGISTER.
Test: atest ConnectivityServiceTest
Change-Id: If76f79b41ac88863974f7025624667134bea2570
There is currently a priority gap at 3. We need to bump tethering prios
to 2 and 3 to make room for rate limiting, which should have the top
priority.
Test: m
Bug: 157552970
Change-Id: I6e1087b232a8235e5cd42953470c72e2ae643bdc
TetheringService call different Settings API to check write settings
permission between R and S.
Bug: 182211575
Test: install S module to R device and both run mts tests build with S
and R.
Change-Id: I3e7f6525e9776992bd96b17c132b749b12285bbd
Merged-In: I3e7f6525e9776992bd96b17c132b749b12285bbd
- Rename the conntrack destination port check function
- Use CollectionUtils.contains to check the denied ports
- Add tests for the streams with ftp and pptp tcp port are
not able to be offloaded
Bug: 195914327
Test: atest TetheringCoverageTests
Change-Id: I7e2591bea1f6db46271efb0c30970fb8d4efe1e4
Bypass the IPv4 TCP packets with port 21 (ftp) and 1723 (pptp) from
BPF offload because these packets need the netfilter conntrack helper.
Bug: 195914327
Test: manual test as the follows
1. Connect to ftp.slackware.com with port 21 in active mode.
2. Check the PORT command success.
Command: PORT 192,168,62,128,174,17
Response: 200 PORT command successful.
3. Download a file.
Change-Id: I8e3b8d9323eb0e572f20c74442b55d4ee95abc2f
There are IpServerTest test case fail because the code check the wrong
code name for T pre-release builds.
Bug: 194812819
Test: atest TetheringTests
Change-Id: I73bf58c60b6e790fe0060b60c023c10f5d8cbfa8
Use exact alarm to fix entilement recheck delay problem while device
asleep.
Bug: 195370891
Test: atest TehteringTests
Change-Id: I409e603bf2b990657551e1140b50f69640c328d8
After moving all netlink-client stuff to frameworks/libs/net/common
and build it as an individual library, deprecate the netlink-client
lib and use net-utils-device-common-netlink instead.
Due to that the package name of netlink lib has changed, also update the
package name used in Tethering and ConnectivityService module.
Bug: 192535368
Test: atest TetheringTests TetheringIntegrationTests
Change-Id: Ic2078caf67a640836d98c5a2e4ca89939adcb896
This reverts commit a5c742be69.
Reason for revert:
Stop releasing this commit because it needs more test coverage.
Bug: 190783768
Bug: 192804833
Change-Id: I6e6b40b0f6207ed197d01bfabb616f1afa31fb70
Test: atest TetheringCoverageTests
This reverts commit 299a81157c.
Reason for revert:
Stop releasing this commit because it needs more test coverage.
Bug: 190783768
Bug: 192804833
Change-Id: I6a0d93e04814ae73e1ec7d6fd4df19e1d2787207
Test: atest TetheringCoverageTests
This reverts commit 118b5b578a.
Reason for revert:
Stop releasing this commit because it needs more test coverage.
Bug: 190783768
Bug: 192804833
Change-Id: Ie26f6e528999da42cfa66a5f6c1f187ad2276ae1
Test: atest TetheringCoverageTests
Bpf offload do not support VCN network yet, don't start bpf offload
if the interface is ipsec*.
Bug: 191178945
Test: atest TetheringTests
Change-Id: I1ad8cededddec42f45b08aaa31d583c548d105f0
This is fixing post-FIN state (by disabling offload post-FIN).
Once the tcp state enters half-closing tcp state (fin wait,
close wait), delete the offload rules.
From this commit, we have done the short term solution for conntrack
tcp timeout issue. Here is what we have done so far.
- Stop updating tcp timeout to avoid updating wrong tcp state
timeout.
- Update the ESTABLISHED timeout
nf_conntrack_tcp_timeout_established (432000) after adding
bidirectional rules.
- Delete the tcp rules when the tcp state has left
"established".
Here is the long term solution and need to be addressed in follow up
commits.
- Parse the tcp state from netlink conntrack event.
- Build a mapping to trace the tcp state of the tcp conntrack event.
- Update tcp state timeout for {ESTABLISHED (432000), FIN_WAIT (120),
CLOSE_WAIT (60)}.
Bug: 190783768
Bug: 192804833
Test: atest TetheringCoverageTests
Manual test:
1. Browse on tethered device
2. Check conntrack tcp state is established.
$ cat /proc/net/nf_conntrack
ipv4 2 tcp 6 431995 ESTABLISHED src=192.168.207.9
dst=140.112.8.116 sport=50697 dport=443 ..
3. Check offload rules are added via dumpsys.
Upstream:
tcp .. 192.168.207.9:50697 -> 14(rmnet0) 10.224.1.247:50697
-> 140.112.8.116:443 ..
Downstream:
tcp .. 140.112.8.116:443 -> 30(30) 10.224.1.247:50697
-> 192.168.207.9:50697 ..
4. Stop browsing for a few seconds.
5. Check conntrack tcp state is half-closed.
$ cat /proc/net/nf_conntrack
ipv4 2 tcp 6 116 TIME_WAIT src=192.168.207.9
dst=140.112.8.116 sport=50697 dport=443 ..
5. Check offload rules are removed via dumpsys.
Upstream:
(not found)
Downstream:
(not found)
Change-Id: I07e27230bf8952acd7828d1f605167758b3bc490
Needed because a payload data packet may have gone through
non-offload path, before we added offload rules, and that this
may result in in-kernel conntrack state being in ESTABLISHED
but pending ACK (ie. UNACKED) state. But the in-kernel conntrack
might never see the ACK because we just added offload rules.
As such after adding the rules we need to force the timeout back
to the normal ESTABLISHED timeout of 5 days.
Issue: the timeout is set to unacknowledged 300s (countdwon to 298s)
$ adb shell cat /proc/net/nf_conntrack
ipv4 2 tcp 6 298 ESTABLISHED src=192.168.244.128
dst=140.112.8.116 sport=45694 dport=443 ..
Test: atest TetheringCoverageTests
Manual check:
$ adb shell cat /proc/net/nf_conntrack
ipv4 2 tcp 6 431988 ESTABLISHED src=192.168.40.162
dst=140.112.8.116 sport=40774 dport=443 ..
Bug: 190783768
Bug: 192804833
Change-Id: I8c34e85e26c9d976e5e2b85473db75ff46d8abd4
This is a preparation for only update the tcp timeout while
adding rules. Also add slack time for updating UDP timeout
interval.
Bug: 190783768
Bug: 192804833
Test: atest TetheringCoverageTests
Change-Id: I3151b531e6581e257f3cfa39ad2fcf1650358b3d
- Remove ipv4MappedAddressBytesToIpv4Address because it can be covered
by parseIPv4Address.
- Remove IllegalArgumentException from parseIPv4Address because it has
never happened
- Reverse the order of upstream and downstream timeout refreshing in
refreshAllConntrackTimeouts for readability because both source and
destination of the downstream are opposite direction to the
upstream.
Bug: 190783768
Bug: 192804833
Test: atest TetheringCoverageTests
Change-Id: I6a1e44777a4357dd3847c2e2bb1fc6c3cf01617c
