* changes:
Move BatteryStats and StatsCompanionService to use NetworkStatsService.
NetworkStatsService: Fix getDetailedUidStats to take VPNs into account.
Take all VPN underlying networks into account when migrating traffic for VPN uid.
This API is similar to one provided by NetworkStatsFactory with the
difference that NSS also migrates traffic from VPN UID to other apps.
Since traffic can only be migrated over NetworkStats delta, NSS
therefore maintains NetworkStats snapshot across all UIDs/ifaces/tags.
This snapshot gets updated whenever NSS records a new snapshot
(based on various hooks such as VPN updating its underlying networks,
network getting lost, etc.), or getDetailedUidStats API is invoked by
one of its callers.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: manually verified that battery stats are migrating traffic off of
TUN (after patching above CL where we point BatteryStats to use this
API).
Change-Id: Ib0f0c2d4d41ee1d7a027ea9da457baaf198d649e
VPN uid.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: Manually verified on device that stats from VPN UID are moved
appropriately based on its declared underlying network set.
Test: vogar --mode app_process --benchmark NetworkStatsBenchmark.java
Change-Id: I9d8d0cc58d18002c1c96f8ddff780ef8dc452d21
For packages:
android.companion
android.filterfw
android.hardware.camera2.utils
android.inputmethodservice
android.net.nsd
android.os
android.preference
android.security.keymaster
android.service.dreams
android.telecom
android.telephony.ims.compat.feature
android.telephony
android.util
android.view.accessibility
android.media.effect
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Merged-In: I9c2f8347952f3cc65759472b0e1a2717b285e44e
Change-Id: I14793863cf815fa3383fec6c6bf5a9365c2e17eb
network.
This is to establish a baseline for the existing behavior, and to ensure
that following changes are not causing a regression in existing
behavior.
This CL is also adding missing cleanup for NetworkStatsCollectionTest
which was forcing all network types in NetworkTemplate that was causing
NetworkStatsService related tests to fail.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Change-Id: I285f186cfb16bc9fa704c797996b1e4f8a73dee4
NSS needed it for getting VpnInfo[], NetworkState[] and
activeLinkProperties which it used to query via ConnectivityManager.
For VpnInfo[], this was racy as NSS may ignore intermediate changes to a
VPN's underlying networks. See http://b/123961098 for more context.
It may also lead to deadlocks b/w ConnectivityService and
NetworkStatsService. See http://b/126245192 for more info.
This change will ensure that NSS is never contending on any of
ConnectivityService locks.
Bug: 123961098
Bug: 126245192
Bug: 120145746
Test: atest FrameworksNetTests
Change-Id: Id1da446b54d95ee68ed14079107b1a10318bcf8b
Merged-In: I57e117bb4e9efe491b19d6b5a479f2d58d1c58e6
For packages:
android.net
android.net.wifi
android.nfc
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Merged-In: I7489aad1dceeb18ed7ca48a1ed8829a668b3fa04
Change-Id: I16570aef456b45a5543bf889dddc7a0d25441928
These utilities can only be used for privileged apps. The underlying
implementation cannot be @SystemApi.
Test: m
Bug: 112869080
Change-Id: Idfa90561102e5b03ab2b79486d3ad46457128bf8
Everything that is marked SystemApi or TestApi, but not @hide is still
part of the public SDK, it is therefore not sound to have that combination.
In the future, specifing such a combination will be considered an error
to prevent inadvertently exposing SystemApi and TestApi as public API.
Bug: 115333477
Change-Id: Ibd5d6a22862fdbc1e20a1cb3925280f5a682edea
Merged-In: Ibd5d6a22862fdbc1e20a1cb3925280f5a682edea
Test: METALAVA_PREPEND_ARGS="--error UnhiddenSystemApi" m checkapi
Exempt-From-Owner-Approval: API cleanup
Currently, 464xlat counts its ipv6 tx traffic into root uid.
When user is making ipv4 upload over ipv6-only network, ipv4
tx traffic may sometimes be counted faster then ipv6 tx
traffic.
Thus, NetworkStatsService may detect non-monotonic values due
to 464xlat adjustment.
So the solution is that: for clatd, make ipv6 tx traffic counts
into clat uid, and then ignore it in the framework side.
Bug: 118602783
Test: 1. manually verify clatd traffic on clat uid.
2. runtest frameworks-net
Change-Id: Ifb478b79e3e281918c70e16d1f90682c78f33db1
In follow-up commits, current API would create new NetworkStats
every time when 464xlatAdjustment wants to filtered out some
uids.
This commit refactors it to delete stats in-place to get better
performance.
Bug: 118602783
Test: atest FrameworksNetTests
Change-Id: I858f95d1fa7733111786243b4e261ce8a70a068d
This change adds support for XFRM-I to all IpSecService netd calls.
Fallback logic is in netd, and thus both VTI and XFRM-I parameters are
always passed down to IpSecService.
Bug: 78589502
Test: All java, CTS tests passing
Change-Id: Ie4186f0ad7e50763b21831f6fa411b5ee436de78
SA marks are never updated during the UPDSA call. This change disables
the attempts to update the specified SAs, ensuring that the config
stored in IpSecService matches that of the allocated kernel resources.
Bug: 111854872
Test: Unit, CTS tests passing
Change-Id: Ic1fb862c8021ffa260c3e262ec698d8af0a826d9
When using xt_qtaguid to count per uid stats,
NetworkStatsService needs to adjust the 464xlat traffic since
iptables module would double count for ipv4 and ipv6 packet.
But for eBPF, the per uid stats is collected in a different
hook, so the adjustment on root uid would only be needed in tx
direction.
Bug: 112226716
Test: 1. Make ipv4 traffic in ipv6-only network and check data
usage.
2. Make ipv4 traffic in a client which connect to
ipv6-only hotspot.
3. runtest frameworks-net
4. cts-tradefed run cts -m CtsNetTestCases -t \
android.net.cts.TrafficStatsTest
5. cts-tradefed run cts -m CtsUsageStatsTestCases
Change-Id: Ic9a84f5446eddc943c255d5f3b89dad171f53cac
Use stable aidl generated structure instead of UidRange
Test: runtest frameworks-net passes
Test: manual testing of UidRange related function works
Change-Id: Iaf1c10777dc1e71df2be2a57533a10257b12626b
This first version can serve discover/request/release, although there
are some small behavior changes with current implementation which will
be addressed later.
Also removes final modifiers on start() and stop() in FdEventsReader, to
allow mocking the methods in tests with the current mockito lib.
Test: Added tests pass, manual: flashed a device using the server
Change-Id: I025366ff7d51c4ba31152af50f3dd2b5e280a54d
For packages:
android.net.wimax
android.net.wifi.p2p.nsd
android.net.wifi.p2p
android.net.wifi.hotspot2.pps
android.net.wifi.hotspot2.omadm
android.net.wifi.hotspot2
android.net.wifi.aware
android.net.wifi
android.net.util
android.net.sip
android.net.rtp
android.net.nsd
android.net.metrics
android.net.lowpan
android.net.http
android.net.captiveportal
android.net
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Change-Id: Ie25423113ee1a8071cd5039382c00de6ce0af7fd
Merged-In: I520be7a4c79e68310c12e4f55bf66acaa94145a1
For packages:
android.app.usage
android.app.trust
android.app.timezonedetector
android.app.timezone
android.app.timedetector
android.app.job
android.app.backup
android.app.assist
android.app.admin
android.app
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Change-Id: I5d15d50344d7178617418846917f693cfabf006b
Merged-In: I618c5dc4462ae990d9df45c3e9ed3f092cc5138c
We've seen reports of negative values flowing through to attempt
being recorded, which will outright crash. This change does one
last-ditch check to see if we're about to work with negative values,
reporting any trouble and clamping them to zero so we don't crash.
This gives us the data we need to continue investigating without
triggering runtime restarts in the field.
Bug: 80057433
Test: atest android.net.NetworkStatsTest
Change-Id: I8174391c6cf5dadc2c2c10a8d841ee07e1f7d934
In order to properly support EOPNOTSUPP this CL
applies a consistent approach to handling Exceptions.
Hereafter, all exceptions that aren't of a special
method-specific type (such as SpiUnavailableException)
will all be returned to the calling process unchanged.
At the API call site, the ServiceSpecificException,
which is really an Errno, will be inspected and either
converted to an unchecked exception for types we know,
or it will be converted to an IOException in cases where
that method can return a checked exception. In cases
where we do not expect an errno, we will simply throw
a generic RuntimeException. This means all API calls
will now properly throw UnsupportedOperationException
and may be CTS tested accordingly.
Bug: 72420898
Test: runtest frameworks-net
Change-Id: I4a00e221618896223fcdb4b4279fb14cd14e34d8
Collecting network statistics is pretty heavy, which is why we're
throttling callers. However, to keep CTS running fast, we provide a
way for tests to force a poll event, instead of making them wait for
the throttle timeout.
Bug: 77908520
Test: atest cts/tests/tests/app.usage/src/android/app/usage/cts/NetworkUsageStatsTest.java
Change-Id: Ia792f0cd495023366ff8c4839df54e7da2ae8331
Hide the tunnel mode of the IpSec API because
there is a disincentive to launch it without
a supported customer use case. That use case,
IWLAN is having its APIs hidden, so we should
hide these as well to avoid constraining future
implementation.
Also, due to issues with the lifetime of the NATT
management object, this API needs to be hidden
until such time as the lifetime of the Keepalive
can be handled independently of the lifetime of
a Transform.
Bug: 72523623
Test: compilation (api removal)
Change-Id: I076030bdbab1cd7d69f6a034577d529970b050dc
This also avoids returning a nonzero multipath preference
if remaining data is low but nonzero.
Bug: b/72877610
Change-Id: I2459ded06de77d284ae1fe81a60d9e1df56b0c26
Fixes: b/72877610
Test: Tests in go/ag/3842960 pass
LinkAddress constructors are currently @hide; this change updates
IpSecManager to use InetAddress and prefixLen, and then construct a
LinkAddress internally. LinkAddress is used over the binder interface to
IpSecService to ensure validity.
Bug: 77528639
Test: CTS, Java unit tests ran on walleye
Change-Id: I19e124adef6d9f4992d8293db3190bcf74c95848
This change forces Socket and DatagramSocket to populate the
SocketImpl, ensuring that the socket file descriptor can be
retrieved when applying Transport mode Transforms
This is done by calling getSoLinger(), triggering a getImpl(), which
triggers setImpl() if needed.
Bug: 77491294
Test: Added tests in IpSecManagerTest, ran on walleye
Merged-In: I40da08b031357710eb794e0f866aec5660c79594
Change-Id: I40da08b031357710eb794e0f866aec5660c79594
(cherry picked from commit d175a3d3a01cfdb5ab6d4e61d15950583f8006d6)
Adds support for a new AppOp to permit services to
use IpSec tunnel mode. The IpSecService now needs
a context so change the service mode to a cached
service rather than a static service.
Bug: 66955045
Test: runtest frameworks-net
Change-Id: I17a4a286225b432c3e15ea1587d946189931b4f4
Usage stats corrections for 464xlat in NetworkStatsFactory are not applied
to tethered traffic. Add adjustments in NetworkStatsService. After
migrating external callers off NetworkStatsFactory, we will be able to
only apply adjustments in NetworkStatsService and remove stacked
interface tracking from NetworkStatsFactory.
Bug: 72107146
Fixes: 72107146
Test: runtest frameworks-net & manual - checked corrected network usage
Merged-In: Ieb25c41c651499fdd01225ae5ac21d95e3d823f5
Merged-In: I016722f3a0ae2ae0a1d48bfacc4fe07ee3578ef7
(cherry-pick of aosp I5ce450e616b4fddf21f2a491fe5d0c9e9f969bda)
Change-Id: Id41cf22a0f9a63cb1832e9375bfb045861f08e52
Currently the NetworkStatsManager APIs allow applications to
query for their own data usage by UID and tag, but do not allow
applications to query by foreground/background state.
This is causing popular apps to resort to parsing xt_qtaguid
stats files directly. Because this is no longer allowed for apps
targeting P and above, provide replacement functionality.
This API allows apps to query for data usage for a given state,
but not to receive data usage broken down by state. This is
consistent with how the current UID and tag APIs work. It is also
not an undue burden on apps: there are currently only two states
of interest (FOREGROUND and everything else), and even if we add
states in the future, unmodified apps can still obtain total
traffic using STATE_ALL.
Bug: 72977484
Test: New CTS test added in other change in this topic.
Change-Id: Ic8c9194569ffd599b49e4a8197c5c2ea0ec3f7f7
Useful for clients such as BatteryStats which currently rely
on NetworkStatsFactory. Data at that stage is incomplete as
it does not account for tethering, VT data and corresponding
464xlat corrections.
Test: runtest frameworks-net, CTS tests pass.
Bug: b/72107146
Merged-In: I31c5b9b4a7c6e72910152415894a137f000a5858
Merged-In: I2527d95000c7500c824ede70f87ecb38e21ed323
(cherry picked from aosp 088ff6824f13145ea52207bdead0d7e454a6f3ce)
Change-Id: Ie80f1bb21124241f3414f9be77aceac9a44ec6d1
Disallow the allocation of SPIs in the range
reserved for future use by RFC 4303.
Bug: 77205120
Test: runtest frameworks-net
Merged-In: I05e26ed34b5871f1a07d5bd7b58b79a64cd74b67
Change-Id: I05e26ed34b5871f1a07d5bd7b58b79a64cd74b67
(cherry picked from commit 7f606ee8e57d9d8b7c5d0cb2a78421aa02efb385)
Instead of providing default truncation lengths (based on RFC or
otherwise), this change imposes a restriction that the truncation length
must be supplied for all auth or aead algorithms.
Bug: 77204048
Test: Updated tests, ran on walleye
Merged-In: I4a0e2e71aa97259e56f44e7c8a2ce53135708d97
Change-Id: I4a0e2e71aa97259e56f44e7c8a2ce53135708d97
(cherry picked from commit bb7f2820f5bcccf8618078c2cbe4ea9836797e3b)
This change updates the getSocket() methods for IPsec to improve clarity
of the return types, both for public APIs, and internal-only methods.
Bug: 72473753
Test: APIs updated, CTS + unit tests ran.
Merged-In: I0afebd432c5d04c47c93daa1ce616d712aa323d7
Change-Id: I0afebd432c5d04c47c93daa1ce616d712aa323d7
(cherry picked from commit 4c987ebade580d4abc8a3d549e0df90baab33140)
