- Rename the conntrack destination port check function
- Use CollectionUtils.contains to check the denied ports
- Add tests for the streams with ftp and pptp tcp port are
not able to be offloaded
Bug: 195914327
Test: atest TetheringCoverageTests
Change-Id: I7e2591bea1f6db46271efb0c30970fb8d4efe1e4
The test may be run on S builds older than itself, in which case the
resource ID may not match. Query the resource ID dynamically instead of
using the constant.
IpSecAlgorithm is not updatable in S, which is why it can use
hidden/unstable platform resources, so the test could also be skipped
altogether on S. But considering that keeping it around is not very
costly yet, this change fixes it for running on S.
Bug: 197489543
Test: atest IpSecAlgorithmTest
Change-Id: I533eede3a360a8db9089e65e017b9d7453b35539
The correct return code to keep on processing any further TC
attached programs is 'TC_ACT_PIPE' and not 'TC_ACT_OK' (which
is terminal).
Without this the ipv6 tether offload program causes termination
of processing and the ipv6 clatd offload program never actually
handles any packets (while tethering is active).
This results in lack of bpf xlat64 offloading for tethered ipv4
traffic on an ipv6-only (cellular) network.
This in turn means incoming TCP packets get GRO'ed, do not get
bpf offloaded, and get delivered to the clat daemon, which
due to them being bigger than the mtu (due to gro) cannot
handle them and discards them.
This results in poor performance, since tcp falls back to 1 mss/mtu
sized packet per rtt.
Tested via tethering a linux laptop on an ipv6-only cellular connection
and downloading the linux kernel from kernel.org via 'wget -6' and 'wget -4'.
Before:
IPv6: over 2MB/s, observed:
5805 packets, including 4 sackOK
IPv4: under 1MB/s, observed:
9300 packets, including 8 sackOK, 387 sack 1, 501 sack 2, 2310 sack 3
After:
IPv6: over 7MB/s, observed:
16702 packets, including 4 sackOK
IPv4: over 9MB/s, observed:
32755 packets, including 2 sackOK
Test: builds, TreeHugger, see above
Bug: 195624908
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I623dacb5a37dc689cea34499c3906c11fcaf946c
This test fails on devices where physical Ethernet interfaces are
available but marked restricted, like cuttlefish.
Bug: 197462993
Test: test-only change
Change-Id: I15c991b2e43e2d5e823dcdcfbd74adfd9b2f6f08
Bypass the IPv4 TCP packets with port 21 (ftp) and 1723 (pptp) from
BPF offload because these packets need the netfilter conntrack helper.
Bug: 195914327
Test: manual test as the follows
1. Connect to ftp.slackware.com with port 21 in active mode.
2. Check the PORT command success.
Command: PORT 192,168,62,128,174,17
Response: 200 PORT command successful.
3. Download a file.
Change-Id: I8e3b8d9323eb0e572f20c74442b55d4ee95abc2f
When the avoidBadWifi configuration is false and not overridden,
a WiFi network that was validated in the past but becomes
unvalidated needs to outscore a cell network that is validated.
This is happening correctly when the stack compares two networks.
However, when the stack compares an existing network to an offer
for a cellular network, the offer was automatically considered
not to yield. This would mean the stack would be requesting cell
out of the telephony factory, only for that network to lose to
WiFi and be discarded immediately, then recreated again etc.
When there is some other reason cell should be up (such as the
"mobile always on" setting being active), this would not be
visible because the cell network would have another reason not
to be torn down.
Have offers correctly account for the current value of the
configuration and setting. This has the ranking of the offer
lose against WiFi like the actual network loses, meaning the
offer is not needed.
This also requires updating the offers whenever the value of
the setting changes.
Test: new test for this, also ConnectivityServiceTest
Bug: 195441367
Change-Id: I4fe5de98bc15bcf9bbbe25c6c7c8a7ba382f8db7
This test requires a cell network so the test will be failed if
the device does not support telephony. Add a condition to check
if the device supports telephony and skip cellular battery stats
test if telephony is not supported.
Bug: 196231205
Test: atest CtsNetTestCases:BatteryStatsManagerTest
Change-Id: I9ddc1da2a3f83f3fd2ab59059185f2f7a8d08701
Wifi link layer is an optional feature so this test will be
failed on wifi stats check if a device does not support it.
Add a check to know if the device supports wifi link layer
stats and skip it if it is not supported.
Bug: 195518957
Test: CtsNetTestCases:BatteryStatsManagerTest
Change-Id: I592dd5f1d6e13b020beadb11b9d913857a82e524
Merged-In: I592dd5f1d6e13b020beadb11b9d913857a82e524
Currently, when a VPN app calls registerDefaultNetworkCallback,
it will always get its own VPN, even if the VPN app called
VpnService.Builder#addDisallowedApplication to take itself out
of the VPN's UID ranges.
Add a test for the current incorrect behaviour.
Also fix an indentation error elsewhere.
Bug: 195265065
Test: test-only change
Change-Id: Id9648ea71fc7ae10855aa311beeb7975569d17f2
restrictCapabilitiesForTestNetwork was renamed after S release to be
included in a mainline release, but this causes the MTS test to fail on
S if the Connectivity module is not updated, and CTS to fail if the
connectivity module is updated.
Mark the test as @ConnectivityModuleTest so it can be skipped on
non-connectivity module MTS tests (such as NetworkStack tests), and add
back the previous method name to keep CTS passing.
Bug: 196755836
Test: atest NetworkCapabilitiesTest
Change-Id: Ibd6c2e62e5949ec6d93e9f6e4fc05129c29b94f8
There are IpServerTest test case fail because the code check the wrong
code name for T pre-release builds.
Bug: 194812819
Test: atest TetheringTests
Change-Id: I73bf58c60b6e790fe0060b60c023c10f5d8cbfa8
The directories were imported by mistake from old git log in the
frameworks/base repository, and are unused.
Bug: 192995539
Test: m
Merged-In: I0d4bd06e79adedbf582d2fed551d9f1bde521fd1
Merged-In: Ie3a058b904cb2e3704c3a0725c8f720f81bb235e
Change-Id: Ic3ed5d6d25fd87b136d9ae359e7444c4b1289744
When run as part of NetworkStack MTS, ConnectivityDiagnosticsManagerTest
may fail as it verifies behavior that is only present will the latest
tethering (connectivity) module installed.
There is no guarantee that connectivity will be up-to-date for a given
NetworkStack version, especially considering that on R->S device upgrade
NetworkStack is likely to have been updated, but connectivity will be
the factory version. Therefore NetworkStack tests need to cover devices
that do not have an up-to-date connectivity module.
Fix the test by observing that at least on T both module will have newer
behavior. On S, accept both factory and updated behavior.
Bug: 195727283
Test: atest ConnectivityDiagnosticsManagerTest
Change-Id: Ifc0b09c884419d28817cfe619940c979ee1b0b9e
The check intends to do the bit & operation. The net cap value
should be shifted against the original capabilities.
Also fix the typo in the method name.
Bug: 191918212
Test: atest FrameworksNetTests
Change-Id: I98396b2538f36fe8b29d27a544a2dfb3060bc9c5
