Some system components like VPN need to know how to redact
NetworkCapabilities & LinkProperties that they received from
the system but need to send to third-party applications with
less privilege than themselves. To make sure the redaction is
consistent, expose system API methods to do it that are wired
to the same redaction code used by ConnectivityService.
Bug: 191413541
Test: atest CtsNetTestCases, which includes new CTS for these
Change-Id: Ia3ae4755b5192884c147d6828f96cedac000a25b
Refer to the same constant definition as other tests instead of
hard coding locally, so that it won't be missed as changing to
Build.VERSION_CODES.SC_V2.
Bug: 184750836
Test: atest FrameworksNetTests
Change-Id: I3c17c414d830af03e2719c5dab1a664c55f6df2a
Added SPDX-license-identifier-Apache-2.0 to:
netd/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Change-Id: Ib1377fbb050fe52ee195eec58fea67ef769a487a
EthernetNetworkSpecifier is being moved from being @SystemApi to public.
This is causing the linter to incorrectly throw errors when building on
erro prone. Add @SupressLint to the method causing the errors prevents
the incorrect warning from causing build failures.
Tracking bug b/193460475 - TODO to remove once fixed.
cherry pick of http://ag/16822701
Bug: 210485380
Test: build errorprone
Change-Id: Id297e739a2288ccc232c6b989ec7fee41837a910
Merged-In: Id297e739a2288ccc232c6b989ec7fee41837a910
Allow core tests to use hidden connectivity APIs. Benchmark tests in
particular cannot be run without these.
Ignore-AOSP-First: Avoiding merge conflicts, cherry-pick will follow
Bug: 197717846
Test: m
(cherry-picked from ag/16772124)
Change-Id: Ia01f24317d14b063f9a7e24c3ada11b140641c50
Merged-In: Ia01f24317d14b063f9a7e24c3ada11b140641c50
Adds ingress rate limiting functionality to ConnectivityService. The tc
rate limit is installed before we tell netd about the interface, and
removed after the network is removed from netd. When the setting
changes, the old rate limit needs to be removed before a new one can be
added (unfortunately, we cannot use NLM_F_REPLACE when configuring the
tc-police filter).
Currently, this functionality is always enabled, but may or may not work
based on kernel support.
Bug: 157552970
Test: atest FrameworksNetTests:ConnectivityServiceTest
Change-Id: I4e64b2c40490f061e42b40a1b1b3a6618c3d1a87
The INGRESS_RATE_LIMIT_BYTES_PER_SECOND setting controls the rate limit
for internet networks. If set to -1, no rate limit applies. There is
one global rate limit that will be applied to all networks with
NET_CAPABILITY_INTERNET.
Test: atest ConnectivitySettingsManagerTest
Bug: 157552970
Change-Id: Ia82aa867686d484ce46734f76d4a48bf864eff84
framework-connectivity need to see the aidl files when
compiling IConnectivityManager.aidl, and it can only
include the files by specifying aidl include_dirs.
Thus, move the file into the module since the one outside
of the module is going to be deleted soon.
Ignore-AOSP-First: Avoiding conflicts; cherry-pick will follow
Test: TH
Bug: 197717846
Change-Id: Ide7431d0c98aebd389bee86d13ff44f5ef8b8283
Merged-In: Ide7431d0c98aebd389bee86d13ff44f5ef8b8283
EthernetTetheringTest needs to parse BPF map content for IPv4
forwarding rule tests. Move the struct class files to common
libs.
Compare Tether4{Key, Value}.java between frameworks/libs/net/common
and packages/modules/Connectivity/Tethering.
There is only the package name change as expected.
$ diff packages/modules/Connectivity/Tethering/src/com/android/networkstack/tethering/Tether4Key.java frameworks/libs/net/common/device/com/android/net/module/util/bpf/Tether4Key.java
17c17
< package com.android.networkstack.tethering;
---
> package com.android.net.module.util.bpf;
$ diff packages/modules/Connectivity/Tethering/src/com/android/networkstack/tethering/Tether4Value.java frameworks/libs/net/common/device/com/android/net/module/util/bpf/Tether4Value.java
17c17
< package com.android.networkstack.tethering;
---
> package com.android.net.module.util.bpf;
Test: atest TetheringCoverageTests
Change-Id: I73c180fa4129aefde1e64ecbafe928f388b061d6
framework-connectivity-t-pre-jarjar build target is needed
by service-t, thus, enabled this target on sc-mainline-prod
but still keep framework-connectivity-t disabled.
Bug: 204830222
Test: m
Change-Id: I03cbdb57966b746f3c93e989394a4dc999fe863a
The pre-jarjar variant is necessary so that service-t can depend on
hidden symbols in framework-t that reference (for example as parameter)
classes that are jarjared.
Without this, when depending on framework-connectivity-tiramisu.impl,
service-connectivity-t would see post-jarjar symbols that do not match
the classnames it uses in its code.
Also split FrameworksNetTestsLib so that the same jarjar rules can be
applied between the tests and the module, avoiding different errors
between FrameworksNetTests and ConnectivityCoverageTests.
Ignore-AOSP-First: Avoiding conflicts; cherry-pick will follow
Bug: 204830222
Test: m
Change-Id: I3d0c081c4a7422e128beee11c0156f01b0377c96
Merged-In: I3d0c081c4a7422e128beee11c0156f01b0377c96
Address API review feedback to change naming of
setExcludedLocalRoutesVpn and getter.
Bug: 217742354
Test: atest FrameworksNetTests
Change-Id: I57bbf55c7aba1c86ec8687d2431a50b37e63c6d0
When the network is a VPN, NetworkMonitor needs to know whether
the VPN requests validation, and that information is stored in
NetworkAgentConfig. Pass it.
Test: FrameworksNetTests
Change-Id: I3616f0796b69ce054d92213aafdef43ba7041596
Change gid BPF programs from AID_ROOT to AID_SYSTEM because
system_server needs to access them.
Bug: 202086915
Test: test in Ib0e935ee2b714ac61daceba6d13fa7a20f97f68f
Change-Id: I8c0019f141414994aad2986cc5dfdb7dd027a36a
This reverts commit 13b96bc651.
Reason for revert:
- The reverted CL fixes a bootloop on Fi devices and must be submitted again for droidfood stability purposes.
- It's not clear whether the revert actually fixes the test that prompted it.
Change-Id: I68200501d1c587d1c6b3ad81053175c74961a440
(cherry picked from commit 7174ac3d86)
Bug: 204153604
Ignore-AOSP-First: part of large topic that only builds internally
Test: build, FrameworksVcnTests, FrameworksIkeTests
Change-Id: I40740200fe4a7476a21bb5330429a11c97e38fb8
Merged-In: I40740200fe4a7476a21bb5330429a11c97e38fb8
This adds a new API that lets VPN apps using VpnManager request
that the platform run its basic validation check on the resulting
network.
Bug: 184750836
Test: atest FrameworksNetTests
Change-Id: I00092eee857d3e33529b19461cfd5dd060a0fe20
