findIPv4DefaultRoute() is removed from Vpn, so
IllegalStateException is no longer thrown for IPv6 only
networks.
The test testStartLegacyVpnIpv6 is now not testing anything new
and so it is removed. Note that other tests that will be calling
startLegacyVpn() ensure coverage is not lost.
Bug: 161776767
Test: atest FrameworksNetTests
Change-Id: I6ac9d7c196b7bc4c44fc2ad32baa25b106640ef4
LegacyVpnRunner is removed, remove the following related tests:
1. testStartRacoonNumericAddress
2. testStartRacoonHostname
3. testStartPptp
4. testStartPptp_NoMppe
Create a new test that asserts UnsupportedOperationException for
the VPN types in those tests.
Bug: 161776767
Test: atest FrameworksNetTests
Change-Id: Id66d09ea54576ca4c641e8f69d104dc26a42c46b
Test: atest ConnectivityCoverageTests:android.net.connectivity.com.android.server.net.NetworkStatsServiceTest
(with debug code that dump all threads at the end of tests)
Fix: 308544001
Change-Id: I597054633bbb008ffd0edebe34dcf6935958aa5d
To debug unexpected keepalive metrics values, print the built
metrics in a Log.wtf before writing it to statsd.
Bug: 297292877
Test: atest FrameworksNetTests
Change-Id: I5fffc13721e50e28f24b0da12a961364f3f77e21
This change adds a DataSaverStatusTracker, which is a helper
class to continuously track data saver status through NPMS
public API and intents. ConnectivityManager#isUidNetworkingBlocked
would use this cached information along with bpf maps to decide
whether networking of an uid is blocked.
Test: atest FrameworksNetTests:android.net.connectivity.android.net.BpfNetMapsReaderTest
Test: atest ConnectivityCoverageTests:android.net.connectivity.android.net.ConnectivityManagerTest
Bug: 297836825
Change-Id: I7e13191759430f3ea1f4dec7facc02f16be7146d
The created handler threads should be quit after the tests to
prevent memory leakage. Also, this commit updates the method
used to close the created HandlerThread to do it correctly.
Bug: 308537727
Test: atest ConnectivityCoverageTests
Change-Id: I3715a73a9142418c05f98bc95e275f97161ab3cd
This is needed for data stall detection mechanism in NetworkStack
to get the information about whether the network is blocked for
a given uid and conditions. Because the API will be called
frequently from NetworkStack to resolve all status for all uids
on the device, the API cannot call into the service which
creates IPC. Instead, the API need to directly access bpf maps
in the user process to retrieve the status. In this case the
user process is the network stack, the access control is provided
by linux file permission and selinux.
Test: atest FrameworksNetTests:android.net.connectivity.android.net.BpfNetMapsReaderTest
Test: atest FrameworksNetTests:android.net.connectivity.android.net.ConnectivityManagerTest
NO_IFTTT=Refactor only change for firewall chains definitions
Bug: 297836825
Change-Id: Iaf983b71ec98cbfe5152dcfade8a3120f938f135
Dns Resolver needs to know whether a network is metered when checking if
DNS requests will be blocked by Data Saver.
Bug: 288340533
Test: atest FrameworksNetTests
Change-Id: Ia5822dc522c766c7815680003c7ba275d15ccaff
The information is needed by modules who want to know whether a
specific UID is blocked by Data Saver feature.
1. Add a one-element map data_saver_enabled_map.
2. Update current data saver setting to the map.
Bug: 288340533
Test: atest FrameworksNetTests:android.net.connectivity.com.android.serv
er.BpfNetMapsTest
Test: atest bpf_existence_test
Change-Id: I981da4b569247c33cba2d365cb6f2691f673474e
In particular, this fixes a bug where a non-validated destroyed
network can't get disconnected after it's replaced by another
non-validated network because CS thinks it should keep it in
case it validates and beats the replacement network.
Test: new test for this : CSDestroyedNetworkTests
Change-Id: I5d7e413624d6fca28b06484e5369cd17e4a599a4
1. At present, the transportTypes in NetworkCapabilities have been
passed into DnsManager::updateTransportsForNetwork() as a parameter. In
the following CL, we also need to pass the 'metered' (also in
NetworkCapabilities) as a parameter to the function. Instead of passing
the members of NetworkCapabilities one by one, it is better to pass the
entire NetworkCapabilities.
2. Rename updateTransportsForNetwork() to
updateCapabilitiesForNetwork().
Bug: 288340533
Test: presubmit
Change-Id: I0966124f87b12c1d5a2eaee681885c3d5c7f74dc
This reverts commit 55ccfe19e2.
Reason for revert: this must be introducing some sort of race
it appears to cause
atest EthernetTetheringTest 'NetdBinderTest#TetherForwardAddRemove'
to no longer reliably pass.
Change-Id: I5281ab3f42c5ce268d97a12db24a6768db3f4354
Make MockVpn stop extending Vpn in order to stop depending on
Vpn code. This includes:
1. Remove @Override and synchronized for all MockVpn methods.
2. Remove the constructor.
Bug: 230548427
Test: atest FrameworksNetTests
Change-Id: I9109cd9d3e17717cffa6c89c6a9e4330ed9af3cf
The following are removed:
1. mUnderlyingNetworkInfo and the related get and set.
2. Calls to setEnableTeardown() since this has no
interaction with ConnectivityService.
3. Calls to updateState().
4. Usage of mInterface.
5. Usage of mConfig.
6. Usage of mNetworkAgent.
Bug: 230548427
Test: atest FrameworksNetTests
Change-Id: Ie7cec6fed25f841de995059deba1c1df67377e70
Store the mNetworkCapabilities locally in MockVpn to stop
depending on the Vpn class.
Bug: 230548427
Test: atest FrameworksNetTests
Change-Id: I215e915dcafb6700950bc8a500bc16f839d0e13e
testDumpDoesNotCrash does not dump enough objects to have full
coverage. e.g. In b/303348620, it did not detect the crash since
there is no NetworkAgentInfo stored in ConnectivityService.
This change ensures ConnectivityService is filled with more
objects that will be dumped:
1. NetworkProvider
2. NetworkAgentInfo
3. NetworkOffer
4. Network preferences
Bug: 303348620
Test: atest FrameworksNetTests
Change-Id: I7e2f1954c91409f3bf0daf01300e34ce73e311cb
(mostly to improve code coverage)
We can always revert if it ever turns out this is useful,
but I'd prefer for cgroup attach to be a once-at-boot
thing and handled either from bpfloader or the netd updatable
which are both directly C++ code.
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I79b5ca8a47388cb6b9189234942e74ab6056aab9
The performPoll method in the NetworkStatsService can be called
for many reasons, such as RAT changed events, LinkProperties
changed events, open session method calls, forceUpdate method
calls, etc.
However, the current logging is not sufficient to trace down
the caller of performPoll. This makes it difficult to debug
frequent poll issues or performance problems.
Adding debug log to logcat is not an option, given that
performPoll might run several times per second by system server
callers.
This change adds a reason code to the performPoll method and
a helper class to log performPoll events. This will allow us
to track down the caller of performPoll and better understand
why it is being called frequently or causing performance
problems.
This change also introduces a PollEvent object, which can be
used to put related information in subsequent changes when
logging.
Sample output:
Poll counts per reason:
DUMPSYS: 0
FORCE_UPDATE: 6
GLOBAL_ALERT: 0
NETWORK_STATUS_CHANGED: 3
OPEN_SESSION: 0
PERIODIC: 1
RAT_CHANGED: 1
REG_CALLBACK: 3
REMOVE_UIDS: 0
UPSTREAM_CHANGED: 1
Recent poll events:
2023-10-04T02:47:12.937370 - Poll(flags=3, PollEvent{reason=REG_CALLBACK})
2023-10-04T02:47:13.178559 - Poll(flags=3, PollEvent{reason=FORCE_UPDATE})
Test: manual
Test: atest FrameworksNetTests:android.net.connectivity.com.android.server.net.NetworkStatsEventLoggerTest
Test: atest FrameworksNetTests:android.net.connectivity.com.android.server.net.NetworkStatsServiceTest
Bug: 301141955
Change-Id: Ic6d0543ccdef12493385f45200199854b841a26b
A helper class to *read* java BpfMaps. This is designed to
provide direct bpf access in the caller process through
ConnectivityManager APIs.
The change also removes any statical link to
net-utils-device-common-struct from service-connectivity.
This is because net-utils-device-common-struct is already
included in framework-connectivity. Including it again in
service-connectivity would create a r8 build fail by circular
dependency.
Test: atest FrameworksNetTests:android.net.connectivity.com.android.server.BpfNetMapsTest
Test: atest ConnectivityCoverageTests:android.net.connectivity.com.android.net.module.util.StructTest
Test: atest FrameworksNetTests:android.net.connectivity.android.net.BpfNetMapsReaderTest
Bug: 297836825
Change-Id: I7a6d2eb816d0dc7343167bddd672806b199f44fe
* changes:
Add tests for always on lockdown VPN on system user.
Remove MockVpn.setAlwaysOnPackage() non-lockdown.
Mock onUserAdded() and onUserRemoved()
Refactor helper method to return integer ranges.
Add tests for onUserAdded and onUserRemoved
Call setRequireVpnForUids() directly to mock an always on Vpn
being enabled instead of calling the real Vpn method.
Bug: 230548427
Test: atest FrameworksNetTests
Change-Id: I63d6547104cc6ee984413d4cf6027ceecd301ecc
Add test coverage for Vpn.setAlwaysOnPackage() where the caller
is system user to ensure uid = 0 is not restricted.
Bug: 230548427
Test: atest FrameworksNetTests
Change-Id: Id9f81fdf0147597f64f8440b971930b3bd7b55e5
Remove calls to MockVpn.setAlwaysOnPackage() where lockdown is
false as this does not cause any changes to occur. Also verify
setRequireVpnForUids() is not called for this case in VpnTest.
Bug: 230548427
Test: atest FrameworksNetTests
Change-Id: I3428e8b31b02975975be9e943e1f88cf0e80c5ee
Replace calls to onUserAdded() and onUserRemoved() to their
equivalent setUids() or setRequireVpnForUids() calls.
Note coverage for the calls to Vpn were added in VpnTest.
Bug: 230548427
Test: atest FrameworksNetTests
Change-Id: Ifa895f71f78bd3376216fd2759c7a5a33cd3aff1
Calls to setRequireVpnForUids() for Vpn lockdown actually uses a
List instead of a Set of integer ranges.
Add intRangesExcludingUids() to return the needed List of integer
ranges and replace relevant usages of UidRange.toIntRanges() with
it.
Bug: 230548427
Test: atest FrameworksNetTests
Change-Id: I61cd4751ce2faeb129daa5ad5da7181e3c1df73c
The TTL check and removal of expired services is currently only
performed when a mDNS query is sent. This can result in expired
services remaining in the cache if no queries are sent. To
address this, the remaining TTL will be checked when retrieving
services from the MdnsServiceCache. Add a new flag to enable
the expired services removal feature. This feature will be
implemented in subsequent changes.
Bug: 265787401
Bug: 304649384
Test: atest FrameworksNetTests CtsNetTestCases
Change-Id: I30f0eea568ee45d363cc02821de0921d6040f981
I0afdda023208c3f8620cb5b89add66448af596d7 added some assertions
to ensure NetworkAgentInfo can only be accessed from the handler
thread. This is good to eliminate any potential concurrent
accessing problem. Howver, dumpsys runs on binder thread, this
change breaks dumpsys functionality.
Thus, this change:
1. Copy Handler#runWithScissors() and related class
locally since they are @hide methods.
2. Run doDump on the handler thread and waits for return.
Test: adb shell dumpsys connectivity
Test: atest FrameworksNetTests:android.net.connectivity.com.android.server.HandlerUtilsTest
Fix: 303348620
Change-Id: Ic3a22f5d370bbf8c18b1972e86d695b6ad61bd0d
