Add ContentObserver to observe the status of
NETSTATS_COMBINE_SUBTYPE_ENABLED to determine that
NetworkStatsSubscriptionsMonitor start or stop
monitoring data usage per RAT type changes.
Bug: 154080515
Test: atest NetworkStatsServiceTest#testDynamicWatchForNetworkRatTypeChanges
Change-Id: I272d589633c9186b45753228b05aa0b40b7c7b89
Bug: 154080205
Test: atest FrameworksNetTests:com.android.server.net.NetworkStatsSubscriptionsMonitorTest
(copy from ag/11788484 but getActiveAndHiddenSubscriptionIdList() since it's renamed
in internal)
Change-Id: Ia162f36efe96d90b2f6f70190d9fa855bba34484
Merged-In: I4ef3f1ab2e5ea1322133edd80db3ccd0022e9c91
In NetworkStatsService, mStatsLock will be held when
iterating through the provider list. This is to protect the list
from concurrent broadcast that triggered by
NetworkPolicyManagerService. This is not good since the binder
call is oneway, it does not make sense to block every
access to the providers.
This change also remove unuse variable and reduce verbose log.
Test: atest FrameworksNetTests TetheringTests
Bug: 150418178
Change-Id: If74e9f2ea597a0d5ae4668c3358bc687f342bbb5
Merged-In: If74e9f2ea597a0d5ae4668c3358bc687f342bbb5
(cherry picked from commit 5d8f96c6967d5b1a42ba374521078e75a9e6f187)
IpSecService.applyTunnelModeTransform() currently does not take an
SpiRecord instance, yet implicitly requires that the SpiRecord instance
is still alive based on the stored SpiRecord resourceId in
the TransformRecord's IpSecConfig.
This check is unnecessary, as the SpiRecord has been subsumed into the
TransformRecord, and the kernel resources are kept alive whether or
not the SpiRecord is still held by the user.
This allows users of the IpSecManager API to allocate short-lived SPIs
during the creation of an IpSecTransform, without having to keep track
of both of them (even though the SPI is no longer usable).
The TransformRecord.getSpiRecord() call is already used in
multiple other places in the same method.
Bug: 142072071
Test: New tests added, passing.
Change-Id: I1959f3080946267243564459ff4207647922566e
Merged-In: I1959f3080946267243564459ff4207647922566e
(cherry picked from commit 5258b1b82f39bf17e0751bcb94479464250aaec5)
There is a corner case which may cause the deadlock:
When NetworkStatsService tried to broadcast the intent,
NetworkStatsService was waiting for a lock which was hold by
ActivityManagerService. In the same time, ActivityManagerService
was waiting for ActiveService#startServiceInnerLocked() to get a
lock which was hold by ConnectivityService. ConnectivityService
was waiting for a lock which was hold by BatteryStatsImpl.
BatteryStatsImpl was waiting for a lock which was hold by
NetworkStatsService, and the lock was locked by
NetworkStatsService when NetworkStatsService tried to broadcast
the intent.
To prevent deadlock when broadcasting the intent in
performPollLocked(), move the intent broadcasting from
performPollLocked() to NetworkStatsHandler.
Bug: 150418178
Bug: 155155473
Test: 1. Create the second user and see if the device will
do factory reset or not.
2. Factory reset manually and see if there is a deadlock.
Change-Id: I80569cb4388beb3fd6cbf64a7885bccee8b1c53c
Merged-In: Icf88d3e7a38562ab15187f6c71bc8fb0486d37c0
(cherry picked from commit 3f8ab0350450202910ea702799570c538e96d5cd)
There is a corner case which may cause the deadlock:
When NetworkStatsService tried to broadcast the intent,
NetworkStatsService was waiting for a lock which was hold by
ActivityManagerService. In the same time, ActivityManagerService
was waiting for ActiveService#startServiceInnerLocked() to get a
lock which was hold by ConnectivityService. ConnectivityService
was waiting for a lock which was hold by BatteryStatsImpl.
BatteryStatsImpl was waiting for a lock which was hold by
NetworkStatsService, and the lock was locked by
NetworkStatsService when NetworkStatsService tried to broadcast
the intent.
To prevent deadlock when broadcasting the intent in
performPollLocked(), move the intent broadcasting from
performPollLocked() to NetworkStatsHandler.
Bug: 150418178
Bug: 155155473
Test: 1. Create the second user and see if the device will
do factory reset or not.
2. Factory reset manually and see if there is a deadlock.
Change-Id: Icf88d3e7a38562ab15187f6c71bc8fb0486d37c0
In NetworkStatsService, mStatsLock will be held when
iterating through the provider list. This is to protect the list
from concurrent broadcast that triggered by
NetworkPolicyManagerService. This is not good since the binder
call is oneway, it does not make sense to block every
access to the providers.
This change also remove unuse variable and reduce verbose log.
Test: atest FrameworksNetTests TetheringTests
Bug: 150418178
Change-Id: If74e9f2ea597a0d5ae4668c3358bc687f342bbb5
NetworkStats calculation needs to filter out debug entries to
prevent over counting. While NetworkStatsFactory migrates data
usage over a VPN to the TUN network, NetworkStatsFactory does
not filter out debug entries per vpn which will cause debug
entries left and cause exception.
Bug: 152678151
Test: atest com.android.server.net.NetworkStatsFactoryTest
and verify no exception
Change-Id: I3525edc385b07858b48c7add2d331c4b5a2e84ad
Merged-In: I3525edc385b07858b48c7add2d331c4b5a2e84ad
NetworkStats calculation needs to filter out debug entries to
prevent over counting. While NetworkStatsFactory migrates data
usage over a VPN to the TUN network, NetworkStatsFactory does
not filter out debug entries per vpn which will cause debug
entries left and cause exception.
Bug: 152678151
Test: atest com.android.server.net.NetworkStatsFactoryTest
and verify no exception
Change-Id: I3525edc385b07858b48c7add2d331c4b5a2e84ad
The NetworkStatsService.getUidStats() currently doesn't have any
permission check to make sure unpriviledged apps cannot read the stats
of a different uid. It will protentially have security problem since
apps with ACCESS_NETWORK_STATS permission can directly calling into
NetworkStatsService and bypass the check in TrafficStats. Move the uid
check from TrafficStats to NetworkStatsService to fix the problem.
Bug: 129151407
Test: atest AppSecurityTests#testAppFailAccessPrivateData_full
Test: atest AppSecurityTests#testAppFailAccessPrivateData_instant
Test: atest android.app.usage.cts.NetworkUsageStatsTest
Test: atest NetworkStatsBinderTest
Change-Id: Iae85676cfe5f114da69ec278afc2c904bc907234
This method is used in TrafficStats to obtain the snapshot for the
calling UID, so narrow it to only return data for that specific case.
We might be tempted to throw an exception or adjust the method
signature, but apps are using the raw AIDL in the greylist, so we
return them an empty NetworkStats if they ask about other UIDs.
Bug: 119672472
Test: manual
Change-Id: I3064630039f1d8473d6425dd663f17813a4ae3a1
In current design, Rat type change in NSS is only for default
subscription. This is only correct for single sim project.
However, it does not correct for multi-sim scenarios such as
CBRS or DSDS, given that all data usage will be attributed
to the Rat type of default sub.
Thus, add a helper class to monitor subscription change event,
and register/unregister dynamically for Rat type change for
every subscription.
Note that unit test of the helper class will be addressed
in follow-up patch.
Test: m -j
Bug: 146415925
Change-Id: I0055f6b55c209a073ce997fc7a144477f9db7069
Merged-In: I0055f6b55c209a073ce997fc7a144477f9db7069
(cherry picked from ag/10977156 and fixed conflict)
In current design, Rat type change in NSS is only for default
subscription. This is only correct for single sim project.
However, it does not correct for multi-sim scenarios such as
CBRS or DSDS, given that all data usage will be attributed
to the Rat type of default sub.
Thus, add a helper class to monitor subscription change event,
and register/unregister dynamically for Rat type change for
every subscription.
Note that unit test of the helper class will be addressed
in follow-up patch.
Test: m -j
Bug: 146415925
Change-Id: I0055f6b55c209a073ce997fc7a144477f9db7069
Merged-In: I0055f6b55c209a073ce997fc7a144477f9db7069
(cherry picked from commit 306de26c138ec135846f2a74a952464cf00dce54)
This change makes IPsec tunnel interfaces automatically get brought up
once they are created. Originally this was considered to be an
additional safety check, as they would not be start routing traffic
until explicitly brought up. However, in the intervening time, the
NetworkManagementController now requires the NETWORK_STACK permission to
set an interface as up. Additionally, that call is a hidden API, and
thus not usable for use cases such as IWLAN.
Bug: 149348618
Test: FrameworksNetTests, CtsNetTestCases passing.
Change-Id: I55b63a748463a388e1e2991d2d5d6b3023545e60
Merged-In: I55b63a748463a388e1e2991d2d5d6b3023545e60
(cherry picked from commit 7c5704d177a903034ae1b6ae4800cc3b8457977a)
IPsec resource counts were selected to be conservative, due to unknowns
about device capabilities. Since then, it appears that we no longer need
such stringent quotas, and this can be relaxed.
Bug: 152368091
Test: FrameworksNetTest passing
Change-Id: Id53d14e5698e5fcc410868424176b00350c7ae79
Merged-In: Id53d14e5698e5fcc410868424176b00350c7ae79
(cherry picked from commit 224699fc0b485dd75e6157a88f66a53d64e5a6fd)
Note that enabling/disabling would not take effect until device
reboot. This will be addressed in follow-up patch.
Test: 1. atest NetworkStatsServieTest SettingsBackupTest
2. adb shell settings put global netstats_combine_subtype_enabled 1|0
Bug: 146415925
Change-Id: Ic94da540afa479ed18f1b6fbda4ae3216c37476b
Merged-In: Ic94da540afa479ed18f1b6fbda4ae3216c37476b
(cherry picked from commit 550d61b8fa and
fix merge conflict in SettingsBackupTest)
Switch on the recording in device side. Metrics will be
collected in follow-up patches which can be independently
enabled/disabled.
This change also fix the fail in NetworkStatsCollectionTest
which caused by enabling this feature, where the rounding
problem happened when records are distributed into smaller
buckets and categorized into more NetworkIdentity.
Test: atest FrameworksNetTests
Bug: 129082217
Change-Id: If330e85330a4ff713dd420c98d42fa741eabd90a
Merged-In: If330e85330a4ff713dd420c98d42fa741eabd90a
(cherry picked from commit ff1d70e364)
Previously network stats could be recorded by different rat type.
However, the feature was disabled by ag/173504 since rat type
frequently flapping between HSPA+ and UMTS.
Given that this feature might be useful for collecting metrics,
re-implement it based on current architecture and reduce the
overhead introduced by frequently flapping by:
1. only react when rat type changes between 2G/3G/4G/5G.
2. reduce the number of records by only recording a subset
of rat type that represented for a given network class.
3. enforce 1 second rate limit if flapping too much.
Note that the feature is still disabled but will be enabled
in follow-up patches.
Test: manual test
Bug: 129082217
Change-Id: Ic6b2f10f2c8b082820e0662eb9cee70d70d28cd6
Merged-In: Ic6b2f10f2c8b082820e0662eb9cee70d70d28cd6
(cherry picked from commit 20f4805aad)
Note that enabling/disabling would not take effect until device
reboot. This will be addressed in follow-up patch.
Test: 1. atest NetworkStatsServieTest SettingsBackupTest
2. adb shell settings put global netstats_combine_subtype_enabled 1|0
Bug: 146415925
Change-Id: Ic94da540afa479ed18f1b6fbda4ae3216c37476b
Merged-In: Ic94da540afa479ed18f1b6fbda4ae3216c37476b
(cherry picked from commit c4f77ac90bf2e48a655ad19b162fe74a23bf3fb0)
Switch on the recording in device side. Metrics will be
collected in follow-up patches which can be independently
enabled/disabled.
This change also fix the fail in NetworkStatsCollectionTest
which caused by enabling this feature, where the rounding
problem happened when records are distributed into smaller
buckets and categorized into more NetworkIdentity.
Test: atest FrameworksNetTests
Bug: 129082217
Change-Id: If330e85330a4ff713dd420c98d42fa741eabd90a
Merged-In: If330e85330a4ff713dd420c98d42fa741eabd90a
(cherry picked from commit 2d4fa2c0fae8c2d79a25093d9f732a33c2f91dd4)
Previously network stats could be recorded by different rat type.
However, the feature was disabled by ag/173504 since rat type
frequently flapping between HSPA+ and UMTS.
Given that this feature might be useful for collecting metrics,
re-implement it based on current architecture and reduce the
overhead introduced by frequently flapping by:
1. only react when rat type changes between 2G/3G/4G/5G.
2. reduce the number of records by only recording a subset
of rat type that represented for a given network class.
3. enforce 1 second rate limit if flapping too much.
Note that the feature is still disabled but will be enabled
in follow-up patches.
Test: manual test
Bug: 129082217
Change-Id: Ic6b2f10f2c8b082820e0662eb9cee70d70d28cd6
Merged-In: Ic6b2f10f2c8b082820e0662eb9cee70d70d28cd6
(cherry picked from commit 15ab452e7e3f00289fbedbdb86c512ad560dda7e)
Currently, in NetworkStats, there are many methods to manipulate
the records. However, some methods are similar and ambiguous,
such as addEntry, addValues, setValues, addIfaceValues,
combineValues and combineAllValues.
Thus, properly grouping and renaming methods are necessary.
In this change, for methods that add one record unconditionally,
name them insertEntry.
setIfaceValues -> insertEntry
addEntry -> insertEntry
Test: atest FrameworksNetTests ImsPhoneCallTrackerTest TetheringTests
Test: m doc-comment-check-docs
Bug: 148895143
Change-Id: I801ddc49e283a254b9586700c9b597c0adb0d459
Merged-In: I801ddc49e283a254b9586700c9b597c0adb0d459
(cherry picked from aosp/1256352)
Currently, registerNetworkStatsProvider requires the
UPDATE_DEVICE_STATS permission. This is a privileged permission
so it can be granted to preinstalled apps. Thus, apps like
GmsCore, or preinstalled apps will be able to update network stats.
This change checks for a new permission that would only allow
signature apps to declare that. Also check
MAINLINE_NETWORK_STACK permission to allow NetworkStack process
to use it.
Test: adb shell dumpsys netstats
Test: atest FrameworksNetTests
Bug: 149652079
Change-Id: Iaecbf10a7610461bd52e315659006c7332c416e6
Merged-In: Iaecbf10a7610461bd52e315659006c7332c416e6
Merged-In: Idfebd0a1988c3dcfd812d87e30f6a2034d6fbf6b
(cherry picked from commit e9e8d8f9ff096c1723eba1d74b17bb7cade7f23b)
This is shameless copied from ConnectivityService and plan to be
used in follow-up change. For long term perspective we should
have a permission util that contains those util in one place.
Test: m -j
Change-Id: If70e6e831c0386b604d0151cc0650f68457b6e5f
Merged-In: If70e6e831c0386b604d0151cc0650f68457b6e5f
Merged-In: I837545b54f36c8f21c878cbb1fd028ff23be6cb8
Bug: 149652079
(cherry picked from commit 4da7af7e7e4a0d3360cd41e98e4d6fa731d21515)
Currently, in NetworkStats, there are many methods to manipulate
the records. However, some methods are similar and ambiguous,
such as addEntry, addValues, setValues, addIfaceValues,
combineValues and combineAllValues.
Thus, properly grouping and renaming methods are necessary.
In this change, for methods that add one record unconditionally,
name them insertEntry.
setIfaceValues -> insertEntry
addEntry -> insertEntry
Test: atest FrameworksNetTests ImsPhoneCallTrackerTest TetheringTests
Test: m doc-comment-check-docs
Bug: 148895143
Change-Id: I801ddc49e283a254b9586700c9b597c0adb0d459
This change makes IPsec tunnel interfaces automatically get brought up
once they are created. Originally this was considered to be an
additional safety check, as they would not be start routing traffic
until explicitly brought up. However, in the intervening time, the
NetworkManagementController now requires the NETWORK_STACK permission to
set an interface as up. Additionally, that call is a hidden API, and
thus not usable for use cases such as IWLAN.
Bug: 149348618
Test: FrameworksNetTests, CtsNetTestCases passing.
Change-Id: I55b63a748463a388e1e2991d2d5d6b3023545e60
IPsec resource counts were selected to be conservative, due to unknowns
about device capabilities. Since then, it appears that we no longer need
such stringent quotas, and this can be relaxed.
Test: FrameworksNetTest passing
Change-Id: Id53d14e5698e5fcc410868424176b00350c7ae79
