EthernetTetheringTest needs to parse BPF map content for IPv4
forwarding rule tests. Move the struct class files to common
libs.
Compare Tether4{Key, Value}.java between frameworks/libs/net/common
and packages/modules/Connectivity/Tethering.
There is only the package name change as expected.
$ diff packages/modules/Connectivity/Tethering/src/com/android/networkstack/tethering/Tether4Key.java frameworks/libs/net/common/device/com/android/net/module/util/bpf/Tether4Key.java
17c17
< package com.android.networkstack.tethering;
---
> package com.android.net.module.util.bpf;
$ diff packages/modules/Connectivity/Tethering/src/com/android/networkstack/tethering/Tether4Value.java frameworks/libs/net/common/device/com/android/net/module/util/bpf/Tether4Value.java
17c17
< package com.android.networkstack.tethering;
---
> package com.android.net.module.util.bpf;
Test: atest TetheringCoverageTests
Change-Id: I73c180fa4129aefde1e64ecbafe928f388b061d6
This reverts commit 299a81157c.
Reason for revert:
Stop releasing this commit because it needs more test coverage.
Bug: 190783768
Bug: 192804833
Change-Id: I6a0d93e04814ae73e1ec7d6fd4df19e1d2787207
Test: atest TetheringCoverageTests
Needed because a payload data packet may have gone through
non-offload path, before we added offload rules, and that this
may result in in-kernel conntrack state being in ESTABLISHED
but pending ACK (ie. UNACKED) state. But the in-kernel conntrack
might never see the ACK because we just added offload rules.
As such after adding the rules we need to force the timeout back
to the normal ESTABLISHED timeout of 5 days.
Issue: the timeout is set to unacknowledged 300s (countdwon to 298s)
$ adb shell cat /proc/net/nf_conntrack
ipv4 2 tcp 6 298 ESTABLISHED src=192.168.244.128
dst=140.112.8.116 sport=45694 dport=443 ..
Test: atest TetheringCoverageTests
Manual check:
$ adb shell cat /proc/net/nf_conntrack
ipv4 2 tcp 6 431988 ESTABLISHED src=192.168.40.162
dst=140.112.8.116 sport=40774 dport=443 ..
Bug: 190783768
Bug: 192804833
Change-Id: I8c34e85e26c9d976e5e2b85473db75ff46d8abd4
The condition for deleting IPv4 forwarding rules.
1. When the tethering client has gone, deletes the client and its
rules.
2. When the upstream has gone, deletes all rules.
3. When the upstream has changed, deletes all rules.
Test: atest TetheringCoverageTests and check IPv4 offload rules
via dumpsys tethering in the following test cases.
Bug: 190783768
Test cases:
a. Loss upstream interface while tethering
1. Enable WIFI tethering
2. Disable upstream interface
3. Check the rules are removed.
b. Loss downstream interfaces while tethering
1. Enable WIFI tethering
2. Enable BT tethering
3. Disable BT tethering
4. Check the BT tether rules are removed.
5. Disable WIFI tethering
6. Check the WIFI tether rules are removed.
c. Switch upstream interface while tethering
1. Enable WIFI tethering
2. Enable BT tethering
3. Switch upstream interface from cellular to wifi.
4. Check all rules are removed.
d. Enable NAT failure (manual)
Log:
The rule deletion in each case.
- IpServer#stopIPv4: case b and case d.
- BpfCoordinator#updateUpstreamNetworkState: case a and case c.
Test case a
06-23 09:58:59.245 [...] Tethering: [BpfCoordinator]
updateUpstreamNetworkState tetherOffloadRule4Clear wlan2
Test case b
06-07 22:17:51.886 [..] Tethering: [bt-pan] cleanupUpstream bt-pan
06-07 22:17:51.888 [..] Tethering: [bt-pan] stopIPv4 bt-pan
06-07 22:18:23.769 [..] Tethering: [wlan2] cleanupUpstream wlan2
06-07 22:18:23.772 [..] Tethering: [wlan2] stopIPv4 wlan2
Test case c
06-08 11:11:48.277 [..] Tethering: [BpfCoordinator]
updateUpstreamNetworkState tetherOffloadRule4Clear bt-pan
06-08 11:11:48.396 [..] Tethering: [BpfCoordinator]
updateUpstreamNetworkState tetherOffloadRule4Clear wlan2
06-08 11:11:48.579 [..] Tethering: [wlan2] cleanupUpstreamInterface
wlan2
06-08 11:11:48.808 [..] Tethering: [bt-pan] cleanupUpstreamInterface
bt-pan
Enabling NAT failure
06-08 13:04:18.117 [..] Tethering: [wlan2] Exception enabling NAT [..]
06-08 13:04:18.234 [..] Tethering: [wlan2] cleanupUpstream wlan2
06-08 13:04:18.246 [..] Tethering: [wlan2] stopIPv4 wlan2
Change-Id: Id505a3deb277bbe0f44403234d8ca8bbf01eec80
Required because XDP offload needs input interface mac address
to be a part of the key. The mac address is used for checking
packets which are received from exceped input interface.
Test: atest TetheringCoverageTests, TetheringPrivilegedTests
Change-Id: Ied159454b516c0d70efe0a85744d1bb606892f2d
Currently, BpfCoordinator only sets the data limit on a given
upstream whenever the first IPv6 rule is created on that
upstream, and clears it whenever the last rule is deleted on that
upstream. It never does this when adding or removing IPv4 rules.
This makes it impossible to offload traffic on IPv4-only
networks.
Fix this by setting the limit when IPv4 rules are created or
deleted as well.
Test: atest TetheringCoverageTests
Manual tests as the follows
Test {add, clear} limit with IPv6-only network [OK]
Test {add} limit with IPv4-only upstream [OK]
TODO:
Test {clear} limit with IPv4-only network. blocked by aosp/1579873
because the IPv4 rules have never deleted.
Change-Id: I5a29bdd18e564318759f617023163e23fb5a3ed0
Migrate Maze's BPF program attaching and detaching functions from
system/netd/server/OffloadUtils.{c, h} to tethering module.
Test: atest TetheringCoverageTests
Test case #1:
Enable WiFi hotspot and check tc filters are added or removed on both
wlan1 and rmnet_data#.
$ adb shell tc filter show dev wlan1 ingress
filter protocol ipv6 pref 1 bpf chain 0
filter protocol ipv6 pref 1 bpf chain 0 handle 0x1
prog_offload_schedcls_tether_upstream6_ether:[*fsobj] direct-action
not_in_hw id 2 tag 7cf020cc09a7c982
filter protocol ip pref 2 bpf chain 0
filter protocol ip pref 2 bpf chain 0 handle 0x1
prog_offload_schedcls_tether_upstream4_ether:[*fsobj] direct-action
not_in_hw id 7 tag 2f87d55b636c082c
$ adb shell tc filter show dev rmnet_data2 ingress;
filter protocol ipv6 pref 1 bpf chain 0
filter protocol ipv6 pref 1 bpf chain 0 handle 0x1
prog_offload_schedcls_tether_downstream6_rawip:[*fsobj] direct-action
not_in_hw id 3 tag 8b3885b75bd261de
filter protocol ip pref 2 bpf chain 0
filter protocol ip pref 2 bpf chain 0 handle 0x1
prog_offload_schedcls_tether_downstream4_rawip:[*fsobj] direct-action
not_in_hw id 6 tag b1c9478c91f8df9a
Test case #2:
Enable USB tethering and check tc filters are added or removed on both
rndis0 and rmnet_data#.
Test case #3:
Enable WiFi and USB tethering and check tc filter are added or removed
on rndis0, wlan1 and rmnet_data#.
Change-Id: I3f9a65043271bc8f5bf1b82ae505c471625ca9de
Add code to BpfCoordinator to dump upstream IPv4 and IPv6 rules.
For IPv4, currently only the upstream map is printed, because the
downstream map is expected to be symmetrical.
Example output:
=============
21(21) -> 12(rmnet_data2) 86dd 00:00:00:00:00:00 00:00:00:00:00:00
[wlan1]: iif(iface) oif(iface) v6addr srcmac dstmac
12(rmnet_data2) 21(wlan1) /2001:240:2425:b5dc:21a9:995d:bc57:bc37 b2:b5:e0:24:21:c2 ca:06:8d:54:99:ad
[IPv4]: iif(iface) oif(iface) src nat dst
21(21) 12(rmnet_data2) 192.168.16.247:41544 -> 100.101.80.108:41544 -> 216.239.36.135:443
21(21) 12(rmnet_data2) 192.168.16.247:42028 -> 100.101.80.108:42028 -> 8.8.4.4:853
21(21) 12(rmnet_data2) 192.168.16.247:42032 -> 100.101.80.108:42032 -> 8.8.4.4:853
21(21) 12(rmnet_data2) 192.168.16.247:42042 -> 100.101.80.108:42042 -> 8.8.4.4:853
21(21) 12(rmnet_data2) 192.168.16.247:41816 -> 100.101.80.108:41816 -> 8.8.8.8:853
21(21) 12(rmnet_data2) 192.168.16.247:42040 -> 100.101.80.108:42040 -> 8.8.4.4:853
=============
Also make it possible to do "dumpsys tethering bpf" and get only
the BPF dump.
Test: manual
Change-Id: I2aaa2fdda7d724994090c26feff585f24cd3283b
- Add methods to start and stop IPv6 forwarding upstream
- Populate the upstream IPv6 map when the first rule for any
upstream/downstream pair is created.
- Clear the upstream IPv6 map when the last rule for any
upstream/downstream pair is deleted.
Test: Added coverage to IpServerTest and BpfCoordinatorTest
Change-Id: Ib041081e95f5f449489ab63138de034222ffac8f
The two value types are identical so there is no need to have
separate classes for them.
Test: atest TetheringTests
Change-Id: Ia622b082d0a44373d21f51222f5e675e5bde08e0
Access the IPv4 downstream and upstream BPF map with the built rules.
Test: atest TetheringCoverageTests
Change-Id: I8cd6e49b377c72250988019eea57f93cccd78309
