This change is a combination of following changes:
1) Tethering: add TETHERING_WIGIG type
Currently both WIFI and WIGIG use the same tethering type,
TETHERING_WIFI. This causes conflicts between the frameworks,
when both WIFI and WIGIG SoftAPs are started, one or both will
not work.
Fix this by using a seperate tethering type for WIGIG.
2) Tethering: remove TETHERING_WIGIG state machine on interface down
The wigig state machine relies on a TETHERING_STATE_CHANGED broadcast
that is sent when the tethering state machine is first created, during
interface up. Currently the tethering state machine is not removed
on interface down except for TETHERING_BLUETOOTH, and as a result
wigig tethering only works the first time SoftAP is started.
In order to fix this, remove the tethering state machine on interface
down for TETHERING_WIGIG as well.
Bug: 143356416
Test: TetheringCoverageTests
Change-Id: Ic4d3aca0ed69234093af7f0206dab3335938c52a
There is a protection in Settings that Settings would gray out if
tethering requires entitlement check but the entitlement app is
invalid. Tethering resource is moved from framework to tethering
module, so Settings can not fetch entitlement app name anymore.
In this change, tethering module would check whether entitltement app
package name is exsited if entitlement check is needed. Tethering would
be not supported (Settings tethering option would be hidded) if
entitlement app is not installed.
After moving the protection into tethering module,
TetherUtil#isProvisioningNeeded is no longer needed. Because The
only use case is Settings wants to gray out tethering setting
when entitltement check is needed but entitlement app is invalid.
Bug: 146918263
Test: atest TetheringCoverageTests
Change-Id: I9a5ff5dbc1db3f3be7fcd7146862a16b373507e6
Merged-In: I9a5ff5dbc1db3f3be7fcd7146862a16b373507e6
Tethering resource configuration is move from framwork to tethering
module. Since tethering resource would not be accessible from outside
of tethering module, EntitlementManager would tell Settings the
entitlement configuration via intent extra when run entitlement check.
Bug: 146918263
Test: atest TetheringTests
Change-Id: I6f23553bb1da5f0b767f920b32a86fafb9e00b9e
Merged-In: I6f23553bb1da5f0b767f920b32a86fafb9e00b9e
When LAN link is changed for using ethernet interface from Ethernet tethering to Ethernet,
there is confiict as Ethernet Tethering is trying to make ethernet link down and Ethernet is trying to make ethernet link up.
So, this would make Ethernet only manage ethernet interface link state.
Test: manual
Bug: 130840861
Change-Id: I1cd40ae764bdeecbb59e3889e9399b7f4b05f9cc
1. When Wi-Fi enabled, ap0 interface is added and IpNeighborMonitor's
start() is invoked in IpServer's constructor.
2. There's no stop for IpNeighborMonitor when IpServer stop.
3. During overnight test for Wi-Fi, networkstack is too slow to
process request due to memory leak in IpNeighborMonitor and
binder buffer is blocked causing exception.
Solution: Invoke IpNeighborMonitor.stop() in UnavailableState.enter().
Bug: 159097215
Test: automatic, turn on and off Wi-Fi every 6 seconds overnight
Change-Id: I8f60c13706f05306e8f25a15f7861d7ecabbc10e
The BPF tethering coordinator listens to the forwarding rule
changes for updating data limit which is applied in the following
conditions.
- After adding the first rule on a given upstream, add data limit.
- After removing the last rule on a given upstream, clear data limit.
- The service applies a new data limit on current upstream.
The reason for relying on rule changes is because the Tethering and
IpServer objects have multi-internal state machines. It is hard to
synchronize all of their states.
Note that the data limit cleanup for stopping or switching upstream
relies on offload rules are all removed as well.
Bug: 150736748
Test: manual
Change-Id: I829d36339973f9473fe6b616c48aa288f18d1c46
Invoke the existing polling thread to update data alert statistics.
Once the data alert limit has reached, trigger the notification.
Bug: 150736748
Test: BpfCoordinatorTest
Change-Id: Ibf25560ca2e9f003d8eba01361dc7d35ec1b1627
Currently tethering notification is sending a pending intent for
redirecting user to tether settings page. However, this intent
is implicit that only create with
Settings.ACTION_TETHER_SETTINGS. For security reasons, this
intetnt should specify an explicit component to be delivered to.
Thus, specify the settings package name to this intent.
Test: atest TetheringTests
Bug: 156353008
Change-Id: I49187aee8a004caa890e2a73c0a28d280215c7d4
This effectively reverts:
commit da0fb1bca8
Author: Maciej Żenczykowski <maze@google.com>
Date: Wed Feb 19 01:24:39 2020 -0800
Reduce advertised ipv6 mtu by 16 to fit ethernet header
This is a temporary hack to workaround the inability of current
kernel's ebpf bpf_skb_change_mode() function to prefix a 14-byte
ethernet header on to a packet without going over the upstream
(source, rawip) interface's mtu *before* we bpf_redirect() to
the downstream (destination, ethernet) interface.
Test: build, atest, atest TetheringTests
Bug: 149816401
Test: flashed a flame with new kernel and it works at 1500 mtu
Bug: 149816401
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I76a75a16fa27b47d78816b2f9379ef4bb68beb00
Merged-In: I76a75a16fa27b47d78816b2f9379ef4bb68beb00
This is a preparation for moving adding/removing forwarding rules from
IpServer to BpfCoordinator.
Bug: 150736748
Test: atest IpServerTest
Change-Id: I85316ef09ff3c9389ded11dcc384493d699da48e
Verify that the coordinator could fetch tether stats from BPF maps and
report the network stats to the service.
Bug: 150736748
Test: atest BpfCoordinatorTest
Change-Id: Ib1756159a2047c5db7d31359b0f288f840bd1bb1
Make BPF tethering offload coordinator, BpfCoordinator,
registers a network stats provider, BpfTetherStatsProvider, and
provide the tethering stats from the BPF map.
Bug: 150736748
Test: new test BpfCoordinatorTest
Change-Id: I22e71f87b67668f7e733e4f215d93bf5b2c9380d
Used to record offload transmitted/received forwarded bytes/packets.
Bug: 150736748
Test: new test BpfTetheringCoordinatorTest
Change-Id: Ie8725f95c3ddd5fb3811d479de32d2c1f7dcb493
Shell has TETHER_PRIVILEGED permission. To avoid any service to adopt
shell identity by lunching service with Shell process, gate
exemptFromEentitlementCheck by NETWORK_STACK.
Bug: 157702014
Test: atest TetheringCoverageTests
Change-Id: I6ddfda23d36ea9981e3e1eb5a87767f452a65852
1. Call maybeRemoveDeprecatedUpstreams from Tethering rather than inside
PrivateAddressCoordinator because the building logic of this method based
on implementation details of Tethering.
2. Fix typo
Bug: 130879722
Test: -build, flash, boot
-atest TetheringTests
Change-Id: I7584253b728bc17fc648fc19e492ca9f7ad2ff46
- Add New class PrivateAddressCoordinator to coordinate the private
address conflict problem.
- Downstream prefix would be random in 192.168.0.0/24 ~
192.168.255.0/24.
- If new upstream prefix is conflict with existing downstream prefix,
downstream would be kicked out and it would request a new one.
- The last conflict upstream prefixes would be blacklist. Avoid to
select downstream prefix which is conflict with prefixes in blacklist.
Bug: 130879722
Test: -build, flash, boot
-atest TetheringTests
Change-Id: Ib45b87bcd9eeb5da03fb7ec90b1af9ca53998cf5
If upstream is cellular, set the TTL in Router Advertisements to
"network-set TTL - 1" for carrier requirement. For other non-cellular
upstream, set TTL as "network-set TTL + 1" to preventing arbitrary
distinction between tethered and untethered traffic.
Bug: 154776299
Test: atest TetheringTests
Change-Id: I7f2696a642f96c6aafb5613b980bf5bcdd08bbda
Send netlink request over fd for offload config before
completing init sequence. Provides existing conntrack
entries to IPA. Resolves issue where there are NAT
misses in IPA due to IPA only having the conntrack
entries added after tethering starts.
Bug: 149109043
Test: OffloadHardwareInterfaceTest
Change-Id: Iaf3e847e92f205b55f10fa85c17b9f3995d52099
AdoptShellPermissionIdentity can not pass permission check by
Settings#checkAndNoteWriteSettingsOperation. It would compare the caller
uid and its package name. See error below:
1. java.lang.SecurityException:
Specified package com.android.shell under uid 10239 but it is really 2000
2. java.lang.SecurityException:
uid 10245 does not have android.permission.UPDATE_APP_OPS_STATS.
Override the method and test if caller hold WRITE_SETTINGS directly.
Bug: 154869719
Test: TetheringTests, TetheringCoverageTests, NetworkStackNextTests,
NetworkStackCoverageTests
Change-Id: I2a60c4d66ef30028f9663159f85464ea815248e2
Add the specific implementation of onNewPrefixRequest callback
on IpServer side, also refactor some common code.
Bug: 130741856
Test: atest TetheringTests
Change-Id: If2871bf899cb5890bbfee18063a194c92b6f474e
1. Move isTetheringSupport logic from TetheringService to Tethering.
2. Small readability improvement in TetheringTest. Also change
config_tether_upstream_automatic from false to true in TetheringTest.
So TetheringTests would default run automatic select upstream flow
instead of selecting by legacy perferred network type list.
Bug: 153609486
Test: atest TetheringTest
Change-Id: I5a82a6347f62d3a7031db5c56e8e0c8530dafd8f
Merged-In: I5a82a6347f62d3a7031db5c56e8e0c8530dafd8f
- Correct description and spelling in the code and xml files.
- Add a TODO for refactoring the IpServer constructor.
- Refine the if-statement for starting IP neighbor monitor.
Test: atest IpServerTest
Change-Id: If9c8bc6f785fa80575db56de4e223292e9807ace
To exempt from entitlement check, caller need to hold TETHER_PRIVILEGED
permission.
Bug: 141256482
Test: atest TetheringTests
Change-Id: I2eb37f5e92f5f5150a7fb7c25b945e28704d27a0
If BPF offload device config is not enabled:
- Does not add/remove offload forwarding rules through disabling IP
neighbor monitor.
- Does not apply the RA MTU reduction.
Bug: 149997301
Test: atest IpServerTest
Change-Id: I2d6f80f0229f580c4b16243a064e889a6c37f77a
The tether bpf offload can be enabled by resource config and
device config. The device config has higher priority and it
could override this config which is set by resource config.
Bug: 149997301
Test: -build, flash, boot
-atest TetheringConfigurationTest
Change-Id: I9c26852d2c926786e141ece6da53df3801c049b2
