Interface stats on stacked interfaces is usually clatd. For
xt_qtaguid supported device, the stats is already accounted
against its final egress interface by the kernel.
Framework side does not need to handle stats on statcked
interface at all.
However, on devices that support BPF offload, xlat464
packets are seen by the iptables rules as arriving on stack
interface only. Thus, add stack interface into accounting is
needed.
Bug: 136193260
Test: 1. atest FrameworksNetTests
2. atest android.app.usage.cts.NetworkUsageStatsTest
3. manual test on ipv6-only wifi network
Merged-In: I8ebbefbe4df00e40f4896a17fa52c8438d41286e
Change-Id: I8ebbefbe4df00e40f4896a17fa52c8438d41286e
(cherry-pick from aosp/1009306)
This change inlines the logic from readNetworkStatsDetailInternal, and
reduces reundant checks in mUseBpfStats
Bug: 113122541
Test: atest FrameworksNetTests run, passing
Merged-In: If2ef8d8f038f32c8cf974aa02cfc1dc7e44dbad3
Change-Id: If7d41052115ed145da8a610d676f6ed33c8d5e63
(cherry picked from commit 8c9d8c5e05cd35a340c4224c61f7fa9e95b5c861)
This change removes the now-unused VPN arrays in the network stats
observer and recorder classes. These are always null values in every
call site.
Bug: 113122541
Bug: 120145746
Bug: 129264869
Bug: 134244752
Test: FrameworksNetTest passing
Test: Manual tests show data usage fixes maintained.
Merged-In: Ieb8645acc400fdaeb0df7092c5369b96f9f35af9
Change-Id: I66f263d7e12bce7668901306c0c2ecdda634abaf
(cherry picked from commit 833603caabb1a850a63a970fc285b4c8ed7401f8)
This change fixes detailed UID stats to ensure network and battery stats
both take VPNs into account. NetworkStatsFactory is being made aware of
VPNs enabled, and the full set of underlying networks present.
Since traffic can only be migrated over a NetworkStats delta, NSF
maintains a NetworkStats snapshot across all UIDs/ifaces/tags.
This snapshot gets updated whenever NSF records a new snapshot
(based on various hooks such as VPN updating its underlying networks,
network getting lost, etc.), or NetworkStatsService's
getDetailedUidStats() method being called.
This change widens the scope of the existing mPersistentSnapshot lock,
renaming it to mPersistentDataLock, and ensures that TUN migrations are
not done in parallel. Additionally, mVpnInfos is updated via
pointer-swapping, to reduce the scope of the mPersistentDataLock.
The safety of this change is predicated on:
1. NetworkStatsFactory lock not held, so services cannot deadlock through
the cyclical lock.
2. The broadening of the scope of the lock in NetworkStatsFactory has no
threading implications, as it is always the last (leaf node) lock held,
and therefore is impossible to have lock inversion.
Additionally, to ensure VPNs work with 464xlat, the VPN info passed to
the NetworkStatsFactory includes all underlying interfaces, instead of
only passing the first one.
This (partially) re-applies changes from:
aosp/972848: Add one more test for VPN usage stats.
aosp/972847: Addressing comments for http://ag/7700679.
aosp/885338: NetworkStatsService: Fix getDetailedUidStats to take VPNs
into account.
Co-developed with: Varun Anand <vaanand@google.com>
Bug: 113122541
Bug: 120145746
Bug: 129264869
Bug: 134244752
Test: FrameworksNetTest passing
Test: Manual tests show data usage fixes maintained.
Merged-In: I6466ec1411fc5ed6954125d27d353b6cd1be719e
Change-Id: Id45ae956ad7165be346ecc010e17d260563ac1c0
(cherry picked from commit 9fbbdebc61513982a6775460e1d400956f803bde)
This change removes an unused parameter that is always null in
getNetworkStatsUidDetail
Bug: 113122541
Bug: 134244752
Test: FrameworksNetTest passing
Merged-In: I995b108ef30e1fbd6190131ed4db40a3d9327eb5
Change-Id: I575a7e4fa145f2c93537f33a2bfe952aeafd0e69
(cherry picked from commit 5823e8d3c69b10ad2a458e491c146631457ca86d)
This reverts commit d8220c20507f0c346f517d715c7b9826b04d64e2.
Reason for revert: Fix available for deadlocks.
Bug: 113122541
Bug: 134244752
Merged-In: Ib65214598837289bd39dbf040b56ab7835f893ba
Change-Id: Ia90bf2c72ef686e80800d113d03548e0efcadb66
(cherry picked from commit a84d9fa57247cf78a9297b0c6dbd3d81b69e235f)
This reverts commit 921b3f3e85.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: Ibdaad3a4cbf0d8ef1ed53cfab1e454b9b878bae9
This reverts commit 8481d9d55d.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: I0c00e8f0e30cee987b71b561079a97bf09d4dae4
(cherry picked from commit 720133f79d)
This API is similar to one provided by NetworkStatsFactory with the
difference that NSS also migrates traffic from VPN UID to other apps.
Since traffic can only be migrated over NetworkStats delta, NSS
therefore maintains NetworkStats snapshot across all UIDs/ifaces/tags.
This snapshot gets updated whenever NSS records a new snapshot
(based on various hooks such as VPN updating its underlying networks,
network getting lost, etc.), or getDetailedUidStats API is invoked by
one of its callers.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: manually verified that battery stats are migrating traffic off of
TUN (after patching above CL where we point BatteryStats to use this
API).
Change-Id: I4b8d7c5b6905a4a12c1806dfd35c2c4c63610404
VPN uid.
(cherry picked from commit c8dbdf35de)
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: Manually verified on device that stats from VPN UID are moved
appropriately based on its declared underlying network set.
Test: vogar --mode app_process --benchmark NetworkStatsBenchmark.java
Change-Id: I7f368c5970b2dcb969fe0daf5ef44edb1f51d09d
This patch adds checks to ensure that the IPSEC_TUNNEL feature flag is
enabled.
Bug: 117183273
Test: Compiles & tests passing
Change-Id: I2699dda29e1eed139bc6fd1b70071e5ab33cad88
To avoid protentail race problem between netd and system_server when
reading the network stats map. Always inform netd before reading the
stats and let netd to do a swap between active stats map and inactive
stats map. So the system_server can safely remove the stats after
reading.
Bug: 126620214
Test: android.app.usage.cts.NetworkUsageStatsTest
android.net.cts.TrafficStatsTest
Change-Id: I8fa37c26bec23ffca0b29b679e72ba1189f557f1
Merged-In: I8fa37c26bec23ffca0b29b679e72ba1189f557f1
(cherry picked from commit f729cb5fd654a0f099128734f849800fde9ba525)
Since the network stats could be polled from multiple services at
runtime, it is not thread safe for networkStatsFactory to hold a
persistent stats snapshot without any protection. Use a internal lock to
prevent concurrent modification on mPersistentSnapshot to fix the
problem.
Bug: 124764595
Test: android.app.usage.cts.NetworkUsageStatsTest
android.net.cts.TrafficStatsTest
Change-Id: I73851336452110afb74d6dd1ca5e50047d5b3d4a
Merged-In: I73851336452110afb74d6dd1ca5e50047d5b3d4a
Merged-In: I22afb46f17697e8b6359d4f593802e0f4b95db8b
(cherry picked from commit 25243b4eb93c234412a35f9e5d9f1649f8964f83)
ConnectivityManager and its usages are removed from
NetworkStatsService. After that, forceUpdateIfaces requires
information that only ConnectivityService has, hence
restricting the calling permission to NETWORK_STACK or
MAINLINE_NETWORK_STACK permission. The required permission
will be changed from READ_NETWORK_USAGE_HISTORY to
NETWORK_STACK or MAINLINE_NETWORK_STACK. This change would make
it impossible to call outside the system.
Bug: 126830974
Test: atest FrameworksNetTests
Merged-In: I1b26dc64eaab2151e6885fd01cc5e8d4e18c4e60
Change-Id: I4ea421e4126a45f65d25fe0bec74243a3b20aeab
(cherry picked from commit 6b895dea25b4fca87d275bb78367411623ded1d4)
This patch fixes a bug where if a binder dies before the linkToDeath
call, the cleanup will be performed before the entry is added to the
array. While it is safe in that quotas and tracking performs as per
normal, the RefcountedRecord may not be cleaned up.
Rethrowing this exception is safe, since the only paths that would hit
this are all on binder threads coming from applications. Further, it
seems there is only one real way of this getting hit - if the app that
called the creation died during the binder call.
Bug: 126802451
Test: Compiled, CTS tests passing
Change-Id: Ib955acaa5e498c0e977cb5f2e48cffbc9fea8c7c
Merged-In: I6db75853da9f29e1573512e26351623f22770c5d
Merged-In: I416c2e43961ec0e1cc6b2fbcef970fbce858603b
Merged-In: Ib955acaa5e498c0e977cb5f2e48cffbc9fea8c7c
(cherry picked from commit 6c089d90bfa728e9842de0f5947f0c557c62dea0)
This commit reduces the flakiness of the
testOpenAndCloseUdpEncapsulationSocket by retrying up to three times.
Unfortunately, testing port-selected socket creation is racy against
other applications. This helps to handle the same race condition as done
in IpSecService#bindToRandomPort
Bug: 128024100
Test: 200x runs of testOpenAndCloseUdpEncapsulationSocket
Change-Id: I7e036ce821019dbac6c50899bd0894e89d2fe82a
Merged-In: Idf040a67e53d9b9ec6e6c647ce24f8ada501d355
Merged-In: Iad9aea4b42cd8b31a5a2659bb9cb54dd1c64e8b7
(cherry picked from commit 614ab3dd4e49e9b664f5065983fb9067148fef12)
In order to notify netd to swap eBPF maps before pulling the
networkStats from eBPF maps, NetworkStatsFactory need to use the
NetdServices to issue binder calls. So it need to be moved from
framework/base/core to framework/base/service since object in
framework/base/core cannot get any system services. This change is also
necessary for setting up a lock inside NetworkStatsFactory to prevent
racing between two netstats caller since the lock need to be hold before
netd trigger the map swap.
Also fix the compile problem caused by moving the NetworkStatsFactory
and the related tests. Rename the packages and the jni functions to a
more proper name.
Bug: 124764595
Bug: 128900919
Test: NetworkStatsFactoryTest
android.app.usage.cts.NetworkUsageStatsTest
android.net.cts.TrafficStatsTest
Change-Id: Ifcfe4df81caf8ede2e4e66a76552cb3200378fa8
NSS needed it for getting VpnInfo[], NetworkState[] and
activeLinkProperties which it used to query via ConnectivityManager.
For VpnInfo[], this was racy as NSS may ignore intermediate changes to a
VPN's underlying networks. See http://b/123961098 for more context.
It may also lead to deadlocks b/w ConnectivityService and
NetworkStatsService. See http://b/126245192 for more info.
This change will ensure that NSS is never contending on any of
ConnectivityService locks.
Bug: 123961098
Bug: 126245192
Bug: 120145746
Test: atest FrameworksNetTests
Change-Id: I57e117bb4e9efe491b19d6b5a479f2d58d1c58e6
Includes various small changes to stop using hidden APIs
Test: make NetworkStack
Test: flashed, booted, WiFi and tethering working
Bug: 112869080
Change-Id: Id2830795a444f484b377ed6437435a1cd833697a
root cause: getIfaceStats and getTotalStats is directly reading
iface_stat_fmt or eBPF, not include tether stats.
solution: add tether stats to getIfaceStats and getTotalStats.
Clean cherry-pick of aosp/848934
Bug: 120039819
Test case1:
1. tether offload is enabled on phone, enable MHS on phone.
2. Use test app to check getMobileRxBytes->getIfaceStats
3. Download 10M file on MHS client
4. Use test app to check getMobileRxBytes->getIfaceStats again
result: getMobileRxBytes increased around 10M
Test case2:
1. tether offload is disabled on phone, enable MHS on phone.
repeat above step 2~4
result: getMobileRxBytes increased around 10M
Following CTS cases passed
run cts -m CtsNetTestCases --test android.net.cts.TrafficStatsTest
run cts -m CtsUsageStatsTestCases --test android.app.usage.cts.NetworkUsageStatsTest
Change-Id: I3d94acb71c142ec38b750e58822881ff383341cc
root cause: getIfaceStats and getTotalStats is directly reading
iface_stat_fmt or eBPF, not include tether stats.
solution: add tether stats to getIfaceStats and getTotalStats.
Bug: 120039819
Test case1:
1. tether offload is enabled on phone, enable MHS on phone.
2. Use test app to check getMobileRxBytes->getIfaceStats
3. Download 10M file on MHS client
4. Use test app to check getMobileRxBytes->getIfaceStats again
result: getMobileRxBytes increased around 10M
Test case2:
1. tether offload is disabled on phone, enable MHS on phone.
repeat above step 2~4
result: getMobileRxBytes increased around 10M
Following CTS cases passed
run cts -m CtsNetTestCases --test android.net.cts.TrafficStatsTest
run cts -m CtsUsageStatsTestCases --test android.app.usage.cts.NetworkUsageStatsTest
Change-Id: I3d94acb71c142ec38b750e58822881ff383341cc
In Q, legacy way to get tcp packet count is not planned to be
supported. Users who use this unsupported API e.g., data stall
detection are also planned to be removed.
Thus, this change reverts 0b4a66a1c2 which is the short term
solution in P.
Bug: 110443385
Test: atest FrameworksNetTests
Change-Id: Ia09f908edbf194b9aa873a3bdd5aee7b6fcb16bc
With the new loader support added. The bpf map format is defined by bpf
kernel program as well. Change the netd bpf program to the new format.
Test: CtsUsageStatsTestCases
Bug: 112334572
Change-Id: I34e38e0a8cf0cca54dc52ec897771452f9d90525
The hasBpfSupport() check from BpfUtils is not used by the native helper
in framework. Remove them.
Bug: 111441138
Test: Build without failure.
Change-Id: Icdd01bf1a03efd7883e4939d0d730303ec1004e7
In follow-up commits, current API would create new NetworkStats
every time when 464xlatAdjustment wants to filtered out some
uids.
This commit refactors it to delete stats in-place to get better
performance.
Bug: 118602783
Test: atest FrameworksNetTests
Change-Id: I858f95d1fa7733111786243b4e261ce8a70a068d
Stable aidl won't support FileDescriptor but ParcelFileDescriptor.
In order to migrate to stable aidl, replace all FileDescriptor in
INdetd.aidl.
Test: runtest frameworks-net passes
Change-Id: Icdf37aed0e0cce0352070a437066e77c0f2fd85a
This commit cleans up and upates comments with regard to changes in
aosp/721999, clarifying the restrictions and potential pitfalls we would
see with regards to IPsec tunnel mode without updatable SAs.
Bug: 111854872
Test: Compiles, comment-only change
Change-Id: I07b0063987463c1a3cf42e112839a31739947c80
This change adds support for XFRM-I to all IpSecService netd calls.
Fallback logic is in netd, and thus both VTI and XFRM-I parameters are
always passed down to IpSecService.
Bug: 78589502
Test: All java, CTS tests passing
Change-Id: Ie4186f0ad7e50763b21831f6fa411b5ee436de78
SA marks are never updated during the UPDSA call. This change disables
the attempts to update the specified SAs, ensuring that the config
stored in IpSecService matches that of the allocated kernel resources.
Bug: 111854872
Test: Unit, CTS tests passing
Change-Id: Ic1fb862c8021ffa260c3e262ec698d8af0a826d9
