To facilitate error checking we should invalidate
the resource IDs of all objects when we close() them.
Today, the resource ID is invalidated on the Transform
object but not on the SPI or Encap Socket. This CL
unifies the behavior.
Bug: 70641274
Test: cts - IpSecManagerTest
Change-Id: I28caec3e913902c748c6a50b4ef742ccef8b1b09
Move the native implementation of TrafficStats to NetworkStatsService
and apps need to get the NetworkStatsService binder interface from
system_server in order to get the network usage stats since boot. This
implementation can hide the detail of retrieving network traffic
information from apps and the NetworkStatsService can choose which
methoed it use to get the data depending on the kernel version of the
device.
Bug: 30950746
Test: CtsNetTestCases -t android.net.cts.TrafficStatsTest
Change-Id: I53bbefd19aa0b783b9b4b42ea4d76db3e9ec07a3
Added calls to tag encap sockets to that of the UID for which the encap
socket is being created on behalf of. This ensures that all data
accounting generated for the UDP-encap-ESP socket is correctly billed to
the right UID.
Bug: 62994731
Test: New tests added to IpSecServiceTest.java, passing
Change-Id: I15365ea9c982fd7b4e3cdeff314ddfba2289c86e
This enables app A to create a socket, pass it to app B, and have
app B accept blame for the traffic performed on that socket.
Also adds helpful public APIs for tagging raw FileDescriptor sockets
instead of making developers go through shady SocketImpl wrappers.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AppSecurityTests#testAppFailAccessPrivateData
Bug: 63932076
Change-Id: I08925c843974675fc82e4080cec2eaab9ab7cd41
Merged-In: I08925c843974675fc82e4080cec2eaab9ab7cd41
(cherry picked from commit 4e164f9e94)
Throughout the IPsec code (API, system server, netd) we use "reserve"
SPI and "allocate" SPI interchangeably. This renames to use "allocate"
everywhere for self-consistency and consistency with the kernel
(ALLOCSPI).
In javadoc, I am leaving the word "reserve" in several places because it
is still an accurate description of how the method behaves.
Bug: 69128142
Test: TreeHugger should be enough
Change-Id: I8ea603b4612303b0393beef04032671fa53d2106
This enables app A to create a socket, pass it to app B, and have
app B accept blame for the traffic performed on that socket.
Also adds helpful public APIs for tagging raw FileDescriptor sockets
instead of making developers go through shady SocketImpl wrappers.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AppSecurityTests#testAppFailAccessPrivateData
Bug: 63932076
Change-Id: I08925c843974675fc82e4080cec2eaab9ab7cd41
Improve the Validation of IpSecAlgorithm by
explicitly checking the length in addition to
the truncation length (previously an oversight).
In addition, we now check the lengths during
un-parceling, which will catch someone maliciously
manually building a parcel and passing it, bypassing
the checks in the constructor.
Bug: 68780091
Test: runtest -x IpSecAlgorithmTest.java
Change-Id: I8172762617264d34f47d5144336464510f07a701
This changes only comments and annotations, which results
in minor API changes.
Bug: 63777932
Test: `make update-api` and visually inspect generated HTML.
Change-Id: I7a7a9244eade6cc55aca17a47e0a838cd6f84cc9
The API linter on goog/master noticed that this method is
listed in the public API even though it's protected. The
change is probably related to a signature change from the
internal finalize method which throws a Throwable. Fix the
method in IpSecManager to throw Throwable, which should
fix the current.txt and resolve the lint error.
Bug: 69006767
Test: compilation, make update-api
Change-Id: I173d014baaa505c365b7916fcb52f2a8b4af9373
Added notes that keymat length must include 32 bits of salt.
Bug: 68672051
Test: Frameworks-net unit tests & IpSecManager CTS tests run
Change-Id: I0ae0c5be8a45b2374783b3bd1fa8bf930f15e687
The "roaming" state of a network really belongs on NetworkCapabilities
instead of being published through NetworkInfo.isRoaming(). One major
reason is to support developers creating NetworkRequests for a
non-roaming network.
Watch for any capability changes that network statistics are
interested in (either metered or roaming) and notify it to perform
an update pass; fixes bug where we previously only triggered on
roaming changes.
Fix bug in VPNs where metered/roaming capabilities of underlying
networks weren't being propagated; this was probably preventing
some jobs from running over unmetered networks, and causing other
jobs to run over roaming networks! Also passes along link bandwidth
information from underlying networks, and propegates any changes
to underlying networks.
Fix race condition by reading prevNc inside lock. Utility methods
correctly calculate min/max link bandwidth values.
Test: bit FrameworksNetTests:android.net.,com.android.server.net.,com.android.server.connectivity.,com.android.server.ConnectivityServiceTest
Bug: 68397798, 16207332
Change-Id: I3e1a6544c902bf3a79356b72d3616af1fd2b0f49
Allows native AES-GCM-ESP to be used as an IPSec transport/tunnel mode
algorithm with kernel support
Bug: 63589918
Test: IPsecService tests added, existing ones pass
Change-Id: Ie1a9a902be205f269aa37bf956198f2e5b177c21
This is a follow-up CL to address comments
on aosp/466677
-Rename ManagedResourceArray.get()
-Comment cleanup
Bug: 38397094
Test: runtest frameworks-net
Change-Id: I6fbdd89c4a864fe1d8a19c68947f582d7b1f0f21
Add equality testing methods to support tests
for parceling and un-parceling IpSecConfig.
Bug: 38397094
Test: runtest -x IpSecConfigTest.java
Change-Id: I31e318334d39ed6e9daf5ec8f3be7dcec75e12ad
All of the input to IpSecService over the Binder
interface needs to be validated both for sanity
and for safety.
-Sanity check all the parameters coming from binder.
-Added setters for IpSecConfig to decouple the test
from the IpSecManager. This was needed because the
input validation caused the tests to fail due to a
null parameter that was previously un-tested.
-Added the mode flag to the IpSecConfig bundle this
oversight was found during testing.
-Expose the getResourceId() methods for testing in
UdpEncapsulationSocket, SecurityParameterIndex, and
IpSecTransform classes.
-Remove the unneeded getIpSecConfig() from
IpSecTransform: unneeded now that we can synthesize
configs.
Bug: 38397094
Test: runtest frameworks-net
Change-Id: I5241fc7fbfa9816d54219acd8d81a9f7eef10dd4
This patch ensures that subtract() between two NetworkStats object will
return a delta with no negative entries in all cases.
When the stats delta contains some negative values, there are clamped to
0. Some logging is added when this happens.
This is what's expected by NetworkStatsHistory#recordData().
Bug: 64365917
Bug: 65439160
Test: runtest frameworks-net
Merged-In: I16e97e73f600225f80e0ce517e80c07c6f399196
Merged-In: I2ac0bc3914cb65ae8ee27921856d698dc59624b2
Merged-In: I67d5dc4b52b254748ff17fe1e16c2eeb1d03c30d
Merged-In: Ib488fb034f72c92f19916490981342a3ef2eb33b
(cherry picked from commit d78311f267)
Change-Id: Ic86b65a65a2517c871221f8784088ec1de18f534
When a carrier provides an "anchor" of data usage at a specific
moment in time, augment the network statistics used by warning/limit
thresholds and Settings UI. For example, if the OS measured 500MB
of usage, but the carrier says only 400MB has been used, we "squish"
down the OS measured usage to match that anchor.
Callers using the hidden API will have their data augmented by
default, and the public API offers a way to opt-into augmentation.
Thorough testing to verify behavior.
Test: bit FrameworksNetTests:android.net.,com.android.server.net.
Test: cts-tradefed run commandAndExit cts-dev -m CtsUsageStatsTestCases -t android.app.usage.cts.NetworkUsageStatsTest
Bug: 64534190
Change-Id: Id3d4d7625bbf04f57643e51dbf376e3fa0ea8eca
