Some callers (e.g. iwlan) need to learn about system default
network but they cannot have NETWORK_SETTINGS permission.
To allow them to use this API but prevent from misuse by
unprivileged apps, enforce USE_RESTRICTED_NETWORKS for this API.
Test: atest com.android.server.ConnectivityServiceTest#testRegisterPrivilegedDefaultCallbacksRequireNetworkSettings android.net.cts.ConnectivityManagerTest#testRegisterNetworkCallback
Fix: 242456635
Change-Id: I80ab27445af874328c9c0f4814a8fbf035ae5df4
This use was checked in after the cleanup that changed the latter into the former
Bug: 157405399
Test: FrameworksNetTests
Change-Id: I2b27ad712ee218322209bbc6af6e8147a0a41430
This change adds testing for VPN MTU calculations, and in particular
cases where IPv6 is not supported due to MTUs being too small.
Bug: 245612827
Test: atest FrameworksNetTests:VpnTest
Change-Id: Ib064e6670244cf3b53b5d03bd62c86b2139ff32a
Fix the policy leak by deleting forwarding policies when deleting
the IPsec tunnel interface.
Bug: 254566085
Test: atest IpSecServiceParameterizedTest (new tests added)
Change-Id: I29dd4810abb978fe886776b2fbacdfc74325436d
The interface index is only propagated if there is an A/AAAA
record in the response. Since the responses here are not entirely
controlled in the test, we just want to verify that we get a
response with the target we expect.
Verified by running the test 1400 times via --runs_per_test flag.
Bug: 254155029
Fix: 255922416
Test: atest MdnsSocketClientTests#startDiscovery_andPropagate\
InterfaceIndex_includesInterfaceIndex --iteration 100
Change-Id: Icb0fe7a58a1e626b7f781ff24c2389a3095d4dc6
aosp/2267683 adds the new param "mark" in generateIpv6Address and
TestDependencies#generateIpv6Address needs to override for this change
correctly.
Change-Id: Ia526bcdf80a428948d55a28bd5adec405530a634
Test: TH
Add tests to verify ike session being triggered when data stall.
Bug: 238692379
Test: atest FrameworksNetTests
Change-Id: I656ea0973072b0bbdd54863eccbe105adb02d6ad
I want to add some logic to setInterfaceEnabled in a follow up, so
consolidating the functions prevents redundancy.
Test: atest EthernetManagerTest
Change-Id: I5756a09be392a970bc545612220595c6984f2b54
In ConnectivityService, updateLinkProperties calls NetworkStats
even though the ip address or interface name has not changed and
only the tcp buffer size has changed. This is noisy and could
be problematic when RAT change occurs frequently, since when
RAT changes tcp buffer size configuration also changes.
This CL also fixes a wrong nullability annotation where the oldLp
of updateLinkProperties could be null when updateNetworkInfo
is called.
Test: atest ConnectivityServiceTest#testStatsIfacesChanged
Fix: 232048480
Change-Id: Ic226eb4a8aa1f38cba293510813f1cb55f0ea658
This allows clat to initialize properly when VPNs are configured
with "Block connections without VPN", rather than to error out with
"no IPv6 addresses were available for clat".
This issue primarily affects particular mobile networks configured
with NAT64 (without direct IPv4 connectivity).
Bug: 255040839
Change-Id: I4a8ee0295e0f5d1e330f7529856347b8bd10360c
shouldIgnoreValidationFailureAfterRoam will incorrectly return
true in the first few seconds after boot even if the network
never roamed. This is extremely unlikely to happen, but add a
check for that just in case.
Fix: 230450214
Test: new unit test
Change-Id: I0789d9bdaa0bd9e78673e8f4248a2ca610052f1e
- Confirm that the default network switches to cell for the right
reason.
- Test the behaviour on T as well (always disabled).
- Minor code cleanups.
Bug: 216567577
Test: test-only change
Change-Id: Idf4cf74aec3d40246f67519d211dbd45e739a6dc
For Matter, a device may have a single host with multiple A/AAAA
records, but multiple PTR/SRV pairs that represent different
operational identities for the same device.
Currently, MdnsResponseDecoder looks for only a single matching
MdnsResponse by hostname when looping through the A/AAAA records
(which will leave the second response incomplete). Updated with a
flag that will allow returning all MdnsResponses which match the
given hostname and update the Inet records for all responses.
Bug: 254155029
Test: atest FrameworksNetTests
Verified with a Matter device with two identities that the
second response is incomplete without this change.
Additionally, added unit tests to verify the before and
after behavior with a real packet capture from the device.
Change-Id: Ic4a101b305c039f6cd7fd557246a2bfdaf0c781a
For Matter, in addition to the InetAddress and port, we also need
to know the associated NetworkInterface index. With this change,
the interface index is propagated from the MdnsSocketTypeClient
through to MdnsServiceInfo based on a flag (defaulting to -1 for
unspecified, if the flag is disabled).
Validated end-to-end against a commissioned Matter device,
enabling the flags, verifying the returned network index against
an adb shell 'ip link show' output.
Bug: 254155029
Test: atest FrameworksNetTests
Change-Id: I96e804b32cdeeff3ed22da35a030df4d5dbb179a
RFC 6763 defines that TXT value can accept both utf-8 string and
binary data. Current implementation will always cast the TXT
value to a utf-8 string and will cause data lose when there are
non-utf-8 chars in the TXT value. This commit fixes this by
having the browser passing the TXT values back as byte[].
Also fixed the TXT key&value parsing issues per RFC 6763
section 6.5: accept cases of no '=' and reject empty key.
Bug: 254155029
Test: atest FrameworksNetTests CtsNetTestCases
Change-Id: I4b755e60ad6e59db19faa41556dd214993d73896
Before this patch, ConnectivityServiceTest#TestNetworkCallback
relies on TestableNetworkCallback calling this overridden methods
for all expectCallback calls. This is very confusing :
- The code for TestableNetworkCallback might be refactored so it
no longer calls this, we'd lose the checks and nobody would
notice.
- Anyone using TestableNetworkCallback instead of
TestNetworkCallback would get a different behavior but would
not notice as the interface for these two classes is exactly
the same
This is also bad for performance because all callback checks will
always look whether it's a check for LOSING, which is rare.
This patch also only generates the error message when the error
actually happens.
Test: ConnectivityServiceTest
Bug: 157405399
Change-Id: Ic9566b815dc4f9b001986ed1376d31a1b97ac8c5
Currently, the stats returned by getNetworkStatsUidDetail()
does not filter iface for mUidOperations, it will cause this
API returns the stats that might contain data with unexpected
iface. Thus filter iface for mUidOperations before combining
it into the return stats.
Bug: 235444141
Test: FrameworksNetTests
Change-Id: I81aaacb5682d69022e521a793516373037510742
This will be useful for diagnosing default network changes.
Logs may look like, for example :
Update capabilities for net 100 : -NET_CAPABILITY_OEM_PAID+NET_CAPABILITY_TRUSTED
Or :
Update score for net 100 : -POLICY_EVER_EVALUATED+POLICY_IS_VPN+POLICY_IS_DESTROYED
Test: FrameworksNetTests
manual
Change-Id: Ic4788c599573aae9daeca995b8853800aaaba0b8
Add code to verify which networks are passed in, and check that
the default interface appears in the LinkProperties of one of the
snapshots.
Test: test-only change
Change-Id: I3c1a483b89564b1c994b8e644ece5b903f549475
* changes:
ethernet: further cleanup updateConfiguration tests
ethernet: add test for updateConfiguration on untracked interface
ethernet: fix updateConfiguration expectations
ethernet: add LinkPropertiesChanged coverage in EthernetManagerTest
ethernet: remove unit test cases that have end-to-end coverage
ethernet: temporary mitigation for test that uses TUNSETCARRIER
This test need a connected enterprise Network before setting
a profile network preferences. If there is no enterprise network
after setting no fallback preference, it will get lost callback
from cell network because it's not matched current preference.
The test fails sometimes because the enterprise network agent is
not fully connected yet. Thus, make sure the agent is fully
connected before settting a profile network preferences.
Fix: 242833379
Test: atest FrameworksNetTests:com.android.server.Connectivity\
ServiceTest#testPreferenceForUserNetworkUpDownWithNo\
FallbackWithAlreadyConnectedWorkAgent \
--rerun-until-failure 100 on cf target
Change-Id: I040b9f31c29834f90f4ca62c512e392141a3244d
Information in the dump does not change
....
current ownerMatch configuration: 516 DOZABLE_MATCH OEM_DENY_1_MATCH
....
Bug: 217624062
Test: dumpsys connectivity trafficcontroller, atest BpfNetMapsTest
Change-Id: I5f7b56e4ba03256414f49d0e82d65477fb97f05a
Information in the dump does not change
....
current statsMap configuration: 0 SELECT_MAP_A
....
Bug: 217624062
Test: dumpsys connectivity trafficcontroller, atest BpfNetMapsTest
Change-Id: I42a844227f258b91ba5b368d8e8abf82a773a801
Also remove the dump of mPrivilegedUser because this is not used now and
the information is duplicated with uidPermissionMap dump.
Before this CL
....
mUidPermissionMap:
10049 PERMISSION_NONE
10027 BPF_PERMISSION_INTERNET BPF_PERMISSION_UPDATE_DEVICE_STATS
1041 BPF_PERMISSION_UPDATE_DEVICE_STATS
....
After this CL
....
sUidPermissionMap:
10049 PERMISSION_NONE
10027 PERMISSION_INTERNET PERMISSION_UPDATE_DEVICE_STATS
1041 PERMISSION_UPDATE_DEVICE_STATS
....
Bug: 217624062
Test: dumpsys connectivity trafficcontroller, atest BpfNetMapsTest
Change-Id: I416501d5a28a5443f954f9c8c58ea255e5cdc897
