This patch removes from ConnectivityService the logic involved in
deciding if a uid has access to networking based on networking policies.
This logic is moved into NetworkPolicyManagerService which is the source
of truth with regards to the state of networking policie, both for
existing networks and uids.
Instead ConnectivityService directly queries NetworkPolicyManagerService
in a synchronous fashion for a specific uid or a (uid, network) pair.
This eliminates the need to keep a copy of the uid policy rules inside
ConnectivityService and ensures that ConnectivityService takes
networking decisions based on the correct state of networking policies,
and therefore eliminates certain data races in ConnectivityManager API
that applications are exposed to.
Test: $ runtest frameworks-net
$ runtest -x frameworks/base/services/tests/../NetworkPolicyManagerServiceTest.java
$ runtest -c com.android.server.net.ConnOnActivityStartTest frameworks-services
Bug: 32069544, 30919851
Change-Id: Ic75d4f7a8853e6be20e51262c4b59805ec35093a
This patch adds wakelock acquire and release activity to
ConnectivityService logs in dumpsys. All of the last 20 acquire and
release operations are logged.
This patch also:
- does a bit of cleanup to related dumpsys logs
- unify pretty printing of internal event ids to their names.
- delete mInetLog which was obsolete and not used.
Example of logs:
NetTransition WakeLock activity (most recent first):
03-30 02:15:40.628 - RELEASE 1 by EVENT_EXPIRE_NET_TRANSITION_WAKELOCK: not released (serial number was 2)
03-30 02:15:09.965 - ACQUIRE 2 for NetworkAgentInfo [WIFI () - 101]
03-30 02:15:01.877 - RELEASE 1 by EVENT_CLEAR_NET_TRANSITION_WAKELOCK: released
03-30 02:14:40.598 - ACQUIRE 1 for NetworkAgentInfo [WIFI () - 100]
Test: inspected result of $ adb shell dumpsys connectivity
Bug: 36703718
Change-Id: Ia8e2016fc512ee798ef0adc3f612d1f6c33d4870
Test: ConnectivityServiceTest passes on ryu on internal master
Test: ConnectivityServiceTest passes on bullhead
Change-Id: If94102c7df0257ea9e69e72b07a685ae3c2c4022
In order to avoid app breakage, we are putting back the system
properties and using selinux to disallow access from apps
targeting the O SDK or above.
This CL is cherry-picked from internal commit
443b6c4049, but with a different
commit description.
Bug: 33308258
Bug: 33807046
Bug: 34028616
Bug: 34115651
Test: system properties are readable as root and shell
Change-Id: I8d51e8e0a620d581c4251fb2f3c1d0a813b929be
Firewall rules don't work on 464xlat because they were created under
an assumption that there's only one address for the server and it's
ipv4, which doesn't go so well when we're on an ipv6-only network.
Bug: 33159037
Test: runtest -x net/java/com/android/server/connectivity/VpnTest.java
Change-Id: Id331526367fe13838874961da194b07bd50d4c97
This cleanup helps declutter ConnectivityService, and encapsulates the
always-on setting inside of Vpn instead of spreading it across two
classes.
In particular having the save code in one file and the load code in
another file was weird and I apologise for that.
Added a SystemServices wrapper for Settings.Secure and PendingIntent
calls to decouple some of the global state nastiness and make it
testable without forcing ConnectivityService to drive the load/save.
Test: runtest -x tests/net/java/com/android/server/ConnectivityServiceTest.java
Test: runtest -x tests/net/java/com/android/server/connectivity/VpnTest.java
Bug: 33159037
Change-Id: Ie2adb1c377adfcef0a5900dc866e6118f451b265
The testNotificationsShownAndCleared test was not doing anything
because the list of notification to show was always empty.
This patch fixes this issue and actually makes the test loop on
non-empty collections, and also fixes another ordering issue in
assertions themselves, hidden until now by the first issue.
Test: runtest -x frameworks/base/tests/net/java/com/android/server/connectivity/NetworkNotificationManagerTest.java
Change-Id: I4837b1175d7c9133e9156e33acaa1e7e3341cc62
This patch adds transports info to ValidationProbeEvent and migrates
netId logging for this event to the topt-level netId field in
ConnectivityMetricsEvent.
Test: modified unit tests. $ runtest frameworks-net passes
Bug: 3490169
Change-Id: Ibf51049ba8901ae5ca4ea86e2f500944a4738b5c
This patch deprecates the ifname field for specific metrics events of
types DhcpClientEvent, DhcpErrorEvent, IpReachabilityEvent and
IpManagerEvent.
Instead ifnames are logged in ConnectivityMetricsEvent, allowing for
link layer inference.
Test: updated unit tests, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I8bfabcb115bbd5289471d653c153a40bb48f28cd
This patch adds translation from ConnectivityMetricsEvent to
IpConnectivityEvent of recently added fields:
- top-level network id
- top-level ifname
- transports
Also adds inference of link layer from transports or ifname.
At the moment these new fields are not populated in
ConnectivityMetricsEvent. Follow-up patches will fill this gap for
the events of the android.net.metrics package.
Test: new unit tests, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I563a6a3183470bdfaabb7c781a1beaf6b1058bf0
This avoids requiring the MANAGE_USERS permission in this function.
Bug: 32671528
Test: Manual. Also seeking unit test guidance from reviewer.
Change-Id: I841e721013b0e4b6db34d629a1e97b3cd54cd73b
This patch adds new fields to ConnectivityMetricsEvent to make it more
symmetric to IpConnectivityEvent in ipconnectivity.proto.
Follow-up patches will start populating these fields for users of
IpConnectivityLog.
Test: unit tests updated, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I396767cdfcf38cce893c0d6e1f4524f12e3fdc64
Now that ConnectivityMetricsEvent is only used for core networking
metrics and is not @SystemApi anymore, remove unused fields and prepare
for additional new fields.
Test: updated unit tests, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I15abad19981d491f16f2a3afe401f1e833079907
This patch adds a few missing counters to APF events:
- an actual lifetime duration to ApfProgramEvent.
- counters for total number of updates to ApfStatistics.
ApfProgramEvents are now recorded at program removal in order to
populate the actual lifetime of the program. ApfProgramEvents whose
actual lifetime was less than 1 second are filtered out.
Finally, instance fields of ApfProgramEvent and ApfStats classes are
made mutable to allow for simple record-like creation. This was not
possible when these classes were tagged @SystemApi.
Test: - manually verified output of $ dumpsys connmetrics list
- unit tests updated.
Bug: 34901696
Change-Id: I02694ebb9421ce1c2aa757fa6aa209d19a654dcd
This patch:
- adds a counter to ConnectStats for counting the number of successful
connect() calls done in blocking mode. This allows to compute error
rates for connect() in blocking mode.
- add printing of ConnectStats when dumping NetdEventListenerService
and/or IpConnectivityMetrics service.
Test: $ runtest frameworks-net, + manual tests verifying logged events.
Bug: 34901696
Change-Id: I889e8ccd12681b0511be487e9d2ee44290a2d7d7
- regroup together static final class fields, final instance fields, and
mutable instance fields.
- uses correct Android naming conventions for instance fields.
- reorder imports correctly.
Test: no functional change.
Change-Id: If3d73bc28972a004c2ba3cc14d869a2a679abfce
This patch adds several new fields to ipconnectivity.proto for
improving APF metrics, connect metrics, and link_layer inference.
Test: build, flashed, ran $ adb shell dumpsys connmetrics list proto
updated metrics unit tests depending on proto schema
Bug: 34901696
Change-Id: I6f68e16f583a6b407f33f8a500133e100f3453c7
Test: as follows
- built (bullhead)
- flashed
- booted
- runtest frameworks-net passes
- manual USB tethering toggling between WiFi and mobile
Bug: 32163131
Change-Id: I57edf5114b6361f320577c7870e40f8b3cdf74ce
