- This is a test only change.
- Remove calling startMonitoring() in setup() because this method
should be called only once, so each test needs to call
startMonitoring() if the testing function is running on it.
- Return empty list instead of null when getting installed
pacakges in setup(). This can help test to have default user
MOCK_USER1 when they call startMonitoring().
Bug: 192431153
Test: atests FrameworksNetTests
Change-Id: Id2ffb056b378873c3ba6a8bb31b7dedb56ad6d46
- Some code are used many times, it's better to make them as
common code for reducing inconsist behavior.
- Also stop using Boolean to represent network permissions and
replace them with int value. Because using Boolean for
permission comparison is really complicated and bizarre.
- Use PERMISSION_* for netd network permission directly.
Bug: 189705071
Test: atests FrameworksNetTests
Change-Id: I2a4e298b9a01f4b2874ae68e9d9539a0ab4aff4c
The point is to help with debugging flakes of this test by
clarifying the timing of these calls with respect to when
NetworkMonitor reads the settings and the values it obtains.
Test: CaptivePortalTest
Change-Id: I29ac1d8cff1f96c91be2459e9a8f34f8ba1f38e3
Some uids should be app ids, correct them for avoiding confusion
and incorrect use.
Bug: 189705071
Test: atests FrameworksNetTests
Change-Id: I4a5930e5dc63b4d901e1567f8935ad7203866c89
- This is a test only change.
- Some methods are very similar and duplicated. So merge them to
improve readability and reduce code complexity.
- Stop spying PermissionMonitor.
Bug: 189705071
Test: atests FrameworksNetTests
Change-Id: I8ec17bd2d396c4d49dd8b64be85d89d0145f4c3c
- Rename the conntrack destination port check function
- Use CollectionUtils.contains to check the denied ports
- Add tests for the streams with ftp and pptp tcp port are
not able to be offloaded
Bug: 195914327
Test: atest TetheringCoverageTests
Change-Id: I7e2591bea1f6db46271efb0c30970fb8d4efe1e4
The test may be run on S builds older than itself, in which case the
resource ID may not match. Query the resource ID dynamically instead of
using the constant.
IpSecAlgorithm is not updatable in S, which is why it can use
hidden/unstable platform resources, so the test could also be skipped
altogether on S. But considering that keeping it around is not very
costly yet, this change fixes it for running on S.
Bug: 197489543
Test: atest IpSecAlgorithmTest
Change-Id: I533eede3a360a8db9089e65e017b9d7453b35539
The correct return code to keep on processing any further TC
attached programs is 'TC_ACT_PIPE' and not 'TC_ACT_OK' (which
is terminal).
Without this the ipv6 tether offload program causes termination
of processing and the ipv6 clatd offload program never actually
handles any packets (while tethering is active).
This results in lack of bpf xlat64 offloading for tethered ipv4
traffic on an ipv6-only (cellular) network.
This in turn means incoming TCP packets get GRO'ed, do not get
bpf offloaded, and get delivered to the clat daemon, which
due to them being bigger than the mtu (due to gro) cannot
handle them and discards them.
This results in poor performance, since tcp falls back to 1 mss/mtu
sized packet per rtt.
Tested via tethering a linux laptop on an ipv6-only cellular connection
and downloading the linux kernel from kernel.org via 'wget -6' and 'wget -4'.
Before:
IPv6: over 2MB/s, observed:
5805 packets, including 4 sackOK
IPv4: under 1MB/s, observed:
9300 packets, including 8 sackOK, 387 sack 1, 501 sack 2, 2310 sack 3
After:
IPv6: over 7MB/s, observed:
16702 packets, including 4 sackOK
IPv4: over 9MB/s, observed:
32755 packets, including 2 sackOK
Test: builds, TreeHugger, see above
Bug: 195624908
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I623dacb5a37dc689cea34499c3906c11fcaf946c
This test fails on devices where physical Ethernet interfaces are
available but marked restricted, like cuttlefish.
Bug: 197462993
Test: test-only change
Change-Id: I15c991b2e43e2d5e823dcdcfbd74adfd9b2f6f08
