A new firewall chain is needed to configure background network
restrictions for apps.
This change only adds the API stubs and traffic controller constants to
make the chain work. Policy changes using this chain will follow in
the framework code.
Test: atest CtsNetTestCases:ConnectivityManagerTest
Test: atest ConnectivityServiceTest
NO_IFTTT=The Lint rule along with the relevant code in Common.h is
being deleted in aosp/2819759
Bug: 304347838
Change-Id: I33e2db6671431f7c576fc931d9f96e684fc1e78a
Make ADnsHelper_isUidNetworkingBlocked() to reference 'metered'
information and Data Saver related BPF maps to make the final decision.
Bug: 288340533
Test: atest dns_helper_unit_test
Change-Id: I51b1dadd56a8d6fda3f8b18d64740e52b76e1bfe
The information is needed by modules who want to know whether a
specific UID is blocked by Data Saver feature.
1. Add a one-element map data_saver_enabled_map.
2. Update current data saver setting to the map.
Bug: 288340533
Test: atest FrameworksNetTests:android.net.connectivity.com.android.serv
er.BpfNetMapsTest
Test: atest bpf_existence_test
Change-Id: I981da4b569247c33cba2d365cb6f2691f673474e
1. Move it to header file so that it can be reused by others.
2. Correct the return type from int to bool.
3. Replace __always_inline by inline to avoid -Werror,-Wunused-function.
Bug: 288340533
Test: build
Change-Id: I9062686d9c2f98c2d24e4673f82b1732b180ffc4
UidOwnerMatchType Java definition moved from BpfNetMaps.java to
BpfNetMapsConstants.java in change I6d7ea044e43180.
Bug: 297836825
Test: presubmit
Change-Id: I4fc28406750cac9143ea47e9304b455ab616d462
As an inline function, the logic can be reused by others.
Bug: Bug: 288340533
Test: build; presubmit
Change-Id: I8e57829e304e829eed72cc165b051cd22088260d
This is based on network driver populated skb->mark magic bit.
This is the bit used by netd's WakeupController.
We mandated the location of this bit in U, though we haven't
(yet??) mandated it being supported by all network drivers.
If the driver doesn't support it, it could always
be false (skb->mark should default to 0),
or potentially (this is very very unlikely) be garbage.
IFIRC nettrace isn't enabled on pre-U devices anyway.
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I2b3b91315d77c08c022396253b26954593dd3f5a
while this is a little bit more code,
it seems much better for the accumulation operation
to be next to the struct definition itself
(in case we ever add more fields)
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I26022db4566e69c964298d7b3f2cc4fa4a9a5152
(next step is to replace use of Stats struct with
identical (except field order) StatsValue struct)
Test: TreeHugger
Bug: 294604315
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I9be3c411f9592bf4edc75386b1c5b386ebeb5905
This adds the core BPF implementation of Android network packet tracing.
The new code looks into the skb to pull out various bits of information.
Both the program and the ring buffer are restricted to 5.8+ kernels and
userdebug or eng builds.
With the packet_info_config map defaulting to zero, userdebug and eng
builds won't run any of the tracing today. The only effect will be 32k
memory increase for the ringbuf and the check on the config array.
Bug: 246985031
Test: build & flash both userdebug and user
Change-Id: I144da2971c0738b565ad58abc17e456209f13bde
