This change makes sure tunnel mode transforms are properly activated
upon construction, and corrects bugs with how policy selectors were being
generated for tunnel mode policies. Specifically, the source/destination could
not be empty strings, even for cases where an empty selector was desired.
Bug: 72457770
Test: GTS tests run
Change-Id: I9a9f64c34b07883a02a5c996614f958486d214fc
The current implementation of getMobileRxBytes and all the similiar
method adds up the return values for multiple calls to getRxBytes so if
all of them return UNSUPPORTED for any reason, getMobileRxBytes() would
return a value such as -3. This behavior is not compliance with the cts
TrafficStatsTest which always assume getMobileRxBytes to return a
non-negetive value. The method now will check tha stats get from
getRxBytes method and add them up only if the stats is valid.
Bug: 72473294
Test: run cts -m CtsNetTestCases -t android.net.cts.TrafficStatsTest
Change-Id: I656970ebc8f6506cf17c4353ad46c0178bb65cfd
The lifecycle of Keepalive offloading is, unfortunately
different from that of an IpSecTransform. Because starting
a keepalive is fundamentally asynchronous, and isn't valid
until after a transform exists, it will now be a separate
optional procedure that may succeed or fail. It remains
linked with a Transform by the need for a Transform to exist
in order to initiate a Keepalive.
Bug: 38350389
Test: compilation
Change-Id: Ia76fccee41f86d694dff436043293d0c0762c041
This change adds one KernelResourceRecord type (TunnelInterfaceRecord),
and adds methods for the creation of TunnelInterfaces, as well as the
application of Transforms to the given TunnelInterfaces
As part of the generation of ikeys/okeys, a ReserveKeyTracker manages a
java bitset to avoid collisions and reserve/release keys.
Bug: 63588681
Test: Compiles, CTS, unit tests all pass on AOSP_marlin
Change-Id: I9e9b6455e27073acd4491eae666aa966b3b10e0f
Simple change to expose systemAPI for applyTunnelModeTransform
Bug: 36033193
Test: All CTS, unit tests passing
Change-Id: I2d857c048bc0dc80c3949387f946b1f5adf0527e
* changes:
Support passing a template to NetworkStatsManager queries.
Add metered, roaming, and defaultNetwork info to NetworkTemplate.
Unbreak frameworks-net tests broken by missing libutilscallstack.
Disable IpConnectivityMetricsTest.
Add the defaultNetwork element to the netstats.proto.
Add getDefaultNetwork to the NetworkStats public API.
This will allow data usage clients to query for and receive
callbacks on data usage matching these conditions.
Bug: 35142602
Test: atest FrameworksNetTests
Change-Id: I4d985a2734eeab7ee454c09cc2098b6b3c671c23
Merged-In: I4d985a2734eeab7ee454c09cc2098b6b3c671c23
This is in its own commit because AOSP has diverged from internal
master.
Bug: 35142602
Test: builds, boots
Change-Id: I75fc85b961bc919e3d6c2adce6d6861c6f2c8379
Merged-In: I75fc85b961bc919e3d6c2adce6d6861c6f2c8379
Currently, NetworkStatsManager queries and callbacks only allow
selecting network traffic based on network identifiers:
networkType, subscriptionId and networkId. The code ends up
converting these into a template under the hood.
Now that templates can express more fine-grained queries (e.g.,
select only roaming traffic, or select only traffic that's not
on the default network) add a hidden method to pass in a
template. This should have no security implications, as all the
access controls are performed in NetworkStatsService.
Bug: 35142602
Test: android.app.usage.cts.NetworkUsageStatsTest passes
Change-Id: Iab4afa26b34544299d2a9c501c1b0feb470e90a9
Merged-In: Iab4afa26b34544299d2a9c501c1b0feb470e90a9
This allows an app using the public API to know whether the
traffic in a particular bucket was on the default network
(i.e., the network was selected by the system), or not (i.e.,
the network was selected by the app).
Bug: 35142602
Test: builds, boots
Test: added coverage to NetworkUsageStatsTest CTS test, still passes
Change-Id: I9f6669908fa119743b9c0aa0c31a03e5ebafa7db
Merged-In: I9f6669908fa119743b9c0aa0c31a03e5ebafa7db
If the qtaguid proc file is no longer exist, the device is running new
eBPF module to do traffic accounting. So the NetworkStatsFactory need to
use the proc/net/dev interface to get the per interface traffic stats
summary. Also, adding a test to verify the helper function work properly
Bug: 30950746
Test: run NetworkStatsFactoryTest
Change-Id: Ia36808bf02f1637dd41a3e7c50917b91b1a77524
Add the native method used to read the detail information of network
stats from bpf maps. The native method of NetworkStatsFactory should
choose the correct implementation to get the stats detail depending on
the kernel version. Currently the bpf result is printed as a reference
and the actual behavior of NetworkStatsFactory should not change.
Test: NetworkStatsFactory related cts test should not fail.
Bug: 30950746
Change-Id: I4715a23559b5b2306bd556cea0431f0ed172a993
Add the native implementation for NetworkStatsService to read the
uidStatsMap and tagStatsMap to get the network traffic information.
Currently the implementation only try to get the data from bpf for a
reference but the final value returned is still from old xt_qtaguid
module. So the result will not be effected. The bpf implementation is
depending on libbpf inside netd.
Bug: 30950746
Test: CtsNetTestCases -t android.net.cts.TrafficStatsTest
Change-Id: Ia85e4d4d602f6bd536739d89085e6dc37ad82e15
This change adds an additional check in CheckIpsecConfig to prevent
users from using the same SPI twice. This allows for a more granular
error message.
Bug: 70642141
Test: Tests added in IpSecServiceParameterizedTest
Change-Id: I9621fb05c6b162bd8ae8db4ac1e64feaa9d0ac73
