When using xt_qtaguid to count per uid stats,
NetworkStatsService needs to adjust the 464xlat traffic since
iptables module would double count for ipv4 and ipv6 packet.
But for eBPF, the per uid stats is collected in a different
hook, so the adjustment on root uid would only be needed in tx
direction.
Bug: 112226716
Test: 1. Make ipv4 traffic in ipv6-only network and check data
usage.
2. Make ipv4 traffic in a client which connect to
ipv6-only hotspot.
3. runtest frameworks-net
4. cts-tradefed run cts -m CtsNetTestCases -t \
android.net.cts.TrafficStatsTest
5. cts-tradefed run cts -m CtsUsageStatsTestCases
Change-Id: Ic9a84f5446eddc943c255d5f3b89dad171f53cac
Use stable aidl generated structure instead of UidRange
Test: runtest frameworks-net passes
Test: manual testing of UidRange related function works
Change-Id: Iaf1c10777dc1e71df2be2a57533a10257b12626b
The bpf project now have a new project directory in system/bpf instead
of inside netd. The network related bpf library is renamed to
libnetdbpf. Fix the dependency issue in framework to make sure no
regression.
Test: -m CtsNetTestCases -t android.net.cts.TrafficStatsTest
Bug: 112334572
Change-Id: Ibd477bf17d18d516aa520fb1569f4a395ef9abf0
The proc file of xt_qtaguid module is not necessarily exist on future
devices. We should only check it if the device need to read the stats
file for network usage information.
Bug: 79938294
Test: NetworkUsageStatsTest TrafficStatsTest
Change-Id: I5ac6feef8b9a26daa68b381a985925e24b0d80af
This first version can serve discover/request/release, although there
are some small behavior changes with current implementation which will
be addressed later.
Also removes final modifiers on start() and stop() in FdEventsReader, to
allow mocking the methods in tests with the current mockito lib.
Test: Added tests pass, manual: flashed a device using the server
Change-Id: I025366ff7d51c4ba31152af50f3dd2b5e280a54d
For packages:
android.net.wimax
android.net.wifi.p2p.nsd
android.net.wifi.p2p
android.net.wifi.hotspot2.pps
android.net.wifi.hotspot2.omadm
android.net.wifi.hotspot2
android.net.wifi.aware
android.net.wifi
android.net.util
android.net.sip
android.net.rtp
android.net.nsd
android.net.metrics
android.net.lowpan
android.net.http
android.net.captiveportal
android.net
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Change-Id: Ie25423113ee1a8071cd5039382c00de6ce0af7fd
Merged-In: I520be7a4c79e68310c12e4f55bf66acaa94145a1
For packages:
android.net.wimax
android.net.wifi.p2p.nsd
android.net.wifi.p2p
android.net.wifi.hotspot2.pps
android.net.wifi.hotspot2.omadm
android.net.wifi.hotspot2
android.net.wifi.aware
android.net.wifi
android.net.util
android.net.sip
android.net.rtp
android.net.nsd
android.net.metrics
android.net.lowpan
android.net.http
android.net.captiveportal
android.net
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Change-Id: I520be7a4c79e68310c12e4f55bf66acaa94145a1
For packages:
android.app.usage
android.app.trust
android.app.timezonedetector
android.app.timezone
android.app.timedetector
android.app.job
android.app.backup
android.app.assist
android.app.admin
android.app
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Change-Id: I5d15d50344d7178617418846917f693cfabf006b
Merged-In: I618c5dc4462ae990d9df45c3e9ed3f092cc5138c
For packages:
android.app.usage
android.app.trust
android.app.timezonedetector
android.app.timezone
android.app.timedetector
android.app.job
android.app.backup
android.app.assist
android.app.admin
android.app
This is an automatically generated CL. See go/UnsupportedAppUsage
for more details.
Exempted-From-Owner-Approval: Mechanical changes to the codebase
which have been approved by Android API council and announced on
android-eng@
Bug: 110868826
Test: m
Change-Id: I618c5dc4462ae990d9df45c3e9ed3f092cc5138c
In order to properly support EOPNOTSUPP this CL
applies a consistent approach to handling Exceptions.
Hereafter, all exceptions that aren't of a special
method-specific type (such as SpiUnavailableException)
will all be returned to the calling process unchanged.
At the API call site, the ServiceSpecificException,
which is really an Errno, will be inspected and either
converted to an unchecked exception for types we know,
or it will be converted to an IOException in cases where
that method can return a checked exception. In cases
where we do not expect an errno, we will simply throw
a generic RuntimeException. This means all API calls
will now properly throw UnsupportedOperationException
and may be CTS tested accordingly.
Bug: 72420898
Test: runtest frameworks-net
Merged-In: I4a00e221618896223fcdb4b4279fb14cd14e34d8
Change-Id: I4a00e221618896223fcdb4b4279fb14cd14e34d8
(cherry picked from commit beed0b61b7)
LinkAddress constructors are currently @hide; this change updates
IpSecManager to use InetAddress and prefixLen, and then construct a
LinkAddress internally. LinkAddress is used over the binder interface to
IpSecService to ensure validity.
Bug: 77528639
Test: CTS, Java unit tests ran on walleye
Merged-In: I19e124adef6d9f4992d8293db3190bcf74c95848
Change-Id: I19e124adef6d9f4992d8293db3190bcf74c95848
(cherry picked from commit d39837f7e2)
Adds support for a new AppOp to permit services to
use IpSec tunnel mode. The IpSecService now needs
a context so change the service mode to a cached
service rather than a static service.
Bug: 66955045
Test: runtest frameworks-net
Merged-In: I17a4a286225b432c3e15ea1587d946189931b4f4
Change-Id: I17a4a286225b432c3e15ea1587d946189931b4f4
(cherry picked from commit 65ef843176)
Add a new MANAGE_IPSEC_TUNNELS permission and
protect all IPsec Tunnel mode APIs with it.
This permission is only granted to the system or
through an AppOp.
Bug: 66955045
Test: compilation
Merged-In: I0f618373b500c493ef2211bece681f74652a1833
Change-Id: I0f618373b500c493ef2211bece681f74652a1833
(cherry picked from commit 00e77247eb)
We've seen reports of negative values flowing through to attempt
being recorded, which will outright crash. This change does one
last-ditch check to see if we're about to work with negative values,
reporting any trouble and clamping them to zero so we don't crash.
This gives us the data we need to continue investigating without
triggering runtime restarts in the field.
Bug: 80057433
Test: atest android.net.NetworkStatsTest
Change-Id: I8174391c6cf5dadc2c2c10a8d841ee07e1f7d934
With the new xt_bpf support for iface stats. We no longer need to parse
the per interface stats from /proc/net/dev. And since the old xt_qtaguid
code path also not depend on it, we can completly remove that helper
function since no caller is depending on it now.
Bug: 72111305
Test: runtest frameworks-net -c com.android.internal.net.NetworkStatsFactoryTest
Change-Id: Icb7eaeef0eeb9fdffd32a90316c76ee05bafffbe
Merged-In: Icb7eaeef0eeb9fdffd32a90316c76ee05bafffbe
(cherry picked from aosp commit b815c978b81eee4b1494bd0b9d25bfad52f08b72)
After adding the xt_bpf module and ifaceStatsMap, eBPF tool can now
support reading per interface data. So networkStatsFactory should move
away from parsing proc/net/dev and use the eBPF map stats instead.
Bug: 72111305
Test: atest com.android.server.net.NetworkStatsServiceTest
Change-Id: Ibcc6150d00835b3bd33af22a72e4a86e172581cf
Merged-In: Ibcc6150d00835b3bd33af22a72e4a86e172581cf
(cherry picked from aosp commit dcc56783f5b945b16c9f5e50333fba557a7c3603)
With the new xt_bpf support for iface stats. We no longer need to parse
the per interface stats from /proc/net/dev. And since the old xt_qtaguid
code path also not depend on it, we can completly remove that helper
function since no caller is depending on it now.
Bug: 72111305
Test: runtest frameworks-net -c com.android.internal.net.NetworkStatsFactoryTest
Change-Id: Icb7eaeef0eeb9fdffd32a90316c76ee05bafffbe
After adding the xt_bpf module and ifaceStatsMap, eBPF tool can now
support reading per interface data. So networkStatsFactory should move
away from parsing proc/net/dev and use the eBPF map stats instead.
Bug: 72111305
Test: atest com.android.server.net.NetworkStatsServiceTest
Change-Id: Ibcc6150d00835b3bd33af22a72e4a86e172581cf
In order to properly support EOPNOTSUPP this CL
applies a consistent approach to handling Exceptions.
Hereafter, all exceptions that aren't of a special
method-specific type (such as SpiUnavailableException)
will all be returned to the calling process unchanged.
At the API call site, the ServiceSpecificException,
which is really an Errno, will be inspected and either
converted to an unchecked exception for types we know,
or it will be converted to an IOException in cases where
that method can return a checked exception. In cases
where we do not expect an errno, we will simply throw
a generic RuntimeException. This means all API calls
will now properly throw UnsupportedOperationException
and may be CTS tested accordingly.
Bug: 72420898
Test: runtest frameworks-net
Change-Id: I4a00e221618896223fcdb4b4279fb14cd14e34d8
Collecting network statistics is pretty heavy, which is why we're
throttling callers. However, to keep CTS running fast, we provide a
way for tests to force a poll event, instead of making them wait for
the throttle timeout.
Bug: 77908520
Test: atest cts/tests/tests/app.usage/src/android/app/usage/cts/NetworkUsageStatsTest.java
Change-Id: Ia792f0cd495023366ff8c4839df54e7da2ae8331
Hide the tunnel mode of the IpSec API because
there is a disincentive to launch it without
a supported customer use case. That use case,
IWLAN is having its APIs hidden, so we should
hide these as well to avoid constraining future
implementation.
Also, due to issues with the lifetime of the NATT
management object, this API needs to be hidden
until such time as the lifetime of the Keepalive
can be handled independently of the lifetime of
a Transform.
Bug: 72523623
Test: compilation (api removal)
Change-Id: I076030bdbab1cd7d69f6a034577d529970b050dc
This also avoids returning a nonzero multipath preference
if remaining data is low but nonzero.
Bug: b/72877610
Change-Id: I2459ded06de77d284ae1fe81a60d9e1df56b0c26
Fixes: b/72877610
Test: Tests in go/ag/3842960 pass
