Needed because a payload data packet may have gone through
non-offload path, before we added offload rules, and that this
may result in in-kernel conntrack state being in ESTABLISHED
but pending ACK (ie. UNACKED) state. But the in-kernel conntrack
might never see the ACK because we just added offload rules.
As such after adding the rules we need to force the timeout back
to the normal ESTABLISHED timeout of 5 days.
Issue: the timeout is set to unacknowledged 300s (countdwon to 298s)
$ adb shell cat /proc/net/nf_conntrack
ipv4 2 tcp 6 298 ESTABLISHED src=192.168.244.128
dst=140.112.8.116 sport=45694 dport=443 ..
Test: atest TetheringCoverageTests
Manual check:
$ adb shell cat /proc/net/nf_conntrack
ipv4 2 tcp 6 431988 ESTABLISHED src=192.168.40.162
dst=140.112.8.116 sport=40774 dport=443 ..
Bug: 190783768
Bug: 192804833
Change-Id: I8c34e85e26c9d976e5e2b85473db75ff46d8abd4
This is a preparation for only update the tcp timeout while
adding rules. Also add slack time for updating UDP timeout
interval.
Bug: 190783768
Bug: 192804833
Test: atest TetheringCoverageTests
Change-Id: I3151b531e6581e257f3cfa39ad2fcf1650358b3d
This ensures classes are used from the service-connectivity jar, instead
of using classes from the system_server bootclasspath when there is a
name conflict.
Any developer adding a future class should do so in a subpackage of
com.android.connectivity (such as com.android.connectivity.server).
Otherwise, jarjar rules need to be added manually until b/180995093 is
fixed.
Also update current jarjar rules so that classes are jarjared to
com.android.connectivity.[original name], making it easier to find the
original source. This is consistent with the wifi module.
Bug: 193086215
Test: atest CtsNetTestCases
dexdump on service-connectivity.jar shows no classes outside of
com.android.connectivity and com.android.server
Change-Id: I2aadeca32751267b74d4fd2fd93bb3e8c62e46c0
Currently netd supports only the default value for VPN but CS
send priorty value 1 to netd. It will break the default routing
for VPN. Thus, update network preference priority value to 0 for
VPN.
Bug: 193245476
Test: atest CtsHostsideNetworkTests:HostsideVpnTests
Change-Id: I197cb358e8e30355fbf675e4c623abebe7abdb7f
- Remove ipv4MappedAddressBytesToIpv4Address because it can be covered
by parseIPv4Address.
- Remove IllegalArgumentException from parseIPv4Address because it has
never happened
- Reverse the order of upstream and downstream timeout refreshing in
refreshAllConntrackTimeouts for readability because both source and
destination of the downstream are opposite direction to the
upstream.
Bug: 190783768
Bug: 192804833
Test: atest TetheringCoverageTests
Change-Id: I6a1e44777a4357dd3847c2e2bb1fc6c3cf01617c
Internal utils are generally jarjared by connectivity jarjar rules, but
ArrayUtils is not actually statically linked into the tests, so this
makes the ConnectivityCoverageTests fail. FrameworksNetTests has been
fine because it does not use jarjar, but does not exercise updated code
because of that.
Remove usage of the hidden utility, as there are reasonable alternatives
with non-hidden APIs that avoid other breakages long-term.
Bug: 187935317
Test: atest ConnectivityCoverageTests:ConnectivityServiceTest
Change-Id: I8ed85b941c3d1028771a5ac33196b1509a95789d
Rename net-module-utils-srcs to connectivity-module-utils-srcs.
This is done as the module utils are made specific to
service-connectivity to contain only classes used by
service-connectivity.
Bug: 192998401
Test: Tests prepared in next change
Change-Id: I354f4b84aa90cc12579c4db5479cf2de1dc9cf5d
registerSystemDefaultNetworkCallback no longer throws
UnsupportedApiLevelException as it has compatibility behavior down to Q,
so remove the catch clause for the checked exception.
The exception would previously not be thrown since the Tethering module
is only running on R+.
Bug: 182961265
Test: atest TetheringTests
Change-Id: I3c58235f3a59294995e5f32502fec6ccd17a3cf0
- Add a new transport type for USB and a new network capability
to support automotive head unit.
- In order to pass DnsManagerTest#testTransportTypesEqual, Android.bp
needs to link to dnsresolver_aidl_interface-V8-java. That test checks
whether the TRANSPORT types defined in NetworkCapabilities are the
same as IDnsResolver.aidl.
(clean cherry-pick of change in downstream branch history, original
change ID before project move:
Iec2df09a776d779108f95098e01b7ffdf6f8867a)
Bug: 181742019
Test: atest FrameworksNetTests
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Change-Id: Ie438ec68577ebdaaf990795fa27f1169b0105411
When NetworkRequestInfo#binderDied is called in ConnectivityService,
only pass the NRI to handleRemoveNetworkRequest. This is to prevent a
potential crash when unlinkDeathRecipient is called twice for the same
NRI.
Also, as a cleanup, don't iterate mRequests in the log message on binderDied.
As per the bug, the chain of events leading to a potential crash are:
- `Connectivity.NetworkRequestInfo#binderDied()` is called for an NRI
tracking multiple `NetworkRequest` items. This can happen for a TRACK_DEFAULT
request filed by a UID on a different preference than the default, which
copies the request list.
- This in turn triggers multiple `EVENT_RELEASE_NETWORK_REQUEST` events
for the same NRI, one for reach `NetworkRequest` tracked.
- When handling `EVENT_RELEASE_NETWORK_REQUEST`, each `NetworkRequest`
that is passed in will then be used to look up the parent NRI that originally
sent it to be released.
- Therefore if an NRI was tracking three requests, it would trigger three
release network events, then each request would be used to look up the
same NRI again when handling said release event.
- Finally, `ConnectivityService.NetworkRequestInfo#unlinkDeathRecipient` is
called for the NRI in question. Using the scenario above, that means we could
call `unlinkDeathRecipient` multiple times for the same NRI if it was tracking
multiple network requests causing the associated crash.
- If `unlinkDeathRecipient` is called more than once for the same NRI, it will
cause the crash listed in this bug.
- The fix is to only call handleRemoveNetworkRequest for the NRI once. This
works since when removing the NRI, we iterate over all of its requests to
remove them. By only calling handleRemoveNetworkRequest once, it's ensured
`unlinkDeathRecipient` for this NRI as part of
`Connectivity.NetworkRequestInfo#binderDied()` is only called once and not
potentially multiple times.
Bug: 185541983
Test: atest FrameworksNetTests
Change-Id: I2a2ad4ec6d415423182a1856a898779203658f8b
- Each network preference has been assigned a priority value so
that netd can know which uid range rule has higher priority. So
remove the restriction that all network preferences are
exclusive.
- Add priority check when getting request for uid.
Bug: 171872461
Test: atest FrameworksNetTests
(cherry-pick from ag/14731887)
Merged-In: I6912db753c8b4a194aa7af92b01ca6dcfec10d8b
Change-Id: I6912db753c8b4a194aa7af92b01ca6dcfec10d8b
Replace network[Add|Remove]UidRanges to
network[Add|Remove]UidRangesParcel. The new methods are passing
NativeUidRangeConfig which contains priority value for each uid
range rules.
Bug: 171872461
Test: atest FrameworksNetTests
Test: atest HostsideVpnTests
(cherry-pick from ag/14911836)
Merged-In: I08bbdbcb8450b08e6208fa730137348550f9e3d2
Change-Id: I08bbdbcb8450b08e6208fa730137348550f9e3d2
testGetMultipathPreference assumes that wifi will auto-reconnect after
changing its metered status, but this is not necessarily the case if the
BSSID has been blocklisted after it failed validating too many times.
Call ensureWifiConnected to force wifi to reconnect before waiting for
it to become metered.
Bug: 190913510
Test: atest ConnectivityManagerTest
Change-Id: Iafe9837b97e4d654bb0f3962d48a94c1f31bbebc
qtaguid is long dead - test is thus a no-op
New test logs:
Running Tests...
x86 CtsNativeNetTestCases
-------------------------
CtsNativeNetTestCases (1 Test)
[1/1] BpfTest#bpfStructSizeTest: PASSED (0ms)
Summary
-------
x86 CtsNativeNetTestCases: Passed: 1, Failed: 0, Ignored: 0, Assumption Failed: 0,
All tests passed!
Test: atest CtsNativeNetTestCases, TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I9ff784dbfda0ce981904d53eacb7bc831cbe81da
This test is required to ensure that the system is compatible
with future updates of the tethering mainline module, which
updates BPF .o files on device.
This test must already be passing on OEM devices because otherwise
the offload.o program in the Tethering mainline module would bootloop
the device.
Bug: 190519702
Test: atest CtsNativeNetTestCases, TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ibaedb8fcb28591ffba1506514f2305d55712a26b
Connect can error with BUSY if the framework is busy when connect is
called. Add retries so that if this happens, the connection can succeed
after the framework stops being busy.
Also log the level of scan results when several configurations are
available, and clarify the legacy broadcast assert.
Bug: 188077861
Test: atest CtsNetTestCases
Change-Id: I99ce72bd2604489cb419ea9984643b6985728461
The internal structure backing getAllNetworks is updated after
invoking lost callbacks, so the test needs to wait for the handler
to be idle before calling getAllNetworks.
Also avoid assertions in finally clauses, as it causes confusing
error messages.
Bug: 185081944
Change-Id: I8ad5ab45a3e65b0031672e6f594b1a6d6ad5abcb
Test: atest ConnectivityServiceTest
The test relied on waitForIdle to ensure diagnostics callbacks were called,
but as this may require several iterations in the handler queue, this makes
the test unreliable.
Use mockito timeouts on the verify() calls instead.
Bug: 192651465
Change-Id: Iae1704af7ae3649eae301c6aee223ac753629d55
Test: atest ConnectivityServiceTest
Address a TODO to use WifiManager#connect to reconnect wifi, instead of
WifiManager#reconnect. #connect also clears the BSSID denylist; that
list has caused flakyness due to tests that cause the network not to
validate such as captive portal or invalid private DNS behavior tests,
causing wifi to ignore the access point in reconnect attempts.
Bug: 188077861
Test: atest CtsNetTestCasesLatestSdk
Change-Id: I5a11a802db8a4881c161e6038c1c183d2ac23a05
If config_tether_ncm_regexs is configured, load it to
tetherableUsbRegexs if ncm is used for TETHERING_USB. Load it to
tetherableNcmRegexs if ncm is used for TETHERING_NCM.
Bug: 185649441
Test: atest TetheringTests
Change-Id: I0c542560bd04e8c0a6a78d632da5a00a34d9a3fa
Before this change, usb IpServer would be created if corresponding
interface is available even there is no enable tethering attempt. And
usb IpServer only be disabled when interface is removed. Usb tethering
could not be stopped if interface is always avaialbe.
After this change, usb IpServer would be enabled and disabled according
to ACTION_USB_STATE.
Bug: 185649441
Test: atest TetheringCoverageTests
atest MtsTetheringTestLatestSdk
atest CtsTetheringTest
Change-Id: I8375e3f998d677dc658370b2553facaec0d5ff7c
