This commit removes @SkipPresubmit annotations in IpSecManagerTest to
re-enable Tcp6 tests in presubmit, since b/186608065 is fixed.
This commit also addresses nits in previous code reviews that include:
- Make EspAuthNull, EspAeadCipher, EspCryptCipher, EspCipherNull
final classes
- Rename "INSTANCE" to "sInstance", "IPSEC_MANAGER" to "sIpSecManager"
- Rename protected field "iv" to "mIv"
- Use ArraySet instead of HashSet
- Remove unnecessary "public" and "final" in IpSecAlgorithmImplTest
Bug: 171083832
Test: atest IpSecAlgorithmImplTest
Original-Change: https://android-review.googlesource.com/1729418
Merged-In: Idde90ce5e4fc6f56ad617d5ba9735b1bcc2ce8cd
Change-Id: Idde90ce5e4fc6f56ad617d5ba9735b1bcc2ce8cd
This CL adds a test to verify kernel implementation of AES-CMAC
Since there is no hardware that first launched with SDK beyond R
at the time of writing this CL, the test for AES-CMAC was manually
enabled and verified on redfin (redfin kernel already supports
AES-CMAC)
Bug: 171083832
Test: atest IpSecAlgorithmImplTest
Original-Change: https://android-review.googlesource.com/1697312
Merged-In: I8b7ee9272722aebdd84ca02475a6107ef61287a9
Change-Id: I8b7ee9272722aebdd84ca02475a6107ef61287a9
This CL adds a test to verify kernel implementation of AES-XCBC.
Since there is no hardware that first launched with SDK beyond R
at the time of writing this CL, the test for AES-XCBC was manually
enabled and verified on coral (coral-kernel already supports
AES-XCBC)
Bug: 171083832
Test: atest IpSecAlgorithmImplTest
Original-Change: https://android-review.googlesource.com/1503696
Merged-In: I57e2bbed2954e4c7de906caae20390f7aebac0e3
Change-Id: I57e2bbed2954e4c7de906caae20390f7aebac0e3
This CL adds a test to verify kernel implementation of AES-CTR
Since there is no hardware that first launched with SDK beyond R
at the time of writing this CL, new tests for AES-CTR were manually
enabled and verified on coral (coral-kernel already supports
AES-CTR)
Bug: 171083832
Test: atest IpSecAlgorithmImplTest
Original-Change: https://android-review.googlesource.com/1503695
Merged-In: Ib626a6c3999b7d682d0858e92d0dbb5138fdc45d
Change-Id: Ib626a6c3999b7d682d0858e92d0dbb5138fdc45d
This CL adds the test infra for testing kernel implementation of IPsec
algorithms and a test for ChaCha20Poly1305
Since there is no hardware that first launched with SDK beyond R at the
time of writing this CL, the test for ChaChaPoly was manually
enabled and verified on the pixel with an updated kernel
Bug: 171083832
Test: atest IpSecAlgorithmImplTest
Original-Change: https://android-review.googlesource.com/1503694
Merged-In: Ia29540c7fd6848a89bfa2d25c6a87921e45d98da
Change-Id: Ia29540c7fd6848a89bfa2d25c6a87921e45d98da
This CL adds support to configure the IPsec algortihms to build
EspHeader.
This is a prepration CL to test kernel implementation of IPsec
algorithms.
Bug: 171083832
Test: atest CtsNetTestCases
Original-Change: https://android-review.googlesource.com/1503693
Merged-In: I53f59815d6cb879dae622fcbd17616564a97111a
Change-Id: I53f59815d6cb879dae622fcbd17616564a97111a
Allow test caller to construct a TestNetworkRunnable to run a
test with a test network.
This is a preparation for adding tests to verify kernel
implementation of IPsec algorithms.
Bug: 171083832
Test: atest Ikev2VpnTest
Original-Change: https://android-review.googlesource.com/1503692
Merged-In: I0e08a6ea299e6ad94d69806a2d76fa155653b62a
Change-Id: I0e08a6ea299e6ad94d69806a2d76fa155653b62a
Per-app network functionality assumed all apps were installed for user 0
which is not always the case. This fix will address that by checking for
the existance of an app for all users and adding it to the per-app
network preference as was originally intended. Prior, no apps were
included if they were not installed for user 0 even if they were
available for another user such as user 10 in automotive.
Bug: 189838408
Test: atest FrameworksNetTests
atest FrameworksNetIntegrationTests
atest CtsNetTestCases
Original-Change: https://android-review.googlesource.com/1723617
Merged-In: I7d75cdb02041e7a202254be2eaeca6c2b02d7c29
Change-Id: I7d75cdb02041e7a202254be2eaeca6c2b02d7c29
1. Dump both upstream and downstream rules.
2. Also dump rule last used time.
Test: manual
Bug: 190783768
Original-Change: https://android-review.googlesource.com/1737394
Merged-In: I3fffbf4a5dea68e61349de8b41bea49b8a319f86
Change-Id: I3fffbf4a5dea68e61349de8b41bea49b8a319f86
This provides a better way to tell whether traffic is flowing.
Test: manual
Bug: 190783768
Original-Change: https://android-review.googlesource.com/1737393
Merged-In: If557b0a18fc0aea1bf6a65d91547fc1930098ed0
Change-Id: If557b0a18fc0aea1bf6a65d91547fc1930098ed0
Starting with API level 31, the subscriberId is applicable
for the wifi network. Considering applications may use
null or an empty string as subscriberId (for instance, cts),
frameworks create MATCH_WIFI_WILDCARD NetworkTemplate when querying
wifi network with null or an empty string which is the behavior before
API level 31.
Bug: 188915450
Test: atest -c NetworkStatsManagerTest
Merged-In: Id4ae06840e1749997e970b8f1ec391060967bd47
Change-Id: Id4ae06840e1749997e970b8f1ec391060967bd47
This CL updates NetworkCapabilities to retain configured subscription
IDs for Test NetworkCapabilities. Previously, they were cleared in
restrictCapabilitiesForTestNetwork().
Bug: 182291467
Bug: 189125789
Test: atest Ikev2VpnTest IpSecManagerTunnelTest
Test: atest CtsVcnTestCases
Change-Id: I0e1bc617910c9e8ac7b431572f276b1611acc1cb
Merged-In: I0e1bc617910c9e8ac7b431572f276b1611acc1cb
(cherry picked from commit a262a9d3d5)
This CL updates TestNetworkService to fully setup test TUN
interfaces when created. Previously, the interface was only
created in netd when the Test Network was created.
Bug: 182291467
Bug: 189125789
Test: atest Ikev2VpnTest IpSecManagerTunnelTest
Change-Id: I4c1262e566517bbb03dd610f595e4d18bc4e7735
Merged-In: I4c1262e566517bbb03dd610f595e4d18bc4e7735
(cherry picked from commit 615237a818)
Adapt NsdServiceTest to its new mechanism for starting/stopping daemons.
Also, add a new test for the new self-cleanup mechanism.
Bug: 181810560
Test: atest NsdServiceTest
Original-Change: https://android-review.googlesource.com/1719018
Merged-In: I4c485a5d8fb4d6f52d82633a579bce4feb5c6375
Change-Id: I4c485a5d8fb4d6f52d82633a579bce4feb5c6375
Currently, when a network that uses 464xlat is torn down,
NetworkCallbacks will receive onLinkPropertiesChanged after
onLost. This is confusing and incorrect.
The incorrect callback is sent because handleLinkProperties
checks that the netId of the agent still exists, not that the
NetworkAgent is still registered. This is normally correct,
because the NetworkAgent is removed from mNetworkAgentInfos and
the netId are removed from mNetworkForNetId by the same method,
disconnectAndDestroyNetwork.
In this specific case it's not correct, because the call to
handleUpdateLinkProperties is from disconnectAndDestroyNetwork
itself via nai.clatd.update and calls Nat464Xlat#stop.
No other callers of handleUpdateLinkProperties are affected
because:
- EVENT_NETWORK_PROPERTIES_CHANGED is called only by
maybeHandleNetworkAgentMessage, which first checks that the
NetworkAgent is registered.
- handlePrivateDnsSettingsChanged only looks at registered
NetworkAgents (it loops over mNetworkAgentInfos).
- handlePrivateDnsValidationUpdate, handleNat64PrefixEvent and
handleCapportApiDataUpdate call getNetworkAgentInfoForNetId,
which will correctly determine that the agent is no longer
registered, since they run on the handler thread and thus
cannot run at the same time as disconnectAndDestroyNetwork.
The existing code contains a check for the netId being current.
This is intended to ensure that an update from a NetworkAgent
cannot affect another agent with the same Network. This extra
check is not necessary, because code running on the handler
thread can never observe a NetworkAgent in mNetworkAgentInfos
unless mNetworkForNetId maps that NetworkAgent's Network to that
NetworkAgent. This is because mNetworkForNetId is updated by the
same methods as mNetworkAgentInfos, and those updates occur on
the handler thread. So all code on the handler thread will see
those two as consistent.
Bug: 176496580
Test: atest FrameworksNetTests CtsNetTestCases HostsideVpnTests
Original-Change: https://android-review.googlesource.com/1727829
Merged-In: I944f4c6ad36206bdccd85a6ea7ef71324a29c685
Change-Id: I944f4c6ad36206bdccd85a6ea7ef71324a29c685
Ensure that NetworkCallbacks and netd operations are accounted
for. Also add a test for the spurious onLinkPropertiesChanged
callback that is currently send out after onLost.
Bug: 176496580
Test: atest ConnectivityServiceTest
Original-Change: https://android-review.googlesource.com/1729093
Merged-In: I69cf58bc87dfe55ea359a2cd76167d03fe2c953d
Change-Id: I69cf58bc87dfe55ea359a2cd76167d03fe2c953d
- Add default network priority to NetworkRequestInfo.
- The default network priority value is used when issue uid
ranges rules to netd. Netd will use the priority value and uid
ranges to generate corresponding ip rules specific to the given
network preference.
Bug: 171872461
Test: atest FrameworksNetTests
Ignore-AOSP-First: Needs cherry-picks
Change-Id: I0ea71b348492aeb4784d487bed4cfd5d387426ba
- Add more tests for mobile data preferred uids.
- Also address leftover comments on implementation commit.
Bug: 171872461
Test: atest FrameworksNetTests
Ignore-AOSP-First: Needs cherry-picks
Change-Id: I63f65bffc1b8883ddfd774222e26e629d7ea1f94
