This patch moves reportNetworkConnectivity onto the handler of
ConnectivityService.
This allows:
- to inspect NetworkAgentInfo on the ConnectivityService handler,
which is always more correct than doing so on a Binder thread.
- to improve locking policies around NetworkAgentInfo.
Test: $ runtest frameworks-net
Bug: 37119619, 36902662
Change-Id: I49a765826e65c29a1995242290e5e7544112c94e
This path changes a dangerous lock path in reportNetworkConnectivity().
This methods is called outside of the main ConnectivityService handler
and takes a lock on a specific NetworkAgentInfo whose connectivity
status is being reported.
While this lock is held, reportNetworkConnectivity() goes on and query
the network policy state for that network, which may ends into
NetworkPolicyManagerService.
Instead, the lock on NetworkAgentInfo is only held long enough to make a
copy of LinkProperties, which is then passed to
NetworkPolicyManagerService without that lock.
Bug: 36902662
Test: could not repro b/36902662, reportNetworkConnectivity() works.
$ runtest frameworks-net
Change-Id: Iac4b75bcecbdddb0ac695c8b1a87ae755f62f47f
Most @SystemApi methods should be protected with system (or higher)
permissions, so annotate common methods with @RequiresPermission to
make automatic verification easier.
Verification is really only relevant when calling into system
services (where permissions checking can happen on the other side of
a Binder call), so annotate managers with the new @SystemService
annotation, which is now automatically documented.
This is purely a docs change; no logic changes are being made.
Test: make -j32 update-api && make -j32 offline-sdk-docs
Bug: 62263906
Change-Id: I2554227202d84465676aa4ab0dd336b5c45fc651
Introduce a SharedLog that can be shared among all Tethering
components. All log entries go to the same log, and each includes
its subsystem name. Additionally, all entries emitted to the
system log shared the same tag, so can easily be watched.
More subsystems can inherit a SharedLog, but to minimize cherry-pick
conflicts we limit ourselves to these changes only.
Test: as follows
- built
- flashed
- booted
- log output observed via dumpsys
- runtest frameworks-net passes
Bug: 32163131
Bug: 36988090
Bug: 38218697
Merged-In: Ia9d15f0dcc49ce070f8684eb8c8481310859faa5
Merged-In: I2644f518304a03da469fb9c2aa01a6d8f1a97901
Change-Id: I1229d4c55987402d84b0d4a2c8a595e0c829aa3e
(cherry picked from commit 7747fd4ce055e8e1f6381062a58b867728f57d85)
For 464xlat scenarios on IPv6 networks, the clatd interface setup
introduces double counting of apps ipv4 traffic. NetworkStatsFactory was
accounting for this on the tx path, but not on the rx path. Also it did
not accounted for the 20 bytes added by the IPv6 header.
This patch subtract correctly the rx and tx traffic from the root uid on
the underlying interface, and also adds correctly the 20 bytes cost per
packet on the stacked interface for 464xlat traffic.
Test: added several new unit tests, based on synthetic data and real
data also.
Bug: 33681750
Change-Id: I4867fe181938d94b5594b3d88896a3c4e01d895c
Merged-In: I2675643b220acbc6110179fa937d4c313b6f5e32
(cherry picked from commit e1bb3a14d1ee1aba2f92e5bccf659774699eaffe)
This groups them together with the rest of the networking unit
tests. It also speeds up compile/test cycles ("runtest -x" of one
file goes from 1m15s to 30s).
Bug: 33681750
Test: runtest frameworks-net passes on internal tree
Merged-In: I53cb0c51355fe4b4b30e451fa09fbbf58da39efd
Change-Id: I5ae5dbf74c94feb0fe3759681e5e6d6fba62fa32
(cherry picked from commit c86013be936f36c61fa0cdfad95141f6de3c6ef7)
Update docs based on what new lint detector found. Add new @IntDef
to parameters or methods returning constants or flags, and add
@RequiresPermission to methods mentioning permissions.
Test: make -j32 offline-sdk-docs
Bug: 37526420
Change-Id: I7f640f7883fcb66b911a52ae93b83f77306571ec
If anything unrestricted is bundled in the whole thing has to be
unrestricted (we can't restrict based on destination or intent)
but the NOT_METERED flag wasn't taken into account.
This wasn't a problem before because telephony set that statically
and late, but a change caused it to be marked NOT_METERED earlier
which exposed this bug.
bug: 37208956
Test: new NetworkCapabilitiesTest. Fails without fix, works with.
Change-Id: I7b7a1c38621ce0ecde8cf041e82b1ebb7a9c6f15
This patch groups connect() events per netId. It adds netid and
transport information to serialized ConnectStatistics events.
Test: updated NetdEventListenerServiceTest
updated IpConnectivityMetricsTest
$ runtest frameworks-net passes
Bug: 34901696
Change-Id: Id0d536ff723ded5c26eafe0bb138ba75ba2856c5
Merged-In: I4769496383943e714a1d350c298e093c2ed57477
(cherry picked from commit dfc2cc5857199345e08f07977b79b20292f964a2)
This patch changes how DnsEvents are logged in IpConnectivityMetrics.
The following changes are made:
- DnsEventBatch are not logged after 100 queries on the same network
- this allows to merge DnsEvent and DnsEventBatch into one class
- DnsEventBatch are not logged after a network disconnect
- this allows to remove the NetworkCallback
- DnsEvent are now logged similarly to ConnectStats when statistics are
flushed, in a direct call from IpConnectivityMetrics into
NetdEventListenerService, in a direct call from IpConnectivityMetrics
into NetdEventListenerService.
- this allows to remove the Parcelable implementation of DnsEvent
- transports information is added to DnsEvent.
Test: - simplified NetdEventListenerServiceTest covering dns logging
- updated IpConnectivityEventBuilderTest
- updated IpConnectivityMetricsTest
- $ runtest frameworks-net passes
- manually verified $ adb shell dumpsys connmetrics list proto
Bug: 34901696
Change-Id: I4fcd0ad7a7b85d587647f471a90c1e53a18fc95a
Merged-In: Ia4b33fd4212741152662a2adbb0533bd1b4902ee
(cherry picked from commit 0699cf98042a64e41ee076c464eb115a6579be08)
This patch also
- partially reverts commit 7f818778a8
that exposed a getTransports method on NetworkCapabilities.
- moves enumerateBits to BitUtils (as unpackBits), and adds the
reverse packBit method.
Bug: 34901696
Test: manually looked at $ adb shell dumpsys connmetrics list
Change-Id: I1650daf8fc9c1b6e0d986d2285f81e888be8847f
Merged-In: Id04f9080e7f75608deeb49306aec34941e71794c
(cherry picked from commit df456e13a1127e3c8594b1d22ea4a9b3dca67a4b)
This path changes a dangerous lock path in reportNetworkConnectivity().
This methods is called outside of the main ConnectivityService handler
and takes a lock on a specific NetworkAgentInfo whose connectivity
status is being reported.
While this lock is held, reportNetworkConnectivity() goes on and query
the network policy state for that network, which may ends into
NetworkPolicyManagerService.
Instead, the lock on NetworkAgentInfo is only held long enough to make a
copy of LinkProperties, which is then passed to
NetworkPolicyManagerService without that lock.
Bug: 36902662
Test: could not repro b/36902662, reportNetworkConnectivity() works.
$ runtest frameworks-net
Change-Id: Iac4b75bcecbdddb0ac695c8b1a87ae755f62f47f
This change introduces new methods on DumpUtils that can check if the
caller has DUMP and/or PACKAGE_USAGE_STATS access. It then moves all
existing dump() methods to use these checks so that we emit
consistent error messages.
Test: cts-tradefed run commandAndExit cts-dev -m CtsSecurityTestCases -t android.security.cts.ServicePermissionsTest
Bug: 32806790
Change-Id: Iaff6b9506818ee082b1e169c89ebe1001b3bfeca
This patch removes from ConnectivityService the logic involved in
deciding if a uid has access to networking based on networking policies.
This logic is moved into NetworkPolicyManagerService which is the source
of truth with regards to the state of networking policie, both for
existing networks and uids.
Instead ConnectivityService directly queries NetworkPolicyManagerService
in a synchronous fashion for a specific uid or a (uid, network) pair.
This eliminates the need to keep a copy of the uid policy rules inside
ConnectivityService and ensures that ConnectivityService takes
networking decisions based on the correct state of networking policies,
and therefore eliminates certain data races in ConnectivityManager API
that applications are exposed to.
Test: $ runtest frameworks-net
$ runtest -x frameworks/base/services/tests/../NetworkPolicyManagerServiceTest.java
$ runtest -c com.android.server.net.ConnOnActivityStartTest frameworks-services
Bug: 32069544, 30919851
Change-Id: Ic75d4f7a8853e6be20e51262c4b59805ec35093a
The testNotificationsShownAndCleared test was not doing anything
because the list of notification to show was always empty.
This patch fixes this issue and actually makes the test loop on
non-empty collections, and also fixes another ordering issue in
assertions themselves, hidden until now by the first issue.
Test: runtest -x frameworks/base/tests/net/java/com/android/server/connectivity/NetworkNotificationManagerTest.java
Change-Id: I4837b1175d7c9133e9156e33acaa1e7e3341cc62
This patch adds transports info to ValidationProbeEvent and migrates
netId logging for this event to the topt-level netId field in
ConnectivityMetricsEvent.
Test: modified unit tests. $ runtest frameworks-net passes
Bug: 3490169
Change-Id: Ibf51049ba8901ae5ca4ea86e2f500944a4738b5c
This patch deprecates the ifname field for specific metrics events of
types DhcpClientEvent, DhcpErrorEvent, IpReachabilityEvent and
IpManagerEvent.
Instead ifnames are logged in ConnectivityMetricsEvent, allowing for
link layer inference.
Test: updated unit tests, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I8bfabcb115bbd5289471d653c153a40bb48f28cd
This patch adds translation from ConnectivityMetricsEvent to
IpConnectivityEvent of recently added fields:
- top-level network id
- top-level ifname
- transports
Also adds inference of link layer from transports or ifname.
At the moment these new fields are not populated in
ConnectivityMetricsEvent. Follow-up patches will fill this gap for
the events of the android.net.metrics package.
Test: new unit tests, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I563a6a3183470bdfaabb7c781a1beaf6b1058bf0
This avoids requiring the MANAGE_USERS permission in this function.
Bug: 32671528
Test: Manual. Also seeking unit test guidance from reviewer.
Change-Id: I841e721013b0e4b6db34d629a1e97b3cd54cd73b
This patch adds new fields to ConnectivityMetricsEvent to make it more
symmetric to IpConnectivityEvent in ipconnectivity.proto.
Follow-up patches will start populating these fields for users of
IpConnectivityLog.
Test: unit tests updated, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I396767cdfcf38cce893c0d6e1f4524f12e3fdc64
Now that ConnectivityMetricsEvent is only used for core networking
metrics and is not @SystemApi anymore, remove unused fields and prepare
for additional new fields.
Test: updated unit tests, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I15abad19981d491f16f2a3afe401f1e833079907
This patch adds a few missing counters to APF events:
- an actual lifetime duration to ApfProgramEvent.
- counters for total number of updates to ApfStatistics.
ApfProgramEvents are now recorded at program removal in order to
populate the actual lifetime of the program. ApfProgramEvents whose
actual lifetime was less than 1 second are filtered out.
Finally, instance fields of ApfProgramEvent and ApfStats classes are
made mutable to allow for simple record-like creation. This was not
possible when these classes were tagged @SystemApi.
Test: - manually verified output of $ dumpsys connmetrics list
- unit tests updated.
Bug: 34901696
Change-Id: I02694ebb9421ce1c2aa757fa6aa209d19a654dcd
