This reverts commit 97482de1fd.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: Ibdaad3a4cbf0d8ef1ed53cfab1e454b9b878bae9
This reverts commit e7094673d5.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: I0c00e8f0e30cee987b71b561079a97bf09d4dae4
This reverts commit 78d5ac4f8f.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: I5fbb3443a39a21fc9d96442726cd10d20e8d61cd
This reverts commit 20204cdf6a.
Reason for revert: This change has been implicated in 4-way deadlocks as seen in b/134244752.
Bug: 134244752
Change-Id: I64b48d575f2e6ec4cb7d2d100a859a30af0501dc
(cherry picked from commit 20204cdf6a)
Covers the case where the majority of traffic through the VPN is
caused by the VPN app itself, and ensures that that traffic is
correctly attributed to the VPN app as opposed to spread between
the other apps that use the VPN.
Bug: 120145746
Test: atest NetworkStatsServiceTest
Change-Id: Ibd7646dc088fa4180abd696e89c3148ff34ce190
Merged-In: Iffd3f95fc2e11d311691a797b010edb38d2ef3c6
(cherry picked from commit 78d5ac4f8f)
Note, that its in a separate CL so we could cherry-pick this CL to aosp.
http://ag/7700679 is already in aosp (http://aosp/865073).
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Change-Id: Ic1767bc8bf1460e4223f86465fc72344428e6055
Merged-In: I7cfda226b4ed11b67002b83b38fba0f5caf96718
Split-tunnel VPN (which are the only ones affected by this change)
always fall through to the default network for routes they don't
handle, and even if the underlying network(s) don't provide access
this may be a pinhole that can actually reach the broader network.
In practice this behaves like the original release of P and is the
safest thing to do for Q. In R we should evaluate giving the VPN
app the ability to simply tell the network stack whether it does
provide Internet access or not.
Bug: 119216095
Test: FrameworksNetTests NetworkStackTests
Change-Id: I262ca41fe0225660551c9a421562405366b6acac
Merged-In: I262ca41fe0225660551c9a421562405366b6acac
(cherry picked from commit 6d5a4a3b1d1c69eb8a542fecf5e8a306822c19b7)
Split-tunnel VPN (which are the only ones affected by this change)
always fall through to the default network for routes they don't
handle, and even if the underlying network(s) don't provide access
this may be a pinhole that can actually reach the broader network.
In practice this behaves like the original release of P and is the
safest thing to do for Q. In R we should evaluate giving the VPN
app the ability to simply tell the network stack whether it does
provide Internet access or not.
Bug: 119216095
Test: FrameworksNetTests NetworkStackTests
Change-Id: I262ca41fe0225660551c9a421562405366b6acac
* changes:
Add one more test for VPN usage stats.
Addressing comments for http://ag/7700679.
NetworkStatsService: Fix getDetailedUidStats to take VPNs into account.
Take all VPN underlying networks into account when migrating traffic for VPN uid.
Covers the case where the majority of traffic through the VPN is
caused by the VPN app itself, and ensures that that traffic is
correctly attributed to the VPN app as opposed to spread between
the other apps that use the VPN.
Bug: 120145746
Test: atest NetworkStatsServiceTest
Change-Id: Iffd3f95fc2e11d311691a797b010edb38d2ef3c6
Note, that its in a separate CL so we could cherry-pick this CL to aosp.
http://ag/7700679 is already in aosp.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Change-Id: I7cfda226b4ed11b67002b83b38fba0f5caf96718
(cherry picked from commit 2af0b66aba)
This API is similar to one provided by NetworkStatsFactory with the
difference that NSS also migrates traffic from VPN UID to other apps.
Since traffic can only be migrated over NetworkStats delta, NSS
therefore maintains NetworkStats snapshot across all UIDs/ifaces/tags.
This snapshot gets updated whenever NSS records a new snapshot
(based on various hooks such as VPN updating its underlying networks,
network getting lost, etc.), or getDetailedUidStats API is invoked by
one of its callers.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: manually verified that battery stats are migrating traffic off of
TUN (after patching above CL where we point BatteryStats to use this
API).
Change-Id: I4b8d7c5b6905a4a12c1806dfd35c2c4c63610404
VPN uid.
(cherry picked from commit 612520f544)
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: Manually verified on device that stats from VPN UID are moved
appropriately based on its declared underlying network set.
Test: vogar --mode app_process --benchmark NetworkStatsBenchmark.java
Change-Id: I7f368c5970b2dcb969fe0daf5ef44edb1f51d09d
Also :
- Fix testUidFilteringDuringVpnConnectDisconnectAndUidUpdates that
was failing on devices with a first released SDK >= Q
- Add a test actually tests that the system has the permission, as
the test was only testing what's in the mock
Bug: 119770201
Test: New test making sure this stays true
Merged-In: I74cf5f0fa17fcf818f1fed78c7e3e4375c20152e
Change-Id: I0daa644fbad8e389ad7cfa66c0e3b3480c8bb50a
(cherry picked from commit 629b49d58fe8d108a3d7d47a21471aff913c6b34)
This is the most common test library for Connectivity tests. It is
meant to be usable in framework tests, network stack tests, CTS,
GTS. To achieve that, it can only depend on framework classes.
Bug: none
Test: NetworkMonitorTest
Test: NsdManagerTest
Test: ConnectivityServiceTest
Test: OffloadControllerTest
Test: NetworkStatsObserversTest
Test: NetworkStatsServiceTest
(all the touched classes)
Change-Id: Ic47cbe7ba0e407145fa6bc49bb2adb3c5937dbc4
Also :
- Fix testUidFilteringDuringVpnConnectDisconnectAndUidUpdates that
was failing on devices with a first released SDK >= Q
- Add a test actually tests that the system has the permission, as
the test was only testing what's in the mock
Bug: 119770201
Test: New test making sure this stays true
Change-Id: I74cf5f0fa17fcf818f1fed78c7e3e4375c20152e
This is a follow-up commit for aosp/955431 to update commets
and minor updates in unit test.
Test: atest com.android.server.ConnectivityServiceTest#testCaptivePortalOnPartialConnectivity
Bug: 130683832
Change-Id: I581eae8daeddd2c4c186e7b40e27fef2aaa7ab43
Merged-In: I9087ef791b3fee5399ba8e83ef9d8a544845a4dd
Merged-In: I4424663292c5ad29eb7a888fa6975835721a5d2e
(cherry picked from commit 3d3a9fff7b7fa0df4ee627cb082668e642d6f754)
Once a network is determined to have partial connectivity, it
cannot go back to full connectivity without a disconnect. This
is because NetworkMonitor can only communicate either
PARTIAL_CONNECTIVITY or VALID, but not both. Thus, multiple
validation results allow ConnectivityService to know the real
network status.
Bug: 129662877
Bug: 130683832
Test: atest FrameworksNetTests
Test: atest NetworkStackTests
Test: atest --generate-new-metrics 50
NetworkStackTests:com.android.server.connectivity.NetworkMonitorTest
Test: Simulate partial connectvitiy
Change-Id: I406c9368617c03a2dd3ab15fb1f6dbf539d7c714
Merged-In: I243db4c406cca826e803c8035268bc0c6e6e01e2
(cherry picked from commit 4532abd4d2af9ad118873a63cafc6028ed87c52e)
This is a follow-up commit for aosp/955431 to update commets
and minor updates in unit test.
Test: atest com.android.server.ConnectivityServiceTest#testCaptivePortalOnPartialConnectivity
Bug: 130683832
Change-Id: I581eae8daeddd2c4c186e7b40e27fef2aaa7ab43
When unregistering callback due to ON_UNAVAILABLE did not check for
a non-null callback.
Bug: 132950880
Test: atest ConnectivityServiceTest
Merged-In: Ib3fde31d88c36469cdee1e3578606d130a9817cb
Change-Id: Ib3fde31d88c36469cdee1e3578606d130a9817cb
(cherry picked from commit 51ddc176abd23bd3ddbc26124e5541a983a1db07)
Once a network is determined to have partial connectivity, it
cannot go back to full connectivity without a disconnect. This
is because NetworkMonitor can only communicate either
PARTIAL_CONNECTIVITY or VALID, but not both. Thus, multiple
validation results allow ConnectivityService to know the real
network status.
Bug: 129662877
Bug: 130683832
Test: atest FrameworksNetTests
Test: atest NetworkStackTests
Test: atest --generate-new-metrics 50
NetworkStackTests:com.android.server.connectivity.NetworkMonitorTest
Test: Simulate partial connectvitiy
Change-Id: I406c9368617c03a2dd3ab15fb1f6dbf539d7c714
When unregistering callback due to ON_UNAVAILABLE did not check for
a non-null callback.
Bug: 132950880
Test: atest ConnectivityServiceTest
Change-Id: I8f3322963f322e6690f1403681bf66e8b38b35f8
Delete the unused NetworkManagementService API for set/remove
permissions. Use PERMISSION_NONE to replace NO_PERMISSIONS so the
framework now use the same set of permission constant when communicate
with netd.
Bug: 128944261
Test: PermissionMonitorTest.java
Change-Id: I25224c9576f52d2a0a0bd2182325c7aac7b28eb5
Merged-In: I25224c9576f52d2a0a0bd2182325c7aac7b28eb5
(cherry picked from commit 05887f99c6ca6885db737af2f356023dc6de80a2)
Currntly, keepalive slot is released when stop() is called. Next
starting keepalive can use the same slot number while previous
keepalive is still stopping. When the previous keepalive is
stopped, the incoming as will be processed by the new keepalive.
This change release keepalive slot after the result of stopping
has returned. Thus, newly created keepalive cannot allocate the
same slot number while lower layer is still processing stop event.
This change also disable flaky assertions that are caused by
test port has been occupied by other process.
Bug: 129512753
Test: 1. atest com.android.server.ConnectivityServiceTest \
#testNattSocketKeepalives --generate-new-metrics 100
2. atest FrameworksNetTests --generate-new-metrics 10
3. simulate the fail case manually.
Change-Id: I790f6bbc5efc3f088034ac45ec379da5f781d0ca
Merged-In: I1991627545519ee5cb408a3df3a006f710f4af7b
(cherry picked from commit 3523a3d02a1f88a3990ab9cc4948c705ecc713c8)
Currently, strict mode private DNS does not work on VPNs because
NetworkMonitor does not validate VPNs. When a VPN connects, it
immediately transitions to ValidatedState, skipping private DNS
hostname resolution.
This change makes NetworkMonitor perform private DNS hostname
resolution and evaluation even on VPNs.
In order to ensure that the system always immediately switches to
the VPN as soon as it connects, remove the unvalidated penalty
for VPN networks. This ensures that the VPN score is always 101
and the VPN always outscores other networks as soon as it
connects. Previously, it would only outscore other networks
when no-op validation completed.
Bug: 122652057
Test: atest FrameworksNetTests NetworkStackTests
Test: manually ran a VPN with private DNS in strict mode
atest android.net.cts.ConnectivityManagerTest com.android.cts.net.HostsideVpnTests
Change-Id: Iaa78a7edcf23755c89d7b354edbc28d37d74d891
Merged-In: Iaa78a7edcf23755c89d7b354edbc28d37d74d891
(cherry picked from commit 414b8c8b1ce8ae2ad6ef95c1ffba19062077d3e6)
