This change adds support for IPsec forward policies, which are necessary
for packets to be allowed to be forwarded to another interface, as is
the case with tethering. This is necessary and useful only within the
system server, and as such is not exposed as a public API.
This change is safe, since the addition of a FWD policy on IPsec tunnel
interfaces will by default block forwarded traffic (as would be the case
without this patch). In the event that the (system) owner of the tunnel
requires support for forwarded packets (eg tethering), this patch allows
application of transforms in the FWD direction as well.
This will be used to ensure that the VCN can be used as the underlying
network for the purposes of tethering.
Bug: 185495453
Test: atest IpSecServiceTest
Test: atest IpSecServiceParameterizedTest
Test: manual testing with tethering over VCN
Change-Id: I74ecea71f1954029f6fbdbe34598c82e0aac386b
Address API review feedback, add getters to UnderlyingNetworkInfo
instead of exposing fields.
Instead of wasting memory by converting this into an array, have
migrateTun take a List<String>. In turn, tunAdjustmentInit should
also take a List<String>.
(cherry picked from ag/14211075)
Bug: 183972554
Test: atest android.net.UnderlyingNetworkInfoTest
Merged-In: Id59744097208d91298a25ef110ade91a9cf291a1
Change-Id: Id59744097208d91298a25ef110ade91a9cf291a1
Address API council feedback, add getters to NetworkStateSnapshot
instead of exposing the bare fields directly.
(cherry picked from ag/14233655)
Bug: 183972826
Test: FrameworksNetTests
Merged-In: Id1707753b42ae88d2b95e4bd00a792609434e4f5
Change-Id: Id1707753b42ae88d2b95e4bd00a792609434e4f5
Carrier merged wifi network is a specific cerrier wifi network
which provides the same user experience as mobile.
To support data usage accounting for carrier merged wifi,
the change provide several APIs in NetworkTemplate:
1. extend buildTemplateWifi so it could be used for matching
wifi networks with subscriber Id (IMSI).
2. add buildTemplateCarrier to let
NetworkPolicyManagerService creates a single policy for
a given carrier regardless of network type.
Bug: 176396812
Test: atest -c NetworkTemplateTest
Test: atest -c NetworkStatsServiceTest
Test: Manual Test with test code on mobile and wifi network.
1. buildTemplateCarrier includes the carrier wifi and
mobile usage
2. buildTemplateWifi can get carrier wifi usage and support the
filter via subscriberId
Change-Id: I667b4adf3eec0bdd3a7385109dd8c1fae8e7be32
This change fixes IpConfigStore dependencies on framework-connectivity
hidden APIs.
- Use the version of SystemApi to new RouteInfo.
- Inline the implementation of isIPv4Default() directly because
isDefaultRoute() is a public API so it can be used in this class.
(cherry-picked from ag/13945685)
Bug: 178777253
Test: FrameworksServicesTests:IpConfigStoreTest
Merged-In: I5ed1bc8bc8bee5b0c795fd8577a2d64628998e51
Change-Id: I5ed1bc8bc8bee5b0c795fd8577a2d64628998e51
IpConfiguration and StaticIpConfiguration are included
in framework-connectivity which cannot have external
hidden API usages dependencies on them. IpConfiguration
and StaticIpConfiguration provide builder and getter
methods for the fields of the objects which are formal APIs.
So, replace the usages in IpConfigStore with those formal
APIs to remove the dependencies.
(cherry-picked from ag/13929104)
Bug: 178777253
Test: FrameworksServicesTests:IpConfigStoreTest
Merged-In: Ie9e6af0efe2c39667bb8faa1e3a498b1f61e1432
Change-Id: Ie9e6af0efe2c39667bb8faa1e3a498b1f61e1432
When Wi-Fi SSID is null in NetworkCapabilities,
get Wi-Fi SSID from connection info (WifiInfo) which is non-null design.
Bug: 176396812
Test: FrameworksNetTests NetworkPolicyManagerServiceTest
Change-Id: I59c7d8f7e176d0c6bb100721269f3f6165f0ca21
Network class will be a part of mainline module, external callers
cannot call its hidden constant. Use public API - getNetId() to
get netid instead.
Bug: 182963397
Test: m
Change-Id: I6d5dd0a8c3879df7bdc1d58e36022045c303bb40
Merged-In: I6d5dd0a8c3879df7bdc1d58e36022045c303bb40
(cherry-picked from ag/13927649)
The current design is using hidden API - getStackedLinks() to
get LinkProperties then call getInterfaceName() to get the
interface name. In fact, this behavior could be replaced by
system API - getAllInterfaceNames().
Bug: 182963397
Test: atest FrameworksNetTests
Test: atest CtsNetTestCases
Change-Id: Id2b19dc5099355af69d23a6d99d2b7e6c0e1e88a
Merged-In: Id2b19dc5099355af69d23a6d99d2b7e6c0e1e88a
(cherry-picked from ag/13927660)
This change contains necessary modification in NPMS and NSS
to send warning bytes to NetworkStatsProvider. But since
no any provider has been upgraded to handle such parameter.
Thus, no behavior change is made in this patch.
Test: atest NetworkPolicyManagerServiceTest NetworkStatsServiceTest
Test: atest NetworkPolicyManagerServiceTest#testStatsProviderWarningAndLimitReached
Bug: 149467454
Bug: 170699770
Bug: 170179169
Merged-In: I6c4863030c36328db571294fd12a40e59864def5
Change-Id: I6c4863030c36328db571294fd12a40e59864def5
(cherry-picked from ag/13982166)
To have better control and race-free of set data warning
to tether offload hardware, an interface of set warning and
limit at the same time in the NetworkStatsProvider is needed.
This is a no-op change which expose such interface with minimum
changes in service side to get build pass. The implementation
would be included in follow-up patches.
Test: atest NetworkStatsServiceTest
Test: atest NetworkPolicyManagerServiceTest
Test: atest GtsNetworkStackHostTestCases
Test: m doc-comment-check-docs
Bug: 149467454
Bug: 170699770
Bug: 170179169
Merged-In: I6ee661497f7dedb871c85786d1950cab951d8aa2
Change-Id: I6ee661497f7dedb871c85786d1950cab951d8aa2
(cherry-picked from ag/13959436)
Some operator supports multiple VILTE,
both two SIM cards can make VILTE call.
We need to record VILTE data to different interface.
Now NetworkStatsService has only one VILTE data
interface: "vt_data0". All VILTE data stats will
be recorded in this interface.
Bug: 130871087
Test: NetworkStatsServiceTest#testDualVilteProviderStats
Change-Id: I000ec756827bc42cac88dd0a2ca6b7999252357e
Use new API - getIpSecNetIdRange() to get the network ID range
of IPSec tunnel interface.
Bug: 172183305
Test: atest FrameworksNetTests:IpSecServiceTest
Change-Id: Ib80f814f991e9f000a68f5c539d15d97cf56930e
Rename StringNetworkSpecifier to EthernetNetworkSpecifier (its only
production user), and make it module-lib API.
The original StringNetworkSpecifier file is actually kept to satisfy
some invalid dependencies; it will be removed separately.
This allows specifying an Ethernet interface with a non-deprecated API:
until this change the only way to do so would be to use
NetworkRequest#setSpecifier(String), which is deprecated.
Similarly, add the TestNetworkSpecifier API for TestNetworkManager, to
replace previous usage of StringNetworkSpecifier. TestNetworkManager is
module API, so TestNetworkSpecifier should be module API too. This
allows tests to request the test interface specifically, without using
the deprecated NetworkRequest#setSpecifier(String).
Bug: 179329291
Test: m
Merged-In: Iee569f5c8bbdc4bc979610e1191308281f3d4620
Change-Id: Iee569f5c8bbdc4bc979610e1191308281f3d4620
ConnectivityManager is a part of connectivity mainline. The
hidden methods dependency in ConnectivityManager should be
removed to make it a moudle. NSS use isNetworkTypeMobile to
check if the NetworkState belongs to a cellular network or not.
It should be replaced by the NetworkCapabilities inside the
NetworkState.
The result of isNetworkTypeMobile relies on the legacy network
type. The legacy network type comes from the network type
of its network info. The replacement should consider VPN active
case because the network type will not be TYPE_MOBILE. Thus,
replace it with Networkcapabilities.getDisplayTransport() to
get a transport that can be used to classify a network when
displaying its info to users, i.e. it will return TRANSPORT_VPN
for a vpn network on cellular network.
Bug: 172183305
Test: atest FrameworksNetTests
Change-Id: I2132a7288a93e4430cbd9efabc33ae56ce8bdd9b
