This commit reduces the flakiness of the
testOpenAndCloseUdpEncapsulationSocket by retrying up to three times.
Unfortunately, testing port-selected socket creation is racy against
other applications. This helps to handle the same race condition as done
in IpSecService#bindToRandomPort
Bug: 128024100
Test: 200x runs of testOpenAndCloseUdpEncapsulationSocket
Change-Id: I7e036ce821019dbac6c50899bd0894e89d2fe82a
In order to notify netd to swap eBPF maps before pulling the
networkStats from eBPF maps, NetworkStatsFactory need to use the
NetdServices to issue binder calls. So it need to be moved from
framework/base/core to framework/base/service since object in
framework/base/core cannot get any system services. This change is also
necessary for setting up a lock inside NetworkStatsFactory to prevent
racing between two netstats caller since the lock need to be hold before
netd trigger the map swap.
Also fix the compile problem caused by moving the NetworkStatsFactory
and the related tests. Rename the packages and the jni functions to a
more proper name.
Bug: 124764595
Bug: 128900919
Test: NetworkStatsFactoryTest
android.app.usage.cts.NetworkUsageStatsTest
android.net.cts.TrafficStatsTest
Change-Id: Ifcfe4df81caf8ede2e4e66a76552cb3200378fa8
Some names were still wrong somehow, and the wrappers were
missing.
Test: NetworkStack & FrameworkNetTests
Change-Id: I475bd011ad9bc714a07021a9dfd85c4876f8e9ad
The kernel eBPF maps have a blacklist to store all the uids that doesn't
have internet permission. When an app is unintalled from the device and
it is the last package on device that uses that uid, make sure we
cleaned the uid from the map and do not add no longer used uids into the
eBPF map. This action helps reduce the number of entries stored in the
map and reduce the chance of overflow the eBPF map.
Bug: 128944261
Test: PermissionMonitorTest
Change-Id: I10dd0113d00d6cf9ca39902d9721f2591d387d4a
Add more tests to PermissionMonitor to verify the functionality related
to INTERNET permission and UPDATE_DEVIE_STATS permission. Modified some
of the class design of PermissionMonitor so that it is easier to test
the new functionalities.
Bug: 111560570
Test: PermissionMonitorTest
Change-Id: Ic5585f337db5de48e2f87bf4f01ed7d85c349827
- Restrict unprivileged apps to use
NetworkRequest.Builder#setSignalStrength.
- Remove the "throws NullPointerException" in
CaptivePortalProbeSpec constructor.
- Remove the null check in LinkProperties.
- Add annotataion into all ConnectivityManager.NetworkCallback
methods.
Change-Id: Id275cac1d6a30d7515cd7b113394f5e8a0179314
Fix: 129097486
Test: atest FrameworksNetTests
NetworkMonitor obtained LinkProperties and NetworkCapabilities via
synchronous calls to ConnectivityManager after receiving an asynchronous
notification, which is prone to races: the network could be gone before
the LinkProperties/NetworkCapabilities can be fetched.
Fix the race by passing LinkProperties/NetworkCapabilities directly to
NetworkMonitor in the asynchronous notifications.
Test: atest FrameworksNetTests NetworkStackTests
Test: booted, WiFi works
Bug: 129375892
Change-Id: I200ac7ca6ff79590b11c9be705f650c92fd3cb63
* changes:
Move BatteryStats and StatsCompanionService to use NetworkStatsService.
NetworkStatsService: Fix getDetailedUidStats to take VPNs into account.
Take all VPN underlying networks into account when migrating traffic for VPN uid.
This API is similar to one provided by NetworkStatsFactory with the
difference that NSS also migrates traffic from VPN UID to other apps.
Since traffic can only be migrated over NetworkStats delta, NSS
therefore maintains NetworkStats snapshot across all UIDs/ifaces/tags.
This snapshot gets updated whenever NSS records a new snapshot
(based on various hooks such as VPN updating its underlying networks,
network getting lost, etc.), or getDetailedUidStats API is invoked by
one of its callers.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: manually verified that battery stats are migrating traffic off of
TUN (after patching above CL where we point BatteryStats to use this
API).
Change-Id: Ib0f0c2d4d41ee1d7a027ea9da457baaf198d649e
VPN uid.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: Manually verified on device that stats from VPN UID are moved
appropriately based on its declared underlying network set.
Test: vogar --mode app_process --benchmark NetworkStatsBenchmark.java
Change-Id: I9d8d0cc58d18002c1c96f8ddff780ef8dc452d21
This is a alternative way for moving TetherService logic
into EntitlementManager[1]. Settings would close tethering
when silent entitlement check fail. To be consistent,
tethering should also be closed if UI entitlement check
fails.
[1] https://android-review.googlesource.com/c/platform/frameworks/base/+/928136
bug: 129330738
Test: -build, flash, boot,
-atest EntitlementManagerTest
-manual test with carrier SIM
Change-Id: Idfc35461b6359f3a624e78d49b6f73812db6d8ab
Instead of doing a tethering entitlement check whenever we turn
on tethering, provisioning result should only affect mobile
upstream. List behavior changes below:
1. Change tether entitlement check from pre-flight check to
run-time check.
2. Only run entitlement check when upstream is mobile.
3. Move schedule entitlement re-check logic from Settings to
framework.
4. Run all entitlement thing in TetherMaster thread to avoid
multi-thread problem.
Test: -atest FrameworksNetTests
-build, flash, booted
bug: 111490073
Change-Id: Ic2980b4d6864d6f7287816c43eb6cf7a5cdec541
Merged-in: Ic2980b4d6864d6f7287816c43eb6cf7a5cdec541
Currently, socketKeepalive implementation is accepting null fd
due to backward compatibility with legacy packet keepalive API.
However, due to lack of the fd, the service cannot guarantee the
port is not reused by another app if the caller release the port
for any reason.
Thus, grant the null fd access only for priviledged apps.
This commit also address some comments from aosp/918533.
Bug: 126699232
Test: atest FrameworksNetTests
Change-Id: I0baf582ff4ca8af6082c3754e8dfbcd867f39792
Instead of doing a tethering entitlement check whenever we turn
on tethering, provisioning result should only affect mobile
upstream. List behavior changes below:
1. Change tether entitlement check from pre-flight check to
run-time check.
2. Only run entitlement check when upstream is mobile.
3. Move schedule entitlement re-check logic from Settings
framework.
4. Run all entitlement thing in TetherMaster thread to avoid
multi-thread problem.
Test: -atest FrameworksNetTests
-build, flash, booted
bug: 111490073
Change-Id: Ic2980b4d6864d6f7287816c43eb6cf7a5cdec541
There are 2 problems will make testPartialConnectivity flaky:
1. If we call setNetworkValid() before expectCapabilitiesWith(),
there may be a timing issue that network will become VALID before
NetworkMonitor send PARTIAL_CONNECTIVITY to ConnectivityService.
Solution:
We should set network to valid after ConnectivityService received
NETWORK_TEST_RESULT_PARTIAL_CONNECTIVITY to ensure NetworkMonitor
will send PARTIAL_CONNECTIVITY to ConnectivityService first then
send VALID.
2. When test case call explicitlySelected(true) first then call
connect(true), NetworkMonitor will report the network validation
test result twice because ConnectivityServiceTest() will trigger
notifyNetworkTested() when setAcceptPartialConnectivity() is
called, it may cause a timing that before the second test result
send to ConnectivityService, connect() already called
setNetworkInvalid. So, NET_CAPABILITY_VALIDATED will be removed
and ConnectivityService will trigger onCapabilitiesChanged()
unexpectedly.
Solution:
Don't trigger notifyNetworkTested() when
setAcceptPartialConnectivity() is called. If there is needed,
use mCm.reportNetworkConnectivity() to report the test result
instead.
Bug: 128426024
Test: 1. atest FrameworksNetTests: \
ConnectivityServiceTest#testPartialConnectivity \
--generate-new-metrics 1000
Change-Id: I7200528378201a3c7c09a78ff827b41f2741dfa1
Currently, the fails in testTcpSocketKeepalives are triggered by
fail() inside the executor, which is hiding the actual call trace
but only message remains. And it made the fail case hard to
debug.
So this commit is to bubble up the Exception by using a custom
functional interface.
Bug: 123987272
Test: 1. atest FrameworksNetTests
2. manually fail the test case and see the call trace
Change-Id: I125e673938a5e9d1de86f83c1a732227a4bd3207
Per API review, change the use of FileDescriptor to
ParcelFileDescriptor.
This change also fix nullability according to API review
feedbacks.
Fix: 126698610
Fix: 126699425
Fix: 126699232
Fix: 126700278
Test: 1. m -j
2. atest FrameworksNetTests --generate-new-metrics 50
3. m -j doc-comment-check-docs
Change-Id: I19476c50dd1ca290bf3f41973829da2bd229796a
