To facilitate error checking we should invalidate
the resource IDs of all objects when we close() them.
Today, the resource ID is invalidated on the Transform
object but not on the SPI or Encap Socket. This CL
unifies the behavior.
Bug: 70641274
Test: cts - IpSecManagerTest
Change-Id: I28caec3e913902c748c6a50b4ef742ccef8b1b09
Move the native implementation of TrafficStats to NetworkStatsService
and apps need to get the NetworkStatsService binder interface from
system_server in order to get the network usage stats since boot. This
implementation can hide the detail of retrieving network traffic
information from apps and the NetworkStatsService can choose which
methoed it use to get the data depending on the kernel version of the
device.
Bug: 30950746
Test: CtsNetTestCases -t android.net.cts.TrafficStatsTest
Change-Id: I53bbefd19aa0b783b9b4b42ea4d76db3e9ec07a3
Added calls to tag encap sockets to that of the UID for which the encap
socket is being created on behalf of. This ensures that all data
accounting generated for the UDP-encap-ESP socket is correctly billed to
the right UID.
Bug: 62994731
Test: New tests added to IpSecServiceTest.java, passing
Change-Id: I15365ea9c982fd7b4e3cdeff314ddfba2289c86e
This enables app A to create a socket, pass it to app B, and have
app B accept blame for the traffic performed on that socket.
Also adds helpful public APIs for tagging raw FileDescriptor sockets
instead of making developers go through shady SocketImpl wrappers.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AppSecurityTests#testAppFailAccessPrivateData
Bug: 63932076
Change-Id: I08925c843974675fc82e4080cec2eaab9ab7cd41
Merged-In: I08925c843974675fc82e4080cec2eaab9ab7cd41
(cherry picked from commit 70dc4f4d16)
1) toSafeString() is renamed to toOuiString()
2) toOuiString() returns a String that only contains the first 3 bytes
of the mac address.
Bug: 70336442
Test: runtest frameworks-net
Change-Id: I798d8fec32dbff5687a682028e5d90eb941f81c1
Also remove 'build.master@android.com' which is deprecated, not
declared by anybody else, and makes the linter unhappy.
Bug: 70394432
Test: built
Merged-In: I9c0ba41386129379f82259fcc5e745562b014fae
(cherry pick from commit 626eed2ac8)
Change-Id: Ie802113d61f693d73f7234b44ac2a9bd462b3fbf
Throughout the IPsec code (API, system server, netd) we use "reserve"
SPI and "allocate" SPI interchangeably. This renames to use "allocate"
everywhere for self-consistency and consistency with the kernel
(ALLOCSPI).
In javadoc, I am leaving the word "reserve" in several places because it
is still an accurate description of how the method behaves.
Bug: 69128142
Test: TreeHugger should be enough
Change-Id: I8ea603b4612303b0393beef04032671fa53d2106
This patch fixes two bugs around the validation time calculation for
default network metrics:
- for events representing the absence of a default network, the
validation time was not correctly set to 0.
- for events representing a default network, the validation time was
always set to the duration time. This was overlooked by commit
380a063858.
Also fix a minor printing padding issue in DefaultNetworkEvent#toString
Test: manually inspected the output of $ adb shell dumpsys connmetrics
while enabling and disabling wifi.
Change-Id: I0eb4ccdf7a61d3097d0661104cb40d738e59772a
Improve the Validation of IpSecAlgorithm by
explicitly checking the length in addition to
the truncation length (previously an oversight).
In addition, we now check the lengths during
un-parceling, which will catch someone maliciously
manually building a parcel and passing it, bypassing
the checks in the constructor.
Bug: 68780091
Test: runtest -x IpSecAlgorithmTest.java
Change-Id: I8172762617264d34f47d5144336464510f07a701
This patch does some light refactoring in MacAddress to prepare for
exposing MacAddress in the public api:
- documention is improved
- some method names are renamed
- a toSafeString method is added
- a padding bug in the conversion methods outputting strings for
mac addresses is fixed
Bug: 69390696
Test: runtest frameworks-net
Change-Id: I399a97dabc2dfa8df9c5518c8b12484e43ca05c9
Update public docs to hide the fact that NetworkCapabilities is only
used inside NetworkRequest as an implementation detail.
Take up less room on the wire when passing NetworkCapabilities around
via NetworkRequest.
Sanity check that the roaming state between NetworkInfo and
NetworkCapabilities is in agreement.
Test: bit FrameworksNetTests:android.net.,com.android.server.net.,com.android.server.connectivity.,com.android.server.ConnectivityServiceTest
Bug: 67040695
Change-Id: I982b4c3c41a140934bbad3b8ca8f12dc3814e86c
This patch uses the recently added MacAddress class in WakeupEvent and
WakeupStats for replacing the byte array representation of dest mac
addresses in packet wakeup events.
Bug: 28806131
Test: runtest frameworks-net
Merged-In: I5a3c76498a4b720f0d9308a65b5dd4b32377d0d1
(partial cherry pick from 884970e0ba)
Change-Id: I878d51d4cc53c6d9a2cc3c55faa15b86156afbd7
This changes only comments and annotations, which results
in minor API changes.
Bug: 63777932
Test: `make update-api` and visually inspect generated HTML.
Change-Id: I7a7a9244eade6cc55aca17a47e0a838cd6f84cc9
Also removes netId field from inside NetworkEvent and stop populating
the network_id field of the NetworkEvent field, deprecating it.
Bug: 34901696
Test: runtest frameworks-net,
manually looking at $ adb shell dumpsys connmetrics
Change-Id: I2c36860f976898883714f72f4d18e06da250c6a6
