-Remove Int-based SPI usage from the IpSecTransform.Builder
This is essentially a less-safe method overload, and it is both
unnecessary and difficult to implement: the cross-validation
between SPI and Transform is actually useful, and the kernel
requires two different mechanisms to use an unreserved vs a
reserved (alloc'd) SPI: CREATESA vs UPDATESA, which makes this
hard to support. API Council has questioned the value of this,
and they are right: everything points to "remove this". In the
future, if we find that SPI reservation is overhead, we can
always add it back.
-Hiding the TunnelMode builder method and application/remove
methods. These will not land by the time the next API
stabilizes, so better to hide them now that this is a
near-certainty. Expectation is to un-hide them in the subsequent
API bump.
Bug: 36073210
Test: Compilation, verified nobody is calling these stubs
Change-Id: Ic1a3f2cf7128633318ac175d6b56b45eb8d21cab
(cherry picked from commit 48b566557d)
To make the SPI reservation more semantically consistent with the
transform creation API, and to ensure that we always create SPI
reservations relative to a well-known remote, we should take the
SPI request relative to a remote (rather than to a destination).
This necessitates that we now consider direction separately, which
is used for keying the SA-Id.
Bug: 36073210
Test: compilation
Change-Id: I81e955c20128c1f8e04fd68eb26669561f827a78
(cherry picked from commit c4f879925b)
-Add IpSecService with the necessary glue to connect to netd
-Add code to retrieve IpSecService from System Server
Bug: 30984788
Test: b/34812052, b/34811227
Change-Id: I4cdcb643421141202f77a0e2f87a37012de0cd92
(cherry picked from commit 28084d89ec)
This patch removes from ConnectivityService the logic involved in
deciding if a uid has access to networking based on networking policies.
This logic is moved into NetworkPolicyManagerService which is the source
of truth with regards to the state of networking policie, both for
existing networks and uids.
Instead ConnectivityService directly queries NetworkPolicyManagerService
in a synchronous fashion for a specific uid or a (uid, network) pair.
This eliminates the need to keep a copy of the uid policy rules inside
ConnectivityService and ensures that ConnectivityService takes
networking decisions based on the correct state of networking policies,
and therefore eliminates certain data races in ConnectivityManager API
that applications are exposed to.
Test: $ runtest frameworks-net
$ runtest -x frameworks/base/services/tests/../NetworkPolicyManagerServiceTest.java
$ runtest -c com.android.server.net.ConnOnActivityStartTest frameworks-services
Bug: 32069544, 30919851
Change-Id: Ic75d4f7a8853e6be20e51262c4b59805ec35093a
- Add this new meta-data field on NetworkRecommendationProvider to NetworkScorerAppData
Bug: 36571359
Test: runtest frameworks-services
Change-Id: Ic8c594bea406fc5183a4919b808bce5159912650
This patch adds transports info to ValidationProbeEvent and migrates
netId logging for this event to the topt-level netId field in
ConnectivityMetricsEvent.
Test: modified unit tests. $ runtest frameworks-net passes
Bug: 3490169
Change-Id: Ibf51049ba8901ae5ca4ea86e2f500944a4738b5c
This patch deprecates the ifname field for specific metrics events of
types DhcpClientEvent, DhcpErrorEvent, IpReachabilityEvent and
IpManagerEvent.
Instead ifnames are logged in ConnectivityMetricsEvent, allowing for
link layer inference.
Test: updated unit tests, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I8bfabcb115bbd5289471d653c153a40bb48f28cd
This patch adds translation from ConnectivityMetricsEvent to
IpConnectivityEvent of recently added fields:
- top-level network id
- top-level ifname
- transports
Also adds inference of link layer from transports or ifname.
At the moment these new fields are not populated in
ConnectivityMetricsEvent. Follow-up patches will fill this gap for
the events of the android.net.metrics package.
Test: new unit tests, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I563a6a3183470bdfaabb7c781a1beaf6b1058bf0
This patch adds new fields to ConnectivityMetricsEvent to make it more
symmetric to IpConnectivityEvent in ipconnectivity.proto.
Follow-up patches will start populating these fields for users of
IpConnectivityLog.
Test: unit tests updated, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I396767cdfcf38cce893c0d6e1f4524f12e3fdc64
Now that ConnectivityMetricsEvent is only used for core networking
metrics and is not @SystemApi anymore, remove unused fields and prepare
for additional new fields.
Test: updated unit tests, $ runtest frameworks-net passes
Bug: 34901696
Change-Id: I15abad19981d491f16f2a3afe401f1e833079907
This patch adds a few missing counters to APF events:
- an actual lifetime duration to ApfProgramEvent.
- counters for total number of updates to ApfStatistics.
ApfProgramEvents are now recorded at program removal in order to
populate the actual lifetime of the program. ApfProgramEvents whose
actual lifetime was less than 1 second are filtered out.
Finally, instance fields of ApfProgramEvent and ApfStats classes are
made mutable to allow for simple record-like creation. This was not
possible when these classes were tagged @SystemApi.
Test: - manually verified output of $ dumpsys connmetrics list
- unit tests updated.
Bug: 34901696
Change-Id: I02694ebb9421ce1c2aa757fa6aa209d19a654dcd
This patch:
- adds a counter to ConnectStats for counting the number of successful
connect() calls done in blocking mode. This allows to compute error
rates for connect() in blocking mode.
- add printing of ConnectStats when dumping NetdEventListenerService
and/or IpConnectivityMetrics service.
Test: $ runtest frameworks-net, + manual tests verifying logged events.
Bug: 34901696
Change-Id: I889e8ccd12681b0511be487e9d2ee44290a2d7d7
There are no instances of this call in master outside of platform.
BUG: 34169232
Test: make update-api; make; fastboot flashall
Change-Id: I4555af5487291097ca3768fdf071c4db7dd21288
Make sure Settings.Global.NETWORK_RECOMMENDATIONS_ENABLED reflects
the current active scorer state. When valid the setting will have a
value of 1, when invalid it will be 0 (or more
accurately not 1, see below).
Introduced a new valid setting value, -1, which indicates the feature
has been forced off.
Test: runtest frameworks-services -c com.android.server.NetworkScorerAppManagerTest
Test: runtest frameworks-services -c com.android.server.NetworkScoreServiceTest
Bug: 35896421
Change-Id: I271725f798e5d0acc7c08c79678dba5115f8faad
Test: as follows
- built (bullhead)
- flashed
- booted
- runtest frameworks-net passes
- manual USB tethering toggling between WiFi and mobile
Bug: 32163131
Change-Id: I57edf5114b6361f320577c7870e40f8b3cdf74ce
The state that needs to be transferred includes:
- NetworkCapabilities
- LinkProperties
- whether the network is currently suspended
Additionally:
- Rename notifyNetworkCallback() to notifyNetworkAvailable()
in order to clarify its real function.
- fix previous copy/paste error in unittest
Test: as follows
- built (bullhead)
- flashed
- booted
- runtest frameworks-net passes
- USB tethering with mobile and Wi-Fi upstream toggling
Bug: 32163131
Change-Id: Ib4460bcd5d08863a9feac9e8ab41a238897bb3ea
Add (unhide) a public API which provides network requests with a
timeout. When timed-out the (newly unhidden) onUnavailable() callback
is triggered.
Note: this CL does not add a handler to the API to be consistent
with the existing APIs. There is a separate effort (b/32130437)
to update these APIs with Handlers.
Bug: 31399536
Test: unit tests and CTS (new)
Change-Id: I45ce9ada63372cb56937bb620bfbb7729e5e25d2
This field allows Network Score Services to pass an alternate label for
the scorer.
Bug: 35848510
Test: runtest --path
frameworks/base/services/tests/servicestests/src/com/android/server/NetworkScorerAppManagerTest.java
runtest --path
frameworks/base/services/tests/servicestests/src/com/android/server/NetworkScoreServiceTest.java
Change-Id: Ic28671c1663bd08b2406045d20c150a209d56054
This CL adds an API to set up an IPSec Security Association
and Security Policy to perform Transport-Mode and Tunnel-Mode encapuslation
of IP Packets.
Bug: 30984788
Bug: 34811752
Test: 34812052, 34811227
Change-Id: Ic9f63c7bb366302a24baa3e1b79020210910ac0a
NetworkScorerAppManager is only used internally by the
NetworkScoreService and no longer needs to be part of core.
Extracted its inner class, NetworkScorerAppData, into a top-level
class and left it in android.net as it's used as part of the
NetworkScoreManager API.
Test: runtest frameworks-services -c com.android.server.NetworkScorerAppManagerTest
Test: runtest frameworks-services -c com.android.server.NetworkScoreServiceTest
Bug: 35095406
Change-Id: I201f081e05d0a909b4ae3142b63afc3e21548f77
