This change specifies the required minimum supported keepalives
in SDK, and allows OEMs to customize supported keepalive count
per network through resource overlay.
Bug: 129371366
Test: 1. m -j doc-comment-check-docs
2. atest FrameworksNetTests
Clean cherry-pick of aosp/946359
Change-Id: I06840834d0ee8121358bf4829fe47ecf9964d395
Merged-In: I0218f3674628c13ead63fc9a873895ba7f113033
Merged-In: Ia667386c1a8949839871a6949d79552d9c8b88f0
- Add the hostname to DhcpResultsParcelable.
- Don't store the server hostname if option overload is in use,
as this is not valid.
- Add unit tests.
Bug: 120584519
Bug: 127423755
Test: atest NetworkStackTests
Test: atest FrameworksNetTests
Change-Id: I5e9fee5471740f5d7c001e9e98017f32be452344
Merged-In: I60071bc029d25485bf204cfd3a8cebd538ca12b6
(cherry picked from commit 681f33cc6a)
The tests are run both in unit and CTS tests.
Test: atest FrameworksNetTests NetworkStackTestCases
Bug: 129200175
Change-Id: I78d78dd421cc3ffea774ff5eaa6aa758debc9cf2
Merged-In: I9b65a2eef94567d2b79a9955619938e64906080d
Merged-In: I78d78dd421cc3ffea774ff5eaa6aa758debc9cf2
(cherry picked from commit 9e046d509a)
This adds the moved tests to CTS as well.
The moved unit tests are appropriate for CTS as they test data holder
classes that need to function properly for apps to work.
Test: atest FrameworksNetTests
Test: atest CtsNetTestCases: added tests pass
Bug: 129199900
Change-Id: I895d2b57da658d5bed28ebe128611d5d15835742
Merged-In: I9f708a252ab606b782f5f828dce8c1690c3703bf
Merged-In: I895d2b57da658d5bed28ebe128611d5d15835742
(cherry picked from commit cc21fbd483)
When a fully-routed VPN is running, we want to prevent normal apps
under the VPN from receiving packets originating from any local non-VPN
interfaces. This is achieved by using eBPF to create a per-UID input
interface whitelist and populate the whitelist such that all
non-bypassable apps under a VPN can only receive packets from the VPN's
TUN interface (and loopback implicitly)
This is the framework part of the change that build the whitelist.
The whitelist needs to be updated in the following cases:
* When a VPN is connected and disconnected
This will cover the change to allowBypass bit, since that can't be
changed without reconnecting.
* When a VPN's NetworkCapabilites is changed (whitelist/blacklist app changes)
* When a new app is installed
* When an existing app is removed
* When a VPN becomes fully-routed or is no longer fully-routed
New user/profile creation will automatically result in a whitelist app change
transition so it doesn't need to be handled specially here.
Due to the limitation of the kernel IPSec interacting with eBPF (sk_buf->ifindex
does not point to the virtual tunnel interface for kernel IPSec), the whitelist
will only apply to app VPNs but not legacy VPN connections, to prevent breaking
connectivity with kernel IPSec entirely.
Test: atest PermissionMonitorTest
Test: atest android.net.RouteInfoTest
Test: atest com.android.server.ConnectivityServiceTest
Test: atest HostsideVpnTests
Bug: 114231106
Merged-In: I5af81bc80dadd086261ba4b1eb706cc873bb7cfa
Change-Id: I5af81bc80dadd086261ba4b1eb706cc873bb7cfa
(cherry picked from commit 65968ea16b)
ConnectivityManager and its usages are removed from
NetworkStatsService. After that, forceUpdateIfaces requires
information that only ConnectivityService has, hence
restricting the calling permission to NETWORK_STACK or
MAINLINE_NETWORK_STACK permission. The required permission
will be changed from READ_NETWORK_USAGE_HISTORY to
NETWORK_STACK or MAINLINE_NETWORK_STACK. This change would make
it impossible to call outside the system.
Bug: 126830974
Test: atest FrameworksNetTests
Merged-In: I1b26dc64eaab2151e6885fd01cc5e8d4e18c4e60
Change-Id: I4ea421e4126a45f65d25fe0bec74243a3b20aeab
(cherry picked from commit 6b895dea25)
This test is too flaky to run in presubmits.
Bug: 124354087
Test: atest InetDiagSocketTest
Change-Id: I90bc52a6f5b92d634862e3464634dfdbd3cada6a
Merged-In: Ic580b9261e0d556ec10f92ddffd8f2766e25f424
Merged-In: Ide5ac3f5316c4671b17fb9486ac56fc5feaf7b08
(cherry picked from commit fdc03bab0b)
The common package covers tests that should be included both in CTS and
unit tests.
Test: atest FrameworksBaseTests
Bug: 129199908
Change-Id: Ic78ff947250871fa773252c924f1dee9395c6074
(cherry picked from commit 054e3e0f5e)
These two classes were added to @SystemApi because they are used
both by NetworkMonitor and CaptivePortalLogin. However it turns
out they are not needed in the framework, so having them as a
library sounds better.
Change-Id: Iadf77ec5952b6da8812dc6d006a39bd4e93d2bd9
Fix: 129433264
Test: atest NetworkStackTests FrameworksNetTests
The argument of IpPreFix#contains() has been marked as @NonNull.
So the IpPrefixTest#testContainsInetAddress should not test
contains() method wiht null object.
Bug: None
Test: atest FrameworksNetTests
atest IpPrefixTest#testContainsInetAddress
Change-Id: I2f6bee19514dc47702f64d2a2bbf02d8b7b1b407
* changes:
Move BatteryStats and StatsCompanionService to use NetworkStatsService.
NetworkStatsService: Fix getDetailedUidStats to take VPNs into account.
Take all VPN underlying networks into account when migrating traffic for VPN uid.
This API is similar to one provided by NetworkStatsFactory with the
difference that NSS also migrates traffic from VPN UID to other apps.
Since traffic can only be migrated over NetworkStats delta, NSS
therefore maintains NetworkStats snapshot across all UIDs/ifaces/tags.
This snapshot gets updated whenever NSS records a new snapshot
(based on various hooks such as VPN updating its underlying networks,
network getting lost, etc.), or getDetailedUidStats API is invoked by
one of its callers.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: manually verified that battery stats are migrating traffic off of
TUN (after patching above CL where we point BatteryStats to use this
API).
Change-Id: Ib0f0c2d4d41ee1d7a027ea9da457baaf198d649e
VPN uid.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: Manually verified on device that stats from VPN UID are moved
appropriately based on its declared underlying network set.
Test: vogar --mode app_process --benchmark NetworkStatsBenchmark.java
Change-Id: I9d8d0cc58d18002c1c96f8ddff780ef8dc452d21
Remove StaticIpConfigurationParcelable and ApfCapabilitiesParcelable and
use StaticIpConfiguration and ApfCapabilities directly.
These two classes are SystemApi and defined in framework.jar, so no
stability guarantee is needed: the parceled and unparceled class will
always be the framework.jar version.
Bug: 126477266
Fixes: 126477266
Test: atest FrameworksNetTests NetworkStackTests
Test: flashed, booted, WiFi and captive portal works.
Change-Id: Iaf80ae23e003752cc6d2300700021931923b6533
Fill correct TOS/TTL value by fetching them from kernel with
getsockopt.
bug: 123967966
Test: -build, flash, boot
-atest FrameworksNetTests
Change-Id: I75b1be51040b4a381163958b4cddd27dbb22bac1
1. Some API's argument/return value must be marked either
@NonNull or @Nullable.
2. Change some system APIs to public APIs.
3. Modify the method name
Bug: 126700123
Bug: 126702339
Bug: 126699682
Bug: 118296575
Bug: 126699216
Bug: 126699675
Bug: 126699429
Bug: 126699193
Bug: 123586045
Test: atest FrameworksNetTests
Change-Id: Iaa2832cdcf83758ed0fec81b954a0c63bc5a7bf6
Replace TcpSocketInfo with TcpKeepalivePacketDataParcelable
because their structures are very similar.
bug: 128882321
Test: -build, flash, boot
-FrameworksNetTests
Change-Id: Iafb4031a64ba4775a495c156e2c997d890c6b261
1. refactor AnswerCallback with a generic type
2. support onError in AnswerCallback
3. Fix minor problem reported from API Review
Bug: 124882626
Test: built, flashed, booted
atest DnsResolverTest DnsPacketTest
Change-Id: I685c9989f8401acb63d2e83f552b2d5b20c41af0
The new @JavaOnlyStableParcelable annotation allows using the framework
parcelables directly, which removes a lot of boilerplate.
Includes new copy constructors for IpPrefix and LinkAddress so they can
be copied easily as-is into parcelables.
Test: atest FrameworksNetTests
Test: booted, WiFi works
Bug: 126477266
Change-Id: Icac8afe498d0b5ebf9a0d0b9eceb14d64a29b381
This is necessary to allow usage of ApfCapabilities as-is in AIDL,
instead of relying on ApfCapabilitiesParcelable, assuming that stable
AIDL starts allowing usage of @SystemApi classes. The Parcelable
implementation would be convenient for clients in any case.
Bug: 126477266
Test: atest FrameworksNetTests
Change-Id: Id2ef3cad261832a2918ccb6bb6bc154d99d75746
In some networks, network validation may only get success
result for http probe but fail result for https probe.
For this kind of network, it may still work at some websites
or apps, but user didn't know about that. In order to fix this
issue, we will check if network has partial connectivity and
notify user to make a choice if they want to use this partial
connectivity or not.
Bug: 113450764
Test: 1. Build pass.
2. Fake partial connectivity case for testing.
3. atest FrameworksNetTests
4. atest NetworkStackTests
Change-Id: I69ed00ac4850904ff708c9fef22e148879a10e92
1. refine the naming in DnsPacket and add more comment
2. add comment in DnsResolver
Test: built, flashed, booted
atest DnsResolverTest DnsPacketTest
Change-Id: Ib482d079d6823fd1d9bff163427b7aad38374199
