Merge changes Icf3df3aa,I92adad60
* changes:
Add sEnableJavaBpfMap value to the dump
Move CookieTag map dump to BpfNetMaps
diff --git a/OWNERS_core_networking_xts b/OWNERS_core_networking_xts
index 8083cbf..1844334 100644
--- a/OWNERS_core_networking_xts
+++ b/OWNERS_core_networking_xts
@@ -1,7 +1,7 @@
lorenzo@google.com
satk@google.com #{LAST_RESORT_SUGGESTION}
-# For cherry-picks of CLs that are already merged in aosp/master.
+# For cherry-picks of CLs that are already merged in aosp/master, or flaky test fixes.
jchalard@google.com #{LAST_RESORT_SUGGESTION}
maze@google.com #{LAST_RESORT_SUGGESTION}
reminv@google.com #{LAST_RESORT_SUGGESTION}
diff --git a/TEST_MAPPING b/TEST_MAPPING
index 6e30fd1..700a085 100644
--- a/TEST_MAPPING
+++ b/TEST_MAPPING
@@ -135,6 +135,37 @@
}
]
},
+ // Test with APK modules only, in cases where APEX is not supported, or the other modules
+ // were simply not updated
+ {
+ "name": "CtsNetTestCasesLatestSdk[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk]",
+ "options": [
+ {
+ "exclude-annotation": "com.android.testutils.SkipPresubmit"
+ },
+ {
+ "exclude-annotation": "androidx.test.filters.RequiresDevice"
+ },
+ {
+ "exclude-annotation": "com.android.testutils.ConnectivityModuleTest"
+ }
+ ]
+ },
+ // Test with connectivity/tethering module only, to catch integration issues with older versions
+ // of other modules. "new tethering + old NetworkStack" is not a configuration that should
+ // really exist in the field, but there is no strong guarantee, and it is required by MTS
+ // testing for module qualification, where modules are tested independently.
+ {
+ "name": "CtsNetTestCasesLatestSdk[com.google.android.tethering.apex]",
+ "options": [
+ {
+ "exclude-annotation": "com.android.testutils.SkipPresubmit"
+ },
+ {
+ "exclude-annotation": "androidx.test.filters.RequiresDevice"
+ }
+ ]
+ },
{
"name": "bpf_existence_test[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk+com.google.android.resolv.apex+com.google.android.tethering.apex]"
},
@@ -159,38 +190,6 @@
{
"name": "CtsNetTestCasesLatestSdk[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk+com.google.android.resolv.apex+com.google.android.tethering.apex]",
"keywords": ["sim"]
- },
- // TODO: move to mainline-presubmit when known green.
- // Test with APK modules only, in cases where APEX is not supported, or the other modules were simply not updated
- {
- "name": "CtsNetTestCasesLatestSdk[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk]",
- "options": [
- {
- "exclude-annotation": "com.android.testutils.SkipPresubmit"
- },
- {
- "exclude-annotation": "androidx.test.filters.RequiresDevice"
- },
- {
- "exclude-annotation": "com.android.testutils.ConnectivityModuleTest"
- }
- ]
- },
- // TODO: move to mainline-presubmit when known green.
- // Test with connectivity/tethering module only, to catch integration issues with older versions of other modules.
- // "new tethering + old NetworkStack" is not a configuration that should really exist in the field, but
- // there is no strong guarantee, and it is required by MTS testing for module qualification, where modules
- // are tested independently.
- {
- "name": "CtsNetTestCasesLatestSdk[com.google.android.tethering.apex]",
- "options": [
- {
- "exclude-annotation": "com.android.testutils.SkipPresubmit"
- },
- {
- "exclude-annotation": "androidx.test.filters.RequiresDevice"
- }
- ]
}
],
"imports": [
diff --git a/Tethering/proguard.flags b/Tethering/proguard.flags
index 2905e28..109bbda 100644
--- a/Tethering/proguard.flags
+++ b/Tethering/proguard.flags
@@ -1,7 +1,10 @@
# Keep class's integer static field for MessageUtils to parsing their name.
--keep class com.android.networkstack.tethering.Tethering$TetherMainSM {
- static final int CMD_*;
- static final int EVENT_*;
+-keepclassmembers class com.android.server.**,android.net.**,com.android.networkstack.** {
+ static final % POLICY_*;
+ static final % NOTIFY_TYPE_*;
+ static final % TRANSPORT_*;
+ static final % CMD_*;
+ static final % EVENT_*;
}
-keep class com.android.networkstack.tethering.util.BpfMap {
@@ -21,12 +24,8 @@
*;
}
--keepclassmembers class android.net.ip.IpServer {
- static final int CMD_*;
-}
-
# The lite proto runtime uses reflection to access fields based on the names in
# the schema, keep all the fields.
-keepclassmembers class * extends com.android.networkstack.tethering.protobuf.MessageLite {
<fields>;
-}
\ No newline at end of file
+}
diff --git a/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java b/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
index 74ba209..ebc9d26 100644
--- a/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
+++ b/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
@@ -1473,6 +1473,15 @@
// to Objects.hash() to avoid autoboxing overhead.
return Objects.hash(upstreamIfindex, downstreamIfindex, address, srcMac, dstMac);
}
+
+ @Override
+ public String toString() {
+ return "upstreamIfindex: " + upstreamIfindex
+ + ", downstreamIfindex: " + downstreamIfindex
+ + ", address: " + address.getHostAddress()
+ + ", srcMac: " + srcMac
+ + ", dstMac: " + dstMac;
+ }
}
/** Tethering client information class. */
diff --git a/Tethering/src/com/android/networkstack/tethering/metrics/TetheringMetrics.java b/Tethering/src/com/android/networkstack/tethering/metrics/TetheringMetrics.java
index d8e631e..2c6054d 100644
--- a/Tethering/src/com/android/networkstack/tethering/metrics/TetheringMetrics.java
+++ b/Tethering/src/com/android/networkstack/tethering/metrics/TetheringMetrics.java
@@ -75,6 +75,8 @@
.setUserType(userTypeToEnum(callerPkg))
.setUpstreamType(UpstreamType.UT_UNKNOWN)
.setErrorCode(ErrorCode.EC_NO_ERROR)
+ .setUpstreamEvents(UpstreamEvents.newBuilder())
+ .setDurationMillis(0)
.build();
mBuilderMap.put(downstreamType, statsBuilder);
}
@@ -110,7 +112,8 @@
reported.getErrorCode().getNumber(),
reported.getDownstreamType().getNumber(),
reported.getUpstreamType().getNumber(),
- reported.getUserType().getNumber());
+ reported.getUserType().getNumber(),
+ null, 0);
if (DBG) {
Log.d(TAG, "Write errorCode: " + reported.getErrorCode().getNumber()
+ ", downstreamType: " + reported.getDownstreamType().getNumber()
diff --git a/Tethering/src/com/android/networkstack/tethering/metrics/stats.proto b/Tethering/src/com/android/networkstack/tethering/metrics/stats.proto
index 46a47af..27f2126 100644
--- a/Tethering/src/com/android/networkstack/tethering/metrics/stats.proto
+++ b/Tethering/src/com/android/networkstack/tethering/metrics/stats.proto
@@ -21,12 +21,38 @@
import "frameworks/proto_logging/stats/enums/stats/connectivity/tethering.proto";
+// Logs each upstream for a successful switch over
+message UpstreamEvent {
+ // Transport type of upstream network
+ optional .android.stats.connectivity.UpstreamType upstream_type = 1;
+
+ // A time period that an upstream continued
+ optional int64 duration_millis = 2;
+}
+
+message UpstreamEvents {
+ repeated UpstreamEvent upstream_event = 1;
+}
+
/**
* Logs Tethering events
*/
message NetworkTetheringReported {
- optional .android.stats.connectivity.ErrorCode error_code = 1;
- optional .android.stats.connectivity.DownstreamType downstream_type = 2;
- optional .android.stats.connectivity.UpstreamType upstream_type = 3;
- optional .android.stats.connectivity.UserType user_type = 4;
+ // Tethering error code
+ optional .android.stats.connectivity.ErrorCode error_code = 1;
+
+ // Tethering downstream type
+ optional .android.stats.connectivity.DownstreamType downstream_type = 2;
+
+ // Transport type of upstream network
+ optional .android.stats.connectivity.UpstreamType upstream_type = 3 [deprecated = true];
+
+ // The user type of switching tethering
+ optional .android.stats.connectivity.UserType user_type = 4;
+
+ // Log each transport type of upstream network event
+ optional UpstreamEvents upstream_events = 5;
+
+ // A time period that a downstreams exists
+ optional int64 duration_millis = 6;
}
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java
index ac92b43..bbca565 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java
@@ -2092,4 +2092,11 @@
assertNull(mBpfUpstream4Map.getValue(upstream4KeyB));
assertNull(mBpfDownstream4Map.getValue(downstream4KeyB));
}
+
+ @Test
+ public void testIpv6ForwardingRuleToString() throws Exception {
+ final Ipv6ForwardingRule rule = buildTestForwardingRule(UPSTREAM_IFINDEX, NEIGH_A, MAC_A);
+ assertEquals("upstreamIfindex: 1001, downstreamIfindex: 1003, address: 2001:db8::1, "
+ + "srcMac: 12:34:56:78:90:ab, dstMac: 00:00:00:00:00:0a", rule.toString());
+ }
}
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/metrics/TetheringMetricsTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/metrics/TetheringMetricsTest.java
index 6a85718..7fdde97 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/metrics/TetheringMetricsTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/metrics/TetheringMetricsTest.java
@@ -88,6 +88,8 @@
.setUserType(user)
.setUpstreamType(UpstreamType.UT_UNKNOWN)
.setErrorCode(error)
+ .setUpstreamEvents(UpstreamEvents.newBuilder())
+ .setDurationMillis(0)
.build();
verify(mTetheringMetrics).write(expectedReport);
}
diff --git a/framework-t/src/android/net/NetworkIdentity.java b/framework-t/src/android/net/NetworkIdentity.java
index 350ed86..48e5092 100644
--- a/framework-t/src/android/net/NetworkIdentity.java
+++ b/framework-t/src/android/net/NetworkIdentity.java
@@ -34,8 +34,8 @@
import android.telephony.TelephonyManager;
import android.util.proto.ProtoOutputStream;
+import com.android.net.module.util.BitUtils;
import com.android.net.module.util.CollectionUtils;
-import com.android.net.module.util.NetworkCapabilitiesUtils;
import com.android.net.module.util.NetworkIdentityUtils;
import java.lang.annotation.Retention;
@@ -172,7 +172,7 @@
if (oemManaged == OEM_NONE) {
return "OEM_NONE";
}
- final int[] bitPositions = NetworkCapabilitiesUtils.unpackBits(oemManaged);
+ final int[] bitPositions = BitUtils.unpackBits(oemManaged);
final ArrayList<String> oemManagedNames = new ArrayList<String>();
for (int position : bitPositions) {
oemManagedNames.add(nameOfOemManaged(1 << position));
diff --git a/framework/src/android/net/NetworkCapabilities.java b/framework/src/android/net/NetworkCapabilities.java
index ea8a3df..e7d049f 100644
--- a/framework/src/android/net/NetworkCapabilities.java
+++ b/framework/src/android/net/NetworkCapabilities.java
@@ -17,6 +17,7 @@
package android.net;
import static com.android.internal.annotations.VisibleForTesting.Visibility.PRIVATE;
+import static com.android.net.module.util.BitUtils.appendStringRepresentationOfBitMaskToStringBuilder;
import android.annotation.IntDef;
import android.annotation.LongDef;
@@ -36,6 +37,7 @@
import android.util.Range;
import com.android.internal.annotations.VisibleForTesting;
+import com.android.net.module.util.BitUtils;
import com.android.net.module.util.CollectionUtils;
import com.android.net.module.util.NetworkCapabilitiesUtils;
@@ -185,10 +187,18 @@
NET_ENTERPRISE_ID_4,
NET_ENTERPRISE_ID_5,
})
-
public @interface EnterpriseId {
}
+ private static final int ALL_VALID_ENTERPRISE_IDS;
+ static {
+ int enterpriseIds = 0;
+ for (int i = NET_ENTERPRISE_ID_1; i <= NET_ENTERPRISE_ID_5; ++i) {
+ enterpriseIds |= 1 << i;
+ }
+ ALL_VALID_ENTERPRISE_IDS = enterpriseIds;
+ }
+
/**
* Bitfield representing the network's enterprise capability identifier. If any are specified
* they will be satisfied by any Network that matches all of them.
@@ -209,7 +219,7 @@
if (hasCapability(NET_CAPABILITY_ENTERPRISE) && mEnterpriseId == 0) {
return new int[]{NET_ENTERPRISE_ID_1};
}
- return NetworkCapabilitiesUtils.unpackBits(mEnterpriseId);
+ return BitUtils.unpackBits(mEnterpriseId);
}
/**
@@ -622,11 +632,20 @@
private static final int MIN_NET_CAPABILITY = NET_CAPABILITY_MMS;
private static final int MAX_NET_CAPABILITY = NET_CAPABILITY_PRIORITIZE_BANDWIDTH;
+ private static final int ALL_VALID_CAPABILITIES;
+ static {
+ int caps = 0;
+ for (int i = MIN_NET_CAPABILITY; i <= MAX_NET_CAPABILITY; ++i) {
+ caps |= 1 << i;
+ }
+ ALL_VALID_CAPABILITIES = caps;
+ }
+
/**
* Network capabilities that are expected to be mutable, i.e., can change while a particular
* network is connected.
*/
- private static final long MUTABLE_CAPABILITIES = NetworkCapabilitiesUtils.packBitList(
+ private static final long MUTABLE_CAPABILITIES = BitUtils.packBitList(
// TRUSTED can change when user explicitly connects to an untrusted network in Settings.
// http://b/18206275
NET_CAPABILITY_TRUSTED,
@@ -661,7 +680,7 @@
/**
* Capabilities that are set by default when the object is constructed.
*/
- private static final long DEFAULT_CAPABILITIES = NetworkCapabilitiesUtils.packBitList(
+ private static final long DEFAULT_CAPABILITIES = BitUtils.packBitList(
NET_CAPABILITY_NOT_RESTRICTED,
NET_CAPABILITY_TRUSTED,
NET_CAPABILITY_NOT_VPN);
@@ -670,7 +689,7 @@
* Capabilities that are managed by ConnectivityService.
*/
private static final long CONNECTIVITY_MANAGED_CAPABILITIES =
- NetworkCapabilitiesUtils.packBitList(
+ BitUtils.packBitList(
NET_CAPABILITY_VALIDATED,
NET_CAPABILITY_CAPTIVE_PORTAL,
NET_CAPABILITY_FOREGROUND,
@@ -683,7 +702,7 @@
* INTERNET, IMS, SUPL, etc.
*/
private static final long TEST_NETWORKS_ALLOWED_CAPABILITIES =
- NetworkCapabilitiesUtils.packBitList(
+ BitUtils.packBitList(
NET_CAPABILITY_NOT_METERED,
NET_CAPABILITY_TEMPORARILY_NOT_METERED,
NET_CAPABILITY_NOT_RESTRICTED,
@@ -783,7 +802,7 @@
* @return an array of capability values for this instance.
*/
public @NonNull @NetCapability int[] getCapabilities() {
- return NetworkCapabilitiesUtils.unpackBits(mNetworkCapabilities);
+ return BitUtils.unpackBits(mNetworkCapabilities);
}
/**
@@ -793,7 +812,7 @@
* @hide
*/
public @NetCapability int[] getForbiddenCapabilities() {
- return NetworkCapabilitiesUtils.unpackBits(mForbiddenNetworkCapabilities);
+ return BitUtils.unpackBits(mForbiddenNetworkCapabilities);
}
@@ -805,8 +824,8 @@
*/
public void setCapabilities(@NetCapability int[] capabilities,
@NetCapability int[] forbiddenCapabilities) {
- mNetworkCapabilities = NetworkCapabilitiesUtils.packBits(capabilities);
- mForbiddenNetworkCapabilities = NetworkCapabilitiesUtils.packBits(forbiddenCapabilities);
+ mNetworkCapabilities = BitUtils.packBits(capabilities);
+ mForbiddenNetworkCapabilities = BitUtils.packBits(forbiddenCapabilities);
}
/**
@@ -943,7 +962,7 @@
& NON_REQUESTABLE_CAPABILITIES;
if (nonRequestable != 0) {
- return capabilityNameOf(NetworkCapabilitiesUtils.unpackBits(nonRequestable)[0]);
+ return capabilityNameOf(BitUtils.unpackBits(nonRequestable)[0]);
}
if (mLinkUpBandwidthKbps != 0 || mLinkDownBandwidthKbps != 0) return "link bandwidth";
if (hasSignalStrength()) return "signalStrength";
@@ -1146,6 +1165,15 @@
/** @hide */
public static final int MAX_TRANSPORT = TRANSPORT_USB;
+ private static final int ALL_VALID_TRANSPORTS;
+ static {
+ int transports = 0;
+ for (int i = MIN_TRANSPORT; i <= MAX_TRANSPORT; ++i) {
+ transports |= 1 << i;
+ }
+ ALL_VALID_TRANSPORTS = transports;
+ }
+
/** @hide */
public static boolean isValidTransport(@Transport int transportType) {
return (MIN_TRANSPORT <= transportType) && (transportType <= MAX_TRANSPORT);
@@ -1167,7 +1195,7 @@
* Allowed transports on an unrestricted test network (in addition to TRANSPORT_TEST).
*/
private static final long UNRESTRICTED_TEST_NETWORKS_ALLOWED_TRANSPORTS =
- NetworkCapabilitiesUtils.packBitList(
+ BitUtils.packBitList(
TRANSPORT_TEST,
// Test eth networks are created with EthernetManager#setIncludeTestInterfaces
TRANSPORT_ETHERNET,
@@ -1232,7 +1260,7 @@
*/
@SystemApi
@NonNull public @Transport int[] getTransportTypes() {
- return NetworkCapabilitiesUtils.unpackBits(mTransportTypes);
+ return BitUtils.unpackBits(mTransportTypes);
}
/**
@@ -1242,7 +1270,7 @@
* @hide
*/
public void setTransportTypes(@Transport int[] transportTypes) {
- mTransportTypes = NetworkCapabilitiesUtils.packBits(transportTypes);
+ mTransportTypes = BitUtils.packBits(transportTypes);
}
/**
@@ -2015,9 +2043,9 @@
long oldImmutableCapabilities = this.mNetworkCapabilities & mask;
long newImmutableCapabilities = that.mNetworkCapabilities & mask;
if (oldImmutableCapabilities != newImmutableCapabilities) {
- String before = capabilityNamesOf(NetworkCapabilitiesUtils.unpackBits(
+ String before = capabilityNamesOf(BitUtils.unpackBits(
oldImmutableCapabilities));
- String after = capabilityNamesOf(NetworkCapabilitiesUtils.unpackBits(
+ String after = capabilityNamesOf(BitUtils.unpackBits(
newImmutableCapabilities));
joiner.add(String.format("immutable capabilities changed: %s -> %s", before, after));
}
@@ -2114,9 +2142,9 @@
@Override
public void writeToParcel(Parcel dest, int flags) {
- dest.writeLong(mNetworkCapabilities);
- dest.writeLong(mForbiddenNetworkCapabilities);
- dest.writeLong(mTransportTypes);
+ dest.writeLong(mNetworkCapabilities & ALL_VALID_CAPABILITIES);
+ dest.writeLong(mForbiddenNetworkCapabilities & ALL_VALID_CAPABILITIES);
+ dest.writeLong(mTransportTypes & ALL_VALID_TRANSPORTS);
dest.writeInt(mLinkUpBandwidthKbps);
dest.writeInt(mLinkDownBandwidthKbps);
dest.writeParcelable((Parcelable) mNetworkSpecifier, flags);
@@ -2132,7 +2160,7 @@
dest.writeString(mRequestorPackageName);
dest.writeIntArray(CollectionUtils.toIntArray(mSubIds));
dest.writeTypedList(mUnderlyingNetworks);
- dest.writeInt(mEnterpriseId);
+ dest.writeInt(mEnterpriseId & ALL_VALID_ENTERPRISE_IDS);
}
public static final @android.annotation.NonNull Creator<NetworkCapabilities> CREATOR =
@@ -2140,10 +2168,10 @@
@Override
public NetworkCapabilities createFromParcel(Parcel in) {
NetworkCapabilities netCap = new NetworkCapabilities();
-
- netCap.mNetworkCapabilities = in.readLong();
- netCap.mForbiddenNetworkCapabilities = in.readLong();
- netCap.mTransportTypes = in.readLong();
+ // Validate the unparceled data, in case the parceling party was malicious.
+ netCap.mNetworkCapabilities = in.readLong() & ALL_VALID_CAPABILITIES;
+ netCap.mForbiddenNetworkCapabilities = in.readLong() & ALL_VALID_CAPABILITIES;
+ netCap.mTransportTypes = in.readLong() & ALL_VALID_TRANSPORTS;
netCap.mLinkUpBandwidthKbps = in.readInt();
netCap.mLinkDownBandwidthKbps = in.readInt();
netCap.mNetworkSpecifier = in.readParcelable(null);
@@ -2167,7 +2195,7 @@
netCap.mSubIds.add(subIdInts[i]);
}
netCap.setUnderlyingNetworks(in.createTypedArrayList(Network.CREATOR));
- netCap.mEnterpriseId = in.readInt();
+ netCap.mEnterpriseId = in.readInt() & ALL_VALID_ENTERPRISE_IDS;
return netCap;
}
@Override
@@ -2287,32 +2315,6 @@
return sb.toString();
}
-
- private interface NameOf {
- String nameOf(int value);
- }
-
- /**
- * @hide
- */
- public static void appendStringRepresentationOfBitMaskToStringBuilder(@NonNull StringBuilder sb,
- long bitMask, @NonNull NameOf nameFetcher, @NonNull String separator) {
- int bitPos = 0;
- boolean firstElementAdded = false;
- while (bitMask != 0) {
- if ((bitMask & 1) != 0) {
- if (firstElementAdded) {
- sb.append(separator);
- } else {
- firstElementAdded = true;
- }
- sb.append(nameFetcher.nameOf(bitPos));
- }
- bitMask >>= 1;
- ++bitPos;
- }
- }
-
/**
* @hide
*/
diff --git a/service-t/src/com/android/server/ethernet/EthernetNetworkFactory.java b/service-t/src/com/android/server/ethernet/EthernetNetworkFactory.java
index 2196bf8..00f6c56 100644
--- a/service-t/src/com/android/server/ethernet/EthernetNetworkFactory.java
+++ b/service-t/src/com/android/server/ethernet/EthernetNetworkFactory.java
@@ -469,7 +469,9 @@
// TODO: Update this logic to only do a restart if required. Although a restart may
// be required due to the capabilities or ipConfiguration values, not all
// capabilities changes require a restart.
- restart();
+ if (mIpClient != null) {
+ restart();
+ }
}
boolean isRestricted() {
@@ -558,6 +560,13 @@
void updateNeighborLostEvent(String logMsg) {
Log.i(TAG, "updateNeighborLostEvent " + logMsg);
+ if (mIpConfig.getIpAssignment() == IpAssignment.STATIC) {
+ // Ignore NUD failures for static IP configurations, where restarting the IpClient
+ // will not fix connectivity.
+ // In this scenario, NetworkMonitor will not verify the network, so it will
+ // eventually be torn down.
+ return;
+ }
// Reachability lost will be seen only if the gateway is not reachable.
// Since ethernet FW doesn't have the mechanism to scan for new networks
// like WiFi, simply restart.
diff --git a/service-t/src/com/android/server/ethernet/EthernetTracker.java b/service-t/src/com/android/server/ethernet/EthernetTracker.java
index 6ec478b..95baf81 100644
--- a/service-t/src/com/android/server/ethernet/EthernetTracker.java
+++ b/service-t/src/com/android/server/ethernet/EthernetTracker.java
@@ -302,9 +302,14 @@
final int state = getInterfaceState(iface);
final int role = getInterfaceRole(iface);
final IpConfiguration config = getIpConfigurationForCallback(iface, state);
+ final boolean isRestricted = isRestrictedInterface(iface);
final int n = mListeners.beginBroadcast();
for (int i = 0; i < n; i++) {
try {
+ if (isRestricted) {
+ final ListenerInfo info = (ListenerInfo) mListeners.getBroadcastCookie(i);
+ if (!info.canUseRestrictedNetworks) continue;
+ }
mListeners.getBroadcastItem(i).onInterfaceStateChanged(iface, state, role, config);
} catch (RemoteException e) {
// Do nothing here.
diff --git a/service/proguard.flags b/service/proguard.flags
index 478566c..864a28b 100644
--- a/service/proguard.flags
+++ b/service/proguard.flags
@@ -6,3 +6,12 @@
-keepclassmembers public class * extends **.com.android.net.module.util.Struct {
*;
}
+
+-keepclassmembers class com.android.server.**,android.net.**,com.android.networkstack.** {
+ static final % POLICY_*;
+ static final % NOTIFY_TYPE_*;
+ static final % TRANSPORT_*;
+ static final % CMD_*;
+ static final % EVENT_*;
+}
+
diff --git a/service/src/com/android/server/ConnectivityService.java b/service/src/com/android/server/ConnectivityService.java
index 6804baf..d409d51 100755
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -249,13 +249,13 @@
import com.android.modules.utils.BasicShellCommandHandler;
import com.android.modules.utils.build.SdkLevel;
import com.android.net.module.util.BaseNetdUnsolicitedEventListener;
+import com.android.net.module.util.BitUtils;
import com.android.net.module.util.CollectionUtils;
import com.android.net.module.util.DeviceConfigUtils;
import com.android.net.module.util.InterfaceParams;
import com.android.net.module.util.LinkPropertiesUtils.CompareOrUpdateResult;
import com.android.net.module.util.LinkPropertiesUtils.CompareResult;
import com.android.net.module.util.LocationPermissionChecker;
-import com.android.net.module.util.NetworkCapabilitiesUtils;
import com.android.net.module.util.PerUidCounter;
import com.android.net.module.util.PermissionUtils;
import com.android.net.module.util.TcUtils;
@@ -1982,6 +1982,9 @@
@Nullable
public NetworkInfo getNetworkInfoForUid(Network network, int uid, boolean ignoreBlocked) {
enforceAccessPermission();
+ if (uid != mDeps.getCallingUid()) {
+ enforceNetworkStackPermission(mContext);
+ }
final NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network);
if (nai == null) return null;
return getFilteredNetworkInfo(nai, uid, ignoreBlocked);
@@ -3647,8 +3650,18 @@
break;
}
case NetworkAgent.EVENT_UNREGISTER_AFTER_REPLACEMENT: {
- // If nai is not yet created, or is already destroyed, ignore.
- if (!shouldDestroyNativeNetwork(nai)) break;
+ if (!nai.isCreated()) {
+ Log.d(TAG, "unregisterAfterReplacement on uncreated " + nai.toShortString()
+ + ", tearing down instead");
+ teardownUnneededNetwork(nai);
+ break;
+ }
+
+ if (nai.isDestroyed()) {
+ Log.d(TAG, "unregisterAfterReplacement on destroyed " + nai.toShortString()
+ + ", ignoring");
+ break;
+ }
final int timeoutMs = (int) arg.second;
if (timeoutMs < 0 || timeoutMs > NetworkAgent.MAX_TEARDOWN_DELAY_MS) {
@@ -7830,7 +7843,7 @@
@NonNull NetworkCapabilities agentCaps, @NonNull NetworkCapabilities newNc) {
underlyingNetworks = underlyingNetworksOrDefault(
agentCaps.getOwnerUid(), underlyingNetworks);
- long transportTypes = NetworkCapabilitiesUtils.packBits(agentCaps.getTransportTypes());
+ long transportTypes = BitUtils.packBits(agentCaps.getTransportTypes());
int downKbps = NetworkCapabilities.LINK_BANDWIDTH_UNSPECIFIED;
int upKbps = NetworkCapabilities.LINK_BANDWIDTH_UNSPECIFIED;
// metered if any underlying is metered, or originally declared metered by the agent.
@@ -7883,7 +7896,7 @@
suspended = false;
}
- newNc.setTransportTypes(NetworkCapabilitiesUtils.unpackBits(transportTypes));
+ newNc.setTransportTypes(BitUtils.unpackBits(transportTypes));
newNc.setLinkDownstreamBandwidthKbps(downKbps);
newNc.setLinkUpstreamBandwidthKbps(upKbps);
newNc.setCapability(NET_CAPABILITY_NOT_METERED, !metered);
diff --git a/tests/common/java/android/net/metrics/IpConnectivityLogTest.java b/tests/common/java/android/net/metrics/IpConnectivityLogTest.java
index 93cf748..b6e9b95 100644
--- a/tests/common/java/android/net/metrics/IpConnectivityLogTest.java
+++ b/tests/common/java/android/net/metrics/IpConnectivityLogTest.java
@@ -19,7 +19,7 @@
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
import static android.net.NetworkCapabilities.TRANSPORT_WIFI;
-import static com.android.net.module.util.NetworkCapabilitiesUtils.unpackBits;
+import static com.android.net.module.util.BitUtils.unpackBits;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
diff --git a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
index 8dbcc00..4887a78 100644
--- a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
+++ b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
@@ -270,7 +270,10 @@
private static final int MIN_KEEPALIVE_INTERVAL = 10;
private static final int NETWORK_CALLBACK_TIMEOUT_MS = 30_000;
- private static final int LISTEN_ACTIVITY_TIMEOUT_MS = 5_000;
+ // Timeout for waiting network to be validated. Set the timeout to 30s, which is more than
+ // DNS timeout.
+ // TODO(b/252972908): reset the original timer when aosp/2188755 is ramped up.
+ private static final int LISTEN_ACTIVITY_TIMEOUT_MS = 30_000;
private static final int NO_CALLBACK_TIMEOUT_MS = 100;
private static final int SOCKET_TIMEOUT_MS = 100;
private static final int NUM_TRIES_MULTIPATH_PREF_CHECK = 20;
@@ -2751,6 +2754,27 @@
mCm.getActiveNetwork(), false /* accept */ , false /* always */));
}
+ private void ensureCellIsValidatedBeforeMockingValidationUrls() {
+ // Verify that current supported network is validated so that the mock http server will not
+ // apply to unexpected networks. Also see aosp/2208680.
+ //
+ // This may also apply to wifi in principle, but in practice methods that mock validation
+ // URL all disconnect wifi forcefully anyway, so don't wait for wifi to validate.
+ if (mPackageManager.hasSystemFeature(FEATURE_TELEPHONY)) {
+ ensureValidatedNetwork(makeCellNetworkRequest());
+ }
+ }
+
+ private void ensureValidatedNetwork(NetworkRequest request) {
+ final TestableNetworkCallback cb = new TestableNetworkCallback();
+ mCm.registerNetworkCallback(request, cb);
+ cb.eventuallyExpect(CallbackEntry.NETWORK_CAPS_UPDATED,
+ NETWORK_CALLBACK_TIMEOUT_MS,
+ entry -> ((CallbackEntry.CapabilitiesChanged) entry).getCaps()
+ .hasCapability(NET_CAPABILITY_VALIDATED));
+ mCm.unregisterNetworkCallback(cb);
+ }
+
@AppModeFull(reason = "WRITE_DEVICE_CONFIG permission can't be granted to instant apps")
@Test
public void testAcceptPartialConnectivity_validatedNetwork() throws Exception {
@@ -2882,7 +2906,8 @@
assertTrue(mCm.getNetworkCapabilities(wifiNetwork).hasCapability(
NET_CAPABILITY_VALIDATED));
- // Configure response code for unvalidated network
+ // The cell network has already been checked to be validated.
+ // Configure response code for unvalidated network.
configTestServer(Status.INTERNAL_ERROR, Status.INTERNAL_ERROR);
mCm.reportNetworkConnectivity(wifiNetwork, false);
// Default network should stay on unvalidated wifi because avoid bad wifi is disabled.
@@ -2970,6 +2995,8 @@
}
private Network prepareValidatedNetwork() throws Exception {
+ ensureCellIsValidatedBeforeMockingValidationUrls();
+
prepareHttpServer();
configTestServer(Status.NO_CONTENT, Status.NO_CONTENT);
// Disconnect wifi first then start wifi network with configuration.
@@ -2980,6 +3007,8 @@
}
private Network preparePartialConnectivity() throws Exception {
+ ensureCellIsValidatedBeforeMockingValidationUrls();
+
prepareHttpServer();
// Configure response code for partial connectivity
configTestServer(Status.INTERNAL_ERROR /* httpsStatusCode */,
@@ -2993,6 +3022,8 @@
}
private Network prepareUnvalidatedNetwork() throws Exception {
+ ensureCellIsValidatedBeforeMockingValidationUrls();
+
prepareHttpServer();
// Configure response code for unvalidated network
configTestServer(Status.INTERNAL_ERROR /* httpsStatusCode */,
diff --git a/tests/cts/net/src/android/net/cts/EthernetManagerTest.kt b/tests/cts/net/src/android/net/cts/EthernetManagerTest.kt
index 3635b7b..776e49f 100644
--- a/tests/cts/net/src/android/net/cts/EthernetManagerTest.kt
+++ b/tests/cts/net/src/android/net/cts/EthernetManagerTest.kt
@@ -103,7 +103,10 @@
import kotlin.test.fail
private const val TAG = "EthernetManagerTest"
-private const val TIMEOUT_MS = 2000L
+// This timeout does not affect the test duration for passing tests. It needs to be long enough to
+// account for RS delay (and potentially the first retry interval (4s)). There have been failures
+// where the interface did not gain provisioning within the allotted timeout.
+private const val TIMEOUT_MS = 10_000L
// Timeout used to confirm no callbacks matching given criteria are received. Must be long enough to
// process all callbacks including ip provisioning when using the updateConfiguration API.
// Note that increasing this timeout increases the test duration.
@@ -303,8 +306,8 @@
available.completeExceptionally(IllegalStateException("onUnavailable was called"))
}
- fun expectOnAvailable(): String {
- return available.get(TIMEOUT_MS, TimeUnit.MILLISECONDS)
+ fun expectOnAvailable(timeout: Long = TIMEOUT_MS): String {
+ return available.get(timeout, TimeUnit.MILLISECONDS)
}
fun expectOnUnavailable() {
@@ -381,7 +384,10 @@
setIncludeTestInterfaces(false)
for (listener in addedListeners) {
+ // Even if a given listener was not registered as both an interface and ethernet state
+ // listener, calling remove is safe.
em.removeInterfaceStateListener(listener)
+ em.removeEthernetStateListener(listener)
}
registeredCallbacks.forEach { cm.unregisterNetworkCallback(it) }
releaseTetheredInterface()
@@ -409,6 +415,11 @@
addedListeners.add(listener)
}
+ private fun addEthernetStateListener(listener: EthernetStateListener) {
+ em.addEthernetStateListener(handler::post, listener)
+ addedListeners.add(listener)
+ }
+
// WARNING: setting hasCarrier to false requires kernel support. Call
// assumeChangingCarrierSupported() at the top of your test.
private fun createInterface(hasCarrier: Boolean = true): EthernetTestInterface {
@@ -439,14 +450,18 @@
}
private fun requestNetwork(request: NetworkRequest): TestableNetworkCallback {
- return TestableNetworkCallback().also {
+ return TestableNetworkCallback(
+ timeoutMs = TIMEOUT_MS,
+ noCallbackTimeoutMs = NO_CALLBACK_TIMEOUT_MS).also {
cm.requestNetwork(request, it)
registeredCallbacks.add(it)
}
}
private fun registerNetworkListener(request: NetworkRequest): TestableNetworkCallback {
- return TestableNetworkCallback().also {
+ return TestableNetworkCallback(
+ timeoutMs = TIMEOUT_MS,
+ noCallbackTimeoutMs = NO_CALLBACK_TIMEOUT_MS).also {
cm.registerNetworkCallback(request, it)
registeredCallbacks.add(it)
}
@@ -503,13 +518,8 @@
runAsShell(NETWORK_SETTINGS) { em.setEthernetEnabled(enabled) }
val listener = EthernetStateListener()
- em.addEthernetStateListener(handler::post, listener)
- try {
- listener.eventuallyExpect(
- if (enabled) ETHERNET_STATE_ENABLED else ETHERNET_STATE_DISABLED)
- } finally {
- em.removeEthernetStateListener(listener)
- }
+ addEthernetStateListener(listener)
+ listener.eventuallyExpect(if (enabled) ETHERNET_STATE_ENABLED else ETHERNET_STATE_DISABLED)
}
// NetworkRequest.Builder does not create a copy of the passed NetworkRequest, so in order to
@@ -520,18 +530,18 @@
// It can take multiple seconds for the network to become available.
private fun TestableNetworkCallback.expectAvailable() =
- expectCallback<Available>(anyNetwork(), 5000 /* ms timeout */).network
+ expectCallback<Available>().network
private fun TestableNetworkCallback.expectLost(n: Network = anyNetwork()) =
- expectCallback<Lost>(n, 5000 /* ms timeout */)
+ expectCallback<Lost>(n)
// b/233534110: eventuallyExpect<Lost>() does not advance ReadHead, use
// eventuallyExpect(Lost::class) instead.
private fun TestableNetworkCallback.eventuallyExpectLost(n: Network? = null) =
- eventuallyExpect(Lost::class, TIMEOUT_MS) { n?.equals(it.network) ?: true }
+ eventuallyExpect(Lost::class) { n?.equals(it.network) ?: true }
private fun TestableNetworkCallback.assertNeverLost(n: Network? = null) =
- assertNoCallbackThat(NO_CALLBACK_TIMEOUT_MS) {
+ assertNoCallbackThat() {
it is Lost && (n?.equals(it.network) ?: true)
}
@@ -545,7 +555,7 @@
private fun TestableNetworkCallback.eventuallyExpectCapabilities(nc: NetworkCapabilities) {
// b/233534110: eventuallyExpect<CapabilitiesChanged>() does not advance ReadHead.
- eventuallyExpect(CapabilitiesChanged::class, TIMEOUT_MS) {
+ eventuallyExpect(CapabilitiesChanged::class) {
// CS may mix in additional capabilities, so NetworkCapabilities#equals cannot be used.
// Check if all expected capabilities are present instead.
it is CapabilitiesChanged && nc.capabilities.all { c -> it.caps.hasCapability(c) }
@@ -556,7 +566,7 @@
config: StaticIpConfiguration
) {
// b/233534110: eventuallyExpect<LinkPropertiesChanged>() does not advance ReadHead.
- eventuallyExpect(LinkPropertiesChanged::class, TIMEOUT_MS) {
+ eventuallyExpect(LinkPropertiesChanged::class) {
it is LinkPropertiesChanged && it.lp.linkAddresses.any { la ->
la.isSameAddressAs(config.ipAddress)
}
@@ -620,7 +630,7 @@
// see aosp/2123900.
try {
// assumeException does not exist.
- requestTetheredInterface().expectOnAvailable()
+ requestTetheredInterface().expectOnAvailable(NO_CALLBACK_TIMEOUT_MS)
// interface used for tethering is available, throw an assumption error.
assumeTrue(false)
} catch (e: TimeoutException) {
@@ -833,7 +843,7 @@
val iface = createInterface()
val cb = requestNetwork(ETH_REQUEST)
// b/233534110: eventuallyExpect<LinkPropertiesChanged>() does not advance ReadHead
- cb.eventuallyExpect(LinkPropertiesChanged::class, TIMEOUT_MS) {
+ cb.eventuallyExpect(LinkPropertiesChanged::class) {
it is LinkPropertiesChanged && it.lp.addresses.any {
address -> iface.onLinkPrefix.contains(address)
}
@@ -979,4 +989,23 @@
cb.eventuallyExpectCapabilities(TEST_CAPS)
cb.eventuallyExpectLpForStaticConfig(STATIC_IP_CONFIGURATION.staticIpConfiguration)
}
+
+ @Test
+ fun testUpdateConfiguration_withLinkDown() {
+ assumeChangingCarrierSupported()
+ // createInterface without carrier is racy, so create it and then remove carrier.
+ val iface = createInterface()
+ val cb = requestNetwork(ETH_REQUEST)
+ cb.expectAvailable()
+
+ iface.setCarrierEnabled(false)
+ cb.eventuallyExpectLost()
+
+ updateConfiguration(iface, STATIC_IP_CONFIGURATION, TEST_CAPS).expectResult(iface.name)
+ cb.assertNoCallback()
+
+ iface.setCarrierEnabled(true)
+ cb.eventuallyExpectCapabilities(TEST_CAPS)
+ cb.eventuallyExpectLpForStaticConfig(STATIC_IP_CONFIGURATION.staticIpConfiguration)
+ }
}
diff --git a/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt b/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
index d2cd7aa..867d672 100644
--- a/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
+++ b/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
@@ -335,6 +335,28 @@
mFakeConnectivityService.connect(it.registerForTest(Network(FAKE_NET_ID)))
}
+ fun assertLinkPropertiesEventually(
+ n: Network,
+ description: String,
+ condition: (LinkProperties?) -> Boolean
+ ): LinkProperties? {
+ val deadline = SystemClock.elapsedRealtime() + DEFAULT_TIMEOUT_MS
+ do {
+ val lp = mCM.getLinkProperties(n)
+ if (condition(lp)) return lp
+ SystemClock.sleep(10 /* ms */)
+ } while (SystemClock.elapsedRealtime() < deadline)
+ fail("Network $n LinkProperties did not $description after $DEFAULT_TIMEOUT_MS ms")
+ }
+
+ fun assertLinkPropertiesEventuallyNotNull(n: Network) {
+ assertLinkPropertiesEventually(n, "become non-null") { it != null }
+ }
+
+ fun assertLinkPropertiesEventuallyNull(n: Network) {
+ assertLinkPropertiesEventually(n, "become null") { it == null }
+ }
+
@Test
fun testSetSubtypeNameAndExtraInfoByAgentConfig() {
val subtypeLTE = TelephonyManager.NETWORK_TYPE_LTE
@@ -1269,8 +1291,40 @@
agent5.expectCallback<OnNetworkDestroyed>()
agent5.expectCallback<OnNetworkUnwanted>()
+ // If unregisterAfterReplacement is called before markConnected, the network disconnects.
+ val specifier6 = UUID.randomUUID().toString()
+ val callback = TestableNetworkCallback()
+ requestNetwork(makeTestNetworkRequest(specifier = specifier6), callback)
+ val agent6 = createNetworkAgent(specifier = specifier6)
+ val network6 = agent6.register()
+ // No callbacks are sent, so check the LinkProperties to see if the network has connected.
+ assertLinkPropertiesEventuallyNotNull(agent6.network!!)
+
+ // unregisterAfterReplacement tears down the network immediately.
+ // Approximately check that this is the case by picking an unregister timeout that's longer
+ // than the timeout of the expectCallback<OnNetworkUnwanted> below.
+ // TODO: consider adding configurable timeouts to TestableNetworkAgent expectations.
+ val timeoutMs = agent6.DEFAULT_TIMEOUT_MS.toInt() + 1_000
+ agent6.unregisterAfterReplacement(timeoutMs)
+ agent6.expectCallback<OnNetworkUnwanted>()
+ if (!SdkLevel.isAtLeastT()) {
+ // Before T, onNetworkDestroyed is called even if the network was never created.
+ agent6.expectCallback<OnNetworkDestroyed>()
+ }
+ // Poll for LinkProperties becoming null, because when onNetworkUnwanted is called, the
+ // network has not yet been removed from the CS data structures.
+ assertLinkPropertiesEventuallyNull(agent6.network!!)
+ assertFalse(mCM.getAllNetworks().contains(agent6.network!!))
+
+ // After unregisterAfterReplacement is called, the network is no longer usable and
+ // markConnected has no effect.
+ agent6.markConnected()
+ agent6.assertNoCallback()
+ assertNull(mCM.getLinkProperties(agent6.network!!))
+ matchAllCallback.assertNoCallback(200 /* timeoutMs */)
+
// If wifi is replaced within the timeout, the device does not switch to cellular.
- val (cellAgent, cellNetwork) = connectNetwork(TRANSPORT_CELLULAR)
+ val (_, cellNetwork) = connectNetwork(TRANSPORT_CELLULAR)
testCallback.expectAvailableThenValidatedCallbacks(cellNetwork)
matchAllCallback.expectAvailableThenValidatedCallbacks(cellNetwork)
diff --git a/tests/unit/Android.bp b/tests/unit/Android.bp
index cb68235..437622b 100644
--- a/tests/unit/Android.bp
+++ b/tests/unit/Android.bp
@@ -101,7 +101,7 @@
],
static_libs: [
"androidx.test.rules",
- "androidx.test.uiautomator",
+ "androidx.test.uiautomator_uiautomator",
"bouncycastle-repackaged-unbundled",
"core-tests-support",
"FrameworksNetCommonTests",
diff --git a/tests/unit/java/android/net/NetworkStatsTest.java b/tests/unit/java/android/net/NetworkStatsTest.java
index 709b722..126ad55 100644
--- a/tests/unit/java/android/net/NetworkStatsTest.java
+++ b/tests/unit/java/android/net/NetworkStatsTest.java
@@ -1067,6 +1067,38 @@
}
}
+ @Test
+ public void testClearInterfaces() {
+ final NetworkStats stats = new NetworkStats(TEST_START, 1);
+ final NetworkStats.Entry entry1 = new NetworkStats.Entry(
+ "test1", 10100, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 1024L, 50L, 100L, 20L, 0L);
+
+ final NetworkStats.Entry entry2 = new NetworkStats.Entry(
+ "test2", 10101, SET_DEFAULT, 0xF0DD, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 51200, 25L, 101010L, 50L, 0L);
+
+ stats.insertEntry(entry1);
+ stats.insertEntry(entry2);
+
+ // Verify that the interfaces have indeed been recorded.
+ assertEquals(2, stats.size());
+ assertValues(stats, 0, "test1", 10100, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 50L, 100L, 20L, 0L);
+ assertValues(stats, 1, "test2", 10101, SET_DEFAULT, 0xF0DD, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 51200, 25L, 101010L, 50L, 0L);
+
+ // Clear interfaces.
+ stats.clearInterfaces();
+
+ // Verify that the interfaces are cleared.
+ assertEquals(2, stats.size());
+ assertValues(stats, 0, null /* iface */, 10100, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 50L, 100L, 20L, 0L);
+ assertValues(stats, 1, null /* iface */, 10101, SET_DEFAULT, 0xF0DD, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 51200, 25L, 101010L, 50L, 0L);
+ }
+
private static void assertContains(NetworkStats stats, String iface, int uid, int set,
int tag, int metered, int roaming, int defaultNetwork, long rxBytes, long rxPackets,
long txBytes, long txPackets, long operations) {
diff --git a/tests/unit/java/com/android/server/ConnectivityServiceTest.java b/tests/unit/java/com/android/server/ConnectivityServiceTest.java
index 7993a5c..c8aa59b 100755
--- a/tests/unit/java/com/android/server/ConnectivityServiceTest.java
+++ b/tests/unit/java/com/android/server/ConnectivityServiceTest.java
@@ -1068,38 +1068,41 @@
* @param hasInternet Indicate if network should pretend to have NET_CAPABILITY_INTERNET.
*/
public void connect(boolean validated, boolean hasInternet, boolean isStrictMode) {
- ConnectivityManager.NetworkCallback callback = null;
final ConditionVariable validatedCv = new ConditionVariable();
+ final ConditionVariable capsChangedCv = new ConditionVariable();
+ final NetworkRequest request = new NetworkRequest.Builder()
+ .addTransportType(getNetworkCapabilities().getTransportTypes()[0])
+ .clearCapabilities()
+ .build();
if (validated) {
setNetworkValid(isStrictMode);
- NetworkRequest request = new NetworkRequest.Builder()
- .addTransportType(getNetworkCapabilities().getTransportTypes()[0])
- .clearCapabilities()
- .build();
- callback = new ConnectivityManager.NetworkCallback() {
- public void onCapabilitiesChanged(Network network,
- NetworkCapabilities networkCapabilities) {
- if (network.equals(getNetwork()) &&
- networkCapabilities.hasCapability(NET_CAPABILITY_VALIDATED)) {
+ }
+ final NetworkCallback callback = new NetworkCallback() {
+ public void onCapabilitiesChanged(Network network,
+ NetworkCapabilities networkCapabilities) {
+ if (network.equals(getNetwork())) {
+ capsChangedCv.open();
+ if (networkCapabilities.hasCapability(NET_CAPABILITY_VALIDATED)) {
validatedCv.open();
}
}
- };
- mCm.registerNetworkCallback(request, callback);
- }
+ }
+ };
+ mCm.registerNetworkCallback(request, callback);
+
if (hasInternet) {
addCapability(NET_CAPABILITY_INTERNET);
}
connectWithoutInternet();
+ waitFor(capsChangedCv);
if (validated) {
// Wait for network to validate.
waitFor(validatedCv);
setNetworkInvalid(isStrictMode);
}
-
- if (callback != null) mCm.unregisterNetworkCallback(callback);
+ mCm.unregisterNetworkCallback(callback);
}
public void connectWithCaptivePortal(String redirectUrl, boolean isStrictMode) {
@@ -1605,9 +1608,9 @@
mMockVpn = new MockVpn(userId);
}
- private void mockUidNetworkingBlocked() {
+ private void mockUidNetworkingBlocked(int uid) {
doAnswer(i -> isUidBlocked(mBlockedReasons, i.getArgument(1))
- ).when(mNetworkPolicyManager).isUidNetworkingBlocked(anyInt(), anyBoolean());
+ ).when(mNetworkPolicyManager).isUidNetworkingBlocked(eq(uid), anyBoolean());
}
private boolean isUidBlocked(int blockedReasons, boolean meteredNetwork) {
@@ -8994,7 +8997,7 @@
final DetailedBlockedStatusCallback detailedCallback = new DetailedBlockedStatusCallback();
mCm.registerNetworkCallback(cellRequest, detailedCallback);
- mockUidNetworkingBlocked();
+ mockUidNetworkingBlocked(Process.myUid());
mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR);
mCellNetworkAgent.connect(true);
@@ -9109,7 +9112,7 @@
public void testNetworkBlockedStatusBeforeAndAfterConnect() throws Exception {
final TestNetworkCallback defaultCallback = new TestNetworkCallback();
mCm.registerDefaultNetworkCallback(defaultCallback);
- mockUidNetworkingBlocked();
+ mockUidNetworkingBlocked(Process.myUid());
// No Networkcallbacks invoked before any network is active.
setBlockedReasonChanged(BLOCKED_REASON_BATTERY_SAVER);
@@ -16878,4 +16881,43 @@
verify(mTetheringManager).getTetherableWifiRegexs();
});
}
+
+ @Test
+ public void testGetNetworkInfoForUid() throws Exception {
+ // Setup and verify getNetworkInfoForUid cannot be called without Network Stack permission,
+ // when querying NetworkInfo for other uid.
+ verifyNoNetwork();
+ mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
+ mServiceContext.setPermission(NETWORK_STACK, PERMISSION_DENIED);
+ mServiceContext.setPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK,
+ PERMISSION_DENIED);
+
+ final int otherUid = Process.myUid() + 1;
+ assertNull(mCm.getActiveNetwork());
+ assertNull(mCm.getNetworkInfoForUid(mCm.getActiveNetwork(),
+ Process.myUid(), false /* ignoreBlocked */));
+ assertThrows(SecurityException.class, () -> mCm.getNetworkInfoForUid(
+ mCm.getActiveNetwork(), otherUid, false /* ignoreBlocked */));
+ withPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, () ->
+ assertNull(mCm.getNetworkInfoForUid(mCm.getActiveNetwork(),
+ otherUid, false /* ignoreBlocked */)));
+
+ // Bringing up validated wifi and verify again. Make the other uid be blocked,
+ // verify the method returns result accordingly.
+ mWiFiNetworkAgent.connect(true);
+ setBlockedReasonChanged(BLOCKED_REASON_BATTERY_SAVER);
+ mockUidNetworkingBlocked(otherUid);
+ withPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, () ->
+ verifyActiveNetwork(TRANSPORT_WIFI));
+ checkNetworkInfo(mCm.getNetworkInfoForUid(mCm.getActiveNetwork(),
+ Process.myUid(), false /* ignoreBlocked */), TYPE_WIFI, DetailedState.CONNECTED);
+ assertThrows(SecurityException.class, () -> mCm.getNetworkInfoForUid(
+ mCm.getActiveNetwork(), otherUid, false /* ignoreBlocked */));
+ withPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, () ->
+ checkNetworkInfo(mCm.getNetworkInfoForUid(mCm.getActiveNetwork(),
+ otherUid, false /* ignoreBlocked */), TYPE_WIFI, DetailedState.BLOCKED));
+ withPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, () ->
+ checkNetworkInfo(mCm.getNetworkInfoForUid(mCm.getActiveNetwork(),
+ otherUid, true /* ignoreBlocked */), TYPE_WIFI, DetailedState.CONNECTED));
+ }
}
diff --git a/tests/unit/java/com/android/server/connectivity/VpnTest.java b/tests/unit/java/com/android/server/connectivity/VpnTest.java
index 1c54651..39fd780 100644
--- a/tests/unit/java/com/android/server/connectivity/VpnTest.java
+++ b/tests/unit/java/com/android/server/connectivity/VpnTest.java
@@ -20,6 +20,8 @@
import static android.Manifest.permission.CONTROL_VPN;
import static android.content.pm.PackageManager.PERMISSION_DENIED;
import static android.content.pm.PackageManager.PERMISSION_GRANTED;
+import static android.net.ConnectivityDiagnosticsManager.ConnectivityDiagnosticsCallback;
+import static android.net.ConnectivityDiagnosticsManager.DataStallReport;
import static android.net.ConnectivityManager.NetworkCallback;
import static android.net.INetd.IF_STATE_DOWN;
import static android.net.INetd.IF_STATE_UP;
@@ -76,6 +78,7 @@
import android.content.pm.ServiceInfo;
import android.content.pm.UserInfo;
import android.content.res.Resources;
+import android.net.ConnectivityDiagnosticsManager;
import android.net.ConnectivityManager;
import android.net.INetd;
import android.net.Ikev2VpnProfile;
@@ -115,6 +118,7 @@
import android.os.ConditionVariable;
import android.os.INetworkManagementService;
import android.os.ParcelFileDescriptor;
+import android.os.PersistableBundle;
import android.os.PowerWhitelistManager;
import android.os.Process;
import android.os.UserHandle;
@@ -245,6 +249,7 @@
@Mock private Vpn.Ikev2SessionCreator mIkev2SessionCreator;
@Mock private Vpn.VpnNetworkAgentWrapper mMockNetworkAgent;
@Mock private ConnectivityManager mConnectivityManager;
+ @Mock private ConnectivityDiagnosticsManager mCdm;
@Mock private IpSecService mIpSecService;
@Mock private VpnProfileStore mVpnProfileStore;
@Mock private ScheduledThreadPoolExecutor mExecutor;
@@ -283,6 +288,8 @@
mockService(NotificationManager.class, Context.NOTIFICATION_SERVICE, mNotificationManager);
mockService(ConnectivityManager.class, Context.CONNECTIVITY_SERVICE, mConnectivityManager);
mockService(IpSecManager.class, Context.IPSEC_SERVICE, mIpSecManager);
+ mockService(ConnectivityDiagnosticsManager.class, Context.CONNECTIVITY_DIAGNOSTICS_SERVICE,
+ mCdm);
when(mContext.getString(R.string.config_customVpnAlwaysOnDisconnectedDialogComponent))
.thenReturn(Resources.getSystem().getString(
R.string.config_customVpnAlwaysOnDisconnectedDialogComponent));
@@ -1925,6 +1932,56 @@
verifyHandlingNetworkLoss(vpnSnapShot);
}
+ private ConnectivityDiagnosticsCallback getConnectivityDiagCallback() {
+ final ArgumentCaptor<ConnectivityDiagnosticsCallback> cdcCaptor =
+ ArgumentCaptor.forClass(ConnectivityDiagnosticsCallback.class);
+ verify(mCdm).registerConnectivityDiagnosticsCallback(
+ any(), any(), cdcCaptor.capture());
+ return cdcCaptor.getValue();
+ }
+
+ private DataStallReport createDataStallReport() {
+ return new DataStallReport(TEST_NETWORK, 1234 /* reportTimestamp */,
+ 1 /* detectionMethod */, new LinkProperties(), new NetworkCapabilities(),
+ new PersistableBundle());
+ }
+
+ private void verifyMobikeTriggered(List<Network> expected) {
+ final ArgumentCaptor<Network> networkCaptor = ArgumentCaptor.forClass(Network.class);
+ verify(mIkeSessionWrapper).setNetwork(networkCaptor.capture());
+ assertEquals(expected, Collections.singletonList(networkCaptor.getValue()));
+ }
+
+ @Test
+ public void testDataStallInIkev2VpnMobikeDisabled() throws Exception {
+ verifySetupPlatformVpn(
+ createIkeConfig(createIkeConnectInfo(), false /* isMobikeEnabled */));
+
+ doReturn(TEST_NETWORK).when(mMockNetworkAgent).getNetwork();
+ final ConnectivityDiagnosticsCallback connectivityDiagCallback =
+ getConnectivityDiagCallback();
+ final DataStallReport report = createDataStallReport();
+ connectivityDiagCallback.onDataStallSuspected(report);
+
+ // Should not trigger MOBIKE if MOBIKE is not enabled
+ verify(mIkeSessionWrapper, never()).setNetwork(any());
+ }
+
+ @Test
+ public void testDataStallInIkev2VpnMobikeEnabled() throws Exception {
+ final PlatformVpnSnapshot vpnSnapShot = verifySetupPlatformVpn(
+ createIkeConfig(createIkeConnectInfo(), true /* isMobikeEnabled */));
+
+ doReturn(TEST_NETWORK).when(mMockNetworkAgent).getNetwork();
+ final ConnectivityDiagnosticsCallback connectivityDiagCallback =
+ getConnectivityDiagCallback();
+ final DataStallReport report = createDataStallReport();
+ connectivityDiagCallback.onDataStallSuspected(report);
+
+ // Verify MOBIKE is triggered
+ verifyMobikeTriggered(vpnSnapShot.vpn.mNetworkCapabilities.getUnderlyingNetworks());
+ }
+
@Test
public void testStartRacoonNumericAddress() throws Exception {
startRacoon("1.2.3.4", "1.2.3.4");