Merge "Import translations. DO NOT MERGE ANYWHERE" into main
diff --git a/bpf/loader/NetBpfLoad.cpp b/bpf/loader/NetBpfLoad.cpp
index 22f12d1..59712b1 100644
--- a/bpf/loader/NetBpfLoad.cpp
+++ b/bpf/loader/NetBpfLoad.cpp
@@ -17,7 +17,6 @@
#define LOG_TAG "NetBpfLoad"
#include <arpa/inet.h>
-#include <cstdlib>
#include <dirent.h>
#include <elf.h>
#include <errno.h>
@@ -26,8 +25,6 @@
#include <fstream>
#include <inttypes.h>
#include <iostream>
-#include <linux/bpf.h>
-#include <linux/elf.h>
#include <linux/unistd.h>
#include <log/log.h>
#include <net/if.h>
@@ -993,13 +990,13 @@
union bpf_attr req = {
.prog_type = cs[i].type,
- .kern_version = kvers,
- .license = ptr_to_u64(license.c_str()),
- .insns = ptr_to_u64(cs[i].data.data()),
.insn_cnt = static_cast<__u32>(cs[i].data.size() / sizeof(struct bpf_insn)),
+ .insns = ptr_to_u64(cs[i].data.data()),
+ .license = ptr_to_u64(license.c_str()),
.log_level = 1,
- .log_buf = ptr_to_u64(log_buf.data()),
.log_size = static_cast<__u32>(log_buf.size()),
+ .log_buf = ptr_to_u64(log_buf.data()),
+ .kern_version = kvers,
.expected_attach_type = cs[i].attach_type,
};
if (isAtLeastKernelVersion(4, 15, 0))
@@ -1155,33 +1152,35 @@
abort(); // can only hit this if permissions (likely selinux) are screwed up
}
+#define APEXROOT "/apex/com.android.tethering"
+#define BPFROOT APEXROOT "/etc/bpf"
const Location locations[] = {
// S+ Tethering mainline module (network_stack): tether offload
{
- .dir = "/apex/com.android.tethering/etc/bpf/",
+ .dir = BPFROOT "/",
.prefix = "tethering/",
},
// T+ Tethering mainline module (shared with netd & system server)
// netutils_wrapper (for iptables xt_bpf) has access to programs
{
- .dir = "/apex/com.android.tethering/etc/bpf/netd_shared/",
+ .dir = BPFROOT "/netd_shared/",
.prefix = "netd_shared/",
},
// T+ Tethering mainline module (shared with netd & system server)
// netutils_wrapper has no access, netd has read only access
{
- .dir = "/apex/com.android.tethering/etc/bpf/netd_readonly/",
+ .dir = BPFROOT "/netd_readonly/",
.prefix = "netd_readonly/",
},
// T+ Tethering mainline module (shared with system server)
{
- .dir = "/apex/com.android.tethering/etc/bpf/net_shared/",
+ .dir = BPFROOT "/net_shared/",
.prefix = "net_shared/",
},
// T+ Tethering mainline module (not shared, just network_stack)
{
- .dir = "/apex/com.android.tethering/etc/bpf/net_private/",
+ .dir = BPFROOT "/net_private/",
.prefix = "net_private/",
},
};
diff --git a/bpf/progs/dscpPolicy.c b/bpf/progs/dscpPolicy.c
index 4bdd3ed..baabb02 100644
--- a/bpf/progs/dscpPolicy.c
+++ b/bpf/progs/dscpPolicy.c
@@ -155,19 +155,19 @@
int score = 0;
- if (policy->present_fields & PROTO_MASK_FLAG) {
+ if (policy->match_proto) {
if (protocol != policy->proto) continue;
score += 0xFFFF;
}
- if (policy->present_fields & SRC_IP_MASK_FLAG) {
+ if (policy->match_src_ip) {
if (v6_not_equal(src_ip, policy->src_ip)) continue;
score += 0xFFFF;
}
- if (policy->present_fields & DST_IP_MASK_FLAG) {
+ if (policy->match_dst_ip) {
if (v6_not_equal(dst_ip, policy->dst_ip)) continue;
score += 0xFFFF;
}
- if (policy->present_fields & SRC_PORT_MASK_FLAG) {
+ if (policy->match_src_port) {
if (sport != policy->src_port) continue;
score += 0xFFFF;
}
diff --git a/bpf/progs/dscpPolicy.h b/bpf/progs/dscpPolicy.h
index ea84655..dc431a7 100644
--- a/bpf/progs/dscpPolicy.h
+++ b/bpf/progs/dscpPolicy.h
@@ -17,11 +17,6 @@
#define CACHE_MAP_SIZE 1024
#define MAX_POLICIES 16
-#define SRC_IP_MASK_FLAG 1
-#define DST_IP_MASK_FLAG 2
-#define SRC_PORT_MASK_FLAG 4
-#define PROTO_MASK_FLAG 8
-
#define STRUCT_SIZE(name, size) _Static_assert(sizeof(name) == (size), "Incorrect struct size.")
// Retrieve the first (ie. high) 64 bits of an IPv6 address (in network order)
@@ -46,10 +41,12 @@
uint16_t dst_port_end;
uint8_t proto;
int8_t dscp_val; // -1 none, or 0..63 DSCP value
- uint8_t present_fields;
- uint8_t pad[3];
+ bool match_src_ip;
+ bool match_dst_ip;
+ bool match_src_port;
+ bool match_proto;
} DscpPolicy;
-STRUCT_SIZE(DscpPolicy, 2 * 16 + 4 + 3 * 2 + 3 * 1 + 3); // 48
+STRUCT_SIZE(DscpPolicy, 2 * 16 + 4 + 3 * 2 + 6 * 1); // 48
typedef struct {
struct in6_addr src_ip;
@@ -61,4 +58,4 @@
int8_t dscp_val; // -1 none, or 0..63 DSCP value
uint8_t pad[2];
} RuleEntry;
-STRUCT_SIZE(RuleEntry, 2 * 16 + 1 * 4 + 2 * 2 + 2 * 1 + 2); // 44
+STRUCT_SIZE(RuleEntry, 2 * 16 + 4 + 2 * 2 + 4 * 1); // 44
diff --git a/tests/mts/Android.bp b/bpf/tests/mts/Android.bp
similarity index 100%
rename from tests/mts/Android.bp
rename to bpf/tests/mts/Android.bp
diff --git a/tests/mts/OWNERS b/bpf/tests/mts/OWNERS
similarity index 100%
rename from tests/mts/OWNERS
rename to bpf/tests/mts/OWNERS
diff --git a/tests/mts/bpf_existence_test.cpp b/bpf/tests/mts/bpf_existence_test.cpp
similarity index 100%
rename from tests/mts/bpf_existence_test.cpp
rename to bpf/tests/mts/bpf_existence_test.cpp
diff --git a/service-t/src/com/android/server/net/NetworkStatsService.java b/service-t/src/com/android/server/net/NetworkStatsService.java
index 11343d2..9b7af49 100644
--- a/service-t/src/com/android/server/net/NetworkStatsService.java
+++ b/service-t/src/com/android/server/net/NetworkStatsService.java
@@ -313,7 +313,7 @@
static final int DEFAULT_TRAFFIC_STATS_CACHE_MAX_ENTRIES = 400;
/**
* The delay time between to network stats update intents.
- * Added to fix intent spams (b/3115462)
+ * Added to fix intent spams (b/343844995)
*/
@VisibleForTesting(visibility = PRIVATE)
static final int BROADCAST_NETWORK_STATS_UPDATED_DELAY_MS = 1000;
@@ -488,7 +488,6 @@
@GuardedBy("mStatsLock")
private long mLatestNetworkStatsUpdatedBroadcastScheduledTime = Long.MIN_VALUE;
-
private final TrafficStatsRateLimitCache mTrafficStatsTotalCache;
private final TrafficStatsRateLimitCache mTrafficStatsIfaceCache;
private final TrafficStatsRateLimitCache mTrafficStatsUidCache;
@@ -499,7 +498,6 @@
private final boolean mAlwaysUseTrafficStatsRateLimitCache;
private final int mTrafficStatsRateLimitCacheExpiryDuration;
private final int mTrafficStatsRateLimitCacheMaxEntries;
-
private final boolean mBroadcastNetworkStatsUpdatedRateLimitEnabled;
@@ -724,15 +722,6 @@
@VisibleForTesting
public static class Dependencies {
/**
- * Get broadcast network stats updated delay time in ms
- * @return
- */
- @NonNull
- public long getBroadcastNetworkStatsUpdateDelayMs() {
- return BROADCAST_NETWORK_STATS_UPDATED_DELAY_MS;
- }
-
- /**
* Get legacy platform stats directory.
*/
@NonNull
diff --git a/service/src/com/android/server/connectivity/DscpPolicyValue.java b/service/src/com/android/server/connectivity/DscpPolicyValue.java
index 7b11eda..7162a4a 100644
--- a/service/src/com/android/server/connectivity/DscpPolicyValue.java
+++ b/service/src/com/android/server/connectivity/DscpPolicyValue.java
@@ -55,13 +55,17 @@
@Field(order = 7, type = Type.S8)
public final byte dscp;
- @Field(order = 8, type = Type.U8, padding = 3)
- public final short mask;
+ @Field(order = 8, type = Type.Bool)
+ public final boolean match_src_ip;
- private static final int SRC_IP_MASK = 0x1;
- private static final int DST_IP_MASK = 0x02;
- private static final int SRC_PORT_MASK = 0x4;
- private static final int PROTO_MASK = 0x8;
+ @Field(order = 9, type = Type.Bool)
+ public final boolean match_dst_ip;
+
+ @Field(order = 10, type = Type.Bool)
+ public final boolean match_src_port;
+
+ @Field(order = 11, type = Type.Bool)
+ public final boolean match_proto;
private boolean ipEmpty(final byte[] ip) {
for (int i = 0; i < ip.length; i++) {
@@ -98,24 +102,6 @@
private static final byte[] EMPTY_ADDRESS_FIELD =
InetAddress.parseNumericAddress("::").getAddress();
- private short makeMask(final byte[] src46, final byte[] dst46, final int srcPort,
- final int dstPortStart, final short proto, final byte dscp) {
- short mask = 0;
- if (src46 != EMPTY_ADDRESS_FIELD) {
- mask |= SRC_IP_MASK;
- }
- if (dst46 != EMPTY_ADDRESS_FIELD) {
- mask |= DST_IP_MASK;
- }
- if (srcPort != -1) {
- mask |= SRC_PORT_MASK;
- }
- if (proto != -1) {
- mask |= PROTO_MASK;
- }
- return mask;
- }
-
private DscpPolicyValue(final InetAddress src46, final InetAddress dst46, final int ifIndex,
final int srcPort, final int dstPortStart, final int dstPortEnd, final short proto,
final byte dscp) {
@@ -131,9 +117,10 @@
this.proto = proto != -1 ? proto : 0;
this.dscp = dscp;
- // Use member variables for IP since byte[] is needed and api variables for everything else
- // so -1 is passed into mask if parameter is not present.
- this.mask = makeMask(this.src46, this.dst46, srcPort, dstPortStart, proto, dscp);
+ this.match_src_ip = (this.src46 != EMPTY_ADDRESS_FIELD);
+ this.match_dst_ip = (this.dst46 != EMPTY_ADDRESS_FIELD);
+ this.match_src_port = (srcPort != -1);
+ this.match_proto = (proto != -1);
}
public DscpPolicyValue(final InetAddress src46, final InetAddress dst46, final int ifIndex,
diff --git a/staticlibs/tests/unit/src/com/android/net/module/util/LocationPermissionCheckerTest.java b/staticlibs/tests/unit/src/com/android/net/module/util/LocationPermissionCheckerTest.java
index 84018a5..3239244 100644
--- a/staticlibs/tests/unit/src/com/android/net/module/util/LocationPermissionCheckerTest.java
+++ b/staticlibs/tests/unit/src/com/android/net/module/util/LocationPermissionCheckerTest.java
@@ -25,10 +25,11 @@
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.ArgumentMatchers.nullable;
import static org.mockito.Mockito.doAnswer;
+import static org.mockito.Mockito.doCallRealMethod;
+import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.doThrow;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
import android.Manifest;
import android.app.AppOpsManager;
@@ -106,17 +107,18 @@
}
private void setupMocks() throws Exception {
- when(mMockPkgMgr.getApplicationInfoAsUser(eq(TEST_PKG_NAME), eq(0), any()))
- .thenReturn(mMockApplInfo);
- when(mMockContext.getPackageManager()).thenReturn(mMockPkgMgr);
- when(mMockAppOps.noteOp(AppOpsManager.OPSTR_WIFI_SCAN, mUid, TEST_PKG_NAME,
- TEST_FEATURE_ID, null)).thenReturn(mWifiScanAllowApps);
- when(mMockAppOps.noteOp(eq(AppOpsManager.OPSTR_COARSE_LOCATION), eq(mUid),
- eq(TEST_PKG_NAME), eq(TEST_FEATURE_ID), nullable(String.class)))
- .thenReturn(mAllowCoarseLocationApps);
- when(mMockAppOps.noteOp(eq(AppOpsManager.OPSTR_FINE_LOCATION), eq(mUid),
- eq(TEST_PKG_NAME), eq(TEST_FEATURE_ID), nullable(String.class)))
- .thenReturn(mAllowFineLocationApps);
+ doReturn(mMockApplInfo).when(mMockPkgMgr)
+ .getApplicationInfoAsUser(eq(TEST_PKG_NAME), eq(0), any());
+ doReturn(mMockPkgMgr).when(mMockContext).getPackageManager();
+ doReturn(mWifiScanAllowApps).when(mMockAppOps).noteOp(
+ AppOpsManager.OPSTR_WIFI_SCAN, mUid, TEST_PKG_NAME,
+ TEST_FEATURE_ID, null);
+ doReturn(mAllowCoarseLocationApps).when(mMockAppOps).noteOp(
+ eq(AppOpsManager.OPSTR_COARSE_LOCATION), eq(mUid),
+ eq(TEST_PKG_NAME), eq(TEST_FEATURE_ID), nullable(String.class));
+ doReturn(mAllowFineLocationApps).when(mMockAppOps).noteOp(
+ eq(AppOpsManager.OPSTR_FINE_LOCATION), eq(mUid),
+ eq(TEST_PKG_NAME), eq(TEST_FEATURE_ID), nullable(String.class));
if (mThrowSecurityException) {
doThrow(new SecurityException("Package " + TEST_PKG_NAME + " doesn't belong"
+ " to application bound to user " + mUid))
@@ -128,10 +130,10 @@
}
private <T> void mockSystemService(String name, Class<T> clazz, T service) {
- when(mMockContext.getSystemService(name)).thenReturn(service);
- when(mMockContext.getSystemServiceName(clazz)).thenReturn(name);
+ doReturn(service).when(mMockContext).getSystemService(name);
+ doReturn(name).when(mMockContext).getSystemServiceName(clazz);
// Do not use mockito extended final method mocking
- when(mMockContext.getSystemService(clazz)).thenCallRealMethod();
+ doCallRealMethod().when(mMockContext).getSystemService(clazz);
}
private void setupTestCase() throws Exception {
@@ -167,16 +169,17 @@
Binder.restoreCallingIdentity((((long) mUid) << 32) | Binder.getCallingPid());
doAnswer(mReturnPermission).when(mMockContext).checkPermission(
anyString(), anyInt(), anyInt());
- when(mMockUserManager.isSameProfileGroup(UserHandle.SYSTEM,
- UserHandle.getUserHandleForUid(MANAGED_PROFILE_UID)))
- .thenReturn(true);
- when(mMockContext.checkPermission(mManifestStringCoarse, -1, mUid))
- .thenReturn(mCoarseLocationPermission);
- when(mMockContext.checkPermission(mManifestStringFine, -1, mUid))
- .thenReturn(mFineLocationPermission);
- when(mMockContext.checkPermission(NETWORK_SETTINGS, -1, mUid))
- .thenReturn(mNetworkSettingsPermission);
- when(mLocationManager.isLocationEnabledForUser(any())).thenReturn(mIsLocationEnabled);
+ doReturn(true).when(mMockUserManager)
+ .isSameProfileGroup(UserHandle.SYSTEM,
+ UserHandle.getUserHandleForUid(MANAGED_PROFILE_UID));
+ doReturn(mCoarseLocationPermission).when(mMockContext)
+ .checkPermission(mManifestStringCoarse, -1, mUid);
+ doReturn(mFineLocationPermission).when(mMockContext)
+ .checkPermission(mManifestStringFine, -1, mUid);
+ doReturn(mNetworkSettingsPermission).when(mMockContext)
+ .checkPermission(NETWORK_SETTINGS, -1, mUid);
+ doReturn(mIsLocationEnabled).when(mLocationManager)
+ .isLocationEnabledForUser(any());
}
private Answer<Integer> createPermissionAnswer() {