Merge "Split POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD into two"
diff --git a/TEST_MAPPING b/TEST_MAPPING
index 1e8babf..6e30fd1 100644
--- a/TEST_MAPPING
+++ b/TEST_MAPPING
@@ -205,6 +205,9 @@
},
{
"path": "packages/modules/CaptivePortalLogin"
+ },
+ {
+ "path": "vendor/xts/gts-tests/hostsidetests/networkstack"
}
]
}
diff --git a/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java b/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java
index 880a285..9e6fc0b 100644
--- a/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java
+++ b/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java
@@ -139,6 +139,9 @@
// Kernel treats a confirmed UDP connection which active after two seconds as stream mode.
// See upstream commit b7b1d02fc43925a4d569ec221715db2dfa1ce4f5.
private static final int UDP_STREAM_TS_MS = 2000;
+ // Give slack time for waiting UDP stream mode because handling conntrack event in user space
+ // may not in precise time. Used to reduce the flaky rate.
+ private static final int UDP_STREAM_SLACK_MS = 500;
// Per RX UDP packet size: iphdr (20) + udphdr (8) + payload (2) = 30 bytes.
private static final int RX_UDP_PACKET_SIZE = 30;
private static final int RX_UDP_PACKET_COUNT = 456;
@@ -1171,6 +1174,9 @@
Thread.sleep(UDP_STREAM_TS_MS);
sendUploadPacketUdp(srcMac, dstMac, clientIp, remoteIp, tester, false /* is4To6 */);
+ // Give a slack time for handling conntrack event in user space.
+ Thread.sleep(UDP_STREAM_SLACK_MS);
+
// [1] Verify IPv4 upstream rule map.
final HashMap<Tether4Key, Tether4Value> upstreamMap = pollRawMapFromDump(
Tether4Key.class, Tether4Value.class, DUMPSYS_RAWMAP_ARG_UPSTREAM4);
@@ -1512,7 +1518,7 @@
final TestDnsPacket dnsQuery = TestDnsPacket.getTestDnsPacket(buf);
assertNotNull(dnsQuery);
Log.d(TAG, "Forwarded UDP source port: " + udpHeader.srcPort + ", DNS query id: "
- + dnsQuery.getHeader().id);
+ + dnsQuery.getHeader().getId());
// [2] Send DNS reply.
// DNS server --> upstream --> dnsmasq forwarding --> downstream --> tethered device
@@ -1522,7 +1528,7 @@
final Inet4Address remoteIp = (Inet4Address) TEST_IP4_DNS;
final Inet4Address tetheringUpstreamIp = (Inet4Address) TEST_IP4_ADDR.getAddress();
sendDownloadPacketDnsV4(remoteIp, tetheringUpstreamIp, DNS_PORT,
- (short) udpHeader.srcPort, (short) dnsQuery.getHeader().id, tester);
+ (short) udpHeader.srcPort, (short) dnsQuery.getHeader().getId(), tester);
}
private <T> List<T> toList(T... array) {
diff --git a/framework/api/current.txt b/framework/api/current.txt
index 547b7e2..09b4538 100644
--- a/framework/api/current.txt
+++ b/framework/api/current.txt
@@ -188,6 +188,7 @@
field public static final int FLAG_NO_RETRY = 1; // 0x1
field public static final int TYPE_A = 1; // 0x1
field public static final int TYPE_AAAA = 28; // 0x1c
+ field public static final int TYPE_CNAME = 5; // 0x5
}
public static interface DnsResolver.Callback<T> {
diff --git a/framework/src/android/net/DnsResolver.java b/framework/src/android/net/DnsResolver.java
index 5e637f9..33722fc 100644
--- a/framework/src/android/net/DnsResolver.java
+++ b/framework/src/android/net/DnsResolver.java
@@ -71,12 +71,14 @@
@IntDef(prefix = { "TYPE_" }, value = {
TYPE_A,
- TYPE_AAAA
+ TYPE_AAAA,
+ TYPE_CNAME
})
@Retention(RetentionPolicy.SOURCE)
@interface QueryType {}
public static final int TYPE_A = 1;
public static final int TYPE_AAAA = 28;
+ public static final int TYPE_CNAME = 5;
@IntDef(prefix = { "FLAG_" }, value = {
FLAG_EMPTY,
@@ -542,7 +544,7 @@
DnsAddressAnswer(@NonNull byte[] data) throws ParseException {
super(data);
- if ((mHeader.flags & (1 << 15)) == 0) {
+ if ((mHeader.getFlags() & (1 << 15)) == 0) {
throw new ParseException("Not an answer packet");
}
if (mHeader.getRecordCount(QDSECTION) == 0) {
diff --git a/service/src/com/android/server/BpfNetMaps.java b/service/src/com/android/server/BpfNetMaps.java
index dc5c4c7..4eeef5c 100644
--- a/service/src/com/android/server/BpfNetMaps.java
+++ b/service/src/com/android/server/BpfNetMaps.java
@@ -50,6 +50,8 @@
import com.android.net.module.util.IBpfMap;
import com.android.net.module.util.Struct.U32;
import com.android.net.module.util.Struct.U8;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
import java.io.FileDescriptor;
import java.io.IOException;
@@ -94,6 +96,8 @@
"/sys/fs/bpf/netd_shared/map_netd_uid_owner_map";
private static final String UID_PERMISSION_MAP_PATH =
"/sys/fs/bpf/netd_shared/map_netd_uid_permission_map";
+ private static final String COOKIE_TAG_MAP_PATH =
+ "/sys/fs/bpf/netd_shared/map_netd_cookie_tag_map";
private static final U32 UID_RULES_CONFIGURATION_KEY = new U32(0);
private static final U32 CURRENT_STATS_MAP_CONFIGURATION_KEY = new U32(1);
private static final long UID_RULES_DEFAULT_CONFIGURATION = 0;
@@ -104,6 +108,7 @@
// BpfMap for UID_OWNER_MAP_PATH. This map is not accessed by others.
private static IBpfMap<U32, UidOwnerValue> sUidOwnerMap = null;
private static IBpfMap<U32, U8> sUidPermissionMap = null;
+ private static IBpfMap<CookieTagMapKey, CookieTagMapValue> sCookieTagMap = null;
// LINT.IfChange(match_type)
@VisibleForTesting public static final long NO_MATCH = 0;
@@ -153,6 +158,15 @@
sUidPermissionMap = uidPermissionMap;
}
+ /**
+ * Set cookieTagMap for test.
+ */
+ @VisibleForTesting
+ public static void setCookieTagMapForTest(
+ IBpfMap<CookieTagMapKey, CookieTagMapValue> cookieTagMap) {
+ sCookieTagMap = cookieTagMap;
+ }
+
private static IBpfMap<U32, U32> getConfigurationMap() {
try {
return new BpfMap<>(
@@ -180,6 +194,15 @@
}
}
+ private static IBpfMap<CookieTagMapKey, CookieTagMapValue> getCookieTagMap() {
+ try {
+ return new BpfMap<>(COOKIE_TAG_MAP_PATH, BpfMap.BPF_F_RDWR,
+ CookieTagMapKey.class, CookieTagMapValue.class);
+ } catch (ErrnoException e) {
+ throw new IllegalStateException("Cannot open cookie tag map", e);
+ }
+ }
+
private static void initBpfMaps() {
if (sConfigurationMap == null) {
sConfigurationMap = getConfigurationMap();
@@ -209,6 +232,10 @@
if (sUidPermissionMap == null) {
sUidPermissionMap = getUidPermissionMap();
}
+
+ if (sCookieTagMap == null) {
+ sCookieTagMap = getCookieTagMap();
+ }
}
/**
diff --git a/service/src/com/android/server/ConnectivityService.java b/service/src/com/android/server/ConnectivityService.java
index afb3ca2..0035aa0 100755
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -4579,7 +4579,7 @@
if (req.isListen() || req.isListenForBest()) {
continue;
}
- // If this Network is already the highest scoring Network for a request, or if
+ // If this Network is already the best Network for a request, or if
// there is hope for it to become one if it validated, then it is needed.
if (candidate.satisfies(req)) {
// As soon as a network is found that satisfies a request, return. Specifically for
diff --git a/tests/cts/net/src/android/net/cts/DnsResolverTest.java b/tests/cts/net/src/android/net/cts/DnsResolverTest.java
index 0c53411..3821cea 100644
--- a/tests/cts/net/src/android/net/cts/DnsResolverTest.java
+++ b/tests/cts/net/src/android/net/cts/DnsResolverTest.java
@@ -200,13 +200,13 @@
super(data);
// Check QR field.(query (0), or a response (1)).
- if ((mHeader.flags & (1 << 15)) == 0) {
+ if ((mHeader.getFlags() & (1 << 15)) == 0) {
throw new DnsParseException("Not an answer packet");
}
}
int getRcode() {
- return mHeader.rcode;
+ return mHeader.getFlags() & 0x0F;
}
int getANCount() {
diff --git a/tests/unit/java/com/android/server/BpfNetMapsTest.java b/tests/unit/java/com/android/server/BpfNetMapsTest.java
index 15a2e56..b7d80ac 100644
--- a/tests/unit/java/com/android/server/BpfNetMapsTest.java
+++ b/tests/unit/java/com/android/server/BpfNetMapsTest.java
@@ -61,6 +61,8 @@
import com.android.net.module.util.IBpfMap;
import com.android.net.module.util.Struct.U32;
import com.android.net.module.util.Struct.U8;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRule.IgnoreAfter;
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
@@ -117,6 +119,8 @@
private final IBpfMap<U32, UidOwnerValue> mUidOwnerMap =
new TestBpfMap<>(U32.class, UidOwnerValue.class);
private final IBpfMap<U32, U8> mUidPermissionMap = new TestBpfMap<>(U32.class, U8.class);
+ private final IBpfMap<CookieTagMapKey, CookieTagMapValue> mCookieTagMap =
+ new TestBpfMap<>(CookieTagMapKey.class, CookieTagMapValue.class);
@Before
public void setUp() throws Exception {
@@ -127,6 +131,7 @@
BpfNetMaps.setConfigurationMapForTest(mConfigurationMap);
BpfNetMaps.setUidOwnerMapForTest(mUidOwnerMap);
BpfNetMaps.setUidPermissionMapForTest(mUidPermissionMap);
+ BpfNetMaps.setCookieTagMapForTest(mCookieTagMap);
mBpfNetMaps = new BpfNetMaps(mContext, mNetd, mDeps);
}