Merge "Move ConnectivityCoverageTests to mainline-presubmit"
diff --git a/Tethering/apishim/31/com/android/networkstack/tethering/apishim/api31/BpfCoordinatorShimImpl.java b/Tethering/apishim/31/com/android/networkstack/tethering/apishim/api31/BpfCoordinatorShimImpl.java
index 611c828..f537e90 100644
--- a/Tethering/apishim/31/com/android/networkstack/tethering/apishim/api31/BpfCoordinatorShimImpl.java
+++ b/Tethering/apishim/31/com/android/networkstack/tethering/apishim/api31/BpfCoordinatorShimImpl.java
@@ -371,6 +371,7 @@
} catch (IllegalStateException e) {
// Silent if the rule already exists. Note that the errno EEXIST was rethrown as
// IllegalStateException. See BpfMap#insertEntry.
+ return false;
}
return true;
}
diff --git a/Tethering/apishim/common/com/android/networkstack/tethering/apishim/common/BpfCoordinatorShim.java b/Tethering/apishim/common/com/android/networkstack/tethering/apishim/common/BpfCoordinatorShim.java
index 08ab9ca..3c2ce0f 100644
--- a/Tethering/apishim/common/com/android/networkstack/tethering/apishim/common/BpfCoordinatorShim.java
+++ b/Tethering/apishim/common/com/android/networkstack/tethering/apishim/common/BpfCoordinatorShim.java
@@ -141,6 +141,11 @@
/**
* Adds a tethering IPv4 offload rule to appropriate BPF map.
+ *
+ * @param downstream true if downstream, false if upstream.
+ * @param key the key to add.
+ * @param value the value to add.
+ * @return true iff the map was modified, false if the key exists or there was an error.
*/
public abstract boolean tetherOffloadRuleAdd(boolean downstream, @NonNull Tether4Key key,
@NonNull Tether4Value value);
diff --git a/Tethering/bpf_progs/offload.c b/Tethering/bpf_progs/offload.c
index 6ff370c..336d27a 100644
--- a/Tethering/bpf_progs/offload.c
+++ b/Tethering/bpf_progs/offload.c
@@ -569,6 +569,16 @@
// For a rawip tx interface it will simply be a bunch of zeroes and later stripped.
*eth = v->macHeader;
+ // Decrement the IPv4 TTL, we already know it's greater than 1.
+ // u8 TTL field is followed by u8 protocol to make a u16 for ipv4 header checksum update.
+ // Since we're keeping the ipv4 checksum valid (which means the checksum of the entire
+ // ipv4 header remains 0), the overall checksum of the entire packet does not change.
+ const int sz2 = sizeof(__be16);
+ const __be16 old_ttl_proto = *(__be16 *)&ip->ttl;
+ const __be16 new_ttl_proto = old_ttl_proto - htons(0x0100);
+ bpf_l3_csum_replace(skb, ETH_IP4_OFFSET(check), old_ttl_proto, new_ttl_proto, sz2);
+ bpf_skb_store_bytes(skb, ETH_IP4_OFFSET(ttl), &new_ttl_proto, sz2, 0);
+
const int l4_offs_csum = is_tcp ? ETH_IP4_TCP_OFFSET(check) : ETH_IP4_UDP_OFFSET(check);
const int sz4 = sizeof(__be32);
// UDP 0 is special and stored as FFFF (this flag also causes a csum of 0 to be unmodified)
@@ -586,7 +596,6 @@
bpf_l3_csum_replace(skb, ETH_IP4_OFFSET(check), old_saddr, new_saddr, sz4);
bpf_skb_store_bytes(skb, ETH_IP4_OFFSET(saddr), &new_saddr, sz4, 0);
- const int sz2 = sizeof(__be16);
// The offsets for TCP and UDP ports: source (u16 @ L4 offset 0) & dest (u16 @ L4 offset 2) are
// actually the same, so the compiler should just optimize them both down to a constant.
bpf_l4_csum_replace(skb, l4_offs_csum, k.srcPort, v->srcPort, sz2 | l4_flags);
@@ -597,8 +606,6 @@
bpf_skb_store_bytes(skb, is_tcp ? ETH_IP4_TCP_OFFSET(dest) : ETH_IP4_UDP_OFFSET(dest),
&v->dstPort, sz2, 0);
- // TEMP HACK: lack of TTL decrement
-
// This requires the bpf_ktime_get_boot_ns() helper which was added in 5.8,
// and backported to all Android Common Kernel 4.14+ trees.
if (updatetime) v->last_used = bpf_ktime_get_boot_ns();
diff --git a/Tethering/src/android/net/ip/IpServer.java b/Tethering/src/android/net/ip/IpServer.java
index 822bdf6..859f23a 100644
--- a/Tethering/src/android/net/ip/IpServer.java
+++ b/Tethering/src/android/net/ip/IpServer.java
@@ -26,6 +26,7 @@
import static android.system.OsConstants.RT_SCOPE_UNIVERSE;
import static com.android.net.module.util.Inet4AddressUtils.intToInet4AddressHTH;
+import static com.android.networkstack.tethering.UpstreamNetworkState.isVcnInterface;
import android.net.INetd;
import android.net.INetworkStackStatusCallback;
@@ -755,6 +756,9 @@
// deprecation of any existing RA data.
setRaParams(params);
+ // Be aware that updateIpv6ForwardingRules use mLastIPv6LinkProperties, so this line should
+ // be eariler than updateIpv6ForwardingRules.
+ // TODO: avoid this dependencies and move this logic into BpfCoordinator.
mLastIPv6LinkProperties = v6only;
updateIpv6ForwardingRules(mLastIPv6UpstreamIfindex, upstreamIfIndex, null);
@@ -892,12 +896,20 @@
mBpfCoordinator.tetherOffloadRuleUpdate(this, newIfindex);
}
+ private boolean isIpv6VcnNetworkInterface() {
+ if (mLastIPv6LinkProperties == null) return false;
+
+ return isVcnInterface(mLastIPv6LinkProperties.getInterfaceName());
+ }
+
// Handles all updates to IPv6 forwarding rules. These can currently change only if the upstream
// changes or if a neighbor event is received.
private void updateIpv6ForwardingRules(int prevUpstreamIfindex, int upstreamIfindex,
NeighborEvent e) {
- // If we no longer have an upstream, clear forwarding rules and do nothing else.
- if (upstreamIfindex == 0) {
+ // If no longer have an upstream or it is virtual network, clear forwarding rules and do
+ // nothing else.
+ // TODO: Rather than always clear rules, ensure whether ipv6 ever enable first.
+ if (upstreamIfindex == 0 || isIpv6VcnNetworkInterface()) {
clearIpv6ForwardingRules();
return;
}
diff --git a/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java b/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
index 2c1fd29..f4a6916 100644
--- a/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
+++ b/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
@@ -31,6 +31,7 @@
import static com.android.networkstack.tethering.BpfUtils.DOWNSTREAM;
import static com.android.networkstack.tethering.BpfUtils.UPSTREAM;
import static com.android.networkstack.tethering.TetheringConfiguration.DEFAULT_TETHER_OFFLOAD_POLL_INTERVAL_MS;
+import static com.android.networkstack.tethering.UpstreamNetworkState.isVcnInterface;
import android.app.usage.NetworkStatsManager;
import android.net.INetd;
@@ -123,10 +124,21 @@
return makeMapPath((downstream ? "downstream" : "upstream") + ipVersion);
}
+ // TODO: probably to remember what the timeout updated things to last is. But that requires
+ // either r/w map entries (which seems bad/racy) or a separate map to keep track of all flows
+ // and remember when they were updated and with what timeout.
@VisibleForTesting
- static final int POLLING_CONNTRACK_TIMEOUT_MS = 60_000;
+ static final int CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS = 60_000;
@VisibleForTesting
- static final int NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED = 432000;
+ static final int CONNTRACK_TIMEOUT_UPDATE_SLACK_MS = 20_000;
+
+ // Default timeouts sync from /proc/sys/net/netfilter/nf_conntrack_*
+ // See also kernel document nf_conntrack-sysctl.txt.
+ @VisibleForTesting
+ static final int NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED = 432_000;
+ static final int NF_CONNTRACK_TCP_TIMEOUT_UNACKNOWLEDGED = 300;
+ // The default value is 120 for 5.10 and that thus the periodicity of the updates of 60s is
+ // low enough to support all ACK kernels.
@VisibleForTesting
static final int NF_CONNTRACK_UDP_TIMEOUT_STREAM = 180;
@@ -249,10 +261,10 @@
maybeSchedulePollingStats();
};
- // Runnable that used by scheduling next polling of conntrack timeout.
- private final Runnable mScheduledPollingConntrackTimeout = () -> {
- maybeRefreshConntrackTimeout();
- maybeSchedulePollingConntrackTimeout();
+ // Runnable that used by scheduling next refreshing of conntrack timeout.
+ private final Runnable mScheduledConntrackTimeoutUpdate = () -> {
+ refreshAllConntrackTimeouts();
+ maybeScheduleConntrackTimeoutUpdate();
};
// TODO: add BpfMap<TetherDownstream64Key, TetherDownstream64Value> retrieving function.
@@ -434,7 +446,7 @@
mPollingStarted = true;
maybeSchedulePollingStats();
- maybeSchedulePollingConntrackTimeout();
+ maybeScheduleConntrackTimeoutUpdate();
mLog.i("Polling started");
}
@@ -451,8 +463,8 @@
if (!mPollingStarted) return;
// Stop scheduled polling conntrack timeout.
- if (mHandler.hasCallbacks(mScheduledPollingConntrackTimeout)) {
- mHandler.removeCallbacks(mScheduledPollingConntrackTimeout);
+ if (mHandler.hasCallbacks(mScheduledConntrackTimeoutUpdate)) {
+ mHandler.removeCallbacks(mScheduledConntrackTimeoutUpdate);
}
// Stop scheduled polling stats and poll the latest stats from BPF maps.
if (mHandler.hasCallbacks(mScheduledPollingStats)) {
@@ -666,6 +678,8 @@
if (upstreamIfindex == 0 || TextUtils.isEmpty(upstreamIface)) return;
+ if (isVcnInterface(upstreamIface)) return;
+
// The same interface index to name mapping may be added by different IpServer objects or
// re-added by reconnection on the same upstream interface. Ignore the duplicate one.
final String iface = mInterfaceNames.get(upstreamIfindex);
@@ -833,9 +847,10 @@
// TODO: need to consider 464xlat.
if (ns != null && ns.linkProperties != null && ns.linkProperties.hasIpv4Address()) {
// TODO: support ether ip upstream interface.
- final InterfaceParams params = mDeps.getInterfaceParams(
- ns.linkProperties.getInterfaceName());
- if (params != null && !params.hasMacAddress /* raw ip upstream only */) {
+ final String ifaceName = ns.linkProperties.getInterfaceName();
+ final InterfaceParams params = mDeps.getInterfaceParams(ifaceName);
+ final boolean isVcn = isVcnInterface(ifaceName);
+ if (!isVcn && params != null && !params.hasMacAddress /* raw ip upstream only */) {
upstreamIndex = params.index;
}
}
@@ -879,6 +894,8 @@
* TODO: consider error handling if the attach program failed.
*/
public void maybeAttachProgram(@NonNull String intIface, @NonNull String extIface) {
+ if (isVcnInterface(extIface)) return;
+
if (forwardingPairExists(intIface, extIface)) return;
boolean firstDownstreamForThisUpstream = !isAnyForwardingPairOnUpstream(extIface);
@@ -1051,6 +1068,15 @@
}
}
+ private String l4protoToString(int proto) {
+ if (proto == OsConstants.IPPROTO_TCP) {
+ return "tcp";
+ } else if (proto == OsConstants.IPPROTO_UDP) {
+ return "udp";
+ }
+ return String.format("unknown(%d)", proto);
+ }
+
private String ipv4RuleToString(long now, boolean downstream,
Tether4Key key, Tether4Value value) {
final String src4, public4, dst4;
@@ -1069,12 +1095,11 @@
throw new AssertionError("IP address array not valid IPv4 address!");
}
- final String protoStr = (key.l4proto == OsConstants.IPPROTO_TCP) ? "tcp" : "udp";
final String ageStr = (value.lastUsed == 0) ? "-"
: String.format("%dms", (now - value.lastUsed) / 1_000_000);
return String.format("%s [%s] %d(%s) %s:%d -> %d(%s) %s:%d -> %s:%d [%s] %s",
- protoStr, key.dstMac, key.iif, getIfName(key.iif), src4, key.srcPort,
- value.oif, getIfName(value.oif),
+ l4protoToString(key.l4proto), key.dstMac, key.iif, getIfName(key.iif),
+ src4, key.srcPort, value.oif, getIfName(value.oif),
public4, publicPort, dst4, value.dstPort, value.ethDstMac, ageStr);
}
@@ -1443,25 +1468,6 @@
return addr6;
}
- @Nullable
- private Inet4Address ipv4MappedAddressBytesToIpv4Address(final byte[] addr46) {
- if (addr46.length != 16) return null;
- if (addr46[0] != 0 || addr46[1] != 0 || addr46[2] != 0 || addr46[3] != 0
- || addr46[4] != 0 || addr46[5] != 0 || addr46[6] != 0 || addr46[7] != 0
- || addr46[8] != 0 && addr46[9] != 0 || (addr46[10] & 0xff) != 0xff
- || (addr46[11] & 0xff) != 0xff) {
- return null;
- }
-
- final byte[] addr4 = new byte[4];
- addr4[0] = addr46[12];
- addr4[1] = addr46[13];
- addr4[2] = addr46[14];
- addr4[3] = addr46[15];
-
- return parseIPv4Address(addr4);
- }
-
// TODO: parse CTA_PROTOINFO of conntrack event in ConntrackMonitor. For TCP, only add rules
// while TCP status is established.
@VisibleForTesting
@@ -1572,8 +1578,34 @@
final Tether4Key downstream4Key = makeTetherDownstream4Key(e, tetherClient,
upstreamIndex);
- if (e.msgType == (NetlinkConstants.NFNL_SUBSYS_CTNETLINK << 8
- | NetlinkConstants.IPCTNL_MSG_CT_DELETE)) {
+ final boolean isConntrackEventDelete =
+ e.msgType == (NetlinkConstants.NFNL_SUBSYS_CTNETLINK << 8
+ | NetlinkConstants.IPCTNL_MSG_CT_DELETE);
+
+ // Using the timeout to distinguish tcp state is not a decent way. Need to fix.
+ // The received IPCTNL_MSG_CT_NEW must pass ConntrackMonitor#isEstablishedNatSession
+ // which checks CTA_STATUS. It implies that this entry has at least reached tcp
+ // state "established". For safety, treat any timeout which is equal or larger than 300
+ // seconds (UNACKNOWLEDGED, ESTABLISHED, ..) to be "established".
+ // TODO: parse tcp state in conntrack monitor.
+ final boolean isTcpEstablished =
+ e.msgType == (NetlinkConstants.NFNL_SUBSYS_CTNETLINK << 8
+ | NetlinkConstants.IPCTNL_MSG_CT_NEW)
+ && e.tupleOrig.protoNum == OsConstants.IPPROTO_TCP
+ && (e.timeoutSec >= NF_CONNTRACK_TCP_TIMEOUT_UNACKNOWLEDGED);
+
+ final boolean isTcpNonEstablished =
+ e.msgType == (NetlinkConstants.NFNL_SUBSYS_CTNETLINK << 8
+ | NetlinkConstants.IPCTNL_MSG_CT_NEW)
+ && e.tupleOrig.protoNum == OsConstants.IPPROTO_TCP
+ && (e.timeoutSec < NF_CONNTRACK_TCP_TIMEOUT_UNACKNOWLEDGED);
+
+ // Delete the BPF rules:
+ // 1. Contrack event IPCTNL_MSG_CT_DELETE received.
+ // 2. For TCP conntrack entry, the tcp state has left "established" and going to be
+ // closed.
+ // TODO: continue to offload half-closed tcp connections.
+ if (isConntrackEventDelete || isTcpNonEstablished) {
final boolean deletedUpstream = mBpfCoordinatorShim.tetherOffloadRuleRemove(
UPSTREAM, upstream4Key);
final boolean deletedDownstream = mBpfCoordinatorShim.tetherOffloadRuleRemove(
@@ -1588,6 +1620,7 @@
Log.wtf(TAG, "The bidirectional rules should be removed concurrently ("
+ "upstream: " + deletedUpstream
+ ", downstream: " + deletedDownstream + ")");
+ // TODO: consider better error handling for the stubs {rule, limit, ..}.
return;
}
@@ -1598,11 +1631,41 @@
final Tether4Value upstream4Value = makeTetherUpstream4Value(e, upstreamIndex);
final Tether4Value downstream4Value = makeTetherDownstream4Value(e, tetherClient,
upstreamIndex);
-
maybeAddDevMap(upstreamIndex, tetherClient.downstreamIfindex);
maybeSetLimit(upstreamIndex);
- mBpfCoordinatorShim.tetherOffloadRuleAdd(UPSTREAM, upstream4Key, upstream4Value);
- mBpfCoordinatorShim.tetherOffloadRuleAdd(DOWNSTREAM, downstream4Key, downstream4Value);
+
+ final boolean upstreamAdded = mBpfCoordinatorShim.tetherOffloadRuleAdd(UPSTREAM,
+ upstream4Key, upstream4Value);
+ final boolean downstreamAdded = mBpfCoordinatorShim.tetherOffloadRuleAdd(DOWNSTREAM,
+ downstream4Key, downstream4Value);
+
+ if (upstreamAdded != downstreamAdded) {
+ mLog.e("The bidirectional rules should be added or not added concurrently ("
+ + "upstream: " + upstreamAdded
+ + ", downstream: " + downstreamAdded + "). "
+ + "Remove the added rules.");
+ if (upstreamAdded) {
+ mBpfCoordinatorShim.tetherOffloadRuleRemove(UPSTREAM, upstream4Key);
+ }
+ if (downstreamAdded) {
+ mBpfCoordinatorShim.tetherOffloadRuleRemove(DOWNSTREAM, downstream4Key);
+ }
+ return;
+ }
+
+ // Update TCP timeout iif it is first time we're adding the rules. Needed because a
+ // payload data packet may have gone through non-offload path, before we added offload
+ // rules, and that this may result in in-kernel conntrack state being in ESTABLISHED
+ // but pending ACK (ie. UNACKED) state. But the in-kernel conntrack might never see the
+ // ACK because we just added offload rules. As such after adding the rules we need to
+ // force the timeout back to the normal ESTABLISHED timeout of 5 days. Note that
+ // updating the timeout will trigger another netlink event with the updated timeout.
+ // TODO: Remove this once the tcp state is parsed.
+ if (isTcpEstablished && upstreamAdded && downstreamAdded) {
+ updateConntrackTimeout((byte) upstream4Key.l4proto,
+ parseIPv4Address(upstream4Key.src4), (short) upstream4Key.srcPort,
+ parseIPv4Address(upstream4Key.dst4), (short) upstream4Key.dstPort);
+ }
}
}
@@ -1861,7 +1924,7 @@
try {
final InetAddress ia = Inet4Address.getByAddress(addrBytes);
if (ia instanceof Inet4Address) return (Inet4Address) ia;
- } catch (UnknownHostException | IllegalArgumentException e) {
+ } catch (UnknownHostException e) {
mLog.e("Failed to parse IPv4 address: " + e);
}
return null;
@@ -1871,12 +1934,21 @@
// coming a conntrack event to notify updated timeout.
private void updateConntrackTimeout(byte proto, Inet4Address src4, short srcPort,
Inet4Address dst4, short dstPort) {
- if (src4 == null || dst4 == null) return;
+ if (src4 == null || dst4 == null) {
+ mLog.e("Either source or destination IPv4 address is invalid ("
+ + "proto: " + proto + ", "
+ + "src4: " + src4 + ", "
+ + "srcPort: " + Short.toUnsignedInt(srcPort) + ", "
+ + "dst4: " + dst4 + ", "
+ + "dstPort: " + Short.toUnsignedInt(dstPort) + ")");
+ return;
+ }
// TODO: consider acquiring the timeout setting from nf_conntrack_* variables.
// - proc/sys/net/netfilter/nf_conntrack_tcp_timeout_established
// - proc/sys/net/netfilter/nf_conntrack_udp_timeout_stream
// See kernel document nf_conntrack-sysctl.txt.
+ // TODO: we should account for the fact that lastUsed is in the past and not exactly now.
final int timeoutSec = (proto == OsConstants.IPPROTO_TCP)
? NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED
: NF_CONNTRACK_UDP_TIMEOUT_STREAM;
@@ -1885,38 +1957,67 @@
try {
NetlinkSocket.sendOneShotKernelMessage(OsConstants.NETLINK_NETFILTER, msg);
} catch (ErrnoException e) {
- mLog.e("Error updating conntrack entry ("
+ // Lower the log level for the entry not existing. The conntrack entry may have been
+ // deleted and not handled by the conntrack event monitor yet. In other words, the
+ // rule has not been deleted from the BPF map yet. Deleting a non-existent entry may
+ // happen during the conntrack timeout refreshing iteration. Note that ENOENT may be
+ // a real error but is hard to distinguish.
+ // TODO: Figure out a better way to handle this.
+ final String errMsg = "Failed to update conntrack entry ("
+ "proto: " + proto + ", "
+ "src4: " + src4 + ", "
+ "srcPort: " + Short.toUnsignedInt(srcPort) + ", "
+ "dst4: " + dst4 + ", "
+ "dstPort: " + Short.toUnsignedInt(dstPort) + "), "
+ "msg: " + NetlinkConstants.hexify(msg) + ", "
- + "e: " + e);
+ + "e: " + e;
+ if (OsConstants.ENOENT == e.errno) {
+ mLog.w(errMsg);
+ } else {
+ mLog.e(errMsg);
+ }
}
}
- private void maybeRefreshConntrackTimeout() {
- final long now = mDeps.elapsedRealtimeNanos();
+ boolean requireConntrackTimeoutUpdate(long nowNs, long lastUsedNs, int proto) {
+ // Refreshing tcp timeout without checking tcp state may make the conntrack entry live
+ // 5 days (432000s) even while the session is being closed. Its BPF rule may not be
+ // deleted for 5 days because the tcp state gets stuck and conntrack delete message is
+ // not sent. Note that both the conntrack monitor and refreshing timeout updater are
+ // in the same thread. Beware while the tcp status may be changed running in refreshing
+ // timeout updater and may read out-of-date tcp stats.
+ // See nf_conntrack_tcp_timeout_established in kernel document.
+ // TODO: support refreshing TCP conntrack timeout.
+ if (proto == OsConstants.IPPROTO_TCP) return false;
- // Reverse the source and destination {address, port} from downstream value because
- // #updateConntrackTimeout refresh the timeout of netlink attribute CTA_TUPLE_ORIG
- // which is opposite direction for downstream map value.
- mBpfCoordinatorShim.tetherOffloadRuleForEach(DOWNSTREAM, (k, v) -> {
- if ((now - v.lastUsed) / 1_000_000 < POLLING_CONNTRACK_TIMEOUT_MS) {
- updateConntrackTimeout((byte) k.l4proto,
- ipv4MappedAddressBytesToIpv4Address(v.dst46), (short) v.dstPort,
- ipv4MappedAddressBytesToIpv4Address(v.src46), (short) v.srcPort);
- }
- });
+ // The timeout requirement check needs the slack time because the scheduled timer may
+ // be not precise. The timeout update has a chance to be missed.
+ return (nowNs - lastUsedNs) < (long) (CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS
+ + CONNTRACK_TIMEOUT_UPDATE_SLACK_MS) * 1_000_000;
+ }
+
+ private void refreshAllConntrackTimeouts() {
+ final long now = mDeps.elapsedRealtimeNanos();
// TODO: Consider ignoring TCP traffic on upstream and monitor on downstream only
// because TCP is a bidirectional traffic. Probably don't need to extend timeout by
// both directions for TCP.
mBpfCoordinatorShim.tetherOffloadRuleForEach(UPSTREAM, (k, v) -> {
- if ((now - v.lastUsed) / 1_000_000 < POLLING_CONNTRACK_TIMEOUT_MS) {
- updateConntrackTimeout((byte) k.l4proto, parseIPv4Address(k.src4),
- (short) k.srcPort, parseIPv4Address(k.dst4), (short) k.dstPort);
+ if (requireConntrackTimeoutUpdate(now, v.lastUsed, k.l4proto)) {
+ updateConntrackTimeout((byte) k.l4proto,
+ parseIPv4Address(k.src4), (short) k.srcPort,
+ parseIPv4Address(k.dst4), (short) k.dstPort);
+ }
+ });
+
+ // Reverse the source and destination {address, port} from downstream value because
+ // #updateConntrackTimeout refreshes the timeout of netlink attribute CTA_TUPLE_ORIG
+ // which is opposite direction for downstream map value.
+ mBpfCoordinatorShim.tetherOffloadRuleForEach(DOWNSTREAM, (k, v) -> {
+ if (requireConntrackTimeoutUpdate(now, v.lastUsed, k.l4proto)) {
+ updateConntrackTimeout((byte) k.l4proto,
+ parseIPv4Address(v.dst46), (short) v.dstPort,
+ parseIPv4Address(v.src46), (short) v.srcPort);
}
});
}
@@ -1931,14 +2032,15 @@
mHandler.postDelayed(mScheduledPollingStats, getPollingInterval());
}
- private void maybeSchedulePollingConntrackTimeout() {
+ private void maybeScheduleConntrackTimeoutUpdate() {
if (!mPollingStarted) return;
- if (mHandler.hasCallbacks(mScheduledPollingConntrackTimeout)) {
- mHandler.removeCallbacks(mScheduledPollingConntrackTimeout);
+ if (mHandler.hasCallbacks(mScheduledConntrackTimeoutUpdate)) {
+ mHandler.removeCallbacks(mScheduledConntrackTimeoutUpdate);
}
- mHandler.postDelayed(mScheduledPollingConntrackTimeout, POLLING_CONNTRACK_TIMEOUT_MS);
+ mHandler.postDelayed(mScheduledConntrackTimeoutUpdate,
+ CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS);
}
// Return forwarding rule map. This is used for testing only.
diff --git a/Tethering/src/com/android/networkstack/tethering/Tethering.java b/Tethering/src/com/android/networkstack/tethering/Tethering.java
index 079bf9c..08170f9 100644
--- a/Tethering/src/com/android/networkstack/tethering/Tethering.java
+++ b/Tethering/src/com/android/networkstack/tethering/Tethering.java
@@ -181,12 +181,16 @@
public final IpServer ipServer;
public int lastState;
public int lastError;
+ // This field only valid for TETHERING_USB and TETHERING_NCM.
+ // TODO: Change this from boolean to int for extension.
+ public final boolean isNcm;
- TetherState(IpServer ipServer) {
+ TetherState(IpServer ipServer, boolean isNcm) {
this.ipServer = ipServer;
// Assume all state machines start out available and with no errors.
lastState = IpServer.STATE_AVAILABLE;
lastError = TETHER_ERROR_NO_ERROR;
+ this.isNcm = isNcm;
}
public boolean isCurrentlyServing() {
@@ -522,9 +526,11 @@
// This method needs to exist because TETHERING_BLUETOOTH and TETHERING_WIGIG can't use
// enableIpServing.
- private void startOrStopIpServer(final String iface, boolean enabled) {
- // TODO: do not listen to USB interface state changes. USB tethering is driven only by
- // USB_ACTION broadcasts.
+ private void processInterfaceStateChange(final String iface, boolean enabled) {
+ // Do not listen to USB interface state changes or USB interface add/removes. USB tethering
+ // is driven only by USB_ACTION broadcasts.
+ final int type = ifaceNameToType(iface);
+ if (type == TETHERING_USB || type == TETHERING_NCM) return;
if (enabled) {
ensureIpServerStarted(iface);
@@ -548,7 +554,7 @@
return;
}
- startOrStopIpServer(iface, up);
+ processInterfaceStateChange(iface, up);
}
void interfaceLinkStateChanged(String iface, boolean up) {
@@ -576,12 +582,12 @@
void interfaceAdded(String iface) {
if (VDBG) Log.d(TAG, "interfaceAdded " + iface);
- startOrStopIpServer(iface, true /* enabled */);
+ processInterfaceStateChange(iface, true /* enabled */);
}
void interfaceRemoved(String iface) {
if (VDBG) Log.d(TAG, "interfaceRemoved " + iface);
- startOrStopIpServer(iface, false /* enabled */);
+ processInterfaceStateChange(iface, false /* enabled */);
}
void startTethering(final TetheringRequestParcel request, final IIntResultListener listener) {
@@ -894,7 +900,7 @@
: IpServer.STATE_TETHERED;
}
- private int getRequestedUsbType(boolean forNcmFunction) {
+ private int getServedUsbType(boolean forNcmFunction) {
// TETHERING_NCM is only used if the device does not use NCM for regular USB tethering.
if (forNcmFunction && !mConfig.isUsingNcm()) return TETHERING_NCM;
@@ -1036,11 +1042,11 @@
private void handleUsbAction(Intent intent) {
final boolean usbConnected = intent.getBooleanExtra(USB_CONNECTED, false);
final boolean usbConfigured = intent.getBooleanExtra(USB_CONFIGURED, false);
- final boolean rndisEnabled = intent.getBooleanExtra(USB_FUNCTION_RNDIS, false);
- final boolean ncmEnabled = intent.getBooleanExtra(USB_FUNCTION_NCM, false);
+ final boolean usbRndis = intent.getBooleanExtra(USB_FUNCTION_RNDIS, false);
+ final boolean usbNcm = intent.getBooleanExtra(USB_FUNCTION_NCM, false);
mLog.i(String.format("USB bcast connected:%s configured:%s rndis:%s ncm:%s",
- usbConnected, usbConfigured, rndisEnabled, ncmEnabled));
+ usbConnected, usbConfigured, usbRndis, usbNcm));
// There are three types of ACTION_USB_STATE:
//
@@ -1057,18 +1063,45 @@
// functions are ready to use.
//
// For more explanation, see b/62552150 .
- if (!usbConnected && (mRndisEnabled || mNcmEnabled)) {
- // Turn off tethering if it was enabled and there is a disconnect.
- disableUsbIpServing(TETHERING_USB);
- mEntitlementMgr.stopProvisioningIfNeeded(TETHERING_USB);
- } else if (usbConfigured && rndisEnabled) {
- // Tether if rndis is enabled and usb is configured.
- enableUsbIpServing(false /* isNcm */);
- } else if (usbConfigured && ncmEnabled) {
- enableUsbIpServing(true /* isNcm */);
+ boolean rndisEnabled = usbConfigured && usbRndis;
+ boolean ncmEnabled = usbConfigured && usbNcm;
+ if (!usbConnected) {
+ // Don't stop provisioning if function is disabled but usb is still connected. The
+ // function may be disable/enable to handle ip conflict condition (disabling the
+ // function is necessary to ensure the connected device sees a disconnect).
+ // Normally the provisioning should be stopped by stopTethering(int)
+ maybeStopUsbProvisioning();
+ rndisEnabled = false;
+ ncmEnabled = false;
}
- mRndisEnabled = usbConfigured && rndisEnabled;
- mNcmEnabled = usbConfigured && ncmEnabled;
+
+ if (mRndisEnabled != rndisEnabled) {
+ changeUsbIpServing(rndisEnabled, false /* forNcmFunction */);
+ mRndisEnabled = rndisEnabled;
+ }
+
+ if (mNcmEnabled != ncmEnabled) {
+ changeUsbIpServing(ncmEnabled, true /* forNcmFunction */);
+ mNcmEnabled = ncmEnabled;
+ }
+ }
+
+ private void changeUsbIpServing(boolean enable, boolean forNcmFunction) {
+ if (enable) {
+ // enable ip serving if function is enabled and usb is configured.
+ enableUsbIpServing(forNcmFunction);
+ } else {
+ disableUsbIpServing(forNcmFunction);
+ }
+ }
+
+ private void maybeStopUsbProvisioning() {
+ for (int i = 0; i < mTetherStates.size(); i++) {
+ final int type = mTetherStates.valueAt(i).ipServer.interfaceType();
+ if (type == TETHERING_USB || type == TETHERING_NCM) {
+ mEntitlementMgr.stopProvisioningIfNeeded(type);
+ }
+ }
}
private void handleWifiApAction(Intent intent) {
@@ -1216,7 +1249,12 @@
}
private void enableIpServing(int tetheringType, String ifname, int ipServingMode) {
- ensureIpServerStarted(ifname, tetheringType);
+ enableIpServing(tetheringType, ifname, ipServingMode, false /* isNcm */);
+ }
+
+ private void enableIpServing(int tetheringType, String ifname, int ipServingMode,
+ boolean isNcm) {
+ ensureIpServerStarted(ifname, tetheringType, isNcm);
changeInterfaceState(ifname, ipServingMode);
}
@@ -1289,15 +1327,22 @@
}
}
- // TODO: Consider renaming to something more accurate in its description.
+ // TODO: Pass TetheringRequest into this method. The code can look at the existing requests
+ // to see which one matches the function that was enabled. That will tell the code what
+ // tethering type was requested, without having to guess it from the configuration.
// This method:
// - allows requesting either tethering or local hotspot serving states
- // - handles both enabling and disabling serving states
// - only tethers the first matching interface in listInterfaces()
// order of a given type
- private void enableUsbIpServing(boolean isNcm) {
- final int interfaceType = getRequestedUsbType(isNcm);
- final int requestedState = getRequestedState(interfaceType);
+ private void enableUsbIpServing(boolean forNcmFunction) {
+ // Note: TetheringConfiguration#isUsingNcm can change between the call to
+ // startTethering(TETHERING_USB) and the ACTION_USB_STATE broadcast. If the USB tethering
+ // function changes from NCM to RNDIS, this can lead to Tethering starting NCM tethering
+ // as local-only. But if this happens, the SettingsObserver will call stopTetheringInternal
+ // for both TETHERING_USB and TETHERING_NCM, so the local-only NCM interface will be
+ // stopped immediately.
+ final int tetheringType = getServedUsbType(forNcmFunction);
+ final int requestedState = getRequestedState(tetheringType);
String[] ifaces = null;
try {
ifaces = mNetd.interfaceGetList();
@@ -1306,49 +1351,28 @@
return;
}
- String chosenIface = null;
if (ifaces != null) {
for (String iface : ifaces) {
- if (ifaceNameToType(iface) == interfaceType) {
- chosenIface = iface;
- break;
+ if (ifaceNameToType(iface) == tetheringType) {
+ enableIpServing(tetheringType, iface, requestedState, forNcmFunction);
+ return;
}
}
}
- if (chosenIface == null) {
- Log.e(TAG, "could not find iface of type " + interfaceType);
- return;
- }
-
- changeInterfaceState(chosenIface, requestedState);
+ mLog.e("could not enable IpServer for function " + (forNcmFunction ? "NCM" : "RNDIS"));
}
- private void disableUsbIpServing(int interfaceType) {
- String[] ifaces = null;
- try {
- ifaces = mNetd.interfaceGetList();
- } catch (RemoteException | ServiceSpecificException e) {
- mLog.e("Cannot disableUsbIpServing due to error listing Interfaces" + e);
- return;
- }
+ private void disableUsbIpServing(boolean forNcmFunction) {
+ for (int i = 0; i < mTetherStates.size(); i++) {
+ final TetherState state = mTetherStates.valueAt(i);
+ final int type = state.ipServer.interfaceType();
+ if (type != TETHERING_USB && type != TETHERING_NCM) continue;
- String chosenIface = null;
- if (ifaces != null) {
- for (String iface : ifaces) {
- if (ifaceNameToType(iface) == interfaceType) {
- chosenIface = iface;
- break;
- }
+ if (state.isNcm == forNcmFunction) {
+ ensureIpServerStopped(state.ipServer.interfaceName());
}
}
-
- if (chosenIface == null) {
- Log.e(TAG, "could not find iface of type " + interfaceType);
- return;
- }
-
- changeInterfaceState(chosenIface, IpServer.STATE_AVAILABLE);
}
private void changeInterfaceState(String ifname, int requestedState) {
@@ -2545,10 +2569,10 @@
return;
}
- ensureIpServerStarted(iface, interfaceType);
+ ensureIpServerStarted(iface, interfaceType, false /* isNcm */);
}
- private void ensureIpServerStarted(final String iface, int interfaceType) {
+ private void ensureIpServerStarted(final String iface, int interfaceType, boolean isNcm) {
// If we have already started a TISM for this interface, skip.
if (mTetherStates.containsKey(iface)) {
mLog.log("active iface (" + iface + ") reported as added, ignoring");
@@ -2560,7 +2584,7 @@
new IpServer(iface, mLooper, interfaceType, mLog, mNetd, mBpfCoordinator,
makeControlCallback(), mConfig.enableLegacyDhcpServer,
mConfig.isBpfOffloadEnabled(), mPrivateAddressCoordinator,
- mDeps.getIpServerDependencies()));
+ mDeps.getIpServerDependencies()), isNcm);
mTetherStates.put(iface, tetherState);
tetherState.ipServer.start();
}
diff --git a/Tethering/src/com/android/networkstack/tethering/TetheringConfiguration.java b/Tethering/src/com/android/networkstack/tethering/TetheringConfiguration.java
index d2f44d3..b6240c4 100644
--- a/Tethering/src/com/android/networkstack/tethering/TetheringConfiguration.java
+++ b/Tethering/src/com/android/networkstack/tethering/TetheringConfiguration.java
@@ -170,8 +170,16 @@
mUsbTetheringFunction = getUsbTetheringFunction(res);
- tetherableUsbRegexs = getResourceStringArray(res, R.array.config_tether_usb_regexs);
- tetherableNcmRegexs = getResourceStringArray(res, R.array.config_tether_ncm_regexs);
+ final String[] ncmRegexs = getResourceStringArray(res, R.array.config_tether_ncm_regexs);
+ // If usb tethering use NCM and config_tether_ncm_regexs is not empty, use
+ // config_tether_ncm_regexs for tetherableUsbRegexs.
+ if (isUsingNcm() && (ncmRegexs.length != 0)) {
+ tetherableUsbRegexs = ncmRegexs;
+ tetherableNcmRegexs = EMPTY_STRING_ARRAY;
+ } else {
+ tetherableUsbRegexs = getResourceStringArray(res, R.array.config_tether_usb_regexs);
+ tetherableNcmRegexs = ncmRegexs;
+ }
// TODO: Evaluate deleting this altogether now that Wi-Fi always passes
// us an interface name. Careful consideration needs to be given to
// implications for Settings and for provisioning checks.
diff --git a/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkMonitor.java b/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkMonitor.java
index 69471a1..5584db2 100644
--- a/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkMonitor.java
+++ b/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkMonitor.java
@@ -49,7 +49,6 @@
import com.android.internal.util.StateMachine;
import com.android.networkstack.apishim.ConnectivityManagerShimImpl;
import com.android.networkstack.apishim.common.ConnectivityManagerShim;
-import com.android.networkstack.apishim.common.UnsupportedApiLevelException;
import java.util.HashMap;
import java.util.HashSet;
@@ -162,12 +161,7 @@
}
ConnectivityManagerShim mCmShim = ConnectivityManagerShimImpl.newInstance(mContext);
mDefaultNetworkCallback = new UpstreamNetworkCallback(CALLBACK_DEFAULT_INTERNET);
- try {
- mCmShim.registerSystemDefaultNetworkCallback(mDefaultNetworkCallback, mHandler);
- } catch (UnsupportedApiLevelException e) {
- Log.wtf(TAG, "registerSystemDefaultNetworkCallback is not supported");
- return;
- }
+ mCmShim.registerSystemDefaultNetworkCallback(mDefaultNetworkCallback, mHandler);
if (mEntitlementMgr == null) {
mEntitlementMgr = entitle;
}
diff --git a/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkState.java b/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkState.java
index bab9f84..986c3f7 100644
--- a/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkState.java
+++ b/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkState.java
@@ -15,6 +15,8 @@
*/
package com.android.networkstack.tethering;
+import static android.net.INetd.IPSEC_INTERFACE_PREFIX;
+
import android.net.LinkProperties;
import android.net.Network;
import android.net.NetworkCapabilities;
@@ -48,4 +50,9 @@
networkCapabilities == null ? "null" : networkCapabilities,
linkProperties == null ? "null" : linkProperties);
}
+
+ /** Check whether the interface is VCN. */
+ public static boolean isVcnInterface(@NonNull String iface) {
+ return iface.startsWith(IPSEC_INTERFACE_PREFIX);
+ }
}
diff --git a/Tethering/tests/unit/src/android/net/ip/IpServerTest.java b/Tethering/tests/unit/src/android/net/ip/IpServerTest.java
index 378a21c..6bf6a9f 100644
--- a/Tethering/tests/unit/src/android/net/ip/IpServerTest.java
+++ b/Tethering/tests/unit/src/android/net/ip/IpServerTest.java
@@ -146,8 +146,10 @@
private static final String IFACE_NAME = "testnet1";
private static final String UPSTREAM_IFACE = "upstream0";
private static final String UPSTREAM_IFACE2 = "upstream1";
+ private static final String IPSEC_IFACE = "ipsec0";
private static final int UPSTREAM_IFINDEX = 101;
private static final int UPSTREAM_IFINDEX2 = 102;
+ private static final int IPSEC_IFINDEX = 103;
private static final String BLUETOOTH_IFACE_ADDR = "192.168.44.1";
private static final int BLUETOOTH_DHCP_PREFIX_LENGTH = 24;
private static final int DHCP_LEASE_TIME_SECS = 3600;
@@ -160,6 +162,8 @@
private static final InterfaceParams UPSTREAM_IFACE_PARAMS2 = new InterfaceParams(
UPSTREAM_IFACE2, UPSTREAM_IFINDEX2, MacAddress.ALL_ZEROS_ADDRESS,
1500 /* defaultMtu */);
+ private static final InterfaceParams IPSEC_IFACE_PARAMS = new InterfaceParams(
+ IPSEC_IFACE, IPSEC_IFINDEX, MacAddress.ALL_ZEROS_ADDRESS, 1500 /* defaultMtu */);
private static final int MAKE_DHCPSERVER_TIMEOUT_MS = 1000;
@@ -208,6 +212,7 @@
when(mDependencies.getInterfaceParams(IFACE_NAME)).thenReturn(TEST_IFACE_PARAMS);
when(mDependencies.getInterfaceParams(UPSTREAM_IFACE)).thenReturn(UPSTREAM_IFACE_PARAMS);
when(mDependencies.getInterfaceParams(UPSTREAM_IFACE2)).thenReturn(UPSTREAM_IFACE_PARAMS2);
+ when(mDependencies.getInterfaceParams(IPSEC_IFACE)).thenReturn(IPSEC_IFACE_PARAMS);
mInterfaceConfiguration = new InterfaceConfigurationParcel();
mInterfaceConfiguration.flags = new String[0];
@@ -1453,4 +1458,23 @@
public void testDadProxyUpdates_EnabledAfterR() throws Exception {
checkDadProxyEnabled(true);
}
+
+ @Test
+ public void testSkipVirtualNetworkInBpf() throws Exception {
+ initTetheredStateMachine(TETHERING_BLUETOOTH, null);
+ final LinkProperties v6Only = new LinkProperties();
+ v6Only.setInterfaceName(IPSEC_IFACE);
+ dispatchTetherConnectionChanged(IPSEC_IFACE, v6Only, 0);
+
+ verify(mBpfCoordinator).maybeAttachProgram(IFACE_NAME, IPSEC_IFACE);
+ verify(mNetd).tetherAddForward(IFACE_NAME, IPSEC_IFACE);
+ verify(mNetd).ipfwdAddInterfaceForward(IFACE_NAME, IPSEC_IFACE);
+
+ final int myIfindex = TEST_IFACE_PARAMS.index;
+ final InetAddress neigh = InetAddresses.parseNumericAddress("2001:db8::1");
+ final MacAddress mac = MacAddress.fromString("00:00:00:00:00:0a");
+ recvNewNeigh(myIfindex, neigh, NUD_REACHABLE, mac);
+ verify(mBpfCoordinator, never()).tetherOffloadRuleAdd(
+ mIpServer, makeForwardingRule(IPSEC_IFINDEX, neigh, mac));
+ }
}
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java
index 914e0d4..ab542d6 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java
@@ -40,9 +40,10 @@
import static com.android.dx.mockito.inline.extended.ExtendedMockito.doReturn;
import static com.android.dx.mockito.inline.extended.ExtendedMockito.staticMockMarker;
+import static com.android.networkstack.tethering.BpfCoordinator.CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS;
+import static com.android.networkstack.tethering.BpfCoordinator.CONNTRACK_TIMEOUT_UPDATE_SLACK_MS;
import static com.android.networkstack.tethering.BpfCoordinator.NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED;
import static com.android.networkstack.tethering.BpfCoordinator.NF_CONNTRACK_UDP_TIMEOUT_STREAM;
-import static com.android.networkstack.tethering.BpfCoordinator.POLLING_CONNTRACK_TIMEOUT_MS;
import static com.android.networkstack.tethering.BpfCoordinator.StatsType;
import static com.android.networkstack.tethering.BpfCoordinator.StatsType.STATS_PER_IFACE;
import static com.android.networkstack.tethering.BpfCoordinator.StatsType.STATS_PER_UID;
@@ -1128,6 +1129,7 @@
final String intIface1 = "wlan1";
final String intIface2 = "rndis0";
final String extIface = "rmnet_data0";
+ final String virtualIface = "ipsec0";
final BpfUtils mockMarkerBpfUtils = staticMockMarker(BpfUtils.class);
final BpfCoordinator coordinator = makeBpfCoordinator();
@@ -1163,6 +1165,14 @@
ExtendedMockito.verify(() -> BpfUtils.detachProgram(intIface1));
ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
+
+ // [6] Skip attaching if upstream is virtual interface.
+ coordinator.maybeAttachProgram(intIface1, virtualIface);
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(extIface, DOWNSTREAM), never());
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(intIface1, UPSTREAM), never());
+ ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
+ ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
+
} finally {
mockSession.finishMocking();
}
@@ -1369,8 +1379,14 @@
}
final int status = (msgType == IPCTNL_MSG_CT_NEW) ? ESTABLISHED_MASK : DYING_MASK;
- final int timeoutSec = (msgType == IPCTNL_MSG_CT_NEW) ? 100 /* nonzero, new */
- : 0 /* unused, delete */;
+ int timeoutSec;
+ if (msgType == IPCTNL_MSG_CT_NEW) {
+ timeoutSec = (proto == IPPROTO_TCP)
+ ? NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED
+ : NF_CONNTRACK_UDP_TIMEOUT_STREAM;
+ } else {
+ timeoutSec = 0; /* unused, CT_DELETE */
+ }
return new ConntrackEvent(
(short) (NetlinkConstants.NFNL_SUBSYS_CTNETLINK << 8 | msgType),
new Tuple(new TupleIpv4(PRIVATE_ADDR, REMOTE_ADDR),
@@ -1526,23 +1542,27 @@
}
private void checkRefreshConntrackTimeout(final TestBpfMap<Tether4Key, Tether4Value> bpfMap,
- final Tether4Key tcpKey, final Tether4Value tcpValue, final Tether4Key udpKey,
- final Tether4Value udpValue) throws Exception {
+ int proto, final Tether4Key key, final Tether4Value value) throws Exception {
+ if (proto != IPPROTO_TCP && proto != IPPROTO_UDP) {
+ fail("Not support protocol " + proto);
+ }
// Both system elapsed time since boot and the rule last used time are used to measure
// the rule expiration. In this test, all test rules are fixed the last used time to 0.
// Set the different testing elapsed time to make the rule to be valid or expired.
//
// Timeline:
- // 0 60 (seconds)
- // +---+---+---+---+--...--+---+---+---+---+---+- ..
- // | POLLING_CONNTRACK_TIMEOUT_MS |
- // +---+---+---+---+--...--+---+---+---+---+---+- ..
- // |<- valid diff ->|
- // |<- expired diff ->|
- // ^ ^ ^
- // last used time elapsed time (valid) elapsed time (expired)
- final long validTime = (POLLING_CONNTRACK_TIMEOUT_MS - 1) * 1_000_000L;
- final long expiredTime = (POLLING_CONNTRACK_TIMEOUT_MS + 1) * 1_000_000L;
+ // CONNTRACK_TIMEOUT_UPDATE_SLACK_MS
+ // ->| |<-
+ // +---+---+---+---+---+--...--+---+---+---+---+---+-..-+---+-- ..
+ // | CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS |
+ // +---+---+---+---+---+--...--+---+---+---+---+---+-..-+---+-- ..
+ // |<- valid diff ->|
+ // |<- expired diff ->|
+ // ^ ^ ^
+ // last used time elapsed time (valid) elapsed time (expired)
+ final long validTimeNs = CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS * 1_000_000L;
+ final long expiredTimeNs = (CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS
+ + CONNTRACK_TIMEOUT_UPDATE_SLACK_MS + 1) * 1_000_000L;
// Static mocking for NetlinkSocket.
MockitoSession mockSession = ExtendedMockito.mockitoSession()
@@ -1551,36 +1571,33 @@
try {
final BpfCoordinator coordinator = makeBpfCoordinator();
coordinator.startPolling();
- bpfMap.insertEntry(tcpKey, tcpValue);
- bpfMap.insertEntry(udpKey, udpValue);
+ bpfMap.insertEntry(key, value);
// [1] Don't refresh contrack timeout.
- setElapsedRealtimeNanos(expiredTime);
- mTestLooper.moveTimeForward(POLLING_CONNTRACK_TIMEOUT_MS);
+ setElapsedRealtimeNanos(expiredTimeNs);
+ mTestLooper.moveTimeForward(CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS);
waitForIdle();
ExtendedMockito.verifyNoMoreInteractions(staticMockMarker(NetlinkSocket.class));
ExtendedMockito.clearInvocations(staticMockMarker(NetlinkSocket.class));
- // [2] Refresh contrack timeout.
- setElapsedRealtimeNanos(validTime);
- mTestLooper.moveTimeForward(POLLING_CONNTRACK_TIMEOUT_MS);
+ // [2] Refresh contrack timeout. UDP Only.
+ setElapsedRealtimeNanos(validTimeNs);
+ mTestLooper.moveTimeForward(CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS);
waitForIdle();
- final byte[] expectedNetlinkTcp = ConntrackMessage.newIPv4TimeoutUpdateRequest(
- IPPROTO_TCP, PRIVATE_ADDR, (int) PRIVATE_PORT, REMOTE_ADDR,
- (int) REMOTE_PORT, NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED);
- final byte[] expectedNetlinkUdp = ConntrackMessage.newIPv4TimeoutUpdateRequest(
- IPPROTO_UDP, PRIVATE_ADDR, (int) PRIVATE_PORT, REMOTE_ADDR,
- (int) REMOTE_PORT, NF_CONNTRACK_UDP_TIMEOUT_STREAM);
- ExtendedMockito.verify(() -> NetlinkSocket.sendOneShotKernelMessage(
- eq(NETLINK_NETFILTER), eq(expectedNetlinkTcp)));
- ExtendedMockito.verify(() -> NetlinkSocket.sendOneShotKernelMessage(
- eq(NETLINK_NETFILTER), eq(expectedNetlinkUdp)));
+
+ if (proto == IPPROTO_UDP) {
+ final byte[] expectedNetlinkUdp = ConntrackMessage.newIPv4TimeoutUpdateRequest(
+ IPPROTO_UDP, PRIVATE_ADDR, (int) PRIVATE_PORT, REMOTE_ADDR,
+ (int) REMOTE_PORT, NF_CONNTRACK_UDP_TIMEOUT_STREAM);
+ ExtendedMockito.verify(() -> NetlinkSocket.sendOneShotKernelMessage(
+ eq(NETLINK_NETFILTER), eq(expectedNetlinkUdp)));
+ }
ExtendedMockito.verifyNoMoreInteractions(staticMockMarker(NetlinkSocket.class));
ExtendedMockito.clearInvocations(staticMockMarker(NetlinkSocket.class));
// [3] Don't refresh contrack timeout if polling stopped.
coordinator.stopPolling();
- mTestLooper.moveTimeForward(POLLING_CONNTRACK_TIMEOUT_MS);
+ mTestLooper.moveTimeForward(CONNTRACK_TIMEOUT_UPDATE_INTERVAL_MS);
waitForIdle();
ExtendedMockito.verifyNoMoreInteractions(staticMockMarker(NetlinkSocket.class));
ExtendedMockito.clearInvocations(staticMockMarker(NetlinkSocket.class));
@@ -1591,33 +1608,57 @@
@Test
@IgnoreUpTo(Build.VERSION_CODES.R)
- public void testRefreshConntrackTimeout_Upstream4Map() throws Exception {
+ public void testRefreshConntrackTimeout_Upstream4MapTcp() throws Exception {
// TODO: Replace the dependencies BPF map with a non-mocked TestBpfMap object.
final TestBpfMap<Tether4Key, Tether4Value> bpfUpstream4Map =
new TestBpfMap<>(Tether4Key.class, Tether4Value.class);
doReturn(bpfUpstream4Map).when(mDeps).getBpfUpstream4Map();
- final Tether4Key tcpKey = makeUpstream4Key(IPPROTO_TCP);
- final Tether4Key udpKey = makeUpstream4Key(IPPROTO_UDP);
- final Tether4Value tcpValue = makeUpstream4Value();
- final Tether4Value udpValue = makeUpstream4Value();
+ final Tether4Key key = makeUpstream4Key(IPPROTO_TCP);
+ final Tether4Value value = makeUpstream4Value();
- checkRefreshConntrackTimeout(bpfUpstream4Map, tcpKey, tcpValue, udpKey, udpValue);
+ checkRefreshConntrackTimeout(bpfUpstream4Map, IPPROTO_TCP, key, value);
}
@Test
@IgnoreUpTo(Build.VERSION_CODES.R)
- public void testRefreshConntrackTimeout_Downstream4Map() throws Exception {
+ public void testRefreshConntrackTimeout_Upstream4MapUdp() throws Exception {
+ // TODO: Replace the dependencies BPF map with a non-mocked TestBpfMap object.
+ final TestBpfMap<Tether4Key, Tether4Value> bpfUpstream4Map =
+ new TestBpfMap<>(Tether4Key.class, Tether4Value.class);
+ doReturn(bpfUpstream4Map).when(mDeps).getBpfUpstream4Map();
+
+ final Tether4Key key = makeUpstream4Key(IPPROTO_UDP);
+ final Tether4Value value = makeUpstream4Value();
+
+ checkRefreshConntrackTimeout(bpfUpstream4Map, IPPROTO_UDP, key, value);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.R)
+ public void testRefreshConntrackTimeout_Downstream4MapTcp() throws Exception {
// TODO: Replace the dependencies BPF map with a non-mocked TestBpfMap object.
final TestBpfMap<Tether4Key, Tether4Value> bpfDownstream4Map =
new TestBpfMap<>(Tether4Key.class, Tether4Value.class);
doReturn(bpfDownstream4Map).when(mDeps).getBpfDownstream4Map();
- final Tether4Key tcpKey = makeDownstream4Key(IPPROTO_TCP);
- final Tether4Key udpKey = makeDownstream4Key(IPPROTO_UDP);
- final Tether4Value tcpValue = makeDownstream4Value();
- final Tether4Value udpValue = makeDownstream4Value();
+ final Tether4Key key = makeDownstream4Key(IPPROTO_TCP);
+ final Tether4Value value = makeDownstream4Value();
- checkRefreshConntrackTimeout(bpfDownstream4Map, tcpKey, tcpValue, udpKey, udpValue);
+ checkRefreshConntrackTimeout(bpfDownstream4Map, IPPROTO_TCP, key, value);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.R)
+ public void testRefreshConntrackTimeout_Downstream4MapUdp() throws Exception {
+ // TODO: Replace the dependencies BPF map with a non-mocked TestBpfMap object.
+ final TestBpfMap<Tether4Key, Tether4Value> bpfDownstream4Map =
+ new TestBpfMap<>(Tether4Key.class, Tether4Value.class);
+ doReturn(bpfDownstream4Map).when(mDeps).getBpfDownstream4Map();
+
+ final Tether4Key key = makeDownstream4Key(IPPROTO_UDP);
+ final Tether4Value value = makeDownstream4Value();
+
+ checkRefreshConntrackTimeout(bpfDownstream4Map, IPPROTO_UDP, key, value);
}
}
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringConfigurationTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringConfigurationTest.java
index 0f940d8..c0c2ab9 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringConfigurationTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringConfigurationTest.java
@@ -30,6 +30,7 @@
import static com.android.networkstack.tethering.TetheringConfiguration.TETHER_USB_NCM_FUNCTION;
import static com.android.networkstack.tethering.TetheringConfiguration.TETHER_USB_RNDIS_FUNCTION;
+import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
@@ -600,4 +601,48 @@
private void setTetherForceUsbFunctions(final int value) {
setTetherForceUsbFunctions(Integer.toString(value));
}
+
+ @Test
+ public void testNcmRegexs() throws Exception {
+ final String[] rndisRegexs = {"test_rndis\\d"};
+ final String[] ncmRegexs = {"test_ncm\\d"};
+ final String[] rndisNcmRegexs = {"test_rndis\\d", "test_ncm\\d"};
+
+ // cfg.isUsingNcm = false.
+ when(mResources.getInteger(R.integer.config_tether_usb_functions)).thenReturn(
+ TETHER_USB_RNDIS_FUNCTION);
+ setUsbAndNcmRegexs(rndisRegexs, ncmRegexs);
+ assertUsbAndNcmRegexs(rndisRegexs, ncmRegexs);
+
+ setUsbAndNcmRegexs(rndisNcmRegexs, new String[0]);
+ assertUsbAndNcmRegexs(rndisNcmRegexs, new String[0]);
+
+ // cfg.isUsingNcm = true.
+ when(mResources.getInteger(R.integer.config_tether_usb_functions)).thenReturn(
+ TETHER_USB_NCM_FUNCTION);
+ setUsbAndNcmRegexs(rndisRegexs, ncmRegexs);
+ assertUsbAndNcmRegexs(ncmRegexs, new String[0]);
+
+ setUsbAndNcmRegexs(rndisNcmRegexs, new String[0]);
+ assertUsbAndNcmRegexs(rndisNcmRegexs, new String[0]);
+
+ // Check USB regex is not overwritten by the NCM regex after force to use rndis from
+ // Settings.
+ setUsbAndNcmRegexs(rndisRegexs, ncmRegexs);
+ setTetherForceUsbFunctions(TETHER_USB_RNDIS_FUNCTION);
+ assertUsbAndNcmRegexs(rndisRegexs, ncmRegexs);
+ }
+
+ private void setUsbAndNcmRegexs(final String[] usbRegexs, final String[] ncmRegexs) {
+ when(mResources.getStringArray(R.array.config_tether_usb_regexs)).thenReturn(usbRegexs);
+ when(mResources.getStringArray(R.array.config_tether_ncm_regexs)).thenReturn(ncmRegexs);
+ }
+
+ private void assertUsbAndNcmRegexs(final String[] usbRegexs, final String[] ncmRegexs) {
+ final TetheringConfiguration cfg =
+ new TetheringConfiguration(mMockContext, mLog, INVALID_SUBSCRIPTION_ID);
+ assertArrayEquals(usbRegexs, cfg.tetherableUsbRegexs);
+ assertArrayEquals(ncmRegexs, cfg.tetherableNcmRegexs);
+ }
+
}
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringTest.java
index 9e0c880..f999dfa 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringTest.java
@@ -234,6 +234,8 @@
private static final int WIFI_NETID = 101;
private static final int DUN_NETID = 102;
+ private static final int TETHER_USB_RNDIS_NCM_FUNCTIONS = 2;
+
private static final int DHCPSERVER_START_TIMEOUT_MS = 1000;
@Mock private ApplicationInfo mApplicationInfo;
@@ -648,17 +650,17 @@
TetheringConfiguration.TETHER_USB_RNDIS_FUNCTION);
// Setup tetherable configuration.
when(mResources.getStringArray(R.array.config_tether_usb_regexs))
- .thenReturn(new String[] { TEST_RNDIS_REGEX});
+ .thenReturn(new String[] {TEST_RNDIS_REGEX});
when(mResources.getStringArray(R.array.config_tether_wifi_regexs))
- .thenReturn(new String[] { TEST_WIFI_REGEX });
+ .thenReturn(new String[] {TEST_WIFI_REGEX});
when(mResources.getStringArray(R.array.config_tether_wifi_p2p_regexs))
- .thenReturn(new String[] { TEST_P2P_REGEX });
+ .thenReturn(new String[] {TEST_P2P_REGEX});
when(mResources.getStringArray(R.array.config_tether_bluetooth_regexs))
- .thenReturn(new String[] { TEST_BT_REGEX });
+ .thenReturn(new String[] {TEST_BT_REGEX});
when(mResources.getStringArray(R.array.config_tether_ncm_regexs))
- .thenReturn(new String[] { TEST_NCM_REGEX });
+ .thenReturn(new String[] {TEST_NCM_REGEX});
when(mResources.getIntArray(R.array.config_tether_upstream_types)).thenReturn(
- new int[] { TYPE_WIFI, TYPE_MOBILE_DUN });
+ new int[] {TYPE_WIFI, TYPE_MOBILE_DUN});
when(mResources.getBoolean(R.bool.config_tether_upstream_automatic)).thenReturn(true);
}
@@ -738,7 +740,16 @@
mLooper.dispatchAll();
}
+ // enableType:
+ // No function enabled = -1
+ // TETHER_USB_RNDIS_FUNCTION = 0
+ // TETHER_USB_NCM_FUNCTIONS = 1
+ // TETHER_USB_RNDIS_NCM_FUNCTIONS = 2
private boolean tetherUsbFunctionMatches(int function, int enabledType) {
+ if (enabledType < 0) return false;
+
+ if (enabledType == TETHER_USB_RNDIS_NCM_FUNCTIONS) return function < enabledType;
+
return function == enabledType;
}
@@ -822,8 +833,6 @@
mTethering.startTethering(createTetheringRequestParcel(TETHERING_NCM), null);
mLooper.dispatchAll();
verify(mUsbManager, times(1)).setCurrentFunctions(UsbManager.FUNCTION_NCM);
-
- mTethering.interfaceStatusChanged(TEST_NCM_IFNAME, true);
}
private void prepareUsbTethering() {
@@ -1903,7 +1912,6 @@
private void runStopUSBTethering() {
mTethering.stopTethering(TETHERING_USB);
mLooper.dispatchAll();
- mTethering.interfaceRemoved(TEST_RNDIS_IFNAME);
sendUsbBroadcast(true, true, -1 /* function */);
mLooper.dispatchAll();
verify(mUsbManager).setCurrentFunctions(UsbManager.FUNCTION_NONE);
@@ -2087,7 +2095,7 @@
setDataSaverEnabled(true);
// Verify that tethering should be disabled.
verify(mUsbManager, times(1)).setCurrentFunctions(UsbManager.FUNCTION_NONE);
- mTethering.interfaceRemoved(TEST_RNDIS_IFNAME);
+ sendUsbBroadcast(true, true, -1 /* function */);
mLooper.dispatchAll();
assertEquals(mTethering.getTetheredIfaces(), new String[0]);
reset(mUsbManager, mIPv6TetheringCoordinator);
@@ -2350,14 +2358,14 @@
final String ipv4Address = ifaceConfigCaptor.getValue().ipv4Addr;
verify(mDhcpServer, timeout(DHCPSERVER_START_TIMEOUT_MS).times(1)).startWithCallbacks(
any(), any());
- reset(mNetd, mUsbManager);
+ reset(mUsbManager);
// Cause a prefix conflict by assigning a /30 out of the downstream's /24 to the upstream.
updateV4Upstream(new LinkAddress(InetAddresses.parseNumericAddress(ipv4Address), 30),
wifiNetwork, TEST_WIFI_IFNAME, TRANSPORT_WIFI);
// verify turn off usb tethering
verify(mUsbManager).setCurrentFunctions(UsbManager.FUNCTION_NONE);
- mTethering.interfaceRemoved(TEST_RNDIS_IFNAME);
+ sendUsbBroadcast(true, true, -1 /* function */);
mLooper.dispatchAll();
// verify restart usb tethering
verify(mUsbManager).setCurrentFunctions(UsbManager.FUNCTION_RNDIS);
@@ -2398,7 +2406,7 @@
verify(mUsbManager).setCurrentFunctions(UsbManager.FUNCTION_NONE);
// verify turn off ethernet tethering
verify(mockRequest).release();
- mTethering.interfaceRemoved(TEST_RNDIS_IFNAME);
+ sendUsbBroadcast(true, true, -1 /* function */);
ethCallback.onUnavailable();
mLooper.dispatchAll();
// verify restart usb tethering
@@ -2657,12 +2665,6 @@
forceUsbTetheringUse(TETHER_USB_NCM_FUNCTION);
verifyUsbTetheringStopDueToSettingChange(TEST_NCM_IFNAME);
- // TODO: move this into setup after allowing configure TEST_NCM_REGEX into
- // config_tether_usb_regexs and config_tether_ncm_regexs at the same time.
- when(mResources.getStringArray(R.array.config_tether_usb_regexs))
- .thenReturn(new String[] {TEST_RNDIS_REGEX, TEST_NCM_REGEX});
- sendConfigurationChanged();
-
// If TETHERING_USB is forced to use ncm function, TETHERING_NCM would no longer be
// available.
final ResultListener ncmResult = new ResultListener(TETHER_ERROR_SERVICE_UNAVAIL);
diff --git a/framework/Android.bp b/framework/Android.bp
index 93ef3bf..ee3a5d5 100644
--- a/framework/Android.bp
+++ b/framework/Android.bp
@@ -97,8 +97,6 @@
],
},
impl_only_libs: [
- // TODO (b/183097033) remove once module_current includes core_platform
- "stable.core.platform.api.stubs",
"framework-tethering.stubs.module_lib",
"framework-wifi.stubs.module_lib",
"net-utils-device-common",
diff --git a/framework/api/current.txt b/framework/api/current.txt
index 7692e30..13ecb12 100644
--- a/framework/api/current.txt
+++ b/framework/api/current.txt
@@ -68,7 +68,6 @@
method public boolean bindProcessToNetwork(@Nullable android.net.Network);
method @NonNull public android.net.SocketKeepalive createSocketKeepalive(@NonNull android.net.Network, @NonNull android.net.IpSecManager.UdpEncapsulationSocket, @NonNull java.net.InetAddress, @NonNull java.net.InetAddress, @NonNull java.util.concurrent.Executor, @NonNull android.net.SocketKeepalive.Callback);
method @Nullable @RequiresPermission(android.Manifest.permission.ACCESS_NETWORK_STATE) public android.net.Network getActiveNetwork();
- method @Nullable @RequiresPermission(android.Manifest.permission.NETWORK_STACK) public android.net.Network getActiveNetworkForUid(int);
method @Deprecated @Nullable @RequiresPermission(android.Manifest.permission.ACCESS_NETWORK_STATE) public android.net.NetworkInfo getActiveNetworkInfo();
method @Deprecated @NonNull @RequiresPermission(android.Manifest.permission.ACCESS_NETWORK_STATE) public android.net.NetworkInfo[] getAllNetworkInfo();
method @NonNull @RequiresPermission(android.Manifest.permission.ACCESS_NETWORK_STATE) public android.net.Network[] getAllNetworks();
@@ -310,6 +309,7 @@
field public static final int NET_CAPABILITY_ENTERPRISE = 29; // 0x1d
field public static final int NET_CAPABILITY_FOREGROUND = 19; // 0x13
field public static final int NET_CAPABILITY_FOTA = 3; // 0x3
+ field public static final int NET_CAPABILITY_HEAD_UNIT = 32; // 0x20
field public static final int NET_CAPABILITY_IA = 7; // 0x7
field public static final int NET_CAPABILITY_IMS = 4; // 0x4
field public static final int NET_CAPABILITY_INTERNET = 12; // 0xc
@@ -333,6 +333,7 @@
field public static final int TRANSPORT_CELLULAR = 0; // 0x0
field public static final int TRANSPORT_ETHERNET = 3; // 0x3
field public static final int TRANSPORT_LOWPAN = 6; // 0x6
+ field public static final int TRANSPORT_USB = 8; // 0x8
field public static final int TRANSPORT_VPN = 4; // 0x4
field public static final int TRANSPORT_WIFI = 1; // 0x1
field public static final int TRANSPORT_WIFI_AWARE = 5; // 0x5
diff --git a/framework/src/android/net/ConnectivityManager.java b/framework/src/android/net/ConnectivityManager.java
index 7e2f688..eecd12c 100644
--- a/framework/src/android/net/ConnectivityManager.java
+++ b/framework/src/android/net/ConnectivityManager.java
@@ -1187,7 +1187,8 @@
*
* @return a {@link Network} object for the current default network for the
* given UID or {@code null} if no default network is currently active
- * TODO: b/183465229 Cleanup getActiveNetworkForUid once b/165835257 is fixed
+ *
+ * @hide
*/
@RequiresPermission(android.Manifest.permission.NETWORK_STACK)
@Nullable
@@ -4939,7 +4940,7 @@
Log.e(TAG, "Can't set proxy properties", e);
}
// Must flush DNS cache as new network may have different DNS resolutions.
- InetAddressCompat.clearDnsCache();
+ InetAddress.clearDnsCache();
// Must flush socket pool as idle sockets will be bound to previous network and may
// cause subsequent fetches to be performed on old network.
NetworkEventDispatcher.getInstance().dispatchNetworkConfigurationChange();
diff --git a/framework/src/android/net/ConnectivitySettingsManager.java b/framework/src/android/net/ConnectivitySettingsManager.java
index 085de6b..8fc0065 100644
--- a/framework/src/android/net/ConnectivitySettingsManager.java
+++ b/framework/src/android/net/ConnectivitySettingsManager.java
@@ -29,6 +29,8 @@
import android.annotation.SystemApi;
import android.content.Context;
import android.net.ConnectivityManager.MultipathPreference;
+import android.os.Binder;
+import android.os.Build;
import android.os.Process;
import android.os.UserHandle;
import android.provider.Settings;
@@ -1039,6 +1041,15 @@
return getUidSetFromString(uidList);
}
+ private static boolean isCallingFromSystem() {
+ final int uid = Binder.getCallingUid();
+ final int pid = Binder.getCallingPid();
+ if (uid == Process.SYSTEM_UID && pid == Process.myPid()) {
+ return true;
+ }
+ return false;
+ }
+
/**
* Set the list of uids(from {@link Settings}) that is allowed to use restricted networks.
*
@@ -1047,6 +1058,15 @@
*/
public static void setUidsAllowedOnRestrictedNetworks(@NonNull Context context,
@NonNull Set<Integer> uidList) {
+ final boolean calledFromSystem = isCallingFromSystem();
+ if (!calledFromSystem) {
+ // Enforce NETWORK_SETTINGS check if it's debug build. This is for MTS test only.
+ if (!Build.isDebuggable()) {
+ throw new SecurityException("Only system can set this setting.");
+ }
+ context.enforceCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS,
+ "Requires NETWORK_SETTINGS permission");
+ }
final String uids = getUidStringFromSet(uidList);
Settings.Global.putString(context.getContentResolver(), UIDS_ALLOWED_ON_RESTRICTED_NETWORKS,
uids);
diff --git a/framework/src/android/net/InetAddressCompat.java b/framework/src/android/net/InetAddressCompat.java
deleted file mode 100644
index 6b7e75c..0000000
--- a/framework/src/android/net/InetAddressCompat.java
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Copyright (C) 2021 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.net;
-
-import android.util.Log;
-
-import java.lang.reflect.InvocationTargetException;
-import java.net.InetAddress;
-import java.net.UnknownHostException;
-
-/**
- * Compatibility utility for InetAddress core platform APIs.
- *
- * Connectivity has access to such APIs, but they are not part of the module_current stubs yet
- * (only core_current). Most stable core platform APIs are included manually in the connectivity
- * build rules, but because InetAddress is also part of the base java SDK that is earlier on the
- * classpath, the extra core platform APIs are not seen.
- *
- * TODO (b/183097033): remove this utility as soon as core_current is part of module_current
- * @hide
- */
-public class InetAddressCompat {
-
- /**
- * @see InetAddress#clearDnsCache()
- */
- public static void clearDnsCache() {
- try {
- InetAddress.class.getMethod("clearDnsCache").invoke(null);
- } catch (InvocationTargetException e) {
- if (e.getCause() instanceof RuntimeException) {
- throw (RuntimeException) e.getCause();
- }
- throw new IllegalStateException("Unknown InvocationTargetException", e.getCause());
- } catch (IllegalAccessException | NoSuchMethodException e) {
- Log.wtf(InetAddressCompat.class.getSimpleName(), "Error clearing DNS cache", e);
- }
- }
-
- /**
- * @see InetAddress#getAllByNameOnNet(String, int)
- */
- public static InetAddress[] getAllByNameOnNet(String host, int netId) throws
- UnknownHostException {
- return (InetAddress[]) callGetByNameMethod("getAllByNameOnNet", host, netId);
- }
-
- /**
- * @see InetAddress#getByNameOnNet(String, int)
- */
- public static InetAddress getByNameOnNet(String host, int netId) throws
- UnknownHostException {
- return (InetAddress) callGetByNameMethod("getByNameOnNet", host, netId);
- }
-
- private static Object callGetByNameMethod(String method, String host, int netId)
- throws UnknownHostException {
- try {
- return InetAddress.class.getMethod(method, String.class, int.class)
- .invoke(null, host, netId);
- } catch (InvocationTargetException e) {
- if (e.getCause() instanceof UnknownHostException) {
- throw (UnknownHostException) e.getCause();
- }
- if (e.getCause() instanceof RuntimeException) {
- throw (RuntimeException) e.getCause();
- }
- throw new IllegalStateException("Unknown InvocationTargetException", e.getCause());
- } catch (IllegalAccessException | NoSuchMethodException e) {
- Log.wtf(InetAddressCompat.class.getSimpleName(), "Error calling " + method, e);
- throw new IllegalStateException("Error querying via " + method, e);
- }
- }
-}
diff --git a/framework/src/android/net/Network.java b/framework/src/android/net/Network.java
index 1f49033..b3770ea 100644
--- a/framework/src/android/net/Network.java
+++ b/framework/src/android/net/Network.java
@@ -142,7 +142,7 @@
* @throws UnknownHostException if the address lookup fails.
*/
public InetAddress[] getAllByName(String host) throws UnknownHostException {
- return InetAddressCompat.getAllByNameOnNet(host, getNetIdForResolv());
+ return InetAddress.getAllByNameOnNet(host, getNetIdForResolv());
}
/**
@@ -155,7 +155,7 @@
* if the address lookup fails.
*/
public InetAddress getByName(String host) throws UnknownHostException {
- return InetAddressCompat.getByNameOnNet(host, getNetIdForResolv());
+ return InetAddress.getByNameOnNet(host, getNetIdForResolv());
}
/**
diff --git a/framework/src/android/net/NetworkCapabilities.java b/framework/src/android/net/NetworkCapabilities.java
index 3a07db3..ec71d3d 100644
--- a/framework/src/android/net/NetworkCapabilities.java
+++ b/framework/src/android/net/NetworkCapabilities.java
@@ -262,6 +262,7 @@
NET_CAPABILITY_ENTERPRISE,
NET_CAPABILITY_VSIM,
NET_CAPABILITY_BIP,
+ NET_CAPABILITY_HEAD_UNIT,
})
public @interface NetCapability { }
@@ -495,8 +496,13 @@
@SystemApi
public static final int NET_CAPABILITY_BIP = 31;
+ /**
+ * Indicates that this network is connected to an automotive head unit.
+ */
+ public static final int NET_CAPABILITY_HEAD_UNIT = 32;
+
private static final int MIN_NET_CAPABILITY = NET_CAPABILITY_MMS;
- private static final int MAX_NET_CAPABILITY = NET_CAPABILITY_BIP;
+ private static final int MAX_NET_CAPABILITY = NET_CAPABILITY_HEAD_UNIT;
/**
* Network capabilities that are expected to be mutable, i.e., can change while a particular
@@ -514,7 +520,10 @@
| (1 << NET_CAPABILITY_NOT_SUSPENDED)
| (1 << NET_CAPABILITY_PARTIAL_CONNECTIVITY)
| (1 << NET_CAPABILITY_TEMPORARILY_NOT_METERED)
- | (1 << NET_CAPABILITY_NOT_VCN_MANAGED);
+ | (1 << NET_CAPABILITY_NOT_VCN_MANAGED)
+ // The value of NET_CAPABILITY_HEAD_UNIT is 32, which cannot use int to do bit shift,
+ // otherwise there will be an overflow. Use long to do bit shift instead.
+ | (1L << NET_CAPABILITY_HEAD_UNIT);
/**
* Network capabilities that are not allowed in NetworkRequests. This exists because the
@@ -868,6 +877,7 @@
TRANSPORT_WIFI_AWARE,
TRANSPORT_LOWPAN,
TRANSPORT_TEST,
+ TRANSPORT_USB,
})
public @interface Transport { }
@@ -914,10 +924,15 @@
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
public static final int TRANSPORT_TEST = 7;
+ /**
+ * Indicates this network uses a USB transport.
+ */
+ public static final int TRANSPORT_USB = 8;
+
/** @hide */
public static final int MIN_TRANSPORT = TRANSPORT_CELLULAR;
/** @hide */
- public static final int MAX_TRANSPORT = TRANSPORT_TEST;
+ public static final int MAX_TRANSPORT = TRANSPORT_USB;
/** @hide */
public static boolean isValidTransport(@Transport int transportType) {
@@ -932,7 +947,8 @@
"VPN",
"WIFI_AWARE",
"LOWPAN",
- "TEST"
+ "TEST",
+ "USB"
};
/**
@@ -2121,6 +2137,7 @@
case NET_CAPABILITY_ENTERPRISE: return "ENTERPRISE";
case NET_CAPABILITY_VSIM: return "VSIM";
case NET_CAPABILITY_BIP: return "BIP";
+ case NET_CAPABILITY_HEAD_UNIT: return "HEAD_UNIT";
default: return Integer.toString(capability);
}
}
diff --git a/service/Android.bp b/service/Android.bp
index 9d76e19..abaeeb3 100644
--- a/service/Android.bp
+++ b/service/Android.bp
@@ -53,13 +53,10 @@
"src/**/*.java",
":framework-connectivity-shared-srcs",
":services-connectivity-shared-srcs",
- // TODO: move to net-utils-device-common, enable shrink optimization to avoid extra classes
- ":net-module-utils-srcs",
+ // TODO: move to net-utils-device-common
+ ":connectivity-module-utils-srcs",
],
libs: [
- // TODO (b/183097033) remove once system_server_current includes core_current
- "stable.core.platform.api.stubs",
- "android_system_server_stubs_current",
"framework-annotations-lib",
"framework-connectivity.impl",
"framework-tethering.stubs.module_lib",
@@ -68,7 +65,8 @@
"ServiceConnectivityResources",
],
static_libs: [
- "dnsresolver_aidl_interface-V7-java",
+ "dnsresolver_aidl_interface-V8-java",
+ "modules-utils-build",
"modules-utils-os",
"net-utils-device-common",
"net-utils-framework-common",
diff --git a/service/jarjar-rules.txt b/service/jarjar-rules.txt
index 5caa11b..4ba6837 100644
--- a/service/jarjar-rules.txt
+++ b/service/jarjar-rules.txt
@@ -1,17 +1,97 @@
-rule android.sysprop.** com.android.connectivity.sysprop.@1
-rule com.android.net.module.util.** com.android.connectivity.net-utils.@1
-rule com.android.modules.utils.** com.android.connectivity.modules-utils.@1
+rule android.sysprop.** com.android.connectivity.@0
+rule com.android.net.module.util.** com.android.connectivity.@0
+rule com.android.modules.utils.** com.android.connectivity.@0
-# internal util classes
-# Exclude AsyncChannel. TODO: remove AsyncChannel usage in ConnectivityService
-rule com.android.internal.util.AsyncChannel* @0
-# Exclude LocationPermissionChecker. This is going to be moved to libs/net
-rule com.android.internal.util.LocationPermissionChecker* @0
-rule android.util.LocalLog* com.android.connectivity.util.LocalLog@1
+# internal util classes from framework-connectivity-shared-srcs
+rule android.util.LocalLog* com.android.connectivity.@0
# android.util.IndentingPrintWriter* should use a different package name from
# the one in com.android.internal.util
-rule android.util.IndentingPrintWriter* android.connectivity.util.IndentingPrintWriter@1
-rule com.android.internal.util.** com.android.connectivity.util.@1
+rule android.util.IndentingPrintWriter* com.android.connectivity.@0
+rule com.android.internal.util.IndentingPrintWriter* com.android.connectivity.@0
+rule com.android.internal.util.IState* com.android.connectivity.@0
+rule com.android.internal.util.MessageUtils* com.android.connectivity.@0
+rule com.android.internal.util.State* com.android.connectivity.@0
+rule com.android.internal.util.StateMachine* com.android.connectivity.@0
+rule com.android.internal.util.WakeupMessage* com.android.connectivity.@0
-rule com.android.internal.messages.** com.android.connectivity.messages.@1
-rule com.google.protobuf.** com.android.connectivity.protobuf.@1
+rule com.android.internal.messages.** com.android.connectivity.@0
+rule com.google.protobuf.** com.android.connectivity.@0
+
+# From dnsresolver_aidl_interface (newer AIDLs should go to android.net.resolv.aidl)
+rule android.net.resolv.aidl.** com.android.connectivity.@0
+rule android.net.IDnsResolver* com.android.connectivity.@0
+rule android.net.ResolverHostsParcel* com.android.connectivity.@0
+rule android.net.ResolverOptionsParcel* com.android.connectivity.@0
+rule android.net.ResolverParamsParcel* com.android.connectivity.@0
+rule android.net.ResolverParamsParcel* com.android.connectivity.@0
+# Also includes netd event listener AIDL, but this is handled by netd-client rules
+
+# From net-utils-device-common
+rule android.net.NetworkFactory* com.android.connectivity.@0
+
+# From netd-client (newer AIDLs should go to android.net.netd.aidl)
+rule android.net.netd.aidl.** com.android.connectivity.@0
+# Avoid including android.net.INetdEventCallback, used in tests but not part of the module
+rule android.net.INetd com.android.connectivity.@0
+rule android.net.INetd$* com.android.connectivity.@0
+rule android.net.INetdUnsolicitedEventListener* com.android.connectivity.@0
+rule android.net.InterfaceConfigurationParcel* com.android.connectivity.@0
+rule android.net.MarkMaskParcel* com.android.connectivity.@0
+rule android.net.NativeNetworkConfig* com.android.connectivity.@0
+rule android.net.NativeNetworkType* com.android.connectivity.@0
+rule android.net.NativeVpnType* com.android.connectivity.@0
+rule android.net.RouteInfoParcel* com.android.connectivity.@0
+rule android.net.TetherConfigParcel* com.android.connectivity.@0
+rule android.net.TetherOffloadRuleParcel* com.android.connectivity.@0
+rule android.net.TetherStatsParcel* com.android.connectivity.@0
+rule android.net.UidRangeParcel* com.android.connectivity.@0
+rule android.net.metrics.INetdEventListener* com.android.connectivity.@0
+
+# From netlink-client
+rule android.net.netlink.** com.android.connectivity.@0
+
+# From networkstack-client (newer AIDLs should go to android.net.[networkstack|ipmemorystore].aidl)
+rule android.net.networkstack.aidl.** com.android.connectivity.@0
+rule android.net.ipmemorystore.aidl.** com.android.connectivity.@0
+rule android.net.ipmemorystore.aidl.** com.android.connectivity.@0
+rule android.net.DataStallReportParcelable* com.android.connectivity.@0
+rule android.net.DhcpResultsParcelable* com.android.connectivity.@0
+rule android.net.IIpMemoryStore* com.android.connectivity.@0
+rule android.net.INetworkMonitor* com.android.connectivity.@0
+rule android.net.INetworkStackConnector* com.android.connectivity.@0
+rule android.net.INetworkStackStatusCallback* com.android.connectivity.@0
+rule android.net.InformationElementParcelable* com.android.connectivity.@0
+rule android.net.InitialConfigurationParcelable* com.android.connectivity.@0
+rule android.net.IpMemoryStore* com.android.connectivity.@0
+rule android.net.Layer2InformationParcelable* com.android.connectivity.@0
+rule android.net.Layer2PacketParcelable* com.android.connectivity.@0
+rule android.net.NattKeepalivePacketDataParcelable* com.android.connectivity.@0
+rule android.net.NetworkMonitorManager* com.android.connectivity.@0
+rule android.net.NetworkTestResultParcelable* com.android.connectivity.@0
+rule android.net.PrivateDnsConfigParcel* com.android.connectivity.@0
+rule android.net.ProvisioningConfigurationParcelable* com.android.connectivity.@0
+rule android.net.ScanResultInfoParcelable* com.android.connectivity.@0
+rule android.net.TcpKeepalivePacketDataParcelable* com.android.connectivity.@0
+rule android.net.dhcp.DhcpLeaseParcelable* com.android.connectivity.@0
+rule android.net.dhcp.DhcpServingParamsParcel* com.android.connectivity.@0
+rule android.net.dhcp.IDhcpEventCallbacks* com.android.connectivity.@0
+rule android.net.dhcp.IDhcpServer* com.android.connectivity.@0
+rule android.net.ip.IIpClient* com.android.connectivity.@0
+rule android.net.ip.IpClientCallbacks* com.android.connectivity.@0
+rule android.net.ip.IpClientManager* com.android.connectivity.@0
+rule android.net.ip.IpClientUtil* com.android.connectivity.@0
+rule android.net.ipmemorystore.** com.android.connectivity.@0
+rule android.net.networkstack.** com.android.connectivity.@0
+rule android.net.shared.** com.android.connectivity.@0
+rule android.net.util.KeepalivePacketDataUtil* com.android.connectivity.@0
+
+# From connectivity-module-utils
+rule android.net.util.InterfaceParams* com.android.connectivity.@0
+rule android.net.util.SharedLog* com.android.connectivity.@0
+rule android.net.shared.** com.android.connectivity.@0
+
+# From services-connectivity-shared-srcs
+rule android.net.util.NetworkConstants* com.android.connectivity.@0
+
+# Remaining are connectivity sources in com.android.server and com.android.server.connectivity:
+# TODO: move to a subpackage of com.android.connectivity (such as com.android.connectivity.server)
diff --git a/service/src/com/android/server/ConnectivityService.java b/service/src/com/android/server/ConnectivityService.java
index de56789..770aa8a 100644
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -55,6 +55,7 @@
import static android.net.ConnectivitySettingsManager.PRIVATE_DNS_MODE_OPPORTUNISTIC;
import static android.net.INetworkMonitor.NETWORK_VALIDATION_PROBE_PRIVDNS;
import static android.net.INetworkMonitor.NETWORK_VALIDATION_RESULT_PARTIAL;
+import static android.net.INetworkMonitor.NETWORK_VALIDATION_RESULT_SKIPPED;
import static android.net.INetworkMonitor.NETWORK_VALIDATION_RESULT_VALID;
import static android.net.NetworkCapabilities.NET_CAPABILITY_CAPTIVE_PORTAL;
import static android.net.NetworkCapabilities.NET_CAPABILITY_ENTERPRISE;
@@ -177,6 +178,7 @@
import android.net.VpnTransportInfo;
import android.net.metrics.IpConnectivityLog;
import android.net.metrics.NetworkEvent;
+import android.net.netd.aidl.NativeUidRangeConfig;
import android.net.netlink.InetDiagMessage;
import android.net.networkstack.ModuleNetworkStackClient;
import android.net.networkstack.NetworkStackClientBase;
@@ -400,30 +402,45 @@
}
/**
- * The priority value is used when issue uid ranges rules to netd. Netd will use the priority
- * value and uid ranges to generate corresponding ip rules specific to the given preference.
- * Thus, any device originated data traffic of the applied uids can be routed to the altered
- * default network which has highest priority.
+ * For per-app preferences, requests contain an int to signify which request
+ * should have priority. The priority is passed to netd which will use it
+ * together with UID ranges to generate the corresponding IP rule. This serves
+ * to direct device-originated data traffic of the specific UIDs to the correct
+ * default network for each app.
+ * Priorities passed to netd must be in the 0~999 range. Larger values code for
+ * a lower priority, {@see NativeUidRangeConfig}
*
- * Note: The priority value should be in 0~1000. Larger value means lower priority, see
- * {@link NativeUidRangeConfig}.
+ * Requests that don't code for a per-app preference use PREFERENCE_PRIORITY_INVALID.
+ * The default request uses PREFERENCE_PRIORITY_DEFAULT.
*/
- // This is default priority value for those NetworkRequests which doesn't have preference to
- // alter default network and use the global one.
+ // Bound for the lowest valid priority.
+ static final int PREFERENCE_PRIORITY_LOWEST = 999;
+ // Used when sending to netd to code for "no priority".
+ static final int PREFERENCE_PRIORITY_NONE = 0;
+ // Priority for requests that don't code for a per-app preference. As it is
+ // out of the valid range, the corresponding priority should be
+ // PREFERENCE_PRIORITY_NONE when sending to netd.
@VisibleForTesting
- static final int DEFAULT_NETWORK_PRIORITY_NONE = 0;
- // Used by automotive devices to set the network preferences used to direct traffic at an
- // application level. See {@link #setOemNetworkPreference}.
+ static final int PREFERENCE_PRIORITY_INVALID = Integer.MAX_VALUE;
+ // Priority for the default internet request. Since this must always have the
+ // lowest priority, its value is larger than the largest acceptable value. As
+ // it is out of the valid range, the corresponding priority should be
+ // PREFERENCE_PRIORITY_NONE when sending to netd.
+ static final int PREFERENCE_PRIORITY_DEFAULT = 1000;
+ // As a security feature, VPNs have the top priority.
+ static final int PREFERENCE_PRIORITY_VPN = 0; // Netd supports only 0 for VPN.
+ // Priority of per-app OEM preference. See {@link #setOemNetworkPreference}.
@VisibleForTesting
- static final int DEFAULT_NETWORK_PRIORITY_OEM = 10;
- // Request that a user profile is put by default on a network matching a given preference.
+ static final int PREFERENCE_PRIORITY_OEM = 10;
+ // Priority of per-profile preference, such as used by enterprise networks.
// See {@link #setProfileNetworkPreference}.
@VisibleForTesting
- static final int DEFAULT_NETWORK_PRIORITY_PROFILE = 20;
- // Set by MOBILE_DATA_PREFERRED_UIDS setting. Use mobile data in preference even when
- // higher-priority networks are connected.
+ static final int PREFERENCE_PRIORITY_PROFILE = 20;
+ // Priority of user setting to prefer mobile data even when networks with
+ // better scores are connected.
+ // See {@link ConnectivitySettingsManager#setMobileDataPreferredUids}
@VisibleForTesting
- static final int DEFAULT_NETWORK_PRIORITY_MOBILE_DATA_PREFERRED = 30;
+ static final int PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED = 30;
/**
* used internally to clear a wakelock when transitioning
@@ -541,9 +558,9 @@
private static final int EVENT_SET_AVOID_UNVALIDATED = 35;
/**
- * used to trigger revalidation of a network.
+ * used to handle reported network connectivity. May trigger revalidation of a network.
*/
- private static final int EVENT_REVALIDATE_NETWORK = 36;
+ private static final int EVENT_REPORT_NETWORK_CONNECTIVITY = 36;
// Handle changes in Private DNS settings.
private static final int EVENT_PRIVATE_DNS_SETTINGS_CHANGED = 37;
@@ -3260,11 +3277,6 @@
}
case NetworkAgent.EVENT_UNDERLYING_NETWORKS_CHANGED: {
// TODO: prevent loops, e.g., if a network declares itself as underlying.
- if (!nai.supportsUnderlyingNetworks()) {
- Log.wtf(TAG, "Non-virtual networks cannot have underlying networks");
- break;
- }
-
final List<Network> underlying = (List<Network>) arg.second;
if (isLegacyLockdownNai(nai)
@@ -3541,8 +3553,14 @@
final NetworkAgentInfo nai = getNetworkAgentInfoForNetId(mNetId);
if (nai == null) return;
+ // NetworkMonitor reports the network validation result as a bitmask while
+ // ConnectivityDiagnostics treats this value as an int. Convert the result to a single
+ // logical value for ConnectivityDiagnostics.
+ final int validationResult = networkMonitorValidationResultToConnDiagsValidationResult(
+ p.result);
+
final PersistableBundle extras = new PersistableBundle();
- extras.putInt(KEY_NETWORK_VALIDATION_RESULT, p.result);
+ extras.putInt(KEY_NETWORK_VALIDATION_RESULT, validationResult);
extras.putInt(KEY_NETWORK_PROBES_SUCCEEDED_BITMASK, p.probesSucceeded);
extras.putInt(KEY_NETWORK_PROBES_ATTEMPTED_BITMASK, p.probesAttempted);
@@ -3618,6 +3636,22 @@
}
}
+ /**
+ * Converts the given NetworkMonitor-specific validation result bitmask to a
+ * ConnectivityDiagnostics-specific validation result int.
+ */
+ private int networkMonitorValidationResultToConnDiagsValidationResult(int validationResult) {
+ if ((validationResult & NETWORK_VALIDATION_RESULT_SKIPPED) != 0) {
+ return ConnectivityReport.NETWORK_VALIDATION_RESULT_SKIPPED;
+ }
+ if ((validationResult & NETWORK_VALIDATION_RESULT_VALID) == 0) {
+ return ConnectivityReport.NETWORK_VALIDATION_RESULT_INVALID;
+ }
+ return (validationResult & NETWORK_VALIDATION_RESULT_PARTIAL) != 0
+ ? ConnectivityReport.NETWORK_VALIDATION_RESULT_PARTIALLY_VALID
+ : ConnectivityReport.NETWORK_VALIDATION_RESULT_VALID;
+ }
+
private void notifyDataStallSuspected(DataStallReportParcelable p, int netId) {
log("Data stall detected with methods: " + p.detectionMethod);
@@ -4187,13 +4221,16 @@
private void handleRemoveNetworkRequest(@NonNull final NetworkRequestInfo nri) {
ensureRunningOnConnectivityServiceThread();
- nri.unlinkDeathRecipient();
for (final NetworkRequest req : nri.mRequests) {
- mNetworkRequests.remove(req);
+ if (null == mNetworkRequests.remove(req)) {
+ logw("Attempted removal of untracked request " + req + " for nri " + nri);
+ continue;
+ }
if (req.isListen()) {
removeListenRequestFromNetworks(req);
}
}
+ nri.unlinkDeathRecipient();
if (mDefaultNetworkRequests.remove(nri)) {
// If this request was one of the defaults, then the UID rules need to be updated
// WARNING : if the app(s) for which this network request is the default are doing
@@ -4205,10 +4242,10 @@
final NetworkAgentInfo satisfier = nri.getSatisfier();
if (null != satisfier) {
try {
- // TODO: Passing default network priority to netd.
- mNetd.networkRemoveUidRanges(satisfier.network.getNetId(),
- toUidRangeStableParcels(nri.getUids())
- /* nri.getDefaultNetworkPriority() */);
+ mNetd.networkRemoveUidRangesParcel(new NativeUidRangeConfig(
+ satisfier.network.getNetId(),
+ toUidRangeStableParcels(nri.getUids()),
+ nri.getPriorityForNetd()));
} catch (RemoteException e) {
loge("Exception setting network preference default network", e);
}
@@ -4867,8 +4904,9 @@
mKeepaliveTracker.handleStopKeepalive(nai, slot, reason);
break;
}
- case EVENT_REVALIDATE_NETWORK: {
- handleReportNetworkConnectivity((Network) msg.obj, msg.arg1, toBool(msg.arg2));
+ case EVENT_REPORT_NETWORK_CONNECTIVITY: {
+ handleReportNetworkConnectivity((NetworkAgentInfo) msg.obj, msg.arg1,
+ toBool(msg.arg2));
break;
}
case EVENT_PRIVATE_DNS_SETTINGS_CHANGED:
@@ -5031,41 +5069,34 @@
final int uid = mDeps.getCallingUid();
final int connectivityInfo = encodeBool(hasConnectivity);
- // Handle ConnectivityDiagnostics event before attempting to revalidate the network. This
- // forces an ordering of ConnectivityDiagnostics events in the case where hasConnectivity
- // does not match the known connectivity of the network - this causes NetworkMonitor to
- // revalidate the network and generate a ConnectivityDiagnostics ConnectivityReport event.
final NetworkAgentInfo nai;
if (network == null) {
nai = getDefaultNetwork();
} else {
nai = getNetworkAgentInfoForNetwork(network);
}
- if (nai != null) {
- mConnectivityDiagnosticsHandler.sendMessage(
- mConnectivityDiagnosticsHandler.obtainMessage(
- ConnectivityDiagnosticsHandler.EVENT_NETWORK_CONNECTIVITY_REPORTED,
- connectivityInfo, 0, nai));
- }
mHandler.sendMessage(
- mHandler.obtainMessage(EVENT_REVALIDATE_NETWORK, uid, connectivityInfo, network));
+ mHandler.obtainMessage(
+ EVENT_REPORT_NETWORK_CONNECTIVITY, uid, connectivityInfo, nai));
}
private void handleReportNetworkConnectivity(
- Network network, int uid, boolean hasConnectivity) {
- final NetworkAgentInfo nai;
- if (network == null) {
- nai = getDefaultNetwork();
- } else {
- nai = getNetworkAgentInfoForNetwork(network);
- }
- if (nai == null || nai.networkInfo.getState() == NetworkInfo.State.DISCONNECTING ||
- nai.networkInfo.getState() == NetworkInfo.State.DISCONNECTED) {
+ @Nullable NetworkAgentInfo nai, int uid, boolean hasConnectivity) {
+ // TODO(b/192611346): remove NetworkInfo.State.DISCONNECTING as it's not used
+ if (nai == null
+ || nai != getNetworkAgentInfoForNetwork(nai.network)
+ || nai.networkInfo.getState() == NetworkInfo.State.DISCONNECTING
+ || nai.networkInfo.getState() == NetworkInfo.State.DISCONNECTED) {
return;
}
// Revalidate if the app report does not match our current validated state.
if (hasConnectivity == nai.lastValidated) {
+ mConnectivityDiagnosticsHandler.sendMessage(
+ mConnectivityDiagnosticsHandler.obtainMessage(
+ ConnectivityDiagnosticsHandler.EVENT_NETWORK_CONNECTIVITY_REPORTED,
+ new ReportedNetworkConnectivityInfo(
+ hasConnectivity, false /* isNetworkRevalidating */, uid, nai)));
return;
}
if (DBG) {
@@ -5081,6 +5112,16 @@
if (isNetworkWithCapabilitiesBlocked(nc, uid, false)) {
return;
}
+
+ // Send CONNECTIVITY_REPORTED event before re-validating the Network to force an ordering of
+ // ConnDiags events. This ensures that #onNetworkConnectivityReported() will be called
+ // before #onConnectivityReportAvailable(), which is called once Network evaluation is
+ // completed.
+ mConnectivityDiagnosticsHandler.sendMessage(
+ mConnectivityDiagnosticsHandler.obtainMessage(
+ ConnectivityDiagnosticsHandler.EVENT_NETWORK_CONNECTIVITY_REPORTED,
+ new ReportedNetworkConnectivityInfo(
+ hasConnectivity, true /* isNetworkRevalidating */, uid, nai)));
nai.networkMonitor().forceReevaluation(uid);
}
@@ -5277,12 +5318,12 @@
* information, e.g underlying ifaces.
*/
private UnderlyingNetworkInfo createVpnInfo(NetworkAgentInfo nai) {
- if (!nai.isVPN()) return null;
-
Network[] underlyingNetworks = nai.declaredUnderlyingNetworks;
// see VpnService.setUnderlyingNetworks()'s javadoc about how to interpret
// the underlyingNetworks list.
- if (underlyingNetworks == null) {
+ // TODO: stop using propagateUnderlyingCapabilities here, for example, by always
+ // initializing NetworkAgentInfo#declaredUnderlyingNetworks to an empty array.
+ if (underlyingNetworks == null && nai.propagateUnderlyingCapabilities()) {
final NetworkAgentInfo defaultNai = getDefaultNetworkForUid(
nai.networkCapabilities.getOwnerUid());
if (defaultNai != null) {
@@ -5331,7 +5372,7 @@
private boolean hasUnderlyingNetwork(NetworkAgentInfo nai, Network network) {
// TODO: support more than one level of underlying networks, either via a fixed-depth search
// (e.g., 2 levels of underlying networks), or via loop detection, or....
- if (!nai.supportsUnderlyingNetworks()) return false;
+ if (!nai.propagateUnderlyingCapabilities()) return false;
final Network[] underlying = underlyingNetworksOrDefault(
nai.networkCapabilities.getOwnerUid(), nai.declaredUnderlyingNetworks);
return CollectionUtils.contains(underlying, network);
@@ -5674,11 +5715,7 @@
final int mAsUid;
// Default network priority of this request.
- private final int mDefaultNetworkPriority;
-
- int getDefaultNetworkPriority() {
- return mDefaultNetworkPriority;
- }
+ final int mPreferencePriority;
// In order to preserve the mapping of NetworkRequest-to-callback when apps register
// callbacks using a returned NetworkRequest, the original NetworkRequest needs to be
@@ -5710,12 +5747,12 @@
NetworkRequestInfo(int asUid, @NonNull final NetworkRequest r,
@Nullable final PendingIntent pi, @Nullable String callingAttributionTag) {
this(asUid, Collections.singletonList(r), r, pi, callingAttributionTag,
- DEFAULT_NETWORK_PRIORITY_NONE);
+ PREFERENCE_PRIORITY_INVALID);
}
NetworkRequestInfo(int asUid, @NonNull final List<NetworkRequest> r,
@NonNull final NetworkRequest requestForCallback, @Nullable final PendingIntent pi,
- @Nullable String callingAttributionTag, final int defaultNetworkPriority) {
+ @Nullable String callingAttributionTag, final int preferencePriority) {
ensureAllNetworkRequestsHaveType(r);
mRequests = initializeRequests(r);
mNetworkRequestForCallback = requestForCallback;
@@ -5733,7 +5770,7 @@
*/
mCallbackFlags = NetworkCallback.FLAG_NONE;
mCallingAttributionTag = callingAttributionTag;
- mDefaultNetworkPriority = defaultNetworkPriority;
+ mPreferencePriority = preferencePriority;
}
NetworkRequestInfo(int asUid, @NonNull final NetworkRequest r, @Nullable final Messenger m,
@@ -5763,7 +5800,7 @@
mPerUidCounter.incrementCountOrThrow(mUid);
mCallbackFlags = callbackFlags;
mCallingAttributionTag = callingAttributionTag;
- mDefaultNetworkPriority = DEFAULT_NETWORK_PRIORITY_NONE;
+ mPreferencePriority = PREFERENCE_PRIORITY_INVALID;
linkDeathRecipient();
}
@@ -5803,18 +5840,18 @@
mPerUidCounter.incrementCountOrThrow(mUid);
mCallbackFlags = nri.mCallbackFlags;
mCallingAttributionTag = nri.mCallingAttributionTag;
- mDefaultNetworkPriority = DEFAULT_NETWORK_PRIORITY_NONE;
+ mPreferencePriority = PREFERENCE_PRIORITY_INVALID;
linkDeathRecipient();
}
NetworkRequestInfo(int asUid, @NonNull final NetworkRequest r) {
- this(asUid, Collections.singletonList(r), DEFAULT_NETWORK_PRIORITY_NONE);
+ this(asUid, Collections.singletonList(r), PREFERENCE_PRIORITY_INVALID);
}
NetworkRequestInfo(int asUid, @NonNull final List<NetworkRequest> r,
- final int defaultNetworkPriority) {
+ final int preferencePriority) {
this(asUid, r, r.get(0), null /* pi */, null /* callingAttributionTag */,
- defaultNetworkPriority);
+ preferencePriority);
}
// True if this NRI is being satisfied. It also accounts for if the nri has its satisifer
@@ -5855,11 +5892,24 @@
}
}
+ boolean hasHigherPriorityThan(@NonNull final NetworkRequestInfo target) {
+ // Compare two priorities, larger value means lower priority.
+ return mPreferencePriority < target.mPreferencePriority;
+ }
+
+ int getPriorityForNetd() {
+ if (mPreferencePriority >= PREFERENCE_PRIORITY_NONE
+ && mPreferencePriority <= PREFERENCE_PRIORITY_LOWEST) {
+ return mPreferencePriority;
+ }
+ return PREFERENCE_PRIORITY_NONE;
+ }
+
@Override
public void binderDied() {
log("ConnectivityService NetworkRequestInfo binderDied(" +
- mRequests + ", " + mBinder + ")");
- releaseNetworkRequests(mRequests);
+ "uid/pid:" + mUid + "/" + mPid + ", " + mBinder + ")");
+ mHandler.post(() -> handleRemoveNetworkRequest(this));
}
@Override
@@ -5871,7 +5921,8 @@
+ mNetworkRequestForCallback.requestId
+ " " + mRequests
+ (mPendingIntent == null ? "" : " to trigger " + mPendingIntent)
- + " callback flags: " + mCallbackFlags;
+ + " callback flags: " + mCallbackFlags
+ + " priority: " + mPreferencePriority;
}
}
@@ -6289,12 +6340,6 @@
return mNextNetworkProviderId.getAndIncrement();
}
- private void releaseNetworkRequests(List<NetworkRequest> networkRequests) {
- for (int i = 0; i < networkRequests.size(); i++) {
- releaseNetworkRequest(networkRequests.get(i));
- }
- }
-
@Override
public void releaseNetworkRequest(NetworkRequest networkRequest) {
ensureNetworkRequestHasType(networkRequest);
@@ -6463,17 +6508,18 @@
*/
@NonNull
private NetworkRequestInfo getDefaultRequestTrackingUid(final int uid) {
+ NetworkRequestInfo highestPriorityNri = mDefaultRequest;
for (final NetworkRequestInfo nri : mDefaultNetworkRequests) {
- if (nri == mDefaultRequest) {
- continue;
- }
// Checking the first request is sufficient as only multilayer requests will have more
// than one request and for multilayer, all requests will track the same uids.
if (nri.mRequests.get(0).networkCapabilities.appliesToUid(uid)) {
- return nri;
+ // Find out the highest priority request.
+ if (nri.hasHigherPriorityThan(highestPriorityNri)) {
+ highestPriorityNri = nri;
+ }
}
}
- return mDefaultRequest;
+ return highestPriorityNri;
}
/**
@@ -6603,6 +6649,7 @@
}
private NetworkAgentInfo getDefaultNetworkForUid(final int uid) {
+ NetworkRequestInfo highestPriorityNri = mDefaultRequest;
for (final NetworkRequestInfo nri : mDefaultNetworkRequests) {
// Currently, all network requests will have the same uids therefore checking the first
// one is sufficient. If/when uids are tracked at the nri level, this can change.
@@ -6612,11 +6659,13 @@
}
for (final UidRange range : uids) {
if (range.contains(uid)) {
- return nri.getSatisfier();
+ if (nri.hasHigherPriorityThan(highestPriorityNri)) {
+ highestPriorityNri = nri;
+ }
}
}
}
- return getDefaultNetwork();
+ return highestPriorityNri.getSatisfier();
}
@Nullable
@@ -7304,7 +7353,7 @@
newNc.addCapability(NET_CAPABILITY_NOT_ROAMING);
}
- if (nai.supportsUnderlyingNetworks()) {
+ if (nai.propagateUnderlyingCapabilities()) {
applyUnderlyingCapabilities(nai.declaredUnderlyingNetworks, nai.declaredCapabilities,
newNc);
}
@@ -7462,7 +7511,7 @@
}
}
- private void updateUidRanges(boolean add, NetworkAgentInfo nai, Set<UidRange> uidRanges) {
+ private void updateVpnUidRanges(boolean add, NetworkAgentInfo nai, Set<UidRange> uidRanges) {
int[] exemptUids = new int[2];
// TODO: Excluding VPN_UID is necessary in order to not to kill the TCP connection used
// by PPTP. Fix this by making Vpn set the owner UID to VPN_UID instead of system when
@@ -7474,13 +7523,11 @@
maybeCloseSockets(nai, ranges, exemptUids);
try {
if (add) {
- // TODO: Passing default network priority to netd.
- mNetd.networkAddUidRanges(nai.network.netId, ranges
- /* DEFAULT_NETWORK_PRIORITY_NONE */);
+ mNetd.networkAddUidRangesParcel(new NativeUidRangeConfig(
+ nai.network.netId, ranges, PREFERENCE_PRIORITY_VPN));
} else {
- // TODO: Passing default network priority to netd.
- mNetd.networkRemoveUidRanges(nai.network.netId, ranges
- /* DEFAULT_NETWORK_PRIORITY_NONE */);
+ mNetd.networkRemoveUidRangesParcel(new NativeUidRangeConfig(
+ nai.network.netId, ranges, PREFERENCE_PRIORITY_VPN));
}
} catch (Exception e) {
loge("Exception while " + (add ? "adding" : "removing") + " uid ranges " + uidRanges +
@@ -7542,10 +7589,10 @@
// This can prevent the sockets of uid 1-2, 4-5 from being closed. It also reduce the
// number of binder calls from 6 to 4.
if (!newRanges.isEmpty()) {
- updateUidRanges(true, nai, newRanges);
+ updateVpnUidRanges(true, nai, newRanges);
}
if (!prevRanges.isEmpty()) {
- updateUidRanges(false, nai, prevRanges);
+ updateVpnUidRanges(false, nai, prevRanges);
}
final boolean wasFiltering = requiresVpnIsolation(nai, prevNc, nai.linkProperties);
final boolean shouldFilter = requiresVpnIsolation(nai, newNc, nai.linkProperties);
@@ -7822,18 +7869,16 @@
+ " any applications to set as the default." + nri);
}
if (null != newDefaultNetwork) {
- // TODO: Passing default network priority to netd.
- mNetd.networkAddUidRanges(
+ mNetd.networkAddUidRangesParcel(new NativeUidRangeConfig(
newDefaultNetwork.network.getNetId(),
- toUidRangeStableParcels(nri.getUids())
- /* nri.getDefaultNetworkPriority() */);
+ toUidRangeStableParcels(nri.getUids()),
+ nri.getPriorityForNetd()));
}
if (null != oldDefaultNetwork) {
- // TODO: Passing default network priority to netd.
- mNetd.networkRemoveUidRanges(
+ mNetd.networkRemoveUidRangesParcel(new NativeUidRangeConfig(
oldDefaultNetwork.network.getNetId(),
- toUidRangeStableParcels(nri.getUids())
- /* nri.getDefaultNetworkPriority() */);
+ toUidRangeStableParcels(nri.getUids()),
+ nri.getPriorityForNetd()));
}
} catch (RemoteException | ServiceSpecificException e) {
loge("Exception setting app default network", e);
@@ -8330,13 +8375,13 @@
// Second phase : deal with the active request (if any)
if (null != activeRequest && activeRequest.isRequest()) {
final boolean oldNeeded = offer.neededFor(activeRequest);
- // An offer is needed if it is currently served by this provider or if this offer
- // can beat the current satisfier.
+ // If an offer can satisfy the request, it is considered needed if it is currently
+ // served by this provider or if this offer can beat the current satisfier.
final boolean currentlyServing = satisfier != null
- && satisfier.factorySerialNumber == offer.providerId;
- final boolean newNeeded = (currentlyServing
- || (activeRequest.canBeSatisfiedBy(offer.caps)
- && networkRanker.mightBeat(activeRequest, satisfier, offer)));
+ && satisfier.factorySerialNumber == offer.providerId
+ && activeRequest.canBeSatisfiedBy(offer.caps);
+ final boolean newNeeded = currentlyServing
+ || networkRanker.mightBeat(activeRequest, satisfier, offer);
if (newNeeded != oldNeeded) {
if (newNeeded) {
offer.onNetworkNeeded(activeRequest);
@@ -8446,7 +8491,7 @@
networkAgent.networkCapabilities.addCapability(NET_CAPABILITY_FOREGROUND);
if (!createNativeNetwork(networkAgent)) return;
- if (networkAgent.supportsUnderlyingNetworks()) {
+ if (networkAgent.propagateUnderlyingCapabilities()) {
// Initialize the network's capabilities to their starting values according to the
// underlying networks. This ensures that the capabilities are correct before
// anything happens to the network.
@@ -9040,8 +9085,7 @@
* the platform. This event will invoke {@link
* IConnectivityDiagnosticsCallback#onNetworkConnectivityReported} for permissioned
* callbacks.
- * obj = Network that was reported on
- * arg1 = boolint for the quality reported
+ * obj = ReportedNetworkConnectivityInfo with info on reported Network connectivity.
*/
private static final int EVENT_NETWORK_CONNECTIVITY_REPORTED = 5;
@@ -9079,7 +9123,7 @@
break;
}
case EVENT_NETWORK_CONNECTIVITY_REPORTED: {
- handleNetworkConnectivityReported((NetworkAgentInfo) msg.obj, toBool(msg.arg1));
+ handleNetworkConnectivityReported((ReportedNetworkConnectivityInfo) msg.obj);
break;
}
default: {
@@ -9149,6 +9193,28 @@
}
}
+ /**
+ * Class used for sending info for a call to {@link #reportNetworkConnectivity()} to {@link
+ * ConnectivityDiagnosticsHandler}.
+ */
+ private static class ReportedNetworkConnectivityInfo {
+ public final boolean hasConnectivity;
+ public final boolean isNetworkRevalidating;
+ public final int reporterUid;
+ @NonNull public final NetworkAgentInfo nai;
+
+ private ReportedNetworkConnectivityInfo(
+ boolean hasConnectivity,
+ boolean isNetworkRevalidating,
+ int reporterUid,
+ @NonNull NetworkAgentInfo nai) {
+ this.hasConnectivity = hasConnectivity;
+ this.isNetworkRevalidating = isNetworkRevalidating;
+ this.reporterUid = reporterUid;
+ this.nai = nai;
+ }
+ }
+
private void handleRegisterConnectivityDiagnosticsCallback(
@NonNull ConnectivityDiagnosticsCallbackInfo cbInfo) {
ensureRunningOnConnectivityServiceThread();
@@ -9256,13 +9322,14 @@
networkCapabilities,
extras);
nai.setConnectivityReport(report);
+
final List<IConnectivityDiagnosticsCallback> results =
- getMatchingPermissionedCallbacks(nai);
+ getMatchingPermissionedCallbacks(nai, Process.INVALID_UID);
for (final IConnectivityDiagnosticsCallback cb : results) {
try {
cb.onConnectivityReportAvailable(report);
} catch (RemoteException ex) {
- loge("Error invoking onConnectivityReport", ex);
+ loge("Error invoking onConnectivityReportAvailable", ex);
}
}
}
@@ -9281,7 +9348,7 @@
networkCapabilities,
extras);
final List<IConnectivityDiagnosticsCallback> results =
- getMatchingPermissionedCallbacks(nai);
+ getMatchingPermissionedCallbacks(nai, Process.INVALID_UID);
for (final IConnectivityDiagnosticsCallback cb : results) {
try {
cb.onDataStallSuspected(report);
@@ -9292,15 +9359,39 @@
}
private void handleNetworkConnectivityReported(
- @NonNull NetworkAgentInfo nai, boolean connectivity) {
+ @NonNull ReportedNetworkConnectivityInfo reportedNetworkConnectivityInfo) {
+ final NetworkAgentInfo nai = reportedNetworkConnectivityInfo.nai;
+ final ConnectivityReport cachedReport = nai.getConnectivityReport();
+
+ // If the Network is being re-validated as a result of this call to
+ // reportNetworkConnectivity(), notify all permissioned callbacks. Otherwise, only notify
+ // permissioned callbacks registered by the reporter.
final List<IConnectivityDiagnosticsCallback> results =
- getMatchingPermissionedCallbacks(nai);
+ getMatchingPermissionedCallbacks(
+ nai,
+ reportedNetworkConnectivityInfo.isNetworkRevalidating
+ ? Process.INVALID_UID
+ : reportedNetworkConnectivityInfo.reporterUid);
+
for (final IConnectivityDiagnosticsCallback cb : results) {
try {
- cb.onNetworkConnectivityReported(nai.network, connectivity);
+ cb.onNetworkConnectivityReported(
+ nai.network, reportedNetworkConnectivityInfo.hasConnectivity);
} catch (RemoteException ex) {
loge("Error invoking onNetworkConnectivityReported", ex);
}
+
+ // If the Network isn't re-validating, also provide the cached report. If there is no
+ // cached report, the Network is still being validated and a report will be sent once
+ // validation is complete. Note that networks which never undergo validation will still
+ // have a cached ConnectivityReport with RESULT_SKIPPED.
+ if (!reportedNetworkConnectivityInfo.isNetworkRevalidating && cachedReport != null) {
+ try {
+ cb.onConnectivityReportAvailable(cachedReport);
+ } catch (RemoteException ex) {
+ loge("Error invoking onConnectivityReportAvailable", ex);
+ }
+ }
}
}
@@ -9313,20 +9404,38 @@
return sanitized;
}
+ /**
+ * Gets a list of ConnectivityDiagnostics callbacks that match the specified Network and uid.
+ *
+ * <p>If Process.INVALID_UID is specified, all matching callbacks will be returned.
+ */
private List<IConnectivityDiagnosticsCallback> getMatchingPermissionedCallbacks(
- @NonNull NetworkAgentInfo nai) {
+ @NonNull NetworkAgentInfo nai, int uid) {
final List<IConnectivityDiagnosticsCallback> results = new ArrayList<>();
for (Entry<IBinder, ConnectivityDiagnosticsCallbackInfo> entry :
mConnectivityDiagnosticsCallbacks.entrySet()) {
final ConnectivityDiagnosticsCallbackInfo cbInfo = entry.getValue();
final NetworkRequestInfo nri = cbInfo.mRequestInfo;
+
// Connectivity Diagnostics rejects multilayer requests at registration hence get(0).
- if (nai.satisfies(nri.mRequests.get(0))) {
- if (checkConnectivityDiagnosticsPermissions(
- nri.mPid, nri.mUid, nai, cbInfo.mCallingPackageName)) {
- results.add(entry.getValue().mCb);
- }
+ if (!nai.satisfies(nri.mRequests.get(0))) {
+ continue;
}
+
+ // UID for this callback must either be:
+ // - INVALID_UID (which sends callbacks to all UIDs), or
+ // - The callback's owner (the owner called reportNetworkConnectivity() and is being
+ // notified as a result)
+ if (uid != Process.INVALID_UID && uid != nri.mUid) {
+ continue;
+ }
+
+ if (!checkConnectivityDiagnosticsPermissions(
+ nri.mPid, nri.mUid, nai, cbInfo.mCallingPackageName)) {
+ continue;
+ }
+
+ results.add(entry.getValue().mCb);
}
return results;
}
@@ -9355,7 +9464,7 @@
private boolean ownsVpnRunningOverNetwork(int uid, Network network) {
for (NetworkAgentInfo virtual : mNetworkAgentInfos) {
- if (virtual.supportsUnderlyingNetworks()
+ if (virtual.propagateUnderlyingCapabilities()
&& virtual.networkCapabilities.getOwnerUid() == uid
&& CollectionUtils.contains(virtual.declaredUnderlyingNetworks, network)) {
return true;
@@ -9798,21 +9907,6 @@
mQosCallbackTracker.unregisterCallback(callback);
}
- // Network preference per-profile and OEM network preferences can't be set at the same
- // time, because it is unclear what should happen if both preferences are active for
- // one given UID. To make it possible, the stack would have to clarify what would happen
- // in case both are active at the same time. The implementation may have to be adjusted
- // to implement the resulting rules. For example, a priority could be defined between them,
- // where the OEM preference would be considered less or more important than the enterprise
- // preference ; this would entail implementing the priorities somehow, e.g. by doing
- // UID arithmetic with UID ranges or passing a priority to netd so that the routing rules
- // are set at the right level. Other solutions are possible, e.g. merging of the
- // preferences for the relevant UIDs.
- private static void throwConcurrentPreferenceException() {
- throw new IllegalStateException("Can't set NetworkPreferenceForUser and "
- + "set OemNetworkPreference at the same time");
- }
-
/**
* Request that a user profile is put by default on a network matching a given preference.
*
@@ -9841,15 +9935,7 @@
if (!um.isManagedProfile(profile.getIdentifier())) {
throw new IllegalArgumentException("Profile must be a managed profile");
}
- // Strictly speaking, mOemNetworkPreferences should only be touched on the
- // handler thread. However it is an immutable object, so reading the reference is
- // safe - it's just possible the value is slightly outdated. For the final check,
- // see #handleSetProfileNetworkPreference. But if this can be caught here it is a
- // lot easier to understand, so opportunistically check it.
- // TODO: Have a priority for each preference.
- if (!mOemNetworkPreferences.isEmpty() || !mMobileDataPreferredUids.isEmpty()) {
- throwConcurrentPreferenceException();
- }
+
final NetworkCapabilities nc;
switch (preference) {
case ConnectivityManager.PROFILE_NETWORK_PREFERENCE_DEFAULT:
@@ -9892,7 +9978,7 @@
TYPE_NONE, NetworkRequest.Type.TRACK_DEFAULT));
setNetworkRequestUids(nrs, UidRange.fromIntRanges(pref.capabilities.getUids()));
final NetworkRequestInfo nri = new NetworkRequestInfo(Process.myUid(), nrs,
- DEFAULT_NETWORK_PRIORITY_PROFILE);
+ PREFERENCE_PRIORITY_PROFILE);
result.add(nri);
}
return result;
@@ -9901,20 +9987,6 @@
private void handleSetProfileNetworkPreference(
@NonNull final ProfileNetworkPreferences.Preference preference,
@Nullable final IOnCompleteListener listener) {
- // setProfileNetworkPreference and setOemNetworkPreference are mutually exclusive, in
- // particular because it's not clear what preference should win in case both apply
- // to the same app.
- // The binder call has already checked this, but as mOemNetworkPreferences is only
- // touched on the handler thread, it's theoretically not impossible that it has changed
- // since.
- // TODO: Have a priority for each preference.
- if (!mOemNetworkPreferences.isEmpty() || !mMobileDataPreferredUids.isEmpty()) {
- // This may happen on a device with an OEM preference set when a user is removed.
- // In this case, it's safe to ignore. In particular this happens in the tests.
- loge("handleSetProfileNetworkPreference, but OEM network preferences not empty");
- return;
- }
-
validateNetworkCapabilitiesOfProfileNetworkPreference(preference.capabilities);
mProfileNetworkPreferences = mProfileNetworkPreferences.plus(preference);
@@ -9923,7 +9995,7 @@
() -> {
final ArraySet<NetworkRequestInfo> nris =
createNrisFromProfileNetworkPreferences(mProfileNetworkPreferences);
- replaceDefaultNetworkRequestsForPreference(nris);
+ replaceDefaultNetworkRequestsForPreference(nris, PREFERENCE_PRIORITY_PROFILE);
});
// Finally, rematch.
rematchAllNetworksAndRequests();
@@ -9954,7 +10026,7 @@
// - The request for the mobile network preferred.
// - The request for the default network, for fallback.
requests.add(createDefaultInternetRequestForTransport(
- TRANSPORT_CELLULAR, NetworkRequest.Type.LISTEN));
+ TRANSPORT_CELLULAR, NetworkRequest.Type.REQUEST));
requests.add(createDefaultInternetRequestForTransport(
TYPE_NONE, NetworkRequest.Type.TRACK_DEFAULT));
final Set<UidRange> ranges = new ArraySet<>();
@@ -9963,26 +10035,19 @@
}
setNetworkRequestUids(requests, ranges);
nris.add(new NetworkRequestInfo(Process.myUid(), requests,
- DEFAULT_NETWORK_PRIORITY_MOBILE_DATA_PREFERRED));
+ PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED));
return nris;
}
private void handleMobileDataPreferredUidsChanged() {
- // Ignore update preference because it's not clear what preference should win in case both
- // apply to the same app.
- // TODO: Have a priority for each preference.
- if (!mOemNetworkPreferences.isEmpty() || !mProfileNetworkPreferences.isEmpty()) {
- loge("Ignore mobile data preference change because other preferences are not empty");
- return;
- }
-
mMobileDataPreferredUids = ConnectivitySettingsManager.getMobileDataPreferredUids(mContext);
mSystemNetworkRequestCounter.transact(
mDeps.getCallingUid(), 1 /* numOfNewRequests */,
() -> {
final ArraySet<NetworkRequestInfo> nris =
createNrisFromMobileDataPreferredUids(mMobileDataPreferredUids);
- replaceDefaultNetworkRequestsForPreference(nris);
+ replaceDefaultNetworkRequestsForPreference(nris,
+ PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED);
});
// Finally, rematch.
rematchAllNetworksAndRequests();
@@ -10024,16 +10089,6 @@
validateOemNetworkPreferences(preference);
}
- // TODO: Have a priority for each preference.
- if (!mProfileNetworkPreferences.isEmpty() || !mMobileDataPreferredUids.isEmpty()) {
- // Strictly speaking, mProfileNetworkPreferences should only be touched on the
- // handler thread. However it is an immutable object, so reading the reference is
- // safe - it's just possible the value is slightly outdated. For the final check,
- // see #handleSetOemPreference. But if this can be caught here it is a
- // lot easier to understand, so opportunistically check it.
- throwConcurrentPreferenceException();
- }
-
mHandler.sendMessage(mHandler.obtainMessage(EVENT_SET_OEM_NETWORK_PREFERENCE,
new Pair<>(preference, listener)));
}
@@ -10080,17 +10135,6 @@
if (DBG) {
log("set OEM network preferences :" + preference.toString());
}
- // setProfileNetworkPreference and setOemNetworkPreference are mutually exclusive, in
- // particular because it's not clear what preference should win in case both apply
- // to the same app.
- // The binder call has already checked this, but as mOemNetworkPreferences is only
- // touched on the handler thread, it's theoretically not impossible that it has changed
- // since.
- // TODO: Have a priority for each preference.
- if (!mProfileNetworkPreferences.isEmpty() || !mMobileDataPreferredUids.isEmpty()) {
- logwtf("handleSetOemPreference, but per-profile network preferences not empty");
- return;
- }
mOemNetworkPreferencesLogs.log("UPDATE INITIATED: " + preference);
final int uniquePreferenceCount = new ArraySet<>(
@@ -10101,7 +10145,7 @@
final ArraySet<NetworkRequestInfo> nris =
new OemNetworkRequestFactory()
.createNrisFromOemNetworkPreferences(preference);
- replaceDefaultNetworkRequestsForPreference(nris);
+ replaceDefaultNetworkRequestsForPreference(nris, PREFERENCE_PRIORITY_OEM);
});
mOemNetworkPreferences = preference;
@@ -10115,9 +10159,12 @@
}
private void replaceDefaultNetworkRequestsForPreference(
- @NonNull final Set<NetworkRequestInfo> nris) {
- // Pass in a defensive copy as this collection will be updated on remove.
- handleRemoveNetworkRequests(new ArraySet<>(mDefaultNetworkRequests));
+ @NonNull final Set<NetworkRequestInfo> nris, final int preferencePriority) {
+ // Skip the requests which are set by other network preference. Because the uid range rules
+ // should stay in netd.
+ final Set<NetworkRequestInfo> requests = new ArraySet<>(mDefaultNetworkRequests);
+ requests.removeIf(request -> request.mPreferencePriority != preferencePriority);
+ handleRemoveNetworkRequests(requests);
addPerAppDefaultNetworkRequests(nris);
}
@@ -10311,8 +10358,7 @@
ranges.add(new UidRange(uid, uid));
}
setNetworkRequestUids(requests, ranges);
- return new NetworkRequestInfo(
- Process.myUid(), requests, DEFAULT_NETWORK_PRIORITY_OEM);
+ return new NetworkRequestInfo(Process.myUid(), requests, PREFERENCE_PRIORITY_OEM);
}
private NetworkRequest createUnmeteredNetworkRequest() {
diff --git a/service/src/com/android/server/connectivity/NetworkAgentInfo.java b/service/src/com/android/server/connectivity/NetworkAgentInfo.java
index 18becd4..bbf523a 100644
--- a/service/src/com/android/server/connectivity/NetworkAgentInfo.java
+++ b/service/src/com/android/server/connectivity/NetworkAgentInfo.java
@@ -157,8 +157,8 @@
@NonNull public NetworkCapabilities networkCapabilities;
@NonNull public final NetworkAgentConfig networkAgentConfig;
- // Underlying networks declared by the agent. Only set if supportsUnderlyingNetworks is true.
- // The networks in this list might be declared by a VPN app using setUnderlyingNetworks and are
+ // Underlying networks declared by the agent.
+ // The networks in this list might be declared by a VPN using setUnderlyingNetworks and are
// not guaranteed to be current or correct, or even to exist.
//
// This array is read and iterated on multiple threads with no locking so its contents must
@@ -168,7 +168,7 @@
// The capabilities originally announced by the NetworkAgent, regardless of any capabilities
// that were added or removed due to this network's underlying networks.
- // Only set if #supportsUnderlyingNetworks is true.
+ // Only set if #propagateUnderlyingCapabilities is true.
public @Nullable NetworkCapabilities declaredCapabilities;
// Indicates if netd has been told to create this Network. From this point on the appropriate
@@ -898,8 +898,11 @@
return networkCapabilities.hasTransport(NetworkCapabilities.TRANSPORT_VPN);
}
- /** Whether this network might have underlying networks. Currently only true for VPNs. */
- public boolean supportsUnderlyingNetworks() {
+ /**
+ * Whether this network should propagate the capabilities from its underlying networks.
+ * Currently only true for VPNs.
+ */
+ public boolean propagateUnderlyingCapabilities() {
return isVPN();
}
diff --git a/service/src/com/android/server/connectivity/NetworkOffer.java b/service/src/com/android/server/connectivity/NetworkOffer.java
index 8285e7a..1e975dd 100644
--- a/service/src/com/android/server/connectivity/NetworkOffer.java
+++ b/service/src/com/android/server/connectivity/NetworkOffer.java
@@ -143,6 +143,6 @@
@Override
public String toString() {
- return "NetworkOffer [ Score " + score + " ]";
+ return "NetworkOffer [ Score " + score + " Caps " + caps + "]";
}
}
diff --git a/service/src/com/android/server/connectivity/OsCompat.java b/service/src/com/android/server/connectivity/OsCompat.java
deleted file mode 100644
index 57e3dcd..0000000
--- a/service/src/com/android/server/connectivity/OsCompat.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Copyright (C) 2021 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.server.connectivity;
-
-import android.system.ErrnoException;
-import android.system.Os;
-
-import java.io.FileDescriptor;
-
-/**
- * Compatibility utility for android.system.Os core platform APIs.
- *
- * Connectivity has access to such APIs, but they are not part of the module_current stubs yet
- * (only core_current). Most stable core platform APIs are included manually in the connectivity
- * build rules, but because Os is also part of the base java SDK that is earlier on the
- * classpath, the extra core platform APIs are not seen.
- *
- * TODO (b/157639992, b/183097033): remove as soon as core_current is part of system_server_current
- * @hide
- */
-public class OsCompat {
- // This value should be correct on all architectures supported by Android, but hardcoding ioctl
- // numbers should be avoided.
- /**
- * @see android.system.OsConstants#TIOCOUTQ
- */
- public static final int TIOCOUTQ = 0x5411;
-
- /**
- * @see android.system.Os#getsockoptInt(FileDescriptor, int, int)
- */
- public static int getsockoptInt(FileDescriptor fd, int level, int option) throws
- ErrnoException {
- try {
- return (int) Os.class.getMethod(
- "getsockoptInt", FileDescriptor.class, int.class, int.class)
- .invoke(null, fd, level, option);
- } catch (ReflectiveOperationException e) {
- if (e.getCause() instanceof ErrnoException) {
- throw (ErrnoException) e.getCause();
- }
- throw new IllegalStateException("Error calling getsockoptInt", e);
- }
- }
-
- /**
- * @see android.system.Os#ioctlInt(FileDescriptor, int)
- */
- public static int ioctlInt(FileDescriptor fd, int cmd) throws
- ErrnoException {
- try {
- return (int) Os.class.getMethod(
- "ioctlInt", FileDescriptor.class, int.class).invoke(null, fd, cmd);
- } catch (ReflectiveOperationException e) {
- if (e.getCause() instanceof ErrnoException) {
- throw (ErrnoException) e.getCause();
- }
- throw new IllegalStateException("Error calling ioctlInt", e);
- }
- }
-}
diff --git a/service/src/com/android/server/connectivity/PermissionMonitor.java b/service/src/com/android/server/connectivity/PermissionMonitor.java
index 99118ac..512d767 100755
--- a/service/src/com/android/server/connectivity/PermissionMonitor.java
+++ b/service/src/com/android/server/connectivity/PermissionMonitor.java
@@ -121,15 +121,23 @@
@Override
public void onReceive(Context context, Intent intent) {
final String action = intent.getAction();
- final int uid = intent.getIntExtra(Intent.EXTRA_UID, -1);
- final Uri packageData = intent.getData();
- final String packageName =
- packageData != null ? packageData.getSchemeSpecificPart() : null;
if (Intent.ACTION_PACKAGE_ADDED.equals(action)) {
+ final int uid = intent.getIntExtra(Intent.EXTRA_UID, -1);
+ final Uri packageData = intent.getData();
+ final String packageName =
+ packageData != null ? packageData.getSchemeSpecificPart() : null;
onPackageAdded(packageName, uid);
} else if (Intent.ACTION_PACKAGE_REMOVED.equals(action)) {
+ final int uid = intent.getIntExtra(Intent.EXTRA_UID, -1);
+ final Uri packageData = intent.getData();
+ final String packageName =
+ packageData != null ? packageData.getSchemeSpecificPart() : null;
onPackageRemoved(packageName, uid);
+ } else if (Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE.equals(action)) {
+ final String[] pkgList =
+ intent.getStringArrayExtra(Intent.EXTRA_CHANGED_PACKAGE_LIST);
+ onExternalApplicationsAvailable(pkgList);
} else {
Log.wtf(TAG, "received unexpected intent: " + action);
}
@@ -194,6 +202,12 @@
mIntentReceiver, intentFilter, null /* broadcastPermission */,
null /* scheduler */);
+ final IntentFilter externalIntentFilter =
+ new IntentFilter(Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE);
+ userAllContext.registerReceiver(
+ mIntentReceiver, externalIntentFilter, null /* broadcastPermission */,
+ null /* scheduler */);
+
// Register UIDS_ALLOWED_ON_RESTRICTED_NETWORKS setting observer
mDeps.registerContentObserver(
userAllContext,
@@ -812,6 +826,21 @@
update(mUsers, removedUids, false /* add */);
}
+ private synchronized void onExternalApplicationsAvailable(String[] pkgList) {
+ if (CollectionUtils.isEmpty(pkgList)) {
+ Log.e(TAG, "No available external application.");
+ return;
+ }
+
+ for (String app : pkgList) {
+ final PackageInfo info = getPackageInfo(app);
+ if (info == null || info.applicationInfo == null) continue;
+
+ final int appId = info.applicationInfo.uid;
+ onPackageAdded(app, appId); // Use onPackageAdded to add package one by one.
+ }
+ }
+
/** Dump info to dumpsys */
public void dump(IndentingPrintWriter pw) {
pw.println("Interface filtering rules:");
diff --git a/service/src/com/android/server/connectivity/TcpKeepaliveController.java b/service/src/com/android/server/connectivity/TcpKeepaliveController.java
index 73f3475..c480594 100644
--- a/service/src/com/android/server/connectivity/TcpKeepaliveController.java
+++ b/service/src/com/android/server/connectivity/TcpKeepaliveController.java
@@ -27,8 +27,7 @@
import static android.system.OsConstants.IPPROTO_TCP;
import static android.system.OsConstants.IP_TOS;
import static android.system.OsConstants.IP_TTL;
-
-import static com.android.server.connectivity.OsCompat.TIOCOUTQ;
+import static android.system.OsConstants.TIOCOUTQ;
import android.annotation.NonNull;
import android.net.InvalidPacketException;
@@ -176,10 +175,10 @@
}
// Query write sequence number from SEND_QUEUE.
Os.setsockoptInt(fd, IPPROTO_TCP, TCP_REPAIR_QUEUE, TCP_SEND_QUEUE);
- tcpDetails.seq = OsCompat.getsockoptInt(fd, IPPROTO_TCP, TCP_QUEUE_SEQ);
+ tcpDetails.seq = Os.getsockoptInt(fd, IPPROTO_TCP, TCP_QUEUE_SEQ);
// Query read sequence number from RECV_QUEUE.
Os.setsockoptInt(fd, IPPROTO_TCP, TCP_REPAIR_QUEUE, TCP_RECV_QUEUE);
- tcpDetails.ack = OsCompat.getsockoptInt(fd, IPPROTO_TCP, TCP_QUEUE_SEQ);
+ tcpDetails.ack = Os.getsockoptInt(fd, IPPROTO_TCP, TCP_QUEUE_SEQ);
// Switch to NO_QUEUE to prevent illegal socket read/write in repair mode.
Os.setsockoptInt(fd, IPPROTO_TCP, TCP_REPAIR_QUEUE, TCP_NO_QUEUE);
// Finally, check if socket is still idle. TODO : this check needs to move to
@@ -199,9 +198,9 @@
tcpDetails.rcvWndScale = trw.rcvWndScale;
if (tcpDetails.srcAddress.length == 4 /* V4 address length */) {
// Query TOS.
- tcpDetails.tos = OsCompat.getsockoptInt(fd, IPPROTO_IP, IP_TOS);
+ tcpDetails.tos = Os.getsockoptInt(fd, IPPROTO_IP, IP_TOS);
// Query TTL.
- tcpDetails.ttl = OsCompat.getsockoptInt(fd, IPPROTO_IP, IP_TTL);
+ tcpDetails.ttl = Os.getsockoptInt(fd, IPPROTO_IP, IP_TTL);
}
} catch (ErrnoException e) {
Log.e(TAG, "Exception reading TCP state from socket", e);
@@ -306,7 +305,7 @@
private static boolean isReceiveQueueEmpty(FileDescriptor fd)
throws ErrnoException {
- final int result = OsCompat.ioctlInt(fd, SIOCINQ);
+ final int result = Os.ioctlInt(fd, SIOCINQ);
if (result != 0) {
Log.e(TAG, "Read queue has data");
return false;
@@ -316,7 +315,7 @@
private static boolean isSendQueueEmpty(FileDescriptor fd)
throws ErrnoException {
- final int result = OsCompat.ioctlInt(fd, SIOCOUTQ);
+ final int result = Os.ioctlInt(fd, SIOCOUTQ);
if (result != 0) {
Log.e(TAG, "Write queue has data");
return false;
diff --git a/tests/common/java/android/net/NetworkCapabilitiesTest.java b/tests/common/java/android/net/NetworkCapabilitiesTest.java
index a30d4f1..493a201 100644
--- a/tests/common/java/android/net/NetworkCapabilitiesTest.java
+++ b/tests/common/java/android/net/NetworkCapabilitiesTest.java
@@ -42,6 +42,7 @@
import static android.net.NetworkCapabilities.SIGNAL_STRENGTH_UNSPECIFIED;
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
import static android.net.NetworkCapabilities.TRANSPORT_TEST;
+import static android.net.NetworkCapabilities.TRANSPORT_USB;
import static android.net.NetworkCapabilities.TRANSPORT_VPN;
import static android.net.NetworkCapabilities.TRANSPORT_WIFI;
import static android.net.NetworkCapabilities.TRANSPORT_WIFI_AWARE;
@@ -973,6 +974,11 @@
assertNotEquals(512, nc.getLinkUpstreamBandwidthKbps());
}
+ private int getMaxTransport() {
+ if (!isAtLeastS() && MAX_TRANSPORT == TRANSPORT_USB) return MAX_TRANSPORT - 1;
+ return MAX_TRANSPORT;
+ }
+
@Test
public void testSignalStrength() {
final NetworkCapabilities nc = new NetworkCapabilities();
@@ -984,7 +990,7 @@
}
private void assertNoTransport(NetworkCapabilities nc) {
- for (int i = MIN_TRANSPORT; i <= MAX_TRANSPORT; i++) {
+ for (int i = MIN_TRANSPORT; i <= getMaxTransport(); i++) {
assertFalse(nc.hasTransport(i));
}
}
@@ -1001,7 +1007,7 @@
assertFalse(nc.hasTransport(i));
}
}
- for (int i = MAX_TRANSPORT; i > maxTransportType; i--) {
+ for (int i = getMaxTransport(); i > maxTransportType; i--) {
if (positiveSequence) {
assertFalse(nc.hasTransport(i));
} else {
@@ -1015,12 +1021,12 @@
final NetworkCapabilities nc = new NetworkCapabilities();
assertNoTransport(nc);
// Test adding multiple transport types.
- for (int i = MIN_TRANSPORT; i <= MAX_TRANSPORT; i++) {
+ for (int i = MIN_TRANSPORT; i <= getMaxTransport(); i++) {
nc.addTransportType(i);
checkCurrentTransportTypes(nc, i, true /* positiveSequence */);
}
// Test removing multiple transport types.
- for (int i = MIN_TRANSPORT; i <= MAX_TRANSPORT; i++) {
+ for (int i = MIN_TRANSPORT; i <= getMaxTransport(); i++) {
nc.removeTransportType(i);
checkCurrentTransportTypes(nc, i, false /* positiveSequence */);
}
diff --git a/tests/common/java/android/net/NetworkProviderTest.kt b/tests/common/java/android/net/NetworkProviderTest.kt
index 8cea12e..ff5de1d 100644
--- a/tests/common/java/android/net/NetworkProviderTest.kt
+++ b/tests/common/java/android/net/NetworkProviderTest.kt
@@ -315,9 +315,7 @@
LinkProperties(), scoreWeaker, config, provider) {}
agent.register()
agent.markConnected()
- // TODO: The request is satisying by offer 2 instead of offer 1, thus it should not be
- // considered as needed.
- offerCallback1.expectOnNetworkNeeded(ncFilter2)
+ offerCallback1.assertNoCallback() // Still unneeded.
offerCallback2.assertNoCallback() // Still needed.
offerCallback3.assertNoCallback() // Still needed.
offerCallback4.expectOnNetworkUnneeded(ncFilter4)
@@ -326,7 +324,7 @@
// if a request is currently satisfied by the network provided by the same provider.
// TODO: Consider offers with weaker score are unneeded.
agent.sendNetworkScore(scoreStronger)
- offerCallback1.assertNoCallback()
+ offerCallback1.assertNoCallback() // Still unneeded.
offerCallback2.assertNoCallback() // Still needed.
offerCallback3.assertNoCallback() // Still needed.
offerCallback4.assertNoCallback() // Still unneeded.
@@ -334,7 +332,7 @@
// Verify that offer callbacks cannot receive any event if offer is unregistered.
provider2.unregisterNetworkOffer(offerCallback4)
agent.unregister()
- offerCallback1.assertNoCallback() // Still needed.
+ offerCallback1.assertNoCallback() // Still unneeded.
offerCallback2.assertNoCallback() // Still needed.
offerCallback3.assertNoCallback() // Still needed.
// Since the agent is unregistered, and the offer has chance to satisfy the request,
@@ -344,7 +342,7 @@
// Verify that offer callbacks cannot receive any event if provider is unregistered.
mCm.unregisterNetworkProvider(provider)
mCm.unregisterNetworkCallback(cb2)
- offerCallback1.assertNoCallback() // Should be unneeded if not unregistered.
+ offerCallback1.assertNoCallback() // No callback since it is still unneeded.
offerCallback2.assertNoCallback() // Should be unneeded if not unregistered.
offerCallback3.assertNoCallback() // Should be unneeded if not unregistered.
offerCallback4.assertNoCallback() // Already unregistered.
diff --git a/tests/cts/hostside/app/src/com/android/cts/net/hostside/NetworkPolicyManagerTest.java b/tests/cts/hostside/app/src/com/android/cts/net/hostside/NetworkPolicyManagerTest.java
index ddc5fd4..ad7ec9e 100644
--- a/tests/cts/hostside/app/src/com/android/cts/net/hostside/NetworkPolicyManagerTest.java
+++ b/tests/cts/hostside/app/src/com/android/cts/net/hostside/NetworkPolicyManagerTest.java
@@ -23,6 +23,8 @@
import static com.android.cts.net.hostside.NetworkPolicyTestUtils.isUidNetworkingBlocked;
import static com.android.cts.net.hostside.NetworkPolicyTestUtils.isUidRestrictedOnMeteredNetworks;
import static com.android.cts.net.hostside.NetworkPolicyTestUtils.setRestrictBackground;
+import static com.android.cts.net.hostside.Property.BATTERY_SAVER_MODE;
+import static com.android.cts.net.hostside.Property.DATA_SAVER_MODE;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
@@ -79,6 +81,7 @@
assertFalse(isUidNetworkingBlocked(mUid, NON_METERED)); // Match NTWK_ALLOWED_NON_METERED
}
+ @RequiredProperties({DATA_SAVER_MODE, BATTERY_SAVER_MODE})
@Test
public void testIsUidNetworkingBlocked_withSystemUid() throws Exception {
// Refer to NetworkPolicyManagerService#isUidNetworkingBlockedInternal(), this test is to
@@ -103,6 +106,7 @@
}
}
+ @RequiredProperties({DATA_SAVER_MODE})
@Test
public void testIsUidNetworkingBlocked_withDataSaverMode() throws Exception {
// Refer to NetworkPolicyManagerService#isUidNetworkingBlockedInternal(), this test is to
@@ -182,6 +186,7 @@
}
}
+ @RequiredProperties({BATTERY_SAVER_MODE})
@Test
public void testIsUidNetworkingBlocked_withPowerSaverMode() throws Exception {
// Refer to NetworkPolicyManagerService#isUidNetworkingBlockedInternal(), this test is to
@@ -209,6 +214,7 @@
}
}
+ @RequiredProperties({DATA_SAVER_MODE})
@Test
public void testIsUidRestrictedOnMeteredNetworks() throws Exception {
try {
diff --git a/tests/cts/net/native/qtaguid/Android.bp b/tests/cts/net/native/Android.bp
similarity index 92%
rename from tests/cts/net/native/qtaguid/Android.bp
rename to tests/cts/net/native/Android.bp
index 68bb14d..1d1c18e 100644
--- a/tests/cts/net/native/qtaguid/Android.bp
+++ b/tests/cts/net/native/Android.bp
@@ -31,16 +31,18 @@
},
},
- srcs: ["src/NativeQtaguidTest.cpp"],
+ srcs: [
+ "src/BpfCompatTest.cpp",
+ ],
shared_libs: [
- "libutils",
+ "libbase",
"liblog",
],
static_libs: [
+ "libbpf_android",
"libgtest",
- "libqtaguid",
],
// Tag this module as a cts test artifact
diff --git a/tests/cts/net/native/qtaguid/AndroidTest.xml b/tests/cts/net/native/AndroidTest.xml
similarity index 94%
rename from tests/cts/net/native/qtaguid/AndroidTest.xml
rename to tests/cts/net/native/AndroidTest.xml
index fa4b2cf..70d788a 100644
--- a/tests/cts/net/native/qtaguid/AndroidTest.xml
+++ b/tests/cts/net/native/AndroidTest.xml
@@ -13,7 +13,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<configuration description="Config for CTS Native Network xt_qtaguid test cases">
+<configuration description="Config for CTS Native Network test cases">
<option name="test-suite-tag" value="cts" />
<option name="config-descriptor:metadata" key="component" value="networking" />
<option name="config-descriptor:metadata" key="parameter" value="instant_app" />
diff --git a/tests/cts/net/native/qtaguid/src/NativeQtaguidTest.cpp b/tests/cts/net/native/qtaguid/src/NativeQtaguidTest.cpp
deleted file mode 100644
index 7dc6240..0000000
--- a/tests/cts/net/native/qtaguid/src/NativeQtaguidTest.cpp
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * Copyright (C) 2017 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <arpa/inet.h>
-#include <error.h>
-#include <errno.h>
-#include <inttypes.h>
-#include <fcntl.h>
-#include <string.h>
-#include <sys/socket.h>
-
-#include <gtest/gtest.h>
-#include <qtaguid/qtaguid.h>
-
-int canAccessQtaguidFile() {
- int fd = open("/proc/net/xt_qtaguid/ctrl", O_RDONLY | O_CLOEXEC);
- close(fd);
- return fd != -1;
-}
-
-#define SKIP_IF_QTAGUID_NOT_SUPPORTED() \
- do { \
- int res = canAccessQtaguidFile(); \
- ASSERT_LE(0, res); \
- if (!res) { \
- GTEST_LOG_(INFO) << "This test is skipped since kernel may not have the module\n"; \
- return; \
- } \
- } while (0)
-
-int getCtrlSkInfo(int tag, uid_t uid, uint64_t* sk_addr, int* ref_cnt) {
- FILE *fp;
- fp = fopen("/proc/net/xt_qtaguid/ctrl", "r");
- if (!fp)
- return -ENOENT;
- uint64_t full_tag = (uint64_t)tag << 32 | uid;
- char pattern[40];
- snprintf(pattern, sizeof(pattern), " tag=0x%" PRIx64 " (uid=%" PRIu32 ")", full_tag, uid);
-
- size_t len;
- char *line_buffer = NULL;
- while(getline(&line_buffer, &len, fp) != -1) {
- if (strstr(line_buffer, pattern) == NULL)
- continue;
- int res;
- pid_t dummy_pid;
- uint64_t k_tag;
- uint32_t k_uid;
- const int TOTAL_PARAM = 5;
- res = sscanf(line_buffer, "sock=%" PRIx64 " tag=0x%" PRIx64 " (uid=%" PRIu32 ") "
- "pid=%u f_count=%u", sk_addr, &k_tag, &k_uid,
- &dummy_pid, ref_cnt);
- if (!(res == TOTAL_PARAM && k_tag == full_tag && k_uid == uid))
- return -EINVAL;
- free(line_buffer);
- return 0;
- }
- free(line_buffer);
- return -ENOENT;
-}
-
-void checkNoSocketPointerLeaks(int family) {
- int sockfd = socket(family, SOCK_STREAM, 0);
- uid_t uid = getuid();
- int tag = arc4random();
- int ref_cnt;
- uint64_t sk_addr;
- uint64_t expect_addr = 0;
-
- EXPECT_EQ(0, legacy_tagSocket(sockfd, tag, uid));
- EXPECT_EQ(0, getCtrlSkInfo(tag, uid, &sk_addr, &ref_cnt));
- EXPECT_EQ(expect_addr, sk_addr);
- close(sockfd);
- EXPECT_EQ(-ENOENT, getCtrlSkInfo(tag, uid, &sk_addr, &ref_cnt));
-}
-
-TEST (NativeQtaguidTest, close_socket_without_untag) {
- SKIP_IF_QTAGUID_NOT_SUPPORTED();
-
- int sockfd = socket(AF_INET, SOCK_STREAM, 0);
- uid_t uid = getuid();
- int tag = arc4random();
- int ref_cnt;
- uint64_t dummy_sk;
- EXPECT_EQ(0, legacy_tagSocket(sockfd, tag, uid));
- EXPECT_EQ(0, getCtrlSkInfo(tag, uid, &dummy_sk, &ref_cnt));
- EXPECT_EQ(2, ref_cnt);
- close(sockfd);
- EXPECT_EQ(-ENOENT, getCtrlSkInfo(tag, uid, &dummy_sk, &ref_cnt));
-}
-
-TEST (NativeQtaguidTest, close_socket_without_untag_ipv6) {
- SKIP_IF_QTAGUID_NOT_SUPPORTED();
-
- int sockfd = socket(AF_INET6, SOCK_STREAM, 0);
- uid_t uid = getuid();
- int tag = arc4random();
- int ref_cnt;
- uint64_t dummy_sk;
- EXPECT_EQ(0, legacy_tagSocket(sockfd, tag, uid));
- EXPECT_EQ(0, getCtrlSkInfo(tag, uid, &dummy_sk, &ref_cnt));
- EXPECT_EQ(2, ref_cnt);
- close(sockfd);
- EXPECT_EQ(-ENOENT, getCtrlSkInfo(tag, uid, &dummy_sk, &ref_cnt));
-}
-
-TEST (NativeQtaguidTest, no_socket_addr_leak) {
- SKIP_IF_QTAGUID_NOT_SUPPORTED();
-
- checkNoSocketPointerLeaks(AF_INET);
- checkNoSocketPointerLeaks(AF_INET6);
-}
-
-int main(int argc, char **argv) {
- testing::InitGoogleTest(&argc, argv);
- return RUN_ALL_TESTS();
-}
diff --git a/tests/cts/net/native/src/BpfCompatTest.cpp b/tests/cts/net/native/src/BpfCompatTest.cpp
new file mode 100644
index 0000000..874bad4
--- /dev/null
+++ b/tests/cts/net/native/src/BpfCompatTest.cpp
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless requied by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#define LOG_TAG "BpfCompatTest"
+
+#include <fstream>
+
+#include <gtest/gtest.h>
+
+#include "libbpf_android.h"
+
+using namespace android::bpf;
+
+void doBpfStructSizeTest(const char *elfPath) {
+ std::ifstream elfFile(elfPath, std::ios::in | std::ios::binary);
+ ASSERT_TRUE(elfFile.is_open());
+
+ EXPECT_EQ(48, readSectionUint("size_of_bpf_map_def", elfFile, 0));
+ EXPECT_EQ(28, readSectionUint("size_of_bpf_prog_def", elfFile, 0));
+}
+
+TEST(BpfTest, bpfStructSizeTest) {
+ doBpfStructSizeTest("/system/etc/bpf/netd.o");
+ doBpfStructSizeTest("/system/etc/bpf/clatd.o");
+}
+
+int main(int argc, char **argv) {
+ testing::InitGoogleTest(&argc, argv);
+ return RUN_ALL_TESTS();
+}
diff --git a/tests/cts/net/src/android/net/cts/BatteryStatsManagerTest.java b/tests/cts/net/src/android/net/cts/BatteryStatsManagerTest.java
index a54fd64..86642ea 100644
--- a/tests/cts/net/src/android/net/cts/BatteryStatsManagerTest.java
+++ b/tests/cts/net/src/android/net/cts/BatteryStatsManagerTest.java
@@ -35,6 +35,7 @@
import android.os.Build;
import android.os.connectivity.CellularBatteryStats;
import android.os.connectivity.WifiBatteryStats;
+import android.platform.test.annotations.AppModeFull;
import android.util.Log;
import androidx.test.runner.AndroidJUnit4;
@@ -80,6 +81,7 @@
}
@Test
+ @AppModeFull(reason = "Cannot get CHANGE_NETWORK_STATE to request wifi/cell in instant mode")
@SkipPresubmit(reason = "Virtual hardware does not support wifi battery stats")
public void testReportNetworkInterfaceForTransports() throws Exception {
try {
@@ -132,6 +134,7 @@
}
@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+ @AppModeFull(reason = "Cannot get WifiManager in instant app mode")
@Test
public void testReportNetworkInterfaceForTransports_throwsSecurityException()
throws Exception {
diff --git a/tests/cts/net/src/android/net/cts/ConnectivityDiagnosticsManagerTest.java b/tests/cts/net/src/android/net/cts/ConnectivityDiagnosticsManagerTest.java
index ccbdbd3..a40c92d 100644
--- a/tests/cts/net/src/android/net/cts/ConnectivityDiagnosticsManagerTest.java
+++ b/tests/cts/net/src/android/net/cts/ConnectivityDiagnosticsManagerTest.java
@@ -22,6 +22,7 @@
import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport.KEY_NETWORK_PROBES_ATTEMPTED_BITMASK;
import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport.KEY_NETWORK_PROBES_SUCCEEDED_BITMASK;
import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport.KEY_NETWORK_VALIDATION_RESULT;
+import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport.NETWORK_VALIDATION_RESULT_SKIPPED;
import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport.NETWORK_VALIDATION_RESULT_VALID;
import static android.net.ConnectivityDiagnosticsManager.DataStallReport;
import static android.net.ConnectivityDiagnosticsManager.DataStallReport.DETECTION_METHOD_DNS_EVENTS;
@@ -78,6 +79,7 @@
import com.android.internal.telephony.uicc.IccUtils;
import com.android.internal.util.ArrayUtils;
+import com.android.modules.utils.build.SdkLevel;
import com.android.net.module.util.ArrayTrackRecord;
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
import com.android.testutils.DevSdkIgnoreRunner;
@@ -292,7 +294,7 @@
final String interfaceName =
mConnectivityManager.getLinkProperties(network).getInterfaceName();
connDiagsCallback.expectOnConnectivityReportAvailable(
- network, interfaceName, TRANSPORT_CELLULAR);
+ network, interfaceName, TRANSPORT_CELLULAR, NETWORK_VALIDATION_RESULT_VALID);
connDiagsCallback.assertNoCallback();
}
@@ -423,9 +425,10 @@
cb.expectOnNetworkConnectivityReported(mTestNetwork, hasConnectivity);
- // if hasConnectivity does not match the network's known connectivity, it will be
- // revalidated which will trigger another onConnectivityReportAvailable callback.
- if (!hasConnectivity) {
+ // All calls to #onNetworkConnectivityReported are expected to be accompanied by a call to
+ // #onConnectivityReportAvailable for S+ (for R, ConnectivityReports were only sent when the
+ // Network was re-validated - when reported connectivity != known connectivity).
+ if (SdkLevel.isAtLeastS() || !hasConnectivity) {
cb.expectOnConnectivityReportAvailable(mTestNetwork, interfaceName);
}
@@ -479,11 +482,19 @@
public void expectOnConnectivityReportAvailable(
@NonNull Network network, @NonNull String interfaceName) {
- expectOnConnectivityReportAvailable(network, interfaceName, TRANSPORT_TEST);
+ // Test Networks both do not require validation and are not tested for validation. This
+ // results in the validation result being reported as SKIPPED for S+ (for R, the
+ // platform marked these Networks as VALID).
+ final int expectedNetworkValidationResult =
+ SdkLevel.isAtLeastS()
+ ? NETWORK_VALIDATION_RESULT_SKIPPED
+ : NETWORK_VALIDATION_RESULT_VALID;
+ expectOnConnectivityReportAvailable(
+ network, interfaceName, TRANSPORT_TEST, expectedNetworkValidationResult);
}
- public void expectOnConnectivityReportAvailable(
- @NonNull Network network, @NonNull String interfaceName, int transportType) {
+ public void expectOnConnectivityReportAvailable(@NonNull Network network,
+ @NonNull String interfaceName, int transportType, int expectedValidationResult) {
final ConnectivityReport result =
(ConnectivityReport) mHistory.poll(CALLBACK_TIMEOUT_MILLIS, x -> true);
assertEquals(network, result.getNetwork());
@@ -496,9 +507,9 @@
final PersistableBundle extras = result.getAdditionalInfo();
assertTrue(extras.containsKey(KEY_NETWORK_VALIDATION_RESULT));
- final int validationResult = extras.getInt(KEY_NETWORK_VALIDATION_RESULT);
- assertEquals("Network validation result is not 'valid'",
- NETWORK_VALIDATION_RESULT_VALID, validationResult);
+ final int actualValidationResult = extras.getInt(KEY_NETWORK_VALIDATION_RESULT);
+ assertEquals("Network validation result is incorrect",
+ expectedValidationResult, actualValidationResult);
assertTrue(extras.containsKey(KEY_NETWORK_PROBES_SUCCEEDED_BITMASK));
final int probesSucceeded = extras.getInt(KEY_NETWORK_VALIDATION_RESULT);
diff --git a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
index cd5281f..e45aa98 100644
--- a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
+++ b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
@@ -1101,10 +1101,10 @@
}
}
- private void waitForActiveNetworkMetered(final int targetTransportType,
+ private Network waitForActiveNetworkMetered(final int targetTransportType,
final boolean requestedMeteredness, final boolean useSystemDefault)
throws Exception {
- final CountDownLatch latch = new CountDownLatch(1);
+ final CompletableFuture<Network> networkFuture = new CompletableFuture<>();
final NetworkCallback networkCallback = new NetworkCallback() {
@Override
public void onCapabilitiesChanged(Network network, NetworkCapabilities nc) {
@@ -1112,7 +1112,7 @@
final boolean metered = !nc.hasCapability(NET_CAPABILITY_NOT_METERED);
if (metered == requestedMeteredness) {
- latch.countDown();
+ networkFuture.complete(network);
}
}
};
@@ -1132,18 +1132,20 @@
// Changing meteredness on wifi involves reconnecting, which can take several seconds
// (involves re-associating, DHCP...).
- if (!latch.await(NETWORK_CALLBACK_TIMEOUT_MS, TimeUnit.MILLISECONDS)) {
- fail("Timed out waiting for active network metered status to change to "
- + requestedMeteredness + " ; network = " + mCm.getActiveNetwork());
- }
+ return networkFuture.get(NETWORK_CALLBACK_TIMEOUT_MS, TimeUnit.MILLISECONDS);
+ } catch (TimeoutException e) {
+ throw new AssertionError("Timed out waiting for active network metered status to "
+ + "change to " + requestedMeteredness + " ; network = "
+ + mCm.getActiveNetwork(), e);
} finally {
mCm.unregisterNetworkCallback(networkCallback);
}
}
- private void setWifiMeteredStatusAndWait(String ssid, boolean isMetered) throws Exception {
+ private Network setWifiMeteredStatusAndWait(String ssid, boolean isMetered) throws Exception {
setWifiMeteredStatus(ssid, Boolean.toString(isMetered) /* metered */);
- waitForActiveNetworkMetered(TRANSPORT_WIFI,
+ mCtsNetUtils.ensureWifiConnected();
+ return waitForActiveNetworkMetered(TRANSPORT_WIFI,
isMetered /* requestedMeteredness */,
true /* useSystemDefault */);
}
@@ -1209,8 +1211,7 @@
Integer.toString(newMeteredPreference));
// Wifi meterness changes from unmetered to metered will disconnect and reconnect since
// R.
- setWifiMeteredStatusAndWait(ssid, true);
- final Network network = mCtsNetUtils.ensureWifiConnected();
+ final Network network = setWifiMeteredStatusAndWait(ssid, true);
assertEquals(ssid, unquoteSSID(mWifiManager.getConnectionInfo().getSSID()));
assertEquals(mCm.getNetworkCapabilities(network).hasCapability(
NET_CAPABILITY_NOT_METERED), false);
@@ -2876,6 +2877,10 @@
public void testUidsAllowedOnRestrictedNetworks() throws Exception {
assumeTrue(TestUtils.shouldTestSApis());
+ // TODO (b/175199465): figure out a reasonable permission check for
+ // setUidsAllowedOnRestrictedNetworks that allows tests but not system-external callers.
+ assumeTrue(Build.isDebuggable());
+
final int uid = mPackageManager.getPackageUid(mContext.getPackageName(), 0 /* flag */);
final Set<Integer> originalUidsAllowedOnRestrictedNetworks =
ConnectivitySettingsManager.getUidsAllowedOnRestrictedNetworks(mContext);
@@ -2883,8 +2888,9 @@
// because it has been just installed to device. In case the uid is existed in setting
// mistakenly, try to remove the uid and set correct uids to setting.
originalUidsAllowedOnRestrictedNetworks.remove(uid);
- ConnectivitySettingsManager.setUidsAllowedOnRestrictedNetworks(mContext,
- originalUidsAllowedOnRestrictedNetworks);
+ runWithShellPermissionIdentity(() ->
+ ConnectivitySettingsManager.setUidsAllowedOnRestrictedNetworks(
+ mContext, originalUidsAllowedOnRestrictedNetworks), NETWORK_SETTINGS);
final Handler h = new Handler(Looper.getMainLooper());
final TestableNetworkCallback testNetworkCb = new TestableNetworkCallback();
@@ -2931,8 +2937,9 @@
final Set<Integer> newUidsAllowedOnRestrictedNetworks =
new ArraySet<>(originalUidsAllowedOnRestrictedNetworks);
newUidsAllowedOnRestrictedNetworks.add(uid);
- ConnectivitySettingsManager.setUidsAllowedOnRestrictedNetworks(mContext,
- newUidsAllowedOnRestrictedNetworks);
+ runWithShellPermissionIdentity(() ->
+ ConnectivitySettingsManager.setUidsAllowedOnRestrictedNetworks(
+ mContext, newUidsAllowedOnRestrictedNetworks), NETWORK_SETTINGS);
// Wait a while for sending allowed uids on the restricted network to netd.
// TODD: Have a significant signal to know the uids has been send to netd.
assertBindSocketToNetworkSuccess(network);
@@ -2941,8 +2948,9 @@
agent.unregister();
// Restore setting.
- ConnectivitySettingsManager.setUidsAllowedOnRestrictedNetworks(mContext,
- originalUidsAllowedOnRestrictedNetworks);
+ runWithShellPermissionIdentity(() ->
+ ConnectivitySettingsManager.setUidsAllowedOnRestrictedNetworks(
+ mContext, originalUidsAllowedOnRestrictedNetworks), NETWORK_SETTINGS);
}
}
}
diff --git a/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt b/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
index ccc9416..7c380e3 100644
--- a/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
+++ b/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
@@ -101,6 +101,7 @@
import com.android.testutils.TestableNetworkCallback
import org.junit.After
import org.junit.Assert.assertArrayEquals
+import org.junit.Assume.assumeFalse
import org.junit.Before
import org.junit.Test
import org.junit.runner.RunWith
@@ -1034,6 +1035,9 @@
@Test
fun testQosCallbackRegisterWithUnregister() {
+ // Instant apps can't bind sockets to localhost
+ // TODO: use @AppModeFull when supported by DevSdkIgnoreRunner
+ assumeFalse(realContext.packageManager.isInstantApp())
val (agent, socket) = setupForQosCallbackTesting()
val qosCallback = TestableQosCallback()
@@ -1060,6 +1064,9 @@
@Test
fun testQosCallbackOnQosSession() {
+ // Instant apps can't bind sockets to localhost
+ // TODO: use @AppModeFull when supported by DevSdkIgnoreRunner
+ assumeFalse(realContext.packageManager.isInstantApp())
val (agent, socket) = setupForQosCallbackTesting()
val qosCallback = TestableQosCallback()
Executors.newSingleThreadExecutor().let { executor ->
@@ -1104,6 +1111,9 @@
@Test
fun testQosCallbackOnError() {
+ // Instant apps can't bind sockets to localhost
+ // TODO: use @AppModeFull when supported by DevSdkIgnoreRunner
+ assumeFalse(realContext.packageManager.isInstantApp())
val (agent, socket) = setupForQosCallbackTesting()
val qosCallback = TestableQosCallback()
Executors.newSingleThreadExecutor().let { executor ->
@@ -1142,6 +1152,9 @@
@Test
fun testQosCallbackIdsAreMappedCorrectly() {
+ // Instant apps can't bind sockets to localhost
+ // TODO: use @AppModeFull when supported by DevSdkIgnoreRunner
+ assumeFalse(realContext.packageManager.isInstantApp())
val (agent, socket) = setupForQosCallbackTesting()
val qosCallback1 = TestableQosCallback()
val qosCallback2 = TestableQosCallback()
@@ -1182,6 +1195,9 @@
@Test
fun testQosCallbackWhenNetworkReleased() {
+ // Instant apps can't bind sockets to localhost
+ // TODO: use @AppModeFull when supported by DevSdkIgnoreRunner
+ assumeFalse(realContext.packageManager.isInstantApp())
val (agent, socket) = setupForQosCallbackTesting()
Executors.newSingleThreadExecutor().let { executor ->
try {
diff --git a/tests/cts/net/src/android/net/cts/PacProxyManagerTest.java b/tests/cts/net/src/android/net/cts/PacProxyManagerTest.java
index 7d5e9ff..a20f1cc 100644
--- a/tests/cts/net/src/android/net/cts/PacProxyManagerTest.java
+++ b/tests/cts/net/src/android/net/cts/PacProxyManagerTest.java
@@ -35,6 +35,7 @@
import android.net.ProxyInfo;
import android.net.Uri;
import android.os.Build;
+import android.platform.test.annotations.AppModeFull;
import android.util.Log;
import android.util.Range;
@@ -145,6 +146,7 @@
}
}
+ @AppModeFull(reason = "Instant apps can't bind sockets to localhost for a test proxy server")
@Test
public void testSetCurrentProxyScriptUrl() throws Exception {
// Register a PacProxyInstalledListener
diff --git a/tests/cts/net/util/java/android/net/cts/util/CtsNetUtils.java b/tests/cts/net/util/java/android/net/cts/util/CtsNetUtils.java
index bce9880..103906a 100644
--- a/tests/cts/net/util/java/android/net/cts/util/CtsNetUtils.java
+++ b/tests/cts/net/util/java/android/net/cts/util/CtsNetUtils.java
@@ -28,7 +28,6 @@
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
@@ -56,6 +55,7 @@
import android.os.Binder;
import android.os.Build;
import android.os.IBinder;
+import android.os.SystemClock;
import android.system.Os;
import android.system.OsConstants;
import android.text.TextUtils;
@@ -73,11 +73,13 @@
import java.net.Socket;
import java.util.Arrays;
import java.util.List;
+import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
+import java.util.stream.Collectors;
public final class CtsNetUtils {
private static final String TAG = CtsNetUtils.class.getSimpleName();
@@ -86,6 +88,13 @@
private static final int PRIVATE_DNS_SETTING_TIMEOUT_MS = 10_000;
private static final int CONNECTIVITY_CHANGE_TIMEOUT_SECS = 30;
+ private static final int MAX_WIFI_CONNECT_RETRIES = 10;
+ private static final int WIFI_CONNECT_INTERVAL_MS = 500;
+
+ // Constants used by WifiManager.ActionListener#onFailure. Although onFailure is SystemApi,
+ // the error code constants are not (they probably should be ?)
+ private static final int WIFI_ERROR_IN_PROGRESS = 1;
+ private static final int WIFI_ERROR_BUSY = 2;
private static final String PRIVATE_DNS_MODE_OPPORTUNISTIC = "opportunistic";
private static final String PRIVATE_DNS_MODE_STRICT = "hostname";
public static final int HTTP_PORT = 80;
@@ -211,32 +220,21 @@
filter.addAction(ConnectivityManager.CONNECTIVITY_ACTION);
mContext.registerReceiver(receiver, filter);
- boolean connected = false;
- final String err = "Wifi must be configured to connect to an access point for this test";
try {
- clearWifiBlacklist();
+ // Clear the wifi config blocklist (not the BSSID blocklist)
+ clearWifiBlocklist();
SystemUtil.runShellCommand("svc wifi enable");
- final WifiConfiguration config = maybeAddVirtualWifiConfiguration();
- if (config == null) {
- // TODO: this may not clear the BSSID blacklist, as opposed to
- // mWifiManager.connect(config)
- assertTrue("Error reconnecting wifi", runAsShell(NETWORK_SETTINGS,
- mWifiManager::reconnect));
- } else {
- // When running CTS, devices are expected to have wifi networks pre-configured.
- // This condition is only hit on virtual devices.
- final Integer error = runAsShell(NETWORK_SETTINGS, () -> {
- final ConnectWifiListener listener = new ConnectWifiListener();
- mWifiManager.connect(config, listener);
- return listener.connectFuture.get(
- CONNECTIVITY_CHANGE_TIMEOUT_SECS, TimeUnit.SECONDS);
- });
- assertNull("Error connecting to wifi: " + error, error);
- }
+ final WifiConfiguration config = getOrCreateWifiConfiguration();
+ connectToWifiConfig(config);
+
// Ensure we get an onAvailable callback and possibly a CONNECTIVITY_ACTION.
wifiNetwork = callback.waitForAvailable();
- assertNotNull(err + ": onAvailable callback not received", wifiNetwork);
- connected = !expectLegacyBroadcast || receiver.waitForState();
+ assertNotNull("onAvailable callback not received after connecting to " + config.SSID,
+ wifiNetwork);
+ if (expectLegacyBroadcast) {
+ assertTrue("CONNECTIVITY_ACTION not received after connecting to " + config.SSID,
+ receiver.waitForState());
+ }
} catch (InterruptedException ex) {
fail("connectToWifi was interrupted");
} finally {
@@ -244,10 +242,30 @@
mContext.unregisterReceiver(receiver);
}
- assertTrue(err + ": CONNECTIVITY_ACTION not received", connected);
return wifiNetwork;
}
+ private void connectToWifiConfig(WifiConfiguration config) {
+ for (int i = 0; i < MAX_WIFI_CONNECT_RETRIES; i++) {
+ final Integer error = runAsShell(NETWORK_SETTINGS, () -> {
+ final ConnectWifiListener listener = new ConnectWifiListener();
+ mWifiManager.connect(config, listener);
+ return listener.connectFuture.get(
+ CONNECTIVITY_CHANGE_TIMEOUT_SECS, TimeUnit.SECONDS);
+ });
+
+ if (error == null) return;
+
+ // Only retry for IN_PROGRESS and BUSY
+ if (error != WIFI_ERROR_IN_PROGRESS && error != WIFI_ERROR_BUSY) {
+ fail("Failed to connect to " + config.SSID + ": " + error);
+ }
+
+ Log.w(TAG, "connect failed with " + error + "; waiting before retry");
+ SystemClock.sleep(WIFI_CONNECT_INTERVAL_MS);
+ }
+ }
+
private static class ConnectWifiListener implements WifiManager.ActionListener {
/**
* Future completed when the connect process ends. Provides the error code or null if none.
@@ -264,7 +282,7 @@
}
}
- private WifiConfiguration maybeAddVirtualWifiConfiguration() {
+ private WifiConfiguration getOrCreateWifiConfiguration() {
final List<WifiConfiguration> configs = runAsShell(NETWORK_SETTINGS,
mWifiManager::getConfiguredNetworks);
// If no network is configured, add a config for virtual access points if applicable
@@ -275,8 +293,24 @@
return virtualConfig;
}
- // No need to add a configuration: there is already one
- return null;
+ // No need to add a configuration: there is already one.
+ if (configs.size() > 1) {
+ // For convenience in case of local testing on devices with multiple saved configs,
+ // prefer the first configuration that is in range.
+ // In actual tests, there should only be one configuration, and it should be usable as
+ // assumed by WifiManagerTest.testConnect.
+ Log.w(TAG, "Multiple wifi configurations found: "
+ + configs.stream().map(c -> c.SSID).collect(Collectors.joining(", ")));
+ final List<ScanResult> scanResultsList = getWifiScanResults();
+ Log.i(TAG, "Scan results: " + scanResultsList.stream().map(c ->
+ c.SSID + " (" + c.level + ")").collect(Collectors.joining(", ")));
+ final Set<String> scanResults = scanResultsList.stream().map(
+ s -> "\"" + s.SSID + "\"").collect(Collectors.toSet());
+
+ return configs.stream().filter(c -> scanResults.contains(c.SSID))
+ .findFirst().orElse(configs.get(0));
+ }
+ return configs.get(0);
}
private List<ScanResult> getWifiScanResults() {
@@ -327,11 +361,11 @@
}
/**
- * Re-enable wifi networks that were blacklisted, typically because no internet connection was
+ * Re-enable wifi networks that were blocklisted, typically because no internet connection was
* detected the last time they were connected. This is necessary to make sure wifi can reconnect
* to them.
*/
- private void clearWifiBlacklist() {
+ private void clearWifiBlocklist() {
runAsShell(NETWORK_SETTINGS, ACCESS_WIFI_STATE, () -> {
for (WifiConfiguration cfg : mWifiManager.getConfiguredNetworks()) {
assertTrue(mWifiManager.enableNetwork(cfg.networkId, false /* attemptConnect */));
diff --git a/tests/cts/tethering/src/android/tethering/cts/TetheringManagerTest.java b/tests/cts/tethering/src/android/tethering/cts/TetheringManagerTest.java
index 0a5e506..bd1b74a 100644
--- a/tests/cts/tethering/src/android/tethering/cts/TetheringManagerTest.java
+++ b/tests/cts/tethering/src/android/tethering/cts/TetheringManagerTest.java
@@ -361,6 +361,7 @@
@Test
public void testRequestLatestEntitlementResult() throws Exception {
assumeTrue(mTM.isTetheringSupported());
+ assumeTrue(mPm.hasSystemFeature(FEATURE_TELEPHONY));
// Verify that requestLatestTetheringEntitlementResult() can get entitlement
// result(TETHER_ERROR_ENTITLEMENT_UNKNOWN due to invalid downstream type) via listener.
assertEntitlementResult(listener -> mTM.requestLatestTetheringEntitlementResult(
diff --git a/tests/integration/Android.bp b/tests/integration/Android.bp
index 5fe478f..7c42811 100644
--- a/tests/integration/Android.bp
+++ b/tests/integration/Android.bp
@@ -37,7 +37,7 @@
"kotlin-reflect",
"mockito-target-extended-minus-junit4",
"net-tests-utils",
- "service-connectivity",
+ "service-connectivity-pre-jarjar",
"services.core",
"services.net",
"testables",
@@ -52,6 +52,7 @@
"libnativehelper_compat_libc++",
"libnetworkstackutilsjni",
],
+ jarjar_rules: ":connectivity-jarjar-rules",
}
// Utilities for testing framework code both in integration and unit tests.
diff --git a/tests/integration/util/com/android/server/NetworkAgentWrapper.java b/tests/integration/util/com/android/server/NetworkAgentWrapper.java
index 17db179..95ea401 100644
--- a/tests/integration/util/com/android/server/NetworkAgentWrapper.java
+++ b/tests/integration/util/com/android/server/NetworkAgentWrapper.java
@@ -55,6 +55,7 @@
import com.android.testutils.HandlerUtils;
import com.android.testutils.TestableNetworkCallback;
+import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
@@ -255,6 +256,15 @@
}
}
+ public void setUnderlyingNetworks(List<Network> underlyingNetworks) {
+ mNetworkAgent.setUnderlyingNetworks(underlyingNetworks);
+ }
+
+ public void setOwnerUid(int uid) {
+ mNetworkCapabilities.setOwnerUid(uid);
+ mNetworkAgent.sendNetworkCapabilities(mNetworkCapabilities);
+ }
+
public void connect() {
if (!mConnected.compareAndSet(false /* expect */, true /* update */)) {
// compareAndSet returns false when the value couldn't be updated because it did not
diff --git a/tests/unit/java/android/net/KeepalivePacketDataUtilTest.java b/tests/unit/java/android/net/KeepalivePacketDataUtilTest.java
index ed4f61d..8498b6f 100644
--- a/tests/unit/java/android/net/KeepalivePacketDataUtilTest.java
+++ b/tests/unit/java/android/net/KeepalivePacketDataUtilTest.java
@@ -168,8 +168,8 @@
assertEquals(resultData.tos, tos);
assertEquals(resultData.ttl, ttl);
- final String expected = ""
- + "android.net.TcpKeepalivePacketDataParcelable{srcAddress: [10, 0, 0, 1],"
+ final String expected = TcpKeepalivePacketDataParcelable.class.getName()
+ + "{srcAddress: [10, 0, 0, 1],"
+ " srcPort: 1234, dstAddress: [10, 0, 0, 5], dstPort: 4321, seq: 286331153,"
+ " ack: 572662306, rcvWnd: 48000, rcvWndScale: 2, tos: 4, ttl: 64}";
assertEquals(expected, resultData.toString());
diff --git a/tests/unit/java/android/net/NetworkStatsTest.java b/tests/unit/java/android/net/NetworkStatsTest.java
index 1cdc6cb..c971da1 100644
--- a/tests/unit/java/android/net/NetworkStatsTest.java
+++ b/tests/unit/java/android/net/NetworkStatsTest.java
@@ -734,6 +734,56 @@
ROAMING_ALL, DEFAULT_NETWORK_ALL, 50500L, 27L, 100200L, 55, 0);
}
+ // Tests a case where an PlatformVpn is used, where the entire datapath is in the kernel,
+ // including all encapsulation/decapsulation.
+ @Test
+ public void testMigrateTun_platformVpn() {
+ final int ownerUid = Process.SYSTEM_UID;
+ final String tunIface = "ipsec1";
+ final String underlyingIface = "wlan0";
+ NetworkStats delta = new NetworkStats(TEST_START, 9)
+ // 2 different apps sent/receive data via ipsec1.
+ .insertEntry(tunIface, 10100, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 50000L, 25L, 100000L, 50L, 0L)
+ .insertEntry(tunIface, 20100, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 500L, 2L, 200L, 5L, 0L)
+ // Owner (system) sends data through the tunnel
+ .insertEntry(tunIface, ownerUid, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 2000L, 20L, 3000L, 30L, 0L)
+ // 1 app already has some traffic on the underlying interface, the other doesn't yet
+ .insertEntry(underlyingIface, 10100, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 1000L, 10L, 2000L, 20L, 0L);
+
+ delta.migrateTun(ownerUid, tunIface, Arrays.asList(underlyingIface));
+ assertEquals(9, delta.size()); // 3 DBG entries + 1 entry per app per interface
+
+ // tunIface entries should not be changed.
+ assertValues(delta, 0, tunIface, 10100, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 50000L, 25L, 100000L, 50L, 0L);
+ assertValues(delta, 1, tunIface, 20100, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 500L, 2L, 200L, 5L, 0L);
+ assertValues(delta, 2, tunIface, ownerUid, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 2000L, 20L, 3000L, 30L, 0L);
+
+ // Existing underlying Iface entries are updated to include usage over ipsec1
+ assertValues(delta, 3, underlyingIface, 10100, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 51000L, 35L, 102000L, 70L, 0L);
+
+ // New entries are added on underlying Iface traffic
+ assertContains(delta, underlyingIface, ownerUid, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 2000L, 20L, 3000L, 30L, 0L);
+ assertContains(delta, underlyingIface, 20100, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 500L, 2L, 200L, 5L, 0L);
+
+ // New entries are added for debug purpose
+ assertContains(delta, underlyingIface, 10100, SET_DBG_VPN_IN, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 50000L, 25L, 100000L, 50L, 0L);
+ assertContains(delta, underlyingIface, 20100, SET_DBG_VPN_IN, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 500, 2L, 200L, 5L, 0L);
+ assertContains(delta, underlyingIface, ownerUid, SET_DBG_VPN_IN, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 2000L, 20L, 3000L, 30L, 0L);
+ }
+
@Test
public void testFilter_NoFilter() {
NetworkStats.Entry entry1 = new NetworkStats.Entry(
diff --git a/tests/unit/java/android/net/util/KeepaliveUtilsTest.kt b/tests/unit/java/android/net/util/KeepaliveUtilsTest.kt
index 40f39a4..9203f8f 100644
--- a/tests/unit/java/android/net/util/KeepaliveUtilsTest.kt
+++ b/tests/unit/java/android/net/util/KeepaliveUtilsTest.kt
@@ -104,7 +104,7 @@
// Check valid customization generates expected array.
val validRes = arrayOf("0,3", "1,0", "4,4")
- val expectedValidRes = intArrayOf(3, 0, 0, 0, 4, 0, 0, 0)
+ val expectedValidRes = intArrayOf(3, 0, 0, 0, 4, 0, 0, 0, 0)
val mockContext = getMockedContextWithStringArrayRes(
R.array.config_networkSupportedKeepaliveCount,
diff --git a/tests/unit/java/com/android/internal/util/BitUtilsTest.java b/tests/unit/java/com/android/internal/util/BitUtilsTest.java
deleted file mode 100644
index aab1268..0000000
--- a/tests/unit/java/com/android/internal/util/BitUtilsTest.java
+++ /dev/null
@@ -1,206 +0,0 @@
-/*
- * Copyright (C) 2017 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.internal.util;
-
-import static com.android.internal.util.BitUtils.bytesToBEInt;
-import static com.android.internal.util.BitUtils.bytesToLEInt;
-import static com.android.internal.util.BitUtils.getUint16;
-import static com.android.internal.util.BitUtils.getUint32;
-import static com.android.internal.util.BitUtils.getUint8;
-import static com.android.internal.util.BitUtils.packBits;
-import static com.android.internal.util.BitUtils.uint16;
-import static com.android.internal.util.BitUtils.uint32;
-import static com.android.internal.util.BitUtils.uint8;
-import static com.android.internal.util.BitUtils.unpackBits;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-import android.os.Build;
-
-import androidx.test.filters.SmallTest;
-
-import com.android.testutils.DevSdkIgnoreRule;
-import com.android.testutils.DevSdkIgnoreRunner;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import java.util.Random;
-
-@SmallTest
-@RunWith(DevSdkIgnoreRunner.class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
-public class BitUtilsTest {
-
- @Test
- public void testUnsignedByteWideningConversions() {
- byte b0 = 0;
- byte b1 = 1;
- byte bm1 = -1;
- assertEquals(0, uint8(b0));
- assertEquals(1, uint8(b1));
- assertEquals(127, uint8(Byte.MAX_VALUE));
- assertEquals(128, uint8(Byte.MIN_VALUE));
- assertEquals(255, uint8(bm1));
- assertEquals(255, uint8((byte)255));
- }
-
- @Test
- public void testUnsignedShortWideningConversions() {
- short s0 = 0;
- short s1 = 1;
- short sm1 = -1;
- assertEquals(0, uint16(s0));
- assertEquals(1, uint16(s1));
- assertEquals(32767, uint16(Short.MAX_VALUE));
- assertEquals(32768, uint16(Short.MIN_VALUE));
- assertEquals(65535, uint16(sm1));
- assertEquals(65535, uint16((short)65535));
- }
-
- @Test
- public void testUnsignedShortComposition() {
- byte b0 = 0;
- byte b1 = 1;
- byte b2 = 2;
- byte b10 = 10;
- byte b16 = 16;
- byte b128 = -128;
- byte b224 = -32;
- byte b255 = -1;
- assertEquals(0x0000, uint16(b0, b0));
- assertEquals(0xffff, uint16(b255, b255));
- assertEquals(0x0a01, uint16(b10, b1));
- assertEquals(0x8002, uint16(b128, b2));
- assertEquals(0x01ff, uint16(b1, b255));
- assertEquals(0x80ff, uint16(b128, b255));
- assertEquals(0xe010, uint16(b224, b16));
- }
-
- @Test
- public void testUnsignedIntWideningConversions() {
- assertEquals(0, uint32(0));
- assertEquals(1, uint32(1));
- assertEquals(2147483647L, uint32(Integer.MAX_VALUE));
- assertEquals(2147483648L, uint32(Integer.MIN_VALUE));
- assertEquals(4294967295L, uint32(-1));
- assertEquals(4294967295L, uint32((int)4294967295L));
- }
-
- @Test
- public void testBytesToInt() {
- assertEquals(0x00000000, bytesToBEInt(bytes(0, 0, 0, 0)));
- assertEquals(0xffffffff, bytesToBEInt(bytes(255, 255, 255, 255)));
- assertEquals(0x0a000001, bytesToBEInt(bytes(10, 0, 0, 1)));
- assertEquals(0x0a000002, bytesToBEInt(bytes(10, 0, 0, 2)));
- assertEquals(0x0a001fff, bytesToBEInt(bytes(10, 0, 31, 255)));
- assertEquals(0xe0000001, bytesToBEInt(bytes(224, 0, 0, 1)));
-
- assertEquals(0x00000000, bytesToLEInt(bytes(0, 0, 0, 0)));
- assertEquals(0x01020304, bytesToLEInt(bytes(4, 3, 2, 1)));
- assertEquals(0xffff0000, bytesToLEInt(bytes(0, 0, 255, 255)));
- }
-
- @Test
- public void testUnsignedGetters() {
- ByteBuffer b = ByteBuffer.allocate(4);
- b.putInt(0xffff);
-
- assertEquals(0x0, getUint8(b, 0));
- assertEquals(0x0, getUint8(b, 1));
- assertEquals(0xff, getUint8(b, 2));
- assertEquals(0xff, getUint8(b, 3));
-
- assertEquals(0x0, getUint16(b, 0));
- assertEquals(0xffff, getUint16(b, 2));
-
- b.rewind();
- b.putInt(0xffffffff);
- assertEquals(0xffffffffL, getUint32(b, 0));
- }
-
- @Test
- public void testBitsPacking() {
- BitPackingTestCase[] testCases = {
- new BitPackingTestCase(0, ints()),
- new BitPackingTestCase(1, ints(0)),
- new BitPackingTestCase(2, ints(1)),
- new BitPackingTestCase(3, ints(0, 1)),
- new BitPackingTestCase(4, ints(2)),
- new BitPackingTestCase(6, ints(1, 2)),
- new BitPackingTestCase(9, ints(0, 3)),
- new BitPackingTestCase(~Long.MAX_VALUE, ints(63)),
- new BitPackingTestCase(~Long.MAX_VALUE + 1, ints(0, 63)),
- new BitPackingTestCase(~Long.MAX_VALUE + 2, ints(1, 63)),
- };
- for (BitPackingTestCase tc : testCases) {
- int[] got = unpackBits(tc.packedBits);
- assertTrue(
- "unpackBits("
- + tc.packedBits
- + "): expected "
- + Arrays.toString(tc.bits)
- + " but got "
- + Arrays.toString(got),
- Arrays.equals(tc.bits, got));
- }
- for (BitPackingTestCase tc : testCases) {
- long got = packBits(tc.bits);
- assertEquals(
- "packBits("
- + Arrays.toString(tc.bits)
- + "): expected "
- + tc.packedBits
- + " but got "
- + got,
- tc.packedBits,
- got);
- }
-
- long[] moreTestCases = {
- 0, 1, -1, 23895, -908235, Long.MAX_VALUE, Long.MIN_VALUE, new Random().nextLong(),
- };
- for (long l : moreTestCases) {
- assertEquals(l, packBits(unpackBits(l)));
- }
- }
-
- static byte[] bytes(int b1, int b2, int b3, int b4) {
- return new byte[] {b(b1), b(b2), b(b3), b(b4)};
- }
-
- static byte b(int i) {
- return (byte) i;
- }
-
- static int[] ints(int... array) {
- return array;
- }
-
- static class BitPackingTestCase {
- final int[] bits;
- final long packedBits;
-
- BitPackingTestCase(long packedBits, int[] bits) {
- this.bits = bits;
- this.packedBits = packedBits;
- }
- }
-}
diff --git a/tests/unit/java/com/android/internal/util/RingBufferTest.java b/tests/unit/java/com/android/internal/util/RingBufferTest.java
deleted file mode 100644
index 13cf840..0000000
--- a/tests/unit/java/com/android/internal/util/RingBufferTest.java
+++ /dev/null
@@ -1,183 +0,0 @@
-/*
- * Copyright (C) 2017 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.internal.util;
-
-import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.fail;
-
-import android.os.Build;
-
-import androidx.test.filters.SmallTest;
-
-import com.android.testutils.DevSdkIgnoreRule;
-import com.android.testutils.DevSdkIgnoreRunner;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-@SmallTest
-@RunWith(DevSdkIgnoreRunner.class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
-public class RingBufferTest {
-
- @Test
- public void testEmptyRingBuffer() {
- RingBuffer<String> buffer = new RingBuffer<>(String.class, 100);
-
- assertArrayEquals(new String[0], buffer.toArray());
- }
-
- @Test
- public void testIncorrectConstructorArguments() {
- try {
- RingBuffer<String> buffer = new RingBuffer<>(String.class, -10);
- fail("Should not be able to create a negative capacity RingBuffer");
- } catch (IllegalArgumentException expected) {
- }
-
- try {
- RingBuffer<String> buffer = new RingBuffer<>(String.class, 0);
- fail("Should not be able to create a 0 capacity RingBuffer");
- } catch (IllegalArgumentException expected) {
- }
- }
-
- @Test
- public void testRingBufferWithNoWrapping() {
- RingBuffer<String> buffer = new RingBuffer<>(String.class, 100);
-
- buffer.append("a");
- buffer.append("b");
- buffer.append("c");
- buffer.append("d");
- buffer.append("e");
-
- String[] expected = {"a", "b", "c", "d", "e"};
- assertArrayEquals(expected, buffer.toArray());
- }
-
- @Test
- public void testRingBufferWithCapacity1() {
- RingBuffer<String> buffer = new RingBuffer<>(String.class, 1);
-
- buffer.append("a");
- assertArrayEquals(new String[]{"a"}, buffer.toArray());
-
- buffer.append("b");
- assertArrayEquals(new String[]{"b"}, buffer.toArray());
-
- buffer.append("c");
- assertArrayEquals(new String[]{"c"}, buffer.toArray());
-
- buffer.append("d");
- assertArrayEquals(new String[]{"d"}, buffer.toArray());
-
- buffer.append("e");
- assertArrayEquals(new String[]{"e"}, buffer.toArray());
- }
-
- @Test
- public void testRingBufferWithWrapping() {
- int capacity = 100;
- RingBuffer<String> buffer = new RingBuffer<>(String.class, capacity);
-
- buffer.append("a");
- buffer.append("b");
- buffer.append("c");
- buffer.append("d");
- buffer.append("e");
-
- String[] expected1 = {"a", "b", "c", "d", "e"};
- assertArrayEquals(expected1, buffer.toArray());
-
- String[] expected2 = new String[capacity];
- int firstIndex = 0;
- int lastIndex = capacity - 1;
-
- expected2[firstIndex] = "e";
- for (int i = 1; i < capacity; i++) {
- buffer.append("x");
- expected2[i] = "x";
- }
- assertArrayEquals(expected2, buffer.toArray());
-
- buffer.append("x");
- expected2[firstIndex] = "x";
- assertArrayEquals(expected2, buffer.toArray());
-
- for (int i = 0; i < 10; i++) {
- for (String s : expected2) {
- buffer.append(s);
- }
- }
- assertArrayEquals(expected2, buffer.toArray());
-
- buffer.append("a");
- expected2[lastIndex] = "a";
- assertArrayEquals(expected2, buffer.toArray());
- }
-
- @Test
- public void testGetNextSlot() {
- int capacity = 100;
- RingBuffer<DummyClass1> buffer = new RingBuffer<>(DummyClass1.class, capacity);
-
- final DummyClass1[] actual = new DummyClass1[capacity];
- final DummyClass1[] expected = new DummyClass1[capacity];
- for (int i = 0; i < capacity; ++i) {
- final DummyClass1 obj = buffer.getNextSlot();
- obj.x = capacity * i;
- actual[i] = obj;
- expected[i] = new DummyClass1();
- expected[i].x = capacity * i;
- }
- assertArrayEquals(expected, buffer.toArray());
-
- for (int i = 0; i < capacity; ++i) {
- if (actual[i] != buffer.getNextSlot()) {
- fail("getNextSlot() should re-use objects if available");
- }
- }
-
- RingBuffer<DummyClass2> buffer2 = new RingBuffer<>(DummyClass2.class, capacity);
- assertNull("getNextSlot() should return null if the object can't be initiated "
- + "(No nullary constructor)", buffer2.getNextSlot());
-
- RingBuffer<DummyClass3> buffer3 = new RingBuffer<>(DummyClass3.class, capacity);
- assertNull("getNextSlot() should return null if the object can't be initiated "
- + "(Inaccessible class)", buffer3.getNextSlot());
- }
-
- public static final class DummyClass1 {
- int x;
-
- public boolean equals(Object o) {
- if (o instanceof DummyClass1) {
- final DummyClass1 other = (DummyClass1) o;
- return other.x == this.x;
- }
- return false;
- }
- }
-
- public static final class DummyClass2 {
- public DummyClass2(int x) {}
- }
-
- private static final class DummyClass3 {}
-}
diff --git a/tests/unit/java/com/android/server/ConnectivityServiceTest.java b/tests/unit/java/com/android/server/ConnectivityServiceTest.java
index 9601bb1..e28f3c4 100644
--- a/tests/unit/java/com/android/server/ConnectivityServiceTest.java
+++ b/tests/unit/java/com/android/server/ConnectivityServiceTest.java
@@ -125,8 +125,10 @@
import static android.os.Process.INVALID_UID;
import static android.system.OsConstants.IPPROTO_TCP;
-import static com.android.server.ConnectivityService.DEFAULT_NETWORK_PRIORITY_MOBILE_DATA_PREFERRED;
-import static com.android.server.ConnectivityService.DEFAULT_NETWORK_PRIORITY_OEM;
+import static com.android.server.ConnectivityService.PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED;
+import static com.android.server.ConnectivityService.PREFERENCE_PRIORITY_OEM;
+import static com.android.server.ConnectivityService.PREFERENCE_PRIORITY_PROFILE;
+import static com.android.server.ConnectivityService.PREFERENCE_PRIORITY_VPN;
import static com.android.server.ConnectivityServiceTestUtils.transportToLegacyType;
import static com.android.testutils.ConcurrentUtils.await;
import static com.android.testutils.ConcurrentUtils.durationOf;
@@ -174,6 +176,8 @@
import static org.mockito.Mockito.verifyNoMoreInteractions;
import static org.mockito.Mockito.when;
+import static java.util.Arrays.asList;
+
import android.Manifest;
import android.annotation.NonNull;
import android.annotation.Nullable;
@@ -258,6 +262,7 @@
import android.net.VpnManager;
import android.net.VpnTransportInfo;
import android.net.metrics.IpConnectivityLog;
+import android.net.netd.aidl.NativeUidRangeConfig;
import android.net.networkstack.NetworkStackClientBase;
import android.net.resolv.aidl.Nat64PrefixEventParcel;
import android.net.resolv.aidl.PrivateDnsValidationEventParcel;
@@ -306,7 +311,6 @@
import com.android.internal.app.IBatteryStats;
import com.android.internal.net.VpnConfig;
import com.android.internal.net.VpnProfile;
-import com.android.internal.util.ArrayUtils;
import com.android.internal.util.WakeupMessage;
import com.android.internal.util.test.BroadcastInterceptingContext;
import com.android.internal.util.test.FakeSettingsProvider;
@@ -434,6 +438,7 @@
private static final String TEST_PACKAGE_NAME = "com.android.test.package";
private static final int TEST_PACKAGE_UID = 123;
private static final int TEST_PACKAGE_UID2 = 321;
+ private static final int TEST_PACKAGE_UID3 = 456;
private static final String ALWAYS_ON_PACKAGE = "com.android.test.alwaysonvpn";
private static final String INTERFACE_NAME = "interface";
@@ -1167,20 +1172,14 @@
assertEquals(count, getMyRequestCount());
}
- @Override
- public void terminate() {
- super.terminate();
- // Make sure there are no remaining requests unaccounted for.
- HandlerUtils.waitForIdle(mHandlerSendingRequests, TIMEOUT_MS);
- assertNull(mRequestHistory.poll(0, r -> true));
- }
-
// Trigger releasing the request as unfulfillable
public void triggerUnfulfillable(NetworkRequest r) {
super.releaseRequestAsUnfulfillableByAnyFactory(r);
}
public void assertNoRequestChanged() {
+ // Make sure there are no remaining requests unaccounted for.
+ HandlerUtils.waitForIdle(mHandlerSendingRequests, TIMEOUT_MS);
assertNull(mRequestHistory.poll(0, r -> true));
}
}
@@ -1296,10 +1295,12 @@
mNetworkCapabilities);
mMockNetworkAgent.waitForIdle(TIMEOUT_MS);
- verify(mMockNetd, times(1)).networkAddUidRanges(eq(mMockVpn.getNetwork().getNetId()),
- eq(toUidRangeStableParcels(uids)));
- verify(mMockNetd, never())
- .networkRemoveUidRanges(eq(mMockVpn.getNetwork().getNetId()), any());
+ verify(mMockNetd, times(1)).networkAddUidRangesParcel(
+ new NativeUidRangeConfig(mMockVpn.getNetwork().getNetId(),
+ toUidRangeStableParcels(uids), PREFERENCE_PRIORITY_VPN));
+ verify(mMockNetd, never()).networkRemoveUidRangesParcel(argThat(config ->
+ mMockVpn.getNetwork().getNetId() == config.netId
+ && PREFERENCE_PRIORITY_VPN == config.subPriority));
mAgentRegistered = true;
verify(mMockNetd).networkCreate(nativeNetworkConfigVpn(getNetwork().netId,
!mMockNetworkAgent.isBypassableVpn(), mVpnType));
@@ -1603,9 +1604,8 @@
MockitoAnnotations.initMocks(this);
- when(mUserManager.getAliveUsers()).thenReturn(Arrays.asList(PRIMARY_USER_INFO));
- when(mUserManager.getUserHandles(anyBoolean())).thenReturn(
- Arrays.asList(PRIMARY_USER_HANDLE));
+ when(mUserManager.getAliveUsers()).thenReturn(asList(PRIMARY_USER_INFO));
+ when(mUserManager.getUserHandles(anyBoolean())).thenReturn(asList(PRIMARY_USER_HANDLE));
when(mUserManager.getUserInfo(PRIMARY_USER)).thenReturn(PRIMARY_USER_INFO);
// canHaveRestrictedProfile does not take a userId. It applies to the userId of the context
// it was started from, i.e., PRIMARY_USER.
@@ -1813,7 +1813,7 @@
eq(UserHandle.getCallingUserId()))).thenReturn(myPackageInfo);
when(mPackageManager.getInstalledPackages(eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
- Arrays.asList(new PackageInfo[] {
+ asList(new PackageInfo[] {
buildPackageInfo(/* SYSTEM */ false, APP1_UID),
buildPackageInfo(/* SYSTEM */ false, APP2_UID),
buildPackageInfo(/* SYSTEM */ false, VPN_UID)
@@ -1830,7 +1830,7 @@
ResolveInfo rInfo = new ResolveInfo();
rInfo.serviceInfo = new ServiceInfo();
rInfo.serviceInfo.metaData = new Bundle();
- final List<ResolveInfo> services = Arrays.asList(new ResolveInfo[]{rInfo});
+ final List<ResolveInfo> services = asList(new ResolveInfo[]{rInfo});
when(mPackageManager.queryIntentServicesAsUser(any(), eq(PackageManager.GET_META_DATA),
eq(userId))).thenReturn(services);
when(mPackageManager.getPackageUidAsUser(TEST_PACKAGE_NAME, userId))
@@ -3234,6 +3234,7 @@
assertTrue(testFactory.getMyStartRequested());
testFactory.terminate();
+ testFactory.assertNoRequestChanged();
if (networkCallback != null) mCm.unregisterNetworkCallback(networkCallback);
handlerThread.quit();
}
@@ -3318,6 +3319,7 @@
testFactory.setScoreFilter(42);
testFactory.terminate();
+ testFactory.assertNoRequestChanged();
if (i % 2 == 0) {
try {
@@ -4619,6 +4621,9 @@
// and the test factory should see it now that it isn't hopelessly outscored.
mCellNetworkAgent.disconnect();
cellNetworkCallback.expectCallback(CallbackEntry.LOST, mCellNetworkAgent);
+ // Wait for the network to be removed from internal structures before
+ // calling synchronous getter
+ waitForIdle();
assertLength(1, mCm.getAllNetworks());
testFactory.expectRequestAdd();
testFactory.assertRequestCountEquals(1);
@@ -4629,6 +4634,7 @@
mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR);
mCellNetworkAgent.connect(true);
cellNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent);
+ waitForIdle();
assertLength(2, mCm.getAllNetworks());
testFactory.expectRequestRemove();
testFactory.assertRequestCountEquals(0);
@@ -4640,8 +4646,9 @@
cellNetworkCallback.expectCallback(CallbackEntry.LOST, mCellNetworkAgent);
waitForIdle();
assertLength(1, mCm.getAllNetworks());
- } finally {
testFactory.terminate();
+ testFactory.assertNoRequestChanged();
+ } finally {
mCm.unregisterNetworkCallback(cellNetworkCallback);
handlerThread.quit();
}
@@ -4840,8 +4847,8 @@
final ContentResolver cr = mServiceContext.getContentResolver();
final String settingName = ConnectivitySettingsManager.NETWORK_METERED_MULTIPATH_PREFERENCE;
- for (int config : Arrays.asList(0, 3, 2)) {
- for (String setting: Arrays.asList(null, "0", "2", "1")) {
+ for (int config : asList(0, 3, 2)) {
+ for (String setting: asList(null, "0", "2", "1")) {
mPolicyTracker.mConfigMeteredMultipathPreference = config;
Settings.Global.putString(cr, settingName, setting);
mPolicyTracker.reevaluate();
@@ -6000,10 +6007,10 @@
networkCallback.expectCallback(CallbackEntry.BLOCKED_STATUS, networkAgent);
networkCallback.expectCapabilitiesWith(NET_CAPABILITY_VALIDATED, networkAgent);
networkCallback.assertNoCallback();
- checkDirectlyConnectedRoutes(cbi.getLp(), Arrays.asList(myIpv4Address),
- Arrays.asList(myIpv4DefaultRoute));
+ checkDirectlyConnectedRoutes(cbi.getLp(), asList(myIpv4Address),
+ asList(myIpv4DefaultRoute));
checkDirectlyConnectedRoutes(mCm.getLinkProperties(networkAgent.getNetwork()),
- Arrays.asList(myIpv4Address), Arrays.asList(myIpv4DefaultRoute));
+ asList(myIpv4Address), asList(myIpv4DefaultRoute));
// Verify direct routes are added during subsequent link properties updates.
LinkProperties newLp = new LinkProperties(lp);
@@ -6015,8 +6022,8 @@
cbi = networkCallback.expectCallback(CallbackEntry.LINK_PROPERTIES_CHANGED, networkAgent);
networkCallback.assertNoCallback();
checkDirectlyConnectedRoutes(cbi.getLp(),
- Arrays.asList(myIpv4Address, myIpv6Address1, myIpv6Address2),
- Arrays.asList(myIpv4DefaultRoute));
+ asList(myIpv4Address, myIpv6Address1, myIpv6Address2),
+ asList(myIpv4DefaultRoute));
mCm.unregisterNetworkCallback(networkCallback);
}
@@ -6029,7 +6036,7 @@
verify(mStatsManager, atLeastOnce()).notifyNetworkStatus(networksCaptor.capture(),
any(List.class), eq(defaultIface), vpnInfosCaptor.capture());
- assertSameElements(networksCaptor.getValue(), networks);
+ assertSameElements(networks, networksCaptor.getValue());
List<UnderlyingNetworkInfo> infos = vpnInfosCaptor.getValue();
if (vpnUid != null) {
@@ -6234,6 +6241,77 @@
}
@Test
+ public void testNonVpnUnderlyingNetworks() throws Exception {
+ // Ensure wifi and cellular are not torn down.
+ for (int transport : new int[]{TRANSPORT_CELLULAR, TRANSPORT_WIFI}) {
+ final NetworkRequest request = new NetworkRequest.Builder()
+ .addTransportType(transport)
+ .removeCapability(NET_CAPABILITY_NOT_VCN_MANAGED)
+ .build();
+ mCm.requestNetwork(request, new NetworkCallback());
+ }
+
+ // Connect a VCN-managed wifi network.
+ final LinkProperties wifiLp = new LinkProperties();
+ wifiLp.setInterfaceName(WIFI_IFNAME);
+ mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI, wifiLp);
+ mWiFiNetworkAgent.removeCapability(NET_CAPABILITY_NOT_VCN_MANAGED);
+ mWiFiNetworkAgent.addCapability(NET_CAPABILITY_NOT_METERED);
+ mWiFiNetworkAgent.connect(true /* validated */);
+
+ final List<Network> none = List.of();
+ expectNotifyNetworkStatus(none, null); // Wifi is not the default network
+
+ // Create a virtual network based on the wifi network.
+ final int ownerUid = 10042;
+ NetworkCapabilities nc = new NetworkCapabilities.Builder()
+ .setOwnerUid(ownerUid)
+ .setAdministratorUids(new int[]{ownerUid})
+ .build();
+ final String vcnIface = "ipsec42";
+ final LinkProperties lp = new LinkProperties();
+ lp.setInterfaceName(vcnIface);
+ final TestNetworkAgentWrapper vcn = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR, lp, nc);
+ vcn.setUnderlyingNetworks(List.of(mWiFiNetworkAgent.getNetwork()));
+ vcn.connect(false /* validated */);
+
+ final TestNetworkCallback callback = new TestNetworkCallback();
+ mCm.registerDefaultNetworkCallback(callback);
+ callback.expectAvailableCallbacksUnvalidated(vcn);
+
+ // The underlying wifi network's capabilities are not propagated to the virtual network,
+ // but NetworkStatsService is informed of the underlying interface.
+ nc = mCm.getNetworkCapabilities(vcn.getNetwork());
+ assertFalse(nc.hasTransport(TRANSPORT_WIFI));
+ assertFalse(nc.hasCapability(NET_CAPABILITY_NOT_METERED));
+ final List<Network> onlyVcn = List.of(vcn.getNetwork());
+ expectNotifyNetworkStatus(onlyVcn, vcnIface, ownerUid, vcnIface, List.of(WIFI_IFNAME));
+
+ // Add NOT_METERED to the underlying network, check that it is not propagated.
+ mWiFiNetworkAgent.addCapability(NET_CAPABILITY_NOT_METERED);
+ callback.assertNoCallback();
+ nc = mCm.getNetworkCapabilities(vcn.getNetwork());
+ assertFalse(nc.hasCapability(NET_CAPABILITY_NOT_METERED));
+
+ // Switch underlying networks.
+ final LinkProperties cellLp = new LinkProperties();
+ cellLp.setInterfaceName(MOBILE_IFNAME);
+ mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR, cellLp);
+ mCellNetworkAgent.removeCapability(NET_CAPABILITY_NOT_VCN_MANAGED);
+ mCellNetworkAgent.addCapability(NET_CAPABILITY_NOT_ROAMING);
+ mCellNetworkAgent.connect(false /* validated */);
+ vcn.setUnderlyingNetworks(List.of(mCellNetworkAgent.getNetwork()));
+
+ // The underlying capability changes do not propagate to the virtual network, but
+ // NetworkStatsService is informed of the new underlying interface.
+ callback.assertNoCallback();
+ nc = mCm.getNetworkCapabilities(vcn.getNetwork());
+ assertFalse(nc.hasTransport(TRANSPORT_WIFI));
+ assertFalse(nc.hasCapability(NET_CAPABILITY_NOT_ROAMING));
+ expectNotifyNetworkStatus(onlyVcn, vcnIface, ownerUid, vcnIface, List.of(MOBILE_IFNAME));
+ }
+
+ @Test
public void testBasicDnsConfigurationPushed() throws Exception {
setPrivateDnsSettings(PRIVATE_DNS_MODE_OPPORTUNISTIC, "ignored.example.com");
@@ -6273,9 +6351,9 @@
mResolverParamsParcelCaptor.capture());
ResolverParamsParcel resolvrParams = mResolverParamsParcelCaptor.getValue();
assertEquals(1, resolvrParams.servers.length);
- assertTrue(ArrayUtils.contains(resolvrParams.servers, "2001:db8::1"));
+ assertTrue(CollectionUtils.contains(resolvrParams.servers, "2001:db8::1"));
// Opportunistic mode.
- assertTrue(ArrayUtils.contains(resolvrParams.tlsServers, "2001:db8::1"));
+ assertTrue(CollectionUtils.contains(resolvrParams.tlsServers, "2001:db8::1"));
reset(mMockDnsResolver);
cellLp.addDnsServer(InetAddress.getByName("192.0.2.1"));
@@ -6285,12 +6363,12 @@
mResolverParamsParcelCaptor.capture());
resolvrParams = mResolverParamsParcelCaptor.getValue();
assertEquals(2, resolvrParams.servers.length);
- assertTrue(ArrayUtils.containsAll(resolvrParams.servers,
- new String[]{"2001:db8::1", "192.0.2.1"}));
+ assertTrue(new ArraySet<>(resolvrParams.servers).containsAll(
+ asList("2001:db8::1", "192.0.2.1")));
// Opportunistic mode.
assertEquals(2, resolvrParams.tlsServers.length);
- assertTrue(ArrayUtils.containsAll(resolvrParams.tlsServers,
- new String[]{"2001:db8::1", "192.0.2.1"}));
+ assertTrue(new ArraySet<>(resolvrParams.tlsServers).containsAll(
+ asList("2001:db8::1", "192.0.2.1")));
reset(mMockDnsResolver);
final String TLS_SPECIFIER = "tls.example.com";
@@ -6305,8 +6383,8 @@
mResolverParamsParcelCaptor.capture());
resolvrParams = mResolverParamsParcelCaptor.getValue();
assertEquals(2, resolvrParams.servers.length);
- assertTrue(ArrayUtils.containsAll(resolvrParams.servers,
- new String[]{"2001:db8::1", "192.0.2.1"}));
+ assertTrue(new ArraySet<>(resolvrParams.servers).containsAll(
+ asList("2001:db8::1", "192.0.2.1")));
reset(mMockDnsResolver);
}
@@ -6413,12 +6491,12 @@
mResolverParamsParcelCaptor.capture());
ResolverParamsParcel resolvrParams = mResolverParamsParcelCaptor.getValue();
assertEquals(2, resolvrParams.tlsServers.length);
- assertTrue(ArrayUtils.containsAll(resolvrParams.tlsServers,
- new String[] { "2001:db8::1", "192.0.2.1" }));
+ assertTrue(new ArraySet<>(resolvrParams.tlsServers).containsAll(
+ asList("2001:db8::1", "192.0.2.1")));
// Opportunistic mode.
assertEquals(2, resolvrParams.tlsServers.length);
- assertTrue(ArrayUtils.containsAll(resolvrParams.tlsServers,
- new String[] { "2001:db8::1", "192.0.2.1" }));
+ assertTrue(new ArraySet<>(resolvrParams.tlsServers).containsAll(
+ asList("2001:db8::1", "192.0.2.1")));
reset(mMockDnsResolver);
cellNetworkCallback.expectCallback(CallbackEntry.AVAILABLE, mCellNetworkAgent);
cellNetworkCallback.expectCallback(CallbackEntry.NETWORK_CAPS_UPDATED,
@@ -6435,8 +6513,8 @@
mResolverParamsParcelCaptor.capture());
resolvrParams = mResolverParamsParcelCaptor.getValue();
assertEquals(2, resolvrParams.servers.length);
- assertTrue(ArrayUtils.containsAll(resolvrParams.servers,
- new String[] { "2001:db8::1", "192.0.2.1" }));
+ assertTrue(new ArraySet<>(resolvrParams.servers).containsAll(
+ asList("2001:db8::1", "192.0.2.1")));
reset(mMockDnsResolver);
cellNetworkCallback.assertNoCallback();
@@ -6445,11 +6523,11 @@
mResolverParamsParcelCaptor.capture());
resolvrParams = mResolverParamsParcelCaptor.getValue();
assertEquals(2, resolvrParams.servers.length);
- assertTrue(ArrayUtils.containsAll(resolvrParams.servers,
- new String[] { "2001:db8::1", "192.0.2.1" }));
+ assertTrue(new ArraySet<>(resolvrParams.servers).containsAll(
+ asList("2001:db8::1", "192.0.2.1")));
assertEquals(2, resolvrParams.tlsServers.length);
- assertTrue(ArrayUtils.containsAll(resolvrParams.tlsServers,
- new String[] { "2001:db8::1", "192.0.2.1" }));
+ assertTrue(new ArraySet<>(resolvrParams.tlsServers).containsAll(
+ asList("2001:db8::1", "192.0.2.1")));
reset(mMockDnsResolver);
cellNetworkCallback.assertNoCallback();
@@ -7485,7 +7563,7 @@
// Start the restricted profile, and check that the UID within it loses network access.
when(mPackageManager.getPackageUidAsUser(ALWAYS_ON_PACKAGE, RESTRICTED_USER))
.thenReturn(UserHandle.getUid(RESTRICTED_USER, VPN_UID));
- when(mUserManager.getAliveUsers()).thenReturn(Arrays.asList(PRIMARY_USER_INFO,
+ when(mUserManager.getAliveUsers()).thenReturn(asList(PRIMARY_USER_INFO,
RESTRICTED_USER_INFO));
// TODO: check that VPN app within restricted profile still has access, etc.
final Intent addedIntent = new Intent(ACTION_USER_ADDED);
@@ -7496,7 +7574,7 @@
assertNull(mCm.getActiveNetworkForUid(restrictedUid));
// Stop the restricted profile, and check that the UID within it has network access again.
- when(mUserManager.getAliveUsers()).thenReturn(Arrays.asList(PRIMARY_USER_INFO));
+ when(mUserManager.getAliveUsers()).thenReturn(asList(PRIMARY_USER_INFO));
// Send a USER_REMOVED broadcast and expect to lose the UID range for the restricted user.
final Intent removedIntent = new Intent(ACTION_USER_REMOVED);
@@ -7921,7 +7999,7 @@
// networks, ConnectivityService does not guarantee the order in which callbacks are fired.
private void assertBlockedCallbackInAnyOrder(TestNetworkCallback callback, boolean blocked,
TestNetworkAgentWrapper... agents) {
- final List<Network> expectedNetworks = Arrays.asList(agents).stream()
+ final List<Network> expectedNetworks = asList(agents).stream()
.map((agent) -> agent.getNetwork())
.collect(Collectors.toList());
@@ -8617,7 +8695,7 @@
mResolverParamsParcelCaptor.capture());
ResolverParamsParcel resolvrParams = mResolverParamsParcelCaptor.getValue();
assertEquals(1, resolvrParams.servers.length);
- assertTrue(ArrayUtils.contains(resolvrParams.servers, "8.8.8.8"));
+ assertTrue(CollectionUtils.contains(resolvrParams.servers, "8.8.8.8"));
for (final LinkProperties stackedLp : stackedLpsAfterChange) {
verify(mDeps).reportNetworkInterfaceForTransports(
@@ -9290,7 +9368,7 @@
InOrder inOrder = inOrder(mMockNetd);
// Update to new range which is old range minus APP1, i.e. only APP2
- final Set<UidRange> newRanges = new HashSet<>(Arrays.asList(
+ final Set<UidRange> newRanges = new HashSet<>(asList(
new UidRange(vpnRange.start, APP1_UID - 1),
new UidRange(APP1_UID + 1, vpnRange.stop)));
mMockVpn.setUids(newRanges);
@@ -10142,10 +10220,7 @@
mService.registerConnectivityDiagnosticsCallback(
mConnectivityDiagnosticsCallback, request, mContext.getPackageName());
- // Block until all other events are done processing.
- HandlerUtils.waitForIdle(mCsHandlerThread, TIMEOUT_MS);
-
- verify(mConnectivityDiagnosticsCallback)
+ verify(mConnectivityDiagnosticsCallback, timeout(TIMEOUT_MS))
.onConnectivityReportAvailable(argThat(report -> {
return INTERFACE_NAME.equals(report.getLinkProperties().getInterfaceName())
&& report.getNetworkCapabilities().hasTransport(TRANSPORT_CELLULAR);
@@ -10193,12 +10268,10 @@
throws Exception {
setUpConnectivityDiagnosticsCallback();
- // Block until all other events are done processing.
- HandlerUtils.waitForIdle(mCsHandlerThread, TIMEOUT_MS);
-
// Verify onConnectivityReport fired
- verify(mConnectivityDiagnosticsCallback).onConnectivityReportAvailable(
- argThat(report -> areConnDiagCapsRedacted(report.getNetworkCapabilities())));
+ verify(mConnectivityDiagnosticsCallback, timeout(TIMEOUT_MS))
+ .onConnectivityReportAvailable(argThat(report ->
+ areConnDiagCapsRedacted(report.getNetworkCapabilities())));
}
@Test
@@ -10209,11 +10282,8 @@
// cellular network agent
mCellNetworkAgent.notifyDataStallSuspected();
- // Block until all other events are done processing.
- HandlerUtils.waitForIdle(mCsHandlerThread, TIMEOUT_MS);
-
// Verify onDataStallSuspected fired
- verify(mConnectivityDiagnosticsCallback).onDataStallSuspected(
+ verify(mConnectivityDiagnosticsCallback, timeout(TIMEOUT_MS)).onDataStallSuspected(
argThat(report -> areConnDiagCapsRedacted(report.getNetworkCapabilities())));
}
@@ -10221,26 +10291,72 @@
public void testConnectivityDiagnosticsCallbackOnConnectivityReported() throws Exception {
setUpConnectivityDiagnosticsCallback();
+ // reset to ignore callbacks from setup
+ reset(mConnectivityDiagnosticsCallback);
+
final Network n = mCellNetworkAgent.getNetwork();
final boolean hasConnectivity = true;
mService.reportNetworkConnectivity(n, hasConnectivity);
- // Block until all other events are done processing.
- HandlerUtils.waitForIdle(mCsHandlerThread, TIMEOUT_MS);
-
// Verify onNetworkConnectivityReported fired
- verify(mConnectivityDiagnosticsCallback)
+ verify(mConnectivityDiagnosticsCallback, timeout(TIMEOUT_MS))
.onNetworkConnectivityReported(eq(n), eq(hasConnectivity));
+ verify(mConnectivityDiagnosticsCallback, timeout(TIMEOUT_MS))
+ .onConnectivityReportAvailable(
+ argThat(report ->
+ areConnDiagCapsRedacted(report.getNetworkCapabilities())));
final boolean noConnectivity = false;
mService.reportNetworkConnectivity(n, noConnectivity);
+ // Wait for onNetworkConnectivityReported to fire
+ verify(mConnectivityDiagnosticsCallback, timeout(TIMEOUT_MS))
+ .onNetworkConnectivityReported(eq(n), eq(noConnectivity));
+
+ // Also expect a ConnectivityReport after NetworkMonitor asynchronously re-validates
+ verify(mConnectivityDiagnosticsCallback, timeout(TIMEOUT_MS).times(2))
+ .onConnectivityReportAvailable(
+ argThat(report ->
+ areConnDiagCapsRedacted(report.getNetworkCapabilities())));
+ }
+
+ @Test
+ public void testConnectivityDiagnosticsCallbackOnConnectivityReportedSeparateUid()
+ throws Exception {
+ setUpConnectivityDiagnosticsCallback();
+
+ // reset to ignore callbacks from setup
+ reset(mConnectivityDiagnosticsCallback);
+
+ // report known Connectivity from a different uid. Verify that network is not re-validated
+ // and this callback is not notified.
+ final Network n = mCellNetworkAgent.getNetwork();
+ final boolean hasConnectivity = true;
+ doAsUid(Process.myUid() + 1, () -> mService.reportNetworkConnectivity(n, hasConnectivity));
+
// Block until all other events are done processing.
HandlerUtils.waitForIdle(mCsHandlerThread, TIMEOUT_MS);
+ // Verify onNetworkConnectivityReported did not fire
+ verify(mConnectivityDiagnosticsCallback, never())
+ .onNetworkConnectivityReported(any(), anyBoolean());
+ verify(mConnectivityDiagnosticsCallback, never())
+ .onConnectivityReportAvailable(any());
+
+ // report different Connectivity from a different uid. Verify that network is re-validated
+ // and that this callback is notified.
+ final boolean noConnectivity = false;
+ doAsUid(Process.myUid() + 1, () -> mService.reportNetworkConnectivity(n, noConnectivity));
+
// Wait for onNetworkConnectivityReported to fire
- verify(mConnectivityDiagnosticsCallback)
+ verify(mConnectivityDiagnosticsCallback, timeout(TIMEOUT_MS))
.onNetworkConnectivityReported(eq(n), eq(noConnectivity));
+
+ // Also expect a ConnectivityReport after NetworkMonitor asynchronously re-validates
+ verify(mConnectivityDiagnosticsCallback, timeout(TIMEOUT_MS))
+ .onConnectivityReportAvailable(
+ argThat(report ->
+ areConnDiagCapsRedacted(report.getNetworkCapabilities())));
}
@Test
@@ -10360,13 +10476,13 @@
assertContainsExactly(exemptUidCaptor.getValue(), Process.VPN_UID, exemptUid);
if (add) {
- inOrder.verify(mMockNetd, times(1))
- .networkAddUidRanges(eq(mMockVpn.getNetwork().getNetId()),
- eq(toUidRangeStableParcels(vpnRanges)));
+ inOrder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(
+ new NativeUidRangeConfig(mMockVpn.getNetwork().getNetId(),
+ toUidRangeStableParcels(vpnRanges), PREFERENCE_PRIORITY_VPN));
} else {
- inOrder.verify(mMockNetd, times(1))
- .networkRemoveUidRanges(eq(mMockVpn.getNetwork().getNetId()),
- eq(toUidRangeStableParcels(vpnRanges)));
+ inOrder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(
+ new NativeUidRangeConfig(mMockVpn.getNetwork().getNetId(),
+ toUidRangeStableParcels(vpnRanges), PREFERENCE_PRIORITY_VPN));
}
inOrder.verify(mMockNetd, times(1)).socketDestroy(eq(toUidRangeStableParcels(vpnRanges)),
@@ -10394,7 +10510,7 @@
verify(mProxyTracker, never()).sendProxyBroadcast();
// Update to new range which is old range minus APP1, i.e. only APP2
- final Set<UidRange> newRanges = new HashSet<>(Arrays.asList(
+ final Set<UidRange> newRanges = new HashSet<>(asList(
new UidRange(vpnRange.start, APP1_UID - 1),
new UidRange(APP1_UID + 1, vpnRange.stop)));
mMockVpn.setUids(newRanges);
@@ -10840,7 +10956,7 @@
.createNrisFromOemNetworkPreferences(
createDefaultOemNetworkPreferences(prefToTest));
final NetworkRequestInfo nri = nris.iterator().next();
- assertEquals(DEFAULT_NETWORK_PRIORITY_OEM, nri.getDefaultNetworkPriority());
+ assertEquals(PREFERENCE_PRIORITY_OEM, nri.mPreferencePriority);
final List<NetworkRequest> mRequests = nri.mRequests;
assertEquals(expectedNumOfNris, nris.size());
assertEquals(expectedNumOfRequests, mRequests.size());
@@ -10870,7 +10986,7 @@
.createNrisFromOemNetworkPreferences(
createDefaultOemNetworkPreferences(prefToTest));
final NetworkRequestInfo nri = nris.iterator().next();
- assertEquals(DEFAULT_NETWORK_PRIORITY_OEM, nri.getDefaultNetworkPriority());
+ assertEquals(PREFERENCE_PRIORITY_OEM, nri.mPreferencePriority);
final List<NetworkRequest> mRequests = nri.mRequests;
assertEquals(expectedNumOfNris, nris.size());
assertEquals(expectedNumOfRequests, mRequests.size());
@@ -10897,7 +11013,7 @@
.createNrisFromOemNetworkPreferences(
createDefaultOemNetworkPreferences(prefToTest));
final NetworkRequestInfo nri = nris.iterator().next();
- assertEquals(DEFAULT_NETWORK_PRIORITY_OEM, nri.getDefaultNetworkPriority());
+ assertEquals(PREFERENCE_PRIORITY_OEM, nri.mPreferencePriority);
final List<NetworkRequest> mRequests = nri.mRequests;
assertEquals(expectedNumOfNris, nris.size());
assertEquals(expectedNumOfRequests, mRequests.size());
@@ -10921,7 +11037,7 @@
.createNrisFromOemNetworkPreferences(
createDefaultOemNetworkPreferences(prefToTest));
final NetworkRequestInfo nri = nris.iterator().next();
- assertEquals(DEFAULT_NETWORK_PRIORITY_OEM, nri.getDefaultNetworkPriority());
+ assertEquals(PREFERENCE_PRIORITY_OEM, nri.mPreferencePriority);
final List<NetworkRequest> mRequests = nri.mRequests;
assertEquals(expectedNumOfNris, nris.size());
assertEquals(expectedNumOfRequests, mRequests.size());
@@ -10995,7 +11111,7 @@
final int secondUserTestPackageUid = UserHandle.getUid(SECONDARY_USER, TEST_PACKAGE_UID);
final int thirdUserTestPackageUid = UserHandle.getUid(TERTIARY_USER, TEST_PACKAGE_UID);
when(mUserManager.getUserHandles(anyBoolean())).thenReturn(
- Arrays.asList(PRIMARY_USER_HANDLE, SECONDARY_USER_HANDLE, TERTIARY_USER_HANDLE));
+ asList(PRIMARY_USER_HANDLE, SECONDARY_USER_HANDLE, TERTIARY_USER_HANDLE));
// Arrange PackageManager mocks testing for users who have and don't have a package.
mockGetApplicationInfoThrowsNameNotFound(TEST_PACKAGE_NAME, PRIMARY_USER_HANDLE);
@@ -11299,19 +11415,29 @@
@OemNetworkPreferences.OemNetworkPreference final int networkPrefToSetup,
@NonNull final UidRangeParcel[] uidRanges,
@NonNull final String testPackageName) throws Exception {
- setupSetOemNetworkPreferenceForPreferenceTest(
- networkPrefToSetup, uidRanges, testPackageName, true);
+ setupSetOemNetworkPreferenceForPreferenceTest(networkPrefToSetup, uidRanges,
+ testPackageName, PRIMARY_USER_HANDLE, true /* hasAutomotiveFeature */);
}
private void setupSetOemNetworkPreferenceForPreferenceTest(
@OemNetworkPreferences.OemNetworkPreference final int networkPrefToSetup,
@NonNull final UidRangeParcel[] uidRanges,
@NonNull final String testPackageName,
+ @NonNull final UserHandle user) throws Exception {
+ setupSetOemNetworkPreferenceForPreferenceTest(networkPrefToSetup, uidRanges,
+ testPackageName, user, true /* hasAutomotiveFeature */);
+ }
+
+ private void setupSetOemNetworkPreferenceForPreferenceTest(
+ @OemNetworkPreferences.OemNetworkPreference final int networkPrefToSetup,
+ @NonNull final UidRangeParcel[] uidRanges,
+ @NonNull final String testPackageName,
+ @NonNull final UserHandle user,
final boolean hasAutomotiveFeature) throws Exception {
mockHasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE, hasAutomotiveFeature);
// These tests work off a single UID therefore using 'start' is valid.
- mockGetApplicationInfo(testPackageName, uidRanges[0].start);
+ mockGetApplicationInfo(testPackageName, uidRanges[0].start, user);
setOemNetworkPreference(networkPrefToSetup, testPackageName);
}
@@ -11598,14 +11724,15 @@
final boolean useAnyIdForAdd = OEM_PREF_ANY_NET_ID == addUidRangesNetId;
final boolean useAnyIdForRemove = OEM_PREF_ANY_NET_ID == removeUidRangesNetId;
- // Validate netd.
- verify(mMockNetd, times(addUidRangesTimes))
- .networkAddUidRanges(
- (useAnyIdForAdd ? anyInt() : eq(addUidRangesNetId)), eq(addedUidRanges));
- verify(mMockNetd, times(removeUidRangesTimes))
- .networkRemoveUidRanges(
- (useAnyIdForRemove ? anyInt() : eq(removeUidRangesNetId)),
- eq(removedUidRanges));
+ // Validate that add/remove uid range (with oem priority) to/from netd.
+ verify(mMockNetd, times(addUidRangesTimes)).networkAddUidRangesParcel(argThat(config ->
+ (useAnyIdForAdd ? true : addUidRangesNetId == config.netId)
+ && Arrays.equals(addedUidRanges, config.uidRanges)
+ && PREFERENCE_PRIORITY_OEM == config.subPriority));
+ verify(mMockNetd, times(removeUidRangesTimes)).networkRemoveUidRangesParcel(
+ argThat(config -> (useAnyIdForRemove ? true : removeUidRangesNetId == config.netId)
+ && Arrays.equals(removedUidRanges, config.uidRanges)
+ && PREFERENCE_PRIORITY_OEM == config.subPriority));
if (shouldDestroyNetwork) {
verify(mMockNetd, times(1))
.networkDestroy((useAnyIdForRemove ? anyInt() : eq(removeUidRangesNetId)));
@@ -11655,7 +11782,7 @@
// Add an OEM default network request to track.
setupSetOemNetworkPreferenceForPreferenceTest(
- networkPref, uidRanges, validTestPackageName,
+ networkPref, uidRanges, validTestPackageName, PRIMARY_USER_HANDLE,
false /* hasAutomotiveFeature */);
// Two requests should now exist; the system default and the test request.
@@ -11931,7 +12058,7 @@
final int secondUser = 10;
final UserHandle secondUserHandle = new UserHandle(secondUser);
when(mUserManager.getUserHandles(anyBoolean())).thenReturn(
- Arrays.asList(PRIMARY_USER_HANDLE, secondUserHandle));
+ asList(PRIMARY_USER_HANDLE, secondUserHandle));
// Arrange PackageManager mocks
final int secondUserTestPackageUid = UserHandle.getUid(secondUser, TEST_PACKAGE_UID);
@@ -11972,7 +12099,7 @@
final int secondUser = 10;
final UserHandle secondUserHandle = new UserHandle(secondUser);
when(mUserManager.getUserHandles(anyBoolean())).thenReturn(
- Arrays.asList(PRIMARY_USER_HANDLE));
+ asList(PRIMARY_USER_HANDLE));
// Arrange PackageManager mocks
final int secondUserTestPackageUid = UserHandle.getUid(secondUser, TEST_PACKAGE_UID);
@@ -12000,7 +12127,7 @@
// Send a broadcast indicating a user was added.
when(mUserManager.getUserHandles(anyBoolean())).thenReturn(
- Arrays.asList(PRIMARY_USER_HANDLE, secondUserHandle));
+ asList(PRIMARY_USER_HANDLE, secondUserHandle));
final Intent addedIntent = new Intent(ACTION_USER_ADDED);
addedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(secondUser));
processBroadcast(addedIntent);
@@ -12013,7 +12140,7 @@
// Send a broadcast indicating a user was removed.
when(mUserManager.getUserHandles(anyBoolean())).thenReturn(
- Arrays.asList(PRIMARY_USER_HANDLE));
+ asList(PRIMARY_USER_HANDLE));
final Intent removedIntent = new Intent(ACTION_USER_REMOVED);
removedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(secondUser));
processBroadcast(removedIntent);
@@ -12758,8 +12885,9 @@
// rules to the correct network – in this case the system default network. The case where
// the default network for the profile happens to be the same as the system default
// is not handled specially, the rules are always active as long as a preference is set.
- inOrder.verify(mMockNetd).networkAddUidRanges(mCellNetworkAgent.getNetwork().netId,
- uidRangeFor(testHandle));
+ inOrder.verify(mMockNetd).networkAddUidRangesParcel(new NativeUidRangeConfig(
+ mCellNetworkAgent.getNetwork().netId, uidRangeFor(testHandle),
+ PREFERENCE_PRIORITY_PROFILE));
// The enterprise network is not ready yet.
assertNoCallbacks(mSystemDefaultNetworkCallback, mDefaultNetworkCallback,
@@ -12773,10 +12901,12 @@
mDefaultNetworkCallback.assertNoCallback();
inOrder.verify(mMockNetd).networkCreate(
nativeNetworkConfigPhysical(workAgent.getNetwork().netId, INetd.PERMISSION_SYSTEM));
- inOrder.verify(mMockNetd).networkAddUidRanges(workAgent.getNetwork().netId,
- uidRangeFor(testHandle));
- inOrder.verify(mMockNetd).networkRemoveUidRanges(mCellNetworkAgent.getNetwork().netId,
- uidRangeFor(testHandle));
+ inOrder.verify(mMockNetd).networkAddUidRangesParcel(new NativeUidRangeConfig(
+ workAgent.getNetwork().netId, uidRangeFor(testHandle),
+ PREFERENCE_PRIORITY_PROFILE));
+ inOrder.verify(mMockNetd).networkRemoveUidRangesParcel(new NativeUidRangeConfig(
+ mCellNetworkAgent.getNetwork().netId, uidRangeFor(testHandle),
+ PREFERENCE_PRIORITY_PROFILE));
// Make sure changes to the work agent send callbacks to the app in the work profile, but
// not to the other apps.
@@ -12824,8 +12954,9 @@
mProfileDefaultNetworkCallback.expectCallback(CallbackEntry.LOST, workAgent);
mProfileDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
assertNoCallbacks(mSystemDefaultNetworkCallback, mDefaultNetworkCallback);
- inOrder.verify(mMockNetd).networkAddUidRanges(mCellNetworkAgent.getNetwork().netId,
- uidRangeFor(testHandle));
+ inOrder.verify(mMockNetd).networkAddUidRangesParcel(new NativeUidRangeConfig(
+ mCellNetworkAgent.getNetwork().netId, uidRangeFor(testHandle),
+ PREFERENCE_PRIORITY_PROFILE));
inOrder.verify(mMockNetd).networkDestroy(workAgent.getNetwork().netId);
mCellNetworkAgent.disconnect();
@@ -12848,8 +12979,9 @@
assertNoCallbacks(mSystemDefaultNetworkCallback, mDefaultNetworkCallback);
inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical(
workAgent2.getNetwork().netId, INetd.PERMISSION_SYSTEM));
- inOrder.verify(mMockNetd).networkAddUidRanges(workAgent2.getNetwork().netId,
- uidRangeFor(testHandle));
+ inOrder.verify(mMockNetd).networkAddUidRangesParcel(new NativeUidRangeConfig(
+ workAgent2.getNetwork().netId, uidRangeFor(testHandle),
+ PREFERENCE_PRIORITY_PROFILE));
workAgent2.setNetworkValid(true /* isStrictMode */);
workAgent2.mNetworkMonitor.forceReevaluation(Process.myUid());
@@ -12857,7 +12989,7 @@
nc -> nc.hasCapability(NET_CAPABILITY_ENTERPRISE)
&& !nc.hasCapability(NET_CAPABILITY_NOT_RESTRICTED));
assertNoCallbacks(mSystemDefaultNetworkCallback, mDefaultNetworkCallback);
- inOrder.verify(mMockNetd, never()).networkAddUidRanges(anyInt(), any());
+ inOrder.verify(mMockNetd, never()).networkAddUidRangesParcel(any());
// When the agent disconnects, test that the app on the work profile falls back to the
// default network.
@@ -12894,8 +13026,9 @@
listener.expectOnComplete();
inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical(
mCellNetworkAgent.getNetwork().netId, INetd.PERMISSION_NONE));
- inOrder.verify(mMockNetd).networkAddUidRanges(workAgent.getNetwork().netId,
- uidRangeFor(testHandle));
+ inOrder.verify(mMockNetd).networkAddUidRangesParcel(new NativeUidRangeConfig(
+ workAgent.getNetwork().netId, uidRangeFor(testHandle),
+ PREFERENCE_PRIORITY_PROFILE));
registerDefaultNetworkCallbacks();
@@ -12909,8 +13042,9 @@
mProfileDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
assertNoCallbacks(mSystemDefaultNetworkCallback, mDefaultNetworkCallback);
- inOrder.verify(mMockNetd).networkRemoveUidRanges(workAgent.getNetwork().netId,
- uidRangeFor(testHandle));
+ inOrder.verify(mMockNetd).networkRemoveUidRangesParcel(new NativeUidRangeConfig(
+ workAgent.getNetwork().netId, uidRangeFor(testHandle),
+ PREFERENCE_PRIORITY_PROFILE));
workAgent.disconnect();
mCellNetworkAgent.disconnect();
@@ -12954,8 +13088,9 @@
mCm.setProfileNetworkPreference(testHandle2, PROFILE_NETWORK_PREFERENCE_ENTERPRISE,
r -> r.run(), listener);
listener.expectOnComplete();
- inOrder.verify(mMockNetd).networkAddUidRanges(workAgent.getNetwork().netId,
- uidRangeFor(testHandle2));
+ inOrder.verify(mMockNetd).networkAddUidRangesParcel(new NativeUidRangeConfig(
+ workAgent.getNetwork().netId, uidRangeFor(testHandle2),
+ PREFERENCE_PRIORITY_PROFILE));
mProfileDefaultNetworkCallback.expectAvailableCallbacksValidated(workAgent);
assertNoCallbacks(mSystemDefaultNetworkCallback, mDefaultNetworkCallback,
@@ -12964,8 +13099,9 @@
mCm.setProfileNetworkPreference(testHandle4, PROFILE_NETWORK_PREFERENCE_ENTERPRISE,
r -> r.run(), listener);
listener.expectOnComplete();
- inOrder.verify(mMockNetd).networkAddUidRanges(workAgent.getNetwork().netId,
- uidRangeFor(testHandle4));
+ inOrder.verify(mMockNetd).networkAddUidRangesParcel(new NativeUidRangeConfig(
+ workAgent.getNetwork().netId, uidRangeFor(testHandle4),
+ PREFERENCE_PRIORITY_PROFILE));
app4Cb.expectAvailableCallbacksValidated(workAgent);
assertNoCallbacks(mSystemDefaultNetworkCallback, mDefaultNetworkCallback,
@@ -12974,8 +13110,9 @@
mCm.setProfileNetworkPreference(testHandle2, PROFILE_NETWORK_PREFERENCE_DEFAULT,
r -> r.run(), listener);
listener.expectOnComplete();
- inOrder.verify(mMockNetd).networkRemoveUidRanges(workAgent.getNetwork().netId,
- uidRangeFor(testHandle2));
+ inOrder.verify(mMockNetd).networkRemoveUidRangesParcel(new NativeUidRangeConfig(
+ workAgent.getNetwork().netId, uidRangeFor(testHandle2),
+ PREFERENCE_PRIORITY_PROFILE));
mProfileDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
assertNoCallbacks(mSystemDefaultNetworkCallback, mDefaultNetworkCallback,
@@ -13002,47 +13139,17 @@
listener.expectOnComplete();
inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical(
mCellNetworkAgent.getNetwork().netId, INetd.PERMISSION_NONE));
- inOrder.verify(mMockNetd).networkAddUidRanges(mCellNetworkAgent.getNetwork().netId,
- uidRangeFor(testHandle));
+ inOrder.verify(mMockNetd).networkAddUidRangesParcel(new NativeUidRangeConfig(
+ mCellNetworkAgent.getNetwork().netId, uidRangeFor(testHandle),
+ PREFERENCE_PRIORITY_PROFILE));
final Intent removedIntent = new Intent(ACTION_USER_REMOVED);
removedIntent.putExtra(Intent.EXTRA_USER, testHandle);
processBroadcast(removedIntent);
- inOrder.verify(mMockNetd).networkRemoveUidRanges(mCellNetworkAgent.getNetwork().netId,
- uidRangeFor(testHandle));
- }
-
- /**
- * Make sure that OEM preference and per-profile preference can't be used at the same
- * time and throw ISE if tried
- */
- @Test
- public void testOemPreferenceAndProfilePreferenceExclusive() throws Exception {
- final UserHandle testHandle = UserHandle.of(TEST_WORK_PROFILE_USER_ID);
- mServiceContext.setWorkProfile(testHandle, true);
- final TestOnCompleteListener listener = new TestOnCompleteListener();
-
- setupMultipleDefaultNetworksForOemNetworkPreferenceNotCurrentUidTest(
- OEM_NETWORK_PREFERENCE_OEM_PAID_ONLY);
- assertThrows("Should not be able to set per-profile pref while OEM prefs present",
- IllegalStateException.class, () ->
- mCm.setProfileNetworkPreference(testHandle,
- PROFILE_NETWORK_PREFERENCE_ENTERPRISE,
- r -> r.run(), listener));
-
- // Empty the OEM prefs
- final TestOemListenerCallback oemPrefListener = new TestOemListenerCallback();
- final OemNetworkPreferences emptyOemPref = new OemNetworkPreferences.Builder().build();
- mService.setOemNetworkPreference(emptyOemPref, oemPrefListener);
- oemPrefListener.expectOnComplete();
-
- mCm.setProfileNetworkPreference(testHandle, PROFILE_NETWORK_PREFERENCE_ENTERPRISE,
- r -> r.run(), listener);
- listener.expectOnComplete();
- assertThrows("Should not be able to set OEM prefs while per-profile pref is on",
- IllegalStateException.class , () ->
- mService.setOemNetworkPreference(emptyOemPref, oemPrefListener));
+ inOrder.verify(mMockNetd).networkRemoveUidRangesParcel(new NativeUidRangeConfig(
+ mCellNetworkAgent.getNetwork().netId, uidRangeFor(testHandle),
+ PREFERENCE_PRIORITY_PROFILE));
}
/**
@@ -13213,8 +13320,7 @@
assertEquals(1, nris.size());
assertTrue(nri.isMultilayerRequest());
assertEquals(nri.getUids(), uidRangesForUids(uids));
- assertEquals(DEFAULT_NETWORK_PRIORITY_MOBILE_DATA_PREFERRED,
- nri.getDefaultNetworkPriority());
+ assertEquals(PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED, nri.mPreferencePriority);
}
/**
@@ -13259,15 +13365,17 @@
// Initial mobile data preferred uids status.
setAndUpdateMobileDataPreferredUids(Set.of());
- inorder.verify(mMockNetd, never()).networkAddUidRanges(anyInt(), any());
- inorder.verify(mMockNetd, never()).networkRemoveUidRanges(anyInt(), any());
+ inorder.verify(mMockNetd, never()).networkAddUidRangesParcel(any());
+ inorder.verify(mMockNetd, never()).networkRemoveUidRangesParcel(any());
// Set MOBILE_DATA_PREFERRED_UIDS setting and verify that net id and uid ranges send to netd
final Set<Integer> uids1 = Set.of(PRIMARY_USER_HANDLE.getUid(TEST_PACKAGE_UID));
final UidRangeParcel[] uidRanges1 = toUidRangeStableParcels(uidRangesForUids(uids1));
+ final NativeUidRangeConfig config1 = new NativeUidRangeConfig(cellNetId, uidRanges1,
+ PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED);
setAndUpdateMobileDataPreferredUids(uids1);
- inorder.verify(mMockNetd, times(1)).networkAddUidRanges(cellNetId, uidRanges1);
- inorder.verify(mMockNetd, never()).networkRemoveUidRanges(anyInt(), any());
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(config1);
+ inorder.verify(mMockNetd, never()).networkRemoveUidRangesParcel(any());
// Set MOBILE_DATA_PREFERRED_UIDS setting again and verify that old rules are removed and
// new rules are added.
@@ -13275,17 +13383,17 @@
PRIMARY_USER_HANDLE.getUid(TEST_PACKAGE_UID2),
SECONDARY_USER_HANDLE.getUid(TEST_PACKAGE_UID));
final UidRangeParcel[] uidRanges2 = toUidRangeStableParcels(uidRangesForUids(uids2));
+ final NativeUidRangeConfig config2 = new NativeUidRangeConfig(cellNetId, uidRanges2,
+ PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED);
setAndUpdateMobileDataPreferredUids(uids2);
- inorder.verify(mMockNetd, times(1)).networkRemoveUidRanges(cellNetId, uidRanges1);
- inorder.verify(mMockNetd, times(1)).networkAddUidRanges(cellNetId, uidRanges2);
+ inorder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(config1);
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(config2);
// Clear MOBILE_DATA_PREFERRED_UIDS setting again and verify that old rules are removed and
// new rules are not added.
- final Set<Integer> uids3 = Set.of();
- final UidRangeParcel[] uidRanges3 = toUidRangeStableParcels(uidRangesForUids(uids3));
- setAndUpdateMobileDataPreferredUids(uids3);
- inorder.verify(mMockNetd, times(1)).networkRemoveUidRanges(cellNetId, uidRanges2);
- inorder.verify(mMockNetd, never()).networkAddUidRanges(anyInt(), any());
+ setAndUpdateMobileDataPreferredUids(Set.of());
+ inorder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(config2);
+ inorder.verify(mMockNetd, never()).networkAddUidRangesParcel(any());
}
/**
@@ -13316,16 +13424,18 @@
// Initial mobile data preferred uids status.
setAndUpdateMobileDataPreferredUids(Set.of());
- inorder.verify(mMockNetd, never()).networkAddUidRanges(anyInt(), any());
- inorder.verify(mMockNetd, never()).networkRemoveUidRanges(anyInt(), any());
+ inorder.verify(mMockNetd, never()).networkAddUidRangesParcel(any());
+ inorder.verify(mMockNetd, never()).networkRemoveUidRangesParcel(any());
// Set MOBILE_DATA_PREFERRED_UIDS setting and verify that wifi net id and uid ranges send to
// netd.
final Set<Integer> uids = Set.of(PRIMARY_USER_HANDLE.getUid(TEST_PACKAGE_UID));
final UidRangeParcel[] uidRanges = toUidRangeStableParcels(uidRangesForUids(uids));
+ final NativeUidRangeConfig wifiConfig = new NativeUidRangeConfig(wifiNetId, uidRanges,
+ PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED);
setAndUpdateMobileDataPreferredUids(uids);
- inorder.verify(mMockNetd, times(1)).networkAddUidRanges(wifiNetId, uidRanges);
- inorder.verify(mMockNetd, never()).networkRemoveUidRanges(anyInt(), any());
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(wifiConfig);
+ inorder.verify(mMockNetd, never()).networkRemoveUidRangesParcel(any());
// Cellular network connected. mTestPackageDefaultNetworkCallback should receive
// callback with cellular network and net id and uid ranges should be updated to netd.
@@ -13337,10 +13447,12 @@
assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
final int cellNetId = mCellNetworkAgent.getNetwork().netId;
+ final NativeUidRangeConfig cellConfig = new NativeUidRangeConfig(cellNetId, uidRanges,
+ PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED);
inorder.verify(mMockNetd, times(1)).networkCreate(nativeNetworkConfigPhysical(
cellNetId, INetd.PERMISSION_NONE));
- inorder.verify(mMockNetd, times(1)).networkAddUidRanges(cellNetId, uidRanges);
- inorder.verify(mMockNetd, times(1)).networkRemoveUidRanges(wifiNetId, uidRanges);
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(cellConfig);
+ inorder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(wifiConfig);
// Cellular network disconnected. mTestPackageDefaultNetworkCallback should receive
// callback with wifi network from fallback request.
@@ -13350,8 +13462,8 @@
mTestPackageDefaultNetworkCallback.expectCallback(CallbackEntry.LOST, mCellNetworkAgent);
mTestPackageDefaultNetworkCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
- inorder.verify(mMockNetd, times(1)).networkAddUidRanges(wifiNetId, uidRanges);
- inorder.verify(mMockNetd, never()).networkRemoveUidRanges(anyInt(), any());
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(wifiConfig);
+ inorder.verify(mMockNetd, never()).networkRemoveUidRangesParcel(any());
inorder.verify(mMockNetd).networkDestroy(cellNetId);
// Cellular network comes back. mTestPackageDefaultNetworkCallback should receive
@@ -13364,10 +13476,12 @@
assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
final int cellNetId2 = mCellNetworkAgent.getNetwork().netId;
+ final NativeUidRangeConfig cellConfig2 = new NativeUidRangeConfig(cellNetId2, uidRanges,
+ PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED);
inorder.verify(mMockNetd, times(1)).networkCreate(nativeNetworkConfigPhysical(
cellNetId2, INetd.PERMISSION_NONE));
- inorder.verify(mMockNetd, times(1)).networkAddUidRanges(cellNetId2, uidRanges);
- inorder.verify(mMockNetd, times(1)).networkRemoveUidRanges(wifiNetId, uidRanges);
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(cellConfig2);
+ inorder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(wifiConfig);
// Wifi network disconnected. mTestPackageDefaultNetworkCallback should not receive
// any callback.
@@ -13377,51 +13491,51 @@
mTestPackageDefaultNetworkCallback.assertNoCallback();
assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
waitForIdle();
- inorder.verify(mMockNetd, never()).networkAddUidRanges(anyInt(), any());
- inorder.verify(mMockNetd, never()).networkRemoveUidRanges(anyInt(), any());
+ inorder.verify(mMockNetd, never()).networkAddUidRangesParcel(any());
+ inorder.verify(mMockNetd, never()).networkRemoveUidRangesParcel(any());
inorder.verify(mMockNetd).networkDestroy(wifiNetId);
mCm.unregisterNetworkCallback(cellNetworkCallback);
}
@Test
- public void testSetMobileDataPreferredUids_noIssueToFactory() throws Exception {
- // First set mobile data preferred uid to create a multi-layer requests: 1. listen for
+ public void testMultilayerRequestsOfSetMobileDataPreferredUids() throws Exception {
+ // First set mobile data preferred uid to create a multi-layer requests: 1. request for
// cellular, 2. track the default network for fallback.
setAndUpdateMobileDataPreferredUids(
Set.of(PRIMARY_USER_HANDLE.getUid(TEST_PACKAGE_UID)));
final HandlerThread handlerThread = new HandlerThread("MockFactory");
handlerThread.start();
- NetworkCapabilities internetFilter = new NetworkCapabilities()
+ final NetworkCapabilities cellFilter = new NetworkCapabilities()
+ .addTransportType(TRANSPORT_CELLULAR)
.addCapability(NET_CAPABILITY_INTERNET)
.addCapability(NET_CAPABILITY_NOT_VCN_MANAGED);
- final MockNetworkFactory internetFactory = new MockNetworkFactory(handlerThread.getLooper(),
- mServiceContext, "internetFactory", internetFilter, mCsHandlerThread);
- internetFactory.setScoreFilter(40);
+ final MockNetworkFactory cellFactory = new MockNetworkFactory(handlerThread.getLooper(),
+ mServiceContext, "cellFactory", cellFilter, mCsHandlerThread);
+ cellFactory.setScoreFilter(40);
try {
- internetFactory.register();
- // Default internet request only. The first request is listen for cellular network,
- // which is never sent to factories (it's a LISTEN, not requestable). The second
- // fallback request is TRACK_DEFAULT which is also not sent to factories.
- internetFactory.expectRequestAdds(1);
- internetFactory.assertRequestCountEquals(1);
+ cellFactory.register();
+ // Default internet request and the mobile data preferred request.
+ cellFactory.expectRequestAdds(2);
+ cellFactory.assertRequestCountEquals(2);
- mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR);
- mCellNetworkAgent.connect(true);
+ mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
+ mWiFiNetworkAgent.connect(true);
- // The internet factory however is outscored, and should lose its requests.
- internetFactory.expectRequestRemove();
- internetFactory.assertRequestCountEquals(0);
+ // The cellFactory however is outscored, and should lose default internet request.
+ // But it should still see mobile data preferred request.
+ cellFactory.expectRequestRemove();
+ cellFactory.assertRequestCountEquals(1);
- mCellNetworkAgent.disconnect();
+ mWiFiNetworkAgent.disconnect();
// The network satisfying the default internet request has disconnected, so the
- // internetFactory sees the default request again.
- internetFactory.expectRequestAdds(1);
- internetFactory.assertRequestCountEquals(1);
+ // cellFactory sees the default internet requests again.
+ cellFactory.expectRequestAdd();
+ cellFactory.assertRequestCountEquals(2);
} finally {
- internetFactory.terminate();
+ cellFactory.terminate();
handlerThread.quitSafely();
}
}
@@ -13444,4 +13558,181 @@
waitForIdle();
});
}
+
+ @Test
+ public void testAllNetworkPreferencesCanCoexist()
+ throws Exception {
+ final InOrder inorder = inOrder(mMockNetd);
+ @OemNetworkPreferences.OemNetworkPreference final int networkPref =
+ OEM_NETWORK_PREFERENCE_OEM_PAID;
+ final UserHandle testHandle = setupEnterpriseNetwork();
+
+ setOemNetworkPreferenceAgentConnected(TRANSPORT_CELLULAR, true);
+ final int cellNetId = mCellNetworkAgent.getNetwork().netId;
+ inorder.verify(mMockNetd, times(1)).networkCreate(nativeNetworkConfigPhysical(
+ cellNetId, INetd.PERMISSION_NONE));
+
+ // Set oem network preference
+ final int[] uids1 = new int[] { PRIMARY_USER_HANDLE.getUid(TEST_PACKAGE_UID) };
+ final UidRangeParcel[] uidRanges1 = toUidRangeStableParcels(uidRangesForUids(uids1));
+ final NativeUidRangeConfig config1 = new NativeUidRangeConfig(cellNetId, uidRanges1,
+ PREFERENCE_PRIORITY_OEM);
+ setupSetOemNetworkPreferenceForPreferenceTest(networkPref, uidRanges1, TEST_PACKAGE_NAME);
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(config1);
+ inorder.verify(mMockNetd, never()).networkRemoveUidRangesParcel(any());
+
+ // Set user profile network preference
+ final TestNetworkAgentWrapper workAgent = makeEnterpriseNetworkAgent();
+ workAgent.connect(true);
+
+ final TestOnCompleteListener listener = new TestOnCompleteListener();
+ mCm.setProfileNetworkPreference(testHandle, PROFILE_NETWORK_PREFERENCE_ENTERPRISE,
+ r -> r.run(), listener);
+ listener.expectOnComplete();
+ final NativeUidRangeConfig config2 = new NativeUidRangeConfig(workAgent.getNetwork().netId,
+ uidRangeFor(testHandle), PREFERENCE_PRIORITY_PROFILE);
+ inorder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical(
+ workAgent.getNetwork().netId, INetd.PERMISSION_SYSTEM));
+ inorder.verify(mMockNetd, never()).networkRemoveUidRangesParcel(any());
+ inorder.verify(mMockNetd).networkAddUidRangesParcel(config2);
+
+ // Set MOBILE_DATA_PREFERRED_UIDS setting
+ final Set<Integer> uids2 = Set.of(PRIMARY_USER_HANDLE.getUid(TEST_PACKAGE_UID2));
+ final UidRangeParcel[] uidRanges2 = toUidRangeStableParcels(uidRangesForUids(uids2));
+ final NativeUidRangeConfig config3 = new NativeUidRangeConfig(cellNetId, uidRanges2,
+ PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED);
+ setAndUpdateMobileDataPreferredUids(uids2);
+ inorder.verify(mMockNetd, never()).networkRemoveUidRangesParcel(any());
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(config3);
+
+ // Set oem network preference again with different uid.
+ final Set<Integer> uids3 = Set.of(PRIMARY_USER_HANDLE.getUid(TEST_PACKAGE_UID3));
+ final UidRangeParcel[] uidRanges3 = toUidRangeStableParcels(uidRangesForUids(uids3));
+ final NativeUidRangeConfig config4 = new NativeUidRangeConfig(cellNetId, uidRanges3,
+ PREFERENCE_PRIORITY_OEM);
+ setupSetOemNetworkPreferenceForPreferenceTest(networkPref, uidRanges3, "com.android.test");
+ inorder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(config1);
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(config4);
+
+ // Remove user profile network preference
+ mCm.setProfileNetworkPreference(testHandle, PROFILE_NETWORK_PREFERENCE_DEFAULT,
+ r -> r.run(), listener);
+ listener.expectOnComplete();
+ inorder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(config2);
+ inorder.verify(mMockNetd, never()).networkAddUidRangesParcel(any());
+
+ // Set MOBILE_DATA_PREFERRED_UIDS setting again with same uid as oem network preference.
+ final NativeUidRangeConfig config6 = new NativeUidRangeConfig(cellNetId, uidRanges3,
+ PREFERENCE_PRIORITY_MOBILE_DATA_PREFERERRED);
+ setAndUpdateMobileDataPreferredUids(uids3);
+ inorder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(config3);
+ inorder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(config6);
+ }
+
+ @Test
+ public void testNetworkCallbackAndActiveNetworkForUid_AllNetworkPreferencesEnabled()
+ throws Exception {
+ // File a request for cell to ensure it doesn't go down.
+ final TestNetworkCallback cellNetworkCallback = new TestNetworkCallback();
+ final NetworkRequest cellRequest = new NetworkRequest.Builder()
+ .addTransportType(TRANSPORT_CELLULAR).build();
+ mCm.requestNetwork(cellRequest, cellNetworkCallback);
+ cellNetworkCallback.assertNoCallback();
+
+ // Register callbacks and have wifi network as default network.
+ registerDefaultNetworkCallbacks();
+ mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
+ mWiFiNetworkAgent.connect(true);
+ mDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mWiFiNetworkAgent);
+ mProfileDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mWiFiNetworkAgent);
+ mTestPackageDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mWiFiNetworkAgent);
+ assertEquals(mWiFiNetworkAgent.getNetwork(),
+ mCm.getActiveNetworkForUid(TEST_WORK_PROFILE_APP_UID));
+ assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
+
+ // Set MOBILE_DATA_PREFERRED_UIDS setting with TEST_WORK_PROFILE_APP_UID and
+ // TEST_PACKAGE_UID. Both mProfileDefaultNetworkCallback and
+ // mTestPackageDefaultNetworkCallback should receive callback with cell network.
+ setAndUpdateMobileDataPreferredUids(Set.of(TEST_WORK_PROFILE_APP_UID, TEST_PACKAGE_UID));
+ mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR);
+ mCellNetworkAgent.connect(true);
+ cellNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent);
+ mDefaultNetworkCallback.assertNoCallback();
+ mProfileDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent);
+ mTestPackageDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent);
+ assertEquals(mCellNetworkAgent.getNetwork(),
+ mCm.getActiveNetworkForUid(TEST_WORK_PROFILE_APP_UID));
+ assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
+
+ // Set user profile network preference with test profile. mProfileDefaultNetworkCallback
+ // should receive callback with higher priority network preference (enterprise network).
+ // The others should have no callbacks.
+ final UserHandle testHandle = setupEnterpriseNetwork();
+ final TestNetworkAgentWrapper workAgent = makeEnterpriseNetworkAgent();
+ workAgent.connect(true);
+ final TestOnCompleteListener listener = new TestOnCompleteListener();
+ mCm.setProfileNetworkPreference(testHandle, PROFILE_NETWORK_PREFERENCE_ENTERPRISE,
+ r -> r.run(), listener);
+ listener.expectOnComplete();
+ assertNoCallbacks(mDefaultNetworkCallback, mTestPackageDefaultNetworkCallback);
+ mProfileDefaultNetworkCallback.expectAvailableCallbacksValidated(workAgent);
+ assertEquals(workAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_WORK_PROFILE_APP_UID));
+ assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
+
+ // Set oem network preference with TEST_PACKAGE_UID. mTestPackageDefaultNetworkCallback
+ // should receive callback with higher priority network preference (current default network)
+ // and the others should have no callbacks.
+ @OemNetworkPreferences.OemNetworkPreference final int networkPref =
+ OEM_NETWORK_PREFERENCE_OEM_PAID;
+ final int[] uids1 = new int[] { TEST_PACKAGE_UID };
+ final UidRangeParcel[] uidRanges1 = toUidRangeStableParcels(uidRangesForUids(uids1));
+ setupSetOemNetworkPreferenceForPreferenceTest(networkPref, uidRanges1, TEST_PACKAGE_NAME);
+ assertNoCallbacks(mDefaultNetworkCallback, mProfileDefaultNetworkCallback);
+ mTestPackageDefaultNetworkCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
+ assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
+ assertEquals(workAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_WORK_PROFILE_APP_UID));
+
+ // Set oem network preference with TEST_WORK_PROFILE_APP_UID. Both
+ // mProfileDefaultNetworkCallback and mTestPackageDefaultNetworkCallback should receive
+ // callback.
+ final int[] uids2 = new int[] { TEST_WORK_PROFILE_APP_UID };
+ final UidRangeParcel[] uidRanges2 = toUidRangeStableParcels(uidRangesForUids(uids2));
+ when(mUserManager.getUserHandles(anyBoolean())).thenReturn(Arrays.asList(testHandle));
+ setupSetOemNetworkPreferenceForPreferenceTest(
+ networkPref, uidRanges2, "com.android.test", testHandle);
+ mDefaultNetworkCallback.assertNoCallback();
+ mProfileDefaultNetworkCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
+ mTestPackageDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
+ assertEquals(mWiFiNetworkAgent.getNetwork(),
+ mCm.getActiveNetworkForUid(TEST_WORK_PROFILE_APP_UID));
+ assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
+
+ // Remove oem network preference, mProfileDefaultNetworkCallback should receive callback
+ // with current highest priority network preference (enterprise network) and the others
+ // should have no callbacks.
+ final TestOemListenerCallback oemPrefListener = new TestOemListenerCallback();
+ mService.setOemNetworkPreference(
+ new OemNetworkPreferences.Builder().build(), oemPrefListener);
+ oemPrefListener.expectOnComplete();
+ assertNoCallbacks(mDefaultNetworkCallback, mTestPackageDefaultNetworkCallback);
+ mProfileDefaultNetworkCallback.expectAvailableCallbacksValidated(workAgent);
+ assertEquals(workAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_WORK_PROFILE_APP_UID));
+ assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
+
+ // Remove user profile network preference.
+ mCm.setProfileNetworkPreference(testHandle, PROFILE_NETWORK_PREFERENCE_DEFAULT,
+ r -> r.run(), listener);
+ listener.expectOnComplete();
+ assertNoCallbacks(mDefaultNetworkCallback, mTestPackageDefaultNetworkCallback);
+ mProfileDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
+ assertEquals(mCellNetworkAgent.getNetwork(),
+ mCm.getActiveNetworkForUid(TEST_WORK_PROFILE_APP_UID));
+ assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(TEST_PACKAGE_UID));
+
+ // Disconnect wifi
+ mWiFiNetworkAgent.disconnect();
+ assertNoCallbacks(mProfileDefaultNetworkCallback, mTestPackageDefaultNetworkCallback);
+ mDefaultNetworkCallback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+ mDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
+ }
}
diff --git a/tests/unit/java/com/android/server/connectivity/PermissionMonitorTest.java b/tests/unit/java/com/android/server/connectivity/PermissionMonitorTest.java
index 7f923d6..8f46508 100644
--- a/tests/unit/java/com/android/server/connectivity/PermissionMonitorTest.java
+++ b/tests/unit/java/com/android/server/connectivity/PermissionMonitorTest.java
@@ -98,6 +98,7 @@
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
+import java.util.List;
import java.util.Set;
@RunWith(DevSdkIgnoreRunner.class)
@@ -211,16 +212,12 @@
return packageInfo;
}
- private static PackageInfo buildPackageInfo(boolean hasSystemPermission, int uid,
- UserHandle user) {
+ private static PackageInfo buildPackageInfo(String packageName, int uid,
+ String... permissions) {
final PackageInfo pkgInfo;
- if (hasSystemPermission) {
- pkgInfo = systemPackageInfoWithPermissions(
- CHANGE_NETWORK_STATE, NETWORK_STACK, CONNECTIVITY_USE_RESTRICTED_NETWORKS);
- } else {
- pkgInfo = packageInfoWithPermissions(REQUESTED_PERMISSION_GRANTED, new String[] {}, "");
- }
- pkgInfo.applicationInfo.uid = user.getUid(UserHandle.getAppId(uid));
+ pkgInfo = systemPackageInfoWithPermissions(permissions);
+ pkgInfo.packageName = packageName;
+ pkgInfo.applicationInfo.uid = uid;
return pkgInfo;
}
@@ -606,15 +603,12 @@
@Test
public void testUidFilteringDuringVpnConnectDisconnectAndUidUpdates() throws Exception {
when(mPackageManager.getInstalledPackages(eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
- Arrays.asList(new PackageInfo[] {
- buildPackageInfo(true /* hasSystemPermission */, SYSTEM_UID1, MOCK_USER1),
- buildPackageInfo(false /* hasSystemPermission */, MOCK_UID1, MOCK_USER1),
- buildPackageInfo(false /* hasSystemPermission */, MOCK_UID2, MOCK_USER1),
- buildPackageInfo(false /* hasSystemPermission */, VPN_UID, MOCK_USER1)
- }));
- when(mPackageManager.getPackageInfo(eq(MOCK_PACKAGE1),
- eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
- buildPackageInfo(false /* hasSystemPermission */, MOCK_UID1, MOCK_USER1));
+ List.of(buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_UID1, CHANGE_NETWORK_STATE,
+ CONNECTIVITY_USE_RESTRICTED_NETWORKS),
+ buildPackageInfo(MOCK_PACKAGE1, MOCK_UID1),
+ buildPackageInfo(MOCK_PACKAGE2, MOCK_UID2),
+ buildPackageInfo(SYSTEM_PACKAGE2, VPN_UID)));
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE1, MOCK_UID1);
mPermissionMonitor.startMonitoring();
// Every app on user 0 except MOCK_UID2 are under VPN.
final Set<UidRange> vpnRange1 = new HashSet<>(Arrays.asList(new UidRange[] {
@@ -658,13 +652,10 @@
@Test
public void testUidFilteringDuringPackageInstallAndUninstall() throws Exception {
when(mPackageManager.getInstalledPackages(eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
- Arrays.asList(new PackageInfo[] {
- buildPackageInfo(true /* hasSystemPermission */, SYSTEM_UID1, MOCK_USER1),
- buildPackageInfo(false /* hasSystemPermission */, VPN_UID, MOCK_USER1)
- }));
- when(mPackageManager.getPackageInfo(eq(MOCK_PACKAGE1),
- eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
- buildPackageInfo(false /* hasSystemPermission */, MOCK_UID1, MOCK_USER1));
+ List.of(buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_UID1, CHANGE_NETWORK_STATE,
+ NETWORK_STACK, CONNECTIVITY_USE_RESTRICTED_NETWORKS),
+ buildPackageInfo(SYSTEM_PACKAGE2, VPN_UID)));
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE1, MOCK_UID1);
mPermissionMonitor.startMonitoring();
final Set<UidRange> vpnRange = Collections.singleton(UidRange.createForUser(MOCK_USER1));
@@ -901,13 +892,26 @@
new int[]{ MOCK_UID2 });
}
+ private BroadcastReceiver expectBroadcastReceiver(String... actions) {
+ final ArgumentCaptor<BroadcastReceiver> receiverCaptor =
+ ArgumentCaptor.forClass(BroadcastReceiver.class);
+ verify(mContext, times(1)).registerReceiver(receiverCaptor.capture(),
+ argThat(filter -> {
+ for (String action : actions) {
+ if (!filter.hasAction(action)) {
+ return false;
+ }
+ }
+ return true;
+ }), any(), any());
+ return receiverCaptor.getValue();
+ }
+
@Test
public void testIntentReceiver() throws Exception {
final NetdServiceMonitor netdServiceMonitor = new NetdServiceMonitor(mNetdService);
- final ArgumentCaptor<BroadcastReceiver> receiverCaptor =
- ArgumentCaptor.forClass(BroadcastReceiver.class);
- verify(mContext, times(1)).registerReceiver(receiverCaptor.capture(), any(), any(), any());
- final BroadcastReceiver receiver = receiverCaptor.getValue();
+ final BroadcastReceiver receiver = expectBroadcastReceiver(
+ Intent.ACTION_PACKAGE_ADDED, Intent.ACTION_PACKAGE_REMOVED);
// Verify receiving PACKAGE_ADDED intent.
final Intent addedIntent = new Intent(Intent.ACTION_PACKAGE_ADDED,
@@ -1061,4 +1065,136 @@
netdMonitor.expectNoPermission(
new UserHandle[]{MOCK_USER2}, new int[]{ MOCK_UID1, MOCK_UID2 });
}
+
+ @Test
+ public void testOnExternalApplicationsAvailable() throws Exception {
+ final NetdServiceMonitor netdServiceMonitor = new NetdServiceMonitor(mNetdService);
+ final NetdMonitor netdMonitor = new NetdMonitor(mNetdService);
+ final BroadcastReceiver receiver = expectBroadcastReceiver(
+ Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE);
+
+ // Initial the permission state. MOCK_PACKAGE1 and MOCK_PACKAGE2 are installed on external
+ // and have different uids. There has no permission for both uids.
+ when(mUserManager.getUserHandles(eq(true))).thenReturn(List.of(MOCK_USER1));
+ when(mPackageManager.getInstalledPackages(eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
+ List.of(buildPackageInfo(MOCK_PACKAGE1, MOCK_UID1),
+ buildPackageInfo(MOCK_PACKAGE2, MOCK_UID2)));
+ mPermissionMonitor.startMonitoring();
+ netdMonitor.expectNoPermission(
+ new UserHandle[]{MOCK_USER1}, new int[]{MOCK_UID1, MOCK_UID2});
+ netdServiceMonitor.expectPermission(
+ INetd.PERMISSION_NONE, new int[]{MOCK_UID1, MOCK_UID2});
+
+ // Verify receiving EXTERNAL_APPLICATIONS_AVAILABLE intent and update permission to netd.
+ final Intent externalIntent = new Intent(Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE);
+ externalIntent.putExtra(Intent.EXTRA_CHANGED_PACKAGE_LIST,
+ new String[] { MOCK_PACKAGE1 , MOCK_PACKAGE2});
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE1, MOCK_UID1,
+ CONNECTIVITY_USE_RESTRICTED_NETWORKS, INTERNET);
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE2, MOCK_UID2, CHANGE_NETWORK_STATE,
+ UPDATE_DEVICE_STATS);
+ receiver.onReceive(mContext, externalIntent);
+ netdMonitor.expectPermission(SYSTEM, new UserHandle[]{MOCK_USER1}, new int[]{MOCK_UID1});
+ netdMonitor.expectPermission(NETWORK, new UserHandle[]{MOCK_USER1}, new int[]{MOCK_UID2});
+ netdServiceMonitor.expectPermission(INetd.PERMISSION_INTERNET, new int[] { MOCK_UID1 });
+ netdServiceMonitor.expectPermission(
+ INetd.PERMISSION_UPDATE_DEVICE_STATS, new int[]{MOCK_UID2});
+ }
+
+ @Test
+ public void testOnExternalApplicationsAvailable_AppsNotRegisteredOnStartMonitoring()
+ throws Exception {
+ final NetdServiceMonitor netdServiceMonitor = new NetdServiceMonitor(mNetdService);
+ final NetdMonitor netdMonitor = new NetdMonitor(mNetdService);
+ final BroadcastReceiver receiver = expectBroadcastReceiver(
+ Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE);
+
+ // One user MOCK_USER1
+ mPermissionMonitor.onUserAdded(MOCK_USER1);
+
+ // Initial the permission state. MOCK_PACKAGE1 and MOCK_PACKAGE2 are installed on external
+ // and have different uids. There has no permission for both uids.
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE1, MOCK_UID1,
+ CONNECTIVITY_USE_RESTRICTED_NETWORKS, INTERNET);
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE2, MOCK_UID2, CHANGE_NETWORK_STATE,
+ UPDATE_DEVICE_STATS);
+
+ // Verify receiving EXTERNAL_APPLICATIONS_AVAILABLE intent and update permission to netd.
+ final Intent externalIntent = new Intent(Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE);
+ externalIntent.putExtra(Intent.EXTRA_CHANGED_PACKAGE_LIST,
+ new String[] { MOCK_PACKAGE1 , MOCK_PACKAGE2});
+ receiver.onReceive(mContext, externalIntent);
+ netdMonitor.expectPermission(SYSTEM, new UserHandle[]{MOCK_USER1}, new int[]{MOCK_UID1});
+ netdMonitor.expectPermission(NETWORK, new UserHandle[]{MOCK_USER1}, new int[]{MOCK_UID2});
+ netdServiceMonitor.expectPermission(INetd.PERMISSION_INTERNET, new int[] { MOCK_UID1 });
+ netdServiceMonitor.expectPermission(
+ INetd.PERMISSION_UPDATE_DEVICE_STATS, new int[]{MOCK_UID2});
+ }
+
+ @Test
+ public void testOnExternalApplicationsAvailableWithSharedUid()
+ throws Exception {
+ final NetdServiceMonitor netdServiceMonitor = new NetdServiceMonitor(mNetdService);
+ final NetdMonitor netdMonitor = new NetdMonitor(mNetdService);
+ final BroadcastReceiver receiver = expectBroadcastReceiver(
+ Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE);
+
+ // Initial the permission state. MOCK_PACKAGE1 and MOCK_PACKAGE2 are installed on external
+ // storage and shared on MOCK_UID1. There has no permission for MOCK_UID1.
+ when(mUserManager.getUserHandles(eq(true))).thenReturn(List.of(MOCK_USER1));
+ when(mPackageManager.getInstalledPackages(eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
+ List.of(buildPackageInfo(MOCK_PACKAGE1, MOCK_UID1),
+ buildPackageInfo(MOCK_PACKAGE2, MOCK_UID1)));
+ mPermissionMonitor.startMonitoring();
+ netdMonitor.expectNoPermission(new UserHandle[]{MOCK_USER1}, new int[]{MOCK_UID1});
+ netdServiceMonitor.expectPermission(INetd.PERMISSION_NONE, new int[] {MOCK_UID1});
+
+ // Verify receiving EXTERNAL_APPLICATIONS_AVAILABLE intent and update permission to netd.
+ final Intent externalIntent = new Intent(Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE);
+ externalIntent.putExtra(Intent.EXTRA_CHANGED_PACKAGE_LIST, new String[] {MOCK_PACKAGE1});
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE1, MOCK_UID1, CHANGE_NETWORK_STATE);
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE2, MOCK_UID1, UPDATE_DEVICE_STATS);
+ when(mPackageManager.getPackagesForUid(MOCK_UID1))
+ .thenReturn(new String[]{MOCK_PACKAGE1, MOCK_PACKAGE2});
+ receiver.onReceive(mContext, externalIntent);
+ netdMonitor.expectPermission(NETWORK, new UserHandle[]{MOCK_USER1}, new int[]{MOCK_UID1});
+ netdServiceMonitor.expectPermission(
+ INetd.PERMISSION_UPDATE_DEVICE_STATS, new int[] {MOCK_UID1});
+ }
+
+ @Test
+ public void testOnExternalApplicationsAvailableWithSharedUid_DifferentStorage()
+ throws Exception {
+ final NetdServiceMonitor netdServiceMonitor = new NetdServiceMonitor(mNetdService);
+ final NetdMonitor netdMonitor = new NetdMonitor(mNetdService);
+ final BroadcastReceiver receiver = expectBroadcastReceiver(
+ Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE);
+
+ // Initial the permission state. MOCK_PACKAGE1 is installed on external storage and
+ // MOCK_PACKAGE2 is installed on device. These two packages are shared on MOCK_UID1.
+ // MOCK_UID1 has NETWORK and INTERNET permissions.
+ when(mUserManager.getUserHandles(eq(true))).thenReturn(List.of(MOCK_USER1));
+ when(mPackageManager.getInstalledPackages(eq(GET_PERMISSIONS | MATCH_ANY_USER))).thenReturn(
+ List.of(buildPackageInfo(MOCK_PACKAGE1, MOCK_UID1),
+ buildPackageInfo(MOCK_PACKAGE2, MOCK_UID1, CHANGE_NETWORK_STATE,
+ INTERNET)));
+ mPermissionMonitor.startMonitoring();
+ netdMonitor.expectPermission(NETWORK, new UserHandle[]{MOCK_USER1}, new int[]{MOCK_UID1});
+ netdServiceMonitor.expectPermission(INetd.PERMISSION_INTERNET, new int[] {MOCK_UID1});
+
+ // Verify receiving EXTERNAL_APPLICATIONS_AVAILABLE intent and update permission to netd.
+ final Intent externalIntent = new Intent(Intent.ACTION_EXTERNAL_APPLICATIONS_AVAILABLE);
+ externalIntent.putExtra(Intent.EXTRA_CHANGED_PACKAGE_LIST, new String[] {MOCK_PACKAGE1});
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE1, MOCK_UID1,
+ CONNECTIVITY_USE_RESTRICTED_NETWORKS, UPDATE_DEVICE_STATS);
+ buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE2, MOCK_UID1, CHANGE_NETWORK_STATE,
+ INTERNET);
+ when(mPackageManager.getPackagesForUid(MOCK_UID1))
+ .thenReturn(new String[]{MOCK_PACKAGE1, MOCK_PACKAGE2});
+ receiver.onReceive(mContext, externalIntent);
+ netdMonitor.expectPermission(SYSTEM, new UserHandle[]{MOCK_USER1}, new int[]{MOCK_UID1});
+ netdServiceMonitor.expectPermission(
+ INetd.PERMISSION_INTERNET | INetd.PERMISSION_UPDATE_DEVICE_STATS,
+ new int[] {MOCK_UID1});
+ }
}