Merge "CTS for ingress rate limiting"
diff --git a/TEST_MAPPING b/TEST_MAPPING
index b1e6a9f..a5b97a1 100644
--- a/TEST_MAPPING
+++ b/TEST_MAPPING
@@ -19,6 +19,9 @@
]
},
{
+ "name": "bpf_existence_test"
+ },
+ {
"name": "netd_updatable_unit_test"
},
{
@@ -41,10 +44,6 @@
{
"name": "TetheringPrivilegedTests"
},
- // TODO: move to presubmit when known green.
- {
- "name": "bpf_existence_test"
- },
{
"name": "netd_updatable_unit_test",
"keywords": ["netd-device-kernel-4.9", "netd-device-kernel-4.14"]
@@ -76,6 +75,9 @@
]
},
{
+ "name": "bpf_existence_test[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk+com.google.android.resolv.apex+com.google.android.tethering.apex]"
+ },
+ {
"name": "netd_updatable_unit_test[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk+com.google.android.resolv.apex+com.google.android.tethering.apex]"
},
{
@@ -128,10 +130,6 @@
},
{
"name": "TetheringCoverageTests[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk+com.google.android.resolv.apex+com.google.android.tethering.apex]"
- },
- // TODO: move to mainline-presubmit when known green.
- {
- "name": "bpf_existence_test[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk+com.google.android.resolv.apex+com.google.android.tethering.apex]"
}
],
"auto-postsubmit": [
diff --git a/service/jni/com_android_server_BpfNetMaps.cpp b/service/jni/com_android_server_BpfNetMaps.cpp
index 63961cb..f13c68d 100644
--- a/service/jni/com_android_server_BpfNetMaps.cpp
+++ b/service/jni/com_android_server_BpfNetMaps.cpp
@@ -109,6 +109,7 @@
}
size_t size = uids.size();
+ static_assert(sizeof(*(uids.get())) == sizeof(int32_t));
std::vector<int32_t> data ((int32_t *)&uids[0], (int32_t*)&uids[size]);
int res = mTc.replaceUidOwnerMap(chainName, isAllowlist, data);
if (res) {
@@ -145,6 +146,7 @@
}
size_t size = uids.size();
+ static_assert(sizeof(*(uids.get())) == sizeof(int32_t));
std::vector<int32_t> data ((int32_t *)&uids[0], (int32_t*)&uids[size]);
Status status = mTc.addUidInterfaceRules(ifIndex, data);
if (!isOk(status)) {
@@ -160,6 +162,7 @@
}
size_t size = uids.size();
+ static_assert(sizeof(*(uids.get())) == sizeof(int32_t));
std::vector<int32_t> data ((int32_t *)&uids[0], (int32_t*)&uids[size]);
Status status = mTc.removeUidInterfaceRules(data);
if (!isOk(status)) {
diff --git a/service/src/com/android/server/ConnectivityService.java b/service/src/com/android/server/ConnectivityService.java
index 1b57c27..c90fcd5 100644
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -3873,7 +3873,7 @@
ConnectivityReportEvent reportEvent =
new ConnectivityReportEvent(p.timestampMillis, nai, extras);
final Message m = mConnectivityDiagnosticsHandler.obtainMessage(
- ConnectivityDiagnosticsHandler.EVENT_NETWORK_TESTED, reportEvent);
+ ConnectivityDiagnosticsHandler.CMD_SEND_CONNECTIVITY_REPORT, reportEvent);
mConnectivityDiagnosticsHandler.sendMessage(m);
}
@@ -9598,14 +9598,12 @@
/**
* Event for {@link NetworkStateTrackerHandler} to trigger ConnectivityReport callbacks
- * after processing {@link #EVENT_NETWORK_TESTED} events.
+ * after processing {@link #CMD_SEND_CONNECTIVITY_REPORT} events.
* obj = {@link ConnectivityReportEvent} representing ConnectivityReport info reported from
* NetworkMonitor.
* data = PersistableBundle of extras passed from NetworkMonitor.
- *
- * <p>See {@link ConnectivityService#EVENT_NETWORK_TESTED}.
*/
- private static final int EVENT_NETWORK_TESTED = ConnectivityService.EVENT_NETWORK_TESTED;
+ private static final int CMD_SEND_CONNECTIVITY_REPORT = 3;
/**
* Event for NetworkMonitor to inform ConnectivityService that a potential data stall has
@@ -9643,7 +9641,7 @@
(IConnectivityDiagnosticsCallback) msg.obj, msg.arg1);
break;
}
- case EVENT_NETWORK_TESTED: {
+ case CMD_SEND_CONNECTIVITY_REPORT: {
final ConnectivityReportEvent reportEvent =
(ConnectivityReportEvent) msg.obj;
@@ -10713,8 +10711,9 @@
final String iface = networkAgent.linkProperties.getInterfaceName();
if (iface == null) {
- // This can never happen.
- logwtf("canNetworkBeRateLimited: LinkProperties#getInterfaceName returns null");
+ // This may happen in tests, but if there is no interface then there is nothing that
+ // can be rate limited.
+ loge("canNetworkBeRateLimited: LinkProperties#getInterfaceName returns null");
return false;
}
return true;
diff --git a/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java b/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
index 5778b0d..7150918 100755
--- a/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
+++ b/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
@@ -334,9 +334,8 @@
@Nullable ProxyInfo proxyInfo,
@Nullable ArrayList<Network> underlyingNetworks, boolean isAlwaysMetered)
throws Exception {
- startVpn(addresses, routes, new String[0] /* excludedRoutes */, allowedApplications,
- disallowedApplications, proxyInfo, underlyingNetworks, isAlwaysMetered,
- false /* addRoutesByIpPrefix */);
+ startVpn(addresses, routes, excludedRoutes, allowedApplications, disallowedApplications,
+ proxyInfo, underlyingNetworks, isAlwaysMetered, false /* addRoutesByIpPrefix */);
}
private void startVpn(
diff --git a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
index ac520d1..8f6ff19 100644
--- a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
+++ b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
@@ -2174,7 +2174,7 @@
private void waitForAvailable(
@NonNull final TestableNetworkCallback cb, @NonNull final Network expectedNetwork) {
cb.expectAvailableCallbacks(expectedNetwork, false /* suspended */,
- true /* validated */,
+ null /* validated */,
false /* blocked */, NETWORK_CALLBACK_TIMEOUT_MS);
}
diff --git a/tests/unit/java/com/android/server/net/NetworkStatsServiceTest.java b/tests/unit/java/com/android/server/net/NetworkStatsServiceTest.java
index 34bcf3f..aa4e4bb 100644
--- a/tests/unit/java/com/android/server/net/NetworkStatsServiceTest.java
+++ b/tests/unit/java/com/android/server/net/NetworkStatsServiceTest.java
@@ -63,8 +63,10 @@
import static com.android.net.module.util.NetworkStatsUtils.SUBSCRIBER_ID_MATCH_RULE_EXACT;
import static com.android.server.net.NetworkStatsService.ACTION_NETWORK_STATS_POLL;
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
@@ -77,6 +79,7 @@
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.reset;
+import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
@@ -101,13 +104,13 @@
import android.net.UnderlyingNetworkInfo;
import android.net.netstats.provider.INetworkStatsProviderCallback;
import android.net.wifi.WifiInfo;
-import android.os.Build;
import android.os.Handler;
import android.os.HandlerThread;
import android.os.IBinder;
import android.os.PowerManager;
import android.os.SimpleClock;
import android.provider.Settings;
+import android.system.ErrnoException;
import android.telephony.TelephonyManager;
import androidx.annotation.Nullable;
@@ -125,6 +128,7 @@
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRunner;
import com.android.testutils.HandlerUtils;
+import com.android.testutils.TestBpfMap;
import com.android.testutils.TestableNetworkStatsProviderBinder;
import libcore.testing.io.TestIoUtils;
@@ -143,6 +147,7 @@
import java.time.ZoneOffset;
import java.util.Objects;
import java.util.concurrent.Executor;
+import java.util.concurrent.atomic.AtomicBoolean;
/**
* Tests for {@link NetworkStatsService}.
@@ -152,7 +157,8 @@
*/
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+// NetworkStatsService is not updatable before T, so tests do not need to be backwards compatible
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
public class NetworkStatsServiceTest extends NetworkStatsBaseTest {
private static final String TAG = "NetworkStatsServiceTest";
@@ -197,11 +203,16 @@
private HandlerThread mHandlerThread;
@Mock
private LocationPermissionChecker mLocationPermissionChecker;
- private @Mock IBpfMap<U32, U8> mUidCounterSetMap;
- private @Mock IBpfMap<CookieTagMapKey, CookieTagMapValue> mCookieTagMap;
- private @Mock IBpfMap<StatsMapKey, StatsMapValue> mStatsMapA;
- private @Mock IBpfMap<StatsMapKey, StatsMapValue> mStatsMapB;
- private @Mock IBpfMap<UidStatsMapKey, StatsMapValue> mAppUidStatsMap;
+ private TestBpfMap<U32, U8> mUidCounterSetMap = spy(new TestBpfMap<>(U32.class, U8.class));
+
+ private TestBpfMap<CookieTagMapKey, CookieTagMapValue> mCookieTagMap = new TestBpfMap<>(
+ CookieTagMapKey.class, CookieTagMapValue.class);
+ private TestBpfMap<StatsMapKey, StatsMapValue> mStatsMapA = new TestBpfMap<>(StatsMapKey.class,
+ StatsMapValue.class);
+ private TestBpfMap<StatsMapKey, StatsMapValue> mStatsMapB = new TestBpfMap<>(StatsMapKey.class,
+ StatsMapValue.class);
+ private TestBpfMap<UidStatsMapKey, StatsMapValue> mAppUidStatsMap = new TestBpfMap<>(
+ UidStatsMapKey.class, StatsMapValue.class);
private NetworkStatsService mService;
private INetworkStatsSession mSession;
@@ -1921,4 +1932,70 @@
private void waitForIdle() {
HandlerUtils.waitForIdle(mHandlerThread, WAIT_TIMEOUT);
}
+
+ private boolean cookieTagMapContainsUid(int uid) throws ErrnoException {
+ final AtomicBoolean found = new AtomicBoolean();
+ mCookieTagMap.forEach((k, v) -> {
+ if (v.uid == uid) {
+ found.set(true);
+ }
+ });
+ return found.get();
+ }
+
+ private static <K extends StatsMapKey, V extends StatsMapValue> boolean statsMapContainsUid(
+ TestBpfMap<K, V> map, int uid) throws ErrnoException {
+ final AtomicBoolean found = new AtomicBoolean();
+ map.forEach((k, v) -> {
+ if (k.uid == uid) {
+ found.set(true);
+ }
+ });
+ return found.get();
+ }
+
+ private void initBpfMapsWithTagData(int uid) throws ErrnoException {
+ // key needs to be unique, use some offset from uid.
+ mCookieTagMap.insertEntry(new CookieTagMapKey(1000 + uid), new CookieTagMapValue(uid, 1));
+ mCookieTagMap.insertEntry(new CookieTagMapKey(2000 + uid), new CookieTagMapValue(uid, 2));
+
+ mStatsMapA.insertEntry(new StatsMapKey(uid, 1, 0, 10), new StatsMapValue(5, 5000, 3, 3000));
+ mStatsMapA.insertEntry(new StatsMapKey(uid, 2, 0, 10), new StatsMapValue(5, 5000, 3, 3000));
+
+ mStatsMapB.insertEntry(new StatsMapKey(uid, 1, 0, 10), new StatsMapValue(0, 0, 0, 0));
+
+ mAppUidStatsMap.insertEntry(new UidStatsMapKey(uid), new StatsMapValue(10, 10000, 6, 6000));
+
+ mUidCounterSetMap.insertEntry(new U32(uid), new U8((short) 1));
+
+ assertTrue(cookieTagMapContainsUid(uid));
+ assertTrue(statsMapContainsUid(mStatsMapA, uid));
+ assertTrue(statsMapContainsUid(mStatsMapB, uid));
+ assertTrue(mAppUidStatsMap.containsKey(new UidStatsMapKey(uid)));
+ assertTrue(mUidCounterSetMap.containsKey(new U32(uid)));
+ }
+
+ @Test
+ public void testRemovingUidRemovesTagDataForUid() throws ErrnoException {
+ initBpfMapsWithTagData(UID_BLUE);
+ initBpfMapsWithTagData(UID_RED);
+
+ final Intent intent = new Intent(ACTION_UID_REMOVED);
+ intent.putExtra(EXTRA_UID, UID_BLUE);
+ mServiceContext.sendBroadcast(intent);
+
+ // assert that all UID_BLUE related tag data has been removed from the maps.
+ assertFalse(cookieTagMapContainsUid(UID_BLUE));
+ assertFalse(statsMapContainsUid(mStatsMapA, UID_BLUE));
+ assertFalse(statsMapContainsUid(mStatsMapB, UID_BLUE));
+ assertFalse(mAppUidStatsMap.containsKey(new UidStatsMapKey(UID_BLUE)));
+ assertFalse(mUidCounterSetMap.containsKey(new U32(UID_BLUE)));
+
+ // assert that UID_RED related tag data is still in the maps.
+ assertTrue(cookieTagMapContainsUid(UID_RED));
+ assertTrue(statsMapContainsUid(mStatsMapA, UID_RED));
+ assertTrue(statsMapContainsUid(mStatsMapB, UID_RED));
+ assertTrue(mAppUidStatsMap.containsKey(new UidStatsMapKey(UID_RED)));
+ assertTrue(mUidCounterSetMap.containsKey(new U32(UID_RED)));
+ }
}