[automerger skipped] TestOnly: add setEthernetEnable support to EthernetManagerTest am: 88f253679b -s ours
am skip reason: Merged-In I6650c028c121d932f10219d04d40d1ad60d9d4d8 with SHA-1 bd5745effa is already in history
Original change: https://android-review.googlesource.com/c/platform/packages/modules/Connectivity/+/2238193
Change-Id: I4c612624794f531fc5ec928d3ac1182912f480c0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/OWNERS_core_networking b/OWNERS_core_networking
index bc1d002..3a08422 100644
--- a/OWNERS_core_networking
+++ b/OWNERS_core_networking
@@ -10,6 +10,7 @@
markchien@google.com
martinwu@google.com
maze@google.com
+motomuman@google.com
nuccachen@google.com
paulhu@google.com
prohr@google.com
diff --git a/OWNERS_core_networking_xts b/OWNERS_core_networking_xts
index a6627fe..8083cbf 100644
--- a/OWNERS_core_networking_xts
+++ b/OWNERS_core_networking_xts
@@ -1,2 +1,7 @@
lorenzo@google.com
-satk@google.com
+satk@google.com #{LAST_RESORT_SUGGESTION}
+
+# For cherry-picks of CLs that are already merged in aosp/master.
+jchalard@google.com #{LAST_RESORT_SUGGESTION}
+maze@google.com #{LAST_RESORT_SUGGESTION}
+reminv@google.com #{LAST_RESORT_SUGGESTION}
diff --git a/TEST_MAPPING b/TEST_MAPPING
index 7eb935e..6e30fd1 100644
--- a/TEST_MAPPING
+++ b/TEST_MAPPING
@@ -36,6 +36,17 @@
},
// CTS tests that target older SDKs.
{
+ "name": "CtsNetTestCasesMaxTargetSdk30",
+ "options": [
+ {
+ "exclude-annotation": "com.android.testutils.SkipPresubmit"
+ },
+ {
+ "exclude-annotation": "androidx.test.filters.RequiresDevice"
+ }
+ ]
+ },
+ {
"name": "CtsNetTestCasesMaxTargetSdk31",
"options": [
{
@@ -53,6 +64,9 @@
"name": "connectivity_native_test"
},
{
+ "name": "libclat_test"
+ },
+ {
"name": "netd_updatable_unit_test"
},
{
@@ -80,16 +94,10 @@
"keywords": ["netd-device-kernel-4.9", "netd-device-kernel-4.14"]
},
{
- "name": "libclat_test"
- },
- {
"name": "traffic_controller_unit_test",
"keywords": ["netd-device-kernel-4.9", "netd-device-kernel-4.14"]
},
{
- "name": "libnetworkstats_test"
- },
- {
"name": "FrameworksNetDeflakeTest"
}
],
@@ -106,6 +114,17 @@
]
},
{
+ "name": "CtsNetTestCasesMaxTargetSdk30[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk+com.google.android.resolv.apex+com.google.android.tethering.apex]",
+ "options": [
+ {
+ "exclude-annotation": "com.android.testutils.SkipPresubmit"
+ },
+ {
+ "exclude-annotation": "androidx.test.filters.RequiresDevice"
+ }
+ ]
+ },
+ {
"name": "CtsNetTestCasesMaxTargetSdk31[CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk+com.google.android.resolv.apex+com.google.android.tethering.apex]",
"options": [
{
@@ -174,23 +193,6 @@
]
}
],
- "auto-postsubmit": [
- // Test tag for automotive targets. These are only running in postsubmit so as to harden the
- // automotive targets to avoid introducing additional test flake and build time. The plan for
- // presubmit testing for auto is to augment the existing tests to cover auto use cases as well.
- // Additionally, this tag is used in targeted test suites to limit resource usage on the test
- // infra during the hardening phase.
- // TODO: this tag to be removed once the above is no longer an issue.
- {
- "name": "FrameworksNetTests"
- },
- {
- "name": "FrameworksNetIntegrationTests"
- },
- {
- "name": "FrameworksNetDeflakeTest"
- }
- ],
"imports": [
{
"path": "frameworks/base/core/java/android/net"
@@ -203,6 +205,9 @@
},
{
"path": "packages/modules/CaptivePortalLogin"
+ },
+ {
+ "path": "vendor/xts/gts-tests/hostsidetests/networkstack"
}
]
}
diff --git a/Tethering/Android.bp b/Tethering/Android.bp
index 2c7b868..3ab1ec2 100644
--- a/Tethering/Android.bp
+++ b/Tethering/Android.bp
@@ -26,16 +26,32 @@
}
java_defaults {
+ name: "TetheringExternalLibs",
+ // Libraries not including Tethering's own framework-tethering (different flavors of that one
+ // are needed depending on the build rule)
+ libs: [
+ "framework-connectivity.stubs.module_lib",
+ "framework-connectivity-t.stubs.module_lib",
+ "framework-statsd.stubs.module_lib",
+ "framework-wifi",
+ "framework-bluetooth",
+ "unsupportedappusage",
+ ],
+ defaults_visibility: ["//visibility:private"],
+}
+
+java_defaults {
name: "TetheringAndroidLibraryDefaults",
srcs: [
"apishim/**/*.java",
"src/**/*.java",
":framework-connectivity-shared-srcs",
- ":tethering-module-utils-srcs",
":services-tethering-shared-srcs",
+ ":statslog-tethering-java-gen",
],
static_libs: [
"androidx.annotation_annotation",
+ "connectivity-net-module-utils-bpf",
"modules-utils-build",
"modules-utils-statemachine",
"networkstack-client",
@@ -45,18 +61,14 @@
"net-utils-framework-common",
"net-utils-device-common",
"net-utils-device-common-bpf",
+ "net-utils-device-common-ip",
"net-utils-device-common-netlink",
"netd-client",
"tetheringstatsprotos",
],
+ defaults: ["TetheringExternalLibs"],
libs: [
- "framework-connectivity",
- "framework-connectivity-t.stubs.module_lib",
- "framework-statsd.stubs.module_lib",
"framework-tethering.impl",
- "framework-wifi",
- "framework-bluetooth",
- "unsupportedappusage",
],
plugins: ["java_api_finder"],
manifest: "AndroidManifestBase.xml",
@@ -133,7 +145,7 @@
"-Wthread-safety",
],
- ldflags: ["-Wl,--exclude-libs=ALL,-error-limit=0"],
+ ldflags: ["-Wl,--exclude-libs=ALL,--error-limit=0"],
}
// Common defaults for compiling the actual APK.
@@ -146,9 +158,17 @@
resource_dirs: [
"res",
],
+ // Libs are not actually needed to build here since build rules using these defaults are just
+ // packaging the TetheringApiXLibs in APKs, but they are necessary so that R8 has the right
+ // references to optimize the code. Without these, there will be missing class warnings and code
+ // may be wrongly optimized.
+ // R8 runs after jarjar, so the framework-X libraries need to be the post-jarjar artifacts
+ // (framework-tethering.impl), if they are not just stubs, so that the name of jarjared
+ // classes match.
+ // TODO(b/229727645): ensure R8 fails the build fully if libraries are missing
+ defaults: ["TetheringExternalLibs"],
libs: [
- "framework-tethering",
- "framework-wifi",
+ "framework-tethering.impl",
],
jarjar_rules: "jarjar-rules.txt",
optimize: {
@@ -209,8 +229,11 @@
sdk {
name: "tethering-module-sdk",
- bootclasspath_fragments: ["com.android.tethering-bootclasspath-fragment"],
- systemserverclasspath_fragments: ["com.android.tethering-systemserverclasspath-fragment"],
+ apexes: [
+ // Adds exportable dependencies of the APEX to the sdk,
+ // e.g. *classpath_fragments.
+ "com.android.tethering",
+ ],
}
java_library_static {
@@ -223,3 +246,11 @@
apex_available: ["com.android.tethering"],
min_sdk_version: "30",
}
+
+genrule {
+ name: "statslog-tethering-java-gen",
+ tools: ["stats-log-api-gen"],
+ cmd: "$(location stats-log-api-gen) --java $(out) --module network_tethering" +
+ " --javaPackage com.android.networkstack.tethering.metrics --javaClass TetheringStatsLog",
+ out: ["com/android/networkstack/tethering/metrics/TetheringStatsLog.java"],
+}
diff --git a/Tethering/apex/Android.bp b/Tethering/apex/Android.bp
index 9076dca..8cf46ef 100644
--- a/Tethering/apex/Android.bp
+++ b/Tethering/apex/Android.bp
@@ -18,6 +18,20 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
+prebuilt_etc {
+ name: "TetheringInProcessFlag",
+ src: "in-process",
+ filename_from_src: true,
+ sub_dir: "flag",
+}
+
+prebuilt_etc {
+ name: "TetheringOutOfProcessFlag",
+ src: "out-of-process",
+ filename_from_src: true,
+ sub_dir: "flag",
+}
+
// Defaults to enable/disable java targets which uses development APIs. "enabled" may have a
// different value depending on the branch.
java_defaults {
@@ -71,10 +85,12 @@
bpfs: [
"block.o",
"clatd.o",
- "dscp_policy.o",
+ "dscpPolicy.o",
"netd.o",
"offload.o",
+ "offload@btf.o",
"test.o",
+ "test@btf.o",
],
apps: [
"ServiceConnectivityResources",
@@ -83,6 +99,7 @@
prebuilts: [
"current_sdkinfo",
"privapp_allowlist_com.android.tethering",
+ "TetheringOutOfProcessFlag",
],
manifest: "manifest.json",
key: "com.android.tethering.key",
@@ -92,7 +109,10 @@
androidManifest: "AndroidManifest.xml",
- compat_configs: ["connectivity-platform-compat-config"],
+ compat_configs: [
+ "connectivity-platform-compat-config",
+ "connectivity-t-platform-compat-config",
+ ],
}
apex_key {
@@ -106,6 +126,15 @@
certificate: "com.android.tethering",
}
+filegroup {
+ name: "connectivity-hiddenapi-files",
+ srcs: [
+ ":connectivity-t-hiddenapi-files",
+ "hiddenapi/*.txt",
+ ],
+ visibility: ["//packages/modules/Connectivity:__subpackages__"],
+}
+
// Encapsulate the contributions made by the com.android.tethering to the bootclasspath.
bootclasspath_fragment {
name: "com.android.tethering-bootclasspath-fragment",
@@ -133,16 +162,11 @@
// Additional hidden API flag files to override the defaults. This must only be
// modified by the Soong or platform compat team.
hidden_api: {
- max_target_r_low_priority: [
- "hiddenapi/hiddenapi-max-target-r-loprio.txt",
- ],
max_target_o_low_priority: [
"hiddenapi/hiddenapi-max-target-o-low-priority.txt",
- "hiddenapi/hiddenapi-max-target-o-low-priority-tiramisu.txt",
],
unsupported: [
"hiddenapi/hiddenapi-unsupported.txt",
- "hiddenapi/hiddenapi-unsupported-tiramisu.txt",
],
// The following packages contain classes from other modules on the
@@ -186,8 +210,21 @@
base: "com.android.tethering",
package_name: "com.android.tethering.inprocess",
enabled: enable_tethering_next_apex,
+ bpfs: [
+ "block.o",
+ "clatd.o",
+ "dscpPolicy.o",
+ "netd.o",
+ "offload@inprocess.o",
+ "test@inprocess.o",
+ ],
apps: [
"ServiceConnectivityResources",
"InProcessTethering",
],
+ prebuilts: [
+ "current_sdkinfo",
+ "privapp_allowlist_com.android.tethering",
+ "TetheringInProcessFlag",
+ ],
}
diff --git a/Tethering/apex/in-process b/Tethering/apex/in-process
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/Tethering/apex/in-process
diff --git a/Tethering/apex/manifest.json b/Tethering/apex/manifest.json
index 3cb03ed..5d5ede6 100644
--- a/Tethering/apex/manifest.json
+++ b/Tethering/apex/manifest.json
@@ -1,4 +1,7 @@
{
"name": "com.android.tethering",
- "version": 339990000
+
+ // Placeholder module version to be replaced during build.
+ // Do not change!
+ "version": 0
}
diff --git a/Tethering/apex/out-of-process b/Tethering/apex/out-of-process
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/Tethering/apex/out-of-process
diff --git a/Tethering/apishim/30/com/android/networkstack/tethering/apishim/api30/BpfCoordinatorShimImpl.java b/Tethering/apishim/30/com/android/networkstack/tethering/apishim/api30/BpfCoordinatorShimImpl.java
index b865a8e..898b124 100644
--- a/Tethering/apishim/30/com/android/networkstack/tethering/apishim/api30/BpfCoordinatorShimImpl.java
+++ b/Tethering/apishim/30/com/android/networkstack/tethering/apishim/api30/BpfCoordinatorShimImpl.java
@@ -19,7 +19,6 @@
import android.net.INetd;
import android.net.MacAddress;
import android.net.TetherStatsParcel;
-import android.net.util.SharedLog;
import android.os.RemoteException;
import android.os.ServiceSpecificException;
import android.util.SparseArray;
@@ -28,6 +27,7 @@
import androidx.annotation.Nullable;
import com.android.net.module.util.IBpfMap.ThrowingBiConsumer;
+import com.android.net.module.util.SharedLog;
import com.android.net.module.util.bpf.Tether4Key;
import com.android.net.module.util.bpf.Tether4Value;
import com.android.net.module.util.bpf.TetherStatsValue;
@@ -168,13 +168,13 @@
}
@Override
- public boolean attachProgram(String iface, boolean downstream) {
+ public boolean attachProgram(String iface, boolean downstream, boolean ipv4) {
/* no op */
return true;
}
@Override
- public boolean detachProgram(String iface) {
+ public boolean detachProgram(String iface, boolean ipv4) {
/* no op */
return true;
}
diff --git a/Tethering/apishim/31/com/android/networkstack/tethering/apishim/api31/BpfCoordinatorShimImpl.java b/Tethering/apishim/31/com/android/networkstack/tethering/apishim/api31/BpfCoordinatorShimImpl.java
index 0683e5e..3cad1c6 100644
--- a/Tethering/apishim/31/com/android/networkstack/tethering/apishim/api31/BpfCoordinatorShimImpl.java
+++ b/Tethering/apishim/31/com/android/networkstack/tethering/apishim/api31/BpfCoordinatorShimImpl.java
@@ -19,7 +19,6 @@
import static android.net.netstats.provider.NetworkStatsProvider.QUOTA_UNLIMITED;
import android.net.MacAddress;
-import android.net.util.SharedLog;
import android.system.ErrnoException;
import android.system.Os;
import android.system.OsConstants;
@@ -29,8 +28,9 @@
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
-import com.android.net.module.util.BpfMap;
+import com.android.net.module.util.IBpfMap;
import com.android.net.module.util.IBpfMap.ThrowingBiConsumer;
+import com.android.net.module.util.SharedLog;
import com.android.net.module.util.bpf.Tether4Key;
import com.android.net.module.util.bpf.Tether4Value;
import com.android.net.module.util.bpf.TetherStatsKey;
@@ -66,31 +66,31 @@
// BPF map for downstream IPv4 forwarding.
@Nullable
- private final BpfMap<Tether4Key, Tether4Value> mBpfDownstream4Map;
+ private final IBpfMap<Tether4Key, Tether4Value> mBpfDownstream4Map;
// BPF map for upstream IPv4 forwarding.
@Nullable
- private final BpfMap<Tether4Key, Tether4Value> mBpfUpstream4Map;
+ private final IBpfMap<Tether4Key, Tether4Value> mBpfUpstream4Map;
// BPF map for downstream IPv6 forwarding.
@Nullable
- private final BpfMap<TetherDownstream6Key, Tether6Value> mBpfDownstream6Map;
+ private final IBpfMap<TetherDownstream6Key, Tether6Value> mBpfDownstream6Map;
// BPF map for upstream IPv6 forwarding.
@Nullable
- private final BpfMap<TetherUpstream6Key, Tether6Value> mBpfUpstream6Map;
+ private final IBpfMap<TetherUpstream6Key, Tether6Value> mBpfUpstream6Map;
// BPF map of tethering statistics of the upstream interface since tethering startup.
@Nullable
- private final BpfMap<TetherStatsKey, TetherStatsValue> mBpfStatsMap;
+ private final IBpfMap<TetherStatsKey, TetherStatsValue> mBpfStatsMap;
// BPF map of per-interface quota for tethering offload.
@Nullable
- private final BpfMap<TetherLimitKey, TetherLimitValue> mBpfLimitMap;
+ private final IBpfMap<TetherLimitKey, TetherLimitValue> mBpfLimitMap;
// BPF map of interface index mapping for XDP.
@Nullable
- private final BpfMap<TetherDevKey, TetherDevValue> mBpfDevMap;
+ private final IBpfMap<TetherDevKey, TetherDevValue> mBpfDevMap;
// Tracking IPv4 rule count while any rule is using the given upstream interfaces. Used for
// reducing the BPF map iteration query. The count is increased or decreased when the rule is
@@ -425,11 +425,11 @@
}
@Override
- public boolean attachProgram(String iface, boolean downstream) {
+ public boolean attachProgram(String iface, boolean downstream, boolean ipv4) {
if (!isInitialized()) return false;
try {
- BpfUtils.attachProgram(iface, downstream);
+ BpfUtils.attachProgram(iface, downstream, ipv4);
} catch (IOException e) {
mLog.e("Could not attach program: " + e);
return false;
@@ -438,11 +438,11 @@
}
@Override
- public boolean detachProgram(String iface) {
+ public boolean detachProgram(String iface, boolean ipv4) {
if (!isInitialized()) return false;
try {
- BpfUtils.detachProgram(iface);
+ BpfUtils.detachProgram(iface, ipv4);
} catch (IOException e) {
mLog.e("Could not detach program: " + e);
return false;
@@ -482,7 +482,7 @@
return true;
}
- private String mapStatus(BpfMap m, String name) {
+ private String mapStatus(IBpfMap m, String name) {
return name + "{" + (m != null ? "OK" : "ERROR") + "}";
}
diff --git a/Tethering/apishim/common/com/android/networkstack/tethering/apishim/common/BpfCoordinatorShim.java b/Tethering/apishim/common/com/android/networkstack/tethering/apishim/common/BpfCoordinatorShim.java
index 69cbab5..51cecfe 100644
--- a/Tethering/apishim/common/com/android/networkstack/tethering/apishim/common/BpfCoordinatorShim.java
+++ b/Tethering/apishim/common/com/android/networkstack/tethering/apishim/common/BpfCoordinatorShim.java
@@ -172,16 +172,24 @@
/**
* Attach BPF program.
*
+ * @param iface the interface name to attach program.
+ * @param downstream indicate the datapath. true if downstream, false if upstream.
+ * @param ipv4 indicate the protocol family. true if ipv4, false if ipv6.
+ *
* TODO: consider using InterfaceParams to replace interface name.
*/
- public abstract boolean attachProgram(@NonNull String iface, boolean downstream);
+ public abstract boolean attachProgram(@NonNull String iface, boolean downstream,
+ boolean ipv4);
/**
* Detach BPF program.
*
+ * @param iface the interface name to detach program.
+ * @param ipv4 indicate the protocol family. true if ipv4, false if ipv6.
+ *
* TODO: consider using InterfaceParams to replace interface name.
*/
- public abstract boolean detachProgram(@NonNull String iface);
+ public abstract boolean detachProgram(@NonNull String iface, boolean ipv4);
/**
* Add interface index mapping.
diff --git a/Tethering/common/TetheringLib/src/android/net/TetheringManager.java b/Tethering/common/TetheringLib/src/android/net/TetheringManager.java
index b3f0cf2..cd914d3 100644
--- a/Tethering/common/TetheringLib/src/android/net/TetheringManager.java
+++ b/Tethering/common/TetheringLib/src/android/net/TetheringManager.java
@@ -1273,8 +1273,10 @@
@Override
public int hashCode() {
- return Objects.hash(mTetherableBluetoothRegexs, mTetherableUsbRegexs,
- mTetherableWifiRegexs);
+ return Objects.hash(
+ Arrays.hashCode(mTetherableBluetoothRegexs),
+ Arrays.hashCode(mTetherableUsbRegexs),
+ Arrays.hashCode(mTetherableWifiRegexs));
}
@Override
diff --git a/Tethering/jni/com_android_networkstack_tethering_util_TetheringUtils.cpp b/Tethering/jni/com_android_networkstack_tethering_util_TetheringUtils.cpp
index 291bf54..6699c0d 100644
--- a/Tethering/jni/com_android_networkstack_tethering_util_TetheringUtils.cpp
+++ b/Tethering/jni/com_android_networkstack_tethering_util_TetheringUtils.cpp
@@ -49,8 +49,10 @@
BPF_STMT(BPF_LD | BPF_B | BPF_ABS, kICMPv6TypeOffset),
BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, type, 0, 1),
- // Accept or reject.
+ // Accept.
BPF_STMT(BPF_RET | BPF_K, 0xffff),
+
+ // Reject.
BPF_STMT(BPF_RET | BPF_K, 0)
};
diff --git a/Tethering/src/android/net/ip/IpServer.java b/Tethering/src/android/net/ip/IpServer.java
index c718f4c..438b592 100644
--- a/Tethering/src/android/net/ip/IpServer.java
+++ b/Tethering/src/android/net/ip/IpServer.java
@@ -44,9 +44,7 @@
import android.net.dhcp.DhcpServingParamsParcelExt;
import android.net.dhcp.IDhcpEventCallbacks;
import android.net.dhcp.IDhcpServer;
-import android.net.ip.IpNeighborMonitor.NeighborEvent;
import android.net.ip.RouterAdvertisementDaemon.RaParams;
-import android.net.util.SharedLog;
import android.os.Handler;
import android.os.Looper;
import android.os.Message;
@@ -64,11 +62,16 @@
import com.android.modules.utils.build.SdkLevel;
import com.android.net.module.util.InterfaceParams;
import com.android.net.module.util.NetdUtils;
+import com.android.net.module.util.SharedLog;
+import com.android.net.module.util.ip.InterfaceController;
+import com.android.net.module.util.ip.IpNeighborMonitor;
+import com.android.net.module.util.ip.IpNeighborMonitor.NeighborEvent;
import com.android.networkstack.tethering.BpfCoordinator;
import com.android.networkstack.tethering.BpfCoordinator.ClientInfo;
import com.android.networkstack.tethering.BpfCoordinator.Ipv6ForwardingRule;
import com.android.networkstack.tethering.PrivateAddressCoordinator;
import com.android.networkstack.tethering.TetheringConfiguration;
+import com.android.networkstack.tethering.metrics.TetheringMetrics;
import com.android.networkstack.tethering.util.InterfaceSet;
import com.android.networkstack.tethering.util.PrefixUtils;
@@ -282,13 +285,15 @@
private LinkAddress mIpv4Address;
+ private final TetheringMetrics mTetheringMetrics;
+
// TODO: Add a dependency object to pass the data members or variables from the tethering
// object. It helps to reduce the arguments of the constructor.
public IpServer(
String ifaceName, Looper looper, int interfaceType, SharedLog log,
INetd netd, @NonNull BpfCoordinator coordinator, Callback callback,
TetheringConfiguration config, PrivateAddressCoordinator addressCoordinator,
- Dependencies deps) {
+ TetheringMetrics tetheringMetrics, Dependencies deps) {
super(ifaceName, looper);
mLog = log.forSubComponent(ifaceName);
mNetd = netd;
@@ -303,6 +308,7 @@
mP2pLeasesSubnetPrefixLength = config.getP2pLeasesSubnetPrefixLength();
mPrivateAddressCoordinator = addressCoordinator;
mDeps = deps;
+ mTetheringMetrics = tetheringMetrics;
resetLinkProperties();
mLastError = TetheringManager.TETHER_ERROR_NO_ERROR;
mServingMode = STATE_AVAILABLE;
@@ -1201,6 +1207,9 @@
stopConntrackMonitoring();
resetLinkProperties();
+
+ mTetheringMetrics.updateErrorCode(mInterfaceType, mLastError);
+ mTetheringMetrics.sendReport(mInterfaceType);
}
@Override
diff --git a/Tethering/src/android/net/ip/NeighborPacketForwarder.java b/Tethering/src/android/net/ip/NeighborPacketForwarder.java
index 723bd63..8384562 100644
--- a/Tethering/src/android/net/ip/NeighborPacketForwarder.java
+++ b/Tethering/src/android/net/ip/NeighborPacketForwarder.java
@@ -23,6 +23,7 @@
import static android.system.OsConstants.SOCK_DGRAM;
import static android.system.OsConstants.SOCK_NONBLOCK;
import static android.system.OsConstants.SOCK_RAW;
+import static android.system.OsConstants.ENODEV;
import android.net.util.SocketUtils;
import android.os.Handler;
@@ -131,7 +132,13 @@
ETH_P_IPV6, mListenIfaceParams.index);
Os.bind(mFd, bindAddress);
} catch (ErrnoException | SocketException e) {
- Log.wtf(mTag, "Failed to create socket", e);
+ // An ENODEV(No such device) will rise if tethering stopped before this function, this
+ // may happen when enable/disable tethering quickly.
+ if (e instanceof ErrnoException && ((ErrnoException) e).errno == ENODEV) {
+ Log.w(mTag, "Failed to create socket because tethered interface is gone", e);
+ } else {
+ Log.wtf(mTag, "Failed to create socket", e);
+ }
closeSocketQuietly(mFd);
return null;
}
diff --git a/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java b/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
index c403548..74ba209 100644
--- a/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
+++ b/Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
@@ -23,11 +23,11 @@
import static android.net.NetworkStats.TAG_NONE;
import static android.net.NetworkStats.UID_ALL;
import static android.net.NetworkStats.UID_TETHERING;
-import static android.net.ip.ConntrackMonitor.ConntrackEvent;
import static android.net.netstats.provider.NetworkStatsProvider.QUOTA_UNLIMITED;
import static android.system.OsConstants.ETH_P_IP;
import static android.system.OsConstants.ETH_P_IPV6;
+import static com.android.net.module.util.ip.ConntrackMonitor.ConntrackEvent;
import static com.android.networkstack.tethering.BpfUtils.DOWNSTREAM;
import static com.android.networkstack.tethering.BpfUtils.UPSTREAM;
import static com.android.networkstack.tethering.TetheringConfiguration.DEFAULT_TETHER_OFFLOAD_POLL_INTERVAL_MS;
@@ -40,18 +40,14 @@
import android.net.NetworkStats;
import android.net.NetworkStats.Entry;
import android.net.TetherOffloadRuleParcel;
-import android.net.ip.ConntrackMonitor;
-import android.net.ip.ConntrackMonitor.ConntrackEventConsumer;
import android.net.ip.IpServer;
import android.net.netstats.provider.NetworkStatsProvider;
-import android.net.util.SharedLog;
import android.os.Handler;
import android.os.SystemClock;
import android.system.ErrnoException;
import android.system.OsConstants;
import android.text.TextUtils;
import android.util.ArraySet;
-import android.util.Base64;
import android.util.Log;
import android.util.SparseArray;
@@ -61,16 +57,21 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.util.IndentingPrintWriter;
import com.android.modules.utils.build.SdkLevel;
+import com.android.net.module.util.BpfDump;
import com.android.net.module.util.BpfMap;
import com.android.net.module.util.CollectionUtils;
+import com.android.net.module.util.IBpfMap;
import com.android.net.module.util.InterfaceParams;
import com.android.net.module.util.NetworkStackConstants;
+import com.android.net.module.util.SharedLog;
import com.android.net.module.util.Struct;
-import com.android.net.module.util.Struct.U32;
+import com.android.net.module.util.Struct.S32;
import com.android.net.module.util.bpf.Tether4Key;
import com.android.net.module.util.bpf.Tether4Value;
import com.android.net.module.util.bpf.TetherStatsKey;
import com.android.net.module.util.bpf.TetherStatsValue;
+import com.android.net.module.util.ip.ConntrackMonitor;
+import com.android.net.module.util.ip.ConntrackMonitor.ConntrackEventConsumer;
import com.android.net.module.util.netlink.ConntrackMessage;
import com.android.net.module.util.netlink.NetlinkConstants;
import com.android.net.module.util.netlink.NetlinkSocket;
@@ -125,9 +126,6 @@
private static final String DUMPSYS_RAWMAP_ARG_STATS = "--stats";
private static final String DUMPSYS_RAWMAP_ARG_UPSTREAM4 = "--upstream4";
- // Using "," as a separator is safe because base64 characters are [0-9a-zA-Z/=+].
- private static final String DUMP_BASE64_DELIMITER = ",";
-
/** The names of all the BPF counters defined in bpf_tethering.h. */
public static final String[] sBpfCounterNames = getBpfCounterNames();
@@ -323,7 +321,7 @@
}
/** Get downstream4 BPF map. */
- @Nullable public BpfMap<Tether4Key, Tether4Value> getBpfDownstream4Map() {
+ @Nullable public IBpfMap<Tether4Key, Tether4Value> getBpfDownstream4Map() {
if (!isAtLeastS()) return null;
try {
return new BpfMap<>(TETHER_DOWNSTREAM4_MAP_PATH,
@@ -335,7 +333,7 @@
}
/** Get upstream4 BPF map. */
- @Nullable public BpfMap<Tether4Key, Tether4Value> getBpfUpstream4Map() {
+ @Nullable public IBpfMap<Tether4Key, Tether4Value> getBpfUpstream4Map() {
if (!isAtLeastS()) return null;
try {
return new BpfMap<>(TETHER_UPSTREAM4_MAP_PATH,
@@ -347,7 +345,7 @@
}
/** Get downstream6 BPF map. */
- @Nullable public BpfMap<TetherDownstream6Key, Tether6Value> getBpfDownstream6Map() {
+ @Nullable public IBpfMap<TetherDownstream6Key, Tether6Value> getBpfDownstream6Map() {
if (!isAtLeastS()) return null;
try {
return new BpfMap<>(TETHER_DOWNSTREAM6_FS_PATH,
@@ -359,7 +357,7 @@
}
/** Get upstream6 BPF map. */
- @Nullable public BpfMap<TetherUpstream6Key, Tether6Value> getBpfUpstream6Map() {
+ @Nullable public IBpfMap<TetherUpstream6Key, Tether6Value> getBpfUpstream6Map() {
if (!isAtLeastS()) return null;
try {
return new BpfMap<>(TETHER_UPSTREAM6_FS_PATH, BpfMap.BPF_F_RDWR,
@@ -371,7 +369,7 @@
}
/** Get stats BPF map. */
- @Nullable public BpfMap<TetherStatsKey, TetherStatsValue> getBpfStatsMap() {
+ @Nullable public IBpfMap<TetherStatsKey, TetherStatsValue> getBpfStatsMap() {
if (!isAtLeastS()) return null;
try {
return new BpfMap<>(TETHER_STATS_MAP_PATH,
@@ -383,7 +381,7 @@
}
/** Get limit BPF map. */
- @Nullable public BpfMap<TetherLimitKey, TetherLimitValue> getBpfLimitMap() {
+ @Nullable public IBpfMap<TetherLimitKey, TetherLimitValue> getBpfLimitMap() {
if (!isAtLeastS()) return null;
try {
return new BpfMap<>(TETHER_LIMIT_MAP_PATH,
@@ -395,7 +393,7 @@
}
/** Get dev BPF map. */
- @Nullable public BpfMap<TetherDevKey, TetherDevValue> getBpfDevMap() {
+ @Nullable public IBpfMap<TetherDevKey, TetherDevValue> getBpfDevMap() {
if (!isAtLeastS()) return null;
try {
return new BpfMap<>(TETHER_DEV_MAP_PATH,
@@ -538,6 +536,13 @@
// TODO: Wrap conntrackMonitor stopping function into mBpfCoordinatorShim.
if (!isUsingBpf() || !mDeps.isAtLeastS()) return;
+ // Ignore stopping monitoring if the monitor has never started for a given IpServer.
+ if (!mMonitoringIpServers.contains(ipServer)) {
+ mLog.e("Ignore stopping monitoring because monitoring has never started for "
+ + ipServer.interfaceName());
+ return;
+ }
+
mMonitoringIpServers.remove(ipServer);
if (!mMonitoringIpServers.isEmpty()) return;
@@ -578,7 +583,7 @@
if (!mBpfCoordinatorShim.startUpstreamIpv6Forwarding(downstream, upstream, rule.srcMac,
NULL_MAC_ADDRESS, NULL_MAC_ADDRESS, NetworkStackConstants.ETHER_MTU)) {
mLog.e("Failed to enable upstream IPv6 forwarding from "
- + mInterfaceNames.get(downstream) + " to " + mInterfaceNames.get(upstream));
+ + getIfName(downstream) + " to " + getIfName(upstream));
}
}
@@ -619,7 +624,7 @@
if (!mBpfCoordinatorShim.stopUpstreamIpv6Forwarding(downstream, upstream,
rule.srcMac)) {
mLog.e("Failed to disable upstream IPv6 forwarding from "
- + mInterfaceNames.get(downstream) + " to " + mInterfaceNames.get(upstream));
+ + getIfName(downstream) + " to " + getIfName(upstream));
}
}
@@ -898,6 +903,28 @@
}
}
+ private boolean is464XlatInterface(@NonNull String ifaceName) {
+ return ifaceName.startsWith("v4-");
+ }
+
+ private void maybeAttachProgramImpl(@NonNull String iface, boolean downstream) {
+ mBpfCoordinatorShim.attachProgram(iface, downstream, true /* ipv4 */);
+
+ // Ignore 464xlat interface because it is IPv4 only.
+ if (!is464XlatInterface(iface)) {
+ mBpfCoordinatorShim.attachProgram(iface, downstream, false /* ipv4 */);
+ }
+ }
+
+ private void maybeDetachProgramImpl(@NonNull String iface) {
+ mBpfCoordinatorShim.detachProgram(iface, true /* ipv4 */);
+
+ // Ignore 464xlat interface because it is IPv4 only.
+ if (!is464XlatInterface(iface)) {
+ mBpfCoordinatorShim.detachProgram(iface, false /* ipv4 */);
+ }
+ }
+
/**
* Attach BPF program
*
@@ -908,13 +935,19 @@
if (forwardingPairExists(intIface, extIface)) return;
+ boolean firstUpstreamForThisDownstream = !isAnyForwardingPairOnDownstream(intIface);
boolean firstDownstreamForThisUpstream = !isAnyForwardingPairOnUpstream(extIface);
forwardingPairAdd(intIface, extIface);
- mBpfCoordinatorShim.attachProgram(intIface, UPSTREAM);
+ // Attach if the downstream is the first time to be used in a forwarding pair.
+ // Ex: IPv6 only interface has two forwarding pair, iface and v4-iface, on the
+ // same downstream.
+ if (firstUpstreamForThisDownstream) {
+ maybeAttachProgramImpl(intIface, UPSTREAM);
+ }
// Attach if the upstream is the first time to be used in a forwarding pair.
if (firstDownstreamForThisUpstream) {
- mBpfCoordinatorShim.attachProgram(extIface, DOWNSTREAM);
+ maybeAttachProgramImpl(extIface, DOWNSTREAM);
}
}
@@ -925,16 +958,22 @@
forwardingPairRemove(intIface, extIface);
// Detaching program may fail because the interface has been removed already.
- mBpfCoordinatorShim.detachProgram(intIface);
+ if (!isAnyForwardingPairOnDownstream(intIface)) {
+ maybeDetachProgramImpl(intIface);
+ }
// Detach if no more forwarding pair is using the upstream.
if (!isAnyForwardingPairOnUpstream(extIface)) {
- mBpfCoordinatorShim.detachProgram(extIface);
+ maybeDetachProgramImpl(extIface);
}
}
// TODO: make mInterfaceNames accessible to the shim and move this code to there.
- private String getIfName(long ifindex) {
- return mInterfaceNames.get((int) ifindex, Long.toString(ifindex));
+ // This function should only be used for logging/dump purposes.
+ private String getIfName(int ifindex) {
+ // TODO: return something more useful on lookup failure
+ // likely use the 'iface_index_name_map' bpf map and/or if_nametoindex
+ // perhaps should even check that all 3 match if available.
+ return mInterfaceNames.get(ifindex, Integer.toString(ifindex));
}
/**
@@ -944,6 +983,8 @@
* be allowed to be accessed on the handler thread.
*/
public void dump(@NonNull IndentingPrintWriter pw) {
+ // Note that EthernetTetheringTest#isTetherConfigBpfOffloadEnabled relies on
+ // "mIsBpfEnabled" to check tethering config via dumpsys. Beware of the change if any.
pw.println("mIsBpfEnabled: " + mIsBpfEnabled);
pw.println("Polling " + (mPollingStarted ? "started" : "not started"));
pw.println("Stats provider " + (mStatsProvider != null
@@ -969,9 +1010,9 @@
pw.println("Forwarding rules:");
pw.increaseIndent();
- dumpIpv6UpstreamRules(pw);
- dumpIpv6ForwardingRules(pw);
- dumpIpv4ForwardingRules(pw);
+ dumpIpv6ForwardingRulesByDownstream(pw);
+ dumpBpfForwardingRulesIpv6(pw);
+ dumpBpfForwardingRulesIpv4(pw);
pw.decreaseIndent();
pw.println();
@@ -1009,12 +1050,12 @@
for (int i = 0; i < mStats.size(); i++) {
final int upstreamIfindex = mStats.keyAt(i);
final ForwardedStats stats = mStats.get(upstreamIfindex);
- pw.println(String.format("%d(%s) - %s", upstreamIfindex, mInterfaceNames.get(
- upstreamIfindex), stats.toString()));
+ pw.println(String.format("%d(%s) - %s", upstreamIfindex, getIfName(upstreamIfindex),
+ stats.toString()));
}
}
private void dumpBpfStats(@NonNull IndentingPrintWriter pw) {
- try (BpfMap<TetherStatsKey, TetherStatsValue> map = mDeps.getBpfStatsMap()) {
+ try (IBpfMap<TetherStatsKey, TetherStatsValue> map = mDeps.getBpfStatsMap()) {
if (map == null) {
pw.println("No BPF stats map");
return;
@@ -1030,9 +1071,12 @@
}
}
- private void dumpIpv6ForwardingRules(@NonNull IndentingPrintWriter pw) {
+ private void dumpIpv6ForwardingRulesByDownstream(@NonNull IndentingPrintWriter pw) {
+ pw.println("IPv6 Forwarding rules by downstream interface:");
+ pw.increaseIndent();
if (mIpv6ForwardingRules.size() == 0) {
pw.println("No IPv6 rules");
+ pw.decreaseIndent();
return;
}
@@ -1042,28 +1086,31 @@
// The rule downstream interface index is paired with the interface name from
// IpServer#interfaceName. See #startIPv6, #updateIpv6ForwardingRules in IpServer.
final String downstreamIface = ipServer.interfaceName();
- pw.println("[" + downstreamIface + "]: iif(iface) oif(iface) v6addr srcmac dstmac");
+ pw.println("[" + downstreamIface + "]: iif(iface) oif(iface) v6addr "
+ + "[srcmac] [dstmac]");
pw.increaseIndent();
LinkedHashMap<Inet6Address, Ipv6ForwardingRule> rules = entry.getValue();
for (Ipv6ForwardingRule rule : rules.values()) {
final int upstreamIfindex = rule.upstreamIfindex;
- pw.println(String.format("%d(%s) %d(%s) %s %s %s", upstreamIfindex,
- mInterfaceNames.get(upstreamIfindex), rule.downstreamIfindex,
- downstreamIface, rule.address.getHostAddress(), rule.srcMac, rule.dstMac));
+ pw.println(String.format("%d(%s) %d(%s) %s [%s] [%s]", upstreamIfindex,
+ getIfName(upstreamIfindex), rule.downstreamIfindex,
+ getIfName(rule.downstreamIfindex), rule.address.getHostAddress(),
+ rule.srcMac, rule.dstMac));
}
pw.decreaseIndent();
}
+ pw.decreaseIndent();
}
- private String ipv6UpstreamRuletoString(TetherUpstream6Key key, Tether6Value value) {
- return String.format("%d(%s) %s -> %d(%s) %04x %s %s",
+ private String ipv6UpstreamRuleToString(TetherUpstream6Key key, Tether6Value value) {
+ return String.format("%d(%s) [%s] -> %d(%s) %04x [%s] [%s]",
key.iif, getIfName(key.iif), key.dstMac, value.oif, getIfName(value.oif),
value.ethProto, value.ethSrcMac, value.ethDstMac);
}
private void dumpIpv6UpstreamRules(IndentingPrintWriter pw) {
- try (BpfMap<TetherUpstream6Key, Tether6Value> map = mDeps.getBpfUpstream6Map()) {
+ try (IBpfMap<TetherUpstream6Key, Tether6Value> map = mDeps.getBpfUpstream6Map()) {
if (map == null) {
pw.println("No IPv6 upstream");
return;
@@ -1072,25 +1119,57 @@
pw.println("No IPv6 upstream rules");
return;
}
- map.forEach((k, v) -> pw.println(ipv6UpstreamRuletoString(k, v)));
+ map.forEach((k, v) -> pw.println(ipv6UpstreamRuleToString(k, v)));
} catch (ErrnoException | IOException e) {
pw.println("Error dumping IPv6 upstream map: " + e);
}
}
- private <K extends Struct, V extends Struct> String bpfMapEntryToBase64String(
- final K key, final V value) {
- final byte[] keyBytes = key.writeToBytes();
- final String keyBase64Str = Base64.encodeToString(keyBytes, Base64.DEFAULT)
- .replace("\n", "");
- final byte[] valueBytes = value.writeToBytes();
- final String valueBase64Str = Base64.encodeToString(valueBytes, Base64.DEFAULT)
- .replace("\n", "");
-
- return keyBase64Str + DUMP_BASE64_DELIMITER + valueBase64Str;
+ private String ipv6DownstreamRuleToString(TetherDownstream6Key key, Tether6Value value) {
+ final String neigh6;
+ try {
+ neigh6 = InetAddress.getByAddress(key.neigh6).getHostAddress();
+ } catch (UnknownHostException impossible) {
+ throw new AssertionError("IP address array not valid IPv6 address!");
+ }
+ return String.format("%d(%s) [%s] %s -> %d(%s) %04x [%s] [%s]",
+ key.iif, getIfName(key.iif), key.dstMac, neigh6, value.oif, getIfName(value.oif),
+ value.ethProto, value.ethSrcMac, value.ethDstMac);
}
- private <K extends Struct, V extends Struct> void dumpRawMap(BpfMap<K, V> map,
+ private void dumpIpv6DownstreamRules(IndentingPrintWriter pw) {
+ try (IBpfMap<TetherDownstream6Key, Tether6Value> map = mDeps.getBpfDownstream6Map()) {
+ if (map == null) {
+ pw.println("No IPv6 downstream");
+ return;
+ }
+ if (map.isEmpty()) {
+ pw.println("No IPv6 downstream rules");
+ return;
+ }
+ map.forEach((k, v) -> pw.println(ipv6DownstreamRuleToString(k, v)));
+ } catch (ErrnoException | IOException e) {
+ pw.println("Error dumping IPv6 downstream map: " + e);
+ }
+ }
+
+ // TODO: use dump utils with headerline and lambda which prints key and value to reduce
+ // duplicate bpf map dump code.
+ private void dumpBpfForwardingRulesIpv6(IndentingPrintWriter pw) {
+ pw.println("IPv6 Upstream: iif(iface) [inDstMac] -> oif(iface) etherType [outSrcMac] "
+ + "[outDstMac]");
+ pw.increaseIndent();
+ dumpIpv6UpstreamRules(pw);
+ pw.decreaseIndent();
+
+ pw.println("IPv6 Downstream: iif(iface) [inDstMac] neigh6 -> oif(iface) etherType "
+ + "[outSrcMac] [outDstMac]");
+ pw.increaseIndent();
+ dumpIpv6DownstreamRules(pw);
+ pw.decreaseIndent();
+ }
+
+ private <K extends Struct, V extends Struct> void dumpRawMap(IBpfMap<K, V> map,
IndentingPrintWriter pw) throws ErrnoException {
if (map == null) {
pw.println("No BPF support");
@@ -1100,14 +1179,20 @@
pw.println("No entries");
return;
}
- map.forEach((k, v) -> pw.println(bpfMapEntryToBase64String(k, v)));
+ map.forEach((k, v) -> pw.println(BpfDump.toBase64EncodedString(k, v)));
}
/**
- * Dump raw BPF map in base64 encoded strings. For test only.
- * Only allow to dump one map path once.
- * Format:
+ * Dump raw BPF map into the base64 encoded strings "<base64 key>,<base64 value>".
+ * Allow to dump only one map path once. For test only.
+ *
+ * Usage:
* $ dumpsys tethering bpfRawMap --<map name>
+ *
+ * Output:
+ * <base64 encoded key #1>,<base64 encoded value #1>
+ * <base64 encoded key #2>,<base64 encoded value #2>
+ * ..
*/
public void dumpRawMap(@NonNull IndentingPrintWriter pw, @Nullable String[] args) {
// TODO: consider checking the arg order that <map name> is after "bpfRawMap". Probably
@@ -1115,7 +1200,7 @@
// expected argument order.
// TODO: dump downstream4 map.
if (CollectionUtils.contains(args, DUMPSYS_RAWMAP_ARG_STATS)) {
- try (BpfMap<TetherStatsKey, TetherStatsValue> statsMap = mDeps.getBpfStatsMap()) {
+ try (IBpfMap<TetherStatsKey, TetherStatsValue> statsMap = mDeps.getBpfStatsMap()) {
dumpRawMap(statsMap, pw);
} catch (ErrnoException | IOException e) {
pw.println("Error dumping stats map: " + e);
@@ -1123,7 +1208,7 @@
return;
}
if (CollectionUtils.contains(args, DUMPSYS_RAWMAP_ARG_UPSTREAM4)) {
- try (BpfMap<Tether4Key, Tether4Value> upstreamMap = mDeps.getBpfUpstream4Map()) {
+ try (IBpfMap<Tether4Key, Tether4Value> upstreamMap = mDeps.getBpfUpstream4Map()) {
dumpRawMap(upstreamMap, pw);
} catch (ErrnoException | IOException e) {
pw.println("Error dumping IPv4 map: " + e);
@@ -1168,7 +1253,7 @@
}
private void dumpIpv4ForwardingRuleMap(long now, boolean downstream,
- BpfMap<Tether4Key, Tether4Value> map, IndentingPrintWriter pw) throws ErrnoException {
+ IBpfMap<Tether4Key, Tether4Value> map, IndentingPrintWriter pw) throws ErrnoException {
if (map == null) {
pw.println("No IPv4 support");
return;
@@ -1180,11 +1265,11 @@
map.forEach((k, v) -> pw.println(ipv4RuleToString(now, downstream, k, v)));
}
- private void dumpIpv4ForwardingRules(IndentingPrintWriter pw) {
+ private void dumpBpfForwardingRulesIpv4(IndentingPrintWriter pw) {
final long now = SystemClock.elapsedRealtimeNanos();
- try (BpfMap<Tether4Key, Tether4Value> upstreamMap = mDeps.getBpfUpstream4Map();
- BpfMap<Tether4Key, Tether4Value> downstreamMap = mDeps.getBpfDownstream4Map()) {
+ try (IBpfMap<Tether4Key, Tether4Value> upstreamMap = mDeps.getBpfUpstream4Map();
+ IBpfMap<Tether4Key, Tether4Value> downstreamMap = mDeps.getBpfDownstream4Map()) {
pw.println("IPv4 Upstream: proto [inDstMac] iif(iface) src -> nat -> "
+ "dst [outDstMac] age");
pw.increaseIndent();
@@ -1206,18 +1291,18 @@
pw.println("No counter support");
return;
}
- try (BpfMap<U32, U32> map = new BpfMap<>(TETHER_ERROR_MAP_PATH, BpfMap.BPF_F_RDONLY,
- U32.class, U32.class)) {
+ try (IBpfMap<S32, S32> map = new BpfMap<>(TETHER_ERROR_MAP_PATH, BpfMap.BPF_F_RDONLY,
+ S32.class, S32.class)) {
map.forEach((k, v) -> {
String counterName;
try {
- counterName = sBpfCounterNames[(int) k.val];
+ counterName = sBpfCounterNames[k.val];
} catch (IndexOutOfBoundsException e) {
// Should never happen because this code gets the counter name from the same
// include file as the BPF program that increments the counter.
Log.wtf(TAG, "Unknown tethering counter type " + k.val);
- counterName = Long.toString(k.val);
+ counterName = Integer.toString(k.val);
}
if (v.val > 0) pw.println(String.format("%s: %d", counterName, v.val));
});
@@ -1227,7 +1312,7 @@
}
private void dumpDevmap(@NonNull IndentingPrintWriter pw) {
- try (BpfMap<TetherDevKey, TetherDevValue> map = mDeps.getBpfDevMap()) {
+ try (IBpfMap<TetherDevKey, TetherDevValue> map = mDeps.getBpfDevMap()) {
if (map == null) {
pw.println("No devmap support");
return;
@@ -1745,8 +1830,7 @@
// TODO: Perhaps stop the coordinator.
boolean success = updateDataLimit(upstreamIfindex);
if (!success) {
- final String iface = mInterfaceNames.get(upstreamIfindex);
- mLog.e("Setting data limit for " + iface + " failed.");
+ mLog.e("Setting data limit for " + getIfName(upstreamIfindex) + " failed.");
}
}
@@ -1834,6 +1918,13 @@
return mForwardingPairs.containsKey(extIface);
}
+ private boolean isAnyForwardingPairOnDownstream(@NonNull String intIface) {
+ for (final HashSet downstreams : mForwardingPairs.values()) {
+ if (downstreams.contains(intIface)) return true;
+ }
+ return false;
+ }
+
@NonNull
private NetworkStats buildNetworkStats(@NonNull StatsType type, int ifIndex,
@NonNull final ForwardedStats diff) {
diff --git a/Tethering/src/com/android/networkstack/tethering/BpfUtils.java b/Tethering/src/com/android/networkstack/tethering/BpfUtils.java
index 3d2dfaa..12a0c96 100644
--- a/Tethering/src/com/android/networkstack/tethering/BpfUtils.java
+++ b/Tethering/src/com/android/networkstack/tethering/BpfUtils.java
@@ -74,7 +74,7 @@
*
* TODO: use interface index to replace interface name.
*/
- public static void attachProgram(@NonNull String iface, boolean downstream)
+ public static void attachProgram(@NonNull String iface, boolean downstream, boolean ipv4)
throws IOException {
final InterfaceParams params = InterfaceParams.getByName(iface);
if (params == null) {
@@ -88,24 +88,26 @@
throw new IOException("isEthernet(" + params.index + "[" + iface + "]) failure: " + e);
}
- try {
- // tc filter add dev .. ingress prio 1 protocol ipv6 bpf object-pinned /sys/fs/bpf/...
- // direct-action
- TcUtils.tcFilterAddDevBpf(params.index, INGRESS, PRIO_TETHER6, (short) ETH_P_IPV6,
- makeProgPath(downstream, 6, ether));
- } catch (IOException e) {
- throw new IOException("tc filter add dev (" + params.index + "[" + iface
- + "]) ingress prio PRIO_TETHER6 protocol ipv6 failure: " + e);
- }
-
- try {
- // tc filter add dev .. ingress prio 2 protocol ip bpf object-pinned /sys/fs/bpf/...
- // direct-action
- TcUtils.tcFilterAddDevBpf(params.index, INGRESS, PRIO_TETHER4, (short) ETH_P_IP,
- makeProgPath(downstream, 4, ether));
- } catch (IOException e) {
- throw new IOException("tc filter add dev (" + params.index + "[" + iface
- + "]) ingress prio PRIO_TETHER4 protocol ip failure: " + e);
+ if (ipv4) {
+ try {
+ // tc filter add dev .. ingress prio 2 protocol ip bpf object-pinned /sys/fs/bpf/...
+ // direct-action
+ TcUtils.tcFilterAddDevBpf(params.index, INGRESS, PRIO_TETHER4, (short) ETH_P_IP,
+ makeProgPath(downstream, 4, ether));
+ } catch (IOException e) {
+ throw new IOException("tc filter add dev (" + params.index + "[" + iface
+ + "]) ingress prio PRIO_TETHER4 protocol ip failure: " + e);
+ }
+ } else {
+ try {
+ // tc filter add dev .. ingress prio 1 protocol ipv6 bpf object-pinned
+ // /sys/fs/bpf/... direct-action
+ TcUtils.tcFilterAddDevBpf(params.index, INGRESS, PRIO_TETHER6, (short) ETH_P_IPV6,
+ makeProgPath(downstream, 6, ether));
+ } catch (IOException e) {
+ throw new IOException("tc filter add dev (" + params.index + "[" + iface
+ + "]) ingress prio PRIO_TETHER6 protocol ipv6 failure: " + e);
+ }
}
}
@@ -114,26 +116,28 @@
*
* TODO: use interface index to replace interface name.
*/
- public static void detachProgram(@NonNull String iface) throws IOException {
+ public static void detachProgram(@NonNull String iface, boolean ipv4) throws IOException {
final InterfaceParams params = InterfaceParams.getByName(iface);
if (params == null) {
throw new IOException("Fail to get interface params for interface " + iface);
}
- try {
- // tc filter del dev .. ingress prio 1 protocol ipv6
- TcUtils.tcFilterDelDev(params.index, INGRESS, PRIO_TETHER6, (short) ETH_P_IPV6);
- } catch (IOException e) {
- throw new IOException("tc filter del dev (" + params.index + "[" + iface
- + "]) ingress prio PRIO_TETHER6 protocol ipv6 failure: " + e);
- }
-
- try {
- // tc filter del dev .. ingress prio 2 protocol ip
- TcUtils.tcFilterDelDev(params.index, INGRESS, PRIO_TETHER4, (short) ETH_P_IP);
- } catch (IOException e) {
- throw new IOException("tc filter del dev (" + params.index + "[" + iface
- + "]) ingress prio PRIO_TETHER4 protocol ip failure: " + e);
+ if (ipv4) {
+ try {
+ // tc filter del dev .. ingress prio 2 protocol ip
+ TcUtils.tcFilterDelDev(params.index, INGRESS, PRIO_TETHER4, (short) ETH_P_IP);
+ } catch (IOException e) {
+ throw new IOException("tc filter del dev (" + params.index + "[" + iface
+ + "]) ingress prio PRIO_TETHER4 protocol ip failure: " + e);
+ }
+ } else {
+ try {
+ // tc filter del dev .. ingress prio 1 protocol ipv6
+ TcUtils.tcFilterDelDev(params.index, INGRESS, PRIO_TETHER6, (short) ETH_P_IPV6);
+ } catch (IOException e) {
+ throw new IOException("tc filter del dev (" + params.index + "[" + iface
+ + "]) ingress prio PRIO_TETHER6 protocol ipv6 failure: " + e);
+ }
}
}
}
diff --git a/Tethering/src/com/android/networkstack/tethering/EntitlementManager.java b/Tethering/src/com/android/networkstack/tethering/EntitlementManager.java
index adc95ab..784ebd5 100644
--- a/Tethering/src/com/android/networkstack/tethering/EntitlementManager.java
+++ b/Tethering/src/com/android/networkstack/tethering/EntitlementManager.java
@@ -43,7 +43,6 @@
import android.content.Intent;
import android.content.IntentFilter;
import android.content.pm.PackageManager;
-import android.net.util.SharedLog;
import android.os.Bundle;
import android.os.Handler;
import android.os.Parcel;
@@ -55,6 +54,7 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.modules.utils.build.SdkLevel;
+import com.android.net.module.util.SharedLog;
import java.io.PrintWriter;
import java.util.BitSet;
@@ -296,7 +296,7 @@
* 4th priority : Checks whether provisioning is required from RRO configuration.
*
* @param config
- * @return integer {@see #TETHERING_PROVISIONING_NOT_REQUIRED,
+ * @return integer See {@link #TETHERING_PROVISIONING_NOT_REQUIRED,
* #TETHERING_PROVISIONING_REQUIRED,
* #TETHERING_PROVISIONING_CARRIER_UNSUPPORT}
*/
diff --git a/Tethering/src/com/android/networkstack/tethering/IPv6TetheringCoordinator.java b/Tethering/src/com/android/networkstack/tethering/IPv6TetheringCoordinator.java
index f3dcaa2..ab3929d 100644
--- a/Tethering/src/com/android/networkstack/tethering/IPv6TetheringCoordinator.java
+++ b/Tethering/src/com/android/networkstack/tethering/IPv6TetheringCoordinator.java
@@ -24,9 +24,10 @@
import android.net.RouteInfo;
import android.net.ip.IpServer;
import android.net.util.NetworkConstants;
-import android.net.util.SharedLog;
import android.util.Log;
+import com.android.net.module.util.SharedLog;
+
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.UnknownHostException;
diff --git a/Tethering/src/com/android/networkstack/tethering/OffloadController.java b/Tethering/src/com/android/networkstack/tethering/OffloadController.java
index d60c21d..94684af 100644
--- a/Tethering/src/com/android/networkstack/tethering/OffloadController.java
+++ b/Tethering/src/com/android/networkstack/tethering/OffloadController.java
@@ -43,7 +43,6 @@
import android.net.NetworkStats.Entry;
import android.net.RouteInfo;
import android.net.netstats.provider.NetworkStatsProvider;
-import android.net.util.SharedLog;
import android.os.Handler;
import android.provider.Settings;
import android.system.ErrnoException;
@@ -53,6 +52,7 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.util.IndentingPrintWriter;
+import com.android.net.module.util.SharedLog;
import com.android.net.module.util.netlink.ConntrackMessage;
import com.android.net.module.util.netlink.NetlinkConstants;
import com.android.net.module.util.netlink.NetlinkSocket;
diff --git a/Tethering/src/com/android/networkstack/tethering/OffloadHardwareInterface.java b/Tethering/src/com/android/networkstack/tethering/OffloadHardwareInterface.java
index 9da66d8..fbb342d 100644
--- a/Tethering/src/com/android/networkstack/tethering/OffloadHardwareInterface.java
+++ b/Tethering/src/com/android/networkstack/tethering/OffloadHardwareInterface.java
@@ -28,7 +28,6 @@
import android.hardware.tetheroffload.control.V1_0.NetworkProtocol;
import android.hardware.tetheroffload.control.V1_0.OffloadCallbackEvent;
import android.hardware.tetheroffload.control.V1_1.ITetheringOffloadCallback;
-import android.net.util.SharedLog;
import android.net.util.SocketUtils;
import android.os.Handler;
import android.os.NativeHandle;
@@ -40,6 +39,7 @@
import android.util.Pair;
import com.android.internal.annotations.VisibleForTesting;
+import com.android.net.module.util.SharedLog;
import com.android.net.module.util.netlink.NetlinkSocket;
import com.android.net.module.util.netlink.StructNfGenMsg;
import com.android.net.module.util.netlink.StructNlMsgHdr;
diff --git a/Tethering/src/com/android/networkstack/tethering/PrivateAddressCoordinator.java b/Tethering/src/com/android/networkstack/tethering/PrivateAddressCoordinator.java
index cc2422f..41a10ae 100644
--- a/Tethering/src/com/android/networkstack/tethering/PrivateAddressCoordinator.java
+++ b/Tethering/src/com/android/networkstack/tethering/PrivateAddressCoordinator.java
@@ -172,6 +172,9 @@
return new LinkAddress(LEGACY_WIFI_P2P_IFACE_ADDRESS);
}
+ // This ensures that tethering isn't started on 2 different interfaces with the same type.
+ // Once tethering could support multiple interface with the same type,
+ // TetheringSoftApCallback would need to handle it among others.
final LinkAddress cachedAddress = mCachedAddresses.get(ipServer.interfaceType());
if (useLastAddress && cachedAddress != null
&& !isConflictWithUpstream(asIpPrefix(cachedAddress))) {
diff --git a/Tethering/src/com/android/networkstack/tethering/TetherDevKey.java b/Tethering/src/com/android/networkstack/tethering/TetherDevKey.java
index 4283c1b..997080c 100644
--- a/Tethering/src/com/android/networkstack/tethering/TetherDevKey.java
+++ b/Tethering/src/com/android/networkstack/tethering/TetherDevKey.java
@@ -22,10 +22,10 @@
/** The key of BpfMap which is used for mapping interface index. */
public class TetherDevKey extends Struct {
- @Field(order = 0, type = Type.U32)
- public final long ifIndex; // interface index
+ @Field(order = 0, type = Type.S32)
+ public final int ifIndex; // interface index
- public TetherDevKey(final long ifIndex) {
+ public TetherDevKey(final int ifIndex) {
this.ifIndex = ifIndex;
}
}
diff --git a/Tethering/src/com/android/networkstack/tethering/TetherDevValue.java b/Tethering/src/com/android/networkstack/tethering/TetherDevValue.java
index 1cd99b5..b6e0c73 100644
--- a/Tethering/src/com/android/networkstack/tethering/TetherDevValue.java
+++ b/Tethering/src/com/android/networkstack/tethering/TetherDevValue.java
@@ -22,10 +22,10 @@
/** The key of BpfMap which is used for mapping interface index. */
public class TetherDevValue extends Struct {
- @Field(order = 0, type = Type.U32)
- public final long ifIndex; // interface index
+ @Field(order = 0, type = Type.S32)
+ public final int ifIndex; // interface index
- public TetherDevValue(final long ifIndex) {
+ public TetherDevValue(final int ifIndex) {
this.ifIndex = ifIndex;
}
}
diff --git a/Tethering/src/com/android/networkstack/tethering/TetherDownstream6Key.java b/Tethering/src/com/android/networkstack/tethering/TetherDownstream6Key.java
index a08ad4a..e34b3f1 100644
--- a/Tethering/src/com/android/networkstack/tethering/TetherDownstream6Key.java
+++ b/Tethering/src/com/android/networkstack/tethering/TetherDownstream6Key.java
@@ -32,8 +32,8 @@
/** The key of BpfMap which is used for bpf offload. */
public class TetherDownstream6Key extends Struct {
- @Field(order = 0, type = Type.U32)
- public final long iif; // The input interface index.
+ @Field(order = 0, type = Type.S32)
+ public final int iif; // The input interface index.
@Field(order = 1, type = Type.EUI48, padding = 2)
public final MacAddress dstMac; // Destination ethernet mac address (zeroed iff rawip ingress).
@@ -41,7 +41,7 @@
@Field(order = 2, type = Type.ByteArray, arraysize = 16)
public final byte[] neigh6; // The destination IPv6 address.
- public TetherDownstream6Key(final long iif, @NonNull final MacAddress dstMac,
+ public TetherDownstream6Key(final int iif, @NonNull final MacAddress dstMac,
final byte[] neigh6) {
Objects.requireNonNull(dstMac);
diff --git a/Tethering/src/com/android/networkstack/tethering/TetherLimitKey.java b/Tethering/src/com/android/networkstack/tethering/TetherLimitKey.java
index bc9bb47..68d694a 100644
--- a/Tethering/src/com/android/networkstack/tethering/TetherLimitKey.java
+++ b/Tethering/src/com/android/networkstack/tethering/TetherLimitKey.java
@@ -22,32 +22,10 @@
/** The key of BpfMap which is used for tethering per-interface limit. */
public class TetherLimitKey extends Struct {
- @Field(order = 0, type = Type.U32)
- public final long ifindex; // upstream interface index
+ @Field(order = 0, type = Type.S32)
+ public final int ifindex; // upstream interface index
- public TetherLimitKey(final long ifindex) {
+ public TetherLimitKey(final int ifindex) {
this.ifindex = ifindex;
}
-
- // TODO: remove equals, hashCode and toString once aosp/1536721 is merged.
- @Override
- public boolean equals(Object obj) {
- if (this == obj) return true;
-
- if (!(obj instanceof TetherLimitKey)) return false;
-
- final TetherLimitKey that = (TetherLimitKey) obj;
-
- return ifindex == that.ifindex;
- }
-
- @Override
- public int hashCode() {
- return Long.hashCode(ifindex);
- }
-
- @Override
- public String toString() {
- return String.format("ifindex: %d", ifindex);
- }
}
diff --git a/Tethering/src/com/android/networkstack/tethering/TetherLimitValue.java b/Tethering/src/com/android/networkstack/tethering/TetherLimitValue.java
index ed7e7d4..00dfcc6 100644
--- a/Tethering/src/com/android/networkstack/tethering/TetherLimitValue.java
+++ b/Tethering/src/com/android/networkstack/tethering/TetherLimitValue.java
@@ -32,26 +32,4 @@
public TetherLimitValue(final long limit) {
this.limit = limit;
}
-
- // TODO: remove equals, hashCode and toString once aosp/1536721 is merged.
- @Override
- public boolean equals(Object obj) {
- if (this == obj) return true;
-
- if (!(obj instanceof TetherLimitValue)) return false;
-
- final TetherLimitValue that = (TetherLimitValue) obj;
-
- return limit == that.limit;
- }
-
- @Override
- public int hashCode() {
- return Long.hashCode(limit);
- }
-
- @Override
- public String toString() {
- return String.format("limit: %d", limit);
- }
}
diff --git a/Tethering/src/com/android/networkstack/tethering/Tethering.java b/Tethering/src/com/android/networkstack/tethering/Tethering.java
index 35a394d..1f3fc11 100644
--- a/Tethering/src/com/android/networkstack/tethering/Tethering.java
+++ b/Tethering/src/com/android/networkstack/tethering/Tethering.java
@@ -97,9 +97,8 @@
import android.net.TetheringInterface;
import android.net.TetheringManager.TetheringRequest;
import android.net.TetheringRequestParcel;
+import android.net.Uri;
import android.net.ip.IpServer;
-import android.net.shared.NetdUtils;
-import android.net.util.SharedLog;
import android.net.wifi.WifiClient;
import android.net.wifi.WifiManager;
import android.net.wifi.p2p.WifiP2pGroup;
@@ -136,10 +135,13 @@
import com.android.modules.utils.build.SdkLevel;
import com.android.net.module.util.BaseNetdUnsolicitedEventListener;
import com.android.net.module.util.CollectionUtils;
+import com.android.net.module.util.NetdUtils;
+import com.android.net.module.util.SharedLog;
import com.android.networkstack.apishim.common.BluetoothPanShim;
import com.android.networkstack.apishim.common.BluetoothPanShim.TetheredInterfaceCallbackShim;
import com.android.networkstack.apishim.common.BluetoothPanShim.TetheredInterfaceRequestShim;
import com.android.networkstack.apishim.common.UnsupportedApiLevelException;
+import com.android.networkstack.tethering.metrics.TetheringMetrics;
import com.android.networkstack.tethering.util.InterfaceSet;
import com.android.networkstack.tethering.util.PrefixUtils;
import com.android.networkstack.tethering.util.TetheringUtils;
@@ -254,6 +256,7 @@
private final UserManager mUserManager;
private final BpfCoordinator mBpfCoordinator;
private final PrivateAddressCoordinator mPrivateAddressCoordinator;
+ private final TetheringMetrics mTetheringMetrics;
private int mActiveDataSubId = INVALID_SUBSCRIPTION_ID;
private volatile TetheringConfiguration mConfig;
@@ -292,6 +295,7 @@
mNetd = mDeps.getINetd(mContext);
mLooper = mDeps.getTetheringLooper();
mNotificationUpdater = mDeps.getNotificationUpdater(mContext, mLooper);
+ mTetheringMetrics = mDeps.getTetheringMetrics();
// This is intended to ensrure that if something calls startTethering(bluetooth) just after
// bluetooth is enabled. Before onServiceConnected is called, store the calls into this
@@ -340,9 +344,8 @@
mEntitlementMgr.reevaluateSimCardProvisioning(mConfig);
});
- mSettingsObserver = new SettingsObserver(mHandler);
- mContext.getContentResolver().registerContentObserver(
- Settings.Global.getUriFor(TETHER_FORCE_USB_FUNCTIONS), false, mSettingsObserver);
+ mSettingsObserver = new SettingsObserver(mContext, mHandler);
+ mSettingsObserver.startObserve();
mStateReceiver = new StateReceiver();
@@ -394,18 +397,42 @@
}
private class SettingsObserver extends ContentObserver {
- SettingsObserver(Handler handler) {
+ private final Uri mForceUsbFunctions;
+ private final Uri mTetherSupported;
+ private final Context mContext;
+
+ SettingsObserver(Context ctx, Handler handler) {
super(handler);
+ mContext = ctx;
+ mForceUsbFunctions = Settings.Global.getUriFor(TETHER_FORCE_USB_FUNCTIONS);
+ mTetherSupported = Settings.Global.getUriFor(Settings.Global.TETHER_SUPPORTED);
+ }
+
+ public void startObserve() {
+ mContext.getContentResolver().registerContentObserver(mForceUsbFunctions, false, this);
+ mContext.getContentResolver().registerContentObserver(mTetherSupported, false, this);
}
@Override
public void onChange(boolean selfChange) {
- mLog.i("OBSERVED Settings change");
- final boolean isUsingNcm = mConfig.isUsingNcm();
- updateConfiguration();
- if (isUsingNcm != mConfig.isUsingNcm()) {
- stopTetheringInternal(TETHERING_USB);
- stopTetheringInternal(TETHERING_NCM);
+ Log.wtf(TAG, "Should never be reached.");
+ }
+
+ @Override
+ public void onChange(boolean selfChange, Uri uri) {
+ if (mForceUsbFunctions.equals(uri)) {
+ mLog.i("OBSERVED TETHER_FORCE_USB_FUNCTIONS settings change");
+ final boolean isUsingNcm = mConfig.isUsingNcm();
+ updateConfiguration();
+ if (isUsingNcm != mConfig.isUsingNcm()) {
+ stopTetheringInternal(TETHERING_USB);
+ stopTetheringInternal(TETHERING_NCM);
+ }
+ } else if (mTetherSupported.equals(uri)) {
+ mLog.i("OBSERVED TETHER_SUPPORTED settings change");
+ updateSupportedDownstreams(mConfig);
+ } else {
+ mLog.e("Unexpected settings change: " + uri);
}
}
}
@@ -445,8 +472,22 @@
mStateReceiver, noUpstreamFilter, PERMISSION_MAINLINE_NETWORK_STACK, mHandler);
final WifiManager wifiManager = getWifiManager();
+ TetheringSoftApCallback softApCallback = new TetheringSoftApCallback();
if (wifiManager != null) {
- wifiManager.registerSoftApCallback(mExecutor, new TetheringSoftApCallback());
+ wifiManager.registerSoftApCallback(mExecutor, softApCallback);
+ }
+ if (SdkLevel.isAtLeastT() && wifiManager != null) {
+ try {
+ // Although WifiManager#registerLocalOnlyHotspotSoftApCallback document that it need
+ // NEARBY_WIFI_DEVICES permission, but actually a caller who have NETWORK_STACK
+ // or MAINLINE_NETWORK_STACK permission would also able to use this API.
+ wifiManager.registerLocalOnlyHotspotSoftApCallback(mExecutor, softApCallback);
+ } catch (UnsupportedOperationException e) {
+ // Since wifi module development in internal branch,
+ // #registerLocalOnlyHotspotSoftApCallback currently doesn't supported in AOSP
+ // before AOSP switch to Android T + 1.
+ Log.wtf(TAG, "registerLocalOnlyHotspotSoftApCallback API is not supported");
+ }
}
startTrackDefaultNetwork();
@@ -542,6 +583,13 @@
}
// Called by wifi when the number of soft AP clients changed.
+ // Currently multiple softAp would not behave well in PrivateAddressCoordinator
+ // (where it gets the address from cache), it ensure tethering only support one ipServer for
+ // TETHERING_WIFI. Once tethering support multiple softAp enabled simultaneously,
+ // onConnectedClientsChanged should also be updated to support tracking different softAp's
+ // clients individually.
+ // TODO: Add wtf log and have check to reject request duplicated type with different
+ // interface.
@Override
public void onConnectedClientsChanged(final List<WifiClient> clients) {
updateConnectedClients(clients);
@@ -616,7 +664,8 @@
processInterfaceStateChange(iface, false /* enabled */);
}
- void startTethering(final TetheringRequestParcel request, final IIntResultListener listener) {
+ void startTethering(final TetheringRequestParcel request, final String callerPkg,
+ final IIntResultListener listener) {
mHandler.post(() -> {
final TetheringRequestParcel unfinishedRequest = mActiveTetheringRequests.get(
request.tetheringType);
@@ -636,6 +685,7 @@
request.showProvisioningUi);
}
enableTetheringInternal(request.tetheringType, true /* enabled */, listener);
+ mTetheringMetrics.createBuilder(request.tetheringType, callerPkg);
});
}
@@ -695,7 +745,11 @@
// If changing tethering fail, remove corresponding request
// no matter who trigger the start/stop.
- if (result != TETHER_ERROR_NO_ERROR) mActiveTetheringRequests.remove(type);
+ if (result != TETHER_ERROR_NO_ERROR) {
+ mActiveTetheringRequests.remove(type);
+ mTetheringMetrics.updateErrorCode(type, result);
+ mTetheringMetrics.sendReport(type);
+ }
}
private int setWifiTethering(final boolean enable) {
@@ -1292,7 +1346,9 @@
}
private void handleUserRestrictionAction() {
- mTetheringRestriction.onUserRestrictionsChanged();
+ if (mTetheringRestriction.onUserRestrictionsChanged()) {
+ updateSupportedDownstreams(mConfig);
+ }
}
private void handleDataSaverChanged() {
@@ -1320,6 +1376,8 @@
return getTetheredIfaces().length > 0;
}
+ // TODO: Refine TetheringTest then remove UserRestrictionActionListener class and handle
+ // onUserRestrictionsChanged inside Tethering#handleUserRestrictionAction directly.
@VisibleForTesting
protected static class UserRestrictionActionListener {
private final UserManager mUserMgr;
@@ -1335,7 +1393,8 @@
mDisallowTethering = false;
}
- public void onUserRestrictionsChanged() {
+ // return whether tethering disallowed is changed.
+ public boolean onUserRestrictionsChanged() {
// getUserRestrictions gets restriction for this process' user, which is the primary
// user. This is fine because DISALLOW_CONFIG_TETHERING can only be set on the primary
// user. See UserManager.DISALLOW_CONFIG_TETHERING.
@@ -1346,15 +1405,13 @@
mDisallowTethering = newlyDisallowed;
final boolean tetheringDisallowedChanged = (newlyDisallowed != prevDisallowed);
- if (!tetheringDisallowedChanged) {
- return;
- }
+ if (!tetheringDisallowedChanged) return false;
if (!newlyDisallowed) {
// Clear the restricted notification when user is allowed to have tethering
// function.
mNotificationUpdater.tetheringRestrictionLifted();
- return;
+ return true;
}
if (mTethering.isTetheringActive()) {
@@ -1365,6 +1422,8 @@
// Untether from all downstreams since tethering is disallowed.
mTethering.untetherAll();
}
+
+ return true;
// TODO(b/148139325): send tetheringSupported on restriction change
}
}
@@ -1376,7 +1435,9 @@
private void enableIpServing(int tetheringType, String ifname, int ipServingMode,
boolean isNcm) {
ensureIpServerStarted(ifname, tetheringType, isNcm);
- changeInterfaceState(ifname, ipServingMode);
+ if (tether(ifname, ipServingMode) != TETHER_ERROR_NO_ERROR) {
+ Log.e(TAG, "unable start tethering on iface " + ifname);
+ }
}
private void disableWifiIpServingCommon(int tetheringType, String ifname) {
@@ -1521,27 +1582,6 @@
}
}
- private void changeInterfaceState(String ifname, int requestedState) {
- final int result;
- switch (requestedState) {
- case IpServer.STATE_UNAVAILABLE:
- case IpServer.STATE_AVAILABLE:
- result = untether(ifname);
- break;
- case IpServer.STATE_TETHERED:
- case IpServer.STATE_LOCAL_ONLY:
- result = tether(ifname, requestedState);
- break;
- default:
- Log.wtf(TAG, "Unknown interface state: " + requestedState);
- return;
- }
- if (result != TETHER_ERROR_NO_ERROR) {
- Log.e(TAG, "unable start or stop tethering on iface " + ifname);
- return;
- }
- }
-
TetheringConfiguration getTetheringConfiguration() {
return mConfig;
}
@@ -2514,7 +2554,7 @@
// if ro.tether.denied = true we default to no tethering
// gservices could set the secure setting to 1 though to enable it on a build where it
// had previously been turned off.
- private boolean isTetheringAllowed() {
+ boolean isTetheringAllowed() {
final int defaultVal = mDeps.isTetheringDenied() ? 0 : 1;
final boolean tetherSupported = Settings.Global.getInt(mContext.getContentResolver(),
Settings.Global.TETHER_SUPPORTED, defaultVal) != 0;
@@ -2761,7 +2801,8 @@
// If we don't care about this type of interface, ignore.
final int interfaceType = ifaceNameToType(iface);
if (!checkTetherableType(interfaceType)) {
- mLog.log(iface + " is used for " + interfaceType + " which is not tetherable");
+ mLog.log(iface + " is used for " + interfaceType + " which is not tetherable"
+ + " (-1 == INVALID is expected on upstream interface)");
return;
}
@@ -2779,7 +2820,7 @@
final TetherState tetherState = new TetherState(
new IpServer(iface, mLooper, interfaceType, mLog, mNetd, mBpfCoordinator,
makeControlCallback(), mConfig, mPrivateAddressCoordinator,
- mDeps.getIpServerDependencies()), isNcm);
+ mTetheringMetrics, mDeps.getIpServerDependencies()), isNcm);
mTetherStates.put(iface, tetherState);
tetherState.ipServer.start();
}
diff --git a/Tethering/src/com/android/networkstack/tethering/TetheringConfiguration.java b/Tethering/src/com/android/networkstack/tethering/TetheringConfiguration.java
index 7c36054..696a970 100644
--- a/Tethering/src/com/android/networkstack/tethering/TetheringConfiguration.java
+++ b/Tethering/src/com/android/networkstack/tethering/TetheringConfiguration.java
@@ -30,7 +30,6 @@
import android.content.Context;
import android.content.res.Resources;
import android.net.TetheringConfigurationParcel;
-import android.net.util.SharedLog;
import android.os.PersistableBundle;
import android.provider.DeviceConfig;
import android.provider.Settings;
@@ -42,6 +41,7 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.modules.utils.build.SdkLevel;
import com.android.net.module.util.DeviceConfigUtils;
+import com.android.net.module.util.SharedLog;
import java.io.PrintWriter;
import java.util.ArrayList;
diff --git a/Tethering/src/com/android/networkstack/tethering/TetheringDependencies.java b/Tethering/src/com/android/networkstack/tethering/TetheringDependencies.java
index 9224213..611d1cf 100644
--- a/Tethering/src/com/android/networkstack/tethering/TetheringDependencies.java
+++ b/Tethering/src/com/android/networkstack/tethering/TetheringDependencies.java
@@ -22,7 +22,6 @@
import android.content.Context;
import android.net.INetd;
import android.net.ip.IpServer;
-import android.net.util.SharedLog;
import android.os.Handler;
import android.os.IBinder;
import android.os.Looper;
@@ -32,8 +31,10 @@
import androidx.annotation.NonNull;
import com.android.internal.util.StateMachine;
+import com.android.net.module.util.SharedLog;
import com.android.networkstack.apishim.BluetoothPanShimImpl;
import com.android.networkstack.apishim.common.BluetoothPanShim;
+import com.android.networkstack.tethering.metrics.TetheringMetrics;
import java.util.ArrayList;
@@ -163,4 +164,11 @@
public BluetoothPanShim getBluetoothPanShim(BluetoothPan pan) {
return BluetoothPanShimImpl.newInstance(pan);
}
+
+ /**
+ * Get a reference to the TetheringMetrics to be used by tethering.
+ */
+ public TetheringMetrics getTetheringMetrics() {
+ return new TetheringMetrics();
+ }
}
diff --git a/Tethering/src/com/android/networkstack/tethering/TetheringService.java b/Tethering/src/com/android/networkstack/tethering/TetheringService.java
index 9fb61fe..96ddfa0 100644
--- a/Tethering/src/com/android/networkstack/tethering/TetheringService.java
+++ b/Tethering/src/com/android/networkstack/tethering/TetheringService.java
@@ -137,7 +137,7 @@
return;
}
- mTethering.startTethering(request, listener);
+ mTethering.startTethering(request, callerPkg, listener);
}
@Override
@@ -237,7 +237,7 @@
listener.onResult(TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION);
return true;
}
- if (!mTethering.isTetheringSupported()) {
+ if (!mTethering.isTetheringSupported() || !mTethering.isTetheringAllowed()) {
listener.onResult(TETHER_ERROR_UNSUPPORTED);
return true;
}
@@ -255,7 +255,7 @@
receiver.send(TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION, null);
return true;
}
- if (!mTethering.isTetheringSupported()) {
+ if (!mTethering.isTetheringSupported() || !mTethering.isTetheringAllowed()) {
receiver.send(TETHER_ERROR_UNSUPPORTED, null);
return true;
}
diff --git a/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkMonitor.java b/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkMonitor.java
index f8dd673..16c031b 100644
--- a/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkMonitor.java
+++ b/Tethering/src/com/android/networkstack/tethering/UpstreamNetworkMonitor.java
@@ -36,7 +36,6 @@
import android.net.Network;
import android.net.NetworkCapabilities;
import android.net.NetworkRequest;
-import android.net.util.SharedLog;
import android.os.Handler;
import android.util.Log;
import android.util.SparseIntArray;
@@ -46,6 +45,7 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.util.StateMachine;
+import com.android.net.module.util.SharedLog;
import com.android.networkstack.apishim.ConnectivityManagerShimImpl;
import com.android.networkstack.apishim.common.ConnectivityManagerShim;
import com.android.networkstack.tethering.util.PrefixUtils;
diff --git a/Tethering/src/com/android/networkstack/tethering/metrics/TetheringMetrics.java b/Tethering/src/com/android/networkstack/tethering/metrics/TetheringMetrics.java
new file mode 100644
index 0000000..d8e631e
--- /dev/null
+++ b/Tethering/src/com/android/networkstack/tethering/metrics/TetheringMetrics.java
@@ -0,0 +1,194 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.networkstack.tethering.metrics;
+
+import static android.net.TetheringManager.TETHERING_BLUETOOTH;
+import static android.net.TetheringManager.TETHERING_ETHERNET;
+import static android.net.TetheringManager.TETHERING_NCM;
+import static android.net.TetheringManager.TETHERING_USB;
+import static android.net.TetheringManager.TETHERING_WIFI;
+import static android.net.TetheringManager.TETHERING_WIFI_P2P;
+import static android.net.TetheringManager.TETHER_ERROR_DHCPSERVER_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_DISABLE_FORWARDING_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_ENABLE_FORWARDING_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_ENTITLEMENT_UNKNOWN;
+import static android.net.TetheringManager.TETHER_ERROR_IFACE_CFG_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_INTERNAL_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_NO_ACCESS_TETHERING_PERMISSION;
+import static android.net.TetheringManager.TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION;
+import static android.net.TetheringManager.TETHER_ERROR_NO_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_PROVISIONING_FAILED;
+import static android.net.TetheringManager.TETHER_ERROR_SERVICE_UNAVAIL;
+import static android.net.TetheringManager.TETHER_ERROR_TETHER_IFACE_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_UNAVAIL_IFACE;
+import static android.net.TetheringManager.TETHER_ERROR_UNKNOWN_IFACE;
+import static android.net.TetheringManager.TETHER_ERROR_UNSUPPORTED;
+import static android.net.TetheringManager.TETHER_ERROR_UNTETHER_IFACE_ERROR;
+
+import android.stats.connectivity.DownstreamType;
+import android.stats.connectivity.ErrorCode;
+import android.stats.connectivity.UpstreamType;
+import android.stats.connectivity.UserType;
+import android.util.Log;
+import android.util.SparseArray;
+
+import androidx.annotation.NonNull;
+import androidx.annotation.VisibleForTesting;
+
+/**
+ * Collection of utilities for tethering metrics.
+ *
+ * To see if the logs are properly sent to statsd, execute following commands
+ *
+ * $ adb shell cmd stats print-logs
+ * $ adb logcat | grep statsd OR $ adb logcat -b stats
+ *
+ * @hide
+ */
+public class TetheringMetrics {
+ private static final String TAG = TetheringMetrics.class.getSimpleName();
+ private static final boolean DBG = false;
+ private static final String SETTINGS_PKG_NAME = "com.android.settings";
+ private static final String SYSTEMUI_PKG_NAME = "com.android.systemui";
+ private static final String GMS_PKG_NAME = "com.google.android.gms";
+ private final SparseArray<NetworkTetheringReported.Builder> mBuilderMap = new SparseArray<>();
+
+ /** Update Tethering stats about caller's package name and downstream type. */
+ public void createBuilder(final int downstreamType, final String callerPkg) {
+ NetworkTetheringReported.Builder statsBuilder =
+ NetworkTetheringReported.newBuilder();
+ statsBuilder.setDownstreamType(downstreamTypeToEnum(downstreamType))
+ .setUserType(userTypeToEnum(callerPkg))
+ .setUpstreamType(UpstreamType.UT_UNKNOWN)
+ .setErrorCode(ErrorCode.EC_NO_ERROR)
+ .build();
+ mBuilderMap.put(downstreamType, statsBuilder);
+ }
+
+ /** Update error code of given downstreamType. */
+ public void updateErrorCode(final int downstreamType, final int errCode) {
+ NetworkTetheringReported.Builder statsBuilder = mBuilderMap.get(downstreamType);
+ if (statsBuilder == null) {
+ Log.e(TAG, "Given downstreamType does not exist, this is a bug!");
+ return;
+ }
+ statsBuilder.setErrorCode(errorCodeToEnum(errCode));
+ }
+
+ /** Remove Tethering stats.
+ * If Tethering stats is ready to write then write it before removing.
+ */
+ public void sendReport(final int downstreamType) {
+ final NetworkTetheringReported.Builder statsBuilder =
+ mBuilderMap.get(downstreamType);
+ if (statsBuilder == null) {
+ Log.e(TAG, "Given downstreamType does not exist, this is a bug!");
+ return;
+ }
+ write(statsBuilder.build());
+ mBuilderMap.remove(downstreamType);
+ }
+
+ /** Collect Tethering stats and write metrics data to statsd pipeline. */
+ @VisibleForTesting
+ public void write(@NonNull final NetworkTetheringReported reported) {
+ TetheringStatsLog.write(TetheringStatsLog.NETWORK_TETHERING_REPORTED,
+ reported.getErrorCode().getNumber(),
+ reported.getDownstreamType().getNumber(),
+ reported.getUpstreamType().getNumber(),
+ reported.getUserType().getNumber());
+ if (DBG) {
+ Log.d(TAG, "Write errorCode: " + reported.getErrorCode().getNumber()
+ + ", downstreamType: " + reported.getDownstreamType().getNumber()
+ + ", upstreamType: " + reported.getUpstreamType().getNumber()
+ + ", userType: " + reported.getUserType().getNumber());
+ }
+ }
+
+ /** Map {@link TetheringType} to {@link DownstreamType} */
+ private DownstreamType downstreamTypeToEnum(final int ifaceType) {
+ switch(ifaceType) {
+ case TETHERING_WIFI:
+ return DownstreamType.DS_TETHERING_WIFI;
+ case TETHERING_WIFI_P2P:
+ return DownstreamType.DS_TETHERING_WIFI_P2P;
+ case TETHERING_USB:
+ return DownstreamType.DS_TETHERING_USB;
+ case TETHERING_BLUETOOTH:
+ return DownstreamType.DS_TETHERING_BLUETOOTH;
+ case TETHERING_NCM:
+ return DownstreamType.DS_TETHERING_NCM;
+ case TETHERING_ETHERNET:
+ return DownstreamType.DS_TETHERING_ETHERNET;
+ default:
+ return DownstreamType.DS_UNSPECIFIED;
+ }
+ }
+
+ /** Map {@link StartTetheringError} to {@link ErrorCode} */
+ private ErrorCode errorCodeToEnum(final int lastError) {
+ switch(lastError) {
+ case TETHER_ERROR_NO_ERROR:
+ return ErrorCode.EC_NO_ERROR;
+ case TETHER_ERROR_UNKNOWN_IFACE:
+ return ErrorCode.EC_UNKNOWN_IFACE;
+ case TETHER_ERROR_SERVICE_UNAVAIL:
+ return ErrorCode.EC_SERVICE_UNAVAIL;
+ case TETHER_ERROR_UNSUPPORTED:
+ return ErrorCode.EC_UNSUPPORTED;
+ case TETHER_ERROR_UNAVAIL_IFACE:
+ return ErrorCode.EC_UNAVAIL_IFACE;
+ case TETHER_ERROR_INTERNAL_ERROR:
+ return ErrorCode.EC_INTERNAL_ERROR;
+ case TETHER_ERROR_TETHER_IFACE_ERROR:
+ return ErrorCode.EC_TETHER_IFACE_ERROR;
+ case TETHER_ERROR_UNTETHER_IFACE_ERROR:
+ return ErrorCode.EC_UNTETHER_IFACE_ERROR;
+ case TETHER_ERROR_ENABLE_FORWARDING_ERROR:
+ return ErrorCode.EC_ENABLE_FORWARDING_ERROR;
+ case TETHER_ERROR_DISABLE_FORWARDING_ERROR:
+ return ErrorCode.EC_DISABLE_FORWARDING_ERROR;
+ case TETHER_ERROR_IFACE_CFG_ERROR:
+ return ErrorCode.EC_IFACE_CFG_ERROR;
+ case TETHER_ERROR_PROVISIONING_FAILED:
+ return ErrorCode.EC_PROVISIONING_FAILED;
+ case TETHER_ERROR_DHCPSERVER_ERROR:
+ return ErrorCode.EC_DHCPSERVER_ERROR;
+ case TETHER_ERROR_ENTITLEMENT_UNKNOWN:
+ return ErrorCode.EC_ENTITLEMENT_UNKNOWN;
+ case TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION:
+ return ErrorCode.EC_NO_CHANGE_TETHERING_PERMISSION;
+ case TETHER_ERROR_NO_ACCESS_TETHERING_PERMISSION:
+ return ErrorCode.EC_NO_ACCESS_TETHERING_PERMISSION;
+ default:
+ return ErrorCode.EC_UNKNOWN_TYPE;
+ }
+ }
+
+ /** Map callerPkg to {@link UserType} */
+ private UserType userTypeToEnum(final String callerPkg) {
+ if (callerPkg.equals(SETTINGS_PKG_NAME)) {
+ return UserType.USER_SETTINGS;
+ } else if (callerPkg.equals(SYSTEMUI_PKG_NAME)) {
+ return UserType.USER_SYSTEMUI;
+ } else if (callerPkg.equals(GMS_PKG_NAME)) {
+ return UserType.USER_GMS;
+ } else {
+ return UserType.USER_UNKNOWN;
+ }
+ }
+}
diff --git a/Tethering/tests/integration/Android.bp b/Tethering/tests/integration/Android.bp
index 31c3df3..11e3dc0 100644
--- a/Tethering/tests/integration/Android.bp
+++ b/Tethering/tests/integration/Android.bp
@@ -28,10 +28,12 @@
static_libs: [
"NetworkStackApiStableLib",
"androidx.test.rules",
+ "cts-net-utils",
"mockito-target-extended-minus-junit4",
"net-tests-utils",
"net-utils-device-common-bpf",
"testables",
+ "connectivity-net-module-utils-bpf",
],
libs: [
"android.test.runner",
@@ -78,7 +80,6 @@
defaults: ["TetheringIntegrationTestsDefaults"],
test_suites: [
"device-tests",
- "mts-tethering",
],
compile_multilib: "both",
jarjar_rules: ":NetworkStackJarJarRules",
diff --git a/Tethering/tests/integration/AndroidManifest.xml b/Tethering/tests/integration/AndroidManifest.xml
index c89c556..7527913 100644
--- a/Tethering/tests/integration/AndroidManifest.xml
+++ b/Tethering/tests/integration/AndroidManifest.xml
@@ -16,12 +16,14 @@
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.android.networkstack.tethering.tests.integration">
- <uses-permission android:name="android.permission.INTERNET"/>
+ <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
+ <uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>
<!-- The test need CHANGE_NETWORK_STATE permission to use requestNetwork API to setup test
network. Since R shell application don't have such permission, grant permission to the test
here. TODO: Remove CHANGE_NETWORK_STATE permission here and use adopt shell perssion to
obtain CHANGE_NETWORK_STATE for testing once R device is no longer supported. -->
<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE"/>
+ <uses-permission android:name="android.permission.INTERNET"/>
<application android:debuggable="true">
<uses-library android:name="android.test.runner" />
diff --git a/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java b/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java
index 5869f2b..c61b6eb 100644
--- a/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java
+++ b/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java
@@ -16,28 +16,47 @@
package android.net;
-import static android.Manifest.permission.ACCESS_NETWORK_STATE;
import static android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS;
import static android.Manifest.permission.DUMP;
import static android.Manifest.permission.MANAGE_TEST_NETWORKS;
import static android.Manifest.permission.NETWORK_SETTINGS;
import static android.Manifest.permission.TETHER_PRIVILEGED;
+import static android.content.pm.PackageManager.FEATURE_WIFI;
import static android.net.InetAddresses.parseNumericAddress;
import static android.net.TetheringManager.CONNECTIVITY_SCOPE_GLOBAL;
import static android.net.TetheringManager.CONNECTIVITY_SCOPE_LOCAL;
import static android.net.TetheringManager.TETHERING_ETHERNET;
-import static android.net.TetheringTester.RemoteResponder;
-import static android.system.OsConstants.IPPROTO_ICMPV6;
+import static android.net.TetheringTester.TestDnsPacket;
+import static android.net.TetheringTester.isExpectedIcmpPacket;
+import static android.net.TetheringTester.isExpectedTcpPacket;
+import static android.net.TetheringTester.isExpectedUdpDnsPacket;
+import static android.net.TetheringTester.isExpectedUdpPacket;
+import static android.system.OsConstants.ICMP_ECHO;
+import static android.system.OsConstants.ICMP_ECHOREPLY;
+import static android.system.OsConstants.IPPROTO_ICMP;
import static android.system.OsConstants.IPPROTO_IP;
+import static android.system.OsConstants.IPPROTO_IPV6;
+import static android.system.OsConstants.IPPROTO_TCP;
import static android.system.OsConstants.IPPROTO_UDP;
import static com.android.net.module.util.ConnectivityUtils.isIPv6ULA;
import static com.android.net.module.util.HexDump.dumpHexString;
+import static com.android.net.module.util.IpUtils.icmpChecksum;
+import static com.android.net.module.util.IpUtils.ipChecksum;
import static com.android.net.module.util.NetworkStackConstants.ETHER_TYPE_IPV4;
import static com.android.net.module.util.NetworkStackConstants.ETHER_TYPE_IPV6;
+import static com.android.net.module.util.NetworkStackConstants.ICMPV6_ECHO_REPLY_TYPE;
+import static com.android.net.module.util.NetworkStackConstants.ICMPV6_ECHO_REQUEST_TYPE;
import static com.android.net.module.util.NetworkStackConstants.ICMPV6_ROUTER_ADVERTISEMENT;
+import static com.android.net.module.util.NetworkStackConstants.ICMP_CHECKSUM_OFFSET;
+import static com.android.net.module.util.NetworkStackConstants.IPV4_CHECKSUM_OFFSET;
+import static com.android.net.module.util.NetworkStackConstants.IPV4_HEADER_MIN_LEN;
+import static com.android.net.module.util.NetworkStackConstants.IPV4_LENGTH_OFFSET;
+import static com.android.net.module.util.NetworkStackConstants.TCPHDR_ACK;
+import static com.android.net.module.util.NetworkStackConstants.TCPHDR_SYN;
import static com.android.testutils.DeviceInfoUtils.KVersion;
import static com.android.testutils.TestNetworkTrackerKt.initTestNetwork;
+import static com.android.testutils.TestPermissionUtil.runAsShell;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
@@ -50,20 +69,20 @@
import android.app.UiAutomation;
import android.content.Context;
+import android.content.pm.PackageManager;
import android.net.EthernetManager.TetheredInterfaceCallback;
import android.net.EthernetManager.TetheredInterfaceRequest;
import android.net.TetheringManager.StartTetheringCallback;
import android.net.TetheringManager.TetheringEventCallback;
import android.net.TetheringManager.TetheringRequest;
import android.net.TetheringTester.TetheredDevice;
+import android.net.cts.util.CtsNetUtils;;
import android.os.Build;
import android.os.Handler;
import android.os.HandlerThread;
import android.os.SystemClock;
import android.os.SystemProperties;
import android.os.VintfRuntimeInfo;
-import android.text.TextUtils;
-import android.util.Base64;
import android.util.Log;
import android.util.Pair;
@@ -73,6 +92,9 @@
import androidx.test.filters.MediumTest;
import androidx.test.runner.AndroidJUnit4;
+import com.android.modules.utils.build.SdkLevel;
+import com.android.net.module.util.BpfDump;
+import com.android.net.module.util.Ipv6Utils;
import com.android.net.module.util.PacketBuilder;
import com.android.net.module.util.Struct;
import com.android.net.module.util.bpf.Tether4Key;
@@ -80,12 +102,11 @@
import com.android.net.module.util.bpf.TetherStatsKey;
import com.android.net.module.util.bpf.TetherStatsValue;
import com.android.net.module.util.structs.EthernetHeader;
-import com.android.net.module.util.structs.Icmpv6Header;
+import com.android.net.module.util.structs.Icmpv4Header;
import com.android.net.module.util.structs.Ipv4Header;
import com.android.net.module.util.structs.Ipv6Header;
import com.android.net.module.util.structs.UdpHeader;
import com.android.testutils.DevSdkIgnoreRule;
-import com.android.testutils.DevSdkIgnoreRule.IgnoreAfter;
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
import com.android.testutils.DeviceInfoUtils;
import com.android.testutils.DumpTestUtils;
@@ -101,12 +122,12 @@
import java.io.FileDescriptor;
import java.net.Inet4Address;
+import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.InterfaceAddress;
import java.net.NetworkInterface;
import java.net.SocketException;
import java.nio.ByteBuffer;
-import java.nio.ByteOrder;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
@@ -128,35 +149,123 @@
private static final String TAG = EthernetTetheringTest.class.getSimpleName();
private static final int TIMEOUT_MS = 5000;
+ // Used to check if any tethering interface is available. Choose 200ms to be request timeout
+ // because the average interface requested time on cuttlefish@acloud is around 10ms.
+ // See TetheredInterfaceRequester.getInterface, isInterfaceForTetheringAvailable.
+ private static final int AVAILABLE_TETHER_IFACE_REQUEST_TIMEOUT_MS = 200;
private static final int TETHER_REACHABILITY_ATTEMPTS = 20;
private static final int DUMP_POLLING_MAX_RETRY = 100;
private static final int DUMP_POLLING_INTERVAL_MS = 50;
// Kernel treats a confirmed UDP connection which active after two seconds as stream mode.
// See upstream commit b7b1d02fc43925a4d569ec221715db2dfa1ce4f5.
private static final int UDP_STREAM_TS_MS = 2000;
+ // Give slack time for waiting UDP stream mode because handling conntrack event in user space
+ // may not in precise time. Used to reduce the flaky rate.
+ private static final int UDP_STREAM_SLACK_MS = 500;
// Per RX UDP packet size: iphdr (20) + udphdr (8) + payload (2) = 30 bytes.
private static final int RX_UDP_PACKET_SIZE = 30;
private static final int RX_UDP_PACKET_COUNT = 456;
// Per TX UDP packet size: ethhdr (14) + iphdr (20) + udphdr (8) + payload (2) = 44 bytes.
private static final int TX_UDP_PACKET_SIZE = 44;
private static final int TX_UDP_PACKET_COUNT = 123;
+ private static final long WAIT_RA_TIMEOUT_MS = 2000;
- private static final LinkAddress TEST_IP4_ADDR = new LinkAddress("10.0.0.1/8");
+ private static final MacAddress TEST_MAC = MacAddress.fromString("1:2:3:4:5:6");
+ private static final LinkAddress TEST_IP4_ADDR = new LinkAddress("10.0.0.1/24");
private static final LinkAddress TEST_IP6_ADDR = new LinkAddress("2001:db8:1::101/64");
private static final InetAddress TEST_IP4_DNS = parseNumericAddress("8.8.8.8");
private static final InetAddress TEST_IP6_DNS = parseNumericAddress("2001:db8:1::888");
+ private static final IpPrefix TEST_NAT64PREFIX = new IpPrefix("64:ff9b::/96");
+ private static final Inet6Address REMOTE_NAT64_ADDR =
+ (Inet6Address) parseNumericAddress("64:ff9b::808:808");
+ private static final Inet6Address REMOTE_IP6_ADDR =
+ (Inet6Address) parseNumericAddress("2002:db8:1::515:ca");
private static final ByteBuffer TEST_REACHABILITY_PAYLOAD =
ByteBuffer.wrap(new byte[] { (byte) 0x55, (byte) 0xaa });
+ private static final ByteBuffer EMPTY_PAYLOAD = ByteBuffer.wrap(new byte[0]);
+
+ private static final short DNS_PORT = 53;
+ private static final short WINDOW = (short) 0x2000;
+ private static final short URGENT_POINTER = 0;
private static final String DUMPSYS_TETHERING_RAWMAP_ARG = "bpfRawMap";
private static final String DUMPSYS_RAWMAP_ARG_STATS = "--stats";
private static final String DUMPSYS_RAWMAP_ARG_UPSTREAM4 = "--upstream4";
- private static final String BASE64_DELIMITER = ",";
private static final String LINE_DELIMITER = "\\n";
+ // version=6, traffic class=0x0, flowlabel=0x0;
+ private static final int VERSION_TRAFFICCLASS_FLOWLABEL = 0x60000000;
+ private static final short HOP_LIMIT = 0x40;
+
+ private static final short ICMPECHO_CODE = 0x0;
+ private static final short ICMPECHO_ID = 0x0;
+ private static final short ICMPECHO_SEQ = 0x0;
+
+ // TODO: use class DnsPacket to build DNS query and reply message once DnsPacket supports
+ // building packet for given arguments.
+ private static final ByteBuffer DNS_QUERY = ByteBuffer.wrap(new byte[] {
+ // scapy.DNS(
+ // id=0xbeef,
+ // qr=0,
+ // qd=scapy.DNSQR(qname="hello.example.com"))
+ //
+ /* Header */
+ (byte) 0xbe, (byte) 0xef, /* Transaction ID: 0xbeef */
+ (byte) 0x01, (byte) 0x00, /* Flags: rd */
+ (byte) 0x00, (byte) 0x01, /* Questions: 1 */
+ (byte) 0x00, (byte) 0x00, /* Answer RRs: 0 */
+ (byte) 0x00, (byte) 0x00, /* Authority RRs: 0 */
+ (byte) 0x00, (byte) 0x00, /* Additional RRs: 0 */
+ /* Queries */
+ (byte) 0x05, (byte) 0x68, (byte) 0x65, (byte) 0x6c,
+ (byte) 0x6c, (byte) 0x6f, (byte) 0x07, (byte) 0x65,
+ (byte) 0x78, (byte) 0x61, (byte) 0x6d, (byte) 0x70,
+ (byte) 0x6c, (byte) 0x65, (byte) 0x03, (byte) 0x63,
+ (byte) 0x6f, (byte) 0x6d, (byte) 0x00, /* Name: hello.example.com */
+ (byte) 0x00, (byte) 0x01, /* Type: A */
+ (byte) 0x00, (byte) 0x01 /* Class: IN */
+ });
+
+ private static final byte[] DNS_REPLY = new byte[] {
+ // scapy.DNS(
+ // id=0,
+ // qr=1,
+ // qd=scapy.DNSQR(qname="hello.example.com"),
+ // an=scapy.DNSRR(rrname="hello.example.com", rdata='1.2.3.4'))
+ //
+ /* Header */
+ (byte) 0x00, (byte) 0x00, /* Transaction ID: 0x0, must be updated by dns query id */
+ (byte) 0x81, (byte) 0x00, /* Flags: qr rd */
+ (byte) 0x00, (byte) 0x01, /* Questions: 1 */
+ (byte) 0x00, (byte) 0x01, /* Answer RRs: 1 */
+ (byte) 0x00, (byte) 0x00, /* Authority RRs: 0 */
+ (byte) 0x00, (byte) 0x00, /* Additional RRs: 0 */
+ /* Queries */
+ (byte) 0x05, (byte) 0x68, (byte) 0x65, (byte) 0x6c,
+ (byte) 0x6c, (byte) 0x6f, (byte) 0x07, (byte) 0x65,
+ (byte) 0x78, (byte) 0x61, (byte) 0x6d, (byte) 0x70,
+ (byte) 0x6c, (byte) 0x65, (byte) 0x03, (byte) 0x63,
+ (byte) 0x6f, (byte) 0x6d, (byte) 0x00, /* Name: hello.example.com */
+ (byte) 0x00, (byte) 0x01, /* Type: A */
+ (byte) 0x00, (byte) 0x01, /* Class: IN */
+ /* Answers */
+ (byte) 0x05, (byte) 0x68, (byte) 0x65, (byte) 0x6c,
+ (byte) 0x6c, (byte) 0x6f, (byte) 0x07, (byte) 0x65,
+ (byte) 0x78, (byte) 0x61, (byte) 0x6d, (byte) 0x70,
+ (byte) 0x6c, (byte) 0x65, (byte) 0x03, (byte) 0x63,
+ (byte) 0x6f, (byte) 0x6d, (byte) 0x00, /* Name: hello.example.com */
+ (byte) 0x00, (byte) 0x01, /* Type: A */
+ (byte) 0x00, (byte) 0x01, /* Class: IN */
+ (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, /* Time to live: 0 */
+ (byte) 0x00, (byte) 0x04, /* Data length: 4 */
+ (byte) 0x01, (byte) 0x02, (byte) 0x03, (byte) 0x04 /* Address: 1.2.3.4 */
+ };
+
private final Context mContext = InstrumentationRegistry.getContext();
private final EthernetManager mEm = mContext.getSystemService(EthernetManager.class);
private final TetheringManager mTm = mContext.getSystemService(TetheringManager.class);
+ private final PackageManager mPackageManager = mContext.getPackageManager();
+ private final CtsNetUtils mCtsNetUtils = new CtsNetUtils(mContext);
private TestNetworkInterface mDownstreamIface;
private HandlerThread mHandlerThread;
@@ -175,30 +284,25 @@
@Before
public void setUp() throws Exception {
- // Needed to create a TestNetworkInterface, to call requestTetheredInterface, and to receive
- // tethered client callbacks. The restricted networks permission is needed to ensure that
- // EthernetManager#isAvailable will correctly return true on devices where Ethernet is
- // marked restricted, like cuttlefish. The dump permission is needed to verify bpf related
- // functions via dumpsys output.
- mUiAutomation.adoptShellPermissionIdentity(
- MANAGE_TEST_NETWORKS, NETWORK_SETTINGS, TETHER_PRIVILEGED, ACCESS_NETWORK_STATE,
- CONNECTIVITY_USE_RESTRICTED_NETWORKS, DUMP);
mHandlerThread = new HandlerThread(getClass().getSimpleName());
mHandlerThread.start();
mHandler = new Handler(mHandlerThread.getLooper());
- mRunTests = isEthernetTetheringSupported();
+ mRunTests = runAsShell(NETWORK_SETTINGS, TETHER_PRIVILEGED, () ->
+ mTm.isTetheringSupported());
assumeTrue(mRunTests);
mTetheredInterfaceRequester = new TetheredInterfaceRequester(mHandler, mEm);
}
private void cleanUp() throws Exception {
- mTm.setPreferTestNetworks(false);
+ setPreferTestNetworks(false);
if (mUpstreamTracker != null) {
- mUpstreamTracker.teardown();
- mUpstreamTracker = null;
+ runAsShell(MANAGE_TEST_NETWORKS, () -> {
+ mUpstreamTracker.teardown();
+ mUpstreamTracker = null;
+ });
}
if (mUpstreamReader != null) {
TapPacketReader reader = mUpstreamReader;
@@ -206,20 +310,26 @@
mUpstreamReader = null;
}
- mTm.stopTethering(TETHERING_ETHERNET);
- if (mTetheringEventCallback != null) {
- mTetheringEventCallback.awaitInterfaceUntethered();
- mTetheringEventCallback.unregister();
- mTetheringEventCallback = null;
- }
if (mDownstreamReader != null) {
TapPacketReader reader = mDownstreamReader;
mHandler.post(() -> reader.stop());
mDownstreamReader = null;
}
- mTetheredInterfaceRequester.release();
- mEm.setIncludeTestInterfaces(false);
+
+ // To avoid flaky which caused by the next test started but the previous interface is not
+ // untracked from EthernetTracker yet. Just delete the test interface without explicitly
+ // calling TetheringManager#stopTethering could let EthernetTracker untrack the test
+ // interface from server mode before tethering stopped. Thus, awaitInterfaceUntethered
+ // could not only make sure tethering is stopped but also guarantee the test interface is
+ // untracked from EthernetTracker.
maybeDeleteTestInterface();
+ if (mTetheringEventCallback != null) {
+ mTetheringEventCallback.awaitInterfaceUntethered();
+ mTetheringEventCallback.unregister();
+ mTetheringEventCallback = null;
+ }
+ runAsShell(NETWORK_SETTINGS, () -> mTetheredInterfaceRequester.release());
+ setIncludeTestInterfaces(false);
}
@After
@@ -232,10 +342,51 @@
}
}
+ private boolean isInterfaceForTetheringAvailable() throws Exception {
+ // Before T, all ethernet interfaces could be used for server mode. Instead of
+ // waiting timeout, just checking whether the system currently has any
+ // ethernet interface is more reliable.
+ if (!SdkLevel.isAtLeastT()) {
+ return runAsShell(CONNECTIVITY_USE_RESTRICTED_NETWORKS, () -> mEm.isAvailable());
+ }
+
+ // If previous test case doesn't release tethering interface successfully, the other tests
+ // after that test may be skipped as unexcepted.
+ // TODO: figure out a better way to check default tethering interface existenion.
+ final TetheredInterfaceRequester requester = new TetheredInterfaceRequester(mHandler, mEm);
+ try {
+ // Use short timeout (200ms) for requesting an existing interface, if any, because
+ // it should reurn faster than requesting a new tethering interface. Using default
+ // timeout (5000ms, TIMEOUT_MS) may make that total testing time is over 1 minute
+ // test module timeout on internal testing.
+ // TODO: if this becomes flaky, consider using default timeout (5000ms) and moving
+ // this check into #setUpOnce.
+ return requester.getInterface(AVAILABLE_TETHER_IFACE_REQUEST_TIMEOUT_MS) != null;
+ } catch (TimeoutException e) {
+ return false;
+ } finally {
+ runAsShell(NETWORK_SETTINGS, () -> {
+ requester.release();
+ });
+ }
+ }
+
+ private void setIncludeTestInterfaces(boolean include) {
+ runAsShell(NETWORK_SETTINGS, () -> {
+ mEm.setIncludeTestInterfaces(include);
+ });
+ }
+
+ private void setPreferTestNetworks(boolean prefer) {
+ runAsShell(NETWORK_SETTINGS, () -> {
+ mTm.setPreferTestNetworks(prefer);
+ });
+ }
+
@Test
public void testVirtualEthernetAlreadyExists() throws Exception {
// This test requires manipulating packets. Skip if there is a physical Ethernet connected.
- assumeFalse(mEm.isAvailable());
+ assumeFalse(isInterfaceForTetheringAvailable());
mDownstreamIface = createTestInterface();
// This must be done now because as soon as setIncludeTestInterfaces(true) is called, the
@@ -245,7 +396,7 @@
int mtu = getMTU(mDownstreamIface);
Log.d(TAG, "Including test interfaces");
- mEm.setIncludeTestInterfaces(true);
+ setIncludeTestInterfaces(true);
final String iface = mTetheredInterfaceRequester.getInterface();
assertEquals("TetheredInterfaceCallback for unexpected interface",
@@ -257,11 +408,11 @@
@Test
public void testVirtualEthernet() throws Exception {
// This test requires manipulating packets. Skip if there is a physical Ethernet connected.
- assumeFalse(mEm.isAvailable());
+ assumeFalse(isInterfaceForTetheringAvailable());
CompletableFuture<String> futureIface = mTetheredInterfaceRequester.requestInterface();
- mEm.setIncludeTestInterfaces(true);
+ setIncludeTestInterfaces(true);
mDownstreamIface = createTestInterface();
@@ -274,9 +425,9 @@
@Test
public void testStaticIpv4() throws Exception {
- assumeFalse(mEm.isAvailable());
+ assumeFalse(isInterfaceForTetheringAvailable());
- mEm.setIncludeTestInterfaces(true);
+ setIncludeTestInterfaces(true);
mDownstreamIface = createTestInterface();
@@ -316,27 +467,16 @@
}
- private static boolean isRouterAdvertisement(byte[] pkt) {
- if (pkt == null) return false;
-
- ByteBuffer buf = ByteBuffer.wrap(pkt);
-
- final EthernetHeader ethHdr = Struct.parse(EthernetHeader.class, buf);
- if (ethHdr.etherType != ETHER_TYPE_IPV6) return false;
-
- final Ipv6Header ipv6Hdr = Struct.parse(Ipv6Header.class, buf);
- if (ipv6Hdr.nextHeader != (byte) IPPROTO_ICMPV6) return false;
-
- final Icmpv6Header icmpv6Hdr = Struct.parse(Icmpv6Header.class, buf);
- return icmpv6Hdr.type == (short) ICMPV6_ROUTER_ADVERTISEMENT;
- }
-
- private static void expectRouterAdvertisement(TapPacketReader reader, String iface,
+ private static void waitForRouterAdvertisement(TapPacketReader reader, String iface,
long timeoutMs) {
final long deadline = SystemClock.uptimeMillis() + timeoutMs;
do {
byte[] pkt = reader.popPacket(timeoutMs);
- if (isRouterAdvertisement(pkt)) return;
+ if (isExpectedIcmpPacket(pkt, true /* hasEth */, false /* isIpv4 */,
+ ICMPV6_ROUTER_ADVERTISEMENT)) {
+ return;
+ }
+
timeoutMs = deadline - SystemClock.uptimeMillis();
} while (timeoutMs > 0);
fail("Did not receive router advertisement on " + iface + " after "
@@ -366,9 +506,9 @@
@Test
public void testLocalOnlyTethering() throws Exception {
- assumeFalse(mEm.isAvailable());
+ assumeFalse(isInterfaceForTetheringAvailable());
- mEm.setIncludeTestInterfaces(true);
+ setIncludeTestInterfaces(true);
mDownstreamIface = createTestInterface();
@@ -388,7 +528,7 @@
// before the reader is started.
mDownstreamReader = makePacketReader(mDownstreamIface);
- expectRouterAdvertisement(mDownstreamReader, iface, 2000 /* timeoutMs */);
+ waitForRouterAdvertisement(mDownstreamReader, iface, WAIT_RA_TIMEOUT_MS);
expectLocalOnlyAddresses(iface);
}
@@ -400,7 +540,7 @@
@Test
public void testPhysicalEthernet() throws Exception {
- assumeTrue(mEm.isAvailable());
+ assumeTrue(isInterfaceForTetheringAvailable());
// Do not run this test if adb is over network and ethernet is connected.
// It is likely the adb run over ethernet, the adb would break when ethernet is switching
// from client mode to server mode. See b/160389275.
@@ -441,6 +581,7 @@
private final CountDownLatch mLocalOnlyStoppedLatch = new CountDownLatch(1);
private final CountDownLatch mClientConnectedLatch = new CountDownLatch(1);
private final CountDownLatch mUpstreamLatch = new CountDownLatch(1);
+ private final CountDownLatch mCallbackRegisteredLatch = new CountDownLatch(1);
private final TetheringInterface mIface;
private final Network mExpectedUpstream;
@@ -519,6 +660,22 @@
mLocalOnlyStartedLatch.await(TIMEOUT_MS, TimeUnit.MILLISECONDS));
}
+ // Used to check if the callback has registered. When the callback is registered,
+ // onSupportedTetheringTypes is celled in onCallbackStarted(). After
+ // onSupportedTetheringTypes called, drop the permission for registering callback.
+ // See MyTetheringEventCallback#register, TetheringManager#onCallbackStarted.
+ @Override
+ public void onSupportedTetheringTypes(Set<Integer> supportedTypes) {
+ // Used to check callback registered.
+ mCallbackRegisteredLatch.countDown();
+ }
+
+ public void awaitCallbackRegistered() throws Exception {
+ if (!mCallbackRegisteredLatch.await(TIMEOUT_MS, TimeUnit.MILLISECONDS)) {
+ fail("Did not receive callback registered signal after " + TIMEOUT_MS + "ms");
+ }
+ }
+
public void awaitInterfaceUntethered() throws Exception {
// Don't block teardown if the interface was never tethered.
// This is racy because the interface might become tethered right after this check, but
@@ -575,10 +732,17 @@
}
}
- public Network awaitUpstreamChanged() throws Exception {
+ public Network awaitUpstreamChanged(boolean throwTimeoutException) throws Exception {
if (!mUpstreamLatch.await(TIMEOUT_MS, TimeUnit.MILLISECONDS)) {
- fail("Did not receive upstream " + (mAcceptAnyUpstream ? "any" : mExpectedUpstream)
- + " callback after " + TIMEOUT_MS + "ms");
+ final String errorMessage = "Did not receive upstream "
+ + (mAcceptAnyUpstream ? "any" : mExpectedUpstream)
+ + " callback after " + TIMEOUT_MS + "ms";
+
+ if (throwTimeoutException) {
+ throw new TimeoutException(errorMessage);
+ } else {
+ fail(errorMessage);
+ }
}
return mUpstream;
}
@@ -594,16 +758,34 @@
} else {
callback = new MyTetheringEventCallback(mTm, iface);
}
- mTm.registerTetheringEventCallback(mHandler::post, callback);
-
+ runAsShell(NETWORK_SETTINGS, () -> {
+ mTm.registerTetheringEventCallback(mHandler::post, callback);
+ // Need to hold the shell permission until callback is registered. This helps to avoid
+ // the test become flaky.
+ callback.awaitCallbackRegistered();
+ });
+ final CountDownLatch tetheringStartedLatch = new CountDownLatch(1);
StartTetheringCallback startTetheringCallback = new StartTetheringCallback() {
@Override
+ public void onTetheringStarted() {
+ Log.d(TAG, "Ethernet tethering started");
+ tetheringStartedLatch.countDown();
+ }
+
+ @Override
public void onTetheringFailed(int resultCode) {
fail("Unexpectedly got onTetheringFailed");
}
};
Log.d(TAG, "Starting Ethernet tethering");
- mTm.startTethering(request, mHandler::post /* executor */, startTetheringCallback);
+ runAsShell(TETHER_PRIVILEGED, () -> {
+ mTm.startTethering(request, mHandler::post /* executor */, startTetheringCallback);
+ // Binder call is an async call. Need to hold the shell permission until tethering
+ // started. This helps to avoid the test become flaky.
+ if (!tetheringStartedLatch.await(TIMEOUT_MS, TimeUnit.MILLISECONDS)) {
+ fail("Did not receive tethering started callback after " + TIMEOUT_MS + "ms");
+ }
+ });
final int connectivityType = request.getConnectivityScope();
switch (connectivityType) {
@@ -711,12 +893,17 @@
public CompletableFuture<String> requestInterface() {
assertNull("BUG: more than one tethered interface request", mRequest);
Log.d(TAG, "Requesting tethered interface");
- mRequest = mEm.requestTetheredInterface(mHandler::post, this);
+ mRequest = runAsShell(NETWORK_SETTINGS, () ->
+ mEm.requestTetheredInterface(mHandler::post, this));
return mFuture;
}
+ public String getInterface(int timeout) throws Exception {
+ return requestInterface().get(timeout, TimeUnit.MILLISECONDS);
+ }
+
public String getInterface() throws Exception {
- return requestInterface().get(TIMEOUT_MS, TimeUnit.MILLISECONDS);
+ return getInterface(TIMEOUT_MS);
}
public void release() {
@@ -767,8 +954,10 @@
}
private TestNetworkInterface createTestInterface() throws Exception {
- TestNetworkManager tnm = mContext.getSystemService(TestNetworkManager.class);
- TestNetworkInterface iface = tnm.createTapInterface();
+ TestNetworkManager tnm = runAsShell(MANAGE_TEST_NETWORKS, () ->
+ mContext.getSystemService(TestNetworkManager.class));
+ TestNetworkInterface iface = runAsShell(MANAGE_TEST_NETWORKS, () ->
+ tnm.createTapInterface());
Log.d(TAG, "Created test interface " + iface.getInterfaceName());
return iface;
}
@@ -781,36 +970,43 @@
}
}
- private TestNetworkTracker createTestUpstream(final List<LinkAddress> addresses)
- throws Exception {
- mTm.setPreferTestNetworks(true);
+ private TestNetworkTracker createTestUpstream(final List<LinkAddress> addresses,
+ final List<InetAddress> dnses) throws Exception {
+ setPreferTestNetworks(true);
- return initTestNetwork(mContext, addresses, TIMEOUT_MS);
+ final LinkProperties lp = new LinkProperties();
+ lp.setLinkAddresses(addresses);
+ lp.setDnsServers(dnses);
+ lp.setNat64Prefix(TEST_NAT64PREFIX);
+
+ return runAsShell(MANAGE_TEST_NETWORKS, () -> initTestNetwork(mContext, lp, TIMEOUT_MS));
}
@Test
- public void testTestNetworkUpstream() throws Exception {
- assumeFalse(mEm.isAvailable());
+ public void testIcmpv6Echo() throws Exception {
+ runPing6Test(initTetheringTester(toList(TEST_IP4_ADDR, TEST_IP6_ADDR),
+ toList(TEST_IP4_DNS, TEST_IP6_DNS)));
+ }
- // MyTetheringEventCallback currently only support await first available upstream. Tethering
- // may select internet network as upstream if test network is not available and not be
- // preferred yet. Create test upstream network before enable tethering.
- mUpstreamTracker = createTestUpstream(toList(TEST_IP4_ADDR, TEST_IP6_ADDR));
+ private void runPing6Test(TetheringTester tester) throws Exception {
+ TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, true /* hasIpv6 */);
+ Inet6Address remoteIp6Addr = (Inet6Address) parseNumericAddress("2400:222:222::222");
+ ByteBuffer request = Ipv6Utils.buildEchoRequestPacket(tethered.macAddr,
+ tethered.routerMacAddr, tethered.ipv6Addr, remoteIp6Addr);
+ tester.verifyUpload(request, p -> {
+ Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
- mDownstreamIface = createTestInterface();
- mEm.setIncludeTestInterfaces(true);
+ return isExpectedIcmpPacket(p, false /* hasEth */, false /* isIpv4 */,
+ ICMPV6_ECHO_REQUEST_TYPE);
+ });
- final String iface = mTetheredInterfaceRequester.getInterface();
- assertEquals("TetheredInterfaceCallback for unexpected interface",
- mDownstreamIface.getInterfaceName(), iface);
+ ByteBuffer reply = Ipv6Utils.buildEchoReplyPacket(remoteIp6Addr, tethered.ipv6Addr);
+ tester.verifyDownload(reply, p -> {
+ Log.d(TAG, "Packet in downstream: " + dumpHexString(p));
- mTetheringEventCallback = enableEthernetTethering(mDownstreamIface.getInterfaceName(),
- mUpstreamTracker.getNetwork());
- assertEquals("onUpstreamChanged for unexpected network", mUpstreamTracker.getNetwork(),
- mTetheringEventCallback.awaitUpstreamChanged());
-
- mDownstreamReader = makePacketReader(mDownstreamIface);
- // TODO: do basic forwarding test here.
+ return isExpectedIcmpPacket(p, true /* hasEth */, false /* isIpv4 */,
+ ICMPV6_ECHO_REPLY_TYPE);
+ });
}
// Test network topology:
@@ -828,58 +1024,57 @@
// Used by public port and private port. Assume port 9876 has not been used yet before the
// testing that public port and private port are the same in the testing. Note that NAT port
// forwarding could be different between private port and public port.
+ // TODO: move to the start of test class.
private static final short LOCAL_PORT = 9876;
private static final short REMOTE_PORT = 433;
private static final byte TYPE_OF_SERVICE = 0;
private static final short ID = 27149;
- private static final short ID2 = 27150;
- private static final short ID3 = 27151;
private static final short FLAGS_AND_FRAGMENT_OFFSET = (short) 0x4000; // flags=DF, offset=0
private static final byte TIME_TO_LIVE = (byte) 0x40;
- private static final ByteBuffer PAYLOAD =
+ private static final ByteBuffer RX_PAYLOAD =
ByteBuffer.wrap(new byte[] { (byte) 0x12, (byte) 0x34 });
- private static final ByteBuffer PAYLOAD2 =
+ private static final ByteBuffer TX_PAYLOAD =
ByteBuffer.wrap(new byte[] { (byte) 0x56, (byte) 0x78 });
- private static final ByteBuffer PAYLOAD3 =
- ByteBuffer.wrap(new byte[] { (byte) 0x9a, (byte) 0xbc });
- private boolean isExpectedUdpPacket(@NonNull final byte[] rawPacket, boolean hasEther,
- @NonNull final ByteBuffer payload) {
- final ByteBuffer buf = ByteBuffer.wrap(rawPacket);
+ private short getEthType(@NonNull final InetAddress srcIp, @NonNull final InetAddress dstIp) {
+ return isAddressIpv4(srcIp, dstIp) ? (short) ETHER_TYPE_IPV4 : (short) ETHER_TYPE_IPV6;
+ }
- if (hasEther) {
- final EthernetHeader etherHeader = Struct.parse(EthernetHeader.class, buf);
- if (etherHeader == null) return false;
- }
-
- final Ipv4Header ipv4Header = Struct.parse(Ipv4Header.class, buf);
- if (ipv4Header == null) return false;
-
- final UdpHeader udpHeader = Struct.parse(UdpHeader.class, buf);
- if (udpHeader == null) return false;
-
- if (buf.remaining() != payload.limit()) return false;
-
- return Arrays.equals(Arrays.copyOfRange(buf.array(), buf.position(), buf.limit()),
- payload.array());
+ private int getIpProto(@NonNull final InetAddress srcIp, @NonNull final InetAddress dstIp) {
+ return isAddressIpv4(srcIp, dstIp) ? IPPROTO_IP : IPPROTO_IPV6;
}
@NonNull
- private ByteBuffer buildUdpv4Packet(@Nullable final MacAddress srcMac,
- @Nullable final MacAddress dstMac, short id,
- @NonNull final Inet4Address srcIp, @NonNull final Inet4Address dstIp,
+ private ByteBuffer buildUdpPacket(
+ @Nullable final MacAddress srcMac, @Nullable final MacAddress dstMac,
+ @NonNull final InetAddress srcIp, @NonNull final InetAddress dstIp,
short srcPort, short dstPort, @Nullable final ByteBuffer payload)
throws Exception {
+ final int ipProto = getIpProto(srcIp, dstIp);
final boolean hasEther = (srcMac != null && dstMac != null);
final int payloadLen = (payload == null) ? 0 : payload.limit();
- final ByteBuffer buffer = PacketBuilder.allocate(hasEther, IPPROTO_IP, IPPROTO_UDP,
+ final ByteBuffer buffer = PacketBuilder.allocate(hasEther, ipProto, IPPROTO_UDP,
payloadLen);
final PacketBuilder packetBuilder = new PacketBuilder(buffer);
- if (hasEther) packetBuilder.writeL2Header(srcMac, dstMac, (short) ETHER_TYPE_IPV4);
- packetBuilder.writeIpv4Header(TYPE_OF_SERVICE, ID, FLAGS_AND_FRAGMENT_OFFSET,
- TIME_TO_LIVE, (byte) IPPROTO_UDP, srcIp, dstIp);
+ // [1] Ethernet header
+ if (hasEther) {
+ packetBuilder.writeL2Header(srcMac, dstMac, getEthType(srcIp, dstIp));
+ }
+
+ // [2] IP header
+ if (ipProto == IPPROTO_IP) {
+ packetBuilder.writeIpv4Header(TYPE_OF_SERVICE, ID, FLAGS_AND_FRAGMENT_OFFSET,
+ TIME_TO_LIVE, (byte) IPPROTO_UDP, (Inet4Address) srcIp, (Inet4Address) dstIp);
+ } else {
+ packetBuilder.writeIpv6Header(VERSION_TRAFFICCLASS_FLOWLABEL, (byte) IPPROTO_UDP,
+ HOP_LIMIT, (Inet6Address) srcIp, (Inet6Address) dstIp);
+ }
+
+ // [3] UDP header
packetBuilder.writeUdpHeader(srcPort, dstPort);
+
+ // [4] Payload
if (payload != null) {
buffer.put(payload);
// in case data might be reused by caller, restore the position and
@@ -891,38 +1086,110 @@
}
@NonNull
- private ByteBuffer buildUdpv4Packet(short id, @NonNull final Inet4Address srcIp,
- @NonNull final Inet4Address dstIp, short srcPort, short dstPort,
+ private ByteBuffer buildUdpPacket(@NonNull final InetAddress srcIp,
+ @NonNull final InetAddress dstIp, short srcPort, short dstPort,
@Nullable final ByteBuffer payload) throws Exception {
- return buildUdpv4Packet(null /* srcMac */, null /* dstMac */, id, srcIp, dstIp, srcPort,
+ return buildUdpPacket(null /* srcMac */, null /* dstMac */, srcIp, dstIp, srcPort,
dstPort, payload);
}
- // TODO: remove this verification once upstream connected notification race is fixed.
- // See #runUdp4Test.
- private boolean isIpv4TetherConnectivityVerified(TetheringTester tester,
- RemoteResponder remote, TetheredDevice tethered) throws Exception {
- final ByteBuffer probePacket = buildUdpv4Packet(tethered.macAddr,
- tethered.routerMacAddr, ID, tethered.ipv4Addr /* srcIp */,
- REMOTE_IP4_ADDR /* dstIp */, LOCAL_PORT /* srcPort */, REMOTE_PORT /*dstPort */,
+ private boolean isAddressIpv4(@NonNull final InetAddress srcIp,
+ @NonNull final InetAddress dstIp) {
+ if (srcIp instanceof Inet4Address && dstIp instanceof Inet4Address) return true;
+ if (srcIp instanceof Inet6Address && dstIp instanceof Inet6Address) return false;
+
+ fail("Unsupported conditions: srcIp " + srcIp + ", dstIp " + dstIp);
+ return false; // unreachable
+ }
+
+ private void sendDownloadPacketUdp(@NonNull final InetAddress srcIp,
+ @NonNull final InetAddress dstIp, @NonNull final TetheringTester tester,
+ boolean is6To4) throws Exception {
+ if (is6To4) {
+ assertFalse("CLAT download test must sends IPv6 packet", isAddressIpv4(srcIp, dstIp));
+ }
+
+ // Expected received UDP packet IP protocol. While testing CLAT (is6To4 = true), the packet
+ // on downstream must be IPv4. Otherwise, the IP protocol of test packet is the same on
+ // both downstream and upstream.
+ final boolean isIpv4 = is6To4 ? true : isAddressIpv4(srcIp, dstIp);
+
+ final ByteBuffer testPacket = buildUdpPacket(srcIp, dstIp, REMOTE_PORT /* srcPort */,
+ LOCAL_PORT /* dstPort */, RX_PAYLOAD);
+ tester.verifyDownload(testPacket, p -> {
+ Log.d(TAG, "Packet in downstream: " + dumpHexString(p));
+ return isExpectedUdpPacket(p, true /* hasEther */, isIpv4, RX_PAYLOAD);
+ });
+ }
+
+ private void sendUploadPacketUdp(@NonNull final MacAddress srcMac,
+ @NonNull final MacAddress dstMac, @NonNull final InetAddress srcIp,
+ @NonNull final InetAddress dstIp, @NonNull final TetheringTester tester,
+ boolean is4To6) throws Exception {
+ if (is4To6) {
+ assertTrue("CLAT upload test must sends IPv4 packet", isAddressIpv4(srcIp, dstIp));
+ }
+
+ // Expected received UDP packet IP protocol. While testing CLAT (is4To6 = true), the packet
+ // on upstream must be IPv6. Otherwise, the IP protocol of test packet is the same on
+ // both downstream and upstream.
+ final boolean isIpv4 = is4To6 ? false : isAddressIpv4(srcIp, dstIp);
+
+ final ByteBuffer testPacket = buildUdpPacket(srcMac, dstMac, srcIp, dstIp,
+ LOCAL_PORT /* srcPort */, REMOTE_PORT /* dstPort */, TX_PAYLOAD);
+ tester.verifyUpload(testPacket, p -> {
+ Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
+ return isExpectedUdpPacket(p, false /* hasEther */, isIpv4, TX_PAYLOAD);
+ });
+ }
+
+ @Test
+ public void testTetherUdpV6() throws Exception {
+ final TetheringTester tester = initTetheringTester(toList(TEST_IP6_ADDR),
+ toList(TEST_IP6_DNS));
+ final TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, true /* hasIpv6 */);
+ sendUploadPacketUdp(tethered.macAddr, tethered.routerMacAddr,
+ tethered.ipv6Addr, REMOTE_IP6_ADDR, tester, false /* is4To6 */);
+ sendDownloadPacketUdp(REMOTE_IP6_ADDR, tethered.ipv6Addr, tester, false /* is6To4 */);
+
+ // TODO: test BPF offload maps {rule, stats}.
+ }
+
+ // TODO: remove ipv4 verification (is4To6 = false) once upstream connected notification race is
+ // fixed. See #runUdp4Test.
+ //
+ // This function sends a probe packet to downstream interface and exam the result from upstream
+ // interface to make sure ipv4 tethering is ready. Return the entire packet which received from
+ // upstream interface.
+ @NonNull
+ private byte[] probeV4TetheringConnectivity(TetheringTester tester, TetheredDevice tethered,
+ boolean is4To6) throws Exception {
+ final ByteBuffer probePacket = buildUdpPacket(tethered.macAddr,
+ tethered.routerMacAddr, tethered.ipv4Addr /* srcIp */,
+ REMOTE_IP4_ADDR /* dstIp */, LOCAL_PORT /* srcPort */, REMOTE_PORT /* dstPort */,
TEST_REACHABILITY_PAYLOAD);
// Send a UDP packet from client and check the packet can be found on upstream interface.
for (int i = 0; i < TETHER_REACHABILITY_ATTEMPTS; i++) {
- tester.sendPacket(probePacket);
- byte[] expectedPacket = remote.getNextMatchedPacket(p -> {
+ byte[] expectedPacket = tester.testUpload(probePacket, p -> {
Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
- return isExpectedUdpPacket(p, false /* hasEther */, TEST_REACHABILITY_PAYLOAD);
+ // If is4To6 is true, the ipv4 probe packet would be translated to ipv6 by Clat and
+ // would see this translated ipv6 packet in upstream interface.
+ return isExpectedUdpPacket(p, false /* hasEther */, !is4To6 /* isIpv4 */,
+ TEST_REACHABILITY_PAYLOAD);
});
- if (expectedPacket != null) return true;
+ if (expectedPacket != null) return expectedPacket;
}
- return false;
+
+ fail("Can't verify " + (is4To6 ? "ipv4 to ipv6" : "ipv4") + " tethering connectivity after "
+ + TETHER_REACHABILITY_ATTEMPTS + " attempts");
+ return null;
}
- private void runUdp4Test(TetheringTester tester, RemoteResponder remote, boolean usingBpf)
- throws Exception {
- final TetheredDevice tethered = tester.createTetheredDevice(MacAddress.fromString(
- "1:2:3:4:5:6"));
+ private void runUdp4Test(boolean verifyBpf) throws Exception {
+ final TetheringTester tester = initTetheringTester(toList(TEST_IP4_ADDR),
+ toList(TEST_IP4_DNS));
+ final TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, false /* hasIpv6 */);
// TODO: remove the connectivity verification for upstream connected notification race.
// Because async upstream connected notification can't guarantee the tethering routing is
@@ -930,29 +1197,17 @@
// For short term plan, consider using IPv6 RA to get MAC address because the prefix comes
// from upstream. That can guarantee that the routing is ready. Long term plan is that
// refactors upstream connected notification from async to sync.
- assertTrue(isIpv4TetherConnectivityVerified(tester, remote, tethered));
+ probeV4TetheringConnectivity(tester, tethered, false /* is4To6 */);
- // Send a UDP packet in original direction.
- final ByteBuffer originalPacket = buildUdpv4Packet(tethered.macAddr,
- tethered.routerMacAddr, ID, tethered.ipv4Addr /* srcIp */,
- REMOTE_IP4_ADDR /* dstIp */, LOCAL_PORT /* srcPort */, REMOTE_PORT /*dstPort */,
- PAYLOAD /* payload */);
- tester.verifyUpload(remote, originalPacket, p -> {
- Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
- return isExpectedUdpPacket(p, false /* hasEther */, PAYLOAD);
- });
+ final MacAddress srcMac = tethered.macAddr;
+ final MacAddress dstMac = tethered.routerMacAddr;
+ final InetAddress remoteIp = REMOTE_IP4_ADDR;
+ final InetAddress tetheringUpstreamIp = TEST_IP4_ADDR.getAddress();
+ final InetAddress clientIp = tethered.ipv4Addr;
+ sendUploadPacketUdp(srcMac, dstMac, clientIp, remoteIp, tester, false /* is4To6 */);
+ sendDownloadPacketUdp(remoteIp, tetheringUpstreamIp, tester, false /* is6To4 */);
- // Send a UDP packet in reply direction.
- final Inet4Address publicIp4Addr = (Inet4Address) TEST_IP4_ADDR.getAddress();
- final ByteBuffer replyPacket = buildUdpv4Packet(ID2, REMOTE_IP4_ADDR /* srcIp */,
- publicIp4Addr /* dstIp */, REMOTE_PORT /* srcPort */, LOCAL_PORT /*dstPort */,
- PAYLOAD2 /* payload */);
- remote.verifyDownload(tester, replyPacket, p -> {
- Log.d(TAG, "Packet in downstream: " + dumpHexString(p));
- return isExpectedUdpPacket(p, true/* hasEther */, PAYLOAD2);
- });
-
- if (usingBpf) {
+ if (verifyBpf) {
// Send second UDP packet in original direction.
// The BPF coordinator only offloads the ASSURED conntrack entry. The "request + reply"
// packets can make status IPS_SEEN_REPLY to be set. Need one more packet to make
@@ -962,14 +1217,10 @@
// See kernel upstream commit b7b1d02fc43925a4d569ec221715db2dfa1ce4f5 and
// nf_conntrack_udp_packet in net/netfilter/nf_conntrack_proto_udp.c
Thread.sleep(UDP_STREAM_TS_MS);
- final ByteBuffer originalPacket2 = buildUdpv4Packet(tethered.macAddr,
- tethered.routerMacAddr, ID, tethered.ipv4Addr /* srcIp */,
- REMOTE_IP4_ADDR /* dstIp */, LOCAL_PORT /* srcPort */,
- REMOTE_PORT /*dstPort */, PAYLOAD3 /* payload */);
- tester.verifyUpload(remote, originalPacket2, p -> {
- Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
- return isExpectedUdpPacket(p, false /* hasEther */, PAYLOAD3);
- });
+ sendUploadPacketUdp(srcMac, dstMac, clientIp, remoteIp, tester, false /* is4To6 */);
+
+ // Give a slack time for handling conntrack event in user space.
+ Thread.sleep(UDP_STREAM_SLACK_MS);
// [1] Verify IPv4 upstream rule map.
final HashMap<Tether4Key, Tether4Value> upstreamMap = pollRawMapFromDump(
@@ -988,7 +1239,7 @@
assertEquals(REMOTE_PORT, upstream4Key.dstPort);
final Tether4Value upstream4Value = rule.getValue();
- assertTrue(Arrays.equals(publicIp4Addr.getAddress(),
+ assertTrue(Arrays.equals(tetheringUpstreamIp.getAddress(),
InetAddress.getByAddress(upstream4Value.src46).getAddress()));
assertEquals(LOCAL_PORT, upstream4Value.srcPort);
assertTrue(Arrays.equals(REMOTE_IP4_ADDR.getAddress(),
@@ -1002,18 +1253,13 @@
// Send packets on original direction.
for (int i = 0; i < TX_UDP_PACKET_COUNT; i++) {
- tester.verifyUpload(remote, originalPacket, p -> {
- Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
- return isExpectedUdpPacket(p, false /* hasEther */, PAYLOAD);
- });
+ sendUploadPacketUdp(srcMac, dstMac, clientIp, remoteIp, tester,
+ false /* is4To6 */);
}
// Send packets on reply direction.
for (int i = 0; i < RX_UDP_PACKET_COUNT; i++) {
- remote.verifyDownload(tester, replyPacket, p -> {
- Log.d(TAG, "Packet in downstream: " + dumpHexString(p));
- return isExpectedUdpPacket(p, true/* hasEther */, PAYLOAD2);
- });
+ sendDownloadPacketUdp(remoteIp, tetheringUpstreamIp, tester, false /* is6To4 */);
}
// Dump stats map to verify.
@@ -1037,36 +1283,94 @@
}
}
- void initializeTethering() throws Exception {
- assumeFalse(mEm.isAvailable());
+ // TODO: remove triggering upstream reselection once test network can replace selected upstream
+ // network in Tethering module.
+ private void maybeRetryTestedUpstreamChanged(final Network expectedUpstream,
+ final TimeoutException fallbackException) throws Exception {
+ // Fall back original exception because no way to reselect if there is no WIFI feature.
+ assertTrue(fallbackException.toString(), mPackageManager.hasSystemFeature(FEATURE_WIFI));
+
+ // Try to toggle wifi network, if any, to reselect upstream network via default network
+ // switching. Because test network has higher priority than internet network, this can
+ // help selecting test network to be upstream network for testing. This tries to avoid
+ // the flaky upstream selection under multinetwork environment. Internet and test network
+ // upstream changed event order is not guaranteed. Once tethering selects non-test
+ // upstream {wifi, ..}, test network won't be selected anymore. If too many test cases
+ // trigger the reselection, the total test time may over test suite 1 minmute timeout.
+ // Probably need to disable/restore all internet networks in a common place of test
+ // process. Currently, EthernetTetheringTest is part of CTS test which needs wifi network
+ // connection if device has wifi feature. CtsNetUtils#toggleWifi() checks wifi connection
+ // during the toggling process.
+ // See Tethering#chooseUpstreamType, CtsNetUtils#toggleWifi.
+ // TODO: toggle cellular network if the device has no WIFI feature.
+ Log.d(TAG, "Toggle WIFI to retry upstream selection");
+ mCtsNetUtils.toggleWifi();
+
+ // Wait for expected upstream.
+ final CompletableFuture<Network> future = new CompletableFuture<>();
+ final TetheringEventCallback callback = new TetheringEventCallback() {
+ @Override
+ public void onUpstreamChanged(Network network) {
+ Log.d(TAG, "Got upstream changed: " + network);
+ if (Objects.equals(expectedUpstream, network)) {
+ future.complete(network);
+ }
+ }
+ };
+ try {
+ mTm.registerTetheringEventCallback(mHandler::post, callback);
+ assertEquals("onUpstreamChanged for unexpected network", expectedUpstream,
+ future.get(TIMEOUT_MS, TimeUnit.MILLISECONDS));
+ } catch (TimeoutException e) {
+ throw new AssertionError("Did not receive upstream " + expectedUpstream
+ + " callback after " + TIMEOUT_MS + "ms");
+ } finally {
+ mTm.unregisterTetheringEventCallback(callback);
+ }
+ }
+
+ private TetheringTester initTetheringTester(List<LinkAddress> upstreamAddresses,
+ List<InetAddress> upstreamDnses) throws Exception {
+ assumeFalse(isInterfaceForTetheringAvailable());
// MyTetheringEventCallback currently only support await first available upstream. Tethering
// may select internet network as upstream if test network is not available and not be
// preferred yet. Create test upstream network before enable tethering.
- mUpstreamTracker = createTestUpstream(toList(TEST_IP4_ADDR));
+ mUpstreamTracker = createTestUpstream(upstreamAddresses, upstreamDnses);
mDownstreamIface = createTestInterface();
- mEm.setIncludeTestInterfaces(true);
+ setIncludeTestInterfaces(true);
- final String iface = mTetheredInterfaceRequester.getInterface();
+ // Make sure EtherentTracker use "mDownstreamIface" as server mode interface.
assertEquals("TetheredInterfaceCallback for unexpected interface",
- mDownstreamIface.getInterfaceName(), iface);
+ mDownstreamIface.getInterfaceName(), mTetheredInterfaceRequester.getInterface());
mTetheringEventCallback = enableEthernetTethering(mDownstreamIface.getInterfaceName(),
mUpstreamTracker.getNetwork());
- assertEquals("onUpstreamChanged for unexpected network", mUpstreamTracker.getNetwork(),
- mTetheringEventCallback.awaitUpstreamChanged());
+
+ try {
+ assertEquals("onUpstreamChanged for test network", mUpstreamTracker.getNetwork(),
+ mTetheringEventCallback.awaitUpstreamChanged(
+ true /* throwTimeoutException */));
+ } catch (TimeoutException e) {
+ // Due to race condition inside tethering module, test network may not be selected as
+ // tethering upstream. Force tethering retry upstream if possible. If it is not
+ // possible to retry, fail the test with the original timeout exception.
+ maybeRetryTestedUpstreamChanged(mUpstreamTracker.getNetwork(), e);
+ }
mDownstreamReader = makePacketReader(mDownstreamIface);
mUpstreamReader = makePacketReader(mUpstreamTracker.getTestIface());
- }
- @Test
- @IgnoreAfter(Build.VERSION_CODES.R)
- public void testTetherUdpV4UpToR() throws Exception {
- initializeTethering();
- runUdp4Test(new TetheringTester(mDownstreamReader), new RemoteResponder(mUpstreamReader),
- false /* usingBpf */);
+ final ConnectivityManager cm = mContext.getSystemService(ConnectivityManager.class);
+ // Currently tethering don't have API to tell when ipv6 tethering is available. Thus, make
+ // sure tethering already have ipv6 connectivity before testing.
+ if (cm.getLinkProperties(mUpstreamTracker.getNetwork()).hasGlobalIpv6Address()) {
+ waitForRouterAdvertisement(mDownstreamReader, mDownstreamIface.getInterfaceName(),
+ WAIT_RA_TIMEOUT_MS);
+ }
+
+ return new TetheringTester(mDownstreamReader, mUpstreamReader);
}
private static boolean isUdpOffloadSupportedByKernel(final String kernelVersion) {
@@ -1095,46 +1399,47 @@
assertTrue(isUdpOffloadSupportedByKernel("5.10.0"));
}
- // TODO: refactor test testTetherUdpV4* into IPv4 UDP non-offload and offload tests.
- // That can be easier to know which feature is verified from test results.
- @Test
- @IgnoreUpTo(Build.VERSION_CODES.R)
- public void testTetherUdpV4AfterR() throws Exception {
- initializeTethering();
+ private static void assumeKernelSupportBpfOffloadUdpV4() {
final String kernelVersion = VintfRuntimeInfo.getKernelVersion();
- boolean usingBpf = isUdpOffloadSupportedByKernel(kernelVersion);
- if (!usingBpf) {
- Log.i(TAG, "testTetherUdpV4AfterR will skip BPF offload test for kernel "
- + kernelVersion);
- }
- runUdp4Test(new TetheringTester(mDownstreamReader), new RemoteResponder(mUpstreamReader),
- usingBpf);
+ assumeTrue("Kernel version " + kernelVersion + " doesn't support IPv4 UDP BPF offload",
+ isUdpOffloadSupportedByKernel(kernelVersion));
}
- @Nullable
- private <K extends Struct, V extends Struct> Pair<K, V> parseMapKeyValue(
- Class<K> keyClass, Class<V> valueClass, @NonNull String dumpStr) {
- Log.w(TAG, "Parsing string: " + dumpStr);
+ @Test
+ public void testKernelSupportBpfOffloadUdpV4() throws Exception {
+ assumeKernelSupportBpfOffloadUdpV4();
+ }
- String[] keyValueStrs = dumpStr.split(BASE64_DELIMITER);
- if (keyValueStrs.length != 2 /* key + value */) {
- fail("The length is " + keyValueStrs.length + " but expect 2. "
- + "Split string(s): " + TextUtils.join(",", keyValueStrs));
- }
+ @Test
+ public void testTetherConfigBpfOffloadEnabled() throws Exception {
+ assumeTrue(isTetherConfigBpfOffloadEnabled());
+ }
- final byte[] keyBytes = Base64.decode(keyValueStrs[0], Base64.DEFAULT);
- Log.d(TAG, "keyBytes: " + dumpHexString(keyBytes));
- final ByteBuffer keyByteBuffer = ByteBuffer.wrap(keyBytes);
- keyByteBuffer.order(ByteOrder.nativeOrder());
- final K k = Struct.parse(keyClass, keyByteBuffer);
+ /**
+ * Basic IPv4 UDP tethering test. Verify that UDP tethered packets are transferred no matter
+ * using which data path.
+ */
+ @Test
+ public void testTetherUdpV4() throws Exception {
+ runUdp4Test(false /* verifyBpf */);
+ }
- final byte[] valueBytes = Base64.decode(keyValueStrs[1], Base64.DEFAULT);
- Log.d(TAG, "valueBytes: " + dumpHexString(valueBytes));
- final ByteBuffer valueByteBuffer = ByteBuffer.wrap(valueBytes);
- valueByteBuffer.order(ByteOrder.nativeOrder());
- final V v = Struct.parse(valueClass, valueByteBuffer);
+ /**
+ * BPF offload IPv4 UDP tethering test. Verify that UDP tethered packets are offloaded by BPF.
+ * Minimum test requirement:
+ * 1. S+ device.
+ * 2. Tethering config enables tethering BPF offload.
+ * 3. Kernel supports IPv4 UDP BPF offload. See #isUdpOffloadSupportedByKernel.
+ *
+ * TODO: consider enabling the test even tethering config disables BPF offload. See b/238288883
+ */
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.R)
+ public void testTetherUdpV4_VerifyBpf() throws Exception {
+ assumeTrue("Tethering config disabled BPF offload", isTetherConfigBpfOffloadEnabled());
+ assumeKernelSupportBpfOffloadUdpV4();
- return new Pair<>(k, v);
+ runUdp4Test(true /* verifyBpf */);
}
@NonNull
@@ -1142,11 +1447,13 @@
Class<K> keyClass, Class<V> valueClass, @NonNull String mapArg)
throws Exception {
final String[] args = new String[] {DUMPSYS_TETHERING_RAWMAP_ARG, mapArg};
- final String rawMapStr = DumpTestUtils.dumpService(Context.TETHERING_SERVICE, args);
+ final String rawMapStr = runAsShell(DUMP, () ->
+ DumpTestUtils.dumpService(Context.TETHERING_SERVICE, args));
final HashMap<K, V> map = new HashMap<>();
for (final String line : rawMapStr.split(LINE_DELIMITER)) {
- final Pair<K, V> rule = parseMapKeyValue(keyClass, valueClass, line.trim());
+ final Pair<K, V> rule =
+ BpfDump.fromBase64EncodedString(keyClass, valueClass, line.trim());
map.put(rule.first, rule.second);
}
return map;
@@ -1167,6 +1474,493 @@
return null;
}
+ private boolean isTetherConfigBpfOffloadEnabled() throws Exception {
+ final String dumpStr = runAsShell(DUMP, () ->
+ DumpTestUtils.dumpService(Context.TETHERING_SERVICE, "--short"));
+
+ // BPF offload tether config can be overridden by "config_tether_enable_bpf_offload" in
+ // packages/modules/Connectivity/Tethering/res/values/config.xml. OEM may disable config by
+ // RRO to override the enabled default value. Get the tethering config via dumpsys.
+ // $ dumpsys tethering
+ // mIsBpfEnabled: true
+ boolean enabled = dumpStr.contains("mIsBpfEnabled: true");
+ if (!enabled) {
+ Log.d(TAG, "BPF offload tether config not enabled: " + dumpStr);
+ }
+ return enabled;
+ }
+
+ @NonNull
+ private Inet6Address getClatIpv6Address(TetheringTester tester, TetheredDevice tethered)
+ throws Exception {
+ // Send an IPv4 UDP packet from client and check that a CLAT translated IPv6 UDP packet can
+ // be found on upstream interface. Get CLAT IPv6 address from the CLAT translated IPv6 UDP
+ // packet.
+ byte[] expectedPacket = probeV4TetheringConnectivity(tester, tethered, true /* is4To6 */);
+
+ // Above has guaranteed that the found packet is an IPv6 packet without ether header.
+ return Struct.parse(Ipv6Header.class, ByteBuffer.wrap(expectedPacket)).srcIp;
+ }
+
+ // Test network topology:
+ //
+ // public network (rawip) private network
+ // | UE (CLAT support) |
+ // +---------------+ V +------------+------------+ V +------------+
+ // | NAT64 Gateway +---------+ Upstream | Downstream +---------+ Client |
+ // +---------------+ +------------+------------+ +------------+
+ // remote ip public ip private ip
+ // [64:ff9b::808:808]:443 [clat ipv6]:9876 [TetheredDevice ipv4]:9876
+ //
+ // Note that CLAT IPv6 address is generated by ClatCoordinator. Get the CLAT IPv6 address by
+ // sending out an IPv4 packet and extracting the source address from CLAT translated IPv6
+ // packet.
+ //
+ private void runClatUdpTest() throws Exception {
+ // CLAT only starts on IPv6 only network.
+ final TetheringTester tester = initTetheringTester(toList(TEST_IP6_ADDR),
+ toList(TEST_IP6_DNS));
+ final TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, true /* hasIpv6 */);
+
+ // Get CLAT IPv6 address.
+ final Inet6Address clatIp6 = getClatIpv6Address(tester, tethered);
+
+ // Send an IPv4 UDP packet in original direction.
+ // IPv4 packet -- CLAT translation --> IPv6 packet
+ sendUploadPacketUdp(tethered.macAddr, tethered.routerMacAddr, tethered.ipv4Addr,
+ REMOTE_IP4_ADDR, tester, true /* is4To6 */);
+
+ // Send an IPv6 UDP packet in reply direction.
+ // IPv6 packet -- CLAT translation --> IPv4 packet
+ sendDownloadPacketUdp(REMOTE_NAT64_ADDR, clatIp6, tester, true /* is6To4 */);
+
+ // TODO: test CLAT bpf maps.
+ }
+
+ // TODO: support R device. See b/234727688.
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.R)
+ public void testTetherClatUdp() throws Exception {
+ runClatUdpTest();
+ }
+
+ // PacketBuilder doesn't support IPv4 ICMP packet. It may need to refactor PacketBuilder first
+ // because ICMP is a specific layer 3 protocol for PacketBuilder which expects packets always
+ // have layer 3 (IP) and layer 4 (TCP, UDP) for now. Since we don't use IPv4 ICMP packet too
+ // much in this test, we just write a ICMP packet builder here.
+ // TODO: move ICMPv4 packet build function to common utilis.
+ @NonNull
+ private ByteBuffer buildIcmpEchoPacketV4(
+ @Nullable final MacAddress srcMac, @Nullable final MacAddress dstMac,
+ @NonNull final Inet4Address srcIp, @NonNull final Inet4Address dstIp,
+ int type, short id, short seq) throws Exception {
+ if (type != ICMP_ECHO && type != ICMP_ECHOREPLY) {
+ fail("Unsupported ICMP type: " + type);
+ }
+
+ // Build ICMP echo id and seq fields as payload. Ignore the data field.
+ final ByteBuffer payload = ByteBuffer.allocate(4);
+ payload.putShort(id);
+ payload.putShort(seq);
+ payload.rewind();
+
+ final boolean hasEther = (srcMac != null && dstMac != null);
+ final int etherHeaderLen = hasEther ? Struct.getSize(EthernetHeader.class) : 0;
+ final int ipv4HeaderLen = Struct.getSize(Ipv4Header.class);
+ final int Icmpv4HeaderLen = Struct.getSize(Icmpv4Header.class);
+ final int payloadLen = payload.limit();
+ final ByteBuffer packet = ByteBuffer.allocate(etherHeaderLen + ipv4HeaderLen
+ + Icmpv4HeaderLen + payloadLen);
+
+ // [1] Ethernet header
+ if (hasEther) {
+ final EthernetHeader ethHeader = new EthernetHeader(dstMac, srcMac, ETHER_TYPE_IPV4);
+ ethHeader.writeToByteBuffer(packet);
+ }
+
+ // [2] IP header
+ final Ipv4Header ipv4Header = new Ipv4Header(TYPE_OF_SERVICE,
+ (short) 0 /* totalLength, calculate later */, ID,
+ FLAGS_AND_FRAGMENT_OFFSET, TIME_TO_LIVE, (byte) IPPROTO_ICMP,
+ (short) 0 /* checksum, calculate later */, srcIp, dstIp);
+ ipv4Header.writeToByteBuffer(packet);
+
+ // [3] ICMP header
+ final Icmpv4Header icmpv4Header = new Icmpv4Header((byte) type, ICMPECHO_CODE,
+ (short) 0 /* checksum, calculate later */);
+ icmpv4Header.writeToByteBuffer(packet);
+
+ // [4] Payload
+ packet.put(payload);
+ packet.flip();
+
+ // [5] Finalize packet
+ // Used for updating IP header fields. If there is Ehternet header, IPv4 header offset
+ // in buffer equals ethernet header length because IPv4 header is located next to ethernet
+ // header. Otherwise, IPv4 header offset is 0.
+ final int ipv4HeaderOffset = hasEther ? etherHeaderLen : 0;
+
+ // Populate the IPv4 totalLength field.
+ packet.putShort(ipv4HeaderOffset + IPV4_LENGTH_OFFSET,
+ (short) (ipv4HeaderLen + Icmpv4HeaderLen + payloadLen));
+
+ // Populate the IPv4 header checksum field.
+ packet.putShort(ipv4HeaderOffset + IPV4_CHECKSUM_OFFSET,
+ ipChecksum(packet, ipv4HeaderOffset /* headerOffset */));
+
+ // Populate the ICMP checksum field.
+ packet.putShort(ipv4HeaderOffset + IPV4_HEADER_MIN_LEN + ICMP_CHECKSUM_OFFSET,
+ icmpChecksum(packet, ipv4HeaderOffset + IPV4_HEADER_MIN_LEN,
+ Icmpv4HeaderLen + payloadLen));
+ return packet;
+ }
+
+ @NonNull
+ private ByteBuffer buildIcmpEchoPacketV4(@NonNull final Inet4Address srcIp,
+ @NonNull final Inet4Address dstIp, int type, short id, short seq)
+ throws Exception {
+ return buildIcmpEchoPacketV4(null /* srcMac */, null /* dstMac */, srcIp, dstIp,
+ type, id, seq);
+ }
+
+ @Test
+ public void testIcmpv4Echo() throws Exception {
+ final TetheringTester tester = initTetheringTester(toList(TEST_IP4_ADDR),
+ toList(TEST_IP4_DNS));
+ final TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, false /* hasIpv6 */);
+
+ // TODO: remove the connectivity verification for upstream connected notification race.
+ // See the same reason in runUdp4Test().
+ probeV4TetheringConnectivity(tester, tethered, false /* is4To6 */);
+
+ final ByteBuffer request = buildIcmpEchoPacketV4(tethered.macAddr /* srcMac */,
+ tethered.routerMacAddr /* dstMac */, tethered.ipv4Addr /* srcIp */,
+ REMOTE_IP4_ADDR /* dstIp */, ICMP_ECHO, ICMPECHO_ID, ICMPECHO_SEQ);
+ tester.verifyUpload(request, p -> {
+ Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
+
+ return isExpectedIcmpPacket(p, false /* hasEth */, true /* isIpv4 */, ICMP_ECHO);
+ });
+
+ final ByteBuffer reply = buildIcmpEchoPacketV4(REMOTE_IP4_ADDR /* srcIp*/,
+ (Inet4Address) TEST_IP4_ADDR.getAddress() /* dstIp */, ICMP_ECHOREPLY, ICMPECHO_ID,
+ ICMPECHO_SEQ);
+ tester.verifyDownload(reply, p -> {
+ Log.d(TAG, "Packet in downstream: " + dumpHexString(p));
+
+ return isExpectedIcmpPacket(p, true /* hasEth */, true /* isIpv4 */, ICMP_ECHOREPLY);
+ });
+ }
+
+ // TODO: support R device. See b/234727688.
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.R)
+ public void testTetherClatIcmp() throws Exception {
+ // CLAT only starts on IPv6 only network.
+ final TetheringTester tester = initTetheringTester(toList(TEST_IP6_ADDR),
+ toList(TEST_IP6_DNS));
+ final TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, true /* hasIpv6 */);
+
+ // Get CLAT IPv6 address.
+ final Inet6Address clatIp6 = getClatIpv6Address(tester, tethered);
+
+ // Send an IPv4 ICMP packet in original direction.
+ // IPv4 packet -- CLAT translation --> IPv6 packet
+ final ByteBuffer request = buildIcmpEchoPacketV4(tethered.macAddr /* srcMac */,
+ tethered.routerMacAddr /* dstMac */, tethered.ipv4Addr /* srcIp */,
+ (Inet4Address) REMOTE_IP4_ADDR /* dstIp */, ICMP_ECHO, ICMPECHO_ID, ICMPECHO_SEQ);
+ tester.verifyUpload(request, p -> {
+ Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
+
+ return isExpectedIcmpPacket(p, false /* hasEth */, false /* isIpv4 */,
+ ICMPV6_ECHO_REQUEST_TYPE);
+ });
+
+ // Send an IPv6 ICMP packet in reply direction.
+ // IPv6 packet -- CLAT translation --> IPv4 packet
+ final ByteBuffer reply = Ipv6Utils.buildEchoReplyPacket(
+ (Inet6Address) REMOTE_NAT64_ADDR /* srcIp */, clatIp6 /* dstIp */);
+ tester.verifyDownload(reply, p -> {
+ Log.d(TAG, "Packet in downstream: " + dumpHexString(p));
+
+ return isExpectedIcmpPacket(p, true /* hasEth */, true /* isIpv4 */, ICMP_ECHOREPLY);
+ });
+ }
+
+ @NonNull
+ private ByteBuffer buildDnsReplyMessageById(short id) {
+ byte[] replyMessage = Arrays.copyOf(DNS_REPLY, DNS_REPLY.length);
+ // Assign transaction id of reply message pattern with a given DNS transaction id.
+ replyMessage[0] = (byte) ((id >> 8) & 0xff);
+ replyMessage[1] = (byte) (id & 0xff);
+ Log.d(TAG, "Built DNS reply: " + dumpHexString(replyMessage));
+
+ return ByteBuffer.wrap(replyMessage);
+ }
+
+ @NonNull
+ private void sendDownloadPacketDnsV4(@NonNull final Inet4Address srcIp,
+ @NonNull final Inet4Address dstIp, short srcPort, short dstPort, short dnsId,
+ @NonNull final TetheringTester tester) throws Exception {
+ // DNS response transaction id must be copied from DNS query. Used by the requester
+ // to match up replies to outstanding queries. See RFC 1035 section 4.1.1.
+ final ByteBuffer dnsReplyMessage = buildDnsReplyMessageById(dnsId);
+ final ByteBuffer testPacket = buildUdpPacket((InetAddress) srcIp,
+ (InetAddress) dstIp, srcPort, dstPort, dnsReplyMessage);
+
+ tester.verifyDownload(testPacket, p -> {
+ Log.d(TAG, "Packet in downstream: " + dumpHexString(p));
+ return isExpectedUdpDnsPacket(p, true /* hasEther */, true /* isIpv4 */,
+ dnsReplyMessage);
+ });
+ }
+
+ // Send IPv4 UDP DNS packet and return the forwarded DNS packet on upstream.
+ @NonNull
+ private byte[] sendUploadPacketDnsV4(@NonNull final MacAddress srcMac,
+ @NonNull final MacAddress dstMac, @NonNull final Inet4Address srcIp,
+ @NonNull final Inet4Address dstIp, short srcPort, short dstPort,
+ @NonNull final TetheringTester tester) throws Exception {
+ final ByteBuffer testPacket = buildUdpPacket(srcMac, dstMac, srcIp, dstIp,
+ srcPort, dstPort, DNS_QUERY);
+
+ return tester.verifyUpload(testPacket, p -> {
+ Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
+ return isExpectedUdpDnsPacket(p, false /* hasEther */, true /* isIpv4 */,
+ DNS_QUERY);
+ });
+ }
+
+ @Test
+ public void testTetherUdpV4Dns() throws Exception {
+ final TetheringTester tester = initTetheringTester(toList(TEST_IP4_ADDR),
+ toList(TEST_IP4_DNS));
+ final TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, false /* hasIpv6 */);
+
+ // TODO: remove the connectivity verification for upstream connected notification race.
+ // See the same reason in runUdp4Test().
+ probeV4TetheringConnectivity(tester, tethered, false /* is4To6 */);
+
+ // [1] Send DNS query.
+ // tethered device --> downstream --> dnsmasq forwarding --> upstream --> DNS server
+ //
+ // Need to extract DNS transaction id and source port from dnsmasq forwarded DNS query
+ // packet. dnsmasq forwarding creats new query which means UDP source port and DNS
+ // transaction id are changed from original sent DNS query. See forward_query() in
+ // external/dnsmasq/src/forward.c. Note that #TetheringTester.isExpectedUdpDnsPacket
+ // guarantees that |forwardedQueryPacket| is a valid DNS packet. So we can parse it as DNS
+ // packet.
+ final MacAddress srcMac = tethered.macAddr;
+ final MacAddress dstMac = tethered.routerMacAddr;
+ final Inet4Address clientIp = tethered.ipv4Addr;
+ final Inet4Address gatewayIp = tethered.ipv4Gatway;
+ final byte[] forwardedQueryPacket = sendUploadPacketDnsV4(srcMac, dstMac, clientIp,
+ gatewayIp, LOCAL_PORT, DNS_PORT, tester);
+ final ByteBuffer buf = ByteBuffer.wrap(forwardedQueryPacket);
+ Struct.parse(Ipv4Header.class, buf);
+ final UdpHeader udpHeader = Struct.parse(UdpHeader.class, buf);
+ final TestDnsPacket dnsQuery = TestDnsPacket.getTestDnsPacket(buf);
+ assertNotNull(dnsQuery);
+ Log.d(TAG, "Forwarded UDP source port: " + udpHeader.srcPort + ", DNS query id: "
+ + dnsQuery.getHeader().getId());
+
+ // [2] Send DNS reply.
+ // DNS server --> upstream --> dnsmasq forwarding --> downstream --> tethered device
+ //
+ // DNS reply transaction id must be copied from DNS query. Used by the requester to match
+ // up replies to outstanding queries. See RFC 1035 section 4.1.1.
+ final Inet4Address remoteIp = (Inet4Address) TEST_IP4_DNS;
+ final Inet4Address tetheringUpstreamIp = (Inet4Address) TEST_IP4_ADDR.getAddress();
+ sendDownloadPacketDnsV4(remoteIp, tetheringUpstreamIp, DNS_PORT,
+ (short) udpHeader.srcPort, (short) dnsQuery.getHeader().getId(), tester);
+ }
+
+ @NonNull
+ private ByteBuffer buildTcpPacket(
+ @Nullable final MacAddress srcMac, @Nullable final MacAddress dstMac,
+ @NonNull final InetAddress srcIp, @NonNull final InetAddress dstIp,
+ short srcPort, short dstPort, final short seq, final short ack,
+ final byte tcpFlags, @NonNull final ByteBuffer payload) throws Exception {
+ final int ipProto = getIpProto(srcIp, dstIp);
+ final boolean hasEther = (srcMac != null && dstMac != null);
+ final ByteBuffer buffer = PacketBuilder.allocate(hasEther, ipProto, IPPROTO_TCP,
+ payload.limit());
+ final PacketBuilder packetBuilder = new PacketBuilder(buffer);
+
+ // [1] Ethernet header
+ if (hasEther) {
+ packetBuilder.writeL2Header(srcMac, dstMac, getEthType(srcIp, dstIp));
+ }
+
+ // [2] IP header
+ if (ipProto == IPPROTO_IP) {
+ packetBuilder.writeIpv4Header(TYPE_OF_SERVICE, ID, FLAGS_AND_FRAGMENT_OFFSET,
+ TIME_TO_LIVE, (byte) IPPROTO_TCP, (Inet4Address) srcIp, (Inet4Address) dstIp);
+ } else {
+ packetBuilder.writeIpv6Header(VERSION_TRAFFICCLASS_FLOWLABEL, (byte) IPPROTO_TCP,
+ HOP_LIMIT, (Inet6Address) srcIp, (Inet6Address) dstIp);
+ }
+
+ // [3] TCP header
+ packetBuilder.writeTcpHeader(srcPort, dstPort, seq, ack, tcpFlags, WINDOW, URGENT_POINTER);
+
+ // [4] Payload
+ buffer.put(payload);
+ // in case data might be reused by caller, restore the position and
+ // limit of bytebuffer.
+ payload.clear();
+
+ return packetBuilder.finalizePacket();
+ }
+
+ private void sendDownloadPacketTcp(@NonNull final InetAddress srcIp,
+ @NonNull final InetAddress dstIp, short seq, short ack, byte tcpFlags,
+ @NonNull final ByteBuffer payload, @NonNull final TetheringTester tester,
+ boolean is6To4) throws Exception {
+ if (is6To4) {
+ assertFalse("CLAT download test must sends IPv6 packet", isAddressIpv4(srcIp, dstIp));
+ }
+
+ // Expected received TCP packet IP protocol. While testing CLAT (is6To4 = true), the packet
+ // on downstream must be IPv4. Otherwise, the IP protocol of test packet is the same on
+ // both downstream and upstream.
+ final boolean isIpv4 = is6To4 ? true : isAddressIpv4(srcIp, dstIp);
+
+ final ByteBuffer testPacket = buildTcpPacket(null /* srcMac */, null /* dstMac */,
+ srcIp, dstIp, REMOTE_PORT /* srcPort */, LOCAL_PORT /* dstPort */, seq, ack,
+ tcpFlags, payload);
+ tester.verifyDownload(testPacket, p -> {
+ Log.d(TAG, "Packet in downstream: " + dumpHexString(p));
+
+ return isExpectedTcpPacket(p, true /* hasEther */, isIpv4, seq, payload);
+ });
+ }
+
+ private void sendUploadPacketTcp(@NonNull final MacAddress srcMac,
+ @NonNull final MacAddress dstMac, @NonNull final InetAddress srcIp,
+ @NonNull final InetAddress dstIp, short seq, short ack, byte tcpFlags,
+ @NonNull final ByteBuffer payload, @NonNull final TetheringTester tester,
+ boolean is4To6) throws Exception {
+ if (is4To6) {
+ assertTrue("CLAT upload test must sends IPv4 packet", isAddressIpv4(srcIp, dstIp));
+ }
+
+ // Expected received TCP packet IP protocol. While testing CLAT (is4To6 = true), the packet
+ // on upstream must be IPv6. Otherwise, the IP protocol of test packet is the same on
+ // both downstream and upstream.
+ final boolean isIpv4 = is4To6 ? false : isAddressIpv4(srcIp, dstIp);
+
+ final ByteBuffer testPacket = buildTcpPacket(srcMac, dstMac, srcIp, dstIp,
+ LOCAL_PORT /* srcPort */, REMOTE_PORT /* dstPort */, seq, ack, tcpFlags,
+ payload);
+ tester.verifyUpload(testPacket, p -> {
+ Log.d(TAG, "Packet in upstream: " + dumpHexString(p));
+
+ return isExpectedTcpPacket(p, false /* hasEther */, isIpv4, seq, payload);
+ });
+ }
+
+ void runTcpTest(
+ @NonNull final MacAddress uploadSrcMac, @NonNull final MacAddress uploadDstMac,
+ @NonNull final InetAddress uploadSrcIp, @NonNull final InetAddress uploadDstIp,
+ @NonNull final InetAddress downloadSrcIp, @NonNull final InetAddress downloadDstIp,
+ @NonNull final TetheringTester tester, boolean isClat) throws Exception {
+ // Three way handshake and data transfer.
+ //
+ // Server (base seq = 2000) Client (base seq = 1000)
+ // | |
+ // | [1] [SYN] SEQ = 1000 |
+ // |<---------------------------------------------------------| -
+ // | | ^
+ // | [2] [SYN + ACK] SEQ = 2000, ACK = 1000+1 | |
+ // |--------------------------------------------------------->| three way handshake
+ // | | |
+ // | [3] [ACK] SEQ = 1001, ACK = 2000+1 | v
+ // |<---------------------------------------------------------| -
+ // | | ^
+ // | [4] [ACK] SEQ = 1001, ACK = 2001, 2 byte payload | |
+ // |<---------------------------------------------------------| data transfer
+ // | | |
+ // | [5] [ACK] SEQ = 2001, ACK = 1001+2, 2 byte payload | v
+ // |--------------------------------------------------------->| -
+ // | |
+ //
+
+ // This test can only verify the packets are transferred end to end but TCP state.
+ // TODO: verify TCP state change via /proc/net/nf_conntrack or netlink conntrack event.
+ // [1] [UPLOAD] [SYN]: SEQ = 1000
+ sendUploadPacketTcp(uploadSrcMac, uploadDstMac, uploadSrcIp, uploadDstIp,
+ (short) 1000 /* seq */, (short) 0 /* ack */, TCPHDR_SYN, EMPTY_PAYLOAD,
+ tester, isClat /* is4To6 */);
+
+ // [2] [DONWLOAD] [SYN + ACK]: SEQ = 2000, ACK = 1001
+ sendDownloadPacketTcp(downloadSrcIp, downloadDstIp, (short) 2000 /* seq */,
+ (short) 1001 /* ack */, (byte) ((TCPHDR_SYN | TCPHDR_ACK) & 0xff), EMPTY_PAYLOAD,
+ tester, isClat /* is6To4 */);
+
+ // [3] [UPLOAD] [ACK]: SEQ = 1001, ACK = 2001
+ sendUploadPacketTcp(uploadSrcMac, uploadDstMac, uploadSrcIp, uploadDstIp,
+ (short) 1001 /* seq */, (short) 2001 /* ack */, TCPHDR_ACK, EMPTY_PAYLOAD, tester,
+ isClat /* is4To6 */);
+
+ // [4] [UPLOAD] [ACK]: SEQ = 1001, ACK = 2001, 2 byte payload
+ sendUploadPacketTcp(uploadSrcMac, uploadDstMac, uploadSrcIp, uploadDstIp,
+ (short) 1001 /* seq */, (short) 2001 /* ack */, TCPHDR_ACK, TX_PAYLOAD,
+ tester, isClat /* is4To6 */);
+
+ // [5] [DONWLOAD] [ACK]: SEQ = 2001, ACK = 1003, 2 byte payload
+ sendDownloadPacketTcp(downloadSrcIp, downloadDstIp, (short) 2001 /* seq */,
+ (short) 1003 /* ack */, TCPHDR_ACK, RX_PAYLOAD, tester, isClat /* is6To4 */);
+
+ // TODO: test BPF offload maps.
+ }
+
+ @Test
+ public void testTetherTcpV4() throws Exception {
+ final TetheringTester tester = initTetheringTester(toList(TEST_IP4_ADDR),
+ toList(TEST_IP4_DNS));
+ final TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, false /* hasIpv6 */);
+
+ // TODO: remove the connectivity verification for upstream connected notification race.
+ // See the same reason in runUdp4Test().
+ probeV4TetheringConnectivity(tester, tethered, false /* is4To6 */);
+
+ runTcpTest(tethered.macAddr /* uploadSrcMac */, tethered.routerMacAddr /* uploadDstMac */,
+ tethered.ipv4Addr /* uploadSrcIp */, REMOTE_IP4_ADDR /* uploadDstIp */,
+ REMOTE_IP4_ADDR /* downloadSrcIp */, TEST_IP4_ADDR.getAddress() /* downloadDstIp */,
+ tester, false /* isClat */);
+ }
+
+ @Test
+ public void testTetherTcpV6() throws Exception {
+ final TetheringTester tester = initTetheringTester(toList(TEST_IP6_ADDR),
+ toList(TEST_IP6_DNS));
+ final TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, true /* hasIpv6 */);
+
+ runTcpTest(tethered.macAddr /* uploadSrcMac */, tethered.routerMacAddr /* uploadDstMac */,
+ tethered.ipv6Addr /* uploadSrcIp */, REMOTE_IP6_ADDR /* uploadDstIp */,
+ REMOTE_IP6_ADDR /* downloadSrcIp */, tethered.ipv6Addr /* downloadDstIp */,
+ tester, false /* isClat */);
+ }
+
+ // TODO: support R device. See b/234727688.
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.R)
+ public void testTetherClatTcp() throws Exception {
+ // CLAT only starts on IPv6 only network.
+ final TetheringTester tester = initTetheringTester(toList(TEST_IP6_ADDR),
+ toList(TEST_IP6_DNS));
+ final TetheredDevice tethered = tester.createTetheredDevice(TEST_MAC, true /* hasIpv6 */);
+
+ // Get CLAT IPv6 address.
+ final Inet6Address clatIp6 = getClatIpv6Address(tester, tethered);
+
+ runTcpTest(tethered.macAddr /* uploadSrcMac */, tethered.routerMacAddr /* uploadDstMac */,
+ tethered.ipv4Addr /* uploadSrcIp */, REMOTE_IP4_ADDR /* uploadDstIp */,
+ REMOTE_NAT64_ADDR /* downloadSrcIp */, clatIp6 /* downloadDstIp */,
+ tester, true /* isClat */);
+ }
+
private <T> List<T> toList(T... array) {
return Arrays.asList(array);
}
diff --git a/Tethering/tests/integration/src/android/net/TetheringTester.java b/Tethering/tests/integration/src/android/net/TetheringTester.java
index d24661a..ae39b24 100644
--- a/Tethering/tests/integration/src/android/net/TetheringTester.java
+++ b/Tethering/tests/integration/src/android/net/TetheringTester.java
@@ -16,10 +16,32 @@
package android.net;
+import static android.net.InetAddresses.parseNumericAddress;
+import static android.system.OsConstants.IPPROTO_ICMP;
+import static android.system.OsConstants.IPPROTO_ICMPV6;
+import static android.system.OsConstants.IPPROTO_TCP;
+import static android.system.OsConstants.IPPROTO_UDP;
+
+import static com.android.net.module.util.DnsPacket.ANSECTION;
+import static com.android.net.module.util.DnsPacket.ARSECTION;
+import static com.android.net.module.util.DnsPacket.NSSECTION;
+import static com.android.net.module.util.DnsPacket.QDSECTION;
+import static com.android.net.module.util.HexDump.dumpHexString;
import static com.android.net.module.util.NetworkStackConstants.ARP_REPLY;
import static com.android.net.module.util.NetworkStackConstants.ARP_REQUEST;
import static com.android.net.module.util.NetworkStackConstants.ETHER_ADDR_LEN;
import static com.android.net.module.util.NetworkStackConstants.ETHER_BROADCAST;
+import static com.android.net.module.util.NetworkStackConstants.ETHER_TYPE_IPV4;
+import static com.android.net.module.util.NetworkStackConstants.ETHER_TYPE_IPV6;
+import static com.android.net.module.util.NetworkStackConstants.ICMPV6_ND_OPTION_PIO;
+import static com.android.net.module.util.NetworkStackConstants.ICMPV6_ND_OPTION_SLLA;
+import static com.android.net.module.util.NetworkStackConstants.ICMPV6_ND_OPTION_TLLA;
+import static com.android.net.module.util.NetworkStackConstants.ICMPV6_NEIGHBOR_SOLICITATION;
+import static com.android.net.module.util.NetworkStackConstants.ICMPV6_ROUTER_ADVERTISEMENT;
+import static com.android.net.module.util.NetworkStackConstants.IPV6_ADDR_ALL_NODES_MULTICAST;
+import static com.android.net.module.util.NetworkStackConstants.NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE;
+import static com.android.net.module.util.NetworkStackConstants.NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED;
+import static com.android.net.module.util.NetworkStackConstants.TCPHDR_SYN;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.fail;
@@ -27,16 +49,37 @@
import android.net.dhcp.DhcpAckPacket;
import android.net.dhcp.DhcpOfferPacket;
import android.net.dhcp.DhcpPacket;
+import android.text.TextUtils;
import android.util.ArrayMap;
import android.util.Log;
+import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
+import com.android.net.module.util.DnsPacket;
+import com.android.net.module.util.Ipv6Utils;
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.structs.EthernetHeader;
+import com.android.net.module.util.structs.Icmpv4Header;
+import com.android.net.module.util.structs.Icmpv6Header;
+import com.android.net.module.util.structs.Ipv4Header;
+import com.android.net.module.util.structs.Ipv6Header;
+import com.android.net.module.util.structs.LlaOption;
+import com.android.net.module.util.structs.NsHeader;
+import com.android.net.module.util.structs.PrefixInformationOption;
+import com.android.net.module.util.structs.RaHeader;
+import com.android.net.module.util.structs.TcpHeader;
+import com.android.net.module.util.structs.UdpHeader;
import com.android.networkstack.arp.ArpPacket;
import com.android.testutils.TapPacketReader;
import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.InetAddress;
import java.nio.ByteBuffer;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
import java.util.Random;
import java.util.concurrent.TimeoutException;
import java.util.function.Predicate;
@@ -48,33 +91,42 @@
*/
public final class TetheringTester {
private static final String TAG = TetheringTester.class.getSimpleName();
- private static final int PACKET_READ_TIMEOUT_MS = 100;
+ private static final int PACKET_READ_TIMEOUT_MS = 500;
private static final int DHCP_DISCOVER_ATTEMPTS = 10;
+ private static final int READ_RA_ATTEMPTS = 10;
private static final byte[] DHCP_REQUESTED_PARAMS = new byte[] {
DhcpPacket.DHCP_SUBNET_MASK,
DhcpPacket.DHCP_ROUTER,
DhcpPacket.DHCP_DNS_SERVER,
DhcpPacket.DHCP_LEASE_TIME,
};
+ private static final InetAddress LINK_LOCAL = parseNumericAddress("fe80::1");
public static final String DHCP_HOSTNAME = "testhostname";
private final ArrayMap<MacAddress, TetheredDevice> mTetheredDevices;
private final TapPacketReader mDownstreamReader;
+ private final TapPacketReader mUpstreamReader;
public TetheringTester(TapPacketReader downstream) {
+ this(downstream, null);
+ }
+
+ public TetheringTester(TapPacketReader downstream, TapPacketReader upstream) {
if (downstream == null) fail("Downstream reader could not be NULL");
mDownstreamReader = downstream;
+ mUpstreamReader = upstream;
mTetheredDevices = new ArrayMap<>();
}
- public TetheredDevice createTetheredDevice(MacAddress macAddr) throws Exception {
+ public TetheredDevice createTetheredDevice(MacAddress macAddr, boolean hasIpv6)
+ throws Exception {
if (mTetheredDevices.get(macAddr) != null) {
fail("Tethered device already created");
}
- TetheredDevice tethered = new TetheredDevice(macAddr);
+ TetheredDevice tethered = new TetheredDevice(macAddr, hasIpv6);
mTetheredDevices.put(macAddr, tethered);
return tethered;
@@ -84,14 +136,17 @@
public final MacAddress macAddr;
public final MacAddress routerMacAddr;
public final Inet4Address ipv4Addr;
+ public final Inet4Address ipv4Gatway;
+ public final Inet6Address ipv6Addr;
- private TetheredDevice(MacAddress mac) throws Exception {
+ private TetheredDevice(MacAddress mac, boolean hasIpv6) throws Exception {
macAddr = mac;
-
DhcpResults dhcpResults = runDhcp(macAddr.toByteArray());
ipv4Addr = (Inet4Address) dhcpResults.ipAddress.getAddress();
+ ipv4Gatway = (Inet4Address) dhcpResults.gateway;
routerMacAddr = getRouterMacAddressFromArp(ipv4Addr, macAddr,
dhcpResults.serverAddress);
+ ipv6Addr = hasIpv6 ? runSlaac(macAddr, routerMacAddr) : null;
}
}
@@ -141,7 +196,7 @@
}
private DhcpPacket getNextDhcpPacket() throws Exception {
- final byte[] packet = getNextMatchedPacket((p) -> {
+ final byte[] packet = getDownloadPacket((p) -> {
// Test whether this is DHCP packet.
try {
DhcpPacket.decodeFullPacket(p, p.length, DhcpPacket.ENCAP_L2);
@@ -184,7 +239,7 @@
tethered.ipv4Addr.getAddress() /* sender IP */,
(short) ARP_REPLY);
try {
- sendPacket(arpReply);
+ sendUploadPacket(arpReply);
} catch (Exception e) {
fail("Failed to reply ARP for " + tethered.ipv4Addr);
}
@@ -198,9 +253,9 @@
tetherMac.toByteArray() /* srcMac */, routerIp.getAddress() /* target IP */,
new byte[ETHER_ADDR_LEN] /* target HW address */,
tetherIp.getAddress() /* sender IP */, (short) ARP_REQUEST);
- sendPacket(arpProbe);
+ sendUploadPacket(arpProbe);
- final byte[] packet = getNextMatchedPacket((p) -> {
+ final byte[] packet = getDownloadPacket((p) -> {
final ArpPacket arpPacket = parseArpPacket(p);
if (arpPacket == null || arpPacket.opCode != ARP_REPLY) return false;
return arpPacket.targetIp.equals(tetherIp);
@@ -216,45 +271,413 @@
return null;
}
- public void sendPacket(ByteBuffer packet) throws Exception {
+ private List<PrefixInformationOption> getRaPrefixOptions(byte[] packet) {
+ ByteBuffer buf = ByteBuffer.wrap(packet);
+ if (!isExpectedIcmpPacket(buf, true /* hasEth */, false /* isIpv4 */,
+ ICMPV6_ROUTER_ADVERTISEMENT)) {
+ fail("Parsing RA packet fail");
+ }
+
+ Struct.parse(RaHeader.class, buf);
+ final ArrayList<PrefixInformationOption> pioList = new ArrayList<>();
+ while (buf.position() < packet.length) {
+ final int currentPos = buf.position();
+ final int type = Byte.toUnsignedInt(buf.get());
+ final int length = Byte.toUnsignedInt(buf.get());
+ if (type == ICMPV6_ND_OPTION_PIO) {
+ final ByteBuffer pioBuf = ByteBuffer.wrap(buf.array(), currentPos,
+ Struct.getSize(PrefixInformationOption.class));
+ final PrefixInformationOption pio =
+ Struct.parse(PrefixInformationOption.class, pioBuf);
+ pioList.add(pio);
+
+ // Move ByteBuffer position to the next option.
+ buf.position(currentPos + Struct.getSize(PrefixInformationOption.class));
+ } else {
+ buf.position(currentPos + (length * 8));
+ }
+ }
+ return pioList;
+ }
+
+ private Inet6Address runSlaac(MacAddress srcMac, MacAddress dstMac) throws Exception {
+ sendRsPacket(srcMac, dstMac);
+
+ final byte[] raPacket = verifyPacketNotNull("Receive RA fail", getDownloadPacket(p -> {
+ return isExpectedIcmpPacket(p, true /* hasEth */, false /* isIpv4 */,
+ ICMPV6_ROUTER_ADVERTISEMENT);
+ }));
+
+ final List<PrefixInformationOption> options = getRaPrefixOptions(raPacket);
+
+ for (PrefixInformationOption pio : options) {
+ if (pio.validLifetime > 0) {
+ final byte[] addressBytes = pio.prefix;
+ // Random the last two bytes as suffix.
+ // TODO: Currently do not implmement DAD in the test. Rely the gateway ipv6 address
+ // genetrated by tethering module always has random the last byte.
+ addressBytes[addressBytes.length - 1] = (byte) (new Random()).nextInt();
+ addressBytes[addressBytes.length - 2] = (byte) (new Random()).nextInt();
+
+ return (Inet6Address) InetAddress.getByAddress(addressBytes);
+ }
+ }
+
+ fail("No available ipv6 prefix");
+ return null;
+ }
+
+ private void sendRsPacket(MacAddress srcMac, MacAddress dstMac) throws Exception {
+ Log.d(TAG, "Sending RS");
+ ByteBuffer slla = LlaOption.build((byte) ICMPV6_ND_OPTION_SLLA, srcMac);
+ ByteBuffer rs = Ipv6Utils.buildRsPacket(srcMac, dstMac, (Inet6Address) LINK_LOCAL,
+ IPV6_ADDR_ALL_NODES_MULTICAST, slla);
+
+ sendUploadPacket(rs);
+ }
+
+ private void maybeReplyNa(byte[] packet) {
+ ByteBuffer buf = ByteBuffer.wrap(packet);
+ final EthernetHeader ethHdr = Struct.parse(EthernetHeader.class, buf);
+ if (ethHdr.etherType != ETHER_TYPE_IPV6) return;
+
+ final Ipv6Header ipv6Hdr = Struct.parse(Ipv6Header.class, buf);
+ if (ipv6Hdr.nextHeader != (byte) IPPROTO_ICMPV6) return;
+
+ final Icmpv6Header icmpv6Hdr = Struct.parse(Icmpv6Header.class, buf);
+ if (icmpv6Hdr.type != (short) ICMPV6_NEIGHBOR_SOLICITATION) return;
+
+ final NsHeader nsHdr = Struct.parse(NsHeader.class, buf);
+ for (int i = 0; i < mTetheredDevices.size(); i++) {
+ TetheredDevice tethered = mTetheredDevices.valueAt(i);
+ if (!nsHdr.target.equals(tethered.ipv6Addr)) continue;
+
+ final ByteBuffer tlla = LlaOption.build((byte) ICMPV6_ND_OPTION_TLLA, tethered.macAddr);
+ int flags = NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED
+ | NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE;
+ ByteBuffer ns = Ipv6Utils.buildNaPacket(tethered.macAddr, tethered.routerMacAddr,
+ nsHdr.target, ipv6Hdr.srcIp, flags, nsHdr.target, tlla);
+ try {
+ sendUploadPacket(ns);
+ } catch (Exception e) {
+ fail("Failed to reply NA for " + tethered.ipv6Addr);
+ }
+
+ return;
+ }
+ }
+
+ public static boolean isExpectedIcmpPacket(byte[] packet, boolean hasEth, boolean isIpv4,
+ int type) {
+ final ByteBuffer buf = ByteBuffer.wrap(packet);
+ return isExpectedIcmpPacket(buf, hasEth, isIpv4, type);
+ }
+
+ private static boolean isExpectedIcmpPacket(ByteBuffer buf, boolean hasEth, boolean isIpv4,
+ int type) {
+ try {
+ if (hasEth && !hasExpectedEtherHeader(buf, isIpv4)) return false;
+
+ final int ipProto = isIpv4 ? IPPROTO_ICMP : IPPROTO_ICMPV6;
+ if (!hasExpectedIpHeader(buf, isIpv4, ipProto)) return false;
+
+ if (isIpv4) {
+ return Struct.parse(Icmpv4Header.class, buf).type == (short) type;
+ } else {
+ return Struct.parse(Icmpv6Header.class, buf).type == (short) type;
+ }
+ } catch (Exception e) {
+ // Parsing packet fail means it is not icmp packet.
+ }
+
+ return false;
+ }
+
+ private static boolean hasExpectedEtherHeader(@NonNull final ByteBuffer buf, boolean isIpv4)
+ throws Exception {
+ final int expected = isIpv4 ? ETHER_TYPE_IPV4 : ETHER_TYPE_IPV6;
+
+ return Struct.parse(EthernetHeader.class, buf).etherType == expected;
+ }
+
+ private static boolean hasExpectedIpHeader(@NonNull final ByteBuffer buf, boolean isIpv4,
+ int ipProto) throws Exception {
+ if (isIpv4) {
+ return Struct.parse(Ipv4Header.class, buf).protocol == (byte) ipProto;
+ } else {
+ return Struct.parse(Ipv6Header.class, buf).nextHeader == (byte) ipProto;
+ }
+ }
+
+ private static boolean isExpectedUdpPacket(@NonNull final byte[] rawPacket, boolean hasEth,
+ boolean isIpv4, Predicate<ByteBuffer> payloadVerifier) {
+ final ByteBuffer buf = ByteBuffer.wrap(rawPacket);
+ try {
+ if (hasEth && !hasExpectedEtherHeader(buf, isIpv4)) return false;
+
+ if (!hasExpectedIpHeader(buf, isIpv4, IPPROTO_UDP)) return false;
+
+ if (Struct.parse(UdpHeader.class, buf) == null) return false;
+
+ if (!payloadVerifier.test(buf)) return false;
+ } catch (Exception e) {
+ // Parsing packet fail means it is not udp packet.
+ return false;
+ }
+ return true;
+ }
+
+ // Returns remaining bytes in the ByteBuffer in a new byte array of the right size. The
+ // ByteBuffer will be empty upon return. Used to avoid lint warning.
+ // See https://errorprone.info/bugpattern/ByteBufferBackingArray
+ private static byte[] getRemaining(final ByteBuffer buf) {
+ final byte[] bytes = new byte[buf.remaining()];
+ buf.get(bytes);
+ Log.d(TAG, "Get remaining bytes: " + dumpHexString(bytes));
+ return bytes;
+ }
+
+ // |expectedPayload| is copied as read-only because the caller may reuse it.
+ public static boolean isExpectedUdpPacket(@NonNull final byte[] rawPacket, boolean hasEth,
+ boolean isIpv4, @NonNull final ByteBuffer expectedPayload) {
+ return isExpectedUdpPacket(rawPacket, hasEth, isIpv4, p -> {
+ if (p.remaining() != expectedPayload.limit()) return false;
+
+ return Arrays.equals(getRemaining(p), getRemaining(
+ expectedPayload.asReadOnlyBuffer()));
+ });
+ }
+
+ // |expectedPayload| is copied as read-only because the caller may reuse it.
+ // See hasExpectedDnsMessage.
+ public static boolean isExpectedUdpDnsPacket(@NonNull final byte[] rawPacket, boolean hasEth,
+ boolean isIpv4, @NonNull final ByteBuffer expectedPayload) {
+ return isExpectedUdpPacket(rawPacket, hasEth, isIpv4, p -> {
+ return hasExpectedDnsMessage(p, expectedPayload);
+ });
+ }
+
+ public static class TestDnsPacket extends DnsPacket {
+ TestDnsPacket(byte[] data) throws DnsPacket.ParseException {
+ super(data);
+ }
+
+ @Nullable
+ public static TestDnsPacket getTestDnsPacket(final ByteBuffer buf) {
+ try {
+ // The ByteBuffer will be empty upon return.
+ return new TestDnsPacket(getRemaining(buf));
+ } catch (DnsPacket.ParseException e) {
+ return null;
+ }
+ }
+
+ public DnsHeader getHeader() {
+ return mHeader;
+ }
+
+ public List<DnsRecord> getRecordList(int secType) {
+ return mRecords[secType];
+ }
+
+ public int getANCount() {
+ return mHeader.getRecordCount(ANSECTION);
+ }
+
+ public int getQDCount() {
+ return mHeader.getRecordCount(QDSECTION);
+ }
+
+ public int getNSCount() {
+ return mHeader.getRecordCount(NSSECTION);
+ }
+
+ public int getARCount() {
+ return mHeader.getRecordCount(ARSECTION);
+ }
+
+ private boolean isRecordsEquals(int type, @NonNull final TestDnsPacket other) {
+ List<DnsRecord> records = getRecordList(type);
+ List<DnsRecord> otherRecords = other.getRecordList(type);
+
+ if (records.size() != otherRecords.size()) return false;
+
+ // Expect that two compared resource records are in the same order. For current tests
+ // in EthernetTetheringTest, it is okay because dnsmasq doesn't reorder the forwarded
+ // resource records.
+ // TODO: consider allowing that compare records out of order.
+ for (int i = 0; i < records.size(); i++) {
+ // TODO: use DnsRecord.equals once aosp/1387135 is merged.
+ if (!TextUtils.equals(records.get(i).dName, otherRecords.get(i).dName)
+ || records.get(i).nsType != otherRecords.get(i).nsType
+ || records.get(i).nsClass != otherRecords.get(i).nsClass
+ || records.get(i).ttl != otherRecords.get(i).ttl
+ || !Arrays.equals(records.get(i).getRR(), otherRecords.get(i).getRR())) {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ public boolean isQDRecordsEquals(@NonNull final TestDnsPacket other) {
+ return isRecordsEquals(QDSECTION, other);
+ }
+
+ public boolean isANRecordsEquals(@NonNull final TestDnsPacket other) {
+ return isRecordsEquals(ANSECTION, other);
+ }
+ }
+
+ // The ByteBuffer |actual| will be empty upon return. The ByteBuffer |excepted| will be copied
+ // as read-only because the caller may reuse it.
+ private static boolean hasExpectedDnsMessage(@NonNull final ByteBuffer actual,
+ @NonNull final ByteBuffer excepted) {
+ // Forwarded DNS message is extracted from remaining received packet buffer which has
+ // already parsed ethernet header, if any, IP header and UDP header.
+ final TestDnsPacket forwardedDns = TestDnsPacket.getTestDnsPacket(actual);
+ if (forwardedDns == null) return false;
+
+ // Original DNS message is the payload of the sending test UDP packet. It is used to check
+ // that the forwarded DNS query and reply have corresponding contents.
+ final TestDnsPacket originalDns = TestDnsPacket.getTestDnsPacket(
+ excepted.asReadOnlyBuffer());
+ assertNotNull(originalDns);
+
+ // Compare original DNS message which is sent to dnsmasq and forwarded DNS message which
+ // is forwarded by dnsmasq. The original message and forwarded message may be not identical
+ // because dnsmasq may change the header flags or even recreate the DNS query message and
+ // so on. We only simple check on forwarded packet and monitor if test will be broken by
+ // vendor dnsmasq customization. See forward_query() in external/dnsmasq/src/forward.c.
+ //
+ // DNS message format. See rfc1035 section 4.1.
+ // +---------------------+
+ // | Header |
+ // +---------------------+
+ // | Question | the question for the name server
+ // +---------------------+
+ // | Answer | RRs answering the question
+ // +---------------------+
+ // | Authority | RRs pointing toward an authority
+ // +---------------------+
+ // | Additional | RRs holding additional information
+ // +---------------------+
+
+ // [1] Header section. See rfc1035 section 4.1.1.
+ // Verify QR flag bit, QDCOUNT, ANCOUNT, NSCOUNT, ARCOUNT.
+ if (originalDns.getHeader().isResponse() != forwardedDns.getHeader().isResponse()) {
+ return false;
+ }
+ if (originalDns.getQDCount() != forwardedDns.getQDCount()) return false;
+ if (originalDns.getANCount() != forwardedDns.getANCount()) return false;
+ if (originalDns.getNSCount() != forwardedDns.getNSCount()) return false;
+ if (originalDns.getARCount() != forwardedDns.getARCount()) return false;
+
+ // [2] Question section. See rfc1035 section 4.1.2.
+ // Question section has at least one entry either DNS query or DNS reply.
+ if (forwardedDns.getRecordList(QDSECTION).isEmpty()) return false;
+ // Expect that original and forwarded message have the same question records (usually 1).
+ if (!originalDns.isQDRecordsEquals(forwardedDns)) return false;
+
+ // [3] Answer section. See rfc1035 section 4.1.3.
+ if (forwardedDns.getHeader().isResponse()) {
+ // DNS reply has at least have one answer in our tests.
+ // See EthernetTetheringTest#testTetherUdpV4Dns.
+ if (forwardedDns.getRecordList(ANSECTION).isEmpty()) return false;
+ // Expect that original and forwarded message have the same answer records.
+ if (!originalDns.isANRecordsEquals(forwardedDns)) return false;
+ }
+
+ // Ignore checking {Authority, Additional} sections because they are not tested
+ // in EthernetTetheringTest.
+ return true;
+ }
+
+
+ private static boolean isTcpSynPacket(@NonNull final TcpHeader tcpHeader) {
+ return (tcpHeader.dataOffsetAndControlBits & TCPHDR_SYN) != 0;
+ }
+
+ public static boolean isExpectedTcpPacket(@NonNull final byte[] rawPacket, boolean hasEth,
+ boolean isIpv4, int seq, @NonNull final ByteBuffer payload) {
+ final ByteBuffer buf = ByteBuffer.wrap(rawPacket);
+ try {
+ if (hasEth && !hasExpectedEtherHeader(buf, isIpv4)) return false;
+
+ if (!hasExpectedIpHeader(buf, isIpv4, IPPROTO_TCP)) return false;
+
+ final TcpHeader tcpHeader = Struct.parse(TcpHeader.class, buf);
+ if (tcpHeader.seq != seq) return false;
+
+ // Don't try to parse the payload if it is a TCP SYN segment because additional TCP
+ // option MSS may be added in the SYN segment. Currently, TetherController uses
+ // iptables to limit downstream MSS for IPv4. The additional TCP options will be
+ // misunderstood as payload because parsing TCP options are not supported by class
+ // TcpHeader for now. See TetherController::setupIptablesHooks.
+ // TODO: remove once TcpHeader supports parsing TCP options.
+ if (isTcpSynPacket(tcpHeader)) {
+ Log.d(TAG, "Found SYN segment. Ignore parsing the remaining part of packet.");
+ return true;
+ }
+
+ if (payload.limit() != buf.remaining()) return false;
+ return Arrays.equals(getRemaining(buf), getRemaining(payload.asReadOnlyBuffer()));
+ } catch (Exception e) {
+ // Parsing packet fail means it is not tcp packet.
+ }
+
+ return false;
+ }
+
+ private void sendUploadPacket(ByteBuffer packet) throws Exception {
mDownstreamReader.sendResponse(packet);
}
- public byte[] getNextMatchedPacket(Predicate<byte[]> filter) {
+ private void sendDownloadPacket(ByteBuffer packet) throws Exception {
+ assertNotNull("Can't deal with upstream interface in local only mode", mUpstreamReader);
+
+ mUpstreamReader.sendResponse(packet);
+ }
+
+ private byte[] getDownloadPacket(Predicate<byte[]> filter) {
byte[] packet;
while ((packet = mDownstreamReader.poll(PACKET_READ_TIMEOUT_MS)) != null) {
if (filter.test(packet)) return packet;
maybeReplyArp(packet);
+ maybeReplyNa(packet);
}
return null;
}
- public void verifyUpload(final RemoteResponder dst, final ByteBuffer packet,
- final Predicate<byte[]> filter) throws Exception {
- sendPacket(packet);
- assertNotNull("Upload fail", dst.getNextMatchedPacket(filter));
+ private byte[] getUploadPacket(Predicate<byte[]> filter) {
+ assertNotNull("Can't deal with upstream interface in local only mode", mUpstreamReader);
+
+ return mUpstreamReader.poll(PACKET_READ_TIMEOUT_MS, filter);
}
- public static class RemoteResponder {
- final TapPacketReader mUpstreamReader;
- public RemoteResponder(TapPacketReader reader) {
- mUpstreamReader = reader;
- }
+ private @NonNull byte[] verifyPacketNotNull(String message, @Nullable byte[] packet) {
+ assertNotNull(message, packet);
- public void sendPacket(ByteBuffer packet) throws Exception {
- mUpstreamReader.sendResponse(packet);
- }
+ return packet;
+ }
- public byte[] getNextMatchedPacket(Predicate<byte[]> filter) throws Exception {
- return mUpstreamReader.poll(PACKET_READ_TIMEOUT_MS, filter);
- }
+ public byte[] testUpload(final ByteBuffer packet, final Predicate<byte[]> filter)
+ throws Exception {
+ sendUploadPacket(packet);
- public void verifyDownload(final TetheringTester dst, final ByteBuffer packet,
- final Predicate<byte[]> filter) throws Exception {
- sendPacket(packet);
- assertNotNull("Download fail", dst.getNextMatchedPacket(filter));
- }
+ return getUploadPacket(filter);
+ }
+
+ public byte[] verifyUpload(final ByteBuffer packet, final Predicate<byte[]> filter)
+ throws Exception {
+ return verifyPacketNotNull("Upload fail", testUpload(packet, filter));
+ }
+
+ public byte[] verifyDownload(final ByteBuffer packet, final Predicate<byte[]> filter)
+ throws Exception {
+ sendDownloadPacket(packet);
+
+ return verifyPacketNotNull("Download fail", getDownloadPacket(filter));
}
}
diff --git a/Tethering/tests/mts/Android.bp b/Tethering/tests/mts/Android.bp
index a84fdd2..ae36499 100644
--- a/Tethering/tests/mts/Android.bp
+++ b/Tethering/tests/mts/Android.bp
@@ -41,6 +41,8 @@
"ctstestrunner-axt",
"junit",
"junit-params",
+ "connectivity-net-module-utils-bpf",
+ "net-utils-device-common-bpf",
],
jni_libs: [
diff --git a/Tethering/tests/mts/src/android/tethering/mts/SkDestroyListenerTest.java b/Tethering/tests/mts/src/android/tethering/mts/SkDestroyListenerTest.java
new file mode 100644
index 0000000..9494aa4
--- /dev/null
+++ b/Tethering/tests/mts/src/android/tethering/mts/SkDestroyListenerTest.java
@@ -0,0 +1,113 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.tethering.mts;
+
+import static android.system.OsConstants.AF_INET;
+import static android.system.OsConstants.AF_INET6;
+import static android.system.OsConstants.SOCK_DGRAM;
+import static android.system.OsConstants.SOCK_STREAM;
+
+import static com.android.compatibility.common.util.SystemUtil.runShellCommandOrThrow;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import android.net.TrafficStats;
+import android.os.Build;
+import android.os.Process;
+import android.system.Os;
+import android.util.Pair;
+
+import com.android.net.module.util.BpfDump;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
+import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import java.io.FileDescriptor;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+@RunWith(DevSdkIgnoreRunner.class)
+@IgnoreUpTo(Build.VERSION_CODES.S_V2)
+public class SkDestroyListenerTest {
+ private static final int COOKIE_TAG = 0x1234abcd;
+ private static final int SOCKET_COUNT = 100;
+ private static final int SOCKET_CLOSE_WAIT_MS = 200;
+ private static final String LINE_DELIMITER = "\\n";
+ private static final String DUMP_COMMAND = "dumpsys netstats --bpfRawMap --cookieTagMap";
+
+ private Map<CookieTagMapKey, CookieTagMapValue> parseBpfRawMap(final String dump) {
+ final Map<CookieTagMapKey, CookieTagMapValue> map = new HashMap<>();
+ for (final String line: dump.split(LINE_DELIMITER)) {
+ final Pair<CookieTagMapKey, CookieTagMapValue> keyValue =
+ BpfDump.fromBase64EncodedString(CookieTagMapKey.class,
+ CookieTagMapValue.class, line.trim());
+ map.put(keyValue.first, keyValue.second);
+ }
+ return map;
+ }
+
+ private int countTaggedSocket() {
+ final String dump = runShellCommandOrThrow(DUMP_COMMAND);
+ final Map<CookieTagMapKey, CookieTagMapValue> cookieTagMap = parseBpfRawMap(dump);
+ int count = 0;
+ for (final CookieTagMapValue value: cookieTagMap.values()) {
+ if (value.tag == COOKIE_TAG && value.uid == Process.myUid()) {
+ count++;
+ }
+ }
+ return count;
+ }
+
+ private boolean noTaggedSocket() {
+ return countTaggedSocket() == 0;
+ }
+
+ private void doTestSkDestroyListener(final int family, final int type) throws Exception {
+ assertTrue("There are tagged sockets before test", noTaggedSocket());
+
+ TrafficStats.setThreadStatsTag(COOKIE_TAG);
+ final List<FileDescriptor> fds = new ArrayList<>();
+ for (int i = 0; i < SOCKET_COUNT; i++) {
+ fds.add(Os.socket(family, type, 0 /* protocol */));
+ }
+ TrafficStats.clearThreadStatsTag();
+ assertEquals("Number of tagged socket does not match after creating sockets",
+ SOCKET_COUNT, countTaggedSocket());
+
+ for (final FileDescriptor fd: fds) {
+ Os.close(fd);
+ }
+ // Wait a bit for skDestroyListener to handle all the netlink messages.
+ Thread.sleep(SOCKET_CLOSE_WAIT_MS);
+ assertTrue("There are tagged sockets after closing sockets", noTaggedSocket());
+ }
+
+ @Test
+ public void testSkDestroyListener() throws Exception {
+ doTestSkDestroyListener(AF_INET, SOCK_STREAM);
+ doTestSkDestroyListener(AF_INET, SOCK_DGRAM);
+ doTestSkDestroyListener(AF_INET6, SOCK_STREAM);
+ doTestSkDestroyListener(AF_INET6, SOCK_DGRAM);
+ }
+}
diff --git a/Tethering/tests/mts/src/android/tethering/mts/TetheringModuleTest.java b/Tethering/tests/mts/src/android/tethering/mts/TetheringModuleTest.java
index 4525568..dd2ff9e 100644
--- a/Tethering/tests/mts/src/android/tethering/mts/TetheringModuleTest.java
+++ b/Tethering/tests/mts/src/android/tethering/mts/TetheringModuleTest.java
@@ -15,27 +15,23 @@
*/
package android.tethering.mts;
-import static android.Manifest.permission.ACCESS_WIFI_STATE;
import static android.Manifest.permission.MANAGE_TEST_NETWORKS;
-import static android.Manifest.permission.NETWORK_SETTINGS;
import static android.Manifest.permission.READ_DEVICE_CONFIG;
-import static android.Manifest.permission.TETHER_PRIVILEGED;
import static android.Manifest.permission.WRITE_SETTINGS;
import static android.net.TetheringManager.TETHERING_WIFI;
import static android.provider.DeviceConfig.NAMESPACE_CONNECTIVITY;
import static com.android.testutils.TestNetworkTrackerKt.initTestNetwork;
+import static com.android.testutils.TestPermissionUtil.runAsShell;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.fail;
-import android.app.UiAutomation;
import android.content.Context;
import android.net.IpPrefix;
import android.net.LinkAddress;
import android.net.TetheringInterface;
-import android.net.TetheringManager;
import android.net.cts.util.CtsTetheringUtils;
import android.net.cts.util.CtsTetheringUtils.TestTetheringEventCallback;
import android.provider.DeviceConfig;
@@ -46,7 +42,6 @@
import com.android.testutils.TestNetworkTracker;
-import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -60,26 +55,15 @@
@RunWith(AndroidJUnit4.class)
public class TetheringModuleTest {
private Context mContext;
- private TetheringManager mTm;
private CtsTetheringUtils mCtsTetheringUtils;
-
- private UiAutomation mUiAutomation =
- InstrumentationRegistry.getInstrumentation().getUiAutomation();
+ private final long mRestartTimeOutMs = 5_000;
@Before
public void setUp() throws Exception {
- mUiAutomation.adoptShellPermissionIdentity(MANAGE_TEST_NETWORKS, NETWORK_SETTINGS,
- WRITE_SETTINGS, READ_DEVICE_CONFIG, TETHER_PRIVILEGED, ACCESS_WIFI_STATE);
mContext = InstrumentationRegistry.getContext();
- mTm = mContext.getSystemService(TetheringManager.class);
mCtsTetheringUtils = new CtsTetheringUtils(mContext);
}
- @After
- public void tearDown() throws Exception {
- mUiAutomation.dropShellPermissionIdentity();
- }
-
@Test
public void testSwitchBasePrefixRangeWhenConflict() throws Exception {
addressConflictTest(true);
@@ -120,8 +104,20 @@
final List<String> wifiRegexs =
tetherEventCallback.getTetheringInterfaceRegexps().getTetherableWifiRegexs();
- tetherEventCallback.expectTetheredInterfacesChanged(wifiRegexs, TETHERING_WIFI);
- nif = NetworkInterface.getByName(wifiTetheringIface);
+ final TetheringInterface restartedIface =
+ tetherEventCallback.pollTetheredInterfacesChanged(wifiRegexs, TETHERING_WIFI,
+ mRestartTimeOutMs);
+ final TetheringInterface newIface;
+ if (restartedIface != null) {
+ newIface = restartedIface;
+ } else {
+ // Because of race inside tethering module, there is no guarantee wifi tethering
+ // would restart successfully. If tethering don't auto restarted, restarting it
+ // manually. TODO(b/242649651): remove this when tethering auto restart is reliable.
+ newIface = mCtsTetheringUtils.startWifiTethering(tetherEventCallback);
+ }
+
+ nif = NetworkInterface.getByName(newIface.getInterface());
final LinkAddress newHotspotAddr = getFirstIpv4Address(nif);
assertNotNull(newHotspotAddr);
@@ -130,10 +126,8 @@
mCtsTetheringUtils.stopWifiTethering(tetherEventCallback);
} finally {
- if (tnt != null) {
- tnt.teardown();
- }
- mTm.stopAllTethering();
+ teardown(tnt);
+ mCtsTetheringUtils.stopAllTethering();
mCtsTetheringUtils.unregisterTetheringEventCallback(tetherEventCallback);
}
}
@@ -169,11 +163,19 @@
}
private TestNetworkTracker setUpTestNetwork(final LinkAddress address) throws Exception {
- return initTestNetwork(mContext, address, 10_000L /* test timeout ms*/);
+ return runAsShell(MANAGE_TEST_NETWORKS, WRITE_SETTINGS,
+ () -> initTestNetwork(mContext, address, 10_000L /* test timeout ms*/));
}
+ private void teardown(TestNetworkTracker tracker) throws Exception {
+ if (tracker == null) return;
+
+ runAsShell(MANAGE_TEST_NETWORKS, () -> tracker.teardown());
+ }
+
public static boolean isFeatureEnabled(final String name, final boolean defaultValue) {
- return DeviceConfig.getBoolean(NAMESPACE_CONNECTIVITY, name, defaultValue);
+ return runAsShell(READ_DEVICE_CONFIG,
+ () -> DeviceConfig.getBoolean(NAMESPACE_CONNECTIVITY, name, defaultValue));
}
}
diff --git a/Tethering/tests/privileged/src/com/android/networkstack/tethering/BpfMapTest.java b/Tethering/tests/privileged/src/com/android/networkstack/tethering/BpfMapTest.java
index 68c1c57..0e8b044 100644
--- a/Tethering/tests/privileged/src/com/android/networkstack/tethering/BpfMapTest.java
+++ b/Tethering/tests/privileged/src/com/android/networkstack/tethering/BpfMapTest.java
@@ -30,6 +30,7 @@
import android.net.MacAddress;
import android.os.Build;
import android.system.ErrnoException;
+import android.system.Os;
import android.system.OsConstants;
import android.util.ArrayMap;
@@ -42,6 +43,7 @@
import org.junit.Test;
import org.junit.runner.RunWith;
+import java.io.File;
import java.net.InetAddress;
import java.util.NoSuchElementException;
import java.util.concurrent.atomic.AtomicInteger;
@@ -96,7 +98,7 @@
assertTrue(mTestMap.isEmpty());
}
- private TetherDownstream6Key createTetherDownstream6Key(long iif, String mac,
+ private TetherDownstream6Key createTetherDownstream6Key(int iif, String mac,
String address) throws Exception {
final MacAddress dstMac = MacAddress.fromString(mac);
final InetAddress ipv6Address = InetAddress.getByName(address);
@@ -393,4 +395,34 @@
assertEquals(OsConstants.ENOENT, expected.errno);
}
}
+
+ private static int getNumOpenFds() {
+ return new File("/proc/" + Os.getpid() + "/fd").listFiles().length;
+ }
+
+ @Test
+ public void testNoFdLeaks() throws Exception {
+ // Due to #setUp has called #initTestMap to open map and BpfMap is using persistent fd
+ // cache, expect that the fd amount is not increased in the iterations.
+ // See the comment of BpfMap#close.
+ final int iterations = 1000;
+ final int before = getNumOpenFds();
+ for (int i = 0; i < iterations; i++) {
+ try (BpfMap<TetherDownstream6Key, Tether6Value> map = new BpfMap<>(
+ TETHER_DOWNSTREAM6_FS_PATH, BpfMap.BPF_F_RDWR,
+ TetherDownstream6Key.class, Tether6Value.class)) {
+ // do nothing
+ }
+ }
+ final int after = getNumOpenFds();
+
+ // Check that the number of open fds is the same as before.
+ // If this exact match becomes flaky, we probably need to distinguish that fd is belong
+ // to "bpf-map".
+ // ex:
+ // $ adb shell ls -all /proc/16196/fd
+ // [..] network_stack 64 2022-07-26 22:01:02.300002956 +0800 749 -> anon_inode:bpf-map
+ // [..] network_stack 64 2022-07-26 22:01:02.188002956 +0800 75 -> anon_inode:[eventfd]
+ assertEquals("Fd leak after " + iterations + " iterations: ", before, after);
+ }
}
diff --git a/Tethering/tests/privileged/src/com/android/networkstack/tethering/ConntrackSocketTest.java b/Tethering/tests/privileged/src/com/android/networkstack/tethering/ConntrackSocketTest.java
index 7ee69b2..d38a7c3 100644
--- a/Tethering/tests/privileged/src/com/android/networkstack/tethering/ConntrackSocketTest.java
+++ b/Tethering/tests/privileged/src/com/android/networkstack/tethering/ConntrackSocketTest.java
@@ -28,7 +28,6 @@
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
-import android.net.util.SharedLog;
import android.os.Handler;
import android.os.HandlerThread;
import android.os.Looper;
@@ -38,6 +37,7 @@
import androidx.test.filters.SmallTest;
import androidx.test.runner.AndroidJUnit4;
+import com.android.net.module.util.SharedLog;
import com.android.net.module.util.netlink.StructNlMsgHdr;
import org.junit.Before;
diff --git a/Tethering/tests/unit/src/android/net/ip/IpServerTest.java b/Tethering/tests/unit/src/android/net/ip/IpServerTest.java
index aac531a..5f4454b 100644
--- a/Tethering/tests/unit/src/android/net/ip/IpServerTest.java
+++ b/Tethering/tests/unit/src/android/net/ip/IpServerTest.java
@@ -83,10 +83,7 @@
import android.net.dhcp.IDhcpEventCallbacks;
import android.net.dhcp.IDhcpServer;
import android.net.dhcp.IDhcpServerCallbacks;
-import android.net.ip.IpNeighborMonitor.NeighborEvent;
-import android.net.ip.IpNeighborMonitor.NeighborEventConsumer;
import android.net.ip.RouterAdvertisementDaemon.RaParams;
-import android.net.util.SharedLog;
import android.os.Build;
import android.os.Handler;
import android.os.RemoteException;
@@ -101,10 +98,15 @@
import com.android.net.module.util.BpfMap;
import com.android.net.module.util.InterfaceParams;
import com.android.net.module.util.NetworkStackConstants;
+import com.android.net.module.util.SharedLog;
import com.android.net.module.util.bpf.Tether4Key;
import com.android.net.module.util.bpf.Tether4Value;
import com.android.net.module.util.bpf.TetherStatsKey;
import com.android.net.module.util.bpf.TetherStatsValue;
+import com.android.net.module.util.ip.ConntrackMonitor;
+import com.android.net.module.util.ip.IpNeighborMonitor;
+import com.android.net.module.util.ip.IpNeighborMonitor.NeighborEvent;
+import com.android.net.module.util.ip.IpNeighborMonitor.NeighborEventConsumer;
import com.android.networkstack.tethering.BpfCoordinator;
import com.android.networkstack.tethering.BpfCoordinator.Ipv6ForwardingRule;
import com.android.networkstack.tethering.PrivateAddressCoordinator;
@@ -116,6 +118,7 @@
import com.android.networkstack.tethering.TetherLimitValue;
import com.android.networkstack.tethering.TetherUpstream6Key;
import com.android.networkstack.tethering.TetheringConfiguration;
+import com.android.networkstack.tethering.metrics.TetheringMetrics;
import com.android.networkstack.tethering.util.InterfaceSet;
import com.android.networkstack.tethering.util.PrefixUtils;
import com.android.testutils.DevSdkIgnoreRule;
@@ -186,6 +189,7 @@
@Mock private NetworkStatsManager mStatsManager;
@Mock private TetheringConfiguration mTetherConfig;
@Mock private ConntrackMonitor mConntrackMonitor;
+ @Mock private TetheringMetrics mTetheringMetrics;
@Mock private BpfMap<Tether4Key, Tether4Value> mBpfDownstream4Map;
@Mock private BpfMap<Tether4Key, Tether4Value> mBpfUpstream4Map;
@Mock private BpfMap<TetherDownstream6Key, Tether6Value> mBpfDownstream6Map;
@@ -235,7 +239,7 @@
when(mTetherConfig.getP2pLeasesSubnetPrefixLength()).thenReturn(P2P_SUBNET_PREFIX_LENGTH);
mIpServer = new IpServer(
IFACE_NAME, mLooper.getLooper(), interfaceType, mSharedLog, mNetd, mBpfCoordinator,
- mCallback, mTetherConfig, mAddressCoordinator, mDependencies);
+ mCallback, mTetherConfig, mAddressCoordinator, mTetheringMetrics, mDependencies);
mIpServer.start();
mNeighborEventConsumer = neighborCaptor.getValue();
@@ -267,6 +271,7 @@
mTestAddress);
}
+ @SuppressWarnings("DoNotCall") // Ignore warning for synchronous to call to Thread.run()
private void setUpDhcpServer() throws Exception {
doAnswer(inv -> {
final IDhcpServerCallbacks cb = inv.getArgument(2);
@@ -367,7 +372,7 @@
.thenReturn(mIpNeighborMonitor);
mIpServer = new IpServer(IFACE_NAME, mLooper.getLooper(), TETHERING_BLUETOOTH, mSharedLog,
mNetd, mBpfCoordinator, mCallback, mTetherConfig, mAddressCoordinator,
- mDependencies);
+ mTetheringMetrics, mDependencies);
mIpServer.start();
mLooper.dispatchAll();
verify(mCallback).updateInterfaceState(
@@ -451,6 +456,9 @@
mIpServer, STATE_AVAILABLE, TETHER_ERROR_NO_ERROR);
inOrder.verify(mCallback).updateLinkProperties(
eq(mIpServer), any(LinkProperties.class));
+ verify(mTetheringMetrics).updateErrorCode(eq(TETHERING_BLUETOOTH),
+ eq(TETHER_ERROR_NO_ERROR));
+ verify(mTetheringMetrics).sendReport(eq(TETHERING_BLUETOOTH));
verifyNoMoreInteractions(mNetd, mCallback, mAddressCoordinator);
}
@@ -658,6 +666,9 @@
usbTeardownOrder.verify(mCallback).updateLinkProperties(
eq(mIpServer), mLinkPropertiesCaptor.capture());
assertNoAddressesNorRoutes(mLinkPropertiesCaptor.getValue());
+ verify(mTetheringMetrics).updateErrorCode(eq(TETHERING_USB),
+ eq(TETHER_ERROR_TETHER_IFACE_ERROR));
+ verify(mTetheringMetrics).sendReport(eq(TETHERING_USB));
}
@Test
@@ -676,6 +687,9 @@
usbTeardownOrder.verify(mCallback).updateLinkProperties(
eq(mIpServer), mLinkPropertiesCaptor.capture());
assertNoAddressesNorRoutes(mLinkPropertiesCaptor.getValue());
+ verify(mTetheringMetrics).updateErrorCode(eq(TETHERING_USB),
+ eq(TETHER_ERROR_ENABLE_FORWARDING_ERROR));
+ verify(mTetheringMetrics).sendReport(eq(TETHERING_USB));
}
@Test
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java
index 3630f24..ac92b43 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/BpfCoordinatorTest.java
@@ -23,7 +23,6 @@
import static android.net.NetworkStats.TAG_NONE;
import static android.net.NetworkStats.UID_ALL;
import static android.net.NetworkStats.UID_TETHERING;
-import static android.net.ip.ConntrackMonitor.ConntrackEvent;
import static android.net.netstats.provider.NetworkStatsProvider.QUOTA_UNLIMITED;
import static android.system.OsConstants.ETH_P_IP;
import static android.system.OsConstants.ETH_P_IPV6;
@@ -33,6 +32,7 @@
import static com.android.dx.mockito.inline.extended.ExtendedMockito.doReturn;
import static com.android.dx.mockito.inline.extended.ExtendedMockito.staticMockMarker;
+import static com.android.net.module.util.ip.ConntrackMonitor.ConntrackEvent;
import static com.android.net.module.util.netlink.ConntrackMessage.DYING_MASK;
import static com.android.net.module.util.netlink.ConntrackMessage.ESTABLISHED_MASK;
import static com.android.net.module.util.netlink.ConntrackMessage.Tuple;
@@ -59,6 +59,7 @@
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.mockito.Matchers.any;
+import static org.mockito.Matchers.anyBoolean;
import static org.mockito.Matchers.anyInt;
import static org.mockito.Matchers.anyLong;
import static org.mockito.Matchers.anyString;
@@ -82,10 +83,7 @@
import android.net.NetworkStats;
import android.net.TetherOffloadRuleParcel;
import android.net.TetherStatsParcel;
-import android.net.ip.ConntrackMonitor;
-import android.net.ip.ConntrackMonitor.ConntrackEventConsumer;
import android.net.ip.IpServer;
-import android.net.util.SharedLog;
import android.os.Build;
import android.os.Handler;
import android.os.test.TestLooper;
@@ -96,14 +94,17 @@
import androidx.test.runner.AndroidJUnit4;
import com.android.dx.mockito.inline.extended.ExtendedMockito;
-import com.android.net.module.util.BpfMap;
import com.android.net.module.util.CollectionUtils;
+import com.android.net.module.util.IBpfMap;
import com.android.net.module.util.InterfaceParams;
import com.android.net.module.util.NetworkStackConstants;
+import com.android.net.module.util.SharedLog;
import com.android.net.module.util.bpf.Tether4Key;
import com.android.net.module.util.bpf.Tether4Value;
import com.android.net.module.util.bpf.TetherStatsKey;
import com.android.net.module.util.bpf.TetherStatsValue;
+import com.android.net.module.util.ip.ConntrackMonitor;
+import com.android.net.module.util.ip.ConntrackMonitor.ConntrackEventConsumer;
import com.android.net.module.util.netlink.ConntrackMessage;
import com.android.net.module.util.netlink.NetlinkConstants;
import com.android.net.module.util.netlink.NetlinkSocket;
@@ -141,6 +142,9 @@
@Rule
public final DevSdkIgnoreRule mIgnoreRule = new DevSdkIgnoreRule();
+ private static final boolean IPV4 = true;
+ private static final boolean IPV6 = false;
+
private static final int TEST_NET_ID = 24;
private static final int TEST_NET_ID2 = 25;
@@ -218,7 +222,7 @@
private static class TestUpstream4Key {
public static class Builder {
- private long mIif = DOWNSTREAM_IFINDEX;
+ private int mIif = DOWNSTREAM_IFINDEX;
private MacAddress mDstMac = DOWNSTREAM_MAC;
private short mL4proto = (short) IPPROTO_TCP;
private byte[] mSrc4 = PRIVATE_ADDR.getAddress();
@@ -242,7 +246,7 @@
private static class TestDownstream4Key {
public static class Builder {
- private long mIif = UPSTREAM_IFINDEX;
+ private int mIif = UPSTREAM_IFINDEX;
private MacAddress mDstMac = MacAddress.ALL_ZEROS_ADDRESS /* dstMac (rawip) */;
private short mL4proto = (short) IPPROTO_TCP;
private byte[] mSrc4 = REMOTE_ADDR.getAddress();
@@ -266,7 +270,7 @@
private static class TestUpstream4Value {
public static class Builder {
- private long mOif = UPSTREAM_IFINDEX;
+ private int mOif = UPSTREAM_IFINDEX;
private MacAddress mEthDstMac = MacAddress.ALL_ZEROS_ADDRESS /* dstMac (rawip) */;
private MacAddress mEthSrcMac = MacAddress.ALL_ZEROS_ADDRESS /* dstMac (rawip) */;
private int mEthProto = ETH_P_IP;
@@ -286,7 +290,7 @@
private static class TestDownstream4Value {
public static class Builder {
- private long mOif = DOWNSTREAM_IFINDEX;
+ private int mOif = DOWNSTREAM_IFINDEX;
private MacAddress mEthDstMac = MAC_A /* client mac */;
private MacAddress mEthSrcMac = DOWNSTREAM_MAC;
private int mEthProto = ETH_P_IP;
@@ -358,9 +362,9 @@
@Mock private IpServer mIpServer2;
@Mock private TetheringConfiguration mTetherConfig;
@Mock private ConntrackMonitor mConntrackMonitor;
- @Mock private BpfMap<TetherDownstream6Key, Tether6Value> mBpfDownstream6Map;
- @Mock private BpfMap<TetherUpstream6Key, Tether6Value> mBpfUpstream6Map;
- @Mock private BpfMap<TetherDevKey, TetherDevValue> mBpfDevMap;
+ @Mock private IBpfMap<TetherDownstream6Key, Tether6Value> mBpfDownstream6Map;
+ @Mock private IBpfMap<TetherUpstream6Key, Tether6Value> mBpfUpstream6Map;
+ @Mock private IBpfMap<TetherDevKey, TetherDevValue> mBpfDevMap;
// Late init since methods must be called by the thread that created this object.
private TestableNetworkStatsProviderCbBinder mTetherStatsProviderCb;
@@ -375,13 +379,13 @@
private final ArgumentCaptor<ArrayList> mStringArrayCaptor =
ArgumentCaptor.forClass(ArrayList.class);
private final TestLooper mTestLooper = new TestLooper();
- private final BpfMap<Tether4Key, Tether4Value> mBpfDownstream4Map =
+ private final IBpfMap<Tether4Key, Tether4Value> mBpfDownstream4Map =
spy(new TestBpfMap<>(Tether4Key.class, Tether4Value.class));
- private final BpfMap<Tether4Key, Tether4Value> mBpfUpstream4Map =
+ private final IBpfMap<Tether4Key, Tether4Value> mBpfUpstream4Map =
spy(new TestBpfMap<>(Tether4Key.class, Tether4Value.class));
- private final TestBpfMap<TetherStatsKey, TetherStatsValue> mBpfStatsMap =
+ private final IBpfMap<TetherStatsKey, TetherStatsValue> mBpfStatsMap =
spy(new TestBpfMap<>(TetherStatsKey.class, TetherStatsValue.class));
- private final TestBpfMap<TetherLimitKey, TetherLimitValue> mBpfLimitMap =
+ private final IBpfMap<TetherLimitKey, TetherLimitValue> mBpfLimitMap =
spy(new TestBpfMap<>(TetherLimitKey.class, TetherLimitValue.class));
private BpfCoordinator.Dependencies mDeps =
spy(new BpfCoordinator.Dependencies() {
@@ -420,37 +424,37 @@
}
@Nullable
- public BpfMap<Tether4Key, Tether4Value> getBpfDownstream4Map() {
+ public IBpfMap<Tether4Key, Tether4Value> getBpfDownstream4Map() {
return mBpfDownstream4Map;
}
@Nullable
- public BpfMap<Tether4Key, Tether4Value> getBpfUpstream4Map() {
+ public IBpfMap<Tether4Key, Tether4Value> getBpfUpstream4Map() {
return mBpfUpstream4Map;
}
@Nullable
- public BpfMap<TetherDownstream6Key, Tether6Value> getBpfDownstream6Map() {
+ public IBpfMap<TetherDownstream6Key, Tether6Value> getBpfDownstream6Map() {
return mBpfDownstream6Map;
}
@Nullable
- public BpfMap<TetherUpstream6Key, Tether6Value> getBpfUpstream6Map() {
+ public IBpfMap<TetherUpstream6Key, Tether6Value> getBpfUpstream6Map() {
return mBpfUpstream6Map;
}
@Nullable
- public BpfMap<TetherStatsKey, TetherStatsValue> getBpfStatsMap() {
+ public IBpfMap<TetherStatsKey, TetherStatsValue> getBpfStatsMap() {
return mBpfStatsMap;
}
@Nullable
- public BpfMap<TetherLimitKey, TetherLimitValue> getBpfLimitMap() {
+ public IBpfMap<TetherLimitKey, TetherLimitValue> getBpfLimitMap() {
return mBpfLimitMap;
}
@Nullable
- public BpfMap<TetherDevKey, TetherDevValue> getBpfDevMap() {
+ public IBpfMap<TetherDevKey, TetherDevValue> getBpfDevMap() {
return mBpfDevMap;
}
});
@@ -937,11 +941,11 @@
@Test
public void testRuleMakeTetherDownstream6Key() throws Exception {
- final Integer mobileIfIndex = 100;
+ final int mobileIfIndex = 100;
final Ipv6ForwardingRule rule = buildTestForwardingRule(mobileIfIndex, NEIGH_A, MAC_A);
final TetherDownstream6Key key = rule.makeTetherDownstream6Key();
- assertEquals(key.iif, (long) mobileIfIndex);
+ assertEquals(key.iif, mobileIfIndex);
assertEquals(key.dstMac, MacAddress.ALL_ZEROS_ADDRESS); // rawip upstream
assertTrue(Arrays.equals(key.neigh6, NEIGH_A.getAddress()));
// iif (4) + dstMac(6) + padding(2) + neigh6 (16) = 28.
@@ -950,7 +954,7 @@
@Test
public void testRuleMakeTether6Value() throws Exception {
- final Integer mobileIfIndex = 100;
+ final int mobileIfIndex = 100;
final Ipv6ForwardingRule rule = buildTestForwardingRule(mobileIfIndex, NEIGH_A, MAC_A);
final Tether6Value value = rule.makeTether6Value();
@@ -970,7 +974,7 @@
final BpfCoordinator coordinator = makeBpfCoordinator();
final String mobileIface = "rmnet_data0";
- final Integer mobileIfIndex = 100;
+ final int mobileIfIndex = 100;
coordinator.addUpstreamNameToLookupTable(mobileIfIndex, mobileIface);
// [1] Default limit.
@@ -1014,7 +1018,7 @@
final BpfCoordinator coordinator = makeBpfCoordinator();
final String mobileIface = "rmnet_data0";
- final Integer mobileIfIndex = 100;
+ final int mobileIfIndex = 100;
coordinator.addUpstreamNameToLookupTable(mobileIfIndex, mobileIface);
// Applying a data limit to the current upstream does not take any immediate action.
@@ -1277,48 +1281,72 @@
try {
final String intIface1 = "wlan1";
final String intIface2 = "rndis0";
- final String extIface = "rmnet_data0";
+ final String extIface1 = "rmnet_data0";
+ final String extIface2 = "v4-rmnet_data0";
final String virtualIface = "ipsec0";
final BpfUtils mockMarkerBpfUtils = staticMockMarker(BpfUtils.class);
final BpfCoordinator coordinator = makeBpfCoordinator();
// [1] Add the forwarding pair <wlan1, rmnet_data0>. Expect that attach both wlan1 and
// rmnet_data0.
- coordinator.maybeAttachProgram(intIface1, extIface);
- ExtendedMockito.verify(() -> BpfUtils.attachProgram(extIface, DOWNSTREAM));
- ExtendedMockito.verify(() -> BpfUtils.attachProgram(intIface1, UPSTREAM));
+ coordinator.maybeAttachProgram(intIface1, extIface1);
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(extIface1, DOWNSTREAM, IPV4));
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(extIface1, DOWNSTREAM, IPV6));
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(intIface1, UPSTREAM, IPV4));
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(intIface1, UPSTREAM, IPV6));
ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
// [2] Add the forwarding pair <wlan1, rmnet_data0> again. Expect no more action.
- coordinator.maybeAttachProgram(intIface1, extIface);
+ coordinator.maybeAttachProgram(intIface1, extIface1);
ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
// [3] Add the forwarding pair <rndis0, rmnet_data0>. Expect that attach rndis0 only.
- coordinator.maybeAttachProgram(intIface2, extIface);
- ExtendedMockito.verify(() -> BpfUtils.attachProgram(intIface2, UPSTREAM));
+ coordinator.maybeAttachProgram(intIface2, extIface1);
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(intIface2, UPSTREAM, IPV4));
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(intIface2, UPSTREAM, IPV6));
ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
- // [4] Remove the forwarding pair <rndis0, rmnet_data0>. Expect detach rndis0 only.
- coordinator.maybeDetachProgram(intIface2, extIface);
- ExtendedMockito.verify(() -> BpfUtils.detachProgram(intIface2));
+ // [4] Add the forwarding pair <rndis0, v4-rmnet_data0>. Expect that attach
+ // v4-rmnet_data0 IPv4 program only.
+ coordinator.maybeAttachProgram(intIface2, extIface2);
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(extIface2, DOWNSTREAM, IPV4));
+ ExtendedMockito.verify(() -> BpfUtils.attachProgram(extIface2, DOWNSTREAM, IPV6),
+ never());
ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
- // [5] Remove the forwarding pair <wlan1, rmnet_data0>. Expect that detach both wlan1
+ // [5] Remove the forwarding pair <rndis0, v4-rmnet_data0>. Expect detach
+ // v4-rmnet_data0 IPv4 program only.
+ coordinator.maybeDetachProgram(intIface2, extIface2);
+ ExtendedMockito.verify(() -> BpfUtils.detachProgram(extIface2, IPV4));
+ ExtendedMockito.verify(() -> BpfUtils.detachProgram(extIface2, IPV6), never());
+ ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
+ ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
+
+ // [6] Remove the forwarding pair <rndis0, rmnet_data0>. Expect detach rndis0 only.
+ coordinator.maybeDetachProgram(intIface2, extIface1);
+ ExtendedMockito.verify(() -> BpfUtils.detachProgram(intIface2, IPV4));
+ ExtendedMockito.verify(() -> BpfUtils.detachProgram(intIface2, IPV6));
+ ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
+ ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
+
+ // [7] Remove the forwarding pair <wlan1, rmnet_data0>. Expect that detach both wlan1
// and rmnet_data0.
- coordinator.maybeDetachProgram(intIface1, extIface);
- ExtendedMockito.verify(() -> BpfUtils.detachProgram(extIface));
- ExtendedMockito.verify(() -> BpfUtils.detachProgram(intIface1));
+ coordinator.maybeDetachProgram(intIface1, extIface1);
+ ExtendedMockito.verify(() -> BpfUtils.detachProgram(extIface1, IPV4));
+ ExtendedMockito.verify(() -> BpfUtils.detachProgram(extIface1, IPV6));
+ ExtendedMockito.verify(() -> BpfUtils.detachProgram(intIface1, IPV4));
+ ExtendedMockito.verify(() -> BpfUtils.detachProgram(intIface1, IPV6));
ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
- // [6] Skip attaching if upstream is virtual interface.
+ // [8] Skip attaching if upstream is virtual interface.
coordinator.maybeAttachProgram(intIface1, virtualIface);
- ExtendedMockito.verify(() -> BpfUtils.attachProgram(extIface, DOWNSTREAM), never());
- ExtendedMockito.verify(() -> BpfUtils.attachProgram(intIface1, UPSTREAM), never());
+ ExtendedMockito.verify(() ->
+ BpfUtils.attachProgram(anyString(), anyBoolean(), anyBoolean()), never());
ExtendedMockito.verifyNoMoreInteractions(mockMarkerBpfUtils);
ExtendedMockito.clearInvocations(mockMarkerBpfUtils);
@@ -1385,7 +1413,7 @@
// [1] Don't stop monitoring if it has never started.
coordinator.stopMonitoring(mIpServer);
- verify(mConntrackMonitor, never()).start();
+ verify(mConntrackMonitor, never()).stop();
// [2] Start monitoring.
coordinator.startMonitoring(mIpServer);
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/EntitlementManagerTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/EntitlementManagerTest.java
index 01d7b4b..e4263db 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/EntitlementManagerTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/EntitlementManagerTest.java
@@ -65,7 +65,6 @@
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.res.Resources;
-import android.net.util.SharedLog;
import android.os.Bundle;
import android.os.Handler;
import android.os.PersistableBundle;
@@ -82,6 +81,7 @@
import com.android.internal.util.test.BroadcastInterceptingContext;
import com.android.modules.utils.build.SdkLevel;
+import com.android.net.module.util.SharedLog;
import com.android.testutils.DevSdkIgnoreRule;
import org.junit.After;
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/FakeTetheringConfiguration.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/FakeTetheringConfiguration.java
index ac5c59d..95ec38f 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/FakeTetheringConfiguration.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/FakeTetheringConfiguration.java
@@ -18,7 +18,8 @@
import android.content.Context;
import android.content.res.Resources;
-import android.net.util.SharedLog;
+
+import com.android.net.module.util.SharedLog;
/** FakeTetheringConfiguration is used to override static method for testing. */
public class FakeTetheringConfiguration extends TetheringConfiguration {
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/IPv6TetheringCoordinatorTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/IPv6TetheringCoordinatorTest.java
index f2b5314..865228a 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/IPv6TetheringCoordinatorTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/IPv6TetheringCoordinatorTest.java
@@ -41,11 +41,12 @@
import android.net.NetworkCapabilities;
import android.net.RouteInfo;
import android.net.ip.IpServer;
-import android.net.util.SharedLog;
import androidx.test.filters.SmallTest;
import androidx.test.runner.AndroidJUnit4;
+import com.android.net.module.util.SharedLog;
+
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/OffloadControllerTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/OffloadControllerTest.java
index e9716b3..faca1c8 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/OffloadControllerTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/OffloadControllerTest.java
@@ -26,6 +26,7 @@
import static android.net.RouteInfo.RTN_UNICAST;
import static android.provider.Settings.Global.TETHER_OFFLOAD_DISABLED;
+import static com.android.modules.utils.build.SdkLevel.isAtLeastS;
import static com.android.modules.utils.build.SdkLevel.isAtLeastT;
import static com.android.networkstack.tethering.OffloadController.StatsType.STATS_PER_IFACE;
import static com.android.networkstack.tethering.OffloadController.StatsType.STATS_PER_UID;
@@ -66,7 +67,6 @@
import android.net.NetworkStats.Entry;
import android.net.RouteInfo;
import android.net.netstats.provider.NetworkStatsProvider;
-import android.net.util.SharedLog;
import android.os.Build;
import android.os.Handler;
import android.os.test.TestLooper;
@@ -78,6 +78,7 @@
import androidx.test.runner.AndroidJUnit4;
import com.android.internal.util.test.FakeSettingsProvider;
+import com.android.net.module.util.SharedLog;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
import com.android.testutils.TestableNetworkStatsProviderCbBinder;
@@ -668,7 +669,7 @@
if (isAtLeastT()) {
mTetherStatsProviderCb.expectNotifyLimitReached();
- } else if (Build.VERSION.SDK_INT == Build.VERSION_CODES.S) {
+ } else if (isAtLeastS()) {
mTetherStatsProviderCb.expectNotifyWarningOrLimitReached();
} else {
mTetherStatsProviderCb.expectNotifyLimitReached();
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/OffloadHardwareInterfaceTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/OffloadHardwareInterfaceTest.java
index d1891ed..36b439b 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/OffloadHardwareInterfaceTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/OffloadHardwareInterfaceTest.java
@@ -43,7 +43,6 @@
import android.hardware.tetheroffload.control.V1_0.NetworkProtocol;
import android.hardware.tetheroffload.control.V1_1.ITetheringOffloadCallback;
import android.hardware.tetheroffload.control.V1_1.OffloadCallbackEvent;
-import android.net.util.SharedLog;
import android.os.Handler;
import android.os.NativeHandle;
import android.os.test.TestLooper;
@@ -55,6 +54,7 @@
import androidx.test.filters.SmallTest;
import androidx.test.runner.AndroidJUnit4;
+import com.android.net.module.util.SharedLog;
import com.android.net.module.util.netlink.StructNfGenMsg;
import com.android.net.module.util.netlink.StructNlMsgHdr;
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringConfigurationTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringConfigurationTest.java
index 3190f35..1a12125 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringConfigurationTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringConfigurationTest.java
@@ -47,7 +47,6 @@
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.res.Resources;
-import android.net.util.SharedLog;
import android.os.Build;
import android.os.PersistableBundle;
import android.provider.DeviceConfig;
@@ -63,6 +62,7 @@
import com.android.internal.util.test.FakeSettingsProvider;
import com.android.modules.utils.build.SdkLevel;
import com.android.net.module.util.DeviceConfigUtils;
+import com.android.net.module.util.SharedLog;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRule.IgnoreAfter;
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringServiceTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringServiceTest.java
index f664d5d..38f1e9c 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringServiceTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringServiceTest.java
@@ -24,6 +24,7 @@
import static android.net.TetheringManager.TETHER_ERROR_NO_ACCESS_TETHERING_PERMISSION;
import static android.net.TetheringManager.TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION;
import static android.net.TetheringManager.TETHER_ERROR_NO_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_UNSUPPORTED;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
@@ -139,23 +140,27 @@
}
private void runAsNoPermission(final TestTetheringCall test) throws Exception {
- runTetheringCall(test, new String[0]);
+ runTetheringCall(test, true /* isTetheringAllowed */, new String[0]);
}
private void runAsTetherPrivileged(final TestTetheringCall test) throws Exception {
- runTetheringCall(test, TETHER_PRIVILEGED);
+ runTetheringCall(test, true /* isTetheringAllowed */, TETHER_PRIVILEGED);
}
private void runAsAccessNetworkState(final TestTetheringCall test) throws Exception {
- runTetheringCall(test, ACCESS_NETWORK_STATE);
+ runTetheringCall(test, true /* isTetheringAllowed */, ACCESS_NETWORK_STATE);
}
private void runAsWriteSettings(final TestTetheringCall test) throws Exception {
- runTetheringCall(test, WRITE_SETTINGS);
+ runTetheringCall(test, true /* isTetheringAllowed */, WRITE_SETTINGS);
}
- private void runTetheringCall(final TestTetheringCall test, String... permissions)
- throws Exception {
+ private void runAsTetheringDisallowed(final TestTetheringCall test) throws Exception {
+ runTetheringCall(test, false /* isTetheringAllowed */, TETHER_PRIVILEGED);
+ }
+
+ private void runTetheringCall(final TestTetheringCall test, boolean isTetheringAllowed,
+ String... permissions) throws Exception {
// Allow the test to run even if ACCESS_NETWORK_STATE was granted at the APK level
if (!CollectionUtils.contains(permissions, ACCESS_NETWORK_STATE)) {
mMockConnector.setPermission(ACCESS_NETWORK_STATE, PERMISSION_DENIED);
@@ -164,6 +169,7 @@
if (permissions.length > 0) mUiAutomation.adoptShellPermissionIdentity(permissions);
try {
when(mTethering.isTetheringSupported()).thenReturn(true);
+ when(mTethering.isTetheringAllowed()).thenReturn(isTetheringAllowed);
test.runTetheringCall(new TestTetheringResult());
} finally {
mUiAutomation.dropShellPermissionIdentity();
@@ -180,6 +186,7 @@
private void runTether(final TestTetheringResult result) throws Exception {
mTetheringConnector.tether(TEST_IFACE_NAME, TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG, result);
verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
verify(mTethering).tether(TEST_IFACE_NAME, IpServer.STATE_TETHERED, result);
}
@@ -203,12 +210,22 @@
verify(mTethering).isTetherProvisioningRequired();
verifyNoMoreInteractionsForTethering();
});
+
+ runAsTetheringDisallowed((result) -> {
+ mTetheringConnector.tether(TEST_IFACE_NAME, TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG,
+ result);
+ verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
+ result.assertResult(TETHER_ERROR_UNSUPPORTED);
+ verifyNoMoreInteractionsForTethering();
+ });
}
private void runUnTether(final TestTetheringResult result) throws Exception {
mTetheringConnector.untether(TEST_IFACE_NAME, TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG,
result);
verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
verify(mTethering).untether(eq(TEST_IFACE_NAME), eq(result));
}
@@ -232,6 +249,15 @@
verify(mTethering).isTetherProvisioningRequired();
verifyNoMoreInteractionsForTethering();
});
+
+ runAsTetheringDisallowed((result) -> {
+ mTetheringConnector.untether(TEST_IFACE_NAME, TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG,
+ result);
+ verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
+ result.assertResult(TETHER_ERROR_UNSUPPORTED);
+ verifyNoMoreInteractionsForTethering();
+ });
}
private void runSetUsbTethering(final TestTetheringResult result) throws Exception {
@@ -243,6 +269,7 @@
mTetheringConnector.setUsbTethering(true /* enable */, TEST_CALLER_PKG,
TEST_ATTRIBUTION_TAG, result);
verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
verify(mTethering).setUsbTethering(eq(true) /* enable */, any(IIntResultListener.class));
result.assertResult(TETHER_ERROR_NO_ERROR);
}
@@ -268,6 +295,14 @@
verifyNoMoreInteractionsForTethering();
});
+ runAsTetheringDisallowed((result) -> {
+ mTetheringConnector.setUsbTethering(true /* enable */, TEST_CALLER_PKG,
+ TEST_ATTRIBUTION_TAG, result);
+ verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
+ result.assertResult(TETHER_ERROR_UNSUPPORTED);
+ verifyNoMoreInteractionsForTethering();
+ });
}
private void runStartTethering(final TestTetheringResult result,
@@ -275,7 +310,8 @@
mTetheringConnector.startTethering(request, TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG,
result);
verify(mTethering).isTetheringSupported();
- verify(mTethering).startTethering(eq(request), eq(result));
+ verify(mTethering).isTetheringAllowed();
+ verify(mTethering).startTethering(eq(request), eq(TEST_CALLER_PKG), eq(result));
}
@Test
@@ -301,6 +337,15 @@
verify(mTethering).isTetherProvisioningRequired();
verifyNoMoreInteractionsForTethering();
});
+
+ runAsTetheringDisallowed((result) -> {
+ mTetheringConnector.startTethering(request, TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG,
+ result);
+ verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
+ result.assertResult(TETHER_ERROR_UNSUPPORTED);
+ verifyNoMoreInteractionsForTethering();
+ });
}
private void runStartTetheringAndVerifyNoPermission(final TestTetheringResult result)
@@ -337,6 +382,7 @@
mTetheringConnector.stopTethering(TETHERING_WIFI, TEST_CALLER_PKG,
TEST_ATTRIBUTION_TAG, result);
verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
verify(mTethering).stopTethering(TETHERING_WIFI);
result.assertResult(TETHER_ERROR_NO_ERROR);
}
@@ -361,6 +407,15 @@
verify(mTethering).isTetherProvisioningRequired();
verifyNoMoreInteractionsForTethering();
});
+
+ runAsTetheringDisallowed((result) -> {
+ mTetheringConnector.stopTethering(TETHERING_WIFI, TEST_CALLER_PKG,
+ TEST_ATTRIBUTION_TAG, result);
+ verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
+ result.assertResult(TETHER_ERROR_UNSUPPORTED);
+ verifyNoMoreInteractionsForTethering();
+ });
}
private void runRequestLatestTetheringEntitlementResult() throws Exception {
@@ -368,6 +423,7 @@
mTetheringConnector.requestLatestTetheringEntitlementResult(TETHERING_WIFI, result,
true /* showEntitlementUi */, TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG);
verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
verify(mTethering).requestLatestTetheringEntitlementResult(eq(TETHERING_WIFI),
eq(result), eq(true) /* showEntitlementUi */);
}
@@ -392,6 +448,16 @@
verify(mTethering).isTetherProvisioningRequired();
verifyNoMoreInteractionsForTethering();
});
+
+ runAsTetheringDisallowed((none) -> {
+ final MyResultReceiver receiver = new MyResultReceiver(null);
+ mTetheringConnector.requestLatestTetheringEntitlementResult(TETHERING_WIFI, receiver,
+ true /* showEntitlementUi */, TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG);
+ verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
+ receiver.assertResult(TETHER_ERROR_UNSUPPORTED);
+ verifyNoMoreInteractionsForTethering();
+ });
}
private void runRegisterTetheringEventCallback() throws Exception {
@@ -419,6 +485,12 @@
runRegisterTetheringEventCallback();
verifyNoMoreInteractionsForTethering();
});
+
+ // should still be able to register callback even tethering is restricted.
+ runAsTetheringDisallowed((result) -> {
+ runRegisterTetheringEventCallback();
+ verifyNoMoreInteractionsForTethering();
+ });
}
private void runUnregisterTetheringEventCallback() throws Exception {
@@ -446,11 +518,19 @@
runUnregisterTetheringEventCallback();
verifyNoMoreInteractionsForTethering();
});
+
+ // should still be able to unregister callback even tethering is restricted.
+ runAsTetheringDisallowed((result) -> {
+ runUnregisterTetheringEventCallback();
+ verifyNoMoreInteractionsForTethering();
+ });
+
}
private void runStopAllTethering(final TestTetheringResult result) throws Exception {
mTetheringConnector.stopAllTethering(TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG, result);
verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
verify(mTethering).untetherAll();
result.assertResult(TETHER_ERROR_NO_ERROR);
}
@@ -474,11 +554,20 @@
verify(mTethering).isTetherProvisioningRequired();
verifyNoMoreInteractionsForTethering();
});
+
+ runAsTetheringDisallowed((result) -> {
+ mTetheringConnector.stopAllTethering(TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG, result);
+ verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
+ result.assertResult(TETHER_ERROR_UNSUPPORTED);
+ verifyNoMoreInteractionsForTethering();
+ });
}
private void runIsTetheringSupported(final TestTetheringResult result) throws Exception {
mTetheringConnector.isTetheringSupported(TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG, result);
verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
result.assertResult(TETHER_ERROR_NO_ERROR);
}
@@ -502,6 +591,15 @@
verify(mTethering).isTetherProvisioningRequired();
verifyNoMoreInteractionsForTethering();
});
+
+ runAsTetheringDisallowed((result) -> {
+ mTetheringConnector.isTetheringSupported(TEST_CALLER_PKG, TEST_ATTRIBUTION_TAG,
+ result);
+ verify(mTethering).isTetheringSupported();
+ verify(mTethering).isTetheringAllowed();
+ result.assertResult(TETHER_ERROR_UNSUPPORTED);
+ verifyNoMoreInteractionsForTethering();
+ });
}
private class ConnectorSupplier<T> implements Supplier<T> {
@@ -566,17 +664,17 @@
assertEquals("Internal callback is not registered", 1, callbacks.size());
assertNotNull(weakTm.get());
+ // Calling System.gc() or System.runFinalization() doesn't guarantee GCs or finalizers
+ // are executed synchronously. The finalizer is called after GC on a separate thread.
final int attempts = 100;
final long waitIntervalMs = 50;
for (int i = 0; i < attempts; i++) {
forceGc();
- if (weakTm.get() == null) break;
+ if (weakTm.get() == null && callbacks.size() == 0) break;
Thread.sleep(waitIntervalMs);
}
- assertNull("TetheringManager weak reference still not null after " + attempts
- + " attempts", weakTm.get());
-
+ assertNull("TetheringManager weak reference is not null", weakTm.get());
assertEquals("Internal callback is not unregistered", 0, callbacks.size());
});
}
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringTest.java
index 6ef0e24..a468d82 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringTest.java
@@ -45,6 +45,7 @@
import static android.net.TetheringManager.TETHERING_WIFI;
import static android.net.TetheringManager.TETHERING_WIFI_P2P;
import static android.net.TetheringManager.TETHER_ERROR_IFACE_CFG_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_INTERNAL_ERROR;
import static android.net.TetheringManager.TETHER_ERROR_NO_ERROR;
import static android.net.TetheringManager.TETHER_ERROR_SERVICE_UNAVAIL;
import static android.net.TetheringManager.TETHER_ERROR_UNKNOWN_IFACE;
@@ -151,11 +152,9 @@
import android.net.dhcp.IDhcpEventCallbacks;
import android.net.dhcp.IDhcpServer;
import android.net.ip.DadProxy;
-import android.net.ip.IpNeighborMonitor;
import android.net.ip.IpServer;
import android.net.ip.RouterAdvertisementDaemon;
import android.net.util.NetworkConstants;
-import android.net.util.SharedLog;
import android.net.wifi.SoftApConfiguration;
import android.net.wifi.WifiClient;
import android.net.wifi.WifiManager;
@@ -188,16 +187,22 @@
import com.android.internal.util.test.FakeSettingsProvider;
import com.android.net.module.util.CollectionUtils;
import com.android.net.module.util.InterfaceParams;
+import com.android.net.module.util.SharedLog;
+import com.android.net.module.util.ip.IpNeighborMonitor;
import com.android.networkstack.apishim.common.BluetoothPanShim;
import com.android.networkstack.apishim.common.BluetoothPanShim.TetheredInterfaceCallbackShim;
import com.android.networkstack.apishim.common.BluetoothPanShim.TetheredInterfaceRequestShim;
import com.android.networkstack.apishim.common.UnsupportedApiLevelException;
import com.android.networkstack.tethering.TestConnectivityManager.TestNetworkAgent;
+import com.android.networkstack.tethering.metrics.TetheringMetrics;
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
import com.android.testutils.MiscAsserts;
import org.junit.After;
import org.junit.Before;
import org.junit.BeforeClass;
+import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.ArgumentCaptor;
@@ -220,6 +225,8 @@
@RunWith(AndroidJUnit4.class)
@SmallTest
public class TetheringTest {
+ @Rule public final DevSdkIgnoreRule mIgnoreRule = new DevSdkIgnoreRule();
+
private static final int IFINDEX_OFFSET = 100;
private static final String TEST_MOBILE_IFNAME = "test_rmnet_data0";
@@ -240,6 +247,7 @@
private static final String TEST_WIFI_REGEX = "test_wlan\\d";
private static final String TEST_P2P_REGEX = "test_p2p-p2p\\d-.*";
private static final String TEST_BT_REGEX = "test_pan\\d";
+ private static final String TEST_CALLER_PKG = "com.test.tethering";
private static final int CELLULAR_NETID = 100;
private static final int WIFI_NETID = 101;
@@ -274,6 +282,7 @@
@Mock private BluetoothPan mBluetoothPan;
@Mock private BluetoothPanShim mBluetoothPanShim;
@Mock private TetheredInterfaceRequestShim mTetheredInterfaceRequestShim;
+ @Mock private TetheringMetrics mTetheringMetrics;
private final MockIpServerDependencies mIpServerDependencies =
spy(new MockIpServerDependencies());
@@ -297,6 +306,7 @@
private OffloadController mOffloadCtrl;
private PrivateAddressCoordinator mPrivateAddressCoordinator;
private SoftApCallback mSoftApCallback;
+ private SoftApCallback mLocalOnlyHotspotCallback;
private UpstreamNetworkMonitor mUpstreamNetworkMonitor;
private TetheredInterfaceCallbackShim mTetheredInterfaceCallbackShim;
@@ -389,6 +399,7 @@
MacAddress.ALL_ZEROS_ADDRESS);
}
+ @SuppressWarnings("DoNotCall") // Ignore warning for synchronous to call to Thread.run()
@Override
public void makeDhcpServer(String ifName, DhcpServingParamsParcel params,
DhcpServerCallbacks cb) {
@@ -498,6 +509,11 @@
}
@Override
+ public TetheringMetrics getTetheringMetrics() {
+ return mTetheringMetrics;
+ }
+
+ @Override
public PrivateAddressCoordinator getPrivateAddressCoordinator(Context ctx,
TetheringConfiguration cfg) {
mPrivateAddressCoordinator = super.getPrivateAddressCoordinator(ctx, cfg);
@@ -662,6 +678,14 @@
verify(mWifiManager).registerSoftApCallback(any(), softApCallbackCaptor.capture());
mSoftApCallback = softApCallbackCaptor.getValue();
+ if (isAtLeastT()) {
+ final ArgumentCaptor<SoftApCallback> localOnlyCallbackCaptor =
+ ArgumentCaptor.forClass(SoftApCallback.class);
+ verify(mWifiManager).registerLocalOnlyHotspotSoftApCallback(any(),
+ localOnlyCallbackCaptor.capture());
+ mLocalOnlyHotspotCallback = localOnlyCallbackCaptor.getValue();
+ }
+
when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_WIFI)).thenReturn(true);
when(mPackageManager.hasSystemFeature(PackageManager.FEATURE_WIFI_DIRECT)).thenReturn(true);
}
@@ -814,9 +838,9 @@
}
private void verifyInterfaceServingModeStarted(String ifname) throws Exception {
- verify(mNetd, times(1)).interfaceSetCfg(any(InterfaceConfigurationParcel.class));
- verify(mNetd, times(1)).tetherInterfaceAdd(ifname);
- verify(mNetd, times(1)).networkAddInterface(INetd.LOCAL_NET_ID, ifname);
+ verify(mNetd).interfaceSetCfg(any(InterfaceConfigurationParcel.class));
+ verify(mNetd).tetherInterfaceAdd(ifname);
+ verify(mNetd).networkAddInterface(INetd.LOCAL_NET_ID, ifname);
verify(mNetd, times(2)).networkAddRoute(eq(INetd.LOCAL_NET_ID), eq(ifname),
anyString(), anyString());
}
@@ -856,7 +880,8 @@
private void prepareNcmTethering() {
// Emulate startTethering(TETHERING_NCM) called
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_NCM), null);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_NCM), TEST_CALLER_PKG,
+ null);
mLooper.dispatchAll();
verify(mUsbManager, times(1)).setCurrentFunctions(UsbManager.FUNCTION_NCM);
}
@@ -864,7 +889,7 @@
private void prepareUsbTethering() {
// Emulate pressing the USB tethering button in Settings UI.
final TetheringRequestParcel request = createTetheringRequestParcel(TETHERING_USB);
- mTethering.startTethering(request, null);
+ mTethering.startTethering(request, TEST_CALLER_PKG, null);
mLooper.dispatchAll();
assertEquals(1, mTethering.getActiveTetheringRequests().size());
@@ -910,6 +935,52 @@
failingLocalOnlyHotspotLegacyApBroadcast(false);
}
+ private void verifyStopHotpot() throws Exception {
+ verify(mNetd).tetherApplyDnsInterfaces();
+ verify(mNetd).tetherInterfaceRemove(TEST_WLAN_IFNAME);
+ verify(mNetd).networkRemoveInterface(INetd.LOCAL_NET_ID, TEST_WLAN_IFNAME);
+ // interfaceSetCfg() called once for enabling and twice disabling IPv4.
+ verify(mNetd, times(3)).interfaceSetCfg(any(InterfaceConfigurationParcel.class));
+ verify(mNetd).tetherStop();
+ verify(mNetd).ipfwdDisableForwarding(TETHERING_NAME);
+ verify(mWifiManager, times(3)).updateInterfaceIpState(
+ TEST_WLAN_IFNAME, WifiManager.IFACE_IP_MODE_UNSPECIFIED);
+ verifyNoMoreInteractions(mNetd);
+ verifyNoMoreInteractions(mWifiManager);
+ // Asking for the last error after the per-interface state machine
+ // has been reaped yields an unknown interface error.
+ assertEquals(TETHER_ERROR_UNKNOWN_IFACE, mTethering.getLastErrorForTest(TEST_WLAN_IFNAME));
+ }
+
+ private void verifyStartHotspot() throws Exception {
+ verifyStartHotspot(false /* isLocalOnly */);
+ }
+
+ private void verifyStartHotspot(boolean isLocalOnly) throws Exception {
+ verifyInterfaceServingModeStarted(TEST_WLAN_IFNAME);
+ verifyTetheringBroadcast(TEST_WLAN_IFNAME, EXTRA_AVAILABLE_TETHER);
+ verify(mWifiManager).updateInterfaceIpState(
+ TEST_WLAN_IFNAME, WifiManager.IFACE_IP_MODE_UNSPECIFIED);
+
+ verify(mNetd).ipfwdEnableForwarding(TETHERING_NAME);
+ verify(mNetd).tetherStartWithConfiguration(any());
+ verifyNoMoreInteractions(mNetd);
+
+ final int expectedState = isLocalOnly ? IFACE_IP_MODE_LOCAL_ONLY : IFACE_IP_MODE_TETHERED;
+ verify(mWifiManager).updateInterfaceIpState(TEST_WLAN_IFNAME, expectedState);
+ verifyNoMoreInteractions(mWifiManager);
+
+ verify(mUpstreamNetworkMonitor).startObserveAllNetworks();
+ if (isLocalOnly) {
+ // There are 2 IpServer state change events: STATE_AVAILABLE -> STATE_LOCAL_ONLY.
+ verify(mNotificationUpdater, times(2)).onDownstreamChanged(DOWNSTREAM_NONE);
+ } else {
+ // There are 2 IpServer state change events: STATE_AVAILABLE -> STATE_TETHERED.
+ verify(mNotificationUpdater).onDownstreamChanged(DOWNSTREAM_NONE);
+ verify(mNotificationUpdater).onDownstreamChanged(eq(1 << TETHERING_WIFI));
+ }
+ }
+
public void workingLocalOnlyHotspotEnrichedApBroadcast(
boolean emulateInterfaceStatusChanged) throws Exception {
// Emulate externally-visible WifiManager effects, causing the
@@ -920,20 +991,8 @@
}
sendWifiApStateChanged(WIFI_AP_STATE_ENABLED, TEST_WLAN_IFNAME, IFACE_IP_MODE_LOCAL_ONLY);
- verifyInterfaceServingModeStarted(TEST_WLAN_IFNAME);
- verifyTetheringBroadcast(TEST_WLAN_IFNAME, EXTRA_AVAILABLE_TETHER);
- verify(mNetd, times(1)).ipfwdEnableForwarding(TETHERING_NAME);
- verify(mNetd, times(1)).tetherStartWithConfiguration(any());
- verifyNoMoreInteractions(mNetd);
- verify(mWifiManager).updateInterfaceIpState(
- TEST_WLAN_IFNAME, WifiManager.IFACE_IP_MODE_UNSPECIFIED);
- verify(mWifiManager).updateInterfaceIpState(
- TEST_WLAN_IFNAME, WifiManager.IFACE_IP_MODE_LOCAL_ONLY);
- verifyNoMoreInteractions(mWifiManager);
+ verifyStartHotspot(true /* isLocalOnly */);
verifyTetheringBroadcast(TEST_WLAN_IFNAME, EXTRA_ACTIVE_LOCAL_ONLY);
- verify(mUpstreamNetworkMonitor, times(1)).startObserveAllNetworks();
- // There are 2 IpServer state change events: STATE_AVAILABLE -> STATE_LOCAL_ONLY
- verify(mNotificationUpdater, times(2)).onDownstreamChanged(DOWNSTREAM_NONE);
// Emulate externally-visible WifiManager effects, when hotspot mode
// is being torn down.
@@ -941,20 +1000,7 @@
mTethering.interfaceRemoved(TEST_WLAN_IFNAME);
mLooper.dispatchAll();
- verify(mNetd, times(1)).tetherApplyDnsInterfaces();
- verify(mNetd, times(1)).tetherInterfaceRemove(TEST_WLAN_IFNAME);
- verify(mNetd, times(1)).networkRemoveInterface(INetd.LOCAL_NET_ID, TEST_WLAN_IFNAME);
- // interfaceSetCfg() called once for enabling and twice disabling IPv4.
- verify(mNetd, times(3)).interfaceSetCfg(any(InterfaceConfigurationParcel.class));
- verify(mNetd, times(1)).tetherStop();
- verify(mNetd, times(1)).ipfwdDisableForwarding(TETHERING_NAME);
- verify(mWifiManager, times(3)).updateInterfaceIpState(
- TEST_WLAN_IFNAME, WifiManager.IFACE_IP_MODE_UNSPECIFIED);
- verifyNoMoreInteractions(mNetd);
- verifyNoMoreInteractions(mWifiManager);
- // Asking for the last error after the per-interface state machine
- // has been reaped yields an unknown interface error.
- assertEquals(TETHER_ERROR_UNKNOWN_IFACE, mTethering.getLastErrorForTest(TEST_WLAN_IFNAME));
+ verifyStopHotpot();
}
/**
@@ -1434,7 +1480,8 @@
when(mWifiManager.startTetheredHotspot(any(SoftApConfiguration.class))).thenReturn(true);
// Emulate pressing the WiFi tethering button.
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_WIFI), null);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_WIFI), TEST_CALLER_PKG,
+ null);
mLooper.dispatchAll();
verify(mWifiManager, times(1)).startTetheredHotspot(null);
verifyNoMoreInteractions(mWifiManager);
@@ -1461,7 +1508,8 @@
when(mWifiManager.startTetheredHotspot(any(SoftApConfiguration.class))).thenReturn(true);
// Emulate pressing the WiFi tethering button.
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_WIFI), null);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_WIFI), TEST_CALLER_PKG,
+ null);
mLooper.dispatchAll();
verify(mWifiManager, times(1)).startTetheredHotspot(null);
verifyNoMoreInteractions(mWifiManager);
@@ -1473,26 +1521,11 @@
mTethering.interfaceStatusChanged(TEST_WLAN_IFNAME, true);
sendWifiApStateChanged(WIFI_AP_STATE_ENABLED, TEST_WLAN_IFNAME, IFACE_IP_MODE_TETHERED);
- verifyInterfaceServingModeStarted(TEST_WLAN_IFNAME);
- verifyTetheringBroadcast(TEST_WLAN_IFNAME, EXTRA_AVAILABLE_TETHER);
- verify(mNetd, times(1)).ipfwdEnableForwarding(TETHERING_NAME);
- verify(mNetd, times(1)).tetherStartWithConfiguration(any());
- verify(mNetd, times(2)).networkAddRoute(eq(INetd.LOCAL_NET_ID), eq(TEST_WLAN_IFNAME),
- anyString(), anyString());
- verifyNoMoreInteractions(mNetd);
- verify(mWifiManager).updateInterfaceIpState(
- TEST_WLAN_IFNAME, WifiManager.IFACE_IP_MODE_UNSPECIFIED);
- verify(mWifiManager).updateInterfaceIpState(
- TEST_WLAN_IFNAME, WifiManager.IFACE_IP_MODE_TETHERED);
- verifyNoMoreInteractions(mWifiManager);
+ verifyStartHotspot();
verifyTetheringBroadcast(TEST_WLAN_IFNAME, EXTRA_ACTIVE_TETHER);
- verify(mUpstreamNetworkMonitor, times(1)).startObserveAllNetworks();
// In tethering mode, in the default configuration, an explicit request
// for a mobile network is also made.
verify(mUpstreamNetworkMonitor, times(1)).setTryCell(true);
- // There are 2 IpServer state change events: STATE_AVAILABLE -> STATE_TETHERED
- verify(mNotificationUpdater, times(1)).onDownstreamChanged(DOWNSTREAM_NONE);
- verify(mNotificationUpdater, times(1)).onDownstreamChanged(eq(1 << TETHERING_WIFI));
/////
// We do not currently emulate any upstream being found.
@@ -1514,20 +1547,7 @@
mTethering.interfaceRemoved(TEST_WLAN_IFNAME);
mLooper.dispatchAll();
- verify(mNetd, times(1)).tetherApplyDnsInterfaces();
- verify(mNetd, times(1)).tetherInterfaceRemove(TEST_WLAN_IFNAME);
- verify(mNetd, times(1)).networkRemoveInterface(INetd.LOCAL_NET_ID, TEST_WLAN_IFNAME);
- // interfaceSetCfg() called once for enabling and twice for disabling IPv4.
- verify(mNetd, times(3)).interfaceSetCfg(any(InterfaceConfigurationParcel.class));
- verify(mNetd, times(1)).tetherStop();
- verify(mNetd, times(1)).ipfwdDisableForwarding(TETHERING_NAME);
- verify(mWifiManager, times(3)).updateInterfaceIpState(
- TEST_WLAN_IFNAME, WifiManager.IFACE_IP_MODE_UNSPECIFIED);
- verifyNoMoreInteractions(mNetd);
- verifyNoMoreInteractions(mWifiManager);
- // Asking for the last error after the per-interface state machine
- // has been reaped yields an unknown interface error.
- assertEquals(TETHER_ERROR_UNKNOWN_IFACE, mTethering.getLastErrorForTest(TEST_WLAN_IFNAME));
+ verifyStopHotpot();
}
// TODO: Test with and without interfaceStatusChanged().
@@ -1537,11 +1557,13 @@
doThrow(new RemoteException()).when(mNetd).ipfwdEnableForwarding(TETHERING_NAME);
// Emulate pressing the WiFi tethering button.
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_WIFI), null);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_WIFI), TEST_CALLER_PKG,
+ null);
mLooper.dispatchAll();
verify(mWifiManager, times(1)).startTetheredHotspot(null);
verifyNoMoreInteractions(mWifiManager);
verifyNoMoreInteractions(mNetd);
+ verify(mTetheringMetrics).createBuilder(eq(TETHERING_WIFI), anyString());
// Emulate externally-visible WifiManager effects, causing the
// per-interface state machine to start up, and telling us that
@@ -1580,6 +1602,10 @@
verify(mWifiManager).updateInterfaceIpState(
TEST_WLAN_IFNAME, WifiManager.IFACE_IP_MODE_CONFIGURATION_ERROR);
+ verify(mTetheringMetrics, times(2)).updateErrorCode(eq(TETHERING_WIFI),
+ eq(TETHER_ERROR_INTERNAL_ERROR));
+ verify(mTetheringMetrics, times(2)).sendReport(eq(TETHERING_WIFI));
+
verifyNoMoreInteractions(mWifiManager);
verifyNoMoreInteractions(mNetd);
}
@@ -1882,7 +1908,8 @@
tetherState = callback.pollTetherStatesChanged();
assertArrayEquals(tetherState.availableList, new TetheringInterface[] {wifiIface});
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_WIFI), null);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_WIFI), TEST_CALLER_PKG,
+ null);
sendWifiApStateChanged(WIFI_AP_STATE_ENABLED, TEST_WLAN_IFNAME, IFACE_IP_MODE_TETHERED);
tetherState = callback.pollTetherStatesChanged();
assertArrayEquals(tetherState.tetheredList, new TetheringInterface[] {wifiIface});
@@ -1985,10 +2012,12 @@
public void testNoDuplicatedEthernetRequest() throws Exception {
final TetheredInterfaceRequest mockRequest = mock(TetheredInterfaceRequest.class);
when(mEm.requestTetheredInterface(any(), any())).thenReturn(mockRequest);
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_ETHERNET), null);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_ETHERNET), TEST_CALLER_PKG,
+ null);
mLooper.dispatchAll();
verify(mEm, times(1)).requestTetheredInterface(any(), any());
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_ETHERNET), null);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_ETHERNET), TEST_CALLER_PKG,
+ null);
mLooper.dispatchAll();
verifyNoMoreInteractions(mEm);
mTethering.stopTethering(TETHERING_ETHERNET);
@@ -2192,14 +2221,16 @@
final ResultListener thirdResult = new ResultListener(TETHER_ERROR_NO_ERROR);
// Enable USB tethering and check that Tethering starts USB.
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_USB), firstResult);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_USB), TEST_CALLER_PKG,
+ firstResult);
mLooper.dispatchAll();
firstResult.assertHasResult();
verify(mUsbManager, times(1)).setCurrentFunctions(UsbManager.FUNCTION_RNDIS);
verifyNoMoreInteractions(mUsbManager);
// Enable USB tethering again with the same request and expect no change to USB.
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_USB), secondResult);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_USB), TEST_CALLER_PKG,
+ secondResult);
mLooper.dispatchAll();
secondResult.assertHasResult();
verify(mUsbManager, never()).setCurrentFunctions(UsbManager.FUNCTION_NONE);
@@ -2208,7 +2239,8 @@
// Enable USB tethering with a different request and expect that USB is stopped and
// started.
mTethering.startTethering(createTetheringRequestParcel(TETHERING_USB,
- serverLinkAddr, clientLinkAddr, false, CONNECTIVITY_SCOPE_GLOBAL), thirdResult);
+ serverLinkAddr, clientLinkAddr, false, CONNECTIVITY_SCOPE_GLOBAL),
+ TEST_CALLER_PKG, thirdResult);
mLooper.dispatchAll();
thirdResult.assertHasResult();
verify(mUsbManager, times(1)).setCurrentFunctions(UsbManager.FUNCTION_NONE);
@@ -2237,7 +2269,8 @@
final ArgumentCaptor<DhcpServingParamsParcel> dhcpParamsCaptor =
ArgumentCaptor.forClass(DhcpServingParamsParcel.class);
mTethering.startTethering(createTetheringRequestParcel(TETHERING_USB,
- serverLinkAddr, clientLinkAddr, false, CONNECTIVITY_SCOPE_GLOBAL), null);
+ serverLinkAddr, clientLinkAddr, false, CONNECTIVITY_SCOPE_GLOBAL),
+ TEST_CALLER_PKG, null);
mLooper.dispatchAll();
verify(mUsbManager, times(1)).setCurrentFunctions(UsbManager.FUNCTION_NCM);
mTethering.interfaceStatusChanged(TEST_NCM_IFNAME, true);
@@ -2305,7 +2338,7 @@
final TetheringRequestParcel wifiNotExemptRequest =
createTetheringRequestParcel(TETHERING_WIFI, null, null, false,
CONNECTIVITY_SCOPE_GLOBAL);
- mTethering.startTethering(wifiNotExemptRequest, null);
+ mTethering.startTethering(wifiNotExemptRequest, TEST_CALLER_PKG, null);
mLooper.dispatchAll();
verify(mEntitleMgr).startProvisioningIfNeeded(TETHERING_WIFI, false);
verify(mEntitleMgr, never()).setExemptedDownstreamType(TETHERING_WIFI);
@@ -2319,7 +2352,7 @@
final TetheringRequestParcel wifiExemptRequest =
createTetheringRequestParcel(TETHERING_WIFI, null, null, true,
CONNECTIVITY_SCOPE_GLOBAL);
- mTethering.startTethering(wifiExemptRequest, null);
+ mTethering.startTethering(wifiExemptRequest, TEST_CALLER_PKG, null);
mLooper.dispatchAll();
verify(mEntitleMgr, never()).startProvisioningIfNeeded(TETHERING_WIFI, false);
verify(mEntitleMgr).setExemptedDownstreamType(TETHERING_WIFI);
@@ -2332,14 +2365,14 @@
// If one app enables tethering without provisioning check first, then another app enables
// tethering of the same type but does not disable the provisioning check.
setupForRequiredProvisioning();
- mTethering.startTethering(wifiExemptRequest, null);
+ mTethering.startTethering(wifiExemptRequest, TEST_CALLER_PKG, null);
mLooper.dispatchAll();
verify(mEntitleMgr, never()).startProvisioningIfNeeded(TETHERING_WIFI, false);
verify(mEntitleMgr).setExemptedDownstreamType(TETHERING_WIFI);
assertTrue(mEntitleMgr.isCellularUpstreamPermitted());
reset(mEntitleMgr);
setupForRequiredProvisioning();
- mTethering.startTethering(wifiNotExemptRequest, null);
+ mTethering.startTethering(wifiNotExemptRequest, TEST_CALLER_PKG, null);
mLooper.dispatchAll();
verify(mEntitleMgr).startProvisioningIfNeeded(TETHERING_WIFI, false);
verify(mEntitleMgr, never()).setExemptedDownstreamType(TETHERING_WIFI);
@@ -2429,7 +2462,8 @@
when(mEm.requestTetheredInterface(any(), any())).thenReturn(mockRequest);
final ArgumentCaptor<TetheredInterfaceCallback> callbackCaptor =
ArgumentCaptor.forClass(TetheredInterfaceCallback.class);
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_ETHERNET), null);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_ETHERNET),
+ TEST_CALLER_PKG, null);
mLooper.dispatchAll();
verify(mEm).requestTetheredInterface(any(), callbackCaptor.capture());
TetheredInterfaceCallback ethCallback = callbackCaptor.getValue();
@@ -2511,12 +2545,11 @@
eventCallbacks = dhcpEventCbsCaptor.getValue();
// Update lease for local only tethering.
final MacAddress testMac1 = MacAddress.fromString("11:11:11:11:11:11");
- final ArrayList<DhcpLeaseParcelable> p2pLeases = new ArrayList<>();
- p2pLeases.add(createDhcpLeaseParcelable("clientId1", testMac1, "192.168.50.24", 24,
- Long.MAX_VALUE, "test1"));
- notifyDhcpLeasesChanged(p2pLeases, eventCallbacks);
- final List<TetheredClient> clients = toTetheredClients(p2pLeases, TETHERING_WIFI_P2P);
- callback.expectTetheredClientChanged(clients);
+ final DhcpLeaseParcelable p2pLease = createDhcpLeaseParcelable("clientId1", testMac1,
+ "192.168.50.24", 24, Long.MAX_VALUE, "test1");
+ final List<TetheredClient> p2pClients = notifyDhcpLeasesChanged(TETHERING_WIFI_P2P,
+ eventCallbacks, p2pLease);
+ callback.expectTetheredClientChanged(p2pClients);
reset(mDhcpServer);
// Run wifi tethering.
@@ -2526,25 +2559,20 @@
any(), dhcpEventCbsCaptor.capture());
eventCallbacks = dhcpEventCbsCaptor.getValue();
// Update mac address from softAp callback before getting dhcp lease.
- final ArrayList<WifiClient> wifiClients = new ArrayList<>();
final MacAddress testMac2 = MacAddress.fromString("22:22:22:22:22:22");
- final WifiClient testClient = mock(WifiClient.class);
- when(testClient.getMacAddress()).thenReturn(testMac2);
- wifiClients.add(testClient);
- mSoftApCallback.onConnectedClientsChanged(wifiClients);
- final TetheredClient noAddrClient = new TetheredClient(testMac2,
- Collections.emptyList() /* addresses */, TETHERING_WIFI);
- clients.add(noAddrClient);
- callback.expectTetheredClientChanged(clients);
+ final TetheredClient noAddrClient = notifyConnectedWifiClientsChanged(testMac2,
+ false /* isLocalOnly */);
+ final List<TetheredClient> p2pAndNoAddrClients = new ArrayList<>(p2pClients);
+ p2pAndNoAddrClients.add(noAddrClient);
+ callback.expectTetheredClientChanged(p2pAndNoAddrClients);
// Update dhcp lease for wifi tethering.
- clients.remove(noAddrClient);
- final ArrayList<DhcpLeaseParcelable> wifiLeases = new ArrayList<>();
- wifiLeases.add(createDhcpLeaseParcelable("clientId2", testMac2, "192.168.43.24", 24,
- Long.MAX_VALUE, "test2"));
- notifyDhcpLeasesChanged(wifiLeases, eventCallbacks);
- clients.addAll(toTetheredClients(wifiLeases, TETHERING_WIFI));
- callback.expectTetheredClientChanged(clients);
+ final DhcpLeaseParcelable wifiLease = createDhcpLeaseParcelable("clientId2", testMac2,
+ "192.168.43.24", 24, Long.MAX_VALUE, "test2");
+ final List<TetheredClient> p2pAndWifiClients = new ArrayList<>(p2pClients);
+ p2pAndWifiClients.addAll(notifyDhcpLeasesChanged(TETHERING_WIFI,
+ eventCallbacks, wifiLease));
+ callback.expectTetheredClientChanged(p2pAndWifiClients);
// Test onStarted callback that register second callback when tethering is running.
TestTetheringEventCallback callback2 = new TestTetheringEventCallback();
@@ -2552,18 +2580,74 @@
mTethering.registerTetheringEventCallback(callback2);
mLooper.dispatchAll();
});
- callback2.expectTetheredClientChanged(clients);
+ callback2.expectTetheredClientChanged(p2pAndWifiClients);
}
- private void notifyDhcpLeasesChanged(List<DhcpLeaseParcelable> leaseParcelables,
- IDhcpEventCallbacks callback) throws Exception {
- callback.onLeasesChanged(leaseParcelables);
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testUpdateConnectedClientsForLocalOnlyHotspot() throws Exception {
+ TestTetheringEventCallback callback = new TestTetheringEventCallback();
+ runAsShell(NETWORK_SETTINGS, () -> {
+ mTethering.registerTetheringEventCallback(callback);
+ mLooper.dispatchAll();
+ });
+ callback.expectTetheredClientChanged(Collections.emptyList());
+
+ // Run local only hotspot.
+ mTethering.interfaceStatusChanged(TEST_WLAN_IFNAME, true);
+ sendWifiApStateChanged(WIFI_AP_STATE_ENABLED, TEST_WLAN_IFNAME, IFACE_IP_MODE_LOCAL_ONLY);
+
+ final ArgumentCaptor<IDhcpEventCallbacks> dhcpEventCbsCaptor =
+ ArgumentCaptor.forClass(IDhcpEventCallbacks.class);
+ verify(mDhcpServer, timeout(DHCPSERVER_START_TIMEOUT_MS)).startWithCallbacks(
+ any(), dhcpEventCbsCaptor.capture());
+ final IDhcpEventCallbacks eventCallbacks = dhcpEventCbsCaptor.getValue();
+ // Update mac address from softAp callback before getting dhcp lease.
+ final MacAddress testMac = MacAddress.fromString("22:22:22:22:22:22");
+ final TetheredClient noAddrClient = notifyConnectedWifiClientsChanged(testMac,
+ true /* isLocalOnly */);
+ final List<TetheredClient> noAddrLocalOnlyClients = new ArrayList<>();
+ noAddrLocalOnlyClients.add(noAddrClient);
+ callback.expectTetheredClientChanged(noAddrLocalOnlyClients);
+
+ // Update dhcp lease for local only hotspot.
+ final DhcpLeaseParcelable wifiLease = createDhcpLeaseParcelable("clientId", testMac,
+ "192.168.43.24", 24, Long.MAX_VALUE, "test");
+ final List<TetheredClient> localOnlyClients = notifyDhcpLeasesChanged(TETHERING_WIFI,
+ eventCallbacks, wifiLease);
+ callback.expectTetheredClientChanged(localOnlyClients);
+
+ // Client disconnect from local only hotspot.
+ mLocalOnlyHotspotCallback.onConnectedClientsChanged(Collections.emptyList());
+ callback.expectTetheredClientChanged(Collections.emptyList());
+ }
+
+ private TetheredClient notifyConnectedWifiClientsChanged(final MacAddress mac,
+ boolean isLocalOnly) throws Exception {
+ final ArrayList<WifiClient> wifiClients = new ArrayList<>();
+ final WifiClient testClient = mock(WifiClient.class);
+ when(testClient.getMacAddress()).thenReturn(mac);
+ wifiClients.add(testClient);
+ if (isLocalOnly) {
+ mLocalOnlyHotspotCallback.onConnectedClientsChanged(wifiClients);
+ } else {
+ mSoftApCallback.onConnectedClientsChanged(wifiClients);
+ }
+ return new TetheredClient(mac, Collections.emptyList() /* addresses */, TETHERING_WIFI);
+ }
+
+ private List<TetheredClient> notifyDhcpLeasesChanged(int type, IDhcpEventCallbacks callback,
+ DhcpLeaseParcelable... leases) throws Exception {
+ final List<DhcpLeaseParcelable> dhcpLeases = Arrays.asList(leases);
+ callback.onLeasesChanged(dhcpLeases);
mLooper.dispatchAll();
+
+ return toTetheredClients(dhcpLeases, type);
}
private List<TetheredClient> toTetheredClients(List<DhcpLeaseParcelable> leaseParcelables,
int type) throws Exception {
- final ArrayList<TetheredClient> leases = new ArrayList<>();
+ final ArrayList<TetheredClient> clients = new ArrayList<>();
for (DhcpLeaseParcelable lease : leaseParcelables) {
final LinkAddress address = new LinkAddress(
intToInet4AddressHTH(lease.netAddr), lease.prefixLength,
@@ -2573,13 +2657,13 @@
final MacAddress macAddress = MacAddress.fromBytes(lease.hwAddr);
final AddressInfo addressInfo = new TetheredClient.AddressInfo(address, lease.hostname);
- leases.add(new TetheredClient(
+ clients.add(new TetheredClient(
macAddress,
Collections.singletonList(addressInfo),
type));
}
- return leases;
+ return clients;
}
private DhcpLeaseParcelable createDhcpLeaseParcelable(final String clientId,
@@ -2604,7 +2688,8 @@
final ResultListener result = new ResultListener(TETHER_ERROR_NO_ERROR);
mockBluetoothSettings(true /* bluetoothOn */, true /* tetheringOn */);
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_BLUETOOTH), result);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_BLUETOOTH),
+ TEST_CALLER_PKG, result);
mLooper.dispatchAll();
verifySetBluetoothTethering(true /* enable */, true /* bindToPanService */);
result.assertHasResult();
@@ -2639,7 +2724,8 @@
final ResultListener result = new ResultListener(TETHER_ERROR_NO_ERROR);
mockBluetoothSettings(true /* bluetoothOn */, true /* tetheringOn */);
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_BLUETOOTH), result);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_BLUETOOTH),
+ TEST_CALLER_PKG, result);
mLooper.dispatchAll();
verifySetBluetoothTethering(true /* enable */, true /* bindToPanService */);
result.assertHasResult();
@@ -2660,7 +2746,8 @@
// already bound.
mockBluetoothSettings(true /* bluetoothOn */, true /* tetheringOn */);
final ResultListener secondResult = new ResultListener(TETHER_ERROR_NO_ERROR);
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_BLUETOOTH), secondResult);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_BLUETOOTH),
+ TEST_CALLER_PKG, secondResult);
mLooper.dispatchAll();
verifySetBluetoothTethering(true /* enable */, false /* bindToPanService */);
secondResult.assertHasResult();
@@ -2681,7 +2768,8 @@
public void testBluetoothServiceDisconnects() throws Exception {
final ResultListener result = new ResultListener(TETHER_ERROR_NO_ERROR);
mockBluetoothSettings(true /* bluetoothOn */, true /* tetheringOn */);
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_BLUETOOTH), result);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_BLUETOOTH),
+ TEST_CALLER_PKG, result);
mLooper.dispatchAll();
ServiceListener panListener = verifySetBluetoothTethering(true /* enable */,
true /* bindToPanService */);
@@ -2812,9 +2900,13 @@
}
private void forceUsbTetheringUse(final int function) {
- Settings.Global.putInt(mContentResolver, TETHER_FORCE_USB_FUNCTIONS, function);
+ setSetting(TETHER_FORCE_USB_FUNCTIONS, function);
+ }
+
+ private void setSetting(final String key, final int value) {
+ Settings.Global.putInt(mContentResolver, key, value);
final ContentObserver observer = mTethering.getSettingsObserverForTest();
- observer.onChange(false /* selfChange */);
+ observer.onChange(false /* selfChange */, Settings.Global.getUriFor(key));
mLooper.dispatchAll();
}
@@ -2832,18 +2924,26 @@
runNcmTethering();
verify(mDhcpServer, timeout(DHCPSERVER_START_TIMEOUT_MS).times(1)).startWithCallbacks(
any(), any());
+ verify(mTetheringMetrics).createBuilder(eq(TETHERING_NCM), anyString());
// Change the USB tethering function to NCM. Because the USB tethering function was set to
// RNDIS (the default), tethering is stopped.
forceUsbTetheringUse(TETHER_USB_NCM_FUNCTION);
verifyUsbTetheringStopDueToSettingChange(TEST_NCM_IFNAME);
+ verify(mTetheringMetrics).updateErrorCode(anyInt(), eq(TETHER_ERROR_NO_ERROR));
+ verify(mTetheringMetrics).sendReport(eq(TETHERING_NCM));
// If TETHERING_USB is forced to use ncm function, TETHERING_NCM would no longer be
// available.
final ResultListener ncmResult = new ResultListener(TETHER_ERROR_SERVICE_UNAVAIL);
- mTethering.startTethering(createTetheringRequestParcel(TETHERING_NCM), ncmResult);
+ mTethering.startTethering(createTetheringRequestParcel(TETHERING_NCM), TEST_CALLER_PKG,
+ ncmResult);
mLooper.dispatchAll();
ncmResult.assertHasResult();
+ verify(mTetheringMetrics, times(2)).createBuilder(eq(TETHERING_NCM), anyString());
+ verify(mTetheringMetrics).updateErrorCode(eq(TETHERING_NCM),
+ eq(TETHER_ERROR_SERVICE_UNAVAIL));
+ verify(mTetheringMetrics, times(2)).sendReport(eq(TETHERING_NCM));
// Run TETHERING_USB with ncm configuration.
runDualStackUsbTethering(TEST_NCM_IFNAME);
@@ -2862,74 +2962,86 @@
TETHERING_WIFI_P2P, TETHERING_BLUETOOTH, TETHERING_ETHERNET });
}
+ private void setUserRestricted(boolean restricted) {
+ final Bundle restrictions = new Bundle();
+ restrictions.putBoolean(UserManager.DISALLOW_CONFIG_TETHERING, restricted);
+ when(mUserManager.getUserRestrictions()).thenReturn(restrictions);
+ when(mUserManager.hasUserRestriction(
+ UserManager.DISALLOW_CONFIG_TETHERING)).thenReturn(restricted);
+
+ final Intent intent = new Intent(UserManager.ACTION_USER_RESTRICTIONS_CHANGED);
+ mServiceContext.sendBroadcastAsUser(intent, UserHandle.ALL);
+ mLooper.dispatchAll();
+ }
+
@Test
public void testTetheringSupported() throws Exception {
final ArraySet<Integer> expectedTypes = getAllSupportedTetheringTypes();
// Check tethering is supported after initialization.
- setTetheringSupported(true /* supported */);
TestTetheringEventCallback callback = new TestTetheringEventCallback();
mTethering.registerTetheringEventCallback(callback);
mLooper.dispatchAll();
- updateConfigAndVerifySupported(callback, expectedTypes);
+ verifySupported(callback, expectedTypes);
- // Could disable tethering supported by settings.
- Settings.Global.putInt(mContentResolver, Settings.Global.TETHER_SUPPORTED, 0);
- updateConfigAndVerifySupported(callback, new ArraySet<>());
+ // Could change tethering supported by settings.
+ setSetting(Settings.Global.TETHER_SUPPORTED, 0);
+ verifySupported(callback, new ArraySet<>());
+ setSetting(Settings.Global.TETHER_SUPPORTED, 1);
+ verifySupported(callback, expectedTypes);
- // Could disable tethering supported by user restriction.
- setTetheringSupported(true /* supported */);
- updateConfigAndVerifySupported(callback, expectedTypes);
- when(mUserManager.hasUserRestriction(
- UserManager.DISALLOW_CONFIG_TETHERING)).thenReturn(true);
- updateConfigAndVerifySupported(callback, new ArraySet<>());
+ // Could change tethering supported by user restriction.
+ setUserRestricted(true /* restricted */);
+ verifySupported(callback, new ArraySet<>());
+ setUserRestricted(false /* restricted */);
+ verifySupported(callback, expectedTypes);
- // Tethering is supported if it has any supported downstream.
- setTetheringSupported(true /* supported */);
- updateConfigAndVerifySupported(callback, expectedTypes);
// Usb tethering is not supported:
expectedTypes.remove(TETHERING_USB);
when(mResources.getStringArray(R.array.config_tether_usb_regexs))
.thenReturn(new String[0]);
- updateConfigAndVerifySupported(callback, expectedTypes);
+ sendConfigurationChanged();
+ verifySupported(callback, expectedTypes);
// Wifi tethering is not supported:
expectedTypes.remove(TETHERING_WIFI);
when(mResources.getStringArray(R.array.config_tether_wifi_regexs))
.thenReturn(new String[0]);
- updateConfigAndVerifySupported(callback, expectedTypes);
+ sendConfigurationChanged();
+ verifySupported(callback, expectedTypes);
// Bluetooth tethering is not supported:
expectedTypes.remove(TETHERING_BLUETOOTH);
when(mResources.getStringArray(R.array.config_tether_bluetooth_regexs))
.thenReturn(new String[0]);
if (isAtLeastT()) {
- updateConfigAndVerifySupported(callback, expectedTypes);
+ sendConfigurationChanged();
+ verifySupported(callback, expectedTypes);
// P2p tethering is not supported:
expectedTypes.remove(TETHERING_WIFI_P2P);
when(mResources.getStringArray(R.array.config_tether_wifi_p2p_regexs))
.thenReturn(new String[0]);
- updateConfigAndVerifySupported(callback, expectedTypes);
+ sendConfigurationChanged();
+ verifySupported(callback, expectedTypes);
// Ncm tethering is not supported:
expectedTypes.remove(TETHERING_NCM);
when(mResources.getStringArray(R.array.config_tether_ncm_regexs))
.thenReturn(new String[0]);
- updateConfigAndVerifySupported(callback, expectedTypes);
+ sendConfigurationChanged();
+ verifySupported(callback, expectedTypes);
// Ethernet tethering (last supported type) is not supported:
expectedTypes.remove(TETHERING_ETHERNET);
mForceEthernetServiceUnavailable = true;
- updateConfigAndVerifySupported(callback, new ArraySet<>());
-
+ sendConfigurationChanged();
+ verifySupported(callback, new ArraySet<>());
} else {
// If wifi, usb and bluetooth are all not supported, all the types are not supported.
- expectedTypes.clear();
- updateConfigAndVerifySupported(callback, expectedTypes);
+ sendConfigurationChanged();
+ verifySupported(callback, new ArraySet<>());
}
}
- private void updateConfigAndVerifySupported(final TestTetheringEventCallback callback,
+ private void verifySupported(final TestTetheringEventCallback callback,
final ArraySet<Integer> expectedTypes) {
- sendConfigurationChanged();
-
assertEquals(expectedTypes.size() > 0, mTethering.isTetheringSupported());
callback.expectSupportedTetheringTypes(expectedTypes);
}
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/UpstreamNetworkMonitorTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/UpstreamNetworkMonitorTest.java
index 97cebd8..9b9507b 100644
--- a/Tethering/tests/unit/src/com/android/networkstack/tethering/UpstreamNetworkMonitorTest.java
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/UpstreamNetworkMonitorTest.java
@@ -49,7 +49,6 @@
import android.net.LinkProperties;
import android.net.NetworkCapabilities;
import android.net.NetworkRequest;
-import android.net.util.SharedLog;
import android.os.Handler;
import android.os.Looper;
import android.os.Message;
@@ -60,6 +59,7 @@
import com.android.internal.util.State;
import com.android.internal.util.StateMachine;
+import com.android.net.module.util.SharedLog;
import com.android.networkstack.tethering.TestConnectivityManager.NetworkRequestInfo;
import com.android.networkstack.tethering.TestConnectivityManager.TestNetworkAgent;
diff --git a/Tethering/tests/unit/src/com/android/networkstack/tethering/metrics/TetheringMetricsTest.java b/Tethering/tests/unit/src/com/android/networkstack/tethering/metrics/TetheringMetricsTest.java
new file mode 100644
index 0000000..6a85718
--- /dev/null
+++ b/Tethering/tests/unit/src/com/android/networkstack/tethering/metrics/TetheringMetricsTest.java
@@ -0,0 +1,200 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.networkstack.tethering.metrics;
+
+import static android.net.TetheringManager.TETHERING_BLUETOOTH;
+import static android.net.TetheringManager.TETHERING_ETHERNET;
+import static android.net.TetheringManager.TETHERING_NCM;
+import static android.net.TetheringManager.TETHERING_USB;
+import static android.net.TetheringManager.TETHERING_WIFI;
+import static android.net.TetheringManager.TETHERING_WIFI_P2P;
+import static android.net.TetheringManager.TETHER_ERROR_DHCPSERVER_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_DISABLE_FORWARDING_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_ENABLE_FORWARDING_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_ENTITLEMENT_UNKNOWN;
+import static android.net.TetheringManager.TETHER_ERROR_IFACE_CFG_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_INTERNAL_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_NO_ACCESS_TETHERING_PERMISSION;
+import static android.net.TetheringManager.TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION;
+import static android.net.TetheringManager.TETHER_ERROR_NO_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_PROVISIONING_FAILED;
+import static android.net.TetheringManager.TETHER_ERROR_SERVICE_UNAVAIL;
+import static android.net.TetheringManager.TETHER_ERROR_TETHER_IFACE_ERROR;
+import static android.net.TetheringManager.TETHER_ERROR_UNAVAIL_IFACE;
+import static android.net.TetheringManager.TETHER_ERROR_UNKNOWN_IFACE;
+import static android.net.TetheringManager.TETHER_ERROR_UNKNOWN_TYPE;
+import static android.net.TetheringManager.TETHER_ERROR_UNSUPPORTED;
+import static android.net.TetheringManager.TETHER_ERROR_UNTETHER_IFACE_ERROR;
+
+import static org.mockito.Mockito.reset;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.verify;
+
+import android.stats.connectivity.DownstreamType;
+import android.stats.connectivity.ErrorCode;
+import android.stats.connectivity.UpstreamType;
+import android.stats.connectivity.UserType;
+import android.util.Pair;
+
+import androidx.test.filters.SmallTest;
+import androidx.test.runner.AndroidJUnit4;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.MockitoAnnotations;
+
+@RunWith(AndroidJUnit4.class)
+@SmallTest
+public final class TetheringMetricsTest {
+ private static final String TEST_CALLER_PKG = "com.test.caller.pkg";
+ private static final String SETTINGS_PKG = "com.android.settings";
+ private static final String SYSTEMUI_PKG = "com.android.systemui";
+ private static final String GMS_PKG = "com.google.android.gms";
+ private TetheringMetrics mTetheringMetrics;
+
+ private final NetworkTetheringReported.Builder mStatsBuilder =
+ NetworkTetheringReported.newBuilder();
+
+ private class MockTetheringMetrics extends TetheringMetrics {
+ @Override
+ public void write(final NetworkTetheringReported reported) { }
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ MockitoAnnotations.initMocks(this);
+ mTetheringMetrics = spy(new MockTetheringMetrics());
+ }
+
+ private void verifyReport(DownstreamType downstream, ErrorCode error, UserType user)
+ throws Exception {
+ final NetworkTetheringReported expectedReport =
+ mStatsBuilder.setDownstreamType(downstream)
+ .setUserType(user)
+ .setUpstreamType(UpstreamType.UT_UNKNOWN)
+ .setErrorCode(error)
+ .build();
+ verify(mTetheringMetrics).write(expectedReport);
+ }
+
+ private void updateErrorAndSendReport(int downstream, int error) {
+ mTetheringMetrics.updateErrorCode(downstream, error);
+ mTetheringMetrics.sendReport(downstream);
+ }
+
+ private void runDownstreamTypesTest(final Pair<Integer, DownstreamType>... testPairs)
+ throws Exception {
+ for (Pair<Integer, DownstreamType> testPair : testPairs) {
+ final int type = testPair.first;
+ final DownstreamType expectedResult = testPair.second;
+
+ mTetheringMetrics.createBuilder(type, TEST_CALLER_PKG);
+ updateErrorAndSendReport(type, TETHER_ERROR_NO_ERROR);
+ verifyReport(expectedResult, ErrorCode.EC_NO_ERROR, UserType.USER_UNKNOWN);
+ reset(mTetheringMetrics);
+ }
+ }
+
+ @Test
+ public void testDownstreamTypes() throws Exception {
+ runDownstreamTypesTest(new Pair<>(TETHERING_WIFI, DownstreamType.DS_TETHERING_WIFI),
+ new Pair<>(TETHERING_WIFI_P2P, DownstreamType.DS_TETHERING_WIFI_P2P),
+ new Pair<>(TETHERING_BLUETOOTH, DownstreamType.DS_TETHERING_BLUETOOTH),
+ new Pair<>(TETHERING_USB, DownstreamType.DS_TETHERING_USB),
+ new Pair<>(TETHERING_NCM, DownstreamType.DS_TETHERING_NCM),
+ new Pair<>(TETHERING_ETHERNET, DownstreamType.DS_TETHERING_ETHERNET));
+ }
+
+ private void runErrorCodesTest(final Pair<Integer, ErrorCode>... testPairs)
+ throws Exception {
+ for (Pair<Integer, ErrorCode> testPair : testPairs) {
+ final int errorCode = testPair.first;
+ final ErrorCode expectedResult = testPair.second;
+
+ mTetheringMetrics.createBuilder(TETHERING_WIFI, TEST_CALLER_PKG);
+ updateErrorAndSendReport(TETHERING_WIFI, errorCode);
+ verifyReport(DownstreamType.DS_TETHERING_WIFI, expectedResult, UserType.USER_UNKNOWN);
+ reset(mTetheringMetrics);
+ }
+ }
+
+ @Test
+ public void testErrorCodes() throws Exception {
+ runErrorCodesTest(new Pair<>(TETHER_ERROR_NO_ERROR, ErrorCode.EC_NO_ERROR),
+ new Pair<>(TETHER_ERROR_UNKNOWN_IFACE, ErrorCode.EC_UNKNOWN_IFACE),
+ new Pair<>(TETHER_ERROR_SERVICE_UNAVAIL, ErrorCode.EC_SERVICE_UNAVAIL),
+ new Pair<>(TETHER_ERROR_UNSUPPORTED, ErrorCode.EC_UNSUPPORTED),
+ new Pair<>(TETHER_ERROR_UNAVAIL_IFACE, ErrorCode.EC_UNAVAIL_IFACE),
+ new Pair<>(TETHER_ERROR_INTERNAL_ERROR, ErrorCode.EC_INTERNAL_ERROR),
+ new Pair<>(TETHER_ERROR_TETHER_IFACE_ERROR, ErrorCode.EC_TETHER_IFACE_ERROR),
+ new Pair<>(TETHER_ERROR_UNTETHER_IFACE_ERROR, ErrorCode.EC_UNTETHER_IFACE_ERROR),
+ new Pair<>(TETHER_ERROR_ENABLE_FORWARDING_ERROR,
+ ErrorCode.EC_ENABLE_FORWARDING_ERROR),
+ new Pair<>(TETHER_ERROR_DISABLE_FORWARDING_ERROR,
+ ErrorCode.EC_DISABLE_FORWARDING_ERROR),
+ new Pair<>(TETHER_ERROR_IFACE_CFG_ERROR, ErrorCode.EC_IFACE_CFG_ERROR),
+ new Pair<>(TETHER_ERROR_PROVISIONING_FAILED, ErrorCode.EC_PROVISIONING_FAILED),
+ new Pair<>(TETHER_ERROR_DHCPSERVER_ERROR, ErrorCode.EC_DHCPSERVER_ERROR),
+ new Pair<>(TETHER_ERROR_ENTITLEMENT_UNKNOWN, ErrorCode.EC_ENTITLEMENT_UNKNOWN),
+ new Pair<>(TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION,
+ ErrorCode.EC_NO_CHANGE_TETHERING_PERMISSION),
+ new Pair<>(TETHER_ERROR_NO_ACCESS_TETHERING_PERMISSION,
+ ErrorCode.EC_NO_ACCESS_TETHERING_PERMISSION),
+ new Pair<>(TETHER_ERROR_UNKNOWN_TYPE, ErrorCode.EC_UNKNOWN_TYPE));
+ }
+
+ private void runUserTypesTest(final Pair<String, UserType>... testPairs)
+ throws Exception {
+ for (Pair<String, UserType> testPair : testPairs) {
+ final String callerPkg = testPair.first;
+ final UserType expectedResult = testPair.second;
+
+ mTetheringMetrics.createBuilder(TETHERING_WIFI, callerPkg);
+ updateErrorAndSendReport(TETHERING_WIFI, TETHER_ERROR_NO_ERROR);
+ verifyReport(DownstreamType.DS_TETHERING_WIFI, ErrorCode.EC_NO_ERROR, expectedResult);
+ reset(mTetheringMetrics);
+ }
+ }
+
+ @Test
+ public void testUserTypes() throws Exception {
+ runUserTypesTest(new Pair<>(TEST_CALLER_PKG, UserType.USER_UNKNOWN),
+ new Pair<>(SETTINGS_PKG, UserType.USER_SETTINGS),
+ new Pair<>(SYSTEMUI_PKG, UserType.USER_SYSTEMUI),
+ new Pair<>(GMS_PKG, UserType.USER_GMS));
+ }
+
+ @Test
+ public void testMultiBuildersCreatedBeforeSendReport() throws Exception {
+ mTetheringMetrics.createBuilder(TETHERING_WIFI, SETTINGS_PKG);
+ mTetheringMetrics.createBuilder(TETHERING_USB, SYSTEMUI_PKG);
+ mTetheringMetrics.createBuilder(TETHERING_BLUETOOTH, GMS_PKG);
+
+ updateErrorAndSendReport(TETHERING_WIFI, TETHER_ERROR_DHCPSERVER_ERROR);
+ verifyReport(DownstreamType.DS_TETHERING_WIFI, ErrorCode.EC_DHCPSERVER_ERROR,
+ UserType.USER_SETTINGS);
+
+ updateErrorAndSendReport(TETHERING_USB, TETHER_ERROR_ENABLE_FORWARDING_ERROR);
+ verifyReport(DownstreamType.DS_TETHERING_USB, ErrorCode.EC_ENABLE_FORWARDING_ERROR,
+ UserType.USER_SYSTEMUI);
+
+ updateErrorAndSendReport(TETHERING_BLUETOOTH, TETHER_ERROR_TETHER_IFACE_ERROR);
+ verifyReport(DownstreamType.DS_TETHERING_BLUETOOTH, ErrorCode.EC_TETHER_IFACE_ERROR,
+ UserType.USER_GMS);
+ }
+}
diff --git a/bpf_progs/Android.bp b/bpf_progs/Android.bp
index 9e516bf..8eb9cfd 100644
--- a/bpf_progs/Android.bp
+++ b/bpf_progs/Android.bp
@@ -50,7 +50,8 @@
"//packages/modules/Connectivity/service/native/libs/libclat",
"//packages/modules/Connectivity/Tethering",
"//packages/modules/Connectivity/service/native",
- "//packages/modules/Connectivity/tests/native",
+ "//packages/modules/Connectivity/tests/native/connectivity_native_test",
+ "//packages/modules/Connectivity/tests/native/utilities",
"//packages/modules/Connectivity/service-t/native/libs/libnetworkstats",
"//packages/modules/Connectivity/tests/unit/jni",
"//system/netd/tests",
@@ -63,6 +64,7 @@
bpf {
name: "block.o",
srcs: ["block.c"],
+ btf: true,
cflags: [
"-Wall",
"-Werror",
@@ -71,8 +73,9 @@
}
bpf {
- name: "dscp_policy.o",
- srcs: ["dscp_policy.c"],
+ name: "dscpPolicy.o",
+ srcs: ["dscpPolicy.c"],
+ btf: true,
cflags: [
"-Wall",
"-Werror",
@@ -90,6 +93,29 @@
}
bpf {
+ name: "offload@btf.o",
+ srcs: ["offload@btf.c"],
+ btf: true,
+ cflags: [
+ "-Wall",
+ "-Werror",
+ "-DBTF",
+ ],
+}
+
+bpf {
+ name: "offload@inprocess.o",
+ srcs: ["offload@inprocess.c"],
+ btf: true,
+ cflags: [
+ "-Wall",
+ "-Werror",
+ "-DBTF",
+ "-DINPROCESS",
+ ],
+}
+
+bpf {
name: "test.o",
srcs: ["test.c"],
cflags: [
@@ -99,8 +125,32 @@
}
bpf {
+ name: "test@btf.o",
+ srcs: ["test@btf.c"],
+ btf: true,
+ cflags: [
+ "-Wall",
+ "-Werror",
+ "-DBTF",
+ ],
+}
+
+bpf {
+ name: "test@inprocess.o",
+ srcs: ["test@inprocess.c"],
+ btf: true,
+ cflags: [
+ "-Wall",
+ "-Werror",
+ "-DBTF",
+ "-DINPROCESS",
+ ],
+}
+
+bpf {
name: "clatd.o",
srcs: ["clatd.c"],
+ btf: true,
cflags: [
"-Wall",
"-Werror",
@@ -112,6 +162,7 @@
// WARNING: Android T's non-updatable netd depends on 'netd' string for xt_bpf programs it loads
name: "netd.o",
srcs: ["netd.c"],
+ btf: true,
cflags: [
"-Wall",
"-Werror",
diff --git a/bpf_progs/bpf_shared.h b/bpf_progs/bpf_shared.h
index fd449a3..85b9f86 100644
--- a/bpf_progs/bpf_shared.h
+++ b/bpf_progs/bpf_shared.h
@@ -148,6 +148,7 @@
#endif // __cplusplus
+// LINT.IfChange(match_type)
enum UidOwnerMatchType {
NO_MATCH = 0,
HAPPY_BOX_MATCH = (1 << 0),
@@ -163,6 +164,7 @@
OEM_DENY_2_MATCH = (1 << 10),
OEM_DENY_3_MATCH = (1 << 11),
};
+// LINT.ThenChange(packages/modules/Connectivity/service/src/com/android/server/BpfNetMaps.java)
enum BpfPermissionMatch {
BPF_PERMISSION_INTERNET = 1 << 2,
diff --git a/bpf_progs/bpf_tethering.h b/bpf_progs/bpf_tethering.h
index f9ef6ef..9dae6c9 100644
--- a/bpf_progs/bpf_tethering.h
+++ b/bpf_progs/bpf_tethering.h
@@ -26,31 +26,33 @@
// - The BPF programs in Tethering/bpf_progs/
// - JNI code that depends on the bpf_connectivity_headers library.
-#define BPF_TETHER_ERRORS \
- ERR(INVALID_IP_VERSION) \
- ERR(LOW_TTL) \
- ERR(INVALID_TCP_HEADER) \
- ERR(TCP_CONTROL_PACKET) \
- ERR(NON_GLOBAL_SRC) \
- ERR(NON_GLOBAL_DST) \
- ERR(LOCAL_SRC_DST) \
- ERR(NO_STATS_ENTRY) \
- ERR(NO_LIMIT_ENTRY) \
- ERR(BELOW_IPV4_MTU) \
- ERR(BELOW_IPV6_MTU) \
- ERR(LIMIT_REACHED) \
- ERR(CHANGE_HEAD_FAILED) \
- ERR(TOO_SHORT) \
- ERR(HAS_IP_OPTIONS) \
- ERR(IS_IP_FRAG) \
- ERR(CHECKSUM) \
- ERR(NON_TCP_UDP) \
- ERR(NON_TCP) \
- ERR(SHORT_L4_HEADER) \
- ERR(SHORT_TCP_HEADER) \
- ERR(SHORT_UDP_HEADER) \
- ERR(UDP_CSUM_ZERO) \
- ERR(TRUNCATED_IPV4) \
+#define BPF_TETHER_ERRORS \
+ ERR(INVALID_IPV4_VERSION) \
+ ERR(INVALID_IPV6_VERSION) \
+ ERR(LOW_TTL) \
+ ERR(INVALID_TCP_HEADER) \
+ ERR(TCPV4_CONTROL_PACKET) \
+ ERR(TCPV6_CONTROL_PACKET) \
+ ERR(NON_GLOBAL_SRC) \
+ ERR(NON_GLOBAL_DST) \
+ ERR(LOCAL_SRC_DST) \
+ ERR(NO_STATS_ENTRY) \
+ ERR(NO_LIMIT_ENTRY) \
+ ERR(BELOW_IPV4_MTU) \
+ ERR(BELOW_IPV6_MTU) \
+ ERR(LIMIT_REACHED) \
+ ERR(CHANGE_HEAD_FAILED) \
+ ERR(TOO_SHORT) \
+ ERR(HAS_IP_OPTIONS) \
+ ERR(IS_IP_FRAG) \
+ ERR(CHECKSUM) \
+ ERR(NON_TCP_UDP) \
+ ERR(NON_TCP) \
+ ERR(SHORT_L4_HEADER) \
+ ERR(SHORT_TCP_HEADER) \
+ ERR(SHORT_UDP_HEADER) \
+ ERR(UDP_CSUM_ZERO) \
+ ERR(TRUNCATED_IPV4) \
ERR(_MAX)
#define ERR(x) BPF_TETHER_ERR_ ##x,
diff --git a/bpf_progs/clatd.c b/bpf_progs/clatd.c
index 66e9616..a2214dc 100644
--- a/bpf_progs/clatd.c
+++ b/bpf_progs/clatd.c
@@ -342,4 +342,4 @@
}
LICENSE("Apache 2.0");
-CRITICAL("netd");
+CRITICAL("Connectivity");
diff --git a/bpf_progs/dscpPolicy.c b/bpf_progs/dscpPolicy.c
new file mode 100644
index 0000000..72f63c6
--- /dev/null
+++ b/bpf_progs/dscpPolicy.c
@@ -0,0 +1,240 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <linux/bpf.h>
+#include <linux/if_ether.h>
+#include <linux/if_packet.h>
+#include <linux/ip.h>
+#include <linux/ipv6.h>
+#include <linux/pkt_cls.h>
+#include <linux/tcp.h>
+#include <linux/types.h>
+#include <netinet/in.h>
+#include <netinet/udp.h>
+#include <stdint.h>
+#include <string.h>
+
+// The resulting .o needs to load on the Android T beta 3 bpfloader
+#define BPFLOADER_MIN_VER BPFLOADER_T_BETA3_VERSION
+
+#include "bpf_helpers.h"
+#include "dscpPolicy.h"
+
+#define ECN_MASK 3
+#define IP4_OFFSET(field, header) ((header) + offsetof(struct iphdr, field))
+#define UPDATE_TOS(dscp, tos) ((dscp) << 2) | ((tos) & ECN_MASK)
+
+DEFINE_BPF_MAP_GRW(socket_policy_cache_map, HASH, uint64_t, RuleEntry, CACHE_MAP_SIZE, AID_SYSTEM)
+
+DEFINE_BPF_MAP_GRW(ipv4_dscp_policies_map, ARRAY, uint32_t, DscpPolicy, MAX_POLICIES, AID_SYSTEM)
+DEFINE_BPF_MAP_GRW(ipv6_dscp_policies_map, ARRAY, uint32_t, DscpPolicy, MAX_POLICIES, AID_SYSTEM)
+
+static inline __always_inline void match_policy(struct __sk_buff* skb, bool ipv4) {
+ void* data = (void*)(long)skb->data;
+ const void* data_end = (void*)(long)skb->data_end;
+
+ const int l2_header_size = sizeof(struct ethhdr);
+ struct ethhdr* eth = data;
+
+ if (data + l2_header_size > data_end) return;
+
+ int hdr_size = 0;
+
+ // used for map lookup
+ uint64_t cookie = bpf_get_socket_cookie(skb);
+ if (!cookie) return;
+
+ __be16 sport = 0;
+ uint16_t dport = 0;
+ uint8_t protocol = 0; // TODO: Use are reserved value? Or int (-1) and cast to uint below?
+ struct in6_addr src_ip = {};
+ struct in6_addr dst_ip = {};
+ uint8_t tos = 0; // Only used for IPv4
+ __be32 old_first_be32 = 0; // Only used for IPv6
+ if (ipv4) {
+ const struct iphdr* const iph = (void*)(eth + 1);
+ hdr_size = l2_header_size + sizeof(struct iphdr);
+ // Must have ipv4 header
+ if (data + hdr_size > data_end) return;
+
+ // IP version must be 4
+ if (iph->version != 4) return;
+
+ // We cannot handle IP options, just standard 20 byte == 5 dword minimal IPv4 header
+ if (iph->ihl != 5) return;
+
+ // V4 mapped address in in6_addr sets 10/11 position to 0xff.
+ src_ip.s6_addr32[2] = htonl(0x0000ffff);
+ dst_ip.s6_addr32[2] = htonl(0x0000ffff);
+
+ // Copy IPv4 address into in6_addr for easy comparison below.
+ src_ip.s6_addr32[3] = iph->saddr;
+ dst_ip.s6_addr32[3] = iph->daddr;
+ protocol = iph->protocol;
+ tos = iph->tos;
+ } else {
+ struct ipv6hdr* ip6h = (void*)(eth + 1);
+ hdr_size = l2_header_size + sizeof(struct ipv6hdr);
+ // Must have ipv6 header
+ if (data + hdr_size > data_end) return;
+
+ if (ip6h->version != 6) return;
+
+ src_ip = ip6h->saddr;
+ dst_ip = ip6h->daddr;
+ protocol = ip6h->nexthdr;
+ old_first_be32 = *(__be32*)ip6h;
+ }
+
+ switch (protocol) {
+ case IPPROTO_UDP:
+ case IPPROTO_UDPLITE: {
+ struct udphdr* udp;
+ udp = data + hdr_size;
+ if ((void*)(udp + 1) > data_end) return;
+ sport = udp->source;
+ dport = ntohs(udp->dest);
+ } break;
+ case IPPROTO_TCP: {
+ struct tcphdr* tcp;
+ tcp = data + hdr_size;
+ if ((void*)(tcp + 1) > data_end) return;
+ sport = tcp->source;
+ dport = ntohs(tcp->dest);
+ } break;
+ default:
+ return;
+ }
+
+ RuleEntry* existing_rule = bpf_socket_policy_cache_map_lookup_elem(&cookie);
+
+ if (existing_rule &&
+ v6_equal(src_ip, existing_rule->src_ip) &&
+ v6_equal(dst_ip, existing_rule->dst_ip) &&
+ skb->ifindex == existing_rule->ifindex &&
+ sport == existing_rule->src_port &&
+ dport == existing_rule->dst_port &&
+ protocol == existing_rule->proto) {
+ if (existing_rule->dscp_val < 0) return;
+ if (ipv4) {
+ uint8_t newTos = UPDATE_TOS(existing_rule->dscp_val, tos);
+ bpf_l3_csum_replace(skb, IP4_OFFSET(check, l2_header_size), htons(tos), htons(newTos),
+ sizeof(uint16_t));
+ bpf_skb_store_bytes(skb, IP4_OFFSET(tos, l2_header_size), &newTos, sizeof(newTos), 0);
+ } else {
+ __be32 new_first_be32 =
+ htonl(ntohl(old_first_be32) & 0xF03FFFFF | (existing_rule->dscp_val << 22));
+ bpf_skb_store_bytes(skb, l2_header_size, &new_first_be32, sizeof(__be32),
+ BPF_F_RECOMPUTE_CSUM);
+ }
+ return;
+ }
+
+ // Linear scan ipv4_dscp_policies_map since no stored params match skb.
+ int best_score = 0;
+ int8_t new_dscp = -1;
+
+ for (register uint64_t i = 0; i < MAX_POLICIES; i++) {
+ // Using a uint64 in for loop prevents infinite loop during BPF load,
+ // but the key is uint32, so convert back.
+ uint32_t key = i;
+
+ DscpPolicy* policy;
+ if (ipv4) {
+ policy = bpf_ipv4_dscp_policies_map_lookup_elem(&key);
+ } else {
+ policy = bpf_ipv6_dscp_policies_map_lookup_elem(&key);
+ }
+
+ // If the policy lookup failed, just continue (this should not ever happen)
+ if (!policy) continue;
+
+ // If policy iface index does not match skb, then skip to next policy.
+ if (policy->ifindex != skb->ifindex) continue;
+
+ int score = 0;
+
+ if (policy->present_fields & PROTO_MASK_FLAG) {
+ if (protocol != policy->proto) continue;
+ score += 0xFFFF;
+ }
+ if (policy->present_fields & SRC_IP_MASK_FLAG) {
+ if (v6_not_equal(src_ip, policy->src_ip)) continue;
+ score += 0xFFFF;
+ }
+ if (policy->present_fields & DST_IP_MASK_FLAG) {
+ if (v6_not_equal(dst_ip, policy->dst_ip)) continue;
+ score += 0xFFFF;
+ }
+ if (policy->present_fields & SRC_PORT_MASK_FLAG) {
+ if (sport != policy->src_port) continue;
+ score += 0xFFFF;
+ }
+ if (dport < policy->dst_port_start) continue;
+ if (dport > policy->dst_port_end) continue;
+ score += 0xFFFF + policy->dst_port_start - policy->dst_port_end;
+
+ if (score > best_score) {
+ best_score = score;
+ new_dscp = policy->dscp_val;
+ }
+ }
+
+ RuleEntry value = {
+ .src_ip = src_ip,
+ .dst_ip = dst_ip,
+ .ifindex = skb->ifindex,
+ .src_port = sport,
+ .dst_port = dport,
+ .proto = protocol,
+ .dscp_val = new_dscp,
+ };
+
+ // Update cache with found policy.
+ bpf_socket_policy_cache_map_update_elem(&cookie, &value, BPF_ANY);
+
+ if (new_dscp < 0) return;
+
+ // Need to store bytes after updating map or program will not load.
+ if (ipv4) {
+ uint8_t new_tos = UPDATE_TOS(new_dscp, tos);
+ bpf_l3_csum_replace(skb, IP4_OFFSET(check, l2_header_size), htons(tos), htons(new_tos), 2);
+ bpf_skb_store_bytes(skb, IP4_OFFSET(tos, l2_header_size), &new_tos, sizeof(new_tos), 0);
+ } else {
+ __be32 new_first_be32 = htonl(ntohl(old_first_be32) & 0xF03FFFFF | (new_dscp << 22));
+ bpf_skb_store_bytes(skb, l2_header_size, &new_first_be32, sizeof(__be32),
+ BPF_F_RECOMPUTE_CSUM);
+ }
+ return;
+}
+
+DEFINE_BPF_PROG_KVER("schedcls/set_dscp_ether", AID_ROOT, AID_SYSTEM, schedcls_set_dscp_ether,
+ KVER(5, 15, 0))
+(struct __sk_buff* skb) {
+ if (skb->pkt_type != PACKET_HOST) return TC_ACT_PIPE;
+
+ if (skb->protocol == htons(ETH_P_IP)) {
+ match_policy(skb, true);
+ } else if (skb->protocol == htons(ETH_P_IPV6)) {
+ match_policy(skb, false);
+ }
+
+ // Always return TC_ACT_PIPE
+ return TC_ACT_PIPE;
+}
+
+LICENSE("Apache 2.0");
+CRITICAL("Connectivity");
diff --git a/bpf_progs/dscp_policy.h b/bpf_progs/dscpPolicy.h
similarity index 64%
rename from bpf_progs/dscp_policy.h
rename to bpf_progs/dscpPolicy.h
index 1637f7a..e565966 100644
--- a/bpf_progs/dscp_policy.h
+++ b/bpf_progs/dscpPolicy.h
@@ -14,23 +14,28 @@
* limitations under the License.
*/
+#define CACHE_MAP_SIZE 1024
#define MAX_POLICIES 16
-#define MAP_A 1
-#define MAP_B 2
#define SRC_IP_MASK_FLAG 1
#define DST_IP_MASK_FLAG 2
#define SRC_PORT_MASK_FLAG 4
-#define DST_PORT_MASK_FLAG 8
-#define PROTO_MASK_FLAG 16
+#define PROTO_MASK_FLAG 8
#define STRUCT_SIZE(name, size) _Static_assert(sizeof(name) == (size), "Incorrect struct size.")
-#define v6_equal(a, b) \
- (((a.s6_addr32[0] ^ b.s6_addr32[0]) | \
- (a.s6_addr32[1] ^ b.s6_addr32[1]) | \
- (a.s6_addr32[2] ^ b.s6_addr32[2]) | \
- (a.s6_addr32[3] ^ b.s6_addr32[3])) == 0)
+// Retrieve the first (ie. high) 64 bits of an IPv6 address (in network order)
+#define v6_hi_be64(v) (*(uint64_t*)&((v).s6_addr32[0]))
+
+// Retrieve the last (ie. low) 64 bits of an IPv6 address (in network order)
+#define v6_lo_be64(v) (*(uint64_t*)&((v).s6_addr32[2]))
+
+// This returns a non-zero u64 iff a != b
+#define v6_not_equal(a, b) ((v6_hi_be64(a) ^ v6_hi_be64(b)) \
+ | (v6_lo_be64(a) ^ v6_lo_be64(b)))
+
+// Returns 'a == b' as boolean
+#define v6_equal(a, b) (!v6_not_equal((a), (b)))
// TODO: these are already defined in packages/modules/Connectivity/bpf_progs/bpf_net_helpers.h.
// smove to common location in future.
@@ -44,27 +49,27 @@
(void*)BPF_FUNC_skb_ecn_set_ce;
typedef struct {
- struct in6_addr srcIp;
- struct in6_addr dstIp;
+ struct in6_addr src_ip;
+ struct in6_addr dst_ip;
uint32_t ifindex;
- __be16 srcPort;
- __be16 dstPortStart;
- __be16 dstPortEnd;
+ __be16 src_port;
+ uint16_t dst_port_start;
+ uint16_t dst_port_end;
uint8_t proto;
- uint8_t dscpVal;
- uint8_t presentFields;
+ int8_t dscp_val; // -1 none, or 0..63 DSCP value
+ uint8_t present_fields;
uint8_t pad[3];
} DscpPolicy;
STRUCT_SIZE(DscpPolicy, 2 * 16 + 4 + 3 * 2 + 3 * 1 + 3); // 48
typedef struct {
- struct in6_addr srcIp;
- struct in6_addr dstIp;
- __u32 ifindex;
- __be16 srcPort;
- __be16 dstPort;
- __u8 proto;
- __u8 dscpVal;
- __u8 pad[2];
+ struct in6_addr src_ip;
+ struct in6_addr dst_ip;
+ uint32_t ifindex;
+ __be16 src_port;
+ uint16_t dst_port;
+ uint8_t proto;
+ int8_t dscp_val; // -1 none, or 0..63 DSCP value
+ uint8_t pad[2];
} RuleEntry;
-STRUCT_SIZE(RuleEntry, 2 * 16 + 1 * 4 + 2 * 2 + 2 * 1 + 2); // 44
\ No newline at end of file
+STRUCT_SIZE(RuleEntry, 2 * 16 + 1 * 4 + 2 * 2 + 2 * 1 + 2); // 44
diff --git a/bpf_progs/dscp_policy.c b/bpf_progs/dscp_policy.c
deleted file mode 100644
index 538a9e4..0000000
--- a/bpf_progs/dscp_policy.c
+++ /dev/null
@@ -1,329 +0,0 @@
-/*
- * Copyright (C) 2021 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <linux/types.h>
-#include <linux/bpf.h>
-#include <linux/if_packet.h>
-#include <linux/ip.h>
-#include <linux/ipv6.h>
-#include <linux/if_ether.h>
-#include <linux/pkt_cls.h>
-#include <linux/tcp.h>
-#include <stdint.h>
-#include <netinet/in.h>
-#include <netinet/udp.h>
-#include <string.h>
-
-// The resulting .o needs to load on the Android T beta 3 bpfloader
-#define BPFLOADER_MIN_VER BPFLOADER_T_BETA3_VERSION
-
-#include "bpf_helpers.h"
-#include "dscp_policy.h"
-
-DEFINE_BPF_MAP_GRW(switch_comp_map, ARRAY, int, uint64_t, 1, AID_SYSTEM)
-
-DEFINE_BPF_MAP_GRW(ipv4_socket_to_policies_map_A, HASH, uint64_t, RuleEntry, MAX_POLICIES,
- AID_SYSTEM)
-DEFINE_BPF_MAP_GRW(ipv4_socket_to_policies_map_B, HASH, uint64_t, RuleEntry, MAX_POLICIES,
- AID_SYSTEM)
-DEFINE_BPF_MAP_GRW(ipv6_socket_to_policies_map_A, HASH, uint64_t, RuleEntry, MAX_POLICIES,
- AID_SYSTEM)
-DEFINE_BPF_MAP_GRW(ipv6_socket_to_policies_map_B, HASH, uint64_t, RuleEntry, MAX_POLICIES,
- AID_SYSTEM)
-
-DEFINE_BPF_MAP_GRW(ipv4_dscp_policies_map, ARRAY, uint32_t, DscpPolicy, MAX_POLICIES,
- AID_SYSTEM)
-DEFINE_BPF_MAP_GRW(ipv6_dscp_policies_map, ARRAY, uint32_t, DscpPolicy, MAX_POLICIES,
- AID_SYSTEM)
-
-static inline __always_inline void match_policy(struct __sk_buff* skb, bool ipv4, bool is_eth) {
- void* data = (void*)(long)skb->data;
- const void* data_end = (void*)(long)skb->data_end;
-
- const int l2_header_size = is_eth ? sizeof(struct ethhdr) : 0;
- struct ethhdr* eth = is_eth ? data : NULL;
-
- if (data + l2_header_size > data_end) return;
-
- int zero = 0;
- int hdr_size = 0;
- uint64_t* selectedMap = bpf_switch_comp_map_lookup_elem(&zero);
-
- // use this with HASH map so map lookup only happens once policies have been added?
- if (!selectedMap) {
- return;
- }
-
- // used for map lookup
- uint64_t cookie = bpf_get_socket_cookie(skb);
- if (!cookie)
- return;
-
- uint16_t sport = 0;
- uint16_t dport = 0;
- uint8_t protocol = 0; // TODO: Use are reserved value? Or int (-1) and cast to uint below?
- struct in6_addr srcIp = {};
- struct in6_addr dstIp = {};
- uint8_t tos = 0; // Only used for IPv4
- uint8_t priority = 0; // Only used for IPv6
- uint8_t flow_lbl = 0; // Only used for IPv6
- if (ipv4) {
- const struct iphdr* const iph = is_eth ? (void*)(eth + 1) : data;
- // Must have ipv4 header
- if (data + l2_header_size + sizeof(*iph) > data_end) return;
-
- // IP version must be 4
- if (iph->version != 4) return;
-
- // We cannot handle IP options, just standard 20 byte == 5 dword minimal IPv4 header
- if (iph->ihl != 5) return;
-
- // V4 mapped address in in6_addr sets 10/11 position to 0xff.
- srcIp.s6_addr32[2] = htonl(0x0000ffff);
- dstIp.s6_addr32[2] = htonl(0x0000ffff);
-
- // Copy IPv4 address into in6_addr for easy comparison below.
- srcIp.s6_addr32[3] = iph->saddr;
- dstIp.s6_addr32[3] = iph->daddr;
- protocol = iph->protocol;
- tos = iph->tos;
- hdr_size = sizeof(struct iphdr);
- } else {
- struct ipv6hdr* ip6h = is_eth ? (void*)(eth + 1) : data;
- // Must have ipv6 header
- if (data + l2_header_size + sizeof(*ip6h) > data_end) return;
-
- if (ip6h->version != 6) return;
-
- srcIp = ip6h->saddr;
- dstIp = ip6h->daddr;
- protocol = ip6h->nexthdr;
- priority = ip6h->priority;
- flow_lbl = ip6h->flow_lbl[0];
- hdr_size = sizeof(struct ipv6hdr);
- }
-
- switch (protocol) {
- case IPPROTO_UDP:
- case IPPROTO_UDPLITE:
- {
- struct udphdr *udp;
- udp = data + hdr_size;
- if ((void*)(udp + 1) > data_end) return;
- sport = udp->source;
- dport = udp->dest;
- }
- break;
- case IPPROTO_TCP:
- {
- struct tcphdr *tcp;
- tcp = data + hdr_size;
- if ((void*)(tcp + 1) > data_end) return;
- sport = tcp->source;
- dport = tcp->dest;
- }
- break;
- default:
- return;
- }
-
- RuleEntry* existingRule;
- if (ipv4) {
- if (*selectedMap == MAP_A) {
- existingRule = bpf_ipv4_socket_to_policies_map_A_lookup_elem(&cookie);
- } else {
- existingRule = bpf_ipv4_socket_to_policies_map_B_lookup_elem(&cookie);
- }
- } else {
- if (*selectedMap == MAP_A) {
- existingRule = bpf_ipv6_socket_to_policies_map_A_lookup_elem(&cookie);
- } else {
- existingRule = bpf_ipv6_socket_to_policies_map_B_lookup_elem(&cookie);
- }
- }
-
- if (existingRule && v6_equal(srcIp, existingRule->srcIp) &&
- v6_equal(dstIp, existingRule->dstIp) &&
- skb->ifindex == existingRule->ifindex &&
- ntohs(sport) == htons(existingRule->srcPort) &&
- ntohs(dport) == htons(existingRule->dstPort) &&
- protocol == existingRule->proto) {
- if (ipv4) {
- int ecn = tos & 3;
- uint8_t newDscpVal = (existingRule->dscpVal << 2) + ecn;
- int oldDscpVal = tos >> 2;
- bpf_l3_csum_replace(skb, 1, oldDscpVal, newDscpVal, sizeof(uint8_t));
- bpf_skb_store_bytes(skb, 1, &newDscpVal, sizeof(uint8_t), 0);
- } else {
- uint8_t new_priority = (existingRule->dscpVal >> 2) + 0x60;
- uint8_t new_flow_label = ((existingRule->dscpVal & 0xf) << 6) + (priority >> 6);
- bpf_skb_store_bytes(skb, 0, &new_priority, sizeof(uint8_t), 0);
- bpf_skb_store_bytes(skb, 1, &new_flow_label, sizeof(uint8_t), 0);
- }
- return;
- }
-
- // Linear scan ipv4_dscp_policies_map since no stored params match skb.
- int bestScore = -1;
- uint32_t bestMatch = 0;
-
- for (register uint64_t i = 0; i < MAX_POLICIES; i++) {
- int score = 0;
- uint8_t tempMask = 0;
- // Using a uint64 in for loop prevents infinite loop during BPF load,
- // but the key is uint32, so convert back.
- uint32_t key = i;
-
- DscpPolicy* policy;
- if (ipv4) {
- policy = bpf_ipv4_dscp_policies_map_lookup_elem(&key);
- } else {
- policy = bpf_ipv6_dscp_policies_map_lookup_elem(&key);
- }
-
- // If the policy lookup failed, presentFields is 0, or iface index does not match
- // index on skb buff, then we can continue to next policy.
- if (!policy || policy->presentFields == 0 || policy->ifindex != skb->ifindex)
- continue;
-
- if ((policy->presentFields & SRC_IP_MASK_FLAG) == SRC_IP_MASK_FLAG &&
- v6_equal(srcIp, policy->srcIp)) {
- score++;
- tempMask |= SRC_IP_MASK_FLAG;
- }
- if ((policy->presentFields & DST_IP_MASK_FLAG) == DST_IP_MASK_FLAG &&
- v6_equal(dstIp, policy->dstIp)) {
- score++;
- tempMask |= DST_IP_MASK_FLAG;
- }
- if ((policy->presentFields & SRC_PORT_MASK_FLAG) == SRC_PORT_MASK_FLAG &&
- ntohs(sport) == htons(policy->srcPort)) {
- score++;
- tempMask |= SRC_PORT_MASK_FLAG;
- }
- if ((policy->presentFields & DST_PORT_MASK_FLAG) == DST_PORT_MASK_FLAG &&
- ntohs(dport) >= htons(policy->dstPortStart) &&
- ntohs(dport) <= htons(policy->dstPortEnd)) {
- score++;
- tempMask |= DST_PORT_MASK_FLAG;
- }
- if ((policy->presentFields & PROTO_MASK_FLAG) == PROTO_MASK_FLAG &&
- protocol == policy->proto) {
- score++;
- tempMask |= PROTO_MASK_FLAG;
- }
-
- if (score > bestScore && tempMask == policy->presentFields) {
- bestMatch = i;
- bestScore = score;
- }
- }
-
- uint8_t new_tos= 0; // Can 0 be used as default forwarding value?
- uint8_t new_priority = 0;
- uint8_t new_flow_lbl = 0;
- if (bestScore > 0) {
- DscpPolicy* policy;
- if (ipv4) {
- policy = bpf_ipv4_dscp_policies_map_lookup_elem(&bestMatch);
- } else {
- policy = bpf_ipv6_dscp_policies_map_lookup_elem(&bestMatch);
- }
-
- if (policy) {
- // TODO: if DSCP value is already set ignore?
- if (ipv4) {
- int ecn = tos & 3;
- new_tos = (policy->dscpVal << 2) + ecn;
- } else {
- new_priority = (policy->dscpVal >> 2) + 0x60;
- new_flow_lbl = ((policy->dscpVal & 0xf) << 6) + (flow_lbl >> 6);
-
- // Set IPv6 curDscp value to stored value and recalulate priority
- // and flow label during next use.
- new_tos = policy->dscpVal;
- }
- }
- } else return;
-
- RuleEntry value = {
- .srcIp = srcIp,
- .dstIp = dstIp,
- .ifindex = skb->ifindex,
- .srcPort = sport,
- .dstPort = dport,
- .proto = protocol,
- .dscpVal = new_tos,
- };
-
- //Update map with new policy.
- if (ipv4) {
- if (*selectedMap == MAP_A) {
- bpf_ipv4_socket_to_policies_map_A_update_elem(&cookie, &value, BPF_ANY);
- } else {
- bpf_ipv4_socket_to_policies_map_B_update_elem(&cookie, &value, BPF_ANY);
- }
- } else {
- if (*selectedMap == MAP_A) {
- bpf_ipv6_socket_to_policies_map_A_update_elem(&cookie, &value, BPF_ANY);
- } else {
- bpf_ipv6_socket_to_policies_map_B_update_elem(&cookie, &value, BPF_ANY);
- }
- }
-
- // Need to store bytes after updating map or program will not load.
- if (ipv4 && new_tos != (tos & 252)) {
- int oldDscpVal = tos >> 2;
- bpf_l3_csum_replace(skb, 1, oldDscpVal, new_tos, sizeof(uint8_t));
- bpf_skb_store_bytes(skb, 1, &new_tos, sizeof(uint8_t), 0);
- } else if (!ipv4 && (new_priority != priority || new_flow_lbl != flow_lbl)) {
- bpf_skb_store_bytes(skb, 0, &new_priority, sizeof(uint8_t), 0);
- bpf_skb_store_bytes(skb, 1, &new_flow_lbl, sizeof(uint8_t), 0);
- }
- return;
-}
-
-DEFINE_BPF_PROG_KVER("schedcls/set_dscp_ether", AID_ROOT, AID_SYSTEM,
- schedcls_set_dscp_ether, KVER(5, 4, 0))
-(struct __sk_buff* skb) {
-
- if (skb->pkt_type != PACKET_HOST) return TC_ACT_PIPE;
-
- if (skb->protocol == htons(ETH_P_IP)) {
- match_policy(skb, true, true);
- } else if (skb->protocol == htons(ETH_P_IPV6)) {
- match_policy(skb, false, true);
- }
-
- // Always return TC_ACT_PIPE
- return TC_ACT_PIPE;
-}
-
-DEFINE_BPF_PROG_KVER("schedcls/set_dscp_raw_ip", AID_ROOT, AID_SYSTEM,
- schedcls_set_dscp_raw_ip, KVER(5, 4, 0))
-(struct __sk_buff* skb) {
- if (skb->protocol == htons(ETH_P_IP)) {
- match_policy(skb, true, false);
- } else if (skb->protocol == htons(ETH_P_IPV6)) {
- match_policy(skb, false, false);
- }
-
- // Always return TC_ACT_PIPE
- return TC_ACT_PIPE;
-}
-
-LICENSE("Apache 2.0");
-CRITICAL("Connectivity");
diff --git a/bpf_progs/netd.c b/bpf_progs/netd.c
index 24b3fed..10559dd 100644
--- a/bpf_progs/netd.c
+++ b/bpf_progs/netd.c
@@ -85,10 +85,18 @@
DEFINE_BPF_MAP_NO_NETD(iface_index_name_map, HASH, uint32_t, IfaceValue, IFACE_INDEX_NAME_MAP_SIZE)
// iptables xt_bpf programs need to be usable by both netd and netutils_wrappers
+// selinux contexts, because even non-xt_bpf iptables mutations are implemented as
+// a full table dump, followed by an update in userspace, and then a reload into the kernel,
+// where any already in-use xt_bpf matchers are serialized as the path to the pinned
+// program (see XT_BPF_MODE_PATH_PINNED) and then the iptables binary (or rather
+// the kernel acting on behalf of it) must be able to retrieve the pinned program
+// for the reload to succeed
#define DEFINE_XTBPF_PROG(SECTION_NAME, prog_uid, prog_gid, the_prog) \
DEFINE_BPF_PROG(SECTION_NAME, prog_uid, prog_gid, the_prog)
// programs that need to be usable by netd, but not by netutils_wrappers
+// (this is because these are currently attached by the mainline provided libnetd_updatable .so
+// which is loaded into netd and thus runs as netd uid/gid/selinux context)
#define DEFINE_NETD_BPF_PROG(SECTION_NAME, prog_uid, prog_gid, the_prog) \
DEFINE_BPF_PROG_EXT(SECTION_NAME, prog_uid, prog_gid, the_prog, \
KVER_NONE, KVER_INF, false, "fs_bpf_netd_readonly", "")
@@ -217,6 +225,11 @@
return *config;
}
+// DROP_IF_SET is set of rules that BPF_DROP if rule is globally enabled, and per-uid bit is set
+#define DROP_IF_SET (STANDBY_MATCH | OEM_DENY_1_MATCH | OEM_DENY_2_MATCH | OEM_DENY_3_MATCH)
+// DROP_IF_UNSET is set of rules that should DROP if globally enabled, and per-uid bit is NOT set
+#define DROP_IF_UNSET (DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH | LOW_POWER_STANDBY_MATCH)
+
static inline int bpf_owner_match(struct __sk_buff* skb, uint32_t uid, int direction) {
if (skip_owner_match(skb)) return BPF_PASS;
@@ -228,32 +241,13 @@
uint32_t uidRules = uidEntry ? uidEntry->rule : 0;
uint32_t allowed_iif = uidEntry ? uidEntry->iif : 0;
- if (enabledRules) {
- if ((enabledRules & DOZABLE_MATCH) && !(uidRules & DOZABLE_MATCH)) {
- return BPF_DROP;
- }
- if ((enabledRules & STANDBY_MATCH) && (uidRules & STANDBY_MATCH)) {
- return BPF_DROP;
- }
- if ((enabledRules & POWERSAVE_MATCH) && !(uidRules & POWERSAVE_MATCH)) {
- return BPF_DROP;
- }
- if ((enabledRules & RESTRICTED_MATCH) && !(uidRules & RESTRICTED_MATCH)) {
- return BPF_DROP;
- }
- if ((enabledRules & LOW_POWER_STANDBY_MATCH) && !(uidRules & LOW_POWER_STANDBY_MATCH)) {
- return BPF_DROP;
- }
- if ((enabledRules & OEM_DENY_1_MATCH) && (uidRules & OEM_DENY_1_MATCH)) {
- return BPF_DROP;
- }
- if ((enabledRules & OEM_DENY_2_MATCH) && (uidRules & OEM_DENY_2_MATCH)) {
- return BPF_DROP;
- }
- if ((enabledRules & OEM_DENY_3_MATCH) && (uidRules & OEM_DENY_3_MATCH)) {
- return BPF_DROP;
- }
- }
+ // Warning: funky bit-wise arithmetic: in parallel, for all DROP_IF_SET/UNSET rules
+ // check whether the rules are globally enabled, and if so whether the rules are
+ // set/unset for the specific uid. BPF_DROP if that is the case for ANY of the rules.
+ // We achieve this by masking out only the bits/rules we're interested in checking,
+ // and negating (via bit-wise xor) the bits/rules that should drop if unset.
+ if (enabledRules & (DROP_IF_SET | DROP_IF_UNSET) & (uidRules ^ DROP_IF_UNSET)) return BPF_DROP;
+
if (direction == BPF_INGRESS && skb->ifindex != 1) {
if (uidRules & IIF_MATCH) {
if (allowed_iif && skb->ifindex != allowed_iif) {
@@ -425,8 +419,7 @@
return BPF_NOMATCH;
}
-DEFINE_BPF_PROG_EXT("cgroupsock/inet/create", AID_ROOT, AID_ROOT, inet_socket_create,
- KVER(4, 14, 0), KVER_INF, false, "fs_bpf_netd_readonly", "")
+DEFINE_NETD_BPF_PROG("cgroupsock/inet/create", AID_ROOT, AID_ROOT, inet_socket_create)
(struct bpf_sock* sk) {
uint64_t gid_uid = bpf_get_current_uid_gid();
/*
@@ -447,4 +440,4 @@
}
LICENSE("Apache 2.0");
-CRITICAL("netd");
+CRITICAL("Connectivity and netd");
diff --git a/bpf_progs/offload.c b/bpf_progs/offload.c
index 2ec0792..bb9fc34 100644
--- a/bpf_progs/offload.c
+++ b/bpf_progs/offload.c
@@ -24,8 +24,27 @@
#define __kernel_udphdr udphdr
#include <linux/udp.h>
+#ifdef BTF
+// BTF is incompatible with bpfloaders < v0.10, hence for S (v0.2) we must
+// ship a different file than for later versions, but we need bpfloader v0.25+
+// for obj@ver.o support
+#define BPFLOADER_MIN_VER BPFLOADER_OBJ_AT_VER_VERSION
+#else /* BTF */
// The resulting .o needs to load on the Android S bpfloader
#define BPFLOADER_MIN_VER BPFLOADER_S_VERSION
+#define BPFLOADER_MAX_VER BPFLOADER_OBJ_AT_VER_VERSION
+#endif /* BTF */
+
+// Warning: values other than AID_ROOT don't work for map uid on BpfLoader < v0.21
+#define TETHERING_UID AID_ROOT
+
+#ifdef INPROCESS
+#define DEFAULT_BPF_MAP_SELINUX_CONTEXT "fs_bpf_net_shared"
+#define DEFAULT_BPF_PROG_SELINUX_CONTEXT "fs_bpf_net_shared"
+#define TETHERING_GID AID_SYSTEM
+#else
+#define TETHERING_GID AID_NETWORK_STACK
+#endif
#include "bpf_helpers.h"
#include "bpf_net_helpers.h"
@@ -73,7 +92,7 @@
// ----- Tethering Error Counters -----
DEFINE_BPF_MAP_GRW(tether_error_map, ARRAY, uint32_t, uint32_t, BPF_TETHER_ERR__MAX,
- AID_NETWORK_STACK)
+ TETHERING_GID)
#define COUNT_AND_RETURN(counter, ret) do { \
uint32_t code = BPF_TETHER_ERR_ ## counter; \
@@ -91,22 +110,22 @@
// ----- Tethering Data Stats and Limits -----
// Tethering stats, indexed by upstream interface.
-DEFINE_BPF_MAP_GRW(tether_stats_map, HASH, TetherStatsKey, TetherStatsValue, 16, AID_NETWORK_STACK)
+DEFINE_BPF_MAP_GRW(tether_stats_map, HASH, TetherStatsKey, TetherStatsValue, 16, TETHERING_GID)
// Tethering data limit, indexed by upstream interface.
// (tethering allowed when stats[iif].rxBytes + stats[iif].txBytes < limit[iif])
-DEFINE_BPF_MAP_GRW(tether_limit_map, HASH, TetherLimitKey, TetherLimitValue, 16, AID_NETWORK_STACK)
+DEFINE_BPF_MAP_GRW(tether_limit_map, HASH, TetherLimitKey, TetherLimitValue, 16, TETHERING_GID)
// ----- IPv6 Support -----
DEFINE_BPF_MAP_GRW(tether_downstream6_map, HASH, TetherDownstream6Key, Tether6Value, 64,
- AID_NETWORK_STACK)
+ TETHERING_GID)
DEFINE_BPF_MAP_GRW(tether_downstream64_map, HASH, TetherDownstream64Key, TetherDownstream64Value,
- 1024, AID_NETWORK_STACK)
+ 1024, TETHERING_GID)
DEFINE_BPF_MAP_GRW(tether_upstream6_map, HASH, TetherUpstream6Key, Tether6Value, 64,
- AID_NETWORK_STACK)
+ TETHERING_GID)
static inline __always_inline int do_forward6(struct __sk_buff* skb, const bool is_ethernet,
const bool downstream) {
@@ -136,7 +155,7 @@
if (is_ethernet && (eth->h_proto != htons(ETH_P_IPV6))) return TC_ACT_PIPE;
// IP version must be 6
- if (ip6->version != 6) TC_PUNT(INVALID_IP_VERSION);
+ if (ip6->version != 6) TC_PUNT(INVALID_IPV6_VERSION);
// Cannot decrement during forward if already zero or would be zero,
// Let the kernel's stack handle these cases and generate appropriate ICMP errors.
@@ -152,7 +171,7 @@
TC_PUNT(INVALID_TCP_HEADER);
// Do not offload TCP packets with any one of the SYN/FIN/RST flags
- if (tcph->syn || tcph->fin || tcph->rst) TC_PUNT(TCP_CONTROL_PACKET);
+ if (tcph->syn || tcph->fin || tcph->rst) TC_PUNT(TCPV6_CONTROL_PACKET);
}
// Protect against forwarding packets sourced from ::1 or fe80::/64 or other weirdness.
@@ -280,13 +299,13 @@
return bpf_redirect(v->oif, 0 /* this is effectively BPF_F_EGRESS */);
}
-DEFINE_BPF_PROG("schedcls/tether_downstream6_ether", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG("schedcls/tether_downstream6_ether", TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream6_ether)
(struct __sk_buff* skb) {
return do_forward6(skb, /* is_ethernet */ true, /* downstream */ true);
}
-DEFINE_BPF_PROG("schedcls/tether_upstream6_ether", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG("schedcls/tether_upstream6_ether", TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream6_ether)
(struct __sk_buff* skb) {
return do_forward6(skb, /* is_ethernet */ true, /* downstream */ false);
@@ -301,59 +320,41 @@
// ANDROID: net: bpf: permit redirect from ingress L3 to egress L2 devices at near max mtu
// (the first of those has already been upstreamed)
//
-// 5.4 kernel support was only added to Android Common Kernel in R,
-// and thus a 5.4 kernel always supports this.
+// These were added to 4.14+ Android Common Kernel in R (including the original release of ACK 5.4)
+// and there is a test in kernel/tests/net/test/bpf_test.py testSkbChangeHead()
+// and in system/netd/tests/binder_test.cpp NetdBinderTest TetherOffloadForwarding.
//
-// Hence, these mandatory (must load successfully) implementations for 5.4+ kernels:
-DEFINE_BPF_PROG_KVER("schedcls/tether_downstream6_rawip$5_4", AID_ROOT, AID_NETWORK_STACK,
- sched_cls_tether_downstream6_rawip_5_4, KVER(5, 4, 0))
+// Hence, these mandatory (must load successfully) implementations for 4.14+ kernels:
+DEFINE_BPF_PROG_KVER("schedcls/tether_downstream6_rawip$4_14", TETHERING_UID, TETHERING_GID,
+ sched_cls_tether_downstream6_rawip_4_14, KVER(4, 14, 0))
(struct __sk_buff* skb) {
return do_forward6(skb, /* is_ethernet */ false, /* downstream */ true);
}
-DEFINE_BPF_PROG_KVER("schedcls/tether_upstream6_rawip$5_4", AID_ROOT, AID_NETWORK_STACK,
- sched_cls_tether_upstream6_rawip_5_4, KVER(5, 4, 0))
+DEFINE_BPF_PROG_KVER("schedcls/tether_upstream6_rawip$4_14", TETHERING_UID, TETHERING_GID,
+ sched_cls_tether_upstream6_rawip_4_14, KVER(4, 14, 0))
(struct __sk_buff* skb) {
return do_forward6(skb, /* is_ethernet */ false, /* downstream */ false);
}
-// and these identical optional (may fail to load) implementations for [4.14..5.4) patched kernels:
-DEFINE_OPTIONAL_BPF_PROG_KVER_RANGE("schedcls/tether_downstream6_rawip$4_14",
- AID_ROOT, AID_NETWORK_STACK,
- sched_cls_tether_downstream6_rawip_4_14,
- KVER(4, 14, 0), KVER(5, 4, 0))
-(struct __sk_buff* skb) {
- return do_forward6(skb, /* is_ethernet */ false, /* downstream */ true);
-}
-
-DEFINE_OPTIONAL_BPF_PROG_KVER_RANGE("schedcls/tether_upstream6_rawip$4_14",
- AID_ROOT, AID_NETWORK_STACK,
- sched_cls_tether_upstream6_rawip_4_14,
- KVER(4, 14, 0), KVER(5, 4, 0))
-(struct __sk_buff* skb) {
- return do_forward6(skb, /* is_ethernet */ false, /* downstream */ false);
-}
-
-// and define no-op stubs for [4.9,4.14) and unpatched [4.14,5.4) kernels.
-// (if the above real 4.14+ program loaded successfully, then bpfloader will have already pinned
-// it at the same location this one would be pinned at and will thus skip loading this stub)
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream6_rawip$stub", AID_ROOT, AID_NETWORK_STACK,
- sched_cls_tether_downstream6_rawip_stub, KVER_NONE, KVER(5, 4, 0))
+// and define no-op stubs for pre-4.14 kernels.
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream6_rawip$stub", TETHERING_UID, TETHERING_GID,
+ sched_cls_tether_downstream6_rawip_stub, KVER_NONE, KVER(4, 14, 0))
(struct __sk_buff* skb) {
return TC_ACT_PIPE;
}
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream6_rawip$stub", AID_ROOT, AID_NETWORK_STACK,
- sched_cls_tether_upstream6_rawip_stub, KVER_NONE, KVER(5, 4, 0))
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream6_rawip$stub", TETHERING_UID, TETHERING_GID,
+ sched_cls_tether_upstream6_rawip_stub, KVER_NONE, KVER(4, 14, 0))
(struct __sk_buff* skb) {
return TC_ACT_PIPE;
}
// ----- IPv4 Support -----
-DEFINE_BPF_MAP_GRW(tether_downstream4_map, HASH, Tether4Key, Tether4Value, 1024, AID_NETWORK_STACK)
+DEFINE_BPF_MAP_GRW(tether_downstream4_map, HASH, Tether4Key, Tether4Value, 1024, TETHERING_GID)
-DEFINE_BPF_MAP_GRW(tether_upstream4_map, HASH, Tether4Key, Tether4Value, 1024, AID_NETWORK_STACK)
+DEFINE_BPF_MAP_GRW(tether_upstream4_map, HASH, Tether4Key, Tether4Value, 1024, TETHERING_GID)
static inline __always_inline int do_forward4_bottom(struct __sk_buff* skb,
const int l2_header_size, void* data, const void* data_end,
@@ -369,7 +370,7 @@
// If hardware offload is running and programming flows based on conntrack entries, try not
// to interfere with it, so do not offload TCP packets with any one of the SYN/FIN/RST flags
- if (tcph->syn || tcph->fin || tcph->rst) TC_PUNT(TCP_CONTROL_PACKET);
+ if (tcph->syn || tcph->fin || tcph->rst) TC_PUNT(TCPV4_CONTROL_PACKET);
} else { // UDP
// Make sure we can get at the udp header
if (data + l2_header_size + sizeof(*ip) + sizeof(*udph) > data_end)
@@ -575,7 +576,7 @@
if (is_ethernet && (eth->h_proto != htons(ETH_P_IP))) return TC_ACT_PIPE;
// IP version must be 4
- if (ip->version != 4) TC_PUNT(INVALID_IP_VERSION);
+ if (ip->version != 4) TC_PUNT(INVALID_IPV4_VERSION);
// We cannot handle IP options, just standard 20 byte == 5 dword minimal IPv4 header
if (ip->ihl != 5) TC_PUNT(HAS_IP_OPTIONS);
@@ -645,25 +646,25 @@
// Full featured (required) implementations for 5.8+ kernels (these are S+ by definition)
-DEFINE_BPF_PROG_KVER("schedcls/tether_downstream4_rawip$5_8", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER("schedcls/tether_downstream4_rawip$5_8", TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream4_rawip_5_8, KVER(5, 8, 0))
(struct __sk_buff* skb) {
return do_forward4(skb, /* is_ethernet */ false, /* downstream */ true, /* updatetime */ true);
}
-DEFINE_BPF_PROG_KVER("schedcls/tether_upstream4_rawip$5_8", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER("schedcls/tether_upstream4_rawip$5_8", TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream4_rawip_5_8, KVER(5, 8, 0))
(struct __sk_buff* skb) {
return do_forward4(skb, /* is_ethernet */ false, /* downstream */ false, /* updatetime */ true);
}
-DEFINE_BPF_PROG_KVER("schedcls/tether_downstream4_ether$5_8", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER("schedcls/tether_downstream4_ether$5_8", TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream4_ether_5_8, KVER(5, 8, 0))
(struct __sk_buff* skb) {
return do_forward4(skb, /* is_ethernet */ true, /* downstream */ true, /* updatetime */ true);
}
-DEFINE_BPF_PROG_KVER("schedcls/tether_upstream4_ether$5_8", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER("schedcls/tether_upstream4_ether$5_8", TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream4_ether_5_8, KVER(5, 8, 0))
(struct __sk_buff* skb) {
return do_forward4(skb, /* is_ethernet */ true, /* downstream */ false, /* updatetime */ true);
@@ -673,7 +674,7 @@
// (optional, because we need to be able to fallback for 4.14/4.19/5.4 pre-S kernels)
DEFINE_OPTIONAL_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_rawip$opt",
- AID_ROOT, AID_NETWORK_STACK,
+ TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream4_rawip_opt,
KVER(4, 14, 0), KVER(5, 8, 0))
(struct __sk_buff* skb) {
@@ -681,7 +682,7 @@
}
DEFINE_OPTIONAL_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_rawip$opt",
- AID_ROOT, AID_NETWORK_STACK,
+ TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream4_rawip_opt,
KVER(4, 14, 0), KVER(5, 8, 0))
(struct __sk_buff* skb) {
@@ -689,7 +690,7 @@
}
DEFINE_OPTIONAL_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_ether$opt",
- AID_ROOT, AID_NETWORK_STACK,
+ TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream4_ether_opt,
KVER(4, 14, 0), KVER(5, 8, 0))
(struct __sk_buff* skb) {
@@ -697,7 +698,7 @@
}
DEFINE_OPTIONAL_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_ether$opt",
- AID_ROOT, AID_NETWORK_STACK,
+ TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream4_ether_opt,
KVER(4, 14, 0), KVER(5, 8, 0))
(struct __sk_buff* skb) {
@@ -718,13 +719,13 @@
// RAWIP: Required for 5.4-R kernels -- which always support bpf_skb_change_head().
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_rawip$5_4", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_rawip$5_4", TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream4_rawip_5_4, KVER(5, 4, 0), KVER(5, 8, 0))
(struct __sk_buff* skb) {
return do_forward4(skb, /* is_ethernet */ false, /* downstream */ true, /* updatetime */ false);
}
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_rawip$5_4", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_rawip$5_4", TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream4_rawip_5_4, KVER(5, 4, 0), KVER(5, 8, 0))
(struct __sk_buff* skb) {
return do_forward4(skb, /* is_ethernet */ false, /* downstream */ false, /* updatetime */ false);
@@ -734,7 +735,7 @@
// [Note: fallback for 4.14/4.19 (P/Q) kernels is below in stub section]
DEFINE_OPTIONAL_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_rawip$4_14",
- AID_ROOT, AID_NETWORK_STACK,
+ TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream4_rawip_4_14,
KVER(4, 14, 0), KVER(5, 4, 0))
(struct __sk_buff* skb) {
@@ -742,7 +743,7 @@
}
DEFINE_OPTIONAL_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_rawip$4_14",
- AID_ROOT, AID_NETWORK_STACK,
+ TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream4_rawip_4_14,
KVER(4, 14, 0), KVER(5, 4, 0))
(struct __sk_buff* skb) {
@@ -751,13 +752,13 @@
// ETHER: Required for 4.14-Q/R, 4.19-Q/R & 5.4-R kernels.
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_ether$4_14", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_ether$4_14", TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream4_ether_4_14, KVER(4, 14, 0), KVER(5, 8, 0))
(struct __sk_buff* skb) {
return do_forward4(skb, /* is_ethernet */ true, /* downstream */ true, /* updatetime */ false);
}
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_ether$4_14", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_ether$4_14", TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream4_ether_4_14, KVER(4, 14, 0), KVER(5, 8, 0))
(struct __sk_buff* skb) {
return do_forward4(skb, /* is_ethernet */ true, /* downstream */ false, /* updatetime */ false);
@@ -767,13 +768,13 @@
// RAWIP: 4.9-P/Q, 4.14-P/Q & 4.19-Q kernels -- without bpf_skb_change_head() for tc programs
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_rawip$stub", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_rawip$stub", TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream4_rawip_stub, KVER_NONE, KVER(5, 4, 0))
(struct __sk_buff* skb) {
return TC_ACT_PIPE;
}
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_rawip$stub", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_rawip$stub", TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream4_rawip_stub, KVER_NONE, KVER(5, 4, 0))
(struct __sk_buff* skb) {
return TC_ACT_PIPE;
@@ -781,13 +782,13 @@
// ETHER: 4.9-P/Q kernel
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_ether$stub", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_downstream4_ether$stub", TETHERING_UID, TETHERING_GID,
sched_cls_tether_downstream4_ether_stub, KVER_NONE, KVER(4, 14, 0))
(struct __sk_buff* skb) {
return TC_ACT_PIPE;
}
-DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_ether$stub", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER_RANGE("schedcls/tether_upstream4_ether$stub", TETHERING_UID, TETHERING_GID,
sched_cls_tether_upstream4_ether_stub, KVER_NONE, KVER(4, 14, 0))
(struct __sk_buff* skb) {
return TC_ACT_PIPE;
@@ -795,7 +796,7 @@
// ----- XDP Support -----
-DEFINE_BPF_MAP_GRW(tether_dev_map, DEVMAP_HASH, uint32_t, uint32_t, 64, AID_NETWORK_STACK)
+DEFINE_BPF_MAP_GRW(tether_dev_map, DEVMAP_HASH, uint32_t, uint32_t, 64, TETHERING_GID)
static inline __always_inline int do_xdp_forward6(struct xdp_md *ctx, const bool is_ethernet,
const bool downstream) {
@@ -840,7 +841,7 @@
}
#define DEFINE_XDP_PROG(str, func) \
- DEFINE_BPF_PROG_KVER(str, AID_ROOT, AID_NETWORK_STACK, func, KVER(5, 9, 0))(struct xdp_md *ctx)
+ DEFINE_BPF_PROG_KVER(str, TETHERING_UID, TETHERING_GID, func, KVER(5, 9, 0))(struct xdp_md *ctx)
DEFINE_XDP_PROG("xdp/tether_downstream_ether",
xdp_tether_downstream_ether) {
@@ -863,4 +864,4 @@
}
LICENSE("Apache 2.0");
-CRITICAL("tethering");
+CRITICAL("Connectivity (Tethering)");
diff --git a/bpf_progs/offload@btf.c b/bpf_progs/offload@btf.c
new file mode 120000
index 0000000..4092e0d
--- /dev/null
+++ b/bpf_progs/offload@btf.c
@@ -0,0 +1 @@
+offload.c
\ No newline at end of file
diff --git a/bpf_progs/offload@inprocess.c b/bpf_progs/offload@inprocess.c
new file mode 120000
index 0000000..4092e0d
--- /dev/null
+++ b/bpf_progs/offload@inprocess.c
@@ -0,0 +1 @@
+offload.c
\ No newline at end of file
diff --git a/bpf_progs/test.c b/bpf_progs/test.c
index f2fcc8c..d42205f 100644
--- a/bpf_progs/test.c
+++ b/bpf_progs/test.c
@@ -18,8 +18,27 @@
#include <linux/in.h>
#include <linux/ip.h>
+#ifdef BTF
+// BTF is incompatible with bpfloaders < v0.10, hence for S (v0.2) we must
+// ship a different file than for later versions, but we need bpfloader v0.25+
+// for obj@ver.o support
+#define BPFLOADER_MIN_VER BPFLOADER_OBJ_AT_VER_VERSION
+#else /* BTF */
// The resulting .o needs to load on the Android S bpfloader
#define BPFLOADER_MIN_VER BPFLOADER_S_VERSION
+#define BPFLOADER_MAX_VER BPFLOADER_OBJ_AT_VER_VERSION
+#endif /* BTF */
+
+// Warning: values other than AID_ROOT don't work for map uid on BpfLoader < v0.21
+#define TETHERING_UID AID_ROOT
+
+#ifdef INPROCESS
+#define DEFAULT_BPF_MAP_SELINUX_CONTEXT "fs_bpf_net_shared"
+#define DEFAULT_BPF_PROG_SELINUX_CONTEXT "fs_bpf_net_shared"
+#define TETHERING_GID AID_SYSTEM
+#else
+#define TETHERING_GID AID_NETWORK_STACK
+#endif
#include "bpf_helpers.h"
#include "bpf_net_helpers.h"
@@ -27,12 +46,11 @@
// Used only by TetheringPrivilegedTests, not by production code.
DEFINE_BPF_MAP_GRW(tether_downstream6_map, HASH, TetherDownstream6Key, Tether6Value, 16,
- AID_NETWORK_STACK)
+ TETHERING_GID)
// Used only by BpfBitmapTest, not by production code.
-DEFINE_BPF_MAP_GRW(bitmap, ARRAY, int, uint64_t, 2,
- AID_NETWORK_STACK)
+DEFINE_BPF_MAP_GRW(bitmap, ARRAY, int, uint64_t, 2, TETHERING_GID)
-DEFINE_BPF_PROG_KVER("xdp/drop_ipv4_udp_ether", AID_ROOT, AID_NETWORK_STACK,
+DEFINE_BPF_PROG_KVER("xdp/drop_ipv4_udp_ether", TETHERING_UID, TETHERING_GID,
xdp_test, KVER(5, 9, 0))
(struct xdp_md *ctx) {
void *data = (void *)(long)ctx->data;
diff --git a/bpf_progs/test@btf.c b/bpf_progs/test@btf.c
new file mode 120000
index 0000000..aeebb26
--- /dev/null
+++ b/bpf_progs/test@btf.c
@@ -0,0 +1 @@
+test.c
\ No newline at end of file
diff --git a/bpf_progs/test@inprocess.c b/bpf_progs/test@inprocess.c
new file mode 120000
index 0000000..aeebb26
--- /dev/null
+++ b/bpf_progs/test@inprocess.c
@@ -0,0 +1 @@
+test.c
\ No newline at end of file
diff --git a/common/Android.bp b/common/Android.bp
new file mode 100644
index 0000000..729ef32
--- /dev/null
+++ b/common/Android.bp
@@ -0,0 +1,45 @@
+//
+// Copyright (C) 2022 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package {
+ // See: http://go/android-license-faq
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+java_library {
+ name: "connectivity-net-module-utils-bpf",
+ srcs: [
+ "src/com/android/net/module/util/bpf/*.java",
+ ],
+ sdk_version: "module_current",
+ min_sdk_version: "29",
+ visibility: [
+ // Do not add any lib. This library is only shared inside connectivity module
+ // and its tests.
+ "//packages/modules/Connectivity:__subpackages__",
+ ],
+ libs: [
+ "androidx.annotation_annotation",
+ "framework-connectivity.stubs.module_lib",
+ ],
+ static_libs: [
+ "net-utils-device-common-struct",
+ ],
+ apex_available: [
+ "com.android.tethering",
+ ],
+ lint: { strict_updatability_linting: true },
+}
diff --git a/service-t/src/com/android/server/net/CookieTagMapKey.java b/common/src/com/android/net/module/util/bpf/ClatEgress4Key.java
similarity index 60%
copy from service-t/src/com/android/server/net/CookieTagMapKey.java
copy to common/src/com/android/net/module/util/bpf/ClatEgress4Key.java
index 443e5b3..f0af3dd 100644
--- a/service-t/src/com/android/server/net/CookieTagMapKey.java
+++ b/common/src/com/android/net/module/util/bpf/ClatEgress4Key.java
@@ -14,20 +14,24 @@
* limitations under the License.
*/
-package com.android.server.net;
+package com.android.net.module.util.bpf;
import com.android.net.module.util.Struct;
import com.android.net.module.util.Struct.Field;
import com.android.net.module.util.Struct.Type;
-/**
- * Key for cookie tag map.
- */
-public class CookieTagMapKey extends Struct {
- @Field(order = 0, type = Type.S64)
- public final long socketCookie;
+import java.net.Inet4Address;
- public CookieTagMapKey(final long socketCookie) {
- this.socketCookie = socketCookie;
+/** Key type for clat egress IPv4 maps. */
+public class ClatEgress4Key extends Struct {
+ @Field(order = 0, type = Type.S32)
+ public final int iif; // The input interface index
+
+ @Field(order = 1, type = Type.Ipv4Address)
+ public final Inet4Address local4; // The source IPv4 address
+
+ public ClatEgress4Key(final int iif, final Inet4Address local4) {
+ this.iif = iif;
+ this.local4 = local4;
}
}
diff --git a/common/src/com/android/net/module/util/bpf/ClatEgress4Value.java b/common/src/com/android/net/module/util/bpf/ClatEgress4Value.java
new file mode 100644
index 0000000..69fab09
--- /dev/null
+++ b/common/src/com/android/net/module/util/bpf/ClatEgress4Value.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.net.module.util.bpf;
+
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.Struct.Field;
+import com.android.net.module.util.Struct.Type;
+
+import java.net.Inet6Address;
+
+/** Value type for clat egress IPv4 maps. */
+public class ClatEgress4Value extends Struct {
+ @Field(order = 0, type = Type.S32)
+ public final int oif; // The output interface to redirect to
+
+ @Field(order = 1, type = Type.Ipv6Address)
+ public final Inet6Address local6; // The full 128-bits of the source IPv6 address
+
+ @Field(order = 2, type = Type.Ipv6Address)
+ public final Inet6Address pfx96; // The destination /96 nat64 prefix, bottom 32 bits must be 0
+
+ @Field(order = 3, type = Type.U8, padding = 3)
+ public final short oifIsEthernet; // Whether the output interface requires ethernet header
+
+ public ClatEgress4Value(final int oif, final Inet6Address local6, final Inet6Address pfx96,
+ final short oifIsEthernet) {
+ this.oif = oif;
+ this.local6 = local6;
+ this.pfx96 = pfx96;
+ this.oifIsEthernet = oifIsEthernet;
+ }
+}
diff --git a/common/src/com/android/net/module/util/bpf/ClatIngress6Key.java b/common/src/com/android/net/module/util/bpf/ClatIngress6Key.java
new file mode 100644
index 0000000..561113c
--- /dev/null
+++ b/common/src/com/android/net/module/util/bpf/ClatIngress6Key.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.net.module.util.bpf;
+
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.Struct.Field;
+import com.android.net.module.util.Struct.Type;
+
+import java.net.Inet6Address;
+
+/** Key type for clat ingress IPv6 maps. */
+public class ClatIngress6Key extends Struct {
+ @Field(order = 0, type = Type.S32)
+ public final int iif; // The input interface index
+
+ @Field(order = 1, type = Type.Ipv6Address)
+ public final Inet6Address pfx96; // The source /96 nat64 prefix, bottom 32 bits must be 0
+
+ @Field(order = 2, type = Type.Ipv6Address)
+ public final Inet6Address local6; // The full 128-bits of the destination IPv6 address
+
+ public ClatIngress6Key(final int iif, final Inet6Address pfx96, final Inet6Address local6) {
+ this.iif = iif;
+ this.pfx96 = pfx96;
+ this.local6 = local6;
+ }
+}
diff --git a/common/src/com/android/net/module/util/bpf/ClatIngress6Value.java b/common/src/com/android/net/module/util/bpf/ClatIngress6Value.java
new file mode 100644
index 0000000..fb81caa
--- /dev/null
+++ b/common/src/com/android/net/module/util/bpf/ClatIngress6Value.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.net.module.util.bpf;
+
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.Struct.Field;
+import com.android.net.module.util.Struct.Type;
+
+import java.net.Inet4Address;
+
+/** Value type for clat ingress IPv6 maps. */
+public class ClatIngress6Value extends Struct {
+ @Field(order = 0, type = Type.S32)
+ public final int oif; // The output interface to redirect to (0 means don't redirect)
+
+ @Field(order = 1, type = Type.Ipv4Address)
+ public final Inet4Address local4; // The destination IPv4 address
+
+ public ClatIngress6Value(final int oif, final Inet4Address local4) {
+ this.oif = oif;
+ this.local4 = local4;
+ }
+}
diff --git a/service-t/src/com/android/server/net/CookieTagMapKey.java b/common/src/com/android/net/module/util/bpf/CookieTagMapKey.java
similarity index 95%
rename from service-t/src/com/android/server/net/CookieTagMapKey.java
rename to common/src/com/android/net/module/util/bpf/CookieTagMapKey.java
index 443e5b3..17da7a0 100644
--- a/service-t/src/com/android/server/net/CookieTagMapKey.java
+++ b/common/src/com/android/net/module/util/bpf/CookieTagMapKey.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package com.android.server.net;
+package com.android.net.module.util.bpf;
import com.android.net.module.util.Struct;
import com.android.net.module.util.Struct.Field;
diff --git a/service-t/src/com/android/server/net/CookieTagMapValue.java b/common/src/com/android/net/module/util/bpf/CookieTagMapValue.java
similarity index 84%
rename from service-t/src/com/android/server/net/CookieTagMapValue.java
rename to common/src/com/android/net/module/util/bpf/CookieTagMapValue.java
index 93b9195..3fbd6fc 100644
--- a/service-t/src/com/android/server/net/CookieTagMapValue.java
+++ b/common/src/com/android/net/module/util/bpf/CookieTagMapValue.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package com.android.server.net;
+package com.android.net.module.util.bpf;
import com.android.net.module.util.Struct;
import com.android.net.module.util.Struct.Field;
@@ -24,13 +24,13 @@
* Value for cookie tag map.
*/
public class CookieTagMapValue extends Struct {
- @Field(order = 0, type = Type.U32)
- public final long uid;
+ @Field(order = 0, type = Type.S32)
+ public final int uid;
@Field(order = 1, type = Type.U32)
public final long tag;
- public CookieTagMapValue(final long uid, final long tag) {
+ public CookieTagMapValue(final int uid, final long tag) {
this.uid = uid;
this.tag = tag;
}
diff --git a/common/src/com/android/net/module/util/bpf/Tether4Key.java b/common/src/com/android/net/module/util/bpf/Tether4Key.java
new file mode 100644
index 0000000..8273e6a
--- /dev/null
+++ b/common/src/com/android/net/module/util/bpf/Tether4Key.java
@@ -0,0 +1,81 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.net.module.util.bpf;
+
+import android.net.MacAddress;
+
+import androidx.annotation.NonNull;
+
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.Struct.Field;
+import com.android.net.module.util.Struct.Type;
+
+import java.net.Inet4Address;
+import java.net.UnknownHostException;
+import java.util.Objects;
+
+/** Key type for downstream & upstream IPv4 forwarding maps. */
+public class Tether4Key extends Struct {
+ @Field(order = 0, type = Type.S32)
+ public final int iif;
+
+ @Field(order = 1, type = Type.EUI48)
+ public final MacAddress dstMac;
+
+ @Field(order = 2, type = Type.U8, padding = 1)
+ public final short l4proto;
+
+ @Field(order = 3, type = Type.ByteArray, arraysize = 4)
+ public final byte[] src4;
+
+ @Field(order = 4, type = Type.ByteArray, arraysize = 4)
+ public final byte[] dst4;
+
+ @Field(order = 5, type = Type.UBE16)
+ public final int srcPort;
+
+ @Field(order = 6, type = Type.UBE16)
+ public final int dstPort;
+
+ public Tether4Key(final int iif, @NonNull final MacAddress dstMac, final short l4proto,
+ final byte[] src4, final byte[] dst4, final int srcPort,
+ final int dstPort) {
+ Objects.requireNonNull(dstMac);
+
+ this.iif = iif;
+ this.dstMac = dstMac;
+ this.l4proto = l4proto;
+ this.src4 = src4;
+ this.dst4 = dst4;
+ this.srcPort = srcPort;
+ this.dstPort = dstPort;
+ }
+
+ @Override
+ public String toString() {
+ try {
+ return String.format(
+ "iif: %d, dstMac: %s, l4proto: %d, src4: %s, dst4: %s, "
+ + "srcPort: %d, dstPort: %d",
+ iif, dstMac, l4proto,
+ Inet4Address.getByAddress(src4), Inet4Address.getByAddress(dst4),
+ Short.toUnsignedInt((short) srcPort), Short.toUnsignedInt((short) dstPort));
+ } catch (UnknownHostException | IllegalArgumentException e) {
+ return String.format("Invalid IP address", e);
+ }
+ }
+}
diff --git a/common/src/com/android/net/module/util/bpf/Tether4Value.java b/common/src/com/android/net/module/util/bpf/Tether4Value.java
new file mode 100644
index 0000000..74fdda2
--- /dev/null
+++ b/common/src/com/android/net/module/util/bpf/Tether4Value.java
@@ -0,0 +1,97 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.net.module.util.bpf;
+
+import android.net.MacAddress;
+
+import androidx.annotation.NonNull;
+
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.Struct.Field;
+import com.android.net.module.util.Struct.Type;
+
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Objects;
+
+/** Value type for downstream & upstream IPv4 forwarding maps. */
+public class Tether4Value extends Struct {
+ @Field(order = 0, type = Type.S32)
+ public final int oif;
+
+ // The ethhdr struct which is defined in uapi/linux/if_ether.h
+ @Field(order = 1, type = Type.EUI48)
+ public final MacAddress ethDstMac;
+ @Field(order = 2, type = Type.EUI48)
+ public final MacAddress ethSrcMac;
+ @Field(order = 3, type = Type.UBE16)
+ public final int ethProto; // Packet type ID field.
+
+ @Field(order = 4, type = Type.U16)
+ public final int pmtu;
+
+ @Field(order = 5, type = Type.ByteArray, arraysize = 16)
+ public final byte[] src46;
+
+ @Field(order = 6, type = Type.ByteArray, arraysize = 16)
+ public final byte[] dst46;
+
+ @Field(order = 7, type = Type.UBE16)
+ public final int srcPort;
+
+ @Field(order = 8, type = Type.UBE16)
+ public final int dstPort;
+
+ // TODO: consider using U64.
+ @Field(order = 9, type = Type.U63)
+ public final long lastUsed;
+
+ public Tether4Value(final int oif, @NonNull final MacAddress ethDstMac,
+ @NonNull final MacAddress ethSrcMac, final int ethProto, final int pmtu,
+ final byte[] src46, final byte[] dst46, final int srcPort,
+ final int dstPort, final long lastUsed) {
+ Objects.requireNonNull(ethDstMac);
+ Objects.requireNonNull(ethSrcMac);
+
+ this.oif = oif;
+ this.ethDstMac = ethDstMac;
+ this.ethSrcMac = ethSrcMac;
+ this.ethProto = ethProto;
+ this.pmtu = pmtu;
+ this.src46 = src46;
+ this.dst46 = dst46;
+ this.srcPort = srcPort;
+ this.dstPort = dstPort;
+ this.lastUsed = lastUsed;
+ }
+
+ @Override
+ public String toString() {
+ try {
+ return String.format(
+ "oif: %d, ethDstMac: %s, ethSrcMac: %s, ethProto: %d, pmtu: %d, "
+ + "src46: %s, dst46: %s, srcPort: %d, dstPort: %d, "
+ + "lastUsed: %d",
+ oif, ethDstMac, ethSrcMac, ethProto, pmtu,
+ InetAddress.getByAddress(src46), InetAddress.getByAddress(dst46),
+ Short.toUnsignedInt((short) srcPort), Short.toUnsignedInt((short) dstPort),
+ lastUsed);
+ } catch (UnknownHostException | IllegalArgumentException e) {
+ return String.format("Invalid IP address", e);
+ }
+ }
+}
diff --git a/service-t/src/com/android/server/net/CookieTagMapKey.java b/common/src/com/android/net/module/util/bpf/TetherStatsKey.java
similarity index 65%
copy from service-t/src/com/android/server/net/CookieTagMapKey.java
copy to common/src/com/android/net/module/util/bpf/TetherStatsKey.java
index 443e5b3..68111b6 100644
--- a/service-t/src/com/android/server/net/CookieTagMapKey.java
+++ b/common/src/com/android/net/module/util/bpf/TetherStatsKey.java
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2022 The Android Open Source Project
+ * Copyright (C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -14,20 +14,18 @@
* limitations under the License.
*/
-package com.android.server.net;
+package com.android.net.module.util.bpf;
import com.android.net.module.util.Struct;
import com.android.net.module.util.Struct.Field;
import com.android.net.module.util.Struct.Type;
-/**
- * Key for cookie tag map.
- */
-public class CookieTagMapKey extends Struct {
- @Field(order = 0, type = Type.S64)
- public final long socketCookie;
+/** The key of BpfMap which is used for tethering stats. */
+public class TetherStatsKey extends Struct {
+ @Field(order = 0, type = Type.S32)
+ public final int ifindex; // upstream interface index
- public CookieTagMapKey(final long socketCookie) {
- this.socketCookie = socketCookie;
+ public TetherStatsKey(final int ifindex) {
+ this.ifindex = ifindex;
}
}
diff --git a/common/src/com/android/net/module/util/bpf/TetherStatsValue.java b/common/src/com/android/net/module/util/bpf/TetherStatsValue.java
new file mode 100644
index 0000000..f05d1b7
--- /dev/null
+++ b/common/src/com/android/net/module/util/bpf/TetherStatsValue.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.net.module.util.bpf;
+
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.Struct.Field;
+import com.android.net.module.util.Struct.Type;
+
+/** The key of BpfMap which is used for tethering stats. */
+public class TetherStatsValue extends Struct {
+ // Use the signed long variable to store the uint64 stats from stats BPF map.
+ // U63 is enough for each data element even at 5Gbps for ~468 years.
+ // 2^63 / (5 * 1000 * 1000 * 1000) * 8 / 86400 / 365 = 468.
+ @Field(order = 0, type = Type.U63)
+ public final long rxPackets;
+ @Field(order = 1, type = Type.U63)
+ public final long rxBytes;
+ @Field(order = 2, type = Type.U63)
+ public final long rxErrors;
+ @Field(order = 3, type = Type.U63)
+ public final long txPackets;
+ @Field(order = 4, type = Type.U63)
+ public final long txBytes;
+ @Field(order = 5, type = Type.U63)
+ public final long txErrors;
+
+ public TetherStatsValue(final long rxPackets, final long rxBytes, final long rxErrors,
+ final long txPackets, final long txBytes, final long txErrors) {
+ this.rxPackets = rxPackets;
+ this.rxBytes = rxBytes;
+ this.rxErrors = rxErrors;
+ this.txPackets = txPackets;
+ this.txBytes = txBytes;
+ this.txErrors = txErrors;
+ }
+}
diff --git a/framework-t/Android.bp b/framework-t/Android.bp
index 9c8b359..d40fad9 100644
--- a/framework-t/Android.bp
+++ b/framework-t/Android.bp
@@ -43,14 +43,9 @@
":framework-connectivity-tiramisu-updatable-sources",
":framework-nearby-java-sources",
],
- stub_only_libs: [
- // Use prebuilt framework-connectivity stubs to avoid circular dependencies
- "sdk_module-lib_current_framework-connectivity",
- ],
libs: [
"unsupportedappusage",
"app-compat-annotations",
- "sdk_module-lib_current_framework-connectivity",
],
impl_only_libs: [
// The build system will use framework-bluetooth module_current stubs, because
@@ -80,6 +75,12 @@
],
}
+filegroup {
+ name: "connectivity-t-hiddenapi-files",
+ srcs: ["hiddenapi/*.txt"],
+ visibility: ["//packages/modules/Connectivity:__subpackages__"],
+}
+
java_library {
name: "framework-connectivity-t-pre-jarjar",
defaults: ["framework-connectivity-t-defaults"],
@@ -103,7 +104,14 @@
// Do not add static_libs to this library: put them in framework-connectivity instead.
// The jarjar rules are only so that references to jarjared utils in
// framework-connectivity-pre-jarjar match at runtime.
- jarjar_rules: ":connectivity-jarjar-rules",
+ jarjar_rules: ":framework-connectivity-jarjar-rules",
+ stub_only_libs: [
+ // Use prebuilt framework-connectivity stubs to avoid circular dependencies
+ "sdk_module-lib_current_framework-connectivity",
+ ],
+ libs: [
+ "sdk_module-lib_current_framework-connectivity",
+ ],
permitted_packages: [
"android.app.usage",
"android.net",
@@ -112,10 +120,24 @@
"com.android.connectivity",
"com.android.nearby",
],
+
+ hidden_api: {
+ max_target_o_low_priority: [
+ "hiddenapi/hiddenapi-max-target-o-low-priority-tiramisu.txt",
+ ],
+ max_target_r_low_priority: [
+ "hiddenapi/hiddenapi-max-target-r-loprio.txt",
+ ],
+ unsupported: [
+ "hiddenapi/hiddenapi-unsupported-tiramisu.txt",
+ ],
+ },
+
impl_library_visibility: [
"//packages/modules/Connectivity/Tethering/apex",
// In preparation for future move
"//packages/modules/Connectivity/apex",
+ "//packages/modules/Connectivity/service", // For R8 only
"//packages/modules/Connectivity/service-t",
"//packages/modules/Connectivity/nearby/service",
"//frameworks/base",
@@ -141,3 +163,8 @@
"//packages/modules/Wifi/service/tests/wifitests",
],
}
+
+platform_compat_config {
+ name: "connectivity-t-platform-compat-config",
+ src: ":framework-connectivity-t",
+}
diff --git a/framework-t/Sources.bp b/framework-t/Sources.bp
index b30ee80..391a562 100644
--- a/framework-t/Sources.bp
+++ b/framework-t/Sources.bp
@@ -14,125 +14,13 @@
// limitations under the License.
//
-// NetworkStats related libraries.
-
-filegroup {
- name: "framework-connectivity-netstats-internal-sources",
- srcs: [
- "src/android/app/usage/*.java",
- "src/android/net/DataUsageRequest.*",
- "src/android/net/INetworkStatsService.aidl",
- "src/android/net/INetworkStatsSession.aidl",
- "src/android/net/NetworkIdentity.java",
- "src/android/net/NetworkIdentitySet.java",
- "src/android/net/NetworkStateSnapshot.*",
- "src/android/net/NetworkStats.*",
- "src/android/net/NetworkStatsAccess.*",
- "src/android/net/NetworkStatsCollection.*",
- "src/android/net/NetworkStatsHistory.*",
- "src/android/net/NetworkTemplate.*",
- "src/android/net/TrafficStats.java",
- "src/android/net/UnderlyingNetworkInfo.*",
- "src/android/net/netstats/**/*.*",
- ],
- path: "src",
- visibility: [
- "//visibility:private",
- ],
-}
-
-filegroup {
- name: "framework-connectivity-netstats-sources",
- srcs: [
- ":framework-connectivity-netstats-internal-sources",
- ],
- visibility: [
- "//visibility:private",
- ],
-}
-
-// Nsd related libraries.
-
-filegroup {
- name: "framework-connectivity-nsd-internal-sources",
- srcs: [
- "src/android/net/nsd/*.aidl",
- "src/android/net/nsd/*.java",
- ],
- path: "src",
- visibility: [
- "//visibility:private",
- ],
-}
-
-filegroup {
- name: "framework-connectivity-nsd-sources",
- srcs: [
- ":framework-connectivity-nsd-internal-sources",
- ],
- visibility: [
- "//visibility:private",
- ],
-}
-
-// IpSec related libraries.
-
-filegroup {
- name: "framework-connectivity-ipsec-sources",
- srcs: [
- "src/android/net/IIpSecService.aidl",
- "src/android/net/IpSec*.*",
- ],
- path: "src",
- visibility: [
- "//visibility:private",
- ],
-}
-
-// Ethernet related libraries.
-
-filegroup {
- name: "framework-connectivity-ethernet-sources",
- srcs: [
- "src/android/net/EthernetManager.java",
- "src/android/net/EthernetNetworkManagementException.java",
- "src/android/net/EthernetNetworkManagementException.aidl",
- "src/android/net/EthernetNetworkSpecifier.java",
- "src/android/net/EthernetNetworkUpdateRequest.java",
- "src/android/net/EthernetNetworkUpdateRequest.aidl",
- "src/android/net/IEthernetManager.aidl",
- "src/android/net/IEthernetServiceListener.aidl",
- "src/android/net/INetworkInterfaceOutcomeReceiver.aidl",
- "src/android/net/ITetheredInterfaceCallback.aidl",
- ],
- path: "src",
- visibility: [
- "//visibility:private",
- ],
-}
-
-// Connectivity-T common libraries.
-
-filegroup {
- name: "framework-connectivity-tiramisu-internal-sources",
- srcs: [
- "src/android/net/ConnectivityFrameworkInitializerTiramisu.java",
- ],
- path: "src",
- visibility: [
- "//visibility:private",
- ],
-}
-
filegroup {
name: "framework-connectivity-tiramisu-updatable-sources",
srcs: [
- ":framework-connectivity-ethernet-sources",
- ":framework-connectivity-ipsec-sources",
- ":framework-connectivity-netstats-sources",
- ":framework-connectivity-nsd-sources",
- ":framework-connectivity-tiramisu-internal-sources",
+ "src/**/*.java",
+ "src/**/*.aidl",
],
+ path: "src",
visibility: [
"//frameworks/base",
"//packages/modules/Connectivity:__subpackages__",
diff --git a/Tethering/apex/hiddenapi/hiddenapi-max-target-o-low-priority-tiramisu.txt b/framework-t/hiddenapi/hiddenapi-max-target-o-low-priority-tiramisu.txt
similarity index 100%
rename from Tethering/apex/hiddenapi/hiddenapi-max-target-o-low-priority-tiramisu.txt
rename to framework-t/hiddenapi/hiddenapi-max-target-o-low-priority-tiramisu.txt
diff --git a/Tethering/apex/hiddenapi/hiddenapi-max-target-r-loprio.txt b/framework-t/hiddenapi/hiddenapi-max-target-r-loprio.txt
similarity index 100%
rename from Tethering/apex/hiddenapi/hiddenapi-max-target-r-loprio.txt
rename to framework-t/hiddenapi/hiddenapi-max-target-r-loprio.txt
diff --git a/Tethering/apex/hiddenapi/hiddenapi-unsupported-tiramisu.txt b/framework-t/hiddenapi/hiddenapi-unsupported-tiramisu.txt
similarity index 100%
rename from Tethering/apex/hiddenapi/hiddenapi-unsupported-tiramisu.txt
rename to framework-t/hiddenapi/hiddenapi-unsupported-tiramisu.txt
diff --git a/framework-t/src/android/app/usage/NetworkStats.java b/framework-t/src/android/app/usage/NetworkStats.java
index 74fe4bd..26841de 100644
--- a/framework-t/src/android/app/usage/NetworkStats.java
+++ b/framework-t/src/android/app/usage/NetworkStats.java
@@ -1,17 +1,17 @@
/**
* Copyright (C) 2015 The Android Open Source Project
*
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License. You may obtain a copy
- * of the License at
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations
- * under the License.
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
package android.app.usage;
@@ -36,11 +36,11 @@
import java.util.ArrayList;
/**
- * Class providing enumeration over buckets of network usage statistics. {@link NetworkStats} objects
- * are returned as results to various queries in {@link NetworkStatsManager}.
+ * Class providing enumeration over buckets of network usage statistics. {@link NetworkStats}
+ * objects are returned as results to various queries in {@link NetworkStatsManager}.
*/
public final class NetworkStats implements AutoCloseable {
- private final static String TAG = "NetworkStats";
+ private static final String TAG = "NetworkStats";
private final CloseGuard mCloseGuard = CloseGuard.get();
@@ -616,7 +616,7 @@
/**
* Steps to next uid in enumeration and collects history for that.
*/
- private void stepHistory(){
+ private void stepHistory() {
if (hasNextUid()) {
stepUid();
mHistory = null;
@@ -692,8 +692,8 @@
bucketOut.mMetered = Bucket.METERED_ALL;
bucketOut.mRoaming = Bucket.ROAMING_ALL;
bucketOut.mBeginTimeStamp = mRecycledHistoryEntry.bucketStart;
- bucketOut.mEndTimeStamp = mRecycledHistoryEntry.bucketStart +
- mRecycledHistoryEntry.bucketDuration;
+ bucketOut.mEndTimeStamp = mRecycledHistoryEntry.bucketStart
+ + mRecycledHistoryEntry.bucketDuration;
bucketOut.mRxBytes = mRecycledHistoryEntry.rxBytes;
bucketOut.mRxPackets = mRecycledHistoryEntry.rxPackets;
bucketOut.mTxBytes = mRecycledHistoryEntry.txBytes;
diff --git a/framework-t/src/android/app/usage/NetworkStatsManager.java b/framework-t/src/android/app/usage/NetworkStatsManager.java
index f41475b..d139544 100644
--- a/framework-t/src/android/app/usage/NetworkStatsManager.java
+++ b/framework-t/src/android/app/usage/NetworkStatsManager.java
@@ -19,6 +19,9 @@
import static android.annotation.SystemApi.Client.MODULE_LIBRARIES;
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
import static android.net.NetworkCapabilities.TRANSPORT_WIFI;
+import static android.net.NetworkStats.METERED_YES;
+import static android.net.NetworkTemplate.MATCH_MOBILE;
+import static android.net.NetworkTemplate.MATCH_WIFI;
import android.Manifest;
import android.annotation.CallbackExecutor;
@@ -55,6 +58,7 @@
import java.util.List;
import java.util.Objects;
+import java.util.Set;
import java.util.concurrent.Executor;
/**
@@ -1020,14 +1024,17 @@
switch (networkType) {
case ConnectivityManager.TYPE_MOBILE:
template = subscriberId == null
- ? NetworkTemplate.buildTemplateMobileWildcard()
- : NetworkTemplate.buildTemplateMobileAll(subscriberId);
+ ? new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setMeteredness(METERED_YES).build()
+ : new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setMeteredness(METERED_YES)
+ .setSubscriberIds(Set.of(subscriberId)).build();
break;
case ConnectivityManager.TYPE_WIFI:
template = TextUtils.isEmpty(subscriberId)
- ? NetworkTemplate.buildTemplateWifiWildcard()
- : NetworkTemplate.buildTemplateWifi(NetworkTemplate.WIFI_NETWORKID_ALL,
- subscriberId);
+ ? new NetworkTemplate.Builder(MATCH_WIFI).build()
+ : new NetworkTemplate.Builder(MATCH_WIFI)
+ .setSubscriberIds(Set.of(subscriberId)).build();
break;
default:
throw new IllegalArgumentException("Cannot create template for network type "
diff --git a/framework-t/src/android/net/EthernetManager.java b/framework-t/src/android/net/EthernetManager.java
index 886d194..b8070f0 100644
--- a/framework-t/src/android/net/EthernetManager.java
+++ b/framework-t/src/android/net/EthernetManager.java
@@ -22,13 +22,11 @@
import android.annotation.IntDef;
import android.annotation.NonNull;
import android.annotation.Nullable;
-import android.annotation.RequiresFeature;
import android.annotation.RequiresPermission;
import android.annotation.SystemApi;
import android.annotation.SystemService;
import android.compat.annotation.UnsupportedAppUsage;
import android.content.Context;
-import android.content.pm.PackageManager;
import android.os.Build;
import android.os.OutcomeReceiver;
import android.os.RemoteException;
@@ -573,7 +571,6 @@
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK,
android.Manifest.permission.NETWORK_STACK,
android.Manifest.permission.MANAGE_ETHERNET_NETWORKS})
- @RequiresFeature(PackageManager.FEATURE_AUTOMOTIVE)
public void enableInterface(
@NonNull String iface,
@Nullable @CallbackExecutor Executor executor,
@@ -582,7 +579,7 @@
final NetworkInterfaceOutcomeReceiver proxy = makeNetworkInterfaceOutcomeReceiver(
executor, callback);
try {
- mService.connectNetwork(iface, proxy);
+ mService.enableInterface(iface, proxy);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
@@ -610,7 +607,6 @@
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK,
android.Manifest.permission.NETWORK_STACK,
android.Manifest.permission.MANAGE_ETHERNET_NETWORKS})
- @RequiresFeature(PackageManager.FEATURE_AUTOMOTIVE)
public void disableInterface(
@NonNull String iface,
@Nullable @CallbackExecutor Executor executor,
@@ -619,7 +615,7 @@
final NetworkInterfaceOutcomeReceiver proxy = makeNetworkInterfaceOutcomeReceiver(
executor, callback);
try {
- mService.disconnectNetwork(iface, proxy);
+ mService.disableInterface(iface, proxy);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
diff --git a/framework-t/src/android/net/IEthernetManager.aidl b/framework-t/src/android/net/IEthernetManager.aidl
index 42e4c1a..c1efc29 100644
--- a/framework-t/src/android/net/IEthernetManager.aidl
+++ b/framework-t/src/android/net/IEthernetManager.aidl
@@ -43,8 +43,8 @@
void releaseTetheredInterface(in ITetheredInterfaceCallback callback);
void updateConfiguration(String iface, in EthernetNetworkUpdateRequest request,
in INetworkInterfaceOutcomeReceiver listener);
- void connectNetwork(String iface, in INetworkInterfaceOutcomeReceiver listener);
- void disconnectNetwork(String iface, in INetworkInterfaceOutcomeReceiver listener);
+ void enableInterface(String iface, in INetworkInterfaceOutcomeReceiver listener);
+ void disableInterface(String iface, in INetworkInterfaceOutcomeReceiver listener);
void setEthernetEnabled(boolean enabled);
List<String> getInterfaceList();
}
diff --git a/framework-t/src/android/net/IpSecManager.java b/framework-t/src/android/net/IpSecManager.java
index 9cb0947..9cceac2 100644
--- a/framework-t/src/android/net/IpSecManager.java
+++ b/framework-t/src/android/net/IpSecManager.java
@@ -817,10 +817,10 @@
* </ol>
*
* @param underlyingNetwork the new {@link Network} that will carry traffic for this tunnel.
- * This network MUST never be the network exposing this IpSecTunnelInterface, otherwise
- * this method will throw an {@link IllegalArgumentException}. If the
- * IpSecTunnelInterface is later added to this network, all outbound traffic will be
- * blackholed.
+ * This network MUST be a functional {@link Network} with valid {@link LinkProperties},
+ * and MUST never be the network exposing this IpSecTunnelInterface, otherwise this
+ * method will throw an {@link IllegalArgumentException}. If the IpSecTunnelInterface is
+ * later added to this network, all outbound traffic will be blackholed.
*/
// TODO: b/169171001 Update the documentation when transform migration is supported.
// The purpose of making updating network and applying transforms separate is to leave open
@@ -962,7 +962,6 @@
* IP header and IPsec Header on all inbound traffic).
* <p>Applications should probably not use this API directly.
*
- *
* @param tunnel The {@link IpSecManager#IpSecTunnelInterface} that will use the supplied
* transform.
* @param direction the direction, {@link DIRECTION_OUT} or {@link #DIRECTION_IN} in which
diff --git a/framework-t/src/android/net/NetworkIdentity.java b/framework-t/src/android/net/NetworkIdentity.java
index da5f88d..350ed86 100644
--- a/framework-t/src/android/net/NetworkIdentity.java
+++ b/framework-t/src/android/net/NetworkIdentity.java
@@ -85,6 +85,12 @@
private static final long SUPPORTED_OEM_MANAGED_TYPES = OEM_PAID | OEM_PRIVATE;
+ // Need to be synchronized with ConnectivityManager.
+ // TODO: Use {@code ConnectivityManager#*} when visible.
+ static final int TYPE_TEST = 18;
+ private static final int MAX_NETWORK_TYPE = TYPE_TEST;
+ private static final int MIN_NETWORK_TYPE = TYPE_MOBILE;
+
final int mType;
final int mRatType;
final int mSubId;
@@ -346,11 +352,6 @@
* Builder class for {@link NetworkIdentity}.
*/
public static final class Builder {
- // Need to be synchronized with ConnectivityManager.
- // TODO: Use {@link ConnectivityManager#MAX_NETWORK_TYPE} when this file is in the module.
- private static final int MAX_NETWORK_TYPE = 18; // TYPE_TEST
- private static final int MIN_NETWORK_TYPE = TYPE_MOBILE;
-
private int mType;
private int mRatType;
private String mSubscriberId;
@@ -413,6 +414,12 @@
final WifiInfo info = (WifiInfo) transportInfo;
setWifiNetworkKey(info.getNetworkKey());
}
+ } else if (mType == TYPE_TEST) {
+ final NetworkSpecifier ns = snapshot.getNetworkCapabilities().getNetworkSpecifier();
+ if (ns instanceof TestNetworkSpecifier) {
+ // Reuse the wifi network key field to identify individual test networks.
+ setWifiNetworkKey(((TestNetworkSpecifier) ns).getInterfaceName());
+ }
}
return this;
}
@@ -574,7 +581,7 @@
}
// Assert non-wifi network cannot have a wifi network key.
- if (mType != TYPE_WIFI && mWifiNetworkKey != null) {
+ if (mType != TYPE_WIFI && mType != TYPE_TEST && mWifiNetworkKey != null) {
throw new IllegalArgumentException("Invalid wifi network key for type " + mType);
}
}
diff --git a/framework-t/src/android/net/NetworkStats.java b/framework-t/src/android/net/NetworkStats.java
index 0bb98f8..8719960 100644
--- a/framework-t/src/android/net/NetworkStats.java
+++ b/framework-t/src/android/net/NetworkStats.java
@@ -302,20 +302,8 @@
/** @hide */
@UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
public Entry() {
- this(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, 0L, 0L, 0L, 0L, 0L);
- }
-
- /** @hide */
- public Entry(long rxBytes, long rxPackets, long txBytes, long txPackets, long operations) {
- this(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, rxBytes, rxPackets, txBytes, txPackets,
- operations);
- }
-
- /** @hide */
- public Entry(String iface, int uid, int set, int tag, long rxBytes, long rxPackets,
- long txBytes, long txPackets, long operations) {
- this(iface, uid, set, tag, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO,
- rxBytes, rxPackets, txBytes, txPackets, operations);
+ this(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 0L, 0L, 0L, 0L, 0L);
}
/**
@@ -607,7 +595,8 @@
public NetworkStats insertEntry(
String iface, long rxBytes, long rxPackets, long txBytes, long txPackets) {
return insertEntry(
- iface, UID_ALL, SET_DEFAULT, TAG_NONE, rxBytes, rxPackets, txBytes, txPackets, 0L);
+ iface, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO,
+ rxBytes, rxPackets, txBytes, txPackets, 0L);
}
/** @hide */
@@ -615,7 +604,8 @@
public NetworkStats insertEntry(String iface, int uid, int set, int tag, long rxBytes,
long rxPackets, long txBytes, long txPackets, long operations) {
return insertEntry(new Entry(
- iface, uid, set, tag, rxBytes, rxPackets, txBytes, txPackets, operations));
+ iface, uid, set, tag, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO,
+ rxBytes, rxPackets, txBytes, txPackets, operations));
}
/** @hide */
@@ -787,7 +777,8 @@
public NetworkStats combineValues(String iface, int uid, int set, int tag,
long rxBytes, long rxPackets, long txBytes, long txPackets, long operations) {
return combineValues(new Entry(
- iface, uid, set, tag, rxBytes, rxPackets, txBytes, txPackets, operations));
+ iface, uid, set, tag, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO,
+ rxBytes, rxPackets, txBytes, txPackets, operations));
}
/**
@@ -1041,7 +1032,7 @@
*/
public long getTotalPackets() {
long total = 0;
- for (int i = size-1; i >= 0; i--) {
+ for (int i = size - 1; i >= 0; i--) {
total += rxPackets[i] + txPackets[i];
}
return total;
diff --git a/framework-t/src/android/net/NetworkStatsCollection.java b/framework-t/src/android/net/NetworkStatsCollection.java
index 6a1d2dd..e23faa4 100644
--- a/framework-t/src/android/net/NetworkStatsCollection.java
+++ b/framework-t/src/android/net/NetworkStatsCollection.java
@@ -28,6 +28,10 @@
import static android.net.NetworkStats.SET_DEFAULT;
import static android.net.NetworkStats.TAG_NONE;
import static android.net.NetworkStats.UID_ALL;
+import static android.net.NetworkTemplate.MATCH_BLUETOOTH;
+import static android.net.NetworkTemplate.MATCH_ETHERNET;
+import static android.net.NetworkTemplate.MATCH_MOBILE;
+import static android.net.NetworkTemplate.MATCH_WIFI;
import static android.net.TrafficStats.UID_REMOVED;
import static android.text.format.DateUtils.WEEK_IN_MILLIS;
@@ -305,7 +309,8 @@
// ourselves something to scale with.
if (entry.rxBytes == 0 || entry.txBytes == 0) {
combined.recordData(augmentStart, augmentEnd,
- new NetworkStats.Entry(1, 0, 1, 0, 0));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE,
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 1L, 0L, 1L, 0L, 0L));
combined.getValues(augmentStart, augmentEnd, entry);
}
@@ -774,10 +779,11 @@
/** @hide */
public void dumpCheckin(PrintWriter pw, long start, long end) {
- dumpCheckin(pw, start, end, NetworkTemplate.buildTemplateMobileWildcard(), "cell");
- dumpCheckin(pw, start, end, NetworkTemplate.buildTemplateWifiWildcard(), "wifi");
- dumpCheckin(pw, start, end, NetworkTemplate.buildTemplateEthernet(), "eth");
- dumpCheckin(pw, start, end, NetworkTemplate.buildTemplateBluetooth(), "bt");
+ dumpCheckin(pw, start, end, new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setMeteredness(METERED_YES).build(), "cell");
+ dumpCheckin(pw, start, end, new NetworkTemplate.Builder(MATCH_WIFI).build(), "wifi");
+ dumpCheckin(pw, start, end, new NetworkTemplate.Builder(MATCH_ETHERNET).build(), "eth");
+ dumpCheckin(pw, start, end, new NetworkTemplate.Builder(MATCH_BLUETOOTH).build(), "bt");
}
/**
diff --git a/framework-t/src/android/net/NetworkStatsHistory.java b/framework-t/src/android/net/NetworkStatsHistory.java
index 738e9cc..c345747 100644
--- a/framework-t/src/android/net/NetworkStatsHistory.java
+++ b/framework-t/src/android/net/NetworkStatsHistory.java
@@ -17,7 +17,10 @@
package android.net;
import static android.annotation.SystemApi.Client.MODULE_LIBRARIES;
+import static android.net.NetworkStats.DEFAULT_NETWORK_NO;
import static android.net.NetworkStats.IFACE_ALL;
+import static android.net.NetworkStats.METERED_NO;
+import static android.net.NetworkStats.ROAMING_NO;
import static android.net.NetworkStats.SET_DEFAULT;
import static android.net.NetworkStats.TAG_NONE;
import static android.net.NetworkStats.UID_ALL;
@@ -529,7 +532,8 @@
@Deprecated
public void recordData(long start, long end, long rxBytes, long txBytes) {
recordData(start, end, new NetworkStats.Entry(
- IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, rxBytes, 0L, txBytes, 0L, 0L));
+ IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, rxBytes, 0L, txBytes, 0L, 0L));
}
/**
@@ -611,7 +615,8 @@
*/
public void recordHistory(NetworkStatsHistory input, long start, long end) {
final NetworkStats.Entry entry = new NetworkStats.Entry(
- IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, 0L, 0L, 0L, 0L, 0L);
+ IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 0L, 0L, 0L, 0L, 0L);
for (int i = 0; i < input.bucketCount; i++) {
final long bucketStart = input.bucketStart[i];
final long bucketEnd = bucketStart + input.bucketDuration;
@@ -854,7 +859,8 @@
ensureBuckets(start, end);
final NetworkStats.Entry entry = new NetworkStats.Entry(
- IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, 0L, 0L, 0L, 0L, 0L);
+ IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 0L, 0L, 0L, 0L, 0L);
while (rxBytes > 1024 || rxPackets > 128 || txBytes > 1024 || txPackets > 128
|| operations > 32) {
final long curStart = randomLong(r, start, end);
diff --git a/framework-t/src/android/net/NetworkTemplate.java b/framework-t/src/android/net/NetworkTemplate.java
index b82a126..b6bd1a5 100644
--- a/framework-t/src/android/net/NetworkTemplate.java
+++ b/framework-t/src/android/net/NetworkTemplate.java
@@ -50,6 +50,7 @@
import android.text.TextUtils;
import android.util.ArraySet;
+import com.android.internal.annotations.VisibleForTesting;
import com.android.net.module.util.CollectionUtils;
import com.android.net.module.util.NetworkIdentityUtils;
import com.android.net.module.util.NetworkStatsUtils;
@@ -114,6 +115,14 @@
* may offer non-cellular networks like WiFi, which will be matched by this rule.
*/
public static final int MATCH_CARRIER = 10;
+ /**
+ * Match rule to match networks with {@link ConnectivityManager#TYPE_TEST} as the legacy
+ * network type.
+ *
+ * @hide
+ */
+ @VisibleForTesting
+ public static final int MATCH_TEST = 11;
// TODO: Remove this and replace all callers with WIFI_NETWORK_KEY_ALL.
/** @hide */
@@ -176,6 +185,7 @@
case MATCH_BLUETOOTH:
case MATCH_PROXY:
case MATCH_CARRIER:
+ case MATCH_TEST:
return true;
default:
@@ -666,6 +676,8 @@
return matchesProxy(ident);
case MATCH_CARRIER:
return matchesCarrier(ident);
+ case MATCH_TEST:
+ return matchesTest(ident);
default:
// We have no idea what kind of network template we are, so we
// just claim not to match anything.
@@ -776,6 +788,17 @@
&& CollectionUtils.contains(mMatchSubscriberIds, ident.mSubscriberId);
}
+ /**
+ * Check if matches test network. If the wifiNetworkKeys in the template is specified, Then it
+ * will only match a network containing any of the specified the wifi network key. Otherwise,
+ * all test networks would be matched.
+ */
+ private boolean matchesTest(NetworkIdentity ident) {
+ return ident.mType == NetworkIdentity.TYPE_TEST
+ && ((CollectionUtils.isEmpty(mMatchWifiNetworkKeys)
+ || CollectionUtils.contains(mMatchWifiNetworkKeys, ident.mWifiNetworkKey)));
+ }
+
private boolean matchesMobileWildcard(NetworkIdentity ident) {
if (ident.mType == TYPE_WIMAX) {
return true;
@@ -829,6 +852,8 @@
return "PROXY";
case MATCH_CARRIER:
return "CARRIER";
+ case MATCH_TEST:
+ return "TEST";
default:
return "UNKNOWN(" + matchRule + ")";
}
@@ -1079,7 +1104,9 @@
}
private void validateWifiNetworkKeys() {
- if (mMatchRule != MATCH_WIFI && !mMatchWifiNetworkKeys.isEmpty()) {
+ // Also allow querying test networks which use wifi network key as identifier.
+ if (mMatchRule != MATCH_WIFI && mMatchRule != MATCH_TEST
+ && !mMatchWifiNetworkKeys.isEmpty()) {
throw new IllegalArgumentException("Trying to build non wifi match rule: "
+ mMatchRule + " with wifi network keys");
}
diff --git a/framework-t/src/android/net/netstats/provider/NetworkStatsProvider.java b/framework-t/src/android/net/netstats/provider/NetworkStatsProvider.java
index d37a53d..66d99a1 100644
--- a/framework-t/src/android/net/netstats/provider/NetworkStatsProvider.java
+++ b/framework-t/src/android/net/netstats/provider/NetworkStatsProvider.java
@@ -118,7 +118,7 @@
*
* @param token the token under which these stats were gathered. Providers can call this method
* with the current token as often as they want, until the token changes.
- * {@see NetworkStatsProvider#onRequestStatsUpdate()}
+ * See {@link NetworkStatsProvider#onRequestStatsUpdate(int)}
* @param ifaceStats the {@link NetworkStats} per interface to be reported.
* The provider should not include any traffic that is already counted by
* kernel interface counters.
diff --git a/framework-t/src/android/net/nsd/NsdManager.java b/framework-t/src/android/net/nsd/NsdManager.java
index f19bf4a..fb3b1d6 100644
--- a/framework-t/src/android/net/nsd/NsdManager.java
+++ b/framework-t/src/android/net/nsd/NsdManager.java
@@ -126,7 +126,7 @@
* http://www.iana.org/form/ports-service. Existing services can be found at
* http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml
*
- * {@see NsdServiceInfo}
+ * @see NsdServiceInfo
*/
@SystemService(Context.NSD_SERVICE)
public final class NsdManager {
@@ -139,17 +139,21 @@
* The platform will only keep the daemon running as long as there are
* any legacy apps connected.
*
- * After Android 12, directly communicate with native daemon might not
- * work since the native damon won't always stay alive.
- * Use the NSD APIs from NsdManager as the replacement is recommended.
- * An another alternative could be bundling your own mdns solutions instead of
+ * After Android 12, direct communication with the native daemon might not work since the native
+ * daemon won't always stay alive. Using the NSD APIs from NsdManager as the replacement is
+ * recommended.
+ * Another alternative could be bundling your own mdns solutions instead of
* depending on the system mdns native daemon.
*
+ * This compatibility change applies to Android 13 and later only. To toggle behavior on
+ * Android 12 and Android 12L, use RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS.
+ *
* @hide
*/
@ChangeId
@EnabledSince(targetSdkVersion = android.os.Build.VERSION_CODES.S)
- public static final long RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS = 191844585L;
+ // This was a platform change ID with value 191844585L before T
+ public static final long RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER = 235355681L;
/**
* Broadcast intent action to indicate whether network service discovery is
@@ -175,6 +179,7 @@
*
* @see #ACTION_NSD_STATE_CHANGED
*/
+ // TODO: Deprecate this since NSD service is never disabled.
public static final int NSD_STATE_DISABLED = 1;
/**
@@ -230,17 +235,12 @@
public static final int DAEMON_STARTUP = 19;
/** @hide */
- public static final int ENABLE = 20;
- /** @hide */
- public static final int DISABLE = 21;
+ public static final int MDNS_SERVICE_EVENT = 20;
/** @hide */
- public static final int MDNS_SERVICE_EVENT = 22;
-
+ public static final int REGISTER_CLIENT = 21;
/** @hide */
- public static final int REGISTER_CLIENT = 23;
- /** @hide */
- public static final int UNREGISTER_CLIENT = 24;
+ public static final int UNREGISTER_CLIENT = 22;
/** Dns based service discovery protocol */
public static final int PROTOCOL_DNS_SD = 0x0001;
@@ -266,8 +266,6 @@
EVENT_NAMES.put(RESOLVE_SERVICE_SUCCEEDED, "RESOLVE_SERVICE_SUCCEEDED");
EVENT_NAMES.put(DAEMON_CLEANUP, "DAEMON_CLEANUP");
EVENT_NAMES.put(DAEMON_STARTUP, "DAEMON_STARTUP");
- EVENT_NAMES.put(ENABLE, "ENABLE");
- EVENT_NAMES.put(DISABLE, "DISABLE");
EVENT_NAMES.put(MDNS_SERVICE_EVENT, "MDNS_SERVICE_EVENT");
}
@@ -506,7 +504,7 @@
// Only proactively start the daemon if the target SDK < S, otherwise the internal service
// would automatically start/stop the native daemon as needed.
- if (!CompatChanges.isChangeEnabled(RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)) {
+ if (!CompatChanges.isChangeEnabled(RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)) {
try {
mService.startDaemon();
} catch (RemoteException e) {
diff --git a/framework-t/src/android/net/nsd/NsdServiceInfo.java b/framework-t/src/android/net/nsd/NsdServiceInfo.java
index 200c808..6438a60 100644
--- a/framework-t/src/android/net/nsd/NsdServiceInfo.java
+++ b/framework-t/src/android/net/nsd/NsdServiceInfo.java
@@ -34,7 +34,7 @@
/**
* A class representing service information for network service discovery
- * {@see NsdManager}
+ * @see NsdManager
*/
public final class NsdServiceInfo implements Parcelable {
diff --git a/framework/Android.bp b/framework/Android.bp
index d7de439..485961c 100644
--- a/framework/Android.bp
+++ b/framework/Android.bp
@@ -64,7 +64,6 @@
":framework-connectivity-sources",
":net-utils-framework-common-srcs",
":framework-connectivity-api-shared-srcs",
- ":framework-connectivity-javastream-protos",
],
aidl: {
generate_get_transaction_name: true,
@@ -90,8 +89,10 @@
"modules-utils-backgroundthread",
"modules-utils-build",
"modules-utils-preconditions",
+ "framework-connectivity-javastream-protos",
],
libs: [
+ "androidx.annotation_annotation",
"app-compat-annotations",
"framework-connectivity-t.stubs.module_lib",
"unsupportedappusage",
@@ -111,6 +112,7 @@
// because the tethering stubs depend on the connectivity stubs (e.g.,
// TetheringRequest depends on LinkAddress).
"framework-tethering.stubs.module_lib",
+ "framework-wifi.stubs.module_lib",
],
visibility: ["//packages/modules/Connectivity:__subpackages__"]
}
@@ -119,7 +121,7 @@
name: "framework-connectivity",
defaults: ["framework-connectivity-defaults"],
installable: true,
- jarjar_rules: ":connectivity-jarjar-rules",
+ jarjar_rules: ":framework-connectivity-jarjar-rules",
permitted_packages: ["android.net"],
impl_library_visibility: [
"//packages/modules/Connectivity/Tethering/apex",
@@ -197,28 +199,47 @@
visibility: ["//frameworks/base"],
}
-gensrcs {
+java_library {
name: "framework-connectivity-javastream-protos",
- depfile: true,
+ proto: {
+ type: "stream",
+ },
+ srcs: [":framework-connectivity-protos"],
+ installable: false,
+ sdk_version: "module_current",
+ min_sdk_version: "30",
+ apex_available: [
+ "com.android.tethering",
+ ],
+}
+java_genrule {
+ name: "framework-connectivity-jarjar-rules",
+ tool_files: [
+ ":connectivity-hiddenapi-files",
+ ":framework-connectivity-pre-jarjar{.jar}",
+ ":framework-connectivity-t-pre-jarjar{.jar}",
+ ":framework-connectivity.stubs.module_lib{.jar}",
+ ":framework-connectivity-t.stubs.module_lib{.jar}",
+ "jarjar-excludes.txt",
+ ],
tools: [
- "aprotoc",
- "protoc-gen-javastream",
- "soong_zip",
+ "jarjar-rules-generator",
],
-
- cmd: "mkdir -p $(genDir)/$(in) " +
- "&& $(location aprotoc) " +
- " --plugin=$(location protoc-gen-javastream) " +
- " --dependency_out=$(depfile) " +
- " --javastream_out=$(genDir)/$(in) " +
- " -Iexternal/protobuf/src " +
- " -I . " +
- " $(in) " +
- "&& $(location soong_zip) -jar -o $(out) -C $(genDir)/$(in) -D $(genDir)/$(in)",
-
- srcs: [
- ":framework-connectivity-protos",
+ out: ["framework_connectivity_jarjar_rules.txt"],
+ cmd: "$(location jarjar-rules-generator) " +
+ "$(location :framework-connectivity-pre-jarjar{.jar}) " +
+ "$(location :framework-connectivity-t-pre-jarjar{.jar}) " +
+ "--prefix android.net.connectivity " +
+ "--apistubs $(location :framework-connectivity.stubs.module_lib{.jar}) " +
+ "--apistubs $(location :framework-connectivity-t.stubs.module_lib{.jar}) " +
+ // Make a ":"-separated list. There will be an extra ":" but empty items are ignored.
+ "--unsupportedapi $$(printf ':%s' $(locations :connectivity-hiddenapi-files)) " +
+ "--excludes $(location jarjar-excludes.txt) " +
+ "--output $(out)",
+ visibility: [
+ "//packages/modules/Connectivity/framework:__subpackages__",
+ "//packages/modules/Connectivity/framework-t:__subpackages__",
+ "//packages/modules/Connectivity/service",
],
- output_extension: "srcjar",
}
diff --git a/framework/api/module-lib-current.txt b/framework/api/module-lib-current.txt
index ddac19d..a2a1ac0 100644
--- a/framework/api/module-lib-current.txt
+++ b/framework/api/module-lib-current.txt
@@ -51,6 +51,9 @@
field public static final int BLOCKED_REASON_RESTRICTED_MODE = 8; // 0x8
field public static final int FIREWALL_CHAIN_DOZABLE = 1; // 0x1
field public static final int FIREWALL_CHAIN_LOW_POWER_STANDBY = 5; // 0x5
+ field public static final int FIREWALL_CHAIN_OEM_DENY_1 = 7; // 0x7
+ field public static final int FIREWALL_CHAIN_OEM_DENY_2 = 8; // 0x8
+ field public static final int FIREWALL_CHAIN_OEM_DENY_3 = 9; // 0x9
field public static final int FIREWALL_CHAIN_POWERSAVE = 3; // 0x3
field public static final int FIREWALL_CHAIN_RESTRICTED = 4; // 0x4
field public static final int FIREWALL_CHAIN_STANDBY = 2; // 0x2
@@ -197,6 +200,8 @@
method public int describeContents();
method @NonNull public android.os.ParcelFileDescriptor getFileDescriptor();
method @NonNull public String getInterfaceName();
+ method @Nullable public android.net.MacAddress getMacAddress();
+ method public int getMtu();
method public void writeToParcel(@NonNull android.os.Parcel, int);
field @NonNull public static final android.os.Parcelable.Creator<android.net.TestNetworkInterface> CREATOR;
}
diff --git a/framework/api/system-current.txt b/framework/api/system-current.txt
index db1d7e9..8b35197 100644
--- a/framework/api/system-current.txt
+++ b/framework/api/system-current.txt
@@ -249,10 +249,10 @@
method public void onValidationStatus(int, @Nullable android.net.Uri);
method @NonNull public android.net.Network register();
method public void sendAddDscpPolicy(@NonNull android.net.DscpPolicy);
- method public final void sendLinkProperties(@NonNull android.net.LinkProperties);
- method public final void sendNetworkCapabilities(@NonNull android.net.NetworkCapabilities);
- method public final void sendNetworkScore(@NonNull android.net.NetworkScore);
- method public final void sendNetworkScore(@IntRange(from=0, to=99) int);
+ method public void sendLinkProperties(@NonNull android.net.LinkProperties);
+ method public void sendNetworkCapabilities(@NonNull android.net.NetworkCapabilities);
+ method public void sendNetworkScore(@NonNull android.net.NetworkScore);
+ method public void sendNetworkScore(@IntRange(from=0, to=99) int);
method public final void sendQosCallbackError(int, int);
method public final void sendQosSessionAvailable(int, int, @NonNull android.net.QosSessionAttributes);
method public final void sendQosSessionLost(int, int, int);
@@ -262,7 +262,7 @@
method @Deprecated public void setLegacySubtype(int, @NonNull String);
method public void setLingerDuration(@NonNull java.time.Duration);
method public void setTeardownDelayMillis(@IntRange(from=0, to=0x1388) int);
- method public final void setUnderlyingNetworks(@Nullable java.util.List<android.net.Network>);
+ method public void setUnderlyingNetworks(@Nullable java.util.List<android.net.Network>);
method public void unregister();
method public void unregisterAfterReplacement(@IntRange(from=0, to=0x1388) int);
field public static final int DSCP_POLICY_STATUS_DELETED = 4; // 0x4
@@ -433,6 +433,7 @@
public abstract class QosFilter {
method @NonNull public abstract android.net.Network getNetwork();
method public abstract boolean matchesLocalAddress(@NonNull java.net.InetAddress, int, int);
+ method public boolean matchesProtocol(int);
method public abstract boolean matchesRemoteAddress(@NonNull java.net.InetAddress, int, int);
}
@@ -453,6 +454,7 @@
public final class QosSocketInfo implements android.os.Parcelable {
ctor public QosSocketInfo(@NonNull android.net.Network, @NonNull java.net.Socket) throws java.io.IOException;
+ ctor public QosSocketInfo(@NonNull android.net.Network, @NonNull java.net.DatagramSocket) throws java.io.IOException;
method public int describeContents();
method @NonNull public java.net.InetSocketAddress getLocalSocketAddress();
method @NonNull public android.net.Network getNetwork();
@@ -480,6 +482,14 @@
ctor public SocketNotBoundException();
}
+ public class SocketNotConnectedException extends java.lang.Exception {
+ ctor public SocketNotConnectedException();
+ }
+
+ public class SocketRemoteAddressChangedException extends java.lang.Exception {
+ ctor public SocketRemoteAddressChangedException();
+ }
+
public final class StaticIpConfiguration implements android.os.Parcelable {
ctor public StaticIpConfiguration();
ctor public StaticIpConfiguration(@Nullable android.net.StaticIpConfiguration);
diff --git a/framework/jarjar-excludes.txt b/framework/jarjar-excludes.txt
new file mode 100644
index 0000000..1311765
--- /dev/null
+++ b/framework/jarjar-excludes.txt
@@ -0,0 +1,25 @@
+# INetworkStatsProvider / INetworkStatsProviderCallback are referenced from net-tests-utils, which
+# may be used by tests that do not apply connectivity jarjar rules.
+# TODO: move files to a known internal package (like android.net.connectivity.visiblefortesting)
+# so that they do not need jarjar
+android\.net\.netstats\.provider\.INetworkStatsProvider(\$.+)?
+android\.net\.netstats\.provider\.INetworkStatsProviderCallback(\$.+)?
+
+# INetworkAgent / INetworkAgentRegistry are used in NetworkAgentTest
+# TODO: move files to android.net.connectivity.visiblefortesting
+android\.net\.INetworkAgent(\$.+)?
+android\.net\.INetworkAgentRegistry(\$.+)?
+
+# IConnectivityDiagnosticsCallback used in ConnectivityDiagnosticsManagerTest
+# TODO: move files to android.net.connectivity.visiblefortesting
+android\.net\.IConnectivityDiagnosticsCallback(\$.+)?
+
+
+# KeepaliveUtils is used by ConnectivityManager CTS
+# TODO: move into service-connectivity so framework-connectivity stops using
+# ServiceConnectivityResources (callers need high permissions to find/query the resource apk anyway)
+# and have a ConnectivityManager test API instead
+android\.net\.util\.KeepaliveUtils(\$.+)?
+
+# TODO (b/217115866): add jarjar rules for Nearby
+android\.nearby\..+
diff --git a/framework/jni/android_net_NetworkUtils.cpp b/framework/jni/android_net_NetworkUtils.cpp
index 7478b3e..38e0059 100644
--- a/framework/jni/android_net_NetworkUtils.cpp
+++ b/framework/jni/android_net_NetworkUtils.cpp
@@ -53,7 +53,7 @@
return static_cast<T>(res);
}
-static void android_net_utils_attachDropAllBPFFilter(JNIEnv *env, jobject clazz, jobject javaFd)
+static void android_net_utils_attachDropAllBPFFilter(JNIEnv *env, jclass clazz, jobject javaFd)
{
struct sock_filter filter_code[] = {
// Reject all.
@@ -71,7 +71,7 @@
}
}
-static void android_net_utils_detachBPFFilter(JNIEnv *env, jobject clazz, jobject javaFd)
+static void android_net_utils_detachBPFFilter(JNIEnv *env, jclass clazz, jobject javaFd)
{
int optval_ignored = 0;
int fd = AFileDescriptor_getFd(env, javaFd);
@@ -82,13 +82,13 @@
}
}
-static jboolean android_net_utils_bindProcessToNetworkHandle(JNIEnv *env, jobject thiz,
+static jboolean android_net_utils_bindProcessToNetworkHandle(JNIEnv *env, jclass clazz,
jlong netHandle)
{
return (jboolean) !android_setprocnetwork(netHandle);
}
-static jlong android_net_utils_getBoundNetworkHandleForProcess(JNIEnv *env, jobject thiz)
+static jlong android_net_utils_getBoundNetworkHandleForProcess(JNIEnv *env, jclass clazz)
{
net_handle_t network;
if (android_getprocnetwork(&network) != 0) {
@@ -99,13 +99,13 @@
return (jlong) network;
}
-static jboolean android_net_utils_bindProcessToNetworkForHostResolution(JNIEnv *env, jobject thiz,
+static jboolean android_net_utils_bindProcessToNetworkForHostResolution(JNIEnv *env, jclass clazz,
jint netId, jlong netHandle)
{
return (jboolean) !android_setprocdns(netHandle);
}
-static jint android_net_utils_bindSocketToNetworkHandle(JNIEnv *env, jobject thiz, jobject javaFd,
+static jint android_net_utils_bindSocketToNetworkHandle(JNIEnv *env, jclass clazz, jobject javaFd,
jlong netHandle) {
return android_setsocknetwork(netHandle, AFileDescriptor_getFd(env, javaFd));
}
@@ -119,7 +119,7 @@
return true;
}
-static jobject android_net_utils_resNetworkQuery(JNIEnv *env, jobject thiz, jlong netHandle,
+static jobject android_net_utils_resNetworkQuery(JNIEnv *env, jclass clazz, jlong netHandle,
jstring dname, jint ns_class, jint ns_type, jint flags) {
const jsize javaCharsCount = env->GetStringLength(dname);
const jsize byteCountUTF8 = env->GetStringUTFLength(dname);
@@ -140,7 +140,7 @@
return jniCreateFileDescriptor(env, fd);
}
-static jobject android_net_utils_resNetworkSend(JNIEnv *env, jobject thiz, jlong netHandle,
+static jobject android_net_utils_resNetworkSend(JNIEnv *env, jclass clazz, jlong netHandle,
jbyteArray msg, jint msgLen, jint flags) {
uint8_t data[MAXCMDSIZE];
@@ -155,7 +155,7 @@
return jniCreateFileDescriptor(env, fd);
}
-static jobject android_net_utils_resNetworkResult(JNIEnv *env, jobject thiz, jobject javaFd) {
+static jobject android_net_utils_resNetworkResult(JNIEnv *env, jclass clazz, jobject javaFd) {
int fd = AFileDescriptor_getFd(env, javaFd);
int rcode;
uint8_t buf[MAXPACKETSIZE] = {0};
@@ -181,13 +181,13 @@
return env->NewObject(class_DnsResponse, ctor, answer, rcode);
}
-static void android_net_utils_resNetworkCancel(JNIEnv *env, jobject thiz, jobject javaFd) {
+static void android_net_utils_resNetworkCancel(JNIEnv *env, jclass clazz, jobject javaFd) {
int fd = AFileDescriptor_getFd(env, javaFd);
android_res_cancel(fd);
jniSetFileDescriptorOfFD(env, javaFd, -1);
}
-static jobject android_net_utils_getDnsNetwork(JNIEnv *env, jobject thiz) {
+static jobject android_net_utils_getDnsNetwork(JNIEnv *env, jclass clazz) {
net_handle_t dnsNetHandle = NETWORK_UNSPECIFIED;
if (int res = android_getprocdns(&dnsNetHandle) < 0) {
jniThrowErrnoException(env, "getDnsNetwork", -res);
@@ -204,7 +204,7 @@
static_cast<jlong>(dnsNetHandle));
}
-static jobject android_net_utils_getTcpRepairWindow(JNIEnv *env, jobject thiz, jobject javaFd) {
+static jobject android_net_utils_getTcpRepairWindow(JNIEnv *env, jclass clazz, jobject javaFd) {
if (javaFd == NULL) {
jniThrowNullPointerException(env, NULL);
return NULL;
@@ -232,7 +232,8 @@
return NULL;
}
- jclass class_TcpRepairWindow = env->FindClass("android/net/TcpRepairWindow");
+ jclass class_TcpRepairWindow = env->FindClass(
+ "android/net/connectivity/android/net/TcpRepairWindow");
jmethodID ctor = env->GetMethodID(class_TcpRepairWindow, "<init>", "(IIIIII)V");
return env->NewObject(class_TcpRepairWindow, ctor, trw.snd_wl1, trw.snd_wnd, trw.max_window,
@@ -253,7 +254,7 @@
{ "bindSocketToNetworkHandle", "(Ljava/io/FileDescriptor;J)I", (void*) android_net_utils_bindSocketToNetworkHandle },
{ "attachDropAllBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_attachDropAllBPFFilter },
{ "detachBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_detachBPFFilter },
- { "getTcpRepairWindow", "(Ljava/io/FileDescriptor;)Landroid/net/TcpRepairWindow;", (void*) android_net_utils_getTcpRepairWindow },
+ { "getTcpRepairWindow", "(Ljava/io/FileDescriptor;)Landroid/net/connectivity/android/net/TcpRepairWindow;", (void*) android_net_utils_getTcpRepairWindow },
{ "resNetworkSend", "(J[BII)Ljava/io/FileDescriptor;", (void*) android_net_utils_resNetworkSend },
{ "resNetworkQuery", "(JLjava/lang/String;III)Ljava/io/FileDescriptor;", (void*) android_net_utils_resNetworkQuery },
{ "resNetworkResult", "(Ljava/io/FileDescriptor;)Landroid/net/DnsResolver$DnsResponse;", (void*) android_net_utils_resNetworkResult },
diff --git a/framework/src/android/net/ConnectivityManager.java b/framework/src/android/net/ConnectivityManager.java
index f741c2b..547b4ba 100644
--- a/framework/src/android/net/ConnectivityManager.java
+++ b/framework/src/android/net/ConnectivityManager.java
@@ -556,7 +556,7 @@
*
* @deprecated Applications should instead use {@link NetworkCapabilities#hasTransport} or
* {@link #requestNetwork(NetworkRequest, NetworkCallback)} to request an
- * appropriate network. {@see NetworkCapabilities} for supported transports.
+ * appropriate network. See {@link NetworkCapabilities} for supported transports.
*/
@Deprecated
public static final int TYPE_MOBILE = 0;
@@ -566,7 +566,7 @@
*
* @deprecated Applications should instead use {@link NetworkCapabilities#hasTransport} or
* {@link #requestNetwork(NetworkRequest, NetworkCallback)} to request an
- * appropriate network. {@see NetworkCapabilities} for supported transports.
+ * appropriate network. See {@link NetworkCapabilities} for supported transports.
*/
@Deprecated
public static final int TYPE_WIFI = 1;
@@ -617,7 +617,7 @@
*
* @deprecated Applications should instead use {@link NetworkCapabilities#hasTransport} or
* {@link #requestNetwork(NetworkRequest, NetworkCallback)} to request an
- * appropriate network. {@see NetworkCapabilities} for supported transports.
+ * appropriate network. See {@link NetworkCapabilities} for supported transports.
*/
@Deprecated
public static final int TYPE_MOBILE_HIPRI = 5;
@@ -627,7 +627,7 @@
*
* @deprecated Applications should instead use {@link NetworkCapabilities#hasTransport} or
* {@link #requestNetwork(NetworkRequest, NetworkCallback)} to request an
- * appropriate network. {@see NetworkCapabilities} for supported transports.
+ * appropriate network. See {@link NetworkCapabilities} for supported transports.
*/
@Deprecated
public static final int TYPE_WIMAX = 6;
@@ -637,7 +637,7 @@
*
* @deprecated Applications should instead use {@link NetworkCapabilities#hasTransport} or
* {@link #requestNetwork(NetworkRequest, NetworkCallback)} to request an
- * appropriate network. {@see NetworkCapabilities} for supported transports.
+ * appropriate network. See {@link NetworkCapabilities} for supported transports.
*/
@Deprecated
public static final int TYPE_BLUETOOTH = 7;
@@ -654,7 +654,7 @@
*
* @deprecated Applications should instead use {@link NetworkCapabilities#hasTransport} or
* {@link #requestNetwork(NetworkRequest, NetworkCallback)} to request an
- * appropriate network. {@see NetworkCapabilities} for supported transports.
+ * appropriate network. See {@link NetworkCapabilities} for supported transports.
*/
@Deprecated
public static final int TYPE_ETHERNET = 9;
@@ -983,34 +983,54 @@
public static final int FIREWALL_CHAIN_LOW_POWER_STANDBY = 5;
/**
- * Firewall chain used for lockdown VPN.
- * Denylist of apps that cannot receive incoming packets except on loopback because they are
- * subject to an always-on VPN which is not currently connected.
- *
- * @see #BLOCKED_REASON_LOCKDOWN_VPN
- * @hide
- */
- public static final int FIREWALL_CHAIN_LOCKDOWN_VPN = 6;
-
- /**
* Firewall chain used for OEM-specific application restrictions.
- * Denylist of apps that will not have network access due to OEM-specific restrictions.
+ *
+ * Denylist of apps that will not have network access due to OEM-specific restrictions. If an
+ * app UID is placed on this chain, and the chain is enabled, the app's packets will be dropped.
+ *
+ * All the {@code FIREWALL_CHAIN_OEM_DENY_x} chains are equivalent, and each one is
+ * independent of the others. The chains can be enabled and disabled independently, and apps can
+ * be added and removed from each chain independently.
+ *
+ * @see #FIREWALL_CHAIN_OEM_DENY_2
+ * @see #FIREWALL_CHAIN_OEM_DENY_3
* @hide
*/
+ @SystemApi(client = MODULE_LIBRARIES)
public static final int FIREWALL_CHAIN_OEM_DENY_1 = 7;
/**
* Firewall chain used for OEM-specific application restrictions.
- * Denylist of apps that will not have network access due to OEM-specific restrictions.
+ *
+ * Denylist of apps that will not have network access due to OEM-specific restrictions. If an
+ * app UID is placed on this chain, and the chain is enabled, the app's packets will be dropped.
+ *
+ * All the {@code FIREWALL_CHAIN_OEM_DENY_x} chains are equivalent, and each one is
+ * independent of the others. The chains can be enabled and disabled independently, and apps can
+ * be added and removed from each chain independently.
+ *
+ * @see #FIREWALL_CHAIN_OEM_DENY_1
+ * @see #FIREWALL_CHAIN_OEM_DENY_3
* @hide
*/
+ @SystemApi(client = MODULE_LIBRARIES)
public static final int FIREWALL_CHAIN_OEM_DENY_2 = 8;
/**
* Firewall chain used for OEM-specific application restrictions.
- * Denylist of apps that will not have network access due to OEM-specific restrictions.
+ *
+ * Denylist of apps that will not have network access due to OEM-specific restrictions. If an
+ * app UID is placed on this chain, and the chain is enabled, the app's packets will be dropped.
+ *
+ * All the {@code FIREWALL_CHAIN_OEM_DENY_x} chains are equivalent, and each one is
+ * independent of the others. The chains can be enabled and disabled independently, and apps can
+ * be added and removed from each chain independently.
+ *
+ * @see #FIREWALL_CHAIN_OEM_DENY_1
+ * @see #FIREWALL_CHAIN_OEM_DENY_2
* @hide
*/
+ @SystemApi(client = MODULE_LIBRARIES)
public static final int FIREWALL_CHAIN_OEM_DENY_3 = 9;
/** @hide */
@@ -1021,7 +1041,6 @@
FIREWALL_CHAIN_POWERSAVE,
FIREWALL_CHAIN_RESTRICTED,
FIREWALL_CHAIN_LOW_POWER_STANDBY,
- FIREWALL_CHAIN_LOCKDOWN_VPN,
FIREWALL_CHAIN_OEM_DENY_1,
FIREWALL_CHAIN_OEM_DENY_2,
FIREWALL_CHAIN_OEM_DENY_3
@@ -1088,7 +1107,7 @@
/**
* Tests if a given integer represents a valid network type.
* @param networkType the type to be tested
- * @return a boolean. {@code true} if the type is valid, else {@code false}
+ * @return {@code true} if the type is valid, else {@code false}
* @deprecated All APIs accepting a network type are deprecated. There should be no need to
* validate a network type.
*/
@@ -1148,6 +1167,8 @@
return "PROXY";
case TYPE_VPN:
return "VPN";
+ case TYPE_TEST:
+ return "TEST";
default:
return Integer.toString(type);
}
@@ -1212,7 +1233,7 @@
/**
* Preference for {@link ProfileNetworkPreference#setPreference(int)}.
- * {@see #setProfileNetworkPreferences(UserHandle, List, Executor, Runnable)}
+ * See {@link #setProfileNetworkPreferences(UserHandle, List, Executor, Runnable)}
* Specify that the traffic for this user should by follow the default rules.
* @hide
*/
@@ -1221,7 +1242,7 @@
/**
* Preference for {@link ProfileNetworkPreference#setPreference(int)}.
- * {@see #setProfileNetworkPreferences(UserHandle, List, Executor, Runnable)}
+ * See {@link #setProfileNetworkPreferences(UserHandle, List, Executor, Runnable)}
* Specify that the traffic for this user should by default go on a network with
* {@link NetworkCapabilities#NET_CAPABILITY_ENTERPRISE}, and on the system default network
* if no such network is available.
@@ -1232,7 +1253,7 @@
/**
* Preference for {@link ProfileNetworkPreference#setPreference(int)}.
- * {@see #setProfileNetworkPreferences(UserHandle, List, Executor, Runnable)}
+ * See {@link #setProfileNetworkPreferences(UserHandle, List, Executor, Runnable)}
* Specify that the traffic for this user should by default go on a network with
* {@link NetworkCapabilities#NET_CAPABILITY_ENTERPRISE} and if no such network is available
* should not go on the system default network
@@ -1447,9 +1468,8 @@
}
/**
- * Returns details about the currently active default data network
- * for a given uid. This is for internal use only to avoid spying
- * other apps.
+ * Returns details about the currently active default data network for a given uid.
+ * This is for privileged use only to avoid spying on other apps.
*
* @return a {@link NetworkInfo} object for the current default network
* for the given uid or {@code null} if no default network is
@@ -1473,8 +1493,7 @@
}
/**
- * Returns connection status information about a particular
- * network type.
+ * Returns connection status information about a particular network type.
*
* @param networkType integer specifying which networkType in
* which you're interested.
@@ -1502,8 +1521,7 @@
}
/**
- * Returns connection status information about a particular
- * Network.
+ * Returns connection status information about a particular Network.
*
* @param network {@link Network} specifying which network
* in which you're interested.
@@ -1529,8 +1547,7 @@
}
/**
- * Returns connection status information about all network
- * types supported by the device.
+ * Returns connection status information about all network types supported by the device.
*
* @return an array of {@link NetworkInfo} objects. Check each
* {@link NetworkInfo#getType} for which type each applies.
@@ -1590,8 +1607,7 @@
}
/**
- * Returns an array of all {@link Network} currently tracked by the
- * framework.
+ * Returns an array of all {@link Network} currently tracked by the framework.
*
* @deprecated This method does not provide any notification of network state changes, forcing
* apps to call it repeatedly. This is inefficient and prone to race conditions.
@@ -1794,7 +1810,7 @@
* that may be relevant for other components trying to detect captive portals.
*
* @hide
- * @deprecated This API returns URL which is not guaranteed to be one of the URLs used by the
+ * @deprecated This API returns a URL which is not guaranteed to be one of the URLs used by the
* system.
*/
@Deprecated
@@ -2373,8 +2389,7 @@
}
/**
- * Request that keepalives be started on a TCP socket.
- * The socket must be established.
+ * Request that keepalives be started on a TCP socket. The socket must be established.
*
* @param network The {@link Network} the socket is on.
* @param socket The socket that needs to be kept alive.
@@ -2624,9 +2639,24 @@
* {@hide}
*/
public ConnectivityManager(Context context, IConnectivityManager service) {
+ this(context, service, true /* newStatic */);
+ }
+
+ private ConnectivityManager(Context context, IConnectivityManager service, boolean newStatic) {
mContext = Objects.requireNonNull(context, "missing context");
mService = Objects.requireNonNull(service, "missing IConnectivityManager");
- sInstance = this;
+ // sInstance is accessed without a lock, so it may actually be reassigned several times with
+ // different ConnectivityManager, but that's still OK considering its usage.
+ if (sInstance == null && newStatic) {
+ final Context appContext = mContext.getApplicationContext();
+ // Don't create static ConnectivityManager instance again to prevent infinite loop.
+ // If the application context is null, we're either in the system process or
+ // it's the application context very early in app initialization. In both these
+ // cases, the passed-in Context will not be freed, so it's safe to pass it to the
+ // service. http://b/27532714 .
+ sInstance = new ConnectivityManager(appContext != null ? appContext : context, service,
+ false /* newStatic */);
+ }
}
/** {@hide} */
@@ -2646,7 +2676,7 @@
}
/**
- * Check if the package is a allowed to write settings. This also accounts that such an access
+ * Check if the package is allowed to write settings. This also records that such an access
* happened.
*
* @return {@code true} iff the package is allowed to write settings.
@@ -2749,7 +2779,7 @@
}
/**
- * Attempt to tether the named interface. This will setup a dhcp server
+ * Attempt to tether the named interface. This will set up a dhcp server
* on the interface, forward and NAT IP packets and forward DNS requests
* to the best active upstream network interface. Note that if no upstream
* IP network interface is available, dhcp will still run and traffic will be
@@ -3258,10 +3288,10 @@
/**
* Get the last value of the entitlement check on this downstream. If the cached value is
- * {@link #TETHER_ERROR_NO_ERROR} or showEntitlementUi argument is false, it just return the
- * cached value. Otherwise, a UI-based entitlement check would be performed. It is not
+ * {@link #TETHER_ERROR_NO_ERROR} or showEntitlementUi argument is false, this just returns the
+ * cached value. Otherwise, a UI-based entitlement check will be performed. It is not
* guaranteed that the UI-based entitlement check will complete in any specific time period
- * and may in fact never complete. Any successful entitlement check the platform performs for
+ * and it may in fact never complete. Any successful entitlement check the platform performs for
* any reason will update the cached value.
*
* @param type the downstream type of tethering. Must be one of
@@ -3376,8 +3406,8 @@
* proxy is likely to break networking on multiple networks. This method is only meant
* for device policy clients looking to do general internal filtering or similar use cases.
*
- * {@see #getGlobalProxy}
- * {@see LinkProperties#getHttpProxy}
+ * @see #getGlobalProxy
+ * @see LinkProperties#getHttpProxy
*
* @param p A {@link ProxyInfo} object defining the new global HTTP proxy. Calling this
* method with a {@code null} value will clear the global HTTP proxy.
@@ -3448,12 +3478,11 @@
}
/**
- * Returns true if the hardware supports the given network type
- * else it returns false. This doesn't indicate we have coverage
- * or are authorized onto a network, just whether or not the
- * hardware supports it. For example a GSM phone without a SIM
- * should still return {@code true} for mobile data, but a wifi only
- * tablet would return {@code false}.
+ * Returns whether the hardware supports the given network type.
+ *
+ * This doesn't indicate there is coverage or such a network is available, just whether the
+ * hardware supports it. For example a GSM phone without a SIM card will return {@code true}
+ * for mobile data, but a WiFi only tablet would return {@code false}.
*
* @param networkType The network type we'd like to check
* @return {@code true} if supported, else {@code false}
@@ -4270,7 +4299,7 @@
* network, unless it becomes the best again at some later time. All callbacks are invoked
* in order on the same thread, which by default is a thread created by the framework running
* in the app.
- * {@see #requestNetwork(NetworkRequest, NetworkCallback, Handler)} to change where the
+ * See {@link #requestNetwork(NetworkRequest, NetworkCallback, Handler)} to change where the
* callbacks are invoked.
*
* <p>This{@link NetworkRequest} will live until released via
@@ -4819,9 +4848,8 @@
* Unregisters a {@code NetworkCallback} and possibly releases networks originating from
* {@link #requestNetwork(NetworkRequest, NetworkCallback)} and
* {@link #registerNetworkCallback(NetworkRequest, NetworkCallback)} calls.
- * If the given {@code NetworkCallback} had previously been used with
- * {@code #requestNetwork}, any networks that had been connected to only to satisfy that request
- * will be disconnected.
+ * If the given {@code NetworkCallback} had previously been used with {@code #requestNetwork},
+ * any networks that the device brought up only to satisfy that request will be disconnected.
*
* Notifications that would have triggered that {@code NetworkCallback} will immediately stop
* triggering it as soon as this call returns.
@@ -4956,7 +4984,7 @@
}
/**
- * Temporarily allow bad wifi to override {@code config_networkAvoidBadWifi} configuration.
+ * Temporarily allow bad Wi-Fi to override {@code config_networkAvoidBadWifi} configuration.
*
* @param timeMs The expired current time. The value should be set within a limited time from
* now.
@@ -5015,7 +5043,7 @@
}
/**
- * Determine whether the device is configured to avoid bad wifi.
+ * Determine whether the device is configured to avoid bad Wi-Fi.
* @hide
*/
@SystemApi
@@ -5084,9 +5112,9 @@
* each such operation.
*
* @param network The network on which the application desires to use multipath data.
- * If {@code null}, this method will return the a preference that will generally
+ * If {@code null}, this method will return a preference that will generally
* apply to metered networks.
- * @return a bitwise OR of zero or more of the {@code MULTIPATH_PREFERENCE_*} constants.
+ * @return a bitwise OR of zero or more of the {@code MULTIPATH_PREFERENCE_*} constants.
*/
@RequiresPermission(android.Manifest.permission.ACCESS_NETWORK_STATE)
public @MultipathPreference int getMultipathPreference(@Nullable Network network) {
@@ -5199,7 +5227,7 @@
*/
@Nullable
public Network getBoundNetworkForProcess() {
- // Forcing callers to call thru non-static function ensures ConnectivityManager
+ // Forcing callers to call through non-static function ensures ConnectivityManager has been
// instantiated.
return getProcessDefaultNetwork();
}
@@ -5844,7 +5872,7 @@
}
/**
- * Removes the specified UID from the list of UIds that can use use background data on metered
+ * Removes the specified UID from the list of UIDs that can use background data on metered
* networks if background data is not restricted. The deny list takes precedence over the
* allow list.
*
@@ -5896,6 +5924,7 @@
*
* @param chain target chain.
* @param enable whether the chain should be enabled.
+ * @throws UnsupportedOperationException if called on pre-T devices.
* @throws IllegalStateException if enabling or disabling the firewall chain failed.
* @hide
*/
@@ -5914,11 +5943,34 @@
}
/**
+ * Get the specified firewall chain's status.
+ *
+ * @param chain target chain.
+ * @return {@code true} if chain is enabled, {@code false} if chain is disabled.
+ * @throws UnsupportedOperationException if called on pre-T devices.
+ * @throws ServiceSpecificException in case of failure, with an error code indicating the
+ * cause of the failure.
+ * @hide
+ */
+ @RequiresPermission(anyOf = {
+ android.Manifest.permission.NETWORK_SETTINGS,
+ android.Manifest.permission.NETWORK_STACK,
+ NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK
+ })
+ public boolean getFirewallChainEnabled(@FirewallChain final int chain) {
+ try {
+ return mService.getFirewallChainEnabled(chain);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
+
+ /**
* Replaces the contents of the specified UID-based firewall chain.
*
* @param chain target chain to replace.
* @param uids The list of UIDs to be placed into chain.
- * @throws IllegalStateException if replacing the firewall chain failed.
+ * @throws UnsupportedOperationException if called on pre-T devices.
* @throws IllegalArgumentException if {@code chain} is not a valid chain.
* @hide
*/
diff --git a/framework/src/android/net/DnsResolver.java b/framework/src/android/net/DnsResolver.java
index 164160f..c6034f1 100644
--- a/framework/src/android/net/DnsResolver.java
+++ b/framework/src/android/net/DnsResolver.java
@@ -137,7 +137,7 @@
* @param answer <T> answer to the query.
* @param rcode The response code in the DNS response.
*
- * {@see android.net.DnsResolver#query query()}
+ * @see android.net.DnsResolver#query query()
*/
void onAnswer(@NonNull T answer, int rcode);
/**
@@ -542,7 +542,7 @@
DnsAddressAnswer(@NonNull byte[] data) throws ParseException {
super(data);
- if ((mHeader.flags & (1 << 15)) == 0) {
+ if ((mHeader.getFlags() & (1 << 15)) == 0) {
throw new ParseException("Not an answer packet");
}
if (mHeader.getRecordCount(QDSECTION) == 0) {
diff --git a/framework/src/android/net/DnsResolverServiceManager.java b/framework/src/android/net/DnsResolverServiceManager.java
index 79009e8..e64d2ae 100644
--- a/framework/src/android/net/DnsResolverServiceManager.java
+++ b/framework/src/android/net/DnsResolverServiceManager.java
@@ -29,7 +29,7 @@
private final IBinder mResolver;
- DnsResolverServiceManager(IBinder resolver) {
+ public DnsResolverServiceManager(IBinder resolver) {
mResolver = resolver;
}
diff --git a/framework/src/android/net/IConnectivityManager.aidl b/framework/src/android/net/IConnectivityManager.aidl
index bc73769..29fea00 100644
--- a/framework/src/android/net/IConnectivityManager.aidl
+++ b/framework/src/android/net/IConnectivityManager.aidl
@@ -244,5 +244,7 @@
void setFirewallChainEnabled(int chain, boolean enable);
+ boolean getFirewallChainEnabled(int chain);
+
void replaceFirewallChain(int chain, in int[] uids);
}
diff --git a/framework/src/android/net/ITestNetworkManager.aidl b/framework/src/android/net/ITestNetworkManager.aidl
index 27d13c1..9432acb 100644
--- a/framework/src/android/net/ITestNetworkManager.aidl
+++ b/framework/src/android/net/ITestNetworkManager.aidl
@@ -29,9 +29,12 @@
*/
interface ITestNetworkManager
{
- TestNetworkInterface createInterface(boolean isTun, boolean bringUp, in LinkAddress[] addrs,
+ TestNetworkInterface createInterface(boolean isTun, boolean hasCarrier, boolean bringUp,
+ boolean disableIpv6ProvisioningDelay, in LinkAddress[] addrs,
in @nullable String iface);
+ void setCarrierEnabled(in TestNetworkInterface iface, boolean enabled);
+
void setupTestNetwork(in String iface, in LinkProperties lp, in boolean isMetered,
in int[] administratorUids, in IBinder binder);
diff --git a/framework/src/android/net/LinkProperties.java b/framework/src/android/net/LinkProperties.java
index a8f707e..b7ee846 100644
--- a/framework/src/android/net/LinkProperties.java
+++ b/framework/src/android/net/LinkProperties.java
@@ -29,6 +29,8 @@
import android.text.TextUtils;
import com.android.internal.annotations.VisibleForTesting;
+import com.android.modules.utils.build.SdkLevel;
+import com.android.net.module.util.CollectionUtils;
import com.android.net.module.util.LinkPropertiesUtils;
import java.net.Inet4Address;
@@ -42,7 +44,6 @@
import java.util.List;
import java.util.Objects;
import java.util.StringJoiner;
-import java.util.stream.Collectors;
/**
* Describes the properties of a network link.
@@ -759,9 +760,15 @@
* @return An unmodifiable {@link List} of {@link RouteInfo} for this link.
*/
public @NonNull List<RouteInfo> getRoutes() {
- if (CompatChanges.isChangeEnabled(EXCLUDED_ROUTES)) {
+ // Before T, there's no throw routes because VpnService is not updatable, so no need to
+ // filter them out.
+ if (CompatChanges.isChangeEnabled(EXCLUDED_ROUTES) || !SdkLevel.isAtLeastT()) {
return Collections.unmodifiableList(mRoutes);
} else {
+ // Apps that added a throw route themselves (not obtaining LinkProperties from the
+ // system) will not see it in getRoutes on T+ if they do not have the compat change
+ // enabled (target SDK < T); but this is expected to be rare and typically only affect
+ // tests creating LinkProperties themselves (like CTS v12, which is only running on S).
return Collections.unmodifiableList(getUnicastRoutes());
}
}
@@ -770,9 +777,7 @@
* Returns all the {@link RouteInfo} of type {@link RouteInfo#RTN_UNICAST} set on this link.
*/
private @NonNull List<RouteInfo> getUnicastRoutes() {
- return mRoutes.stream()
- .filter(route -> route.getType() == RouteInfo.RTN_UNICAST)
- .collect(Collectors.toList());
+ return CollectionUtils.filter(mRoutes, route -> route.getType() == RouteInfo.RTN_UNICAST);
}
/**
diff --git a/framework/src/android/net/NattSocketKeepalive.java b/framework/src/android/net/NattSocketKeepalive.java
index a15d165..56cc923 100644
--- a/framework/src/android/net/NattSocketKeepalive.java
+++ b/framework/src/android/net/NattSocketKeepalive.java
@@ -33,7 +33,7 @@
@NonNull private final InetAddress mDestination;
private final int mResourceId;
- NattSocketKeepalive(@NonNull IConnectivityManager service,
+ public NattSocketKeepalive(@NonNull IConnectivityManager service,
@NonNull Network network,
@NonNull ParcelFileDescriptor pfd,
int resourceId,
@@ -48,7 +48,7 @@
}
@Override
- void startImpl(int intervalSec) {
+ protected void startImpl(int intervalSec) {
mExecutor.execute(() -> {
try {
mService.startNattKeepaliveWithFd(mNetwork, mPfd, mResourceId,
@@ -62,7 +62,7 @@
}
@Override
- void stopImpl() {
+ protected void stopImpl() {
mExecutor.execute(() -> {
try {
if (mSlot != null) {
diff --git a/framework/src/android/net/NetworkAgent.java b/framework/src/android/net/NetworkAgent.java
index 2c50c73..1486619 100644
--- a/framework/src/android/net/NetworkAgent.java
+++ b/framework/src/android/net/NetworkAgent.java
@@ -84,7 +84,7 @@
* the correct packets. Devices typically have a small number of slots
* per radio technology, and the specific number of slots for each
* technology is specified in configuration files.
- * {@see SocketKeepalive} for details.
+ * See {@link SocketKeepalive} for details.
*
* @hide
*/
@@ -913,7 +913,7 @@
* Must be called by the agent when the network's {@link LinkProperties} change.
* @param linkProperties the new LinkProperties.
*/
- public final void sendLinkProperties(@NonNull LinkProperties linkProperties) {
+ public void sendLinkProperties(@NonNull LinkProperties linkProperties) {
Objects.requireNonNull(linkProperties);
final LinkProperties lp = new LinkProperties(linkProperties);
queueOrSendMessage(reg -> reg.sendLinkProperties(lp));
@@ -938,7 +938,7 @@
* @param underlyingNetworks the new list of underlying networks.
* @see {@link VpnService.Builder#setUnderlyingNetworks(Network[])}
*/
- public final void setUnderlyingNetworks(
+ public void setUnderlyingNetworks(
@SuppressLint("NullableCollection") @Nullable List<Network> underlyingNetworks) {
final ArrayList<Network> underlyingArray = (underlyingNetworks != null)
? new ArrayList<>(underlyingNetworks) : null;
@@ -1088,7 +1088,7 @@
* Must be called by the agent when the network's {@link NetworkCapabilities} change.
* @param networkCapabilities the new NetworkCapabilities.
*/
- public final void sendNetworkCapabilities(@NonNull NetworkCapabilities networkCapabilities) {
+ public void sendNetworkCapabilities(@NonNull NetworkCapabilities networkCapabilities) {
Objects.requireNonNull(networkCapabilities);
mBandwidthUpdatePending.set(false);
mLastBwRefreshTime = System.currentTimeMillis();
@@ -1102,7 +1102,7 @@
*
* @param score the new score.
*/
- public final void sendNetworkScore(@NonNull NetworkScore score) {
+ public void sendNetworkScore(@NonNull NetworkScore score) {
Objects.requireNonNull(score);
queueOrSendMessage(reg -> reg.sendScore(score));
}
@@ -1113,7 +1113,7 @@
* @param score the new score, between 0 and 99.
* deprecated use sendNetworkScore(NetworkScore) TODO : remove in S.
*/
- public final void sendNetworkScore(@IntRange(from = 0, to = 99) int score) {
+ public void sendNetworkScore(@IntRange(from = 0, to = 99) int score) {
sendNetworkScore(new NetworkScore.Builder().setLegacyInt(score).build());
}
diff --git a/framework/src/android/net/NetworkAgentConfig.java b/framework/src/android/net/NetworkAgentConfig.java
index 0d2b620..da12a0a 100644
--- a/framework/src/android/net/NetworkAgentConfig.java
+++ b/framework/src/android/net/NetworkAgentConfig.java
@@ -188,7 +188,8 @@
* Set to true if the PRIVATE_DNS_BROKEN notification has shown for this network.
* Reset this bit when private DNS mode is changed from strict mode to opportunistic/off mode.
*
- * This is not parceled, because it would not make sense.
+ * This is not parceled, because it would not make sense. It's also ignored by the
+ * equals() and hashcode() methods.
*
* @hide
*/
@@ -252,7 +253,7 @@
/**
* Whether network validation should be performed for this VPN network.
- * {@see #isVpnValidationRequired}
+ * @see #isVpnValidationRequired
* @hide
*/
private boolean mVpnRequiresValidation = false;
@@ -503,8 +504,10 @@
&& provisioningNotificationDisabled == that.provisioningNotificationDisabled
&& skip464xlat == that.skip464xlat
&& legacyType == that.legacyType
+ && legacySubType == that.legacySubType
&& Objects.equals(subscriberId, that.subscriberId)
&& Objects.equals(legacyTypeName, that.legacyTypeName)
+ && Objects.equals(legacySubTypeName, that.legacySubTypeName)
&& Objects.equals(mLegacyExtraInfo, that.mLegacyExtraInfo)
&& excludeLocalRouteVpn == that.excludeLocalRouteVpn
&& mVpnRequiresValidation == that.mVpnRequiresValidation;
@@ -514,8 +517,8 @@
public int hashCode() {
return Objects.hash(allowBypass, explicitlySelected, acceptUnvalidated,
acceptPartialConnectivity, provisioningNotificationDisabled, subscriberId,
- skip464xlat, legacyType, legacyTypeName, mLegacyExtraInfo, excludeLocalRouteVpn,
- mVpnRequiresValidation);
+ skip464xlat, legacyType, legacySubType, legacyTypeName, legacySubTypeName,
+ mLegacyExtraInfo, excludeLocalRouteVpn, mVpnRequiresValidation);
}
@Override
@@ -529,8 +532,10 @@
+ ", subscriberId = '" + subscriberId + '\''
+ ", skip464xlat = " + skip464xlat
+ ", legacyType = " + legacyType
+ + ", legacySubType = " + legacySubType
+ ", hasShownBroken = " + hasShownBroken
+ ", legacyTypeName = '" + legacyTypeName + '\''
+ + ", legacySubTypeName = '" + legacySubTypeName + '\''
+ ", legacyExtraInfo = '" + mLegacyExtraInfo + '\''
+ ", excludeLocalRouteVpn = '" + excludeLocalRouteVpn + '\''
+ ", vpnRequiresValidation = '" + mVpnRequiresValidation + '\''
diff --git a/framework/src/android/net/NetworkCapabilities.java b/framework/src/android/net/NetworkCapabilities.java
index 97b1f32..ea8a3df 100644
--- a/framework/src/android/net/NetworkCapabilities.java
+++ b/framework/src/android/net/NetworkCapabilities.java
@@ -192,7 +192,7 @@
/**
* Bitfield representing the network's enterprise capability identifier. If any are specified
* they will be satisfied by any Network that matches all of them.
- * {@see addEnterpriseId} for details on how masks are added
+ * See {@link #addEnterpriseId(int)} for details on how masks are added
*/
private int mEnterpriseId;
@@ -1460,7 +1460,7 @@
* Sets the upstream bandwidth for this network in Kbps. This always only refers to
* the estimated first hop transport bandwidth.
* <p>
- * {@see Builder#setLinkUpstreamBandwidthKbps}
+ * @see Builder#setLinkUpstreamBandwidthKbps
*
* @param upKbps the estimated first hop upstream (device to network) bandwidth.
* @hide
@@ -1484,7 +1484,7 @@
* Sets the downstream bandwidth for this network in Kbps. This always only refers to
* the estimated first hop transport bandwidth.
* <p>
- * {@see Builder#setLinkUpstreamBandwidthKbps}
+ * @see Builder#setLinkUpstreamBandwidthKbps
*
* @param downKbps the estimated first hop downstream (network to device) bandwidth.
* @hide
@@ -2534,7 +2534,7 @@
/**
* Set the uid and package name of the app causing this network to exist.
*
- * {@see #setRequestorUid} and {@link #setRequestorPackageName}
+ * See {@link #setRequestorUid} and {@link #setRequestorPackageName}
*
* @param uid UID of the app.
* @param packageName package name of the app.
@@ -2719,7 +2719,7 @@
/**
* Removes the given transport type.
*
- * {@see #addTransportType}.
+ * @see #addTransportType
*
* @param transportType the transport type to be added or removed.
* @return this builder
@@ -3043,7 +3043,7 @@
* <p>
* This list cannot be null, but it can be empty to mean that no UID without the
* {@link android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS} permission
- * gets to access this network.
+ * can access this network.
*
* @param uids the list of UIDs that can always access this network
* @return this builder
diff --git a/framework/src/android/net/NetworkProvider.java b/framework/src/android/net/NetworkProvider.java
index 0665af5..7edcbae 100644
--- a/framework/src/android/net/NetworkProvider.java
+++ b/framework/src/android/net/NetworkProvider.java
@@ -319,6 +319,11 @@
* if it could beat any of them, and may be advantageous to the provider's implementation that
* can rely on no longer receiving callbacks for a network that they can't bring up anyways.
*
+ * Warning: This method executes asynchronously. The NetworkOfferCallback object can continue
+ * receiving onNetworkNeeded and onNetworkUnneeded callbacks even after this method has
+ * returned. In this case, it is on the caller to take appropriate steps in order to prevent
+ * bringing up a network.
+ *
* @hide
*/
@SystemApi
@@ -326,7 +331,9 @@
public void unregisterNetworkOffer(final @NonNull NetworkOfferCallback callback) {
final NetworkOfferCallbackProxy proxy = findProxyForCallback(callback);
if (null == proxy) return;
- mProxies.remove(proxy);
+ synchronized (mProxies) {
+ mProxies.remove(proxy);
+ }
mContext.getSystemService(ConnectivityManager.class).unofferNetwork(proxy);
}
}
diff --git a/framework/src/android/net/NetworkRequest.java b/framework/src/android/net/NetworkRequest.java
index 4f9d845..b7a6076 100644
--- a/framework/src/android/net/NetworkRequest.java
+++ b/framework/src/android/net/NetworkRequest.java
@@ -423,7 +423,6 @@
*
* @deprecated Use {@link #setNetworkSpecifier(NetworkSpecifier)} instead.
*/
- @SuppressLint("NewApi") // TODO: b/193460475 remove once fixed
@Deprecated
public Builder setNetworkSpecifier(String networkSpecifier) {
try {
@@ -440,15 +439,6 @@
} else if (mNetworkCapabilities.hasTransport(TRANSPORT_TEST)) {
return setNetworkSpecifier(new TestNetworkSpecifier(networkSpecifier));
} else {
- // TODO: b/193460475 remove comment once fixed
- // @SuppressLint("NewApi") is due to EthernetNetworkSpecifier being changed
- // from @SystemApi to public. EthernetNetworkSpecifier was introduced in Android
- // 12 as @SystemApi(client = MODULE_LIBRARIES) and made public in Android 13.
- // b/193460475 means in the above situation the tools will think
- // EthernetNetworkSpecifier didn't exist in Android 12, causing the NewApi lint
- // to fail. In this case, this is actually safe because this code was
- // modularized in Android 12, so it can't run on SDKs before Android 12 and is
- // therefore guaranteed to always have this class available to it.
return setNetworkSpecifier(new EthernetNetworkSpecifier(networkSpecifier));
}
}
diff --git a/framework/src/android/net/NetworkScore.java b/framework/src/android/net/NetworkScore.java
index 7be7deb..815e2b0 100644
--- a/framework/src/android/net/NetworkScore.java
+++ b/framework/src/android/net/NetworkScore.java
@@ -181,7 +181,7 @@
@Override
public String toString() {
- return "Score(" + mLegacyInt + " ; Policies : " + mPolicies + ")";
+ return "Score(Policies : " + mPolicies + ")";
}
@Override
diff --git a/framework/src/android/net/ProfileNetworkPreference.java b/framework/src/android/net/ProfileNetworkPreference.java
index fdcab02..8b98721 100644
--- a/framework/src/android/net/ProfileNetworkPreference.java
+++ b/framework/src/android/net/ProfileNetworkPreference.java
@@ -79,7 +79,7 @@
* if included is not empty, then only included UIDs are applied.
* if excluded is not empty, then it is all uids in the user profile except these UIDs.
* @return Array of uids included for the profile preference.
- * {@see #getExcludedUids()}
+ * @see #getExcludedUids()
*/
public @NonNull int[] getIncludedUids() {
return mIncludedUids.clone();
@@ -93,7 +93,7 @@
* <ul>If included is not empty, then only included UIDs are applied.</ul>
* <ul>If excluded is not empty, then it is all uids in the user profile except these UIDs.</ul>
* @return Array of uids not included for the profile preference.
- * {@see #getIncludedUids()}
+ * @see #getIncludedUids()
*/
public @NonNull int[] getExcludedUids() {
return mExcludedUids.clone();
@@ -177,7 +177,7 @@
/**
* This is a array of uids for which profile perefence is set.
* Empty would mean that this preference applies to all uids in the profile.
- * {@see #setExcludedUids(int[])}
+ * @see #setExcludedUids(int[])
* Included UIDs and Excluded UIDs can't both be non-empty.
* if both are empty, it means this request applies to all uids in the user profile.
* if included is not empty, then only included UIDs are applied.
@@ -195,7 +195,7 @@
/**
* This is a array of uids that are excluded for the profile perefence.
- * {@see #setIncludedUids(int[])}
+ * @see #setIncludedUids(int[])
* Included UIDs and Excluded UIDs can't both be non-empty.
* if both are empty, it means this request applies to all uids in the user profile.
* if included is not empty, then only included UIDs are applied.
diff --git a/framework/src/android/net/QosCallbackConnection.java b/framework/src/android/net/QosCallbackConnection.java
index de0fc24..cfceddd 100644
--- a/framework/src/android/net/QosCallbackConnection.java
+++ b/framework/src/android/net/QosCallbackConnection.java
@@ -35,7 +35,7 @@
*
* @hide
*/
-class QosCallbackConnection extends android.net.IQosCallback.Stub {
+public class QosCallbackConnection extends android.net.IQosCallback.Stub {
@NonNull private final ConnectivityManager mConnectivityManager;
@Nullable private volatile QosCallback mCallback;
@@ -56,7 +56,7 @@
* {@link Executor} must run callback sequentially, otherwise the order of
* callbacks cannot be guaranteed.
*/
- QosCallbackConnection(@NonNull final ConnectivityManager connectivityManager,
+ public QosCallbackConnection(@NonNull final ConnectivityManager connectivityManager,
@NonNull final QosCallback callback,
@NonNull final Executor executor) {
mConnectivityManager = Objects.requireNonNull(connectivityManager,
@@ -142,7 +142,7 @@
* There are no synchronization guarantees on exactly when the callback will stop receiving
* messages.
*/
- void stopReceivingMessages() {
+ public void stopReceivingMessages() {
mCallback = null;
}
}
diff --git a/framework/src/android/net/QosCallbackException.java b/framework/src/android/net/QosCallbackException.java
index ed6eb15..7de3dd1 100644
--- a/framework/src/android/net/QosCallbackException.java
+++ b/framework/src/android/net/QosCallbackException.java
@@ -46,8 +46,10 @@
EX_TYPE_FILTER_NONE,
EX_TYPE_FILTER_NETWORK_RELEASED,
EX_TYPE_FILTER_SOCKET_NOT_BOUND,
+ EX_TYPE_FILTER_SOCKET_NOT_CONNECTED,
EX_TYPE_FILTER_NOT_SUPPORTED,
EX_TYPE_FILTER_SOCKET_LOCAL_ADDRESS_CHANGED,
+ EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED,
})
@Retention(RetentionPolicy.SOURCE)
public @interface ExceptionType {}
@@ -55,6 +57,9 @@
private static final String TAG = "QosCallbackException";
// Types of exceptions supported //
+ // The constants are used for the sendQosCallbackError system API, so they must not be changed
+ // as there may be callers relying on their historical values to call that API.
+ // TODO: mark the constants as @SystemApi, since they are necessary to call a system API.
/** {@hide} */
public static final int EX_TYPE_FILTER_NONE = 0;
@@ -70,6 +75,12 @@
/** {@hide} */
public static final int EX_TYPE_FILTER_SOCKET_LOCAL_ADDRESS_CHANGED = 4;
+ /** {@hide} */
+ public static final int EX_TYPE_FILTER_SOCKET_NOT_CONNECTED = 5;
+
+ /** {@hide} */
+ public static final int EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED = 6;
+
/**
* Creates exception based off of a type and message. Not all types of exceptions accept a
* custom message.
@@ -77,18 +88,23 @@
* {@hide}
*/
@NonNull
- static QosCallbackException createException(@ExceptionType final int type) {
+ public static QosCallbackException createException(@ExceptionType final int type) {
switch (type) {
case EX_TYPE_FILTER_NETWORK_RELEASED:
return new QosCallbackException(new NetworkReleasedException());
case EX_TYPE_FILTER_SOCKET_NOT_BOUND:
return new QosCallbackException(new SocketNotBoundException());
+ case EX_TYPE_FILTER_SOCKET_NOT_CONNECTED:
+ return new QosCallbackException(new SocketNotConnectedException());
case EX_TYPE_FILTER_NOT_SUPPORTED:
return new QosCallbackException(new UnsupportedOperationException(
"This device does not support the specified filter"));
case EX_TYPE_FILTER_SOCKET_LOCAL_ADDRESS_CHANGED:
return new QosCallbackException(
new SocketLocalAddressChangedException());
+ case EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED:
+ return new QosCallbackException(
+ new SocketRemoteAddressChangedException());
default:
Log.wtf(TAG, "create: No case setup for exception type: '" + type + "'");
return new QosCallbackException(
diff --git a/framework/src/android/net/QosFilter.java b/framework/src/android/net/QosFilter.java
index 5c1c3cc..a731b23 100644
--- a/framework/src/android/net/QosFilter.java
+++ b/framework/src/android/net/QosFilter.java
@@ -33,13 +33,15 @@
@SystemApi
public abstract class QosFilter {
- /**
- * The constructor is kept hidden from outside this package to ensure that all derived types
- * are known and properly handled when being passed to and from {@link NetworkAgent}.
- *
- * @hide
- */
- QosFilter() {
+ /** @hide */
+ protected QosFilter() {
+ // Ensure that all derived types are known, and known to be properly handled when being
+ // passed to and from NetworkAgent.
+ // For now the only known derived type is QosSocketFilter.
+ if (!(this instanceof QosSocketFilter)) {
+ throw new UnsupportedOperationException(
+ "Unsupported QosFilter type: " + this.getClass().getName());
+ }
}
/**
@@ -90,5 +92,20 @@
*/
public abstract boolean matchesRemoteAddress(@NonNull InetAddress address,
int startPort, int endPort);
+
+ /**
+ * Determines whether or not the parameter will be matched with this filter.
+ *
+ * @param protocol the protocol such as TCP or UDP included in IP packet filter set of a QoS
+ * flow assigned on {@link Network}. Only {@code IPPROTO_TCP} and {@code
+ * IPPROTO_UDP} currently supported.
+ * @return whether the parameters match the socket type of the filter
+ */
+ // Since this method is added in U, it's required to be default method for binary compatibility
+ // with existing @SystemApi.
+ // IPPROTO_* are not compile-time constants, so they are not annotated with @IntDef.
+ public boolean matchesProtocol(int protocol) {
+ return false;
+ }
}
diff --git a/framework/src/android/net/QosFilterParcelable.java b/framework/src/android/net/QosFilterParcelable.java
index da3b2cf..6e71fa3 100644
--- a/framework/src/android/net/QosFilterParcelable.java
+++ b/framework/src/android/net/QosFilterParcelable.java
@@ -104,7 +104,7 @@
if (mQosFilter instanceof QosSocketFilter) {
dest.writeInt(QOS_SOCKET_FILTER);
final QosSocketFilter qosSocketFilter = (QosSocketFilter) mQosFilter;
- qosSocketFilter.getQosSocketInfo().writeToParcel(dest, 0);
+ qosSocketFilter.getQosSocketInfo().writeToParcelWithoutFd(dest, 0);
return;
}
dest.writeInt(NO_FILTER_PRESENT);
diff --git a/framework/src/android/net/QosSocketFilter.java b/framework/src/android/net/QosSocketFilter.java
index 69da7f4..5ceeb67 100644
--- a/framework/src/android/net/QosSocketFilter.java
+++ b/framework/src/android/net/QosSocketFilter.java
@@ -18,6 +18,13 @@
import static android.net.QosCallbackException.EX_TYPE_FILTER_NONE;
import static android.net.QosCallbackException.EX_TYPE_FILTER_SOCKET_LOCAL_ADDRESS_CHANGED;
+import static android.net.QosCallbackException.EX_TYPE_FILTER_SOCKET_NOT_BOUND;
+import static android.net.QosCallbackException.EX_TYPE_FILTER_SOCKET_NOT_CONNECTED;
+import static android.net.QosCallbackException.EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED;
+import static android.system.OsConstants.IPPROTO_TCP;
+import static android.system.OsConstants.IPPROTO_UDP;
+import static android.system.OsConstants.SOCK_DGRAM;
+import static android.system.OsConstants.SOCK_STREAM;
import android.annotation.NonNull;
import android.annotation.Nullable;
@@ -74,19 +81,34 @@
* 2. In the scenario that the socket is now bound to a different local address, which can
* happen in the case of UDP, then
* {@link QosCallbackException.EX_TYPE_FILTER_SOCKET_LOCAL_ADDRESS_CHANGED} is returned.
+ * 3. In the scenario that the UDP socket changed remote address, then
+ * {@link QosCallbackException.EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED} is returned.
+ *
* @return validation error code
*/
@Override
public int validate() {
- final InetSocketAddress sa = getAddressFromFileDescriptor();
- if (sa == null) {
- return QosCallbackException.EX_TYPE_FILTER_SOCKET_NOT_BOUND;
+ final InetSocketAddress sa = getLocalAddressFromFileDescriptor();
+
+ if (sa == null || (sa.getAddress().isAnyLocalAddress() && sa.getPort() == 0)) {
+ return EX_TYPE_FILTER_SOCKET_NOT_BOUND;
}
if (!sa.equals(mQosSocketInfo.getLocalSocketAddress())) {
return EX_TYPE_FILTER_SOCKET_LOCAL_ADDRESS_CHANGED;
}
+ if (mQosSocketInfo.getRemoteSocketAddress() != null) {
+ final InetSocketAddress da = getRemoteAddressFromFileDescriptor();
+ if (da == null) {
+ return EX_TYPE_FILTER_SOCKET_NOT_CONNECTED;
+ }
+
+ if (!da.equals(mQosSocketInfo.getRemoteSocketAddress())) {
+ return EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED;
+ }
+ }
+
return EX_TYPE_FILTER_NONE;
}
@@ -98,17 +120,14 @@
* @return the local address
*/
@Nullable
- private InetSocketAddress getAddressFromFileDescriptor() {
+ private InetSocketAddress getLocalAddressFromFileDescriptor() {
final ParcelFileDescriptor parcelFileDescriptor = mQosSocketInfo.getParcelFileDescriptor();
- if (parcelFileDescriptor == null) return null;
-
final FileDescriptor fd = parcelFileDescriptor.getFileDescriptor();
- if (fd == null) return null;
final SocketAddress address;
try {
address = Os.getsockname(fd);
- } catch (final ErrnoException e) {
+ } catch (ErrnoException e) {
Log.e(TAG, "getAddressFromFileDescriptor: getLocalAddress exception", e);
return null;
}
@@ -119,6 +138,31 @@
}
/**
+ * The remote address of the socket's connected.
+ *
+ * <p>Note: If the socket is no longer connected, null is returned.
+ *
+ * @return the remote address
+ */
+ @Nullable
+ private InetSocketAddress getRemoteAddressFromFileDescriptor() {
+ final ParcelFileDescriptor parcelFileDescriptor = mQosSocketInfo.getParcelFileDescriptor();
+ final FileDescriptor fd = parcelFileDescriptor.getFileDescriptor();
+
+ final SocketAddress address;
+ try {
+ address = Os.getpeername(fd);
+ } catch (ErrnoException e) {
+ Log.e(TAG, "getAddressFromFileDescriptor: getRemoteAddress exception", e);
+ return null;
+ }
+ if (address instanceof InetSocketAddress) {
+ return (InetSocketAddress) address;
+ }
+ return null;
+ }
+
+ /**
* The network used with this filter.
*
* @return the registered {@link Network}
@@ -156,6 +200,18 @@
}
/**
+ * @inheritDoc
+ */
+ @Override
+ public boolean matchesProtocol(final int protocol) {
+ if ((mQosSocketInfo.getSocketType() == SOCK_STREAM && protocol == IPPROTO_TCP)
+ || (mQosSocketInfo.getSocketType() == SOCK_DGRAM && protocol == IPPROTO_UDP)) {
+ return true;
+ }
+ return false;
+ }
+
+ /**
* Called from {@link QosSocketFilter#matchesLocalAddress(InetAddress, int, int)}
* and {@link QosSocketFilter#matchesRemoteAddress(InetAddress, int, int)} with the
* filterSocketAddress coming from {@link QosSocketInfo#getLocalSocketAddress()}.
@@ -174,6 +230,7 @@
final int startPort, final int endPort) {
return startPort <= filterSocketAddress.getPort()
&& endPort >= filterSocketAddress.getPort()
- && filterSocketAddress.getAddress().equals(address);
+ && (address.isAnyLocalAddress()
+ || filterSocketAddress.getAddress().equals(address));
}
}
diff --git a/framework/src/android/net/QosSocketInfo.java b/framework/src/android/net/QosSocketInfo.java
index 39c2f33..1c3db23 100644
--- a/framework/src/android/net/QosSocketInfo.java
+++ b/framework/src/android/net/QosSocketInfo.java
@@ -73,9 +73,10 @@
* The parcel file descriptor wrapped around the socket's file descriptor.
*
* @return the parcel file descriptor of the socket
+ * @hide
*/
@NonNull
- ParcelFileDescriptor getParcelFileDescriptor() {
+ public ParcelFileDescriptor getParcelFileDescriptor() {
return mParcelFileDescriptor;
}
@@ -143,7 +144,6 @@
*
* @param network the network
* @param socket the bound {@link DatagramSocket}
- * @hide
*/
public QosSocketInfo(@NonNull final Network network, @NonNull final DatagramSocket socket)
throws IOException {
@@ -165,25 +165,28 @@
/* Parcelable methods */
private QosSocketInfo(final Parcel in) {
mNetwork = Objects.requireNonNull(Network.CREATOR.createFromParcel(in));
- mParcelFileDescriptor = ParcelFileDescriptor.CREATOR.createFromParcel(in);
+ final boolean withFd = in.readBoolean();
+ if (withFd) {
+ mParcelFileDescriptor = ParcelFileDescriptor.CREATOR.createFromParcel(in);
+ } else {
+ mParcelFileDescriptor = null;
+ }
- final int localAddressLength = in.readInt();
- mLocalSocketAddress = readSocketAddress(in, localAddressLength);
-
- final int remoteAddressLength = in.readInt();
- mRemoteSocketAddress = remoteAddressLength == 0 ? null
- : readSocketAddress(in, remoteAddressLength);
+ mLocalSocketAddress = readSocketAddress(in);
+ mRemoteSocketAddress = readSocketAddress(in);
mSocketType = in.readInt();
}
- private @NonNull InetSocketAddress readSocketAddress(final Parcel in, final int addressLength) {
- final byte[] address = new byte[addressLength];
- in.readByteArray(address);
+ private InetSocketAddress readSocketAddress(final Parcel in) {
+ final byte[] addrBytes = in.createByteArray();
+ if (addrBytes == null) {
+ return null;
+ }
final int port = in.readInt();
try {
- return new InetSocketAddress(InetAddress.getByAddress(address), port);
+ return new InetSocketAddress(InetAddress.getByAddress(addrBytes), port);
} catch (final UnknownHostException e) {
/* This can never happen. UnknownHostException will never be thrown
since the address provided is numeric and non-null. */
@@ -198,20 +201,35 @@
@Override
public void writeToParcel(@NonNull final Parcel dest, final int flags) {
- mNetwork.writeToParcel(dest, 0);
- mParcelFileDescriptor.writeToParcel(dest, 0);
+ writeToParcelInternal(dest, flags, /*includeFd=*/ true);
+ }
- final byte[] localAddress = mLocalSocketAddress.getAddress().getAddress();
- dest.writeInt(localAddress.length);
- dest.writeByteArray(localAddress);
+ /**
+ * Used when sending QosSocketInfo to telephony, which does not need access to the socket FD.
+ * @hide
+ */
+ public void writeToParcelWithoutFd(@NonNull final Parcel dest, final int flags) {
+ writeToParcelInternal(dest, flags, /*includeFd=*/ false);
+ }
+
+ private void writeToParcelInternal(
+ @NonNull final Parcel dest, final int flags, boolean includeFd) {
+ mNetwork.writeToParcel(dest, 0);
+
+ if (includeFd) {
+ dest.writeBoolean(true);
+ mParcelFileDescriptor.writeToParcel(dest, 0);
+ } else {
+ dest.writeBoolean(false);
+ }
+
+ dest.writeByteArray(mLocalSocketAddress.getAddress().getAddress());
dest.writeInt(mLocalSocketAddress.getPort());
if (mRemoteSocketAddress == null) {
- dest.writeInt(0);
+ dest.writeByteArray(null);
} else {
- final byte[] remoteAddress = mRemoteSocketAddress.getAddress().getAddress();
- dest.writeInt(remoteAddress.length);
- dest.writeByteArray(remoteAddress);
+ dest.writeByteArray(mRemoteSocketAddress.getAddress().getAddress());
dest.writeInt(mRemoteSocketAddress.getPort());
}
dest.writeInt(mSocketType);
diff --git a/framework/src/android/net/SocketKeepalive.java b/framework/src/android/net/SocketKeepalive.java
index f6cae72..57cf5e3 100644
--- a/framework/src/android/net/SocketKeepalive.java
+++ b/framework/src/android/net/SocketKeepalive.java
@@ -52,7 +52,8 @@
* request. If it does, it MUST support at least 3 concurrent keepalive slots.
*/
public abstract class SocketKeepalive implements AutoCloseable {
- static final String TAG = "SocketKeepalive";
+ /** @hide */
+ protected static final String TAG = "SocketKeepalive";
/**
* Success. It indicates there is no error.
@@ -215,15 +216,22 @@
}
}
- @NonNull final IConnectivityManager mService;
- @NonNull final Network mNetwork;
- @NonNull final ParcelFileDescriptor mPfd;
- @NonNull final Executor mExecutor;
- @NonNull final ISocketKeepaliveCallback mCallback;
+ /** @hide */
+ @NonNull protected final IConnectivityManager mService;
+ /** @hide */
+ @NonNull protected final Network mNetwork;
+ /** @hide */
+ @NonNull protected final ParcelFileDescriptor mPfd;
+ /** @hide */
+ @NonNull protected final Executor mExecutor;
+ /** @hide */
+ @NonNull protected final ISocketKeepaliveCallback mCallback;
// TODO: remove slot since mCallback could be used to identify which keepalive to stop.
- @Nullable Integer mSlot;
+ /** @hide */
+ @Nullable protected Integer mSlot;
- SocketKeepalive(@NonNull IConnectivityManager service, @NonNull Network network,
+ /** @hide */
+ public SocketKeepalive(@NonNull IConnectivityManager service, @NonNull Network network,
@NonNull ParcelFileDescriptor pfd,
@NonNull Executor executor, @NonNull Callback callback) {
mService = service;
@@ -303,7 +311,8 @@
startImpl(intervalSec);
}
- abstract void startImpl(int intervalSec);
+ /** @hide */
+ protected abstract void startImpl(int intervalSec);
/**
* Requests that keepalive be stopped. The application must wait for {@link Callback#onStopped}
@@ -313,7 +322,8 @@
stopImpl();
}
- abstract void stopImpl();
+ /** @hide */
+ protected abstract void stopImpl();
/**
* Deactivate this {@link SocketKeepalive} and free allocated resources. The instance won't be
diff --git a/service-t/src/com/android/server/net/CookieTagMapKey.java b/framework/src/android/net/SocketNotConnectedException.java
similarity index 60%
copy from service-t/src/com/android/server/net/CookieTagMapKey.java
copy to framework/src/android/net/SocketNotConnectedException.java
index 443e5b3..a6357c7 100644
--- a/service-t/src/com/android/server/net/CookieTagMapKey.java
+++ b/framework/src/android/net/SocketNotConnectedException.java
@@ -14,20 +14,21 @@
* limitations under the License.
*/
-package com.android.server.net;
+package android.net;
-import com.android.net.module.util.Struct;
-import com.android.net.module.util.Struct.Field;
-import com.android.net.module.util.Struct.Type;
+import android.annotation.SystemApi;
+
+import com.android.internal.annotations.VisibleForTesting;
/**
- * Key for cookie tag map.
+ * Thrown when a previously bound socket becomes unbound.
+ *
+ * @hide
*/
-public class CookieTagMapKey extends Struct {
- @Field(order = 0, type = Type.S64)
- public final long socketCookie;
-
- public CookieTagMapKey(final long socketCookie) {
- this.socketCookie = socketCookie;
+@SystemApi
+public class SocketNotConnectedException extends Exception {
+ @VisibleForTesting
+ public SocketNotConnectedException() {
+ super("The socket is not connected");
}
}
diff --git a/service-t/src/com/android/server/net/CookieTagMapKey.java b/framework/src/android/net/SocketRemoteAddressChangedException.java
similarity index 60%
copy from service-t/src/com/android/server/net/CookieTagMapKey.java
copy to framework/src/android/net/SocketRemoteAddressChangedException.java
index 443e5b3..e13d5ed 100644
--- a/service-t/src/com/android/server/net/CookieTagMapKey.java
+++ b/framework/src/android/net/SocketRemoteAddressChangedException.java
@@ -14,20 +14,21 @@
* limitations under the License.
*/
-package com.android.server.net;
+package android.net;
-import com.android.net.module.util.Struct;
-import com.android.net.module.util.Struct.Field;
-import com.android.net.module.util.Struct.Type;
+import android.annotation.SystemApi;
+
+import com.android.internal.annotations.VisibleForTesting;
/**
- * Key for cookie tag map.
+ * Thrown when the local address of the socket has changed.
+ *
+ * @hide
*/
-public class CookieTagMapKey extends Struct {
- @Field(order = 0, type = Type.S64)
- public final long socketCookie;
-
- public CookieTagMapKey(final long socketCookie) {
- this.socketCookie = socketCookie;
+@SystemApi
+public class SocketRemoteAddressChangedException extends Exception {
+ @VisibleForTesting
+ public SocketRemoteAddressChangedException() {
+ super("The remote address of the socket changed");
}
}
diff --git a/framework/src/android/net/TcpSocketKeepalive.java b/framework/src/android/net/TcpSocketKeepalive.java
index d89814d..7131784 100644
--- a/framework/src/android/net/TcpSocketKeepalive.java
+++ b/framework/src/android/net/TcpSocketKeepalive.java
@@ -24,9 +24,9 @@
import java.util.concurrent.Executor;
/** @hide */
-final class TcpSocketKeepalive extends SocketKeepalive {
+public final class TcpSocketKeepalive extends SocketKeepalive {
- TcpSocketKeepalive(@NonNull IConnectivityManager service,
+ public TcpSocketKeepalive(@NonNull IConnectivityManager service,
@NonNull Network network,
@NonNull ParcelFileDescriptor pfd,
@NonNull Executor executor,
@@ -50,7 +50,7 @@
* acknowledgement.
*/
@Override
- void startImpl(int intervalSec) {
+ protected void startImpl(int intervalSec) {
mExecutor.execute(() -> {
try {
mService.startTcpKeepalive(mNetwork, mPfd, intervalSec, mCallback);
@@ -62,7 +62,7 @@
}
@Override
- void stopImpl() {
+ protected void stopImpl() {
mExecutor.execute(() -> {
try {
if (mSlot != null) {
diff --git a/framework/src/android/net/TestNetworkInterface.java b/framework/src/android/net/TestNetworkInterface.java
index 4449ff8..26200e1 100644
--- a/framework/src/android/net/TestNetworkInterface.java
+++ b/framework/src/android/net/TestNetworkInterface.java
@@ -16,22 +16,32 @@
package android.net;
import android.annotation.NonNull;
+import android.annotation.Nullable;
import android.annotation.SystemApi;
import android.os.Parcel;
import android.os.ParcelFileDescriptor;
import android.os.Parcelable;
+import android.util.Log;
+
+import java.net.NetworkInterface;
+import java.net.SocketException;
/**
- * This class is used to return the interface name and fd of the test interface
+ * This class is used to return the interface name, fd, MAC, and MTU of the test interface
*
* @hide
*/
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
public final class TestNetworkInterface implements Parcelable {
+ private static final String TAG = "TestNetworkInterface";
+
@NonNull
private final ParcelFileDescriptor mFileDescriptor;
@NonNull
private final String mInterfaceName;
+ @Nullable
+ private final MacAddress mMacAddress;
+ private final int mMtu;
@Override
public int describeContents() {
@@ -40,18 +50,41 @@
@Override
public void writeToParcel(@NonNull Parcel out, int flags) {
- out.writeParcelable(mFileDescriptor, PARCELABLE_WRITE_RETURN_VALUE);
+ out.writeParcelable(mFileDescriptor, flags);
out.writeString(mInterfaceName);
+ out.writeParcelable(mMacAddress, flags);
+ out.writeInt(mMtu);
}
public TestNetworkInterface(@NonNull ParcelFileDescriptor pfd, @NonNull String intf) {
mFileDescriptor = pfd;
mInterfaceName = intf;
+
+ MacAddress macAddress = null;
+ int mtu = 1500;
+ try {
+ // This constructor is called by TestNetworkManager which runs inside the system server,
+ // which has permission to read the MacAddress.
+ NetworkInterface nif = NetworkInterface.getByName(mInterfaceName);
+
+ // getHardwareAddress() returns null for tun interfaces.
+ byte[] hardwareAddress = nif.getHardwareAddress();
+ if (hardwareAddress != null) {
+ macAddress = MacAddress.fromBytes(nif.getHardwareAddress());
+ }
+ mtu = nif.getMTU();
+ } catch (SocketException e) {
+ Log.e(TAG, "Failed to fetch MacAddress or MTU size from NetworkInterface", e);
+ }
+ mMacAddress = macAddress;
+ mMtu = mtu;
}
private TestNetworkInterface(@NonNull Parcel in) {
mFileDescriptor = in.readParcelable(ParcelFileDescriptor.class.getClassLoader());
mInterfaceName = in.readString();
+ mMacAddress = in.readParcelable(MacAddress.class.getClassLoader());
+ mMtu = in.readInt();
}
@NonNull
@@ -64,6 +97,15 @@
return mInterfaceName;
}
+ @Nullable
+ public MacAddress getMacAddress() {
+ return mMacAddress;
+ }
+
+ public int getMtu() {
+ return mMtu;
+ }
+
@NonNull
public static final Parcelable.Creator<TestNetworkInterface> CREATOR =
new Parcelable.Creator<TestNetworkInterface>() {
diff --git a/framework/src/android/net/TestNetworkManager.java b/framework/src/android/net/TestNetworkManager.java
index 4e78823..b64299f 100644
--- a/framework/src/android/net/TestNetworkManager.java
+++ b/framework/src/android/net/TestNetworkManager.java
@@ -58,6 +58,9 @@
private static final boolean TAP = false;
private static final boolean TUN = true;
private static final boolean BRING_UP = true;
+ private static final boolean CARRIER_UP = true;
+ // sets disableIpv6ProvisioningDelay to false.
+ private static final boolean USE_IPV6_PROV_DELAY = false;
private static final LinkAddress[] NO_ADDRS = new LinkAddress[0];
/** @hide */
@@ -166,8 +169,8 @@
public TestNetworkInterface createTunInterface(@NonNull Collection<LinkAddress> linkAddrs) {
try {
final LinkAddress[] arr = new LinkAddress[linkAddrs.size()];
- return mService.createInterface(TUN, BRING_UP, linkAddrs.toArray(arr),
- null /* iface */);
+ return mService.createInterface(TUN, CARRIER_UP, BRING_UP, USE_IPV6_PROV_DELAY,
+ linkAddrs.toArray(arr), null /* iface */);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
@@ -185,7 +188,27 @@
@NonNull
public TestNetworkInterface createTapInterface() {
try {
- return mService.createInterface(TAP, BRING_UP, NO_ADDRS, null /* iface */);
+ return mService.createInterface(TAP, CARRIER_UP, BRING_UP, USE_IPV6_PROV_DELAY,
+ NO_ADDRS, null /* iface */);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
+
+ /**
+ * Create a tap interface for testing purposes
+ *
+ * @param linkAddrs an array of LinkAddresses to assign to the TAP interface
+ * @return A TestNetworkInterface representing the underlying TAP interface. Close the contained
+ * ParcelFileDescriptor to tear down the TAP interface.
+ * @hide
+ */
+ @RequiresPermission(Manifest.permission.MANAGE_TEST_NETWORKS)
+ @NonNull
+ public TestNetworkInterface createTapInterface(@NonNull LinkAddress[] linkAddrs) {
+ try {
+ return mService.createInterface(TAP, CARRIER_UP, BRING_UP, USE_IPV6_PROV_DELAY,
+ linkAddrs, null /* iface */);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
@@ -204,7 +227,8 @@
@NonNull
public TestNetworkInterface createTapInterface(boolean bringUp) {
try {
- return mService.createInterface(TAP, bringUp, NO_ADDRS, null /* iface */);
+ return mService.createInterface(TAP, CARRIER_UP, bringUp, USE_IPV6_PROV_DELAY,
+ NO_ADDRS, null /* iface */);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
@@ -226,7 +250,87 @@
@NonNull
public TestNetworkInterface createTapInterface(boolean bringUp, @NonNull String iface) {
try {
- return mService.createInterface(TAP, bringUp, NO_ADDRS, iface);
+ return mService.createInterface(TAP, CARRIER_UP, bringUp, USE_IPV6_PROV_DELAY,
+ NO_ADDRS, iface);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
+
+ /**
+ * Create a tap interface with or without carrier for testing purposes.
+ *
+ * Note: setting carrierUp = false is not supported until kernel version 5.0.
+ *
+ * @param carrierUp whether the created interface has a carrier or not.
+ * @param bringUp whether to bring up the interface before returning it.
+ * @hide
+ */
+ @RequiresPermission(Manifest.permission.MANAGE_TEST_NETWORKS)
+ @NonNull
+ public TestNetworkInterface createTapInterface(boolean carrierUp, boolean bringUp) {
+ try {
+ return mService.createInterface(TAP, carrierUp, bringUp, USE_IPV6_PROV_DELAY, NO_ADDRS,
+ null /* iface */);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
+
+ /**
+ * Create a tap interface for testing purposes.
+ *
+ * @param carrierUp whether the created interface has a carrier or not.
+ * @param bringUp whether to bring up the interface before returning it.
+ * @param disableIpv6ProvisioningDelay whether to disable DAD and RS delay.
+ * @hide
+ */
+ @RequiresPermission(Manifest.permission.MANAGE_TEST_NETWORKS)
+ @NonNull
+ public TestNetworkInterface createTapInterface(boolean carrierUp, boolean bringUp,
+ boolean disableIpv6ProvisioningDelay) {
+ try {
+ return mService.createInterface(TAP, carrierUp, bringUp, disableIpv6ProvisioningDelay,
+ NO_ADDRS, null /* iface */);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
+
+ /**
+ * Create a tap interface for testing purposes.
+ *
+ * @param disableIpv6ProvisioningDelay whether to disable DAD and RS delay.
+ * @param linkAddrs an array of LinkAddresses to assign to the TAP interface
+ * @return A TestNetworkInterface representing the underlying TAP interface. Close the contained
+ * ParcelFileDescriptor to tear down the TAP interface.
+ * @hide
+ */
+ @RequiresPermission(Manifest.permission.MANAGE_TEST_NETWORKS)
+ @NonNull
+ public TestNetworkInterface createTapInterface(boolean disableIpv6ProvisioningDelay,
+ @NonNull LinkAddress[] linkAddrs) {
+ try {
+ return mService.createInterface(TAP, CARRIER_UP, BRING_UP, disableIpv6ProvisioningDelay,
+ linkAddrs, null /* iface */);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
+
+ /**
+ * Enable / disable carrier on TestNetworkInterface
+ *
+ * Note: TUNSETCARRIER is not supported until kernel version 5.0.
+ *
+ * @param iface the interface to configure.
+ * @param enabled true to turn carrier on, false to turn carrier off.
+ * @hide
+ */
+ @RequiresPermission(Manifest.permission.MANAGE_TEST_NETWORKS)
+ public void setCarrierEnabled(@NonNull TestNetworkInterface iface, boolean enabled) {
+ try {
+ mService.setCarrierEnabled(iface, enabled);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
diff --git a/framework/src/android/net/util/MultinetworkPolicyTracker.java b/framework/src/android/net/util/MultinetworkPolicyTracker.java
deleted file mode 100644
index c1790c9..0000000
--- a/framework/src/android/net/util/MultinetworkPolicyTracker.java
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * Copyright (C) 2016 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.net.util;
-
-import static android.net.ConnectivitySettingsManager.NETWORK_AVOID_BAD_WIFI;
-import static android.net.ConnectivitySettingsManager.NETWORK_METERED_MULTIPATH_PREFERENCE;
-
-import android.annotation.NonNull;
-import android.annotation.TargetApi;
-import android.content.BroadcastReceiver;
-import android.content.ContentResolver;
-import android.content.Context;
-import android.content.Intent;
-import android.content.IntentFilter;
-import android.content.res.Resources;
-import android.database.ContentObserver;
-import android.net.ConnectivityResources;
-import android.net.Uri;
-import android.os.Build;
-import android.os.Handler;
-import android.provider.Settings;
-import android.telephony.SubscriptionManager;
-import android.telephony.TelephonyCallback;
-import android.telephony.TelephonyManager;
-import android.util.Log;
-
-import com.android.internal.annotations.VisibleForTesting;
-
-import java.util.Arrays;
-import java.util.List;
-import java.util.concurrent.Executor;
-import java.util.concurrent.RejectedExecutionException;
-
-/**
- * A class to encapsulate management of the "Smart Networking" capability of
- * avoiding bad Wi-Fi when, for example upstream connectivity is lost or
- * certain critical link failures occur.
- *
- * This enables the device to switch to another form of connectivity, like
- * mobile, if it's available and working.
- *
- * The Runnable |avoidBadWifiCallback|, if given, is posted to the supplied
- * Handler' whenever the computed "avoid bad wifi" value changes.
- *
- * Disabling this reverts the device to a level of networking sophistication
- * circa 2012-13 by disabling disparate code paths each of which contribute to
- * maintaining continuous, working Internet connectivity.
- *
- * @hide
- */
-public class MultinetworkPolicyTracker {
- private static String TAG = MultinetworkPolicyTracker.class.getSimpleName();
-
- private final Context mContext;
- private final ConnectivityResources mResources;
- private final Handler mHandler;
- private final Runnable mAvoidBadWifiCallback;
- private final List<Uri> mSettingsUris;
- private final ContentResolver mResolver;
- private final SettingObserver mSettingObserver;
- private final BroadcastReceiver mBroadcastReceiver;
-
- private volatile boolean mAvoidBadWifi = true;
- private volatile int mMeteredMultipathPreference;
- private int mActiveSubId = SubscriptionManager.INVALID_SUBSCRIPTION_ID;
- private volatile long mTestAllowBadWifiUntilMs = 0;
-
- // Mainline module can't use internal HandlerExecutor, so add an identical executor here.
- private static class HandlerExecutor implements Executor {
- @NonNull
- private final Handler mHandler;
-
- HandlerExecutor(@NonNull Handler handler) {
- mHandler = handler;
- }
- @Override
- public void execute(Runnable command) {
- if (!mHandler.post(command)) {
- throw new RejectedExecutionException(mHandler + " is shutting down");
- }
- }
- }
- // TODO: Set the mini sdk to 31 and remove @TargetApi annotation when b/205923322 is addressed.
- @VisibleForTesting @TargetApi(Build.VERSION_CODES.S)
- protected class ActiveDataSubscriptionIdListener extends TelephonyCallback
- implements TelephonyCallback.ActiveDataSubscriptionIdListener {
- @Override
- public void onActiveDataSubscriptionIdChanged(int subId) {
- mActiveSubId = subId;
- reevaluateInternal();
- }
- }
-
- public MultinetworkPolicyTracker(Context ctx, Handler handler) {
- this(ctx, handler, null);
- }
-
- // TODO: Set the mini sdk to 31 and remove @TargetApi annotation when b/205923322 is addressed.
- @TargetApi(Build.VERSION_CODES.S)
- public MultinetworkPolicyTracker(Context ctx, Handler handler, Runnable avoidBadWifiCallback) {
- mContext = ctx;
- mResources = new ConnectivityResources(ctx);
- mHandler = handler;
- mAvoidBadWifiCallback = avoidBadWifiCallback;
- mSettingsUris = Arrays.asList(
- Settings.Global.getUriFor(NETWORK_AVOID_BAD_WIFI),
- Settings.Global.getUriFor(NETWORK_METERED_MULTIPATH_PREFERENCE));
- mResolver = mContext.getContentResolver();
- mSettingObserver = new SettingObserver();
- mBroadcastReceiver = new BroadcastReceiver() {
- @Override
- public void onReceive(Context context, Intent intent) {
- reevaluateInternal();
- }
- };
-
- ctx.getSystemService(TelephonyManager.class).registerTelephonyCallback(
- new HandlerExecutor(handler), new ActiveDataSubscriptionIdListener());
-
- updateAvoidBadWifi();
- updateMeteredMultipathPreference();
- }
-
- public void start() {
- for (Uri uri : mSettingsUris) {
- mResolver.registerContentObserver(uri, false, mSettingObserver);
- }
-
- final IntentFilter intentFilter = new IntentFilter();
- intentFilter.addAction(Intent.ACTION_CONFIGURATION_CHANGED);
- mContext.registerReceiverForAllUsers(mBroadcastReceiver, intentFilter,
- null /* broadcastPermission */, mHandler);
-
- reevaluate();
- }
-
- public void shutdown() {
- mResolver.unregisterContentObserver(mSettingObserver);
-
- mContext.unregisterReceiver(mBroadcastReceiver);
- }
-
- public boolean getAvoidBadWifi() {
- return mAvoidBadWifi;
- }
-
- // TODO: move this to MultipathPolicyTracker.
- public int getMeteredMultipathPreference() {
- return mMeteredMultipathPreference;
- }
-
- /**
- * Whether the device or carrier configuration disables avoiding bad wifi by default.
- */
- public boolean configRestrictsAvoidBadWifi() {
- final boolean allowBadWifi = mTestAllowBadWifiUntilMs > 0
- && mTestAllowBadWifiUntilMs > System.currentTimeMillis();
- // If the config returns true, then avoid bad wifi design can be controlled by the
- // NETWORK_AVOID_BAD_WIFI setting.
- if (allowBadWifi) return true;
-
- // TODO: use R.integer.config_networkAvoidBadWifi directly
- final int id = mResources.get().getIdentifier("config_networkAvoidBadWifi",
- "integer", mResources.getResourcesContext().getPackageName());
- return (getResourcesForActiveSubId().getInteger(id) == 0);
- }
-
- /**
- * Temporarily allow bad wifi to override {@code config_networkAvoidBadWifi} configuration.
- * The value works when the time set is more than {@link System.currentTimeMillis()}.
- */
- public void setTestAllowBadWifiUntil(long timeMs) {
- Log.d(TAG, "setTestAllowBadWifiUntil: " + timeMs);
- mTestAllowBadWifiUntilMs = timeMs;
- reevaluateInternal();
- }
-
- @VisibleForTesting
- @NonNull
- protected Resources getResourcesForActiveSubId() {
- return SubscriptionManager.getResourcesForSubId(
- mResources.getResourcesContext(), mActiveSubId);
- }
-
- /**
- * Whether we should display a notification when wifi becomes unvalidated.
- */
- public boolean shouldNotifyWifiUnvalidated() {
- return configRestrictsAvoidBadWifi() && getAvoidBadWifiSetting() == null;
- }
-
- public String getAvoidBadWifiSetting() {
- return Settings.Global.getString(mResolver, NETWORK_AVOID_BAD_WIFI);
- }
-
- @VisibleForTesting
- public void reevaluate() {
- mHandler.post(this::reevaluateInternal);
- }
-
- /**
- * Reevaluate the settings. Must be called on the handler thread.
- */
- private void reevaluateInternal() {
- if (updateAvoidBadWifi() && mAvoidBadWifiCallback != null) {
- mAvoidBadWifiCallback.run();
- }
- updateMeteredMultipathPreference();
- }
-
- public boolean updateAvoidBadWifi() {
- final boolean settingAvoidBadWifi = "1".equals(getAvoidBadWifiSetting());
- final boolean prev = mAvoidBadWifi;
- mAvoidBadWifi = settingAvoidBadWifi || !configRestrictsAvoidBadWifi();
- return mAvoidBadWifi != prev;
- }
-
- /**
- * The default (device and carrier-dependent) value for metered multipath preference.
- */
- public int configMeteredMultipathPreference() {
- // TODO: use R.integer.config_networkMeteredMultipathPreference directly
- final int id = mResources.get().getIdentifier("config_networkMeteredMultipathPreference",
- "integer", mResources.getResourcesContext().getPackageName());
- return mResources.get().getInteger(id);
- }
-
- public void updateMeteredMultipathPreference() {
- String setting = Settings.Global.getString(mResolver, NETWORK_METERED_MULTIPATH_PREFERENCE);
- try {
- mMeteredMultipathPreference = Integer.parseInt(setting);
- } catch (NumberFormatException e) {
- mMeteredMultipathPreference = configMeteredMultipathPreference();
- }
- }
-
- private class SettingObserver extends ContentObserver {
- public SettingObserver() {
- super(null);
- }
-
- @Override
- public void onChange(boolean selfChange) {
- Log.wtf(TAG, "Should never be reached.");
- }
-
- @Override
- public void onChange(boolean selfChange, Uri uri) {
- if (!mSettingsUris.contains(uri)) {
- Log.wtf(TAG, "Unexpected settings observation: " + uri);
- }
- reevaluate();
- }
- }
-}
diff --git a/nearby/OWNERS b/nearby/OWNERS
index 980c221..844ef06 100644
--- a/nearby/OWNERS
+++ b/nearby/OWNERS
@@ -1,4 +1,6 @@
+chenw@google.com
chunzhang@google.com
weiwa@google.com
weiwu@google.com
+xinhe@google.com
xlythe@google.com
diff --git a/nearby/halfsheet/res/values-ro/strings.xml b/nearby/halfsheet/res/values-ro/strings.xml
index 5b50f15..189f698 100644
--- a/nearby/halfsheet/res/values-ro/strings.xml
+++ b/nearby/halfsheet/res/values-ro/strings.xml
@@ -18,12 +18,12 @@
<resources xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<string name="fast_pair_setup_in_progress" msgid="4158762239172829807">"Începe configurarea…"</string>
- <string name="fast_pair_title_setup" msgid="2894360355540593246">"Configurați dispozitivul"</string>
+ <string name="fast_pair_title_setup" msgid="2894360355540593246">"Configurează dispozitivul"</string>
<string name="fast_pair_device_ready" msgid="2903490346082833101">"Dispozitivul s-a conectat"</string>
<string name="fast_pair_title_fail" msgid="5677174346601290232">"Nu s-a putut conecta"</string>
<string name="paring_action_done" msgid="6888875159174470731">"Gata"</string>
- <string name="paring_action_save" msgid="6259357442067880136">"Salvați"</string>
- <string name="paring_action_connect" msgid="4801102939608129181">"Conectați"</string>
- <string name="paring_action_launch" msgid="8940808384126591230">"Configurați"</string>
+ <string name="paring_action_save" msgid="6259357442067880136">"Salvează"</string>
+ <string name="paring_action_connect" msgid="4801102939608129181">"Conectează"</string>
+ <string name="paring_action_launch" msgid="8940808384126591230">"Configurează"</string>
<string name="paring_action_settings" msgid="424875657242864302">"Setări"</string>
</resources>
diff --git a/nearby/tests/multidevices/clients/test_service/fastpair_seeker_data_provider/Android.bp b/nearby/tests/multidevices/clients/test_service/fastpair_seeker_data_provider/Android.bp
index 328751a..b406776 100644
--- a/nearby/tests/multidevices/clients/test_service/fastpair_seeker_data_provider/Android.bp
+++ b/nearby/tests/multidevices/clients/test_service/fastpair_seeker_data_provider/Android.bp
@@ -23,8 +23,8 @@
static_libs: [
// TODO(b/228406038): Remove "framework-nearby-static" once Fast Pair system APIs add back.
"framework-nearby-static",
+ "gson",
"guava",
- "gson-prebuilt-jar",
],
}
diff --git a/nearby/tests/unit/src/com/android/server/nearby/fastpair/cache/FastPairCacheManagerTest.java b/nearby/tests/unit/src/com/android/server/nearby/fastpair/cache/FastPairCacheManagerTest.java
index adae97d..fdda6f7 100644
--- a/nearby/tests/unit/src/com/android/server/nearby/fastpair/cache/FastPairCacheManagerTest.java
+++ b/nearby/tests/unit/src/com/android/server/nearby/fastpair/cache/FastPairCacheManagerTest.java
@@ -81,30 +81,20 @@
Context mContext = ApplicationProvider.getApplicationContext();
when(mDiscoveryItem.getCopyOfStoredItem()).thenReturn(mStoredDiscoveryItem);
when(mDiscoveryItem.getTriggerId()).thenReturn(MODEL_ID);
-
- FastPairCacheManager fastPairCacheManager = new FastPairCacheManager(mContext);
- fastPairCacheManager.saveDiscoveryItem(mDiscoveryItem);
- assertThat(fastPairCacheManager.getStoredDiscoveryItem(MODEL_ID).getAppName())
- .isEqualTo(APP_NAME);
- }
-
- @Test
- @SdkSuppress(minSdkVersion = 32, codeName = "T")
- public void getAllInfo() {
- Context mContext = ApplicationProvider.getApplicationContext();
- when(mDiscoveryItem.getCopyOfStoredItem()).thenReturn(mStoredDiscoveryItem);
- when(mDiscoveryItem.getTriggerId()).thenReturn(MODEL_ID);
when(mDiscoveryItem2.getCopyOfStoredItem()).thenReturn(mStoredDiscoveryItem2);
when(mDiscoveryItem2.getTriggerId()).thenReturn(MODEL_ID2);
FastPairCacheManager fastPairCacheManager = new FastPairCacheManager(mContext);
fastPairCacheManager.saveDiscoveryItem(mDiscoveryItem);
-
- assertThat(fastPairCacheManager.getAllSavedStoreDiscoveryItem()).hasSize(2);
+ assertThat(fastPairCacheManager.getStoredDiscoveryItem(MODEL_ID).getAppName())
+ .isEqualTo(APP_NAME);
+ assertThat(fastPairCacheManager.getAllSavedStoreDiscoveryItem()).hasSize(1);
fastPairCacheManager.saveDiscoveryItem(mDiscoveryItem2);
-
- assertThat(fastPairCacheManager.getAllSavedStoreDiscoveryItem()).hasSize(3);
+ assertThat(fastPairCacheManager.getStoredDiscoveryItem(MODEL_ID2).getAppName())
+ .isEqualTo(APP_NAME);
+ assertThat(fastPairCacheManager.getAllSavedStoreDiscoveryItem()).hasSize(2);
+ fastPairCacheManager.cleanUp();
}
@Test
diff --git a/netd/Android.bp b/netd/Android.bp
index 5ac02d3..c731b8b 100644
--- a/netd/Android.bp
+++ b/netd/Android.bp
@@ -55,7 +55,8 @@
cc_test {
name: "netd_updatable_unit_test",
defaults: ["netd_defaults"],
- test_suites: ["general-tests"],
+ test_suites: ["general-tests", "mts-tethering"],
+ test_config_template: ":net_native_test_config_template",
require_root: true, // required by setrlimitForTest()
header_libs: [
"bpf_connectivity_headers",
@@ -72,6 +73,7 @@
"liblog",
"libnetdutils",
],
+ compile_multilib: "both",
multilib: {
lib32: {
suffix: "32",
diff --git a/netd/BpfHandler.cpp b/netd/BpfHandler.cpp
index 6ae26c3..3f7ed2a 100644
--- a/netd/BpfHandler.cpp
+++ b/netd/BpfHandler.cpp
@@ -64,6 +64,16 @@
return netdutils::status::ok;
}
+static Status checkProgramAccessible(const char* programPath) {
+ unique_fd prog(retrieveProgram(programPath));
+ if (prog == -1) {
+ int ret = errno;
+ ALOGE("Failed to get program from %s: %s", programPath, strerror(ret));
+ return statusFromErrno(ret, "program retrieve failed");
+ }
+ return netdutils::status::ok;
+}
+
static Status initPrograms(const char* cg2_path) {
unique_fd cg_fd(open(cg2_path, O_DIRECTORY | O_RDONLY | O_CLOEXEC));
if (cg_fd == -1) {
@@ -71,18 +81,13 @@
ALOGE("Failed to open the cgroup directory: %s", strerror(ret));
return statusFromErrno(ret, "Open the cgroup directory failed");
}
+ RETURN_IF_NOT_OK(checkProgramAccessible(XT_BPF_ALLOWLIST_PROG_PATH));
+ RETURN_IF_NOT_OK(checkProgramAccessible(XT_BPF_DENYLIST_PROG_PATH));
+ RETURN_IF_NOT_OK(checkProgramAccessible(XT_BPF_EGRESS_PROG_PATH));
+ RETURN_IF_NOT_OK(checkProgramAccessible(XT_BPF_INGRESS_PROG_PATH));
RETURN_IF_NOT_OK(attachProgramToCgroup(BPF_EGRESS_PROG_PATH, cg_fd, BPF_CGROUP_INET_EGRESS));
RETURN_IF_NOT_OK(attachProgramToCgroup(BPF_INGRESS_PROG_PATH, cg_fd, BPF_CGROUP_INET_INGRESS));
-
- // For the devices that support cgroup socket filter, the socket filter
- // should be loaded successfully by bpfloader. So we attach the filter to
- // cgroup if the program is pinned properly.
- // TODO: delete the if statement once all devices should support cgroup
- // socket filter (ie. the minimum kernel version required is 4.14).
- if (!access(CGROUP_SOCKET_PROG_PATH, F_OK)) {
- RETURN_IF_NOT_OK(
- attachProgramToCgroup(CGROUP_SOCKET_PROG_PATH, cg_fd, BPF_CGROUP_INET_SOCK_CREATE));
- }
+ RETURN_IF_NOT_OK(attachProgramToCgroup(CGROUP_SOCKET_PROG_PATH, cg_fd, BPF_CGROUP_INET_SOCK_CREATE));
return netdutils::status::ok;
}
@@ -105,12 +110,13 @@
}
Status BpfHandler::initMaps() {
- std::lock_guard guard(mMutex);
- RETURN_IF_NOT_OK(mCookieTagMap.init(COOKIE_TAG_MAP_PATH));
RETURN_IF_NOT_OK(mStatsMapA.init(STATS_MAP_A_PATH));
RETURN_IF_NOT_OK(mStatsMapB.init(STATS_MAP_B_PATH));
RETURN_IF_NOT_OK(mConfigurationMap.init(CONFIGURATION_MAP_PATH));
RETURN_IF_NOT_OK(mUidPermissionMap.init(UID_PERMISSION_MAP_PATH));
+ // initialized last so mCookieTagMap.isValid() implies everything else is valid too
+ RETURN_IF_NOT_OK(mCookieTagMap.init(COOKIE_TAG_MAP_PATH));
+ ALOGI("%s successfully", __func__);
return netdutils::status::ok;
}
@@ -127,19 +133,16 @@
}
int BpfHandler::tagSocket(int sockFd, uint32_t tag, uid_t chargeUid, uid_t realUid) {
- std::lock_guard guard(mMutex);
- if (chargeUid != realUid && !hasUpdateDeviceStatsPermission(realUid)) {
- return -EPERM;
- }
+ if (!mCookieTagMap.isValid()) return -EPERM;
+
+ if (chargeUid != realUid && !hasUpdateDeviceStatsPermission(realUid)) return -EPERM;
// Note that tagging the socket to AID_CLAT is only implemented in JNI ClatCoordinator.
// The process is not allowed to tag socket to AID_CLAT via tagSocket() which would cause
// process data usage accounting to be bypassed. Tagging AID_CLAT is used for avoiding counting
// CLAT traffic data usage twice. See packages/modules/Connectivity/service/jni/
// com_android_server_connectivity_ClatCoordinator.cpp
- if (chargeUid == AID_CLAT) {
- return -EPERM;
- }
+ if (chargeUid == AID_CLAT) return -EPERM;
// The socket destroy listener only monitors on the group {INET_TCP, INET_UDP, INET6_TCP,
// INET6_UDP}. Tagging listener unsupported socket causes that the tag can't be removed from
@@ -174,15 +177,16 @@
uint64_t sock_cookie = getSocketCookie(sockFd);
if (sock_cookie == NONEXISTENT_COOKIE) return -errno;
+
UidTagValue newKey = {.uid = (uint32_t)chargeUid, .tag = tag};
uint32_t totalEntryCount = 0;
uint32_t perUidEntryCount = 0;
// Now we go through the stats map and count how many entries are associated
// with chargeUid. If the uid entry hit the limit for each chargeUid, we block
- // the request to prevent the map from overflow. It is safe here to iterate
- // over the map since when mMutex is hold, system server cannot toggle
- // the live stats map and clean it. So nobody can delete entries from the map.
+ // the request to prevent the map from overflow. Note though that it isn't really
+ // safe here to iterate over the map since it might be modified by the system server,
+ // which might toggle the live stats map and clean it.
const auto countUidStatsEntries = [chargeUid, &totalEntryCount, &perUidEntryCount](
const StatsKey& key,
const BpfMap<StatsKey, StatsValue>&) {
@@ -222,9 +226,9 @@
}
// Update the tag information of a socket to the cookieUidMap. Use BPF_ANY
// flag so it will insert a new entry to the map if that value doesn't exist
- // yet. And update the tag if there is already a tag stored. Since the eBPF
+ // yet and update the tag if there is already a tag stored. Since the eBPF
// program in kernel only read this map, and is protected by rcu read lock. It
- // should be fine to cocurrently update the map while eBPF program is running.
+ // should be fine to concurrently update the map while eBPF program is running.
res = mCookieTagMap.writeValue(sock_cookie, newKey, BPF_ANY);
if (!res.ok()) {
ALOGE("Failed to tag the socket: %s, fd: %d", strerror(res.error().code()),
@@ -235,13 +239,13 @@
}
int BpfHandler::untagSocket(int sockFd) {
- std::lock_guard guard(mMutex);
uint64_t sock_cookie = getSocketCookie(sockFd);
-
if (sock_cookie == NONEXISTENT_COOKIE) return -errno;
+
+ if (!mCookieTagMap.isValid()) return -EPERM;
base::Result<void> res = mCookieTagMap.deleteValue(sock_cookie);
if (!res.ok()) {
- ALOGE("Failed to untag socket: %s\n", strerror(res.error().code()));
+ ALOGE("Failed to untag socket: %s", strerror(res.error().code()));
return -res.error().code();
}
return 0;
diff --git a/netd/BpfHandler.h b/netd/BpfHandler.h
index 5ee04d1..925a725 100644
--- a/netd/BpfHandler.h
+++ b/netd/BpfHandler.h
@@ -16,8 +16,6 @@
#pragma once
-#include <mutex>
-
#include <netdutils/Status.h>
#include "bpf/BpfMap.h"
#include "bpf_shared.h"
@@ -66,8 +64,6 @@
BpfMapRO<uint32_t, uint32_t> mConfigurationMap;
BpfMap<uint32_t, uint8_t> mUidPermissionMap;
- std::mutex mMutex;
-
// The limit on the number of stats entries a uid can have in the per uid stats map. BpfHandler
// will block that specific uid from tagging new sockets after the limit is reached.
const uint32_t mPerUidStatsEntriesLimit;
diff --git a/netd/BpfHandlerTest.cpp b/netd/BpfHandlerTest.cpp
index a031dbb..f5c9a68 100644
--- a/netd/BpfHandlerTest.cpp
+++ b/netd/BpfHandlerTest.cpp
@@ -21,7 +21,7 @@
#include <gtest/gtest.h>
-#define TEST_BPF_MAP
+#define BPF_MAP_MAKE_VISIBLE_FOR_TESTING
#include "BpfHandler.h"
using namespace android::bpf; // NOLINT(google-build-using-namespace): exempted
@@ -53,7 +53,6 @@
BpfMap<uint32_t, uint8_t> mFakeUidPermissionMap;
void SetUp() {
- std::lock_guard guard(mBh.mMutex);
ASSERT_EQ(0, setrlimitForTest());
mFakeCookieTagMap.resetMap(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE);
@@ -65,7 +64,7 @@
mFakeConfigurationMap.resetMap(BPF_MAP_TYPE_ARRAY, CONFIGURATION_MAP_SIZE);
ASSERT_VALID(mFakeConfigurationMap);
- mFakeUidPermissionMap.resetMap(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE, 0);
+ mFakeUidPermissionMap.resetMap(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE);
ASSERT_VALID(mFakeUidPermissionMap);
mBh.mCookieTagMap = mFakeCookieTagMap;
diff --git a/netd/NetdUpdatable.cpp b/netd/NetdUpdatable.cpp
index f0997fc..41b1fdb 100644
--- a/netd/NetdUpdatable.cpp
+++ b/netd/NetdUpdatable.cpp
@@ -16,19 +16,20 @@
#define LOG_TAG "NetdUpdatable"
-#include "NetdUpdatable.h"
+#include "BpfHandler.h"
#include <android-base/logging.h>
#include <netdutils/Status.h>
#include "NetdUpdatablePublic.h"
+static android::net::BpfHandler sBpfHandler;
+
int libnetd_updatable_init(const char* cg2_path) {
android::base::InitLogging(/*argv=*/nullptr);
LOG(INFO) << __func__ << ": Initializing";
- android::net::gNetdUpdatable = android::net::NetdUpdatable::getInstance();
- android::netdutils::Status ret = android::net::gNetdUpdatable->mBpfHandler.init(cg2_path);
+ android::netdutils::Status ret = sBpfHandler.init(cg2_path);
if (!android::netdutils::isOk(ret)) {
LOG(ERROR) << __func__ << ": BPF handler init failed";
return -ret.code();
@@ -37,25 +38,9 @@
}
int libnetd_updatable_tagSocket(int sockFd, uint32_t tag, uid_t chargeUid, uid_t realUid) {
- if (android::net::gNetdUpdatable == nullptr) return -EPERM;
- return android::net::gNetdUpdatable->mBpfHandler.tagSocket(sockFd, tag, chargeUid, realUid);
+ return sBpfHandler.tagSocket(sockFd, tag, chargeUid, realUid);
}
int libnetd_updatable_untagSocket(int sockFd) {
- if (android::net::gNetdUpdatable == nullptr) return -EPERM;
- return android::net::gNetdUpdatable->mBpfHandler.untagSocket(sockFd);
+ return sBpfHandler.untagSocket(sockFd);
}
-
-namespace android {
-namespace net {
-
-NetdUpdatable* gNetdUpdatable = nullptr;
-
-NetdUpdatable* NetdUpdatable::getInstance() {
- // Instantiated on first use.
- static NetdUpdatable instance;
- return &instance;
-}
-
-} // namespace net
-} // namespace android
diff --git a/netd/NetdUpdatable.h b/netd/NetdUpdatable.h
deleted file mode 100644
index 333037f..0000000
--- a/netd/NetdUpdatable.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Copyright (c) 2022, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#pragma once
-
-#include "BpfHandler.h"
-
-namespace android {
-namespace net {
-
-class NetdUpdatable {
- public:
- NetdUpdatable() = default;
- NetdUpdatable(const NetdUpdatable&) = delete;
- NetdUpdatable& operator=(const NetdUpdatable&) = delete;
- static NetdUpdatable* getInstance();
-
- BpfHandler mBpfHandler;
-};
-
-extern NetdUpdatable* gNetdUpdatable;
-
-} // namespace net
-} // namespace android
\ No newline at end of file
diff --git a/service-t/jni/com_android_server_net_NetworkStatsFactory.cpp b/service-t/jni/com_android_server_net_NetworkStatsFactory.cpp
index 8b6526f..a3299a7 100644
--- a/service-t/jni/com_android_server_net_NetworkStatsFactory.cpp
+++ b/service-t/jni/com_android_server_net_NetworkStatsFactory.cpp
@@ -93,118 +93,6 @@
return env->NewLongArray(size);
}
-static int legacyReadNetworkStatsDetail(std::vector<stats_line>* lines,
- const std::vector<std::string>& limitIfaces,
- int limitTag, int limitUid, const char* path) {
- FILE* fp = fopen(path, "re");
- if (fp == NULL) {
- return -1;
- }
-
- int lastIdx = 1;
- int idx;
- char buffer[384];
- while (fgets(buffer, sizeof(buffer), fp) != NULL) {
- stats_line s;
- int64_t rawTag;
- char* pos = buffer;
- char* endPos;
- // First field is the index.
- idx = (int)strtol(pos, &endPos, 10);
- //ALOGI("Index #%d: %s", idx, buffer);
- if (pos == endPos) {
- // Skip lines that don't start with in index. In particular,
- // this will skip the initial header line.
- continue;
- }
- if (idx != lastIdx + 1) {
- ALOGE("inconsistent idx=%d after lastIdx=%d: %s", idx, lastIdx, buffer);
- fclose(fp);
- return -1;
- }
- lastIdx = idx;
- pos = endPos;
- // Skip whitespace.
- while (*pos == ' ') {
- pos++;
- }
- // Next field is iface.
- int ifaceIdx = 0;
- while (*pos != ' ' && *pos != 0 && ifaceIdx < (int)(sizeof(s.iface)-1)) {
- s.iface[ifaceIdx] = *pos;
- ifaceIdx++;
- pos++;
- }
- if (*pos != ' ') {
- ALOGE("bad iface: %s", buffer);
- fclose(fp);
- return -1;
- }
- s.iface[ifaceIdx] = 0;
- if (limitIfaces.size() > 0) {
- // Is this an iface the caller is interested in?
- int i = 0;
- while (i < (int)limitIfaces.size()) {
- if (limitIfaces[i] == s.iface) {
- break;
- }
- i++;
- }
- if (i >= (int)limitIfaces.size()) {
- // Nothing matched; skip this line.
- //ALOGI("skipping due to iface: %s", buffer);
- continue;
- }
- }
-
- // Ignore whitespace
- while (*pos == ' ') pos++;
-
- // Find end of tag field
- endPos = pos;
- while (*endPos != ' ') endPos++;
-
- // Three digit field is always 0x0, otherwise parse
- if (endPos - pos == 3) {
- rawTag = 0;
- } else {
- if (sscanf(pos, "%" PRIx64, &rawTag) != 1) {
- ALOGE("bad tag: %s", pos);
- fclose(fp);
- return -1;
- }
- }
- s.tag = rawTag >> 32;
- if (limitTag != -1 && s.tag != static_cast<uint32_t>(limitTag)) {
- //ALOGI("skipping due to tag: %s", buffer);
- continue;
- }
- pos = endPos;
-
- // Ignore whitespace
- while (*pos == ' ') pos++;
-
- // Parse remaining fields.
- if (sscanf(pos, "%u %u %" PRIu64 " %" PRIu64 " %" PRIu64 " %" PRIu64,
- &s.uid, &s.set, &s.rxBytes, &s.rxPackets,
- &s.txBytes, &s.txPackets) == 6) {
- if (limitUid != -1 && static_cast<uint32_t>(limitUid) != s.uid) {
- //ALOGI("skipping due to uid: %s", buffer);
- continue;
- }
- lines->push_back(s);
- } else {
- //ALOGI("skipping due to bad remaining fields: %s", pos);
- }
- }
-
- if (fclose(fp) != 0) {
- ALOGE("Failed to close netstats file");
- return -1;
- }
- return 0;
-}
-
static int statsLinesToNetworkStats(JNIEnv* env, jclass clazz, jobject stats,
std::vector<stats_line>& lines) {
int size = lines.size();
@@ -282,9 +170,8 @@
return 0;
}
-static int readNetworkStatsDetail(JNIEnv* env, jclass clazz, jobject stats, jstring path,
- jint limitUid, jobjectArray limitIfacesObj, jint limitTag,
- jboolean useBpfStats) {
+static int readNetworkStatsDetail(JNIEnv* env, jclass clazz, jobject stats, jint limitUid,
+ jobjectArray limitIfacesObj, jint limitTag) {
std::vector<std::string> limitIfaces;
if (limitIfacesObj != NULL && env->GetArrayLength(limitIfacesObj) > 0) {
@@ -299,20 +186,8 @@
}
std::vector<stats_line> lines;
-
- if (useBpfStats) {
- if (parseBpfNetworkStatsDetail(&lines, limitIfaces, limitTag, limitUid) < 0)
- return -1;
- } else {
- ScopedUtfChars path8(env, path);
- if (path8.c_str() == NULL) {
- ALOGE("the qtaguid legacy path is invalid: %s", path8.c_str());
- return -1;
- }
- if (legacyReadNetworkStatsDetail(&lines, limitIfaces, limitTag,
- limitUid, path8.c_str()) < 0)
- return -1;
- }
+ if (parseBpfNetworkStatsDetail(&lines, limitIfaces, limitTag, limitUid) < 0)
+ return -1;
return statsLinesToNetworkStats(env, clazz, stats, lines);
}
@@ -328,7 +203,7 @@
static const JNINativeMethod gMethods[] = {
{ "nativeReadNetworkStatsDetail",
- "(Landroid/net/NetworkStats;Ljava/lang/String;I[Ljava/lang/String;IZ)I",
+ "(Landroid/net/NetworkStats;I[Ljava/lang/String;I)I",
(void*) readNetworkStatsDetail },
{ "nativeReadNetworkStatsDev", "(Landroid/net/NetworkStats;)I",
(void*) readNetworkStatsDev },
diff --git a/service-t/native/libs/libnetworkstats/Android.bp b/service-t/native/libs/libnetworkstats/Android.bp
index bf56fd5..5b3d314 100644
--- a/service-t/native/libs/libnetworkstats/Android.bp
+++ b/service-t/native/libs/libnetworkstats/Android.bp
@@ -48,7 +48,8 @@
cc_test {
name: "libnetworkstats_test",
- test_suites: ["general-tests"],
+ test_suites: ["general-tests", "mts-tethering"],
+ test_config_template: ":net_native_test_config_template",
require_root: true, // required by setrlimitForTest()
header_libs: ["bpf_connectivity_headers"],
srcs: [
@@ -68,4 +69,13 @@
"libbase",
"liblog",
],
+ compile_multilib: "both",
+ multilib: {
+ lib32: {
+ suffix: "32",
+ },
+ lib64: {
+ suffix: "64",
+ },
+ },
}
diff --git a/service-t/native/libs/libnetworkstats/BpfNetworkStats.cpp b/service-t/native/libs/libnetworkstats/BpfNetworkStats.cpp
index 9ebef4d..28de881 100644
--- a/service-t/native/libs/libnetworkstats/BpfNetworkStats.cpp
+++ b/service-t/native/libs/libnetworkstats/BpfNetworkStats.cpp
@@ -40,10 +40,6 @@
using base::Result;
-// The target map for stats reading should be the inactive map, which is opposite
-// from the config value.
-static constexpr char const* STATS_MAP_PATH[] = {STATS_MAP_B_PATH, STATS_MAP_A_PATH};
-
int bpfGetUidStatsInternal(uid_t uid, Stats* stats,
const BpfMap<uint32_t, StatsValue>& appUidStatsMap) {
auto statsEntry = appUidStatsMap.readValue(uid);
@@ -58,13 +54,7 @@
}
int bpfGetUidStats(uid_t uid, Stats* stats) {
- BpfMapRO<uint32_t, StatsValue> appUidStatsMap(APP_UID_STATS_MAP_PATH);
-
- if (!appUidStatsMap.isValid()) {
- int ret = -errno;
- ALOGE("Opening appUidStatsMap(%s) failed: %s", APP_UID_STATS_MAP_PATH, strerror(errno));
- return ret;
- }
+ static BpfMapRO<uint32_t, StatsValue> appUidStatsMap(APP_UID_STATS_MAP_PATH);
return bpfGetUidStatsInternal(uid, stats, appUidStatsMap);
}
@@ -100,19 +90,8 @@
}
int bpfGetIfaceStats(const char* iface, Stats* stats) {
- BpfMapRO<uint32_t, StatsValue> ifaceStatsMap(IFACE_STATS_MAP_PATH);
- int ret;
- if (!ifaceStatsMap.isValid()) {
- ret = -errno;
- ALOGE("get ifaceStats map fd failed: %s", strerror(errno));
- return ret;
- }
- BpfMapRO<uint32_t, IfaceValue> ifaceIndexNameMap(IFACE_INDEX_NAME_MAP_PATH);
- if (!ifaceIndexNameMap.isValid()) {
- ret = -errno;
- ALOGE("get ifaceIndexName map fd failed: %s", strerror(errno));
- return ret;
- }
+ static BpfMapRO<uint32_t, StatsValue> ifaceStatsMap(IFACE_STATS_MAP_PATH);
+ static BpfMapRO<uint32_t, IfaceValue> ifaceIndexNameMap(IFACE_INDEX_NAME_MAP_PATH);
return bpfGetIfaceStatsInternal(iface, stats, ifaceStatsMap, ifaceIndexNameMap);
}
@@ -186,43 +165,44 @@
int parseBpfNetworkStatsDetail(std::vector<stats_line>* lines,
const std::vector<std::string>& limitIfaces, int limitTag,
int limitUid) {
- BpfMapRO<uint32_t, IfaceValue> ifaceIndexNameMap(IFACE_INDEX_NAME_MAP_PATH);
- if (!ifaceIndexNameMap.isValid()) {
- int ret = -errno;
- ALOGE("get ifaceIndexName map fd failed: %s", strerror(errno));
- return ret;
- }
-
- BpfMapRO<uint32_t, uint32_t> configurationMap(CONFIGURATION_MAP_PATH);
- if (!configurationMap.isValid()) {
- int ret = -errno;
- ALOGE("get configuration map fd failed: %s", strerror(errno));
- return ret;
- }
+ static BpfMapRO<uint32_t, IfaceValue> ifaceIndexNameMap(IFACE_INDEX_NAME_MAP_PATH);
+ static BpfMapRO<uint32_t, uint32_t> configurationMap(CONFIGURATION_MAP_PATH);
+ static BpfMap<StatsKey, StatsValue> statsMapA(STATS_MAP_A_PATH);
+ static BpfMap<StatsKey, StatsValue> statsMapB(STATS_MAP_B_PATH);
auto configuration = configurationMap.readValue(CURRENT_STATS_MAP_CONFIGURATION_KEY);
if (!configuration.ok()) {
ALOGE("Cannot read the old configuration from map: %s",
configuration.error().message().c_str());
return -configuration.error().code();
}
- const char* statsMapPath = STATS_MAP_PATH[configuration.value()];
- BpfMap<StatsKey, StatsValue> statsMap(statsMapPath);
- if (!statsMap.isValid()) {
- int ret = -errno;
- ALOGE("get stats map fd failed: %s, path: %s", strerror(errno), statsMapPath);
- return ret;
+ // The target map for stats reading should be the inactive map, which is opposite
+ // from the config value.
+ BpfMap<StatsKey, StatsValue> *inactiveStatsMap;
+ switch (configuration.value()) {
+ case SELECT_MAP_A:
+ inactiveStatsMap = &statsMapB;
+ break;
+ case SELECT_MAP_B:
+ inactiveStatsMap = &statsMapA;
+ break;
+ default:
+ ALOGE("%s unknown configuration value: %d", __func__, configuration.value());
+ return -EINVAL;
}
// It is safe to read and clear the old map now since the
// networkStatsFactory should call netd to swap the map in advance already.
- int ret = parseBpfNetworkStatsDetailInternal(lines, limitIfaces, limitTag, limitUid, statsMap,
- ifaceIndexNameMap);
+ // TODO: the above comment feels like it may be obsolete / out of date,
+ // since we no longer swap the map via netd binder rpc - though we do
+ // still swap it.
+ int ret = parseBpfNetworkStatsDetailInternal(lines, limitIfaces, limitTag, limitUid,
+ *inactiveStatsMap, ifaceIndexNameMap);
if (ret) {
ALOGE("parse detail network stats failed: %s", strerror(errno));
return ret;
}
- Result<void> res = statsMap.clear();
+ Result<void> res = inactiveStatsMap->clear();
if (!res.ok()) {
ALOGE("Clean up current stats map failed: %s", strerror(res.error().code()));
return -res.error().code();
@@ -262,20 +242,8 @@
}
int parseBpfNetworkStatsDev(std::vector<stats_line>* lines) {
- int ret = 0;
- BpfMapRO<uint32_t, IfaceValue> ifaceIndexNameMap(IFACE_INDEX_NAME_MAP_PATH);
- if (!ifaceIndexNameMap.isValid()) {
- ret = -errno;
- ALOGE("get ifaceIndexName map fd failed: %s", strerror(errno));
- return ret;
- }
-
- BpfMapRO<uint32_t, StatsValue> ifaceStatsMap(IFACE_STATS_MAP_PATH);
- if (!ifaceStatsMap.isValid()) {
- ret = -errno;
- ALOGE("get ifaceStats map fd failed: %s", strerror(errno));
- return ret;
- }
+ static BpfMapRO<uint32_t, IfaceValue> ifaceIndexNameMap(IFACE_INDEX_NAME_MAP_PATH);
+ static BpfMapRO<uint32_t, StatsValue> ifaceStatsMap(IFACE_STATS_MAP_PATH);
return parseBpfNetworkStatsDevInternal(lines, ifaceStatsMap, ifaceIndexNameMap);
}
diff --git a/service-t/native/libs/libnetworkstats/BpfNetworkStatsTest.cpp b/service-t/native/libs/libnetworkstats/BpfNetworkStatsTest.cpp
index 4974b96..6f9c8c2 100644
--- a/service-t/native/libs/libnetworkstats/BpfNetworkStatsTest.cpp
+++ b/service-t/native/libs/libnetworkstats/BpfNetworkStatsTest.cpp
@@ -33,6 +33,7 @@
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
+#define BPF_MAP_MAKE_VISIBLE_FOR_TESTING
#include "bpf/BpfMap.h"
#include "bpf/BpfUtils.h"
#include "netdbpf/BpfNetworkStats.h"
@@ -80,19 +81,19 @@
ASSERT_EQ(0, setrlimitForTest());
mFakeCookieTagMap = BpfMap<uint64_t, UidTagValue>(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE, 0);
- ASSERT_LE(0, mFakeCookieTagMap.getMap());
+ ASSERT_TRUE(mFakeCookieTagMap.isValid());
mFakeAppUidStatsMap = BpfMap<uint32_t, StatsValue>(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE, 0);
- ASSERT_LE(0, mFakeAppUidStatsMap.getMap());
+ ASSERT_TRUE(mFakeAppUidStatsMap.isValid());
mFakeStatsMap = BpfMap<StatsKey, StatsValue>(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE, 0);
- ASSERT_LE(0, mFakeStatsMap.getMap());
+ ASSERT_TRUE(mFakeStatsMap.isValid());
mFakeIfaceIndexNameMap = BpfMap<uint32_t, IfaceValue>(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE, 0);
- ASSERT_LE(0, mFakeIfaceIndexNameMap.getMap());
+ ASSERT_TRUE(mFakeIfaceIndexNameMap.isValid());
mFakeIfaceStatsMap = BpfMap<uint32_t, StatsValue>(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE, 0);
- ASSERT_LE(0, mFakeIfaceStatsMap.getMap());
+ ASSERT_TRUE(mFakeIfaceStatsMap.isValid());
}
void expectUidTag(uint64_t cookie, uid_t uid, uint32_t tag) {
diff --git a/service-t/src/com/android/server/IpSecService.java b/service-t/src/com/android/server/IpSecService.java
index 4bc40ea..16b9f1e 100644
--- a/service-t/src/com/android/server/IpSecService.java
+++ b/service-t/src/com/android/server/IpSecService.java
@@ -1452,6 +1452,11 @@
final ConnectivityManager connectivityManager =
mContext.getSystemService(ConnectivityManager.class);
final LinkProperties lp = connectivityManager.getLinkProperties(underlyingNetwork);
+ if (lp == null) {
+ throw new IllegalArgumentException(
+ "LinkProperties is null. The underlyingNetwork may not be functional");
+ }
+
if (tunnelInterfaceInfo.getInterfaceName().equals(lp.getInterfaceName())) {
throw new IllegalArgumentException(
"Underlying network cannot be the network being exposed by this tunnel");
diff --git a/service-t/src/com/android/server/NsdService.java b/service-t/src/com/android/server/NsdService.java
index 95e6114..1226eea 100644
--- a/service-t/src/com/android/server/NsdService.java
+++ b/service-t/src/com/android/server/NsdService.java
@@ -21,7 +21,6 @@
import android.content.Context;
import android.content.Intent;
-import android.content.pm.PackageManager;
import android.net.ConnectivityManager;
import android.net.INetd;
import android.net.LinkProperties;
@@ -51,6 +50,7 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.util.State;
import com.android.internal.util.StateMachine;
+import com.android.net.module.util.PermissionUtils;
import java.io.FileDescriptor;
import java.io.PrintWriter;
@@ -101,7 +101,6 @@
private class NsdStateMachine extends StateMachine {
private final DefaultState mDefaultState = new DefaultState();
- private final DisabledState mDisabledState = new DisabledState();
private final EnabledState mEnabledState = new EnabledState();
@Override
@@ -152,7 +151,6 @@
NsdStateMachine(String name, Handler handler) {
super(name, handler);
addState(mDefaultState);
- addState(mDisabledState, mDefaultState);
addState(mEnabledState, mDefaultState);
State initialState = mEnabledState;
setInitialState(initialState);
@@ -250,25 +248,6 @@
}
}
- class DisabledState extends State {
- @Override
- public void enter() {
- sendNsdStateChangeBroadcast(false);
- }
-
- @Override
- public boolean processMessage(Message msg) {
- switch (msg.what) {
- case NsdManager.ENABLE:
- transitionTo(mEnabledState);
- break;
- default:
- return NOT_HANDLED;
- }
- return HANDLED;
- }
- }
-
class EnabledState extends State {
@Override
public void enter() {
@@ -312,14 +291,17 @@
final int clientId = msg.arg2;
final ListenerArgs args;
switch (msg.what) {
- case NsdManager.DISABLE:
- //TODO: cleanup clients
- transitionTo(mDisabledState);
- break;
case NsdManager.DISCOVER_SERVICES:
if (DBG) Log.d(TAG, "Discover services");
args = (ListenerArgs) msg.obj;
clientInfo = mClients.get(args.connector);
+ // If the binder death notification for a INsdManagerCallback was received
+ // before any calls are received by NsdService, the clientInfo would be
+ // cleared and cause NPE. Add a null check here to prevent this corner case.
+ if (clientInfo == null) {
+ Log.e(TAG, "Unknown connector in discovery");
+ break;
+ }
if (requestLimitReached(clientInfo)) {
clientInfo.onDiscoverServicesFailed(
@@ -346,6 +328,13 @@
if (DBG) Log.d(TAG, "Stop service discovery");
args = (ListenerArgs) msg.obj;
clientInfo = mClients.get(args.connector);
+ // If the binder death notification for a INsdManagerCallback was received
+ // before any calls are received by NsdService, the clientInfo would be
+ // cleared and cause NPE. Add a null check here to prevent this corner case.
+ if (clientInfo == null) {
+ Log.e(TAG, "Unknown connector in stop discovery");
+ break;
+ }
try {
id = clientInfo.mClientIds.get(clientId);
@@ -366,6 +355,14 @@
if (DBG) Log.d(TAG, "Register service");
args = (ListenerArgs) msg.obj;
clientInfo = mClients.get(args.connector);
+ // If the binder death notification for a INsdManagerCallback was received
+ // before any calls are received by NsdService, the clientInfo would be
+ // cleared and cause NPE. Add a null check here to prevent this corner case.
+ if (clientInfo == null) {
+ Log.e(TAG, "Unknown connector in registration");
+ break;
+ }
+
if (requestLimitReached(clientInfo)) {
clientInfo.onRegisterServiceFailed(
clientId, NsdManager.FAILURE_MAX_LIMIT);
@@ -388,6 +385,9 @@
if (DBG) Log.d(TAG, "unregister service");
args = (ListenerArgs) msg.obj;
clientInfo = mClients.get(args.connector);
+ // If the binder death notification for a INsdManagerCallback was received
+ // before any calls are received by NsdService, the clientInfo would be
+ // cleared and cause NPE. Add a null check here to prevent this corner case.
if (clientInfo == null) {
Log.e(TAG, "Unknown connector in unregistration");
break;
@@ -405,6 +405,13 @@
if (DBG) Log.d(TAG, "Resolve service");
args = (ListenerArgs) msg.obj;
clientInfo = mClients.get(args.connector);
+ // If the binder death notification for a INsdManagerCallback was received
+ // before any calls are received by NsdService, the clientInfo would be
+ // cleared and cause NPE. Add a null check here to prevent this corner case.
+ if (clientInfo == null) {
+ Log.e(TAG, "Unknown connector in resolution");
+ break;
+ }
if (clientInfo.mResolvedService != null) {
clientInfo.onResolveServiceFailed(
@@ -886,12 +893,7 @@
@Override
public void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
- if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)
- != PackageManager.PERMISSION_GRANTED) {
- pw.println("Permission Denial: can't dump " + TAG
- + " due to missing android.permission.DUMP permission");
- return;
- }
+ if (!PermissionUtils.checkDumpPermission(mContext, TAG, pw)) return;
for (ClientInfo client : mClients.values()) {
pw.println("Client Info");
diff --git a/service-t/src/com/android/server/ethernet/EthernetCallback.java b/service-t/src/com/android/server/ethernet/EthernetCallback.java
new file mode 100644
index 0000000..5461156
--- /dev/null
+++ b/service-t/src/com/android/server/ethernet/EthernetCallback.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.ethernet;
+
+import android.net.EthernetNetworkManagementException;
+import android.net.INetworkInterfaceOutcomeReceiver;
+import android.os.RemoteException;
+import android.util.Log;
+
+import com.android.internal.annotations.VisibleForTesting;
+
+/** Convenience wrapper for INetworkInterfaceOutcomeReceiver */
+@VisibleForTesting
+public class EthernetCallback {
+ private static final String TAG = EthernetCallback.class.getSimpleName();
+ private final INetworkInterfaceOutcomeReceiver mReceiver;
+
+ public EthernetCallback(INetworkInterfaceOutcomeReceiver receiver) {
+ mReceiver = receiver;
+ }
+
+ /** Calls INetworkInterfaceOutcomeReceiver#onResult */
+ public void onResult(String ifname) {
+ try {
+ if (mReceiver != null) {
+ mReceiver.onResult(ifname);
+ }
+ } catch (RemoteException e) {
+ Log.e(TAG, "Failed to report error to OutcomeReceiver", e);
+ }
+ }
+
+ /** Calls INetworkInterfaceOutcomeReceiver#onError */
+ public void onError(String msg) {
+ try {
+ if (mReceiver != null) {
+ mReceiver.onError(new EthernetNetworkManagementException(msg));
+ }
+ } catch (RemoteException e) {
+ Log.e(TAG, "Failed to report error to OutcomeReceiver", e);
+ }
+ }
+}
diff --git a/service-t/src/com/android/server/ethernet/EthernetConfigStore.java b/service-t/src/com/android/server/ethernet/EthernetConfigStore.java
index 6006539..156b526 100644
--- a/service-t/src/com/android/server/ethernet/EthernetConfigStore.java
+++ b/service-t/src/com/android/server/ethernet/EthernetConfigStore.java
@@ -18,7 +18,6 @@
import static com.android.net.module.util.DeviceConfigUtils.TETHERING_MODULE_NAME;
-import android.annotation.Nullable;
import android.content.ApexEnvironment;
import android.net.IpConfiguration;
import android.os.Environment;
@@ -47,7 +46,6 @@
private IpConfigStore mStore = new IpConfigStore();
private final ArrayMap<String, IpConfiguration> mIpConfigurations;
- private IpConfiguration mIpConfigurationForDefaultInterface;
private final Object mSync = new Object();
public EthernetConfigStore() {
@@ -107,12 +105,21 @@
}
private void loadConfigFileLocked(final String filepath) {
+ // readIpConfigurations can return null when the version is invalid.
final ArrayMap<String, IpConfiguration> configs =
IpConfigStore.readIpConfigurations(filepath);
+ if (configs == null) {
+ Log.e(TAG, "IpConfigStore#readIpConfigurations() returned null");
+ return;
+ }
mIpConfigurations.putAll(configs);
}
public void write(String iface, IpConfiguration config) {
+ final File directory = new File(APEX_IP_CONFIG_FILE_PATH);
+ if (!directory.exists()) {
+ directory.mkdirs();
+ }
write(iface, config, APEX_IP_CONFIG_FILE_PATH + CONFIG_FILE);
}
@@ -139,9 +146,4 @@
return new ArrayMap<>(mIpConfigurations);
}
}
-
- @Nullable
- public IpConfiguration getIpConfigurationForDefaultInterface() {
- return null;
- }
}
diff --git a/service-t/src/com/android/server/ethernet/EthernetNetworkFactory.java b/service-t/src/com/android/server/ethernet/EthernetNetworkFactory.java
index c4ea9ae..2196bf8 100644
--- a/service-t/src/com/android/server/ethernet/EthernetNetworkFactory.java
+++ b/service-t/src/com/android/server/ethernet/EthernetNetworkFactory.java
@@ -22,9 +22,7 @@
import android.net.ConnectivityManager;
import android.net.ConnectivityResources;
import android.net.EthernetManager;
-import android.net.EthernetNetworkManagementException;
import android.net.EthernetNetworkSpecifier;
-import android.net.INetworkInterfaceOutcomeReceiver;
import android.net.IpConfiguration;
import android.net.IpConfiguration.IpAssignment;
import android.net.IpConfiguration.ProxySettings;
@@ -42,7 +40,6 @@
import android.os.ConditionVariable;
import android.os.Handler;
import android.os.Looper;
-import android.os.RemoteException;
import android.text.TextUtils;
import android.util.AndroidRuntimeException;
import android.util.ArraySet;
@@ -60,7 +57,9 @@
import java.util.concurrent.ConcurrentHashMap;
/**
- * {@link NetworkProvider} that manages NetworkOffers for Ethernet networks.
+ * Class that manages NetworkOffers for Ethernet networks.
+ *
+ * TODO: this class should be merged into EthernetTracker.
*/
public class EthernetNetworkFactory {
private final static String TAG = EthernetNetworkFactory.class.getSimpleName();
@@ -188,22 +187,19 @@
* {@code null} is passed, then the network's current
* {@link NetworkCapabilities} will be used in support of existing APIs as
* the public API does not allow this.
- * @param listener an optional {@link INetworkInterfaceOutcomeReceiver} to notify callers of
- * completion.
*/
@VisibleForTesting(visibility = VisibleForTesting.Visibility.PACKAGE)
protected void updateInterface(@NonNull final String ifaceName,
@Nullable final IpConfiguration ipConfig,
- @Nullable final NetworkCapabilities capabilities,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
+ @Nullable final NetworkCapabilities capabilities) {
if (!hasInterface(ifaceName)) {
- maybeSendNetworkManagementCallbackForUntracked(ifaceName, listener);
return;
}
final NetworkInterfaceState iface = mTrackingInterfaces.get(ifaceName);
- iface.updateInterface(ipConfig, capabilities, listener);
+ iface.updateInterface(ipConfig, capabilities);
mTrackingInterfaces.put(ifaceName, iface);
+ return;
}
private static NetworkCapabilities mixInCapabilities(NetworkCapabilities nc,
@@ -221,19 +217,23 @@
}
@VisibleForTesting(visibility = VisibleForTesting.Visibility.PACKAGE)
- protected void removeInterface(String interfaceName) {
+ protected boolean removeInterface(String interfaceName) {
NetworkInterfaceState iface = mTrackingInterfaces.remove(interfaceName);
if (iface != null) {
- iface.destroy();
+ iface.unregisterNetworkOfferAndStop();
+ return true;
}
+ // TODO(b/236892130): if an interface is currently in server mode, it may not be properly
+ // removed.
+ // TODO: when false is returned, do not send a STATE_ABSENT callback.
+ Log.w(TAG, interfaceName + " is not tracked and cannot be removed");
+ return false;
}
/** Returns true if state has been modified */
@VisibleForTesting(visibility = VisibleForTesting.Visibility.PACKAGE)
- protected boolean updateInterfaceLinkState(@NonNull final String ifaceName, final boolean up,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
+ protected boolean updateInterfaceLinkState(@NonNull final String ifaceName, final boolean up) {
if (!hasInterface(ifaceName)) {
- maybeSendNetworkManagementCallbackForUntracked(ifaceName, listener);
return false;
}
@@ -242,14 +242,7 @@
}
NetworkInterfaceState iface = mTrackingInterfaces.get(ifaceName);
- return iface.updateLinkState(up, listener);
- }
-
- private void maybeSendNetworkManagementCallbackForUntracked(
- String ifaceName, INetworkInterfaceOutcomeReceiver listener) {
- maybeSendNetworkManagementCallback(listener, null,
- new EthernetNetworkManagementException(
- ifaceName + " can't be updated as it is not available."));
+ return iface.updateLinkState(up);
}
@VisibleForTesting
@@ -257,25 +250,6 @@
return mTrackingInterfaces.containsKey(ifaceName);
}
- private static void maybeSendNetworkManagementCallback(
- @Nullable final INetworkInterfaceOutcomeReceiver listener,
- @Nullable final String iface,
- @Nullable final EthernetNetworkManagementException e) {
- if (null == listener) {
- return;
- }
-
- try {
- if (iface != null) {
- listener.onResult(iface);
- } else {
- listener.onError(e);
- }
- } catch (RemoteException re) {
- Log.e(TAG, "Can't send onComplete for network management callback", re);
- }
- }
-
@VisibleForTesting
static class NetworkInterfaceState {
final String name;
@@ -285,14 +259,14 @@
private final Context mContext;
private final NetworkProvider mNetworkProvider;
private final Dependencies mDeps;
- private final NetworkProvider.NetworkOfferCallback mNetworkOfferCallback;
+ private NetworkProvider.NetworkOfferCallback mNetworkOfferCallback;
private static String sTcpBufferSizes = null; // Lazy initialized.
private boolean mLinkUp;
private int mLegacyType;
private LinkProperties mLinkProperties = new LinkProperties();
- private Set<NetworkRequest> mRequests = new ArraySet<>();
+ private final Set<Integer> mRequestIds = new ArraySet<>();
private volatile @Nullable IpClientManager mIpClient;
private @NonNull NetworkCapabilities mCapabilities;
@@ -324,11 +298,6 @@
private class EthernetIpClientCallback extends IpClientCallbacks {
private final ConditionVariable mIpClientStartCv = new ConditionVariable(false);
private final ConditionVariable mIpClientShutdownCv = new ConditionVariable(false);
- @Nullable INetworkInterfaceOutcomeReceiver mNetworkManagementListener;
-
- EthernetIpClientCallback(@Nullable final INetworkInterfaceOutcomeReceiver listener) {
- mNetworkManagementListener = listener;
- }
@Override
public void onIpClientCreated(IIpClient ipClient) {
@@ -364,14 +333,14 @@
@Override
public void onProvisioningSuccess(LinkProperties newLp) {
- handleIpEvent(() -> onIpLayerStarted(newLp, mNetworkManagementListener));
+ handleIpEvent(() -> onIpLayerStarted(newLp));
}
@Override
public void onProvisioningFailure(LinkProperties newLp) {
// This cannot happen due to provisioning timeout, because our timeout is 0. It can
// happen due to errors while provisioning or on provisioning loss.
- handleIpEvent(() -> onIpLayerStopped(mNetworkManagementListener));
+ handleIpEvent(() -> onIpLayerStopped());
}
@Override
@@ -392,8 +361,15 @@
}
private class EthernetNetworkOfferCallback implements NetworkProvider.NetworkOfferCallback {
+ private boolean isStale() {
+ return this != mNetworkOfferCallback;
+ }
+
@Override
public void onNetworkNeeded(@NonNull NetworkRequest request) {
+ if (isStale()) {
+ return;
+ }
if (DBG) {
Log.d(TAG, String.format("%s: onNetworkNeeded for request: %s", name, request));
}
@@ -401,19 +377,26 @@
// existing requests.
// ConnectivityService filters requests for us based on the NetworkCapabilities
// passed in the registerNetworkOffer() call.
- mRequests.add(request);
+ mRequestIds.add(request.requestId);
// if the network is already started, this is a no-op.
start();
}
@Override
public void onNetworkUnneeded(@NonNull NetworkRequest request) {
+ if (isStale()) {
+ return;
+ }
if (DBG) {
Log.d(TAG,
String.format("%s: onNetworkUnneeded for request: %s", name, request));
}
- mRequests.remove(request);
- if (mRequests.isEmpty()) {
+ if (!mRequestIds.remove(request.requestId)) {
+ // This can only happen if onNetworkNeeded was not called for a request or if
+ // the requestId changed. Both should *never* happen.
+ Log.wtf(TAG, "onNetworkUnneeded called for unknown request");
+ }
+ if (mRequestIds.isEmpty()) {
// not currently serving any requests, stop the network.
stop();
}
@@ -431,7 +414,6 @@
mContext = context;
mNetworkProvider = networkProvider;
mDeps = deps;
- mNetworkOfferCallback = new EthernetNetworkOfferCallback();
mHwAddress = hwAddress;
}
@@ -454,7 +436,7 @@
+ "transport type.");
}
- private static NetworkScore getBestNetworkScore() {
+ private static NetworkScore getNetworkScore() {
return new NetworkScore.Builder().build();
}
@@ -465,20 +447,16 @@
if (mLinkUp) {
// registering a new network offer will update the existing one, not install a
// new one.
- mNetworkProvider.registerNetworkOffer(getBestNetworkScore(),
- new NetworkCapabilities(capabilities), cmd -> mHandler.post(cmd),
- mNetworkOfferCallback);
+ registerNetworkOffer();
}
}
void updateInterface(@Nullable final IpConfiguration ipConfig,
- @Nullable final NetworkCapabilities capabilities,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
+ @Nullable final NetworkCapabilities capabilities) {
if (DBG) {
Log.d(TAG, "updateInterface, iface: " + name
+ ", ipConfig: " + ipConfig + ", old ipConfig: " + mIpConfig
+ ", capabilities: " + capabilities + ", old capabilities: " + mCapabilities
- + ", listener: " + listener
);
}
@@ -491,7 +469,7 @@
// TODO: Update this logic to only do a restart if required. Although a restart may
// be required due to the capabilities or ipConfiguration values, not all
// capabilities changes require a restart.
- restart(listener);
+ restart();
}
boolean isRestricted() {
@@ -499,10 +477,6 @@
}
private void start() {
- start(null);
- }
-
- private void start(@Nullable final INetworkInterfaceOutcomeReceiver listener) {
if (mIpClient != null) {
if (DBG) Log.d(TAG, "IpClient already started");
return;
@@ -511,7 +485,7 @@
Log.d(TAG, String.format("Starting Ethernet IpClient(%s)", name));
}
- mIpClientCallback = new EthernetIpClientCallback(listener);
+ mIpClientCallback = new EthernetIpClientCallback();
mDeps.makeIpClient(mContext, name, mIpClientCallback);
mIpClientCallback.awaitIpClientStart();
@@ -521,8 +495,7 @@
provisionIpClient(mIpClient, mIpConfig, sTcpBufferSizes);
}
- void onIpLayerStarted(@NonNull final LinkProperties linkProperties,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
+ void onIpLayerStarted(@NonNull final LinkProperties linkProperties) {
if (mNetworkAgent != null) {
Log.e(TAG, "Already have a NetworkAgent - aborting new request");
stop();
@@ -554,40 +527,18 @@
});
mNetworkAgent.register();
mNetworkAgent.markConnected();
- realizeNetworkManagementCallback(name, null);
}
- void onIpLayerStopped(@Nullable final INetworkInterfaceOutcomeReceiver listener) {
+ void onIpLayerStopped() {
// There is no point in continuing if the interface is gone as stop() will be triggered
// by removeInterface() when processed on the handler thread and start() won't
// work for a non-existent interface.
if (null == mDeps.getNetworkInterfaceByName(name)) {
if (DBG) Log.d(TAG, name + " is no longer available.");
// Send a callback in case a provisioning request was in progress.
- maybeSendNetworkManagementCallbackForAbort();
return;
}
- restart(listener);
- }
-
- private void maybeSendNetworkManagementCallbackForAbort() {
- realizeNetworkManagementCallback(null,
- new EthernetNetworkManagementException(
- "The IP provisioning request has been aborted."));
- }
-
- // Must be called on the handler thread
- private void realizeNetworkManagementCallback(@Nullable final String iface,
- @Nullable final EthernetNetworkManagementException e) {
- ensureRunningOnEthernetHandlerThread();
- if (null == mIpClientCallback) {
- return;
- }
-
- EthernetNetworkFactory.maybeSendNetworkManagementCallback(
- mIpClientCallback.mNetworkManagementListener, iface, e);
- // Only send a single callback per listener.
- mIpClientCallback.mNetworkManagementListener = null;
+ restart();
}
private void ensureRunningOnEthernetHandlerThread() {
@@ -617,53 +568,62 @@
}
/** Returns true if state has been modified */
- boolean updateLinkState(final boolean up,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
+ boolean updateLinkState(final boolean up) {
if (mLinkUp == up) {
- EthernetNetworkFactory.maybeSendNetworkManagementCallback(listener, null,
- new EthernetNetworkManagementException(
- "No changes with requested link state " + up + " for " + name));
return false;
}
mLinkUp = up;
if (!up) { // was up, goes down
// retract network offer and stop IpClient.
- destroy();
- // If only setting the interface down, send a callback to signal completion.
- EthernetNetworkFactory.maybeSendNetworkManagementCallback(listener, name, null);
+ unregisterNetworkOfferAndStop();
} else { // was down, goes up
// register network offer
- mNetworkProvider.registerNetworkOffer(getBestNetworkScore(),
- new NetworkCapabilities(mCapabilities), (cmd) -> mHandler.post(cmd),
- mNetworkOfferCallback);
+ registerNetworkOffer();
}
return true;
}
private void stop() {
+ // Unregister NetworkAgent before stopping IpClient, so destroyNativeNetwork (which
+ // deletes routes) hopefully happens before stop() finishes execution. Otherwise, it may
+ // delete the new routes when IpClient gets restarted.
+ if (mNetworkAgent != null) {
+ mNetworkAgent.unregister();
+ mNetworkAgent = null;
+ }
+
// Invalidate all previous start requests
if (mIpClient != null) {
mIpClient.shutdown();
mIpClientCallback.awaitIpClientShutdown();
mIpClient = null;
}
- // Send an abort callback if an updateInterface request was in progress.
- maybeSendNetworkManagementCallbackForAbort();
+
mIpClientCallback = null;
- if (mNetworkAgent != null) {
- mNetworkAgent.unregister();
- mNetworkAgent = null;
- }
mLinkProperties.clear();
}
- public void destroy() {
+ private void registerNetworkOffer() {
+ // If mNetworkOfferCallback is already set, it should be reused to update the existing
+ // offer.
+ if (mNetworkOfferCallback == null) {
+ mNetworkOfferCallback = new EthernetNetworkOfferCallback();
+ }
+ mNetworkProvider.registerNetworkOffer(getNetworkScore(),
+ new NetworkCapabilities(mCapabilities), cmd -> mHandler.post(cmd),
+ mNetworkOfferCallback);
+ }
+
+ private void unregisterNetworkOfferAndStop() {
mNetworkProvider.unregisterNetworkOffer(mNetworkOfferCallback);
+ // Setting mNetworkOfferCallback to null allows the callback object to be identified
+ // as stale.
+ mNetworkOfferCallback = null;
stop();
- mRequests.clear();
+ mRequestIds.clear();
}
private static void provisionIpClient(@NonNull final IpClientManager ipClient,
@@ -693,13 +653,9 @@
}
void restart() {
- restart(null);
- }
-
- void restart(@Nullable final INetworkInterfaceOutcomeReceiver listener) {
if (DBG) Log.d(TAG, "reconnecting Ethernet");
stop();
- start(listener);
+ start();
}
@Override
diff --git a/service-t/src/com/android/server/ethernet/EthernetServiceImpl.java b/service-t/src/com/android/server/ethernet/EthernetServiceImpl.java
index 5e830ad..edf04b2 100644
--- a/service-t/src/com/android/server/ethernet/EthernetServiceImpl.java
+++ b/service-t/src/com/android/server/ethernet/EthernetServiceImpl.java
@@ -16,20 +16,22 @@
package com.android.server.ethernet;
+import static android.net.NetworkCapabilities.TRANSPORT_ETHERNET;
import static android.net.NetworkCapabilities.TRANSPORT_TEST;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.content.Context;
import android.content.pm.PackageManager;
+import android.net.EthernetNetworkSpecifier;
+import android.net.EthernetNetworkUpdateRequest;
import android.net.IEthernetManager;
import android.net.IEthernetServiceListener;
import android.net.INetworkInterfaceOutcomeReceiver;
import android.net.ITetheredInterfaceCallback;
-import android.net.EthernetNetworkUpdateRequest;
import android.net.IpConfiguration;
import android.net.NetworkCapabilities;
-import android.os.Binder;
+import android.net.NetworkSpecifier;
import android.os.Handler;
import android.os.RemoteException;
import android.util.Log;
@@ -185,13 +187,7 @@
@Override
protected void dump(FileDescriptor fd, PrintWriter writer, String[] args) {
final IndentingPrintWriter pw = new IndentingPrintWriter(writer, " ");
- if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)
- != PackageManager.PERMISSION_GRANTED) {
- pw.println("Permission Denial: can't dump EthernetService from pid="
- + Binder.getCallingPid()
- + ", uid=" + Binder.getCallingUid());
- return;
- }
+ if (!PermissionUtils.checkDumpPermission(mContext, TAG, pw)) return;
pw.println("Current Ethernet state: ");
pw.increaseIndent();
@@ -216,19 +212,39 @@
"EthernetServiceImpl");
}
- private void maybeValidateTestCapabilities(final String iface,
- @Nullable final NetworkCapabilities nc) {
+ private void validateOrSetNetworkSpecifier(String iface, NetworkCapabilities nc) {
+ final NetworkSpecifier spec = nc.getNetworkSpecifier();
+ if (spec == null) {
+ nc.setNetworkSpecifier(new EthernetNetworkSpecifier(iface));
+ return;
+ }
+ if (!(spec instanceof EthernetNetworkSpecifier)) {
+ throw new IllegalArgumentException("Invalid specifier type for request.");
+ }
+ if (!((EthernetNetworkSpecifier) spec).getInterfaceName().matches(iface)) {
+ throw new IllegalArgumentException("Invalid interface name set on specifier.");
+ }
+ }
+
+ private void maybeValidateTestCapabilities(String iface, NetworkCapabilities nc) {
if (!mTracker.isValidTestInterface(iface)) {
return;
}
- // For test interfaces, only null or capabilities that include TRANSPORT_TEST are
- // allowed.
- if (nc != null && !nc.hasTransport(TRANSPORT_TEST)) {
+ if (!nc.hasTransport(TRANSPORT_TEST)) {
throw new IllegalArgumentException(
"Updates to test interfaces must have NetworkCapabilities.TRANSPORT_TEST.");
}
}
+ private void maybeValidateEthernetTransport(String iface, NetworkCapabilities nc) {
+ if (mTracker.isValidTestInterface(iface)) {
+ return;
+ }
+ if (!nc.hasSingleTransport(TRANSPORT_ETHERNET)) {
+ throw new IllegalArgumentException("Invalid transport type for request.");
+ }
+ }
+
private void enforceAdminPermission(final String iface, boolean enforceAutomotive,
final String logMessage) {
if (mTracker.isValidTestInterface(iface)) {
@@ -244,43 +260,48 @@
@Override
public void updateConfiguration(@NonNull final String iface,
@NonNull final EthernetNetworkUpdateRequest request,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
+ @Nullable final INetworkInterfaceOutcomeReceiver cb) {
Objects.requireNonNull(iface);
Objects.requireNonNull(request);
throwIfEthernetNotStarted();
// TODO: validate that iface is listed in overlay config_ethernet_interfaces
// only automotive devices are allowed to set the NetworkCapabilities using this API
- enforceAdminPermission(iface, request.getNetworkCapabilities() != null,
- "updateConfiguration() with non-null capabilities");
- maybeValidateTestCapabilities(iface, request.getNetworkCapabilities());
+ final NetworkCapabilities nc = request.getNetworkCapabilities();
+ enforceAdminPermission(
+ iface, nc != null, "updateConfiguration() with non-null capabilities");
+ if (nc != null) {
+ validateOrSetNetworkSpecifier(iface, nc);
+ maybeValidateTestCapabilities(iface, nc);
+ maybeValidateEthernetTransport(iface, nc);
+ }
mTracker.updateConfiguration(
- iface, request.getIpConfiguration(), request.getNetworkCapabilities(), listener);
+ iface, request.getIpConfiguration(), nc, new EthernetCallback(cb));
}
@Override
- public void connectNetwork(@NonNull final String iface,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
- Log.i(TAG, "connectNetwork called with: iface=" + iface + ", listener=" + listener);
+ public void enableInterface(@NonNull final String iface,
+ @Nullable final INetworkInterfaceOutcomeReceiver cb) {
+ Log.i(TAG, "enableInterface called with: iface=" + iface + ", cb=" + cb);
Objects.requireNonNull(iface);
throwIfEthernetNotStarted();
- enforceAdminPermission(iface, true, "connectNetwork()");
+ enforceAdminPermission(iface, false, "enableInterface()");
- mTracker.connectNetwork(iface, listener);
+ mTracker.enableInterface(iface, new EthernetCallback(cb));
}
@Override
- public void disconnectNetwork(@NonNull final String iface,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
- Log.i(TAG, "disconnectNetwork called with: iface=" + iface + ", listener=" + listener);
+ public void disableInterface(@NonNull final String iface,
+ @Nullable final INetworkInterfaceOutcomeReceiver cb) {
+ Log.i(TAG, "disableInterface called with: iface=" + iface + ", cb=" + cb);
Objects.requireNonNull(iface);
throwIfEthernetNotStarted();
- enforceAdminPermission(iface, true, "connectNetwork()");
+ enforceAdminPermission(iface, false, "disableInterface()");
- mTracker.disconnectNetwork(iface, listener);
+ mTracker.disableInterface(iface, new EthernetCallback(cb));
}
@Override
diff --git a/service-t/src/com/android/server/ethernet/EthernetTracker.java b/service-t/src/com/android/server/ethernet/EthernetTracker.java
index 1ab7515..6ec478b 100644
--- a/service-t/src/com/android/server/ethernet/EthernetTracker.java
+++ b/service-t/src/com/android/server/ethernet/EthernetTracker.java
@@ -29,7 +29,6 @@
import android.net.EthernetManager;
import android.net.IEthernetServiceListener;
import android.net.INetd;
-import android.net.INetworkInterfaceOutcomeReceiver;
import android.net.ITetheredInterfaceCallback;
import android.net.InterfaceConfigurationParcel;
import android.net.IpConfiguration;
@@ -43,15 +42,21 @@
import android.os.RemoteCallbackList;
import android.os.RemoteException;
import android.os.ServiceSpecificException;
+import android.system.OsConstants;
import android.text.TextUtils;
import android.util.ArrayMap;
import android.util.Log;
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.util.IndentingPrintWriter;
-import com.android.net.module.util.BaseNetdUnsolicitedEventListener;
import com.android.net.module.util.NetdUtils;
import com.android.net.module.util.PermissionUtils;
+import com.android.net.module.util.SharedLog;
+import com.android.net.module.util.ip.NetlinkMonitor;
+import com.android.net.module.util.netlink.NetlinkConstants;
+import com.android.net.module.util.netlink.NetlinkMessage;
+import com.android.net.module.util.netlink.RtNetlinkLinkMessage;
+import com.android.net.module.util.netlink.StructIfinfoMsg;
import java.io.FileDescriptor;
import java.net.InetAddress;
@@ -86,16 +91,21 @@
private static final String TEST_IFACE_REGEXP = TEST_TAP_PREFIX + "\\d+";
+ // TODO: consider using SharedLog consistently across ethernet service.
+ private static final SharedLog sLog = new SharedLog(TAG);
+
/**
- * Interface names we track. This is a product-dependent regular expression, plus,
- * if setIncludeTestInterfaces is true, any test interfaces.
+ * Interface names we track. This is a product-dependent regular expression.
+ * Use isValidEthernetInterface to check if a interface name is a valid ethernet interface (this
+ * includes test interfaces if setIncludeTestInterfaces is set to true).
*/
- private volatile String mIfaceMatch;
+ private final String mIfaceMatch;
/**
* Track test interfaces if true, don't track otherwise.
+ * Volatile is needed as getInterfaceList() does not run on the handler thread.
*/
- private boolean mIncludeTestInterfaces = false;
+ private volatile boolean mIncludeTestInterfaces = false;
/** Mapping between {iface name | mac address} -> {NetworkCapabilities} */
private final ConcurrentHashMap<String, NetworkCapabilities> mNetworkCapabilities =
@@ -108,6 +118,7 @@
private final Handler mHandler;
private final EthernetNetworkFactory mFactory;
private final EthernetConfigStore mConfigStore;
+ private final NetlinkMonitor mNetlinkMonitor;
private final Dependencies mDeps;
private final RemoteCallbackList<IEthernetServiceListener> mListeners =
@@ -115,12 +126,13 @@
private final TetheredInterfaceRequestList mTetheredInterfaceRequests =
new TetheredInterfaceRequestList();
- // Used only on the handler thread
- private String mDefaultInterface;
- private int mDefaultInterfaceMode = INTERFACE_MODE_CLIENT;
+ // The first interface discovered is set as the mTetheringInterface. It is the interface that is
+ // returned when a tethered interface is requested; until then, it remains in client mode. Its
+ // current mode is reflected in mTetheringInterfaceMode.
+ private String mTetheringInterface;
+ private int mTetheringInterfaceMode = INTERFACE_MODE_CLIENT;
// Tracks whether clients were notified that the tethered interface is available
private boolean mTetheredInterfaceWasAvailable = false;
- private volatile IpConfiguration mIpConfigForDefaultInterface;
private int mEthernetState = ETHERNET_STATE_ENABLED;
@@ -128,7 +140,7 @@
RemoteCallbackList<ITetheredInterfaceCallback> {
@Override
public void onCallbackDied(ITetheredInterfaceCallback cb, Object cookie) {
- mHandler.post(EthernetTracker.this::maybeUntetherDefaultInterface);
+ mHandler.post(EthernetTracker.this::maybeUntetherInterface);
}
}
@@ -146,6 +158,69 @@
}
}
+ private class EthernetNetlinkMonitor extends NetlinkMonitor {
+ EthernetNetlinkMonitor(Handler handler) {
+ super(handler, sLog, EthernetNetlinkMonitor.class.getSimpleName(),
+ OsConstants.NETLINK_ROUTE, NetlinkConstants.RTMGRP_LINK);
+ }
+
+ private void onNewLink(String ifname, boolean linkUp) {
+ if (!mFactory.hasInterface(ifname) && !ifname.equals(mTetheringInterface)) {
+ Log.i(TAG, "onInterfaceAdded, iface: " + ifname);
+ maybeTrackInterface(ifname);
+ }
+ Log.i(TAG, "interfaceLinkStateChanged, iface: " + ifname + ", up: " + linkUp);
+ updateInterfaceState(ifname, linkUp);
+ }
+
+ private void onDelLink(String ifname) {
+ Log.i(TAG, "onInterfaceRemoved, iface: " + ifname);
+ stopTrackingInterface(ifname);
+ }
+
+ private void processRtNetlinkLinkMessage(RtNetlinkLinkMessage msg) {
+ final StructIfinfoMsg ifinfomsg = msg.getIfinfoHeader();
+ // check if the message is valid
+ if (ifinfomsg.family != OsConstants.AF_UNSPEC) return;
+
+ // ignore messages for the loopback interface
+ if ((ifinfomsg.flags & OsConstants.IFF_LOOPBACK) != 0) return;
+
+ // check if the received message applies to an ethernet interface.
+ final String ifname = msg.getInterfaceName();
+ if (!isValidEthernetInterface(ifname)) return;
+
+ switch (msg.getHeader().nlmsg_type) {
+ case NetlinkConstants.RTM_NEWLINK:
+ final boolean linkUp = (ifinfomsg.flags & NetlinkConstants.IFF_LOWER_UP) != 0;
+ onNewLink(ifname, linkUp);
+ break;
+
+ case NetlinkConstants.RTM_DELLINK:
+ onDelLink(ifname);
+ break;
+
+ default:
+ Log.e(TAG, "Unknown rtnetlink link msg type: " + msg);
+ break;
+ }
+ }
+
+ // Note: processNetlinkMessage is called on the handler thread.
+ @Override
+ protected void processNetlinkMessage(NetlinkMessage nlMsg, long whenMs) {
+ // ignore all updates when ethernet is disabled.
+ if (mEthernetState == ETHERNET_STATE_DISABLED) return;
+
+ if (nlMsg instanceof RtNetlinkLinkMessage) {
+ processRtNetlinkLinkMessage((RtNetlinkLinkMessage) nlMsg);
+ } else {
+ Log.e(TAG, "Unknown netlink message: " + nlMsg);
+ }
+ }
+ }
+
+
EthernetTracker(@NonNull final Context context, @NonNull final Handler handler,
@NonNull final EthernetNetworkFactory factory, @NonNull final INetd netd) {
this(context, handler, factory, netd, new Dependencies());
@@ -162,7 +237,7 @@
mDeps = deps;
// Interface match regex.
- updateIfaceMatchRegexp();
+ mIfaceMatch = mDeps.getInterfaceRegexFromResource(mContext);
// Read default Ethernet interface configuration from resources
final String[] interfaceConfigs = mDeps.getInterfaceConfigFromResource(context);
@@ -171,27 +246,22 @@
}
mConfigStore = new EthernetConfigStore();
+ mNetlinkMonitor = new EthernetNetlinkMonitor(mHandler);
}
void start() {
mFactory.register();
mConfigStore.read();
- // Default interface is just the first one we want to track.
- mIpConfigForDefaultInterface = mConfigStore.getIpConfigurationForDefaultInterface();
final ArrayMap<String, IpConfiguration> configs = mConfigStore.getIpConfigurations();
for (int i = 0; i < configs.size(); i++) {
mIpConfigurations.put(configs.keyAt(i), configs.valueAt(i));
}
- try {
- PermissionUtils.enforceNetworkStackPermission(mContext);
- mNetd.registerUnsolicitedEventListener(new InterfaceObserver());
- } catch (RemoteException | ServiceSpecificException e) {
- Log.e(TAG, "Could not register InterfaceObserver " + e);
- }
-
- mHandler.post(this::trackAvailableInterfaces);
+ mHandler.post(() -> {
+ mNetlinkMonitor.start();
+ trackAvailableInterfaces();
+ });
}
void updateIpConfiguration(String iface, IpConfiguration ipConfiguration) {
@@ -200,7 +270,7 @@
}
writeIpConfiguration(iface, ipConfiguration);
mHandler.post(() -> {
- mFactory.updateInterface(iface, ipConfiguration, null, null);
+ mFactory.updateInterface(iface, ipConfiguration, null);
broadcastInterfaceStateChange(iface);
});
}
@@ -264,12 +334,14 @@
protected void updateConfiguration(@NonNull final String iface,
@Nullable final IpConfiguration ipConfig,
@Nullable final NetworkCapabilities capabilities,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
+ @Nullable final EthernetCallback cb) {
if (DBG) {
Log.i(TAG, "updateConfiguration, iface: " + iface + ", capabilities: " + capabilities
+ ", ipConfig: " + ipConfig);
}
+ // TODO: do the right thing if the interface was in server mode: either fail this operation,
+ // or take the interface out of server mode.
final IpConfiguration localIpConfig = ipConfig == null
? null : new IpConfiguration(ipConfig);
if (ipConfig != null) {
@@ -280,21 +352,29 @@
mNetworkCapabilities.put(iface, capabilities);
}
mHandler.post(() -> {
- mFactory.updateInterface(iface, localIpConfig, capabilities, listener);
- broadcastInterfaceStateChange(iface);
+ mFactory.updateInterface(iface, localIpConfig, capabilities);
+
+ // only broadcast state change when the ip configuration is updated.
+ if (ipConfig != null) {
+ broadcastInterfaceStateChange(iface);
+ }
+ // Always return success. Even if the interface does not currently exist, the
+ // IpConfiguration and NetworkCapabilities were saved and will be applied if an
+ // interface with the given name is ever added.
+ cb.onResult(iface);
});
}
@VisibleForTesting(visibility = PACKAGE)
- protected void connectNetwork(@NonNull final String iface,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
- mHandler.post(() -> updateInterfaceState(iface, true, listener));
+ protected void enableInterface(@NonNull final String iface,
+ @Nullable final EthernetCallback cb) {
+ mHandler.post(() -> updateInterfaceState(iface, true, cb));
}
@VisibleForTesting(visibility = PACKAGE)
- protected void disconnectNetwork(@NonNull final String iface,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
- mHandler.post(() -> updateInterfaceState(iface, false, listener));
+ protected void disableInterface(@NonNull final String iface,
+ @Nullable final EthernetCallback cb) {
+ mHandler.post(() -> updateInterfaceState(iface, false, cb));
}
IpConfiguration getIpConfiguration(String iface) {
@@ -319,9 +399,17 @@
Log.e(TAG, "Could not get list of interfaces " + e);
return interfaceList;
}
- final String ifaceMatch = mIfaceMatch;
+
+ // There is a possible race with setIncludeTestInterfaces() which can affect
+ // isValidEthernetInterface (it returns true for test interfaces if setIncludeTestInterfaces
+ // is set to true).
+ // setIncludeTestInterfaces() is only used in tests, and since getInterfaceList() does not
+ // run on the handler thread, the behavior around setIncludeTestInterfaces() is
+ // indeterminate either way. This can easily be circumvented by waiting on a callback from
+ // a test interface after calling setIncludeTestInterfaces() before calling this function.
+ // In production code, this has no effect.
for (String iface : ifaces) {
- if (iface.matches(ifaceMatch)) interfaceList.add(iface);
+ if (isValidEthernetInterface(iface)) interfaceList.add(iface);
}
return interfaceList;
}
@@ -356,7 +444,6 @@
public void setIncludeTestInterfaces(boolean include) {
mHandler.post(() -> {
mIncludeTestInterfaces = include;
- updateIfaceMatchRegexp();
if (!include) {
removeTestData();
}
@@ -390,21 +477,21 @@
// Remote process has already died
return;
}
- if (mDefaultInterfaceMode == INTERFACE_MODE_SERVER) {
+ if (mTetheringInterfaceMode == INTERFACE_MODE_SERVER) {
if (mTetheredInterfaceWasAvailable) {
- notifyTetheredInterfaceAvailable(callback, mDefaultInterface);
+ notifyTetheredInterfaceAvailable(callback, mTetheringInterface);
}
return;
}
- setDefaultInterfaceMode(INTERFACE_MODE_SERVER);
+ setTetheringInterfaceMode(INTERFACE_MODE_SERVER);
});
}
public void releaseTetheredInterface(ITetheredInterfaceCallback callback) {
mHandler.post(() -> {
mTetheredInterfaceRequests.unregister(callback);
- maybeUntetherDefaultInterface();
+ maybeUntetherInterface();
});
}
@@ -424,21 +511,21 @@
}
}
- private void maybeUntetherDefaultInterface() {
+ private void maybeUntetherInterface() {
if (mTetheredInterfaceRequests.getRegisteredCallbackCount() > 0) return;
- if (mDefaultInterfaceMode == INTERFACE_MODE_CLIENT) return;
- setDefaultInterfaceMode(INTERFACE_MODE_CLIENT);
+ if (mTetheringInterfaceMode == INTERFACE_MODE_CLIENT) return;
+ setTetheringInterfaceMode(INTERFACE_MODE_CLIENT);
}
- private void setDefaultInterfaceMode(int mode) {
- Log.d(TAG, "Setting default interface mode to " + mode);
- mDefaultInterfaceMode = mode;
- if (mDefaultInterface != null) {
- removeInterface(mDefaultInterface);
- addInterface(mDefaultInterface);
+ private void setTetheringInterfaceMode(int mode) {
+ Log.d(TAG, "Setting tethering interface mode to " + mode);
+ mTetheringInterfaceMode = mode;
+ if (mTetheringInterface != null) {
+ removeInterface(mTetheringInterface);
+ addInterface(mTetheringInterface);
// when this broadcast is sent, any calls to notifyTetheredInterfaceAvailable or
// notifyTetheredInterfaceUnavailable have already happened
- broadcastInterfaceStateChange(mDefaultInterface);
+ broadcastInterfaceStateChange(mTetheringInterface);
}
}
@@ -467,8 +554,8 @@
}
private int getInterfaceMode(final String iface) {
- if (iface.equals(mDefaultInterface)) {
- return mDefaultInterfaceMode;
+ if (iface.equals(mTetheringInterface)) {
+ return mTetheringInterfaceMode;
}
return INTERFACE_MODE_CLIENT;
}
@@ -480,8 +567,8 @@
private void stopTrackingInterface(String iface) {
removeInterface(iface);
- if (iface.equals(mDefaultInterface)) {
- mDefaultInterface = null;
+ if (iface.equals(mTetheringInterface)) {
+ mTetheringInterface = null;
}
broadcastInterfaceStateChange(iface);
}
@@ -491,8 +578,14 @@
// Bring up the interface so we get link status indications.
try {
PermissionUtils.enforceNetworkStackPermission(mContext);
- NetdUtils.setInterfaceUp(mNetd, iface);
+ // Read the flags before attempting to bring up the interface. If the interface is
+ // already running an UP event is created after adding the interface.
config = NetdUtils.getInterfaceConfigParcel(mNetd, iface);
+ if (NetdUtils.hasFlag(config, INetd.IF_STATE_DOWN)) {
+ // As a side-effect, NetdUtils#setInterfaceUp() also clears the interface's IPv4
+ // address and readds it which *could* lead to unexpected behavior in the future.
+ NetdUtils.setInterfaceUp(mNetd, iface);
+ }
} catch (IllegalStateException e) {
// Either the system is crashing or the interface has disappeared. Just ignore the
// error; we haven't modified any state because we only do that if our calls succeed.
@@ -504,6 +597,11 @@
return;
}
+ if (getInterfaceMode(iface) == INTERFACE_MODE_SERVER) {
+ maybeUpdateServerModeInterfaceState(iface, true);
+ return;
+ }
+
final String hwAddress = config.hwAddr;
NetworkCapabilities nc = mNetworkCapabilities.get(iface);
@@ -516,40 +614,46 @@
}
}
- final int mode = getInterfaceMode(iface);
- if (mode == INTERFACE_MODE_CLIENT) {
- IpConfiguration ipConfiguration = getOrCreateIpConfiguration(iface);
- Log.d(TAG, "Tracking interface in client mode: " + iface);
- mFactory.addInterface(iface, hwAddress, ipConfiguration, nc);
- } else {
- maybeUpdateServerModeInterfaceState(iface, true);
- }
+ IpConfiguration ipConfiguration = getOrCreateIpConfiguration(iface);
+ Log.d(TAG, "Tracking interface in client mode: " + iface);
+ mFactory.addInterface(iface, hwAddress, ipConfiguration, nc);
// Note: if the interface already has link (e.g., if we crashed and got
// restarted while it was running), we need to fake a link up notification so we
// start configuring it.
- if (NetdUtils.hasFlag(config, "running")) {
- updateInterfaceState(iface, true);
+ if (NetdUtils.hasFlag(config, INetd.IF_FLAG_RUNNING)) {
+ // no need to send an interface state change as this is not a true "state change". The
+ // callers (maybeTrackInterface() and setTetheringInterfaceMode()) already broadcast the
+ // state change.
+ mFactory.updateInterfaceLinkState(iface, true);
}
}
private void updateInterfaceState(String iface, boolean up) {
- updateInterfaceState(iface, up, null /* listener */);
+ updateInterfaceState(iface, up, new EthernetCallback(null /* cb */));
}
- private void updateInterfaceState(@NonNull final String iface, final boolean up,
- @Nullable final INetworkInterfaceOutcomeReceiver listener) {
+ // TODO(b/225315248): enable/disableInterface() should not affect link state.
+ private void updateInterfaceState(String iface, boolean up, EthernetCallback cb) {
final int mode = getInterfaceMode(iface);
- final boolean factoryLinkStateUpdated = (mode == INTERFACE_MODE_CLIENT)
- && mFactory.updateInterfaceLinkState(iface, up, listener);
+ if (mode == INTERFACE_MODE_SERVER || !mFactory.hasInterface(iface)) {
+ // The interface is in server mode or is not tracked.
+ cb.onError("Failed to set link state " + (up ? "up" : "down") + " for " + iface);
+ return;
+ }
- if (factoryLinkStateUpdated) {
+ if (mFactory.updateInterfaceLinkState(iface, up)) {
broadcastInterfaceStateChange(iface);
}
+ // If updateInterfaceLinkState returns false, the interface is already in the correct state.
+ // Always return success.
+ cb.onResult(iface);
}
private void maybeUpdateServerModeInterfaceState(String iface, boolean available) {
- if (available == mTetheredInterfaceWasAvailable || !iface.equals(mDefaultInterface)) return;
+ if (available == mTetheredInterfaceWasAvailable || !iface.equals(mTetheringInterface)) {
+ return;
+ }
Log.d(TAG, (available ? "Tracking" : "No longer tracking")
+ " interface in server mode: " + iface);
@@ -568,26 +672,21 @@
}
private void maybeTrackInterface(String iface) {
- if (!iface.matches(mIfaceMatch)) {
+ if (!isValidEthernetInterface(iface)) {
return;
}
// If we don't already track this interface, and if this interface matches
// our regex, start tracking it.
- if (mFactory.hasInterface(iface) || iface.equals(mDefaultInterface)) {
+ if (mFactory.hasInterface(iface) || iface.equals(mTetheringInterface)) {
if (DBG) Log.w(TAG, "Ignoring already-tracked interface " + iface);
return;
}
if (DBG) Log.i(TAG, "maybeTrackInterface: " + iface);
- // TODO: avoid making an interface default if it has configured NetworkCapabilities.
- if (mDefaultInterface == null) {
- mDefaultInterface = iface;
- }
-
- if (mIpConfigForDefaultInterface != null) {
- updateIpConfiguration(iface, mIpConfigForDefaultInterface);
- mIpConfigForDefaultInterface = null;
+ // Do not use an interface for tethering if it has configured NetworkCapabilities.
+ if (mTetheringInterface == null && !mNetworkCapabilities.containsKey(iface)) {
+ mTetheringInterface = iface;
}
addInterface(iface);
@@ -606,43 +705,6 @@
}
}
- @VisibleForTesting
- class InterfaceObserver extends BaseNetdUnsolicitedEventListener {
-
- @Override
- public void onInterfaceLinkStateChanged(String iface, boolean up) {
- if (DBG) {
- Log.i(TAG, "interfaceLinkStateChanged, iface: " + iface + ", up: " + up);
- }
- mHandler.post(() -> {
- if (mEthernetState == ETHERNET_STATE_DISABLED) return;
- updateInterfaceState(iface, up);
- });
- }
-
- @Override
- public void onInterfaceAdded(String iface) {
- if (DBG) {
- Log.i(TAG, "onInterfaceAdded, iface: " + iface);
- }
- mHandler.post(() -> {
- if (mEthernetState == ETHERNET_STATE_DISABLED) return;
- maybeTrackInterface(iface);
- });
- }
-
- @Override
- public void onInterfaceRemoved(String iface) {
- if (DBG) {
- Log.i(TAG, "onInterfaceRemoved, iface: " + iface);
- }
- mHandler.post(() -> {
- if (mEthernetState == ETHERNET_STATE_DISABLED) return;
- stopTrackingInterface(iface);
- });
- }
- }
-
private static class ListenerInfo {
boolean canUseRestrictedNetworks = false;
@@ -839,12 +901,8 @@
return ret;
}
- private void updateIfaceMatchRegexp() {
- final String match = mDeps.getInterfaceRegexFromResource(mContext);
- mIfaceMatch = mIncludeTestInterfaces
- ? "(" + match + "|" + TEST_IFACE_REGEXP + ")"
- : match;
- Log.d(TAG, "Interface match regexp set to '" + mIfaceMatch + "'");
+ private boolean isValidEthernetInterface(String iface) {
+ return iface.matches(mIfaceMatch) || isValidTestInterface(iface);
}
/**
@@ -921,8 +979,8 @@
pw.println("Ethernet State: "
+ (mEthernetState == ETHERNET_STATE_ENABLED ? "enabled" : "disabled"));
pw.println("Ethernet interface name filter: " + mIfaceMatch);
- pw.println("Default interface: " + mDefaultInterface);
- pw.println("Default interface mode: " + mDefaultInterfaceMode);
+ pw.println("Interface used for tethering: " + mTetheringInterface);
+ pw.println("Tethering interface mode: " + mTetheringInterfaceMode);
pw.println("Tethered interface requests: "
+ mTetheredInterfaceRequests.getRegisteredCallbackCount());
pw.println("Listeners: " + mListeners.getRegisteredCallbackCount());
diff --git a/service-t/src/com/android/server/net/BpfInterfaceMapUpdater.java b/service-t/src/com/android/server/net/BpfInterfaceMapUpdater.java
index 3b44d81..ceae9ba 100644
--- a/service-t/src/com/android/server/net/BpfInterfaceMapUpdater.java
+++ b/service-t/src/com/android/server/net/BpfInterfaceMapUpdater.java
@@ -22,14 +22,16 @@
import android.os.RemoteException;
import android.os.ServiceSpecificException;
import android.system.ErrnoException;
+import android.util.IndentingPrintWriter;
import android.util.Log;
import com.android.internal.annotations.VisibleForTesting;
import com.android.net.module.util.BaseNetdUnsolicitedEventListener;
+import com.android.net.module.util.BpfDump;
import com.android.net.module.util.BpfMap;
import com.android.net.module.util.IBpfMap;
import com.android.net.module.util.InterfaceParams;
-import com.android.net.module.util.Struct.U32;
+import com.android.net.module.util.Struct.S32;
/**
* Monitor interface added (without removed) and right interface name and its index to bpf map.
@@ -39,7 +41,7 @@
// This is current path but may be changed soon.
private static final String IFACE_INDEX_NAME_MAP_PATH =
"/sys/fs/bpf/netd_shared/map_netd_iface_index_name_map";
- private final IBpfMap<U32, InterfaceMapValue> mBpfMap;
+ private final IBpfMap<S32, InterfaceMapValue> mBpfMap;
private final INetd mNetd;
private final Handler mHandler;
private final Dependencies mDeps;
@@ -62,10 +64,10 @@
@VisibleForTesting
public static class Dependencies {
/** Create BpfMap for updating interface and index mapping. */
- public IBpfMap<U32, InterfaceMapValue> getInterfaceMap() {
+ public IBpfMap<S32, InterfaceMapValue> getInterfaceMap() {
try {
return new BpfMap<>(IFACE_INDEX_NAME_MAP_PATH, BpfMap.BPF_F_RDWR,
- U32.class, InterfaceMapValue.class);
+ S32.class, InterfaceMapValue.class);
} catch (ErrnoException e) {
Log.e(TAG, "Cannot create interface map: " + e);
return null;
@@ -124,7 +126,7 @@
}
try {
- mBpfMap.updateEntry(new U32(iface.index), new InterfaceMapValue(ifaceName));
+ mBpfMap.updateEntry(new S32(iface.index), new InterfaceMapValue(ifaceName));
} catch (ErrnoException e) {
Log.e(TAG, "Unable to update entry for " + ifaceName + ", " + e);
}
@@ -136,4 +138,37 @@
mHandler.post(() -> addInterface(ifName));
}
}
+
+ /** get interface name by interface index from bpf map */
+ public String getIfNameByIndex(final int index) {
+ try {
+ final InterfaceMapValue value = mBpfMap.getValue(new S32(index));
+ if (value == null) {
+ Log.e(TAG, "No if name entry for index " + index);
+ return null;
+ }
+ return value.getInterfaceNameString();
+ } catch (ErrnoException e) {
+ Log.e(TAG, "Failed to get entry for index " + index + ": " + e);
+ return null;
+ }
+ }
+
+ /**
+ * Dump BPF map
+ *
+ * @param pw print writer
+ */
+ public void dump(final IndentingPrintWriter pw) {
+ pw.println("BPF map status:");
+ pw.increaseIndent();
+ BpfDump.dumpMapStatus(mBpfMap, pw, "IfaceIndexNameMap", IFACE_INDEX_NAME_MAP_PATH);
+ pw.decreaseIndent();
+ pw.println("BPF map content:");
+ pw.increaseIndent();
+ BpfDump.dumpMap(mBpfMap, pw, "IfaceIndexNameMap",
+ (key, value) -> "ifaceIndex=" + key.val
+ + " ifaceName=" + value.getInterfaceNameString());
+ pw.decreaseIndent();
+ }
}
diff --git a/service-t/src/com/android/server/net/InterfaceMapValue.java b/service-t/src/com/android/server/net/InterfaceMapValue.java
index 42c0044..95da981 100644
--- a/service-t/src/com/android/server/net/InterfaceMapValue.java
+++ b/service-t/src/com/android/server/net/InterfaceMapValue.java
@@ -16,20 +16,45 @@
package com.android.server.net;
import com.android.net.module.util.Struct;
-import com.android.net.module.util.Struct.Field;
-import com.android.net.module.util.Struct.Type;
+
+import java.util.Arrays;
/**
* The value of bpf interface index map which is used for NetworkStatsService.
*/
public class InterfaceMapValue extends Struct {
+ private static final int IF_NAME_SIZE = 16;
+
@Field(order = 0, type = Type.ByteArray, arraysize = 16)
public final byte[] interfaceName;
public InterfaceMapValue(String iface) {
- final byte[] ifaceArray = iface.getBytes();
- interfaceName = new byte[16];
// All array bytes after the interface name, if any, must be 0.
- System.arraycopy(ifaceArray, 0, interfaceName, 0, ifaceArray.length);
+ interfaceName = Arrays.copyOf(iface.getBytes(), IF_NAME_SIZE);
+ }
+
+ /**
+ * Constructor for Struct#parse. Build this struct from byte array of interface name.
+ *
+ * @param ifName Byte array of interface name, length is expected to be IF_NAME_SIZE(16).
+ * If longer or shorter, interface name will be truncated or padded with zeros.
+ * All array bytes after the interface name, if any, must be 0.
+ */
+ public InterfaceMapValue(final byte[] ifName) {
+ interfaceName = Arrays.copyOf(ifName, IF_NAME_SIZE);
+ }
+
+ /** Returns the length of the null-terminated string. */
+ private int strlen(byte[] str) {
+ for (int i = 0; i < str.length; ++i) {
+ if (str[i] == '\0') {
+ return i;
+ }
+ }
+ return str.length;
+ }
+
+ public String getInterfaceNameString() {
+ return new String(interfaceName, 0 /* offset */, strlen(interfaceName));
}
}
diff --git a/service-t/src/com/android/server/net/NetworkStatsFactory.java b/service-t/src/com/android/server/net/NetworkStatsFactory.java
index 3b93f1a..8161f50 100644
--- a/service-t/src/com/android/server/net/NetworkStatsFactory.java
+++ b/service-t/src/com/android/server/net/NetworkStatsFactory.java
@@ -17,9 +17,7 @@
package com.android.server.net;
import static android.net.NetworkStats.INTERFACES_ALL;
-import static android.net.NetworkStats.SET_ALL;
import static android.net.NetworkStats.TAG_ALL;
-import static android.net.NetworkStats.TAG_NONE;
import static android.net.NetworkStats.UID_ALL;
import android.annotation.NonNull;
@@ -28,19 +26,12 @@
import android.net.NetworkStats;
import android.net.UnderlyingNetworkInfo;
import android.os.ServiceSpecificException;
-import android.os.StrictMode;
import android.os.SystemClock;
import com.android.internal.annotations.GuardedBy;
import com.android.internal.annotations.VisibleForTesting;
-import com.android.internal.util.ProcFileReader;
-import com.android.net.module.util.CollectionUtils;
import com.android.server.BpfNetMaps;
-import libcore.io.IoUtils;
-
-import java.io.File;
-import java.io.FileInputStream;
import java.io.IOException;
import java.net.ProtocolException;
import java.util.Arrays;
@@ -61,18 +52,6 @@
private static final String TAG = "NetworkStatsFactory";
- private static final boolean USE_NATIVE_PARSING = true;
- private static final boolean VALIDATE_NATIVE_STATS = false;
-
- /** Path to {@code /proc/net/xt_qtaguid/iface_stat_all}. */
- private final File mStatsXtIfaceAll;
- /** Path to {@code /proc/net/xt_qtaguid/iface_stat_fmt}. */
- private final File mStatsXtIfaceFmt;
- /** Path to {@code /proc/net/xt_qtaguid/stats}. */
- private final File mStatsXtUid;
-
- private final boolean mUseBpfStats;
-
private final Context mContext;
private final BpfNetMaps mBpfNetMaps;
@@ -96,6 +75,48 @@
@GuardedBy("mPersistentDataLock")
private NetworkStats mTunAnd464xlatAdjustedStats;
+ private final Dependencies mDeps;
+ /**
+ * Dependencies of NetworkStatsFactory, for injection in tests.
+ */
+ @VisibleForTesting
+ public static class Dependencies {
+ /**
+ * Parse detailed statistics from bpf into given {@link NetworkStats} object. Values
+ * are expected to monotonically increase since device boot.
+ */
+ @NonNull
+ public NetworkStats getNetworkStatsDetail(int limitUid, @Nullable String[] limitIfaces,
+ int limitTag) throws IOException {
+ final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 0);
+ // TODO: remove both path and useBpfStats arguments.
+ // The path is never used if useBpfStats is true.
+ final int ret = nativeReadNetworkStatsDetail(stats, limitUid, limitIfaces, limitTag);
+ if (ret != 0) {
+ throw new IOException("Failed to parse network stats");
+ }
+ return stats;
+ }
+ /**
+ * Parse device summary statistics from bpf into given {@link NetworkStats} object. Values
+ * are expected to monotonically increase since device boot.
+ */
+ @NonNull
+ public NetworkStats getNetworkStatsDev() throws IOException {
+ final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 6);
+ final int ret = nativeReadNetworkStatsDev(stats);
+ if (ret != 0) {
+ throw new IOException("Failed to parse bpf iface stats");
+ }
+ return stats;
+ }
+
+ /** Create a new {@link BpfNetMaps}. */
+ public BpfNetMaps createBpfNetMaps(@NonNull Context ctx) {
+ return new BpfNetMaps(ctx);
+ }
+ }
+
/**
* (Stacked interface) -> (base interface) association for all connected ifaces since boot.
*
@@ -164,29 +185,18 @@
}
public NetworkStatsFactory(@NonNull Context ctx) {
- this(ctx, new File("/proc/"), true);
+ this(ctx, new Dependencies());
}
@VisibleForTesting
- public NetworkStatsFactory(@NonNull Context ctx, File procRoot, boolean useBpfStats) {
- mStatsXtIfaceAll = new File(procRoot, "net/xt_qtaguid/iface_stat_all");
- mStatsXtIfaceFmt = new File(procRoot, "net/xt_qtaguid/iface_stat_fmt");
- mStatsXtUid = new File(procRoot, "net/xt_qtaguid/stats");
- mUseBpfStats = useBpfStats;
- mBpfNetMaps = new BpfNetMaps();
+ public NetworkStatsFactory(@NonNull Context ctx, Dependencies deps) {
+ mBpfNetMaps = deps.createBpfNetMaps(ctx);
synchronized (mPersistentDataLock) {
mPersistSnapshot = new NetworkStats(SystemClock.elapsedRealtime(), -1);
mTunAnd464xlatAdjustedStats = new NetworkStats(SystemClock.elapsedRealtime(), -1);
}
mContext = ctx;
- }
-
- public NetworkStats readBpfNetworkStatsDev() throws IOException {
- final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 6);
- if (nativeReadNetworkStatsDev(stats) != 0) {
- throw new IOException("Failed to parse bpf iface stats");
- }
- return stats;
+ mDeps = deps;
}
/**
@@ -194,106 +204,18 @@
* using {@code /proc/net/dev} style hooks, which may include non IP layer
* traffic. Values monotonically increase since device boot, and may include
* details about inactive interfaces.
- *
- * @throws IllegalStateException when problem parsing stats.
*/
public NetworkStats readNetworkStatsSummaryDev() throws IOException {
-
- // Return xt_bpf stats if switched to bpf module.
- if (mUseBpfStats)
- return readBpfNetworkStatsDev();
-
- final StrictMode.ThreadPolicy savedPolicy = StrictMode.allowThreadDiskReads();
-
- final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 6);
- final NetworkStats.Entry entry = new NetworkStats.Entry();
-
- ProcFileReader reader = null;
- try {
- reader = new ProcFileReader(new FileInputStream(mStatsXtIfaceAll));
-
- while (reader.hasMoreData()) {
- entry.iface = reader.nextString();
- entry.uid = UID_ALL;
- entry.set = SET_ALL;
- entry.tag = TAG_NONE;
-
- final boolean active = reader.nextInt() != 0;
-
- // always include snapshot values
- entry.rxBytes = reader.nextLong();
- entry.rxPackets = reader.nextLong();
- entry.txBytes = reader.nextLong();
- entry.txPackets = reader.nextLong();
-
- // fold in active numbers, but only when active
- if (active) {
- entry.rxBytes += reader.nextLong();
- entry.rxPackets += reader.nextLong();
- entry.txBytes += reader.nextLong();
- entry.txPackets += reader.nextLong();
- }
-
- stats.insertEntry(entry);
- reader.finishLine();
- }
- } catch (NullPointerException|NumberFormatException e) {
- throw protocolExceptionWithCause("problem parsing stats", e);
- } finally {
- IoUtils.closeQuietly(reader);
- StrictMode.setThreadPolicy(savedPolicy);
- }
- return stats;
+ return mDeps.getNetworkStatsDev();
}
/**
* Parse and return interface-level summary {@link NetworkStats}. Designed
* to return only IP layer traffic. Values monotonically increase since
* device boot, and may include details about inactive interfaces.
- *
- * @throws IllegalStateException when problem parsing stats.
*/
public NetworkStats readNetworkStatsSummaryXt() throws IOException {
-
- // Return xt_bpf stats if qtaguid module is replaced.
- if (mUseBpfStats)
- return readBpfNetworkStatsDev();
-
- final StrictMode.ThreadPolicy savedPolicy = StrictMode.allowThreadDiskReads();
-
- // return null when kernel doesn't support
- if (!mStatsXtIfaceFmt.exists()) return null;
-
- final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 6);
- final NetworkStats.Entry entry = new NetworkStats.Entry();
-
- ProcFileReader reader = null;
- try {
- // open and consume header line
- reader = new ProcFileReader(new FileInputStream(mStatsXtIfaceFmt));
- reader.finishLine();
-
- while (reader.hasMoreData()) {
- entry.iface = reader.nextString();
- entry.uid = UID_ALL;
- entry.set = SET_ALL;
- entry.tag = TAG_NONE;
-
- entry.rxBytes = reader.nextLong();
- entry.rxPackets = reader.nextLong();
- entry.txBytes = reader.nextLong();
- entry.txPackets = reader.nextLong();
-
- stats.insertEntry(entry);
- reader.finishLine();
- }
- } catch (NullPointerException|NumberFormatException e) {
- throw protocolExceptionWithCause("problem parsing stats", e);
- } finally {
- IoUtils.closeQuietly(reader);
- StrictMode.setThreadPolicy(savedPolicy);
- }
- return stats;
+ return mDeps.getNetworkStatsDev();
}
public NetworkStats readNetworkStatsDetail() throws IOException {
@@ -330,38 +252,14 @@
// Take a defensive copy. mPersistSnapshot is mutated in some cases below
final NetworkStats prev = mPersistSnapshot.clone();
- if (USE_NATIVE_PARSING) {
- final NetworkStats stats =
- new NetworkStats(SystemClock.elapsedRealtime(), 0 /* initialSize */);
- if (mUseBpfStats) {
- requestSwapActiveStatsMapLocked();
- // Stats are always read from the inactive map, so they must be read after the
- // swap
- if (nativeReadNetworkStatsDetail(stats, mStatsXtUid.getAbsolutePath(), UID_ALL,
- INTERFACES_ALL, TAG_ALL, mUseBpfStats) != 0) {
- throw new IOException("Failed to parse network stats");
- }
-
- // BPF stats are incremental; fold into mPersistSnapshot.
- mPersistSnapshot.setElapsedRealtime(stats.getElapsedRealtime());
- mPersistSnapshot.combineAllValues(stats);
- } else {
- if (nativeReadNetworkStatsDetail(stats, mStatsXtUid.getAbsolutePath(), UID_ALL,
- INTERFACES_ALL, TAG_ALL, mUseBpfStats) != 0) {
- throw new IOException("Failed to parse network stats");
- }
- if (VALIDATE_NATIVE_STATS) {
- final NetworkStats javaStats = javaReadNetworkStatsDetail(mStatsXtUid,
- UID_ALL, INTERFACES_ALL, TAG_ALL);
- assertEquals(javaStats, stats);
- }
-
- mPersistSnapshot = stats;
- }
- } else {
- mPersistSnapshot = javaReadNetworkStatsDetail(mStatsXtUid, UID_ALL, INTERFACES_ALL,
- TAG_ALL);
- }
+ requestSwapActiveStatsMapLocked();
+ // Stats are always read from the inactive map, so they must be read after the
+ // swap
+ final NetworkStats stats = mDeps.getNetworkStatsDetail(
+ UID_ALL, INTERFACES_ALL, TAG_ALL);
+ // BPF stats are incremental; fold into mPersistSnapshot.
+ mPersistSnapshot.setElapsedRealtime(stats.getElapsedRealtime());
+ mPersistSnapshot.combineAllValues(stats);
NetworkStats adjustedStats = adjustForTunAnd464Xlat(mPersistSnapshot, prev, vpnArray);
@@ -399,60 +297,14 @@
}
/**
- * Parse and return {@link NetworkStats} with UID-level details. Values are
- * expected to monotonically increase since device boot.
+ * Remove stats from {@code mPersistSnapshot} and {@code mTunAnd464xlatAdjustedStats} for the
+ * given uids.
*/
- @VisibleForTesting
- public static NetworkStats javaReadNetworkStatsDetail(File detailPath, int limitUid,
- String[] limitIfaces, int limitTag)
- throws IOException {
- final StrictMode.ThreadPolicy savedPolicy = StrictMode.allowThreadDiskReads();
-
- final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 24);
- final NetworkStats.Entry entry = new NetworkStats.Entry();
-
- int idx = 1;
- int lastIdx = 1;
-
- ProcFileReader reader = null;
- try {
- // open and consume header line
- reader = new ProcFileReader(new FileInputStream(detailPath));
- reader.finishLine();
-
- while (reader.hasMoreData()) {
- idx = reader.nextInt();
- if (idx != lastIdx + 1) {
- throw new ProtocolException(
- "inconsistent idx=" + idx + " after lastIdx=" + lastIdx);
- }
- lastIdx = idx;
-
- entry.iface = reader.nextString();
- entry.tag = kernelToTag(reader.nextString());
- entry.uid = reader.nextInt();
- entry.set = reader.nextInt();
- entry.rxBytes = reader.nextLong();
- entry.rxPackets = reader.nextLong();
- entry.txBytes = reader.nextLong();
- entry.txPackets = reader.nextLong();
-
- if ((limitIfaces == null || CollectionUtils.contains(limitIfaces, entry.iface))
- && (limitUid == UID_ALL || limitUid == entry.uid)
- && (limitTag == TAG_ALL || limitTag == entry.tag)) {
- stats.insertEntry(entry);
- }
-
- reader.finishLine();
- }
- } catch (NullPointerException|NumberFormatException e) {
- throw protocolExceptionWithCause("problem parsing idx " + idx, e);
- } finally {
- IoUtils.closeQuietly(reader);
- StrictMode.setThreadPolicy(savedPolicy);
+ public void removeUidsLocked(int[] uids) {
+ synchronized (mPersistentDataLock) {
+ mPersistSnapshot.removeUids(uids);
+ mTunAnd464xlatAdjustedStats.removeUids(uids);
}
-
- return stats;
}
public void assertEquals(NetworkStats expected, NetworkStats actual) {
@@ -491,8 +343,8 @@
* are expected to monotonically increase since device boot.
*/
@VisibleForTesting
- public static native int nativeReadNetworkStatsDetail(NetworkStats stats, String path,
- int limitUid, String[] limitIfaces, int limitTag, boolean useBpfStats);
+ public static native int nativeReadNetworkStatsDetail(NetworkStats stats, int limitUid,
+ String[] limitIfaces, int limitTag);
@VisibleForTesting
public static native int nativeReadNetworkStatsDev(NetworkStats stats);
diff --git a/service-t/src/com/android/server/net/NetworkStatsRecorder.java b/service-t/src/com/android/server/net/NetworkStatsRecorder.java
index 768f3eb..3da1585 100644
--- a/service-t/src/com/android/server/net/NetworkStatsRecorder.java
+++ b/service-t/src/com/android/server/net/NetworkStatsRecorder.java
@@ -43,7 +43,6 @@
import libcore.io.IoUtils;
import java.io.ByteArrayOutputStream;
-import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
@@ -427,46 +426,6 @@
}
}
- public void importLegacyNetworkLocked(File file) throws IOException {
- Objects.requireNonNull(mRotator, "missing FileRotator");
-
- // legacy file still exists; start empty to avoid double importing
- mRotator.deleteAll();
-
- final NetworkStatsCollection collection = new NetworkStatsCollection(mBucketDuration);
- collection.readLegacyNetwork(file);
-
- final long startMillis = collection.getStartMillis();
- final long endMillis = collection.getEndMillis();
-
- if (!collection.isEmpty()) {
- // process legacy data, creating active file at starting time, then
- // using end time to possibly trigger rotation.
- mRotator.rewriteActive(new CombiningRewriter(collection), startMillis);
- mRotator.maybeRotate(endMillis);
- }
- }
-
- public void importLegacyUidLocked(File file) throws IOException {
- Objects.requireNonNull(mRotator, "missing FileRotator");
-
- // legacy file still exists; start empty to avoid double importing
- mRotator.deleteAll();
-
- final NetworkStatsCollection collection = new NetworkStatsCollection(mBucketDuration);
- collection.readLegacyUid(file, mOnlyTags);
-
- final long startMillis = collection.getStartMillis();
- final long endMillis = collection.getEndMillis();
-
- if (!collection.isEmpty()) {
- // process legacy data, creating active file at starting time, then
- // using end time to possibly trigger rotation.
- mRotator.rewriteActive(new CombiningRewriter(collection), startMillis);
- mRotator.maybeRotate(endMillis);
- }
- }
-
/**
* Import a specified {@link NetworkStatsCollection} instance into this recorder,
* and write it into a standalone file.
@@ -582,7 +541,8 @@
/**
* Recover from {@link FileRotator} failure by dumping state to
- * {@link DropBoxManager} and deleting contents.
+ * {@link DropBoxManager} and deleting contents if this recorder
+ * sets {@code mWipeOnError} to true, otherwise keep the contents.
*/
void recoverAndDeleteData() {
if (DUMP_BEFORE_DELETE) {
diff --git a/service-t/src/com/android/server/net/NetworkStatsService.java b/service-t/src/com/android/server/net/NetworkStatsService.java
index 4f0f341..0da7b6f 100644
--- a/service-t/src/com/android/server/net/NetworkStatsService.java
+++ b/service-t/src/com/android/server/net/NetworkStatsService.java
@@ -24,15 +24,18 @@
import static android.content.Intent.ACTION_UID_REMOVED;
import static android.content.Intent.ACTION_USER_REMOVED;
import static android.content.Intent.EXTRA_UID;
-import static android.content.pm.PackageManager.PERMISSION_GRANTED;
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
import static android.net.NetworkCapabilities.TRANSPORT_WIFI;
import static android.net.NetworkStats.DEFAULT_NETWORK_ALL;
+import static android.net.NetworkStats.DEFAULT_NETWORK_NO;
import static android.net.NetworkStats.IFACE_ALL;
import static android.net.NetworkStats.IFACE_VT;
import static android.net.NetworkStats.INTERFACES_ALL;
import static android.net.NetworkStats.METERED_ALL;
+import static android.net.NetworkStats.METERED_NO;
+import static android.net.NetworkStats.METERED_YES;
import static android.net.NetworkStats.ROAMING_ALL;
+import static android.net.NetworkStats.ROAMING_NO;
import static android.net.NetworkStats.SET_ALL;
import static android.net.NetworkStats.SET_DEFAULT;
import static android.net.NetworkStats.SET_FOREGROUND;
@@ -42,8 +45,8 @@
import static android.net.NetworkStats.TAG_NONE;
import static android.net.NetworkStats.UID_ALL;
import static android.net.NetworkStatsHistory.FIELD_ALL;
-import static android.net.NetworkTemplate.buildTemplateMobileWildcard;
-import static android.net.NetworkTemplate.buildTemplateWifiWildcard;
+import static android.net.NetworkTemplate.MATCH_MOBILE;
+import static android.net.NetworkTemplate.MATCH_WIFI;
import static android.net.TrafficStats.KB_IN_BYTES;
import static android.net.TrafficStats.MB_IN_BYTES;
import static android.net.TrafficStats.UID_TETHERING;
@@ -53,6 +56,7 @@
import static android.net.netstats.NetworkStatsDataMigrationUtils.PREFIX_XT;
import static android.os.Trace.TRACE_TAG_NETWORK;
import static android.system.OsConstants.ENOENT;
+import static android.system.OsConstants.R_OK;
import static android.telephony.SubscriptionManager.INVALID_SUBSCRIPTION_ID;
import static android.text.format.DateUtils.DAY_IN_MILLIS;
import static android.text.format.DateUtils.HOUR_IN_MILLIS;
@@ -130,6 +134,7 @@
import android.service.NetworkInterfaceProto;
import android.service.NetworkStatsServiceDumpProto;
import android.system.ErrnoException;
+import android.system.Os;
import android.telephony.PhoneStateListener;
import android.telephony.SubscriptionPlan;
import android.text.TextUtils;
@@ -149,6 +154,7 @@
import com.android.net.module.util.BaseNetdUnsolicitedEventListener;
import com.android.net.module.util.BestClock;
import com.android.net.module.util.BinderUtils;
+import com.android.net.module.util.BpfDump;
import com.android.net.module.util.BpfMap;
import com.android.net.module.util.CollectionUtils;
import com.android.net.module.util.DeviceConfigUtils;
@@ -156,8 +162,13 @@
import com.android.net.module.util.LocationPermissionChecker;
import com.android.net.module.util.NetworkStatsUtils;
import com.android.net.module.util.PermissionUtils;
-import com.android.net.module.util.Struct.U32;
+import com.android.net.module.util.SharedLog;
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.Struct.S32;
import com.android.net.module.util.Struct.U8;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
+import com.android.server.BpfNetMaps;
import java.io.File;
import java.io.FileDescriptor;
@@ -304,7 +315,7 @@
/**
* When enabled, all mobile data is reported under {@link NetworkTemplate#NETWORK_TYPE_ALL}.
* When disabled, mobile data is broken down by a granular ratType representative of the
- * actual ratType. {@see android.app.usage.NetworkStatsManager#getCollapsedRatType}.
+ * actual ratType. See {@link android.app.usage.NetworkStatsManager#getCollapsedRatType}.
* Enabling this decreases the level of detail but saves performance, disk space and
* amount of data logged.
*/
@@ -397,7 +408,7 @@
* mActiveUidCounterSet to avoid accessing kernel too frequently.
*/
private SparseIntArray mActiveUidCounterSet = new SparseIntArray();
- private final IBpfMap<U32, U8> mUidCounterSetMap;
+ private final IBpfMap<S32, U8> mUidCounterSetMap;
private final IBpfMap<CookieTagMapKey, CookieTagMapValue> mCookieTagMap;
private final IBpfMap<StatsMapKey, StatsMapValue> mStatsMapA;
private final IBpfMap<StatsMapKey, StatsMapValue> mStatsMapB;
@@ -445,6 +456,9 @@
@NonNull
private final BpfInterfaceMapUpdater mInterfaceMapUpdater;
+ @Nullable
+ private final SkDestroyListener mSkDestroyListener;
+
private static @NonNull Clock getDefaultClock() {
return new BestClock(ZoneOffset.UTC, SystemClock.currentNetworkTimeClock(),
Clock.systemUTC());
@@ -578,6 +592,18 @@
mStatsMapA = mDeps.getStatsMapA();
mStatsMapB = mDeps.getStatsMapB();
mAppUidStatsMap = mDeps.getAppUidStatsMap();
+
+ // TODO: Remove bpfNetMaps creation and always start SkDestroyListener
+ // Following code is for the experiment to verify the SkDestroyListener refactoring. Based
+ // on the experiment flag, BpfNetMaps starts C SkDestroyListener (existing code) or
+ // NetworkStatsService starts Java SkDestroyListener (new code).
+ final BpfNetMaps bpfNetMaps = mDeps.makeBpfNetMaps(mContext);
+ if (bpfNetMaps.isSkDestroyListenerRunning()) {
+ mSkDestroyListener = null;
+ } else {
+ mSkDestroyListener = mDeps.makeSkDestroyListener(mCookieTagMap, mHandler);
+ mHandler.post(mSkDestroyListener::start);
+ }
}
/**
@@ -715,10 +741,10 @@
}
/** Get counter sets map for each UID. */
- public IBpfMap<U32, U8> getUidCounterSetMap() {
+ public IBpfMap<S32, U8> getUidCounterSetMap() {
try {
- return new BpfMap<U32, U8>(UID_COUNTERSET_MAP_PATH, BpfMap.BPF_F_RDWR,
- U32.class, U8.class);
+ return new BpfMap<S32, U8>(UID_COUNTERSET_MAP_PATH, BpfMap.BPF_F_RDWR,
+ S32.class, U8.class);
} catch (ErrnoException e) {
Log.wtf(TAG, "Cannot open uid counter set map: " + e);
return null;
@@ -773,6 +799,17 @@
public boolean isDebuggable() {
return Build.isDebuggable();
}
+
+ /** Create a new BpfNetMaps. */
+ public BpfNetMaps makeBpfNetMaps(Context ctx) {
+ return new BpfNetMaps(ctx);
+ }
+
+ /** Create a new SkDestroyListener. */
+ public SkDestroyListener makeSkDestroyListener(
+ IBpfMap<CookieTagMapKey, CookieTagMapValue> cookieTagMap, Handler handler) {
+ return new SkDestroyListener(cookieTagMap, handler, new SharedLog(TAG));
+ }
}
/**
@@ -1284,7 +1321,7 @@
mNetd.bandwidthSetGlobalAlert(mGlobalAlertBytes);
} catch (IllegalStateException e) {
Log.w(TAG, "problem registering for global alert: " + e);
- } catch (RemoteException e) {
+ } catch (RemoteException | ServiceSpecificException e) {
// ignored; service lives in system_server
}
invokeForAllStatsProviderCallbacks((cb) -> cb.mProvider.onSetAlert(mGlobalAlertBytes));
@@ -1677,11 +1714,6 @@
@Override
public String[] getMobileIfaces() {
- // TODO (b/192758557): Remove debug log.
- if (CollectionUtils.contains(mMobileIfaces, null)) {
- throw new NullPointerException(
- "null element in mMobileIfaces: " + Arrays.toString(mMobileIfaces));
- }
return mMobileIfaces.clone();
}
@@ -1715,7 +1747,7 @@
if (set == SET_DEFAULT) {
try {
- mUidCounterSetMap.deleteEntry(new U32(uid));
+ mUidCounterSetMap.deleteEntry(new S32(uid));
} catch (ErrnoException e) {
Log.w(TAG, "UidCounterSetMap.deleteEntry(" + uid + ") failed with errno: " + e);
}
@@ -1723,7 +1755,7 @@
}
try {
- mUidCounterSetMap.updateEntry(new U32(uid), new U8((short) set));
+ mUidCounterSetMap.updateEntry(new S32(uid), new U8((short) set));
} catch (ErrnoException e) {
Log.w(TAG, "UidCounterSetMap.updateEntry(" + uid + ", " + set
+ ") failed with errno: " + e);
@@ -2152,11 +2184,6 @@
}
mMobileIfaces = mobileIfaces.toArray(new String[0]);
- // TODO (b/192758557): Remove debug log.
- if (CollectionUtils.contains(mMobileIfaces, null)) {
- throw new NullPointerException(
- "null element in mMobileIfaces: " + Arrays.toString(mMobileIfaces));
- }
}
private static int getSubIdForMobile(@NonNull NetworkStateSnapshot state) {
@@ -2370,7 +2397,7 @@
NetworkStats.Entry uidTotal;
// collect mobile sample
- template = buildTemplateMobileWildcard();
+ template = new NetworkTemplate.Builder(MATCH_MOBILE).setMeteredness(METERED_YES).build();
devTotal = mDevRecorder.getTotalSinceBootLocked(template);
xtTotal = mXtRecorder.getTotalSinceBootLocked(template);
uidTotal = mUidRecorder.getTotalSinceBootLocked(template);
@@ -2382,7 +2409,7 @@
currentTime);
// collect wifi sample
- template = buildTemplateWifiWildcard();
+ template = new NetworkTemplate.Builder(MATCH_WIFI).build();
devTotal = mDevRecorder.getTotalSinceBootLocked(template);
xtTotal = mXtRecorder.getTotalSinceBootLocked(template);
uidTotal = mUidRecorder.getTotalSinceBootLocked(template);
@@ -2445,7 +2472,7 @@
deleteStatsMapTagData(mStatsMapB, uid);
try {
- mUidCounterSetMap.deleteEntry(new U32(uid));
+ mUidCounterSetMap.deleteEntry(new S32(uid));
} catch (ErrnoException e) {
logErrorIfNotErrNoent(e, "Failed to delete tag data from uid counter set map");
}
@@ -2470,13 +2497,13 @@
mUidRecorder.removeUidsLocked(uids);
mUidTagRecorder.removeUidsLocked(uids);
+ mStatsFactory.removeUidsLocked(uids);
// Clear kernel stats associated with UID
for (int uid : uids) {
deleteKernelTagData(uid);
}
-
- // TODO: Remove the UID's entries from mOpenSessionCallsPerUid and
- // mOpenSessionCallsPerCaller
+ // TODO: Remove the UID's entries from mOpenSessionCallsPerUid and
+ // mOpenSessionCallsPerCaller
}
/**
@@ -2534,6 +2561,7 @@
// usage: dumpsys netstats --full --uid --tag --poll --checkin
final boolean poll = argSet.contains("--poll") || argSet.contains("poll");
final boolean checkin = argSet.contains("--checkin");
+ final boolean bpfRawMap = argSet.contains("--bpfRawMap");
final boolean fullHistory = argSet.contains("--full") || argSet.contains("full");
final boolean includeUid = argSet.contains("--uid") || argSet.contains("detail");
final boolean includeTag = argSet.contains("--tag") || argSet.contains("detail");
@@ -2575,6 +2603,11 @@
return;
}
+ if (bpfRawMap) {
+ dumpRawMapLocked(pw, args);
+ return;
+ }
+
pw.println("Directory:");
pw.increaseIndent();
pw.println(mStatsDir);
@@ -2706,6 +2739,31 @@
mUidTagRecorder.dumpLocked(pw, fullHistory);
pw.decreaseIndent();
}
+
+ pw.println();
+ pw.println("InterfaceMapUpdater:");
+ pw.increaseIndent();
+ mInterfaceMapUpdater.dump(pw);
+ pw.decreaseIndent();
+
+ pw.println();
+ pw.println("BPF map status:");
+ pw.increaseIndent();
+ dumpMapStatus(pw);
+ pw.decreaseIndent();
+ pw.println();
+
+ // Following BPF map content dump contains uid and tag regardless of the flags because
+ // following dumps are moved from TrafficController and bug report already contains this
+ // information.
+ pw.println("BPF map content:");
+ pw.increaseIndent();
+ dumpCookieTagMapLocked(pw);
+ dumpUidCounterSetMapLocked(pw);
+ dumpAppUidStatsMapLocked(pw);
+ dumpStatsMapLocked(mStatsMapA, pw, "mStatsMapA");
+ dumpStatsMapLocked(mStatsMapB, pw, "mStatsMapB");
+ pw.decreaseIndent();
}
}
@@ -2728,6 +2786,38 @@
proto.flush();
}
+ private <K extends Struct, V extends Struct> void dumpRawMap(IBpfMap<K, V> map,
+ IndentingPrintWriter pw) throws ErrnoException {
+ if (map == null) {
+ pw.println("Map is null");
+ return;
+ }
+ if (map.isEmpty()) {
+ pw.println("No entries");
+ return;
+ }
+ // If there is a concurrent entry deletion, value could be null. http://b/220084230.
+ // Also, map.forEach could restart iteration from the beginning and dump could contain
+ // duplicated entries. User of this dump needs to take care of the duplicated entries.
+ map.forEach((k, v) -> {
+ if (v != null) {
+ pw.println(BpfDump.toBase64EncodedString(k, v));
+ }
+ });
+ }
+
+ @GuardedBy("mStatsLock")
+ private void dumpRawMapLocked(final IndentingPrintWriter pw, final String[] args) {
+ if (CollectionUtils.contains(args, "--cookieTagMap")) {
+ try {
+ dumpRawMap(mCookieTagMap, pw);
+ } catch (ErrnoException e) {
+ pw.println("Error dumping cookieTag map: " + e);
+ }
+ return;
+ }
+ }
+
private static void dumpInterfaces(ProtoOutputStream proto, long tag,
ArrayMap<String, NetworkIdentitySet> ifaces) {
for (int i = 0; i < ifaces.size(); i++) {
@@ -2740,6 +2830,85 @@
}
}
+ private <K extends Struct, V extends Struct> String getMapStatus(
+ final IBpfMap<K, V> map, final String path) {
+ if (map != null) {
+ return "OK";
+ }
+ try {
+ Os.access(path, R_OK);
+ return "NULL(map is pinned to " + path + ")";
+ } catch (ErrnoException e) {
+ return "NULL(map is not pinned to " + path + ": " + Os.strerror(e.errno) + ")";
+ }
+ }
+
+ private void dumpMapStatus(final IndentingPrintWriter pw) {
+ pw.println("mCookieTagMap: " + getMapStatus(mCookieTagMap, COOKIE_TAG_MAP_PATH));
+ pw.println("mUidCounterSetMap: "
+ + getMapStatus(mUidCounterSetMap, UID_COUNTERSET_MAP_PATH));
+ pw.println("mAppUidStatsMap: " + getMapStatus(mAppUidStatsMap, APP_UID_STATS_MAP_PATH));
+ pw.println("mStatsMapA: " + getMapStatus(mStatsMapA, STATS_MAP_A_PATH));
+ pw.println("mStatsMapB: " + getMapStatus(mStatsMapB, STATS_MAP_B_PATH));
+ }
+
+ @GuardedBy("mStatsLock")
+ private void dumpCookieTagMapLocked(final IndentingPrintWriter pw) {
+ if (mCookieTagMap == null) {
+ return;
+ }
+ BpfDump.dumpMap(mCookieTagMap, pw, "mCookieTagMap",
+ (key, value) -> "cookie=" + key.socketCookie
+ + " tag=0x" + Long.toHexString(value.tag)
+ + " uid=" + value.uid);
+ }
+
+ @GuardedBy("mStatsLock")
+ private void dumpUidCounterSetMapLocked(final IndentingPrintWriter pw) {
+ if (mUidCounterSetMap == null) {
+ return;
+ }
+ BpfDump.dumpMap(mUidCounterSetMap, pw, "mUidCounterSetMap",
+ (uid, set) -> "uid=" + uid.val + " set=" + set.val);
+ }
+
+ @GuardedBy("mStatsLock")
+ private void dumpAppUidStatsMapLocked(final IndentingPrintWriter pw) {
+ if (mAppUidStatsMap == null) {
+ return;
+ }
+ BpfDump.dumpMap(mAppUidStatsMap, pw, "mAppUidStatsMap",
+ "uid rxBytes rxPackets txBytes txPackets",
+ (key, value) -> key.uid + " "
+ + value.rxBytes + " "
+ + value.rxPackets + " "
+ + value.txBytes + " "
+ + value.txPackets);
+ }
+
+ @GuardedBy("mStatsLock")
+ private void dumpStatsMapLocked(final IBpfMap<StatsMapKey, StatsMapValue> statsMap,
+ final IndentingPrintWriter pw, final String mapName) {
+ if (statsMap == null) {
+ return;
+ }
+
+ BpfDump.dumpMap(statsMap, pw, mapName,
+ "ifaceIndex ifaceName tag_hex uid_int cnt_set rxBytes rxPackets txBytes txPackets",
+ (key, value) -> {
+ final String ifName = mInterfaceMapUpdater.getIfNameByIndex(key.ifaceIndex);
+ return key.ifaceIndex + " "
+ + (ifName != null ? ifName : "unknown") + " "
+ + "0x" + Long.toHexString(key.tag) + " "
+ + key.uid + " "
+ + key.counterSet + " "
+ + value.rxBytes + " "
+ + value.rxPackets + " "
+ + value.txBytes + " "
+ + value.txPackets;
+ });
+ }
+
private NetworkStats readNetworkStatsSummaryDev() {
try {
return mStatsFactory.readNetworkStatsSummaryDev();
@@ -2814,36 +2983,19 @@
for (TetherStatsParcel tetherStats : tetherStatsParcels) {
try {
stats.combineValues(new NetworkStats.Entry(tetherStats.iface, UID_TETHERING,
- SET_DEFAULT, TAG_NONE, tetherStats.rxBytes, tetherStats.rxPackets,
+ SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO,
+ tetherStats.rxBytes, tetherStats.rxPackets,
tetherStats.txBytes, tetherStats.txPackets, 0L));
} catch (ArrayIndexOutOfBoundsException e) {
throw new IllegalStateException("invalid tethering stats " + e);
}
}
- } catch (IllegalStateException e) {
+ } catch (IllegalStateException | ServiceSpecificException e) {
Log.wtf(TAG, "problem reading network stats", e);
}
return stats;
}
- // TODO: It is copied from ConnectivityService, consider refactor these check permission
- // functions to a proper util.
- private boolean checkAnyPermissionOf(String... permissions) {
- for (String permission : permissions) {
- if (mContext.checkCallingOrSelfPermission(permission) == PERMISSION_GRANTED) {
- return true;
- }
- }
- return false;
- }
-
- private void enforceAnyPermissionOf(String... permissions) {
- if (!checkAnyPermissionOf(permissions)) {
- throw new SecurityException("Requires one of the following permissions: "
- + String.join(", ", permissions) + ".");
- }
- }
-
/**
* Registers a custom provider of {@link android.net.NetworkStats} to combine the network
* statistics that cannot be seen by the kernel to system. To unregister, invoke the
@@ -2858,7 +3010,7 @@
*/
public @NonNull INetworkStatsProviderCallback registerNetworkStatsProvider(
@NonNull String tag, @NonNull INetworkStatsProvider provider) {
- enforceAnyPermissionOf(NETWORK_STATS_PROVIDER,
+ PermissionUtils.enforceAnyPermissionOf(mContext, NETWORK_STATS_PROVIDER,
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
Objects.requireNonNull(provider, "provider is null");
Objects.requireNonNull(tag, "tag is null");
diff --git a/service-t/src/com/android/server/net/SkDestroyListener.java b/service-t/src/com/android/server/net/SkDestroyListener.java
new file mode 100644
index 0000000..7b68f89
--- /dev/null
+++ b/service-t/src/com/android/server/net/SkDestroyListener.java
@@ -0,0 +1,75 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.net;
+
+import static android.system.OsConstants.NETLINK_INET_DIAG;
+
+import android.os.Handler;
+import android.system.ErrnoException;
+
+import com.android.net.module.util.IBpfMap;
+import com.android.net.module.util.SharedLog;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
+import com.android.net.module.util.ip.NetlinkMonitor;
+import com.android.net.module.util.netlink.InetDiagMessage;
+import com.android.net.module.util.netlink.NetlinkMessage;
+import com.android.net.module.util.netlink.StructInetDiagSockId;
+
+/**
+ * Monitor socket destroy and delete entry from cookie tag bpf map.
+ */
+public class SkDestroyListener extends NetlinkMonitor {
+ private static final int SKNLGRP_INET_TCP_DESTROY = 1;
+ private static final int SKNLGRP_INET_UDP_DESTROY = 2;
+ private static final int SKNLGRP_INET6_TCP_DESTROY = 3;
+ private static final int SKNLGRP_INET6_UDP_DESTROY = 4;
+
+ // TODO: if too many sockets are closed too quickly, this can overflow the socket buffer, and
+ // some entries in mCookieTagMap will not be freed. In order to fix this it would be needed to
+ // periodically dump all sockets and remove the tag entries for sockets that have been closed.
+ // For now, set a large-enough buffer that hundreds of sockets can be closed without getting
+ // ENOBUFS and leaking mCookieTagMap entries.
+ private static final int SOCK_RCV_BUF_SIZE = 512 * 1024;
+
+ private final IBpfMap<CookieTagMapKey, CookieTagMapValue> mCookieTagMap;
+
+ SkDestroyListener(final IBpfMap<CookieTagMapKey, CookieTagMapValue> cookieTagMap,
+ final Handler handler, final SharedLog log) {
+ super(handler, log, "SkDestroyListener", NETLINK_INET_DIAG,
+ 1 << (SKNLGRP_INET_TCP_DESTROY - 1)
+ | 1 << (SKNLGRP_INET_UDP_DESTROY - 1)
+ | 1 << (SKNLGRP_INET6_TCP_DESTROY - 1)
+ | 1 << (SKNLGRP_INET6_UDP_DESTROY - 1),
+ SOCK_RCV_BUF_SIZE);
+ mCookieTagMap = cookieTagMap;
+ }
+
+ @Override
+ public void processNetlinkMessage(final NetlinkMessage nlMsg, final long whenMs) {
+ if (!(nlMsg instanceof InetDiagMessage)) {
+ mLog.e("Received non InetDiagMessage");
+ return;
+ }
+ final StructInetDiagSockId sockId = ((InetDiagMessage) nlMsg).inetDiagMsg.id;
+ try {
+ mCookieTagMap.deleteEntry(new CookieTagMapKey(sockId.cookie));
+ } catch (ErrnoException e) {
+ mLog.e("Failed to delete CookieTagMap entry for " + sockId.cookie + ": " + e);
+ }
+ }
+}
diff --git a/service-t/src/com/android/server/net/StatsMapKey.java b/service-t/src/com/android/server/net/StatsMapKey.java
index ea8d836..44269b3 100644
--- a/service-t/src/com/android/server/net/StatsMapKey.java
+++ b/service-t/src/com/android/server/net/StatsMapKey.java
@@ -24,8 +24,8 @@
* Key for both stats maps.
*/
public class StatsMapKey extends Struct {
- @Field(order = 0, type = Type.U32)
- public final long uid;
+ @Field(order = 0, type = Type.S32)
+ public final int uid;
@Field(order = 1, type = Type.U32)
public final long tag;
@@ -33,11 +33,11 @@
@Field(order = 2, type = Type.U32)
public final long counterSet;
- @Field(order = 3, type = Type.U32)
- public final long ifaceIndex;
+ @Field(order = 3, type = Type.S32)
+ public final int ifaceIndex;
- public StatsMapKey(final long uid, final long tag, final long counterSet,
- final long ifaceIndex) {
+ public StatsMapKey(final int uid, final long tag, final long counterSet,
+ final int ifaceIndex) {
this.uid = uid;
this.tag = tag;
this.counterSet = counterSet;
diff --git a/service-t/src/com/android/server/net/UidStatsMapKey.java b/service-t/src/com/android/server/net/UidStatsMapKey.java
index 2849f94..59025fd 100644
--- a/service-t/src/com/android/server/net/UidStatsMapKey.java
+++ b/service-t/src/com/android/server/net/UidStatsMapKey.java
@@ -24,10 +24,10 @@
* Key for uid stats map.
*/
public class UidStatsMapKey extends Struct {
- @Field(order = 0, type = Type.U32)
- public final long uid;
+ @Field(order = 0, type = Type.S32)
+ public final int uid;
- public UidStatsMapKey(final long uid) {
+ public UidStatsMapKey(final int uid) {
this.uid = uid;
}
}
diff --git a/service/Android.bp b/service/Android.bp
index 45e43bc..0a00362 100644
--- a/service/Android.bp
+++ b/service/Android.bp
@@ -143,8 +143,7 @@
"src/**/*.java",
":framework-connectivity-shared-srcs",
":services-connectivity-shared-srcs",
- // TODO: move to net-utils-device-common
- ":connectivity-module-utils-srcs",
+ ":statslog-connectivity-java-gen",
],
libs: [
"framework-annotations-lib",
@@ -154,15 +153,18 @@
"framework-wifi.stubs.module_lib",
"unsupportedappusage",
"ServiceConnectivityResources",
+ "framework-statsd.stubs.module_lib",
],
static_libs: [
// Do not add libs here if they are already included
// in framework-connectivity
+ "connectivity-net-module-utils-bpf",
"connectivity_native_aidl_interface-lateststable-java",
"dnsresolver_aidl_interface-V9-java",
"modules-utils-shell-command-handler",
"net-utils-device-common",
"net-utils-device-common-bpf",
+ "net-utils-device-common-ip",
"net-utils-device-common-netlink",
"net-utils-services-common",
"netd-client",
@@ -181,6 +183,25 @@
],
}
+// TODO: Remove this temporary library and put code into module when test coverage is enough.
+java_library {
+ name: "service-mdns",
+ sdk_version: "system_server_current",
+ min_sdk_version: "30",
+ srcs: [
+ "mdns/**/*.java",
+ ],
+ libs: [
+ "framework-annotations-lib",
+ "framework-connectivity-pre-jarjar",
+ "framework-wifi.stubs.module_lib",
+ "service-connectivity-pre-jarjar",
+ ],
+ visibility: [
+ "//packages/modules/Connectivity/tests:__subpackages__",
+ ],
+}
+
java_library {
name: "service-connectivity-protos",
sdk_version: "system_current",
@@ -202,22 +223,38 @@
name: "service-connectivity-defaults",
sdk_version: "system_server_current",
min_sdk_version: "30",
+ defaults: [
+ "standalone-system-server-module-optimize-defaults",
+ ],
// This library combines system server jars that have access to different bootclasspath jars.
// Lower SDK service jars must not depend on higher SDK jars as that would let them
// transitively depend on the wrong bootclasspath jars. Sources also cannot be added here as
- // they would transitively depend on bootclasspath jars that may not be available.
+ // they would depend on bootclasspath jars that may not be available.
static_libs: [
"service-connectivity-pre-jarjar",
"service-connectivity-tiramisu-pre-jarjar",
"service-nearby-pre-jarjar",
],
+ // The below libraries are not actually needed to build since no source is compiled
+ // (only combining prebuilt static_libs), but they are necessary so that R8 has the right
+ // references to optimize the code. Without these, there will be missing class warnings and
+ // code may be wrongly optimized.
+ // R8 runs after jarjar, so the framework-X libraries need to be the post-jarjar artifacts
+ // (.impl), if they are not just stubs, so that the name of jarjared classes match.
+ libs: [
+ "androidx.annotation_annotation",
+ "framework-annotations-lib",
+ "framework-connectivity.impl",
+ "framework-connectivity-t.impl",
+ "framework-tethering.stubs.module_lib",
+ "framework-wifi.stubs.module_lib",
+ "libprotobuf-java-nano",
+ ],
jarjar_rules: ":connectivity-jarjar-rules",
apex_available: [
"com.android.tethering",
],
optimize: {
- enabled: true,
- shrink: true,
proguard_flags_files: ["proguard.flags"],
},
lint: { strict_updatability_linting: true },
@@ -241,9 +278,15 @@
installable: true,
}
-filegroup {
+genrule {
name: "connectivity-jarjar-rules",
- srcs: ["jarjar-rules.txt"],
+ defaults: ["jarjar-rules-combine-defaults"],
+ srcs: [
+ ":framework-connectivity-jarjar-rules",
+ ":service-connectivity-jarjar-gen",
+ ":service-nearby-jarjar-gen",
+ ],
+ out: ["connectivity-jarjar-rules.txt"],
visibility: ["//packages/modules/Connectivity:__subpackages__"],
}
@@ -254,3 +297,48 @@
srcs: ["src/com/android/server/BpfNetMaps.java"],
visibility: ["//packages/modules/Connectivity:__subpackages__"],
}
+
+java_genrule {
+ name: "service-connectivity-jarjar-gen",
+ tool_files: [
+ ":service-connectivity-pre-jarjar{.jar}",
+ ":service-connectivity-tiramisu-pre-jarjar{.jar}",
+ "jarjar-excludes.txt",
+ ],
+ tools: [
+ "jarjar-rules-generator",
+ ],
+ out: ["service_connectivity_jarjar_rules.txt"],
+ cmd: "$(location jarjar-rules-generator) " +
+ "$(location :service-connectivity-pre-jarjar{.jar}) " +
+ "$(location :service-connectivity-tiramisu-pre-jarjar{.jar}) " +
+ "--prefix android.net.connectivity " +
+ "--excludes $(location jarjar-excludes.txt) " +
+ "--output $(out)",
+ visibility: ["//visibility:private"],
+}
+
+java_genrule {
+ name: "service-nearby-jarjar-gen",
+ tool_files: [
+ ":service-nearby-pre-jarjar{.jar}",
+ "jarjar-excludes.txt",
+ ],
+ tools: [
+ "jarjar-rules-generator",
+ ],
+ out: ["service_nearby_jarjar_rules.txt"],
+ cmd: "$(location jarjar-rules-generator) " +
+ "$(location :service-nearby-pre-jarjar{.jar}) " +
+ "--prefix com.android.server.nearby " +
+ "--excludes $(location jarjar-excludes.txt) " +
+ "--output $(out)",
+ visibility: ["//visibility:private"],
+}
+
+genrule {
+ name: "statslog-connectivity-java-gen",
+ tools: ["stats-log-api-gen"],
+ cmd: "$(location stats-log-api-gen) --java $(out) --module connectivity --javaPackage com.android.server --javaClass ConnectivityStatsLog",
+ out: ["com/android/server/ConnectivityStatsLog.java"],
+}
diff --git a/service/ServiceConnectivityResources/res/values-es-rUS/strings.xml b/service/ServiceConnectivityResources/res/values-es-rUS/strings.xml
index fdca468..b24dee0 100644
--- a/service/ServiceConnectivityResources/res/values-es-rUS/strings.xml
+++ b/service/ServiceConnectivityResources/res/values-es-rUS/strings.xml
@@ -22,7 +22,7 @@
<string name="network_available_sign_in" msgid="2622520134876355561">"Acceder a la red"</string>
<!-- no translation found for network_available_sign_in_detailed (8439369644697866359) -->
<skip />
- <string name="wifi_no_internet" msgid="1326348603404555475">"<xliff:g id="NETWORK_SSID">%1$s</xliff:g>no tiene acceso a Internet"</string>
+ <string name="wifi_no_internet" msgid="1326348603404555475">"<xliff:g id="NETWORK_SSID">%1$s</xliff:g> no tiene acceso a Internet"</string>
<string name="wifi_no_internet_detailed" msgid="1746921096565304090">"Presiona para ver opciones"</string>
<string name="mobile_no_internet" msgid="4087718456753201450">"La red móvil no tiene acceso a Internet"</string>
<string name="other_networks_no_internet" msgid="5693932964749676542">"La red no tiene acceso a Internet"</string>
diff --git a/service/ServiceConnectivityResources/res/values-kk/strings.xml b/service/ServiceConnectivityResources/res/values-kk/strings.xml
index 00c0f39..efe23b6 100644
--- a/service/ServiceConnectivityResources/res/values-kk/strings.xml
+++ b/service/ServiceConnectivityResources/res/values-kk/strings.xml
@@ -33,7 +33,7 @@
<string name="network_switch_metered_detail" msgid="1257300152739542096">"Құрылғы <xliff:g id="PREVIOUS_NETWORK">%2$s</xliff:g> желісінде интернетпен байланыс жоғалған жағдайда <xliff:g id="NEW_NETWORK">%1$s</xliff:g> желісін пайдаланады. Деректер ақысы алынуы мүмкін."</string>
<string name="network_switch_metered_toast" msgid="70691146054130335">"<xliff:g id="PREVIOUS_NETWORK">%1$s</xliff:g> желісінен <xliff:g id="NEW_NETWORK">%2$s</xliff:g> желісіне ауысты"</string>
<string-array name="network_switch_type_name">
- <item msgid="3004933964374161223">"мобильдік деректер"</item>
+ <item msgid="3004933964374161223">"мобильдік интернет"</item>
<item msgid="5624324321165953608">"Wi-Fi"</item>
<item msgid="5667906231066981731">"Bluetooth"</item>
<item msgid="346574747471703768">"Ethernet"</item>
diff --git a/service/ServiceConnectivityResources/res/values-nb/strings.xml b/service/ServiceConnectivityResources/res/values-nb/strings.xml
index 00a0728..4439048 100644
--- a/service/ServiceConnectivityResources/res/values-nb/strings.xml
+++ b/service/ServiceConnectivityResources/res/values-nb/strings.xml
@@ -34,7 +34,7 @@
<string name="network_switch_metered_toast" msgid="70691146054130335">"Byttet fra <xliff:g id="PREVIOUS_NETWORK">%1$s</xliff:g> til <xliff:g id="NEW_NETWORK">%2$s</xliff:g>"</string>
<string-array name="network_switch_type_name">
<item msgid="3004933964374161223">"mobildata"</item>
- <item msgid="5624324321165953608">"Wi-Fi"</item>
+ <item msgid="5624324321165953608">"Wifi"</item>
<item msgid="5667906231066981731">"Bluetooth"</item>
<item msgid="346574747471703768">"Ethernet"</item>
<item msgid="5734728378097476003">"VPN"</item>
diff --git a/service/ServiceConnectivityResources/res/values-ro/strings.xml b/service/ServiceConnectivityResources/res/values-ro/strings.xml
index fa5848f..4ff5290 100644
--- a/service/ServiceConnectivityResources/res/values-ro/strings.xml
+++ b/service/ServiceConnectivityResources/res/values-ro/strings.xml
@@ -18,12 +18,12 @@
<resources xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<string name="connectivityResourcesAppLabel" msgid="2476261877900882974">"Resurse pentru conectivitatea sistemului"</string>
- <string name="wifi_available_sign_in" msgid="8041178343789805553">"Conectați-vă la rețeaua Wi-Fi"</string>
- <string name="network_available_sign_in" msgid="2622520134876355561">"Conectați-vă la rețea"</string>
+ <string name="wifi_available_sign_in" msgid="8041178343789805553">"Conectează-te la rețeaua Wi-Fi"</string>
+ <string name="network_available_sign_in" msgid="2622520134876355561">"Conectează-te la rețea"</string>
<!-- no translation found for network_available_sign_in_detailed (8439369644697866359) -->
<skip />
<string name="wifi_no_internet" msgid="1326348603404555475">"<xliff:g id="NETWORK_SSID">%1$s</xliff:g> nu are acces la internet"</string>
- <string name="wifi_no_internet_detailed" msgid="1746921096565304090">"Atingeți pentru opțiuni"</string>
+ <string name="wifi_no_internet_detailed" msgid="1746921096565304090">"Atinge pentru opțiuni"</string>
<string name="mobile_no_internet" msgid="4087718456753201450">"Rețeaua mobilă nu are acces la internet"</string>
<string name="other_networks_no_internet" msgid="5693932964749676542">"Rețeaua nu are acces la internet"</string>
<string name="private_dns_broken_detailed" msgid="2677123850463207823">"Serverul DNS privat nu poate fi accesat"</string>
diff --git a/service/ServiceConnectivityResources/res/values/config.xml b/service/ServiceConnectivityResources/res/values/config.xml
index bff6953..22d9b01 100644
--- a/service/ServiceConnectivityResources/res/values/config.xml
+++ b/service/ServiceConnectivityResources/res/values/config.xml
@@ -78,6 +78,27 @@
Settings.Global.NETWORK_AVOID_BAD_WIFI. This is the default value of that setting. -->
<integer translatable="false" name="config_networkAvoidBadWifi">1</integer>
+ <!-- Whether the device should actively prefer bad wifi to good cell on Android 12/13.
+
+ This setting only makes sense if the system is configured not to avoid bad wifis
+ (config_networkAvoidBadWifi=0 and Settings.Global.NETWORK_AVOID_BAD_WIFI=IGNORE
+ or PROMPT), otherwise it's not used.
+
+ On Android 12 and 13, if this is 0, when ranking a bad wifi that never validated against
+ validated mobile data, the system will prefer mobile data. It will prefer wifi if wifi
+ loses validation later. This is the default behavior up to Android 13.
+ This behavior avoids the device losing internet access when walking past a wifi network
+ with no internet access.
+
+ If this is 1, then in the same scenario, the system will prefer mobile data until the wifi
+ completes its first validation attempt (or the attempt times out), and after that it
+ will prefer the wifi even if it doesn't provide internet access, unless there is a captive
+ portal on that wifi.
+
+ On Android 14 and above, the behavior is always like 1, regardless of the value of this
+ setting. -->
+ <integer translatable="false" name="config_activelyPreferBadWifi">0</integer>
+
<!-- Array of ConnectivityManager.TYPE_xxxx constants for networks that may only
be controlled by systemOrSignature apps. -->
<integer-array translatable="false" name="config_protectedNetworks">
diff --git a/service/ServiceConnectivityResources/res/values/overlayable.xml b/service/ServiceConnectivityResources/res/values/overlayable.xml
index 3389d63..4c85e8c 100644
--- a/service/ServiceConnectivityResources/res/values/overlayable.xml
+++ b/service/ServiceConnectivityResources/res/values/overlayable.xml
@@ -24,6 +24,7 @@
<item type="integer" name="config_networkMeteredMultipathPreference"/>
<item type="array" name="config_networkSupportedKeepaliveCount"/>
<item type="integer" name="config_networkAvoidBadWifi"/>
+ <item type="integer" name="config_activelyPreferBadWifi"/>
<item type="array" name="config_protectedNetworks"/>
<item type="bool" name="config_vehicleInternalNetworkAlwaysRequested"/>
<item type="integer" name="config_networkWakeupPacketMark"/>
diff --git a/service/jarjar-excludes.txt b/service/jarjar-excludes.txt
new file mode 100644
index 0000000..b0d6763
--- /dev/null
+++ b/service/jarjar-excludes.txt
@@ -0,0 +1,9 @@
+# Classes loaded by SystemServer via their hardcoded name, so they can't be jarjared
+com\.android\.server\.ConnectivityServiceInitializer(\$.+)?
+com\.android\.server\.NetworkStatsServiceInitializer(\$.+)?
+
+# Do not jarjar com.android.server, as several unit tests fail because they lose
+# package-private visibility between jarjared and non-jarjared classes.
+# TODO: fix the tests and also jarjar com.android.server, or at least only exclude a package that
+# is specific to the module like com.android.server.connectivity
+com\.android\.server\..+
diff --git a/service/jarjar-rules.txt b/service/jarjar-rules.txt
deleted file mode 100644
index 4013d2e..0000000
--- a/service/jarjar-rules.txt
+++ /dev/null
@@ -1,124 +0,0 @@
-# Classes in framework-connectivity are restricted to the android.net package.
-# This cannot be changed because it is harcoded in ART in S.
-# Any missing jarjar rule for framework-connectivity would be caught by the
-# build as an unexpected class outside of the android.net package.
-rule com.android.net.module.util.** android.net.connectivity.@0
-rule com.android.modules.utils.** android.net.connectivity.@0
-rule android.net.NetworkFactory* android.net.connectivity.@0
-
-# From modules-utils-preconditions
-rule com.android.internal.util.Preconditions* android.net.connectivity.@0
-
-# From framework-connectivity-shared-srcs
-rule android.util.LocalLog* android.net.connectivity.@0
-rule android.util.IndentingPrintWriter* android.net.connectivity.@0
-rule com.android.internal.util.IndentingPrintWriter* android.net.connectivity.@0
-rule com.android.internal.util.MessageUtils* android.net.connectivity.@0
-rule com.android.internal.util.WakeupMessage* android.net.connectivity.@0
-rule com.android.internal.util.FileRotator* android.net.connectivity.@0
-rule com.android.internal.util.ProcFileReader* android.net.connectivity.@0
-
-# From framework-connectivity-protos
-rule com.google.protobuf.** android.net.connectivity.@0
-rule android.service.** android.net.connectivity.@0
-
-rule android.sysprop.** com.android.connectivity.@0
-
-rule com.android.internal.messages.** com.android.connectivity.@0
-
-# From dnsresolver_aidl_interface (newer AIDLs should go to android.net.resolv.aidl)
-rule android.net.resolv.aidl.** com.android.connectivity.@0
-rule android.net.IDnsResolver* com.android.connectivity.@0
-rule android.net.ResolverHostsParcel* com.android.connectivity.@0
-rule android.net.ResolverOptionsParcel* com.android.connectivity.@0
-rule android.net.ResolverParamsParcel* com.android.connectivity.@0
-rule android.net.ResolverParamsParcel* com.android.connectivity.@0
-# Also includes netd event listener AIDL, but this is handled by netd-client rules
-
-# From netd-client (newer AIDLs should go to android.net.netd.aidl)
-rule android.net.netd.aidl.** com.android.connectivity.@0
-# Avoid including android.net.INetdEventCallback, used in tests but not part of the module
-rule android.net.INetd com.android.connectivity.@0
-rule android.net.INetd$* com.android.connectivity.@0
-rule android.net.INetdUnsolicitedEventListener* com.android.connectivity.@0
-rule android.net.InterfaceConfigurationParcel* com.android.connectivity.@0
-rule android.net.MarkMaskParcel* com.android.connectivity.@0
-rule android.net.NativeNetworkConfig* com.android.connectivity.@0
-rule android.net.NativeNetworkType* com.android.connectivity.@0
-rule android.net.NativeVpnType* com.android.connectivity.@0
-rule android.net.RouteInfoParcel* com.android.connectivity.@0
-rule android.net.TetherConfigParcel* com.android.connectivity.@0
-rule android.net.TetherOffloadRuleParcel* com.android.connectivity.@0
-rule android.net.TetherStatsParcel* com.android.connectivity.@0
-rule android.net.UidRangeParcel* com.android.connectivity.@0
-rule android.net.metrics.INetdEventListener* com.android.connectivity.@0
-
-# From netlink-client
-rule android.net.netlink.** com.android.connectivity.@0
-
-# From networkstack-client (newer AIDLs should go to android.net.[networkstack|ipmemorystore].aidl)
-rule android.net.networkstack.aidl.** com.android.connectivity.@0
-rule android.net.ipmemorystore.aidl.** com.android.connectivity.@0
-rule android.net.ipmemorystore.aidl.** com.android.connectivity.@0
-rule android.net.DataStallReportParcelable* com.android.connectivity.@0
-rule android.net.DhcpResultsParcelable* com.android.connectivity.@0
-rule android.net.IIpMemoryStore* com.android.connectivity.@0
-rule android.net.INetworkMonitor* com.android.connectivity.@0
-rule android.net.INetworkStackConnector* com.android.connectivity.@0
-rule android.net.INetworkStackStatusCallback* com.android.connectivity.@0
-rule android.net.InformationElementParcelable* com.android.connectivity.@0
-rule android.net.InitialConfigurationParcelable* com.android.connectivity.@0
-rule android.net.IpMemoryStore* com.android.connectivity.@0
-rule android.net.Layer2InformationParcelable* com.android.connectivity.@0
-rule android.net.Layer2PacketParcelable* com.android.connectivity.@0
-rule android.net.NattKeepalivePacketDataParcelable* com.android.connectivity.@0
-rule android.net.NetworkMonitorManager* com.android.connectivity.@0
-rule android.net.NetworkTestResultParcelable* com.android.connectivity.@0
-rule android.net.PrivateDnsConfigParcel* com.android.connectivity.@0
-rule android.net.ProvisioningConfigurationParcelable* com.android.connectivity.@0
-rule android.net.ScanResultInfoParcelable* com.android.connectivity.@0
-rule android.net.TcpKeepalivePacketDataParcelable* com.android.connectivity.@0
-rule android.net.dhcp.DhcpLeaseParcelable* com.android.connectivity.@0
-rule android.net.dhcp.DhcpServingParamsParcel* com.android.connectivity.@0
-rule android.net.dhcp.IDhcpEventCallbacks* com.android.connectivity.@0
-rule android.net.dhcp.IDhcpServer* com.android.connectivity.@0
-rule android.net.ip.IIpClient* com.android.connectivity.@0
-rule android.net.ip.IpClientCallbacks* com.android.connectivity.@0
-rule android.net.ip.IpClientManager* com.android.connectivity.@0
-rule android.net.ip.IpClientUtil* com.android.connectivity.@0
-rule android.net.ipmemorystore.** com.android.connectivity.@0
-rule android.net.networkstack.** com.android.connectivity.@0
-rule android.net.shared.** com.android.connectivity.@0
-rule android.net.util.KeepalivePacketDataUtil* com.android.connectivity.@0
-
-# From connectivity-module-utils
-rule android.net.util.SharedLog* com.android.connectivity.@0
-rule android.net.shared.** com.android.connectivity.@0
-
-# From services-connectivity-shared-srcs
-rule android.net.util.NetworkConstants* com.android.connectivity.@0
-
-# From modules-utils-statemachine
-rule com.android.internal.util.IState* com.android.connectivity.@0
-rule com.android.internal.util.State* com.android.connectivity.@0
-
-# From the API shims
-rule com.android.networkstack.apishim.** com.android.connectivity.@0
-
-# From filegroup framework-connectivity-protos
-rule android.service.*Proto com.android.connectivity.@0
-
-# From mdns-aidl-interface
-rule android.net.mdns.aidl.** android.net.connectivity.@0
-
-# From nearby-service, including proto
-rule service.proto.** com.android.server.nearby.@0
-rule androidx.annotation.Keep* com.android.server.nearby.@0
-rule androidx.collection.** com.android.server.nearby.@0
-rule androidx.core.** com.android.server.nearby.@0
-rule androidx.versionedparcelable.** com.android.server.nearby.@0
-rule com.google.common.** com.android.server.nearby.@0
-rule android.support.v4.** com.android.server.nearby.@0
-
-# Remaining are connectivity sources in com.android.server and com.android.server.connectivity:
-# TODO: move to a subpackage of com.android.connectivity (such as com.android.connectivity.server)
diff --git a/service/jni/com_android_server_BpfNetMaps.cpp b/service/jni/com_android_server_BpfNetMaps.cpp
index 7b1f59c..799ac5c 100644
--- a/service/jni/com_android_server_BpfNetMaps.cpp
+++ b/service/jni/com_android_server_BpfNetMaps.cpp
@@ -26,6 +26,8 @@
#include <nativehelper/ScopedPrimitiveArray.h>
#include <netjniutils/netjniutils.h>
#include <net/if.h>
+#include <private/android_filesystem_config.h>
+#include <unistd.h>
#include <vector>
@@ -39,152 +41,138 @@
namespace android {
-static void native_init(JNIEnv* env, jobject clazz) {
- Status status = mTc.start();
- if (!isOk(status)) {
- ALOGE("%s failed, error code = %d", __func__, status.code());
+#define CHECK_LOG(status) \
+ do { \
+ if (!isOk(status)) \
+ ALOGE("%s failed, error code = %d", __func__, status.code()); \
+ } while (0)
+
+static void native_init(JNIEnv* env, jclass clazz, jboolean startSkDestroyListener) {
+ Status status = mTc.start(startSkDestroyListener);
+ CHECK_LOG(status);
+ if (!isOk(status)) {
+ uid_t uid = getuid();
+ ALOGE("BpfNetMaps jni init failure as uid=%d", uid);
+ // TODO: Fix tests to not use this jni lib, so we can unconditionally abort()
+ if (uid == AID_SYSTEM || uid == AID_NETWORK_STACK) abort();
}
}
-static jint native_addNaughtyApp(JNIEnv* env, jobject clazz, jint uid) {
+static jint native_addNaughtyApp(JNIEnv* env, jobject self, jint uid) {
const uint32_t appUids = static_cast<uint32_t>(abs(uid));
Status status = mTc.updateUidOwnerMap(appUids, PENALTY_BOX_MATCH,
TrafficController::IptOp::IptOpInsert);
- if (!isOk(status)) {
- ALOGE("%s failed, error code = %d", __func__, status.code());
- }
+ CHECK_LOG(status);
return (jint)status.code();
}
-static jint native_removeNaughtyApp(JNIEnv* env, jobject clazz, jint uid) {
+static jint native_removeNaughtyApp(JNIEnv* env, jobject self, jint uid) {
const uint32_t appUids = static_cast<uint32_t>(abs(uid));
Status status = mTc.updateUidOwnerMap(appUids, PENALTY_BOX_MATCH,
TrafficController::IptOp::IptOpDelete);
- if (!isOk(status)) {
- ALOGE("%s failed, error code = %d", __func__, status.code());
- }
+ CHECK_LOG(status);
return (jint)status.code();
}
-static jint native_addNiceApp(JNIEnv* env, jobject clazz, jint uid) {
+static jint native_addNiceApp(JNIEnv* env, jobject self, jint uid) {
const uint32_t appUids = static_cast<uint32_t>(abs(uid));
Status status = mTc.updateUidOwnerMap(appUids, HAPPY_BOX_MATCH,
TrafficController::IptOp::IptOpInsert);
- if (!isOk(status)) {
- ALOGE("%s failed, error code = %d", __func__, status.code());
- }
+ CHECK_LOG(status);
return (jint)status.code();
}
-static jint native_removeNiceApp(JNIEnv* env, jobject clazz, jint uid) {
+static jint native_removeNiceApp(JNIEnv* env, jobject self, jint uid) {
const uint32_t appUids = static_cast<uint32_t>(abs(uid));
Status status = mTc.updateUidOwnerMap(appUids, HAPPY_BOX_MATCH,
TrafficController::IptOp::IptOpDelete);
- if (!isOk(status)) {
- ALOGD("%s failed, error code = %d", __func__, status.code());
- }
+ CHECK_LOG(status);
return (jint)status.code();
}
-static jint native_setChildChain(JNIEnv* env, jobject clazz, jint childChain, jboolean enable) {
+static jint native_setChildChain(JNIEnv* env, jobject self, jint childChain, jboolean enable) {
auto chain = static_cast<ChildChain>(childChain);
int res = mTc.toggleUidOwnerMap(chain, enable);
- if (res) {
- ALOGE("%s failed, error code = %d", __func__, res);
- }
+ if (res) ALOGE("%s failed, error code = %d", __func__, res);
return (jint)res;
}
-static jint native_replaceUidChain(JNIEnv* env, jobject clazz, jstring name, jboolean isAllowlist,
- jintArray jUids) {
+static jint native_replaceUidChain(JNIEnv* env, jobject self, jstring name, jboolean isAllowlist,
+ jintArray jUids) {
const ScopedUtfChars chainNameUtf8(env, name);
- if (chainNameUtf8.c_str() == nullptr) {
- return -EINVAL;
- }
+ if (chainNameUtf8.c_str() == nullptr) return -EINVAL;
const std::string chainName(chainNameUtf8.c_str());
ScopedIntArrayRO uids(env, jUids);
- if (uids.get() == nullptr) {
- return -EINVAL;
- }
+ if (uids.get() == nullptr) return -EINVAL;
size_t size = uids.size();
static_assert(sizeof(*(uids.get())) == sizeof(int32_t));
std::vector<int32_t> data ((int32_t *)&uids[0], (int32_t*)&uids[size]);
int res = mTc.replaceUidOwnerMap(chainName, isAllowlist, data);
- if (res) {
- ALOGE("%s failed, error code = %d", __func__, res);
- }
+ if (res) ALOGE("%s failed, error code = %d", __func__, res);
return (jint)res;
}
-static jint native_setUidRule(JNIEnv* env, jobject clazz, jint childChain, jint uid,
- jint firewallRule) {
+static jint native_setUidRule(JNIEnv* env, jobject self, jint childChain, jint uid,
+ jint firewallRule) {
auto chain = static_cast<ChildChain>(childChain);
auto rule = static_cast<FirewallRule>(firewallRule);
FirewallType fType = mTc.getFirewallType(chain);
int res = mTc.changeUidOwnerRule(chain, uid, rule, fType);
- if (res) {
- ALOGE("%s failed, error code = %d", __func__, res);
- }
+ if (res) ALOGE("%s failed, error code = %d", __func__, res);
return (jint)res;
}
-static jint native_addUidInterfaceRules(JNIEnv* env, jobject clazz, jstring ifName,
- jintArray jUids) {
+static jint native_addUidInterfaceRules(JNIEnv* env, jobject self, jstring ifName,
+ jintArray jUids) {
// Null ifName is a wildcard to allow apps to receive packets on all interfaces and ifIndex is
// set to 0.
- int ifIndex;
+ int ifIndex = 0;
if (ifName != nullptr) {
const ScopedUtfChars ifNameUtf8(env, ifName);
const std::string interfaceName(ifNameUtf8.c_str());
ifIndex = if_nametoindex(interfaceName.c_str());
- } else {
- ifIndex = 0;
}
ScopedIntArrayRO uids(env, jUids);
- if (uids.get() == nullptr) {
- return -EINVAL;
- }
+ if (uids.get() == nullptr) return -EINVAL;
size_t size = uids.size();
static_assert(sizeof(*(uids.get())) == sizeof(int32_t));
std::vector<int32_t> data ((int32_t *)&uids[0], (int32_t*)&uids[size]);
Status status = mTc.addUidInterfaceRules(ifIndex, data);
- if (!isOk(status)) {
- ALOGE("%s failed, error code = %d", __func__, status.code());
- }
+ CHECK_LOG(status);
return (jint)status.code();
}
-static jint native_removeUidInterfaceRules(JNIEnv* env, jobject clazz, jintArray jUids) {
+static jint native_removeUidInterfaceRules(JNIEnv* env, jobject self, jintArray jUids) {
ScopedIntArrayRO uids(env, jUids);
- if (uids.get() == nullptr) {
- return -EINVAL;
- }
+ if (uids.get() == nullptr) return -EINVAL;
size_t size = uids.size();
static_assert(sizeof(*(uids.get())) == sizeof(int32_t));
std::vector<int32_t> data ((int32_t *)&uids[0], (int32_t*)&uids[size]);
Status status = mTc.removeUidInterfaceRules(data);
- if (!isOk(status)) {
- ALOGE("%s failed, error code = %d", __func__, status.code());
- }
+ CHECK_LOG(status);
return (jint)status.code();
}
-static jint native_swapActiveStatsMap(JNIEnv* env, jobject clazz) {
+static jint native_updateUidLockdownRule(JNIEnv* env, jobject self, jint uid, jboolean add) {
+ Status status = mTc.updateUidLockdownRule(uid, add);
+ CHECK_LOG(status);
+ return (jint)status.code();
+}
+
+static jint native_swapActiveStatsMap(JNIEnv* env, jobject self) {
Status status = mTc.swapActiveStatsMap();
- if (!isOk(status)) {
- ALOGD("%s failed, error code = %d", __func__, status.code());
- }
+ CHECK_LOG(status);
return (jint)status.code();
}
-static void native_setPermissionForUids(JNIEnv* env, jobject clazz, jint permission,
- jintArray jUids) {
+static void native_setPermissionForUids(JNIEnv* env, jobject self, jint permission,
+ jintArray jUids) {
ScopedIntArrayRO uids(env, jUids);
if (uids.get() == nullptr) return;
@@ -194,7 +182,7 @@
mTc.setPermissionForUids(permission, data);
}
-static void native_dump(JNIEnv* env, jobject clazz, jobject javaFd, jboolean verbose) {
+static void native_dump(JNIEnv* env, jobject self, jobject javaFd, jboolean verbose) {
int fd = netjniutils::GetNativeFileDescriptor(env, javaFd);
if (fd < 0) {
jniThrowExceptionFmt(env, "java/io/IOException", "Invalid file descriptor");
@@ -203,13 +191,17 @@
mTc.dump(fd, verbose);
}
+static jint native_synchronizeKernelRCU(JNIEnv* env, jobject self) {
+ return -bpf::synchronizeKernelRCU();
+}
+
/*
* JNI registration.
*/
// clang-format off
static const JNINativeMethod gMethods[] = {
/* name, signature, funcPtr */
- {"native_init", "()V",
+ {"native_init", "(Z)V",
(void*)native_init},
{"native_addNaughtyApp", "(I)I",
(void*)native_addNaughtyApp},
@@ -229,19 +221,22 @@
(void*)native_addUidInterfaceRules},
{"native_removeUidInterfaceRules", "([I)I",
(void*)native_removeUidInterfaceRules},
+ {"native_updateUidLockdownRule", "(IZ)I",
+ (void*)native_updateUidLockdownRule},
{"native_swapActiveStatsMap", "()I",
(void*)native_swapActiveStatsMap},
{"native_setPermissionForUids", "(I[I)V",
(void*)native_setPermissionForUids},
{"native_dump", "(Ljava/io/FileDescriptor;Z)V",
(void*)native_dump},
+ {"native_synchronizeKernelRCU", "()I",
+ (void*)native_synchronizeKernelRCU},
};
// clang-format on
int register_com_android_server_BpfNetMaps(JNIEnv* env) {
- return jniRegisterNativeMethods(env,
- "com/android/server/BpfNetMaps",
- gMethods, NELEM(gMethods));
+ return jniRegisterNativeMethods(env, "com/android/server/BpfNetMaps",
+ gMethods, NELEM(gMethods));
}
}; // namespace android
diff --git a/service/jni/com_android_server_TestNetworkService.cpp b/service/jni/com_android_server_TestNetworkService.cpp
index 4efd0e1..bd74d54 100644
--- a/service/jni/com_android_server_TestNetworkService.cpp
+++ b/service/jni/com_android_server_TestNetworkService.cpp
@@ -51,7 +51,16 @@
jniThrowException(env, "java/lang/IllegalStateException", msg.c_str());
}
-static int createTunTapInterface(JNIEnv* env, bool isTun, const char* iface) {
+// enable or disable carrier on tun / tap interface.
+static void setTunTapCarrierEnabledImpl(JNIEnv* env, const char* iface, int tunFd, bool enabled) {
+ uint32_t carrierOn = enabled;
+ if (ioctl(tunFd, TUNSETCARRIER, &carrierOn)) {
+ throwException(env, errno, "set carrier", iface);
+ }
+}
+
+static int createTunTapImpl(JNIEnv* env, bool isTun, bool hasCarrier, bool setIffMulticast,
+ const char* iface) {
base::unique_fd tun(open("/dev/tun", O_RDWR | O_NONBLOCK));
ifreq ifr{};
@@ -63,39 +72,82 @@
return -1;
}
- // Activate interface using an unconnected datagram socket.
- base::unique_fd inet6CtrlSock(socket(AF_INET6, SOCK_DGRAM, 0));
- ifr.ifr_flags = IFF_UP;
- // Mark TAP interfaces as supporting multicast
- if (!isTun) ifr.ifr_flags |= IFF_MULTICAST;
+ if (!hasCarrier) {
+ // disable carrier before setting IFF_UP
+ setTunTapCarrierEnabledImpl(env, iface, tun.get(), hasCarrier);
+ }
- if (ioctl(inet6CtrlSock.get(), SIOCSIFFLAGS, &ifr)) {
- throwException(env, errno, "activating", ifr.ifr_name);
- return -1;
+ // Mark some TAP interfaces as supporting multicast
+ if (setIffMulticast && !isTun) {
+ base::unique_fd inet6CtrlSock(socket(AF_INET6, SOCK_DGRAM, 0));
+ ifr.ifr_flags = IFF_MULTICAST;
+
+ if (ioctl(inet6CtrlSock.get(), SIOCSIFFLAGS, &ifr)) {
+ throwException(env, errno, "set IFF_MULTICAST", ifr.ifr_name);
+ return -1;
+ }
}
return tun.release();
}
+static void bringUpInterfaceImpl(JNIEnv* env, const char* iface) {
+ // Activate interface using an unconnected datagram socket.
+ base::unique_fd inet6CtrlSock(socket(AF_INET6, SOCK_DGRAM, 0));
+
+ ifreq ifr{};
+ strlcpy(ifr.ifr_name, iface, IFNAMSIZ);
+ if (ioctl(inet6CtrlSock.get(), SIOCGIFFLAGS, &ifr)) {
+ throwException(env, errno, "read flags", iface);
+ return;
+ }
+ ifr.ifr_flags |= IFF_UP;
+ if (ioctl(inet6CtrlSock.get(), SIOCSIFFLAGS, &ifr)) {
+ throwException(env, errno, "set IFF_UP", iface);
+ return;
+ }
+}
+
//------------------------------------------------------------------------------
-static jint create(JNIEnv* env, jobject /* thiz */, jboolean isTun, jstring jIface) {
+
+
+static void setTunTapCarrierEnabled(JNIEnv* env, jclass /* clazz */, jstring
+ jIface, jint tunFd, jboolean enabled) {
+ ScopedUtfChars iface(env, jIface);
+ if (!iface.c_str()) {
+ jniThrowNullPointerException(env, "iface");
+ return;
+ }
+ setTunTapCarrierEnabledImpl(env, iface.c_str(), tunFd, enabled);
+}
+
+static jint createTunTap(JNIEnv* env, jclass /* clazz */, jboolean isTun,
+ jboolean hasCarrier, jboolean setIffMulticast, jstring jIface) {
ScopedUtfChars iface(env, jIface);
if (!iface.c_str()) {
jniThrowNullPointerException(env, "iface");
return -1;
}
- int tun = createTunTapInterface(env, isTun, iface.c_str());
+ return createTunTapImpl(env, isTun, hasCarrier, setIffMulticast, iface.c_str());
+}
- // Any exceptions will be thrown from the createTunTapInterface call
- return tun;
+static void bringUpInterface(JNIEnv* env, jclass /* clazz */, jstring jIface) {
+ ScopedUtfChars iface(env, jIface);
+ if (!iface.c_str()) {
+ jniThrowNullPointerException(env, "iface");
+ return;
+ }
+ bringUpInterfaceImpl(env, iface.c_str());
}
//------------------------------------------------------------------------------
static const JNINativeMethod gMethods[] = {
- {"jniCreateTunTap", "(ZLjava/lang/String;)I", (void*)create},
+ {"nativeSetTunTapCarrierEnabled", "(Ljava/lang/String;IZ)V", (void*)setTunTapCarrierEnabled},
+ {"nativeCreateTunTap", "(ZZZLjava/lang/String;)I", (void*)createTunTap},
+ {"nativeBringUpInterface", "(Ljava/lang/String;)V", (void*)bringUpInterface},
};
int register_com_android_server_TestNetworkService(JNIEnv* env) {
diff --git a/service/jni/com_android_server_connectivity_ClatCoordinator.cpp b/service/jni/com_android_server_connectivity_ClatCoordinator.cpp
index ba836b2..de0e20a 100644
--- a/service/jni/com_android_server_connectivity_ClatCoordinator.cpp
+++ b/service/jni/com_android_server_connectivity_ClatCoordinator.cpp
@@ -315,10 +315,7 @@
// TODO: use android::base::ScopeGuard.
if (int ret = posix_spawnattr_setflags(&attr, POSIX_SPAWN_USEVFORK
-#ifdef POSIX_SPAWN_CLOEXEC_DEFAULT
- | POSIX_SPAWN_CLOEXEC_DEFAULT
-#endif
- )) {
+ | POSIX_SPAWN_CLOEXEC_DEFAULT)) {
posix_spawnattr_destroy(&attr);
throwIOException(env, "posix_spawnattr_setflags failed", ret);
return -1;
@@ -424,7 +421,7 @@
stopClatdProcess(pid);
}
-static jlong com_android_server_connectivity_ClatCoordinator_tagSocketAsClat(
+static jlong com_android_server_connectivity_ClatCoordinator_getSocketCookie(
JNIEnv* env, jobject clazz, jobject sockJavaFd) {
int sockFd = netjniutils::GetNativeFileDescriptor(env, sockJavaFd);
if (sockFd < 0) {
@@ -438,58 +435,10 @@
return -1;
}
- bpf::BpfMap<uint64_t, UidTagValue> cookieTagMap;
- auto res = cookieTagMap.init(COOKIE_TAG_MAP_PATH);
- if (!res.ok()) {
- throwIOException(env, "failed to init the cookieTagMap", res.error().code());
- return -1;
- }
-
- // Tag raw socket with uid AID_CLAT and set tag as zero because tag is unused in bpf
- // program for counting data usage in netd.c. Tagging socket is used to avoid counting
- // duplicated clat traffic in bpf stat.
- UidTagValue newKey = {.uid = (uint32_t)AID_CLAT, .tag = 0 /* unused */};
- res = cookieTagMap.writeValue(sock_cookie, newKey, BPF_ANY);
- if (!res.ok()) {
- jniThrowExceptionFmt(env, "java/io/IOException", "Failed to tag the socket: %s, fd: %d",
- strerror(res.error().code()), cookieTagMap.getMap().get());
- return -1;
- }
-
- ALOGI("tag uid AID_CLAT to socket fd %d, cookie %" PRIu64 "", sockFd, sock_cookie);
+ ALOGI("Get cookie %" PRIu64 " for socket fd %d", sock_cookie, sockFd);
return static_cast<jlong>(sock_cookie);
}
-static void com_android_server_connectivity_ClatCoordinator_untagSocket(JNIEnv* env, jobject clazz,
- jlong cookie) {
- uint64_t sock_cookie = static_cast<uint64_t>(cookie);
- if (sock_cookie == bpf::NONEXISTENT_COOKIE) {
- jniThrowExceptionFmt(env, "java/io/IOException", "Invalid socket cookie");
- return;
- }
-
- // The reason that deleting entry from cookie tag map directly is that the tag socket destroy
- // listener only monitors on group INET_TCP, INET_UDP, INET6_TCP, INET6_UDP. The other socket
- // types, ex: raw, are not able to be removed automatically by the listener.
- // See TrafficController::makeSkDestroyListener.
- bpf::BpfMap<uint64_t, UidTagValue> cookieTagMap;
- auto res = cookieTagMap.init(COOKIE_TAG_MAP_PATH);
- if (!res.ok()) {
- throwIOException(env, "failed to init the cookieTagMap", res.error().code());
- return;
- }
-
- res = cookieTagMap.deleteValue(sock_cookie);
- if (!res.ok()) {
- jniThrowExceptionFmt(env, "java/io/IOException", "Failed to untag the socket: %s",
- strerror(res.error().code()));
- return;
- }
-
- ALOGI("untag socket cookie %" PRIu64 "", sock_cookie);
- return;
-}
-
/*
* JNI registration.
*/
@@ -519,10 +468,8 @@
{"native_stopClatd",
"(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;I)V",
(void*)com_android_server_connectivity_ClatCoordinator_stopClatd},
- {"native_tagSocketAsClat", "(Ljava/io/FileDescriptor;)J",
- (void*)com_android_server_connectivity_ClatCoordinator_tagSocketAsClat},
- {"native_untagSocket", "(J)V",
- (void*)com_android_server_connectivity_ClatCoordinator_untagSocket},
+ {"native_getSocketCookie", "(Ljava/io/FileDescriptor;)J",
+ (void*)com_android_server_connectivity_ClatCoordinator_getSocketCookie},
};
int register_com_android_server_connectivity_ClatCoordinator(JNIEnv* env) {
diff --git a/service/mdns/com/android/server/connectivity/mdns/ConnectivityMonitor.java b/service/mdns/com/android/server/connectivity/mdns/ConnectivityMonitor.java
new file mode 100644
index 0000000..2b99d0a
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/ConnectivityMonitor.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+/** Interface for monitoring connectivity changes. */
+public interface ConnectivityMonitor {
+ /**
+ * Starts monitoring changes of connectivity of this device, which may indicate that the list of
+ * network interfaces available for multi-cast messaging has changed.
+ */
+ void startWatchingConnectivityChanges();
+
+ /** Stops monitoring changes of connectivity. */
+ void stopWatchingConnectivityChanges();
+
+ void notifyConnectivityChange();
+
+ /** Listener interface for receiving connectivity changes. */
+ interface Listener {
+ void onConnectivityChanged();
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/ConnectivityMonitorWithConnectivityManager.java b/service/mdns/com/android/server/connectivity/mdns/ConnectivityMonitorWithConnectivityManager.java
new file mode 100644
index 0000000..3563d61
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/ConnectivityMonitorWithConnectivityManager.java
@@ -0,0 +1,106 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.TargetApi;
+import android.content.Context;
+import android.net.ConnectivityManager;
+import android.net.Network;
+import android.net.NetworkCapabilities;
+import android.net.NetworkRequest;
+import android.os.Build;
+
+import com.android.server.connectivity.mdns.util.MdnsLogger;
+
+/** Class for monitoring connectivity changes using {@link ConnectivityManager}. */
+public class ConnectivityMonitorWithConnectivityManager implements ConnectivityMonitor {
+ private static final String TAG = "ConnMntrWConnMgr";
+ private static final MdnsLogger LOGGER = new MdnsLogger(TAG);
+
+ private final Listener listener;
+ private final ConnectivityManager.NetworkCallback networkCallback;
+ private final ConnectivityManager connectivityManager;
+ // TODO(b/71901993): Ideally we shouldn't need this flag. However we still don't have clues why
+ // the receiver is unregistered twice yet.
+ private boolean isCallbackRegistered = false;
+
+ @SuppressWarnings({"nullness:assignment", "nullness:method.invocation"})
+ @TargetApi(Build.VERSION_CODES.LOLLIPOP)
+ public ConnectivityMonitorWithConnectivityManager(Context context, Listener listener) {
+ this.listener = listener;
+
+ connectivityManager =
+ (ConnectivityManager) context.getSystemService(Context.CONNECTIVITY_SERVICE);
+ networkCallback =
+ new ConnectivityManager.NetworkCallback() {
+ @Override
+ public void onAvailable(Network network) {
+ LOGGER.log("network available.");
+ notifyConnectivityChange();
+ }
+
+ @Override
+ public void onLost(Network network) {
+ LOGGER.log("network lost.");
+ notifyConnectivityChange();
+ }
+
+ @Override
+ public void onUnavailable() {
+ LOGGER.log("network unavailable.");
+ notifyConnectivityChange();
+ }
+ };
+ }
+
+ @Override
+ public void notifyConnectivityChange() {
+ listener.onConnectivityChanged();
+ }
+
+ /**
+ * Starts monitoring changes of connectivity of this device, which may indicate that the list of
+ * network interfaces available for multi-cast messaging has changed.
+ */
+ @TargetApi(Build.VERSION_CODES.LOLLIPOP)
+ @Override
+ public void startWatchingConnectivityChanges() {
+ LOGGER.log("Start watching connectivity changes");
+ if (isCallbackRegistered) {
+ return;
+ }
+
+ connectivityManager.registerNetworkCallback(
+ new NetworkRequest.Builder().addTransportType(
+ NetworkCapabilities.TRANSPORT_WIFI).build(),
+ networkCallback);
+ isCallbackRegistered = true;
+ }
+
+ /** Stops monitoring changes of connectivity. */
+ @TargetApi(Build.VERSION_CODES.LOLLIPOP)
+ @Override
+ public void stopWatchingConnectivityChanges() {
+ LOGGER.log("Stop watching connectivity changes");
+ if (!isCallbackRegistered) {
+ return;
+ }
+
+ connectivityManager.unregisterNetworkCallback(networkCallback);
+ isCallbackRegistered = false;
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/EnqueueMdnsQueryCallable.java b/service/mdns/com/android/server/connectivity/mdns/EnqueueMdnsQueryCallable.java
new file mode 100644
index 0000000..f366363
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/EnqueueMdnsQueryCallable.java
@@ -0,0 +1,155 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.NonNull;
+import android.text.TextUtils;
+import android.util.Pair;
+
+import com.android.server.connectivity.mdns.util.MdnsLogger;
+
+import java.io.IOException;
+import java.lang.ref.WeakReference;
+import java.net.DatagramPacket;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+import java.util.concurrent.Callable;
+
+/**
+ * A {@link Callable} that builds and enqueues a mDNS query to send over the multicast socket. If a
+ * query is built and enqueued successfully, then call to {@link #call()} returns the transaction ID
+ * and the list of the subtypes in the query as a {@link Pair}. If a query is failed to build, or if
+ * it can not be enqueued, then call to {@link #call()} returns {@code null}.
+ */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+public class EnqueueMdnsQueryCallable implements Callable<Pair<Integer, List<String>>> {
+
+ private static final String TAG = "MdnsQueryCallable";
+ private static final MdnsLogger LOGGER = new MdnsLogger(TAG);
+ private static final List<Integer> castShellEmulatorMdnsPorts;
+
+ static {
+ castShellEmulatorMdnsPorts = new ArrayList<>();
+ String[] stringPorts = MdnsConfigs.castShellEmulatorMdnsPorts();
+
+ for (String port : stringPorts) {
+ try {
+ castShellEmulatorMdnsPorts.add(Integer.parseInt(port));
+ } catch (NumberFormatException e) {
+ // Ignore.
+ }
+ }
+ }
+
+ private final WeakReference<MdnsSocketClient> weakRequestSender;
+ private final MdnsPacketWriter packetWriter;
+ private final String[] serviceTypeLabels;
+ private final List<String> subtypes;
+ private final boolean expectUnicastResponse;
+ private final int transactionId;
+
+ EnqueueMdnsQueryCallable(
+ @NonNull MdnsSocketClient requestSender,
+ @NonNull MdnsPacketWriter packetWriter,
+ @NonNull String serviceType,
+ @NonNull Collection<String> subtypes,
+ boolean expectUnicastResponse,
+ int transactionId) {
+ weakRequestSender = new WeakReference<>(requestSender);
+ this.packetWriter = packetWriter;
+ serviceTypeLabels = TextUtils.split(serviceType, "\\.");
+ this.subtypes = new ArrayList<>(subtypes);
+ this.expectUnicastResponse = expectUnicastResponse;
+ this.transactionId = transactionId;
+ }
+
+ @Override
+ public Pair<Integer, List<String>> call() {
+ try {
+ MdnsSocketClient requestSender = weakRequestSender.get();
+ if (requestSender == null) {
+ return null;
+ }
+
+ int numQuestions = 1;
+ if (!subtypes.isEmpty()) {
+ numQuestions += subtypes.size();
+ }
+
+ // Header.
+ packetWriter.writeUInt16(transactionId); // transaction ID
+ packetWriter.writeUInt16(MdnsConstants.FLAGS_QUERY); // flags
+ packetWriter.writeUInt16(numQuestions); // number of questions
+ packetWriter.writeUInt16(0); // number of answers (not yet known; will be written later)
+ packetWriter.writeUInt16(0); // number of authority entries
+ packetWriter.writeUInt16(0); // number of additional records
+
+ // Question(s). There will be one question for each (fqdn+subtype, recordType)
+ // combination,
+ // as well as one for each (fqdn, recordType) combination.
+
+ for (String subtype : subtypes) {
+ String[] labels = new String[serviceTypeLabels.length + 2];
+ labels[0] = MdnsConstants.SUBTYPE_PREFIX + subtype;
+ labels[1] = MdnsConstants.SUBTYPE_LABEL;
+ System.arraycopy(serviceTypeLabels, 0, labels, 2, serviceTypeLabels.length);
+
+ packetWriter.writeLabels(labels);
+ packetWriter.writeUInt16(MdnsRecord.TYPE_PTR);
+ packetWriter.writeUInt16(
+ MdnsConstants.QCLASS_INTERNET
+ | (expectUnicastResponse ? MdnsConstants.QCLASS_UNICAST : 0));
+ }
+
+ packetWriter.writeLabels(serviceTypeLabels);
+ packetWriter.writeUInt16(MdnsRecord.TYPE_PTR);
+ packetWriter.writeUInt16(
+ MdnsConstants.QCLASS_INTERNET
+ | (expectUnicastResponse ? MdnsConstants.QCLASS_UNICAST : 0));
+
+ InetAddress mdnsAddress = MdnsConstants.getMdnsIPv4Address();
+ if (requestSender.isOnIPv6OnlyNetwork()) {
+ mdnsAddress = MdnsConstants.getMdnsIPv6Address();
+ }
+
+ sendPacketTo(requestSender,
+ new InetSocketAddress(mdnsAddress, MdnsConstants.MDNS_PORT));
+ for (Integer emulatorPort : castShellEmulatorMdnsPorts) {
+ sendPacketTo(requestSender, new InetSocketAddress(mdnsAddress, emulatorPort));
+ }
+ return Pair.create(transactionId, subtypes);
+ } catch (IOException e) {
+ LOGGER.e(String.format("Failed to create mDNS packet for subtype: %s.",
+ TextUtils.join(",", subtypes)), e);
+ return null;
+ }
+ }
+
+ private void sendPacketTo(MdnsSocketClient requestSender, InetSocketAddress address)
+ throws IOException {
+ DatagramPacket packet = packetWriter.getPacket(address);
+ if (expectUnicastResponse) {
+ requestSender.sendUnicastPacket(packet);
+ } else {
+ requestSender.sendMulticastPacket(packet);
+ }
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/ExecutorProvider.java b/service/mdns/com/android/server/connectivity/mdns/ExecutorProvider.java
new file mode 100644
index 0000000..72b65e0
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/ExecutorProvider.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.util.ArraySet;
+
+import java.util.Set;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.ScheduledThreadPoolExecutor;
+
+/**
+ * This class provides {@link ScheduledExecutorService} instances to {@link MdnsServiceTypeClient}
+ * instances, and provides method to shutdown all the created executors.
+ */
+public class ExecutorProvider {
+
+ private final Set<ScheduledExecutorService> serviceTypeClientSchedulerExecutors =
+ new ArraySet<>();
+
+ /** Returns a new {@link ScheduledExecutorService} instance. */
+ public ScheduledExecutorService newServiceTypeClientSchedulerExecutor() {
+ // TODO: actually use a pool ?
+ ScheduledExecutorService executor = new ScheduledThreadPoolExecutor(1);
+ serviceTypeClientSchedulerExecutors.add(executor);
+ return executor;
+ }
+
+ /** Shuts down all the created {@link ScheduledExecutorService} instances. */
+ public void shutdownAll() {
+ for (ScheduledExecutorService executor : serviceTypeClientSchedulerExecutors) {
+ executor.shutdownNow();
+ }
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsConfigs.java b/service/mdns/com/android/server/connectivity/mdns/MdnsConfigs.java
new file mode 100644
index 0000000..922037b
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsConfigs.java
@@ -0,0 +1,92 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+/**
+ * mDNS configuration values.
+ *
+ * TODO: consider making some of these adjustable via flags.
+ */
+public class MdnsConfigs {
+ public static String[] castShellEmulatorMdnsPorts() {
+ return new String[0];
+ }
+
+ public static long initialTimeBetweenBurstsMs() {
+ return 5000L;
+ }
+
+ public static long timeBetweenBurstsMs() {
+ return 20_000L;
+ }
+
+ public static int queriesPerBurst() {
+ return 3;
+ }
+
+ public static long timeBetweenQueriesInBurstMs() {
+ return 1000L;
+ }
+
+ public static int queriesPerBurstPassive() {
+ return 1;
+ }
+
+ public static boolean alwaysAskForUnicastResponseInEachBurst() {
+ return false;
+ }
+
+ public static boolean useSessionIdToScheduleMdnsTask() {
+ return false;
+ }
+
+ public static boolean shouldCancelScanTaskWhenFutureIsNull() {
+ return false;
+ }
+
+ public static long sleepTimeForSocketThreadMs() {
+ return 20_000L;
+ }
+
+ public static boolean checkMulticastResponse() {
+ return false;
+ }
+
+ public static boolean useSeparateSocketToSendUnicastQuery() {
+ return false;
+ }
+
+ public static long checkMulticastResponseIntervalMs() {
+ return 10_000L;
+ }
+
+ public static boolean clearMdnsPacketQueueAfterDiscoveryStops() {
+ return true;
+ }
+
+ public static boolean allowAddMdnsPacketAfterDiscoveryStops() {
+ return false;
+ }
+
+ public static int mdnsPacketQueueMaxSize() {
+ return Integer.MAX_VALUE;
+ }
+
+ public static boolean preferIpv6() {
+ return false;
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsConstants.java b/service/mdns/com/android/server/connectivity/mdns/MdnsConstants.java
new file mode 100644
index 0000000..0b2066a
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsConstants.java
@@ -0,0 +1,94 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.TargetApi;
+import android.os.Build;
+
+import com.android.internal.annotations.VisibleForTesting;
+
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
+
+/** mDNS-related constants. */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+@VisibleForTesting
+public final class MdnsConstants {
+ public static final int MDNS_PORT = 5353;
+ // Flags word format is:
+ // 15 14 13 12 11 10 09 08 07 06 05 04 03 02 01 00
+ // QR [ Opcode ] AA TC RD RA Z AD CD [ Rcode ]
+ // See http://www.networksorcery.com/enp/protocol/dns.htm
+ // For responses, QR bit should be 1, AA - CD bits should be ignored, and all other bits
+ // should be 0.
+ public static final int FLAGS_QUERY = 0x0000;
+ public static final int FLAGS_RESPONSE_MASK = 0xF80F;
+ public static final int FLAGS_RESPONSE = 0x8000;
+ public static final int QCLASS_INTERNET = 0x0001;
+ public static final int QCLASS_UNICAST = 0x8000;
+ public static final String SUBTYPE_LABEL = "_sub";
+ public static final String SUBTYPE_PREFIX = "_";
+ private static final String MDNS_IPV4_HOST_ADDRESS = "224.0.0.251";
+ private static final String MDNS_IPV6_HOST_ADDRESS = "FF02::FB";
+ private static InetAddress mdnsAddress;
+ private static Charset utf8Charset;
+ private MdnsConstants() {
+ }
+
+ public static InetAddress getMdnsIPv4Address() {
+ synchronized (MdnsConstants.class) {
+ InetAddress addr = null;
+ try {
+ addr = InetAddress.getByName(MDNS_IPV4_HOST_ADDRESS);
+ } catch (UnknownHostException e) {
+ /* won't happen */
+ }
+ mdnsAddress = addr;
+ return mdnsAddress;
+ }
+ }
+
+ public static InetAddress getMdnsIPv6Address() {
+ synchronized (MdnsConstants.class) {
+ InetAddress addr = null;
+ try {
+ addr = InetAddress.getByName(MDNS_IPV6_HOST_ADDRESS);
+ } catch (UnknownHostException e) {
+ /* won't happen */
+ }
+ mdnsAddress = addr;
+ return mdnsAddress;
+ }
+ }
+
+ public static Charset getUtf8Charset() {
+ synchronized (MdnsConstants.class) {
+ if (utf8Charset == null) {
+ utf8Charset = getUtf8CharsetOnKitKat();
+ }
+ return utf8Charset;
+ }
+ }
+
+ @TargetApi(Build.VERSION_CODES.KITKAT)
+ private static Charset getUtf8CharsetOnKitKat() {
+ return StandardCharsets.UTF_8;
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsDiscoveryManager.java b/service/mdns/com/android/server/connectivity/mdns/MdnsDiscoveryManager.java
new file mode 100644
index 0000000..1faa6ce
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsDiscoveryManager.java
@@ -0,0 +1,146 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.Manifest.permission;
+import android.annotation.NonNull;
+import android.annotation.RequiresPermission;
+import android.text.TextUtils;
+import android.util.ArrayMap;
+
+import com.android.internal.annotations.VisibleForTesting;
+import com.android.server.connectivity.mdns.util.MdnsLogger;
+
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.Map;
+
+/**
+ * This class keeps tracking the set of registered {@link MdnsServiceBrowserListener} instances, and
+ * notify them when a mDNS service instance is found, updated, or removed?
+ */
+public class MdnsDiscoveryManager implements MdnsSocketClient.Callback {
+
+ private static final MdnsLogger LOGGER = new MdnsLogger("MdnsDiscoveryManager");
+
+ private final ExecutorProvider executorProvider;
+ private final MdnsSocketClient socketClient;
+
+ private final Map<String, MdnsServiceTypeClient> serviceTypeClients = new ArrayMap<>();
+
+ public MdnsDiscoveryManager(
+ @NonNull ExecutorProvider executorProvider, @NonNull MdnsSocketClient socketClient) {
+ this.executorProvider = executorProvider;
+ this.socketClient = socketClient;
+ }
+
+ /**
+ * Starts (or continue) to discovery mDNS services with given {@code serviceType}, and registers
+ * {@code listener} for receiving mDNS service discovery responses.
+ *
+ * @param serviceType The type of the service to discover.
+ * @param listener The {@link MdnsServiceBrowserListener} listener.
+ * @param searchOptions The {@link MdnsSearchOptions} to be used for discovering {@code
+ * serviceType}.
+ */
+ @RequiresPermission(permission.CHANGE_WIFI_MULTICAST_STATE)
+ public synchronized void registerListener(
+ @NonNull String serviceType,
+ @NonNull MdnsServiceBrowserListener listener,
+ @NonNull MdnsSearchOptions searchOptions) {
+ LOGGER.log(
+ "Registering listener for subtypes: %s",
+ TextUtils.join(",", searchOptions.getSubtypes()));
+ if (serviceTypeClients.isEmpty()) {
+ // First listener. Starts the socket client.
+ try {
+ socketClient.startDiscovery();
+ } catch (IOException e) {
+ LOGGER.e("Failed to start discover.", e);
+ return;
+ }
+ }
+ // All listeners of the same service types shares the same MdnsServiceTypeClient.
+ MdnsServiceTypeClient serviceTypeClient = serviceTypeClients.get(serviceType);
+ if (serviceTypeClient == null) {
+ serviceTypeClient = createServiceTypeClient(serviceType);
+ serviceTypeClients.put(serviceType, serviceTypeClient);
+ }
+ serviceTypeClient.startSendAndReceive(listener, searchOptions);
+ }
+
+ /**
+ * Unregister {@code listener} for receiving mDNS service discovery responses. IF no listener is
+ * registered for the given service type, stops discovery for the service type.
+ *
+ * @param serviceType The type of the service to discover.
+ * @param listener The {@link MdnsServiceBrowserListener} listener.
+ */
+ @RequiresPermission(permission.CHANGE_WIFI_MULTICAST_STATE)
+ public synchronized void unregisterListener(
+ @NonNull String serviceType, @NonNull MdnsServiceBrowserListener listener) {
+ LOGGER.log("Unregistering listener for service type: %s", serviceType);
+ MdnsServiceTypeClient serviceTypeClient = serviceTypeClients.get(serviceType);
+ if (serviceTypeClient == null) {
+ return;
+ }
+ if (serviceTypeClient.stopSendAndReceive(listener)) {
+ // No listener is registered for the service type anymore, remove it from the list of
+ // the
+ // service type clients.
+ serviceTypeClients.remove(serviceType);
+ if (serviceTypeClients.isEmpty()) {
+ // No discovery request. Stops the socket client.
+ socketClient.stopDiscovery();
+ }
+ }
+ }
+
+ @Override
+ public synchronized void onResponseReceived(@NonNull MdnsResponse response) {
+ String[] name =
+ response.getPointerRecords().isEmpty()
+ ? null
+ : response.getPointerRecords().get(0).getName();
+ if (name != null) {
+ for (MdnsServiceTypeClient serviceTypeClient : serviceTypeClients.values()) {
+ String[] serviceType = serviceTypeClient.getServiceTypeLabels();
+ if ((Arrays.equals(name, serviceType)
+ || ((name.length == (serviceType.length + 2))
+ && name[1].equals(MdnsConstants.SUBTYPE_LABEL)
+ && MdnsRecord.labelsAreSuffix(serviceType, name)))) {
+ serviceTypeClient.processResponse(response);
+ return;
+ }
+ }
+ }
+ }
+
+ @Override
+ public synchronized void onFailedToParseMdnsResponse(int receivedPacketNumber, int errorCode) {
+ for (MdnsServiceTypeClient serviceTypeClient : serviceTypeClients.values()) {
+ serviceTypeClient.onFailedToParseMdnsResponse(receivedPacketNumber, errorCode);
+ }
+ }
+
+ @VisibleForTesting
+ MdnsServiceTypeClient createServiceTypeClient(@NonNull String serviceType) {
+ return new MdnsServiceTypeClient(
+ serviceType, socketClient,
+ executorProvider.newServiceTypeClientSchedulerExecutor());
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsInetAddressRecord.java b/service/mdns/com/android/server/connectivity/mdns/MdnsInetAddressRecord.java
new file mode 100644
index 0000000..bd47414
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsInetAddressRecord.java
@@ -0,0 +1,128 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import com.android.internal.annotations.VisibleForTesting;
+
+import java.io.IOException;
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Locale;
+import java.util.Objects;
+
+/** An mDNS "AAAA" or "A" record, which holds an IPv6 or IPv4 address. */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+@VisibleForTesting
+public class MdnsInetAddressRecord extends MdnsRecord {
+ private Inet6Address inet6Address;
+ private Inet4Address inet4Address;
+
+ /**
+ * Constructs the {@link MdnsRecord}
+ *
+ * @param name the service host name
+ * @param type the type of record (either Type 'AAAA' or Type 'A')
+ * @param reader the reader to read the record from.
+ */
+ public MdnsInetAddressRecord(String[] name, int type, MdnsPacketReader reader)
+ throws IOException {
+ super(name, type, reader);
+ }
+
+ /** Returns the IPv6 address. */
+ public Inet6Address getInet6Address() {
+ return inet6Address;
+ }
+
+ /** Returns the IPv4 address. */
+ public Inet4Address getInet4Address() {
+ return inet4Address;
+ }
+
+ @Override
+ protected void readData(MdnsPacketReader reader) throws IOException {
+ int size = 4;
+ if (super.getType() == MdnsRecord.TYPE_AAAA) {
+ size = 16;
+ }
+ byte[] buf = new byte[size];
+ reader.readBytes(buf);
+ try {
+ InetAddress address = InetAddress.getByAddress(buf);
+ if (address instanceof Inet4Address) {
+ inet4Address = (Inet4Address) address;
+ inet6Address = null;
+ } else if (address instanceof Inet6Address) {
+ inet4Address = null;
+ inet6Address = (Inet6Address) address;
+ } else {
+ inet4Address = null;
+ inet6Address = null;
+ }
+ } catch (UnknownHostException e) {
+ // Ignore exception
+ }
+ }
+
+ @Override
+ protected void writeData(MdnsPacketWriter writer) throws IOException {
+ byte[] buf = null;
+ if (inet4Address != null) {
+ buf = inet4Address.getAddress();
+ } else if (inet6Address != null) {
+ buf = inet6Address.getAddress();
+ }
+ if (buf != null) {
+ writer.writeBytes(buf);
+ }
+ }
+
+ @Override
+ public String toString() {
+ String type = "AAAA";
+ if (super.getType() == MdnsRecord.TYPE_A) {
+ type = "A";
+ }
+ return String.format(
+ Locale.ROOT, "%s: Inet4Address: %s Inet6Address: %s", type, inet4Address,
+ inet6Address);
+ }
+
+ @Override
+ public int hashCode() {
+ return (super.hashCode() * 31)
+ + Objects.hashCode(inet4Address)
+ + Objects.hashCode(inet6Address);
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (this == other) {
+ return true;
+ }
+ if (!(other instanceof MdnsInetAddressRecord)) {
+ return false;
+ }
+
+ return super.equals(other)
+ && Objects.equals(inet4Address, ((MdnsInetAddressRecord) other).inet4Address)
+ && Objects.equals(inet6Address, ((MdnsInetAddressRecord) other).inet6Address);
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsPacketReader.java b/service/mdns/com/android/server/connectivity/mdns/MdnsPacketReader.java
new file mode 100644
index 0000000..61c5f5a
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsPacketReader.java
@@ -0,0 +1,254 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.util.SparseArray;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Locale;
+
+/** Simple decoder for mDNS packets. */
+public class MdnsPacketReader {
+ private final byte[] buf;
+ private final int count;
+ private final SparseArray<LabelEntry> labelDictionary;
+ private int pos;
+ private int limit;
+
+ /** Constructs a reader for the given packet. */
+ public MdnsPacketReader(DatagramPacket packet) {
+ buf = packet.getData();
+ count = packet.getLength();
+ pos = 0;
+ limit = -1;
+ labelDictionary = new SparseArray<>(16);
+ }
+
+ /**
+ * Sets a temporary limit (from the current read position) for subsequent reads. Any attempt to
+ * read past this limit will result in an EOFException.
+ *
+ * @param limit The new limit.
+ * @throws IOException If there is insufficient data for the new limit.
+ */
+ public void setLimit(int limit) throws IOException {
+ if (limit >= 0) {
+ if (pos + limit <= count) {
+ this.limit = pos + limit;
+ } else {
+ throw new IOException(
+ String.format(
+ Locale.ROOT,
+ "attempt to set limit beyond available data: %d exceeds %d",
+ pos + limit,
+ count));
+ }
+ }
+ }
+
+ /** Clears the limit set by {@link #setLimit}. */
+ public void clearLimit() {
+ limit = -1;
+ }
+
+ /**
+ * Returns the number of bytes left to read, between the current read position and either the
+ * limit (if set) or the end of the packet.
+ */
+ public int getRemaining() {
+ return (limit >= 0 ? limit : count) - pos;
+ }
+
+ /**
+ * Reads an unsigned 8-bit integer.
+ *
+ * @throws EOFException If there are not enough bytes remaining in the packet to satisfy the
+ * read.
+ */
+ public int readUInt8() throws EOFException {
+ checkRemaining(1);
+ byte val = buf[pos++];
+ return val & 0xFF;
+ }
+
+ /**
+ * Reads an unsigned 16-bit integer.
+ *
+ * @throws EOFException If there are not enough bytes remaining in the packet to satisfy the
+ * read.
+ */
+ public int readUInt16() throws EOFException {
+ checkRemaining(2);
+ int val = (buf[pos++] & 0xFF) << 8;
+ val |= (buf[pos++]) & 0xFF;
+ return val;
+ }
+
+ /**
+ * Reads an unsigned 32-bit integer.
+ *
+ * @throws EOFException If there are not enough bytes remaining in the packet to satisfy the
+ * read.
+ */
+ public long readUInt32() throws EOFException {
+ checkRemaining(4);
+ long val = (long) (buf[pos++] & 0xFF) << 24;
+ val |= (long) (buf[pos++] & 0xFF) << 16;
+ val |= (long) (buf[pos++] & 0xFF) << 8;
+ val |= buf[pos++] & 0xFF;
+ return val;
+ }
+
+ /**
+ * Reads a sequence of labels and returns them as an array of strings. A sequence of labels is
+ * either a sequence of strings terminated by a NUL byte, a sequence of strings terminated by a
+ * pointer, or a pointer.
+ *
+ * @throws EOFException If there are not enough bytes remaining in the packet to satisfy the
+ * read.
+ * @throws IOException If invalid data is read.
+ */
+ public String[] readLabels() throws IOException {
+ List<String> result = new ArrayList<>(5);
+ LabelEntry previousEntry = null;
+
+ while (getRemaining() > 0) {
+ byte nextByte = peekByte();
+
+ if (nextByte == 0) {
+ // A NUL byte terminates a sequence of labels.
+ skip(1);
+ break;
+ }
+
+ int currentOffset = pos;
+
+ boolean isLabelPointer = (nextByte & 0xC0) == 0xC0;
+ if (isLabelPointer) {
+ // A pointer terminates a sequence of labels. Store the pointer value in the
+ // previous label entry.
+ int labelOffset = ((readUInt8() & 0x3F) << 8) | (readUInt8() & 0xFF);
+ if (previousEntry != null) {
+ previousEntry.nextOffset = labelOffset;
+ }
+
+ // Follow the chain of labels starting at this pointer, adding all of them onto the
+ // result.
+ while (labelOffset != 0) {
+ LabelEntry entry = labelDictionary.get(labelOffset);
+ if (entry == null) {
+ throw new IOException(
+ String.format(Locale.ROOT, "Invalid label pointer: %04X",
+ labelOffset));
+ }
+ result.add(entry.label);
+ labelOffset = entry.nextOffset;
+ }
+ break;
+ } else {
+ // It's an ordinary label. Chain it onto the previous label entry (if any), and add
+ // it onto the result.
+ String val = readString();
+ LabelEntry newEntry = new LabelEntry(val);
+ labelDictionary.put(currentOffset, newEntry);
+
+ if (previousEntry != null) {
+ previousEntry.nextOffset = currentOffset;
+ }
+ previousEntry = newEntry;
+ result.add(val);
+ }
+ }
+
+ return result.toArray(new String[result.size()]);
+ }
+
+ /**
+ * Reads a length-prefixed string.
+ *
+ * @throws EOFException If there are not enough bytes remaining in the packet to satisfy the
+ * read.
+ */
+ public String readString() throws EOFException {
+ int len = readUInt8();
+ checkRemaining(len);
+ String val = new String(buf, pos, len, MdnsConstants.getUtf8Charset());
+ pos += len;
+ return val;
+ }
+
+ /**
+ * Reads a specific number of bytes.
+ *
+ * @param bytes The array to fill.
+ * @throws EOFException If there are not enough bytes remaining in the packet to satisfy the
+ * read.
+ */
+ public void readBytes(byte[] bytes) throws EOFException {
+ checkRemaining(bytes.length);
+ System.arraycopy(buf, pos, bytes, 0, bytes.length);
+ pos += bytes.length;
+ }
+
+ /**
+ * Skips over the given number of bytes.
+ *
+ * @param count The number of bytes to read and discard.
+ * @throws EOFException If there are not enough bytes remaining in the packet to satisfy the
+ * read.
+ */
+ public void skip(int count) throws EOFException {
+ checkRemaining(count);
+ pos += count;
+ }
+
+ /**
+ * Peeks at and returns the next byte in the packet, without advancing the read position.
+ *
+ * @throws EOFException If there are not enough bytes remaining in the packet to satisfy the
+ * read.
+ */
+ public byte peekByte() throws EOFException {
+ checkRemaining(1);
+ return buf[pos];
+ }
+
+ /** Returns the current byte position of the reader for the data packet. */
+ public int getPosition() {
+ return pos;
+ }
+
+ // Checks if the number of remaining bytes to be read in the packet is at least |count|.
+ private void checkRemaining(int count) throws EOFException {
+ if (getRemaining() < count) {
+ throw new EOFException();
+ }
+ }
+
+ private static class LabelEntry {
+ public final String label;
+ public int nextOffset = 0;
+
+ public LabelEntry(String label) {
+ this.label = label;
+ }
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsPacketWriter.java b/service/mdns/com/android/server/connectivity/mdns/MdnsPacketWriter.java
new file mode 100644
index 0000000..2fed36d
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsPacketWriter.java
@@ -0,0 +1,223 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.net.SocketAddress;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+/** Simple encoder for mDNS packets. */
+public class MdnsPacketWriter {
+ private static final int MDNS_POINTER_MASK = 0xC000;
+ private final byte[] data;
+ private final Map<Integer, String[]> labelDictionary;
+ private int pos = 0;
+ private int savedWritePos = -1;
+
+ /**
+ * Constructs a writer for a new packet.
+ *
+ * @param maxSize The maximum size of a packet.
+ */
+ public MdnsPacketWriter(int maxSize) {
+ if (maxSize <= 0) {
+ throw new IllegalArgumentException("invalid size");
+ }
+
+ data = new byte[maxSize];
+ labelDictionary = new HashMap<>();
+ }
+
+ /** Returns the current write position. */
+ public int getWritePosition() {
+ return pos;
+ }
+
+ /**
+ * Saves the current write position and then rewinds the write position by the given number of
+ * bytes. This is useful for updating length fields earlier in the packet. Rewinds cannot be
+ * nested.
+ *
+ * @param position The position to rewind to.
+ * @throws IOException If the count would go beyond the beginning of the packet, or if there is
+ * already a rewind in effect.
+ */
+ public void rewind(int position) throws IOException {
+ if ((savedWritePos != -1) || (position > pos) || (position < 0)) {
+ throw new IOException("invalid rewind");
+ }
+
+ savedWritePos = pos;
+ pos = position;
+ }
+
+ /**
+ * Sets the current write position to what it was prior to the last rewind.
+ *
+ * @throws IOException If there was no rewind in effect.
+ */
+ public void unrewind() throws IOException {
+ if (savedWritePos == -1) {
+ throw new IOException("no rewind is in effect");
+ }
+ pos = savedWritePos;
+ savedWritePos = -1;
+ }
+
+ /** Clears any rewind state. */
+ public void clearRewind() {
+ savedWritePos = -1;
+ }
+
+ /**
+ * Writes an unsigned 8-bit integer.
+ *
+ * @param value The value to write.
+ * @throws IOException If there is not enough space remaining in the packet.
+ */
+ public void writeUInt8(int value) throws IOException {
+ checkRemaining(1);
+ data[pos++] = (byte) (value & 0xFF);
+ }
+
+ /**
+ * Writes an unsigned 16-bit integer.
+ *
+ * @param value The value to write.
+ * @throws IOException If there is not enough space remaining in the packet.
+ */
+ public void writeUInt16(int value) throws IOException {
+ checkRemaining(2);
+ data[pos++] = (byte) ((value >>> 8) & 0xFF);
+ data[pos++] = (byte) (value & 0xFF);
+ }
+
+ /**
+ * Writes an unsigned 32-bit integer.
+ *
+ * @param value The value to write.
+ * @throws IOException If there is not enough space remaining in the packet.
+ */
+ public void writeUInt32(long value) throws IOException {
+ checkRemaining(4);
+ data[pos++] = (byte) ((value >>> 24) & 0xFF);
+ data[pos++] = (byte) ((value >>> 16) & 0xFF);
+ data[pos++] = (byte) ((value >>> 8) & 0xFF);
+ data[pos++] = (byte) (value & 0xFF);
+ }
+
+ /**
+ * Writes a specific number of bytes.
+ *
+ * @param data The array to write.
+ * @throws IOException If there is not enough space remaining in the packet.
+ */
+ public void writeBytes(byte[] data) throws IOException {
+ checkRemaining(data.length);
+ System.arraycopy(data, 0, this.data, pos, data.length);
+ pos += data.length;
+ }
+
+ /**
+ * Writes a string.
+ *
+ * @param value The string to write.
+ * @throws IOException If there is not enough space remaining in the packet.
+ */
+ public void writeString(String value) throws IOException {
+ byte[] utf8 = value.getBytes(MdnsConstants.getUtf8Charset());
+ writeUInt8(utf8.length);
+ writeBytes(utf8);
+ }
+
+ /**
+ * Writes a series of labels. Uses name compression.
+ *
+ * @param labels The labels to write.
+ * @throws IOException If there is not enough space remaining in the packet.
+ */
+ public void writeLabels(String[] labels) throws IOException {
+ // See section 4.1.4 of RFC 1035 (http://tools.ietf.org/html/rfc1035) for a description
+ // of the name compression method used here.
+
+ int suffixLength = 0;
+ int suffixPointer = 0;
+
+ for (Map.Entry<Integer, String[]> entry : labelDictionary.entrySet()) {
+ int existingOffset = entry.getKey();
+ String[] existingLabels = entry.getValue();
+
+ if (Arrays.equals(existingLabels, labels)) {
+ writePointer(existingOffset);
+ return;
+ } else if (MdnsRecord.labelsAreSuffix(existingLabels, labels)) {
+ // Keep track of the longest matching suffix so far.
+ if (existingLabels.length > suffixLength) {
+ suffixLength = existingLabels.length;
+ suffixPointer = existingOffset;
+ }
+ }
+ }
+
+ if (suffixLength > 0) {
+ for (int i = 0; i < (labels.length - suffixLength); ++i) {
+ writeString(labels[i]);
+ }
+ writePointer(suffixPointer);
+ } else {
+ int[] offsets = new int[labels.length];
+ for (int i = 0; i < labels.length; ++i) {
+ offsets[i] = getWritePosition();
+ writeString(labels[i]);
+ }
+ writeUInt8(0); // NUL terminator
+
+ // Add entries to the label dictionary for each suffix of the label list, including
+ // the whole list itself.
+ for (int i = 0, len = labels.length; i < labels.length; ++i, --len) {
+ String[] value = new String[len];
+ System.arraycopy(labels, i, value, 0, len);
+ labelDictionary.put(offsets[i], value);
+ }
+ }
+ }
+
+ /** Returns the number of bytes that can still be written. */
+ public int getRemaining() {
+ return data.length - pos;
+ }
+
+ // Writes a pointer to a label.
+ private void writePointer(int offset) throws IOException {
+ writeUInt16(MDNS_POINTER_MASK | offset);
+ }
+
+ // Checks if the remaining space in the packet is at least |count|.
+ private void checkRemaining(int count) throws IOException {
+ if (getRemaining() < count) {
+ throw new IOException();
+ }
+ }
+
+ /** Builds and returns the packet. */
+ public DatagramPacket getPacket(SocketAddress destAddress) throws IOException {
+ return new DatagramPacket(data, pos, destAddress);
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsPointerRecord.java b/service/mdns/com/android/server/connectivity/mdns/MdnsPointerRecord.java
new file mode 100644
index 0000000..0166815
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsPointerRecord.java
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import com.android.internal.annotations.VisibleForTesting;
+
+import java.io.IOException;
+import java.util.Arrays;
+
+/** An mDNS "PTR" record, which holds a name (the "pointer"). */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+@VisibleForTesting
+public class MdnsPointerRecord extends MdnsRecord {
+ private String[] pointer;
+
+ public MdnsPointerRecord(String[] name, MdnsPacketReader reader) throws IOException {
+ super(name, TYPE_PTR, reader);
+ }
+
+ /** Returns the pointer as an array of labels. */
+ public String[] getPointer() {
+ return pointer;
+ }
+
+ @Override
+ protected void readData(MdnsPacketReader reader) throws IOException {
+ pointer = reader.readLabels();
+ }
+
+ @Override
+ protected void writeData(MdnsPacketWriter writer) throws IOException {
+ writer.writeLabels(pointer);
+ }
+
+ public boolean hasSubtype() {
+ return (name != null) && (name.length > 2) && name[1].equals(MdnsConstants.SUBTYPE_LABEL);
+ }
+
+ public String getSubtype() {
+ return hasSubtype() ? name[0] : null;
+ }
+
+ @Override
+ public String toString() {
+ return "PTR: " + labelsToString(name) + " -> " + labelsToString(pointer);
+ }
+
+ @Override
+ public int hashCode() {
+ return (super.hashCode() * 31) + Arrays.hashCode(pointer);
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (this == other) {
+ return true;
+ }
+ if (!(other instanceof MdnsPointerRecord)) {
+ return false;
+ }
+
+ return super.equals(other) && Arrays.equals(pointer, ((MdnsPointerRecord) other).pointer);
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsRecord.java b/service/mdns/com/android/server/connectivity/mdns/MdnsRecord.java
new file mode 100644
index 0000000..24fb09e
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsRecord.java
@@ -0,0 +1,253 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.os.SystemClock;
+import android.text.TextUtils;
+
+import com.android.internal.annotations.VisibleForTesting;
+
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.Objects;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * Abstract base class for mDNS records. Stores the header fields and provides methods for reading
+ * the record from and writing it to a packet.
+ */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+public abstract class MdnsRecord {
+ public static final int TYPE_A = 0x0001;
+ public static final int TYPE_AAAA = 0x001C;
+ public static final int TYPE_PTR = 0x000C;
+ public static final int TYPE_SRV = 0x0021;
+ public static final int TYPE_TXT = 0x0010;
+
+ /** Status indicating that the record is current. */
+ public static final int STATUS_OK = 0;
+ /** Status indicating that the record has expired (TTL reached 0). */
+ public static final int STATUS_EXPIRED = 1;
+ /** Status indicating that the record should be refreshed (Less than half of TTL remains.) */
+ public static final int STATUS_NEEDS_REFRESH = 2;
+
+ protected final String[] name;
+ private final int type;
+ private final int cls;
+ private final long receiptTimeMillis;
+ private final long ttlMillis;
+ private Object key;
+
+ /**
+ * Constructs a new record with the given name and type.
+ *
+ * @param reader The reader to read the record from.
+ * @throws IOException If an error occurs while reading the packet.
+ */
+ protected MdnsRecord(String[] name, int type, MdnsPacketReader reader) throws IOException {
+ this.name = name;
+ this.type = type;
+ cls = reader.readUInt16();
+ ttlMillis = TimeUnit.SECONDS.toMillis(reader.readUInt32());
+ int dataLength = reader.readUInt16();
+
+ receiptTimeMillis = SystemClock.elapsedRealtime();
+
+ reader.setLimit(dataLength);
+ readData(reader);
+ reader.clearLimit();
+ }
+
+ /**
+ * Converts an array of labels into their dot-separated string representation. This method
+ * should
+ * be used for logging purposes only.
+ */
+ public static String labelsToString(String[] labels) {
+ if (labels == null) {
+ return null;
+ }
+ return TextUtils.join(".", labels);
+ }
+
+ /** Tests if |list1| is a suffix of |list2|. */
+ public static boolean labelsAreSuffix(String[] list1, String[] list2) {
+ int offset = list2.length - list1.length;
+
+ if (offset < 1) {
+ return false;
+ }
+
+ for (int i = 0; i < list1.length; ++i) {
+ if (!list1[i].equals(list2[i + offset])) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ /** Returns the record's receipt (creation) time. */
+ public final long getReceiptTime() {
+ return receiptTimeMillis;
+ }
+
+ /** Returns the record's name. */
+ public String[] getName() {
+ return name;
+ }
+
+ /** Returns the record's original TTL, in milliseconds. */
+ public final long getTtl() {
+ return ttlMillis;
+ }
+
+ /** Returns the record's type. */
+ public final int getType() {
+ return type;
+ }
+
+ /**
+ * Returns the record's remaining TTL.
+ *
+ * @param now The current system time.
+ * @return The remaning TTL, in milliseconds.
+ */
+ public long getRemainingTTL(final long now) {
+ long age = now - receiptTimeMillis;
+ if (age > ttlMillis) {
+ return 0;
+ }
+
+ return ttlMillis - age;
+ }
+
+ /**
+ * Reads the record's payload from a packet.
+ *
+ * @param reader The reader to use.
+ * @throws IOException If an I/O error occurs.
+ */
+ protected abstract void readData(MdnsPacketReader reader) throws IOException;
+
+ /**
+ * Writes the record to a packet.
+ *
+ * @param writer The writer to use.
+ * @param now The current system time. This is used when writing the updated TTL.
+ */
+ @VisibleForTesting
+ public final void write(MdnsPacketWriter writer, long now) throws IOException {
+ writer.writeLabels(name);
+ writer.writeUInt16(type);
+ writer.writeUInt16(cls);
+
+ writer.writeUInt32(TimeUnit.MILLISECONDS.toSeconds(getRemainingTTL(now)));
+
+ int dataLengthPos = writer.getWritePosition();
+ writer.writeUInt16(0); // data length
+ int dataPos = writer.getWritePosition();
+
+ writeData(writer);
+
+ // Calculate amount of data written, and overwrite the data field earlier in the packet.
+ int endPos = writer.getWritePosition();
+ int dataLength = endPos - dataPos;
+ writer.rewind(dataLengthPos);
+ writer.writeUInt16(dataLength);
+ writer.unrewind();
+ }
+
+ /**
+ * Writes the record's payload to a packet.
+ *
+ * @param writer The writer to use.
+ * @throws IOException If an I/O error occurs.
+ */
+ protected abstract void writeData(MdnsPacketWriter writer) throws IOException;
+
+ /** Gets the status of the record. */
+ public int getStatus(final long now) {
+ final long age = now - receiptTimeMillis;
+ if (age > ttlMillis) {
+ return STATUS_EXPIRED;
+ }
+ if (age > (ttlMillis / 2)) {
+ return STATUS_NEEDS_REFRESH;
+ }
+ return STATUS_OK;
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (!(other instanceof MdnsRecord)) {
+ return false;
+ }
+
+ MdnsRecord otherRecord = (MdnsRecord) other;
+
+ return Arrays.equals(name, otherRecord.name) && (type == otherRecord.type);
+ }
+
+ @Override
+ public int hashCode() {
+ return Objects.hash(Arrays.hashCode(name), type);
+ }
+
+ /**
+ * Returns an opaque object that uniquely identifies this record through a combination of its
+ * type
+ * and name. Suitable for use as a key in caches.
+ */
+ public final Object getKey() {
+ if (key == null) {
+ key = new Key(type, name);
+ }
+ return key;
+ }
+
+ private static final class Key {
+ private final int recordType;
+ private final String[] recordName;
+
+ public Key(int recordType, String[] recordName) {
+ this.recordType = recordType;
+ this.recordName = recordName;
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (this == other) {
+ return true;
+ }
+ if (!(other instanceof Key)) {
+ return false;
+ }
+
+ Key otherKey = (Key) other;
+
+ return (recordType == otherKey.recordType) && Arrays.equals(recordName,
+ otherKey.recordName);
+ }
+
+ @Override
+ public int hashCode() {
+ return (recordType * 31) + Arrays.hashCode(recordName);
+ }
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsResponse.java b/service/mdns/com/android/server/connectivity/mdns/MdnsResponse.java
new file mode 100644
index 0000000..9f3894f
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsResponse.java
@@ -0,0 +1,380 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import com.android.internal.annotations.VisibleForTesting;
+
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+
+/** An mDNS response. */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+public class MdnsResponse {
+ private final List<MdnsRecord> records;
+ private final List<MdnsPointerRecord> pointerRecords;
+ private MdnsServiceRecord serviceRecord;
+ private MdnsTextRecord textRecord;
+ private MdnsInetAddressRecord inet4AddressRecord;
+ private MdnsInetAddressRecord inet6AddressRecord;
+ private long lastUpdateTime;
+
+ /** Constructs a new, empty response. */
+ public MdnsResponse(long now) {
+ lastUpdateTime = now;
+ records = new LinkedList<>();
+ pointerRecords = new LinkedList<>();
+ }
+
+ // This generic typed helper compares records for equality.
+ // Returns True if records are the same.
+ private <T> boolean recordsAreSame(T a, T b) {
+ return ((a == null) && (b == null)) || ((a != null) && (b != null) && a.equals(b));
+ }
+
+ /**
+ * Adds a pointer record.
+ *
+ * @return <code>true</code> if the record was added, or <code>false</code> if a matching
+ * pointer
+ * record is already present in the response.
+ */
+ public synchronized boolean addPointerRecord(MdnsPointerRecord pointerRecord) {
+ if (!pointerRecords.contains(pointerRecord)) {
+ pointerRecords.add(pointerRecord);
+ records.add(pointerRecord);
+ return true;
+ }
+
+ return false;
+ }
+
+ /** Gets the pointer records. */
+ public synchronized List<MdnsPointerRecord> getPointerRecords() {
+ // Returns a shallow copy.
+ return new LinkedList<>(pointerRecords);
+ }
+
+ public synchronized boolean hasPointerRecords() {
+ return !pointerRecords.isEmpty();
+ }
+
+ @VisibleForTesting
+ /* package */ synchronized void clearPointerRecords() {
+ pointerRecords.clear();
+ }
+
+ public synchronized boolean hasSubtypes() {
+ for (MdnsPointerRecord pointerRecord : pointerRecords) {
+ if (pointerRecord.hasSubtype()) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ public synchronized List<String> getSubtypes() {
+ List<String> subtypes = null;
+
+ for (MdnsPointerRecord pointerRecord : pointerRecords) {
+ if (pointerRecord.hasSubtype()) {
+ if (subtypes == null) {
+ subtypes = new LinkedList<>();
+ }
+ subtypes.add(pointerRecord.getSubtype());
+ }
+ }
+
+ return subtypes;
+ }
+
+ @VisibleForTesting
+ public synchronized void removeSubtypes() {
+ Iterator<MdnsPointerRecord> iter = pointerRecords.iterator();
+ while (iter.hasNext()) {
+ MdnsPointerRecord pointerRecord = iter.next();
+ if (pointerRecord.hasSubtype()) {
+ iter.remove();
+ }
+ }
+ }
+
+ /** Sets the service record. */
+ public synchronized boolean setServiceRecord(MdnsServiceRecord serviceRecord) {
+ if (recordsAreSame(this.serviceRecord, serviceRecord)) {
+ return false;
+ }
+ if (this.serviceRecord != null) {
+ records.remove(this.serviceRecord);
+ }
+ this.serviceRecord = serviceRecord;
+ if (this.serviceRecord != null) {
+ records.add(this.serviceRecord);
+ }
+ return true;
+ }
+
+ /** Gets the service record. */
+ public synchronized MdnsServiceRecord getServiceRecord() {
+ return serviceRecord;
+ }
+
+ public synchronized boolean hasServiceRecord() {
+ return serviceRecord != null;
+ }
+
+ /** Sets the text record. */
+ public synchronized boolean setTextRecord(MdnsTextRecord textRecord) {
+ if (recordsAreSame(this.textRecord, textRecord)) {
+ return false;
+ }
+ if (this.textRecord != null) {
+ records.remove(this.textRecord);
+ }
+ this.textRecord = textRecord;
+ if (this.textRecord != null) {
+ records.add(this.textRecord);
+ }
+ return true;
+ }
+
+ /** Gets the text record. */
+ public synchronized MdnsTextRecord getTextRecord() {
+ return textRecord;
+ }
+
+ public synchronized boolean hasTextRecord() {
+ return textRecord != null;
+ }
+
+ /** Sets the IPv4 address record. */
+ public synchronized boolean setInet4AddressRecord(MdnsInetAddressRecord newInet4AddressRecord) {
+ if (recordsAreSame(this.inet4AddressRecord, newInet4AddressRecord)) {
+ return false;
+ }
+ if (this.inet4AddressRecord != null) {
+ records.remove(this.inet4AddressRecord);
+ }
+ if (newInet4AddressRecord != null && newInet4AddressRecord.getInet4Address() != null) {
+ this.inet4AddressRecord = newInet4AddressRecord;
+ records.add(this.inet4AddressRecord);
+ }
+ return true;
+ }
+
+ /** Gets the IPv4 address record. */
+ public synchronized MdnsInetAddressRecord getInet4AddressRecord() {
+ return inet4AddressRecord;
+ }
+
+ public synchronized boolean hasInet4AddressRecord() {
+ return inet4AddressRecord != null;
+ }
+
+ /** Sets the IPv6 address record. */
+ public synchronized boolean setInet6AddressRecord(MdnsInetAddressRecord newInet6AddressRecord) {
+ if (recordsAreSame(this.inet6AddressRecord, newInet6AddressRecord)) {
+ return false;
+ }
+ if (this.inet6AddressRecord != null) {
+ records.remove(this.inet6AddressRecord);
+ }
+ if (newInet6AddressRecord != null && newInet6AddressRecord.getInet6Address() != null) {
+ this.inet6AddressRecord = newInet6AddressRecord;
+ records.add(this.inet6AddressRecord);
+ }
+ return true;
+ }
+
+
+ /** Gets the IPv6 address record. */
+ public synchronized MdnsInetAddressRecord getInet6AddressRecord() {
+ return inet6AddressRecord;
+ }
+
+ public synchronized boolean hasInet6AddressRecord() {
+ return inet6AddressRecord != null;
+ }
+
+ /** Gets all of the records. */
+ public synchronized List<MdnsRecord> getRecords() {
+ return new LinkedList<>(records);
+ }
+
+ /**
+ * Merges any records that are present in another response into this one.
+ *
+ * @return <code>true</code> if any records were added or updated.
+ */
+ public synchronized boolean mergeRecordsFrom(MdnsResponse other) {
+ lastUpdateTime = other.lastUpdateTime;
+
+ boolean updated = false;
+
+ List<MdnsPointerRecord> pointerRecords = other.getPointerRecords();
+ if (pointerRecords != null) {
+ for (MdnsPointerRecord pointerRecord : pointerRecords) {
+ if (addPointerRecord(pointerRecord)) {
+ updated = true;
+ }
+ }
+ }
+
+ MdnsServiceRecord serviceRecord = other.getServiceRecord();
+ if (serviceRecord != null) {
+ if (setServiceRecord(serviceRecord)) {
+ updated = true;
+ }
+ }
+
+ MdnsTextRecord textRecord = other.getTextRecord();
+ if (textRecord != null) {
+ if (setTextRecord(textRecord)) {
+ updated = true;
+ }
+ }
+
+ MdnsInetAddressRecord otherInet4AddressRecord = other.getInet4AddressRecord();
+ if (otherInet4AddressRecord != null && otherInet4AddressRecord.getInet4Address() != null) {
+ if (setInet4AddressRecord(otherInet4AddressRecord)) {
+ updated = true;
+ }
+ }
+
+ MdnsInetAddressRecord otherInet6AddressRecord = other.getInet6AddressRecord();
+ if (otherInet6AddressRecord != null && otherInet6AddressRecord.getInet6Address() != null) {
+ if (setInet6AddressRecord(otherInet6AddressRecord)) {
+ updated = true;
+ }
+ }
+
+ // If the hostname in the service record no longer matches the hostname in either of the
+ // address records, then drop the address records.
+ if (this.serviceRecord != null) {
+ boolean dropAddressRecords = false;
+
+ if (this.inet4AddressRecord != null) {
+ if (!Arrays.equals(
+ this.serviceRecord.getServiceHost(), this.inet4AddressRecord.getName())) {
+ dropAddressRecords = true;
+ }
+ }
+ if (this.inet6AddressRecord != null) {
+ if (!Arrays.equals(
+ this.serviceRecord.getServiceHost(), this.inet6AddressRecord.getName())) {
+ dropAddressRecords = true;
+ }
+ }
+
+ if (dropAddressRecords) {
+ setInet4AddressRecord(null);
+ setInet6AddressRecord(null);
+ updated = true;
+ }
+ }
+
+ return updated;
+ }
+
+ /**
+ * Tests if the response is complete. A response is considered complete if it contains PTR, SRV,
+ * TXT, and A (for IPv4) or AAAA (for IPv6) records.
+ */
+ public synchronized boolean isComplete() {
+ return !pointerRecords.isEmpty()
+ && (serviceRecord != null)
+ && (textRecord != null)
+ && (inet4AddressRecord != null || inet6AddressRecord != null);
+ }
+
+ /**
+ * Returns the key for this response. The key uniquely identifies the response by its service
+ * name.
+ */
+ public synchronized String getServiceInstanceName() {
+ if (pointerRecords.isEmpty()) {
+ return null;
+ }
+ String[] pointers = pointerRecords.get(0).getPointer();
+ return ((pointers != null) && (pointers.length > 0)) ? pointers[0] : null;
+ }
+
+ /**
+ * Tests if this response is a goodbye message. This will be true if a service record is present
+ * and any of the records have a TTL of 0.
+ */
+ public synchronized boolean isGoodbye() {
+ if (getServiceInstanceName() != null) {
+ for (MdnsRecord record : records) {
+ // Expiring PTR records with subtypes just signal a change in known supported
+ // criteria, not the device itself going offline, so ignore those.
+ if ((record instanceof MdnsPointerRecord)
+ && ((MdnsPointerRecord) record).hasSubtype()) {
+ continue;
+ }
+
+ if (record.getTtl() == 0) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Writes the response to a packet.
+ *
+ * @param writer The writer to use.
+ * @param now The current time. This is used to write updated TTLs that reflect the remaining
+ * TTL
+ * since the response was received.
+ * @return The number of records that were written.
+ * @throws IOException If an error occurred while writing (typically indicating overflow).
+ */
+ public synchronized int write(MdnsPacketWriter writer, long now) throws IOException {
+ int count = 0;
+ for (MdnsPointerRecord pointerRecord : pointerRecords) {
+ pointerRecord.write(writer, now);
+ ++count;
+ }
+
+ if (serviceRecord != null) {
+ serviceRecord.write(writer, now);
+ ++count;
+ }
+
+ if (textRecord != null) {
+ textRecord.write(writer, now);
+ ++count;
+ }
+
+ if (inet4AddressRecord != null) {
+ inet4AddressRecord.write(writer, now);
+ ++count;
+ }
+
+ if (inet6AddressRecord != null) {
+ inet6AddressRecord.write(writer, now);
+ ++count;
+ }
+
+ return count;
+ }
+}
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsResponseDecoder.java b/service/mdns/com/android/server/connectivity/mdns/MdnsResponseDecoder.java
new file mode 100644
index 0000000..3e5fc42
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsResponseDecoder.java
@@ -0,0 +1,298 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.NonNull;
+import android.annotation.Nullable;
+import android.os.SystemClock;
+
+import com.android.server.connectivity.mdns.util.MdnsLogger;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.util.Arrays;
+import java.util.LinkedList;
+import java.util.List;
+
+/** A class that decodes mDNS responses from UDP packets. */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+public class MdnsResponseDecoder {
+
+ public static final int SUCCESS = 0;
+ private static final String TAG = "MdnsResponseDecoder";
+ private static final MdnsLogger LOGGER = new MdnsLogger(TAG);
+ private final String[] serviceType;
+ private final Clock clock;
+
+ /** Constructs a new decoder that will extract responses for the given service type. */
+ public MdnsResponseDecoder(@NonNull Clock clock, @Nullable String[] serviceType) {
+ this.clock = clock;
+ this.serviceType = serviceType;
+ }
+
+ private static void skipMdnsRecord(MdnsPacketReader reader) throws IOException {
+ reader.skip(2 + 4); // skip the class and TTL
+ int dataLength = reader.readUInt16();
+ reader.skip(dataLength);
+ }
+
+ private static MdnsResponse findResponseWithPointer(
+ List<MdnsResponse> responses, String[] pointer) {
+ if (responses != null) {
+ for (MdnsResponse response : responses) {
+ List<MdnsPointerRecord> pointerRecords = response.getPointerRecords();
+ if (pointerRecords == null) {
+ continue;
+ }
+ for (MdnsPointerRecord pointerRecord : pointerRecords) {
+ if (Arrays.equals(pointerRecord.getPointer(), pointer)) {
+ return response;
+ }
+ }
+ }
+ }
+ return null;
+ }
+
+ private static MdnsResponse findResponseWithHostName(
+ List<MdnsResponse> responses, String[] hostName) {
+ if (responses != null) {
+ for (MdnsResponse response : responses) {
+ MdnsServiceRecord serviceRecord = response.getServiceRecord();
+ if (serviceRecord == null) {
+ continue;
+ }
+ if (Arrays.equals(serviceRecord.getServiceHost(), hostName)) {
+ return response;
+ }
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Decodes all mDNS responses for the desired service type from a packet. The class does not
+ * check
+ * the responses for completeness; the caller should do that.
+ *
+ * @param packet The packet to read from.
+ * @return A list of mDNS responses, or null if the packet contained no appropriate responses.
+ */
+ public int decode(@NonNull DatagramPacket packet, @NonNull List<MdnsResponse> responses) {
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+
+ List<MdnsRecord> records;
+ try {
+ reader.readUInt16(); // transaction ID (not used)
+ int flags = reader.readUInt16();
+ if ((flags & MdnsConstants.FLAGS_RESPONSE_MASK) != MdnsConstants.FLAGS_RESPONSE) {
+ return MdnsResponseErrorCode.ERROR_NOT_RESPONSE_MESSAGE;
+ }
+
+ int numQuestions = reader.readUInt16();
+ int numAnswers = reader.readUInt16();
+ int numAuthority = reader.readUInt16();
+ int numRecords = reader.readUInt16();
+
+ LOGGER.log(String.format(
+ "num questions: %d, num answers: %d, num authority: %d, num records: %d",
+ numQuestions, numAnswers, numAuthority, numRecords));
+
+ if (numAnswers < 1) {
+ return MdnsResponseErrorCode.ERROR_NO_ANSWERS;
+ }
+
+ records = new LinkedList<>();
+
+ for (int i = 0; i < (numAnswers + numAuthority + numRecords); ++i) {
+ String[] name;
+ try {
+ name = reader.readLabels();
+ } catch (IOException e) {
+ LOGGER.e("Failed to read labels from mDNS response.", e);
+ return MdnsResponseErrorCode.ERROR_READING_RECORD_NAME;
+ }
+ int type = reader.readUInt16();
+
+ switch (type) {
+ case MdnsRecord.TYPE_A: {
+ try {
+ records.add(new MdnsInetAddressRecord(name, MdnsRecord.TYPE_A, reader));
+ } catch (IOException e) {
+ LOGGER.e("Failed to read A record from mDNS response.", e);
+ return MdnsResponseErrorCode.ERROR_READING_A_RDATA;
+ }
+ break;
+ }
+
+ case MdnsRecord.TYPE_AAAA: {
+ try {
+ // AAAA should only contain the IPv6 address.
+ MdnsInetAddressRecord record =
+ new MdnsInetAddressRecord(name, MdnsRecord.TYPE_AAAA, reader);
+ if (record.getInet6Address() != null) {
+ records.add(record);
+ }
+ } catch (IOException e) {
+ LOGGER.e("Failed to read AAAA record from mDNS response.", e);
+ return MdnsResponseErrorCode.ERROR_READING_AAAA_RDATA;
+ }
+ break;
+ }
+
+ case MdnsRecord.TYPE_PTR: {
+ try {
+ records.add(new MdnsPointerRecord(name, reader));
+ } catch (IOException e) {
+ LOGGER.e("Failed to read PTR record from mDNS response.", e);
+ return MdnsResponseErrorCode.ERROR_READING_PTR_RDATA;
+ }
+ break;
+ }
+
+ case MdnsRecord.TYPE_SRV: {
+ if (name.length == 4) {
+ try {
+ records.add(new MdnsServiceRecord(name, reader));
+ } catch (IOException e) {
+ LOGGER.e("Failed to read SRV record from mDNS response.", e);
+ return MdnsResponseErrorCode.ERROR_READING_SRV_RDATA;
+ }
+ } else {
+ try {
+ skipMdnsRecord(reader);
+ } catch (IOException e) {
+ LOGGER.e("Failed to skip SVR record from mDNS response.", e);
+ return MdnsResponseErrorCode.ERROR_SKIPPING_SRV_RDATA;
+ }
+ }
+ break;
+ }
+
+ case MdnsRecord.TYPE_TXT: {
+ try {
+ records.add(new MdnsTextRecord(name, reader));
+ } catch (IOException e) {
+ LOGGER.e("Failed to read TXT record from mDNS response.", e);
+ return MdnsResponseErrorCode.ERROR_READING_TXT_RDATA;
+ }
+ break;
+ }
+
+ default: {
+ try {
+ skipMdnsRecord(reader);
+ } catch (IOException e) {
+ LOGGER.e("Failed to skip mDNS record.", e);
+ return MdnsResponseErrorCode.ERROR_SKIPPING_UNKNOWN_RECORD;
+ }
+ }
+ }
+ }
+ } catch (EOFException e) {
+ LOGGER.e("Reached the end of the mDNS response unexpectedly.", e);
+ return MdnsResponseErrorCode.ERROR_END_OF_FILE;
+ }
+
+ // The response records are structured in a hierarchy, where some records reference
+ // others, as follows:
+ //
+ // PTR
+ // / \
+ // / \
+ // TXT SRV
+ // / \
+ // / \
+ // A AAAA
+ //
+ // But the order in which these records appear in the response packet is completely
+ // arbitrary. This means that we need to rescan the record list to construct each level of
+ // this hierarchy.
+ //
+ // PTR: service type -> service instance name
+ //
+ // SRV: service instance name -> host name (priority, weight)
+ //
+ // TXT: service instance name -> machine readable txt entries.
+ //
+ // A: host name -> IP address
+
+ // Loop 1: find PTR records, which identify distinct service instances.
+ long now = SystemClock.elapsedRealtime();
+ for (MdnsRecord record : records) {
+ if (record instanceof MdnsPointerRecord) {
+ String[] name = record.getName();
+ if ((serviceType == null)
+ || Arrays.equals(name, serviceType)
+ || ((name.length == (serviceType.length + 2))
+ && name[1].equals(MdnsConstants.SUBTYPE_LABEL)
+ && MdnsRecord.labelsAreSuffix(serviceType, name))) {
+ MdnsPointerRecord pointerRecord = (MdnsPointerRecord) record;
+ // Group PTR records that refer to the same service instance name into a single
+ // response.
+ MdnsResponse response = findResponseWithPointer(responses,
+ pointerRecord.getPointer());
+ if (response == null) {
+ response = new MdnsResponse(now);
+ responses.add(response);
+ }
+ response.addPointerRecord((MdnsPointerRecord) record);
+ }
+ }
+ }
+
+ // Loop 2: find SRV and TXT records, which reference the pointer in the PTR record.
+ for (MdnsRecord record : records) {
+ if (record instanceof MdnsServiceRecord) {
+ MdnsServiceRecord serviceRecord = (MdnsServiceRecord) record;
+ MdnsResponse response = findResponseWithPointer(responses, serviceRecord.getName());
+ if (response != null) {
+ response.setServiceRecord(serviceRecord);
+ }
+ } else if (record instanceof MdnsTextRecord) {
+ MdnsTextRecord textRecord = (MdnsTextRecord) record;
+ MdnsResponse response = findResponseWithPointer(responses, textRecord.getName());
+ if (response != null) {
+ response.setTextRecord(textRecord);
+ }
+ }
+ }
+
+ // Loop 3: find A and AAAA records, which reference the host name in the SRV record.
+ for (MdnsRecord record : records) {
+ if (record instanceof MdnsInetAddressRecord) {
+ MdnsInetAddressRecord inetRecord = (MdnsInetAddressRecord) record;
+ MdnsResponse response = findResponseWithHostName(responses, inetRecord.getName());
+ if (inetRecord.getInet4Address() != null && response != null) {
+ response.setInet4AddressRecord(inetRecord);
+ } else if (inetRecord.getInet6Address() != null && response != null) {
+ response.setInet6AddressRecord(inetRecord);
+ }
+ }
+ }
+
+ return SUCCESS;
+ }
+
+ public static class Clock {
+ public long elapsedRealtime() {
+ return SystemClock.elapsedRealtime();
+ }
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsResponseErrorCode.java b/service/mdns/com/android/server/connectivity/mdns/MdnsResponseErrorCode.java
new file mode 100644
index 0000000..fcf9058
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsResponseErrorCode.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+/**
+ * The list of error code for parsing mDNS response.
+ *
+ * @hide
+ */
+public class MdnsResponseErrorCode {
+ public static final int SUCCESS = 0;
+ public static final int ERROR_NOT_RESPONSE_MESSAGE = 1;
+ public static final int ERROR_NO_ANSWERS = 2;
+ public static final int ERROR_READING_RECORD_NAME = 3;
+ public static final int ERROR_READING_A_RDATA = 4;
+ public static final int ERROR_READING_AAAA_RDATA = 5;
+ public static final int ERROR_READING_PTR_RDATA = 6;
+ public static final int ERROR_SKIPPING_PTR_RDATA = 7;
+ public static final int ERROR_READING_SRV_RDATA = 8;
+ public static final int ERROR_SKIPPING_SRV_RDATA = 9;
+ public static final int ERROR_READING_TXT_RDATA = 10;
+ public static final int ERROR_SKIPPING_UNKNOWN_RECORD = 11;
+ public static final int ERROR_END_OF_FILE = 12;
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsSearchOptions.java b/service/mdns/com/android/server/connectivity/mdns/MdnsSearchOptions.java
new file mode 100644
index 0000000..6e90d2c
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsSearchOptions.java
@@ -0,0 +1,155 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.NonNull;
+import android.os.Parcel;
+import android.os.Parcelable;
+import android.text.TextUtils;
+import android.util.ArraySet;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+import java.util.Objects;
+import java.util.Set;
+
+/**
+ * API configuration parameters for searching the mDNS service.
+ *
+ * <p>Use {@link MdnsSearchOptions.Builder} to create {@link MdnsSearchOptions}.
+ *
+ * @hide
+ */
+public class MdnsSearchOptions implements Parcelable {
+
+ /** @hide */
+ public static final Parcelable.Creator<MdnsSearchOptions> CREATOR =
+ new Parcelable.Creator<MdnsSearchOptions>() {
+ @Override
+ public MdnsSearchOptions createFromParcel(Parcel source) {
+ return new MdnsSearchOptions(source.createStringArrayList(),
+ source.readBoolean());
+ }
+
+ @Override
+ public MdnsSearchOptions[] newArray(int size) {
+ return new MdnsSearchOptions[size];
+ }
+ };
+ private static MdnsSearchOptions defaultOptions;
+ private final List<String> subtypes;
+
+ private final boolean isPassiveMode;
+
+ /** Parcelable constructs for a {@link MdnsServiceInfo}. */
+ MdnsSearchOptions(List<String> subtypes, boolean isPassiveMode) {
+ this.subtypes = new ArrayList<>();
+ if (subtypes != null) {
+ this.subtypes.addAll(subtypes);
+ }
+ this.isPassiveMode = isPassiveMode;
+ }
+
+ /** Returns a {@link Builder} for {@link MdnsSearchOptions}. */
+ public static Builder newBuilder() {
+ return new Builder();
+ }
+
+ /** Returns a default search options. */
+ public static synchronized MdnsSearchOptions getDefaultOptions() {
+ if (defaultOptions == null) {
+ defaultOptions = newBuilder().build();
+ }
+ return defaultOptions;
+ }
+
+ /** @return the list of subtypes to search. */
+ public List<String> getSubtypes() {
+ return subtypes;
+ }
+
+ /**
+ * @return {@code true} if the passive mode is used. The passive mode scans less frequently in
+ * order to conserve battery and produce less network traffic.
+ */
+ public boolean isPassiveMode() {
+ return isPassiveMode;
+ }
+
+ @Override
+ public int describeContents() {
+ return 0;
+ }
+
+ @Override
+ public void writeToParcel(Parcel out, int flags) {
+ out.writeStringList(subtypes);
+ out.writeBoolean(isPassiveMode);
+ }
+
+ /** A builder to create {@link MdnsSearchOptions}. */
+ public static final class Builder {
+ private final Set<String> subtypes;
+ private boolean isPassiveMode = true;
+
+ private Builder() {
+ subtypes = new ArraySet<>();
+ }
+
+ /**
+ * Adds a subtype to search.
+ *
+ * @param subtype the subtype to add.
+ */
+ public Builder addSubtype(@NonNull String subtype) {
+ if (TextUtils.isEmpty(subtype)) {
+ throw new IllegalArgumentException("Empty subtype");
+ }
+ subtypes.add(subtype);
+ return this;
+ }
+
+ /**
+ * Adds a set of subtypes to search.
+ *
+ * @param subtypes The list of subtypes to add.
+ */
+ public Builder addSubtypes(@NonNull Collection<String> subtypes) {
+ this.subtypes.addAll(Objects.requireNonNull(subtypes));
+ return this;
+ }
+
+ /**
+ * Sets if the passive mode scan should be used. The passive mode scans less frequently in
+ * order
+ * to conserve battery and produce less network traffic.
+ *
+ * @param isPassiveMode If set to {@code true}, passive mode will be used. If set to {@code
+ * false}, active mode will be used.
+ */
+ public Builder setIsPassiveMode(boolean isPassiveMode) {
+ this.isPassiveMode = isPassiveMode;
+ return this;
+ }
+
+ /** Builds a {@link MdnsSearchOptions} with the arguments supplied to this builder. */
+ public MdnsSearchOptions build() {
+ return new MdnsSearchOptions(new ArrayList<>(subtypes), isPassiveMode);
+ }
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsServiceBrowserListener.java b/service/mdns/com/android/server/connectivity/mdns/MdnsServiceBrowserListener.java
new file mode 100644
index 0000000..53e58d1
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsServiceBrowserListener.java
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.NonNull;
+
+import java.util.List;
+
+/**
+ * Listener interface for mDNS service instance discovery events.
+ *
+ * @hide
+ */
+public interface MdnsServiceBrowserListener {
+
+ /**
+ * Called when an mDNS service instance is found.
+ *
+ * @param serviceInfo The found mDNS service instance.
+ */
+ void onServiceFound(@NonNull MdnsServiceInfo serviceInfo);
+
+ /**
+ * Called when an mDNS service instance is updated.
+ *
+ * @param serviceInfo The updated mDNS service instance.
+ */
+ void onServiceUpdated(@NonNull MdnsServiceInfo serviceInfo);
+
+ /**
+ * Called when an mDNS service instance is no longer valid and removed.
+ *
+ * @param serviceInstanceName The service instance name of the removed mDNS service.
+ */
+ void onServiceRemoved(@NonNull String serviceInstanceName);
+
+ /**
+ * Called when searching for mDNS service has stopped because of an error.
+ *
+ * TODO (changed when importing code): define error constants
+ *
+ * @param error The error code of the stop reason.
+ */
+ void onSearchStoppedWithError(int error);
+
+ /** Called when it failed to start an mDNS service discovery process. */
+ void onSearchFailedToStart();
+
+ /**
+ * Called when a mDNS service discovery query has been sent.
+ *
+ * @param subtypes The list of subtypes in the discovery query.
+ * @param transactionId The transaction ID of the query.
+ */
+ void onDiscoveryQuerySent(@NonNull List<String> subtypes, int transactionId);
+
+ /**
+ * Called when an error has happened when parsing a received mDNS response packet.
+ *
+ * @param receivedPacketNumber The packet sequence number of the received packet.
+ * @param errorCode The error code, defined in {@link MdnsResponseErrorCode}.
+ */
+ void onFailedToParseMdnsResponse(int receivedPacketNumber, int errorCode);
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsServiceInfo.java b/service/mdns/com/android/server/connectivity/mdns/MdnsServiceInfo.java
new file mode 100644
index 0000000..2e4a4e5
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsServiceInfo.java
@@ -0,0 +1,198 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.NonNull;
+import android.os.Parcel;
+import android.os.Parcelable;
+import android.text.TextUtils;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+
+/**
+ * A class representing a discovered mDNS service instance.
+ *
+ * @hide
+ */
+public class MdnsServiceInfo implements Parcelable {
+
+ /** @hide */
+ public static final Parcelable.Creator<MdnsServiceInfo> CREATOR =
+ new Parcelable.Creator<MdnsServiceInfo>() {
+
+ @Override
+ public MdnsServiceInfo createFromParcel(Parcel source) {
+ return new MdnsServiceInfo(
+ source.readString(),
+ source.createStringArray(),
+ source.createStringArrayList(),
+ source.createStringArray(),
+ source.readInt(),
+ source.readString(),
+ source.readString(),
+ source.createStringArrayList());
+ }
+
+ @Override
+ public MdnsServiceInfo[] newArray(int size) {
+ return new MdnsServiceInfo[size];
+ }
+ };
+
+ private final String serviceInstanceName;
+ private final String[] serviceType;
+ private final List<String> subtypes;
+ private final String[] hostName;
+ private final int port;
+ private final String ipv4Address;
+ private final String ipv6Address;
+ private final Map<String, String> attributes = new HashMap<>();
+ List<String> textStrings;
+
+ /**
+ * Constructs a {@link MdnsServiceInfo} object with default values.
+ *
+ * @hide
+ */
+ public MdnsServiceInfo(
+ String serviceInstanceName,
+ String[] serviceType,
+ List<String> subtypes,
+ String[] hostName,
+ int port,
+ String ipv4Address,
+ String ipv6Address,
+ List<String> textStrings) {
+ this.serviceInstanceName = serviceInstanceName;
+ this.serviceType = serviceType;
+ this.subtypes = new ArrayList<>();
+ if (subtypes != null) {
+ this.subtypes.addAll(subtypes);
+ }
+ this.hostName = hostName;
+ this.port = port;
+ this.ipv4Address = ipv4Address;
+ this.ipv6Address = ipv6Address;
+ if (textStrings != null) {
+ for (String text : textStrings) {
+ int pos = text.indexOf('=');
+ if (pos < 1) {
+ continue;
+ }
+ attributes.put(text.substring(0, pos).toLowerCase(Locale.ENGLISH),
+ text.substring(++pos));
+ }
+ }
+ }
+
+ /** @return the name of this service instance. */
+ public String getServiceInstanceName() {
+ return serviceInstanceName;
+ }
+
+ /** @return the type of this service instance. */
+ public String[] getServiceType() {
+ return serviceType;
+ }
+
+ /** @return the list of subtypes supported by this service instance. */
+ public List<String> getSubtypes() {
+ return new ArrayList<>(subtypes);
+ }
+
+ /**
+ * @return {@code true} if this service instance supports any subtypes.
+ * @return {@code false} if this service instance does not support any subtypes.
+ */
+ public boolean hasSubtypes() {
+ return !subtypes.isEmpty();
+ }
+
+ /** @return the host name of this service instance. */
+ public String[] getHostName() {
+ return hostName;
+ }
+
+ /** @return the port number of this service instance. */
+ public int getPort() {
+ return port;
+ }
+
+ /** @return the IPV4 address of this service instance. */
+ public String getIpv4Address() {
+ return ipv4Address;
+ }
+
+ /** @return the IPV6 address of this service instance. */
+ public String getIpv6Address() {
+ return ipv6Address;
+ }
+
+ /**
+ * @return the attribute value for {@code key}.
+ * @return {@code null} if no attribute value exists for {@code key}.
+ */
+ public String getAttributeByKey(@NonNull String key) {
+ return attributes.get(key.toLowerCase(Locale.ENGLISH));
+ }
+
+ /** @return an immutable map of all attributes. */
+ public Map<String, String> getAttributes() {
+ return Collections.unmodifiableMap(attributes);
+ }
+
+ @Override
+ public int describeContents() {
+ return 0;
+ }
+
+ @Override
+ public void writeToParcel(Parcel out, int flags) {
+ if (textStrings == null) {
+ // Lazily initialize the parcelable field mTextStrings.
+ textStrings = new ArrayList<>(attributes.size());
+ for (Map.Entry<String, String> kv : attributes.entrySet()) {
+ textStrings.add(String.format(Locale.ROOT, "%s=%s", kv.getKey(), kv.getValue()));
+ }
+ }
+
+ out.writeString(serviceInstanceName);
+ out.writeStringArray(serviceType);
+ out.writeStringList(subtypes);
+ out.writeStringArray(hostName);
+ out.writeInt(port);
+ out.writeString(ipv4Address);
+ out.writeString(ipv6Address);
+ out.writeStringList(textStrings);
+ }
+
+ @Override
+ public String toString() {
+ return String.format(
+ Locale.ROOT,
+ "Name: %s, subtypes: %s, ip: %s, port: %d",
+ serviceInstanceName,
+ TextUtils.join(",", subtypes),
+ ipv4Address,
+ port);
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsServiceRecord.java b/service/mdns/com/android/server/connectivity/mdns/MdnsServiceRecord.java
new file mode 100644
index 0000000..7f54d96
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsServiceRecord.java
@@ -0,0 +1,149 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import com.android.internal.annotations.VisibleForTesting;
+
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.Locale;
+import java.util.Objects;
+
+/** An mDNS "SRV" record, which contains service information. */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+@VisibleForTesting
+public class MdnsServiceRecord extends MdnsRecord {
+ public static final int PROTO_NONE = 0;
+ public static final int PROTO_TCP = 1;
+ public static final int PROTO_UDP = 2;
+ private static final String PROTO_TOKEN_TCP = "_tcp";
+ private static final String PROTO_TOKEN_UDP = "_udp";
+ private int servicePriority;
+ private int serviceWeight;
+ private int servicePort;
+ private String[] serviceHost;
+
+ public MdnsServiceRecord(String[] name, MdnsPacketReader reader) throws IOException {
+ super(name, TYPE_SRV, reader);
+ }
+
+ /** Returns the service's port number. */
+ public int getServicePort() {
+ return servicePort;
+ }
+
+ /** Returns the service's host name. */
+ public String[] getServiceHost() {
+ return serviceHost;
+ }
+
+ /** Returns the service's priority. */
+ public int getServicePriority() {
+ return servicePriority;
+ }
+
+ /** Returns the service's weight. */
+ public int getServiceWeight() {
+ return serviceWeight;
+ }
+
+ // Format of name is <instance-name>.<service-name>.<protocol>.<domain>
+
+ /** Returns the service's instance name, which uniquely identifies the service instance. */
+ public String getServiceInstanceName() {
+ if (name.length < 1) {
+ return null;
+ }
+ return name[0];
+ }
+
+ /** Returns the service's name. */
+ public String getServiceName() {
+ if (name.length < 2) {
+ return null;
+ }
+ return name[1];
+ }
+
+ /** Returns the service's protocol. */
+ public int getServiceProtocol() {
+ if (name.length < 3) {
+ return PROTO_NONE;
+ }
+
+ String protocol = name[2];
+ if (protocol.equals(PROTO_TOKEN_TCP)) {
+ return PROTO_TCP;
+ }
+ if (protocol.equals(PROTO_TOKEN_UDP)) {
+ return PROTO_UDP;
+ }
+ return PROTO_NONE;
+ }
+
+ @Override
+ protected void readData(MdnsPacketReader reader) throws IOException {
+ servicePriority = reader.readUInt16();
+ serviceWeight = reader.readUInt16();
+ servicePort = reader.readUInt16();
+ serviceHost = reader.readLabels();
+ }
+
+ @Override
+ protected void writeData(MdnsPacketWriter writer) throws IOException {
+ writer.writeUInt16(servicePriority);
+ writer.writeUInt16(serviceWeight);
+ writer.writeUInt16(servicePort);
+ writer.writeLabels(serviceHost);
+ }
+
+ @Override
+ public String toString() {
+ return String.format(
+ Locale.ROOT,
+ "SRV: %s:%d (prio=%d, weight=%d)",
+ labelsToString(serviceHost),
+ servicePort,
+ servicePriority,
+ serviceWeight);
+ }
+
+ @Override
+ public int hashCode() {
+ return (super.hashCode() * 31)
+ + Objects.hash(servicePriority, serviceWeight, Arrays.hashCode(serviceHost),
+ servicePort);
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (this == other) {
+ return true;
+ }
+ if (!(other instanceof MdnsServiceRecord)) {
+ return false;
+ }
+ MdnsServiceRecord otherRecord = (MdnsServiceRecord) other;
+
+ return super.equals(other)
+ && (servicePriority == otherRecord.servicePriority)
+ && (serviceWeight == otherRecord.serviceWeight)
+ && Arrays.equals(serviceHost, otherRecord.serviceHost)
+ && (servicePort == otherRecord.servicePort);
+ }
+}
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsServiceTypeClient.java b/service/mdns/com/android/server/connectivity/mdns/MdnsServiceTypeClient.java
new file mode 100644
index 0000000..e335de9
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsServiceTypeClient.java
@@ -0,0 +1,370 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.NonNull;
+import android.text.TextUtils;
+import android.util.ArraySet;
+import android.util.Pair;
+
+import com.android.internal.annotations.GuardedBy;
+import com.android.internal.annotations.VisibleForTesting;
+import com.android.server.connectivity.mdns.util.MdnsLogger;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.Future;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * Instance of this class sends and receives mDNS packets of a given service type and invoke
+ * registered {@link MdnsServiceBrowserListener} instances.
+ */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+public class MdnsServiceTypeClient {
+
+ private static final int DEFAULT_MTU = 1500;
+ private static final MdnsLogger LOGGER = new MdnsLogger("MdnsServiceTypeClient");
+
+ private final String serviceType;
+ private final String[] serviceTypeLabels;
+ private final MdnsSocketClient socketClient;
+ private final ScheduledExecutorService executor;
+ private final Object lock = new Object();
+ private final Set<MdnsServiceBrowserListener> listeners = new ArraySet<>();
+ private final Map<String, MdnsResponse> instanceNameToResponse = new HashMap<>();
+
+ // The session ID increases when startSendAndReceive() is called where we schedule a
+ // QueryTask for
+ // new subtypes. It stays the same between packets for same subtypes.
+ private long currentSessionId = 0;
+
+ @GuardedBy("lock")
+ private Future<?> requestTaskFuture;
+
+ /**
+ * Constructor of {@link MdnsServiceTypeClient}.
+ *
+ * @param socketClient Sends and receives mDNS packet.
+ * @param executor A {@link ScheduledExecutorService} used to schedule query tasks.
+ */
+ public MdnsServiceTypeClient(
+ @NonNull String serviceType,
+ @NonNull MdnsSocketClient socketClient,
+ @NonNull ScheduledExecutorService executor) {
+ this.serviceType = serviceType;
+ this.socketClient = socketClient;
+ this.executor = executor;
+ serviceTypeLabels = TextUtils.split(serviceType, "\\.");
+ }
+
+ private static MdnsServiceInfo buildMdnsServiceInfoFromResponse(
+ @NonNull MdnsResponse response, @NonNull String[] serviceTypeLabels) {
+ String[] hostName = response.getServiceRecord().getServiceHost();
+ int port = response.getServiceRecord().getServicePort();
+
+ String ipv4Address = null;
+ String ipv6Address = null;
+ if (response.hasInet4AddressRecord()) {
+ ipv4Address = response.getInet4AddressRecord().getInet4Address().getHostAddress();
+ }
+ if (response.hasInet6AddressRecord()) {
+ ipv6Address = response.getInet6AddressRecord().getInet6Address().getHostAddress();
+ }
+ // TODO: Throw an error message if response doesn't have Inet6 or Inet4 address.
+ return new MdnsServiceInfo(
+ response.getServiceInstanceName(),
+ serviceTypeLabels,
+ response.getSubtypes(),
+ hostName,
+ port,
+ ipv4Address,
+ ipv6Address,
+ response.getTextRecord().getStrings());
+ }
+
+ /**
+ * Registers {@code listener} for receiving discovery event of mDNS service instances, and
+ * starts
+ * (or continue) to send mDNS queries periodically.
+ *
+ * @param listener The {@link MdnsServiceBrowserListener} to register.
+ * @param searchOptions {@link MdnsSearchOptions} contains the list of subtypes to discover.
+ */
+ public void startSendAndReceive(
+ @NonNull MdnsServiceBrowserListener listener,
+ @NonNull MdnsSearchOptions searchOptions) {
+ synchronized (lock) {
+ if (!listeners.contains(listener)) {
+ listeners.add(listener);
+ for (MdnsResponse existingResponse : instanceNameToResponse.values()) {
+ if (existingResponse.isComplete()) {
+ listener.onServiceFound(
+ buildMdnsServiceInfoFromResponse(existingResponse,
+ serviceTypeLabels));
+ }
+ }
+ }
+ // Cancel the next scheduled periodical task.
+ if (requestTaskFuture != null) {
+ requestTaskFuture.cancel(true);
+ }
+ // Keep tracking the ScheduledFuture for the task so we can cancel it if caller is not
+ // interested anymore.
+ requestTaskFuture =
+ executor.submit(
+ new QueryTask(
+ new QueryTaskConfig(
+ searchOptions.getSubtypes(),
+ searchOptions.isPassiveMode(),
+ ++currentSessionId)));
+ }
+ }
+
+ /**
+ * Unregisters {@code listener} from receiving discovery event of mDNS service instances.
+ *
+ * @param listener The {@link MdnsServiceBrowserListener} to unregister.
+ * @return {@code true} if no listener is registered with this client after unregistering {@code
+ * listener}. Otherwise returns {@code false}.
+ */
+ public boolean stopSendAndReceive(@NonNull MdnsServiceBrowserListener listener) {
+ synchronized (lock) {
+ listeners.remove(listener);
+ if (listeners.isEmpty() && requestTaskFuture != null) {
+ requestTaskFuture.cancel(true);
+ requestTaskFuture = null;
+ }
+ return listeners.isEmpty();
+ }
+ }
+
+ public String[] getServiceTypeLabels() {
+ return serviceTypeLabels;
+ }
+
+ public synchronized void processResponse(@NonNull MdnsResponse response) {
+ if (response.isGoodbye()) {
+ onGoodbyeReceived(response.getServiceInstanceName());
+ } else {
+ onResponseReceived(response);
+ }
+ }
+
+ public synchronized void onFailedToParseMdnsResponse(int receivedPacketNumber, int errorCode) {
+ for (MdnsServiceBrowserListener listener : listeners) {
+ listener.onFailedToParseMdnsResponse(receivedPacketNumber, errorCode);
+ }
+ }
+
+ private void onResponseReceived(@NonNull MdnsResponse response) {
+ MdnsResponse currentResponse;
+ currentResponse = instanceNameToResponse.get(response.getServiceInstanceName());
+
+ boolean newServiceFound = false;
+ boolean existingServiceChanged = false;
+ if (currentResponse == null) {
+ newServiceFound = true;
+ currentResponse = response;
+ instanceNameToResponse.put(response.getServiceInstanceName(), currentResponse);
+ } else if (currentResponse.mergeRecordsFrom(response)) {
+ existingServiceChanged = true;
+ }
+ if (!currentResponse.isComplete() || (!newServiceFound && !existingServiceChanged)) {
+ return;
+ }
+ MdnsServiceInfo serviceInfo =
+ buildMdnsServiceInfoFromResponse(currentResponse, serviceTypeLabels);
+
+ for (MdnsServiceBrowserListener listener : listeners) {
+ if (newServiceFound) {
+ listener.onServiceFound(serviceInfo);
+ } else {
+ listener.onServiceUpdated(serviceInfo);
+ }
+ }
+ }
+
+ private void onGoodbyeReceived(@NonNull String serviceInstanceName) {
+ instanceNameToResponse.remove(serviceInstanceName);
+ for (MdnsServiceBrowserListener listener : listeners) {
+ listener.onServiceRemoved(serviceInstanceName);
+ }
+ }
+
+ @VisibleForTesting
+ MdnsPacketWriter createMdnsPacketWriter() {
+ return new MdnsPacketWriter(DEFAULT_MTU);
+ }
+
+ // A configuration for the PeriodicalQueryTask that contains parameters to build a query packet.
+ // Call to getConfigForNextRun returns a config that can be used to build the next query task.
+ @VisibleForTesting
+ static class QueryTaskConfig {
+
+ private static final int INITIAL_TIME_BETWEEN_BURSTS_MS =
+ (int) MdnsConfigs.initialTimeBetweenBurstsMs();
+ private static final int TIME_BETWEEN_BURSTS_MS = (int) MdnsConfigs.timeBetweenBurstsMs();
+ private static final int QUERIES_PER_BURST = (int) MdnsConfigs.queriesPerBurst();
+ private static final int TIME_BETWEEN_QUERIES_IN_BURST_MS =
+ (int) MdnsConfigs.timeBetweenQueriesInBurstMs();
+ private static final int QUERIES_PER_BURST_PASSIVE_MODE =
+ (int) MdnsConfigs.queriesPerBurstPassive();
+ private static final int UNSIGNED_SHORT_MAX_VALUE = 65536;
+ // The following fields are used by QueryTask so we need to test them.
+ @VisibleForTesting
+ final List<String> subtypes;
+ private final boolean alwaysAskForUnicastResponse =
+ MdnsConfigs.alwaysAskForUnicastResponseInEachBurst();
+ private final boolean usePassiveMode;
+ private final long sessionId;
+ @VisibleForTesting
+ int transactionId;
+ @VisibleForTesting
+ boolean expectUnicastResponse;
+ private int queriesPerBurst;
+ private int timeBetweenBurstsInMs;
+ private int burstCounter;
+ private int timeToRunNextTaskInMs;
+ private boolean isFirstBurst;
+
+ QueryTaskConfig(@NonNull Collection<String> subtypes, boolean usePassiveMode,
+ long sessionId) {
+ this.usePassiveMode = usePassiveMode;
+ this.subtypes = new ArrayList<>(subtypes);
+ this.queriesPerBurst = QUERIES_PER_BURST;
+ this.burstCounter = 0;
+ this.transactionId = 1;
+ this.expectUnicastResponse = true;
+ this.isFirstBurst = true;
+ this.sessionId = sessionId;
+ // Config the scan frequency based on the scan mode.
+ if (this.usePassiveMode) {
+ // In passive scan mode, sends a single burst of QUERIES_PER_BURST queries, and then
+ // in each TIME_BETWEEN_BURSTS interval, sends QUERIES_PER_BURST_PASSIVE_MODE
+ // queries.
+ this.timeBetweenBurstsInMs = TIME_BETWEEN_BURSTS_MS;
+ } else {
+ // In active scan mode, sends a burst of QUERIES_PER_BURST queries,
+ // TIME_BETWEEN_QUERIES_IN_BURST_MS apart, then waits for the scan interval, and
+ // then repeats. The scan interval starts as INITIAL_TIME_BETWEEN_BURSTS_MS and
+ // doubles until it maxes out at TIME_BETWEEN_BURSTS_MS.
+ this.timeBetweenBurstsInMs = INITIAL_TIME_BETWEEN_BURSTS_MS;
+ }
+ }
+
+ QueryTaskConfig getConfigForNextRun() {
+ if (++transactionId > UNSIGNED_SHORT_MAX_VALUE) {
+ transactionId = 1;
+ }
+ // Only the first query expects uni-cast response.
+ expectUnicastResponse = false;
+ if (++burstCounter == queriesPerBurst) {
+ burstCounter = 0;
+
+ if (alwaysAskForUnicastResponse) {
+ expectUnicastResponse = true;
+ }
+ // In passive scan mode, sends a single burst of QUERIES_PER_BURST queries, and
+ // then in each TIME_BETWEEN_BURSTS interval, sends QUERIES_PER_BURST_PASSIVE_MODE
+ // queries.
+ if (isFirstBurst) {
+ isFirstBurst = false;
+ if (usePassiveMode) {
+ queriesPerBurst = QUERIES_PER_BURST_PASSIVE_MODE;
+ }
+ }
+ // In active scan mode, sends a burst of QUERIES_PER_BURST queries,
+ // TIME_BETWEEN_QUERIES_IN_BURST_MS apart, then waits for the scan interval, and
+ // then repeats. The scan interval starts as INITIAL_TIME_BETWEEN_BURSTS_MS and
+ // doubles until it maxes out at TIME_BETWEEN_BURSTS_MS.
+ timeToRunNextTaskInMs = timeBetweenBurstsInMs;
+ if (timeBetweenBurstsInMs < TIME_BETWEEN_BURSTS_MS) {
+ timeBetweenBurstsInMs = Math.min(timeBetweenBurstsInMs * 2,
+ TIME_BETWEEN_BURSTS_MS);
+ }
+ } else {
+ timeToRunNextTaskInMs = TIME_BETWEEN_QUERIES_IN_BURST_MS;
+ }
+ return this;
+ }
+ }
+
+ // A FutureTask that enqueues a single query, and schedule a new FutureTask for the next task.
+ private class QueryTask implements Runnable {
+
+ private final QueryTaskConfig config;
+
+ QueryTask(@NonNull QueryTaskConfig config) {
+ this.config = config;
+ }
+
+ @Override
+ public void run() {
+ Pair<Integer, List<String>> result;
+ try {
+ result =
+ new EnqueueMdnsQueryCallable(
+ socketClient,
+ createMdnsPacketWriter(),
+ serviceType,
+ config.subtypes,
+ config.expectUnicastResponse,
+ config.transactionId)
+ .call();
+ } catch (Exception e) {
+ LOGGER.e(String.format("Failed to run EnqueueMdnsQueryCallable for subtype: %s",
+ TextUtils.join(",", config.subtypes)), e);
+ result = null;
+ }
+ synchronized (lock) {
+ if (MdnsConfigs.useSessionIdToScheduleMdnsTask()) {
+ // In case that the task is not canceled successfully, use session ID to check
+ // if this task should continue to schedule more.
+ if (config.sessionId != currentSessionId) {
+ return;
+ }
+ }
+
+ if (MdnsConfigs.shouldCancelScanTaskWhenFutureIsNull()) {
+ if (requestTaskFuture == null) {
+ // If requestTaskFuture is set to null, the task is cancelled. We can't use
+ // isCancelled() here because this QueryTask is different from the future
+ // that is returned from executor.schedule(). See b/71646910.
+ return;
+ }
+ }
+ if ((result != null)) {
+ for (MdnsServiceBrowserListener listener : listeners) {
+ listener.onDiscoveryQuerySent(result.second, result.first);
+ }
+ }
+ QueryTaskConfig config = this.config.getConfigForNextRun();
+ requestTaskFuture =
+ executor.schedule(
+ new QueryTask(config), config.timeToRunNextTaskInMs,
+ TimeUnit.MILLISECONDS);
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsSocket.java b/service/mdns/com/android/server/connectivity/mdns/MdnsSocket.java
new file mode 100644
index 0000000..34db7f0
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsSocket.java
@@ -0,0 +1,114 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.NonNull;
+
+import com.android.internal.annotations.VisibleForTesting;
+
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.net.InetSocketAddress;
+import java.net.MulticastSocket;
+import java.util.List;
+
+/**
+ * {@link MdnsSocket} provides a similar interface to {@link MulticastSocket} and binds to all
+ * available multi-cast network interfaces.
+ *
+ * @see MulticastSocket for javadoc of each public method.
+ */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+public class MdnsSocket {
+ private static final InetSocketAddress MULTICAST_IPV4_ADDRESS =
+ new InetSocketAddress(MdnsConstants.getMdnsIPv4Address(), MdnsConstants.MDNS_PORT);
+ private static final InetSocketAddress MULTICAST_IPV6_ADDRESS =
+ new InetSocketAddress(MdnsConstants.getMdnsIPv6Address(), MdnsConstants.MDNS_PORT);
+ private static boolean isOnIPv6OnlyNetwork = false;
+ private final MulticastNetworkInterfaceProvider multicastNetworkInterfaceProvider;
+ private final MulticastSocket multicastSocket;
+
+ public MdnsSocket(
+ @NonNull MulticastNetworkInterfaceProvider multicastNetworkInterfaceProvider, int port)
+ throws IOException {
+ this.multicastNetworkInterfaceProvider = multicastNetworkInterfaceProvider;
+ this.multicastNetworkInterfaceProvider.startWatchingConnectivityChanges();
+ multicastSocket = createMulticastSocket(port);
+ // RFC Spec: https://tools.ietf.org/html/rfc6762
+ // Time to live is set 255, which is similar to the jMDNS implementation.
+ multicastSocket.setTimeToLive(255);
+
+ // TODO (changed when importing code): consider tagging the socket for data usage
+ isOnIPv6OnlyNetwork = false;
+ }
+
+ public void send(DatagramPacket packet) throws IOException {
+ List<NetworkInterfaceWrapper> networkInterfaces =
+ multicastNetworkInterfaceProvider.getMulticastNetworkInterfaces();
+ for (NetworkInterfaceWrapper networkInterface : networkInterfaces) {
+ multicastSocket.setNetworkInterface(networkInterface.getNetworkInterface());
+ multicastSocket.send(packet);
+ }
+ }
+
+ public void receive(DatagramPacket packet) throws IOException {
+ multicastSocket.receive(packet);
+ }
+
+ public void joinGroup() throws IOException {
+ List<NetworkInterfaceWrapper> networkInterfaces =
+ multicastNetworkInterfaceProvider.getMulticastNetworkInterfaces();
+ InetSocketAddress multicastAddress = MULTICAST_IPV4_ADDRESS;
+ if (multicastNetworkInterfaceProvider.isOnIpV6OnlyNetwork(networkInterfaces)) {
+ isOnIPv6OnlyNetwork = true;
+ multicastAddress = MULTICAST_IPV6_ADDRESS;
+ } else {
+ isOnIPv6OnlyNetwork = false;
+ }
+ for (NetworkInterfaceWrapper networkInterface : networkInterfaces) {
+ multicastSocket.joinGroup(multicastAddress, networkInterface.getNetworkInterface());
+ }
+ }
+
+ public void leaveGroup() throws IOException {
+ List<NetworkInterfaceWrapper> networkInterfaces =
+ multicastNetworkInterfaceProvider.getMulticastNetworkInterfaces();
+ InetSocketAddress multicastAddress = MULTICAST_IPV4_ADDRESS;
+ if (multicastNetworkInterfaceProvider.isOnIpV6OnlyNetwork(networkInterfaces)) {
+ multicastAddress = MULTICAST_IPV6_ADDRESS;
+ }
+ for (NetworkInterfaceWrapper networkInterface : networkInterfaces) {
+ multicastSocket.leaveGroup(multicastAddress, networkInterface.getNetworkInterface());
+ }
+ }
+
+ public void close() {
+ // This is a race with the use of the file descriptor (b/27403984).
+ multicastSocket.close();
+ multicastNetworkInterfaceProvider.stopWatchingConnectivityChanges();
+ }
+
+ @VisibleForTesting
+ MulticastSocket createMulticastSocket(int port) throws IOException {
+ return new MulticastSocket(port);
+ }
+
+ public boolean isOnIPv6OnlyNetwork() {
+ return isOnIPv6OnlyNetwork;
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsSocketClient.java b/service/mdns/com/android/server/connectivity/mdns/MdnsSocketClient.java
new file mode 100644
index 0000000..010f761
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsSocketClient.java
@@ -0,0 +1,504 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.Manifest.permission;
+import android.annotation.NonNull;
+import android.annotation.Nullable;
+import android.annotation.RequiresPermission;
+import android.content.Context;
+import android.net.wifi.WifiManager.MulticastLock;
+import android.os.SystemClock;
+import android.text.format.DateUtils;
+
+import com.android.internal.annotations.VisibleForTesting;
+import com.android.server.connectivity.mdns.util.MdnsLogger;
+
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.util.ArrayDeque;
+import java.util.ArrayList;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Queue;
+import java.util.Timer;
+import java.util.TimerTask;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicInteger;
+
+/**
+ * The {@link MdnsSocketClient} maintains separate threads to send and receive mDNS packets for all
+ * the requested service types.
+ *
+ * <p>See https://tools.ietf.org/html/rfc6763 (namely sections 4 and 5).
+ */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+public class MdnsSocketClient {
+
+ private static final String TAG = "MdnsClient";
+ // TODO: The following values are copied from cast module. We need to think about the
+ // better way to share those.
+ private static final String CAST_SENDER_LOG_SOURCE = "CAST_SENDER_SDK";
+ private static final String CAST_PREFS_NAME = "google_cast";
+ private static final String PREF_CAST_SENDER_ID = "PREF_CAST_SENDER_ID";
+ private static final MdnsLogger LOGGER = new MdnsLogger(TAG);
+ private static final String MULTICAST_TYPE = "multicast";
+ private static final String UNICAST_TYPE = "unicast";
+
+ private static final long SLEEP_TIME_FOR_SOCKET_THREAD_MS =
+ MdnsConfigs.sleepTimeForSocketThreadMs();
+ // A value of 0 leads to an infinite wait.
+ private static final long THREAD_JOIN_TIMEOUT_MS = DateUtils.SECOND_IN_MILLIS;
+ private static final int RECEIVER_BUFFER_SIZE = 2048;
+ @VisibleForTesting
+ final Queue<DatagramPacket> multicastPacketQueue = new ArrayDeque<>();
+ @VisibleForTesting
+ final Queue<DatagramPacket> unicastPacketQueue = new ArrayDeque<>();
+ private final Context context;
+ private final byte[] multicastReceiverBuffer = new byte[RECEIVER_BUFFER_SIZE];
+ private final byte[] unicastReceiverBuffer;
+ private final MdnsResponseDecoder responseDecoder;
+ private final MulticastLock multicastLock;
+ private final boolean useSeparateSocketForUnicast =
+ MdnsConfigs.useSeparateSocketToSendUnicastQuery();
+ private final boolean checkMulticastResponse = MdnsConfigs.checkMulticastResponse();
+ private final long checkMulticastResponseIntervalMs =
+ MdnsConfigs.checkMulticastResponseIntervalMs();
+ private final Object socketLock = new Object();
+ private final Object timerObject = new Object();
+ // If multicast response was received in the current session. The value is reset in the
+ // beginning of each session.
+ @VisibleForTesting
+ boolean receivedMulticastResponse;
+ // If unicast response was received in the current session. The value is reset in the beginning
+ // of each session.
+ @VisibleForTesting
+ boolean receivedUnicastResponse;
+ // If the phone is the bad state where it can't receive any multicast response.
+ @VisibleForTesting
+ AtomicBoolean cannotReceiveMulticastResponse = new AtomicBoolean(false);
+ @VisibleForTesting
+ volatile Thread sendThread;
+ @VisibleForTesting
+ Thread multicastReceiveThread;
+ @VisibleForTesting
+ Thread unicastReceiveThread;
+ private volatile boolean shouldStopSocketLoop;
+ private Callback callback;
+ private MdnsSocket multicastSocket;
+ private MdnsSocket unicastSocket;
+ private int receivedPacketNumber = 0;
+ private Timer logMdnsPacketTimer;
+ private AtomicInteger packetsCount;
+ private Timer checkMulticastResponseTimer;
+
+ public MdnsSocketClient(@NonNull Context context, @NonNull MulticastLock multicastLock) {
+ this.context = context;
+ this.multicastLock = multicastLock;
+ responseDecoder = new MdnsResponseDecoder(new MdnsResponseDecoder.Clock(), null);
+ if (useSeparateSocketForUnicast) {
+ unicastReceiverBuffer = new byte[RECEIVER_BUFFER_SIZE];
+ } else {
+ unicastReceiverBuffer = null;
+ }
+ }
+
+ public synchronized void setCallback(@Nullable Callback callback) {
+ this.callback = callback;
+ }
+
+ @RequiresPermission(permission.CHANGE_WIFI_MULTICAST_STATE)
+ public synchronized void startDiscovery() throws IOException {
+ if (multicastSocket != null) {
+ LOGGER.w("Discovery is already in progress.");
+ return;
+ }
+
+ receivedMulticastResponse = false;
+ receivedUnicastResponse = false;
+ cannotReceiveMulticastResponse.set(false);
+
+ shouldStopSocketLoop = false;
+ try {
+ // TODO (changed when importing code): consider setting thread stats tag
+ multicastSocket = createMdnsSocket(MdnsConstants.MDNS_PORT);
+ multicastSocket.joinGroup();
+ if (useSeparateSocketForUnicast) {
+ // For unicast, use port 0 and the system will assign it with any available port.
+ unicastSocket = createMdnsSocket(0);
+ }
+ multicastLock.acquire();
+ } catch (IOException e) {
+ multicastLock.release();
+ if (multicastSocket != null) {
+ multicastSocket.close();
+ multicastSocket = null;
+ }
+ if (unicastSocket != null) {
+ unicastSocket.close();
+ unicastSocket = null;
+ }
+ throw e;
+ } finally {
+ // TODO (changed when importing code): consider resetting thread stats tag
+ }
+ createAndStartSendThread();
+ createAndStartReceiverThreads();
+ }
+
+ @RequiresPermission(permission.CHANGE_WIFI_MULTICAST_STATE)
+ public void stopDiscovery() {
+ LOGGER.log("Stop discovery.");
+ if (multicastSocket == null && unicastSocket == null) {
+ return;
+ }
+
+ if (MdnsConfigs.clearMdnsPacketQueueAfterDiscoveryStops()) {
+ synchronized (multicastPacketQueue) {
+ multicastPacketQueue.clear();
+ }
+ synchronized (unicastPacketQueue) {
+ unicastPacketQueue.clear();
+ }
+ }
+
+ multicastLock.release();
+
+ shouldStopSocketLoop = true;
+ waitForSendThreadToStop();
+ waitForReceiverThreadsToStop();
+
+ synchronized (socketLock) {
+ multicastSocket = null;
+ unicastSocket = null;
+ }
+
+ synchronized (timerObject) {
+ if (checkMulticastResponseTimer != null) {
+ checkMulticastResponseTimer.cancel();
+ checkMulticastResponseTimer = null;
+ }
+ }
+ }
+
+ /** Sends a mDNS request packet that asks for multicast response. */
+ public void sendMulticastPacket(@NonNull DatagramPacket packet) {
+ sendMdnsPacket(packet, multicastPacketQueue);
+ }
+
+ /** Sends a mDNS request packet that asks for unicast response. */
+ public void sendUnicastPacket(DatagramPacket packet) {
+ if (useSeparateSocketForUnicast) {
+ sendMdnsPacket(packet, unicastPacketQueue);
+ } else {
+ sendMdnsPacket(packet, multicastPacketQueue);
+ }
+ }
+
+ private void sendMdnsPacket(DatagramPacket packet, Queue<DatagramPacket> packetQueueToUse) {
+ if (shouldStopSocketLoop && !MdnsConfigs.allowAddMdnsPacketAfterDiscoveryStops()) {
+ LOGGER.w("sendMdnsPacket() is called after discovery already stopped");
+ return;
+ }
+ synchronized (packetQueueToUse) {
+ while (packetQueueToUse.size() >= MdnsConfigs.mdnsPacketQueueMaxSize()) {
+ packetQueueToUse.remove();
+ }
+ packetQueueToUse.add(packet);
+ }
+ triggerSendThread();
+ }
+
+ private void createAndStartSendThread() {
+ if (sendThread != null) {
+ LOGGER.w("A socket thread already exists.");
+ return;
+ }
+ sendThread = new Thread(this::sendThreadMain);
+ sendThread.setName("mdns-send");
+ sendThread.start();
+ }
+
+ private void createAndStartReceiverThreads() {
+ if (multicastReceiveThread != null) {
+ LOGGER.w("A multicast receiver thread already exists.");
+ return;
+ }
+ multicastReceiveThread =
+ new Thread(() -> receiveThreadMain(multicastReceiverBuffer, multicastSocket));
+ multicastReceiveThread.setName("mdns-multicast-receive");
+ multicastReceiveThread.start();
+
+ if (useSeparateSocketForUnicast) {
+ unicastReceiveThread =
+ new Thread(() -> receiveThreadMain(unicastReceiverBuffer, unicastSocket));
+ unicastReceiveThread.setName("mdns-unicast-receive");
+ unicastReceiveThread.start();
+ }
+ }
+
+ private void triggerSendThread() {
+ LOGGER.log("Trigger send thread.");
+ Thread sendThread = this.sendThread;
+ if (sendThread != null) {
+ sendThread.interrupt();
+ } else {
+ LOGGER.w("Socket thread is null");
+ }
+ }
+
+ private void waitForReceiverThreadsToStop() {
+ if (multicastReceiveThread != null) {
+ waitForThread(multicastReceiveThread);
+ multicastReceiveThread = null;
+ }
+
+ if (unicastReceiveThread != null) {
+ waitForThread(unicastReceiveThread);
+ unicastReceiveThread = null;
+ }
+ }
+
+ private void waitForSendThreadToStop() {
+ LOGGER.log("wait For Send Thread To Stop");
+ if (sendThread == null) {
+ LOGGER.w("socket thread is already dead.");
+ return;
+ }
+ waitForThread(sendThread);
+ sendThread = null;
+ }
+
+ private void waitForThread(Thread thread) {
+ long startMs = SystemClock.elapsedRealtime();
+ long waitMs = THREAD_JOIN_TIMEOUT_MS;
+ while (thread.isAlive() && (waitMs > 0)) {
+ try {
+ thread.interrupt();
+ thread.join(waitMs);
+ if (thread.isAlive()) {
+ LOGGER.w("Failed to join thread: " + thread);
+ }
+ break;
+ } catch (InterruptedException e) {
+ // Compute remaining time after at least a single join call, in case the clock
+ // resolution is poor.
+ waitMs = THREAD_JOIN_TIMEOUT_MS - (SystemClock.elapsedRealtime() - startMs);
+ }
+ }
+ }
+
+ private void sendThreadMain() {
+ List<DatagramPacket> multicastPacketsToSend = new ArrayList<>();
+ List<DatagramPacket> unicastPacketsToSend = new ArrayList<>();
+ boolean shouldThreadSleep;
+ try {
+ while (!shouldStopSocketLoop) {
+ try {
+ // Make a local copy of all packets, and clear the queue.
+ // Send packets that ask for multicast response.
+ multicastPacketsToSend.clear();
+ synchronized (multicastPacketQueue) {
+ multicastPacketsToSend.addAll(multicastPacketQueue);
+ multicastPacketQueue.clear();
+ }
+
+ // Send packets that ask for unicast response.
+ if (useSeparateSocketForUnicast) {
+ unicastPacketsToSend.clear();
+ synchronized (unicastPacketQueue) {
+ unicastPacketsToSend.addAll(unicastPacketQueue);
+ unicastPacketQueue.clear();
+ }
+ }
+
+ // Send all the packets.
+ sendPackets(multicastPacketsToSend, multicastSocket);
+ sendPackets(unicastPacketsToSend, unicastSocket);
+
+ // Sleep ONLY if no more packets have been added to the queue, while packets
+ // were being sent.
+ synchronized (multicastPacketQueue) {
+ synchronized (unicastPacketQueue) {
+ shouldThreadSleep =
+ multicastPacketQueue.isEmpty() && unicastPacketQueue.isEmpty();
+ }
+ }
+ if (shouldThreadSleep) {
+ Thread.sleep(SLEEP_TIME_FOR_SOCKET_THREAD_MS);
+ }
+ } catch (InterruptedException e) {
+ // Don't log the interruption as it's expected.
+ }
+ }
+ } finally {
+ LOGGER.log("Send thread stopped.");
+ try {
+ multicastSocket.leaveGroup();
+ } catch (Exception t) {
+ LOGGER.e("Failed to leave the group.", t);
+ }
+
+ // Close the socket first. This is the only way to interrupt a blocking receive.
+ try {
+ // This is a race with the use of the file descriptor (b/27403984).
+ multicastSocket.close();
+ if (unicastSocket != null) {
+ unicastSocket.close();
+ }
+ } catch (Exception t) {
+ LOGGER.e("Failed to close the mdns socket.", t);
+ }
+ }
+ }
+
+ private void receiveThreadMain(byte[] receiverBuffer, MdnsSocket socket) {
+ DatagramPacket packet = new DatagramPacket(receiverBuffer, receiverBuffer.length);
+
+ while (!shouldStopSocketLoop) {
+ try {
+ // This is a race with the use of the file descriptor (b/27403984).
+ synchronized (socketLock) {
+ // This checks is to make sure the socket was not set to null.
+ if (socket != null && (socket == multicastSocket || socket == unicastSocket)) {
+ socket.receive(packet);
+ }
+ }
+
+ if (!shouldStopSocketLoop) {
+ String responseType = socket == multicastSocket ? MULTICAST_TYPE : UNICAST_TYPE;
+ processResponsePacket(packet, responseType);
+ }
+ } catch (IOException e) {
+ if (!shouldStopSocketLoop) {
+ LOGGER.e("Failed to receive mDNS packets.", e);
+ }
+ }
+ }
+ LOGGER.log("Receive thread stopped.");
+ }
+
+ private int processResponsePacket(@NonNull DatagramPacket packet, String responseType)
+ throws IOException {
+ int packetNumber = ++receivedPacketNumber;
+
+ List<MdnsResponse> responses = new LinkedList<>();
+ int errorCode = responseDecoder.decode(packet, responses);
+ if (errorCode == MdnsResponseDecoder.SUCCESS) {
+ if (responseType.equals(MULTICAST_TYPE)) {
+ receivedMulticastResponse = true;
+ if (cannotReceiveMulticastResponse.getAndSet(false)) {
+ // If we are already in the bad state, receiving a multicast response means
+ // we are recovered.
+ LOGGER.e(
+ "Recovered from the state where the phone can't receive any multicast"
+ + " response");
+ }
+ } else {
+ receivedUnicastResponse = true;
+ }
+ for (MdnsResponse response : responses) {
+ String serviceInstanceName = response.getServiceInstanceName();
+ LOGGER.log("mDNS %s response received: %s", responseType, serviceInstanceName);
+ if (callback != null) {
+ callback.onResponseReceived(response);
+ }
+ }
+ } else if (errorCode != MdnsResponseErrorCode.ERROR_NOT_RESPONSE_MESSAGE) {
+ LOGGER.w(String.format("Error while decoding %s packet (%d): %d",
+ responseType, packetNumber, errorCode));
+ if (callback != null) {
+ callback.onFailedToParseMdnsResponse(packetNumber, errorCode);
+ }
+ }
+ return errorCode;
+ }
+
+ @VisibleForTesting
+ MdnsSocket createMdnsSocket(int port) throws IOException {
+ return new MdnsSocket(new MulticastNetworkInterfaceProvider(context), port);
+ }
+
+ private void sendPackets(List<DatagramPacket> packets, MdnsSocket socket) {
+ String requestType = socket == multicastSocket ? "multicast" : "unicast";
+ for (DatagramPacket packet : packets) {
+ if (shouldStopSocketLoop) {
+ break;
+ }
+ try {
+ LOGGER.log("Sending a %s mDNS packet...", requestType);
+ socket.send(packet);
+
+ // Start the timer task to monitor the response.
+ synchronized (timerObject) {
+ if (socket == multicastSocket) {
+ if (cannotReceiveMulticastResponse.get()) {
+ // Don't schedule the timer task if we are already in the bad state.
+ return;
+ }
+ if (checkMulticastResponseTimer != null) {
+ // Don't schedule the timer task if it's already scheduled.
+ return;
+ }
+ if (checkMulticastResponse && useSeparateSocketForUnicast) {
+ // Only when useSeparateSocketForUnicast is true, we can tell if we
+ // received a multicast or unicast response.
+ checkMulticastResponseTimer = new Timer();
+ checkMulticastResponseTimer.schedule(
+ new TimerTask() {
+ @Override
+ public void run() {
+ synchronized (timerObject) {
+ if (checkMulticastResponseTimer == null) {
+ // Discovery already stopped.
+ return;
+ }
+ if ((!receivedMulticastResponse)
+ && receivedUnicastResponse) {
+ LOGGER.e(String.format(
+ "Haven't received multicast response"
+ + " in the last %d ms.",
+ checkMulticastResponseIntervalMs));
+ cannotReceiveMulticastResponse.set(true);
+ }
+ checkMulticastResponseTimer = null;
+ }
+ }
+ },
+ checkMulticastResponseIntervalMs);
+ }
+ }
+ }
+ } catch (IOException e) {
+ LOGGER.e(String.format("Failed to send a %s mDNS packet.", requestType), e);
+ }
+ }
+ packets.clear();
+ }
+
+ public boolean isOnIPv6OnlyNetwork() {
+ return multicastSocket.isOnIPv6OnlyNetwork();
+ }
+
+ /** Callback for {@link MdnsSocketClient}. */
+ public interface Callback {
+ void onResponseReceived(@NonNull MdnsResponse response);
+
+ void onFailedToParseMdnsResponse(int receivedPacketNumber, int errorCode);
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MdnsTextRecord.java b/service/mdns/com/android/server/connectivity/mdns/MdnsTextRecord.java
new file mode 100644
index 0000000..a364560
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MdnsTextRecord.java
@@ -0,0 +1,90 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import com.android.internal.annotations.VisibleForTesting;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Objects;
+
+/** An mDNS "TXT" record, which contains a list of text strings. */
+// TODO(b/242631897): Resolve nullness suppression.
+@SuppressWarnings("nullness")
+@VisibleForTesting
+public class MdnsTextRecord extends MdnsRecord {
+ private List<String> strings;
+
+ public MdnsTextRecord(String[] name, MdnsPacketReader reader) throws IOException {
+ super(name, TYPE_TXT, reader);
+ }
+
+ /** Returns the list of strings. */
+ public List<String> getStrings() {
+ return Collections.unmodifiableList(strings);
+ }
+
+ @Override
+ protected void readData(MdnsPacketReader reader) throws IOException {
+ strings = new ArrayList<>();
+ while (reader.getRemaining() > 0) {
+ strings.add(reader.readString());
+ }
+ }
+
+ @Override
+ protected void writeData(MdnsPacketWriter writer) throws IOException {
+ if (strings != null) {
+ for (String string : strings) {
+ writer.writeString(string);
+ }
+ }
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ sb.append("TXT: {");
+ if (strings != null) {
+ for (String string : strings) {
+ sb.append(' ').append(string);
+ }
+ }
+ sb.append("}");
+
+ return sb.toString();
+ }
+
+ @Override
+ public int hashCode() {
+ return (super.hashCode() * 31) + Objects.hash(strings);
+ }
+
+ @Override
+ public boolean equals(Object other) {
+ if (this == other) {
+ return true;
+ }
+ if (!(other instanceof MdnsTextRecord)) {
+ return false;
+ }
+
+ return super.equals(other) && Objects.equals(strings, ((MdnsTextRecord) other).strings);
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/MulticastNetworkInterfaceProvider.java b/service/mdns/com/android/server/connectivity/mdns/MulticastNetworkInterfaceProvider.java
new file mode 100644
index 0000000..e0d8fa6
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/MulticastNetworkInterfaceProvider.java
@@ -0,0 +1,180 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import android.annotation.NonNull;
+import android.annotation.Nullable;
+import android.content.Context;
+
+import com.android.internal.annotations.VisibleForTesting;
+import com.android.server.connectivity.mdns.util.MdnsLogger;
+
+import java.io.IOException;
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.InterfaceAddress;
+import java.net.NetworkInterface;
+import java.net.SocketException;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.List;
+
+/**
+ * This class is used by the {@link MdnsSocket} to monitor the list of {@link NetworkInterface}
+ * instances that are currently available for multi-cast messaging.
+ */
+public class MulticastNetworkInterfaceProvider {
+
+ private static final String TAG = "MdnsNIProvider";
+ private static final MdnsLogger LOGGER = new MdnsLogger(TAG);
+ private static final boolean PREFER_IPV6 = MdnsConfigs.preferIpv6();
+
+ private final List<NetworkInterfaceWrapper> multicastNetworkInterfaces = new ArrayList<>();
+ // Only modifiable from tests.
+ @VisibleForTesting
+ ConnectivityMonitor connectivityMonitor;
+ private volatile boolean connectivityChanged = true;
+
+ @SuppressWarnings("nullness:methodref.receiver.bound")
+ public MulticastNetworkInterfaceProvider(@NonNull Context context) {
+ // IMPORT CHANGED
+ this.connectivityMonitor = new ConnectivityMonitorWithConnectivityManager(
+ context, this::onConnectivityChanged);
+ }
+
+ private void onConnectivityChanged() {
+ connectivityChanged = true;
+ }
+
+ /**
+ * Starts monitoring changes of connectivity of this device, which may indicate that the list of
+ * network interfaces available for multi-cast messaging has changed.
+ */
+ public void startWatchingConnectivityChanges() {
+ connectivityMonitor.startWatchingConnectivityChanges();
+ }
+
+ /** Stops monitoring changes of connectivity. */
+ public void stopWatchingConnectivityChanges() {
+ connectivityMonitor.stopWatchingConnectivityChanges();
+ }
+
+ /**
+ * Returns the list of {@link NetworkInterfaceWrapper} instances available for multi-cast
+ * messaging.
+ */
+ public synchronized List<NetworkInterfaceWrapper> getMulticastNetworkInterfaces() {
+ if (connectivityChanged) {
+ connectivityChanged = false;
+ updateMulticastNetworkInterfaces();
+ if (multicastNetworkInterfaces.isEmpty()) {
+ LOGGER.log("No network interface available for mDNS scanning.");
+ }
+ }
+ return new ArrayList<>(multicastNetworkInterfaces);
+ }
+
+ private void updateMulticastNetworkInterfaces() {
+ multicastNetworkInterfaces.clear();
+ List<NetworkInterfaceWrapper> networkInterfaceWrappers = getNetworkInterfaces();
+ for (NetworkInterfaceWrapper interfaceWrapper : networkInterfaceWrappers) {
+ if (canScanOnInterface(interfaceWrapper)) {
+ multicastNetworkInterfaces.add(interfaceWrapper);
+ }
+ }
+ }
+
+ public boolean isOnIpV6OnlyNetwork(List<NetworkInterfaceWrapper> networkInterfaces) {
+ if (networkInterfaces.isEmpty()) {
+ return false;
+ }
+
+ // TODO(b/79866499): Remove this when the bug is resolved.
+ if (PREFER_IPV6) {
+ return true;
+ }
+ boolean hasAtleastOneIPv6Address = false;
+ for (NetworkInterfaceWrapper interfaceWrapper : networkInterfaces) {
+ for (InterfaceAddress ifAddr : interfaceWrapper.getInterfaceAddresses()) {
+ if (!(ifAddr.getAddress() instanceof Inet6Address)) {
+ return false;
+ } else {
+ hasAtleastOneIPv6Address = true;
+ }
+ }
+ }
+ return hasAtleastOneIPv6Address;
+ }
+
+ @VisibleForTesting
+ List<NetworkInterfaceWrapper> getNetworkInterfaces() {
+ List<NetworkInterfaceWrapper> networkInterfaceWrappers = new ArrayList<>();
+ try {
+ Enumeration<NetworkInterface> interfaces = NetworkInterface.getNetworkInterfaces();
+ if (interfaces != null) {
+ while (interfaces.hasMoreElements()) {
+ networkInterfaceWrappers.add(
+ new NetworkInterfaceWrapper(interfaces.nextElement()));
+ }
+ }
+ } catch (SocketException e) {
+ LOGGER.e("Failed to get network interfaces.", e);
+ } catch (NullPointerException e) {
+ // Android R has a bug that could lead to a NPE. See b/159277702.
+ LOGGER.e("Failed to call getNetworkInterfaces API", e);
+ }
+
+ return networkInterfaceWrappers;
+ }
+
+ private boolean canScanOnInterface(@Nullable NetworkInterfaceWrapper networkInterface) {
+ try {
+ if ((networkInterface == null)
+ || networkInterface.isLoopback()
+ || networkInterface.isPointToPoint()
+ || networkInterface.isVirtual()
+ || !networkInterface.isUp()
+ || !networkInterface.supportsMulticast()) {
+ return false;
+ }
+ return hasInet4Address(networkInterface) || hasInet6Address(networkInterface);
+ } catch (IOException e) {
+ LOGGER.e(String.format("Failed to check interface %s.",
+ networkInterface.getNetworkInterface().getDisplayName()), e);
+ }
+
+ return false;
+ }
+
+ private boolean hasInet4Address(@NonNull NetworkInterfaceWrapper networkInterface) {
+ for (InterfaceAddress ifAddr : networkInterface.getInterfaceAddresses()) {
+ if (ifAddr.getAddress() instanceof Inet4Address) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ private boolean hasInet6Address(@NonNull NetworkInterfaceWrapper networkInterface) {
+ for (InterfaceAddress ifAddr : networkInterface.getInterfaceAddresses()) {
+ if (ifAddr.getAddress() instanceof Inet6Address) {
+ return true;
+ }
+ }
+ return false;
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/NetworkInterfaceWrapper.java b/service/mdns/com/android/server/connectivity/mdns/NetworkInterfaceWrapper.java
new file mode 100644
index 0000000..0ecae48
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/NetworkInterfaceWrapper.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns;
+
+import java.net.InterfaceAddress;
+import java.net.NetworkInterface;
+import java.net.SocketException;
+import java.util.List;
+
+/** A wrapper class of {@link NetworkInterface} to be mocked in unit tests. */
+public class NetworkInterfaceWrapper {
+ private final NetworkInterface networkInterface;
+
+ public NetworkInterfaceWrapper(NetworkInterface networkInterface) {
+ this.networkInterface = networkInterface;
+ }
+
+ public NetworkInterface getNetworkInterface() {
+ return networkInterface;
+ }
+
+ public boolean isUp() throws SocketException {
+ return networkInterface.isUp();
+ }
+
+ public boolean isLoopback() throws SocketException {
+ return networkInterface.isLoopback();
+ }
+
+ public boolean isPointToPoint() throws SocketException {
+ return networkInterface.isPointToPoint();
+ }
+
+ public boolean isVirtual() {
+ return networkInterface.isVirtual();
+ }
+
+ public boolean supportsMulticast() throws SocketException {
+ return networkInterface.supportsMulticast();
+ }
+
+ public List<InterfaceAddress> getInterfaceAddresses() {
+ return networkInterface.getInterfaceAddresses();
+ }
+
+ @Override
+ public String toString() {
+ return networkInterface.toString();
+ }
+}
\ No newline at end of file
diff --git a/service/mdns/com/android/server/connectivity/mdns/util/MdnsLogger.java b/service/mdns/com/android/server/connectivity/mdns/util/MdnsLogger.java
new file mode 100644
index 0000000..431f1fd
--- /dev/null
+++ b/service/mdns/com/android/server/connectivity/mdns/util/MdnsLogger.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity.mdns.util;
+
+import android.text.TextUtils;
+
+import com.android.net.module.util.SharedLog;
+
+/**
+ * The logger used in mDNS.
+ */
+public class MdnsLogger {
+ // Make this logger public for other level logging than dogfood.
+ public final SharedLog mLog;
+
+ /**
+ * Constructs a new {@link MdnsLogger} with the given logging tag.
+ *
+ * @param tag The log tag that will be used by this logger
+ */
+ public MdnsLogger(String tag) {
+ mLog = new SharedLog(tag);
+ }
+
+ public void log(String message) {
+ mLog.log(message);
+ }
+
+ public void log(String message, Object... args) {
+ mLog.log(message + " ; " + TextUtils.join(" ; ", args));
+ }
+
+ public void d(String message) {
+ mLog.log(message);
+ }
+
+ public void e(String message) {
+ mLog.e(message);
+ }
+
+ public void e(String message, Throwable e) {
+ mLog.e(message, e);
+ }
+
+ public void w(String message) {
+ mLog.w(message);
+ }
+}
diff --git a/service/native/Android.bp b/service/native/Android.bp
index cb26bc3..697fcbd 100644
--- a/service/native/Android.bp
+++ b/service/native/Android.bp
@@ -52,7 +52,8 @@
cc_test {
name: "traffic_controller_unit_test",
- test_suites: ["general-tests"],
+ test_suites: ["general-tests", "mts-tethering"],
+ test_config_template: ":net_native_test_config_template",
require_root: true,
local_include_dirs: ["include"],
header_libs: [
@@ -71,4 +72,13 @@
"libnetd_updatable",
"netd_aidl_interface-lateststable-ndk",
],
+ compile_multilib: "both",
+ multilib: {
+ lib32: {
+ suffix: "32",
+ },
+ lib64: {
+ suffix: "64",
+ },
+ },
}
diff --git a/service/native/TrafficController.cpp b/service/native/TrafficController.cpp
index 4923b00..49b23c9 100644
--- a/service/native/TrafficController.cpp
+++ b/service/native/TrafficController.cpp
@@ -56,7 +56,6 @@
using bpf::BpfMap;
using bpf::synchronizeKernelRCU;
using netdutils::DumpWriter;
-using netdutils::getIfaceList;
using netdutils::NetlinkListener;
using netdutils::NetlinkListenerInterface;
using netdutils::ScopedIndent;
@@ -111,14 +110,6 @@
return matchType;
}
-bool TrafficController::hasUpdateDeviceStatsPermission(uid_t uid) {
- // This implementation is the same logic as method ActivityManager#checkComponentPermission.
- // It implies that the calling uid can never be the same as PER_USER_RANGE.
- uint32_t appId = uid % PER_USER_RANGE;
- return ((appId == AID_ROOT) || (appId == AID_SYSTEM) ||
- mPrivilegedUser.find(appId) != mPrivilegedUser.end());
-}
-
const std::string UidPermissionTypeToString(int permission) {
if (permission == INetd::PERMISSION_NONE) {
return "PERMISSION_NONE";
@@ -182,29 +173,19 @@
RETURN_IF_NOT_OK(mIfaceStatsMap.init(IFACE_STATS_MAP_PATH));
RETURN_IF_NOT_OK(mConfigurationMap.init(CONFIGURATION_MAP_PATH));
- RETURN_IF_NOT_OK(
- mConfigurationMap.writeValue(UID_RULES_CONFIGURATION_KEY, DEFAULT_CONFIG, BPF_ANY));
- RETURN_IF_NOT_OK(mConfigurationMap.writeValue(CURRENT_STATS_MAP_CONFIGURATION_KEY, SELECT_MAP_A,
- BPF_ANY));
RETURN_IF_NOT_OK(mUidOwnerMap.init(UID_OWNER_MAP_PATH));
- RETURN_IF_NOT_OK(mUidOwnerMap.clear());
RETURN_IF_NOT_OK(mUidPermissionMap.init(UID_PERMISSION_MAP_PATH));
+ ALOGI("%s successfully", __func__);
return netdutils::status::ok;
}
-Status TrafficController::start() {
+Status TrafficController::start(bool startSkDestroyListener) {
RETURN_IF_NOT_OK(initMaps());
- // Fetch the list of currently-existing interfaces. At this point NetlinkHandler is
- // already running, so it will call addInterface() when any new interface appears.
- // TODO: Clean-up addInterface() after interface monitoring is in
- // NetworkStatsService.
- std::map<std::string, uint32_t> ifacePairs;
- ASSIGN_OR_RETURN(ifacePairs, getIfaceList());
- for (const auto& ifacePair:ifacePairs) {
- addInterface(ifacePair.first.c_str(), ifacePair.second);
+ if (!startSkDestroyListener) {
+ return netdutils::status::ok;
}
auto result = makeSkDestroyListener();
@@ -244,22 +225,6 @@
return netdutils::status::ok;
}
-int TrafficController::addInterface(const char* name, uint32_t ifaceIndex) {
- IfaceValue iface;
- if (ifaceIndex == 0) {
- ALOGE("Unknown interface %s(%d)", name, ifaceIndex);
- return -1;
- }
-
- strlcpy(iface.name, name, sizeof(IfaceValue));
- Status res = mIfaceIndexNameMap.writeValue(ifaceIndex, iface, BPF_ANY);
- if (!isOk(res)) {
- ALOGE("Failed to add iface %s(%d): %s", name, ifaceIndex, strerror(res.code()));
- return -res.code();
- }
- return 0;
-}
-
Status TrafficController::updateOwnerMapEntry(UidOwnerMatchType match, uid_t uid, FirewallRule rule,
FirewallType type) {
std::lock_guard guard(mMutex);
@@ -339,8 +304,6 @@
return ALLOWLIST;
case LOW_POWER_STANDBY:
return ALLOWLIST;
- case LOCKDOWN:
- return DENYLIST;
case OEM_DENY_1:
return DENYLIST;
case OEM_DENY_2:
@@ -372,9 +335,6 @@
case LOW_POWER_STANDBY:
res = updateOwnerMapEntry(LOW_POWER_STANDBY_MATCH, uid, rule, type);
break;
- case LOCKDOWN:
- res = updateOwnerMapEntry(LOCKDOWN_VPN_MATCH, uid, rule, type);
- break;
case OEM_DENY_1:
res = updateOwnerMapEntry(OEM_DENY_1_MATCH, uid, rule, type);
break;
@@ -446,6 +406,18 @@
return netdutils::status::ok;
}
+Status TrafficController::updateUidLockdownRule(const uid_t uid, const bool add) {
+ std::lock_guard guard(mMutex);
+
+ netdutils::Status result = add ? addRule(uid, LOCKDOWN_VPN_MATCH)
+ : removeRule(uid, LOCKDOWN_VPN_MATCH);
+ if (!isOk(result)) {
+ ALOGW("%s Lockdown rule failed(%d): uid=%d",
+ (add ? "add": "remove"), result.code(), uid);
+ }
+ return result;
+}
+
int TrafficController::replaceUidOwnerMap(const std::string& name, bool isAllowlist __unused,
const std::vector<int32_t>& uids) {
// FirewallRule rule = isAllowlist ? ALLOW : DENY;
@@ -487,8 +459,6 @@
oldConfigure.error().message().c_str());
return -oldConfigure.error().code();
}
- Status res;
- BpfConfig newConfiguration;
uint32_t match;
switch (chain) {
case DOZABLE:
@@ -518,9 +488,9 @@
default:
return -EINVAL;
}
- newConfiguration =
- enable ? (oldConfigure.value() | match) : (oldConfigure.value() & (~match));
- res = mConfigurationMap.writeValue(key, newConfiguration, BPF_EXIST);
+ BpfConfig newConfiguration =
+ enable ? (oldConfigure.value() | match) : (oldConfigure.value() & ~match);
+ Status res = mConfigurationMap.writeValue(key, newConfiguration, BPF_EXIST);
if (!isOk(res)) {
ALOGE("Failed to toggleUidOwnerMap(%d): %s", chain, res.msg().c_str());
}
@@ -606,17 +576,6 @@
}
}
-std::string getProgramStatus(const char *path) {
- int ret = access(path, R_OK);
- if (ret == 0) {
- return StringPrintf("OK");
- }
- if (ret != 0 && errno == ENOENT) {
- return StringPrintf("program is missing at: %s", path);
- }
- return StringPrintf("check Program %s error: %s", path, strerror(errno));
-}
-
std::string getMapStatus(const base::unique_fd& map_fd, const char* path) {
if (map_fd.get() < 0) {
return StringPrintf("map fd lost");
@@ -665,19 +624,6 @@
dw.println("mUidOwnerMap status: %s",
getMapStatus(mUidOwnerMap.getMap(), UID_OWNER_MAP_PATH).c_str());
- dw.blankline();
- dw.println("Cgroup ingress program status: %s",
- getProgramStatus(BPF_INGRESS_PROG_PATH).c_str());
- dw.println("Cgroup egress program status: %s", getProgramStatus(BPF_EGRESS_PROG_PATH).c_str());
- dw.println("xt_bpf ingress program status: %s",
- getProgramStatus(XT_BPF_INGRESS_PROG_PATH).c_str());
- dw.println("xt_bpf egress program status: %s",
- getProgramStatus(XT_BPF_EGRESS_PROG_PATH).c_str());
- dw.println("xt_bpf bandwidth allowlist program status: %s",
- getProgramStatus(XT_BPF_ALLOWLIST_PROG_PATH).c_str());
- dw.println("xt_bpf bandwidth denylist program status: %s",
- getProgramStatus(XT_BPF_DENYLIST_PROG_PATH).c_str());
-
if (!verbose) {
return;
}
@@ -688,6 +634,8 @@
ScopedIndent indentForMapContent(dw);
// Print CookieTagMap content.
+ // TagSocketTest in CTS was using the output of mCookieTagMap dump.
+ // So, mCookieTagMap dump can not be removed until the previous CTS support period is over.
dumpBpfMap("mCookieTagMap", dw, "");
const auto printCookieTagInfo = [&dw](const uint64_t& key, const UidTagValue& value,
const BpfMap<uint64_t, UidTagValue>&) {
@@ -699,73 +647,6 @@
dw.println("mCookieTagMap print end with error: %s", res.error().message().c_str());
}
- // Print UidCounterSetMap content.
- dumpBpfMap("mUidCounterSetMap", dw, "");
- const auto printUidInfo = [&dw](const uint32_t& key, const uint8_t& value,
- const BpfMap<uint32_t, uint8_t>&) {
- dw.println("%u %u", key, value);
- return base::Result<void>();
- };
- res = mUidCounterSetMap.iterateWithValue(printUidInfo);
- if (!res.ok()) {
- dw.println("mUidCounterSetMap print end with error: %s", res.error().message().c_str());
- }
-
- // Print AppUidStatsMap content.
- std::string appUidStatsHeader = StringPrintf("uid rxBytes rxPackets txBytes txPackets");
- dumpBpfMap("mAppUidStatsMap:", dw, appUidStatsHeader);
- auto printAppUidStatsInfo = [&dw](const uint32_t& key, const StatsValue& value,
- const BpfMap<uint32_t, StatsValue>&) {
- dw.println("%u %" PRIu64 " %" PRIu64 " %" PRIu64 " %" PRIu64, key, value.rxBytes,
- value.rxPackets, value.txBytes, value.txPackets);
- return base::Result<void>();
- };
- res = mAppUidStatsMap.iterateWithValue(printAppUidStatsInfo);
- if (!res.ok()) {
- dw.println("mAppUidStatsMap print end with error: %s", res.error().message().c_str());
- }
-
- // Print uidStatsMap content.
- std::string statsHeader = StringPrintf("ifaceIndex ifaceName tag_hex uid_int cnt_set rxBytes"
- " rxPackets txBytes txPackets");
- dumpBpfMap("mStatsMapA", dw, statsHeader);
- const auto printStatsInfo = [&dw, this](const StatsKey& key, const StatsValue& value,
- const BpfMap<StatsKey, StatsValue>&) {
- uint32_t ifIndex = key.ifaceIndex;
- auto ifname = mIfaceIndexNameMap.readValue(ifIndex);
- if (!ifname.ok()) {
- ifname = IfaceValue{"unknown"};
- }
- dw.println("%u %s 0x%x %u %u %" PRIu64 " %" PRIu64 " %" PRIu64 " %" PRIu64, ifIndex,
- ifname.value().name, key.tag, key.uid, key.counterSet, value.rxBytes,
- value.rxPackets, value.txBytes, value.txPackets);
- return base::Result<void>();
- };
- res = mStatsMapA.iterateWithValue(printStatsInfo);
- if (!res.ok()) {
- dw.println("mStatsMapA print end with error: %s", res.error().message().c_str());
- }
-
- // Print TagStatsMap content.
- dumpBpfMap("mStatsMapB", dw, statsHeader);
- res = mStatsMapB.iterateWithValue(printStatsInfo);
- if (!res.ok()) {
- dw.println("mStatsMapB print end with error: %s", res.error().message().c_str());
- }
-
- // Print ifaceIndexToNameMap content.
- dumpBpfMap("mIfaceIndexNameMap", dw, "");
- const auto printIfaceNameInfo = [&dw](const uint32_t& key, const IfaceValue& value,
- const BpfMap<uint32_t, IfaceValue>&) {
- const char* ifname = value.name;
- dw.println("ifaceIndex=%u ifaceName=%s", key, ifname);
- return base::Result<void>();
- };
- res = mIfaceIndexNameMap.iterateWithValue(printIfaceNameInfo);
- if (!res.ok()) {
- dw.println("mIfaceIndexNameMap print end with error: %s", res.error().message().c_str());
- }
-
// Print ifaceStatsMap content
std::string ifaceStatsHeader = StringPrintf("ifaceIndex ifaceName rxBytes rxPackets txBytes"
" txPackets");
diff --git a/service/native/TrafficControllerTest.cpp b/service/native/TrafficControllerTest.cpp
index 9e53f11..8525738 100644
--- a/service/native/TrafficControllerTest.cpp
+++ b/service/native/TrafficControllerTest.cpp
@@ -30,13 +30,15 @@
#include <gtest/gtest.h>
+#include <android-base/file.h>
+#include <android-base/logging.h>
#include <android-base/stringprintf.h>
#include <android-base/strings.h>
#include <binder/Status.h>
#include <netdutils/MockSyscalls.h>
-#define TEST_BPF_MAP
+#define BPF_MAP_MAKE_VISIBLE_FOR_TESTING
#include "TrafficController.h"
#include "bpf/BpfUtils.h"
#include "NetdUpdatablePublic.h"
@@ -49,6 +51,7 @@
using android::netdutils::Status;
using base::Result;
using netdutils::isOk;
+using netdutils::statusFromErrno;
constexpr int TEST_MAP_SIZE = 10;
constexpr uid_t TEST_UID = 10086;
@@ -56,8 +59,15 @@
constexpr uid_t TEST_UID3 = 98765;
constexpr uint32_t TEST_TAG = 42;
constexpr uint32_t TEST_COUNTERSET = 1;
+constexpr int TEST_COOKIE = 1;
+constexpr int TEST_IFINDEX = 999;
+constexpr int RXPACKETS = 1;
+constexpr int RXBYTES = 100;
+constexpr int TXPACKETS = 0;
+constexpr int TXBYTES = 0;
#define ASSERT_VALID(x) ASSERT_TRUE((x).isValid())
+#define ASSERT_INVALID(x) ASSERT_FALSE((x).isValid())
class TrafficControllerTest : public ::testing::Test {
protected:
@@ -66,9 +76,13 @@
BpfMap<uint64_t, UidTagValue> mFakeCookieTagMap;
BpfMap<uint32_t, StatsValue> mFakeAppUidStatsMap;
BpfMap<StatsKey, StatsValue> mFakeStatsMapA;
+ BpfMap<StatsKey, StatsValue> mFakeStatsMapB; // makeTrafficControllerMapsInvalid only
+ BpfMap<uint32_t, StatsValue> mFakeIfaceStatsMap; ; // makeTrafficControllerMapsInvalid only
BpfMap<uint32_t, uint32_t> mFakeConfigurationMap;
BpfMap<uint32_t, UidOwnerValue> mFakeUidOwnerMap;
BpfMap<uint32_t, uint8_t> mFakeUidPermissionMap;
+ BpfMap<uint32_t, uint8_t> mFakeUidCounterSetMap;
+ BpfMap<uint32_t, IfaceValue> mFakeIfaceIndexNameMap;
void SetUp() {
std::lock_guard guard(mTc.mMutex);
@@ -91,6 +105,12 @@
mFakeUidPermissionMap.resetMap(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE);
ASSERT_VALID(mFakeUidPermissionMap);
+ mFakeUidCounterSetMap.resetMap(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE);
+ ASSERT_VALID(mFakeUidCounterSetMap);
+
+ mFakeIfaceIndexNameMap.resetMap(BPF_MAP_TYPE_HASH, TEST_MAP_SIZE);
+ ASSERT_VALID(mFakeIfaceIndexNameMap);
+
mTc.mCookieTagMap = mFakeCookieTagMap;
ASSERT_VALID(mTc.mCookieTagMap);
mTc.mAppUidStatsMap = mFakeAppUidStatsMap;
@@ -108,21 +128,38 @@
mTc.mUidPermissionMap = mFakeUidPermissionMap;
ASSERT_VALID(mTc.mUidPermissionMap);
mTc.mPrivilegedUser.clear();
+
+ mTc.mUidCounterSetMap = mFakeUidCounterSetMap;
+ ASSERT_VALID(mTc.mUidCounterSetMap);
+
+ mTc.mIfaceIndexNameMap = mFakeIfaceIndexNameMap;
+ ASSERT_VALID(mTc.mIfaceIndexNameMap);
}
void populateFakeStats(uint64_t cookie, uint32_t uid, uint32_t tag, StatsKey* key) {
UidTagValue cookieMapkey = {.uid = (uint32_t)uid, .tag = tag};
EXPECT_RESULT_OK(mFakeCookieTagMap.writeValue(cookie, cookieMapkey, BPF_ANY));
- *key = {.uid = uid, .tag = tag, .counterSet = TEST_COUNTERSET, .ifaceIndex = 1};
- StatsValue statsMapValue = {.rxPackets = 1, .rxBytes = 100};
- EXPECT_RESULT_OK(mFakeStatsMapA.writeValue(*key, statsMapValue, BPF_ANY));
- key->tag = 0;
+ *key = {.uid = uid, .tag = tag, .counterSet = TEST_COUNTERSET, .ifaceIndex = TEST_IFINDEX};
+ StatsValue statsMapValue = {.rxPackets = RXPACKETS, .rxBytes = RXBYTES,
+ .txPackets = TXPACKETS, .txBytes = TXBYTES};
EXPECT_RESULT_OK(mFakeStatsMapA.writeValue(*key, statsMapValue, BPF_ANY));
EXPECT_RESULT_OK(mFakeAppUidStatsMap.writeValue(uid, statsMapValue, BPF_ANY));
// put tag information back to statsKey
key->tag = tag;
}
+ void populateFakeCounterSet(uint32_t uid, uint32_t counterSet) {
+ EXPECT_RESULT_OK(mFakeUidCounterSetMap.writeValue(uid, counterSet, BPF_ANY));
+ }
+
+ void populateFakeIfaceIndexName(const char* name, uint32_t ifaceIndex) {
+ if (name == nullptr || ifaceIndex <= 0) return;
+
+ IfaceValue iface;
+ strlcpy(iface.name, name, sizeof(IfaceValue));
+ EXPECT_RESULT_OK(mFakeIfaceIndexNameMap.writeValue(ifaceIndex, iface, BPF_ANY));
+ }
+
void checkUidOwnerRuleForChain(ChildChain chain, UidOwnerMatchType match) {
uint32_t uid = TEST_UID;
EXPECT_EQ(0, mTc.changeUidOwnerRule(chain, uid, DENY, DENYLIST));
@@ -180,7 +217,7 @@
checkEachUidValue(uids, match);
}
- void expectUidOwnerMapValues(const std::vector<uint32_t>& appUids, uint8_t expectedRule,
+ void expectUidOwnerMapValues(const std::vector<uint32_t>& appUids, uint32_t expectedRule,
uint32_t expectedIif) {
for (uint32_t uid : appUids) {
Result<UidOwnerValue> value = mFakeUidOwnerMap.readValue(uid);
@@ -224,37 +261,6 @@
EXPECT_TRUE(mTc.mPrivilegedUser.empty());
}
- void addPrivilegedUid(uid_t uid) {
- std::vector privilegedUid = {uid};
- mTc.setPermissionForUids(INetd::PERMISSION_UPDATE_DEVICE_STATS, privilegedUid);
- }
-
- void removePrivilegedUid(uid_t uid) {
- std::vector privilegedUid = {uid};
- mTc.setPermissionForUids(INetd::PERMISSION_NONE, privilegedUid);
- }
-
- void expectFakeStatsUnchanged(uint64_t cookie, uint32_t tag, uint32_t uid,
- StatsKey tagStatsMapKey) {
- Result<UidTagValue> cookieMapResult = mFakeCookieTagMap.readValue(cookie);
- EXPECT_RESULT_OK(cookieMapResult);
- EXPECT_EQ(uid, cookieMapResult.value().uid);
- EXPECT_EQ(tag, cookieMapResult.value().tag);
- Result<StatsValue> statsMapResult = mFakeStatsMapA.readValue(tagStatsMapKey);
- EXPECT_RESULT_OK(statsMapResult);
- EXPECT_EQ((uint64_t)1, statsMapResult.value().rxPackets);
- EXPECT_EQ((uint64_t)100, statsMapResult.value().rxBytes);
- tagStatsMapKey.tag = 0;
- statsMapResult = mFakeStatsMapA.readValue(tagStatsMapKey);
- EXPECT_RESULT_OK(statsMapResult);
- EXPECT_EQ((uint64_t)1, statsMapResult.value().rxPackets);
- EXPECT_EQ((uint64_t)100, statsMapResult.value().rxBytes);
- auto appStatsResult = mFakeAppUidStatsMap.readValue(uid);
- EXPECT_RESULT_OK(appStatsResult);
- EXPECT_EQ((uint64_t)1, appStatsResult.value().rxPackets);
- EXPECT_EQ((uint64_t)100, appStatsResult.value().rxBytes);
- }
-
Status updateUidOwnerMaps(const std::vector<uint32_t>& appUids,
UidOwnerMatchType matchType, TrafficController::IptOp op) {
Status ret(0);
@@ -265,6 +271,108 @@
return ret;
}
+ Status dump(bool verbose, std::vector<std::string>& outputLines) {
+ if (!outputLines.empty()) return statusFromErrno(EUCLEAN, "Output buffer is not empty");
+
+ android::base::unique_fd localFd, remoteFd;
+ if (!Pipe(&localFd, &remoteFd)) return statusFromErrno(errno, "Failed on pipe");
+
+ // dump() blocks until another thread has consumed all its output.
+ std::thread dumpThread =
+ std::thread([this, remoteFd{std::move(remoteFd)}, verbose]() {
+ mTc.dump(remoteFd, verbose);
+ });
+
+ std::string dumpContent;
+ if (!android::base::ReadFdToString(localFd.get(), &dumpContent)) {
+ return statusFromErrno(errno, "Failed to read dump results from fd");
+ }
+ dumpThread.join();
+
+ std::stringstream dumpStream(std::move(dumpContent));
+ std::string line;
+ while (std::getline(dumpStream, line)) {
+ outputLines.push_back(line);
+ }
+
+ return netdutils::status::ok;
+ }
+
+ // Strings in the |expect| must exist in dump results in order. But no need to be consecutive.
+ bool expectDumpsysContains(std::vector<std::string>& expect) {
+ if (expect.empty()) return false;
+
+ std::vector<std::string> output;
+ Status result = dump(true, output);
+ if (!isOk(result)) {
+ GTEST_LOG_(ERROR) << "TrafficController dump failed: " << netdutils::toString(result);
+ return false;
+ }
+
+ int matched = 0;
+ auto it = expect.begin();
+ for (const auto& line : output) {
+ if (it == expect.end()) break;
+ if (std::string::npos != line.find(*it)) {
+ matched++;
+ ++it;
+ }
+ }
+
+ if (matched != expect.size()) {
+ // dump results for debugging
+ for (const auto& o : output) LOG(INFO) << "output: " << o;
+ for (const auto& e : expect) LOG(INFO) << "expect: " << e;
+ return false;
+ }
+ return true;
+ }
+
+ // Once called, the maps of TrafficController can't recover to valid maps which initialized
+ // in SetUp().
+ void makeTrafficControllerMapsInvalid() {
+ constexpr char INVALID_PATH[] = "invalid";
+
+ mFakeCookieTagMap.init(INVALID_PATH);
+ mTc.mCookieTagMap = mFakeCookieTagMap;
+ ASSERT_INVALID(mTc.mCookieTagMap);
+
+ mFakeAppUidStatsMap.init(INVALID_PATH);
+ mTc.mAppUidStatsMap = mFakeAppUidStatsMap;
+ ASSERT_INVALID(mTc.mAppUidStatsMap);
+
+ mFakeStatsMapA.init(INVALID_PATH);
+ mTc.mStatsMapA = mFakeStatsMapA;
+ ASSERT_INVALID(mTc.mStatsMapA);
+
+ mFakeStatsMapB.init(INVALID_PATH);
+ mTc.mStatsMapB = mFakeStatsMapB;
+ ASSERT_INVALID(mTc.mStatsMapB);
+
+ mFakeIfaceStatsMap.init(INVALID_PATH);
+ mTc.mIfaceStatsMap = mFakeIfaceStatsMap;
+ ASSERT_INVALID(mTc.mIfaceStatsMap);
+
+ mFakeConfigurationMap.init(INVALID_PATH);
+ mTc.mConfigurationMap = mFakeConfigurationMap;
+ ASSERT_INVALID(mTc.mConfigurationMap);
+
+ mFakeUidOwnerMap.init(INVALID_PATH);
+ mTc.mUidOwnerMap = mFakeUidOwnerMap;
+ ASSERT_INVALID(mTc.mUidOwnerMap);
+
+ mFakeUidPermissionMap.init(INVALID_PATH);
+ mTc.mUidPermissionMap = mFakeUidPermissionMap;
+ ASSERT_INVALID(mTc.mUidPermissionMap);
+
+ mFakeUidCounterSetMap.init(INVALID_PATH);
+ mTc.mUidCounterSetMap = mFakeUidCounterSetMap;
+ ASSERT_INVALID(mTc.mUidCounterSetMap);
+
+ mFakeIfaceIndexNameMap.init(INVALID_PATH);
+ mTc.mIfaceIndexNameMap = mFakeIfaceIndexNameMap;
+ ASSERT_INVALID(mTc.mIfaceIndexNameMap);
+ }
};
TEST_F(TrafficControllerTest, TestUpdateOwnerMapEntry) {
@@ -298,7 +406,6 @@
checkUidOwnerRuleForChain(POWERSAVE, POWERSAVE_MATCH);
checkUidOwnerRuleForChain(RESTRICTED, RESTRICTED_MATCH);
checkUidOwnerRuleForChain(LOW_POWER_STANDBY, LOW_POWER_STANDBY_MATCH);
- checkUidOwnerRuleForChain(LOCKDOWN, LOCKDOWN_VPN_MATCH);
checkUidOwnerRuleForChain(OEM_DENY_1, OEM_DENY_1_MATCH);
checkUidOwnerRuleForChain(OEM_DENY_2, OEM_DENY_2_MATCH);
checkUidOwnerRuleForChain(OEM_DENY_3, OEM_DENY_3_MATCH);
@@ -430,6 +537,21 @@
expectMapEmpty(mFakeUidOwnerMap);
}
+TEST_F(TrafficControllerTest, TestUpdateUidLockdownRule) {
+ // Add Lockdown rules
+ ASSERT_TRUE(isOk(mTc.updateUidLockdownRule(1000, true /* add */)));
+ ASSERT_TRUE(isOk(mTc.updateUidLockdownRule(1001, true /* add */)));
+ expectUidOwnerMapValues({1000, 1001}, LOCKDOWN_VPN_MATCH, 0);
+
+ // Remove one of Lockdown rules
+ ASSERT_TRUE(isOk(mTc.updateUidLockdownRule(1000, false /* add */)));
+ expectUidOwnerMapValues({1001}, LOCKDOWN_VPN_MATCH, 0);
+
+ // Remove remaining Lockdown rule
+ ASSERT_TRUE(isOk(mTc.updateUidLockdownRule(1001, false /* add */)));
+ expectMapEmpty(mFakeUidOwnerMap);
+}
+
TEST_F(TrafficControllerTest, TestUidInterfaceFilteringRulesCoexistWithExistingMatches) {
// Set up existing PENALTY_BOX_MATCH rules
ASSERT_TRUE(isOk(updateUidOwnerMaps({1000, 1001, 10012}, PENALTY_BOX_MATCH,
@@ -647,6 +769,128 @@
expectPrivilegedUserSetEmpty();
}
+TEST_F(TrafficControllerTest, TestDumpsys) {
+ StatsKey tagStatsMapKey;
+ populateFakeStats(TEST_COOKIE, TEST_UID, TEST_TAG, &tagStatsMapKey);
+ populateFakeCounterSet(TEST_UID3, TEST_COUNTERSET);
+
+ // Expect: (part of this depends on hard-code values in populateFakeStats())
+ //
+ // mCookieTagMap:
+ // cookie=1 tag=0x2a uid=10086
+ //
+ // mUidCounterSetMap:
+ // 98765 1
+ //
+ // mAppUidStatsMap::
+ // uid rxBytes rxPackets txBytes txPackets
+ // 10086 100 1 0 0
+ //
+ // mStatsMapA:
+ // ifaceIndex ifaceName tag_hex uid_int cnt_set rxBytes rxPackets txBytes txPackets
+ // 999 test0 0x2a 10086 1 100 1 0 0
+ std::vector<std::string> expectedLines = {
+ "mCookieTagMap:",
+ fmt::format("cookie={} tag={:#x} uid={}", TEST_COOKIE, TEST_TAG, TEST_UID)};
+
+ ASSERT_TRUE(isOk(updateUidOwnerMaps({TEST_UID}, HAPPY_BOX_MATCH,
+ TrafficController::IptOpInsert)));
+ expectedLines.emplace_back("mUidOwnerMap:");
+ expectedLines.emplace_back(fmt::format("{} HAPPY_BOX_MATCH", TEST_UID));
+
+ mTc.setPermissionForUids(INetd::PERMISSION_UPDATE_DEVICE_STATS, {TEST_UID2});
+ expectedLines.emplace_back("mUidPermissionMap:");
+ expectedLines.emplace_back(fmt::format("{} BPF_PERMISSION_UPDATE_DEVICE_STATS", TEST_UID2));
+ expectedLines.emplace_back("mPrivilegedUser:");
+ expectedLines.emplace_back(fmt::format("{} ALLOW_UPDATE_DEVICE_STATS", TEST_UID2));
+ EXPECT_TRUE(expectDumpsysContains(expectedLines));
+}
+
+TEST_F(TrafficControllerTest, dumpsysInvalidMaps) {
+ makeTrafficControllerMapsInvalid();
+
+ const std::string kErrIterate = "print end with error: Get firstKey map -1 failed: "
+ "Bad file descriptor";
+ const std::string kErrReadRulesConfig = "read ownerMatch configure failed with error: "
+ "Read value of map -1 failed: Bad file descriptor";
+ const std::string kErrReadStatsMapConfig = "read stats map configure failed with error: "
+ "Read value of map -1 failed: Bad file descriptor";
+
+ std::vector<std::string> expectedLines = {
+ fmt::format("mCookieTagMap {}", kErrIterate),
+ fmt::format("mIfaceStatsMap {}", kErrIterate),
+ fmt::format("mConfigurationMap {}", kErrReadRulesConfig),
+ fmt::format("mConfigurationMap {}", kErrReadStatsMapConfig),
+ fmt::format("mUidOwnerMap {}", kErrIterate),
+ fmt::format("mUidPermissionMap {}", kErrIterate)};
+ EXPECT_TRUE(expectDumpsysContains(expectedLines));
+}
+
+TEST_F(TrafficControllerTest, uidMatchTypeToString) {
+ // NO_MATCH(0) can't be verified because match type flag is added by OR operator.
+ // See TrafficController::addRule()
+ static const struct TestConfig {
+ UidOwnerMatchType uidOwnerMatchType;
+ std::string expected;
+ } testConfigs[] = {
+ // clang-format off
+ {HAPPY_BOX_MATCH, "HAPPY_BOX_MATCH"},
+ {DOZABLE_MATCH, "DOZABLE_MATCH"},
+ {STANDBY_MATCH, "STANDBY_MATCH"},
+ {POWERSAVE_MATCH, "POWERSAVE_MATCH"},
+ {HAPPY_BOX_MATCH, "HAPPY_BOX_MATCH"},
+ {RESTRICTED_MATCH, "RESTRICTED_MATCH"},
+ {LOW_POWER_STANDBY_MATCH, "LOW_POWER_STANDBY_MATCH"},
+ {IIF_MATCH, "IIF_MATCH"},
+ {LOCKDOWN_VPN_MATCH, "LOCKDOWN_VPN_MATCH"},
+ {OEM_DENY_1_MATCH, "OEM_DENY_1_MATCH"},
+ {OEM_DENY_2_MATCH, "OEM_DENY_2_MATCH"},
+ {OEM_DENY_3_MATCH, "OEM_DENY_3_MATCH"},
+ // clang-format on
+ };
+
+ for (const auto& config : testConfigs) {
+ SCOPED_TRACE(fmt::format("testConfig: [{}, {}]", config.uidOwnerMatchType,
+ config.expected));
+
+ // Test private function uidMatchTypeToString() via dumpsys.
+ ASSERT_TRUE(isOk(updateUidOwnerMaps({TEST_UID}, config.uidOwnerMatchType,
+ TrafficController::IptOpInsert)));
+ std::vector<std::string> expectedLines;
+ expectedLines.emplace_back(fmt::format("{} {}", TEST_UID, config.expected));
+ EXPECT_TRUE(expectDumpsysContains(expectedLines));
+
+ // Clean up the stubs.
+ ASSERT_TRUE(isOk(updateUidOwnerMaps({TEST_UID}, config.uidOwnerMatchType,
+ TrafficController::IptOpDelete)));
+ }
+}
+
+TEST_F(TrafficControllerTest, getFirewallType) {
+ static const struct TestConfig {
+ ChildChain childChain;
+ FirewallType firewallType;
+ } testConfigs[] = {
+ // clang-format off
+ {NONE, DENYLIST},
+ {DOZABLE, ALLOWLIST},
+ {STANDBY, DENYLIST},
+ {POWERSAVE, ALLOWLIST},
+ {RESTRICTED, ALLOWLIST},
+ {LOW_POWER_STANDBY, ALLOWLIST},
+ {OEM_DENY_1, DENYLIST},
+ {OEM_DENY_2, DENYLIST},
+ {OEM_DENY_3, DENYLIST},
+ {INVALID_CHAIN, DENYLIST},
+ // clang-format on
+ };
+
+ for (const auto& config : testConfigs) {
+ SCOPED_TRACE(fmt::format("testConfig: [{}, {}]", config.childChain, config.firewallType));
+ EXPECT_EQ(config.firewallType, mTc.getFirewallType(config.childChain));
+ }
+}
+
constexpr uint32_t SOCK_CLOSE_WAIT_US = 30 * 1000;
constexpr uint32_t ENOBUFS_POLL_WAIT_US = 10 * 1000;
@@ -682,7 +926,7 @@
if (res.ok() || (res.error().code() == ENOENT)) {
return Result<void>();
}
- ALOGE("Failed to delete data(cookie = %" PRIu64 "): %s\n", key,
+ ALOGE("Failed to delete data(cookie = %" PRIu64 "): %s", key,
strerror(res.error().code()));
}
// Move forward to next cookie in the map.
diff --git a/service/native/include/Common.h b/service/native/include/Common.h
index c9653ad..03f449a 100644
--- a/service/native/include/Common.h
+++ b/service/native/include/Common.h
@@ -38,7 +38,6 @@
POWERSAVE = 3,
RESTRICTED = 4,
LOW_POWER_STANDBY = 5,
- LOCKDOWN = 6,
OEM_DENY_1 = 7,
OEM_DENY_2 = 8,
OEM_DENY_3 = 9,
diff --git a/service/native/include/TrafficController.h b/service/native/include/TrafficController.h
index c019ce7..b44d795 100644
--- a/service/native/include/TrafficController.h
+++ b/service/native/include/TrafficController.h
@@ -38,18 +38,13 @@
/*
* Initialize the whole controller
*/
- netdutils::Status start();
+ netdutils::Status start(bool startSkDestroyListener);
/*
* Swap the stats map config from current active stats map to the idle one.
*/
netdutils::Status swapActiveStatsMap() EXCLUDES(mMutex);
- /*
- * Add the interface name and index pair into the eBPF map.
- */
- int addInterface(const char* name, uint32_t ifaceIndex);
-
int changeUidOwnerRule(ChildChain chain, const uid_t uid, FirewallRule rule, FirewallType type);
int removeUidOwnerRule(const uid_t uid);
@@ -71,6 +66,8 @@
EXCLUDES(mMutex);
netdutils::Status removeUidInterfaceRules(const std::vector<int32_t>& uids) EXCLUDES(mMutex);
+ netdutils::Status updateUidLockdownRule(const uid_t uid, const bool add) EXCLUDES(mMutex);
+
netdutils::Status updateUidOwnerMap(const uint32_t uid,
UidOwnerMatchType matchType, IptOp op) EXCLUDES(mMutex);
@@ -185,8 +182,6 @@
// need to call back to system server for permission check.
std::set<uid_t> mPrivilegedUser GUARDED_BY(mMutex);
- bool hasUpdateDeviceStatsPermission(uid_t uid) REQUIRES(mMutex);
-
// For testing
friend class TrafficControllerTest;
};
diff --git a/service/native/libs/libclat/Android.bp b/service/native/libs/libclat/Android.bp
index 68e4dc4..54d40ac 100644
--- a/service/native/libs/libclat/Android.bp
+++ b/service/native/libs/libclat/Android.bp
@@ -35,7 +35,8 @@
cc_test {
name: "libclat_test",
defaults: ["netd_defaults"],
- test_suites: ["device-tests"],
+ test_suites: ["general-tests", "mts-tethering"],
+ test_config_template: ":net_native_test_config_template",
srcs: [
"clatutils_test.cpp",
],
@@ -49,5 +50,14 @@
"liblog",
"libnetutils",
],
+ compile_multilib: "both",
+ multilib: {
+ lib32: {
+ suffix: "32",
+ },
+ lib64: {
+ suffix: "64",
+ },
+ },
require_root: true,
}
diff --git a/service/native/libs/libclat/clatutils_test.cpp b/service/native/libs/libclat/clatutils_test.cpp
index 4153e19..8cca1f4 100644
--- a/service/native/libs/libclat/clatutils_test.cpp
+++ b/service/native/libs/libclat/clatutils_test.cpp
@@ -19,6 +19,7 @@
#include <gtest/gtest.h>
#include <linux/if_packet.h>
#include <linux/if_tun.h>
+#include <netinet/in.h>
#include "tun_interface.h"
extern "C" {
@@ -182,6 +183,31 @@
v6Iface.destroy();
}
+// This is not a realistic test because we can't test generateIPv6Address here since it requires
+// manipulating routing, which we can't do without talking to the real netd on the system.
+// See test MakeChecksumNeutral.
+// TODO: remove this test once EthernetTetheringTest can test on mainline test coverage branch.
+TEST_F(ClatUtils, GenerateIpv6AddressFailWithUlaSocketAddress) {
+ // Create an interface for generateIpv6Address to connect to.
+ TunInterface tun;
+ ASSERT_EQ(0, tun.init());
+
+ // Unused because v6 address is ULA and makeChecksumNeutral has never called.
+ in_addr v4 = {inet_addr(kIPv4LocalAddr)};
+ // Not a NAT64 prefix because test can't connect to in generateIpv6Address.
+ // Used to be a fake address from the tun interface for generating an IPv6 socket address.
+ // nat64Prefix won't be used in MakeChecksumNeutral because MakeChecksumNeutral has never
+ // be called.
+ in6_addr nat64Prefix = tun.dstAddr(); // not realistic
+ in6_addr v6;
+ EXPECT_EQ(1, inet_pton(AF_INET6, "::", &v6)); // initialize as zero
+
+ EXPECT_EQ(-ENETUNREACH, generateIpv6Address(tun.name().c_str(), v4, nat64Prefix, &v6));
+ EXPECT_TRUE(IN6_IS_ADDR_ULA(&v6));
+
+ tun.destroy();
+}
+
} // namespace clat
} // namespace net
} // namespace android
diff --git a/service/proguard.flags b/service/proguard.flags
index cffa490..478566c 100644
--- a/service/proguard.flags
+++ b/service/proguard.flags
@@ -1,17 +1,8 @@
-# Make sure proguard keeps all connectivity classes
-# TODO: instead of keeping everything, consider listing only "entry points"
-# (service loader, JNI registered methods, etc) and letting the optimizer do its job
--keep class android.net.** { *; }
--keep class com.android.connectivity.** { *; }
--keep class com.android.net.** { *; }
--keep class !com.android.server.nearby.**,com.android.server.** { *; }
-# Prevent proguard from stripping out any nearby-service and fast-pair-lite-protos fields.
--keep class com.android.server.nearby.NearbyService { *; }
+# Keep JNI registered methods
+-keepclasseswithmembers,includedescriptorclasses class * { native <methods>; }
-# The lite proto runtime uses reflection to access fields based on the names in
-# the schema, keep all the fields.
-# This replicates the base proguard rule used by the build by default
-# (proguard_basic_keeps.flags), but needs to be specified here because the
-# com.google.protobuf package is jarjared to the below package.
--keepclassmembers class * extends android.net.connectivity.com.google.protobuf.MessageLite { <fields>; }
+# Keep classes extending structured message.
+-keepclassmembers public class * extends **.com.android.net.module.util.Struct {
+ *;
+}
diff --git a/service/src/com/android/server/BpfNetMaps.java b/service/src/com/android/server/BpfNetMaps.java
index c006bc6..dbfc383 100644
--- a/service/src/com/android/server/BpfNetMaps.java
+++ b/service/src/com/android/server/BpfNetMaps.java
@@ -16,18 +16,54 @@
package com.android.server;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_DOZABLE;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_LOW_POWER_STANDBY;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_1;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_2;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_3;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_POWERSAVE;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_RESTRICTED;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_STANDBY;
+import static android.net.ConnectivityManager.FIREWALL_RULE_ALLOW;
+import static android.net.ConnectivityManager.FIREWALL_RULE_DENY;
+import static android.net.INetd.PERMISSION_INTERNET;
+import static android.net.INetd.PERMISSION_UNINSTALLED;
+import static android.system.OsConstants.EINVAL;
+import static android.system.OsConstants.ENODEV;
+import static android.system.OsConstants.ENOENT;
import static android.system.OsConstants.EOPNOTSUPP;
+import static com.android.server.ConnectivityStatsLog.NETWORK_BPF_MAP_INFO;
+
+import android.app.StatsManager;
+import android.content.Context;
import android.net.INetd;
import android.os.RemoteException;
import android.os.ServiceSpecificException;
+import android.provider.DeviceConfig;
+import android.system.ErrnoException;
import android.system.Os;
+import android.util.ArraySet;
import android.util.Log;
+import android.util.StatsEvent;
+import com.android.internal.annotations.VisibleForTesting;
+import com.android.modules.utils.BackgroundThread;
import com.android.modules.utils.build.SdkLevel;
+import com.android.net.module.util.BpfMap;
+import com.android.net.module.util.DeviceConfigUtils;
+import com.android.net.module.util.IBpfMap;
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.Struct.S32;
+import com.android.net.module.util.Struct.U32;
+import com.android.net.module.util.Struct.U8;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
import java.io.FileDescriptor;
import java.io.IOException;
+import java.util.List;
+import java.util.Set;
/**
* BpfNetMaps is responsible for providing traffic controller relevant functionality.
@@ -35,35 +71,308 @@
* {@hide}
*/
public class BpfNetMaps {
+ private static final boolean PRE_T = !SdkLevel.isAtLeastT();
+ static {
+ if (!PRE_T) {
+ System.loadLibrary("service-connectivity");
+ }
+ }
+
private static final String TAG = "BpfNetMaps";
private final INetd mNetd;
+ private final Dependencies mDeps;
// Use legacy netd for releases before T.
- private static final boolean USE_NETD = !SdkLevel.isAtLeastT();
private static boolean sInitialized = false;
+ private static Boolean sEnableJavaBpfMap = null;
+ private static final String BPF_NET_MAPS_ENABLE_JAVA_BPF_MAP =
+ "bpf_net_maps_enable_java_bpf_map";
+
+ // Lock for sConfigurationMap entry for UID_RULES_CONFIGURATION_KEY.
+ // This entry is not accessed by others.
+ // BpfNetMaps acquires this lock while sequence of read, modify, and write.
+ private static final Object sUidRulesConfigBpfMapLock = new Object();
+
+ // Lock for sConfigurationMap entry for CURRENT_STATS_MAP_CONFIGURATION_KEY.
+ // BpfNetMaps acquires this lock while sequence of read, modify, and write.
+ // BpfNetMaps is an only writer of this entry.
+ private static final Object sCurrentStatsMapConfigLock = new Object();
+
+ private static final String CONFIGURATION_MAP_PATH =
+ "/sys/fs/bpf/netd_shared/map_netd_configuration_map";
+ private static final String UID_OWNER_MAP_PATH =
+ "/sys/fs/bpf/netd_shared/map_netd_uid_owner_map";
+ private static final String UID_PERMISSION_MAP_PATH =
+ "/sys/fs/bpf/netd_shared/map_netd_uid_permission_map";
+ private static final String COOKIE_TAG_MAP_PATH =
+ "/sys/fs/bpf/netd_shared/map_netd_cookie_tag_map";
+ private static final S32 UID_RULES_CONFIGURATION_KEY = new S32(0);
+ private static final S32 CURRENT_STATS_MAP_CONFIGURATION_KEY = new S32(1);
+ private static final long UID_RULES_DEFAULT_CONFIGURATION = 0;
+ private static final long STATS_SELECT_MAP_A = 0;
+ private static final long STATS_SELECT_MAP_B = 1;
+
+ private static IBpfMap<S32, U32> sConfigurationMap = null;
+ // BpfMap for UID_OWNER_MAP_PATH. This map is not accessed by others.
+ private static IBpfMap<S32, UidOwnerValue> sUidOwnerMap = null;
+ private static IBpfMap<S32, U8> sUidPermissionMap = null;
+ private static IBpfMap<CookieTagMapKey, CookieTagMapValue> sCookieTagMap = null;
+
+ // LINT.IfChange(match_type)
+ @VisibleForTesting public static final long NO_MATCH = 0;
+ @VisibleForTesting public static final long HAPPY_BOX_MATCH = (1 << 0);
+ @VisibleForTesting public static final long PENALTY_BOX_MATCH = (1 << 1);
+ @VisibleForTesting public static final long DOZABLE_MATCH = (1 << 2);
+ @VisibleForTesting public static final long STANDBY_MATCH = (1 << 3);
+ @VisibleForTesting public static final long POWERSAVE_MATCH = (1 << 4);
+ @VisibleForTesting public static final long RESTRICTED_MATCH = (1 << 5);
+ @VisibleForTesting public static final long LOW_POWER_STANDBY_MATCH = (1 << 6);
+ @VisibleForTesting public static final long IIF_MATCH = (1 << 7);
+ @VisibleForTesting public static final long LOCKDOWN_VPN_MATCH = (1 << 8);
+ @VisibleForTesting public static final long OEM_DENY_1_MATCH = (1 << 9);
+ @VisibleForTesting public static final long OEM_DENY_2_MATCH = (1 << 10);
+ @VisibleForTesting public static final long OEM_DENY_3_MATCH = (1 << 11);
+ // LINT.ThenChange(packages/modules/Connectivity/bpf_progs/bpf_shared.h)
+
+ /**
+ * Set sEnableJavaBpfMap for test.
+ */
+ @VisibleForTesting
+ public static void setEnableJavaBpfMapForTest(boolean enable) {
+ sEnableJavaBpfMap = enable;
+ }
+
+ /**
+ * Set configurationMap for test.
+ */
+ @VisibleForTesting
+ public static void setConfigurationMapForTest(IBpfMap<S32, U32> configurationMap) {
+ sConfigurationMap = configurationMap;
+ }
+
+ /**
+ * Set uidOwnerMap for test.
+ */
+ @VisibleForTesting
+ public static void setUidOwnerMapForTest(IBpfMap<S32, UidOwnerValue> uidOwnerMap) {
+ sUidOwnerMap = uidOwnerMap;
+ }
+
+ /**
+ * Set uidPermissionMap for test.
+ */
+ @VisibleForTesting
+ public static void setUidPermissionMapForTest(IBpfMap<S32, U8> uidPermissionMap) {
+ sUidPermissionMap = uidPermissionMap;
+ }
+
+ /**
+ * Set cookieTagMap for test.
+ */
+ @VisibleForTesting
+ public static void setCookieTagMapForTest(
+ IBpfMap<CookieTagMapKey, CookieTagMapValue> cookieTagMap) {
+ sCookieTagMap = cookieTagMap;
+ }
+
+ private static IBpfMap<S32, U32> getConfigurationMap() {
+ try {
+ return new BpfMap<>(
+ CONFIGURATION_MAP_PATH, BpfMap.BPF_F_RDWR, S32.class, U32.class);
+ } catch (ErrnoException e) {
+ throw new IllegalStateException("Cannot open netd configuration map", e);
+ }
+ }
+
+ private static IBpfMap<S32, UidOwnerValue> getUidOwnerMap() {
+ try {
+ return new BpfMap<>(
+ UID_OWNER_MAP_PATH, BpfMap.BPF_F_RDWR, S32.class, UidOwnerValue.class);
+ } catch (ErrnoException e) {
+ throw new IllegalStateException("Cannot open uid owner map", e);
+ }
+ }
+
+ private static IBpfMap<S32, U8> getUidPermissionMap() {
+ try {
+ return new BpfMap<>(
+ UID_PERMISSION_MAP_PATH, BpfMap.BPF_F_RDWR, S32.class, U8.class);
+ } catch (ErrnoException e) {
+ throw new IllegalStateException("Cannot open uid permission map", e);
+ }
+ }
+
+ private static IBpfMap<CookieTagMapKey, CookieTagMapValue> getCookieTagMap() {
+ try {
+ return new BpfMap<>(COOKIE_TAG_MAP_PATH, BpfMap.BPF_F_RDWR,
+ CookieTagMapKey.class, CookieTagMapValue.class);
+ } catch (ErrnoException e) {
+ throw new IllegalStateException("Cannot open cookie tag map", e);
+ }
+ }
+
+ private static void initBpfMaps() {
+ if (sConfigurationMap == null) {
+ sConfigurationMap = getConfigurationMap();
+ }
+ try {
+ sConfigurationMap.updateEntry(UID_RULES_CONFIGURATION_KEY,
+ new U32(UID_RULES_DEFAULT_CONFIGURATION));
+ } catch (ErrnoException e) {
+ throw new IllegalStateException("Failed to initialize uid rules configuration", e);
+ }
+ try {
+ sConfigurationMap.updateEntry(CURRENT_STATS_MAP_CONFIGURATION_KEY,
+ new U32(STATS_SELECT_MAP_A));
+ } catch (ErrnoException e) {
+ throw new IllegalStateException("Failed to initialize current stats configuration", e);
+ }
+
+ if (sUidOwnerMap == null) {
+ sUidOwnerMap = getUidOwnerMap();
+ }
+ try {
+ sUidOwnerMap.clear();
+ } catch (ErrnoException e) {
+ throw new IllegalStateException("Failed to initialize uid owner map", e);
+ }
+
+ if (sUidPermissionMap == null) {
+ sUidPermissionMap = getUidPermissionMap();
+ }
+
+ if (sCookieTagMap == null) {
+ sCookieTagMap = getCookieTagMap();
+ }
+ }
+
/**
* Initializes the class if it is not already initialized. This method will open maps but not
* cause any other effects. This method may be called multiple times on any thread.
*/
- private static synchronized void ensureInitialized() {
+ private static synchronized void ensureInitialized(final Context context) {
if (sInitialized) return;
- if (!USE_NETD) {
- System.loadLibrary("service-connectivity");
- native_init();
+ if (sEnableJavaBpfMap == null) {
+ sEnableJavaBpfMap = DeviceConfigUtils.isFeatureEnabled(context,
+ DeviceConfig.NAMESPACE_TETHERING, BPF_NET_MAPS_ENABLE_JAVA_BPF_MAP,
+ SdkLevel.isAtLeastU() /* defaultValue */);
}
+ Log.d(TAG, "BpfNetMaps is initialized with sEnableJavaBpfMap=" + sEnableJavaBpfMap);
+
+ initBpfMaps();
+ native_init(!sEnableJavaBpfMap /* startSkDestroyListener */);
sInitialized = true;
}
- /** Constructor used after T that doesn't need to use netd anymore. */
- public BpfNetMaps() {
- this(null);
-
- if (USE_NETD) throw new IllegalArgumentException("BpfNetMaps need to use netd before T");
+ public boolean isSkDestroyListenerRunning() {
+ return !sEnableJavaBpfMap;
}
- public BpfNetMaps(INetd netd) {
- ensureInitialized();
+ /**
+ * Dependencies of BpfNetMaps, for injection in tests.
+ */
+ @VisibleForTesting
+ public static class Dependencies {
+ /**
+ * Get interface index.
+ */
+ public int getIfIndex(final String ifName) {
+ return Os.if_nametoindex(ifName);
+ }
+
+ /**
+ * Call synchronize_rcu()
+ */
+ public int synchronizeKernelRCU() {
+ return native_synchronizeKernelRCU();
+ }
+
+ /**
+ * Build Stats Event for NETWORK_BPF_MAP_INFO atom
+ */
+ public StatsEvent buildStatsEvent(final int cookieTagMapSize, final int uidOwnerMapSize,
+ final int uidPermissionMapSize) {
+ return ConnectivityStatsLog.buildStatsEvent(NETWORK_BPF_MAP_INFO, cookieTagMapSize,
+ uidOwnerMapSize, uidPermissionMapSize);
+ }
+
+ /**
+ * Call native_dump
+ */
+ public void nativeDump(final FileDescriptor fd, final boolean verbose) {
+ native_dump(fd, verbose);
+ }
+ }
+
+ /** Constructor used after T that doesn't need to use netd anymore. */
+ public BpfNetMaps(final Context context) {
+ this(context, null);
+
+ if (PRE_T) throw new IllegalArgumentException("BpfNetMaps need to use netd before T");
+ }
+
+ public BpfNetMaps(final Context context, final INetd netd) {
+ this(context, netd, new Dependencies());
+ }
+
+ @VisibleForTesting
+ public BpfNetMaps(final Context context, final INetd netd, final Dependencies deps) {
+ if (!PRE_T) {
+ ensureInitialized(context);
+ }
mNetd = netd;
+ mDeps = deps;
+ }
+
+ /**
+ * Get corresponding match from firewall chain.
+ */
+ @VisibleForTesting
+ public long getMatchByFirewallChain(final int chain) {
+ switch (chain) {
+ case FIREWALL_CHAIN_DOZABLE:
+ return DOZABLE_MATCH;
+ case FIREWALL_CHAIN_STANDBY:
+ return STANDBY_MATCH;
+ case FIREWALL_CHAIN_POWERSAVE:
+ return POWERSAVE_MATCH;
+ case FIREWALL_CHAIN_RESTRICTED:
+ return RESTRICTED_MATCH;
+ case FIREWALL_CHAIN_LOW_POWER_STANDBY:
+ return LOW_POWER_STANDBY_MATCH;
+ case FIREWALL_CHAIN_OEM_DENY_1:
+ return OEM_DENY_1_MATCH;
+ case FIREWALL_CHAIN_OEM_DENY_2:
+ return OEM_DENY_2_MATCH;
+ case FIREWALL_CHAIN_OEM_DENY_3:
+ return OEM_DENY_3_MATCH;
+ default:
+ throw new ServiceSpecificException(EINVAL, "Invalid firewall chain: " + chain);
+ }
+ }
+
+ /**
+ * Get if the chain is allow list or not.
+ *
+ * ALLOWLIST means the firewall denies all by default, uids must be explicitly allowed
+ * DENYLIST means the firewall allows all by default, uids must be explicitly denyed
+ */
+ @VisibleForTesting
+ public boolean isFirewallAllowList(final int chain) {
+ switch (chain) {
+ case FIREWALL_CHAIN_DOZABLE:
+ case FIREWALL_CHAIN_POWERSAVE:
+ case FIREWALL_CHAIN_RESTRICTED:
+ case FIREWALL_CHAIN_LOW_POWER_STANDBY:
+ return true;
+ case FIREWALL_CHAIN_STANDBY:
+ case FIREWALL_CHAIN_OEM_DENY_1:
+ case FIREWALL_CHAIN_OEM_DENY_2:
+ case FIREWALL_CHAIN_OEM_DENY_3:
+ return false;
+ default:
+ throw new ServiceSpecificException(EINVAL, "Invalid firewall chain: " + chain);
+ }
}
private void maybeThrow(final int err, final String msg) {
@@ -72,6 +381,73 @@
}
}
+ private void throwIfPreT(final String msg) {
+ if (PRE_T) {
+ throw new UnsupportedOperationException(msg);
+ }
+ }
+
+ private void removeRule(final int uid, final long match, final String caller) {
+ try {
+ synchronized (sUidOwnerMap) {
+ final UidOwnerValue oldMatch = sUidOwnerMap.getValue(new S32(uid));
+
+ if (oldMatch == null) {
+ throw new ServiceSpecificException(ENOENT,
+ "sUidOwnerMap does not have entry for uid: " + uid);
+ }
+
+ final UidOwnerValue newMatch = new UidOwnerValue(
+ (match == IIF_MATCH) ? 0 : oldMatch.iif,
+ oldMatch.rule & ~match
+ );
+
+ if (newMatch.rule == 0) {
+ sUidOwnerMap.deleteEntry(new S32(uid));
+ } else {
+ sUidOwnerMap.updateEntry(new S32(uid), newMatch);
+ }
+ }
+ } catch (ErrnoException e) {
+ throw new ServiceSpecificException(e.errno,
+ caller + " failed to remove rule: " + Os.strerror(e.errno));
+ }
+ }
+
+ private void addRule(final int uid, final long match, final int iif, final String caller) {
+ if (match != IIF_MATCH && iif != 0) {
+ throw new ServiceSpecificException(EINVAL,
+ "Non-interface match must have zero interface index");
+ }
+
+ try {
+ synchronized (sUidOwnerMap) {
+ final UidOwnerValue oldMatch = sUidOwnerMap.getValue(new S32(uid));
+
+ final UidOwnerValue newMatch;
+ if (oldMatch != null) {
+ newMatch = new UidOwnerValue(
+ (match == IIF_MATCH) ? iif : oldMatch.iif,
+ oldMatch.rule | match
+ );
+ } else {
+ newMatch = new UidOwnerValue(
+ iif,
+ match
+ );
+ }
+ sUidOwnerMap.updateEntry(new S32(uid), newMatch);
+ }
+ } catch (ErrnoException e) {
+ throw new ServiceSpecificException(e.errno,
+ caller + " failed to add rule: " + Os.strerror(e.errno));
+ }
+ }
+
+ private void addRule(final int uid, final long match, final String caller) {
+ addRule(uid, match, 0 /* iif */, caller);
+ }
+
/**
* Add naughty app bandwidth rule for specific app
*
@@ -80,8 +456,14 @@
* cause of the failure.
*/
public void addNaughtyApp(final int uid) {
- final int err = native_addNaughtyApp(uid);
- maybeThrow(err, "Unable to add naughty app");
+ throwIfPreT("addNaughtyApp is not available on pre-T devices");
+
+ if (sEnableJavaBpfMap) {
+ addRule(uid, PENALTY_BOX_MATCH, "addNaughtyApp");
+ } else {
+ final int err = native_addNaughtyApp(uid);
+ maybeThrow(err, "Unable to add naughty app");
+ }
}
/**
@@ -92,8 +474,14 @@
* cause of the failure.
*/
public void removeNaughtyApp(final int uid) {
- final int err = native_removeNaughtyApp(uid);
- maybeThrow(err, "Unable to remove naughty app");
+ throwIfPreT("removeNaughtyApp is not available on pre-T devices");
+
+ if (sEnableJavaBpfMap) {
+ removeRule(uid, PENALTY_BOX_MATCH, "removeNaughtyApp");
+ } else {
+ final int err = native_removeNaughtyApp(uid);
+ maybeThrow(err, "Unable to remove naughty app");
+ }
}
/**
@@ -104,8 +492,14 @@
* cause of the failure.
*/
public void addNiceApp(final int uid) {
- final int err = native_addNiceApp(uid);
- maybeThrow(err, "Unable to add nice app");
+ throwIfPreT("addNiceApp is not available on pre-T devices");
+
+ if (sEnableJavaBpfMap) {
+ addRule(uid, HAPPY_BOX_MATCH, "addNiceApp");
+ } else {
+ final int err = native_addNiceApp(uid);
+ maybeThrow(err, "Unable to add nice app");
+ }
}
/**
@@ -116,8 +510,14 @@
* cause of the failure.
*/
public void removeNiceApp(final int uid) {
- final int err = native_removeNiceApp(uid);
- maybeThrow(err, "Unable to remove nice app");
+ throwIfPreT("removeNiceApp is not available on pre-T devices");
+
+ if (sEnableJavaBpfMap) {
+ removeRule(uid, HAPPY_BOX_MATCH, "removeNiceApp");
+ } else {
+ final int err = native_removeNiceApp(uid);
+ maybeThrow(err, "Unable to remove nice app");
+ }
}
/**
@@ -125,34 +525,143 @@
*
* @param childChain target chain to enable
* @param enable whether to enable or disable child chain.
+ * @throws UnsupportedOperationException if called on pre-T devices.
* @throws ServiceSpecificException in case of failure, with an error code indicating the
* cause of the failure.
*/
public void setChildChain(final int childChain, final boolean enable) {
- final int err = native_setChildChain(childChain, enable);
- maybeThrow(err, "Unable to set child chain");
+ throwIfPreT("setChildChain is not available on pre-T devices");
+
+ if (sEnableJavaBpfMap) {
+ final long match = getMatchByFirewallChain(childChain);
+ try {
+ synchronized (sUidRulesConfigBpfMapLock) {
+ final U32 config = sConfigurationMap.getValue(UID_RULES_CONFIGURATION_KEY);
+ final long newConfig = enable ? (config.val | match) : (config.val & ~match);
+ sConfigurationMap.updateEntry(UID_RULES_CONFIGURATION_KEY, new U32(newConfig));
+ }
+ } catch (ErrnoException e) {
+ throw new ServiceSpecificException(e.errno,
+ "Unable to set child chain: " + Os.strerror(e.errno));
+ }
+ } else {
+ final int err = native_setChildChain(childChain, enable);
+ maybeThrow(err, "Unable to set child chain");
+ }
+ }
+
+ /**
+ * Get the specified firewall chain's status.
+ *
+ * @param childChain target chain
+ * @return {@code true} if chain is enabled, {@code false} if chain is not enabled.
+ * @throws UnsupportedOperationException if called on pre-T devices.
+ * @throws ServiceSpecificException in case of failure, with an error code indicating the
+ * cause of the failure.
+ */
+ public boolean isChainEnabled(final int childChain) {
+ throwIfPreT("isChainEnabled is not available on pre-T devices");
+
+ final long match = getMatchByFirewallChain(childChain);
+ try {
+ final U32 config = sConfigurationMap.getValue(UID_RULES_CONFIGURATION_KEY);
+ return (config.val & match) != 0;
+ } catch (ErrnoException e) {
+ throw new ServiceSpecificException(e.errno,
+ "Unable to get firewall chain status: " + Os.strerror(e.errno));
+ }
+ }
+
+ private Set<Integer> asSet(final int[] uids) {
+ final Set<Integer> uidSet = new ArraySet<>();
+ for (final int uid: uids) {
+ uidSet.add(uid);
+ }
+ return uidSet;
}
/**
* Replaces the contents of the specified UID-based firewall chain.
+ * Enables the chain for specified uids and disables the chain for non-specified uids.
*
- * The chain may be an allowlist chain or a denylist chain. A denylist chain contains DROP
- * rules for the specified UIDs and a RETURN rule at the end. An allowlist chain contains RETURN
- * rules for the system UID range (0 to {@code UID_APP} - 1), RETURN rules for the specified
- * UIDs, and a DROP rule at the end. The chain will be created if it does not exist.
- *
- * @param chainName The name of the chain to replace.
- * @param isAllowlist Whether this is an allowlist or denylist chain.
+ * @param chain Target chain.
* @param uids The list of UIDs to allow/deny.
- * @return 0 if the chain was successfully replaced, errno otherwise.
+ * @throws UnsupportedOperationException if called on pre-T devices.
+ * @throws IllegalArgumentException if {@code chain} is not a valid chain.
*/
- public int replaceUidChain(final String chainName, final boolean isAllowlist,
- final int[] uids) {
- final int err = native_replaceUidChain(chainName, isAllowlist, uids);
- if (err != 0) {
- Log.e(TAG, "replaceUidChain failed: " + Os.strerror(-err));
+ public void replaceUidChain(final int chain, final int[] uids) {
+ throwIfPreT("replaceUidChain is not available on pre-T devices");
+
+ if (sEnableJavaBpfMap) {
+ final long match;
+ try {
+ match = getMatchByFirewallChain(chain);
+ } catch (ServiceSpecificException e) {
+ // Throws IllegalArgumentException to keep the behavior of
+ // ConnectivityManager#replaceFirewallChain API
+ throw new IllegalArgumentException("Invalid firewall chain: " + chain);
+ }
+ final Set<Integer> uidSet = asSet(uids);
+ final Set<Integer> uidSetToRemoveRule = new ArraySet<>();
+ try {
+ synchronized (sUidOwnerMap) {
+ sUidOwnerMap.forEach((uid, config) -> {
+ // config could be null if there is a concurrent entry deletion.
+ // http://b/220084230. But sUidOwnerMap update must be done while holding a
+ // lock, so this should not happen.
+ if (config == null) {
+ Log.wtf(TAG, "sUidOwnerMap entry was deleted while holding a lock");
+ } else if (!uidSet.contains((int) uid.val) && (config.rule & match) != 0) {
+ uidSetToRemoveRule.add((int) uid.val);
+ }
+ });
+
+ for (final int uid : uidSetToRemoveRule) {
+ removeRule(uid, match, "replaceUidChain");
+ }
+ for (final int uid : uids) {
+ addRule(uid, match, "replaceUidChain");
+ }
+ }
+ } catch (ErrnoException | ServiceSpecificException e) {
+ Log.e(TAG, "replaceUidChain failed: " + e);
+ }
+ } else {
+ final int err;
+ switch (chain) {
+ case FIREWALL_CHAIN_DOZABLE:
+ err = native_replaceUidChain("fw_dozable", true /* isAllowList */, uids);
+ break;
+ case FIREWALL_CHAIN_STANDBY:
+ err = native_replaceUidChain("fw_standby", false /* isAllowList */, uids);
+ break;
+ case FIREWALL_CHAIN_POWERSAVE:
+ err = native_replaceUidChain("fw_powersave", true /* isAllowList */, uids);
+ break;
+ case FIREWALL_CHAIN_RESTRICTED:
+ err = native_replaceUidChain("fw_restricted", true /* isAllowList */, uids);
+ break;
+ case FIREWALL_CHAIN_LOW_POWER_STANDBY:
+ err = native_replaceUidChain(
+ "fw_low_power_standby", true /* isAllowList */, uids);
+ break;
+ case FIREWALL_CHAIN_OEM_DENY_1:
+ err = native_replaceUidChain("fw_oem_deny_1", false /* isAllowList */, uids);
+ break;
+ case FIREWALL_CHAIN_OEM_DENY_2:
+ err = native_replaceUidChain("fw_oem_deny_2", false /* isAllowList */, uids);
+ break;
+ case FIREWALL_CHAIN_OEM_DENY_3:
+ err = native_replaceUidChain("fw_oem_deny_3", false /* isAllowList */, uids);
+ break;
+ default:
+ throw new IllegalArgumentException("replaceFirewallChain with invalid chain: "
+ + chain);
+ }
+ if (err != 0) {
+ Log.e(TAG, "replaceUidChain failed: " + Os.strerror(-err));
+ }
}
- return -err;
}
/**
@@ -165,8 +674,23 @@
* cause of the failure.
*/
public void setUidRule(final int childChain, final int uid, final int firewallRule) {
- final int err = native_setUidRule(childChain, uid, firewallRule);
- maybeThrow(err, "Unable to set uid rule");
+ throwIfPreT("setUidRule is not available on pre-T devices");
+
+ if (sEnableJavaBpfMap) {
+ final long match = getMatchByFirewallChain(childChain);
+ final boolean isAllowList = isFirewallAllowList(childChain);
+ final boolean add = (firewallRule == FIREWALL_RULE_ALLOW && isAllowList)
+ || (firewallRule == FIREWALL_RULE_DENY && !isAllowList);
+
+ if (add) {
+ addRule(uid, match, "setUidRule");
+ } else {
+ removeRule(uid, match, "setUidRule");
+ }
+ } else {
+ final int err = native_setUidRule(childChain, uid, firewallRule);
+ maybeThrow(err, "Unable to set uid rule");
+ }
}
/**
@@ -187,12 +711,35 @@
* cause of the failure.
*/
public void addUidInterfaceRules(final String ifName, final int[] uids) throws RemoteException {
- if (USE_NETD) {
+ if (PRE_T) {
mNetd.firewallAddUidInterfaceRules(ifName, uids);
return;
}
- final int err = native_addUidInterfaceRules(ifName, uids);
- maybeThrow(err, "Unable to add uid interface rules");
+
+ if (sEnableJavaBpfMap) {
+ // Null ifName is a wildcard to allow apps to receive packets on all interfaces and
+ // ifIndex is set to 0.
+ final int ifIndex;
+ if (ifName == null) {
+ ifIndex = 0;
+ } else {
+ ifIndex = mDeps.getIfIndex(ifName);
+ if (ifIndex == 0) {
+ throw new ServiceSpecificException(ENODEV,
+ "Failed to get index of interface " + ifName);
+ }
+ }
+ for (final int uid : uids) {
+ try {
+ addRule(uid, IIF_MATCH, ifIndex, "addUidInterfaceRules");
+ } catch (ServiceSpecificException e) {
+ Log.e(TAG, "addRule failed uid=" + uid + " ifName=" + ifName + ", " + e);
+ }
+ }
+ } else {
+ final int err = native_addUidInterfaceRules(ifName, uids);
+ maybeThrow(err, "Unable to add uid interface rules");
+ }
}
/**
@@ -207,23 +754,85 @@
* cause of the failure.
*/
public void removeUidInterfaceRules(final int[] uids) throws RemoteException {
- if (USE_NETD) {
+ if (PRE_T) {
mNetd.firewallRemoveUidInterfaceRules(uids);
return;
}
- final int err = native_removeUidInterfaceRules(uids);
- maybeThrow(err, "Unable to remove uid interface rules");
+
+ if (sEnableJavaBpfMap) {
+ for (final int uid : uids) {
+ try {
+ removeRule(uid, IIF_MATCH, "removeUidInterfaceRules");
+ } catch (ServiceSpecificException e) {
+ Log.e(TAG, "removeRule failed uid=" + uid + ", " + e);
+ }
+ }
+ } else {
+ final int err = native_removeUidInterfaceRules(uids);
+ maybeThrow(err, "Unable to remove uid interface rules");
+ }
+ }
+
+ /**
+ * Update lockdown rule for uid
+ *
+ * @param uid target uid to add/remove the rule
+ * @param add {@code true} to add the rule, {@code false} to remove the rule.
+ * @throws ServiceSpecificException in case of failure, with an error code indicating the
+ * cause of the failure.
+ */
+ public void updateUidLockdownRule(final int uid, final boolean add) {
+ throwIfPreT("updateUidLockdownRule is not available on pre-T devices");
+
+ if (sEnableJavaBpfMap) {
+ if (add) {
+ addRule(uid, LOCKDOWN_VPN_MATCH, "updateUidLockdownRule");
+ } else {
+ removeRule(uid, LOCKDOWN_VPN_MATCH, "updateUidLockdownRule");
+ }
+ } else {
+ final int err = native_updateUidLockdownRule(uid, add);
+ maybeThrow(err, "Unable to update lockdown rule");
+ }
}
/**
* Request netd to change the current active network stats map.
*
+ * @throws UnsupportedOperationException if called on pre-T devices.
* @throws ServiceSpecificException in case of failure, with an error code indicating the
* cause of the failure.
*/
public void swapActiveStatsMap() {
- final int err = native_swapActiveStatsMap();
- maybeThrow(err, "Unable to swap active stats map");
+ throwIfPreT("swapActiveStatsMap is not available on pre-T devices");
+
+ if (sEnableJavaBpfMap) {
+ try {
+ synchronized (sCurrentStatsMapConfigLock) {
+ final long config = sConfigurationMap.getValue(
+ CURRENT_STATS_MAP_CONFIGURATION_KEY).val;
+ final long newConfig = (config == STATS_SELECT_MAP_A)
+ ? STATS_SELECT_MAP_B : STATS_SELECT_MAP_A;
+ sConfigurationMap.updateEntry(CURRENT_STATS_MAP_CONFIGURATION_KEY,
+ new U32(newConfig));
+ }
+ } catch (ErrnoException e) {
+ throw new ServiceSpecificException(e.errno, "Failed to swap active stats map");
+ }
+
+ // After changing the config, it's needed to make sure all the current running eBPF
+ // programs are finished and all the CPUs are aware of this config change before the old
+ // map is modified. So special hack is needed here to wait for the kernel to do a
+ // synchronize_rcu(). Once the kernel called synchronize_rcu(), the updated config will
+ // be available to all cores and the next eBPF programs triggered inside the kernel will
+ // use the new map configuration. So once this function returns it is safe to modify the
+ // old stats map without concerning about race between the kernel and userspace.
+ final int err = mDeps.synchronizeKernelRCU();
+ maybeThrow(err, "synchronizeKernelRCU failed");
+ } else {
+ final int err = native_swapActiveStatsMap();
+ maybeThrow(err, "Unable to swap active stats map");
+ }
}
/**
@@ -237,11 +846,72 @@
* @throws RemoteException when netd has crashed.
*/
public void setNetPermForUids(final int permissions, final int[] uids) throws RemoteException {
- if (USE_NETD) {
+ if (PRE_T) {
mNetd.trafficSetNetPermForUids(permissions, uids);
return;
}
- native_setPermissionForUids(permissions, uids);
+
+ if (sEnableJavaBpfMap) {
+ // Remove the entry if package is uninstalled or uid has only INTERNET permission.
+ if (permissions == PERMISSION_UNINSTALLED || permissions == PERMISSION_INTERNET) {
+ for (final int uid : uids) {
+ try {
+ sUidPermissionMap.deleteEntry(new S32(uid));
+ } catch (ErrnoException e) {
+ Log.e(TAG, "Failed to remove uid " + uid + " from permission map: " + e);
+ }
+ }
+ return;
+ }
+
+ for (final int uid : uids) {
+ try {
+ sUidPermissionMap.updateEntry(new S32(uid), new U8((short) permissions));
+ } catch (ErrnoException e) {
+ Log.e(TAG, "Failed to set permission "
+ + permissions + " to uid " + uid + ": " + e);
+ }
+ }
+ } else {
+ native_setPermissionForUids(permissions, uids);
+ }
+ }
+
+ /** Register callback for statsd to pull atom. */
+ public void setPullAtomCallback(final Context context) {
+ throwIfPreT("setPullAtomCallback is not available on pre-T devices");
+
+ final StatsManager statsManager = context.getSystemService(StatsManager.class);
+ statsManager.setPullAtomCallback(NETWORK_BPF_MAP_INFO, null /* metadata */,
+ BackgroundThread.getExecutor(), this::pullBpfMapInfoAtom);
+ }
+
+ private <K extends Struct, V extends Struct> int getMapSize(IBpfMap<K, V> map)
+ throws ErrnoException {
+ // forEach could restart iteration from the beginning if there is a concurrent entry
+ // deletion. netd and skDestroyListener could delete CookieTagMap entry concurrently.
+ // So using Set to count the number of entry in the map.
+ Set<K> keySet = new ArraySet<>();
+ map.forEach((k, v) -> keySet.add(k));
+ return keySet.size();
+ }
+
+ /** Callback for StatsManager#setPullAtomCallback */
+ @VisibleForTesting
+ public int pullBpfMapInfoAtom(final int atomTag, final List<StatsEvent> data) {
+ if (atomTag != NETWORK_BPF_MAP_INFO) {
+ Log.e(TAG, "Unexpected atom tag: " + atomTag);
+ return StatsManager.PULL_SKIP;
+ }
+
+ try {
+ data.add(mDeps.buildStatsEvent(getMapSize(sCookieTagMap), getMapSize(sUidOwnerMap),
+ getMapSize(sUidPermissionMap)));
+ } catch (ErrnoException e) {
+ Log.e(TAG, "Failed to pull NETWORK_BPF_MAP_INFO atom: " + e);
+ return StatsManager.PULL_SKIP;
+ }
+ return StatsManager.PULL_SUCCESS;
}
/**
@@ -253,15 +923,15 @@
*/
public void dump(final FileDescriptor fd, boolean verbose)
throws IOException, ServiceSpecificException {
- if (USE_NETD) {
+ if (PRE_T) {
throw new ServiceSpecificException(
EOPNOTSUPP, "dumpsys connectivity trafficcontroller dump not available on pre-T"
+ " devices, use dumpsys netd trafficcontroller instead.");
}
- native_dump(fd, verbose);
+ mDeps.nativeDump(fd, verbose);
}
- private static native void native_init();
+ private static native void native_init(boolean startSkDestroyListener);
private native int native_addNaughtyApp(int uid);
private native int native_removeNaughtyApp(int uid);
private native int native_addNiceApp(int uid);
@@ -271,7 +941,9 @@
private native int native_setUidRule(int childChain, int uid, int firewallRule);
private native int native_addUidInterfaceRules(String ifName, int[] uids);
private native int native_removeUidInterfaceRules(int[] uids);
+ private native int native_updateUidLockdownRule(int uid, boolean add);
private native int native_swapActiveStatsMap();
private native void native_setPermissionForUids(int permissions, int[] uids);
- private native void native_dump(FileDescriptor fd, boolean verbose);
+ private static native void native_dump(FileDescriptor fd, boolean verbose);
+ private static native int native_synchronizeKernelRCU();
}
diff --git a/service/src/com/android/server/ConnectivityService.java b/service/src/com/android/server/ConnectivityService.java
old mode 100644
new mode 100755
index d0cb294..84cf561
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -89,7 +89,6 @@
import static android.net.NetworkScore.POLICY_TRANSPORT_PRIMARY;
import static android.net.OemNetworkPreferences.OEM_NETWORK_PREFERENCE_TEST;
import static android.net.OemNetworkPreferences.OEM_NETWORK_PREFERENCE_TEST_ONLY;
-import static android.net.shared.NetworkMonitorUtils.isPrivateDnsValidationRequired;
import static android.os.Process.INVALID_UID;
import static android.os.Process.VPN_UID;
import static android.provider.DeviceConfig.NAMESPACE_CONNECTIVITY;
@@ -98,6 +97,10 @@
import static android.system.OsConstants.IPPROTO_UDP;
import static com.android.net.module.util.DeviceConfigUtils.TETHERING_MODULE_NAME;
+import static com.android.net.module.util.NetworkMonitorUtils.isPrivateDnsValidationRequired;
+import static com.android.net.module.util.PermissionUtils.enforceAnyPermissionOf;
+import static com.android.net.module.util.PermissionUtils.enforceNetworkStackPermission;
+import static com.android.net.module.util.PermissionUtils.enforceNetworkStackPermissionOr;
import static java.util.Map.Entry;
@@ -202,7 +205,6 @@
import android.net.resolv.aidl.Nat64PrefixEventParcel;
import android.net.resolv.aidl.PrivateDnsValidationEventParcel;
import android.net.shared.PrivateDnsConfig;
-import android.net.util.MultinetworkPolicyTracker;
import android.net.wifi.WifiInfo;
import android.os.BatteryStatsManager;
import android.os.Binder;
@@ -254,6 +256,7 @@
import com.android.net.module.util.LinkPropertiesUtils.CompareResult;
import com.android.net.module.util.LocationPermissionChecker;
import com.android.net.module.util.NetworkCapabilitiesUtils;
+import com.android.net.module.util.PerUidCounter;
import com.android.net.module.util.PermissionUtils;
import com.android.net.module.util.TcUtils;
import com.android.net.module.util.netlink.InetDiagMessage;
@@ -268,6 +271,7 @@
import com.android.server.connectivity.KeepaliveTracker;
import com.android.server.connectivity.LingerMonitor;
import com.android.server.connectivity.MockableSystemProperties;
+import com.android.server.connectivity.MultinetworkPolicyTracker;
import com.android.server.connectivity.NetworkAgentInfo;
import com.android.server.connectivity.NetworkDiagnostics;
import com.android.server.connectivity.NetworkNotificationManager;
@@ -349,6 +353,15 @@
// connect anyway?" dialog after the user selects a network that doesn't validate.
private static final int PROMPT_UNVALIDATED_DELAY_MS = 8 * 1000;
+ // How long to wait before considering that a network is bad in the absence of any form
+ // of connectivity (valid, partial, captive portal). If none has been detected after this
+ // delay, the stack considers this network bad, which may affect how it's handled in ranking
+ // according to config_networkAvoidBadWifi.
+ // Timeout in case the "actively prefer bad wifi" feature is on
+ private static final int ACTIVELY_PREFER_BAD_WIFI_INITIAL_TIMEOUT_MS = 20 * 1000;
+ // Timeout in case the "actively prefer bad wifi" feature is off
+ private static final int DONT_ACTIVELY_PREFER_BAD_WIFI_INITIAL_TIMEOUT_MS = 8 * 1000;
+
// Default to 30s linger time-out, and 5s for nascent network. Modifiable only for testing.
private static final String LINGER_DELAY_PROPERTY = "persist.netmon.linger";
private static final int DEFAULT_LINGER_DELAY_MS = 30_000;
@@ -377,15 +390,15 @@
// See ConnectivitySettingsManager.CONNECTIVITY_RELEASE_PENDING_INTENT_DELAY_MS
private final int mReleasePendingIntentDelayMs;
- private MockableSystemProperties mSystemProperties;
+ private final MockableSystemProperties mSystemProperties;
@VisibleForTesting
protected final PermissionMonitor mPermissionMonitor;
@VisibleForTesting
- final PerUidCounter mNetworkRequestCounter;
+ final RequestInfoPerUidCounter mNetworkRequestCounter;
@VisibleForTesting
- final PerUidCounter mSystemNetworkRequestCounter;
+ final RequestInfoPerUidCounter mSystemNetworkRequestCounter;
private volatile boolean mLockdownEnabled;
@@ -393,7 +406,7 @@
* Stale copy of uid blocked reasons provided by NPMS. As long as they are accessed only in
* internal handler thread, they don't need a lock.
*/
- private SparseIntArray mUidBlockedReasons = new SparseIntArray();
+ private final SparseIntArray mUidBlockedReasons = new SparseIntArray();
private final Context mContext;
private final ConnectivityResources mResources;
@@ -409,9 +422,8 @@
@VisibleForTesting
protected INetd mNetd;
private DscpPolicyTracker mDscpPolicyTracker = null;
- private NetworkStatsManager mStatsManager;
- private NetworkPolicyManager mPolicyManager;
- private final NetdCallback mNetdCallback;
+ private final NetworkStatsManager mStatsManager;
+ private final NetworkPolicyManager mPolicyManager;
private final BpfNetMaps mBpfNetMaps;
/**
@@ -450,7 +462,7 @@
* direct device-originated data traffic of the specific UIDs to the correct
* default network for each app.
* Order ints passed to netd must be in the 0~999 range. Larger values code for
- * a lower priority, {@see NativeUidRangeConfig}
+ * a lower priority, see {@link NativeUidRangeConfig}.
*
* Requests that don't code for a per-app preference use PREFERENCE_ORDER_INVALID.
* The default request uses PREFERENCE_ORDER_DEFAULT.
@@ -578,12 +590,6 @@
private static final int EVENT_SET_ACCEPT_UNVALIDATED = 28;
/**
- * used to ask the user to confirm a connection to an unvalidated network.
- * obj = network
- */
- private static final int EVENT_PROMPT_UNVALIDATED = 29;
-
- /**
* used internally to (re)configure always-on networks.
*/
private static final int EVENT_CONFIGURE_ALWAYS_ON_NETWORKS = 30;
@@ -722,6 +728,14 @@
private static final int EVENT_INGRESS_RATE_LIMIT_CHANGED = 56;
/**
+ * The initial evaluation period is over for this network.
+ *
+ * If no form of connectivity has been found on this network (valid, partial, captive portal)
+ * then the stack will now consider it to have been determined bad.
+ */
+ private static final int EVENT_INITIAL_EVALUATION_TIMEOUT = 57;
+
+ /**
* Argument for {@link #EVENT_PROVISIONING_NOTIFICATION} to indicate that the notification
* should be shown.
*/
@@ -772,12 +786,13 @@
final ConnectivityDiagnosticsHandler mConnectivityDiagnosticsHandler;
private final DnsManager mDnsManager;
- private final NetworkRanker mNetworkRanker;
+ @VisibleForTesting
+ final NetworkRanker mNetworkRanker;
private boolean mSystemReady;
private Intent mInitialBroadcast;
- private PowerManager.WakeLock mNetTransitionWakeLock;
+ private final PowerManager.WakeLock mNetTransitionWakeLock;
private final PowerManager.WakeLock mPendingIntentWakeLock;
// A helper object to track the current default HTTP proxy. ConnectivityService needs to tell
@@ -787,10 +802,10 @@
final private SettingsObserver mSettingsObserver;
- private UserManager mUserManager;
+ private final UserManager mUserManager;
// the set of network types that can only be enabled by system/sig apps
- private List<Integer> mProtectedNetworks;
+ private final List<Integer> mProtectedNetworks;
private Set<String> mWolSupportedInterfaces;
@@ -800,10 +815,10 @@
private final LocationPermissionChecker mLocationPermissionChecker;
- private KeepaliveTracker mKeepaliveTracker;
- private QosCallbackTracker mQosCallbackTracker;
- private NetworkNotificationManager mNotifier;
- private LingerMonitor mLingerMonitor;
+ private final KeepaliveTracker mKeepaliveTracker;
+ private final QosCallbackTracker mQosCallbackTracker;
+ private final NetworkNotificationManager mNotifier;
+ private final LingerMonitor mLingerMonitor;
// sequence number of NetworkRequests
private int mNextNetworkRequestId = NetworkRequest.FIRST_REQUEST_ID;
@@ -831,7 +846,7 @@
private final IpConnectivityLog mMetricsLog;
@GuardedBy("mBandwidthRequests")
- private final SparseArray<Integer> mBandwidthRequests = new SparseArray(10);
+ private final SparseArray<Integer> mBandwidthRequests = new SparseArray<>(10);
@VisibleForTesting
final MultinetworkPolicyTracker mMultinetworkPolicyTracker;
@@ -890,7 +905,7 @@
* - getRestoreTimerForType(type) is also synchronized on mTypeLists.
* - dump is thread-safe with respect to concurrent add and remove calls.
*/
- private final ArrayList<NetworkAgentInfo> mTypeLists[];
+ private final ArrayList<NetworkAgentInfo>[] mTypeLists;
@NonNull
private final ConnectivityService mService;
@@ -1093,8 +1108,7 @@
}
}
- // send out another legacy broadcast - currently only used for suspend/unsuspend
- // toggle
+ // send out another legacy broadcast - currently only used for suspend/unsuspend toggle
public void update(NetworkAgentInfo nai) {
final boolean isDefault = mService.isDefaultNetwork(nai);
final DetailedState state = nai.networkInfo.getDetailedState();
@@ -1185,89 +1199,6 @@
}
/**
- * Keeps track of the number of requests made under different uids.
- */
- // TODO: Remove the hack and use com.android.net.module.util.PerUidCounter instead.
- public static class PerUidCounter {
- private final int mMaxCountPerUid;
-
- // Map from UID to number of NetworkRequests that UID has filed.
- @VisibleForTesting
- @GuardedBy("mUidToNetworkRequestCount")
- final SparseIntArray mUidToNetworkRequestCount = new SparseIntArray();
-
- /**
- * Constructor
- *
- * @param maxCountPerUid the maximum count per uid allowed
- */
- public PerUidCounter(final int maxCountPerUid) {
- mMaxCountPerUid = maxCountPerUid;
- }
-
- /**
- * Increments the request count of the given uid. Throws an exception if the number
- * of open requests for the uid exceeds the value of maxCounterPerUid which is the value
- * passed into the constructor. see: {@link #PerUidCounter(int)}.
- *
- * @throws ServiceSpecificException with
- * {@link ConnectivityManager.Errors.TOO_MANY_REQUESTS} if the number of requests for
- * the uid exceed the allowed number.
- *
- * @param uid the uid that the request was made under
- */
- public void incrementCountOrThrow(final int uid) {
- synchronized (mUidToNetworkRequestCount) {
- incrementCountOrThrow(uid, 1 /* numToIncrement */);
- }
- }
-
- private void incrementCountOrThrow(final int uid, final int numToIncrement) {
- final int newRequestCount =
- mUidToNetworkRequestCount.get(uid, 0) + numToIncrement;
- if (newRequestCount >= mMaxCountPerUid
- // HACK : the system server is allowed to go over the request count limit
- // when it is creating requests on behalf of another app (but not itself,
- // so it can still detect its own request leaks). This only happens in the
- // per-app API flows in which case the old requests for that particular
- // UID will be removed soon.
- // TODO : instead of this hack, addPerAppDefaultNetworkRequests and other
- // users of transact() should unregister the requests to decrease the count
- // before they increase it again by creating a new NRI. Then remove the
- // transact() method.
- && (Process.myUid() == uid || Process.myUid() != Binder.getCallingUid())) {
- throw new ServiceSpecificException(
- ConnectivityManager.Errors.TOO_MANY_REQUESTS,
- "Uid " + uid + " exceeded its allotted requests limit");
- }
- mUidToNetworkRequestCount.put(uid, newRequestCount);
- }
-
- /**
- * Decrements the request count of the given uid.
- *
- * @param uid the uid that the request was made under
- */
- public void decrementCount(final int uid) {
- synchronized (mUidToNetworkRequestCount) {
- decrementCount(uid, 1 /* numToDecrement */);
- }
- }
-
- private void decrementCount(final int uid, final int numToDecrement) {
- final int newRequestCount =
- mUidToNetworkRequestCount.get(uid, 0) - numToDecrement;
- if (newRequestCount < 0) {
- logwtf("BUG: too small request count " + newRequestCount + " for UID " + uid);
- } else if (newRequestCount == 0) {
- mUidToNetworkRequestCount.delete(uid);
- } else {
- mUidToNetworkRequestCount.put(uid, newRequestCount);
- }
- }
- }
-
- /**
* Dependencies of ConnectivityService, for injection in tests.
*/
@VisibleForTesting
@@ -1373,7 +1304,11 @@
/**
* @see CarrierPrivilegeAuthenticator
+ *
+ * This method returns null in versions before T, where carrier privilege
+ * authentication is not supported.
*/
+ @Nullable
public CarrierPrivilegeAuthenticator makeCarrierPrivilegeAuthenticator(
@NonNull final Context context, @NonNull final TelephonyManager tm) {
if (SdkLevel.isAtLeastT()) {
@@ -1393,11 +1328,11 @@
/**
* Get the BpfNetMaps implementation to use in ConnectivityService.
- * @param netd
+ * @param netd a netd binder
* @return BpfNetMaps implementation.
*/
- public BpfNetMaps getBpfNetMaps(INetd netd) {
- return new BpfNetMaps(netd);
+ public BpfNetMaps getBpfNetMaps(Context context, INetd netd) {
+ return new BpfNetMaps(context, netd);
}
/**
@@ -1477,11 +1412,15 @@
mNetIdManager = mDeps.makeNetIdManager();
mContext = Objects.requireNonNull(context, "missing Context");
mResources = deps.getResources(mContext);
- mNetworkRequestCounter = new PerUidCounter(MAX_NETWORK_REQUESTS_PER_UID);
- mSystemNetworkRequestCounter = new PerUidCounter(MAX_NETWORK_REQUESTS_PER_SYSTEM_UID);
+ // The legacy PerUidCounter is buggy and throwing exception at count == limit.
+ // Pass limit - 1 to maintain backward compatibility.
+ // TODO: Remove the workaround.
+ mNetworkRequestCounter =
+ new RequestInfoPerUidCounter(MAX_NETWORK_REQUESTS_PER_UID - 1);
+ mSystemNetworkRequestCounter =
+ new RequestInfoPerUidCounter(MAX_NETWORK_REQUESTS_PER_SYSTEM_UID - 1);
mMetricsLog = logger;
- mNetworkRanker = new NetworkRanker();
final NetworkRequest defaultInternetRequest = createDefaultRequest();
mDefaultRequest = new NetworkRequestInfo(
Process.myUid(), defaultInternetRequest, null,
@@ -1526,7 +1465,7 @@
mProxyTracker = mDeps.makeProxyTracker(mContext, mHandler);
mNetd = netd;
- mBpfNetMaps = mDeps.getBpfNetMaps(netd);
+ mBpfNetMaps = mDeps.getBpfNetMaps(mContext, netd);
mTelephonyManager = (TelephonyManager) mContext.getSystemService(Context.TELEPHONY_SERVICE);
mAppOpsManager = (AppOpsManager) mContext.getSystemService(Context.APP_OPS_SERVICE);
mLocationPermissionChecker = mDeps.makeLocationPermissionChecker(mContext);
@@ -1578,9 +1517,9 @@
mNetworkActivityTracker = new LegacyNetworkActivityTracker(mContext, mHandler, mNetd);
- mNetdCallback = new NetdCallback();
+ final NetdCallback netdCallback = new NetdCallback();
try {
- mNetd.registerUnsolicitedEventListener(mNetdCallback);
+ mNetd.registerUnsolicitedEventListener(netdCallback);
} catch (RemoteException | ServiceSpecificException e) {
loge("Error registering event listener :" + e);
}
@@ -1602,6 +1541,9 @@
mMultinetworkPolicyTracker = mDeps.makeMultinetworkPolicyTracker(
mContext, mHandler, () -> updateAvoidBadWifi());
+ mNetworkRanker =
+ new NetworkRanker(new NetworkRanker.Configuration(activelyPreferBadWifi()));
+
mMultinetworkPolicyTracker.start();
mDnsManager = new DnsManager(mContext, mDnsResolver);
@@ -1719,11 +1661,6 @@
mHandler.sendEmptyMessage(EVENT_INGRESS_RATE_LIMIT_CHANGED);
}
- private void handleAlwaysOnNetworkRequest(NetworkRequest networkRequest, int id) {
- final boolean enable = mContext.getResources().getBoolean(id);
- handleAlwaysOnNetworkRequest(networkRequest, enable);
- }
-
private void handleAlwaysOnNetworkRequest(
NetworkRequest networkRequest, String settingName, boolean defaultValue) {
final boolean enable = toBool(Settings.Global.getInt(
@@ -1766,12 +1703,12 @@
Settings.Global.getUriFor(Settings.Global.HTTP_PROXY),
EVENT_APPLY_GLOBAL_HTTP_PROXY);
- // Watch for whether or not to keep mobile data always on.
+ // Watch for whether to keep mobile data always on.
mSettingsObserver.observe(
Settings.Global.getUriFor(ConnectivitySettingsManager.MOBILE_DATA_ALWAYS_ON),
EVENT_CONFIGURE_ALWAYS_ON_NETWORKS);
- // Watch for whether or not to keep wifi always on.
+ // Watch for whether to keep wifi always on.
mSettingsObserver.observe(
Settings.Global.getUriFor(ConnectivitySettingsManager.WIFI_ALWAYS_REQUESTED),
EVENT_CONFIGURE_ALWAYS_ON_NETWORKS);
@@ -1801,6 +1738,7 @@
}
@VisibleForTesting
+ @Nullable
protected NetworkAgentInfo getNetworkAgentInfoForNetwork(Network network) {
if (network == null) {
return null;
@@ -1815,11 +1753,13 @@
}
// TODO: determine what to do when more than one VPN applies to |uid|.
+ @Nullable
private NetworkAgentInfo getVpnForUid(int uid) {
synchronized (mNetworkForNetId) {
for (int i = 0; i < mNetworkForNetId.size(); i++) {
final NetworkAgentInfo nai = mNetworkForNetId.valueAt(i);
- if (nai.isVPN() && nai.everConnected && nai.networkCapabilities.appliesToUid(uid)) {
+ if (nai.isVPN() && nai.everConnected()
+ && nai.networkCapabilities.appliesToUid(uid)) {
return nai;
}
}
@@ -1827,6 +1767,7 @@
return null;
}
+ @Nullable
private Network[] getVpnUnderlyingNetworks(int uid) {
if (mLockdownEnabled) return null;
final NetworkAgentInfo nai = getVpnForUid(uid);
@@ -1938,6 +1879,7 @@
* active
*/
@Override
+ @Nullable
public NetworkInfo getActiveNetworkInfo() {
enforceAccessPermission();
final int uid = mDeps.getCallingUid();
@@ -1949,17 +1891,20 @@
}
@Override
+ @Nullable
public Network getActiveNetwork() {
enforceAccessPermission();
return getActiveNetworkForUidInternal(mDeps.getCallingUid(), false);
}
@Override
+ @Nullable
public Network getActiveNetworkForUid(int uid, boolean ignoreBlocked) {
- PermissionUtils.enforceNetworkStackPermission(mContext);
+ enforceNetworkStackPermission(mContext);
return getActiveNetworkForUidInternal(uid, ignoreBlocked);
}
+ @Nullable
private Network getActiveNetworkForUidInternal(final int uid, boolean ignoreBlocked) {
final NetworkAgentInfo vpnNai = getVpnForUid(uid);
if (vpnNai != null) {
@@ -1978,8 +1923,9 @@
}
@Override
+ @Nullable
public NetworkInfo getActiveNetworkInfoForUid(int uid, boolean ignoreBlocked) {
- PermissionUtils.enforceNetworkStackPermission(mContext);
+ enforceNetworkStackPermission(mContext);
final NetworkAgentInfo nai = getNetworkAgentInfoForUid(uid);
if (nai == null) return null;
return getFilteredNetworkInfo(nai, uid, ignoreBlocked);
@@ -2014,6 +1960,7 @@
}
@Override
+ @Nullable
public NetworkInfo getNetworkInfo(int networkType) {
enforceAccessPermission();
final int uid = mDeps.getCallingUid();
@@ -2032,6 +1979,7 @@
}
@Override
+ @Nullable
public NetworkInfo getNetworkInfoForUid(Network network, int uid, boolean ignoreBlocked) {
enforceAccessPermission();
final NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network);
@@ -2054,6 +2002,7 @@
}
@Override
+ @Nullable
public Network getNetworkForType(int networkType) {
enforceAccessPermission();
if (!mLegacyTypeTracker.isTypeSupported(networkType)) {
@@ -2071,6 +2020,7 @@
}
@Override
+ @NonNull
public Network[] getAllNetworks() {
enforceAccessPermission();
synchronized (mNetworkForNetId) {
@@ -2518,7 +2468,7 @@
@Override
public NetworkState[] getAllNetworkState() {
// This contains IMSI details, so make sure the caller is privileged.
- PermissionUtils.enforceNetworkStackPermission(mContext);
+ enforceNetworkStackPermission(mContext);
final ArrayList<NetworkState> result = new ArrayList<>();
for (NetworkStateSnapshot snapshot : getAllNetworkStateSnapshots()) {
@@ -2531,7 +2481,7 @@
snapshot.getNetwork(), snapshot.getSubscriberId()));
}
}
- return result.toArray(new NetworkState[result.size()]);
+ return result.toArray(new NetworkState[0]);
}
@Override
@@ -2543,7 +2493,7 @@
final ArrayList<NetworkStateSnapshot> result = new ArrayList<>();
for (Network network : getAllNetworks()) {
final NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network);
- if (nai != null && nai.everConnected) {
+ if (nai != null && nai.everConnected()) {
// TODO (b/73321673) : NetworkStateSnapshot contains a copy of the
// NetworkCapabilities, which may contain UIDs of apps to which the
// network applies. Should the UIDs be cleared so as not to leak or
@@ -2629,7 +2579,7 @@
try {
addr = InetAddress.getByAddress(hostAddress);
} catch (UnknownHostException e) {
- if (DBG) log("requestRouteToHostAddress got " + e.toString());
+ if (DBG) log("requestRouteToHostAddress got " + e);
return false;
}
@@ -2640,7 +2590,7 @@
NetworkAgentInfo nai = mLegacyTypeTracker.getNetworkForType(networkType);
if (nai == null) {
- if (mLegacyTypeTracker.isTypeSupported(networkType) == false) {
+ if (!mLegacyTypeTracker.isTypeSupported(networkType)) {
if (DBG) log("requestRouteToHostAddress on unsupported network: " + networkType);
} else {
if (DBG) log("requestRouteToHostAddress on down network: " + networkType);
@@ -2733,7 +2683,7 @@
// the caller thread of registerNetworkAgent. Thus, it's not allowed to register netd
// event callback for certain nai. e.g. cellular. Register here to pass to
// NetworkMonitor instead.
- // TODO: Move the Dns Event to NetworkMonitor. NetdEventListenerService only allow one
+ // TODO: Move the Dns Event to NetworkMonitor. NetdEventListenerService only allows one
// callback from each caller type. Need to re-factor NetdEventListenerService to allow
// multiple NetworkMonitor registrants.
if (nai != null && nai.satisfies(mDefaultRequest.mRequests.get(0))) {
@@ -2783,15 +2733,6 @@
setUidBlockedReasons(uid, blockedReasons);
}
- private boolean checkAnyPermissionOf(String... permissions) {
- for (String permission : permissions) {
- if (mContext.checkCallingOrSelfPermission(permission) == PERMISSION_GRANTED) {
- return true;
- }
- }
- return false;
- }
-
private boolean checkAnyPermissionOf(int pid, int uid, String... permissions) {
for (String permission : permissions) {
if (mContext.checkPermission(permission, pid, uid) == PERMISSION_GRANTED) {
@@ -2801,13 +2742,6 @@
return false;
}
- private void enforceAnyPermissionOf(String... permissions) {
- if (!checkAnyPermissionOf(permissions)) {
- throw new SecurityException("Requires one of the following permissions: "
- + String.join(", ", permissions) + ".");
- }
- }
-
private void enforceInternetPermission() {
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.INTERNET,
@@ -2867,7 +2801,7 @@
}
private void enforceSettingsPermission() {
- enforceAnyPermissionOf(
+ enforceAnyPermissionOf(mContext,
android.Manifest.permission.NETWORK_SETTINGS,
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
}
@@ -2875,7 +2809,7 @@
private void enforceNetworkFactoryPermission() {
// TODO: Check for the BLUETOOTH_STACK permission once that is in the API surface.
if (UserHandle.getAppId(getCallingUid()) == Process.BLUETOOTH_UID) return;
- enforceAnyPermissionOf(
+ enforceAnyPermissionOf(mContext,
android.Manifest.permission.NETWORK_FACTORY,
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
}
@@ -2883,7 +2817,7 @@
private void enforceNetworkFactoryOrSettingsPermission() {
// TODO: Check for the BLUETOOTH_STACK permission once that is in the API surface.
if (UserHandle.getAppId(getCallingUid()) == Process.BLUETOOTH_UID) return;
- enforceAnyPermissionOf(
+ enforceAnyPermissionOf(mContext,
android.Manifest.permission.NETWORK_SETTINGS,
android.Manifest.permission.NETWORK_FACTORY,
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
@@ -2892,7 +2826,7 @@
private void enforceNetworkFactoryOrTestNetworksPermission() {
// TODO: Check for the BLUETOOTH_STACK permission once that is in the API surface.
if (UserHandle.getAppId(getCallingUid()) == Process.BLUETOOTH_UID) return;
- enforceAnyPermissionOf(
+ enforceAnyPermissionOf(mContext,
android.Manifest.permission.MANAGE_TEST_NETWORKS,
android.Manifest.permission.NETWORK_FACTORY,
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
@@ -2909,7 +2843,7 @@
}
private boolean checkSettingsPermission() {
- return checkAnyPermissionOf(
+ return PermissionUtils.checkAnyPermissionOf(mContext,
android.Manifest.permission.NETWORK_SETTINGS,
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
}
@@ -2922,27 +2856,21 @@
}
private void enforceNetworkStackOrSettingsPermission() {
- enforceAnyPermissionOf(
- android.Manifest.permission.NETWORK_SETTINGS,
- android.Manifest.permission.NETWORK_STACK,
- NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
+ enforceNetworkStackPermissionOr(mContext,
+ android.Manifest.permission.NETWORK_SETTINGS);
}
private void enforceNetworkStackSettingsOrSetup() {
- enforceAnyPermissionOf(
+ enforceNetworkStackPermissionOr(mContext,
android.Manifest.permission.NETWORK_SETTINGS,
- android.Manifest.permission.NETWORK_SETUP_WIZARD,
- android.Manifest.permission.NETWORK_STACK,
- NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
+ android.Manifest.permission.NETWORK_SETUP_WIZARD);
}
private void enforceAirplaneModePermission() {
- enforceAnyPermissionOf(
+ enforceNetworkStackPermissionOr(mContext,
android.Manifest.permission.NETWORK_AIRPLANE_MODE,
android.Manifest.permission.NETWORK_SETTINGS,
- android.Manifest.permission.NETWORK_SETUP_WIZARD,
- android.Manifest.permission.NETWORK_STACK,
- NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
+ android.Manifest.permission.NETWORK_SETUP_WIZARD);
}
private void enforceOemNetworkPreferencesPermission() {
@@ -2958,7 +2886,7 @@
}
private boolean checkNetworkStackPermission() {
- return checkAnyPermissionOf(
+ return PermissionUtils.checkAnyPermissionOf(mContext,
android.Manifest.permission.NETWORK_STACK,
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
}
@@ -3120,11 +3048,17 @@
mHandler.sendMessage(mHandler.obtainMessage(EVENT_CONFIGURE_ALWAYS_ON_NETWORKS));
// Update mobile data preference if necessary.
- // Note that empty uid list can be skip here only because no uid rules applied before system
- // ready. Normally, the empty uid list means to clear the uids rules on netd.
+ // Note that updating can be skipped here if the list is empty only because no uid
+ // rules are applied before system ready. Normally, the empty uid list means to clear
+ // the uids rules on netd.
if (!ConnectivitySettingsManager.getMobileDataPreferredUids(mContext).isEmpty()) {
updateMobileDataPreferredUids();
}
+
+ // On T+ devices, register callback for statsd to pull NETWORK_BPF_MAP_INFO atom
+ if (SdkLevel.isAtLeastT()) {
+ mBpfNetMaps.setPullAtomCallback(mContext);
+ }
}
/**
@@ -3235,7 +3169,7 @@
}
private void dumpNetworkDiagnostics(IndentingPrintWriter pw) {
- final List<NetworkDiagnostics> netDiags = new ArrayList<NetworkDiagnostics>();
+ final List<NetworkDiagnostics> netDiags = new ArrayList<>();
final long DIAG_TIME_MS = 5000;
for (NetworkAgentInfo nai : networksSortedById()) {
PrivateDnsConfig privateDnsCfg = mDnsManager.getPrivateDnsConfig(nai.network);
@@ -3428,6 +3362,10 @@
for (NetworkAgentInfo nai : networksSortedById()) {
pw.println(nai.toString());
pw.increaseIndent();
+ pw.println("Nat464Xlat:");
+ pw.increaseIndent();
+ nai.dumpNat464Xlat(pw);
+ pw.decreaseIndent();
pw.println(String.format(
"Requests: REQUEST:%d LISTEN:%d BACKGROUND_REQUEST:%d total:%d",
nai.numForegroundNetworkRequests(),
@@ -3443,10 +3381,6 @@
pw.increaseIndent();
nai.dumpInactivityTimers(pw);
pw.decreaseIndent();
- pw.println("Nat464Xlat:");
- pw.increaseIndent();
- nai.dumpNat464Xlat(pw);
- pw.decreaseIndent();
pw.decreaseIndent();
}
}
@@ -3606,17 +3540,17 @@
}
// If the network has been destroyed, the only thing that it can do is disconnect.
- if (nai.destroyed && !isDisconnectRequest(msg)) {
+ if (nai.isDestroyed() && !isDisconnectRequest(msg)) {
return;
}
switch (msg.what) {
case NetworkAgent.EVENT_NETWORK_CAPABILITIES_CHANGED: {
- final NetworkCapabilities networkCapabilities = new NetworkCapabilities(
- (NetworkCapabilities) arg.second);
- maybeUpdateWifiRoamTimestamp(nai, networkCapabilities);
- processCapabilitiesFromAgent(nai, networkCapabilities);
- updateCapabilities(nai.getCurrentScore(), nai, networkCapabilities);
+ nai.setDeclaredCapabilities((NetworkCapabilities) arg.second);
+ final NetworkCapabilities sanitized =
+ nai.getDeclaredCapabilitiesSanitized(mCarrierPrivilegeAuthenticator);
+ maybeUpdateWifiRoamTimestamp(nai, sanitized);
+ updateCapabilities(nai.getScore(), nai, sanitized);
break;
}
case NetworkAgent.EVENT_NETWORK_PROPERTIES_CHANGED: {
@@ -3635,7 +3569,7 @@
break;
}
case NetworkAgent.EVENT_SET_EXPLICITLY_SELECTED: {
- if (nai.everConnected) {
+ if (nai.everConnected()) {
loge("ERROR: cannot call explicitlySelected on already-connected network");
// Note that if the NAI had been connected, this would affect the
// score, and therefore would require re-mixing the score and performing
@@ -3765,7 +3699,7 @@
final int netId = msg.arg2;
final NetworkAgentInfo nai = getNetworkAgentInfoForNetId(netId);
// If a network has already been destroyed, all NetworkMonitor updates are ignored.
- if (nai != null && nai.destroyed) return true;
+ if (nai != null && nai.isDestroyed()) return true;
switch (msg.what) {
default:
return false;
@@ -3814,19 +3748,6 @@
case EVENT_PROVISIONING_NOTIFICATION: {
final boolean visible = toBool(msg.arg1);
// If captive portal status has changed, update capabilities or disconnect.
- if (nai != null && (visible != nai.lastCaptivePortalDetected)) {
- nai.lastCaptivePortalDetected = visible;
- nai.everCaptivePortalDetected |= visible;
- if (nai.lastCaptivePortalDetected &&
- ConnectivitySettingsManager.CAPTIVE_PORTAL_MODE_AVOID
- == getCaptivePortalMode()) {
- if (DBG) log("Avoiding captive portal network: " + nai.toShortString());
- nai.onPreventAutomaticReconnect();
- teardownUnneededNetwork(nai);
- break;
- }
- updateCapabilitiesForNetwork(nai);
- }
if (!visible) {
// Only clear SIGN_IN and NETWORK_SWITCH notifications here, or else other
// notifications belong to the same network may be cleared unexpectedly.
@@ -3862,7 +3783,22 @@
private void handleNetworkTested(
@NonNull NetworkAgentInfo nai, int testResult, @NonNull String redirectUrl) {
- final boolean valid = ((testResult & NETWORK_VALIDATION_RESULT_VALID) != 0);
+ final boolean valid = (testResult & NETWORK_VALIDATION_RESULT_VALID) != 0;
+ final boolean partial = (testResult & NETWORK_VALIDATION_RESULT_PARTIAL) != 0;
+ final boolean portal = !TextUtils.isEmpty(redirectUrl);
+
+ // If there is any kind of working networking, then the NAI has been evaluated
+ // once. {@see NetworkAgentInfo#setEvaluated}, which returns whether this is
+ // the first time this ever happened.
+ final boolean someConnectivity = (valid || partial || portal);
+ final boolean becameEvaluated = someConnectivity && nai.setEvaluated();
+ // Because of b/245893397, if the score is updated when updateCapabilities is called,
+ // any callback that receives onAvailable for that rematch receives an extra caps
+ // callback. To prevent that, update the score in the agent so the updates below won't
+ // see an update to both caps and score at the same time.
+ // TODO : fix b/245893397 and remove this.
+ if (becameEvaluated) nai.updateScoreForNetworkAgentUpdate();
+
if (!valid && shouldIgnoreValidationFailureAfterRoam(nai)) {
// Assume the validation failure is due to a temporary failure after roaming
// and ignore it. NetworkMonitor will continue to retry validation. If it
@@ -3871,12 +3807,14 @@
return;
}
- final boolean wasValidated = nai.lastValidated;
- final boolean wasDefault = isDefaultNetwork(nai);
- final boolean wasPartial = nai.partialConnectivity;
- nai.partialConnectivity = ((testResult & NETWORK_VALIDATION_RESULT_PARTIAL) != 0);
- final boolean partialConnectivityChanged =
- (wasPartial != nai.partialConnectivity);
+ final boolean wasValidated = nai.isValidated();
+ final boolean wasPartial = nai.partialConnectivity();
+ final boolean wasPortal = nai.captivePortalDetected();
+ nai.setPartialConnectivity(partial);
+ nai.setCaptivePortalDetected(portal);
+ nai.updateScoreForNetworkAgentUpdate();
+ final boolean partialConnectivityChanged = (wasPartial != partial);
+ final boolean portalChanged = (wasPortal != portal);
if (DBG) {
final String logMsg = !TextUtils.isEmpty(redirectUrl)
@@ -3884,10 +3822,9 @@
: "";
log(nai.toShortString() + " validation " + (valid ? "passed" : "failed") + logMsg);
}
- if (valid != nai.lastValidated) {
- final int oldScore = nai.getCurrentScore();
- nai.lastValidated = valid;
- nai.everValidated |= valid;
+ if (valid != wasValidated) {
+ final FullScore oldScore = nai.getScore();
+ nai.setValidated(valid);
updateCapabilities(oldScore, nai, nai.networkCapabilities);
if (valid) {
handleFreshlyValidatedNetwork(nai);
@@ -3908,8 +3845,23 @@
}
} else if (partialConnectivityChanged) {
updateCapabilitiesForNetwork(nai);
+ } else if (portalChanged) {
+ if (portal && ConnectivitySettingsManager.CAPTIVE_PORTAL_MODE_AVOID
+ == getCaptivePortalMode()) {
+ if (DBG) log("Avoiding captive portal network: " + nai.toShortString());
+ nai.onPreventAutomaticReconnect();
+ teardownUnneededNetwork(nai);
+ return;
+ } else {
+ updateCapabilitiesForNetwork(nai);
+ }
+ } else if (becameEvaluated) {
+ // If valid or partial connectivity changed, updateCapabilities* has
+ // done the rematch.
+ rematchAllNetworksAndRequests();
}
updateInetCondition(nai);
+
// Let the NetworkAgent know the state of its network
// TODO: Evaluate to update partial connectivity to status to NetworkAgent.
nai.onValidationStatusChanged(
@@ -3917,16 +3869,16 @@
redirectUrl);
// If NetworkMonitor detects partial connectivity before
- // EVENT_PROMPT_UNVALIDATED arrives, show the partial connectivity notification
+ // EVENT_INITIAL_EVALUATION_TIMEOUT arrives, show the partial connectivity notification
// immediately. Re-notify partial connectivity silently if no internet
// notification already there.
- if (!wasPartial && nai.partialConnectivity) {
+ if (!wasPartial && nai.partialConnectivity()) {
// Remove delayed message if there is a pending message.
- mHandler.removeMessages(EVENT_PROMPT_UNVALIDATED, nai.network);
- handlePromptUnvalidated(nai.network);
+ mHandler.removeMessages(EVENT_INITIAL_EVALUATION_TIMEOUT, nai.network);
+ handleInitialEvaluationTimeout(nai.network);
}
- if (wasValidated && !nai.lastValidated) {
+ if (wasValidated && !nai.isValidated()) {
handleNetworkUnvalidated(nai);
}
}
@@ -3961,7 +3913,7 @@
}
@Override
- public void handleMessage(Message msg) {
+ public void handleMessage(@NonNull Message msg) {
if (!maybeHandleNetworkMonitorMessage(msg)
&& !maybeHandleNetworkAgentInfoMessage(msg)) {
maybeHandleNetworkAgentMessage(msg);
@@ -4273,7 +4225,7 @@
}
private static boolean shouldDestroyNativeNetwork(@NonNull NetworkAgentInfo nai) {
- return nai.created && !nai.destroyed;
+ return nai.isCreated() && !nai.isDestroyed();
}
private boolean shouldIgnoreValidationFailureAfterRoam(NetworkAgentInfo nai) {
@@ -4283,8 +4235,8 @@
R.integer.config_validationFailureAfterRoamIgnoreTimeMillis));
if (blockTimeOut <= MAX_VALIDATION_FAILURE_BLOCKING_TIME_MS
&& blockTimeOut >= 0) {
- final long currentTimeMs = SystemClock.elapsedRealtime();
- long timeSinceLastRoam = currentTimeMs - nai.lastRoamTimestamp;
+ final long currentTimeMs = SystemClock.elapsedRealtime();
+ long timeSinceLastRoam = currentTimeMs - nai.lastRoamTime;
if (timeSinceLastRoam <= blockTimeOut) {
log ("blocked because only " + timeSinceLastRoam + "ms after roam");
return true;
@@ -4388,7 +4340,7 @@
}
// Delayed teardown.
- if (nai.created) {
+ if (nai.isCreated()) {
try {
mNetd.networkSetPermissionForNetwork(nai.network.netId, INetd.PERMISSION_SYSTEM);
} catch (RemoteException e) {
@@ -4409,7 +4361,7 @@
// for an unnecessarily long time.
destroyNativeNetwork(nai);
}
- if (!nai.created && !SdkLevel.isAtLeastT()) {
+ if (!nai.isCreated() && !SdkLevel.isAtLeastT()) {
// Backwards compatibility: send onNetworkDestroyed even if network was never created.
// This can never run if the code above runs because shouldDestroyNativeNetwork is
// false if the network was never created.
@@ -4430,12 +4382,14 @@
}
config = new NativeNetworkConfig(nai.network.getNetId(), NativeNetworkType.VIRTUAL,
INetd.PERMISSION_NONE,
- (nai.networkAgentConfig == null || !nai.networkAgentConfig.allowBypass),
+ !nai.networkAgentConfig.allowBypass /* secure */,
getVpnType(nai), nai.networkAgentConfig.excludeLocalRouteVpn);
} else {
config = new NativeNetworkConfig(nai.network.getNetId(), NativeNetworkType.PHYSICAL,
- getNetworkPermission(nai.networkCapabilities), /*secure=*/ false,
- VpnManager.TYPE_VPN_NONE, /*excludeLocalRoutes=*/ false);
+ getNetworkPermission(nai.networkCapabilities),
+ false /* secure */,
+ VpnManager.TYPE_VPN_NONE,
+ false /* excludeLocalRoutes */);
}
mNetd.networkCreate(config);
mDnsResolver.createNetworkCache(nai.network.getNetId());
@@ -4468,11 +4422,11 @@
mDnsManager.removeNetwork(nai.network);
// clean up tc police filters on interface.
- if (nai.everConnected && canNetworkBeRateLimited(nai) && mIngressRateLimit >= 0) {
+ if (nai.everConnected() && canNetworkBeRateLimited(nai) && mIngressRateLimit >= 0) {
mDeps.disableIngressRateLimit(nai.linkProperties.getInterfaceName());
}
- nai.destroyed = true;
+ nai.setDestroyed();
nai.onNetworkDestroyed();
}
@@ -4601,7 +4555,7 @@
private boolean unneeded(NetworkAgentInfo nai, UnneededFor reason) {
ensureRunningOnConnectivityServiceThread();
- if (!nai.everConnected || nai.isVPN() || nai.isInactive()
+ if (!nai.everConnected() || nai.isVPN() || nai.isInactive()
|| nai.getScore().getKeepConnectedReason() != NetworkScore.KEEP_CONNECTED_NONE) {
return false;
}
@@ -4656,7 +4610,7 @@
if (req.isListen() || req.isListenForBest()) {
continue;
}
- // If this Network is already the highest scoring Network for a request, or if
+ // If this Network is already the best Network for a request, or if
// there is hope for it to become one if it validated, then it is needed.
if (candidate.satisfies(req)) {
// As soon as a network is found that satisfies a request, return. Specifically for
@@ -4778,7 +4732,7 @@
}
}
}
- nri.decrementRequestCount();
+ nri.mPerUidCounter.decrementCount(nri.mUid);
mNetworkRequestInfoLogs.log("RELEASE " + nri);
checkNrisConsistency(nri);
@@ -4881,7 +4835,7 @@
}
}
- private PerUidCounter getRequestCounter(NetworkRequestInfo nri) {
+ private RequestInfoPerUidCounter getRequestCounter(NetworkRequestInfo nri) {
return checkAnyPermissionOf(
nri.mPid, nri.mUid, NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK)
? mSystemNetworkRequestCounter : mNetworkRequestCounter;
@@ -4933,7 +4887,7 @@
return;
}
- if (nai.everValidated) {
+ if (nai.everValidated()) {
// The network validated while the dialog box was up. Take no action.
return;
}
@@ -4978,7 +4932,7 @@
return;
}
- if (nai.lastValidated) {
+ if (nai.isValidated()) {
// The network validated while the dialog box was up. Take no action.
return;
}
@@ -5010,22 +4964,22 @@
private void handleSetAvoidUnvalidated(Network network) {
NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network);
- if (nai == null || nai.lastValidated) {
+ if (nai == null || nai.isValidated()) {
// Nothing to do. The network either disconnected or revalidated.
return;
}
- if (!nai.avoidUnvalidated) {
- nai.avoidUnvalidated = true;
+ if (0L == nai.getAvoidUnvalidated()) {
+ nai.setAvoidUnvalidated();
nai.updateScoreForNetworkAgentUpdate();
rematchAllNetworksAndRequests();
}
}
- private void scheduleUnvalidatedPrompt(NetworkAgentInfo nai) {
- if (VDBG) log("scheduleUnvalidatedPrompt " + nai.network);
+ /** Schedule evaluation timeout */
+ @VisibleForTesting
+ public void scheduleEvaluationTimeout(@NonNull final Network network, final long delayMs) {
mHandler.sendMessageDelayed(
- mHandler.obtainMessage(EVENT_PROMPT_UNVALIDATED, nai.network),
- PROMPT_UNVALIDATED_DELAY_MS);
+ mHandler.obtainMessage(EVENT_INITIAL_EVALUATION_TIMEOUT, network), delayMs);
}
@Override
@@ -5110,6 +5064,10 @@
return mMultinetworkPolicyTracker.getAvoidBadWifi();
}
+ private boolean activelyPreferBadWifi() {
+ return mMultinetworkPolicyTracker.getActivelyPreferBadWifi();
+ }
+
/**
* Return whether the device should maintain continuous, working connectivity by switching away
* from WiFi networks having no connectivity.
@@ -5125,14 +5083,21 @@
private void updateAvoidBadWifi() {
ensureRunningOnConnectivityServiceThread();
// Agent info scores and offer scores depend on whether cells yields to bad wifi.
+ final boolean avoidBadWifi = avoidBadWifi();
for (final NetworkAgentInfo nai : mNetworkAgentInfos) {
nai.updateScoreForNetworkAgentUpdate();
+ if (avoidBadWifi) {
+ // If the device is now avoiding bad wifi, remove notifications that might have
+ // been put up when the device didn't.
+ mNotifier.clearNotification(nai.network.getNetId(), NotificationType.LOST_INTERNET);
+ }
}
// UpdateOfferScore will update mNetworkOffers inline, so make a copy first.
final ArrayList<NetworkOfferInfo> offersToUpdate = new ArrayList<>(mNetworkOffers);
for (final NetworkOfferInfo noi : offersToUpdate) {
updateOfferScore(noi.offer);
}
+ mNetworkRanker.setConfiguration(new NetworkRanker.Configuration(activelyPreferBadWifi()));
rematchAllNetworksAndRequests();
}
@@ -5147,25 +5112,36 @@
pw.println("Bad Wi-Fi avoidance: " + avoidBadWifi());
pw.increaseIndent();
- pw.println("Config restrict: " + configRestrict);
+ pw.println("Config restrict: " + configRestrict);
+ pw.println("Actively prefer bad wifi: " + activelyPreferBadWifi());
- final String value = mMultinetworkPolicyTracker.getAvoidBadWifiSetting();
+ final String settingValue = mMultinetworkPolicyTracker.getAvoidBadWifiSetting();
String description;
// Can't use a switch statement because strings are legal case labels, but null is not.
- if ("0".equals(value)) {
+ if ("0".equals(settingValue)) {
description = "get stuck";
- } else if (value == null) {
+ } else if (settingValue == null) {
description = "prompt";
- } else if ("1".equals(value)) {
+ } else if ("1".equals(settingValue)) {
description = "avoid";
} else {
- description = value + " (?)";
+ description = settingValue + " (?)";
}
- pw.println("User setting: " + description);
+ pw.println("Avoid bad wifi setting: " + description);
+ final Boolean configValue = mMultinetworkPolicyTracker.deviceConfigActivelyPreferBadWifi();
+ if (null == configValue) {
+ description = "unset";
+ } else if (configValue) {
+ description = "force true";
+ } else {
+ description = "force false";
+ }
+ pw.println("Actively prefer bad wifi conf: " + description);
+ pw.println();
pw.println("Network overrides:");
pw.increaseIndent();
for (NetworkAgentInfo nai : networksSortedById()) {
- if (nai.avoidUnvalidated) {
+ if (0L != nai.getAvoidUnvalidated()) {
pw.println(nai.toShortString());
}
}
@@ -5236,7 +5212,7 @@
private boolean shouldPromptUnvalidated(NetworkAgentInfo nai) {
// Don't prompt if the network is validated, and don't prompt on captive portals
// because we're already prompting the user to sign in.
- if (nai.everValidated || nai.everCaptivePortalDetected) {
+ if (nai.everValidated() || nai.everCaptivePortalDetected()) {
return false;
}
@@ -5244,8 +5220,8 @@
// partial connectivity and selected don't ask again. This ensures that if the device
// automatically connects to a network that has partial Internet access, the user will
// always be able to use it, either because they've already chosen "don't ask again" or
- // because we have prompt them.
- if (nai.partialConnectivity && !nai.networkAgentConfig.acceptPartialConnectivity) {
+ // because we have prompted them.
+ if (nai.partialConnectivity() && !nai.networkAgentConfig.acceptPartialConnectivity) {
return true;
}
@@ -5260,24 +5236,39 @@
return false;
}
- private void handlePromptUnvalidated(Network network) {
- if (VDBG || DDBG) log("handlePromptUnvalidated " + network);
- NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network);
+ private void handleInitialEvaluationTimeout(@NonNull final Network network) {
+ if (VDBG || DDBG) log("handleInitialEvaluationTimeout " + network);
- if (nai == null || !shouldPromptUnvalidated(nai)) {
- return;
+ NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network);
+ if (null == nai) return;
+
+ if (nai.setEvaluated()) {
+ // If setEvaluated() returned true, the network never had any form of connectivity.
+ // This may have an impact on request matching if bad WiFi avoidance is off and the
+ // network was found not to have Internet access.
+ nai.updateScoreForNetworkAgentUpdate();
+ rematchAllNetworksAndRequests();
+
+ // Also, if this is WiFi and it should be preferred actively, now is the time to
+ // prompt the user that they walked past and connected to a bad WiFi.
+ if (nai.networkCapabilities.hasTransport(TRANSPORT_WIFI)
+ && !avoidBadWifi()
+ && activelyPreferBadWifi()) {
+ // The notification will be removed if the network validates or disconnects.
+ showNetworkNotification(nai, NotificationType.LOST_INTERNET);
+ return;
+ }
}
+ if (!shouldPromptUnvalidated(nai)) return;
+
// Stop automatically reconnecting to this network in the future. Automatically connecting
// to a network that provides no or limited connectivity is not useful, because the user
// cannot use that network except through the notification shown by this method, and the
// notification is only shown if the network is explicitly selected by the user.
nai.onPreventAutomaticReconnect();
- // TODO: Evaluate if it's needed to wait 8 seconds for triggering notification when
- // NetworkMonitor detects the network is partial connectivity. Need to change the design to
- // popup the notification immediately when the network is partial connectivity.
- if (nai.partialConnectivity) {
+ if (nai.partialConnectivity()) {
showNetworkNotification(nai, NotificationType.PARTIAL_CONNECTIVITY);
} else {
showNetworkNotification(nai, NotificationType.NO_INTERNET);
@@ -5415,8 +5406,8 @@
handleSetAvoidUnvalidated((Network) msg.obj);
break;
}
- case EVENT_PROMPT_UNVALIDATED: {
- handlePromptUnvalidated((Network) msg.obj);
+ case EVENT_INITIAL_EVALUATION_TIMEOUT: {
+ handleInitialEvaluationTimeout((Network) msg.obj);
break;
}
case EVENT_CONFIGURE_ALWAYS_ON_NETWORKS: {
@@ -5631,7 +5622,7 @@
return;
}
// Revalidate if the app report does not match our current validated state.
- if (hasConnectivity == nai.lastValidated) {
+ if (hasConnectivity == nai.isValidated()) {
mConnectivityDiagnosticsHandler.sendMessage(
mConnectivityDiagnosticsHandler.obtainMessage(
ConnectivityDiagnosticsHandler.EVENT_NETWORK_CONNECTIVITY_REPORTED,
@@ -5645,7 +5636,7 @@
}
// Validating a network that has not yet connected could result in a call to
// rematchNetworkAndRequests() which is not meant to work on such networks.
- if (!nai.everConnected) {
+ if (!nai.everConnected()) {
return;
}
final NetworkCapabilities nc = getNetworkCapabilitiesInternal(nai);
@@ -5742,7 +5733,7 @@
@Override
public void setGlobalProxy(@Nullable final ProxyInfo proxyProperties) {
- PermissionUtils.enforceNetworkStackPermission(mContext);
+ enforceNetworkStackPermission(mContext);
mProxyTracker.setGlobalProxy(proxyProperties);
}
@@ -6251,7 +6242,7 @@
final String mCallingAttributionTag;
// Counter keeping track of this NRI.
- final PerUidCounter mPerUidCounter;
+ final RequestInfoPerUidCounter mPerUidCounter;
// Effective UID of this request. This is different from mUid when a privileged process
// files a request on behalf of another UID. This UID is used to determine blocked status,
@@ -6359,7 +6350,7 @@
if (null != satisfier) {
// If the old NRI was satisfied by an NAI, then it may have had an active request.
// The active request is necessary to figure out what callbacks to send, in
- // particular then a network updates its capabilities.
+ // particular when a network updates its capabilities.
// As this code creates a new NRI with a new set of requests, figure out which of
// the list of requests should be the active request. It is always the first
// request of the list that can be satisfied by the satisfier since the order of
@@ -6417,10 +6408,6 @@
return Collections.unmodifiableList(tempRequests);
}
- void decrementRequestCount() {
- mPerUidCounter.decrementCount(mUid);
- }
-
void linkDeathRecipient() {
if (null != mBinder) {
try {
@@ -6482,6 +6469,38 @@
}
}
+ // Keep backward compatibility since the ServiceSpecificException is used by
+ // the API surface, see {@link ConnectivityManager#convertServiceException}.
+ public static class RequestInfoPerUidCounter extends PerUidCounter {
+ RequestInfoPerUidCounter(int maxCountPerUid) {
+ super(maxCountPerUid);
+ }
+
+ @Override
+ public synchronized void incrementCountOrThrow(int uid) {
+ try {
+ super.incrementCountOrThrow(uid);
+ } catch (IllegalStateException e) {
+ throw new ServiceSpecificException(
+ ConnectivityManager.Errors.TOO_MANY_REQUESTS,
+ "Uid " + uid + " exceeded its allotted requests limit");
+ }
+ }
+
+ @Override
+ public synchronized void decrementCountOrThrow(int uid) {
+ throw new UnsupportedOperationException("Use decrementCount instead.");
+ }
+
+ public synchronized void decrementCount(int uid) {
+ try {
+ super.decrementCountOrThrow(uid);
+ } catch (IllegalStateException e) {
+ logwtf("Exception when decrement per uid request count: ", e);
+ }
+ }
+ }
+
// This checks that the passed capabilities either do not request a
// specific SSID/SignalStrength, or the calling app has permission to do so.
private void ensureSufficientPermissionsForRequest(NetworkCapabilities nc,
@@ -6969,6 +6988,7 @@
@Override
public void unofferNetwork(@NonNull final INetworkOfferCallback callback) {
+ Objects.requireNonNull(callback);
mHandler.sendMessage(mHandler.obtainMessage(EVENT_UNREGISTER_NETWORK_OFFER, callback));
}
@@ -7274,8 +7294,7 @@
* later : see {@link #updateLinkProperties}.
* @param networkCapabilities the initial capabilites of this network. They can be updated
* later : see {@link #updateCapabilities}.
- * @param initialScore the initial score of the network. See
- * {@link NetworkAgentInfo#getCurrentScore}.
+ * @param initialScore the initial score of the network. See {@link NetworkAgentInfo#getScore}.
* @param networkAgentConfig metadata about the network. This is never updated.
* @param providerId the ID of the provider owning this NetworkAgent.
* @return the network created for this agent.
@@ -7290,7 +7309,7 @@
Objects.requireNonNull(initialScore, "initialScore must not be null");
Objects.requireNonNull(networkAgentConfig, "networkAgentConfig must not be null");
if (networkCapabilities.hasTransport(TRANSPORT_TEST)) {
- enforceAnyPermissionOf(Manifest.permission.MANAGE_TEST_NETWORKS);
+ enforceAnyPermissionOf(mContext, Manifest.permission.MANAGE_TEST_NETWORKS);
} else {
enforceNetworkFactoryPermission();
}
@@ -7310,18 +7329,23 @@
NetworkScore currentScore, NetworkAgentConfig networkAgentConfig, int providerId,
int uid) {
+ // Make a copy of the passed NI, LP, NC as the caller may hold a reference to them
+ // and mutate them at any time.
+ final NetworkInfo niCopy = new NetworkInfo(networkInfo);
+ final NetworkCapabilities ncCopy = new NetworkCapabilities(networkCapabilities);
+ final LinkProperties lpCopy = new LinkProperties(linkProperties);
+
// At this point the capabilities/properties are untrusted and unverified, e.g. checks that
- // the capabilities' access UID comply with security limitations. They will be sanitized
+ // the capabilities' access UIDs comply with security limitations. They will be sanitized
// as the NAI registration finishes, in handleRegisterNetworkAgent(). This is
// because some of the checks must happen on the handler thread.
final NetworkAgentInfo nai = new NetworkAgentInfo(na,
- new Network(mNetIdManager.reserveNetId()), new NetworkInfo(networkInfo),
- linkProperties, networkCapabilities,
+ new Network(mNetIdManager.reserveNetId()), niCopy, lpCopy, ncCopy,
currentScore, mContext, mTrackerHandler, new NetworkAgentConfig(networkAgentConfig),
this, mNetd, mDnsResolver, providerId, uid, mLingerDelayMs,
mQosCallbackTracker, mDeps);
- final String extraInfo = networkInfo.getExtraInfo();
+ final String extraInfo = niCopy.getExtraInfo();
final String name = TextUtils.isEmpty(extraInfo)
? nai.networkCapabilities.getSsid() : extraInfo;
if (DBG) log("registerNetworkAgent " + nai);
@@ -7336,16 +7360,12 @@
private void handleRegisterNetworkAgent(NetworkAgentInfo nai, INetworkMonitor networkMonitor) {
if (VDBG) log("Network Monitor created for " + nai);
- // nai.nc and nai.lp are the same object that was passed by the network agent if the agent
- // lives in the same process as this code (e.g. wifi), so make sure this code doesn't
- // mutate their object
- final NetworkCapabilities nc = new NetworkCapabilities(nai.networkCapabilities);
- final LinkProperties lp = new LinkProperties(nai.linkProperties);
- // Make sure the LinkProperties and NetworkCapabilities reflect what the agent info says.
- processCapabilitiesFromAgent(nai, nc);
- nai.getAndSetNetworkCapabilities(mixInCapabilities(nai, nc));
- processLinkPropertiesFromAgent(nai, lp);
- nai.linkProperties = lp;
+ // Store a copy of the declared capabilities.
+ nai.setDeclaredCapabilities(nai.networkCapabilities);
+ // Make sure the LinkProperties and NetworkCapabilities reflect what the agent info said.
+ nai.getAndSetNetworkCapabilities(mixInCapabilities(nai,
+ nai.getDeclaredCapabilitiesSanitized(mCarrierPrivilegeAuthenticator)));
+ processLinkPropertiesFromAgent(nai, nai.linkProperties);
nai.onNetworkMonitorCreated(networkMonitor);
@@ -7516,9 +7536,7 @@
notifyIfacesChangedForNetworkStats();
networkAgent.networkMonitor().notifyLinkPropertiesChanged(
new LinkProperties(newLp, true /* parcelSensitiveFields */));
- if (networkAgent.everConnected) {
- notifyNetworkCallbacks(networkAgent, ConnectivityManager.CALLBACK_IP_CHANGED);
- }
+ notifyNetworkCallbacks(networkAgent, ConnectivityManager.CALLBACK_IP_CHANGED);
}
mKeepaliveTracker.handleCheckKeepalivesStillValid(networkAgent);
@@ -7767,10 +7785,6 @@
// when the old rules are removed and the time when new rules are added. To fix this,
// make eBPF support two allowlisted interfaces so here new rules can be added before the
// old rules are being removed.
-
- // Null iface given to onVpnUidRangesAdded/Removed is a wildcard to allow apps to receive
- // packets on all interfaces. This is required to accept incoming traffic in Lockdown mode
- // by overriding the Lockdown blocking rule.
if (wasFiltering) {
mPermissionMonitor.onVpnUidRangesRemoved(oldIface, ranges, vpnAppUid);
}
@@ -7801,7 +7815,7 @@
@NonNull final NetworkCapabilities newNc) {
final int oldPermission = getNetworkPermission(nai.networkCapabilities);
final int newPermission = getNetworkPermission(newNc);
- if (oldPermission != newPermission && nai.created && !nai.isVPN()) {
+ if (oldPermission != newPermission && nai.isCreated() && !nai.isVPN()) {
try {
mNetd.networkSetPermissionForNetwork(nai.network.getNetId(), newPermission);
} catch (RemoteException | ServiceSpecificException e) {
@@ -7810,31 +7824,6 @@
}
}
- /**
- * Called when receiving NetworkCapabilities directly from a NetworkAgent.
- * Stores into |nai| any data coming from the agent that might also be written to the network's
- * NetworkCapabilities by ConnectivityService itself. This ensures that the data provided by the
- * agent is not lost when updateCapabilities is called.
- */
- private void processCapabilitiesFromAgent(NetworkAgentInfo nai, NetworkCapabilities nc) {
- if (nc.hasConnectivityManagedCapability()) {
- Log.wtf(TAG, "BUG: " + nai + " has CS-managed capability.");
- }
- // Note: resetting the owner UID before storing the agent capabilities in NAI means that if
- // the agent attempts to change the owner UID, then nai.declaredCapabilities will not
- // actually be the same as the capabilities sent by the agent. Still, it is safer to reset
- // the owner UID here and behave as if the agent had never tried to change it.
- if (nai.networkCapabilities.getOwnerUid() != nc.getOwnerUid()) {
- Log.e(TAG, nai.toShortString() + ": ignoring attempt to change owner from "
- + nai.networkCapabilities.getOwnerUid() + " to " + nc.getOwnerUid());
- nc.setOwnerUid(nai.networkCapabilities.getOwnerUid());
- }
- nai.declaredCapabilities = new NetworkCapabilities(nc);
- NetworkAgentInfo.restrictCapabilitiesFromNetworkAgent(nc, nai.creatorUid,
- mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE),
- mCarrierPrivilegeAuthenticator);
- }
-
/** Modifies |newNc| based on the capabilities of |underlyingNetworks| and |agentCaps|. */
@VisibleForTesting
void applyUnderlyingCapabilities(@Nullable Network[] underlyingNetworks,
@@ -7916,9 +7905,9 @@
// causing a connect/teardown loop.
// TODO: remove this altogether and make it the responsibility of the NetworkProviders to
// avoid connect/teardown loops.
- if (nai.everConnected &&
- !nai.isVPN() &&
- !nai.networkCapabilities.satisfiedByImmutableNetworkCapabilities(nc)) {
+ if (nai.everConnected()
+ && !nai.isVPN()
+ && !nai.networkCapabilities.satisfiedByImmutableNetworkCapabilities(nc)) {
// TODO: consider not complaining when a network agent degrades its capabilities if this
// does not cause any request (that is not a listen) currently matching that agent to
// stop being matched by the updated agent.
@@ -7930,12 +7919,12 @@
// Don't modify caller's NetworkCapabilities.
final NetworkCapabilities newNc = new NetworkCapabilities(nc);
- if (nai.lastValidated) {
+ if (nai.isValidated()) {
newNc.addCapability(NET_CAPABILITY_VALIDATED);
} else {
newNc.removeCapability(NET_CAPABILITY_VALIDATED);
}
- if (nai.lastCaptivePortalDetected) {
+ if (nai.captivePortalDetected()) {
newNc.addCapability(NET_CAPABILITY_CAPTIVE_PORTAL);
} else {
newNc.removeCapability(NET_CAPABILITY_CAPTIVE_PORTAL);
@@ -7945,7 +7934,7 @@
} else {
newNc.addCapability(NET_CAPABILITY_FOREGROUND);
}
- if (nai.partialConnectivity) {
+ if (nai.partialConnectivity()) {
newNc.addCapability(NET_CAPABILITY_PARTIAL_CONNECTIVITY);
} else {
newNc.removeCapability(NET_CAPABILITY_PARTIAL_CONNECTIVITY);
@@ -7959,7 +7948,8 @@
}
if (nai.propagateUnderlyingCapabilities()) {
- applyUnderlyingCapabilities(nai.declaredUnderlyingNetworks, nai.declaredCapabilities,
+ applyUnderlyingCapabilities(nai.declaredUnderlyingNetworks,
+ nai.getDeclaredCapabilitiesSanitized(mCarrierPrivilegeAuthenticator),
newNc);
}
@@ -8001,7 +7991,7 @@
* @param nai the network having its capabilities updated.
* @param nc the new network capabilities.
*/
- private void updateCapabilities(final int oldScore, @NonNull final NetworkAgentInfo nai,
+ private void updateCapabilities(final FullScore oldScore, @NonNull final NetworkAgentInfo nai,
@NonNull final NetworkCapabilities nc) {
NetworkCapabilities newNc = mixInCapabilities(nai, nc);
if (Objects.equals(nai.networkCapabilities, newNc)) return;
@@ -8012,7 +8002,7 @@
updateAllowedUids(nai, prevNc, newNc);
nai.updateScoreForNetworkAgentUpdate();
- if (nai.getCurrentScore() == oldScore && newNc.equalRequestableCapabilities(prevNc)) {
+ if (nai.getScore().equals(oldScore) && newNc.equalRequestableCapabilities(prevNc)) {
// If the requestable capabilities haven't changed, and the score hasn't changed, then
// the change we're processing can't affect any requests, it can only affect the listens
// on this network. We might have been called by rematchNetworkAndRequests when a
@@ -8056,7 +8046,7 @@
/** Convenience method to update the capabilities for a given network. */
private void updateCapabilitiesForNetwork(NetworkAgentInfo nai) {
- updateCapabilities(nai.getCurrentScore(), nai, nai.networkCapabilities);
+ updateCapabilities(nai.getScore(), nai, nai.networkCapabilities);
}
/**
@@ -8096,12 +8086,14 @@
* Returns whether we need to set interface filtering rule or not
*/
private boolean requiresVpnAllowRule(NetworkAgentInfo nai, LinkProperties lp,
- String filterIface) {
- // Only filter if lp has an interface.
- if (lp == null || lp.getInterfaceName() == null) return false;
- // Before T, allow rules are only needed if VPN isolation is enabled.
- // T and After T, allow rules are needed for all VPNs.
- return filterIface != null || (nai.isVPN() && SdkLevel.isAtLeastT());
+ String isolationIface) {
+ // Allow rules are always needed if VPN isolation is enabled.
+ if (isolationIface != null) return true;
+
+ // On T and above, allow rules are needed for all VPNs. Allow rule with null iface is a
+ // wildcard to allow apps to receive packets on all interfaces. This is required to accept
+ // incoming traffic in Lockdown mode by overriding the Lockdown blocking rule.
+ return SdkLevel.isAtLeastT() && nai.isVPN() && lp != null && lp.getInterfaceName() != null;
}
private static UidRangeParcel[] toUidRangeStableParcels(final @NonNull Set<UidRange> ranges) {
@@ -8189,7 +8181,7 @@
// that happens to prevent false alarms.
final Set<UidRange> prevUids = prevNc == null ? null : prevNc.getUidRanges();
final Set<UidRange> newUids = newNc == null ? null : newNc.getUidRanges();
- if (nai.isVPN() && nai.everConnected && !UidRange.hasSameUids(prevUids, newUids)
+ if (nai.isVPN() && nai.everConnected() && !UidRange.hasSameUids(prevUids, newUids)
&& (nai.linkProperties.getHttpProxy() != null || isProxySetOnAnyDefaultNetwork())) {
mProxyTracker.sendProxyBroadcast();
}
@@ -8244,10 +8236,6 @@
// above, where the addition of new ranges happens before the removal of old ranges.
// TODO Fix this window by computing an accurate diff on Set<UidRange>, so the old range
// to be removed will never overlap with the new range to be added.
-
- // Null iface given to onVpnUidRangesAdded/Removed is a wildcard to allow apps to
- // receive packets on all interfaces. This is required to accept incoming traffic in
- // Lockdown mode by overriding the Lockdown blocking rule.
if (wasFiltering && !prevRanges.isEmpty()) {
mPermissionMonitor.onVpnUidRangesRemoved(oldIface, prevRanges,
prevNc.getOwnerUid());
@@ -8313,8 +8301,8 @@
}
if (VDBG || DDBG) {
log("Update of LinkProperties for " + nai.toShortString()
- + "; created=" + nai.created
- + "; everConnected=" + nai.everConnected);
+ + "; created=" + nai.getCreatedTime()
+ + "; firstConnected=" + nai.getConnectedTime());
}
// TODO: eliminate this defensive copy after confirming that updateLinkProperties does not
// modify its oldLp parameter.
@@ -8376,8 +8364,11 @@
releasePendingNetworkRequestWithDelay(pendingIntent);
}
+ // networkAgent is only allowed to be null if notificationType is
+ // CALLBACK_UNAVAIL. This is because UNAVAIL is about no network being
+ // available, while all other cases are about some particular network.
private void callCallbackForRequest(@NonNull final NetworkRequestInfo nri,
- @NonNull final NetworkAgentInfo networkAgent, final int notificationType,
+ @Nullable final NetworkAgentInfo networkAgent, final int notificationType,
final int arg1) {
if (nri.mMessenger == null) {
// Default request has no msgr. Also prevents callbacks from being invoked for
@@ -8399,14 +8390,13 @@
switch (notificationType) {
case ConnectivityManager.CALLBACK_AVAILABLE: {
final NetworkCapabilities nc =
- networkCapabilitiesRestrictedForCallerPermissions(
- networkAgent.networkCapabilities, nri.mPid, nri.mUid);
- putParcelable(
- bundle,
createWithLocationInfoSanitizedIfNecessaryWhenParceled(
- nc, includeLocationSensitiveInfo, nri.mPid, nri.mUid,
+ networkCapabilitiesRestrictedForCallerPermissions(
+ networkAgent.networkCapabilities, nri.mPid, nri.mUid),
+ includeLocationSensitiveInfo, nri.mPid, nri.mUid,
nrForCallback.getRequestorPackageName(),
- nri.mCallingAttributionTag));
+ nri.mCallingAttributionTag);
+ putParcelable(bundle, nc);
putParcelable(bundle, linkPropertiesRestrictedForCallerPermissions(
networkAgent.linkProperties, nri.mPid, nri.mUid));
// For this notification, arg1 contains the blocked status.
@@ -8744,7 +8734,7 @@
}
previousSatisfier.removeRequest(previousRequest.requestId);
if (canSupportGracefulNetworkSwitch(previousSatisfier, newSatisfier)
- && !previousSatisfier.destroyed) {
+ && !previousSatisfier.isDestroyed()) {
// If this network switch can't be supported gracefully, the request is not
// lingered. This allows letting go of the network sooner to reclaim some
// performance on the new network, since the radio can't do both at the same
@@ -8806,9 +8796,6 @@
// Gather the list of all relevant agents.
final ArrayList<NetworkAgentInfo> nais = new ArrayList<>();
for (final NetworkAgentInfo nai : mNetworkAgentInfos) {
- if (!nai.everConnected) {
- continue;
- }
nais.add(nai);
}
@@ -8860,15 +8847,22 @@
@NonNull final Set<NetworkRequestInfo> networkRequests) {
ensureRunningOnConnectivityServiceThread();
// TODO: This may be slow, and should be optimized.
- final long now = SystemClock.elapsedRealtime();
+ final long start = SystemClock.elapsedRealtime();
final NetworkReassignment changes = computeNetworkReassignment(networkRequests);
+ final long computed = SystemClock.elapsedRealtime();
+ applyNetworkReassignment(changes, start);
+ final long applied = SystemClock.elapsedRealtime();
+ issueNetworkNeeds();
+ final long end = SystemClock.elapsedRealtime();
if (VDBG || DDBG) {
+ log(String.format("Rematched networks [computed %dms] [applied %dms] [issued %d]",
+ computed - start, applied - computed, end - applied));
log(changes.debugString());
} else if (DBG) {
- log(changes.toString()); // Shorter form, only one line of log
+ // Shorter form, only one line of log
+ log(String.format("%s [c %d] [a %d] [i %d]", changes.toString(),
+ computed - start, applied - computed, end - applied));
}
- applyNetworkReassignment(changes, now);
- issueNetworkNeeds();
}
private void applyNetworkReassignment(@NonNull final NetworkReassignment changes,
@@ -8925,7 +8919,6 @@
}
for (final NetworkAgentInfo nai : nais) {
- if (!nai.everConnected) continue;
final boolean oldBackground = oldBgNetworks.contains(nai);
// Process listen requests and update capabilities if the background state has
// changed for this network. For consistency with previous behavior, send onLost
@@ -9009,7 +9002,7 @@
// The new default network can be newly null if and only if the old default
// network doesn't satisfy the default request any more because it lost a
// capability.
- mDefaultInetConditionPublished = newDefaultNetwork.lastValidated ? 100 : 0;
+ mDefaultInetConditionPublished = newDefaultNetwork.isValidated() ? 100 : 0;
mLegacyTypeTracker.add(
newDefaultNetwork.networkInfo.getType(), newDefaultNetwork);
}
@@ -9030,7 +9023,7 @@
// they may get old info. Reverse this after the old startUsing api is removed.
// This is on top of the multiple intent sequencing referenced in the todo above.
for (NetworkAgentInfo nai : nais) {
- if (nai.everConnected) {
+ if (nai.everConnected()) {
addNetworkToLegacyTypeTracker(nai);
}
}
@@ -9156,12 +9149,12 @@
private void updateInetCondition(NetworkAgentInfo nai) {
// Don't bother updating until we've graduated to validated at least once.
- if (!nai.everValidated) return;
+ if (!nai.everValidated()) return;
// For now only update icons for the default connection.
// TODO: Update WiFi and cellular icons separately. b/17237507
if (!isDefaultNetwork(nai)) return;
- int newInetCondition = nai.lastValidated ? 100 : 0;
+ int newInetCondition = nai.isValidated() ? 100 : 0;
// Don't repeat publish.
if (newInetCondition == mDefaultInetConditionPublished) return;
@@ -9188,7 +9181,7 @@
// SUSPENDED state is currently only overridden from CONNECTED state. In the case the
// network agent is created, then goes to suspended, then goes out of suspended without
// ever setting connected. Check if network agent is ever connected to update the state.
- newInfo.setDetailedState(nai.everConnected
+ newInfo.setDetailedState(nai.everConnected()
? NetworkInfo.DetailedState.CONNECTED
: NetworkInfo.DetailedState.CONNECTING,
info.getReason(),
@@ -9213,7 +9206,7 @@
+ oldInfo.getState() + " to " + state);
}
- if (!networkAgent.created
+ if (!networkAgent.isCreated()
&& (state == NetworkInfo.State.CONNECTED
|| (state == NetworkInfo.State.CONNECTING && networkAgent.isVPN()))) {
@@ -9227,13 +9220,13 @@
// anything happens to the network.
updateCapabilitiesForNetwork(networkAgent);
}
- networkAgent.created = true;
+ networkAgent.setCreated();
networkAgent.onNetworkCreated();
updateAllowedUids(networkAgent, null, networkAgent.networkCapabilities);
}
- if (!networkAgent.everConnected && state == NetworkInfo.State.CONNECTED) {
- networkAgent.everConnected = true;
+ if (!networkAgent.everConnected() && state == NetworkInfo.State.CONNECTED) {
+ networkAgent.setConnected();
// NetworkCapabilities need to be set before sending the private DNS config to
// NetworkMonitor, otherwise NetworkMonitor cannot determine if validation is required.
@@ -9266,8 +9259,22 @@
params.networkCapabilities = networkAgent.networkCapabilities;
params.linkProperties = new LinkProperties(networkAgent.linkProperties,
true /* parcelSensitiveFields */);
- networkAgent.networkMonitor().notifyNetworkConnected(params);
- scheduleUnvalidatedPrompt(networkAgent);
+ // isAtLeastT() is conservative here, as recent versions of NetworkStack support the
+ // newer callback even before T. However getInterfaceVersion is a synchronized binder
+ // call that would cause a Log.wtf to be emitted from the system_server process, and
+ // in the absence of a satisfactory, scalable solution which follows an easy/standard
+ // process to check the interface version, just use an SDK check. NetworkStack will
+ // always be new enough when running on T+.
+ if (SdkLevel.isAtLeastT()) {
+ networkAgent.networkMonitor().notifyNetworkConnected(params);
+ } else {
+ networkAgent.networkMonitor().notifyNetworkConnected(params.linkProperties,
+ params.networkCapabilities);
+ }
+ final long delay = activelyPreferBadWifi()
+ ? ACTIVELY_PREFER_BAD_WIFI_INITIAL_TIMEOUT_MS
+ : DONT_ACTIVELY_PREFER_BAD_WIFI_INITIAL_TIMEOUT_MS;
+ scheduleEvaluationTimeout(networkAgent.network, delay);
// Whether a particular NetworkRequest listen should cause signal strength thresholds to
// be communicated to a particular NetworkAgent depends only on the network's immutable,
@@ -9306,8 +9313,8 @@
// TODO(b/122649188): send the broadcast only to VPN users.
mProxyTracker.sendProxyBroadcast();
}
- } else if (networkAgent.created && (oldInfo.getState() == NetworkInfo.State.SUSPENDED ||
- state == NetworkInfo.State.SUSPENDED)) {
+ } else if (networkAgent.isCreated() && (oldInfo.getState() == NetworkInfo.State.SUSPENDED
+ || state == NetworkInfo.State.SUSPENDED)) {
mLegacyTypeTracker.update(networkAgent);
}
}
@@ -9507,7 +9514,7 @@
}
}
for (NetworkAgentInfo nai : mNetworkAgentInfos) {
- if (nai.everConnected && (activeNetIds.contains(nai.network().netId) || nai.isVPN())) {
+ if (activeNetIds.contains(nai.network().netId) || nai.isVPN()) {
defaultNetworks.add(nai.network);
}
}
@@ -9529,9 +9536,7 @@
final UnderlyingNetworkInfo[] underlyingNetworkInfos = getAllVpnInfo();
try {
final ArrayList<NetworkStateSnapshot> snapshots = new ArrayList<>();
- for (final NetworkStateSnapshot snapshot : getAllNetworkStateSnapshots()) {
- snapshots.add(snapshot);
- }
+ snapshots.addAll(getAllNetworkStateSnapshots());
mStatsManager.notifyNetworkStatus(getDefaultNetworks(),
snapshots, activeIface, Arrays.asList(underlyingNetworkInfos));
} catch (Exception ignored) {
@@ -9683,6 +9688,8 @@
try {
switch (cmd) {
case "airplane-mode":
+ // Usage : adb shell cmd connectivity airplane-mode [enable|disable]
+ // If no argument, get and display the current status
final String action = getNextArg();
if ("enable".equals(action)) {
setAirplaneMode(true);
@@ -9700,6 +9707,27 @@
onHelp();
return -1;
}
+ case "reevaluate":
+ // Usage : adb shell cmd connectivity reevaluate <netId>
+ // If netId is omitted, then reevaluate the default network
+ final String netId = getNextArg();
+ final NetworkAgentInfo nai;
+ if (null == netId) {
+ // Note that the command is running on the wrong thread to call this,
+ // so this could in principle return stale data. But it can't crash.
+ nai = getDefaultNetwork();
+ } else {
+ // If netId can't be parsed, this throws NumberFormatException, which
+ // is passed back to adb who prints it.
+ nai = getNetworkAgentInfoForNetId(Integer.parseInt(netId));
+ }
+ if (null == nai) {
+ pw.println("Unknown network (net ID not found or no default network)");
+ return 0;
+ }
+ Log.d(TAG, "Reevaluating network " + nai.network);
+ reportNetworkConnectivity(nai.network, !nai.isValidated());
+ return 0;
default:
return handleDefaultCommands(cmd);
}
@@ -9737,7 +9765,7 @@
return;
}
if (!TextUtils.equals(((WifiInfo)prevInfo).getBSSID(), ((WifiInfo)newInfo).getBSSID())) {
- nai.lastRoamTimestamp = SystemClock.elapsedRealtime();
+ nai.lastRoamTime = SystemClock.elapsedRealtime();
}
}
@@ -9918,14 +9946,12 @@
private static class NetworkTestedResults {
private final int mNetId;
private final int mTestResult;
- private final long mTimestampMillis;
@Nullable private final String mRedirectUrl;
private NetworkTestedResults(
int netId, int testResult, long timestampMillis, @Nullable String redirectUrl) {
mNetId = netId;
mTestResult = testResult;
- mTimestampMillis = timestampMillis;
mRedirectUrl = redirectUrl;
}
}
@@ -9992,7 +10018,7 @@
// Decrement the reference count for this NetworkRequestInfo. The reference count is
// incremented when the NetworkRequestInfo is created as part of
// enforceRequestCountLimit().
- nri.decrementRequestCount();
+ nri.mPerUidCounter.decrementCount(nri.mUid);
return;
}
@@ -10058,7 +10084,7 @@
// Decrement the reference count for this NetworkRequestInfo. The reference count is
// incremented when the NetworkRequestInfo is created as part of
// enforceRequestCountLimit().
- nri.decrementRequestCount();
+ nri.mPerUidCounter.decrementCount(nri.mUid);
iCb.unlinkToDeath(cbInfo, 0);
}
@@ -10306,7 +10332,8 @@
Objects.requireNonNull(network, "network must not be null");
Objects.requireNonNull(extras, "extras must not be null");
- enforceAnyPermissionOf(android.Manifest.permission.MANAGE_TEST_NETWORKS,
+ enforceAnyPermissionOf(mContext,
+ android.Manifest.permission.MANAGE_TEST_NETWORKS,
android.Manifest.permission.NETWORK_STACK);
final NetworkCapabilities nc = getNetworkCapabilitiesInternal(network);
if (!nc.hasTransport(TRANSPORT_TEST)) {
@@ -10348,14 +10375,14 @@
}
@Override
- public void onInterfaceLinkStateChanged(String iface, boolean up) {
+ public void onInterfaceLinkStateChanged(@NonNull String iface, boolean up) {
for (NetworkAgentInfo nai : mNetworkAgentInfos) {
nai.clatd.interfaceLinkStateChanged(iface, up);
}
}
@Override
- public void onInterfaceRemoved(String iface) {
+ public void onInterfaceRemoved(@NonNull String iface) {
for (NetworkAgentInfo nai : mNetworkAgentInfos) {
nai.clatd.interfaceRemoved(iface);
}
@@ -10378,10 +10405,10 @@
@GuardedBy("mActiveIdleTimers")
private boolean mNetworkActive;
@GuardedBy("mActiveIdleTimers")
- private final ArrayMap<String, IdleTimerParams> mActiveIdleTimers = new ArrayMap();
+ private final ArrayMap<String, IdleTimerParams> mActiveIdleTimers = new ArrayMap<>();
private final Handler mHandler;
- private class IdleTimerParams {
+ private static class IdleTimerParams {
public final int timeout;
public final int transportType;
@@ -10427,7 +10454,7 @@
try {
mNetworkActivityListeners.getBroadcastItem(i).onNetworkActive();
} catch (RemoteException | RuntimeException e) {
- loge("Fail to send network activie to listener " + e);
+ loge("Fail to send network activity to listener " + e);
}
}
} finally {
@@ -10648,8 +10675,8 @@
@VisibleForTesting
public void registerQosCallbackInternal(@NonNull final QosFilter filter,
@NonNull final IQosCallback callback, @NonNull final NetworkAgentInfo nai) {
- if (filter == null) throw new IllegalArgumentException("filter must be non-null");
- if (callback == null) throw new IllegalArgumentException("callback must be non-null");
+ Objects.requireNonNull(filter, "filter must be non-null");
+ Objects.requireNonNull(callback, "callback must be non-null");
if (!nai.networkCapabilities.hasCapability(NET_CAPABILITY_NOT_RESTRICTED)) {
// TODO: Check allowed list here and ensure that either a) any QoS callback registered
@@ -10714,7 +10741,7 @@
preferences.add(pref);
}
- PermissionUtils.enforceNetworkStackPermission(mContext);
+ enforceNetworkStackPermission(mContext);
if (DBG) {
log("setProfileNetworkPreferences " + profile + " to " + preferences);
}
@@ -10727,8 +10754,7 @@
+ "or the device owner must be set. ");
}
- final List<ProfileNetworkPreferenceList.Preference> preferenceList =
- new ArrayList<ProfileNetworkPreferenceList.Preference>();
+ final List<ProfileNetworkPreferenceList.Preference> preferenceList = new ArrayList<>();
boolean hasDefaultPreference = false;
for (final ProfileNetworkPreference preference : preferences) {
final NetworkCapabilities nc;
@@ -10809,7 +10835,7 @@
uidRangeSet = UidRangeUtils.removeRangeSetFromUidRange(profileUids,
disallowUidRangeSet);
} else {
- uidRangeSet = new ArraySet<UidRange>();
+ uidRangeSet = new ArraySet<>();
uidRangeSet.add(profileUids);
}
}
@@ -10818,8 +10844,7 @@
private boolean isEnterpriseIdentifierValid(
@NetworkCapabilities.EnterpriseId int identifier) {
- if ((identifier >= NET_ENTERPRISE_ID_1)
- && (identifier <= NET_ENTERPRISE_ID_5)) {
+ if ((identifier >= NET_ENTERPRISE_ID_1) && (identifier <= NET_ENTERPRISE_ID_5)) {
return true;
}
return false;
@@ -10891,6 +10916,7 @@
removeDefaultNetworkRequestsForPreference(PREFERENCE_ORDER_PROFILE);
addPerAppDefaultNetworkRequests(
createNrisFromProfileNetworkPreferences(mProfileNetworkPreferences));
+
// Finally, rematch.
rematchAllNetworksAndRequests();
@@ -11394,42 +11420,16 @@
}
@Override
+ public boolean getFirewallChainEnabled(final int chain) {
+ enforceNetworkStackOrSettingsPermission();
+
+ return mBpfNetMaps.isChainEnabled(chain);
+ }
+
+ @Override
public void replaceFirewallChain(final int chain, final int[] uids) {
enforceNetworkStackOrSettingsPermission();
- try {
- switch (chain) {
- case ConnectivityManager.FIREWALL_CHAIN_DOZABLE:
- mBpfNetMaps.replaceUidChain("fw_dozable", true /* isAllowList */, uids);
- break;
- case ConnectivityManager.FIREWALL_CHAIN_STANDBY:
- mBpfNetMaps.replaceUidChain("fw_standby", false /* isAllowList */, uids);
- break;
- case ConnectivityManager.FIREWALL_CHAIN_POWERSAVE:
- mBpfNetMaps.replaceUidChain("fw_powersave", true /* isAllowList */, uids);
- break;
- case ConnectivityManager.FIREWALL_CHAIN_RESTRICTED:
- mBpfNetMaps.replaceUidChain("fw_restricted", true /* isAllowList */, uids);
- break;
- case ConnectivityManager.FIREWALL_CHAIN_LOW_POWER_STANDBY:
- mBpfNetMaps.replaceUidChain("fw_low_power_standby", true /* isAllowList */,
- uids);
- break;
- case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_1:
- mBpfNetMaps.replaceUidChain("fw_oem_deny_1", false /* isAllowList */, uids);
- break;
- case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_2:
- mBpfNetMaps.replaceUidChain("fw_oem_deny_2", false /* isAllowList */, uids);
- break;
- case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_3:
- mBpfNetMaps.replaceUidChain("fw_oem_deny_3", false /* isAllowList */, uids);
- break;
- default:
- throw new IllegalArgumentException("replaceFirewallChain with invalid chain: "
- + chain);
- }
- } catch (ServiceSpecificException e) {
- throw new IllegalStateException(e);
- }
+ mBpfNetMaps.replaceUidChain(chain, uids);
}
}
diff --git a/service/src/com/android/server/TestNetworkService.java b/service/src/com/android/server/TestNetworkService.java
index e12190c..5549fbe 100644
--- a/service/src/com/android/server/TestNetworkService.java
+++ b/service/src/com/android/server/TestNetworkService.java
@@ -47,9 +47,9 @@
import com.android.internal.annotations.GuardedBy;
import com.android.internal.annotations.VisibleForTesting;
-import com.android.net.module.util.NetdUtils;
import com.android.net.module.util.NetworkStackConstants;
+import java.io.IOException;
import java.io.UncheckedIOException;
import java.net.Inet4Address;
import java.net.Inet6Address;
@@ -76,7 +76,13 @@
@NonNull private final NetworkProvider mNetworkProvider;
// Native method stubs
- private static native int jniCreateTunTap(boolean isTun, @NonNull String iface);
+ private static native int nativeCreateTunTap(boolean isTun, boolean hasCarrier,
+ boolean setIffMulticast, @NonNull String iface);
+
+ private static native void nativeSetTunTapCarrierEnabled(@NonNull String iface, int tunFd,
+ boolean enabled);
+
+ private static native void nativeBringUpInterface(String iface);
@VisibleForTesting
protected TestNetworkService(@NonNull Context context) {
@@ -114,8 +120,8 @@
* interface.
*/
@Override
- public TestNetworkInterface createInterface(boolean isTun, boolean bringUp,
- LinkAddress[] linkAddrs, @Nullable String iface) {
+ public TestNetworkInterface createInterface(boolean isTun, boolean hasCarrier, boolean bringUp,
+ boolean disableIpv6ProvisioningDelay, LinkAddress[] linkAddrs, @Nullable String iface) {
enforceTestNetworkPermissions(mContext);
Objects.requireNonNull(linkAddrs, "missing linkAddrs");
@@ -130,8 +136,22 @@
final long token = Binder.clearCallingIdentity();
try {
- ParcelFileDescriptor tunIntf =
- ParcelFileDescriptor.adoptFd(jniCreateTunTap(isTun, interfaceName));
+ // Note: if the interface is brought up by ethernet, setting IFF_MULTICAST
+ // races NetUtils#setInterfaceUp(). This flag is not necessary for ethernet
+ // tests, so let's not set it when bringUp is false. See also b/242343156.
+ // In the future, we could use RTM_SETLINK with ifi_change set to set the
+ // flags atomically.
+ final boolean setIffMulticast = bringUp;
+ ParcelFileDescriptor tunIntf = ParcelFileDescriptor.adoptFd(
+ nativeCreateTunTap(isTun, hasCarrier, setIffMulticast, interfaceName));
+
+ // Disable DAD and remove router_solicitation_delay before assigning link addresses.
+ if (disableIpv6ProvisioningDelay) {
+ mNetd.setProcSysNet(
+ INetd.IPV6, INetd.CONF, interfaceName, "router_solicitation_delay", "0");
+ mNetd.setProcSysNet(INetd.IPV6, INetd.CONF, interfaceName, "dad_transmits", "0");
+ }
+
for (LinkAddress addr : linkAddrs) {
mNetd.interfaceAddAddress(
interfaceName,
@@ -140,7 +160,7 @@
}
if (bringUp) {
- NetdUtils.setInterfaceUp(mNetd, interfaceName);
+ nativeBringUpInterface(interfaceName);
}
return new TestNetworkInterface(tunIntf, interfaceName);
@@ -375,4 +395,20 @@
public static void enforceTestNetworkPermissions(@NonNull Context context) {
context.enforceCallingOrSelfPermission(PERMISSION_NAME, "TestNetworkService");
}
+
+ /** Enable / disable TestNetworkInterface carrier */
+ @Override
+ public void setCarrierEnabled(@NonNull TestNetworkInterface iface, boolean enabled) {
+ enforceTestNetworkPermissions(mContext);
+ nativeSetTunTapCarrierEnabled(iface.getInterfaceName(), iface.getFileDescriptor().getFd(),
+ enabled);
+ // Explicitly close fd after use to prevent StrictMode from complaining.
+ // Also, explicitly referencing iface guarantees that the object is not garbage collected
+ // before nativeSetTunTapCarrierEnabled() executes.
+ try {
+ iface.getFileDescriptor().close();
+ } catch (IOException e) {
+ // if the close fails, there is not much that can be done -- move on.
+ }
+ }
}
diff --git a/service-t/src/com/android/server/net/CookieTagMapValue.java b/service/src/com/android/server/UidOwnerValue.java
similarity index 60%
copy from service-t/src/com/android/server/net/CookieTagMapValue.java
copy to service/src/com/android/server/UidOwnerValue.java
index 93b9195..d6c0e0d 100644
--- a/service-t/src/com/android/server/net/CookieTagMapValue.java
+++ b/service/src/com/android/server/UidOwnerValue.java
@@ -14,24 +14,22 @@
* limitations under the License.
*/
-package com.android.server.net;
+package com.android.server;
import com.android.net.module.util.Struct;
-import com.android.net.module.util.Struct.Field;
-import com.android.net.module.util.Struct.Type;
-/**
- * Value for cookie tag map.
- */
-public class CookieTagMapValue extends Struct {
- @Field(order = 0, type = Type.U32)
- public final long uid;
+/** Value type for per uid traffic control configuration map */
+public class UidOwnerValue extends Struct {
+ // Allowed interface index. Only applicable if IIF_MATCH is set in the rule bitmask below.
+ @Field(order = 0, type = Type.S32)
+ public final int iif;
+ // A bitmask of match type.
@Field(order = 1, type = Type.U32)
- public final long tag;
+ public final long rule;
- public CookieTagMapValue(final long uid, final long tag) {
- this.uid = uid;
- this.tag = tag;
+ public UidOwnerValue(final int iif, final long rule) {
+ this.iif = iif;
+ this.rule = rule;
}
}
diff --git a/service/src/com/android/server/connectivity/ClatCoordinator.java b/service/src/com/android/server/connectivity/ClatCoordinator.java
index 4a7c77a..d7c3287 100644
--- a/service/src/com/android/server/connectivity/ClatCoordinator.java
+++ b/service/src/com/android/server/connectivity/ClatCoordinator.java
@@ -17,6 +17,7 @@
package com.android.server.connectivity;
import static android.net.INetd.IF_STATE_UP;
+import static android.net.INetd.PERMISSION_NETWORK;
import static android.net.INetd.PERMISSION_SYSTEM;
import static android.system.OsConstants.ETH_P_IP;
import static android.system.OsConstants.ETH_P_IPV6;
@@ -46,6 +47,8 @@
import com.android.net.module.util.bpf.ClatEgress4Value;
import com.android.net.module.util.bpf.ClatIngress6Key;
import com.android.net.module.util.bpf.ClatIngress6Value;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
import java.io.FileDescriptor;
import java.io.IOException;
@@ -63,6 +66,10 @@
public class ClatCoordinator {
private static final String TAG = ClatCoordinator.class.getSimpleName();
+ // Sync from system/core/libcutils/include/private/android_filesystem_config.h
+ @VisibleForTesting
+ static final int AID_CLAT = 1029;
+
// Sync from external/android-clat/clatd.c
// 40 bytes IPv6 header - 20 bytes IPv4 header + 8 bytes fragment header.
@VisibleForTesting
@@ -97,6 +104,8 @@
@VisibleForTesting
static final int PRIO_CLAT = 4;
+ private static final String COOKIE_TAG_MAP_PATH =
+ "/sys/fs/bpf/netd_shared/map_netd_cookie_tag_map";
private static final String CLAT_EGRESS4_MAP_PATH = makeMapPath("egress4");
private static final String CLAT_INGRESS6_MAP_PATH = makeMapPath("ingress6");
@@ -121,6 +130,8 @@
@Nullable
private final IBpfMap<ClatEgress4Key, ClatEgress4Value> mEgressMap;
@Nullable
+ private final IBpfMap<CookieTagMapKey, CookieTagMapValue> mCookieTagMap;
+ @Nullable
private ClatdTracker mClatdTracker = null;
/**
@@ -232,17 +243,10 @@
}
/**
- * Tag socket as clat.
+ * Get socket cookie.
*/
- public long tagSocketAsClat(@NonNull FileDescriptor sock) throws IOException {
- return native_tagSocketAsClat(sock);
- }
-
- /**
- * Untag socket.
- */
- public void untagSocket(long cookie) throws IOException {
- native_untagSocket(cookie);
+ public long getSocketCookie(@NonNull FileDescriptor sock) throws IOException {
+ return native_getSocketCookie(sock);
}
/** Get ingress6 BPF map. */
@@ -279,6 +283,23 @@
}
}
+ /** Get cookie tag map */
+ @Nullable
+ public IBpfMap<CookieTagMapKey, CookieTagMapValue> getBpfCookieTagMap() {
+ // Pre-T devices don't use ClatCoordinator to access clat map. Since Nat464Xlat
+ // initializes a ClatCoordinator object to avoid redundant null pointer check
+ // while using, ignore the BPF map initialization on pre-T devices.
+ // TODO: probably don't initialize ClatCoordinator object on pre-T devices.
+ if (!SdkLevel.isAtLeastT()) return null;
+ try {
+ return new BpfMap<>(COOKIE_TAG_MAP_PATH,
+ BpfMap.BPF_F_RDWR, CookieTagMapKey.class, CookieTagMapValue.class);
+ } catch (ErrnoException e) {
+ Log.wtf(TAG, "Cannot open cookie tag map: " + e);
+ return null;
+ }
+ }
+
/** Checks if the network interface uses an ethernet L2 header. */
public boolean isEthernet(String iface) throws IOException {
return TcUtils.isEthernet(iface);
@@ -347,15 +368,28 @@
&& this.pid == that.pid
&& this.cookie == that.cookie;
}
+
+ @Override
+ public String toString() {
+ return "iface: " + iface
+ + " (" + ifIndex + ")"
+ + ", v4iface: " + v4iface
+ + " (" + v4ifIndex + ")"
+ + ", v4: " + v4
+ + ", v6: " + v6
+ + ", pfx96: " + pfx96
+ + ", pid: " + pid
+ + ", cookie: " + cookie;
+ }
};
@VisibleForTesting
static int getFwmark(int netId) {
// See union Fwmark in system/netd/include/Fwmark.h
return (netId & 0xffff)
- | 0x1 << 16 // protectedFromVpn: true
- | 0x1 << 17 // explicitlySelected: true
- | (PERMISSION_SYSTEM & 0x3) << 18;
+ | 0x1 << 16 // explicitlySelected: true
+ | 0x1 << 17 // protectedFromVpn: true
+ | ((PERMISSION_NETWORK | PERMISSION_SYSTEM) & 0x3) << 18; // 2 permission bits = 3
}
@VisibleForTesting
@@ -375,6 +409,7 @@
mNetd = mDeps.getNetd();
mIngressMap = mDeps.getBpfIngress6Map();
mEgressMap = mDeps.getBpfEgress4Map();
+ mCookieTagMap = mDeps.getBpfCookieTagMap();
}
private void maybeStartBpf(final ClatdTracker tracker) {
@@ -498,13 +533,79 @@
}
}
+ private void maybeCleanUp(ParcelFileDescriptor tunFd, ParcelFileDescriptor readSock6,
+ ParcelFileDescriptor writeSock6) {
+ if (tunFd != null) {
+ try {
+ tunFd.close();
+ } catch (IOException e) {
+ Log.e(TAG, "Fail to close tun file descriptor " + e);
+ }
+ }
+ if (readSock6 != null) {
+ try {
+ readSock6.close();
+ } catch (IOException e) {
+ Log.e(TAG, "Fail to close read socket " + e);
+ }
+ }
+ if (writeSock6 != null) {
+ try {
+ writeSock6.close();
+ } catch (IOException e) {
+ Log.e(TAG, "Fail to close write socket " + e);
+ }
+ }
+ }
+
+ private void tagSocketAsClat(long cookie) throws IOException {
+ if (mCookieTagMap == null) {
+ throw new IOException("Cookie tag map is not initialized");
+ }
+
+ // Tag raw socket with uid AID_CLAT and set tag as zero because tag is unused in bpf
+ // program for counting data usage in netd.c. Tagging socket is used to avoid counting
+ // duplicated clat traffic in bpf stat.
+ final CookieTagMapKey key = new CookieTagMapKey(cookie);
+ final CookieTagMapValue value = new CookieTagMapValue(AID_CLAT, 0 /* tag, unused */);
+ try {
+ mCookieTagMap.insertEntry(key, value);
+ } catch (ErrnoException | IllegalStateException e) {
+ throw new IOException("Could not insert entry (" + key + ", " + value
+ + ") on cookie tag map: " + e);
+ }
+ Log.i(TAG, "tag socket cookie " + cookie);
+ }
+
+ private void untagSocket(long cookie) throws IOException {
+ if (mCookieTagMap == null) {
+ throw new IOException("Cookie tag map is not initialized");
+ }
+
+ // The reason that deleting entry from cookie tag map directly is that the tag socket
+ // destroy listener only monitors on group INET_TCP, INET_UDP, INET6_TCP, INET6_UDP.
+ // The other socket types, ex: raw, are not able to be removed automatically by the
+ // listener. See TrafficController::makeSkDestroyListener.
+ final CookieTagMapKey key = new CookieTagMapKey(cookie);
+ try {
+ mCookieTagMap.deleteEntry(key);
+ } catch (ErrnoException | IllegalStateException e) {
+ throw new IOException("Could not delete entry (" + key + ") on cookie tag map: " + e);
+ }
+ Log.i(TAG, "untag socket cookie " + cookie);
+ }
+
+ private boolean isStarted() {
+ return mClatdTracker != null;
+ }
+
/**
* Start clatd for a given interface and NAT64 prefix.
*/
public String clatStart(final String iface, final int netId,
@NonNull final IpPrefix nat64Prefix)
throws IOException {
- if (mClatdTracker != null) {
+ if (isStarted()) {
throw new IOException("Clatd is already running on " + mClatdTracker.iface
+ " (pid " + mClatdTracker.pid + ")");
}
@@ -546,8 +647,15 @@
// [3] Open, configure and bring up the tun interface.
// Create the v4-... tun interface.
+
+ // Initialize all required file descriptors with null pointer. This makes the following
+ // error handling easier. Simply always call #maybeCleanUp for closing file descriptors,
+ // if any valid ones, in error handling.
+ ParcelFileDescriptor tunFd = null;
+ ParcelFileDescriptor readSock6 = null;
+ ParcelFileDescriptor writeSock6 = null;
+
final String tunIface = CLAT_PREFIX + iface;
- final ParcelFileDescriptor tunFd;
try {
tunFd = mDeps.adoptFd(mDeps.createTunInterface(tunIface));
} catch (IOException e) {
@@ -556,7 +664,7 @@
final int tunIfIndex = mDeps.getInterfaceIndex(tunIface);
if (tunIfIndex == INVALID_IFINDEX) {
- tunFd.close();
+ maybeCleanUp(tunFd, readSock6, writeSock6);
throw new IOException("Fail to get interface index for interface " + tunIface);
}
@@ -564,24 +672,27 @@
try {
mNetd.interfaceSetEnableIPv6(tunIface, false /* enabled */);
} catch (RemoteException | ServiceSpecificException e) {
- tunFd.close();
Log.e(TAG, "Disable IPv6 on " + tunIface + " failed: " + e);
}
// Detect ipv4 mtu.
final Integer fwmark = getFwmark(netId);
- final int detectedMtu = mDeps.detectMtu(pfx96Str,
+ final int detectedMtu;
+ try {
+ detectedMtu = mDeps.detectMtu(pfx96Str,
ByteBuffer.wrap(GOOGLE_DNS_4.getAddress()).getInt(), fwmark);
+ } catch (IOException e) {
+ maybeCleanUp(tunFd, readSock6, writeSock6);
+ throw new IOException("Detect MTU on " + tunIface + " failed: " + e);
+ }
final int mtu = adjustMtu(detectedMtu);
Log.i(TAG, "ipv4 mtu is " + mtu);
- // TODO: add setIptablesDropRule
-
// Config tun interface mtu, address and bring up.
try {
mNetd.interfaceSetMtu(tunIface, mtu);
} catch (RemoteException | ServiceSpecificException e) {
- tunFd.close();
+ maybeCleanUp(tunFd, readSock6, writeSock6);
throw new IOException("Set MTU " + mtu + " on " + tunIface + " failed: " + e);
}
final InterfaceConfigurationParcel ifConfig = new InterfaceConfigurationParcel();
@@ -593,14 +704,13 @@
try {
mNetd.interfaceSetCfg(ifConfig);
} catch (RemoteException | ServiceSpecificException e) {
- tunFd.close();
+ maybeCleanUp(tunFd, readSock6, writeSock6);
throw new IOException("Setting IPv4 address to " + ifConfig.ipv4Addr + "/"
+ ifConfig.prefixLength + " failed on " + ifConfig.ifName + ": " + e);
}
// [4] Open and configure local 464xlat read/write sockets.
// Opens a packet socket to receive IPv6 packets in clatd.
- final ParcelFileDescriptor readSock6;
try {
// Use a JNI call to get native file descriptor instead of Os.socket() because we would
// like to use ParcelFileDescriptor to manage file descriptor. But ctor
@@ -608,27 +718,23 @@
// descriptor to initialize ParcelFileDescriptor object instead.
readSock6 = mDeps.adoptFd(mDeps.openPacketSocket());
} catch (IOException e) {
- tunFd.close();
+ maybeCleanUp(tunFd, readSock6, writeSock6);
throw new IOException("Open packet socket failed: " + e);
}
// Opens a raw socket with a given fwmark to send IPv6 packets in clatd.
- final ParcelFileDescriptor writeSock6;
try {
// Use a JNI call to get native file descriptor instead of Os.socket(). See above
// reason why we use jniOpenPacketSocket6().
writeSock6 = mDeps.adoptFd(mDeps.openRawSocket6(fwmark));
} catch (IOException e) {
- tunFd.close();
- readSock6.close();
+ maybeCleanUp(tunFd, readSock6, writeSock6);
throw new IOException("Open raw socket failed: " + e);
}
final int ifIndex = mDeps.getInterfaceIndex(iface);
if (ifIndex == INVALID_IFINDEX) {
- tunFd.close();
- readSock6.close();
- writeSock6.close();
+ maybeCleanUp(tunFd, readSock6, writeSock6);
throw new IOException("Fail to get interface index for interface " + iface);
}
@@ -636,20 +742,17 @@
try {
mDeps.addAnycastSetsockopt(writeSock6.getFileDescriptor(), v6Str, ifIndex);
} catch (IOException e) {
- tunFd.close();
- readSock6.close();
- writeSock6.close();
+ maybeCleanUp(tunFd, readSock6, writeSock6);
throw new IOException("add anycast sockopt failed: " + e);
}
// Tag socket as AID_CLAT to avoid duplicated CLAT data usage accounting.
final long cookie;
try {
- cookie = mDeps.tagSocketAsClat(writeSock6.getFileDescriptor());
+ cookie = mDeps.getSocketCookie(writeSock6.getFileDescriptor());
+ tagSocketAsClat(cookie);
} catch (IOException e) {
- tunFd.close();
- readSock6.close();
- writeSock6.close();
+ maybeCleanUp(tunFd, readSock6, writeSock6);
throw new IOException("tag raw socket failed: " + e);
}
@@ -657,9 +760,12 @@
try {
mDeps.configurePacketSocket(readSock6.getFileDescriptor(), v6Str, ifIndex);
} catch (IOException e) {
- tunFd.close();
- readSock6.close();
- writeSock6.close();
+ try {
+ untagSocket(cookie);
+ } catch (IOException e2) {
+ Log.e(TAG, "untagSocket cookie " + cookie + " failed: " + e2);
+ }
+ maybeCleanUp(tunFd, readSock6, writeSock6);
throw new IOException("configure packet socket failed: " + e);
}
@@ -669,13 +775,16 @@
pid = mDeps.startClatd(tunFd.getFileDescriptor(), readSock6.getFileDescriptor(),
writeSock6.getFileDescriptor(), iface, pfx96Str, v4Str, v6Str);
} catch (IOException e) {
- // TODO: probably refactor to handle the exception of #untagSocket if any.
- mDeps.untagSocket(cookie);
+ try {
+ untagSocket(cookie);
+ } catch (IOException e2) {
+ Log.e(TAG, "untagSocket cookie " + cookie + " failed: " + e2);
+ }
throw new IOException("Error start clatd on " + iface + ": " + e);
} finally {
- tunFd.close();
- readSock6.close();
- writeSock6.close();
+ // The file descriptors have been duplicated (dup2) to clatd in native_startClatd().
+ // Close these file descriptor stubs which are unused anymore.
+ maybeCleanUp(tunFd, readSock6, writeSock6);
}
// [6] Initialize and store clatd tracker object.
@@ -728,7 +837,7 @@
* Stop clatd
*/
public void clatStop() throws IOException {
- if (mClatdTracker == null) {
+ if (!isStarted()) {
throw new IOException("Clatd has not started");
}
Log.i(TAG, "Stopping clatd pid=" + mClatdTracker.pid + " on " + mClatdTracker.iface);
@@ -737,7 +846,7 @@
mDeps.stopClatd(mClatdTracker.iface, mClatdTracker.pfx96.getHostAddress(),
mClatdTracker.v4.getHostAddress(), mClatdTracker.v6.getHostAddress(),
mClatdTracker.pid);
- mDeps.untagSocket(mClatdTracker.cookie);
+ untagSocket(mClatdTracker.cookie);
Log.i(TAG, "clatd on " + mClatdTracker.iface + " stopped");
mClatdTracker = null;
@@ -795,14 +904,18 @@
* @param pw print writer.
*/
public void dump(@NonNull IndentingPrintWriter pw) {
- // TODO: dump ClatdTracker
// TODO: move map dump to a global place to avoid duplicate dump while there are two or
// more IPv6 only networks.
- pw.println("Forwarding rules:");
- pw.increaseIndent();
- dumpBpfIngress(pw);
- dumpBpfEgress(pw);
- pw.decreaseIndent();
+ if (isStarted()) {
+ pw.println("CLAT tracker: " + mClatdTracker.toString());
+ pw.println("Forwarding rules:");
+ pw.increaseIndent();
+ dumpBpfIngress(pw);
+ dumpBpfEgress(pw);
+ pw.decreaseIndent();
+ } else {
+ pw.println("<not started>");
+ }
pw.println();
}
@@ -833,6 +946,5 @@
throws IOException;
private static native void native_stopClatd(String iface, String pfx96, String v4, String v6,
int pid) throws IOException;
- private static native long native_tagSocketAsClat(FileDescriptor sock) throws IOException;
- private static native void native_untagSocket(long cookie) throws IOException;
+ private static native long native_getSocketCookie(FileDescriptor sock) throws IOException;
}
diff --git a/service/src/com/android/server/connectivity/DscpPolicyTracker.java b/service/src/com/android/server/connectivity/DscpPolicyTracker.java
index 7829d1a..2bfad10 100644
--- a/service/src/com/android/server/connectivity/DscpPolicyTracker.java
+++ b/service/src/com/android/server/connectivity/DscpPolicyTracker.java
@@ -52,12 +52,12 @@
private static final String TAG = DscpPolicyTracker.class.getSimpleName();
private static final String PROG_PATH =
- "/sys/fs/bpf/net_shared/prog_dscp_policy_schedcls_set_dscp";
+ "/sys/fs/bpf/net_shared/prog_dscpPolicy_schedcls_set_dscp_ether";
// Name is "map + *.o + map_name + map". Can probably shorten this
private static final String IPV4_POLICY_MAP_PATH = makeMapPath(
- "dscp_policy_ipv4_dscp_policies");
+ "dscpPolicy_ipv4_dscp_policies");
private static final String IPV6_POLICY_MAP_PATH = makeMapPath(
- "dscp_policy_ipv6_dscp_policies");
+ "dscpPolicy_ipv6_dscp_policies");
private static final int MAX_POLICIES = 16;
private static String makeMapPath(String which) {
@@ -185,7 +185,7 @@
new DscpPolicyValue(policy.getSourceAddress(),
policy.getDestinationAddress(), ifIndex,
policy.getSourcePort(), policy.getDestinationPortRange(),
- (short) policy.getProtocol(), (short) policy.getDscpValue()));
+ (short) policy.getProtocol(), (byte) policy.getDscpValue()));
}
// Add v6 policy to mBpfDscpIpv6Policies if source and destination address
@@ -196,7 +196,7 @@
new DscpPolicyValue(policy.getSourceAddress(),
policy.getDestinationAddress(), ifIndex,
policy.getSourcePort(), policy.getDestinationPortRange(),
- (short) policy.getProtocol(), (short) policy.getDscpValue()));
+ (short) policy.getProtocol(), (byte) policy.getDscpValue()));
}
ifacePolicies.put(policy.getPolicyId(), addIndex);
@@ -212,8 +212,17 @@
return DSCP_POLICY_STATUS_SUCCESS;
}
+ private boolean isEthernet(String iface) {
+ try {
+ return TcUtils.isEthernet(iface);
+ } catch (IOException e) {
+ Log.e(TAG, "Failed to check ether type", e);
+ }
+ return false;
+ }
+
/**
- * Add the provided DSCP policy to the bpf map. Attach bpf program dscp_policy to iface
+ * Add the provided DSCP policy to the bpf map. Attach bpf program dscpPolicy to iface
* if not already attached. Response will be sent back to nai with status.
*
* DSCP_POLICY_STATUS_SUCCESS - if policy was added successfully
@@ -221,13 +230,17 @@
* DSCP_POLICY_STATUS_REQUEST_DECLINED - Interface index was invalid
*/
public void addDscpPolicy(NetworkAgentInfo nai, DscpPolicy policy) {
- if (!mAttachedIfaces.contains(nai.linkProperties.getInterfaceName())) {
- if (!attachProgram(nai.linkProperties.getInterfaceName())) {
- Log.e(TAG, "Unable to attach program");
- sendStatus(nai, policy.getPolicyId(),
- DSCP_POLICY_STATUS_INSUFFICIENT_PROCESSING_RESOURCES);
- return;
- }
+ String iface = nai.linkProperties.getInterfaceName();
+ if (!isEthernet(iface)) {
+ Log.e(TAG, "DSCP policies are not supported on raw IP interfaces.");
+ sendStatus(nai, policy.getPolicyId(), DSCP_POLICY_STATUS_REQUEST_DECLINED);
+ return;
+ }
+ if (!mAttachedIfaces.contains(iface) && !attachProgram(iface)) {
+ Log.e(TAG, "Unable to attach program");
+ sendStatus(nai, policy.getPolicyId(),
+ DSCP_POLICY_STATUS_INSUFFICIENT_PROCESSING_RESOURCES);
+ return;
}
final int ifIndex = getIfaceIndex(nai);
@@ -314,10 +327,8 @@
private boolean attachProgram(@NonNull String iface) {
try {
NetworkInterface netIface = NetworkInterface.getByName(iface);
- boolean isEth = TcUtils.isEthernet(iface);
- String path = PROG_PATH + (isEth ? "_ether" : "_raw_ip");
TcUtils.tcFilterAddDevBpf(netIface.getIndex(), false, PRIO_DSCP, (short) ETH_P_ALL,
- path);
+ PROG_PATH);
} catch (IOException e) {
Log.e(TAG, "Unable to attach to TC on " + iface + ": " + e);
return false;
diff --git a/service/src/com/android/server/connectivity/DscpPolicyValue.java b/service/src/com/android/server/connectivity/DscpPolicyValue.java
index 6e4e7eb..7b11eda 100644
--- a/service/src/com/android/server/connectivity/DscpPolicyValue.java
+++ b/service/src/com/android/server/connectivity/DscpPolicyValue.java
@@ -37,23 +37,23 @@
@Field(order = 1, type = Type.ByteArray, arraysize = 16)
public final byte[] dst46;
- @Field(order = 2, type = Type.U32)
- public final long ifIndex;
+ @Field(order = 2, type = Type.S32)
+ public final int ifIndex;
@Field(order = 3, type = Type.UBE16)
public final int srcPort;
- @Field(order = 4, type = Type.UBE16)
+ @Field(order = 4, type = Type.U16)
public final int dstPortStart;
- @Field(order = 5, type = Type.UBE16)
+ @Field(order = 5, type = Type.U16)
public final int dstPortEnd;
@Field(order = 6, type = Type.U8)
public final short proto;
- @Field(order = 7, type = Type.U8)
- public final short dscp;
+ @Field(order = 7, type = Type.S8)
+ public final byte dscp;
@Field(order = 8, type = Type.U8, padding = 3)
public final short mask;
@@ -61,8 +61,7 @@
private static final int SRC_IP_MASK = 0x1;
private static final int DST_IP_MASK = 0x02;
private static final int SRC_PORT_MASK = 0x4;
- private static final int DST_PORT_MASK = 0x8;
- private static final int PROTO_MASK = 0x10;
+ private static final int PROTO_MASK = 0x8;
private boolean ipEmpty(final byte[] ip) {
for (int i = 0; i < ip.length; i++) {
@@ -100,7 +99,7 @@
InetAddress.parseNumericAddress("::").getAddress();
private short makeMask(final byte[] src46, final byte[] dst46, final int srcPort,
- final int dstPortStart, final short proto, final short dscp) {
+ final int dstPortStart, final short proto, final byte dscp) {
short mask = 0;
if (src46 != EMPTY_ADDRESS_FIELD) {
mask |= SRC_IP_MASK;
@@ -111,18 +110,15 @@
if (srcPort != -1) {
mask |= SRC_PORT_MASK;
}
- if (dstPortStart != -1 && dstPortEnd != -1) {
- mask |= DST_PORT_MASK;
- }
if (proto != -1) {
mask |= PROTO_MASK;
}
return mask;
}
- private DscpPolicyValue(final InetAddress src46, final InetAddress dst46, final long ifIndex,
+ private DscpPolicyValue(final InetAddress src46, final InetAddress dst46, final int ifIndex,
final int srcPort, final int dstPortStart, final int dstPortEnd, final short proto,
- final short dscp) {
+ final byte dscp) {
this.src46 = toAddressField(src46);
this.dst46 = toAddressField(dst46);
this.ifIndex = ifIndex;
@@ -131,7 +127,7 @@
// If they are -1 BpfMap write will throw errors.
this.srcPort = srcPort != -1 ? srcPort : 0;
this.dstPortStart = dstPortStart != -1 ? dstPortStart : 0;
- this.dstPortEnd = dstPortEnd != -1 ? dstPortEnd : 0;
+ this.dstPortEnd = dstPortEnd != -1 ? dstPortEnd : 65535;
this.proto = proto != -1 ? proto : 0;
this.dscp = dscp;
@@ -140,9 +136,9 @@
this.mask = makeMask(this.src46, this.dst46, srcPort, dstPortStart, proto, dscp);
}
- public DscpPolicyValue(final InetAddress src46, final InetAddress dst46, final long ifIndex,
+ public DscpPolicyValue(final InetAddress src46, final InetAddress dst46, final int ifIndex,
final int srcPort, final Range<Integer> dstPort, final short proto,
- final short dscp) {
+ final byte dscp) {
this(src46, dst46, ifIndex, srcPort, dstPort != null ? dstPort.getLower() : -1,
dstPort != null ? dstPort.getUpper() : -1, proto, dscp);
}
@@ -150,7 +146,7 @@
public static final DscpPolicyValue NONE = new DscpPolicyValue(
null /* src46 */, null /* dst46 */, 0 /* ifIndex */, -1 /* srcPort */,
-1 /* dstPortStart */, -1 /* dstPortEnd */, (short) -1 /* proto */,
- (short) 0 /* dscp */);
+ (byte) -1 /* dscp */);
@Override
public String toString() {
diff --git a/service/src/com/android/server/connectivity/FullScore.java b/service/src/com/android/server/connectivity/FullScore.java
index b13ba93..aec4a71 100644
--- a/service/src/com/android/server/connectivity/FullScore.java
+++ b/service/src/com/android/server/connectivity/FullScore.java
@@ -23,7 +23,6 @@
import static android.net.NetworkScore.KEEP_CONNECTED_NONE;
import static android.net.NetworkScore.POLICY_YIELD_TO_BAD_WIFI;
-import android.annotation.IntDef;
import android.annotation.NonNull;
import android.net.NetworkAgentConfig;
import android.net.NetworkCapabilities;
@@ -35,8 +34,6 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.util.MessageUtils;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
import java.util.StringJoiner;
/**
@@ -49,57 +46,54 @@
public class FullScore {
private static final String TAG = FullScore.class.getSimpleName();
- // This will be removed soon. Do *NOT* depend on it for any new code that is not part of
- // a migration.
- private final int mLegacyInt;
-
- /** @hide */
- @Retention(RetentionPolicy.SOURCE)
- @IntDef(prefix = {"POLICY_"}, value = {
- POLICY_IS_VALIDATED,
- POLICY_IS_VPN,
- POLICY_EVER_USER_SELECTED,
- POLICY_ACCEPT_UNVALIDATED,
- POLICY_IS_UNMETERED
- })
- public @interface Policy {
- }
-
// Agent-managed policies are in NetworkScore. They start from 1.
// CS-managed policies, counting from 63 downward
// This network is validated. CS-managed because the source of truth is in NetworkCapabilities.
/** @hide */
public static final int POLICY_IS_VALIDATED = 63;
+ // This network has been validated at least once since it was connected.
+ /** @hide */
+ public static final int POLICY_EVER_VALIDATED = 62;
+
// This is a VPN and behaves as one for scoring purposes.
/** @hide */
- public static final int POLICY_IS_VPN = 62;
+ public static final int POLICY_IS_VPN = 61;
// This network has been selected by the user manually from settings or a 3rd party app
- // at least once. {@see NetworkAgentConfig#explicitlySelected}.
+ // at least once. @see NetworkAgentConfig#explicitlySelected.
/** @hide */
- public static final int POLICY_EVER_USER_SELECTED = 61;
+ public static final int POLICY_EVER_USER_SELECTED = 60;
// The user has indicated in UI that this network should be used even if it doesn't
- // validate. {@see NetworkAgentConfig#acceptUnvalidated}.
+ // validate. @see NetworkAgentConfig#acceptUnvalidated.
/** @hide */
- public static final int POLICY_ACCEPT_UNVALIDATED = 60;
+ public static final int POLICY_ACCEPT_UNVALIDATED = 59;
- // This network is unmetered. {@see NetworkCapabilities.NET_CAPABILITY_NOT_METERED}.
+ // The user explicitly said in UI to avoid this network when unvalidated.
+ // TODO : remove setAvoidUnvalidated and instead disconnect the network when the user
+ // chooses to move away from this network, and remove this flag.
/** @hide */
- public static final int POLICY_IS_UNMETERED = 59;
+ public static final int POLICY_AVOIDED_WHEN_UNVALIDATED = 58;
+
+ // This network is unmetered. @see NetworkCapabilities.NET_CAPABILITY_NOT_METERED.
+ /** @hide */
+ public static final int POLICY_IS_UNMETERED = 57;
// This network is invincible. This is useful for offers until there is an API to listen
// to requests.
/** @hide */
- public static final int POLICY_IS_INVINCIBLE = 58;
+ public static final int POLICY_IS_INVINCIBLE = 56;
- // This network has been validated at least once since it was connected, but not explicitly
- // avoided in UI.
- // TODO : remove setAvoidUnvalidated and instead disconnect the network when the user
- // chooses to move away from this network, and remove this flag.
- /** @hide */
- public static final int POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD = 57;
+ // This network has undergone initial validation.
+ //
+ // The stack considers that any result finding some working connectivity (valid, partial,
+ // captive portal) is an initial validation. Negative result (not valid), however, is not
+ // considered initial validation until {@link ConnectivityService#PROMPT_UNVALIDATED_DELAY_MS}
+ // have elapsed. This is because some networks may spuriously fail for a short time immediately
+ // after associating. If no positive result is found after the timeout has elapsed, then
+ // the network has been evaluated once.
+ public static final int POLICY_EVER_EVALUATED = 55;
// The network agent has communicated that this network no longer functions, and the underlying
// native network has been destroyed. The network will still be reported to clients as connected
@@ -107,7 +101,7 @@
// This network should lose to an identical network that has not been destroyed, but should
// otherwise be scored exactly the same.
/** @hide */
- public static final int POLICY_IS_DESTROYED = 56;
+ public static final int POLICY_IS_DESTROYED = 54;
// To help iterate when printing
@VisibleForTesting
@@ -146,9 +140,7 @@
private final int mKeepConnectedReason;
- FullScore(final int legacyInt, final long policies,
- @KeepConnectedReason final int keepConnectedReason) {
- mLegacyInt = legacyInt;
+ FullScore(final long policies, @KeepConnectedReason final int keepConnectedReason) {
mPolicies = policies;
mKeepConnectedReason = keepConnectedReason;
}
@@ -160,7 +152,9 @@
* @param caps the NetworkCapabilities of the network
* @param config the NetworkAgentConfig of the network
* @param everValidated whether this network has ever validated
+ * @param avoidUnvalidated whether the user said in UI to avoid this network when unvalidated
* @param yieldToBadWiFi whether this network yields to a previously validated wifi gone bad
+ * @param everEvaluated whether this network ever evaluated at least once
* @param destroyed whether this network has been destroyed pending a replacement connecting
* @return a FullScore that is appropriate to use for ranking.
*/
@@ -169,18 +163,20 @@
// connectivity for backward compatibility.
public static FullScore fromNetworkScore(@NonNull final NetworkScore score,
@NonNull final NetworkCapabilities caps, @NonNull final NetworkAgentConfig config,
- final boolean everValidated, final boolean yieldToBadWiFi, final boolean destroyed) {
- return withPolicies(score.getLegacyInt(), score.getPolicies(),
+ final boolean everValidated, final boolean avoidUnvalidated,
+ final boolean yieldToBadWiFi, final boolean everEvaluated, final boolean destroyed) {
+ return withPolicies(score.getPolicies(),
score.getKeepConnectedReason(),
caps.hasCapability(NET_CAPABILITY_VALIDATED),
- caps.hasTransport(TRANSPORT_VPN),
- caps.hasCapability(NET_CAPABILITY_NOT_METERED),
- everValidated,
+ everValidated, caps.hasTransport(TRANSPORT_VPN),
config.explicitlySelected,
config.acceptUnvalidated,
+ avoidUnvalidated,
+ caps.hasCapability(NET_CAPABILITY_NOT_METERED),
yieldToBadWiFi,
- destroyed,
- false /* invincible */); // only prospective scores can be invincible
+ false /* invincible */, // only prospective scores can be invincible
+ everEvaluated,
+ destroyed);
}
/**
@@ -200,25 +196,31 @@
@NonNull final NetworkCapabilities caps, final boolean yieldToBadWiFi) {
// If the network offers Internet access, it may validate.
final boolean mayValidate = caps.hasCapability(NET_CAPABILITY_INTERNET);
- // VPN transports are known in advance.
- final boolean vpn = caps.hasTransport(TRANSPORT_VPN);
- // Prospective scores are always unmetered, because unmetered networks are stronger
- // than metered networks, and it's not known in advance whether the network is metered.
- final boolean unmetered = true;
// If the offer may validate, then it should be considered to have validated at some point
final boolean everValidated = mayValidate;
+ // VPN transports are known in advance.
+ final boolean vpn = caps.hasTransport(TRANSPORT_VPN);
// The network hasn't been chosen by the user (yet, at least).
final boolean everUserSelected = false;
// Don't assume the user will accept unvalidated connectivity.
final boolean acceptUnvalidated = false;
- // A network can only be destroyed once it has connected.
- final boolean destroyed = false;
+ // A prospective network is never avoided when unvalidated, because the user has never
+ // had the opportunity to say so in UI.
+ final boolean avoidUnvalidated = false;
+ // Prospective scores are always unmetered, because unmetered networks are stronger
+ // than metered networks, and it's not known in advance whether the network is metered.
+ final boolean unmetered = true;
// A prospective score is invincible if the legacy int in the filter is over the maximum
// score.
final boolean invincible = score.getLegacyInt() > NetworkRanker.LEGACY_INT_MAX;
- return withPolicies(score.getLegacyInt(), score.getPolicies(), KEEP_CONNECTED_NONE,
- mayValidate, vpn, unmetered, everValidated, everUserSelected, acceptUnvalidated,
- yieldToBadWiFi, destroyed, invincible);
+ // A prospective network will eventually be evaluated.
+ final boolean everEvaluated = true;
+ // A network can only be destroyed once it has connected.
+ final boolean destroyed = false;
+ return withPolicies(score.getPolicies(), KEEP_CONNECTED_NONE,
+ mayValidate, everValidated, vpn, everUserSelected,
+ acceptUnvalidated, avoidUnvalidated, unmetered, yieldToBadWiFi,
+ invincible, everEvaluated, destroyed);
}
/**
@@ -234,45 +236,51 @@
public FullScore mixInScore(@NonNull final NetworkCapabilities caps,
@NonNull final NetworkAgentConfig config,
final boolean everValidated,
+ final boolean avoidUnvalidated,
final boolean yieldToBadWifi,
+ final boolean everEvaluated,
final boolean destroyed) {
- return withPolicies(mLegacyInt, mPolicies, mKeepConnectedReason,
+ return withPolicies(mPolicies, mKeepConnectedReason,
caps.hasCapability(NET_CAPABILITY_VALIDATED),
- caps.hasTransport(TRANSPORT_VPN),
- caps.hasCapability(NET_CAPABILITY_NOT_METERED),
- everValidated,
+ everValidated, caps.hasTransport(TRANSPORT_VPN),
config.explicitlySelected,
config.acceptUnvalidated,
+ avoidUnvalidated,
+ caps.hasCapability(NET_CAPABILITY_NOT_METERED),
yieldToBadWifi,
- destroyed,
- false /* invincible */); // only prospective scores can be invincible
+ false /* invincible */, // only prospective scores can be invincible
+ everEvaluated,
+ destroyed);
}
// TODO : this shouldn't manage bad wifi avoidance – instead this should be done by the
// telephony factory, so that it depends on the carrier. For now this is handled by
// connectivity for backward compatibility.
- private static FullScore withPolicies(@NonNull final int legacyInt,
- final long externalPolicies,
+ private static FullScore withPolicies(final long externalPolicies,
@KeepConnectedReason final int keepConnectedReason,
final boolean isValidated,
- final boolean isVpn,
- final boolean isUnmetered,
final boolean everValidated,
+ final boolean isVpn,
final boolean everUserSelected,
final boolean acceptUnvalidated,
+ final boolean avoidUnvalidated,
+ final boolean isUnmetered,
final boolean yieldToBadWiFi,
- final boolean destroyed,
- final boolean invincible) {
- return new FullScore(legacyInt, (externalPolicies & EXTERNAL_POLICIES_MASK)
+ final boolean invincible,
+ final boolean everEvaluated,
+ final boolean destroyed) {
+ return new FullScore((externalPolicies & EXTERNAL_POLICIES_MASK)
| (isValidated ? 1L << POLICY_IS_VALIDATED : 0)
+ | (everValidated ? 1L << POLICY_EVER_VALIDATED : 0)
| (isVpn ? 1L << POLICY_IS_VPN : 0)
- | (isUnmetered ? 1L << POLICY_IS_UNMETERED : 0)
- | (everValidated ? 1L << POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD : 0)
| (everUserSelected ? 1L << POLICY_EVER_USER_SELECTED : 0)
| (acceptUnvalidated ? 1L << POLICY_ACCEPT_UNVALIDATED : 0)
+ | (avoidUnvalidated ? 1L << POLICY_AVOIDED_WHEN_UNVALIDATED : 0)
+ | (isUnmetered ? 1L << POLICY_IS_UNMETERED : 0)
| (yieldToBadWiFi ? 1L << POLICY_YIELD_TO_BAD_WIFI : 0)
- | (destroyed ? 1L << POLICY_IS_DESTROYED : 0)
- | (invincible ? 1L << POLICY_IS_INVINCIBLE : 0),
+ | (invincible ? 1L << POLICY_IS_INVINCIBLE : 0)
+ | (everEvaluated ? 1L << POLICY_EVER_EVALUATED : 0)
+ | (destroyed ? 1L << POLICY_IS_DESTROYED : 0),
keepConnectedReason);
}
@@ -280,8 +288,7 @@
* Returns this score but with the specified yield to bad wifi policy.
*/
public FullScore withYieldToBadWiFi(final boolean newYield) {
- return new FullScore(mLegacyInt,
- newYield ? mPolicies | (1L << POLICY_YIELD_TO_BAD_WIFI)
+ return new FullScore(newYield ? mPolicies | (1L << POLICY_YIELD_TO_BAD_WIFI)
: mPolicies & ~(1L << POLICY_YIELD_TO_BAD_WIFI),
mKeepConnectedReason);
}
@@ -290,49 +297,7 @@
* Returns this score but validated.
*/
public FullScore asValidated() {
- return new FullScore(mLegacyInt, mPolicies | (1L << POLICY_IS_VALIDATED),
- mKeepConnectedReason);
- }
-
- /**
- * For backward compatibility, get the legacy int.
- * This will be removed before S is published.
- */
- public int getLegacyInt() {
- return getLegacyInt(false /* pretendValidated */);
- }
-
- public int getLegacyIntAsValidated() {
- return getLegacyInt(true /* pretendValidated */);
- }
-
- // TODO : remove these two constants
- // Penalty applied to scores of Networks that have not been validated.
- private static final int UNVALIDATED_SCORE_PENALTY = 40;
-
- // Score for a network that can be used unvalidated
- private static final int ACCEPT_UNVALIDATED_NETWORK_SCORE = 100;
-
- private int getLegacyInt(boolean pretendValidated) {
- // If the user has chosen this network at least once, give it the maximum score when
- // checking to pretend it's validated, or if it doesn't need to validate because the
- // user said to use it even if it doesn't validate.
- // This ensures that networks that have been selected in UI are not torn down before the
- // user gets a chance to prefer it when a higher-scoring network (e.g., Ethernet) is
- // available.
- if (hasPolicy(POLICY_EVER_USER_SELECTED)
- && (hasPolicy(POLICY_ACCEPT_UNVALIDATED) || pretendValidated)) {
- return ACCEPT_UNVALIDATED_NETWORK_SCORE;
- }
-
- int score = mLegacyInt;
- // Except for VPNs, networks are subject to a penalty for not being validated.
- // Apply the penalty unless the network is a VPN, or it's validated or pretending to be.
- if (!hasPolicy(POLICY_IS_VALIDATED) && !pretendValidated && !hasPolicy(POLICY_IS_VPN)) {
- score -= UNVALIDATED_SCORE_PENALTY;
- }
- if (score < 0) score = 0;
- return score;
+ return new FullScore(mPolicies | (1L << POLICY_IS_VALIDATED), mKeepConnectedReason);
}
/**
@@ -350,15 +315,32 @@
return mKeepConnectedReason;
}
+ @Override
+ public boolean equals(final Object o) {
+ if (this == o) return true;
+ if (o == null || getClass() != o.getClass()) return false;
+
+ final FullScore fullScore = (FullScore) o;
+
+ if (mPolicies != fullScore.mPolicies) return false;
+ return mKeepConnectedReason == fullScore.mKeepConnectedReason;
+ }
+
+ @Override
+ public int hashCode() {
+ return 2 * ((int) mPolicies)
+ + 3 * (int) (mPolicies >>> 32)
+ + 5 * mKeepConnectedReason;
+ }
+
// Example output :
- // Score(50 ; Policies : EVER_USER_SELECTED&IS_VALIDATED)
+ // Score(Policies : EVER_USER_SELECTED&IS_VALIDATED ; KeepConnected : )
@Override
public String toString() {
final StringJoiner sj = new StringJoiner(
"&", // delimiter
- "Score(" + mLegacyInt + " ; KeepConnected : " + mKeepConnectedReason
- + " ; Policies : ", // prefix
- ")"); // suffix
+ "Score(Policies : ", // prefix
+ " ; KeepConnected : " + mKeepConnectedReason + ")"); // suffix
for (int i = NetworkScore.MIN_AGENT_MANAGED_POLICY;
i <= NetworkScore.MAX_AGENT_MANAGED_POLICY; ++i) {
if (hasPolicy(i)) sj.add(policyNameOf(i));
diff --git a/service/src/com/android/server/connectivity/LingerMonitor.java b/service/src/com/android/server/connectivity/LingerMonitor.java
index 032612c..df34ce7 100644
--- a/service/src/com/android/server/connectivity/LingerMonitor.java
+++ b/service/src/com/android/server/connectivity/LingerMonitor.java
@@ -229,8 +229,8 @@
@Nullable final NetworkAgentInfo toNai) {
if (VDBG) {
Log.d(TAG, "noteLingerDefaultNetwork from=" + fromNai.toShortString()
- + " everValidated=" + fromNai.everValidated
- + " lastValidated=" + fromNai.lastValidated
+ + " firstValidated=" + fromNai.getFirstValidationTime()
+ + " lastValidated=" + fromNai.getCurrentValidationTime()
+ " to=" + toNai.toShortString());
}
@@ -253,7 +253,7 @@
// 1. User connects to wireless printer.
// 2. User turns on cellular data.
// 3. We show a notification.
- if (!fromNai.everValidated) return;
+ if (!fromNai.everValidated()) return;
// If this network is a captive portal, don't notify. This cannot happen on initial connect
// to a captive portal, because the everValidated check above will fail. However, it can
@@ -286,7 +286,7 @@
// because its score changed.
// TODO: instead of just skipping notification, keep a note of it, and show it if it becomes
// unvalidated.
- if (fromNai.lastValidated) return;
+ if (fromNai.isValidated()) return;
if (!isNotificationEnabled(fromNai, toNai)) return;
diff --git a/service/src/com/android/server/connectivity/MultinetworkPolicyTracker.java b/service/src/com/android/server/connectivity/MultinetworkPolicyTracker.java
new file mode 100644
index 0000000..58196f7
--- /dev/null
+++ b/service/src/com/android/server/connectivity/MultinetworkPolicyTracker.java
@@ -0,0 +1,387 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.connectivity;
+
+import static android.net.ConnectivitySettingsManager.NETWORK_AVOID_BAD_WIFI;
+import static android.net.ConnectivitySettingsManager.NETWORK_METERED_MULTIPATH_PREFERENCE;
+
+import android.annotation.NonNull;
+import android.annotation.TargetApi;
+import android.content.BroadcastReceiver;
+import android.content.ContentResolver;
+import android.content.Context;
+import android.content.Intent;
+import android.content.IntentFilter;
+import android.content.res.Resources;
+import android.database.ContentObserver;
+import android.net.ConnectivityResources;
+import android.net.Uri;
+import android.os.Build;
+import android.os.Handler;
+import android.provider.DeviceConfig;
+import android.provider.Settings;
+import android.telephony.SubscriptionManager;
+import android.telephony.TelephonyCallback;
+import android.telephony.TelephonyManager;
+import android.util.Log;
+
+import com.android.connectivity.resources.R;
+import com.android.internal.annotations.VisibleForTesting;
+import com.android.modules.utils.build.SdkLevel;
+import com.android.net.module.util.DeviceConfigUtils;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.concurrent.Executor;
+import java.util.concurrent.RejectedExecutionException;
+
+/**
+ * A class to encapsulate management of the "Smart Networking" capability of
+ * avoiding bad Wi-Fi when, for example upstream connectivity is lost or
+ * certain critical link failures occur.
+ *
+ * This enables the device to switch to another form of connectivity, like
+ * mobile, if it's available and working.
+ *
+ * The Runnable |avoidBadWifiCallback|, if given, is posted to the supplied
+ * Handler' whenever the computed "avoid bad wifi" value changes.
+ *
+ * Disabling this reverts the device to a level of networking sophistication
+ * circa 2012-13 by disabling disparate code paths each of which contribute to
+ * maintaining continuous, working Internet connectivity.
+ *
+ * @hide
+ */
+public class MultinetworkPolicyTracker {
+ private static String TAG = MultinetworkPolicyTracker.class.getSimpleName();
+
+ // See Dependencies#getConfigActivelyPreferBadWifi
+ public static final String CONFIG_ACTIVELY_PREFER_BAD_WIFI = "actively_prefer_bad_wifi";
+
+ private final Context mContext;
+ private final ConnectivityResources mResources;
+ private final Handler mHandler;
+ private final Runnable mAvoidBadWifiCallback;
+ private final List<Uri> mSettingsUris;
+ private final ContentResolver mResolver;
+ private final SettingObserver mSettingObserver;
+ private final BroadcastReceiver mBroadcastReceiver;
+
+ private volatile boolean mAvoidBadWifi = true;
+ private volatile int mMeteredMultipathPreference;
+ private int mActiveSubId = SubscriptionManager.INVALID_SUBSCRIPTION_ID;
+ private volatile long mTestAllowBadWifiUntilMs = 0;
+
+ /**
+ * Dependencies for testing
+ */
+ @VisibleForTesting
+ public static class Dependencies {
+ /**
+ * @see DeviceConfigUtils#getDeviceConfigPropertyInt
+ */
+ protected int getConfigActivelyPreferBadWifi() {
+ // CONFIG_ACTIVELY_PREFER_BAD_WIFI is not a feature to be rolled out, but an override
+ // for tests and an emergency kill switch (which could force the behavior on OR off).
+ // As such it uses a -1/null/1 scheme, but features should use
+ // DeviceConfigUtils#isFeatureEnabled instead, to make sure rollbacks disable the
+ // feature before it's ready on R and before.
+ return DeviceConfig.getInt(DeviceConfig.NAMESPACE_CONNECTIVITY,
+ CONFIG_ACTIVELY_PREFER_BAD_WIFI, 0);
+ }
+
+ /**
+ @see DeviceConfig#addOnPropertiesChangedListener
+ */
+ protected void addOnDevicePropertiesChangedListener(@NonNull final Executor executor,
+ @NonNull final DeviceConfig.OnPropertiesChangedListener listener) {
+ DeviceConfig.addOnPropertiesChangedListener(DeviceConfig.NAMESPACE_CONNECTIVITY,
+ executor, listener);
+ }
+
+ @VisibleForTesting
+ @NonNull
+ protected Resources getResourcesForActiveSubId(
+ @NonNull final ConnectivityResources resources, final int activeSubId) {
+ return SubscriptionManager.getResourcesForSubId(
+ resources.getResourcesContext(), activeSubId);
+ }
+ }
+ private final Dependencies mDeps;
+
+ /**
+ * Whether to prefer bad wifi to a network that yields to bad wifis, even if it never validated
+ *
+ * This setting only makes sense if the system is configured not to avoid bad wifis, i.e.
+ * if mAvoidBadWifi is true. If it's not, then no network ever yields to bad wifis
+ * ({@see FullScore#POLICY_YIELD_TO_BAD_WIFI}) and this setting has therefore no effect.
+ *
+ * If this is false, when ranking a bad wifi that never validated against cell data (or any
+ * network that yields to bad wifis), the ranker will prefer cell data. It will prefer wifi
+ * if wifi loses validation later. This behavior avoids the device losing internet access when
+ * walking past a wifi network with no internet access.
+ * This is the default behavior up to Android T, but it can be overridden through an overlay
+ * to behave like below.
+ *
+ * If this is true, then in the same scenario, the ranker will prefer cell data until
+ * the wifi completes its first validation attempt (or the attempt times out after
+ * ConnectivityService#PROMPT_UNVALIDATED_DELAY_MS), then it will prefer the wifi even if it
+ * doesn't provide internet access, unless there is a captive portal on that wifi.
+ * This is the behavior in U and above.
+ */
+ private boolean mActivelyPreferBadWifi;
+
+ // Mainline module can't use internal HandlerExecutor, so add an identical executor here.
+ private static class HandlerExecutor implements Executor {
+ @NonNull
+ private final Handler mHandler;
+
+ HandlerExecutor(@NonNull Handler handler) {
+ mHandler = handler;
+ }
+ @Override
+ public void execute(Runnable command) {
+ if (!mHandler.post(command)) {
+ throw new RejectedExecutionException(mHandler + " is shutting down");
+ }
+ }
+ }
+ // TODO: Set the mini sdk to 31 and remove @TargetApi annotation when b/205923322 is addressed.
+ @VisibleForTesting @TargetApi(Build.VERSION_CODES.S)
+ protected class ActiveDataSubscriptionIdListener extends TelephonyCallback
+ implements TelephonyCallback.ActiveDataSubscriptionIdListener {
+ @Override
+ public void onActiveDataSubscriptionIdChanged(int subId) {
+ mActiveSubId = subId;
+ reevaluateInternal();
+ }
+ }
+
+ public MultinetworkPolicyTracker(Context ctx, Handler handler, Runnable avoidBadWifiCallback) {
+ this(ctx, handler, avoidBadWifiCallback, new Dependencies());
+ }
+
+ public MultinetworkPolicyTracker(Context ctx, Handler handler, Runnable avoidBadWifiCallback,
+ Dependencies deps) {
+ mContext = ctx;
+ mResources = new ConnectivityResources(ctx);
+ mHandler = handler;
+ mAvoidBadWifiCallback = avoidBadWifiCallback;
+ mDeps = deps;
+ mSettingsUris = Arrays.asList(
+ Settings.Global.getUriFor(NETWORK_AVOID_BAD_WIFI),
+ Settings.Global.getUriFor(NETWORK_METERED_MULTIPATH_PREFERENCE));
+ mResolver = mContext.getContentResolver();
+ mSettingObserver = new SettingObserver();
+ mBroadcastReceiver = new BroadcastReceiver() {
+ @Override
+ public void onReceive(Context context, Intent intent) {
+ reevaluateInternal();
+ }
+ };
+
+ updateAvoidBadWifi();
+ updateMeteredMultipathPreference();
+ }
+
+ // TODO: Set the mini sdk to 31 and remove @TargetApi annotation when b/205923322 is addressed.
+ @TargetApi(Build.VERSION_CODES.S)
+ public void start() {
+ for (Uri uri : mSettingsUris) {
+ mResolver.registerContentObserver(uri, false, mSettingObserver);
+ }
+
+ final IntentFilter intentFilter = new IntentFilter();
+ intentFilter.addAction(Intent.ACTION_CONFIGURATION_CHANGED);
+ mContext.registerReceiverForAllUsers(mBroadcastReceiver, intentFilter,
+ null /* broadcastPermission */, mHandler);
+
+ final Executor handlerExecutor = new HandlerExecutor(mHandler);
+ mContext.getSystemService(TelephonyManager.class).registerTelephonyCallback(
+ handlerExecutor, new ActiveDataSubscriptionIdListener());
+ mDeps.addOnDevicePropertiesChangedListener(handlerExecutor,
+ properties -> reevaluateInternal());
+
+ reevaluate();
+ }
+
+ public void shutdown() {
+ mResolver.unregisterContentObserver(mSettingObserver);
+
+ mContext.unregisterReceiver(mBroadcastReceiver);
+ }
+
+ public boolean getAvoidBadWifi() {
+ return mAvoidBadWifi;
+ }
+
+ public boolean getActivelyPreferBadWifi() {
+ return mActivelyPreferBadWifi;
+ }
+
+ // TODO: move this to MultipathPolicyTracker.
+ public int getMeteredMultipathPreference() {
+ return mMeteredMultipathPreference;
+ }
+
+ /**
+ * Whether the device or carrier configuration disables avoiding bad wifi by default.
+ */
+ public boolean configRestrictsAvoidBadWifi() {
+ final boolean allowBadWifi = mTestAllowBadWifiUntilMs > 0
+ && mTestAllowBadWifiUntilMs > System.currentTimeMillis();
+ // If the config returns true, then avoid bad wifi design can be controlled by the
+ // NETWORK_AVOID_BAD_WIFI setting.
+ if (allowBadWifi) return true;
+
+ return mDeps.getResourcesForActiveSubId(mResources, mActiveSubId)
+ .getInteger(R.integer.config_networkAvoidBadWifi) == 0;
+ }
+
+ /**
+ * Whether the device config prefers bad wifi actively, when it doesn't avoid them
+ *
+ * This is only relevant when the device is configured not to avoid bad wifis. In this
+ * case, "actively" preferring a bad wifi means that the device will switch to a bad
+ * wifi it just connected to, as long as it's not a captive portal.
+ *
+ * On U and above this always returns true. On T and below it reads a configuration option.
+ */
+ public boolean configActivelyPrefersBadWifi() {
+ // See the definition of config_activelyPreferBadWifi for a description of its meaning.
+ // On U and above, the config is ignored, and bad wifi is always actively preferred.
+ if (SdkLevel.isAtLeastU()) return true;
+
+ // On T and below, 1 means to actively prefer bad wifi, 0 means not to prefer
+ // bad wifi (only stay stuck on it if already on there). This implementation treats
+ // any non-0 value like 1, on the assumption that anybody setting it non-zero wants
+ // the newer behavior.
+ return 0 != mDeps.getResourcesForActiveSubId(mResources, mActiveSubId)
+ .getInteger(R.integer.config_activelyPreferBadWifi);
+ }
+
+ /**
+ * Temporarily allow bad wifi to override {@code config_networkAvoidBadWifi} configuration.
+ * The value works when the time set is more than {@link System.currentTimeMillis()}.
+ */
+ public void setTestAllowBadWifiUntil(long timeMs) {
+ Log.d(TAG, "setTestAllowBadWifiUntil: " + timeMs);
+ mTestAllowBadWifiUntilMs = timeMs;
+ reevaluateInternal();
+ }
+
+ /**
+ * Whether we should display a notification when wifi becomes unvalidated.
+ */
+ public boolean shouldNotifyWifiUnvalidated() {
+ return configRestrictsAvoidBadWifi() && getAvoidBadWifiSetting() == null;
+ }
+
+ public String getAvoidBadWifiSetting() {
+ return Settings.Global.getString(mResolver, NETWORK_AVOID_BAD_WIFI);
+ }
+
+ /**
+ * Returns whether device config says the device should actively prefer bad wifi.
+ *
+ * {@see #configActivelyPrefersBadWifi} for a description of what this does. This device
+ * config overrides that config overlay.
+ *
+ * @return True on Android U and above.
+ * True if device config says to actively prefer bad wifi.
+ * False if device config says not to actively prefer bad wifi.
+ * null if device config doesn't have an opinion (then fall back on the resource).
+ */
+ public Boolean deviceConfigActivelyPreferBadWifi() {
+ if (SdkLevel.isAtLeastU()) return true;
+ switch (mDeps.getConfigActivelyPreferBadWifi()) {
+ case 1:
+ return Boolean.TRUE;
+ case -1:
+ return Boolean.FALSE;
+ default:
+ return null;
+ }
+ }
+
+ @VisibleForTesting
+ public void reevaluate() {
+ mHandler.post(this::reevaluateInternal);
+ }
+
+ /**
+ * Reevaluate the settings. Must be called on the handler thread.
+ */
+ private void reevaluateInternal() {
+ if (updateAvoidBadWifi() && mAvoidBadWifiCallback != null) {
+ mAvoidBadWifiCallback.run();
+ }
+ updateMeteredMultipathPreference();
+ }
+
+ public boolean updateAvoidBadWifi() {
+ final boolean settingAvoidBadWifi = "1".equals(getAvoidBadWifiSetting());
+ final boolean prevAvoid = mAvoidBadWifi;
+ mAvoidBadWifi = settingAvoidBadWifi || !configRestrictsAvoidBadWifi();
+
+ final boolean prevActive = mActivelyPreferBadWifi;
+ final Boolean deviceConfigPreferBadWifi = deviceConfigActivelyPreferBadWifi();
+ if (null == deviceConfigPreferBadWifi) {
+ mActivelyPreferBadWifi = configActivelyPrefersBadWifi();
+ } else {
+ mActivelyPreferBadWifi = deviceConfigPreferBadWifi;
+ }
+
+ return mAvoidBadWifi != prevAvoid || mActivelyPreferBadWifi != prevActive;
+ }
+
+ /**
+ * The default (device and carrier-dependent) value for metered multipath preference.
+ */
+ public int configMeteredMultipathPreference() {
+ return mDeps.getResourcesForActiveSubId(mResources, mActiveSubId)
+ .getInteger(R.integer.config_networkMeteredMultipathPreference);
+ }
+
+ public void updateMeteredMultipathPreference() {
+ String setting = Settings.Global.getString(mResolver, NETWORK_METERED_MULTIPATH_PREFERENCE);
+ try {
+ mMeteredMultipathPreference = Integer.parseInt(setting);
+ } catch (NumberFormatException e) {
+ mMeteredMultipathPreference = configMeteredMultipathPreference();
+ }
+ }
+
+ private class SettingObserver extends ContentObserver {
+ public SettingObserver() {
+ super(null);
+ }
+
+ @Override
+ public void onChange(boolean selfChange) {
+ Log.wtf(TAG, "Should never be reached.");
+ }
+
+ @Override
+ public void onChange(boolean selfChange, Uri uri) {
+ if (!mSettingsUris.contains(uri)) {
+ Log.wtf(TAG, "Unexpected settings observation: " + uri);
+ }
+ reevaluate();
+ }
+ }
+}
diff --git a/service/src/com/android/server/connectivity/Nat464Xlat.java b/service/src/com/android/server/connectivity/Nat464Xlat.java
index e8fc06d..4e19781 100644
--- a/service/src/com/android/server/connectivity/Nat464Xlat.java
+++ b/service/src/com/android/server/connectivity/Nat464Xlat.java
@@ -17,6 +17,7 @@
package com.android.server.connectivity;
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
+import static android.net.NetworkCapabilities.TRANSPORT_TEST;
import static com.android.net.module.util.CollectionUtils.contains;
@@ -127,6 +128,11 @@
final boolean supported = contains(NETWORK_TYPES, nai.networkInfo.getType());
final boolean connected = contains(NETWORK_STATES, nai.networkInfo.getState());
+ // Allow to run clat on test network.
+ // TODO: merge to boolean "supported" once boolean "supported" is migrated to
+ // NetworkCapabilities.TRANSPORT_*.
+ final boolean isTestNetwork = nai.networkCapabilities.hasTransport(TRANSPORT_TEST);
+
// Only run clat on networks that have a global IPv6 address and don't have a native IPv4
// address.
LinkProperties lp = nai.linkProperties;
@@ -137,8 +143,8 @@
final boolean skip464xlat = (nai.netAgentConfig() != null)
&& nai.netAgentConfig().skip464xlat;
- return supported && connected && isIpv6OnlyNetwork && !skip464xlat && !nai.destroyed
- && (nai.networkCapabilities.hasTransport(TRANSPORT_CELLULAR)
+ return (supported || isTestNetwork) && connected && isIpv6OnlyNetwork && !skip464xlat
+ && !nai.isDestroyed() && (nai.networkCapabilities.hasTransport(TRANSPORT_CELLULAR)
? isCellular464XlatEnabled() : true);
}
@@ -534,13 +540,16 @@
*/
public void dump(IndentingPrintWriter pw) {
if (SdkLevel.isAtLeastT()) {
+ // Dump ClatCoordinator information while clatd has been started but not running. The
+ // reason is that it helps to have more information if clatd is started but the
+ // v4-* interface doesn't bring up. See #isStarted, #isRunning.
if (isStarted()) {
pw.println("ClatCoordinator:");
pw.increaseIndent();
mClatCoordinator.dump(pw);
pw.decreaseIndent();
} else {
- pw.println("<not start>");
+ pw.println("<not started>");
}
}
}
diff --git a/service/src/com/android/server/connectivity/NetworkAgentInfo.java b/service/src/com/android/server/connectivity/NetworkAgentInfo.java
index b40b6e0..2e92d43 100644
--- a/service/src/com/android/server/connectivity/NetworkAgentInfo.java
+++ b/service/src/com/android/server/connectivity/NetworkAgentInfo.java
@@ -26,6 +26,7 @@
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.content.Context;
+import android.content.pm.PackageManager;
import android.net.CaptivePortalData;
import android.net.DscpPolicy;
import android.net.IDnsResolver;
@@ -60,12 +61,14 @@
import android.util.Pair;
import android.util.SparseArray;
+import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.util.IndentingPrintWriter;
import com.android.internal.util.WakeupMessage;
import com.android.modules.utils.build.SdkLevel;
import com.android.server.ConnectivityService;
import java.io.PrintWriter;
+import java.time.Instant;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
@@ -104,7 +107,7 @@
// for example:
// a. a captive portal is present, or
// b. a WiFi router whose Internet backhaul is down, or
-// c. a wireless connection stops transfering packets temporarily (e.g. device is in elevator
+// c. a wireless connection stops transferring packets temporarily (e.g. device is in elevator
// or tunnel) but does not disconnect from the AP/cell tower, or
// d. a stand-alone device offering a WiFi AP without an uplink for configuration purposes.
// 5. registered, created, connected, validated
@@ -157,7 +160,7 @@
// the network is no longer considered "lingering". After the linger timer expires, if the network
// is satisfying one or more background NetworkRequests it is kept up in the background. If it is
// not, ConnectivityService disconnects the NetworkAgent's AsyncChannel.
-public class NetworkAgentInfo implements Comparable<NetworkAgentInfo>, NetworkRanker.Scoreable {
+public class NetworkAgentInfo implements NetworkRanker.Scoreable {
@NonNull public NetworkInfo networkInfo;
// This Network object should always be used if possible, so as to encourage reuse of the
@@ -181,45 +184,227 @@
// The capabilities originally announced by the NetworkAgent, regardless of any capabilities
// that were added or removed due to this network's underlying networks.
- // Only set if #propagateUnderlyingCapabilities is true.
- public @Nullable NetworkCapabilities declaredCapabilities;
+ //
+ // As the name implies, these capabilities are not sanitized and are not to
+ // be trusted. Most callers should simply use the {@link networkCapabilities}
+ // field instead.
+ private @Nullable NetworkCapabilities mDeclaredCapabilitiesUnsanitized;
- // Indicates if netd has been told to create this Network. From this point on the appropriate
- // routing rules are setup and routes are added so packets can begin flowing over the Network.
- // This is a sticky bit; once set it is never cleared.
- public boolean created;
- // Set to true after the first time this network is marked as CONNECTED. Once set, the network
- // shows up in API calls, is able to satisfy NetworkRequests and can become the default network.
- // This is a sticky bit; once set it is never cleared.
- public boolean everConnected;
- // Whether this network has been destroyed and is being kept temporarily until it is replaced.
- public boolean destroyed;
- // To check how long it has been since last roam.
- public long lastRoamTimestamp;
+ // Timestamp (SystemClock.elapsedRealtime()) when netd has been told to create this Network, or
+ // 0 if it hasn't been done yet.
+ // From this point on, the appropriate routing rules are setup and routes are added so packets
+ // can begin flowing over the Network.
+ // This is a sticky value; once set != 0 it is never changed.
+ private long mCreatedTime;
- // Set to true if this Network successfully passed validation or if it did not satisfy the
- // default NetworkRequest in which case validation will not be attempted.
- // This is a sticky bit; once set it is never cleared even if future validation attempts fail.
- public boolean everValidated;
+ /** Notify this NAI that netd was just told to create this network */
+ public void setCreated() {
+ if (0L != mCreatedTime) throw new IllegalStateException("Already created");
+ mCreatedTime = SystemClock.elapsedRealtime();
+ }
- // The result of the last validation attempt on this network (true if validated, false if not).
- public boolean lastValidated;
+ /** Returns whether netd was told to create this network */
+ public boolean isCreated() {
+ return mCreatedTime != 0L;
+ }
- // If true, becoming unvalidated will lower the network's score. This is only meaningful if the
- // system is configured not to do this for certain networks, e.g., if the
- // config_networkAvoidBadWifi option is set to 0 and the user has not overridden that via
- // Settings.Global.NETWORK_AVOID_BAD_WIFI.
- public boolean avoidUnvalidated;
+ // Get the time (SystemClock.elapsedRealTime) when this network was created (or 0 if never).
+ public long getCreatedTime() {
+ return mCreatedTime;
+ }
- // Whether a captive portal was ever detected on this network.
- // This is a sticky bit; once set it is never cleared.
- public boolean everCaptivePortalDetected;
+ // Timestamp of the first time (SystemClock.elapsedRealtime()) this network is marked as
+ // connected, or 0 if this network has never been marked connected. Once set to non-zero, the
+ // network shows up in API calls, is able to satisfy NetworkRequests and can become the default
+ // network.
+ // This is a sticky value; once set != 0 it is never changed.
+ private long mConnectedTime;
- // Whether a captive portal was found during the last network validation attempt.
- public boolean lastCaptivePortalDetected;
+ /** Notify this NAI that this network just connected */
+ public void setConnected() {
+ if (0L != mConnectedTime) throw new IllegalStateException("Already connected");
+ mConnectedTime = SystemClock.elapsedRealtime();
+ }
- // Set to true when partial connectivity was detected.
- public boolean partialConnectivity;
+ /** Return whether this network ever connected */
+ public boolean everConnected() {
+ return mConnectedTime != 0L;
+ }
+
+ // Get the time (SystemClock.elapsedRealTime()) when this network was first connected, or 0 if
+ // never.
+ public long getConnectedTime() {
+ return mConnectedTime;
+ }
+
+ // When this network has been destroyed and is being kept temporarily until it is replaced,
+ // this is set to that timestamp (SystemClock.elapsedRealtime()). Zero otherwise.
+ private long mDestroyedTime;
+
+ /** Notify this NAI that this network was destroyed */
+ public void setDestroyed() {
+ if (0L != mDestroyedTime) throw new IllegalStateException("Already destroyed");
+ mDestroyedTime = SystemClock.elapsedRealtime();
+ }
+
+ /** Return whether this network was destroyed */
+ public boolean isDestroyed() {
+ return 0L != mDestroyedTime;
+ }
+
+ // Timestamp of the last roaming (SystemClock.elapsedRealtime()) or 0 if never roamed.
+ public long lastRoamTime;
+
+ // Timestamp (SystemClock.elapsedRealtime()) of the first time this network successfully
+ // passed validation or was deemed exempt of validation (see
+ // {@link NetworkMonitorUtils#isValidationRequired}). Zero if the network requires
+ // validation but never passed it successfully.
+ // This is a sticky value; once set it is never changed even if further validation attempts are
+ // made (whether they succeed or fail).
+ private long mFirstValidationTime;
+
+ // Timestamp (SystemClock.elapsedRealtime()) at which the latest validation attempt succeeded,
+ // or 0 if the latest validation attempt failed.
+ private long mCurrentValidationTime;
+
+ /** Notify this NAI that this network just finished a validation check */
+ public void setValidated(final boolean validated) {
+ final long nowOrZero = validated ? SystemClock.elapsedRealtime() : 0L;
+ if (validated && 0L == mFirstValidationTime) {
+ mFirstValidationTime = nowOrZero;
+ }
+ mCurrentValidationTime = nowOrZero;
+ }
+
+ /**
+ * Returns whether this network is currently validated.
+ *
+ * This is the result of the latest validation check. {@see #getCurrentValidationTime} for
+ * when that check was performed.
+ */
+ public boolean isValidated() {
+ return 0L != mCurrentValidationTime;
+ }
+
+ /**
+ * Returns whether this network ever passed the validation checks successfully.
+ *
+ * Note that the network may no longer be validated at this time ever if this is true.
+ * @see #isValidated
+ */
+ public boolean everValidated() {
+ return 0L != mFirstValidationTime;
+ }
+
+ // Get the time (SystemClock.elapsedRealTime()) when this network was most recently validated,
+ // or 0 if this network was found not to validate on the last attempt.
+ public long getCurrentValidationTime() {
+ return mCurrentValidationTime;
+ }
+
+ // Get the time (SystemClock.elapsedRealTime()) when this network was validated for the first
+ // time (or 0 if never).
+ public long getFirstValidationTime() {
+ return mFirstValidationTime;
+ }
+
+ // Timestamp (SystemClock.elapsedRealtime()) at which the user requested this network be
+ // avoided when unvalidated. Zero if this never happened for this network.
+ // This is only meaningful if the system is configured to have some cell networks yield
+ // to bad wifi, e.g., if the config_networkAvoidBadWifi option is set to 0 and the user has
+ // not overridden that via Settings.Global.NETWORK_AVOID_BAD_WIFI.
+ //
+ // Normally the system always prefers a validated network to a non-validated one, even if
+ // the non-validated one is cheaper. However, some cell networks may be configured by the
+ // setting above to yield to WiFi even if that WiFi network goes bad. When this configuration
+ // is active, specific networks can be marked to override this configuration so that the
+ // system will revert to preferring such a cell to this network when this network goes bad. This
+ // is achieved by calling {@link ConnectivityManager#setAvoidUnvalidated()}, and this field
+ // is set to non-zero when this happened to this network.
+ private long mAvoidUnvalidated;
+
+ /** Set this network as being avoided when unvalidated. {@see mAvoidUnvalidated} */
+ public void setAvoidUnvalidated() {
+ if (0L != mAvoidUnvalidated) throw new IllegalStateException("Already avoided unvalidated");
+ mAvoidUnvalidated = SystemClock.elapsedRealtime();
+ }
+
+ // Get the time (SystemClock.elapsedRealTime()) when this network was set to being avoided
+ // when unvalidated, or 0 if this never happened.
+ public long getAvoidUnvalidated() {
+ return mAvoidUnvalidated;
+ }
+
+ // Timestamp (SystemClock.elapsedRealtime()) at which a captive portal was first detected
+ // on this network, or zero if this never happened.
+ // This is a sticky value; once set != 0 it is never changed.
+ private long mFirstCaptivePortalDetectedTime;
+
+ // Timestamp (SystemClock.elapsedRealtime()) at which the latest validation attempt found a
+ // captive portal, or zero if the latest attempt didn't find a captive portal.
+ private long mCurrentCaptivePortalDetectedTime;
+
+ /** Notify this NAI that a captive portal has just been detected on this network */
+ public void setCaptivePortalDetected(final boolean hasCaptivePortal) {
+ if (!hasCaptivePortal) {
+ mCurrentCaptivePortalDetectedTime = 0L;
+ return;
+ }
+ final long now = SystemClock.elapsedRealtime();
+ if (0L == mFirstCaptivePortalDetectedTime) mFirstCaptivePortalDetectedTime = now;
+ mCurrentCaptivePortalDetectedTime = now;
+ }
+
+ /** Return whether a captive portal has ever been detected on this network */
+ public boolean everCaptivePortalDetected() {
+ return 0L != mFirstCaptivePortalDetectedTime;
+ }
+
+ /** Return whether this network has been detected to be behind a captive portal at the moment */
+ public boolean captivePortalDetected() {
+ return 0L != mCurrentCaptivePortalDetectedTime;
+ }
+
+ // Timestamp (SystemClock.elapsedRealtime()) at which the latest validation attempt found
+ // partial connectivity, or zero if the latest attempt didn't find partial connectivity.
+ private long mPartialConnectivityTime;
+
+ public void setPartialConnectivity(final boolean value) {
+ mPartialConnectivityTime = value ? SystemClock.elapsedRealtime() : 0L;
+ }
+
+ /** Return whether this NAI has partial connectivity */
+ public boolean partialConnectivity() {
+ return 0L != mPartialConnectivityTime;
+ }
+
+ // Timestamp (SystemClock.elapsedRealTime()) at which the first validation attempt concluded,
+ // or timed out after {@link ConnectivityService#PROMPT_UNVALIDATED_DELAY_MS}. 0 if not yet.
+ private long mFirstEvaluationConcludedTime;
+
+ /**
+ * Notify this NAI that this network has been evaluated.
+ *
+ * The stack considers that any result finding some working connectivity (valid, partial,
+ * captive portal) is an initial validation. Negative result (not valid), however, is not
+ * considered initial validation until {@link ConnectivityService#PROMPT_UNVALIDATED_DELAY_MS}
+ * have elapsed. This is because some networks may spuriously fail for a short time immediately
+ * after associating. If no positive result is found after the timeout has elapsed, then
+ * the network has been evaluated once.
+ *
+ * @return true the first time this is called on this object, then always returns false.
+ */
+ public boolean setEvaluated() {
+ if (0L != mFirstEvaluationConcludedTime) return false;
+ mFirstEvaluationConcludedTime = SystemClock.elapsedRealtime();
+ return true;
+ }
+
+ /** When this network ever concluded its first evaluation, or 0 if this never happened. */
+ @VisibleForTesting
+ public long getFirstEvaluationConcludedTime() {
+ return mFirstEvaluationConcludedTime;
+ }
// Delay between when the network is disconnected and when the native network is destroyed.
public int teardownDelayMs;
@@ -236,6 +421,55 @@
// URL, Terms & Conditions URL, and network friendly name.
public CaptivePortalData networkAgentPortalData;
+ // Indicate whether this device has the automotive feature.
+ private final boolean mHasAutomotiveFeature;
+
+ /**
+ * Sets the capabilities sent by the agent for later retrieval.
+ *
+ * This method does not sanitize the capabilities ; instead, use
+ * {@link #getDeclaredCapabilitiesSanitized} to retrieve a sanitized
+ * copy of the capabilities as they were passed here.
+ *
+ * This method makes a defensive copy to avoid issues where the passed object is later mutated.
+ *
+ * @param caps the caps sent by the agent
+ */
+ public void setDeclaredCapabilities(@NonNull final NetworkCapabilities caps) {
+ mDeclaredCapabilitiesUnsanitized = new NetworkCapabilities(caps);
+ }
+
+ /**
+ * Get the latest capabilities sent by the network agent, after sanitizing them.
+ *
+ * These are the capabilities as they were sent by the agent (but sanitized to conform to
+ * their restrictions). They are NOT the capabilities currently applying to this agent ;
+ * for that, use {@link #networkCapabilities}.
+ *
+ * Agents have restrictions on what capabilities they can send to Connectivity. For example,
+ * they can't change the owner UID from what they declared before, and complex restrictions
+ * apply to the allowedUids field.
+ * They also should not mutate immutable capabilities, although for backward-compatibility
+ * this is not enforced and limited to just a log.
+ *
+ * @param carrierPrivilegeAuthenticator the authenticator, to check access UIDs.
+ */
+ public NetworkCapabilities getDeclaredCapabilitiesSanitized(
+ final CarrierPrivilegeAuthenticator carrierPrivilegeAuthenticator) {
+ final NetworkCapabilities nc = new NetworkCapabilities(mDeclaredCapabilitiesUnsanitized);
+ if (nc.hasConnectivityManagedCapability()) {
+ Log.wtf(TAG, "BUG: " + this + " has CS-managed capability.");
+ }
+ if (networkCapabilities.getOwnerUid() != nc.getOwnerUid()) {
+ Log.e(TAG, toShortString() + ": ignoring attempt to change owner from "
+ + networkCapabilities.getOwnerUid() + " to " + nc.getOwnerUid());
+ nc.setOwnerUid(networkCapabilities.getOwnerUid());
+ }
+ restrictCapabilitiesFromNetworkAgent(
+ nc, creatorUid, mHasAutomotiveFeature, carrierPrivilegeAuthenticator);
+ return nc;
+ }
+
// Networks are lingered when they become unneeded as a result of their NetworkRequests being
// satisfied by a higher-scoring network. so as to allow communication to wrap up before the
// network is taken down. This usually only happens to the default network. Lingering ends with
@@ -366,6 +600,8 @@
private final Handler mHandler;
private final QosCallbackTracker mQosCallbackTracker;
+ private final long mCreationTime;
+
public NetworkAgentInfo(INetworkAgent na, Network net, NetworkInfo info,
@NonNull LinkProperties lp, @NonNull NetworkCapabilities nc,
@NonNull NetworkScore score, Context context,
@@ -398,6 +634,9 @@
declaredUnderlyingNetworks = (nc.getUnderlyingNetworks() != null)
? nc.getUnderlyingNetworks().toArray(new Network[0])
: null;
+ mCreationTime = System.currentTimeMillis();
+ mHasAutomotiveFeature =
+ mContext.getPackageManager().hasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE);
}
private class AgentDeathMonitor implements IBinder.DeathRecipient {
@@ -764,8 +1003,9 @@
@NonNull final NetworkCapabilities nc) {
final NetworkCapabilities oldNc = networkCapabilities;
networkCapabilities = nc;
- mScore = mScore.mixInScore(networkCapabilities, networkAgentConfig, everValidatedForYield(),
- yieldToBadWiFi(), destroyed);
+ mScore = mScore.mixInScore(networkCapabilities, networkAgentConfig, everValidated(),
+ 0L != getAvoidUnvalidated(), yieldToBadWiFi(),
+ 0L != mFirstEvaluationConcludedTime, isDestroyed());
final NetworkMonitorManager nm = mNetworkMonitor;
if (nm != null) {
nm.notifyNetworkCapabilitiesChanged(nc);
@@ -928,13 +1168,13 @@
// Does this network satisfy request?
public boolean satisfies(NetworkRequest request) {
- return created &&
- request.networkCapabilities.satisfiedByNetworkCapabilities(networkCapabilities);
+ return everConnected()
+ && request.networkCapabilities.satisfiedByNetworkCapabilities(networkCapabilities);
}
public boolean satisfiesImmutableCapabilitiesOf(NetworkRequest request) {
- return created &&
- request.networkCapabilities.satisfiedByImmutableNetworkCapabilities(
+ return everConnected()
+ && request.networkCapabilities.satisfiedByImmutableNetworkCapabilities(
networkCapabilities);
}
@@ -963,24 +1203,13 @@
return mScore;
}
- // Get the current score for this Network. This may be modified from what the
- // NetworkAgent sent, as it has modifiers applied to it.
- public int getCurrentScore() {
- return mScore.getLegacyInt();
- }
-
- // Get the current score for this Network as if it was validated. This may be modified from
- // what the NetworkAgent sent, as it has modifiers applied to it.
- public int getCurrentScoreAsValidated() {
- return mScore.getLegacyIntAsValidated();
- }
-
/**
* Mix-in the ConnectivityService-managed bits in the score.
*/
public void setScore(final NetworkScore score) {
mScore = FullScore.fromNetworkScore(score, networkCapabilities, networkAgentConfig,
- everValidatedForYield(), yieldToBadWiFi(), destroyed);
+ everValidated(), 0L != getAvoidUnvalidated(), yieldToBadWiFi(),
+ 0L != mFirstEvaluationConcludedTime, isDestroyed());
}
/**
@@ -990,11 +1219,8 @@
*/
public void updateScoreForNetworkAgentUpdate() {
mScore = mScore.mixInScore(networkCapabilities, networkAgentConfig,
- everValidatedForYield(), yieldToBadWiFi(), destroyed);
- }
-
- private boolean everValidatedForYield() {
- return everValidated && !avoidUnvalidated;
+ everValidated(), 0L != getAvoidUnvalidated(), yieldToBadWiFi(),
+ 0L != mFirstEvaluationConcludedTime, isDestroyed());
}
/**
@@ -1279,15 +1505,19 @@
return "NetworkAgentInfo{"
+ "network{" + network + "} handle{" + network.getNetworkHandle() + "} ni{"
+ networkInfo.toShortString() + "} "
+ + "created=" + Instant.ofEpochMilli(mCreationTime) + " "
+ mScore + " "
- + (created ? " created" : "")
- + (destroyed ? " destroyed" : "")
+ + (isCreated() ? " created " + getCreatedTime() : "")
+ + (isDestroyed() ? " destroyed " + mDestroyedTime : "")
+ (isNascent() ? " nascent" : (isLingering() ? " lingering" : ""))
- + (everValidated ? " everValidated" : "")
- + (lastValidated ? " lastValidated" : "")
- + (partialConnectivity ? " partialConnectivity" : "")
- + (everCaptivePortalDetected ? " everCaptivePortal" : "")
- + (lastCaptivePortalDetected ? " isCaptivePortal" : "")
+ + (everValidated() ? " firstValidated " + getFirstValidationTime() : "")
+ + (isValidated() ? " lastValidated " + getCurrentValidationTime() : "")
+ + (partialConnectivity()
+ ? " partialConnectivity " + mPartialConnectivityTime : "")
+ + (everCaptivePortalDetected()
+ ? " firstCaptivePortalDetected " + mFirstCaptivePortalDetectedTime : "")
+ + (captivePortalDetected()
+ ? " currentCaptivePortalDetected " + mCurrentCaptivePortalDetectedTime : "")
+ (networkAgentConfig.explicitlySelected ? " explicitlySelected" : "")
+ (networkAgentConfig.acceptUnvalidated ? " acceptUnvalidated" : "")
+ (networkAgentConfig.acceptPartialConnectivity ? " acceptPartialConnectivity" : "")
@@ -1305,19 +1535,13 @@
*
* This is often not enough for debugging purposes for anything complex, but the full form
* is very long and hard to read, so this is useful when there isn't a lot of ambiguity.
- * This represents the network with something like "[100 WIFI|VPN]" or "[108 MOBILE]".
+ * This represents the network with something like "[100 WIFI|VPN]" or "[108 CELLULAR]".
*/
public String toShortString() {
return "[" + network.getNetId() + " "
+ transportNamesOf(networkCapabilities.getTransportTypes()) + "]";
}
- // Enables sorting in descending order of score.
- @Override
- public int compareTo(NetworkAgentInfo other) {
- return other.getCurrentScore() - getCurrentScore();
- }
-
/**
* Null-guarding version of NetworkAgentInfo#toShortString()
*/
diff --git a/service/src/com/android/server/connectivity/NetworkNotificationManager.java b/service/src/com/android/server/connectivity/NetworkNotificationManager.java
index 155f6c4..45da0ea 100644
--- a/service/src/com/android/server/connectivity/NetworkNotificationManager.java
+++ b/service/src/com/android/server/connectivity/NetworkNotificationManager.java
@@ -394,8 +394,9 @@
Toast.makeText(mContext, text, Toast.LENGTH_LONG).show();
}
- @VisibleForTesting
- static String tagFor(int id) {
+ /** Get the logging tag for a notification ID */
+ @VisibleForTesting(visibility = VisibleForTesting.Visibility.PRIVATE)
+ public static String tagFor(int id) {
return String.format("ConnectivityNotification:%d", id);
}
diff --git a/service/src/com/android/server/connectivity/NetworkRanker.java b/service/src/com/android/server/connectivity/NetworkRanker.java
index babc353..d94c8dc 100644
--- a/service/src/com/android/server/connectivity/NetworkRanker.java
+++ b/service/src/com/android/server/connectivity/NetworkRanker.java
@@ -16,6 +16,7 @@
package com.android.server.connectivity;
+import static android.net.NetworkCapabilities.NET_CAPABILITY_CAPTIVE_PORTAL;
import static android.net.NetworkCapabilities.TRANSPORT_BLUETOOTH;
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
import static android.net.NetworkCapabilities.TRANSPORT_ETHERNET;
@@ -26,8 +27,10 @@
import static com.android.net.module.util.CollectionUtils.filter;
import static com.android.server.connectivity.FullScore.POLICY_ACCEPT_UNVALIDATED;
+import static com.android.server.connectivity.FullScore.POLICY_AVOIDED_WHEN_UNVALIDATED;
+import static com.android.server.connectivity.FullScore.POLICY_EVER_EVALUATED;
import static com.android.server.connectivity.FullScore.POLICY_EVER_USER_SELECTED;
-import static com.android.server.connectivity.FullScore.POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD;
+import static com.android.server.connectivity.FullScore.POLICY_EVER_VALIDATED;
import static com.android.server.connectivity.FullScore.POLICY_IS_DESTROYED;
import static com.android.server.connectivity.FullScore.POLICY_IS_INVINCIBLE;
import static com.android.server.connectivity.FullScore.POLICY_IS_VALIDATED;
@@ -38,18 +41,39 @@
import android.net.NetworkCapabilities;
import android.net.NetworkRequest;
+import com.android.internal.annotations.VisibleForTesting;
import com.android.net.module.util.CollectionUtils;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
+import java.util.Objects;
import java.util.function.Predicate;
/**
* A class that knows how to find the best network matching a request out of a list of networks.
*/
public class NetworkRanker {
+ /**
+ * Home for all configurations of NetworkRanker
+ */
+ public static final class Configuration {
+ private final boolean mActivelyPreferBadWifi;
+
+ public Configuration(final boolean activelyPreferBadWifi) {
+ this.mActivelyPreferBadWifi = activelyPreferBadWifi;
+ }
+
+ /**
+ * @see MultinetworkPolicyTracker#getActivelyPreferBadWifi()
+ */
+ public boolean activelyPreferBadWifi() {
+ return mActivelyPreferBadWifi;
+ }
+ }
+ @NonNull private volatile Configuration mConf;
+
// Historically the legacy ints have been 0~100 in principle (though the highest score in
// AOSP has always been 90). This is relied on by VPNs that send a legacy score of 101.
public static final int LEGACY_INT_MAX = 100;
@@ -64,7 +88,22 @@
NetworkCapabilities getCapsNoCopy();
}
- public NetworkRanker() { }
+ public NetworkRanker(@NonNull final Configuration conf) {
+ // Because mConf is volatile, the only way it could be seen null would be an access to it
+ // on some other thread during this constructor. But this is not possible because mConf is
+ // private and `this` doesn't escape this constructor.
+ setConfiguration(conf);
+ }
+
+ public void setConfiguration(@NonNull final Configuration conf) {
+ mConf = Objects.requireNonNull(conf);
+ }
+
+ // There shouldn't be a use case outside of testing
+ @VisibleForTesting
+ public Configuration getConfiguration() {
+ return mConf;
+ }
/**
* Find the best network satisfying this request among the list of passed networks.
@@ -103,9 +142,42 @@
}
}
- private <T extends Scoreable> boolean isBadWiFi(@NonNull final T candidate) {
- return candidate.getScore().hasPolicy(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD)
- && candidate.getCapsNoCopy().hasTransport(TRANSPORT_WIFI);
+ /**
+ * Returns whether the wifi passed as an argument is a preferred network to yielding cell.
+ *
+ * When comparing bad wifi to cell with POLICY_YIELD_TO_BAD_WIFI, it may be necessary to
+ * know if a particular bad wifi is preferred to such a cell network. This method computes
+ * and returns this.
+ *
+ * @param candidate a bad wifi to evaluate
+ * @return whether this candidate is preferred to cell with POLICY_YIELD_TO_BAD_WIFI
+ */
+ private <T extends Scoreable> boolean isPreferredBadWiFi(@NonNull final T candidate) {
+ final FullScore score = candidate.getScore();
+ final NetworkCapabilities caps = candidate.getCapsNoCopy();
+
+ // Whatever the policy, only WiFis can be preferred bad WiFis.
+ if (!caps.hasTransport(TRANSPORT_WIFI)) return false;
+ // Validated networks aren't bad networks, so a fortiori can't be preferred bad WiFis.
+ if (score.hasPolicy(POLICY_IS_VALIDATED)) return false;
+ // A WiFi that the user explicitly wanted to avoid in UI is never a preferred bad WiFi.
+ if (score.hasPolicy(POLICY_AVOIDED_WHEN_UNVALIDATED)) return false;
+
+ if (mConf.activelyPreferBadWifi()) {
+ // If a network is still evaluating, don't prefer it.
+ if (!score.hasPolicy(POLICY_EVER_EVALUATED)) return false;
+
+ // If a network is not a captive portal, then prefer it.
+ if (!caps.hasCapability(NET_CAPABILITY_CAPTIVE_PORTAL)) return true;
+
+ // If it's a captive portal, prefer it if it previously validated but is no longer
+ // validated (i.e., the user logged in in the past, but later the portal closed).
+ return score.hasPolicy(POLICY_EVER_VALIDATED);
+ } else {
+ // Under the original "prefer bad WiFi" policy, only networks that have ever validated
+ // are preferred.
+ return score.hasPolicy(POLICY_EVER_VALIDATED);
+ }
}
/**
@@ -128,7 +200,7 @@
// No network with the policy : do nothing.
return;
}
- if (!CollectionUtils.any(rejected, n -> isBadWiFi(n))) {
+ if (!CollectionUtils.any(rejected, n -> isPreferredBadWiFi(n))) {
// No bad WiFi : do nothing.
return;
}
@@ -138,7 +210,7 @@
// wifis by the following policies (e.g. exiting).
final ArrayList<T> acceptedYielders = new ArrayList<>(accepted);
final ArrayList<T> rejectedWithBadWiFis = new ArrayList<>(rejected);
- partitionInto(rejectedWithBadWiFis, n -> isBadWiFi(n), accepted, rejected);
+ partitionInto(rejectedWithBadWiFis, n -> isPreferredBadWiFi(n), accepted, rejected);
accepted.addAll(acceptedYielders);
return;
}
diff --git a/service/src/com/android/server/connectivity/PermissionMonitor.java b/service/src/com/android/server/connectivity/PermissionMonitor.java
index e4a2c20..fd1ed60 100755
--- a/service/src/com/android/server/connectivity/PermissionMonitor.java
+++ b/service/src/com/android/server/connectivity/PermissionMonitor.java
@@ -23,9 +23,6 @@
import static android.Manifest.permission.UPDATE_DEVICE_STATS;
import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_GRANTED;
import static android.content.pm.PackageManager.GET_PERMISSIONS;
-import static android.net.ConnectivityManager.FIREWALL_CHAIN_LOCKDOWN_VPN;
-import static android.net.ConnectivityManager.FIREWALL_RULE_ALLOW;
-import static android.net.ConnectivityManager.FIREWALL_RULE_DENY;
import static android.net.ConnectivitySettingsManager.UIDS_ALLOWED_ON_RESTRICTED_NETWORKS;
import static android.net.INetd.PERMISSION_INTERNET;
import static android.net.INetd.PERMISSION_NETWORK;
@@ -54,7 +51,6 @@
import android.net.INetd;
import android.net.UidRange;
import android.net.Uri;
-import android.net.util.SharedLog;
import android.os.Build;
import android.os.Process;
import android.os.RemoteException;
@@ -73,6 +69,7 @@
import com.android.internal.util.IndentingPrintWriter;
import com.android.modules.utils.build.SdkLevel;
import com.android.net.module.util.CollectionUtils;
+import com.android.net.module.util.SharedLog;
import com.android.networkstack.apishim.ProcessShimImpl;
import com.android.networkstack.apishim.common.ProcessShim;
import com.android.server.BpfNetMaps;
@@ -684,8 +681,12 @@
}
private synchronized void updateLockdownUid(int uid, boolean add) {
- if (UidRange.containsUid(mVpnLockdownUidRanges.getSet(), uid)
- && !hasRestrictedNetworksPermission(uid)) {
+ // Apps that can use restricted networks can always bypass VPNs.
+ if (hasRestrictedNetworksPermission(uid)) {
+ return;
+ }
+
+ if (UidRange.containsUid(mVpnLockdownUidRanges.getSet(), uid)) {
updateLockdownUidRule(uid, add);
}
}
@@ -790,7 +791,7 @@
mAllApps.add(appId);
// Log package added.
- mPermissionUpdateLogs.log("Package add: name=" + packageName + ", uid=" + uid
+ mPermissionUpdateLogs.log("Package add: uid=" + uid
+ ", nPerm=(" + permissionToString(permission) + "/"
+ permissionToString(currentPermission) + ")"
+ ", tPerm=" + permissionToString(appIdTrafficPerm));
@@ -843,7 +844,7 @@
final int permission = highestUidNetworkPermission(uid);
// Log package removed.
- mPermissionUpdateLogs.log("Package remove: name=" + packageName + ", uid=" + uid
+ mPermissionUpdateLogs.log("Package remove: uid=" + uid
+ ", nPerm=(" + permissionToString(permission) + "/"
+ permissionToString(currentPermission) + ")"
+ ", tPerm=" + permissionToString(appIdTrafficPerm));
@@ -1079,11 +1080,7 @@
private void updateLockdownUidRule(int uid, boolean add) {
try {
- if (add) {
- mBpfNetMaps.setUidRule(FIREWALL_CHAIN_LOCKDOWN_VPN, uid, FIREWALL_RULE_DENY);
- } else {
- mBpfNetMaps.setUidRule(FIREWALL_CHAIN_LOCKDOWN_VPN, uid, FIREWALL_RULE_ALLOW);
- }
+ mBpfNetMaps.updateUidLockdownRule(uid, add);
} catch (ServiceSpecificException e) {
loge("Failed to " + (add ? "add" : "remove") + " Lockdown rule: " + e);
}
@@ -1259,7 +1256,7 @@
pw.println("Lockdown filtering rules:");
pw.increaseIndent();
for (final UidRange range : mVpnLockdownUidRanges.getSet()) {
- pw.println("UIDs: " + range.toString());
+ pw.println("UIDs: " + range);
}
pw.decreaseIndent();
diff --git a/service/src/com/android/server/connectivity/QosCallbackAgentConnection.java b/service/src/com/android/server/connectivity/QosCallbackAgentConnection.java
index 534dbe7..e682026 100644
--- a/service/src/com/android/server/connectivity/QosCallbackAgentConnection.java
+++ b/service/src/com/android/server/connectivity/QosCallbackAgentConnection.java
@@ -30,6 +30,8 @@
import android.telephony.data.NrQosSessionAttributes;
import android.util.Log;
+import com.android.modules.utils.build.SdkLevel;
+
import java.util.Objects;
/**
@@ -149,6 +151,7 @@
void sendEventEpsQosSessionAvailable(final QosSession session,
final EpsBearerQosSessionAttributes attributes) {
+ if (!validateOrSendErrorAndUnregister()) return;
try {
if (DBG) log("sendEventEpsQosSessionAvailable: sending...");
mCallback.onQosEpsBearerSessionAvailable(session, attributes);
@@ -159,6 +162,7 @@
void sendEventNrQosSessionAvailable(final QosSession session,
final NrQosSessionAttributes attributes) {
+ if (!validateOrSendErrorAndUnregister()) return;
try {
if (DBG) log("sendEventNrQosSessionAvailable: sending...");
mCallback.onNrQosSessionAvailable(session, attributes);
@@ -168,6 +172,7 @@
}
void sendEventQosSessionLost(@NonNull final QosSession session) {
+ if (!validateOrSendErrorAndUnregister()) return;
try {
if (DBG) log("sendEventQosSessionLost: sending...");
mCallback.onQosSessionLost(session);
@@ -185,6 +190,21 @@
}
}
+ private boolean validateOrSendErrorAndUnregister() {
+ final int exceptionType = mFilter.validate();
+ if (exceptionType != EX_TYPE_FILTER_NONE) {
+ log("validation fail before sending QosCallback.");
+ // Error callback is returned from Android T to prevent any disruption of application
+ // running on Android S.
+ if (SdkLevel.isAtLeastT()) {
+ sendEventQosCallbackError(exceptionType);
+ mQosCallbackTracker.unregisterCallback(mCallback);
+ }
+ return false;
+ }
+ return true;
+ }
+
private static void log(@NonNull final String msg) {
Log.d(TAG, msg);
}
diff --git a/service/src/com/android/server/connectivity/QosCallbackTracker.java b/service/src/com/android/server/connectivity/QosCallbackTracker.java
index b6ab47b..336a399 100644
--- a/service/src/com/android/server/connectivity/QosCallbackTracker.java
+++ b/service/src/com/android/server/connectivity/QosCallbackTracker.java
@@ -52,7 +52,7 @@
private final Handler mConnectivityServiceHandler;
@NonNull
- private final ConnectivityService.PerUidCounter mNetworkRequestCounter;
+ private final ConnectivityService.RequestInfoPerUidCounter mNetworkRequestCounter;
/**
* Each agent gets a unique callback id that is used to proxy messages back to the original
@@ -78,7 +78,7 @@
* uid
*/
public QosCallbackTracker(@NonNull final Handler connectivityServiceHandler,
- final ConnectivityService.PerUidCounter networkRequestCounter) {
+ final ConnectivityService.RequestInfoPerUidCounter networkRequestCounter) {
mConnectivityServiceHandler = connectivityServiceHandler;
mNetworkRequestCounter = networkRequestCounter;
}
diff --git a/service/src/com/android/server/net/DelayedDiskWrite.java b/service/src/com/android/server/net/DelayedDiskWrite.java
index 35dc455..41cb419 100644
--- a/service/src/com/android/server/net/DelayedDiskWrite.java
+++ b/service/src/com/android/server/net/DelayedDiskWrite.java
@@ -21,6 +21,8 @@
import android.text.TextUtils;
import android.util.Log;
+import com.android.internal.annotations.VisibleForTesting;
+
import java.io.BufferedOutputStream;
import java.io.DataOutputStream;
import java.io.FileOutputStream;
@@ -32,11 +34,42 @@
public class DelayedDiskWrite {
private static final String TAG = "DelayedDiskWrite";
+ private final Dependencies mDeps;
+
private HandlerThread mDiskWriteHandlerThread;
private Handler mDiskWriteHandler;
/* Tracks multiple writes on the same thread */
private int mWriteSequence = 0;
+ public DelayedDiskWrite() {
+ this(new Dependencies());
+ }
+
+ @VisibleForTesting
+ DelayedDiskWrite(Dependencies deps) {
+ mDeps = deps;
+ }
+
+ /**
+ * Dependencies class of DelayedDiskWrite, used for injection in tests.
+ */
+ @VisibleForTesting
+ static class Dependencies {
+ /**
+ * Create a HandlerThread to use in DelayedDiskWrite.
+ */
+ public HandlerThread makeHandlerThread() {
+ return new HandlerThread("DelayedDiskWriteThread");
+ }
+
+ /**
+ * Quit the HandlerThread looper.
+ */
+ public void quitHandlerThread(HandlerThread handlerThread) {
+ handlerThread.getLooper().quit();
+ }
+ }
+
/**
* Used to do a delayed data write to a given {@link OutputStream}.
*/
@@ -65,7 +98,7 @@
/* Do a delayed write to disk on a separate handler thread */
synchronized (this) {
if (++mWriteSequence == 1) {
- mDiskWriteHandlerThread = new HandlerThread("DelayedDiskWriteThread");
+ mDiskWriteHandlerThread = mDeps.makeHandlerThread();
mDiskWriteHandlerThread.start();
mDiskWriteHandler = new Handler(mDiskWriteHandlerThread.getLooper());
}
@@ -99,9 +132,9 @@
// Quit if no more writes sent
synchronized (this) {
if (--mWriteSequence == 0) {
- mDiskWriteHandler.getLooper().quit();
- mDiskWriteHandler = null;
+ mDeps.quitHandlerThread(mDiskWriteHandlerThread);
mDiskWriteHandlerThread = null;
+ mDiskWriteHandler = null;
}
}
}
diff --git a/tests/common/Android.bp b/tests/common/Android.bp
index 58731e0..5c9cc63 100644
--- a/tests/common/Android.bp
+++ b/tests/common/Android.bp
@@ -21,9 +21,22 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
+// The target SDK version of the "latest released SDK" CTS tests.
+// This should be updated soon after a new SDK level is finalized.
+// It is different from the target SDK version of production code (e.g., the Tethering,
+// NetworkStack, and CaptivePortalLogin APKs):
+// - The target SDK of production code influences the behaviour of the production code.
+// - The target SDK of the CTS tests validates the behaviour seen by apps that call production APIs.
+// - The behaviour seen by apps that target previous SDKs is tested by previous CTS versions
+// (currently, CTS 10, 11, and 12).
+java_defaults {
+ name: "ConnectivityTestsLatestSdkDefaults",
+ target_sdk_version: "33",
+}
+
java_library {
name: "FrameworksNetCommonTests",
- defaults: ["framework-connectivity-test-defaults"],
+ defaults: ["framework-connectivity-internal-test-defaults"],
srcs: [
"java/**/*.java",
"java/**/*.kt",
@@ -49,6 +62,7 @@
// jarjar stops at the first matching rule, so order of concatenation affects the output.
genrule {
name: "ConnectivityCoverageJarJarRules",
+ defaults: ["jarjar-rules-combine-defaults"],
srcs: [
"tethering-jni-jarjar-rules.txt",
":connectivity-jarjar-rules",
@@ -56,8 +70,6 @@
":NetworkStackJarJarRules",
],
out: ["jarjar-rules-connectivity-coverage.txt"],
- // Concat files with a line break in the middle
- cmd: "for src in $(in); do cat $${src}; echo; done > $(out)",
visibility: ["//visibility:private"],
}
@@ -81,10 +93,10 @@
name: "ConnectivityCoverageTests",
// Tethering started on SDK 30
min_sdk_version: "30",
- target_sdk_version: "31",
test_suites: ["general-tests", "mts-tethering"],
defaults: [
- "framework-connectivity-test-defaults",
+ "ConnectivityTestsLatestSdkDefaults",
+ "framework-connectivity-internal-test-defaults",
"FrameworksNetTests-jni-defaults",
"libnetworkstackutilsjni_deps",
],
diff --git a/tests/common/java/android/net/EthernetNetworkManagementExceptionTest.java b/tests/common/java/android/net/EthernetNetworkManagementExceptionTest.java
new file mode 100644
index 0000000..84b6e54
--- /dev/null
+++ b/tests/common/java/android/net/EthernetNetworkManagementExceptionTest.java
@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.net;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+import static com.android.testutils.ParcelUtils.assertParcelingIsLossless;
+
+import static org.junit.Assert.assertEquals;
+
+import androidx.test.filters.SmallTest;
+
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2) // TODO: Use to Build.VERSION_CODES.SC_V2 when available
+@RunWith(DevSdkIgnoreRunner.class)
+@SmallTest
+public class EthernetNetworkManagementExceptionTest {
+ private static final String ERROR_MESSAGE = "Test error message";
+
+ @Test
+ public void testEthernetNetworkManagementExceptionParcelable() {
+ final EthernetNetworkManagementException e =
+ new EthernetNetworkManagementException(ERROR_MESSAGE);
+
+ assertParcelingIsLossless(e);
+ }
+
+ @Test
+ public void testEthernetNetworkManagementExceptionHasExpectedErrorMessage() {
+ final EthernetNetworkManagementException e =
+ new EthernetNetworkManagementException(ERROR_MESSAGE);
+
+ assertEquals(ERROR_MESSAGE, e.getMessage());
+ }
+}
diff --git a/tests/common/java/android/net/LinkPropertiesTest.java b/tests/common/java/android/net/LinkPropertiesTest.java
index 9ed2bb3..5ee375f 100644
--- a/tests/common/java/android/net/LinkPropertiesTest.java
+++ b/tests/common/java/android/net/LinkPropertiesTest.java
@@ -36,10 +36,10 @@
import android.system.OsConstants;
import android.util.ArraySet;
-import androidx.core.os.BuildCompat;
import androidx.test.filters.SmallTest;
import androidx.test.runner.AndroidJUnit4;
+import com.android.modules.utils.build.SdkLevel;
import com.android.net.module.util.LinkPropertiesUtils.CompareResult;
import com.android.testutils.ConnectivityModuleTest;
import com.android.testutils.DevSdkIgnoreRule;
@@ -114,11 +114,6 @@
return InetAddresses.parseNumericAddress(addrString);
}
- private static boolean isAtLeastR() {
- // BuildCompat.isAtLeastR is documented to return false on release SDKs (including R)
- return Build.VERSION.SDK_INT > Build.VERSION_CODES.Q || BuildCompat.isAtLeastR();
- }
-
private void checkEmpty(final LinkProperties lp) {
assertEquals(0, lp.getAllInterfaceNames().size());
assertEquals(0, lp.getAllAddresses().size());
@@ -139,7 +134,7 @@
assertFalse(lp.isIpv6Provisioned());
assertFalse(lp.isPrivateDnsActive());
- if (isAtLeastR()) {
+ if (SdkLevel.isAtLeastR()) {
assertNull(lp.getDhcpServerAddress());
assertFalse(lp.isWakeOnLanSupported());
assertNull(lp.getCaptivePortalApiUrl());
@@ -166,7 +161,7 @@
lp.setMtu(MTU);
lp.setTcpBufferSizes(TCP_BUFFER_SIZES);
lp.setNat64Prefix(new IpPrefix("2001:db8:0:64::/96"));
- if (isAtLeastR()) {
+ if (SdkLevel.isAtLeastR()) {
lp.setDhcpServerAddress(DHCPSERVER);
lp.setWakeOnLanSupported(true);
lp.setCaptivePortalApiUrl(CAPPORT_API_URL);
@@ -210,7 +205,7 @@
assertTrue(source.isIdenticalTcpBufferSizes(target));
assertTrue(target.isIdenticalTcpBufferSizes(source));
- if (isAtLeastR()) {
+ if (SdkLevel.isAtLeastR()) {
assertTrue(source.isIdenticalDhcpServerAddress(target));
assertTrue(source.isIdenticalDhcpServerAddress(source));
@@ -1295,37 +1290,73 @@
assertEquals(2, lp.getRoutes().size());
}
- @Test @IgnoreUpTo(Build.VERSION_CODES.R)
- @CtsNetTestCasesMaxTargetSdk31(reason = "Compat change cannot be overridden when targeting T+")
- @EnableCompatChanges({LinkProperties.EXCLUDED_ROUTES})
- public void testExcludedRoutesEnabled() {
+ private void assertExcludeRoutesVisible() {
final LinkProperties lp = new LinkProperties();
assertEquals(0, lp.getRoutes().size());
- lp.addRoute(new RouteInfo(new IpPrefix(ADDRV4, 0), RTN_UNREACHABLE));
+ lp.addRoute(new RouteInfo(new IpPrefix(ADDRV4, 31), RTN_UNREACHABLE));
assertEquals(1, lp.getRoutes().size());
- lp.addRoute(new RouteInfo(new IpPrefix(ADDRV6, 0), RTN_THROW));
+ lp.addRoute(new RouteInfo(new IpPrefix(ADDRV6, 127), RTN_THROW));
assertEquals(2, lp.getRoutes().size());
lp.addRoute(new RouteInfo(GATEWAY1));
assertEquals(3, lp.getRoutes().size());
+
+ lp.addRoute(new RouteInfo(new IpPrefix(DNS6, 127), RTN_UNICAST));
+ assertEquals(4, lp.getRoutes().size());
+ }
+
+ private void assertExcludeRoutesNotVisible() {
+ final LinkProperties lp = new LinkProperties();
+ assertEquals(0, lp.getRoutes().size());
+
+ lp.addRoute(new RouteInfo(new IpPrefix(ADDRV4, 31), RTN_UNREACHABLE));
+ assertEquals(0, lp.getRoutes().size());
+
+ lp.addRoute(new RouteInfo(new IpPrefix(ADDRV6, 127), RTN_THROW));
+ assertEquals(0, lp.getRoutes().size());
+
+ lp.addRoute(new RouteInfo(GATEWAY1));
+ assertEquals(1, lp.getRoutes().size());
+
+ lp.addRoute(new RouteInfo(new IpPrefix(DNS6, 127), RTN_UNICAST));
+ assertEquals(2, lp.getRoutes().size());
+ }
+
+ private void checkExcludeRoutesNotVisibleAfterS() {
+ if (!SdkLevel.isAtLeastT()) {
+ // RTN_THROW routes are visible on R and S when added by the caller (but they are not
+ // added by the system except for legacy VPN).
+ // This is uncommon usage but was tested by CTSr12.
+ assertExcludeRoutesVisible();
+ } else {
+ assertExcludeRoutesNotVisible();
+ }
+ }
+
+ @Test @IgnoreUpTo(Build.VERSION_CODES.R)
+ @CtsNetTestCasesMaxTargetSdk31(reason = "Testing behaviour for target SDK 31")
+ public void testExcludedRoutesNotVisibleOnTargetSdk31() {
+ checkExcludeRoutesNotVisibleAfterS();
+ }
+
+ @Test
+ public void testExcludedRoutesVisibleOnTargetSdk33AndAbove() {
+ assertExcludeRoutesVisible();
+ }
+
+ @Test @IgnoreUpTo(Build.VERSION_CODES.R)
+ @CtsNetTestCasesMaxTargetSdk31(reason = "Compat change cannot be overridden when targeting T+")
+ @EnableCompatChanges({LinkProperties.EXCLUDED_ROUTES})
+ public void testExcludedRoutesEnabledByCompatChange() {
+ assertExcludeRoutesVisible();
}
@Test @IgnoreUpTo(Build.VERSION_CODES.R)
@CtsNetTestCasesMaxTargetSdk31(reason = "Compat change cannot be overridden when targeting T+")
@DisableCompatChanges({LinkProperties.EXCLUDED_ROUTES})
- public void testExcludedRoutesDisabled() {
- final LinkProperties lp = new LinkProperties();
- assertEquals(0, lp.getRoutes().size());
-
- lp.addRoute(new RouteInfo(new IpPrefix(ADDRV4, 0), RTN_UNREACHABLE));
- assertEquals(0, lp.getRoutes().size());
-
- lp.addRoute(new RouteInfo(new IpPrefix(ADDRV6, 5), RTN_THROW));
- assertEquals(0, lp.getRoutes().size());
-
- lp.addRoute(new RouteInfo(new IpPrefix(ADDRV6, 2), RTN_UNICAST));
- assertEquals(1, lp.getRoutes().size());
+ public void testExcludedRoutesDisabledByCompatChange() {
+ checkExcludeRoutesNotVisibleAfterS();
}
}
diff --git a/tests/common/java/android/net/NetworkProviderTest.kt b/tests/common/java/android/net/NetworkProviderTest.kt
index 3ceacf8..c0e7f61 100644
--- a/tests/common/java/android/net/NetworkProviderTest.kt
+++ b/tests/common/java/android/net/NetworkProviderTest.kt
@@ -30,6 +30,7 @@
import android.os.Looper
import android.util.Log
import androidx.test.InstrumentationRegistry
+import com.android.modules.utils.build.SdkLevel.isAtLeastS
import com.android.net.module.util.ArrayTrackRecord
import com.android.testutils.CompatUtil
import com.android.testutils.ConnectivityModuleTest
@@ -38,7 +39,6 @@
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo
import com.android.testutils.DevSdkIgnoreRunner
import com.android.testutils.TestableNetworkOfferCallback
-import com.android.testutils.isDevSdkInRange
import org.junit.After
import org.junit.Before
import org.junit.Rule
@@ -376,7 +376,7 @@
doReturn(mCm).`when`(mockContext).getSystemService(Context.CONNECTIVITY_SERVICE)
val provider = createNetworkProvider(mockContext)
// ConnectivityManager not required at creation time after R
- if (!isDevSdkInRange(0, Build.VERSION_CODES.R)) {
+ if (isAtLeastS()) {
verifyNoMoreInteractions(mockContext)
}
diff --git a/tests/common/java/android/net/metrics/IpConnectivityLogTest.java b/tests/common/java/android/net/metrics/IpConnectivityLogTest.java
index ab97f2d..93cf748 100644
--- a/tests/common/java/android/net/metrics/IpConnectivityLogTest.java
+++ b/tests/common/java/android/net/metrics/IpConnectivityLogTest.java
@@ -23,7 +23,7 @@
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
-import static org.mockito.Mockito.timeout;
+import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import android.net.ConnectivityMetricsEvent;
@@ -51,6 +51,7 @@
private static final int FAKE_NET_ID = 100;
private static final int[] FAKE_TRANSPORT_TYPES = unpackBits(TRANSPORT_WIFI);
private static final long FAKE_TIME_STAMP = System.currentTimeMillis();
+ private static final long THREAD_TIMEOUT_MS = 10_000L;
private static final String FAKE_INTERFACE_NAME = "test";
private static final IpReachabilityEvent FAKE_EV =
new IpReachabilityEvent(IpReachabilityEvent.NUD_FAILED);
@@ -93,22 +94,26 @@
final int nCallers = 10;
final int nEvents = 10;
+ final Thread[] threads = new Thread[nCallers];
for (int n = 0; n < nCallers; n++) {
final int i = n;
- new Thread() {
- public void run() {
- for (int j = 0; j < nEvents; j++) {
- assertTrue(logger.log(makeExpectedEvent(
- FAKE_TIME_STAMP + i * 100 + j,
- FAKE_NET_ID + i * 100 + j,
- ((i + j) % 2 == 0) ? TRANSPORT_WIFI : TRANSPORT_CELLULAR,
- FAKE_INTERFACE_NAME)));
- }
+ threads[i] = new Thread(() -> {
+ for (int j = 0; j < nEvents; j++) {
+ assertTrue(logger.log(makeExpectedEvent(
+ FAKE_TIME_STAMP + i * 100 + j,
+ FAKE_NET_ID + i * 100 + j,
+ ((i + j) % 2 == 0) ? TRANSPORT_WIFI : TRANSPORT_CELLULAR,
+ FAKE_INTERFACE_NAME)));
}
- }.start();
+ });
+ threads[i].start();
+ }
+ // To ensure the events have been sent out on each thread. Wait for the thread to die.
+ for (Thread thread : threads) {
+ thread.join(THREAD_TIMEOUT_MS);
}
- List<ConnectivityMetricsEvent> got = verifyEvents(nCallers * nEvents, 200);
+ final List<ConnectivityMetricsEvent> got = verifyEvents(nCallers * nEvents);
Collections.sort(got, EVENT_COMPARATOR);
Iterator<ConnectivityMetricsEvent> iter = got.iterator();
for (int i = 0; i < nCallers; i++) {
@@ -123,17 +128,13 @@
}
}
- private List<ConnectivityMetricsEvent> verifyEvents(int n, int timeoutMs) throws Exception {
+ private List<ConnectivityMetricsEvent> verifyEvents(int n) throws Exception {
ArgumentCaptor<ConnectivityMetricsEvent> captor =
ArgumentCaptor.forClass(ConnectivityMetricsEvent.class);
- verify(mMockService, timeout(timeoutMs).times(n)).logEvent(captor.capture());
+ verify(mMockService, times(n)).logEvent(captor.capture());
return captor.getAllValues();
}
- private List<ConnectivityMetricsEvent> verifyEvents(int n) throws Exception {
- return verifyEvents(n, 10);
- }
-
private ConnectivityMetricsEvent makeExpectedEvent(long timestamp, int netId, long transports,
String ifname) {
diff --git a/tests/cts/OWNERS b/tests/cts/OWNERS
index 875b4a2..089d06f 100644
--- a/tests/cts/OWNERS
+++ b/tests/cts/OWNERS
@@ -1,3 +1,7 @@
# Bug template url: http://b/new?component=31808
set noparent
file:platform/packages/modules/Connectivity:master:/OWNERS_core_networking_xts
+
+# Only temporary ownership to improve ethernet code quality (b/236280707)
+# TODO: remove by 12/31/2022
+per-file net/src/android/net/cts/EthernetManagerTest.kt = prohr@google.com #{LAST_RESORT_SUGGESTION}
diff --git a/tests/cts/hostside/Android.bp b/tests/cts/hostside/Android.bp
index c47ccbf..47ea53e 100644
--- a/tests/cts/hostside/Android.bp
+++ b/tests/cts/hostside/Android.bp
@@ -26,7 +26,6 @@
"tradefed",
],
static_libs: [
- "CompatChangeGatingTestBase",
"modules-utils-build-testing",
],
// Tag this module as a cts test artifact
@@ -35,4 +34,10 @@
"general-tests",
"sts"
],
+ data: [
+ ":CtsHostsideNetworkTestsApp",
+ ":CtsHostsideNetworkTestsApp2",
+ ":CtsHostsideNetworkTestsAppNext",
+ ],
+ per_testcase_directory: true,
}
diff --git a/tests/cts/hostside/aidl/com/android/cts/net/hostside/IRemoteSocketFactory.aidl b/tests/cts/hostside/aidl/com/android/cts/net/hostside/IRemoteSocketFactory.aidl
index 68176ad..6986e7e 100644
--- a/tests/cts/hostside/aidl/com/android/cts/net/hostside/IRemoteSocketFactory.aidl
+++ b/tests/cts/hostside/aidl/com/android/cts/net/hostside/IRemoteSocketFactory.aidl
@@ -20,6 +20,7 @@
interface IRemoteSocketFactory {
ParcelFileDescriptor openSocketFd(String host, int port, int timeoutMs);
+ ParcelFileDescriptor openDatagramSocketFd();
String getPackageName();
int getUid();
}
diff --git a/tests/cts/hostside/app/src/com/android/cts/net/hostside/NetworkPolicyTestUtils.java b/tests/cts/hostside/app/src/com/android/cts/net/hostside/NetworkPolicyTestUtils.java
index 7842eec..deca6a2 100644
--- a/tests/cts/hostside/app/src/com/android/cts/net/hostside/NetworkPolicyTestUtils.java
+++ b/tests/cts/hostside/app/src/com/android/cts/net/hostside/NetworkPolicyTestUtils.java
@@ -117,6 +117,7 @@
return false;
}
if (mDataSaverSupported == null) {
+ setRestrictBackgroundInternal(false);
assertMyRestrictBackgroundStatus(RESTRICT_BACKGROUND_STATUS_DISABLED);
try {
setRestrictBackgroundInternal(true);
diff --git a/tests/cts/hostside/app/src/com/android/cts/net/hostside/RemoteSocketFactoryClient.java b/tests/cts/hostside/app/src/com/android/cts/net/hostside/RemoteSocketFactoryClient.java
index 80f99b6..01fbd66 100644
--- a/tests/cts/hostside/app/src/com/android/cts/net/hostside/RemoteSocketFactoryClient.java
+++ b/tests/cts/hostside/app/src/com/android/cts/net/hostside/RemoteSocketFactoryClient.java
@@ -83,9 +83,19 @@
public FileDescriptor openSocketFd(String host, int port, int timeoutMs)
throws RemoteException, ErrnoException, IOException {
// Dup the filedescriptor so ParcelFileDescriptor's finalizer doesn't garbage collect it
- // and cause our fd to become invalid. http://b/35927643 .
- ParcelFileDescriptor pfd = mService.openSocketFd(host, port, timeoutMs);
- FileDescriptor fd = Os.dup(pfd.getFileDescriptor());
+ // and cause fd to become invalid. http://b/35927643.
+ final ParcelFileDescriptor pfd = mService.openSocketFd(host, port, timeoutMs);
+ final FileDescriptor fd = Os.dup(pfd.getFileDescriptor());
+ pfd.close();
+ return fd;
+ }
+
+ public FileDescriptor openDatagramSocketFd()
+ throws RemoteException, ErrnoException, IOException {
+ // Dup the filedescriptor so ParcelFileDescriptor's finalizer doesn't garbage collect it
+ // and cause fd to become invalid. http://b/35927643.
+ final ParcelFileDescriptor pfd = mService.openDatagramSocketFd();
+ final FileDescriptor fd = Os.dup(pfd.getFileDescriptor());
pfd.close();
return fd;
}
diff --git a/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java b/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
index dc67c70..5f032be 100755
--- a/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
+++ b/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
@@ -16,6 +16,7 @@
package com.android.cts.net.hostside;
+import static android.Manifest.permission.MANAGE_TEST_NETWORKS;
import static android.Manifest.permission.NETWORK_SETTINGS;
import static android.content.pm.PackageManager.FEATURE_TELEPHONY;
import static android.content.pm.PackageManager.FEATURE_WIFI;
@@ -35,6 +36,8 @@
import static androidx.test.platform.app.InstrumentationRegistry.getInstrumentation;
import static com.android.compatibility.common.util.SystemUtil.runWithShellPermissionIdentity;
+import static com.android.networkstack.apishim.ConstantsShim.BLOCKED_REASON_LOCKDOWN_VPN;
+import static com.android.networkstack.apishim.ConstantsShim.BLOCKED_REASON_NONE;
import static com.android.testutils.Cleanup.testAndCleanup;
import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
@@ -59,12 +62,15 @@
import android.database.Cursor;
import android.net.ConnectivityManager;
import android.net.ConnectivityManager.NetworkCallback;
+import android.net.LinkAddress;
import android.net.LinkProperties;
import android.net.Network;
import android.net.NetworkCapabilities;
import android.net.NetworkRequest;
import android.net.Proxy;
import android.net.ProxyInfo;
+import android.net.TestNetworkInterface;
+import android.net.TestNetworkManager;
import android.net.TransportInfo;
import android.net.Uri;
import android.net.VpnManager;
@@ -72,6 +78,7 @@
import android.net.VpnTransportInfo;
import android.net.cts.util.CtsNetUtils;
import android.net.wifi.WifiManager;
+import android.os.Build;
import android.os.Handler;
import android.os.Looper;
import android.os.ParcelFileDescriptor;
@@ -90,11 +97,13 @@
import android.test.MoreAsserts;
import android.text.TextUtils;
import android.util.Log;
+import android.util.Range;
import androidx.test.ext.junit.runners.AndroidJUnit4;
import com.android.compatibility.common.util.BlockingBroadcastReceiver;
import com.android.modules.utils.build.SdkLevel;
+import com.android.net.module.util.PacketBuilder;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
import com.android.testutils.RecorderCallback;
@@ -113,12 +122,14 @@
import java.io.OutputStream;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
+import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.UnknownHostException;
+import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.List;
@@ -164,6 +175,12 @@
private static final String PRIVATE_DNS_SPECIFIER_SETTING = "private_dns_specifier";
private static final int NETWORK_CALLBACK_TIMEOUT_MS = 30_000;
+ private static final LinkAddress TEST_IP4_DST_ADDR = new LinkAddress("198.51.100.1/24");
+ private static final LinkAddress TEST_IP4_SRC_ADDR = new LinkAddress("198.51.100.2/24");
+ private static final LinkAddress TEST_IP6_DST_ADDR = new LinkAddress("2001:db8:1:3::1/64");
+ private static final LinkAddress TEST_IP6_SRC_ADDR = new LinkAddress("2001:db8:1:3::2/64");
+ private static final short TEST_SRC_PORT = 5555;
+
public static String TAG = "VpnTest";
public static int TIMEOUT_MS = 3 * 1000;
public static int SOCKET_TIMEOUT_MS = 100;
@@ -378,10 +395,6 @@
if (mNetwork == null) {
fail("VPN did not become available after " + TIMEOUT_MS + "ms");
}
-
- // Unfortunately, when the available callback fires, the VPN UID ranges are not yet
- // configured. Give the system some time to do so. http://b/18436087 .
- try { Thread.sleep(3000); } catch(InterruptedException e) {}
}
private void stopVpn() {
@@ -1576,4 +1589,180 @@
return future.get(timeout, unit);
}
}
+
+ private static final boolean EXPECT_PASS = false;
+ private static final boolean EXPECT_BLOCK = true;
+
+ @Test @IgnoreUpTo(Build.VERSION_CODES.R)
+ public void testBlockIncomingPackets() throws Exception {
+ assumeTrue(supportedHardware());
+ final Network network = mCM.getActiveNetwork();
+ assertNotNull("Requires a working Internet connection", network);
+
+ final int remoteUid = mRemoteSocketFactoryClient.getUid();
+ final List<Range<Integer>> lockdownRange = List.of(new Range<>(remoteUid, remoteUid));
+ final DetailedBlockedStatusCallback remoteUidCallback = new DetailedBlockedStatusCallback();
+
+ // Create a TUN interface
+ final FileDescriptor tunFd = runWithShellPermissionIdentity(() -> {
+ final TestNetworkManager tnm = getInstrumentation().getContext().getSystemService(
+ TestNetworkManager.class);
+ final TestNetworkInterface iface = tnm.createTunInterface(List.of(
+ TEST_IP4_DST_ADDR, TEST_IP6_DST_ADDR));
+ return iface.getFileDescriptor().getFileDescriptor();
+ }, MANAGE_TEST_NETWORKS);
+
+ // Create a remote UDP socket
+ final FileDescriptor remoteUdpFd = mRemoteSocketFactoryClient.openDatagramSocketFd();
+
+ testAndCleanup(() -> {
+ runWithShellPermissionIdentity(() -> {
+ mCM.registerDefaultNetworkCallbackForUid(remoteUid, remoteUidCallback,
+ new Handler(Looper.getMainLooper()));
+ }, NETWORK_SETTINGS);
+ remoteUidCallback.expectAvailableCallbacks(network);
+
+ // The remote UDP socket can receive packets coming from the TUN interface
+ checkBlockIncomingPacket(tunFd, remoteUdpFd, EXPECT_PASS);
+
+ // Lockdown uid that has the remote UDP socket
+ runWithShellPermissionIdentity(() -> {
+ mCM.setRequireVpnForUids(true /* requireVpn */, lockdownRange);
+ }, NETWORK_SETTINGS);
+
+ // setRequireVpnForUids setup a lockdown rule asynchronously. So it needs to wait for
+ // BlockedStatusCallback to be fired before checking the blocking status of incoming
+ // packets.
+ remoteUidCallback.expectBlockedStatusCallback(network, BLOCKED_REASON_LOCKDOWN_VPN);
+
+ if (SdkLevel.isAtLeastT()) {
+ // On T and above, lockdown rule drop packets not coming from lo regardless of the
+ // VPN connectivity.
+ checkBlockIncomingPacket(tunFd, remoteUdpFd, EXPECT_BLOCK);
+ }
+
+ // Start the VPN that has default routes. This VPN should have interface filtering rule
+ // for incoming packet and drop packets not coming from lo nor the VPN interface.
+ final String allowedApps =
+ mRemoteSocketFactoryClient.getPackageName() + "," + mPackageName;
+ startVpn(new String[]{"192.0.2.2/32", "2001:db8:1:2::ffe/128"},
+ new String[]{"0.0.0.0/0", "::/0"}, allowedApps, "" /* disallowedApplications */,
+ null /* proxyInfo */, null /* underlyingNetworks */,
+ false /* isAlwaysMetered */);
+
+ checkBlockIncomingPacket(tunFd, remoteUdpFd, EXPECT_BLOCK);
+ }, /* cleanup */ () -> {
+ mCM.unregisterNetworkCallback(remoteUidCallback);
+ }, /* cleanup */ () -> {
+ Os.close(tunFd);
+ }, /* cleanup */ () -> {
+ Os.close(remoteUdpFd);
+ }, /* cleanup */ () -> {
+ runWithShellPermissionIdentity(() -> {
+ mCM.setRequireVpnForUids(false /* requireVpn */, lockdownRange);
+ }, NETWORK_SETTINGS);
+ });
+ }
+
+ private ByteBuffer buildIpv4UdpPacket(final Inet4Address dstAddr, final Inet4Address srcAddr,
+ final short dstPort, final short srcPort, final byte[] payload) throws IOException {
+
+ final ByteBuffer buffer = PacketBuilder.allocate(false /* hasEther */,
+ OsConstants.IPPROTO_IP, OsConstants.IPPROTO_UDP, payload.length);
+ final PacketBuilder packetBuilder = new PacketBuilder(buffer);
+
+ packetBuilder.writeIpv4Header(
+ (byte) 0 /* TOS */,
+ (short) 27149 /* ID */,
+ (short) 0x4000 /* flags=DF, offset=0 */,
+ (byte) 64 /* TTL */,
+ (byte) OsConstants.IPPROTO_UDP,
+ srcAddr,
+ dstAddr);
+ packetBuilder.writeUdpHeader(srcPort, dstPort);
+ buffer.put(payload);
+
+ return packetBuilder.finalizePacket();
+ }
+
+ private ByteBuffer buildIpv6UdpPacket(final Inet6Address dstAddr, final Inet6Address srcAddr,
+ final short dstPort, final short srcPort, final byte[] payload) throws IOException {
+
+ final ByteBuffer buffer = PacketBuilder.allocate(false /* hasEther */,
+ OsConstants.IPPROTO_IPV6, OsConstants.IPPROTO_UDP, payload.length);
+ final PacketBuilder packetBuilder = new PacketBuilder(buffer);
+
+ packetBuilder.writeIpv6Header(
+ 0x60000000 /* version=6, traffic class=0, flow label=0 */,
+ (byte) OsConstants.IPPROTO_UDP,
+ (short) 64 /* hop limit */,
+ srcAddr,
+ dstAddr);
+ packetBuilder.writeUdpHeader(srcPort, dstPort);
+ buffer.put(payload);
+
+ return packetBuilder.finalizePacket();
+ }
+
+ private void checkBlockUdp(
+ final FileDescriptor srcTunFd,
+ final FileDescriptor dstUdpFd,
+ final boolean ipv6,
+ final boolean expectBlock) throws Exception {
+ final Random random = new Random();
+ final byte[] sendData = new byte[100];
+ random.nextBytes(sendData);
+ final short dstPort = (short) ((InetSocketAddress) Os.getsockname(dstUdpFd)).getPort();
+
+ ByteBuffer buf;
+ if (ipv6) {
+ buf = buildIpv6UdpPacket(
+ (Inet6Address) TEST_IP6_DST_ADDR.getAddress(),
+ (Inet6Address) TEST_IP6_SRC_ADDR.getAddress(),
+ dstPort, TEST_SRC_PORT, sendData);
+ } else {
+ buf = buildIpv4UdpPacket(
+ (Inet4Address) TEST_IP4_DST_ADDR.getAddress(),
+ (Inet4Address) TEST_IP4_SRC_ADDR.getAddress(),
+ dstPort, TEST_SRC_PORT, sendData);
+ }
+
+ Os.write(srcTunFd, buf);
+
+ final StructPollfd pollfd = new StructPollfd();
+ pollfd.events = (short) POLLIN;
+ pollfd.fd = dstUdpFd;
+ final int ret = Os.poll(new StructPollfd[]{pollfd}, SOCKET_TIMEOUT_MS);
+
+ if (expectBlock) {
+ assertEquals("Expect not to receive a packet but received a packet", 0, ret);
+ } else {
+ assertEquals("Expect to receive a packet but did not receive a packet", 1, ret);
+ final byte[] recvData = new byte[sendData.length];
+ final int readSize = Os.read(dstUdpFd, recvData, 0 /* byteOffset */, recvData.length);
+ assertEquals(recvData.length, readSize);
+ MoreAsserts.assertEquals(sendData, recvData);
+ }
+ }
+
+ private void checkBlockIncomingPacket(
+ final FileDescriptor srcTunFd,
+ final FileDescriptor dstUdpFd,
+ final boolean expectBlock) throws Exception {
+ checkBlockUdp(srcTunFd, dstUdpFd, false /* ipv6 */, expectBlock);
+ checkBlockUdp(srcTunFd, dstUdpFd, true /* ipv6 */, expectBlock);
+ }
+
+ private class DetailedBlockedStatusCallback extends TestableNetworkCallback {
+ public void expectAvailableCallbacks(Network network) {
+ super.expectAvailableCallbacks(network, false /* suspended */, true /* validated */,
+ BLOCKED_REASON_NONE, NETWORK_CALLBACK_TIMEOUT_MS);
+ }
+ public void expectBlockedStatusCallback(Network network, int blockedStatus) {
+ super.expectBlockedStatusCallback(blockedStatus, network, NETWORK_CALLBACK_TIMEOUT_MS);
+ }
+ public void onBlockedStatusChanged(Network network, int blockedReasons) {
+ getHistory().add(new CallbackEntry.BlockedStatusInt(network, blockedReasons));
+ }
+ }
}
diff --git a/tests/cts/hostside/app2/src/com/android/cts/net/hostside/app2/RemoteSocketFactoryService.java b/tests/cts/hostside/app2/src/com/android/cts/net/hostside/app2/RemoteSocketFactoryService.java
index b1b7d77..fb6d16f 100644
--- a/tests/cts/hostside/app2/src/com/android/cts/net/hostside/app2/RemoteSocketFactoryService.java
+++ b/tests/cts/hostside/app2/src/com/android/cts/net/hostside/app2/RemoteSocketFactoryService.java
@@ -17,16 +17,17 @@
package com.android.cts.net.hostside.app2;
import android.app.Service;
-import android.content.Context;
import android.content.Intent;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
import android.os.Process;
-import android.util.Log;
import com.android.cts.net.hostside.IRemoteSocketFactory;
+import java.io.UncheckedIOException;
+import java.net.DatagramSocket;
import java.net.Socket;
+import java.net.SocketException;
public class RemoteSocketFactoryService extends Service {
@@ -54,6 +55,16 @@
public int getUid() {
return Process.myUid();
}
+
+ @Override
+ public ParcelFileDescriptor openDatagramSocketFd() {
+ try {
+ final DatagramSocket s = new DatagramSocket();
+ return ParcelFileDescriptor.fromDatagramSocket(s);
+ } catch (SocketException e) {
+ throw new UncheckedIOException(e);
+ }
+ }
};
@Override
diff --git a/tests/cts/hostside/app3/Android.bp b/tests/cts/hostside/app3/Android.bp
deleted file mode 100644
index 69667ce..0000000
--- a/tests/cts/hostside/app3/Android.bp
+++ /dev/null
@@ -1,50 +0,0 @@
-//
-// Copyright (C) 2022 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-java_defaults {
- name: "CtsHostsideNetworkTestsApp3Defaults",
- srcs: ["src/**/*.java"],
- libs: [
- "junit",
- ],
- static_libs: [
- "ctstestrunner-axt",
- "truth-prebuilt",
- ],
-
- // Tag this module as a cts test artifact
- test_suites: [
- "cts",
- "general-tests",
- ],
-}
-
-android_test_helper_app {
- name: "CtsHostsideNetworkTestsApp3",
- defaults: [
- "cts_support_defaults",
- "CtsHostsideNetworkTestsApp3Defaults",
- ],
-}
-
-android_test_helper_app {
- name: "CtsHostsideNetworkTestsApp3PreT",
- target_sdk_version: "31",
- defaults: [
- "cts_support_defaults",
- "CtsHostsideNetworkTestsApp3Defaults",
- ],
-}
diff --git a/tests/cts/hostside/app3/AndroidManifest.xml b/tests/cts/hostside/app3/AndroidManifest.xml
deleted file mode 100644
index eabcacb..0000000
--- a/tests/cts/hostside/app3/AndroidManifest.xml
+++ /dev/null
@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (C) 2022 The Android Open Source Project
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-
-<manifest xmlns:android="http://schemas.android.com/apk/res/android"
- package="com.android.cts.net.hostside.app3">
-
- <application android:debuggable="true">
- <uses-library android:name="android.test.runner" />
- </application>
-
- <instrumentation
- android:name="androidx.test.runner.AndroidJUnitRunner"
- android:targetPackage="com.android.cts.net.hostside.app3" />
-
-</manifest>
diff --git a/tests/cts/hostside/app3/src/com/android/cts/net/hostside/app3/ExcludedRoutesGatingTest.java b/tests/cts/hostside/app3/src/com/android/cts/net/hostside/app3/ExcludedRoutesGatingTest.java
deleted file mode 100644
index a1a8209..0000000
--- a/tests/cts/hostside/app3/src/com/android/cts/net/hostside/app3/ExcludedRoutesGatingTest.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * Copyright (C) 2022 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.cts.net.hostside.app3;
-
-import static org.junit.Assert.assertEquals;
-
-import android.Manifest;
-import android.net.IpPrefix;
-import android.net.LinkProperties;
-import android.net.RouteInfo;
-
-import androidx.test.InstrumentationRegistry;
-import androidx.test.runner.AndroidJUnit4;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-/**
- * Tests to verify {@link LinkProperties#getRoutes} behavior, depending on
- * {@LinkProperties#EXCLUDED_ROUTES} change state.
- */
-@RunWith(AndroidJUnit4.class)
-public class ExcludedRoutesGatingTest {
- @Before
- public void setUp() {
- InstrumentationRegistry.getInstrumentation().getUiAutomation()
- .adoptShellPermissionIdentity(Manifest.permission.LOG_COMPAT_CHANGE,
- Manifest.permission.READ_COMPAT_CHANGE_CONFIG);
- }
-
- @After
- public void tearDown() {
- InstrumentationRegistry.getInstrumentation().getUiAutomation()
- .dropShellPermissionIdentity();
- }
-
- @Test
- public void testExcludedRoutesChangeEnabled() {
- final LinkProperties lp = makeLinkPropertiesWithExcludedRoutes();
-
- // Excluded routes change is enabled: non-RTN_UNICAST routes are visible.
- assertEquals(2, lp.getRoutes().size());
- assertEquals(2, lp.getAllRoutes().size());
- }
-
- @Test
- public void testExcludedRoutesChangeDisabled() {
- final LinkProperties lp = makeLinkPropertiesWithExcludedRoutes();
-
- // Excluded routes change is disabled: non-RTN_UNICAST routes are filtered out.
- assertEquals(0, lp.getRoutes().size());
- assertEquals(0, lp.getAllRoutes().size());
- }
-
- private LinkProperties makeLinkPropertiesWithExcludedRoutes() {
- final LinkProperties lp = new LinkProperties();
-
- lp.addRoute(new RouteInfo(new IpPrefix("10.0.0.0/8"), null, null, RouteInfo.RTN_THROW));
- lp.addRoute(new RouteInfo(new IpPrefix("2001:db8::/64"), null, null,
- RouteInfo.RTN_UNREACHABLE));
-
- return lp;
- }
-}
diff --git a/tests/cts/hostside/src/com/android/cts/net/HostsideLinkPropertiesGatingTests.java b/tests/cts/hostside/src/com/android/cts/net/HostsideLinkPropertiesGatingTests.java
deleted file mode 100644
index 9a1fa42..0000000
--- a/tests/cts/hostside/src/com/android/cts/net/HostsideLinkPropertiesGatingTests.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * Copyright (C) 2022 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.cts.net;
-
-import android.compat.cts.CompatChangeGatingTestCase;
-
-import java.util.Set;
-
-/**
- * Tests for the {@link android.net.LinkProperties#EXCLUDED_ROUTES} compatibility change.
- *
- * TODO: see if we can delete this cumbersome host test by moving the coverage to CtsNetTestCases
- * and CtsNetTestCasesMaxTargetSdk31.
- */
-public class HostsideLinkPropertiesGatingTests extends CompatChangeGatingTestCase {
- private static final String TEST_APK = "CtsHostsideNetworkTestsApp3.apk";
- private static final String TEST_APK_PRE_T = "CtsHostsideNetworkTestsApp3PreT.apk";
- private static final String TEST_PKG = "com.android.cts.net.hostside.app3";
- private static final String TEST_CLASS = ".ExcludedRoutesGatingTest";
-
- private static final long EXCLUDED_ROUTES_CHANGE_ID = 186082280;
-
- protected void tearDown() throws Exception {
- uninstallPackage(TEST_PKG, true);
- }
-
- public void testExcludedRoutesChangeEnabled() throws Exception {
- installPackage(TEST_APK, true);
- runDeviceCompatTest("testExcludedRoutesChangeEnabled");
- }
-
- public void testExcludedRoutesChangeDisabledPreT() throws Exception {
- installPackage(TEST_APK_PRE_T, true);
- runDeviceCompatTest("testExcludedRoutesChangeDisabled");
- }
-
- public void testExcludedRoutesChangeDisabledByOverrideOnDebugBuild() throws Exception {
- // Must install APK even when skipping test, because tearDown expects uninstall to succeed.
- installPackage(TEST_APK, true);
-
- // This test uses an app with a target SDK where the compat change is on by default.
- // Because user builds do not allow overriding compat changes, only run this test on debug
- // builds. This seems better than deleting this test and not running it anywhere because we
- // could in the future run this test on userdebug builds in presubmit.
- //
- // We cannot use assumeXyz here because CompatChangeGatingTestCase ultimately inherits from
- // junit.framework.TestCase, which does not understand assumption failures.
- if ("user".equals(getDevice().getProperty("ro.build.type"))) return;
-
- runDeviceCompatTestWithChangeDisabled("testExcludedRoutesChangeDisabled");
- }
-
- public void testExcludedRoutesChangeEnabledByOverridePreT() throws Exception {
- installPackage(TEST_APK_PRE_T, true);
- runDeviceCompatTestWithChangeEnabled("testExcludedRoutesChangeEnabled");
- }
-
- private void runDeviceCompatTest(String methodName) throws Exception {
- runDeviceCompatTest(TEST_PKG, TEST_CLASS, methodName, Set.of(), Set.of());
- }
-
- private void runDeviceCompatTestWithChangeEnabled(String methodName) throws Exception {
- runDeviceCompatTest(TEST_PKG, TEST_CLASS, methodName, Set.of(EXCLUDED_ROUTES_CHANGE_ID),
- Set.of());
- }
-
- private void runDeviceCompatTestWithChangeDisabled(String methodName) throws Exception {
- runDeviceCompatTest(TEST_PKG, TEST_CLASS, methodName, Set.of(),
- Set.of(EXCLUDED_ROUTES_CHANGE_ID));
- }
-}
diff --git a/tests/cts/hostside/src/com/android/cts/net/HostsideNetworkTestCase.java b/tests/cts/hostside/src/com/android/cts/net/HostsideNetworkTestCase.java
index cc07fd1..d0567ae 100644
--- a/tests/cts/hostside/src/com/android/cts/net/HostsideNetworkTestCase.java
+++ b/tests/cts/hostside/src/com/android/cts/net/HostsideNetworkTestCase.java
@@ -34,8 +34,6 @@
import java.io.FileNotFoundException;
import java.util.Map;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
abstract class HostsideNetworkTestCase extends DeviceTestCase implements IAbiReceiver,
IBuildReceiver {
@@ -171,18 +169,19 @@
}
}
- private static final Pattern UID_PATTERN =
- Pattern.compile(".*userId=([0-9]+)$", Pattern.MULTILINE);
-
protected int getUid(String packageName) throws DeviceNotAvailableException {
- final String output = runCommand("dumpsys package " + packageName);
- final Matcher matcher = UID_PATTERN.matcher(output);
- while (matcher.find()) {
- final String match = matcher.group(1);
- return Integer.parseInt(match);
+ final int currentUser = getDevice().getCurrentUser();
+ final String uidLines = runCommand(
+ "cmd package list packages -U --user " + currentUser + " " + packageName);
+ for (String uidLine : uidLines.split("\n")) {
+ if (uidLine.startsWith("package:" + packageName + " uid:")) {
+ final String[] uidLineParts = uidLine.split(":");
+ // 3rd entry is package uid
+ return Integer.parseInt(uidLineParts[2].trim());
+ }
}
- throw new RuntimeException("Did not find regexp '" + UID_PATTERN + "' on adb output\n"
- + output);
+ throw new IllegalStateException("Failed to find the test app on the device; pkg="
+ + packageName + ", u=" + currentUser);
}
protected String runCommand(String command) throws DeviceNotAvailableException {
diff --git a/tests/cts/hostside/src/com/android/cts/net/HostsideVpnTests.java b/tests/cts/hostside/src/com/android/cts/net/HostsideVpnTests.java
index 3821f87..4d90a4a 100644
--- a/tests/cts/hostside/src/com/android/cts/net/HostsideVpnTests.java
+++ b/tests/cts/hostside/src/com/android/cts/net/HostsideVpnTests.java
@@ -116,4 +116,8 @@
public void testInterleavedRoutes() throws Exception {
runDeviceTests(TEST_PKG, TEST_PKG + ".VpnTest", "testInterleavedRoutes");
}
+
+ public void testBlockIncomingPackets() throws Exception {
+ runDeviceTests(TEST_PKG, TEST_PKG + ".VpnTest", "testBlockIncomingPackets");
+ }
}
diff --git a/tests/cts/net/Android.bp b/tests/cts/net/Android.bp
index a6ed762..23cb15c 100644
--- a/tests/cts/net/Android.bp
+++ b/tests/cts/net/Android.bp
@@ -61,7 +61,9 @@
// uncomment when b/13249961 is fixed
// sdk_version: "current",
platform_apis: true,
- required: ["ConnectivityChecker"],
+ data: [":ConnectivityChecker"],
+ per_testcase_directory: true,
+ host_required: ["net-tests-utils-host-common"],
test_config_template: "AndroidTestTemplate.xml",
}
@@ -72,9 +74,9 @@
android_test {
name: "CtsNetTestCases",
defaults: ["CtsNetTestCasesDefaults", "ConnectivityNextEnableDefaults"],
- // TODO: CTS should not depend on the entirety of the networkstack code.
static_libs: [
- "NetworkStackApiCurrentLib",
+ "DhcpPacketLib",
+ "NetworkStackApiCurrentShims",
],
test_suites: [
"cts",
@@ -86,7 +88,8 @@
name: "CtsNetTestCasesApiStableDefaults",
// TODO: CTS should not depend on the entirety of the networkstack code.
static_libs: [
- "NetworkStackApiStableLib",
+ "DhcpPacketLib",
+ "NetworkStackApiStableShims",
],
jni_uses_sdk_apis: true,
min_sdk_version: "29",
@@ -98,10 +101,10 @@
android_test {
name: "CtsNetTestCasesLatestSdk",
defaults: [
+ "ConnectivityTestsLatestSdkDefaults",
"CtsNetTestCasesDefaults",
"CtsNetTestCasesApiStableDefaults",
],
- target_sdk_version: "33",
test_suites: [
"general-tests",
"mts-dnsresolver",
@@ -127,3 +130,18 @@
],
}
+android_test {
+ name: "CtsNetTestCasesMaxTargetSdk30", // Must match CtsNetTestCasesMaxTargetSdk30 annotation.
+ defaults: [
+ "CtsNetTestCasesDefaults",
+ "CtsNetTestCasesApiStableDefaults",
+ ],
+ target_sdk_version: "30",
+ package_name: "android.net.cts.maxtargetsdk30", // CTS package names must be unique.
+ instrumentation_target_package: "android.net.cts.maxtargetsdk30",
+ test_suites: [
+ "cts",
+ "general-tests",
+ "mts-networking",
+ ],
+}
diff --git a/tests/cts/net/AndroidManifest.xml b/tests/cts/net/AndroidManifest.xml
index 6b5bb93..25490da 100644
--- a/tests/cts/net/AndroidManifest.xml
+++ b/tests/cts/net/AndroidManifest.xml
@@ -35,6 +35,7 @@
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.WRITE_SECURE_SETTINGS" />
<uses-permission android:name="android.permission.CHANGE_WIFI_MULTICAST_STATE" />
+ <uses-permission android:name="android.permission.PACKAGE_USAGE_STATS" />
<!-- TODO (b/186093901): remove after fixing resource querying -->
<uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" />
diff --git a/tests/cts/net/jni/NativeMultinetworkJni.cpp b/tests/cts/net/jni/NativeMultinetworkJni.cpp
index 60e31bc..6610d10 100644
--- a/tests/cts/net/jni/NativeMultinetworkJni.cpp
+++ b/tests/cts/net/jni/NativeMultinetworkJni.cpp
@@ -40,8 +40,12 @@
#define LOGD(fmt, ...) \
__android_log_print(ANDROID_LOG_DEBUG, LOG_TAG, fmt, ##__VA_ARGS__)
-#define EXPECT_GE(env, actual, expected, msg) \
+// Since the tests in this file commonly pass expression statements as parameters to these macros,
+// get the returned value of the statements to avoid statement double-called.
+#define EXPECT_GE(env, actual_stmt, expected_stmt, msg) \
do { \
+ const auto expected = (expected_stmt); \
+ const auto actual = (actual_stmt); \
if (actual < expected) { \
jniThrowExceptionFmt(env, "java/lang/AssertionError", \
"%s:%d: %s EXPECT_GE: expected %d, got %d", \
@@ -49,8 +53,10 @@
} \
} while (0)
-#define EXPECT_GT(env, actual, expected, msg) \
+#define EXPECT_GT(env, actual_stmt, expected_stmt, msg) \
do { \
+ const auto expected = (expected_stmt); \
+ const auto actual = (actual_stmt); \
if (actual <= expected) { \
jniThrowExceptionFmt(env, "java/lang/AssertionError", \
"%s:%d: %s EXPECT_GT: expected %d, got %d", \
@@ -58,8 +64,10 @@
} \
} while (0)
-#define EXPECT_EQ(env, expected, actual, msg) \
+#define EXPECT_EQ(env, expected_stmt, actual_stmt, msg) \
do { \
+ const auto expected = (expected_stmt); \
+ const auto actual = (actual_stmt); \
if (actual != expected) { \
jniThrowExceptionFmt(env, "java/lang/AssertionError", \
"%s:%d: %s EXPECT_EQ: expected %d, got %d", \
@@ -110,6 +118,18 @@
// If there is no valid answer, test will fail.
continue;
}
+
+ const int rtype = ns_rr_type(rr);
+ if (family == AF_INET) {
+ // If there is no expected address type, test will fail.
+ if (rtype != ns_t_a) continue;
+ } else if (family == AF_INET6) {
+ // If there is no expected address type, test will fail.
+ if (rtype != ns_t_aaaa) continue;
+ } else {
+ return -EAFNOSUPPORT;
+ }
+
const uint8_t* rdata = ns_rr_rdata(rr);
char buffer[INET6_ADDRSTRLEN];
if (inet_ntop(family, (const char*) rdata, buffer, sizeof(buffer)) == NULL) {
@@ -161,7 +181,7 @@
// V6
fd = android_res_nquery(handle, kHostname, ns_c_in, ns_t_aaaa, 0);
EXPECT_GE(env, fd, 0, "v6 res_nquery");
- EXPECT_EQ(env, 0, expectAnswersValid(env, fd, AF_INET, ns_r_noerror),
+ EXPECT_EQ(env, 0, expectAnswersValid(env, fd, AF_INET6, ns_r_noerror),
"v6 res_nquery check answers");
}
diff --git a/tests/cts/net/native/src/BpfCompatTest.cpp b/tests/cts/net/native/src/BpfCompatTest.cpp
index e52533b..5c02b0d 100644
--- a/tests/cts/net/native/src/BpfCompatTest.cpp
+++ b/tests/cts/net/native/src/BpfCompatTest.cpp
@@ -31,7 +31,10 @@
std::ifstream elfFile(elfPath, std::ios::in | std::ios::binary);
ASSERT_TRUE(elfFile.is_open());
- if (android::modules::sdklevel::IsAtLeastT()) {
+ if (android::modules::sdklevel::IsAtLeastU()) {
+ EXPECT_EQ(120, readSectionUint("size_of_bpf_map_def", elfFile, 0));
+ EXPECT_EQ(92, readSectionUint("size_of_bpf_prog_def", elfFile, 0));
+ } else if (android::modules::sdklevel::IsAtLeastT()) {
EXPECT_EQ(116, readSectionUint("size_of_bpf_map_def", elfFile, 0));
EXPECT_EQ(92, readSectionUint("size_of_bpf_prog_def", elfFile, 0));
} else {
@@ -47,8 +50,13 @@
}
TEST(BpfTest, bpfStructSizeTest) {
- doBpfStructSizeTest("/system/etc/bpf/gpu_mem.o");
- doBpfStructSizeTest("/system/etc/bpf/time_in_state.o");
+ if (android::modules::sdklevel::IsAtLeastU()) {
+ doBpfStructSizeTest("/system/etc/bpf/gpuMem.o");
+ doBpfStructSizeTest("/system/etc/bpf/timeInState.o");
+ } else {
+ doBpfStructSizeTest("/system/etc/bpf/gpu_mem.o");
+ doBpfStructSizeTest("/system/etc/bpf/time_in_state.o");
+ }
}
int main(int argc, char **argv) {
diff --git a/tests/cts/net/src/android/net/cts/CaptivePortalTest.kt b/tests/cts/net/src/android/net/cts/CaptivePortalTest.kt
index 0344604..aad8804 100644
--- a/tests/cts/net/src/android/net/cts/CaptivePortalTest.kt
+++ b/tests/cts/net/src/android/net/cts/CaptivePortalTest.kt
@@ -33,14 +33,12 @@
import android.net.NetworkCapabilities.TRANSPORT_WIFI
import android.net.NetworkRequest
import android.net.Uri
-import android.net.cts.NetworkValidationTestUtil.clearValidationTestUrlsDeviceConfig
import android.net.cts.NetworkValidationTestUtil.setHttpUrlDeviceConfig
import android.net.cts.NetworkValidationTestUtil.setHttpsUrlDeviceConfig
import android.net.cts.NetworkValidationTestUtil.setUrlExpirationDeviceConfig
import android.net.cts.util.CtsNetUtils
-import android.net.util.NetworkStackUtils.TEST_CAPTIVE_PORTAL_HTTPS_URL
-import android.net.util.NetworkStackUtils.TEST_CAPTIVE_PORTAL_HTTP_URL
-import android.os.Build
+import com.android.net.module.util.NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTPS_URL
+import com.android.net.module.util.NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTP_URL
import android.platform.test.annotations.AppModeFull
import android.provider.DeviceConfig
import android.provider.DeviceConfig.NAMESPACE_CONNECTIVITY
@@ -48,11 +46,11 @@
import android.util.Log
import androidx.test.platform.app.InstrumentationRegistry.getInstrumentation
import androidx.test.runner.AndroidJUnit4
+import com.android.modules.utils.build.SdkLevel.isAtLeastR
import com.android.testutils.RecorderCallback
import com.android.testutils.TestHttpServer
import com.android.testutils.TestHttpServer.Request
import com.android.testutils.TestableNetworkCallback
-import com.android.testutils.isDevSdkInRange
import com.android.testutils.runAsShell
import fi.iki.elonen.NanoHTTPD.Response.Status
import junit.framework.AssertionFailedError
@@ -60,6 +58,8 @@
import org.junit.Assume.assumeTrue
import org.junit.Assume.assumeFalse
import org.junit.Before
+import org.junit.BeforeClass
+import org.junit.Rule
import org.junit.runner.RunWith
import java.util.concurrent.CompletableFuture
import java.util.concurrent.TimeUnit
@@ -99,34 +99,42 @@
private val server = TestHttpServer("localhost")
+ @get:Rule
+ val deviceConfigRule = DeviceConfigRule(retryCountBeforeSIfConfigChanged = 5)
+
+ companion object {
+ @JvmStatic @BeforeClass
+ fun setUpClass() {
+ runAsShell(READ_DEVICE_CONFIG) {
+ // Verify that the test URLs are not normally set on the device, but do not fail if
+ // the test URLs are set to what this test uses (URLs on localhost), in case the
+ // test was interrupted manually and rerun.
+ assertEmptyOrLocalhostUrl(TEST_CAPTIVE_PORTAL_HTTPS_URL)
+ assertEmptyOrLocalhostUrl(TEST_CAPTIVE_PORTAL_HTTP_URL)
+ }
+ NetworkValidationTestUtil.clearValidationTestUrlsDeviceConfig()
+ }
+
+ private fun assertEmptyOrLocalhostUrl(urlKey: String) {
+ val url = DeviceConfig.getProperty(NAMESPACE_CONNECTIVITY, urlKey)
+ assertTrue(TextUtils.isEmpty(url) || LOCALHOST_HOSTNAME == Uri.parse(url).host,
+ "$urlKey must not be set in production scenarios (current value: $url)")
+ }
+ }
+
@Before
fun setUp() {
- runAsShell(READ_DEVICE_CONFIG) {
- // Verify that the test URLs are not normally set on the device, but do not fail if the
- // test URLs are set to what this test uses (URLs on localhost), in case the test was
- // interrupted manually and rerun.
- assertEmptyOrLocalhostUrl(TEST_CAPTIVE_PORTAL_HTTPS_URL)
- assertEmptyOrLocalhostUrl(TEST_CAPTIVE_PORTAL_HTTP_URL)
- }
- clearValidationTestUrlsDeviceConfig()
server.start()
}
@After
fun tearDown() {
- clearValidationTestUrlsDeviceConfig()
if (pm.hasSystemFeature(FEATURE_WIFI)) {
- reconnectWifi()
+ deviceConfigRule.runAfterNextCleanup { reconnectWifi() }
}
server.stop()
}
- private fun assertEmptyOrLocalhostUrl(urlKey: String) {
- val url = DeviceConfig.getProperty(NAMESPACE_CONNECTIVITY, urlKey)
- assertTrue(TextUtils.isEmpty(url) || LOCALHOST_HOSTNAME == Uri.parse(url).host,
- "$urlKey must not be set in production scenarios (current value: $url)")
- }
-
@Test
fun testCaptivePortalIsNotDefaultNetwork() {
assumeTrue(pm.hasSystemFeature(FEATURE_TELEPHONY))
@@ -154,12 +162,13 @@
server.addResponse(Request(TEST_HTTPS_URL_PATH), Status.INTERNAL_ERROR)
val headers = mapOf("Location" to makeUrl(TEST_PORTAL_URL_PATH))
server.addResponse(Request(TEST_HTTP_URL_PATH), Status.REDIRECT, headers)
- setHttpsUrlDeviceConfig(makeUrl(TEST_HTTPS_URL_PATH))
- setHttpUrlDeviceConfig(makeUrl(TEST_HTTP_URL_PATH))
+ setHttpsUrlDeviceConfig(deviceConfigRule, makeUrl(TEST_HTTPS_URL_PATH))
+ setHttpUrlDeviceConfig(deviceConfigRule, makeUrl(TEST_HTTP_URL_PATH))
Log.d(TAG, "Set portal URLs to $TEST_HTTPS_URL_PATH and $TEST_HTTP_URL_PATH")
// URL expiration needs to be in the next 10 minutes
assertTrue(WIFI_CONNECT_TIMEOUT_MS < TimeUnit.MINUTES.toMillis(10))
- setUrlExpirationDeviceConfig(System.currentTimeMillis() + WIFI_CONNECT_TIMEOUT_MS)
+ setUrlExpirationDeviceConfig(deviceConfigRule,
+ System.currentTimeMillis() + WIFI_CONNECT_TIMEOUT_MS)
// Wait for a captive portal to be detected on the network
val wifiNetworkFuture = CompletableFuture<Network>()
@@ -186,8 +195,8 @@
assertNotEquals(network, cm.activeNetwork, wifiDefaultMessage)
val startPortalAppPermission =
- if (isDevSdkInRange(0, Build.VERSION_CODES.Q)) CONNECTIVITY_INTERNAL
- else NETWORK_SETTINGS
+ if (isAtLeastR()) NETWORK_SETTINGS
+ else CONNECTIVITY_INTERNAL
runAsShell(startPortalAppPermission) { cm.startCaptivePortalApp(network) }
// Expect the portal content to be fetched at some point after detecting the portal.
@@ -215,4 +224,4 @@
utils.ensureWifiDisconnected(null /* wifiNetworkToCheck */)
utils.ensureWifiConnected()
}
-}
\ No newline at end of file
+}
diff --git a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
index 0e9c16d..8dbcc00 100644
--- a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
+++ b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
@@ -26,6 +26,7 @@
import static android.Manifest.permission.NETWORK_SETUP_WIZARD;
import static android.Manifest.permission.NETWORK_STACK;
import static android.Manifest.permission.READ_DEVICE_CONFIG;
+import static android.Manifest.permission.TETHER_PRIVILEGED;
import static android.content.pm.PackageManager.FEATURE_BLUETOOTH;
import static android.content.pm.PackageManager.FEATURE_ETHERNET;
import static android.content.pm.PackageManager.FEATURE_TELEPHONY;
@@ -37,9 +38,14 @@
import static android.content.pm.PackageManager.PERMISSION_GRANTED;
import static android.net.ConnectivityManager.EXTRA_NETWORK;
import static android.net.ConnectivityManager.EXTRA_NETWORK_REQUEST;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_DOZABLE;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_LOW_POWER_STANDBY;
import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_1;
import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_2;
import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_3;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_POWERSAVE;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_RESTRICTED;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_STANDBY;
import static android.net.ConnectivityManager.FIREWALL_RULE_ALLOW;
import static android.net.ConnectivityManager.FIREWALL_RULE_DENY;
import static android.net.ConnectivityManager.PROFILE_NETWORK_PREFERENCE_ENTERPRISE;
@@ -75,8 +81,6 @@
import static android.net.cts.util.CtsNetUtils.TEST_HOST;
import static android.net.cts.util.CtsNetUtils.TestNetworkCallback;
import static android.net.cts.util.CtsTetheringUtils.TestTetheringEventCallback;
-import static android.net.util.NetworkStackUtils.TEST_CAPTIVE_PORTAL_HTTPS_URL;
-import static android.net.util.NetworkStackUtils.TEST_CAPTIVE_PORTAL_HTTP_URL;
import static android.os.MessageQueue.OnFileDescriptorEventListener.EVENT_INPUT;
import static android.os.Process.INVALID_UID;
import static android.provider.Settings.Global.NETWORK_METERED_MULTIPATH_PREFERENCE;
@@ -88,6 +92,8 @@
import static com.android.compatibility.common.util.SystemUtil.runShellCommand;
import static com.android.compatibility.common.util.SystemUtil.runWithShellPermissionIdentity;
import static com.android.modules.utils.build.SdkLevel.isAtLeastS;
+import static com.android.net.module.util.NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTPS_URL;
+import static com.android.net.module.util.NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTP_URL;
import static com.android.networkstack.apishim.ConstantsShim.BLOCKED_REASON_LOCKDOWN_VPN;
import static com.android.networkstack.apishim.ConstantsShim.BLOCKED_REASON_NONE;
import static com.android.testutils.Cleanup.testAndCleanup;
@@ -159,7 +165,6 @@
import android.os.Process;
import android.os.ServiceManager;
import android.os.SystemClock;
-import android.os.SystemProperties;
import android.os.UserHandle;
import android.os.VintfRuntimeInfo;
import android.platform.test.annotations.AppModeFull;
@@ -170,7 +175,6 @@
import android.text.TextUtils;
import android.util.ArraySet;
import android.util.Log;
-import android.util.Pair;
import android.util.Range;
import androidx.test.InstrumentationRegistry;
@@ -185,9 +189,10 @@
import com.android.networkstack.apishim.NetworkInformationShimImpl;
import com.android.networkstack.apishim.common.ConnectivityManagerShim;
import com.android.testutils.CompatUtil;
+import com.android.testutils.ConnectivityModuleTest;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
-import com.android.testutils.DevSdkIgnoreRuleKt;
+import com.android.testutils.DeviceInfoUtils;
import com.android.testutils.DumpTestUtils;
import com.android.testutils.RecorderCallback.CallbackEntry;
import com.android.testutils.TestHttpServer;
@@ -249,6 +254,10 @@
@Rule
public final DevSdkIgnoreRule ignoreRule = new DevSdkIgnoreRule();
+ @Rule
+ public final DeviceConfigRule mTestValidationConfigRule = new DeviceConfigRule(
+ 5 /* retryCountBeforeSIfConfigChanged */);
+
private static final String TAG = ConnectivityManagerTest.class.getSimpleName();
public static final int TYPE_MOBILE = ConnectivityManager.TYPE_MOBILE;
@@ -327,11 +336,10 @@
mCtsNetUtils = new CtsNetUtils(mContext);
mTm = mContext.getSystemService(TelephonyManager.class);
- if (DevSdkIgnoreRuleKt.isDevSdkInRange(null /* minExclusive */,
- Build.VERSION_CODES.R /* maxInclusive */)) {
- addLegacySupportedNetworkTypes();
- } else {
+ if (isAtLeastS()) {
addSupportedNetworkTypes();
+ } else {
+ addLegacySupportedNetworkTypes();
}
mUiAutomation = mInstrumentation.getUiAutomation();
@@ -344,7 +352,8 @@
// Get com.android.internal.R.array.networkAttributes
int resId = mContext.getResources().getIdentifier("networkAttributes", "array", "android");
String[] naStrings = mContext.getResources().getStringArray(resId);
- boolean wifiOnly = SystemProperties.getBoolean("ro.radio.noril", false);
+ boolean wifiOnly = mPackageManager.hasSystemFeature(FEATURE_WIFI)
+ && !mPackageManager.hasSystemFeature(FEATURE_TELEPHONY);
for (String naString : naStrings) {
try {
final String[] splitConfig = naString.split(",");
@@ -405,14 +414,17 @@
// All tests in this class require a working Internet connection as they start. Make
// sure there is still one as they end that's ready to use for the next test to use.
- final TestNetworkCallback callback = new TestNetworkCallback();
- registerDefaultNetworkCallback(callback);
- try {
- assertNotNull("Couldn't restore Internet connectivity", callback.waitForAvailable());
- } finally {
- // Unregister all registered callbacks.
- unregisterRegisteredCallbacks();
- }
+ mTestValidationConfigRule.runAfterNextCleanup(() -> {
+ final TestNetworkCallback callback = new TestNetworkCallback();
+ registerDefaultNetworkCallback(callback);
+ try {
+ assertNotNull("Couldn't restore Internet connectivity",
+ callback.waitForAvailable());
+ } finally {
+ // Unregister all registered callbacks.
+ unregisterRegisteredCallbacks();
+ }
+ });
}
@Test
@@ -1615,51 +1627,7 @@
private static boolean isTcpKeepaliveSupportedByKernel() {
final String kVersionString = VintfRuntimeInfo.getKernelVersion();
- return compareMajorMinorVersion(kVersionString, "4.8") >= 0;
- }
-
- private static Pair<Integer, Integer> getVersionFromString(String version) {
- // Only gets major and minor number of the version string.
- final Pattern versionPattern = Pattern.compile("^(\\d+)(\\.(\\d+))?.*");
- final Matcher m = versionPattern.matcher(version);
- if (m.matches()) {
- final int major = Integer.parseInt(m.group(1));
- final int minor = TextUtils.isEmpty(m.group(3)) ? 0 : Integer.parseInt(m.group(3));
- return new Pair<>(major, minor);
- } else {
- return new Pair<>(0, 0);
- }
- }
-
- // TODO: Move to util class.
- private static int compareMajorMinorVersion(final String s1, final String s2) {
- final Pair<Integer, Integer> v1 = getVersionFromString(s1);
- final Pair<Integer, Integer> v2 = getVersionFromString(s2);
-
- if (v1.first == v2.first) {
- return Integer.compare(v1.second, v2.second);
- } else {
- return Integer.compare(v1.first, v2.first);
- }
- }
-
- /**
- * Verifies that version string compare logic returns expected result for various cases.
- * Note that only major and minor number are compared.
- */
- @Test
- public void testMajorMinorVersionCompare() {
- assertEquals(0, compareMajorMinorVersion("4.8.1", "4.8"));
- assertEquals(1, compareMajorMinorVersion("4.9", "4.8.1"));
- assertEquals(1, compareMajorMinorVersion("5.0", "4.8"));
- assertEquals(1, compareMajorMinorVersion("5", "4.8"));
- assertEquals(0, compareMajorMinorVersion("5", "5.0"));
- assertEquals(1, compareMajorMinorVersion("5-beta1", "4.8"));
- assertEquals(0, compareMajorMinorVersion("4.8.0.0", "4.8"));
- assertEquals(0, compareMajorMinorVersion("4.8-RC1", "4.8"));
- assertEquals(0, compareMajorMinorVersion("4.8", "4.8"));
- assertEquals(-1, compareMajorMinorVersion("3.10", "4.8.0"));
- assertEquals(-1, compareMajorMinorVersion("4.7.10.10", "4.8"));
+ return DeviceInfoUtils.compareMajorMinorVersion(kVersionString, "4.8") >= 0;
}
/**
@@ -2132,25 +2100,15 @@
try {
// Verify we cannot set Airplane Mode without correct permission:
- try {
- setAndVerifyAirplaneMode(true);
- fail("SecurityException should have been thrown when setAirplaneMode was called"
- + "without holding permission NETWORK_AIRPLANE_MODE.");
- } catch (SecurityException expected) {}
+ assertThrows(SecurityException.class, () -> setAndVerifyAirplaneMode(true));
// disable airplane mode again to reach a known state
runShellCommand("cmd connectivity airplane-mode disable");
- // adopt shell permission which holds NETWORK_AIRPLANE_MODE
- mUiAutomation.adoptShellPermissionIdentity();
+ // Verify we can enable Airplane Mode with correct permission.
+ // TODO: test that NETWORK_AIRPLANE_MODE works as well, once the shell has it.
+ runAsShell(NETWORK_SETTINGS, () -> setAndVerifyAirplaneMode(true));
- // Verify we can enable Airplane Mode with correct permission:
- try {
- setAndVerifyAirplaneMode(true);
- } catch (SecurityException e) {
- fail("SecurityException should not have been thrown when setAirplaneMode(true) was"
- + "called whilst holding the NETWORK_AIRPLANE_MODE permission.");
- }
// Verify that the enabling airplane mode takes effect as expected to prevent flakiness
// caused by fast airplane mode switches. Ensure network lost before turning off
// airplane mode.
@@ -2158,12 +2116,8 @@
if (supportTelephony) waitForLost(telephonyCb);
// Verify we can disable Airplane Mode with correct permission:
- try {
- setAndVerifyAirplaneMode(false);
- } catch (SecurityException e) {
- fail("SecurityException should not have been thrown when setAirplaneMode(false) was"
- + "called whilst holding the NETWORK_AIRPLANE_MODE permission.");
- }
+ runAsShell(NETWORK_SETTINGS, () -> setAndVerifyAirplaneMode(false));
+
// Verify that turning airplane mode off takes effect as expected.
// connectToCell only registers a request, it cannot / does not need to be called twice
mCtsNetUtils.ensureWifiConnected();
@@ -2173,7 +2127,6 @@
// Restore the previous state of airplane mode and permissions:
runShellCommand("cmd connectivity airplane-mode "
+ (isAirplaneModeEnabled ? "enable" : "disable"));
- mUiAutomation.dropShellPermissionIdentity();
}
}
@@ -2536,17 +2489,24 @@
ConnectivitySettingsManager.getNetworkAvoidBadWifi(mContext);
final int curPrivateDnsMode = ConnectivitySettingsManager.getPrivateDnsMode(mContext);
- TestTetheringEventCallback tetherEventCallback = null;
final CtsTetheringUtils tetherUtils = new CtsTetheringUtils(mContext);
+ final TestTetheringEventCallback tetherEventCallback =
+ tetherUtils.registerTetheringEventCallback();
try {
- tetherEventCallback = tetherUtils.registerTetheringEventCallback();
- // Adopt for NETWORK_SETTINGS permission.
- mUiAutomation.adoptShellPermissionIdentity();
- // start tethering
tetherEventCallback.assumeWifiTetheringSupported(mContext);
- tetherUtils.startWifiTethering(tetherEventCallback);
+
+ final TestableNetworkCallback wifiCb = new TestableNetworkCallback();
+ mCtsNetUtils.ensureWifiConnected();
+ registerCallbackAndWaitForAvailable(makeWifiNetworkRequest(), wifiCb);
// Update setting to verify the behavior.
- mCm.setAirplaneMode(true);
+ setAirplaneMode(true);
+ // Verify wifi lost to make sure airplane mode takes effect. This could
+ // prevent the race condition between airplane mode enabled and the followed
+ // up wifi tethering enabled.
+ waitForLost(wifiCb);
+ // start wifi tethering
+ tetherUtils.startWifiTethering(tetherEventCallback);
+
ConnectivitySettingsManager.setPrivateDnsMode(mContext,
ConnectivitySettingsManager.PRIVATE_DNS_MODE_OFF);
ConnectivitySettingsManager.setNetworkAvoidBadWifi(mContext,
@@ -2554,25 +2514,27 @@
assertEquals(AIRPLANE_MODE_ON, Settings.Global.getInt(
mContext.getContentResolver(), Settings.Global.AIRPLANE_MODE_ON));
// Verify factoryReset
- mCm.factoryReset();
+ runAsShell(NETWORK_SETTINGS, TETHER_PRIVILEGED, () -> {
+ mCm.factoryReset();
+ tetherEventCallback.expectNoTetheringActive();
+ });
verifySettings(AIRPLANE_MODE_OFF,
ConnectivitySettingsManager.PRIVATE_DNS_MODE_OPPORTUNISTIC,
ConnectivitySettingsManager.NETWORK_AVOID_BAD_WIFI_PROMPT);
-
- tetherEventCallback.expectNoTetheringActive();
} finally {
// Restore settings.
- mCm.setAirplaneMode(false);
+ setAirplaneMode(false);
ConnectivitySettingsManager.setNetworkAvoidBadWifi(mContext, curAvoidBadWifi);
ConnectivitySettingsManager.setPrivateDnsMode(mContext, curPrivateDnsMode);
- if (tetherEventCallback != null) {
- tetherUtils.unregisterTetheringEventCallback(tetherEventCallback);
- }
+ tetherUtils.unregisterTetheringEventCallback(tetherEventCallback);
tetherUtils.stopAllTethering();
- mUiAutomation.dropShellPermissionIdentity();
}
}
+ private void setAirplaneMode(boolean enable) {
+ runAsShell(NETWORK_SETTINGS, () -> mCm.setAirplaneMode(enable));
+ }
+
/**
* Verify that {@link ConnectivityManager#setProfileNetworkPreference} cannot be called
* without required NETWORK_STACK permissions.
@@ -2809,9 +2771,8 @@
// Accept partial connectivity network should result in a validated network
expectNetworkHasCapability(network, NET_CAPABILITY_VALIDATED, WIFI_CONNECT_TIMEOUT_MS);
} finally {
- resetValidationConfig();
- // Reconnect wifi to reset the wifi status
- reconnectWifi();
+ mHttpServer.stop();
+ mTestValidationConfigRule.runAfterNextCleanup(this::reconnectWifi);
}
}
@@ -2836,11 +2797,13 @@
// Reject partial connectivity network should cause the network being torn down
assertEquals(network, cb.waitForLost());
} finally {
- resetValidationConfig();
+ mHttpServer.stop();
// Wifi will not automatically reconnect to the network. ensureWifiDisconnected cannot
// apply here. Thus, turn off wifi first and restart to restore.
- runShellCommand("svc wifi disable");
- mCtsNetUtils.ensureWifiConnected();
+ mTestValidationConfigRule.runAfterNextCleanup(() -> {
+ runShellCommand("svc wifi disable");
+ mCtsNetUtils.ensureWifiConnected();
+ });
}
}
@@ -2876,11 +2839,13 @@
});
waitForLost(wifiCb);
} finally {
- resetValidationConfig();
+ mHttpServer.stop();
/// Wifi will not automatically reconnect to the network. ensureWifiDisconnected cannot
// apply here. Thus, turn off wifi first and restart to restore.
- runShellCommand("svc wifi disable");
- mCtsNetUtils.ensureWifiConnected();
+ mTestValidationConfigRule.runAfterNextCleanup(() -> {
+ runShellCommand("svc wifi disable");
+ mCtsNetUtils.ensureWifiConnected();
+ });
}
}
@@ -2940,9 +2905,8 @@
wifiCb.assertNoCallbackThat(NO_CALLBACK_TIMEOUT_MS, c -> isValidatedCaps(c));
} finally {
resetAvoidBadWifi(previousAvoidBadWifi);
- resetValidationConfig();
- // Reconnect wifi to reset the wifi status
- reconnectWifi();
+ mHttpServer.stop();
+ mTestValidationConfigRule.runAfterNextCleanup(this::reconnectWifi);
}
}
@@ -2986,11 +2950,6 @@
return future.get(timeout, TimeUnit.MILLISECONDS);
}
- private void resetValidationConfig() {
- NetworkValidationTestUtil.clearValidationTestUrlsDeviceConfig();
- mHttpServer.stop();
- }
-
private void prepareHttpServer() throws Exception {
runAsShell(READ_DEVICE_CONFIG, () -> {
// Verify that the test URLs are not normally set on the device, but do not fail if the
@@ -3063,9 +3022,11 @@
mHttpServer.addResponse(new TestHttpServer.Request(
TEST_HTTP_URL_PATH, Method.GET, "" /* queryParameters */),
httpStatusCode, null /* locationHeader */, "" /* content */);
- NetworkValidationTestUtil.setHttpsUrlDeviceConfig(makeUrl(TEST_HTTPS_URL_PATH));
- NetworkValidationTestUtil.setHttpUrlDeviceConfig(makeUrl(TEST_HTTP_URL_PATH));
- NetworkValidationTestUtil.setUrlExpirationDeviceConfig(
+ NetworkValidationTestUtil.setHttpsUrlDeviceConfig(mTestValidationConfigRule,
+ makeUrl(TEST_HTTPS_URL_PATH));
+ NetworkValidationTestUtil.setHttpUrlDeviceConfig(mTestValidationConfigRule,
+ makeUrl(TEST_HTTP_URL_PATH));
+ NetworkValidationTestUtil.setUrlExpirationDeviceConfig(mTestValidationConfigRule,
System.currentTimeMillis() + WIFI_CONNECT_TIMEOUT_MS);
}
@@ -3354,84 +3315,76 @@
private static final boolean EXPECT_PASS = false;
private static final boolean EXPECT_BLOCK = true;
+ private static final boolean ALLOWLIST = true;
+ private static final boolean DENYLIST = false;
- private void doTestFirewallBlockingDenyRule(final int chain) {
+ private void doTestFirewallBlocking(final int chain, final boolean isAllowList) {
+ final int myUid = Process.myUid();
+ final int ruleToAddMatch = isAllowList ? FIREWALL_RULE_ALLOW : FIREWALL_RULE_DENY;
+ final int ruleToRemoveMatch = isAllowList ? FIREWALL_RULE_DENY : FIREWALL_RULE_ALLOW;
+
runWithShellPermissionIdentity(() -> {
- try (DatagramSocket srcSock = new DatagramSocket();
- DatagramSocket dstSock = new DatagramSocket()) {
+ // Firewall chain status will be restored after the test.
+ final boolean wasChainEnabled = mCm.getFirewallChainEnabled(chain);
+ final DatagramSocket srcSock = new DatagramSocket();
+ final DatagramSocket dstSock = new DatagramSocket();
+ testAndCleanup(() -> {
+ if (wasChainEnabled) {
+ mCm.setFirewallChainEnabled(chain, false /* enable */);
+ }
dstSock.setSoTimeout(SOCKET_TIMEOUT_MS);
- // No global config, No uid config
+ // Chain disabled, UID not on chain.
checkFirewallBlocking(srcSock, dstSock, EXPECT_PASS);
- // Has global config, No uid config
+ // Chain enabled, UID not on chain.
mCm.setFirewallChainEnabled(chain, true /* enable */);
- checkFirewallBlocking(srcSock, dstSock, EXPECT_PASS);
+ assertTrue(mCm.getFirewallChainEnabled(chain));
+ checkFirewallBlocking(srcSock, dstSock, isAllowList ? EXPECT_BLOCK : EXPECT_PASS);
- // Has global config, Has uid config
- mCm.setUidFirewallRule(chain, Process.myUid(), FIREWALL_RULE_DENY);
- checkFirewallBlocking(srcSock, dstSock, EXPECT_BLOCK);
+ // Chain enabled, UID on chain.
+ mCm.setUidFirewallRule(chain, myUid, ruleToAddMatch);
+ checkFirewallBlocking(srcSock, dstSock, isAllowList ? EXPECT_PASS : EXPECT_BLOCK);
- // No global config, Has uid config
+ // Chain disabled, UID on chain.
mCm.setFirewallChainEnabled(chain, false /* enable */);
+ assertFalse(mCm.getFirewallChainEnabled(chain));
checkFirewallBlocking(srcSock, dstSock, EXPECT_PASS);
- // No global config, No uid config
- mCm.setUidFirewallRule(chain, Process.myUid(), FIREWALL_RULE_ALLOW);
+ // Chain disabled, UID not on chain.
+ mCm.setUidFirewallRule(chain, myUid, ruleToRemoveMatch);
checkFirewallBlocking(srcSock, dstSock, EXPECT_PASS);
- } finally {
- mCm.setFirewallChainEnabled(chain, false /* enable */);
- mCm.setUidFirewallRule(chain, Process.myUid(), FIREWALL_RULE_ALLOW);
- }
+ }, /* cleanup */ () -> {
+ srcSock.close();
+ dstSock.close();
+ }, /* cleanup */ () -> {
+ // Restore the global chain status
+ mCm.setFirewallChainEnabled(chain, wasChainEnabled);
+ }, /* cleanup */ () -> {
+ try {
+ mCm.setUidFirewallRule(chain, myUid, ruleToRemoveMatch);
+ } catch (IllegalStateException ignored) {
+ // Removing match causes an exception when the rule entry for the uid does
+ // not exist. But this is fine and can be ignored.
+ }
+ });
}, NETWORK_SETTINGS);
}
- private void doTestFirewallBlockingAllowRule(final int chain) {
- runWithShellPermissionIdentity(() -> {
- try (DatagramSocket srcSock = new DatagramSocket();
- DatagramSocket dstSock = new DatagramSocket()) {
- dstSock.setSoTimeout(SOCKET_TIMEOUT_MS);
-
- // No global config, No uid config
- checkFirewallBlocking(srcSock, dstSock, EXPECT_PASS);
-
- // Has global config, No uid config
- mCm.setFirewallChainEnabled(chain, true /* enable */);
- checkFirewallBlocking(srcSock, dstSock, EXPECT_BLOCK);
-
- // Has global config, Has uid config
- mCm.setUidFirewallRule(chain, Process.myUid(), FIREWALL_RULE_ALLOW);
- checkFirewallBlocking(srcSock, dstSock, EXPECT_PASS);
-
- // No global config, Has uid config
- mCm.setFirewallChainEnabled(chain, false /* enable */);
- checkFirewallBlocking(srcSock, dstSock, EXPECT_PASS);
-
- // No global config, No uid config
- mCm.setUidFirewallRule(chain, Process.myUid(), FIREWALL_RULE_DENY);
- checkFirewallBlocking(srcSock, dstSock, EXPECT_PASS);
- } finally {
- mCm.setFirewallChainEnabled(chain, false /* enable */);
- mCm.setUidFirewallRule(chain, Process.myUid(), FIREWALL_RULE_DENY);
- }
- }, NETWORK_SETTINGS);
- }
-
- @Test @IgnoreUpTo(SC_V2)
+ @Test @IgnoreUpTo(SC_V2) @ConnectivityModuleTest
@AppModeFull(reason = "Socket cannot bind in instant app mode")
public void testFirewallBlocking() {
- // Following tests affect the actual state of networking on the device after the test.
- // This might cause unexpected behaviour of the device. So, we skip them for now.
- // We will enable following tests after adding the logic of firewall state restoring.
- // doTestFirewallBlockingAllowRule(FIREWALL_CHAIN_DOZABLE);
- // doTestFirewallBlockingAllowRule(FIREWALL_CHAIN_POWERSAVE);
- // doTestFirewallBlockingAllowRule(FIREWALL_CHAIN_RESTRICTED);
- // doTestFirewallBlockingAllowRule(FIREWALL_CHAIN_LOW_POWER_STANDBY);
+ // ALLOWLIST means the firewall denies all by default, uids must be explicitly allowed
+ doTestFirewallBlocking(FIREWALL_CHAIN_DOZABLE, ALLOWLIST);
+ doTestFirewallBlocking(FIREWALL_CHAIN_POWERSAVE, ALLOWLIST);
+ doTestFirewallBlocking(FIREWALL_CHAIN_RESTRICTED, ALLOWLIST);
+ doTestFirewallBlocking(FIREWALL_CHAIN_LOW_POWER_STANDBY, ALLOWLIST);
- // doTestFirewallBlockingDenyRule(FIREWALL_CHAIN_STANDBY);
- doTestFirewallBlockingDenyRule(FIREWALL_CHAIN_OEM_DENY_1);
- doTestFirewallBlockingDenyRule(FIREWALL_CHAIN_OEM_DENY_2);
- doTestFirewallBlockingDenyRule(FIREWALL_CHAIN_OEM_DENY_3);
+ // DENYLIST means the firewall allows all by default, uids must be explicitly denyed
+ doTestFirewallBlocking(FIREWALL_CHAIN_STANDBY, DENYLIST);
+ doTestFirewallBlocking(FIREWALL_CHAIN_OEM_DENY_1, DENYLIST);
+ doTestFirewallBlocking(FIREWALL_CHAIN_OEM_DENY_2, DENYLIST);
+ doTestFirewallBlocking(FIREWALL_CHAIN_OEM_DENY_3, DENYLIST);
}
private void assumeTestSApis() {
diff --git a/tests/cts/net/src/android/net/cts/DeviceConfigRule.kt b/tests/cts/net/src/android/net/cts/DeviceConfigRule.kt
new file mode 100644
index 0000000..3a36cee
--- /dev/null
+++ b/tests/cts/net/src/android/net/cts/DeviceConfigRule.kt
@@ -0,0 +1,176 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.net.cts
+
+import android.Manifest.permission.READ_DEVICE_CONFIG
+import android.Manifest.permission.WRITE_DEVICE_CONFIG
+import android.provider.DeviceConfig
+import android.util.Log
+import com.android.modules.utils.build.SdkLevel
+import com.android.testutils.FunctionalUtils.ThrowingRunnable
+import com.android.testutils.runAsShell
+import com.android.testutils.tryTest
+import org.junit.rules.TestRule
+import org.junit.runner.Description
+import org.junit.runners.model.Statement
+import java.util.concurrent.CompletableFuture
+import java.util.concurrent.Executor
+import java.util.concurrent.TimeUnit
+
+private val TAG = DeviceConfigRule::class.simpleName
+
+/**
+ * A [TestRule] that helps set [DeviceConfig] for tests and clean up the test configuration
+ * automatically on teardown.
+ *
+ * The rule can also optionally retry tests when they fail following an external change of
+ * DeviceConfig before S; this typically happens because device config flags are synced while the
+ * test is running, and DisableConfigSyncTargetPreparer is only usable starting from S.
+ *
+ * @param retryCountBeforeSIfConfigChanged if > 0, when the test fails before S, check if
+ * the configs that were set through this rule were changed, and retry the test
+ * up to the specified number of times if yes.
+ */
+class DeviceConfigRule @JvmOverloads constructor(
+ val retryCountBeforeSIfConfigChanged: Int = 0
+) : TestRule {
+ // Maps (namespace, key) -> value
+ private val originalConfig = mutableMapOf<Pair<String, String>, String?>()
+ private val usedConfig = mutableMapOf<Pair<String, String>, String?>()
+
+ /**
+ * Actions to be run after cleanup of the config, for the current test only.
+ */
+ private val currentTestCleanupActions = mutableListOf<ThrowingRunnable>()
+
+ override fun apply(base: Statement, description: Description): Statement {
+ return TestValidationUrlStatement(base, description)
+ }
+
+ private inner class TestValidationUrlStatement(
+ private val base: Statement,
+ private val description: Description
+ ) : Statement() {
+ override fun evaluate() {
+ var retryCount = if (SdkLevel.isAtLeastS()) 1 else retryCountBeforeSIfConfigChanged + 1
+ while (retryCount > 0) {
+ retryCount--
+ tryTest {
+ base.evaluate()
+ // Can't use break/return out of a loop here because this is a tryTest lambda,
+ // so set retryCount to exit instead
+ retryCount = 0
+ }.catch<Throwable> { e -> // junit AssertionFailedError does not extend Exception
+ if (retryCount == 0) throw e
+ usedConfig.forEach { (key, value) ->
+ val currentValue = runAsShell(READ_DEVICE_CONFIG) {
+ DeviceConfig.getProperty(key.first, key.second)
+ }
+ if (currentValue != value) {
+ Log.w(TAG, "Test failed with unexpected device config change, retrying")
+ return@catch
+ }
+ }
+ throw e
+ } cleanupStep {
+ runAsShell(WRITE_DEVICE_CONFIG) {
+ originalConfig.forEach { (key, value) ->
+ DeviceConfig.setProperty(
+ key.first, key.second, value, false /* makeDefault */)
+ }
+ }
+ } cleanupStep {
+ originalConfig.clear()
+ usedConfig.clear()
+ } cleanup {
+ // Fold all cleanup actions into cleanup steps of an empty tryTest, so they are
+ // all run even if exceptions are thrown, and exceptions are reported properly.
+ currentTestCleanupActions.fold(tryTest { }) {
+ tryBlock, action -> tryBlock.cleanupStep { action.run() }
+ }.cleanup {
+ currentTestCleanupActions.clear()
+ }
+ }
+ }
+ }
+ }
+
+ /**
+ * Set a configuration key/value. After the test case ends, it will be restored to the value it
+ * had when this method was first called.
+ */
+ fun setConfig(namespace: String, key: String, value: String?): String? {
+ Log.i(TAG, "Setting config \"$key\" to \"$value\"")
+ val readWritePermissions = arrayOf(READ_DEVICE_CONFIG, WRITE_DEVICE_CONFIG)
+
+ val keyPair = Pair(namespace, key)
+ val existingValue = runAsShell(*readWritePermissions) {
+ DeviceConfig.getProperty(namespace, key)
+ }
+ if (!originalConfig.containsKey(keyPair)) {
+ originalConfig[keyPair] = existingValue
+ }
+ usedConfig[keyPair] = value
+ if (existingValue == value) {
+ // Already the correct value. There may be a race if a change is already in flight,
+ // but if multiple threads update the config there is no way to fix that anyway.
+ Log.i(TAG, "\"$key\" already had value \"$value\"")
+ return value
+ }
+
+ val future = CompletableFuture<String>()
+ val listener = DeviceConfig.OnPropertiesChangedListener {
+ // The listener receives updates for any change to any key, so don't react to
+ // changes that do not affect the relevant key
+ if (!it.keyset.contains(key)) return@OnPropertiesChangedListener
+ // "null" means absent in DeviceConfig : there is no such thing as a present but
+ // null value, so the following works even if |value| is null.
+ if (it.getString(key, null) == value) {
+ future.complete(value)
+ }
+ }
+
+ return tryTest {
+ runAsShell(*readWritePermissions) {
+ DeviceConfig.addOnPropertiesChangedListener(
+ DeviceConfig.NAMESPACE_CONNECTIVITY,
+ inlineExecutor,
+ listener)
+ DeviceConfig.setProperty(
+ DeviceConfig.NAMESPACE_CONNECTIVITY,
+ key,
+ value,
+ false /* makeDefault */)
+ // Don't drop the permission until the config is applied, just in case
+ future.get(NetworkValidationTestUtil.TIMEOUT_MS, TimeUnit.MILLISECONDS)
+ }.also {
+ Log.i(TAG, "Config \"$key\" successfully set to \"$value\"")
+ }
+ } cleanup {
+ DeviceConfig.removeOnPropertiesChangedListener(listener)
+ }
+ }
+
+ private val inlineExecutor get() = Executor { r -> r.run() }
+
+ /**
+ * Add an action to be run after config cleanup when the current test case ends.
+ */
+ fun runAfterNextCleanup(action: ThrowingRunnable) {
+ currentTestCleanupActions.add(action)
+ }
+}
diff --git a/tests/cts/net/src/android/net/cts/DnsResolverTest.java b/tests/cts/net/src/android/net/cts/DnsResolverTest.java
index 0c53411..3821cea 100644
--- a/tests/cts/net/src/android/net/cts/DnsResolverTest.java
+++ b/tests/cts/net/src/android/net/cts/DnsResolverTest.java
@@ -200,13 +200,13 @@
super(data);
// Check QR field.(query (0), or a response (1)).
- if ((mHeader.flags & (1 << 15)) == 0) {
+ if ((mHeader.getFlags() & (1 << 15)) == 0) {
throw new DnsParseException("Not an answer packet");
}
}
int getRcode() {
- return mHeader.rcode;
+ return mHeader.getFlags() & 0x0F;
}
int getANCount() {
diff --git a/tests/cts/net/src/android/net/cts/DscpPolicyTest.kt b/tests/cts/net/src/android/net/cts/DscpPolicyTest.kt
index cfccb8b..8940075 100644
--- a/tests/cts/net/src/android/net/cts/DscpPolicyTest.kt
+++ b/tests/cts/net/src/android/net/cts/DscpPolicyTest.kt
@@ -45,7 +45,6 @@
import android.net.TestNetworkInterface
import android.net.TestNetworkManager
import android.net.cts.util.CtsNetUtils.TestNetworkCallback
-import android.os.Build
import android.os.HandlerThread
import android.os.SystemClock
import android.platform.test.annotations.AppModeFull
@@ -164,27 +163,7 @@
// Only statically configure the IPv4 address; for IPv6, use the SLAAC generated
// address.
- iface = try {
- // createTapInterface(LinkAddress[]) only exists on T devices using a recent
- // connectivity module
- val addresses = arrayOf(LinkAddress(LOCAL_IPV4_ADDRESS, IP4_PREFIX_LEN))
- TestNetworkManager::class.java.getMethod("createTapInterface",
- Boolean::class.javaPrimitiveType, Array<LinkAddress>::class.java)
- .invoke(tnm,
- true /* disableIpv6ProvisioningDelay */, addresses) as TestNetworkInterface
- } catch (e: NoSuchMethodException) {
- if (Build.VERSION.SDK_INT > Build.VERSION_CODES.TIRAMISU) throw e
- // The DSCP policy feature does not work on T without an updated module, because
- // without change ID Ib40d4575455f34a8970eca8751b590319e2ee1ad which fixes checksum
- // calculation for non-TUN interfaces, the device would send packets with wrong
- // checksums.
- // The feature only worked on TUN interfaces because they have an empty L2 header,
- // and this is what the old test tested, but is not actually useful.
- // Here this is a T device using an old module, so just skip the test.
- assumeTrue("Known-broken DscpPolicy implementation used by this device", false);
- // Unreachable, but necessary for this branch to return Nothing
- throw e
- }
+ iface = tnm.createTapInterface(arrayOf(LinkAddress(LOCAL_IPV4_ADDRESS, IP4_PREFIX_LEN)))
assertNotNull(iface)
}
@@ -207,10 +186,6 @@
if (!kernelIsAtLeast(5, 15)) {
return
}
- if (!this::iface.isInitialized) {
- // Test was skipped or crashed in setUp
- return
- }
raResponder.stop()
arpResponder.stop()
@@ -248,7 +223,7 @@
val onLinkPrefix = raResponder.prefix
val startTime = SystemClock.elapsedRealtime()
while (SystemClock.elapsedRealtime() - startTime < PACKET_TIMEOUT_MS) {
- SystemClock.sleep(1 /* ms */)
+ SystemClock.sleep(50 /* ms */)
val sock = Os.socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP)
try {
network.bindSocket(sock)
@@ -341,6 +316,7 @@
fun parseV4PacketDscp(buffer: ByteBuffer): Int {
// Validate checksum before parsing packet.
val calCheck = IpUtils.ipChecksum(buffer, Struct.getSize(EthernetHeader::class.java))
+ assertEquals(0, calCheck, "Invalid IPv4 header checksum")
val ip_ver = buffer.get()
val tos = buffer.get()
@@ -351,7 +327,11 @@
val ipType = buffer.get()
val checksum = buffer.getShort()
- assertEquals(0, calCheck, "Invalid IPv4 header checksum")
+ if (ipType.toInt() == 2 /* IPPROTO_IGMP */ && ip_ver.toInt() == 0x46) {
+ // Need to ignore 'igmp v3 report' with 'router alert' option
+ } else {
+ assertEquals(0x45, ip_ver.toInt(), "Invalid IPv4 version or IPv4 options present")
+ }
return tos.toInt().shr(2)
}
@@ -362,6 +342,9 @@
val length = buffer.getShort()
val proto = buffer.get()
val hop = buffer.get()
+
+ assertEquals(6, ip_ver.toInt().shr(4), "Invalid IPv6 version")
+
// DSCP is bottom 4 bits of ip_ver and top 2 of tc.
val ip_ver_bottom = ip_ver.toInt().and(0xf)
val tc_dscp = tc.toInt().shr(6)
diff --git a/tests/cts/net/src/android/net/cts/EthernetManagerTest.kt b/tests/cts/net/src/android/net/cts/EthernetManagerTest.kt
index 69c41cd..74e57c9 100644
--- a/tests/cts/net/src/android/net/cts/EthernetManagerTest.kt
+++ b/tests/cts/net/src/android/net/cts/EthernetManagerTest.kt
@@ -21,9 +21,9 @@
import android.content.Context
import android.net.ConnectivityManager
import android.net.EthernetManager
-import android.net.EthernetManager.InterfaceStateListener
import android.net.EthernetManager.ETHERNET_STATE_DISABLED
import android.net.EthernetManager.ETHERNET_STATE_ENABLED
+import android.net.EthernetManager.InterfaceStateListener
import android.net.EthernetManager.ROLE_CLIENT
import android.net.EthernetManager.ROLE_NONE
import android.net.EthernetManager.ROLE_SERVER
@@ -32,37 +32,49 @@
import android.net.EthernetManager.STATE_LINK_UP
import android.net.EthernetManager.TetheredInterfaceCallback
import android.net.EthernetManager.TetheredInterfaceRequest
+import android.net.EthernetNetworkManagementException
import android.net.EthernetNetworkSpecifier
+import android.net.EthernetNetworkUpdateRequest
import android.net.InetAddresses
import android.net.IpConfiguration
+import android.net.LinkAddress
import android.net.MacAddress
import android.net.Network
+import android.net.NetworkCapabilities
+import android.net.NetworkCapabilities.NET_CAPABILITY_NOT_RESTRICTED
+import android.net.NetworkCapabilities.NET_CAPABILITY_TEMPORARILY_NOT_METERED
import android.net.NetworkCapabilities.NET_CAPABILITY_TRUSTED
import android.net.NetworkCapabilities.TRANSPORT_ETHERNET
import android.net.NetworkCapabilities.TRANSPORT_TEST
import android.net.NetworkRequest
+import android.net.StaticIpConfiguration
import android.net.TestNetworkInterface
import android.net.TestNetworkManager
import android.net.cts.EthernetManagerTest.EthernetStateListener.CallbackEntry.EthernetStateChanged
import android.net.cts.EthernetManagerTest.EthernetStateListener.CallbackEntry.InterfaceStateChanged
import android.os.Build
import android.os.Handler
-import android.os.HandlerExecutor
import android.os.Looper
+import android.os.OutcomeReceiver
import android.os.SystemProperties
+import android.os.Process
import android.platform.test.annotations.AppModeFull
import android.util.ArraySet
import androidx.test.platform.app.InstrumentationRegistry
import com.android.net.module.util.ArrayTrackRecord
import com.android.net.module.util.TrackRecord
-import com.android.testutils.anyNetwork
+import com.android.testutils.ConnectivityModuleTest
import com.android.testutils.DevSdkIgnoreRule
import com.android.testutils.DevSdkIgnoreRunner
+import com.android.testutils.DeviceInfoUtils.isKernelVersionAtLeast
import com.android.testutils.RecorderCallback.CallbackEntry.Available
+import com.android.testutils.RecorderCallback.CallbackEntry.CapabilitiesChanged
import com.android.testutils.RecorderCallback.CallbackEntry.Lost
import com.android.testutils.RouterAdvertisementResponder
import com.android.testutils.TapPacketReader
import com.android.testutils.TestableNetworkCallback
+import com.android.testutils.anyNetwork
+import com.android.testutils.assertThrows
import com.android.testutils.runAsShell
import com.android.testutils.waitForIdle
import org.junit.After
@@ -71,10 +83,14 @@
import org.junit.Before
import org.junit.Test
import org.junit.runner.RunWith
+import java.io.IOException
import java.net.Inet6Address
+import java.util.Random
+import java.net.Socket
import java.util.concurrent.CompletableFuture
import java.util.concurrent.ExecutionException
import java.util.concurrent.TimeUnit
+import java.util.concurrent.TimeoutException
import java.util.function.IntConsumer
import kotlin.test.assertEquals
import kotlin.test.assertFailsWith
@@ -84,59 +100,86 @@
import kotlin.test.assertTrue
import kotlin.test.fail
-// TODO: try to lower this timeout in the future. Currently, ethernet tests are still flaky because
-// the interface is not ready fast enough (mostly due to the up / up / down / up issue).
+private const val TAG = "EthernetManagerTest"
private const val TIMEOUT_MS = 2000L
-private const val NO_CALLBACK_TIMEOUT_MS = 200L
+// Timeout used to confirm no callbacks matching given criteria are received. Must be long enough to
+// process all callbacks including ip provisioning when using the updateConfiguration API.
+// Note that increasing this timeout increases the test duration.
+private const val NO_CALLBACK_TIMEOUT_MS = 500L
+
private val DEFAULT_IP_CONFIGURATION = IpConfiguration(IpConfiguration.IpAssignment.DHCP,
- IpConfiguration.ProxySettings.NONE, null, null)
+ IpConfiguration.ProxySettings.NONE, null, null)
private val ETH_REQUEST: NetworkRequest = NetworkRequest.Builder()
- .addTransportType(TRANSPORT_TEST)
- .addTransportType(TRANSPORT_ETHERNET)
- .removeCapability(NET_CAPABILITY_TRUSTED)
- .build()
+ .addTransportType(TRANSPORT_TEST)
+ .addTransportType(TRANSPORT_ETHERNET)
+ .removeCapability(NET_CAPABILITY_TRUSTED)
+ .build()
+private val STATIC_IP_CONFIGURATION = IpConfiguration.Builder()
+ .setStaticIpConfiguration(StaticIpConfiguration.Builder()
+ .setIpAddress(LinkAddress("192.0.2.1/30")).build())
+ .build()
@AppModeFull(reason = "Instant apps can't access EthernetManager")
// EthernetManager is not updatable before T, so tests do not need to be backwards compatible.
@RunWith(DevSdkIgnoreRunner::class)
+// This test depends on behavior introduced post-T as part of connectivity module updates
+@ConnectivityModuleTest
@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
class EthernetManagerTest {
private val context by lazy { InstrumentationRegistry.getInstrumentation().context }
private val em by lazy { context.getSystemService(EthernetManager::class.java) }
private val cm by lazy { context.getSystemService(ConnectivityManager::class.java) }
+ private val handler by lazy { Handler(Looper.getMainLooper()) }
private val ifaceListener = EthernetStateListener()
private val createdIfaces = ArrayList<EthernetTestInterface>()
private val addedListeners = ArrayList<EthernetStateListener>()
- private val networkRequests = ArrayList<TestableNetworkCallback>()
+ private val registeredCallbacks = ArrayList<TestableNetworkCallback>()
private var tetheredInterfaceRequest: TetheredInterfaceRequest? = null
private class EthernetTestInterface(
context: Context,
- private val handler: Handler
+ private val handler: Handler,
+ hasCarrier: Boolean
) {
private val tapInterface: TestNetworkInterface
private val packetReader: TapPacketReader
private val raResponder: RouterAdvertisementResponder
- val interfaceName get() = tapInterface.interfaceName
+ private val tnm: TestNetworkManager
+ val name get() = tapInterface.interfaceName
init {
- tapInterface = runAsShell(MANAGE_TEST_NETWORKS) {
- val tnm = context.getSystemService(TestNetworkManager::class.java)
- tnm.createTapInterface(false /* bringUp */)
+ tnm = runAsShell(MANAGE_TEST_NETWORKS) {
+ context.getSystemService(TestNetworkManager::class.java)
}
- val mtu = 1500
+ tapInterface = runAsShell(MANAGE_TEST_NETWORKS) {
+ // Configuring a tun/tap interface always enables the carrier. If hasCarrier is
+ // false, it is subsequently disabled. This means that the interface may briefly get
+ // link. With IPv6 provisioning delays (RS delay and DAD) disabled, this can cause
+ // tests that expect no network to come up when hasCarrier is false to become flaky.
+ tnm.createTapInterface(hasCarrier, false /* bringUp */)
+ }
+ val mtu = tapInterface.mtu
packetReader = TapPacketReader(handler, tapInterface.fileDescriptor.fileDescriptor, mtu)
raResponder = RouterAdvertisementResponder(packetReader)
- raResponder.addRouterEntry(MacAddress.fromString("01:23:45:67:89:ab"),
- InetAddresses.parseNumericAddress("fe80::abcd") as Inet6Address)
+ val iidString = "fe80::${Integer.toHexString(Random().nextInt(65536))}"
+ val linklocal = InetAddresses.parseNumericAddress(iidString) as Inet6Address
+ raResponder.addRouterEntry(MacAddress.fromString("01:23:45:67:89:ab"), linklocal)
packetReader.startAsyncForTest()
raResponder.start()
}
+ // WARNING: this function requires kernel support. Call assumeChangingCarrierSupported() at
+ // the top of your test.
+ fun setCarrierEnabled(enabled: Boolean) {
+ runAsShell(MANAGE_TEST_NETWORKS) {
+ tnm.setCarrierEnabled(tapInterface, enabled)
+ }
+ }
+
fun destroy() {
raResponder.stop()
handler.post({ packetReader.stop() })
@@ -158,9 +201,35 @@
val state: Int,
val role: Int,
val configuration: IpConfiguration?
- ) : CallbackEntry()
+ ) : CallbackEntry() {
+ override fun toString(): String {
+ val stateString = when (state) {
+ STATE_ABSENT -> "STATE_ABSENT"
+ STATE_LINK_UP -> "STATE_LINK_UP"
+ STATE_LINK_DOWN -> "STATE_LINK_DOWN"
+ else -> state.toString()
+ }
+ val roleString = when (role) {
+ ROLE_NONE -> "ROLE_NONE"
+ ROLE_CLIENT -> "ROLE_CLIENT"
+ ROLE_SERVER -> "ROLE_SERVER"
+ else -> role.toString()
+ }
+ return ("InterfaceStateChanged(iface=$iface, state=$stateString, " +
+ "role=$roleString, ipConfig=$configuration)")
+ }
+ }
- data class EthernetStateChanged(val state: Int) : CallbackEntry()
+ data class EthernetStateChanged(val state: Int) : CallbackEntry() {
+ override fun toString(): String {
+ val stateString = when (state) {
+ ETHERNET_STATE_ENABLED -> "ETHERNET_STATE_ENABLED"
+ ETHERNET_STATE_DISABLED -> "ETHERNET_STATE_DISABLED"
+ else -> state.toString()
+ }
+ return "EthernetStateChanged(state=$stateString)"
+ }
+ }
}
override fun onInterfaceStateChanged(
@@ -183,7 +252,7 @@
}
fun expectCallback(iface: EthernetTestInterface, state: Int, role: Int) {
- expectCallback(createChangeEvent(iface.interfaceName, state, role))
+ expectCallback(createChangeEvent(iface.name, state, role))
}
fun expectCallback(state: Int) {
@@ -200,16 +269,14 @@
fun eventuallyExpect(expected: CallbackEntry) = events.poll(TIMEOUT_MS) { it == expected }
- fun eventuallyExpect(interfaceName: String, state: Int, role: Int) {
- assertNotNull(eventuallyExpect(createChangeEvent(interfaceName, state, role)))
- }
-
fun eventuallyExpect(iface: EthernetTestInterface, state: Int, role: Int) {
- eventuallyExpect(iface.interfaceName, state, role)
+ val event = createChangeEvent(iface.name, state, role)
+ assertNotNull(eventuallyExpect(event), "Never received expected $event")
}
fun eventuallyExpect(state: Int) {
- assertNotNull(eventuallyExpect(EthernetStateChanged(state)))
+ val event = EthernetStateChanged(state)
+ assertNotNull(eventuallyExpect(event), "Never received expected $event")
}
fun assertNoCallback() {
@@ -246,6 +313,37 @@
}
}
+ private class EthernetOutcomeReceiver :
+ OutcomeReceiver<String, EthernetNetworkManagementException> {
+ private val result = CompletableFuture<String>()
+
+ override fun onResult(iface: String) {
+ assertFalse(result.isDone())
+ result.complete(iface)
+ }
+
+ override fun onError(e: EthernetNetworkManagementException) {
+ assertFalse(result.isDone())
+ result.completeExceptionally(e)
+ }
+
+ fun expectResult(expected: String) {
+ assertEquals(expected, result.get(TIMEOUT_MS, TimeUnit.MILLISECONDS))
+ }
+
+ fun expectError() {
+ // Assert that the future fails with EthernetNetworkManagementException from the
+ // completeExceptionally() call inside onUnavailable.
+ assertFailsWith(EthernetNetworkManagementException::class) {
+ try {
+ result.get()
+ } catch (e: ExecutionException) {
+ throw e.cause!!
+ }
+ }
+ }
+ }
+
private fun isEthernetSupported() = em != null
@Before
@@ -253,6 +351,12 @@
assumeTrue(isEthernetSupported())
setIncludeTestInterfaces(true)
addInterfaceStateListener(ifaceListener)
+ // Handler.post() events may get processed after native fd events, so it is possible that
+ // RTM_NEWLINK (from a subsequent createInterface() call) arrives before the interface state
+ // listener is registered. This affects the callbacks and breaks the tests.
+ // setEthernetEnabled() will always wait on a callback, so it is used as a barrier to ensure
+ // proper listener registration before proceeding.
+ setEthernetEnabled(true)
}
@After
@@ -272,26 +376,45 @@
for (listener in addedListeners) {
em.removeInterfaceStateListener(listener)
}
- networkRequests.forEach { cm.unregisterNetworkCallback(it) }
+ registeredCallbacks.forEach { cm.unregisterNetworkCallback(it) }
releaseTetheredInterface()
}
+ // Setting the carrier up / down relies on TUNSETCARRIER which was added in kernel version 5.0.
+ private fun assumeChangingCarrierSupported() = assumeTrue(isKernelVersionAtLeast("5.0.0"))
+
+ private fun isAdbOverEthernet(): Boolean {
+ // If no ethernet interface is available, adb is not connected over ethernet.
+ if (em.getInterfaceList().isEmpty()) return false
+
+ // cuttlefish is special and does not connect adb over ethernet.
+ if (SystemProperties.get("ro.product.board", "") == "cutf") return false
+
+ // Check if adb is connected over the network.
+ return (SystemProperties.getInt("persist.adb.tcp.port", -1) > -1 ||
+ SystemProperties.getInt("service.adb.tcp.port", -1) > -1)
+ }
+
private fun addInterfaceStateListener(listener: EthernetStateListener) {
runAsShell(CONNECTIVITY_USE_RESTRICTED_NETWORKS) {
- em.addInterfaceStateListener(HandlerExecutor(Handler(Looper.getMainLooper())), listener)
+ em.addInterfaceStateListener(handler::post, listener)
}
addedListeners.add(listener)
}
- private fun createInterface(): EthernetTestInterface {
+ // WARNING: setting hasCarrier to false requires kernel support. Call
+ // assumeChangingCarrierSupported() at the top of your test.
+ private fun createInterface(hasCarrier: Boolean = true): EthernetTestInterface {
val iface = EthernetTestInterface(
context,
- Handler(Looper.getMainLooper())
+ handler,
+ hasCarrier
).also { createdIfaces.add(it) }
- with(ifaceListener) {
- // when an interface comes up, we should always see a down cb before an up cb.
- eventuallyExpect(iface, STATE_LINK_DOWN, ROLE_CLIENT)
- expectCallback(iface, STATE_LINK_UP, ROLE_CLIENT)
+
+ // when an interface comes up, we should always see a down cb before an up cb.
+ ifaceListener.eventuallyExpect(iface, STATE_LINK_DOWN, ROLE_CLIENT)
+ if (hasCarrier) {
+ ifaceListener.expectCallback(iface, STATE_LINK_UP, ROLE_CLIENT)
}
return iface
}
@@ -311,18 +434,20 @@
private fun requestNetwork(request: NetworkRequest): TestableNetworkCallback {
return TestableNetworkCallback().also {
cm.requestNetwork(request, it)
- networkRequests.add(it)
+ registeredCallbacks.add(it)
}
}
- private fun releaseNetwork(cb: TestableNetworkCallback) {
- cm.unregisterNetworkCallback(cb)
- networkRequests.remove(cb)
+ private fun registerNetworkListener(request: NetworkRequest): TestableNetworkCallback {
+ return TestableNetworkCallback().also {
+ cm.registerNetworkCallback(request, it)
+ registeredCallbacks.add(it)
+ }
}
private fun requestTetheredInterface() = TetheredInterfaceListener().also {
tetheredInterfaceRequest = runAsShell(NETWORK_SETTINGS) {
- em.requestTetheredInterface(HandlerExecutor(Handler(Looper.getMainLooper())), it)
+ em.requestTetheredInterface(handler::post, it)
}
}
@@ -333,11 +458,45 @@
}
}
+ private fun releaseRequest(cb: TestableNetworkCallback) {
+ cm.unregisterNetworkCallback(cb)
+ registeredCallbacks.remove(cb)
+ }
+
+ private fun disableInterface(iface: EthernetTestInterface) = EthernetOutcomeReceiver().also {
+ runAsShell(MANAGE_TEST_NETWORKS) {
+ em.disableInterface(iface.name, handler::post, it)
+ }
+ }
+
+ private fun enableInterface(iface: EthernetTestInterface) = EthernetOutcomeReceiver().also {
+ runAsShell(MANAGE_TEST_NETWORKS) {
+ em.enableInterface(iface.name, handler::post, it)
+ }
+ }
+
+ private fun updateConfiguration(
+ iface: EthernetTestInterface,
+ ipConfig: IpConfiguration? = null,
+ capabilities: NetworkCapabilities? = null
+ ) = EthernetOutcomeReceiver().also {
+ runAsShell(MANAGE_TEST_NETWORKS) {
+ em.updateConfiguration(
+ iface.name,
+ EthernetNetworkUpdateRequest.Builder()
+ .setIpConfiguration(ipConfig)
+ .setNetworkCapabilities(capabilities).build(),
+ handler::post,
+ it)
+ }
+ }
+
+ // WARNING: check that isAdbOverEthernet() is false before calling setEthernetEnabled(false).
private fun setEthernetEnabled(enabled: Boolean) {
runAsShell(NETWORK_SETTINGS) { em.setEthernetEnabled(enabled) }
val listener = EthernetStateListener()
- em.addEthernetStateListener(HandlerExecutor(Handler(Looper.getMainLooper())), listener)
+ em.addEthernetStateListener(handler::post, listener)
try {
listener.eventuallyExpect(
if (enabled) ETHERNET_STATE_ENABLED else ETHERNET_STATE_DISABLED)
@@ -346,21 +505,48 @@
}
}
- private fun NetworkRequest.createCopyWithEthernetSpecifier(ifaceName: String) =
+ // NetworkRequest.Builder does not create a copy of the passed NetworkRequest, so in order to
+ // keep ETH_REQUEST as it is, a defensive copy is created here.
+ private fun NetworkRequest.copyWithEthernetSpecifier(ifaceName: String) =
NetworkRequest.Builder(NetworkRequest(ETH_REQUEST))
.setNetworkSpecifier(EthernetNetworkSpecifier(ifaceName)).build()
// It can take multiple seconds for the network to become available.
private fun TestableNetworkCallback.expectAvailable() =
- expectCallback<Available>(anyNetwork(), 5000/*ms timeout*/).network
+ expectCallback<Available>(anyNetwork(), 5000 /* ms timeout */).network
+
+ private fun TestableNetworkCallback.expectLost(n: Network = anyNetwork()) =
+ expectCallback<Lost>(n, 5000 /* ms timeout */)
// b/233534110: eventuallyExpect<Lost>() does not advance ReadHead, use
// eventuallyExpect(Lost::class) instead.
private fun TestableNetworkCallback.eventuallyExpectLost(n: Network? = null) =
eventuallyExpect(Lost::class, TIMEOUT_MS) { n?.equals(it.network) ?: true }
- private fun TestableNetworkCallback.assertNotLost(n: Network? = null) =
- assertNoCallbackThat() { it is Lost && (n?.equals(it.network) ?: true) }
+ private fun TestableNetworkCallback.assertNeverLost(n: Network? = null) =
+ assertNoCallbackThat(NO_CALLBACK_TIMEOUT_MS) {
+ it is Lost && (n?.equals(it.network) ?: true)
+ }
+
+ private fun TestableNetworkCallback.assertNeverAvailable(n: Network? = null) =
+ assertNoCallbackThat() { it is Available && (n?.equals(it.network) ?: true) }
+
+ private fun TestableNetworkCallback.expectCapabilitiesWithInterfaceName(name: String) =
+ expectCapabilitiesThat(anyNetwork()) {
+ it.networkSpecifier == EthernetNetworkSpecifier(name)
+ }
+
+ private fun TestableNetworkCallback.expectCapabilitiesWith(cap: Int) =
+ expectCapabilitiesThat(anyNetwork(), TIMEOUT_MS) {
+ it.hasCapability(cap)
+ }
+
+ private fun TestableNetworkCallback.expectLinkPropertiesWithLinkAddress(addr: LinkAddress) =
+ expectLinkPropertiesThat(anyNetwork(), TIMEOUT_MS) {
+ // LinkAddress.equals isn't possible as the system changes the LinkAddress.flags value.
+ // any() must be used since the interface may also have a link-local address.
+ it.linkAddresses.any { x -> x.isSameAddressAs(addr) }
+ }
@Test
fun testCallbacks() {
@@ -372,9 +558,7 @@
// If an interface appears, existing callbacks see it.
val iface2 = createInterface()
- // TODO: fix the up/up/down/up callbacks and only send down/up. Change to expectCallback
- // once that is fixed.
- listener1.eventuallyExpect(iface2, STATE_LINK_DOWN, ROLE_CLIENT)
+ listener1.expectCallback(iface2, STATE_LINK_DOWN, ROLE_CLIENT)
listener1.expectCallback(iface2, STATE_LINK_UP, ROLE_CLIENT)
// Register a new listener, it should see state of all existing interfaces immediately.
@@ -397,32 +581,64 @@
}
}
- // TODO: this function is now used in two places (EthernetManagerTest and
- // EthernetTetheringTest), so it should be moved to testutils.
- private fun isAdbOverNetwork(): Boolean {
- // If adb TCP port opened, this test may running by adb over network.
- return (SystemProperties.getInt("persist.adb.tcp.port", -1) > -1 ||
- SystemProperties.getInt("service.adb.tcp.port", -1) > -1)
+ @Test
+ fun testCallbacks_withRunningInterface() {
+ // This test disables ethernet, so check that adb is not connected over ethernet.
+ assumeFalse(isAdbOverEthernet())
+ assumeTrue(em.getInterfaceList().isEmpty())
+ val iface = createInterface()
+ val listener = EthernetStateListener()
+ addInterfaceStateListener(listener)
+ listener.eventuallyExpect(iface, STATE_LINK_UP, ROLE_CLIENT)
+
+ // Remove running interface. The interface stays running but is no longer tracked.
+ setEthernetEnabled(false)
+ listener.expectCallback(iface, STATE_ABSENT, ROLE_NONE)
+
+ setEthernetEnabled(true)
+ listener.expectCallback(iface, STATE_LINK_UP, ROLE_CLIENT)
+ listener.assertNoCallback()
+ }
+
+ private fun assumeNoInterfaceForTetheringAvailable() {
+ // Interfaces that have configured NetworkCapabilities will never be used for tethering,
+ // see aosp/2123900.
+ try {
+ // assumeException does not exist.
+ requestTetheredInterface().expectOnAvailable()
+ // interface used for tethering is available, throw an assumption error.
+ assumeTrue(false)
+ } catch (e: TimeoutException) {
+ // do nothing -- the TimeoutException indicates that no interface is available for
+ // tethering.
+ releaseTetheredInterface()
+ }
}
@Test
fun testCallbacks_forServerModeInterfaces() {
- // do not run this test when adb might be connected over ethernet.
- assumeFalse(isAdbOverNetwork())
+ // do not run this test if an interface that can be used for tethering already exists.
+ assumeNoInterfaceForTetheringAvailable()
+
+ val iface = createInterface()
+ requestTetheredInterface().expectOnAvailable()
val listener = EthernetStateListener()
addInterfaceStateListener(listener)
-
- // it is possible that a physical interface is present, so it is not guaranteed that iface
- // will be put into server mode. This should not matter for the test though. Calling
- // createInterface() makes sure we have at least one interface available.
- val iface = createInterface()
- val cb = requestTetheredInterface()
- val ifaceName = cb.expectOnAvailable()
- listener.eventuallyExpect(ifaceName, STATE_LINK_UP, ROLE_SERVER)
+ // TODO(b/236895792): THIS IS A BUG! Existing server mode interfaces are not reported when
+ // an InterfaceStateListener is registered.
+ // Note: using eventuallyExpect as there may be other interfaces present.
+ // listener.eventuallyExpect(iface, STATE_LINK_UP, ROLE_SERVER)
releaseTetheredInterface()
- listener.eventuallyExpect(ifaceName, STATE_LINK_UP, ROLE_CLIENT)
+ listener.eventuallyExpect(iface, STATE_LINK_UP, ROLE_CLIENT)
+
+ requestTetheredInterface().expectOnAvailable()
+ // This should be changed to expectCallback, once b/236895792 is fixed.
+ listener.eventuallyExpect(iface, STATE_LINK_UP, ROLE_SERVER)
+
+ releaseTetheredInterface()
+ listener.expectCallback(iface, STATE_LINK_UP, ROLE_CLIENT)
}
/**
@@ -439,11 +655,8 @@
assertTrue(polledIfaces.add(iface), "Duplicate interface $iface returned")
assertTrue(ifaces.contains(iface), "Untracked interface $iface returned")
// If the event's iface was created in the test, additional criteria can be validated.
- createdIfaces.find { it.interfaceName.equals(iface) }?.let {
- assertEquals(event,
- listener.createChangeEvent(it.interfaceName,
- STATE_LINK_UP,
- ROLE_CLIENT))
+ createdIfaces.find { it.name.equals(iface) }?.let {
+ assertEquals(event, listener.createChangeEvent(it.name, STATE_LINK_UP, ROLE_CLIENT))
}
}
// Assert all callbacks are accounted for.
@@ -452,87 +665,75 @@
@Test
fun testGetInterfaceList() {
- setIncludeTestInterfaces(true)
-
// Create two test interfaces and check the return list contains the interface names.
val iface1 = createInterface()
val iface2 = createInterface()
var ifaces = em.getInterfaceList()
assertTrue(ifaces.size > 0)
- assertTrue(ifaces.contains(iface1.interfaceName))
- assertTrue(ifaces.contains(iface2.interfaceName))
+ assertTrue(ifaces.contains(iface1.name))
+ assertTrue(ifaces.contains(iface2.name))
// Remove one existing test interface and check the return list doesn't contain the
// removed interface name.
removeInterface(iface1)
ifaces = em.getInterfaceList()
- assertFalse(ifaces.contains(iface1.interfaceName))
- assertTrue(ifaces.contains(iface2.interfaceName))
+ assertFalse(ifaces.contains(iface1.name))
+ assertTrue(ifaces.contains(iface2.name))
removeInterface(iface2)
}
@Test
fun testNetworkRequest_withSingleExistingInterface() {
- setIncludeTestInterfaces(true)
createInterface()
// install a listener which will later be used to verify the Lost callback
- val listenerCb = TestableNetworkCallback()
- cm.registerNetworkCallback(ETH_REQUEST, listenerCb)
- networkRequests.add(listenerCb)
+ val listenerCb = registerNetworkListener(ETH_REQUEST)
val cb = requestNetwork(ETH_REQUEST)
val network = cb.expectAvailable()
- cb.assertNotLost()
- releaseNetwork(cb)
+ cb.assertNeverLost()
+ releaseRequest(cb)
listenerCb.eventuallyExpectLost(network)
}
@Test
fun testNetworkRequest_beforeSingleInterfaceIsUp() {
- setIncludeTestInterfaces(true)
-
val cb = requestNetwork(ETH_REQUEST)
- // bring up interface after network has been requested
+ // bring up interface after network has been requested.
+ // Note: there is no guarantee that the NetworkRequest has been processed before the
+ // interface is actually created. That being said, it takes a few seconds between calling
+ // createInterface and the interface actually being properly registered with the ethernet
+ // module, so it is extremely unlikely that the CS handler thread has not run until then.
val iface = createInterface()
val network = cb.expectAvailable()
// remove interface before network request has been removed
- cb.assertNotLost()
+ cb.assertNeverLost()
removeInterface(iface)
cb.eventuallyExpectLost()
-
- releaseNetwork(cb)
}
@Test
fun testNetworkRequest_withMultipleInterfaces() {
- setIncludeTestInterfaces(true)
-
val iface1 = createInterface()
val iface2 = createInterface()
- val cb = requestNetwork(ETH_REQUEST.createCopyWithEthernetSpecifier(iface2.interfaceName))
+ val cb = requestNetwork(ETH_REQUEST.copyWithEthernetSpecifier(iface2.name))
val network = cb.expectAvailable()
- cb.expectCapabilitiesThat(network) {
- it.networkSpecifier == EthernetNetworkSpecifier(iface2.interfaceName)
- }
+ cb.expectCapabilitiesWithInterfaceName(iface2.name)
removeInterface(iface1)
- cb.assertNotLost()
+ cb.assertNeverLost()
removeInterface(iface2)
cb.eventuallyExpectLost()
-
- releaseNetwork(cb)
}
@Test
fun testNetworkRequest_withInterfaceBeingReplaced() {
- setIncludeTestInterfaces(true)
val iface1 = createInterface()
val cb = requestNetwork(ETH_REQUEST)
@@ -540,36 +741,220 @@
// create another network and verify the request sticks to the current network
val iface2 = createInterface()
- cb.assertNotLost()
+ cb.assertNeverLost()
// remove iface1 and verify the request brings up iface2
removeInterface(iface1)
cb.eventuallyExpectLost(network)
val network2 = cb.expectAvailable()
-
- releaseNetwork(cb)
}
@Test
fun testNetworkRequest_withMultipleInterfacesAndRequests() {
- setIncludeTestInterfaces(true)
val iface1 = createInterface()
val iface2 = createInterface()
- val cb1 = requestNetwork(ETH_REQUEST.createCopyWithEthernetSpecifier(iface1.interfaceName))
- val cb2 = requestNetwork(ETH_REQUEST.createCopyWithEthernetSpecifier(iface2.interfaceName))
+ val cb1 = requestNetwork(ETH_REQUEST.copyWithEthernetSpecifier(iface1.name))
+ val cb2 = requestNetwork(ETH_REQUEST.copyWithEthernetSpecifier(iface2.name))
val cb3 = requestNetwork(ETH_REQUEST)
cb1.expectAvailable()
+ cb1.expectCapabilitiesWithInterfaceName(iface1.name)
cb2.expectAvailable()
+ cb2.expectCapabilitiesWithInterfaceName(iface2.name)
+ // this request can be matched by either network.
cb3.expectAvailable()
- cb1.assertNotLost()
- cb2.assertNotLost()
- cb3.assertNotLost()
+ cb1.assertNeverLost()
+ cb2.assertNeverLost()
+ cb3.assertNeverLost()
+ }
- releaseNetwork(cb1)
- releaseNetwork(cb2)
- releaseNetwork(cb3)
+ @Test
+ fun testNetworkRequest_ensureProperRefcounting() {
+ // create first request before interface is up / exists; create another request after it has
+ // been created; release one of them and check that the network stays up.
+ val listener = registerNetworkListener(ETH_REQUEST)
+ val cb1 = requestNetwork(ETH_REQUEST)
+
+ val iface = createInterface()
+ val network = cb1.expectAvailable()
+
+ val cb2 = requestNetwork(ETH_REQUEST)
+ cb2.expectAvailable()
+
+ // release the first request; this used to trigger b/197548738
+ releaseRequest(cb1)
+
+ cb2.assertNeverLost()
+ releaseRequest(cb2)
+ listener.eventuallyExpectLost(network)
+ }
+
+ @Test
+ fun testNetworkRequest_forInterfaceWhileTogglingCarrier() {
+ assumeChangingCarrierSupported()
+
+ val iface = createInterface(false /* hasCarrier */)
+
+ val cb = requestNetwork(ETH_REQUEST)
+ cb.assertNeverAvailable()
+
+ iface.setCarrierEnabled(true)
+ cb.expectAvailable()
+
+ iface.setCarrierEnabled(false)
+ cb.eventuallyExpectLost()
+ }
+
+ @Test
+ fun testRemoveInterface_whileInServerMode() {
+ assumeNoInterfaceForTetheringAvailable()
+
+ val listener = EthernetStateListener()
+ addInterfaceStateListener(listener)
+
+ val iface = createInterface()
+ val ifaceName = requestTetheredInterface().expectOnAvailable()
+
+ assertEquals(iface.name, ifaceName)
+ listener.eventuallyExpect(iface, STATE_LINK_UP, ROLE_SERVER)
+
+ removeInterface(iface)
+
+ // Note: removeInterface already verifies that a STATE_ABSENT, ROLE_NONE callback is
+ // received, but it can't hurt to explicitly check for it.
+ listener.expectCallback(iface, STATE_ABSENT, ROLE_NONE)
+ releaseTetheredInterface()
+ listener.assertNoCallback()
+ }
+
+ @Test
+ fun testEnableDisableInterface_withActiveRequest() {
+ val iface = createInterface()
+ val cb = requestNetwork(ETH_REQUEST)
+ cb.expectAvailable()
+ cb.assertNeverLost()
+
+ disableInterface(iface).expectResult(iface.name)
+ cb.eventuallyExpectLost()
+
+ enableInterface(iface).expectResult(iface.name)
+ cb.expectAvailable()
+ }
+
+ @Test
+ fun testEnableDisableInterface_withoutStateChange() {
+ val iface = createInterface()
+ // Interface is already enabled, so enableInterface() should return success
+ enableInterface(iface).expectResult(iface.name)
+
+ disableInterface(iface).expectResult(iface.name)
+ // Interface is already disabled, so disableInterface() should return success.
+ disableInterface(iface).expectResult(iface.name)
+ }
+
+ @Test
+ fun testEnableDisableInterface_withMissingInterface() {
+ val iface = createInterface()
+ removeInterface(iface)
+ // Interface does not exist, enable/disableInterface() should both return an error.
+ enableInterface(iface).expectError()
+ disableInterface(iface).expectError()
+ }
+
+ @Test
+ fun testUpdateConfiguration_forBothIpConfigAndCapabilities() {
+ val iface = createInterface()
+ val cb = requestNetwork(ETH_REQUEST.copyWithEthernetSpecifier(iface.name))
+ val network = cb.expectAvailable()
+ cb.assertNeverLost()
+
+ val testCapability = NET_CAPABILITY_TEMPORARILY_NOT_METERED
+ val nc = NetworkCapabilities
+ .Builder(ETH_REQUEST.networkCapabilities)
+ .addCapability(testCapability)
+ .build()
+ updateConfiguration(iface, STATIC_IP_CONFIGURATION, nc).expectResult(iface.name)
+
+ // UpdateConfiguration() currently does a restarts on the ethernet interface therefore lost
+ // will be expected first before available, as part of the restart.
+ cb.expectLost(network)
+ cb.expectAvailable()
+ cb.expectCapabilitiesWith(testCapability)
+ cb.expectLinkPropertiesWithLinkAddress(
+ STATIC_IP_CONFIGURATION.staticIpConfiguration.ipAddress!!)
+ }
+
+ @Test
+ fun testUpdateConfiguration_forOnlyIpConfig() {
+ val iface = createInterface()
+ val cb = requestNetwork(ETH_REQUEST.copyWithEthernetSpecifier(iface.name))
+ val network = cb.expectAvailable()
+ cb.assertNeverLost()
+
+ updateConfiguration(iface, STATIC_IP_CONFIGURATION).expectResult(iface.name)
+
+ // UpdateConfiguration() currently does a restarts on the ethernet interface therefore lost
+ // will be expected first before available, as part of the restart.
+ cb.expectLost(network)
+ cb.expectAvailable()
+ cb.expectCallback<CapabilitiesChanged>()
+ cb.expectLinkPropertiesWithLinkAddress(
+ STATIC_IP_CONFIGURATION.staticIpConfiguration.ipAddress!!)
+ }
+
+ @Test
+ fun testUpdateConfiguration_forOnlyCapabilities() {
+ val iface = createInterface()
+ val cb = requestNetwork(ETH_REQUEST.copyWithEthernetSpecifier(iface.name))
+ val network = cb.expectAvailable()
+ cb.assertNeverLost()
+
+ val testCapability = NET_CAPABILITY_TEMPORARILY_NOT_METERED
+ val nc = NetworkCapabilities
+ .Builder(ETH_REQUEST.networkCapabilities)
+ .addCapability(testCapability)
+ .build()
+ updateConfiguration(iface, capabilities = nc).expectResult(iface.name)
+
+ // UpdateConfiguration() currently does a restarts on the ethernet interface therefore lost
+ // will be expected first before available, as part of the restart.
+ cb.expectLost(network)
+ cb.expectAvailable()
+ cb.expectCapabilitiesWith(testCapability)
+ }
+
+ @Test
+ fun testUpdateConfiguration_forAllowedUids() {
+ // Configure a restricted network.
+ val iface = createInterface()
+ val request = NetworkRequest.Builder(ETH_REQUEST.copyWithEthernetSpecifier(iface.name))
+ .removeCapability(NET_CAPABILITY_NOT_RESTRICTED).build()
+ updateConfiguration(iface, capabilities = request.networkCapabilities)
+ .expectResult(iface.name)
+
+ // Request the restricted network as the shell with CONNECTIVITY_USE_RESTRICTED_NETWORKS.
+ val cb = runAsShell(CONNECTIVITY_USE_RESTRICTED_NETWORKS) { requestNetwork(request) }
+ val network = cb.expectAvailable()
+ cb.assertNeverLost(network)
+
+ // The network is restricted therefore binding to it when available will fail.
+ Socket().use { socket ->
+ assertThrows(IOException::class.java, { network.bindSocket(socket) })
+ }
+
+ // Add the test process UID to the allowed UIDs for the network and ultimately bind again.
+ val allowedUids = setOf(Process.myUid())
+ val nc = NetworkCapabilities.Builder(request.networkCapabilities)
+ .setAllowedUids(allowedUids).build()
+ updateConfiguration(iface, capabilities = nc).expectResult(iface.name)
+
+ // UpdateConfiguration() currently does a restart on the ethernet interface therefore lost
+ // will be expected first before available, as part of the restart.
+ cb.expectLost(network)
+ val updatedNetwork = cb.expectAvailable()
+ // With the test process UID allowed, binding to a restricted network should be successful.
+ Socket().use { socket -> updatedNetwork.bindSocket(socket) }
}
}
diff --git a/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt b/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
index d4f3d57..d2cd7aa 100644
--- a/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
+++ b/tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
@@ -73,6 +73,8 @@
import android.os.Message
import android.os.SystemClock
import android.platform.test.annotations.AppModeFull
+import android.system.OsConstants.IPPROTO_TCP
+import android.system.OsConstants.IPPROTO_UDP
import android.telephony.TelephonyManager
import android.telephony.data.EpsBearerQosSessionAttributes
import android.util.DebugUtils.valueToString
@@ -117,6 +119,7 @@
import org.mockito.Mockito.mock
import org.mockito.Mockito.timeout
import org.mockito.Mockito.verify
+import java.io.Closeable
import java.io.IOException
import java.net.DatagramSocket
import java.net.InetAddress
@@ -174,7 +177,7 @@
private val mFakeConnectivityService = FakeConnectivityService()
private val agentsToCleanUp = mutableListOf<NetworkAgent>()
private val callbacksToCleanUp = mutableListOf<TestableNetworkCallback>()
- private var qosTestSocket: Socket? = null
+ private var qosTestSocket: Closeable? = null // either Socket or DatagramSocket
@Before
fun setUp() {
@@ -930,34 +933,49 @@
}
}
- private fun setupForQosCallbackTesting(): Pair<TestableNetworkAgent, Socket> {
- val request = NetworkRequest.Builder()
- .clearCapabilities()
- .addTransportType(TRANSPORT_TEST)
- .build()
+ private fun <T : Closeable> setupForQosCallbackTest(creator: (TestableNetworkAgent) -> T) =
+ createConnectedNetworkAgent().first.let { Pair(it, creator(it)) }
- val callback = TestableNetworkCallback(timeoutMs = DEFAULT_TIMEOUT_MS)
- requestNetwork(request, callback)
- val (agent, _) = createConnectedNetworkAgent()
+ private fun setupForQosSocket() = setupForQosCallbackTest {
+ agent: TestableNetworkAgent -> Socket()
+ .also { assertNotNull(agent.network?.bindSocket(it))
+ it.bind(InetSocketAddress(InetAddress.getLoopbackAddress(), 0)) }
+ }
- qosTestSocket = assertNotNull(agent.network?.socketFactory?.createSocket()).also {
- it.bind(InetSocketAddress(InetAddress.getLoopbackAddress(), 0))
- }
- return Pair(agent, qosTestSocket!!)
+ private fun setupForQosDatagram() = setupForQosCallbackTest {
+ agent: TestableNetworkAgent -> DatagramSocket(
+ InetSocketAddress(InetAddress.getLoopbackAddress(), 0))
+ .also { assertNotNull(agent.network?.bindSocket(it)) }
}
@AppModeFull(reason = "Instant apps don't have permission to bind sockets.")
@Test
- fun testQosCallbackRegisterWithUnregister() {
- val (agent, socket) = setupForQosCallbackTesting()
+ fun testQosCallbackRegisterAndUnregister() {
+ validateQosCallbackRegisterAndUnregister(IPPROTO_TCP)
+ }
+ @AppModeFull(reason = "Instant apps don't have permission to bind sockets.")
+ @Test
+ fun testQosCallbackRegisterAndUnregisterWithDatagramSocket() {
+ validateQosCallbackRegisterAndUnregister(IPPROTO_UDP)
+ }
+
+ private fun validateQosCallbackRegisterAndUnregister(proto: Int) {
+ val (agent, qosTestSocket) = when (proto) {
+ IPPROTO_TCP -> setupForQosSocket()
+ IPPROTO_UDP -> setupForQosDatagram()
+ else -> fail("unsupported protocol")
+ }
val qosCallback = TestableQosCallback()
var callbackId = -1
Executors.newSingleThreadExecutor().let { executor ->
try {
- val info = QosSocketInfo(agent.network!!, socket)
+ val info = QosSocketInfo(agent, qosTestSocket)
mCM.registerQosCallback(info, executor, qosCallback)
- callbackId = agent.expectCallback<OnRegisterQosCallback>().callbackId
+ agent.expectCallback<OnRegisterQosCallback>().let {
+ callbackId = it.callbackId
+ assertTrue(it.filter.matchesProtocol(proto))
+ }
assertFailsWith<QosCallbackRegistrationException>(
"The same callback cannot be " +
@@ -965,7 +983,7 @@
mCM.registerQosCallback(info, executor, qosCallback)
}
} finally {
- socket.close()
+ qosTestSocket.close()
mCM.unregisterQosCallback(qosCallback)
agent.expectCallback<OnUnregisterQosCallback> { it.callbackId == callbackId }
executor.shutdown()
@@ -976,11 +994,31 @@
@AppModeFull(reason = "Instant apps don't have permission to bind sockets.")
@Test
fun testQosCallbackOnQosSession() {
- val (agent, socket) = setupForQosCallbackTesting()
+ validateQosCallbackOnQosSession(IPPROTO_TCP)
+ }
+
+ @AppModeFull(reason = "Instant apps don't have permission to bind sockets.")
+ @Test
+ fun testQosCallbackOnQosSessionWithDatagramSocket() {
+ validateQosCallbackOnQosSession(IPPROTO_UDP)
+ }
+
+ fun QosSocketInfo(agent: NetworkAgent, socket: Closeable) = when (socket) {
+ is Socket -> QosSocketInfo(agent.network, socket)
+ is DatagramSocket -> QosSocketInfo(agent.network, socket)
+ else -> fail("unexpected socket type")
+ }
+
+ private fun validateQosCallbackOnQosSession(proto: Int) {
+ val (agent, qosTestSocket) = when (proto) {
+ IPPROTO_TCP -> setupForQosSocket()
+ IPPROTO_UDP -> setupForQosDatagram()
+ else -> fail("unsupported protocol")
+ }
val qosCallback = TestableQosCallback()
Executors.newSingleThreadExecutor().let { executor ->
try {
- val info = QosSocketInfo(agent.network!!, socket)
+ val info = QosSocketInfo(agent, qosTestSocket)
assertEquals(agent.network, info.getNetwork())
mCM.registerQosCallback(info, executor, qosCallback)
val callbackId = agent.expectCallback<OnRegisterQosCallback>().callbackId
@@ -1009,8 +1047,7 @@
agent.sendQosSessionLost(callbackId, sessId, QosSession.TYPE_EPS_BEARER)
qosCallback.assertNoCallback()
} finally {
- socket.close()
-
+ qosTestSocket.close()
// safety precaution
mCM.unregisterQosCallback(qosCallback)
@@ -1022,11 +1059,11 @@
@AppModeFull(reason = "Instant apps don't have permission to bind sockets.")
@Test
fun testQosCallbackOnError() {
- val (agent, socket) = setupForQosCallbackTesting()
+ val (agent, qosTestSocket) = setupForQosSocket()
val qosCallback = TestableQosCallback()
Executors.newSingleThreadExecutor().let { executor ->
try {
- val info = QosSocketInfo(agent.network!!, socket)
+ val info = QosSocketInfo(agent.network!!, qosTestSocket)
mCM.registerQosCallback(info, executor, qosCallback)
val callbackId = agent.expectCallback<OnRegisterQosCallback>().callbackId
@@ -1048,7 +1085,7 @@
agent.sendQosSessionLost(callbackId, sessId, QosSession.TYPE_EPS_BEARER)
qosCallback.assertNoCallback()
} finally {
- socket.close()
+ qosTestSocket.close()
// Make sure that the callback is fully unregistered
mCM.unregisterQosCallback(qosCallback)
@@ -1061,12 +1098,12 @@
@AppModeFull(reason = "Instant apps don't have permission to bind sockets.")
@Test
fun testQosCallbackIdsAreMappedCorrectly() {
- val (agent, socket) = setupForQosCallbackTesting()
+ val (agent, qosTestSocket) = setupForQosSocket()
val qosCallback1 = TestableQosCallback()
val qosCallback2 = TestableQosCallback()
Executors.newSingleThreadExecutor().let { executor ->
try {
- val info = QosSocketInfo(agent.network!!, socket)
+ val info = QosSocketInfo(agent.network!!, qosTestSocket)
mCM.registerQosCallback(info, executor, qosCallback1)
val callbackId1 = agent.expectCallback<OnRegisterQosCallback>().callbackId
@@ -1088,7 +1125,7 @@
qosCallback1.assertNoCallback()
qosCallback2.expectCallback<OnQosSessionAvailable> { sessId2 == it.sess.sessionId }
} finally {
- socket.close()
+ qosTestSocket.close()
// Make sure that the callback is fully unregistered
mCM.unregisterQosCallback(qosCallback1)
@@ -1102,13 +1139,13 @@
@AppModeFull(reason = "Instant apps don't have permission to bind sockets.")
@Test
fun testQosCallbackWhenNetworkReleased() {
- val (agent, socket) = setupForQosCallbackTesting()
+ val (agent, qosTestSocket) = setupForQosSocket()
Executors.newSingleThreadExecutor().let { executor ->
try {
val qosCallback1 = TestableQosCallback()
val qosCallback2 = TestableQosCallback()
try {
- val info = QosSocketInfo(agent.network!!, socket)
+ val info = QosSocketInfo(agent.network!!, qosTestSocket)
mCM.registerQosCallback(info, executor, qosCallback1)
mCM.registerQosCallback(info, executor, qosCallback2)
agent.unregister()
@@ -1121,12 +1158,12 @@
it.ex.cause is NetworkReleasedException
}
} finally {
- socket.close()
+ qosTestSocket.close()
mCM.unregisterQosCallback(qosCallback1)
mCM.unregisterQosCallback(qosCallback2)
}
} finally {
- socket.close()
+ qosTestSocket.close()
executor.shutdown()
}
}
diff --git a/tests/cts/net/src/android/net/cts/NetworkScoreTest.kt b/tests/cts/net/src/android/net/cts/NetworkScoreTest.kt
index 8f17199..eb41d71 100644
--- a/tests/cts/net/src/android/net/cts/NetworkScoreTest.kt
+++ b/tests/cts/net/src/android/net/cts/NetworkScoreTest.kt
@@ -34,6 +34,7 @@
import com.android.compatibility.common.util.SystemUtil.runWithShellPermissionIdentity
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo
import com.android.testutils.DevSdkIgnoreRunner
+import com.android.testutils.RecorderCallback.CallbackEntry
import com.android.testutils.TestableNetworkCallback
import com.android.testutils.TestableNetworkCallback.HasNetwork
import org.junit.After
@@ -76,7 +77,18 @@
@After
fun tearDown() {
- agentsToCleanUp.forEach { it.unregister() }
+ val agentCleanUpCb = TestableNetworkCallback(TIMEOUT_MS).also { cb ->
+ mCm.registerNetworkCallback(
+ NetworkRequest.Builder().clearCapabilities()
+ .addTransportType(NetworkCapabilities.TRANSPORT_TEST).build(), cb, mHandler
+ )
+ }
+ agentsToCleanUp.forEach {
+ it.unregister()
+ agentCleanUpCb.eventuallyExpect<CallbackEntry.Lost> { cb -> cb.network == it.network }
+ }
+ mCm.unregisterNetworkCallback(agentCleanUpCb)
+
mHandlerThread.quitSafely()
callbacksToCleanUp.forEach { mCm.unregisterNetworkCallback(it) }
}
diff --git a/tests/cts/net/src/android/net/cts/NetworkStatsManagerTest.java b/tests/cts/net/src/android/net/cts/NetworkStatsManagerTest.java
index d618915..f86c5cd 100644
--- a/tests/cts/net/src/android/net/cts/NetworkStatsManagerTest.java
+++ b/tests/cts/net/src/android/net/cts/NetworkStatsManagerTest.java
@@ -56,6 +56,7 @@
import android.net.NetworkStatsHistory;
import android.net.TrafficStats;
import android.net.netstats.NetworkStatsDataMigrationUtils;
+import android.os.Build;
import android.os.Handler;
import android.os.HandlerThread;
import android.os.Process;
@@ -99,7 +100,7 @@
@RunWith(AndroidJUnit4.class)
public class NetworkStatsManagerTest {
@Rule
- public final DevSdkIgnoreRule ignoreRule = new DevSdkIgnoreRule(SC_V2 /* ignoreClassUpTo */);
+ public final DevSdkIgnoreRule ignoreRule = new DevSdkIgnoreRule(Build.VERSION_CODES.Q);
private static final String LOG_TAG = "NetworkStatsManagerTest";
private static final String APPOPS_SET_SHELL_COMMAND = "appops set {0} {1} {2}";
@@ -870,10 +871,9 @@
}
}
+ @DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
@Test
public void testDataMigrationUtils() throws Exception {
- if (!SdkLevel.isAtLeastT()) return;
-
final List<String> prefixes = List.of(PREFIX_UID, PREFIX_XT, PREFIX_UID_TAG);
for (final String prefix : prefixes) {
final long duration = TextUtils.equals(PREFIX_XT, prefix) ? TimeUnit.HOURS.toMillis(1)
diff --git a/tests/cts/net/src/android/net/cts/NetworkValidationTestUtil.kt b/tests/cts/net/src/android/net/cts/NetworkValidationTestUtil.kt
index 391d03a..375bfb8 100644
--- a/tests/cts/net/src/android/net/cts/NetworkValidationTestUtil.kt
+++ b/tests/cts/net/src/android/net/cts/NetworkValidationTestUtil.kt
@@ -16,16 +16,11 @@
package android.net.cts
-import android.Manifest
-import android.net.util.NetworkStackUtils
+import android.Manifest.permission.WRITE_DEVICE_CONFIG
import android.provider.DeviceConfig
import android.provider.DeviceConfig.NAMESPACE_CONNECTIVITY
-import android.util.Log
+import com.android.net.module.util.NetworkStackConstants
import com.android.testutils.runAsShell
-import com.android.testutils.tryTest
-import java.util.concurrent.CompletableFuture
-import java.util.concurrent.Executor
-import java.util.concurrent.TimeUnit
/**
* Collection of utility methods for configuring network validation.
@@ -38,81 +33,43 @@
* Clear the test network validation URLs.
*/
@JvmStatic fun clearValidationTestUrlsDeviceConfig() {
- setHttpsUrlDeviceConfig(null)
- setHttpUrlDeviceConfig(null)
- setUrlExpirationDeviceConfig(null)
+ runAsShell(WRITE_DEVICE_CONFIG) {
+ DeviceConfig.setProperty(NAMESPACE_CONNECTIVITY,
+ NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTPS_URL, null, false)
+ DeviceConfig.setProperty(NAMESPACE_CONNECTIVITY,
+ NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTP_URL, null, false)
+ DeviceConfig.setProperty(NAMESPACE_CONNECTIVITY,
+ NetworkStackConstants.TEST_URL_EXPIRATION_TIME, null, false)
+ }
}
/**
* Set the test validation HTTPS URL.
*
- * @see NetworkStackUtils.TEST_CAPTIVE_PORTAL_HTTPS_URL
+ * @see NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTPS_URL
*/
- @JvmStatic fun setHttpsUrlDeviceConfig(url: String?) =
- setConfig(NetworkStackUtils.TEST_CAPTIVE_PORTAL_HTTPS_URL, url)
+ @JvmStatic
+ fun setHttpsUrlDeviceConfig(rule: DeviceConfigRule, url: String?) =
+ rule.setConfig(NAMESPACE_CONNECTIVITY,
+ NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTPS_URL, url)
/**
* Set the test validation HTTP URL.
*
- * @see NetworkStackUtils.TEST_CAPTIVE_PORTAL_HTTP_URL
+ * @see NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTP_URL
*/
- @JvmStatic fun setHttpUrlDeviceConfig(url: String?) =
- setConfig(NetworkStackUtils.TEST_CAPTIVE_PORTAL_HTTP_URL, url)
+ @JvmStatic
+ fun setHttpUrlDeviceConfig(rule: DeviceConfigRule, url: String?) =
+ rule.setConfig(NAMESPACE_CONNECTIVITY,
+ NetworkStackConstants.TEST_CAPTIVE_PORTAL_HTTP_URL, url)
/**
* Set the test validation URL expiration.
*
- * @see NetworkStackUtils.TEST_URL_EXPIRATION_TIME
+ * @see NetworkStackConstants.TEST_URL_EXPIRATION_TIME
*/
- @JvmStatic fun setUrlExpirationDeviceConfig(timestamp: Long?) =
- setConfig(NetworkStackUtils.TEST_URL_EXPIRATION_TIME, timestamp?.toString())
-
- private fun setConfig(configKey: String, value: String?): String? {
- Log.i(TAG, "Setting config \"$configKey\" to \"$value\"")
- val readWritePermissions = arrayOf(
- Manifest.permission.READ_DEVICE_CONFIG,
- Manifest.permission.WRITE_DEVICE_CONFIG)
-
- val existingValue = runAsShell(*readWritePermissions) {
- DeviceConfig.getProperty(NAMESPACE_CONNECTIVITY, configKey)
- }
- if (existingValue == value) {
- // Already the correct value. There may be a race if a change is already in flight,
- // but if multiple threads update the config there is no way to fix that anyway.
- Log.i(TAG, "\$configKey\" already had value \"$value\"")
- return value
- }
-
- val future = CompletableFuture<String>()
- val listener = DeviceConfig.OnPropertiesChangedListener {
- // The listener receives updates for any change to any key, so don't react to
- // changes that do not affect the relevant key
- if (!it.keyset.contains(configKey)) return@OnPropertiesChangedListener
- if (it.getString(configKey, null) == value) {
- future.complete(value)
- }
- }
-
- return tryTest {
- runAsShell(*readWritePermissions) {
- DeviceConfig.addOnPropertiesChangedListener(
- NAMESPACE_CONNECTIVITY,
- inlineExecutor,
- listener)
- DeviceConfig.setProperty(
- NAMESPACE_CONNECTIVITY,
- configKey,
- value,
- false /* makeDefault */)
- // Don't drop the permission until the config is applied, just in case
- future.get(TIMEOUT_MS, TimeUnit.MILLISECONDS)
- }.also {
- Log.i(TAG, "Config \"$configKey\" successfully set to \"$value\"")
- }
- } cleanup {
- DeviceConfig.removeOnPropertiesChangedListener(listener)
- }
- }
-
- private val inlineExecutor get() = Executor { r -> r.run() }
+ @JvmStatic
+ fun setUrlExpirationDeviceConfig(rule: DeviceConfigRule, timestamp: Long?) =
+ rule.setConfig(NAMESPACE_CONNECTIVITY,
+ NetworkStackConstants.TEST_URL_EXPIRATION_TIME, timestamp?.toString())
}
diff --git a/tests/cts/net/src/android/net/cts/NsdManagerTest.kt b/tests/cts/net/src/android/net/cts/NsdManagerTest.kt
index 64cc97d..d598830 100644
--- a/tests/cts/net/src/android/net/cts/NsdManagerTest.kt
+++ b/tests/cts/net/src/android/net/cts/NsdManagerTest.kt
@@ -16,6 +16,7 @@
package android.net.cts
import android.Manifest.permission.MANAGE_TEST_NETWORKS
+import android.app.compat.CompatChanges
import android.net.ConnectivityManager
import android.net.ConnectivityManager.NetworkCallback
import android.net.LinkProperties
@@ -46,6 +47,7 @@
import android.net.nsd.NsdManager.RegistrationListener
import android.net.nsd.NsdManager.ResolveListener
import android.net.nsd.NsdServiceInfo
+import android.os.Build
import android.os.Handler
import android.os.HandlerThread
import android.os.Process.myTid
@@ -56,17 +58,24 @@
import com.android.net.module.util.ArrayTrackRecord
import com.android.net.module.util.TrackRecord
import com.android.networkstack.apishim.NsdShimImpl
+import com.android.testutils.ConnectivityModuleTest
+import com.android.testutils.DevSdkIgnoreRule
import com.android.testutils.TestableNetworkAgent
import com.android.testutils.TestableNetworkCallback
+import com.android.testutils.filters.CtsNetTestCasesMaxTargetSdk30
import com.android.testutils.runAsShell
import com.android.testutils.tryTest
+import com.android.testutils.waitForIdle
import org.junit.After
import org.junit.Assert.assertArrayEquals
+import org.junit.Assert.assertFalse
import org.junit.Assert.assertTrue
import org.junit.Assume.assumeTrue
import org.junit.Before
+import org.junit.Rule
import org.junit.Test
import org.junit.runner.RunWith
+import java.io.File
import java.net.ServerSocket
import java.nio.charset.StandardCharsets
import java.util.Random
@@ -89,6 +98,10 @@
@AppModeFull(reason = "Socket cannot bind in instant app mode")
@RunWith(AndroidJUnit4::class)
class NsdManagerTest {
+ // Rule used to filter CtsNetTestCasesMaxTargetSdkXX
+ @get:Rule
+ val ignoreRule = DevSdkIgnoreRule()
+
private val context by lazy { InstrumentationRegistry.getInstrumentation().context }
private val nsdManager by lazy { context.getSystemService(NsdManager::class.java) }
@@ -109,6 +122,7 @@
cm.unregisterNetworkCallback(requestCb)
agent.unregister()
iface.fileDescriptor.close()
+ agent.waitForIdle(TIMEOUT_MS)
}
}
@@ -279,7 +293,7 @@
val agent = registerTestNetworkAgent(iface.interfaceName)
val network = agent.network ?: fail("Registered agent should have a network")
// The network has no INTERNET capability, so will be marked validated immediately
- cb.expectAvailableThenValidatedCallbacks(network)
+ cb.expectAvailableThenValidatedCallbacks(network, TIMEOUT_MS)
return TestTapNetwork(iface, cb, agent, network)
}
@@ -307,6 +321,7 @@
testNetwork2.close(cm)
}
}
+ handlerThread.waitForIdle(TIMEOUT_MS)
handlerThread.quitSafely()
}
@@ -692,6 +707,30 @@
}
}
+ @Test @CtsNetTestCasesMaxTargetSdk30("Socket is started with the service up to target SDK 30")
+ fun testManagerCreatesLegacySocket() {
+ nsdManager // Ensure the lazy-init member is initialized, so NsdManager is created
+ val socket = File("/dev/socket/mdnsd")
+ val timeout = System.currentTimeMillis() + TIMEOUT_MS
+ while (!socket.exists() && System.currentTimeMillis() < timeout) {
+ Thread.sleep(10)
+ }
+ assertTrue("$socket was not found after $TIMEOUT_MS ms", socket.exists())
+ }
+
+ // The compat change is part of a connectivity module update that applies to T+
+ @ConnectivityModuleTest @DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ @Test @CtsNetTestCasesMaxTargetSdk30("Socket is started with the service up to target SDK 30")
+ fun testManagerCreatesLegacySocket_CompatChange() {
+ // The socket may have been already created by some other app, or some other test, in which
+ // case this test cannot verify creation. At least verify that the compat change is
+ // disabled in a process with max SDK 30; unit tests already verify that start is requested
+ // when the compat change is disabled.
+ // Note that before T the compat constant had a different int value.
+ assertFalse(CompatChanges.isChangeEnabled(
+ NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER))
+ }
+
/**
* Register a service and return its registration record.
*/
diff --git a/tests/cts/net/src/android/net/cts/QosCallbackExceptionTest.java b/tests/cts/net/src/android/net/cts/QosCallbackExceptionTest.java
index cd43a34..ffb34e6 100644
--- a/tests/cts/net/src/android/net/cts/QosCallbackExceptionTest.java
+++ b/tests/cts/net/src/android/net/cts/QosCallbackExceptionTest.java
@@ -17,6 +17,7 @@
package android.net.cts;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
@@ -24,6 +25,8 @@
import android.net.QosCallbackException;
import android.net.SocketLocalAddressChangedException;
import android.net.SocketNotBoundException;
+import android.net.SocketNotConnectedException;
+import android.net.SocketRemoteAddressChangedException;
import android.os.Build;
import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
@@ -36,12 +39,6 @@
@IgnoreUpTo(Build.VERSION_CODES.R)
public class QosCallbackExceptionTest {
private static final String ERROR_MESSAGE = "Test Error Message";
- private static final String ERROR_MSG_SOCK_NOT_BOUND = "The socket is unbound";
- private static final String ERROR_MSG_NET_RELEASED =
- "The network was released and is no longer available";
- private static final String ERROR_MSG_SOCK_ADDR_CHANGED =
- "The local address of the socket changed";
-
@Test
public void testQosCallbackException() throws Exception {
@@ -57,33 +54,65 @@
public void testNetworkReleasedExceptions() throws Exception {
final Throwable netReleasedException = new NetworkReleasedException();
final QosCallbackException exception = new QosCallbackException(netReleasedException);
-
- assertTrue(exception.getCause() instanceof NetworkReleasedException);
- assertEquals(netReleasedException, exception.getCause());
- assertTrue(exception.getMessage().contains(ERROR_MSG_NET_RELEASED));
- assertThrowableMessageContains(exception, ERROR_MSG_NET_RELEASED);
+ validateQosCallbackException(
+ exception, netReleasedException, NetworkReleasedException.class);
}
@Test
public void testSocketNotBoundExceptions() throws Exception {
final Throwable sockNotBoundException = new SocketNotBoundException();
final QosCallbackException exception = new QosCallbackException(sockNotBoundException);
-
- assertTrue(exception.getCause() instanceof SocketNotBoundException);
- assertEquals(sockNotBoundException, exception.getCause());
- assertTrue(exception.getMessage().contains(ERROR_MSG_SOCK_NOT_BOUND));
- assertThrowableMessageContains(exception, ERROR_MSG_SOCK_NOT_BOUND);
+ validateQosCallbackException(
+ exception, sockNotBoundException, SocketNotBoundException.class);
}
@Test
public void testSocketLocalAddressChangedExceptions() throws Exception {
- final Throwable localAddrChangedException = new SocketLocalAddressChangedException();
- final QosCallbackException exception = new QosCallbackException(localAddrChangedException);
+ final Throwable localAddressChangedException = new SocketLocalAddressChangedException();
+ final QosCallbackException exception =
+ new QosCallbackException(localAddressChangedException);
+ validateQosCallbackException(
+ exception, localAddressChangedException, SocketLocalAddressChangedException.class);
+ }
- assertTrue(exception.getCause() instanceof SocketLocalAddressChangedException);
- assertEquals(localAddrChangedException, exception.getCause());
- assertTrue(exception.getMessage().contains(ERROR_MSG_SOCK_ADDR_CHANGED));
- assertThrowableMessageContains(exception, ERROR_MSG_SOCK_ADDR_CHANGED);
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S)
+ public void testSocketNotConnectedExceptions() throws Exception {
+ final Throwable sockNotConnectedException = new SocketNotConnectedException();
+ final QosCallbackException exception = new QosCallbackException(sockNotConnectedException);
+ validateQosCallbackException(
+ exception, sockNotConnectedException, SocketNotConnectedException.class);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S)
+ public void testSocketRemoteAddressChangedExceptions() throws Exception {
+ final Throwable remoteAddressChangedException = new SocketRemoteAddressChangedException();
+ final QosCallbackException exception =
+ new QosCallbackException(remoteAddressChangedException);
+ validateQosCallbackException(
+ exception, remoteAddressChangedException,
+ SocketRemoteAddressChangedException.class);
+ }
+
+ private void validateQosCallbackException(
+ QosCallbackException e, Throwable cause, Class c) throws Exception {
+ if (c == SocketNotConnectedException.class) {
+ assertTrue(e.getCause() instanceof SocketNotConnectedException);
+ } else if (c == SocketRemoteAddressChangedException.class) {
+ assertTrue(e.getCause() instanceof SocketRemoteAddressChangedException);
+ } else if (c == SocketLocalAddressChangedException.class) {
+ assertTrue(e.getCause() instanceof SocketLocalAddressChangedException);
+ } else if (c == SocketNotBoundException.class) {
+ assertTrue(e.getCause() instanceof SocketNotBoundException);
+ } else if (c == NetworkReleasedException.class) {
+ assertTrue(e.getCause() instanceof NetworkReleasedException);
+ } else {
+ fail("unexpected error msg.");
+ }
+ assertEquals(cause, e.getCause());
+ assertFalse(e.getMessage().isEmpty());
+ assertThrowableMessageContains(e, e.getMessage());
}
private void assertThrowableMessageContains(QosCallbackException exception, String errorMsg)
diff --git a/tests/cts/net/src/android/net/cts/TunUtils.java b/tests/cts/net/src/android/net/cts/TunUtils.java
index d8e39b4..0377160 100644
--- a/tests/cts/net/src/android/net/cts/TunUtils.java
+++ b/tests/cts/net/src/android/net/cts/TunUtils.java
@@ -27,12 +27,13 @@
import android.os.ParcelFileDescriptor;
+import com.android.net.module.util.CollectionUtils;
+
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
-import java.util.Collections;
import java.util.List;
import java.util.function.Predicate;
@@ -170,7 +171,7 @@
*/
private static boolean isEspFailIfSpecifiedPlaintextFound(
byte[] pkt, int spi, boolean encap, byte[] plaintext) {
- if (Collections.indexOfSubList(Arrays.asList(pkt), Arrays.asList(plaintext)) != -1) {
+ if (CollectionUtils.indexOfSubArray(pkt, plaintext) != -1) {
fail("Banned plaintext packet found");
}
diff --git a/tests/cts/net/util/java/android/net/cts/util/CtsNetUtils.java b/tests/cts/net/util/java/android/net/cts/util/CtsNetUtils.java
index 7254319..9d1fa60 100644
--- a/tests/cts/net/util/java/android/net/cts/util/CtsNetUtils.java
+++ b/tests/cts/net/util/java/android/net/cts/util/CtsNetUtils.java
@@ -16,11 +16,13 @@
package android.net.cts.util;
+import static android.Manifest.permission.NETWORK_SETTINGS;
import static android.net.NetworkCapabilities.NET_CAPABILITY_INTERNET;
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
import static android.net.NetworkCapabilities.TRANSPORT_TEST;
import static com.android.compatibility.common.util.PropertyUtil.getFirstApiLevel;
+import static com.android.testutils.TestPermissionUtil.runAsShell;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
@@ -288,7 +290,8 @@
filter.addAction(ConnectivityManager.CONNECTIVITY_ACTION);
mContext.registerReceiver(receiver, filter);
- final WifiInfo wifiInfo = mWifiManager.getConnectionInfo();
+ final WifiInfo wifiInfo = runAsShell(NETWORK_SETTINGS,
+ () -> mWifiManager.getConnectionInfo());
final boolean wasWifiConnected = wifiInfo != null && wifiInfo.getNetworkId() != -1;
// Assert that we can establish a TCP connection on wifi.
Socket wifiBoundSocket = null;
@@ -354,7 +357,7 @@
public Network connectToCell() throws InterruptedException {
if (cellConnectAttempted()) {
- throw new IllegalStateException("Already connected");
+ mCm.unregisterNetworkCallback(mCellNetworkCallback);
}
NetworkRequest cellRequest = new NetworkRequest.Builder()
.addTransportType(TRANSPORT_CELLULAR)
diff --git a/tests/cts/net/util/java/android/net/cts/util/CtsTetheringUtils.java b/tests/cts/net/util/java/android/net/cts/util/CtsTetheringUtils.java
index 8c5372d..8b904bc 100644
--- a/tests/cts/net/util/java/android/net/cts/util/CtsTetheringUtils.java
+++ b/tests/cts/net/util/java/android/net/cts/util/CtsTetheringUtils.java
@@ -16,12 +16,18 @@
package android.net.cts.util;
+import static android.Manifest.permission.ACCESS_NETWORK_STATE;
+import static android.Manifest.permission.ACCESS_WIFI_STATE;
+import static android.Manifest.permission.NETWORK_SETTINGS;
+import static android.Manifest.permission.TETHER_PRIVILEGED;
import static android.net.TetheringManager.TETHERING_WIFI;
import static android.net.TetheringManager.TETHER_ERROR_NO_ERROR;
import static android.net.TetheringManager.TETHER_HARDWARE_OFFLOAD_FAILED;
import static android.net.TetheringManager.TETHER_HARDWARE_OFFLOAD_STARTED;
import static android.net.TetheringManager.TETHER_HARDWARE_OFFLOAD_STOPPED;
+import static com.android.testutils.TestPermissionUtil.runAsShell;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
@@ -46,6 +52,7 @@
import android.os.ConditionVariable;
import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;
import com.android.compatibility.common.util.SystemUtil;
import com.android.net.module.util.ArrayTrackRecord;
@@ -290,13 +297,12 @@
}));
}
- public TetheringInterface expectTetheredInterfacesChanged(
- @NonNull final List<String> regexs, final int type) {
+ @Nullable
+ public TetheringInterface pollTetheredInterfacesChanged(
+ @NonNull final List<String> regexs, final int type, long timeOutMs) {
while (true) {
- final CallbackValue cv = mCurrent.poll(TIMEOUT_MS, c -> true);
- if (cv == null) {
- fail("No expected tethered ifaces callback, expected type: " + type);
- }
+ final CallbackValue cv = mCurrent.poll(timeOutMs, c -> true);
+ if (cv == null) return null;
if (cv.callbackType != CallbackType.ON_TETHERED_IFACES) continue;
@@ -310,6 +316,19 @@
}
}
+ @NonNull
+ public TetheringInterface expectTetheredInterfacesChanged(
+ @NonNull final List<String> regexs, final int type) {
+ final TetheringInterface iface = pollTetheredInterfacesChanged(regexs, type,
+ TIMEOUT_MS);
+
+ if (iface == null) {
+ fail("No expected tethered ifaces callback, expected type: " + type);
+ }
+
+ return iface;
+ }
+
public void expectCallbackStarted() {
// This method uses its own readhead because it just check whether last tethering status
// is updated after TetheringEventCallback get registered but do not check content
@@ -396,9 +415,14 @@
}
}
+ private static boolean isWifiEnabled(final WifiManager wm) {
+ return runAsShell(ACCESS_WIFI_STATE, () -> wm.isWifiEnabled());
+
+ }
+
private static void waitForWifiEnabled(final Context ctx) throws Exception {
WifiManager wm = ctx.getSystemService(WifiManager.class);
- if (wm.isWifiEnabled()) return;
+ if (isWifiEnabled(wm)) return;
final ConditionVariable mWaiting = new ConditionVariable();
final BroadcastReceiver receiver = new BroadcastReceiver() {
@@ -406,7 +430,7 @@
public void onReceive(Context context, Intent intent) {
String action = intent.getAction();
if (WifiManager.WIFI_STATE_CHANGED_ACTION.equals(action)) {
- if (wm.isWifiEnabled()) mWaiting.open();
+ if (isWifiEnabled(wm)) mWaiting.open();
}
}
};
@@ -414,7 +438,7 @@
ctx.registerReceiver(receiver, new IntentFilter(WifiManager.WIFI_STATE_CHANGED_ACTION));
if (!mWaiting.block(DEFAULT_TIMEOUT_MS)) {
assertTrue("Wifi did not become enabled after " + DEFAULT_TIMEOUT_MS + "ms",
- wm.isWifiEnabled());
+ isWifiEnabled(wm));
}
} finally {
ctx.unregisterReceiver(receiver);
@@ -425,14 +449,16 @@
final TestTetheringEventCallback tetherEventCallback =
new TestTetheringEventCallback();
- mTm.registerTetheringEventCallback(c -> c.run() /* executor */, tetherEventCallback);
- tetherEventCallback.expectCallbackStarted();
+ runAsShell(ACCESS_NETWORK_STATE, NETWORK_SETTINGS, () -> {
+ mTm.registerTetheringEventCallback(c -> c.run() /* executor */, tetherEventCallback);
+ tetherEventCallback.expectCallbackStarted();
+ });
return tetherEventCallback;
}
public void unregisterTetheringEventCallback(final TestTetheringEventCallback callback) {
- mTm.unregisterTetheringEventCallback(callback);
+ runAsShell(ACCESS_NETWORK_STATE, () -> mTm.unregisterTetheringEventCallback(callback));
}
private static List<String> getWifiTetherableInterfaceRegexps(
@@ -446,11 +472,11 @@
if (!pm.hasSystemFeature(PackageManager.FEATURE_WIFI)) return false;
final WifiManager wm = ctx.getSystemService(WifiManager.class);
// Wifi feature flags only work when wifi is on.
- final boolean previousWifiEnabledState = wm.isWifiEnabled();
+ final boolean previousWifiEnabledState = isWifiEnabled(wm);
try {
if (!previousWifiEnabledState) SystemUtil.runShellCommand("svc wifi enable");
waitForWifiEnabled(ctx);
- return wm.isPortableHotspotSupported();
+ return runAsShell(ACCESS_WIFI_STATE, () -> wm.isPortableHotspotSupported());
} finally {
if (!previousWifiEnabledState) SystemUtil.runShellCommand("svc wifi disable");
}
@@ -463,17 +489,20 @@
final StartTetheringCallback startTetheringCallback = new StartTetheringCallback();
final TetheringRequest request = new TetheringRequest.Builder(TETHERING_WIFI)
.setShouldShowEntitlementUi(false).build();
- mTm.startTethering(request, c -> c.run() /* executor */, startTetheringCallback);
- startTetheringCallback.verifyTetheringStarted();
- final TetheringInterface iface =
- callback.expectTetheredInterfacesChanged(wifiRegexs, TETHERING_WIFI);
+ return runAsShell(TETHER_PRIVILEGED, () -> {
+ mTm.startTethering(request, c -> c.run() /* executor */, startTetheringCallback);
+ startTetheringCallback.verifyTetheringStarted();
- callback.expectOneOfOffloadStatusChanged(
- TETHER_HARDWARE_OFFLOAD_STARTED,
- TETHER_HARDWARE_OFFLOAD_FAILED);
+ final TetheringInterface iface =
+ callback.expectTetheredInterfacesChanged(wifiRegexs, TETHERING_WIFI);
- return iface;
+ callback.expectOneOfOffloadStatusChanged(
+ TETHER_HARDWARE_OFFLOAD_STARTED,
+ TETHER_HARDWARE_OFFLOAD_FAILED);
+
+ return iface;
+ });
}
private static class StopSoftApCallback implements SoftApCallback {
@@ -501,23 +530,33 @@
public void expectSoftApDisabled() {
final StopSoftApCallback callback = new StopSoftApCallback();
try {
- mWm.registerSoftApCallback(c -> c.run(), callback);
+ runAsShell(NETWORK_SETTINGS, () -> mWm.registerSoftApCallback(c -> c.run(), callback));
// registerSoftApCallback will immediately call the callback with the current state, so
// this callback will fire even if softAp is already disabled.
callback.waitForSoftApStopped();
} finally {
- mWm.unregisterSoftApCallback(callback);
+ runAsShell(NETWORK_SETTINGS, () -> mWm.unregisterSoftApCallback(callback));
}
}
public void stopWifiTethering(final TestTetheringEventCallback callback) {
- mTm.stopTethering(TETHERING_WIFI);
+ runAsShell(TETHER_PRIVILEGED, () -> {
+ mTm.stopTethering(TETHERING_WIFI);
+ callback.expectNoTetheringActive();
+ callback.expectOneOfOffloadStatusChanged(TETHER_HARDWARE_OFFLOAD_STOPPED);
+ });
expectSoftApDisabled();
- callback.expectNoTetheringActive();
- callback.expectOneOfOffloadStatusChanged(TETHER_HARDWARE_OFFLOAD_STOPPED);
}
public void stopAllTethering() {
- mTm.stopAllTethering();
+ final TestTetheringEventCallback callback = registerTetheringEventCallback();
+ try {
+ runAsShell(TETHER_PRIVILEGED, () -> {
+ mTm.stopAllTethering();
+ callback.expectNoTetheringActive();
+ });
+ } finally {
+ unregisterTetheringEventCallback(callback);
+ }
}
}
diff --git a/tests/cts/net/util/java/android/net/cts/util/IkeSessionTestUtils.java b/tests/cts/net/util/java/android/net/cts/util/IkeSessionTestUtils.java
index 244bfc5..11eb466 100644
--- a/tests/cts/net/util/java/android/net/cts/util/IkeSessionTestUtils.java
+++ b/tests/cts/net/util/java/android/net/cts/util/IkeSessionTestUtils.java
@@ -27,6 +27,7 @@
import android.net.InetAddresses;
import android.net.ipsec.ike.ChildSaProposal;
import android.net.ipsec.ike.IkeFqdnIdentification;
+import android.net.ipsec.ike.IkeIdentification;
import android.net.ipsec.ike.IkeIpv4AddrIdentification;
import android.net.ipsec.ike.IkeIpv6AddrIdentification;
import android.net.ipsec.ike.IkeSaProposal;
@@ -57,6 +58,11 @@
}
private static IkeSessionParams getTestIkeSessionParams(boolean testIpv6) {
+ return getTestIkeSessionParams(testIpv6, new IkeFqdnIdentification(TEST_IDENTITY));
+ }
+
+ public static IkeSessionParams getTestIkeSessionParams(boolean testIpv6,
+ IkeIdentification identification) {
final String testServer = testIpv6 ? TEST_SERVER_ADDR_V6 : TEST_SERVER_ADDR_V4;
final InetAddress addr = InetAddresses.parseNumericAddress(testServer);
final IkeSessionParams.Builder ikeOptionsBuilder =
diff --git a/tests/cts/tethering/Android.bp b/tests/cts/tethering/Android.bp
index 6096a8b..42949a4 100644
--- a/tests/cts/tethering/Android.bp
+++ b/tests/cts/tethering/Android.bp
@@ -53,10 +53,12 @@
// mainline modules on release devices.
android_test {
name: "CtsTetheringTestLatestSdk",
- defaults: ["CtsTetheringTestDefaults"],
+ defaults: [
+ "ConnectivityTestsLatestSdkDefaults",
+ "CtsTetheringTestDefaults",
+ ],
min_sdk_version: "30",
- target_sdk_version: "33",
static_libs: [
"TetheringIntegrationTestsLatestSdkLib",
diff --git a/tests/cts/tethering/src/android/tethering/cts/TetheringManagerTest.java b/tests/cts/tethering/src/android/tethering/cts/TetheringManagerTest.java
index bd1b74a..274596f 100644
--- a/tests/cts/tethering/src/android/tethering/cts/TetheringManagerTest.java
+++ b/tests/cts/tethering/src/android/tethering/cts/TetheringManagerTest.java
@@ -15,6 +15,8 @@
*/
package android.tethering.test;
+import static android.Manifest.permission.MODIFY_PHONE_STATE;
+import static android.Manifest.permission.TETHER_PRIVILEGED;
import static android.content.pm.PackageManager.FEATURE_TELEPHONY;
import static android.net.NetworkCapabilities.NET_CAPABILITY_DUN;
import static android.net.NetworkCapabilities.NET_CAPABILITY_INTERNET;
@@ -28,6 +30,8 @@
import static android.net.TetheringManager.TETHER_ERROR_NO_ERROR;
import static android.net.cts.util.CtsTetheringUtils.isAnyIfaceMatch;
+import static com.android.testutils.TestPermissionUtil.runAsShell;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
@@ -37,7 +41,6 @@
import static org.junit.Assume.assumeFalse;
import static org.junit.Assume.assumeTrue;
-import android.app.UiAutomation;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
@@ -97,21 +100,8 @@
private static final int DEFAULT_TIMEOUT_MS = 60_000;
- private void adoptShellPermissionIdentity() {
- final UiAutomation uiAutomation =
- InstrumentationRegistry.getInstrumentation().getUiAutomation();
- uiAutomation.adoptShellPermissionIdentity();
- }
-
- private void dropShellPermissionIdentity() {
- final UiAutomation uiAutomation =
- InstrumentationRegistry.getInstrumentation().getUiAutomation();
- uiAutomation.dropShellPermissionIdentity();
- }
-
@Before
public void setUp() throws Exception {
- adoptShellPermissionIdentity();
mContext = InstrumentationRegistry.getContext();
mCm = (ConnectivityManager) mContext.getSystemService(Context.CONNECTIVITY_SERVICE);
mTM = (TetheringManager) mContext.getSystemService(Context.TETHERING_SERVICE);
@@ -128,9 +118,8 @@
@After
public void tearDown() throws Exception {
- mTM.stopAllTethering();
+ mCtsTetheringUtils.stopAllTethering();
mContext.unregisterReceiver(mTetherChangeReceiver);
- dropShellPermissionIdentity();
}
private class TetherChangeReceiver extends BroadcastReceiver {
@@ -208,22 +197,19 @@
mCtsTetheringUtils.registerTetheringEventCallback();
try {
tetherEventCallback.assumeWifiTetheringSupported(mContext);
+ tetherEventCallback.expectNoTetheringActive();
+
+ final String[] wifiRegexs = mTM.getTetherableWifiRegexs();
+ mCtsTetheringUtils.startWifiTethering(tetherEventCallback);
+
+ mTetherChangeReceiver.expectTethering(true /* active */, wifiRegexs);
+
+ mCtsTetheringUtils.stopWifiTethering(tetherEventCallback);
+ mTetherChangeReceiver.expectTethering(false /* active */, wifiRegexs);
} finally {
mCtsTetheringUtils.unregisterTetheringEventCallback(tetherEventCallback);
}
- final String[] wifiRegexs = mTM.getTetherableWifiRegexs();
- final StartTetheringCallback startTetheringCallback = new StartTetheringCallback();
- final TetheringRequest request = new TetheringRequest.Builder(TETHERING_WIFI)
- .setShouldShowEntitlementUi(false).build();
- mTM.startTethering(request, c -> c.run() /* executor */, startTetheringCallback);
- startTetheringCallback.verifyTetheringStarted();
-
- mTetherChangeReceiver.expectTethering(true /* active */, wifiRegexs);
-
- mTM.stopTethering(TETHERING_WIFI);
- mCtsTetheringUtils.expectSoftApDisabled();
- mTetherChangeReceiver.expectTethering(false /* active */, wifiRegexs);
}
@Test
@@ -267,7 +253,7 @@
mCtsTetheringUtils.stopWifiTethering(tetherEventCallback);
try {
- final int ret = mTM.tether(wifiTetheringIface);
+ final int ret = runAsShell(TETHER_PRIVILEGED, () -> mTM.tether(wifiTetheringIface));
// There is no guarantee that the wifi interface will be available after disabling
// the hotspot, so don't fail the test if the call to tether() fails.
if (ret == TETHER_ERROR_NO_ERROR) {
@@ -277,7 +263,7 @@
new TetheringInterface(TETHERING_WIFI, wifiTetheringIface));
}
} finally {
- mTM.untether(wifiTetheringIface);
+ runAsShell(TETHER_PRIVILEGED, () -> mTM.untether(wifiTetheringIface));
}
} finally {
mCtsTetheringUtils.unregisterTetheringEventCallback(tetherEventCallback);
@@ -320,7 +306,7 @@
mCtsTetheringUtils.startWifiTethering(tetherEventCallback);
- mTM.stopAllTethering();
+ mCtsTetheringUtils.stopAllTethering();
tetherEventCallback.expectNoTetheringActive();
} finally {
mCtsTetheringUtils.unregisterTetheringEventCallback(tetherEventCallback);
@@ -329,7 +315,6 @@
@Test
public void testEnableTetheringPermission() throws Exception {
- dropShellPermissionIdentity();
final StartTetheringCallback startTetheringCallback = new StartTetheringCallback();
mTM.startTethering(new TetheringRequest.Builder(TETHERING_WIFI).build(),
c -> c.run() /* executor */, startTetheringCallback);
@@ -352,15 +337,21 @@
private void assertEntitlementResult(final Consumer<EntitlementResultListener> functor,
final int expect) throws Exception {
- final EntitlementResultListener listener = new EntitlementResultListener();
- functor.accept(listener);
+ runAsShell(TETHER_PRIVILEGED, () -> {
+ final EntitlementResultListener listener = new EntitlementResultListener();
+ functor.accept(listener);
- assertEquals(expect, listener.get(DEFAULT_TIMEOUT_MS, TimeUnit.MILLISECONDS));
+ assertEquals(expect, listener.get(DEFAULT_TIMEOUT_MS, TimeUnit.MILLISECONDS));
+ });
+ }
+
+ private boolean isTetheringSupported() {
+ return runAsShell(TETHER_PRIVILEGED, () -> mTM.isTetheringSupported());
}
@Test
public void testRequestLatestEntitlementResult() throws Exception {
- assumeTrue(mTM.isTetheringSupported());
+ assumeTrue(isTetheringSupported());
assumeTrue(mPm.hasSystemFeature(FEATURE_TELEPHONY));
// Verify that requestLatestTetheringEntitlementResult() can get entitlement
// result(TETHER_ERROR_ENTITLEMENT_UNKNOWN due to invalid downstream type) via listener.
@@ -407,7 +398,13 @@
final CarrierConfigManager configManager = (CarrierConfigManager) mContext
.getSystemService(Context.CARRIER_CONFIG_SERVICE);
final int subId = SubscriptionManager.getDefaultSubscriptionId();
- configManager.overrideConfig(subId, bundle);
+ runAsShell(MODIFY_PHONE_STATE, () -> configManager.overrideConfig(subId, bundle));
+ }
+
+ private boolean isTetheringApnRequired() {
+ final TelephonyManager tm = mContext.getSystemService(TelephonyManager.class);
+ return runAsShell(MODIFY_PHONE_STATE, () -> tm.isTetheringApnRequired());
+
}
@Test
@@ -447,10 +444,8 @@
mCtsTetheringUtils.startWifiTethering(tetherEventCallback);
- final TelephonyManager telephonyManager = (TelephonyManager) mContext.getSystemService(
- Context.TELEPHONY_SERVICE);
- final boolean dunRequired = telephonyManager.isTetheringApnRequired();
- final int expectedCap = dunRequired ? NET_CAPABILITY_DUN : NET_CAPABILITY_INTERNET;
+ final int expectedCap = isTetheringApnRequired()
+ ? NET_CAPABILITY_DUN : NET_CAPABILITY_INTERNET;
final Network network = tetherEventCallback.getCurrentValidUpstream();
final NetworkCapabilities netCap = mCm.getNetworkCapabilities(network);
assertTrue(netCap.hasTransport(TRANSPORT_CELLULAR));
diff --git a/tests/integration/Android.bp b/tests/integration/Android.bp
index b3684ac..e3d80a0 100644
--- a/tests/integration/Android.bp
+++ b/tests/integration/Android.bp
@@ -21,7 +21,7 @@
android_test {
name: "FrameworksNetIntegrationTests",
- defaults: ["framework-connectivity-test-defaults"],
+ defaults: ["framework-connectivity-internal-test-defaults"],
platform_apis: true,
certificate: "platform",
srcs: [
@@ -71,8 +71,12 @@
"net-tests-utils",
],
libs: [
- "service-connectivity-for-tests",
+ "service-connectivity-pre-jarjar",
"services.core",
"services.net",
],
+ visibility: [
+ "//packages/modules/Connectivity/tests/integration",
+ "//packages/modules/Connectivity/tests/unit",
+ ],
}
diff --git a/tests/integration/AndroidManifest.xml b/tests/integration/AndroidManifest.xml
index 2e13689..50f02d3 100644
--- a/tests/integration/AndroidManifest.xml
+++ b/tests/integration/AndroidManifest.xml
@@ -60,7 +60,7 @@
<action android:name=".INetworkStackInstrumentation"/>
</intent-filter>
</service>
- <service android:name="com.android.server.connectivity.ipmemorystore.RegularMaintenanceJobService"
+ <service android:name="com.android.networkstack.ipmemorystore.RegularMaintenanceJobService"
android:process="com.android.server.net.integrationtests.testnetworkstack"
android:permission="android.permission.BIND_JOB_SERVICE"/>
diff --git a/tests/integration/src/com/android/server/net/integrationtests/ConnectivityServiceIntegrationTest.kt b/tests/integration/src/com/android/server/net/integrationtests/ConnectivityServiceIntegrationTest.kt
index 80338aa..26b058d 100644
--- a/tests/integration/src/com/android/server/net/integrationtests/ConnectivityServiceIntegrationTest.kt
+++ b/tests/integration/src/com/android/server/net/integrationtests/ConnectivityServiceIntegrationTest.kt
@@ -37,7 +37,7 @@
import android.net.TestNetworkStackClient
import android.net.Uri
import android.net.metrics.IpConnectivityLog
-import android.net.util.MultinetworkPolicyTracker
+import com.android.server.connectivity.MultinetworkPolicyTracker
import android.os.ConditionVariable
import android.os.IBinder
import android.os.SystemConfigManager
@@ -47,6 +47,7 @@
import androidx.test.ext.junit.runners.AndroidJUnit4
import androidx.test.platform.app.InstrumentationRegistry
import com.android.connectivity.resources.R
+import com.android.server.BpfNetMaps
import com.android.server.ConnectivityService
import com.android.server.NetworkAgentWrapper
import com.android.server.TestNetIdManager
@@ -208,11 +209,17 @@
doReturn(mock(ProxyTracker::class.java)).`when`(deps).makeProxyTracker(any(), any())
doReturn(mock(MockableSystemProperties::class.java)).`when`(deps).systemProperties
doReturn(TestNetIdManager()).`when`(deps).makeNetIdManager()
+ doReturn(mock(BpfNetMaps::class.java)).`when`(deps).getBpfNetMaps(any(), any())
doAnswer { inv ->
- object : MultinetworkPolicyTracker(inv.getArgument(0), inv.getArgument(1),
- inv.getArgument(2)) {
- override fun getResourcesForActiveSubId() = resources
- }
+ MultinetworkPolicyTracker(inv.getArgument(0),
+ inv.getArgument(1),
+ inv.getArgument(2),
+ object : MultinetworkPolicyTracker.Dependencies() {
+ override fun getResourcesForActiveSubId(
+ connResources: ConnectivityResources,
+ activeSubId: Int
+ ) = resources
+ })
}.`when`(deps).makeMultinetworkPolicyTracker(any(), any(), any())
return deps
}
diff --git a/tests/integration/src/com/android/server/net/integrationtests/TestNetworkStackService.kt b/tests/integration/src/com/android/server/net/integrationtests/TestNetworkStackService.kt
index c7cf040..361c968 100644
--- a/tests/integration/src/com/android/server/net/integrationtests/TestNetworkStackService.kt
+++ b/tests/integration/src/com/android/server/net/integrationtests/TestNetworkStackService.kt
@@ -22,8 +22,8 @@
import android.net.INetworkMonitorCallbacks
import android.net.Network
import android.net.metrics.IpConnectivityLog
-import android.net.util.SharedLog
import android.os.IBinder
+import com.android.net.module.util.SharedLog
import com.android.networkstack.netlink.TcpSocketTracker
import com.android.server.NetworkStackService
import com.android.server.NetworkStackService.NetworkMonitorConnector
diff --git a/tests/integration/util/com/android/server/NetworkAgentWrapper.java b/tests/integration/util/com/android/server/NetworkAgentWrapper.java
index 2763f5a..28edcb2 100644
--- a/tests/integration/util/com/android/server/NetworkAgentWrapper.java
+++ b/tests/integration/util/com/android/server/NetworkAgentWrapper.java
@@ -61,6 +61,7 @@
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.function.Consumer;
public class NetworkAgentWrapper implements TestableNetworkCallback.HasNetwork {
private final NetworkCapabilities mNetworkCapabilities;
@@ -83,14 +84,35 @@
private final ArrayTrackRecord<CallbackType>.ReadHead mCallbackHistory =
new ArrayTrackRecord<CallbackType>().newReadHead();
+ public static class Callbacks {
+ public final Consumer<NetworkAgent> onNetworkCreated;
+ public final Consumer<NetworkAgent> onNetworkUnwanted;
+ public final Consumer<NetworkAgent> onNetworkDestroyed;
+
+ public Callbacks() {
+ this(null, null, null);
+ }
+
+ public Callbacks(Consumer<NetworkAgent> onNetworkCreated,
+ Consumer<NetworkAgent> onNetworkUnwanted,
+ Consumer<NetworkAgent> onNetworkDestroyed) {
+ this.onNetworkCreated = onNetworkCreated;
+ this.onNetworkUnwanted = onNetworkUnwanted;
+ this.onNetworkDestroyed = onNetworkDestroyed;
+ }
+ }
+
+ private final Callbacks mCallbacks;
+
public NetworkAgentWrapper(int transport, LinkProperties linkProperties,
NetworkCapabilities ncTemplate, Context context) throws Exception {
- this(transport, linkProperties, ncTemplate, null /* provider */, context);
+ this(transport, linkProperties, ncTemplate, null /* provider */,
+ null /* callbacks */, context);
}
public NetworkAgentWrapper(int transport, LinkProperties linkProperties,
NetworkCapabilities ncTemplate, NetworkProvider provider,
- Context context) throws Exception {
+ Callbacks callbacks, Context context) throws Exception {
final int type = transportToLegacyType(transport);
final String typeName = ConnectivityManager.getNetworkTypeName(type);
mNetworkCapabilities = (ncTemplate != null) ? ncTemplate : new NetworkCapabilities();
@@ -135,6 +157,7 @@
.setLegacyTypeName(typeName)
.setLegacyExtraInfo(extraInfo)
.build();
+ mCallbacks = (callbacks != null) ? callbacks : new Callbacks();
mNetworkAgent = makeNetworkAgent(linkProperties, mNetworkAgentConfig, provider);
}
@@ -214,6 +237,31 @@
protected void removeKeepalivePacketFilter(Message msg) {
Log.i(mWrapper.mLogTag, "Remove keepalive packet filter.");
}
+
+ @Override
+ public void onNetworkCreated() {
+ super.onNetworkCreated();
+ if (mWrapper.mCallbacks.onNetworkCreated != null) {
+ mWrapper.mCallbacks.onNetworkCreated.accept(this);
+ }
+ }
+
+ @Override
+ public void onNetworkUnwanted() {
+ super.onNetworkUnwanted();
+ if (mWrapper.mCallbacks.onNetworkUnwanted != null) {
+ mWrapper.mCallbacks.onNetworkUnwanted.accept(this);
+ }
+ }
+
+ @Override
+ public void onNetworkDestroyed() {
+ super.onNetworkDestroyed();
+ if (mWrapper.mCallbacks.onNetworkDestroyed != null) {
+ mWrapper.mCallbacks.onNetworkDestroyed.accept(this);
+ }
+ }
+
}
public void setScore(@NonNull final NetworkScore score) {
@@ -221,6 +269,7 @@
mNetworkAgent.sendNetworkScore(score);
}
+ // TODO : remove adjustScore and replace with the appropriate exiting flags.
public void adjustScore(int change) {
final int newLegacyScore = mScore.getLegacyInt() + change;
final NetworkScore.Builder builder = new NetworkScore.Builder()
diff --git a/tests/mts/bpf_existence_test.cpp b/tests/mts/bpf_existence_test.cpp
index db39e6f..c7e8b97 100644
--- a/tests/mts/bpf_existence_test.cpp
+++ b/tests/mts/bpf_existence_test.cpp
@@ -31,15 +31,11 @@
using std::set;
using std::string;
+using android::bpf::isAtLeastKernelVersion;
using android::modules::sdklevel::IsAtLeastR;
using android::modules::sdklevel::IsAtLeastS;
using android::modules::sdklevel::IsAtLeastT;
-// Mainline development branches lack the constant for the current development OS.
-#ifndef __ANDROID_API_T__
-#define __ANDROID_API_T__ 33
-#endif
-
#define PLATFORM "/sys/fs/bpf/"
#define TETHERING "/sys/fs/bpf/tethering/"
#define PRIVATE "/sys/fs/bpf/net_private/"
@@ -49,7 +45,8 @@
class BpfExistenceTest : public ::testing::Test {
};
-static const set<string> INTRODUCED_R = {
+// Part of Android R platform, but mainlined in S
+static const set<string> PLATFORM_ONLY_IN_R = {
PLATFORM "map_offload_tether_ingress_map",
PLATFORM "map_offload_tether_limit_map",
PLATFORM "map_offload_tether_stats_map",
@@ -57,7 +54,8 @@
PLATFORM "prog_offload_schedcls_ingress_tether_rawip",
};
-static const set<string> INTRODUCED_S = {
+// Provided by *current* mainline module for S+ devices
+static const set<string> MAINLINE_FOR_S_PLUS = {
TETHERING "map_offload_tether_dev_map",
TETHERING "map_offload_tether_downstream4_map",
TETHERING "map_offload_tether_downstream64_map",
@@ -67,6 +65,7 @@
TETHERING "map_offload_tether_stats_map",
TETHERING "map_offload_tether_upstream4_map",
TETHERING "map_offload_tether_upstream6_map",
+ TETHERING "map_test_bitmap",
TETHERING "map_test_tether_downstream6_map",
TETHERING "prog_offload_schedcls_tether_downstream4_ether",
TETHERING "prog_offload_schedcls_tether_downstream4_rawip",
@@ -78,25 +77,19 @@
TETHERING "prog_offload_schedcls_tether_upstream6_rawip",
};
-static const set<string> REMOVED_S = {
- PLATFORM "map_offload_tether_ingress_map",
- PLATFORM "map_offload_tether_limit_map",
- PLATFORM "map_offload_tether_stats_map",
- PLATFORM "prog_offload_schedcls_ingress_tether_ether",
- PLATFORM "prog_offload_schedcls_ingress_tether_rawip",
+// Provided by *current* mainline module for S+ devices with 5.10+ kernels
+static const set<string> MAINLINE_FOR_S_5_10_PLUS = {
+ TETHERING "prog_test_xdp_drop_ipv4_udp_ether",
};
-static const set<string> INTRODUCED_T = {
+// Provided by *current* mainline module for T+ devices
+static const set<string> MAINLINE_FOR_T_PLUS = {
SHARED "map_block_blocked_ports_map",
SHARED "map_clatd_clat_egress4_map",
SHARED "map_clatd_clat_ingress6_map",
- SHARED "map_dscp_policy_ipv4_dscp_policies_map",
- SHARED "map_dscp_policy_ipv4_socket_to_policies_map_A",
- SHARED "map_dscp_policy_ipv4_socket_to_policies_map_B",
- SHARED "map_dscp_policy_ipv6_dscp_policies_map",
- SHARED "map_dscp_policy_ipv6_socket_to_policies_map_A",
- SHARED "map_dscp_policy_ipv6_socket_to_policies_map_B",
- SHARED "map_dscp_policy_switch_comp_map",
+ SHARED "map_dscpPolicy_ipv4_dscp_policies_map",
+ SHARED "map_dscpPolicy_ipv6_dscp_policies_map",
+ SHARED "map_dscpPolicy_socket_policy_cache_map",
NETD "map_netd_app_uid_stats_map",
NETD "map_netd_configuration_map",
NETD "map_netd_cookie_tag_map",
@@ -121,58 +114,46 @@
NETD "prog_netd_skfilter_ingress_xtbpf",
};
-static const set<string> INTRODUCED_T_5_4 = {
+// Provided by *current* mainline module for T+ devices with 5.4+ kernels
+static const set<string> MAINLINE_FOR_T_5_4_PLUS = {
SHARED "prog_block_bind4_block_port",
SHARED "prog_block_bind6_block_port",
- SHARED "prog_dscp_policy_schedcls_set_dscp_ether",
- SHARED "prog_dscp_policy_schedcls_set_dscp_raw_ip",
};
-static const set<string> REMOVED_T = {
+// Provided by *current* mainline module for T+ devices with 5.15+ kernels
+static const set<string> MAINLINE_FOR_T_5_15_PLUS = {
+ SHARED "prog_dscpPolicy_schedcls_set_dscp_ether",
};
void addAll(set<string>* a, const set<string>& b) {
a->insert(b.begin(), b.end());
}
-void removeAll(set<string>* a, const set<string>& b) {
- for (const auto& toRemove : b) {
- a->erase(toRemove);
- }
-}
+#define DO_EXPECT(B, V) do { \
+ if (B) addAll(expected, (V)); else addAll(unexpected, (V)); \
+} while (0)
void getFileLists(set<string>* expected, set<string>* unexpected) {
unexpected->clear();
expected->clear();
- addAll(unexpected, INTRODUCED_R);
- addAll(unexpected, INTRODUCED_S);
- addAll(unexpected, INTRODUCED_T);
+ // We do not actually check the platform P/Q (netd) and Q (clatd) things
+ // and only verify the mainline module relevant R+ offload maps & progs.
+ //
+ // The goal of this test is to verify compatibility with the tethering mainline module,
+ // and not to test the platform itself, which may have been modified by vendor or oems,
+ // so we should only test for the removal of stuff that was mainline'd,
+ // and for the presence of mainline stuff.
+ DO_EXPECT(IsAtLeastR() && !IsAtLeastS(), PLATFORM_ONLY_IN_R);
- if (IsAtLeastR()) {
- addAll(expected, INTRODUCED_R);
- removeAll(unexpected, INTRODUCED_R);
- // Nothing removed in R.
- }
-
- if (IsAtLeastS()) {
- addAll(expected, INTRODUCED_S);
- removeAll(expected, REMOVED_S);
-
- addAll(unexpected, REMOVED_S);
- removeAll(unexpected, INTRODUCED_S);
- }
+ DO_EXPECT(IsAtLeastS(), MAINLINE_FOR_S_PLUS);
+ DO_EXPECT(IsAtLeastS() && isAtLeastKernelVersion(5, 10, 0), MAINLINE_FOR_S_5_10_PLUS);
// Nothing added or removed in SCv2.
- if (IsAtLeastT()) {
- addAll(expected, INTRODUCED_T);
- if (android::bpf::isAtLeastKernelVersion(5, 4, 0)) addAll(expected, INTRODUCED_T_5_4);
- removeAll(expected, REMOVED_T);
-
- addAll(unexpected, REMOVED_T);
- removeAll(unexpected, INTRODUCED_T);
- }
+ DO_EXPECT(IsAtLeastT(), MAINLINE_FOR_T_PLUS);
+ DO_EXPECT(IsAtLeastT() && isAtLeastKernelVersion(5, 4, 0), MAINLINE_FOR_T_5_4_PLUS);
+ DO_EXPECT(IsAtLeastT() && isAtLeastKernelVersion(5, 15, 0), MAINLINE_FOR_T_5_15_PLUS);
}
void checkFiles() {
diff --git a/tests/native/Android.bp b/tests/native/connectivity_native_test/Android.bp
similarity index 85%
rename from tests/native/Android.bp
rename to tests/native/connectivity_native_test/Android.bp
index a8d908a..7d43aa8 100644
--- a/tests/native/Android.bp
+++ b/tests/native/connectivity_native_test/Android.bp
@@ -31,3 +31,10 @@
],
compile_multilib: "first",
}
+
+filegroup {
+ name: "net_native_test_config_template",
+ srcs: [
+ "NetNativeTestConfigTemplate.xml",
+ ],
+}
diff --git a/tests/native/AndroidTestTemplate.xml b/tests/native/connectivity_native_test/AndroidTestTemplate.xml
similarity index 100%
rename from tests/native/AndroidTestTemplate.xml
rename to tests/native/connectivity_native_test/AndroidTestTemplate.xml
diff --git a/tests/native/connectivity_native_test/NetNativeTestConfigTemplate.xml b/tests/native/connectivity_native_test/NetNativeTestConfigTemplate.xml
new file mode 100644
index 0000000..b71e9aa
--- /dev/null
+++ b/tests/native/connectivity_native_test/NetNativeTestConfigTemplate.xml
@@ -0,0 +1,31 @@
+<!-- Copyright (C) 2022 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<configuration description="Configuration for {MODULE} tests">
+ <option name="test-suite-tag" value="mts" />
+ <option name="config-descriptor:metadata" key="mainline-param" value="CaptivePortalLoginGoogle.apk+NetworkStackGoogle.apk+com.google.android.resolv.apex+com.google.android.tethering.apex" />
+ <!-- Only run tests if the device under test is SDK version 33 (Android 13) or above. -->
+ <object type="module_controller" class="com.android.tradefed.testtype.suite.module.Sdk33ModuleController" />
+
+ <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer"/>
+ <target_preparer class="com.android.compatibility.common.tradefed.targetprep.FilePusher">
+ <option name="cleanup" value="true" />
+ <option name="push" value="{MODULE}->/data/local/tmp/{MODULE}" />
+ <option name="append-bitness" value="true" />
+ </target_preparer>
+ <test class="com.android.tradefed.testtype.GTest" >
+ <option name="native-test-device-path" value="/data/local/tmp" />
+ <option name="module-name" value="{MODULE}" />
+ </test>
+</configuration>
diff --git a/tests/native/OWNERS b/tests/native/connectivity_native_test/OWNERS
similarity index 100%
rename from tests/native/OWNERS
rename to tests/native/connectivity_native_test/OWNERS
diff --git a/tests/native/connectivity_native_test.cpp b/tests/native/connectivity_native_test/connectivity_native_test.cpp
similarity index 100%
rename from tests/native/connectivity_native_test.cpp
rename to tests/native/connectivity_native_test/connectivity_native_test.cpp
diff --git a/tests/native/utilities/Android.bp b/tests/native/utilities/Android.bp
new file mode 100644
index 0000000..4706b3d
--- /dev/null
+++ b/tests/native/utilities/Android.bp
@@ -0,0 +1,34 @@
+//
+// Copyright (C) 2022 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+cc_test_library {
+ name: "libconnectivity_native_test_utils",
+ defaults: [
+ "netd_defaults",
+ "resolv_test_defaults"
+ ],
+ srcs: [
+ "firewall.cpp",
+ ],
+ header_libs: [
+ "bpf_connectivity_headers",
+ ],
+ export_header_lib_headers: ["bpf_connectivity_headers"],
+ export_include_dirs: ["."],
+}
diff --git a/tests/native/utilities/firewall.cpp b/tests/native/utilities/firewall.cpp
new file mode 100644
index 0000000..e4669cb
--- /dev/null
+++ b/tests/native/utilities/firewall.cpp
@@ -0,0 +1,118 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#include "firewall.h"
+
+#include <android-base/result.h>
+#include <gtest/gtest.h>
+
+Firewall::Firewall() {
+ std::lock_guard guard(mMutex);
+ auto result = mConfigurationMap.init(CONFIGURATION_MAP_PATH);
+ EXPECT_RESULT_OK(result) << "init mConfigurationMap failed";
+
+ result = mUidOwnerMap.init(UID_OWNER_MAP_PATH);
+ EXPECT_RESULT_OK(result) << "init mUidOwnerMap failed";
+}
+
+Firewall* Firewall::getInstance() {
+ static Firewall instance;
+ return &instance;
+}
+
+Result<void> Firewall::toggleStandbyMatch(bool enable) {
+ std::lock_guard guard(mMutex);
+ uint32_t key = UID_RULES_CONFIGURATION_KEY;
+ auto oldConfiguration = mConfigurationMap.readValue(key);
+ if (!oldConfiguration.ok()) {
+ return Errorf("Cannot read the old configuration: {}", oldConfiguration.error().message());
+ }
+
+ BpfConfig newConfiguration = enable ? (oldConfiguration.value() | STANDBY_MATCH)
+ : (oldConfiguration.value() & (~STANDBY_MATCH));
+ auto res = mConfigurationMap.writeValue(key, newConfiguration, BPF_EXIST);
+ if (!res.ok()) return Errorf("Failed to toggle STANDBY_MATCH: {}", res.error().message());
+
+ return {};
+}
+
+Result<void> Firewall::addRule(uint32_t uid, UidOwnerMatchType match, uint32_t iif) {
+ // iif should be non-zero if and only if match == MATCH_IIF
+ if (match == IIF_MATCH && iif == 0) {
+ return Errorf("Interface match {} must have nonzero interface index", match);
+ } else if (match != IIF_MATCH && iif != 0) {
+ return Errorf("Non-interface match {} must have zero interface index", match);
+ }
+
+ std::lock_guard guard(mMutex);
+ auto oldMatch = mUidOwnerMap.readValue(uid);
+ if (oldMatch.ok()) {
+ UidOwnerValue newMatch = {
+ .iif = iif ? iif : oldMatch.value().iif,
+ .rule = static_cast<uint8_t>(oldMatch.value().rule | match),
+ };
+ auto res = mUidOwnerMap.writeValue(uid, newMatch, BPF_ANY);
+ if (!res.ok()) return Errorf("Failed to update rule: {}", res.error().message());
+ } else {
+ UidOwnerValue newMatch = {
+ .iif = iif,
+ .rule = static_cast<uint8_t>(match),
+ };
+ auto res = mUidOwnerMap.writeValue(uid, newMatch, BPF_ANY);
+ if (!res.ok()) return Errorf("Failed to add rule: {}", res.error().message());
+ }
+ return {};
+}
+
+Result<void> Firewall::removeRule(uint32_t uid, UidOwnerMatchType match) {
+ std::lock_guard guard(mMutex);
+ auto oldMatch = mUidOwnerMap.readValue(uid);
+ if (!oldMatch.ok()) return Errorf("uid: %u does not exist in map", uid);
+
+ UidOwnerValue newMatch = {
+ .iif = (match == IIF_MATCH) ? 0 : oldMatch.value().iif,
+ .rule = static_cast<uint8_t>(oldMatch.value().rule & ~match),
+ };
+ if (newMatch.rule == 0) {
+ auto res = mUidOwnerMap.deleteValue(uid);
+ if (!res.ok()) return Errorf("Failed to remove rule: {}", res.error().message());
+ } else {
+ auto res = mUidOwnerMap.writeValue(uid, newMatch, BPF_ANY);
+ if (!res.ok()) return Errorf("Failed to update rule: {}", res.error().message());
+ }
+ return {};
+}
+
+Result<void> Firewall::addUidInterfaceRules(const std::string& ifName,
+ const std::vector<int32_t>& uids) {
+ unsigned int iif = if_nametoindex(ifName.c_str());
+ if (!iif) return Errorf("Failed to get interface index: {}", ifName);
+
+ for (auto uid : uids) {
+ auto res = addRule(uid, IIF_MATCH, iif);
+ if (!res.ok()) return res;
+ }
+ return {};
+}
+
+Result<void> Firewall::removeUidInterfaceRules(const std::vector<int32_t>& uids) {
+ for (auto uid : uids) {
+ auto res = removeRule(uid, IIF_MATCH);
+ if (!res.ok()) return res;
+ }
+ return {};
+}
diff --git a/tests/native/utilities/firewall.h b/tests/native/utilities/firewall.h
new file mode 100644
index 0000000..185559b
--- /dev/null
+++ b/tests/native/utilities/firewall.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#pragma once
+
+#include <android-base/thread_annotations.h>
+#include <bpf/BpfMap.h>
+#include <bpf_shared.h>
+
+using android::base::Result;
+using android::bpf::BpfMap;
+
+class Firewall {
+ public:
+ Firewall() EXCLUDES(mMutex);
+ static Firewall* getInstance();
+ Result<void> toggleStandbyMatch(bool enable) EXCLUDES(mMutex);
+ Result<void> addRule(uint32_t uid, UidOwnerMatchType match, uint32_t iif = 0) EXCLUDES(mMutex);
+ Result<void> removeRule(uint32_t uid, UidOwnerMatchType match) EXCLUDES(mMutex);
+ Result<void> addUidInterfaceRules(const std::string& ifName, const std::vector<int32_t>& uids);
+ Result<void> removeUidInterfaceRules(const std::vector<int32_t>& uids);
+
+ private:
+ BpfMap<uint32_t, uint32_t> mConfigurationMap GUARDED_BY(mMutex);
+ BpfMap<uint32_t, UidOwnerValue> mUidOwnerMap GUARDED_BY(mMutex);
+ std::mutex mMutex;
+};
diff --git a/tests/unit/Android.bp b/tests/unit/Android.bp
index 18ace4e..cb68235 100644
--- a/tests/unit/Android.bp
+++ b/tests/unit/Android.bp
@@ -58,42 +58,23 @@
filegroup {
name: "non-connectivity-module-test",
srcs: [
- "java/android/app/usage/*.java",
- "java/android/net/EthernetNetworkUpdateRequestTest.java",
"java/android/net/Ikev2VpnProfileTest.java",
"java/android/net/IpMemoryStoreTest.java",
- "java/android/net/IpSecAlgorithmTest.java",
- "java/android/net/IpSecConfigTest.java",
- "java/android/net/IpSecManagerTest.java",
- "java/android/net/IpSecTransformTest.java",
- "java/android/net/KeepalivePacketDataUtilTest.java",
- "java/android/net/NetworkIdentitySetTest.kt",
- "java/android/net/NetworkIdentityTest.kt",
- "java/android/net/NetworkStats*.java",
- "java/android/net/NetworkTemplateTest.kt",
"java/android/net/TelephonyNetworkSpecifierTest.java",
"java/android/net/VpnManagerTest.java",
"java/android/net/ipmemorystore/*.java",
"java/android/net/netstats/NetworkStatsDataMigrationUtilsTest.kt",
- "java/android/net/nsd/*.java",
"java/com/android/internal/net/NetworkUtilsInternalTest.java",
"java/com/android/internal/net/VpnProfileTest.java",
- "java/com/android/server/IpSecServiceParameterizedTest.java",
- "java/com/android/server/IpSecServiceRefcountedResourceTest.java",
- "java/com/android/server/IpSecServiceTest.java",
"java/com/android/server/NetworkManagementServiceTest.java",
- "java/com/android/server/NsdServiceTest.java",
+ "java/com/android/server/VpnManagerServiceTest.java",
"java/com/android/server/connectivity/IpConnectivityEventBuilderTest.java",
"java/com/android/server/connectivity/IpConnectivityMetricsTest.java",
"java/com/android/server/connectivity/MultipathPolicyTrackerTest.java",
"java/com/android/server/connectivity/NetdEventListenerServiceTest.java",
"java/com/android/server/connectivity/VpnTest.java",
- "java/com/android/server/ethernet/*.java",
"java/com/android/server/net/ipmemorystore/*.java",
- "java/com/android/server/net/BpfInterfaceMapUpdaterTest.java",
- "java/com/android/server/net/IpConfigStoreTest.java",
- "java/com/android/server/net/NetworkStats*.java",
- "java/com/android/server/net/TestableUsageCallback.kt",
+ "java/com/android/server/connectivity/mdns/**/*.java",
]
}
@@ -168,10 +149,10 @@
static_libs: [
"services.core",
"services.net",
+ "service-mdns",
],
jni_libs: [
"libandroid_net_connectivity_com_android_net_module_util_jni",
"libservice-connectivity",
- "libandroid_net_connectivity_com_android_net_module_util_jni",
],
}
diff --git a/tests/unit/java/android/app/usage/NetworkStatsManagerTest.java b/tests/unit/java/android/app/usage/NetworkStatsManagerTest.java
index 561e621..8a537be 100644
--- a/tests/unit/java/android/app/usage/NetworkStatsManagerTest.java
+++ b/tests/unit/java/android/app/usage/NetworkStatsManagerTest.java
@@ -16,6 +16,10 @@
package android.app.usage;
+import static android.net.NetworkStats.METERED_YES;
+import static android.net.NetworkTemplate.MATCH_MOBILE;
+import static android.net.NetworkTemplate.MATCH_WIFI;
+
import static junit.framework.Assert.assertEquals;
import static junit.framework.Assert.assertFalse;
import static junit.framework.Assert.assertTrue;
@@ -52,9 +56,11 @@
import org.mockito.MockitoAnnotations;
import org.mockito.invocation.InvocationOnMock;
+import java.util.Set;
+
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class NetworkStatsManagerTest {
private static final String TEST_SUBSCRIBER_ID = "subid";
@@ -82,20 +88,28 @@
Entry uid1Entry1 = new Entry("if1", uid1,
android.net.NetworkStats.SET_DEFAULT, android.net.NetworkStats.TAG_NONE,
+ android.net.NetworkStats.METERED_NO, android.net.NetworkStats.ROAMING_NO,
+ android.net.NetworkStats.DEFAULT_NETWORK_NO,
100, 10, 200, 20, 0);
Entry uid1Entry2 = new Entry(
"if2", uid1,
android.net.NetworkStats.SET_DEFAULT, android.net.NetworkStats.TAG_NONE,
+ android.net.NetworkStats.METERED_NO, android.net.NetworkStats.ROAMING_NO,
+ android.net.NetworkStats.DEFAULT_NETWORK_NO,
100, 10, 200, 20, 0);
Entry uid2Entry1 = new Entry("if1", uid2,
android.net.NetworkStats.SET_DEFAULT, android.net.NetworkStats.TAG_NONE,
+ android.net.NetworkStats.METERED_NO, android.net.NetworkStats.ROAMING_NO,
+ android.net.NetworkStats.DEFAULT_NETWORK_NO,
150, 10, 250, 20, 0);
Entry uid2Entry2 = new Entry(
"if2", uid2,
android.net.NetworkStats.SET_DEFAULT, android.net.NetworkStats.TAG_NONE,
+ android.net.NetworkStats.METERED_NO, android.net.NetworkStats.ROAMING_NO,
+ android.net.NetworkStats.DEFAULT_NETWORK_NO,
150, 10, 250, 20, 0);
NetworkStatsHistory history1 = new NetworkStatsHistory(10, 2);
@@ -204,20 +218,20 @@
@Test
public void testNetworkTemplateWhenRunningQueryDetails_NoSubscriberId() throws RemoteException {
runQueryDetailsAndCheckTemplate(ConnectivityManager.TYPE_MOBILE,
- null /* subscriberId */, NetworkTemplate.buildTemplateMobileWildcard());
+ null /* subscriberId */, new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setMeteredness(METERED_YES).build());
runQueryDetailsAndCheckTemplate(ConnectivityManager.TYPE_WIFI,
- "" /* subscriberId */, NetworkTemplate.buildTemplateWifiWildcard());
+ "" /* subscriberId */, new NetworkTemplate.Builder(MATCH_WIFI).build());
runQueryDetailsAndCheckTemplate(ConnectivityManager.TYPE_WIFI,
- null /* subscriberId */, NetworkTemplate.buildTemplateWifiWildcard());
+ null /* subscriberId */, new NetworkTemplate.Builder(MATCH_WIFI).build());
}
@Test
public void testNetworkTemplateWhenRunningQueryDetails_MergedCarrierWifi()
throws RemoteException {
runQueryDetailsAndCheckTemplate(ConnectivityManager.TYPE_WIFI,
- TEST_SUBSCRIBER_ID,
- NetworkTemplate.buildTemplateWifi(NetworkTemplate.WIFI_NETWORKID_ALL,
- TEST_SUBSCRIBER_ID));
+ TEST_SUBSCRIBER_ID, new NetworkTemplate.Builder(MATCH_WIFI)
+ .setSubscriberIds(Set.of(TEST_SUBSCRIBER_ID)).build());
}
@Test
diff --git a/tests/unit/java/android/net/ConnectivityManagerTest.java b/tests/unit/java/android/net/ConnectivityManagerTest.java
index f324630..c327868 100644
--- a/tests/unit/java/android/net/ConnectivityManagerTest.java
+++ b/tests/unit/java/android/net/ConnectivityManagerTest.java
@@ -41,6 +41,7 @@
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.mockito.ArgumentMatchers.anyBoolean;
@@ -72,6 +73,7 @@
import androidx.test.filters.SmallTest;
+import com.android.internal.util.test.BroadcastInterceptingContext;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRunner;
@@ -82,6 +84,8 @@
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
+import java.lang.ref.WeakReference;
+
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
@DevSdkIgnoreRule.IgnoreUpTo(VERSION_CODES.R)
@@ -461,4 +465,49 @@
}
fail("expected exception of type " + throwableType);
}
+
+ private static class MockContext extends BroadcastInterceptingContext {
+ MockContext(Context base) {
+ super(base);
+ }
+
+ @Override
+ public Context getApplicationContext() {
+ return mock(Context.class);
+ }
+ }
+
+ private WeakReference<Context> makeConnectivityManagerAndReturnContext() {
+ // Mockito may have an internal reference to the mock, creating MockContext for testing.
+ final Context c = new MockContext(mock(Context.class));
+
+ new ConnectivityManager(c, mService);
+
+ return new WeakReference<>(c);
+ }
+
+ private void forceGC() {
+ // First GC ensures that objects are collected for finalization, then second GC ensures
+ // they're garbage-collected after being finalized.
+ System.gc();
+ System.runFinalization();
+ System.gc();
+ }
+
+ @Test
+ public void testConnectivityManagerDoesNotLeakContext() throws Exception {
+ final WeakReference<Context> ref = makeConnectivityManagerAndReturnContext();
+
+ final int attempts = 100;
+ final long waitIntervalMs = 50;
+ for (int i = 0; i < attempts; i++) {
+ forceGC();
+ if (ref.get() == null) break;
+
+ Thread.sleep(waitIntervalMs);
+ }
+
+ assertNull("ConnectivityManager weak reference still not null after " + attempts
+ + " attempts", ref.get());
+ }
}
diff --git a/tests/unit/java/android/net/Ikev2VpnProfileTest.java b/tests/unit/java/android/net/Ikev2VpnProfileTest.java
index 5cb014f..3b68120 100644
--- a/tests/unit/java/android/net/Ikev2VpnProfileTest.java
+++ b/tests/unit/java/android/net/Ikev2VpnProfileTest.java
@@ -18,6 +18,7 @@
import static android.net.cts.util.IkeSessionTestUtils.CHILD_PARAMS;
import static android.net.cts.util.IkeSessionTestUtils.IKE_PARAMS_V6;
+import static android.net.cts.util.IkeSessionTestUtils.getTestIkeSessionParams;
import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
@@ -28,6 +29,7 @@
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
+import android.net.ipsec.ike.IkeKeyIdIdentification;
import android.net.ipsec.ike.IkeTunnelConnectionParams;
import android.os.Build;
import android.test.mock.MockContext;
@@ -446,6 +448,40 @@
}
@Test
+ public void testBuildWithIkeTunConnParamsConvertToVpnProfile() throws Exception {
+ // Special keyId that contains delimiter character of VpnProfile
+ final byte[] keyId = "foo\0bar".getBytes();
+ final IkeTunnelConnectionParams tunnelParams = new IkeTunnelConnectionParams(
+ getTestIkeSessionParams(true /* testIpv6 */, new IkeKeyIdIdentification(keyId)),
+ CHILD_PARAMS);
+ final Ikev2VpnProfile ikev2VpnProfile = new Ikev2VpnProfile.Builder(tunnelParams).build();
+ final VpnProfile vpnProfile = ikev2VpnProfile.toVpnProfile();
+
+ assertEquals(VpnProfile.TYPE_IKEV2_FROM_IKE_TUN_CONN_PARAMS, vpnProfile.type);
+
+ // Username, password, server, ipsecIdentifier, ipsecCaCert, ipsecSecret, ipsecUserCert and
+ // getAllowedAlgorithms should not be set if IkeTunnelConnectionParams is set.
+ assertEquals("", vpnProfile.server);
+ assertEquals("", vpnProfile.ipsecIdentifier);
+ assertEquals("", vpnProfile.username);
+ assertEquals("", vpnProfile.password);
+ assertEquals("", vpnProfile.ipsecCaCert);
+ assertEquals("", vpnProfile.ipsecSecret);
+ assertEquals("", vpnProfile.ipsecUserCert);
+ assertEquals(0, vpnProfile.getAllowedAlgorithms().size());
+
+ // IkeTunnelConnectionParams should stay the same.
+ assertEquals(tunnelParams, vpnProfile.ikeTunConnParams);
+
+ // Convert to disk-stable format and then back to Ikev2VpnProfile should be the same.
+ final VpnProfile decodedVpnProfile =
+ VpnProfile.decode(vpnProfile.key, vpnProfile.encode());
+ final Ikev2VpnProfile convertedIkev2VpnProfile =
+ Ikev2VpnProfile.fromVpnProfile(decodedVpnProfile);
+ assertEquals(ikev2VpnProfile, convertedIkev2VpnProfile);
+ }
+
+ @Test
public void testConversionIsLosslessWithIkeTunConnParams() throws Exception {
final IkeTunnelConnectionParams tunnelParams =
new IkeTunnelConnectionParams(IKE_PARAMS_V6, CHILD_PARAMS);
@@ -471,6 +507,23 @@
new Ikev2VpnProfile.Builder(tunnelParams2).build());
}
+ @Test
+ public void testBuildProfileWithNullProxy() throws Exception {
+ final Ikev2VpnProfile ikev2VpnProfile =
+ new Ikev2VpnProfile.Builder(SERVER_ADDR_STRING, IDENTITY_STRING)
+ .setAuthUsernamePassword(USERNAME_STRING, PASSWORD_STRING, mServerRootCa)
+ .build();
+
+ // ProxyInfo should be null for the profile without setting ProxyInfo.
+ assertNull(ikev2VpnProfile.getProxyInfo());
+
+ // ProxyInfo should stay null after performing toVpnProfile() and fromVpnProfile()
+ final VpnProfile vpnProfile = ikev2VpnProfile.toVpnProfile();
+ assertNull(vpnProfile.proxy);
+
+ final Ikev2VpnProfile convertedIkev2VpnProfile = Ikev2VpnProfile.fromVpnProfile(vpnProfile);
+ assertNull(convertedIkev2VpnProfile.getProxyInfo());
+ }
private static class CertificateAndKey {
public final X509Certificate cert;
diff --git a/tests/unit/java/android/net/IpSecAlgorithmTest.java b/tests/unit/java/android/net/IpSecAlgorithmTest.java
index c473e82..1482055 100644
--- a/tests/unit/java/android/net/IpSecAlgorithmTest.java
+++ b/tests/unit/java/android/net/IpSecAlgorithmTest.java
@@ -47,7 +47,7 @@
/** Unit tests for {@link IpSecAlgorithm}. */
@SmallTest
@RunWith(DevSdkIgnoreRunner.class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class IpSecAlgorithmTest {
private static final byte[] KEY_MATERIAL;
diff --git a/tests/unit/java/android/net/IpSecConfigTest.java b/tests/unit/java/android/net/IpSecConfigTest.java
index b87cb48..9f83036 100644
--- a/tests/unit/java/android/net/IpSecConfigTest.java
+++ b/tests/unit/java/android/net/IpSecConfigTest.java
@@ -36,7 +36,7 @@
/** Unit tests for {@link IpSecConfig}. */
@SmallTest
@RunWith(DevSdkIgnoreRunner.class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class IpSecConfigTest {
@Test
diff --git a/tests/unit/java/android/net/IpSecManagerTest.java b/tests/unit/java/android/net/IpSecManagerTest.java
index cda8eb7..335f539 100644
--- a/tests/unit/java/android/net/IpSecManagerTest.java
+++ b/tests/unit/java/android/net/IpSecManagerTest.java
@@ -52,7 +52,7 @@
/** Unit tests for {@link IpSecManager}. */
@SmallTest
@RunWith(DevSdkIgnoreRunner.class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class IpSecManagerTest {
private static final int TEST_UDP_ENCAP_PORT = 34567;
diff --git a/tests/unit/java/android/net/IpSecTransformTest.java b/tests/unit/java/android/net/IpSecTransformTest.java
index 81375f1..c1bd719 100644
--- a/tests/unit/java/android/net/IpSecTransformTest.java
+++ b/tests/unit/java/android/net/IpSecTransformTest.java
@@ -32,7 +32,7 @@
/** Unit tests for {@link IpSecTransform}. */
@SmallTest
@RunWith(DevSdkIgnoreRunner.class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class IpSecTransformTest {
@Test
diff --git a/tests/unit/java/android/net/NetworkIdentityTest.kt b/tests/unit/java/android/net/NetworkIdentityTest.kt
index bf5568d..d84328c 100644
--- a/tests/unit/java/android/net/NetworkIdentityTest.kt
+++ b/tests/unit/java/android/net/NetworkIdentityTest.kt
@@ -47,7 +47,7 @@
private const val TEST_SUBID2 = 2
@RunWith(DevSdkIgnoreRunner::class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
class NetworkIdentityTest {
private val mockContext = mock(Context::class.java)
diff --git a/tests/unit/java/android/net/NetworkStatsAccessTest.java b/tests/unit/java/android/net/NetworkStatsAccessTest.java
index 97a93ca..a74056b 100644
--- a/tests/unit/java/android/net/NetworkStatsAccessTest.java
+++ b/tests/unit/java/android/net/NetworkStatsAccessTest.java
@@ -19,6 +19,7 @@
import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.doCallRealMethod;
import static org.mockito.Mockito.when;
import android.Manifest;
@@ -66,6 +67,10 @@
when(mContext.getSystemServiceName(DevicePolicyManager.class))
.thenReturn(Context.DEVICE_POLICY_SERVICE);
when(mContext.getSystemService(Context.DEVICE_POLICY_SERVICE)).thenReturn(mDpm);
+ if (mContext.getSystemService(DevicePolicyManager.class) == null) {
+ // Test is using mockito-extended
+ doCallRealMethod().when(mContext).getSystemService(DevicePolicyManager.class);
+ }
setHasCarrierPrivileges(false);
setIsDeviceOwner(false);
diff --git a/tests/unit/java/android/net/NetworkStatsCollectionTest.java b/tests/unit/java/android/net/NetworkStatsCollectionTest.java
index b518a61..a6e9e95 100644
--- a/tests/unit/java/android/net/NetworkStatsCollectionTest.java
+++ b/tests/unit/java/android/net/NetworkStatsCollectionTest.java
@@ -18,6 +18,10 @@
import static android.net.ConnectivityManager.TYPE_MOBILE;
import static android.net.NetworkIdentity.OEM_NONE;
+import static android.net.NetworkStats.DEFAULT_NETWORK_NO;
+import static android.net.NetworkStats.IFACE_ALL;
+import static android.net.NetworkStats.METERED_NO;
+import static android.net.NetworkStats.ROAMING_NO;
import static android.net.NetworkStats.SET_ALL;
import static android.net.NetworkStats.SET_DEFAULT;
import static android.net.NetworkStats.TAG_NONE;
@@ -480,7 +484,8 @@
ident.add(new NetworkIdentity(ConnectivityManager.TYPE_MOBILE, -1, TEST_IMSI, null,
false, true, true, OEM_NONE, TEST_SUBID));
large.recordData(ident, UID_ALL, SET_ALL, TAG_NONE, TIME_A, TIME_B,
- new NetworkStats.Entry(12_730_893_164L, 1, 0, 0, 0));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 12_730_893_164L, 1, 0, 0, 0));
// Verify untouched total
assertEquals(12_730_893_164L, getHistory(large, null, TIME_A, TIME_C).getTotalBytes());
@@ -659,26 +664,33 @@
private static void assertEntry(long rxBytes, long rxPackets, long txBytes, long txPackets,
NetworkStats.Entry actual) {
- assertEntry(new NetworkStats.Entry(rxBytes, rxPackets, txBytes, txPackets, 0L), actual);
+ assertEntry(new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, rxBytes, rxPackets, txBytes, txPackets, 0L),
+ actual);
}
private static void assertEntry(long rxBytes, long rxPackets, long txBytes, long txPackets,
NetworkStatsHistory.Entry actual) {
- assertEntry(new NetworkStats.Entry(rxBytes, rxPackets, txBytes, txPackets, 0L), actual);
+ assertEntry(new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, rxBytes, rxPackets, txBytes, txPackets, 0L),
+ actual);
}
private static void assertEntry(NetworkStats.Entry expected,
NetworkStatsHistory.Entry actual) {
- assertEntry(expected, new NetworkStats.Entry(actual.rxBytes, actual.rxPackets,
+ assertEntry(expected, new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE,
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, actual.rxBytes, actual.rxPackets,
actual.txBytes, actual.txPackets, 0L));
}
private static void assertEntry(NetworkStatsHistory.Entry expected,
NetworkStatsHistory.Entry actual) {
- assertEntry(new NetworkStats.Entry(actual.rxBytes, actual.rxPackets,
- actual.txBytes, actual.txPackets, 0L),
- new NetworkStats.Entry(actual.rxBytes, actual.rxPackets,
- actual.txBytes, actual.txPackets, 0L));
+ assertEntry(new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, actual.rxBytes, actual.rxPackets,
+ actual.txBytes, actual.txPackets, 0L),
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, actual.rxBytes, actual.rxPackets,
+ actual.txBytes, actual.txPackets, 0L));
}
private static void assertEntry(NetworkStats.Entry expected,
diff --git a/tests/unit/java/android/net/NetworkStatsHistoryTest.java b/tests/unit/java/android/net/NetworkStatsHistoryTest.java
index 26079a2..2170882 100644
--- a/tests/unit/java/android/net/NetworkStatsHistoryTest.java
+++ b/tests/unit/java/android/net/NetworkStatsHistoryTest.java
@@ -16,6 +16,13 @@
package android.net;
+import static android.net.NetworkStats.DEFAULT_NETWORK_NO;
+import static android.net.NetworkStats.IFACE_ALL;
+import static android.net.NetworkStats.METERED_NO;
+import static android.net.NetworkStats.ROAMING_NO;
+import static android.net.NetworkStats.SET_DEFAULT;
+import static android.net.NetworkStats.TAG_NONE;
+import static android.net.NetworkStats.UID_ALL;
import static android.net.NetworkStatsHistory.DataStreamUtils.readVarLong;
import static android.net.NetworkStatsHistory.DataStreamUtils.writeVarLong;
import static android.net.NetworkStatsHistory.Entry.UNKNOWN;
@@ -60,7 +67,7 @@
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class NetworkStatsHistoryTest {
private static final String TAG = "NetworkStatsHistoryTest";
@@ -110,7 +117,8 @@
// record data into narrow window to get single bucket
stats.recordData(TEST_START, TEST_START + SECOND_IN_MILLIS,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 2L));
assertEquals(1, stats.size());
assertValues(stats, 0, SECOND_IN_MILLIS, 1024L, 10L, 2048L, 20L, 2L);
@@ -124,7 +132,8 @@
// split equally across two buckets
final long recordStart = TEST_START + (bucketDuration / 2);
stats.recordData(recordStart, recordStart + bucketDuration,
- new NetworkStats.Entry(1024L, 10L, 128L, 2L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 128L, 2L, 2L));
assertEquals(2, stats.size());
assertValues(stats, 0, HOUR_IN_MILLIS / 2, 512L, 5L, 64L, 1L, 1L);
@@ -141,7 +150,8 @@
final long recordStart = (TEST_START + BUCKET_SIZE) - MINUTE_IN_MILLIS;
final long recordEnd = (TEST_START + (BUCKET_SIZE * 2)) + (MINUTE_IN_MILLIS * 4);
stats.recordData(recordStart, recordEnd,
- new NetworkStats.Entry(1000L, 2000L, 5000L, 10000L, 100L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1000L, 2000L, 5000L, 10000L, 100L));
assertEquals(3, stats.size());
// first bucket should have (1/20 of value)
@@ -161,9 +171,11 @@
final long firstStart = TEST_START;
final long lastStart = TEST_START + WEEK_IN_MILLIS;
stats.recordData(firstStart, firstStart + SECOND_IN_MILLIS,
- new NetworkStats.Entry(128L, 2L, 256L, 4L, 1L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 128L, 2L, 256L, 4L, 1L));
stats.recordData(lastStart, lastStart + SECOND_IN_MILLIS,
- new NetworkStats.Entry(64L, 1L, 512L, 8L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 64L, 1L, 512L, 8L, 2L));
// we should have two buckets, far apart from each other
assertEquals(2, stats.size());
@@ -174,7 +186,8 @@
final long middleStart = TEST_START + DAY_IN_MILLIS;
final long middleEnd = middleStart + (HOUR_IN_MILLIS * 2);
stats.recordData(middleStart, middleEnd,
- new NetworkStats.Entry(2048L, 4L, 2048L, 4L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 2048L, 4L, 2048L, 4L, 2L));
// now should have four buckets, with new record in middle two buckets
assertEquals(4, stats.size());
@@ -191,10 +204,12 @@
// record some data in one bucket, and another overlapping buckets
stats.recordData(TEST_START, TEST_START + SECOND_IN_MILLIS,
- new NetworkStats.Entry(256L, 2L, 256L, 2L, 1L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 256L, 2L, 256L, 2L, 1L));
final long midStart = TEST_START + (HOUR_IN_MILLIS / 2);
stats.recordData(midStart, midStart + HOUR_IN_MILLIS,
- new NetworkStats.Entry(1024L, 10L, 1024L, 10L, 10L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 1024L, 10L, 10L));
// should have two buckets, with some data mixed together
assertEquals(2, stats.size());
@@ -371,9 +386,11 @@
MINUTE_IN_MILLIS, 0, FIELD_RX_BYTES | FIELD_TX_BYTES);
history.recordData(0, MINUTE_IN_MILLIS,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 4L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 4L));
history.recordData(0, 2 * MINUTE_IN_MILLIS,
- new NetworkStats.Entry(2L, 2L, 2L, 2L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 2L, 2L, 2L, 2L, 2L));
assertFullValues(history, UNKNOWN, 1026L, UNKNOWN, 2050L, UNKNOWN, UNKNOWN);
}
@@ -385,7 +402,8 @@
MINUTE_IN_MILLIS, 0, FIELD_RX_PACKETS | FIELD_OPERATIONS);
full.recordData(0, MINUTE_IN_MILLIS,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 4L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 4L));
partial.recordEntireHistory(full);
assertFullValues(partial, UNKNOWN, UNKNOWN, 10L, UNKNOWN, UNKNOWN, 4L);
@@ -398,7 +416,8 @@
MINUTE_IN_MILLIS, 0, FIELD_RX_PACKETS | FIELD_OPERATIONS);
partial.recordData(0, MINUTE_IN_MILLIS,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 4L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 4L));
full.recordEntireHistory(partial);
assertFullValues(full, MINUTE_IN_MILLIS, 0L, 10L, 0L, 0L, 4L);
@@ -408,9 +427,11 @@
public void testSerialize() throws Exception {
final NetworkStatsHistory before = new NetworkStatsHistory(MINUTE_IN_MILLIS, 40, FIELD_ALL);
before.recordData(0, 4 * MINUTE_IN_MILLIS,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 4L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 4L));
before.recordData(DAY_IN_MILLIS, DAY_IN_MILLIS + MINUTE_IN_MILLIS,
- new NetworkStats.Entry(10L, 20L, 30L, 40L, 50L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 10L, 20L, 30L, 40L, 50L));
final ByteArrayOutputStream out = new ByteArrayOutputStream();
before.writeToStream(new DataOutputStream(out));
@@ -451,11 +472,14 @@
final long THIRD_END = THIRD_START + (2 * HOUR_IN_MILLIS);
stats.recordData(FIRST_START, FIRST_END,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 2L));
stats.recordData(SECOND_START, SECOND_END,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 2L));
stats.recordData(THIRD_START, THIRD_END,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 2L));
// should have buckets: 2+1+2
assertEquals(5, stats.size());
@@ -494,11 +518,14 @@
final long THIRD_END = THIRD_START + (2 * HOUR_IN_MILLIS);
stats.recordData(FIRST_START, FIRST_END,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 2L));
stats.recordData(SECOND_START, SECOND_END,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 2L));
stats.recordData(THIRD_START, THIRD_END,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 2L));
assertFalse(stats.intersects(10, 20));
assertFalse(stats.intersects(TEST_START + YEAR_IN_MILLIS, TEST_START + YEAR_IN_MILLIS + 1));
@@ -520,7 +547,8 @@
public void testSetValues() throws Exception {
stats = new NetworkStatsHistory(HOUR_IN_MILLIS);
stats.recordData(TEST_START, TEST_START + 1,
- new NetworkStats.Entry(1024L, 10L, 2048L, 20L, 2L));
+ new NetworkStats.Entry(IFACE_ALL, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO,
+ ROAMING_NO, DEFAULT_NETWORK_NO, 1024L, 10L, 2048L, 20L, 2L));
assertEquals(1024L + 2048L, stats.getTotalBytes());
diff --git a/tests/unit/java/android/net/NetworkStatsTest.java b/tests/unit/java/android/net/NetworkStatsTest.java
index b0cc16c..709b722 100644
--- a/tests/unit/java/android/net/NetworkStatsTest.java
+++ b/tests/unit/java/android/net/NetworkStatsTest.java
@@ -61,7 +61,7 @@
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class NetworkStatsTest {
private static final String TEST_IFACE = "test0";
@@ -960,7 +960,7 @@
// Ipv4 traffic sent/received by an app on stacked interface.
final NetworkStats.Entry appEntry = new NetworkStats.Entry(
- v4Iface, appUid, SET_DEFAULT, TAG_NONE,
+ v4Iface, appUid, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO,
30501490 /* rxBytes */,
22401 /* rxPackets */,
876235 /* txBytes */,
@@ -969,7 +969,8 @@
// Traffic measured for the root uid on the base interface.
final NetworkStats.Entry rootUidEntry = new NetworkStats.Entry(
- baseIface, rootUid, SET_DEFAULT, TAG_NONE,
+ baseIface, rootUid, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO,
163577 /* rxBytes */,
187 /* rxPackets */,
17607 /* txBytes */,
@@ -977,7 +978,8 @@
0 /* operations */);
final NetworkStats.Entry otherEntry = new NetworkStats.Entry(
- otherIface, appUid, SET_DEFAULT, TAG_NONE,
+ otherIface, appUid, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO,
2600 /* rxBytes */,
2 /* rxPackets */,
3800 /* txBytes */,
@@ -993,14 +995,14 @@
assertEquals(3, stats.size());
final NetworkStats.Entry expectedAppUid = new NetworkStats.Entry(
- v4Iface, appUid, SET_DEFAULT, TAG_NONE,
+ v4Iface, appUid, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO,
30949510,
22401,
1152335,
13805,
0);
final NetworkStats.Entry expectedRootUid = new NetworkStats.Entry(
- baseIface, 0, SET_DEFAULT, TAG_NONE,
+ baseIface, 0, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO,
163577,
187,
17607,
@@ -1014,14 +1016,16 @@
@Test
public void testApply464xlatAdjustments_noStackedIface() {
NetworkStats.Entry firstEntry = new NetworkStats.Entry(
- "if1", 10002, SET_DEFAULT, TAG_NONE,
+ "if1", 10002, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO,
2600 /* rxBytes */,
2 /* rxPackets */,
3800 /* txBytes */,
3 /* txPackets */,
0 /* operations */);
NetworkStats.Entry secondEntry = new NetworkStats.Entry(
- "if2", 10002, SET_DEFAULT, TAG_NONE,
+ "if2", 10002, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO,
5000 /* rxBytes */,
3 /* rxPackets */,
6000 /* txBytes */,
diff --git a/tests/unit/java/android/net/NetworkTemplateTest.kt b/tests/unit/java/android/net/NetworkTemplateTest.kt
index abd1825..6c39169 100644
--- a/tests/unit/java/android/net/NetworkTemplateTest.kt
+++ b/tests/unit/java/android/net/NetworkTemplateTest.kt
@@ -19,7 +19,10 @@
import android.app.usage.NetworkStatsManager.NETWORK_TYPE_5G_NSA
import android.content.Context
import android.net.ConnectivityManager.TYPE_MOBILE
+import android.net.ConnectivityManager.TYPE_TEST
import android.net.ConnectivityManager.TYPE_WIFI
+import android.net.NetworkCapabilities.TRANSPORT_TEST
+import android.net.NetworkCapabilities.TRANSPORT_WIFI
import android.net.NetworkIdentity.OEM_NONE
import android.net.NetworkIdentity.OEM_PAID
import android.net.NetworkIdentity.OEM_PRIVATE
@@ -31,6 +34,7 @@
import android.net.NetworkStats.ROAMING_ALL
import android.net.NetworkTemplate.MATCH_MOBILE
import android.net.NetworkTemplate.MATCH_MOBILE_WILDCARD
+import android.net.NetworkTemplate.MATCH_TEST
import android.net.NetworkTemplate.MATCH_WIFI
import android.net.NetworkTemplate.MATCH_WIFI_WILDCARD
import android.net.NetworkTemplate.NETWORK_TYPE_ALL
@@ -70,7 +74,7 @@
private const val TEST_WIFI_KEY2 = "wifiKey2"
@RunWith(DevSdkIgnoreRunner::class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
class NetworkTemplateTest {
private val mockContext = mock(Context::class.java)
private val mockWifiInfo = mock(WifiInfo::class.java)
@@ -97,6 +101,14 @@
(oemManaged and OEM_PAID) == OEM_PAID)
setCapability(NetworkCapabilities.NET_CAPABILITY_OEM_PRIVATE,
(oemManaged and OEM_PRIVATE) == OEM_PRIVATE)
+ if (type == TYPE_TEST) {
+ wifiKey?.let { TestNetworkSpecifier(it) }?.let {
+ // Must have a single non-test transport specified to use setNetworkSpecifier.
+ // Put an arbitrary transport type which is not used in this test.
+ addTransportType(TRANSPORT_TEST)
+ addTransportType(TRANSPORT_WIFI)
+ setNetworkSpecifier(it) }
+ }
setTransportInfo(mockWifiInfo)
}
return NetworkStateSnapshot(mock(Network::class.java), caps, lp, subscriberId, type)
@@ -233,6 +245,32 @@
}
@Test
+ fun testTestNetworkTemplateMatches() {
+ val templateTestKey1 = NetworkTemplate.Builder(MATCH_TEST)
+ .setWifiNetworkKeys(setOf(TEST_WIFI_KEY1)).build()
+ val templateTestKey2 = NetworkTemplate.Builder(MATCH_TEST)
+ .setWifiNetworkKeys(setOf(TEST_WIFI_KEY2)).build()
+ val templateTestAll = NetworkTemplate.Builder(MATCH_TEST).build()
+
+ val stateWifiKey1 = buildNetworkState(TYPE_WIFI, null /* subscriberId */, TEST_WIFI_KEY1,
+ OEM_NONE, true /* metered */)
+ val stateTestKey1 = buildNetworkState(TYPE_TEST, null /* subscriberId */, TEST_WIFI_KEY1,
+ OEM_NONE, true /* metered */)
+ val identWifi1 = buildNetworkIdentity(mockContext, stateWifiKey1,
+ false /* defaultNetwork */, NetworkTemplate.NETWORK_TYPE_ALL)
+ val identTest1 = buildNetworkIdentity(mockContext, stateTestKey1,
+ false /* defaultNetwork */, NETWORK_TYPE_ALL)
+
+ // Verify that the template matches corresponding type and the subscriberId.
+ templateTestKey1.assertDoesNotMatch(identWifi1)
+ templateTestKey1.assertMatches(identTest1)
+ templateTestKey2.assertDoesNotMatch(identWifi1)
+ templateTestKey2.assertDoesNotMatch(identTest1)
+ templateTestAll.assertDoesNotMatch(identWifi1)
+ templateTestAll.assertMatches(identTest1)
+ }
+
+ @Test
fun testCarrierMeteredMatches() {
val templateCarrierImsi1Metered = buildTemplateCarrierMetered(TEST_IMSI1)
diff --git a/tests/unit/java/android/net/QosSocketFilterTest.java b/tests/unit/java/android/net/QosSocketFilterTest.java
index 91f2cdd..6820b40 100644
--- a/tests/unit/java/android/net/QosSocketFilterTest.java
+++ b/tests/unit/java/android/net/QosSocketFilterTest.java
@@ -16,8 +16,17 @@
package android.net;
-import static junit.framework.Assert.assertFalse;
-import static junit.framework.Assert.assertTrue;
+import static android.net.QosCallbackException.EX_TYPE_FILTER_NONE;
+import static android.net.QosCallbackException.EX_TYPE_FILTER_SOCKET_LOCAL_ADDRESS_CHANGED;
+import static android.net.QosCallbackException.EX_TYPE_FILTER_SOCKET_NOT_BOUND;
+import static android.net.QosCallbackException.EX_TYPE_FILTER_SOCKET_NOT_CONNECTED;
+import static android.net.QosCallbackException.EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED;
+import static android.system.OsConstants.IPPROTO_TCP;
+import static android.system.OsConstants.IPPROTO_UDP;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
import android.os.Build;
@@ -29,6 +38,7 @@
import org.junit.Test;
import org.junit.runner.RunWith;
+import java.net.DatagramSocket;
import java.net.InetAddress;
import java.net.InetSocketAddress;
@@ -36,14 +46,14 @@
@SmallTest
@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
public class QosSocketFilterTest {
-
+ private static final int TEST_NET_ID = 1777;
+ private final Network mNetwork = new Network(TEST_NET_ID);
@Test
public void testPortExactMatch() {
final InetAddress addressA = InetAddresses.parseNumericAddress("1.2.3.4");
final InetAddress addressB = InetAddresses.parseNumericAddress("1.2.3.4");
assertTrue(QosSocketFilter.matchesAddress(
new InetSocketAddress(addressA, 10), addressB, 10, 10));
-
}
@Test
@@ -77,5 +87,90 @@
assertFalse(QosSocketFilter.matchesAddress(
new InetSocketAddress(addressA, 10), addressB, 10, 10));
}
+
+ @Test
+ public void testAddressMatchWithAnyLocalAddresses() {
+ final InetAddress addressA = InetAddresses.parseNumericAddress("1.2.3.4");
+ final InetAddress addressB = InetAddresses.parseNumericAddress("0.0.0.0");
+ assertTrue(QosSocketFilter.matchesAddress(
+ new InetSocketAddress(addressA, 10), addressB, 10, 10));
+ assertFalse(QosSocketFilter.matchesAddress(
+ new InetSocketAddress(addressB, 10), addressA, 10, 10));
+ }
+
+ @Test
+ public void testProtocolMatch() throws Exception {
+ DatagramSocket socket = new DatagramSocket(new InetSocketAddress("127.0.0.1", 0));
+ socket.connect(new InetSocketAddress("127.0.0.1", socket.getLocalPort() + 10));
+ DatagramSocket socketV6 = new DatagramSocket(new InetSocketAddress("::1", 0));
+ socketV6.connect(new InetSocketAddress("::1", socketV6.getLocalPort() + 10));
+ QosSocketInfo socketInfo = new QosSocketInfo(mNetwork, socket);
+ QosSocketFilter socketFilter = new QosSocketFilter(socketInfo);
+ QosSocketInfo socketInfo6 = new QosSocketInfo(mNetwork, socketV6);
+ QosSocketFilter socketFilter6 = new QosSocketFilter(socketInfo6);
+ assertTrue(socketFilter.matchesProtocol(IPPROTO_UDP));
+ assertTrue(socketFilter6.matchesProtocol(IPPROTO_UDP));
+ assertFalse(socketFilter.matchesProtocol(IPPROTO_TCP));
+ assertFalse(socketFilter6.matchesProtocol(IPPROTO_TCP));
+ socket.close();
+ socketV6.close();
+ }
+
+ @Test
+ public void testValidate() throws Exception {
+ DatagramSocket socket = new DatagramSocket(new InetSocketAddress("127.0.0.1", 0));
+ socket.connect(new InetSocketAddress("127.0.0.1", socket.getLocalPort() + 7));
+ DatagramSocket socketV6 = new DatagramSocket(new InetSocketAddress("::1", 0));
+
+ QosSocketInfo socketInfo = new QosSocketInfo(mNetwork, socket);
+ QosSocketFilter socketFilter = new QosSocketFilter(socketInfo);
+ QosSocketInfo socketInfo6 = new QosSocketInfo(mNetwork, socketV6);
+ QosSocketFilter socketFilter6 = new QosSocketFilter(socketInfo6);
+ assertEquals(EX_TYPE_FILTER_NONE, socketFilter.validate());
+ assertEquals(EX_TYPE_FILTER_NONE, socketFilter6.validate());
+ socket.close();
+ socketV6.close();
+ }
+
+ @Test
+ public void testValidateUnbind() throws Exception {
+ DatagramSocket socket;
+ socket = new DatagramSocket(null);
+ QosSocketInfo socketInfo = new QosSocketInfo(mNetwork, socket);
+ QosSocketFilter socketFilter = new QosSocketFilter(socketInfo);
+ assertEquals(EX_TYPE_FILTER_SOCKET_NOT_BOUND, socketFilter.validate());
+ socket.close();
+ }
+
+ @Test
+ public void testValidateLocalAddressChanged() throws Exception {
+ DatagramSocket socket = new DatagramSocket(null);
+ DatagramSocket socket6 = new DatagramSocket(null);
+ QosSocketInfo socketInfo = new QosSocketInfo(mNetwork, socket);
+ QosSocketFilter socketFilter = new QosSocketFilter(socketInfo);
+ QosSocketInfo socketInfo6 = new QosSocketInfo(mNetwork, socket6);
+ QosSocketFilter socketFilter6 = new QosSocketFilter(socketInfo6);
+ socket.bind(new InetSocketAddress("127.0.0.1", 0));
+ socket6.bind(new InetSocketAddress("::1", 0));
+ assertEquals(EX_TYPE_FILTER_SOCKET_LOCAL_ADDRESS_CHANGED, socketFilter.validate());
+ assertEquals(EX_TYPE_FILTER_SOCKET_LOCAL_ADDRESS_CHANGED, socketFilter6.validate());
+ socket.close();
+ socket6.close();
+ }
+
+ @Test
+ public void testValidateRemoteAddressChanged() throws Exception {
+ DatagramSocket socket;
+ socket = new DatagramSocket(new InetSocketAddress("127.0.0.1", 53137));
+ socket.connect(new InetSocketAddress("127.0.0.1", socket.getLocalPort() + 11));
+ QosSocketInfo socketInfo = new QosSocketInfo(mNetwork, socket);
+ QosSocketFilter socketFilter = new QosSocketFilter(socketInfo);
+ assertEquals(EX_TYPE_FILTER_NONE, socketFilter.validate());
+ socket.disconnect();
+ assertEquals(EX_TYPE_FILTER_SOCKET_NOT_CONNECTED, socketFilter.validate());
+ socket.connect(new InetSocketAddress("127.0.0.1", socket.getLocalPort() + 13));
+ assertEquals(EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED, socketFilter.validate());
+ socket.close();
+ }
}
diff --git a/tests/unit/java/android/net/QosSocketInfoTest.java b/tests/unit/java/android/net/QosSocketInfoTest.java
new file mode 100644
index 0000000..749c182
--- /dev/null
+++ b/tests/unit/java/android/net/QosSocketInfoTest.java
@@ -0,0 +1,111 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.net;
+
+import static android.system.OsConstants.SOCK_DGRAM;
+import static android.system.OsConstants.SOCK_STREAM;
+
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
+
+import android.os.Build;
+
+import androidx.test.filters.SmallTest;
+
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+
+import java.net.DatagramSocket;
+import java.net.InetSocketAddress;
+import java.net.ServerSocket;
+import java.net.Socket;
+
+@RunWith(DevSdkIgnoreRunner.class)
+@SmallTest
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+public class QosSocketInfoTest {
+ @Mock
+ private Network mMockNetwork = mock(Network.class);
+
+ @Test
+ public void testConstructWithSock() throws Exception {
+ ServerSocket server = new ServerSocket();
+ ServerSocket server6 = new ServerSocket();
+
+ InetSocketAddress clientAddr = new InetSocketAddress("127.0.0.1", 0);
+ InetSocketAddress serverAddr = new InetSocketAddress("127.0.0.1", 0);
+ InetSocketAddress clientAddr6 = new InetSocketAddress("::1", 0);
+ InetSocketAddress serverAddr6 = new InetSocketAddress("::1", 0);
+ server.bind(serverAddr);
+ server6.bind(serverAddr6);
+ Socket socket = new Socket(serverAddr.getAddress(), server.getLocalPort(),
+ clientAddr.getAddress(), clientAddr.getPort());
+ Socket socket6 = new Socket(serverAddr6.getAddress(), server6.getLocalPort(),
+ clientAddr6.getAddress(), clientAddr6.getPort());
+ QosSocketInfo sockInfo = new QosSocketInfo(mMockNetwork, socket);
+ QosSocketInfo sockInfo6 = new QosSocketInfo(mMockNetwork, socket6);
+ assertTrue(sockInfo.getLocalSocketAddress()
+ .equals(new InetSocketAddress(socket.getLocalAddress(), socket.getLocalPort())));
+ assertTrue(sockInfo.getRemoteSocketAddress()
+ .equals((InetSocketAddress) socket.getRemoteSocketAddress()));
+ assertEquals(SOCK_STREAM, sockInfo.getSocketType());
+ assertTrue(sockInfo6.getLocalSocketAddress()
+ .equals(new InetSocketAddress(socket6.getLocalAddress(), socket6.getLocalPort())));
+ assertTrue(sockInfo6.getRemoteSocketAddress()
+ .equals((InetSocketAddress) socket6.getRemoteSocketAddress()));
+ assertEquals(SOCK_STREAM, sockInfo6.getSocketType());
+ socket.close();
+ socket6.close();
+ server.close();
+ server6.close();
+ }
+
+ @Test
+ public void testConstructWithDatagramSock() throws Exception {
+ InetSocketAddress clientAddr = new InetSocketAddress("127.0.0.1", 0);
+ InetSocketAddress serverAddr = new InetSocketAddress("127.0.0.1", 0);
+ InetSocketAddress clientAddr6 = new InetSocketAddress("::1", 0);
+ InetSocketAddress serverAddr6 = new InetSocketAddress("::1", 0);
+ DatagramSocket socket = new DatagramSocket(null);
+ socket.setReuseAddress(true);
+ socket.bind(clientAddr);
+ socket.connect(serverAddr);
+ DatagramSocket socket6 = new DatagramSocket(null);
+ socket6.setReuseAddress(true);
+ socket6.bind(clientAddr);
+ socket6.connect(serverAddr);
+ QosSocketInfo sockInfo = new QosSocketInfo(mMockNetwork, socket);
+ QosSocketInfo sockInfo6 = new QosSocketInfo(mMockNetwork, socket6);
+ assertTrue(sockInfo.getLocalSocketAddress()
+ .equals((InetSocketAddress) socket.getLocalSocketAddress()));
+ assertTrue(sockInfo.getRemoteSocketAddress()
+ .equals((InetSocketAddress) socket.getRemoteSocketAddress()));
+ assertEquals(SOCK_DGRAM, sockInfo.getSocketType());
+ assertTrue(sockInfo6.getLocalSocketAddress()
+ .equals((InetSocketAddress) socket6.getLocalSocketAddress()));
+ assertTrue(sockInfo6.getRemoteSocketAddress()
+ .equals((InetSocketAddress) socket6.getRemoteSocketAddress()));
+ assertEquals(SOCK_DGRAM, sockInfo6.getSocketType());
+ socket.close();
+ }
+}
diff --git a/tests/unit/java/android/net/nsd/NsdManagerTest.java b/tests/unit/java/android/net/nsd/NsdManagerTest.java
index 30b8fcd..8a4932b 100644
--- a/tests/unit/java/android/net/nsd/NsdManagerTest.java
+++ b/tests/unit/java/android/net/nsd/NsdManagerTest.java
@@ -38,7 +38,7 @@
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRunner;
-import com.android.testutils.ExceptionUtils;
+import com.android.testutils.FunctionalUtils.ThrowingConsumer;
import org.junit.Before;
import org.junit.Rule;
@@ -51,7 +51,7 @@
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class NsdManagerTest {
static final int PROTOCOL = NsdManager.PROTOCOL_DNS_SD;
@@ -81,70 +81,70 @@
}
@Test
- @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testResolveServiceS() throws Exception {
verify(mServiceConn, never()).startDaemon();
doTestResolveService();
}
@Test
- @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testResolveServicePreS() throws Exception {
verify(mServiceConn).startDaemon();
doTestResolveService();
}
@Test
- @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testDiscoverServiceS() throws Exception {
verify(mServiceConn, never()).startDaemon();
doTestDiscoverService();
}
@Test
- @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testDiscoverServicePreS() throws Exception {
verify(mServiceConn).startDaemon();
doTestDiscoverService();
}
@Test
- @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testParallelResolveServiceS() throws Exception {
verify(mServiceConn, never()).startDaemon();
doTestParallelResolveService();
}
@Test
- @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testParallelResolveServicePreS() throws Exception {
verify(mServiceConn).startDaemon();
doTestParallelResolveService();
}
@Test
- @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testInvalidCallsS() throws Exception {
verify(mServiceConn, never()).startDaemon();
doTestInvalidCalls();
}
@Test
- @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testInvalidCallsPreS() throws Exception {
verify(mServiceConn).startDaemon();
doTestInvalidCalls();
}
@Test
- @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testRegisterServiceS() throws Exception {
verify(mServiceConn, never()).startDaemon();
doTestRegisterService();
}
@Test
- @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testRegisterServicePreS() throws Exception {
verify(mServiceConn).startDaemon();
doTestRegisterService();
@@ -396,7 +396,7 @@
}
}
- int getRequestKey(ExceptionUtils.ThrowingConsumer<ArgumentCaptor<Integer>> verifier)
+ int getRequestKey(ThrowingConsumer<ArgumentCaptor<Integer>> verifier)
throws Exception {
final ArgumentCaptor<Integer> captor = ArgumentCaptor.forClass(Integer.class);
verifier.accept(captor);
diff --git a/tests/unit/java/android/net/nsd/NsdServiceInfoTest.java b/tests/unit/java/android/net/nsd/NsdServiceInfoTest.java
index 892e140..64355ed 100644
--- a/tests/unit/java/android/net/nsd/NsdServiceInfoTest.java
+++ b/tests/unit/java/android/net/nsd/NsdServiceInfoTest.java
@@ -42,7 +42,7 @@
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class NsdServiceInfoTest {
public final static InetAddress LOCALHOST;
diff --git a/tests/unit/java/com/android/server/BpfNetMapsTest.java b/tests/unit/java/com/android/server/BpfNetMapsTest.java
index f07a10d..4966aed 100644
--- a/tests/unit/java/com/android/server/BpfNetMapsTest.java
+++ b/tests/unit/java/com/android/server/BpfNetMapsTest.java
@@ -16,53 +16,915 @@
package com.android.server;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_DOZABLE;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_LOW_POWER_STANDBY;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_1;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_2;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_3;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_POWERSAVE;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_RESTRICTED;
+import static android.net.ConnectivityManager.FIREWALL_CHAIN_STANDBY;
+import static android.net.ConnectivityManager.FIREWALL_RULE_ALLOW;
+import static android.net.ConnectivityManager.FIREWALL_RULE_DENY;
import static android.net.INetd.PERMISSION_INTERNET;
+import static android.net.INetd.PERMISSION_NONE;
+import static android.net.INetd.PERMISSION_UNINSTALLED;
+import static android.net.INetd.PERMISSION_UPDATE_DEVICE_STATS;
+import static android.system.OsConstants.EINVAL;
+import static android.system.OsConstants.EPERM;
+import static com.android.server.BpfNetMaps.DOZABLE_MATCH;
+import static com.android.server.BpfNetMaps.HAPPY_BOX_MATCH;
+import static com.android.server.BpfNetMaps.IIF_MATCH;
+import static com.android.server.BpfNetMaps.LOCKDOWN_VPN_MATCH;
+import static com.android.server.BpfNetMaps.NO_MATCH;
+import static com.android.server.BpfNetMaps.PENALTY_BOX_MATCH;
+import static com.android.server.BpfNetMaps.POWERSAVE_MATCH;
+import static com.android.server.BpfNetMaps.RESTRICTED_MATCH;
+import static com.android.server.ConnectivityStatsLog.NETWORK_BPF_MAP_INFO;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
import static org.junit.Assume.assumeFalse;
+import static org.mockito.Mockito.any;
+import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.verify;
+import android.app.StatsManager;
+import android.content.Context;
import android.net.INetd;
import android.os.Build;
+import android.os.ServiceSpecificException;
+import android.system.ErrnoException;
import androidx.test.filters.SmallTest;
import com.android.modules.utils.build.SdkLevel;
+import com.android.net.module.util.IBpfMap;
+import com.android.net.module.util.Struct.S32;
+import com.android.net.module.util.Struct.U32;
+import com.android.net.module.util.Struct.U8;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRule.IgnoreAfter;
+import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
import com.android.testutils.DevSdkIgnoreRunner;
+import com.android.testutils.TestBpfMap;
import org.junit.Before;
+import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
+import java.util.ArrayList;
+import java.util.List;
+
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
public final class BpfNetMapsTest {
private static final String TAG = "BpfNetMapsTest";
+
+ @Rule
+ public final DevSdkIgnoreRule ignoreRule = new DevSdkIgnoreRule();
+
private static final int TEST_UID = 10086;
private static final int[] TEST_UIDS = {10002, 10003};
- private static final String IFNAME = "wlan0";
+ private static final String TEST_IF_NAME = "wlan0";
+ private static final int TEST_IF_INDEX = 7;
+ private static final int NO_IIF = 0;
+ private static final int NULL_IIF = 0;
private static final String CHAINNAME = "fw_dozable";
+ private static final S32 UID_RULES_CONFIGURATION_KEY = new S32(0);
+ private static final S32 CURRENT_STATS_MAP_CONFIGURATION_KEY = new S32(1);
+ private static final List<Integer> FIREWALL_CHAINS = List.of(
+ FIREWALL_CHAIN_DOZABLE,
+ FIREWALL_CHAIN_STANDBY,
+ FIREWALL_CHAIN_POWERSAVE,
+ FIREWALL_CHAIN_RESTRICTED,
+ FIREWALL_CHAIN_LOW_POWER_STANDBY,
+ FIREWALL_CHAIN_OEM_DENY_1,
+ FIREWALL_CHAIN_OEM_DENY_2,
+ FIREWALL_CHAIN_OEM_DENY_3
+ );
+
+ private static final long STATS_SELECT_MAP_A = 0;
+ private static final long STATS_SELECT_MAP_B = 1;
+
private BpfNetMaps mBpfNetMaps;
@Mock INetd mNetd;
+ @Mock BpfNetMaps.Dependencies mDeps;
+ @Mock Context mContext;
+ private final IBpfMap<S32, U32> mConfigurationMap = new TestBpfMap<>(S32.class, U32.class);
+ private final IBpfMap<S32, UidOwnerValue> mUidOwnerMap =
+ new TestBpfMap<>(S32.class, UidOwnerValue.class);
+ private final IBpfMap<S32, U8> mUidPermissionMap = new TestBpfMap<>(S32.class, U8.class);
+ private final IBpfMap<CookieTagMapKey, CookieTagMapValue> mCookieTagMap =
+ spy(new TestBpfMap<>(CookieTagMapKey.class, CookieTagMapValue.class));
@Before
- public void setUp() {
+ public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
- mBpfNetMaps = new BpfNetMaps(mNetd);
+ doReturn(TEST_IF_INDEX).when(mDeps).getIfIndex(TEST_IF_NAME);
+ doReturn(0).when(mDeps).synchronizeKernelRCU();
+ BpfNetMaps.setEnableJavaBpfMapForTest(true /* enable */);
+ BpfNetMaps.setConfigurationMapForTest(mConfigurationMap);
+ BpfNetMaps.setUidOwnerMapForTest(mUidOwnerMap);
+ BpfNetMaps.setUidPermissionMapForTest(mUidPermissionMap);
+ BpfNetMaps.setCookieTagMapForTest(mCookieTagMap);
+ mBpfNetMaps = new BpfNetMaps(mContext, mNetd, mDeps);
}
@Test
public void testBpfNetMapsBeforeT() throws Exception {
assumeFalse(SdkLevel.isAtLeastT());
- mBpfNetMaps.addUidInterfaceRules(IFNAME, TEST_UIDS);
- verify(mNetd).firewallAddUidInterfaceRules(IFNAME, TEST_UIDS);
+ mBpfNetMaps.addUidInterfaceRules(TEST_IF_NAME, TEST_UIDS);
+ verify(mNetd).firewallAddUidInterfaceRules(TEST_IF_NAME, TEST_UIDS);
mBpfNetMaps.removeUidInterfaceRules(TEST_UIDS);
verify(mNetd).firewallRemoveUidInterfaceRules(TEST_UIDS);
mBpfNetMaps.setNetPermForUids(PERMISSION_INTERNET, TEST_UIDS);
verify(mNetd).trafficSetNetPermForUids(PERMISSION_INTERNET, TEST_UIDS);
}
+
+ private long getMatch(final List<Integer> chains) {
+ long match = 0;
+ for (final int chain: chains) {
+ match |= mBpfNetMaps.getMatchByFirewallChain(chain);
+ }
+ return match;
+ }
+
+ private void doTestIsChainEnabled(final List<Integer> enableChains) throws Exception {
+ mConfigurationMap.updateEntry(UID_RULES_CONFIGURATION_KEY, new U32(getMatch(enableChains)));
+
+ for (final int chain: FIREWALL_CHAINS) {
+ final String testCase = "EnabledChains: " + enableChains + " CheckedChain: " + chain;
+ if (enableChains.contains(chain)) {
+ assertTrue("Expected isChainEnabled returns True, " + testCase,
+ mBpfNetMaps.isChainEnabled(chain));
+ } else {
+ assertFalse("Expected isChainEnabled returns False, " + testCase,
+ mBpfNetMaps.isChainEnabled(chain));
+ }
+ }
+ }
+
+ private void doTestIsChainEnabled(final int enableChain) throws Exception {
+ doTestIsChainEnabled(List.of(enableChain));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testIsChainEnabled() throws Exception {
+ doTestIsChainEnabled(FIREWALL_CHAIN_DOZABLE);
+ doTestIsChainEnabled(FIREWALL_CHAIN_STANDBY);
+ doTestIsChainEnabled(FIREWALL_CHAIN_POWERSAVE);
+ doTestIsChainEnabled(FIREWALL_CHAIN_RESTRICTED);
+ doTestIsChainEnabled(FIREWALL_CHAIN_LOW_POWER_STANDBY);
+ doTestIsChainEnabled(FIREWALL_CHAIN_OEM_DENY_1);
+ doTestIsChainEnabled(FIREWALL_CHAIN_OEM_DENY_2);
+ doTestIsChainEnabled(FIREWALL_CHAIN_OEM_DENY_3);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testIsChainEnabledMultipleChainEnabled() throws Exception {
+ doTestIsChainEnabled(List.of(
+ FIREWALL_CHAIN_DOZABLE,
+ FIREWALL_CHAIN_STANDBY));
+ doTestIsChainEnabled(List.of(
+ FIREWALL_CHAIN_DOZABLE,
+ FIREWALL_CHAIN_STANDBY,
+ FIREWALL_CHAIN_POWERSAVE,
+ FIREWALL_CHAIN_RESTRICTED));
+ doTestIsChainEnabled(FIREWALL_CHAINS);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testIsChainEnabledInvalidChain() {
+ final Class<ServiceSpecificException> expected = ServiceSpecificException.class;
+ assertThrows(expected, () -> mBpfNetMaps.isChainEnabled(-1 /* childChain */));
+ assertThrows(expected, () -> mBpfNetMaps.isChainEnabled(1000 /* childChain */));
+ }
+
+ @Test
+ @IgnoreAfter(Build.VERSION_CODES.S_V2)
+ public void testIsChainEnabledBeforeT() {
+ assertThrows(UnsupportedOperationException.class,
+ () -> mBpfNetMaps.isChainEnabled(FIREWALL_CHAIN_DOZABLE));
+ }
+
+ private void doTestSetChildChain(final List<Integer> testChains) throws Exception {
+ long expectedMatch = 0;
+ for (final int chain: testChains) {
+ expectedMatch |= mBpfNetMaps.getMatchByFirewallChain(chain);
+ }
+
+ assertEquals(0, mConfigurationMap.getValue(UID_RULES_CONFIGURATION_KEY).val);
+
+ for (final int chain: testChains) {
+ mBpfNetMaps.setChildChain(chain, true /* enable */);
+ }
+ assertEquals(expectedMatch, mConfigurationMap.getValue(UID_RULES_CONFIGURATION_KEY).val);
+
+ for (final int chain: testChains) {
+ mBpfNetMaps.setChildChain(chain, false /* enable */);
+ }
+ assertEquals(0, mConfigurationMap.getValue(UID_RULES_CONFIGURATION_KEY).val);
+ }
+
+ private void doTestSetChildChain(final int testChain) throws Exception {
+ doTestSetChildChain(List.of(testChain));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetChildChain() throws Exception {
+ mConfigurationMap.updateEntry(UID_RULES_CONFIGURATION_KEY, new U32(0));
+ doTestSetChildChain(FIREWALL_CHAIN_DOZABLE);
+ doTestSetChildChain(FIREWALL_CHAIN_STANDBY);
+ doTestSetChildChain(FIREWALL_CHAIN_POWERSAVE);
+ doTestSetChildChain(FIREWALL_CHAIN_RESTRICTED);
+ doTestSetChildChain(FIREWALL_CHAIN_LOW_POWER_STANDBY);
+ doTestSetChildChain(FIREWALL_CHAIN_OEM_DENY_1);
+ doTestSetChildChain(FIREWALL_CHAIN_OEM_DENY_2);
+ doTestSetChildChain(FIREWALL_CHAIN_OEM_DENY_3);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetChildChainMultipleChain() throws Exception {
+ mConfigurationMap.updateEntry(UID_RULES_CONFIGURATION_KEY, new U32(0));
+ doTestSetChildChain(List.of(
+ FIREWALL_CHAIN_DOZABLE,
+ FIREWALL_CHAIN_STANDBY));
+ doTestSetChildChain(List.of(
+ FIREWALL_CHAIN_DOZABLE,
+ FIREWALL_CHAIN_STANDBY,
+ FIREWALL_CHAIN_POWERSAVE,
+ FIREWALL_CHAIN_RESTRICTED));
+ doTestSetChildChain(FIREWALL_CHAINS);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetChildChainInvalidChain() {
+ final Class<ServiceSpecificException> expected = ServiceSpecificException.class;
+ assertThrows(expected,
+ () -> mBpfNetMaps.setChildChain(-1 /* childChain */, true /* enable */));
+ assertThrows(expected,
+ () -> mBpfNetMaps.setChildChain(1000 /* childChain */, true /* enable */));
+ }
+
+ @Test
+ @IgnoreAfter(Build.VERSION_CODES.S_V2)
+ public void testSetChildChainBeforeT() {
+ assertThrows(UnsupportedOperationException.class,
+ () -> mBpfNetMaps.setChildChain(FIREWALL_CHAIN_DOZABLE, true /* enable */));
+ }
+
+ private void checkUidOwnerValue(final int uid, final int expectedIif,
+ final long expectedMatch) throws Exception {
+ final UidOwnerValue config = mUidOwnerMap.getValue(new S32(uid));
+ if (expectedMatch == 0) {
+ assertNull(config);
+ } else {
+ assertEquals(expectedIif, config.iif);
+ assertEquals(expectedMatch, config.rule);
+ }
+ }
+
+ private void doTestRemoveNaughtyApp(final int iif, final long match) throws Exception {
+ mUidOwnerMap.updateEntry(new S32(TEST_UID), new UidOwnerValue(iif, match));
+
+ mBpfNetMaps.removeNaughtyApp(TEST_UID);
+
+ checkUidOwnerValue(TEST_UID, iif, match & ~PENALTY_BOX_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testRemoveNaughtyApp() throws Exception {
+ doTestRemoveNaughtyApp(NO_IIF, PENALTY_BOX_MATCH);
+
+ // PENALTY_BOX_MATCH with other matches
+ doTestRemoveNaughtyApp(NO_IIF, PENALTY_BOX_MATCH | DOZABLE_MATCH | POWERSAVE_MATCH);
+
+ // PENALTY_BOX_MATCH with IIF_MATCH
+ doTestRemoveNaughtyApp(TEST_IF_INDEX, PENALTY_BOX_MATCH | IIF_MATCH);
+
+ // PENALTY_BOX_MATCH is not enabled
+ doTestRemoveNaughtyApp(NO_IIF, DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testRemoveNaughtyAppMissingUid() {
+ // UidOwnerMap does not have entry for TEST_UID
+ assertThrows(ServiceSpecificException.class,
+ () -> mBpfNetMaps.removeNaughtyApp(TEST_UID));
+ }
+
+ @Test
+ @IgnoreAfter(Build.VERSION_CODES.S_V2)
+ public void testRemoveNaughtyAppBeforeT() {
+ assertThrows(UnsupportedOperationException.class,
+ () -> mBpfNetMaps.removeNaughtyApp(TEST_UID));
+ }
+
+ private void doTestAddNaughtyApp(final int iif, final long match) throws Exception {
+ if (match != NO_MATCH) {
+ mUidOwnerMap.updateEntry(new S32(TEST_UID), new UidOwnerValue(iif, match));
+ }
+
+ mBpfNetMaps.addNaughtyApp(TEST_UID);
+
+ checkUidOwnerValue(TEST_UID, iif, match | PENALTY_BOX_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testAddNaughtyApp() throws Exception {
+ doTestAddNaughtyApp(NO_IIF, NO_MATCH);
+
+ // Other matches are enabled
+ doTestAddNaughtyApp(NO_IIF, DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH);
+
+ // IIF_MATCH is enabled
+ doTestAddNaughtyApp(TEST_IF_INDEX, IIF_MATCH);
+
+ // PENALTY_BOX_MATCH is already enabled
+ doTestAddNaughtyApp(NO_IIF, PENALTY_BOX_MATCH | DOZABLE_MATCH);
+ }
+
+ @Test
+ @IgnoreAfter(Build.VERSION_CODES.S_V2)
+ public void testAddNaughtyAppBeforeT() {
+ assertThrows(UnsupportedOperationException.class,
+ () -> mBpfNetMaps.addNaughtyApp(TEST_UID));
+ }
+
+ private void doTestRemoveNiceApp(final int iif, final long match) throws Exception {
+ mUidOwnerMap.updateEntry(new S32(TEST_UID), new UidOwnerValue(iif, match));
+
+ mBpfNetMaps.removeNiceApp(TEST_UID);
+
+ checkUidOwnerValue(TEST_UID, iif, match & ~HAPPY_BOX_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testRemoveNiceApp() throws Exception {
+ doTestRemoveNiceApp(NO_IIF, HAPPY_BOX_MATCH);
+
+ // HAPPY_BOX_MATCH with other matches
+ doTestRemoveNiceApp(NO_IIF, HAPPY_BOX_MATCH | DOZABLE_MATCH | POWERSAVE_MATCH);
+
+ // HAPPY_BOX_MATCH with IIF_MATCH
+ doTestRemoveNiceApp(TEST_IF_INDEX, HAPPY_BOX_MATCH | IIF_MATCH);
+
+ // HAPPY_BOX_MATCH is not enabled
+ doTestRemoveNiceApp(NO_IIF, DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testRemoveNiceAppMissingUid() {
+ // UidOwnerMap does not have entry for TEST_UID
+ assertThrows(ServiceSpecificException.class,
+ () -> mBpfNetMaps.removeNiceApp(TEST_UID));
+ }
+
+ @Test
+ @IgnoreAfter(Build.VERSION_CODES.S_V2)
+ public void testRemoveNiceAppBeforeT() {
+ assertThrows(UnsupportedOperationException.class,
+ () -> mBpfNetMaps.removeNiceApp(TEST_UID));
+ }
+
+ private void doTestAddNiceApp(final int iif, final long match) throws Exception {
+ if (match != NO_MATCH) {
+ mUidOwnerMap.updateEntry(new S32(TEST_UID), new UidOwnerValue(iif, match));
+ }
+
+ mBpfNetMaps.addNiceApp(TEST_UID);
+
+ checkUidOwnerValue(TEST_UID, iif, match | HAPPY_BOX_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testAddNiceApp() throws Exception {
+ doTestAddNiceApp(NO_IIF, NO_MATCH);
+
+ // Other matches are enabled
+ doTestAddNiceApp(NO_IIF, DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH);
+
+ // IIF_MATCH is enabled
+ doTestAddNiceApp(TEST_IF_INDEX, IIF_MATCH);
+
+ // HAPPY_BOX_MATCH is already enabled
+ doTestAddNiceApp(NO_IIF, HAPPY_BOX_MATCH | DOZABLE_MATCH);
+ }
+
+ @Test
+ @IgnoreAfter(Build.VERSION_CODES.S_V2)
+ public void testAddNiceAppBeforeT() {
+ assertThrows(UnsupportedOperationException.class,
+ () -> mBpfNetMaps.addNiceApp(TEST_UID));
+ }
+
+ private void doTestUpdateUidLockdownRule(final int iif, final long match, final boolean add)
+ throws Exception {
+ if (match != NO_MATCH) {
+ mUidOwnerMap.updateEntry(new S32(TEST_UID), new UidOwnerValue(iif, match));
+ }
+
+ mBpfNetMaps.updateUidLockdownRule(TEST_UID, add);
+
+ final long expectedMatch = add ? match | LOCKDOWN_VPN_MATCH : match & ~LOCKDOWN_VPN_MATCH;
+ checkUidOwnerValue(TEST_UID, iif, expectedMatch);
+ }
+
+ private static final boolean ADD = true;
+ private static final boolean REMOVE = false;
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testUpdateUidLockdownRuleAddLockdown() throws Exception {
+ doTestUpdateUidLockdownRule(NO_IIF, NO_MATCH, ADD);
+
+ // Other matches are enabled
+ doTestUpdateUidLockdownRule(
+ NO_IIF, DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH, ADD);
+
+ // IIF_MATCH is enabled
+ doTestUpdateUidLockdownRule(TEST_IF_INDEX, DOZABLE_MATCH, ADD);
+
+ // LOCKDOWN_VPN_MATCH is already enabled
+ doTestUpdateUidLockdownRule(NO_IIF, LOCKDOWN_VPN_MATCH | DOZABLE_MATCH, ADD);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testUpdateUidLockdownRuleRemoveLockdown() throws Exception {
+ doTestUpdateUidLockdownRule(NO_IIF, LOCKDOWN_VPN_MATCH, REMOVE);
+
+ // LOCKDOWN_VPN_MATCH with other matches
+ doTestUpdateUidLockdownRule(
+ NO_IIF, LOCKDOWN_VPN_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH, REMOVE);
+
+ // LOCKDOWN_VPN_MATCH with IIF_MATCH
+ doTestUpdateUidLockdownRule(TEST_IF_INDEX, LOCKDOWN_VPN_MATCH | IIF_MATCH, REMOVE);
+
+ // LOCKDOWN_VPN_MATCH is not enabled
+ doTestUpdateUidLockdownRule(NO_IIF, POWERSAVE_MATCH | RESTRICTED_MATCH, REMOVE);
+ }
+
+ @Test
+ @IgnoreAfter(Build.VERSION_CODES.S_V2)
+ public void testUpdateUidLockdownRuleBeforeT() {
+ assertThrows(UnsupportedOperationException.class,
+ () -> mBpfNetMaps.updateUidLockdownRule(TEST_UID, true /* add */));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testAddUidInterfaceRules() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+
+ mBpfNetMaps.addUidInterfaceRules(TEST_IF_NAME, TEST_UIDS);
+
+ checkUidOwnerValue(uid0, TEST_IF_INDEX, IIF_MATCH);
+ checkUidOwnerValue(uid1, TEST_IF_INDEX, IIF_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testAddUidInterfaceRulesWithOtherMatch() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ final long match0 = DOZABLE_MATCH;
+ final long match1 = DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH;
+ mUidOwnerMap.updateEntry(new S32(uid0), new UidOwnerValue(NO_IIF, match0));
+ mUidOwnerMap.updateEntry(new S32(uid1), new UidOwnerValue(NO_IIF, match1));
+
+ mBpfNetMaps.addUidInterfaceRules(TEST_IF_NAME, TEST_UIDS);
+
+ checkUidOwnerValue(uid0, TEST_IF_INDEX, match0 | IIF_MATCH);
+ checkUidOwnerValue(uid1, TEST_IF_INDEX, match1 | IIF_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testAddUidInterfaceRulesWithExistingIifMatch() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ final long match0 = IIF_MATCH;
+ final long match1 = IIF_MATCH | DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH;
+ mUidOwnerMap.updateEntry(new S32(uid0), new UidOwnerValue(TEST_IF_INDEX + 1, match0));
+ mUidOwnerMap.updateEntry(new S32(uid1), new UidOwnerValue(NULL_IIF, match1));
+
+ mBpfNetMaps.addUidInterfaceRules(TEST_IF_NAME, TEST_UIDS);
+
+ checkUidOwnerValue(uid0, TEST_IF_INDEX, match0);
+ checkUidOwnerValue(uid1, TEST_IF_INDEX, match1);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testAddUidInterfaceRulesGetIfIndexFail() {
+ doReturn(0).when(mDeps).getIfIndex(TEST_IF_NAME);
+ assertThrows(ServiceSpecificException.class,
+ () -> mBpfNetMaps.addUidInterfaceRules(TEST_IF_NAME, TEST_UIDS));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testAddUidInterfaceRulesWithNullInterface() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ final long match0 = IIF_MATCH;
+ final long match1 = IIF_MATCH | DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH;
+ mUidOwnerMap.updateEntry(new S32(uid0), new UidOwnerValue(TEST_IF_INDEX, match0));
+ mUidOwnerMap.updateEntry(new S32(uid1), new UidOwnerValue(NULL_IIF, match1));
+
+ mBpfNetMaps.addUidInterfaceRules(null /* ifName */, TEST_UIDS);
+
+ checkUidOwnerValue(uid0, NULL_IIF, match0);
+ checkUidOwnerValue(uid1, NULL_IIF, match1);
+ }
+
+ private void doTestRemoveUidInterfaceRules(final int iif0, final long match0,
+ final int iif1, final long match1) throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ mUidOwnerMap.updateEntry(new S32(uid0), new UidOwnerValue(iif0, match0));
+ mUidOwnerMap.updateEntry(new S32(uid1), new UidOwnerValue(iif1, match1));
+
+ mBpfNetMaps.removeUidInterfaceRules(TEST_UIDS);
+
+ checkUidOwnerValue(uid0, NO_IIF, match0 & ~IIF_MATCH);
+ checkUidOwnerValue(uid1, NO_IIF, match1 & ~IIF_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testRemoveUidInterfaceRules() throws Exception {
+ doTestRemoveUidInterfaceRules(TEST_IF_INDEX, IIF_MATCH, NULL_IIF, IIF_MATCH);
+
+ // IIF_MATCH and other matches are enabled
+ doTestRemoveUidInterfaceRules(TEST_IF_INDEX, IIF_MATCH | DOZABLE_MATCH,
+ NULL_IIF, IIF_MATCH | DOZABLE_MATCH | RESTRICTED_MATCH);
+
+ // IIF_MATCH is not enabled
+ doTestRemoveUidInterfaceRules(NO_IIF, DOZABLE_MATCH,
+ NO_IIF, DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH);
+ }
+
+ private void doTestSetUidRule(final List<Integer> testChains) throws Exception {
+ mUidOwnerMap.updateEntry(new S32(TEST_UID), new UidOwnerValue(TEST_IF_INDEX, IIF_MATCH));
+
+ for (final int chain: testChains) {
+ final int ruleToAddMatch = mBpfNetMaps.isFirewallAllowList(chain)
+ ? FIREWALL_RULE_ALLOW : FIREWALL_RULE_DENY;
+ mBpfNetMaps.setUidRule(chain, TEST_UID, ruleToAddMatch);
+ }
+
+ checkUidOwnerValue(TEST_UID, TEST_IF_INDEX, IIF_MATCH | getMatch(testChains));
+
+ for (final int chain: testChains) {
+ final int ruleToRemoveMatch = mBpfNetMaps.isFirewallAllowList(chain)
+ ? FIREWALL_RULE_DENY : FIREWALL_RULE_ALLOW;
+ mBpfNetMaps.setUidRule(chain, TEST_UID, ruleToRemoveMatch);
+ }
+
+ checkUidOwnerValue(TEST_UID, TEST_IF_INDEX, IIF_MATCH);
+ }
+
+ private void doTestSetUidRule(final int testChain) throws Exception {
+ doTestSetUidRule(List.of(testChain));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetUidRule() throws Exception {
+ doTestSetUidRule(FIREWALL_CHAIN_DOZABLE);
+ doTestSetUidRule(FIREWALL_CHAIN_STANDBY);
+ doTestSetUidRule(FIREWALL_CHAIN_POWERSAVE);
+ doTestSetUidRule(FIREWALL_CHAIN_RESTRICTED);
+ doTestSetUidRule(FIREWALL_CHAIN_LOW_POWER_STANDBY);
+ doTestSetUidRule(FIREWALL_CHAIN_OEM_DENY_1);
+ doTestSetUidRule(FIREWALL_CHAIN_OEM_DENY_2);
+ doTestSetUidRule(FIREWALL_CHAIN_OEM_DENY_3);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetUidRuleMultipleChain() throws Exception {
+ doTestSetUidRule(List.of(
+ FIREWALL_CHAIN_DOZABLE,
+ FIREWALL_CHAIN_STANDBY));
+ doTestSetUidRule(List.of(
+ FIREWALL_CHAIN_DOZABLE,
+ FIREWALL_CHAIN_STANDBY,
+ FIREWALL_CHAIN_POWERSAVE,
+ FIREWALL_CHAIN_RESTRICTED));
+ doTestSetUidRule(FIREWALL_CHAINS);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetUidRuleRemoveRuleFromUidWithNoRule() {
+ final Class<ServiceSpecificException> expected = ServiceSpecificException.class;
+ assertThrows(expected,
+ () -> mBpfNetMaps.setUidRule(FIREWALL_CHAIN_DOZABLE, TEST_UID, FIREWALL_RULE_DENY));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetUidRuleInvalidChain() {
+ final Class<ServiceSpecificException> expected = ServiceSpecificException.class;
+ assertThrows(expected,
+ () -> mBpfNetMaps.setUidRule(-1 /* childChain */, TEST_UID, FIREWALL_RULE_ALLOW));
+ assertThrows(expected,
+ () -> mBpfNetMaps.setUidRule(1000 /* childChain */, TEST_UID, FIREWALL_RULE_ALLOW));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetUidRuleInvalidRule() {
+ final Class<ServiceSpecificException> expected = ServiceSpecificException.class;
+ assertThrows(expected, () ->
+ mBpfNetMaps.setUidRule(FIREWALL_CHAIN_DOZABLE, TEST_UID, -1 /* firewallRule */));
+ assertThrows(expected, () ->
+ mBpfNetMaps.setUidRule(FIREWALL_CHAIN_DOZABLE, TEST_UID, 1000 /* firewallRule */));
+ }
+
+ @Test
+ @IgnoreAfter(Build.VERSION_CODES.S_V2)
+ public void testSetUidRuleBeforeT() {
+ assertThrows(UnsupportedOperationException.class, () ->
+ mBpfNetMaps.setUidRule(FIREWALL_CHAIN_DOZABLE, TEST_UID, FIREWALL_RULE_ALLOW));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testReplaceUidChain() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+
+ mBpfNetMaps.replaceUidChain(FIREWALL_CHAIN_DOZABLE, TEST_UIDS);
+
+ checkUidOwnerValue(uid0, NO_IIF, DOZABLE_MATCH);
+ checkUidOwnerValue(uid1, NO_IIF, DOZABLE_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testReplaceUidChainWithOtherMatch() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ final long match0 = POWERSAVE_MATCH;
+ final long match1 = POWERSAVE_MATCH | RESTRICTED_MATCH;
+ mUidOwnerMap.updateEntry(new S32(uid0), new UidOwnerValue(NO_IIF, match0));
+ mUidOwnerMap.updateEntry(new S32(uid1), new UidOwnerValue(NO_IIF, match1));
+
+ mBpfNetMaps.replaceUidChain(FIREWALL_CHAIN_DOZABLE, new int[]{uid1});
+
+ checkUidOwnerValue(uid0, NO_IIF, match0);
+ checkUidOwnerValue(uid1, NO_IIF, match1 | DOZABLE_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testReplaceUidChainWithExistingIifMatch() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ final long match0 = IIF_MATCH;
+ final long match1 = IIF_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH;
+ mUidOwnerMap.updateEntry(new S32(uid0), new UidOwnerValue(TEST_IF_INDEX, match0));
+ mUidOwnerMap.updateEntry(new S32(uid1), new UidOwnerValue(NULL_IIF, match1));
+
+ mBpfNetMaps.replaceUidChain(FIREWALL_CHAIN_DOZABLE, TEST_UIDS);
+
+ checkUidOwnerValue(uid0, TEST_IF_INDEX, match0 | DOZABLE_MATCH);
+ checkUidOwnerValue(uid1, NULL_IIF, match1 | DOZABLE_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testReplaceUidChainRemoveExistingMatch() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ final long match0 = IIF_MATCH | DOZABLE_MATCH;
+ final long match1 = IIF_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH;
+ mUidOwnerMap.updateEntry(new S32(uid0), new UidOwnerValue(TEST_IF_INDEX, match0));
+ mUidOwnerMap.updateEntry(new S32(uid1), new UidOwnerValue(NULL_IIF, match1));
+
+ mBpfNetMaps.replaceUidChain(FIREWALL_CHAIN_DOZABLE, new int[]{uid1});
+
+ checkUidOwnerValue(uid0, TEST_IF_INDEX, match0 & ~DOZABLE_MATCH);
+ checkUidOwnerValue(uid1, NULL_IIF, match1 | DOZABLE_MATCH);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testReplaceUidChainInvalidChain() {
+ final Class<IllegalArgumentException> expected = IllegalArgumentException.class;
+ assertThrows(expected, () -> mBpfNetMaps.replaceUidChain(-1 /* chain */, TEST_UIDS));
+ assertThrows(expected, () -> mBpfNetMaps.replaceUidChain(1000 /* chain */, TEST_UIDS));
+ }
+
+ @Test
+ @IgnoreAfter(Build.VERSION_CODES.S_V2)
+ public void testReplaceUidChainBeforeT() {
+ assertThrows(UnsupportedOperationException.class,
+ () -> mBpfNetMaps.replaceUidChain(FIREWALL_CHAIN_DOZABLE, TEST_UIDS));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetNetPermForUidsGrantInternetPermission() throws Exception {
+ mBpfNetMaps.setNetPermForUids(PERMISSION_INTERNET, TEST_UIDS);
+
+ assertTrue(mUidPermissionMap.isEmpty());
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetNetPermForUidsGrantUpdateStatsPermission() throws Exception {
+ mBpfNetMaps.setNetPermForUids(PERMISSION_UPDATE_DEVICE_STATS, TEST_UIDS);
+
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ assertEquals(PERMISSION_UPDATE_DEVICE_STATS, mUidPermissionMap.getValue(new S32(uid0)).val);
+ assertEquals(PERMISSION_UPDATE_DEVICE_STATS, mUidPermissionMap.getValue(new S32(uid1)).val);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetNetPermForUidsGrantMultiplePermissions() throws Exception {
+ final int permission = PERMISSION_INTERNET | PERMISSION_UPDATE_DEVICE_STATS;
+ mBpfNetMaps.setNetPermForUids(permission, TEST_UIDS);
+
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ assertEquals(permission, mUidPermissionMap.getValue(new S32(uid0)).val);
+ assertEquals(permission, mUidPermissionMap.getValue(new S32(uid1)).val);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetNetPermForUidsRevokeInternetPermission() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ mBpfNetMaps.setNetPermForUids(PERMISSION_INTERNET, TEST_UIDS);
+ mBpfNetMaps.setNetPermForUids(PERMISSION_NONE, new int[]{uid0});
+
+ assertEquals(PERMISSION_NONE, mUidPermissionMap.getValue(new S32(uid0)).val);
+ assertNull(mUidPermissionMap.getValue(new S32(uid1)));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetNetPermForUidsRevokeUpdateDeviceStatsPermission() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ mBpfNetMaps.setNetPermForUids(PERMISSION_UPDATE_DEVICE_STATS, TEST_UIDS);
+ mBpfNetMaps.setNetPermForUids(PERMISSION_NONE, new int[]{uid0});
+
+ assertEquals(PERMISSION_NONE, mUidPermissionMap.getValue(new S32(uid0)).val);
+ assertEquals(PERMISSION_UPDATE_DEVICE_STATS, mUidPermissionMap.getValue(new S32(uid1)).val);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetNetPermForUidsRevokeMultiplePermissions() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ final int permission = PERMISSION_INTERNET | PERMISSION_UPDATE_DEVICE_STATS;
+ mBpfNetMaps.setNetPermForUids(permission, TEST_UIDS);
+ mBpfNetMaps.setNetPermForUids(PERMISSION_NONE, new int[]{uid0});
+
+ assertEquals(PERMISSION_NONE, mUidPermissionMap.getValue(new S32(uid0)).val);
+ assertEquals(permission, mUidPermissionMap.getValue(new S32(uid1)).val);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetNetPermForUidsPermissionUninstalled() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ final int permission = PERMISSION_INTERNET | PERMISSION_UPDATE_DEVICE_STATS;
+ mBpfNetMaps.setNetPermForUids(permission, TEST_UIDS);
+ mBpfNetMaps.setNetPermForUids(PERMISSION_UNINSTALLED, new int[]{uid0});
+
+ assertNull(mUidPermissionMap.getValue(new S32(uid0)));
+ assertEquals(permission, mUidPermissionMap.getValue(new S32(uid1)).val);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSetNetPermForUidsDuplicatedRequestSilentlyIgnored() throws Exception {
+ final int uid0 = TEST_UIDS[0];
+ final int uid1 = TEST_UIDS[1];
+ final int permission = PERMISSION_INTERNET | PERMISSION_UPDATE_DEVICE_STATS;
+
+ mBpfNetMaps.setNetPermForUids(permission, TEST_UIDS);
+ assertEquals(permission, mUidPermissionMap.getValue(new S32(uid0)).val);
+ assertEquals(permission, mUidPermissionMap.getValue(new S32(uid1)).val);
+
+ mBpfNetMaps.setNetPermForUids(permission, TEST_UIDS);
+ assertEquals(permission, mUidPermissionMap.getValue(new S32(uid0)).val);
+ assertEquals(permission, mUidPermissionMap.getValue(new S32(uid1)).val);
+
+ mBpfNetMaps.setNetPermForUids(PERMISSION_NONE, TEST_UIDS);
+ assertEquals(PERMISSION_NONE, mUidPermissionMap.getValue(new S32(uid0)).val);
+ assertEquals(PERMISSION_NONE, mUidPermissionMap.getValue(new S32(uid1)).val);
+
+ mBpfNetMaps.setNetPermForUids(PERMISSION_NONE, TEST_UIDS);
+ assertEquals(PERMISSION_NONE, mUidPermissionMap.getValue(new S32(uid0)).val);
+ assertEquals(PERMISSION_NONE, mUidPermissionMap.getValue(new S32(uid1)).val);
+
+ mBpfNetMaps.setNetPermForUids(PERMISSION_UNINSTALLED, TEST_UIDS);
+ assertNull(mUidPermissionMap.getValue(new S32(uid0)));
+ assertNull(mUidPermissionMap.getValue(new S32(uid1)));
+
+ mBpfNetMaps.setNetPermForUids(PERMISSION_UNINSTALLED, TEST_UIDS);
+ assertNull(mUidPermissionMap.getValue(new S32(uid0)));
+ assertNull(mUidPermissionMap.getValue(new S32(uid1)));
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSwapActiveStatsMap() throws Exception {
+ mConfigurationMap.updateEntry(
+ CURRENT_STATS_MAP_CONFIGURATION_KEY, new U32(STATS_SELECT_MAP_A));
+
+ mBpfNetMaps.swapActiveStatsMap();
+ assertEquals(STATS_SELECT_MAP_B,
+ mConfigurationMap.getValue(CURRENT_STATS_MAP_CONFIGURATION_KEY).val);
+
+ mBpfNetMaps.swapActiveStatsMap();
+ assertEquals(STATS_SELECT_MAP_A,
+ mConfigurationMap.getValue(CURRENT_STATS_MAP_CONFIGURATION_KEY).val);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testSwapActiveStatsMapSynchronizeKernelRCUFail() throws Exception {
+ doReturn(EPERM).when(mDeps).synchronizeKernelRCU();
+ mConfigurationMap.updateEntry(
+ CURRENT_STATS_MAP_CONFIGURATION_KEY, new U32(STATS_SELECT_MAP_A));
+
+ assertThrows(ServiceSpecificException.class, () -> mBpfNetMaps.swapActiveStatsMap());
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testPullBpfMapInfo() throws Exception {
+ // mCookieTagMap has 1 entry
+ mCookieTagMap.updateEntry(new CookieTagMapKey(0), new CookieTagMapValue(0, 0));
+
+ // mUidOwnerMap has 2 entries
+ mUidOwnerMap.updateEntry(new S32(0), new UidOwnerValue(0, 0));
+ mUidOwnerMap.updateEntry(new S32(1), new UidOwnerValue(0, 0));
+
+ // mUidPermissionMap has 3 entries
+ mUidPermissionMap.updateEntry(new S32(0), new U8((short) 0));
+ mUidPermissionMap.updateEntry(new S32(1), new U8((short) 0));
+ mUidPermissionMap.updateEntry(new S32(2), new U8((short) 0));
+
+ final int ret = mBpfNetMaps.pullBpfMapInfoAtom(NETWORK_BPF_MAP_INFO, new ArrayList<>());
+ assertEquals(StatsManager.PULL_SUCCESS, ret);
+ verify(mDeps).buildStatsEvent(
+ 1 /* cookieTagMapSize */, 2 /* uidOwnerMapSize */, 3 /* uidPermissionMapSize */);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testPullBpfMapInfoGetMapSizeFailure() throws Exception {
+ doThrow(new ErrnoException("", EINVAL)).when(mCookieTagMap).forEach(any());
+ final int ret = mBpfNetMaps.pullBpfMapInfoAtom(NETWORK_BPF_MAP_INFO, new ArrayList<>());
+ assertEquals(StatsManager.PULL_SKIP, ret);
+ }
+
+ @Test
+ @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+ public void testPullBpfMapInfoUnexpectedAtomTag() {
+ final int ret = mBpfNetMaps.pullBpfMapInfoAtom(-1 /* atomTag */, new ArrayList<>());
+ assertEquals(StatsManager.PULL_SKIP, ret);
+ }
}
diff --git a/tests/unit/java/com/android/server/ConnectivityServiceTest.java b/tests/unit/java/com/android/server/ConnectivityServiceTest.java
old mode 100644
new mode 100755
index b9a18ab..7993a5c
--- a/tests/unit/java/com/android/server/ConnectivityServiceTest.java
+++ b/tests/unit/java/com/android/server/ConnectivityServiceTest.java
@@ -35,7 +35,6 @@
import static android.content.Intent.ACTION_PACKAGE_REPLACED;
import static android.content.Intent.ACTION_USER_ADDED;
import static android.content.Intent.ACTION_USER_REMOVED;
-import static android.content.Intent.ACTION_USER_UNLOCKED;
import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_GRANTED;
import static android.content.pm.PackageManager.FEATURE_ETHERNET;
import static android.content.pm.PackageManager.FEATURE_WIFI;
@@ -53,7 +52,6 @@
import static android.net.ConnectivityManager.EXTRA_NETWORK_INFO;
import static android.net.ConnectivityManager.EXTRA_NETWORK_TYPE;
import static android.net.ConnectivityManager.FIREWALL_CHAIN_DOZABLE;
-import static android.net.ConnectivityManager.FIREWALL_CHAIN_LOCKDOWN_VPN;
import static android.net.ConnectivityManager.FIREWALL_CHAIN_LOW_POWER_STANDBY;
import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_1;
import static android.net.ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_2;
@@ -153,12 +151,14 @@
import static com.android.server.ConnectivityService.PREFERENCE_ORDER_PROFILE;
import static com.android.server.ConnectivityService.PREFERENCE_ORDER_VPN;
import static com.android.server.ConnectivityServiceTestUtils.transportToLegacyType;
+import static com.android.server.NetworkAgentWrapper.CallbackType.OnQosCallbackRegister;
+import static com.android.server.NetworkAgentWrapper.CallbackType.OnQosCallbackUnregister;
import static com.android.testutils.ConcurrentUtils.await;
import static com.android.testutils.ConcurrentUtils.durationOf;
import static com.android.testutils.DevSdkIgnoreRule.IgnoreAfter;
import static com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
-import static com.android.testutils.ExceptionUtils.ignoreExceptions;
+import static com.android.testutils.FunctionalUtils.ignoreExceptions;
import static com.android.testutils.HandlerUtils.waitForIdleSerialExecutor;
import static com.android.testutils.MiscAsserts.assertContainsAll;
import static com.android.testutils.MiscAsserts.assertContainsExactly;
@@ -241,6 +241,7 @@
import android.net.ConnectivityThread;
import android.net.DataStallReportParcelable;
import android.net.EthernetManager;
+import android.net.EthernetNetworkSpecifier;
import android.net.IConnectivityDiagnosticsCallback;
import android.net.IDnsResolver;
import android.net.INetd;
@@ -300,9 +301,7 @@
import android.net.networkstack.NetworkStackClientBase;
import android.net.resolv.aidl.Nat64PrefixEventParcel;
import android.net.resolv.aidl.PrivateDnsValidationEventParcel;
-import android.net.shared.NetworkMonitorUtils;
import android.net.shared.PrivateDnsConfig;
-import android.net.util.MultinetworkPolicyTracker;
import android.net.wifi.WifiInfo;
import android.os.BadParcelableException;
import android.os.BatteryStatsManager;
@@ -356,27 +355,33 @@
import com.android.net.module.util.ArrayTrackRecord;
import com.android.net.module.util.CollectionUtils;
import com.android.net.module.util.LocationPermissionChecker;
+import com.android.net.module.util.NetworkMonitorUtils;
+import com.android.networkstack.apishim.ConstantsShim;
import com.android.networkstack.apishim.NetworkAgentConfigShimImpl;
-import com.android.networkstack.apishim.api29.ConstantsShim;
import com.android.server.ConnectivityService.ConnectivityDiagnosticsCallbackInfo;
import com.android.server.ConnectivityService.NetworkRequestInfo;
import com.android.server.ConnectivityServiceTest.ConnectivityServiceDependencies.ReportedInterfaces;
import com.android.server.connectivity.CarrierPrivilegeAuthenticator;
import com.android.server.connectivity.ClatCoordinator;
import com.android.server.connectivity.ConnectivityFlags;
-import com.android.server.connectivity.MockableSystemProperties;
+import com.android.server.connectivity.MultinetworkPolicyTracker;
+import com.android.server.connectivity.MultinetworkPolicyTrackerTestDependencies;
import com.android.server.connectivity.Nat464Xlat;
import com.android.server.connectivity.NetworkAgentInfo;
+import com.android.server.connectivity.NetworkNotificationManager;
import com.android.server.connectivity.NetworkNotificationManager.NotificationType;
import com.android.server.connectivity.ProxyTracker;
import com.android.server.connectivity.QosCallbackTracker;
import com.android.server.connectivity.UidRangeUtils;
import com.android.server.connectivity.Vpn;
import com.android.server.connectivity.VpnProfileStore;
+import com.android.server.net.LockdownVpnTracker;
import com.android.server.net.NetworkPinner;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRunner;
-import com.android.testutils.ExceptionUtils;
+import com.android.testutils.FunctionalUtils.Function3;
+import com.android.testutils.FunctionalUtils.ThrowingConsumer;
+import com.android.testutils.FunctionalUtils.ThrowingRunnable;
import com.android.testutils.HandlerUtils;
import com.android.testutils.RecorderCallback.CallbackEntry;
import com.android.testutils.TestableNetworkCallback;
@@ -429,6 +434,7 @@
import java.util.concurrent.TimeoutException;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicReference;
+import java.util.function.Consumer;
import java.util.function.Predicate;
import java.util.function.Supplier;
import java.util.regex.Matcher;
@@ -517,7 +523,6 @@
private MockContext mServiceContext;
private HandlerThread mCsHandlerThread;
- private HandlerThread mVMSHandlerThread;
private ConnectivityServiceDependencies mDeps;
private ConnectivityService mService;
private WrappedConnectivityManager mCm;
@@ -533,7 +538,6 @@
private TestNetIdManager mNetIdManager;
private QosCallbackMockHelper mQosCallbackMockHelper;
private QosCallbackTracker mQosCallbackTracker;
- private VpnManagerService mVpnManagerService;
private TestNetworkCallback mDefaultNetworkCallback;
private TestNetworkCallback mSystemDefaultNetworkCallback;
private TestNetworkCallback mProfileDefaultNetworkCallback;
@@ -741,7 +745,7 @@
}
private int checkMockedPermission(String permission, int pid, int uid,
- Supplier<Integer> ifAbsent) {
+ Function3<String, Integer, Integer, Integer> ifAbsent /* perm, uid, pid -> int */) {
final Integer granted = mMockedPermissions.get(permission + "," + pid + "," + uid);
if (null != granted) {
return granted;
@@ -750,27 +754,27 @@
if (null != allGranted) {
return allGranted;
}
- return ifAbsent.get();
+ return ifAbsent.apply(permission, pid, uid);
}
@Override
public int checkPermission(String permission, int pid, int uid) {
return checkMockedPermission(permission, pid, uid,
- () -> super.checkPermission(permission, pid, uid));
+ (perm, p, u) -> super.checkPermission(perm, p, u));
}
@Override
public int checkCallingOrSelfPermission(String permission) {
return checkMockedPermission(permission, Process.myPid(), Process.myUid(),
- () -> super.checkCallingOrSelfPermission(permission));
+ (perm, p, u) -> super.checkCallingOrSelfPermission(perm));
}
@Override
public void enforceCallingOrSelfPermission(String permission, String message) {
final Integer granted = checkMockedPermission(permission,
Process.myPid(), Process.myUid(),
- () -> {
- super.enforceCallingOrSelfPermission(permission, message);
+ (perm, p, u) -> {
+ super.enforceCallingOrSelfPermission(perm, message);
// enforce will crash if the permission is not granted
return PERMISSION_GRANTED;
});
@@ -783,7 +787,7 @@
/**
* Mock checks for the specified permission, and have them behave as per {@code granted}.
*
- * This will apply across the board no matter what the checked UID and PID are.
+ * This will apply to all calls no matter what the checked UID and PID are.
*
* <p>Passing null reverts to default behavior, which does a real permission check on the
* test package.
@@ -925,9 +929,6 @@
private int mProbesSucceeded;
private String mNmValidationRedirectUrl = null;
private boolean mNmProvNotificationRequested = false;
- private Runnable mCreatedCallback;
- private Runnable mUnwantedCallback;
- private Runnable mDisconnectedCallback;
private final ConditionVariable mNetworkStatusReceived = new ConditionVariable();
// Contains the redirectUrl from networkStatus(). Before reading, wait for
@@ -935,22 +936,34 @@
private String mRedirectUrl;
TestNetworkAgentWrapper(int transport) throws Exception {
- this(transport, new LinkProperties(), null /* ncTemplate */, null /* provider */);
+ this(transport, new LinkProperties(), null /* ncTemplate */, null /* provider */, null);
}
TestNetworkAgentWrapper(int transport, LinkProperties linkProperties)
throws Exception {
- this(transport, linkProperties, null /* ncTemplate */, null /* provider */);
+ this(transport, linkProperties, null /* ncTemplate */, null /* provider */, null);
}
private TestNetworkAgentWrapper(int transport, LinkProperties linkProperties,
NetworkCapabilities ncTemplate) throws Exception {
- this(transport, linkProperties, ncTemplate, null /* provider */);
+ this(transport, linkProperties, ncTemplate, null /* provider */, null);
}
private TestNetworkAgentWrapper(int transport, LinkProperties linkProperties,
NetworkCapabilities ncTemplate, NetworkProvider provider) throws Exception {
- super(transport, linkProperties, ncTemplate, provider, mServiceContext);
+ this(transport, linkProperties, ncTemplate, provider /* provider */, null);
+ }
+
+ private TestNetworkAgentWrapper(int transport, NetworkAgentWrapper.Callbacks callbacks)
+ throws Exception {
+ this(transport, new LinkProperties(), null /* ncTemplate */, null /* provider */,
+ callbacks);
+ }
+
+ private TestNetworkAgentWrapper(int transport, LinkProperties linkProperties,
+ NetworkCapabilities ncTemplate, NetworkProvider provider,
+ NetworkAgentWrapper.Callbacks callbacks) throws Exception {
+ super(transport, linkProperties, ncTemplate, provider, callbacks, mServiceContext);
// Waits for the NetworkAgent to be registered, which includes the creation of the
// NetworkMonitor.
@@ -971,23 +984,6 @@
mNetworkStatusReceived.open();
}
- @Override
- public void onNetworkCreated() {
- super.onNetworkCreated();
- if (mCreatedCallback != null) mCreatedCallback.run();
- }
-
- @Override
- public void onNetworkUnwanted() {
- super.onNetworkUnwanted();
- if (mUnwantedCallback != null) mUnwantedCallback.run();
- }
-
- @Override
- public void onNetworkDestroyed() {
- super.onNetworkDestroyed();
- if (mDisconnectedCallback != null) mDisconnectedCallback.run();
- }
}
@Override
@@ -1174,10 +1170,11 @@
void setNetworkPartialValid(boolean isStrictMode) {
setNetworkPartial();
mNmValidationResult |= NETWORK_VALIDATION_RESULT_VALID;
+ mNmValidationRedirectUrl = null;
int probesCompleted = NETWORK_VALIDATION_PROBE_DNS | NETWORK_VALIDATION_PROBE_HTTPS
| NETWORK_VALIDATION_PROBE_HTTP;
int probesSucceeded = NETWORK_VALIDATION_PROBE_DNS | NETWORK_VALIDATION_PROBE_HTTP;
- // Suppose the partial network cannot pass the private DNS validation as well, so only
+ // Assume the partial network cannot pass the private DNS validation as well, so only
// add NETWORK_VALIDATION_PROBE_DNS in probesCompleted but not probesSucceeded.
if (isStrictMode) {
probesCompleted |= NETWORK_VALIDATION_PROBE_PRIVDNS;
@@ -1217,18 +1214,6 @@
p.timestampMillis = DATA_STALL_TIMESTAMP;
mNmCallbacks.notifyDataStallSuspected(p);
}
-
- public void setCreatedCallback(Runnable r) {
- mCreatedCallback = r;
- }
-
- public void setUnwantedCallback(Runnable r) {
- mUnwantedCallback = r;
- }
-
- public void setDisconnectedCallback(Runnable r) {
- mDisconnectedCallback = r;
- }
}
/**
@@ -1601,32 +1586,6 @@
return ranges.stream().map(r -> new UidRangeParcel(r, r)).toArray(UidRangeParcel[]::new);
}
- private VpnManagerService makeVpnManagerService() {
- final VpnManagerService.Dependencies deps = new VpnManagerService.Dependencies() {
- public int getCallingUid() {
- return mDeps.getCallingUid();
- }
-
- public HandlerThread makeHandlerThread() {
- return mVMSHandlerThread;
- }
-
- @Override
- public VpnProfileStore getVpnProfileStore() {
- return mVpnProfileStore;
- }
-
- public INetd getNetd() {
- return mMockNetd;
- }
-
- public INetworkManagementService getINetworkManagementService() {
- return mNetworkManagementService;
- }
- };
- return new VpnManagerService(mServiceContext, deps);
- }
-
private void assertVpnTransportInfo(NetworkCapabilities nc, int type) {
assertNotNull(nc);
final TransportInfo ti = nc.getTransportInfo();
@@ -1638,17 +1597,12 @@
private void processBroadcast(Intent intent) {
mServiceContext.sendBroadcast(intent);
- HandlerUtils.waitForIdle(mVMSHandlerThread, TIMEOUT_MS);
waitForIdle();
}
private void mockVpn(int uid) {
- synchronized (mVpnManagerService.mVpns) {
- int userId = UserHandle.getUserId(uid);
- mMockVpn = new MockVpn(userId);
- // Every running user always has a Vpn in the mVpns array, even if no VPN is running.
- mVpnManagerService.mVpns.put(userId, mMockVpn);
- }
+ int userId = UserHandle.getUserId(uid);
+ mMockVpn = new MockVpn(userId);
}
private void mockUidNetworkingBlocked() {
@@ -1680,12 +1634,7 @@
volatile int mConfigMeteredMultipathPreference;
WrappedMultinetworkPolicyTracker(Context c, Handler h, Runnable r) {
- super(c, h, r);
- }
-
- @Override
- protected Resources getResourcesForActiveSubId() {
- return mResources;
+ super(c, h, r, new MultinetworkPolicyTrackerTestDependencies(mResources));
}
@Override
@@ -1735,11 +1684,7 @@
});
}
- private interface ExceptionalRunnable {
- void run() throws Exception;
- }
-
- private void withPermission(String permission, ExceptionalRunnable r) throws Exception {
+ private void withPermission(String permission, ThrowingRunnable r) throws Exception {
try {
mServiceContext.setPermission(permission, PERMISSION_GRANTED);
r.run();
@@ -1748,7 +1693,7 @@
}
}
- private void withPermission(String permission, int pid, int uid, ExceptionalRunnable r)
+ private void withPermission(String permission, int pid, int uid, ThrowingRunnable r)
throws Exception {
try {
mServiceContext.setPermission(permission, pid, uid, PERMISSION_GRANTED);
@@ -1829,7 +1774,6 @@
initAlarmManager(mAlarmManager, mAlarmManagerThread.getThreadHandler());
mCsHandlerThread = new HandlerThread("TestConnectivityService");
- mVMSHandlerThread = new HandlerThread("TestVpnManagerService");
mProxyTracker = new ProxyTracker(mServiceContext, mock(Handler.class),
16 /* EVENT_PROXY_HAS_CHANGED */);
@@ -1857,8 +1801,8 @@
// getSystemService() correctly.
mCm = new WrappedConnectivityManager(InstrumentationRegistry.getContext(), mService);
mService.systemReadyInternal();
- mVpnManagerService = makeVpnManagerService();
- mVpnManagerService.systemReady();
+ verify(mMockDnsResolver).registerUnsolicitedEventListener(any());
+
mockVpn(Process.myUid());
mCm.bindProcessToNetwork(null);
mQosCallbackTracker = mock(QosCallbackTracker.class);
@@ -1889,30 +1833,20 @@
.getIdentifier(eq("config_networkSupportedKeepaliveCount"), eq("array"), any());
doReturn(R.array.network_switch_type_name).when(mResources)
.getIdentifier(eq("network_switch_type_name"), eq("array"), any());
- doReturn(R.integer.config_networkAvoidBadWifi).when(mResources)
- .getIdentifier(eq("config_networkAvoidBadWifi"), eq("integer"), any());
doReturn(1).when(mResources).getInteger(R.integer.config_networkAvoidBadWifi);
+ doReturn(0).when(mResources).getInteger(R.integer.config_activelyPreferBadWifi);
doReturn(true).when(mResources)
.getBoolean(R.bool.config_cellular_radio_timesharing_capable);
}
class ConnectivityServiceDependencies extends ConnectivityService.Dependencies {
final ConnectivityResources mConnRes;
- @Mock final MockableSystemProperties mSystemProperties;
ConnectivityServiceDependencies(final Context mockResContext) {
- mSystemProperties = mock(MockableSystemProperties.class);
- doReturn(false).when(mSystemProperties).getBoolean("ro.radio.noril", false);
-
mConnRes = new ConnectivityResources(mockResContext);
}
@Override
- public MockableSystemProperties getSystemProperties() {
- return mSystemProperties;
- }
-
- @Override
public HandlerThread makeHandlerThread() {
return mCsHandlerThread;
}
@@ -2064,7 +1998,7 @@
}
@Override
- public BpfNetMaps getBpfNetMaps(INetd netd) {
+ public BpfNetMaps getBpfNetMaps(Context context, INetd netd) {
return mBpfNetMaps;
}
@@ -2607,7 +2541,7 @@
doTestValidatedCellularOutscoresUnvalidatedWiFi(false);
}
- public void doTestValidatedCellularOutscoresUnvalidatedWiFi(
+ private void doTestValidatedCellularOutscoresUnvalidatedWiFi(
final boolean cellRadioTimesharingCapable) throws Exception {
mService.mCellularRadioTimesharingCapable = cellRadioTimesharingCapable;
// Test bringing up unvalidated WiFi
@@ -2655,7 +2589,7 @@
doTestUnvalidatedWifiOutscoresUnvalidatedCellular(false);
}
- public void doTestUnvalidatedWifiOutscoresUnvalidatedCellular(
+ private void doTestUnvalidatedWifiOutscoresUnvalidatedCellular(
final boolean cellRadioTimesharingCapable) throws Exception {
mService.mCellularRadioTimesharingCapable = cellRadioTimesharingCapable;
// Test bringing up unvalidated cellular.
@@ -2694,7 +2628,7 @@
doTestUnlingeringDoesNotValidate(false);
}
- public void doTestUnlingeringDoesNotValidate(
+ private void doTestUnlingeringDoesNotValidate(
final boolean cellRadioTimesharingCapable) throws Exception {
mService.mCellularRadioTimesharingCapable = cellRadioTimesharingCapable;
// Test bringing up unvalidated WiFi.
@@ -2743,7 +2677,7 @@
doTestRequestMigrationToSameTransport(TRANSPORT_ETHERNET, true);
}
- public void doTestRequestMigrationToSameTransport(final int transport,
+ private void doTestRequestMigrationToSameTransport(final int transport,
final boolean expectLingering) throws Exception {
// To speed up tests the linger delay is very short by default in tests but this
// test needs to make sure the delay is not incurred so a longer value is safer (it
@@ -2848,7 +2782,7 @@
doTestCellularOutscoresWeakWifi(false);
}
- public void doTestCellularOutscoresWeakWifi(
+ private void doTestCellularOutscoresWeakWifi(
final boolean cellRadioTimesharingCapable) throws Exception {
mService.mCellularRadioTimesharingCapable = cellRadioTimesharingCapable;
// Test bringing up validated cellular.
@@ -2887,7 +2821,7 @@
doTestReapingNetwork(false);
}
- public void doTestReapingNetwork(
+ private void doTestReapingNetwork(
final boolean cellRadioTimesharingCapable) throws Exception {
mService.mCellularRadioTimesharingCapable = cellRadioTimesharingCapable;
// Test bringing up WiFi without NET_CAPABILITY_INTERNET.
@@ -2929,7 +2863,7 @@
doTestCellularFallback(false);
}
- public void doTestCellularFallback(
+ private void doTestCellularFallback(
final boolean cellRadioTimesharingCapable) throws Exception {
mService.mCellularRadioTimesharingCapable = cellRadioTimesharingCapable;
// Test bringing up validated cellular.
@@ -2980,7 +2914,7 @@
doTestWiFiFallback(false);
}
- public void doTestWiFiFallback(
+ private void doTestWiFiFallback(
final boolean cellRadioTimesharingCapable) throws Exception {
mService.mCellularRadioTimesharingCapable = cellRadioTimesharingCapable;
// Test bringing up unvalidated WiFi.
@@ -3009,8 +2943,7 @@
@Test
public void testRequiresValidation() {
- assertTrue(NetworkMonitorUtils.isValidationRequired(
- NetworkAgentConfigShimImpl.newInstance(null),
+ assertTrue(NetworkMonitorUtils.isValidationRequired(false /* isVpnValidationRequired */,
mCm.getDefaultRequest().networkCapabilities));
}
@@ -3075,6 +3008,43 @@
}
@Test
+ public void testNetworkDoesntMatchRequestsUntilConnected() throws Exception {
+ final TestNetworkCallback cb = new TestNetworkCallback();
+ final NetworkRequest wifiRequest = new NetworkRequest.Builder()
+ .addTransportType(TRANSPORT_WIFI).build();
+ mCm.requestNetwork(wifiRequest, cb);
+ mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
+ // Updating the score triggers a rematch.
+ mWiFiNetworkAgent.setScore(new NetworkScore.Builder().build());
+ cb.assertNoCallback();
+ mWiFiNetworkAgent.connect(false);
+ cb.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
+ cb.assertNoCallback();
+ mCm.unregisterNetworkCallback(cb);
+ }
+
+ @Test
+ public void testNetworkNotVisibleUntilConnected() throws Exception {
+ final TestNetworkCallback cb = new TestNetworkCallback();
+ final NetworkRequest wifiRequest = new NetworkRequest.Builder()
+ .addTransportType(TRANSPORT_WIFI).build();
+ mCm.registerNetworkCallback(wifiRequest, cb);
+ mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
+ final NetworkCapabilities nc = mWiFiNetworkAgent.getNetworkCapabilities();
+ nc.addCapability(NET_CAPABILITY_TEMPORARILY_NOT_METERED);
+ mWiFiNetworkAgent.setNetworkCapabilities(nc, true /* sendToConnectivityService */);
+ cb.assertNoCallback();
+ mWiFiNetworkAgent.connect(false);
+ cb.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
+ final CallbackEntry found = CollectionUtils.findLast(cb.getHistory(),
+ it -> it instanceof CallbackEntry.CapabilitiesChanged);
+ assertTrue(((CallbackEntry.CapabilitiesChanged) found).getCaps()
+ .hasCapability(NET_CAPABILITY_TEMPORARILY_NOT_METERED));
+ cb.assertNoCallback();
+ mCm.unregisterNetworkCallback(cb);
+ }
+
+ @Test
public void testStateChangeNetworkCallbacks() throws Exception {
final TestNetworkCallback genericNetworkCallback = new TestNetworkCallback();
final TestNetworkCallback wifiNetworkCallback = new TestNetworkCallback();
@@ -3550,6 +3520,58 @@
mCm.unregisterNetworkCallback(callback);
}
+ /** Expects the specified notification and returns the notification ID. */
+ private int expectNotification(TestNetworkAgentWrapper agent, NotificationType type) {
+ verify(mNotificationManager, timeout(TIMEOUT_MS)).notify(
+ eq(NetworkNotificationManager.tagFor(agent.getNetwork().netId)),
+ eq(type.eventId), any());
+ return type.eventId;
+ }
+
+ private void expectNoNotification(@NonNull final TestNetworkAgentWrapper agent) {
+ verify(mNotificationManager, never()).notifyAsUser(anyString(), anyInt(), any(), any());
+ }
+
+ /**
+ * Expects the specified notification happens when the unvalidated prompt message arrives
+ *
+ * @return the notification ID.
+ **/
+ private int expectUnvalidationCheckWillNotify(TestNetworkAgentWrapper agent,
+ NotificationType type) {
+ mService.scheduleEvaluationTimeout(agent.getNetwork(), 0 /* delayMs */);
+ waitForIdle();
+ return expectNotification(agent, type);
+ }
+
+ /**
+ * Expects that the notification for the specified network is cleared.
+ *
+ * This generally happens when the network disconnects or when the newtwork validates. During
+ * normal usage the notification is also cleared by the system when the notification is tapped.
+ */
+ private void expectClearNotification(TestNetworkAgentWrapper agent, NotificationType type) {
+ verify(mNotificationManager, timeout(TIMEOUT_MS)).cancel(
+ eq(NetworkNotificationManager.tagFor(agent.getNetwork().netId)), eq(type.eventId));
+ }
+
+ /**
+ * Expects that no notification happens when the unvalidated prompt message arrives
+ *
+ * @return the notification ID.
+ **/
+ private void expectUnvalidationCheckWillNotNotify(TestNetworkAgentWrapper agent) {
+ mService.scheduleEvaluationTimeout(agent.getNetwork(), 0 /*delayMs */);
+ waitForIdle();
+ expectNoNotification(agent);
+ }
+
+ private void expectDisconnectAndClearNotifications(TestNetworkCallback callback,
+ TestNetworkAgentWrapper agent, NotificationType type) {
+ callback.expectCallback(CallbackEntry.LOST, agent);
+ expectClearNotification(agent, type);
+ }
+
private NativeNetworkConfig nativeNetworkConfigPhysical(int netId, int permission) {
return new NativeNetworkConfig(netId, NativeNetworkType.PHYSICAL, permission,
/*secure=*/ false, VpnManager.TYPE_VPN_NONE, /*excludeLocalRoutes=*/ false);
@@ -3568,37 +3590,35 @@
final NetworkRequest request = new NetworkRequest.Builder()
.addTransportType(TRANSPORT_WIFI).build();
final TestNetworkCallback callback = new TestNetworkCallback();
- final AtomicReference<Network> wifiNetwork = new AtomicReference<>();
- mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
// Expectations for state when various callbacks fire. These expectations run on the handler
// thread and not on the test thread because they need to prevent the handler thread from
// advancing while they examine state.
// 1. When onCreated fires, netd has been told to create the network.
- mWiFiNetworkAgent.setCreatedCallback(() -> {
+ final Consumer<NetworkAgent> onNetworkCreated = (agent) -> {
eventOrder.offer("onNetworkCreated");
- wifiNetwork.set(mWiFiNetworkAgent.getNetwork());
- assertNotNull(wifiNetwork.get());
try {
verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical(
- wifiNetwork.get().getNetId(), INetd.PERMISSION_NONE));
+ agent.getNetwork().getNetId(), INetd.PERMISSION_NONE));
} catch (RemoteException impossible) {
fail();
}
- });
+ };
// 2. onNetworkUnwanted isn't precisely ordered with respect to any particular events. Just
// check that it is fired at some point after disconnect.
- mWiFiNetworkAgent.setUnwantedCallback(() -> eventOrder.offer("onNetworkUnwanted"));
+ final Consumer<NetworkAgent> onNetworkUnwanted = (agent) -> {
+ eventOrder.offer("onNetworkUnwanted");
+ };
// 3. While the teardown timer is running, connectivity APIs report the network is gone, but
// netd has not yet been told to destroy it.
- final Runnable duringTeardown = () -> {
+ final Consumer<Network> duringTeardown = (network) -> {
eventOrder.offer("timePasses");
- assertNull(mCm.getLinkProperties(wifiNetwork.get()));
+ assertNull(mCm.getLinkProperties(network));
try {
- verify(mMockNetd, never()).networkDestroy(wifiNetwork.get().getNetId());
+ verify(mMockNetd, never()).networkDestroy(network.getNetId());
} catch (RemoteException impossible) {
fail();
}
@@ -3606,15 +3626,20 @@
// 4. After onNetworkDisconnected is called, connectivity APIs report the network is gone,
// and netd has been told to destroy it.
- mWiFiNetworkAgent.setDisconnectedCallback(() -> {
+ final Consumer<NetworkAgent> onNetworkDisconnected = (agent) -> {
eventOrder.offer("onNetworkDisconnected");
- assertNull(mCm.getLinkProperties(wifiNetwork.get()));
+ assertNull(mCm.getLinkProperties(agent.getNetwork()));
try {
- verify(mMockNetd).networkDestroy(wifiNetwork.get().getNetId());
+ verify(mMockNetd).networkDestroy(agent.getNetwork().getNetId());
} catch (RemoteException impossible) {
fail();
}
- });
+ };
+
+ final NetworkAgentWrapper.Callbacks callbacks = new NetworkAgentWrapper.Callbacks(
+ onNetworkCreated, onNetworkUnwanted, onNetworkDisconnected);
+
+ mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI, callbacks);
// Connect a network, and file a request for it after it has come up, to ensure the nascent
// timer is cleared and the test does not have to wait for it. Filing the request after the
@@ -3636,7 +3661,7 @@
// down the network and started the teardown timer, and short enough that the lambda is
// scheduled to run before the teardown timer.
final Handler h = new Handler(mCsHandlerThread.getLooper());
- h.postDelayed(duringTeardown, 150);
+ h.postDelayed(() -> duringTeardown.accept(mWiFiNetworkAgent.getNetwork()), 150);
// Disconnect the network and check that events happened in the right order.
mCm.unregisterNetworkCallback(callback);
@@ -3667,10 +3692,13 @@
mWiFiNetworkAgent.connect(false);
callback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
- // Cell Remains the default.
+ // Cell remains the default.
assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetwork());
- // Lower wifi's score to below than cell, and check that it doesn't disconnect because
+ // Expect a high-priority NO_INTERNET notification.
+ expectUnvalidationCheckWillNotify(mWiFiNetworkAgent, NotificationType.NO_INTERNET);
+
+ // Lower WiFi's score to lower than cell, and check that it doesn't disconnect because
// it's explicitly selected.
mWiFiNetworkAgent.adjustScore(-40);
mWiFiNetworkAgent.adjustScore(40);
@@ -3684,18 +3712,26 @@
// Disconnect wifi, and then reconnect, again with explicitlySelected=true.
mWiFiNetworkAgent.disconnect();
- callback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+ expectDisconnectAndClearNotifications(callback, mWiFiNetworkAgent,
+ NotificationType.NO_INTERNET);
+
mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
mWiFiNetworkAgent.explicitlySelected(true, false);
mWiFiNetworkAgent.connect(false);
callback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
+ // Expect a high-priority NO_INTERNET notification.
+ expectUnvalidationCheckWillNotify(mWiFiNetworkAgent, NotificationType.NO_INTERNET);
+
// If the user chooses no on the "No Internet access, stay connected?" dialog, we ask the
// network to disconnect.
mCm.setAcceptUnvalidated(mWiFiNetworkAgent.getNetwork(), false, false);
- callback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+ expectDisconnectAndClearNotifications(callback, mWiFiNetworkAgent,
+ NotificationType.NO_INTERNET);
+ reset(mNotificationManager);
// Reconnect, again with explicitlySelected=true, but this time validate.
+ // Expect no notifications.
mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
mWiFiNetworkAgent.explicitlySelected(true, false);
mWiFiNetworkAgent.connect(true);
@@ -3703,6 +3739,7 @@
callback.expectCallback(CallbackEntry.LOSING, mCellNetworkAgent);
callback.expectCapabilitiesWith(NET_CAPABILITY_VALIDATED, mWiFiNetworkAgent);
assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetwork());
+ expectUnvalidationCheckWillNotNotify(mWiFiNetworkAgent);
mEthernetNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_ETHERNET);
mEthernetNetworkAgent.connect(true);
@@ -3725,16 +3762,19 @@
assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetwork());
mEthernetNetworkAgent.disconnect();
callback.expectCallback(CallbackEntry.LOST, mEthernetNetworkAgent);
+ expectUnvalidationCheckWillNotNotify(mWiFiNetworkAgent);
// Disconnect and reconnect with explicitlySelected=false and acceptUnvalidated=true.
// Check that the network is not scored specially and that the device prefers cell data.
mWiFiNetworkAgent.disconnect();
callback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+
mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
mWiFiNetworkAgent.explicitlySelected(false, true);
mWiFiNetworkAgent.connect(false);
callback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetwork());
+ expectUnvalidationCheckWillNotNotify(mWiFiNetworkAgent);
// Clean up.
mWiFiNetworkAgent.disconnect();
@@ -3744,6 +3784,63 @@
callback.expectCallback(CallbackEntry.LOST, mCellNetworkAgent);
}
+ private void doTestFirstEvaluation(
+ @NonNull final Consumer<TestNetworkAgentWrapper> doConnect,
+ final boolean waitForSecondCaps,
+ final boolean evaluatedByValidation)
+ throws Exception {
+ final NetworkRequest request = new NetworkRequest.Builder()
+ .addTransportType(TRANSPORT_WIFI)
+ .build();
+ TestNetworkCallback callback = new TestNetworkCallback();
+ mCm.registerNetworkCallback(request, callback);
+
+ mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
+ doConnect.accept(mWiFiNetworkAgent);
+ // Expect the available callbacks, but don't require specific values for their arguments
+ // since this method doesn't know how the network was connected.
+ callback.expectCallback(CallbackEntry.AVAILABLE, mWiFiNetworkAgent);
+ callback.expectCallback(CallbackEntry.NETWORK_CAPS_UPDATED, mWiFiNetworkAgent);
+ callback.expectCallback(CallbackEntry.LINK_PROPERTIES_CHANGED, mWiFiNetworkAgent);
+ callback.expectCallback(CallbackEntry.BLOCKED_STATUS, mWiFiNetworkAgent);
+ if (waitForSecondCaps) {
+ // This is necessary because of b/245893397, the same bug that happens where we use
+ // expectAvailableDoubleValidatedCallbacks.
+ callback.expectCallback(CallbackEntry.NETWORK_CAPS_UPDATED, mWiFiNetworkAgent);
+ }
+ final NetworkAgentInfo nai =
+ mService.getNetworkAgentInfoForNetwork(mWiFiNetworkAgent.getNetwork());
+ final long firstEvaluation = nai.getFirstEvaluationConcludedTime();
+ if (evaluatedByValidation) {
+ assertNotEquals(0L, firstEvaluation);
+ } else {
+ assertEquals(0L, firstEvaluation);
+ }
+ mService.scheduleEvaluationTimeout(mWiFiNetworkAgent.getNetwork(), 0L /* timeout */);
+ waitForIdle();
+ if (evaluatedByValidation) {
+ assertEquals(firstEvaluation, nai.getFirstEvaluationConcludedTime());
+ } else {
+ assertNotEquals(0L, nai.getFirstEvaluationConcludedTime());
+ }
+ mWiFiNetworkAgent.disconnect();
+ callback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+
+ mCm.unregisterNetworkCallback(callback);
+ }
+
+ @Test
+ public void testEverEvaluated() throws Exception {
+ doTestFirstEvaluation(naw -> naw.connect(true /* validated */),
+ true /* waitForSecondCaps */, true /* immediatelyEvaluated */);
+ doTestFirstEvaluation(naw -> naw.connectWithPartialConnectivity(),
+ true /* waitForSecondCaps */, true /* immediatelyEvaluated */);
+ doTestFirstEvaluation(naw -> naw.connectWithCaptivePortal(TEST_REDIRECT_URL, false),
+ true /* waitForSecondCaps */, true /* immediatelyEvaluated */);
+ doTestFirstEvaluation(naw -> naw.connect(false /* validated */),
+ false /* waitForSecondCaps */, false /* immediatelyEvaluated */);
+ }
+
private void tryNetworkFactoryRequests(int capability) throws Exception {
// Verify NOT_RESTRICTED is set appropriately
final NetworkCapabilities nc = new NetworkRequest.Builder().addCapability(capability)
@@ -4102,6 +4199,12 @@
assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetwork());
callback.assertNoCallback();
+ // Expect a PARTIAL_CONNECTIVITY notification. The notification appears as soon as partial
+ // connectivity is detected, and is low priority because the network was not explicitly
+ // selected by the user. This happens if we reconnect to a network where the user previously
+ // accepted partial connectivity without checking "always".
+ expectNotification(mWiFiNetworkAgent, NotificationType.PARTIAL_CONNECTIVITY);
+
// With HTTPS probe disabled, NetworkMonitor should pass the network validation with http
// probe.
mWiFiNetworkAgent.setNetworkPartialValid(false /* isStrictMode */);
@@ -4114,7 +4217,7 @@
waitForIdle();
verify(mWiFiNetworkAgent.mNetworkMonitor, times(1)).setAcceptPartialConnectivity();
- // Need a trigger point to let NetworkMonitor tell ConnectivityService that network is
+ // Need a trigger point to let NetworkMonitor tell ConnectivityService that the network is
// validated.
mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), true);
callback.expectCallback(CallbackEntry.LOSING, mCellNetworkAgent);
@@ -4123,9 +4226,13 @@
assertTrue(nc.hasCapability(NET_CAPABILITY_PARTIAL_CONNECTIVITY));
assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetwork());
+ // Once the network validates, the notification disappears.
+ expectClearNotification(mWiFiNetworkAgent, NotificationType.PARTIAL_CONNECTIVITY);
+
// Disconnect and reconnect wifi with partial connectivity again.
mWiFiNetworkAgent.disconnect();
callback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+
mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
mWiFiNetworkAgent.connectWithPartialConnectivity();
callback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
@@ -4133,20 +4240,28 @@
// Mobile data should be the default network.
assertEquals(mCellNetworkAgent.getNetwork(), mCm.getActiveNetwork());
+ waitForIdle();
+
+ // Expect a low-priority PARTIAL_CONNECTIVITY notification as soon as partial connectivity
+ // is detected.
+ expectNotification(mWiFiNetworkAgent, NotificationType.PARTIAL_CONNECTIVITY);
// If the user chooses no, disconnect wifi immediately.
- mCm.setAcceptPartialConnectivity(mWiFiNetworkAgent.getNetwork(), false/* accept */,
+ mCm.setAcceptPartialConnectivity(mWiFiNetworkAgent.getNetwork(), false /* accept */,
false /* always */);
callback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+ expectClearNotification(mWiFiNetworkAgent, NotificationType.PARTIAL_CONNECTIVITY);
+ reset(mNotificationManager);
- // If user accepted partial connectivity before, and device reconnects to that network
- // again, but now the network has full connectivity. The network shouldn't contain
+ // If the user accepted partial connectivity before, and the device connects to that network
+ // again, but now the network has full connectivity, then the network shouldn't contain
// NET_CAPABILITY_PARTIAL_CONNECTIVITY.
mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
// acceptUnvalidated is also used as setting for accepting partial networks.
mWiFiNetworkAgent.explicitlySelected(true /* explicitlySelected */,
true /* acceptUnvalidated */);
mWiFiNetworkAgent.connect(true);
+ expectUnvalidationCheckWillNotNotify(mWiFiNetworkAgent);
// If user accepted partial connectivity network before,
// NetworkMonitor#setAcceptPartialConnectivity() will be called in
@@ -4177,9 +4292,11 @@
callback.expectCallback(CallbackEntry.LOSING, mCellNetworkAgent);
assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetwork());
callback.expectCapabilitiesWith(NET_CAPABILITY_PARTIAL_CONNECTIVITY, mWiFiNetworkAgent);
+ expectUnvalidationCheckWillNotNotify(mWiFiNetworkAgent);
+
mWiFiNetworkAgent.setNetworkValid(false /* isStrictMode */);
- // Need a trigger point to let NetworkMonitor tell ConnectivityService that network is
+ // Need a trigger point to let NetworkMonitor tell ConnectivityService that the network is
// validated.
mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), true);
callback.expectCapabilitiesWith(NET_CAPABILITY_VALIDATED, mWiFiNetworkAgent);
@@ -4201,16 +4318,19 @@
callback.expectCallback(CallbackEntry.LOSING, mCellNetworkAgent);
callback.expectCapabilitiesWith(
NET_CAPABILITY_PARTIAL_CONNECTIVITY | NET_CAPABILITY_VALIDATED, mWiFiNetworkAgent);
+ expectUnvalidationCheckWillNotNotify(mWiFiNetworkAgent);
mWiFiNetworkAgent.disconnect();
callback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+ verifyNoMoreInteractions(mNotificationManager);
}
@Test
public void testCaptivePortalOnPartialConnectivity() throws Exception {
- final TestNetworkCallback captivePortalCallback = new TestNetworkCallback();
- final NetworkRequest captivePortalRequest = new NetworkRequest.Builder()
- .addCapability(NET_CAPABILITY_CAPTIVE_PORTAL).build();
- mCm.registerNetworkCallback(captivePortalRequest, captivePortalCallback);
+ final TestNetworkCallback wifiCallback = new TestNetworkCallback();
+ final NetworkRequest wifiRequest = new NetworkRequest.Builder()
+ .addTransportType(TRANSPORT_WIFI)
+ .build();
+ mCm.registerNetworkCallback(wifiRequest, wifiCallback);
final TestNetworkCallback validatedCallback = new TestNetworkCallback();
final NetworkRequest validatedRequest = new NetworkRequest.Builder()
@@ -4222,21 +4342,28 @@
mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
String redirectUrl = "http://android.com/path";
mWiFiNetworkAgent.connectWithCaptivePortal(redirectUrl, false /* isStrictMode */);
- captivePortalCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
+ wifiCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
assertEquals(mWiFiNetworkAgent.waitForRedirectUrl(), redirectUrl);
+ // This is necessary because of b/245893397, the same bug that happens where we use
+ // expectAvailableDoubleValidatedCallbacks.
+ // TODO : fix b/245893397 and remove this.
+ wifiCallback.expectCapabilitiesWith(NET_CAPABILITY_CAPTIVE_PORTAL, mWiFiNetworkAgent);
+
// Check that startCaptivePortalApp sends the expected command to NetworkMonitor.
mCm.startCaptivePortalApp(mWiFiNetworkAgent.getNetwork());
verify(mWiFiNetworkAgent.mNetworkMonitor, timeout(TIMEOUT_MS).times(1))
.launchCaptivePortalApp();
// Report that the captive portal is dismissed with partial connectivity, and check that
- // callbacks are fired.
+ // callbacks are fired with PARTIAL and without CAPTIVE_PORTAL.
mWiFiNetworkAgent.setNetworkPartial();
mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), true);
waitForIdle();
- captivePortalCallback.expectCapabilitiesWith(NET_CAPABILITY_PARTIAL_CONNECTIVITY,
- mWiFiNetworkAgent);
+ wifiCallback.expectCapabilitiesThat(
+ mWiFiNetworkAgent, nc ->
+ nc.hasCapability(NET_CAPABILITY_PARTIAL_CONNECTIVITY)
+ && !nc.hasCapability(NET_CAPABILITY_CAPTIVE_PORTAL));
// Report partial connectivity is accepted.
mWiFiNetworkAgent.setNetworkPartialValid(false /* isStrictMode */);
@@ -4244,13 +4371,12 @@
false /* always */);
waitForIdle();
mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), true);
- captivePortalCallback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+ wifiCallback.expectCapabilitiesWith(NET_CAPABILITY_VALIDATED, mWiFiNetworkAgent);
validatedCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
- NetworkCapabilities nc =
- validatedCallback.expectCapabilitiesWith(NET_CAPABILITY_PARTIAL_CONNECTIVITY,
+ validatedCallback.expectCapabilitiesWith(NET_CAPABILITY_PARTIAL_CONNECTIVITY,
mWiFiNetworkAgent);
- mCm.unregisterNetworkCallback(captivePortalCallback);
+ mCm.unregisterNetworkCallback(wifiCallback);
mCm.unregisterNetworkCallback(validatedCallback);
}
@@ -4333,6 +4459,11 @@
mCm.reportNetworkConnectivity(wifiNetwork, false);
captivePortalCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
validatedCallback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+ // This is necessary because of b/245893397, the same bug that happens where we use
+ // expectAvailableDoubleValidatedCallbacks.
+ // TODO : fix b/245893397 and remove this.
+ captivePortalCallback.expectCallback(CallbackEntry.NETWORK_CAPS_UPDATED,
+ mWiFiNetworkAgent);
// Check that startCaptivePortalApp sends the expected command to NetworkMonitor.
mCm.startCaptivePortalApp(wifiNetwork);
@@ -5502,6 +5633,24 @@
}
@Test
+ public void testActivelyPreferBadWifiSetting() throws Exception {
+ doReturn(1).when(mResources).getInteger(R.integer.config_activelyPreferBadWifi);
+ mPolicyTracker.reevaluate();
+ waitForIdle();
+ assertTrue(mService.mNetworkRanker.getConfiguration().activelyPreferBadWifi());
+
+ doReturn(0).when(mResources).getInteger(R.integer.config_activelyPreferBadWifi);
+ mPolicyTracker.reevaluate();
+ waitForIdle();
+ if (SdkLevel.isAtLeastU()) {
+ // U+ ignore the setting and always actively prefers bad wifi
+ assertTrue(mService.mNetworkRanker.getConfiguration().activelyPreferBadWifi());
+ } else {
+ assertFalse(mService.mNetworkRanker.getConfiguration().activelyPreferBadWifi());
+ }
+ }
+
+ @Test
public void testOffersAvoidsBadWifi() throws Exception {
// Normal mode : the carrier doesn't restrict moving away from bad wifi.
// This has getAvoidBadWifi return true.
@@ -5618,6 +5767,52 @@
wifiCallback.assertNoCallback();
}
+ public void doTestPreferBadWifi(final boolean preferBadWifi) throws Exception {
+ // Pretend we're on a carrier that restricts switching away from bad wifi, and
+ // depending on the parameter one that may indeed prefer bad wifi.
+ doReturn(0).when(mResources).getInteger(R.integer.config_networkAvoidBadWifi);
+ doReturn(preferBadWifi ? 1 : 0).when(mResources)
+ .getInteger(R.integer.config_activelyPreferBadWifi);
+ mPolicyTracker.reevaluate();
+
+ registerDefaultNetworkCallbacks();
+ final NetworkRequest wifiRequest = new NetworkRequest.Builder()
+ .clearCapabilities()
+ .addTransportType(TRANSPORT_WIFI)
+ .build();
+ final TestableNetworkCallback wifiCallback = new TestableNetworkCallback();
+ mCm.registerNetworkCallback(wifiRequest, wifiCallback);
+
+ // Bring up validated cell and unvalidated wifi.
+ mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR);
+ mCellNetworkAgent.connect(true);
+ mDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent);
+
+ mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI);
+ mWiFiNetworkAgent.connect(false);
+ wifiCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
+
+ if (preferBadWifi) {
+ expectUnvalidationCheckWillNotify(mWiFiNetworkAgent, NotificationType.LOST_INTERNET);
+ mDefaultNetworkCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
+ } else {
+ expectUnvalidationCheckWillNotNotify(mWiFiNetworkAgent);
+ mDefaultNetworkCallback.assertNoCallback();
+ }
+ }
+
+ @Test
+ public void testPreferBadWifi_doNotPrefer() throws Exception {
+ // Starting with U this mode is no longer supported and can't actually be tested
+ assumeFalse(SdkLevel.isAtLeastU());
+ doTestPreferBadWifi(false /* preferBadWifi */);
+ }
+
+ @Test
+ public void testPreferBadWifi_doPrefer() throws Exception {
+ doTestPreferBadWifi(true /* preferBadWifi */);
+ }
+
@Test
public void testAvoidBadWifi() throws Exception {
final ContentResolver cr = mServiceContext.getContentResolver();
@@ -5641,7 +5836,8 @@
TestNetworkCallback validatedWifiCallback = new TestNetworkCallback();
mCm.registerNetworkCallback(validatedWifiRequest, validatedWifiCallback);
- Settings.Global.putInt(cr, ConnectivitySettingsManager.NETWORK_AVOID_BAD_WIFI, 0);
+ // Prompt mode, so notifications can be tested
+ Settings.Global.putString(cr, ConnectivitySettingsManager.NETWORK_AVOID_BAD_WIFI, null);
mPolicyTracker.reevaluate();
// Bring up validated cell.
@@ -5663,6 +5859,7 @@
mCm.reportNetworkConnectivity(wifiNetwork, false);
defaultCallback.expectCapabilitiesWithout(NET_CAPABILITY_VALIDATED, mWiFiNetworkAgent);
validatedWifiCallback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+ expectNotification(mWiFiNetworkAgent, NotificationType.LOST_INTERNET);
// Because avoid bad wifi is off, we don't switch to cellular.
defaultCallback.assertNoCallback();
@@ -5678,14 +5875,20 @@
mPolicyTracker.reevaluate();
defaultCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
assertEquals(mCm.getActiveNetwork(), cellNetwork);
+ expectClearNotification(mWiFiNetworkAgent, NotificationType.LOST_INTERNET);
// Switch back to a restrictive carrier.
doReturn(0).when(mResources).getInteger(R.integer.config_networkAvoidBadWifi);
mPolicyTracker.reevaluate();
defaultCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
assertEquals(mCm.getActiveNetwork(), wifiNetwork);
+ // A notification was already shown for this very network.
+ expectNoNotification(mWiFiNetworkAgent);
// Simulate the user selecting "switch" on the dialog, and check that we switch to cell.
+ // In principle this is a little bit unrealistic because the switch to a less restrictive
+ // carrier above should have remove the notification but this doesn't matter for the
+ // purposes of this test.
mCm.setAvoidUnvalidated(wifiNetwork);
defaultCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
assertFalse(mCm.getNetworkCapabilities(wifiNetwork).hasCapability(
@@ -5707,6 +5910,7 @@
mCm.reportNetworkConnectivity(wifiNetwork, false);
defaultCallback.expectCapabilitiesWithout(NET_CAPABILITY_VALIDATED, mWiFiNetworkAgent);
validatedWifiCallback.expectCallback(CallbackEntry.LOST, mWiFiNetworkAgent);
+ expectNotification(mWiFiNetworkAgent, NotificationType.LOST_INTERNET);
// Simulate the user selecting "switch" and checking the don't ask again checkbox.
Settings.Global.putInt(cr, ConnectivitySettingsManager.NETWORK_AVOID_BAD_WIFI, 1);
@@ -5719,6 +5923,7 @@
assertTrue(mCm.getNetworkCapabilities(cellNetwork).hasCapability(
NET_CAPABILITY_VALIDATED));
assertEquals(mCm.getActiveNetwork(), cellNetwork);
+ expectClearNotification(mWiFiNetworkAgent, NotificationType.LOST_INTERNET);
// Simulate the user turning the cellular fallback setting off and then on.
// We switch to wifi and then to cell.
@@ -5726,6 +5931,9 @@
mPolicyTracker.reevaluate();
defaultCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
assertEquals(mCm.getActiveNetwork(), wifiNetwork);
+ // Notification is cleared again because CS doesn't particularly remember that it has
+ // cleared it before, and if it hasn't cleared it before then it should do so now.
+ expectClearNotification(mWiFiNetworkAgent, NotificationType.LOST_INTERNET);
Settings.Global.putInt(cr, ConnectivitySettingsManager.NETWORK_AVOID_BAD_WIFI, 1);
mPolicyTracker.reevaluate();
defaultCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
@@ -5736,6 +5944,8 @@
defaultCallback.expectCallback(CallbackEntry.LOST, mCellNetworkAgent);
defaultCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);
validatedWifiCallback.assertNoCallback();
+ // Notification is cleared yet again because the device switched to wifi.
+ expectClearNotification(mWiFiNetworkAgent, NotificationType.LOST_INTERNET);
mCm.unregisterNetworkCallback(cellNetworkCallback);
mCm.unregisterNetworkCallback(validatedWifiCallback);
@@ -6214,7 +6424,7 @@
}
// Helper method to prepare the executor and run test
- private void runTestWithSerialExecutors(ExceptionUtils.ThrowingConsumer<Executor> functor)
+ private void runTestWithSerialExecutors(ThrowingConsumer<Executor> functor)
throws Exception {
final ExecutorService executorSingleThread = Executors.newSingleThreadExecutor();
final Executor executorInline = (Runnable r) -> r.run();
@@ -7259,9 +7469,6 @@
public void testBasicDnsConfigurationPushed() throws Exception {
setPrivateDnsSettings(PRIVATE_DNS_MODE_OPPORTUNISTIC, "ignored.example.com");
- // Clear any interactions that occur as a result of CS starting up.
- reset(mMockDnsResolver);
-
mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR);
waitForIdle();
verify(mMockDnsResolver, never()).setResolverConfiguration(any());
@@ -7334,9 +7541,6 @@
@Test
public void testDnsConfigurationTransTypesPushed() throws Exception {
- // Clear any interactions that occur as a result of CS starting up.
- reset(mMockDnsResolver);
-
final NetworkRequest request = new NetworkRequest.Builder()
.clearCapabilities().addCapability(NET_CAPABILITY_INTERNET)
.build();
@@ -7395,9 +7599,6 @@
@Test
public void testPrivateDnsSettingsChange() throws Exception {
- // Clear any interactions that occur as a result of CS starting up.
- reset(mMockDnsResolver);
-
// The default on Android is opportunistic mode ("Automatic").
setPrivateDnsSettings(PRIVATE_DNS_MODE_OPPORTUNISTIC, "ignored.example.com");
@@ -8006,7 +8207,8 @@
// VPN networks do not satisfy the default request and are automatically validated
// by NetworkMonitor
assertFalse(NetworkMonitorUtils.isValidationRequired(
- NetworkAgentConfigShimImpl.newInstance(mMockVpn.getNetworkAgentConfig()),
+ NetworkAgentConfigShimImpl.newInstance(mMockVpn.getNetworkAgentConfig())
+ .isVpnValidationRequired(),
mMockVpn.getAgent().getNetworkCapabilities()));
mMockVpn.getAgent().setNetworkValid(false /* isStrictMode */);
@@ -8157,7 +8359,8 @@
assertTrue(nc.hasCapability(NET_CAPABILITY_INTERNET));
assertFalse(NetworkMonitorUtils.isValidationRequired(
- NetworkAgentConfigShimImpl.newInstance(mMockVpn.getNetworkAgentConfig()),
+ NetworkAgentConfigShimImpl.newInstance(mMockVpn.getNetworkAgentConfig())
+ .isVpnValidationRequired(),
mMockVpn.getAgent().getNetworkCapabilities()));
assertTrue(NetworkMonitorUtils.isPrivateDnsValidationRequired(
mMockVpn.getAgent().getNetworkCapabilities()));
@@ -8486,12 +8689,8 @@
doReturn(UserHandle.getUid(RESTRICTED_USER, VPN_UID)).when(mPackageManager)
.getPackageUidAsUser(ALWAYS_ON_PACKAGE, RESTRICTED_USER);
- final Intent addedIntent = new Intent(ACTION_USER_ADDED);
- addedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(RESTRICTED_USER));
- addedIntent.putExtra(Intent.EXTRA_USER_HANDLE, RESTRICTED_USER);
-
- // Send a USER_ADDED broadcast for it.
- processBroadcast(addedIntent);
+ // New user added
+ mMockVpn.onUserAdded(RESTRICTED_USER);
// Expect that the VPN UID ranges contain both |uid| and the UID range for the newly-added
// restricted user.
@@ -8515,11 +8714,8 @@
&& caps.hasTransport(TRANSPORT_VPN)
&& !caps.hasTransport(TRANSPORT_WIFI));
- // Send a USER_REMOVED broadcast and expect to lose the UID range for the restricted user.
- final Intent removedIntent = new Intent(ACTION_USER_REMOVED);
- removedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(RESTRICTED_USER));
- removedIntent.putExtra(Intent.EXTRA_USER_HANDLE, RESTRICTED_USER);
- processBroadcast(removedIntent);
+ // User removed and expect to lose the UID range for the restricted user.
+ mMockVpn.onUserRemoved(RESTRICTED_USER);
// Expect that the VPN gains the UID range for the restricted user, and that the capability
// change made just before that (i.e., loss of TRANSPORT_WIFI) is preserved.
@@ -8558,8 +8754,7 @@
// Enable always-on VPN lockdown. The main user loses network access because no VPN is up.
final ArrayList<String> allowList = new ArrayList<>();
- mVpnManagerService.setAlwaysOnVpnPackage(PRIMARY_USER, ALWAYS_ON_PACKAGE,
- true /* lockdown */, allowList);
+ mMockVpn.setAlwaysOnPackage(ALWAYS_ON_PACKAGE, true /* lockdown */, allowList);
waitForIdle();
assertNull(mCm.getActiveNetworkForUid(uid));
// This is arguably overspecified: a UID that is not running doesn't have an active network.
@@ -8573,6 +8768,7 @@
doReturn(asList(PRIMARY_USER_INFO, RESTRICTED_USER_INFO)).when(mUserManager)
.getAliveUsers();
// TODO: check that VPN app within restricted profile still has access, etc.
+ mMockVpn.onUserAdded(RESTRICTED_USER);
final Intent addedIntent = new Intent(ACTION_USER_ADDED);
addedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(RESTRICTED_USER));
addedIntent.putExtra(Intent.EXTRA_USER_HANDLE, RESTRICTED_USER);
@@ -8584,6 +8780,7 @@
doReturn(asList(PRIMARY_USER_INFO)).when(mUserManager).getAliveUsers();
// Send a USER_REMOVED broadcast and expect to lose the UID range for the restricted user.
+ mMockVpn.onUserRemoved(RESTRICTED_USER);
final Intent removedIntent = new Intent(ACTION_USER_REMOVED);
removedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(RESTRICTED_USER));
removedIntent.putExtra(Intent.EXTRA_USER_HANDLE, RESTRICTED_USER);
@@ -8591,8 +8788,7 @@
assertNull(mCm.getActiveNetworkForUid(uid));
assertNotNull(mCm.getActiveNetworkForUid(restrictedUid));
- mVpnManagerService.setAlwaysOnVpnPackage(PRIMARY_USER, null, false /* lockdown */,
- allowList);
+ mMockVpn.setAlwaysOnPackage(null, false /* lockdown */, allowList);
waitForIdle();
}
@@ -9050,10 +9246,8 @@
new Handler(ConnectivityThread.getInstanceLooper()));
final int uid = Process.myUid();
- final int userId = UserHandle.getUserId(uid);
final ArrayList<String> allowList = new ArrayList<>();
- mVpnManagerService.setAlwaysOnVpnPackage(userId, ALWAYS_ON_PACKAGE, true /* lockdown */,
- allowList);
+ mMockVpn.setAlwaysOnPackage(ALWAYS_ON_PACKAGE, true /* lockdown */, allowList);
waitForIdle();
final Set<Integer> excludedUids = new ArraySet<Integer>();
@@ -9083,7 +9277,7 @@
assertNetworkInfo(TYPE_WIFI, DetailedState.BLOCKED);
// Disable lockdown, expect to see the network unblocked.
- mVpnManagerService.setAlwaysOnVpnPackage(userId, null, false /* lockdown */, allowList);
+ mMockVpn.setAlwaysOnPackage(null, false /* lockdown */, allowList);
callback.expectBlockedStatusCallback(false, mWiFiNetworkAgent);
defaultCallback.expectBlockedStatusCallback(false, mWiFiNetworkAgent);
vpnUidCallback.assertNoCallback();
@@ -9098,8 +9292,7 @@
// Add our UID to the allowlist and re-enable lockdown, expect network is not blocked.
allowList.add(TEST_PACKAGE_NAME);
- mVpnManagerService.setAlwaysOnVpnPackage(userId, ALWAYS_ON_PACKAGE, true /* lockdown */,
- allowList);
+ mMockVpn.setAlwaysOnPackage(ALWAYS_ON_PACKAGE, true /* lockdown */, allowList);
callback.assertNoCallback();
defaultCallback.assertNoCallback();
vpnUidCallback.assertNoCallback();
@@ -9137,12 +9330,11 @@
// Disable lockdown, remove our UID from the allowlist, and re-enable lockdown.
// Everything should now be blocked.
- mVpnManagerService.setAlwaysOnVpnPackage(userId, null, false /* lockdown */, allowList);
+ mMockVpn.setAlwaysOnPackage(null, false /* lockdown */, allowList);
waitForIdle();
expectNetworkRejectNonSecureVpn(inOrder, false, uidRangeParcelsAlsoExcludingUs);
allowList.clear();
- mVpnManagerService.setAlwaysOnVpnPackage(userId, ALWAYS_ON_PACKAGE, true /* lockdown */,
- allowList);
+ mMockVpn.setAlwaysOnPackage(ALWAYS_ON_PACKAGE, true /* lockdown */, allowList);
waitForIdle();
expectNetworkRejectNonSecureVpn(inOrder, true, uidRangeParcels);
defaultCallback.expectBlockedStatusCallback(true, mWiFiNetworkAgent);
@@ -9157,7 +9349,7 @@
assertNetworkInfo(TYPE_WIFI, DetailedState.BLOCKED);
// Disable lockdown. Everything is unblocked.
- mVpnManagerService.setAlwaysOnVpnPackage(userId, null, false /* lockdown */, allowList);
+ mMockVpn.setAlwaysOnPackage(null, false /* lockdown */, allowList);
defaultCallback.expectBlockedStatusCallback(false, mWiFiNetworkAgent);
assertBlockedCallbackInAnyOrder(callback, false, mWiFiNetworkAgent, mCellNetworkAgent);
vpnUidCallback.assertNoCallback();
@@ -9171,8 +9363,7 @@
// Enable and disable an always-on VPN package without lockdown. Expect no changes.
reset(mMockNetd);
- mVpnManagerService.setAlwaysOnVpnPackage(userId, ALWAYS_ON_PACKAGE, false /* lockdown */,
- allowList);
+ mMockVpn.setAlwaysOnPackage(ALWAYS_ON_PACKAGE, false /* lockdown */, allowList);
inOrder.verify(mMockNetd, never()).networkRejectNonSecureVpn(anyBoolean(), any());
callback.assertNoCallback();
defaultCallback.assertNoCallback();
@@ -9185,7 +9376,7 @@
assertNetworkInfo(TYPE_MOBILE, DetailedState.DISCONNECTED);
assertNetworkInfo(TYPE_WIFI, DetailedState.CONNECTED);
- mVpnManagerService.setAlwaysOnVpnPackage(userId, null, false /* lockdown */, allowList);
+ mMockVpn.setAlwaysOnPackage(null, false /* lockdown */, allowList);
inOrder.verify(mMockNetd, never()).networkRejectNonSecureVpn(anyBoolean(), any());
callback.assertNoCallback();
defaultCallback.assertNoCallback();
@@ -9199,8 +9390,7 @@
assertNetworkInfo(TYPE_WIFI, DetailedState.CONNECTED);
// Enable lockdown and connect a VPN. The VPN is not blocked.
- mVpnManagerService.setAlwaysOnVpnPackage(userId, ALWAYS_ON_PACKAGE, true /* lockdown */,
- allowList);
+ mMockVpn.setAlwaysOnPackage(ALWAYS_ON_PACKAGE, true /* lockdown */, allowList);
defaultCallback.expectBlockedStatusCallback(true, mWiFiNetworkAgent);
assertBlockedCallbackInAnyOrder(callback, true, mWiFiNetworkAgent, mCellNetworkAgent);
vpnUidCallback.assertNoCallback();
@@ -9286,7 +9476,7 @@
doAsUid(Process.SYSTEM_UID, () -> mCm.unregisterNetworkCallback(perUidCb));
}
- private void setupLegacyLockdownVpn() {
+ private VpnProfile setupLegacyLockdownVpn() {
final String profileName = "testVpnProfile";
final byte[] profileTag = profileName.getBytes(StandardCharsets.UTF_8);
doReturn(profileTag).when(mVpnProfileStore).get(Credentials.LOCKDOWN_VPN);
@@ -9298,6 +9488,8 @@
profile.type = VpnProfile.TYPE_IPSEC_XAUTH_PSK;
final byte[] encodedProfile = profile.encode();
doReturn(encodedProfile).when(mVpnProfileStore).get(Credentials.VPN + profileName);
+
+ return profile;
}
private void establishLegacyLockdownVpn(Network underlying) throws Exception {
@@ -9330,21 +9522,28 @@
new Handler(ConnectivityThread.getInstanceLooper()));
// Pretend lockdown VPN was configured.
- setupLegacyLockdownVpn();
+ final VpnProfile profile = setupLegacyLockdownVpn();
// LockdownVpnTracker disables the Vpn teardown code and enables lockdown.
// Check the VPN's state before it does so.
assertTrue(mMockVpn.getEnableTeardown());
assertFalse(mMockVpn.getLockdown());
- // Send a USER_UNLOCKED broadcast so CS starts LockdownVpnTracker.
- final int userId = UserHandle.getUserId(Process.myUid());
- final Intent addedIntent = new Intent(ACTION_USER_UNLOCKED);
- addedIntent.putExtra(Intent.EXTRA_USER, UserHandle.of(userId));
- addedIntent.putExtra(Intent.EXTRA_USER_HANDLE, userId);
- processBroadcast(addedIntent);
+ // VMSHandlerThread was used inside VpnManagerService and taken into LockDownVpnTracker.
+ // VpnManagerService was decoupled from this test but this handlerThread is still required
+ // in LockDownVpnTracker. Keep it until LockDownVpnTracker related verification is moved to
+ // its own test.
+ final HandlerThread VMSHandlerThread = new HandlerThread("TestVpnManagerService");
+ VMSHandlerThread.start();
+ // LockdownVpnTracker is created from VpnManagerService but VpnManagerService is decoupled
+ // from ConnectivityServiceTest. Create it directly to simulate LockdownVpnTracker is
+ // created.
+ // TODO: move LockdownVpnTracker related tests to its own test.
// Lockdown VPN disables teardown and enables lockdown.
+ final LockdownVpnTracker lockdownVpnTracker = new LockdownVpnTracker(mServiceContext,
+ VMSHandlerThread.getThreadHandler(), mMockVpn, profile);
+ lockdownVpnTracker.init();
assertFalse(mMockVpn.getEnableTeardown());
assertTrue(mMockVpn.getLockdown());
@@ -9514,42 +9713,34 @@
mMockVpn.expectStopVpnRunnerPrivileged();
callback.expectCallback(CallbackEntry.LOST, mMockVpn);
b2.expectBroadcast();
+
+ VMSHandlerThread.quitSafely();
}
- @Test
+ @Test @IgnoreUpTo(Build.VERSION_CODES.S_V2)
public void testLockdownSetFirewallUidRule() throws Exception {
- // For ConnectivityService#setAlwaysOnVpnPackage.
- mServiceContext.setPermission(
- Manifest.permission.CONTROL_ALWAYS_ON_VPN, PERMISSION_GRANTED);
- // Needed to call Vpn#setAlwaysOnPackage.
- mServiceContext.setPermission(Manifest.permission.CONTROL_VPN, PERMISSION_GRANTED);
- // Needed to call Vpn#isAlwaysOnPackageSupported.
- mServiceContext.setPermission(NETWORK_SETTINGS, PERMISSION_GRANTED);
-
+ final Set<Range<Integer>> lockdownRange = UidRange.toIntRanges(Set.of(PRIMARY_UIDRANGE));
// Enable Lockdown
- final ArrayList<String> allowList = new ArrayList<>();
- mVpnManagerService.setAlwaysOnVpnPackage(PRIMARY_USER, ALWAYS_ON_PACKAGE,
- true /* lockdown */, allowList);
+ mCm.setRequireVpnForUids(true /* requireVpn */, lockdownRange);
waitForIdle();
// Lockdown rule is set to apps uids
- verify(mBpfNetMaps).setUidRule(
- eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(APP1_UID), eq(FIREWALL_RULE_DENY));
- verify(mBpfNetMaps).setUidRule(
- eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(APP2_UID), eq(FIREWALL_RULE_DENY));
+ verify(mBpfNetMaps, times(3)).updateUidLockdownRule(anyInt(), eq(true) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(APP1_UID, true /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(APP2_UID, true /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(VPN_UID, true /* add */);
reset(mBpfNetMaps);
// Disable lockdown
- mVpnManagerService.setAlwaysOnVpnPackage(PRIMARY_USER, null, false /* lockdown */,
- allowList);
+ mCm.setRequireVpnForUids(false /* requireVPN */, lockdownRange);
waitForIdle();
// Lockdown rule is removed from apps uids
- verify(mBpfNetMaps).setUidRule(
- eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(APP1_UID), eq(FIREWALL_RULE_ALLOW));
- verify(mBpfNetMaps).setUidRule(
- eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(APP2_UID), eq(FIREWALL_RULE_ALLOW));
+ verify(mBpfNetMaps, times(3)).updateUidLockdownRule(anyInt(), eq(false) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(APP1_UID, false /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(APP2_UID, false /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(VPN_UID, false /* add */);
// Interface rules are not changed by Lockdown mode enable/disable
verify(mBpfNetMaps, never()).addUidInterfaceRules(any(), any());
@@ -9605,24 +9796,23 @@
}
}
- private void doTestReplaceFirewallChain(final int chain, final String chainName,
- final boolean allowList) {
+ private void doTestReplaceFirewallChain(final int chain) {
final int[] uids = new int[] {1001, 1002};
mCm.replaceFirewallChain(chain, uids);
- verify(mBpfNetMaps).replaceUidChain(chainName, allowList, uids);
+ verify(mBpfNetMaps).replaceUidChain(chain, uids);
reset(mBpfNetMaps);
}
@Test @IgnoreUpTo(SC_V2)
public void testReplaceFirewallChain() {
- doTestReplaceFirewallChain(FIREWALL_CHAIN_DOZABLE, "fw_dozable", true);
- doTestReplaceFirewallChain(FIREWALL_CHAIN_STANDBY, "fw_standby", false);
- doTestReplaceFirewallChain(FIREWALL_CHAIN_POWERSAVE, "fw_powersave", true);
- doTestReplaceFirewallChain(FIREWALL_CHAIN_RESTRICTED, "fw_restricted", true);
- doTestReplaceFirewallChain(FIREWALL_CHAIN_LOW_POWER_STANDBY, "fw_low_power_standby", true);
- doTestReplaceFirewallChain(FIREWALL_CHAIN_OEM_DENY_1, "fw_oem_deny_1", false);
- doTestReplaceFirewallChain(FIREWALL_CHAIN_OEM_DENY_2, "fw_oem_deny_2", false);
- doTestReplaceFirewallChain(FIREWALL_CHAIN_OEM_DENY_3, "fw_oem_deny_3", false);
+ doTestReplaceFirewallChain(FIREWALL_CHAIN_DOZABLE);
+ doTestReplaceFirewallChain(FIREWALL_CHAIN_STANDBY);
+ doTestReplaceFirewallChain(FIREWALL_CHAIN_POWERSAVE);
+ doTestReplaceFirewallChain(FIREWALL_CHAIN_RESTRICTED);
+ doTestReplaceFirewallChain(FIREWALL_CHAIN_LOW_POWER_STANDBY);
+ doTestReplaceFirewallChain(FIREWALL_CHAIN_OEM_DENY_1);
+ doTestReplaceFirewallChain(FIREWALL_CHAIN_OEM_DENY_2);
+ doTestReplaceFirewallChain(FIREWALL_CHAIN_OEM_DENY_3);
}
@Test @IgnoreUpTo(SC_V2)
@@ -9633,8 +9823,6 @@
() -> mCm.setUidFirewallRule(-1 /* chain */, uid, FIREWALL_RULE_ALLOW));
assertThrows(expected,
() -> mCm.setUidFirewallRule(100 /* chain */, uid, FIREWALL_RULE_ALLOW));
- assertThrows(expected, () -> mCm.replaceFirewallChain(-1 /* chain */, new int[]{uid}));
- assertThrows(expected, () -> mCm.replaceFirewallChain(100 /* chain */, new int[]{uid}));
}
@Test @IgnoreUpTo(SC_V2)
@@ -9858,8 +10046,6 @@
cellLp.addRoute(ipv6Default);
cellLp.addRoute(ipv6Subnet);
mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR, cellLp);
- reset(mMockDnsResolver);
- reset(mMockNetd);
reset(mClatCoordinator);
// Connect with ipv6 link properties. Expect prefix discovery to be started.
@@ -10530,69 +10716,67 @@
assertNull(mService.mPermissionMonitor.getVpnInterfaceUidRanges("tun0"));
}
+ private void checkInterfaceFilteringRuleWithNullInterface(final LinkProperties lp,
+ final int uid) throws Exception {
+ // The uid range needs to cover the test app so the network is visible to it.
+ final Set<UidRange> vpnRange = Collections.singleton(PRIMARY_UIDRANGE);
+ mMockVpn.establish(lp, uid, vpnRange);
+ assertVpnUidRangesUpdated(true, vpnRange, uid);
+
+ if (SdkLevel.isAtLeastT()) {
+ // On T and above, VPN should have rules for null interface. Null Interface is a
+ // wildcard and this accepts traffic from all the interfaces.
+ // There are two expected invocations, one during the VPN initial
+ // connection, one during the VPN LinkProperties update.
+ ArgumentCaptor<int[]> uidCaptor = ArgumentCaptor.forClass(int[].class);
+ verify(mBpfNetMaps, times(2)).addUidInterfaceRules(
+ eq(null) /* iface */, uidCaptor.capture());
+ if (uid == VPN_UID) {
+ assertContainsExactly(uidCaptor.getAllValues().get(0), APP1_UID, APP2_UID);
+ assertContainsExactly(uidCaptor.getAllValues().get(1), APP1_UID, APP2_UID);
+ } else {
+ assertContainsExactly(uidCaptor.getAllValues().get(0), APP1_UID, APP2_UID, VPN_UID);
+ assertContainsExactly(uidCaptor.getAllValues().get(1), APP1_UID, APP2_UID, VPN_UID);
+ }
+ assertEquals(mService.mPermissionMonitor.getVpnInterfaceUidRanges(null /* iface */),
+ vpnRange);
+
+ mMockVpn.disconnect();
+ waitForIdle();
+
+ // Disconnected VPN should have interface rules removed
+ verify(mBpfNetMaps).removeUidInterfaceRules(uidCaptor.capture());
+ if (uid == VPN_UID) {
+ assertContainsExactly(uidCaptor.getValue(), APP1_UID, APP2_UID);
+ } else {
+ assertContainsExactly(uidCaptor.getValue(), APP1_UID, APP2_UID, VPN_UID);
+ }
+ assertNull(mService.mPermissionMonitor.getVpnInterfaceUidRanges(null /* iface */));
+ } else {
+ // Before T, rules are not configured for null interface.
+ verify(mBpfNetMaps, never()).addUidInterfaceRules(any(), any());
+ }
+ }
+
@Test
- public void testLegacyVpnSetInterfaceFilteringRuleWithWildcard() throws Exception {
+ public void testLegacyVpnInterfaceFilteringRule() throws Exception {
LinkProperties lp = new LinkProperties();
lp.setInterfaceName("tun0");
lp.addRoute(new RouteInfo(new IpPrefix(Inet6Address.ANY, 0), null));
lp.addRoute(new RouteInfo(new IpPrefix(Inet4Address.ANY, 0), null));
- // The uid range needs to cover the test app so the network is visible to it.
- final Set<UidRange> vpnRange = Collections.singleton(PRIMARY_UIDRANGE);
- mMockVpn.establish(lp, Process.SYSTEM_UID, vpnRange);
- assertVpnUidRangesUpdated(true, vpnRange, Process.SYSTEM_UID);
-
- // A connected Legacy VPN should have interface rules with null interface.
- // Null Interface is a wildcard and this accepts traffic from all the interfaces.
- // There are two expected invocations, one during the VPN initial connection,
- // one during the VPN LinkProperties update.
- ArgumentCaptor<int[]> uidCaptor = ArgumentCaptor.forClass(int[].class);
- verify(mBpfNetMaps, times(2)).addUidInterfaceRules(
- eq(null) /* iface */, uidCaptor.capture());
- assertContainsExactly(uidCaptor.getAllValues().get(0), APP1_UID, APP2_UID, VPN_UID);
- assertContainsExactly(uidCaptor.getAllValues().get(1), APP1_UID, APP2_UID, VPN_UID);
- assertEquals(mService.mPermissionMonitor.getVpnInterfaceUidRanges(null /* iface */),
- vpnRange);
-
- mMockVpn.disconnect();
- waitForIdle();
-
- // Disconnected VPN should have interface rules removed
- verify(mBpfNetMaps).removeUidInterfaceRules(uidCaptor.capture());
- assertContainsExactly(uidCaptor.getValue(), APP1_UID, APP2_UID, VPN_UID);
- assertNull(mService.mPermissionMonitor.getVpnInterfaceUidRanges(null /* iface */));
+ // Legacy VPN should have interface filtering with null interface.
+ checkInterfaceFilteringRuleWithNullInterface(lp, Process.SYSTEM_UID);
}
@Test
- public void testLocalIpv4OnlyVpnSetInterfaceFilteringRuleWithWildcard() throws Exception {
+ public void testLocalIpv4OnlyVpnInterfaceFilteringRule() throws Exception {
LinkProperties lp = new LinkProperties();
lp.setInterfaceName("tun0");
lp.addRoute(new RouteInfo(new IpPrefix("192.0.2.0/24"), null, "tun0"));
lp.addRoute(new RouteInfo(new IpPrefix(Inet6Address.ANY, 0), RTN_UNREACHABLE));
- // The uid range needs to cover the test app so the network is visible to it.
- final Set<UidRange> vpnRange = Collections.singleton(PRIMARY_UIDRANGE);
- mMockVpn.establish(lp, Process.SYSTEM_UID, vpnRange);
- assertVpnUidRangesUpdated(true, vpnRange, Process.SYSTEM_UID);
-
- // IPv6 unreachable route should not be misinterpreted as a default route
- // A connected VPN should have interface rules with null interface.
- // Null Interface is a wildcard and this accepts traffic from all the interfaces.
- // There are two expected invocations, one during the VPN initial connection,
- // one during the VPN LinkProperties update.
- ArgumentCaptor<int[]> uidCaptor = ArgumentCaptor.forClass(int[].class);
- verify(mBpfNetMaps, times(2)).addUidInterfaceRules(
- eq(null) /* iface */, uidCaptor.capture());
- assertContainsExactly(uidCaptor.getAllValues().get(0), APP1_UID, APP2_UID, VPN_UID);
- assertContainsExactly(uidCaptor.getAllValues().get(1), APP1_UID, APP2_UID, VPN_UID);
- assertEquals(mService.mPermissionMonitor.getVpnInterfaceUidRanges(null /* iface */),
- vpnRange);
-
- mMockVpn.disconnect();
- waitForIdle();
-
- // Disconnected VPN should have interface rules removed
- verify(mBpfNetMaps).removeUidInterfaceRules(uidCaptor.capture());
- assertContainsExactly(uidCaptor.getValue(), APP1_UID, APP2_UID, VPN_UID);
- assertNull(mService.mPermissionMonitor.getVpnInterfaceUidRanges(null /* iface */));
+ // VPN that does not provide a default route should have interface filtering with null
+ // interface.
+ checkInterfaceFilteringRuleWithNullInterface(lp, VPN_UID);
}
@Test
@@ -10648,19 +10832,6 @@
}
@Test
- public void testStartVpnProfileFromDiffPackage() throws Exception {
- final String notMyVpnPkg = "com.not.my.vpn";
- assertThrows(
- SecurityException.class, () -> mVpnManagerService.startVpnProfile(notMyVpnPkg));
- }
-
- @Test
- public void testStopVpnProfileFromDiffPackage() throws Exception {
- final String notMyVpnPkg = "com.not.my.vpn";
- assertThrows(SecurityException.class, () -> mVpnManagerService.stopVpnProfile(notMyVpnPkg));
- }
-
- @Test
public void testUidUpdateChangesInterfaceFilteringRule() throws Exception {
LinkProperties lp = new LinkProperties();
lp.setInterfaceName("tun0");
@@ -11797,6 +11968,12 @@
mCm.unregisterNetworkCallback(networkCallback);
}
+ private void verifyDump(String[] args) {
+ final StringWriter stringWriter = new StringWriter();
+ mService.dump(new FileDescriptor(), new PrintWriter(stringWriter), args);
+ assertFalse(stringWriter.toString().isEmpty());
+ }
+
@Test
public void testDumpDoesNotCrash() {
mServiceContext.setPermission(DUMP, PERMISSION_GRANTED);
@@ -11809,11 +11986,26 @@
.addTransportType(TRANSPORT_WIFI).build();
mCm.registerNetworkCallback(genericRequest, genericNetworkCallback);
mCm.registerNetworkCallback(wifiRequest, wifiNetworkCallback);
- final StringWriter stringWriter = new StringWriter();
- mService.dump(new FileDescriptor(), new PrintWriter(stringWriter), new String[0]);
+ verifyDump(new String[0]);
- assertFalse(stringWriter.toString().isEmpty());
+ // Verify dump with arguments.
+ final String dumpPrio = "--dump-priority";
+ final String[] dumpArgs = {dumpPrio};
+ verifyDump(dumpArgs);
+
+ final String[] highDumpArgs = {dumpPrio, "HIGH"};
+ verifyDump(highDumpArgs);
+
+ final String[] normalDumpArgs = {dumpPrio, "NORMAL"};
+ verifyDump(normalDumpArgs);
+
+ // Invalid args should do dumpNormal w/o exception
+ final String[] unknownDumpArgs = {dumpPrio, "UNKNOWN"};
+ verifyDump(unknownDumpArgs);
+
+ final String[] invalidDumpArgs = {"UNKNOWN"};
+ verifyDump(invalidDumpArgs);
}
@Test
@@ -12157,16 +12349,14 @@
mQosCallbackMockHelper.registerQosCallback(
mQosCallbackMockHelper.mFilter, mQosCallbackMockHelper.mCallback);
- final NetworkAgentWrapper.CallbackType.OnQosCallbackRegister cbRegister1 =
- (NetworkAgentWrapper.CallbackType.OnQosCallbackRegister)
- wrapper.getCallbackHistory().poll(1000, x -> true);
+ final OnQosCallbackRegister cbRegister1 =
+ (OnQosCallbackRegister) wrapper.getCallbackHistory().poll(1000, x -> true);
assertNotNull(cbRegister1);
final int registerCallbackId = cbRegister1.mQosCallbackId;
mService.unregisterQosCallback(mQosCallbackMockHelper.mCallback);
- final NetworkAgentWrapper.CallbackType.OnQosCallbackUnregister cbUnregister;
- cbUnregister = (NetworkAgentWrapper.CallbackType.OnQosCallbackUnregister)
- wrapper.getCallbackHistory().poll(1000, x -> true);
+ final OnQosCallbackUnregister cbUnregister =
+ (OnQosCallbackUnregister) wrapper.getCallbackHistory().poll(1000, x -> true);
assertNotNull(cbUnregister);
assertEquals(registerCallbackId, cbUnregister.mQosCallbackId);
assertNull(wrapper.getCallbackHistory().poll(200, x -> true));
@@ -12245,6 +12435,86 @@
&& session.getSessionType() == QosSession.TYPE_NR_BEARER));
}
+ @Test @IgnoreUpTo(SC_V2)
+ public void testQosCallbackAvailableOnValidationError() throws Exception {
+ mQosCallbackMockHelper = new QosCallbackMockHelper();
+ final NetworkAgentWrapper wrapper = mQosCallbackMockHelper.mAgentWrapper;
+ final int sessionId = 10;
+ final int qosCallbackId = 1;
+
+ doReturn(QosCallbackException.EX_TYPE_FILTER_NONE)
+ .when(mQosCallbackMockHelper.mFilter).validate();
+ mQosCallbackMockHelper.registerQosCallback(
+ mQosCallbackMockHelper.mFilter, mQosCallbackMockHelper.mCallback);
+ OnQosCallbackRegister cbRegister1 =
+ (OnQosCallbackRegister) wrapper.getCallbackHistory().poll(1000, x -> true);
+ assertNotNull(cbRegister1);
+ final int registerCallbackId = cbRegister1.mQosCallbackId;
+
+ waitForIdle();
+
+ doReturn(QosCallbackException.EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED)
+ .when(mQosCallbackMockHelper.mFilter).validate();
+ final EpsBearerQosSessionAttributes attributes = new EpsBearerQosSessionAttributes(
+ 1, 2, 3, 4, 5, new ArrayList<>());
+ mQosCallbackMockHelper.mAgentWrapper.getNetworkAgent()
+ .sendQosSessionAvailable(qosCallbackId, sessionId, attributes);
+ waitForIdle();
+
+ final NetworkAgentWrapper.CallbackType.OnQosCallbackUnregister cbUnregister;
+ cbUnregister = (NetworkAgentWrapper.CallbackType.OnQosCallbackUnregister)
+ wrapper.getCallbackHistory().poll(1000, x -> true);
+ assertNotNull(cbUnregister);
+ assertEquals(registerCallbackId, cbUnregister.mQosCallbackId);
+ waitForIdle();
+ verify(mQosCallbackMockHelper.mCallback)
+ .onError(eq(QosCallbackException.EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED));
+ }
+
+ @Test @IgnoreUpTo(SC_V2)
+ public void testQosCallbackLostOnValidationError() throws Exception {
+ mQosCallbackMockHelper = new QosCallbackMockHelper();
+ final int sessionId = 10;
+ final int qosCallbackId = 1;
+
+ doReturn(QosCallbackException.EX_TYPE_FILTER_NONE)
+ .when(mQosCallbackMockHelper.mFilter).validate();
+ mQosCallbackMockHelper.registerQosCallback(
+ mQosCallbackMockHelper.mFilter, mQosCallbackMockHelper.mCallback);
+ waitForIdle();
+ EpsBearerQosSessionAttributes attributes =
+ sendQosSessionEvent(qosCallbackId, sessionId, true);
+ waitForIdle();
+
+ verify(mQosCallbackMockHelper.mCallback).onQosEpsBearerSessionAvailable(argThat(session ->
+ session.getSessionId() == sessionId
+ && session.getSessionType() == QosSession.TYPE_EPS_BEARER), eq(attributes));
+
+ doReturn(QosCallbackException.EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED)
+ .when(mQosCallbackMockHelper.mFilter).validate();
+
+ sendQosSessionEvent(qosCallbackId, sessionId, false);
+ waitForIdle();
+ verify(mQosCallbackMockHelper.mCallback)
+ .onError(eq(QosCallbackException.EX_TYPE_FILTER_SOCKET_REMOTE_ADDRESS_CHANGED));
+ }
+
+ private EpsBearerQosSessionAttributes sendQosSessionEvent(
+ int qosCallbackId, int sessionId, boolean available) {
+ if (available) {
+ final EpsBearerQosSessionAttributes attributes = new EpsBearerQosSessionAttributes(
+ 1, 2, 3, 4, 5, new ArrayList<>());
+ mQosCallbackMockHelper.mAgentWrapper.getNetworkAgent()
+ .sendQosSessionAvailable(qosCallbackId, sessionId, attributes);
+ return attributes;
+ } else {
+ mQosCallbackMockHelper.mAgentWrapper.getNetworkAgent()
+ .sendQosSessionLost(qosCallbackId, sessionId, QosSession.TYPE_EPS_BEARER);
+ return null;
+ }
+
+ }
+
@Test
public void testQosCallbackTooManyRequests() throws Exception {
mQosCallbackMockHelper = new QosCallbackMockHelper();
@@ -12779,6 +13049,12 @@
if (null != mTestPackageDefaultNetworkCallback2) {
mCm.unregisterNetworkCallback(mTestPackageDefaultNetworkCallback2);
}
+ mSystemDefaultNetworkCallback = null;
+ mDefaultNetworkCallback = null;
+ mProfileDefaultNetworkCallback = null;
+ mTestPackageDefaultNetworkCallback = null;
+ mProfileDefaultNetworkCallbackAsAppUid2 = null;
+ mTestPackageDefaultNetworkCallback2 = null;
}
private void setupMultipleDefaultNetworksForOemNetworkPreferenceNotCurrentUidTest(
@@ -14292,7 +14568,7 @@
* Make sure per profile network preferences behave as expected for a given
* profile network preference.
*/
- public void testPreferenceForUserNetworkUpDownForGivenPreference(
+ private void doTestPreferenceForUserNetworkUpDownForGivenPreference(
ProfileNetworkPreference profileNetworkPreference,
boolean connectWorkProfileAgentAhead,
UserHandle testHandle,
@@ -14536,7 +14812,7 @@
new ProfileNetworkPreference.Builder();
profileNetworkPreferenceBuilder.setPreference(PROFILE_NETWORK_PREFERENCE_ENTERPRISE);
profileNetworkPreferenceBuilder.setPreferenceEnterpriseId(NET_ENTERPRISE_ID_1);
- testPreferenceForUserNetworkUpDownForGivenPreference(
+ doTestPreferenceForUserNetworkUpDownForGivenPreference(
profileNetworkPreferenceBuilder.build(), false,
testHandle, mProfileDefaultNetworkCallback, null);
}
@@ -14555,7 +14831,7 @@
PROFILE_NETWORK_PREFERENCE_ENTERPRISE_NO_FALLBACK);
profileNetworkPreferenceBuilder.setPreferenceEnterpriseId(NET_ENTERPRISE_ID_1);
registerDefaultNetworkCallbacks();
- testPreferenceForUserNetworkUpDownForGivenPreference(
+ doTestPreferenceForUserNetworkUpDownForGivenPreference(
profileNetworkPreferenceBuilder.build(), false,
testHandle, mProfileDefaultNetworkCallback, null);
}
@@ -14576,7 +14852,7 @@
PROFILE_NETWORK_PREFERENCE_ENTERPRISE_NO_FALLBACK);
profileNetworkPreferenceBuilder.setPreferenceEnterpriseId(NET_ENTERPRISE_ID_1);
registerDefaultNetworkCallbacks();
- testPreferenceForUserNetworkUpDownForGivenPreference(
+ doTestPreferenceForUserNetworkUpDownForGivenPreference(
profileNetworkPreferenceBuilder.build(), true, testHandle,
mProfileDefaultNetworkCallback, null);
}
@@ -14595,7 +14871,7 @@
profileNetworkPreferenceBuilder.setIncludedUids(
new int[]{testHandle.getUid(TEST_WORK_PROFILE_APP_UID)});
registerDefaultNetworkCallbacks();
- testPreferenceForUserNetworkUpDownForGivenPreference(
+ doTestPreferenceForUserNetworkUpDownForGivenPreference(
profileNetworkPreferenceBuilder.build(), false, testHandle,
mProfileDefaultNetworkCallback, null);
}
@@ -14614,7 +14890,7 @@
profileNetworkPreferenceBuilder.setIncludedUids(
new int[]{testHandle.getUid(TEST_WORK_PROFILE_APP_UID_2)});
registerDefaultNetworkCallbacks();
- testPreferenceForUserNetworkUpDownForGivenPreference(
+ doTestPreferenceForUserNetworkUpDownForGivenPreference(
profileNetworkPreferenceBuilder.build(), false,
testHandle, mProfileDefaultNetworkCallbackAsAppUid2, null);
}
@@ -14633,7 +14909,7 @@
profileNetworkPreferenceBuilder.setExcludedUids(
new int[]{testHandle.getUid(TEST_WORK_PROFILE_APP_UID_2)});
registerDefaultNetworkCallbacks();
- testPreferenceForUserNetworkUpDownForGivenPreference(
+ doTestPreferenceForUserNetworkUpDownForGivenPreference(
profileNetworkPreferenceBuilder.build(), false,
testHandle, mProfileDefaultNetworkCallback,
mProfileDefaultNetworkCallbackAsAppUid2);
@@ -14729,7 +15005,7 @@
profileNetworkPreferenceBuilder.setPreference(PROFILE_NETWORK_PREFERENCE_ENTERPRISE);
profileNetworkPreferenceBuilder.setPreferenceEnterpriseId(NET_ENTERPRISE_ID_1);
registerDefaultNetworkCallbacks();
- testPreferenceForUserNetworkUpDownForGivenPreference(
+ doTestPreferenceForUserNetworkUpDownForGivenPreference(
profileNetworkPreferenceBuilder.build(), true,
testHandle, mProfileDefaultNetworkCallback,
null);
@@ -14749,7 +15025,7 @@
PROFILE_NETWORK_PREFERENCE_ENTERPRISE_NO_FALLBACK);
profileNetworkPreferenceBuilder.setPreferenceEnterpriseId(NET_ENTERPRISE_ID_1);
registerDefaultNetworkCallbacks();
- testPreferenceForUserNetworkUpDownForGivenPreference(
+ doTestPreferenceForUserNetworkUpDownForGivenPreference(
profileNetworkPreferenceBuilder.build(), true,
testHandle, mProfileDefaultNetworkCallback,
null);
@@ -14770,7 +15046,7 @@
profileNetworkPreferenceBuilder.setPreferenceEnterpriseId(
NET_ENTERPRISE_ID_2);
registerDefaultNetworkCallbacks();
- testPreferenceForUserNetworkUpDownForGivenPreference(
+ doTestPreferenceForUserNetworkUpDownForGivenPreference(
profileNetworkPreferenceBuilder.build(), true,
testHandle, mProfileDefaultNetworkCallback, null);
}
@@ -15548,11 +15824,19 @@
mServiceContext.setPermission(NETWORK_FACTORY, PERMISSION_GRANTED);
mServiceContext.setPermission(MANAGE_TEST_NETWORKS, PERMISSION_GRANTED);
- // In this test the automotive feature will be enabled.
- mockHasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE, true);
+ // Has automotive feature.
+ validateAutomotiveEthernetAllowedUids(true);
+
+ // No automotive feature.
+ validateAutomotiveEthernetAllowedUids(false);
+ }
+
+ private void validateAutomotiveEthernetAllowedUids(final boolean hasAutomotiveFeature)
+ throws Exception {
+ mockHasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE, hasAutomotiveFeature);
// Simulate a restricted ethernet network.
- final NetworkCapabilities.Builder agentNetCaps = new NetworkCapabilities.Builder()
+ final NetworkCapabilities.Builder ncb = new NetworkCapabilities.Builder()
.addTransportType(TRANSPORT_ETHERNET)
.addCapability(NET_CAPABILITY_INTERNET)
.addCapability(NET_CAPABILITY_NOT_SUSPENDED)
@@ -15560,8 +15844,34 @@
.removeCapability(NET_CAPABILITY_NOT_RESTRICTED);
mEthernetNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_ETHERNET,
- new LinkProperties(), agentNetCaps.build());
- validateAllowedUids(mEthernetNetworkAgent, TRANSPORT_ETHERNET, agentNetCaps, true);
+ new LinkProperties(), ncb.build());
+
+ final ArraySet<Integer> serviceUidSet = new ArraySet<>();
+ serviceUidSet.add(TEST_PACKAGE_UID);
+
+ final TestNetworkCallback cb = new TestNetworkCallback();
+
+ mCm.requestNetwork(new NetworkRequest.Builder()
+ .addTransportType(TRANSPORT_ETHERNET)
+ .removeCapability(NET_CAPABILITY_NOT_RESTRICTED)
+ .build(), cb);
+ mEthernetNetworkAgent.connect(true);
+ cb.expectAvailableThenValidatedCallbacks(mEthernetNetworkAgent);
+
+ // Cell gets to set the service UID as access UID
+ ncb.setAllowedUids(serviceUidSet);
+ mEthernetNetworkAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
+ if (SdkLevel.isAtLeastT() && hasAutomotiveFeature) {
+ cb.expectCapabilitiesThat(mEthernetNetworkAgent,
+ caps -> caps.getAllowedUids().equals(serviceUidSet));
+ } else {
+ // S and no automotive feature must ignore access UIDs.
+ cb.assertNoCallback(TEST_CALLBACK_TIMEOUT_MS);
+ }
+
+ mEthernetNetworkAgent.disconnect();
+ cb.expectCallback(CallbackEntry.LOST, mEthernetNetworkAgent);
+ mCm.unregisterNetworkCallback(cb);
}
@Test
@@ -15575,7 +15885,7 @@
// Simulate a restricted telephony network. The telephony factory is entitled to set
// the access UID to the service package on any of its restricted networks.
- final NetworkCapabilities.Builder agentNetCaps = new NetworkCapabilities.Builder()
+ final NetworkCapabilities.Builder ncb = new NetworkCapabilities.Builder()
.addTransportType(TRANSPORT_CELLULAR)
.addCapability(NET_CAPABILITY_INTERNET)
.addCapability(NET_CAPABILITY_NOT_SUSPENDED)
@@ -15584,13 +15894,8 @@
.setNetworkSpecifier(new TelephonyNetworkSpecifier(1 /* subid */));
mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR,
- new LinkProperties(), agentNetCaps.build());
- validateAllowedUids(mCellNetworkAgent, TRANSPORT_CELLULAR, agentNetCaps, false);
- }
+ new LinkProperties(), ncb.build());
- private void validateAllowedUids(final TestNetworkAgentWrapper testAgent,
- @NetworkCapabilities.Transport final int transportUnderTest,
- final NetworkCapabilities.Builder ncb, final boolean forAutomotive) throws Exception {
final ArraySet<Integer> serviceUidSet = new ArraySet<>();
serviceUidSet.add(TEST_PACKAGE_UID);
final ArraySet<Integer> nonServiceUidSet = new ArraySet<>();
@@ -15601,34 +15906,28 @@
final TestNetworkCallback cb = new TestNetworkCallback();
- /* Test setting UIDs */
// Cell gets to set the service UID as access UID
mCm.requestNetwork(new NetworkRequest.Builder()
- .addTransportType(transportUnderTest)
+ .addTransportType(TRANSPORT_CELLULAR)
.removeCapability(NET_CAPABILITY_NOT_RESTRICTED)
.build(), cb);
- testAgent.connect(true);
- cb.expectAvailableThenValidatedCallbacks(testAgent);
+ mCellNetworkAgent.connect(true);
+ cb.expectAvailableThenValidatedCallbacks(mCellNetworkAgent);
ncb.setAllowedUids(serviceUidSet);
- testAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
+ mCellNetworkAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
if (SdkLevel.isAtLeastT()) {
- cb.expectCapabilitiesThat(testAgent,
+ cb.expectCapabilitiesThat(mCellNetworkAgent,
caps -> caps.getAllowedUids().equals(serviceUidSet));
} else {
// S must ignore access UIDs.
cb.assertNoCallback(TEST_CALLBACK_TIMEOUT_MS);
}
- /* Test setting UIDs is rejected when expected */
- if (forAutomotive) {
- mockHasSystemFeature(PackageManager.FEATURE_AUTOMOTIVE, false);
- }
-
// ...but not to some other UID. Rejection sets UIDs to the empty set
ncb.setAllowedUids(nonServiceUidSet);
- testAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
+ mCellNetworkAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
if (SdkLevel.isAtLeastT()) {
- cb.expectCapabilitiesThat(testAgent,
+ cb.expectCapabilitiesThat(mCellNetworkAgent,
caps -> caps.getAllowedUids().isEmpty());
} else {
// S must ignore access UIDs.
@@ -15637,18 +15936,18 @@
// ...and also not to multiple UIDs even including the service UID
ncb.setAllowedUids(serviceUidSetPlus);
- testAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
+ mCellNetworkAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
cb.assertNoCallback(TEST_CALLBACK_TIMEOUT_MS);
- testAgent.disconnect();
- cb.expectCallback(CallbackEntry.LOST, testAgent);
+ mCellNetworkAgent.disconnect();
+ cb.expectCallback(CallbackEntry.LOST, mCellNetworkAgent);
mCm.unregisterNetworkCallback(cb);
// Must be unset before touching the transports, because remove and add transport types
// check the specifier on the builder immediately, contradicting normal builder semantics
// TODO : fix the builder
ncb.setNetworkSpecifier(null);
- ncb.removeTransportType(transportUnderTest);
+ ncb.removeTransportType(TRANSPORT_CELLULAR);
ncb.addTransportType(TRANSPORT_WIFI);
// Wifi does not get to set access UID, even to the correct UID
mCm.requestNetwork(new NetworkRequest.Builder()
@@ -15665,6 +15964,45 @@
mCm.unregisterNetworkCallback(cb);
}
+ @Test
+ public void testSanitizedCapabilitiesFromAgentDoesNotMutateArgument()
+ throws Exception {
+ // This NetworkCapabilities builds an usual object to maximize the chance that this requires
+ // sanitization, so we have a high chance to detect any changes to the original.
+ final NetworkCapabilities unsanitized = new NetworkCapabilities.Builder()
+ .withoutDefaultCapabilities()
+ .addTransportType(TRANSPORT_WIFI)
+ .addCapability(NET_CAPABILITY_INTERNET)
+ .setOwnerUid(12345)
+ .setAdministratorUids(new int[] {12345, 23456, 34567})
+ .setLinkUpstreamBandwidthKbps(20)
+ .setLinkDownstreamBandwidthKbps(10)
+ .setNetworkSpecifier(new EthernetNetworkSpecifier("foobar"))
+ .setTransportInfo(new WifiInfo.Builder().setBssid("AA:AA:AA:AA:AA:AA").build())
+ .setSignalStrength(-75)
+ .setSsid("SSID1")
+ .setRequestorUid(98765)
+ .setRequestorPackageName("TestPackage")
+ .setSubscriptionIds(Collections.singleton(Process.myUid()))
+ .setUids(UidRange.toIntRanges(uidRangesForUids(
+ UserHandle.getUid(PRIMARY_USER, 10100),
+ UserHandle.getUid(SECONDARY_USER, 10101),
+ UserHandle.getUid(TERTIARY_USER, 10043))))
+ .setAllowedUids(Set.of(45678, 56789, 65432))
+ .setUnderlyingNetworks(List.of(new Network(99999)))
+ .build();
+ final NetworkCapabilities copyOfUnsanitized = new NetworkCapabilities(unsanitized);
+ final NetworkInfo info = new NetworkInfo(TYPE_MOBILE, TelephonyManager.NETWORK_TYPE_LTE,
+ ConnectivityManager.getNetworkTypeName(TYPE_MOBILE),
+ TelephonyManager.getNetworkTypeName(TelephonyManager.NETWORK_TYPE_LTE));
+ final NetworkAgentInfo agent = fakeNai(unsanitized, info);
+ agent.setDeclaredCapabilities(unsanitized);
+ final NetworkCapabilities sanitized = agent.getDeclaredCapabilitiesSanitized(
+ null /* carrierPrivilegeAuthenticator */);
+ assertEquals(copyOfUnsanitized, unsanitized);
+ assertNotEquals(sanitized, unsanitized);
+ }
+
/**
* Validate request counts are counted accurately on setProfileNetworkPreference on set/replace.
*/
@@ -15673,7 +16011,7 @@
final UserHandle testHandle = setupEnterpriseNetwork();
final TestOnCompleteListener listener = new TestOnCompleteListener();
// Leave one request available so the profile preference can be set.
- testRequestCountLimits(1 /* countToLeaveAvailable */, () -> {
+ withRequestCountersAcquired(1 /* countToLeaveAvailable */, () -> {
withPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK,
Process.myPid(), Process.myUid(), () -> {
// Set initially to test the limit prior to having existing requests.
@@ -15687,7 +16025,7 @@
final int otherAppUid = UserHandle.getUid(TEST_WORK_PROFILE_USER_ID,
UserHandle.getAppId(Process.myUid() + 1));
final int remainingCount = ConnectivityService.MAX_NETWORK_REQUESTS_PER_UID
- - mService.mNetworkRequestCounter.mUidToNetworkRequestCount.get(otherAppUid)
+ - mService.mNetworkRequestCounter.get(otherAppUid)
- 1;
final NetworkCallback[] callbacks = new NetworkCallback[remainingCount];
doAsUid(otherAppUid, () -> {
@@ -15722,7 +16060,7 @@
@OemNetworkPreferences.OemNetworkPreference final int networkPref =
OEM_NETWORK_PREFERENCE_OEM_PRIVATE_ONLY;
// Leave one request available so the OEM preference can be set.
- testRequestCountLimits(1 /* countToLeaveAvailable */, () ->
+ withRequestCountersAcquired(1 /* countToLeaveAvailable */, () ->
withPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, () -> {
// Set initially to test the limit prior to having existing requests.
final TestOemListenerCallback listener = new TestOemListenerCallback();
@@ -15737,12 +16075,11 @@
}));
}
- private void testRequestCountLimits(final int countToLeaveAvailable,
- @NonNull final ExceptionalRunnable r) throws Exception {
+ private void withRequestCountersAcquired(final int countToLeaveAvailable,
+ @NonNull final ThrowingRunnable r) throws Exception {
final ArraySet<TestNetworkCallback> callbacks = new ArraySet<>();
try {
- final int requestCount = mService.mSystemNetworkRequestCounter
- .mUidToNetworkRequestCount.get(Process.myUid());
+ final int requestCount = mService.mSystemNetworkRequestCounter.get(Process.myUid());
// The limit is hit when total requests = limit - 1, and exceeded with a crash when
// total requests >= limit.
final int countToFile =
@@ -15755,8 +16092,7 @@
callbacks.add(cb);
}
assertEquals(MAX_NETWORK_REQUESTS_PER_SYSTEM_UID - 1 - countToLeaveAvailable,
- mService.mSystemNetworkRequestCounter
- .mUidToNetworkRequestCount.get(Process.myUid()));
+ mService.mSystemNetworkRequestCounter.get(Process.myUid()));
});
// Code to run to check if it triggers a max request count limit error.
r.run();
@@ -16005,7 +16341,7 @@
ConnectivitySettingsManager.setMobileDataPreferredUids(mServiceContext,
Set.of(PRIMARY_USER_HANDLE.getUid(TEST_PACKAGE_UID)));
// Leave one request available so MDO preference set up above can be set.
- testRequestCountLimits(1 /* countToLeaveAvailable */, () ->
+ withRequestCountersAcquired(1 /* countToLeaveAvailable */, () ->
withPermission(NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK,
Process.myPid(), Process.myUid(), () -> {
// Set initially to test the limit prior to having existing requests.
@@ -16369,54 +16705,40 @@
}
@Test
- public void testIgnoreValidationAfterRoamDisabled() throws Exception {
- assumeFalse(SdkLevel.isAtLeastT());
- // testIgnoreValidationAfterRoam off
- doReturn(-1).when(mResources)
- .getInteger(R.integer.config_validationFailureAfterRoamIgnoreTimeMillis);
+ public void testOfferNetwork_ChecksArgumentsOutsideOfHandler() throws Exception {
+ final TestableNetworkOfferCallback callback = new TestableNetworkOfferCallback(
+ TIMEOUT_MS /* timeout */, TEST_CALLBACK_TIMEOUT_MS /* noCallbackTimeout */);
+ final NetworkProvider testProvider = new NetworkProvider(mServiceContext,
+ mCsHandlerThread.getLooper(), "Test provider");
+ final NetworkCapabilities caps = new NetworkCapabilities.Builder()
+ .addCapability(NET_CAPABILITY_INTERNET)
+ .addCapability(NET_CAPABILITY_NOT_VCN_MANAGED)
+ .build();
- mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR);
- mCellNetworkAgent.connect(true);
- NetworkCapabilities wifiNc1 = new NetworkCapabilities()
- .addTransportType(TRANSPORT_WIFI)
- .setTransportInfo(new WifiInfo.Builder().setBssid("AA:AA:AA:AA:AA:AA").build());
- NetworkCapabilities wifiNc2 = new NetworkCapabilities()
- .addTransportType(TRANSPORT_WIFI)
- .setTransportInfo(new WifiInfo.Builder().setBssid("BB:BB:BB:BB:BB:BB").build());
- final LinkProperties wifiLp = new LinkProperties();
- wifiLp.setInterfaceName(WIFI_IFNAME);
- mWiFiNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_WIFI, wifiLp, wifiNc1);
- mWiFiNetworkAgent.connect(true);
+ final NetworkScore score = new NetworkScore.Builder().build();
+ testProvider.registerNetworkOffer(score, caps, r -> r.run(), callback);
+ testProvider.unregisterNetworkOffer(callback);
- // The default network will be switching to Wi-Fi Network.
- final TestNetworkCallback wifiNetworkCallback = new TestNetworkCallback();
- final NetworkRequest wifiRequest = new NetworkRequest.Builder()
- .addTransportType(TRANSPORT_WIFI).build();
- mCm.registerNetworkCallback(wifiRequest, wifiNetworkCallback);
- wifiNetworkCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
- registerDefaultNetworkCallbacks();
- mDefaultNetworkCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
-
- // Wi-Fi roaming from wifiNc1 to wifiNc2.
- mWiFiNetworkAgent.setNetworkCapabilities(wifiNc2, true);
- mWiFiNetworkAgent.setNetworkInvalid(false);
- mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), false);
- mDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
+ assertThrows(NullPointerException.class,
+ () -> mService.offerNetwork(100, score, caps, null));
+ assertThrows(NullPointerException.class, () -> mService.unofferNetwork(null));
}
- @Test
- public void testIgnoreValidationAfterRoamEnabled() throws Exception {
+ public void doTestIgnoreValidationAfterRoam(final boolean enabled) throws Exception {
assumeFalse(SdkLevel.isAtLeastT());
- // testIgnoreValidationAfterRoam on
- doReturn(5000).when(mResources)
+ doReturn(enabled ? 5000 : -1).when(mResources)
.getInteger(R.integer.config_validationFailureAfterRoamIgnoreTimeMillis);
mCellNetworkAgent = new TestNetworkAgentWrapper(TRANSPORT_CELLULAR);
mCellNetworkAgent.connect(true);
NetworkCapabilities wifiNc1 = new NetworkCapabilities()
+ .addCapability(NET_CAPABILITY_INTERNET)
+ .addCapability(NET_CAPABILITY_NOT_VCN_MANAGED)
.addTransportType(TRANSPORT_WIFI)
.setTransportInfo(new WifiInfo.Builder().setBssid("AA:AA:AA:AA:AA:AA").build());
NetworkCapabilities wifiNc2 = new NetworkCapabilities()
+ .addCapability(NET_CAPABILITY_INTERNET)
+ .addCapability(NET_CAPABILITY_NOT_VCN_MANAGED)
.addTransportType(TRANSPORT_WIFI)
.setTransportInfo(new WifiInfo.Builder().setBssid("BB:BB:BB:BB:BB:BB").build());
final LinkProperties wifiLp = new LinkProperties();
@@ -16428,16 +16750,75 @@
final TestNetworkCallback wifiNetworkCallback = new TestNetworkCallback();
final NetworkRequest wifiRequest = new NetworkRequest.Builder()
.addTransportType(TRANSPORT_WIFI).build();
- mCm.registerNetworkCallback(wifiRequest, wifiNetworkCallback);
+ mCm.requestNetwork(wifiRequest, wifiNetworkCallback);
wifiNetworkCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
registerDefaultNetworkCallbacks();
mDefaultNetworkCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
- // Wi-Fi roaming from wifiNc1 to wifiNc2.
+ // There is a bug in the current code where ignoring validation after roam will not
+ // correctly change the default network if the result if the validation is partial or
+ // captive portal. TODO : fix the bug and reinstate this code.
+ if (false) {
+ // Wi-Fi roaming from wifiNc1 to wifiNc2 but the network is now behind a captive portal.
+ mWiFiNetworkAgent.setNetworkCapabilities(wifiNc2, true /* sendToConnectivityService */);
+ // The only thing changed in this CAPS is the BSSID, which can't be tested for in this
+ // test because it's redacted.
+ wifiNetworkCallback.expectCallback(CallbackEntry.NETWORK_CAPS_UPDATED,
+ mWiFiNetworkAgent);
+ mDefaultNetworkCallback.expectCallback(CallbackEntry.NETWORK_CAPS_UPDATED,
+ mWiFiNetworkAgent);
+ mWiFiNetworkAgent.setNetworkPortal(TEST_REDIRECT_URL, false /* isStrictMode */);
+ mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), false);
+ // Wi-Fi is now detected to have a portal : cell should become the default network.
+ mDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
+ wifiNetworkCallback.expectCapabilitiesWithout(NET_CAPABILITY_VALIDATED,
+ mWiFiNetworkAgent);
+ wifiNetworkCallback.expectCapabilitiesWith(NET_CAPABILITY_CAPTIVE_PORTAL,
+ mWiFiNetworkAgent);
+
+ // Wi-Fi becomes valid again. The default network goes back to Wi-Fi.
+ mWiFiNetworkAgent.setNetworkValid(false /* isStrictMode */);
+ mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), true);
+ mDefaultNetworkCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
+ wifiNetworkCallback.expectCapabilitiesWithout(NET_CAPABILITY_CAPTIVE_PORTAL,
+ mWiFiNetworkAgent);
+
+ // Wi-Fi roaming from wifiNc2 to wifiNc1, and the network now has partial connectivity.
+ mWiFiNetworkAgent.setNetworkCapabilities(wifiNc1, true);
+ wifiNetworkCallback.expectCallback(CallbackEntry.NETWORK_CAPS_UPDATED,
+ mWiFiNetworkAgent);
+ mDefaultNetworkCallback.expectCallback(CallbackEntry.NETWORK_CAPS_UPDATED,
+ mWiFiNetworkAgent);
+ mWiFiNetworkAgent.setNetworkPartial();
+ mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), false);
+ // Wi-Fi now only offers partial connectivity, so in the absence of accepting partial
+ // connectivity explicitly for this network, it loses default status to cell.
+ mDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
+ wifiNetworkCallback.expectCapabilitiesWith(NET_CAPABILITY_PARTIAL_CONNECTIVITY,
+ mWiFiNetworkAgent);
+
+ // Wi-Fi becomes valid again. The default network goes back to Wi-Fi.
+ mWiFiNetworkAgent.setNetworkValid(false /* isStrictMode */);
+ mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), true);
+ mDefaultNetworkCallback.expectAvailableCallbacksValidated(mWiFiNetworkAgent);
+ wifiNetworkCallback.expectCapabilitiesWithout(NET_CAPABILITY_PARTIAL_CONNECTIVITY,
+ mWiFiNetworkAgent);
+ }
+
+ // Wi-Fi roams from wifiNc1 to wifiNc2, and now becomes really invalid. If validation
+ // failures after roam are not ignored, this will cause cell to become the default network.
+ // If they are ignored, this will not cause a switch until later.
mWiFiNetworkAgent.setNetworkCapabilities(wifiNc2, true);
- mWiFiNetworkAgent.setNetworkInvalid(false);
+ mDefaultNetworkCallback.expectCallback(CallbackEntry.NETWORK_CAPS_UPDATED,
+ mWiFiNetworkAgent);
+ mWiFiNetworkAgent.setNetworkInvalid(false /* isStrictMode */);
mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), false);
+ if (!enabled) {
+ mDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
+ return;
+ }
+
// Network validation failed, but the result will be ignored.
assertTrue(mCm.getNetworkCapabilities(mWiFiNetworkAgent.getNetwork()).hasCapability(
NET_CAPABILITY_VALIDATED));
@@ -16453,6 +16834,17 @@
waitForValidationBlock.block(150);
mCm.reportNetworkConnectivity(mWiFiNetworkAgent.getNetwork(), false);
mDefaultNetworkCallback.expectAvailableCallbacksValidated(mCellNetworkAgent);
+
+ mCm.unregisterNetworkCallback(wifiNetworkCallback);
+ }
+
+ @Test
+ public void testIgnoreValidationAfterRoamDisabled() throws Exception {
+ doTestIgnoreValidationAfterRoam(false /* enabled */);
+ }
+ @Test
+ public void testIgnoreValidationAfterRoamEnabled() throws Exception {
+ doTestIgnoreValidationAfterRoam(true /* enabled */);
}
@Test
diff --git a/tests/unit/java/com/android/server/IpSecServiceParameterizedTest.java b/tests/unit/java/com/android/server/IpSecServiceParameterizedTest.java
index 45f3d3c..9401d47 100644
--- a/tests/unit/java/com/android/server/IpSecServiceParameterizedTest.java
+++ b/tests/unit/java/com/android/server/IpSecServiceParameterizedTest.java
@@ -89,7 +89,7 @@
public class IpSecServiceParameterizedTest {
@Rule
public final DevSdkIgnoreRule mIgnoreRule = new DevSdkIgnoreRule(
- Build.VERSION_CODES.R /* ignoreClassUpTo */);
+ Build.VERSION_CODES.S_V2 /* ignoreClassUpTo */);
private static final int TEST_SPI = 0xD1201D;
@@ -783,6 +783,23 @@
}
@Test
+ public void testSetNetworkForTunnelInterfaceFailsForNullLp() throws Exception {
+ final IpSecTunnelInterfaceResponse createTunnelResp =
+ createAndValidateTunnel(mSourceAddr, mDestinationAddr, BLESSED_PACKAGE);
+ final Network newFakeNetwork = new Network(1000);
+ final int tunnelIfaceResourceId = createTunnelResp.resourceId;
+
+ try {
+ mIpSecService.setNetworkForTunnelInterface(
+ tunnelIfaceResourceId, newFakeNetwork, BLESSED_PACKAGE);
+ fail(
+ "Expected an IllegalArgumentException for underlying network with null"
+ + " LinkProperties");
+ } catch (IllegalArgumentException expected) {
+ }
+ }
+
+ @Test
public void testSetNetworkForTunnelInterfaceFailsForInvalidResourceId() throws Exception {
final IpSecTunnelInterfaceResponse createTunnelResp =
createAndValidateTunnel(mSourceAddr, mDestinationAddr, BLESSED_PACKAGE);
diff --git a/tests/unit/java/com/android/server/IpSecServiceRefcountedResourceTest.java b/tests/unit/java/com/android/server/IpSecServiceRefcountedResourceTest.java
index 5c7ca6f..8595ab9 100644
--- a/tests/unit/java/com/android/server/IpSecServiceRefcountedResourceTest.java
+++ b/tests/unit/java/com/android/server/IpSecServiceRefcountedResourceTest.java
@@ -54,7 +54,7 @@
/** Unit tests for {@link IpSecService.RefcountedResource}. */
@SmallTest
@RunWith(DevSdkIgnoreRunner.class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class IpSecServiceRefcountedResourceTest {
Context mMockContext;
IpSecService.Dependencies mMockDeps;
diff --git a/tests/unit/java/com/android/server/IpSecServiceTest.java b/tests/unit/java/com/android/server/IpSecServiceTest.java
index 7e6b157..6955620 100644
--- a/tests/unit/java/com/android/server/IpSecServiceTest.java
+++ b/tests/unit/java/com/android/server/IpSecServiceTest.java
@@ -75,7 +75,7 @@
/** Unit tests for {@link IpSecService}. */
@SmallTest
@RunWith(DevSdkIgnoreRunner.class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class IpSecServiceTest {
private static final int DROID_SPI = 0xD1201D;
diff --git a/tests/unit/java/com/android/server/NetIdManagerTest.kt b/tests/unit/java/com/android/server/NetIdManagerTest.kt
index 811134e..f2b14a1 100644
--- a/tests/unit/java/com/android/server/NetIdManagerTest.kt
+++ b/tests/unit/java/com/android/server/NetIdManagerTest.kt
@@ -21,7 +21,7 @@
import com.android.server.NetIdManager.MIN_NET_ID
import com.android.testutils.DevSdkIgnoreRule
import com.android.testutils.DevSdkIgnoreRunner
-import com.android.testutils.ExceptionUtils.ThrowingRunnable
+import com.android.testutils.FunctionalUtils.ThrowingRunnable
import com.android.testutils.assertThrows
import org.junit.Test
import org.junit.runner.RunWith
diff --git a/tests/unit/java/com/android/server/NsdServiceTest.java b/tests/unit/java/com/android/server/NsdServiceTest.java
index ed9e930..5808beb 100644
--- a/tests/unit/java/com/android/server/NsdServiceTest.java
+++ b/tests/unit/java/com/android/server/NsdServiceTest.java
@@ -16,6 +16,8 @@
package com.android.server;
+import static android.net.nsd.NsdManager.FAILURE_INTERNAL_ERROR;
+
import static libcore.junit.util.compat.CoreCompatChangeRule.DisableCompatChanges;
import static libcore.junit.util.compat.CoreCompatChangeRule.EnableCompatChanges;
@@ -25,6 +27,7 @@
import static org.mockito.ArgumentMatchers.anyInt;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.any;
+import static org.mockito.Mockito.doCallRealMethod;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.eq;
import static org.mockito.Mockito.mock;
@@ -43,11 +46,15 @@
import android.net.mdns.aidl.DiscoveryInfo;
import android.net.mdns.aidl.GetAddressInfo;
import android.net.mdns.aidl.IMDnsEventListener;
+import android.net.mdns.aidl.RegistrationInfo;
import android.net.mdns.aidl.ResolutionInfo;
import android.net.nsd.INsdManagerCallback;
import android.net.nsd.INsdServiceConnector;
import android.net.nsd.MDnsManager;
import android.net.nsd.NsdManager;
+import android.net.nsd.NsdManager.DiscoveryListener;
+import android.net.nsd.NsdManager.RegistrationListener;
+import android.net.nsd.NsdManager.ResolveListener;
import android.net.nsd.NsdServiceInfo;
import android.os.Binder;
import android.os.Build;
@@ -83,12 +90,17 @@
// - test NSD_ON ENABLE/DISABLED listening
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class NsdServiceTest {
-
static final int PROTOCOL = NsdManager.PROTOCOL_DNS_SD;
private static final long CLEANUP_DELAY_MS = 500;
private static final long TIMEOUT_MS = 500;
+ private static final String SERVICE_NAME = "a_name";
+ private static final String SERVICE_TYPE = "a_type";
+ private static final String SERVICE_FULL_NAME = SERVICE_NAME + "." + SERVICE_TYPE;
+ private static final String DOMAIN_NAME = "mytestdevice.local";
+ private static final int PORT = 2201;
+ private static final int IFACE_IDX_ANY = 0;
// Records INsdManagerCallback created when NsdService#connect is called.
// Only accessed on the test thread, since NsdService#connect is called by the NsdManager
@@ -102,6 +114,7 @@
@Mock MDnsManager mMockMDnsM;
HandlerThread mThread;
TestHandler mHandler;
+ NsdService mService;
private static class LinkToDeathRecorder extends Binder {
IBinder.DeathRecipient mDr;
@@ -123,12 +136,18 @@
doReturn(MDnsManager.MDNS_SERVICE).when(mContext)
.getSystemServiceName(MDnsManager.class);
doReturn(mMockMDnsM).when(mContext).getSystemService(MDnsManager.MDNS_SERVICE);
+ if (mContext.getSystemService(MDnsManager.class) == null) {
+ // Test is using mockito-extended
+ doCallRealMethod().when(mContext).getSystemService(MDnsManager.class);
+ }
doReturn(true).when(mMockMDnsM).registerService(
anyInt(), anyString(), anyString(), anyInt(), any(), anyInt());
doReturn(true).when(mMockMDnsM).stopOperation(anyInt());
doReturn(true).when(mMockMDnsM).discover(anyInt(), anyString(), anyInt());
doReturn(true).when(mMockMDnsM).resolve(
anyInt(), anyString(), anyString(), anyString(), anyInt());
+
+ mService = makeService();
}
@After
@@ -140,20 +159,16 @@
}
@Test
- @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @DisableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testPreSClients() throws Exception {
- NsdService service = makeService();
-
// Pre S client connected, the daemon should be started.
- connectClient(service);
- waitForIdle();
+ connectClient(mService);
final INsdManagerCallback cb1 = getCallback();
final IBinder.DeathRecipient deathRecipient1 = verifyLinkToDeath(cb1);
verify(mMockMDnsM, times(1)).registerEventListener(any());
verify(mMockMDnsM, times(1)).startDaemon();
- connectClient(service);
- waitForIdle();
+ connectClient(mService);
final INsdManagerCallback cb2 = getCallback();
final IBinder.DeathRecipient deathRecipient2 = verifyLinkToDeath(cb2);
// Daemon has been started, it should not try to start it again.
@@ -171,21 +186,17 @@
}
@Test
- @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testNoDaemonStartedWhenClientsConnect() throws Exception {
- final NsdService service = makeService();
-
// Creating an NsdManager will not cause daemon startup.
- connectClient(service);
- waitForIdle();
+ connectClient(mService);
verify(mMockMDnsM, never()).registerEventListener(any());
verify(mMockMDnsM, never()).startDaemon();
final INsdManagerCallback cb1 = getCallback();
final IBinder.DeathRecipient deathRecipient1 = verifyLinkToDeath(cb1);
// Creating another NsdManager will not cause daemon startup either.
- connectClient(service);
- waitForIdle();
+ connectClient(mService);
verify(mMockMDnsM, never()).registerEventListener(any());
verify(mMockMDnsM, never()).startDaemon();
final INsdManagerCallback cb2 = getCallback();
@@ -209,72 +220,68 @@
}
@Test
- @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testClientRequestsAreGCedAtDisconnection() throws Exception {
- NsdService service = makeService();
-
- NsdManager client = connectClient(service);
- waitForIdle();
+ final NsdManager client = connectClient(mService);
final INsdManagerCallback cb1 = getCallback();
final IBinder.DeathRecipient deathRecipient = verifyLinkToDeath(cb1);
verify(mMockMDnsM, never()).registerEventListener(any());
verify(mMockMDnsM, never()).startDaemon();
- NsdServiceInfo request = new NsdServiceInfo("a_name", "a_type");
- request.setPort(2201);
+ final NsdServiceInfo request = new NsdServiceInfo(SERVICE_NAME, SERVICE_TYPE);
+ request.setPort(PORT);
// Client registration request
- NsdManager.RegistrationListener listener1 = mock(NsdManager.RegistrationListener.class);
+ final RegistrationListener listener1 = mock(RegistrationListener.class);
client.registerService(request, PROTOCOL, listener1);
waitForIdle();
- verify(mMockMDnsM, times(1)).registerEventListener(any());
- verify(mMockMDnsM, times(1)).startDaemon();
- verify(mMockMDnsM, times(1)).registerService(
- eq(2), eq("a_name"), eq("a_type"), eq(2201), any(), eq(0));
+ verify(mMockMDnsM).registerEventListener(any());
+ verify(mMockMDnsM).startDaemon();
+ verify(mMockMDnsM).registerService(
+ eq(2), eq(SERVICE_NAME), eq(SERVICE_TYPE), eq(PORT), any(), eq(IFACE_IDX_ANY));
// Client discovery request
- NsdManager.DiscoveryListener listener2 = mock(NsdManager.DiscoveryListener.class);
- client.discoverServices("a_type", PROTOCOL, listener2);
+ final DiscoveryListener listener2 = mock(DiscoveryListener.class);
+ client.discoverServices(SERVICE_TYPE, PROTOCOL, listener2);
waitForIdle();
- verify(mMockMDnsM, times(1)).discover(eq(3), eq("a_type"), eq(0));
+ verify(mMockMDnsM).discover(3 /* id */, SERVICE_TYPE, IFACE_IDX_ANY);
// Client resolve request
- NsdManager.ResolveListener listener3 = mock(NsdManager.ResolveListener.class);
+ final ResolveListener listener3 = mock(ResolveListener.class);
client.resolveService(request, listener3);
waitForIdle();
- verify(mMockMDnsM, times(1)).resolve(
- eq(4), eq("a_name"), eq("a_type"), eq("local."), eq(0));
+ verify(mMockMDnsM).resolve(
+ 4 /* id */, SERVICE_NAME, SERVICE_TYPE, "local." /* domain */, IFACE_IDX_ANY);
// Client disconnects, stop the daemon after CLEANUP_DELAY_MS.
deathRecipient.binderDied();
verifyDelayMaybeStopDaemon(CLEANUP_DELAY_MS);
// checks that request are cleaned
- verify(mMockMDnsM, times(1)).stopOperation(eq(2));
- verify(mMockMDnsM, times(1)).stopOperation(eq(3));
- verify(mMockMDnsM, times(1)).stopOperation(eq(4));
+ verify(mMockMDnsM).stopOperation(2 /* id */);
+ verify(mMockMDnsM).stopOperation(3 /* id */);
+ verify(mMockMDnsM).stopOperation(4 /* id */);
}
@Test
- @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS)
+ @EnableCompatChanges(NsdManager.RUN_NATIVE_NSD_ONLY_IF_LEGACY_APPS_T_AND_LATER)
public void testCleanupDelayNoRequestActive() throws Exception {
- NsdService service = makeService();
- NsdManager client = connectClient(service);
+ final NsdManager client = connectClient(mService);
- NsdServiceInfo request = new NsdServiceInfo("a_name", "a_type");
- request.setPort(2201);
- NsdManager.RegistrationListener listener1 = mock(NsdManager.RegistrationListener.class);
+ final NsdServiceInfo request = new NsdServiceInfo(SERVICE_NAME, SERVICE_TYPE);
+ request.setPort(PORT);
+ final RegistrationListener listener1 = mock(RegistrationListener.class);
client.registerService(request, PROTOCOL, listener1);
waitForIdle();
- verify(mMockMDnsM, times(1)).registerEventListener(any());
- verify(mMockMDnsM, times(1)).startDaemon();
+ verify(mMockMDnsM).registerEventListener(any());
+ verify(mMockMDnsM).startDaemon();
final INsdManagerCallback cb1 = getCallback();
final IBinder.DeathRecipient deathRecipient = verifyLinkToDeath(cb1);
- verify(mMockMDnsM, times(1)).registerService(
- eq(2), eq("a_name"), eq("a_type"), eq(2201), any(), eq(0));
+ verify(mMockMDnsM).registerService(
+ eq(2), eq(SERVICE_NAME), eq(SERVICE_TYPE), eq(PORT), any(), eq(IFACE_IDX_ANY));
client.unregisterService(listener1);
waitForIdle();
- verify(mMockMDnsM, times(1)).stopOperation(eq(2));
+ verify(mMockMDnsM).stopOperation(2 /* id */);
verifyDelayMaybeStopDaemon(CLEANUP_DELAY_MS);
reset(mMockMDnsM);
@@ -284,38 +291,37 @@
verify(mMockMDnsM, never()).stopDaemon();
}
- @Test
- public void testDiscoverOnTetheringDownstream() throws Exception {
- NsdService service = makeService();
- NsdManager client = connectClient(service);
-
- final String serviceType = "a_type";
- final String serviceName = "a_name";
- final String domainName = "mytestdevice.local";
- final int interfaceIdx = 123;
- final NsdManager.DiscoveryListener discListener = mock(NsdManager.DiscoveryListener.class);
- client.discoverServices(serviceType, NsdManager.PROTOCOL_DNS_SD, discListener);
- waitForIdle();
-
+ private IMDnsEventListener getEventListener() {
final ArgumentCaptor<IMDnsEventListener> listenerCaptor =
ArgumentCaptor.forClass(IMDnsEventListener.class);
verify(mMockMDnsM).registerEventListener(listenerCaptor.capture());
+ return listenerCaptor.getValue();
+ }
+
+ @Test
+ public void testDiscoverOnTetheringDownstream() throws Exception {
+ final NsdManager client = connectClient(mService);
+ final int interfaceIdx = 123;
+ final DiscoveryListener discListener = mock(DiscoveryListener.class);
+ client.discoverServices(SERVICE_TYPE, PROTOCOL, discListener);
+ waitForIdle();
+
+ final IMDnsEventListener eventListener = getEventListener();
final ArgumentCaptor<Integer> discIdCaptor = ArgumentCaptor.forClass(Integer.class);
- verify(mMockMDnsM).discover(discIdCaptor.capture(), eq(serviceType),
+ verify(mMockMDnsM).discover(discIdCaptor.capture(), eq(SERVICE_TYPE),
eq(0) /* interfaceIdx */);
// NsdManager uses a separate HandlerThread to dispatch callbacks (on ServiceHandler), so
// this needs to use a timeout
- verify(discListener, timeout(TIMEOUT_MS)).onDiscoveryStarted(serviceType);
+ verify(discListener, timeout(TIMEOUT_MS)).onDiscoveryStarted(SERVICE_TYPE);
final DiscoveryInfo discoveryInfo = new DiscoveryInfo(
discIdCaptor.getValue(),
IMDnsEventListener.SERVICE_FOUND,
- serviceName,
- serviceType,
- domainName,
+ SERVICE_NAME,
+ SERVICE_TYPE,
+ DOMAIN_NAME,
interfaceIdx,
INetd.LOCAL_NET_ID); // LOCAL_NET_ID (99) used on tethering downstreams
- final IMDnsEventListener eventListener = listenerCaptor.getValue();
eventListener.onServiceDiscoveryStatus(discoveryInfo);
waitForIdle();
@@ -323,31 +329,30 @@
ArgumentCaptor.forClass(NsdServiceInfo.class);
verify(discListener, timeout(TIMEOUT_MS)).onServiceFound(discoveredInfoCaptor.capture());
final NsdServiceInfo foundInfo = discoveredInfoCaptor.getValue();
- assertEquals(serviceName, foundInfo.getServiceName());
- assertEquals(serviceType, foundInfo.getServiceType());
+ assertEquals(SERVICE_NAME, foundInfo.getServiceName());
+ assertEquals(SERVICE_TYPE, foundInfo.getServiceType());
assertNull(foundInfo.getHost());
assertNull(foundInfo.getNetwork());
assertEquals(interfaceIdx, foundInfo.getInterfaceIndex());
// After discovering the service, verify resolving it
- final NsdManager.ResolveListener resolveListener = mock(NsdManager.ResolveListener.class);
+ final ResolveListener resolveListener = mock(ResolveListener.class);
client.resolveService(foundInfo, resolveListener);
waitForIdle();
final ArgumentCaptor<Integer> resolvIdCaptor = ArgumentCaptor.forClass(Integer.class);
- verify(mMockMDnsM).resolve(resolvIdCaptor.capture(), eq(serviceName), eq(serviceType),
+ verify(mMockMDnsM).resolve(resolvIdCaptor.capture(), eq(SERVICE_NAME), eq(SERVICE_TYPE),
eq("local.") /* domain */, eq(interfaceIdx));
final int servicePort = 10123;
- final String serviceFullName = serviceName + "." + serviceType;
final ResolutionInfo resolutionInfo = new ResolutionInfo(
resolvIdCaptor.getValue(),
IMDnsEventListener.SERVICE_RESOLVED,
null /* serviceName */,
null /* serviceType */,
null /* domain */,
- serviceFullName,
- domainName,
+ SERVICE_FULL_NAME,
+ DOMAIN_NAME,
servicePort,
new byte[0] /* txtRecord */,
interfaceIdx);
@@ -357,14 +362,14 @@
waitForIdle();
final ArgumentCaptor<Integer> getAddrIdCaptor = ArgumentCaptor.forClass(Integer.class);
- verify(mMockMDnsM).getServiceAddress(getAddrIdCaptor.capture(), eq(domainName),
+ verify(mMockMDnsM).getServiceAddress(getAddrIdCaptor.capture(), eq(DOMAIN_NAME),
eq(interfaceIdx));
final String serviceAddress = "192.0.2.123";
final GetAddressInfo addressInfo = new GetAddressInfo(
getAddrIdCaptor.getValue(),
IMDnsEventListener.SERVICE_GET_ADDR_SUCCESS,
- serviceFullName,
+ SERVICE_FULL_NAME,
serviceAddress,
interfaceIdx,
INetd.LOCAL_NET_ID);
@@ -375,14 +380,181 @@
ArgumentCaptor.forClass(NsdServiceInfo.class);
verify(resolveListener, timeout(TIMEOUT_MS)).onServiceResolved(resInfoCaptor.capture());
final NsdServiceInfo resolvedService = resInfoCaptor.getValue();
- assertEquals(serviceName, resolvedService.getServiceName());
- assertEquals("." + serviceType, resolvedService.getServiceType());
+ assertEquals(SERVICE_NAME, resolvedService.getServiceName());
+ assertEquals("." + SERVICE_TYPE, resolvedService.getServiceType());
assertEquals(InetAddresses.parseNumericAddress(serviceAddress), resolvedService.getHost());
assertEquals(servicePort, resolvedService.getPort());
assertNull(resolvedService.getNetwork());
assertEquals(interfaceIdx, resolvedService.getInterfaceIndex());
}
+ @Test
+ public void testServiceRegistrationSuccessfulAndFailed() throws Exception {
+ final NsdManager client = connectClient(mService);
+ final NsdServiceInfo request = new NsdServiceInfo(SERVICE_NAME, SERVICE_TYPE);
+ request.setPort(PORT);
+ final RegistrationListener regListener = mock(RegistrationListener.class);
+ client.registerService(request, PROTOCOL, regListener);
+ waitForIdle();
+
+ final IMDnsEventListener eventListener = getEventListener();
+ final ArgumentCaptor<Integer> regIdCaptor = ArgumentCaptor.forClass(Integer.class);
+ verify(mMockMDnsM).registerService(regIdCaptor.capture(),
+ eq(SERVICE_NAME), eq(SERVICE_TYPE), eq(PORT), any(), eq(IFACE_IDX_ANY));
+
+ // Register service successfully.
+ final RegistrationInfo registrationInfo = new RegistrationInfo(
+ regIdCaptor.getValue(),
+ IMDnsEventListener.SERVICE_REGISTERED,
+ SERVICE_NAME,
+ SERVICE_TYPE,
+ PORT,
+ new byte[0] /* txtRecord */,
+ IFACE_IDX_ANY);
+ eventListener.onServiceRegistrationStatus(registrationInfo);
+
+ final ArgumentCaptor<NsdServiceInfo> registeredInfoCaptor =
+ ArgumentCaptor.forClass(NsdServiceInfo.class);
+ verify(regListener, timeout(TIMEOUT_MS))
+ .onServiceRegistered(registeredInfoCaptor.capture());
+ final NsdServiceInfo registeredInfo = registeredInfoCaptor.getValue();
+ assertEquals(SERVICE_NAME, registeredInfo.getServiceName());
+
+ // Fail to register service.
+ final RegistrationInfo registrationFailedInfo = new RegistrationInfo(
+ regIdCaptor.getValue(),
+ IMDnsEventListener.SERVICE_REGISTRATION_FAILED,
+ null /* serviceName */,
+ null /* registrationType */,
+ 0 /* port */,
+ new byte[0] /* txtRecord */,
+ IFACE_IDX_ANY);
+ eventListener.onServiceRegistrationStatus(registrationFailedInfo);
+ verify(regListener, timeout(TIMEOUT_MS))
+ .onRegistrationFailed(any(), eq(FAILURE_INTERNAL_ERROR));
+ }
+
+ @Test
+ public void testServiceDiscoveryFailed() throws Exception {
+ final NsdManager client = connectClient(mService);
+ final DiscoveryListener discListener = mock(DiscoveryListener.class);
+ client.discoverServices(SERVICE_TYPE, PROTOCOL, discListener);
+ waitForIdle();
+
+ final IMDnsEventListener eventListener = getEventListener();
+ final ArgumentCaptor<Integer> discIdCaptor = ArgumentCaptor.forClass(Integer.class);
+ verify(mMockMDnsM).discover(discIdCaptor.capture(), eq(SERVICE_TYPE), eq(IFACE_IDX_ANY));
+ verify(discListener, timeout(TIMEOUT_MS)).onDiscoveryStarted(SERVICE_TYPE);
+
+ // Fail to discover service.
+ final DiscoveryInfo discoveryFailedInfo = new DiscoveryInfo(
+ discIdCaptor.getValue(),
+ IMDnsEventListener.SERVICE_DISCOVERY_FAILED,
+ null /* serviceName */,
+ null /* registrationType */,
+ null /* domainName */,
+ IFACE_IDX_ANY,
+ 0 /* netId */);
+ eventListener.onServiceDiscoveryStatus(discoveryFailedInfo);
+ verify(discListener, timeout(TIMEOUT_MS))
+ .onStartDiscoveryFailed(SERVICE_TYPE, FAILURE_INTERNAL_ERROR);
+ }
+
+ @Test
+ public void testServiceResolutionFailed() throws Exception {
+ final NsdManager client = connectClient(mService);
+ final NsdServiceInfo request = new NsdServiceInfo(SERVICE_NAME, SERVICE_TYPE);
+ final ResolveListener resolveListener = mock(ResolveListener.class);
+ client.resolveService(request, resolveListener);
+ waitForIdle();
+
+ final IMDnsEventListener eventListener = getEventListener();
+ final ArgumentCaptor<Integer> resolvIdCaptor = ArgumentCaptor.forClass(Integer.class);
+ verify(mMockMDnsM).resolve(resolvIdCaptor.capture(), eq(SERVICE_NAME), eq(SERVICE_TYPE),
+ eq("local.") /* domain */, eq(IFACE_IDX_ANY));
+
+ // Fail to resolve service.
+ final ResolutionInfo resolutionFailedInfo = new ResolutionInfo(
+ resolvIdCaptor.getValue(),
+ IMDnsEventListener.SERVICE_RESOLUTION_FAILED,
+ null /* serviceName */,
+ null /* serviceType */,
+ null /* domain */,
+ null /* serviceFullName */,
+ null /* domainName */,
+ 0 /* port */,
+ new byte[0] /* txtRecord */,
+ IFACE_IDX_ANY);
+ eventListener.onServiceResolutionStatus(resolutionFailedInfo);
+ verify(resolveListener, timeout(TIMEOUT_MS))
+ .onResolveFailed(any(), eq(FAILURE_INTERNAL_ERROR));
+ }
+
+ @Test
+ public void testGettingAddressFailed() throws Exception {
+ final NsdManager client = connectClient(mService);
+ final NsdServiceInfo request = new NsdServiceInfo(SERVICE_NAME, SERVICE_TYPE);
+ final ResolveListener resolveListener = mock(ResolveListener.class);
+ client.resolveService(request, resolveListener);
+ waitForIdle();
+
+ final IMDnsEventListener eventListener = getEventListener();
+ final ArgumentCaptor<Integer> resolvIdCaptor = ArgumentCaptor.forClass(Integer.class);
+ verify(mMockMDnsM).resolve(resolvIdCaptor.capture(), eq(SERVICE_NAME), eq(SERVICE_TYPE),
+ eq("local.") /* domain */, eq(IFACE_IDX_ANY));
+
+ // Resolve service successfully.
+ final ResolutionInfo resolutionInfo = new ResolutionInfo(
+ resolvIdCaptor.getValue(),
+ IMDnsEventListener.SERVICE_RESOLVED,
+ null /* serviceName */,
+ null /* serviceType */,
+ null /* domain */,
+ SERVICE_FULL_NAME,
+ DOMAIN_NAME,
+ PORT,
+ new byte[0] /* txtRecord */,
+ IFACE_IDX_ANY);
+ doReturn(true).when(mMockMDnsM).getServiceAddress(anyInt(), any(), anyInt());
+ eventListener.onServiceResolutionStatus(resolutionInfo);
+ waitForIdle();
+
+ final ArgumentCaptor<Integer> getAddrIdCaptor = ArgumentCaptor.forClass(Integer.class);
+ verify(mMockMDnsM).getServiceAddress(getAddrIdCaptor.capture(), eq(DOMAIN_NAME),
+ eq(IFACE_IDX_ANY));
+
+ // Fail to get service address.
+ final GetAddressInfo gettingAddrFailedInfo = new GetAddressInfo(
+ getAddrIdCaptor.getValue(),
+ IMDnsEventListener.SERVICE_GET_ADDR_FAILED,
+ null /* hostname */,
+ null /* address */,
+ IFACE_IDX_ANY,
+ 0 /* netId */);
+ eventListener.onGettingServiceAddressStatus(gettingAddrFailedInfo);
+ verify(resolveListener, timeout(TIMEOUT_MS))
+ .onResolveFailed(any(), eq(FAILURE_INTERNAL_ERROR));
+ }
+
+ @Test
+ public void testNoCrashWhenProcessResolutionAfterBinderDied() throws Exception {
+ final NsdManager client = connectClient(mService);
+ final INsdManagerCallback cb = getCallback();
+ final IBinder.DeathRecipient deathRecipient = verifyLinkToDeath(cb);
+ deathRecipient.binderDied();
+
+ final NsdServiceInfo request = new NsdServiceInfo(SERVICE_NAME, SERVICE_TYPE);
+ final ResolveListener resolveListener = mock(ResolveListener.class);
+ client.resolveService(request, resolveListener);
+ waitForIdle();
+
+ verify(mMockMDnsM, never()).registerEventListener(any());
+ verify(mMockMDnsM, never()).startDaemon();
+ verify(mMockMDnsM, never()).resolve(anyInt() /* id */, anyString() /* serviceName */,
+ anyString() /* registrationType */, anyString() /* domain */,
+ anyInt()/* interfaceIdx */);
+ }
+
private void waitForIdle() {
HandlerUtils.waitForIdle(mHandler, TIMEOUT_MS);
}
@@ -410,7 +582,10 @@
}
NsdManager connectClient(NsdService service) {
- return new NsdManager(mContext, service);
+ final NsdManager nsdManager = new NsdManager(mContext, service);
+ // Wait for client registration done.
+ waitForIdle();
+ return nsdManager;
}
void verifyDelayMaybeStopDaemon(long cleanupDelayMs) throws Exception {
diff --git a/tests/unit/java/com/android/server/VpnManagerServiceTest.java b/tests/unit/java/com/android/server/VpnManagerServiceTest.java
new file mode 100644
index 0000000..c8a93a6
--- /dev/null
+++ b/tests/unit/java/com/android/server/VpnManagerServiceTest.java
@@ -0,0 +1,394 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server;
+
+import static android.os.Build.VERSION_CODES.R;
+
+import static com.android.testutils.ContextUtils.mockService;
+import static com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
+import static com.android.testutils.MiscAsserts.assertThrows;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+
+import android.annotation.UserIdInt;
+import android.content.BroadcastReceiver;
+import android.content.Context;
+import android.content.Intent;
+import android.content.pm.PackageManager;
+import android.net.ConnectivityManager;
+import android.net.INetd;
+import android.net.Uri;
+import android.os.Handler;
+import android.os.HandlerThread;
+import android.os.INetworkManagementService;
+import android.os.Looper;
+import android.os.UserHandle;
+import android.os.UserManager;
+import android.security.Credentials;
+
+import androidx.test.filters.SmallTest;
+
+import com.android.internal.net.VpnProfile;
+import com.android.server.connectivity.Vpn;
+import com.android.server.connectivity.VpnProfileStore;
+import com.android.server.net.LockdownVpnTracker;
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+import com.android.testutils.HandlerUtils;
+
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import java.nio.charset.StandardCharsets;
+import java.util.List;
+
+@RunWith(DevSdkIgnoreRunner.class)
+@IgnoreUpTo(R) // VpnManagerService is not available before R
+@SmallTest
+public class VpnManagerServiceTest extends VpnTestBase {
+ @Rule
+ public final DevSdkIgnoreRule mIgnoreRule = new DevSdkIgnoreRule();
+
+ private static final int TIMEOUT_MS = 2_000;
+
+ @Mock Context mContext;
+ @Mock Context mSystemContext;
+ @Mock Context mUserAllContext;
+ private HandlerThread mHandlerThread;
+ @Mock private Vpn mVpn;
+ @Mock private INetworkManagementService mNms;
+ @Mock private ConnectivityManager mCm;
+ @Mock private UserManager mUserManager;
+ @Mock private INetd mNetd;
+ @Mock private PackageManager mPackageManager;
+ @Mock private VpnProfileStore mVpnProfileStore;
+ @Mock private LockdownVpnTracker mLockdownVpnTracker;
+
+ private VpnManagerServiceDependencies mDeps;
+ private VpnManagerService mService;
+ private BroadcastReceiver mUserPresentReceiver;
+ private BroadcastReceiver mIntentReceiver;
+ private final String mNotMyVpnPkg = "com.not.my.vpn";
+
+ class VpnManagerServiceDependencies extends VpnManagerService.Dependencies {
+ @Override
+ public HandlerThread makeHandlerThread() {
+ return mHandlerThread;
+ }
+
+ @Override
+ public INetworkManagementService getINetworkManagementService() {
+ return mNms;
+ }
+
+ @Override
+ public INetd getNetd() {
+ return mNetd;
+ }
+
+ @Override
+ public Vpn createVpn(Looper looper, Context context, INetworkManagementService nms,
+ INetd netd, @UserIdInt int userId) {
+ return mVpn;
+ }
+
+ @Override
+ public VpnProfileStore getVpnProfileStore() {
+ return mVpnProfileStore;
+ }
+
+ @Override
+ public LockdownVpnTracker createLockDownVpnTracker(Context context, Handler handler,
+ Vpn vpn, VpnProfile profile) {
+ return mLockdownVpnTracker;
+ }
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ MockitoAnnotations.initMocks(this);
+
+ mHandlerThread = new HandlerThread("TestVpnManagerService");
+ mDeps = new VpnManagerServiceDependencies();
+ doReturn(mUserAllContext).when(mContext).createContextAsUser(UserHandle.ALL, 0);
+ doReturn(mSystemContext).when(mContext).createContextAsUser(UserHandle.SYSTEM, 0);
+ doReturn(mPackageManager).when(mContext).getPackageManager();
+ setMockedPackages(mPackageManager, sPackages);
+
+ mockService(mContext, ConnectivityManager.class, Context.CONNECTIVITY_SERVICE, mCm);
+ mockService(mContext, UserManager.class, Context.USER_SERVICE, mUserManager);
+ doReturn(SYSTEM_USER).when(mUserManager).getUserInfo(eq(SYSTEM_USER_ID));
+
+ mService = new VpnManagerService(mContext, mDeps);
+ mService.systemReady();
+
+ final ArgumentCaptor<BroadcastReceiver> intentReceiverCaptor =
+ ArgumentCaptor.forClass(BroadcastReceiver.class);
+ final ArgumentCaptor<BroadcastReceiver> userPresentReceiverCaptor =
+ ArgumentCaptor.forClass(BroadcastReceiver.class);
+ verify(mSystemContext).registerReceiver(
+ userPresentReceiverCaptor.capture(), any(), any(), any());
+ verify(mUserAllContext, times(2)).registerReceiver(
+ intentReceiverCaptor.capture(), any(), any(), any());
+ mUserPresentReceiver = userPresentReceiverCaptor.getValue();
+ mIntentReceiver = intentReceiverCaptor.getValue();
+
+ // Add user to create vpn in mVpn
+ onUserStarted(SYSTEM_USER_ID);
+ assertNotNull(mService.mVpns.get(SYSTEM_USER_ID));
+ }
+
+ @Test
+ public void testUpdateAppExclusionList() {
+ // Start vpn
+ mService.startVpnProfile(TEST_VPN_PKG);
+ verify(mVpn).startVpnProfile(eq(TEST_VPN_PKG));
+
+ // Remove package due to package replaced.
+ onPackageRemoved(PKGS[0], PKG_UIDS[0], true /* isReplacing */);
+ verify(mVpn, never()).refreshPlatformVpnAppExclusionList();
+
+ // Add package due to package replaced.
+ onPackageAdded(PKGS[0], PKG_UIDS[0], true /* isReplacing */);
+ verify(mVpn, never()).refreshPlatformVpnAppExclusionList();
+
+ // Remove package
+ onPackageRemoved(PKGS[0], PKG_UIDS[0], false /* isReplacing */);
+ verify(mVpn).refreshPlatformVpnAppExclusionList();
+
+ // Add the package back
+ onPackageAdded(PKGS[0], PKG_UIDS[0], false /* isReplacing */);
+ verify(mVpn, times(2)).refreshPlatformVpnAppExclusionList();
+ }
+
+ @Test
+ public void testStartVpnProfileFromDiffPackage() {
+ assertThrows(
+ SecurityException.class, () -> mService.startVpnProfile(mNotMyVpnPkg));
+ }
+
+ @Test
+ public void testStopVpnProfileFromDiffPackage() {
+ assertThrows(SecurityException.class, () -> mService.stopVpnProfile(mNotMyVpnPkg));
+ }
+
+ @Test
+ public void testGetProvisionedVpnProfileStateFromDiffPackage() {
+ assertThrows(SecurityException.class, () ->
+ mService.getProvisionedVpnProfileState(mNotMyVpnPkg));
+ }
+
+ @Test
+ public void testGetProvisionedVpnProfileState() {
+ mService.getProvisionedVpnProfileState(TEST_VPN_PKG);
+ verify(mVpn).getProvisionedVpnProfileState(TEST_VPN_PKG);
+ }
+
+ private Intent buildIntent(String action, String packageName, int userId, int uid,
+ boolean isReplacing) {
+ final Intent intent = new Intent(action);
+ intent.putExtra(Intent.EXTRA_USER_HANDLE, userId);
+ intent.putExtra(Intent.EXTRA_UID, uid);
+ intent.putExtra(Intent.EXTRA_REPLACING, isReplacing);
+ if (packageName != null) {
+ intent.setData(Uri.fromParts("package" /* scheme */, packageName, null /* fragment */));
+ }
+
+ return intent;
+ }
+
+ private void sendIntent(Intent intent) {
+ sendIntent(mIntentReceiver, mContext, intent);
+ }
+
+ private void sendIntent(BroadcastReceiver receiver, Context context, Intent intent) {
+ final Handler h = mHandlerThread.getThreadHandler();
+
+ // Send in handler thread.
+ h.post(() -> receiver.onReceive(context, intent));
+ HandlerUtils.waitForIdle(mHandlerThread, TIMEOUT_MS);
+ }
+
+ private void onUserStarted(int userId) {
+ sendIntent(buildIntent(Intent.ACTION_USER_STARTED,
+ null /* packageName */, userId, -1 /* uid */, false /* isReplacing */));
+ }
+
+ private void onUserUnlocked(int userId) {
+ sendIntent(buildIntent(Intent.ACTION_USER_UNLOCKED,
+ null /* packageName */, userId, -1 /* uid */, false /* isReplacing */));
+ }
+
+ private void onUserStopped(int userId) {
+ sendIntent(buildIntent(Intent.ACTION_USER_STOPPED,
+ null /* packageName */, userId, -1 /* uid */, false /* isReplacing */));
+ }
+
+ private void onLockDownReset() {
+ sendIntent(buildIntent(LockdownVpnTracker.ACTION_LOCKDOWN_RESET, null /* packageName */,
+ UserHandle.USER_SYSTEM, -1 /* uid */, false /* isReplacing */));
+ }
+
+ private void onPackageAdded(String packageName, int userId, int uid, boolean isReplacing) {
+ sendIntent(buildIntent(Intent.ACTION_PACKAGE_ADDED, packageName, userId, uid, isReplacing));
+ }
+
+ private void onPackageAdded(String packageName, int uid, boolean isReplacing) {
+ onPackageAdded(packageName, UserHandle.USER_SYSTEM, uid, isReplacing);
+ }
+
+ private void onPackageRemoved(String packageName, int userId, int uid, boolean isReplacing) {
+ sendIntent(buildIntent(Intent.ACTION_PACKAGE_REMOVED, packageName, userId, uid,
+ isReplacing));
+ }
+
+ private void onPackageRemoved(String packageName, int uid, boolean isReplacing) {
+ onPackageRemoved(packageName, UserHandle.USER_SYSTEM, uid, isReplacing);
+ }
+
+ @Test
+ public void testReceiveIntentFromNonHandlerThread() {
+ assertThrows(IllegalStateException.class, () ->
+ mIntentReceiver.onReceive(mContext, buildIntent(Intent.ACTION_PACKAGE_REMOVED,
+ PKGS[0], UserHandle.USER_SYSTEM, PKG_UIDS[0], true /* isReplacing */)));
+
+ assertThrows(IllegalStateException.class, () ->
+ mUserPresentReceiver.onReceive(mContext, new Intent(Intent.ACTION_USER_PRESENT)));
+ }
+
+ private void setupLockdownVpn(String packageName) {
+ final byte[] profileTag = packageName.getBytes(StandardCharsets.UTF_8);
+ doReturn(profileTag).when(mVpnProfileStore).get(Credentials.LOCKDOWN_VPN);
+ }
+
+ private void setupVpnProfile(String profileName) {
+ final VpnProfile profile = new VpnProfile(profileName);
+ profile.name = profileName;
+ profile.server = "192.0.2.1";
+ profile.dnsServers = "8.8.8.8";
+ profile.type = VpnProfile.TYPE_IPSEC_XAUTH_PSK;
+ final byte[] encodedProfile = profile.encode();
+ doReturn(encodedProfile).when(mVpnProfileStore).get(Credentials.VPN + profileName);
+ }
+
+ @Test
+ public void testUserPresent() {
+ // Verify that LockDownVpnTracker is not created.
+ verify(mLockdownVpnTracker, never()).init();
+
+ setupLockdownVpn(TEST_VPN_PKG);
+ setupVpnProfile(TEST_VPN_PKG);
+
+ // mUserPresentReceiver only registers ACTION_USER_PRESENT intent and does no verification
+ // on action, so an empty intent is enough.
+ sendIntent(mUserPresentReceiver, mSystemContext, new Intent());
+
+ verify(mLockdownVpnTracker).init();
+ verify(mSystemContext).unregisterReceiver(mUserPresentReceiver);
+ verify(mUserAllContext, never()).unregisterReceiver(any());
+ }
+
+ @Test
+ public void testUpdateLockdownVpn() {
+ setupLockdownVpn(TEST_VPN_PKG);
+ onUserUnlocked(SYSTEM_USER_ID);
+
+ // Will not create lockDownVpnTracker w/o valid profile configured in the keystore
+ verify(mLockdownVpnTracker, never()).init();
+
+ setupVpnProfile(TEST_VPN_PKG);
+
+ // Remove the user from mVpns
+ onUserStopped(SYSTEM_USER_ID);
+ onUserUnlocked(SYSTEM_USER_ID);
+ verify(mLockdownVpnTracker, never()).init();
+
+ // Add user back
+ onUserStarted(SYSTEM_USER_ID);
+ verify(mLockdownVpnTracker).init();
+
+ // Trigger another update. The existing LockDownVpnTracker should be shut down and
+ // initialize another one.
+ onUserUnlocked(SYSTEM_USER_ID);
+ verify(mLockdownVpnTracker).shutdown();
+ verify(mLockdownVpnTracker, times(2)).init();
+ }
+
+ @Test
+ public void testLockdownReset() {
+ // Init LockdownVpnTracker
+ setupLockdownVpn(TEST_VPN_PKG);
+ setupVpnProfile(TEST_VPN_PKG);
+ onUserUnlocked(SYSTEM_USER_ID);
+ verify(mLockdownVpnTracker).init();
+
+ onLockDownReset();
+ verify(mLockdownVpnTracker).reset();
+ }
+
+ @Test
+ public void testLockdownResetWhenLockdownVpnTrackerIsNotInit() {
+ setupLockdownVpn(TEST_VPN_PKG);
+ setupVpnProfile(TEST_VPN_PKG);
+
+ onLockDownReset();
+
+ // LockDownVpnTracker is not created. Lockdown reset will not take effect.
+ verify(mLockdownVpnTracker, never()).reset();
+ }
+
+ @Test
+ public void testIsVpnLockdownEnabled() {
+ // Vpn is created but the VPN lockdown is not enabled.
+ assertFalse(mService.isVpnLockdownEnabled(SYSTEM_USER_ID));
+
+ // Set lockdown for the SYSTEM_USER_ID VPN.
+ doReturn(true).when(mVpn).getLockdown();
+ assertTrue(mService.isVpnLockdownEnabled(SYSTEM_USER_ID));
+
+ // Even lockdown is enabled but no Vpn is created for SECONDARY_USER.
+ assertFalse(mService.isVpnLockdownEnabled(SECONDARY_USER.id));
+ }
+
+ @Test
+ public void testGetVpnLockdownAllowlist() {
+ doReturn(null).when(mVpn).getLockdownAllowlist();
+ assertNull(mService.getVpnLockdownAllowlist(SYSTEM_USER_ID));
+
+ final List<String> expected = List.of(PKGS);
+ doReturn(expected).when(mVpn).getLockdownAllowlist();
+ assertEquals(expected, mService.getVpnLockdownAllowlist(SYSTEM_USER_ID));
+
+ // Even lockdown is enabled but no Vpn is created for SECONDARY_USER.
+ assertNull(mService.getVpnLockdownAllowlist(SECONDARY_USER.id));
+ }
+}
diff --git a/tests/unit/java/com/android/server/VpnTestBase.java b/tests/unit/java/com/android/server/VpnTestBase.java
new file mode 100644
index 0000000..6113872
--- /dev/null
+++ b/tests/unit/java/com/android/server/VpnTestBase.java
@@ -0,0 +1,97 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server;
+
+import static android.content.pm.UserInfo.FLAG_ADMIN;
+import static android.content.pm.UserInfo.FLAG_MANAGED_PROFILE;
+import static android.content.pm.UserInfo.FLAG_PRIMARY;
+import static android.content.pm.UserInfo.FLAG_RESTRICTED;
+
+import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.doAnswer;
+
+import android.content.pm.PackageManager;
+import android.content.pm.UserInfo;
+import android.os.Process;
+import android.os.UserHandle;
+import android.util.ArrayMap;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+/** Common variables or methods shared between VpnTest and VpnManagerServiceTest. */
+public class VpnTestBase {
+ protected static final String TEST_VPN_PKG = "com.testvpn.vpn";
+ /**
+ * Names and UIDs for some fake packages. Important points:
+ * - UID is ordered increasing.
+ * - One pair of packages have consecutive UIDs.
+ */
+ protected static final String[] PKGS = {"com.example", "org.example", "net.example", "web.vpn"};
+ protected static final int[] PKG_UIDS = {10066, 10077, 10078, 10400};
+ // Mock packages
+ protected static final Map<String, Integer> sPackages = new ArrayMap<>();
+ static {
+ for (int i = 0; i < PKGS.length; i++) {
+ sPackages.put(PKGS[i], PKG_UIDS[i]);
+ }
+ sPackages.put(TEST_VPN_PKG, Process.myUid());
+ }
+
+ // Mock users
+ protected static final int SYSTEM_USER_ID = 0;
+ protected static final UserInfo SYSTEM_USER = new UserInfo(0, "system", UserInfo.FLAG_PRIMARY);
+ protected static final UserInfo PRIMARY_USER = new UserInfo(27, "Primary",
+ FLAG_ADMIN | FLAG_PRIMARY);
+ protected static final UserInfo SECONDARY_USER = new UserInfo(15, "Secondary", FLAG_ADMIN);
+ protected static final UserInfo RESTRICTED_PROFILE_A = new UserInfo(40, "RestrictedA",
+ FLAG_RESTRICTED);
+ protected static final UserInfo RESTRICTED_PROFILE_B = new UserInfo(42, "RestrictedB",
+ FLAG_RESTRICTED);
+ protected static final UserInfo MANAGED_PROFILE_A = new UserInfo(45, "ManagedA",
+ FLAG_MANAGED_PROFILE);
+ static {
+ RESTRICTED_PROFILE_A.restrictedProfileParentId = PRIMARY_USER.id;
+ RESTRICTED_PROFILE_B.restrictedProfileParentId = SECONDARY_USER.id;
+ MANAGED_PROFILE_A.profileGroupId = PRIMARY_USER.id;
+ }
+
+ // Populate a fake packageName-to-UID mapping.
+ protected void setMockedPackages(PackageManager mockPm, final Map<String, Integer> packages) {
+ try {
+ doAnswer(invocation -> {
+ final String appName = (String) invocation.getArguments()[0];
+ final int userId = (int) invocation.getArguments()[1];
+
+ final Integer appId = packages.get(appName);
+ if (appId == null) {
+ throw new PackageManager.NameNotFoundException(appName);
+ }
+
+ return UserHandle.getUid(userId, appId);
+ }).when(mockPm).getPackageUidAsUser(anyString(), anyInt());
+ } catch (Exception e) {
+ }
+ }
+
+ protected List<Integer> toList(int[] arr) {
+ return Arrays.stream(arr).boxed().collect(Collectors.toList());
+ }
+}
diff --git a/tests/unit/java/com/android/server/connectivity/ClatCoordinatorTest.java b/tests/unit/java/com/android/server/connectivity/ClatCoordinatorTest.java
index f84d10f..85bc4a9 100644
--- a/tests/unit/java/com/android/server/connectivity/ClatCoordinatorTest.java
+++ b/tests/unit/java/com/android/server/connectivity/ClatCoordinatorTest.java
@@ -21,6 +21,7 @@
import static android.system.OsConstants.ETH_P_IPV6;
import static com.android.net.module.util.NetworkStackConstants.ETHER_MTU;
+import static com.android.server.connectivity.ClatCoordinator.AID_CLAT;
import static com.android.server.connectivity.ClatCoordinator.CLAT_MAX_MTU;
import static com.android.server.connectivity.ClatCoordinator.EGRESS;
import static com.android.server.connectivity.ClatCoordinator.INGRESS;
@@ -30,12 +31,16 @@
import static com.android.testutils.MiscAsserts.assertThrows;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.fail;
import static org.mockito.Mockito.argThat;
import static org.mockito.Mockito.clearInvocations;
import static org.mockito.Mockito.eq;
import static org.mockito.Mockito.inOrder;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.verify;
import android.annotation.NonNull;
import android.net.INetd;
@@ -46,13 +51,17 @@
import androidx.test.filters.SmallTest;
+import com.android.internal.util.IndentingPrintWriter;
import com.android.net.module.util.IBpfMap;
import com.android.net.module.util.bpf.ClatEgress4Key;
import com.android.net.module.util.bpf.ClatEgress4Value;
import com.android.net.module.util.bpf.ClatIngress6Key;
import com.android.net.module.util.bpf.ClatIngress6Value;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRunner;
+import com.android.testutils.TestBpfMap;
import org.junit.Before;
import org.junit.Test;
@@ -64,6 +73,7 @@
import java.io.FileDescriptor;
import java.io.IOException;
+import java.io.StringWriter;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.util.Objects;
@@ -84,10 +94,10 @@
private static final int GOOGLE_DNS_4 = 0x08080808; // 8.8.8.8
private static final int NETID = 42;
- // The test fwmark means: PERMISSION_SYSTEM (0x2), protectedFromVpn: true,
+ // The test fwmark means: PERMISSION_NETWORK | PERMISSION_SYSTEM (0x3), protectedFromVpn: true,
// explicitlySelected: true, netid: 42. For bit field structure definition, see union Fwmark in
// system/netd/include/Fwmark.h
- private static final int MARK = 0xb002a;
+ private static final int MARK = 0xf002a;
private static final String XLAT_LOCAL_IPV4ADDR_STRING = "192.0.0.46";
private static final String XLAT_LOCAL_IPV6ADDR_STRING = "2001:db8:0:b11::464";
@@ -101,12 +111,12 @@
private static final int RAW_SOCK_FD = 535;
private static final int PACKET_SOCK_FD = 536;
private static final long RAW_SOCK_COOKIE = 27149;
- private static final ParcelFileDescriptor TUN_PFD = new ParcelFileDescriptor(
- new FileDescriptor());
- private static final ParcelFileDescriptor RAW_SOCK_PFD = new ParcelFileDescriptor(
- new FileDescriptor());
- private static final ParcelFileDescriptor PACKET_SOCK_PFD = new ParcelFileDescriptor(
- new FileDescriptor());
+ private static final ParcelFileDescriptor TUN_PFD = spy(new ParcelFileDescriptor(
+ new FileDescriptor()));
+ private static final ParcelFileDescriptor RAW_SOCK_PFD = spy(new ParcelFileDescriptor(
+ new FileDescriptor()));
+ private static final ParcelFileDescriptor PACKET_SOCK_PFD = spy(new ParcelFileDescriptor(
+ new FileDescriptor()));
private static final String EGRESS_PROG_PATH =
"/sys/fs/bpf/net_shared/prog_clatd_schedcls_egress4_clat_rawip";
@@ -120,11 +130,19 @@
INET6_PFX96, INET6_LOCAL6);
private static final ClatIngress6Value INGRESS_VALUE = new ClatIngress6Value(STACKED_IFINDEX,
INET4_LOCAL4);
+ private static final CookieTagMapKey COOKIE_TAG_KEY = new CookieTagMapKey(RAW_SOCK_COOKIE);
+ private static final CookieTagMapValue COOKIE_TAG_VALUE = new CookieTagMapValue(AID_CLAT,
+ 0 /* tag, unused */);
+
+ private final TestBpfMap<ClatIngress6Key, ClatIngress6Value> mIngressMap =
+ spy(new TestBpfMap<>(ClatIngress6Key.class, ClatIngress6Value.class));
+ private final TestBpfMap<ClatEgress4Key, ClatEgress4Value> mEgressMap =
+ spy(new TestBpfMap<>(ClatEgress4Key.class, ClatEgress4Value.class));
+ private final TestBpfMap<CookieTagMapKey, CookieTagMapValue> mCookieTagMap =
+ spy(new TestBpfMap<>(CookieTagMapKey.class, CookieTagMapValue.class));
@Mock private INetd mNetd;
@Spy private TestDependencies mDeps = new TestDependencies();
- @Mock private IBpfMap<ClatIngress6Key, ClatIngress6Value> mIngressMap;
- @Mock private IBpfMap<ClatEgress4Key, ClatEgress4Value> mEgressMap;
/**
* The dependency injection class is used to mock the JNI functions and system functions
@@ -303,25 +321,10 @@
}
/**
- * Tag socket as clat.
+ * Get socket cookie.
*/
- @Override
- public long tagSocketAsClat(@NonNull FileDescriptor sock) throws IOException {
- if (Objects.equals(RAW_SOCK_PFD.getFileDescriptor(), sock)) {
- return RAW_SOCK_COOKIE;
- }
- fail("unsupported arg: " + sock);
- return 0;
- }
-
- /**
- * Untag socket.
- */
- @Override
- public void untagSocket(long cookie) throws IOException {
- if (cookie != RAW_SOCK_COOKIE) {
- fail("unsupported arg: " + cookie);
- }
+ public long getSocketCookie(@NonNull FileDescriptor sock) throws IOException {
+ return RAW_SOCK_COOKIE;
}
/** Get ingress6 BPF map. */
@@ -336,6 +339,12 @@
return mEgressMap;
}
+ /** Get cookie tag map */
+ @Override
+ public IBpfMap<CookieTagMapKey, CookieTagMapValue> getBpfCookieTagMap() {
+ return mCookieTagMap;
+ }
+
/** Checks if the network interface uses an ethernet L2 header. */
public boolean isEthernet(String iface) throws IOException {
if (BASE_IFACE.equals(iface)) return true;
@@ -390,8 +399,8 @@
@Test
public void testStartStopClatd() throws Exception {
final ClatCoordinator coordinator = makeClatCoordinator();
- final InOrder inOrder = inOrder(mNetd, mDeps, mIngressMap, mEgressMap);
- clearInvocations(mNetd, mDeps, mIngressMap, mEgressMap);
+ final InOrder inOrder = inOrder(mNetd, mDeps, mIngressMap, mEgressMap, mCookieTagMap);
+ clearInvocations(mNetd, mDeps, mIngressMap, mEgressMap, mCookieTagMap);
// [1] Start clatd.
final String addr6For464xlat = coordinator.clatStart(BASE_IFACE, NETID, NAT64_IP_PREFIX);
@@ -434,8 +443,9 @@
inOrder.verify(mDeps).addAnycastSetsockopt(
argThat(fd -> Objects.equals(RAW_SOCK_PFD.getFileDescriptor(), fd)),
eq(XLAT_LOCAL_IPV6ADDR_STRING), eq(BASE_IFINDEX));
- inOrder.verify(mDeps).tagSocketAsClat(
+ inOrder.verify(mDeps).getSocketCookie(
argThat(fd -> Objects.equals(RAW_SOCK_PFD.getFileDescriptor(), fd)));
+ inOrder.verify(mCookieTagMap).insertEntry(eq(COOKIE_TAG_KEY), eq(COOKIE_TAG_VALUE));
inOrder.verify(mDeps).configurePacketSocket(
argThat(fd -> Objects.equals(PACKET_SOCK_PFD.getFileDescriptor(), fd)),
eq(XLAT_LOCAL_IPV6ADDR_STRING), eq(BASE_IFINDEX));
@@ -471,7 +481,7 @@
inOrder.verify(mIngressMap).deleteEntry(eq(INGRESS_KEY));
inOrder.verify(mDeps).stopClatd(eq(BASE_IFACE), eq(NAT64_PREFIX_STRING),
eq(XLAT_LOCAL_IPV4ADDR_STRING), eq(XLAT_LOCAL_IPV6ADDR_STRING), eq(CLATD_PID));
- inOrder.verify(mDeps).untagSocket(eq(RAW_SOCK_COOKIE));
+ inOrder.verify(mCookieTagMap).deleteEntry(eq(COOKIE_TAG_KEY));
assertNull(coordinator.getClatdTrackerForTesting());
inOrder.verifyNoMoreInteractions();
@@ -483,10 +493,10 @@
@Test
public void testGetFwmark() throws Exception {
- assertEquals(0xb0064, ClatCoordinator.getFwmark(100));
- assertEquals(0xb03e8, ClatCoordinator.getFwmark(1000));
- assertEquals(0xb2710, ClatCoordinator.getFwmark(10000));
- assertEquals(0xbffff, ClatCoordinator.getFwmark(65535));
+ assertEquals(0xf0064, ClatCoordinator.getFwmark(100));
+ assertEquals(0xf03e8, ClatCoordinator.getFwmark(1000));
+ assertEquals(0xf2710, ClatCoordinator.getFwmark(10000));
+ assertEquals(0xfffff, ClatCoordinator.getFwmark(65535));
}
@Test
@@ -505,4 +515,227 @@
// Expected mtu is that CLAT_MAX_MTU(65536) minus MTU_DELTA(28).
assertEquals(65508, ClatCoordinator.adjustMtu(CLAT_MAX_MTU + 1 /* over maximum mtu */));
}
+
+ private void verifyDump(final ClatCoordinator coordinator, boolean clatStarted) {
+ final StringWriter stringWriter = new StringWriter();
+ final IndentingPrintWriter ipw = new IndentingPrintWriter(stringWriter, " ");
+ coordinator.dump(ipw);
+
+ final String[] dumpStrings = stringWriter.toString().split("\n");
+ if (clatStarted) {
+ assertEquals(6, dumpStrings.length);
+ assertEquals("CLAT tracker: iface: test0 (1000), v4iface: v4-test0 (1001), "
+ + "v4: /192.0.0.46, v6: /2001:db8:0:b11::464, pfx96: /64:ff9b::, "
+ + "pid: 10483, cookie: 27149", dumpStrings[0].trim());
+ assertEquals("Forwarding rules:", dumpStrings[1].trim());
+ assertEquals("BPF ingress map: iif nat64Prefix v6Addr -> v4Addr oif",
+ dumpStrings[2].trim());
+ assertEquals("1000 /64:ff9b::/96 /2001:db8:0:b11::464 -> /192.0.0.46 1001",
+ dumpStrings[3].trim());
+ assertEquals("BPF egress map: iif v4Addr -> v6Addr nat64Prefix oif",
+ dumpStrings[4].trim());
+ assertEquals("1001 /192.0.0.46 -> /2001:db8:0:b11::464 /64:ff9b::/96 1000 ether",
+ dumpStrings[5].trim());
+ } else {
+ assertEquals(1, dumpStrings.length);
+ assertEquals("<not started>", dumpStrings[0].trim());
+ }
+ }
+
+ @Test
+ public void testDump() throws Exception {
+ final ClatCoordinator coordinator = makeClatCoordinator();
+ verifyDump(coordinator, false /* clatStarted */);
+ coordinator.clatStart(BASE_IFACE, NETID, NAT64_IP_PREFIX);
+ verifyDump(coordinator, true /* clatStarted */);
+ }
+
+ @Test
+ public void testNotStartClatWithInvalidPrefix() throws Exception {
+ final ClatCoordinator coordinator = makeClatCoordinator();
+ final IpPrefix invalidPrefix = new IpPrefix("2001:db8::/64");
+ assertThrows(IOException.class,
+ () -> coordinator.clatStart(BASE_IFACE, NETID, invalidPrefix));
+ }
+
+ private void checkNotStartClat(final TestDependencies deps, final boolean needToCloseTunFd,
+ final boolean needToClosePacketSockFd, final boolean needToCloseRawSockFd)
+ throws Exception {
+ clearInvocations(TUN_PFD, RAW_SOCK_PFD, PACKET_SOCK_PFD);
+
+ // [1] Expect that modified TestDependencies can't start clatd.
+ // Expect that the injection function of TestDependencies causes clatStart() failed.
+ final ClatCoordinator coordinatorWithBrokenDeps = new ClatCoordinator(deps);
+ assertThrows(IOException.class,
+ () -> coordinatorWithBrokenDeps.clatStart(BASE_IFACE, NETID, NAT64_IP_PREFIX));
+
+ // Use precise check to make sure that there is no unexpected file descriptor closing.
+ if (needToCloseTunFd) {
+ verify(TUN_PFD).close();
+ } else {
+ verify(TUN_PFD, never()).close();
+ }
+ if (needToClosePacketSockFd) {
+ verify(PACKET_SOCK_PFD).close();
+ } else {
+ verify(PACKET_SOCK_PFD, never()).close();
+ }
+ if (needToCloseRawSockFd) {
+ verify(RAW_SOCK_PFD).close();
+ } else {
+ verify(RAW_SOCK_PFD, never()).close();
+ }
+
+ // Check that dump doesn't crash after any clat starting failure.
+ verifyDump(coordinatorWithBrokenDeps, false /* clatStarted */);
+
+ // [2] Expect that unmodified TestDependencies can start clatd.
+ // Used to make sure that the above modified TestDependencies has really broken the
+ // clatd starting.
+ final ClatCoordinator coordinatorWithDefaultDeps = new ClatCoordinator(
+ new TestDependencies());
+ assertNotNull(coordinatorWithDefaultDeps.clatStart(BASE_IFACE, NETID, NAT64_IP_PREFIX));
+ }
+
+ // The following testNotStartClat* tests verifies bunches of code for unwinding the
+ // failure if any.
+ @Test
+ public void testNotStartClatWithNativeFailureSelectIpv4Address() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public String selectIpv4Address(@NonNull String v4addr, int prefixlen)
+ throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), false /* needToCloseTunFd */,
+ false /* needToClosePacketSockFd */, false /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNativeFailureGenerateIpv6Address() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public String generateIpv6Address(@NonNull String iface, @NonNull String v4,
+ @NonNull String prefix64) throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), false /* needToCloseTunFd */,
+ false /* needToClosePacketSockFd */, false /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNativeFailureCreateTunInterface() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public int createTunInterface(@NonNull String tuniface) throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), false /* needToCloseTunFd */,
+ false /* needToClosePacketSockFd */, false /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNativeFailureDetectMtu() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public int detectMtu(@NonNull String platSubnet, int platSuffix, int mark)
+ throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), true /* needToCloseTunFd */,
+ false /* needToClosePacketSockFd */, false /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNativeFailureOpenPacketSocket() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public int openPacketSocket() throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), true /* needToCloseTunFd */,
+ false /* needToClosePacketSockFd */, false /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNativeFailureOpenRawSocket6() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public int openRawSocket6(int mark) throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), true /* needToCloseTunFd */,
+ true /* needToClosePacketSockFd */, false /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNativeFailureAddAnycastSetsockopt() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public void addAnycastSetsockopt(@NonNull FileDescriptor sock, String v6,
+ int ifindex) throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), true /* needToCloseTunFd */,
+ true /* needToClosePacketSockFd */, true /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNativeFailureConfigurePacketSocket() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public void configurePacketSocket(@NonNull FileDescriptor sock, String v6,
+ int ifindex) throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), true /* needToCloseTunFd */,
+ true /* needToClosePacketSockFd */, true /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNativeFailureStartClatd() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public int startClatd(@NonNull FileDescriptor tunfd, @NonNull FileDescriptor readsock6,
+ @NonNull FileDescriptor writesock6, @NonNull String iface,
+ @NonNull String pfx96, @NonNull String v4, @NonNull String v6)
+ throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), true /* needToCloseTunFd */,
+ true /* needToClosePacketSockFd */, true /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNativeFailureGetSocketCookie() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public long getSocketCookie(@NonNull FileDescriptor sock) throws IOException {
+ throw new IOException();
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), true /* needToCloseTunFd */,
+ true /* needToClosePacketSockFd */, true /* needToCloseRawSockFd */);
+ }
+
+ @Test
+ public void testNotStartClatWithNullCookieTagMap() throws Exception {
+ class FailureDependencies extends TestDependencies {
+ @Override
+ public IBpfMap<CookieTagMapKey, CookieTagMapValue> getBpfCookieTagMap() {
+ return null;
+ }
+ }
+ checkNotStartClat(new FailureDependencies(), true /* needToCloseTunFd */,
+ true /* needToClosePacketSockFd */, true /* needToCloseRawSockFd */);
+ }
}
diff --git a/tests/unit/java/com/android/server/connectivity/FullScoreTest.kt b/tests/unit/java/com/android/server/connectivity/FullScoreTest.kt
index c03a9cd..b39e960 100644
--- a/tests/unit/java/com/android/server/connectivity/FullScoreTest.kt
+++ b/tests/unit/java/com/android/server/connectivity/FullScoreTest.kt
@@ -18,6 +18,8 @@
import android.net.NetworkAgentConfig
import android.net.NetworkCapabilities
+import android.net.NetworkScore
+import android.net.NetworkScore.KEEP_CONNECTED_FOR_HANDOVER
import android.net.NetworkScore.KEEP_CONNECTED_NONE
import android.os.Build
import android.text.TextUtils
@@ -25,7 +27,9 @@
import android.util.Log
import androidx.test.filters.SmallTest
import com.android.server.connectivity.FullScore.MAX_CS_MANAGED_POLICY
+import com.android.server.connectivity.FullScore.MIN_CS_MANAGED_POLICY
import com.android.server.connectivity.FullScore.POLICY_ACCEPT_UNVALIDATED
+import com.android.server.connectivity.FullScore.POLICY_EVER_EVALUATED
import com.android.server.connectivity.FullScore.POLICY_EVER_USER_SELECTED
import com.android.server.connectivity.FullScore.POLICY_IS_DESTROYED
import com.android.server.connectivity.FullScore.POLICY_IS_UNMETERED
@@ -40,6 +44,7 @@
import kotlin.reflect.full.staticProperties
import kotlin.test.assertEquals
import kotlin.test.assertFalse
+import kotlin.test.assertNotEquals
import kotlin.test.assertTrue
@RunWith(DevSdkIgnoreRunner::class)
@@ -52,6 +57,7 @@
vpn: Boolean = false,
onceChosen: Boolean = false,
acceptUnvalidated: Boolean = false,
+ everEvaluated: Boolean = true,
destroyed: Boolean = false
): FullScore {
val nac = NetworkAgentConfig.Builder().apply {
@@ -62,7 +68,8 @@
if (vpn) addTransportType(NetworkCapabilities.TRANSPORT_VPN)
if (validated) addCapability(NetworkCapabilities.NET_CAPABILITY_VALIDATED)
}.build()
- return mixInScore(nc, nac, validated, false /* yieldToBadWifi */, destroyed)
+ return mixInScore(nc, nac, validated, false /* avoidUnvalidated */,
+ false /* yieldToBadWifi */, everEvaluated, destroyed)
}
private val TAG = this::class.simpleName
@@ -83,33 +90,10 @@
}
@Test
- fun testGetLegacyInt() {
- val ns = FullScore(50, 0L /* policy */, KEEP_CONNECTED_NONE)
- assertEquals(10, ns.legacyInt) // -40 penalty for not being validated
- assertEquals(50, ns.legacyIntAsValidated)
-
- val vpnNs = FullScore(101, 0L /* policy */, KEEP_CONNECTED_NONE).withPolicies(vpn = true)
- assertEquals(101, vpnNs.legacyInt) // VPNs are not subject to unvalidation penalty
- assertEquals(101, vpnNs.legacyIntAsValidated)
- assertEquals(101, vpnNs.withPolicies(validated = true).legacyInt)
- assertEquals(101, vpnNs.withPolicies(validated = true).legacyIntAsValidated)
-
- val validatedNs = ns.withPolicies(validated = true)
- assertEquals(50, validatedNs.legacyInt) // No penalty, this is validated
- assertEquals(50, validatedNs.legacyIntAsValidated)
-
- val chosenNs = ns.withPolicies(onceChosen = true)
- assertEquals(10, chosenNs.legacyInt)
- assertEquals(100, chosenNs.legacyIntAsValidated)
- assertEquals(10, chosenNs.withPolicies(acceptUnvalidated = true).legacyInt)
- assertEquals(50, chosenNs.withPolicies(acceptUnvalidated = true).legacyIntAsValidated)
- }
-
- @Test
fun testToString() {
- val string = FullScore(10, 0L /* policy */, KEEP_CONNECTED_NONE)
+ val string = FullScore(0L /* policy */, KEEP_CONNECTED_NONE)
.withPolicies(vpn = true, acceptUnvalidated = true).toString()
- assertTrue(string.contains("Score(10"), string)
+ assertTrue(string.contains("Score("), string)
assertTrue(string.contains("ACCEPT_UNVALIDATED"), string)
assertTrue(string.contains("IS_VPN"), string)
assertFalse(string.contains("IS_VALIDATED"), string)
@@ -131,7 +115,7 @@
@Test
fun testHasPolicy() {
- val ns = FullScore(50, 0L /* policy */, KEEP_CONNECTED_NONE)
+ val ns = FullScore(0L /* policy */, KEEP_CONNECTED_NONE)
assertFalse(ns.hasPolicy(POLICY_IS_VALIDATED))
assertFalse(ns.hasPolicy(POLICY_IS_VPN))
assertFalse(ns.hasPolicy(POLICY_EVER_USER_SELECTED))
@@ -141,6 +125,7 @@
assertTrue(ns.withPolicies(onceChosen = true).hasPolicy(POLICY_EVER_USER_SELECTED))
assertTrue(ns.withPolicies(acceptUnvalidated = true).hasPolicy(POLICY_ACCEPT_UNVALIDATED))
assertTrue(ns.withPolicies(destroyed = true).hasPolicy(POLICY_IS_DESTROYED))
+ assertTrue(ns.withPolicies(everEvaluated = true).hasPolicy(POLICY_EVER_EVALUATED))
}
@Test
@@ -148,12 +133,23 @@
val policies = getAllPolicies()
policies.forEach { policy ->
- assertTrue(policy.get() as Int >= FullScore.MIN_CS_MANAGED_POLICY)
- assertTrue(policy.get() as Int <= FullScore.MAX_CS_MANAGED_POLICY)
+ assertTrue(policy.get() as Int >= MIN_CS_MANAGED_POLICY)
+ assertTrue(policy.get() as Int <= MAX_CS_MANAGED_POLICY)
}
- assertEquals(FullScore.MIN_CS_MANAGED_POLICY,
- policies.minOfOrNull { it.get() as Int })
- assertEquals(FullScore.MAX_CS_MANAGED_POLICY,
- policies.maxOfOrNull { it.get() as Int })
+ assertEquals(MIN_CS_MANAGED_POLICY, policies.minOfOrNull { it.get() as Int })
+ assertEquals(MAX_CS_MANAGED_POLICY, policies.maxOfOrNull { it.get() as Int })
+ }
+
+ @Test
+ fun testEquals() {
+ val ns1 = FullScore(0L /* policy */, KEEP_CONNECTED_NONE)
+ val ns2 = FullScore(0L /* policy */, KEEP_CONNECTED_NONE)
+ val ns3 = FullScore(0L /* policy */, KEEP_CONNECTED_FOR_HANDOVER)
+ val ns4 = NetworkScore.Builder().setLegacyInt(50).build()
+ assertEquals(ns1, ns1)
+ assertEquals(ns2, ns1)
+ assertNotEquals(ns1.withPolicies(validated = true), ns1)
+ assertNotEquals(ns3, ns1)
+ assertFalse(ns1.equals(ns4))
}
}
diff --git a/tests/unit/java/com/android/server/connectivity/IpConnectivityMetricsTest.java b/tests/unit/java/com/android/server/connectivity/IpConnectivityMetricsTest.java
index 063ccd3..719314a 100644
--- a/tests/unit/java/com/android/server/connectivity/IpConnectivityMetricsTest.java
+++ b/tests/unit/java/com/android/server/connectivity/IpConnectivityMetricsTest.java
@@ -23,6 +23,7 @@
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.fail;
import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
@@ -47,6 +48,7 @@
import android.net.metrics.ValidationProbeEvent;
import android.os.Build;
import android.os.Parcelable;
+import android.os.SystemClock;
import android.system.OsConstants;
import android.test.suitebuilder.annotation.SmallTest;
import android.util.Base64;
@@ -138,18 +140,16 @@
private void logDefaultNetworkEvent(long timeMs, NetworkAgentInfo nai,
NetworkAgentInfo oldNai) {
final Network network = (nai != null) ? nai.network() : null;
- final int score = (nai != null) ? nai.getCurrentScore() : 0;
- final boolean validated = (nai != null) ? nai.lastValidated : false;
+ final boolean validated = (nai != null) ? nai.isValidated() : false;
final LinkProperties lp = (nai != null) ? nai.linkProperties : null;
final NetworkCapabilities nc = (nai != null) ? nai.networkCapabilities : null;
final Network prevNetwork = (oldNai != null) ? oldNai.network() : null;
- final int prevScore = (oldNai != null) ? oldNai.getCurrentScore() : 0;
final LinkProperties prevLp = (oldNai != null) ? oldNai.linkProperties : null;
final NetworkCapabilities prevNc = (oldNai != null) ? oldNai.networkCapabilities : null;
- mService.mDefaultNetworkMetrics.logDefaultNetworkEvent(timeMs, network, score, validated,
- lp, nc, prevNetwork, prevScore, prevLp, prevNc);
+ mService.mDefaultNetworkMetrics.logDefaultNetworkEvent(timeMs, network, 0 /* legacyScore */,
+ validated, lp, nc, prevNetwork, 0 /* prevLegacyScore */, prevLp, prevNc);
}
@Test
public void testDefaultNetworkEvents() throws Exception {
@@ -158,15 +158,15 @@
NetworkAgentInfo[][] defaultNetworks = {
// nothing -> cell
- {null, makeNai(100, 10, false, true, cell)},
+ {null, makeNai(100, false, true, cell)},
// cell -> wifi
- {makeNai(100, 50, true, true, cell), makeNai(101, 20, true, false, wifi)},
+ {makeNai(100, true, true, cell), makeNai(101, true, false, wifi)},
// wifi -> nothing
- {makeNai(101, 60, true, false, wifi), null},
+ {makeNai(101, true, false, wifi), null},
// nothing -> cell
- {null, makeNai(102, 10, true, true, cell)},
+ {null, makeNai(102, true, true, cell)},
// cell -> wifi
- {makeNai(102, 50, true, true, cell), makeNai(103, 20, true, false, wifi)},
+ {makeNai(102, true, true, cell), makeNai(103, true, false, wifi)},
};
long timeMs = mService.mDefaultNetworkMetrics.creationTimeMs;
@@ -204,8 +204,8 @@
" transports: 1",
" default_network_event <",
" default_network_duration_ms: 2002",
- " final_score: 50",
- " initial_score: 10",
+ " final_score: 0",
+ " initial_score: 0",
" ip_support: 3",
" no_default_network_duration_ms: 0",
" previous_default_network_link_layer: 0",
@@ -221,8 +221,8 @@
" transports: 2",
" default_network_event <",
" default_network_duration_ms: 4004",
- " final_score: 60",
- " initial_score: 20",
+ " final_score: 0",
+ " initial_score: 0",
" ip_support: 1",
" no_default_network_duration_ms: 0",
" previous_default_network_link_layer: 2",
@@ -255,8 +255,8 @@
" transports: 1",
" default_network_event <",
" default_network_duration_ms: 16016",
- " final_score: 50",
- " initial_score: 10",
+ " final_score: 0",
+ " initial_score: 0",
" ip_support: 3",
" no_default_network_duration_ms: 0",
" previous_default_network_link_layer: 4",
@@ -348,8 +348,8 @@
long timeMs = mService.mDefaultNetworkMetrics.creationTimeMs;
final long cell = BitUtils.packBits(new int[]{NetworkCapabilities.TRANSPORT_CELLULAR});
final long wifi = BitUtils.packBits(new int[]{NetworkCapabilities.TRANSPORT_WIFI});
- NetworkAgentInfo cellNai = makeNai(100, 50, false, true, cell);
- NetworkAgentInfo wifiNai = makeNai(101, 60, true, false, wifi);
+ final NetworkAgentInfo cellNai = makeNai(100, false, true, cell);
+ final NetworkAgentInfo wifiNai = makeNai(101, true, false, wifi);
logDefaultNetworkEvent(timeMs + 200L, cellNai, null);
logDefaultNetworkEvent(timeMs + 300L, wifiNai, cellNai);
@@ -463,8 +463,8 @@
" transports: 1",
" default_network_event <",
" default_network_duration_ms: 100",
- " final_score: 50",
- " initial_score: 50",
+ " final_score: 0",
+ " initial_score: 0",
" ip_support: 2",
" no_default_network_duration_ms: 0",
" previous_default_network_link_layer: 0",
@@ -611,13 +611,15 @@
mNetdListener.onWakeupEvent(prefix, uid, ether, ip, mac, srcIp, dstIp, sport, dport, now);
}
- NetworkAgentInfo makeNai(int netId, int score, boolean ipv4, boolean ipv6, long transports) {
+ NetworkAgentInfo makeNai(int netId, boolean ipv4, boolean ipv6, long transports) {
NetworkAgentInfo nai = mock(NetworkAgentInfo.class);
when(nai.network()).thenReturn(new Network(netId));
- when(nai.getCurrentScore()).thenReturn(score);
nai.linkProperties = new LinkProperties();
nai.networkCapabilities = new NetworkCapabilities();
- nai.lastValidated = true;
+ nai.setValidated(true);
+ doReturn(true).when(nai).isValidated();
+ doReturn(SystemClock.elapsedRealtime()).when(nai).getFirstValidationTime();
+ doReturn(SystemClock.elapsedRealtime()).when(nai).getCurrentValidationTime();
for (int t : BitUtils.unpackBits(transports)) {
nai.networkCapabilities.addTransportType(t);
}
@@ -632,8 +634,6 @@
return nai;
}
-
-
static void verifySerialization(String want, String output) {
try {
byte[] got = Base64.decode(output, Base64.DEFAULT);
diff --git a/tests/unit/java/com/android/server/connectivity/LingerMonitorTest.java b/tests/unit/java/com/android/server/connectivity/LingerMonitorTest.java
index 58a7c89..0d371fa 100644
--- a/tests/unit/java/com/android/server/connectivity/LingerMonitorTest.java
+++ b/tests/unit/java/com/android/server/connectivity/LingerMonitorTest.java
@@ -21,6 +21,7 @@
import static org.mockito.Mockito.any;
import static org.mockito.Mockito.anyBoolean;
import static org.mockito.Mockito.anyInt;
+import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.eq;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.reset;
@@ -30,6 +31,7 @@
import android.app.PendingIntent;
import android.content.Context;
+import android.content.pm.PackageManager;
import android.content.res.Resources;
import android.net.ConnectivityManager;
import android.net.ConnectivityResources;
@@ -85,12 +87,14 @@
@Mock NetworkNotificationManager mNotifier;
@Mock Resources mResources;
@Mock QosCallbackTracker mQosCallbackTracker;
+ @Mock PackageManager mPackageManager;
@Before
public void setUp() {
MockitoAnnotations.initMocks(this);
when(mCtx.getResources()).thenReturn(mResources);
when(mCtx.getPackageName()).thenReturn("com.android.server.connectivity");
+ doReturn(mPackageManager).when(mCtx).getPackageManager();
ConnectivityResources.setResourcesContextForTest(mCtx);
mMonitor = new TestableLingerMonitor(mCtx, mNotifier, HIGH_DAILY_LIMIT, HIGH_RATE_LIMIT);
@@ -272,9 +276,8 @@
public void testIgnoreNeverValidatedNetworks() {
setNotificationType(LingerMonitor.NOTIFY_TYPE_TOAST);
setNotificationSwitch(transition(WIFI, CELLULAR));
- NetworkAgentInfo from = wifiNai(100);
+ NetworkAgentInfo from = wifiNai(100, false /* setEverValidated */);
NetworkAgentInfo to = cellNai(101);
- from.everValidated = false;
mMonitor.noteLingerDefaultNetwork(from, to);
verifyNoNotifications();
@@ -286,7 +289,7 @@
setNotificationSwitch(transition(WIFI, CELLULAR));
NetworkAgentInfo from = wifiNai(100);
NetworkAgentInfo to = cellNai(101);
- from.lastValidated = true;
+ from.setValidated(true);
mMonitor.noteLingerDefaultNetwork(from, to);
verifyNoNotifications();
@@ -363,7 +366,8 @@
eq(NotificationType.NETWORK_SWITCH), eq(from), eq(to), any(), eq(true));
}
- NetworkAgentInfo nai(int netId, int transport, int networkType, String networkTypeName) {
+ NetworkAgentInfo nai(int netId, int transport, int networkType, String networkTypeName,
+ boolean setEverValidated) {
NetworkInfo info = new NetworkInfo(networkType, 0, networkTypeName, "");
NetworkCapabilities caps = new NetworkCapabilities();
caps.addCapability(0);
@@ -373,18 +377,32 @@
mCtx, null, new NetworkAgentConfig.Builder().build(), mConnService, mNetd,
mDnsResolver, NetworkProvider.ID_NONE, Binder.getCallingUid(), TEST_LINGER_DELAY_MS,
mQosCallbackTracker, new ConnectivityService.Dependencies());
- nai.everValidated = true;
+ if (setEverValidated) {
+ // As tests in this class deal with testing lingering, most tests are interested
+ // in networks that can be lingered, and therefore must have validated in the past.
+ // Thus, pretend the network validated once, then became invalidated.
+ nai.setValidated(true);
+ nai.setValidated(false);
+ }
return nai;
}
NetworkAgentInfo wifiNai(int netId) {
+ return wifiNai(netId, true /* setEverValidated */);
+ }
+
+ NetworkAgentInfo wifiNai(int netId, boolean setEverValidated) {
return nai(netId, NetworkCapabilities.TRANSPORT_WIFI,
- ConnectivityManager.TYPE_WIFI, WIFI);
+ ConnectivityManager.TYPE_WIFI, WIFI, setEverValidated);
}
NetworkAgentInfo cellNai(int netId) {
+ return cellNai(netId, true /* setEverValidated */);
+ }
+
+ NetworkAgentInfo cellNai(int netId, boolean setEverValidated) {
return nai(netId, NetworkCapabilities.TRANSPORT_CELLULAR,
- ConnectivityManager.TYPE_MOBILE, CELLULAR);
+ ConnectivityManager.TYPE_MOBILE, CELLULAR, setEverValidated);
}
public static class TestableLingerMonitor extends LingerMonitor {
diff --git a/tests/unit/java/android/net/util/MultinetworkPolicyTrackerTest.kt b/tests/unit/java/com/android/server/connectivity/MultinetworkPolicyTrackerTest.kt
similarity index 74%
rename from tests/unit/java/android/net/util/MultinetworkPolicyTrackerTest.kt
rename to tests/unit/java/com/android/server/connectivity/MultinetworkPolicyTrackerTest.kt
index 576b8d3..b52e8a8 100644
--- a/tests/unit/java/android/net/util/MultinetworkPolicyTrackerTest.kt
+++ b/tests/unit/java/com/android/server/connectivity/MultinetworkPolicyTrackerTest.kt
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package android.net.util
+package com.android.server.connectivity
import android.content.Context
import android.content.res.Resources
@@ -24,8 +24,10 @@
import android.net.ConnectivityResources
import android.net.ConnectivitySettingsManager.NETWORK_AVOID_BAD_WIFI
import android.net.ConnectivitySettingsManager.NETWORK_METERED_MULTIPATH_PREFERENCE
-import android.net.util.MultinetworkPolicyTracker.ActiveDataSubscriptionIdListener
+import com.android.server.connectivity.MultinetworkPolicyTracker.ActiveDataSubscriptionIdListener
import android.os.Build
+import android.os.Handler
+import android.os.test.TestLooper
import android.provider.Settings
import android.telephony.SubscriptionInfo
import android.telephony.SubscriptionManager
@@ -34,18 +36,18 @@
import androidx.test.filters.SmallTest
import com.android.connectivity.resources.R
import com.android.internal.util.test.FakeSettingsProvider
+import com.android.modules.utils.build.SdkLevel
import com.android.testutils.DevSdkIgnoreRule
import com.android.testutils.DevSdkIgnoreRunner
import org.junit.After
import org.junit.Assert.assertEquals
import org.junit.Assert.assertFalse
import org.junit.Assert.assertTrue
+import org.junit.Before
import org.junit.Test
import org.junit.runner.RunWith
import org.mockito.ArgumentCaptor
import org.mockito.ArgumentMatchers.anyInt
-import org.mockito.ArgumentMatchers.argThat
-import org.mockito.ArgumentMatchers.eq
import org.mockito.Mockito.any
import org.mockito.Mockito.doCallRealMethod
import org.mockito.Mockito.doReturn
@@ -53,20 +55,21 @@
import org.mockito.Mockito.times
import org.mockito.Mockito.verify
+const val HANDLER_TIMEOUT_MS = 400
+
/**
* Tests for [MultinetworkPolicyTracker].
*
* Build, install and run with:
- * atest android.net.util.MultinetworkPolicyTrackerTest
+ * atest FrameworksNetTest:MultinetworkPolicyTrackerTest
*/
@RunWith(DevSdkIgnoreRunner::class)
@SmallTest
@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
class MultinetworkPolicyTrackerTest {
private val resources = mock(Resources::class.java).also {
- doReturn(R.integer.config_networkAvoidBadWifi).`when`(it).getIdentifier(
- eq("config_networkAvoidBadWifi"), eq("integer"), any())
doReturn(0).`when`(it).getInteger(R.integer.config_networkAvoidBadWifi)
+ doReturn(0).`when`(it).getInteger(R.integer.config_activelyPreferBadWifi)
}
private val telephonyManager = mock(TelephonyManager::class.java)
private val subscriptionManager = mock(SubscriptionManager::class.java).also {
@@ -90,7 +93,11 @@
Settings.Global.putString(resolver, NETWORK_AVOID_BAD_WIFI, "1")
ConnectivityResources.setResourcesContextForTest(it)
}
- private val tracker = MultinetworkPolicyTracker(context, null /* handler */)
+ private val csLooper = TestLooper()
+ private val handler = Handler(csLooper.looper)
+ private val trackerDependencies = MultinetworkPolicyTrackerTestDependencies(resources)
+ private val tracker = MultinetworkPolicyTracker(context, handler,
+ null /* avoidBadWifiCallback */, trackerDependencies)
private fun assertMultipathPreference(preference: Int) {
Settings.Global.putString(resolver, NETWORK_METERED_MULTIPATH_PREFERENCE,
@@ -99,6 +106,11 @@
assertEquals(preference, tracker.meteredMultipathPreference)
}
+ @Before
+ fun setUp() {
+ tracker.start()
+ }
+
@After
fun tearDown() {
ConnectivityResources.setResourcesContextForTest(null)
@@ -113,6 +125,7 @@
@Test
fun testUpdateAvoidBadWifi() {
+ doReturn(0).`when`(resources).getInteger(R.integer.config_activelyPreferBadWifi)
Settings.Global.putString(resolver, NETWORK_AVOID_BAD_WIFI, "0")
assertTrue(tracker.updateAvoidBadWifi())
assertFalse(tracker.avoidBadWifi)
@@ -120,6 +133,36 @@
doReturn(1).`when`(resources).getInteger(R.integer.config_networkAvoidBadWifi)
assertTrue(tracker.updateAvoidBadWifi())
assertTrue(tracker.avoidBadWifi)
+
+ if (SdkLevel.isAtLeastU()) {
+ // On U+, the system always prefers bad wifi.
+ assertTrue(tracker.activelyPreferBadWifi)
+ } else {
+ assertFalse(tracker.activelyPreferBadWifi)
+ }
+
+ doReturn(1).`when`(resources).getInteger(R.integer.config_activelyPreferBadWifi)
+ if (SdkLevel.isAtLeastU()) {
+ // On U+, this didn't change the setting
+ assertFalse(tracker.updateAvoidBadWifi())
+ } else {
+ // On T-, this must have changed the setting
+ assertTrue(tracker.updateAvoidBadWifi())
+ }
+ // In all cases, now the system actively prefers bad wifi
+ assertTrue(tracker.activelyPreferBadWifi)
+
+ // Remaining tests are only useful on T-, which support both the old and new mode.
+ if (SdkLevel.isAtLeastU()) return
+
+ doReturn(0).`when`(resources).getInteger(R.integer.config_activelyPreferBadWifi)
+ assertTrue(tracker.updateAvoidBadWifi())
+ assertFalse(tracker.activelyPreferBadWifi)
+
+ // Simulate update of device config
+ trackerDependencies.putConfigActivelyPreferBadWifi(1)
+ csLooper.dispatchAll()
+ assertTrue(tracker.activelyPreferBadWifi)
}
@Test
@@ -138,6 +181,8 @@
Settings.Global.putString(resolver, NETWORK_METERED_MULTIPATH_PREFERENCE,
MULTIPATH_PREFERENCE_PERFORMANCE.toString())
+ assertTrue(tracker.avoidBadWifi)
+
val listenerCaptor = ArgumentCaptor.forClass(
ActiveDataSubscriptionIdListener::class.java)
verify(telephonyManager, times(1))
@@ -145,10 +190,6 @@
val listener = listenerCaptor.value
listener.onActiveDataSubscriptionIdChanged(testSubId)
- // Check it get resource value with test sub id.
- verify(subscriptionManager, times(1)).getActiveSubscriptionInfo(testSubId)
- verify(context).createConfigurationContext(argThat { it.mcc == 310 && it.mnc == 210 })
-
// Check if avoidBadWifi and meteredMultipathPreference values have been updated.
assertFalse(tracker.avoidBadWifi)
assertEquals(MULTIPATH_PREFERENCE_PERFORMANCE, tracker.meteredMultipathPreference)
diff --git a/tests/unit/java/com/android/server/connectivity/MultinetworkPolicyTrackerTestDependencies.kt b/tests/unit/java/com/android/server/connectivity/MultinetworkPolicyTrackerTestDependencies.kt
new file mode 100644
index 0000000..744c020
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/MultinetworkPolicyTrackerTestDependencies.kt
@@ -0,0 +1,47 @@
+package com.android.server.connectivity
+
+import android.content.res.Resources
+import android.net.ConnectivityResources
+import android.provider.DeviceConfig
+import android.provider.DeviceConfig.NAMESPACE_CONNECTIVITY
+import android.provider.DeviceConfig.OnPropertiesChangedListener
+import com.android.internal.annotations.GuardedBy
+import com.android.server.connectivity.MultinetworkPolicyTracker.CONFIG_ACTIVELY_PREFER_BAD_WIFI
+import java.util.concurrent.Executor
+
+class MultinetworkPolicyTrackerTestDependencies(private val resources: Resources) :
+ MultinetworkPolicyTracker.Dependencies() {
+ @GuardedBy("listeners")
+ private var configActivelyPreferBadWifi = 0
+ // TODO : move this to an actual fake device config object
+ @GuardedBy("listeners")
+ private val listeners = mutableListOf<Pair<Executor, OnPropertiesChangedListener>>()
+
+ fun putConfigActivelyPreferBadWifi(value: Int) {
+ synchronized(listeners) {
+ if (value == configActivelyPreferBadWifi) return
+ configActivelyPreferBadWifi = value
+ val p = DeviceConfig.Properties(NAMESPACE_CONNECTIVITY,
+ mapOf(CONFIG_ACTIVELY_PREFER_BAD_WIFI to value.toString()))
+ listeners.forEach { (executor, listener) ->
+ executor.execute { listener.onPropertiesChanged(p) }
+ }
+ }
+ }
+
+ override fun getConfigActivelyPreferBadWifi(): Int {
+ return synchronized(listeners) { configActivelyPreferBadWifi }
+ }
+
+ override fun addOnDevicePropertiesChangedListener(
+ e: Executor,
+ listener: OnPropertiesChangedListener
+ ) {
+ synchronized(listeners) {
+ listeners.add(e to listener)
+ }
+ }
+
+ override fun getResourcesForActiveSubId(res: ConnectivityResources, id: Int): Resources =
+ resources
+}
diff --git a/tests/unit/java/com/android/server/connectivity/NetworkNotificationManagerTest.java b/tests/unit/java/com/android/server/connectivity/NetworkNotificationManagerTest.java
index 2cf5d8e..53097b6 100644
--- a/tests/unit/java/com/android/server/connectivity/NetworkNotificationManagerTest.java
+++ b/tests/unit/java/com/android/server/connectivity/NetworkNotificationManagerTest.java
@@ -385,11 +385,13 @@
doReturn(true).when(mResources).getBoolean(
R.bool.config_notifyNoInternetAsDialogWhenHighPriority);
+ final Instrumentation instr = InstrumentationRegistry.getInstrumentation();
+ UiDevice.getInstance(instr).pressHome();
+
mManager.showNotification(TEST_NOTIF_ID, NETWORK_SWITCH, mWifiNai, mCellNai, null, false);
// Non-"no internet" notifications are not affected
verify(mNotificationManager).notify(eq(TEST_NOTIF_TAG), eq(NETWORK_SWITCH.eventId), any());
- final Instrumentation instr = InstrumentationRegistry.getInstrumentation();
final Context ctx = instr.getContext();
final String testAction = "com.android.connectivity.coverage.TEST_DIALOG";
final Intent intent = new Intent(testAction)
diff --git a/tests/unit/java/com/android/server/connectivity/NetworkOfferTest.kt b/tests/unit/java/com/android/server/connectivity/NetworkOfferTest.kt
index d03c567..f9a0927 100644
--- a/tests/unit/java/com/android/server/connectivity/NetworkOfferTest.kt
+++ b/tests/unit/java/com/android/server/connectivity/NetworkOfferTest.kt
@@ -42,7 +42,7 @@
@Test
fun testOfferNeededUnneeded() {
- val score = FullScore(50, POLICY_NONE, KEEP_CONNECTED_NONE)
+ val score = FullScore(POLICY_NONE, KEEP_CONNECTED_NONE)
val offer = NetworkOffer(score, NetworkCapabilities.Builder().build(), mockCallback,
1 /* providerId */)
val request1 = mock(NetworkRequest::class.java)
diff --git a/tests/unit/java/com/android/server/connectivity/NetworkRankerTest.kt b/tests/unit/java/com/android/server/connectivity/NetworkRankerTest.kt
index 4408958..1e3f389 100644
--- a/tests/unit/java/com/android/server/connectivity/NetworkRankerTest.kt
+++ b/tests/unit/java/com/android/server/connectivity/NetworkRankerTest.kt
@@ -17,31 +17,38 @@
package com.android.server.connectivity
import android.net.NetworkCapabilities
+import android.net.NetworkCapabilities.NET_CAPABILITY_CAPTIVE_PORTAL as NET_CAP_PORTAL
import android.net.NetworkCapabilities.TRANSPORT_CELLULAR
import android.net.NetworkCapabilities.TRANSPORT_WIFI
import android.net.NetworkScore.KEEP_CONNECTED_NONE
-import android.net.NetworkScore.POLICY_EXITING
-import android.net.NetworkScore.POLICY_TRANSPORT_PRIMARY
-import android.net.NetworkScore.POLICY_YIELD_TO_BAD_WIFI
+import android.net.NetworkScore.POLICY_EXITING as EXITING
+import android.net.NetworkScore.POLICY_TRANSPORT_PRIMARY as PRIMARY
+import android.net.NetworkScore.POLICY_YIELD_TO_BAD_WIFI as YIELD_TO_BAD_WIFI
import android.os.Build
import androidx.test.filters.SmallTest
-import com.android.server.connectivity.FullScore.POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD
-import com.android.server.connectivity.FullScore.POLICY_IS_VALIDATED
+import com.android.connectivity.resources.R
+import com.android.server.connectivity.FullScore.POLICY_AVOIDED_WHEN_UNVALIDATED as AVOIDED_UNVALID
+import com.android.server.connectivity.FullScore.POLICY_EVER_EVALUATED as EVER_EVALUATED
+import com.android.server.connectivity.FullScore.POLICY_EVER_VALIDATED as EVER_VALIDATED
+import com.android.server.connectivity.FullScore.POLICY_IS_VALIDATED as IS_VALIDATED
import com.android.testutils.DevSdkIgnoreRule
-import com.android.testutils.DevSdkIgnoreRunner
+import org.junit.Rule
import org.junit.Test
import org.junit.runner.RunWith
+import org.junit.runners.Parameterized
import kotlin.test.assertEquals
-private fun score(vararg policies: Int) = FullScore(0,
+private fun score(vararg policies: Int) = FullScore(
policies.fold(0L) { acc, e -> acc or (1L shl e) }, KEEP_CONNECTED_NONE)
-private fun caps(transport: Int) = NetworkCapabilities.Builder().addTransportType(transport).build()
+private fun caps(transport: Int, vararg capabilities: Int) =
+ NetworkCapabilities.Builder().addTransportType(transport).apply {
+ capabilities.forEach { addCapability(it) }
+ }.build()
@SmallTest
-@RunWith(DevSdkIgnoreRunner::class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
-class NetworkRankerTest {
- private val mRanker = NetworkRanker()
+@RunWith(Parameterized::class)
+class NetworkRankerTest(private val activelyPreferBadWifi: Boolean) {
+ private val mRanker = NetworkRanker(NetworkRanker.Configuration(activelyPreferBadWifi))
private class TestScore(private val sc: FullScore, private val nc: NetworkCapabilities)
: NetworkRanker.Scoreable {
@@ -49,124 +56,144 @@
override fun getCapsNoCopy(): NetworkCapabilities = nc
}
+ @get:Rule
+ val mIgnoreRule: DevSdkIgnoreRule = DevSdkIgnoreRule(ignoreClassUpTo = Build.VERSION_CODES.R)
+
+ companion object {
+ @JvmStatic
+ @Parameterized.Parameters
+ fun ranker() = listOf(true, false)
+ }
+
+ // Helpers to shorten syntax
+ private fun rank(vararg scores: TestScore) =
+ mRanker.getBestNetworkByPolicy(scores.toList(), null /* currentSatisfier */)
+ val CAPS_CELL = caps(TRANSPORT_CELLULAR)
+ val CAPS_WIFI = caps(TRANSPORT_WIFI)
+ val CAPS_WIFI_PORTAL = caps(TRANSPORT_WIFI, NET_CAP_PORTAL)
+
@Test
- fun testYieldToBadWiFiOneCell() {
+ fun testYieldToBadWiFi_oneCell() {
// Only cell, it wins
- val winner = TestScore(score(POLICY_YIELD_TO_BAD_WIFI, POLICY_IS_VALIDATED),
- caps(TRANSPORT_CELLULAR))
- val scores = listOf(winner)
- assertEquals(winner, mRanker.getBestNetworkByPolicy(scores, null))
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ assertEquals(cell, rank(cell))
}
@Test
- fun testYieldToBadWiFiOneCellOneBadWiFi() {
+ fun testPreferBadWifi_oneCellOneEvaluatingWifi() {
+ val wifi = TestScore(score(), caps(TRANSPORT_WIFI))
+ val cell = TestScore(score(YIELD_TO_BAD_WIFI, IS_VALIDATED, EVER_EVALUATED), CAPS_CELL)
+ assertEquals(cell, rank(wifi, cell))
+ }
+
+ @Test
+ fun testYieldToBadWiFi_oneCellOneBadWiFi() {
// Bad wifi wins against yielding validated cell
- val winner = TestScore(score(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD),
- caps(TRANSPORT_WIFI))
- val scores = listOf(
- winner,
- TestScore(score(POLICY_YIELD_TO_BAD_WIFI, POLICY_IS_VALIDATED),
- caps(TRANSPORT_CELLULAR))
- )
- assertEquals(winner, mRanker.getBestNetworkByPolicy(scores, null))
+ val badWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED), CAPS_WIFI)
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ assertEquals(badWifi, rank(badWifi, cell))
}
@Test
- fun testYieldToBadWiFiOneCellTwoBadWiFi() {
+ fun testPreferBadWifi_oneCellOneBadWifi() {
+ val badWifi = TestScore(score(EVER_EVALUATED), CAPS_WIFI)
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ val winner = if (activelyPreferBadWifi) badWifi else cell
+ assertEquals(winner, rank(badWifi, cell))
+ }
+
+ @Test
+ fun testPreferBadWifi_oneCellOneCaptivePortalWifi() {
+ val portalWifi = TestScore(score(EVER_EVALUATED), CAPS_WIFI_PORTAL)
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ assertEquals(cell, rank(portalWifi, cell))
+ }
+
+ @Test
+ fun testYieldToBadWifi_oneCellOneCaptivePortalWifiThatClosed() {
+ val portalWifiClosed = TestScore(score(EVER_EVALUATED, EVER_VALIDATED), CAPS_WIFI_PORTAL)
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ assertEquals(portalWifiClosed, rank(portalWifiClosed, cell))
+ }
+
+ @Test
+ fun testYieldToBadWifi_avoidUnvalidated() {
+ // Bad wifi avoided when unvalidated loses against yielding validated cell
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ val avoidedWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED, AVOIDED_UNVALID),
+ CAPS_WIFI)
+ assertEquals(cell, rank(cell, avoidedWifi))
+ }
+
+ @Test
+ fun testYieldToBadWiFi_oneCellTwoBadWiFi() {
// Bad wifi wins against yielding validated cell. Prefer the one that's primary.
- val winner = TestScore(score(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD,
- POLICY_TRANSPORT_PRIMARY), caps(TRANSPORT_WIFI))
- val scores = listOf(
- winner,
- TestScore(score(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD),
- caps(TRANSPORT_WIFI)),
- TestScore(score(POLICY_YIELD_TO_BAD_WIFI, POLICY_IS_VALIDATED),
- caps(TRANSPORT_CELLULAR))
- )
- assertEquals(winner, mRanker.getBestNetworkByPolicy(scores, null))
+ val primaryBadWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED, PRIMARY), CAPS_WIFI)
+ val secondaryBadWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED), CAPS_WIFI)
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ assertEquals(primaryBadWifi, rank(primaryBadWifi, secondaryBadWifi, cell))
}
@Test
- fun testYieldToBadWiFiOneCellTwoBadWiFiOneNotAvoided() {
+ fun testYieldToBadWiFi_oneCellTwoBadWiFiOneNotAvoided() {
// Bad wifi ever validated wins against bad wifi that never was validated (or was
// avoided when bad).
- val winner = TestScore(score(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD),
- caps(TRANSPORT_WIFI))
- val scores = listOf(
- winner,
- TestScore(score(), caps(TRANSPORT_WIFI)),
- TestScore(score(POLICY_YIELD_TO_BAD_WIFI, POLICY_IS_VALIDATED),
- caps(TRANSPORT_CELLULAR))
- )
- assertEquals(winner, mRanker.getBestNetworkByPolicy(scores, null))
+ val badWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED), CAPS_WIFI)
+ val neverValidatedWifi = TestScore(score(), CAPS_WIFI)
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ assertEquals(badWifi, rank(badWifi, neverValidatedWifi, cell))
}
@Test
- fun testYieldToBadWiFiOneCellOneBadWiFiOneGoodWiFi() {
+ fun testYieldToBadWiFi_oneCellOneBadWiFiOneGoodWiFi() {
// Good wifi wins
- val winner = TestScore(score(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD,
- POLICY_IS_VALIDATED), caps(TRANSPORT_WIFI))
- val scores = listOf(
- winner,
- TestScore(score(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD,
- POLICY_TRANSPORT_PRIMARY), caps(TRANSPORT_WIFI)),
- TestScore(score(POLICY_YIELD_TO_BAD_WIFI, POLICY_IS_VALIDATED),
- caps(TRANSPORT_CELLULAR))
- )
- assertEquals(winner, mRanker.getBestNetworkByPolicy(scores, null))
+ val goodWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED, IS_VALIDATED), CAPS_WIFI)
+ val badWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED, PRIMARY), CAPS_WIFI)
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ assertEquals(goodWifi, rank(goodWifi, badWifi, cell))
}
@Test
- fun testYieldToBadWiFiTwoCellsOneBadWiFi() {
+ fun testPreferBadWifi_oneCellOneBadWifiOneEvaluatingWifi() {
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ val badWifi = TestScore(score(EVER_EVALUATED), CAPS_WIFI)
+ val evaluatingWifi = TestScore(score(), CAPS_WIFI)
+ val winner = if (activelyPreferBadWifi) badWifi else cell
+ assertEquals(winner, rank(cell, badWifi, evaluatingWifi))
+ }
+
+ @Test
+ fun testYieldToBadWiFi_twoCellsOneBadWiFi() {
// Cell that doesn't yield wins over cell that yields and bad wifi
- val winner = TestScore(score(POLICY_IS_VALIDATED), caps(TRANSPORT_CELLULAR))
- val scores = listOf(
- winner,
- TestScore(score(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD,
- POLICY_TRANSPORT_PRIMARY), caps(TRANSPORT_WIFI)),
- TestScore(score(POLICY_YIELD_TO_BAD_WIFI, POLICY_IS_VALIDATED),
- caps(TRANSPORT_CELLULAR))
- )
- assertEquals(winner, mRanker.getBestNetworkByPolicy(scores, null))
+ val cellNotYield = TestScore(score(EVER_EVALUATED, IS_VALIDATED), CAPS_CELL)
+ val badWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED, PRIMARY), CAPS_WIFI)
+ val cellYield = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ assertEquals(cellNotYield, rank(cellNotYield, badWifi, cellYield))
}
@Test
- fun testYieldToBadWiFiTwoCellsOneBadWiFiOneGoodWiFi() {
+ fun testYieldToBadWiFi_twoCellsOneBadWiFiOneGoodWiFi() {
// Good wifi wins over cell that doesn't yield and cell that yields
- val winner = TestScore(score(POLICY_IS_VALIDATED), caps(TRANSPORT_WIFI))
- val scores = listOf(
- winner,
- TestScore(score(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD,
- POLICY_TRANSPORT_PRIMARY), caps(TRANSPORT_WIFI)),
- TestScore(score(POLICY_IS_VALIDATED), caps(TRANSPORT_CELLULAR)),
- TestScore(score(POLICY_YIELD_TO_BAD_WIFI, POLICY_IS_VALIDATED),
- caps(TRANSPORT_CELLULAR))
- )
- assertEquals(winner, mRanker.getBestNetworkByPolicy(scores, null))
+ val goodWifi = TestScore(score(EVER_EVALUATED, IS_VALIDATED), CAPS_WIFI)
+ val badWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED, PRIMARY), CAPS_WIFI)
+ val cellNotYield = TestScore(score(EVER_EVALUATED, IS_VALIDATED), CAPS_CELL)
+ val cellYield = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ assertEquals(goodWifi, rank(goodWifi, badWifi, cellNotYield, cellYield))
}
@Test
- fun testYieldToBadWiFiOneExitingGoodWiFi() {
+ fun testYieldToBadWiFi_oneExitingGoodWiFi() {
// Yielding cell wins over good exiting wifi
- val winner = TestScore(score(POLICY_YIELD_TO_BAD_WIFI, POLICY_IS_VALIDATED),
- caps(TRANSPORT_CELLULAR))
- val scores = listOf(
- winner,
- TestScore(score(POLICY_IS_VALIDATED, POLICY_EXITING), caps(TRANSPORT_WIFI))
- )
- assertEquals(winner, mRanker.getBestNetworkByPolicy(scores, null))
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ val exitingWifi = TestScore(score(EVER_EVALUATED, IS_VALIDATED, EXITING), CAPS_WIFI)
+ assertEquals(cell, rank(cell, exitingWifi))
}
@Test
- fun testYieldToBadWiFiOneExitingBadWiFi() {
+ fun testYieldToBadWiFi_oneExitingBadWiFi() {
// Yielding cell wins over bad exiting wifi
- val winner = TestScore(score(POLICY_YIELD_TO_BAD_WIFI, POLICY_IS_VALIDATED),
- caps(TRANSPORT_CELLULAR))
- val scores = listOf(
- winner,
- TestScore(score(POLICY_EVER_VALIDATED_NOT_AVOIDED_WHEN_BAD,
- POLICY_EXITING), caps(TRANSPORT_WIFI))
- )
- assertEquals(winner, mRanker.getBestNetworkByPolicy(scores, null))
+ val cell = TestScore(score(EVER_EVALUATED, YIELD_TO_BAD_WIFI, IS_VALIDATED), CAPS_CELL)
+ val badExitingWifi = TestScore(score(EVER_EVALUATED, EVER_VALIDATED, EXITING), CAPS_WIFI)
+ assertEquals(cell, rank(cell, badExitingWifi))
}
}
diff --git a/tests/unit/java/com/android/server/connectivity/PermissionMonitorTest.java b/tests/unit/java/com/android/server/connectivity/PermissionMonitorTest.java
index ecd17ba..354e79a 100644
--- a/tests/unit/java/com/android/server/connectivity/PermissionMonitorTest.java
+++ b/tests/unit/java/com/android/server/connectivity/PermissionMonitorTest.java
@@ -30,9 +30,6 @@
import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_REQUIRED;
import static android.content.pm.PackageManager.GET_PERMISSIONS;
import static android.content.pm.PackageManager.MATCH_ANY_USER;
-import static android.net.ConnectivityManager.FIREWALL_CHAIN_LOCKDOWN_VPN;
-import static android.net.ConnectivityManager.FIREWALL_RULE_ALLOW;
-import static android.net.ConnectivityManager.FIREWALL_RULE_DENY;
import static android.net.ConnectivitySettingsManager.UIDS_ALLOWED_ON_RESTRICTED_NETWORKS;
import static android.net.INetd.PERMISSION_INTERNET;
import static android.net.INetd.PERMISSION_NETWORK;
@@ -698,7 +695,8 @@
mNetdMonitor.expectNetworkPerm(PERMISSION_SYSTEM, new UserHandle[]{MOCK_USER1},
SYSTEM_APPID1);
- final List<PackageInfo> pkgs = List.of(buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID21,
+ final List<PackageInfo> pkgs = List.of(
+ buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID21,
CONNECTIVITY_USE_RESTRICTED_NETWORKS),
buildPackageInfo(SYSTEM_PACKAGE2, SYSTEM_APP_UID21, CHANGE_NETWORK_STATE));
doReturn(pkgs).when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS),
@@ -764,9 +762,10 @@
MOCK_APPID1);
}
- private void doTestuidFilteringDuringVpnConnectDisconnectAndUidUpdates(@Nullable String ifName)
+ private void doTestUidFilteringDuringVpnConnectDisconnectAndUidUpdates(@Nullable String ifName)
throws Exception {
- doReturn(List.of(buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
+ doReturn(List.of(
+ buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
CONNECTIVITY_USE_RESTRICTED_NETWORKS),
buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
buildPackageInfo(MOCK_PACKAGE2, MOCK_UID12),
@@ -774,7 +773,7 @@
.when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS), anyInt());
buildAndMockPackageInfoWithPermissions(MOCK_PACKAGE1, MOCK_UID11);
mPermissionMonitor.startMonitoring();
- // Every app on user 0 except MOCK_UID12 are under VPN.
+ // Every app on user 0 except MOCK_UID12 is subject to the VPN.
final Set<UidRange> vpnRange1 = Set.of(
new UidRange(0, MOCK_UID12 - 1),
new UidRange(MOCK_UID12 + 1, UserHandle.PER_USER_RANGE - 1));
@@ -811,18 +810,19 @@
@Test
public void testUidFilteringDuringVpnConnectDisconnectAndUidUpdates() throws Exception {
- doTestuidFilteringDuringVpnConnectDisconnectAndUidUpdates("tun0");
+ doTestUidFilteringDuringVpnConnectDisconnectAndUidUpdates("tun0");
}
@Test
public void testUidFilteringDuringVpnConnectDisconnectAndUidUpdatesWithWildcard()
throws Exception {
- doTestuidFilteringDuringVpnConnectDisconnectAndUidUpdates(null /* ifName */);
+ doTestUidFilteringDuringVpnConnectDisconnectAndUidUpdates(null /* ifName */);
}
private void doTestUidFilteringDuringPackageInstallAndUninstall(@Nullable String ifName) throws
Exception {
- doReturn(List.of(buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
+ doReturn(List.of(
+ buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
NETWORK_STACK, CONNECTIVITY_USE_RESTRICTED_NETWORKS),
buildPackageInfo(SYSTEM_PACKAGE2, VPN_UID)))
.when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS), anyInt());
@@ -857,155 +857,149 @@
@Test
public void testLockdownUidFilteringWithLockdownEnableDisable() {
- doReturn(List.of(buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
+ doReturn(List.of(
+ buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
CONNECTIVITY_USE_RESTRICTED_NETWORKS),
buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
buildPackageInfo(MOCK_PACKAGE2, MOCK_UID12),
buildPackageInfo(SYSTEM_PACKAGE2, VPN_UID)))
.when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS), anyInt());
mPermissionMonitor.startMonitoring();
- // Every app on user 0 except MOCK_UID12 are under VPN.
- final UidRange[] vpnRange1 = {
+ // Every app on user 0 except MOCK_UID12 is subject to the VPN.
+ final UidRange[] lockdownRange = {
new UidRange(0, MOCK_UID12 - 1),
new UidRange(MOCK_UID12 + 1, UserHandle.PER_USER_RANGE - 1)
};
- // Add Lockdown uid range, expect a rule to be set up for user app MOCK_UID11
- mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, vpnRange1);
- verify(mBpfNetMaps)
- .setUidRule(
- eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID11),
- eq(FIREWALL_RULE_DENY));
- assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(vpnRange1));
+ // Add Lockdown uid range, expect a rule to be set up for MOCK_UID11 and VPN_UID
+ mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, lockdownRange);
+ verify(mBpfNetMaps, times(2)).updateUidLockdownRule(anyInt(), eq(true) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(MOCK_UID11, true /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(VPN_UID, true /* add */);
+ assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(lockdownRange));
reset(mBpfNetMaps);
// Remove Lockdown uid range, expect rules to be torn down
- mPermissionMonitor.updateVpnLockdownUidRanges(false /* false */, vpnRange1);
- verify(mBpfNetMaps)
- .setUidRule(eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID11),
- eq(FIREWALL_RULE_ALLOW));
+ mPermissionMonitor.updateVpnLockdownUidRanges(false /* add */, lockdownRange);
+ verify(mBpfNetMaps, times(2)).updateUidLockdownRule(anyInt(), eq(false) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(MOCK_UID11, false /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(VPN_UID, false /* add */);
assertTrue(mPermissionMonitor.getVpnLockdownUidRanges().isEmpty());
}
@Test
public void testLockdownUidFilteringWithLockdownEnableDisableWithMultiAdd() {
- doReturn(List.of(buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
+ doReturn(List.of(
+ buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
CONNECTIVITY_USE_RESTRICTED_NETWORKS),
buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
buildPackageInfo(SYSTEM_PACKAGE2, VPN_UID)))
.when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS), anyInt());
mPermissionMonitor.startMonitoring();
- // MOCK_UID11 is under VPN.
+ // MOCK_UID11 is subject to the VPN.
final UidRange range = new UidRange(MOCK_UID11, MOCK_UID11);
- final UidRange[] vpnRange = {range};
+ final UidRange[] lockdownRange = {range};
// Add Lockdown uid range at 1st time, expect a rule to be set up
- mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, vpnRange);
- verify(mBpfNetMaps)
- .setUidRule(eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID11),
- eq(FIREWALL_RULE_DENY));
- assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(vpnRange));
+ mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, lockdownRange);
+ verify(mBpfNetMaps).updateUidLockdownRule(anyInt(), eq(true) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(MOCK_UID11, true /* add */);
+ assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(lockdownRange));
reset(mBpfNetMaps);
// Add Lockdown uid range at 2nd time, expect a rule not to be set up because the uid
// already has the rule
- mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, vpnRange);
- verify(mBpfNetMaps, never()).setUidRule(anyInt(), anyInt(), anyInt());
- assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(vpnRange));
+ mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, lockdownRange);
+ verify(mBpfNetMaps, never()).updateUidLockdownRule(anyInt(), anyBoolean());
+ assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(lockdownRange));
reset(mBpfNetMaps);
// Remove Lockdown uid range at 1st time, expect a rule not to be torn down because we added
// the range 2 times.
- mPermissionMonitor.updateVpnLockdownUidRanges(false /* false */, vpnRange);
- verify(mBpfNetMaps, never()).setUidRule(anyInt(), anyInt(), anyInt());
- assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(vpnRange));
+ mPermissionMonitor.updateVpnLockdownUidRanges(false /* add */, lockdownRange);
+ verify(mBpfNetMaps, never()).updateUidLockdownRule(anyInt(), anyBoolean());
+ assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(lockdownRange));
reset(mBpfNetMaps);
// Remove Lockdown uid range at 2nd time, expect a rule to be torn down because we added
// twice and we removed twice.
- mPermissionMonitor.updateVpnLockdownUidRanges(false /* false */, vpnRange);
- verify(mBpfNetMaps)
- .setUidRule(eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID11),
- eq(FIREWALL_RULE_ALLOW));
+ mPermissionMonitor.updateVpnLockdownUidRanges(false /* add */, lockdownRange);
+ verify(mBpfNetMaps).updateUidLockdownRule(anyInt(), eq(false) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(MOCK_UID11, false /* add */);
assertTrue(mPermissionMonitor.getVpnLockdownUidRanges().isEmpty());
}
@Test
public void testLockdownUidFilteringWithLockdownEnableDisableWithDuplicates() {
- doReturn(List.of(buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
+ doReturn(List.of(
+ buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
CONNECTIVITY_USE_RESTRICTED_NETWORKS),
buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
buildPackageInfo(SYSTEM_PACKAGE2, VPN_UID)))
.when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS), anyInt());
mPermissionMonitor.startMonitoring();
- // MOCK_UID11 is under VPN.
+ // MOCK_UID11 is subject to the VPN.
final UidRange range = new UidRange(MOCK_UID11, MOCK_UID11);
- final UidRange[] vpnRangeDuplicates = {range, range};
- final UidRange[] vpnRange = {range};
+ final UidRange[] lockdownRangeDuplicates = {range, range};
+ final UidRange[] lockdownRange = {range};
// Add Lockdown uid ranges which contains duplicated uid ranges
- mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, vpnRangeDuplicates);
- verify(mBpfNetMaps)
- .setUidRule(eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID11),
- eq(FIREWALL_RULE_DENY));
- assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(vpnRange));
+ mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, lockdownRangeDuplicates);
+ verify(mBpfNetMaps).updateUidLockdownRule(anyInt(), eq(true) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(MOCK_UID11, true /* add */);
+ assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(lockdownRange));
reset(mBpfNetMaps);
// Remove Lockdown uid range at 1st time, expect a rule not to be torn down because uid
// ranges we added contains duplicated uid ranges.
- mPermissionMonitor.updateVpnLockdownUidRanges(false /* false */, vpnRange);
- verify(mBpfNetMaps, never()).setUidRule(anyInt(), anyInt(), anyInt());
- assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(vpnRange));
+ mPermissionMonitor.updateVpnLockdownUidRanges(false /* add */, lockdownRange);
+ verify(mBpfNetMaps, never()).updateUidLockdownRule(anyInt(), anyBoolean());
+ assertEquals(mPermissionMonitor.getVpnLockdownUidRanges(), Set.of(lockdownRange));
reset(mBpfNetMaps);
// Remove Lockdown uid range at 2nd time, expect a rule to be torn down.
- mPermissionMonitor.updateVpnLockdownUidRanges(false /* false */, vpnRange);
- verify(mBpfNetMaps)
- .setUidRule(eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID11),
- eq(FIREWALL_RULE_ALLOW));
+ mPermissionMonitor.updateVpnLockdownUidRanges(false /* add */, lockdownRange);
+ verify(mBpfNetMaps).updateUidLockdownRule(anyInt(), eq(false) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(MOCK_UID11, false /* add */);
assertTrue(mPermissionMonitor.getVpnLockdownUidRanges().isEmpty());
}
@Test
public void testLockdownUidFilteringWithInstallAndUnInstall() {
- doReturn(List.of(buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
+ doReturn(List.of(
+ buildPackageInfo(SYSTEM_PACKAGE1, SYSTEM_APP_UID11, CHANGE_NETWORK_STATE,
NETWORK_STACK, CONNECTIVITY_USE_RESTRICTED_NETWORKS),
buildPackageInfo(SYSTEM_PACKAGE2, VPN_UID)))
.when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS), anyInt());
doReturn(List.of(MOCK_USER1, MOCK_USER2)).when(mUserManager).getUserHandles(eq(true));
mPermissionMonitor.startMonitoring();
- final UidRange[] vpnRange = {
+ final UidRange[] lockdownRange = {
UidRange.createForUser(MOCK_USER1),
UidRange.createForUser(MOCK_USER2)
};
- mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, vpnRange);
+ mPermissionMonitor.updateVpnLockdownUidRanges(true /* add */, lockdownRange);
+
+ reset(mBpfNetMaps);
// Installing package should add Lockdown rules
addPackageForUsers(new UserHandle[]{MOCK_USER1, MOCK_USER2}, MOCK_PACKAGE1, MOCK_APPID1);
- verify(mBpfNetMaps)
- .setUidRule(eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID11),
- eq(FIREWALL_RULE_DENY));
- verify(mBpfNetMaps)
- .setUidRule(eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID21),
- eq(FIREWALL_RULE_DENY));
+ verify(mBpfNetMaps, times(2)).updateUidLockdownRule(anyInt(), eq(true) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(MOCK_UID11, true /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(MOCK_UID21, true /* add */);
reset(mBpfNetMaps);
// Uninstalling package should remove Lockdown rules
mPermissionMonitor.onPackageRemoved(MOCK_PACKAGE1, MOCK_UID11);
- verify(mBpfNetMaps)
- .setUidRule(eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID11),
- eq(FIREWALL_RULE_ALLOW));
- verify(mBpfNetMaps, never())
- .setUidRule(eq(FIREWALL_CHAIN_LOCKDOWN_VPN), eq(MOCK_UID21),
- eq(FIREWALL_RULE_ALLOW));
+ verify(mBpfNetMaps).updateUidLockdownRule(anyInt(), eq(false) /* add */);
+ verify(mBpfNetMaps).updateUidLockdownRule(MOCK_UID11, false /* add */);
}
// Normal package add/remove operations will trigger multiple intent for uids corresponding to
@@ -1329,7 +1323,8 @@
public void testOnExternalApplicationsAvailable() throws Exception {
// Initial the permission state. MOCK_PACKAGE1 and MOCK_PACKAGE2 are installed on external
// and have different uids. There has no permission for both uids.
- doReturn(List.of(buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
+ doReturn(List.of(
+ buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
buildPackageInfo(MOCK_PACKAGE2, MOCK_UID12)))
.when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS), anyInt());
mPermissionMonitor.startMonitoring();
@@ -1387,7 +1382,8 @@
throws Exception {
// Initial the permission state. MOCK_PACKAGE1 and MOCK_PACKAGE2 are installed on external
// storage and shared on MOCK_UID11. There has no permission for MOCK_UID11.
- doReturn(List.of(buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
+ doReturn(List.of(
+ buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
buildPackageInfo(MOCK_PACKAGE2, MOCK_UID11)))
.when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS), anyInt());
mPermissionMonitor.startMonitoring();
@@ -1413,7 +1409,8 @@
// Initial the permission state. MOCK_PACKAGE1 is installed on external storage and
// MOCK_PACKAGE2 is installed on device. These two packages are shared on MOCK_UID11.
// MOCK_UID11 has NETWORK and INTERNET permissions.
- doReturn(List.of(buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
+ doReturn(List.of(
+ buildPackageInfo(MOCK_PACKAGE1, MOCK_UID11),
buildPackageInfo(MOCK_PACKAGE2, MOCK_UID11, CHANGE_NETWORK_STATE, INTERNET)))
.when(mPackageManager).getInstalledPackagesAsUser(eq(GET_PERMISSIONS), anyInt());
mPermissionMonitor.startMonitoring();
diff --git a/tests/unit/java/com/android/server/connectivity/VpnTest.java b/tests/unit/java/com/android/server/connectivity/VpnTest.java
index eb35469..1c54651 100644
--- a/tests/unit/java/com/android/server/connectivity/VpnTest.java
+++ b/tests/unit/java/com/android/server/connectivity/VpnTest.java
@@ -20,18 +20,16 @@
import static android.Manifest.permission.CONTROL_VPN;
import static android.content.pm.PackageManager.PERMISSION_DENIED;
import static android.content.pm.PackageManager.PERMISSION_GRANTED;
-import static android.content.pm.UserInfo.FLAG_ADMIN;
-import static android.content.pm.UserInfo.FLAG_MANAGED_PROFILE;
-import static android.content.pm.UserInfo.FLAG_PRIMARY;
-import static android.content.pm.UserInfo.FLAG_RESTRICTED;
import static android.net.ConnectivityManager.NetworkCallback;
import static android.net.INetd.IF_STATE_DOWN;
import static android.net.INetd.IF_STATE_UP;
+import static android.net.RouteInfo.RTN_UNREACHABLE;
import static android.net.VpnManager.TYPE_VPN_PLATFORM;
+import static android.net.ipsec.ike.IkeSessionConfiguration.EXTENSION_TYPE_MOBIKE;
import static android.os.Build.VERSION_CODES.S_V2;
import static android.os.UserHandle.PER_USER_RANGE;
-import static com.android.modules.utils.build.SdkLevel.isAtLeastT;
+import static com.android.testutils.Cleanup.testAndCleanup;
import static com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo;
import static com.android.testutils.MiscAsserts.assertThrows;
@@ -39,9 +37,9 @@
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
-import static org.junit.Assume.assumeTrue;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyBoolean;
import static org.mockito.ArgumentMatchers.anyInt;
@@ -59,6 +57,7 @@
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.reset;
+import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.timeout;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
@@ -83,24 +82,29 @@
import android.net.InetAddresses;
import android.net.InterfaceConfigurationParcel;
import android.net.IpPrefix;
+import android.net.IpSecConfig;
import android.net.IpSecManager;
+import android.net.IpSecTransform;
import android.net.IpSecTunnelInterfaceResponse;
import android.net.LinkAddress;
import android.net.LinkProperties;
import android.net.LocalSocket;
import android.net.Network;
-import android.net.NetworkAgent;
import android.net.NetworkAgentConfig;
import android.net.NetworkCapabilities;
import android.net.NetworkInfo.DetailedState;
-import android.net.NetworkProvider;
import android.net.RouteInfo;
import android.net.UidRangeParcel;
import android.net.VpnManager;
import android.net.VpnProfileState;
import android.net.VpnService;
import android.net.VpnTransportInfo;
+import android.net.ipsec.ike.ChildSessionCallback;
+import android.net.ipsec.ike.ChildSessionConfiguration;
import android.net.ipsec.ike.IkeSessionCallback;
+import android.net.ipsec.ike.IkeSessionConfiguration;
+import android.net.ipsec.ike.IkeSessionConnectionInfo;
+import android.net.ipsec.ike.IkeTrafficSelector;
import android.net.ipsec.ike.exceptions.IkeException;
import android.net.ipsec.ike.exceptions.IkeNetworkLostException;
import android.net.ipsec.ike.exceptions.IkeNonProtocolException;
@@ -110,7 +114,6 @@
import android.os.Bundle;
import android.os.ConditionVariable;
import android.os.INetworkManagementService;
-import android.os.Looper;
import android.os.ParcelFileDescriptor;
import android.os.PowerWhitelistManager;
import android.os.Process;
@@ -121,6 +124,7 @@
import android.security.Credentials;
import android.util.ArrayMap;
import android.util.ArraySet;
+import android.util.Pair;
import android.util.Range;
import androidx.test.filters.SmallTest;
@@ -130,9 +134,9 @@
import com.android.internal.net.VpnConfig;
import com.android.internal.net.VpnProfile;
import com.android.internal.util.HexDump;
-import com.android.modules.utils.build.SdkLevel;
import com.android.server.DeviceIdleInternal;
import com.android.server.IpSecService;
+import com.android.server.VpnTestBase;
import com.android.server.vcn.util.PersistableBundleUtils;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRunner;
@@ -155,6 +159,7 @@
import java.io.FileWriter;
import java.io.IOException;
import java.net.Inet4Address;
+import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
@@ -164,7 +169,11 @@
import java.util.List;
import java.util.Map;
import java.util.Set;
+import java.util.SortedSet;
+import java.util.TreeSet;
import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.ScheduledFuture;
+import java.util.concurrent.ScheduledThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import java.util.stream.Stream;
@@ -176,55 +185,53 @@
*/
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
-@IgnoreUpTo(VERSION_CODES.S_V2)
-public class VpnTest {
+@IgnoreUpTo(S_V2)
+public class VpnTest extends VpnTestBase {
private static final String TAG = "VpnTest";
@Rule
public final DevSdkIgnoreRule mIgnoreRule = new DevSdkIgnoreRule();
- // Mock users
- static final UserInfo primaryUser = new UserInfo(27, "Primary", FLAG_ADMIN | FLAG_PRIMARY);
- static final UserInfo secondaryUser = new UserInfo(15, "Secondary", FLAG_ADMIN);
- static final UserInfo restrictedProfileA = new UserInfo(40, "RestrictedA", FLAG_RESTRICTED);
- static final UserInfo restrictedProfileB = new UserInfo(42, "RestrictedB", FLAG_RESTRICTED);
- static final UserInfo managedProfileA = new UserInfo(45, "ManagedA", FLAG_MANAGED_PROFILE);
- static {
- restrictedProfileA.restrictedProfileParentId = primaryUser.id;
- restrictedProfileB.restrictedProfileParentId = secondaryUser.id;
- managedProfileA.profileGroupId = primaryUser.id;
- }
-
static final Network EGRESS_NETWORK = new Network(101);
static final String EGRESS_IFACE = "wlan0";
- static final String TEST_VPN_PKG = "com.testvpn.vpn";
+ private static final String TEST_VPN_CLIENT = "2.4.6.8";
private static final String TEST_VPN_SERVER = "1.2.3.4";
private static final String TEST_VPN_IDENTITY = "identity";
private static final byte[] TEST_VPN_PSK = "psk".getBytes();
+ private static final int IP4_PREFIX_LEN = 32;
+ private static final int MIN_PORT = 0;
+ private static final int MAX_PORT = 65535;
+
+ private static final InetAddress TEST_VPN_CLIENT_IP =
+ InetAddresses.parseNumericAddress(TEST_VPN_CLIENT);
+ private static final InetAddress TEST_VPN_SERVER_IP =
+ InetAddresses.parseNumericAddress(TEST_VPN_SERVER);
+ private static final InetAddress TEST_VPN_CLIENT_IP_2 =
+ InetAddresses.parseNumericAddress("192.0.2.200");
+ private static final InetAddress TEST_VPN_SERVER_IP_2 =
+ InetAddresses.parseNumericAddress("192.0.2.201");
+ private static final InetAddress TEST_VPN_INTERNAL_IP =
+ InetAddresses.parseNumericAddress("198.51.100.10");
+ private static final InetAddress TEST_VPN_INTERNAL_DNS =
+ InetAddresses.parseNumericAddress("8.8.8.8");
+
+ private static final IkeTrafficSelector IN_TS =
+ new IkeTrafficSelector(MIN_PORT, MAX_PORT, TEST_VPN_INTERNAL_IP, TEST_VPN_INTERNAL_IP);
+ private static final IkeTrafficSelector OUT_TS =
+ new IkeTrafficSelector(MIN_PORT, MAX_PORT,
+ InetAddresses.parseNumericAddress("0.0.0.0"),
+ InetAddresses.parseNumericAddress("255.255.255.255"));
+
private static final Network TEST_NETWORK = new Network(Integer.MAX_VALUE);
+ private static final Network TEST_NETWORK_2 = new Network(Integer.MAX_VALUE - 1);
private static final String TEST_IFACE_NAME = "TEST_IFACE";
private static final int TEST_TUNNEL_RESOURCE_ID = 0x2345;
private static final long TEST_TIMEOUT_MS = 500L;
private static final String PRIMARY_USER_APP_EXCLUDE_KEY =
- "VPN_APP_EXCLUDED_27_com.testvpn.vpn";
- /**
- * Names and UIDs for some fake packages. Important points:
- * - UID is ordered increasing.
- * - One pair of packages have consecutive UIDs.
- */
- static final String[] PKGS = {"com.example", "org.example", "net.example", "web.vpn"};
+ "VPNAPPEXCLUDED_27_com.testvpn.vpn";
static final String PKGS_BYTES = getPackageByteString(List.of(PKGS));
- static final int[] PKG_UIDS = {10066, 10077, 10078, 10400};
-
- // Mock packages
- static final Map<String, Integer> mPackages = new ArrayMap<>();
- static {
- for (int i = 0; i < PKGS.length; i++) {
- mPackages.put(PKGS[i], PKG_UIDS[i]);
- }
- }
- private static final Range<Integer> PRI_USER_RANGE = uidRangeForUser(primaryUser.id);
+ private static final Range<Integer> PRIMARY_USER_RANGE = uidRangeForUser(PRIMARY_USER.id);
@Mock(answer = Answers.RETURNS_DEEP_STUBS) private Context mContext;
@Mock private UserManager mUserManager;
@@ -234,21 +241,28 @@
@Mock private AppOpsManager mAppOps;
@Mock private NotificationManager mNotificationManager;
@Mock private Vpn.SystemServices mSystemServices;
+ @Mock private Vpn.IkeSessionWrapper mIkeSessionWrapper;
@Mock private Vpn.Ikev2SessionCreator mIkev2SessionCreator;
+ @Mock private Vpn.VpnNetworkAgentWrapper mMockNetworkAgent;
@Mock private ConnectivityManager mConnectivityManager;
@Mock private IpSecService mIpSecService;
@Mock private VpnProfileStore mVpnProfileStore;
+ @Mock private ScheduledThreadPoolExecutor mExecutor;
+ @Mock private ScheduledFuture mScheduledFuture;
@Mock DeviceIdleInternal mDeviceIdleInternal;
private final VpnProfile mVpnProfile;
private IpSecManager mIpSecManager;
+ private TestDeps mTestDeps;
+
public VpnTest() throws Exception {
// Build an actual VPN profile that is capable of being converted to and from an
// Ikev2VpnProfile
final Ikev2VpnProfile.Builder builder =
new Ikev2VpnProfile.Builder(TEST_VPN_SERVER, TEST_VPN_IDENTITY);
builder.setAuthPsk(TEST_VPN_PSK);
+ builder.setBypassable(true /* isBypassable */);
mVpnProfile = builder.build().toVpnProfile();
}
@@ -257,9 +271,10 @@
MockitoAnnotations.initMocks(this);
mIpSecManager = new IpSecManager(mContext, mIpSecService);
+ mTestDeps = spy(new TestDeps());
when(mContext.getPackageManager()).thenReturn(mPackageManager);
- setMockedPackages(mPackages);
+ setMockedPackages(sPackages);
when(mContext.getPackageName()).thenReturn(TEST_VPN_PKG);
when(mContext.getOpPackageName()).thenReturn(TEST_VPN_PKG);
@@ -297,11 +312,33 @@
// itself, so set the default value of Context#checkCallingOrSelfPermission to
// PERMISSION_DENIED.
doReturn(PERMISSION_DENIED).when(mContext).checkCallingOrSelfPermission(any());
+
+ // Set up mIkev2SessionCreator and mExecutor
+ resetIkev2SessionCreator(mIkeSessionWrapper);
+ resetExecutor(mScheduledFuture);
+ }
+
+ private void resetIkev2SessionCreator(Vpn.IkeSessionWrapper ikeSession) {
+ reset(mIkev2SessionCreator);
+ when(mIkev2SessionCreator.createIkeSession(any(), any(), any(), any(), any(), any()))
+ .thenReturn(ikeSession);
+ }
+
+ private void resetExecutor(ScheduledFuture scheduledFuture) {
+ doAnswer(
+ (invocation) -> {
+ ((Runnable) invocation.getArgument(0)).run();
+ return null;
+ })
+ .when(mExecutor)
+ .execute(any());
+ when(mExecutor.schedule(
+ any(Runnable.class), anyLong(), any())).thenReturn(mScheduledFuture);
}
@After
public void tearDown() throws Exception {
- doReturn(PERMISSION_DENIED).when(mContext).checkCallingOrSelfPermission(CONTROL_VPN);
+ doReturn(PERMISSION_DENIED).when(mContext).checkCallingOrSelfPermission(any());
}
private <T> void mockService(Class<T> clazz, String name, T service) {
@@ -342,50 +379,51 @@
@Test
public void testRestrictedProfilesAreAddedToVpn() {
- setMockedUsers(primaryUser, secondaryUser, restrictedProfileA, restrictedProfileB);
+ setMockedUsers(PRIMARY_USER, SECONDARY_USER, RESTRICTED_PROFILE_A, RESTRICTED_PROFILE_B);
- final Vpn vpn = createVpn(primaryUser.id);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
// Assume the user can have restricted profiles.
doReturn(true).when(mUserManager).canHaveRestrictedProfile();
final Set<Range<Integer>> ranges =
- vpn.createUserAndRestrictedProfilesRanges(primaryUser.id, null, null);
+ vpn.createUserAndRestrictedProfilesRanges(PRIMARY_USER.id, null, null);
- assertEquals(rangeSet(PRI_USER_RANGE, uidRangeForUser(restrictedProfileA.id)), ranges);
+ assertEquals(rangeSet(PRIMARY_USER_RANGE, uidRangeForUser(RESTRICTED_PROFILE_A.id)),
+ ranges);
}
@Test
public void testManagedProfilesAreNotAddedToVpn() {
- setMockedUsers(primaryUser, managedProfileA);
+ setMockedUsers(PRIMARY_USER, MANAGED_PROFILE_A);
- final Vpn vpn = createVpn(primaryUser.id);
- final Set<Range<Integer>> ranges = vpn.createUserAndRestrictedProfilesRanges(primaryUser.id,
- null, null);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
+ final Set<Range<Integer>> ranges = vpn.createUserAndRestrictedProfilesRanges(
+ PRIMARY_USER.id, null, null);
- assertEquals(rangeSet(PRI_USER_RANGE), ranges);
+ assertEquals(rangeSet(PRIMARY_USER_RANGE), ranges);
}
@Test
public void testAddUserToVpnOnlyAddsOneUser() {
- setMockedUsers(primaryUser, restrictedProfileA, managedProfileA);
+ setMockedUsers(PRIMARY_USER, RESTRICTED_PROFILE_A, MANAGED_PROFILE_A);
- final Vpn vpn = createVpn(primaryUser.id);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
final Set<Range<Integer>> ranges = new ArraySet<>();
- vpn.addUserToRanges(ranges, primaryUser.id, null, null);
+ vpn.addUserToRanges(ranges, PRIMARY_USER.id, null, null);
- assertEquals(rangeSet(PRI_USER_RANGE), ranges);
+ assertEquals(rangeSet(PRIMARY_USER_RANGE), ranges);
}
@Test
public void testUidAllowAndDenylist() throws Exception {
- final Vpn vpn = createVpn(primaryUser.id);
- final Range<Integer> user = PRI_USER_RANGE;
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
+ final Range<Integer> user = PRIMARY_USER_RANGE;
final int userStart = user.getLower();
final int userStop = user.getUpper();
final String[] packages = {PKGS[0], PKGS[1], PKGS[2]};
// Allowed list
- final Set<Range<Integer>> allow = vpn.createUserAndRestrictedProfilesRanges(primaryUser.id,
+ final Set<Range<Integer>> allow = vpn.createUserAndRestrictedProfilesRanges(PRIMARY_USER.id,
Arrays.asList(packages), null /* disallowedApplications */);
assertEquals(rangeSet(
uidRange(userStart + PKG_UIDS[0], userStart + PKG_UIDS[0]),
@@ -398,7 +436,7 @@
// Denied list
final Set<Range<Integer>> disallow =
- vpn.createUserAndRestrictedProfilesRanges(primaryUser.id,
+ vpn.createUserAndRestrictedProfilesRanges(PRIMARY_USER.id,
null /* allowedApplications */, Arrays.asList(packages));
assertEquals(rangeSet(
uidRange(userStart, userStart + PKG_UIDS[0] - 1),
@@ -420,7 +458,7 @@
@Test
public void testGetAlwaysAndOnGetLockDown() throws Exception {
- final Vpn vpn = createVpn(primaryUser.id);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
// Default state.
assertFalse(vpn.getAlwaysOn());
@@ -444,8 +482,8 @@
@Test
public void testLockdownChangingPackage() throws Exception {
- final Vpn vpn = createVpn(primaryUser.id);
- final Range<Integer> user = PRI_USER_RANGE;
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
+ final Range<Integer> user = PRIMARY_USER_RANGE;
final int userStart = user.getLower();
final int userStop = user.getUpper();
// Set always-on without lockdown.
@@ -478,8 +516,8 @@
@Test
public void testLockdownAllowlist() throws Exception {
- final Vpn vpn = createVpn(primaryUser.id);
- final Range<Integer> user = PRI_USER_RANGE;
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
+ final Range<Integer> user = PRIMARY_USER_RANGE;
final int userStart = user.getLower();
final int userStop = user.getUpper();
// Set always-on with lockdown and allow app PKGS[2] from lockdown.
@@ -589,9 +627,9 @@
@Test
public void testLockdownRuleRepeatability() throws Exception {
- final Vpn vpn = createVpn(primaryUser.id);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
final UidRangeParcel[] primaryUserRangeParcel = new UidRangeParcel[] {
- new UidRangeParcel(PRI_USER_RANGE.getLower(), PRI_USER_RANGE.getUpper())};
+ new UidRangeParcel(PRIMARY_USER_RANGE.getLower(), PRIMARY_USER_RANGE.getUpper())};
// Given legacy lockdown is already enabled,
vpn.setLockdown(true);
verify(mConnectivityManager, times(1)).setRequireVpnForUids(true,
@@ -622,9 +660,9 @@
@Test
public void testLockdownRuleReversibility() throws Exception {
doReturn(PERMISSION_GRANTED).when(mContext).checkCallingOrSelfPermission(CONTROL_VPN);
- final Vpn vpn = createVpn(primaryUser.id);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
final UidRangeParcel[] entireUser = {
- new UidRangeParcel(PRI_USER_RANGE.getLower(), PRI_USER_RANGE.getUpper())
+ new UidRangeParcel(PRIMARY_USER_RANGE.getLower(), PRIMARY_USER_RANGE.getUpper())
};
final UidRangeParcel[] exceptPkg0 = {
new UidRangeParcel(entireUser[0].start, entireUser[0].start + PKG_UIDS[0] - 1),
@@ -654,7 +692,6 @@
@Test
public void testPrepare_throwSecurityExceptionWhenGivenPackageDoesNotBelongToTheCaller()
throws Exception {
- assumeTrue(isAtLeastT());
final Vpn vpn = createVpnAndSetupUidChecks();
assertThrows(SecurityException.class,
() -> vpn.prepare("com.not.vpn.owner", null, VpnManager.TYPE_VPN_SERVICE));
@@ -674,17 +711,17 @@
@Test
public void testIsAlwaysOnPackageSupported() throws Exception {
- final Vpn vpn = createVpn(primaryUser.id);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
ApplicationInfo appInfo = new ApplicationInfo();
- when(mPackageManager.getApplicationInfoAsUser(eq(PKGS[0]), anyInt(), eq(primaryUser.id)))
+ when(mPackageManager.getApplicationInfoAsUser(eq(PKGS[0]), anyInt(), eq(PRIMARY_USER.id)))
.thenReturn(appInfo);
ServiceInfo svcInfo = new ServiceInfo();
ResolveInfo resInfo = new ResolveInfo();
resInfo.serviceInfo = svcInfo;
when(mPackageManager.queryIntentServicesAsUser(any(), eq(PackageManager.GET_META_DATA),
- eq(primaryUser.id)))
+ eq(PRIMARY_USER.id)))
.thenReturn(Collections.singletonList(resInfo));
// null package name should return false
@@ -708,9 +745,9 @@
@Test
public void testNotificationShownForAlwaysOnApp() throws Exception {
- final UserHandle userHandle = UserHandle.of(primaryUser.id);
- final Vpn vpn = createVpn(primaryUser.id);
- setMockedUsers(primaryUser);
+ final UserHandle userHandle = UserHandle.of(PRIMARY_USER.id);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
+ setMockedUsers(PRIMARY_USER);
final InOrder order = inOrder(mNotificationManager);
@@ -743,15 +780,15 @@
*/
@Test
public void testGetProfileNameForPackage() throws Exception {
- final Vpn vpn = createVpn(primaryUser.id);
- setMockedUsers(primaryUser);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
+ setMockedUsers(PRIMARY_USER);
- final String expected = Credentials.PLATFORM_VPN + primaryUser.id + "_" + TEST_VPN_PKG;
+ final String expected = Credentials.PLATFORM_VPN + PRIMARY_USER.id + "_" + TEST_VPN_PKG;
assertEquals(expected, vpn.getProfileNameForPackage(TEST_VPN_PKG));
}
private Vpn createVpnAndSetupUidChecks(String... grantedOps) throws Exception {
- return createVpnAndSetupUidChecks(primaryUser, grantedOps);
+ return createVpnAndSetupUidChecks(PRIMARY_USER, grantedOps);
}
private Vpn createVpnAndSetupUidChecks(UserInfo user, String... grantedOps) throws Exception {
@@ -808,14 +845,11 @@
vpn.startVpnProfile(TEST_VPN_PKG);
verify(mVpnProfileStore).get(eq(vpn.getProfileNameForPackage(TEST_VPN_PKG)));
- vpn.mNetworkAgent = new NetworkAgent(mContext, Looper.getMainLooper(), TAG,
- new NetworkCapabilities.Builder().build(), new LinkProperties(), 10 /* score */,
- new NetworkAgentConfig.Builder().build(),
- new NetworkProvider(mContext, Looper.getMainLooper(), TAG)) {};
+ vpn.mNetworkAgent = mMockNetworkAgent;
return vpn;
}
- @Test @IgnoreUpTo(S_V2)
+ @Test
public void testSetAndGetAppExclusionList() throws Exception {
final Vpn vpn = prepareVpnForVerifyAppExclusionList();
verify(mVpnProfileStore, never()).put(eq(PRIMARY_USER_APP_EXCLUDE_KEY), any());
@@ -824,20 +858,97 @@
.put(eq(PRIMARY_USER_APP_EXCLUDE_KEY),
eq(HexDump.hexStringToByteArray(PKGS_BYTES)));
assertEquals(vpn.createUserAndRestrictedProfilesRanges(
- primaryUser.id, null, Arrays.asList(PKGS)),
+ PRIMARY_USER.id, null, Arrays.asList(PKGS)),
vpn.mNetworkCapabilities.getUids());
assertEquals(Arrays.asList(PKGS), vpn.getAppExclusionList(TEST_VPN_PKG));
}
- @Test @IgnoreUpTo(S_V2)
+ @Test
+ public void testRefreshPlatformVpnAppExclusionList_updatesExcludedUids() throws Exception {
+ final Vpn vpn = prepareVpnForVerifyAppExclusionList();
+ vpn.setAppExclusionList(TEST_VPN_PKG, Arrays.asList(PKGS));
+ verify(mMockNetworkAgent).doSendNetworkCapabilities(any());
+ assertEquals(Arrays.asList(PKGS), vpn.getAppExclusionList(TEST_VPN_PKG));
+
+ reset(mMockNetworkAgent);
+
+ // Remove one of the package
+ List<Integer> newExcludedUids = toList(PKG_UIDS);
+ newExcludedUids.remove((Integer) PKG_UIDS[0]);
+ sPackages.remove(PKGS[0]);
+ vpn.refreshPlatformVpnAppExclusionList();
+
+ // List in keystore is not changed, but UID for the removed packages is no longer exempted.
+ assertEquals(Arrays.asList(PKGS), vpn.getAppExclusionList(TEST_VPN_PKG));
+ assertEquals(makeVpnUidRange(PRIMARY_USER.id, newExcludedUids),
+ vpn.mNetworkCapabilities.getUids());
+ ArgumentCaptor<NetworkCapabilities> ncCaptor =
+ ArgumentCaptor.forClass(NetworkCapabilities.class);
+ verify(mMockNetworkAgent).doSendNetworkCapabilities(ncCaptor.capture());
+ assertEquals(makeVpnUidRange(PRIMARY_USER.id, newExcludedUids),
+ ncCaptor.getValue().getUids());
+
+ reset(mMockNetworkAgent);
+
+ // Add the package back
+ newExcludedUids.add(PKG_UIDS[0]);
+ sPackages.put(PKGS[0], PKG_UIDS[0]);
+ vpn.refreshPlatformVpnAppExclusionList();
+
+ // List in keystore is not changed and the uid list should be updated in the net cap.
+ assertEquals(Arrays.asList(PKGS), vpn.getAppExclusionList(TEST_VPN_PKG));
+ assertEquals(makeVpnUidRange(PRIMARY_USER.id, newExcludedUids),
+ vpn.mNetworkCapabilities.getUids());
+ verify(mMockNetworkAgent).doSendNetworkCapabilities(ncCaptor.capture());
+ assertEquals(makeVpnUidRange(PRIMARY_USER.id, newExcludedUids),
+ ncCaptor.getValue().getUids());
+ }
+
+ private Set<Range<Integer>> makeVpnUidRange(int userId, List<Integer> excludedList) {
+ final SortedSet<Integer> list = new TreeSet<>();
+
+ final int userBase = userId * UserHandle.PER_USER_RANGE;
+ for (int uid : excludedList) {
+ final int applicationUid = UserHandle.getUid(userId, uid);
+ list.add(applicationUid);
+ list.add(Process.toSdkSandboxUid(applicationUid)); // Add Sdk Sandbox UID
+ }
+
+ final int minUid = userBase;
+ final int maxUid = userBase + UserHandle.PER_USER_RANGE - 1;
+ final Set<Range<Integer>> ranges = new ArraySet<>();
+
+ // Iterate the list to create the ranges between each uid.
+ int start = minUid;
+ for (int uid : list) {
+ if (uid == start) {
+ start++;
+ } else {
+ ranges.add(new Range<>(start, uid - 1));
+ start = uid + 1;
+ }
+ }
+
+ // Create the range between last uid and max uid.
+ if (start <= maxUid) {
+ ranges.add(new Range<>(start, maxUid));
+ }
+
+ return ranges;
+ }
+
+ @Test
public void testSetAndGetAppExclusionListRestrictedUser() throws Exception {
final Vpn vpn = prepareVpnForVerifyAppExclusionList();
+
// Mock it to restricted profile
- when(mUserManager.getUserInfo(anyInt())).thenReturn(restrictedProfileA);
+ when(mUserManager.getUserInfo(anyInt())).thenReturn(RESTRICTED_PROFILE_A);
+
// Restricted users cannot configure VPNs
assertThrows(SecurityException.class,
() -> vpn.setAppExclusionList(TEST_VPN_PKG, new ArrayList<>()));
- assertThrows(SecurityException.class, () -> vpn.getAppExclusionList(TEST_VPN_PKG));
+
+ assertEquals(Arrays.asList(PKGS), vpn.getAppExclusionList(TEST_VPN_PKG));
}
@Test
@@ -883,7 +994,7 @@
public void testProvisionVpnProfileRestrictedUser() throws Exception {
final Vpn vpn =
createVpnAndSetupUidChecks(
- restrictedProfileA, AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
+ RESTRICTED_PROFILE_A, AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
try {
vpn.provisionVpnProfile(TEST_VPN_PKG, mVpnProfile);
@@ -906,7 +1017,7 @@
public void testDeleteVpnProfileRestrictedUser() throws Exception {
final Vpn vpn =
createVpnAndSetupUidChecks(
- restrictedProfileA, AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
+ RESTRICTED_PROFILE_A, AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
try {
vpn.deleteVpnProfile(TEST_VPN_PKG);
@@ -1029,7 +1140,7 @@
public void testStartVpnProfileRestrictedUser() throws Exception {
final Vpn vpn =
createVpnAndSetupUidChecks(
- restrictedProfileA, AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
+ RESTRICTED_PROFILE_A, AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
try {
vpn.startVpnProfile(TEST_VPN_PKG);
@@ -1042,7 +1153,7 @@
public void testStopVpnProfileRestrictedUser() throws Exception {
final Vpn vpn =
createVpnAndSetupUidChecks(
- restrictedProfileA, AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
+ RESTRICTED_PROFILE_A, AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
try {
vpn.stopVpnProfile(TEST_VPN_PKG);
@@ -1053,7 +1164,6 @@
@Test
public void testStartOpAndFinishOpWillBeCalledWhenPlatformVpnIsOnAndOff() throws Exception {
- assumeTrue(SdkLevel.isAtLeastT());
final Vpn vpn = createVpnAndSetupUidChecks(AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
when(mVpnProfileStore.get(vpn.getProfileNameForPackage(TEST_VPN_PKG)))
.thenReturn(mVpnProfile.encode());
@@ -1079,7 +1189,6 @@
@Test
public void testStartOpWithSeamlessHandover() throws Exception {
- assumeTrue(SdkLevel.isAtLeastT());
final Vpn vpn = createVpnAndSetupUidChecks(AppOpsManager.OPSTR_ACTIVATE_VPN);
assertTrue(vpn.prepare(TEST_VPN_PKG, null, VpnManager.TYPE_VPN_SERVICE));
final VpnConfig config = new VpnConfig();
@@ -1111,9 +1220,9 @@
}
private void verifyVpnManagerEvent(String sessionKey, String category, int errorClass,
- int errorCode, VpnProfileState... profileState) {
+ int errorCode, String[] packageName, VpnProfileState... profileState) {
final Context userContext =
- mContext.createContextAsUser(UserHandle.of(primaryUser.id), 0 /* flags */);
+ mContext.createContextAsUser(UserHandle.of(PRIMARY_USER.id), 0 /* flags */);
final ArgumentCaptor<Intent> intentArgumentCaptor = ArgumentCaptor.forClass(Intent.class);
final int verifyTimes = (profileState == null) ? 1 : profileState.length;
@@ -1121,9 +1230,11 @@
for (int i = 0; i < verifyTimes; i++) {
final Intent intent = intentArgumentCaptor.getAllValues().get(i);
+ assertEquals(packageName[i], intent.getPackage());
assertEquals(sessionKey, intent.getStringExtra(VpnManager.EXTRA_SESSION_KEY));
final Set<String> categories = intent.getCategories();
assertTrue(categories.contains(category));
+ assertEquals(1, categories.size());
assertEquals(errorClass,
intent.getIntExtra(VpnManager.EXTRA_ERROR_CLASS, -1 /* defaultValue */));
assertEquals(errorCode,
@@ -1136,9 +1247,21 @@
reset(userContext);
}
+ private void verifyDeactivatedByUser(String sessionKey, String[] packageName) {
+ // CATEGORY_EVENT_DEACTIVATED_BY_USER is not an error event, so both of errorClass and
+ // errorCode won't be set.
+ verifyVpnManagerEvent(sessionKey, VpnManager.CATEGORY_EVENT_DEACTIVATED_BY_USER,
+ -1 /* errorClass */, -1 /* errorCode */, packageName, null /* profileState */);
+ }
+
+ private void verifyAlwaysOnStateChanged(String[] packageName, VpnProfileState... profileState) {
+ verifyVpnManagerEvent(null /* sessionKey */,
+ VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED, -1 /* errorClass */,
+ -1 /* errorCode */, packageName, profileState);
+ }
+
@Test
public void testVpnManagerEventForUserDeactivated() throws Exception {
- assumeTrue(SdkLevel.isAtLeastT());
// For security reasons, Vpn#prepare() will check that oldPackage and newPackage are either
// null or the package of the caller. This test will call Vpn#prepare() to pretend the old
// VPN is replaced by a new one. But only Settings can change to some other packages, and
@@ -1156,10 +1279,7 @@
verifyPlatformVpnIsDeactivated(TEST_VPN_PKG);
verifyPowerSaveTempWhitelistApp(TEST_VPN_PKG);
reset(mDeviceIdleInternal);
- // CATEGORY_EVENT_DEACTIVATED_BY_USER is not an error event, so both of errorClass and
- // errorCode won't be set.
- verifyVpnManagerEvent(sessionKey1, VpnManager.CATEGORY_EVENT_DEACTIVATED_BY_USER,
- -1 /* errorClass */, -1 /* errorCode */, null /* profileState */);
+ verifyDeactivatedByUser(sessionKey1, new String[] {TEST_VPN_PKG});
reset(mAppOps);
// Test the case that the user chooses another vpn and the original one is replaced.
@@ -1169,26 +1289,21 @@
verifyPlatformVpnIsDeactivated(TEST_VPN_PKG);
verifyPowerSaveTempWhitelistApp(TEST_VPN_PKG);
reset(mDeviceIdleInternal);
- // CATEGORY_EVENT_DEACTIVATED_BY_USER is not an error event, so both of errorClass and
- // errorCode won't be set.
- verifyVpnManagerEvent(sessionKey2, VpnManager.CATEGORY_EVENT_DEACTIVATED_BY_USER,
- -1 /* errorClass */, -1 /* errorCode */, null /* profileState */);
+ verifyDeactivatedByUser(sessionKey2, new String[] {TEST_VPN_PKG});
}
@Test
public void testVpnManagerEventForAlwaysOnChanged() throws Exception {
- assumeTrue(SdkLevel.isAtLeastT());
// Calling setAlwaysOnPackage() needs to hold CONTROL_VPN.
doReturn(PERMISSION_GRANTED).when(mContext).checkCallingOrSelfPermission(CONTROL_VPN);
- final Vpn vpn = createVpn(primaryUser.id);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
// Enable VPN always-on for PKGS[1].
assertTrue(vpn.setAlwaysOnPackage(PKGS[1], false /* lockdown */,
null /* lockdownAllowlist */));
verifyPowerSaveTempWhitelistApp(PKGS[1]);
reset(mDeviceIdleInternal);
- verifyVpnManagerEvent(null /* sessionKey */,
- VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED, -1 /* errorClass */,
- -1 /* errorCode */, new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
+ verifyAlwaysOnStateChanged(new String[] {PKGS[1]},
+ new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
null /* sessionKey */, true /* alwaysOn */, false /* lockdown */));
// Enable VPN lockdown for PKGS[1].
@@ -1196,9 +1311,8 @@
null /* lockdownAllowlist */));
verifyPowerSaveTempWhitelistApp(PKGS[1]);
reset(mDeviceIdleInternal);
- verifyVpnManagerEvent(null /* sessionKey */,
- VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED, -1 /* errorClass */,
- -1 /* errorCode */, new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
+ verifyAlwaysOnStateChanged(new String[] {PKGS[1]},
+ new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
null /* sessionKey */, true /* alwaysOn */, true /* lockdown */));
// Disable VPN lockdown for PKGS[1].
@@ -1206,9 +1320,8 @@
null /* lockdownAllowlist */));
verifyPowerSaveTempWhitelistApp(PKGS[1]);
reset(mDeviceIdleInternal);
- verifyVpnManagerEvent(null /* sessionKey */,
- VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED, -1 /* errorClass */,
- -1 /* errorCode */, new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
+ verifyAlwaysOnStateChanged(new String[] {PKGS[1]},
+ new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
null /* sessionKey */, true /* alwaysOn */, false /* lockdown */));
// Disable VPN always-on.
@@ -1216,9 +1329,8 @@
null /* lockdownAllowlist */));
verifyPowerSaveTempWhitelistApp(PKGS[1]);
reset(mDeviceIdleInternal);
- verifyVpnManagerEvent(null /* sessionKey */,
- VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED, -1 /* errorClass */,
- -1 /* errorCode */, new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
+ verifyAlwaysOnStateChanged(new String[] {PKGS[1]},
+ new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
null /* sessionKey */, false /* alwaysOn */, false /* lockdown */));
// Enable VPN always-on for PKGS[1] again.
@@ -1226,9 +1338,8 @@
null /* lockdownAllowlist */));
verifyPowerSaveTempWhitelistApp(PKGS[1]);
reset(mDeviceIdleInternal);
- verifyVpnManagerEvent(null /* sessionKey */,
- VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED, -1 /* errorClass */,
- -1 /* errorCode */, new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
+ verifyAlwaysOnStateChanged(new String[] {PKGS[1]},
+ new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
null /* sessionKey */, true /* alwaysOn */, false /* lockdown */));
// Enable VPN always-on for PKGS[2].
@@ -1240,15 +1351,39 @@
// Pass 2 VpnProfileState objects to verifyVpnManagerEvent(), the first one is sent to
// PKGS[1] to notify PKGS[1] that the VPN always-on is disabled, the second one is sent to
// PKGS[2] to notify PKGS[2] that the VPN always-on is enabled.
- verifyVpnManagerEvent(null /* sessionKey */,
- VpnManager.CATEGORY_EVENT_ALWAYS_ON_STATE_CHANGED, -1 /* errorClass */,
- -1 /* errorCode */, new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
+ verifyAlwaysOnStateChanged(new String[] {PKGS[1], PKGS[2]},
+ new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
null /* sessionKey */, false /* alwaysOn */, false /* lockdown */),
new VpnProfileState(VpnProfileState.STATE_DISCONNECTED,
null /* sessionKey */, true /* alwaysOn */, false /* lockdown */));
}
@Test
+ public void testReconnectVpnManagerVpnWithAlwaysOnEnabled() throws Exception {
+ final Vpn vpn = createVpnAndSetupUidChecks(AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
+ when(mVpnProfileStore.get(vpn.getProfileNameForPackage(TEST_VPN_PKG)))
+ .thenReturn(mVpnProfile.encode());
+ vpn.startVpnProfile(TEST_VPN_PKG);
+ verifyPlatformVpnIsActivated(TEST_VPN_PKG);
+
+ // Enable VPN always-on for TEST_VPN_PKG.
+ assertTrue(vpn.setAlwaysOnPackage(TEST_VPN_PKG, false /* lockdown */,
+ null /* lockdownAllowlist */));
+
+ // Reset to verify next startVpnProfile.
+ reset(mAppOps);
+
+ vpn.stopVpnProfile(TEST_VPN_PKG);
+
+ // Reconnect the vpn with different package will cause exception.
+ assertThrows(SecurityException.class, () -> vpn.startVpnProfile(PKGS[0]));
+
+ // Reconnect the vpn again with the vpn always on package w/o exception.
+ vpn.startVpnProfile(TEST_VPN_PKG);
+ verifyPlatformVpnIsActivated(TEST_VPN_PKG);
+ }
+
+ @Test
public void testSetPackageAuthorizationVpnService() throws Exception {
final Vpn vpn = createVpnAndSetupUidChecks();
@@ -1297,7 +1432,7 @@
final ArgumentCaptor<NetworkCallback> networkCallbackCaptor =
ArgumentCaptor.forClass(NetworkCallback.class);
verify(mConnectivityManager, timeout(TEST_TIMEOUT_MS))
- .requestNetwork(any(), networkCallbackCaptor.capture());
+ .registerSystemDefaultNetworkCallback(networkCallbackCaptor.capture(), any());
// onAvailable() will trigger onDefaultNetworkChanged(), so NetdUtils#setInterfaceUp will be
// invoked. Set the return value of INetd#interfaceGetCfg to prevent NullPointerException.
@@ -1315,7 +1450,7 @@
config -> Arrays.asList(config.flags).contains(flag)));
}
- private void setupPlatformVpnWithSpecificExceptionAndItsErrorCode(IkeException exception,
+ private void doTestPlatformVpnWithException(IkeException exception,
String category, int errorType, int errorCode) throws Exception {
final ArgumentCaptor<IkeSessionCallback> captor =
ArgumentCaptor.forClass(IkeSessionCallback.class);
@@ -1333,24 +1468,56 @@
// state
verify(mIkev2SessionCreator, timeout(TEST_TIMEOUT_MS))
.createIkeSession(any(), any(), any(), any(), captor.capture(), any());
+ reset(mIkev2SessionCreator);
final IkeSessionCallback ikeCb = captor.getValue();
ikeCb.onClosedWithException(exception);
verifyPowerSaveTempWhitelistApp(TEST_VPN_PKG);
reset(mDeviceIdleInternal);
- verifyVpnManagerEvent(sessionKey, category, errorType, errorCode, null /* profileState */);
+ verifyVpnManagerEvent(sessionKey, category, errorType, errorCode,
+ new String[] {TEST_VPN_PKG}, null /* profileState */);
if (errorType == VpnManager.ERROR_CLASS_NOT_RECOVERABLE) {
verify(mConnectivityManager, timeout(TEST_TIMEOUT_MS))
.unregisterNetworkCallback(eq(cb));
+ } else if (errorType == VpnManager.ERROR_CLASS_RECOVERABLE) {
+ int retryIndex = 0;
+ final IkeSessionCallback ikeCb2 = verifyRetryAndGetNewIkeCb(retryIndex++);
+
+ ikeCb2.onClosedWithException(exception);
+ verifyRetryAndGetNewIkeCb(retryIndex++);
}
}
+ private IkeSessionCallback verifyRetryAndGetNewIkeCb(int retryIndex) {
+ final ArgumentCaptor<Runnable> runnableCaptor =
+ ArgumentCaptor.forClass(Runnable.class);
+ final ArgumentCaptor<IkeSessionCallback> ikeCbCaptor =
+ ArgumentCaptor.forClass(IkeSessionCallback.class);
+
+ // Verify retry is scheduled
+ final long expectedDelay = mTestDeps.getNextRetryDelaySeconds(retryIndex);
+ verify(mExecutor).schedule(runnableCaptor.capture(), eq(expectedDelay), any());
+
+ // Mock the event of firing the retry task
+ runnableCaptor.getValue().run();
+
+ verify(mIkev2SessionCreator)
+ .createIkeSession(any(), any(), any(), any(), ikeCbCaptor.capture(), any());
+
+ // Forget the mIkev2SessionCreator#createIkeSession call and mExecutor#schedule call
+ // for the next retry verification
+ resetIkev2SessionCreator(mIkeSessionWrapper);
+ resetExecutor(mScheduledFuture);
+
+ return ikeCbCaptor.getValue();
+ }
+
@Test
public void testStartPlatformVpnAuthenticationFailed() throws Exception {
final IkeProtocolException exception = mock(IkeProtocolException.class);
final int errorCode = IkeProtocolException.ERROR_TYPE_AUTHENTICATION_FAILED;
when(exception.getErrorType()).thenReturn(errorCode);
- setupPlatformVpnWithSpecificExceptionAndItsErrorCode(exception,
+ doTestPlatformVpnWithException(exception,
VpnManager.CATEGORY_EVENT_IKE_ERROR, VpnManager.ERROR_CLASS_NOT_RECOVERABLE,
errorCode);
}
@@ -1360,7 +1527,7 @@
final IkeProtocolException exception = mock(IkeProtocolException.class);
final int errorCode = IkeProtocolException.ERROR_TYPE_TEMPORARY_FAILURE;
when(exception.getErrorType()).thenReturn(errorCode);
- setupPlatformVpnWithSpecificExceptionAndItsErrorCode(exception,
+ doTestPlatformVpnWithException(exception,
VpnManager.CATEGORY_EVENT_IKE_ERROR, VpnManager.ERROR_CLASS_RECOVERABLE, errorCode);
}
@@ -1370,7 +1537,7 @@
final UnknownHostException unknownHostException = new UnknownHostException();
final int errorCode = VpnManager.ERROR_CODE_NETWORK_UNKNOWN_HOST;
when(exception.getCause()).thenReturn(unknownHostException);
- setupPlatformVpnWithSpecificExceptionAndItsErrorCode(exception,
+ doTestPlatformVpnWithException(exception,
VpnManager.CATEGORY_EVENT_NETWORK_ERROR, VpnManager.ERROR_CLASS_RECOVERABLE,
errorCode);
}
@@ -1382,7 +1549,7 @@
new IkeTimeoutException("IkeTimeoutException");
final int errorCode = VpnManager.ERROR_CODE_NETWORK_PROTOCOL_TIMEOUT;
when(exception.getCause()).thenReturn(ikeTimeoutException);
- setupPlatformVpnWithSpecificExceptionAndItsErrorCode(exception,
+ doTestPlatformVpnWithException(exception,
VpnManager.CATEGORY_EVENT_NETWORK_ERROR, VpnManager.ERROR_CLASS_RECOVERABLE,
errorCode);
}
@@ -1391,7 +1558,7 @@
public void testStartPlatformVpnFailedWithIkeNetworkLostException() throws Exception {
final IkeNetworkLostException exception = new IkeNetworkLostException(
new Network(100));
- setupPlatformVpnWithSpecificExceptionAndItsErrorCode(exception,
+ doTestPlatformVpnWithException(exception,
VpnManager.CATEGORY_EVENT_NETWORK_ERROR, VpnManager.ERROR_CLASS_RECOVERABLE,
VpnManager.ERROR_CODE_NETWORK_LOST);
}
@@ -1402,7 +1569,7 @@
final IOException ioException = new IOException();
final int errorCode = VpnManager.ERROR_CODE_NETWORK_IO;
when(exception.getCause()).thenReturn(ioException);
- setupPlatformVpnWithSpecificExceptionAndItsErrorCode(exception,
+ doTestPlatformVpnWithException(exception,
VpnManager.CATEGORY_EVENT_NETWORK_ERROR, VpnManager.ERROR_CLASS_RECOVERABLE,
errorCode);
}
@@ -1411,7 +1578,7 @@
public void testStartPlatformVpnIllegalArgumentExceptionInSetup() throws Exception {
when(mIkev2SessionCreator.createIkeSession(any(), any(), any(), any(), any(), any()))
.thenThrow(new IllegalArgumentException());
- final Vpn vpn = startLegacyVpn(createVpn(primaryUser.id), mVpnProfile);
+ final Vpn vpn = startLegacyVpn(createVpn(PRIMARY_USER.id), mVpnProfile);
final NetworkCallback cb = triggerOnAvailableAndGetCallback();
verifyInterfaceSetCfgWithFlags(IF_STATE_UP);
@@ -1422,6 +1589,30 @@
assertEquals(LegacyVpnInfo.STATE_FAILED, vpn.getLegacyVpnInfo().state);
}
+ @Test
+ public void testVpnManagerEventWillNotBeSentToSettingsVpn() throws Exception {
+ startLegacyVpn(createVpn(PRIMARY_USER.id), mVpnProfile);
+ triggerOnAvailableAndGetCallback();
+
+ verifyInterfaceSetCfgWithFlags(IF_STATE_UP);
+
+ final IkeNonProtocolException exception = mock(IkeNonProtocolException.class);
+ final IkeTimeoutException ikeTimeoutException =
+ new IkeTimeoutException("IkeTimeoutException");
+ when(exception.getCause()).thenReturn(ikeTimeoutException);
+
+ final ArgumentCaptor<IkeSessionCallback> captor =
+ ArgumentCaptor.forClass(IkeSessionCallback.class);
+ verify(mIkev2SessionCreator, timeout(TEST_TIMEOUT_MS))
+ .createIkeSession(any(), any(), any(), any(), captor.capture(), any());
+ final IkeSessionCallback ikeCb = captor.getValue();
+ ikeCb.onClosedWithException(exception);
+
+ final Context userContext =
+ mContext.createContextAsUser(UserHandle.of(PRIMARY_USER.id), 0 /* flags */);
+ verify(userContext, never()).startService(any());
+ }
+
private void setAndVerifyAlwaysOnPackage(Vpn vpn, int uid, boolean lockdownEnabled) {
assertTrue(vpn.setAlwaysOnPackage(TEST_VPN_PKG, lockdownEnabled, null));
@@ -1431,18 +1622,18 @@
eq(AppOpsManager.MODE_ALLOWED));
verify(mSystemServices).settingsSecurePutStringForUser(
- eq(Settings.Secure.ALWAYS_ON_VPN_APP), eq(TEST_VPN_PKG), eq(primaryUser.id));
+ eq(Settings.Secure.ALWAYS_ON_VPN_APP), eq(TEST_VPN_PKG), eq(PRIMARY_USER.id));
verify(mSystemServices).settingsSecurePutIntForUser(
eq(Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN), eq(lockdownEnabled ? 1 : 0),
- eq(primaryUser.id));
+ eq(PRIMARY_USER.id));
verify(mSystemServices).settingsSecurePutStringForUser(
- eq(Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN_WHITELIST), eq(""), eq(primaryUser.id));
+ eq(Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN_WHITELIST), eq(""), eq(PRIMARY_USER.id));
}
@Test
public void testSetAndStartAlwaysOnVpn() throws Exception {
- final Vpn vpn = createVpn(primaryUser.id);
- setMockedUsers(primaryUser);
+ final Vpn vpn = createVpn(PRIMARY_USER.id);
+ setMockedUsers(PRIMARY_USER);
// UID checks must return a different UID; otherwise it'll be treated as already prepared.
final int uid = Process.myUid() + 1;
@@ -1459,7 +1650,7 @@
}
private Vpn startLegacyVpn(final Vpn vpn, final VpnProfile vpnProfile) throws Exception {
- setMockedUsers(primaryUser);
+ setMockedUsers(PRIMARY_USER);
// Dummy egress interface
final LinkProperties lp = new LinkProperties();
@@ -1473,11 +1664,265 @@
return vpn;
}
+ private IkeSessionConnectionInfo createIkeConnectInfo() {
+ return new IkeSessionConnectionInfo(TEST_VPN_CLIENT_IP, TEST_VPN_SERVER_IP, TEST_NETWORK);
+ }
+
+ private IkeSessionConnectionInfo createIkeConnectInfo_2() {
+ return new IkeSessionConnectionInfo(
+ TEST_VPN_CLIENT_IP_2, TEST_VPN_SERVER_IP_2, TEST_NETWORK_2);
+ }
+
+ private IkeSessionConfiguration createIkeConfig(
+ IkeSessionConnectionInfo ikeConnectInfo, boolean isMobikeEnabled) {
+ final IkeSessionConfiguration.Builder builder =
+ new IkeSessionConfiguration.Builder(ikeConnectInfo);
+
+ if (isMobikeEnabled) {
+ builder.addIkeExtension(EXTENSION_TYPE_MOBIKE);
+ }
+
+ return builder.build();
+ }
+
+ private ChildSessionConfiguration createChildConfig() {
+ return new ChildSessionConfiguration.Builder(Arrays.asList(IN_TS), Arrays.asList(OUT_TS))
+ .addInternalAddress(new LinkAddress(TEST_VPN_INTERNAL_IP, IP4_PREFIX_LEN))
+ .addInternalDnsServer(TEST_VPN_INTERNAL_DNS)
+ .build();
+ }
+
+ private IpSecTransform createIpSecTransform() {
+ return new IpSecTransform(mContext, new IpSecConfig());
+ }
+
+ private void verifyApplyTunnelModeTransforms(int expectedTimes) throws Exception {
+ verify(mIpSecService, times(expectedTimes)).applyTunnelModeTransform(
+ eq(TEST_TUNNEL_RESOURCE_ID), eq(IpSecManager.DIRECTION_IN),
+ anyInt(), anyString());
+ verify(mIpSecService, times(expectedTimes)).applyTunnelModeTransform(
+ eq(TEST_TUNNEL_RESOURCE_ID), eq(IpSecManager.DIRECTION_OUT),
+ anyInt(), anyString());
+ }
+
+ private Pair<IkeSessionCallback, ChildSessionCallback> verifyCreateIkeAndCaptureCbs()
+ throws Exception {
+ final ArgumentCaptor<IkeSessionCallback> ikeCbCaptor =
+ ArgumentCaptor.forClass(IkeSessionCallback.class);
+ final ArgumentCaptor<ChildSessionCallback> childCbCaptor =
+ ArgumentCaptor.forClass(ChildSessionCallback.class);
+
+ verify(mIkev2SessionCreator, timeout(TEST_TIMEOUT_MS)).createIkeSession(
+ any(), any(), any(), any(), ikeCbCaptor.capture(), childCbCaptor.capture());
+
+ return new Pair<>(ikeCbCaptor.getValue(), childCbCaptor.getValue());
+ }
+
+ private static class PlatformVpnSnapshot {
+ public final Vpn vpn;
+ public final NetworkCallback nwCb;
+ public final IkeSessionCallback ikeCb;
+ public final ChildSessionCallback childCb;
+
+ PlatformVpnSnapshot(Vpn vpn, NetworkCallback nwCb,
+ IkeSessionCallback ikeCb, ChildSessionCallback childCb) {
+ this.vpn = vpn;
+ this.nwCb = nwCb;
+ this.ikeCb = ikeCb;
+ this.childCb = childCb;
+ }
+ }
+
+ private PlatformVpnSnapshot verifySetupPlatformVpn(IkeSessionConfiguration ikeConfig)
+ throws Exception {
+ doReturn(mMockNetworkAgent).when(mTestDeps)
+ .newNetworkAgent(
+ any(), any(), anyString(), any(), any(), any(), any(), any());
+
+ final Vpn vpn = createVpnAndSetupUidChecks(AppOpsManager.OPSTR_ACTIVATE_PLATFORM_VPN);
+ when(mVpnProfileStore.get(vpn.getProfileNameForPackage(TEST_VPN_PKG)))
+ .thenReturn(mVpnProfile.encode());
+
+ vpn.startVpnProfile(TEST_VPN_PKG);
+ final NetworkCallback nwCb = triggerOnAvailableAndGetCallback();
+
+ // Mock the setup procedure by firing callbacks
+ final Pair<IkeSessionCallback, ChildSessionCallback> cbPair =
+ verifyCreateIkeAndCaptureCbs();
+ final IkeSessionCallback ikeCb = cbPair.first;
+ final ChildSessionCallback childCb = cbPair.second;
+
+ ikeCb.onOpened(ikeConfig);
+ childCb.onIpSecTransformCreated(createIpSecTransform(), IpSecManager.DIRECTION_IN);
+ childCb.onIpSecTransformCreated(createIpSecTransform(), IpSecManager.DIRECTION_OUT);
+ childCb.onOpened(createChildConfig());
+
+ // Verification VPN setup
+ verifyApplyTunnelModeTransforms(1);
+
+ ArgumentCaptor<LinkProperties> lpCaptor = ArgumentCaptor.forClass(LinkProperties.class);
+ ArgumentCaptor<NetworkCapabilities> ncCaptor =
+ ArgumentCaptor.forClass(NetworkCapabilities.class);
+ ArgumentCaptor<NetworkAgentConfig> nacCaptor =
+ ArgumentCaptor.forClass(NetworkAgentConfig.class);
+ verify(mTestDeps).newNetworkAgent(
+ any(), any(), anyString(), ncCaptor.capture(), lpCaptor.capture(),
+ any(), nacCaptor.capture(), any());
+
+ // Check LinkProperties
+ final LinkProperties lp = lpCaptor.getValue();
+ final List<RouteInfo> expectedRoutes = Arrays.asList(
+ new RouteInfo(new IpPrefix(Inet4Address.ANY, 0), null /*gateway*/,
+ TEST_IFACE_NAME, RouteInfo.RTN_UNICAST),
+ new RouteInfo(new IpPrefix(Inet6Address.ANY, 0), null /*gateway*/,
+ TEST_IFACE_NAME, RTN_UNREACHABLE));
+ assertEquals(expectedRoutes, lp.getRoutes());
+
+ // Check internal addresses
+ final List<LinkAddress> expectedAddresses =
+ Arrays.asList(new LinkAddress(TEST_VPN_INTERNAL_IP, IP4_PREFIX_LEN));
+ assertEquals(expectedAddresses, lp.getLinkAddresses());
+
+ // Check internal DNS
+ assertEquals(Arrays.asList(TEST_VPN_INTERNAL_DNS), lp.getDnsServers());
+
+ // Check NetworkCapabilities
+ assertEquals(Arrays.asList(TEST_NETWORK), ncCaptor.getValue().getUnderlyingNetworks());
+
+ // Check if allowBypass is set or not.
+ assertTrue(nacCaptor.getValue().isBypassableVpn());
+
+ return new PlatformVpnSnapshot(vpn, nwCb, ikeCb, childCb);
+ }
+
@Test
public void testStartPlatformVpn() throws Exception {
- startLegacyVpn(createVpn(primaryUser.id), mVpnProfile);
- // TODO: Test the Ikev2VpnRunner started up properly. Relies on utility methods added in
- // a subsequent patch.
+ final PlatformVpnSnapshot vpnSnapShot = verifySetupPlatformVpn(
+ createIkeConfig(createIkeConnectInfo(), true /* isMobikeEnabled */));
+ vpnSnapShot.vpn.mVpnRunner.exitVpnRunner();
+ }
+
+ @Test
+ public void testStartPlatformVpnMobility_mobikeEnabled() throws Exception {
+ final PlatformVpnSnapshot vpnSnapShot = verifySetupPlatformVpn(
+ createIkeConfig(createIkeConnectInfo(), true /* isMobikeEnabled */));
+
+ // Mock network loss and verify a cleanup task is scheduled
+ vpnSnapShot.nwCb.onLost(TEST_NETWORK);
+ verify(mExecutor).schedule(any(Runnable.class), anyLong(), any());
+
+ // Mock new network comes up and the cleanup task is cancelled
+ vpnSnapShot.nwCb.onAvailable(TEST_NETWORK_2);
+ verify(mScheduledFuture).cancel(anyBoolean());
+
+ // Verify MOBIKE is triggered
+ verify(mIkeSessionWrapper).setNetwork(TEST_NETWORK_2);
+
+ // Mock the MOBIKE procedure
+ vpnSnapShot.ikeCb.onIkeSessionConnectionInfoChanged(createIkeConnectInfo_2());
+ vpnSnapShot.childCb.onIpSecTransformsMigrated(
+ createIpSecTransform(), createIpSecTransform());
+
+ verify(mIpSecService).setNetworkForTunnelInterface(
+ eq(TEST_TUNNEL_RESOURCE_ID), eq(TEST_NETWORK_2), anyString());
+
+ // Expect 2 times: one for initial setup and one for MOBIKE
+ verifyApplyTunnelModeTransforms(2);
+
+ // Verify mNetworkCapabilities and mNetworkAgent are updated
+ assertEquals(
+ Collections.singletonList(TEST_NETWORK_2),
+ vpnSnapShot.vpn.mNetworkCapabilities.getUnderlyingNetworks());
+ verify(mMockNetworkAgent)
+ .doSetUnderlyingNetworks(Collections.singletonList(TEST_NETWORK_2));
+
+ vpnSnapShot.vpn.mVpnRunner.exitVpnRunner();
+ }
+
+ @Test
+ public void testStartPlatformVpnReestablishes_mobikeDisabled() throws Exception {
+ final PlatformVpnSnapshot vpnSnapShot = verifySetupPlatformVpn(
+ createIkeConfig(createIkeConnectInfo(), false /* isMobikeEnabled */));
+
+ // Forget the first IKE creation to be prepared to capture callbacks of the second
+ // IKE session
+ resetIkev2SessionCreator(mock(Vpn.IkeSessionWrapper.class));
+
+ // Mock network switch
+ vpnSnapShot.nwCb.onLost(TEST_NETWORK);
+ vpnSnapShot.nwCb.onAvailable(TEST_NETWORK_2);
+
+ // Verify the old IKE Session is killed
+ verify(mIkeSessionWrapper).kill();
+
+ // Capture callbacks of the new IKE Session
+ final Pair<IkeSessionCallback, ChildSessionCallback> cbPair =
+ verifyCreateIkeAndCaptureCbs();
+ final IkeSessionCallback ikeCb = cbPair.first;
+ final ChildSessionCallback childCb = cbPair.second;
+
+ // Mock the IKE Session setup
+ ikeCb.onOpened(createIkeConfig(createIkeConnectInfo_2(), false /* isMobikeEnabled */));
+
+ childCb.onIpSecTransformCreated(createIpSecTransform(), IpSecManager.DIRECTION_IN);
+ childCb.onIpSecTransformCreated(createIpSecTransform(), IpSecManager.DIRECTION_OUT);
+ childCb.onOpened(createChildConfig());
+
+ // Expect 2 times since there have been two Session setups
+ verifyApplyTunnelModeTransforms(2);
+
+ // Verify mNetworkCapabilities and mNetworkAgent are updated
+ assertEquals(
+ Collections.singletonList(TEST_NETWORK_2),
+ vpnSnapShot.vpn.mNetworkCapabilities.getUnderlyingNetworks());
+ verify(mMockNetworkAgent)
+ .doSetUnderlyingNetworks(Collections.singletonList(TEST_NETWORK_2));
+
+ vpnSnapShot.vpn.mVpnRunner.exitVpnRunner();
+ }
+
+ private void verifyHandlingNetworkLoss(PlatformVpnSnapshot vpnSnapShot) throws Exception {
+ // Forget the #sendLinkProperties during first setup.
+ reset(mMockNetworkAgent);
+
+ final ArgumentCaptor<Runnable> runnableCaptor =
+ ArgumentCaptor.forClass(Runnable.class);
+
+ // Mock network loss
+ vpnSnapShot.nwCb.onLost(TEST_NETWORK);
+
+ // Mock the grace period expires
+ verify(mExecutor).schedule(runnableCaptor.capture(), anyLong(), any());
+ runnableCaptor.getValue().run();
+
+ final ArgumentCaptor<LinkProperties> lpCaptor =
+ ArgumentCaptor.forClass(LinkProperties.class);
+ verify(mMockNetworkAgent).doSendLinkProperties(lpCaptor.capture());
+ final LinkProperties lp = lpCaptor.getValue();
+
+ assertNull(lp.getInterfaceName());
+ final List<RouteInfo> expectedRoutes = Arrays.asList(
+ new RouteInfo(new IpPrefix(Inet4Address.ANY, 0), null /* gateway */,
+ null /* iface */, RTN_UNREACHABLE),
+ new RouteInfo(new IpPrefix(Inet6Address.ANY, 0), null /* gateway */,
+ null /* iface */, RTN_UNREACHABLE));
+ assertEquals(expectedRoutes, lp.getRoutes());
+
+ verify(mMockNetworkAgent).unregister();
+ }
+
+ @Test
+ public void testStartPlatformVpnHandlesNetworkLoss_mobikeEnabled() throws Exception {
+ final PlatformVpnSnapshot vpnSnapShot = verifySetupPlatformVpn(
+ createIkeConfig(createIkeConnectInfo(), true /* isMobikeEnabled */));
+ verifyHandlingNetworkLoss(vpnSnapShot);
+ }
+
+ @Test
+ public void testStartPlatformVpnHandlesNetworkLoss_mobikeDisabled() throws Exception {
+ final PlatformVpnSnapshot vpnSnapShot = verifySetupPlatformVpn(
+ createIkeConfig(createIkeConnectInfo(), false /* isMobikeEnabled */));
+ verifyHandlingNetworkLoss(vpnSnapShot);
}
@Test
@@ -1490,6 +1935,16 @@
startRacoon("hostname", "5.6.7.8"); // address returned by deps.resolve
}
+ @Test
+ public void testStartPptp() throws Exception {
+ startPptp(true /* useMppe */);
+ }
+
+ @Test
+ public void testStartPptp_NoMppe() throws Exception {
+ startPptp(false /* useMppe */);
+ }
+
private void assertTransportInfoMatches(NetworkCapabilities nc, int type) {
assertNotNull(nc);
VpnTransportInfo ti = (VpnTransportInfo) nc.getTransportInfo();
@@ -1497,6 +1952,48 @@
assertEquals(type, ti.getType());
}
+ private void startPptp(boolean useMppe) throws Exception {
+ final VpnProfile profile = new VpnProfile("testProfile" /* key */);
+ profile.type = VpnProfile.TYPE_PPTP;
+ profile.name = "testProfileName";
+ profile.username = "userName";
+ profile.password = "thePassword";
+ profile.server = "192.0.2.123";
+ profile.mppe = useMppe;
+
+ doReturn(new Network[] { new Network(101) }).when(mConnectivityManager).getAllNetworks();
+ doReturn(new Network(102)).when(mConnectivityManager).registerNetworkAgent(any(), any(),
+ any(), any(), any(), any(), anyInt());
+
+ final Vpn vpn = startLegacyVpn(createVpn(PRIMARY_USER.id), profile);
+ final TestDeps deps = (TestDeps) vpn.mDeps;
+
+ testAndCleanup(() -> {
+ final String[] mtpdArgs = deps.mtpdArgs.get(10, TimeUnit.SECONDS);
+ final String[] argsPrefix = new String[]{
+ EGRESS_IFACE, "pptp", profile.server, "1723", "name", profile.username,
+ "password", profile.password, "linkname", "vpn", "refuse-eap", "nodefaultroute",
+ "usepeerdns", "idle", "1800", "mtu", "1270", "mru", "1270"
+ };
+ assertArrayEquals(argsPrefix, Arrays.copyOf(mtpdArgs, argsPrefix.length));
+ if (useMppe) {
+ assertEquals(argsPrefix.length + 2, mtpdArgs.length);
+ assertEquals("+mppe", mtpdArgs[argsPrefix.length]);
+ assertEquals("-pap", mtpdArgs[argsPrefix.length + 1]);
+ } else {
+ assertEquals(argsPrefix.length + 1, mtpdArgs.length);
+ assertEquals("nomppe", mtpdArgs[argsPrefix.length]);
+ }
+
+ verify(mConnectivityManager, timeout(10_000)).registerNetworkAgent(any(), any(),
+ any(), any(), any(), any(), anyInt());
+ }, () -> { // Cleanup
+ vpn.mVpnRunner.exitVpnRunner();
+ deps.getStateFile().delete(); // set to delete on exit, but this deletes it earlier
+ vpn.mVpnRunner.join(10_000); // wait for up to 10s for the runner to die and cleanup
+ });
+ }
+
public void startRacoon(final String serverAddr, final String expectedAddr)
throws Exception {
final ConditionVariable legacyRunnerReady = new ConditionVariable();
@@ -1519,7 +2016,7 @@
legacyRunnerReady.open();
return new Network(102);
});
- final Vpn vpn = startLegacyVpn(createVpn(primaryUser.id), profile);
+ final Vpn vpn = startLegacyVpn(createVpn(PRIMARY_USER.id), profile);
final TestDeps deps = (TestDeps) vpn.mDeps;
try {
// udppsk and 1701 are the values for TYPE_L2TP_IPSEC_PSK
@@ -1560,7 +2057,8 @@
}
}
- private final class TestDeps extends Vpn.Dependencies {
+ // Make it public and un-final so as to spy it
+ public class TestDeps extends Vpn.Dependencies {
public final CompletableFuture<String[]> racoonArgs = new CompletableFuture();
public final CompletableFuture<String[]> mtpdArgs = new CompletableFuture();
public final File mStateFile;
@@ -1694,6 +2192,17 @@
public DeviceIdleInternal getDeviceIdleInternal() {
return mDeviceIdleInternal;
}
+
+ @Override
+ public long getNextRetryDelaySeconds(int retryCount) {
+ // Simply return retryCount as the delay seconds for retrying.
+ return retryCount;
+ }
+
+ @Override
+ public ScheduledThreadPoolExecutor newScheduledThreadPoolExecutor() {
+ return mExecutor;
+ }
}
/**
@@ -1705,7 +2214,7 @@
when(mContext.createContextAsUser(eq(UserHandle.of(userId)), anyInt()))
.thenReturn(asUserContext);
final TestLooper testLooper = new TestLooper();
- final Vpn vpn = new Vpn(testLooper.getLooper(), mContext, new TestDeps(), mNetService,
+ final Vpn vpn = new Vpn(testLooper.getLooper(), mContext, mTestDeps, mNetService,
mNetd, userId, mVpnProfileStore, mSystemServices, mIkev2SessionCreator);
verify(mConnectivityManager, times(1)).registerNetworkProvider(argThat(
provider -> provider.getName().contains("VpnNetworkProvider")
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/ConnectivityMonitorWithConnectivityManagerTests.java b/tests/unit/java/com/android/server/connectivity/mdns/ConnectivityMonitorWithConnectivityManagerTests.java
new file mode 100644
index 0000000..f84e2d8
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/ConnectivityMonitorWithConnectivityManagerTests.java
@@ -0,0 +1,138 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.inOrder;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+
+import android.content.Context;
+import android.net.ConnectivityManager;
+import android.net.ConnectivityManager.NetworkCallback;
+import android.net.Network;
+import android.net.NetworkRequest;
+
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InOrder;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+/** Tests for {@link ConnectivityMonitor}. */
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class ConnectivityMonitorWithConnectivityManagerTests {
+ @Mock private Context mContext;
+ @Mock private ConnectivityMonitor.Listener mockListener;
+ @Mock private ConnectivityManager mConnectivityManager;
+
+ private ConnectivityMonitorWithConnectivityManager monitor;
+
+ @Before
+ public void setUp() {
+ MockitoAnnotations.initMocks(this);
+ doReturn(mConnectivityManager).when(mContext)
+ .getSystemService(Context.CONNECTIVITY_SERVICE);
+ monitor = new ConnectivityMonitorWithConnectivityManager(mContext, mockListener);
+ }
+
+ @Test
+ public void testInitialState_shouldNotRegisterNetworkCallback() {
+ verifyNetworkCallbackRegistered(0 /* time */);
+ verifyNetworkCallbackUnregistered(0 /* time */);
+ }
+
+ @Test
+ public void testStartDiscovery_shouldRegisterNetworkCallback() {
+ monitor.startWatchingConnectivityChanges();
+
+ verifyNetworkCallbackRegistered(1 /* time */);
+ verifyNetworkCallbackUnregistered(0 /* time */);
+ }
+
+ @Test
+ public void testStartDiscoveryTwice_shouldRegisterOneNetworkCallback() {
+ monitor.startWatchingConnectivityChanges();
+ monitor.startWatchingConnectivityChanges();
+
+ verifyNetworkCallbackRegistered(1 /* time */);
+ verifyNetworkCallbackUnregistered(0 /* time */);
+ }
+
+ @Test
+ public void testStopDiscovery_shouldUnregisterNetworkCallback() {
+ monitor.startWatchingConnectivityChanges();
+ monitor.stopWatchingConnectivityChanges();
+
+ verifyNetworkCallbackRegistered(1 /* time */);
+ verifyNetworkCallbackUnregistered(1 /* time */);
+ }
+
+ @Test
+ public void testStopDiscoveryTwice_shouldUnregisterNetworkCallback() {
+ monitor.startWatchingConnectivityChanges();
+ monitor.stopWatchingConnectivityChanges();
+
+ verifyNetworkCallbackRegistered(1 /* time */);
+ verifyNetworkCallbackUnregistered(1 /* time */);
+ }
+
+ @Test
+ public void testIntentFired_shouldNotifyListener() {
+ InOrder inOrder = inOrder(mockListener);
+ monitor.startWatchingConnectivityChanges();
+
+ final ArgumentCaptor<NetworkCallback> callbackCaptor =
+ ArgumentCaptor.forClass(NetworkCallback.class);
+ verify(mConnectivityManager, times(1)).registerNetworkCallback(
+ any(NetworkRequest.class), callbackCaptor.capture());
+
+ final NetworkCallback callback = callbackCaptor.getValue();
+ final Network testNetwork = new Network(1 /* netId */);
+
+ // Simulate network available.
+ callback.onAvailable(testNetwork);
+ inOrder.verify(mockListener).onConnectivityChanged();
+
+ // Simulate network lost.
+ callback.onLost(testNetwork);
+ inOrder.verify(mockListener).onConnectivityChanged();
+
+ // Simulate network unavailable.
+ callback.onUnavailable();
+ inOrder.verify(mockListener).onConnectivityChanged();
+ }
+
+ private void verifyNetworkCallbackRegistered(int time) {
+ verify(mConnectivityManager, times(time)).registerNetworkCallback(
+ any(NetworkRequest.class), any(NetworkCallback.class));
+ }
+
+ private void verifyNetworkCallbackUnregistered(int time) {
+ verify(mConnectivityManager, times(time))
+ .unregisterNetworkCallback(any(NetworkCallback.class));
+ }
+}
\ No newline at end of file
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/MdnsDiscoveryManagerTests.java b/tests/unit/java/com/android/server/connectivity/mdns/MdnsDiscoveryManagerTests.java
new file mode 100644
index 0000000..3e3c3bf
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/MdnsDiscoveryManagerTests.java
@@ -0,0 +1,135 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import android.annotation.NonNull;
+import android.text.TextUtils;
+
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import java.io.IOException;
+import java.util.Collections;
+
+/** Tests for {@link MdnsDiscoveryManager}. */
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class MdnsDiscoveryManagerTests {
+
+ private static final String SERVICE_TYPE_1 = "_googlecast._tcp.local";
+ private static final String SERVICE_TYPE_2 = "_test._tcp.local";
+
+ @Mock private ExecutorProvider executorProvider;
+ @Mock private MdnsSocketClient socketClient;
+ @Mock private MdnsServiceTypeClient mockServiceTypeClientOne;
+ @Mock private MdnsServiceTypeClient mockServiceTypeClientTwo;
+
+ @Mock MdnsServiceBrowserListener mockListenerOne;
+ @Mock MdnsServiceBrowserListener mockListenerTwo;
+ private MdnsDiscoveryManager discoveryManager;
+
+ @Before
+ public void setUp() {
+ MockitoAnnotations.initMocks(this);
+
+ when(mockServiceTypeClientOne.getServiceTypeLabels())
+ .thenReturn(TextUtils.split(SERVICE_TYPE_1, "\\."));
+ when(mockServiceTypeClientTwo.getServiceTypeLabels())
+ .thenReturn(TextUtils.split(SERVICE_TYPE_2, "\\."));
+
+ discoveryManager = new MdnsDiscoveryManager(executorProvider, socketClient) {
+ @Override
+ MdnsServiceTypeClient createServiceTypeClient(@NonNull String serviceType) {
+ if (serviceType.equals(SERVICE_TYPE_1)) {
+ return mockServiceTypeClientOne;
+ } else if (serviceType.equals(SERVICE_TYPE_2)) {
+ return mockServiceTypeClientTwo;
+ }
+ return null;
+ }
+ };
+ }
+
+ @Test
+ public void registerListener_unregisterListener() throws IOException {
+ discoveryManager.registerListener(
+ SERVICE_TYPE_1, mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+ verify(socketClient).startDiscovery();
+ verify(mockServiceTypeClientOne)
+ .startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+
+ when(mockServiceTypeClientOne.stopSendAndReceive(mockListenerOne)).thenReturn(true);
+ discoveryManager.unregisterListener(SERVICE_TYPE_1, mockListenerOne);
+ verify(mockServiceTypeClientOne).stopSendAndReceive(mockListenerOne);
+ verify(socketClient).stopDiscovery();
+ }
+
+ @Test
+ public void registerMultipleListeners() throws IOException {
+ discoveryManager.registerListener(
+ SERVICE_TYPE_1, mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+ verify(socketClient).startDiscovery();
+ verify(mockServiceTypeClientOne)
+ .startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+
+ discoveryManager.registerListener(
+ SERVICE_TYPE_2, mockListenerTwo, MdnsSearchOptions.getDefaultOptions());
+ verify(mockServiceTypeClientTwo)
+ .startSendAndReceive(mockListenerTwo, MdnsSearchOptions.getDefaultOptions());
+ }
+
+ @Test
+ public void onResponseReceived() {
+ discoveryManager.registerListener(
+ SERVICE_TYPE_1, mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+ discoveryManager.registerListener(
+ SERVICE_TYPE_2, mockListenerTwo, MdnsSearchOptions.getDefaultOptions());
+
+ MdnsResponse responseForServiceTypeOne = createMockResponse(SERVICE_TYPE_1);
+ discoveryManager.onResponseReceived(responseForServiceTypeOne);
+ verify(mockServiceTypeClientOne).processResponse(responseForServiceTypeOne);
+
+ MdnsResponse responseForServiceTypeTwo = createMockResponse(SERVICE_TYPE_2);
+ discoveryManager.onResponseReceived(responseForServiceTypeTwo);
+ verify(mockServiceTypeClientTwo).processResponse(responseForServiceTypeTwo);
+
+ MdnsResponse responseForSubtype = createMockResponse("subtype._sub._googlecast._tcp.local");
+ discoveryManager.onResponseReceived(responseForSubtype);
+ verify(mockServiceTypeClientOne).processResponse(responseForSubtype);
+ }
+
+ private MdnsResponse createMockResponse(String serviceType) {
+ MdnsPointerRecord mockPointerRecord = mock(MdnsPointerRecord.class);
+ MdnsResponse mockResponse = mock(MdnsResponse.class);
+ when(mockResponse.getPointerRecords())
+ .thenReturn(Collections.singletonList(mockPointerRecord));
+ when(mockPointerRecord.getName()).thenReturn(TextUtils.split(serviceType, "\\."));
+ return mockResponse;
+ }
+}
\ No newline at end of file
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/MdnsPacketReaderTests.java b/tests/unit/java/com/android/server/connectivity/mdns/MdnsPacketReaderTests.java
new file mode 100644
index 0000000..19d8a00
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/MdnsPacketReaderTests.java
@@ -0,0 +1,86 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.fail;
+
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.util.Locale;
+
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class MdnsPacketReaderTests {
+
+ @Test
+ public void testLimits() throws IOException {
+ byte[] data = new byte[25];
+ DatagramPacket datagramPacket = new DatagramPacket(data, data.length);
+
+ // After creating a new reader, confirm that the remaining is equal to the packet length
+ // (or that there is no temporary limit).
+ MdnsPacketReader packetReader = new MdnsPacketReader(datagramPacket);
+ assertEquals(data.length, packetReader.getRemaining());
+
+ // Confirm that we can set the temporary limit to 0.
+ packetReader.setLimit(0);
+ assertEquals(0, packetReader.getRemaining());
+
+ // Confirm that we can clear the temporary limit, and restore to the length of the packet.
+ packetReader.clearLimit();
+ assertEquals(data.length, packetReader.getRemaining());
+
+ // Confirm that we can set the temporary limit to the actual length of the packet.
+ // While parsing packets, it is common to set the limit to the length of the packet.
+ packetReader.setLimit(data.length);
+ assertEquals(data.length, packetReader.getRemaining());
+
+ // Confirm that we ignore negative limits.
+ packetReader.setLimit(-10);
+ assertEquals(data.length, packetReader.getRemaining());
+
+ // Confirm that we can set the temporary limit to something less than the packet length.
+ packetReader.setLimit(data.length / 2);
+ assertEquals(data.length / 2, packetReader.getRemaining());
+
+ // Confirm that we throw an exception if trying to set the temporary limit beyond the
+ // packet length.
+ packetReader.clearLimit();
+ try {
+ packetReader.setLimit(data.length * 2 + 1);
+ fail("Should have thrown an IOException when trying to set the temporary limit beyond "
+ + "the packet length");
+ } catch (IOException e) {
+ // Expected
+ } catch (Exception e) {
+ fail(String.format(
+ Locale.ROOT,
+ "Should not have thrown any other exception except " + "for IOException: %s",
+ e.getMessage()));
+ }
+ assertEquals(data.length, packetReader.getRemaining());
+ }
+}
\ No newline at end of file
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/MdnsRecordTests.java b/tests/unit/java/com/android/server/connectivity/mdns/MdnsRecordTests.java
new file mode 100644
index 0000000..fdb4d4a
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/MdnsRecordTests.java
@@ -0,0 +1,324 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import android.util.Log;
+
+import com.android.net.module.util.HexDump;
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.InetSocketAddress;
+import java.util.List;
+
+// The record test data does not use compressed names (label pointers), since that would require
+// additional data to populate the label dictionary accordingly.
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class MdnsRecordTests {
+ private static final String TAG = "MdnsRecordTests";
+ private static final int MAX_PACKET_SIZE = 4096;
+ private static final InetSocketAddress MULTICAST_IPV4_ADDRESS =
+ new InetSocketAddress(MdnsConstants.getMdnsIPv4Address(), MdnsConstants.MDNS_PORT);
+ private static final InetSocketAddress MULTICAST_IPV6_ADDRESS =
+ new InetSocketAddress(MdnsConstants.getMdnsIPv6Address(), MdnsConstants.MDNS_PORT);
+
+ @Test
+ public void testInet4AddressRecord() throws IOException {
+ final byte[] dataIn = HexDump.hexStringToByteArray(
+ "0474657374000001" + "0001000011940004" + "0A010203");
+ assertNotNull(dataIn);
+ String dataInText = HexDump.dumpHexString(dataIn, 0, dataIn.length);
+
+ // Decode
+ DatagramPacket packet = new DatagramPacket(dataIn, dataIn.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+
+ String[] name = reader.readLabels();
+ assertNotNull(name);
+ assertEquals(1, name.length);
+ assertEquals("test", name[0]);
+ String fqdn = MdnsRecord.labelsToString(name);
+ assertEquals("test", fqdn);
+
+ int type = reader.readUInt16();
+ assertEquals(MdnsRecord.TYPE_A, type);
+
+ MdnsInetAddressRecord record = new MdnsInetAddressRecord(name, MdnsRecord.TYPE_A, reader);
+ Inet4Address addr = record.getInet4Address();
+ assertEquals("/10.1.2.3", addr.toString());
+
+ // Encode
+ MdnsPacketWriter writer = new MdnsPacketWriter(MAX_PACKET_SIZE);
+ record.write(writer, record.getReceiptTime());
+
+ packet = writer.getPacket(MULTICAST_IPV4_ADDRESS);
+ byte[] dataOut = packet.getData();
+
+ String dataOutText = HexDump.dumpHexString(dataOut, 0, packet.getLength());
+ Log.d(TAG, dataOutText);
+
+ assertEquals(dataInText, dataOutText);
+ }
+
+ @Test
+ public void testTypeAAAInet6AddressRecord() throws IOException {
+ final byte[] dataIn = HexDump.hexStringToByteArray(
+ "047465737400001C"
+ + "0001000011940010"
+ + "AABBCCDD11223344"
+ + "A0B0C0D010203040");
+ assertNotNull(dataIn);
+ String dataInText = HexDump.dumpHexString(dataIn, 0, dataIn.length);
+
+ // Decode
+ DatagramPacket packet = new DatagramPacket(dataIn, dataIn.length);
+ packet.setSocketAddress(
+ new InetSocketAddress(MdnsConstants.getMdnsIPv6Address(), MdnsConstants.MDNS_PORT));
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+
+ String[] name = reader.readLabels();
+ assertNotNull(name);
+ assertEquals(1, name.length);
+ String fqdn = MdnsRecord.labelsToString(name);
+ assertEquals("test", fqdn);
+
+ int type = reader.readUInt16();
+ assertEquals(MdnsRecord.TYPE_AAAA, type);
+
+ MdnsInetAddressRecord record = new MdnsInetAddressRecord(name, MdnsRecord.TYPE_AAAA,
+ reader);
+ assertNull(record.getInet4Address());
+ Inet6Address addr = record.getInet6Address();
+ assertEquals("/aabb:ccdd:1122:3344:a0b0:c0d0:1020:3040", addr.toString());
+
+ // Encode
+ MdnsPacketWriter writer = new MdnsPacketWriter(MAX_PACKET_SIZE);
+ record.write(writer, record.getReceiptTime());
+
+ packet = writer.getPacket(MULTICAST_IPV6_ADDRESS);
+ byte[] dataOut = packet.getData();
+
+ String dataOutText = HexDump.dumpHexString(dataOut, 0, packet.getLength());
+ Log.d(TAG, dataOutText);
+
+ assertEquals(dataInText, dataOutText);
+ }
+
+ @Test
+ public void testTypeAAAInet4AddressRecord() throws IOException {
+ final byte[] dataIn = HexDump.hexStringToByteArray(
+ "047465737400001C"
+ + "0001000011940010"
+ + "0000000000000000"
+ + "0000FFFF10203040");
+ assertNotNull(dataIn);
+ HexDump.dumpHexString(dataIn, 0, dataIn.length);
+
+ // Decode
+ DatagramPacket packet = new DatagramPacket(dataIn, dataIn.length);
+ packet.setSocketAddress(
+ new InetSocketAddress(MdnsConstants.getMdnsIPv4Address(), MdnsConstants.MDNS_PORT));
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+
+ String[] name = reader.readLabels();
+ assertNotNull(name);
+ assertEquals(1, name.length);
+ String fqdn = MdnsRecord.labelsToString(name);
+ assertEquals("test", fqdn);
+
+ int type = reader.readUInt16();
+ assertEquals(MdnsRecord.TYPE_AAAA, type);
+
+ MdnsInetAddressRecord record = new MdnsInetAddressRecord(name, MdnsRecord.TYPE_AAAA,
+ reader);
+ assertNull(record.getInet6Address());
+ Inet4Address addr = record.getInet4Address();
+ assertEquals("/16.32.48.64", addr.toString());
+
+ // Encode
+ MdnsPacketWriter writer = new MdnsPacketWriter(MAX_PACKET_SIZE);
+ record.write(writer, record.getReceiptTime());
+
+ packet = writer.getPacket(MULTICAST_IPV4_ADDRESS);
+ byte[] dataOut = packet.getData();
+
+ String dataOutText = HexDump.dumpHexString(dataOut, 0, packet.getLength());
+ Log.d(TAG, dataOutText);
+
+ final byte[] expectedDataIn =
+ HexDump.hexStringToByteArray("047465737400001C000100001194000410203040");
+ assertNotNull(expectedDataIn);
+ String expectedDataInText = HexDump.dumpHexString(expectedDataIn, 0, expectedDataIn.length);
+
+ assertEquals(expectedDataInText, dataOutText);
+ }
+
+ @Test
+ public void testPointerRecord() throws IOException {
+ final byte[] dataIn = HexDump.hexStringToByteArray(
+ "047465737400000C"
+ + "000100001194000E"
+ + "03666F6F03626172"
+ + "047175787800");
+ assertNotNull(dataIn);
+ String dataInText = HexDump.dumpHexString(dataIn, 0, dataIn.length);
+
+ // Decode
+ DatagramPacket packet = new DatagramPacket(dataIn, dataIn.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+
+ String[] name = reader.readLabels();
+ assertNotNull(name);
+ assertEquals(1, name.length);
+ String fqdn = MdnsRecord.labelsToString(name);
+ assertEquals("test", fqdn);
+
+ int type = reader.readUInt16();
+ assertEquals(MdnsRecord.TYPE_PTR, type);
+
+ MdnsPointerRecord record = new MdnsPointerRecord(name, reader);
+ String[] pointer = record.getPointer();
+ assertEquals("foo.bar.quxx", MdnsRecord.labelsToString(pointer));
+
+ assertFalse(record.hasSubtype());
+ assertNull(record.getSubtype());
+
+ // Encode
+ MdnsPacketWriter writer = new MdnsPacketWriter(MAX_PACKET_SIZE);
+ record.write(writer, record.getReceiptTime());
+
+ packet = writer.getPacket(MULTICAST_IPV4_ADDRESS);
+ byte[] dataOut = packet.getData();
+
+ String dataOutText = HexDump.dumpHexString(dataOut, 0, packet.getLength());
+ Log.d(TAG, dataOutText);
+
+ assertEquals(dataInText, dataOutText);
+ }
+
+ @Test
+ public void testServiceRecord() throws IOException {
+ final byte[] dataIn = HexDump.hexStringToByteArray(
+ "0474657374000021"
+ + "0001000011940014"
+ + "000100FF1F480366"
+ + "6F6F036261720471"
+ + "75787800");
+ assertNotNull(dataIn);
+ String dataInText = HexDump.dumpHexString(dataIn, 0, dataIn.length);
+
+ // Decode
+ DatagramPacket packet = new DatagramPacket(dataIn, dataIn.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+
+ String[] name = reader.readLabels();
+ assertNotNull(name);
+ assertEquals(1, name.length);
+ String fqdn = MdnsRecord.labelsToString(name);
+ assertEquals("test", fqdn);
+
+ int type = reader.readUInt16();
+ assertEquals(MdnsRecord.TYPE_SRV, type);
+
+ MdnsServiceRecord record = new MdnsServiceRecord(name, reader);
+
+ int servicePort = record.getServicePort();
+ assertEquals(8008, servicePort);
+
+ String serviceHost = MdnsRecord.labelsToString(record.getServiceHost());
+ assertEquals("foo.bar.quxx", serviceHost);
+
+ assertEquals(1, record.getServicePriority());
+ assertEquals(255, record.getServiceWeight());
+
+ // Encode
+ MdnsPacketWriter writer = new MdnsPacketWriter(MAX_PACKET_SIZE);
+ record.write(writer, record.getReceiptTime());
+
+ packet = writer.getPacket(MULTICAST_IPV4_ADDRESS);
+ byte[] dataOut = packet.getData();
+
+ String dataOutText = HexDump.dumpHexString(dataOut, 0, packet.getLength());
+ Log.d(TAG, dataOutText);
+
+ assertEquals(dataInText, dataOutText);
+ }
+
+ @Test
+ public void testTextRecord() throws IOException {
+ final byte[] dataIn = HexDump.hexStringToByteArray(
+ "0474657374000010"
+ + "0001000011940024"
+ + "0D613D68656C6C6F"
+ + "2074686572650C62"
+ + "3D31323334353637"
+ + "3839300878797A3D"
+ + "21402324");
+ assertNotNull(dataIn);
+ String dataInText = HexDump.dumpHexString(dataIn, 0, dataIn.length);
+
+ // Decode
+ DatagramPacket packet = new DatagramPacket(dataIn, dataIn.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+
+ String[] name = reader.readLabels();
+ assertNotNull(name);
+ assertEquals(1, name.length);
+ String fqdn = MdnsRecord.labelsToString(name);
+ assertEquals("test", fqdn);
+
+ int type = reader.readUInt16();
+ assertEquals(MdnsRecord.TYPE_TXT, type);
+
+ MdnsTextRecord record = new MdnsTextRecord(name, reader);
+
+ List<String> strings = record.getStrings();
+ assertNotNull(strings);
+ assertEquals(3, strings.size());
+
+ assertEquals("a=hello there", strings.get(0));
+ assertEquals("b=1234567890", strings.get(1));
+ assertEquals("xyz=!@#$", strings.get(2));
+
+ // Encode
+ MdnsPacketWriter writer = new MdnsPacketWriter(MAX_PACKET_SIZE);
+ record.write(writer, record.getReceiptTime());
+
+ packet = writer.getPacket(MULTICAST_IPV4_ADDRESS);
+ byte[] dataOut = packet.getData();
+
+ String dataOutText = HexDump.dumpHexString(dataOut, 0, packet.getLength());
+ Log.d(TAG, dataOutText);
+
+ assertEquals(dataInText, dataOutText);
+ }
+}
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/MdnsResponseDecoderTests.java b/tests/unit/java/com/android/server/connectivity/mdns/MdnsResponseDecoderTests.java
new file mode 100644
index 0000000..ea9156c
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/MdnsResponseDecoderTests.java
@@ -0,0 +1,237 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.server.connectivity.mdns.MdnsResponseDecoder.Clock;
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.mock;
+
+import com.android.net.module.util.HexDump;
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.InetSocketAddress;
+import java.util.LinkedList;
+import java.util.List;
+
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class MdnsResponseDecoderTests {
+ private static final byte[] data = HexDump.hexStringToByteArray(
+ "0000840000000004"
+ + "00000003134A6F68"
+ + "6E6E792773204368"
+ + "726F6D6563617374"
+ + "0B5F676F6F676C65"
+ + "63617374045F7463"
+ + "70056C6F63616C00"
+ + "0010800100001194"
+ + "006C2369643D3937"
+ + "3062663534376237"
+ + "3533666336336332"
+ + "6432613336626238"
+ + "3936616261380576"
+ + "653D30320D6D643D"
+ + "4368726F6D656361"
+ + "73741269633D2F73"
+ + "657475702F69636F"
+ + "6E2E706E6716666E"
+ + "3D4A6F686E6E7927"
+ + "73204368726F6D65"
+ + "636173740463613D"
+ + "350473743D30095F"
+ + "7365727669636573"
+ + "075F646E732D7364"
+ + "045F756470C03100"
+ + "0C00010000119400"
+ + "02C020C020000C00"
+ + "01000011940002C0"
+ + "0CC00C0021800100"
+ + "000078001C000000"
+ + "001F49134A6F686E"
+ + "6E79277320436872"
+ + "6F6D6563617374C0"
+ + "31C0F30001800100"
+ + "0000780004C0A864"
+ + "68C0F3002F800100"
+ + "0000780005C0F300"
+ + "0140C00C002F8001"
+ + "000011940009C00C"
+ + "00050000800040");
+
+ private static final byte[] data6 = HexDump.hexStringToByteArray(
+ "0000840000000001000000030B5F676F6F676C656361737404"
+ + "5F746370056C6F63616C00000C000100000078003330476F6F676C"
+ + "652D486F6D652D4D61782D61363836666331323961366638636265"
+ + "31643636353139343065336164353766C00CC02E00108001000011"
+ + "9400C02369643D6136383666633132396136663863626531643636"
+ + "3531393430653361643537662363643D4133304233303032363546"
+ + "36384341313233353532434639344141353742314613726D3D4335"
+ + "35393134383530383841313638330576653D3035126D643D476F6F"
+ + "676C6520486F6D65204D61781269633D2F73657475702F69636F6E"
+ + "2E706E6710666E3D417474696320737065616B65720863613D3130"
+ + "3234340473743D320F62733D464138464341363734453537046E66"
+ + "3D320372733DC02E0021800100000078002D000000001F49246136"
+ + "3836666331322D396136662D386362652D316436362D3531393430"
+ + "65336164353766C01DC13F001C8001000000780010200033330000"
+ + "0000DA6C63FFFE7C74830109018001000000780004C0A801026C6F"
+ + "63616C0000018001000000780004C0A8010A000001800100000078"
+ + "0004C0A8010A00000000000000");
+
+ private static final String DUMMY_CAST_SERVICE_NAME = "_googlecast";
+ private static final String[] DUMMY_CAST_SERVICE_TYPE =
+ new String[] {DUMMY_CAST_SERVICE_NAME, "_tcp", "local"};
+
+ private final List<MdnsResponse> responses = new LinkedList<>();
+
+ private final Clock mClock = mock(Clock.class);
+
+ @Before
+ public void setUp() {
+ MdnsResponseDecoder decoder = new MdnsResponseDecoder(mClock, DUMMY_CAST_SERVICE_TYPE);
+ assertNotNull(data);
+ DatagramPacket packet = new DatagramPacket(data, data.length);
+ packet.setSocketAddress(
+ new InetSocketAddress(MdnsConstants.getMdnsIPv4Address(), MdnsConstants.MDNS_PORT));
+ responses.clear();
+ int errorCode = decoder.decode(packet, responses);
+ assertEquals(MdnsResponseDecoder.SUCCESS, errorCode);
+ assertEquals(1, responses.size());
+ }
+
+ @Test
+ public void testDecodeWithNullServiceType() {
+ MdnsResponseDecoder decoder = new MdnsResponseDecoder(mClock, null);
+ assertNotNull(data);
+ DatagramPacket packet = new DatagramPacket(data, data.length);
+ packet.setSocketAddress(
+ new InetSocketAddress(MdnsConstants.getMdnsIPv4Address(), MdnsConstants.MDNS_PORT));
+ responses.clear();
+ int errorCode = decoder.decode(packet, responses);
+ assertEquals(MdnsResponseDecoder.SUCCESS, errorCode);
+ assertEquals(2, responses.size());
+ }
+
+ @Test
+ public void testDecodeMultipleAnswerPacket() throws IOException {
+ MdnsResponse response = responses.get(0);
+ assertTrue(response.isComplete());
+
+ MdnsInetAddressRecord inet4AddressRecord = response.getInet4AddressRecord();
+ Inet4Address inet4Addr = inet4AddressRecord.getInet4Address();
+
+ assertNotNull(inet4Addr);
+ assertEquals("/192.168.100.104", inet4Addr.toString());
+
+ MdnsServiceRecord serviceRecord = response.getServiceRecord();
+ String serviceName = serviceRecord.getServiceName();
+ assertEquals(DUMMY_CAST_SERVICE_NAME, serviceName);
+
+ String serviceInstanceName = serviceRecord.getServiceInstanceName();
+ assertEquals("Johnny's Chromecast", serviceInstanceName);
+
+ String serviceHost = MdnsRecord.labelsToString(serviceRecord.getServiceHost());
+ assertEquals("Johnny's Chromecast.local", serviceHost);
+
+ int serviceProto = serviceRecord.getServiceProtocol();
+ assertEquals(MdnsServiceRecord.PROTO_TCP, serviceProto);
+
+ int servicePort = serviceRecord.getServicePort();
+ assertEquals(8009, servicePort);
+
+ int servicePriority = serviceRecord.getServicePriority();
+ assertEquals(0, servicePriority);
+
+ int serviceWeight = serviceRecord.getServiceWeight();
+ assertEquals(0, serviceWeight);
+
+ MdnsTextRecord textRecord = response.getTextRecord();
+ List<String> textStrings = textRecord.getStrings();
+ assertEquals(7, textStrings.size());
+ assertEquals("id=970bf547b753fc63c2d2a36bb896aba8", textStrings.get(0));
+ assertEquals("ve=02", textStrings.get(1));
+ assertEquals("md=Chromecast", textStrings.get(2));
+ assertEquals("ic=/setup/icon.png", textStrings.get(3));
+ assertEquals("fn=Johnny's Chromecast", textStrings.get(4));
+ assertEquals("ca=5", textStrings.get(5));
+ assertEquals("st=0", textStrings.get(6));
+ }
+
+ @Test
+ public void testDecodeIPv6AnswerPacket() throws IOException {
+ MdnsResponseDecoder decoder = new MdnsResponseDecoder(mClock, DUMMY_CAST_SERVICE_TYPE);
+ assertNotNull(data6);
+ DatagramPacket packet = new DatagramPacket(data6, data6.length);
+ packet.setSocketAddress(
+ new InetSocketAddress(MdnsConstants.getMdnsIPv6Address(), MdnsConstants.MDNS_PORT));
+
+ responses.clear();
+ int errorCode = decoder.decode(packet, responses);
+ assertEquals(MdnsResponseDecoder.SUCCESS, errorCode);
+
+ MdnsResponse response = responses.get(0);
+ assertTrue(response.isComplete());
+
+ MdnsInetAddressRecord inet6AddressRecord = response.getInet6AddressRecord();
+ assertNotNull(inet6AddressRecord);
+ Inet4Address inet4Addr = inet6AddressRecord.getInet4Address();
+ assertNull(inet4Addr);
+
+ Inet6Address inet6Addr = inet6AddressRecord.getInet6Address();
+ assertNotNull(inet6Addr);
+ assertEquals(inet6Addr.getHostAddress(), "2000:3333::da6c:63ff:fe7c:7483");
+ }
+
+ @Test
+ public void testIsComplete() {
+ MdnsResponse response = responses.get(0);
+ assertTrue(response.isComplete());
+
+ response.clearPointerRecords();
+ assertFalse(response.isComplete());
+
+ response = responses.get(0);
+ response.setInet4AddressRecord(null);
+ assertFalse(response.isComplete());
+
+ response = responses.get(0);
+ response.setInet6AddressRecord(null);
+ assertFalse(response.isComplete());
+
+ response = responses.get(0);
+ response.setServiceRecord(null);
+ assertFalse(response.isComplete());
+
+ response = responses.get(0);
+ response.setTextRecord(null);
+ assertFalse(response.isComplete());
+ }
+}
\ No newline at end of file
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/MdnsResponseTests.java b/tests/unit/java/com/android/server/connectivity/mdns/MdnsResponseTests.java
new file mode 100644
index 0000000..ae16f2b
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/MdnsResponseTests.java
@@ -0,0 +1,305 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+import com.android.net.module.util.HexDump;
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.util.Arrays;
+import java.util.List;
+
+// The record test data does not use compressed names (label pointers), since that would require
+// additional data to populate the label dictionary accordingly.
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class MdnsResponseTests {
+ private static final String TAG = "MdnsResponseTests";
+ // MDNS response packet for name "test" with an IPv4 address of 10.1.2.3
+ private static final byte[] dataIn_ipv4_1 = HexDump.hexStringToByteArray(
+ "0474657374000001" + "0001000011940004" + "0A010203");
+ // MDNS response packet for name "tess" with an IPv4 address of 10.1.2.4
+ private static final byte[] dataIn_ipv4_2 = HexDump.hexStringToByteArray(
+ "0474657373000001" + "0001000011940004" + "0A010204");
+ // MDNS response w/name "test" & IPv6 address of aabb:ccdd:1122:3344:a0b0:c0d0:1020:3040
+ private static final byte[] dataIn_ipv6_1 = HexDump.hexStringToByteArray(
+ "047465737400001C" + "0001000011940010" + "AABBCCDD11223344" + "A0B0C0D010203040");
+ // MDNS response w/name "test" & IPv6 address of aabb:ccdd:1122:3344:a0b0:c0d0:1020:3030
+ private static final byte[] dataIn_ipv6_2 = HexDump.hexStringToByteArray(
+ "047465737400001C" + "0001000011940010" + "AABBCCDD11223344" + "A0B0C0D010203030");
+ // MDNS response w/name "test" & PTR to foo.bar.quxx
+ private static final byte[] dataIn_ptr_1 = HexDump.hexStringToByteArray(
+ "047465737400000C" + "000100001194000E" + "03666F6F03626172" + "047175787800");
+ // MDNS response w/name "test" & PTR to foo.bar.quxy
+ private static final byte[] dataIn_ptr_2 = HexDump.hexStringToByteArray(
+ "047465737400000C" + "000100001194000E" + "03666F6F03626172" + "047175787900");
+ // MDNS response w/name "test" & Service for host foo.bar.quxx
+ private static final byte[] dataIn_service_1 = HexDump.hexStringToByteArray(
+ "0474657374000021"
+ + "0001000011940014"
+ + "000100FF1F480366"
+ + "6F6F036261720471"
+ + "75787800");
+ // MDNS response w/name "test" & Service for host test
+ private static final byte[] dataIn_service_2 = HexDump.hexStringToByteArray(
+ "0474657374000021" + "000100001194000B" + "000100FF1F480474" + "657374");
+ // MDNS response w/name "test" & the following text strings:
+ // "a=hello there", "b=1234567890", and "xyz=!$$$"
+ private static final byte[] dataIn_text_1 = HexDump.hexStringToByteArray(
+ "0474657374000010"
+ + "0001000011940024"
+ + "0D613D68656C6C6F"
+ + "2074686572650C62"
+ + "3D31323334353637"
+ + "3839300878797A3D"
+ + "21242424");
+ // MDNS response w/name "test" & the following text strings:
+ // "a=hello there", "b=1234567890", and "xyz=!@#$"
+ private static final byte[] dataIn_text_2 = HexDump.hexStringToByteArray(
+ "0474657374000010"
+ + "0001000011940024"
+ + "0D613D68656C6C6F"
+ + "2074686572650C62"
+ + "3D31323334353637"
+ + "3839300878797A3D"
+ + "21402324");
+
+ // The following helper classes act as wrappers so that IPv4 and IPv6 address records can
+ // be explicitly created by type using same constructor signature as all other records.
+ static class MdnsInet4AddressRecord extends MdnsInetAddressRecord {
+ public MdnsInet4AddressRecord(String[] name, MdnsPacketReader reader) throws IOException {
+ super(name, MdnsRecord.TYPE_A, reader);
+ }
+ }
+
+ static class MdnsInet6AddressRecord extends MdnsInetAddressRecord {
+ public MdnsInet6AddressRecord(String[] name, MdnsPacketReader reader) throws IOException {
+ super(name, MdnsRecord.TYPE_AAAA, reader);
+ }
+ }
+
+ // This helper class just wraps the data bytes of a response packet with the contained record
+ // type.
+ // Its only purpose is to make the test code a bit more readable.
+ static class PacketAndRecordClass {
+ public final byte[] packetData;
+ public final Class<?> recordClass;
+
+ public PacketAndRecordClass() {
+ packetData = null;
+ recordClass = null;
+ }
+
+ public PacketAndRecordClass(byte[] data, Class<?> c) {
+ packetData = data;
+ recordClass = c;
+ }
+ }
+
+ // Construct an MdnsResponse with the specified data packets applied.
+ private MdnsResponse makeMdnsResponse(long time, List<PacketAndRecordClass> responseList)
+ throws IOException {
+ MdnsResponse response = new MdnsResponse(time);
+ for (PacketAndRecordClass responseData : responseList) {
+ DatagramPacket packet =
+ new DatagramPacket(responseData.packetData, responseData.packetData.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+ String[] name = reader.readLabels();
+ reader.skip(2); // skip record type indication.
+ // Apply the right kind of record to the response.
+ if (responseData.recordClass == MdnsInet4AddressRecord.class) {
+ response.setInet4AddressRecord(new MdnsInet4AddressRecord(name, reader));
+ } else if (responseData.recordClass == MdnsInet6AddressRecord.class) {
+ response.setInet6AddressRecord(new MdnsInet6AddressRecord(name, reader));
+ } else if (responseData.recordClass == MdnsPointerRecord.class) {
+ response.addPointerRecord(new MdnsPointerRecord(name, reader));
+ } else if (responseData.recordClass == MdnsServiceRecord.class) {
+ response.setServiceRecord(new MdnsServiceRecord(name, reader));
+ } else if (responseData.recordClass == MdnsTextRecord.class) {
+ response.setTextRecord(new MdnsTextRecord(name, reader));
+ } else {
+ fail("Unsupported/unexpected MdnsRecord subtype used in test - invalid test!");
+ }
+ }
+ return response;
+ }
+
+ @Test
+ public void getInet4AddressRecord_returnsAddedRecord() throws IOException {
+ DatagramPacket packet = new DatagramPacket(dataIn_ipv4_1, dataIn_ipv4_1.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+ String[] name = reader.readLabels();
+ reader.skip(2); // skip record type indication.
+ MdnsInetAddressRecord record = new MdnsInetAddressRecord(name, MdnsRecord.TYPE_A, reader);
+ MdnsResponse response = new MdnsResponse(0);
+ assertFalse(response.hasInet4AddressRecord());
+ assertTrue(response.setInet4AddressRecord(record));
+ assertEquals(response.getInet4AddressRecord(), record);
+ }
+
+ @Test
+ public void getInet6AddressRecord_returnsAddedRecord() throws IOException {
+ DatagramPacket packet = new DatagramPacket(dataIn_ipv6_1, dataIn_ipv6_1.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+ String[] name = reader.readLabels();
+ reader.skip(2); // skip record type indication.
+ MdnsInetAddressRecord record =
+ new MdnsInetAddressRecord(name, MdnsRecord.TYPE_AAAA, reader);
+ MdnsResponse response = new MdnsResponse(0);
+ assertFalse(response.hasInet6AddressRecord());
+ assertTrue(response.setInet6AddressRecord(record));
+ assertEquals(response.getInet6AddressRecord(), record);
+ }
+
+ @Test
+ public void getPointerRecords_returnsAddedRecord() throws IOException {
+ DatagramPacket packet = new DatagramPacket(dataIn_ptr_1, dataIn_ptr_1.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+ String[] name = reader.readLabels();
+ reader.skip(2); // skip record type indication.
+ MdnsPointerRecord record = new MdnsPointerRecord(name, reader);
+ MdnsResponse response = new MdnsResponse(0);
+ assertFalse(response.hasPointerRecords());
+ assertTrue(response.addPointerRecord(record));
+ List<MdnsPointerRecord> recordList = response.getPointerRecords();
+ assertNotNull(recordList);
+ assertEquals(1, recordList.size());
+ assertEquals(record, recordList.get(0));
+ }
+
+ @Test
+ public void getServiceRecord_returnsAddedRecord() throws IOException {
+ DatagramPacket packet = new DatagramPacket(dataIn_service_1, dataIn_service_1.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+ String[] name = reader.readLabels();
+ reader.skip(2); // skip record type indication.
+ MdnsServiceRecord record = new MdnsServiceRecord(name, reader);
+ MdnsResponse response = new MdnsResponse(0);
+ assertFalse(response.hasServiceRecord());
+ assertTrue(response.setServiceRecord(record));
+ assertEquals(response.getServiceRecord(), record);
+ }
+
+ @Test
+ public void getTextRecord_returnsAddedRecord() throws IOException {
+ DatagramPacket packet = new DatagramPacket(dataIn_text_1, dataIn_text_1.length);
+ MdnsPacketReader reader = new MdnsPacketReader(packet);
+ String[] name = reader.readLabels();
+ reader.skip(2); // skip record type indication.
+ MdnsTextRecord record = new MdnsTextRecord(name, reader);
+ MdnsResponse response = new MdnsResponse(0);
+ assertFalse(response.hasTextRecord());
+ assertTrue(response.setTextRecord(record));
+ assertEquals(response.getTextRecord(), record);
+ }
+
+ @Test
+ public void mergeRecordsFrom_indicates_change_on_ipv4_address() throws IOException {
+ MdnsResponse response = makeMdnsResponse(
+ 0,
+ Arrays.asList(
+ new PacketAndRecordClass(dataIn_ipv4_1, MdnsInet4AddressRecord.class)));
+ // Now create a new response that updates the address.
+ MdnsResponse response2 = makeMdnsResponse(
+ 100,
+ Arrays.asList(
+ new PacketAndRecordClass(dataIn_ipv4_2, MdnsInet4AddressRecord.class)));
+ assertTrue(response.mergeRecordsFrom(response2));
+ }
+
+ @Test
+ public void mergeRecordsFrom_indicates_change_on_ipv6_address() throws IOException {
+ MdnsResponse response = makeMdnsResponse(
+ 0,
+ Arrays.asList(
+ new PacketAndRecordClass(dataIn_ipv6_1, MdnsInet6AddressRecord.class)));
+ // Now create a new response that updates the address.
+ MdnsResponse response2 = makeMdnsResponse(
+ 100,
+ Arrays.asList(
+ new PacketAndRecordClass(dataIn_ipv6_2, MdnsInet6AddressRecord.class)));
+ assertTrue(response.mergeRecordsFrom(response2));
+ }
+
+ @Test
+ public void mergeRecordsFrom_indicates_change_on_text() throws IOException {
+ MdnsResponse response = makeMdnsResponse(
+ 0,
+ Arrays.asList(new PacketAndRecordClass(dataIn_text_1, MdnsTextRecord.class)));
+ // Now create a new response that updates the address.
+ MdnsResponse response2 = makeMdnsResponse(
+ 100,
+ Arrays.asList(new PacketAndRecordClass(dataIn_text_2, MdnsTextRecord.class)));
+ assertTrue(response.mergeRecordsFrom(response2));
+ }
+
+ @Test
+ public void mergeRecordsFrom_indicates_change_on_service() throws IOException {
+ MdnsResponse response = makeMdnsResponse(
+ 0,
+ Arrays.asList(new PacketAndRecordClass(dataIn_service_1, MdnsServiceRecord.class)));
+ // Now create a new response that updates the address.
+ MdnsResponse response2 = makeMdnsResponse(
+ 100,
+ Arrays.asList(new PacketAndRecordClass(dataIn_service_2, MdnsServiceRecord.class)));
+ assertTrue(response.mergeRecordsFrom(response2));
+ }
+
+ @Test
+ public void mergeRecordsFrom_indicates_change_on_pointer() throws IOException {
+ MdnsResponse response = makeMdnsResponse(
+ 0,
+ Arrays.asList(new PacketAndRecordClass(dataIn_ptr_1, MdnsPointerRecord.class)));
+ // Now create a new response that updates the address.
+ MdnsResponse response2 = makeMdnsResponse(
+ 100,
+ Arrays.asList(new PacketAndRecordClass(dataIn_ptr_2, MdnsPointerRecord.class)));
+ assertTrue(response.mergeRecordsFrom(response2));
+ }
+
+ @Test
+ @Ignore("MdnsConfigs is not configurable currently.")
+ public void mergeRecordsFrom_indicates_noChange() throws IOException {
+ //MdnsConfigsFlagsImpl.useReducedMergeRecordUpdateEvents.override(true);
+ List<PacketAndRecordClass> recordList =
+ Arrays.asList(
+ new PacketAndRecordClass(dataIn_ipv4_1, MdnsInet4AddressRecord.class),
+ new PacketAndRecordClass(dataIn_ipv6_1, MdnsInet6AddressRecord.class),
+ new PacketAndRecordClass(dataIn_ptr_1, MdnsPointerRecord.class),
+ new PacketAndRecordClass(dataIn_service_2, MdnsServiceRecord.class),
+ new PacketAndRecordClass(dataIn_text_1, MdnsTextRecord.class));
+ // Create a two identical responses.
+ MdnsResponse response = makeMdnsResponse(0, recordList);
+ MdnsResponse response2 = makeMdnsResponse(100, recordList);
+ // Merging should not indicate any change.
+ assertFalse(response.mergeRecordsFrom(response2));
+ }
+}
\ No newline at end of file
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/MdnsServiceTypeClientTests.java b/tests/unit/java/com/android/server/connectivity/mdns/MdnsServiceTypeClientTests.java
new file mode 100644
index 0000000..5843fd0
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/MdnsServiceTypeClientTests.java
@@ -0,0 +1,770 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyLong;
+import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import android.annotation.NonNull;
+
+import com.android.server.connectivity.mdns.MdnsServiceTypeClient.QueryTaskConfig;
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.Captor;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.SocketAddress;
+import java.net.UnknownHostException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.Future;
+import java.util.concurrent.ScheduledFuture;
+import java.util.concurrent.ScheduledThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
+
+/** Tests for {@link MdnsServiceTypeClient}. */
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class MdnsServiceTypeClientTests {
+
+ private static final String SERVICE_TYPE = "_googlecast._tcp.local";
+
+ @Mock
+ private MdnsServiceBrowserListener mockListenerOne;
+ @Mock
+ private MdnsServiceBrowserListener mockListenerTwo;
+ @Mock
+ private MdnsPacketWriter mockPacketWriter;
+ @Mock
+ private MdnsSocketClient mockSocketClient;
+ @Captor
+ private ArgumentCaptor<MdnsServiceInfo> serviceInfoCaptor;
+
+ private final byte[] buf = new byte[10];
+
+ private DatagramPacket[] expectedPackets;
+ private ScheduledFuture<?>[] expectedSendFutures;
+ private FakeExecutor currentThreadExecutor = new FakeExecutor();
+
+ private MdnsServiceTypeClient client;
+
+ @Before
+ @SuppressWarnings("DoNotMock")
+ public void setUp() throws IOException {
+ MockitoAnnotations.initMocks(this);
+
+ expectedPackets = new DatagramPacket[16];
+ expectedSendFutures = new ScheduledFuture<?>[16];
+
+ for (int i = 0; i < expectedSendFutures.length; ++i) {
+ expectedPackets[i] = new DatagramPacket(buf, 0, 5);
+ expectedSendFutures[i] = Mockito.mock(ScheduledFuture.class);
+ }
+ when(mockPacketWriter.getPacket(any(SocketAddress.class)))
+ .thenReturn(expectedPackets[0])
+ .thenReturn(expectedPackets[1])
+ .thenReturn(expectedPackets[2])
+ .thenReturn(expectedPackets[3])
+ .thenReturn(expectedPackets[4])
+ .thenReturn(expectedPackets[5])
+ .thenReturn(expectedPackets[6])
+ .thenReturn(expectedPackets[7])
+ .thenReturn(expectedPackets[8])
+ .thenReturn(expectedPackets[9])
+ .thenReturn(expectedPackets[10])
+ .thenReturn(expectedPackets[11])
+ .thenReturn(expectedPackets[12])
+ .thenReturn(expectedPackets[13])
+ .thenReturn(expectedPackets[14])
+ .thenReturn(expectedPackets[15]);
+
+ client =
+ new MdnsServiceTypeClient(SERVICE_TYPE, mockSocketClient, currentThreadExecutor) {
+ @Override
+ MdnsPacketWriter createMdnsPacketWriter() {
+ return mockPacketWriter;
+ }
+ };
+ }
+
+ @Test
+ public void sendQueries_activeScanMode() {
+ MdnsSearchOptions searchOptions =
+ MdnsSearchOptions.newBuilder().addSubtype("12345").setIsPassiveMode(false).build();
+ client.startSendAndReceive(mockListenerOne, searchOptions);
+
+ // First burst, 3 queries.
+ verifyAndSendQuery(0, 0, /* expectsUnicastResponse= */ true);
+ verifyAndSendQuery(
+ 1, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ verifyAndSendQuery(
+ 2, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ // Second burst will be sent after initialTimeBetweenBurstsMs, 3 queries.
+ verifyAndSendQuery(
+ 3, MdnsConfigs.initialTimeBetweenBurstsMs(), /* expectsUnicastResponse= */ false);
+ verifyAndSendQuery(
+ 4, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ verifyAndSendQuery(
+ 5, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ // Third burst will be sent after initialTimeBetweenBurstsMs * 2, 3 queries.
+ verifyAndSendQuery(
+ 6, MdnsConfigs.initialTimeBetweenBurstsMs() * 2, /* expectsUnicastResponse= */
+ false);
+ verifyAndSendQuery(
+ 7, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ verifyAndSendQuery(
+ 8, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ // Forth burst will be sent after initialTimeBetweenBurstsMs * 4, 3 queries.
+ verifyAndSendQuery(
+ 9, MdnsConfigs.initialTimeBetweenBurstsMs() * 4, /* expectsUnicastResponse= */
+ false);
+ verifyAndSendQuery(
+ 10, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ verifyAndSendQuery(
+ 11, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ // Fifth burst will be sent after timeBetweenBurstsMs, 3 queries.
+ verifyAndSendQuery(12, MdnsConfigs.timeBetweenBurstsMs(), /* expectsUnicastResponse= */
+ false);
+ verifyAndSendQuery(
+ 13, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ verifyAndSendQuery(
+ 14, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+
+ // Stop sending packets.
+ client.stopSendAndReceive(mockListenerOne);
+ verify(expectedSendFutures[15]).cancel(true);
+ }
+
+ @Test
+ public void sendQueries_reentry_activeScanMode() {
+ MdnsSearchOptions searchOptions =
+ MdnsSearchOptions.newBuilder().addSubtype("12345").setIsPassiveMode(false).build();
+ client.startSendAndReceive(mockListenerOne, searchOptions);
+
+ // First burst, first query is sent.
+ verifyAndSendQuery(0, 0, /* expectsUnicastResponse= */ true);
+
+ // After the first query is sent, change the subtypes, and restart.
+ searchOptions =
+ MdnsSearchOptions.newBuilder()
+ .addSubtype("12345")
+ .addSubtype("abcde")
+ .setIsPassiveMode(false)
+ .build();
+ client.startSendAndReceive(mockListenerOne, searchOptions);
+ // The previous scheduled task should be canceled.
+ verify(expectedSendFutures[1]).cancel(true);
+
+ // Queries should continue to be sent.
+ verifyAndSendQuery(1, 0, /* expectsUnicastResponse= */ true);
+ verifyAndSendQuery(
+ 2, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ verifyAndSendQuery(
+ 3, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+
+ // Stop sending packets.
+ client.stopSendAndReceive(mockListenerOne);
+ verify(expectedSendFutures[5]).cancel(true);
+ }
+
+ @Test
+ public void sendQueries_passiveScanMode() {
+ MdnsSearchOptions searchOptions =
+ MdnsSearchOptions.newBuilder().addSubtype("12345").setIsPassiveMode(true).build();
+ client.startSendAndReceive(mockListenerOne, searchOptions);
+
+ // First burst, 3 query.
+ verifyAndSendQuery(0, 0, /* expectsUnicastResponse= */ true);
+ verifyAndSendQuery(
+ 1, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ verifyAndSendQuery(
+ 2, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ // Second burst will be sent after timeBetweenBurstsMs, 1 query.
+ verifyAndSendQuery(3, MdnsConfigs.timeBetweenBurstsMs(), /* expectsUnicastResponse= */
+ false);
+ // Third burst will be sent after timeBetweenBurstsMs, 1 query.
+ verifyAndSendQuery(4, MdnsConfigs.timeBetweenBurstsMs(), /* expectsUnicastResponse= */
+ false);
+
+ // Stop sending packets.
+ client.stopSendAndReceive(mockListenerOne);
+ verify(expectedSendFutures[5]).cancel(true);
+ }
+
+ @Test
+ public void sendQueries_reentry_passiveScanMode() {
+ MdnsSearchOptions searchOptions =
+ MdnsSearchOptions.newBuilder().addSubtype("12345").setIsPassiveMode(true).build();
+ client.startSendAndReceive(mockListenerOne, searchOptions);
+
+ // First burst, first query is sent.
+ verifyAndSendQuery(0, 0, /* expectsUnicastResponse= */ true);
+
+ // After the first query is sent, change the subtypes, and restart.
+ searchOptions =
+ MdnsSearchOptions.newBuilder()
+ .addSubtype("12345")
+ .addSubtype("abcde")
+ .setIsPassiveMode(true)
+ .build();
+ client.startSendAndReceive(mockListenerOne, searchOptions);
+ // The previous scheduled task should be canceled.
+ verify(expectedSendFutures[1]).cancel(true);
+
+ // Queries should continue to be sent.
+ verifyAndSendQuery(1, 0, /* expectsUnicastResponse= */ true);
+ verifyAndSendQuery(
+ 2, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+ verifyAndSendQuery(
+ 3, MdnsConfigs.timeBetweenQueriesInBurstMs(), /* expectsUnicastResponse= */ false);
+
+ // Stop sending packets.
+ client.stopSendAndReceive(mockListenerOne);
+ verify(expectedSendFutures[5]).cancel(true);
+ }
+
+ @Test
+ @Ignore("MdnsConfigs is not configurable currently.")
+ public void testQueryTaskConfig_alwaysAskForUnicastResponse() {
+ //MdnsConfigsFlagsImpl.alwaysAskForUnicastResponseInEachBurst.override(true);
+ MdnsSearchOptions searchOptions =
+ MdnsSearchOptions.newBuilder().addSubtype("12345").setIsPassiveMode(false).build();
+ QueryTaskConfig config =
+ new QueryTaskConfig(searchOptions.getSubtypes(), searchOptions.isPassiveMode(), 1);
+
+ // This is the first query. We will ask for unicast response.
+ assertTrue(config.expectUnicastResponse);
+ assertEquals(config.subtypes, searchOptions.getSubtypes());
+ assertEquals(config.transactionId, 1);
+
+ // For the rest of queries in this burst, we will NOT ask for unicast response.
+ for (int i = 1; i < MdnsConfigs.queriesPerBurst(); i++) {
+ int oldTransactionId = config.transactionId;
+ config = config.getConfigForNextRun();
+ assertFalse(config.expectUnicastResponse);
+ assertEquals(config.subtypes, searchOptions.getSubtypes());
+ assertEquals(config.transactionId, oldTransactionId + 1);
+ }
+
+ // This is the first query of a new burst. We will ask for unicast response.
+ int oldTransactionId = config.transactionId;
+ config = config.getConfigForNextRun();
+ assertTrue(config.expectUnicastResponse);
+ assertEquals(config.subtypes, searchOptions.getSubtypes());
+ assertEquals(config.transactionId, oldTransactionId + 1);
+ }
+
+ @Test
+ public void testQueryTaskConfig_askForUnicastInFirstQuery() {
+ MdnsSearchOptions searchOptions =
+ MdnsSearchOptions.newBuilder().addSubtype("12345").setIsPassiveMode(false).build();
+ QueryTaskConfig config =
+ new QueryTaskConfig(searchOptions.getSubtypes(), searchOptions.isPassiveMode(), 1);
+
+ // This is the first query. We will ask for unicast response.
+ assertTrue(config.expectUnicastResponse);
+ assertEquals(config.subtypes, searchOptions.getSubtypes());
+ assertEquals(config.transactionId, 1);
+
+ // For the rest of queries in this burst, we will NOT ask for unicast response.
+ for (int i = 1; i < MdnsConfigs.queriesPerBurst(); i++) {
+ int oldTransactionId = config.transactionId;
+ config = config.getConfigForNextRun();
+ assertFalse(config.expectUnicastResponse);
+ assertEquals(config.subtypes, searchOptions.getSubtypes());
+ assertEquals(config.transactionId, oldTransactionId + 1);
+ }
+
+ // This is the first query of a new burst. We will NOT ask for unicast response.
+ int oldTransactionId = config.transactionId;
+ config = config.getConfigForNextRun();
+ assertFalse(config.expectUnicastResponse);
+ assertEquals(config.subtypes, searchOptions.getSubtypes());
+ assertEquals(config.transactionId, oldTransactionId + 1);
+ }
+
+ @Test
+ @Ignore("MdnsConfigs is not configurable currently.")
+ public void testIfPreviousTaskIsCanceledWhenNewSessionStarts() {
+ //MdnsConfigsFlagsImpl.useSessionIdToScheduleMdnsTask.override(true);
+ MdnsSearchOptions searchOptions =
+ MdnsSearchOptions.newBuilder().addSubtype("12345").setIsPassiveMode(true).build();
+ client.startSendAndReceive(mockListenerOne, searchOptions);
+ Runnable firstMdnsTask = currentThreadExecutor.getAndClearSubmittedRunnable();
+
+ // Change the sutypes and start a new session.
+ searchOptions =
+ MdnsSearchOptions.newBuilder()
+ .addSubtype("12345")
+ .addSubtype("abcde")
+ .setIsPassiveMode(true)
+ .build();
+ client.startSendAndReceive(mockListenerOne, searchOptions);
+
+ // Clear the scheduled runnable.
+ currentThreadExecutor.getAndClearLastScheduledRunnable();
+
+ // Simulate the case where the first mdns task is not successful canceled and it gets
+ // executed anyway.
+ firstMdnsTask.run();
+
+ // Although it gets executes, no more task gets scheduled.
+ assertNull(currentThreadExecutor.getAndClearLastScheduledRunnable());
+ }
+
+ @Test
+ @Ignore("MdnsConfigs is not configurable currently.")
+ public void testIfPreviousTaskIsCanceledWhenSessionStops() {
+ //MdnsConfigsFlagsImpl.shouldCancelScanTaskWhenFutureIsNull.override(true);
+ MdnsSearchOptions searchOptions =
+ MdnsSearchOptions.newBuilder().addSubtype("12345").setIsPassiveMode(true).build();
+ client.startSendAndReceive(mockListenerOne, searchOptions);
+ // Change the sutypes and start a new session.
+ client.stopSendAndReceive(mockListenerOne);
+ // Clear the scheduled runnable.
+ currentThreadExecutor.getAndClearLastScheduledRunnable();
+
+ // Simulate the case where the first mdns task is not successful canceled and it gets
+ // executed anyway.
+ currentThreadExecutor.getAndClearSubmittedRunnable().run();
+
+ // Although it gets executes, no more task gets scheduled.
+ assertNull(currentThreadExecutor.getAndClearLastScheduledRunnable());
+ }
+
+ @Test
+ public void processResponse_incompleteResponse() {
+ client.startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+
+ MdnsResponse response = mock(MdnsResponse.class);
+ when(response.getServiceInstanceName()).thenReturn("service-instance-1");
+ when(response.isComplete()).thenReturn(false);
+
+ client.processResponse(response);
+
+ verify(mockListenerOne, never()).onServiceFound(any(MdnsServiceInfo.class));
+ verify(mockListenerOne, never()).onServiceUpdated(any(MdnsServiceInfo.class));
+ }
+
+ @Test
+ public void processIPv4Response_completeResponseForNewServiceInstance() throws Exception {
+ final String ipV4Address = "192.168.1.1";
+ client.startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+
+ // Process the initial response.
+ MdnsResponse initialResponse =
+ createResponse(
+ "service-instance-1",
+ ipV4Address,
+ 5353,
+ Collections.singletonList("ABCDE"),
+ Collections.emptyMap());
+ client.processResponse(initialResponse);
+
+ // Process a second response with a different port and updated text attributes.
+ MdnsResponse secondResponse =
+ createResponse(
+ "service-instance-1",
+ ipV4Address,
+ 5354,
+ Collections.singletonList("ABCDE"),
+ Collections.singletonMap("key", "value"));
+ client.processResponse(secondResponse);
+
+ // Verify onServiceFound was called once for the initial response.
+ verify(mockListenerOne).onServiceFound(serviceInfoCaptor.capture());
+ MdnsServiceInfo initialServiceInfo = serviceInfoCaptor.getAllValues().get(0);
+ assertEquals(initialServiceInfo.getServiceInstanceName(), "service-instance-1");
+ assertEquals(initialServiceInfo.getIpv4Address(), ipV4Address);
+ assertEquals(initialServiceInfo.getPort(), 5353);
+ assertEquals(initialServiceInfo.getSubtypes(), Collections.singletonList("ABCDE"));
+ assertNull(initialServiceInfo.getAttributeByKey("key"));
+
+ // Verify onServiceUpdated was called once for the second response.
+ verify(mockListenerOne).onServiceUpdated(serviceInfoCaptor.capture());
+ MdnsServiceInfo updatedServiceInfo = serviceInfoCaptor.getAllValues().get(1);
+ assertEquals(updatedServiceInfo.getServiceInstanceName(), "service-instance-1");
+ assertEquals(updatedServiceInfo.getIpv4Address(), ipV4Address);
+ assertEquals(updatedServiceInfo.getPort(), 5354);
+ assertTrue(updatedServiceInfo.hasSubtypes());
+ assertEquals(updatedServiceInfo.getSubtypes(), Collections.singletonList("ABCDE"));
+ assertEquals(updatedServiceInfo.getAttributeByKey("key"), "value");
+ }
+
+ @Test
+ public void processIPv6Response_getCorrectServiceInfo() throws Exception {
+ final String ipV6Address = "2000:3333::da6c:63ff:fe7c:7483";
+ client.startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+
+ // Process the initial response.
+ MdnsResponse initialResponse =
+ createResponse(
+ "service-instance-1",
+ ipV6Address,
+ 5353,
+ Collections.singletonList("ABCDE"),
+ Collections.emptyMap());
+ client.processResponse(initialResponse);
+
+ // Process a second response with a different port and updated text attributes.
+ MdnsResponse secondResponse =
+ createResponse(
+ "service-instance-1",
+ ipV6Address,
+ 5354,
+ Collections.singletonList("ABCDE"),
+ Collections.singletonMap("key", "value"));
+ client.processResponse(secondResponse);
+
+ System.out.println("secondResponses ip"
+ + secondResponse.getInet6AddressRecord().getInet6Address().getHostAddress());
+
+ // Verify onServiceFound was called once for the initial response.
+ verify(mockListenerOne).onServiceFound(serviceInfoCaptor.capture());
+ MdnsServiceInfo initialServiceInfo = serviceInfoCaptor.getAllValues().get(0);
+ assertEquals(initialServiceInfo.getServiceInstanceName(), "service-instance-1");
+ assertEquals(initialServiceInfo.getIpv6Address(), ipV6Address);
+ assertEquals(initialServiceInfo.getPort(), 5353);
+ assertEquals(initialServiceInfo.getSubtypes(), Collections.singletonList("ABCDE"));
+ assertNull(initialServiceInfo.getAttributeByKey("key"));
+
+ // Verify onServiceUpdated was called once for the second response.
+ verify(mockListenerOne).onServiceUpdated(serviceInfoCaptor.capture());
+ MdnsServiceInfo updatedServiceInfo = serviceInfoCaptor.getAllValues().get(1);
+ assertEquals(updatedServiceInfo.getServiceInstanceName(), "service-instance-1");
+ assertEquals(updatedServiceInfo.getIpv6Address(), ipV6Address);
+ assertEquals(updatedServiceInfo.getPort(), 5354);
+ assertTrue(updatedServiceInfo.hasSubtypes());
+ assertEquals(updatedServiceInfo.getSubtypes(), Collections.singletonList("ABCDE"));
+ assertEquals(updatedServiceInfo.getAttributeByKey("key"), "value");
+ }
+
+ @Test
+ public void processResponse_goodBye() {
+ client.startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+ client.startSendAndReceive(mockListenerTwo, MdnsSearchOptions.getDefaultOptions());
+
+ MdnsResponse response = mock(MdnsResponse.class);
+ when(response.getServiceInstanceName()).thenReturn("goodbye-service-instance-name");
+ when(response.isGoodbye()).thenReturn(true);
+ client.processResponse(response);
+
+ verify(mockListenerOne).onServiceRemoved("goodbye-service-instance-name");
+ verify(mockListenerTwo).onServiceRemoved("goodbye-service-instance-name");
+ }
+
+ @Test
+ public void reportExistingServiceToNewlyRegisteredListeners() throws UnknownHostException {
+ // Process the initial response.
+ MdnsResponse initialResponse =
+ createResponse(
+ "service-instance-1",
+ "192.168.1.1",
+ 5353,
+ Collections.singletonList("ABCDE"),
+ Collections.emptyMap());
+ client.processResponse(initialResponse);
+
+ client.startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+
+ // Verify onServiceFound was called once for the existing response.
+ verify(mockListenerOne).onServiceFound(serviceInfoCaptor.capture());
+ MdnsServiceInfo existingServiceInfo = serviceInfoCaptor.getAllValues().get(0);
+ assertEquals(existingServiceInfo.getServiceInstanceName(), "service-instance-1");
+ assertEquals(existingServiceInfo.getIpv4Address(), "192.168.1.1");
+ assertEquals(existingServiceInfo.getPort(), 5353);
+ assertEquals(existingServiceInfo.getSubtypes(), Collections.singletonList("ABCDE"));
+ assertNull(existingServiceInfo.getAttributeByKey("key"));
+
+ // Process a goodbye message for the existing response.
+ MdnsResponse goodByeResponse = mock(MdnsResponse.class);
+ when(goodByeResponse.getServiceInstanceName()).thenReturn("service-instance-1");
+ when(goodByeResponse.isGoodbye()).thenReturn(true);
+ client.processResponse(goodByeResponse);
+
+ client.startSendAndReceive(mockListenerTwo, MdnsSearchOptions.getDefaultOptions());
+
+ // Verify onServiceFound was not called on the newly registered listener after the existing
+ // response is gone.
+ verify(mockListenerTwo, never()).onServiceFound(any(MdnsServiceInfo.class));
+ }
+
+ @Test
+ public void processResponse_notAllowRemoveSearch_shouldNotRemove() throws Exception {
+ final String serviceInstanceName = "service-instance-1";
+ client.startSendAndReceive(
+ mockListenerOne,
+ MdnsSearchOptions.newBuilder().build());
+ Runnable firstMdnsTask = currentThreadExecutor.getAndClearSubmittedRunnable();
+
+ // Process the initial response.
+ MdnsResponse initialResponse =
+ createResponse(
+ serviceInstanceName, "192.168.1.1", 5353, List.of("ABCDE"),
+ Map.of());
+ client.processResponse(initialResponse);
+
+ // Clear the scheduled runnable.
+ currentThreadExecutor.getAndClearLastScheduledRunnable();
+
+ // Simulate the case where the response is after TTL.
+ when(initialResponse.getServiceRecord().getRemainingTTL(anyLong())).thenReturn((long) 0);
+ firstMdnsTask.run();
+
+ // Verify onServiceRemoved was not called.
+ verify(mockListenerOne, never()).onServiceRemoved(serviceInstanceName);
+ }
+
+ @Test
+ @Ignore("MdnsConfigs is not configurable currently.")
+ public void processResponse_allowSearchOptionsToRemoveExpiredService_shouldRemove()
+ throws Exception {
+ //MdnsConfigsFlagsImpl.allowSearchOptionsToRemoveExpiredService.override(true);
+ final String serviceInstanceName = "service-instance-1";
+ client =
+ new MdnsServiceTypeClient(SERVICE_TYPE, mockSocketClient, currentThreadExecutor) {
+ @Override
+ MdnsPacketWriter createMdnsPacketWriter() {
+ return mockPacketWriter;
+ }
+ };
+ client.startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+ Runnable firstMdnsTask = currentThreadExecutor.getAndClearSubmittedRunnable();
+
+ // Process the initial response.
+ MdnsResponse initialResponse =
+ createResponse(
+ serviceInstanceName, "192.168.1.1", 5353, List.of("ABCDE"),
+ Map.of());
+ client.processResponse(initialResponse);
+
+ // Clear the scheduled runnable.
+ currentThreadExecutor.getAndClearLastScheduledRunnable();
+
+ // Simulate the case where the response is under TTL.
+ when(initialResponse.getServiceRecord().getRemainingTTL(anyLong())).thenReturn((long) 1000);
+ firstMdnsTask.run();
+
+ // Verify onServiceRemoved was not called.
+ verify(mockListenerOne, never()).onServiceRemoved(serviceInstanceName);
+
+ // Simulate the case where the response is after TTL.
+ when(initialResponse.getServiceRecord().getRemainingTTL(anyLong())).thenReturn((long) 0);
+ firstMdnsTask.run();
+
+ // Verify onServiceRemoved was called.
+ verify(mockListenerOne, times(1)).onServiceRemoved(serviceInstanceName);
+ }
+
+ @Test
+ public void processResponse_searchOptionsNotEnableServiceRemoval_shouldNotRemove()
+ throws Exception {
+ final String serviceInstanceName = "service-instance-1";
+ client =
+ new MdnsServiceTypeClient(SERVICE_TYPE, mockSocketClient, currentThreadExecutor) {
+ @Override
+ MdnsPacketWriter createMdnsPacketWriter() {
+ return mockPacketWriter;
+ }
+ };
+ client.startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+ Runnable firstMdnsTask = currentThreadExecutor.getAndClearSubmittedRunnable();
+
+ // Process the initial response.
+ MdnsResponse initialResponse =
+ createResponse(
+ serviceInstanceName, "192.168.1.1", 5353, List.of("ABCDE"),
+ Map.of());
+ client.processResponse(initialResponse);
+
+ // Clear the scheduled runnable.
+ currentThreadExecutor.getAndClearLastScheduledRunnable();
+
+ // Simulate the case where the response is after TTL.
+ when(initialResponse.getServiceRecord().getRemainingTTL(anyLong())).thenReturn((long) 0);
+ firstMdnsTask.run();
+
+ // Verify onServiceRemoved was not called.
+ verify(mockListenerOne, never()).onServiceRemoved(serviceInstanceName);
+ }
+
+ @Test
+ @Ignore("MdnsConfigs is not configurable currently.")
+ public void processResponse_removeServiceAfterTtlExpiresEnabled_shouldRemove()
+ throws Exception {
+ //MdnsConfigsFlagsImpl.removeServiceAfterTtlExpires.override(true);
+ final String serviceInstanceName = "service-instance-1";
+ client =
+ new MdnsServiceTypeClient(SERVICE_TYPE, mockSocketClient, currentThreadExecutor) {
+ @Override
+ MdnsPacketWriter createMdnsPacketWriter() {
+ return mockPacketWriter;
+ }
+ };
+ client.startSendAndReceive(mockListenerOne, MdnsSearchOptions.getDefaultOptions());
+ Runnable firstMdnsTask = currentThreadExecutor.getAndClearSubmittedRunnable();
+
+ // Process the initial response.
+ MdnsResponse initialResponse =
+ createResponse(
+ serviceInstanceName, "192.168.1.1", 5353, List.of("ABCDE"),
+ Map.of());
+ client.processResponse(initialResponse);
+
+ // Clear the scheduled runnable.
+ currentThreadExecutor.getAndClearLastScheduledRunnable();
+
+ // Simulate the case where the response is after TTL.
+ when(initialResponse.getServiceRecord().getRemainingTTL(anyLong())).thenReturn((long) 0);
+ firstMdnsTask.run();
+
+ // Verify onServiceRemoved was not called.
+ verify(mockListenerOne, times(1)).onServiceRemoved(serviceInstanceName);
+ }
+
+ // verifies that the right query was enqueued with the right delay, and send query by executing
+ // the runnable.
+ private void verifyAndSendQuery(int index, long timeInMs, boolean expectsUnicastResponse) {
+ assertEquals(currentThreadExecutor.getAndClearLastScheduledDelayInMs(), timeInMs);
+ currentThreadExecutor.getAndClearLastScheduledRunnable().run();
+ if (expectsUnicastResponse) {
+ verify(mockSocketClient).sendUnicastPacket(expectedPackets[index]);
+ } else {
+ verify(mockSocketClient).sendMulticastPacket(expectedPackets[index]);
+ }
+ }
+
+ // A fake ScheduledExecutorService that keeps tracking the last scheduled Runnable and its delay
+ // time.
+ private class FakeExecutor extends ScheduledThreadPoolExecutor {
+ private long lastScheduledDelayInMs;
+ private Runnable lastScheduledRunnable;
+ private Runnable lastSubmittedRunnable;
+ private int futureIndex;
+
+ FakeExecutor() {
+ super(1);
+ lastScheduledDelayInMs = -1;
+ }
+
+ @Override
+ public Future<?> submit(Runnable command) {
+ Future<?> future = super.submit(command);
+ lastSubmittedRunnable = command;
+ return future;
+ }
+
+ // Don't call through the real implementation, just track the scheduled Runnable, and
+ // returns a ScheduledFuture.
+ @Override
+ public ScheduledFuture<?> schedule(Runnable command, long delay, TimeUnit unit) {
+ lastScheduledDelayInMs = delay;
+ lastScheduledRunnable = command;
+ return expectedSendFutures[futureIndex++];
+ }
+
+ // Returns the delay of the last scheduled task, and clear it.
+ long getAndClearLastScheduledDelayInMs() {
+ long val = lastScheduledDelayInMs;
+ lastScheduledDelayInMs = -1;
+ return val;
+ }
+
+ // Returns the last scheduled task, and clear it.
+ Runnable getAndClearLastScheduledRunnable() {
+ Runnable val = lastScheduledRunnable;
+ lastScheduledRunnable = null;
+ return val;
+ }
+
+ Runnable getAndClearSubmittedRunnable() {
+ Runnable val = lastSubmittedRunnable;
+ lastSubmittedRunnable = null;
+ return val;
+ }
+ }
+
+ // Creates a complete mDNS response.
+ private MdnsResponse createResponse(
+ @NonNull String serviceInstanceName,
+ @NonNull String host,
+ int port,
+ @NonNull List<String> subtypes,
+ @NonNull Map<String, String> textAttributes)
+ throws UnknownHostException {
+ String[] hostName = new String[]{"hostname"};
+ MdnsServiceRecord serviceRecord = mock(MdnsServiceRecord.class);
+ when(serviceRecord.getServiceHost()).thenReturn(hostName);
+ when(serviceRecord.getServicePort()).thenReturn(port);
+
+ MdnsResponse response = spy(new MdnsResponse(0));
+
+ MdnsInetAddressRecord inetAddressRecord = mock(MdnsInetAddressRecord.class);
+ if (host.contains(":")) {
+ when(inetAddressRecord.getInet6Address())
+ .thenReturn((Inet6Address) Inet6Address.getByName(host));
+ response.setInet6AddressRecord(inetAddressRecord);
+ } else {
+ when(inetAddressRecord.getInet4Address())
+ .thenReturn((Inet4Address) Inet4Address.getByName(host));
+ response.setInet4AddressRecord(inetAddressRecord);
+ }
+
+ MdnsTextRecord textRecord = mock(MdnsTextRecord.class);
+ List<String> textStrings = new ArrayList<>();
+ for (Map.Entry<String, String> kv : textAttributes.entrySet()) {
+ textStrings.add(kv.getKey() + "=" + kv.getValue());
+ }
+ when(textRecord.getStrings()).thenReturn(textStrings);
+
+ response.setServiceRecord(serviceRecord);
+ response.setTextRecord(textRecord);
+
+ doReturn(false).when(response).isGoodbye();
+ doReturn(true).when(response).isComplete();
+ doReturn(serviceInstanceName).when(response).getServiceInstanceName();
+ doReturn(new ArrayList<>(subtypes)).when(response).getSubtypes();
+ return response;
+ }
+}
\ No newline at end of file
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/MdnsSocketClientTests.java b/tests/unit/java/com/android/server/connectivity/mdns/MdnsSocketClientTests.java
new file mode 100644
index 0000000..21ed7eb
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/MdnsSocketClientTests.java
@@ -0,0 +1,493 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.doAnswer;
+import static org.mockito.Mockito.timeout;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import android.Manifest.permission;
+import android.annotation.RequiresPermission;
+import android.content.Context;
+import android.net.wifi.WifiManager;
+import android.net.wifi.WifiManager.MulticastLock;
+import android.text.format.DateUtils;
+
+import com.android.net.module.util.HexDump;
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentMatchers;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+import org.mockito.invocation.InvocationOnMock;
+
+import java.io.IOException;
+import java.net.DatagramPacket;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+
+/** Tests for {@link MdnsSocketClient} */
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class MdnsSocketClientTests {
+ private static final long TIMEOUT = 500;
+ private final byte[] buf = new byte[10];
+ final AtomicBoolean enableMulticastResponse = new AtomicBoolean(true);
+ final AtomicBoolean enableUnicastResponse = new AtomicBoolean(true);
+
+ @Mock private Context mContext;
+ @Mock private WifiManager mockWifiManager;
+ @Mock private MdnsSocket mockMulticastSocket;
+ @Mock private MdnsSocket mockUnicastSocket;
+ @Mock private MulticastLock mockMulticastLock;
+ @Mock private MdnsSocketClient.Callback mockCallback;
+
+ private MdnsSocketClient mdnsClient;
+
+ @Before
+ public void setup() throws RuntimeException, IOException {
+ MockitoAnnotations.initMocks(this);
+
+ when(mockWifiManager.createMulticastLock(ArgumentMatchers.anyString()))
+ .thenReturn(mockMulticastLock);
+
+ mdnsClient = new MdnsSocketClient(mContext, mockMulticastLock) {
+ @Override
+ MdnsSocket createMdnsSocket(int port) throws IOException {
+ if (port == MdnsConstants.MDNS_PORT) {
+ return mockMulticastSocket;
+ }
+ return mockUnicastSocket;
+ }
+ };
+ mdnsClient.setCallback(mockCallback);
+
+ doAnswer(
+ (InvocationOnMock invocationOnMock) -> {
+ final byte[] dataIn = HexDump.hexStringToByteArray(
+ "0000840000000004"
+ + "00000003134A6F68"
+ + "6E6E792773204368"
+ + "726F6D6563617374"
+ + "0B5F676F6F676C65"
+ + "63617374045F7463"
+ + "70056C6F63616C00"
+ + "0010800100001194"
+ + "006C2369643D3937"
+ + "3062663534376237"
+ + "3533666336336332"
+ + "6432613336626238"
+ + "3936616261380576"
+ + "653D30320D6D643D"
+ + "4368726F6D656361"
+ + "73741269633D2F73"
+ + "657475702F69636F"
+ + "6E2E706E6716666E"
+ + "3D4A6F686E6E7927"
+ + "73204368726F6D65"
+ + "636173740463613D"
+ + "350473743D30095F"
+ + "7365727669636573"
+ + "075F646E732D7364"
+ + "045F756470C03100"
+ + "0C00010000119400"
+ + "02C020C020000C00"
+ + "01000011940002C0"
+ + "0CC00C0021800100"
+ + "000078001C000000"
+ + "001F49134A6F686E"
+ + "6E79277320436872"
+ + "6F6D6563617374C0"
+ + "31C0F30001800100"
+ + "0000780004C0A864"
+ + "68C0F3002F800100"
+ + "0000780005C0F300"
+ + "0140C00C002F8001"
+ + "000011940009C00C"
+ + "00050000800040");
+ if (enableMulticastResponse.get()) {
+ DatagramPacket packet = invocationOnMock.getArgument(0);
+ packet.setData(dataIn);
+ }
+ return null;
+ })
+ .when(mockMulticastSocket)
+ .receive(any(DatagramPacket.class));
+ doAnswer(
+ (InvocationOnMock invocationOnMock) -> {
+ final byte[] dataIn = HexDump.hexStringToByteArray(
+ "0000840000000004"
+ + "00000003134A6F68"
+ + "6E6E792773204368"
+ + "726F6D6563617374"
+ + "0B5F676F6F676C65"
+ + "63617374045F7463"
+ + "70056C6F63616C00"
+ + "0010800100001194"
+ + "006C2369643D3937"
+ + "3062663534376237"
+ + "3533666336336332"
+ + "6432613336626238"
+ + "3936616261380576"
+ + "653D30320D6D643D"
+ + "4368726F6D656361"
+ + "73741269633D2F73"
+ + "657475702F69636F"
+ + "6E2E706E6716666E"
+ + "3D4A6F686E6E7927"
+ + "73204368726F6D65"
+ + "636173740463613D"
+ + "350473743D30095F"
+ + "7365727669636573"
+ + "075F646E732D7364"
+ + "045F756470C03100"
+ + "0C00010000119400"
+ + "02C020C020000C00"
+ + "01000011940002C0"
+ + "0CC00C0021800100"
+ + "000078001C000000"
+ + "001F49134A6F686E"
+ + "6E79277320436872"
+ + "6F6D6563617374C0"
+ + "31C0F30001800100"
+ + "0000780004C0A864"
+ + "68C0F3002F800100"
+ + "0000780005C0F300"
+ + "0140C00C002F8001"
+ + "000011940009C00C"
+ + "00050000800040");
+ if (enableUnicastResponse.get()) {
+ DatagramPacket packet = invocationOnMock.getArgument(0);
+ packet.setData(dataIn);
+ }
+ return null;
+ })
+ .when(mockUnicastSocket)
+ .receive(any(DatagramPacket.class));
+ }
+
+ @After
+ public void tearDown() {
+ mdnsClient.stopDiscovery();
+ }
+
+ @Test
+ @Ignore("MdnsConfigs is not configurable currently.")
+ public void testSendPackets_useSeparateSocketForUnicast()
+ throws InterruptedException, IOException {
+ //MdnsConfigsFlagsImpl.useSeparateSocketToSendUnicastQuery.override(true);
+ //MdnsConfigsFlagsImpl.checkMulticastResponse.override(true);
+ //MdnsConfigsFlagsImpl.checkMulticastResponseIntervalMs
+ // .override(DateUtils.SECOND_IN_MILLIS);
+ mdnsClient.startDiscovery();
+ Thread multicastReceiverThread = mdnsClient.multicastReceiveThread;
+ Thread unicastReceiverThread = mdnsClient.unicastReceiveThread;
+ Thread sendThread = mdnsClient.sendThread;
+
+ assertTrue(multicastReceiverThread.isAlive());
+ assertTrue(sendThread.isAlive());
+ assertTrue(unicastReceiverThread.isAlive());
+
+ // Sends a packet.
+ DatagramPacket packet = new DatagramPacket(buf, 0, 5);
+ mdnsClient.sendMulticastPacket(packet);
+ // mockMulticastSocket.send() will be called on another thread. If we verify it immediately,
+ // it may not be called yet. So timeout is added.
+ verify(mockMulticastSocket, timeout(TIMEOUT).times(1)).send(packet);
+ verify(mockUnicastSocket, timeout(TIMEOUT).times(0)).send(packet);
+
+ // Verify the packet is sent by the unicast socket.
+ mdnsClient.sendUnicastPacket(packet);
+ verify(mockMulticastSocket, timeout(TIMEOUT).times(1)).send(packet);
+ verify(mockUnicastSocket, timeout(TIMEOUT).times(1)).send(packet);
+
+ // Stop the MdnsClient, and ensure that it stops in a reasonable amount of time.
+ // Run part of the test logic in a background thread, in case stopDiscovery() blocks
+ // for a long time (the foreground thread can fail the test early).
+ final CountDownLatch stopDiscoveryLatch = new CountDownLatch(1);
+ Thread testThread =
+ new Thread(
+ new Runnable() {
+ @RequiresPermission(permission.CHANGE_WIFI_MULTICAST_STATE)
+ @Override
+ public void run() {
+ mdnsClient.stopDiscovery();
+ stopDiscoveryLatch.countDown();
+ }
+ });
+ testThread.start();
+ assertTrue(stopDiscoveryLatch.await(DateUtils.SECOND_IN_MILLIS, TimeUnit.MILLISECONDS));
+
+ // We should be able to join in a reasonable amount of time, to prove that the
+ // the MdnsClient exited without sending the large queue of packets.
+ testThread.join(DateUtils.SECOND_IN_MILLIS);
+
+ assertFalse(multicastReceiverThread.isAlive());
+ assertFalse(sendThread.isAlive());
+ assertFalse(unicastReceiverThread.isAlive());
+ }
+
+ @Test
+ public void testSendPackets_useSameSocketForMulticastAndUnicast()
+ throws InterruptedException, IOException {
+ mdnsClient.startDiscovery();
+ Thread multicastReceiverThread = mdnsClient.multicastReceiveThread;
+ Thread unicastReceiverThread = mdnsClient.unicastReceiveThread;
+ Thread sendThread = mdnsClient.sendThread;
+
+ assertTrue(multicastReceiverThread.isAlive());
+ assertTrue(sendThread.isAlive());
+ assertNull(unicastReceiverThread);
+
+ // Sends a packet.
+ DatagramPacket packet = new DatagramPacket(buf, 0, 5);
+ mdnsClient.sendMulticastPacket(packet);
+ // mockMulticastSocket.send() will be called on another thread. If we verify it immediately,
+ // it may not be called yet. So timeout is added.
+ verify(mockMulticastSocket, timeout(TIMEOUT).times(1)).send(packet);
+ verify(mockUnicastSocket, timeout(TIMEOUT).times(0)).send(packet);
+
+ // Verify the packet is sent by the multicast socket as well.
+ mdnsClient.sendUnicastPacket(packet);
+ verify(mockMulticastSocket, timeout(TIMEOUT).times(2)).send(packet);
+ verify(mockUnicastSocket, timeout(TIMEOUT).times(0)).send(packet);
+
+ // Stop the MdnsClient, and ensure that it stops in a reasonable amount of time.
+ // Run part of the test logic in a background thread, in case stopDiscovery() blocks
+ // for a long time (the foreground thread can fail the test early).
+ final CountDownLatch stopDiscoveryLatch = new CountDownLatch(1);
+ Thread testThread =
+ new Thread(
+ new Runnable() {
+ @RequiresPermission(permission.CHANGE_WIFI_MULTICAST_STATE)
+ @Override
+ public void run() {
+ mdnsClient.stopDiscovery();
+ stopDiscoveryLatch.countDown();
+ }
+ });
+ testThread.start();
+ assertTrue(stopDiscoveryLatch.await(DateUtils.SECOND_IN_MILLIS, TimeUnit.MILLISECONDS));
+
+ // We should be able to join in a reasonable amount of time, to prove that the
+ // the MdnsClient exited without sending the large queue of packets.
+ testThread.join(DateUtils.SECOND_IN_MILLIS);
+
+ assertFalse(multicastReceiverThread.isAlive());
+ assertFalse(sendThread.isAlive());
+ assertNull(unicastReceiverThread);
+ }
+
+ @Test
+ public void testStartStop() throws IOException {
+ for (int i = 0; i < 5; i++) {
+ mdnsClient.startDiscovery();
+
+ Thread multicastReceiverThread = mdnsClient.multicastReceiveThread;
+ Thread socketThread = mdnsClient.sendThread;
+
+ assertTrue(multicastReceiverThread.isAlive());
+ assertTrue(socketThread.isAlive());
+
+ mdnsClient.stopDiscovery();
+
+ assertFalse(multicastReceiverThread.isAlive());
+ assertFalse(socketThread.isAlive());
+ }
+ }
+
+ @Test
+ public void testStopDiscovery_queueIsCleared() throws IOException {
+ mdnsClient.startDiscovery();
+ mdnsClient.stopDiscovery();
+ mdnsClient.sendMulticastPacket(new DatagramPacket(buf, 0, 5));
+
+ synchronized (mdnsClient.multicastPacketQueue) {
+ assertTrue(mdnsClient.multicastPacketQueue.isEmpty());
+ }
+ }
+
+ @Test
+ public void testSendPacket_afterDiscoveryStops() throws IOException {
+ mdnsClient.startDiscovery();
+ mdnsClient.stopDiscovery();
+ mdnsClient.sendMulticastPacket(new DatagramPacket(buf, 0, 5));
+
+ synchronized (mdnsClient.multicastPacketQueue) {
+ assertTrue(mdnsClient.multicastPacketQueue.isEmpty());
+ }
+ }
+
+ @Test
+ @Ignore("MdnsConfigs is not configurable currently.")
+ public void testSendPacket_queueReachesSizeLimit() throws IOException {
+ //MdnsConfigsFlagsImpl.mdnsPacketQueueMaxSize.override(2L);
+ mdnsClient.startDiscovery();
+ for (int i = 0; i < 100; i++) {
+ mdnsClient.sendMulticastPacket(new DatagramPacket(buf, 0, 5));
+ }
+
+ synchronized (mdnsClient.multicastPacketQueue) {
+ assertTrue(mdnsClient.multicastPacketQueue.size() <= 2);
+ }
+ }
+
+ @Test
+ public void testMulticastResponseReceived_useSeparateSocketForUnicast() throws IOException {
+ mdnsClient.setCallback(mockCallback);
+
+ mdnsClient.startDiscovery();
+
+ verify(mockCallback, timeout(TIMEOUT).atLeast(1))
+ .onResponseReceived(any(MdnsResponse.class));
+ }
+
+ @Test
+ public void testMulticastResponseReceived_useSameSocketForMulticastAndUnicast()
+ throws Exception {
+ mdnsClient.startDiscovery();
+
+ verify(mockCallback, timeout(TIMEOUT).atLeastOnce())
+ .onResponseReceived(any(MdnsResponse.class));
+
+ mdnsClient.stopDiscovery();
+ }
+
+ @Test
+ public void testFailedToParseMdnsResponse_useSeparateSocketForUnicast() throws IOException {
+ mdnsClient.setCallback(mockCallback);
+
+ // Both multicast socket and unicast socket receive malformed responses.
+ byte[] dataIn = HexDump.hexStringToByteArray("0000840000000004");
+ doAnswer(
+ (InvocationOnMock invocationOnMock) -> {
+ // Malformed data.
+ DatagramPacket packet = invocationOnMock.getArgument(0);
+ packet.setData(dataIn);
+ return null;
+ })
+ .when(mockMulticastSocket)
+ .receive(any(DatagramPacket.class));
+ doAnswer(
+ (InvocationOnMock invocationOnMock) -> {
+ // Malformed data.
+ DatagramPacket packet = invocationOnMock.getArgument(0);
+ packet.setData(dataIn);
+ return null;
+ })
+ .when(mockUnicastSocket)
+ .receive(any(DatagramPacket.class));
+
+ mdnsClient.startDiscovery();
+
+ verify(mockCallback, timeout(TIMEOUT).atLeast(1))
+ .onFailedToParseMdnsResponse(anyInt(), eq(MdnsResponseErrorCode.ERROR_END_OF_FILE));
+
+ mdnsClient.stopDiscovery();
+ }
+
+ @Test
+ public void testFailedToParseMdnsResponse_useSameSocketForMulticastAndUnicast()
+ throws IOException {
+ doAnswer(
+ (InvocationOnMock invocationOnMock) -> {
+ final byte[] dataIn = HexDump.hexStringToByteArray("0000840000000004");
+ DatagramPacket packet = invocationOnMock.getArgument(0);
+ packet.setData(dataIn);
+ return null;
+ })
+ .when(mockMulticastSocket)
+ .receive(any(DatagramPacket.class));
+
+ mdnsClient.startDiscovery();
+
+ verify(mockCallback, timeout(TIMEOUT).atLeast(1))
+ .onFailedToParseMdnsResponse(1, MdnsResponseErrorCode.ERROR_END_OF_FILE);
+
+ mdnsClient.stopDiscovery();
+ }
+
+ @Test
+ @Ignore("MdnsConfigs is not configurable currently.")
+ public void testMulticastResponseIsNotReceived() throws IOException, InterruptedException {
+ //MdnsConfigsFlagsImpl.checkMulticastResponse.override(true);
+ //MdnsConfigsFlagsImpl.checkMulticastResponseIntervalMs
+ // .override(DateUtils.SECOND_IN_MILLIS);
+ //MdnsConfigsFlagsImpl.useSeparateSocketToSendUnicastQuery.override(true);
+ enableMulticastResponse.set(false);
+ enableUnicastResponse.set(true);
+
+ mdnsClient.startDiscovery();
+ DatagramPacket packet = new DatagramPacket(buf, 0, 5);
+ mdnsClient.sendUnicastPacket(packet);
+ mdnsClient.sendMulticastPacket(packet);
+
+ // Wait for the timer to be triggered.
+ Thread.sleep(MdnsConfigs.checkMulticastResponseIntervalMs() * 2);
+
+ assertFalse(mdnsClient.receivedMulticastResponse);
+ assertTrue(mdnsClient.receivedUnicastResponse);
+ assertTrue(mdnsClient.cannotReceiveMulticastResponse.get());
+
+ // Allow multicast response and verify the states again.
+ enableMulticastResponse.set(true);
+ Thread.sleep(DateUtils.SECOND_IN_MILLIS);
+
+ // Verify cannotReceiveMulticastResponse is reset to false.
+ assertTrue(mdnsClient.receivedMulticastResponse);
+ assertTrue(mdnsClient.receivedUnicastResponse);
+ assertFalse(mdnsClient.cannotReceiveMulticastResponse.get());
+
+ // Stop the discovery and start a new session. Don't respond the unicsat query either in
+ // this session.
+ enableMulticastResponse.set(false);
+ enableUnicastResponse.set(false);
+ mdnsClient.stopDiscovery();
+ mdnsClient.startDiscovery();
+
+ // Verify the states are reset.
+ assertFalse(mdnsClient.receivedMulticastResponse);
+ assertFalse(mdnsClient.receivedUnicastResponse);
+ assertFalse(mdnsClient.cannotReceiveMulticastResponse.get());
+
+ mdnsClient.sendUnicastPacket(packet);
+ mdnsClient.sendMulticastPacket(packet);
+ Thread.sleep(MdnsConfigs.checkMulticastResponseIntervalMs() * 2);
+
+ // Verify cannotReceiveMulticastResponse is not set the true because we didn't receive the
+ // unicast response either. This is expected for users who don't have any cast device.
+ assertFalse(mdnsClient.receivedMulticastResponse);
+ assertFalse(mdnsClient.receivedUnicastResponse);
+ assertFalse(mdnsClient.cannotReceiveMulticastResponse.get());
+ }
+}
\ No newline at end of file
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/MdnsSocketTests.java b/tests/unit/java/com/android/server/connectivity/mdns/MdnsSocketTests.java
new file mode 100644
index 0000000..9f11a4b
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/MdnsSocketTests.java
@@ -0,0 +1,172 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.net.DatagramPacket;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.MulticastSocket;
+import java.net.NetworkInterface;
+import java.net.SocketAddress;
+import java.net.SocketException;
+import java.net.UnknownHostException;
+import java.util.Collections;
+
+/** Tests for {@link MdnsSocket}. */
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class MdnsSocketTests {
+
+ @Mock private NetworkInterfaceWrapper mockNetworkInterfaceWrapper;
+ @Mock private MulticastSocket mockMulticastSocket;
+ @Mock private MulticastNetworkInterfaceProvider mockMulticastNetworkInterfaceProvider;
+ private SocketAddress socketIPv4Address;
+ private SocketAddress socketIPv6Address;
+
+ private byte[] data = new byte[25];
+ private final DatagramPacket datagramPacket = new DatagramPacket(data, data.length);
+ private NetworkInterface networkInterface;
+
+ private MdnsSocket mdnsSocket;
+
+ @Before
+ public void setUp() throws SocketException, UnknownHostException {
+ MockitoAnnotations.initMocks(this);
+
+ networkInterface = createEmptyNetworkInterface();
+ when(mockNetworkInterfaceWrapper.getNetworkInterface()).thenReturn(networkInterface);
+ when(mockMulticastNetworkInterfaceProvider.getMulticastNetworkInterfaces())
+ .thenReturn(Collections.singletonList(mockNetworkInterfaceWrapper));
+ socketIPv4Address = new InetSocketAddress(
+ InetAddress.getByName("224.0.0.251"), MdnsConstants.MDNS_PORT);
+ socketIPv6Address = new InetSocketAddress(
+ InetAddress.getByName("FF02::FB"), MdnsConstants.MDNS_PORT);
+ }
+
+ @Test
+ public void testMdnsSocket() throws IOException {
+ mdnsSocket =
+ new MdnsSocket(mockMulticastNetworkInterfaceProvider, MdnsConstants.MDNS_PORT) {
+ @Override
+ MulticastSocket createMulticastSocket(int port) throws IOException {
+ return mockMulticastSocket;
+ }
+ };
+ mdnsSocket.send(datagramPacket);
+ verify(mockMulticastSocket).setNetworkInterface(networkInterface);
+ verify(mockMulticastSocket).send(datagramPacket);
+
+ mdnsSocket.receive(datagramPacket);
+ verify(mockMulticastSocket).receive(datagramPacket);
+
+ mdnsSocket.joinGroup();
+ verify(mockMulticastSocket).joinGroup(socketIPv4Address, networkInterface);
+
+ mdnsSocket.leaveGroup();
+ verify(mockMulticastSocket).leaveGroup(socketIPv4Address, networkInterface);
+
+ mdnsSocket.close();
+ verify(mockMulticastSocket).close();
+ }
+
+ @Test
+ public void testIPv6OnlyNetwork_IPv6Enabled() throws IOException {
+ // Have mockMulticastNetworkInterfaceProvider send back an IPv6Only networkInterfaceWrapper
+ networkInterface = createEmptyNetworkInterface();
+ when(mockNetworkInterfaceWrapper.getNetworkInterface()).thenReturn(networkInterface);
+ when(mockMulticastNetworkInterfaceProvider.getMulticastNetworkInterfaces())
+ .thenReturn(Collections.singletonList(mockNetworkInterfaceWrapper));
+
+ mdnsSocket =
+ new MdnsSocket(mockMulticastNetworkInterfaceProvider, MdnsConstants.MDNS_PORT) {
+ @Override
+ MulticastSocket createMulticastSocket(int port) throws IOException {
+ return mockMulticastSocket;
+ }
+ };
+
+ when(mockMulticastNetworkInterfaceProvider.isOnIpV6OnlyNetwork(
+ Collections.singletonList(mockNetworkInterfaceWrapper)))
+ .thenReturn(true);
+
+ mdnsSocket.joinGroup();
+ verify(mockMulticastSocket).joinGroup(socketIPv6Address, networkInterface);
+
+ mdnsSocket.leaveGroup();
+ verify(mockMulticastSocket).leaveGroup(socketIPv6Address, networkInterface);
+
+ mdnsSocket.close();
+ verify(mockMulticastSocket).close();
+ }
+
+ @Test
+ public void testIPv6OnlyNetwork_IPv6Toggle() throws IOException {
+ // Have mockMulticastNetworkInterfaceProvider send back a networkInterfaceWrapper
+ networkInterface = createEmptyNetworkInterface();
+ when(mockNetworkInterfaceWrapper.getNetworkInterface()).thenReturn(networkInterface);
+ when(mockMulticastNetworkInterfaceProvider.getMulticastNetworkInterfaces())
+ .thenReturn(Collections.singletonList(mockNetworkInterfaceWrapper));
+
+ mdnsSocket =
+ new MdnsSocket(mockMulticastNetworkInterfaceProvider, MdnsConstants.MDNS_PORT) {
+ @Override
+ MulticastSocket createMulticastSocket(int port) throws IOException {
+ return mockMulticastSocket;
+ }
+ };
+
+ when(mockMulticastNetworkInterfaceProvider.isOnIpV6OnlyNetwork(
+ Collections.singletonList(mockNetworkInterfaceWrapper)))
+ .thenReturn(true);
+
+ mdnsSocket.joinGroup();
+ verify(mockMulticastSocket).joinGroup(socketIPv6Address, networkInterface);
+
+ mdnsSocket.leaveGroup();
+ verify(mockMulticastSocket).leaveGroup(socketIPv6Address, networkInterface);
+
+ mdnsSocket.close();
+ verify(mockMulticastSocket).close();
+ }
+
+ private NetworkInterface createEmptyNetworkInterface() {
+ try {
+ Constructor<NetworkInterface> constructor =
+ NetworkInterface.class.getDeclaredConstructor();
+ constructor.setAccessible(true);
+ return constructor.newInstance();
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+}
\ No newline at end of file
diff --git a/tests/unit/java/com/android/server/connectivity/mdns/MulticastNetworkInterfaceProviderTests.java b/tests/unit/java/com/android/server/connectivity/mdns/MulticastNetworkInterfaceProviderTests.java
new file mode 100644
index 0000000..2268dfe
--- /dev/null
+++ b/tests/unit/java/com/android/server/connectivity/mdns/MulticastNetworkInterfaceProviderTests.java
@@ -0,0 +1,275 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+package com.android.server.connectivity.mdns;
+
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.inOrder;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import android.annotation.NonNull;
+import android.content.Context;
+
+import androidx.test.InstrumentationRegistry;
+
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.InOrder;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.InetAddress;
+import java.net.InterfaceAddress;
+import java.net.SocketException;
+import java.net.UnknownHostException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+/** Tests for {@link MulticastNetworkInterfaceProvider}. */
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
+public class MulticastNetworkInterfaceProviderTests {
+
+ @Mock private NetworkInterfaceWrapper loopbackInterface;
+ @Mock private NetworkInterfaceWrapper pointToPointInterface;
+ @Mock private NetworkInterfaceWrapper virtualInterface;
+ @Mock private NetworkInterfaceWrapper inactiveMulticastInterface;
+ @Mock private NetworkInterfaceWrapper activeIpv6MulticastInterface;
+ @Mock private NetworkInterfaceWrapper activeIpv6MulticastInterfaceTwo;
+ @Mock private NetworkInterfaceWrapper nonMulticastInterface;
+ @Mock private NetworkInterfaceWrapper multicastInterfaceOne;
+ @Mock private NetworkInterfaceWrapper multicastInterfaceTwo;
+
+ private final List<NetworkInterfaceWrapper> networkInterfaces = new ArrayList<>();
+ private MulticastNetworkInterfaceProvider provider;
+ private Context context;
+
+ @Before
+ public void setUp() throws SocketException, UnknownHostException {
+ MockitoAnnotations.initMocks(this);
+ context = InstrumentationRegistry.getContext();
+
+ setupNetworkInterface(
+ loopbackInterface,
+ true /* isUp */,
+ true /* isLoopBack */,
+ false /* isPointToPoint */,
+ false /* isVirtual */,
+ true /* supportsMulticast */,
+ false /* isIpv6 */);
+
+ setupNetworkInterface(
+ pointToPointInterface,
+ true /* isUp */,
+ false /* isLoopBack */,
+ true /* isPointToPoint */,
+ false /* isVirtual */,
+ true /* supportsMulticast */,
+ false /* isIpv6 */);
+
+ setupNetworkInterface(
+ virtualInterface,
+ true /* isUp */,
+ false /* isLoopBack */,
+ false /* isPointToPoint */,
+ true /* isVirtual */,
+ true /* supportsMulticast */,
+ false /* isIpv6 */);
+
+ setupNetworkInterface(
+ inactiveMulticastInterface,
+ false /* isUp */,
+ false /* isLoopBack */,
+ false /* isPointToPoint */,
+ false /* isVirtual */,
+ true /* supportsMulticast */,
+ false /* isIpv6 */);
+
+ setupNetworkInterface(
+ nonMulticastInterface,
+ true /* isUp */,
+ false /* isLoopBack */,
+ false /* isPointToPoint */,
+ false /* isVirtual */,
+ false /* supportsMulticast */,
+ false /* isIpv6 */);
+
+ setupNetworkInterface(
+ activeIpv6MulticastInterface,
+ true /* isUp */,
+ false /* isLoopBack */,
+ false /* isPointToPoint */,
+ false /* isVirtual */,
+ true /* supportsMulticast */,
+ true /* isIpv6 */);
+
+ setupNetworkInterface(
+ activeIpv6MulticastInterfaceTwo,
+ true /* isUp */,
+ false /* isLoopBack */,
+ false /* isPointToPoint */,
+ false /* isVirtual */,
+ true /* supportsMulticast */,
+ true /* isIpv6 */);
+
+ setupNetworkInterface(
+ multicastInterfaceOne,
+ true /* isUp */,
+ false /* isLoopBack */,
+ false /* isPointToPoint */,
+ false /* isVirtual */,
+ true /* supportsMulticast */,
+ false /* isIpv6 */);
+
+ setupNetworkInterface(
+ multicastInterfaceTwo,
+ true /* isUp */,
+ false /* isLoopBack */,
+ false /* isPointToPoint */,
+ false /* isVirtual */,
+ true /* supportsMulticast */,
+ false /* isIpv6 */);
+
+ provider =
+ new MulticastNetworkInterfaceProvider(context) {
+ @Override
+ List<NetworkInterfaceWrapper> getNetworkInterfaces() {
+ return networkInterfaces;
+ }
+ };
+ }
+
+ @Test
+ public void testGetMulticastNetworkInterfaces() {
+ // getNetworkInterfaces returns 1 multicast interface and 5 interfaces that can not be used
+ // to send and receive multicast packets.
+ networkInterfaces.add(loopbackInterface);
+ networkInterfaces.add(pointToPointInterface);
+ networkInterfaces.add(virtualInterface);
+ networkInterfaces.add(inactiveMulticastInterface);
+ networkInterfaces.add(nonMulticastInterface);
+ networkInterfaces.add(multicastInterfaceOne);
+
+ assertEquals(Collections.singletonList(multicastInterfaceOne),
+ provider.getMulticastNetworkInterfaces());
+
+ // getNetworkInterfaces returns 2 multicast interfaces after a connectivity change.
+ networkInterfaces.clear();
+ networkInterfaces.add(multicastInterfaceOne);
+ networkInterfaces.add(multicastInterfaceTwo);
+
+ provider.connectivityMonitor.notifyConnectivityChange();
+
+ assertEquals(networkInterfaces, provider.getMulticastNetworkInterfaces());
+ }
+
+ @Test
+ public void testStartWatchingConnectivityChanges() {
+ ConnectivityMonitor mockMonitor = mock(ConnectivityMonitor.class);
+ provider.connectivityMonitor = mockMonitor;
+
+ InOrder inOrder = inOrder(mockMonitor);
+
+ provider.startWatchingConnectivityChanges();
+ inOrder.verify(mockMonitor).startWatchingConnectivityChanges();
+
+ provider.stopWatchingConnectivityChanges();
+ inOrder.verify(mockMonitor).stopWatchingConnectivityChanges();
+ }
+
+ @Test
+ public void testIpV6OnlyNetwork_EmptyNetwork() {
+ // getNetworkInterfaces returns no network interfaces.
+ assertFalse(provider.isOnIpV6OnlyNetwork(networkInterfaces));
+ }
+
+ @Test
+ public void testIpV6OnlyNetwork_IPv4Only() {
+ // getNetworkInterfaces returns two IPv4 network interface.
+ networkInterfaces.add(multicastInterfaceOne);
+ networkInterfaces.add(multicastInterfaceTwo);
+ assertFalse(provider.isOnIpV6OnlyNetwork(networkInterfaces));
+ }
+
+ @Test
+ public void testIpV6OnlyNetwork_MixedNetwork() {
+ // getNetworkInterfaces returns one IPv6 network interface.
+ networkInterfaces.add(activeIpv6MulticastInterface);
+ networkInterfaces.add(multicastInterfaceOne);
+ networkInterfaces.add(activeIpv6MulticastInterfaceTwo);
+ networkInterfaces.add(multicastInterfaceTwo);
+ assertFalse(provider.isOnIpV6OnlyNetwork(networkInterfaces));
+ }
+
+ @Test
+ public void testIpV6OnlyNetwork_IPv6Only() {
+ // getNetworkInterfaces returns one IPv6 network interface.
+ networkInterfaces.add(activeIpv6MulticastInterface);
+ networkInterfaces.add(activeIpv6MulticastInterfaceTwo);
+ assertTrue(provider.isOnIpV6OnlyNetwork(networkInterfaces));
+ }
+
+ @Test
+ public void testIpV6OnlyNetwork_IPv6Enabled() {
+ // getNetworkInterfaces returns one IPv6 network interface.
+ networkInterfaces.add(activeIpv6MulticastInterface);
+ assertTrue(provider.isOnIpV6OnlyNetwork(networkInterfaces));
+
+ final List<NetworkInterfaceWrapper> interfaces = provider.getMulticastNetworkInterfaces();
+ assertEquals(Collections.singletonList(activeIpv6MulticastInterface), interfaces);
+ }
+
+ private void setupNetworkInterface(
+ @NonNull NetworkInterfaceWrapper networkInterfaceWrapper,
+ boolean isUp,
+ boolean isLoopback,
+ boolean isPointToPoint,
+ boolean isVirtual,
+ boolean supportsMulticast,
+ boolean isIpv6)
+ throws SocketException, UnknownHostException {
+ when(networkInterfaceWrapper.isUp()).thenReturn(isUp);
+ when(networkInterfaceWrapper.isLoopback()).thenReturn(isLoopback);
+ when(networkInterfaceWrapper.isPointToPoint()).thenReturn(isPointToPoint);
+ when(networkInterfaceWrapper.isVirtual()).thenReturn(isVirtual);
+ when(networkInterfaceWrapper.supportsMulticast()).thenReturn(supportsMulticast);
+ if (isIpv6) {
+ InterfaceAddress interfaceAddress = mock(InterfaceAddress.class);
+ InetAddress ip6Address = Inet6Address.getByName("2001:4860:0:1001::68");
+ when(interfaceAddress.getAddress()).thenReturn(ip6Address);
+ when(networkInterfaceWrapper.getInterfaceAddresses())
+ .thenReturn(Collections.singletonList(interfaceAddress));
+ } else {
+ Inet4Address ip = (Inet4Address) Inet4Address.getByName("192.168.0.1");
+ InterfaceAddress interfaceAddress = mock(InterfaceAddress.class);
+ when(interfaceAddress.getAddress()).thenReturn(ip);
+ when(networkInterfaceWrapper.getInterfaceAddresses())
+ .thenReturn(Collections.singletonList(interfaceAddress));
+ }
+ }
+}
\ No newline at end of file
diff --git a/tests/unit/java/com/android/server/ethernet/EthernetNetworkFactoryTest.java b/tests/unit/java/com/android/server/ethernet/EthernetNetworkFactoryTest.java
index 70e6c39..aad80d5 100644
--- a/tests/unit/java/com/android/server/ethernet/EthernetNetworkFactoryTest.java
+++ b/tests/unit/java/com/android/server/ethernet/EthernetNetworkFactoryTest.java
@@ -16,13 +16,10 @@
package com.android.server.ethernet;
-import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
-
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotSame;
import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString;
@@ -40,9 +37,7 @@
import android.content.Context;
import android.content.res.Resources;
import android.net.ConnectivityManager;
-import android.net.EthernetNetworkManagementException;
import android.net.EthernetNetworkSpecifier;
-import android.net.INetworkInterfaceOutcomeReceiver;
import android.net.IpConfiguration;
import android.net.LinkAddress;
import android.net.LinkProperties;
@@ -55,16 +50,16 @@
import android.net.StaticIpConfiguration;
import android.net.ip.IpClientCallbacks;
import android.net.ip.IpClientManager;
+import android.os.Build;
import android.os.Handler;
-import android.os.IBinder;
import android.os.Looper;
import android.os.test.TestLooper;
import androidx.test.filters.SmallTest;
-import androidx.test.runner.AndroidJUnit4;
import com.android.net.module.util.InterfaceParams;
import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
import org.junit.After;
import org.junit.Before;
@@ -75,16 +70,13 @@
import org.mockito.MockitoAnnotations;
import java.util.Objects;
-import java.util.concurrent.CompletableFuture;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.TimeUnit;
-@RunWith(AndroidJUnit4.class)
@SmallTest
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class EthernetNetworkFactoryTest {
private static final int TIMEOUT_MS = 2_000;
private static final String TEST_IFACE = "test123";
- private static final INetworkInterfaceOutcomeReceiver NULL_LISTENER = null;
private static final String IP_ADDR = "192.0.2.2/25";
private static final LinkAddress LINK_ADDR = new LinkAddress(IP_ADDR);
private static final String HW_ADDR = "01:02:03:04:05:06";
@@ -241,7 +233,7 @@
final IpConfiguration ipConfig = createDefaultIpConfig();
mNetFactory.addInterface(iface, HW_ADDR, ipConfig,
createInterfaceCapsBuilder(transportType).build());
- assertTrue(mNetFactory.updateInterfaceLinkState(iface, true, NULL_LISTENER));
+ assertTrue(mNetFactory.updateInterfaceLinkState(iface, true));
ArgumentCaptor<NetworkOfferCallback> captor = ArgumentCaptor.forClass(
NetworkOfferCallback.class);
@@ -295,7 +287,7 @@
// then calling onNetworkUnwanted.
mNetFactory.addInterface(iface, HW_ADDR, createDefaultIpConfig(),
createInterfaceCapsBuilder(NetworkCapabilities.TRANSPORT_ETHERNET).build());
- assertTrue(mNetFactory.updateInterfaceLinkState(iface, true, NULL_LISTENER));
+ assertTrue(mNetFactory.updateInterfaceLinkState(iface, true));
clearInvocations(mIpClient);
clearInvocations(mNetworkAgent);
@@ -305,74 +297,63 @@
public void testUpdateInterfaceLinkStateForActiveProvisioningInterface() throws Exception {
initEthernetNetworkFactory();
createInterfaceUndergoingProvisioning(TEST_IFACE);
- final TestNetworkManagementListener listener = new TestNetworkManagementListener();
// verify that the IpClient gets shut down when interface state changes to down.
- final boolean ret =
- mNetFactory.updateInterfaceLinkState(TEST_IFACE, false /* up */, listener);
+ final boolean ret = mNetFactory.updateInterfaceLinkState(TEST_IFACE, false /* up */);
assertTrue(ret);
verify(mIpClient).shutdown();
- assertEquals(listener.expectOnResult(), TEST_IFACE);
}
@Test
public void testUpdateInterfaceLinkStateForProvisionedInterface() throws Exception {
initEthernetNetworkFactory();
createAndVerifyProvisionedInterface(TEST_IFACE);
- final TestNetworkManagementListener listener = new TestNetworkManagementListener();
- final boolean ret =
- mNetFactory.updateInterfaceLinkState(TEST_IFACE, false /* up */, listener);
+ final boolean retDown = mNetFactory.updateInterfaceLinkState(TEST_IFACE, false /* up */);
- assertTrue(ret);
+ assertTrue(retDown);
verifyStop();
- assertEquals(listener.expectOnResult(), TEST_IFACE);
+
+ final boolean retUp = mNetFactory.updateInterfaceLinkState(TEST_IFACE, true /* up */);
+
+ assertTrue(retUp);
}
@Test
public void testUpdateInterfaceLinkStateForUnprovisionedInterface() throws Exception {
initEthernetNetworkFactory();
createUnprovisionedInterface(TEST_IFACE);
- final TestNetworkManagementListener listener = new TestNetworkManagementListener();
- final boolean ret =
- mNetFactory.updateInterfaceLinkState(TEST_IFACE, false /* up */, listener);
+ final boolean ret = mNetFactory.updateInterfaceLinkState(TEST_IFACE, false /* up */);
assertTrue(ret);
// There should not be an active IPClient or NetworkAgent.
verify(mDeps, never()).makeIpClient(any(), any(), any());
verify(mDeps, never())
.makeEthernetNetworkAgent(any(), any(), any(), any(), any(), any(), any());
- assertEquals(listener.expectOnResult(), TEST_IFACE);
}
@Test
public void testUpdateInterfaceLinkStateForNonExistingInterface() throws Exception {
initEthernetNetworkFactory();
- final TestNetworkManagementListener listener = new TestNetworkManagementListener();
// if interface was never added, link state cannot be updated.
- final boolean ret =
- mNetFactory.updateInterfaceLinkState(TEST_IFACE, true /* up */, listener);
+ final boolean ret = mNetFactory.updateInterfaceLinkState(TEST_IFACE, true /* up */);
assertFalse(ret);
verifyNoStopOrStart();
- listener.expectOnError();
}
@Test
public void testUpdateInterfaceLinkStateWithNoChanges() throws Exception {
initEthernetNetworkFactory();
createAndVerifyProvisionedInterface(TEST_IFACE);
- final TestNetworkManagementListener listener = new TestNetworkManagementListener();
- final boolean ret =
- mNetFactory.updateInterfaceLinkState(TEST_IFACE, true /* up */, listener);
+ final boolean ret = mNetFactory.updateInterfaceLinkState(TEST_IFACE, true /* up */);
assertFalse(ret);
verifyNoStopOrStart();
- listener.expectOnError();
}
@Test
@@ -564,129 +545,16 @@
verify(mNetworkAgent).markConnected();
}
- private static final class TestNetworkManagementListener
- implements INetworkInterfaceOutcomeReceiver {
- private final CompletableFuture<String> mResult = new CompletableFuture<>();
-
- @Override
- public void onResult(@NonNull String iface) {
- mResult.complete(iface);
- }
-
- @Override
- public void onError(@NonNull EthernetNetworkManagementException exception) {
- mResult.completeExceptionally(exception);
- }
-
- String expectOnResult() throws Exception {
- return mResult.get(TIMEOUT_MS, TimeUnit.MILLISECONDS);
- }
-
- void expectOnError() throws Exception {
- assertThrows(EthernetNetworkManagementException.class, () -> {
- try {
- mResult.get();
- } catch (ExecutionException e) {
- throw e.getCause();
- }
- });
- }
-
- @Override
- public IBinder asBinder() {
- return null;
- }
- }
-
- @Test
- public void testUpdateInterfaceCallsListenerCorrectlyOnSuccess() throws Exception {
- initEthernetNetworkFactory();
- createAndVerifyProvisionedInterface(TEST_IFACE);
- final NetworkCapabilities capabilities = createDefaultFilterCaps();
- final IpConfiguration ipConfiguration = createStaticIpConfig();
- final TestNetworkManagementListener listener = new TestNetworkManagementListener();
-
- mNetFactory.updateInterface(TEST_IFACE, ipConfiguration, capabilities, listener);
- triggerOnProvisioningSuccess();
-
- assertEquals(listener.expectOnResult(), TEST_IFACE);
- }
-
- @DevSdkIgnoreRule.IgnoreUpTo(SC_V2) // TODO: Use to Build.VERSION_CODES.SC_V2 when available
- @Test
- public void testUpdateInterfaceAbortsOnConcurrentRemoveInterface() throws Exception {
- initEthernetNetworkFactory();
- verifyNetworkManagementCallIsAbortedWhenInterrupted(
- TEST_IFACE,
- () -> mNetFactory.removeInterface(TEST_IFACE));
- }
-
- @DevSdkIgnoreRule.IgnoreUpTo(SC_V2) // TODO: Use to Build.VERSION_CODES.SC_V2 when available
- @Test
- public void testUpdateInterfaceAbortsOnConcurrentUpdateInterfaceLinkState() throws Exception {
- initEthernetNetworkFactory();
- verifyNetworkManagementCallIsAbortedWhenInterrupted(
- TEST_IFACE,
- () -> mNetFactory.updateInterfaceLinkState(TEST_IFACE, false, NULL_LISTENER));
- }
-
- @DevSdkIgnoreRule.IgnoreUpTo(SC_V2) // TODO: Use to Build.VERSION_CODES.SC_V2 when available
- @Test
- public void testUpdateInterfaceAbortsOnNetworkUneededRemovesAllRequests() throws Exception {
- initEthernetNetworkFactory();
- verifyNetworkManagementCallIsAbortedWhenInterrupted(
- TEST_IFACE,
- () -> mNetworkOfferCallback.onNetworkUnneeded(mRequestToKeepNetworkUp));
- }
-
- @Test
- public void testUpdateInterfaceCallsListenerCorrectlyOnConcurrentRequests() throws Exception {
- initEthernetNetworkFactory();
- final NetworkCapabilities capabilities = createDefaultFilterCaps();
- final IpConfiguration ipConfiguration = createStaticIpConfig();
- final TestNetworkManagementListener successfulListener =
- new TestNetworkManagementListener();
-
- // If two calls come in before the first one completes, the first listener will be aborted
- // and the second one will be successful.
- verifyNetworkManagementCallIsAbortedWhenInterrupted(
- TEST_IFACE,
- () -> {
- mNetFactory.updateInterface(
- TEST_IFACE, ipConfiguration, capabilities, successfulListener);
- triggerOnProvisioningSuccess();
- });
-
- assertEquals(successfulListener.expectOnResult(), TEST_IFACE);
- }
-
- private void verifyNetworkManagementCallIsAbortedWhenInterrupted(
- @NonNull final String iface,
- @NonNull final Runnable interruptingRunnable) throws Exception {
- createAndVerifyProvisionedInterface(iface);
- final NetworkCapabilities capabilities = createDefaultFilterCaps();
- final IpConfiguration ipConfiguration = createStaticIpConfig();
- final TestNetworkManagementListener failedListener = new TestNetworkManagementListener();
-
- // An active update request will be aborted on interrupt prior to provisioning completion.
- mNetFactory.updateInterface(iface, ipConfiguration, capabilities, failedListener);
- interruptingRunnable.run();
-
- failedListener.expectOnError();
- }
-
@Test
public void testUpdateInterfaceRestartsAgentCorrectly() throws Exception {
initEthernetNetworkFactory();
createAndVerifyProvisionedInterface(TEST_IFACE);
final NetworkCapabilities capabilities = createDefaultFilterCaps();
final IpConfiguration ipConfiguration = createStaticIpConfig();
- final TestNetworkManagementListener listener = new TestNetworkManagementListener();
- mNetFactory.updateInterface(TEST_IFACE, ipConfiguration, capabilities, listener);
+ mNetFactory.updateInterface(TEST_IFACE, ipConfiguration, capabilities);
triggerOnProvisioningSuccess();
- assertEquals(listener.expectOnResult(), TEST_IFACE);
verify(mDeps).makeEthernetNetworkAgent(any(), any(),
eq(capabilities), any(), any(), any(), any());
verifyRestart(ipConfiguration);
@@ -698,12 +566,10 @@
// No interface exists due to not calling createAndVerifyProvisionedInterface(...).
final NetworkCapabilities capabilities = createDefaultFilterCaps();
final IpConfiguration ipConfiguration = createStaticIpConfig();
- final TestNetworkManagementListener listener = new TestNetworkManagementListener();
- mNetFactory.updateInterface(TEST_IFACE, ipConfiguration, capabilities, listener);
+ mNetFactory.updateInterface(TEST_IFACE, ipConfiguration, capabilities);
verifyNoStopOrStart();
- listener.expectOnError();
}
@Test
@@ -712,8 +578,8 @@
createAndVerifyProvisionedInterface(TEST_IFACE);
final IpConfiguration initialIpConfig = createStaticIpConfig();
- mNetFactory.updateInterface(TEST_IFACE, initialIpConfig, null /*capabilities*/,
- null /*listener*/);
+ mNetFactory.updateInterface(TEST_IFACE, initialIpConfig, null /*capabilities*/);
+
triggerOnProvisioningSuccess();
verifyRestart(initialIpConfig);
@@ -724,9 +590,20 @@
// verify that sending a null ipConfig does not update the current ipConfig.
- mNetFactory.updateInterface(TEST_IFACE, null /*ipConfig*/, null /*capabilities*/,
- null /*listener*/);
+ mNetFactory.updateInterface(TEST_IFACE, null /*ipConfig*/, null /*capabilities*/);
triggerOnProvisioningSuccess();
verifyRestart(initialIpConfig);
}
+
+ @Test
+ public void testOnNetworkNeededOnStaleNetworkOffer() throws Exception {
+ initEthernetNetworkFactory();
+ createAndVerifyProvisionedInterface(TEST_IFACE);
+ mNetFactory.updateInterfaceLinkState(TEST_IFACE, false);
+ verify(mNetworkProvider).unregisterNetworkOffer(mNetworkOfferCallback);
+ // It is possible that even after a network offer is unregistered, CS still sends it
+ // onNetworkNeeded() callbacks.
+ mNetworkOfferCallback.onNetworkNeeded(createDefaultRequest());
+ verify(mIpClient, never()).startProvisioning(any());
+ }
}
diff --git a/tests/unit/java/com/android/server/ethernet/EthernetServiceImplTest.java b/tests/unit/java/com/android/server/ethernet/EthernetServiceImplTest.java
index dd1f1ed..9bf893a 100644
--- a/tests/unit/java/com/android/server/ethernet/EthernetServiceImplTest.java
+++ b/tests/unit/java/com/android/server/ethernet/EthernetServiceImplTest.java
@@ -16,16 +16,18 @@
package com.android.server.ethernet;
+import static android.net.NetworkCapabilities.TRANSPORT_ETHERNET;
import static android.net.NetworkCapabilities.TRANSPORT_TEST;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.fail;
-
+import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.ArgumentMatchers.isNull;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.reset;
import static org.mockito.Mockito.verify;
@@ -35,29 +37,37 @@
import android.annotation.NonNull;
import android.content.Context;
import android.content.pm.PackageManager;
-import android.net.INetworkInterfaceOutcomeReceiver;
+import android.net.EthernetNetworkSpecifier;
import android.net.EthernetNetworkUpdateRequest;
+import android.net.INetworkInterfaceOutcomeReceiver;
import android.net.IpConfiguration;
import android.net.NetworkCapabilities;
+import android.net.StringNetworkSpecifier;
+import android.os.Build;
import android.os.Handler;
import androidx.test.filters.SmallTest;
-import androidx.test.runner.AndroidJUnit4;
+
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.mockito.Mock;
-import org.mockito.MockitoAnnotations;
-@RunWith(AndroidJUnit4.class)
@SmallTest
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class EthernetServiceImplTest {
private static final String TEST_IFACE = "test123";
+ private static final NetworkCapabilities DEFAULT_CAPS = new NetworkCapabilities.Builder()
+ .addTransportType(TRANSPORT_ETHERNET)
+ .setNetworkSpecifier(new EthernetNetworkSpecifier(TEST_IFACE))
+ .build();
private static final EthernetNetworkUpdateRequest UPDATE_REQUEST =
new EthernetNetworkUpdateRequest.Builder()
.setIpConfiguration(new IpConfiguration())
- .setNetworkCapabilities(new NetworkCapabilities.Builder().build())
+ .setNetworkCapabilities(DEFAULT_CAPS)
.build();
private static final EthernetNetworkUpdateRequest UPDATE_REQUEST_WITHOUT_CAPABILITIES =
new EthernetNetworkUpdateRequest.Builder()
@@ -65,18 +75,21 @@
.build();
private static final EthernetNetworkUpdateRequest UPDATE_REQUEST_WITHOUT_IP_CONFIG =
new EthernetNetworkUpdateRequest.Builder()
- .setNetworkCapabilities(new NetworkCapabilities.Builder().build())
+ .setNetworkCapabilities(DEFAULT_CAPS)
.build();
private static final INetworkInterfaceOutcomeReceiver NULL_LISTENER = null;
private EthernetServiceImpl mEthernetServiceImpl;
- @Mock private Context mContext;
- @Mock private Handler mHandler;
- @Mock private EthernetTracker mEthernetTracker;
- @Mock private PackageManager mPackageManager;
+ private Context mContext;
+ private Handler mHandler;
+ private EthernetTracker mEthernetTracker;
+ private PackageManager mPackageManager;
@Before
public void setup() {
- MockitoAnnotations.initMocks(this);
+ mContext = mock(Context.class);
+ mHandler = mock(Handler.class);
+ mEthernetTracker = mock(EthernetTracker.class);
+ mPackageManager = mock(PackageManager.class);
doReturn(mPackageManager).when(mContext).getPackageManager();
mEthernetServiceImpl = new EthernetServiceImpl(mContext, mHandler, mEthernetTracker);
mEthernetServiceImpl.mStarted.set(true);
@@ -111,18 +124,18 @@
}
@Test
- public void testConnectNetworkRejectsWhenEthNotStarted() {
+ public void testEnableInterfaceRejectsWhenEthNotStarted() {
mEthernetServiceImpl.mStarted.set(false);
assertThrows(IllegalStateException.class, () -> {
- mEthernetServiceImpl.connectNetwork("" /* iface */, null /* listener */);
+ mEthernetServiceImpl.enableInterface("" /* iface */, null /* listener */);
});
}
@Test
- public void testDisconnectNetworkRejectsWhenEthNotStarted() {
+ public void testDisableInterfaceRejectsWhenEthNotStarted() {
mEthernetServiceImpl.mStarted.set(false);
assertThrows(IllegalStateException.class, () -> {
- mEthernetServiceImpl.disconnectNetwork("" /* iface */, null /* listener */);
+ mEthernetServiceImpl.disableInterface("" /* iface */, null /* listener */);
});
}
@@ -134,16 +147,16 @@
}
@Test
- public void testConnectNetworkRejectsNullIface() {
+ public void testEnableInterfaceRejectsNullIface() {
assertThrows(NullPointerException.class, () -> {
- mEthernetServiceImpl.connectNetwork(null /* iface */, NULL_LISTENER);
+ mEthernetServiceImpl.enableInterface(null /* iface */, NULL_LISTENER);
});
}
@Test
- public void testDisconnectNetworkRejectsNullIface() {
+ public void testDisableInterfaceRejectsNullIface() {
assertThrows(NullPointerException.class, () -> {
- mEthernetServiceImpl.disconnectNetwork(null /* iface */, NULL_LISTENER);
+ mEthernetServiceImpl.disableInterface(null /* iface */, NULL_LISTENER);
});
}
@@ -156,29 +169,49 @@
}
@Test
+ public void testUpdateConfigurationRejectsWithInvalidSpecifierType() {
+ final StringNetworkSpecifier invalidSpecifierType = new StringNetworkSpecifier("123");
+ final EthernetNetworkUpdateRequest request =
+ new EthernetNetworkUpdateRequest.Builder()
+ .setNetworkCapabilities(
+ new NetworkCapabilities.Builder()
+ .addTransportType(TRANSPORT_ETHERNET)
+ .setNetworkSpecifier(invalidSpecifierType)
+ .build()
+ ).build();
+ assertThrows(IllegalArgumentException.class, () -> {
+ mEthernetServiceImpl.updateConfiguration(
+ "" /* iface */, request, null /* listener */);
+ });
+ }
+
+ @Test
+ public void testUpdateConfigurationRejectsWithInvalidSpecifierName() {
+ final String ifaceToUpdate = "eth0";
+ final String ifaceOnSpecifier = "wlan0";
+ EthernetNetworkUpdateRequest request =
+ new EthernetNetworkUpdateRequest.Builder()
+ .setNetworkCapabilities(
+ new NetworkCapabilities.Builder()
+ .addTransportType(TRANSPORT_ETHERNET)
+ .setNetworkSpecifier(
+ new EthernetNetworkSpecifier(ifaceOnSpecifier))
+ .build()
+ ).build();
+ assertThrows(IllegalArgumentException.class, () -> {
+ mEthernetServiceImpl.updateConfiguration(ifaceToUpdate, request, null /* listener */);
+ });
+ }
+
+ @Test
public void testUpdateConfigurationWithCapabilitiesWithAutomotiveFeature() {
toggleAutomotiveFeature(false);
mEthernetServiceImpl.updateConfiguration(TEST_IFACE, UPDATE_REQUEST_WITHOUT_CAPABILITIES,
NULL_LISTENER);
verify(mEthernetTracker).updateConfiguration(eq(TEST_IFACE),
eq(UPDATE_REQUEST_WITHOUT_CAPABILITIES.getIpConfiguration()),
- eq(UPDATE_REQUEST_WITHOUT_CAPABILITIES.getNetworkCapabilities()), isNull());
- }
-
- @Test
- public void testConnectNetworkRejectsWithoutAutomotiveFeature() {
- toggleAutomotiveFeature(false);
- assertThrows(UnsupportedOperationException.class, () -> {
- mEthernetServiceImpl.connectNetwork("" /* iface */, NULL_LISTENER);
- });
- }
-
- @Test
- public void testDisconnectNetworkRejectsWithoutAutomotiveFeature() {
- toggleAutomotiveFeature(false);
- assertThrows(UnsupportedOperationException.class, () -> {
- mEthernetServiceImpl.disconnectNetwork("" /* iface */, NULL_LISTENER);
- });
+ eq(UPDATE_REQUEST_WITHOUT_CAPABILITIES.getNetworkCapabilities()),
+ any(EthernetCallback.class));
}
private void denyManageEthPermission() {
@@ -202,18 +235,18 @@
}
@Test
- public void testConnectNetworkRejectsWithoutManageEthPermission() {
+ public void testEnableInterfaceRejectsWithoutManageEthPermission() {
denyManageEthPermission();
assertThrows(SecurityException.class, () -> {
- mEthernetServiceImpl.connectNetwork(TEST_IFACE, NULL_LISTENER);
+ mEthernetServiceImpl.enableInterface(TEST_IFACE, NULL_LISTENER);
});
}
@Test
- public void testDisconnectNetworkRejectsWithoutManageEthPermission() {
+ public void testDisableInterfaceRejectsWithoutManageEthPermission() {
denyManageEthPermission();
assertThrows(SecurityException.class, () -> {
- mEthernetServiceImpl.disconnectNetwork(TEST_IFACE, NULL_LISTENER);
+ mEthernetServiceImpl.disableInterface(TEST_IFACE, NULL_LISTENER);
});
}
@@ -231,20 +264,20 @@
}
@Test
- public void testConnectNetworkRejectsTestRequestWithoutTestPermission() {
+ public void testEnableInterfaceRejectsTestRequestWithoutTestPermission() {
enableTestInterface();
denyManageTestNetworksPermission();
assertThrows(SecurityException.class, () -> {
- mEthernetServiceImpl.connectNetwork(TEST_IFACE, NULL_LISTENER);
+ mEthernetServiceImpl.enableInterface(TEST_IFACE, NULL_LISTENER);
});
}
@Test
- public void testDisconnectNetworkRejectsTestRequestWithoutTestPermission() {
+ public void testDisableInterfaceRejectsTestRequestWithoutTestPermission() {
enableTestInterface();
denyManageTestNetworksPermission();
assertThrows(SecurityException.class, () -> {
- mEthernetServiceImpl.disconnectNetwork(TEST_IFACE, NULL_LISTENER);
+ mEthernetServiceImpl.disableInterface(TEST_IFACE, NULL_LISTENER);
});
}
@@ -254,19 +287,39 @@
verify(mEthernetTracker).updateConfiguration(
eq(TEST_IFACE),
eq(UPDATE_REQUEST.getIpConfiguration()),
- eq(UPDATE_REQUEST.getNetworkCapabilities()), eq(NULL_LISTENER));
+ eq(UPDATE_REQUEST.getNetworkCapabilities()),
+ any(EthernetCallback.class));
}
@Test
- public void testConnectNetwork() {
- mEthernetServiceImpl.connectNetwork(TEST_IFACE, NULL_LISTENER);
- verify(mEthernetTracker).connectNetwork(eq(TEST_IFACE), eq(NULL_LISTENER));
+ public void testUpdateConfigurationAddsSpecifierWhenNotSet() {
+ final NetworkCapabilities nc = new NetworkCapabilities.Builder()
+ .addTransportType(TRANSPORT_ETHERNET).build();
+ final EthernetNetworkUpdateRequest requestSansSpecifier =
+ new EthernetNetworkUpdateRequest.Builder()
+ .setNetworkCapabilities(nc)
+ .build();
+ final NetworkCapabilities ncWithSpecifier = new NetworkCapabilities(nc)
+ .setNetworkSpecifier(new EthernetNetworkSpecifier(TEST_IFACE));
+
+ mEthernetServiceImpl.updateConfiguration(TEST_IFACE, requestSansSpecifier, NULL_LISTENER);
+ verify(mEthernetTracker).updateConfiguration(
+ eq(TEST_IFACE),
+ isNull(),
+ eq(ncWithSpecifier), any(EthernetCallback.class));
}
@Test
- public void testDisconnectNetwork() {
- mEthernetServiceImpl.disconnectNetwork(TEST_IFACE, NULL_LISTENER);
- verify(mEthernetTracker).disconnectNetwork(eq(TEST_IFACE), eq(NULL_LISTENER));
+ public void testEnableInterface() {
+ mEthernetServiceImpl.enableInterface(TEST_IFACE, NULL_LISTENER);
+ verify(mEthernetTracker).enableInterface(eq(TEST_IFACE),
+ any(EthernetCallback.class));
+ }
+
+ @Test
+ public void testDisableInterface() {
+ mEthernetServiceImpl.disableInterface(TEST_IFACE, NULL_LISTENER);
+ verify(mEthernetTracker).disableInterface(eq(TEST_IFACE), any(EthernetCallback.class));
}
@Test
@@ -279,7 +332,7 @@
mEthernetServiceImpl.updateConfiguration(TEST_IFACE, request, NULL_LISTENER);
verify(mEthernetTracker).updateConfiguration(eq(TEST_IFACE),
eq(request.getIpConfiguration()),
- eq(request.getNetworkCapabilities()), isNull());
+ eq(request.getNetworkCapabilities()), any(EthernetCallback.class));
}
@Test
@@ -288,7 +341,8 @@
NULL_LISTENER);
verify(mEthernetTracker).updateConfiguration(eq(TEST_IFACE),
eq(UPDATE_REQUEST_WITHOUT_IP_CONFIG.getIpConfiguration()),
- eq(UPDATE_REQUEST_WITHOUT_IP_CONFIG.getNetworkCapabilities()), isNull());
+ eq(UPDATE_REQUEST_WITHOUT_IP_CONFIG.getNetworkCapabilities()),
+ any(EthernetCallback.class));
}
@Test
@@ -320,27 +374,29 @@
verify(mEthernetTracker).updateConfiguration(
eq(TEST_IFACE),
eq(request.getIpConfiguration()),
- eq(request.getNetworkCapabilities()), eq(NULL_LISTENER));
+ eq(request.getNetworkCapabilities()), any(EthernetCallback.class));
}
@Test
- public void testConnectNetworkForTestRequestDoesNotRequireAutoOrNetPermission() {
+ public void testEnableInterfaceForTestRequestDoesNotRequireNetPermission() {
enableTestInterface();
toggleAutomotiveFeature(false);
denyManageEthPermission();
- mEthernetServiceImpl.connectNetwork(TEST_IFACE, NULL_LISTENER);
- verify(mEthernetTracker).connectNetwork(eq(TEST_IFACE), eq(NULL_LISTENER));
+ mEthernetServiceImpl.enableInterface(TEST_IFACE, NULL_LISTENER);
+ verify(mEthernetTracker).enableInterface(eq(TEST_IFACE),
+ any(EthernetCallback.class));
}
@Test
- public void testDisconnectNetworkForTestRequestDoesNotRequireAutoOrNetPermission() {
+ public void testDisableInterfaceForTestRequestDoesNotRequireAutoOrNetPermission() {
enableTestInterface();
toggleAutomotiveFeature(false);
denyManageEthPermission();
- mEthernetServiceImpl.disconnectNetwork(TEST_IFACE, NULL_LISTENER);
- verify(mEthernetTracker).disconnectNetwork(eq(TEST_IFACE), eq(NULL_LISTENER));
+ mEthernetServiceImpl.disableInterface(TEST_IFACE, NULL_LISTENER);
+ verify(mEthernetTracker).disableInterface(eq(TEST_IFACE),
+ any(EthernetCallback.class));
}
private void denyPermissions(String... permissions) {
diff --git a/tests/unit/java/com/android/server/ethernet/EthernetTrackerTest.java b/tests/unit/java/com/android/server/ethernet/EthernetTrackerTest.java
index 93789ca..5e7f0ff 100644
--- a/tests/unit/java/com/android/server/ethernet/EthernetTrackerTest.java
+++ b/tests/unit/java/com/android/server/ethernet/EthernetTrackerTest.java
@@ -23,60 +23,49 @@
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
-import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyBoolean;
-import static org.mockito.ArgumentMatchers.anyInt;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.ArgumentMatchers.eq;
-import static org.mockito.Mockito.doAnswer;
import static org.mockito.Mockito.doReturn;
-import static org.mockito.Mockito.never;
-import static org.mockito.Mockito.reset;
-import static org.mockito.Mockito.spy;
-import static org.mockito.Mockito.timeout;
import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
import android.content.Context;
-import android.net.EthernetManager;
-import android.net.IEthernetServiceListener;
import android.net.INetd;
-import android.net.INetworkInterfaceOutcomeReceiver;
import android.net.InetAddresses;
-import android.net.InterfaceConfigurationParcel;
import android.net.IpConfiguration;
import android.net.IpConfiguration.IpAssignment;
import android.net.IpConfiguration.ProxySettings;
import android.net.LinkAddress;
import android.net.NetworkCapabilities;
import android.net.StaticIpConfiguration;
+import android.os.Build;
import android.os.HandlerThread;
import android.os.RemoteException;
import androidx.test.filters.SmallTest;
-import androidx.test.runner.AndroidJUnit4;
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
import com.android.testutils.HandlerUtils;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
-import org.mockito.ArgumentCaptor;
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
import java.net.InetAddress;
import java.util.ArrayList;
-import java.util.concurrent.atomic.AtomicBoolean;
@SmallTest
-@RunWith(AndroidJUnit4.class)
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class EthernetTrackerTest {
private static final String TEST_IFACE = "test123";
private static final int TIMEOUT_MS = 1_000;
private static final String THREAD_NAME = "EthernetServiceThread";
- private static final INetworkInterfaceOutcomeReceiver NULL_LISTENER = null;
+ private static final EthernetCallback NULL_CB = new EthernetCallback(null);
private EthernetTracker tracker;
private HandlerThread mHandlerThread;
@Mock private Context mContext;
@@ -88,8 +77,8 @@
public void setUp() throws RemoteException {
MockitoAnnotations.initMocks(this);
initMockResources();
- when(mFactory.updateInterfaceLinkState(anyString(), anyBoolean(), any())).thenReturn(false);
- when(mNetd.interfaceGetList()).thenReturn(new String[0]);
+ doReturn(false).when(mFactory).updateInterfaceLinkState(anyString(), anyBoolean());
+ doReturn(new String[0]).when(mNetd).interfaceGetList();
mHandlerThread = new HandlerThread(THREAD_NAME);
mHandlerThread.start();
tracker = new EthernetTracker(mContext, mHandlerThread.getThreadHandler(), mFactory, mNetd,
@@ -102,8 +91,8 @@
}
private void initMockResources() {
- when(mDeps.getInterfaceRegexFromResource(eq(mContext))).thenReturn("");
- when(mDeps.getInterfaceConfigFromResource(eq(mContext))).thenReturn(new String[0]);
+ doReturn("").when(mDeps).getInterfaceRegexFromResource(eq(mContext));
+ doReturn(new String[0]).when(mDeps).getInterfaceConfigFromResource(eq(mContext));
}
private void waitForIdle() {
@@ -344,31 +333,13 @@
new StaticIpConfiguration.Builder().setIpAddress(linkAddr).build();
final IpConfiguration ipConfig =
new IpConfiguration.Builder().setStaticIpConfiguration(staticIpConfig).build();
- final INetworkInterfaceOutcomeReceiver listener = null;
+ final EthernetCallback listener = new EthernetCallback(null);
tracker.updateConfiguration(TEST_IFACE, ipConfig, capabilities, listener);
waitForIdle();
verify(mFactory).updateInterface(
- eq(TEST_IFACE), eq(ipConfig), eq(capabilities), eq(listener));
- }
-
- @Test
- public void testConnectNetworkCorrectlyCallsFactory() {
- tracker.connectNetwork(TEST_IFACE, NULL_LISTENER);
- waitForIdle();
-
- verify(mFactory).updateInterfaceLinkState(eq(TEST_IFACE), eq(true /* up */),
- eq(NULL_LISTENER));
- }
-
- @Test
- public void testDisconnectNetworkCorrectlyCallsFactory() {
- tracker.disconnectNetwork(TEST_IFACE, NULL_LISTENER);
- waitForIdle();
-
- verify(mFactory).updateInterfaceLinkState(eq(TEST_IFACE), eq(false /* up */),
- eq(NULL_LISTENER));
+ eq(TEST_IFACE), eq(ipConfig), eq(capabilities));
}
@Test
@@ -403,113 +374,4 @@
assertTrue(isValidTestInterface);
}
-
- public static class EthernetStateListener extends IEthernetServiceListener.Stub {
- @Override
- public void onEthernetStateChanged(int state) { }
-
- @Override
- public void onInterfaceStateChanged(String iface, int state, int role,
- IpConfiguration configuration) { }
- }
-
- private InterfaceConfigurationParcel createMockedIfaceParcel(final String ifname,
- final String hwAddr) {
- final InterfaceConfigurationParcel ifaceParcel = new InterfaceConfigurationParcel();
- ifaceParcel.ifName = ifname;
- ifaceParcel.hwAddr = hwAddr;
- ifaceParcel.flags = new String[] {INetd.IF_STATE_UP};
- return ifaceParcel;
- }
-
- @Test
- public void testListenEthernetStateChange() throws Exception {
- tracker.setIncludeTestInterfaces(true);
- waitForIdle();
-
- final String testIface = "testtap123";
- final String testHwAddr = "11:22:33:44:55:66";
- final InterfaceConfigurationParcel ifaceParcel = createMockedIfaceParcel(testIface,
- testHwAddr);
- when(mNetd.interfaceGetList()).thenReturn(new String[] {testIface});
- when(mNetd.interfaceGetCfg(eq(testIface))).thenReturn(ifaceParcel);
- doReturn(new String[] {testIface}).when(mFactory).getAvailableInterfaces(anyBoolean());
-
- final AtomicBoolean ifaceUp = new AtomicBoolean(true);
- doAnswer(inv -> ifaceUp.get()).when(mFactory).hasInterface(testIface);
- doAnswer(inv ->
- ifaceUp.get() ? EthernetManager.STATE_LINK_UP : EthernetManager.STATE_ABSENT)
- .when(mFactory).getInterfaceState(testIface);
- doAnswer(inv -> {
- ifaceUp.set(true);
- return null;
- }).when(mFactory).addInterface(eq(testIface), eq(testHwAddr), any(), any());
- doAnswer(inv -> {
- ifaceUp.set(false);
- return null;
- }).when(mFactory).removeInterface(testIface);
-
- final EthernetStateListener listener = spy(new EthernetStateListener());
- tracker.addListener(listener, true /* canUseRestrictedNetworks */);
- // Check default state.
- waitForIdle();
- verify(listener).onInterfaceStateChanged(eq(testIface), eq(EthernetManager.STATE_LINK_UP),
- anyInt(), any());
- verify(listener).onEthernetStateChanged(eq(EthernetManager.ETHERNET_STATE_ENABLED));
- reset(listener);
-
- tracker.setEthernetEnabled(false);
- waitForIdle();
- verify(mFactory).removeInterface(eq(testIface));
- verify(listener).onEthernetStateChanged(eq(EthernetManager.ETHERNET_STATE_DISABLED));
- verify(listener).onInterfaceStateChanged(eq(testIface), eq(EthernetManager.STATE_ABSENT),
- anyInt(), any());
- reset(listener);
-
- tracker.setEthernetEnabled(true);
- waitForIdle();
- verify(mFactory).addInterface(eq(testIface), eq(testHwAddr), any(), any());
- verify(listener).onEthernetStateChanged(eq(EthernetManager.ETHERNET_STATE_ENABLED));
- verify(listener).onInterfaceStateChanged(eq(testIface), eq(EthernetManager.STATE_LINK_UP),
- anyInt(), any());
- }
-
- @Test
- public void testListenEthernetStateChange_unsolicitedEventListener() throws Exception {
- when(mNetd.interfaceGetList()).thenReturn(new String[] {});
- doReturn(new String[] {}).when(mFactory).getAvailableInterfaces(anyBoolean());
-
- tracker.setIncludeTestInterfaces(true);
- tracker.start();
-
- final ArgumentCaptor<EthernetTracker.InterfaceObserver> captor =
- ArgumentCaptor.forClass(EthernetTracker.InterfaceObserver.class);
- verify(mNetd, timeout(TIMEOUT_MS)).registerUnsolicitedEventListener(captor.capture());
- final EthernetTracker.InterfaceObserver observer = captor.getValue();
-
- tracker.setEthernetEnabled(false);
- waitForIdle();
- reset(mFactory);
- reset(mNetd);
-
- final String testIface = "testtap1";
- observer.onInterfaceAdded(testIface);
- verify(mFactory, never()).addInterface(eq(testIface), anyString(), any(), any());
- observer.onInterfaceRemoved(testIface);
- verify(mFactory, never()).removeInterface(eq(testIface));
-
- final String testHwAddr = "11:22:33:44:55:66";
- final InterfaceConfigurationParcel testIfaceParce =
- createMockedIfaceParcel(testIface, testHwAddr);
- when(mNetd.interfaceGetList()).thenReturn(new String[] {testIface});
- when(mNetd.interfaceGetCfg(eq(testIface))).thenReturn(testIfaceParce);
- doReturn(new String[] {testIface}).when(mFactory).getAvailableInterfaces(anyBoolean());
- tracker.setEthernetEnabled(true);
- waitForIdle();
- reset(mFactory);
-
- final String testIface2 = "testtap2";
- observer.onInterfaceRemoved(testIface2);
- verify(mFactory, timeout(TIMEOUT_MS)).removeInterface(eq(testIface2));
- }
}
diff --git a/tests/unit/java/com/android/server/net/BpfInterfaceMapUpdaterTest.java b/tests/unit/java/com/android/server/net/BpfInterfaceMapUpdaterTest.java
index 987b7b7..c730856 100644
--- a/tests/unit/java/com/android/server/net/BpfInterfaceMapUpdaterTest.java
+++ b/tests/unit/java/com/android/server/net/BpfInterfaceMapUpdaterTest.java
@@ -16,7 +16,14 @@
package com.android.server.net;
+import static android.system.OsConstants.EPERM;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
import static org.mockito.Matchers.eq;
+import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyNoMoreInteractions;
import static org.mockito.Mockito.when;
@@ -24,16 +31,21 @@
import android.content.Context;
import android.net.INetd;
import android.net.MacAddress;
+import android.os.Build;
import android.os.Handler;
import android.os.test.TestLooper;
+import android.system.ErrnoException;
+import android.util.IndentingPrintWriter;
import androidx.test.filters.SmallTest;
-import androidx.test.runner.AndroidJUnit4;
import com.android.net.module.util.BaseNetdUnsolicitedEventListener;
import com.android.net.module.util.IBpfMap;
import com.android.net.module.util.InterfaceParams;
-import com.android.net.module.util.Struct.U32;
+import com.android.net.module.util.Struct.S32;
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+import com.android.testutils.TestBpfMap;
import org.junit.Before;
import org.junit.Test;
@@ -42,8 +54,12 @@
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
-@RunWith(AndroidJUnit4.class)
+import java.io.PrintWriter;
+import java.io.StringWriter;
+
@SmallTest
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public final class BpfInterfaceMapUpdaterTest {
private static final int TEST_INDEX = 1;
private static final int TEST_INDEX2 = 2;
@@ -53,13 +69,14 @@
private final TestLooper mLooper = new TestLooper();
private BaseNetdUnsolicitedEventListener mListener;
private BpfInterfaceMapUpdater mUpdater;
- @Mock private IBpfMap<U32, InterfaceMapValue> mBpfMap;
+ private IBpfMap<S32, InterfaceMapValue> mBpfMap =
+ spy(new TestBpfMap<>(S32.class, InterfaceMapValue.class));
@Mock private INetd mNetd;
@Mock private Context mContext;
private class TestDependencies extends BpfInterfaceMapUpdater.Dependencies {
@Override
- public IBpfMap<U32, InterfaceMapValue> getInterfaceMap() {
+ public IBpfMap<S32, InterfaceMapValue> getInterfaceMap() {
return mBpfMap;
}
@@ -97,7 +114,7 @@
ArgumentCaptor.forClass(BaseNetdUnsolicitedEventListener.class);
verify(mNetd).registerUnsolicitedEventListener(listenerCaptor.capture());
mListener = listenerCaptor.getValue();
- verify(mBpfMap).updateEntry(eq(new U32(TEST_INDEX)),
+ verify(mBpfMap).updateEntry(eq(new S32(TEST_INDEX)),
eq(new InterfaceMapValue(TEST_INTERFACE_NAME)));
}
@@ -107,7 +124,7 @@
mListener.onInterfaceAdded(TEST_INTERFACE_NAME2);
mLooper.dispatchAll();
- verify(mBpfMap).updateEntry(eq(new U32(TEST_INDEX2)),
+ verify(mBpfMap).updateEntry(eq(new S32(TEST_INDEX2)),
eq(new InterfaceMapValue(TEST_INTERFACE_NAME2)));
// Check that when onInterfaceRemoved is called, nothing happens.
@@ -115,4 +132,43 @@
mLooper.dispatchAll();
verifyNoMoreInteractions(mBpfMap);
}
+
+ @Test
+ public void testGetIfNameByIndex() throws Exception {
+ mBpfMap.updateEntry(new S32(TEST_INDEX), new InterfaceMapValue(TEST_INTERFACE_NAME));
+ assertEquals(TEST_INTERFACE_NAME, mUpdater.getIfNameByIndex(TEST_INDEX));
+ }
+
+ @Test
+ public void testGetIfNameByIndexNoEntry() {
+ assertNull(mUpdater.getIfNameByIndex(TEST_INDEX));
+ }
+
+ @Test
+ public void testGetIfNameByIndexException() throws Exception {
+ doThrow(new ErrnoException("", EPERM)).when(mBpfMap).getValue(new S32(TEST_INDEX));
+ assertNull(mUpdater.getIfNameByIndex(TEST_INDEX));
+ }
+
+ private void assertDumpContains(final String dump, final String message) {
+ assertTrue(String.format("dump(%s) does not contain '%s'", dump, message),
+ dump.contains(message));
+ }
+
+ private String getDump() {
+ final StringWriter sw = new StringWriter();
+ mUpdater.dump(new IndentingPrintWriter(new PrintWriter(sw), " "));
+ return sw.toString();
+ }
+
+ @Test
+ public void testDump() throws ErrnoException {
+ mBpfMap.updateEntry(new S32(TEST_INDEX), new InterfaceMapValue(TEST_INTERFACE_NAME));
+ mBpfMap.updateEntry(new S32(TEST_INDEX2), new InterfaceMapValue(TEST_INTERFACE_NAME2));
+
+ final String dump = getDump();
+ assertDumpContains(dump, "IfaceIndexNameMap: OK");
+ assertDumpContains(dump, "ifaceIndex=1 ifaceName=test1");
+ assertDumpContains(dump, "ifaceIndex=2 ifaceName=test2");
+ }
}
diff --git a/tests/unit/java/com/android/server/net/InterfaceMapValueTest.java b/tests/unit/java/com/android/server/net/InterfaceMapValueTest.java
new file mode 100644
index 0000000..ee13d5f
--- /dev/null
+++ b/tests/unit/java/com/android/server/net/InterfaceMapValueTest.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.net;
+
+import static org.junit.Assert.assertArrayEquals;
+import static org.junit.Assert.assertEquals;
+
+import androidx.test.ext.junit.runners.AndroidJUnit4;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+@RunWith(AndroidJUnit4.class)
+public class InterfaceMapValueTest {
+ private static final String IF_NAME = "wlan0";
+ private static final byte[] IF_NAME_BYTE = new byte[]{'w', 'l', 'a', 'n', '0'};
+ private static final byte[] IF_NAME_BYTE_WITH_PADDING =
+ new byte[]{'w', 'l', 'a', 'n', '0', 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0}; // IF_NAME_BYTE_WITH_PADDING.length = 16
+ private static final byte[] IF_NAME_BYTE_LONG =
+ new byte[]{'w', 'l', 'a', 'n', '0', 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0}; // IF_NAME_BYTE_LONG.length = 24
+
+ @Test
+ public void testInterfaceMapValueFromString() {
+ final InterfaceMapValue value = new InterfaceMapValue(IF_NAME);
+ assertArrayEquals(IF_NAME_BYTE_WITH_PADDING, value.interfaceName);
+ }
+
+ @Test
+ public void testInterfaceMapValueFromByte() {
+ final InterfaceMapValue value = new InterfaceMapValue(IF_NAME_BYTE_WITH_PADDING);
+ assertArrayEquals(IF_NAME_BYTE_WITH_PADDING, value.interfaceName);
+ }
+
+ @Test
+ public void testInterfaceMapValueFromByteShort() {
+ final InterfaceMapValue value = new InterfaceMapValue(IF_NAME_BYTE);
+ assertArrayEquals(IF_NAME_BYTE_WITH_PADDING, value.interfaceName);
+ }
+
+ @Test
+ public void testInterfaceMapValueFromByteLong() {
+ final InterfaceMapValue value = new InterfaceMapValue(IF_NAME_BYTE_LONG);
+ assertArrayEquals(IF_NAME_BYTE_WITH_PADDING, value.interfaceName);
+ }
+
+ @Test
+ public void testGetInterfaceNameString() {
+ final InterfaceMapValue value = new InterfaceMapValue(IF_NAME_BYTE_WITH_PADDING);
+ assertEquals(IF_NAME, value.getInterfaceNameString());
+ }
+}
diff --git a/tests/unit/java/com/android/server/net/IpConfigStoreTest.java b/tests/unit/java/com/android/server/net/IpConfigStoreTest.java
index e9a5309..4adc999 100644
--- a/tests/unit/java/com/android/server/net/IpConfigStoreTest.java
+++ b/tests/unit/java/com/android/server/net/IpConfigStoreTest.java
@@ -20,6 +20,7 @@
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.fail;
+import android.content.Context;
import android.net.InetAddresses;
import android.net.IpConfiguration;
import android.net.IpConfiguration.IpAssignment;
@@ -27,9 +28,15 @@
import android.net.LinkAddress;
import android.net.ProxyInfo;
import android.net.StaticIpConfiguration;
+import android.os.Build;
+import android.os.HandlerThread;
import android.util.ArrayMap;
-import androidx.test.runner.AndroidJUnit4;
+import androidx.test.InstrumentationRegistry;
+
+import com.android.testutils.DevSdkIgnoreRule;
+import com.android.testutils.DevSdkIgnoreRunner;
+import com.android.testutils.HandlerUtils;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -37,17 +44,21 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
+import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.List;
/**
* Unit tests for {@link IpConfigStore}
*/
-@RunWith(AndroidJUnit4.class)
+@RunWith(DevSdkIgnoreRunner.class)
+@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.S_V2)
public class IpConfigStoreTest {
+ private static final int TIMEOUT_MS = 2_000;
private static final int KEY_CONFIG = 17;
private static final String IFACE_1 = "eth0";
private static final String IFACE_2 = "eth1";
@@ -56,6 +67,22 @@
private static final String DNS_IP_ADDR_1 = "1.2.3.4";
private static final String DNS_IP_ADDR_2 = "5.6.7.8";
+ private static final ArrayList<InetAddress> DNS_SERVERS = new ArrayList<>(List.of(
+ InetAddresses.parseNumericAddress(DNS_IP_ADDR_1),
+ InetAddresses.parseNumericAddress(DNS_IP_ADDR_2)));
+ private static final StaticIpConfiguration STATIC_IP_CONFIG_1 =
+ new StaticIpConfiguration.Builder()
+ .setIpAddress(new LinkAddress(IP_ADDR_1))
+ .setDnsServers(DNS_SERVERS)
+ .build();
+ private static final StaticIpConfiguration STATIC_IP_CONFIG_2 =
+ new StaticIpConfiguration.Builder()
+ .setIpAddress(new LinkAddress(IP_ADDR_2))
+ .setDnsServers(DNS_SERVERS)
+ .build();
+ private static final ProxyInfo PROXY_INFO =
+ ProxyInfo.buildDirectProxy("10.10.10.10", 88, Arrays.asList("host1", "host2"));
+
@Test
public void backwardCompatibility2to3() throws IOException {
ByteArrayOutputStream byteStream = new ByteArrayOutputStream();
@@ -79,40 +106,73 @@
@Test
public void staticIpMultiNetworks() throws Exception {
- final ArrayList<InetAddress> dnsServers = new ArrayList<>();
- dnsServers.add(InetAddresses.parseNumericAddress(DNS_IP_ADDR_1));
- dnsServers.add(InetAddresses.parseNumericAddress(DNS_IP_ADDR_2));
- final StaticIpConfiguration staticIpConfiguration1 = new StaticIpConfiguration.Builder()
- .setIpAddress(new LinkAddress(IP_ADDR_1))
- .setDnsServers(dnsServers).build();
- final StaticIpConfiguration staticIpConfiguration2 = new StaticIpConfiguration.Builder()
- .setIpAddress(new LinkAddress(IP_ADDR_2))
- .setDnsServers(dnsServers).build();
+ final IpConfiguration expectedConfig1 = newIpConfiguration(IpAssignment.STATIC,
+ ProxySettings.STATIC, STATIC_IP_CONFIG_1, PROXY_INFO);
+ final IpConfiguration expectedConfig2 = newIpConfiguration(IpAssignment.STATIC,
+ ProxySettings.STATIC, STATIC_IP_CONFIG_2, PROXY_INFO);
- ProxyInfo proxyInfo =
- ProxyInfo.buildDirectProxy("10.10.10.10", 88, Arrays.asList("host1", "host2"));
-
- IpConfiguration expectedConfig1 = newIpConfiguration(IpAssignment.STATIC,
- ProxySettings.STATIC, staticIpConfiguration1, proxyInfo);
- IpConfiguration expectedConfig2 = newIpConfiguration(IpAssignment.STATIC,
- ProxySettings.STATIC, staticIpConfiguration2, proxyInfo);
-
- ArrayMap<String, IpConfiguration> expectedNetworks = new ArrayMap<>();
+ final ArrayMap<String, IpConfiguration> expectedNetworks = new ArrayMap<>();
expectedNetworks.put(IFACE_1, expectedConfig1);
expectedNetworks.put(IFACE_2, expectedConfig2);
- MockedDelayedDiskWrite writer = new MockedDelayedDiskWrite();
- IpConfigStore store = new IpConfigStore(writer);
+ final MockedDelayedDiskWrite writer = new MockedDelayedDiskWrite();
+ final IpConfigStore store = new IpConfigStore(writer);
store.writeIpConfigurations("file/path/not/used/", expectedNetworks);
- InputStream in = new ByteArrayInputStream(writer.mByteStream.toByteArray());
- ArrayMap<String, IpConfiguration> actualNetworks = IpConfigStore.readIpConfigurations(in);
+ final InputStream in = new ByteArrayInputStream(writer.mByteStream.toByteArray());
+ final ArrayMap<String, IpConfiguration> actualNetworks =
+ IpConfigStore.readIpConfigurations(in);
assertNotNull(actualNetworks);
assertEquals(2, actualNetworks.size());
assertEquals(expectedNetworks.get(IFACE_1), actualNetworks.get(IFACE_1));
assertEquals(expectedNetworks.get(IFACE_2), actualNetworks.get(IFACE_2));
}
+ @Test
+ public void readIpConfigurationFromFilePath() throws Exception {
+ final HandlerThread testHandlerThread = new HandlerThread("IpConfigStoreTest");
+ final DelayedDiskWrite.Dependencies dependencies =
+ new DelayedDiskWrite.Dependencies() {
+ @Override
+ public HandlerThread makeHandlerThread() {
+ return testHandlerThread;
+ }
+ @Override
+ public void quitHandlerThread(HandlerThread handlerThread) {
+ testHandlerThread.quitSafely();
+ }
+ };
+
+ final IpConfiguration ipConfig = newIpConfiguration(IpAssignment.STATIC,
+ ProxySettings.STATIC, STATIC_IP_CONFIG_1, PROXY_INFO);
+ final ArrayMap<String, IpConfiguration> expectedNetworks = new ArrayMap<>();
+ expectedNetworks.put(IFACE_1, ipConfig);
+
+ // Write IP config to specific file path and read it later.
+ final Context context = InstrumentationRegistry.getContext();
+ final File configFile = new File(context.getFilesDir().getPath(),
+ "IpConfigStoreTest-ipconfig.txt");
+ final DelayedDiskWrite writer = new DelayedDiskWrite(dependencies);
+ final IpConfigStore store = new IpConfigStore(writer);
+ store.writeIpConfigurations(configFile.getPath(), expectedNetworks);
+ HandlerUtils.waitForIdle(testHandlerThread, TIMEOUT_MS);
+
+ // Read IP config from the file path.
+ final ArrayMap<String, IpConfiguration> actualNetworks =
+ IpConfigStore.readIpConfigurations(configFile.getPath());
+ assertNotNull(actualNetworks);
+ assertEquals(1, actualNetworks.size());
+ assertEquals(expectedNetworks.get(IFACE_1), actualNetworks.get(IFACE_1));
+
+ // Return an empty array when reading IP configuration from an non-exist config file.
+ final ArrayMap<String, IpConfiguration> emptyNetworks =
+ IpConfigStore.readIpConfigurations("/dev/null");
+ assertNotNull(emptyNetworks);
+ assertEquals(0, emptyNetworks.size());
+
+ configFile.delete();
+ }
+
private IpConfiguration newIpConfiguration(IpAssignment ipAssignment,
ProxySettings proxySettings, StaticIpConfiguration staticIpConfig, ProxyInfo info) {
final IpConfiguration config = new IpConfiguration();
diff --git a/tests/unit/java/com/android/server/net/NetworkStatsFactoryTest.java b/tests/unit/java/com/android/server/net/NetworkStatsFactoryTest.java
index 79744b1..04db6d3 100644
--- a/tests/unit/java/com/android/server/net/NetworkStatsFactoryTest.java
+++ b/tests/unit/java/com/android/server/net/NetworkStatsFactoryTest.java
@@ -25,30 +25,35 @@
import static android.net.NetworkStats.SET_ALL;
import static android.net.NetworkStats.SET_DEFAULT;
import static android.net.NetworkStats.SET_FOREGROUND;
+import static android.net.NetworkStats.TAG_ALL;
import static android.net.NetworkStats.TAG_NONE;
import static android.net.NetworkStats.UID_ALL;
import static com.android.server.net.NetworkStatsFactory.kernelToTag;
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.Mockito.doReturn;
import android.content.Context;
-import android.content.res.Resources;
import android.net.NetworkStats;
import android.net.TrafficStats;
import android.net.UnderlyingNetworkInfo;
-import android.os.Build;
+import android.os.SystemClock;
import androidx.test.InstrumentationRegistry;
import androidx.test.filters.SmallTest;
import com.android.frameworks.tests.net.R;
+import com.android.internal.util.ProcFileReader;
+import com.android.server.BpfNetMaps;
import com.android.testutils.DevSdkIgnoreRule;
import com.android.testutils.DevSdkIgnoreRunner;
import libcore.io.IoUtils;
-import libcore.io.Streams;
import libcore.testing.io.TestIoUtils;
import org.junit.After;
@@ -59,21 +64,21 @@
import org.mockito.MockitoAnnotations;
import java.io.File;
-import java.io.FileOutputStream;
-import java.io.FileWriter;
-import java.io.InputStream;
-import java.io.OutputStream;
+import java.io.IOException;
+import java.net.ProtocolException;
/** Tests for {@link NetworkStatsFactory}. */
@RunWith(DevSdkIgnoreRunner.class)
@SmallTest
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
public class NetworkStatsFactoryTest extends NetworkStatsBaseTest {
private static final String CLAT_PREFIX = "v4-";
private File mTestProc;
private NetworkStatsFactory mFactory;
@Mock private Context mContext;
+ @Mock private NetworkStatsFactory.Dependencies mDeps;
+ @Mock private BpfNetMaps mBpfNetMaps;
@Before
public void setUp() throws Exception {
@@ -84,7 +89,9 @@
// applications. So in order to have a test support native library, the native code
// related to networkStatsFactory is compiled to a minimal native library and loaded here.
System.loadLibrary("networkstatsfactorytestjni");
- mFactory = new NetworkStatsFactory(mContext, mTestProc, false);
+ doReturn(mBpfNetMaps).when(mDeps).createBpfNetMaps(any());
+
+ mFactory = new NetworkStatsFactory(mContext, mDeps);
mFactory.updateUnderlyingNetworkInfos(new UnderlyingNetworkInfo[0]);
}
@@ -95,7 +102,7 @@
@Test
public void testNetworkStatsDetail() throws Exception {
- final NetworkStats stats = parseDetailedStats(R.raw.xt_qtaguid_typical);
+ final NetworkStats stats = factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_typical);
assertEquals(70, stats.size());
assertStatsEntry(stats, "wlan0", 0, SET_DEFAULT, 0x0, 18621L, 2898L);
@@ -120,8 +127,8 @@
// over VPN.
//
// VPN UID rewrites packets read from TUN back to TUN, plus some of its own traffic
-
- final NetworkStats tunStats = parseDetailedStats(R.raw.xt_qtaguid_vpn_rewrite_through_self);
+ final NetworkStats tunStats =
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_vpn_rewrite_through_self);
assertValues(tunStats, TUN_IFACE, UID_RED, SET_ALL, TAG_NONE, METERED_ALL, ROAMING_ALL,
DEFAULT_NETWORK_ALL, 2000L, 200L, 1000L, 100L, 0);
@@ -162,7 +169,8 @@
// UID_RED: 2000 bytes, 200 packets
// UID_BLUE: 1000 bytes, 100 packets
// UID_VPN: 6300 bytes, 0 packets
- final NetworkStats tunStats = parseDetailedStats(R.raw.xt_qtaguid_vpn_with_clat);
+ final NetworkStats tunStats =
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_vpn_with_clat);
assertValues(tunStats, CLAT_PREFIX + TEST_IFACE, UID_RED, 2000L, 200L, 1000, 100L);
assertValues(tunStats, CLAT_PREFIX + TEST_IFACE, UID_BLUE, 1000L, 100L, 500L, 50L);
@@ -186,7 +194,8 @@
// attributed to UID_BLUE, and 150 bytes attributed to UID_VPN.
// Of 3300 bytes received over WiFi, expect 2000 bytes attributed to UID_RED, 1000 bytes
// attributed to UID_BLUE, and 300 bytes attributed to UID_VPN.
- final NetworkStats tunStats = parseDetailedStats(R.raw.xt_qtaguid_vpn_one_underlying);
+ final NetworkStats tunStats =
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_vpn_one_underlying);
assertValues(tunStats, TEST_IFACE, UID_RED, 2000L, 200L, 1000L, 100L);
assertValues(tunStats, TEST_IFACE, UID_BLUE, 1000L, 100L, 500L, 50L);
@@ -215,7 +224,7 @@
// Of 8800 bytes received over WiFi, expect 2000 bytes attributed to UID_RED, 1000 bytes
// attributed to UID_BLUE, and 5800 bytes attributed to UID_VPN.
final NetworkStats tunStats =
- parseDetailedStats(R.raw.xt_qtaguid_vpn_one_underlying_own_traffic);
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_vpn_one_underlying_own_traffic);
assertValues(tunStats, TEST_IFACE, UID_RED, 2000L, 200L, 1000L, 100L);
assertValues(tunStats, TEST_IFACE, UID_BLUE, 1000L, 100L, 500L, 50L);
@@ -237,7 +246,7 @@
// Of 1000 bytes over WiFi, expect 250 bytes attributed UID_RED and 750 bytes to UID_BLUE,
// with nothing attributed to UID_VPN for both rx/tx traffic.
final NetworkStats tunStats =
- parseDetailedStats(R.raw.xt_qtaguid_vpn_one_underlying_compression);
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_vpn_one_underlying_compression);
assertValues(tunStats, TEST_IFACE, UID_RED, 250L, 25L, 250L, 25L);
assertValues(tunStats, TEST_IFACE, UID_BLUE, 750L, 75L, 750L, 75L);
@@ -261,7 +270,7 @@
// - 500 bytes rx/tx each over WiFi/Cell attributed to both UID_RED and UID_BLUE.
// - 1200 bytes rx/tx each over WiFi/Cell for VPN_UID.
final NetworkStats tunStats =
- parseDetailedStats(R.raw.xt_qtaguid_vpn_two_underlying_duplication);
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_vpn_two_underlying_duplication);
assertValues(tunStats, TEST_IFACE, UID_RED, 500L, 50L, 500L, 50L);
assertValues(tunStats, TEST_IFACE, UID_BLUE, 500L, 50L, 500L, 50L);
@@ -301,7 +310,7 @@
// Of 3850 bytes received over Cell, expect 3000 bytes attributed to UID_RED, 500 bytes
// attributed to UID_BLUE, and 350 bytes attributed to UID_VPN.
final NetworkStats tunStats =
- parseDetailedStats(R.raw.xt_qtaguid_vpn_one_underlying_two_vpn);
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_vpn_one_underlying_two_vpn);
assertValues(tunStats, TEST_IFACE, UID_RED, 2000L, 200L, 1000L, 100L);
assertValues(tunStats, TEST_IFACE, UID_BLUE, 1000L, 100L, 500L, 50L);
@@ -331,7 +340,8 @@
//
// For UID_VPN, expect 60 bytes attributed over WiFi and 40 bytes over Cell for tx traffic.
// And, 30 bytes over WiFi and 20 bytes over Cell for rx traffic.
- final NetworkStats tunStats = parseDetailedStats(R.raw.xt_qtaguid_vpn_two_underlying_split);
+ final NetworkStats tunStats =
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_vpn_two_underlying_split);
assertValues(tunStats, TEST_IFACE, UID_RED, 300L, 30L, 600L, 60L);
assertValues(tunStats, TEST_IFACE, UID_VPN, 30L, 0L, 60L, 0L);
@@ -355,7 +365,8 @@
// rx/tx.
// UID_VPN gets nothing attributed to it (avoiding negative stats).
final NetworkStats tunStats =
- parseDetailedStats(R.raw.xt_qtaguid_vpn_two_underlying_split_compression);
+ factoryReadNetworkStatsDetail(
+ R.raw.xt_qtaguid_vpn_two_underlying_split_compression);
assertValues(tunStats, TEST_IFACE, UID_RED, 600L, 60L, 600L, 60L);
assertValues(tunStats, TEST_IFACE, UID_VPN, 0L, 0L, 0L, 0L);
@@ -376,7 +387,8 @@
// 1000 bytes (100 packets) were sent/received by UID_RED over VPN.
// VPN sent/received 1100 bytes (100 packets) over Cell.
// Of 1100 bytes over Cell, expect all of it attributed to UID_VPN for both rx/tx traffic.
- final NetworkStats tunStats = parseDetailedStats(R.raw.xt_qtaguid_vpn_incorrect_iface);
+ final NetworkStats tunStats =
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_vpn_incorrect_iface);
assertValues(tunStats, TEST_IFACE, UID_RED, 0L, 0L, 0L, 0L);
assertValues(tunStats, TEST_IFACE, UID_VPN, 0L, 0L, 0L, 0L);
@@ -401,7 +413,9 @@
@Test
public void testNetworkStatsWithSet() throws Exception {
- final NetworkStats stats = parseDetailedStats(R.raw.xt_qtaguid_typical);
+ final NetworkStats stats =
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_typical);
+
assertEquals(70, stats.size());
assertStatsEntry(stats, "rmnet1", 10021, SET_DEFAULT, 0x30100000, 219110L, 578L, 227423L,
676L);
@@ -409,29 +423,6 @@
}
@Test
- public void testNetworkStatsSingle() throws Exception {
- stageFile(R.raw.xt_qtaguid_iface_typical, file("net/xt_qtaguid/iface_stat_all"));
-
- final NetworkStats stats = mFactory.readNetworkStatsSummaryDev();
- assertEquals(6, stats.size());
- assertStatsEntry(stats, "rmnet0", UID_ALL, SET_ALL, TAG_NONE, 2112L, 24L, 700L, 10L);
- assertStatsEntry(stats, "test1", UID_ALL, SET_ALL, TAG_NONE, 6L, 8L, 10L, 12L);
- assertStatsEntry(stats, "test2", UID_ALL, SET_ALL, TAG_NONE, 1L, 2L, 3L, 4L);
- }
-
- @Test
- public void testNetworkStatsXt() throws Exception {
- stageFile(R.raw.xt_qtaguid_iface_fmt_typical, file("net/xt_qtaguid/iface_stat_fmt"));
-
- final NetworkStats stats = mFactory.readNetworkStatsSummaryXt();
- assertEquals(3, stats.size());
- assertStatsEntry(stats, "rmnet0", UID_ALL, SET_ALL, TAG_NONE, 6824L, 16L, 5692L, 10L);
- assertStatsEntry(stats, "rmnet1", UID_ALL, SET_ALL, TAG_NONE, 11153922L, 8051L, 190226L,
- 2468L);
- assertStatsEntry(stats, "rmnet2", UID_ALL, SET_ALL, TAG_NONE, 4968L, 35L, 3081L, 39L);
- }
-
- @Test
public void testDoubleClatAccountingSimple() throws Exception {
mFactory.noteStackedIface("v4-wlan0", "wlan0");
@@ -439,7 +430,8 @@
// - 213 received 464xlat packets of size 200 bytes
// - 41 sent 464xlat packets of size 100 bytes
// - no other traffic on base interface for root uid.
- NetworkStats stats = parseDetailedStats(R.raw.xt_qtaguid_with_clat_simple);
+ final NetworkStats stats =
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_with_clat_simple);
assertEquals(3, stats.size());
assertStatsEntry(stats, "v4-wlan0", 10060, SET_DEFAULT, 0x0, 46860L, 4920L);
@@ -450,7 +442,8 @@
public void testDoubleClatAccounting() throws Exception {
mFactory.noteStackedIface("v4-wlan0", "wlan0");
- NetworkStats stats = parseDetailedStats(R.raw.xt_qtaguid_with_clat);
+ final NetworkStats stats =
+ factoryReadNetworkStatsDetail(R.raw.xt_qtaguid_with_clat);
assertEquals(42, stats.size());
assertStatsEntry(stats, "v4-wlan0", 0, SET_DEFAULT, 0x0, 356L, 276L);
@@ -472,64 +465,117 @@
}
@Test
- public void testDoubleClatAccounting100MBDownload() throws Exception {
- // Downloading 100mb from an ipv4 only destination in a foreground activity
+ public void testRemoveUidsStats() throws Exception {
+ final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1)
+ .insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 16L, 1L, 16L, 1L, 0L)
+ .insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE,
+ 256L, 16L, 512L, 32L, 0L)
+ .insertEntry(TEST_IFACE, UID_GREEN, SET_DEFAULT, TAG_NONE, 64L, 3L, 1024L, 8L, 0L);
- long appRxBytesBefore = 328684029L;
- long appRxBytesAfter = 439237478L;
- assertEquals("App traffic should be ~100MB", 110553449, appRxBytesAfter - appRxBytesBefore);
+ doReturn(stats).when(mDeps).getNetworkStatsDetail(anyInt(), any(),
+ anyInt());
- long rootRxBytes = 330187296L;
+ final String[] ifaces = new String[]{TEST_IFACE};
+ final NetworkStats res = mFactory.readNetworkStatsDetail(UID_ALL, ifaces, TAG_ALL);
- mFactory.noteStackedIface("v4-wlan0", "wlan0");
- NetworkStats stats;
+ // Verify that the result of the mocked stats are expected.
+ assertValues(res, TEST_IFACE, UID_RED, 16L, 1L, 16L, 1L);
+ assertValues(res, TEST_IFACE, UID_BLUE, 256L, 16L, 512L, 32L);
+ assertValues(res, TEST_IFACE, UID_GREEN, 64L, 3L, 1024L, 8L);
- // Stats snapshot before the download
- stats = parseDetailedStats(R.raw.xt_qtaguid_with_clat_100mb_download_before);
- assertStatsEntry(stats, "v4-wlan0", 10106, SET_FOREGROUND, 0x0, appRxBytesBefore, 5199872L);
- assertStatsEntry(stats, "wlan0", 0, SET_DEFAULT, 0x0, rootRxBytes, 0L);
+ // Assume the apps were removed.
+ final int[] removedUids = new int[]{UID_RED, UID_BLUE};
+ mFactory.removeUidsLocked(removedUids);
- // Stats snapshot after the download
- stats = parseDetailedStats(R.raw.xt_qtaguid_with_clat_100mb_download_after);
- assertStatsEntry(stats, "v4-wlan0", 10106, SET_FOREGROUND, 0x0, appRxBytesAfter, 7867488L);
- assertStatsEntry(stats, "wlan0", 0, SET_DEFAULT, 0x0, rootRxBytes, 0L);
+ // Return empty stats for reading the result of removing uids stats later.
+ doReturn(buildEmptyStats()).when(mDeps).getNetworkStatsDetail(anyInt(), any(),
+ anyInt());
+
+ final NetworkStats removedUidsStats =
+ mFactory.readNetworkStatsDetail(UID_ALL, ifaces, TAG_ALL);
+
+ // Verify that the stats of the removed uids were removed.
+ assertValues(removedUidsStats, TEST_IFACE, UID_RED, 0L, 0L, 0L, 0L);
+ assertValues(removedUidsStats, TEST_IFACE, UID_BLUE, 0L, 0L, 0L, 0L);
+ assertValues(removedUidsStats, TEST_IFACE, UID_GREEN, 64L, 3L, 1024L, 8L);
}
- /**
- * Copy a {@link Resources#openRawResource(int)} into {@link File} for
- * testing purposes.
- */
- private void stageFile(int rawId, File file) throws Exception {
- new File(file.getParent()).mkdirs();
- InputStream in = null;
- OutputStream out = null;
+ private NetworkStats buildEmptyStats() {
+ return new NetworkStats(SystemClock.elapsedRealtime(), 0);
+ }
+
+ private NetworkStats parseNetworkStatsFromGoldenSample(int resourceId, int initialSize,
+ boolean consumeHeader, boolean checkActive, boolean isUidData) throws IOException {
+ final NetworkStats stats =
+ new NetworkStats(SystemClock.elapsedRealtime(), initialSize);
+ final NetworkStats.Entry entry = new NetworkStats.Entry();
+ ProcFileReader reader = null;
+ int idx = 1;
+ int lastIdx = 1;
try {
- in = InstrumentationRegistry.getContext().getResources().openRawResource(rawId);
- out = new FileOutputStream(file);
- Streams.copy(in, out);
+ reader = new ProcFileReader(InstrumentationRegistry.getContext().getResources()
+ .openRawResource(resourceId));
+
+ if (consumeHeader) {
+ reader.finishLine();
+ }
+
+ while (reader.hasMoreData()) {
+ if (isUidData) {
+ idx = reader.nextInt();
+ if (idx != lastIdx + 1) {
+ throw new ProtocolException(
+ "inconsistent idx=" + idx + " after lastIdx=" + lastIdx);
+ }
+ lastIdx = idx;
+ }
+
+ entry.iface = reader.nextString();
+ // Read the uid based information from file. Otherwise, assign with target value.
+ entry.tag = isUidData ? kernelToTag(reader.nextString()) : TAG_NONE;
+ entry.uid = isUidData ? reader.nextInt() : UID_ALL;
+ entry.set = isUidData ? reader.nextInt() : SET_ALL;
+
+ // For fetching active numbers. Dev specific
+ final boolean active = checkActive ? reader.nextInt() != 0 : false;
+
+ // Always include snapshot values
+ entry.rxBytes = reader.nextLong();
+ entry.rxPackets = reader.nextLong();
+ entry.txBytes = reader.nextLong();
+ entry.txPackets = reader.nextLong();
+
+ // Fold in active numbers, but only when active
+ if (active) {
+ entry.rxBytes += reader.nextLong();
+ entry.rxPackets += reader.nextLong();
+ entry.txBytes += reader.nextLong();
+ entry.txPackets += reader.nextLong();
+ }
+
+ stats.insertEntry(entry);
+ reader.finishLine();
+ }
+ } catch (NullPointerException | NumberFormatException e) {
+ final String errMsg = isUidData
+ ? "problem parsing idx " + idx : "problem parsing stats";
+ final ProtocolException pe = new ProtocolException(errMsg);
+ pe.initCause(e);
+ throw pe;
} finally {
- IoUtils.closeQuietly(in);
- IoUtils.closeQuietly(out);
+ IoUtils.closeQuietly(reader);
}
+ return stats;
}
- private void stageLong(long value, File file) throws Exception {
- new File(file.getParent()).mkdirs();
- FileWriter out = null;
- try {
- out = new FileWriter(file);
- out.write(Long.toString(value));
- } finally {
- IoUtils.closeQuietly(out);
- }
- }
-
- private File file(String path) throws Exception {
- return new File(mTestProc, path);
- }
-
- private NetworkStats parseDetailedStats(int resourceId) throws Exception {
- stageFile(resourceId, file("net/xt_qtaguid/stats"));
+ private NetworkStats factoryReadNetworkStatsDetail(int resourceId) throws Exception {
+ // Choose a general detail stats sample size from the experiences to prevent from
+ // frequently allocating buckets.
+ final NetworkStats statsFromResource = parseNetworkStatsFromGoldenSample(resourceId,
+ 24 /* initialSize */, true /* consumeHeader */, false /* checkActive */,
+ true /* isUidData */);
+ doReturn(statsFromResource).when(mDeps).getNetworkStatsDetail(anyInt(), any(),
+ anyInt());
return mFactory.readNetworkStatsDetail();
}
diff --git a/tests/unit/java/com/android/server/net/NetworkStatsObserversTest.java b/tests/unit/java/com/android/server/net/NetworkStatsObserversTest.java
index 5747e10..292f77e 100644
--- a/tests/unit/java/com/android/server/net/NetworkStatsObserversTest.java
+++ b/tests/unit/java/com/android/server/net/NetworkStatsObserversTest.java
@@ -21,11 +21,12 @@
import static android.net.NetworkStats.DEFAULT_NETWORK_NO;
import static android.net.NetworkStats.DEFAULT_NETWORK_YES;
import static android.net.NetworkStats.METERED_NO;
+import static android.net.NetworkStats.METERED_YES;
import static android.net.NetworkStats.ROAMING_NO;
import static android.net.NetworkStats.SET_DEFAULT;
import static android.net.NetworkStats.TAG_NONE;
-import static android.net.NetworkTemplate.buildTemplateMobileAll;
-import static android.net.NetworkTemplate.buildTemplateWifiWildcard;
+import static android.net.NetworkTemplate.MATCH_MOBILE;
+import static android.net.NetworkTemplate.MATCH_WIFI;
import static android.net.TrafficStats.MB_IN_BYTES;
import static android.text.format.DateUtils.MINUTE_IN_MILLIS;
@@ -67,6 +68,7 @@
import java.util.ArrayList;
import java.util.Objects;
+import java.util.Set;
/**
* Tests for {@link NetworkStatsObservers}.
@@ -84,10 +86,13 @@
private static final int SUBID_1 = 1;
private static final String TEST_SSID = "AndroidAP";
- private static NetworkTemplate sTemplateWifi = buildTemplateWifiWildcard();
- private static NetworkTemplate sTemplateImsi1 = buildTemplateMobileAll(IMSI_1);
- private static NetworkTemplate sTemplateImsi2 = buildTemplateMobileAll(IMSI_2);
-
+ private static NetworkTemplate sTemplateWifi = new NetworkTemplate.Builder(MATCH_WIFI).build();
+ private static NetworkTemplate sTemplateImsi1 = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setSubscriberIds(Set.of(IMSI_1))
+ .setMeteredness(METERED_YES).build();
+ private static NetworkTemplate sTemplateImsi2 = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setSubscriberIds(Set.of(IMSI_2))
+ .setMeteredness(METERED_YES).build();
private static final int PID_SYSTEM = 1234;
private static final int PID_RED = 1235;
private static final int PID_BLUE = 1236;
diff --git a/tests/unit/java/com/android/server/net/NetworkStatsServiceTest.java b/tests/unit/java/com/android/server/net/NetworkStatsServiceTest.java
index e03b4fe..6448819 100644
--- a/tests/unit/java/com/android/server/net/NetworkStatsServiceTest.java
+++ b/tests/unit/java/com/android/server/net/NetworkStatsServiceTest.java
@@ -16,6 +16,7 @@
package com.android.server.net;
+import static android.Manifest.permission.DUMP;
import static android.Manifest.permission.READ_NETWORK_USAGE_HISTORY;
import static android.Manifest.permission.UPDATE_DEVICE_STATS;
import static android.app.usage.NetworkStatsManager.PREFIX_DEV;
@@ -24,6 +25,7 @@
import static android.content.pm.PackageManager.PERMISSION_DENIED;
import static android.content.pm.PackageManager.PERMISSION_GRANTED;
import static android.net.ConnectivityManager.TYPE_MOBILE;
+import static android.net.ConnectivityManager.TYPE_TEST;
import static android.net.ConnectivityManager.TYPE_WIFI;
import static android.net.NetworkIdentity.OEM_PAID;
import static android.net.NetworkIdentity.OEM_PRIVATE;
@@ -46,14 +48,11 @@
import static android.net.NetworkStats.TAG_NONE;
import static android.net.NetworkStats.UID_ALL;
import static android.net.NetworkStatsHistory.FIELD_ALL;
-import static android.net.NetworkTemplate.MATCH_MOBILE_WILDCARD;
-import static android.net.NetworkTemplate.NETWORK_TYPE_ALL;
+import static android.net.NetworkTemplate.MATCH_MOBILE;
+import static android.net.NetworkTemplate.MATCH_TEST;
+import static android.net.NetworkTemplate.MATCH_WIFI;
import static android.net.NetworkTemplate.OEM_MANAGED_NO;
import static android.net.NetworkTemplate.OEM_MANAGED_YES;
-import static android.net.NetworkTemplate.buildTemplateMobileAll;
-import static android.net.NetworkTemplate.buildTemplateMobileWithRatType;
-import static android.net.NetworkTemplate.buildTemplateWifi;
-import static android.net.NetworkTemplate.buildTemplateWifiWildcard;
import static android.net.TrafficStats.MB_IN_BYTES;
import static android.net.TrafficStats.UID_REMOVED;
import static android.net.TrafficStats.UID_TETHERING;
@@ -65,7 +64,6 @@
import static android.text.format.DateUtils.MINUTE_IN_MILLIS;
import static android.text.format.DateUtils.WEEK_IN_MILLIS;
-import static com.android.net.module.util.NetworkStatsUtils.SUBSCRIBER_ID_MATCH_RULE_EXACT;
import static com.android.server.net.NetworkStatsService.ACTION_NETWORK_STATS_POLL;
import static com.android.server.net.NetworkStatsService.NETSTATS_IMPORT_ATTEMPTS_COUNTER_NAME;
import static com.android.server.net.NetworkStatsService.NETSTATS_IMPORT_FALLBACKS_COUNTER_NAME;
@@ -88,8 +86,8 @@
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.reset;
import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
import android.annotation.NonNull;
import android.app.AlarmManager;
@@ -111,6 +109,7 @@
import android.net.NetworkStatsHistory;
import android.net.NetworkTemplate;
import android.net.TelephonyNetworkSpecifier;
+import android.net.TestNetworkSpecifier;
import android.net.TetherStatsParcel;
import android.net.TetheringManager;
import android.net.UnderlyingNetworkInfo;
@@ -125,7 +124,9 @@
import android.provider.Settings;
import android.system.ErrnoException;
import android.telephony.TelephonyManager;
+import android.text.TextUtils;
import android.util.ArrayMap;
+import android.util.Pair;
import androidx.annotation.Nullable;
import androidx.test.InstrumentationRegistry;
@@ -134,10 +135,15 @@
import com.android.connectivity.resources.R;
import com.android.internal.util.FileRotator;
import com.android.internal.util.test.BroadcastInterceptingContext;
+import com.android.net.module.util.BpfDump;
import com.android.net.module.util.IBpfMap;
import com.android.net.module.util.LocationPermissionChecker;
-import com.android.net.module.util.Struct.U32;
+import com.android.net.module.util.Struct;
+import com.android.net.module.util.Struct.S32;
import com.android.net.module.util.Struct.U8;
+import com.android.net.module.util.bpf.CookieTagMapKey;
+import com.android.net.module.util.bpf.CookieTagMapValue;
+import com.android.server.BpfNetMaps;
import com.android.server.net.NetworkStatsService.AlertObserver;
import com.android.server.net.NetworkStatsService.NetworkStatsSettings;
import com.android.server.net.NetworkStatsService.NetworkStatsSettings.Config;
@@ -147,21 +153,6 @@
import com.android.testutils.TestBpfMap;
import com.android.testutils.TestableNetworkStatsProviderBinder;
-import java.io.File;
-import java.io.IOException;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.time.Clock;
-import java.time.ZoneId;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
-import java.time.temporal.ChronoUnit;
-import java.util.Map;
-import java.util.Objects;
-import java.util.Set;
-import java.util.concurrent.Executor;
-import java.util.concurrent.atomic.AtomicBoolean;
-
import libcore.testing.io.TestIoUtils;
import org.junit.After;
@@ -173,6 +164,26 @@
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
+import java.io.File;
+import java.io.FileDescriptor;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.time.Clock;
+import java.time.ZoneId;
+import java.time.ZoneOffset;
+import java.time.ZonedDateTime;
+import java.time.temporal.ChronoUnit;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.concurrent.Executor;
+import java.util.concurrent.atomic.AtomicBoolean;
+
/**
* Tests for {@link NetworkStatsService}.
*
@@ -192,22 +203,32 @@
private static final String IMSI_2 = "310260";
private static final String TEST_WIFI_NETWORK_KEY = "WifiNetworkKey";
- private static NetworkTemplate sTemplateWifi = buildTemplateWifi(TEST_WIFI_NETWORK_KEY);
- private static NetworkTemplate sTemplateCarrierWifi1 =
- buildTemplateWifi(NetworkTemplate.WIFI_NETWORKID_ALL, IMSI_1);
- private static NetworkTemplate sTemplateImsi1 = buildTemplateMobileAll(IMSI_1);
- private static NetworkTemplate sTemplateImsi2 = buildTemplateMobileAll(IMSI_2);
+ private static NetworkTemplate sTemplateWifi = new NetworkTemplate.Builder(MATCH_WIFI)
+ .setWifiNetworkKeys(Set.of(TEST_WIFI_NETWORK_KEY)).build();
+ private static NetworkTemplate sTemplateCarrierWifi1 = new NetworkTemplate.Builder(MATCH_WIFI)
+ .setSubscriberIds(Set.of(IMSI_1)).build();
+ private static NetworkTemplate sTemplateImsi1 = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setMeteredness(METERED_YES).setSubscriberIds(Set.of(IMSI_1)).build();
+ private static NetworkTemplate sTemplateImsi2 = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setMeteredness(METERED_YES).setSubscriberIds(Set.of(IMSI_2)).build();
private static final Network WIFI_NETWORK = new Network(100);
private static final Network MOBILE_NETWORK = new Network(101);
private static final Network VPN_NETWORK = new Network(102);
+ private static final Network TEST_NETWORK = new Network(103);
private static final Network[] NETWORKS_WIFI = new Network[]{ WIFI_NETWORK };
private static final Network[] NETWORKS_MOBILE = new Network[]{ MOBILE_NETWORK };
+ private static final Network[] NETWORKS_TEST = new Network[]{ TEST_NETWORK };
private static final long WAIT_TIMEOUT = 2 * 1000; // 2 secs
private static final int INVALID_TYPE = -1;
+ private static final String DUMPSYS_BPF_RAW_MAP = "--bpfRawMap";
+ private static final String DUMPSYS_COOKIE_TAG_MAP = "--cookieTagMap";
+ private static final String LINE_DELIMITER = "\\n";
+
+
private long mElapsedRealtime;
private File mStatsDir;
@@ -228,7 +249,11 @@
private HandlerThread mHandlerThread;
@Mock
private LocationPermissionChecker mLocationPermissionChecker;
- private TestBpfMap<U32, U8> mUidCounterSetMap = spy(new TestBpfMap<>(U32.class, U8.class));
+ private TestBpfMap<S32, U8> mUidCounterSetMap = spy(new TestBpfMap<>(S32.class, U8.class));
+ @Mock
+ private BpfNetMaps mBpfNetMaps;
+ @Mock
+ private SkDestroyListener mSkDestroyListener;
private TestBpfMap<CookieTagMapKey, CookieTagMapValue> mCookieTagMap = new TestBpfMap<>(
CookieTagMapKey.class, CookieTagMapValue.class);
@@ -283,6 +308,7 @@
case PERMISSION_MAINLINE_NETWORK_STACK:
case READ_NETWORK_USAGE_HISTORY:
case UPDATE_DEVICE_STATS:
+ case DUMP:
return PERMISSION_GRANTED;
default:
return PERMISSION_DENIED;
@@ -322,9 +348,9 @@
final Context context = InstrumentationRegistry.getContext();
mServiceContext = new MockContext(context);
- when(mLocationPermissionChecker.checkCallersLocationPermission(
- any(), any(), anyInt(), anyBoolean(), any())).thenReturn(true);
- when(sWifiInfo.getNetworkKey()).thenReturn(TEST_WIFI_NETWORK_KEY);
+ doReturn(true).when(mLocationPermissionChecker).checkCallersLocationPermission(
+ any(), any(), anyInt(), anyBoolean(), any());
+ doReturn(TEST_WIFI_NETWORK_KEY).when(sWifiInfo).getNetworkKey();
mStatsDir = TestIoUtils.createTemporaryDirectory(getClass().getSimpleName());
mLegacyStatsDir = TestIoUtils.createTemporaryDirectory(
getClass().getSimpleName() + "-legacy");
@@ -341,9 +367,9 @@
mElapsedRealtime = 0L;
- expectDefaultSettings();
- expectNetworkStatsUidDetail(buildEmptyStats());
- expectSystemReady();
+ mockDefaultSettings();
+ mockNetworkStatsUidDetail(buildEmptyStats());
+ prepareForSystemReady();
mService.systemReady();
// Verify that system ready fetches realtime stats
verify(mStatsFactory).readNetworkStatsDetail(UID_ALL, INTERFACES_ALL, TAG_ALL);
@@ -452,7 +478,7 @@
}
@Override
- public IBpfMap<U32, U8> getUidCounterSetMap() {
+ public IBpfMap<S32, U8> getUidCounterSetMap() {
return mUidCounterSetMap;
}
@@ -480,6 +506,17 @@
public boolean isDebuggable() {
return mIsDebuggable == Boolean.TRUE;
}
+
+ @Override
+ public BpfNetMaps makeBpfNetMaps(Context ctx) {
+ return mBpfNetMaps;
+ }
+
+ @Override
+ public SkDestroyListener makeSkDestroyListener(
+ IBpfMap<CookieTagMapKey, CookieTagMapValue> cookieTagMap, Handler handler) {
+ return mSkDestroyListener;
+ }
};
}
@@ -500,10 +537,10 @@
private void initWifiStats(NetworkStateSnapshot snapshot) throws Exception {
// pretend that wifi network comes online; service should ask about full
// network state, and poll any existing interfaces before updating.
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {snapshot};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
@@ -512,10 +549,10 @@
private void incrementWifiStats(long durationMillis, String iface,
long rxb, long rxp, long txb, long txp) throws Exception {
incrementCurrentTime(durationMillis);
- expectDefaultSettings();
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(iface, rxb, rxp, txb, txp));
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
forcePollAndWaitForIdle();
}
@@ -581,10 +618,10 @@
// pretend that wifi network comes online; service should ask about full
// network state, and poll any existing interfaces before updating.
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildWifiState()};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
@@ -595,10 +632,10 @@
// modify some number on wifi, and trigger poll event
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 1024L, 8L, 2048L, 16L));
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 2)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 2)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 512L, 4L, 256L, 2L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xFAAD, 256L, 2L, 128L, 1L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_FOREGROUND, TAG_NONE, 512L, 4L, 256L, 2L, 0L)
@@ -609,7 +646,7 @@
mService.incrementOperationCount(UID_RED, 0xFAAD, 4);
mService.noteUidForeground(UID_RED, true);
verify(mUidCounterSetMap).updateEntry(
- eq(new U32(UID_RED)), eq(new U8((short) SET_FOREGROUND)));
+ eq(new S32(UID_RED)), eq(new U8((short) SET_FOREGROUND)));
mService.incrementOperationCount(UID_RED, 0xFAAD, 6);
forcePollAndWaitForIdle();
@@ -626,14 +663,14 @@
// graceful shutdown system, which should trigger persist of stats, and
// clear any values in memory.
- expectDefaultSettings();
+ mockDefaultSettings();
mServiceContext.sendBroadcast(new Intent(Intent.ACTION_SHUTDOWN));
assertStatsFilesExist(true);
// boot through serviceReady() again
- expectDefaultSettings();
- expectNetworkStatsUidDetail(buildEmptyStats());
- expectSystemReady();
+ mockDefaultSettings();
+ mockNetworkStatsUidDetail(buildEmptyStats());
+ prepareForSystemReady();
mService.systemReady();
@@ -658,20 +695,20 @@
// pretend that wifi network comes online; service should ask about full
// network state, and poll any existing interfaces before updating.
- expectSettings(0L, HOUR_IN_MILLIS, WEEK_IN_MILLIS);
+ mockSettings(HOUR_IN_MILLIS, WEEK_IN_MILLIS);
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildWifiState()};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// modify some number on wifi, and trigger poll event
incrementCurrentTime(2 * HOUR_IN_MILLIS);
- expectSettings(0L, HOUR_IN_MILLIS, WEEK_IN_MILLIS);
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockSettings(HOUR_IN_MILLIS, WEEK_IN_MILLIS);
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 512L, 4L, 512L, 4L));
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
forcePollAndWaitForIdle();
// verify service recorded history
@@ -683,9 +720,9 @@
// now change bucket duration setting and trigger another poll with
// exact same values, which should resize existing buckets.
- expectSettings(0L, 30 * MINUTE_IN_MILLIS, WEEK_IN_MILLIS);
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockSettings(30 * MINUTE_IN_MILLIS, WEEK_IN_MILLIS);
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
forcePollAndWaitForIdle();
// verify identical stats, but spread across 4 buckets now
@@ -699,20 +736,20 @@
@Test
public void testUidStatsAcrossNetworks() throws Exception {
// pretend first mobile network comes online
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildMobileState(IMSI_1)};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_MOBILE, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// create some traffic on first network
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 2048L, 16L, 512L, 4L));
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 3)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 3)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 1536L, 12L, 512L, 4L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, 512L, 4L, 512L, 4L, 0L)
.insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE, 512L, 4L, 0L, 0L, 0L));
@@ -730,11 +767,11 @@
// now switch networks; this also tests that we're okay with interfaces
// disappearing, to verify we don't count backwards.
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
+ mockDefaultSettings();
states = new NetworkStateSnapshot[] {buildMobileState(IMSI_2)};
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 2048L, 16L, 512L, 4L));
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 3)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 3)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 1536L, 12L, 512L, 4L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, 512L, 4L, 512L, 4L, 0L)
.insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE, 512L, 4L, 0L, 0L, 0L));
@@ -746,10 +783,10 @@
// create traffic on second network
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 2176L, 17L, 1536L, 12L));
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 1536L, 12L, 512L, 4L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, 512L, 4L, 512L, 4L, 0L)
.insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE, 640L, 5L, 1024L, 8L, 0L)
@@ -774,20 +811,20 @@
@Test
public void testUidRemovedIsMoved() throws Exception {
// pretend that network comes online
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildWifiState()};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// create some traffic
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 4128L, 258L, 544L, 34L));
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 16L, 1L, 16L, 1L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xFAAD, 16L, 1L, 16L, 1L, 0L)
.insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE,
@@ -803,13 +840,12 @@
assertUidTotal(sTemplateWifi, UID_BLUE, 4096L, 258L, 512L, 32L, 0);
assertUidTotal(sTemplateWifi, UID_GREEN, 16L, 1L, 16L, 1L, 0);
-
// now pretend two UIDs are uninstalled, which should migrate stats to
// special "removed" bucket.
- expectDefaultSettings();
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 4128L, 258L, 544L, 34L));
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 16L, 1L, 16L, 1L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xFAAD, 16L, 1L, 16L, 1L, 0L)
.insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE,
@@ -833,21 +869,21 @@
@Test
public void testMobileStatsByRatType() throws Exception {
- final NetworkTemplate template3g =
- buildTemplateMobileWithRatType(null, TelephonyManager.NETWORK_TYPE_UMTS,
- METERED_YES);
- final NetworkTemplate template4g =
- buildTemplateMobileWithRatType(null, TelephonyManager.NETWORK_TYPE_LTE,
- METERED_YES);
- final NetworkTemplate template5g =
- buildTemplateMobileWithRatType(null, TelephonyManager.NETWORK_TYPE_NR,
- METERED_YES);
+ final NetworkTemplate template3g = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setRatType(TelephonyManager.NETWORK_TYPE_UMTS)
+ .setMeteredness(METERED_YES).build();
+ final NetworkTemplate template4g = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setRatType(TelephonyManager.NETWORK_TYPE_LTE)
+ .setMeteredness(METERED_YES).build();
+ final NetworkTemplate template5g = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setRatType(TelephonyManager.NETWORK_TYPE_NR)
+ .setMeteredness(METERED_YES).build();
final NetworkStateSnapshot[] states =
new NetworkStateSnapshot[]{buildMobileState(IMSI_1)};
// 3G network comes online.
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
setMobileRatTypeAndWaitForIdle(TelephonyManager.NETWORK_TYPE_UMTS);
mService.notifyNetworkStatus(NETWORKS_MOBILE, states, getActiveIface(states),
@@ -855,9 +891,9 @@
// Create some traffic.
incrementCurrentTime(MINUTE_IN_MILLIS);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 12L, 18L, 14L, 1L, 0L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 12L, 18L, 14L, 1L, 0L)));
forcePollAndWaitForIdle();
// Verify 3g templates gets stats.
@@ -869,13 +905,13 @@
// 4G network comes online.
incrementCurrentTime(MINUTE_IN_MILLIS);
setMobileRatTypeAndWaitForIdle(TelephonyManager.NETWORK_TYPE_LTE);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
// Append more traffic on existing 3g stats entry.
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 16L, 22L, 17L, 2L, 0L))
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 16L, 22L, 17L, 2L, 0L))
// Add entry that is new on 4g.
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_FOREGROUND, TAG_NONE,
- 33L, 27L, 8L, 10L, 1L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 33L, 27L, 8L, 10L, 1L)));
forcePollAndWaitForIdle();
// Verify ALL_MOBILE template gets all. 3g template counters do not increase.
@@ -889,15 +925,15 @@
// 5g network comes online.
incrementCurrentTime(MINUTE_IN_MILLIS);
setMobileRatTypeAndWaitForIdle(TelephonyManager.NETWORK_TYPE_NR);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
// Existing stats remains.
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 16L, 22L, 17L, 2L, 0L))
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 16L, 22L, 17L, 2L, 0L))
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_FOREGROUND, TAG_NONE,
- 33L, 27L, 8L, 10L, 1L))
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 33L, 27L, 8L, 10L, 1L))
// Add some traffic on 5g.
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 5L, 13L, 31L, 9L, 2L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 5L, 13L, 31L, 9L, 2L)));
forcePollAndWaitForIdle();
// Verify ALL_MOBILE template gets all.
@@ -912,21 +948,24 @@
@Test
public void testMobileStatsMeteredness() throws Exception {
// Create metered 5g template.
- final NetworkTemplate templateMetered5g =
- buildTemplateMobileWithRatType(null, TelephonyManager.NETWORK_TYPE_NR,
- METERED_YES);
+ final NetworkTemplate templateMetered5g = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setRatType(TelephonyManager.NETWORK_TYPE_NR)
+ .setMeteredness(METERED_YES).build();
// Create non-metered 5g template
- final NetworkTemplate templateNonMetered5g =
- buildTemplateMobileWithRatType(null, TelephonyManager.NETWORK_TYPE_NR, METERED_NO);
+ final NetworkTemplate templateNonMetered5g = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setRatType(TelephonyManager.NETWORK_TYPE_NR)
+ .setMeteredness(METERED_NO).build();
- expectDefaultSettings();
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockDefaultSettings();
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
// Pretend that 5g mobile network comes online
final NetworkStateSnapshot[] mobileStates =
- new NetworkStateSnapshot[] {buildMobileState(IMSI_1), buildMobileState(TEST_IFACE2,
- IMSI_1, true /* isTemporarilyNotMetered */, false /* isRoaming */)};
+ new NetworkStateSnapshot[] {buildMobileState(IMSI_1), buildStateOfTransport(
+ NetworkCapabilities.TRANSPORT_CELLULAR, TYPE_MOBILE,
+ TEST_IFACE2, IMSI_1, null /* wifiNetworkKey */,
+ true /* isTemporarilyNotMetered */, false /* isRoaming */)};
setMobileRatTypeAndWaitForIdle(TelephonyManager.NETWORK_TYPE_NR);
mService.notifyNetworkStatus(NETWORKS_MOBILE, mobileStates,
getActiveIface(mobileStates), new UnderlyingNetworkInfo[0]);
@@ -936,7 +975,7 @@
// and DEFAULT_NETWORK_YES, because these three properties aren't tracked at that layer.
// They are layered on top by inspecting the iface properties.
incrementCurrentTime(HOUR_IN_MILLIS);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, METERED_YES, ROAMING_NO,
DEFAULT_NETWORK_YES, 128L, 2L, 128L, 2L, 0L)
.insertEntry(TEST_IFACE2, UID_RED, SET_DEFAULT, TAG_NONE, METERED_YES, ROAMING_NO,
@@ -950,93 +989,80 @@
@Test
public void testMobileStatsOemManaged() throws Exception {
- final NetworkTemplate templateOemPaid = new NetworkTemplate(MATCH_MOBILE_WILDCARD,
- /*subscriberId=*/null, /*matchSubscriberIds=*/null,
- /*matchWifiNetworkKeys=*/new String[0], METERED_ALL, ROAMING_ALL,
- DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_PAID, SUBSCRIBER_ID_MATCH_RULE_EXACT);
+ final NetworkTemplate templateOemPaid = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setOemManaged(OEM_PAID).build();
- final NetworkTemplate templateOemPrivate = new NetworkTemplate(MATCH_MOBILE_WILDCARD,
- /*subscriberId=*/null, /*matchSubscriberIds=*/null,
- /*matchWifiNetworkKeys=*/new String[0], METERED_ALL, ROAMING_ALL,
- DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_PRIVATE, SUBSCRIBER_ID_MATCH_RULE_EXACT);
+ final NetworkTemplate templateOemPrivate = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setOemManaged(OEM_PRIVATE).build();
- final NetworkTemplate templateOemAll = new NetworkTemplate(MATCH_MOBILE_WILDCARD,
- /*subscriberId=*/null, /*matchSubscriberIds=*/null,
- /*matchWifiNetworkKeys=*/new String[0], METERED_ALL, ROAMING_ALL,
- DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_PAID | OEM_PRIVATE,
- SUBSCRIBER_ID_MATCH_RULE_EXACT);
+ final NetworkTemplate templateOemAll = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setOemManaged(OEM_PAID | OEM_PRIVATE).build();
- final NetworkTemplate templateOemYes = new NetworkTemplate(MATCH_MOBILE_WILDCARD,
- /*subscriberId=*/null, /*matchSubscriberIds=*/null,
- /*matchWifiNetworkKeys=*/new String[0], METERED_ALL, ROAMING_ALL,
- DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_MANAGED_YES,
- SUBSCRIBER_ID_MATCH_RULE_EXACT);
+ final NetworkTemplate templateOemYes = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setOemManaged(OEM_MANAGED_YES).build();
- final NetworkTemplate templateOemNone = new NetworkTemplate(MATCH_MOBILE_WILDCARD,
- /*subscriberId=*/null, /*matchSubscriberIds=*/null,
- /*matchWifiNetworkKeys=*/new String[0], METERED_ALL, ROAMING_ALL,
- DEFAULT_NETWORK_ALL, NETWORK_TYPE_ALL, OEM_MANAGED_NO,
- SUBSCRIBER_ID_MATCH_RULE_EXACT);
+ final NetworkTemplate templateOemNone = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setOemManaged(OEM_MANAGED_NO).build();
// OEM_PAID network comes online.
NetworkStateSnapshot[] states = new NetworkStateSnapshot[]{
buildOemManagedMobileState(IMSI_1, false,
new int[]{NetworkCapabilities.NET_CAPABILITY_OEM_PAID})};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_MOBILE, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// Create some traffic.
incrementCurrentTime(MINUTE_IN_MILLIS);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 36L, 41L, 24L, 96L, 0L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 36L, 41L, 24L, 96L, 0L)));
forcePollAndWaitForIdle();
// OEM_PRIVATE network comes online.
states = new NetworkStateSnapshot[]{buildOemManagedMobileState(IMSI_1, false,
new int[]{NetworkCapabilities.NET_CAPABILITY_OEM_PRIVATE})};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_MOBILE, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// Create some traffic.
incrementCurrentTime(MINUTE_IN_MILLIS);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 49L, 71L, 72L, 48L, 0L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 49L, 71L, 72L, 48L, 0L)));
forcePollAndWaitForIdle();
// OEM_PAID + OEM_PRIVATE network comes online.
states = new NetworkStateSnapshot[]{buildOemManagedMobileState(IMSI_1, false,
new int[]{NetworkCapabilities.NET_CAPABILITY_OEM_PRIVATE,
NetworkCapabilities.NET_CAPABILITY_OEM_PAID})};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_MOBILE, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// Create some traffic.
incrementCurrentTime(MINUTE_IN_MILLIS);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 57L, 86L, 83L, 93L, 0L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 57L, 86L, 83L, 93L, 0L)));
forcePollAndWaitForIdle();
// OEM_NONE network comes online.
states = new NetworkStateSnapshot[]{buildOemManagedMobileState(IMSI_1, false, new int[]{})};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_MOBILE, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// Create some traffic.
incrementCurrentTime(MINUTE_IN_MILLIS);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 29L, 73L, 34L, 31L, 0L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 29L, 73L, 34L, 31L, 0L)));
forcePollAndWaitForIdle();
// Verify OEM_PAID template gets only relevant stats.
@@ -1068,8 +1094,8 @@
// TODO: support per IMSI state
private void setMobileRatTypeAndWaitForIdle(int ratType) {
- when(mNetworkStatsSubscriptionsMonitor.getRatTypeForSubscriberId(anyString()))
- .thenReturn(ratType);
+ doReturn(ratType).when(mNetworkStatsSubscriptionsMonitor)
+ .getRatTypeForSubscriberId(anyString());
mService.handleOnCollapsedRatTypeChanged();
HandlerUtils.waitForIdle(mHandlerThread, WAIT_TIMEOUT);
}
@@ -1077,19 +1103,19 @@
@Test
public void testSummaryForAllUid() throws Exception {
// pretend that network comes online
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildWifiState()};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// create some traffic for two apps
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 50L, 5L, 50L, 5L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, 10L, 1L, 10L, 1L, 0L)
.insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE, 1024L, 8L, 512L, 4L, 0L));
@@ -1104,9 +1130,9 @@
// now create more traffic in next hour, but only for one app
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 50L, 5L, 50L, 5L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, 10L, 1L, 10L, 1L, 0L)
.insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE,
@@ -1136,10 +1162,10 @@
@Test
public void testGetLatestSummary() throws Exception {
// Pretend that network comes online.
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[]{buildWifiState()};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
@@ -1147,16 +1173,19 @@
// Increase arbitrary time which does not align to the bucket edge, create some traffic.
incrementCurrentTime(1751000L);
NetworkStats.Entry entry = new NetworkStats.Entry(
- TEST_IFACE, UID_ALL, SET_DEFAULT, TAG_NONE, 50L, 5L, 51L, 1L, 3L);
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1).insertEntry(entry));
- expectNetworkStatsUidDetail(buildEmptyStats());
+ TEST_IFACE, UID_ALL, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 50L, 5L, 51L, 1L, 3L);
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1).insertEntry(entry));
+ mockNetworkStatsUidDetail(buildEmptyStats());
forcePollAndWaitForIdle();
// Verify the mocked stats is returned by querying with the range of the latest bucket.
final ZonedDateTime end =
ZonedDateTime.ofInstant(mClock.instant(), ZoneId.systemDefault());
final ZonedDateTime start = end.truncatedTo(ChronoUnit.HOURS);
- NetworkStats stats = mSession.getSummaryForNetwork(buildTemplateWifi(TEST_WIFI_NETWORK_KEY),
+ NetworkStats stats = mSession.getSummaryForNetwork(
+ new NetworkTemplate.Builder(MATCH_WIFI)
+ .setWifiNetworkKeys(Set.of(TEST_WIFI_NETWORK_KEY)).build(),
start.toInstant().toEpochMilli(), end.toInstant().toEpochMilli());
assertEquals(1, stats.size());
assertValues(stats, IFACE_ALL, UID_ALL, SET_ALL, TAG_NONE, METERED_ALL, ROAMING_ALL,
@@ -1168,27 +1197,65 @@
}
@Test
+ public void testQueryTestNetworkUsage() throws Exception {
+ final NetworkTemplate templateTestAll = new NetworkTemplate.Builder(MATCH_TEST).build();
+ final NetworkTemplate templateTestIface1 = new NetworkTemplate.Builder(MATCH_TEST)
+ .setWifiNetworkKeys(Set.of(TEST_IFACE)).build();
+ final NetworkTemplate templateTestIface2 = new NetworkTemplate.Builder(MATCH_TEST)
+ .setWifiNetworkKeys(Set.of(TEST_IFACE2)).build();
+ // Test networks might use interface as subscriberId to identify individual networks.
+ // Simulate both cases.
+ final NetworkStateSnapshot[] states =
+ new NetworkStateSnapshot[]{buildTestState(TEST_IFACE, TEST_IFACE),
+ buildTestState(TEST_IFACE2, null /* wifiNetworkKey */)};
+
+ // Test networks comes online.
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
+ mService.notifyNetworkStatus(NETWORKS_TEST, states, getActiveIface(states),
+ new UnderlyingNetworkInfo[0]);
+
+ // Create some traffic on both interfaces.
+ incrementCurrentTime(MINUTE_IN_MILLIS);
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ .addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 12L, 18L, 14L, 1L, 0L))
+ .addEntry(new NetworkStats.Entry(TEST_IFACE2, UID_RED, SET_DEFAULT, TAG_NONE,
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 7L, 3L, 5L, 1L, 1L)));
+ forcePollAndWaitForIdle();
+
+ // Verify test network templates gets stats. Stats of test networks without subscriberId
+ // can only be matched by templates without subscriberId requirement.
+ assertUidTotal(templateTestAll, UID_RED, 19L, 21L, 19L, 2L, 1);
+ assertUidTotal(templateTestIface1, UID_RED, 12L, 18L, 14L, 1L, 0);
+ assertUidTotal(templateTestIface2, UID_RED, 0L, 0L, 0L, 0L, 0);
+ }
+
+ @Test
public void testUidStatsForTransport() throws Exception {
// pretend that network comes online
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildWifiState()};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
NetworkStats.Entry entry1 = new NetworkStats.Entry(
- TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 50L, 5L, 50L, 5L, 0L);
+ TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 50L, 5L, 50L, 5L, 0L);
NetworkStats.Entry entry2 = new NetworkStats.Entry(
- TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, 50L, 5L, 50L, 5L, 0L);
+ TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 50L, 5L, 50L, 5L, 0L);
NetworkStats.Entry entry3 = new NetworkStats.Entry(
- TEST_IFACE, UID_BLUE, SET_DEFAULT, 0xBEEF, 1024L, 8L, 512L, 4L, 0L);
+ TEST_IFACE, UID_BLUE, SET_DEFAULT, 0xBEEF, METERED_NO, ROAMING_NO,
+ DEFAULT_NETWORK_NO, 1024L, 8L, 512L, 4L, 0L);
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 3)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 3)
.insertEntry(entry1)
.insertEntry(entry2)
.insertEntry(entry3));
@@ -1210,19 +1277,19 @@
@Test
public void testForegroundBackground() throws Exception {
// pretend that network comes online
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildWifiState()};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// create some initial traffic
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 128L, 2L, 128L, 2L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, 64L, 1L, 64L, 1L, 0L));
mService.incrementOperationCount(UID_RED, 0xF00D, 1);
@@ -1235,16 +1302,16 @@
// now switch to foreground
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 128L, 2L, 128L, 2L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, 64L, 1L, 64L, 1L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_FOREGROUND, TAG_NONE, 32L, 2L, 32L, 2L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_FOREGROUND, 0xFAAD, 1L, 1L, 1L, 1L, 0L));
mService.noteUidForeground(UID_RED, true);
verify(mUidCounterSetMap).updateEntry(
- eq(new U32(UID_RED)), eq(new U8((short) SET_FOREGROUND)));
+ eq(new S32(UID_RED)), eq(new U8((short) SET_FOREGROUND)));
mService.incrementOperationCount(UID_RED, 0xFAAD, 1);
forcePollAndWaitForIdle();
@@ -1269,23 +1336,23 @@
@Test
public void testMetered() throws Exception {
// pretend that network comes online
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states =
new NetworkStateSnapshot[] {buildWifiState(true /* isMetered */, TEST_IFACE)};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// create some initial traffic
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(buildEmptyStats());
+ mockDefaultSettings();
+ mockNetworkStatsSummary(buildEmptyStats());
// Note that all traffic from NetworkManagementService is tagged as METERED_NO, ROAMING_NO
// and DEFAULT_NETWORK_YES, because these three properties aren't tracked at that layer.
// We layer them on top by inspecting the iface properties.
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
DEFAULT_NETWORK_YES, 128L, 2L, 128L, 2L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, METERED_NO, ROAMING_NO,
@@ -1309,24 +1376,26 @@
@Test
public void testRoaming() throws Exception {
// pretend that network comes online
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states =
- new NetworkStateSnapshot[] {buildMobileState(TEST_IFACE, IMSI_1,
- false /* isTemporarilyNotMetered */, true /* isRoaming */)};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ new NetworkStateSnapshot[] {buildStateOfTransport(
+ NetworkCapabilities.TRANSPORT_CELLULAR, TYPE_MOBILE,
+ TEST_IFACE, IMSI_1, null /* wifiNetworkKey */,
+ false /* isTemporarilyNotMetered */, true /* isRoaming */)};
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_MOBILE, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// Create some traffic
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(buildEmptyStats());
+ mockDefaultSettings();
+ mockNetworkStatsSummary(buildEmptyStats());
// Note that all traffic from NetworkManagementService is tagged as METERED_NO and
// ROAMING_NO, because metered and roaming isn't tracked at that layer. We layer it
// on top by inspecting the iface properties.
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, METERED_ALL, ROAMING_NO,
DEFAULT_NETWORK_YES, 128L, 2L, 128L, 2L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xF00D, METERED_ALL, ROAMING_NO,
@@ -1349,18 +1418,18 @@
@Test
public void testTethering() throws Exception {
// pretend first mobile network comes online
- expectDefaultSettings();
+ mockDefaultSettings();
final NetworkStateSnapshot[] states =
new NetworkStateSnapshot[]{buildMobileState(IMSI_1)};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_MOBILE, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// create some tethering traffic
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
+ mockDefaultSettings();
// Register custom provider and retrieve callback.
final TestableNetworkStatsProviderBinder provider =
@@ -1392,8 +1461,8 @@
final TetherStatsParcel[] tetherStatsParcels =
{buildTetherStatsParcel(TEST_IFACE, 1408L, 10L, 256L, 1L, 0)};
- expectNetworkStatsSummary(swIfaceStats);
- expectNetworkStatsUidDetail(localUidStats, tetherStatsParcels);
+ mockNetworkStatsSummary(swIfaceStats);
+ mockNetworkStatsUidDetail(localUidStats, tetherStatsParcels);
forcePollAndWaitForIdle();
// verify service recorded history
@@ -1406,10 +1475,10 @@
public void testRegisterUsageCallback() throws Exception {
// pretend that wifi network comes online; service should ask about full
// network state, and poll any existing interfaces before updating.
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildWifiState()};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
@@ -1421,9 +1490,9 @@
DataUsageRequest.REQUEST_ID_UNSET, sTemplateWifi, thresholdInBytes);
// Force poll
- expectDefaultSettings();
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockDefaultSettings();
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
// Register and verify request and that binder was called
DataUsageRequest request = mService.registerUsageCallback(
@@ -1441,10 +1510,10 @@
// modify some number on wifi, and trigger poll event
// not enough traffic to call data usage callback
incrementCurrentTime(HOUR_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 1024L, 1L, 2048L, 2L));
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
forcePollAndWaitForIdle();
// verify service recorded history
@@ -1456,10 +1525,10 @@
// and bump forward again, with counters going higher. this is
// important, since it will trigger the data usage callback
incrementCurrentTime(DAY_IN_MILLIS);
- expectDefaultSettings();
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockDefaultSettings();
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 4096000L, 4L, 8192000L, 8L));
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
forcePollAndWaitForIdle();
// verify service recorded history
@@ -1470,8 +1539,8 @@
mUsageCallback.expectOnThresholdReached(request);
// Allow binder to disconnect
- when(mUsageCallbackBinder.unlinkToDeath(any(IBinder.DeathRecipient.class), anyInt()))
- .thenReturn(true);
+ doReturn(true).when(mUsageCallbackBinder)
+ .unlinkToDeath(any(IBinder.DeathRecipient.class), anyInt());
// Unregister request
mService.unregisterUsageRequest(request);
@@ -1496,11 +1565,11 @@
@Test
public void testStatsProviderUpdateStats() throws Exception {
// Pretend that network comes online.
- expectDefaultSettings();
+ mockDefaultSettings();
final NetworkStateSnapshot[] states =
new NetworkStateSnapshot[]{buildWifiState(true /* isMetered */, TEST_IFACE)};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
// Register custom provider and retrieve callback.
final TestableNetworkStatsProviderBinder provider =
@@ -1529,7 +1598,7 @@
// Make another empty mutable stats object. This is necessary since the new NetworkStats
// object will be used to compare with the old one in NetworkStatsRecoder, two of them
// cannot be the same object.
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
forcePollAndWaitForIdle();
@@ -1558,14 +1627,14 @@
@Test
public void testDualVilteProviderStats() throws Exception {
// Pretend that network comes online.
- expectDefaultSettings();
+ mockDefaultSettings();
final int subId1 = 1;
final int subId2 = 2;
final NetworkStateSnapshot[] states = new NetworkStateSnapshot[]{
buildImsState(IMSI_1, subId1, TEST_IFACE),
buildImsState(IMSI_2, subId2, TEST_IFACE2)};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
// Register custom provider and retrieve callback.
final TestableNetworkStatsProviderBinder provider =
@@ -1596,7 +1665,7 @@
// Make another empty mutable stats object. This is necessary since the new NetworkStats
// object will be used to compare with the old one in NetworkStatsRecoder, two of them
// cannot be the same object.
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
forcePollAndWaitForIdle();
@@ -1629,7 +1698,7 @@
@Test
public void testStatsProviderSetAlert() throws Exception {
// Pretend that network comes online.
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states =
new NetworkStateSnapshot[]{buildWifiState(true /* isMetered */, TEST_IFACE)};
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
@@ -1653,7 +1722,7 @@
}
private void setCombineSubtypeEnabled(boolean enable) {
- when(mSettings.getCombineSubtypeEnabled()).thenReturn(enable);
+ doReturn(enable).when(mSettings).getCombineSubtypeEnabled();
mHandler.post(() -> mContentObserver.onChange(false, Settings.Global
.getUriFor(Settings.Global.NETSTATS_COMBINE_SUBTYPE_ENABLED)));
waitForIdle();
@@ -1668,19 +1737,19 @@
public void testDynamicWatchForNetworkRatTypeChanges() throws Exception {
// Build 3G template, type unknown template to get stats while network type is unknown
// and type all template to get the sum of all network type stats.
- final NetworkTemplate template3g =
- buildTemplateMobileWithRatType(null, TelephonyManager.NETWORK_TYPE_UMTS,
- METERED_YES);
- final NetworkTemplate templateUnknown =
- buildTemplateMobileWithRatType(null, TelephonyManager.NETWORK_TYPE_UNKNOWN,
- METERED_YES);
- final NetworkTemplate templateAll =
- buildTemplateMobileWithRatType(null, NETWORK_TYPE_ALL, METERED_YES);
+ final NetworkTemplate template3g = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setRatType(TelephonyManager.NETWORK_TYPE_UMTS)
+ .setMeteredness(METERED_YES).build();
+ final NetworkTemplate templateUnknown = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setRatType(TelephonyManager.NETWORK_TYPE_UNKNOWN)
+ .setMeteredness(METERED_YES).build();
+ final NetworkTemplate templateAll = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setMeteredness(METERED_YES).build();
final NetworkStateSnapshot[] states =
new NetworkStateSnapshot[]{buildMobileState(IMSI_1)};
- expectNetworkStatsSummary(buildEmptyStats());
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
// 3G network comes online.
setMobileRatTypeAndWaitForIdle(TelephonyManager.NETWORK_TYPE_UMTS);
@@ -1689,9 +1758,9 @@
// Create some traffic.
incrementCurrentTime(MINUTE_IN_MILLIS);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 12L, 18L, 14L, 1L, 0L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 12L, 18L, 14L, 1L, 0L)));
forcePollAndWaitForIdle();
// Since CombineSubtypeEnabled is false by default in unit test, the generated traffic
@@ -1713,11 +1782,12 @@
// Create some traffic.
incrementCurrentTime(MINUTE_IN_MILLIS);
// Append more traffic on existing snapshot.
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 12L + 4L, 18L + 4L, 14L + 3L, 1L + 1L, 0L))
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 12L + 4L, 18L + 4L, 14L + 3L,
+ 1L + 1L, 0L))
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_FOREGROUND, TAG_NONE,
- 35L, 29L, 7L, 11L, 1L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 35L, 29L, 7L, 11L, 1L)));
forcePollAndWaitForIdle();
// Verify 3G counters do not increase, while template with unknown RAT type gets new
@@ -1735,11 +1805,11 @@
// Create some traffic.
incrementCurrentTime(MINUTE_IN_MILLIS);
// Append more traffic on existing snapshot.
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE,
- 22L, 26L, 19L, 5L, 0L))
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 22L, 26L, 19L, 5L, 0L))
.addEntry(new NetworkStats.Entry(TEST_IFACE, UID_RED, SET_FOREGROUND, TAG_NONE,
- 35L, 29L, 7L, 11L, 1L)));
+ METERED_NO, ROAMING_NO, DEFAULT_NETWORK_NO, 35L, 29L, 7L, 11L, 1L)));
forcePollAndWaitForIdle();
// Verify traffic is split by RAT type, no increase on template with unknown RAT type
@@ -1752,16 +1822,16 @@
@Test
public void testOperationCount_nonDefault_traffic() throws Exception {
// Pretend mobile network comes online, but wifi is the default network.
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[]{
buildWifiState(true /*isMetered*/, TEST_IFACE2), buildMobileState(IMSI_1)};
- expectNetworkStatsUidDetail(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
new UnderlyingNetworkInfo[0]);
// Create some traffic on mobile network.
incrementCurrentTime(HOUR_IN_MILLIS);
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 4)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 4)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
DEFAULT_NETWORK_NO, 2L, 1L, 3L, 4L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, METERED_NO, ROAMING_NO,
@@ -1772,8 +1842,8 @@
forcePollAndWaitForIdle();
// Verify mobile summary is not changed by the operation count.
- final NetworkTemplate templateMobile =
- buildTemplateMobileWithRatType(null, NETWORK_TYPE_ALL, METERED_YES);
+ final NetworkTemplate templateMobile = new NetworkTemplate.Builder(MATCH_MOBILE)
+ .setMeteredness(METERED_YES).build();
final NetworkStats statsMobile = mSession.getSummaryForAllUid(
templateMobile, Long.MIN_VALUE, Long.MAX_VALUE, true);
assertValues(statsMobile, IFACE_ALL, UID_RED, SET_ALL, TAG_NONE, METERED_ALL, ROAMING_ALL,
@@ -1784,7 +1854,7 @@
// Verify the operation count is blamed onto the default network.
// TODO: Blame onto the default network is not very reasonable. Consider blame onto the
// network that generates the traffic.
- final NetworkTemplate templateWifi = buildTemplateWifiWildcard();
+ final NetworkTemplate templateWifi = new NetworkTemplate.Builder(MATCH_WIFI).build();
final NetworkStats statsWifi = mSession.getSummaryForAllUid(
templateWifi, Long.MIN_VALUE, Long.MAX_VALUE, true);
assertValues(statsWifi, IFACE_ALL, UID_RED, SET_ALL, 0xF00D, METERED_ALL, ROAMING_ALL,
@@ -1812,8 +1882,8 @@
*/
@Test
public void testEnforceTemplateLocationPermission() throws Exception {
- when(mLocationPermissionChecker.checkCallersLocationPermission(
- any(), any(), anyInt(), anyBoolean(), any())).thenReturn(false);
+ doReturn(false).when(mLocationPermissionChecker)
+ .checkCallersLocationPermission(any(), any(), anyInt(), anyBoolean(), any());
initWifiStats(buildWifiState(true, TEST_IFACE, IMSI_1));
assertThrows(SecurityException.class, () ->
assertNetworkTotal(sTemplateWifi, 0L, 0L, 0L, 0L, 0));
@@ -1821,8 +1891,8 @@
assertNetworkTotal(sTemplateCarrierWifi1, 0L, 0L, 0L, 0L, 0);
assertNetworkTotal(sTemplateImsi1, 0L, 0L, 0L, 0L, 0);
- when(mLocationPermissionChecker.checkCallersLocationPermission(
- any(), any(), anyInt(), anyBoolean(), any())).thenReturn(true);
+ doReturn(true).when(mLocationPermissionChecker)
+ .checkCallersLocationPermission(any(), any(), anyInt(), anyBoolean(), any());
assertNetworkTotal(sTemplateCarrierWifi1, 0L, 0L, 0L, 0L, 0);
assertNetworkTotal(sTemplateWifi, 0L, 0L, 0L, 0L, 0);
assertNetworkTotal(sTemplateImsi1, 0L, 0L, 0L, 0L, 0);
@@ -1834,7 +1904,7 @@
@Test
public void testDataMigration() throws Exception {
assertStatsFilesExist(false);
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildWifiState()};
@@ -1843,10 +1913,9 @@
// modify some number on wifi, and trigger poll event
incrementCurrentTime(HOUR_IN_MILLIS);
- // expectDefaultSettings();
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 1024L, 8L, 2048L, 16L));
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 2)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 2)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 512L, 4L, 256L, 2L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, 0xFAAD, 256L, 2L, 128L, 1L, 0L)
.insertEntry(TEST_IFACE, UID_RED, SET_FOREGROUND, TAG_NONE, 512L, 4L, 256L, 2L, 0L)
@@ -1858,7 +1927,7 @@
mService.incrementOperationCount(UID_RED, 0xFAAD, 4);
mService.noteUidForeground(UID_RED, true);
verify(mUidCounterSetMap).updateEntry(
- eq(new U32(UID_RED)), eq(new U8((short) SET_FOREGROUND)));
+ eq(new S32(UID_RED)), eq(new U8((short) SET_FOREGROUND)));
mService.incrementOperationCount(UID_RED, 0xFAAD, 6);
forcePollAndWaitForIdle();
@@ -1883,9 +1952,9 @@
getLegacyCollection(PREFIX_UID_TAG, true /* includeTags */));
// Mock zero usage and boot through serviceReady(), verify there is no imported data.
- expectDefaultSettings();
- expectNetworkStatsUidDetail(buildEmptyStats());
- expectSystemReady();
+ mockDefaultSettings();
+ mockNetworkStatsUidDetail(buildEmptyStats());
+ prepareForSystemReady();
mService.systemReady();
assertStatsFilesExist(false);
@@ -1896,9 +1965,9 @@
assertStatsFilesExist(false);
// Boot through systemReady() again.
- expectDefaultSettings();
- expectNetworkStatsUidDetail(buildEmptyStats());
- expectSystemReady();
+ mockDefaultSettings();
+ mockNetworkStatsUidDetail(buildEmptyStats());
+ prepareForSystemReady();
mService.systemReady();
// After systemReady(), the service should have historical stats loaded again.
@@ -1919,7 +1988,7 @@
@Test
public void testDataMigration_differentFromFallback() throws Exception {
assertStatsFilesExist(false);
- expectDefaultSettings();
+ mockDefaultSettings();
NetworkStateSnapshot[] states = new NetworkStateSnapshot[]{buildWifiState()};
@@ -1928,9 +1997,9 @@
// modify some number on wifi, and trigger poll event
incrementCurrentTime(HOUR_IN_MILLIS);
- expectNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsSummary(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, 1024L, 8L, 2048L, 16L));
- expectNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
+ mockNetworkStatsUidDetail(new NetworkStats(getElapsedRealtime(), 1)
.insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE, 128L, 1L, 128L, 1L, 0L));
forcePollAndWaitForIdle();
// Simulate shutdown to force persisting data
@@ -1971,9 +2040,9 @@
getLegacyCollection(PREFIX_UID_TAG, true /* includeTags */));
// Mock zero usage and boot through serviceReady(), verify there is no imported data.
- expectDefaultSettings();
- expectNetworkStatsUidDetail(buildEmptyStats());
- expectSystemReady();
+ mockDefaultSettings();
+ mockNetworkStatsUidDetail(buildEmptyStats());
+ prepareForSystemReady();
mService.systemReady();
assertStatsFilesExist(false);
@@ -1984,9 +2053,9 @@
assertStatsFilesExist(false);
// Boot through systemReady() again.
- expectDefaultSettings();
- expectNetworkStatsUidDetail(buildEmptyStats());
- expectSystemReady();
+ mockDefaultSettings();
+ mockNetworkStatsUidDetail(buildEmptyStats());
+ prepareForSystemReady();
mService.systemReady();
// Verify the result read from public API matches the result returned from the importer.
@@ -2019,6 +2088,59 @@
}
}
+ @Test
+ public void testStatsFactoryRemoveUids() throws Exception {
+ // pretend that network comes online
+ mockDefaultSettings();
+ NetworkStateSnapshot[] states = new NetworkStateSnapshot[] {buildWifiState()};
+ mockNetworkStatsSummary(buildEmptyStats());
+ mockNetworkStatsUidDetail(buildEmptyStats());
+
+ mService.notifyNetworkStatus(NETWORKS_WIFI, states, getActiveIface(states),
+ new UnderlyingNetworkInfo[0]);
+
+ // Create some traffic
+ incrementCurrentTime(HOUR_IN_MILLIS);
+ mockDefaultSettings();
+ final NetworkStats stats = new NetworkStats(getElapsedRealtime(), 1)
+ .insertEntry(TEST_IFACE, UID_RED, SET_DEFAULT, TAG_NONE, 16L, 1L, 16L, 1L, 0L)
+ .insertEntry(TEST_IFACE, UID_BLUE, SET_DEFAULT, TAG_NONE,
+ 4096L, 258L, 512L, 32L, 0L)
+ .insertEntry(TEST_IFACE, UID_GREEN, SET_DEFAULT, TAG_NONE, 64L, 3L, 1024L, 8L, 0L);
+ mockNetworkStatsUidDetail(stats);
+
+ forcePollAndWaitForIdle();
+
+ // Verify service recorded history
+ assertUidTotal(sTemplateWifi, UID_RED, 16L, 1L, 16L, 1L, 0);
+ assertUidTotal(sTemplateWifi, UID_BLUE, 4096L, 258L, 512L, 32L, 0);
+ assertUidTotal(sTemplateWifi, UID_GREEN, 64L, 3L, 1024L, 8L, 0);
+
+ // Simulate that the apps are removed.
+ final Intent intentBlue = new Intent(ACTION_UID_REMOVED);
+ intentBlue.putExtra(EXTRA_UID, UID_BLUE);
+ mServiceContext.sendBroadcast(intentBlue);
+
+ final Intent intentRed = new Intent(ACTION_UID_REMOVED);
+ intentRed.putExtra(EXTRA_UID, UID_RED);
+ mServiceContext.sendBroadcast(intentRed);
+
+ final int[] removedUids = {UID_BLUE, UID_RED};
+
+ final ArgumentCaptor<int[]> removedUidsCaptor = ArgumentCaptor.forClass(int[].class);
+ verify(mStatsFactory, times(2)).removeUidsLocked(removedUidsCaptor.capture());
+ final List<int[]> captureRemovedUids = removedUidsCaptor.getAllValues();
+ // Simulate that the stats are removed in NetworkStatsFactory.
+ if (captureRemovedUids.contains(removedUids)) {
+ stats.removeUids(removedUids);
+ }
+
+ // Verify the stats of the removed uid is removed.
+ assertUidTotal(sTemplateWifi, UID_RED, 0L, 0L, 0L, 0L, 0);
+ assertUidTotal(sTemplateWifi, UID_BLUE, 0L, 0L, 0L, 0L, 0);
+ assertUidTotal(sTemplateWifi, UID_GREEN, 64L, 3L, 1024L, 8L, 0);
+ }
+
private void assertShouldRunComparison(boolean expected, boolean isDebuggable) {
assertEquals("shouldRunComparison (debuggable=" + isDebuggable + "): ",
expected, mService.shouldRunComparison());
@@ -2081,8 +2203,8 @@
rxBytes, rxPackets, txBytes, txPackets, operations);
}
- private void expectSystemReady() throws Exception {
- expectNetworkStatsSummary(buildEmptyStats());
+ private void prepareForSystemReady() throws Exception {
+ mockNetworkStatsSummary(buildEmptyStats());
}
private String getActiveIface(NetworkStateSnapshot... states) throws Exception {
@@ -2092,57 +2214,54 @@
return states[0].getLinkProperties().getInterfaceName();
}
- // TODO: These expect* methods are used to have NetworkStatsService returns the given stats
- // instead of expecting anything. Therefore, these methods should be renamed properly.
- private void expectNetworkStatsSummary(NetworkStats summary) throws Exception {
- expectNetworkStatsSummaryDev(summary.clone());
- expectNetworkStatsSummaryXt(summary.clone());
+ private void mockNetworkStatsSummary(NetworkStats summary) throws Exception {
+ mockNetworkStatsSummaryDev(summary.clone());
+ mockNetworkStatsSummaryXt(summary.clone());
}
- private void expectNetworkStatsSummaryDev(NetworkStats summary) throws Exception {
- when(mStatsFactory.readNetworkStatsSummaryDev()).thenReturn(summary);
+ private void mockNetworkStatsSummaryDev(NetworkStats summary) throws Exception {
+ doReturn(summary).when(mStatsFactory).readNetworkStatsSummaryDev();
}
- private void expectNetworkStatsSummaryXt(NetworkStats summary) throws Exception {
- when(mStatsFactory.readNetworkStatsSummaryXt()).thenReturn(summary);
+ private void mockNetworkStatsSummaryXt(NetworkStats summary) throws Exception {
+ doReturn(summary).when(mStatsFactory).readNetworkStatsSummaryXt();
}
- private void expectNetworkStatsUidDetail(NetworkStats detail) throws Exception {
+ private void mockNetworkStatsUidDetail(NetworkStats detail) throws Exception {
final TetherStatsParcel[] tetherStatsParcels = {};
- expectNetworkStatsUidDetail(detail, tetherStatsParcels);
+ mockNetworkStatsUidDetail(detail, tetherStatsParcels);
}
- private void expectNetworkStatsUidDetail(NetworkStats detail,
+ private void mockNetworkStatsUidDetail(NetworkStats detail,
TetherStatsParcel[] tetherStatsParcels) throws Exception {
- when(mStatsFactory.readNetworkStatsDetail(UID_ALL, INTERFACES_ALL, TAG_ALL))
- .thenReturn(detail);
+ doReturn(detail).when(mStatsFactory)
+ .readNetworkStatsDetail(UID_ALL, INTERFACES_ALL, TAG_ALL);
// also include tethering details, since they are folded into UID
- when(mNetd.tetherGetStats()).thenReturn(tetherStatsParcels);
+ doReturn(tetherStatsParcels).when(mNetd).tetherGetStats();
}
- private void expectDefaultSettings() throws Exception {
- expectSettings(0L, HOUR_IN_MILLIS, WEEK_IN_MILLIS);
+ private void mockDefaultSettings() throws Exception {
+ mockSettings(HOUR_IN_MILLIS, WEEK_IN_MILLIS);
}
- private void expectSettings(long persistBytes, long bucketDuration, long deleteAge)
- throws Exception {
- when(mSettings.getPollInterval()).thenReturn(HOUR_IN_MILLIS);
- when(mSettings.getPollDelay()).thenReturn(0L);
- when(mSettings.getSampleEnabled()).thenReturn(true);
- when(mSettings.getCombineSubtypeEnabled()).thenReturn(false);
+ private void mockSettings(long bucketDuration, long deleteAge) throws Exception {
+ doReturn(HOUR_IN_MILLIS).when(mSettings).getPollInterval();
+ doReturn(0L).when(mSettings).getPollDelay();
+ doReturn(true).when(mSettings).getSampleEnabled();
+ doReturn(false).when(mSettings).getCombineSubtypeEnabled();
final Config config = new Config(bucketDuration, deleteAge, deleteAge);
- when(mSettings.getDevConfig()).thenReturn(config);
- when(mSettings.getXtConfig()).thenReturn(config);
- when(mSettings.getUidConfig()).thenReturn(config);
- when(mSettings.getUidTagConfig()).thenReturn(config);
+ doReturn(config).when(mSettings).getDevConfig();
+ doReturn(config).when(mSettings).getXtConfig();
+ doReturn(config).when(mSettings).getUidConfig();
+ doReturn(config).when(mSettings).getUidTagConfig();
- when(mSettings.getGlobalAlertBytes(anyLong())).thenReturn(MB_IN_BYTES);
- when(mSettings.getDevPersistBytes(anyLong())).thenReturn(MB_IN_BYTES);
- when(mSettings.getXtPersistBytes(anyLong())).thenReturn(MB_IN_BYTES);
- when(mSettings.getUidPersistBytes(anyLong())).thenReturn(MB_IN_BYTES);
- when(mSettings.getUidTagPersistBytes(anyLong())).thenReturn(MB_IN_BYTES);
+ doReturn(MB_IN_BYTES).when(mSettings).getGlobalAlertBytes(anyLong());
+ doReturn(MB_IN_BYTES).when(mSettings).getDevPersistBytes(anyLong());
+ doReturn(MB_IN_BYTES).when(mSettings).getXtPersistBytes(anyLong());
+ doReturn(MB_IN_BYTES).when(mSettings).getUidPersistBytes(anyLong());
+ doReturn(MB_IN_BYTES).when(mSettings).getUidTagPersistBytes(anyLong());
}
private void assertStatsFilesExist(boolean exist) {
@@ -2184,24 +2303,34 @@
}
private static NetworkStateSnapshot buildMobileState(String subscriberId) {
- return buildMobileState(TEST_IFACE, subscriberId, false /* isTemporarilyNotMetered */,
- false /* isRoaming */);
+ return buildStateOfTransport(NetworkCapabilities.TRANSPORT_CELLULAR, TYPE_MOBILE,
+ TEST_IFACE, subscriberId, null /* wifiNetworkKey */,
+ false /* isTemporarilyNotMetered */, false /* isRoaming */);
}
- private static NetworkStateSnapshot buildMobileState(String iface, String subscriberId,
+ private static NetworkStateSnapshot buildTestState(@NonNull String iface,
+ @Nullable String wifiNetworkKey) {
+ return buildStateOfTransport(NetworkCapabilities.TRANSPORT_TEST, TYPE_TEST,
+ iface, null /* subscriberId */, wifiNetworkKey,
+ false /* isTemporarilyNotMetered */, false /* isRoaming */);
+ }
+
+ private static NetworkStateSnapshot buildStateOfTransport(int transport, int legacyType,
+ String iface, String subscriberId, String wifiNetworkKey,
boolean isTemporarilyNotMetered, boolean isRoaming) {
final LinkProperties prop = new LinkProperties();
prop.setInterfaceName(iface);
final NetworkCapabilities capabilities = new NetworkCapabilities();
- if (isTemporarilyNotMetered) {
- capabilities.addCapability(
- NetworkCapabilities.NET_CAPABILITY_TEMPORARILY_NOT_METERED);
- }
+ capabilities.setCapability(NetworkCapabilities.NET_CAPABILITY_TEMPORARILY_NOT_METERED,
+ isTemporarilyNotMetered);
capabilities.setCapability(NetworkCapabilities.NET_CAPABILITY_NOT_ROAMING, !isRoaming);
- capabilities.addTransportType(NetworkCapabilities.TRANSPORT_CELLULAR);
+ capabilities.addTransportType(transport);
+ if (legacyType == TYPE_TEST && !TextUtils.isEmpty(wifiNetworkKey)) {
+ capabilities.setNetworkSpecifier(new TestNetworkSpecifier(wifiNetworkKey));
+ }
return new NetworkStateSnapshot(
- MOBILE_NETWORK, capabilities, prop, subscriberId, TYPE_MOBILE);
+ MOBILE_NETWORK, capabilities, prop, subscriberId, legacyType);
}
private NetworkStats buildEmptyStats() {
@@ -2295,13 +2424,13 @@
mAppUidStatsMap.insertEntry(new UidStatsMapKey(uid), new StatsMapValue(10, 10000, 6, 6000));
- mUidCounterSetMap.insertEntry(new U32(uid), new U8((short) 1));
+ mUidCounterSetMap.insertEntry(new S32(uid), new U8((short) 1));
assertTrue(cookieTagMapContainsUid(uid));
assertTrue(statsMapContainsUid(mStatsMapA, uid));
assertTrue(statsMapContainsUid(mStatsMapB, uid));
assertTrue(mAppUidStatsMap.containsKey(new UidStatsMapKey(uid)));
- assertTrue(mUidCounterSetMap.containsKey(new U32(uid)));
+ assertTrue(mUidCounterSetMap.containsKey(new S32(uid)));
}
@Test
@@ -2318,13 +2447,109 @@
assertFalse(statsMapContainsUid(mStatsMapA, UID_BLUE));
assertFalse(statsMapContainsUid(mStatsMapB, UID_BLUE));
assertFalse(mAppUidStatsMap.containsKey(new UidStatsMapKey(UID_BLUE)));
- assertFalse(mUidCounterSetMap.containsKey(new U32(UID_BLUE)));
+ assertFalse(mUidCounterSetMap.containsKey(new S32(UID_BLUE)));
// assert that UID_RED related tag data is still in the maps.
assertTrue(cookieTagMapContainsUid(UID_RED));
assertTrue(statsMapContainsUid(mStatsMapA, UID_RED));
assertTrue(statsMapContainsUid(mStatsMapB, UID_RED));
assertTrue(mAppUidStatsMap.containsKey(new UidStatsMapKey(UID_RED)));
- assertTrue(mUidCounterSetMap.containsKey(new U32(UID_RED)));
+ assertTrue(mUidCounterSetMap.containsKey(new S32(UID_RED)));
+ }
+
+ private void assertDumpContains(final String dump, final String message) {
+ assertTrue(String.format("dump(%s) does not contain '%s'", dump, message),
+ dump.contains(message));
+ }
+
+ private String getDump(final String[] args) {
+ final StringWriter sw = new StringWriter();
+ mService.dump(new FileDescriptor(), new PrintWriter(sw), args);
+ return sw.toString();
+ }
+
+ private String getDump() {
+ return getDump(new String[]{});
+ }
+
+ private <K extends Struct, V extends Struct> Map<K, V> parseBpfRawMap(
+ Class<K> keyClass, Class<V> valueClass, String dumpStr) {
+ final HashMap<K, V> map = new HashMap<>();
+ for (final String line : dumpStr.split(LINE_DELIMITER)) {
+ final Pair<K, V> keyValue =
+ BpfDump.fromBase64EncodedString(keyClass, valueClass, line.trim());
+ map.put(keyValue.first, keyValue.second);
+ }
+ return map;
+ }
+
+ @Test
+ public void testDumpCookieTagMap() throws ErrnoException {
+ initBpfMapsWithTagData(UID_BLUE);
+
+ final String dump = getDump();
+ assertDumpContains(dump, "mCookieTagMap: OK");
+ assertDumpContains(dump, "cookie=2002 tag=0x1 uid=1002");
+ assertDumpContains(dump, "cookie=3002 tag=0x2 uid=1002");
+ }
+
+ @Test
+ public void testDumpCookieTagMapBpfRawMap() throws ErrnoException {
+ initBpfMapsWithTagData(UID_BLUE);
+
+ final String dump = getDump(new String[]{DUMPSYS_BPF_RAW_MAP, DUMPSYS_COOKIE_TAG_MAP});
+ Map<CookieTagMapKey, CookieTagMapValue> cookieTagMap = parseBpfRawMap(
+ CookieTagMapKey.class, CookieTagMapValue.class, dump);
+
+ final CookieTagMapValue val1 = cookieTagMap.get(new CookieTagMapKey(2002));
+ assertEquals(1, val1.tag);
+ assertEquals(1002, val1.uid);
+
+ final CookieTagMapValue val2 = cookieTagMap.get(new CookieTagMapKey(3002));
+ assertEquals(2, val2.tag);
+ assertEquals(1002, val2.uid);
+ }
+
+ @Test
+ public void testDumpUidCounterSetMap() throws ErrnoException {
+ initBpfMapsWithTagData(UID_BLUE);
+
+ final String dump = getDump();
+ assertDumpContains(dump, "mUidCounterSetMap: OK");
+ assertDumpContains(dump, "uid=1002 set=1");
+ }
+
+ @Test
+ public void testAppUidStatsMap() throws ErrnoException {
+ initBpfMapsWithTagData(UID_BLUE);
+
+ final String dump = getDump();
+ assertDumpContains(dump, "mAppUidStatsMap: OK");
+ assertDumpContains(dump, "uid rxBytes rxPackets txBytes txPackets");
+ assertDumpContains(dump, "1002 10000 10 6000 6");
+ }
+
+ private void doTestDumpStatsMap(final String expectedIfaceName) throws ErrnoException {
+ initBpfMapsWithTagData(UID_BLUE);
+
+ final String dump = getDump();
+ assertDumpContains(dump, "mStatsMapA: OK");
+ assertDumpContains(dump, "mStatsMapB: OK");
+ assertDumpContains(dump,
+ "ifaceIndex ifaceName tag_hex uid_int cnt_set rxBytes rxPackets txBytes txPackets");
+ assertDumpContains(dump, "10 " + expectedIfaceName + " 0x2 1002 0 5000 5 3000 3");
+ assertDumpContains(dump, "10 " + expectedIfaceName + " 0x1 1002 0 5000 5 3000 3");
+ }
+
+ @Test
+ public void testDumpStatsMap() throws ErrnoException {
+ doReturn("wlan0").when(mBpfInterfaceMapUpdater).getIfNameByIndex(10 /* index */);
+ doTestDumpStatsMap("wlan0");
+ }
+
+ @Test
+ public void testDumpStatsMapUnknownInterface() throws ErrnoException {
+ doReturn(null).when(mBpfInterfaceMapUpdater).getIfNameByIndex(10 /* index */);
+ doTestDumpStatsMap("unknown");
}
}
diff --git a/tests/unit/java/com/android/server/net/NetworkStatsSubscriptionsMonitorTest.java b/tests/unit/java/com/android/server/net/NetworkStatsSubscriptionsMonitorTest.java
index 0d34609..622f2be 100644
--- a/tests/unit/java/com/android/server/net/NetworkStatsSubscriptionsMonitorTest.java
+++ b/tests/unit/java/com/android/server/net/NetworkStatsSubscriptionsMonitorTest.java
@@ -19,6 +19,8 @@
import static android.telephony.TelephonyDisplayInfo.OVERRIDE_NETWORK_TYPE_NONE;
import static android.telephony.TelephonyDisplayInfo.OVERRIDE_NETWORK_TYPE_NR_NSA;
+import static com.android.testutils.DevSdkIgnoreRuleKt.SC_V2;
+
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.fail;
@@ -37,7 +39,6 @@
import android.annotation.Nullable;
import android.app.usage.NetworkStatsManager;
import android.content.Context;
-import android.os.Build;
import android.os.Looper;
import android.os.Parcel;
import android.telephony.SubscriptionManager;
@@ -63,7 +64,7 @@
import java.util.concurrent.Executors;
@RunWith(DevSdkIgnoreRunner.class)
-@DevSdkIgnoreRule.IgnoreUpTo(Build.VERSION_CODES.R)
+@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
public final class NetworkStatsSubscriptionsMonitorTest {
private static final int TEST_SUBID1 = 3;
private static final int TEST_SUBID2 = 5;
diff --git a/tests/unit/res/raw/xt_qtaguid_iface_fmt_typical b/tests/unit/res/raw/xt_qtaguid_iface_fmt_typical
deleted file mode 100644
index 656d5bb..0000000
--- a/tests/unit/res/raw/xt_qtaguid_iface_fmt_typical
+++ /dev/null
@@ -1,4 +0,0 @@
-ifname total_skb_rx_bytes total_skb_rx_packets total_skb_tx_bytes total_skb_tx_packets
-rmnet2 4968 35 3081 39
-rmnet1 11153922 8051 190226 2468
-rmnet0 6824 16 5692 10
diff --git a/tests/unit/res/raw/xt_qtaguid_iface_typical b/tests/unit/res/raw/xt_qtaguid_iface_typical
deleted file mode 100644
index 610723a..0000000
--- a/tests/unit/res/raw/xt_qtaguid_iface_typical
+++ /dev/null
@@ -1,6 +0,0 @@
-rmnet3 1 0 0 0 0 20822 501 1149991 815
-rmnet2 1 0 0 0 0 1594 15 1313 15
-rmnet1 1 0 0 0 0 207398 458 166918 565
-rmnet0 1 0 0 0 0 2112 24 700 10
-test1 1 1 2 3 4 5 6 7 8
-test2 0 1 2 3 4 5 6 7 8
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_incorrect_iface b/tests/unit/res/raw/xt_qtaguid_vpn_incorrect_iface
index fc92715..8b75565 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_incorrect_iface
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_incorrect_iface
@@ -1,3 +1,3 @@
idx iface acct_tag_hex uid_tag_int cnt_set rx_bytes rx_packets tx_bytes tx_packets rx_tcp_bytes rx_tcp_packets rx_udp_bytes rx_udp_packets rx_other_bytes rx_other_packets tx_tcp_bytes tx_tcp_packets tx_udp_bytes tx_udp_packets tx_other_bytes tx_other_packets
2 test_nss_tun0 0x0 1001 0 1000 100 1000 100 0 0 0 0 0 0 0 0 0 0 0 0
-3 test1 0x0 1004 0 1100 100 1100 100 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+3 test1 0x0 1004 0 1100 100 1100 100 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying b/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying
index 1ef1889..2b7cce1 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying
@@ -2,4 +2,4 @@
2 test_nss_tun0 0x0 1001 0 2000 200 1000 100 0 0 0 0 0 0 0 0 0 0 0 0
3 test_nss_tun0 0x0 1002 0 1000 100 500 50 0 0 0 0 0 0 0 0 0 0 0 0
4 test0 0x0 1004 0 3300 300 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-5 test0 0x0 1004 1 0 0 1650 150 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+5 test0 0x0 1004 1 0 0 1650 150 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_compression b/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_compression
index 6d6bf55..2028910 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_compression
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_compression
@@ -1,4 +1,4 @@
idx iface acct_tag_hex uid_tag_int cnt_set rx_bytes rx_packets tx_bytes tx_packets rx_tcp_bytes rx_tcp_packets rx_udp_bytes rx_udp_packets rx_other_bytes rx_other_packets tx_tcp_bytes tx_tcp_packets tx_udp_bytes tx_udp_packets tx_other_bytes tx_other_packets
2 test_nss_tun0 0x0 1001 0 1000 100 1000 100 0 0 0 0 0 0 0 0 0 0 0 0
3 test_nss_tun0 0x0 1002 0 3000 300 3000 300 0 0 0 0 0 0 0 0 0 0 0 0
-4 test0 0x0 1004 0 1000 100 1000 100 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+4 test0 0x0 1004 0 1000 100 1000 100 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_own_traffic b/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_own_traffic
index 2c2e5d2..602f8ec 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_own_traffic
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_own_traffic
@@ -3,4 +3,4 @@
3 test_nss_tun0 0x0 1002 0 1000 100 500 50 0 0 0 0 0 0 0 0 0 0 0 0
4 test_nss_tun0 0x0 1004 0 5000 500 6000 600 0 0 0 0 0 0 0 0 0 0 0 0
5 test0 0x0 1004 0 8800 800 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-6 test0 0x0 1004 1 0 0 8250 750 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+6 test0 0x0 1004 1 0 0 8250 750 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_two_vpn b/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_two_vpn
index eb0513b..dbe05f0 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_two_vpn
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_one_underlying_two_vpn
@@ -6,4 +6,4 @@
6 test0 0x0 1004 0 3300 300 0 0 0 0 0 0 0 0 0 0 0 0 0 0
7 test0 0x0 1004 1 0 0 1650 150 0 0 0 0 0 0 0 0 0 0 0 0
8 test1 0x0 1004 0 3850 350 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-9 test1 0x0 1004 1 0 0 1045 95 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+9 test1 0x0 1004 1 0 0 1045 95 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_rewrite_through_self b/tests/unit/res/raw/xt_qtaguid_vpn_rewrite_through_self
index afcdd71..a84a0fe 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_rewrite_through_self
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_rewrite_through_self
@@ -3,4 +3,4 @@
3 test_nss_tun0 0x0 1002 0 1000 100 500 50 0 0 0 0 0 0 0 0 0 0 0 0
4 test_nss_tun0 0x0 1004 0 0 0 1600 160 0 0 0 0 0 0 0 0 0 0 0 0
5 test0 0x0 1004 1 0 0 1760 176 0 0 0 0 0 0 0 0 0 0 0 0
-6 test0 0x0 1004 0 3300 300 0 0 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+6 test0 0x0 1004 0 3300 300 0 0 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_duplication b/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_duplication
index d7c7eb9..7a53bc5 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_duplication
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_duplication
@@ -2,4 +2,4 @@
2 test_nss_tun0 0x0 1001 0 1000 100 1000 100 0 0 0 0 0 0 0 0 0 0 0 0
3 test_nss_tun0 0x0 1002 0 1000 100 1000 100 0 0 0 0 0 0 0 0 0 0 0 0
4 test0 0x0 1004 0 2200 200 2200 200 0 0 0 0 0 0 0 0 0 0 0 0
-5 test1 0x0 1004 0 2200 200 2200 200 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+5 test1 0x0 1004 0 2200 200 2200 200 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_split b/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_split
index 38a3dce..0e4c1b9 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_split
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_split
@@ -1,4 +1,4 @@
idx iface acct_tag_hex uid_tag_int cnt_set rx_bytes rx_packets tx_bytes tx_packets rx_tcp_bytes rx_tcp_packets rx_udp_bytes rx_udp_packets rx_other_bytes rx_other_packets tx_tcp_bytes tx_tcp_packets tx_udp_bytes tx_udp_packets tx_other_bytes tx_other_packets
2 test_nss_tun0 0x0 1001 0 500 50 1000 100 0 0 0 0 0 0 0 0 0 0 0 0
3 test0 0x0 1004 0 330 30 660 60 0 0 0 0 0 0 0 0 0 0 0 0
-4 test1 0x0 1004 0 220 20 440 40 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+4 test1 0x0 1004 0 220 20 440 40 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_split_compression b/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_split_compression
index d35244b..00a1b65 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_split_compression
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_two_underlying_split_compression
@@ -1,4 +1,4 @@
idx iface acct_tag_hex uid_tag_int cnt_set rx_bytes rx_packets tx_bytes tx_packets rx_tcp_bytes rx_tcp_packets rx_udp_bytes rx_udp_packets rx_other_bytes rx_other_packets tx_tcp_bytes tx_tcp_packets tx_udp_bytes tx_udp_packets tx_other_bytes tx_other_packets
2 test_nss_tun0 0x0 1001 0 1000 100 1000 100 0 0 0 0 0 0 0 0 0 0 0 0
3 test0 0x0 1004 0 600 60 600 60 0 0 0 0 0 0 0 0 0 0 0 0
-4 test1 0x0 1004 0 200 20 200 20 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+4 test1 0x0 1004 0 200 20 200 20 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_vpn_with_clat b/tests/unit/res/raw/xt_qtaguid_vpn_with_clat
index 0d893d5..88770a7 100644
--- a/tests/unit/res/raw/xt_qtaguid_vpn_with_clat
+++ b/tests/unit/res/raw/xt_qtaguid_vpn_with_clat
@@ -5,4 +5,4 @@
5 v4-test0 0x0 1004 1 0 0 1650 150 0 0 0 0 0 0 0 0 0 0 0 0
6 test0 0x0 0 0 9300 300 0 0 0 0 0 0 0 0 0 0 0 0 0 0
7 test0 0x0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-8 test0 0x0 1029 0 0 0 4650 150 0 0 0 0 0 0 0 0 0 0 0 0
\ No newline at end of file
+8 test0 0x0 1029 0 0 0 4650 150 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_with_clat_100mb_download_after b/tests/unit/res/raw/xt_qtaguid_with_clat_100mb_download_after
deleted file mode 100644
index 12d98ca..0000000
--- a/tests/unit/res/raw/xt_qtaguid_with_clat_100mb_download_after
+++ /dev/null
@@ -1,189 +0,0 @@
-idx iface acct_tag_hex uid_tag_int cnt_set rx_bytes rx_packets tx_bytes tx_packets rx_tcp_bytes rx_tcp_packets rx_udp_bytes rx_udp_packets rx_other_bytes rx_other_packets tx_tcp_bytes tx_tcp_packets tx_udp_bytes tx_udp_packets tx_other_bytes tx_other_packets
-2 r_rmnet_data0 0x0 0 0 0 0 392 6 0 0 0 0 0 0 0 0 0 0 392 6
-3 r_rmnet_data0 0x0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-4 v4-wlan0 0x0 0 0 58952 2072 2888 65 264 6 0 0 58688 2066 132 3 0 0 2756 62
-5 v4-wlan0 0x0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-6 v4-wlan0 0x0 10034 0 6192 11 1445 11 6192 11 0 0 0 0 1445 11 0 0 0 0
-7 v4-wlan0 0x0 10034 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-8 v4-wlan0 0x0 10057 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-9 v4-wlan0 0x0 10057 1 728 7 392 7 0 0 728 7 0 0 0 0 392 7 0 0
-10 v4-wlan0 0x0 10106 0 2232 18 2232 18 0 0 2232 18 0 0 0 0 2232 18 0 0
-11 v4-wlan0 0x0 10106 1 432952718 314238 5442288 121260 432950238 314218 2480 20 0 0 5433900 121029 8388 231 0 0
-12 wlan0 0x0 0 0 330187296 250652 0 0 329106990 236273 226202 1255 854104 13124 0 0 0 0 0 0
-13 wlan0 0x0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-14 wlan0 0x0 1000 0 77113 272 56151 575 77113 272 0 0 0 0 19191 190 36960 385 0 0
-15 wlan0 0x0 1000 1 20227 80 8356 72 18539 74 1688 6 0 0 7562 66 794 6 0 0
-16 wlan0 0x0 10006 0 80755 92 9122 99 80755 92 0 0 0 0 9122 99 0 0 0 0
-17 wlan0 0x0 10006 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-18 wlan0 0x0 10015 0 4390 7 14824 252 4390 7 0 0 0 0 14824 252 0 0 0 0
-19 wlan0 0x0 10015 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-20 wlan0 0x0 10018 0 4928 11 1741 14 4928 11 0 0 0 0 1741 14 0 0 0 0
-21 wlan0 0x0 10018 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-22 wlan0 0x0 10020 0 21163552 34395 2351650 15326 21162947 34390 605 5 0 0 2351045 15321 605 5 0 0
-23 wlan0 0x0 10020 1 13835740 12938 1548795 6365 13833754 12920 1986 18 0 0 1546809 6347 1986 18 0 0
-24 wlan0 0x0 10023 0 13405 40 5042 44 13405 40 0 0 0 0 5042 44 0 0 0 0
-25 wlan0 0x0 10023 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-26 wlan0 0x0 10034 0 436394741 342648 6237981 80442 436394741 342648 0 0 0 0 6237981 80442 0 0 0 0
-27 wlan0 0x0 10034 1 64860872 51297 1335539 15546 64860872 51297 0 0 0 0 1335539 15546 0 0 0 0
-28 wlan0 0x0 10044 0 17614444 14774 521004 5694 17329882 14432 284562 342 0 0 419974 5408 101030 286 0 0
-29 wlan0 0x0 10044 1 17701 33 3100 28 17701 33 0 0 0 0 3100 28 0 0 0 0
-30 wlan0 0x0 10057 0 12312074 9339 436098 5450 12248060 9263 64014 76 0 0 414224 5388 21874 62 0 0
-31 wlan0 0x0 10057 1 1332953195 954797 31849632 457698 1331933207 953569 1019988 1228 0 0 31702284 456899 147348 799 0 0
-32 wlan0 0x0 10060 0 32972 200 433705 380 32972 200 0 0 0 0 433705 380 0 0 0 0
-33 wlan0 0x0 10060 1 32106 66 37789 87 32106 66 0 0 0 0 37789 87 0 0 0 0
-34 wlan0 0x0 10061 0 7675 23 2509 22 7675 23 0 0 0 0 2509 22 0 0 0 0
-35 wlan0 0x0 10061 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-36 wlan0 0x0 10074 0 38355 82 10447 97 38355 82 0 0 0 0 10447 97 0 0 0 0
-37 wlan0 0x0 10074 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-38 wlan0 0x0 10078 0 49013 79 7167 69 49013 79 0 0 0 0 7167 69 0 0 0 0
-39 wlan0 0x0 10078 1 5872 8 1236 10 5872 8 0 0 0 0 1236 10 0 0 0 0
-40 wlan0 0x0 10082 0 8301 13 1981 15 8301 13 0 0 0 0 1981 15 0 0 0 0
-41 wlan0 0x0 10082 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-42 wlan0 0x0 10086 0 7001 14 1579 15 7001 14 0 0 0 0 1579 15 0 0 0 0
-43 wlan0 0x0 10086 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-44 wlan0 0x0 10090 0 24327795 20224 920502 14661 24327795 20224 0 0 0 0 920502 14661 0 0 0 0
-45 wlan0 0x0 10090 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-46 wlan0 0x0 10092 0 36849 78 12449 81 36849 78 0 0 0 0 12449 81 0 0 0 0
-47 wlan0 0x0 10092 1 60 1 103 1 60 1 0 0 0 0 103 1 0 0 0 0
-48 wlan0 0x0 10095 0 131962 223 37069 241 131962 223 0 0 0 0 37069 241 0 0 0 0
-49 wlan0 0x0 10095 1 12949 21 3930 21 12949 21 0 0 0 0 3930 21 0 0 0 0
-50 wlan0 0x0 10106 0 30899554 22679 632476 12296 30895334 22645 4220 34 0 0 628256 12262 4220 34 0 0
-51 wlan0 0x0 10106 1 88923475 64963 1606962 35612 88917201 64886 3586 29 2688 48 1602032 35535 4930 77 0 0
-52 wlan0 0x40700000000 10020 0 705732 10589 404428 5504 705732 10589 0 0 0 0 404428 5504 0 0 0 0
-53 wlan0 0x40700000000 10020 1 2376 36 1296 18 2376 36 0 0 0 0 1296 18 0 0 0 0
-54 wlan0 0x40800000000 10020 0 34624 146 122525 160 34624 146 0 0 0 0 122525 160 0 0 0 0
-55 wlan0 0x40800000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-56 wlan0 0x40b00000000 10020 0 22411 85 7364 57 22411 85 0 0 0 0 7364 57 0 0 0 0
-57 wlan0 0x40b00000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-58 wlan0 0x120300000000 10020 0 76641 241 32783 169 76641 241 0 0 0 0 32783 169 0 0 0 0
-59 wlan0 0x120300000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-60 wlan0 0x130100000000 10020 0 73101 287 23236 203 73101 287 0 0 0 0 23236 203 0 0 0 0
-61 wlan0 0x130100000000 10020 1 264 4 144 2 264 4 0 0 0 0 144 2 0 0 0 0
-62 wlan0 0x180300000000 10020 0 330648 399 24736 232 330648 399 0 0 0 0 24736 232 0 0 0 0
-63 wlan0 0x180300000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-64 wlan0 0x180400000000 10020 0 21865 59 5022 42 21865 59 0 0 0 0 5022 42 0 0 0 0
-65 wlan0 0x180400000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-66 wlan0 0x300000000000 10020 0 15984 65 26927 57 15984 65 0 0 0 0 26927 57 0 0 0 0
-67 wlan0 0x300000000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-68 wlan0 0x1065fff00000000 10020 0 131871 599 93783 445 131871 599 0 0 0 0 93783 445 0 0 0 0
-69 wlan0 0x1065fff00000000 10020 1 264 4 144 2 264 4 0 0 0 0 144 2 0 0 0 0
-70 wlan0 0x1b24f4600000000 10034 0 15445 42 23329 45 15445 42 0 0 0 0 23329 45 0 0 0 0
-71 wlan0 0x1b24f4600000000 10034 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-72 wlan0 0x1000010000000000 10020 0 5542 9 1364 10 5542 9 0 0 0 0 1364 10 0 0 0 0
-73 wlan0 0x1000010000000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-74 wlan0 0x1000040100000000 10020 0 47196 184 213319 257 47196 184 0 0 0 0 213319 257 0 0 0 0
-75 wlan0 0x1000040100000000 10020 1 60 1 103 1 60 1 0 0 0 0 103 1 0 0 0 0
-76 wlan0 0x1000040700000000 10020 0 11599 50 10786 47 11599 50 0 0 0 0 10786 47 0 0 0 0
-77 wlan0 0x1000040700000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-78 wlan0 0x1000040800000000 10020 0 21902 145 174139 166 21902 145 0 0 0 0 174139 166 0 0 0 0
-79 wlan0 0x1000040800000000 10020 1 8568 88 105743 90 8568 88 0 0 0 0 105743 90 0 0 0 0
-80 wlan0 0x1000100300000000 10020 0 55213 118 194551 199 55213 118 0 0 0 0 194551 199 0 0 0 0
-81 wlan0 0x1000100300000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-82 wlan0 0x1000120300000000 10020 0 50826 74 21153 70 50826 74 0 0 0 0 21153 70 0 0 0 0
-83 wlan0 0x1000120300000000 10020 1 72 1 175 2 72 1 0 0 0 0 175 2 0 0 0 0
-84 wlan0 0x1000180300000000 10020 0 744198 657 65437 592 744198 657 0 0 0 0 65437 592 0 0 0 0
-85 wlan0 0x1000180300000000 10020 1 144719 132 10989 108 144719 132 0 0 0 0 10989 108 0 0 0 0
-86 wlan0 0x1000180600000000 10020 0 4599 8 1928 10 4599 8 0 0 0 0 1928 10 0 0 0 0
-87 wlan0 0x1000180600000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-88 wlan0 0x1000250000000000 10020 0 57740 98 13076 88 57740 98 0 0 0 0 13076 88 0 0 0 0
-89 wlan0 0x1000250000000000 10020 1 328 3 414 4 207 2 121 1 0 0 293 3 121 1 0 0
-90 wlan0 0x1000300000000000 10020 0 7675 30 31331 32 7675 30 0 0 0 0 31331 32 0 0 0 0
-91 wlan0 0x1000300000000000 10020 1 30173 97 101335 100 30173 97 0 0 0 0 101335 100 0 0 0 0
-92 wlan0 0x1000310200000000 10020 0 1681 9 2194 9 1681 9 0 0 0 0 2194 9 0 0 0 0
-93 wlan0 0x1000310200000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-94 wlan0 0x1000360000000000 10020 0 5606 20 2831 20 5606 20 0 0 0 0 2831 20 0 0 0 0
-95 wlan0 0x1000360000000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-96 wlan0 0x11065fff00000000 10020 0 18363 91 83367 104 18363 91 0 0 0 0 83367 104 0 0 0 0
-97 wlan0 0x11065fff00000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-98 wlan0 0x3000009600000000 10020 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-99 wlan0 0x3000009600000000 10020 1 6163 18 2424 18 6163 18 0 0 0 0 2424 18 0 0 0 0
-100 wlan0 0x3000009800000000 10020 0 23337 46 8723 39 23337 46 0 0 0 0 8723 39 0 0 0 0
-101 wlan0 0x3000009800000000 10020 1 33744 93 72437 89 33744 93 0 0 0 0 72437 89 0 0 0 0
-102 wlan0 0x3000020000000000 10020 0 4124 11 8969 19 4124 11 0 0 0 0 8969 19 0 0 0 0
-103 wlan0 0x3000020000000000 10020 1 5993 11 3815 14 5993 11 0 0 0 0 3815 14 0 0 0 0
-104 wlan0 0x3000040100000000 10020 0 113809 342 135666 308 113809 342 0 0 0 0 135666 308 0 0 0 0
-105 wlan0 0x3000040100000000 10020 1 142508 642 500579 637 142508 642 0 0 0 0 500579 637 0 0 0 0
-106 wlan0 0x3000040700000000 10020 0 365815 5119 213340 2733 365815 5119 0 0 0 0 213340 2733 0 0 0 0
-107 wlan0 0x3000040700000000 10020 1 30747 130 18408 100 30747 130 0 0 0 0 18408 100 0 0 0 0
-108 wlan0 0x3000040800000000 10020 0 34672 112 68623 92 34672 112 0 0 0 0 68623 92 0 0 0 0
-109 wlan0 0x3000040800000000 10020 1 78443 199 140944 192 78443 199 0 0 0 0 140944 192 0 0 0 0
-110 wlan0 0x3000040b00000000 10020 0 14949 33 4017 26 14949 33 0 0 0 0 4017 26 0 0 0 0
-111 wlan0 0x3000040b00000000 10020 1 996 15 576 8 996 15 0 0 0 0 576 8 0 0 0 0
-112 wlan0 0x3000090000000000 10020 0 11826 67 7309 52 11826 67 0 0 0 0 7309 52 0 0 0 0
-113 wlan0 0x3000090000000000 10020 1 24805 41 4785 41 24805 41 0 0 0 0 4785 41 0 0 0 0
-114 wlan0 0x3000100300000000 10020 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-115 wlan0 0x3000100300000000 10020 1 3112 10 1628 10 3112 10 0 0 0 0 1628 10 0 0 0 0
-116 wlan0 0x3000120300000000 10020 0 38249 107 20374 85 38249 107 0 0 0 0 20374 85 0 0 0 0
-117 wlan0 0x3000120300000000 10020 1 122581 174 36792 143 122581 174 0 0 0 0 36792 143 0 0 0 0
-118 wlan0 0x3000130100000000 10020 0 2700 41 1524 21 2700 41 0 0 0 0 1524 21 0 0 0 0
-119 wlan0 0x3000130100000000 10020 1 22515 59 8366 52 22515 59 0 0 0 0 8366 52 0 0 0 0
-120 wlan0 0x3000180200000000 10020 0 6411 18 14511 20 6411 18 0 0 0 0 14511 20 0 0 0 0
-121 wlan0 0x3000180200000000 10020 1 336 5 319 4 336 5 0 0 0 0 319 4 0 0 0 0
-122 wlan0 0x3000180300000000 10020 0 129301 136 17622 97 129301 136 0 0 0 0 17622 97 0 0 0 0
-123 wlan0 0x3000180300000000 10020 1 464787 429 41703 336 464787 429 0 0 0 0 41703 336 0 0 0 0
-124 wlan0 0x3000180400000000 10020 0 11014 39 2787 25 11014 39 0 0 0 0 2787 25 0 0 0 0
-125 wlan0 0x3000180400000000 10020 1 144040 139 7540 80 144040 139 0 0 0 0 7540 80 0 0 0 0
-126 wlan0 0x3000210100000000 10020 0 10278 44 4579 33 10278 44 0 0 0 0 4579 33 0 0 0 0
-127 wlan0 0x3000210100000000 10020 1 31151 73 14159 47 31151 73 0 0 0 0 14159 47 0 0 0 0
-128 wlan0 0x3000250000000000 10020 0 132 2 72 1 132 2 0 0 0 0 72 1 0 0 0 0
-129 wlan0 0x3000250000000000 10020 1 76614 143 17711 130 76080 137 534 6 0 0 17177 124 534 6 0 0
-130 wlan0 0x3000260100000000 10020 0 9426 26 3535 20 9426 26 0 0 0 0 3535 20 0 0 0 0
-131 wlan0 0x3000260100000000 10020 1 468 7 288 4 468 7 0 0 0 0 288 4 0 0 0 0
-132 wlan0 0x3000300000000000 10020 0 7241 29 12055 26 7241 29 0 0 0 0 12055 26 0 0 0 0
-133 wlan0 0x3000300000000000 10020 1 3273 23 11232 21 3273 23 0 0 0 0 11232 21 0 0 0 0
-134 wlan0 0x3000310000000000 10020 0 132 2 72 1 132 2 0 0 0 0 72 1 0 0 0 0
-135 wlan0 0x3000310000000000 10020 1 53425 64 8721 62 53425 64 0 0 0 0 8721 62 0 0 0 0
-136 wlan0 0x3000310500000000 10020 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-137 wlan0 0x3000310500000000 10020 1 9929 16 3879 18 9929 16 0 0 0 0 3879 18 0 0 0 0
-138 wlan0 0x3000320100000000 10020 0 6844 14 3745 13 6844 14 0 0 0 0 3745 13 0 0 0 0
-139 wlan0 0x3000320100000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-140 wlan0 0x3000360000000000 10020 0 8855 43 4749 31 8855 43 0 0 0 0 4749 31 0 0 0 0
-141 wlan0 0x3000360000000000 10020 1 5597 19 2456 19 5597 19 0 0 0 0 2456 19 0 0 0 0
-142 wlan0 0x3010000000000000 10090 0 605140 527 38435 429 605140 527 0 0 0 0 38435 429 0 0 0 0
-143 wlan0 0x3010000000000000 10090 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-144 wlan0 0x31065fff00000000 10020 0 22011 67 29665 64 22011 67 0 0 0 0 29665 64 0 0 0 0
-145 wlan0 0x31065fff00000000 10020 1 10695 34 18347 35 10695 34 0 0 0 0 18347 35 0 0 0 0
-146 wlan0 0x32e544f900000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-147 wlan0 0x32e544f900000000 10034 1 40143 54 7299 61 40143 54 0 0 0 0 7299 61 0 0 0 0
-148 wlan0 0x58872a4400000000 10018 0 4928 11 1669 13 4928 11 0 0 0 0 1669 13 0 0 0 0
-149 wlan0 0x58872a4400000000 10018 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-150 wlan0 0x5caeaa7b00000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-151 wlan0 0x5caeaa7b00000000 10034 1 74971 73 7103 75 74971 73 0 0 0 0 7103 75 0 0 0 0
-152 wlan0 0x9e00923800000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-153 wlan0 0x9e00923800000000 10034 1 72385 98 13072 110 72385 98 0 0 0 0 13072 110 0 0 0 0
-154 wlan0 0xb972bdd400000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-155 wlan0 0xb972bdd400000000 10034 1 15282 24 3034 27 15282 24 0 0 0 0 3034 27 0 0 0 0
-156 wlan0 0xc7c9f7ba00000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-157 wlan0 0xc7c9f7ba00000000 10034 1 194915 185 13316 138 194915 185 0 0 0 0 13316 138 0 0 0 0
-158 wlan0 0xc9395b2600000000 10034 0 6991 13 6215 14 6991 13 0 0 0 0 6215 14 0 0 0 0
-159 wlan0 0xc9395b2600000000 10034 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-160 wlan0 0xdaddf21100000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-161 wlan0 0xdaddf21100000000 10034 1 928676 849 81570 799 928676 849 0 0 0 0 81570 799 0 0 0 0
-162 wlan0 0xe8d195d100000000 10020 0 516 8 288 4 516 8 0 0 0 0 288 4 0 0 0 0
-163 wlan0 0xe8d195d100000000 10020 1 5905 15 2622 15 5905 15 0 0 0 0 2622 15 0 0 0 0
-164 wlan0 0xe8d195d100000000 10034 0 236640 524 312523 555 236640 524 0 0 0 0 312523 555 0 0 0 0
-165 wlan0 0xe8d195d100000000 10034 1 319028 539 188776 553 319028 539 0 0 0 0 188776 553 0 0 0 0
-166 wlan0 0xffffff0100000000 10006 0 80755 92 9122 99 80755 92 0 0 0 0 9122 99 0 0 0 0
-167 wlan0 0xffffff0100000000 10006 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-168 wlan0 0xffffff0100000000 10020 0 17874405 14068 223987 3065 17874405 14068 0 0 0 0 223987 3065 0 0 0 0
-169 wlan0 0xffffff0100000000 10020 1 11011258 8672 177693 2407 11011258 8672 0 0 0 0 177693 2407 0 0 0 0
-170 wlan0 0xffffff0100000000 10034 0 436062595 341880 5843990 79630 436062595 341880 0 0 0 0 5843990 79630 0 0 0 0
-171 wlan0 0xffffff0100000000 10034 1 63201220 49447 1005882 13713 63201220 49447 0 0 0 0 1005882 13713 0 0 0 0
-172 wlan0 0xffffff0100000000 10044 0 17159287 13702 356212 4778 17159287 13702 0 0 0 0 356212 4778 0 0 0 0
-173 wlan0 0xffffff0100000000 10044 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-174 wlan0 0xffffff0100000000 10078 0 10439 17 1665 15 10439 17 0 0 0 0 1665 15 0 0 0 0
-175 wlan0 0xffffff0100000000 10078 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-176 wlan0 0xffffff0100000000 10090 0 23722655 19697 881995 14231 23722655 19697 0 0 0 0 881995 14231 0 0 0 0
-177 wlan0 0xffffff0100000000 10090 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-178 wlan0 0xffffff0500000000 1000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-179 wlan0 0xffffff0500000000 1000 1 1592 5 314 1 0 0 1592 5 0 0 0 0 314 1 0 0
-180 wlan0 0xffffff0600000000 1000 0 0 0 36960 385 0 0 0 0 0 0 0 0 36960 385 0 0
-181 wlan0 0xffffff0600000000 1000 1 96 1 480 5 0 0 96 1 0 0 0 0 480 5 0 0
-182 wlan0 0xffffff0700000000 1000 0 38732 229 16567 163 38732 229 0 0 0 0 16567 163 0 0 0 0
-183 wlan0 0xffffff0700000000 1000 1 18539 74 7562 66 18539 74 0 0 0 0 7562 66 0 0 0 0
-184 wlan0 0xffffff0900000000 1000 0 38381 43 2624 27 38381 43 0 0 0 0 2624 27 0 0 0 0
-185 wlan0 0xffffff0900000000 1000 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-186 dummy0 0x0 0 0 0 0 168 3 0 0 0 0 0 0 0 0 0 0 168 3
-187 dummy0 0x0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-188 wlan0 0x0 1029 0 0 0 8524052 130894 0 0 0 0 0 0 7871216 121284 108568 1325 544268 8285
-189 wlan0 0x0 1029 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tests/unit/res/raw/xt_qtaguid_with_clat_100mb_download_before b/tests/unit/res/raw/xt_qtaguid_with_clat_100mb_download_before
deleted file mode 100644
index ce4bcc3..0000000
--- a/tests/unit/res/raw/xt_qtaguid_with_clat_100mb_download_before
+++ /dev/null
@@ -1,187 +0,0 @@
-idx iface acct_tag_hex uid_tag_int cnt_set rx_bytes rx_packets tx_bytes tx_packets rx_tcp_bytes rx_tcp_packets rx_udp_bytes rx_udp_packets rx_other_bytes rx_other_packets tx_tcp_bytes tx_tcp_packets tx_udp_bytes tx_udp_packets tx_other_bytes tx_other_packets
-2 r_rmnet_data0 0x0 0 0 0 0 392 6 0 0 0 0 0 0 0 0 0 0 392 6
-3 r_rmnet_data0 0x0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-4 v4-wlan0 0x0 0 0 58848 2070 2836 64 160 4 0 0 58688 2066 80 2 0 0 2756 62
-5 v4-wlan0 0x0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-6 v4-wlan0 0x0 10034 0 6192 11 1445 11 6192 11 0 0 0 0 1445 11 0 0 0 0
-7 v4-wlan0 0x0 10034 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-8 v4-wlan0 0x0 10057 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-9 v4-wlan0 0x0 10057 1 728 7 392 7 0 0 728 7 0 0 0 0 392 7 0 0
-10 v4-wlan0 0x0 10106 0 1488 12 1488 12 0 0 1488 12 0 0 0 0 1488 12 0 0
-11 v4-wlan0 0x0 10106 1 323981189 235142 3509032 84542 323979453 235128 1736 14 0 0 3502676 84363 6356 179 0 0
-12 wlan0 0x0 0 0 330187296 250652 0 0 329106990 236273 226202 1255 854104 13124 0 0 0 0 0 0
-13 wlan0 0x0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-14 wlan0 0x0 1000 0 77113 272 56151 575 77113 272 0 0 0 0 19191 190 36960 385 0 0
-15 wlan0 0x0 1000 1 20227 80 8356 72 18539 74 1688 6 0 0 7562 66 794 6 0 0
-16 wlan0 0x0 10006 0 80755 92 9122 99 80755 92 0 0 0 0 9122 99 0 0 0 0
-17 wlan0 0x0 10006 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-18 wlan0 0x0 10015 0 4390 7 14824 252 4390 7 0 0 0 0 14824 252 0 0 0 0
-19 wlan0 0x0 10015 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-20 wlan0 0x0 10018 0 4928 11 1741 14 4928 11 0 0 0 0 1741 14 0 0 0 0
-21 wlan0 0x0 10018 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-22 wlan0 0x0 10020 0 21141412 34316 2329881 15262 21140807 34311 605 5 0 0 2329276 15257 605 5 0 0
-23 wlan0 0x0 10020 1 13835740 12938 1548555 6362 13833754 12920 1986 18 0 0 1546569 6344 1986 18 0 0
-24 wlan0 0x0 10023 0 13405 40 5042 44 13405 40 0 0 0 0 5042 44 0 0 0 0
-25 wlan0 0x0 10023 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-26 wlan0 0x0 10034 0 436394741 342648 6237981 80442 436394741 342648 0 0 0 0 6237981 80442 0 0 0 0
-27 wlan0 0x0 10034 1 64860872 51297 1335539 15546 64860872 51297 0 0 0 0 1335539 15546 0 0 0 0
-28 wlan0 0x0 10044 0 17614444 14774 521004 5694 17329882 14432 284562 342 0 0 419974 5408 101030 286 0 0
-29 wlan0 0x0 10044 1 17701 33 3100 28 17701 33 0 0 0 0 3100 28 0 0 0 0
-30 wlan0 0x0 10057 0 12311735 9335 435954 5448 12247721 9259 64014 76 0 0 414080 5386 21874 62 0 0
-31 wlan0 0x0 10057 1 1332953195 954797 31849632 457698 1331933207 953569 1019988 1228 0 0 31702284 456899 147348 799 0 0
-32 wlan0 0x0 10060 0 32972 200 433705 380 32972 200 0 0 0 0 433705 380 0 0 0 0
-33 wlan0 0x0 10060 1 32106 66 37789 87 32106 66 0 0 0 0 37789 87 0 0 0 0
-34 wlan0 0x0 10061 0 7675 23 2509 22 7675 23 0 0 0 0 2509 22 0 0 0 0
-35 wlan0 0x0 10061 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-36 wlan0 0x0 10074 0 38355 82 10447 97 38355 82 0 0 0 0 10447 97 0 0 0 0
-37 wlan0 0x0 10074 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-38 wlan0 0x0 10078 0 49013 79 7167 69 49013 79 0 0 0 0 7167 69 0 0 0 0
-39 wlan0 0x0 10078 1 5872 8 1236 10 5872 8 0 0 0 0 1236 10 0 0 0 0
-40 wlan0 0x0 10082 0 8301 13 1981 15 8301 13 0 0 0 0 1981 15 0 0 0 0
-41 wlan0 0x0 10082 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-42 wlan0 0x0 10086 0 7001 14 1579 15 7001 14 0 0 0 0 1579 15 0 0 0 0
-43 wlan0 0x0 10086 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-44 wlan0 0x0 10090 0 24327795 20224 920502 14661 24327795 20224 0 0 0 0 920502 14661 0 0 0 0
-45 wlan0 0x0 10090 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-46 wlan0 0x0 10092 0 36849 78 12449 81 36849 78 0 0 0 0 12449 81 0 0 0 0
-47 wlan0 0x0 10092 1 60 1 103 1 60 1 0 0 0 0 103 1 0 0 0 0
-48 wlan0 0x0 10095 0 131962 223 37069 241 131962 223 0 0 0 0 37069 241 0 0 0 0
-49 wlan0 0x0 10095 1 12949 21 3930 21 12949 21 0 0 0 0 3930 21 0 0 0 0
-50 wlan0 0x0 10106 0 30899554 22679 632476 12296 30895334 22645 4220 34 0 0 628256 12262 4220 34 0 0
-51 wlan0 0x0 10106 1 88922349 64952 1605126 35599 88916075 64875 3586 29 2688 48 1600196 35522 4930 77 0 0
-52 wlan0 0x40700000000 10020 0 705732 10589 404428 5504 705732 10589 0 0 0 0 404428 5504 0 0 0 0
-53 wlan0 0x40700000000 10020 1 2376 36 1296 18 2376 36 0 0 0 0 1296 18 0 0 0 0
-54 wlan0 0x40800000000 10020 0 34624 146 122525 160 34624 146 0 0 0 0 122525 160 0 0 0 0
-55 wlan0 0x40800000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-56 wlan0 0x40b00000000 10020 0 22411 85 7364 57 22411 85 0 0 0 0 7364 57 0 0 0 0
-57 wlan0 0x40b00000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-58 wlan0 0x120300000000 10020 0 76641 241 32783 169 76641 241 0 0 0 0 32783 169 0 0 0 0
-59 wlan0 0x120300000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-60 wlan0 0x130100000000 10020 0 73101 287 23236 203 73101 287 0 0 0 0 23236 203 0 0 0 0
-61 wlan0 0x130100000000 10020 1 264 4 144 2 264 4 0 0 0 0 144 2 0 0 0 0
-62 wlan0 0x180300000000 10020 0 330648 399 24736 232 330648 399 0 0 0 0 24736 232 0 0 0 0
-63 wlan0 0x180300000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-64 wlan0 0x180400000000 10020 0 21865 59 5022 42 21865 59 0 0 0 0 5022 42 0 0 0 0
-65 wlan0 0x180400000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-66 wlan0 0x300000000000 10020 0 15984 65 26927 57 15984 65 0 0 0 0 26927 57 0 0 0 0
-67 wlan0 0x300000000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-68 wlan0 0x1065fff00000000 10020 0 131871 599 93783 445 131871 599 0 0 0 0 93783 445 0 0 0 0
-69 wlan0 0x1065fff00000000 10020 1 264 4 144 2 264 4 0 0 0 0 144 2 0 0 0 0
-70 wlan0 0x1b24f4600000000 10034 0 15445 42 23329 45 15445 42 0 0 0 0 23329 45 0 0 0 0
-71 wlan0 0x1b24f4600000000 10034 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-72 wlan0 0x1000010000000000 10020 0 5542 9 1364 10 5542 9 0 0 0 0 1364 10 0 0 0 0
-73 wlan0 0x1000010000000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-74 wlan0 0x1000040100000000 10020 0 47196 184 213319 257 47196 184 0 0 0 0 213319 257 0 0 0 0
-75 wlan0 0x1000040100000000 10020 1 60 1 103 1 60 1 0 0 0 0 103 1 0 0 0 0
-76 wlan0 0x1000040700000000 10020 0 11599 50 10786 47 11599 50 0 0 0 0 10786 47 0 0 0 0
-77 wlan0 0x1000040700000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-78 wlan0 0x1000040800000000 10020 0 21902 145 174139 166 21902 145 0 0 0 0 174139 166 0 0 0 0
-79 wlan0 0x1000040800000000 10020 1 8568 88 105743 90 8568 88 0 0 0 0 105743 90 0 0 0 0
-80 wlan0 0x1000100300000000 10020 0 55213 118 194551 199 55213 118 0 0 0 0 194551 199 0 0 0 0
-81 wlan0 0x1000100300000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-82 wlan0 0x1000120300000000 10020 0 50826 74 21153 70 50826 74 0 0 0 0 21153 70 0 0 0 0
-83 wlan0 0x1000120300000000 10020 1 72 1 175 2 72 1 0 0 0 0 175 2 0 0 0 0
-84 wlan0 0x1000180300000000 10020 0 744198 657 65437 592 744198 657 0 0 0 0 65437 592 0 0 0 0
-85 wlan0 0x1000180300000000 10020 1 144719 132 10989 108 144719 132 0 0 0 0 10989 108 0 0 0 0
-86 wlan0 0x1000180600000000 10020 0 4599 8 1928 10 4599 8 0 0 0 0 1928 10 0 0 0 0
-87 wlan0 0x1000180600000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-88 wlan0 0x1000250000000000 10020 0 57740 98 13076 88 57740 98 0 0 0 0 13076 88 0 0 0 0
-89 wlan0 0x1000250000000000 10020 1 328 3 414 4 207 2 121 1 0 0 293 3 121 1 0 0
-90 wlan0 0x1000300000000000 10020 0 7675 30 31331 32 7675 30 0 0 0 0 31331 32 0 0 0 0
-91 wlan0 0x1000300000000000 10020 1 30173 97 101335 100 30173 97 0 0 0 0 101335 100 0 0 0 0
-92 wlan0 0x1000310200000000 10020 0 1681 9 2194 9 1681 9 0 0 0 0 2194 9 0 0 0 0
-93 wlan0 0x1000310200000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-94 wlan0 0x1000360000000000 10020 0 5606 20 2831 20 5606 20 0 0 0 0 2831 20 0 0 0 0
-95 wlan0 0x1000360000000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-96 wlan0 0x11065fff00000000 10020 0 18363 91 83367 104 18363 91 0 0 0 0 83367 104 0 0 0 0
-97 wlan0 0x11065fff00000000 10020 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-98 wlan0 0x3000009600000000 10020 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-99 wlan0 0x3000009600000000 10020 1 6163 18 2424 18 6163 18 0 0 0 0 2424 18 0 0 0 0
-100 wlan0 0x3000009800000000 10020 0 23337 46 8723 39 23337 46 0 0 0 0 8723 39 0 0 0 0
-101 wlan0 0x3000009800000000 10020 1 33744 93 72437 89 33744 93 0 0 0 0 72437 89 0 0 0 0
-102 wlan0 0x3000020000000000 10020 0 4124 11 8969 19 4124 11 0 0 0 0 8969 19 0 0 0 0
-103 wlan0 0x3000020000000000 10020 1 5993 11 3815 14 5993 11 0 0 0 0 3815 14 0 0 0 0
-104 wlan0 0x3000040100000000 10020 0 106718 322 121557 287 106718 322 0 0 0 0 121557 287 0 0 0 0
-105 wlan0 0x3000040100000000 10020 1 142508 642 500579 637 142508 642 0 0 0 0 500579 637 0 0 0 0
-106 wlan0 0x3000040700000000 10020 0 365419 5113 213124 2730 365419 5113 0 0 0 0 213124 2730 0 0 0 0
-107 wlan0 0x3000040700000000 10020 1 30747 130 18408 100 30747 130 0 0 0 0 18408 100 0 0 0 0
-108 wlan0 0x3000040800000000 10020 0 34672 112 68623 92 34672 112 0 0 0 0 68623 92 0 0 0 0
-109 wlan0 0x3000040800000000 10020 1 78443 199 140944 192 78443 199 0 0 0 0 140944 192 0 0 0 0
-110 wlan0 0x3000040b00000000 10020 0 14949 33 4017 26 14949 33 0 0 0 0 4017 26 0 0 0 0
-111 wlan0 0x3000040b00000000 10020 1 996 15 576 8 996 15 0 0 0 0 576 8 0 0 0 0
-112 wlan0 0x3000090000000000 10020 0 4017 28 3610 25 4017 28 0 0 0 0 3610 25 0 0 0 0
-113 wlan0 0x3000090000000000 10020 1 24805 41 4545 38 24805 41 0 0 0 0 4545 38 0 0 0 0
-114 wlan0 0x3000100300000000 10020 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-115 wlan0 0x3000100300000000 10020 1 3112 10 1628 10 3112 10 0 0 0 0 1628 10 0 0 0 0
-116 wlan0 0x3000120300000000 10020 0 38249 107 20374 85 38249 107 0 0 0 0 20374 85 0 0 0 0
-117 wlan0 0x3000120300000000 10020 1 122581 174 36792 143 122581 174 0 0 0 0 36792 143 0 0 0 0
-118 wlan0 0x3000130100000000 10020 0 2700 41 1524 21 2700 41 0 0 0 0 1524 21 0 0 0 0
-119 wlan0 0x3000130100000000 10020 1 22515 59 8366 52 22515 59 0 0 0 0 8366 52 0 0 0 0
-120 wlan0 0x3000180200000000 10020 0 6411 18 14511 20 6411 18 0 0 0 0 14511 20 0 0 0 0
-121 wlan0 0x3000180200000000 10020 1 336 5 319 4 336 5 0 0 0 0 319 4 0 0 0 0
-122 wlan0 0x3000180300000000 10020 0 129301 136 17622 97 129301 136 0 0 0 0 17622 97 0 0 0 0
-123 wlan0 0x3000180300000000 10020 1 464787 429 41703 336 464787 429 0 0 0 0 41703 336 0 0 0 0
-124 wlan0 0x3000180400000000 10020 0 11014 39 2787 25 11014 39 0 0 0 0 2787 25 0 0 0 0
-125 wlan0 0x3000180400000000 10020 1 144040 139 7540 80 144040 139 0 0 0 0 7540 80 0 0 0 0
-126 wlan0 0x3000210100000000 10020 0 10278 44 4579 33 10278 44 0 0 0 0 4579 33 0 0 0 0
-127 wlan0 0x3000210100000000 10020 1 31151 73 14159 47 31151 73 0 0 0 0 14159 47 0 0 0 0
-128 wlan0 0x3000250000000000 10020 0 132 2 72 1 132 2 0 0 0 0 72 1 0 0 0 0
-129 wlan0 0x3000250000000000 10020 1 76614 143 17711 130 76080 137 534 6 0 0 17177 124 534 6 0 0
-130 wlan0 0x3000260100000000 10020 0 9426 26 3535 20 9426 26 0 0 0 0 3535 20 0 0 0 0
-131 wlan0 0x3000260100000000 10020 1 468 7 288 4 468 7 0 0 0 0 288 4 0 0 0 0
-132 wlan0 0x3000300000000000 10020 0 7241 29 12055 26 7241 29 0 0 0 0 12055 26 0 0 0 0
-133 wlan0 0x3000300000000000 10020 1 3273 23 11232 21 3273 23 0 0 0 0 11232 21 0 0 0 0
-134 wlan0 0x3000310000000000 10020 0 132 2 72 1 132 2 0 0 0 0 72 1 0 0 0 0
-135 wlan0 0x3000310000000000 10020 1 53425 64 8721 62 53425 64 0 0 0 0 8721 62 0 0 0 0
-136 wlan0 0x3000310500000000 10020 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-137 wlan0 0x3000310500000000 10020 1 9929 16 3879 18 9929 16 0 0 0 0 3879 18 0 0 0 0
-138 wlan0 0x3000360000000000 10020 0 8855 43 4749 31 8855 43 0 0 0 0 4749 31 0 0 0 0
-139 wlan0 0x3000360000000000 10020 1 5597 19 2456 19 5597 19 0 0 0 0 2456 19 0 0 0 0
-140 wlan0 0x3010000000000000 10090 0 605140 527 38435 429 605140 527 0 0 0 0 38435 429 0 0 0 0
-141 wlan0 0x3010000000000000 10090 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-142 wlan0 0x31065fff00000000 10020 0 22011 67 29665 64 22011 67 0 0 0 0 29665 64 0 0 0 0
-143 wlan0 0x31065fff00000000 10020 1 10695 34 18347 35 10695 34 0 0 0 0 18347 35 0 0 0 0
-144 wlan0 0x32e544f900000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-145 wlan0 0x32e544f900000000 10034 1 40143 54 7299 61 40143 54 0 0 0 0 7299 61 0 0 0 0
-146 wlan0 0x58872a4400000000 10018 0 4928 11 1669 13 4928 11 0 0 0 0 1669 13 0 0 0 0
-147 wlan0 0x58872a4400000000 10018 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-148 wlan0 0x5caeaa7b00000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-149 wlan0 0x5caeaa7b00000000 10034 1 74971 73 7103 75 74971 73 0 0 0 0 7103 75 0 0 0 0
-150 wlan0 0x9e00923800000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-151 wlan0 0x9e00923800000000 10034 1 72385 98 13072 110 72385 98 0 0 0 0 13072 110 0 0 0 0
-152 wlan0 0xb972bdd400000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-153 wlan0 0xb972bdd400000000 10034 1 15282 24 3034 27 15282 24 0 0 0 0 3034 27 0 0 0 0
-154 wlan0 0xc7c9f7ba00000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-155 wlan0 0xc7c9f7ba00000000 10034 1 194915 185 13316 138 194915 185 0 0 0 0 13316 138 0 0 0 0
-156 wlan0 0xc9395b2600000000 10034 0 6991 13 6215 14 6991 13 0 0 0 0 6215 14 0 0 0 0
-157 wlan0 0xc9395b2600000000 10034 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-158 wlan0 0xdaddf21100000000 10034 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-159 wlan0 0xdaddf21100000000 10034 1 928676 849 81570 799 928676 849 0 0 0 0 81570 799 0 0 0 0
-160 wlan0 0xe8d195d100000000 10020 0 516 8 288 4 516 8 0 0 0 0 288 4 0 0 0 0
-161 wlan0 0xe8d195d100000000 10020 1 5905 15 2622 15 5905 15 0 0 0 0 2622 15 0 0 0 0
-162 wlan0 0xe8d195d100000000 10034 0 236640 524 312523 555 236640 524 0 0 0 0 312523 555 0 0 0 0
-163 wlan0 0xe8d195d100000000 10034 1 319028 539 188776 553 319028 539 0 0 0 0 188776 553 0 0 0 0
-164 wlan0 0xffffff0100000000 10006 0 80755 92 9122 99 80755 92 0 0 0 0 9122 99 0 0 0 0
-165 wlan0 0xffffff0100000000 10006 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-166 wlan0 0xffffff0100000000 10020 0 17874405 14068 223987 3065 17874405 14068 0 0 0 0 223987 3065 0 0 0 0
-167 wlan0 0xffffff0100000000 10020 1 11011258 8672 177693 2407 11011258 8672 0 0 0 0 177693 2407 0 0 0 0
-168 wlan0 0xffffff0100000000 10034 0 436062595 341880 5843990 79630 436062595 341880 0 0 0 0 5843990 79630 0 0 0 0
-169 wlan0 0xffffff0100000000 10034 1 63201220 49447 1005882 13713 63201220 49447 0 0 0 0 1005882 13713 0 0 0 0
-170 wlan0 0xffffff0100000000 10044 0 17159287 13702 356212 4778 17159287 13702 0 0 0 0 356212 4778 0 0 0 0
-171 wlan0 0xffffff0100000000 10044 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-172 wlan0 0xffffff0100000000 10078 0 10439 17 1665 15 10439 17 0 0 0 0 1665 15 0 0 0 0
-173 wlan0 0xffffff0100000000 10078 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-174 wlan0 0xffffff0100000000 10090 0 23722655 19697 881995 14231 23722655 19697 0 0 0 0 881995 14231 0 0 0 0
-175 wlan0 0xffffff0100000000 10090 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-176 wlan0 0xffffff0500000000 1000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-177 wlan0 0xffffff0500000000 1000 1 1592 5 314 1 0 0 1592 5 0 0 0 0 314 1 0 0
-178 wlan0 0xffffff0600000000 1000 0 0 0 36960 385 0 0 0 0 0 0 0 0 36960 385 0 0
-179 wlan0 0xffffff0600000000 1000 1 96 1 480 5 0 0 96 1 0 0 0 0 480 5 0 0
-180 wlan0 0xffffff0700000000 1000 0 38732 229 16567 163 38732 229 0 0 0 0 16567 163 0 0 0 0
-181 wlan0 0xffffff0700000000 1000 1 18539 74 7562 66 18539 74 0 0 0 0 7562 66 0 0 0 0
-182 wlan0 0xffffff0900000000 1000 0 38381 43 2624 27 38381 43 0 0 0 0 2624 27 0 0 0 0
-183 wlan0 0xffffff0900000000 1000 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-184 dummy0 0x0 0 0 0 0 168 3 0 0 0 0 0 0 0 0 0 0 168 3
-185 dummy0 0x0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
-186 wlan0 0x0 1029 0 0 0 5855801 94173 0 0 0 0 0 0 5208040 84634 103637 1256 544124 8283
-187 wlan0 0x0 1029 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
diff --git a/tools/Android.bp b/tools/Android.bp
new file mode 100644
index 0000000..3ce76f6
--- /dev/null
+++ b/tools/Android.bp
@@ -0,0 +1,90 @@
+//
+// Copyright (C) 2022 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package {
+ // See: http://go/android-license-faq
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+// Build tool used to generate jarjar rules for all classes in a jar, except those that are
+// API, UnsupportedAppUsage or otherwise excluded.
+python_binary_host {
+ name: "jarjar-rules-generator",
+ srcs: [
+ "gen_jarjar.py",
+ ],
+ main: "gen_jarjar.py",
+ visibility: ["//packages/modules/Connectivity:__subpackages__"],
+}
+
+genrule_defaults {
+ name: "jarjar-rules-combine-defaults",
+ // Concat files with a line break in the middle
+ cmd: "for src in $(in); do cat $${src}; echo; done > $(out)",
+ defaults_visibility: ["//packages/modules/Connectivity:__subpackages__"],
+}
+
+java_library {
+ name: "jarjar-rules-generator-testjavalib",
+ srcs: ["testdata/java/**/*.java"],
+ libs: ["unsupportedappusage"],
+ visibility: ["//visibility:private"],
+}
+
+// TODO(b/233723405) - Remove this workaround.
+// Temporary work around of b/233723405. Using the module_lib stub directly
+// in the test causes it to sometimes get the dex jar and sometimes get the
+// classes jar due to b/233111644. Statically including it here instead
+// ensures that it will always get the classes jar.
+java_library {
+ name: "framework-connectivity.stubs.module_lib-for-test",
+ visibility: ["//visibility:private"],
+ static_libs: [
+ "framework-connectivity.stubs.module_lib",
+ ],
+ // Not strictly necessary but specified as this MUST not have generate
+ // a dex jar as that will break the tests.
+ compile_dex: false,
+}
+
+java_library {
+ name: "framework-connectivity-t.stubs.module_lib-for-test",
+ visibility: ["//visibility:private"],
+ static_libs: [
+ "framework-connectivity-t.stubs.module_lib",
+ ],
+ // Not strictly necessary but specified as this MUST not have generate
+ // a dex jar as that will break the tests.
+ compile_dex: false,
+}
+
+python_test_host {
+ name: "jarjar-rules-generator-test",
+ srcs: [
+ "gen_jarjar.py",
+ "gen_jarjar_test.py",
+ ],
+ data: [
+ "testdata/test-jarjar-excludes.txt",
+ // two unsupportedappusage lists with different classes to test using multiple lists
+ "testdata/test-unsupportedappusage.txt",
+ "testdata/test-other-unsupportedappusage.txt",
+ ":framework-connectivity.stubs.module_lib-for-test",
+ ":framework-connectivity-t.stubs.module_lib-for-test",
+ ":jarjar-rules-generator-testjavalib",
+ ],
+ main: "gen_jarjar_test.py",
+}
diff --git a/tools/gen_jarjar.py b/tools/gen_jarjar.py
new file mode 100755
index 0000000..eb686ce
--- /dev/null
+++ b/tools/gen_jarjar.py
@@ -0,0 +1,135 @@
+#
+# Copyright (C) 2022 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+""" This script generates jarjar rule files to add a jarjar prefix to all classes, except those
+that are API, unsupported API or otherwise excluded."""
+
+import argparse
+import io
+import re
+import subprocess
+from xml import sax
+from xml.sax.handler import ContentHandler
+from zipfile import ZipFile
+
+
+def parse_arguments(argv):
+ parser = argparse.ArgumentParser()
+ parser.add_argument(
+ 'jars', nargs='+',
+ help='Path to pre-jarjar JAR. Multiple jars can be specified.')
+ parser.add_argument(
+ '--prefix', required=True,
+ help='Package prefix to use for jarjared classes, '
+ 'for example "com.android.connectivity" (does not end with a dot).')
+ parser.add_argument(
+ '--output', required=True, help='Path to output jarjar rules file.')
+ parser.add_argument(
+ '--apistubs', action='append', default=[],
+ help='Path to API stubs jar. Classes that are API will not be jarjared. Can be repeated to '
+ 'specify multiple jars.')
+ parser.add_argument(
+ '--unsupportedapi',
+ help='Column(:)-separated paths to UnsupportedAppUsage hidden API .txt lists. '
+ 'Classes that have UnsupportedAppUsage API will not be jarjared.')
+ parser.add_argument(
+ '--excludes', action='append', default=[],
+ help='Path to files listing classes that should not be jarjared. Can be repeated to '
+ 'specify multiple files.'
+ 'Each file should contain one full-match regex per line. Empty lines or lines '
+ 'starting with "#" are ignored.')
+ return parser.parse_args(argv)
+
+
+def _list_toplevel_jar_classes(jar):
+ """List all classes in a .class .jar file that are not inner classes."""
+ return {_get_toplevel_class(c) for c in _list_jar_classes(jar)}
+
+def _list_jar_classes(jar):
+ with ZipFile(jar, 'r') as zip:
+ files = zip.namelist()
+ assert 'classes.dex' not in files, f'Jar file {jar} is dexed, ' \
+ 'expected an intermediate zip of .class files'
+ class_len = len('.class')
+ return [f.replace('/', '.')[:-class_len] for f in files
+ if f.endswith('.class') and not f.endswith('/package-info.class')]
+
+
+def _list_hiddenapi_classes(txt_file):
+ out = set()
+ with open(txt_file, 'r') as f:
+ for line in f:
+ if not line.strip():
+ continue
+ assert line.startswith('L') and ';' in line, f'Class name not recognized: {line}'
+ clazz = line.replace('/', '.').split(';')[0][1:]
+ out.add(_get_toplevel_class(clazz))
+ return out
+
+
+def _get_toplevel_class(clazz):
+ """Return the name of the toplevel (not an inner class) enclosing class of the given class."""
+ if '$' not in clazz:
+ return clazz
+ return clazz.split('$')[0]
+
+
+def _get_excludes(path):
+ out = []
+ with open(path, 'r') as f:
+ for line in f:
+ stripped = line.strip()
+ if not stripped or stripped.startswith('#'):
+ continue
+ out.append(re.compile(stripped))
+ return out
+
+
+def make_jarjar_rules(args):
+ excluded_classes = set()
+ for apistubs_file in args.apistubs:
+ excluded_classes.update(_list_toplevel_jar_classes(apistubs_file))
+
+ unsupportedapi_files = (args.unsupportedapi and args.unsupportedapi.split(':')) or []
+ for unsupportedapi_file in unsupportedapi_files:
+ if unsupportedapi_file:
+ excluded_classes.update(_list_hiddenapi_classes(unsupportedapi_file))
+
+ exclude_regexes = []
+ for exclude_file in args.excludes:
+ exclude_regexes.extend(_get_excludes(exclude_file))
+
+ with open(args.output, 'w') as outfile:
+ for jar in args.jars:
+ jar_classes = _list_jar_classes(jar)
+ jar_classes.sort()
+ for clazz in jar_classes:
+ if (not clazz.startswith(args.prefix + '.') and
+ _get_toplevel_class(clazz) not in excluded_classes and
+ not any(r.fullmatch(clazz) for r in exclude_regexes)):
+ outfile.write(f'rule {clazz} {args.prefix}.@0\n')
+ # Also include jarjar rules for unit tests of the class, so the package matches
+ outfile.write(f'rule {clazz}Test {args.prefix}.@0\n')
+ outfile.write(f'rule {clazz}Test$* {args.prefix}.@0\n')
+
+
+def _main():
+ # Pass in None to use argv
+ args = parse_arguments(None)
+ make_jarjar_rules(args)
+
+
+if __name__ == '__main__':
+ _main()
diff --git a/tools/gen_jarjar_test.py b/tools/gen_jarjar_test.py
new file mode 100644
index 0000000..f5bf499
--- /dev/null
+++ b/tools/gen_jarjar_test.py
@@ -0,0 +1,90 @@
+# Copyright (C) 2022 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import gen_jarjar
+import unittest
+
+
+class TestGenJarjar(unittest.TestCase):
+ def test_gen_rules(self):
+ args = gen_jarjar.parse_arguments([
+ "jarjar-rules-generator-testjavalib.jar",
+ "--prefix", "jarjar.prefix",
+ "--output", "test-output-rules.txt",
+ "--apistubs", "framework-connectivity.stubs.module_lib.jar",
+ "--unsupportedapi", ":testdata/test-unsupportedappusage.txt",
+ "--excludes", "testdata/test-jarjar-excludes.txt",
+ ])
+ gen_jarjar.make_jarjar_rules(args)
+
+ with open(args.output) as out:
+ lines = out.readlines()
+
+ self.maxDiff = None
+ self.assertListEqual([
+ 'rule android.net.IpSecTransform jarjar.prefix.@0\n',
+ 'rule android.net.IpSecTransformTest jarjar.prefix.@0\n',
+ 'rule android.net.IpSecTransformTest$* jarjar.prefix.@0\n',
+ 'rule test.unsupportedappusage.OtherUnsupportedUsageClass jarjar.prefix.@0\n',
+ 'rule test.unsupportedappusage.OtherUnsupportedUsageClassTest jarjar.prefix.@0\n',
+ 'rule test.unsupportedappusage.OtherUnsupportedUsageClassTest$* jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClass jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClassTest jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClassTest$* jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClass$TestInnerClass jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClass$TestInnerClassTest jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClass$TestInnerClassTest$* jarjar.prefix.@0\n'
+ ], lines)
+
+ def test_gen_rules_repeated_args(self):
+ args = gen_jarjar.parse_arguments([
+ "jarjar-rules-generator-testjavalib.jar",
+ "--prefix", "jarjar.prefix",
+ "--output", "test-output-rules.txt",
+ "--apistubs", "framework-connectivity.stubs.module_lib.jar",
+ "--apistubs", "framework-connectivity-t.stubs.module_lib.jar",
+ "--unsupportedapi",
+ "testdata/test-unsupportedappusage.txt:testdata/test-other-unsupportedappusage.txt",
+ "--excludes", "testdata/test-jarjar-excludes.txt",
+ ])
+ gen_jarjar.make_jarjar_rules(args)
+
+ with open(args.output) as out:
+ lines = out.readlines()
+
+ self.maxDiff = None
+ self.assertListEqual([
+ 'rule test.utils.TestUtilClass jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClassTest jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClassTest$* jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClass$TestInnerClass jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClass$TestInnerClassTest jarjar.prefix.@0\n',
+ 'rule test.utils.TestUtilClass$TestInnerClassTest$* jarjar.prefix.@0\n'], lines)
+
+
+if __name__ == '__main__':
+ # Need verbosity=2 for the test results parser to find results
+ unittest.main(verbosity=2)
diff --git a/tools/testdata/java/android/net/IpSecTransform.java b/tools/testdata/java/android/net/IpSecTransform.java
new file mode 100644
index 0000000..0140bc5
--- /dev/null
+++ b/tools/testdata/java/android/net/IpSecTransform.java
@@ -0,0 +1,23 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.net;
+
+/**
+ * Test class with a name matching a public API in a secondary (framework-connectivity-t) stubs jar.
+ */
+public class IpSecTransform {
+}
diff --git a/tools/testdata/java/android/net/LinkProperties.java b/tools/testdata/java/android/net/LinkProperties.java
new file mode 100644
index 0000000..bdca377
--- /dev/null
+++ b/tools/testdata/java/android/net/LinkProperties.java
@@ -0,0 +1,23 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.net;
+
+/**
+ * Test class with a name matching a public API.
+ */
+public class LinkProperties {
+}
diff --git a/tools/testdata/java/jarjar/prefix/AlreadyInTargetPackageClass.java b/tools/testdata/java/jarjar/prefix/AlreadyInTargetPackageClass.java
new file mode 100644
index 0000000..6859020
--- /dev/null
+++ b/tools/testdata/java/jarjar/prefix/AlreadyInTargetPackageClass.java
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package jarjar.prefix;
+
+/**
+ * Sample class to test jarjar rules, already in the "jarjar.prefix" package.
+ */
+public class AlreadyInTargetPackageClass {
+ /** Test inner class that should not be jarjared either */
+ public static class TestInnerClass {}
+}
diff --git a/tools/testdata/java/test/jarjarexcluded/JarjarExcludedClass.java b/tools/testdata/java/test/jarjarexcluded/JarjarExcludedClass.java
new file mode 100644
index 0000000..7e3bee1
--- /dev/null
+++ b/tools/testdata/java/test/jarjarexcluded/JarjarExcludedClass.java
@@ -0,0 +1,23 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package test.jarjarexcluded;
+
+/**
+ * Test class that is excluded from jarjar.
+ */
+public class JarjarExcludedClass {
+}
diff --git a/tools/testdata/java/test/unsupportedappusage/OtherUnsupportedUsageClass.java b/tools/testdata/java/test/unsupportedappusage/OtherUnsupportedUsageClass.java
new file mode 100644
index 0000000..9d3ae2e0
--- /dev/null
+++ b/tools/testdata/java/test/unsupportedappusage/OtherUnsupportedUsageClass.java
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package test.unsupportedappusage;
+
+import android.compat.annotation.UnsupportedAppUsage;
+
+public class OtherUnsupportedUsageClass {
+ // The annotation is just for completeness, what matters is the unsupportedappusage.txt file
+ @UnsupportedAppUsage
+ public void testSecondMethod() {}
+}
diff --git a/tools/testdata/java/test/unsupportedappusage/TestUnsupportedAppUsageClass.java b/tools/testdata/java/test/unsupportedappusage/TestUnsupportedAppUsageClass.java
new file mode 100644
index 0000000..460c91b
--- /dev/null
+++ b/tools/testdata/java/test/unsupportedappusage/TestUnsupportedAppUsageClass.java
@@ -0,0 +1,26 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package test.unsupportedappusage;
+
+
+import android.compat.annotation.UnsupportedAppUsage;
+
+public class TestUnsupportedAppUsageClass {
+ // The annotation is just for completeness, what matters is the unsupportedappusage.txt file
+ @UnsupportedAppUsage
+ public void testMethod() {}
+}
diff --git a/tools/testdata/java/test/utils/TestUtilClass.java b/tools/testdata/java/test/utils/TestUtilClass.java
new file mode 100644
index 0000000..2162e45
--- /dev/null
+++ b/tools/testdata/java/test/utils/TestUtilClass.java
@@ -0,0 +1,24 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package test.utils;
+
+/**
+ * Sample class to test jarjar rules.
+ */
+public class TestUtilClass {
+ public static class TestInnerClass {}
+}
diff --git a/tools/testdata/test-jarjar-excludes.txt b/tools/testdata/test-jarjar-excludes.txt
new file mode 100644
index 0000000..35d97a2
--- /dev/null
+++ b/tools/testdata/test-jarjar-excludes.txt
@@ -0,0 +1,3 @@
+# Test file for excluded classes
+test\.jarj.rexcluded\.JarjarExcludedCla.s
+test\.jarjarexcluded\.JarjarExcludedClass\$TestInnerCl.ss
diff --git a/tools/testdata/test-other-unsupportedappusage.txt b/tools/testdata/test-other-unsupportedappusage.txt
new file mode 100644
index 0000000..b7d74a4
--- /dev/null
+++ b/tools/testdata/test-other-unsupportedappusage.txt
@@ -0,0 +1 @@
+Ltest/unsupportedappusage/OtherUnsupportedUsageClass;->testSecondMethod()V
\ No newline at end of file
diff --git a/tools/testdata/test-unsupportedappusage.txt b/tools/testdata/test-unsupportedappusage.txt
new file mode 100644
index 0000000..331eff9
--- /dev/null
+++ b/tools/testdata/test-unsupportedappusage.txt
@@ -0,0 +1 @@
+Ltest/unsupportedappusage/TestUnsupportedAppUsageClass;->testMethod()V
\ No newline at end of file