The BPF tethering coordinator listens to the forwarding rule
changes for updating data limit which is applied in the following
conditions.
- After adding the first rule on a given upstream, add data limit.
- After removing the last rule on a given upstream, clear data limit.
- The service applies a new data limit on current upstream.
The reason for relying on rule changes is because the Tethering and
IpServer objects have multi-internal state machines. It is hard to
synchronize all of their states.
Note that the data limit cleanup for stopping or switching upstream
relies on offload rules are all removed as well.
Bug: 150736748
Test: manual
Change-Id: I829d36339973f9473fe6b616c48aa288f18d1c46
Currently tethering notification is sending a pending intent for
redirecting user to tether settings page. However, this intent
is implicit that only create with
Settings.ACTION_TETHER_SETTINGS. For security reasons, this
intetnt should specify an explicit component to be delivered to.
Thus, specify the settings package name to this intent.
Test: atest TetheringTests
Bug: 156353008
Change-Id: I49187aee8a004caa890e2a73c0a28d280215c7d4
* changes:
Make tethering module to use netd_aidl_interface-unstable-java
[BOT.5] Move class Ipv6ForwardingRule from IpServer to the coordinator
[BOT.3] Add unit test for polling network stats in the coordinator
[BOT.2] Create a coordinator and stats provider to provide tether stats
[BOT.1] Add a class ForwardedStats in TetheringUtils
Verify that the coordinator could fetch tether stats from BPF maps and
report the network stats to the service.
Bug: 150736748
Test: atest BpfCoordinatorTest
Change-Id: Ib1756159a2047c5db7d31359b0f288f840bd1bb1
Make BPF tethering offload coordinator, BpfCoordinator,
registers a network stats provider, BpfTetherStatsProvider, and
provide the tethering stats from the BPF map.
Bug: 150736748
Test: new test BpfCoordinatorTest
Change-Id: I22e71f87b67668f7e733e4f215d93bf5b2c9380d
Shell has TETHER_PRIVILEGED permission. To avoid any service to adopt
shell identity by lunching service with Shell process, gate
exemptFromEentitlementCheck by NETWORK_STACK.
Bug: 157702014
Test: atest TetheringCoverageTests
Change-Id: I6ddfda23d36ea9981e3e1eb5a87767f452a65852
1. Call maybeRemoveDeprecatedUpstreams from Tethering rather than inside
PrivateAddressCoordinator because the building logic of this method based
on implementation details of Tethering.
2. Fix typo
Bug: 130879722
Test: -build, flash, boot
-atest TetheringTests
Change-Id: I7584253b728bc17fc648fc19e492ca9f7ad2ff46
KClass#getSimpleName need refer to kotlin-reflect.jar which need
include it in Andorid.bp. However, it's not necessary to use
KClass#getSimpleName but use Class#getSimpleName instead.
Test: atest TetheringTests
Bug: 157527499
Change-Id: I49bc336a276d30152402eba926cc583bc81e8e5c
Merged-In: I49bc336a276d30152402eba926cc583bc81e8e5c
The names of the individual modules do not quite follow the pattern
that java_sdk_library uses so this temporarily sets the following:
naming_scheme: "frameworks-modules"
That causes java_sdk_library to use a naming scheme that matches the
one used by the individual modules of this. It will be cleaned up
later.
Part of the purpose of the java_sdk_library is to hide the
implementation code and force users of the library to depend on stubs
for a well defined API. Ideally, it would allow access to the
implementation in those cases where it is safe, e.g. from within the
same APEX, or from tests for the implementation. Unfortunately, due to
limitations in the build it does not yet have enough information to
make that decision correctly which means that any code that needs to
compile against the implementation is broken which would prevent us
from converting the module to java_sdk_library.
However, the only way to provide the additional information to allow
the implementation to be correctly exposed is to convert the modules
to java_sdk_library; a cycle.
In order to break that cycle the java_sdk_library creates a special
<module>.impl target which is used directly by tests and any other code
that needs it. Once all the modules have been converted to a
java_sdk_library then we can resolve the limitations in the build and
remove the direct references to <module>.impl.
Test: m update-api
Bug: 155164730
Merged-In: If5c115f482751f9f4b5f047e9e401a18e36799ef
Merged-In: Id1c2e848430c49a2da7402244814cd084f5da77c
Change-Id: Id1c2e848430c49a2da7402244814cd084f5da77c
Extend the timeout to lower the EthernetTetheringTest flaky.
Besides, also explicitly exempt entitlement check in
EtetherntTetheringTest because it do not test tethering upstream
currently. Thus, the tests would not be interrupted by entitlement
check if test SIM is entitlement required.
Bug: 156713866
Test: TetheringCoverageTests, CtsTehteringTest
Change-Id: I45e8e8d737486def9d0de8943ec7f09ca0942a0b
- Add New class PrivateAddressCoordinator to coordinate the private
address conflict problem.
- Downstream prefix would be random in 192.168.0.0/24 ~
192.168.255.0/24.
- If new upstream prefix is conflict with existing downstream prefix,
downstream would be kicked out and it would request a new one.
- The last conflict upstream prefixes would be blacklist. Avoid to
select downstream prefix which is conflict with prefixes in blacklist.
Bug: 130879722
Test: -build, flash, boot
-atest TetheringTests
Change-Id: Ib45b87bcd9eeb5da03fb7ec90b1af9ca53998cf5
If upstream is cellular, set the TTL in Router Advertisements to
"network-set TTL - 1" for carrier requirement. For other non-cellular
upstream, set TTL as "network-set TTL + 1" to preventing arbitrary
distinction between tethered and untethered traffic.
Bug: 154776299
Test: atest TetheringTests
Change-Id: I7f2696a642f96c6aafb5613b980bf5bcdd08bbda
AdoptShellPermissionIdentity can not pass permission check by
Settings#checkAndNoteWriteSettingsOperation. It would compare the caller
uid and its package name. See error below:
1. java.lang.SecurityException:
Specified package com.android.shell under uid 10239 but it is really 2000
2. java.lang.SecurityException:
uid 10245 does not have android.permission.UPDATE_APP_OPS_STATS.
Override the method and test if caller hold WRITE_SETTINGS directly.
Bug: 154869719
Test: TetheringTests, TetheringCoverageTests, NetworkStackNextTests,
NetworkStackCoverageTests
Change-Id: I2a60c4d66ef30028f9663159f85464ea815248e2
Add the specific implementation of onNewPrefixRequest callback
on IpServer side, also refactor some common code.
Bug: 130741856
Test: atest TetheringTests
Change-Id: If2871bf899cb5890bbfee18063a194c92b6f474e
1. Move isTetheringSupport logic from TetheringService to Tethering.
2. Small readability improvement in TetheringTest. Also change
config_tether_upstream_automatic from false to true in TetheringTest.
So TetheringTests would default run automatic select upstream flow
instead of selecting by legacy perferred network type list.
Bug: 153609486
Test: atest TetheringTest
Change-Id: I5a82a6347f62d3a7031db5c56e8e0c8530dafd8f
Merged-In: I5a82a6347f62d3a7031db5c56e8e0c8530dafd8f
To exempt from entitlement check, caller need to hold TETHER_PRIVILEGED
permission.
Bug: 141256482
Test: atest TetheringTests
Change-Id: I2eb37f5e92f5f5150a7fb7c25b945e28704d27a0
If BPF offload device config is not enabled:
- Does not add/remove offload forwarding rules through disabling IP
neighbor monitor.
- Does not apply the RA MTU reduction.
Bug: 149997301
Test: atest IpServerTest
Change-Id: I2d6f80f0229f580c4b16243a064e889a6c37f77a
The tether bpf offload can be enabled by resource config and
device config. The device config has higher priority and it
could override this config which is set by resource config.
Bug: 149997301
Test: -build, flash, boot
-atest TetheringConfigurationTest
Change-Id: I9c26852d2c926786e141ece6da53df3801c049b2
This is a no-op refactoring to adapt new test provider callback.
Also this patch adapts TestLooper to allow better control on
delay messages that will be verified in subsequent tests.
Test: atest OffloadControllerTest
Bug: 149467454
Change-Id: Icfd6ff289d6689ae2d5753d3fe472516c808dc7a
In order to mock constant in unit test, a dependency object is
introduced with minimum code change to achieve this.
Test: atest TetheringTests
Bug: 149467454
Change-Id: I38628daddcb7be7c74846e78d36dc88f065b97d9
Address issues found during AIDL review:
- Rename clientAddr to singleClientAddr
- Do not use a ParcelableBundle for notifyNetworkTested or
notifyDataStallSuspected; instead use AIDL parcelables for stronger
backwards compatibility guarantees.
Test: atest NetworkMonitorTest ConnectivityServiceTest
ConnectivityServiceIntegrationTest, manual
Bug: 153500847
Change-Id: Id9b71784e5f6294d203230e57737979e063ff0f8
Stop depending on Preconditions that is not released on the same cadence
as the module, and is maintained as part of the framework.
Bug: 148636687
Test: atest TetheringTests NetworkStackNextTests
Change-Id: Id0dcec44f362f79bc8c046d722635687a7388aa2
