If construction of a new IpReachabilityMonitor throws an IAE then
log it and immediately call onProvisioningFailure().
Test: runtest frameworks-wifi
passes, except for selectQualifiedNetworkDoesNotChooseDeletedEphemeral()
which fails with an NPE for unrelated reasons.
Bug: 31038971
Bug: 31742703
Change-Id: Ie91b8bdd509d06ad54d062bf446e74c092eb096c
This patch replaces System.currentTimeMillis() with
SystemClock.elapsedRealTime() to make RA lifetime computation more
resilient to various external events inducing jumps in
currentTimeMillis().
Test: ApfTest passes.
Change-Id: I4876064638df78d72bbd9057cfdf3309f8e27f68
This patch removes the synchronization around the private variable
mRunning inside of IpReachabilityMonitor and instead qualifeis the field
as volatile.
Synchronization is not needed for reads/writes on native fields or
object references because they are already guaranteed to be atomic.
Synchronization here was used for enforcing memory visibility across
concurrent threads indirectly through monitor acquire/release.
The volatile keyword achieves this in a more explicit way.
Also, this patch changes the way that probeAll() copies the
IpReachabilityMonitor's mIpWatchList by temporary holding mIpWatchList
keys into an ArrayList instead of a more expensive HashSet. Since Java
HashSet are just degenerated HashMaps, and that key iteration order is
based on key hash, the iteration order over this temporary collection
will be consistent for the same mIpWatchList.
Test: refactoring CL. Existing unit tests still pass.
Change-Id: I86ca6d54cb41ec78281e224a8d8ffd7155451132
This patch adds a getUint8 getter for ByteBuffers and changes ApfFilter
to make uses of getUint8/16/32 everywhere.
The return types of getUint16 is also changed from long to int, which
will expand gracefully to long as an unsigned int as it is guaranteed to
be positive after getUint16.
Test: ApfTest passes
Change-Id: Id3c2817b949e9817e2bb60e0ec8fe2d6fd8d787c
This patch adds an explicit check in the DHCP packet parser for
rejecting packets without a magic cookie, instead of relying on the
top-level try-catch-all in the parser.
This allows to add to DHCP error metrics this specific error.
It also allows to add two poor man's fuzzing tests that tries to find
additional gaps in the DHCP packet parser by
- trying to parse all subslices of a valid offer packet.
- trying to parse random byte arrays.
Test: covered by previously introduced malformed DHCP packet unit tests
+ additional fuzzing tests.
Bug: 31850211
Change-Id: If53c9ba9df78d7604ec018c9d67c237ae59c4833
This patch adds a try catch all to DHCP packet parsing so that
DhcpClient does not choke on malformed packets, brinding down with it
the whole framework.
Test: added new unit tests catching the issue fixed in this patch.
Bug: 31850211
Change-Id: I3c50a149fed6b2cbc4f40bb4f0e5bb2b56859b44
Additionally, add this utility class to IpManager for compatibility
verification. A follow-on CL will make use of IpManager's local
AvoidBadWifiTracker.
Bug: 31827713
Change-Id: If8c56c3f8076d6a5157ea180e361bbdadc2bc1dd
When IPv4 is provisioned on an interface with Apf capabilities,
ApfFilter will only keep track of the raw ipv4 address, with no
information about the subnet or prefix length.
This patch adds the missing prefix length information to ApfFilter. This
allows to calculate the subnet broadcast ipv4 address for more
precise ipv4 broadcast filtering when the multicast lock is not held.
Bug: 30231088
Change-Id: Iebaec040703647c4ced30bb585be173e97a1fae5
This patch refines the Apf IPv4 filter for interfaces with Apf
capabilities to drop packets when:
- the multicast lock is not held
- the packet is an IPv4 packet
- the packet is not a DHCP packet addressed to us
- the packet is L2 broadcast, or IPv4 multicast, or IPv4 broadcast
- caveat: subnet broadcast address is not checked.
This allows to drop IPv4 broadcast packets whose MAC destination
address is not the L2 broadcast address but the current address of the
interface. Such packets can be received on network that rewrite L2
addresses and can put significant pressure on battery by waking up the
phone unnecessarily.
Bug: 30231088
Change-Id: I8b1785fc5ceadaa1f2881765983e502135dcbc46
This patch improves the test coverage of ApfFilter for IPv4 broadcast and
multicast traffic.
Bug: 30231088
Change-Id: I2e1d5d5a7cbae17f3d5978a4cf5f10666b5c6104
[ IPv6TetheringCoordinator ]
- Send CMD_IPV6_TETHER_UPDATE to all TetherInterfaceStateMachines.
This results in some spurious noop messages, but currently
the coordinator does not maintain state about which downstream interaces
are serving IPv6 and which are not. Until it does maintain such state
it does not know to notify only the affected interfaces about a loss of
IPv6 upstream
[ IPv6TetheringInterfaceServices ]
- De-dup incoming IPv6-only LinkProperties to avoid spurious updates
to the RA daemon.
- Keep track of new prefixes/dns and newly deprecated prefixes/dns
on each update.
- Set and remove local_network routes based on new and newly
deprecated prefixes.
- Set and remove local DNS server IP addresses based on new
and newly deprecated DNS servers. Update dnsmasq via netd
accordingly.
- Pass newly deprecated and new information to the RA daemon.
[ RouterAdvertisementDaemon ]
- Receive newly deprecated prefixes/DNS and update local tracking
data structures accordingly.
- Properly send urgent final deprecation RAs, and then cease all
transmissions.
Bug: 30298058
Change-Id: Idc821603fa93bff1a821d1180d4135bc70e4a08d
Split StartedState into StartedState and RunningState, and ensure
known good state before proceeding from the former to the latter.
Bug: 30290336
Change-Id: I0a93f8fe53c65a0b90c28c3cf708792146a92aab
There is a chance a packet can slip by before we install the filter
on our socket listening for RAs, so add some basic sanity checking
to make sure we've recieved an RA.
Change-Id: I14cf84a0814896a41e00f50af376dfc4988d36cb
Fixes: 29586253
This patch adds APF filtering of ARP replies for interfaces with APF.
- when the interface has no IPv4 address, broadcast ARP replies with a
0.0.0.0 target ip are dropped (GARP), ARP requests with a 0.0.0.0
target ip are dropped.
- when the interface has an IPv4 address, broadcast ARP replies to a
different ip are dropped (including GARPs to 0.0.0.0), ARP requests to
a different ip are dropped.
Bug: 29404209
Bug: 30080487
Change-Id: I82613eb865c7f38b6260997fe2caf2aff382ad78
This patch adds in IpReachabilityMonitor a timestamp variable set
everytime that probeAll() send NUD probe requests to RTNETLINK.
This allows to distinguish between:
1) NUD_FAILED events resulting from such a forced NUD probe
2) "organic" NUD_FAILED notifications from the kernel
This distinction is added to IpReachabilityEvent as a one-bit flag.
This patch also changes the formatting of ApfProgramEvent flags to use
'|' as a joining character, similarly to other flags formatting.
Bug: 21859053
Change-Id: I24c64a3f17fa283eace5bd0a05c21a90a2305359
This patch adds lifetime durations of DhcpClient states to
DhcpClientEvents.
To record the duration of a state, the event is now recorded when the
DhcpClient state machine exits that state.
In addition this patch removes event logging of StoppedState,
DhcpState and DhcpHaveLeaseState.
Change-Id: Ibd37b5e3070f35113b6b45942b1e1ff19c27a90b
This patch
- adds a Builder class for RaEvent.
- uses this Builder class for correctly recording the minimum
lifetime seen for every ICMP6 options tracked, instead of
recording the last lifetime seen.
- adds unit test coverage for RaEvent logging.
Change-Id: I6443932f5cf7a613a5c695c65a60eab01e60602a
This patch defines a new android.net.metrics.RaEvent class carrying
lifetime values contained in RA packets. RaEvent are recorded when
ApfFilter processes a new RA for which there is no match.
Example:
ConnectivityMetricsEvent(15:39:39.808, 0, 0): RaEvent(lifetimes: router=3600s, prefix_valid=2592000s, prefix_preferred=604800s, route_info=-1s, dnssl=-1s, rdnss=3600s)
Change-Id: Ia28652e03ed442d5f2a686ef5b3fafbcb77c503a
This patch adds a new ApfStats event class that counts RA packet
reception statistics on the RA listener thread of ApfFilter and reports
the maximum program size advertised by hardware.
Statistics are gathered for the lifetime of a network with APF
capabilities and uploaded at network teardown when the listener thread
exits.
Example event:
ConnectivityMetricsEvent(15:44:23.741, 0, 0): ApfStats(284945ms 2048B RA: 2 received, 0 matching, 0 ignored, 0 expired, 0 parse errors, 2 program updates)
Bug: 28204408
Change-Id: Id2eaafdca97f61152a4b66d06061c971bc0aba4c
