Andtoid System Net #2
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Change-Id: Ib85b85fc12b20436e0d788d5c3ec66306c632b57 Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com> Bug: 20264396
…ion. * commit '52e673f59eecf3e24b3b257bec0f977da5c35325': netd: Adds support for uid in idletimer netlink notification.
* commit '390e4ea8106f9e741bc80fb962aaee94d5b28cbb': Blacklist uids for network access
…ccess a NetID * commit 'd1df597001aadd5d83c9a3d1fe8bbde2bc9256ca': Add FwmarkServer support for querying whether a UID can access a NetID
…." into mnc-dev * commit '660064bc50ce27913594399dece629254b00ad49': Partial refactoring and Android-type style changes.
…o mnc-dev * commit 'fef7e149224681ba49bc39856c25610bb04c3735': InterfaceController::setBaseReachableTimeMs()
* commit '3f95777d2aafa6c0ac4671d55557cad0d04a223f': Fix boolean to integer return value conversion.
* commit '1cdfa9adfa584029cb6d9ac13a2896786001b3a1': netd: add two child chains to firewall
* commit 'feb2b61d3010d52e530357116c3b22c6d77da3cf': netd: add default fw white list for system uids
* commit 'cea2d3455eb7c0d9ad1430607cbe98cc09251c1f': Use struct android_net_context when interfacing with bionic
* commit '7adf8d71b80a729354c358d7a0110651750db5f2': Enable use_oif_addrs_only in netd.
… into mnc-dev * commit '451ca998f1eed36d5fefb5593ed43605c4d6c0bd': Make netd calls to iptables wait for xtables lock
In combination with the use of the use_oif_addrs_only sysctl, the bionic getaddrinfo behaviour on non-default networks is now the same as it has been for default networks. Bug: 20733156 Change-Id: I37e764f1bc1c8efb0c1b47da35558717d2aa5756
Bug: 23239997 Without this attribute, we constantly see SocketClient unable to write because of a broken pipe. Skipping optimizations on this function allows things to work properly again. Change-Id: I6b5a16a0bae86f4a12f59842b5563e0b815fcd9d
…timized out). * commit 'f86df5580e86c2405c71c708408eeee57b38c0d3': Move local union such that it doesn't escape (and get optimized out).
Bug: 23239997 Now that the underlying bug has been fixed, we no longer need to suppress optimizations to work around it. Change-Id: I9d450636598f62f4b890e09861b89853193b0a29
Bug:22802665 Change-Id: I95b83ec0a926208e20659ad4b5355cf8500821f5
* commit '93e6f6a70c83b700aacaa16396449c3d9946b94c': Make iptables -L and -S calls wait for xtables lock
Bug: 23186545 Change-Id: Iab00111d55494def6009c7b6c0da56ecd4b6aa9f
* commit '93e6f6a70c83b700aacaa16396449c3d9946b94c': Make iptables -L and -S calls wait for xtables lock
* commit 'f2fed7647ede2ae39a76d50cf4abc9e57b49d40d': Make iptables -L and -S calls wait for xtables lock
* commit 'f2fed7647ede2ae39a76d50cf4abc9e57b49d40d': Make iptables -L and -S calls wait for xtables lock
* commit '8246d45e94bfb0ce878f41a01602b7b8d78c40ad': bundle init.rc contents with its service
* commit '8246d45e94bfb0ce878f41a01602b7b8d78c40ad': bundle init.rc contents with its service
…s wait for xtables lock" * commit 'c132be495ffeae7c393175c66943195dee84479e':
CRs Change ID Subject -------------------------------------------------------------------------------------------------------------- 1027380 Ie37fbf21332d10ff80d94b675ab501e2bcd7328a Networks: Implement network control for WLAN and cellula Change-Id: Icb2183cdee7800d1df024a5a36ce7e2e5fcb4f54 CRs-Fixed: 1027380
CRs Change ID Subject -------------------------------------------------------------------------------------------------------------- 1061535 I4487a04d0becefc104180e66b11c66dbcc03eb3d SoftAP: Notificate the STA (dis)connect message. Change-Id: If1defc5a830cdcd6607efb404a4195bfeec69eb0 CRs-Fixed: 1061535
Change-Id: Iac090663451d754d57c6772661c6a5e1857ecd19
Change-Id: I03458c3c0897e857b73bc2427e4c88ae03bba339
This reverts commit 6139b84.
This reverts commit 893c122. Change-Id: I38f44eff5633ecaa313b734c08d269d5bd6cbce9
Android 7.1.0 release 4 Change-Id: I89a8b3fc4726ddffce140beb3bbc9a7ede8a05aa
* Unbreak tethering on Bullhead and friends. Change-Id: I8021fbd98f08f5e3916a9ddcaacf56d188bceb9e
Bug: 9580643 Bug: 30298058 Change-Id: Ia2e81786527b5718ed7f9dd195a39ea1eb7eb2b4
Bug: 21859053 Bug: 28135208 Change-Id: Ia3232706a697fd149ed87f74586efe3d434261f8
Bug: 23113288 Change-Id: I8dcb02c79c81244e5b7288cb50770ac6a5867fcc
Bug: 23113288 Change-Id: Iea225ead1f6296ded29fcee2435a8c6aa2a67429
…ervice The service will be extended to include listening for connect events as well Test: this is just a renaming change Bug: 29748723 (cherry picked from commit 5005134) Change-Id: I0402fec21fc60f3752fac23a73285c4987cee755
This is from copy-pasting the line above and changing the assert message but not the actual check. (cherry picked from commit 927c40f) Change-Id: I6ec2902ea4d1a4dc139b02cfeb9d6978af380a21
This seems to have been intended but it's just using the loop index. In fact the only thing the random index is used for is an assert to check that it is a valid index. Also stops the test segfaulting if num_queries > num_hosts (cherry picked from commit c4aba0a) Change-Id: Iae2369676c08fa8f8110c3cdebb0e4294a60b4b2
Bug: 29748723 Test: netd_integration_test (cherry picked from commit cc54416) Change-Id: Icc2f633206b9f8052ca9ae2b775984b4f4be97b9
Bug: 29748723 Test: this is an APCT test. (cherry picked from commit 484dac1) Change-Id: I102aeb84c92716f5e022b50792c2fd1cde98e286
The continuous execution environment is not finding these and shouldn't
need access to them if instead we can just statically link as much as
possible.
Fixes the testrun on angler-userdebug which doesn't seem to have
libnetd_aidl or liblogwrap available by default
Test: mma -j30 netd_benchmark && ${OUT}/data/benchmarktest/netd_benchmark/netd_benchmark /data/netd_benchmark && adb shell /data/netd_benchmark
(cherry picked from commit 3cea1d5)
Change-Id: Ib2fb9624a8aa2cdd81add575dfded1d6e6c07455
This class stores the reporting level and can be used to get the event listener service. Bug: 29748723 (cherry picked from commit be581e2) Change-Id: I825dbce5d40af6b781d177a611ab606853fc2e01
…lers It's not good form to have a variable that's created and used only once in the same line anyway, so the compilers that flag it are probably in the right. Test: netd_benchmark Bug: 29748723 (cherry picked from commit e65244b) Change-Id: I80b8c321087947c08d5d5b9cb6ca7b4987b2ac77
This adds hostname, array of addresses, total count of IP addresses and uid to the existing pipeline. Currently ignores the new data it receives, further work will be done in the subsequent CLs. Test: for now just the benchmarking, in the future CTS Bug: 29748723 (cherry picked from commit 36deff7) Change-Id: I16d690052fb01fc6d2bc3a57d4550f22236cd0fa
Bug: 29748723 (cherry picked from commit fe7f72b) Change-Id: I3de12cab6d93a1ec928d47c7b3656eac99a91fb6
Adds reporting of connect events including netId, destination IP address, destination port, uid and connect latency. Also enables the relevant tests in the connect_benchmark. Currently ignores the new data it receives, further work will be done in the subsequent CLs. Test: for now just the benchmarking, in the future CTS Bug: 29748723 (cherry picked from commit 4b9b78a) Change-Id: I3ec05db3a9b914af38307282ede3f3439716b1ef
…Handler Bug: 32399924 Bug: 29748723 Test: runtest -x netd_integration_test.cpp (cherry picked from commit 7a8a601) Change-Id: I8e47c2461dc7e8bf34128a2d56ba936e2535c262
…etHostByNameHandler::run(). Found by ASan. Test: Flash ASan build, boot up and verify that system/netd does not crash with AddressSanitizer induced errors. Bug: 32810214 Bug: 29748723 (cherry picked from commit f8bb7ec) Change-Id: I8814756588b2bb4c78583a829e08d33305797642
netd benchmark can't build on nyc-mr2-dev, because google-benchmark project is out of date and won't be backported, and thus the content of this file is commented out to disable it. In order to run netd benchmark locally you can uncomment the content of this file and follow instructions in ag/1673408 (checkout that commit and build external/google-benchmark and system/netd locally and then run the benchmark locally) Bug: 29748723 Change-Id: Iaa101f79f1b6b20fa856b7bf8ca95c55abe05f05
Test: manual test + $ runtest -x system/netd/test/netd_integration_test.cpp Bug: 32198976 Bug: 29748723 Change-Id: I476ada792092db80c8fb27cb40d5d7ea0f26de46
Test: $ runtest -x system/netd/tests/netd_integration_test.cpp Bug: 32198976 (cherry picked from commit 794c5c7) Change-Id: I0a7990d7211d5355a48d941ee9659c16e38817ca
Currently, implicitly-marked sockets continue to work when the
network changes permission. This makes it so that UDP sockets
connected on a foreground network will continue to work even if
the network moves into the background (e.g., when the linger
timer fires on cell data with mobile data always on).
Instead, make it so that sockets implicitly marked to a network
become unroutable when the network starts requiring permissions.
Explicitly-marked sockets will continue to be routed on the
network, as usual.
This is consistent with what we do for TCP: when a network
changes permissions, all implicitly-marked sockets on that
network are closed using SOCK_DESTROY.
This change should not affect any other behaviour because:
- Netd only ever implicitly marks sockets to the default network
or to a bypassable VPN that applies to the caller.
- In both cases, at the time of marking, the network does not
require permissions because:
- VPNs don't support permissions.
- The default network never requires any permissions:
- ConnectivityService's mDefaultRequest specifies
NOT_RESTRICTED.
- The only case where a NOT_RESTRICTED network can require a
permission is if it's a background network, and the default
network is, by definition, never a background network.
- VPNs can't change permissions.
- If the network is still the default network, the lack of this
implicit rule doesn't matter.
Therefore, the only case where this rule can alter routing is if
a socket is implicitly marked on the default network and that
network, after ceasing to be the default, changes permissions.
Bug: 64103722
Test: builds
Test: manually observed IP rules while changing network permissions
Change-Id: I255a9d216c50aa47bb951be9bd6cce59a12c6165
Merged-In: I255a9d216c50aa47bb951be9bd6cce59a12c6165
(cherry picked from commit 050085a)
Bug: 64103722 Test: builds Test: connected socket UDP traffic switches to wifi when cell goes into background Change-Id: I22e618be40d61be6d5f56a6fc4e5a71e1606c2f8 Merged-In: I22e618be40d61be6d5f56a6fc4e5a71e1606c2f8 (cherry picked from commit 639696d)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Mardmallow version