platform_system_netd/server/NetdNativeService.cpp, branch master Unnamed repository; edit this file 'description' to name the repository. Support subsidiary priority on UID ranges 2021-06-30T17:17:01+00:00 Ken Chen cken@google.com 2021-05-23T06:56:43+00:00 4ea88460c9a94fb0dc0b8bdee8fb5498ebcb38df Network preference per-profile and OEM network preferences can't be set at the same time, because it is unclear what should happen if both preferences are active for one given UID. Therefore, it needs a parameter for ConnectivityService to specify which preference is prior to others. In this commit: 1. Adds a pair of methods with parcelable parameter, which currently includes netId, UID range array and subsidiary priority. 2. The subsidiary priority will be used to adjust the original IP rule priority. UID ranges can applies to different network with different subsidiary priority. But a single UID should not apply to multiple networks with the same subsidiary priority. 3. The possible value of subsidiary priority for physical and unreachable networks is 0-999. 0 is the highest priority. 0 is also the default value. Virtual network supports only the default value. 4. Netd and its tests reference to latest AIDL version (unstable). Bug: 182460808 Test: m; flash; cd system/netd/; atest Test: atest FrameworksNetTests Test: atest HostsideVpnTests Change-Id: I94e8830d0a21ffcca17757fe4783a4be9438c8b4 
Network preference per-profile and OEM network preferences can't be set
at the same time, because it is unclear what should happen if both
preferences are active for one given UID. Therefore, it needs a
parameter for ConnectivityService to specify which preference is prior
to others.

In this commit:
1. Adds a pair of methods with parcelable parameter, which currently
   includes netId, UID range array and subsidiary priority.

2. The subsidiary priority will be used to adjust the original IP rule
   priority. UID ranges can applies to different network with different
   subsidiary priority. But a single UID should not apply to multiple
   networks with the same subsidiary priority.

3. The possible value of subsidiary priority for physical and
   unreachable networks is 0-999. 0 is the highest priority. 0 is also
   the default value. Virtual network supports only the default value.

4. Netd and its tests reference to latest AIDL version (unstable).

Bug: 182460808
Test: m; flash; cd system/netd/; atest
Test: atest FrameworksNetTests
Test: atest HostsideVpnTests
Change-Id: I94e8830d0a21ffcca17757fe4783a4be9438c8b4
Add networkCreate API. Deprecate networkCreate[Physical/Vpn] 2021-05-11T08:06:25+00:00 Ken Chen cken@google.com 2021-04-04T03:28:06+00:00 ab5f347b7f50e8a47940c53334e2c9bac490309d OEMs need VPN type information in Netd for customization. According to stable AIDL rules, Netd can neither extend parameters in the existing networkCreateVpn, nor add a new API with the identical name (function overloading). Thus, add an extensible API which can create physical network, virtual network, and so on. Deprecate networkCreatePhysical and networkCreateVpn. Bug: 171872481 Test: atest Change-Id: I9094593c902d91d90a8210960c608f0a50f163ff 
OEMs need VPN type information in Netd for customization. According to
stable AIDL rules, Netd can neither extend parameters in the existing
networkCreateVpn, nor add a new API with the identical name (function
overloading). Thus, add an extensible API which can create physical
network, virtual network, and so on. Deprecate networkCreatePhysical
and networkCreateVpn.

Bug: 171872481
Test: atest
Change-Id: I9094593c902d91d90a8210960c608f0a50f163ff
Make tetherOffload* binder calls to return EX_UNSUPPORTED_OPERATION 2021-02-24T08:33:36+00:00 Hungming Chen nuccachen@google.com 2021-02-04T12:31:52+00:00 ea8b230fb02722f85b9aa183b046adcf75d562e5 This is a preparation to remove tetherOffload* binder calls: tetherOffloadRuleAdd tetherOffloadRuleRemove tetherOffloadGetStats tetherOffloadSetInterfaceQuota tetherOffloadGetAndClearStats Disable two NetdBinderTest test cases and consider removing them: TetherOffloadForwarding TetherOffloadRule Test: atest netd_integration_test Change-Id: Idc17aa78cd4293d3b8f8bccfc349b5b99ee7d6a1 
This is a preparation to remove tetherOffload* binder calls:
tetherOffloadRuleAdd
tetherOffloadRuleRemove
tetherOffloadGetStats
tetherOffloadSetInterfaceQuota
tetherOffloadGetAndClearStats

Disable two NetdBinderTest test cases and consider removing them:
TetherOffloadForwarding
TetherOffloadRule

Test: atest netd_integration_test
Change-Id: Idc17aa78cd4293d3b8f8bccfc349b5b99ee7d6a1
Refactoring string uid vectors 2020-12-29T19:08:27+00:00 Patrick Rohr prohr@google.com 2020-12-29T17:16:35+00:00 7920397d9760701554bad0d65464f1f41757d465 There is no need to convert uids to strings anymore now that iptables are being removed. Test: atest netd_unit_test Bug: 167500195 Change-Id: Ida0d8aea937c50fe40970eacb01f24485c0a59ad 
There is no need to convert uids to strings anymore now that iptables
are being removed.

Test: atest netd_unit_test
Bug: 167500195
Change-Id: Ida0d8aea937c50fe40970eacb01f24485c0a59ad
Correct the scope of networkSetProtectAllow 2020-12-10T10:50:19+00:00 Ken Chen cken@google.com 2020-12-10T10:50:19+00:00 155fb6a7827747336d80fee14aceb6feecba1b07 Test: atest Change-Id: I0349e012499f7e2e7ae39809922d0a362cb1a2ae 
Test: atest
Change-Id: I0349e012499f7e2e7ae39809922d0a362cb1a2ae
Uses a new gen_log for transaction logging. 2020-11-25T02:57:05+00:00 Jooyung Han jooyung@google.com 2020-11-04T05:21:46+00:00 f2422585ca3f75b24ab6cab9b6bdb10f27f29fd2 AIDL gen_log now passes a struct rather than a JSON object so that the build artifacts become smaller and more efficient. Bug: 172188290 Test: m Test: atest netd_integration_test Change-Id: I927adedc73660503459610fcd4508f0d07d18245 
AIDL gen_log now passes a struct rather than a JSON object so that the
build artifacts become smaller and more efficient.

Bug: 172188290
Test: m
Test: atest netd_integration_test
Change-Id: I927adedc73660503459610fcd4508f0d07d18245
Mostly remove "blacklist" and "whitelist" from netd. 2020-07-30T14:13:40+00:00 Lorenzo Colitti lorenzo@google.com 2020-07-30T03:03:40+00:00 cdd79f13c670605819333de2d7b67d7f8a42210c Rename these to allowlist and denylist. This change is mostly automatically generated with: sed -i 's/WHITE/ALLOW/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch] sed -i 's/white/allow/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch] sed -i 's/BLACK/DENY/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch] sed -i 's/black/deny/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch] sed -i 's/White/Allow/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch] sed -i 's/Black/Deny/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch] plus manual changes to FirewallController.h and NdcDispatcher.cpp to make them continue to use INetd::FIREWALL_WHITELIST and INetd::FIREWALL_BLACKLIST. INetd (and FIREWALL_WHITELIST and FIREWALL_BLACKLIST) are not being fixed in this change because doing so would require changing frozen AIDL files, which is a more complex undertaking. Also manually change occurrences in the test. Finally, fix some formatting errors found by clang-format, and some errors such as "a allowlist" (should be "an allowlist") or` "allowspace" (should be "whitespace"). Bug: 161896447 Test: atest netd_unit_test netd_integration_test Test: crosshatch builds, boots, no IptablesRestoreController errors in logs Change-Id: I3f5b864686651134a50e90b28fc9914bfa3f9a8e 
Rename these to allowlist and denylist.

This change is mostly automatically generated with:

sed -i 's/WHITE/ALLOW/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/white/allow/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/BLACK/DENY/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/black/deny/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/White/Allow/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/Black/Deny/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]

plus manual changes to FirewallController.h and NdcDispatcher.cpp
to make them continue to use INetd::FIREWALL_WHITELIST and
INetd::FIREWALL_BLACKLIST.

INetd (and FIREWALL_WHITELIST and FIREWALL_BLACKLIST) are not
being fixed in this change because doing so would require
changing frozen AIDL files, which is a more complex undertaking.

Also manually change occurrences in the test.

Finally, fix some formatting errors found by clang-format, and
some errors such as "a allowlist" (should be "an allowlist") or`
"allowspace" (should be "whitespace").

Bug: 161896447
Test: atest netd_unit_test netd_integration_test
Test: crosshatch builds, boots, no IptablesRestoreController errors in logs
Change-Id: I3f5b864686651134a50e90b28fc9914bfa3f9a8e
Add binder call tetherOffloadGetAndClearStats 2020-06-05T08:24:56+00:00 Hungming Chen nuccachen@google.com 2020-04-17T12:00:27+00:00 468a20c532eb13e7af0ebaeaa742be05e76e2be5 Provide binder calls for getting tethering statistics and clear the stats for the given upstream. Bug: 150736748 Test: None Change-Id: I7bb635ee39d658961cd9515cc37e23bc3f0cd38f 
Provide binder calls for getting tethering statistics and clear the
stats for the given upstream.

Bug: 150736748
Test: None
Change-Id: I7bb635ee39d658961cd9515cc37e23bc3f0cd38f
Add binder call tetherOffloadSetInterfaceQuota 2020-06-05T08:24:52+00:00 Hungming Chen nuccachen@google.com 2020-03-16T05:53:19+00:00 0c47671990d1b1e8672f38209faa76d184089b96 Provide binder calls for setting the limit for the given upstream interface. Bug: 150736748 Test: atest Change-Id: I5def133022ee0ae232972c9ccffccd041b4b47a6 
Provide binder calls for setting the limit for the given upstream
interface.

Bug: 150736748
Test: atest
Change-Id: I5def133022ee0ae232972c9ccffccd041b4b47a6
Merge changes from topic "tether_offload_data_limit" 2020-06-01T23:33:24+00:00 Nucca Chen nuccachen@google.com 2020-06-01T23:33:24+00:00 88c3ea4cb43a9d3d374383d82d4a6885c5b34e21 * changes: Add com.android.tethering to be netd_aidl_interface's apex user Add binder call tetherOffloadGetStats 
* changes:
  Add com.android.tethering to be netd_aidl_interface's apex user
  Add binder call tetherOffloadGetStats