platform_system_netd/server/VirtualNetwork.h, branch master Unnamed repository; edit this file 'description' to name the repository. Support subsidiary priority on UID ranges 2021-06-30T17:17:01+00:00 Ken Chen cken@google.com 2021-05-23T06:56:43+00:00 4ea88460c9a94fb0dc0b8bdee8fb5498ebcb38df Network preference per-profile and OEM network preferences can't be set at the same time, because it is unclear what should happen if both preferences are active for one given UID. Therefore, it needs a parameter for ConnectivityService to specify which preference is prior to others. In this commit: 1. Adds a pair of methods with parcelable parameter, which currently includes netId, UID range array and subsidiary priority. 2. The subsidiary priority will be used to adjust the original IP rule priority. UID ranges can applies to different network with different subsidiary priority. But a single UID should not apply to multiple networks with the same subsidiary priority. 3. The possible value of subsidiary priority for physical and unreachable networks is 0-999. 0 is the highest priority. 0 is also the default value. Virtual network supports only the default value. 4. Netd and its tests reference to latest AIDL version (unstable). Bug: 182460808 Test: m; flash; cd system/netd/; atest Test: atest FrameworksNetTests Test: atest HostsideVpnTests Change-Id: I94e8830d0a21ffcca17757fe4783a4be9438c8b4 
Network preference per-profile and OEM network preferences can't be set
at the same time, because it is unclear what should happen if both
preferences are active for one given UID. Therefore, it needs a
parameter for ConnectivityService to specify which preference is prior
to others.

In this commit:
1. Adds a pair of methods with parcelable parameter, which currently
   includes netId, UID range array and subsidiary priority.

2. The subsidiary priority will be used to adjust the original IP rule
   priority. UID ranges can applies to different network with different
   subsidiary priority. But a single UID should not apply to multiple
   networks with the same subsidiary priority.

3. The possible value of subsidiary priority for physical and
   unreachable networks is 0-999. 0 is the highest priority. 0 is also
   the default value. Virtual network supports only the default value.

4. Netd and its tests reference to latest AIDL version (unstable).

Bug: 182460808
Test: m; flash; cd system/netd/; atest
Test: atest FrameworksNetTests
Test: atest HostsideVpnTests
Change-Id: I94e8830d0a21ffcca17757fe4783a4be9438c8b4
Remove Network::Type and Network::getType() 2021-03-31T03:23:01+00:00 Ken Chen cken@google.com 2021-03-30T11:41:49+00:00 2f6615218e16e4bd7edd85b909869d6b8cc17d87 Enumeration Network::Type and member function Network::getType() can be removed after aosp/1657760. Specializations of each type of network are implemented in subclass. No functionality changes. Test: atest Change-Id: Ib57bf26e4f0a60f7f01bec3109fb84458fb3abfb 
Enumeration Network::Type and member function Network::getType() can be
removed after aosp/1657760. Specializations of each type of network are
implemented in subclass. No functionality changes.

Test: atest
Change-Id: Ib57bf26e4f0a60f7f01bec3109fb84458fb3abfb
Virtualize trivial utilities 2021-03-30T21:05:41+00:00 Ken Chen cken@google.com 2021-03-30T08:29:50+00:00 6559f1a39fb18efbc9aa194cba73df45f8a741d1 Virtualize a few one-line utilities with default returning false and only override them with true in subclasses. No functionality change. Test: atest Change-Id: I94e9edc9794bd92356624f62423c8e79e7476f8b 
Virtualize a few one-line utilities with default returning false and
only override them with true in subclasses. No functionality change.

Test: atest
Change-Id: I94e9edc9794bd92356624f62423c8e79e7476f8b
Implement addUsers()/removeUsers() in derived classes 2021-03-23T03:41:59+00:00 Ken Chen cken@google.com 2021-03-22T03:37:17+00:00 c929e8aca3eb6a8fd05c9630c9776e751430648a The implementation of addUsers() and removeUsers() are different between virtual network, physical network, and others. Virtualize both functions in base class and override them in derived classes for specialization. Test: atest Change-Id: Ie3baeb404d2cd9513efb95857de53b4b3079be0b 
The implementation of addUsers() and removeUsers() are different between
virtual network, physical network, and others. Virtualize both functions
in base class and override them in derived classes for specialization.

Test: atest
Change-Id: Ie3baeb404d2cd9513efb95857de53b4b3079be0b
Move addUsers/removeUsers from VirtualNetwork to Network 2020-12-24T20:01:49+00:00 Ken Chen cken@google.com 2020-12-03T20:03:08+00:00 1a3a32728f506aaf71186b2dd3301ff765550c31 Move uid ranges code from sub class VirtualNetwork to super class Network. So they can be reused when we support uid ranges on physical network. No functionality change. Test: cd system/netd; atest Test: atest HostsideVpnTests Change-Id: I6a170264c82418ae1e625c0fc587cd091e56f9dd 
Move uid ranges code from sub class VirtualNetwork to super class
Network. So they can be reused when we support uid ranges on physical
network. No functionality change.

Test: cd system/netd; atest
Test: atest HostsideVpnTests
Change-Id: I6a170264c82418ae1e625c0fc587cd091e56f9dd
Move appliesToUser() from VirtualNetwork to Network 2020-12-08T23:55:03+00:00 Ken Chen cken@google.com 2020-12-03T16:08:54+00:00 d15bcfcd60943db076f997985ca39dcb6165b6f1 Make funtion generic for followed physical network use case. Test: atest Change-Id: I30f61815a2626068a99c4b4bd77bea8b2c16bd47 
Make funtion generic for followed physical network use case.

Test: atest
Change-Id: I30f61815a2626068a99c4b4bd77bea8b2c16bd47
Use C++17's [[nodiscard]] instead of WARN_UNUSED_RESULT 2019-08-21T06:59:41+00:00 Bernie Innocenti codewiz@google.com 2019-06-14T10:52:49+00:00 762dcf48a2fef596d677d9e8d6ec655d58303211 No functionality change. Also remove some header guards along the way. Test: m Change-Id: I1afdcaea95a3dd56f392c4e61d7670f43615792a 
No functionality change. Also remove some header guards along the way.

Test: m
Change-Id: I1afdcaea95a3dd56f392c4e61d7670f43615792a
Remove getHasDns() and VirtualNetwork.mHasDns 2018-12-18T11:17:10+00:00 cken cken@google.com 2018-12-05T08:26:59+00:00 67cd14ce46a4ff740d42aa444bc4e69215fe8d99 getHasDns() and VirtualNetwork.mHasDns are no more useful after commit aops/658122. Bug: 116539103 Test: system/netd/tests/runtests.sh pass Change-Id: Ica04984a954a9e89a5eb38a9b262775d686f8ed4 
getHasDns() and VirtualNetwork.mHasDns are no more useful after commit
aops/658122.

Bug: 116539103
Test: system/netd/tests/runtests.sh pass

Change-Id: Ica04984a954a9e89a5eb38a9b262775d686f8ed4
Put most of netd into the android::net namespace. 2017-02-14T03:46:43+00:00 Lorenzo Colitti lorenzo@google.com 2017-02-13T09:29:00+00:00 7035f228d17e925116b1b64a7c917b3196ab8818 Test: netd_{unit,integration}_test pass Test: bullhead builds, boots Bug: 34873832 Change-Id: I0a252328041b342f9c03cd08c11a69d452b045b3 
Test: netd_{unit,integration}_test pass
Test: bullhead builds, boots
Bug: 34873832
Change-Id: I0a252328041b342f9c03cd08c11a69d452b045b3
Kill sockets when a VPN comes up. 2016-04-14T07:56:11+00:00 Lorenzo Colitti lorenzo@google.com 2016-04-13T15:56:01+00:00 fff4bd31ff2bad0acfd8f2439eccf7df70e9695f 1. Change the SockDiag callback function to be a filter that returns a bool instead of a function that optionally kills a socket. All existing callbacks basically only existed to kill sockets under certain conditions, and making them return a boolean allows reusing the same callback function signature to filter sockets as well. 2. Add a new SockDiag method to kill sockets based on a UidRanges object (which contains a number of UID ranges) and a list of users to skip. 3. Add a new UIDRANGE mode to SockDiagTest to test the above. 4. When UID ranges are added or removed from the VPN, kill sockets in those UID ranges unless the socket UIDs are in mProtectableUsers and thus their creator might have set the protect bit on their mark. Short of actually being able to see the socket mark on each socket and basing our decision on that, this is the best we can do. Bug: 26976388 Change-Id: I53a30df3feb63254a6451a29fa6041c9b679f9bb 
1. Change the SockDiag callback function to be a filter that
   returns a bool instead of a function that optionally kills a
   socket. All existing callbacks basically only existed to kill
   sockets under certain conditions, and making them return a
   boolean allows reusing the same callback function signature
   to filter sockets as well.
2. Add a new SockDiag method to kill sockets based on a UidRanges
   object (which contains a number of UID ranges) and a list of
   users to skip.
3. Add a new UIDRANGE mode to SockDiagTest to test the above.
4. When UID ranges are added or removed from the VPN, kill
   sockets in those UID ranges unless the socket UIDs are in
   mProtectableUsers and thus their creator might have set the
   protect bit on their mark.  Short of actually being
   able to see the socket mark on each socket and basing our
   decision on that, this is the best we can do.

Bug: 26976388
Change-Id: I53a30df3feb63254a6451a29fa6041c9b679f9bb