summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
7 dayskernel_test: use the new helpersHEADmastermainMaciej Żenczykowski
Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: If3efe7e5dc8907a524af35515551393d37f251b2
9 daysSupport allowing a UID to bypass VPNs only on a specific networkPatrick Rohr
Until now, allowProtect() protected the UID from a VPN no matter the network. In this scenario, in order to support CCT for CaptivePortal, Chrome would have to be granted the ability to protect itself from VPN no matter the network it is currently using. This change adds a netId to mProtectableUsers, so allowProtect() can either apply globally (using NETID_UNSET), a specific network, or both. UIDs that can protect their sockets on specific networks cannot protect their sockets from VPNs in general. They can only bypass VPNs when explicitly binding sockets to the specified network. Test: TH Change-Id: Ide7c3e76f28ce89a45673667c05b46f1e61d3f74
13 daysremove dead isFirewallEnabled()Maciej Żenczykowski
Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Idd49b3c4b37f82e314edfdbcf4365c1ffac2fc60
2024-04-15Merge "Delete disableBandwidthControl since it is never called" into mainMaciej Żenczykowski
2024-04-12Delete disableBandwidthControl since it is never calledPatrick Rohr
Test: TH Change-Id: Iaf33fb8e615effe9742089ab0c4ae0259e342227
2024-04-12Remove support for setSharedAlert / removeSharedAlertPatrick Rohr
This functionality is not called anywhere, so delete it. Test: TH Change-Id: I6c489bab6df7d7428ddab8a077e7e83e4a740d6f
2024-04-10Correct comment in IptablesRestoreControllerPatrick Rohr
Change-Id: I7967da755659e941ad714bcaf56d1ee82b886704 Test: none
2024-03-27kernel_test: skip min lts tests on gsiMaciej Żenczykowski
Doesn't make sense to run tests for vendor provided kernel version on GSI images, where vendor may well be ancient. Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I5f2fbf936e2324cc4641873664f9eca12f0aeecc
2024-03-15Stop using dead __STDC_FORMAT_MACROS macro.Elliott Hughes
None of our libcs need this any more. Change-Id: I7b3f5cb911fffe25dc47520570451ecf95a0a696
2024-03-15kernel_test: add TestRequireBpfUnprivDefaultOnMaciej Żenczykowski
Turns out this was always the case, and has always been required... Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I2f63d8ad9534997a4e9a68bc83f53ff180c21a31
2024-03-06Merge "netd: switch to requiring 'mainline_tethering_platform_components'" ↵Maciej Żenczykowski
into main am: 15d9b5c169 Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2983223 Change-Id: I0681b1ebfdd78fd22fa2fee1471ce1555e030d68 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-03-06Merge "netd: switch to requiring 'mainline_tethering_platform_components'" ↵Maciej Żenczykowski
into main
2024-03-04kernel_test: use GTEST_SKIP to show IGNORED am: 07d138926fMaciej Żenczykowski
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2986055 Change-Id: Icf908dde3190834f3d5ba06672344e598c0beae8 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-03-03kernel_test: use GTEST_SKIP to show IGNOREDMaciej Żenczykowski
On cf: 6.1.68-android14-11-ga7f647f49daf-ab11484633 x86_64 netd_integration_test ---------------------------- netd_integration_test64 (13 Tests) [1/13] KernelTest#TestRateLimitingSupport: PASSED (11ms) [2/13] KernelTest#TestBpfJitAlwaysOn: PASSED (0ms) [3/13] KernelTest#TestKernel64Bit: PASSED (0ms) [4/13] KernelTest#TestX86Kernel64Bit: PASSED (0ms) [5/13] KernelTest#TestKernel419: PASSED (0ms) [6/13] KernelTest#TestIsLTS: PASSED (0ms) [7/13] KernelTest#TestMinRequiredLTS_4_19: IGNORED (0ms) [8/13] KernelTest#TestMinRequiredLTS_5_4: IGNORED (0ms) [9/13] KernelTest#TestMinRequiredLTS_5_10: IGNORED (0ms) [10/13] KernelTest#TestMinRequiredLTS_5_15: IGNORED (0ms) [11/13] KernelTest#TestMinRequiredLTS_6_1: PASSED (0ms) [12/13] KernelTest#TestMinRequiredLTS_6_6: IGNORED (0ms) [13/13] KernelTest#TestSupportsCommonUsbEthernetDongles: PASSED (0ms) Summary (Test executed with 1 devices.) ------- x86_64 netd_integration_test: Passed: 8, Failed: 0, Ignored: 5, Assumption Failed: 0 All tests passed! Test: atest netd_integration_test:KernelTest Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I5520781dfa8fccd8b17cbf635565ef3491e4a003
2024-03-01kernel_test: enforce minimum LTS versions am: 653bbf03b8Maciej Żenczykowski
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2983131 Change-Id: Iba2c8a313e4722852936bfc5867d51baa14daee6 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-28netd: switch to requiring 'mainline_tethering_platform_components'Maciej Żenczykowski
Test: TreeHugger, manually on mokey-next-userdebug Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I1ddc3bafa9840b2588fc96254395a04b862cb442
2024-02-28kernel_test: enforce minimum LTS versionsMaciej Żenczykowski
(this is part of 'netd_integration_test' in VTS) see aosp/2970616 for reasoning: This is driven by the desire to correctly support - XFRM_MIGRATE, which requires 4.19.236+ 5.4.186+ 5.10.107+ 5.15.30+ see xfrm_tunnel_test.py:55 HasXfrmMigrateFixes() - IPV6 UDP ENCAP, which requires 5.10.108+ 5.15.31+ see xfrm_test.py:488 testIPv6UDPEncapRecvTransport() & testIPv6UDPEncapRecvTunnel() - ACCEPT_MIN_RA_LFT, which requires 5.10.199+ 5.15.136+ 6.1.57+ see multinetwork_base.py:61 HAVE_ACCEPT_RA_MIN_LFT Bug: 325828213 Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I2ac2795208be37dfe45e17f8293c1b5a0c103e30
2024-02-17VTS: kernel_test: require x86 kernels to be 64-bit am: b75cc34c0cMaciej Żenczykowski
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2966803 Change-Id: I8b2884f36579bae93718f40d44a6eda06cb44917 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-17VTS: kernel_test: require x86 kernels to be 64-bitMaciej Żenczykowski
We've got various issues with 32-bit x86 kernels: - XFRM netlink UAPI is inconsistent - there's some other (non-XFRM) netlink alignment/layout issues - complete lack of test coverage - eBPF ring buffers are not quite right (though it requires 5.8+) - likely many other problems (I recall having run into problems with iptables user vs kernel bitness in the past as well, though those might have been fixed) 32-bit x86 kernel on cuttlefish has been non-bootable for many many quarters (ran into it mid-way into the Android U dev cycle IFIRC) due to AFAIK kernel bugs. 32-bit x86 in upstream Linux is *barely* getting any love, is effectively on life support, and probably shouldn't be relied upon to be functional (especially wrt. security issues). AFAIK all (most?) Intel cpus have been 64-bit capable since around the Core 2 Duo era (ie. mid-2006) and AMD is quite likely even before that (since they came up with x86_64 architecture in the first place). Most other distributions are also dropping 32-bit kernel support. For example for Fedora, IFIRC, v27 was the last one that worked right on my Pentium III (we're now ~6 years later at v39). [although, yes, Fedora is usually ahead of the curve] It's entirely possible this won't actually affect anybody, though of course we'll see... In other words for *most* (if not all) x86 hardware out there it should be possible to build/boot a 64-bit kernel - even if you then run 32-bit userspace on top of that (like 32-bit cuttlefish does, including the 'man personality' games it plays to pretend to be 32-bit). NOTE: this does *not* require 64-bit userspace (yet), and doesn't affect ARM, where having a 32-bit kernel is far less problematic, due to there being less ABI differences between 32-bit and 64-bit (IFIRC a lot of the really hairy issues stem from subtle differences in 'long long' alignment inside of structs). See also comments in: //system/core/libsysutils/src/NetlinkEvent.cpp where we actually try to handle this correctly (but there's no tests for it, and who knows how many other places we've missed...) Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Ia6d3cb9f1e6f8687ac8cdda113c6283688313749
2024-02-14Merge "netd: Remove hardcoded PAGE_SIZE usage in netd_test" into main am: ↵Maciej Żenczykowski
42f17cf688 Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2959167 Change-Id: I40bcd6e2dde888a1788f707fb249bfd6020e0e4f Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-14Merge "netd: Remove hardcoded PAGE_SIZE usage in netd_test" into mainMaciej Żenczykowski
2024-02-13netd: Remove hardcoded PAGE_SIZE usage in netd_testVilas Bhat
Bug: 325083813 Test: atest netd_integration_test Change-Id: I92bf66b0c6decbc523775b6172a2593df9b10c7c
2024-02-13Respect HwTimeoutMultiplier in IptablesRestoreController am: 4a09f65b86Samuel Holland
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2769114 Change-Id: If4aa1d389f9561d27a643b722979d5e8f0adc71f Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-12Respect HwTimeoutMultiplier in IptablesRestoreControllerSamuel Holland
On slow hardware, iptables calls may take longer than 5 seconds. Provide a way to increase the timeout in these scenarios. Change-Id: I759f6de705fa81ccaa910738869f69875d88b4ca
2024-02-11Exempt test uids from the background chain am: 995728e151Suprabh Shukla
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2955915 Change-Id: I2b9f9d47ff67bc8a69bf409d9f1262d71d199374 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-10Exempt test uids from the background chainSuprabh Shukla
The test imitates applications by changing its uids while running. We exempt all of them so networking is not restricted and the tests are not impacted. Test: atest netd_integration_test Bug: 322562125 Change-Id: I8dd0cee7717ad58fb43622f5be799eed81dfd29f
2024-02-06Merge "Revert "Delete mdns from netd"" into main am: 901e5025b2Treehugger Robot
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2952325 Change-Id: I82536b8bb4d95b10e4cd44721cfb57975e7bc17d Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-06Merge "Revert "Delete mdns from netd"" into mainTreehugger Robot
2024-02-06Revert "Delete mdns from netd"Remi NGUYEN VAN
This reverts commit 351a46234247778a3ba31b7fd3a242cc501efbc3. Reason for revert: main is still used for U QPR, but this should be only removed in V Bug: 322305340 Bug: 322519244 Bug: 322519244 Change-Id: I0f1bd54e97b43a7eb7c366ae494cb4207d713888
2024-01-31[DON'T BLOCK] Test ownership migration rules am: f7e2afb662Aditya Choudhary
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2936380 Change-Id: I530fd275ab8982d80f39d70965f383e32bcd3037 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-01-30[DON'T BLOCK] Test ownership migration rulesAditya Choudhary
This CL is created as a best effort to migrate test targets to the new android ownership model. If you find incorrect or unnecessary attribution in this CL, please create a separate CL to fix that. For more details please refer to the link below, <add g3 doc link> Bug: 304529413 Test: N/A Change-Id: Ic35f74aa264f8361bbe824d239e5d902f530ce6a
2024-01-23Merge "Delete mdns from netd" into main am: 62fff44464Ken Chen
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2832090 Change-Id: I0b56174144394671ccf2367b90a76981d65261ff Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-01-23Merge "Delete mdns from netd" into mainKen Chen
2024-01-23Delete mdns from netdKen Chen
1. Stop starting MDnsService in netd. 2. Completely remove mdns code from netd. Bug: 298594687 Test: m && boot && presubmit Change-Id: I56c6cb57844cb954e687a5001edc1c86eb82b1b0
2024-01-12Add missing libc++ includes am: d4c1d7dacf am: e4385fd817 am: 694fd19f5cTomasz Wasilczyk
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2901905 Change-Id: I8d1f4109178b4a89ef489bd2d5c90f7e29c750ef Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-01-12Add missing libc++ includes am: d4c1d7dacf am: e4385fd817Tomasz Wasilczyk
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2901905 Change-Id: I6667d649ea59a68f7223b0755bb43c5a26b1f2da Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-01-12Add missing libc++ includes am: d4c1d7dacfTomasz Wasilczyk
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2901905 Change-Id: I5e59ef29e5bc04106dade6f7ea1b3274b840b2fc Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-01-09Add missing libc++ includesTomasz Wasilczyk
Bug: 175635923 Test: m MODULES-IN-system-netd Change-Id: Ic4345e7e9fe19f5d9b737559c9c2b338ad664dca
2024-01-04Merge "Fix IPV4/6 privacy leak" into main am: 681ef1d9c3 am: 533d180901 am: ↵Yuyang Huang
77fcc2194e Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2891931 Change-Id: I1d1fdd4eff08662d33705ca104d0aad07187a22e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-01-04Merge "Fix IPV4/6 privacy leak" into main am: 681ef1d9c3 am: 533d180901Yuyang Huang
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2891931 Change-Id: I3db95959a09c8c914071d3d201a07d23e83682a1 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-01-04Merge "Fix IPV4/6 privacy leak" into main am: 681ef1d9c3Yuyang Huang
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2891931 Change-Id: Iee842456b726bc2fafa9cbb58291d13dc5019b25 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-01-04Merge "Fix IPV4/6 privacy leak" into mainYuyang Huang
2024-01-04Fix IPV4/6 privacy leakZhatab Saifi
SockDiag is emitting IPV4/6 address in log lines. Android Privacy Best Practices are to not log any PII information in the logs. Remove the IPV4/6 address on user build. Change-Id: I8b82af73a60813be230a73002cee01831320884b
2023-12-28Return EX_SERVICE_SPECIFIC from MDnsService::startDaemon am: 570c65e41e am: ↵Ken Chen
67dba9f5cf am: fb400d90d3 Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2890639 Change-Id: Ica20b4062b4364249bc200f320f866914b54142b Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-28Return EX_SERVICE_SPECIFIC from MDnsService::startDaemon am: 570c65e41e am: ↵Ken Chen
67dba9f5cf Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2890639 Change-Id: Iffe04e7f6f579ad981a400f4d32ee7b13c18078c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-28Return EX_SERVICE_SPECIFIC from MDnsService::startDaemon am: 570c65e41eKen Chen
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2890639 Change-Id: I4e69d600a26f4dd953427e245567fc3b280d9e97 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-28Return EX_SERVICE_SPECIFIC from MDnsService::startDaemonKen Chen
The function should return EX_SERVICE_SPECIFIC when mdnsresponder is in running state. The EX_SERVICE_SPECIFIC is caught by MDnsManager. Bug: 317342400 Bug: 298594687 Test: atest CtsNetTestCasesMaxTargetSdk30 -- --abi x86_64 on aosp_cf_x86_64_phone-trunk_staging-userdebug Change-Id: Iab5991e9ae4d0ca32f7d7640f5d2256c03870a14
2023-12-12Add startDaemon and stopDaemon back in MDnsService am: b1e5977ca6 am: ↵Ken Chen
1703a8ab74 am: 74474b0ee5 Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2867838 Change-Id: I1ea5fcaa3b3972e80b7c85fa67955f191db07e5a Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-12Add startDaemon and stopDaemon back in MDnsService am: b1e5977ca6 am: 1703a8ab74Ken Chen
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2867838 Change-Id: Idefdb25190c6aa73c60855afe77be654bf24ed67 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-12Add startDaemon and stopDaemon back in MDnsService am: b1e5977ca6Ken Chen
Original change: https://android-review.googlesource.com/c/platform/system/netd/+/2867838 Change-Id: Id1badd1b69fd5e67014a97b9c9a33a4394621667 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-03 07:09:03 +0000