summaryrefslogtreecommitdiff
path: root/server/IptablesRestoreControllerTest.cpp
Commit message (Collapse)AuthorAgeFilesLines
* [NETD-TC#6] Clean up the dependency between FirewallController andwaynema2021-12-021-2/+3
| | | | | | | | TrafficController. Test: m; flash; boot Test: atest FirewallControllerTest TrafficControllerTest Change-Id: I0a8f3f2e9c1f4510021570e7894a56e4998f3ede
* Increase TestCommandTimeout timeout.Evgenii Stepanov2021-05-211-1/+1
| | | | | | | | | | | | This is a speculative fix for flaky failures on HWASan builds. I can not reproduce the problem locally. This slows down the test by ~400ms. Bug: 181603044 Test: netd_unit_test IptablesRestoreControllerTest.TestCommandTimeout Change-Id: I0a6494e3cdcd5689e68a54945a4b0acc3d0e5721
* Deflake IptablesRestoreControllerTest.TestMemoryLeak.Evgenii Stepanov2021-05-031-9/+9
| | | | | | | | | | | * Increase the acceptable number of pages. With the current setting, the test fails in ~1% runs. * Perform calculations in a signed type to handle the (rare) case when RSS goes down for whatever reason. Bug: 162925719 Test: IptablesRestoreControllerTest.TestMemoryLeak Change-Id: I2d3f3333feabb49d9ed19651d7339a1f275010ea
* Add a test for a memory leak in iptables-restore.Lorenzo Colitti2020-09-181-7/+88
| | | | | | | Bug: 162925719 Bug: 168688680 Test: test-only change Change-Id: Idfa6104594d1e5c784d9437955f66bd37701065e
* [netd] fix deprecation warningNick Desaulniers2019-10-111-3/+1
| | | | | | | | | | | | | | Fixes: //system/netd/server:netd_unit_test clang-tidy IptablesRestoreControllerTest.cpp /android0/aosp/system/netd/server/IptablesRestoreControllerTest.cpp:58:15: warning: Google Test APIs named with 'case' are deprecated; use equivalent APIs named with 'suite' [google-upgrade-googletest-case] static void SetUpTestCase() { ^~~~~~~~~~~~~ SetUpTestSuite Test: mm Change-Id: Idfbc436cf15a96879165266edc51a5d6f45bd1c6
* Remove floating-point time functions from StopWatchBernie Innocenti2019-05-291-6/+8
| | | | | | | | | | Converting time units between floating-point milliseconds to integral micros and floating-point seconds is error prone and leads to subtle rounding bugs. Thus, consolidate all callers on microseconds and delete the older methods. Test: cd system/netd && atest . Change-Id: Ief6ad4dbd21f442bfd65e78d49548677f3172a53
* Move Stopwatch to libnetdutilsMike Yu2019-04-031-2/+3
| | | | | | | | | | Move Stopwatch to libnetdutils as it is an useful utility across netd and the resolver library. Bug: 128662167 Test: system/netd/tests/runtests.sh passed Change-Id: Iebaffc66202fbe3a787ca645847762af1ed94bd7
* Merge all uid owner match map into oneChenbo Feng2018-08-061-3/+0
| | | | | | | | | | | | | | | The bpf maps used for storing the uid owner match information are using the same key value pairs and the duplication can be reduced by using one single value to store all the match information for a given uid and use a configuration map to store the chain that is currently enabled. This migration can save some kernel memory space and simplify the owner match process. Bug: 79781072 Test: netd_unit_test, com.android.cts.net.HostsideRestrictBackgroundNetworkTests Change-Id: I9658321e9d4a87eaa724231d33a474113dd75019
* netd: Enable clang-tidy and fix all warningsBernie Innocenti2018-06-071-2/+2
| | | | | | Bug: 65246407 Test: m netd && system/netd/tests/runtests.sh Change-Id: I1d22b2bc317fe7218ccde78859ed0623d6a1f8df
* Rename <cutils/log.h> to <log/log.h>Logan Chien2018-04-231-1/+1
| | | | | | Bug: 78370064 Test: lunch aosp_walleye-userdebug && cd system/netd && mma Change-Id: I495f7cdc3f2aab26947f10041fc559700367f2ea
* Add xt_owner module support in trafficControllerChenbo Feng2018-04-121-2/+9
| | | | | | | | | | Add bpf maps for recording rules about socket owner uid filtering. Modified the bpf program so that packets with uid listed in the the uidOwnerMap will get handled according to userspace settings Test: bpf program can be loaded and attached when boot Bug: 72381727 30950746 Change-Id: I39497334fcb5e200dbf07a0046b85c227d59e2d7
* Delete all remaining callers of iptables.Lorenzo Colitti2017-08-191-10/+0
| | | | | | | | | | Also move to binder_test.cpp some string constants that are used only there. Bug: 28362720 Test: bullhead builds,boots Test: netd_{unit,integration}_test pass Change-Id: I9eee599aafa696cbf3a1f65c3814a33ed99d65fc
* Test for races in IptablesRestoreController::Init.Lorenzo Colitti2017-08-141-0/+34
| | | | | | | Bug: 28362720 Test: angler builds, boots Test: netd_{unit,integration}_test pass Change-Id: I73ed28c7e7edaeb65a3b346b89ec69f472fd5974
* Use IptablesRestoreController for UID rule updates.Lorenzo Colitti2017-04-251-0/+31
| | | | | | | | | Bug: 32073253 Test: netd_{unit,integration}_test passes Test: bullhead builds, boots Test: fw_powersave chain correctly updated when updating battery optimization whitelist Test: fw_powersave chain correctly updated when bringing apps into foreground Change-Id: I964b7664718f353057047c66e69351169b5cf453
* Block SIGPIPE in IptablesRestoreControllerTest.Lorenzo Colitti2017-04-031-0/+4
| | | | | | | | Otherwise, testRestartOnMalformedCommand fails most of the time on sailfish. Test: netd_unit_test no longer crashes Change-Id: I546950cd3f4cbaed358020f25a27b70702566e54
* Update test code to match new iptables behaviour.Lorenzo Colitti2017-03-221-13/+16
| | | | | | | | | | | | | iptables is changing the locking code from binding to an abstract UNIX socket to calling flock() on a real file. Update test code that acquires the iptables lock. Also, make said code more robust by retrying up to 10 times if the lock is held. This should make the test less flaky. Bug: 36108349 Test: IptablesRestoreControllerTest passes with new iptables Change-Id: I1d1d454d78382e76d178c4ef43f2c40a46f81f62
* Improve iptables timeout behaviour.Lorenzo Colitti2017-03-011-21/+91
| | | | | | | | | | | | | | | | | | | | | | | 1. Increase the default timeout from 1s to 5s. This is necessary for as long as our version of iptables sleeps for 1 second at a time while the iptables lock is contended. 2. When a timeout occurs, kill the process to ensure that if it recovers, any output is not returned to subsequent commands. Add corresponding unit tests. While I'm at it: - Ensure that iptables commands that take an output string clear the output string before appending to it. Otherwise, callers that passed the same output string object to two separate iptables commands would think the second command returned both outputs. This does not affect any existing callers. - Delete some unused code. Bug: 35634318 Test: netd_{unit,integration}_test pass Change-Id: Ife3dfd328ea82f2e93fb903fcf3660a13078b7b5
* Support reading output from IptablesRestoreController.Lorenzo Colitti2017-02-101-7/+58
| | | | | | | | | | | | | | | | Add the ability to IptablesRestoreController to return the output of a command. This is useful to run commands that list chains or return counters through the ip[6]tables-restore. Also enable unsigned-integer-overflow sanitization the unit tests because their behaviour should be representative of actual code. Having address sanitization enabled would have saved a fair amount of time debugging an on-device abort() that did not affect the tests. Test: new unit test passes Bug: 32323979 Change-Id: I70726ebbade0cb792aba38787c57378df177f2d8
* More robust handling of iptables-restore process terminationLorenzo Colitti2017-02-091-13/+80
| | | | | | | Bug: 32323979 Test: unit tests pass Test: bullhead builds and boots Change-Id: Ib3ea4221b1b2025a0a236f2607db29e1cd30ffa9
* netd: Use a persistent iptables[6]-restore processNarayan Kamath2017-01-231-0/+46
iptables-restore and ip[6]tables-restore are forked on demand whenever we need them, and their stdin/out/err are replaced by pipes to the parent process. All commands are sent via the stdin pipe. We also add SIGCHLD handling so that we can detect error conditions and restart the process whenever required. Bug: 32323979 Test: Manual Test: netd_unit_test, netd_integration_test Change-Id: Ia12ee01f8b45e5b8a699c27eea1b6b55d40f16b5
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-20 04:25:36 +0000