| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
test
1. fix flaky test for TestIpfwdEnableDisableStatusForwarding
2. fix time unit error in binder_test, set retry default
interval as 50ms
3. refine naming in binder_test
Bug: 128533612
Test: built, flashed, booted
system/netd/tests/runtests.sh pass
Change-Id: Ia03d0c30b49cdd233b627cce8bd2f3f05548798e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Error paths (e.g. the one for setPosixSpawnAttrFlags/etc.) didn't
attempt to `free(args)`. Swapping to a vector neatly handles all of this
for us.
Caught by the static analyzer:
system/netd/server/TetherController.cpp:271:9: warning: Potential leak
of memory pointed to by 'args' [clang-analyzer-unix.Malloc]
Also caught by reviewers: we appear to leak a few FDs here in error
paths. This cleans those up, too.
Bug: None
Test: Ran the analyzer again. TreeHugger for functionality.
Change-Id: Ie53b3cdf4745aafa6f1e1284ccb7433ff345838e
|
| |
|
|
|
|
|
|
|
|
|
| |
Also correct usage of posix_spawn
Bug: 126128460
Test: built, flashed, booted
system/netd/tests/runtests.sh pass
manual test with remove dnsmasq, netd works fine
Change-Id: Id48c7bf9c02ea27d3a4602efa3913785c0d5c87f
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use vfork/posix_spawn instead of fork.
Fix test items:
netd_integration_test
TetherStartStopStatus
ClatdStartStop
Bug: 124363517
Test: built, flashed, booted
system/netd/tests/runtests.sh pass
manual test with remove dnsmasq/clatd, netd works fine
Change-Id: I43880bd8693112fab46a0931457ff468ae01b305
|
| |
|
|
|
| |
Test: tests/runtests.sh
Change-Id: If59480cee6460847f5c1cef17e3ef036b8e75651
|
| |
|
|
|
| |
Test: netd_unit_test, netd_integration_test, libnetd_resolv_test
Change-Id: Ibff2d6cc5dbf4fb09fcd1862be1b71be3b1d9f8e
|
| |
|
|
|
| |
Test: atest netd_unit_test netd_integration_test resolv_integration_test
Change-Id: I84347de8f3a3ec0dcc8979037b9c265d145a35f7
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need this to ensure that the tethering IPCs don't need to grab the
lock in two different controllers
The idea is that always having a global_alert rule in bw_global_alert
chain.
TetherController will enable/disable the reference of bw_global_alert
chain.
[childchain order of filter FORWARD chain]
Chain FORWARD
nm_mdmprxy_iface_pkt_fwder
oem_fwd
fw_FORWARD
bw_FORWARD
tetherctrl_FORWARD
--Simple rule comparison--
[Before]
Chain bw_FORWARD
Alert rule
... other rules
Chain tetherctrl_FORWARD
... other rules
[After]
Chain bw_FORWARD
No Alert rule
... other rules
Chain tetherctrl_FORWARD
Jump to bw_global_alert
... other rules
Chain bw_global_alert
Alert rule
The exact rule comparison is shown in the bug.
Bug:119735985
Test: built, flashed, booted
system/netd/tests/runtests.sh passes
Change-Id: Ibf752d0c8de9170689fc74c89c0424d2642853ec
|
| |
|
|
|
|
|
| |
Test: built, flashed, booted
system/netd/tests/runtests.sh passes
Change-Id: I14e80377bc1b7c08993c3cf8fbf2b6fd0f99f4ba
|
| |
|
|
|
|
|
| |
Test: built, flashed, booted
system/netd/tests/runtests.sh passes
Change-Id: I5f0888f6e44d383bc52af01888d095e62a670d70
|
| |
|
|
|
|
|
| |
No functionality changes, this is a cleanup.
Test: m netd_unit_test
Change-Id: I5c6667051b7b4b17171e6dcc6883f17db08eaa23
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable the conntrack helper for PPTP connections when tethering
is started.
Bug: 112066349
Test: as follows
- Boot device - Pass
- Start tethering - Pass
- Start PPTP on tethered host (USB) - Pass
- make -j64 netd_unit_test
adb shell /data/nativetest64/netd_unit_test/netd_unit_test
- Pass
Change-Id: I547f8b877661c137646b663429d29737678652bf
|
| |
|
|
|
|
|
|
|
|
|
| |
dnsmasq will not start DHCP if no --dhcp-range flag is set. Allow
tethering start command to be called without DHCP ranges, so dnsmasq can
be started without this flag.
Bug: b/109584964
Test: manual: flashed a build with no --dhcp-range flag
Change-Id: I109f64240690aef701deabd49120eab0aba0e8a8
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Enable conntrack helper for active FTP connections when
tethering is started.
Bug:69265432
CRs-fixed:2136660
Test: as follows
- Boot device - Pass
- Start tethering - Pass
- Start active FTP on tethered host (USB) - Pass
- Download file over FTP - Pass
- make -j64 netd_unit_test
adb shell /data/nativetest64/netd_unit_test/netd_unit_test - Pass
Change-Id: I5c812afe9602e80ea1c42d0cafba40fe6019a995
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fixes -Wzero-as-null-pointer-constant warning.
Test: m
Bug: 68236239
Change-Id: I226a0599db4f7c3557e55cade7869d00bd314949
|
| |/
|
|
|
|
|
|
| |
Test: as follows
- built, flashed, booted
- "adb shell dumpsys netd" shows logs
- tests/runtests.sh passes
Change-Id: I0e44da7f9a9cc53074ffc396b958e9e2dbcd2603
|
| |
|
|
|
|
| |
Bug: 65246407
Test: m netd && system/netd/tests/runtests.sh
Change-Id: I1d22b2bc317fe7218ccde78859ed0623d6a1f8df
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A side effect of disabling the ip forwarding sysconf on all
interfaces is to re-enable the ICMP redirects sysconf on all
interfaces.
This patch ensures that ICMP redirects stays turned off when disabling
ip forwarding in TetherController.
Accepting ICMP redirects can allow an attacker to inject malicious
routes into a host and it is therefore desirable to always reject them.
Bug: 62387578
Bug: 77541904
Test: manual
Change-Id: I1f9a950eebf2f65d047f33145feee40d3ab34bd9
|
| |/
|
|
|
|
|
|
|
|
|
| |
Test: as follows
- built, flashed, booted
- manual use of tethering
Bug: 31634369
Bug: 36988090
Bug: 64090733
Bug: 79956831
Change-Id: I27f572dab0e3ddbe4b7586363a0bd05a3e66403c
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
The current destructor is useless, and member initializers can be used.
Test: netd_unit_test passing.
Change-Id: I43d65ff5d4c5790e6322b769f111ec25fb97d767
|
| |/
|
|
|
|
| |
Bug: 78370064
Test: lunch aosp_walleye-userdebug && cd system/netd && mma
Change-Id: I495f7cdc3f2aab26947f10041fc559700367f2ea
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, when the first tethering interface pair is added, we
add MASQUERADE rules for the upstream and IPv6 counting rules.
Continue to add IPv6 counting rules when the first interface pair
is added, but change the code to add MASQUERADE rules every time
a new upstream is added.
This will allow us to support adding, say, v4-rmnet_data0 as an
upstream once we're already using rmnet_data0 as an upstream.
Bug: 38218697
Bug: 64382985
Bug: 64976379
Bug: 64995262
Bug: 64380515
Test: netd_unit_test passes, manual: IPv4 or 464xlat tethering works
Change-Id: I84078b2241214b3b993ccaf2e590406018df00ff
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
AID_DNS_TETHER from android_filesystem_config.h is found and made
"friendly" by fs_config_generator.py (strip off AID_ and lowercase).
Test: as follows
- built
- flashed
- booted
Bug: 29881876
Bug: 70673901
Change-Id: I3335a40dcd8c276421a9d663b7e66aef3a13b46b
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Test: as follows
- built
- flashed
- booted
- manually tested with tethering enabled
- verified nf_conntrack_tcp_be_liberal == 0 when not tethering
- verified nf_conntrack_tcp_be_liberal == 1 when tethering
Bug: 67760792
Change-Id: I336439ba0760346c7c038d36d0ebdc8dc4f698f5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TetherController::addForwardChainStats returns an error if it
doesn't find any tethering stats. This was fine when we were
still using CommandListener, which would not attempt to fetch
the stats if tethering was not enabled.
Instead of returning an error when no stats are found, return
an error only if the output was empty (implying that no headers
were found and thus the required rules do not exist). If the
output contains headers but no stats, don't return an error.
Returning an error was a necessity in the previous code because
it had no unit or integration tests, but such measures are not
necessary now that we have test coverage.
Fix: 65550883
Bug: 65369386
Test: bullhead builds, boots
Test: netd_{unit,integration}_test pass
Change-Id: Ie32f4d941dd52c8dc9ff09fde26cc97cedf96bc3
|
| |
|
|
|
|
|
|
| |
Bug: 32163131
Bug: 64995262
Test: netd_{unit,integration}_test pass
Test: tethering data usage UI reflects actual data usage
Change-Id: Icf5b66972d91e9e45e40d7b4989a15f970a78461
|
| |
|
|
|
|
|
|
| |
Bug: 32163131
Bug: 64995262
Test: netd_{unit,integration}_test pass
Test: tethering data usage UI reflects actual data usage
Change-Id: I1722f64cf775e73d71df997f6bae4820133e67bf
|
| |
|
|
|
|
|
| |
Bug: 32163131
Bug: 64995262
Test: netd_{unit,integration}_test pass
Change-Id: I9c7dfdaf6b823840b1691761930b53c30a4dcbc3
|
| |
|
|
|
|
|
|
| |
Bug: 32163131
Bug: 64995262
Test: bullhead builds and boots
Test: netd_{unit,integration}_test pass
Change-Id: Ifd20920713b2b5b9c22f4c829ef037bbac024505
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The framework does not use this filtering, so it's just
dead code. It also requires that NatController publicly
expose its list of interface pairs.
Also make the parsing code a bit stricter - for example, return
an error if any of the lines (except the headers) fail to parse.
Bug: 32163131
Bug: 64995262
Test: bullhead builds and boots
Test: netd_{unit,integration}_test pass
Test: output of "adb shell ndc bandwidth gettetherstats" looks correct
Change-Id: Ib7440f935809c59d8b48396764cc63eb95f509b4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes the entirety of NatController and relevant
parts of BandwidthController (specifically, getTetherStats
and its dependencies).
This will make the code easier to understand and allow netd to
privide a simpler API to the framework (e.g., by providing
higher-level methods that perform what today are multiple
operations from the framework's point of view).
It will also reduce duplication of state (e.g., interface pairs
kept by NatController partially overlap with downstream
interfaces kept by TetherController) and avoid dependencies
between controllers.
This CL makes no functional changes. The only code changes are
the ones necessary for compilation. Specifically:
- Move some methods into IptablesBaseTest.cpp so they can be
used from two test classes.
- Change TetherController::iptablesRestoreFunction to the
three-argument used by the erstwhile BandwidthController
tests.
Where appropriate, variable names have been changed, but strings
that actually appear on device, such as iptables rule names, are
left as is and will be changed in a future CL.
Bug: 32163131
Bug: 64995262
Test: bullhead builds, boots
Test: netd_{unit,integration}_test pass
Change-Id: Idc80bfd424ce011826305f84b1cc98e741698601
|
| |
|
|
|
|
|
|
|
|
| |
This allows us to configure dnsmasq to reply to DHCP requests and
DNS queries when a VPN is up.
Bug: 37778642
Test: bullhead builds and boots
Test: succesfully tethered when a VPN was connected
Change-Id: I7d5899f80fae856a52a2019550b155bccee2888a
|
| |
|
|
|
|
|
|
|
| |
Don't leak open file descriptors across execs to netd's children. This
can occur in the unlikely but theoretically possible event that one
thread is in writeToFile() and another thread happens to call exec().
Test: device boots with no obvious problems.
Change-Id: Iabd8eee46bf94d70894ca46e58484ccb8241513a
|
| |
|
|
|
|
|
|
| |
Bug: 30298058
(cherry picked from commit 59d8c48cee74679d2305c535ab61d4a6f8258c64)
Change-Id: I60929eecf4a890b9c23bf1ba1ba5273db3ccb493
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Including:
- set the interface for router mode (accept_ra = 0)
- reset the interface for client mode (accept_ra = 1)
- InterfaceController::setAcceptIPv6Ra()
- InterfaceController::setAcceptIPv6Dad()
- make InterfaceController static
- refactor for more modern C++ usage here and there
- sporadic style guide fixes
Bug: 9580643
(cherry picked from commit 2c5aaa1876db659556c2e9605beccc670e6b7c0d)
Change-Id: Ie5825ae3db19bbd8e03130d3bfd7815554214586
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit f1dfabed0a9b6ee9c37b64db3bbcb656281d4771.
The 3.4 kernel does not have SO_REUSEPORT functionality but the
headers #define it, so dnsmasq tries to use it and setsockopt
duly fails.
This is not a problem on 3.10 and later kernels, but reverting anyway.
Bug: 9580643
Bug: 26301652
Change-Id: I2322a80caa76ee4b7bb290f1665081b17d86fd43
|
| |\| |
|
| | |
| |
| |
| |
| | |
Bug: 9580643
Change-Id: I8c95c15970d6ed72dc44cec42c4eb78e18ed46ba
|
| |/
|
|
|
| |
Bug: 9580643
Change-Id: Id086ff9194097fc1e0ab8e2e58e6ff843303f051
|
| |
|
|
|
|
|
|
|
|
| |
Additionally, store and return a list of strings for
DNS forwarders, since that's what is most useful. These
strings are guaranteed to be valid IP string literals by
virtue of validation on input.
Bug: 9580643
Change-Id: I4fbaf19835055b12e38d585c0bfba0d2b18b9717
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Heretofore netd issued commands to dnsmasq over a stdin channel
using ":" as an argument separator. This make it very complicated
to issue commands that involve IPv6 addresses.
This changes the separator from ":" to "|".
Additionally:
- Pass DHCP range string literals through to startTethering(),
still performing string literal to IPv4 address validation.
Bug: 9580643
Change-Id: I210daf311a4c3d84dae3ed054b92c9fa399a791f
|
| |
|
|
|
|
|
|
| |
This reverts commit 4a0ab5ff4a87cfc4a987da99546b01e44875a2e5.
(cherry picked from commit 3e87c785434fdfed2fb00496cb391c411a426bdd)
Change-Id: I042f485f3cc84206766298853491ddd26dbba13f
|
| |
|
|
| |
Change-Id: Ieb26ec5fc333743b86d414ee558c978334647853
|
| |\
| |
| |
| | |
Change-Id: I2aa9721365e96c363648dd8e9e15718ed50e3c12
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Breaks internal master.
This reverts commit b67219a71d1d896bcb34c4a7a797824b88515b2c.
Change-Id: I43145f0724ad2d669b65d20b6fd6ccc44b8f0a4f
|
| |\ \
| |/
|/|
| | |
Change-Id: I51337014e2851f47dd5e183c4bfdf39bafa59942
|
