• R/O
  • HTTP
  • SSH

system-netd: Liste der Commits


Rev. Zeit Autor
058d949 cm-14.1-x86 2019-10-22 15:52:34 Chih-Wei Huang

Merge remote-tracking branch 'lineage/cm-14.1' into cm-14.1-x86

5a4b045 2018-02-13 12:25:25 Chih-Wei Huang

Merge remote-tracking branch 'lineage/cm-14.1' into cm-14.1-x86


c5e8402 2017-11-16 05:44:30 Lorenzo Colitti

Invalidate dst caches when changing network permissions.

Bug: 64103722
Test: builds
Test: connected socket UDP traffic switches to wifi when cell goes into background
Change-Id: I22e618be40d61be6d5f56a6fc4e5a71e1606c2f8
Merged-In: I22e618be40d61be6d5f56a6fc4e5a71e1606c2f8
(cherry picked from commit 639696d77d19edb8298a21500b9fe1d101ec0b62)

402e75f 2017-11-16 05:42:47 Lorenzo Colitti

Don't allow seamless handover to networks requiring permissions.

Currently, implicitly-marked sockets continue to work when the
network changes permission. This makes it so that UDP sockets
connected on a foreground network will continue to work even if
the network moves into the background (e.g., when the linger
timer fires on cell data with mobile data always on).

Instead, make it so that sockets implicitly marked to a network
become unroutable when the network starts requiring permissions.
Explicitly-marked sockets will continue to be routed on the
network, as usual.

This is consistent with what we do for TCP: when a network
changes permissions, all implicitly-marked sockets on that
network are closed using SOCK_DESTROY.

This change should not affect any other behaviour because:

- Netd only ever implicitly marks sockets to the default network
or to a bypassable VPN that applies to the caller.
- In both cases, at the time of marking, the network does not
require permissions because:
- VPNs don't support permissions.
- The default network never requires any permissions:
- ConnectivityService's mDefaultRequest specifies
- The only case where a NOT_RESTRICTED network can require a
permission is if it's a background network, and the default
network is, by definition, never a background network.
- VPNs can't change permissions.
- If the network is still the default network, the lack of this
implicit rule doesn't matter.

Therefore, the only case where this rule can alter routing is if
a socket is implicitly marked on the default network and that
network, after ceasing to be the default, changes permissions.

Bug: 64103722
Test: builds
Test: manually observed IP rules while changing network permissions
Change-Id: I255a9d216c50aa47bb951be9bd6cce59a12c6165
Merged-In: I255a9d216c50aa47bb951be9bd6cce59a12c6165
(cherry picked from commit 050085a56162dff203979e8c62cb57449f5f7a26)

738fbfd 2017-10-26 05:42:48 meijjaa

Merge remote-tracking branch 'x86/nougat-x86' into cm-14.1-x86

eb1e84c nougat-x86 android-x86-7.1-r1 android-x86-7.1-r2 android-x86-7.1-r3 2017-08-10 10:48:06 Erik Kline

Only set protectFromVpn if explicitlySelected is also true.

When a secure VPN is up, setting protectFromVpn=1 and explicitlySelected=0
causes the probe routing lookups used by _have_ipv4 and _have_ipv6 to skip
the VPN rule, instead selecting the default network.

This means that the address families for which we query DNS records are
determined by the address families of the the default network, not those of
the VPN.

If explicitlySelected==true, setting protectFromVpn=true (if the app can
protect its sockets) results in querying the address families from the
specified network, which is correct.

Test: as follows
- built
- flashed
- booted
- runtest -x netd_integration_test.cpp passes
- testing per bug discussion
Bug: 37131664
Bug: 37347238
Change-Id: I7cf322a047494fd70c3c4d8862d53d6a6dac66de

d3e100d 2017-08-10 10:48:06 Lorenzo Colitti

Use new-style UID routing.

Kernel prebuilts for OC devices have been updated, so the legacy
attributes are not being used. Use the new attributes only. This
will ensure that devices aren't using the old code by mistake, as
any such devices will fail the VPN CTS tests.

(cherry picked from commit 882e467ff7b83de868fa0b9a9beb9036bf14aede)

Cherry-picking this to AOSP now that most external kernels have
been updated as well.

Bug: 16355602
Test: bullhead builds, boots
Test: netd_{unit,integration}_test pass
Test: has been running in internal master for several weeks.
Change-Id: I1c4e8c9281a843417a3a52294a1b7d3e6502bee6

fea3956 2017-08-10 10:48:06 Lorenzo Colitti

Set both legacy and new UID routing attributes.

This should work on kernels that support either, as long as they
are older than 4.8.

Test: netd_integration_test passes with updated iproute and kernel
Test: netd_integration_test passes with existing iproute and kernel
Test: ConnectivityManagerTest and HostsideVpnTests pass on existing kernel
Test: ConnectivityManagerTest and HostsideVpnTests pass on updated kernel
Bug: 16355602
Change-Id: I9a2ef08ba2782587f43ea7d0609f5f07f6c3adb0

b2d5c79 2017-07-27 01:09:07 Nalla Kartheek

SoftAp: Fix compilation in netd if LIBWPA_CLIENT_EXISTS undefined.

startSoftap has an additional parameter ifname which is used only when
LIBWPA_CLIENT_EXISTS was defined. This shall result into compilation
issues when LIBWPA_CLIENT_EXISTS undefined. Hence keep hostapd_unix_file
variable independent of flag LIBWPA_CLIENT_EXISTS

CRs-Fixed: 1098883
Change-Id: I5577fb171d2d62dbf4c7a9ba945378e0c17d11d4

17c1f5c 2017-04-05 23:19:24 Dan Pasanen

Android 7.1.2 Release 2 (N2G47E)


Merge tag 'android-7.1.2_r2' into cm-14.1

Android 7.1.2 Release 2 (N2G47E)

Change-Id: Ibe6b430b8fe7afbe371e492ee3c881f341a62e8f

2338bab 2017-01-19 08:17:00 Danesh M

NetD : Allow passing in interface names for wifi/data app restriction


Changes from original cm-13.0 patch:

*) Move wifi/cell data app restrict rules into their own chain
(instead of adding directly to INPUT/OUTPUT). Now they
are flushed during soft restart.

*) Introduce helper function manipulateRestrictAppsInOut() to
reduce code duplication and cleanup the asprintf() /
manipulateRestrictApps() call sequence.

Change-Id: Ie91f7f4a826047cd6bd0de9a4246285d90ed4c83
(cherry picked from commit 38e79bccd6091ea0b929183cc9d9167f41eb4a2c)

53123e3 2017-01-07 08:15:14 Steve Kondik

Revert "netd: Trap dns calls"

This reverts commit 6139b8420b95000774eca78a30e1b1d75db8f68d.

500eb87 2017-01-07 08:15:14 Chirayu Desai

SoftapController: Move startSoftap default arg to declaration

Fixes non QSAP SDK build after
commit 56adaf431dd9fbebf876cbd9ba1ecbc68425823e
"SoftapController: support for Fast Session Transfer"

Change-Id: I95928684b4018b9ef3e664728c655924099855a2

b03b281 2017-01-02 08:34:07 Steve Kondik

netd: Don't build the QSAP SDK on Nexii

* Unbreak tethering on Bullhead and friends.

Change-Id: I8021fbd98f08f5e3916a9ddcaacf56d188bceb9e

483afa4 2016-12-15 20:50:42 Hugo Benichi

DO NOT MERGE Add success/errno to connect() event reporting

Test: $ runtest -x system/netd/tests/netd_integration_test.cpp
Bug: 32198976

(cherry picked from commit 794c5c714a4d4cf169769ec956845a6fb24e7ebc)

Change-Id: I0a7990d7211d5355a48d941ee9659c16e38817ca

42772f9 2016-12-15 19:07:09 Linux Build Service Account

Merge 0f4e969926ab32df4a4602db0218da4caf4fb45e on remote branch

Change-Id: If2b67b31132fc9fc493cb53922da392f01ad050f

5e07140 2016-12-09 12:43:55 Hugo Benichi

DO NOT MERGE onConnectEvent does not report udp connects

Test: manual test + $ runtest -x system/netd/test/netd_integration_test.cpp
Bug: 32198976
Bug: 29748723
Change-Id: I476ada792092db80c8fb27cb40d5d7ea0f26de46

0f4e969 2016-12-08 05:59:41 Lalit Kansara

Compilation fix: N-MR1 merge.

Change-Id: I575f541d9f578fb3608a1ce1ca001a5479207f56

b38b2ce 2016-12-08 03:54:07 Naveen Kumar

Merge N-MR1 to remote branch.

Change-Id: I69bd3dd4892b3d6ddf94c923af9df402d3e190a4

9ee614a 2016-12-07 06:49:56 Linux Build Service Account

Merge c1d402e393aafbeece086766be3be1bb7183d9af on remote branch

Change-Id: Ib836e36a27c8a9f784c1515a9ae9109a20e96974

0f1259e 2016-12-06 18:45:03 Lalit Kansara

Merge commit '1f28b6403effcbf8a2c6fd35a7b1474b60bc0463' into remote


Change-Id: I55ba1d27b52197c3c37f9ad148d51c677439f711

6f8bade 2016-12-06 16:55:47 Linux Build Service Account

Merge 970d4a958e7fc0f05a5f5f3dbf1cf68d34278c12 on remote branch

Change-Id: I17f7743d81f8b3f0d282ff36894fa0599a3cd541

c1d402e 2016-12-03 04:08:22 Linux Build Service Account

Promotion of android-framework.lnx.2.0.c1-00011.

CRs Change ID Subject
1090712 I7f71b2dfa1285a6f85e444ab15e14b63b1fe8be3 SoftAp: Try to connect hoastapd on correct interface

Change-Id: Iebd30f3a5b75d2669c9a46fe92c70bd69c78b437
CRs-Fixed: 1090712

9b794ac 2016-12-03 03:01:20 Michal Karpinski

DO NOT MERGE Comment out tests/benchmarks/ on nyc-mr2-dev

netd benchmark can't build on nyc-mr2-dev, because google-benchmark project is out of date
and won't be backported, and thus the content of this file is commented out to disable it.
In order to run netd benchmark locally you can uncomment the content of this file and follow
instructions in ag/1673408 (checkout that commit and build external/google-benchmark and
system/netd locally and then run the benchmark locally)

Bug: 29748723
Change-Id: Iaa101f79f1b6b20fa856b7bf8ca95c55abe05f05

d0620ca 2016-12-03 02:26:57 Michal Karpinski

DO NOT MERGE Fix use-after-free of mClient member DnsProxyListener::GetHostByNameHandler::run().

Found by ASan.

Test: Flash ASan build, boot up and verify that system/netd does not
crash with AddressSanitizer induced errors.

Bug: 32810214
Bug: 29748723

(cherry picked from commit f8bb7ecc72e7a18ff5528613f79316634e8f6885)

Change-Id: I8814756588b2bb4c78583a829e08d33305797642

69e82f1 2016-12-03 02:26:12 Michal Karpinski

DO NOT MERGE Add null check for hp in DnsProxyListener::GetHostByNameHandler

Bug: 32399924
Bug: 29748723
Test: runtest -x netd_integration_test.cpp

(cherry picked from commit 7a8a601190f948f18b1cc8c043f3a265c1ed183e)

Change-Id: I8e47c2461dc7e8bf34128a2d56ba936e2535c262

eced78e 2016-12-03 02:23:18 Michal Karpinski

DO NOT MERGE Add connect event reporting

Adds reporting of connect events including netId, destination IP address,
destination port, uid and connect latency.

Also enables the relevant tests in the connect_benchmark.

Currently ignores the new data it receives, further work will be
done in the subsequent CLs.

Test: for now just the benchmarking, in the future CTS

Bug: 29748723

(cherry picked from commit 4b9b78aa02336de9291e5085401cef44c03c3bba)

Change-Id: I3ec05db3a9b914af38307282ede3f3439716b1ef

d1da1b8 2016-12-03 02:22:28 Michal Karpinski

DO NOT MERGE Fixing the netd benchmark

Bug: 29748723

(cherry picked from commit fe7f72b4709c2b735287d817b6f1277e2f40b11c)

Change-Id: I3de12cab6d93a1ec928d47c7b3656eac99a91fb6

fa5d873 2016-12-03 02:20:17 Michal Karpinski

DO NOT MERGE Extending DNS event reporting

This adds hostname, array of addresses, total count of IP addresses
and uid to the existing pipeline.
Currently ignores the new data it receives, further work will be
done in the subsequent CLs.

Test: for now just the benchmarking, in the future CTS

Bug: 29748723

(cherry picked from commit 36deff74215db202db9e29aa7ff1375ae5f2bc5d)

Change-Id: I16d690052fb01fc6d2bc3a57d4550f22236cd0fa

2169f5a 2016-12-03 01:11:19 Robin Lee

DO NOT MERGE Remove "if (auto ret = " treated as unused by some compilers

It's not good form to have a variable that's created and used only once
in the same line anyway, so the compilers that flag it are probably in
the right.

Test: netd_benchmark
Bug: 29748723

(cherry picked from commit e65244b5a149fc8be8063ee0872f31b829bfa020)

Change-Id: I80b8c321087947c08d5d5b9cb6ca7b4987b2ac77

Show on old repository browser