Android's clat is for reaching the internet, which in general
never has an ipv4 L3 mtu higher than 1500.

(We could probably hit this on a jumboframe enabled IPv6-only
wifi network [ http://b/292057969#comment18

 ] where RA claims
MTU of 9K [9170])

Bug: 292057969
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I7a32455571458b8a3f1121ad980d54323b2ef06b

* changes:
  Use carrier service changed callbacks when flag is on
  Delete slots as the listeners are unregistered.
  Have a full class (not inline) for privilege listener
  Update the carrier service UID when onCarrierServiceChanged
  Pass the modem count to registerCarrierPrivilegeListeners
  Reorder add/remove/register/unregister carrier listeners

Network tracing was only available on userdebug and eng builds. This
change makes it available on all build types behind a flag.

Bug: 298197881
Test: flash & trace, toggle flag on/off
Change-Id: I75d854aee74adf7e23f7a970b20233790f9b0354

Merge "Add NetworkStackModuleTest exclusion for ConnectivityCoverageTests in TEST_MAPPING." into main

Test: FrameworksNetTests
      Note that carrierPrivilegeAuthenticatorTest is already
      an @Parameterized test with flag = on and off, so it
      already tests both.
Change-Id: I52fcfd3f21a13d7a39952ba828464ce6ef4085c2

For the current code this is a no-op because the new
slots are always computed immediately in the same
critical section.

When the code uses callbacks for the carrier service UID
though, there will no longer be a time where the entire
array is reset. Instead, registering the callback will
immediately trigger the call that populates it again,
which means the value needs to be removed when a SIM
card is removed. Unregistering the callback is a good
time to do this.

Test: CarrierPrivilegeAuthenticatorTest
Change-Id: I6de4abdc57ffa455d7f8e4d35f5dd1e18937e94e

Test: CarrierPrivilegeAuthenticatorTest
Change-Id: I1e8944de203767edf036da3fe77171025e72fcb7

Tests show that when the carrier service package changes, sometimes
neither onCarrierPrivilegesChanged is called nor the
ACTION_MULTI_SIM_CONFIG_CHANGED broadcast is sent.
Because updating synchronously can be done at any time, it's a
strict improvement to also do it onCarrierServiceChanged.

Test: CarrierPrivilegeAuthenticatorTest
Change-Id: I9525bfe074dd686720d50e19be15529b248e9dbb

This is clearer and less dangerous locking-wise

Test: FrameworksNetTests
Change-Id: Ife09fef848144e74ddb02aba3594913899bc9f46

Helper methods in the middle of the class make it harder
and more confusing. This patch moves the helpers out of
the way and regroups the useful methods in a more logical
order.

Test: FrameworkNetTests
Change-Id: I386ef7140c0535c9817a663910c19afeaf70981b

Test: comment-only change
Change-Id: I788f6e9f5fdd913d4c5077b6bb82c19664d3cd3f

* changes:
  Move the MULTI_SIM_ACTION receiver inline
  Inline registerForCarrierChanges
  Make mThread a local
  Introduce a flag for using the carrier service changed callbacks.
  Have DevSdkIgnoreRunner support @Parameterized parameters

testTetherZeroLengthDhcpPacket requires to install both Tethering
and NetworkStack modules, add NetworkStackModuleTest annotation for
ConnectivityCoverageTests running as presubmit to exclude the
testTetherZeroLengthDhcpPacket from presubmit.

Bug: 287798985
Test: TH
Change-Id: I2e21e2623b181e678189ca7758210be1b5409ae7

https://android-developers.googleblog.com/2022/09/optimize-for-android-go-lessons-from-google-apps-part-1.html



Year   Android   MinRAM
2017   8/O       512 MB
2018   9/P       512 MB
2019   10/Q      512 MB
2020   11/R      1 GB
2021   12/S      1 GB
2022   13/T      2 GB

More than 4GB (and really even ~3..3.5 GB) of ram basically
requires a 64-bit kernel, as no one wants to deal with
debugging PAE kernel complexities.

Devices newly launching on 2023's Android 14/U must use
a 64-bit kernel.  5.15 LTS is highest supported by T.
Hence 5.16+ must be a 64-bit kernel.
(see vts_kernel_isa_test.cpp)

Note:

This change doesn't take effect until 2024's Android 15/V,
and only then on the latest 6.~6 LTS, which will only be used
with the latest SoCs, and will thus only affect the latest
and thus premium devices (which likely have 10+ GB).
By the time these 6.6 using SoCs reach lower end devices,
it'll be 2026 or later, at which point I expect even
low end devices will have 4+GB.

Additionally note that technically this only affects
mainline using devices.  Non mainline usecases can
be customized (ie. for example this change reverted)
by oems/vendors however they wish.  Although we
won't be providing support (but considering the
existing state of 32-bit testing, that's already
pretty much the case).

Test: TreeHugger
Bug: 163141236
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I64f5db5a440465f0b48368815fea3029619a9681

sepolicy gates RTM_GETNEIGH{TBL} with a new permission nlmsg_getneigh
and block access from untrusted_apps, but NetworkStackCoverageTests
uses the same UID with NetworkStack module, so it still has the
permission to send RTM_GETNEIGH(context: u:r:network_stack:s0<00>),
which causes the test always fails. Add the same assumeFalse check
for tests with network_stack context.

Bug: 283346574
Test: atest NetworkStackCoverageTests
Change-Id: Iaf652841bb9868783c924aa22fdf0c4f07e1e391

Bug: 235590615
Bug: 235907076
Bug: 286003437
Test: TreeHugger, m droid gpuservice_unittest libtimeinstate_test bpf_benchmark bpf_module_test libbpf_load_test && mma
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I020a898fe8b257040a100f146654d4a04b19f843

This will be easier to read when this behavior is diverted
based on a flag

Test: FrameworksNetTests
Change-Id: Ifd7abd8ad82cb8307b1cd8535ac5fa82004404e6

This method is only called once in system ready and is better
inlined. This will also make followups clearer where they
start using callbacks to listen to service package updates
based on a flag.

Test: CarrierPrivilegeAuthenticatorTest
Change-Id: I39cab8ff1c71a8ba0db6d189d8a248013764b18e

Small cleanup

Test: CarrierPrivilegeAuthenticatorTest
Change-Id: I6b3270d60d67c227bcb9f9a75a47abddd08bf474

Test: CarrierPrivilegeAuthenticatorTest
Change-Id: Ia28c6abca67866c1de953cb61953a0d2882cd7e2

Test: aosp/2405723 uses this, TH is happy with existing tests
Change-Id: If47d7e239d8483716fb78a97bbc2da4e24731209

Change-Id: I7912bf91841a4260d0a1eec022a6a832b312321d

Change-Id: Iad7d1818d1959024d5fd1fc8810d2b7ce0f06e40

This reverts commit cbe17558.

Reason for revert: we found the culprit for the flakiness and b/272147742 is fixed.

Change-Id: I672c42bb57184393588666b6196f3a316f8c99c7

If the flag value is unset or 0, isFeatureEnabled return false and
isFeatureNotChickenedOut return true.
If the flag value is -1 (force disable), both return false.
If the flag value is other values, both query the package version and
return `flagValue <= packageVersion`

Now the only difference is a default behavior when the flag is not set
or 0.
So isFeatureEnabled and isFeatureNotChickenedOut can use the same flag.

This CL also fixes the issue in rollback.
Before this CL, isFeatureNotChickenedOut did not check the module
version and could have a issue if there is a rollback.

Test: NetworkStaticLibsTests
Bug: 279108992
Change-Id: I12d6ebadff3aee7b7c614aca4eb0a34ef0db9857

Do not avoid captive portal on wear proxy network; keep network agent
after detecting portal.

Bug: 291112432
Test: atest FrameworksNetTests:android.net.connectivity.com.android.server.ConnectivityServiceTest
Change-Id: I8f6669da62ebd76b6a46d2aec9b3ea563a08cb5e