commit 38b7af1f2cb9579895465fabc37865f5dadcac25
author Sreeram Ramachandran <sreeram@google.com> Thu May 22 14:21:49 2014 -0700
committer Sreeram Ramachandran <sreeram@google.com> Thu May 29 18:34:06 2014 -0700
tree 9a01d8dcdbdd91d1813476aa5b2cbc756e17f932
parent ec00884cac216d1cb79556ca23b21ce55e35af3e

Support legacy routes added by apps via ensureRouteToHost().

This adds the routes to two fixed tables:
+ LEGACY, which has higher priority than other non-explicit lookup tables
  (per-network and default network).
+ PRIVILEGED_LEGACY, available only to system apps and has higher priority than
  VPNs (system apps are those with the CONNECTIVITY_INTERNAL permission).

This will be changed to per-UID tables once the kernel supports UID-based
routing, so that these legacy routes are scoped to each app and not global.

Also, fix a TODO: The framework (as of http://ag/471599) will not set the
gateway argument if it's actually a direct-connected route.

Change-Id: I0ee1ca89fdc859d75a89021ca8c1902811b1e4a9

server/NetworkController.cpp

diff --git a/server/NetworkController.cpp b/server/NetworkController.cpp
index 9504dc0..bf6383e 100644
--- a/server/NetworkController.cpp
+++ b/server/NetworkController.cpp
@@ -325,13 +325,13 @@
 }
 
 bool NetworkController::addRoute(unsigned netId, const char* interface, const char* destination,
-                                 const char* nexthop) {
-    return modifyRoute(netId, interface, destination, nexthop, true);
+                                 const char* nexthop, bool legacy, unsigned uid) {
+    return modifyRoute(netId, interface, destination, nexthop, true, legacy, uid);
 }
 
 bool NetworkController::removeRoute(unsigned netId, const char* interface, const char* destination,
-                                    const char* nexthop) {
-    return modifyRoute(netId, interface, destination, nexthop, false);
+                                    const char* nexthop, bool legacy, unsigned uid) {
+    return modifyRoute(netId, interface, destination, nexthop, false, legacy, uid);
 }
 
 bool NetworkController::isValidNetwork(unsigned netId) const {
@@ -344,7 +344,7 @@
 }
 
 bool NetworkController::modifyRoute(unsigned netId, const char* interface, const char* destination,
-                                    const char* nexthop, bool add) {
+                                    const char* nexthop, bool add, bool legacy, unsigned uid) {
     if (!isValidNetwork(netId)) {
         ALOGE("invalid netId %u", netId);
         return false;
@@ -355,8 +355,19 @@
         return false;
     }
 
-    return add ? mRouteController->addRoute(interface, destination, nexthop) :
-                 mRouteController->removeRoute(interface, destination, nexthop);
+    RouteController::TableType tableType;
+    if (legacy) {
+        if (mPermissionsController->getPermissionForUser(uid) & PERMISSION_CONNECTIVITY_INTERNAL) {
+            tableType = RouteController::PRIVILEGED_LEGACY;
+        } else {
+            tableType = RouteController::LEGACY;
+        }
+    } else {
+        tableType = RouteController::INTERFACE;
+    }
+
+    return add ? mRouteController->addRoute(interface, destination, nexthop, tableType, uid) :
+                 mRouteController->removeRoute(interface, destination, nexthop, tableType, uid);
 }
 
 NetworkController::UidEntry::UidEntry(int start, int end, unsigned netId, bool forward_dns)