Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 33d8e5cc07531c566c0b237fea3a067638147d3c / . / services / core / java / com / android / server / NetworkManagementService.java
blob: 8f646e75862c1c13f6641752d43f119824fc619c [file] [log] [blame]
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1/*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server;
18
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]19import static android.Manifest.permission.CONNECTIVITY_INTERNAL;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]20import static android.Manifest.permission.DUMP;
Sehee Parka9139bc2017-12-22 13:54:05 +0900[diff] [blame]21import static android.Manifest.permission.NETWORK_SETTINGS;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]22import static android.Manifest.permission.NETWORK_STACK;
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]23import static android.Manifest.permission.SHUTDOWN;
Erik Kline4d092232017-10-30 15:29:44 +0900[diff] [blame]24import static android.net.ConnectivityManager.PRIVATE_DNS_DEFAULT_MODE;
25import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_OPPORTUNISTIC;
26import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_PROVIDER_HOSTNAME;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]27import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE;
28import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE;
29import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]30import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]31import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_STANDBY;
32import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]33import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]34import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_STANDBY;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]35import static android.net.NetworkPolicyManager.FIREWALL_RULE_ALLOW;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]36import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]37import static android.net.NetworkPolicyManager.FIREWALL_RULE_DENY;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]38import static android.net.NetworkPolicyManager.FIREWALL_TYPE_BLACKLIST;
39import static android.net.NetworkPolicyManager.FIREWALL_TYPE_WHITELIST;
Jeff Sharkeyb5d55e32011-08-10 17:53:27 -0700[diff] [blame]40import static android.net.NetworkStats.SET_DEFAULT;
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]41import static android.net.NetworkStats.STATS_PER_UID;
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]42import static android.net.NetworkStats.TAG_ALL;
Jeff Sharkey1b5a2a92011-06-18 18:34:16 -0700[diff] [blame]43import static android.net.NetworkStats.TAG_NONE;
44import static android.net.NetworkStats.UID_ALL;
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]45import static android.net.TrafficStats.UID_TETHERING;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]46import static com.android.server.NetworkManagementService.NetdResponseCode.ClatdStatusResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]47import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceGetCfgResult;
48import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]49import static com.android.server.NetworkManagementService.NetdResponseCode.IpFwdStatusResult;
50import static com.android.server.NetworkManagementService.NetdResponseCode.TetherDnsFwdTgtListResult;
51import static com.android.server.NetworkManagementService.NetdResponseCode.TetherInterfaceListResult;
52import static com.android.server.NetworkManagementService.NetdResponseCode.TetherStatusResult;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]53import static com.android.server.NetworkManagementService.NetdResponseCode.TetheringStatsListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]54import static com.android.server.NetworkManagementService.NetdResponseCode.TtyListResult;
Jeff Sharkeya63ba592011-07-19 23:47:12 -0700[diff] [blame]55import static com.android.server.NetworkManagementSocketTagger.PROP_QTAGUID_ENABLED;
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]56
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]57import android.annotation.NonNull;
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]58import android.app.ActivityManager;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]59import android.content.ContentResolver;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]60import android.content.Context;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]61import android.net.ConnectivityManager;
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]62import android.net.INetd;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]63import android.net.INetworkManagementEventObserver;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]64import android.net.ITetheringStatsProvider;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]65import android.net.InterfaceConfiguration;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]66import android.net.IpPrefix;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]67import android.net.LinkAddress;
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]68import android.net.Network;
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]69import android.net.NetworkPolicyManager;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]70import android.net.NetworkStats;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]71import android.net.NetworkUtils;
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]72import android.net.RouteInfo;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]73import android.net.UidRange;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]74import android.net.util.NetdService;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]75import android.net.wifi.WifiConfiguration;
76import android.net.wifi.WifiConfiguration.KeyMgmt;
Dianne Hackborn91268cf2013-06-13 19:06:50 -0700[diff] [blame]77import android.os.BatteryStats;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]78import android.os.Binder;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]79import android.os.Handler;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]80import android.os.IBinder;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]81import android.os.INetworkActivityListener;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]82import android.os.INetworkManagementService;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]83import android.os.PersistableBundle;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]84import android.os.PowerManager;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]85import android.os.Process;
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]86import android.os.RemoteCallbackList;
87import android.os.RemoteException;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]88import android.os.ServiceManager;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]89import android.os.ServiceSpecificException;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]90import android.os.StrictMode;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]91import android.os.SystemClock;
Marco Nelissen62dbb222010-02-18 10:56:30 -0800[diff] [blame]92import android.os.SystemProperties;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]93import android.os.Trace;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]94import android.provider.Settings;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]95import android.telephony.DataConnectionRealTimeInfo;
96import android.telephony.PhoneStateListener;
Wink Savillefb40dd42014-06-12 17:02:31 -0700[diff] [blame]97import android.telephony.SubscriptionManager;
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]98import android.telephony.TelephonyManager;
Erik Kline4d092232017-10-30 15:29:44 +0900[diff] [blame]99import android.text.TextUtils;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]100import android.util.Log;
Joe Onorato8a9b2202010-02-26 18:56:32 -0800[diff] [blame]101import android.util.Slog;
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]102import android.util.SparseBooleanArray;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]103import android.util.SparseIntArray;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]104
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]105import com.android.internal.annotations.GuardedBy;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]106import com.android.internal.annotations.VisibleForTesting;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]107import com.android.internal.app.IBatteryStats;
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]108import com.android.internal.net.NetworkStatsFactory;
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]109import com.android.internal.util.DumpUtils;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]110import com.android.internal.util.HexDump;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]111import com.android.internal.util.Preconditions;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]112import com.android.server.NativeDaemonConnector.Command;
Jeff Sharkey56cd6462013-06-07 15:09:15 -0700[diff] [blame]113import com.android.server.NativeDaemonConnector.SensitiveArg;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]114import com.google.android.collect.Maps;
Jeff Sharkey4414cea2011-06-24 17:05:24 -0700[diff] [blame]115
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]116import java.io.BufferedReader;
117import java.io.DataInputStream;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]118import java.io.File;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]119import java.io.FileDescriptor;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]120import java.io.FileInputStream;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]121import java.io.IOException;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]122import java.io.InputStreamReader;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]123import java.io.PrintWriter;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]124import java.net.InetAddress;
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]125import java.net.InterfaceAddress;
126import java.net.NetworkInterface;
127import java.net.SocketException;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]128import java.util.ArrayList;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]129import java.util.Arrays;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]130import java.util.HashMap;
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]131import java.util.List;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]132import java.util.Map;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]133import java.util.NoSuchElementException;
134import java.util.StringTokenizer;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]135import java.util.concurrent.CountDownLatch;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]136
137/**
138 * @hide
139 */
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]140public class NetworkManagementService extends INetworkManagementService.Stub
141 implements Watchdog.Monitor {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]142
143 /**
144 * Helper class that encapsulates NetworkManagementService dependencies and makes them
145 * easier to mock in unit tests.
146 */
147 static class SystemServices {
148 public IBinder getService(String name) {
149 return ServiceManager.getService(name);
150 }
151 public void registerLocalService(NetworkManagementInternal nmi) {
152 LocalServices.addService(NetworkManagementInternal.class, nmi);
153 }
154 public INetd getNetd() {
155 return NetdService.get();
156 }
157 }
158
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]159 private static final String TAG = "NetworkManagement";
160 private static final boolean DBG = Log.isLoggable(TAG, Log.DEBUG);
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]161 private static final String NETD_TAG = "NetdConnector";
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]162 static final String NETD_SERVICE_NAME = "netd";
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]163
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]164 private static final int MAX_UID_RANGES_PER_COMMAND = 10;
165
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]166 /**
167 * Name representing {@link #setGlobalAlert(long)} limit when delivered to
168 * {@link INetworkManagementEventObserver#limitReached(String, String)}.
169 */
170 public static final String LIMIT_GLOBAL_ALERT = "globalAlert";
171
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]172 /**
173 * String to pass to netd to indicate that a network is only accessible
174 * to apps that have the CHANGE_NETWORK_STATE permission.
175 */
176 public static final String PERMISSION_NETWORK = "NETWORK";
177
178 /**
179 * String to pass to netd to indicate that a network is only
180 * accessible to system apps and those with the CONNECTIVITY_INTERNAL
181 * permission.
182 */
183 public static final String PERMISSION_SYSTEM = "SYSTEM";
184
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]185 static class NetdResponseCode {
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]186 /* Keep in sync with system/netd/server/ResponseCode.h */
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]187 public static final int InterfaceListResult = 110;
188 public static final int TetherInterfaceListResult = 111;
189 public static final int TetherDnsFwdTgtListResult = 112;
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]190 public static final int TtyListResult = 113;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]191 public static final int TetheringStatsListResult = 114;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]192
193 public static final int TetherStatusResult = 210;
194 public static final int IpFwdStatusResult = 211;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]195 public static final int InterfaceGetCfgResult = 213;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]196 public static final int SoftapStatusResult = 214;
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]197 public static final int InterfaceRxCounterResult = 216;
198 public static final int InterfaceTxCounterResult = 217;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]199 public static final int QuotaCounterResult = 220;
200 public static final int TetheringStatsResult = 221;
Selim Gurun84c00c62012-02-27 15:42:38 -0800[diff] [blame]201 public static final int DnsProxyQueryResult = 222;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]202 public static final int ClatdStatusResult = 223;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]203
204 public static final int InterfaceChange = 600;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]205 public static final int BandwidthControl = 601;
Haoyu Bai6b7358d2012-07-17 16:36:50 -0700[diff] [blame]206 public static final int InterfaceClassActivity = 613;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]207 public static final int InterfaceAddressChange = 614;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]208 public static final int InterfaceDnsServerInfo = 615;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]209 public static final int RouteChange = 616;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]210 public static final int StrictCleartext = 617;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]211 }
212
Rebecca Silbersteine2ec94f2016-03-24 13:29:00 -0700[diff] [blame]213 /**
214 * String indicating a softap command.
215 */
216 static final String SOFT_AP_COMMAND = "softap";
217
218 /**
219 * String passed back to netd connector indicating softap command success.
220 */
221 static final String SOFT_AP_COMMAND_SUCCESS = "Ok";
222
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]223 static final int DAEMON_MSG_MOBILE_CONN_REAL_TIME_INFO = 1;
224
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]225 /**
226 * Binder context for this service
227 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]228 private final Context mContext;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]229
230 /**
231 * connector object for communicating with netd
232 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]233 private final NativeDaemonConnector mConnector;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]234
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]235 private final Handler mFgHandler;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]236 private final Handler mDaemonHandler;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]237
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]238 private final SystemServices mServices;
239
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]240 private INetd mNetdService;
241
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]242 private IBatteryStats mBatteryStats;
243
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]244 private final Thread mThread;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]245 private CountDownLatch mConnectedSignal = new CountDownLatch(1);
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]246
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]247 private final RemoteCallbackList<INetworkManagementEventObserver> mObservers =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]248 new RemoteCallbackList<>();
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]249
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]250 private final NetworkStatsFactory mStatsFactory = new NetworkStatsFactory();
251
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]252 @GuardedBy("mTetheringStatsProviders")
253 private final HashMap<ITetheringStatsProvider, String>
254 mTetheringStatsProviders = Maps.newHashMap();
255
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]256 /**
257 * If both locks need to be held, then they should be obtained in the order:
258 * first {@link #mQuotaLock} and then {@link #mRulesLock}.
259 */
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]260 private final Object mQuotaLock = new Object();
Andrew Scull519291f2017-05-23 13:11:03 +0100[diff] [blame]261 private final Object mRulesLock = new Object();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]262
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]263 /** Set of interfaces with active quotas. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]264 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]265 private HashMap<String, Long> mActiveQuotas = Maps.newHashMap();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]266 /** Set of interfaces with active alerts. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]267 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]268 private HashMap<String, Long> mActiveAlerts = Maps.newHashMap();
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]269 /** Set of UIDs blacklisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]270 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]271 private SparseBooleanArray mUidRejectOnMetered = new SparseBooleanArray();
272 /** Set of UIDs whitelisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]273 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]274 private SparseBooleanArray mUidAllowOnMetered = new SparseBooleanArray();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]275 /** Set of UIDs with cleartext penalties. */
276 @GuardedBy("mQuotaLock")
277 private SparseIntArray mUidCleartextPolicy = new SparseIntArray();
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]278 /** Set of UIDs that are to be blocked/allowed by firewall controller. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]279 @GuardedBy("mRulesLock")
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]280 private SparseIntArray mUidFirewallRules = new SparseIntArray();
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]281 /**
282 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
283 * to application idles.
284 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]285 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]286 private SparseIntArray mUidFirewallStandbyRules = new SparseIntArray();
287 /**
288 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
289 * to device idles.
290 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]291 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]292 private SparseIntArray mUidFirewallDozableRules = new SparseIntArray();
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]293 /**
294 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
295 * to device on power-save mode.
296 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]297 @GuardedBy("mRulesLock")
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]298 private SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]299 /** Set of states for the child firewall chains. True if the chain is active. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]300 @GuardedBy("mRulesLock")
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]301 final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]302
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]303 @GuardedBy("mQuotaLock")
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]304 private volatile boolean mDataSaverMode;
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]305
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]306 private final Object mIdleTimerLock = new Object();
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]307 /** Set of interfaces with active idle timers. */
308 private static class IdleTimerParams {
309 public final int timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]310 public final int type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]311 public int networkCount;
312
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]313 IdleTimerParams(int timeout, int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]314 this.timeout = timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]315 this.type = type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]316 this.networkCount = 1;
317 }
318 }
319 private HashMap<String, IdleTimerParams> mActiveIdleTimers = Maps.newHashMap();
320
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]321 private volatile boolean mBandwidthControlEnabled;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]322 private volatile boolean mFirewallEnabled;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]323 private volatile boolean mStrictEnabled;
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]324
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]325 private boolean mMobileActivityFromRadio = false;
326 private int mLastPowerStateFromRadio = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]327 private int mLastPowerStateFromWifi = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]328
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]329 private final RemoteCallbackList<INetworkActivityListener> mNetworkActivityListeners =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]330 new RemoteCallbackList<>();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]331 private boolean mNetworkActive;
332
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]333 /**
334 * Constructs a new NetworkManagementService instance
335 *
336 * @param context Binder context for this service
337 */
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]338 private NetworkManagementService(
339 Context context, String socket, SystemServices services) {
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]340 mContext = context;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]341 mServices = services;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]342
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]343 // make sure this is on the same looper as our NativeDaemonConnector for sync purposes
344 mFgHandler = new Handler(FgThread.get().getLooper());
345
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]346 // Don't need this wake lock, since we now have a time stamp for when
347 // the network actually went inactive. (It might be nice to still do this,
348 // but I don't want to do it through the power manager because that pollutes the
349 // battery stats history with pointless noise.)
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]350 //PowerManager pm = (PowerManager)context.getSystemService(Context.POWER_SERVICE);
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]351 PowerManager.WakeLock wl = null; //pm.newWakeLock(PowerManager.PARTIAL_WAKE_LOCK, NETD_TAG);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]352
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]353 mConnector = new NativeDaemonConnector(
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]354 new NetdCallbackReceiver(), socket, 10, NETD_TAG, 160, wl,
355 FgThread.get().getLooper());
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]356 mThread = new Thread(mConnector, NETD_TAG);
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]357
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]358 mDaemonHandler = new Handler(FgThread.get().getLooper());
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]359
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]360 // Add ourself to the Watchdog monitors.
361 Watchdog.getInstance().addMonitor(this);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]362
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]363 mServices.registerLocalService(new LocalService());
Lorenzo Colitti8228eb32017-07-19 06:17:33 +0900[diff] [blame]364
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]365 synchronized (mTetheringStatsProviders) {
366 mTetheringStatsProviders.put(new NetdTetheringStatsProvider(), "netd");
367 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]368 }
369
370 @VisibleForTesting
371 NetworkManagementService() {
372 mConnector = null;
373 mContext = null;
374 mDaemonHandler = null;
375 mFgHandler = null;
376 mThread = null;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]377 mServices = null;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]378 }
379
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]380 static NetworkManagementService create(Context context, String socket, SystemServices services)
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]381 throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]382 final NetworkManagementService service =
383 new NetworkManagementService(context, socket, services);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]384 final CountDownLatch connectedSignal = service.mConnectedSignal;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]385 if (DBG) Slog.d(TAG, "Creating NetworkManagementService");
386 service.mThread.start();
387 if (DBG) Slog.d(TAG, "Awaiting socket connection");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]388 connectedSignal.await();
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]389 if (DBG) Slog.d(TAG, "Connected");
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]390 if (DBG) Slog.d(TAG, "Connecting native netd service");
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]391 service.connectNativeNetdService();
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]392 if (DBG) Slog.d(TAG, "Connected");
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]393 return service;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]394 }
395
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]396 public static NetworkManagementService create(Context context) throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]397 return create(context, NETD_SERVICE_NAME, new SystemServices());
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]398 }
399
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]400 public void systemReady() {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]401 if (DBG) {
402 final long start = System.currentTimeMillis();
403 prepareNativeDaemon();
404 final long delta = System.currentTimeMillis() - start;
405 Slog.d(TAG, "Prepared in " + delta + "ms");
406 return;
407 } else {
408 prepareNativeDaemon();
409 }
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]410 }
411
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]412 private IBatteryStats getBatteryStats() {
413 synchronized (this) {
414 if (mBatteryStats != null) {
415 return mBatteryStats;
416 }
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]417 mBatteryStats =
418 IBatteryStats.Stub.asInterface(mServices.getService(BatteryStats.SERVICE_NAME));
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]419 return mBatteryStats;
420 }
421 }
422
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]423 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]424 public void registerObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]425 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]426 mObservers.register(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]427 }
428
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]429 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]430 public void unregisterObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]431 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]432 mObservers.unregister(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]433 }
434
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]435 @FunctionalInterface
436 private interface NetworkManagementEventCallback {
437 public void sendCallback(INetworkManagementEventObserver o) throws RemoteException;
438 }
439
440 private void invokeForAllObservers(NetworkManagementEventCallback eventCallback) {
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]441 final int length = mObservers.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]442 try {
443 for (int i = 0; i < length; i++) {
444 try {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]445 eventCallback.sendCallback(mObservers.getBroadcastItem(i));
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]446 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]447 }
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]448 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]449 } finally {
450 mObservers.finishBroadcast();
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]451 }
452 }
453
454 /**
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]455 * Notify our observers of an interface status change
456 */
457 private void notifyInterfaceStatusChanged(String iface, boolean up) {
458 invokeForAllObservers(o -> o.interfaceStatusChanged(iface, up));
459 }
460
461 /**
Mike J. Chenf59c7d02011-06-23 15:33:15 -0700[diff] [blame]462 * Notify our observers of an interface link state change
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]463 * (typically, an Ethernet cable has been plugged-in or unplugged).
464 */
465 private void notifyInterfaceLinkStateChanged(String iface, boolean up) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]466 invokeForAllObservers(o -> o.interfaceLinkStateChanged(iface, up));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]467 }
468
469 /**
470 * Notify our observers of an interface addition.
471 */
472 private void notifyInterfaceAdded(String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]473 invokeForAllObservers(o -> o.interfaceAdded(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]474 }
475
476 /**
477 * Notify our observers of an interface removal.
478 */
479 private void notifyInterfaceRemoved(String iface) {
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]480 // netd already clears out quota and alerts for removed ifaces; update
481 // our sanity-checking state.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]482 mActiveAlerts.remove(iface);
483 mActiveQuotas.remove(iface);
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]484
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]485 invokeForAllObservers(o -> o.interfaceRemoved(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]486 }
487
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]488 /**
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]489 * Notify our observers of a limit reached.
490 */
491 private void notifyLimitReached(String limitName, String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]492 invokeForAllObservers(o -> o.limitReached(limitName, iface));
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]493 }
494
495 /**
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]496 * Notify our observers of a change in the data activity state of the interface
497 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]498 private void notifyInterfaceClassActivity(int type, int powerState, long tsNanos,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]499 int uid, boolean fromRadio) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]500 final boolean isMobile = ConnectivityManager.isNetworkTypeMobile(type);
501 if (isMobile) {
502 if (!fromRadio) {
503 if (mMobileActivityFromRadio) {
504 // If this call is not coming from a report from the radio itself, but we
505 // have previously received reports from the radio, then we will take the
506 // power state to just be whatever the radio last reported.
507 powerState = mLastPowerStateFromRadio;
508 }
509 } else {
510 mMobileActivityFromRadio = true;
511 }
512 if (mLastPowerStateFromRadio != powerState) {
513 mLastPowerStateFromRadio = powerState;
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]514 try {
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]515 getBatteryStats().noteMobileRadioPowerState(powerState, tsNanos, uid);
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]516 } catch (RemoteException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]517 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]518 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]519 }
520
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]521 if (ConnectivityManager.isNetworkTypeWifi(type)) {
522 if (mLastPowerStateFromWifi != powerState) {
523 mLastPowerStateFromWifi = powerState;
524 try {
Adam Lesinski5f056f62016-07-14 16:56:08 -0700[diff] [blame]525 getBatteryStats().noteWifiRadioPowerState(powerState, tsNanos, uid);
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]526 } catch (RemoteException e) {
527 }
528 }
529 }
530
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]531 boolean isActive = powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_MEDIUM
532 || powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH;
533
534 if (!isMobile || fromRadio || !mMobileActivityFromRadio) {
535 // Report the change in data activity. We don't do this if this is a change
536 // on the mobile network, that is not coming from the radio itself, and we
537 // have previously seen change reports from the radio. In that case only
538 // the radio is the authority for the current state.
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]539 final boolean active = isActive;
540 invokeForAllObservers(o -> o.interfaceClassDataActivityChanged(
541 Integer.toString(type), active, tsNanos));
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]542 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]543
544 boolean report = false;
545 synchronized (mIdleTimerLock) {
546 if (mActiveIdleTimers.isEmpty()) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]547 // If there are no idle timers, we are not monitoring activity, so we
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]548 // are always considered active.
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]549 isActive = true;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]550 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]551 if (mNetworkActive != isActive) {
552 mNetworkActive = isActive;
553 report = isActive;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]554 }
555 }
556 if (report) {
557 reportNetworkActive();
558 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]559 }
560
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]561 @Override
562 public void registerTetheringStatsProvider(ITetheringStatsProvider provider, String name) {
563 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
564 Preconditions.checkNotNull(provider);
565 synchronized(mTetheringStatsProviders) {
566 mTetheringStatsProviders.put(provider, name);
567 }
568 }
569
570 @Override
571 public void unregisterTetheringStatsProvider(ITetheringStatsProvider provider) {
572 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
573 synchronized(mTetheringStatsProviders) {
574 mTetheringStatsProviders.remove(provider);
575 }
576 }
577
Lorenzo Colitti9f0baa92017-08-15 19:25:51 +0900[diff] [blame]578 @Override
579 public void tetherLimitReached(ITetheringStatsProvider provider) {
580 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
581 synchronized(mTetheringStatsProviders) {
582 if (!mTetheringStatsProviders.containsKey(provider)) {
583 return;
584 }
585 // No current code examines the interface parameter in a global alert. Just pass null.
586 notifyLimitReached(LIMIT_GLOBAL_ALERT, null);
587 }
588 }
589
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]590 // Sync the state of the given chain with the native daemon.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]591 private void syncFirewallChainLocked(int chain, String name) {
592 SparseIntArray rules;
593 synchronized (mRulesLock) {
594 final SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]595 // Make a copy of the current rules, and then clear them. This is because
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]596 // setFirewallUidRuleInternal only pushes down rules to the native daemon if they
597 // are different from the current rules stored in the mUidFirewall*Rules array for
598 // the specified chain. If we don't clear the rules, setFirewallUidRuleInternal
599 // will do nothing.
600 rules = uidFirewallRules.clone();
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]601 uidFirewallRules.clear();
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]602 }
603 if (rules.size() > 0) {
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]604 // Now push the rules. setFirewallUidRuleInternal will push each of these down to the
605 // native daemon, and also add them to the mUidFirewall*Rules array for the specified
606 // chain.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]607 if (DBG) Slog.d(TAG, "Pushing " + rules.size() + " active firewall "
608 + name + "UID rules");
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]609 for (int i = 0; i < rules.size(); i++) {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]610 setFirewallUidRuleLocked(chain, rules.keyAt(i), rules.valueAt(i));
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]611 }
612 }
613 }
614
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]615 private void connectNativeNetdService() {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]616 mNetdService = mServices.getNetd();
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]617 }
618
619 /**
620 * Prepare native daemon once connected, enabling modules and pushing any
621 * existing in-memory rules.
622 */
623 private void prepareNativeDaemon() {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]624
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]625 mBandwidthControlEnabled = false;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]626
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]627 // only enable bandwidth control when support exists
628 final boolean hasKernelSupport = new File("/proc/net/xt_qtaguid/ctrl").exists();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]629
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]630 // push any existing quota or UID rules
631 synchronized (mQuotaLock) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]632
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]633 if (hasKernelSupport) {
634 Slog.d(TAG, "enabling bandwidth control");
635 try {
636 mConnector.execute("bandwidth", "enable");
637 mBandwidthControlEnabled = true;
638 } catch (NativeDaemonConnectorException e) {
639 Log.wtf(TAG, "problem enabling bandwidth controls", e);
640 }
641 } else {
642 Slog.i(TAG, "not enabling bandwidth control");
643 }
644
645 SystemProperties.set(PROP_QTAGUID_ENABLED, mBandwidthControlEnabled ? "1" : "0");
646
647 try {
648 mConnector.execute("strict", "enable");
649 mStrictEnabled = true;
650 } catch (NativeDaemonConnectorException e) {
651 Log.wtf(TAG, "Failed strict enable", e);
652 }
653
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]654 setDataSaverModeEnabled(mDataSaverMode);
655
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]656 int size = mActiveQuotas.size();
657 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]658 if (DBG) Slog.d(TAG, "Pushing " + size + " active quota rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]659 final HashMap<String, Long> activeQuotas = mActiveQuotas;
660 mActiveQuotas = Maps.newHashMap();
661 for (Map.Entry<String, Long> entry : activeQuotas.entrySet()) {
662 setInterfaceQuota(entry.getKey(), entry.getValue());
663 }
664 }
665
666 size = mActiveAlerts.size();
667 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]668 if (DBG) Slog.d(TAG, "Pushing " + size + " active alert rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]669 final HashMap<String, Long> activeAlerts = mActiveAlerts;
670 mActiveAlerts = Maps.newHashMap();
671 for (Map.Entry<String, Long> entry : activeAlerts.entrySet()) {
672 setInterfaceAlert(entry.getKey(), entry.getValue());
673 }
674 }
675
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]676 SparseBooleanArray uidRejectOnQuota = null;
677 SparseBooleanArray uidAcceptOnQuota = null;
678 synchronized (mRulesLock) {
679 size = mUidRejectOnMetered.size();
680 if (size > 0) {
681 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered blacklist rules");
682 uidRejectOnQuota = mUidRejectOnMetered;
683 mUidRejectOnMetered = new SparseBooleanArray();
684 }
685
686 size = mUidAllowOnMetered.size();
687 if (size > 0) {
688 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered whitelist rules");
689 uidAcceptOnQuota = mUidAllowOnMetered;
690 mUidAllowOnMetered = new SparseBooleanArray();
691 }
692 }
693 if (uidRejectOnQuota != null) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]694 for (int i = 0; i < uidRejectOnQuota.size(); i++) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]695 setUidMeteredNetworkBlacklist(uidRejectOnQuota.keyAt(i),
696 uidRejectOnQuota.valueAt(i));
697 }
698 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]699 if (uidAcceptOnQuota != null) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]700 for (int i = 0; i < uidAcceptOnQuota.size(); i++) {
701 setUidMeteredNetworkWhitelist(uidAcceptOnQuota.keyAt(i),
702 uidAcceptOnQuota.valueAt(i));
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]703 }
704 }
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]705
706 size = mUidCleartextPolicy.size();
707 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]708 if (DBG) Slog.d(TAG, "Pushing " + size + " active UID cleartext policies");
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]709 final SparseIntArray local = mUidCleartextPolicy;
710 mUidCleartextPolicy = new SparseIntArray();
711 for (int i = 0; i < local.size(); i++) {
712 setUidCleartextNetworkPolicy(local.keyAt(i), local.valueAt(i));
713 }
714 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]715
Robin Leec3736bc2017-03-10 16:19:54 +0000[diff] [blame]716 setFirewallEnabled(mFirewallEnabled);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]717
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]718 syncFirewallChainLocked(FIREWALL_CHAIN_NONE, "");
719 syncFirewallChainLocked(FIREWALL_CHAIN_STANDBY, "standby ");
720 syncFirewallChainLocked(FIREWALL_CHAIN_DOZABLE, "dozable ");
721 syncFirewallChainLocked(FIREWALL_CHAIN_POWERSAVE, "powersave ");
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]722
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]723 final int[] chains =
724 {FIREWALL_CHAIN_STANDBY, FIREWALL_CHAIN_DOZABLE, FIREWALL_CHAIN_POWERSAVE};
725 for (int chain : chains) {
726 if (getFirewallChainState(chain)) {
727 setFirewallChainEnabled(chain, true);
728 }
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]729 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]730 }
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]731
732 if (mBandwidthControlEnabled) {
733 try {
734 getBatteryStats().noteNetworkStatsEnabled();
735 } catch (RemoteException e) {
736 }
737 }
738
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]739 }
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]740
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]741 /**
742 * Notify our observers of a new or updated interface address.
743 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]744 private void notifyAddressUpdated(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]745 invokeForAllObservers(o -> o.addressUpdated(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]746 }
747
748 /**
749 * Notify our observers of a deleted interface address.
750 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]751 private void notifyAddressRemoved(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]752 invokeForAllObservers(o -> o.addressRemoved(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]753 }
754
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]755 /**
756 * Notify our observers of DNS server information received.
757 */
758 private void notifyInterfaceDnsServerInfo(String iface, long lifetime, String[] addresses) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]759 invokeForAllObservers(o -> o.interfaceDnsServerInfo(iface, lifetime, addresses));
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]760 }
761
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]762 /**
763 * Notify our observers of a route change.
764 */
765 private void notifyRouteChange(String action, RouteInfo route) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]766 if (action.equals("updated")) {
767 invokeForAllObservers(o -> o.routeUpdated(route));
768 } else {
769 invokeForAllObservers(o -> o.routeRemoved(route));
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]770 }
771 }
772
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]773 //
774 // Netd Callback handling
775 //
776
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]777 private class NetdCallbackReceiver implements INativeDaemonConnectorCallbacks {
778 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]779 public void onDaemonConnected() {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]780 Slog.i(TAG, "onDaemonConnected()");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]781 // event is dispatched from internal NDC thread, so we prepare the
782 // daemon back on main thread.
783 if (mConnectedSignal != null) {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]784 // The system is booting and we're connecting to netd for the first time.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]785 mConnectedSignal.countDown();
786 mConnectedSignal = null;
787 } else {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]788 // We're reconnecting to netd after the socket connection
789 // was interrupted (e.g., if it crashed).
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]790 mFgHandler.post(new Runnable() {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]791 @Override
792 public void run() {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]793 connectNativeNetdService();
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]794 prepareNativeDaemon();
795 }
796 });
797 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]798 }
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]799
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]800 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]801 public boolean onCheckHoldWakeLock(int code) {
802 return code == NetdResponseCode.InterfaceClassActivity;
803 }
804
805 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]806 public boolean onEvent(int code, String raw, String[] cooked) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]807 String errorMessage = String.format("Invalid event from daemon (%s)", raw);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]808 switch (code) {
809 case NetdResponseCode.InterfaceChange:
810 /*
811 * a network interface change occured
812 * Format: "NNN Iface added <name>"
813 * "NNN Iface removed <name>"
814 * "NNN Iface changed <name> <up/down>"
815 * "NNN Iface linkstatus <name> <up/down>"
816 */
817 if (cooked.length < 4 || !cooked[1].equals("Iface")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]818 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]819 }
820 if (cooked[2].equals("added")) {
821 notifyInterfaceAdded(cooked[3]);
822 return true;
823 } else if (cooked[2].equals("removed")) {
824 notifyInterfaceRemoved(cooked[3]);
825 return true;
826 } else if (cooked[2].equals("changed") && cooked.length == 5) {
827 notifyInterfaceStatusChanged(cooked[3], cooked[4].equals("up"));
828 return true;
829 } else if (cooked[2].equals("linkstate") && cooked.length == 5) {
830 notifyInterfaceLinkStateChanged(cooked[3], cooked[4].equals("up"));
831 return true;
832 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]833 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]834 // break;
835 case NetdResponseCode.BandwidthControl:
836 /*
837 * Bandwidth control needs some attention
838 * Format: "NNN limit alert <alertName> <ifaceName>"
839 */
840 if (cooked.length < 5 || !cooked[1].equals("limit")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]841 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]842 }
843 if (cooked[2].equals("alert")) {
844 notifyLimitReached(cooked[3], cooked[4]);
845 return true;
846 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]847 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]848 // break;
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]849 case NetdResponseCode.InterfaceClassActivity:
850 /*
851 * An network interface class state changed (active/idle)
852 * Format: "NNN IfaceClass <active/idle> <label>"
853 */
854 if (cooked.length < 4 || !cooked[1].equals("IfaceClass")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]855 throw new IllegalStateException(errorMessage);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]856 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]857 long timestampNanos = 0;
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]858 int processUid = -1;
859 if (cooked.length >= 5) {
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]860 try {
861 timestampNanos = Long.parseLong(cooked[4]);
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]862 if (cooked.length == 6) {
863 processUid = Integer.parseInt(cooked[5]);
864 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]865 } catch(NumberFormatException ne) {}
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]866 } else {
867 timestampNanos = SystemClock.elapsedRealtimeNanos();
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]868 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]869 boolean isActive = cooked[2].equals("active");
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]870 notifyInterfaceClassActivity(Integer.parseInt(cooked[3]),
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]871 isActive ? DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]872 : DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
873 timestampNanos, processUid, false);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]874 return true;
875 // break;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]876 case NetdResponseCode.InterfaceAddressChange:
877 /*
878 * A network address change occurred
879 * Format: "NNN Address updated <addr> <iface> <flags> <scope>"
880 * "NNN Address removed <addr> <iface> <flags> <scope>"
881 */
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]882 if (cooked.length < 7 || !cooked[1].equals("Address")) {
883 throw new IllegalStateException(errorMessage);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]884 }
885
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]886 String iface = cooked[4];
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]887 LinkAddress address;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]888 try {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]889 int flags = Integer.parseInt(cooked[5]);
890 int scope = Integer.parseInt(cooked[6]);
891 address = new LinkAddress(cooked[3], flags, scope);
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]892 } catch(NumberFormatException e) { // Non-numeric lifetime or scope.
893 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]894 } catch(IllegalArgumentException e) { // Malformed/invalid IP address.
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]895 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]896 }
897
898 if (cooked[2].equals("updated")) {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]899 notifyAddressUpdated(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]900 } else {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]901 notifyAddressRemoved(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]902 }
903 return true;
904 // break;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]905 case NetdResponseCode.InterfaceDnsServerInfo:
906 /*
907 * Information about available DNS servers has been received.
908 * Format: "NNN DnsInfo servers <interface> <lifetime> <servers>"
909 */
910 long lifetime; // Actually a 32-bit unsigned integer.
911
912 if (cooked.length == 6 &&
913 cooked[1].equals("DnsInfo") &&
914 cooked[2].equals("servers")) {
915 try {
916 lifetime = Long.parseLong(cooked[4]);
917 } catch (NumberFormatException e) {
918 throw new IllegalStateException(errorMessage);
919 }
920 String[] servers = cooked[5].split(",");
921 notifyInterfaceDnsServerInfo(cooked[3], lifetime, servers);
922 }
923 return true;
924 // break;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]925 case NetdResponseCode.RouteChange:
926 /*
927 * A route has been updated or removed.
928 * Format: "NNN Route <updated|removed> <dst> [via <gateway] [dev <iface>]"
929 */
930 if (!cooked[1].equals("Route") || cooked.length < 6) {
931 throw new IllegalStateException(errorMessage);
932 }
933
934 String via = null;
935 String dev = null;
936 boolean valid = true;
937 for (int i = 4; (i + 1) < cooked.length && valid; i += 2) {
938 if (cooked[i].equals("dev")) {
939 if (dev == null) {
940 dev = cooked[i+1];
941 } else {
942 valid = false; // Duplicate interface.
943 }
944 } else if (cooked[i].equals("via")) {
945 if (via == null) {
946 via = cooked[i+1];
947 } else {
948 valid = false; // Duplicate gateway.
949 }
950 } else {
951 valid = false; // Unknown syntax.
952 }
953 }
954 if (valid) {
955 try {
956 // InetAddress.parseNumericAddress(null) inexplicably returns ::1.
957 InetAddress gateway = null;
958 if (via != null) gateway = InetAddress.parseNumericAddress(via);
959 RouteInfo route = new RouteInfo(new IpPrefix(cooked[3]), gateway, dev);
960 notifyRouteChange(cooked[2], route);
961 return true;
962 } catch (IllegalArgumentException e) {}
963 }
964 throw new IllegalStateException(errorMessage);
965 // break;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]966 case NetdResponseCode.StrictCleartext:
967 final int uid = Integer.parseInt(cooked[1]);
968 final byte[] firstPacket = HexDump.hexStringToByteArray(cooked[2]);
969 try {
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]970 ActivityManager.getService().notifyCleartextNetwork(uid, firstPacket);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]971 } catch (RemoteException ignored) {
972 }
973 break;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]974 default: break;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]975 }
976 return false;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]977 }
978 }
979
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]980
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]981 //
982 // INetworkManagementService members
983 //
Erik Kline4e37b702016-07-05 11:34:21 +0900[diff] [blame]984 @Override
985 public INetd getNetdService() throws RemoteException {
986 final CountDownLatch connectedSignal = mConnectedSignal;
987 if (connectedSignal != null) {
988 try {
989 connectedSignal.await();
990 } catch (InterruptedException ignored) {}
991 }
992
993 return mNetdService;
994 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]995
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]996 @Override
997 public String[] listInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]998 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]999 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1000 return NativeDaemonEvent.filterMessageList(
1001 mConnector.executeForList("interface", "list"), InterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1002 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1003 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1004 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1005 }
1006
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1007 @Override
1008 public InterfaceConfiguration getInterfaceConfig(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1009 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1010
1011 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1012 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1013 event = mConnector.execute("interface", "getcfg", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1014 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1015 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1016 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1017
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1018 event.checkCode(InterfaceGetCfgResult);
1019
1020 // Rsp: 213 xx:xx:xx:xx:xx:xx yyy.yyy.yyy.yyy zzz flag1 flag2 flag3
1021 final StringTokenizer st = new StringTokenizer(event.getMessage());
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1022
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1023 InterfaceConfiguration cfg;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1024 try {
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1025 cfg = new InterfaceConfiguration();
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1026 cfg.setHardwareAddress(st.nextToken(" "));
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1027 InetAddress addr = null;
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1028 int prefixLength = 0;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1029 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1030 addr = NetworkUtils.numericToInetAddress(st.nextToken());
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1031 } catch (IllegalArgumentException iae) {
1032 Slog.e(TAG, "Failed to parse ipaddr", iae);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1033 }
1034
1035 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1036 prefixLength = Integer.parseInt(st.nextToken());
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1037 } catch (NumberFormatException nfe) {
1038 Slog.e(TAG, "Failed to parse prefixLength", nfe);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1039 }
Robert Greenwalt04808c22010-12-13 17:01:41 -0800[diff] [blame]1040
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1041 cfg.setLinkAddress(new LinkAddress(addr, prefixLength));
1042 while (st.hasMoreTokens()) {
1043 cfg.setFlag(st.nextToken());
1044 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1045 } catch (NoSuchElementException nsee) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1046 throw new IllegalStateException("Invalid response from daemon: " + event);
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1047 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1048 return cfg;
1049 }
1050
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1051 @Override
1052 public void setInterfaceConfig(String iface, InterfaceConfiguration cfg) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1053 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1054 LinkAddress linkAddr = cfg.getLinkAddress();
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1055 if (linkAddr == null || linkAddr.getAddress() == null) {
1056 throw new IllegalStateException("Null LinkAddress given");
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1057 }
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1058
1059 final Command cmd = new Command("interface", "setcfg", iface,
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1060 linkAddr.getAddress().getHostAddress(),
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]1061 linkAddr.getPrefixLength());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1062 for (String flag : cfg.getFlags()) {
1063 cmd.appendArg(flag);
1064 }
1065
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1066 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1067 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1068 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1069 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1070 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1071 }
1072
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1073 @Override
1074 public void setInterfaceDown(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1075 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1076 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1077 ifcg.setInterfaceDown();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1078 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1079 }
1080
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1081 @Override
1082 public void setInterfaceUp(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1083 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1084 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1085 ifcg.setInterfaceUp();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1086 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1087 }
1088
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1089 @Override
1090 public void setInterfaceIpv6PrivacyExtensions(String iface, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1091 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1092 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1093 mConnector.execute(
1094 "interface", "ipv6privacyextensions", iface, enable ? "enable" : "disable");
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1095 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1096 throw e.rethrowAsParcelableException();
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1097 }
1098 }
1099
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1100 /* TODO: This is right now a IPv4 only function. Works for wifi which loses its
1101 IPv6 addresses on interface down, but we need to do full clean up here */
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1102 @Override
1103 public void clearInterfaceAddresses(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1104 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1105 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1106 mConnector.execute("interface", "clearaddrs", iface);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1107 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1108 throw e.rethrowAsParcelableException();
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1109 }
1110 }
1111
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1112 @Override
1113 public void enableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1114 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1115 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1116 mConnector.execute("interface", "ipv6", iface, "enable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1117 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1118 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1119 }
1120 }
1121
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1122 @Override
Joel Scherpelz2db10742017-06-07 15:38:38 +0900[diff] [blame]1123 public void setIPv6AddrGenMode(String iface, int mode) throws ServiceSpecificException {
1124 try {
1125 mNetdService.setIPv6AddrGenMode(iface, mode);
1126 } catch (RemoteException e) {
1127 throw e.rethrowAsRuntimeException();
1128 }
1129 }
1130
1131 @Override
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1132 public void disableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1133 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1134 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1135 mConnector.execute("interface", "ipv6", iface, "disable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1136 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1137 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1138 }
1139 }
1140
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1141 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1142 public void addRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1143 modifyRoute("add", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1144 }
1145
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1146 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1147 public void removeRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1148 modifyRoute("remove", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1149 }
1150
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1151 private void modifyRoute(String action, String netId, RouteInfo route) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1152 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1153
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1154 final Command cmd = new Command("network", "route", action, netId);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1155
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1156 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1157 cmd.appendArg(route.getInterface());
Lorenzo Colitti4b0f8e62014-09-19 01:49:05 +0900[diff] [blame]1158 cmd.appendArg(route.getDestination().toString());
1159
1160 switch (route.getType()) {
1161 case RouteInfo.RTN_UNICAST:
1162 if (route.hasGateway()) {
1163 cmd.appendArg(route.getGateway().getHostAddress());
1164 }
1165 break;
1166 case RouteInfo.RTN_UNREACHABLE:
1167 cmd.appendArg("unreachable");
1168 break;
1169 case RouteInfo.RTN_THROW:
1170 cmd.appendArg("throw");
1171 break;
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]1172 }
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1173
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1174 try {
1175 mConnector.execute(cmd);
1176 } catch (NativeDaemonConnectorException e) {
1177 throw e.rethrowAsParcelableException();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1178 }
1179 }
1180
1181 private ArrayList<String> readRouteList(String filename) {
1182 FileInputStream fstream = null;
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1183 ArrayList<String> list = new ArrayList<>();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1184
1185 try {
1186 fstream = new FileInputStream(filename);
1187 DataInputStream in = new DataInputStream(fstream);
1188 BufferedReader br = new BufferedReader(new InputStreamReader(in));
1189 String s;
1190
1191 // throw away the title line
1192
1193 while (((s = br.readLine()) != null) && (s.length() != 0)) {
1194 list.add(s);
1195 }
1196 } catch (IOException ex) {
1197 // return current list, possibly empty
1198 } finally {
1199 if (fstream != null) {
1200 try {
1201 fstream.close();
1202 } catch (IOException ex) {}
1203 }
1204 }
1205
1206 return list;
1207 }
1208
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1209 @Override
sy.yun9d9b74a2013-09-02 05:24:09 +0900[diff] [blame]1210 public void setMtu(String iface, int mtu) {
1211 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1212
1213 final NativeDaemonEvent event;
1214 try {
1215 event = mConnector.execute("interface", "setmtu", iface, mtu);
1216 } catch (NativeDaemonConnectorException e) {
1217 throw e.rethrowAsParcelableException();
1218 }
1219 }
1220
1221 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1222 public void shutdown() {
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1223 // TODO: remove from aidl if nobody calls externally
1224 mContext.enforceCallingOrSelfPermission(SHUTDOWN, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1225
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]1226 Slog.i(TAG, "Shutting down");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1227 }
1228
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1229 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1230 public boolean getIpForwardingEnabled() throws IllegalStateException{
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1231 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1232
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1233 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1234 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1235 event = mConnector.execute("ipfwd", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1236 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1237 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1238 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1239
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1240 // 211 Forwarding enabled
1241 event.checkCode(IpFwdStatusResult);
1242 return event.getMessage().endsWith("enabled");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1243 }
1244
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1245 @Override
1246 public void setIpForwardingEnabled(boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1247 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1248 try {
Nilesh Poddarf3d4a582015-02-24 12:11:11 -0800[diff] [blame]1249 mConnector.execute("ipfwd", enable ? "enable" : "disable", "tethering");
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1250 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1251 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1252 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1253 }
1254
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1255 @Override
1256 public void startTethering(String[] dhcpRange) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1257 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1258 // cmd is "tether start first_start first_stop second_start second_stop ..."
1259 // an odd number of addrs will fail
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1260
1261 final Command cmd = new Command("tether", "start");
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1262 for (String d : dhcpRange) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1263 cmd.appendArg(d);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1264 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1265
1266 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1267 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1268 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1269 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1270 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1271 }
1272
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1273 @Override
1274 public void stopTethering() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1275 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1276 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1277 mConnector.execute("tether", "stop");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1278 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1279 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1280 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1281 }
1282
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1283 @Override
1284 public boolean isTetheringStarted() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1285 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1286
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1287 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1288 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1289 event = mConnector.execute("tether", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1290 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1291 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1292 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1293
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1294 // 210 Tethering services started
1295 event.checkCode(TetherStatusResult);
1296 return event.getMessage().endsWith("started");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1297 }
Matthew Xiefe19f122012-07-12 16:03:32 -0700[diff] [blame]1298
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1299 @Override
1300 public void tetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1301 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1302 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1303 mConnector.execute("tether", "interface", "add", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1304 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1305 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1306 }
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1307 List<RouteInfo> routes = new ArrayList<>();
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1308 // The RouteInfo constructor truncates the LinkAddress to a network prefix, thus making it
1309 // suitable to use as a route destination.
1310 routes.add(new RouteInfo(getInterfaceConfig(iface).getLinkAddress(), null, iface));
1311 addInterfaceToLocalNetwork(iface, routes);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1312 }
1313
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1314 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1315 public void untetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1316 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1317 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1318 mConnector.execute("tether", "interface", "remove", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1319 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1320 throw e.rethrowAsParcelableException();
Erik Kline1f4278a2016-08-16 16:46:33 +0900[diff] [blame]1321 } finally {
1322 removeInterfaceFromLocalNetwork(iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1323 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1324 }
1325
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1326 @Override
1327 public String[] listTetheredInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1328 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1329 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1330 return NativeDaemonEvent.filterMessageList(
1331 mConnector.executeForList("tether", "interface", "list"),
1332 TetherInterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1333 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1334 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1335 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1336 }
1337
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1338 @Override
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1339 public void setDnsForwarders(Network network, String[] dns) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1340 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1341
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1342 int netId = (network != null) ? network.netId : ConnectivityManager.NETID_UNSET;
1343 final Command cmd = new Command("tether", "dns", "set", netId);
1344
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1345 for (String s : dns) {
1346 cmd.appendArg(NetworkUtils.numericToInetAddress(s).getHostAddress());
1347 }
1348
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1349 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1350 mConnector.execute(cmd);
1351 } catch (NativeDaemonConnectorException e) {
1352 throw e.rethrowAsParcelableException();
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1353 }
1354 }
1355
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1356 @Override
1357 public String[] getDnsForwarders() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1358 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1359 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1360 return NativeDaemonEvent.filterMessageList(
1361 mConnector.executeForList("tether", "dns", "list"), TetherDnsFwdTgtListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1362 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1363 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1364 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1365 }
1366
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1367 private List<InterfaceAddress> excludeLinkLocal(List<InterfaceAddress> addresses) {
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1368 ArrayList<InterfaceAddress> filtered = new ArrayList<>(addresses.size());
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1369 for (InterfaceAddress ia : addresses) {
1370 if (!ia.getAddress().isLinkLocalAddress())
1371 filtered.add(ia);
1372 }
1373 return filtered;
1374 }
1375
Lorenzo Colitti35e36db2015-02-26 01:25:36 +0900[diff] [blame]1376 private void modifyInterfaceForward(boolean add, String fromIface, String toIface) {
1377 final Command cmd = new Command("ipfwd", add ? "add" : "remove", fromIface, toIface);
1378 try {
1379 mConnector.execute(cmd);
1380 } catch (NativeDaemonConnectorException e) {
1381 throw e.rethrowAsParcelableException();
1382 }
1383 }
1384
1385 @Override
1386 public void startInterfaceForwarding(String fromIface, String toIface) {
1387 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1388 modifyInterfaceForward(true, fromIface, toIface);
1389 }
1390
1391 @Override
1392 public void stopInterfaceForwarding(String fromIface, String toIface) {
1393 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1394 modifyInterfaceForward(false, fromIface, toIface);
1395 }
1396
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1397 private void modifyNat(String action, String internalInterface, String externalInterface)
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1398 throws SocketException {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1399 final Command cmd = new Command("nat", action, internalInterface, externalInterface);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1400
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1401 final NetworkInterface internalNetworkInterface = NetworkInterface.getByName(
1402 internalInterface);
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1403 if (internalNetworkInterface == null) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1404 cmd.appendArg("0");
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1405 } else {
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1406 // Don't touch link-local routes, as link-local addresses aren't routable,
1407 // kernel creates link-local routes on all interfaces automatically
1408 List<InterfaceAddress> interfaceAddresses = excludeLinkLocal(
1409 internalNetworkInterface.getInterfaceAddresses());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1410 cmd.appendArg(interfaceAddresses.size());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1411 for (InterfaceAddress ia : interfaceAddresses) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1412 InetAddress addr = NetworkUtils.getNetworkPart(
1413 ia.getAddress(), ia.getNetworkPrefixLength());
1414 cmd.appendArg(addr.getHostAddress() + "/" + ia.getNetworkPrefixLength());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1415 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1416 }
1417
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1418 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1419 mConnector.execute(cmd);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1420 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1421 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1422 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1423 }
1424
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1425 @Override
1426 public void enableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1427 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1428 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1429 modifyNat("enable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1430 } catch (SocketException e) {
1431 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1432 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1433 }
1434
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1435 @Override
1436 public void disableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1437 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1438 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1439 modifyNat("disable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1440 } catch (SocketException e) {
1441 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1442 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1443 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1444
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1445 @Override
1446 public String[] listTtys() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1447 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1448 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1449 return NativeDaemonEvent.filterMessageList(
1450 mConnector.executeForList("list_ttys"), TtyListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1451 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1452 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1453 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1454 }
1455
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1456 @Override
1457 public void attachPppd(
1458 String tty, String localAddr, String remoteAddr, String dns1Addr, String dns2Addr) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1459 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1460 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1461 mConnector.execute("pppd", "attach", tty,
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1462 NetworkUtils.numericToInetAddress(localAddr).getHostAddress(),
1463 NetworkUtils.numericToInetAddress(remoteAddr).getHostAddress(),
1464 NetworkUtils.numericToInetAddress(dns1Addr).getHostAddress(),
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1465 NetworkUtils.numericToInetAddress(dns2Addr).getHostAddress());
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1466 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1467 throw e.rethrowAsParcelableException();
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1468 }
1469 }
1470
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1471 @Override
1472 public void detachPppd(String tty) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1473 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1474 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1475 mConnector.execute("pppd", "detach", tty);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1476 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1477 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1478 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1479 }
Robert Greenwaltce1200d2010-02-18 11:25:54 -0800[diff] [blame]1480
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1481 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1482 public void addIdleTimer(String iface, int timeout, final int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1483 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1484
1485 if (DBG) Slog.d(TAG, "Adding idletimer");
1486
1487 synchronized (mIdleTimerLock) {
1488 IdleTimerParams params = mActiveIdleTimers.get(iface);
1489 if (params != null) {
1490 // the interface already has idletimer, update network count
1491 params.networkCount++;
1492 return;
1493 }
1494
1495 try {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1496 mConnector.execute("idletimer", "add", iface, Integer.toString(timeout),
1497 Integer.toString(type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1498 } catch (NativeDaemonConnectorException e) {
1499 throw e.rethrowAsParcelableException();
1500 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1501 mActiveIdleTimers.put(iface, new IdleTimerParams(timeout, type));
1502
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]1503 // Networks start up.
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1504 if (ConnectivityManager.isNetworkTypeMobile(type)) {
1505 mNetworkActive = false;
1506 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1507 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1508 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1509 notifyInterfaceClassActivity(type,
1510 DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1511 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1512 }
1513 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1514 }
1515 }
1516
1517 @Override
1518 public void removeIdleTimer(String iface) {
1519 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1520
1521 if (DBG) Slog.d(TAG, "Removing idletimer");
1522
1523 synchronized (mIdleTimerLock) {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1524 final IdleTimerParams params = mActiveIdleTimers.get(iface);
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1525 if (params == null || --(params.networkCount) > 0) {
1526 return;
1527 }
1528
1529 try {
1530 mConnector.execute("idletimer", "remove", iface,
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1531 Integer.toString(params.timeout), Integer.toString(params.type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1532 } catch (NativeDaemonConnectorException e) {
1533 throw e.rethrowAsParcelableException();
1534 }
1535 mActiveIdleTimers.remove(iface);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1536 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1537 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1538 notifyInterfaceClassActivity(params.type,
1539 DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1540 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1541 }
1542 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1543 }
1544 }
1545
1546 @Override
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1547 public NetworkStats getNetworkStatsSummaryDev() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1548 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1549 try {
1550 return mStatsFactory.readNetworkStatsSummaryDev();
1551 } catch (IOException e) {
1552 throw new IllegalStateException(e);
1553 }
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1554 }
1555
1556 @Override
1557 public NetworkStats getNetworkStatsSummaryXt() {
1558 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1559 try {
1560 return mStatsFactory.readNetworkStatsSummaryXt();
1561 } catch (IOException e) {
1562 throw new IllegalStateException(e);
1563 }
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]1564 }
1565
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1566 @Override
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]1567 public NetworkStats getNetworkStatsDetail() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1568 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1569 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1570 return mStatsFactory.readNetworkStatsDetail(UID_ALL, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1571 } catch (IOException e) {
1572 throw new IllegalStateException(e);
1573 }
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]1574 }
1575
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1576 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1577 public void setInterfaceQuota(String iface, long quotaBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1578 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1579
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1580 // silently discard when control disabled
1581 // TODO: eventually migrate to be always enabled
1582 if (!mBandwidthControlEnabled) return;
1583
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1584 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1585 if (mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1586 throw new IllegalStateException("iface " + iface + " already has quota");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1587 }
1588
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1589 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1590 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1591 mConnector.execute("bandwidth", "setiquota", iface, quotaBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1592 mActiveQuotas.put(iface, quotaBytes);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1593 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1594 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1595 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1596
1597 synchronized (mTetheringStatsProviders) {
1598 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1599 try {
1600 provider.setInterfaceQuota(iface, quotaBytes);
1601 } catch (RemoteException e) {
1602 Log.e(TAG, "Problem setting tethering data limit on provider " +
1603 mTetheringStatsProviders.get(provider) + ": " + e);
1604 }
1605 }
1606 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1607 }
1608 }
1609
1610 @Override
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1611 public void removeInterfaceQuota(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1612 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1613
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1614 // silently discard when control disabled
1615 // TODO: eventually migrate to be always enabled
1616 if (!mBandwidthControlEnabled) return;
1617
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1618 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1619 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1620 // TODO: eventually consider throwing
1621 return;
1622 }
1623
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1624 mActiveQuotas.remove(iface);
1625 mActiveAlerts.remove(iface);
Jeff Sharkey38ddeaa2011-11-08 13:04:22 -0800[diff] [blame]1626
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1627 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1628 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1629 mConnector.execute("bandwidth", "removeiquota", iface);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1630 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1631 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1632 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1633
1634 synchronized (mTetheringStatsProviders) {
1635 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1636 try {
1637 provider.setInterfaceQuota(iface, ITetheringStatsProvider.QUOTA_UNLIMITED);
1638 } catch (RemoteException e) {
1639 Log.e(TAG, "Problem removing tethering data limit on provider " +
1640 mTetheringStatsProviders.get(provider) + ": " + e);
1641 }
1642 }
1643 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1644 }
1645 }
1646
1647 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1648 public void setInterfaceAlert(String iface, long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1649 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1650
1651 // silently discard when control disabled
1652 // TODO: eventually migrate to be always enabled
1653 if (!mBandwidthControlEnabled) return;
1654
1655 // quick sanity check
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1656 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1657 throw new IllegalStateException("setting alert requires existing quota on iface");
1658 }
1659
1660 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1661 if (mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1662 throw new IllegalStateException("iface " + iface + " already has alert");
1663 }
1664
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1665 try {
1666 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1667 mConnector.execute("bandwidth", "setinterfacealert", iface, alertBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1668 mActiveAlerts.put(iface, alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1669 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1670 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1671 }
1672 }
1673 }
1674
1675 @Override
1676 public void removeInterfaceAlert(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1677 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1678
1679 // silently discard when control disabled
1680 // TODO: eventually migrate to be always enabled
1681 if (!mBandwidthControlEnabled) return;
1682
1683 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1684 if (!mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1685 // TODO: eventually consider throwing
1686 return;
1687 }
1688
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1689 try {
1690 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1691 mConnector.execute("bandwidth", "removeinterfacealert", iface);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1692 mActiveAlerts.remove(iface);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1693 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1694 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1695 }
1696 }
1697 }
1698
1699 @Override
1700 public void setGlobalAlert(long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1701 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1702
1703 // silently discard when control disabled
1704 // TODO: eventually migrate to be always enabled
1705 if (!mBandwidthControlEnabled) return;
1706
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1707 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1708 mConnector.execute("bandwidth", "setglobalalert", alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1709 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1710 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1711 }
1712 }
1713
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1714 private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1715 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1716
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1717 // silently discard when control disabled
1718 // TODO: eventually migrate to be always enabled
1719 if (!mBandwidthControlEnabled) return;
1720
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1721 final String chain = blacklist ? "naughtyapps" : "niceapps";
1722 final String suffix = enable ? "add" : "remove";
1723
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1724 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1725 boolean oldEnable;
1726 SparseBooleanArray quotaList;
1727 synchronized (mRulesLock) {
1728 quotaList = blacklist ? mUidRejectOnMetered : mUidAllowOnMetered;
1729 oldEnable = quotaList.get(uid, false);
1730 }
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1731 if (oldEnable == enable) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1732 // TODO: eventually consider throwing
1733 return;
1734 }
1735
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1736 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "inetd bandwidth");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1737 try {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1738 mConnector.execute("bandwidth", suffix + chain, uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1739 synchronized (mRulesLock) {
1740 if (enable) {
1741 quotaList.put(uid, true);
1742 } else {
1743 quotaList.delete(uid);
1744 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1745 }
1746 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1747 throw e.rethrowAsParcelableException();
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1748 } finally {
1749 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1750 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1751 }
1752 }
1753
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1754 @Override
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1755 public void setUidMeteredNetworkBlacklist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1756 setUidOnMeteredNetworkList(uid, true, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1757 }
1758
1759 @Override
1760 public void setUidMeteredNetworkWhitelist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1761 setUidOnMeteredNetworkList(uid, false, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1762 }
1763
1764 @Override
1765 public boolean setDataSaverModeEnabled(boolean enable) {
Sehee Parka9139bc2017-12-22 13:54:05 +0900[diff] [blame]1766 mContext.enforceCallingOrSelfPermission(NETWORK_SETTINGS, TAG);
1767
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1768 if (DBG) Log.d(TAG, "setDataSaverMode: " + enable);
1769 synchronized (mQuotaLock) {
1770 if (mDataSaverMode == enable) {
1771 Log.w(TAG, "setDataSaverMode(): already " + mDataSaverMode);
1772 return true;
1773 }
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1774 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "bandwidthEnableDataSaver");
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1775 try {
1776 final boolean changed = mNetdService.bandwidthEnableDataSaver(enable);
1777 if (changed) {
1778 mDataSaverMode = enable;
1779 } else {
1780 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command silently failed");
1781 }
1782 return changed;
1783 } catch (RemoteException e) {
1784 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command failed", e);
1785 return false;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1786 } finally {
1787 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1788 }
1789 }
1790 }
1791
1792 @Override
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1793 public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges)
1794 throws ServiceSpecificException {
1795 try {
1796 mNetdService.networkRejectNonSecureVpn(add, uidRanges);
1797 } catch (ServiceSpecificException e) {
1798 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1799 + ": netd command failed", e);
1800 throw e;
1801 } catch (RemoteException e) {
1802 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1803 + ": netd command failed", e);
1804 throw e.rethrowAsRuntimeException();
1805 }
1806 }
1807
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1808 private void applyUidCleartextNetworkPolicy(int uid, int policy) {
1809 final String policyString;
1810 switch (policy) {
1811 case StrictMode.NETWORK_POLICY_ACCEPT:
1812 policyString = "accept";
1813 break;
1814 case StrictMode.NETWORK_POLICY_LOG:
1815 policyString = "log";
1816 break;
1817 case StrictMode.NETWORK_POLICY_REJECT:
1818 policyString = "reject";
1819 break;
1820 default:
1821 throw new IllegalArgumentException("Unknown policy " + policy);
1822 }
1823
1824 try {
1825 mConnector.execute("strict", "set_uid_cleartext_policy", uid, policyString);
1826 mUidCleartextPolicy.put(uid, policy);
1827 } catch (NativeDaemonConnectorException e) {
1828 throw e.rethrowAsParcelableException();
1829 }
1830 }
1831
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1832 @Override
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1833 public void setUidCleartextNetworkPolicy(int uid, int policy) {
1834 if (Binder.getCallingUid() != uid) {
1835 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1836 }
1837
1838 synchronized (mQuotaLock) {
1839 final int oldPolicy = mUidCleartextPolicy.get(uid, StrictMode.NETWORK_POLICY_ACCEPT);
1840 if (oldPolicy == policy) {
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1841 // This also ensures we won't needlessly apply an ACCEPT policy if we've just
1842 // enabled strict and the underlying iptables rules are empty.
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1843 return;
1844 }
1845
1846 if (!mStrictEnabled) {
1847 // Module isn't enabled yet; stash the requested policy away to
1848 // apply later once the daemon is connected.
1849 mUidCleartextPolicy.put(uid, policy);
1850 return;
1851 }
1852
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1853 // netd does not keep state on strict mode policies, and cannot replace a non-accept
1854 // policy without deleting it first. Rather than add state to netd, just always send
1855 // it an accept policy when switching between two non-accept policies.
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1856 // TODO: consider keeping state in netd so we can simplify this code.
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1857 if (oldPolicy != StrictMode.NETWORK_POLICY_ACCEPT &&
1858 policy != StrictMode.NETWORK_POLICY_ACCEPT) {
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1859 applyUidCleartextNetworkPolicy(uid, StrictMode.NETWORK_POLICY_ACCEPT);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1860 }
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1861
1862 applyUidCleartextNetworkPolicy(uid, policy);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1863 }
1864 }
1865
1866 @Override
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1867 public boolean isBandwidthControlEnabled() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1868 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1869 return mBandwidthControlEnabled;
1870 }
1871
1872 @Override
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1873 public NetworkStats getNetworkStatsUidDetail(int uid) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1874 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1875 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1876 return mStatsFactory.readNetworkStatsDetail(uid, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1877 } catch (IOException e) {
1878 throw new IllegalStateException(e);
1879 }
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1880 }
1881
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1882 private class NetdTetheringStatsProvider extends ITetheringStatsProvider.Stub {
1883 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1884 public NetworkStats getTetherStats(int how) {
1885 // We only need to return per-UID stats. Per-device stats are already counted by
1886 // interface counters.
1887 if (how != STATS_PER_UID) {
1888 return new NetworkStats(SystemClock.elapsedRealtime(), 0);
1889 }
1890
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1891 final PersistableBundle bundle;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1892 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1893 bundle = mNetdService.tetherGetStats();
1894 } catch (RemoteException | ServiceSpecificException e) {
1895 throw new IllegalStateException("problem parsing tethering stats: ", e);
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1896 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1897
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1898 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(),
1899 bundle.size());
1900 final NetworkStats.Entry entry = new NetworkStats.Entry();
1901
1902 for (String iface : bundle.keySet()) {
1903 long[] statsArray = bundle.getLongArray(iface);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1904 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1905 entry.iface = iface;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1906 entry.uid = UID_TETHERING;
1907 entry.set = SET_DEFAULT;
1908 entry.tag = TAG_NONE;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1909 entry.rxBytes = statsArray[INetd.TETHER_STATS_RX_BYTES];
1910 entry.rxPackets = statsArray[INetd.TETHER_STATS_RX_PACKETS];
1911 entry.txBytes = statsArray[INetd.TETHER_STATS_TX_BYTES];
1912 entry.txPackets = statsArray[INetd.TETHER_STATS_TX_PACKETS];
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1913 stats.combineValues(entry);
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1914 } catch (ArrayIndexOutOfBoundsException e) {
1915 throw new IllegalStateException("invalid tethering stats for " + iface, e);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1916 }
1917 }
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1918
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1919 return stats;
1920 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1921
1922 @Override
1923 public void setInterfaceQuota(String iface, long quotaBytes) {
1924 // Do nothing. netd is already informed of quota changes in setInterfaceQuota.
1925 }
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1926 }
1927
1928 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1929 public NetworkStats getNetworkStatsTethering(int how) {
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1930 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1931
1932 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1);
1933 synchronized (mTetheringStatsProviders) {
1934 for (ITetheringStatsProvider provider: mTetheringStatsProviders.keySet()) {
1935 try {
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1936 stats.combineAllValues(provider.getTetherStats(how));
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1937 } catch (RemoteException e) {
1938 Log.e(TAG, "Problem reading tethering stats from " +
1939 mTetheringStatsProviders.get(provider) + ": " + e);
1940 }
1941 }
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1942 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1943 return stats;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1944 }
1945
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1946 @Override
Erik Kline1742fe12017-12-13 19:40:49 +0900[diff] [blame]1947 public void setDnsConfigurationForNetwork(int netId, String[] servers, String[] domains,
1948 int[] params, boolean useTls, String tlsHostname) {
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1949 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1950
Ben Schwartz6ec28df2017-10-02 13:08:06 -0400[diff] [blame]1951 final String[] tlsFingerprints = new String[0];
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1952 try {
Erik Kline1742fe12017-12-13 19:40:49 +0900[diff] [blame]1953 mNetdService.setResolverConfiguration(
1954 netId, servers, domains, params, useTls, tlsHostname, tlsFingerprints);
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1955 } catch (RemoteException e) {
1956 throw new RuntimeException(e);
1957 }
1958 }
1959
Erik Kline4d092232017-10-30 15:29:44 +0900[diff] [blame]1960 private static boolean shouldUseTls(ContentResolver cr) {
1961 String privateDns = Settings.Global.getString(cr, Settings.Global.PRIVATE_DNS_MODE);
1962 if (TextUtils.isEmpty(privateDns)) {
1963 privateDns = PRIVATE_DNS_DEFAULT_MODE;
1964 }
1965 return privateDns.equals(PRIVATE_DNS_MODE_OPPORTUNISTIC) ||
1966 privateDns.startsWith(PRIVATE_DNS_MODE_PROVIDER_HOSTNAME);
1967 }
1968
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1969 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1970 public void addVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1971 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1972 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1973 argv[0] = "users";
1974 argv[1] = "add";
1975 argv[2] = netId;
1976 int argc = 3;
1977 // Avoid overly long commands by limiting number of UID ranges per command.
1978 for (int i = 0; i < ranges.length; i++) {
1979 argv[argc++] = ranges[i].toString();
1980 if (i == (ranges.length - 1) || argc == argv.length) {
1981 try {
1982 mConnector.execute("network", Arrays.copyOf(argv, argc));
1983 } catch (NativeDaemonConnectorException e) {
1984 throw e.rethrowAsParcelableException();
1985 }
1986 argc = 3;
1987 }
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1988 }
1989 }
1990
1991 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1992 public void removeVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1993 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1994 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1995 argv[0] = "users";
1996 argv[1] = "remove";
1997 argv[2] = netId;
1998 int argc = 3;
1999 // Avoid overly long commands by limiting number of UID ranges per command.
2000 for (int i = 0; i < ranges.length; i++) {
2001 argv[argc++] = ranges[i].toString();
2002 if (i == (ranges.length - 1) || argc == argv.length) {
2003 try {
2004 mConnector.execute("network", Arrays.copyOf(argv, argc));
2005 } catch (NativeDaemonConnectorException e) {
2006 throw e.rethrowAsParcelableException();
2007 }
2008 argc = 3;
2009 }
Chad Brubakercca54c42013-06-27 17:41:38 -0700[diff] [blame]2010 }
2011 }
2012
2013 @Override
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2014 public void setFirewallEnabled(boolean enabled) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2015 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2016 try {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2017 mConnector.execute("firewall", "enable", enabled ? "whitelist" : "blacklist");
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2018 mFirewallEnabled = enabled;
2019 } catch (NativeDaemonConnectorException e) {
2020 throw e.rethrowAsParcelableException();
2021 }
2022 }
2023
2024 @Override
2025 public boolean isFirewallEnabled() {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2026 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2027 return mFirewallEnabled;
2028 }
2029
2030 @Override
Jeff Sharkey2c092982012-08-24 11:44:40 -0700[diff] [blame]2031 public void setFirewallInterfaceRule(String iface, boolean allow) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2032 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2033 Preconditions.checkState(mFirewallEnabled);
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2034 final String rule = allow ? "allow" : "deny";
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2035 try {
2036 mConnector.execute("firewall", "set_interface_rule", iface, rule);
2037 } catch (NativeDaemonConnectorException e) {
2038 throw e.rethrowAsParcelableException();
2039 }
2040 }
2041
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2042 private void closeSocketsForFirewallChainLocked(int chain, String chainName) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2043 // UID ranges to close sockets on.
2044 UidRange[] ranges;
2045 // UID ranges whose sockets we won't touch.
2046 int[] exemptUids;
2047
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2048 int numUids = 0;
2049
2050 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2051 // Close all sockets on all non-system UIDs...
2052 ranges = new UidRange[] {
2053 // TODO: is there a better way of finding all existing users? If so, we could
2054 // specify their ranges here.
2055 new UidRange(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE),
2056 };
2057 // ... except for the UIDs that have allow rules.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2058 synchronized (mRulesLock) {
2059 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2060 exemptUids = new int[rules.size()];
2061 for (int i = 0; i < exemptUids.length; i++) {
2062 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2063 exemptUids[numUids] = rules.keyAt(i);
2064 numUids++;
2065 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2066 }
2067 }
2068 // Normally, whitelist chains only contain deny rules, so numUids == exemptUids.length.
2069 // But the code does not guarantee this in any way, and at least in one case - if we add
2070 // a UID rule to the firewall, and then disable the firewall - the chains can contain
2071 // the wrong type of rule. In this case, don't close connections that we shouldn't.
2072 //
2073 // TODO: tighten up this code by ensuring we never set the wrong type of rule, and
2074 // fix setFirewallEnabled to grab mQuotaLock and clear rules.
2075 if (numUids != exemptUids.length) {
2076 exemptUids = Arrays.copyOf(exemptUids, numUids);
2077 }
2078 } else {
2079 // Close sockets for every UID that has a deny rule...
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2080 synchronized (mRulesLock) {
2081 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2082 ranges = new UidRange[rules.size()];
2083 for (int i = 0; i < ranges.length; i++) {
2084 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2085 int uid = rules.keyAt(i);
2086 ranges[numUids] = new UidRange(uid, uid);
2087 numUids++;
2088 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2089 }
2090 }
2091 // As above; usually numUids == ranges.length, but not always.
2092 if (numUids != ranges.length) {
2093 ranges = Arrays.copyOf(ranges, numUids);
2094 }
2095 // ... with no exceptions.
2096 exemptUids = new int[0];
2097 }
2098
2099 try {
2100 mNetdService.socketDestroy(ranges, exemptUids);
2101 } catch(RemoteException | ServiceSpecificException e) {
2102 Slog.e(TAG, "Error closing sockets after enabling chain " + chainName + ": " + e);
2103 }
2104 }
2105
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2106 @Override
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2107 public void setFirewallChainEnabled(int chain, boolean enable) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2108 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2109 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2110 synchronized (mRulesLock) {
2111 if (getFirewallChainState(chain) == enable) {
2112 // All is the same, nothing to do. This relies on the fact that netd has child
2113 // chains default detached.
2114 return;
2115 }
2116 setFirewallChainState(chain, enable);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2117 }
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2118
2119 final String operation = enable ? "enable_chain" : "disable_chain";
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2120 final String chainName;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2121 switch(chain) {
2122 case FIREWALL_CHAIN_STANDBY:
2123 chainName = FIREWALL_CHAIN_NAME_STANDBY;
2124 break;
2125 case FIREWALL_CHAIN_DOZABLE:
2126 chainName = FIREWALL_CHAIN_NAME_DOZABLE;
2127 break;
2128 case FIREWALL_CHAIN_POWERSAVE:
2129 chainName = FIREWALL_CHAIN_NAME_POWERSAVE;
2130 break;
2131 default:
2132 throw new IllegalArgumentException("Bad child chain: " + chain);
2133 }
2134
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2135 try {
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2136 mConnector.execute("firewall", operation, chainName);
2137 } catch (NativeDaemonConnectorException e) {
2138 throw e.rethrowAsParcelableException();
2139 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2140
2141 // Close any sockets that were opened by the affected UIDs. This has to be done after
2142 // disabling network connectivity, in case they react to the socket close by reopening
2143 // the connection and race with the iptables commands that enable the firewall. All
2144 // whitelist and blacklist chains allow RSTs through.
2145 if (enable) {
2146 if (DBG) Slog.d(TAG, "Closing sockets after enabling chain " + chainName);
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2147 closeSocketsForFirewallChainLocked(chain, chainName);
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2148 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2149 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2150 }
2151
2152 private int getFirewallType(int chain) {
2153 switch (chain) {
2154 case FIREWALL_CHAIN_STANDBY:
2155 return FIREWALL_TYPE_BLACKLIST;
2156 case FIREWALL_CHAIN_DOZABLE:
2157 return FIREWALL_TYPE_WHITELIST;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2158 case FIREWALL_CHAIN_POWERSAVE:
2159 return FIREWALL_TYPE_WHITELIST;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2160 default:
2161 return isFirewallEnabled() ? FIREWALL_TYPE_WHITELIST : FIREWALL_TYPE_BLACKLIST;
2162 }
2163 }
2164
2165 @Override
2166 public void setFirewallUidRules(int chain, int[] uids, int[] rules) {
2167 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2168 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2169 synchronized (mRulesLock) {
2170 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
2171 SparseIntArray newRules = new SparseIntArray();
2172 // apply new set of rules
2173 for (int index = uids.length - 1; index >= 0; --index) {
2174 int uid = uids[index];
2175 int rule = rules[index];
2176 updateFirewallUidRuleLocked(chain, uid, rule);
2177 newRules.put(uid, rule);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2178 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2179 // collect the rules to remove.
2180 SparseIntArray rulesToRemove = new SparseIntArray();
2181 for (int index = uidFirewallRules.size() - 1; index >= 0; --index) {
2182 int uid = uidFirewallRules.keyAt(index);
2183 if (newRules.indexOfKey(uid) < 0) {
2184 rulesToRemove.put(uid, FIREWALL_RULE_DEFAULT);
2185 }
2186 }
2187 // remove dead rules
2188 for (int index = rulesToRemove.size() - 1; index >= 0; --index) {
2189 int uid = rulesToRemove.keyAt(index);
2190 updateFirewallUidRuleLocked(chain, uid, FIREWALL_RULE_DEFAULT);
2191 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2192 }
2193 try {
2194 switch (chain) {
2195 case FIREWALL_CHAIN_DOZABLE:
2196 mNetdService.firewallReplaceUidChain("fw_dozable", true, uids);
2197 break;
2198 case FIREWALL_CHAIN_STANDBY:
2199 mNetdService.firewallReplaceUidChain("fw_standby", false, uids);
2200 break;
2201 case FIREWALL_CHAIN_POWERSAVE:
2202 mNetdService.firewallReplaceUidChain("fw_powersave", true, uids);
2203 break;
2204 case FIREWALL_CHAIN_NONE:
2205 default:
2206 Slog.d(TAG, "setFirewallUidRules() called on invalid chain: " + chain);
2207 }
2208 } catch (RemoteException e) {
2209 Slog.w(TAG, "Error flushing firewall chain " + chain, e);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2210 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2211 }
2212 }
2213
2214 @Override
2215 public void setFirewallUidRule(int chain, int uid, int rule) {
2216 enforceSystemUid();
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2217 synchronized (mQuotaLock) {
2218 setFirewallUidRuleLocked(chain, uid, rule);
2219 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2220 }
2221
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2222 private void setFirewallUidRuleLocked(int chain, int uid, int rule) {
2223 if (updateFirewallUidRuleLocked(chain, uid, rule)) {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2224 try {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2225 mConnector.execute("firewall", "set_uid_rule", getFirewallChainName(chain), uid,
2226 getFirewallRuleName(chain, rule));
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2227 } catch (NativeDaemonConnectorException e) {
2228 throw e.rethrowAsParcelableException();
2229 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2230 }
2231 }
2232
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2233 // TODO: now that netd supports batching, NMS should not keep these data structures anymore...
2234 private boolean updateFirewallUidRuleLocked(int chain, int uid, int rule) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2235 synchronized (mRulesLock) {
2236 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2237
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2238 final int oldUidFirewallRule = uidFirewallRules.get(uid, FIREWALL_RULE_DEFAULT);
2239 if (DBG) {
2240 Slog.d(TAG, "oldRule = " + oldUidFirewallRule
2241 + ", newRule=" + rule + " for uid=" + uid + " on chain " + chain);
2242 }
2243 if (oldUidFirewallRule == rule) {
2244 if (DBG) Slog.d(TAG, "!!!!! Skipping change");
2245 // TODO: eventually consider throwing
2246 return false;
2247 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2248
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2249 String ruleName = getFirewallRuleName(chain, rule);
2250 String oldRuleName = getFirewallRuleName(chain, oldUidFirewallRule);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2251
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2252 if (rule == NetworkPolicyManager.FIREWALL_RULE_DEFAULT) {
2253 uidFirewallRules.delete(uid);
2254 } else {
2255 uidFirewallRules.put(uid, rule);
2256 }
2257 return !ruleName.equals(oldRuleName);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2258 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2259 }
2260
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2261 private @NonNull String getFirewallRuleName(int chain, int rule) {
2262 String ruleName;
2263 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2264 if (rule == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2265 ruleName = "allow";
2266 } else {
2267 ruleName = "deny";
2268 }
2269 } else { // Blacklist mode
2270 if (rule == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2271 ruleName = "deny";
2272 } else {
2273 ruleName = "allow";
2274 }
2275 }
2276 return ruleName;
2277 }
2278
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2279 private @NonNull SparseIntArray getUidFirewallRulesLR(int chain) {
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2280 switch (chain) {
2281 case FIREWALL_CHAIN_STANDBY:
2282 return mUidFirewallStandbyRules;
2283 case FIREWALL_CHAIN_DOZABLE:
2284 return mUidFirewallDozableRules;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2285 case FIREWALL_CHAIN_POWERSAVE:
2286 return mUidFirewallPowerSaveRules;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2287 case FIREWALL_CHAIN_NONE:
2288 return mUidFirewallRules;
2289 default:
2290 throw new IllegalArgumentException("Unknown chain:" + chain);
2291 }
2292 }
2293
2294 public @NonNull String getFirewallChainName(int chain) {
2295 switch (chain) {
2296 case FIREWALL_CHAIN_STANDBY:
2297 return FIREWALL_CHAIN_NAME_STANDBY;
2298 case FIREWALL_CHAIN_DOZABLE:
2299 return FIREWALL_CHAIN_NAME_DOZABLE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2300 case FIREWALL_CHAIN_POWERSAVE:
2301 return FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2302 case FIREWALL_CHAIN_NONE:
2303 return FIREWALL_CHAIN_NAME_NONE;
2304 default:
2305 throw new IllegalArgumentException("Unknown chain:" + chain);
2306 }
2307 }
2308
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2309 private static void enforceSystemUid() {
2310 final int uid = Binder.getCallingUid();
2311 if (uid != Process.SYSTEM_UID) {
2312 throw new SecurityException("Only available to AID_SYSTEM");
2313 }
2314 }
2315
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2316 @Override
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2317 public void startClatd(String interfaceName) throws IllegalStateException {
2318 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2319
2320 try {
2321 mConnector.execute("clatd", "start", interfaceName);
2322 } catch (NativeDaemonConnectorException e) {
2323 throw e.rethrowAsParcelableException();
2324 }
2325 }
2326
2327 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2328 public void stopClatd(String interfaceName) throws IllegalStateException {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2329 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2330
2331 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2332 mConnector.execute("clatd", "stop", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2333 } catch (NativeDaemonConnectorException e) {
2334 throw e.rethrowAsParcelableException();
2335 }
2336 }
2337
2338 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2339 public boolean isClatdStarted(String interfaceName) {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2340 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2341
2342 final NativeDaemonEvent event;
2343 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2344 event = mConnector.execute("clatd", "status", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2345 } catch (NativeDaemonConnectorException e) {
2346 throw e.rethrowAsParcelableException();
2347 }
2348
2349 event.checkCode(ClatdStatusResult);
2350 return event.getMessage().endsWith("started");
2351 }
2352
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2353 @Override
2354 public void registerNetworkActivityListener(INetworkActivityListener listener) {
2355 mNetworkActivityListeners.register(listener);
2356 }
2357
2358 @Override
2359 public void unregisterNetworkActivityListener(INetworkActivityListener listener) {
2360 mNetworkActivityListeners.unregister(listener);
2361 }
2362
2363 @Override
2364 public boolean isNetworkActive() {
2365 synchronized (mNetworkActivityListeners) {
2366 return mNetworkActive || mActiveIdleTimers.isEmpty();
2367 }
2368 }
2369
2370 private void reportNetworkActive() {
2371 final int length = mNetworkActivityListeners.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2372 try {
2373 for (int i = 0; i < length; i++) {
2374 try {
2375 mNetworkActivityListeners.getBroadcastItem(i).onNetworkActive();
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]2376 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2377 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2378 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2379 } finally {
2380 mNetworkActivityListeners.finishBroadcast();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2381 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2382 }
2383
Mattias Falk8b47b362011-08-23 14:15:13 +0200[diff] [blame]2384 /** {@inheritDoc} */
Jeff Sharkey7b4596f2013-02-25 10:55:29 -0800[diff] [blame]2385 @Override
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]2386 public void monitor() {
2387 if (mConnector != null) {
2388 mConnector.monitor();
2389 }
2390 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2391
2392 @Override
2393 protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]2394 if (!DumpUtils.checkDumpPermission(mContext, TAG, pw)) return;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2395
Robert Greenwalt470fd722012-01-18 12:51:15 -0800[diff] [blame]2396 pw.println("NetworkManagementService NativeDaemonConnector Log:");
2397 mConnector.dump(fd, pw, args);
2398 pw.println();
2399
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2400 pw.print("Bandwidth control enabled: "); pw.println(mBandwidthControlEnabled);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]2401 pw.print("mMobileActivityFromRadio="); pw.print(mMobileActivityFromRadio);
2402 pw.print(" mLastPowerStateFromRadio="); pw.println(mLastPowerStateFromRadio);
2403 pw.print("mNetworkActive="); pw.println(mNetworkActive);
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2404
2405 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]2406 pw.print("Active quota ifaces: "); pw.println(mActiveQuotas.toString());
2407 pw.print("Active alert ifaces: "); pw.println(mActiveAlerts.toString());
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2408 pw.print("Data saver mode: "); pw.println(mDataSaverMode);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2409 synchronized (mRulesLock) {
2410 dumpUidRuleOnQuotaLocked(pw, "blacklist", mUidRejectOnMetered);
2411 dumpUidRuleOnQuotaLocked(pw, "whitelist", mUidAllowOnMetered);
2412 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2413 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2414
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2415 synchronized (mRulesLock) {
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2416 dumpUidFirewallRule(pw, "", mUidFirewallRules);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2417
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2418 pw.print("UID firewall standby chain enabled: "); pw.println(
2419 getFirewallChainState(FIREWALL_CHAIN_STANDBY));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2420 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_STANDBY, mUidFirewallStandbyRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2421
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2422 pw.print("UID firewall dozable chain enabled: "); pw.println(
2423 getFirewallChainState(FIREWALL_CHAIN_DOZABLE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2424 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_DOZABLE, mUidFirewallDozableRules);
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2425
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2426 pw.println("UID firewall powersave chain enabled: " +
2427 getFirewallChainState(FIREWALL_CHAIN_POWERSAVE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2428 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_POWERSAVE, mUidFirewallPowerSaveRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2429 }
2430
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2431 synchronized (mIdleTimerLock) {
2432 pw.println("Idle timers:");
2433 for (HashMap.Entry<String, IdleTimerParams> ent : mActiveIdleTimers.entrySet()) {
2434 pw.print(" "); pw.print(ent.getKey()); pw.println(":");
2435 IdleTimerParams params = ent.getValue();
2436 pw.print(" timeout="); pw.print(params.timeout);
2437 pw.print(" type="); pw.print(params.type);
2438 pw.print(" networkCount="); pw.println(params.networkCount);
2439 }
2440 }
2441
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2442 pw.print("Firewall enabled: "); pw.println(mFirewallEnabled);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2443 pw.print("Netd service status: " );
2444 if (mNetdService == null) {
2445 pw.println("disconnected");
2446 } else {
2447 try {
2448 final boolean alive = mNetdService.isAlive();
2449 pw.println(alive ? "alive": "dead");
2450 } catch (RemoteException e) {
2451 pw.println("unreachable");
2452 }
2453 }
2454 }
2455
2456 private void dumpUidRuleOnQuotaLocked(PrintWriter pw, String name, SparseBooleanArray list) {
2457 pw.print("UID bandwith control ");
2458 pw.print(name);
2459 pw.print(" rule: [");
2460 final int size = list.size();
2461 for (int i = 0; i < size; i++) {
2462 pw.print(list.keyAt(i));
2463 if (i < size - 1) pw.print(",");
2464 }
2465 pw.println("]");
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2466 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2467
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2468 private void dumpUidFirewallRule(PrintWriter pw, String name, SparseIntArray rules) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2469 pw.print("UID firewall ");
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2470 pw.print(name);
2471 pw.print(" rule: [");
2472 final int size = rules.size();
2473 for (int i = 0; i < size; i++) {
2474 pw.print(rules.keyAt(i));
2475 pw.print(":");
2476 pw.print(rules.valueAt(i));
2477 if (i < size - 1) pw.print(",");
2478 }
2479 pw.println("]");
2480 }
2481
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2482 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2483 public void createPhysicalNetwork(int netId, String permission) {
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2484 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2485
2486 try {
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2487 if (permission != null) {
2488 mConnector.execute("network", "create", netId, permission);
2489 } else {
2490 mConnector.execute("network", "create", netId);
2491 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2492 } catch (NativeDaemonConnectorException e) {
2493 throw e.rethrowAsParcelableException();
2494 }
2495 }
2496
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2497 @Override
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2498 public void createVirtualNetwork(int netId, boolean hasDNS, boolean secure) {
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2499 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2500
2501 try {
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2502 mConnector.execute("network", "create", netId, "vpn", hasDNS ? "1" : "0",
2503 secure ? "1" : "0");
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2504 } catch (NativeDaemonConnectorException e) {
2505 throw e.rethrowAsParcelableException();
2506 }
2507 }
2508
2509 @Override
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2510 public void removeNetwork(int netId) {
Erik Kline33d8e5c2018-01-15 17:05:07 +0900[diff] [blame^]2511 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2512
2513 try {
Erik Kline33d8e5c2018-01-15 17:05:07 +0900[diff] [blame^]2514 mNetdService.networkDestroy(netId);
2515 } catch (ServiceSpecificException e) {
2516 Log.w(TAG, "removeNetwork(" + netId + "): ", e);
2517 throw e;
2518 } catch (RemoteException e) {
2519 Log.w(TAG, "removeNetwork(" + netId + "): ", e);
2520 throw e.rethrowAsRuntimeException();
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2521 }
2522 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2523
2524 @Override
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2525 public void addInterfaceToNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2526 modifyInterfaceInNetwork("add", "" + netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2527 }
2528
2529 @Override
2530 public void removeInterfaceFromNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2531 modifyInterfaceInNetwork("remove", "" + netId, iface);
2532 }
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2533
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2534 private void modifyInterfaceInNetwork(String action, String netId, String iface) {
2535 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2536 try {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2537 mConnector.execute("network", "interface", action, netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2538 } catch (NativeDaemonConnectorException e) {
2539 throw e.rethrowAsParcelableException();
2540 }
2541 }
2542
2543 @Override
Robert Greenwalt913c8952014-04-07 17:36:35 -0700[diff] [blame]2544 public void addLegacyRouteForNetId(int netId, RouteInfo routeInfo, int uid) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2545 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2546
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]2547 final Command cmd = new Command("network", "route", "legacy", uid, "add", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2548
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2549 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandrancc91c7b2014-06-03 18:41:43 -0700[diff] [blame]2550 final LinkAddress la = routeInfo.getDestinationLinkAddress();
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2551 cmd.appendArg(routeInfo.getInterface());
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]2552 cmd.appendArg(la.getAddress().getHostAddress() + "/" + la.getPrefixLength());
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2553 if (routeInfo.hasGateway()) {
2554 cmd.appendArg(routeInfo.getGateway().getHostAddress());
2555 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2556
2557 try {
2558 mConnector.execute(cmd);
2559 } catch (NativeDaemonConnectorException e) {
2560 throw e.rethrowAsParcelableException();
2561 }
2562 }
2563
2564 @Override
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2565 public void setDefaultNetId(int netId) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2566 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2567
2568 try {
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2569 mConnector.execute("network", "default", "set", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2570 } catch (NativeDaemonConnectorException e) {
2571 throw e.rethrowAsParcelableException();
2572 }
2573 }
2574
2575 @Override
2576 public void clearDefaultNetId() {
2577 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2578
2579 try {
2580 mConnector.execute("network", "default", "clear");
2581 } catch (NativeDaemonConnectorException e) {
2582 throw e.rethrowAsParcelableException();
2583 }
2584 }
2585
2586 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2587 public void setNetworkPermission(int netId, String permission) {
2588 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2589
2590 try {
2591 if (permission != null) {
2592 mConnector.execute("network", "permission", "network", "set", permission, netId);
2593 } else {
2594 mConnector.execute("network", "permission", "network", "clear", netId);
2595 }
2596 } catch (NativeDaemonConnectorException e) {
2597 throw e.rethrowAsParcelableException();
2598 }
2599 }
2600
2601
2602 @Override
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2603 public void setPermission(String permission, int[] uids) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2604 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2605
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2606 Object[] argv = new Object[4 + MAX_UID_RANGES_PER_COMMAND];
2607 argv[0] = "permission";
2608 argv[1] = "user";
2609 argv[2] = "set";
2610 argv[3] = permission;
2611 int argc = 4;
2612 // Avoid overly long commands by limiting number of UIDs per command.
2613 for (int i = 0; i < uids.length; ++i) {
2614 argv[argc++] = uids[i];
2615 if (i == uids.length - 1 || argc == argv.length) {
2616 try {
2617 mConnector.execute("network", Arrays.copyOf(argv, argc));
2618 } catch (NativeDaemonConnectorException e) {
2619 throw e.rethrowAsParcelableException();
2620 }
2621 argc = 4;
2622 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2623 }
2624 }
2625
2626 @Override
2627 public void clearPermission(int[] uids) {
2628 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2629
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2630 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
2631 argv[0] = "permission";
2632 argv[1] = "user";
2633 argv[2] = "clear";
2634 int argc = 3;
2635 // Avoid overly long commands by limiting number of UIDs per command.
2636 for (int i = 0; i < uids.length; ++i) {
2637 argv[argc++] = uids[i];
2638 if (i == uids.length - 1 || argc == argv.length) {
2639 try {
2640 mConnector.execute("network", Arrays.copyOf(argv, argc));
2641 } catch (NativeDaemonConnectorException e) {
2642 throw e.rethrowAsParcelableException();
2643 }
2644 argc = 3;
2645 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2646 }
2647 }
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2648
2649 @Override
2650 public void allowProtect(int uid) {
2651 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2652
2653 try {
2654 mConnector.execute("network", "protect", "allow", uid);
2655 } catch (NativeDaemonConnectorException e) {
2656 throw e.rethrowAsParcelableException();
2657 }
2658 }
2659
2660 @Override
2661 public void denyProtect(int uid) {
2662 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2663
2664 try {
2665 mConnector.execute("network", "protect", "deny", uid);
2666 } catch (NativeDaemonConnectorException e) {
2667 throw e.rethrowAsParcelableException();
2668 }
2669 }
2670
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2671 @Override
2672 public void addInterfaceToLocalNetwork(String iface, List<RouteInfo> routes) {
2673 modifyInterfaceInNetwork("add", "local", iface);
2674
2675 for (RouteInfo route : routes) {
2676 if (!route.isDefaultRoute()) {
2677 modifyRoute("add", "local", route);
2678 }
2679 }
2680 }
2681
2682 @Override
2683 public void removeInterfaceFromLocalNetwork(String iface) {
2684 modifyInterfaceInNetwork("remove", "local", iface);
2685 }
Erik Kline6599ee82016-07-17 21:28:39 +0900[diff] [blame]2686
2687 @Override
2688 public int removeRoutesFromLocalNetwork(List<RouteInfo> routes) {
2689 int failures = 0;
2690
2691 for (RouteInfo route : routes) {
2692 try {
2693 modifyRoute("remove", "local", route);
2694 } catch (IllegalStateException e) {
2695 failures++;
2696 }
2697 }
2698
2699 return failures;
2700 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2701
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2702 @Override
2703 public boolean isNetworkRestricted(int uid) {
2704 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2705 return isNetworkRestrictedInternal(uid);
2706 }
2707
2708 private boolean isNetworkRestrictedInternal(int uid) {
2709 synchronized (mRulesLock) {
2710 if (getFirewallChainState(FIREWALL_CHAIN_STANDBY)
2711 && mUidFirewallStandbyRules.get(uid) == FIREWALL_RULE_DENY) {
2712 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of app standby mode");
2713 return true;
2714 }
2715 if (getFirewallChainState(FIREWALL_CHAIN_DOZABLE)
2716 && mUidFirewallDozableRules.get(uid) != FIREWALL_RULE_ALLOW) {
2717 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of device idle mode");
2718 return true;
2719 }
2720 if (getFirewallChainState(FIREWALL_CHAIN_POWERSAVE)
2721 && mUidFirewallPowerSaveRules.get(uid) != FIREWALL_RULE_ALLOW) {
2722 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of power saver mode");
2723 return true;
2724 }
2725 if (mUidRejectOnMetered.get(uid)) {
2726 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of no metered data"
2727 + " in the background");
2728 return true;
2729 }
2730 if (mDataSaverMode && !mUidAllowOnMetered.get(uid)) {
2731 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of data saver mode");
2732 return true;
2733 }
2734 return false;
2735 }
2736 }
2737
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2738 private void setFirewallChainState(int chain, boolean state) {
2739 synchronized (mRulesLock) {
2740 mFirewallChainStates.put(chain, state);
2741 }
2742 }
2743
2744 private boolean getFirewallChainState(int chain) {
2745 synchronized (mRulesLock) {
2746 return mFirewallChainStates.get(chain);
2747 }
2748 }
2749
2750 @VisibleForTesting
2751 class LocalService extends NetworkManagementInternal {
2752 @Override
2753 public boolean isNetworkRestrictedForUid(int uid) {
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2754 return isNetworkRestrictedInternal(uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2755 }
2756 }
2757
2758 @VisibleForTesting
2759 Injector getInjector() {
2760 return new Injector();
2761 }
2762
2763 @VisibleForTesting
2764 class Injector {
2765 void setDataSaverMode(boolean dataSaverMode) {
2766 mDataSaverMode = dataSaverMode;
2767 }
2768
2769 void setFirewallChainState(int chain, boolean state) {
2770 NetworkManagementService.this.setFirewallChainState(chain, state);
2771 }
2772
2773 void setFirewallRule(int chain, int uid, int rule) {
2774 synchronized (mRulesLock) {
2775 getUidFirewallRulesLR(chain).put(uid, rule);
2776 }
2777 }
2778
2779 void setUidOnMeteredNetworkList(boolean blacklist, int uid, boolean enable) {
2780 synchronized (mRulesLock) {
2781 if (blacklist) {
2782 mUidRejectOnMetered.put(uid, enable);
2783 } else {
2784 mUidAllowOnMetered.put(uid, enable);
2785 }
2786 }
2787 }
2788
2789 void reset() {
2790 synchronized (mRulesLock) {
2791 setDataSaverMode(false);
2792 final int[] chains = {
2793 FIREWALL_CHAIN_DOZABLE,
2794 FIREWALL_CHAIN_STANDBY,
2795 FIREWALL_CHAIN_POWERSAVE
2796 };
2797 for (int chain : chains) {
2798 setFirewallChainState(chain, false);
2799 getUidFirewallRulesLR(chain).clear();
2800 }
2801 mUidAllowOnMetered.clear();
2802 mUidRejectOnMetered.clear();
2803 }
2804 }
2805 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]2806}