Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 473eb872f66bd51a2debc18616720f2432f1d121 / . / services / core / java / com / android / server / NetworkManagementService.java
blob: e4f26f858a897221018aada598d6a14f66004970 [file] [log] [blame]
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1/*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server;
18
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]19import static android.Manifest.permission.CONNECTIVITY_INTERNAL;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]20import static android.Manifest.permission.DUMP;
Sehee Parka9139bc2017-12-22 13:54:05 +0900[diff] [blame]21import static android.Manifest.permission.NETWORK_SETTINGS;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]22import static android.Manifest.permission.NETWORK_STACK;
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]23import static android.Manifest.permission.SHUTDOWN;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]24import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE;
25import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE;
26import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]27import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]28import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_STANDBY;
29import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]30import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]31import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_STANDBY;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]32import static android.net.NetworkPolicyManager.FIREWALL_RULE_ALLOW;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]33import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]34import static android.net.NetworkPolicyManager.FIREWALL_RULE_DENY;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]35import static android.net.NetworkPolicyManager.FIREWALL_TYPE_BLACKLIST;
36import static android.net.NetworkPolicyManager.FIREWALL_TYPE_WHITELIST;
Jeff Sharkeyb5d55e32011-08-10 17:53:27 -0700[diff] [blame]37import static android.net.NetworkStats.SET_DEFAULT;
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]38import static android.net.NetworkStats.STATS_PER_UID;
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]39import static android.net.NetworkStats.TAG_ALL;
Jeff Sharkey1b5a2a92011-06-18 18:34:16 -0700[diff] [blame]40import static android.net.NetworkStats.TAG_NONE;
41import static android.net.NetworkStats.UID_ALL;
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]42import static android.net.TrafficStats.UID_TETHERING;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]43import static com.android.server.NetworkManagementService.NetdResponseCode.ClatdStatusResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]44import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceGetCfgResult;
45import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]46import static com.android.server.NetworkManagementService.NetdResponseCode.IpFwdStatusResult;
47import static com.android.server.NetworkManagementService.NetdResponseCode.TetherDnsFwdTgtListResult;
48import static com.android.server.NetworkManagementService.NetdResponseCode.TetherInterfaceListResult;
49import static com.android.server.NetworkManagementService.NetdResponseCode.TetherStatusResult;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]50import static com.android.server.NetworkManagementService.NetdResponseCode.TetheringStatsListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]51import static com.android.server.NetworkManagementService.NetdResponseCode.TtyListResult;
Jeff Sharkeya63ba592011-07-19 23:47:12 -0700[diff] [blame]52import static com.android.server.NetworkManagementSocketTagger.PROP_QTAGUID_ENABLED;
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]53
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]54import android.annotation.NonNull;
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]55import android.app.ActivityManager;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]56import android.content.ContentResolver;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]57import android.content.Context;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]58import android.net.ConnectivityManager;
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]59import android.net.INetd;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]60import android.net.INetworkManagementEventObserver;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]61import android.net.ITetheringStatsProvider;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]62import android.net.InterfaceConfiguration;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]63import android.net.IpPrefix;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]64import android.net.LinkAddress;
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]65import android.net.Network;
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]66import android.net.NetworkPolicyManager;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]67import android.net.NetworkStats;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]68import android.net.NetworkUtils;
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]69import android.net.RouteInfo;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]70import android.net.UidRange;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]71import android.net.util.NetdService;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]72import android.net.wifi.WifiConfiguration;
73import android.net.wifi.WifiConfiguration.KeyMgmt;
Dianne Hackborn91268cf2013-06-13 19:06:50 -0700[diff] [blame]74import android.os.BatteryStats;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]75import android.os.Binder;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]76import android.os.Handler;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]77import android.os.IBinder;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]78import android.os.INetworkActivityListener;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]79import android.os.INetworkManagementService;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]80import android.os.PersistableBundle;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]81import android.os.PowerManager;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]82import android.os.Process;
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]83import android.os.RemoteCallbackList;
84import android.os.RemoteException;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]85import android.os.ServiceManager;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]86import android.os.ServiceSpecificException;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]87import android.os.StrictMode;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]88import android.os.SystemClock;
Marco Nelissen62dbb222010-02-18 10:56:30 -0800[diff] [blame]89import android.os.SystemProperties;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]90import android.os.Trace;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]91import android.provider.Settings;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]92import android.telephony.DataConnectionRealTimeInfo;
93import android.telephony.PhoneStateListener;
Wink Savillefb40dd42014-06-12 17:02:31 -0700[diff] [blame]94import android.telephony.SubscriptionManager;
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]95import android.telephony.TelephonyManager;
Erik Kline4d092232017-10-30 15:29:44 +0900[diff] [blame]96import android.text.TextUtils;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]97import android.util.Log;
Joe Onorato8a9b2202010-02-26 18:56:32 -0800[diff] [blame]98import android.util.Slog;
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]99import android.util.SparseBooleanArray;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]100import android.util.SparseIntArray;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]101
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]102import com.android.internal.annotations.GuardedBy;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]103import com.android.internal.annotations.VisibleForTesting;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]104import com.android.internal.app.IBatteryStats;
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]105import com.android.internal.net.NetworkStatsFactory;
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]106import com.android.internal.util.DumpUtils;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]107import com.android.internal.util.HexDump;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]108import com.android.internal.util.Preconditions;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]109import com.android.server.NativeDaemonConnector.Command;
Jeff Sharkey56cd6462013-06-07 15:09:15 -0700[diff] [blame]110import com.android.server.NativeDaemonConnector.SensitiveArg;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]111import com.google.android.collect.Maps;
Jeff Sharkey4414cea2011-06-24 17:05:24 -0700[diff] [blame]112
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]113import java.io.BufferedReader;
114import java.io.DataInputStream;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]115import java.io.File;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]116import java.io.FileDescriptor;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]117import java.io.FileInputStream;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]118import java.io.IOException;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]119import java.io.InputStreamReader;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]120import java.io.PrintWriter;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]121import java.net.InetAddress;
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]122import java.net.InterfaceAddress;
123import java.net.NetworkInterface;
124import java.net.SocketException;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]125import java.util.ArrayList;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]126import java.util.Arrays;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]127import java.util.HashMap;
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]128import java.util.List;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]129import java.util.Map;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]130import java.util.NoSuchElementException;
131import java.util.StringTokenizer;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]132import java.util.concurrent.CountDownLatch;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]133
134/**
135 * @hide
136 */
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]137public class NetworkManagementService extends INetworkManagementService.Stub
138 implements Watchdog.Monitor {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]139
140 /**
141 * Helper class that encapsulates NetworkManagementService dependencies and makes them
142 * easier to mock in unit tests.
143 */
144 static class SystemServices {
145 public IBinder getService(String name) {
146 return ServiceManager.getService(name);
147 }
148 public void registerLocalService(NetworkManagementInternal nmi) {
149 LocalServices.addService(NetworkManagementInternal.class, nmi);
150 }
151 public INetd getNetd() {
152 return NetdService.get();
153 }
154 }
155
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]156 private static final String TAG = "NetworkManagement";
157 private static final boolean DBG = Log.isLoggable(TAG, Log.DEBUG);
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]158 private static final String NETD_TAG = "NetdConnector";
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]159 static final String NETD_SERVICE_NAME = "netd";
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]160
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]161 private static final int MAX_UID_RANGES_PER_COMMAND = 10;
162
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]163 /**
164 * Name representing {@link #setGlobalAlert(long)} limit when delivered to
165 * {@link INetworkManagementEventObserver#limitReached(String, String)}.
166 */
167 public static final String LIMIT_GLOBAL_ALERT = "globalAlert";
168
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]169 /**
170 * String to pass to netd to indicate that a network is only accessible
171 * to apps that have the CHANGE_NETWORK_STATE permission.
172 */
173 public static final String PERMISSION_NETWORK = "NETWORK";
174
175 /**
176 * String to pass to netd to indicate that a network is only
177 * accessible to system apps and those with the CONNECTIVITY_INTERNAL
178 * permission.
179 */
180 public static final String PERMISSION_SYSTEM = "SYSTEM";
181
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]182 static class NetdResponseCode {
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]183 /* Keep in sync with system/netd/server/ResponseCode.h */
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]184 public static final int InterfaceListResult = 110;
185 public static final int TetherInterfaceListResult = 111;
186 public static final int TetherDnsFwdTgtListResult = 112;
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]187 public static final int TtyListResult = 113;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]188 public static final int TetheringStatsListResult = 114;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]189
190 public static final int TetherStatusResult = 210;
191 public static final int IpFwdStatusResult = 211;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]192 public static final int InterfaceGetCfgResult = 213;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]193 public static final int SoftapStatusResult = 214;
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]194 public static final int InterfaceRxCounterResult = 216;
195 public static final int InterfaceTxCounterResult = 217;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]196 public static final int QuotaCounterResult = 220;
197 public static final int TetheringStatsResult = 221;
Selim Gurun84c00c62012-02-27 15:42:38 -0800[diff] [blame]198 public static final int DnsProxyQueryResult = 222;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]199 public static final int ClatdStatusResult = 223;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]200
201 public static final int InterfaceChange = 600;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]202 public static final int BandwidthControl = 601;
Haoyu Bai6b7358d2012-07-17 16:36:50 -0700[diff] [blame]203 public static final int InterfaceClassActivity = 613;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]204 public static final int InterfaceAddressChange = 614;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]205 public static final int InterfaceDnsServerInfo = 615;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]206 public static final int RouteChange = 616;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]207 public static final int StrictCleartext = 617;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]208 }
209
Rebecca Silbersteine2ec94f2016-03-24 13:29:00 -0700[diff] [blame]210 /**
211 * String indicating a softap command.
212 */
213 static final String SOFT_AP_COMMAND = "softap";
214
215 /**
216 * String passed back to netd connector indicating softap command success.
217 */
218 static final String SOFT_AP_COMMAND_SUCCESS = "Ok";
219
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]220 static final int DAEMON_MSG_MOBILE_CONN_REAL_TIME_INFO = 1;
221
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]222 /**
223 * Binder context for this service
224 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]225 private final Context mContext;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]226
227 /**
228 * connector object for communicating with netd
229 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]230 private final NativeDaemonConnector mConnector;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]231
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]232 private final Handler mFgHandler;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]233 private final Handler mDaemonHandler;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]234
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]235 private final SystemServices mServices;
236
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]237 private INetd mNetdService;
238
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]239 private IBatteryStats mBatteryStats;
240
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]241 private final Thread mThread;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]242 private CountDownLatch mConnectedSignal = new CountDownLatch(1);
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]243
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]244 private final RemoteCallbackList<INetworkManagementEventObserver> mObservers =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]245 new RemoteCallbackList<>();
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]246
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]247 private final NetworkStatsFactory mStatsFactory = new NetworkStatsFactory();
248
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]249 @GuardedBy("mTetheringStatsProviders")
250 private final HashMap<ITetheringStatsProvider, String>
251 mTetheringStatsProviders = Maps.newHashMap();
252
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]253 /**
254 * If both locks need to be held, then they should be obtained in the order:
255 * first {@link #mQuotaLock} and then {@link #mRulesLock}.
256 */
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]257 private final Object mQuotaLock = new Object();
Andrew Scull519291f2017-05-23 13:11:03 +0100[diff] [blame]258 private final Object mRulesLock = new Object();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]259
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]260 /** Set of interfaces with active quotas. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]261 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]262 private HashMap<String, Long> mActiveQuotas = Maps.newHashMap();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]263 /** Set of interfaces with active alerts. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]264 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]265 private HashMap<String, Long> mActiveAlerts = Maps.newHashMap();
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]266 /** Set of UIDs blacklisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]267 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]268 private SparseBooleanArray mUidRejectOnMetered = new SparseBooleanArray();
269 /** Set of UIDs whitelisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]270 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]271 private SparseBooleanArray mUidAllowOnMetered = new SparseBooleanArray();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]272 /** Set of UIDs with cleartext penalties. */
273 @GuardedBy("mQuotaLock")
274 private SparseIntArray mUidCleartextPolicy = new SparseIntArray();
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]275 /** Set of UIDs that are to be blocked/allowed by firewall controller. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]276 @GuardedBy("mRulesLock")
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]277 private SparseIntArray mUidFirewallRules = new SparseIntArray();
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]278 /**
279 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
280 * to application idles.
281 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]282 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]283 private SparseIntArray mUidFirewallStandbyRules = new SparseIntArray();
284 /**
285 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
286 * to device idles.
287 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]288 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]289 private SparseIntArray mUidFirewallDozableRules = new SparseIntArray();
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]290 /**
291 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
292 * to device on power-save mode.
293 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]294 @GuardedBy("mRulesLock")
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]295 private SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]296 /** Set of states for the child firewall chains. True if the chain is active. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]297 @GuardedBy("mRulesLock")
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]298 final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]299
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]300 @GuardedBy("mQuotaLock")
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]301 private volatile boolean mDataSaverMode;
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]302
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]303 private final Object mIdleTimerLock = new Object();
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]304 /** Set of interfaces with active idle timers. */
305 private static class IdleTimerParams {
306 public final int timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]307 public final int type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]308 public int networkCount;
309
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]310 IdleTimerParams(int timeout, int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]311 this.timeout = timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]312 this.type = type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]313 this.networkCount = 1;
314 }
315 }
316 private HashMap<String, IdleTimerParams> mActiveIdleTimers = Maps.newHashMap();
317
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]318 private volatile boolean mBandwidthControlEnabled;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]319 private volatile boolean mFirewallEnabled;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]320 private volatile boolean mStrictEnabled;
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]321
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]322 private boolean mMobileActivityFromRadio = false;
323 private int mLastPowerStateFromRadio = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]324 private int mLastPowerStateFromWifi = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]325
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]326 private final RemoteCallbackList<INetworkActivityListener> mNetworkActivityListeners =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]327 new RemoteCallbackList<>();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]328 private boolean mNetworkActive;
329
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]330 /**
331 * Constructs a new NetworkManagementService instance
332 *
333 * @param context Binder context for this service
334 */
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]335 private NetworkManagementService(
336 Context context, String socket, SystemServices services) {
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]337 mContext = context;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]338 mServices = services;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]339
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]340 // make sure this is on the same looper as our NativeDaemonConnector for sync purposes
341 mFgHandler = new Handler(FgThread.get().getLooper());
342
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]343 // Don't need this wake lock, since we now have a time stamp for when
344 // the network actually went inactive. (It might be nice to still do this,
345 // but I don't want to do it through the power manager because that pollutes the
346 // battery stats history with pointless noise.)
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]347 //PowerManager pm = (PowerManager)context.getSystemService(Context.POWER_SERVICE);
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]348 PowerManager.WakeLock wl = null; //pm.newWakeLock(PowerManager.PARTIAL_WAKE_LOCK, NETD_TAG);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]349
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]350 mConnector = new NativeDaemonConnector(
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]351 new NetdCallbackReceiver(), socket, 10, NETD_TAG, 160, wl,
352 FgThread.get().getLooper());
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]353 mThread = new Thread(mConnector, NETD_TAG);
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]354
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]355 mDaemonHandler = new Handler(FgThread.get().getLooper());
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]356
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]357 // Add ourself to the Watchdog monitors.
358 Watchdog.getInstance().addMonitor(this);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]359
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]360 mServices.registerLocalService(new LocalService());
Lorenzo Colitti8228eb32017-07-19 06:17:33 +0900[diff] [blame]361
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]362 synchronized (mTetheringStatsProviders) {
363 mTetheringStatsProviders.put(new NetdTetheringStatsProvider(), "netd");
364 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]365 }
366
367 @VisibleForTesting
368 NetworkManagementService() {
369 mConnector = null;
370 mContext = null;
371 mDaemonHandler = null;
372 mFgHandler = null;
373 mThread = null;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]374 mServices = null;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]375 }
376
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]377 static NetworkManagementService create(Context context, String socket, SystemServices services)
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]378 throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]379 final NetworkManagementService service =
380 new NetworkManagementService(context, socket, services);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]381 final CountDownLatch connectedSignal = service.mConnectedSignal;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]382 if (DBG) Slog.d(TAG, "Creating NetworkManagementService");
383 service.mThread.start();
384 if (DBG) Slog.d(TAG, "Awaiting socket connection");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]385 connectedSignal.await();
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]386 if (DBG) Slog.d(TAG, "Connected");
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]387 if (DBG) Slog.d(TAG, "Connecting native netd service");
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]388 service.connectNativeNetdService();
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]389 if (DBG) Slog.d(TAG, "Connected");
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]390 return service;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]391 }
392
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]393 public static NetworkManagementService create(Context context) throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]394 return create(context, NETD_SERVICE_NAME, new SystemServices());
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]395 }
396
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]397 public void systemReady() {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]398 if (DBG) {
399 final long start = System.currentTimeMillis();
400 prepareNativeDaemon();
401 final long delta = System.currentTimeMillis() - start;
402 Slog.d(TAG, "Prepared in " + delta + "ms");
403 return;
404 } else {
405 prepareNativeDaemon();
406 }
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]407 }
408
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]409 private IBatteryStats getBatteryStats() {
410 synchronized (this) {
411 if (mBatteryStats != null) {
412 return mBatteryStats;
413 }
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]414 mBatteryStats =
415 IBatteryStats.Stub.asInterface(mServices.getService(BatteryStats.SERVICE_NAME));
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]416 return mBatteryStats;
417 }
418 }
419
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]420 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]421 public void registerObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]422 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]423 mObservers.register(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]424 }
425
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]426 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]427 public void unregisterObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]428 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]429 mObservers.unregister(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]430 }
431
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]432 @FunctionalInterface
433 private interface NetworkManagementEventCallback {
434 public void sendCallback(INetworkManagementEventObserver o) throws RemoteException;
435 }
436
437 private void invokeForAllObservers(NetworkManagementEventCallback eventCallback) {
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]438 final int length = mObservers.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]439 try {
440 for (int i = 0; i < length; i++) {
441 try {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]442 eventCallback.sendCallback(mObservers.getBroadcastItem(i));
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]443 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]444 }
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]445 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]446 } finally {
447 mObservers.finishBroadcast();
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]448 }
449 }
450
451 /**
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]452 * Notify our observers of an interface status change
453 */
454 private void notifyInterfaceStatusChanged(String iface, boolean up) {
455 invokeForAllObservers(o -> o.interfaceStatusChanged(iface, up));
456 }
457
458 /**
Mike J. Chenf59c7d02011-06-23 15:33:15 -0700[diff] [blame]459 * Notify our observers of an interface link state change
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]460 * (typically, an Ethernet cable has been plugged-in or unplugged).
461 */
462 private void notifyInterfaceLinkStateChanged(String iface, boolean up) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]463 invokeForAllObservers(o -> o.interfaceLinkStateChanged(iface, up));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]464 }
465
466 /**
467 * Notify our observers of an interface addition.
468 */
469 private void notifyInterfaceAdded(String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]470 invokeForAllObservers(o -> o.interfaceAdded(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]471 }
472
473 /**
474 * Notify our observers of an interface removal.
475 */
476 private void notifyInterfaceRemoved(String iface) {
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]477 // netd already clears out quota and alerts for removed ifaces; update
478 // our sanity-checking state.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]479 mActiveAlerts.remove(iface);
480 mActiveQuotas.remove(iface);
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]481
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]482 invokeForAllObservers(o -> o.interfaceRemoved(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]483 }
484
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]485 /**
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]486 * Notify our observers of a limit reached.
487 */
488 private void notifyLimitReached(String limitName, String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]489 invokeForAllObservers(o -> o.limitReached(limitName, iface));
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]490 }
491
492 /**
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]493 * Notify our observers of a change in the data activity state of the interface
494 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]495 private void notifyInterfaceClassActivity(int type, int powerState, long tsNanos,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]496 int uid, boolean fromRadio) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]497 final boolean isMobile = ConnectivityManager.isNetworkTypeMobile(type);
498 if (isMobile) {
499 if (!fromRadio) {
500 if (mMobileActivityFromRadio) {
501 // If this call is not coming from a report from the radio itself, but we
502 // have previously received reports from the radio, then we will take the
503 // power state to just be whatever the radio last reported.
504 powerState = mLastPowerStateFromRadio;
505 }
506 } else {
507 mMobileActivityFromRadio = true;
508 }
509 if (mLastPowerStateFromRadio != powerState) {
510 mLastPowerStateFromRadio = powerState;
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]511 try {
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]512 getBatteryStats().noteMobileRadioPowerState(powerState, tsNanos, uid);
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]513 } catch (RemoteException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]514 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]515 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]516 }
517
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]518 if (ConnectivityManager.isNetworkTypeWifi(type)) {
519 if (mLastPowerStateFromWifi != powerState) {
520 mLastPowerStateFromWifi = powerState;
521 try {
Adam Lesinski5f056f62016-07-14 16:56:08 -0700[diff] [blame]522 getBatteryStats().noteWifiRadioPowerState(powerState, tsNanos, uid);
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]523 } catch (RemoteException e) {
524 }
525 }
526 }
527
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]528 boolean isActive = powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_MEDIUM
529 || powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH;
530
531 if (!isMobile || fromRadio || !mMobileActivityFromRadio) {
532 // Report the change in data activity. We don't do this if this is a change
533 // on the mobile network, that is not coming from the radio itself, and we
534 // have previously seen change reports from the radio. In that case only
535 // the radio is the authority for the current state.
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]536 final boolean active = isActive;
537 invokeForAllObservers(o -> o.interfaceClassDataActivityChanged(
538 Integer.toString(type), active, tsNanos));
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]539 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]540
541 boolean report = false;
542 synchronized (mIdleTimerLock) {
543 if (mActiveIdleTimers.isEmpty()) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]544 // If there are no idle timers, we are not monitoring activity, so we
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]545 // are always considered active.
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]546 isActive = true;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]547 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]548 if (mNetworkActive != isActive) {
549 mNetworkActive = isActive;
550 report = isActive;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]551 }
552 }
553 if (report) {
554 reportNetworkActive();
555 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]556 }
557
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]558 @Override
559 public void registerTetheringStatsProvider(ITetheringStatsProvider provider, String name) {
560 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
561 Preconditions.checkNotNull(provider);
562 synchronized(mTetheringStatsProviders) {
563 mTetheringStatsProviders.put(provider, name);
564 }
565 }
566
567 @Override
568 public void unregisterTetheringStatsProvider(ITetheringStatsProvider provider) {
569 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
570 synchronized(mTetheringStatsProviders) {
571 mTetheringStatsProviders.remove(provider);
572 }
573 }
574
Lorenzo Colitti9f0baa92017-08-15 19:25:51 +0900[diff] [blame]575 @Override
576 public void tetherLimitReached(ITetheringStatsProvider provider) {
577 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
578 synchronized(mTetheringStatsProviders) {
579 if (!mTetheringStatsProviders.containsKey(provider)) {
580 return;
581 }
582 // No current code examines the interface parameter in a global alert. Just pass null.
583 notifyLimitReached(LIMIT_GLOBAL_ALERT, null);
584 }
585 }
586
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]587 // Sync the state of the given chain with the native daemon.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]588 private void syncFirewallChainLocked(int chain, String name) {
589 SparseIntArray rules;
590 synchronized (mRulesLock) {
591 final SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]592 // Make a copy of the current rules, and then clear them. This is because
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]593 // setFirewallUidRuleInternal only pushes down rules to the native daemon if they
594 // are different from the current rules stored in the mUidFirewall*Rules array for
595 // the specified chain. If we don't clear the rules, setFirewallUidRuleInternal
596 // will do nothing.
597 rules = uidFirewallRules.clone();
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]598 uidFirewallRules.clear();
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]599 }
600 if (rules.size() > 0) {
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]601 // Now push the rules. setFirewallUidRuleInternal will push each of these down to the
602 // native daemon, and also add them to the mUidFirewall*Rules array for the specified
603 // chain.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]604 if (DBG) Slog.d(TAG, "Pushing " + rules.size() + " active firewall "
605 + name + "UID rules");
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]606 for (int i = 0; i < rules.size(); i++) {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]607 setFirewallUidRuleLocked(chain, rules.keyAt(i), rules.valueAt(i));
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]608 }
609 }
610 }
611
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]612 private void connectNativeNetdService() {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]613 mNetdService = mServices.getNetd();
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]614 }
615
616 /**
617 * Prepare native daemon once connected, enabling modules and pushing any
618 * existing in-memory rules.
619 */
620 private void prepareNativeDaemon() {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]621
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]622 mBandwidthControlEnabled = false;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]623
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]624 // only enable bandwidth control when support exists
625 final boolean hasKernelSupport = new File("/proc/net/xt_qtaguid/ctrl").exists();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]626
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]627 // push any existing quota or UID rules
628 synchronized (mQuotaLock) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]629
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]630 if (hasKernelSupport) {
631 Slog.d(TAG, "enabling bandwidth control");
632 try {
633 mConnector.execute("bandwidth", "enable");
634 mBandwidthControlEnabled = true;
635 } catch (NativeDaemonConnectorException e) {
636 Log.wtf(TAG, "problem enabling bandwidth controls", e);
637 }
638 } else {
639 Slog.i(TAG, "not enabling bandwidth control");
640 }
641
642 SystemProperties.set(PROP_QTAGUID_ENABLED, mBandwidthControlEnabled ? "1" : "0");
643
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame^]644 mStrictEnabled = true;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]645
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]646 setDataSaverModeEnabled(mDataSaverMode);
647
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]648 int size = mActiveQuotas.size();
649 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]650 if (DBG) Slog.d(TAG, "Pushing " + size + " active quota rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]651 final HashMap<String, Long> activeQuotas = mActiveQuotas;
652 mActiveQuotas = Maps.newHashMap();
653 for (Map.Entry<String, Long> entry : activeQuotas.entrySet()) {
654 setInterfaceQuota(entry.getKey(), entry.getValue());
655 }
656 }
657
658 size = mActiveAlerts.size();
659 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]660 if (DBG) Slog.d(TAG, "Pushing " + size + " active alert rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]661 final HashMap<String, Long> activeAlerts = mActiveAlerts;
662 mActiveAlerts = Maps.newHashMap();
663 for (Map.Entry<String, Long> entry : activeAlerts.entrySet()) {
664 setInterfaceAlert(entry.getKey(), entry.getValue());
665 }
666 }
667
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]668 SparseBooleanArray uidRejectOnQuota = null;
669 SparseBooleanArray uidAcceptOnQuota = null;
670 synchronized (mRulesLock) {
671 size = mUidRejectOnMetered.size();
672 if (size > 0) {
673 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered blacklist rules");
674 uidRejectOnQuota = mUidRejectOnMetered;
675 mUidRejectOnMetered = new SparseBooleanArray();
676 }
677
678 size = mUidAllowOnMetered.size();
679 if (size > 0) {
680 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered whitelist rules");
681 uidAcceptOnQuota = mUidAllowOnMetered;
682 mUidAllowOnMetered = new SparseBooleanArray();
683 }
684 }
685 if (uidRejectOnQuota != null) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]686 for (int i = 0; i < uidRejectOnQuota.size(); i++) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]687 setUidMeteredNetworkBlacklist(uidRejectOnQuota.keyAt(i),
688 uidRejectOnQuota.valueAt(i));
689 }
690 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]691 if (uidAcceptOnQuota != null) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]692 for (int i = 0; i < uidAcceptOnQuota.size(); i++) {
693 setUidMeteredNetworkWhitelist(uidAcceptOnQuota.keyAt(i),
694 uidAcceptOnQuota.valueAt(i));
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]695 }
696 }
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]697
698 size = mUidCleartextPolicy.size();
699 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]700 if (DBG) Slog.d(TAG, "Pushing " + size + " active UID cleartext policies");
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]701 final SparseIntArray local = mUidCleartextPolicy;
702 mUidCleartextPolicy = new SparseIntArray();
703 for (int i = 0; i < local.size(); i++) {
704 setUidCleartextNetworkPolicy(local.keyAt(i), local.valueAt(i));
705 }
706 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]707
Robin Leec3736bc2017-03-10 16:19:54 +0000[diff] [blame]708 setFirewallEnabled(mFirewallEnabled);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]709
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]710 syncFirewallChainLocked(FIREWALL_CHAIN_NONE, "");
711 syncFirewallChainLocked(FIREWALL_CHAIN_STANDBY, "standby ");
712 syncFirewallChainLocked(FIREWALL_CHAIN_DOZABLE, "dozable ");
713 syncFirewallChainLocked(FIREWALL_CHAIN_POWERSAVE, "powersave ");
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]714
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]715 final int[] chains =
716 {FIREWALL_CHAIN_STANDBY, FIREWALL_CHAIN_DOZABLE, FIREWALL_CHAIN_POWERSAVE};
717 for (int chain : chains) {
718 if (getFirewallChainState(chain)) {
719 setFirewallChainEnabled(chain, true);
720 }
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]721 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]722 }
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]723
724 if (mBandwidthControlEnabled) {
725 try {
726 getBatteryStats().noteNetworkStatsEnabled();
727 } catch (RemoteException e) {
728 }
729 }
730
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]731 }
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]732
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]733 /**
734 * Notify our observers of a new or updated interface address.
735 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]736 private void notifyAddressUpdated(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]737 invokeForAllObservers(o -> o.addressUpdated(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]738 }
739
740 /**
741 * Notify our observers of a deleted interface address.
742 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]743 private void notifyAddressRemoved(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]744 invokeForAllObservers(o -> o.addressRemoved(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]745 }
746
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]747 /**
748 * Notify our observers of DNS server information received.
749 */
750 private void notifyInterfaceDnsServerInfo(String iface, long lifetime, String[] addresses) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]751 invokeForAllObservers(o -> o.interfaceDnsServerInfo(iface, lifetime, addresses));
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]752 }
753
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]754 /**
755 * Notify our observers of a route change.
756 */
757 private void notifyRouteChange(String action, RouteInfo route) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]758 if (action.equals("updated")) {
759 invokeForAllObservers(o -> o.routeUpdated(route));
760 } else {
761 invokeForAllObservers(o -> o.routeRemoved(route));
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]762 }
763 }
764
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]765 //
766 // Netd Callback handling
767 //
768
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]769 private class NetdCallbackReceiver implements INativeDaemonConnectorCallbacks {
770 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]771 public void onDaemonConnected() {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]772 Slog.i(TAG, "onDaemonConnected()");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]773 // event is dispatched from internal NDC thread, so we prepare the
774 // daemon back on main thread.
775 if (mConnectedSignal != null) {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]776 // The system is booting and we're connecting to netd for the first time.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]777 mConnectedSignal.countDown();
778 mConnectedSignal = null;
779 } else {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]780 // We're reconnecting to netd after the socket connection
781 // was interrupted (e.g., if it crashed).
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]782 mFgHandler.post(new Runnable() {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]783 @Override
784 public void run() {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]785 connectNativeNetdService();
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]786 prepareNativeDaemon();
787 }
788 });
789 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]790 }
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]791
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]792 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]793 public boolean onCheckHoldWakeLock(int code) {
794 return code == NetdResponseCode.InterfaceClassActivity;
795 }
796
797 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]798 public boolean onEvent(int code, String raw, String[] cooked) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]799 String errorMessage = String.format("Invalid event from daemon (%s)", raw);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]800 switch (code) {
801 case NetdResponseCode.InterfaceChange:
802 /*
803 * a network interface change occured
804 * Format: "NNN Iface added <name>"
805 * "NNN Iface removed <name>"
806 * "NNN Iface changed <name> <up/down>"
807 * "NNN Iface linkstatus <name> <up/down>"
808 */
809 if (cooked.length < 4 || !cooked[1].equals("Iface")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]810 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]811 }
812 if (cooked[2].equals("added")) {
813 notifyInterfaceAdded(cooked[3]);
814 return true;
815 } else if (cooked[2].equals("removed")) {
816 notifyInterfaceRemoved(cooked[3]);
817 return true;
818 } else if (cooked[2].equals("changed") && cooked.length == 5) {
819 notifyInterfaceStatusChanged(cooked[3], cooked[4].equals("up"));
820 return true;
821 } else if (cooked[2].equals("linkstate") && cooked.length == 5) {
822 notifyInterfaceLinkStateChanged(cooked[3], cooked[4].equals("up"));
823 return true;
824 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]825 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]826 // break;
827 case NetdResponseCode.BandwidthControl:
828 /*
829 * Bandwidth control needs some attention
830 * Format: "NNN limit alert <alertName> <ifaceName>"
831 */
832 if (cooked.length < 5 || !cooked[1].equals("limit")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]833 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]834 }
835 if (cooked[2].equals("alert")) {
836 notifyLimitReached(cooked[3], cooked[4]);
837 return true;
838 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]839 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]840 // break;
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]841 case NetdResponseCode.InterfaceClassActivity:
842 /*
843 * An network interface class state changed (active/idle)
844 * Format: "NNN IfaceClass <active/idle> <label>"
845 */
846 if (cooked.length < 4 || !cooked[1].equals("IfaceClass")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]847 throw new IllegalStateException(errorMessage);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]848 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]849 long timestampNanos = 0;
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]850 int processUid = -1;
851 if (cooked.length >= 5) {
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]852 try {
853 timestampNanos = Long.parseLong(cooked[4]);
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]854 if (cooked.length == 6) {
855 processUid = Integer.parseInt(cooked[5]);
856 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]857 } catch(NumberFormatException ne) {}
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]858 } else {
859 timestampNanos = SystemClock.elapsedRealtimeNanos();
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]860 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]861 boolean isActive = cooked[2].equals("active");
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]862 notifyInterfaceClassActivity(Integer.parseInt(cooked[3]),
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]863 isActive ? DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]864 : DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
865 timestampNanos, processUid, false);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]866 return true;
867 // break;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]868 case NetdResponseCode.InterfaceAddressChange:
869 /*
870 * A network address change occurred
871 * Format: "NNN Address updated <addr> <iface> <flags> <scope>"
872 * "NNN Address removed <addr> <iface> <flags> <scope>"
873 */
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]874 if (cooked.length < 7 || !cooked[1].equals("Address")) {
875 throw new IllegalStateException(errorMessage);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]876 }
877
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]878 String iface = cooked[4];
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]879 LinkAddress address;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]880 try {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]881 int flags = Integer.parseInt(cooked[5]);
882 int scope = Integer.parseInt(cooked[6]);
883 address = new LinkAddress(cooked[3], flags, scope);
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]884 } catch(NumberFormatException e) { // Non-numeric lifetime or scope.
885 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]886 } catch(IllegalArgumentException e) { // Malformed/invalid IP address.
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]887 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]888 }
889
890 if (cooked[2].equals("updated")) {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]891 notifyAddressUpdated(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]892 } else {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]893 notifyAddressRemoved(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]894 }
895 return true;
896 // break;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]897 case NetdResponseCode.InterfaceDnsServerInfo:
898 /*
899 * Information about available DNS servers has been received.
900 * Format: "NNN DnsInfo servers <interface> <lifetime> <servers>"
901 */
902 long lifetime; // Actually a 32-bit unsigned integer.
903
904 if (cooked.length == 6 &&
905 cooked[1].equals("DnsInfo") &&
906 cooked[2].equals("servers")) {
907 try {
908 lifetime = Long.parseLong(cooked[4]);
909 } catch (NumberFormatException e) {
910 throw new IllegalStateException(errorMessage);
911 }
912 String[] servers = cooked[5].split(",");
913 notifyInterfaceDnsServerInfo(cooked[3], lifetime, servers);
914 }
915 return true;
916 // break;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]917 case NetdResponseCode.RouteChange:
918 /*
919 * A route has been updated or removed.
920 * Format: "NNN Route <updated|removed> <dst> [via <gateway] [dev <iface>]"
921 */
922 if (!cooked[1].equals("Route") || cooked.length < 6) {
923 throw new IllegalStateException(errorMessage);
924 }
925
926 String via = null;
927 String dev = null;
928 boolean valid = true;
929 for (int i = 4; (i + 1) < cooked.length && valid; i += 2) {
930 if (cooked[i].equals("dev")) {
931 if (dev == null) {
932 dev = cooked[i+1];
933 } else {
934 valid = false; // Duplicate interface.
935 }
936 } else if (cooked[i].equals("via")) {
937 if (via == null) {
938 via = cooked[i+1];
939 } else {
940 valid = false; // Duplicate gateway.
941 }
942 } else {
943 valid = false; // Unknown syntax.
944 }
945 }
946 if (valid) {
947 try {
948 // InetAddress.parseNumericAddress(null) inexplicably returns ::1.
949 InetAddress gateway = null;
950 if (via != null) gateway = InetAddress.parseNumericAddress(via);
951 RouteInfo route = new RouteInfo(new IpPrefix(cooked[3]), gateway, dev);
952 notifyRouteChange(cooked[2], route);
953 return true;
954 } catch (IllegalArgumentException e) {}
955 }
956 throw new IllegalStateException(errorMessage);
957 // break;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]958 case NetdResponseCode.StrictCleartext:
959 final int uid = Integer.parseInt(cooked[1]);
960 final byte[] firstPacket = HexDump.hexStringToByteArray(cooked[2]);
961 try {
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]962 ActivityManager.getService().notifyCleartextNetwork(uid, firstPacket);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]963 } catch (RemoteException ignored) {
964 }
965 break;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]966 default: break;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]967 }
968 return false;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]969 }
970 }
971
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]972
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]973 //
974 // INetworkManagementService members
975 //
Erik Kline4e37b702016-07-05 11:34:21 +0900[diff] [blame]976 @Override
977 public INetd getNetdService() throws RemoteException {
978 final CountDownLatch connectedSignal = mConnectedSignal;
979 if (connectedSignal != null) {
980 try {
981 connectedSignal.await();
982 } catch (InterruptedException ignored) {}
983 }
984
985 return mNetdService;
986 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]987
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]988 @Override
989 public String[] listInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]990 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]991 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]992 return NativeDaemonEvent.filterMessageList(
993 mConnector.executeForList("interface", "list"), InterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]994 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]995 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]996 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]997 }
998
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]999 @Override
1000 public InterfaceConfiguration getInterfaceConfig(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1001 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1002
1003 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1004 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1005 event = mConnector.execute("interface", "getcfg", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1006 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1007 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1008 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1009
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1010 event.checkCode(InterfaceGetCfgResult);
1011
1012 // Rsp: 213 xx:xx:xx:xx:xx:xx yyy.yyy.yyy.yyy zzz flag1 flag2 flag3
1013 final StringTokenizer st = new StringTokenizer(event.getMessage());
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1014
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1015 InterfaceConfiguration cfg;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1016 try {
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1017 cfg = new InterfaceConfiguration();
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1018 cfg.setHardwareAddress(st.nextToken(" "));
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1019 InetAddress addr = null;
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1020 int prefixLength = 0;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1021 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1022 addr = NetworkUtils.numericToInetAddress(st.nextToken());
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1023 } catch (IllegalArgumentException iae) {
1024 Slog.e(TAG, "Failed to parse ipaddr", iae);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1025 }
1026
1027 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1028 prefixLength = Integer.parseInt(st.nextToken());
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1029 } catch (NumberFormatException nfe) {
1030 Slog.e(TAG, "Failed to parse prefixLength", nfe);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1031 }
Robert Greenwalt04808c22010-12-13 17:01:41 -0800[diff] [blame]1032
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1033 cfg.setLinkAddress(new LinkAddress(addr, prefixLength));
1034 while (st.hasMoreTokens()) {
1035 cfg.setFlag(st.nextToken());
1036 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1037 } catch (NoSuchElementException nsee) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1038 throw new IllegalStateException("Invalid response from daemon: " + event);
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1039 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1040 return cfg;
1041 }
1042
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1043 @Override
1044 public void setInterfaceConfig(String iface, InterfaceConfiguration cfg) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1045 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1046 LinkAddress linkAddr = cfg.getLinkAddress();
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1047 if (linkAddr == null || linkAddr.getAddress() == null) {
1048 throw new IllegalStateException("Null LinkAddress given");
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1049 }
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1050
1051 final Command cmd = new Command("interface", "setcfg", iface,
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1052 linkAddr.getAddress().getHostAddress(),
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]1053 linkAddr.getPrefixLength());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1054 for (String flag : cfg.getFlags()) {
1055 cmd.appendArg(flag);
1056 }
1057
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1058 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1059 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1060 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1061 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1062 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1063 }
1064
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1065 @Override
1066 public void setInterfaceDown(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1067 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1068 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1069 ifcg.setInterfaceDown();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1070 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1071 }
1072
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1073 @Override
1074 public void setInterfaceUp(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1075 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1076 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1077 ifcg.setInterfaceUp();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1078 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1079 }
1080
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1081 @Override
1082 public void setInterfaceIpv6PrivacyExtensions(String iface, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1083 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1084 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1085 mConnector.execute(
1086 "interface", "ipv6privacyextensions", iface, enable ? "enable" : "disable");
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1087 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1088 throw e.rethrowAsParcelableException();
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1089 }
1090 }
1091
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1092 /* TODO: This is right now a IPv4 only function. Works for wifi which loses its
1093 IPv6 addresses on interface down, but we need to do full clean up here */
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1094 @Override
1095 public void clearInterfaceAddresses(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1096 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1097 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1098 mConnector.execute("interface", "clearaddrs", iface);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1099 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1100 throw e.rethrowAsParcelableException();
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1101 }
1102 }
1103
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1104 @Override
1105 public void enableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1106 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1107 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1108 mConnector.execute("interface", "ipv6", iface, "enable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1109 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1110 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1111 }
1112 }
1113
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1114 @Override
Joel Scherpelz2db10742017-06-07 15:38:38 +0900[diff] [blame]1115 public void setIPv6AddrGenMode(String iface, int mode) throws ServiceSpecificException {
1116 try {
1117 mNetdService.setIPv6AddrGenMode(iface, mode);
1118 } catch (RemoteException e) {
1119 throw e.rethrowAsRuntimeException();
1120 }
1121 }
1122
1123 @Override
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1124 public void disableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1125 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1126 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1127 mConnector.execute("interface", "ipv6", iface, "disable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1128 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1129 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1130 }
1131 }
1132
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1133 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1134 public void addRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1135 modifyRoute("add", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1136 }
1137
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1138 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1139 public void removeRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1140 modifyRoute("remove", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1141 }
1142
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1143 private void modifyRoute(String action, String netId, RouteInfo route) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1144 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1145
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1146 final Command cmd = new Command("network", "route", action, netId);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1147
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1148 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1149 cmd.appendArg(route.getInterface());
Lorenzo Colitti4b0f8e62014-09-19 01:49:05 +0900[diff] [blame]1150 cmd.appendArg(route.getDestination().toString());
1151
1152 switch (route.getType()) {
1153 case RouteInfo.RTN_UNICAST:
1154 if (route.hasGateway()) {
1155 cmd.appendArg(route.getGateway().getHostAddress());
1156 }
1157 break;
1158 case RouteInfo.RTN_UNREACHABLE:
1159 cmd.appendArg("unreachable");
1160 break;
1161 case RouteInfo.RTN_THROW:
1162 cmd.appendArg("throw");
1163 break;
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]1164 }
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1165
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1166 try {
1167 mConnector.execute(cmd);
1168 } catch (NativeDaemonConnectorException e) {
1169 throw e.rethrowAsParcelableException();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1170 }
1171 }
1172
1173 private ArrayList<String> readRouteList(String filename) {
1174 FileInputStream fstream = null;
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1175 ArrayList<String> list = new ArrayList<>();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1176
1177 try {
1178 fstream = new FileInputStream(filename);
1179 DataInputStream in = new DataInputStream(fstream);
1180 BufferedReader br = new BufferedReader(new InputStreamReader(in));
1181 String s;
1182
1183 // throw away the title line
1184
1185 while (((s = br.readLine()) != null) && (s.length() != 0)) {
1186 list.add(s);
1187 }
1188 } catch (IOException ex) {
1189 // return current list, possibly empty
1190 } finally {
1191 if (fstream != null) {
1192 try {
1193 fstream.close();
1194 } catch (IOException ex) {}
1195 }
1196 }
1197
1198 return list;
1199 }
1200
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1201 @Override
sy.yun9d9b74a2013-09-02 05:24:09 +0900[diff] [blame]1202 public void setMtu(String iface, int mtu) {
1203 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1204
1205 final NativeDaemonEvent event;
1206 try {
1207 event = mConnector.execute("interface", "setmtu", iface, mtu);
1208 } catch (NativeDaemonConnectorException e) {
1209 throw e.rethrowAsParcelableException();
1210 }
1211 }
1212
1213 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1214 public void shutdown() {
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1215 // TODO: remove from aidl if nobody calls externally
1216 mContext.enforceCallingOrSelfPermission(SHUTDOWN, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1217
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]1218 Slog.i(TAG, "Shutting down");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1219 }
1220
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1221 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1222 public boolean getIpForwardingEnabled() throws IllegalStateException{
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1223 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1224
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1225 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1226 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1227 event = mConnector.execute("ipfwd", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1228 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1229 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1230 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1231
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1232 // 211 Forwarding enabled
1233 event.checkCode(IpFwdStatusResult);
1234 return event.getMessage().endsWith("enabled");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1235 }
1236
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1237 @Override
1238 public void setIpForwardingEnabled(boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1239 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1240 try {
Nilesh Poddarf3d4a582015-02-24 12:11:11 -0800[diff] [blame]1241 mConnector.execute("ipfwd", enable ? "enable" : "disable", "tethering");
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1242 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1243 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1244 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1245 }
1246
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1247 @Override
1248 public void startTethering(String[] dhcpRange) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1249 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1250 // cmd is "tether start first_start first_stop second_start second_stop ..."
1251 // an odd number of addrs will fail
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1252
1253 final Command cmd = new Command("tether", "start");
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1254 for (String d : dhcpRange) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1255 cmd.appendArg(d);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1256 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1257
1258 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1259 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1260 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1261 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1262 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1263 }
1264
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1265 @Override
1266 public void stopTethering() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1267 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1268 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1269 mConnector.execute("tether", "stop");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1270 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1271 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1272 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1273 }
1274
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1275 @Override
1276 public boolean isTetheringStarted() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1277 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1278
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1279 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1280 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1281 event = mConnector.execute("tether", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1282 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1283 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1284 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1285
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1286 // 210 Tethering services started
1287 event.checkCode(TetherStatusResult);
1288 return event.getMessage().endsWith("started");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1289 }
Matthew Xiefe19f122012-07-12 16:03:32 -0700[diff] [blame]1290
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1291 @Override
1292 public void tetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1293 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1294 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1295 mConnector.execute("tether", "interface", "add", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1296 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1297 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1298 }
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1299 List<RouteInfo> routes = new ArrayList<>();
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1300 // The RouteInfo constructor truncates the LinkAddress to a network prefix, thus making it
1301 // suitable to use as a route destination.
1302 routes.add(new RouteInfo(getInterfaceConfig(iface).getLinkAddress(), null, iface));
1303 addInterfaceToLocalNetwork(iface, routes);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1304 }
1305
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1306 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1307 public void untetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1308 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1309 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1310 mConnector.execute("tether", "interface", "remove", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1311 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1312 throw e.rethrowAsParcelableException();
Erik Kline1f4278a2016-08-16 16:46:33 +0900[diff] [blame]1313 } finally {
1314 removeInterfaceFromLocalNetwork(iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1315 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1316 }
1317
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1318 @Override
1319 public String[] listTetheredInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1320 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1321 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1322 return NativeDaemonEvent.filterMessageList(
1323 mConnector.executeForList("tether", "interface", "list"),
1324 TetherInterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1325 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1326 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1327 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1328 }
1329
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1330 @Override
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1331 public void setDnsForwarders(Network network, String[] dns) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1332 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1333
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1334 int netId = (network != null) ? network.netId : ConnectivityManager.NETID_UNSET;
1335 final Command cmd = new Command("tether", "dns", "set", netId);
1336
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1337 for (String s : dns) {
1338 cmd.appendArg(NetworkUtils.numericToInetAddress(s).getHostAddress());
1339 }
1340
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1341 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1342 mConnector.execute(cmd);
1343 } catch (NativeDaemonConnectorException e) {
1344 throw e.rethrowAsParcelableException();
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1345 }
1346 }
1347
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1348 @Override
1349 public String[] getDnsForwarders() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1350 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1351 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1352 return NativeDaemonEvent.filterMessageList(
1353 mConnector.executeForList("tether", "dns", "list"), TetherDnsFwdTgtListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1354 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1355 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1356 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1357 }
1358
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1359 private List<InterfaceAddress> excludeLinkLocal(List<InterfaceAddress> addresses) {
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1360 ArrayList<InterfaceAddress> filtered = new ArrayList<>(addresses.size());
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1361 for (InterfaceAddress ia : addresses) {
1362 if (!ia.getAddress().isLinkLocalAddress())
1363 filtered.add(ia);
1364 }
1365 return filtered;
1366 }
1367
Lorenzo Colitti35e36db2015-02-26 01:25:36 +0900[diff] [blame]1368 private void modifyInterfaceForward(boolean add, String fromIface, String toIface) {
1369 final Command cmd = new Command("ipfwd", add ? "add" : "remove", fromIface, toIface);
1370 try {
1371 mConnector.execute(cmd);
1372 } catch (NativeDaemonConnectorException e) {
1373 throw e.rethrowAsParcelableException();
1374 }
1375 }
1376
1377 @Override
1378 public void startInterfaceForwarding(String fromIface, String toIface) {
1379 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1380 modifyInterfaceForward(true, fromIface, toIface);
1381 }
1382
1383 @Override
1384 public void stopInterfaceForwarding(String fromIface, String toIface) {
1385 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1386 modifyInterfaceForward(false, fromIface, toIface);
1387 }
1388
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1389 private void modifyNat(String action, String internalInterface, String externalInterface)
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1390 throws SocketException {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1391 final Command cmd = new Command("nat", action, internalInterface, externalInterface);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1392
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1393 final NetworkInterface internalNetworkInterface = NetworkInterface.getByName(
1394 internalInterface);
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1395 if (internalNetworkInterface == null) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1396 cmd.appendArg("0");
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1397 } else {
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1398 // Don't touch link-local routes, as link-local addresses aren't routable,
1399 // kernel creates link-local routes on all interfaces automatically
1400 List<InterfaceAddress> interfaceAddresses = excludeLinkLocal(
1401 internalNetworkInterface.getInterfaceAddresses());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1402 cmd.appendArg(interfaceAddresses.size());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1403 for (InterfaceAddress ia : interfaceAddresses) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1404 InetAddress addr = NetworkUtils.getNetworkPart(
1405 ia.getAddress(), ia.getNetworkPrefixLength());
1406 cmd.appendArg(addr.getHostAddress() + "/" + ia.getNetworkPrefixLength());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1407 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1408 }
1409
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1410 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1411 mConnector.execute(cmd);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1412 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1413 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1414 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1415 }
1416
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1417 @Override
1418 public void enableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1419 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1420 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1421 modifyNat("enable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1422 } catch (SocketException e) {
1423 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1424 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1425 }
1426
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1427 @Override
1428 public void disableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1429 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1430 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1431 modifyNat("disable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1432 } catch (SocketException e) {
1433 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1434 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1435 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1436
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1437 @Override
1438 public String[] listTtys() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1439 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1440 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1441 return NativeDaemonEvent.filterMessageList(
1442 mConnector.executeForList("list_ttys"), TtyListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1443 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1444 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1445 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1446 }
1447
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1448 @Override
1449 public void attachPppd(
1450 String tty, String localAddr, String remoteAddr, String dns1Addr, String dns2Addr) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1451 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1452 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1453 mConnector.execute("pppd", "attach", tty,
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1454 NetworkUtils.numericToInetAddress(localAddr).getHostAddress(),
1455 NetworkUtils.numericToInetAddress(remoteAddr).getHostAddress(),
1456 NetworkUtils.numericToInetAddress(dns1Addr).getHostAddress(),
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1457 NetworkUtils.numericToInetAddress(dns2Addr).getHostAddress());
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1458 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1459 throw e.rethrowAsParcelableException();
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1460 }
1461 }
1462
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1463 @Override
1464 public void detachPppd(String tty) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1465 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1466 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1467 mConnector.execute("pppd", "detach", tty);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1468 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1469 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1470 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1471 }
Robert Greenwaltce1200d2010-02-18 11:25:54 -0800[diff] [blame]1472
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1473 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1474 public void addIdleTimer(String iface, int timeout, final int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1475 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1476
1477 if (DBG) Slog.d(TAG, "Adding idletimer");
1478
1479 synchronized (mIdleTimerLock) {
1480 IdleTimerParams params = mActiveIdleTimers.get(iface);
1481 if (params != null) {
1482 // the interface already has idletimer, update network count
1483 params.networkCount++;
1484 return;
1485 }
1486
1487 try {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1488 mConnector.execute("idletimer", "add", iface, Integer.toString(timeout),
1489 Integer.toString(type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1490 } catch (NativeDaemonConnectorException e) {
1491 throw e.rethrowAsParcelableException();
1492 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1493 mActiveIdleTimers.put(iface, new IdleTimerParams(timeout, type));
1494
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]1495 // Networks start up.
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1496 if (ConnectivityManager.isNetworkTypeMobile(type)) {
1497 mNetworkActive = false;
1498 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1499 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1500 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1501 notifyInterfaceClassActivity(type,
1502 DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1503 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1504 }
1505 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1506 }
1507 }
1508
1509 @Override
1510 public void removeIdleTimer(String iface) {
1511 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1512
1513 if (DBG) Slog.d(TAG, "Removing idletimer");
1514
1515 synchronized (mIdleTimerLock) {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1516 final IdleTimerParams params = mActiveIdleTimers.get(iface);
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1517 if (params == null || --(params.networkCount) > 0) {
1518 return;
1519 }
1520
1521 try {
1522 mConnector.execute("idletimer", "remove", iface,
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1523 Integer.toString(params.timeout), Integer.toString(params.type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1524 } catch (NativeDaemonConnectorException e) {
1525 throw e.rethrowAsParcelableException();
1526 }
1527 mActiveIdleTimers.remove(iface);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1528 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1529 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1530 notifyInterfaceClassActivity(params.type,
1531 DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1532 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1533 }
1534 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1535 }
1536 }
1537
1538 @Override
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1539 public NetworkStats getNetworkStatsSummaryDev() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1540 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1541 try {
1542 return mStatsFactory.readNetworkStatsSummaryDev();
1543 } catch (IOException e) {
1544 throw new IllegalStateException(e);
1545 }
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1546 }
1547
1548 @Override
1549 public NetworkStats getNetworkStatsSummaryXt() {
1550 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1551 try {
1552 return mStatsFactory.readNetworkStatsSummaryXt();
1553 } catch (IOException e) {
1554 throw new IllegalStateException(e);
1555 }
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]1556 }
1557
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1558 @Override
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]1559 public NetworkStats getNetworkStatsDetail() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1560 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1561 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1562 return mStatsFactory.readNetworkStatsDetail(UID_ALL, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1563 } catch (IOException e) {
1564 throw new IllegalStateException(e);
1565 }
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]1566 }
1567
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1568 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1569 public void setInterfaceQuota(String iface, long quotaBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1570 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1571
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1572 // silently discard when control disabled
1573 // TODO: eventually migrate to be always enabled
1574 if (!mBandwidthControlEnabled) return;
1575
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1576 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1577 if (mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1578 throw new IllegalStateException("iface " + iface + " already has quota");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1579 }
1580
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1581 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1582 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1583 mConnector.execute("bandwidth", "setiquota", iface, quotaBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1584 mActiveQuotas.put(iface, quotaBytes);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1585 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1586 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1587 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1588
1589 synchronized (mTetheringStatsProviders) {
1590 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1591 try {
1592 provider.setInterfaceQuota(iface, quotaBytes);
1593 } catch (RemoteException e) {
1594 Log.e(TAG, "Problem setting tethering data limit on provider " +
1595 mTetheringStatsProviders.get(provider) + ": " + e);
1596 }
1597 }
1598 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1599 }
1600 }
1601
1602 @Override
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1603 public void removeInterfaceQuota(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1604 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1605
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1606 // silently discard when control disabled
1607 // TODO: eventually migrate to be always enabled
1608 if (!mBandwidthControlEnabled) return;
1609
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1610 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1611 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1612 // TODO: eventually consider throwing
1613 return;
1614 }
1615
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1616 mActiveQuotas.remove(iface);
1617 mActiveAlerts.remove(iface);
Jeff Sharkey38ddeaa2011-11-08 13:04:22 -0800[diff] [blame]1618
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1619 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1620 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1621 mConnector.execute("bandwidth", "removeiquota", iface);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1622 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1623 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1624 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1625
1626 synchronized (mTetheringStatsProviders) {
1627 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1628 try {
1629 provider.setInterfaceQuota(iface, ITetheringStatsProvider.QUOTA_UNLIMITED);
1630 } catch (RemoteException e) {
1631 Log.e(TAG, "Problem removing tethering data limit on provider " +
1632 mTetheringStatsProviders.get(provider) + ": " + e);
1633 }
1634 }
1635 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1636 }
1637 }
1638
1639 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1640 public void setInterfaceAlert(String iface, long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1641 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1642
1643 // silently discard when control disabled
1644 // TODO: eventually migrate to be always enabled
1645 if (!mBandwidthControlEnabled) return;
1646
1647 // quick sanity check
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1648 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1649 throw new IllegalStateException("setting alert requires existing quota on iface");
1650 }
1651
1652 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1653 if (mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1654 throw new IllegalStateException("iface " + iface + " already has alert");
1655 }
1656
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1657 try {
1658 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1659 mConnector.execute("bandwidth", "setinterfacealert", iface, alertBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1660 mActiveAlerts.put(iface, alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1661 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1662 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1663 }
1664 }
1665 }
1666
1667 @Override
1668 public void removeInterfaceAlert(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1669 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1670
1671 // silently discard when control disabled
1672 // TODO: eventually migrate to be always enabled
1673 if (!mBandwidthControlEnabled) return;
1674
1675 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1676 if (!mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1677 // TODO: eventually consider throwing
1678 return;
1679 }
1680
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1681 try {
1682 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1683 mConnector.execute("bandwidth", "removeinterfacealert", iface);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1684 mActiveAlerts.remove(iface);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1685 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1686 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1687 }
1688 }
1689 }
1690
1691 @Override
1692 public void setGlobalAlert(long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1693 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1694
1695 // silently discard when control disabled
1696 // TODO: eventually migrate to be always enabled
1697 if (!mBandwidthControlEnabled) return;
1698
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1699 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1700 mConnector.execute("bandwidth", "setglobalalert", alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1701 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1702 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1703 }
1704 }
1705
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1706 private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1707 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1708
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1709 // silently discard when control disabled
1710 // TODO: eventually migrate to be always enabled
1711 if (!mBandwidthControlEnabled) return;
1712
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1713 final String chain = blacklist ? "naughtyapps" : "niceapps";
1714 final String suffix = enable ? "add" : "remove";
1715
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1716 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1717 boolean oldEnable;
1718 SparseBooleanArray quotaList;
1719 synchronized (mRulesLock) {
1720 quotaList = blacklist ? mUidRejectOnMetered : mUidAllowOnMetered;
1721 oldEnable = quotaList.get(uid, false);
1722 }
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1723 if (oldEnable == enable) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1724 // TODO: eventually consider throwing
1725 return;
1726 }
1727
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1728 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "inetd bandwidth");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1729 try {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1730 mConnector.execute("bandwidth", suffix + chain, uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1731 synchronized (mRulesLock) {
1732 if (enable) {
1733 quotaList.put(uid, true);
1734 } else {
1735 quotaList.delete(uid);
1736 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1737 }
1738 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1739 throw e.rethrowAsParcelableException();
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1740 } finally {
1741 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1742 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1743 }
1744 }
1745
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1746 @Override
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1747 public void setUidMeteredNetworkBlacklist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1748 setUidOnMeteredNetworkList(uid, true, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1749 }
1750
1751 @Override
1752 public void setUidMeteredNetworkWhitelist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1753 setUidOnMeteredNetworkList(uid, false, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1754 }
1755
1756 @Override
1757 public boolean setDataSaverModeEnabled(boolean enable) {
Sehee Parka9139bc2017-12-22 13:54:05 +0900[diff] [blame]1758 mContext.enforceCallingOrSelfPermission(NETWORK_SETTINGS, TAG);
1759
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1760 if (DBG) Log.d(TAG, "setDataSaverMode: " + enable);
1761 synchronized (mQuotaLock) {
1762 if (mDataSaverMode == enable) {
1763 Log.w(TAG, "setDataSaverMode(): already " + mDataSaverMode);
1764 return true;
1765 }
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1766 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "bandwidthEnableDataSaver");
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1767 try {
1768 final boolean changed = mNetdService.bandwidthEnableDataSaver(enable);
1769 if (changed) {
1770 mDataSaverMode = enable;
1771 } else {
1772 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command silently failed");
1773 }
1774 return changed;
1775 } catch (RemoteException e) {
1776 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command failed", e);
1777 return false;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1778 } finally {
1779 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1780 }
1781 }
1782 }
1783
1784 @Override
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1785 public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges)
1786 throws ServiceSpecificException {
Rubin Xu2ea6c552018-01-11 10:59:19 +0000[diff] [blame]1787 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
1788
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1789 try {
1790 mNetdService.networkRejectNonSecureVpn(add, uidRanges);
1791 } catch (ServiceSpecificException e) {
1792 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1793 + ": netd command failed", e);
1794 throw e;
1795 } catch (RemoteException e) {
1796 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1797 + ": netd command failed", e);
1798 throw e.rethrowAsRuntimeException();
1799 }
1800 }
1801
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1802 private void applyUidCleartextNetworkPolicy(int uid, int policy) {
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame^]1803 final int policyValue;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1804 switch (policy) {
1805 case StrictMode.NETWORK_POLICY_ACCEPT:
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame^]1806 policyValue = INetd.PENALTY_POLICY_ACCEPT;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1807 break;
1808 case StrictMode.NETWORK_POLICY_LOG:
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame^]1809 policyValue = INetd.PENALTY_POLICY_LOG;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1810 break;
1811 case StrictMode.NETWORK_POLICY_REJECT:
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame^]1812 policyValue = INetd.PENALTY_POLICY_REJECT;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1813 break;
1814 default:
1815 throw new IllegalArgumentException("Unknown policy " + policy);
1816 }
1817
1818 try {
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame^]1819 mNetdService.strictUidCleartextPenalty(uid, policyValue);
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1820 mUidCleartextPolicy.put(uid, policy);
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame^]1821 } catch (RemoteException | ServiceSpecificException e) {
1822 throw new IllegalStateException(e);
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1823 }
1824 }
1825
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1826 @Override
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1827 public void setUidCleartextNetworkPolicy(int uid, int policy) {
1828 if (Binder.getCallingUid() != uid) {
1829 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1830 }
1831
1832 synchronized (mQuotaLock) {
1833 final int oldPolicy = mUidCleartextPolicy.get(uid, StrictMode.NETWORK_POLICY_ACCEPT);
1834 if (oldPolicy == policy) {
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1835 // This also ensures we won't needlessly apply an ACCEPT policy if we've just
1836 // enabled strict and the underlying iptables rules are empty.
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1837 return;
1838 }
1839
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame^]1840 // TODO: remove this code after removing prepareNativeDaemon()
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1841 if (!mStrictEnabled) {
1842 // Module isn't enabled yet; stash the requested policy away to
1843 // apply later once the daemon is connected.
1844 mUidCleartextPolicy.put(uid, policy);
1845 return;
1846 }
1847
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1848 // netd does not keep state on strict mode policies, and cannot replace a non-accept
1849 // policy without deleting it first. Rather than add state to netd, just always send
1850 // it an accept policy when switching between two non-accept policies.
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1851 // TODO: consider keeping state in netd so we can simplify this code.
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1852 if (oldPolicy != StrictMode.NETWORK_POLICY_ACCEPT &&
1853 policy != StrictMode.NETWORK_POLICY_ACCEPT) {
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1854 applyUidCleartextNetworkPolicy(uid, StrictMode.NETWORK_POLICY_ACCEPT);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1855 }
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1856
1857 applyUidCleartextNetworkPolicy(uid, policy);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1858 }
1859 }
1860
1861 @Override
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1862 public boolean isBandwidthControlEnabled() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1863 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1864 return mBandwidthControlEnabled;
1865 }
1866
1867 @Override
Remi NGUYEN VAN088ff682018-03-06 12:36:54 +0900[diff] [blame]1868 public NetworkStats getNetworkStatsUidDetail(int uid, String[] ifaces) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1869 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1870 try {
Remi NGUYEN VAN088ff682018-03-06 12:36:54 +0900[diff] [blame]1871 return mStatsFactory.readNetworkStatsDetail(uid, ifaces, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1872 } catch (IOException e) {
1873 throw new IllegalStateException(e);
1874 }
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1875 }
1876
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1877 private class NetdTetheringStatsProvider extends ITetheringStatsProvider.Stub {
1878 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1879 public NetworkStats getTetherStats(int how) {
1880 // We only need to return per-UID stats. Per-device stats are already counted by
1881 // interface counters.
1882 if (how != STATS_PER_UID) {
1883 return new NetworkStats(SystemClock.elapsedRealtime(), 0);
1884 }
1885
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1886 final PersistableBundle bundle;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1887 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1888 bundle = mNetdService.tetherGetStats();
1889 } catch (RemoteException | ServiceSpecificException e) {
1890 throw new IllegalStateException("problem parsing tethering stats: ", e);
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1891 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1892
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1893 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(),
1894 bundle.size());
1895 final NetworkStats.Entry entry = new NetworkStats.Entry();
1896
1897 for (String iface : bundle.keySet()) {
1898 long[] statsArray = bundle.getLongArray(iface);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1899 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1900 entry.iface = iface;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1901 entry.uid = UID_TETHERING;
1902 entry.set = SET_DEFAULT;
1903 entry.tag = TAG_NONE;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1904 entry.rxBytes = statsArray[INetd.TETHER_STATS_RX_BYTES];
1905 entry.rxPackets = statsArray[INetd.TETHER_STATS_RX_PACKETS];
1906 entry.txBytes = statsArray[INetd.TETHER_STATS_TX_BYTES];
1907 entry.txPackets = statsArray[INetd.TETHER_STATS_TX_PACKETS];
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1908 stats.combineValues(entry);
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1909 } catch (ArrayIndexOutOfBoundsException e) {
1910 throw new IllegalStateException("invalid tethering stats for " + iface, e);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1911 }
1912 }
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1913
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1914 return stats;
1915 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1916
1917 @Override
1918 public void setInterfaceQuota(String iface, long quotaBytes) {
1919 // Do nothing. netd is already informed of quota changes in setInterfaceQuota.
1920 }
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1921 }
1922
1923 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1924 public NetworkStats getNetworkStatsTethering(int how) {
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1925 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1926
1927 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1);
1928 synchronized (mTetheringStatsProviders) {
1929 for (ITetheringStatsProvider provider: mTetheringStatsProviders.keySet()) {
1930 try {
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1931 stats.combineAllValues(provider.getTetherStats(how));
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1932 } catch (RemoteException e) {
1933 Log.e(TAG, "Problem reading tethering stats from " +
1934 mTetheringStatsProviders.get(provider) + ": " + e);
1935 }
1936 }
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1937 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1938 return stats;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1939 }
1940
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1941 @Override
Erik Kline1742fe12017-12-13 19:40:49 +0900[diff] [blame]1942 public void setDnsConfigurationForNetwork(int netId, String[] servers, String[] domains,
Erik Klinee5dac902018-03-04 21:01:01 +0900[diff] [blame]1943 int[] params, String tlsHostname, String[] tlsServers) {
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1944 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1945
Ben Schwartz6ec28df2017-10-02 13:08:06 -0400[diff] [blame]1946 final String[] tlsFingerprints = new String[0];
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1947 try {
Erik Kline1742fe12017-12-13 19:40:49 +0900[diff] [blame]1948 mNetdService.setResolverConfiguration(
Erik Klinee5dac902018-03-04 21:01:01 +0900[diff] [blame]1949 netId, servers, domains, params, tlsHostname, tlsServers, tlsFingerprints);
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1950 } catch (RemoteException e) {
1951 throw new RuntimeException(e);
1952 }
1953 }
1954
1955 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1956 public void addVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1957 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1958 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1959 argv[0] = "users";
1960 argv[1] = "add";
1961 argv[2] = netId;
1962 int argc = 3;
1963 // Avoid overly long commands by limiting number of UID ranges per command.
1964 for (int i = 0; i < ranges.length; i++) {
1965 argv[argc++] = ranges[i].toString();
1966 if (i == (ranges.length - 1) || argc == argv.length) {
1967 try {
1968 mConnector.execute("network", Arrays.copyOf(argv, argc));
1969 } catch (NativeDaemonConnectorException e) {
1970 throw e.rethrowAsParcelableException();
1971 }
1972 argc = 3;
1973 }
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1974 }
1975 }
1976
1977 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1978 public void removeVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1979 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1980 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1981 argv[0] = "users";
1982 argv[1] = "remove";
1983 argv[2] = netId;
1984 int argc = 3;
1985 // Avoid overly long commands by limiting number of UID ranges per command.
1986 for (int i = 0; i < ranges.length; i++) {
1987 argv[argc++] = ranges[i].toString();
1988 if (i == (ranges.length - 1) || argc == argv.length) {
1989 try {
1990 mConnector.execute("network", Arrays.copyOf(argv, argc));
1991 } catch (NativeDaemonConnectorException e) {
1992 throw e.rethrowAsParcelableException();
1993 }
1994 argc = 3;
1995 }
Chad Brubakercca54c42013-06-27 17:41:38 -0700[diff] [blame]1996 }
1997 }
1998
1999 @Override
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2000 public void setFirewallEnabled(boolean enabled) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2001 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2002 try {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2003 mConnector.execute("firewall", "enable", enabled ? "whitelist" : "blacklist");
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2004 mFirewallEnabled = enabled;
2005 } catch (NativeDaemonConnectorException e) {
2006 throw e.rethrowAsParcelableException();
2007 }
2008 }
2009
2010 @Override
2011 public boolean isFirewallEnabled() {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2012 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2013 return mFirewallEnabled;
2014 }
2015
2016 @Override
Jeff Sharkey2c092982012-08-24 11:44:40 -0700[diff] [blame]2017 public void setFirewallInterfaceRule(String iface, boolean allow) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2018 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2019 Preconditions.checkState(mFirewallEnabled);
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2020 final String rule = allow ? "allow" : "deny";
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2021 try {
2022 mConnector.execute("firewall", "set_interface_rule", iface, rule);
2023 } catch (NativeDaemonConnectorException e) {
2024 throw e.rethrowAsParcelableException();
2025 }
2026 }
2027
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2028 private void closeSocketsForFirewallChainLocked(int chain, String chainName) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2029 // UID ranges to close sockets on.
2030 UidRange[] ranges;
2031 // UID ranges whose sockets we won't touch.
2032 int[] exemptUids;
2033
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2034 int numUids = 0;
2035
2036 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2037 // Close all sockets on all non-system UIDs...
2038 ranges = new UidRange[] {
2039 // TODO: is there a better way of finding all existing users? If so, we could
2040 // specify their ranges here.
2041 new UidRange(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE),
2042 };
2043 // ... except for the UIDs that have allow rules.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2044 synchronized (mRulesLock) {
2045 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2046 exemptUids = new int[rules.size()];
2047 for (int i = 0; i < exemptUids.length; i++) {
2048 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2049 exemptUids[numUids] = rules.keyAt(i);
2050 numUids++;
2051 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2052 }
2053 }
2054 // Normally, whitelist chains only contain deny rules, so numUids == exemptUids.length.
2055 // But the code does not guarantee this in any way, and at least in one case - if we add
2056 // a UID rule to the firewall, and then disable the firewall - the chains can contain
2057 // the wrong type of rule. In this case, don't close connections that we shouldn't.
2058 //
2059 // TODO: tighten up this code by ensuring we never set the wrong type of rule, and
2060 // fix setFirewallEnabled to grab mQuotaLock and clear rules.
2061 if (numUids != exemptUids.length) {
2062 exemptUids = Arrays.copyOf(exemptUids, numUids);
2063 }
2064 } else {
2065 // Close sockets for every UID that has a deny rule...
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2066 synchronized (mRulesLock) {
2067 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2068 ranges = new UidRange[rules.size()];
2069 for (int i = 0; i < ranges.length; i++) {
2070 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2071 int uid = rules.keyAt(i);
2072 ranges[numUids] = new UidRange(uid, uid);
2073 numUids++;
2074 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2075 }
2076 }
2077 // As above; usually numUids == ranges.length, but not always.
2078 if (numUids != ranges.length) {
2079 ranges = Arrays.copyOf(ranges, numUids);
2080 }
2081 // ... with no exceptions.
2082 exemptUids = new int[0];
2083 }
2084
2085 try {
2086 mNetdService.socketDestroy(ranges, exemptUids);
2087 } catch(RemoteException | ServiceSpecificException e) {
2088 Slog.e(TAG, "Error closing sockets after enabling chain " + chainName + ": " + e);
2089 }
2090 }
2091
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2092 @Override
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2093 public void setFirewallChainEnabled(int chain, boolean enable) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2094 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2095 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2096 synchronized (mRulesLock) {
2097 if (getFirewallChainState(chain) == enable) {
2098 // All is the same, nothing to do. This relies on the fact that netd has child
2099 // chains default detached.
2100 return;
2101 }
2102 setFirewallChainState(chain, enable);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2103 }
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2104
2105 final String operation = enable ? "enable_chain" : "disable_chain";
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2106 final String chainName;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2107 switch(chain) {
2108 case FIREWALL_CHAIN_STANDBY:
2109 chainName = FIREWALL_CHAIN_NAME_STANDBY;
2110 break;
2111 case FIREWALL_CHAIN_DOZABLE:
2112 chainName = FIREWALL_CHAIN_NAME_DOZABLE;
2113 break;
2114 case FIREWALL_CHAIN_POWERSAVE:
2115 chainName = FIREWALL_CHAIN_NAME_POWERSAVE;
2116 break;
2117 default:
2118 throw new IllegalArgumentException("Bad child chain: " + chain);
2119 }
2120
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2121 try {
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2122 mConnector.execute("firewall", operation, chainName);
2123 } catch (NativeDaemonConnectorException e) {
2124 throw e.rethrowAsParcelableException();
2125 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2126
2127 // Close any sockets that were opened by the affected UIDs. This has to be done after
2128 // disabling network connectivity, in case they react to the socket close by reopening
2129 // the connection and race with the iptables commands that enable the firewall. All
2130 // whitelist and blacklist chains allow RSTs through.
2131 if (enable) {
2132 if (DBG) Slog.d(TAG, "Closing sockets after enabling chain " + chainName);
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2133 closeSocketsForFirewallChainLocked(chain, chainName);
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2134 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2135 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2136 }
2137
2138 private int getFirewallType(int chain) {
2139 switch (chain) {
2140 case FIREWALL_CHAIN_STANDBY:
2141 return FIREWALL_TYPE_BLACKLIST;
2142 case FIREWALL_CHAIN_DOZABLE:
2143 return FIREWALL_TYPE_WHITELIST;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2144 case FIREWALL_CHAIN_POWERSAVE:
2145 return FIREWALL_TYPE_WHITELIST;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2146 default:
2147 return isFirewallEnabled() ? FIREWALL_TYPE_WHITELIST : FIREWALL_TYPE_BLACKLIST;
2148 }
2149 }
2150
2151 @Override
2152 public void setFirewallUidRules(int chain, int[] uids, int[] rules) {
2153 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2154 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2155 synchronized (mRulesLock) {
2156 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
2157 SparseIntArray newRules = new SparseIntArray();
2158 // apply new set of rules
2159 for (int index = uids.length - 1; index >= 0; --index) {
2160 int uid = uids[index];
2161 int rule = rules[index];
2162 updateFirewallUidRuleLocked(chain, uid, rule);
2163 newRules.put(uid, rule);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2164 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2165 // collect the rules to remove.
2166 SparseIntArray rulesToRemove = new SparseIntArray();
2167 for (int index = uidFirewallRules.size() - 1; index >= 0; --index) {
2168 int uid = uidFirewallRules.keyAt(index);
2169 if (newRules.indexOfKey(uid) < 0) {
2170 rulesToRemove.put(uid, FIREWALL_RULE_DEFAULT);
2171 }
2172 }
2173 // remove dead rules
2174 for (int index = rulesToRemove.size() - 1; index >= 0; --index) {
2175 int uid = rulesToRemove.keyAt(index);
2176 updateFirewallUidRuleLocked(chain, uid, FIREWALL_RULE_DEFAULT);
2177 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2178 }
2179 try {
2180 switch (chain) {
2181 case FIREWALL_CHAIN_DOZABLE:
2182 mNetdService.firewallReplaceUidChain("fw_dozable", true, uids);
2183 break;
2184 case FIREWALL_CHAIN_STANDBY:
2185 mNetdService.firewallReplaceUidChain("fw_standby", false, uids);
2186 break;
2187 case FIREWALL_CHAIN_POWERSAVE:
2188 mNetdService.firewallReplaceUidChain("fw_powersave", true, uids);
2189 break;
2190 case FIREWALL_CHAIN_NONE:
2191 default:
2192 Slog.d(TAG, "setFirewallUidRules() called on invalid chain: " + chain);
2193 }
2194 } catch (RemoteException e) {
2195 Slog.w(TAG, "Error flushing firewall chain " + chain, e);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2196 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2197 }
2198 }
2199
2200 @Override
2201 public void setFirewallUidRule(int chain, int uid, int rule) {
2202 enforceSystemUid();
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2203 synchronized (mQuotaLock) {
2204 setFirewallUidRuleLocked(chain, uid, rule);
2205 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2206 }
2207
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2208 private void setFirewallUidRuleLocked(int chain, int uid, int rule) {
2209 if (updateFirewallUidRuleLocked(chain, uid, rule)) {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2210 try {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2211 mConnector.execute("firewall", "set_uid_rule", getFirewallChainName(chain), uid,
2212 getFirewallRuleName(chain, rule));
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2213 } catch (NativeDaemonConnectorException e) {
2214 throw e.rethrowAsParcelableException();
2215 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2216 }
2217 }
2218
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2219 // TODO: now that netd supports batching, NMS should not keep these data structures anymore...
2220 private boolean updateFirewallUidRuleLocked(int chain, int uid, int rule) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2221 synchronized (mRulesLock) {
2222 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2223
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2224 final int oldUidFirewallRule = uidFirewallRules.get(uid, FIREWALL_RULE_DEFAULT);
2225 if (DBG) {
2226 Slog.d(TAG, "oldRule = " + oldUidFirewallRule
2227 + ", newRule=" + rule + " for uid=" + uid + " on chain " + chain);
2228 }
2229 if (oldUidFirewallRule == rule) {
2230 if (DBG) Slog.d(TAG, "!!!!! Skipping change");
2231 // TODO: eventually consider throwing
2232 return false;
2233 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2234
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2235 String ruleName = getFirewallRuleName(chain, rule);
2236 String oldRuleName = getFirewallRuleName(chain, oldUidFirewallRule);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2237
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2238 if (rule == NetworkPolicyManager.FIREWALL_RULE_DEFAULT) {
2239 uidFirewallRules.delete(uid);
2240 } else {
2241 uidFirewallRules.put(uid, rule);
2242 }
2243 return !ruleName.equals(oldRuleName);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2244 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2245 }
2246
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2247 private @NonNull String getFirewallRuleName(int chain, int rule) {
2248 String ruleName;
2249 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2250 if (rule == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2251 ruleName = "allow";
2252 } else {
2253 ruleName = "deny";
2254 }
2255 } else { // Blacklist mode
2256 if (rule == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2257 ruleName = "deny";
2258 } else {
2259 ruleName = "allow";
2260 }
2261 }
2262 return ruleName;
2263 }
2264
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2265 private @NonNull SparseIntArray getUidFirewallRulesLR(int chain) {
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2266 switch (chain) {
2267 case FIREWALL_CHAIN_STANDBY:
2268 return mUidFirewallStandbyRules;
2269 case FIREWALL_CHAIN_DOZABLE:
2270 return mUidFirewallDozableRules;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2271 case FIREWALL_CHAIN_POWERSAVE:
2272 return mUidFirewallPowerSaveRules;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2273 case FIREWALL_CHAIN_NONE:
2274 return mUidFirewallRules;
2275 default:
2276 throw new IllegalArgumentException("Unknown chain:" + chain);
2277 }
2278 }
2279
2280 public @NonNull String getFirewallChainName(int chain) {
2281 switch (chain) {
2282 case FIREWALL_CHAIN_STANDBY:
2283 return FIREWALL_CHAIN_NAME_STANDBY;
2284 case FIREWALL_CHAIN_DOZABLE:
2285 return FIREWALL_CHAIN_NAME_DOZABLE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2286 case FIREWALL_CHAIN_POWERSAVE:
2287 return FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2288 case FIREWALL_CHAIN_NONE:
2289 return FIREWALL_CHAIN_NAME_NONE;
2290 default:
2291 throw new IllegalArgumentException("Unknown chain:" + chain);
2292 }
2293 }
2294
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2295 private static void enforceSystemUid() {
2296 final int uid = Binder.getCallingUid();
2297 if (uid != Process.SYSTEM_UID) {
2298 throw new SecurityException("Only available to AID_SYSTEM");
2299 }
2300 }
2301
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2302 @Override
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2303 public void startClatd(String interfaceName) throws IllegalStateException {
2304 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2305
2306 try {
2307 mConnector.execute("clatd", "start", interfaceName);
2308 } catch (NativeDaemonConnectorException e) {
2309 throw e.rethrowAsParcelableException();
2310 }
2311 }
2312
2313 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2314 public void stopClatd(String interfaceName) throws IllegalStateException {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2315 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2316
2317 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2318 mConnector.execute("clatd", "stop", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2319 } catch (NativeDaemonConnectorException e) {
2320 throw e.rethrowAsParcelableException();
2321 }
2322 }
2323
2324 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2325 public boolean isClatdStarted(String interfaceName) {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2326 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2327
2328 final NativeDaemonEvent event;
2329 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2330 event = mConnector.execute("clatd", "status", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2331 } catch (NativeDaemonConnectorException e) {
2332 throw e.rethrowAsParcelableException();
2333 }
2334
2335 event.checkCode(ClatdStatusResult);
2336 return event.getMessage().endsWith("started");
2337 }
2338
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2339 @Override
2340 public void registerNetworkActivityListener(INetworkActivityListener listener) {
2341 mNetworkActivityListeners.register(listener);
2342 }
2343
2344 @Override
2345 public void unregisterNetworkActivityListener(INetworkActivityListener listener) {
2346 mNetworkActivityListeners.unregister(listener);
2347 }
2348
2349 @Override
2350 public boolean isNetworkActive() {
2351 synchronized (mNetworkActivityListeners) {
2352 return mNetworkActive || mActiveIdleTimers.isEmpty();
2353 }
2354 }
2355
2356 private void reportNetworkActive() {
2357 final int length = mNetworkActivityListeners.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2358 try {
2359 for (int i = 0; i < length; i++) {
2360 try {
2361 mNetworkActivityListeners.getBroadcastItem(i).onNetworkActive();
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]2362 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2363 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2364 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2365 } finally {
2366 mNetworkActivityListeners.finishBroadcast();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2367 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2368 }
2369
Mattias Falk8b47b362011-08-23 14:15:13 +0200[diff] [blame]2370 /** {@inheritDoc} */
Jeff Sharkey7b4596f2013-02-25 10:55:29 -0800[diff] [blame]2371 @Override
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]2372 public void monitor() {
2373 if (mConnector != null) {
2374 mConnector.monitor();
2375 }
2376 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2377
2378 @Override
2379 protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]2380 if (!DumpUtils.checkDumpPermission(mContext, TAG, pw)) return;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2381
Robert Greenwalt470fd722012-01-18 12:51:15 -0800[diff] [blame]2382 pw.println("NetworkManagementService NativeDaemonConnector Log:");
2383 mConnector.dump(fd, pw, args);
2384 pw.println();
2385
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2386 pw.print("Bandwidth control enabled: "); pw.println(mBandwidthControlEnabled);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]2387 pw.print("mMobileActivityFromRadio="); pw.print(mMobileActivityFromRadio);
2388 pw.print(" mLastPowerStateFromRadio="); pw.println(mLastPowerStateFromRadio);
2389 pw.print("mNetworkActive="); pw.println(mNetworkActive);
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2390
2391 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]2392 pw.print("Active quota ifaces: "); pw.println(mActiveQuotas.toString());
2393 pw.print("Active alert ifaces: "); pw.println(mActiveAlerts.toString());
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2394 pw.print("Data saver mode: "); pw.println(mDataSaverMode);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2395 synchronized (mRulesLock) {
2396 dumpUidRuleOnQuotaLocked(pw, "blacklist", mUidRejectOnMetered);
2397 dumpUidRuleOnQuotaLocked(pw, "whitelist", mUidAllowOnMetered);
2398 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2399 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2400
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2401 synchronized (mRulesLock) {
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2402 dumpUidFirewallRule(pw, "", mUidFirewallRules);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2403
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2404 pw.print("UID firewall standby chain enabled: "); pw.println(
2405 getFirewallChainState(FIREWALL_CHAIN_STANDBY));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2406 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_STANDBY, mUidFirewallStandbyRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2407
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2408 pw.print("UID firewall dozable chain enabled: "); pw.println(
2409 getFirewallChainState(FIREWALL_CHAIN_DOZABLE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2410 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_DOZABLE, mUidFirewallDozableRules);
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2411
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2412 pw.println("UID firewall powersave chain enabled: " +
2413 getFirewallChainState(FIREWALL_CHAIN_POWERSAVE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2414 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_POWERSAVE, mUidFirewallPowerSaveRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2415 }
2416
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2417 synchronized (mIdleTimerLock) {
2418 pw.println("Idle timers:");
2419 for (HashMap.Entry<String, IdleTimerParams> ent : mActiveIdleTimers.entrySet()) {
2420 pw.print(" "); pw.print(ent.getKey()); pw.println(":");
2421 IdleTimerParams params = ent.getValue();
2422 pw.print(" timeout="); pw.print(params.timeout);
2423 pw.print(" type="); pw.print(params.type);
2424 pw.print(" networkCount="); pw.println(params.networkCount);
2425 }
2426 }
2427
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2428 pw.print("Firewall enabled: "); pw.println(mFirewallEnabled);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2429 pw.print("Netd service status: " );
2430 if (mNetdService == null) {
2431 pw.println("disconnected");
2432 } else {
2433 try {
2434 final boolean alive = mNetdService.isAlive();
2435 pw.println(alive ? "alive": "dead");
2436 } catch (RemoteException e) {
2437 pw.println("unreachable");
2438 }
2439 }
2440 }
2441
2442 private void dumpUidRuleOnQuotaLocked(PrintWriter pw, String name, SparseBooleanArray list) {
2443 pw.print("UID bandwith control ");
2444 pw.print(name);
2445 pw.print(" rule: [");
2446 final int size = list.size();
2447 for (int i = 0; i < size; i++) {
2448 pw.print(list.keyAt(i));
2449 if (i < size - 1) pw.print(",");
2450 }
2451 pw.println("]");
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2452 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2453
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2454 private void dumpUidFirewallRule(PrintWriter pw, String name, SparseIntArray rules) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2455 pw.print("UID firewall ");
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2456 pw.print(name);
2457 pw.print(" rule: [");
2458 final int size = rules.size();
2459 for (int i = 0; i < size; i++) {
2460 pw.print(rules.keyAt(i));
2461 pw.print(":");
2462 pw.print(rules.valueAt(i));
2463 if (i < size - 1) pw.print(",");
2464 }
2465 pw.println("]");
2466 }
2467
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2468 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2469 public void createPhysicalNetwork(int netId, String permission) {
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2470 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2471
2472 try {
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2473 if (permission != null) {
2474 mConnector.execute("network", "create", netId, permission);
2475 } else {
2476 mConnector.execute("network", "create", netId);
2477 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2478 } catch (NativeDaemonConnectorException e) {
2479 throw e.rethrowAsParcelableException();
2480 }
2481 }
2482
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2483 @Override
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2484 public void createVirtualNetwork(int netId, boolean hasDNS, boolean secure) {
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2485 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2486
2487 try {
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2488 mConnector.execute("network", "create", netId, "vpn", hasDNS ? "1" : "0",
2489 secure ? "1" : "0");
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2490 } catch (NativeDaemonConnectorException e) {
2491 throw e.rethrowAsParcelableException();
2492 }
2493 }
2494
2495 @Override
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2496 public void removeNetwork(int netId) {
Erik Kline33d8e5c2018-01-15 17:05:07 +0900[diff] [blame]2497 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2498
2499 try {
Erik Kline33d8e5c2018-01-15 17:05:07 +0900[diff] [blame]2500 mNetdService.networkDestroy(netId);
2501 } catch (ServiceSpecificException e) {
2502 Log.w(TAG, "removeNetwork(" + netId + "): ", e);
2503 throw e;
2504 } catch (RemoteException e) {
2505 Log.w(TAG, "removeNetwork(" + netId + "): ", e);
2506 throw e.rethrowAsRuntimeException();
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2507 }
2508 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2509
2510 @Override
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2511 public void addInterfaceToNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2512 modifyInterfaceInNetwork("add", "" + netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2513 }
2514
2515 @Override
2516 public void removeInterfaceFromNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2517 modifyInterfaceInNetwork("remove", "" + netId, iface);
2518 }
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2519
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2520 private void modifyInterfaceInNetwork(String action, String netId, String iface) {
2521 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2522 try {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2523 mConnector.execute("network", "interface", action, netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2524 } catch (NativeDaemonConnectorException e) {
2525 throw e.rethrowAsParcelableException();
2526 }
2527 }
2528
2529 @Override
Robert Greenwalt913c8952014-04-07 17:36:35 -0700[diff] [blame]2530 public void addLegacyRouteForNetId(int netId, RouteInfo routeInfo, int uid) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2531 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2532
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]2533 final Command cmd = new Command("network", "route", "legacy", uid, "add", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2534
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2535 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandrancc91c7b2014-06-03 18:41:43 -0700[diff] [blame]2536 final LinkAddress la = routeInfo.getDestinationLinkAddress();
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2537 cmd.appendArg(routeInfo.getInterface());
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]2538 cmd.appendArg(la.getAddress().getHostAddress() + "/" + la.getPrefixLength());
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2539 if (routeInfo.hasGateway()) {
2540 cmd.appendArg(routeInfo.getGateway().getHostAddress());
2541 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2542
2543 try {
2544 mConnector.execute(cmd);
2545 } catch (NativeDaemonConnectorException e) {
2546 throw e.rethrowAsParcelableException();
2547 }
2548 }
2549
2550 @Override
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2551 public void setDefaultNetId(int netId) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2552 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2553
2554 try {
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2555 mConnector.execute("network", "default", "set", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2556 } catch (NativeDaemonConnectorException e) {
2557 throw e.rethrowAsParcelableException();
2558 }
2559 }
2560
2561 @Override
2562 public void clearDefaultNetId() {
2563 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2564
2565 try {
2566 mConnector.execute("network", "default", "clear");
2567 } catch (NativeDaemonConnectorException e) {
2568 throw e.rethrowAsParcelableException();
2569 }
2570 }
2571
2572 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2573 public void setNetworkPermission(int netId, String permission) {
2574 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2575
2576 try {
2577 if (permission != null) {
2578 mConnector.execute("network", "permission", "network", "set", permission, netId);
2579 } else {
2580 mConnector.execute("network", "permission", "network", "clear", netId);
2581 }
2582 } catch (NativeDaemonConnectorException e) {
2583 throw e.rethrowAsParcelableException();
2584 }
2585 }
2586
2587
2588 @Override
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2589 public void setPermission(String permission, int[] uids) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2590 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2591
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2592 Object[] argv = new Object[4 + MAX_UID_RANGES_PER_COMMAND];
2593 argv[0] = "permission";
2594 argv[1] = "user";
2595 argv[2] = "set";
2596 argv[3] = permission;
2597 int argc = 4;
2598 // Avoid overly long commands by limiting number of UIDs per command.
2599 for (int i = 0; i < uids.length; ++i) {
2600 argv[argc++] = uids[i];
2601 if (i == uids.length - 1 || argc == argv.length) {
2602 try {
2603 mConnector.execute("network", Arrays.copyOf(argv, argc));
2604 } catch (NativeDaemonConnectorException e) {
2605 throw e.rethrowAsParcelableException();
2606 }
2607 argc = 4;
2608 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2609 }
2610 }
2611
2612 @Override
2613 public void clearPermission(int[] uids) {
2614 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2615
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2616 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
2617 argv[0] = "permission";
2618 argv[1] = "user";
2619 argv[2] = "clear";
2620 int argc = 3;
2621 // Avoid overly long commands by limiting number of UIDs per command.
2622 for (int i = 0; i < uids.length; ++i) {
2623 argv[argc++] = uids[i];
2624 if (i == uids.length - 1 || argc == argv.length) {
2625 try {
2626 mConnector.execute("network", Arrays.copyOf(argv, argc));
2627 } catch (NativeDaemonConnectorException e) {
2628 throw e.rethrowAsParcelableException();
2629 }
2630 argc = 3;
2631 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2632 }
2633 }
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2634
2635 @Override
2636 public void allowProtect(int uid) {
2637 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2638
2639 try {
2640 mConnector.execute("network", "protect", "allow", uid);
2641 } catch (NativeDaemonConnectorException e) {
2642 throw e.rethrowAsParcelableException();
2643 }
2644 }
2645
2646 @Override
2647 public void denyProtect(int uid) {
2648 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2649
2650 try {
2651 mConnector.execute("network", "protect", "deny", uid);
2652 } catch (NativeDaemonConnectorException e) {
2653 throw e.rethrowAsParcelableException();
2654 }
2655 }
2656
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2657 @Override
2658 public void addInterfaceToLocalNetwork(String iface, List<RouteInfo> routes) {
2659 modifyInterfaceInNetwork("add", "local", iface);
2660
2661 for (RouteInfo route : routes) {
2662 if (!route.isDefaultRoute()) {
2663 modifyRoute("add", "local", route);
2664 }
2665 }
2666 }
2667
2668 @Override
2669 public void removeInterfaceFromLocalNetwork(String iface) {
2670 modifyInterfaceInNetwork("remove", "local", iface);
2671 }
Erik Kline6599ee82016-07-17 21:28:39 +0900[diff] [blame]2672
2673 @Override
2674 public int removeRoutesFromLocalNetwork(List<RouteInfo> routes) {
2675 int failures = 0;
2676
2677 for (RouteInfo route : routes) {
2678 try {
2679 modifyRoute("remove", "local", route);
2680 } catch (IllegalStateException e) {
2681 failures++;
2682 }
2683 }
2684
2685 return failures;
2686 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2687
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2688 @Override
2689 public boolean isNetworkRestricted(int uid) {
2690 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2691 return isNetworkRestrictedInternal(uid);
2692 }
2693
2694 private boolean isNetworkRestrictedInternal(int uid) {
2695 synchronized (mRulesLock) {
2696 if (getFirewallChainState(FIREWALL_CHAIN_STANDBY)
2697 && mUidFirewallStandbyRules.get(uid) == FIREWALL_RULE_DENY) {
2698 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of app standby mode");
2699 return true;
2700 }
2701 if (getFirewallChainState(FIREWALL_CHAIN_DOZABLE)
2702 && mUidFirewallDozableRules.get(uid) != FIREWALL_RULE_ALLOW) {
2703 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of device idle mode");
2704 return true;
2705 }
2706 if (getFirewallChainState(FIREWALL_CHAIN_POWERSAVE)
2707 && mUidFirewallPowerSaveRules.get(uid) != FIREWALL_RULE_ALLOW) {
2708 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of power saver mode");
2709 return true;
2710 }
2711 if (mUidRejectOnMetered.get(uid)) {
2712 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of no metered data"
2713 + " in the background");
2714 return true;
2715 }
2716 if (mDataSaverMode && !mUidAllowOnMetered.get(uid)) {
2717 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of data saver mode");
2718 return true;
2719 }
2720 return false;
2721 }
2722 }
2723
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2724 private void setFirewallChainState(int chain, boolean state) {
2725 synchronized (mRulesLock) {
2726 mFirewallChainStates.put(chain, state);
2727 }
2728 }
2729
2730 private boolean getFirewallChainState(int chain) {
2731 synchronized (mRulesLock) {
2732 return mFirewallChainStates.get(chain);
2733 }
2734 }
2735
2736 @VisibleForTesting
2737 class LocalService extends NetworkManagementInternal {
2738 @Override
2739 public boolean isNetworkRestrictedForUid(int uid) {
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2740 return isNetworkRestrictedInternal(uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2741 }
2742 }
2743
2744 @VisibleForTesting
2745 Injector getInjector() {
2746 return new Injector();
2747 }
2748
2749 @VisibleForTesting
2750 class Injector {
2751 void setDataSaverMode(boolean dataSaverMode) {
2752 mDataSaverMode = dataSaverMode;
2753 }
2754
2755 void setFirewallChainState(int chain, boolean state) {
2756 NetworkManagementService.this.setFirewallChainState(chain, state);
2757 }
2758
2759 void setFirewallRule(int chain, int uid, int rule) {
2760 synchronized (mRulesLock) {
2761 getUidFirewallRulesLR(chain).put(uid, rule);
2762 }
2763 }
2764
2765 void setUidOnMeteredNetworkList(boolean blacklist, int uid, boolean enable) {
2766 synchronized (mRulesLock) {
2767 if (blacklist) {
2768 mUidRejectOnMetered.put(uid, enable);
2769 } else {
2770 mUidAllowOnMetered.put(uid, enable);
2771 }
2772 }
2773 }
2774
2775 void reset() {
2776 synchronized (mRulesLock) {
2777 setDataSaverMode(false);
2778 final int[] chains = {
2779 FIREWALL_CHAIN_DOZABLE,
2780 FIREWALL_CHAIN_STANDBY,
2781 FIREWALL_CHAIN_POWERSAVE
2782 };
2783 for (int chain : chains) {
2784 setFirewallChainState(chain, false);
2785 getUidFirewallRulesLR(chain).clear();
2786 }
2787 mUidAllowOnMetered.clear();
2788 mUidRejectOnMetered.clear();
2789 }
2790 }
2791 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]2792}