Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 521a897a70677f697fa743e5fad70203731d5cf9 / . / services / core / java / com / android / server / NetworkManagementService.java
blob: 9631e469f79ab4b8a51c64adb0f2b083b7a81069 [file] [log] [blame]
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1/*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server;
18
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]19import static android.Manifest.permission.CONNECTIVITY_INTERNAL;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]20import static android.Manifest.permission.DUMP;
Sehee Parka9139bc2017-12-22 13:54:05 +0900[diff] [blame]21import static android.Manifest.permission.NETWORK_SETTINGS;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]22import static android.Manifest.permission.NETWORK_STACK;
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]23import static android.Manifest.permission.SHUTDOWN;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]24import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE;
25import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE;
26import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]27import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]28import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_STANDBY;
29import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]30import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]31import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_STANDBY;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]32import static android.net.NetworkPolicyManager.FIREWALL_RULE_ALLOW;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]33import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]34import static android.net.NetworkPolicyManager.FIREWALL_RULE_DENY;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]35import static android.net.NetworkPolicyManager.FIREWALL_TYPE_BLACKLIST;
36import static android.net.NetworkPolicyManager.FIREWALL_TYPE_WHITELIST;
Jeff Sharkeyb5d55e32011-08-10 17:53:27 -0700[diff] [blame]37import static android.net.NetworkStats.SET_DEFAULT;
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]38import static android.net.NetworkStats.STATS_PER_UID;
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]39import static android.net.NetworkStats.TAG_ALL;
Jeff Sharkey1b5a2a92011-06-18 18:34:16 -0700[diff] [blame]40import static android.net.NetworkStats.TAG_NONE;
41import static android.net.NetworkStats.UID_ALL;
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]42import static android.net.TrafficStats.UID_TETHERING;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]43import static com.android.server.NetworkManagementService.NetdResponseCode.ClatdStatusResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]44import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceGetCfgResult;
45import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]46import static com.android.server.NetworkManagementService.NetdResponseCode.IpFwdStatusResult;
47import static com.android.server.NetworkManagementService.NetdResponseCode.TetherDnsFwdTgtListResult;
48import static com.android.server.NetworkManagementService.NetdResponseCode.TetherInterfaceListResult;
49import static com.android.server.NetworkManagementService.NetdResponseCode.TetherStatusResult;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]50import static com.android.server.NetworkManagementService.NetdResponseCode.TetheringStatsListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]51import static com.android.server.NetworkManagementService.NetdResponseCode.TtyListResult;
Jeff Sharkeya63ba592011-07-19 23:47:12 -0700[diff] [blame]52import static com.android.server.NetworkManagementSocketTagger.PROP_QTAGUID_ENABLED;
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]53
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]54import android.annotation.NonNull;
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]55import android.app.ActivityManager;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]56import android.content.ContentResolver;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]57import android.content.Context;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]58import android.net.ConnectivityManager;
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]59import android.net.INetd;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]60import android.net.INetworkManagementEventObserver;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]61import android.net.ITetheringStatsProvider;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]62import android.net.InterfaceConfiguration;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]63import android.net.IpPrefix;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]64import android.net.LinkAddress;
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]65import android.net.Network;
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]66import android.net.NetworkPolicyManager;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]67import android.net.NetworkStats;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]68import android.net.NetworkUtils;
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]69import android.net.RouteInfo;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]70import android.net.UidRange;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]71import android.net.util.NetdService;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]72import android.net.wifi.WifiConfiguration;
73import android.net.wifi.WifiConfiguration.KeyMgmt;
Dianne Hackborn91268cf2013-06-13 19:06:50 -0700[diff] [blame]74import android.os.BatteryStats;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]75import android.os.Binder;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]76import android.os.Handler;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]77import android.os.IBinder;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]78import android.os.INetworkActivityListener;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]79import android.os.INetworkManagementService;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]80import android.os.PersistableBundle;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]81import android.os.PowerManager;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]82import android.os.Process;
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]83import android.os.RemoteCallbackList;
84import android.os.RemoteException;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]85import android.os.ServiceManager;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]86import android.os.ServiceSpecificException;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]87import android.os.StrictMode;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]88import android.os.SystemClock;
Marco Nelissen62dbb222010-02-18 10:56:30 -0800[diff] [blame]89import android.os.SystemProperties;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]90import android.os.Trace;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]91import android.provider.Settings;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]92import android.telephony.DataConnectionRealTimeInfo;
93import android.telephony.PhoneStateListener;
Wink Savillefb40dd42014-06-12 17:02:31 -0700[diff] [blame]94import android.telephony.SubscriptionManager;
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]95import android.telephony.TelephonyManager;
Erik Kline4d092232017-10-30 15:29:44 +0900[diff] [blame]96import android.text.TextUtils;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]97import android.util.Log;
Joe Onorato8a9b2202010-02-26 18:56:32 -0800[diff] [blame]98import android.util.Slog;
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]99import android.util.SparseBooleanArray;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]100import android.util.SparseIntArray;
Bookatz0b028b12018-05-31 16:51:17 -0700[diff] [blame]101import android.util.StatsLog;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]102
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]103import com.android.internal.annotations.GuardedBy;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]104import com.android.internal.annotations.VisibleForTesting;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]105import com.android.internal.app.IBatteryStats;
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]106import com.android.internal.net.NetworkStatsFactory;
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]107import com.android.internal.util.DumpUtils;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]108import com.android.internal.util.HexDump;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]109import com.android.internal.util.Preconditions;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]110import com.android.server.NativeDaemonConnector.Command;
Jeff Sharkey56cd6462013-06-07 15:09:15 -0700[diff] [blame]111import com.android.server.NativeDaemonConnector.SensitiveArg;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]112import com.google.android.collect.Maps;
Jeff Sharkey4414cea2011-06-24 17:05:24 -0700[diff] [blame]113
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]114import java.io.BufferedReader;
115import java.io.DataInputStream;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]116import java.io.File;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]117import java.io.FileDescriptor;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]118import java.io.FileInputStream;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]119import java.io.IOException;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]120import java.io.InputStreamReader;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]121import java.io.PrintWriter;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]122import java.net.InetAddress;
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]123import java.net.InterfaceAddress;
124import java.net.NetworkInterface;
125import java.net.SocketException;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]126import java.util.ArrayList;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]127import java.util.Arrays;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]128import java.util.HashMap;
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]129import java.util.List;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]130import java.util.Map;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]131import java.util.NoSuchElementException;
132import java.util.StringTokenizer;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]133import java.util.concurrent.CountDownLatch;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]134
135/**
136 * @hide
137 */
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]138public class NetworkManagementService extends INetworkManagementService.Stub
139 implements Watchdog.Monitor {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]140
141 /**
142 * Helper class that encapsulates NetworkManagementService dependencies and makes them
143 * easier to mock in unit tests.
144 */
145 static class SystemServices {
146 public IBinder getService(String name) {
147 return ServiceManager.getService(name);
148 }
149 public void registerLocalService(NetworkManagementInternal nmi) {
150 LocalServices.addService(NetworkManagementInternal.class, nmi);
151 }
152 public INetd getNetd() {
153 return NetdService.get();
154 }
155 }
156
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]157 private static final String TAG = "NetworkManagement";
158 private static final boolean DBG = Log.isLoggable(TAG, Log.DEBUG);
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]159 private static final String NETD_TAG = "NetdConnector";
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]160 static final String NETD_SERVICE_NAME = "netd";
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]161
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]162 private static final int MAX_UID_RANGES_PER_COMMAND = 10;
163
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]164 /**
165 * Name representing {@link #setGlobalAlert(long)} limit when delivered to
166 * {@link INetworkManagementEventObserver#limitReached(String, String)}.
167 */
168 public static final String LIMIT_GLOBAL_ALERT = "globalAlert";
169
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]170 /**
171 * String to pass to netd to indicate that a network is only accessible
172 * to apps that have the CHANGE_NETWORK_STATE permission.
173 */
174 public static final String PERMISSION_NETWORK = "NETWORK";
175
176 /**
177 * String to pass to netd to indicate that a network is only
178 * accessible to system apps and those with the CONNECTIVITY_INTERNAL
179 * permission.
180 */
181 public static final String PERMISSION_SYSTEM = "SYSTEM";
182
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]183 static class NetdResponseCode {
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]184 /* Keep in sync with system/netd/server/ResponseCode.h */
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]185 public static final int InterfaceListResult = 110;
186 public static final int TetherInterfaceListResult = 111;
187 public static final int TetherDnsFwdTgtListResult = 112;
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]188 public static final int TtyListResult = 113;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]189 public static final int TetheringStatsListResult = 114;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]190
191 public static final int TetherStatusResult = 210;
192 public static final int IpFwdStatusResult = 211;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]193 public static final int InterfaceGetCfgResult = 213;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]194 public static final int SoftapStatusResult = 214;
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]195 public static final int InterfaceRxCounterResult = 216;
196 public static final int InterfaceTxCounterResult = 217;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]197 public static final int QuotaCounterResult = 220;
198 public static final int TetheringStatsResult = 221;
Selim Gurun84c00c62012-02-27 15:42:38 -0800[diff] [blame]199 public static final int DnsProxyQueryResult = 222;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]200 public static final int ClatdStatusResult = 223;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]201
202 public static final int InterfaceChange = 600;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]203 public static final int BandwidthControl = 601;
Haoyu Bai6b7358d2012-07-17 16:36:50 -0700[diff] [blame]204 public static final int InterfaceClassActivity = 613;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]205 public static final int InterfaceAddressChange = 614;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]206 public static final int InterfaceDnsServerInfo = 615;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]207 public static final int RouteChange = 616;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]208 public static final int StrictCleartext = 617;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]209 }
210
Rebecca Silbersteine2ec94f2016-03-24 13:29:00 -0700[diff] [blame]211 /**
212 * String indicating a softap command.
213 */
214 static final String SOFT_AP_COMMAND = "softap";
215
216 /**
217 * String passed back to netd connector indicating softap command success.
218 */
219 static final String SOFT_AP_COMMAND_SUCCESS = "Ok";
220
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]221 static final int DAEMON_MSG_MOBILE_CONN_REAL_TIME_INFO = 1;
222
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]223 /**
224 * Binder context for this service
225 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]226 private final Context mContext;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]227
228 /**
229 * connector object for communicating with netd
230 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]231 private final NativeDaemonConnector mConnector;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]232
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]233 private final Handler mFgHandler;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]234 private final Handler mDaemonHandler;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]235
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]236 private final SystemServices mServices;
237
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]238 private INetd mNetdService;
239
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]240 private IBatteryStats mBatteryStats;
241
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]242 private final Thread mThread;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]243 private CountDownLatch mConnectedSignal = new CountDownLatch(1);
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]244
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]245 private final RemoteCallbackList<INetworkManagementEventObserver> mObservers =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]246 new RemoteCallbackList<>();
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]247
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]248 private final NetworkStatsFactory mStatsFactory = new NetworkStatsFactory();
249
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]250 @GuardedBy("mTetheringStatsProviders")
251 private final HashMap<ITetheringStatsProvider, String>
252 mTetheringStatsProviders = Maps.newHashMap();
253
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]254 /**
255 * If both locks need to be held, then they should be obtained in the order:
256 * first {@link #mQuotaLock} and then {@link #mRulesLock}.
257 */
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]258 private final Object mQuotaLock = new Object();
Andrew Scull519291f2017-05-23 13:11:03 +0100[diff] [blame]259 private final Object mRulesLock = new Object();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]260
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]261 /** Set of interfaces with active quotas. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]262 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]263 private HashMap<String, Long> mActiveQuotas = Maps.newHashMap();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]264 /** Set of interfaces with active alerts. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]265 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]266 private HashMap<String, Long> mActiveAlerts = Maps.newHashMap();
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]267 /** Set of UIDs blacklisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]268 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]269 private SparseBooleanArray mUidRejectOnMetered = new SparseBooleanArray();
270 /** Set of UIDs whitelisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]271 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]272 private SparseBooleanArray mUidAllowOnMetered = new SparseBooleanArray();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]273 /** Set of UIDs with cleartext penalties. */
274 @GuardedBy("mQuotaLock")
275 private SparseIntArray mUidCleartextPolicy = new SparseIntArray();
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]276 /** Set of UIDs that are to be blocked/allowed by firewall controller. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]277 @GuardedBy("mRulesLock")
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]278 private SparseIntArray mUidFirewallRules = new SparseIntArray();
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]279 /**
280 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
281 * to application idles.
282 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]283 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]284 private SparseIntArray mUidFirewallStandbyRules = new SparseIntArray();
285 /**
286 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
287 * to device idles.
288 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]289 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]290 private SparseIntArray mUidFirewallDozableRules = new SparseIntArray();
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]291 /**
292 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
293 * to device on power-save mode.
294 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]295 @GuardedBy("mRulesLock")
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]296 private SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]297 /** Set of states for the child firewall chains. True if the chain is active. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]298 @GuardedBy("mRulesLock")
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]299 final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]300
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]301 @GuardedBy("mQuotaLock")
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]302 private volatile boolean mDataSaverMode;
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]303
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]304 private final Object mIdleTimerLock = new Object();
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]305 /** Set of interfaces with active idle timers. */
306 private static class IdleTimerParams {
307 public final int timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]308 public final int type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]309 public int networkCount;
310
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]311 IdleTimerParams(int timeout, int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]312 this.timeout = timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]313 this.type = type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]314 this.networkCount = 1;
315 }
316 }
317 private HashMap<String, IdleTimerParams> mActiveIdleTimers = Maps.newHashMap();
318
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]319 private volatile boolean mBandwidthControlEnabled;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]320 private volatile boolean mFirewallEnabled;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]321 private volatile boolean mStrictEnabled;
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]322
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]323 private boolean mMobileActivityFromRadio = false;
324 private int mLastPowerStateFromRadio = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]325 private int mLastPowerStateFromWifi = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]326
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]327 private final RemoteCallbackList<INetworkActivityListener> mNetworkActivityListeners =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]328 new RemoteCallbackList<>();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]329 private boolean mNetworkActive;
330
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]331 /**
332 * Constructs a new NetworkManagementService instance
333 *
334 * @param context Binder context for this service
335 */
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]336 private NetworkManagementService(
337 Context context, String socket, SystemServices services) {
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]338 mContext = context;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]339 mServices = services;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]340
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]341 // make sure this is on the same looper as our NativeDaemonConnector for sync purposes
342 mFgHandler = new Handler(FgThread.get().getLooper());
343
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]344 // Don't need this wake lock, since we now have a time stamp for when
345 // the network actually went inactive. (It might be nice to still do this,
346 // but I don't want to do it through the power manager because that pollutes the
347 // battery stats history with pointless noise.)
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]348 //PowerManager pm = (PowerManager)context.getSystemService(Context.POWER_SERVICE);
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]349 PowerManager.WakeLock wl = null; //pm.newWakeLock(PowerManager.PARTIAL_WAKE_LOCK, NETD_TAG);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]350
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]351 mConnector = new NativeDaemonConnector(
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]352 new NetdCallbackReceiver(), socket, 10, NETD_TAG, 160, wl,
353 FgThread.get().getLooper());
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]354 mThread = new Thread(mConnector, NETD_TAG);
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]355
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]356 mDaemonHandler = new Handler(FgThread.get().getLooper());
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]357
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]358 // Add ourself to the Watchdog monitors.
359 Watchdog.getInstance().addMonitor(this);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]360
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]361 mServices.registerLocalService(new LocalService());
Lorenzo Colitti8228eb32017-07-19 06:17:33 +0900[diff] [blame]362
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]363 synchronized (mTetheringStatsProviders) {
364 mTetheringStatsProviders.put(new NetdTetheringStatsProvider(), "netd");
365 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]366 }
367
368 @VisibleForTesting
369 NetworkManagementService() {
370 mConnector = null;
371 mContext = null;
372 mDaemonHandler = null;
373 mFgHandler = null;
374 mThread = null;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]375 mServices = null;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]376 }
377
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]378 static NetworkManagementService create(Context context, String socket, SystemServices services)
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]379 throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]380 final NetworkManagementService service =
381 new NetworkManagementService(context, socket, services);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]382 final CountDownLatch connectedSignal = service.mConnectedSignal;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]383 if (DBG) Slog.d(TAG, "Creating NetworkManagementService");
384 service.mThread.start();
385 if (DBG) Slog.d(TAG, "Awaiting socket connection");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]386 connectedSignal.await();
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]387 if (DBG) Slog.d(TAG, "Connected");
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]388 if (DBG) Slog.d(TAG, "Connecting native netd service");
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]389 service.connectNativeNetdService();
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]390 if (DBG) Slog.d(TAG, "Connected");
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]391 return service;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]392 }
393
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]394 public static NetworkManagementService create(Context context) throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]395 return create(context, NETD_SERVICE_NAME, new SystemServices());
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]396 }
397
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]398 public void systemReady() {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]399 if (DBG) {
400 final long start = System.currentTimeMillis();
401 prepareNativeDaemon();
402 final long delta = System.currentTimeMillis() - start;
403 Slog.d(TAG, "Prepared in " + delta + "ms");
404 return;
405 } else {
406 prepareNativeDaemon();
407 }
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]408 }
409
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]410 private IBatteryStats getBatteryStats() {
411 synchronized (this) {
412 if (mBatteryStats != null) {
413 return mBatteryStats;
414 }
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]415 mBatteryStats =
416 IBatteryStats.Stub.asInterface(mServices.getService(BatteryStats.SERVICE_NAME));
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]417 return mBatteryStats;
418 }
419 }
420
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]421 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]422 public void registerObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]423 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]424 mObservers.register(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]425 }
426
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]427 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]428 public void unregisterObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]429 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]430 mObservers.unregister(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]431 }
432
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]433 @FunctionalInterface
434 private interface NetworkManagementEventCallback {
435 public void sendCallback(INetworkManagementEventObserver o) throws RemoteException;
436 }
437
438 private void invokeForAllObservers(NetworkManagementEventCallback eventCallback) {
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]439 final int length = mObservers.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]440 try {
441 for (int i = 0; i < length; i++) {
442 try {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]443 eventCallback.sendCallback(mObservers.getBroadcastItem(i));
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]444 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]445 }
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]446 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]447 } finally {
448 mObservers.finishBroadcast();
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]449 }
450 }
451
452 /**
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]453 * Notify our observers of an interface status change
454 */
455 private void notifyInterfaceStatusChanged(String iface, boolean up) {
456 invokeForAllObservers(o -> o.interfaceStatusChanged(iface, up));
457 }
458
459 /**
Mike J. Chenf59c7d02011-06-23 15:33:15 -0700[diff] [blame]460 * Notify our observers of an interface link state change
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]461 * (typically, an Ethernet cable has been plugged-in or unplugged).
462 */
463 private void notifyInterfaceLinkStateChanged(String iface, boolean up) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]464 invokeForAllObservers(o -> o.interfaceLinkStateChanged(iface, up));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]465 }
466
467 /**
468 * Notify our observers of an interface addition.
469 */
470 private void notifyInterfaceAdded(String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]471 invokeForAllObservers(o -> o.interfaceAdded(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]472 }
473
474 /**
475 * Notify our observers of an interface removal.
476 */
477 private void notifyInterfaceRemoved(String iface) {
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]478 // netd already clears out quota and alerts for removed ifaces; update
479 // our sanity-checking state.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]480 mActiveAlerts.remove(iface);
481 mActiveQuotas.remove(iface);
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]482
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]483 invokeForAllObservers(o -> o.interfaceRemoved(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]484 }
485
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]486 /**
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]487 * Notify our observers of a limit reached.
488 */
489 private void notifyLimitReached(String limitName, String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]490 invokeForAllObservers(o -> o.limitReached(limitName, iface));
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]491 }
492
493 /**
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]494 * Notify our observers of a change in the data activity state of the interface
495 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]496 private void notifyInterfaceClassActivity(int type, int powerState, long tsNanos,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]497 int uid, boolean fromRadio) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]498 final boolean isMobile = ConnectivityManager.isNetworkTypeMobile(type);
499 if (isMobile) {
500 if (!fromRadio) {
501 if (mMobileActivityFromRadio) {
502 // If this call is not coming from a report from the radio itself, but we
503 // have previously received reports from the radio, then we will take the
504 // power state to just be whatever the radio last reported.
505 powerState = mLastPowerStateFromRadio;
506 }
507 } else {
508 mMobileActivityFromRadio = true;
509 }
510 if (mLastPowerStateFromRadio != powerState) {
511 mLastPowerStateFromRadio = powerState;
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]512 try {
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]513 getBatteryStats().noteMobileRadioPowerState(powerState, tsNanos, uid);
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]514 } catch (RemoteException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]515 }
Bookatz0b028b12018-05-31 16:51:17 -0700[diff] [blame]516 StatsLog.write_non_chained(StatsLog.MOBILE_RADIO_POWER_STATE_CHANGED, uid, null,
517 powerState);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]518 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]519 }
520
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]521 if (ConnectivityManager.isNetworkTypeWifi(type)) {
522 if (mLastPowerStateFromWifi != powerState) {
523 mLastPowerStateFromWifi = powerState;
524 try {
Adam Lesinski5f056f62016-07-14 16:56:08 -0700[diff] [blame]525 getBatteryStats().noteWifiRadioPowerState(powerState, tsNanos, uid);
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]526 } catch (RemoteException e) {
527 }
Bookatz0b028b12018-05-31 16:51:17 -0700[diff] [blame]528 StatsLog.write_non_chained(StatsLog.WIFI_RADIO_POWER_STATE_CHANGED, uid, null,
529 powerState);
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]530 }
531 }
532
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]533 boolean isActive = powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_MEDIUM
534 || powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH;
535
536 if (!isMobile || fromRadio || !mMobileActivityFromRadio) {
537 // Report the change in data activity. We don't do this if this is a change
538 // on the mobile network, that is not coming from the radio itself, and we
539 // have previously seen change reports from the radio. In that case only
540 // the radio is the authority for the current state.
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]541 final boolean active = isActive;
542 invokeForAllObservers(o -> o.interfaceClassDataActivityChanged(
543 Integer.toString(type), active, tsNanos));
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]544 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]545
546 boolean report = false;
547 synchronized (mIdleTimerLock) {
548 if (mActiveIdleTimers.isEmpty()) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]549 // If there are no idle timers, we are not monitoring activity, so we
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]550 // are always considered active.
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]551 isActive = true;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]552 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]553 if (mNetworkActive != isActive) {
554 mNetworkActive = isActive;
555 report = isActive;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]556 }
557 }
558 if (report) {
559 reportNetworkActive();
560 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]561 }
562
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]563 @Override
564 public void registerTetheringStatsProvider(ITetheringStatsProvider provider, String name) {
565 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
566 Preconditions.checkNotNull(provider);
567 synchronized(mTetheringStatsProviders) {
568 mTetheringStatsProviders.put(provider, name);
569 }
570 }
571
572 @Override
573 public void unregisterTetheringStatsProvider(ITetheringStatsProvider provider) {
574 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
575 synchronized(mTetheringStatsProviders) {
576 mTetheringStatsProviders.remove(provider);
577 }
578 }
579
Lorenzo Colitti9f0baa92017-08-15 19:25:51 +0900[diff] [blame]580 @Override
581 public void tetherLimitReached(ITetheringStatsProvider provider) {
582 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
583 synchronized(mTetheringStatsProviders) {
584 if (!mTetheringStatsProviders.containsKey(provider)) {
585 return;
586 }
587 // No current code examines the interface parameter in a global alert. Just pass null.
588 notifyLimitReached(LIMIT_GLOBAL_ALERT, null);
589 }
590 }
591
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]592 // Sync the state of the given chain with the native daemon.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]593 private void syncFirewallChainLocked(int chain, String name) {
594 SparseIntArray rules;
595 synchronized (mRulesLock) {
596 final SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]597 // Make a copy of the current rules, and then clear them. This is because
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]598 // setFirewallUidRuleInternal only pushes down rules to the native daemon if they
599 // are different from the current rules stored in the mUidFirewall*Rules array for
600 // the specified chain. If we don't clear the rules, setFirewallUidRuleInternal
601 // will do nothing.
602 rules = uidFirewallRules.clone();
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]603 uidFirewallRules.clear();
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]604 }
605 if (rules.size() > 0) {
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]606 // Now push the rules. setFirewallUidRuleInternal will push each of these down to the
607 // native daemon, and also add them to the mUidFirewall*Rules array for the specified
608 // chain.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]609 if (DBG) Slog.d(TAG, "Pushing " + rules.size() + " active firewall "
610 + name + "UID rules");
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]611 for (int i = 0; i < rules.size(); i++) {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]612 setFirewallUidRuleLocked(chain, rules.keyAt(i), rules.valueAt(i));
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]613 }
614 }
615 }
616
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]617 private void connectNativeNetdService() {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]618 mNetdService = mServices.getNetd();
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]619 }
620
621 /**
622 * Prepare native daemon once connected, enabling modules and pushing any
623 * existing in-memory rules.
624 */
625 private void prepareNativeDaemon() {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]626
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]627 mBandwidthControlEnabled = false;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]628
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]629 // only enable bandwidth control when support exists
630 final boolean hasKernelSupport = new File("/proc/net/xt_qtaguid/ctrl").exists();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]631
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]632 // push any existing quota or UID rules
633 synchronized (mQuotaLock) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]634
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]635 if (hasKernelSupport) {
636 Slog.d(TAG, "enabling bandwidth control");
637 try {
638 mConnector.execute("bandwidth", "enable");
639 mBandwidthControlEnabled = true;
640 } catch (NativeDaemonConnectorException e) {
641 Log.wtf(TAG, "problem enabling bandwidth controls", e);
642 }
643 } else {
644 Slog.i(TAG, "not enabling bandwidth control");
645 }
646
647 SystemProperties.set(PROP_QTAGUID_ENABLED, mBandwidthControlEnabled ? "1" : "0");
648
649 try {
650 mConnector.execute("strict", "enable");
651 mStrictEnabled = true;
652 } catch (NativeDaemonConnectorException e) {
653 Log.wtf(TAG, "Failed strict enable", e);
654 }
655
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]656 setDataSaverModeEnabled(mDataSaverMode);
657
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]658 int size = mActiveQuotas.size();
659 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]660 if (DBG) Slog.d(TAG, "Pushing " + size + " active quota rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]661 final HashMap<String, Long> activeQuotas = mActiveQuotas;
662 mActiveQuotas = Maps.newHashMap();
663 for (Map.Entry<String, Long> entry : activeQuotas.entrySet()) {
664 setInterfaceQuota(entry.getKey(), entry.getValue());
665 }
666 }
667
668 size = mActiveAlerts.size();
669 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]670 if (DBG) Slog.d(TAG, "Pushing " + size + " active alert rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]671 final HashMap<String, Long> activeAlerts = mActiveAlerts;
672 mActiveAlerts = Maps.newHashMap();
673 for (Map.Entry<String, Long> entry : activeAlerts.entrySet()) {
674 setInterfaceAlert(entry.getKey(), entry.getValue());
675 }
676 }
677
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]678 SparseBooleanArray uidRejectOnQuota = null;
679 SparseBooleanArray uidAcceptOnQuota = null;
680 synchronized (mRulesLock) {
681 size = mUidRejectOnMetered.size();
682 if (size > 0) {
683 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered blacklist rules");
684 uidRejectOnQuota = mUidRejectOnMetered;
685 mUidRejectOnMetered = new SparseBooleanArray();
686 }
687
688 size = mUidAllowOnMetered.size();
689 if (size > 0) {
690 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered whitelist rules");
691 uidAcceptOnQuota = mUidAllowOnMetered;
692 mUidAllowOnMetered = new SparseBooleanArray();
693 }
694 }
695 if (uidRejectOnQuota != null) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]696 for (int i = 0; i < uidRejectOnQuota.size(); i++) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]697 setUidMeteredNetworkBlacklist(uidRejectOnQuota.keyAt(i),
698 uidRejectOnQuota.valueAt(i));
699 }
700 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]701 if (uidAcceptOnQuota != null) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]702 for (int i = 0; i < uidAcceptOnQuota.size(); i++) {
703 setUidMeteredNetworkWhitelist(uidAcceptOnQuota.keyAt(i),
704 uidAcceptOnQuota.valueAt(i));
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]705 }
706 }
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]707
708 size = mUidCleartextPolicy.size();
709 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]710 if (DBG) Slog.d(TAG, "Pushing " + size + " active UID cleartext policies");
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]711 final SparseIntArray local = mUidCleartextPolicy;
712 mUidCleartextPolicy = new SparseIntArray();
713 for (int i = 0; i < local.size(); i++) {
714 setUidCleartextNetworkPolicy(local.keyAt(i), local.valueAt(i));
715 }
716 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]717
Robin Leec3736bc2017-03-10 16:19:54 +0000[diff] [blame]718 setFirewallEnabled(mFirewallEnabled);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]719
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]720 syncFirewallChainLocked(FIREWALL_CHAIN_NONE, "");
721 syncFirewallChainLocked(FIREWALL_CHAIN_STANDBY, "standby ");
722 syncFirewallChainLocked(FIREWALL_CHAIN_DOZABLE, "dozable ");
723 syncFirewallChainLocked(FIREWALL_CHAIN_POWERSAVE, "powersave ");
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]724
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]725 final int[] chains =
726 {FIREWALL_CHAIN_STANDBY, FIREWALL_CHAIN_DOZABLE, FIREWALL_CHAIN_POWERSAVE};
727 for (int chain : chains) {
728 if (getFirewallChainState(chain)) {
729 setFirewallChainEnabled(chain, true);
730 }
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]731 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]732 }
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]733
734 if (mBandwidthControlEnabled) {
735 try {
736 getBatteryStats().noteNetworkStatsEnabled();
737 } catch (RemoteException e) {
738 }
739 }
740
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]741 }
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]742
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]743 /**
744 * Notify our observers of a new or updated interface address.
745 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]746 private void notifyAddressUpdated(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]747 invokeForAllObservers(o -> o.addressUpdated(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]748 }
749
750 /**
751 * Notify our observers of a deleted interface address.
752 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]753 private void notifyAddressRemoved(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]754 invokeForAllObservers(o -> o.addressRemoved(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]755 }
756
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]757 /**
758 * Notify our observers of DNS server information received.
759 */
760 private void notifyInterfaceDnsServerInfo(String iface, long lifetime, String[] addresses) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]761 invokeForAllObservers(o -> o.interfaceDnsServerInfo(iface, lifetime, addresses));
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]762 }
763
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]764 /**
765 * Notify our observers of a route change.
766 */
767 private void notifyRouteChange(String action, RouteInfo route) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]768 if (action.equals("updated")) {
769 invokeForAllObservers(o -> o.routeUpdated(route));
770 } else {
771 invokeForAllObservers(o -> o.routeRemoved(route));
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]772 }
773 }
774
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]775 //
776 // Netd Callback handling
777 //
778
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]779 private class NetdCallbackReceiver implements INativeDaemonConnectorCallbacks {
780 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]781 public void onDaemonConnected() {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]782 Slog.i(TAG, "onDaemonConnected()");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]783 // event is dispatched from internal NDC thread, so we prepare the
784 // daemon back on main thread.
785 if (mConnectedSignal != null) {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]786 // The system is booting and we're connecting to netd for the first time.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]787 mConnectedSignal.countDown();
788 mConnectedSignal = null;
789 } else {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]790 // We're reconnecting to netd after the socket connection
791 // was interrupted (e.g., if it crashed).
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]792 mFgHandler.post(new Runnable() {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]793 @Override
794 public void run() {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]795 connectNativeNetdService();
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]796 prepareNativeDaemon();
797 }
798 });
799 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]800 }
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]801
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]802 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]803 public boolean onCheckHoldWakeLock(int code) {
804 return code == NetdResponseCode.InterfaceClassActivity;
805 }
806
807 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]808 public boolean onEvent(int code, String raw, String[] cooked) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]809 String errorMessage = String.format("Invalid event from daemon (%s)", raw);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]810 switch (code) {
811 case NetdResponseCode.InterfaceChange:
812 /*
813 * a network interface change occured
814 * Format: "NNN Iface added <name>"
815 * "NNN Iface removed <name>"
816 * "NNN Iface changed <name> <up/down>"
817 * "NNN Iface linkstatus <name> <up/down>"
818 */
819 if (cooked.length < 4 || !cooked[1].equals("Iface")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]820 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]821 }
822 if (cooked[2].equals("added")) {
823 notifyInterfaceAdded(cooked[3]);
824 return true;
825 } else if (cooked[2].equals("removed")) {
826 notifyInterfaceRemoved(cooked[3]);
827 return true;
828 } else if (cooked[2].equals("changed") && cooked.length == 5) {
829 notifyInterfaceStatusChanged(cooked[3], cooked[4].equals("up"));
830 return true;
831 } else if (cooked[2].equals("linkstate") && cooked.length == 5) {
832 notifyInterfaceLinkStateChanged(cooked[3], cooked[4].equals("up"));
833 return true;
834 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]835 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]836 // break;
837 case NetdResponseCode.BandwidthControl:
838 /*
839 * Bandwidth control needs some attention
840 * Format: "NNN limit alert <alertName> <ifaceName>"
841 */
842 if (cooked.length < 5 || !cooked[1].equals("limit")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]843 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]844 }
845 if (cooked[2].equals("alert")) {
846 notifyLimitReached(cooked[3], cooked[4]);
847 return true;
848 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]849 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]850 // break;
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]851 case NetdResponseCode.InterfaceClassActivity:
852 /*
853 * An network interface class state changed (active/idle)
854 * Format: "NNN IfaceClass <active/idle> <label>"
855 */
856 if (cooked.length < 4 || !cooked[1].equals("IfaceClass")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]857 throw new IllegalStateException(errorMessage);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]858 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]859 long timestampNanos = 0;
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]860 int processUid = -1;
861 if (cooked.length >= 5) {
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]862 try {
863 timestampNanos = Long.parseLong(cooked[4]);
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]864 if (cooked.length == 6) {
865 processUid = Integer.parseInt(cooked[5]);
866 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]867 } catch(NumberFormatException ne) {}
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]868 } else {
869 timestampNanos = SystemClock.elapsedRealtimeNanos();
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]870 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]871 boolean isActive = cooked[2].equals("active");
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]872 notifyInterfaceClassActivity(Integer.parseInt(cooked[3]),
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]873 isActive ? DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]874 : DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
875 timestampNanos, processUid, false);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]876 return true;
877 // break;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]878 case NetdResponseCode.InterfaceAddressChange:
879 /*
880 * A network address change occurred
881 * Format: "NNN Address updated <addr> <iface> <flags> <scope>"
882 * "NNN Address removed <addr> <iface> <flags> <scope>"
883 */
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]884 if (cooked.length < 7 || !cooked[1].equals("Address")) {
885 throw new IllegalStateException(errorMessage);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]886 }
887
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]888 String iface = cooked[4];
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]889 LinkAddress address;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]890 try {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]891 int flags = Integer.parseInt(cooked[5]);
892 int scope = Integer.parseInt(cooked[6]);
893 address = new LinkAddress(cooked[3], flags, scope);
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]894 } catch(NumberFormatException e) { // Non-numeric lifetime or scope.
895 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]896 } catch(IllegalArgumentException e) { // Malformed/invalid IP address.
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]897 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]898 }
899
900 if (cooked[2].equals("updated")) {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]901 notifyAddressUpdated(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]902 } else {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]903 notifyAddressRemoved(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]904 }
905 return true;
906 // break;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]907 case NetdResponseCode.InterfaceDnsServerInfo:
908 /*
909 * Information about available DNS servers has been received.
910 * Format: "NNN DnsInfo servers <interface> <lifetime> <servers>"
911 */
912 long lifetime; // Actually a 32-bit unsigned integer.
913
914 if (cooked.length == 6 &&
915 cooked[1].equals("DnsInfo") &&
916 cooked[2].equals("servers")) {
917 try {
918 lifetime = Long.parseLong(cooked[4]);
919 } catch (NumberFormatException e) {
920 throw new IllegalStateException(errorMessage);
921 }
922 String[] servers = cooked[5].split(",");
923 notifyInterfaceDnsServerInfo(cooked[3], lifetime, servers);
924 }
925 return true;
926 // break;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]927 case NetdResponseCode.RouteChange:
928 /*
929 * A route has been updated or removed.
930 * Format: "NNN Route <updated|removed> <dst> [via <gateway] [dev <iface>]"
931 */
932 if (!cooked[1].equals("Route") || cooked.length < 6) {
933 throw new IllegalStateException(errorMessage);
934 }
935
936 String via = null;
937 String dev = null;
938 boolean valid = true;
939 for (int i = 4; (i + 1) < cooked.length && valid; i += 2) {
940 if (cooked[i].equals("dev")) {
941 if (dev == null) {
942 dev = cooked[i+1];
943 } else {
944 valid = false; // Duplicate interface.
945 }
946 } else if (cooked[i].equals("via")) {
947 if (via == null) {
948 via = cooked[i+1];
949 } else {
950 valid = false; // Duplicate gateway.
951 }
952 } else {
953 valid = false; // Unknown syntax.
954 }
955 }
956 if (valid) {
957 try {
958 // InetAddress.parseNumericAddress(null) inexplicably returns ::1.
959 InetAddress gateway = null;
960 if (via != null) gateway = InetAddress.parseNumericAddress(via);
961 RouteInfo route = new RouteInfo(new IpPrefix(cooked[3]), gateway, dev);
962 notifyRouteChange(cooked[2], route);
963 return true;
964 } catch (IllegalArgumentException e) {}
965 }
966 throw new IllegalStateException(errorMessage);
967 // break;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]968 case NetdResponseCode.StrictCleartext:
969 final int uid = Integer.parseInt(cooked[1]);
970 final byte[] firstPacket = HexDump.hexStringToByteArray(cooked[2]);
971 try {
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]972 ActivityManager.getService().notifyCleartextNetwork(uid, firstPacket);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]973 } catch (RemoteException ignored) {
974 }
975 break;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]976 default: break;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]977 }
978 return false;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]979 }
980 }
981
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]982
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]983 //
984 // INetworkManagementService members
985 //
Erik Kline4e37b702016-07-05 11:34:21 +0900[diff] [blame]986 @Override
987 public INetd getNetdService() throws RemoteException {
988 final CountDownLatch connectedSignal = mConnectedSignal;
989 if (connectedSignal != null) {
990 try {
991 connectedSignal.await();
992 } catch (InterruptedException ignored) {}
993 }
994
995 return mNetdService;
996 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]997
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]998 @Override
999 public String[] listInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1000 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1001 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1002 return NativeDaemonEvent.filterMessageList(
1003 mConnector.executeForList("interface", "list"), InterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1004 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1005 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1006 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1007 }
1008
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1009 @Override
1010 public InterfaceConfiguration getInterfaceConfig(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1011 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1012
1013 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1014 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1015 event = mConnector.execute("interface", "getcfg", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1016 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1017 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1018 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1019
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1020 event.checkCode(InterfaceGetCfgResult);
1021
1022 // Rsp: 213 xx:xx:xx:xx:xx:xx yyy.yyy.yyy.yyy zzz flag1 flag2 flag3
1023 final StringTokenizer st = new StringTokenizer(event.getMessage());
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1024
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1025 InterfaceConfiguration cfg;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1026 try {
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1027 cfg = new InterfaceConfiguration();
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1028 cfg.setHardwareAddress(st.nextToken(" "));
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1029 InetAddress addr = null;
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1030 int prefixLength = 0;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1031 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1032 addr = NetworkUtils.numericToInetAddress(st.nextToken());
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1033 } catch (IllegalArgumentException iae) {
1034 Slog.e(TAG, "Failed to parse ipaddr", iae);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1035 }
1036
1037 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1038 prefixLength = Integer.parseInt(st.nextToken());
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1039 } catch (NumberFormatException nfe) {
1040 Slog.e(TAG, "Failed to parse prefixLength", nfe);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1041 }
Robert Greenwalt04808c22010-12-13 17:01:41 -0800[diff] [blame]1042
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1043 cfg.setLinkAddress(new LinkAddress(addr, prefixLength));
1044 while (st.hasMoreTokens()) {
1045 cfg.setFlag(st.nextToken());
1046 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1047 } catch (NoSuchElementException nsee) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1048 throw new IllegalStateException("Invalid response from daemon: " + event);
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1049 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1050 return cfg;
1051 }
1052
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1053 @Override
1054 public void setInterfaceConfig(String iface, InterfaceConfiguration cfg) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1055 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1056 LinkAddress linkAddr = cfg.getLinkAddress();
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1057 if (linkAddr == null || linkAddr.getAddress() == null) {
1058 throw new IllegalStateException("Null LinkAddress given");
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1059 }
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1060
1061 final Command cmd = new Command("interface", "setcfg", iface,
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1062 linkAddr.getAddress().getHostAddress(),
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]1063 linkAddr.getPrefixLength());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1064 for (String flag : cfg.getFlags()) {
1065 cmd.appendArg(flag);
1066 }
1067
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1068 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1069 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1070 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1071 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1072 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1073 }
1074
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1075 @Override
1076 public void setInterfaceDown(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1077 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1078 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1079 ifcg.setInterfaceDown();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1080 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1081 }
1082
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1083 @Override
1084 public void setInterfaceUp(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1085 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1086 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1087 ifcg.setInterfaceUp();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1088 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1089 }
1090
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1091 @Override
1092 public void setInterfaceIpv6PrivacyExtensions(String iface, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1093 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1094 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1095 mConnector.execute(
1096 "interface", "ipv6privacyextensions", iface, enable ? "enable" : "disable");
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1097 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1098 throw e.rethrowAsParcelableException();
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1099 }
1100 }
1101
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1102 /* TODO: This is right now a IPv4 only function. Works for wifi which loses its
1103 IPv6 addresses on interface down, but we need to do full clean up here */
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1104 @Override
1105 public void clearInterfaceAddresses(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1106 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1107 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1108 mConnector.execute("interface", "clearaddrs", iface);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1109 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1110 throw e.rethrowAsParcelableException();
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1111 }
1112 }
1113
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1114 @Override
1115 public void enableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1116 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1117 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1118 mConnector.execute("interface", "ipv6", iface, "enable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1119 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1120 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1121 }
1122 }
1123
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1124 @Override
Joel Scherpelz2db10742017-06-07 15:38:38 +0900[diff] [blame]1125 public void setIPv6AddrGenMode(String iface, int mode) throws ServiceSpecificException {
1126 try {
1127 mNetdService.setIPv6AddrGenMode(iface, mode);
1128 } catch (RemoteException e) {
1129 throw e.rethrowAsRuntimeException();
1130 }
1131 }
1132
1133 @Override
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1134 public void disableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1135 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1136 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1137 mConnector.execute("interface", "ipv6", iface, "disable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1138 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1139 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1140 }
1141 }
1142
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1143 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1144 public void addRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1145 modifyRoute("add", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1146 }
1147
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1148 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1149 public void removeRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1150 modifyRoute("remove", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1151 }
1152
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1153 private void modifyRoute(String action, String netId, RouteInfo route) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1154 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1155
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1156 final Command cmd = new Command("network", "route", action, netId);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1157
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1158 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1159 cmd.appendArg(route.getInterface());
Lorenzo Colitti4b0f8e62014-09-19 01:49:05 +0900[diff] [blame]1160 cmd.appendArg(route.getDestination().toString());
1161
1162 switch (route.getType()) {
1163 case RouteInfo.RTN_UNICAST:
1164 if (route.hasGateway()) {
1165 cmd.appendArg(route.getGateway().getHostAddress());
1166 }
1167 break;
1168 case RouteInfo.RTN_UNREACHABLE:
1169 cmd.appendArg("unreachable");
1170 break;
1171 case RouteInfo.RTN_THROW:
1172 cmd.appendArg("throw");
1173 break;
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]1174 }
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1175
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1176 try {
1177 mConnector.execute(cmd);
1178 } catch (NativeDaemonConnectorException e) {
1179 throw e.rethrowAsParcelableException();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1180 }
1181 }
1182
1183 private ArrayList<String> readRouteList(String filename) {
1184 FileInputStream fstream = null;
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1185 ArrayList<String> list = new ArrayList<>();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1186
1187 try {
1188 fstream = new FileInputStream(filename);
1189 DataInputStream in = new DataInputStream(fstream);
1190 BufferedReader br = new BufferedReader(new InputStreamReader(in));
1191 String s;
1192
1193 // throw away the title line
1194
1195 while (((s = br.readLine()) != null) && (s.length() != 0)) {
1196 list.add(s);
1197 }
1198 } catch (IOException ex) {
1199 // return current list, possibly empty
1200 } finally {
1201 if (fstream != null) {
1202 try {
1203 fstream.close();
1204 } catch (IOException ex) {}
1205 }
1206 }
1207
1208 return list;
1209 }
1210
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1211 @Override
sy.yun9d9b74a2013-09-02 05:24:09 +0900[diff] [blame]1212 public void setMtu(String iface, int mtu) {
1213 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1214
1215 final NativeDaemonEvent event;
1216 try {
1217 event = mConnector.execute("interface", "setmtu", iface, mtu);
1218 } catch (NativeDaemonConnectorException e) {
1219 throw e.rethrowAsParcelableException();
1220 }
1221 }
1222
1223 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1224 public void shutdown() {
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1225 // TODO: remove from aidl if nobody calls externally
1226 mContext.enforceCallingOrSelfPermission(SHUTDOWN, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1227
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]1228 Slog.i(TAG, "Shutting down");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1229 }
1230
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1231 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1232 public boolean getIpForwardingEnabled() throws IllegalStateException{
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1233 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1234
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1235 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1236 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1237 event = mConnector.execute("ipfwd", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1238 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1239 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1240 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1241
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1242 // 211 Forwarding enabled
1243 event.checkCode(IpFwdStatusResult);
1244 return event.getMessage().endsWith("enabled");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1245 }
1246
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1247 @Override
1248 public void setIpForwardingEnabled(boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1249 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1250 try {
Nilesh Poddarf3d4a582015-02-24 12:11:11 -0800[diff] [blame]1251 mConnector.execute("ipfwd", enable ? "enable" : "disable", "tethering");
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1252 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1253 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1254 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1255 }
1256
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1257 @Override
1258 public void startTethering(String[] dhcpRange) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1259 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1260 // cmd is "tether start first_start first_stop second_start second_stop ..."
1261 // an odd number of addrs will fail
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1262
1263 final Command cmd = new Command("tether", "start");
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1264 for (String d : dhcpRange) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1265 cmd.appendArg(d);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1266 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1267
1268 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1269 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1270 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1271 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1272 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1273 }
1274
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1275 @Override
1276 public void stopTethering() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1277 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1278 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1279 mConnector.execute("tether", "stop");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1280 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1281 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1282 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1283 }
1284
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1285 @Override
1286 public boolean isTetheringStarted() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1287 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1288
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1289 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1290 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1291 event = mConnector.execute("tether", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1292 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1293 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1294 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1295
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1296 // 210 Tethering services started
1297 event.checkCode(TetherStatusResult);
1298 return event.getMessage().endsWith("started");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1299 }
Matthew Xiefe19f122012-07-12 16:03:32 -0700[diff] [blame]1300
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1301 @Override
1302 public void tetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1303 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1304 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1305 mConnector.execute("tether", "interface", "add", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1306 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1307 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1308 }
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1309 List<RouteInfo> routes = new ArrayList<>();
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1310 // The RouteInfo constructor truncates the LinkAddress to a network prefix, thus making it
1311 // suitable to use as a route destination.
1312 routes.add(new RouteInfo(getInterfaceConfig(iface).getLinkAddress(), null, iface));
1313 addInterfaceToLocalNetwork(iface, routes);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1314 }
1315
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1316 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1317 public void untetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1318 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1319 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1320 mConnector.execute("tether", "interface", "remove", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1321 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1322 throw e.rethrowAsParcelableException();
Erik Kline1f4278a2016-08-16 16:46:33 +0900[diff] [blame]1323 } finally {
1324 removeInterfaceFromLocalNetwork(iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1325 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1326 }
1327
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1328 @Override
1329 public String[] listTetheredInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1330 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1331 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1332 return NativeDaemonEvent.filterMessageList(
1333 mConnector.executeForList("tether", "interface", "list"),
1334 TetherInterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1335 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1336 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1337 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1338 }
1339
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1340 @Override
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1341 public void setDnsForwarders(Network network, String[] dns) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1342 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1343
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1344 int netId = (network != null) ? network.netId : ConnectivityManager.NETID_UNSET;
1345 final Command cmd = new Command("tether", "dns", "set", netId);
1346
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1347 for (String s : dns) {
1348 cmd.appendArg(NetworkUtils.numericToInetAddress(s).getHostAddress());
1349 }
1350
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1351 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1352 mConnector.execute(cmd);
1353 } catch (NativeDaemonConnectorException e) {
1354 throw e.rethrowAsParcelableException();
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1355 }
1356 }
1357
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1358 @Override
1359 public String[] getDnsForwarders() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1360 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1361 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1362 return NativeDaemonEvent.filterMessageList(
1363 mConnector.executeForList("tether", "dns", "list"), TetherDnsFwdTgtListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1364 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1365 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1366 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1367 }
1368
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1369 private List<InterfaceAddress> excludeLinkLocal(List<InterfaceAddress> addresses) {
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1370 ArrayList<InterfaceAddress> filtered = new ArrayList<>(addresses.size());
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1371 for (InterfaceAddress ia : addresses) {
1372 if (!ia.getAddress().isLinkLocalAddress())
1373 filtered.add(ia);
1374 }
1375 return filtered;
1376 }
1377
Lorenzo Colitti35e36db2015-02-26 01:25:36 +0900[diff] [blame]1378 private void modifyInterfaceForward(boolean add, String fromIface, String toIface) {
1379 final Command cmd = new Command("ipfwd", add ? "add" : "remove", fromIface, toIface);
1380 try {
1381 mConnector.execute(cmd);
1382 } catch (NativeDaemonConnectorException e) {
1383 throw e.rethrowAsParcelableException();
1384 }
1385 }
1386
1387 @Override
1388 public void startInterfaceForwarding(String fromIface, String toIface) {
1389 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1390 modifyInterfaceForward(true, fromIface, toIface);
1391 }
1392
1393 @Override
1394 public void stopInterfaceForwarding(String fromIface, String toIface) {
1395 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1396 modifyInterfaceForward(false, fromIface, toIface);
1397 }
1398
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1399 private void modifyNat(String action, String internalInterface, String externalInterface)
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1400 throws SocketException {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1401 final Command cmd = new Command("nat", action, internalInterface, externalInterface);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1402
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1403 final NetworkInterface internalNetworkInterface = NetworkInterface.getByName(
1404 internalInterface);
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1405 if (internalNetworkInterface == null) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1406 cmd.appendArg("0");
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1407 } else {
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1408 // Don't touch link-local routes, as link-local addresses aren't routable,
1409 // kernel creates link-local routes on all interfaces automatically
1410 List<InterfaceAddress> interfaceAddresses = excludeLinkLocal(
1411 internalNetworkInterface.getInterfaceAddresses());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1412 cmd.appendArg(interfaceAddresses.size());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1413 for (InterfaceAddress ia : interfaceAddresses) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1414 InetAddress addr = NetworkUtils.getNetworkPart(
1415 ia.getAddress(), ia.getNetworkPrefixLength());
1416 cmd.appendArg(addr.getHostAddress() + "/" + ia.getNetworkPrefixLength());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1417 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1418 }
1419
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1420 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1421 mConnector.execute(cmd);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1422 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1423 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1424 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1425 }
1426
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1427 @Override
1428 public void enableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1429 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1430 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1431 modifyNat("enable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1432 } catch (SocketException e) {
1433 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1434 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1435 }
1436
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1437 @Override
1438 public void disableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1439 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1440 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1441 modifyNat("disable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1442 } catch (SocketException e) {
1443 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1444 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1445 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1446
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1447 @Override
1448 public String[] listTtys() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1449 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1450 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1451 return NativeDaemonEvent.filterMessageList(
1452 mConnector.executeForList("list_ttys"), TtyListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1453 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1454 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1455 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1456 }
1457
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1458 @Override
1459 public void attachPppd(
1460 String tty, String localAddr, String remoteAddr, String dns1Addr, String dns2Addr) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1461 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1462 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1463 mConnector.execute("pppd", "attach", tty,
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1464 NetworkUtils.numericToInetAddress(localAddr).getHostAddress(),
1465 NetworkUtils.numericToInetAddress(remoteAddr).getHostAddress(),
1466 NetworkUtils.numericToInetAddress(dns1Addr).getHostAddress(),
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1467 NetworkUtils.numericToInetAddress(dns2Addr).getHostAddress());
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1468 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1469 throw e.rethrowAsParcelableException();
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1470 }
1471 }
1472
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1473 @Override
1474 public void detachPppd(String tty) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1475 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1476 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1477 mConnector.execute("pppd", "detach", tty);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1478 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1479 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1480 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1481 }
Robert Greenwaltce1200d2010-02-18 11:25:54 -0800[diff] [blame]1482
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1483 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1484 public void addIdleTimer(String iface, int timeout, final int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1485 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1486
1487 if (DBG) Slog.d(TAG, "Adding idletimer");
1488
1489 synchronized (mIdleTimerLock) {
1490 IdleTimerParams params = mActiveIdleTimers.get(iface);
1491 if (params != null) {
1492 // the interface already has idletimer, update network count
1493 params.networkCount++;
1494 return;
1495 }
1496
1497 try {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1498 mConnector.execute("idletimer", "add", iface, Integer.toString(timeout),
1499 Integer.toString(type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1500 } catch (NativeDaemonConnectorException e) {
1501 throw e.rethrowAsParcelableException();
1502 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1503 mActiveIdleTimers.put(iface, new IdleTimerParams(timeout, type));
1504
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]1505 // Networks start up.
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1506 if (ConnectivityManager.isNetworkTypeMobile(type)) {
1507 mNetworkActive = false;
1508 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1509 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1510 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1511 notifyInterfaceClassActivity(type,
1512 DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1513 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1514 }
1515 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1516 }
1517 }
1518
1519 @Override
1520 public void removeIdleTimer(String iface) {
1521 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1522
1523 if (DBG) Slog.d(TAG, "Removing idletimer");
1524
1525 synchronized (mIdleTimerLock) {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1526 final IdleTimerParams params = mActiveIdleTimers.get(iface);
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1527 if (params == null || --(params.networkCount) > 0) {
1528 return;
1529 }
1530
1531 try {
1532 mConnector.execute("idletimer", "remove", iface,
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1533 Integer.toString(params.timeout), Integer.toString(params.type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1534 } catch (NativeDaemonConnectorException e) {
1535 throw e.rethrowAsParcelableException();
1536 }
1537 mActiveIdleTimers.remove(iface);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1538 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1539 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1540 notifyInterfaceClassActivity(params.type,
1541 DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1542 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1543 }
1544 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1545 }
1546 }
1547
1548 @Override
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1549 public NetworkStats getNetworkStatsSummaryDev() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1550 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1551 try {
1552 return mStatsFactory.readNetworkStatsSummaryDev();
1553 } catch (IOException e) {
1554 throw new IllegalStateException(e);
1555 }
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1556 }
1557
1558 @Override
1559 public NetworkStats getNetworkStatsSummaryXt() {
1560 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1561 try {
1562 return mStatsFactory.readNetworkStatsSummaryXt();
1563 } catch (IOException e) {
1564 throw new IllegalStateException(e);
1565 }
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]1566 }
1567
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1568 @Override
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]1569 public NetworkStats getNetworkStatsDetail() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1570 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1571 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1572 return mStatsFactory.readNetworkStatsDetail(UID_ALL, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1573 } catch (IOException e) {
1574 throw new IllegalStateException(e);
1575 }
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]1576 }
1577
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1578 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1579 public void setInterfaceQuota(String iface, long quotaBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1580 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1581
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1582 // silently discard when control disabled
1583 // TODO: eventually migrate to be always enabled
1584 if (!mBandwidthControlEnabled) return;
1585
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1586 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1587 if (mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1588 throw new IllegalStateException("iface " + iface + " already has quota");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1589 }
1590
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1591 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1592 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1593 mConnector.execute("bandwidth", "setiquota", iface, quotaBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1594 mActiveQuotas.put(iface, quotaBytes);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1595 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1596 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1597 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1598
1599 synchronized (mTetheringStatsProviders) {
1600 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1601 try {
1602 provider.setInterfaceQuota(iface, quotaBytes);
1603 } catch (RemoteException e) {
1604 Log.e(TAG, "Problem setting tethering data limit on provider " +
1605 mTetheringStatsProviders.get(provider) + ": " + e);
1606 }
1607 }
1608 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1609 }
1610 }
1611
1612 @Override
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1613 public void removeInterfaceQuota(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1614 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1615
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1616 // silently discard when control disabled
1617 // TODO: eventually migrate to be always enabled
1618 if (!mBandwidthControlEnabled) return;
1619
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1620 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1621 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1622 // TODO: eventually consider throwing
1623 return;
1624 }
1625
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1626 mActiveQuotas.remove(iface);
1627 mActiveAlerts.remove(iface);
Jeff Sharkey38ddeaa2011-11-08 13:04:22 -0800[diff] [blame]1628
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1629 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1630 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1631 mConnector.execute("bandwidth", "removeiquota", iface);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1632 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1633 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1634 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1635
1636 synchronized (mTetheringStatsProviders) {
1637 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1638 try {
1639 provider.setInterfaceQuota(iface, ITetheringStatsProvider.QUOTA_UNLIMITED);
1640 } catch (RemoteException e) {
1641 Log.e(TAG, "Problem removing tethering data limit on provider " +
1642 mTetheringStatsProviders.get(provider) + ": " + e);
1643 }
1644 }
1645 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1646 }
1647 }
1648
1649 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1650 public void setInterfaceAlert(String iface, long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1651 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1652
1653 // silently discard when control disabled
1654 // TODO: eventually migrate to be always enabled
1655 if (!mBandwidthControlEnabled) return;
1656
1657 // quick sanity check
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1658 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1659 throw new IllegalStateException("setting alert requires existing quota on iface");
1660 }
1661
1662 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1663 if (mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1664 throw new IllegalStateException("iface " + iface + " already has alert");
1665 }
1666
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1667 try {
1668 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1669 mConnector.execute("bandwidth", "setinterfacealert", iface, alertBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1670 mActiveAlerts.put(iface, alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1671 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1672 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1673 }
1674 }
1675 }
1676
1677 @Override
1678 public void removeInterfaceAlert(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1679 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1680
1681 // silently discard when control disabled
1682 // TODO: eventually migrate to be always enabled
1683 if (!mBandwidthControlEnabled) return;
1684
1685 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1686 if (!mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1687 // TODO: eventually consider throwing
1688 return;
1689 }
1690
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1691 try {
1692 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1693 mConnector.execute("bandwidth", "removeinterfacealert", iface);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1694 mActiveAlerts.remove(iface);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1695 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1696 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1697 }
1698 }
1699 }
1700
1701 @Override
1702 public void setGlobalAlert(long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1703 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1704
1705 // silently discard when control disabled
1706 // TODO: eventually migrate to be always enabled
1707 if (!mBandwidthControlEnabled) return;
1708
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1709 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1710 mConnector.execute("bandwidth", "setglobalalert", alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1711 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1712 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1713 }
1714 }
1715
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1716 private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1717 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1718
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1719 // silently discard when control disabled
1720 // TODO: eventually migrate to be always enabled
1721 if (!mBandwidthControlEnabled) return;
1722
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1723 final String chain = blacklist ? "naughtyapps" : "niceapps";
1724 final String suffix = enable ? "add" : "remove";
1725
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1726 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1727 boolean oldEnable;
1728 SparseBooleanArray quotaList;
1729 synchronized (mRulesLock) {
1730 quotaList = blacklist ? mUidRejectOnMetered : mUidAllowOnMetered;
1731 oldEnable = quotaList.get(uid, false);
1732 }
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1733 if (oldEnable == enable) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1734 // TODO: eventually consider throwing
1735 return;
1736 }
1737
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1738 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "inetd bandwidth");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1739 try {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1740 mConnector.execute("bandwidth", suffix + chain, uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1741 synchronized (mRulesLock) {
1742 if (enable) {
1743 quotaList.put(uid, true);
1744 } else {
1745 quotaList.delete(uid);
1746 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1747 }
1748 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1749 throw e.rethrowAsParcelableException();
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1750 } finally {
1751 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1752 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1753 }
1754 }
1755
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1756 @Override
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1757 public void setUidMeteredNetworkBlacklist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1758 setUidOnMeteredNetworkList(uid, true, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1759 }
1760
1761 @Override
1762 public void setUidMeteredNetworkWhitelist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1763 setUidOnMeteredNetworkList(uid, false, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1764 }
1765
1766 @Override
1767 public boolean setDataSaverModeEnabled(boolean enable) {
Sehee Parka9139bc2017-12-22 13:54:05 +0900[diff] [blame]1768 mContext.enforceCallingOrSelfPermission(NETWORK_SETTINGS, TAG);
1769
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1770 if (DBG) Log.d(TAG, "setDataSaverMode: " + enable);
1771 synchronized (mQuotaLock) {
1772 if (mDataSaverMode == enable) {
1773 Log.w(TAG, "setDataSaverMode(): already " + mDataSaverMode);
1774 return true;
1775 }
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1776 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "bandwidthEnableDataSaver");
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1777 try {
1778 final boolean changed = mNetdService.bandwidthEnableDataSaver(enable);
1779 if (changed) {
1780 mDataSaverMode = enable;
1781 } else {
1782 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command silently failed");
1783 }
1784 return changed;
1785 } catch (RemoteException e) {
1786 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command failed", e);
1787 return false;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1788 } finally {
1789 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1790 }
1791 }
1792 }
1793
1794 @Override
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1795 public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges)
1796 throws ServiceSpecificException {
Rubin Xube806662018-01-11 10:59:19 +0000[diff] [blame]1797 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
1798
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1799 try {
1800 mNetdService.networkRejectNonSecureVpn(add, uidRanges);
1801 } catch (ServiceSpecificException e) {
1802 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1803 + ": netd command failed", e);
1804 throw e;
1805 } catch (RemoteException e) {
1806 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1807 + ": netd command failed", e);
1808 throw e.rethrowAsRuntimeException();
1809 }
1810 }
1811
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1812 private void applyUidCleartextNetworkPolicy(int uid, int policy) {
1813 final String policyString;
1814 switch (policy) {
1815 case StrictMode.NETWORK_POLICY_ACCEPT:
1816 policyString = "accept";
1817 break;
1818 case StrictMode.NETWORK_POLICY_LOG:
1819 policyString = "log";
1820 break;
1821 case StrictMode.NETWORK_POLICY_REJECT:
1822 policyString = "reject";
1823 break;
1824 default:
1825 throw new IllegalArgumentException("Unknown policy " + policy);
1826 }
1827
1828 try {
1829 mConnector.execute("strict", "set_uid_cleartext_policy", uid, policyString);
1830 mUidCleartextPolicy.put(uid, policy);
1831 } catch (NativeDaemonConnectorException e) {
1832 throw e.rethrowAsParcelableException();
1833 }
1834 }
1835
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1836 @Override
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1837 public void setUidCleartextNetworkPolicy(int uid, int policy) {
1838 if (Binder.getCallingUid() != uid) {
1839 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1840 }
1841
1842 synchronized (mQuotaLock) {
1843 final int oldPolicy = mUidCleartextPolicy.get(uid, StrictMode.NETWORK_POLICY_ACCEPT);
1844 if (oldPolicy == policy) {
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1845 // This also ensures we won't needlessly apply an ACCEPT policy if we've just
1846 // enabled strict and the underlying iptables rules are empty.
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1847 return;
1848 }
1849
1850 if (!mStrictEnabled) {
1851 // Module isn't enabled yet; stash the requested policy away to
1852 // apply later once the daemon is connected.
1853 mUidCleartextPolicy.put(uid, policy);
1854 return;
1855 }
1856
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1857 // netd does not keep state on strict mode policies, and cannot replace a non-accept
1858 // policy without deleting it first. Rather than add state to netd, just always send
1859 // it an accept policy when switching between two non-accept policies.
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1860 // TODO: consider keeping state in netd so we can simplify this code.
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1861 if (oldPolicy != StrictMode.NETWORK_POLICY_ACCEPT &&
1862 policy != StrictMode.NETWORK_POLICY_ACCEPT) {
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1863 applyUidCleartextNetworkPolicy(uid, StrictMode.NETWORK_POLICY_ACCEPT);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1864 }
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1865
1866 applyUidCleartextNetworkPolicy(uid, policy);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1867 }
1868 }
1869
1870 @Override
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1871 public boolean isBandwidthControlEnabled() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1872 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1873 return mBandwidthControlEnabled;
1874 }
1875
1876 @Override
Remi NGUYEN VAN088ff682018-03-06 12:36:54 +0900[diff] [blame]1877 public NetworkStats getNetworkStatsUidDetail(int uid, String[] ifaces) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1878 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1879 try {
Remi NGUYEN VAN088ff682018-03-06 12:36:54 +0900[diff] [blame]1880 return mStatsFactory.readNetworkStatsDetail(uid, ifaces, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1881 } catch (IOException e) {
1882 throw new IllegalStateException(e);
1883 }
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1884 }
1885
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1886 private class NetdTetheringStatsProvider extends ITetheringStatsProvider.Stub {
1887 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1888 public NetworkStats getTetherStats(int how) {
1889 // We only need to return per-UID stats. Per-device stats are already counted by
1890 // interface counters.
1891 if (how != STATS_PER_UID) {
1892 return new NetworkStats(SystemClock.elapsedRealtime(), 0);
1893 }
1894
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1895 final PersistableBundle bundle;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1896 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1897 bundle = mNetdService.tetherGetStats();
1898 } catch (RemoteException | ServiceSpecificException e) {
1899 throw new IllegalStateException("problem parsing tethering stats: ", e);
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1900 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1901
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1902 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(),
1903 bundle.size());
1904 final NetworkStats.Entry entry = new NetworkStats.Entry();
1905
1906 for (String iface : bundle.keySet()) {
1907 long[] statsArray = bundle.getLongArray(iface);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1908 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1909 entry.iface = iface;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1910 entry.uid = UID_TETHERING;
1911 entry.set = SET_DEFAULT;
1912 entry.tag = TAG_NONE;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1913 entry.rxBytes = statsArray[INetd.TETHER_STATS_RX_BYTES];
1914 entry.rxPackets = statsArray[INetd.TETHER_STATS_RX_PACKETS];
1915 entry.txBytes = statsArray[INetd.TETHER_STATS_TX_BYTES];
1916 entry.txPackets = statsArray[INetd.TETHER_STATS_TX_PACKETS];
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1917 stats.combineValues(entry);
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1918 } catch (ArrayIndexOutOfBoundsException e) {
1919 throw new IllegalStateException("invalid tethering stats for " + iface, e);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1920 }
1921 }
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1922
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1923 return stats;
1924 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1925
1926 @Override
1927 public void setInterfaceQuota(String iface, long quotaBytes) {
1928 // Do nothing. netd is already informed of quota changes in setInterfaceQuota.
1929 }
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1930 }
1931
1932 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1933 public NetworkStats getNetworkStatsTethering(int how) {
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1934 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1935
1936 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1);
1937 synchronized (mTetheringStatsProviders) {
1938 for (ITetheringStatsProvider provider: mTetheringStatsProviders.keySet()) {
1939 try {
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1940 stats.combineAllValues(provider.getTetherStats(how));
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1941 } catch (RemoteException e) {
1942 Log.e(TAG, "Problem reading tethering stats from " +
1943 mTetheringStatsProviders.get(provider) + ": " + e);
1944 }
1945 }
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1946 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1947 return stats;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1948 }
1949
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1950 @Override
Erik Kline1742fe12017-12-13 19:40:49 +0900[diff] [blame]1951 public void setDnsConfigurationForNetwork(int netId, String[] servers, String[] domains,
Erik Klinee5dac902018-03-04 21:01:01 +0900[diff] [blame]1952 int[] params, String tlsHostname, String[] tlsServers) {
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1953 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1954
Ben Schwartz6ec28df2017-10-02 13:08:06 -0400[diff] [blame]1955 final String[] tlsFingerprints = new String[0];
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1956 try {
Erik Kline1742fe12017-12-13 19:40:49 +0900[diff] [blame]1957 mNetdService.setResolverConfiguration(
Erik Klinee5dac902018-03-04 21:01:01 +0900[diff] [blame]1958 netId, servers, domains, params, tlsHostname, tlsServers, tlsFingerprints);
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1959 } catch (RemoteException e) {
1960 throw new RuntimeException(e);
1961 }
1962 }
1963
1964 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1965 public void addVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1966 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1967 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1968 argv[0] = "users";
1969 argv[1] = "add";
1970 argv[2] = netId;
1971 int argc = 3;
1972 // Avoid overly long commands by limiting number of UID ranges per command.
1973 for (int i = 0; i < ranges.length; i++) {
1974 argv[argc++] = ranges[i].toString();
1975 if (i == (ranges.length - 1) || argc == argv.length) {
1976 try {
1977 mConnector.execute("network", Arrays.copyOf(argv, argc));
1978 } catch (NativeDaemonConnectorException e) {
1979 throw e.rethrowAsParcelableException();
1980 }
1981 argc = 3;
1982 }
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1983 }
1984 }
1985
1986 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1987 public void removeVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1988 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1989 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1990 argv[0] = "users";
1991 argv[1] = "remove";
1992 argv[2] = netId;
1993 int argc = 3;
1994 // Avoid overly long commands by limiting number of UID ranges per command.
1995 for (int i = 0; i < ranges.length; i++) {
1996 argv[argc++] = ranges[i].toString();
1997 if (i == (ranges.length - 1) || argc == argv.length) {
1998 try {
1999 mConnector.execute("network", Arrays.copyOf(argv, argc));
2000 } catch (NativeDaemonConnectorException e) {
2001 throw e.rethrowAsParcelableException();
2002 }
2003 argc = 3;
2004 }
Chad Brubakercca54c42013-06-27 17:41:38 -0700[diff] [blame]2005 }
2006 }
2007
2008 @Override
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2009 public void setFirewallEnabled(boolean enabled) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2010 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2011 try {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2012 mConnector.execute("firewall", "enable", enabled ? "whitelist" : "blacklist");
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2013 mFirewallEnabled = enabled;
2014 } catch (NativeDaemonConnectorException e) {
2015 throw e.rethrowAsParcelableException();
2016 }
2017 }
2018
2019 @Override
2020 public boolean isFirewallEnabled() {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2021 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2022 return mFirewallEnabled;
2023 }
2024
2025 @Override
Jeff Sharkey2c092982012-08-24 11:44:40 -0700[diff] [blame]2026 public void setFirewallInterfaceRule(String iface, boolean allow) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2027 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2028 Preconditions.checkState(mFirewallEnabled);
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2029 final String rule = allow ? "allow" : "deny";
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2030 try {
2031 mConnector.execute("firewall", "set_interface_rule", iface, rule);
2032 } catch (NativeDaemonConnectorException e) {
2033 throw e.rethrowAsParcelableException();
2034 }
2035 }
2036
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2037 private void closeSocketsForFirewallChainLocked(int chain, String chainName) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2038 // UID ranges to close sockets on.
2039 UidRange[] ranges;
2040 // UID ranges whose sockets we won't touch.
2041 int[] exemptUids;
2042
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2043 int numUids = 0;
2044
2045 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2046 // Close all sockets on all non-system UIDs...
2047 ranges = new UidRange[] {
2048 // TODO: is there a better way of finding all existing users? If so, we could
2049 // specify their ranges here.
2050 new UidRange(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE),
2051 };
2052 // ... except for the UIDs that have allow rules.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2053 synchronized (mRulesLock) {
2054 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2055 exemptUids = new int[rules.size()];
2056 for (int i = 0; i < exemptUids.length; i++) {
2057 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2058 exemptUids[numUids] = rules.keyAt(i);
2059 numUids++;
2060 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2061 }
2062 }
2063 // Normally, whitelist chains only contain deny rules, so numUids == exemptUids.length.
2064 // But the code does not guarantee this in any way, and at least in one case - if we add
2065 // a UID rule to the firewall, and then disable the firewall - the chains can contain
2066 // the wrong type of rule. In this case, don't close connections that we shouldn't.
2067 //
2068 // TODO: tighten up this code by ensuring we never set the wrong type of rule, and
2069 // fix setFirewallEnabled to grab mQuotaLock and clear rules.
2070 if (numUids != exemptUids.length) {
2071 exemptUids = Arrays.copyOf(exemptUids, numUids);
2072 }
2073 } else {
2074 // Close sockets for every UID that has a deny rule...
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2075 synchronized (mRulesLock) {
2076 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2077 ranges = new UidRange[rules.size()];
2078 for (int i = 0; i < ranges.length; i++) {
2079 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2080 int uid = rules.keyAt(i);
2081 ranges[numUids] = new UidRange(uid, uid);
2082 numUids++;
2083 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2084 }
2085 }
2086 // As above; usually numUids == ranges.length, but not always.
2087 if (numUids != ranges.length) {
2088 ranges = Arrays.copyOf(ranges, numUids);
2089 }
2090 // ... with no exceptions.
2091 exemptUids = new int[0];
2092 }
2093
2094 try {
2095 mNetdService.socketDestroy(ranges, exemptUids);
2096 } catch(RemoteException | ServiceSpecificException e) {
2097 Slog.e(TAG, "Error closing sockets after enabling chain " + chainName + ": " + e);
2098 }
2099 }
2100
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2101 @Override
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2102 public void setFirewallChainEnabled(int chain, boolean enable) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2103 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2104 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2105 synchronized (mRulesLock) {
2106 if (getFirewallChainState(chain) == enable) {
2107 // All is the same, nothing to do. This relies on the fact that netd has child
2108 // chains default detached.
2109 return;
2110 }
2111 setFirewallChainState(chain, enable);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2112 }
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2113
2114 final String operation = enable ? "enable_chain" : "disable_chain";
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2115 final String chainName;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2116 switch(chain) {
2117 case FIREWALL_CHAIN_STANDBY:
2118 chainName = FIREWALL_CHAIN_NAME_STANDBY;
2119 break;
2120 case FIREWALL_CHAIN_DOZABLE:
2121 chainName = FIREWALL_CHAIN_NAME_DOZABLE;
2122 break;
2123 case FIREWALL_CHAIN_POWERSAVE:
2124 chainName = FIREWALL_CHAIN_NAME_POWERSAVE;
2125 break;
2126 default:
2127 throw new IllegalArgumentException("Bad child chain: " + chain);
2128 }
2129
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2130 try {
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2131 mConnector.execute("firewall", operation, chainName);
2132 } catch (NativeDaemonConnectorException e) {
2133 throw e.rethrowAsParcelableException();
2134 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2135
2136 // Close any sockets that were opened by the affected UIDs. This has to be done after
2137 // disabling network connectivity, in case they react to the socket close by reopening
2138 // the connection and race with the iptables commands that enable the firewall. All
2139 // whitelist and blacklist chains allow RSTs through.
2140 if (enable) {
2141 if (DBG) Slog.d(TAG, "Closing sockets after enabling chain " + chainName);
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2142 closeSocketsForFirewallChainLocked(chain, chainName);
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2143 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2144 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2145 }
2146
2147 private int getFirewallType(int chain) {
2148 switch (chain) {
2149 case FIREWALL_CHAIN_STANDBY:
2150 return FIREWALL_TYPE_BLACKLIST;
2151 case FIREWALL_CHAIN_DOZABLE:
2152 return FIREWALL_TYPE_WHITELIST;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2153 case FIREWALL_CHAIN_POWERSAVE:
2154 return FIREWALL_TYPE_WHITELIST;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2155 default:
2156 return isFirewallEnabled() ? FIREWALL_TYPE_WHITELIST : FIREWALL_TYPE_BLACKLIST;
2157 }
2158 }
2159
2160 @Override
2161 public void setFirewallUidRules(int chain, int[] uids, int[] rules) {
2162 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2163 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2164 synchronized (mRulesLock) {
2165 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
2166 SparseIntArray newRules = new SparseIntArray();
2167 // apply new set of rules
2168 for (int index = uids.length - 1; index >= 0; --index) {
2169 int uid = uids[index];
2170 int rule = rules[index];
2171 updateFirewallUidRuleLocked(chain, uid, rule);
2172 newRules.put(uid, rule);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2173 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2174 // collect the rules to remove.
2175 SparseIntArray rulesToRemove = new SparseIntArray();
2176 for (int index = uidFirewallRules.size() - 1; index >= 0; --index) {
2177 int uid = uidFirewallRules.keyAt(index);
2178 if (newRules.indexOfKey(uid) < 0) {
2179 rulesToRemove.put(uid, FIREWALL_RULE_DEFAULT);
2180 }
2181 }
2182 // remove dead rules
2183 for (int index = rulesToRemove.size() - 1; index >= 0; --index) {
2184 int uid = rulesToRemove.keyAt(index);
2185 updateFirewallUidRuleLocked(chain, uid, FIREWALL_RULE_DEFAULT);
2186 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2187 }
2188 try {
2189 switch (chain) {
2190 case FIREWALL_CHAIN_DOZABLE:
2191 mNetdService.firewallReplaceUidChain("fw_dozable", true, uids);
2192 break;
2193 case FIREWALL_CHAIN_STANDBY:
2194 mNetdService.firewallReplaceUidChain("fw_standby", false, uids);
2195 break;
2196 case FIREWALL_CHAIN_POWERSAVE:
2197 mNetdService.firewallReplaceUidChain("fw_powersave", true, uids);
2198 break;
2199 case FIREWALL_CHAIN_NONE:
2200 default:
2201 Slog.d(TAG, "setFirewallUidRules() called on invalid chain: " + chain);
2202 }
2203 } catch (RemoteException e) {
2204 Slog.w(TAG, "Error flushing firewall chain " + chain, e);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2205 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2206 }
2207 }
2208
2209 @Override
2210 public void setFirewallUidRule(int chain, int uid, int rule) {
2211 enforceSystemUid();
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2212 synchronized (mQuotaLock) {
2213 setFirewallUidRuleLocked(chain, uid, rule);
2214 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2215 }
2216
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2217 private void setFirewallUidRuleLocked(int chain, int uid, int rule) {
2218 if (updateFirewallUidRuleLocked(chain, uid, rule)) {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2219 try {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2220 mConnector.execute("firewall", "set_uid_rule", getFirewallChainName(chain), uid,
2221 getFirewallRuleName(chain, rule));
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2222 } catch (NativeDaemonConnectorException e) {
2223 throw e.rethrowAsParcelableException();
2224 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2225 }
2226 }
2227
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2228 // TODO: now that netd supports batching, NMS should not keep these data structures anymore...
2229 private boolean updateFirewallUidRuleLocked(int chain, int uid, int rule) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2230 synchronized (mRulesLock) {
2231 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2232
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2233 final int oldUidFirewallRule = uidFirewallRules.get(uid, FIREWALL_RULE_DEFAULT);
2234 if (DBG) {
2235 Slog.d(TAG, "oldRule = " + oldUidFirewallRule
2236 + ", newRule=" + rule + " for uid=" + uid + " on chain " + chain);
2237 }
2238 if (oldUidFirewallRule == rule) {
2239 if (DBG) Slog.d(TAG, "!!!!! Skipping change");
2240 // TODO: eventually consider throwing
2241 return false;
2242 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2243
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2244 String ruleName = getFirewallRuleName(chain, rule);
2245 String oldRuleName = getFirewallRuleName(chain, oldUidFirewallRule);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2246
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2247 if (rule == NetworkPolicyManager.FIREWALL_RULE_DEFAULT) {
2248 uidFirewallRules.delete(uid);
2249 } else {
2250 uidFirewallRules.put(uid, rule);
2251 }
2252 return !ruleName.equals(oldRuleName);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2253 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2254 }
2255
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2256 private @NonNull String getFirewallRuleName(int chain, int rule) {
2257 String ruleName;
2258 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2259 if (rule == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2260 ruleName = "allow";
2261 } else {
2262 ruleName = "deny";
2263 }
2264 } else { // Blacklist mode
2265 if (rule == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2266 ruleName = "deny";
2267 } else {
2268 ruleName = "allow";
2269 }
2270 }
2271 return ruleName;
2272 }
2273
Andreas Gampeaae5aa32018-07-20 12:55:38 -0700[diff] [blame]2274 @GuardedBy("mRulesLock")
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2275 private @NonNull SparseIntArray getUidFirewallRulesLR(int chain) {
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2276 switch (chain) {
2277 case FIREWALL_CHAIN_STANDBY:
2278 return mUidFirewallStandbyRules;
2279 case FIREWALL_CHAIN_DOZABLE:
2280 return mUidFirewallDozableRules;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2281 case FIREWALL_CHAIN_POWERSAVE:
2282 return mUidFirewallPowerSaveRules;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2283 case FIREWALL_CHAIN_NONE:
2284 return mUidFirewallRules;
2285 default:
2286 throw new IllegalArgumentException("Unknown chain:" + chain);
2287 }
2288 }
2289
2290 public @NonNull String getFirewallChainName(int chain) {
2291 switch (chain) {
2292 case FIREWALL_CHAIN_STANDBY:
2293 return FIREWALL_CHAIN_NAME_STANDBY;
2294 case FIREWALL_CHAIN_DOZABLE:
2295 return FIREWALL_CHAIN_NAME_DOZABLE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2296 case FIREWALL_CHAIN_POWERSAVE:
2297 return FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2298 case FIREWALL_CHAIN_NONE:
2299 return FIREWALL_CHAIN_NAME_NONE;
2300 default:
2301 throw new IllegalArgumentException("Unknown chain:" + chain);
2302 }
2303 }
2304
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2305 private static void enforceSystemUid() {
2306 final int uid = Binder.getCallingUid();
2307 if (uid != Process.SYSTEM_UID) {
2308 throw new SecurityException("Only available to AID_SYSTEM");
2309 }
2310 }
2311
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2312 @Override
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2313 public void startClatd(String interfaceName) throws IllegalStateException {
2314 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2315
2316 try {
2317 mConnector.execute("clatd", "start", interfaceName);
2318 } catch (NativeDaemonConnectorException e) {
2319 throw e.rethrowAsParcelableException();
2320 }
2321 }
2322
2323 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2324 public void stopClatd(String interfaceName) throws IllegalStateException {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2325 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2326
2327 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2328 mConnector.execute("clatd", "stop", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2329 } catch (NativeDaemonConnectorException e) {
2330 throw e.rethrowAsParcelableException();
2331 }
2332 }
2333
2334 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2335 public boolean isClatdStarted(String interfaceName) {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2336 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2337
2338 final NativeDaemonEvent event;
2339 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2340 event = mConnector.execute("clatd", "status", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2341 } catch (NativeDaemonConnectorException e) {
2342 throw e.rethrowAsParcelableException();
2343 }
2344
2345 event.checkCode(ClatdStatusResult);
2346 return event.getMessage().endsWith("started");
2347 }
2348
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2349 @Override
2350 public void registerNetworkActivityListener(INetworkActivityListener listener) {
2351 mNetworkActivityListeners.register(listener);
2352 }
2353
2354 @Override
2355 public void unregisterNetworkActivityListener(INetworkActivityListener listener) {
2356 mNetworkActivityListeners.unregister(listener);
2357 }
2358
2359 @Override
2360 public boolean isNetworkActive() {
2361 synchronized (mNetworkActivityListeners) {
2362 return mNetworkActive || mActiveIdleTimers.isEmpty();
2363 }
2364 }
2365
2366 private void reportNetworkActive() {
2367 final int length = mNetworkActivityListeners.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2368 try {
2369 for (int i = 0; i < length; i++) {
2370 try {
2371 mNetworkActivityListeners.getBroadcastItem(i).onNetworkActive();
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]2372 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2373 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2374 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2375 } finally {
2376 mNetworkActivityListeners.finishBroadcast();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2377 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2378 }
2379
Mattias Falk8b47b362011-08-23 14:15:13 +0200[diff] [blame]2380 /** {@inheritDoc} */
Jeff Sharkey7b4596f2013-02-25 10:55:29 -0800[diff] [blame]2381 @Override
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]2382 public void monitor() {
2383 if (mConnector != null) {
2384 mConnector.monitor();
2385 }
2386 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2387
2388 @Override
2389 protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]2390 if (!DumpUtils.checkDumpPermission(mContext, TAG, pw)) return;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2391
Robert Greenwalt470fd722012-01-18 12:51:15 -0800[diff] [blame]2392 pw.println("NetworkManagementService NativeDaemonConnector Log:");
2393 mConnector.dump(fd, pw, args);
2394 pw.println();
2395
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2396 pw.print("Bandwidth control enabled: "); pw.println(mBandwidthControlEnabled);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]2397 pw.print("mMobileActivityFromRadio="); pw.print(mMobileActivityFromRadio);
2398 pw.print(" mLastPowerStateFromRadio="); pw.println(mLastPowerStateFromRadio);
2399 pw.print("mNetworkActive="); pw.println(mNetworkActive);
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2400
2401 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]2402 pw.print("Active quota ifaces: "); pw.println(mActiveQuotas.toString());
2403 pw.print("Active alert ifaces: "); pw.println(mActiveAlerts.toString());
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2404 pw.print("Data saver mode: "); pw.println(mDataSaverMode);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2405 synchronized (mRulesLock) {
2406 dumpUidRuleOnQuotaLocked(pw, "blacklist", mUidRejectOnMetered);
2407 dumpUidRuleOnQuotaLocked(pw, "whitelist", mUidAllowOnMetered);
2408 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2409 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2410
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2411 synchronized (mRulesLock) {
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2412 dumpUidFirewallRule(pw, "", mUidFirewallRules);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2413
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2414 pw.print("UID firewall standby chain enabled: "); pw.println(
2415 getFirewallChainState(FIREWALL_CHAIN_STANDBY));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2416 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_STANDBY, mUidFirewallStandbyRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2417
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2418 pw.print("UID firewall dozable chain enabled: "); pw.println(
2419 getFirewallChainState(FIREWALL_CHAIN_DOZABLE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2420 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_DOZABLE, mUidFirewallDozableRules);
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2421
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2422 pw.println("UID firewall powersave chain enabled: " +
2423 getFirewallChainState(FIREWALL_CHAIN_POWERSAVE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2424 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_POWERSAVE, mUidFirewallPowerSaveRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2425 }
2426
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2427 synchronized (mIdleTimerLock) {
2428 pw.println("Idle timers:");
2429 for (HashMap.Entry<String, IdleTimerParams> ent : mActiveIdleTimers.entrySet()) {
2430 pw.print(" "); pw.print(ent.getKey()); pw.println(":");
2431 IdleTimerParams params = ent.getValue();
2432 pw.print(" timeout="); pw.print(params.timeout);
2433 pw.print(" type="); pw.print(params.type);
2434 pw.print(" networkCount="); pw.println(params.networkCount);
2435 }
2436 }
2437
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2438 pw.print("Firewall enabled: "); pw.println(mFirewallEnabled);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2439 pw.print("Netd service status: " );
2440 if (mNetdService == null) {
2441 pw.println("disconnected");
2442 } else {
2443 try {
2444 final boolean alive = mNetdService.isAlive();
2445 pw.println(alive ? "alive": "dead");
2446 } catch (RemoteException e) {
2447 pw.println("unreachable");
2448 }
2449 }
2450 }
2451
2452 private void dumpUidRuleOnQuotaLocked(PrintWriter pw, String name, SparseBooleanArray list) {
2453 pw.print("UID bandwith control ");
2454 pw.print(name);
2455 pw.print(" rule: [");
2456 final int size = list.size();
2457 for (int i = 0; i < size; i++) {
2458 pw.print(list.keyAt(i));
2459 if (i < size - 1) pw.print(",");
2460 }
2461 pw.println("]");
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2462 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2463
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2464 private void dumpUidFirewallRule(PrintWriter pw, String name, SparseIntArray rules) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2465 pw.print("UID firewall ");
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2466 pw.print(name);
2467 pw.print(" rule: [");
2468 final int size = rules.size();
2469 for (int i = 0; i < size; i++) {
2470 pw.print(rules.keyAt(i));
2471 pw.print(":");
2472 pw.print(rules.valueAt(i));
2473 if (i < size - 1) pw.print(",");
2474 }
2475 pw.println("]");
2476 }
2477
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2478 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2479 public void createPhysicalNetwork(int netId, String permission) {
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2480 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2481
2482 try {
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2483 if (permission != null) {
2484 mConnector.execute("network", "create", netId, permission);
2485 } else {
2486 mConnector.execute("network", "create", netId);
2487 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2488 } catch (NativeDaemonConnectorException e) {
2489 throw e.rethrowAsParcelableException();
2490 }
2491 }
2492
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2493 @Override
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2494 public void createVirtualNetwork(int netId, boolean hasDNS, boolean secure) {
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2495 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2496
2497 try {
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2498 mConnector.execute("network", "create", netId, "vpn", hasDNS ? "1" : "0",
2499 secure ? "1" : "0");
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2500 } catch (NativeDaemonConnectorException e) {
2501 throw e.rethrowAsParcelableException();
2502 }
2503 }
2504
2505 @Override
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2506 public void removeNetwork(int netId) {
Erik Kline33d8e5c2018-01-15 17:05:07 +0900[diff] [blame]2507 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2508
2509 try {
Erik Kline33d8e5c2018-01-15 17:05:07 +0900[diff] [blame]2510 mNetdService.networkDestroy(netId);
2511 } catch (ServiceSpecificException e) {
2512 Log.w(TAG, "removeNetwork(" + netId + "): ", e);
2513 throw e;
2514 } catch (RemoteException e) {
2515 Log.w(TAG, "removeNetwork(" + netId + "): ", e);
2516 throw e.rethrowAsRuntimeException();
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2517 }
2518 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2519
2520 @Override
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2521 public void addInterfaceToNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2522 modifyInterfaceInNetwork("add", "" + netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2523 }
2524
2525 @Override
2526 public void removeInterfaceFromNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2527 modifyInterfaceInNetwork("remove", "" + netId, iface);
2528 }
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2529
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2530 private void modifyInterfaceInNetwork(String action, String netId, String iface) {
2531 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2532 try {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2533 mConnector.execute("network", "interface", action, netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2534 } catch (NativeDaemonConnectorException e) {
2535 throw e.rethrowAsParcelableException();
2536 }
2537 }
2538
2539 @Override
Robert Greenwalt913c8952014-04-07 17:36:35 -0700[diff] [blame]2540 public void addLegacyRouteForNetId(int netId, RouteInfo routeInfo, int uid) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2541 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2542
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]2543 final Command cmd = new Command("network", "route", "legacy", uid, "add", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2544
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2545 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandrancc91c7b2014-06-03 18:41:43 -0700[diff] [blame]2546 final LinkAddress la = routeInfo.getDestinationLinkAddress();
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2547 cmd.appendArg(routeInfo.getInterface());
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]2548 cmd.appendArg(la.getAddress().getHostAddress() + "/" + la.getPrefixLength());
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2549 if (routeInfo.hasGateway()) {
2550 cmd.appendArg(routeInfo.getGateway().getHostAddress());
2551 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2552
2553 try {
2554 mConnector.execute(cmd);
2555 } catch (NativeDaemonConnectorException e) {
2556 throw e.rethrowAsParcelableException();
2557 }
2558 }
2559
2560 @Override
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2561 public void setDefaultNetId(int netId) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2562 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2563
2564 try {
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2565 mConnector.execute("network", "default", "set", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2566 } catch (NativeDaemonConnectorException e) {
2567 throw e.rethrowAsParcelableException();
2568 }
2569 }
2570
2571 @Override
2572 public void clearDefaultNetId() {
2573 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2574
2575 try {
2576 mConnector.execute("network", "default", "clear");
2577 } catch (NativeDaemonConnectorException e) {
2578 throw e.rethrowAsParcelableException();
2579 }
2580 }
2581
2582 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2583 public void setNetworkPermission(int netId, String permission) {
2584 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2585
2586 try {
2587 if (permission != null) {
2588 mConnector.execute("network", "permission", "network", "set", permission, netId);
2589 } else {
2590 mConnector.execute("network", "permission", "network", "clear", netId);
2591 }
2592 } catch (NativeDaemonConnectorException e) {
2593 throw e.rethrowAsParcelableException();
2594 }
2595 }
2596
2597
2598 @Override
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2599 public void setPermission(String permission, int[] uids) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2600 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2601
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2602 Object[] argv = new Object[4 + MAX_UID_RANGES_PER_COMMAND];
2603 argv[0] = "permission";
2604 argv[1] = "user";
2605 argv[2] = "set";
2606 argv[3] = permission;
2607 int argc = 4;
2608 // Avoid overly long commands by limiting number of UIDs per command.
2609 for (int i = 0; i < uids.length; ++i) {
2610 argv[argc++] = uids[i];
2611 if (i == uids.length - 1 || argc == argv.length) {
2612 try {
2613 mConnector.execute("network", Arrays.copyOf(argv, argc));
2614 } catch (NativeDaemonConnectorException e) {
2615 throw e.rethrowAsParcelableException();
2616 }
2617 argc = 4;
2618 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2619 }
2620 }
2621
2622 @Override
2623 public void clearPermission(int[] uids) {
2624 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2625
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2626 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
2627 argv[0] = "permission";
2628 argv[1] = "user";
2629 argv[2] = "clear";
2630 int argc = 3;
2631 // Avoid overly long commands by limiting number of UIDs per command.
2632 for (int i = 0; i < uids.length; ++i) {
2633 argv[argc++] = uids[i];
2634 if (i == uids.length - 1 || argc == argv.length) {
2635 try {
2636 mConnector.execute("network", Arrays.copyOf(argv, argc));
2637 } catch (NativeDaemonConnectorException e) {
2638 throw e.rethrowAsParcelableException();
2639 }
2640 argc = 3;
2641 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2642 }
2643 }
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2644
2645 @Override
2646 public void allowProtect(int uid) {
2647 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2648
2649 try {
2650 mConnector.execute("network", "protect", "allow", uid);
2651 } catch (NativeDaemonConnectorException e) {
2652 throw e.rethrowAsParcelableException();
2653 }
2654 }
2655
2656 @Override
2657 public void denyProtect(int uid) {
2658 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2659
2660 try {
2661 mConnector.execute("network", "protect", "deny", uid);
2662 } catch (NativeDaemonConnectorException e) {
2663 throw e.rethrowAsParcelableException();
2664 }
2665 }
2666
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2667 @Override
2668 public void addInterfaceToLocalNetwork(String iface, List<RouteInfo> routes) {
2669 modifyInterfaceInNetwork("add", "local", iface);
2670
2671 for (RouteInfo route : routes) {
2672 if (!route.isDefaultRoute()) {
2673 modifyRoute("add", "local", route);
2674 }
2675 }
2676 }
2677
2678 @Override
2679 public void removeInterfaceFromLocalNetwork(String iface) {
2680 modifyInterfaceInNetwork("remove", "local", iface);
2681 }
Erik Kline6599ee82016-07-17 21:28:39 +0900[diff] [blame]2682
2683 @Override
2684 public int removeRoutesFromLocalNetwork(List<RouteInfo> routes) {
2685 int failures = 0;
2686
2687 for (RouteInfo route : routes) {
2688 try {
2689 modifyRoute("remove", "local", route);
2690 } catch (IllegalStateException e) {
2691 failures++;
2692 }
2693 }
2694
2695 return failures;
2696 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2697
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2698 @Override
2699 public boolean isNetworkRestricted(int uid) {
2700 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2701 return isNetworkRestrictedInternal(uid);
2702 }
2703
2704 private boolean isNetworkRestrictedInternal(int uid) {
2705 synchronized (mRulesLock) {
2706 if (getFirewallChainState(FIREWALL_CHAIN_STANDBY)
2707 && mUidFirewallStandbyRules.get(uid) == FIREWALL_RULE_DENY) {
2708 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of app standby mode");
2709 return true;
2710 }
2711 if (getFirewallChainState(FIREWALL_CHAIN_DOZABLE)
2712 && mUidFirewallDozableRules.get(uid) != FIREWALL_RULE_ALLOW) {
2713 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of device idle mode");
2714 return true;
2715 }
2716 if (getFirewallChainState(FIREWALL_CHAIN_POWERSAVE)
2717 && mUidFirewallPowerSaveRules.get(uid) != FIREWALL_RULE_ALLOW) {
2718 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of power saver mode");
2719 return true;
2720 }
2721 if (mUidRejectOnMetered.get(uid)) {
2722 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of no metered data"
2723 + " in the background");
2724 return true;
2725 }
2726 if (mDataSaverMode && !mUidAllowOnMetered.get(uid)) {
2727 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of data saver mode");
2728 return true;
2729 }
2730 return false;
2731 }
2732 }
2733
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2734 private void setFirewallChainState(int chain, boolean state) {
2735 synchronized (mRulesLock) {
2736 mFirewallChainStates.put(chain, state);
2737 }
2738 }
2739
2740 private boolean getFirewallChainState(int chain) {
2741 synchronized (mRulesLock) {
2742 return mFirewallChainStates.get(chain);
2743 }
2744 }
2745
2746 @VisibleForTesting
2747 class LocalService extends NetworkManagementInternal {
2748 @Override
2749 public boolean isNetworkRestrictedForUid(int uid) {
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2750 return isNetworkRestrictedInternal(uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2751 }
2752 }
2753
2754 @VisibleForTesting
2755 Injector getInjector() {
2756 return new Injector();
2757 }
2758
2759 @VisibleForTesting
2760 class Injector {
2761 void setDataSaverMode(boolean dataSaverMode) {
2762 mDataSaverMode = dataSaverMode;
2763 }
2764
2765 void setFirewallChainState(int chain, boolean state) {
2766 NetworkManagementService.this.setFirewallChainState(chain, state);
2767 }
2768
2769 void setFirewallRule(int chain, int uid, int rule) {
2770 synchronized (mRulesLock) {
2771 getUidFirewallRulesLR(chain).put(uid, rule);
2772 }
2773 }
2774
2775 void setUidOnMeteredNetworkList(boolean blacklist, int uid, boolean enable) {
2776 synchronized (mRulesLock) {
2777 if (blacklist) {
2778 mUidRejectOnMetered.put(uid, enable);
2779 } else {
2780 mUidAllowOnMetered.put(uid, enable);
2781 }
2782 }
2783 }
2784
2785 void reset() {
2786 synchronized (mRulesLock) {
2787 setDataSaverMode(false);
2788 final int[] chains = {
2789 FIREWALL_CHAIN_DOZABLE,
2790 FIREWALL_CHAIN_STANDBY,
2791 FIREWALL_CHAIN_POWERSAVE
2792 };
2793 for (int chain : chains) {
2794 setFirewallChainState(chain, false);
2795 getUidFirewallRulesLR(chain).clear();
2796 }
2797 mUidAllowOnMetered.clear();
2798 mUidRejectOnMetered.clear();
2799 }
2800 }
2801 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]2802}