Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 5356a35c3bcfcdf2d184c620af6bfbf9bddf35c5 / . / services / core / java / com / android / server / NetworkManagementService.java
blob: 96275aba5a17446e17cf4cd46a41de0107210235 [file] [log] [blame]
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1/*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server;
18
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]19import static android.Manifest.permission.CONNECTIVITY_INTERNAL;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]20import static android.Manifest.permission.DUMP;
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]21import static android.Manifest.permission.NETWORK_STACK;
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]22import static android.Manifest.permission.SHUTDOWN;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]23import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE;
24import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE;
25import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]26import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]27import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_STANDBY;
28import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]29import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]30import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_STANDBY;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]31import static android.net.NetworkPolicyManager.FIREWALL_RULE_ALLOW;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]32import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]33import static android.net.NetworkPolicyManager.FIREWALL_RULE_DENY;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]34import static android.net.NetworkPolicyManager.FIREWALL_TYPE_BLACKLIST;
35import static android.net.NetworkPolicyManager.FIREWALL_TYPE_WHITELIST;
Jeff Sharkeyb5d55e32011-08-10 17:53:27 -0700[diff] [blame]36import static android.net.NetworkStats.SET_DEFAULT;
Lorenzo Colitti5356a352017-08-17 19:23:08 +0900[diff] [blame^]37import static android.net.NetworkStats.STATS_PER_UID;
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]38import static android.net.NetworkStats.TAG_ALL;
Jeff Sharkey1b5a2a92011-06-18 18:34:16 -0700[diff] [blame]39import static android.net.NetworkStats.TAG_NONE;
40import static android.net.NetworkStats.UID_ALL;
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]41import static android.net.TrafficStats.UID_TETHERING;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]42import static com.android.server.NetworkManagementService.NetdResponseCode.ClatdStatusResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]43import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceGetCfgResult;
44import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]45import static com.android.server.NetworkManagementService.NetdResponseCode.IpFwdStatusResult;
46import static com.android.server.NetworkManagementService.NetdResponseCode.TetherDnsFwdTgtListResult;
47import static com.android.server.NetworkManagementService.NetdResponseCode.TetherInterfaceListResult;
48import static com.android.server.NetworkManagementService.NetdResponseCode.TetherStatusResult;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]49import static com.android.server.NetworkManagementService.NetdResponseCode.TetheringStatsListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]50import static com.android.server.NetworkManagementService.NetdResponseCode.TtyListResult;
Jeff Sharkeya63ba592011-07-19 23:47:12 -0700[diff] [blame]51import static com.android.server.NetworkManagementSocketTagger.PROP_QTAGUID_ENABLED;
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]52
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]53import android.annotation.NonNull;
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]54import android.app.ActivityManager;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]55import android.content.ContentResolver;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]56import android.content.Context;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]57import android.net.ConnectivityManager;
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]58import android.net.INetd;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]59import android.net.INetworkManagementEventObserver;
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]60import android.net.ITetheringStatsProvider;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]61import android.net.InterfaceConfiguration;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]62import android.net.IpPrefix;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]63import android.net.LinkAddress;
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]64import android.net.Network;
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]65import android.net.NetworkPolicyManager;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]66import android.net.NetworkStats;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]67import android.net.NetworkUtils;
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]68import android.net.RouteInfo;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]69import android.net.UidRange;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]70import android.net.wifi.WifiConfiguration;
71import android.net.wifi.WifiConfiguration.KeyMgmt;
Dianne Hackborn91268cf2013-06-13 19:06:50 -0700[diff] [blame]72import android.os.BatteryStats;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]73import android.os.Binder;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]74import android.os.Handler;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]75import android.os.INetworkActivityListener;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]76import android.os.INetworkManagementService;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]77import android.os.PowerManager;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]78import android.os.Process;
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]79import android.os.RemoteCallbackList;
80import android.os.RemoteException;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]81import android.os.ServiceManager;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]82import android.os.ServiceSpecificException;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]83import android.os.StrictMode;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]84import android.os.SystemClock;
Marco Nelissen62dbb222010-02-18 10:56:30 -0800[diff] [blame]85import android.os.SystemProperties;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]86import android.os.Trace;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]87import android.provider.Settings;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]88import android.telephony.DataConnectionRealTimeInfo;
89import android.telephony.PhoneStateListener;
Wink Savillefb40dd42014-06-12 17:02:31 -0700[diff] [blame]90import android.telephony.SubscriptionManager;
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]91import android.telephony.TelephonyManager;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]92import android.util.Log;
Joe Onorato8a9b2202010-02-26 18:56:32 -0800[diff] [blame]93import android.util.Slog;
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]94import android.util.SparseBooleanArray;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]95import android.util.SparseIntArray;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]96
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]97import com.android.internal.annotations.GuardedBy;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]98import com.android.internal.annotations.VisibleForTesting;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]99import com.android.internal.app.IBatteryStats;
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]100import com.android.internal.net.NetworkStatsFactory;
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]101import com.android.internal.util.DumpUtils;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]102import com.android.internal.util.HexDump;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]103import com.android.internal.util.Preconditions;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]104import com.android.server.NativeDaemonConnector.Command;
Jeff Sharkey56cd6462013-06-07 15:09:15 -0700[diff] [blame]105import com.android.server.NativeDaemonConnector.SensitiveArg;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]106import com.google.android.collect.Maps;
Jeff Sharkey4414cea2011-06-24 17:05:24 -0700[diff] [blame]107
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]108import java.io.BufferedReader;
109import java.io.DataInputStream;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]110import java.io.File;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]111import java.io.FileDescriptor;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]112import java.io.FileInputStream;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]113import java.io.IOException;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]114import java.io.InputStreamReader;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]115import java.io.PrintWriter;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]116import java.net.InetAddress;
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]117import java.net.InterfaceAddress;
118import java.net.NetworkInterface;
119import java.net.SocketException;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]120import java.util.ArrayList;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]121import java.util.Arrays;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]122import java.util.HashMap;
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]123import java.util.List;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]124import java.util.Map;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]125import java.util.NoSuchElementException;
126import java.util.StringTokenizer;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]127import java.util.concurrent.CountDownLatch;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]128
129/**
130 * @hide
131 */
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]132public class NetworkManagementService extends INetworkManagementService.Stub
133 implements Watchdog.Monitor {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]134 private static final String TAG = "NetworkManagement";
135 private static final boolean DBG = Log.isLoggable(TAG, Log.DEBUG);
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]136 private static final String NETD_TAG = "NetdConnector";
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]137 private static final String NETD_SERVICE_NAME = "netd";
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]138
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]139 private static final int MAX_UID_RANGES_PER_COMMAND = 10;
140
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]141 /**
142 * Name representing {@link #setGlobalAlert(long)} limit when delivered to
143 * {@link INetworkManagementEventObserver#limitReached(String, String)}.
144 */
145 public static final String LIMIT_GLOBAL_ALERT = "globalAlert";
146
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]147 /**
148 * String to pass to netd to indicate that a network is only accessible
149 * to apps that have the CHANGE_NETWORK_STATE permission.
150 */
151 public static final String PERMISSION_NETWORK = "NETWORK";
152
153 /**
154 * String to pass to netd to indicate that a network is only
155 * accessible to system apps and those with the CONNECTIVITY_INTERNAL
156 * permission.
157 */
158 public static final String PERMISSION_SYSTEM = "SYSTEM";
159
Andrew Scull64464e72017-05-19 15:37:20 +0100[diff] [blame]160 static class NetdResponseCode {
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]161 /* Keep in sync with system/netd/server/ResponseCode.h */
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]162 public static final int InterfaceListResult = 110;
163 public static final int TetherInterfaceListResult = 111;
164 public static final int TetherDnsFwdTgtListResult = 112;
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]165 public static final int TtyListResult = 113;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]166 public static final int TetheringStatsListResult = 114;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]167
168 public static final int TetherStatusResult = 210;
169 public static final int IpFwdStatusResult = 211;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]170 public static final int InterfaceGetCfgResult = 213;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]171 public static final int SoftapStatusResult = 214;
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]172 public static final int InterfaceRxCounterResult = 216;
173 public static final int InterfaceTxCounterResult = 217;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]174 public static final int QuotaCounterResult = 220;
175 public static final int TetheringStatsResult = 221;
Selim Gurun84c00c62012-02-27 15:42:38 -0800[diff] [blame]176 public static final int DnsProxyQueryResult = 222;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]177 public static final int ClatdStatusResult = 223;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]178
179 public static final int InterfaceChange = 600;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]180 public static final int BandwidthControl = 601;
Haoyu Bai6b7358d2012-07-17 16:36:50 -0700[diff] [blame]181 public static final int InterfaceClassActivity = 613;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]182 public static final int InterfaceAddressChange = 614;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]183 public static final int InterfaceDnsServerInfo = 615;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]184 public static final int RouteChange = 616;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]185 public static final int StrictCleartext = 617;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]186 }
187
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]188 /* Defaults for resolver parameters. */
189 public static final int DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS = 1800;
190 public static final int DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT = 25;
191 public static final int DNS_RESOLVER_DEFAULT_MIN_SAMPLES = 8;
192 public static final int DNS_RESOLVER_DEFAULT_MAX_SAMPLES = 64;
193
Rebecca Silbersteine2ec94f2016-03-24 13:29:00 -0700[diff] [blame]194 /**
195 * String indicating a softap command.
196 */
197 static final String SOFT_AP_COMMAND = "softap";
198
199 /**
200 * String passed back to netd connector indicating softap command success.
201 */
202 static final String SOFT_AP_COMMAND_SUCCESS = "Ok";
203
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]204 static final int DAEMON_MSG_MOBILE_CONN_REAL_TIME_INFO = 1;
205
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]206 /**
207 * Binder context for this service
208 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]209 private final Context mContext;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]210
211 /**
212 * connector object for communicating with netd
213 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]214 private final NativeDaemonConnector mConnector;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]215
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]216 private final Handler mFgHandler;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]217 private final Handler mDaemonHandler;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]218
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]219 private INetd mNetdService;
220
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]221 private IBatteryStats mBatteryStats;
222
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]223 private final Thread mThread;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]224 private CountDownLatch mConnectedSignal = new CountDownLatch(1);
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]225
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]226 private final RemoteCallbackList<INetworkManagementEventObserver> mObservers =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]227 new RemoteCallbackList<>();
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]228
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]229 private final NetworkStatsFactory mStatsFactory = new NetworkStatsFactory();
230
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]231 @GuardedBy("mTetheringStatsProviders")
232 private final HashMap<ITetheringStatsProvider, String>
233 mTetheringStatsProviders = Maps.newHashMap();
234
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]235 /**
236 * If both locks need to be held, then they should be obtained in the order:
237 * first {@link #mQuotaLock} and then {@link #mRulesLock}.
238 */
Andrew Scull64464e72017-05-19 15:37:20 +0100[diff] [blame]239 private final Object mQuotaLock = new Object();
240 private final Object mRulesLock = new Object();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]241
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]242 /** Set of interfaces with active quotas. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]243 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]244 private HashMap<String, Long> mActiveQuotas = Maps.newHashMap();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]245 /** Set of interfaces with active alerts. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]246 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]247 private HashMap<String, Long> mActiveAlerts = Maps.newHashMap();
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]248 /** Set of UIDs blacklisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]249 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]250 private SparseBooleanArray mUidRejectOnMetered = new SparseBooleanArray();
251 /** Set of UIDs whitelisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]252 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]253 private SparseBooleanArray mUidAllowOnMetered = new SparseBooleanArray();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]254 /** Set of UIDs with cleartext penalties. */
255 @GuardedBy("mQuotaLock")
256 private SparseIntArray mUidCleartextPolicy = new SparseIntArray();
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]257 /** Set of UIDs that are to be blocked/allowed by firewall controller. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]258 @GuardedBy("mRulesLock")
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]259 private SparseIntArray mUidFirewallRules = new SparseIntArray();
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]260 /**
261 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
262 * to application idles.
263 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]264 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]265 private SparseIntArray mUidFirewallStandbyRules = new SparseIntArray();
266 /**
267 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
268 * to device idles.
269 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]270 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]271 private SparseIntArray mUidFirewallDozableRules = new SparseIntArray();
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]272 /**
273 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
274 * to device on power-save mode.
275 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]276 @GuardedBy("mRulesLock")
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]277 private SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]278 /** Set of states for the child firewall chains. True if the chain is active. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]279 @GuardedBy("mRulesLock")
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]280 final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]281
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]282 @GuardedBy("mQuotaLock")
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]283 private volatile boolean mDataSaverMode;
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]284
Andrew Scull64464e72017-05-19 15:37:20 +0100[diff] [blame]285 private final Object mIdleTimerLock = new Object();
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]286 /** Set of interfaces with active idle timers. */
287 private static class IdleTimerParams {
288 public final int timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]289 public final int type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]290 public int networkCount;
291
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]292 IdleTimerParams(int timeout, int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]293 this.timeout = timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]294 this.type = type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]295 this.networkCount = 1;
296 }
297 }
298 private HashMap<String, IdleTimerParams> mActiveIdleTimers = Maps.newHashMap();
299
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]300 private volatile boolean mBandwidthControlEnabled;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]301 private volatile boolean mFirewallEnabled;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]302 private volatile boolean mStrictEnabled;
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]303
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]304 private boolean mMobileActivityFromRadio = false;
305 private int mLastPowerStateFromRadio = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]306 private int mLastPowerStateFromWifi = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]307
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]308 private final RemoteCallbackList<INetworkActivityListener> mNetworkActivityListeners =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]309 new RemoteCallbackList<>();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]310 private boolean mNetworkActive;
311
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]312 /**
313 * Constructs a new NetworkManagementService instance
314 *
315 * @param context Binder context for this service
316 */
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]317 private NetworkManagementService(Context context, String socket) {
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]318 mContext = context;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]319
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]320 // make sure this is on the same looper as our NativeDaemonConnector for sync purposes
321 mFgHandler = new Handler(FgThread.get().getLooper());
322
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]323 // Don't need this wake lock, since we now have a time stamp for when
324 // the network actually went inactive. (It might be nice to still do this,
325 // but I don't want to do it through the power manager because that pollutes the
326 // battery stats history with pointless noise.)
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]327 //PowerManager pm = (PowerManager)context.getSystemService(Context.POWER_SERVICE);
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]328 PowerManager.WakeLock wl = null; //pm.newWakeLock(PowerManager.PARTIAL_WAKE_LOCK, NETD_TAG);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]329
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]330 mConnector = new NativeDaemonConnector(
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]331 new NetdCallbackReceiver(), socket, 10, NETD_TAG, 160, wl,
332 FgThread.get().getLooper());
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]333 mThread = new Thread(mConnector, NETD_TAG);
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]334
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]335 mDaemonHandler = new Handler(FgThread.get().getLooper());
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]336
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]337 // Add ourself to the Watchdog monitors.
338 Watchdog.getInstance().addMonitor(this);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]339
340 LocalServices.addService(NetworkManagementInternal.class, new LocalService());
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]341
342 synchronized (mTetheringStatsProviders) {
343 mTetheringStatsProviders.put(new NetdTetheringStatsProvider(), "netd");
344 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]345 }
346
347 @VisibleForTesting
348 NetworkManagementService() {
349 mConnector = null;
350 mContext = null;
351 mDaemonHandler = null;
352 mFgHandler = null;
353 mThread = null;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]354 }
355
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]356 static NetworkManagementService create(Context context, String socket)
357 throws InterruptedException {
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]358 final NetworkManagementService service = new NetworkManagementService(context, socket);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]359 final CountDownLatch connectedSignal = service.mConnectedSignal;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]360 if (DBG) Slog.d(TAG, "Creating NetworkManagementService");
361 service.mThread.start();
362 if (DBG) Slog.d(TAG, "Awaiting socket connection");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]363 connectedSignal.await();
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]364 if (DBG) Slog.d(TAG, "Connected");
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]365 service.connectNativeNetdService();
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]366 return service;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]367 }
368
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]369 public static NetworkManagementService create(Context context) throws InterruptedException {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]370 return create(context, NETD_SERVICE_NAME);
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]371 }
372
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]373 public void systemReady() {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]374 if (DBG) {
375 final long start = System.currentTimeMillis();
376 prepareNativeDaemon();
377 final long delta = System.currentTimeMillis() - start;
378 Slog.d(TAG, "Prepared in " + delta + "ms");
379 return;
380 } else {
381 prepareNativeDaemon();
382 }
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]383 }
384
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]385 private IBatteryStats getBatteryStats() {
386 synchronized (this) {
387 if (mBatteryStats != null) {
388 return mBatteryStats;
389 }
390 mBatteryStats = IBatteryStats.Stub.asInterface(ServiceManager.getService(
391 BatteryStats.SERVICE_NAME));
392 return mBatteryStats;
393 }
394 }
395
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]396 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]397 public void registerObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]398 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]399 mObservers.register(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]400 }
401
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]402 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]403 public void unregisterObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]404 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]405 mObservers.unregister(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]406 }
407
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]408 @FunctionalInterface
409 private interface NetworkManagementEventCallback {
410 public void sendCallback(INetworkManagementEventObserver o) throws RemoteException;
411 }
412
413 private void invokeForAllObservers(NetworkManagementEventCallback eventCallback) {
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]414 final int length = mObservers.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]415 try {
416 for (int i = 0; i < length; i++) {
417 try {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]418 eventCallback.sendCallback(mObservers.getBroadcastItem(i));
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]419 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]420 }
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]421 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]422 } finally {
423 mObservers.finishBroadcast();
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]424 }
425 }
426
427 /**
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]428 * Notify our observers of an interface status change
429 */
430 private void notifyInterfaceStatusChanged(String iface, boolean up) {
431 invokeForAllObservers(o -> o.interfaceStatusChanged(iface, up));
432 }
433
434 /**
Mike J. Chenf59c7d02011-06-23 15:33:15 -0700[diff] [blame]435 * Notify our observers of an interface link state change
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]436 * (typically, an Ethernet cable has been plugged-in or unplugged).
437 */
438 private void notifyInterfaceLinkStateChanged(String iface, boolean up) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]439 invokeForAllObservers(o -> o.interfaceLinkStateChanged(iface, up));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]440 }
441
442 /**
443 * Notify our observers of an interface addition.
444 */
445 private void notifyInterfaceAdded(String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]446 invokeForAllObservers(o -> o.interfaceAdded(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]447 }
448
449 /**
450 * Notify our observers of an interface removal.
451 */
452 private void notifyInterfaceRemoved(String iface) {
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]453 // netd already clears out quota and alerts for removed ifaces; update
454 // our sanity-checking state.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]455 mActiveAlerts.remove(iface);
456 mActiveQuotas.remove(iface);
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]457
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]458 invokeForAllObservers(o -> o.interfaceRemoved(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]459 }
460
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]461 /**
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]462 * Notify our observers of a limit reached.
463 */
464 private void notifyLimitReached(String limitName, String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]465 invokeForAllObservers(o -> o.limitReached(limitName, iface));
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]466 }
467
468 /**
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]469 * Notify our observers of a change in the data activity state of the interface
470 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]471 private void notifyInterfaceClassActivity(int type, int powerState, long tsNanos,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]472 int uid, boolean fromRadio) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]473 final boolean isMobile = ConnectivityManager.isNetworkTypeMobile(type);
474 if (isMobile) {
475 if (!fromRadio) {
476 if (mMobileActivityFromRadio) {
477 // If this call is not coming from a report from the radio itself, but we
478 // have previously received reports from the radio, then we will take the
479 // power state to just be whatever the radio last reported.
480 powerState = mLastPowerStateFromRadio;
481 }
482 } else {
483 mMobileActivityFromRadio = true;
484 }
485 if (mLastPowerStateFromRadio != powerState) {
486 mLastPowerStateFromRadio = powerState;
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]487 try {
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]488 getBatteryStats().noteMobileRadioPowerState(powerState, tsNanos, uid);
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]489 } catch (RemoteException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]490 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]491 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]492 }
493
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]494 if (ConnectivityManager.isNetworkTypeWifi(type)) {
495 if (mLastPowerStateFromWifi != powerState) {
496 mLastPowerStateFromWifi = powerState;
497 try {
Adam Lesinski5f056f62016-07-14 16:56:08 -0700[diff] [blame]498 getBatteryStats().noteWifiRadioPowerState(powerState, tsNanos, uid);
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]499 } catch (RemoteException e) {
500 }
501 }
502 }
503
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]504 boolean isActive = powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_MEDIUM
505 || powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH;
506
507 if (!isMobile || fromRadio || !mMobileActivityFromRadio) {
508 // Report the change in data activity. We don't do this if this is a change
509 // on the mobile network, that is not coming from the radio itself, and we
510 // have previously seen change reports from the radio. In that case only
511 // the radio is the authority for the current state.
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]512 final boolean active = isActive;
513 invokeForAllObservers(o -> o.interfaceClassDataActivityChanged(
514 Integer.toString(type), active, tsNanos));
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]515 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]516
517 boolean report = false;
518 synchronized (mIdleTimerLock) {
519 if (mActiveIdleTimers.isEmpty()) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]520 // If there are no idle timers, we are not monitoring activity, so we
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]521 // are always considered active.
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]522 isActive = true;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]523 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]524 if (mNetworkActive != isActive) {
525 mNetworkActive = isActive;
526 report = isActive;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]527 }
528 }
529 if (report) {
530 reportNetworkActive();
531 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]532 }
533
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]534 @Override
535 public void registerTetheringStatsProvider(ITetheringStatsProvider provider, String name) {
536 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
537 Preconditions.checkNotNull(provider);
538 synchronized(mTetheringStatsProviders) {
539 mTetheringStatsProviders.put(provider, name);
540 }
541 }
542
543 @Override
544 public void unregisterTetheringStatsProvider(ITetheringStatsProvider provider) {
545 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
546 synchronized(mTetheringStatsProviders) {
547 mTetheringStatsProviders.remove(provider);
548 }
549 }
550
Lorenzo Colittid66cf562017-08-15 19:25:51 +0900[diff] [blame]551 @Override
552 public void tetherLimitReached(ITetheringStatsProvider provider) {
553 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
554 synchronized(mTetheringStatsProviders) {
555 if (!mTetheringStatsProviders.containsKey(provider)) {
556 return;
557 }
558 // No current code examines the interface parameter in a global alert. Just pass null.
559 notifyLimitReached(LIMIT_GLOBAL_ALERT, null);
560 }
561 }
562
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]563 // Sync the state of the given chain with the native daemon.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]564 private void syncFirewallChainLocked(int chain, String name) {
565 SparseIntArray rules;
566 synchronized (mRulesLock) {
567 final SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]568 // Make a copy of the current rules, and then clear them. This is because
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]569 // setFirewallUidRuleInternal only pushes down rules to the native daemon if they
570 // are different from the current rules stored in the mUidFirewall*Rules array for
571 // the specified chain. If we don't clear the rules, setFirewallUidRuleInternal
572 // will do nothing.
573 rules = uidFirewallRules.clone();
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]574 uidFirewallRules.clear();
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]575 }
576 if (rules.size() > 0) {
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]577 // Now push the rules. setFirewallUidRuleInternal will push each of these down to the
578 // native daemon, and also add them to the mUidFirewall*Rules array for the specified
579 // chain.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]580 if (DBG) Slog.d(TAG, "Pushing " + rules.size() + " active firewall "
581 + name + "UID rules");
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]582 for (int i = 0; i < rules.size(); i++) {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]583 setFirewallUidRuleLocked(chain, rules.keyAt(i), rules.valueAt(i));
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]584 }
585 }
586 }
587
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]588 private void connectNativeNetdService() {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]589 boolean nativeServiceAvailable = false;
590 try {
591 mNetdService = INetd.Stub.asInterface(ServiceManager.getService(NETD_SERVICE_NAME));
592 nativeServiceAvailable = mNetdService.isAlive();
593 } catch (RemoteException e) {}
594 if (!nativeServiceAvailable) {
595 Slog.wtf(TAG, "Can't connect to NativeNetdService " + NETD_SERVICE_NAME);
596 }
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]597 }
598
599 /**
600 * Prepare native daemon once connected, enabling modules and pushing any
601 * existing in-memory rules.
602 */
603 private void prepareNativeDaemon() {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]604
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]605 mBandwidthControlEnabled = false;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]606
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]607 // only enable bandwidth control when support exists
608 final boolean hasKernelSupport = new File("/proc/net/xt_qtaguid/ctrl").exists();
609 if (hasKernelSupport) {
610 Slog.d(TAG, "enabling bandwidth control");
611 try {
612 mConnector.execute("bandwidth", "enable");
613 mBandwidthControlEnabled = true;
614 } catch (NativeDaemonConnectorException e) {
615 Log.wtf(TAG, "problem enabling bandwidth controls", e);
616 }
617 } else {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]618 Slog.i(TAG, "not enabling bandwidth control");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]619 }
620
621 SystemProperties.set(PROP_QTAGUID_ENABLED, mBandwidthControlEnabled ? "1" : "0");
622
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]623 if (mBandwidthControlEnabled) {
624 try {
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]625 getBatteryStats().noteNetworkStatsEnabled();
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]626 } catch (RemoteException e) {
627 }
628 }
629
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]630 try {
631 mConnector.execute("strict", "enable");
632 mStrictEnabled = true;
633 } catch (NativeDaemonConnectorException e) {
634 Log.wtf(TAG, "Failed strict enable", e);
635 }
636
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]637 // push any existing quota or UID rules
638 synchronized (mQuotaLock) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]639
640 setDataSaverModeEnabled(mDataSaverMode);
641
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]642 int size = mActiveQuotas.size();
643 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]644 if (DBG) Slog.d(TAG, "Pushing " + size + " active quota rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]645 final HashMap<String, Long> activeQuotas = mActiveQuotas;
646 mActiveQuotas = Maps.newHashMap();
647 for (Map.Entry<String, Long> entry : activeQuotas.entrySet()) {
648 setInterfaceQuota(entry.getKey(), entry.getValue());
649 }
650 }
651
652 size = mActiveAlerts.size();
653 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]654 if (DBG) Slog.d(TAG, "Pushing " + size + " active alert rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]655 final HashMap<String, Long> activeAlerts = mActiveAlerts;
656 mActiveAlerts = Maps.newHashMap();
657 for (Map.Entry<String, Long> entry : activeAlerts.entrySet()) {
658 setInterfaceAlert(entry.getKey(), entry.getValue());
659 }
660 }
661
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]662 SparseBooleanArray uidRejectOnQuota = null;
663 SparseBooleanArray uidAcceptOnQuota = null;
664 synchronized (mRulesLock) {
665 size = mUidRejectOnMetered.size();
666 if (size > 0) {
667 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered blacklist rules");
668 uidRejectOnQuota = mUidRejectOnMetered;
669 mUidRejectOnMetered = new SparseBooleanArray();
670 }
671
672 size = mUidAllowOnMetered.size();
673 if (size > 0) {
674 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered whitelist rules");
675 uidAcceptOnQuota = mUidAllowOnMetered;
676 mUidAllowOnMetered = new SparseBooleanArray();
677 }
678 }
679 if (uidRejectOnQuota != null) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]680 for (int i = 0; i < uidRejectOnQuota.size(); i++) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]681 setUidMeteredNetworkBlacklist(uidRejectOnQuota.keyAt(i),
682 uidRejectOnQuota.valueAt(i));
683 }
684 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]685 if (uidAcceptOnQuota != null) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]686 for (int i = 0; i < uidAcceptOnQuota.size(); i++) {
687 setUidMeteredNetworkWhitelist(uidAcceptOnQuota.keyAt(i),
688 uidAcceptOnQuota.valueAt(i));
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]689 }
690 }
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]691
692 size = mUidCleartextPolicy.size();
693 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]694 if (DBG) Slog.d(TAG, "Pushing " + size + " active UID cleartext policies");
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]695 final SparseIntArray local = mUidCleartextPolicy;
696 mUidCleartextPolicy = new SparseIntArray();
697 for (int i = 0; i < local.size(); i++) {
698 setUidCleartextNetworkPolicy(local.keyAt(i), local.valueAt(i));
699 }
700 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]701
Robin Leec3736bc2017-03-10 16:19:54 +0000[diff] [blame]702 setFirewallEnabled(mFirewallEnabled);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]703
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]704 syncFirewallChainLocked(FIREWALL_CHAIN_NONE, "");
705 syncFirewallChainLocked(FIREWALL_CHAIN_STANDBY, "standby ");
706 syncFirewallChainLocked(FIREWALL_CHAIN_DOZABLE, "dozable ");
707 syncFirewallChainLocked(FIREWALL_CHAIN_POWERSAVE, "powersave ");
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]708
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]709 final int[] chains =
710 {FIREWALL_CHAIN_STANDBY, FIREWALL_CHAIN_DOZABLE, FIREWALL_CHAIN_POWERSAVE};
711 for (int chain : chains) {
712 if (getFirewallChainState(chain)) {
713 setFirewallChainEnabled(chain, true);
714 }
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]715 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]716 }
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]717 }
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]718
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]719 /**
720 * Notify our observers of a new or updated interface address.
721 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]722 private void notifyAddressUpdated(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]723 invokeForAllObservers(o -> o.addressUpdated(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]724 }
725
726 /**
727 * Notify our observers of a deleted interface address.
728 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]729 private void notifyAddressRemoved(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]730 invokeForAllObservers(o -> o.addressRemoved(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]731 }
732
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]733 /**
734 * Notify our observers of DNS server information received.
735 */
736 private void notifyInterfaceDnsServerInfo(String iface, long lifetime, String[] addresses) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]737 invokeForAllObservers(o -> o.interfaceDnsServerInfo(iface, lifetime, addresses));
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]738 }
739
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]740 /**
741 * Notify our observers of a route change.
742 */
743 private void notifyRouteChange(String action, RouteInfo route) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]744 if (action.equals("updated")) {
745 invokeForAllObservers(o -> o.routeUpdated(route));
746 } else {
747 invokeForAllObservers(o -> o.routeRemoved(route));
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]748 }
749 }
750
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]751 //
752 // Netd Callback handling
753 //
754
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]755 private class NetdCallbackReceiver implements INativeDaemonConnectorCallbacks {
756 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]757 public void onDaemonConnected() {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]758 Slog.i(TAG, "onDaemonConnected()");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]759 // event is dispatched from internal NDC thread, so we prepare the
760 // daemon back on main thread.
761 if (mConnectedSignal != null) {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]762 // The system is booting and we're connecting to netd for the first time.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]763 mConnectedSignal.countDown();
764 mConnectedSignal = null;
765 } else {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]766 // We're reconnecting to netd after the socket connection
767 // was interrupted (e.g., if it crashed).
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]768 mFgHandler.post(new Runnable() {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]769 @Override
770 public void run() {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]771 connectNativeNetdService();
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]772 prepareNativeDaemon();
773 }
774 });
775 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]776 }
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]777
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]778 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]779 public boolean onCheckHoldWakeLock(int code) {
780 return code == NetdResponseCode.InterfaceClassActivity;
781 }
782
783 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]784 public boolean onEvent(int code, String raw, String[] cooked) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]785 String errorMessage = String.format("Invalid event from daemon (%s)", raw);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]786 switch (code) {
787 case NetdResponseCode.InterfaceChange:
788 /*
789 * a network interface change occured
790 * Format: "NNN Iface added <name>"
791 * "NNN Iface removed <name>"
792 * "NNN Iface changed <name> <up/down>"
793 * "NNN Iface linkstatus <name> <up/down>"
794 */
795 if (cooked.length < 4 || !cooked[1].equals("Iface")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]796 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]797 }
798 if (cooked[2].equals("added")) {
799 notifyInterfaceAdded(cooked[3]);
800 return true;
801 } else if (cooked[2].equals("removed")) {
802 notifyInterfaceRemoved(cooked[3]);
803 return true;
804 } else if (cooked[2].equals("changed") && cooked.length == 5) {
805 notifyInterfaceStatusChanged(cooked[3], cooked[4].equals("up"));
806 return true;
807 } else if (cooked[2].equals("linkstate") && cooked.length == 5) {
808 notifyInterfaceLinkStateChanged(cooked[3], cooked[4].equals("up"));
809 return true;
810 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]811 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]812 // break;
813 case NetdResponseCode.BandwidthControl:
814 /*
815 * Bandwidth control needs some attention
816 * Format: "NNN limit alert <alertName> <ifaceName>"
817 */
818 if (cooked.length < 5 || !cooked[1].equals("limit")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]819 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]820 }
821 if (cooked[2].equals("alert")) {
822 notifyLimitReached(cooked[3], cooked[4]);
823 return true;
824 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]825 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]826 // break;
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]827 case NetdResponseCode.InterfaceClassActivity:
828 /*
829 * An network interface class state changed (active/idle)
830 * Format: "NNN IfaceClass <active/idle> <label>"
831 */
832 if (cooked.length < 4 || !cooked[1].equals("IfaceClass")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]833 throw new IllegalStateException(errorMessage);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]834 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]835 long timestampNanos = 0;
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]836 int processUid = -1;
837 if (cooked.length >= 5) {
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]838 try {
839 timestampNanos = Long.parseLong(cooked[4]);
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]840 if (cooked.length == 6) {
841 processUid = Integer.parseInt(cooked[5]);
842 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]843 } catch(NumberFormatException ne) {}
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]844 } else {
845 timestampNanos = SystemClock.elapsedRealtimeNanos();
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]846 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]847 boolean isActive = cooked[2].equals("active");
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]848 notifyInterfaceClassActivity(Integer.parseInt(cooked[3]),
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]849 isActive ? DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]850 : DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
851 timestampNanos, processUid, false);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]852 return true;
853 // break;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]854 case NetdResponseCode.InterfaceAddressChange:
855 /*
856 * A network address change occurred
857 * Format: "NNN Address updated <addr> <iface> <flags> <scope>"
858 * "NNN Address removed <addr> <iface> <flags> <scope>"
859 */
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]860 if (cooked.length < 7 || !cooked[1].equals("Address")) {
861 throw new IllegalStateException(errorMessage);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]862 }
863
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]864 String iface = cooked[4];
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]865 LinkAddress address;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]866 try {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]867 int flags = Integer.parseInt(cooked[5]);
868 int scope = Integer.parseInt(cooked[6]);
869 address = new LinkAddress(cooked[3], flags, scope);
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]870 } catch(NumberFormatException e) { // Non-numeric lifetime or scope.
871 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]872 } catch(IllegalArgumentException e) { // Malformed/invalid IP address.
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]873 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]874 }
875
876 if (cooked[2].equals("updated")) {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]877 notifyAddressUpdated(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]878 } else {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]879 notifyAddressRemoved(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]880 }
881 return true;
882 // break;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]883 case NetdResponseCode.InterfaceDnsServerInfo:
884 /*
885 * Information about available DNS servers has been received.
886 * Format: "NNN DnsInfo servers <interface> <lifetime> <servers>"
887 */
888 long lifetime; // Actually a 32-bit unsigned integer.
889
890 if (cooked.length == 6 &&
891 cooked[1].equals("DnsInfo") &&
892 cooked[2].equals("servers")) {
893 try {
894 lifetime = Long.parseLong(cooked[4]);
895 } catch (NumberFormatException e) {
896 throw new IllegalStateException(errorMessage);
897 }
898 String[] servers = cooked[5].split(",");
899 notifyInterfaceDnsServerInfo(cooked[3], lifetime, servers);
900 }
901 return true;
902 // break;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]903 case NetdResponseCode.RouteChange:
904 /*
905 * A route has been updated or removed.
906 * Format: "NNN Route <updated|removed> <dst> [via <gateway] [dev <iface>]"
907 */
908 if (!cooked[1].equals("Route") || cooked.length < 6) {
909 throw new IllegalStateException(errorMessage);
910 }
911
912 String via = null;
913 String dev = null;
914 boolean valid = true;
915 for (int i = 4; (i + 1) < cooked.length && valid; i += 2) {
916 if (cooked[i].equals("dev")) {
917 if (dev == null) {
918 dev = cooked[i+1];
919 } else {
920 valid = false; // Duplicate interface.
921 }
922 } else if (cooked[i].equals("via")) {
923 if (via == null) {
924 via = cooked[i+1];
925 } else {
926 valid = false; // Duplicate gateway.
927 }
928 } else {
929 valid = false; // Unknown syntax.
930 }
931 }
932 if (valid) {
933 try {
934 // InetAddress.parseNumericAddress(null) inexplicably returns ::1.
935 InetAddress gateway = null;
936 if (via != null) gateway = InetAddress.parseNumericAddress(via);
937 RouteInfo route = new RouteInfo(new IpPrefix(cooked[3]), gateway, dev);
938 notifyRouteChange(cooked[2], route);
939 return true;
940 } catch (IllegalArgumentException e) {}
941 }
942 throw new IllegalStateException(errorMessage);
943 // break;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]944 case NetdResponseCode.StrictCleartext:
945 final int uid = Integer.parseInt(cooked[1]);
946 final byte[] firstPacket = HexDump.hexStringToByteArray(cooked[2]);
947 try {
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]948 ActivityManager.getService().notifyCleartextNetwork(uid, firstPacket);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]949 } catch (RemoteException ignored) {
950 }
951 break;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]952 default: break;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]953 }
954 return false;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]955 }
956 }
957
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]958
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]959 //
960 // INetworkManagementService members
961 //
Erik Kline4e37b702016-07-05 11:34:21 +0900[diff] [blame]962 @Override
963 public INetd getNetdService() throws RemoteException {
964 final CountDownLatch connectedSignal = mConnectedSignal;
965 if (connectedSignal != null) {
966 try {
967 connectedSignal.await();
968 } catch (InterruptedException ignored) {}
969 }
970
971 return mNetdService;
972 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]973
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]974 @Override
975 public String[] listInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]976 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]977 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]978 return NativeDaemonEvent.filterMessageList(
979 mConnector.executeForList("interface", "list"), InterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]980 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]981 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]982 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]983 }
984
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]985 @Override
986 public InterfaceConfiguration getInterfaceConfig(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]987 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]988
989 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]990 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]991 event = mConnector.execute("interface", "getcfg", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]992 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]993 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]994 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]995
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]996 event.checkCode(InterfaceGetCfgResult);
997
998 // Rsp: 213 xx:xx:xx:xx:xx:xx yyy.yyy.yyy.yyy zzz flag1 flag2 flag3
999 final StringTokenizer st = new StringTokenizer(event.getMessage());
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1000
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1001 InterfaceConfiguration cfg;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1002 try {
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1003 cfg = new InterfaceConfiguration();
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1004 cfg.setHardwareAddress(st.nextToken(" "));
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1005 InetAddress addr = null;
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1006 int prefixLength = 0;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1007 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1008 addr = NetworkUtils.numericToInetAddress(st.nextToken());
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1009 } catch (IllegalArgumentException iae) {
1010 Slog.e(TAG, "Failed to parse ipaddr", iae);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1011 }
1012
1013 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1014 prefixLength = Integer.parseInt(st.nextToken());
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1015 } catch (NumberFormatException nfe) {
1016 Slog.e(TAG, "Failed to parse prefixLength", nfe);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1017 }
Robert Greenwalt04808c22010-12-13 17:01:41 -0800[diff] [blame]1018
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1019 cfg.setLinkAddress(new LinkAddress(addr, prefixLength));
1020 while (st.hasMoreTokens()) {
1021 cfg.setFlag(st.nextToken());
1022 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1023 } catch (NoSuchElementException nsee) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1024 throw new IllegalStateException("Invalid response from daemon: " + event);
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1025 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1026 return cfg;
1027 }
1028
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1029 @Override
1030 public void setInterfaceConfig(String iface, InterfaceConfiguration cfg) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1031 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1032 LinkAddress linkAddr = cfg.getLinkAddress();
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1033 if (linkAddr == null || linkAddr.getAddress() == null) {
1034 throw new IllegalStateException("Null LinkAddress given");
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1035 }
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1036
1037 final Command cmd = new Command("interface", "setcfg", iface,
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1038 linkAddr.getAddress().getHostAddress(),
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]1039 linkAddr.getPrefixLength());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1040 for (String flag : cfg.getFlags()) {
1041 cmd.appendArg(flag);
1042 }
1043
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1044 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1045 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1046 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1047 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1048 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1049 }
1050
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1051 @Override
1052 public void setInterfaceDown(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1053 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1054 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1055 ifcg.setInterfaceDown();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1056 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1057 }
1058
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1059 @Override
1060 public void setInterfaceUp(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1061 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1062 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1063 ifcg.setInterfaceUp();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1064 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1065 }
1066
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1067 @Override
1068 public void setInterfaceIpv6PrivacyExtensions(String iface, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1069 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1070 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1071 mConnector.execute(
1072 "interface", "ipv6privacyextensions", iface, enable ? "enable" : "disable");
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1073 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1074 throw e.rethrowAsParcelableException();
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1075 }
1076 }
1077
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1078 /* TODO: This is right now a IPv4 only function. Works for wifi which loses its
1079 IPv6 addresses on interface down, but we need to do full clean up here */
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1080 @Override
1081 public void clearInterfaceAddresses(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1082 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1083 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1084 mConnector.execute("interface", "clearaddrs", iface);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1085 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1086 throw e.rethrowAsParcelableException();
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1087 }
1088 }
1089
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1090 @Override
1091 public void enableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1092 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1093 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1094 mConnector.execute("interface", "ipv6", iface, "enable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1095 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1096 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1097 }
1098 }
1099
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1100 @Override
Joel Scherpelz3ee447c2017-06-07 15:38:38 +0900[diff] [blame]1101 public void setIPv6AddrGenMode(String iface, int mode) throws ServiceSpecificException {
1102 try {
1103 mNetdService.setIPv6AddrGenMode(iface, mode);
1104 } catch (RemoteException e) {
1105 throw e.rethrowAsRuntimeException();
1106 }
1107 }
1108
1109 @Override
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1110 public void disableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1111 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1112 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1113 mConnector.execute("interface", "ipv6", iface, "disable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1114 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1115 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1116 }
1117 }
1118
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1119 @Override
Lorenzo Colittie21a26b2014-10-28 15:24:03 +0900[diff] [blame]1120 public void setInterfaceIpv6NdOffload(String iface, boolean enable) {
1121 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1122 try {
1123 mConnector.execute(
1124 "interface", "ipv6ndoffload", iface, (enable ? "enable" : "disable"));
1125 } catch (NativeDaemonConnectorException e) {
1126 throw e.rethrowAsParcelableException();
1127 }
1128 }
1129
1130 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1131 public void addRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1132 modifyRoute("add", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1133 }
1134
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1135 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1136 public void removeRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1137 modifyRoute("remove", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1138 }
1139
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1140 private void modifyRoute(String action, String netId, RouteInfo route) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1141 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1142
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1143 final Command cmd = new Command("network", "route", action, netId);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1144
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1145 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1146 cmd.appendArg(route.getInterface());
Lorenzo Colitti4b0f8e62014-09-19 01:49:05 +0900[diff] [blame]1147 cmd.appendArg(route.getDestination().toString());
1148
1149 switch (route.getType()) {
1150 case RouteInfo.RTN_UNICAST:
1151 if (route.hasGateway()) {
1152 cmd.appendArg(route.getGateway().getHostAddress());
1153 }
1154 break;
1155 case RouteInfo.RTN_UNREACHABLE:
1156 cmd.appendArg("unreachable");
1157 break;
1158 case RouteInfo.RTN_THROW:
1159 cmd.appendArg("throw");
1160 break;
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]1161 }
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1162
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1163 try {
1164 mConnector.execute(cmd);
1165 } catch (NativeDaemonConnectorException e) {
1166 throw e.rethrowAsParcelableException();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1167 }
1168 }
1169
1170 private ArrayList<String> readRouteList(String filename) {
1171 FileInputStream fstream = null;
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1172 ArrayList<String> list = new ArrayList<>();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1173
1174 try {
1175 fstream = new FileInputStream(filename);
1176 DataInputStream in = new DataInputStream(fstream);
1177 BufferedReader br = new BufferedReader(new InputStreamReader(in));
1178 String s;
1179
1180 // throw away the title line
1181
1182 while (((s = br.readLine()) != null) && (s.length() != 0)) {
1183 list.add(s);
1184 }
1185 } catch (IOException ex) {
1186 // return current list, possibly empty
1187 } finally {
1188 if (fstream != null) {
1189 try {
1190 fstream.close();
1191 } catch (IOException ex) {}
1192 }
1193 }
1194
1195 return list;
1196 }
1197
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1198 @Override
sy.yun9d9b74a2013-09-02 05:24:09 +0900[diff] [blame]1199 public void setMtu(String iface, int mtu) {
1200 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1201
1202 final NativeDaemonEvent event;
1203 try {
1204 event = mConnector.execute("interface", "setmtu", iface, mtu);
1205 } catch (NativeDaemonConnectorException e) {
1206 throw e.rethrowAsParcelableException();
1207 }
1208 }
1209
1210 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1211 public void shutdown() {
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1212 // TODO: remove from aidl if nobody calls externally
1213 mContext.enforceCallingOrSelfPermission(SHUTDOWN, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1214
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]1215 Slog.i(TAG, "Shutting down");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1216 }
1217
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1218 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1219 public boolean getIpForwardingEnabled() throws IllegalStateException{
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1220 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1221
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1222 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1223 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1224 event = mConnector.execute("ipfwd", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1225 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1226 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1227 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1228
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1229 // 211 Forwarding enabled
1230 event.checkCode(IpFwdStatusResult);
1231 return event.getMessage().endsWith("enabled");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1232 }
1233
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1234 @Override
1235 public void setIpForwardingEnabled(boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1236 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1237 try {
Nilesh Poddarf3d4a582015-02-24 12:11:11 -0800[diff] [blame]1238 mConnector.execute("ipfwd", enable ? "enable" : "disable", "tethering");
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1239 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1240 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1241 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1242 }
1243
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1244 @Override
1245 public void startTethering(String[] dhcpRange) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1246 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1247 // cmd is "tether start first_start first_stop second_start second_stop ..."
1248 // an odd number of addrs will fail
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1249
1250 final Command cmd = new Command("tether", "start");
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1251 for (String d : dhcpRange) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1252 cmd.appendArg(d);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1253 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1254
1255 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1256 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1257 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1258 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1259 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1260 }
1261
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1262 @Override
1263 public void stopTethering() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1264 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1265 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1266 mConnector.execute("tether", "stop");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1267 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1268 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1269 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1270 }
1271
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1272 @Override
1273 public boolean isTetheringStarted() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1274 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1275
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1276 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1277 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1278 event = mConnector.execute("tether", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1279 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1280 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1281 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1282
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1283 // 210 Tethering services started
1284 event.checkCode(TetherStatusResult);
1285 return event.getMessage().endsWith("started");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1286 }
Matthew Xiefe19f122012-07-12 16:03:32 -0700[diff] [blame]1287
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1288 @Override
1289 public void tetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1290 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1291 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1292 mConnector.execute("tether", "interface", "add", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1293 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1294 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1295 }
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1296 List<RouteInfo> routes = new ArrayList<>();
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1297 // The RouteInfo constructor truncates the LinkAddress to a network prefix, thus making it
1298 // suitable to use as a route destination.
1299 routes.add(new RouteInfo(getInterfaceConfig(iface).getLinkAddress(), null, iface));
1300 addInterfaceToLocalNetwork(iface, routes);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1301 }
1302
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1303 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1304 public void untetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1305 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1306 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1307 mConnector.execute("tether", "interface", "remove", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1308 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1309 throw e.rethrowAsParcelableException();
Erik Kline1f4278a2016-08-16 16:46:33 +0900[diff] [blame]1310 } finally {
1311 removeInterfaceFromLocalNetwork(iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1312 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1313 }
1314
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1315 @Override
1316 public String[] listTetheredInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1317 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1318 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1319 return NativeDaemonEvent.filterMessageList(
1320 mConnector.executeForList("tether", "interface", "list"),
1321 TetherInterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1322 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1323 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1324 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1325 }
1326
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1327 @Override
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1328 public void setDnsForwarders(Network network, String[] dns) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1329 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1330
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1331 int netId = (network != null) ? network.netId : ConnectivityManager.NETID_UNSET;
1332 final Command cmd = new Command("tether", "dns", "set", netId);
1333
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1334 for (String s : dns) {
1335 cmd.appendArg(NetworkUtils.numericToInetAddress(s).getHostAddress());
1336 }
1337
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1338 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1339 mConnector.execute(cmd);
1340 } catch (NativeDaemonConnectorException e) {
1341 throw e.rethrowAsParcelableException();
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1342 }
1343 }
1344
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1345 @Override
1346 public String[] getDnsForwarders() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1347 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1348 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1349 return NativeDaemonEvent.filterMessageList(
1350 mConnector.executeForList("tether", "dns", "list"), TetherDnsFwdTgtListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1351 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1352 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1353 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1354 }
1355
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1356 private List<InterfaceAddress> excludeLinkLocal(List<InterfaceAddress> addresses) {
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1357 ArrayList<InterfaceAddress> filtered = new ArrayList<>(addresses.size());
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1358 for (InterfaceAddress ia : addresses) {
1359 if (!ia.getAddress().isLinkLocalAddress())
1360 filtered.add(ia);
1361 }
1362 return filtered;
1363 }
1364
Lorenzo Colitti35e36db2015-02-26 01:25:36 +0900[diff] [blame]1365 private void modifyInterfaceForward(boolean add, String fromIface, String toIface) {
1366 final Command cmd = new Command("ipfwd", add ? "add" : "remove", fromIface, toIface);
1367 try {
1368 mConnector.execute(cmd);
1369 } catch (NativeDaemonConnectorException e) {
1370 throw e.rethrowAsParcelableException();
1371 }
1372 }
1373
1374 @Override
1375 public void startInterfaceForwarding(String fromIface, String toIface) {
1376 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1377 modifyInterfaceForward(true, fromIface, toIface);
1378 }
1379
1380 @Override
1381 public void stopInterfaceForwarding(String fromIface, String toIface) {
1382 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1383 modifyInterfaceForward(false, fromIface, toIface);
1384 }
1385
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1386 private void modifyNat(String action, String internalInterface, String externalInterface)
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1387 throws SocketException {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1388 final Command cmd = new Command("nat", action, internalInterface, externalInterface);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1389
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1390 final NetworkInterface internalNetworkInterface = NetworkInterface.getByName(
1391 internalInterface);
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1392 if (internalNetworkInterface == null) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1393 cmd.appendArg("0");
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1394 } else {
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1395 // Don't touch link-local routes, as link-local addresses aren't routable,
1396 // kernel creates link-local routes on all interfaces automatically
1397 List<InterfaceAddress> interfaceAddresses = excludeLinkLocal(
1398 internalNetworkInterface.getInterfaceAddresses());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1399 cmd.appendArg(interfaceAddresses.size());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1400 for (InterfaceAddress ia : interfaceAddresses) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1401 InetAddress addr = NetworkUtils.getNetworkPart(
1402 ia.getAddress(), ia.getNetworkPrefixLength());
1403 cmd.appendArg(addr.getHostAddress() + "/" + ia.getNetworkPrefixLength());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1404 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1405 }
1406
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1407 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1408 mConnector.execute(cmd);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1409 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1410 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1411 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1412 }
1413
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1414 @Override
1415 public void enableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1416 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1417 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1418 modifyNat("enable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1419 } catch (SocketException e) {
1420 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1421 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1422 }
1423
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1424 @Override
1425 public void disableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1426 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1427 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1428 modifyNat("disable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1429 } catch (SocketException e) {
1430 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1431 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1432 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1433
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1434 @Override
1435 public String[] listTtys() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1436 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1437 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1438 return NativeDaemonEvent.filterMessageList(
1439 mConnector.executeForList("list_ttys"), TtyListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1440 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1441 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1442 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1443 }
1444
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1445 @Override
1446 public void attachPppd(
1447 String tty, String localAddr, String remoteAddr, String dns1Addr, String dns2Addr) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1448 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1449 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1450 mConnector.execute("pppd", "attach", tty,
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1451 NetworkUtils.numericToInetAddress(localAddr).getHostAddress(),
1452 NetworkUtils.numericToInetAddress(remoteAddr).getHostAddress(),
1453 NetworkUtils.numericToInetAddress(dns1Addr).getHostAddress(),
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1454 NetworkUtils.numericToInetAddress(dns2Addr).getHostAddress());
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1455 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1456 throw e.rethrowAsParcelableException();
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1457 }
1458 }
1459
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1460 @Override
1461 public void detachPppd(String tty) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1462 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1463 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1464 mConnector.execute("pppd", "detach", tty);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1465 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1466 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1467 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1468 }
Robert Greenwaltce1200d2010-02-18 11:25:54 -0800[diff] [blame]1469
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1470 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1471 public void addIdleTimer(String iface, int timeout, final int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1472 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1473
1474 if (DBG) Slog.d(TAG, "Adding idletimer");
1475
1476 synchronized (mIdleTimerLock) {
1477 IdleTimerParams params = mActiveIdleTimers.get(iface);
1478 if (params != null) {
1479 // the interface already has idletimer, update network count
1480 params.networkCount++;
1481 return;
1482 }
1483
1484 try {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1485 mConnector.execute("idletimer", "add", iface, Integer.toString(timeout),
1486 Integer.toString(type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1487 } catch (NativeDaemonConnectorException e) {
1488 throw e.rethrowAsParcelableException();
1489 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1490 mActiveIdleTimers.put(iface, new IdleTimerParams(timeout, type));
1491
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]1492 // Networks start up.
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1493 if (ConnectivityManager.isNetworkTypeMobile(type)) {
1494 mNetworkActive = false;
1495 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1496 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1497 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1498 notifyInterfaceClassActivity(type,
1499 DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1500 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1501 }
1502 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1503 }
1504 }
1505
1506 @Override
1507 public void removeIdleTimer(String iface) {
1508 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1509
1510 if (DBG) Slog.d(TAG, "Removing idletimer");
1511
1512 synchronized (mIdleTimerLock) {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1513 final IdleTimerParams params = mActiveIdleTimers.get(iface);
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1514 if (params == null || --(params.networkCount) > 0) {
1515 return;
1516 }
1517
1518 try {
1519 mConnector.execute("idletimer", "remove", iface,
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1520 Integer.toString(params.timeout), Integer.toString(params.type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1521 } catch (NativeDaemonConnectorException e) {
1522 throw e.rethrowAsParcelableException();
1523 }
1524 mActiveIdleTimers.remove(iface);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1525 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1526 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1527 notifyInterfaceClassActivity(params.type,
1528 DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1529 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1530 }
1531 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1532 }
1533 }
1534
1535 @Override
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1536 public NetworkStats getNetworkStatsSummaryDev() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1537 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1538 try {
1539 return mStatsFactory.readNetworkStatsSummaryDev();
1540 } catch (IOException e) {
1541 throw new IllegalStateException(e);
1542 }
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1543 }
1544
1545 @Override
1546 public NetworkStats getNetworkStatsSummaryXt() {
1547 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1548 try {
1549 return mStatsFactory.readNetworkStatsSummaryXt();
1550 } catch (IOException e) {
1551 throw new IllegalStateException(e);
1552 }
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]1553 }
1554
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1555 @Override
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]1556 public NetworkStats getNetworkStatsDetail() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1557 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1558 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1559 return mStatsFactory.readNetworkStatsDetail(UID_ALL, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1560 } catch (IOException e) {
1561 throw new IllegalStateException(e);
1562 }
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]1563 }
1564
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1565 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1566 public void setInterfaceQuota(String iface, long quotaBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1567 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1568
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1569 // silently discard when control disabled
1570 // TODO: eventually migrate to be always enabled
1571 if (!mBandwidthControlEnabled) return;
1572
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1573 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1574 if (mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1575 throw new IllegalStateException("iface " + iface + " already has quota");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1576 }
1577
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1578 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1579 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1580 mConnector.execute("bandwidth", "setiquota", iface, quotaBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1581 mActiveQuotas.put(iface, quotaBytes);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1582 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1583 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1584 }
Lorenzo Colitti62801ec2017-08-11 13:47:49 +0900[diff] [blame]1585
1586 synchronized (mTetheringStatsProviders) {
1587 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1588 try {
1589 provider.setInterfaceQuota(iface, quotaBytes);
1590 } catch (RemoteException e) {
1591 Log.e(TAG, "Problem setting tethering data limit on provider " +
1592 mTetheringStatsProviders.get(provider) + ": " + e);
1593 }
1594 }
1595 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1596 }
1597 }
1598
1599 @Override
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1600 public void removeInterfaceQuota(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1601 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1602
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1603 // silently discard when control disabled
1604 // TODO: eventually migrate to be always enabled
1605 if (!mBandwidthControlEnabled) return;
1606
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1607 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1608 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1609 // TODO: eventually consider throwing
1610 return;
1611 }
1612
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1613 mActiveQuotas.remove(iface);
1614 mActiveAlerts.remove(iface);
Jeff Sharkey38ddeaa2011-11-08 13:04:22 -0800[diff] [blame]1615
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1616 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1617 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1618 mConnector.execute("bandwidth", "removeiquota", iface);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1619 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1620 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1621 }
Lorenzo Colitti62801ec2017-08-11 13:47:49 +0900[diff] [blame]1622
1623 synchronized (mTetheringStatsProviders) {
1624 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1625 try {
1626 provider.setInterfaceQuota(iface, ITetheringStatsProvider.QUOTA_UNLIMITED);
1627 } catch (RemoteException e) {
1628 Log.e(TAG, "Problem removing tethering data limit on provider " +
1629 mTetheringStatsProviders.get(provider) + ": " + e);
1630 }
1631 }
1632 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1633 }
1634 }
1635
1636 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1637 public void setInterfaceAlert(String iface, long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1638 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1639
1640 // silently discard when control disabled
1641 // TODO: eventually migrate to be always enabled
1642 if (!mBandwidthControlEnabled) return;
1643
1644 // quick sanity check
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1645 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1646 throw new IllegalStateException("setting alert requires existing quota on iface");
1647 }
1648
1649 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1650 if (mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1651 throw new IllegalStateException("iface " + iface + " already has alert");
1652 }
1653
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1654 try {
1655 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1656 mConnector.execute("bandwidth", "setinterfacealert", iface, alertBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1657 mActiveAlerts.put(iface, alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1658 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1659 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1660 }
1661 }
1662 }
1663
1664 @Override
1665 public void removeInterfaceAlert(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1666 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1667
1668 // silently discard when control disabled
1669 // TODO: eventually migrate to be always enabled
1670 if (!mBandwidthControlEnabled) return;
1671
1672 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1673 if (!mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1674 // TODO: eventually consider throwing
1675 return;
1676 }
1677
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1678 try {
1679 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1680 mConnector.execute("bandwidth", "removeinterfacealert", iface);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1681 mActiveAlerts.remove(iface);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1682 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1683 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1684 }
1685 }
1686 }
1687
1688 @Override
1689 public void setGlobalAlert(long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1690 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1691
1692 // silently discard when control disabled
1693 // TODO: eventually migrate to be always enabled
1694 if (!mBandwidthControlEnabled) return;
1695
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1696 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1697 mConnector.execute("bandwidth", "setglobalalert", alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1698 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1699 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1700 }
1701 }
1702
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1703 private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1704 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1705
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1706 // silently discard when control disabled
1707 // TODO: eventually migrate to be always enabled
1708 if (!mBandwidthControlEnabled) return;
1709
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1710 final String chain = blacklist ? "naughtyapps" : "niceapps";
1711 final String suffix = enable ? "add" : "remove";
1712
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1713 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1714 boolean oldEnable;
1715 SparseBooleanArray quotaList;
1716 synchronized (mRulesLock) {
1717 quotaList = blacklist ? mUidRejectOnMetered : mUidAllowOnMetered;
1718 oldEnable = quotaList.get(uid, false);
1719 }
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1720 if (oldEnable == enable) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1721 // TODO: eventually consider throwing
1722 return;
1723 }
1724
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1725 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "inetd bandwidth");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1726 try {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1727 mConnector.execute("bandwidth", suffix + chain, uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1728 synchronized (mRulesLock) {
1729 if (enable) {
1730 quotaList.put(uid, true);
1731 } else {
1732 quotaList.delete(uid);
1733 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1734 }
1735 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1736 throw e.rethrowAsParcelableException();
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1737 } finally {
1738 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1739 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1740 }
1741 }
1742
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1743 @Override
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1744 public void setUidMeteredNetworkBlacklist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1745 setUidOnMeteredNetworkList(uid, true, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1746 }
1747
1748 @Override
1749 public void setUidMeteredNetworkWhitelist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1750 setUidOnMeteredNetworkList(uid, false, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1751 }
1752
1753 @Override
1754 public boolean setDataSaverModeEnabled(boolean enable) {
1755 if (DBG) Log.d(TAG, "setDataSaverMode: " + enable);
1756 synchronized (mQuotaLock) {
1757 if (mDataSaverMode == enable) {
1758 Log.w(TAG, "setDataSaverMode(): already " + mDataSaverMode);
1759 return true;
1760 }
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1761 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "bandwidthEnableDataSaver");
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1762 try {
1763 final boolean changed = mNetdService.bandwidthEnableDataSaver(enable);
1764 if (changed) {
1765 mDataSaverMode = enable;
1766 } else {
1767 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command silently failed");
1768 }
1769 return changed;
1770 } catch (RemoteException e) {
1771 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command failed", e);
1772 return false;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1773 } finally {
1774 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1775 }
1776 }
1777 }
1778
1779 @Override
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1780 public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges)
1781 throws ServiceSpecificException {
1782 try {
1783 mNetdService.networkRejectNonSecureVpn(add, uidRanges);
1784 } catch (ServiceSpecificException e) {
1785 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1786 + ": netd command failed", e);
1787 throw e;
1788 } catch (RemoteException e) {
1789 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1790 + ": netd command failed", e);
1791 throw e.rethrowAsRuntimeException();
1792 }
1793 }
1794
1795 @Override
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1796 public void setUidCleartextNetworkPolicy(int uid, int policy) {
1797 if (Binder.getCallingUid() != uid) {
1798 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1799 }
1800
1801 synchronized (mQuotaLock) {
1802 final int oldPolicy = mUidCleartextPolicy.get(uid, StrictMode.NETWORK_POLICY_ACCEPT);
1803 if (oldPolicy == policy) {
1804 return;
1805 }
1806
1807 if (!mStrictEnabled) {
1808 // Module isn't enabled yet; stash the requested policy away to
1809 // apply later once the daemon is connected.
1810 mUidCleartextPolicy.put(uid, policy);
1811 return;
1812 }
1813
1814 final String policyString;
1815 switch (policy) {
1816 case StrictMode.NETWORK_POLICY_ACCEPT:
1817 policyString = "accept";
1818 break;
1819 case StrictMode.NETWORK_POLICY_LOG:
1820 policyString = "log";
1821 break;
1822 case StrictMode.NETWORK_POLICY_REJECT:
1823 policyString = "reject";
1824 break;
1825 default:
1826 throw new IllegalArgumentException("Unknown policy " + policy);
1827 }
1828
1829 try {
1830 mConnector.execute("strict", "set_uid_cleartext_policy", uid, policyString);
1831 mUidCleartextPolicy.put(uid, policy);
1832 } catch (NativeDaemonConnectorException e) {
1833 throw e.rethrowAsParcelableException();
1834 }
1835 }
1836 }
1837
1838 @Override
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1839 public boolean isBandwidthControlEnabled() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1840 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1841 return mBandwidthControlEnabled;
1842 }
1843
1844 @Override
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1845 public NetworkStats getNetworkStatsUidDetail(int uid) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1846 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1847 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1848 return mStatsFactory.readNetworkStatsDetail(uid, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1849 } catch (IOException e) {
1850 throw new IllegalStateException(e);
1851 }
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1852 }
1853
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]1854 private class NetdTetheringStatsProvider extends ITetheringStatsProvider.Stub {
1855 @Override
Lorenzo Colitti5356a352017-08-17 19:23:08 +0900[diff] [blame^]1856 public NetworkStats getTetherStats(int how) {
1857 // We only need to return per-UID stats. Per-device stats are already counted by
1858 // interface counters.
1859 if (how != STATS_PER_UID) {
1860 return new NetworkStats(SystemClock.elapsedRealtime(), 0);
1861 }
1862
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]1863 final NativeDaemonEvent[] events;
1864 try {
1865 events = mConnector.executeForList("bandwidth", "gettetherstats");
1866 } catch (NativeDaemonConnectorException e) {
1867 throw e.rethrowAsParcelableException();
1868 }
1869 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1870 for (NativeDaemonEvent event : events) {
1871 if (event.getCode() != TetheringStatsListResult) continue;
1872
1873 // 114 ifaceIn ifaceOut rx_bytes rx_packets tx_bytes tx_packets
1874 final StringTokenizer tok = new StringTokenizer(event.getMessage());
1875 try {
1876 final String ifaceIn = tok.nextToken();
1877 final String ifaceOut = tok.nextToken();
1878
1879 final NetworkStats.Entry entry = new NetworkStats.Entry();
1880 entry.iface = ifaceOut;
1881 entry.uid = UID_TETHERING;
1882 entry.set = SET_DEFAULT;
1883 entry.tag = TAG_NONE;
1884 entry.rxBytes = Long.parseLong(tok.nextToken());
1885 entry.rxPackets = Long.parseLong(tok.nextToken());
1886 entry.txBytes = Long.parseLong(tok.nextToken());
1887 entry.txPackets = Long.parseLong(tok.nextToken());
1888 stats.combineValues(entry);
1889 } catch (NoSuchElementException e) {
1890 throw new IllegalStateException("problem parsing tethering stats: " + event);
1891 } catch (NumberFormatException e) {
1892 throw new IllegalStateException("problem parsing tethering stats: " + event);
1893 }
1894 }
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]1895 return stats;
1896 }
Lorenzo Colitti62801ec2017-08-11 13:47:49 +0900[diff] [blame]1897
1898 @Override
1899 public void setInterfaceQuota(String iface, long quotaBytes) {
1900 // Do nothing. netd is already informed of quota changes in setInterfaceQuota.
1901 }
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]1902 }
1903
1904 @Override
Lorenzo Colitti5356a352017-08-17 19:23:08 +0900[diff] [blame^]1905 public NetworkStats getNetworkStatsTethering(int how) {
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]1906 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1907
1908 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1);
1909 synchronized (mTetheringStatsProviders) {
1910 for (ITetheringStatsProvider provider: mTetheringStatsProviders.keySet()) {
1911 try {
Lorenzo Colitti5356a352017-08-17 19:23:08 +0900[diff] [blame^]1912 stats.combineAllValues(provider.getTetherStats(how));
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]1913 } catch (RemoteException e) {
1914 Log.e(TAG, "Problem reading tethering stats from " +
1915 mTetheringStatsProviders.get(provider) + ": " + e);
1916 }
1917 }
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1918 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1919 return stats;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1920 }
1921
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1922 @Override
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1923 public void setDnsConfigurationForNetwork(int netId, String[] servers, String domains) {
1924 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1925
1926 ContentResolver resolver = mContext.getContentResolver();
1927
1928 int sampleValidity = Settings.Global.getInt(resolver,
1929 Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS,
1930 DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS);
1931 if (sampleValidity < 0 || sampleValidity > 65535) {
1932 Slog.w(TAG, "Invalid sampleValidity=" + sampleValidity + ", using default=" +
1933 DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS);
1934 sampleValidity = DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS;
1935 }
1936
1937 int successThreshold = Settings.Global.getInt(resolver,
1938 Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT,
1939 DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT);
1940 if (successThreshold < 0 || successThreshold > 100) {
1941 Slog.w(TAG, "Invalid successThreshold=" + successThreshold + ", using default=" +
1942 DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT);
1943 successThreshold = DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT;
1944 }
1945
1946 int minSamples = Settings.Global.getInt(resolver,
1947 Settings.Global.DNS_RESOLVER_MIN_SAMPLES, DNS_RESOLVER_DEFAULT_MIN_SAMPLES);
1948 int maxSamples = Settings.Global.getInt(resolver,
1949 Settings.Global.DNS_RESOLVER_MAX_SAMPLES, DNS_RESOLVER_DEFAULT_MAX_SAMPLES);
1950 if (minSamples < 0 || minSamples > maxSamples || maxSamples > 64) {
1951 Slog.w(TAG, "Invalid sample count (min, max)=(" + minSamples + ", " + maxSamples +
1952 "), using default=(" + DNS_RESOLVER_DEFAULT_MIN_SAMPLES + ", " +
1953 DNS_RESOLVER_DEFAULT_MAX_SAMPLES + ")");
1954 minSamples = DNS_RESOLVER_DEFAULT_MIN_SAMPLES;
1955 maxSamples = DNS_RESOLVER_DEFAULT_MAX_SAMPLES;
1956 }
1957
1958 final String[] domainStrs = domains == null ? new String[0] : domains.split(" ");
1959 final int[] params = { sampleValidity, successThreshold, minSamples, maxSamples };
1960 try {
1961 mNetdService.setResolverConfiguration(netId, servers, domainStrs, params);
1962 } catch (RemoteException e) {
1963 throw new RuntimeException(e);
1964 }
1965 }
1966
1967 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1968 public void addVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1969 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1970 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1971 argv[0] = "users";
1972 argv[1] = "add";
1973 argv[2] = netId;
1974 int argc = 3;
1975 // Avoid overly long commands by limiting number of UID ranges per command.
1976 for (int i = 0; i < ranges.length; i++) {
1977 argv[argc++] = ranges[i].toString();
1978 if (i == (ranges.length - 1) || argc == argv.length) {
1979 try {
1980 mConnector.execute("network", Arrays.copyOf(argv, argc));
1981 } catch (NativeDaemonConnectorException e) {
1982 throw e.rethrowAsParcelableException();
1983 }
1984 argc = 3;
1985 }
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1986 }
1987 }
1988
1989 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1990 public void removeVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1991 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1992 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1993 argv[0] = "users";
1994 argv[1] = "remove";
1995 argv[2] = netId;
1996 int argc = 3;
1997 // Avoid overly long commands by limiting number of UID ranges per command.
1998 for (int i = 0; i < ranges.length; i++) {
1999 argv[argc++] = ranges[i].toString();
2000 if (i == (ranges.length - 1) || argc == argv.length) {
2001 try {
2002 mConnector.execute("network", Arrays.copyOf(argv, argc));
2003 } catch (NativeDaemonConnectorException e) {
2004 throw e.rethrowAsParcelableException();
2005 }
2006 argc = 3;
2007 }
Chad Brubakercca54c42013-06-27 17:41:38 -0700[diff] [blame]2008 }
2009 }
2010
2011 @Override
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2012 public void setFirewallEnabled(boolean enabled) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2013 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2014 try {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2015 mConnector.execute("firewall", "enable", enabled ? "whitelist" : "blacklist");
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2016 mFirewallEnabled = enabled;
2017 } catch (NativeDaemonConnectorException e) {
2018 throw e.rethrowAsParcelableException();
2019 }
2020 }
2021
2022 @Override
2023 public boolean isFirewallEnabled() {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2024 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2025 return mFirewallEnabled;
2026 }
2027
2028 @Override
Jeff Sharkey2c092982012-08-24 11:44:40 -0700[diff] [blame]2029 public void setFirewallInterfaceRule(String iface, boolean allow) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2030 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2031 Preconditions.checkState(mFirewallEnabled);
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2032 final String rule = allow ? "allow" : "deny";
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2033 try {
2034 mConnector.execute("firewall", "set_interface_rule", iface, rule);
2035 } catch (NativeDaemonConnectorException e) {
2036 throw e.rethrowAsParcelableException();
2037 }
2038 }
2039
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2040 private void closeSocketsForFirewallChainLocked(int chain, String chainName) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2041 // UID ranges to close sockets on.
2042 UidRange[] ranges;
2043 // UID ranges whose sockets we won't touch.
2044 int[] exemptUids;
2045
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2046 int numUids = 0;
2047
2048 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2049 // Close all sockets on all non-system UIDs...
2050 ranges = new UidRange[] {
2051 // TODO: is there a better way of finding all existing users? If so, we could
2052 // specify their ranges here.
2053 new UidRange(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE),
2054 };
2055 // ... except for the UIDs that have allow rules.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2056 synchronized (mRulesLock) {
2057 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2058 exemptUids = new int[rules.size()];
2059 for (int i = 0; i < exemptUids.length; i++) {
2060 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2061 exemptUids[numUids] = rules.keyAt(i);
2062 numUids++;
2063 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2064 }
2065 }
2066 // Normally, whitelist chains only contain deny rules, so numUids == exemptUids.length.
2067 // But the code does not guarantee this in any way, and at least in one case - if we add
2068 // a UID rule to the firewall, and then disable the firewall - the chains can contain
2069 // the wrong type of rule. In this case, don't close connections that we shouldn't.
2070 //
2071 // TODO: tighten up this code by ensuring we never set the wrong type of rule, and
2072 // fix setFirewallEnabled to grab mQuotaLock and clear rules.
2073 if (numUids != exemptUids.length) {
2074 exemptUids = Arrays.copyOf(exemptUids, numUids);
2075 }
2076 } else {
2077 // Close sockets for every UID that has a deny rule...
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2078 synchronized (mRulesLock) {
2079 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2080 ranges = new UidRange[rules.size()];
2081 for (int i = 0; i < ranges.length; i++) {
2082 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2083 int uid = rules.keyAt(i);
2084 ranges[numUids] = new UidRange(uid, uid);
2085 numUids++;
2086 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2087 }
2088 }
2089 // As above; usually numUids == ranges.length, but not always.
2090 if (numUids != ranges.length) {
2091 ranges = Arrays.copyOf(ranges, numUids);
2092 }
2093 // ... with no exceptions.
2094 exemptUids = new int[0];
2095 }
2096
2097 try {
2098 mNetdService.socketDestroy(ranges, exemptUids);
2099 } catch(RemoteException | ServiceSpecificException e) {
2100 Slog.e(TAG, "Error closing sockets after enabling chain " + chainName + ": " + e);
2101 }
2102 }
2103
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2104 @Override
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2105 public void setFirewallChainEnabled(int chain, boolean enable) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2106 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2107 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2108 synchronized (mRulesLock) {
2109 if (getFirewallChainState(chain) == enable) {
2110 // All is the same, nothing to do. This relies on the fact that netd has child
2111 // chains default detached.
2112 return;
2113 }
2114 setFirewallChainState(chain, enable);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2115 }
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2116
2117 final String operation = enable ? "enable_chain" : "disable_chain";
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2118 final String chainName;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2119 switch(chain) {
2120 case FIREWALL_CHAIN_STANDBY:
2121 chainName = FIREWALL_CHAIN_NAME_STANDBY;
2122 break;
2123 case FIREWALL_CHAIN_DOZABLE:
2124 chainName = FIREWALL_CHAIN_NAME_DOZABLE;
2125 break;
2126 case FIREWALL_CHAIN_POWERSAVE:
2127 chainName = FIREWALL_CHAIN_NAME_POWERSAVE;
2128 break;
2129 default:
2130 throw new IllegalArgumentException("Bad child chain: " + chain);
2131 }
2132
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2133 try {
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2134 mConnector.execute("firewall", operation, chainName);
2135 } catch (NativeDaemonConnectorException e) {
2136 throw e.rethrowAsParcelableException();
2137 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2138
2139 // Close any sockets that were opened by the affected UIDs. This has to be done after
2140 // disabling network connectivity, in case they react to the socket close by reopening
2141 // the connection and race with the iptables commands that enable the firewall. All
2142 // whitelist and blacklist chains allow RSTs through.
2143 if (enable) {
2144 if (DBG) Slog.d(TAG, "Closing sockets after enabling chain " + chainName);
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2145 closeSocketsForFirewallChainLocked(chain, chainName);
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2146 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2147 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2148 }
2149
2150 private int getFirewallType(int chain) {
2151 switch (chain) {
2152 case FIREWALL_CHAIN_STANDBY:
2153 return FIREWALL_TYPE_BLACKLIST;
2154 case FIREWALL_CHAIN_DOZABLE:
2155 return FIREWALL_TYPE_WHITELIST;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2156 case FIREWALL_CHAIN_POWERSAVE:
2157 return FIREWALL_TYPE_WHITELIST;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2158 default:
2159 return isFirewallEnabled() ? FIREWALL_TYPE_WHITELIST : FIREWALL_TYPE_BLACKLIST;
2160 }
2161 }
2162
2163 @Override
2164 public void setFirewallUidRules(int chain, int[] uids, int[] rules) {
2165 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2166 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2167 synchronized (mRulesLock) {
2168 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
2169 SparseIntArray newRules = new SparseIntArray();
2170 // apply new set of rules
2171 for (int index = uids.length - 1; index >= 0; --index) {
2172 int uid = uids[index];
2173 int rule = rules[index];
2174 updateFirewallUidRuleLocked(chain, uid, rule);
2175 newRules.put(uid, rule);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2176 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2177 // collect the rules to remove.
2178 SparseIntArray rulesToRemove = new SparseIntArray();
2179 for (int index = uidFirewallRules.size() - 1; index >= 0; --index) {
2180 int uid = uidFirewallRules.keyAt(index);
2181 if (newRules.indexOfKey(uid) < 0) {
2182 rulesToRemove.put(uid, FIREWALL_RULE_DEFAULT);
2183 }
2184 }
2185 // remove dead rules
2186 for (int index = rulesToRemove.size() - 1; index >= 0; --index) {
2187 int uid = rulesToRemove.keyAt(index);
2188 updateFirewallUidRuleLocked(chain, uid, FIREWALL_RULE_DEFAULT);
2189 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2190 }
2191 try {
2192 switch (chain) {
2193 case FIREWALL_CHAIN_DOZABLE:
2194 mNetdService.firewallReplaceUidChain("fw_dozable", true, uids);
2195 break;
2196 case FIREWALL_CHAIN_STANDBY:
2197 mNetdService.firewallReplaceUidChain("fw_standby", false, uids);
2198 break;
2199 case FIREWALL_CHAIN_POWERSAVE:
2200 mNetdService.firewallReplaceUidChain("fw_powersave", true, uids);
2201 break;
2202 case FIREWALL_CHAIN_NONE:
2203 default:
2204 Slog.d(TAG, "setFirewallUidRules() called on invalid chain: " + chain);
2205 }
2206 } catch (RemoteException e) {
2207 Slog.w(TAG, "Error flushing firewall chain " + chain, e);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2208 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2209 }
2210 }
2211
2212 @Override
2213 public void setFirewallUidRule(int chain, int uid, int rule) {
2214 enforceSystemUid();
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2215 synchronized (mQuotaLock) {
2216 setFirewallUidRuleLocked(chain, uid, rule);
2217 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2218 }
2219
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2220 private void setFirewallUidRuleLocked(int chain, int uid, int rule) {
2221 if (updateFirewallUidRuleLocked(chain, uid, rule)) {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2222 try {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2223 mConnector.execute("firewall", "set_uid_rule", getFirewallChainName(chain), uid,
2224 getFirewallRuleName(chain, rule));
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2225 } catch (NativeDaemonConnectorException e) {
2226 throw e.rethrowAsParcelableException();
2227 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2228 }
2229 }
2230
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2231 // TODO: now that netd supports batching, NMS should not keep these data structures anymore...
2232 private boolean updateFirewallUidRuleLocked(int chain, int uid, int rule) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2233 synchronized (mRulesLock) {
2234 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2235
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2236 final int oldUidFirewallRule = uidFirewallRules.get(uid, FIREWALL_RULE_DEFAULT);
2237 if (DBG) {
2238 Slog.d(TAG, "oldRule = " + oldUidFirewallRule
2239 + ", newRule=" + rule + " for uid=" + uid + " on chain " + chain);
2240 }
2241 if (oldUidFirewallRule == rule) {
2242 if (DBG) Slog.d(TAG, "!!!!! Skipping change");
2243 // TODO: eventually consider throwing
2244 return false;
2245 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2246
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2247 String ruleName = getFirewallRuleName(chain, rule);
2248 String oldRuleName = getFirewallRuleName(chain, oldUidFirewallRule);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2249
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2250 if (rule == NetworkPolicyManager.FIREWALL_RULE_DEFAULT) {
2251 uidFirewallRules.delete(uid);
2252 } else {
2253 uidFirewallRules.put(uid, rule);
2254 }
2255 return !ruleName.equals(oldRuleName);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2256 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2257 }
2258
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2259 private @NonNull String getFirewallRuleName(int chain, int rule) {
2260 String ruleName;
2261 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2262 if (rule == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2263 ruleName = "allow";
2264 } else {
2265 ruleName = "deny";
2266 }
2267 } else { // Blacklist mode
2268 if (rule == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2269 ruleName = "deny";
2270 } else {
2271 ruleName = "allow";
2272 }
2273 }
2274 return ruleName;
2275 }
2276
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2277 private @NonNull SparseIntArray getUidFirewallRulesLR(int chain) {
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2278 switch (chain) {
2279 case FIREWALL_CHAIN_STANDBY:
2280 return mUidFirewallStandbyRules;
2281 case FIREWALL_CHAIN_DOZABLE:
2282 return mUidFirewallDozableRules;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2283 case FIREWALL_CHAIN_POWERSAVE:
2284 return mUidFirewallPowerSaveRules;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2285 case FIREWALL_CHAIN_NONE:
2286 return mUidFirewallRules;
2287 default:
2288 throw new IllegalArgumentException("Unknown chain:" + chain);
2289 }
2290 }
2291
2292 public @NonNull String getFirewallChainName(int chain) {
2293 switch (chain) {
2294 case FIREWALL_CHAIN_STANDBY:
2295 return FIREWALL_CHAIN_NAME_STANDBY;
2296 case FIREWALL_CHAIN_DOZABLE:
2297 return FIREWALL_CHAIN_NAME_DOZABLE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2298 case FIREWALL_CHAIN_POWERSAVE:
2299 return FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2300 case FIREWALL_CHAIN_NONE:
2301 return FIREWALL_CHAIN_NAME_NONE;
2302 default:
2303 throw new IllegalArgumentException("Unknown chain:" + chain);
2304 }
2305 }
2306
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2307 private static void enforceSystemUid() {
2308 final int uid = Binder.getCallingUid();
2309 if (uid != Process.SYSTEM_UID) {
2310 throw new SecurityException("Only available to AID_SYSTEM");
2311 }
2312 }
2313
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2314 @Override
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2315 public void startClatd(String interfaceName) throws IllegalStateException {
2316 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2317
2318 try {
2319 mConnector.execute("clatd", "start", interfaceName);
2320 } catch (NativeDaemonConnectorException e) {
2321 throw e.rethrowAsParcelableException();
2322 }
2323 }
2324
2325 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2326 public void stopClatd(String interfaceName) throws IllegalStateException {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2327 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2328
2329 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2330 mConnector.execute("clatd", "stop", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2331 } catch (NativeDaemonConnectorException e) {
2332 throw e.rethrowAsParcelableException();
2333 }
2334 }
2335
2336 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2337 public boolean isClatdStarted(String interfaceName) {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2338 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2339
2340 final NativeDaemonEvent event;
2341 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2342 event = mConnector.execute("clatd", "status", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2343 } catch (NativeDaemonConnectorException e) {
2344 throw e.rethrowAsParcelableException();
2345 }
2346
2347 event.checkCode(ClatdStatusResult);
2348 return event.getMessage().endsWith("started");
2349 }
2350
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2351 @Override
2352 public void registerNetworkActivityListener(INetworkActivityListener listener) {
2353 mNetworkActivityListeners.register(listener);
2354 }
2355
2356 @Override
2357 public void unregisterNetworkActivityListener(INetworkActivityListener listener) {
2358 mNetworkActivityListeners.unregister(listener);
2359 }
2360
2361 @Override
2362 public boolean isNetworkActive() {
2363 synchronized (mNetworkActivityListeners) {
2364 return mNetworkActive || mActiveIdleTimers.isEmpty();
2365 }
2366 }
2367
2368 private void reportNetworkActive() {
2369 final int length = mNetworkActivityListeners.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2370 try {
2371 for (int i = 0; i < length; i++) {
2372 try {
2373 mNetworkActivityListeners.getBroadcastItem(i).onNetworkActive();
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]2374 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2375 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2376 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2377 } finally {
2378 mNetworkActivityListeners.finishBroadcast();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2379 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2380 }
2381
Mattias Falk8b47b362011-08-23 14:15:13 +0200[diff] [blame]2382 /** {@inheritDoc} */
Jeff Sharkey7b4596f2013-02-25 10:55:29 -0800[diff] [blame]2383 @Override
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]2384 public void monitor() {
2385 if (mConnector != null) {
2386 mConnector.monitor();
2387 }
2388 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2389
2390 @Override
2391 protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]2392 if (!DumpUtils.checkDumpPermission(mContext, TAG, pw)) return;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2393
Robert Greenwalt470fd722012-01-18 12:51:15 -0800[diff] [blame]2394 pw.println("NetworkManagementService NativeDaemonConnector Log:");
2395 mConnector.dump(fd, pw, args);
2396 pw.println();
2397
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2398 pw.print("Bandwidth control enabled: "); pw.println(mBandwidthControlEnabled);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]2399 pw.print("mMobileActivityFromRadio="); pw.print(mMobileActivityFromRadio);
2400 pw.print(" mLastPowerStateFromRadio="); pw.println(mLastPowerStateFromRadio);
2401 pw.print("mNetworkActive="); pw.println(mNetworkActive);
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2402
2403 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]2404 pw.print("Active quota ifaces: "); pw.println(mActiveQuotas.toString());
2405 pw.print("Active alert ifaces: "); pw.println(mActiveAlerts.toString());
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2406 pw.print("Data saver mode: "); pw.println(mDataSaverMode);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2407 synchronized (mRulesLock) {
2408 dumpUidRuleOnQuotaLocked(pw, "blacklist", mUidRejectOnMetered);
2409 dumpUidRuleOnQuotaLocked(pw, "whitelist", mUidAllowOnMetered);
2410 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2411 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2412
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2413 synchronized (mRulesLock) {
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2414 dumpUidFirewallRule(pw, "", mUidFirewallRules);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2415
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2416 pw.print("UID firewall standby chain enabled: "); pw.println(
2417 getFirewallChainState(FIREWALL_CHAIN_STANDBY));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2418 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_STANDBY, mUidFirewallStandbyRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2419
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2420 pw.print("UID firewall dozable chain enabled: "); pw.println(
2421 getFirewallChainState(FIREWALL_CHAIN_DOZABLE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2422 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_DOZABLE, mUidFirewallDozableRules);
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2423
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2424 pw.println("UID firewall powersave chain enabled: " +
2425 getFirewallChainState(FIREWALL_CHAIN_POWERSAVE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2426 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_POWERSAVE, mUidFirewallPowerSaveRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2427 }
2428
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2429 synchronized (mIdleTimerLock) {
2430 pw.println("Idle timers:");
2431 for (HashMap.Entry<String, IdleTimerParams> ent : mActiveIdleTimers.entrySet()) {
2432 pw.print(" "); pw.print(ent.getKey()); pw.println(":");
2433 IdleTimerParams params = ent.getValue();
2434 pw.print(" timeout="); pw.print(params.timeout);
2435 pw.print(" type="); pw.print(params.type);
2436 pw.print(" networkCount="); pw.println(params.networkCount);
2437 }
2438 }
2439
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2440 pw.print("Firewall enabled: "); pw.println(mFirewallEnabled);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2441 pw.print("Netd service status: " );
2442 if (mNetdService == null) {
2443 pw.println("disconnected");
2444 } else {
2445 try {
2446 final boolean alive = mNetdService.isAlive();
2447 pw.println(alive ? "alive": "dead");
2448 } catch (RemoteException e) {
2449 pw.println("unreachable");
2450 }
2451 }
2452 }
2453
2454 private void dumpUidRuleOnQuotaLocked(PrintWriter pw, String name, SparseBooleanArray list) {
2455 pw.print("UID bandwith control ");
2456 pw.print(name);
2457 pw.print(" rule: [");
2458 final int size = list.size();
2459 for (int i = 0; i < size; i++) {
2460 pw.print(list.keyAt(i));
2461 if (i < size - 1) pw.print(",");
2462 }
2463 pw.println("]");
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2464 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2465
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2466 private void dumpUidFirewallRule(PrintWriter pw, String name, SparseIntArray rules) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2467 pw.print("UID firewall ");
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2468 pw.print(name);
2469 pw.print(" rule: [");
2470 final int size = rules.size();
2471 for (int i = 0; i < size; i++) {
2472 pw.print(rules.keyAt(i));
2473 pw.print(":");
2474 pw.print(rules.valueAt(i));
2475 if (i < size - 1) pw.print(",");
2476 }
2477 pw.println("]");
2478 }
2479
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2480 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2481 public void createPhysicalNetwork(int netId, String permission) {
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2482 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2483
2484 try {
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2485 if (permission != null) {
2486 mConnector.execute("network", "create", netId, permission);
2487 } else {
2488 mConnector.execute("network", "create", netId);
2489 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2490 } catch (NativeDaemonConnectorException e) {
2491 throw e.rethrowAsParcelableException();
2492 }
2493 }
2494
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2495 @Override
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2496 public void createVirtualNetwork(int netId, boolean hasDNS, boolean secure) {
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2497 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2498
2499 try {
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2500 mConnector.execute("network", "create", netId, "vpn", hasDNS ? "1" : "0",
2501 secure ? "1" : "0");
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2502 } catch (NativeDaemonConnectorException e) {
2503 throw e.rethrowAsParcelableException();
2504 }
2505 }
2506
2507 @Override
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2508 public void removeNetwork(int netId) {
2509 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2510
2511 try {
2512 mConnector.execute("network", "destroy", netId);
2513 } catch (NativeDaemonConnectorException e) {
2514 throw e.rethrowAsParcelableException();
2515 }
2516 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2517
2518 @Override
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2519 public void addInterfaceToNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2520 modifyInterfaceInNetwork("add", "" + netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2521 }
2522
2523 @Override
2524 public void removeInterfaceFromNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2525 modifyInterfaceInNetwork("remove", "" + netId, iface);
2526 }
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2527
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2528 private void modifyInterfaceInNetwork(String action, String netId, String iface) {
2529 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2530 try {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2531 mConnector.execute("network", "interface", action, netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2532 } catch (NativeDaemonConnectorException e) {
2533 throw e.rethrowAsParcelableException();
2534 }
2535 }
2536
2537 @Override
Robert Greenwalt913c8952014-04-07 17:36:35 -0700[diff] [blame]2538 public void addLegacyRouteForNetId(int netId, RouteInfo routeInfo, int uid) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2539 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2540
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]2541 final Command cmd = new Command("network", "route", "legacy", uid, "add", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2542
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2543 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandrancc91c7b2014-06-03 18:41:43 -0700[diff] [blame]2544 final LinkAddress la = routeInfo.getDestinationLinkAddress();
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2545 cmd.appendArg(routeInfo.getInterface());
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]2546 cmd.appendArg(la.getAddress().getHostAddress() + "/" + la.getPrefixLength());
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2547 if (routeInfo.hasGateway()) {
2548 cmd.appendArg(routeInfo.getGateway().getHostAddress());
2549 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2550
2551 try {
2552 mConnector.execute(cmd);
2553 } catch (NativeDaemonConnectorException e) {
2554 throw e.rethrowAsParcelableException();
2555 }
2556 }
2557
2558 @Override
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2559 public void setDefaultNetId(int netId) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2560 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2561
2562 try {
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2563 mConnector.execute("network", "default", "set", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2564 } catch (NativeDaemonConnectorException e) {
2565 throw e.rethrowAsParcelableException();
2566 }
2567 }
2568
2569 @Override
2570 public void clearDefaultNetId() {
2571 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2572
2573 try {
2574 mConnector.execute("network", "default", "clear");
2575 } catch (NativeDaemonConnectorException e) {
2576 throw e.rethrowAsParcelableException();
2577 }
2578 }
2579
2580 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2581 public void setNetworkPermission(int netId, String permission) {
2582 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2583
2584 try {
2585 if (permission != null) {
2586 mConnector.execute("network", "permission", "network", "set", permission, netId);
2587 } else {
2588 mConnector.execute("network", "permission", "network", "clear", netId);
2589 }
2590 } catch (NativeDaemonConnectorException e) {
2591 throw e.rethrowAsParcelableException();
2592 }
2593 }
2594
2595
2596 @Override
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2597 public void setPermission(String permission, int[] uids) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2598 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2599
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2600 Object[] argv = new Object[4 + MAX_UID_RANGES_PER_COMMAND];
2601 argv[0] = "permission";
2602 argv[1] = "user";
2603 argv[2] = "set";
2604 argv[3] = permission;
2605 int argc = 4;
2606 // Avoid overly long commands by limiting number of UIDs per command.
2607 for (int i = 0; i < uids.length; ++i) {
2608 argv[argc++] = uids[i];
2609 if (i == uids.length - 1 || argc == argv.length) {
2610 try {
2611 mConnector.execute("network", Arrays.copyOf(argv, argc));
2612 } catch (NativeDaemonConnectorException e) {
2613 throw e.rethrowAsParcelableException();
2614 }
2615 argc = 4;
2616 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2617 }
2618 }
2619
2620 @Override
2621 public void clearPermission(int[] uids) {
2622 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2623
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2624 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
2625 argv[0] = "permission";
2626 argv[1] = "user";
2627 argv[2] = "clear";
2628 int argc = 3;
2629 // Avoid overly long commands by limiting number of UIDs per command.
2630 for (int i = 0; i < uids.length; ++i) {
2631 argv[argc++] = uids[i];
2632 if (i == uids.length - 1 || argc == argv.length) {
2633 try {
2634 mConnector.execute("network", Arrays.copyOf(argv, argc));
2635 } catch (NativeDaemonConnectorException e) {
2636 throw e.rethrowAsParcelableException();
2637 }
2638 argc = 3;
2639 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2640 }
2641 }
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2642
2643 @Override
2644 public void allowProtect(int uid) {
2645 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2646
2647 try {
2648 mConnector.execute("network", "protect", "allow", uid);
2649 } catch (NativeDaemonConnectorException e) {
2650 throw e.rethrowAsParcelableException();
2651 }
2652 }
2653
2654 @Override
2655 public void denyProtect(int uid) {
2656 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2657
2658 try {
2659 mConnector.execute("network", "protect", "deny", uid);
2660 } catch (NativeDaemonConnectorException e) {
2661 throw e.rethrowAsParcelableException();
2662 }
2663 }
2664
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2665 @Override
2666 public void addInterfaceToLocalNetwork(String iface, List<RouteInfo> routes) {
2667 modifyInterfaceInNetwork("add", "local", iface);
2668
2669 for (RouteInfo route : routes) {
2670 if (!route.isDefaultRoute()) {
2671 modifyRoute("add", "local", route);
2672 }
2673 }
2674 }
2675
2676 @Override
2677 public void removeInterfaceFromLocalNetwork(String iface) {
2678 modifyInterfaceInNetwork("remove", "local", iface);
2679 }
Erik Kline6599ee82016-07-17 21:28:39 +0900[diff] [blame]2680
2681 @Override
2682 public int removeRoutesFromLocalNetwork(List<RouteInfo> routes) {
2683 int failures = 0;
2684
2685 for (RouteInfo route : routes) {
2686 try {
2687 modifyRoute("remove", "local", route);
2688 } catch (IllegalStateException e) {
2689 failures++;
2690 }
2691 }
2692
2693 return failures;
2694 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2695
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2696 @Override
2697 public boolean isNetworkRestricted(int uid) {
2698 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2699 return isNetworkRestrictedInternal(uid);
2700 }
2701
2702 private boolean isNetworkRestrictedInternal(int uid) {
2703 synchronized (mRulesLock) {
2704 if (getFirewallChainState(FIREWALL_CHAIN_STANDBY)
2705 && mUidFirewallStandbyRules.get(uid) == FIREWALL_RULE_DENY) {
2706 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of app standby mode");
2707 return true;
2708 }
2709 if (getFirewallChainState(FIREWALL_CHAIN_DOZABLE)
2710 && mUidFirewallDozableRules.get(uid) != FIREWALL_RULE_ALLOW) {
2711 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of device idle mode");
2712 return true;
2713 }
2714 if (getFirewallChainState(FIREWALL_CHAIN_POWERSAVE)
2715 && mUidFirewallPowerSaveRules.get(uid) != FIREWALL_RULE_ALLOW) {
2716 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of power saver mode");
2717 return true;
2718 }
2719 if (mUidRejectOnMetered.get(uid)) {
2720 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of no metered data"
2721 + " in the background");
2722 return true;
2723 }
2724 if (mDataSaverMode && !mUidAllowOnMetered.get(uid)) {
2725 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of data saver mode");
2726 return true;
2727 }
2728 return false;
2729 }
2730 }
2731
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2732 private void setFirewallChainState(int chain, boolean state) {
2733 synchronized (mRulesLock) {
2734 mFirewallChainStates.put(chain, state);
2735 }
2736 }
2737
2738 private boolean getFirewallChainState(int chain) {
2739 synchronized (mRulesLock) {
2740 return mFirewallChainStates.get(chain);
2741 }
2742 }
2743
2744 @VisibleForTesting
2745 class LocalService extends NetworkManagementInternal {
2746 @Override
2747 public boolean isNetworkRestrictedForUid(int uid) {
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2748 return isNetworkRestrictedInternal(uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2749 }
2750 }
2751
2752 @VisibleForTesting
2753 Injector getInjector() {
2754 return new Injector();
2755 }
2756
2757 @VisibleForTesting
2758 class Injector {
2759 void setDataSaverMode(boolean dataSaverMode) {
2760 mDataSaverMode = dataSaverMode;
2761 }
2762
2763 void setFirewallChainState(int chain, boolean state) {
2764 NetworkManagementService.this.setFirewallChainState(chain, state);
2765 }
2766
2767 void setFirewallRule(int chain, int uid, int rule) {
2768 synchronized (mRulesLock) {
2769 getUidFirewallRulesLR(chain).put(uid, rule);
2770 }
2771 }
2772
2773 void setUidOnMeteredNetworkList(boolean blacklist, int uid, boolean enable) {
2774 synchronized (mRulesLock) {
2775 if (blacklist) {
2776 mUidRejectOnMetered.put(uid, enable);
2777 } else {
2778 mUidAllowOnMetered.put(uid, enable);
2779 }
2780 }
2781 }
2782
2783 void reset() {
2784 synchronized (mRulesLock) {
2785 setDataSaverMode(false);
2786 final int[] chains = {
2787 FIREWALL_CHAIN_DOZABLE,
2788 FIREWALL_CHAIN_STANDBY,
2789 FIREWALL_CHAIN_POWERSAVE
2790 };
2791 for (int chain : chains) {
2792 setFirewallChainState(chain, false);
2793 getUidFirewallRulesLR(chain).clear();
2794 }
2795 mUidAllowOnMetered.clear();
2796 mUidRejectOnMetered.clear();
2797 }
2798 }
2799 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]2800}