San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2007 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.server; |
| 18 | |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 19 | import static android.Manifest.permission.CONNECTIVITY_INTERNAL; |
Jeff Sharkey | 47eb102 | 2011-08-25 17:48:52 -0700 | [diff] [blame] | 20 | import static android.Manifest.permission.DUMP; |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 21 | import static android.Manifest.permission.NETWORK_STACK; |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 22 | import static android.Manifest.permission.SHUTDOWN; |
Erik Kline | 4d09223 | 2017-10-30 15:29:44 +0900 | [diff] [blame] | 23 | import static android.net.ConnectivityManager.PRIVATE_DNS_DEFAULT_MODE; |
| 24 | import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_OPPORTUNISTIC; |
| 25 | import static android.net.ConnectivityManager.PRIVATE_DNS_MODE_PROVIDER_HOSTNAME; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 26 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE; |
| 27 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE; |
| 28 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE; |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 29 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_POWERSAVE; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 30 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_STANDBY; |
| 31 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NONE; |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 32 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_POWERSAVE; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 33 | import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_STANDBY; |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 34 | import static android.net.NetworkPolicyManager.FIREWALL_RULE_ALLOW; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 35 | import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT; |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 36 | import static android.net.NetworkPolicyManager.FIREWALL_RULE_DENY; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 37 | import static android.net.NetworkPolicyManager.FIREWALL_TYPE_BLACKLIST; |
| 38 | import static android.net.NetworkPolicyManager.FIREWALL_TYPE_WHITELIST; |
Jeff Sharkey | b5d55e3 | 2011-08-10 17:53:27 -0700 | [diff] [blame] | 39 | import static android.net.NetworkStats.SET_DEFAULT; |
Lorenzo Colitti | 5356a35 | 2017-08-17 19:23:08 +0900 | [diff] [blame] | 40 | import static android.net.NetworkStats.STATS_PER_UID; |
Dianne Hackborn | d0c5b9a | 2014-02-21 16:19:05 -0800 | [diff] [blame] | 41 | import static android.net.NetworkStats.TAG_ALL; |
Jeff Sharkey | 1b5a2a9 | 2011-06-18 18:34:16 -0700 | [diff] [blame] | 42 | import static android.net.NetworkStats.TAG_NONE; |
| 43 | import static android.net.NetworkStats.UID_ALL; |
Jeff Sharkey | ae2c181 | 2011-10-04 13:11:40 -0700 | [diff] [blame] | 44 | import static android.net.TrafficStats.UID_TETHERING; |
Lorenzo Colitti | 7975184 | 2013-02-28 16:16:03 +0900 | [diff] [blame] | 45 | import static com.android.server.NetworkManagementService.NetdResponseCode.ClatdStatusResult; |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 46 | import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceGetCfgResult; |
| 47 | import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceListResult; |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 48 | import static com.android.server.NetworkManagementService.NetdResponseCode.IpFwdStatusResult; |
| 49 | import static com.android.server.NetworkManagementService.NetdResponseCode.TetherDnsFwdTgtListResult; |
| 50 | import static com.android.server.NetworkManagementService.NetdResponseCode.TetherInterfaceListResult; |
| 51 | import static com.android.server.NetworkManagementService.NetdResponseCode.TetherStatusResult; |
Jeff Sharkey | e4984be | 2013-09-10 21:03:27 -0700 | [diff] [blame] | 52 | import static com.android.server.NetworkManagementService.NetdResponseCode.TetheringStatsListResult; |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 53 | import static com.android.server.NetworkManagementService.NetdResponseCode.TtyListResult; |
Jeff Sharkey | a63ba59 | 2011-07-19 23:47:12 -0700 | [diff] [blame] | 54 | import static com.android.server.NetworkManagementSocketTagger.PROP_QTAGUID_ENABLED; |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 55 | |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 56 | import android.annotation.NonNull; |
Sudheer Shanka | dc589ac | 2016-11-10 15:30:17 -0800 | [diff] [blame] | 57 | import android.app.ActivityManager; |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 58 | import android.content.ContentResolver; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 59 | import android.content.Context; |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 60 | import android.net.ConnectivityManager; |
Lorenzo Colitti | 58967ba | 2016-02-02 17:21:21 +0900 | [diff] [blame] | 61 | import android.net.INetd; |
San Mehat | 4d02d00 | 2010-01-22 16:07:46 -0800 | [diff] [blame] | 62 | import android.net.INetworkManagementEventObserver; |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 63 | import android.net.ITetheringStatsProvider; |
Jeff Sharkey | eedcb95 | 2011-05-17 14:55:15 -0700 | [diff] [blame] | 64 | import android.net.InterfaceConfiguration; |
Lorenzo Colitti | c18cbfd | 2014-06-13 21:21:03 +0900 | [diff] [blame] | 65 | import android.net.IpPrefix; |
Robert Greenwalt | ed12640 | 2011-01-28 15:34:55 -0800 | [diff] [blame] | 66 | import android.net.LinkAddress; |
Lorenzo Colitti | b57edc5 | 2014-08-22 17:10:50 -0700 | [diff] [blame] | 67 | import android.net.Network; |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 68 | import android.net.NetworkPolicyManager; |
Jeff Sharkey | eedcb95 | 2011-05-17 14:55:15 -0700 | [diff] [blame] | 69 | import android.net.NetworkStats; |
Robert Greenwalt | ed12640 | 2011-01-28 15:34:55 -0800 | [diff] [blame] | 70 | import android.net.NetworkUtils; |
Robert Greenwalt | 59b1a4e | 2011-05-10 15:05:02 -0700 | [diff] [blame] | 71 | import android.net.RouteInfo; |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 72 | import android.net.UidRange; |
Lorenzo Colitti | 8c253ad | 2017-07-19 00:23:44 +0900 | [diff] [blame] | 73 | import android.net.util.NetdService; |
Irfan Sheriff | 9ab518ad | 2010-03-12 15:48:17 -0800 | [diff] [blame] | 74 | import android.net.wifi.WifiConfiguration; |
| 75 | import android.net.wifi.WifiConfiguration.KeyMgmt; |
Dianne Hackborn | 91268cf | 2013-06-13 19:06:50 -0700 | [diff] [blame] | 76 | import android.os.BatteryStats; |
Jeff Sharkey | f56e243 | 2012-09-06 17:54:29 -0700 | [diff] [blame] | 77 | import android.os.Binder; |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 78 | import android.os.Handler; |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 79 | import android.os.IBinder; |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 80 | import android.os.INetworkActivityListener; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 81 | import android.os.INetworkManagementService; |
Lorenzo Colitti | 563dc45 | 2017-09-01 17:12:34 +0900 | [diff] [blame] | 82 | import android.os.PersistableBundle; |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 83 | import android.os.PowerManager; |
Jeff Sharkey | f56e243 | 2012-09-06 17:54:29 -0700 | [diff] [blame] | 84 | import android.os.Process; |
Jeff Sharkey | 3df273e | 2011-12-15 15:47:12 -0800 | [diff] [blame] | 85 | import android.os.RemoteCallbackList; |
| 86 | import android.os.RemoteException; |
Jeff Sharkey | 7a1c3fc | 2013-06-04 12:29:00 -0700 | [diff] [blame] | 87 | import android.os.ServiceManager; |
Lorenzo Colitti | 4cb4240 | 2016-04-24 12:52:00 +0900 | [diff] [blame] | 88 | import android.os.ServiceSpecificException; |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 89 | import android.os.StrictMode; |
Jeff Sharkey | 9a13f36 | 2011-04-26 16:25:36 -0700 | [diff] [blame] | 90 | import android.os.SystemClock; |
Marco Nelissen | 62dbb22 | 2010-02-18 10:56:30 -0800 | [diff] [blame] | 91 | import android.os.SystemProperties; |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 92 | import android.os.Trace; |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 93 | import android.provider.Settings; |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 94 | import android.telephony.DataConnectionRealTimeInfo; |
| 95 | import android.telephony.PhoneStateListener; |
Wink Saville | fb40dd4 | 2014-06-12 17:02:31 -0700 | [diff] [blame] | 96 | import android.telephony.SubscriptionManager; |
Wink Saville | 67e0789 | 2014-06-18 16:43:14 -0700 | [diff] [blame] | 97 | import android.telephony.TelephonyManager; |
Erik Kline | 4d09223 | 2017-10-30 15:29:44 +0900 | [diff] [blame] | 98 | import android.text.TextUtils; |
Irfan Sheriff | 9ab518ad | 2010-03-12 15:48:17 -0800 | [diff] [blame] | 99 | import android.util.Log; |
Joe Onorato | 8a9b220 | 2010-02-26 18:56:32 -0800 | [diff] [blame] | 100 | import android.util.Slog; |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 101 | import android.util.SparseBooleanArray; |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 102 | import android.util.SparseIntArray; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 103 | |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 104 | import com.android.internal.annotations.GuardedBy; |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 105 | import com.android.internal.annotations.VisibleForTesting; |
Jeff Sharkey | 7a1c3fc | 2013-06-04 12:29:00 -0700 | [diff] [blame] | 106 | import com.android.internal.app.IBatteryStats; |
Jeff Sharkey | 1059c3c | 2011-10-04 16:54:49 -0700 | [diff] [blame] | 107 | import com.android.internal.net.NetworkStatsFactory; |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 108 | import com.android.internal.util.DumpUtils; |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 109 | import com.android.internal.util.HexDump; |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 110 | import com.android.internal.util.Preconditions; |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 111 | import com.android.server.NativeDaemonConnector.Command; |
Jeff Sharkey | 56cd646 | 2013-06-07 15:09:15 -0700 | [diff] [blame] | 112 | import com.android.server.NativeDaemonConnector.SensitiveArg; |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 113 | import com.google.android.collect.Maps; |
Jeff Sharkey | 4414cea | 2011-06-24 17:05:24 -0700 | [diff] [blame] | 114 | |
Robert Greenwalt | 59b1a4e | 2011-05-10 15:05:02 -0700 | [diff] [blame] | 115 | import java.io.BufferedReader; |
| 116 | import java.io.DataInputStream; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 117 | import java.io.File; |
Jeff Sharkey | 47eb102 | 2011-08-25 17:48:52 -0700 | [diff] [blame] | 118 | import java.io.FileDescriptor; |
Jeff Sharkey | 9a13f36 | 2011-04-26 16:25:36 -0700 | [diff] [blame] | 119 | import java.io.FileInputStream; |
Jeff Sharkey | 9a13f36 | 2011-04-26 16:25:36 -0700 | [diff] [blame] | 120 | import java.io.IOException; |
Jeff Sharkey | 9a13f36 | 2011-04-26 16:25:36 -0700 | [diff] [blame] | 121 | import java.io.InputStreamReader; |
Jeff Sharkey | 47eb102 | 2011-08-25 17:48:52 -0700 | [diff] [blame] | 122 | import java.io.PrintWriter; |
Jeff Sharkey | eedcb95 | 2011-05-17 14:55:15 -0700 | [diff] [blame] | 123 | import java.net.InetAddress; |
Robert Greenwalt | 3b28e9a | 2011-11-02 14:37:19 -0700 | [diff] [blame] | 124 | import java.net.InterfaceAddress; |
| 125 | import java.net.NetworkInterface; |
| 126 | import java.net.SocketException; |
Jeff Sharkey | eedcb95 | 2011-05-17 14:55:15 -0700 | [diff] [blame] | 127 | import java.util.ArrayList; |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 128 | import java.util.Arrays; |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 129 | import java.util.HashMap; |
jiaguo | 1da35f7 | 2014-01-09 16:39:59 +0800 | [diff] [blame] | 130 | import java.util.List; |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 131 | import java.util.Map; |
Jeff Sharkey | eedcb95 | 2011-05-17 14:55:15 -0700 | [diff] [blame] | 132 | import java.util.NoSuchElementException; |
| 133 | import java.util.StringTokenizer; |
Robert Greenwalt | e5c3afb | 2010-09-22 14:32:35 -0700 | [diff] [blame] | 134 | import java.util.concurrent.CountDownLatch; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 135 | |
| 136 | /** |
| 137 | * @hide |
| 138 | */ |
Jeff Sharkey | 8e9992a | 2011-08-23 18:37:23 -0700 | [diff] [blame] | 139 | public class NetworkManagementService extends INetworkManagementService.Stub |
| 140 | implements Watchdog.Monitor { |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 141 | |
| 142 | /** |
| 143 | * Helper class that encapsulates NetworkManagementService dependencies and makes them |
| 144 | * easier to mock in unit tests. |
| 145 | */ |
| 146 | static class SystemServices { |
| 147 | public IBinder getService(String name) { |
| 148 | return ServiceManager.getService(name); |
| 149 | } |
| 150 | public void registerLocalService(NetworkManagementInternal nmi) { |
| 151 | LocalServices.addService(NetworkManagementInternal.class, nmi); |
| 152 | } |
| 153 | public INetd getNetd() { |
| 154 | return NetdService.get(); |
| 155 | } |
| 156 | } |
| 157 | |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 158 | private static final String TAG = "NetworkManagement"; |
| 159 | private static final boolean DBG = Log.isLoggable(TAG, Log.DEBUG); |
Kenny Root | 305bcbf | 2010-09-03 07:56:38 -0700 | [diff] [blame] | 160 | private static final String NETD_TAG = "NetdConnector"; |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 161 | static final String NETD_SERVICE_NAME = "netd"; |
Kenny Root | 305bcbf | 2010-09-03 07:56:38 -0700 | [diff] [blame] | 162 | |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 163 | private static final int MAX_UID_RANGES_PER_COMMAND = 10; |
| 164 | |
Jeff Sharkey | 8e9992a | 2011-08-23 18:37:23 -0700 | [diff] [blame] | 165 | /** |
| 166 | * Name representing {@link #setGlobalAlert(long)} limit when delivered to |
| 167 | * {@link INetworkManagementEventObserver#limitReached(String, String)}. |
| 168 | */ |
| 169 | public static final String LIMIT_GLOBAL_ALERT = "globalAlert"; |
| 170 | |
Paul Jensen | 487ffe7 | 2015-07-24 15:57:11 -0400 | [diff] [blame] | 171 | /** |
| 172 | * String to pass to netd to indicate that a network is only accessible |
| 173 | * to apps that have the CHANGE_NETWORK_STATE permission. |
| 174 | */ |
| 175 | public static final String PERMISSION_NETWORK = "NETWORK"; |
| 176 | |
| 177 | /** |
| 178 | * String to pass to netd to indicate that a network is only |
| 179 | * accessible to system apps and those with the CONNECTIVITY_INTERNAL |
| 180 | * permission. |
| 181 | */ |
| 182 | public static final String PERMISSION_SYSTEM = "SYSTEM"; |
| 183 | |
Andrew Scull | 45f533c | 2017-05-19 15:37:20 +0100 | [diff] [blame] | 184 | static class NetdResponseCode { |
Sreeram Ramachandran | 03666c7 | 2014-07-19 23:21:46 -0700 | [diff] [blame] | 185 | /* Keep in sync with system/netd/server/ResponseCode.h */ |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 186 | public static final int InterfaceListResult = 110; |
| 187 | public static final int TetherInterfaceListResult = 111; |
| 188 | public static final int TetherDnsFwdTgtListResult = 112; |
San Mehat | 72759df | 2010-01-19 13:50:37 -0800 | [diff] [blame] | 189 | public static final int TtyListResult = 113; |
Jeff Sharkey | e4984be | 2013-09-10 21:03:27 -0700 | [diff] [blame] | 190 | public static final int TetheringStatsListResult = 114; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 191 | |
| 192 | public static final int TetherStatusResult = 210; |
| 193 | public static final int IpFwdStatusResult = 211; |
San Mehat | ed4fc8a | 2010-01-22 12:28:36 -0800 | [diff] [blame] | 194 | public static final int InterfaceGetCfgResult = 213; |
Robert Greenwalt | e325392 | 2010-02-18 09:23:25 -0800 | [diff] [blame] | 195 | public static final int SoftapStatusResult = 214; |
San Mehat | 91cac64 | 2010-03-31 14:31:36 -0700 | [diff] [blame] | 196 | public static final int InterfaceRxCounterResult = 216; |
| 197 | public static final int InterfaceTxCounterResult = 217; |
Jeff Sharkey | cdd02c5d | 2011-09-16 01:52:49 -0700 | [diff] [blame] | 198 | public static final int QuotaCounterResult = 220; |
| 199 | public static final int TetheringStatsResult = 221; |
Selim Gurun | 84c00c6 | 2012-02-27 15:42:38 -0800 | [diff] [blame] | 200 | public static final int DnsProxyQueryResult = 222; |
Lorenzo Colitti | 7975184 | 2013-02-28 16:16:03 +0900 | [diff] [blame] | 201 | public static final int ClatdStatusResult = 223; |
Robert Greenwalt | e325392 | 2010-02-18 09:23:25 -0800 | [diff] [blame] | 202 | |
| 203 | public static final int InterfaceChange = 600; |
JP Abgrall | 12b933d | 2011-07-14 18:09:22 -0700 | [diff] [blame] | 204 | public static final int BandwidthControl = 601; |
Haoyu Bai | 6b7358d | 2012-07-17 16:36:50 -0700 | [diff] [blame] | 205 | public static final int InterfaceClassActivity = 613; |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 206 | public static final int InterfaceAddressChange = 614; |
Lorenzo Colitti | 5ae4a53 | 2013-10-31 11:59:46 +0900 | [diff] [blame] | 207 | public static final int InterfaceDnsServerInfo = 615; |
Lorenzo Colitti | c18cbfd | 2014-06-13 21:21:03 +0900 | [diff] [blame] | 208 | public static final int RouteChange = 616; |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 209 | public static final int StrictCleartext = 617; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 210 | } |
| 211 | |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 212 | /* Defaults for resolver parameters. */ |
| 213 | public static final int DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS = 1800; |
| 214 | public static final int DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT = 25; |
| 215 | public static final int DNS_RESOLVER_DEFAULT_MIN_SAMPLES = 8; |
| 216 | public static final int DNS_RESOLVER_DEFAULT_MAX_SAMPLES = 64; |
| 217 | |
Rebecca Silberstein | e2ec94f | 2016-03-24 13:29:00 -0700 | [diff] [blame] | 218 | /** |
| 219 | * String indicating a softap command. |
| 220 | */ |
| 221 | static final String SOFT_AP_COMMAND = "softap"; |
| 222 | |
| 223 | /** |
| 224 | * String passed back to netd connector indicating softap command success. |
| 225 | */ |
| 226 | static final String SOFT_AP_COMMAND_SUCCESS = "Ok"; |
| 227 | |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 228 | static final int DAEMON_MSG_MOBILE_CONN_REAL_TIME_INFO = 1; |
| 229 | |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 230 | /** |
| 231 | * Binder context for this service |
| 232 | */ |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 233 | private final Context mContext; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 234 | |
| 235 | /** |
| 236 | * connector object for communicating with netd |
| 237 | */ |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 238 | private final NativeDaemonConnector mConnector; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 239 | |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 240 | private final Handler mFgHandler; |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 241 | private final Handler mDaemonHandler; |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 242 | |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 243 | private final SystemServices mServices; |
| 244 | |
Lorenzo Colitti | 58967ba | 2016-02-02 17:21:21 +0900 | [diff] [blame] | 245 | private INetd mNetdService; |
| 246 | |
Dianne Hackborn | e13c4c0 | 2014-02-11 17:18:35 -0800 | [diff] [blame] | 247 | private IBatteryStats mBatteryStats; |
| 248 | |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 249 | private final Thread mThread; |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 250 | private CountDownLatch mConnectedSignal = new CountDownLatch(1); |
Robert Greenwalt | e5c3afb | 2010-09-22 14:32:35 -0700 | [diff] [blame] | 251 | |
Jeff Sharkey | 3df273e | 2011-12-15 15:47:12 -0800 | [diff] [blame] | 252 | private final RemoteCallbackList<INetworkManagementEventObserver> mObservers = |
Christopher Wiley | 212b95f | 2016-08-02 11:38:57 -0700 | [diff] [blame] | 253 | new RemoteCallbackList<>(); |
San Mehat | 4d02d00 | 2010-01-22 16:07:46 -0800 | [diff] [blame] | 254 | |
Jeff Sharkey | 1059c3c | 2011-10-04 16:54:49 -0700 | [diff] [blame] | 255 | private final NetworkStatsFactory mStatsFactory = new NetworkStatsFactory(); |
| 256 | |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 257 | @GuardedBy("mTetheringStatsProviders") |
| 258 | private final HashMap<ITetheringStatsProvider, String> |
| 259 | mTetheringStatsProviders = Maps.newHashMap(); |
| 260 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 261 | /** |
| 262 | * If both locks need to be held, then they should be obtained in the order: |
| 263 | * first {@link #mQuotaLock} and then {@link #mRulesLock}. |
| 264 | */ |
Andrew Scull | 45f533c | 2017-05-19 15:37:20 +0100 | [diff] [blame] | 265 | private final Object mQuotaLock = new Object(); |
Andrew Scull | 519291f | 2017-05-23 13:11:03 +0100 | [diff] [blame] | 266 | private final Object mRulesLock = new Object(); |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 267 | |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 268 | /** Set of interfaces with active quotas. */ |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 269 | @GuardedBy("mQuotaLock") |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 270 | private HashMap<String, Long> mActiveQuotas = Maps.newHashMap(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 271 | /** Set of interfaces with active alerts. */ |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 272 | @GuardedBy("mQuotaLock") |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 273 | private HashMap<String, Long> mActiveAlerts = Maps.newHashMap(); |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 274 | /** Set of UIDs blacklisted on metered networks. */ |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 275 | @GuardedBy("mRulesLock") |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 276 | private SparseBooleanArray mUidRejectOnMetered = new SparseBooleanArray(); |
| 277 | /** Set of UIDs whitelisted on metered networks. */ |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 278 | @GuardedBy("mRulesLock") |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 279 | private SparseBooleanArray mUidAllowOnMetered = new SparseBooleanArray(); |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 280 | /** Set of UIDs with cleartext penalties. */ |
| 281 | @GuardedBy("mQuotaLock") |
| 282 | private SparseIntArray mUidCleartextPolicy = new SparseIntArray(); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 283 | /** Set of UIDs that are to be blocked/allowed by firewall controller. */ |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 284 | @GuardedBy("mRulesLock") |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 285 | private SparseIntArray mUidFirewallRules = new SparseIntArray(); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 286 | /** |
| 287 | * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches |
| 288 | * to application idles. |
| 289 | */ |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 290 | @GuardedBy("mRulesLock") |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 291 | private SparseIntArray mUidFirewallStandbyRules = new SparseIntArray(); |
| 292 | /** |
| 293 | * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches |
| 294 | * to device idles. |
| 295 | */ |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 296 | @GuardedBy("mRulesLock") |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 297 | private SparseIntArray mUidFirewallDozableRules = new SparseIntArray(); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 298 | /** |
| 299 | * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches |
| 300 | * to device on power-save mode. |
| 301 | */ |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 302 | @GuardedBy("mRulesLock") |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 303 | private SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray(); |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 304 | /** Set of states for the child firewall chains. True if the chain is active. */ |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 305 | @GuardedBy("mRulesLock") |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 306 | final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray(); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 307 | |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 308 | @GuardedBy("mQuotaLock") |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 309 | private volatile boolean mDataSaverMode; |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 310 | |
Andrew Scull | 45f533c | 2017-05-19 15:37:20 +0100 | [diff] [blame] | 311 | private final Object mIdleTimerLock = new Object(); |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 312 | /** Set of interfaces with active idle timers. */ |
| 313 | private static class IdleTimerParams { |
| 314 | public final int timeout; |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 315 | public final int type; |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 316 | public int networkCount; |
| 317 | |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 318 | IdleTimerParams(int timeout, int type) { |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 319 | this.timeout = timeout; |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 320 | this.type = type; |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 321 | this.networkCount = 1; |
| 322 | } |
| 323 | } |
| 324 | private HashMap<String, IdleTimerParams> mActiveIdleTimers = Maps.newHashMap(); |
| 325 | |
Jeff Sharkey | fa23c5a | 2011-08-09 21:44:24 -0700 | [diff] [blame] | 326 | private volatile boolean mBandwidthControlEnabled; |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 327 | private volatile boolean mFirewallEnabled; |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 328 | private volatile boolean mStrictEnabled; |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 329 | |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 330 | private boolean mMobileActivityFromRadio = false; |
| 331 | private int mLastPowerStateFromRadio = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW; |
Adam Lesinski | e08af19 | 2015-03-25 16:42:59 -0700 | [diff] [blame] | 332 | private int mLastPowerStateFromWifi = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW; |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 333 | |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 334 | private final RemoteCallbackList<INetworkActivityListener> mNetworkActivityListeners = |
Christopher Wiley | 212b95f | 2016-08-02 11:38:57 -0700 | [diff] [blame] | 335 | new RemoteCallbackList<>(); |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 336 | private boolean mNetworkActive; |
| 337 | |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 338 | /** |
| 339 | * Constructs a new NetworkManagementService instance |
| 340 | * |
| 341 | * @param context Binder context for this service |
| 342 | */ |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 343 | private NetworkManagementService( |
| 344 | Context context, String socket, SystemServices services) { |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 345 | mContext = context; |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 346 | mServices = services; |
San Mehat | 4d02d00 | 2010-01-22 16:07:46 -0800 | [diff] [blame] | 347 | |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 348 | // make sure this is on the same looper as our NativeDaemonConnector for sync purposes |
| 349 | mFgHandler = new Handler(FgThread.get().getLooper()); |
| 350 | |
Dianne Hackborn | 4590e52 | 2014-03-24 13:36:46 -0700 | [diff] [blame] | 351 | // Don't need this wake lock, since we now have a time stamp for when |
| 352 | // the network actually went inactive. (It might be nice to still do this, |
| 353 | // but I don't want to do it through the power manager because that pollutes the |
| 354 | // battery stats history with pointless noise.) |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 355 | //PowerManager pm = (PowerManager)context.getSystemService(Context.POWER_SERVICE); |
Dianne Hackborn | 4590e52 | 2014-03-24 13:36:46 -0700 | [diff] [blame] | 356 | PowerManager.WakeLock wl = null; //pm.newWakeLock(PowerManager.PARTIAL_WAKE_LOCK, NETD_TAG); |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 357 | |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 358 | mConnector = new NativeDaemonConnector( |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 359 | new NetdCallbackReceiver(), socket, 10, NETD_TAG, 160, wl, |
| 360 | FgThread.get().getLooper()); |
Robert Greenwalt | e5c3afb | 2010-09-22 14:32:35 -0700 | [diff] [blame] | 361 | mThread = new Thread(mConnector, NETD_TAG); |
Jeff Sharkey | fa23c5a | 2011-08-09 21:44:24 -0700 | [diff] [blame] | 362 | |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 363 | mDaemonHandler = new Handler(FgThread.get().getLooper()); |
Wink Saville | 67e0789 | 2014-06-18 16:43:14 -0700 | [diff] [blame] | 364 | |
Jeff Sharkey | fa23c5a | 2011-08-09 21:44:24 -0700 | [diff] [blame] | 365 | // Add ourself to the Watchdog monitors. |
| 366 | Watchdog.getInstance().addMonitor(this); |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 367 | |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 368 | mServices.registerLocalService(new LocalService()); |
Lorenzo Colitti | 8228eb3 | 2017-07-19 06:17:33 +0900 | [diff] [blame] | 369 | |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 370 | synchronized (mTetheringStatsProviders) { |
| 371 | mTetheringStatsProviders.put(new NetdTetheringStatsProvider(), "netd"); |
| 372 | } |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 373 | } |
| 374 | |
| 375 | @VisibleForTesting |
| 376 | NetworkManagementService() { |
| 377 | mConnector = null; |
| 378 | mContext = null; |
| 379 | mDaemonHandler = null; |
| 380 | mFgHandler = null; |
| 381 | mThread = null; |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 382 | mServices = null; |
Robert Greenwalt | e5c3afb | 2010-09-22 14:32:35 -0700 | [diff] [blame] | 383 | } |
| 384 | |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 385 | static NetworkManagementService create(Context context, String socket, SystemServices services) |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 386 | throws InterruptedException { |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 387 | final NetworkManagementService service = |
| 388 | new NetworkManagementService(context, socket, services); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 389 | final CountDownLatch connectedSignal = service.mConnectedSignal; |
Robert Greenwalt | e5c3afb | 2010-09-22 14:32:35 -0700 | [diff] [blame] | 390 | if (DBG) Slog.d(TAG, "Creating NetworkManagementService"); |
| 391 | service.mThread.start(); |
| 392 | if (DBG) Slog.d(TAG, "Awaiting socket connection"); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 393 | connectedSignal.await(); |
Robert Greenwalt | e5c3afb | 2010-09-22 14:32:35 -0700 | [diff] [blame] | 394 | if (DBG) Slog.d(TAG, "Connected"); |
Lorenzo Colitti | 8c253ad | 2017-07-19 00:23:44 +0900 | [diff] [blame] | 395 | if (DBG) Slog.d(TAG, "Connecting native netd service"); |
bohu | 07cc3bb | 2016-05-03 15:58:01 -0700 | [diff] [blame] | 396 | service.connectNativeNetdService(); |
Lorenzo Colitti | 8c253ad | 2017-07-19 00:23:44 +0900 | [diff] [blame] | 397 | if (DBG) Slog.d(TAG, "Connected"); |
Robert Greenwalt | e5c3afb | 2010-09-22 14:32:35 -0700 | [diff] [blame] | 398 | return service; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 399 | } |
| 400 | |
Lorenzo Colitti | 7421a01 | 2013-08-20 22:51:24 +0900 | [diff] [blame] | 401 | public static NetworkManagementService create(Context context) throws InterruptedException { |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 402 | return create(context, NETD_SERVICE_NAME, new SystemServices()); |
Lorenzo Colitti | 7421a01 | 2013-08-20 22:51:24 +0900 | [diff] [blame] | 403 | } |
| 404 | |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 405 | public void systemReady() { |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 406 | if (DBG) { |
| 407 | final long start = System.currentTimeMillis(); |
| 408 | prepareNativeDaemon(); |
| 409 | final long delta = System.currentTimeMillis() - start; |
| 410 | Slog.d(TAG, "Prepared in " + delta + "ms"); |
| 411 | return; |
| 412 | } else { |
| 413 | prepareNativeDaemon(); |
| 414 | } |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 415 | } |
| 416 | |
Dianne Hackborn | e13c4c0 | 2014-02-11 17:18:35 -0800 | [diff] [blame] | 417 | private IBatteryStats getBatteryStats() { |
| 418 | synchronized (this) { |
| 419 | if (mBatteryStats != null) { |
| 420 | return mBatteryStats; |
| 421 | } |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 422 | mBatteryStats = |
| 423 | IBatteryStats.Stub.asInterface(mServices.getService(BatteryStats.SERVICE_NAME)); |
Dianne Hackborn | e13c4c0 | 2014-02-11 17:18:35 -0800 | [diff] [blame] | 424 | return mBatteryStats; |
| 425 | } |
| 426 | } |
| 427 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 428 | @Override |
Jeff Sharkey | 3df273e | 2011-12-15 15:47:12 -0800 | [diff] [blame] | 429 | public void registerObserver(INetworkManagementEventObserver observer) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 430 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 3df273e | 2011-12-15 15:47:12 -0800 | [diff] [blame] | 431 | mObservers.register(observer); |
San Mehat | 4d02d00 | 2010-01-22 16:07:46 -0800 | [diff] [blame] | 432 | } |
| 433 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 434 | @Override |
Jeff Sharkey | 3df273e | 2011-12-15 15:47:12 -0800 | [diff] [blame] | 435 | public void unregisterObserver(INetworkManagementEventObserver observer) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 436 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 3df273e | 2011-12-15 15:47:12 -0800 | [diff] [blame] | 437 | mObservers.unregister(observer); |
San Mehat | 4d02d00 | 2010-01-22 16:07:46 -0800 | [diff] [blame] | 438 | } |
| 439 | |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 440 | @FunctionalInterface |
| 441 | private interface NetworkManagementEventCallback { |
| 442 | public void sendCallback(INetworkManagementEventObserver o) throws RemoteException; |
| 443 | } |
| 444 | |
| 445 | private void invokeForAllObservers(NetworkManagementEventCallback eventCallback) { |
Jeff Sharkey | 3df273e | 2011-12-15 15:47:12 -0800 | [diff] [blame] | 446 | final int length = mObservers.beginBroadcast(); |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 447 | try { |
| 448 | for (int i = 0; i < length; i++) { |
| 449 | try { |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 450 | eventCallback.sendCallback(mObservers.getBroadcastItem(i)); |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 451 | } catch (RemoteException | RuntimeException e) { |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 452 | } |
Mike J. Chen | 6143f5f | 2011-06-23 15:17:51 -0700 | [diff] [blame] | 453 | } |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 454 | } finally { |
| 455 | mObservers.finishBroadcast(); |
Mike J. Chen | 6143f5f | 2011-06-23 15:17:51 -0700 | [diff] [blame] | 456 | } |
| 457 | } |
| 458 | |
| 459 | /** |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 460 | * Notify our observers of an interface status change |
| 461 | */ |
| 462 | private void notifyInterfaceStatusChanged(String iface, boolean up) { |
| 463 | invokeForAllObservers(o -> o.interfaceStatusChanged(iface, up)); |
| 464 | } |
| 465 | |
| 466 | /** |
Mike J. Chen | f59c7d0 | 2011-06-23 15:33:15 -0700 | [diff] [blame] | 467 | * Notify our observers of an interface link state change |
Mike J. Chen | 6143f5f | 2011-06-23 15:17:51 -0700 | [diff] [blame] | 468 | * (typically, an Ethernet cable has been plugged-in or unplugged). |
| 469 | */ |
| 470 | private void notifyInterfaceLinkStateChanged(String iface, boolean up) { |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 471 | invokeForAllObservers(o -> o.interfaceLinkStateChanged(iface, up)); |
San Mehat | 4d02d00 | 2010-01-22 16:07:46 -0800 | [diff] [blame] | 472 | } |
| 473 | |
| 474 | /** |
| 475 | * Notify our observers of an interface addition. |
| 476 | */ |
| 477 | private void notifyInterfaceAdded(String iface) { |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 478 | invokeForAllObservers(o -> o.interfaceAdded(iface)); |
San Mehat | 4d02d00 | 2010-01-22 16:07:46 -0800 | [diff] [blame] | 479 | } |
| 480 | |
| 481 | /** |
| 482 | * Notify our observers of an interface removal. |
| 483 | */ |
| 484 | private void notifyInterfaceRemoved(String iface) { |
Jeff Sharkey | 89b8a21 | 2011-10-11 11:58:11 -0700 | [diff] [blame] | 485 | // netd already clears out quota and alerts for removed ifaces; update |
| 486 | // our sanity-checking state. |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 487 | mActiveAlerts.remove(iface); |
| 488 | mActiveQuotas.remove(iface); |
Jeff Sharkey | 89b8a21 | 2011-10-11 11:58:11 -0700 | [diff] [blame] | 489 | |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 490 | invokeForAllObservers(o -> o.interfaceRemoved(iface)); |
San Mehat | 4d02d00 | 2010-01-22 16:07:46 -0800 | [diff] [blame] | 491 | } |
| 492 | |
Robert Greenwalt | e5c3afb | 2010-09-22 14:32:35 -0700 | [diff] [blame] | 493 | /** |
JP Abgrall | 12b933d | 2011-07-14 18:09:22 -0700 | [diff] [blame] | 494 | * Notify our observers of a limit reached. |
| 495 | */ |
| 496 | private void notifyLimitReached(String limitName, String iface) { |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 497 | invokeForAllObservers(o -> o.limitReached(limitName, iface)); |
JP Abgrall | 12b933d | 2011-07-14 18:09:22 -0700 | [diff] [blame] | 498 | } |
| 499 | |
| 500 | /** |
Haoyu Bai | db3c867 | 2012-06-20 14:29:57 -0700 | [diff] [blame] | 501 | * Notify our observers of a change in the data activity state of the interface |
| 502 | */ |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 503 | private void notifyInterfaceClassActivity(int type, int powerState, long tsNanos, |
Ruchi Kandoi | fa97fcf | 2016-05-13 15:10:39 -0700 | [diff] [blame] | 504 | int uid, boolean fromRadio) { |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 505 | final boolean isMobile = ConnectivityManager.isNetworkTypeMobile(type); |
| 506 | if (isMobile) { |
| 507 | if (!fromRadio) { |
| 508 | if (mMobileActivityFromRadio) { |
| 509 | // If this call is not coming from a report from the radio itself, but we |
| 510 | // have previously received reports from the radio, then we will take the |
| 511 | // power state to just be whatever the radio last reported. |
| 512 | powerState = mLastPowerStateFromRadio; |
| 513 | } |
| 514 | } else { |
| 515 | mMobileActivityFromRadio = true; |
| 516 | } |
| 517 | if (mLastPowerStateFromRadio != powerState) { |
| 518 | mLastPowerStateFromRadio = powerState; |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 519 | try { |
Ruchi Kandoi | fa97fcf | 2016-05-13 15:10:39 -0700 | [diff] [blame] | 520 | getBatteryStats().noteMobileRadioPowerState(powerState, tsNanos, uid); |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 521 | } catch (RemoteException e) { |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 522 | } |
Haoyu Bai | db3c867 | 2012-06-20 14:29:57 -0700 | [diff] [blame] | 523 | } |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 524 | } |
| 525 | |
Adam Lesinski | e08af19 | 2015-03-25 16:42:59 -0700 | [diff] [blame] | 526 | if (ConnectivityManager.isNetworkTypeWifi(type)) { |
| 527 | if (mLastPowerStateFromWifi != powerState) { |
| 528 | mLastPowerStateFromWifi = powerState; |
| 529 | try { |
Adam Lesinski | 5f056f6 | 2016-07-14 16:56:08 -0700 | [diff] [blame] | 530 | getBatteryStats().noteWifiRadioPowerState(powerState, tsNanos, uid); |
Adam Lesinski | e08af19 | 2015-03-25 16:42:59 -0700 | [diff] [blame] | 531 | } catch (RemoteException e) { |
| 532 | } |
| 533 | } |
| 534 | } |
| 535 | |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 536 | boolean isActive = powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_MEDIUM |
| 537 | || powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH; |
| 538 | |
| 539 | if (!isMobile || fromRadio || !mMobileActivityFromRadio) { |
| 540 | // Report the change in data activity. We don't do this if this is a change |
| 541 | // on the mobile network, that is not coming from the radio itself, and we |
| 542 | // have previously seen change reports from the radio. In that case only |
| 543 | // the radio is the authority for the current state. |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 544 | final boolean active = isActive; |
| 545 | invokeForAllObservers(o -> o.interfaceClassDataActivityChanged( |
| 546 | Integer.toString(type), active, tsNanos)); |
Haoyu Bai | db3c867 | 2012-06-20 14:29:57 -0700 | [diff] [blame] | 547 | } |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 548 | |
| 549 | boolean report = false; |
| 550 | synchronized (mIdleTimerLock) { |
| 551 | if (mActiveIdleTimers.isEmpty()) { |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 552 | // If there are no idle timers, we are not monitoring activity, so we |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 553 | // are always considered active. |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 554 | isActive = true; |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 555 | } |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 556 | if (mNetworkActive != isActive) { |
| 557 | mNetworkActive = isActive; |
| 558 | report = isActive; |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 559 | } |
| 560 | } |
| 561 | if (report) { |
| 562 | reportNetworkActive(); |
| 563 | } |
Haoyu Bai | db3c867 | 2012-06-20 14:29:57 -0700 | [diff] [blame] | 564 | } |
| 565 | |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 566 | @Override |
| 567 | public void registerTetheringStatsProvider(ITetheringStatsProvider provider, String name) { |
| 568 | mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG); |
| 569 | Preconditions.checkNotNull(provider); |
| 570 | synchronized(mTetheringStatsProviders) { |
| 571 | mTetheringStatsProviders.put(provider, name); |
| 572 | } |
| 573 | } |
| 574 | |
| 575 | @Override |
| 576 | public void unregisterTetheringStatsProvider(ITetheringStatsProvider provider) { |
| 577 | mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG); |
| 578 | synchronized(mTetheringStatsProviders) { |
| 579 | mTetheringStatsProviders.remove(provider); |
| 580 | } |
| 581 | } |
| 582 | |
Lorenzo Colitti | d66cf56 | 2017-08-15 19:25:51 +0900 | [diff] [blame] | 583 | @Override |
| 584 | public void tetherLimitReached(ITetheringStatsProvider provider) { |
| 585 | mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG); |
| 586 | synchronized(mTetheringStatsProviders) { |
| 587 | if (!mTetheringStatsProviders.containsKey(provider)) { |
| 588 | return; |
| 589 | } |
| 590 | // No current code examines the interface parameter in a global alert. Just pass null. |
| 591 | notifyLimitReached(LIMIT_GLOBAL_ALERT, null); |
| 592 | } |
| 593 | } |
| 594 | |
Lorenzo Colitti | 9eb844e | 2016-03-23 23:22:49 +0900 | [diff] [blame] | 595 | // Sync the state of the given chain with the native daemon. |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 596 | private void syncFirewallChainLocked(int chain, String name) { |
| 597 | SparseIntArray rules; |
| 598 | synchronized (mRulesLock) { |
| 599 | final SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain); |
Lorenzo Colitti | 9eb844e | 2016-03-23 23:22:49 +0900 | [diff] [blame] | 600 | // Make a copy of the current rules, and then clear them. This is because |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 601 | // setFirewallUidRuleInternal only pushes down rules to the native daemon if they |
| 602 | // are different from the current rules stored in the mUidFirewall*Rules array for |
| 603 | // the specified chain. If we don't clear the rules, setFirewallUidRuleInternal |
| 604 | // will do nothing. |
| 605 | rules = uidFirewallRules.clone(); |
Lorenzo Colitti | 9eb844e | 2016-03-23 23:22:49 +0900 | [diff] [blame] | 606 | uidFirewallRules.clear(); |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 607 | } |
| 608 | if (rules.size() > 0) { |
Lorenzo Colitti | 9eb844e | 2016-03-23 23:22:49 +0900 | [diff] [blame] | 609 | // Now push the rules. setFirewallUidRuleInternal will push each of these down to the |
| 610 | // native daemon, and also add them to the mUidFirewall*Rules array for the specified |
| 611 | // chain. |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 612 | if (DBG) Slog.d(TAG, "Pushing " + rules.size() + " active firewall " |
| 613 | + name + "UID rules"); |
Lorenzo Colitti | 9eb844e | 2016-03-23 23:22:49 +0900 | [diff] [blame] | 614 | for (int i = 0; i < rules.size(); i++) { |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 615 | setFirewallUidRuleLocked(chain, rules.keyAt(i), rules.valueAt(i)); |
Lorenzo Colitti | 9eb844e | 2016-03-23 23:22:49 +0900 | [diff] [blame] | 616 | } |
| 617 | } |
| 618 | } |
| 619 | |
bohu | 07cc3bb | 2016-05-03 15:58:01 -0700 | [diff] [blame] | 620 | private void connectNativeNetdService() { |
Lorenzo Colitti | a086800 | 2017-07-11 02:29:28 +0900 | [diff] [blame] | 621 | mNetdService = mServices.getNetd(); |
bohu | 07cc3bb | 2016-05-03 15:58:01 -0700 | [diff] [blame] | 622 | } |
| 623 | |
| 624 | /** |
| 625 | * Prepare native daemon once connected, enabling modules and pushing any |
| 626 | * existing in-memory rules. |
| 627 | */ |
| 628 | private void prepareNativeDaemon() { |
Lorenzo Colitti | 58967ba | 2016-02-02 17:21:21 +0900 | [diff] [blame] | 629 | |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 630 | mBandwidthControlEnabled = false; |
Robert Greenwalt | e5c3afb | 2010-09-22 14:32:35 -0700 | [diff] [blame] | 631 | |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 632 | // only enable bandwidth control when support exists |
| 633 | final boolean hasKernelSupport = new File("/proc/net/xt_qtaguid/ctrl").exists(); |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 634 | |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 635 | // push any existing quota or UID rules |
| 636 | synchronized (mQuotaLock) { |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 637 | |
Lorenzo Colitti | 8c253ad | 2017-07-19 00:23:44 +0900 | [diff] [blame] | 638 | if (hasKernelSupport) { |
| 639 | Slog.d(TAG, "enabling bandwidth control"); |
| 640 | try { |
| 641 | mConnector.execute("bandwidth", "enable"); |
| 642 | mBandwidthControlEnabled = true; |
| 643 | } catch (NativeDaemonConnectorException e) { |
| 644 | Log.wtf(TAG, "problem enabling bandwidth controls", e); |
| 645 | } |
| 646 | } else { |
| 647 | Slog.i(TAG, "not enabling bandwidth control"); |
| 648 | } |
| 649 | |
| 650 | SystemProperties.set(PROP_QTAGUID_ENABLED, mBandwidthControlEnabled ? "1" : "0"); |
| 651 | |
| 652 | try { |
| 653 | mConnector.execute("strict", "enable"); |
| 654 | mStrictEnabled = true; |
| 655 | } catch (NativeDaemonConnectorException e) { |
| 656 | Log.wtf(TAG, "Failed strict enable", e); |
| 657 | } |
| 658 | |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 659 | setDataSaverModeEnabled(mDataSaverMode); |
| 660 | |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 661 | int size = mActiveQuotas.size(); |
| 662 | if (size > 0) { |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 663 | if (DBG) Slog.d(TAG, "Pushing " + size + " active quota rules"); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 664 | final HashMap<String, Long> activeQuotas = mActiveQuotas; |
| 665 | mActiveQuotas = Maps.newHashMap(); |
| 666 | for (Map.Entry<String, Long> entry : activeQuotas.entrySet()) { |
| 667 | setInterfaceQuota(entry.getKey(), entry.getValue()); |
| 668 | } |
| 669 | } |
| 670 | |
| 671 | size = mActiveAlerts.size(); |
| 672 | if (size > 0) { |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 673 | if (DBG) Slog.d(TAG, "Pushing " + size + " active alert rules"); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 674 | final HashMap<String, Long> activeAlerts = mActiveAlerts; |
| 675 | mActiveAlerts = Maps.newHashMap(); |
| 676 | for (Map.Entry<String, Long> entry : activeAlerts.entrySet()) { |
| 677 | setInterfaceAlert(entry.getKey(), entry.getValue()); |
| 678 | } |
| 679 | } |
| 680 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 681 | SparseBooleanArray uidRejectOnQuota = null; |
| 682 | SparseBooleanArray uidAcceptOnQuota = null; |
| 683 | synchronized (mRulesLock) { |
| 684 | size = mUidRejectOnMetered.size(); |
| 685 | if (size > 0) { |
| 686 | if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered blacklist rules"); |
| 687 | uidRejectOnQuota = mUidRejectOnMetered; |
| 688 | mUidRejectOnMetered = new SparseBooleanArray(); |
| 689 | } |
| 690 | |
| 691 | size = mUidAllowOnMetered.size(); |
| 692 | if (size > 0) { |
| 693 | if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered whitelist rules"); |
| 694 | uidAcceptOnQuota = mUidAllowOnMetered; |
| 695 | mUidAllowOnMetered = new SparseBooleanArray(); |
| 696 | } |
| 697 | } |
| 698 | if (uidRejectOnQuota != null) { |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 699 | for (int i = 0; i < uidRejectOnQuota.size(); i++) { |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 700 | setUidMeteredNetworkBlacklist(uidRejectOnQuota.keyAt(i), |
| 701 | uidRejectOnQuota.valueAt(i)); |
| 702 | } |
| 703 | } |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 704 | if (uidAcceptOnQuota != null) { |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 705 | for (int i = 0; i < uidAcceptOnQuota.size(); i++) { |
| 706 | setUidMeteredNetworkWhitelist(uidAcceptOnQuota.keyAt(i), |
| 707 | uidAcceptOnQuota.valueAt(i)); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 708 | } |
| 709 | } |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 710 | |
| 711 | size = mUidCleartextPolicy.size(); |
| 712 | if (size > 0) { |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 713 | if (DBG) Slog.d(TAG, "Pushing " + size + " active UID cleartext policies"); |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 714 | final SparseIntArray local = mUidCleartextPolicy; |
| 715 | mUidCleartextPolicy = new SparseIntArray(); |
| 716 | for (int i = 0; i < local.size(); i++) { |
| 717 | setUidCleartextNetworkPolicy(local.keyAt(i), local.valueAt(i)); |
| 718 | } |
| 719 | } |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 720 | |
Robin Lee | c3736bc | 2017-03-10 16:19:54 +0000 | [diff] [blame] | 721 | setFirewallEnabled(mFirewallEnabled); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 722 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 723 | syncFirewallChainLocked(FIREWALL_CHAIN_NONE, ""); |
| 724 | syncFirewallChainLocked(FIREWALL_CHAIN_STANDBY, "standby "); |
| 725 | syncFirewallChainLocked(FIREWALL_CHAIN_DOZABLE, "dozable "); |
| 726 | syncFirewallChainLocked(FIREWALL_CHAIN_POWERSAVE, "powersave "); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 727 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 728 | final int[] chains = |
| 729 | {FIREWALL_CHAIN_STANDBY, FIREWALL_CHAIN_DOZABLE, FIREWALL_CHAIN_POWERSAVE}; |
| 730 | for (int chain : chains) { |
| 731 | if (getFirewallChainState(chain)) { |
| 732 | setFirewallChainEnabled(chain, true); |
| 733 | } |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 734 | } |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 735 | } |
Lorenzo Colitti | 8c253ad | 2017-07-19 00:23:44 +0900 | [diff] [blame] | 736 | |
| 737 | if (mBandwidthControlEnabled) { |
| 738 | try { |
| 739 | getBatteryStats().noteNetworkStatsEnabled(); |
| 740 | } catch (RemoteException e) { |
| 741 | } |
| 742 | } |
| 743 | |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 744 | } |
San Mehat | 4d02d00 | 2010-01-22 16:07:46 -0800 | [diff] [blame] | 745 | |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 746 | /** |
| 747 | * Notify our observers of a new or updated interface address. |
| 748 | */ |
Lorenzo Colitti | 6448394 | 2013-11-15 18:43:52 +0900 | [diff] [blame] | 749 | private void notifyAddressUpdated(String iface, LinkAddress address) { |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 750 | invokeForAllObservers(o -> o.addressUpdated(iface, address)); |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 751 | } |
| 752 | |
| 753 | /** |
| 754 | * Notify our observers of a deleted interface address. |
| 755 | */ |
Lorenzo Colitti | 6448394 | 2013-11-15 18:43:52 +0900 | [diff] [blame] | 756 | private void notifyAddressRemoved(String iface, LinkAddress address) { |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 757 | invokeForAllObservers(o -> o.addressRemoved(iface, address)); |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 758 | } |
| 759 | |
Lorenzo Colitti | 5ae4a53 | 2013-10-31 11:59:46 +0900 | [diff] [blame] | 760 | /** |
| 761 | * Notify our observers of DNS server information received. |
| 762 | */ |
| 763 | private void notifyInterfaceDnsServerInfo(String iface, long lifetime, String[] addresses) { |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 764 | invokeForAllObservers(o -> o.interfaceDnsServerInfo(iface, lifetime, addresses)); |
Lorenzo Colitti | 5ae4a53 | 2013-10-31 11:59:46 +0900 | [diff] [blame] | 765 | } |
| 766 | |
Lorenzo Colitti | c18cbfd | 2014-06-13 21:21:03 +0900 | [diff] [blame] | 767 | /** |
| 768 | * Notify our observers of a route change. |
| 769 | */ |
| 770 | private void notifyRouteChange(String action, RouteInfo route) { |
Erik Kline | b2cfdfb | 2017-01-18 20:54:14 +0900 | [diff] [blame] | 771 | if (action.equals("updated")) { |
| 772 | invokeForAllObservers(o -> o.routeUpdated(route)); |
| 773 | } else { |
| 774 | invokeForAllObservers(o -> o.routeRemoved(route)); |
Lorenzo Colitti | c18cbfd | 2014-06-13 21:21:03 +0900 | [diff] [blame] | 775 | } |
| 776 | } |
| 777 | |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 778 | // |
| 779 | // Netd Callback handling |
| 780 | // |
| 781 | |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 782 | private class NetdCallbackReceiver implements INativeDaemonConnectorCallbacks { |
| 783 | @Override |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 784 | public void onDaemonConnected() { |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 785 | Slog.i(TAG, "onDaemonConnected()"); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 786 | // event is dispatched from internal NDC thread, so we prepare the |
| 787 | // daemon back on main thread. |
| 788 | if (mConnectedSignal != null) { |
bohu | 07cc3bb | 2016-05-03 15:58:01 -0700 | [diff] [blame] | 789 | // The system is booting and we're connecting to netd for the first time. |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 790 | mConnectedSignal.countDown(); |
| 791 | mConnectedSignal = null; |
| 792 | } else { |
bohu | 07cc3bb | 2016-05-03 15:58:01 -0700 | [diff] [blame] | 793 | // We're reconnecting to netd after the socket connection |
| 794 | // was interrupted (e.g., if it crashed). |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 795 | mFgHandler.post(new Runnable() { |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 796 | @Override |
| 797 | public void run() { |
bohu | 07cc3bb | 2016-05-03 15:58:01 -0700 | [diff] [blame] | 798 | connectNativeNetdService(); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 799 | prepareNativeDaemon(); |
| 800 | } |
| 801 | }); |
| 802 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 803 | } |
Jeff Sharkey | fa23c5a | 2011-08-09 21:44:24 -0700 | [diff] [blame] | 804 | |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 805 | @Override |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 806 | public boolean onCheckHoldWakeLock(int code) { |
| 807 | return code == NetdResponseCode.InterfaceClassActivity; |
| 808 | } |
| 809 | |
| 810 | @Override |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 811 | public boolean onEvent(int code, String raw, String[] cooked) { |
Lorenzo Colitti | a9626c1 | 2013-11-04 17:44:09 +0900 | [diff] [blame] | 812 | String errorMessage = String.format("Invalid event from daemon (%s)", raw); |
JP Abgrall | 12b933d | 2011-07-14 18:09:22 -0700 | [diff] [blame] | 813 | switch (code) { |
| 814 | case NetdResponseCode.InterfaceChange: |
| 815 | /* |
| 816 | * a network interface change occured |
| 817 | * Format: "NNN Iface added <name>" |
| 818 | * "NNN Iface removed <name>" |
| 819 | * "NNN Iface changed <name> <up/down>" |
| 820 | * "NNN Iface linkstatus <name> <up/down>" |
| 821 | */ |
| 822 | if (cooked.length < 4 || !cooked[1].equals("Iface")) { |
Lorenzo Colitti | a9626c1 | 2013-11-04 17:44:09 +0900 | [diff] [blame] | 823 | throw new IllegalStateException(errorMessage); |
JP Abgrall | 12b933d | 2011-07-14 18:09:22 -0700 | [diff] [blame] | 824 | } |
| 825 | if (cooked[2].equals("added")) { |
| 826 | notifyInterfaceAdded(cooked[3]); |
| 827 | return true; |
| 828 | } else if (cooked[2].equals("removed")) { |
| 829 | notifyInterfaceRemoved(cooked[3]); |
| 830 | return true; |
| 831 | } else if (cooked[2].equals("changed") && cooked.length == 5) { |
| 832 | notifyInterfaceStatusChanged(cooked[3], cooked[4].equals("up")); |
| 833 | return true; |
| 834 | } else if (cooked[2].equals("linkstate") && cooked.length == 5) { |
| 835 | notifyInterfaceLinkStateChanged(cooked[3], cooked[4].equals("up")); |
| 836 | return true; |
| 837 | } |
Lorenzo Colitti | a9626c1 | 2013-11-04 17:44:09 +0900 | [diff] [blame] | 838 | throw new IllegalStateException(errorMessage); |
JP Abgrall | 12b933d | 2011-07-14 18:09:22 -0700 | [diff] [blame] | 839 | // break; |
| 840 | case NetdResponseCode.BandwidthControl: |
| 841 | /* |
| 842 | * Bandwidth control needs some attention |
| 843 | * Format: "NNN limit alert <alertName> <ifaceName>" |
| 844 | */ |
| 845 | if (cooked.length < 5 || !cooked[1].equals("limit")) { |
Lorenzo Colitti | a9626c1 | 2013-11-04 17:44:09 +0900 | [diff] [blame] | 846 | throw new IllegalStateException(errorMessage); |
JP Abgrall | 12b933d | 2011-07-14 18:09:22 -0700 | [diff] [blame] | 847 | } |
| 848 | if (cooked[2].equals("alert")) { |
| 849 | notifyLimitReached(cooked[3], cooked[4]); |
| 850 | return true; |
| 851 | } |
Lorenzo Colitti | a9626c1 | 2013-11-04 17:44:09 +0900 | [diff] [blame] | 852 | throw new IllegalStateException(errorMessage); |
JP Abgrall | 12b933d | 2011-07-14 18:09:22 -0700 | [diff] [blame] | 853 | // break; |
Haoyu Bai | db3c867 | 2012-06-20 14:29:57 -0700 | [diff] [blame] | 854 | case NetdResponseCode.InterfaceClassActivity: |
| 855 | /* |
| 856 | * An network interface class state changed (active/idle) |
| 857 | * Format: "NNN IfaceClass <active/idle> <label>" |
| 858 | */ |
| 859 | if (cooked.length < 4 || !cooked[1].equals("IfaceClass")) { |
Lorenzo Colitti | a9626c1 | 2013-11-04 17:44:09 +0900 | [diff] [blame] | 860 | throw new IllegalStateException(errorMessage); |
Haoyu Bai | db3c867 | 2012-06-20 14:29:57 -0700 | [diff] [blame] | 861 | } |
Ashish Sharma | 0535a9f | 2014-03-12 18:42:23 -0700 | [diff] [blame] | 862 | long timestampNanos = 0; |
Ruchi Kandoi | fa97fcf | 2016-05-13 15:10:39 -0700 | [diff] [blame] | 863 | int processUid = -1; |
| 864 | if (cooked.length >= 5) { |
Ashish Sharma | 0535a9f | 2014-03-12 18:42:23 -0700 | [diff] [blame] | 865 | try { |
| 866 | timestampNanos = Long.parseLong(cooked[4]); |
Ruchi Kandoi | fa97fcf | 2016-05-13 15:10:39 -0700 | [diff] [blame] | 867 | if (cooked.length == 6) { |
| 868 | processUid = Integer.parseInt(cooked[5]); |
| 869 | } |
Ashish Sharma | 0535a9f | 2014-03-12 18:42:23 -0700 | [diff] [blame] | 870 | } catch(NumberFormatException ne) {} |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 871 | } else { |
| 872 | timestampNanos = SystemClock.elapsedRealtimeNanos(); |
Ashish Sharma | 0535a9f | 2014-03-12 18:42:23 -0700 | [diff] [blame] | 873 | } |
Haoyu Bai | db3c867 | 2012-06-20 14:29:57 -0700 | [diff] [blame] | 874 | boolean isActive = cooked[2].equals("active"); |
Ashish Sharma | 0535a9f | 2014-03-12 18:42:23 -0700 | [diff] [blame] | 875 | notifyInterfaceClassActivity(Integer.parseInt(cooked[3]), |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 876 | isActive ? DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH |
Ruchi Kandoi | fa97fcf | 2016-05-13 15:10:39 -0700 | [diff] [blame] | 877 | : DataConnectionRealTimeInfo.DC_POWER_STATE_LOW, |
| 878 | timestampNanos, processUid, false); |
Haoyu Bai | db3c867 | 2012-06-20 14:29:57 -0700 | [diff] [blame] | 879 | return true; |
| 880 | // break; |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 881 | case NetdResponseCode.InterfaceAddressChange: |
| 882 | /* |
| 883 | * A network address change occurred |
| 884 | * Format: "NNN Address updated <addr> <iface> <flags> <scope>" |
| 885 | * "NNN Address removed <addr> <iface> <flags> <scope>" |
| 886 | */ |
Lorenzo Colitti | a9626c1 | 2013-11-04 17:44:09 +0900 | [diff] [blame] | 887 | if (cooked.length < 7 || !cooked[1].equals("Address")) { |
| 888 | throw new IllegalStateException(errorMessage); |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 889 | } |
| 890 | |
Lorenzo Colitti | 6448394 | 2013-11-15 18:43:52 +0900 | [diff] [blame] | 891 | String iface = cooked[4]; |
Lorenzo Colitti | 5ad421a | 2013-11-17 15:05:02 +0900 | [diff] [blame] | 892 | LinkAddress address; |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 893 | try { |
Lorenzo Colitti | 6448394 | 2013-11-15 18:43:52 +0900 | [diff] [blame] | 894 | int flags = Integer.parseInt(cooked[5]); |
| 895 | int scope = Integer.parseInt(cooked[6]); |
| 896 | address = new LinkAddress(cooked[3], flags, scope); |
Lorenzo Colitti | 5ad421a | 2013-11-17 15:05:02 +0900 | [diff] [blame] | 897 | } catch(NumberFormatException e) { // Non-numeric lifetime or scope. |
| 898 | throw new IllegalStateException(errorMessage, e); |
Lorenzo Colitti | 6448394 | 2013-11-15 18:43:52 +0900 | [diff] [blame] | 899 | } catch(IllegalArgumentException e) { // Malformed/invalid IP address. |
Lorenzo Colitti | 5ad421a | 2013-11-17 15:05:02 +0900 | [diff] [blame] | 900 | throw new IllegalStateException(errorMessage, e); |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 901 | } |
| 902 | |
| 903 | if (cooked[2].equals("updated")) { |
Lorenzo Colitti | 6448394 | 2013-11-15 18:43:52 +0900 | [diff] [blame] | 904 | notifyAddressUpdated(iface, address); |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 905 | } else { |
Lorenzo Colitti | 6448394 | 2013-11-15 18:43:52 +0900 | [diff] [blame] | 906 | notifyAddressRemoved(iface, address); |
Lorenzo Colitti | 5c7daac | 2013-08-05 10:39:37 +0900 | [diff] [blame] | 907 | } |
| 908 | return true; |
| 909 | // break; |
Lorenzo Colitti | 5ae4a53 | 2013-10-31 11:59:46 +0900 | [diff] [blame] | 910 | case NetdResponseCode.InterfaceDnsServerInfo: |
| 911 | /* |
| 912 | * Information about available DNS servers has been received. |
| 913 | * Format: "NNN DnsInfo servers <interface> <lifetime> <servers>" |
| 914 | */ |
| 915 | long lifetime; // Actually a 32-bit unsigned integer. |
| 916 | |
| 917 | if (cooked.length == 6 && |
| 918 | cooked[1].equals("DnsInfo") && |
| 919 | cooked[2].equals("servers")) { |
| 920 | try { |
| 921 | lifetime = Long.parseLong(cooked[4]); |
| 922 | } catch (NumberFormatException e) { |
| 923 | throw new IllegalStateException(errorMessage); |
| 924 | } |
| 925 | String[] servers = cooked[5].split(","); |
| 926 | notifyInterfaceDnsServerInfo(cooked[3], lifetime, servers); |
| 927 | } |
| 928 | return true; |
| 929 | // break; |
Lorenzo Colitti | c18cbfd | 2014-06-13 21:21:03 +0900 | [diff] [blame] | 930 | case NetdResponseCode.RouteChange: |
| 931 | /* |
| 932 | * A route has been updated or removed. |
| 933 | * Format: "NNN Route <updated|removed> <dst> [via <gateway] [dev <iface>]" |
| 934 | */ |
| 935 | if (!cooked[1].equals("Route") || cooked.length < 6) { |
| 936 | throw new IllegalStateException(errorMessage); |
| 937 | } |
| 938 | |
| 939 | String via = null; |
| 940 | String dev = null; |
| 941 | boolean valid = true; |
| 942 | for (int i = 4; (i + 1) < cooked.length && valid; i += 2) { |
| 943 | if (cooked[i].equals("dev")) { |
| 944 | if (dev == null) { |
| 945 | dev = cooked[i+1]; |
| 946 | } else { |
| 947 | valid = false; // Duplicate interface. |
| 948 | } |
| 949 | } else if (cooked[i].equals("via")) { |
| 950 | if (via == null) { |
| 951 | via = cooked[i+1]; |
| 952 | } else { |
| 953 | valid = false; // Duplicate gateway. |
| 954 | } |
| 955 | } else { |
| 956 | valid = false; // Unknown syntax. |
| 957 | } |
| 958 | } |
| 959 | if (valid) { |
| 960 | try { |
| 961 | // InetAddress.parseNumericAddress(null) inexplicably returns ::1. |
| 962 | InetAddress gateway = null; |
| 963 | if (via != null) gateway = InetAddress.parseNumericAddress(via); |
| 964 | RouteInfo route = new RouteInfo(new IpPrefix(cooked[3]), gateway, dev); |
| 965 | notifyRouteChange(cooked[2], route); |
| 966 | return true; |
| 967 | } catch (IllegalArgumentException e) {} |
| 968 | } |
| 969 | throw new IllegalStateException(errorMessage); |
| 970 | // break; |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 971 | case NetdResponseCode.StrictCleartext: |
| 972 | final int uid = Integer.parseInt(cooked[1]); |
| 973 | final byte[] firstPacket = HexDump.hexStringToByteArray(cooked[2]); |
| 974 | try { |
Sudheer Shanka | dc589ac | 2016-11-10 15:30:17 -0800 | [diff] [blame] | 975 | ActivityManager.getService().notifyCleartextNetwork(uid, firstPacket); |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 976 | } catch (RemoteException ignored) { |
| 977 | } |
| 978 | break; |
JP Abgrall | 12b933d | 2011-07-14 18:09:22 -0700 | [diff] [blame] | 979 | default: break; |
Robert Greenwalt | e325392 | 2010-02-18 09:23:25 -0800 | [diff] [blame] | 980 | } |
| 981 | return false; |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 982 | } |
| 983 | } |
| 984 | |
San Mehat | ed4fc8a | 2010-01-22 12:28:36 -0800 | [diff] [blame] | 985 | |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 986 | // |
| 987 | // INetworkManagementService members |
| 988 | // |
Erik Kline | 4e37b70 | 2016-07-05 11:34:21 +0900 | [diff] [blame] | 989 | @Override |
| 990 | public INetd getNetdService() throws RemoteException { |
| 991 | final CountDownLatch connectedSignal = mConnectedSignal; |
| 992 | if (connectedSignal != null) { |
| 993 | try { |
| 994 | connectedSignal.await(); |
| 995 | } catch (InterruptedException ignored) {} |
| 996 | } |
| 997 | |
| 998 | return mNetdService; |
| 999 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1000 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1001 | @Override |
| 1002 | public String[] listInterfaces() { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1003 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1004 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1005 | return NativeDaemonEvent.filterMessageList( |
| 1006 | mConnector.executeForList("interface", "list"), InterfaceListResult); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1007 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1008 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1009 | } |
San Mehat | ed4fc8a | 2010-01-22 12:28:36 -0800 | [diff] [blame] | 1010 | } |
| 1011 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1012 | @Override |
| 1013 | public InterfaceConfiguration getInterfaceConfig(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1014 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1015 | |
| 1016 | final NativeDaemonEvent event; |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1017 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1018 | event = mConnector.execute("interface", "getcfg", iface); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1019 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1020 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1021 | } |
San Mehat | ed4fc8a | 2010-01-22 12:28:36 -0800 | [diff] [blame] | 1022 | |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1023 | event.checkCode(InterfaceGetCfgResult); |
| 1024 | |
| 1025 | // Rsp: 213 xx:xx:xx:xx:xx:xx yyy.yyy.yyy.yyy zzz flag1 flag2 flag3 |
| 1026 | final StringTokenizer st = new StringTokenizer(event.getMessage()); |
San Mehat | ed4fc8a | 2010-01-22 12:28:36 -0800 | [diff] [blame] | 1027 | |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1028 | InterfaceConfiguration cfg; |
San Mehat | ed4fc8a | 2010-01-22 12:28:36 -0800 | [diff] [blame] | 1029 | try { |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1030 | cfg = new InterfaceConfiguration(); |
Jeff Sharkey | ddba106 | 2011-11-29 18:37:04 -0800 | [diff] [blame] | 1031 | cfg.setHardwareAddress(st.nextToken(" ")); |
Robert Greenwalt | ed12640 | 2011-01-28 15:34:55 -0800 | [diff] [blame] | 1032 | InetAddress addr = null; |
Robert Greenwalt | 2d2afd1 | 2011-02-01 15:30:46 -0800 | [diff] [blame] | 1033 | int prefixLength = 0; |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1034 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1035 | addr = NetworkUtils.numericToInetAddress(st.nextToken()); |
Robert Greenwalt | e590373 | 2011-02-22 16:00:42 -0800 | [diff] [blame] | 1036 | } catch (IllegalArgumentException iae) { |
| 1037 | Slog.e(TAG, "Failed to parse ipaddr", iae); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1038 | } |
| 1039 | |
| 1040 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1041 | prefixLength = Integer.parseInt(st.nextToken()); |
Robert Greenwalt | 2d2afd1 | 2011-02-01 15:30:46 -0800 | [diff] [blame] | 1042 | } catch (NumberFormatException nfe) { |
| 1043 | Slog.e(TAG, "Failed to parse prefixLength", nfe); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1044 | } |
Robert Greenwalt | 04808c2 | 2010-12-13 17:01:41 -0800 | [diff] [blame] | 1045 | |
Jeff Sharkey | ddba106 | 2011-11-29 18:37:04 -0800 | [diff] [blame] | 1046 | cfg.setLinkAddress(new LinkAddress(addr, prefixLength)); |
| 1047 | while (st.hasMoreTokens()) { |
| 1048 | cfg.setFlag(st.nextToken()); |
| 1049 | } |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1050 | } catch (NoSuchElementException nsee) { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1051 | throw new IllegalStateException("Invalid response from daemon: " + event); |
San Mehat | ed4fc8a | 2010-01-22 12:28:36 -0800 | [diff] [blame] | 1052 | } |
San Mehat | ed4fc8a | 2010-01-22 12:28:36 -0800 | [diff] [blame] | 1053 | return cfg; |
| 1054 | } |
| 1055 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1056 | @Override |
| 1057 | public void setInterfaceConfig(String iface, InterfaceConfiguration cfg) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1058 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | ddba106 | 2011-11-29 18:37:04 -0800 | [diff] [blame] | 1059 | LinkAddress linkAddr = cfg.getLinkAddress(); |
Robert Greenwalt | 2d2afd1 | 2011-02-01 15:30:46 -0800 | [diff] [blame] | 1060 | if (linkAddr == null || linkAddr.getAddress() == null) { |
| 1061 | throw new IllegalStateException("Null LinkAddress given"); |
Robert Greenwalt | ed12640 | 2011-01-28 15:34:55 -0800 | [diff] [blame] | 1062 | } |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1063 | |
| 1064 | final Command cmd = new Command("interface", "setcfg", iface, |
Robert Greenwalt | 2d2afd1 | 2011-02-01 15:30:46 -0800 | [diff] [blame] | 1065 | linkAddr.getAddress().getHostAddress(), |
Lorenzo Colitti | 7dc78cf | 2014-06-09 22:58:46 +0900 | [diff] [blame] | 1066 | linkAddr.getPrefixLength()); |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1067 | for (String flag : cfg.getFlags()) { |
| 1068 | cmd.appendArg(flag); |
| 1069 | } |
| 1070 | |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1071 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1072 | mConnector.execute(cmd); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1073 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1074 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1075 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1076 | } |
| 1077 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1078 | @Override |
| 1079 | public void setInterfaceDown(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1080 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1081 | final InterfaceConfiguration ifcg = getInterfaceConfig(iface); |
Jeff Sharkey | ddba106 | 2011-11-29 18:37:04 -0800 | [diff] [blame] | 1082 | ifcg.setInterfaceDown(); |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1083 | setInterfaceConfig(iface, ifcg); |
Irfan Sheriff | 7244c97 | 2011-08-05 20:40:45 -0700 | [diff] [blame] | 1084 | } |
| 1085 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1086 | @Override |
| 1087 | public void setInterfaceUp(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1088 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1089 | final InterfaceConfiguration ifcg = getInterfaceConfig(iface); |
Jeff Sharkey | ddba106 | 2011-11-29 18:37:04 -0800 | [diff] [blame] | 1090 | ifcg.setInterfaceUp(); |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1091 | setInterfaceConfig(iface, ifcg); |
Irfan Sheriff | 7244c97 | 2011-08-05 20:40:45 -0700 | [diff] [blame] | 1092 | } |
| 1093 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1094 | @Override |
| 1095 | public void setInterfaceIpv6PrivacyExtensions(String iface, boolean enable) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1096 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Irfan Sheriff | 7329361 | 2011-09-14 12:31:56 -0700 | [diff] [blame] | 1097 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1098 | mConnector.execute( |
| 1099 | "interface", "ipv6privacyextensions", iface, enable ? "enable" : "disable"); |
Irfan Sheriff | 7329361 | 2011-09-14 12:31:56 -0700 | [diff] [blame] | 1100 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1101 | throw e.rethrowAsParcelableException(); |
Irfan Sheriff | 7329361 | 2011-09-14 12:31:56 -0700 | [diff] [blame] | 1102 | } |
| 1103 | } |
| 1104 | |
Irfan Sheriff | f560061 | 2011-06-16 10:26:28 -0700 | [diff] [blame] | 1105 | /* TODO: This is right now a IPv4 only function. Works for wifi which loses its |
| 1106 | IPv6 addresses on interface down, but we need to do full clean up here */ |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1107 | @Override |
| 1108 | public void clearInterfaceAddresses(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1109 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Irfan Sheriff | f560061 | 2011-06-16 10:26:28 -0700 | [diff] [blame] | 1110 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1111 | mConnector.execute("interface", "clearaddrs", iface); |
Irfan Sheriff | f560061 | 2011-06-16 10:26:28 -0700 | [diff] [blame] | 1112 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1113 | throw e.rethrowAsParcelableException(); |
Irfan Sheriff | f560061 | 2011-06-16 10:26:28 -0700 | [diff] [blame] | 1114 | } |
| 1115 | } |
| 1116 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1117 | @Override |
| 1118 | public void enableIpv6(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1119 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
repo sync | 7960d9f | 2011-09-29 12:40:02 -0700 | [diff] [blame] | 1120 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1121 | mConnector.execute("interface", "ipv6", iface, "enable"); |
repo sync | 7960d9f | 2011-09-29 12:40:02 -0700 | [diff] [blame] | 1122 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1123 | throw e.rethrowAsParcelableException(); |
repo sync | 7960d9f | 2011-09-29 12:40:02 -0700 | [diff] [blame] | 1124 | } |
| 1125 | } |
| 1126 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1127 | @Override |
Joel Scherpelz | 2db1074 | 2017-06-07 15:38:38 +0900 | [diff] [blame] | 1128 | public void setIPv6AddrGenMode(String iface, int mode) throws ServiceSpecificException { |
| 1129 | try { |
| 1130 | mNetdService.setIPv6AddrGenMode(iface, mode); |
| 1131 | } catch (RemoteException e) { |
| 1132 | throw e.rethrowAsRuntimeException(); |
| 1133 | } |
| 1134 | } |
| 1135 | |
| 1136 | @Override |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1137 | public void disableIpv6(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1138 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
repo sync | 7960d9f | 2011-09-29 12:40:02 -0700 | [diff] [blame] | 1139 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1140 | mConnector.execute("interface", "ipv6", iface, "disable"); |
repo sync | 7960d9f | 2011-09-29 12:40:02 -0700 | [diff] [blame] | 1141 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1142 | throw e.rethrowAsParcelableException(); |
repo sync | 7960d9f | 2011-09-29 12:40:02 -0700 | [diff] [blame] | 1143 | } |
| 1144 | } |
| 1145 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1146 | @Override |
Sreeram Ramachandran | b2829fa | 2014-04-15 19:07:12 -0700 | [diff] [blame] | 1147 | public void addRoute(int netId, RouteInfo route) { |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 1148 | modifyRoute("add", "" + netId, route); |
Robert Greenwalt | 59b1a4e | 2011-05-10 15:05:02 -0700 | [diff] [blame] | 1149 | } |
| 1150 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1151 | @Override |
Sreeram Ramachandran | b2829fa | 2014-04-15 19:07:12 -0700 | [diff] [blame] | 1152 | public void removeRoute(int netId, RouteInfo route) { |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 1153 | modifyRoute("remove", "" + netId, route); |
Robert Greenwalt | 59b1a4e | 2011-05-10 15:05:02 -0700 | [diff] [blame] | 1154 | } |
| 1155 | |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 1156 | private void modifyRoute(String action, String netId, RouteInfo route) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1157 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Robert Greenwalt | 3b28e9a | 2011-11-02 14:37:19 -0700 | [diff] [blame] | 1158 | |
Sreeram Ramachandran | b2829fa | 2014-04-15 19:07:12 -0700 | [diff] [blame] | 1159 | final Command cmd = new Command("network", "route", action, netId); |
Robert Greenwalt | 3b28e9a | 2011-11-02 14:37:19 -0700 | [diff] [blame] | 1160 | |
Sreeram Ramachandran | b2829fa | 2014-04-15 19:07:12 -0700 | [diff] [blame] | 1161 | // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr |
Sreeram Ramachandran | b2829fa | 2014-04-15 19:07:12 -0700 | [diff] [blame] | 1162 | cmd.appendArg(route.getInterface()); |
Lorenzo Colitti | 4b0f8e6 | 2014-09-19 01:49:05 +0900 | [diff] [blame] | 1163 | cmd.appendArg(route.getDestination().toString()); |
| 1164 | |
| 1165 | switch (route.getType()) { |
| 1166 | case RouteInfo.RTN_UNICAST: |
| 1167 | if (route.hasGateway()) { |
| 1168 | cmd.appendArg(route.getGateway().getHostAddress()); |
| 1169 | } |
| 1170 | break; |
| 1171 | case RouteInfo.RTN_UNREACHABLE: |
| 1172 | cmd.appendArg("unreachable"); |
| 1173 | break; |
| 1174 | case RouteInfo.RTN_THROW: |
| 1175 | cmd.appendArg("throw"); |
| 1176 | break; |
Sreeram Ramachandran | 1fbcb27 | 2014-05-22 16:30:48 -0700 | [diff] [blame] | 1177 | } |
Robert Greenwalt | 59b1a4e | 2011-05-10 15:05:02 -0700 | [diff] [blame] | 1178 | |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1179 | try { |
| 1180 | mConnector.execute(cmd); |
| 1181 | } catch (NativeDaemonConnectorException e) { |
| 1182 | throw e.rethrowAsParcelableException(); |
Robert Greenwalt | 59b1a4e | 2011-05-10 15:05:02 -0700 | [diff] [blame] | 1183 | } |
| 1184 | } |
| 1185 | |
| 1186 | private ArrayList<String> readRouteList(String filename) { |
| 1187 | FileInputStream fstream = null; |
Christopher Wiley | 212b95f | 2016-08-02 11:38:57 -0700 | [diff] [blame] | 1188 | ArrayList<String> list = new ArrayList<>(); |
Robert Greenwalt | 59b1a4e | 2011-05-10 15:05:02 -0700 | [diff] [blame] | 1189 | |
| 1190 | try { |
| 1191 | fstream = new FileInputStream(filename); |
| 1192 | DataInputStream in = new DataInputStream(fstream); |
| 1193 | BufferedReader br = new BufferedReader(new InputStreamReader(in)); |
| 1194 | String s; |
| 1195 | |
| 1196 | // throw away the title line |
| 1197 | |
| 1198 | while (((s = br.readLine()) != null) && (s.length() != 0)) { |
| 1199 | list.add(s); |
| 1200 | } |
| 1201 | } catch (IOException ex) { |
| 1202 | // return current list, possibly empty |
| 1203 | } finally { |
| 1204 | if (fstream != null) { |
| 1205 | try { |
| 1206 | fstream.close(); |
| 1207 | } catch (IOException ex) {} |
| 1208 | } |
| 1209 | } |
| 1210 | |
| 1211 | return list; |
| 1212 | } |
| 1213 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1214 | @Override |
sy.yun | 9d9b74a | 2013-09-02 05:24:09 +0900 | [diff] [blame] | 1215 | public void setMtu(String iface, int mtu) { |
| 1216 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 1217 | |
| 1218 | final NativeDaemonEvent event; |
| 1219 | try { |
| 1220 | event = mConnector.execute("interface", "setmtu", iface, mtu); |
| 1221 | } catch (NativeDaemonConnectorException e) { |
| 1222 | throw e.rethrowAsParcelableException(); |
| 1223 | } |
| 1224 | } |
| 1225 | |
| 1226 | @Override |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1227 | public void shutdown() { |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1228 | // TODO: remove from aidl if nobody calls externally |
| 1229 | mContext.enforceCallingOrSelfPermission(SHUTDOWN, TAG); |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1230 | |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 1231 | Slog.i(TAG, "Shutting down"); |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1232 | } |
| 1233 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1234 | @Override |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1235 | public boolean getIpForwardingEnabled() throws IllegalStateException{ |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1236 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1237 | |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1238 | final NativeDaemonEvent event; |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1239 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1240 | event = mConnector.execute("ipfwd", "status"); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1241 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1242 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1243 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1244 | |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1245 | // 211 Forwarding enabled |
| 1246 | event.checkCode(IpFwdStatusResult); |
| 1247 | return event.getMessage().endsWith("enabled"); |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1248 | } |
| 1249 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1250 | @Override |
| 1251 | public void setIpForwardingEnabled(boolean enable) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1252 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1253 | try { |
Nilesh Poddar | f3d4a58 | 2015-02-24 12:11:11 -0800 | [diff] [blame] | 1254 | mConnector.execute("ipfwd", enable ? "enable" : "disable", "tethering"); |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1255 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1256 | throw e.rethrowAsParcelableException(); |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1257 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1258 | } |
| 1259 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1260 | @Override |
| 1261 | public void startTethering(String[] dhcpRange) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1262 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Robert Greenwalt | bfb7bfa | 2010-03-24 16:03:21 -0700 | [diff] [blame] | 1263 | // cmd is "tether start first_start first_stop second_start second_stop ..." |
| 1264 | // an odd number of addrs will fail |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1265 | |
| 1266 | final Command cmd = new Command("tether", "start"); |
Robert Greenwalt | bfb7bfa | 2010-03-24 16:03:21 -0700 | [diff] [blame] | 1267 | for (String d : dhcpRange) { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1268 | cmd.appendArg(d); |
Robert Greenwalt | bfb7bfa | 2010-03-24 16:03:21 -0700 | [diff] [blame] | 1269 | } |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1270 | |
| 1271 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1272 | mConnector.execute(cmd); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1273 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1274 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1275 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1276 | } |
| 1277 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1278 | @Override |
| 1279 | public void stopTethering() { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1280 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1281 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1282 | mConnector.execute("tether", "stop"); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1283 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1284 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1285 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1286 | } |
| 1287 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1288 | @Override |
| 1289 | public boolean isTetheringStarted() { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1290 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1291 | |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1292 | final NativeDaemonEvent event; |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1293 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1294 | event = mConnector.execute("tether", "status"); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1295 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1296 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1297 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1298 | |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1299 | // 210 Tethering services started |
| 1300 | event.checkCode(TetherStatusResult); |
| 1301 | return event.getMessage().endsWith("started"); |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1302 | } |
Matthew Xie | fe19f12 | 2012-07-12 16:03:32 -0700 | [diff] [blame] | 1303 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1304 | @Override |
| 1305 | public void tetherInterface(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1306 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1307 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1308 | mConnector.execute("tether", "interface", "add", iface); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1309 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1310 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1311 | } |
Christopher Wiley | 212b95f | 2016-08-02 11:38:57 -0700 | [diff] [blame] | 1312 | List<RouteInfo> routes = new ArrayList<>(); |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 1313 | // The RouteInfo constructor truncates the LinkAddress to a network prefix, thus making it |
| 1314 | // suitable to use as a route destination. |
| 1315 | routes.add(new RouteInfo(getInterfaceConfig(iface).getLinkAddress(), null, iface)); |
| 1316 | addInterfaceToLocalNetwork(iface, routes); |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1317 | } |
| 1318 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1319 | @Override |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1320 | public void untetherInterface(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1321 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1322 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1323 | mConnector.execute("tether", "interface", "remove", iface); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1324 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1325 | throw e.rethrowAsParcelableException(); |
Erik Kline | 1f4278a | 2016-08-16 16:46:33 +0900 | [diff] [blame] | 1326 | } finally { |
| 1327 | removeInterfaceFromLocalNetwork(iface); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1328 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1329 | } |
| 1330 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1331 | @Override |
| 1332 | public String[] listTetheredInterfaces() { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1333 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1334 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1335 | return NativeDaemonEvent.filterMessageList( |
| 1336 | mConnector.executeForList("tether", "interface", "list"), |
| 1337 | TetherInterfaceListResult); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1338 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1339 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1340 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1341 | } |
| 1342 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1343 | @Override |
Lorenzo Colitti | b57edc5 | 2014-08-22 17:10:50 -0700 | [diff] [blame] | 1344 | public void setDnsForwarders(Network network, String[] dns) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1345 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1346 | |
Lorenzo Colitti | b57edc5 | 2014-08-22 17:10:50 -0700 | [diff] [blame] | 1347 | int netId = (network != null) ? network.netId : ConnectivityManager.NETID_UNSET; |
| 1348 | final Command cmd = new Command("tether", "dns", "set", netId); |
| 1349 | |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1350 | for (String s : dns) { |
| 1351 | cmd.appendArg(NetworkUtils.numericToInetAddress(s).getHostAddress()); |
| 1352 | } |
| 1353 | |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1354 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1355 | mConnector.execute(cmd); |
| 1356 | } catch (NativeDaemonConnectorException e) { |
| 1357 | throw e.rethrowAsParcelableException(); |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1358 | } |
| 1359 | } |
| 1360 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1361 | @Override |
| 1362 | public String[] getDnsForwarders() { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1363 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1364 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1365 | return NativeDaemonEvent.filterMessageList( |
| 1366 | mConnector.executeForList("tether", "dns", "list"), TetherDnsFwdTgtListResult); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1367 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1368 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1369 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1370 | } |
| 1371 | |
jiaguo | 1da35f7 | 2014-01-09 16:39:59 +0800 | [diff] [blame] | 1372 | private List<InterfaceAddress> excludeLinkLocal(List<InterfaceAddress> addresses) { |
Christopher Wiley | 212b95f | 2016-08-02 11:38:57 -0700 | [diff] [blame] | 1373 | ArrayList<InterfaceAddress> filtered = new ArrayList<>(addresses.size()); |
jiaguo | 1da35f7 | 2014-01-09 16:39:59 +0800 | [diff] [blame] | 1374 | for (InterfaceAddress ia : addresses) { |
| 1375 | if (!ia.getAddress().isLinkLocalAddress()) |
| 1376 | filtered.add(ia); |
| 1377 | } |
| 1378 | return filtered; |
| 1379 | } |
| 1380 | |
Lorenzo Colitti | 35e36db | 2015-02-26 01:25:36 +0900 | [diff] [blame] | 1381 | private void modifyInterfaceForward(boolean add, String fromIface, String toIface) { |
| 1382 | final Command cmd = new Command("ipfwd", add ? "add" : "remove", fromIface, toIface); |
| 1383 | try { |
| 1384 | mConnector.execute(cmd); |
| 1385 | } catch (NativeDaemonConnectorException e) { |
| 1386 | throw e.rethrowAsParcelableException(); |
| 1387 | } |
| 1388 | } |
| 1389 | |
| 1390 | @Override |
| 1391 | public void startInterfaceForwarding(String fromIface, String toIface) { |
| 1392 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 1393 | modifyInterfaceForward(true, fromIface, toIface); |
| 1394 | } |
| 1395 | |
| 1396 | @Override |
| 1397 | public void stopInterfaceForwarding(String fromIface, String toIface) { |
| 1398 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 1399 | modifyInterfaceForward(false, fromIface, toIface); |
| 1400 | } |
| 1401 | |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1402 | private void modifyNat(String action, String internalInterface, String externalInterface) |
Robert Greenwalt | 3b28e9a | 2011-11-02 14:37:19 -0700 | [diff] [blame] | 1403 | throws SocketException { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1404 | final Command cmd = new Command("nat", action, internalInterface, externalInterface); |
Robert Greenwalt | 3b28e9a | 2011-11-02 14:37:19 -0700 | [diff] [blame] | 1405 | |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1406 | final NetworkInterface internalNetworkInterface = NetworkInterface.getByName( |
| 1407 | internalInterface); |
Robert Greenwalt | e83d181 | 2011-11-21 14:44:39 -0800 | [diff] [blame] | 1408 | if (internalNetworkInterface == null) { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1409 | cmd.appendArg("0"); |
Robert Greenwalt | e83d181 | 2011-11-21 14:44:39 -0800 | [diff] [blame] | 1410 | } else { |
jiaguo | 1da35f7 | 2014-01-09 16:39:59 +0800 | [diff] [blame] | 1411 | // Don't touch link-local routes, as link-local addresses aren't routable, |
| 1412 | // kernel creates link-local routes on all interfaces automatically |
| 1413 | List<InterfaceAddress> interfaceAddresses = excludeLinkLocal( |
| 1414 | internalNetworkInterface.getInterfaceAddresses()); |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1415 | cmd.appendArg(interfaceAddresses.size()); |
Robert Greenwalt | e83d181 | 2011-11-21 14:44:39 -0800 | [diff] [blame] | 1416 | for (InterfaceAddress ia : interfaceAddresses) { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1417 | InetAddress addr = NetworkUtils.getNetworkPart( |
| 1418 | ia.getAddress(), ia.getNetworkPrefixLength()); |
| 1419 | cmd.appendArg(addr.getHostAddress() + "/" + ia.getNetworkPrefixLength()); |
Robert Greenwalt | e83d181 | 2011-11-21 14:44:39 -0800 | [diff] [blame] | 1420 | } |
Robert Greenwalt | 3b28e9a | 2011-11-02 14:37:19 -0700 | [diff] [blame] | 1421 | } |
| 1422 | |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1423 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1424 | mConnector.execute(cmd); |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1425 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1426 | throw e.rethrowAsParcelableException(); |
Jeff Sharkey | 31c6e48 | 2011-11-18 17:09:01 -0800 | [diff] [blame] | 1427 | } |
Robert Greenwalt | 3b28e9a | 2011-11-02 14:37:19 -0700 | [diff] [blame] | 1428 | } |
| 1429 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1430 | @Override |
| 1431 | public void enableNat(String internalInterface, String externalInterface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1432 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1433 | try { |
Robert Greenwalt | 3b28e9a | 2011-11-02 14:37:19 -0700 | [diff] [blame] | 1434 | modifyNat("enable", internalInterface, externalInterface); |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1435 | } catch (SocketException e) { |
| 1436 | throw new IllegalStateException(e); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1437 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1438 | } |
| 1439 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1440 | @Override |
| 1441 | public void disableNat(String internalInterface, String externalInterface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1442 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1443 | try { |
Robert Greenwalt | 3b28e9a | 2011-11-02 14:37:19 -0700 | [diff] [blame] | 1444 | modifyNat("disable", internalInterface, externalInterface); |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1445 | } catch (SocketException e) { |
| 1446 | throw new IllegalStateException(e); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1447 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 1448 | } |
San Mehat | 72759df | 2010-01-19 13:50:37 -0800 | [diff] [blame] | 1449 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1450 | @Override |
| 1451 | public String[] listTtys() { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1452 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1453 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1454 | return NativeDaemonEvent.filterMessageList( |
| 1455 | mConnector.executeForList("list_ttys"), TtyListResult); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1456 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1457 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1458 | } |
San Mehat | 72759df | 2010-01-19 13:50:37 -0800 | [diff] [blame] | 1459 | } |
| 1460 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1461 | @Override |
| 1462 | public void attachPppd( |
| 1463 | String tty, String localAddr, String remoteAddr, String dns1Addr, String dns2Addr) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1464 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
San Mehat | 72759df | 2010-01-19 13:50:37 -0800 | [diff] [blame] | 1465 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1466 | mConnector.execute("pppd", "attach", tty, |
Robert Greenwalt | e590373 | 2011-02-22 16:00:42 -0800 | [diff] [blame] | 1467 | NetworkUtils.numericToInetAddress(localAddr).getHostAddress(), |
| 1468 | NetworkUtils.numericToInetAddress(remoteAddr).getHostAddress(), |
| 1469 | NetworkUtils.numericToInetAddress(dns1Addr).getHostAddress(), |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1470 | NetworkUtils.numericToInetAddress(dns2Addr).getHostAddress()); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1471 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1472 | throw e.rethrowAsParcelableException(); |
San Mehat | 72759df | 2010-01-19 13:50:37 -0800 | [diff] [blame] | 1473 | } |
| 1474 | } |
| 1475 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1476 | @Override |
| 1477 | public void detachPppd(String tty) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1478 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1479 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1480 | mConnector.execute("pppd", "detach", tty); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1481 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1482 | throw e.rethrowAsParcelableException(); |
Kenny Root | a80ce06 | 2010-06-01 13:23:53 -0700 | [diff] [blame] | 1483 | } |
San Mehat | 72759df | 2010-01-19 13:50:37 -0800 | [diff] [blame] | 1484 | } |
Robert Greenwalt | ce1200d | 2010-02-18 11:25:54 -0800 | [diff] [blame] | 1485 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1486 | @Override |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1487 | public void addIdleTimer(String iface, int timeout, final int type) { |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 1488 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 1489 | |
| 1490 | if (DBG) Slog.d(TAG, "Adding idletimer"); |
| 1491 | |
| 1492 | synchronized (mIdleTimerLock) { |
| 1493 | IdleTimerParams params = mActiveIdleTimers.get(iface); |
| 1494 | if (params != null) { |
| 1495 | // the interface already has idletimer, update network count |
| 1496 | params.networkCount++; |
| 1497 | return; |
| 1498 | } |
| 1499 | |
| 1500 | try { |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1501 | mConnector.execute("idletimer", "add", iface, Integer.toString(timeout), |
| 1502 | Integer.toString(type)); |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 1503 | } catch (NativeDaemonConnectorException e) { |
| 1504 | throw e.rethrowAsParcelableException(); |
| 1505 | } |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1506 | mActiveIdleTimers.put(iface, new IdleTimerParams(timeout, type)); |
| 1507 | |
Dianne Hackborn | e13c4c0 | 2014-02-11 17:18:35 -0800 | [diff] [blame] | 1508 | // Networks start up. |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1509 | if (ConnectivityManager.isNetworkTypeMobile(type)) { |
| 1510 | mNetworkActive = false; |
| 1511 | } |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 1512 | mDaemonHandler.post(new Runnable() { |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1513 | @Override public void run() { |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 1514 | notifyInterfaceClassActivity(type, |
| 1515 | DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH, |
Ruchi Kandoi | fa97fcf | 2016-05-13 15:10:39 -0700 | [diff] [blame] | 1516 | SystemClock.elapsedRealtimeNanos(), -1, false); |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1517 | } |
| 1518 | }); |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 1519 | } |
| 1520 | } |
| 1521 | |
| 1522 | @Override |
| 1523 | public void removeIdleTimer(String iface) { |
| 1524 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 1525 | |
| 1526 | if (DBG) Slog.d(TAG, "Removing idletimer"); |
| 1527 | |
| 1528 | synchronized (mIdleTimerLock) { |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1529 | final IdleTimerParams params = mActiveIdleTimers.get(iface); |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 1530 | if (params == null || --(params.networkCount) > 0) { |
| 1531 | return; |
| 1532 | } |
| 1533 | |
| 1534 | try { |
| 1535 | mConnector.execute("idletimer", "remove", iface, |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1536 | Integer.toString(params.timeout), Integer.toString(params.type)); |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 1537 | } catch (NativeDaemonConnectorException e) { |
| 1538 | throw e.rethrowAsParcelableException(); |
| 1539 | } |
| 1540 | mActiveIdleTimers.remove(iface); |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 1541 | mDaemonHandler.post(new Runnable() { |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1542 | @Override public void run() { |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 1543 | notifyInterfaceClassActivity(params.type, |
| 1544 | DataConnectionRealTimeInfo.DC_POWER_STATE_LOW, |
Ruchi Kandoi | fa97fcf | 2016-05-13 15:10:39 -0700 | [diff] [blame] | 1545 | SystemClock.elapsedRealtimeNanos(), -1, false); |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 1546 | } |
| 1547 | }); |
Haoyu Bai | 0412423 | 2012-06-28 15:26:19 -0700 | [diff] [blame] | 1548 | } |
| 1549 | } |
| 1550 | |
| 1551 | @Override |
Jeff Sharkey | e8914c3 | 2012-05-01 16:26:09 -0700 | [diff] [blame] | 1552 | public NetworkStats getNetworkStatsSummaryDev() { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1553 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 9a2c2a6 | 2013-01-14 16:48:51 -0800 | [diff] [blame] | 1554 | try { |
| 1555 | return mStatsFactory.readNetworkStatsSummaryDev(); |
| 1556 | } catch (IOException e) { |
| 1557 | throw new IllegalStateException(e); |
| 1558 | } |
Jeff Sharkey | e8914c3 | 2012-05-01 16:26:09 -0700 | [diff] [blame] | 1559 | } |
| 1560 | |
| 1561 | @Override |
| 1562 | public NetworkStats getNetworkStatsSummaryXt() { |
| 1563 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 9a2c2a6 | 2013-01-14 16:48:51 -0800 | [diff] [blame] | 1564 | try { |
| 1565 | return mStatsFactory.readNetworkStatsSummaryXt(); |
| 1566 | } catch (IOException e) { |
| 1567 | throw new IllegalStateException(e); |
| 1568 | } |
Jeff Sharkey | ae2c181 | 2011-10-04 13:11:40 -0700 | [diff] [blame] | 1569 | } |
| 1570 | |
Jeff Sharkey | eedcb95 | 2011-05-17 14:55:15 -0700 | [diff] [blame] | 1571 | @Override |
Jeff Sharkey | 9a13f36 | 2011-04-26 16:25:36 -0700 | [diff] [blame] | 1572 | public NetworkStats getNetworkStatsDetail() { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1573 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 9a2c2a6 | 2013-01-14 16:48:51 -0800 | [diff] [blame] | 1574 | try { |
Dianne Hackborn | d0c5b9a | 2014-02-21 16:19:05 -0800 | [diff] [blame] | 1575 | return mStatsFactory.readNetworkStatsDetail(UID_ALL, null, TAG_ALL, null); |
Jeff Sharkey | 9a2c2a6 | 2013-01-14 16:48:51 -0800 | [diff] [blame] | 1576 | } catch (IOException e) { |
| 1577 | throw new IllegalStateException(e); |
| 1578 | } |
San Mehat | 91cac64 | 2010-03-31 14:31:36 -0700 | [diff] [blame] | 1579 | } |
| 1580 | |
Jeff Sharkey | eedcb95 | 2011-05-17 14:55:15 -0700 | [diff] [blame] | 1581 | @Override |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1582 | public void setInterfaceQuota(String iface, long quotaBytes) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1583 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1584 | |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 1585 | // silently discard when control disabled |
| 1586 | // TODO: eventually migrate to be always enabled |
| 1587 | if (!mBandwidthControlEnabled) return; |
| 1588 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1589 | synchronized (mQuotaLock) { |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1590 | if (mActiveQuotas.containsKey(iface)) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1591 | throw new IllegalStateException("iface " + iface + " already has quota"); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1592 | } |
| 1593 | |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1594 | try { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1595 | // TODO: support quota shared across interfaces |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1596 | mConnector.execute("bandwidth", "setiquota", iface, quotaBytes); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1597 | mActiveQuotas.put(iface, quotaBytes); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1598 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1599 | throw e.rethrowAsParcelableException(); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1600 | } |
Lorenzo Colitti | 50b60fc | 2017-08-11 13:47:49 +0900 | [diff] [blame] | 1601 | |
| 1602 | synchronized (mTetheringStatsProviders) { |
| 1603 | for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) { |
| 1604 | try { |
| 1605 | provider.setInterfaceQuota(iface, quotaBytes); |
| 1606 | } catch (RemoteException e) { |
| 1607 | Log.e(TAG, "Problem setting tethering data limit on provider " + |
| 1608 | mTetheringStatsProviders.get(provider) + ": " + e); |
| 1609 | } |
| 1610 | } |
| 1611 | } |
Ashish Sharma | 50fd36d | 2011-06-15 19:34:53 -0700 | [diff] [blame] | 1612 | } |
| 1613 | } |
| 1614 | |
| 1615 | @Override |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1616 | public void removeInterfaceQuota(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1617 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1618 | |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 1619 | // silently discard when control disabled |
| 1620 | // TODO: eventually migrate to be always enabled |
| 1621 | if (!mBandwidthControlEnabled) return; |
| 1622 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1623 | synchronized (mQuotaLock) { |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1624 | if (!mActiveQuotas.containsKey(iface)) { |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1625 | // TODO: eventually consider throwing |
| 1626 | return; |
| 1627 | } |
| 1628 | |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1629 | mActiveQuotas.remove(iface); |
| 1630 | mActiveAlerts.remove(iface); |
Jeff Sharkey | 38ddeaa | 2011-11-08 13:04:22 -0800 | [diff] [blame] | 1631 | |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1632 | try { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1633 | // TODO: support quota shared across interfaces |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1634 | mConnector.execute("bandwidth", "removeiquota", iface); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1635 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1636 | throw e.rethrowAsParcelableException(); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1637 | } |
Lorenzo Colitti | 50b60fc | 2017-08-11 13:47:49 +0900 | [diff] [blame] | 1638 | |
| 1639 | synchronized (mTetheringStatsProviders) { |
| 1640 | for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) { |
| 1641 | try { |
| 1642 | provider.setInterfaceQuota(iface, ITetheringStatsProvider.QUOTA_UNLIMITED); |
| 1643 | } catch (RemoteException e) { |
| 1644 | Log.e(TAG, "Problem removing tethering data limit on provider " + |
| 1645 | mTetheringStatsProviders.get(provider) + ": " + e); |
| 1646 | } |
| 1647 | } |
| 1648 | } |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1649 | } |
| 1650 | } |
| 1651 | |
| 1652 | @Override |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1653 | public void setInterfaceAlert(String iface, long alertBytes) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1654 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1655 | |
| 1656 | // silently discard when control disabled |
| 1657 | // TODO: eventually migrate to be always enabled |
| 1658 | if (!mBandwidthControlEnabled) return; |
| 1659 | |
| 1660 | // quick sanity check |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1661 | if (!mActiveQuotas.containsKey(iface)) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1662 | throw new IllegalStateException("setting alert requires existing quota on iface"); |
| 1663 | } |
| 1664 | |
| 1665 | synchronized (mQuotaLock) { |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1666 | if (mActiveAlerts.containsKey(iface)) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1667 | throw new IllegalStateException("iface " + iface + " already has alert"); |
| 1668 | } |
| 1669 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1670 | try { |
| 1671 | // TODO: support alert shared across interfaces |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1672 | mConnector.execute("bandwidth", "setinterfacealert", iface, alertBytes); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1673 | mActiveAlerts.put(iface, alertBytes); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1674 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1675 | throw e.rethrowAsParcelableException(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1676 | } |
| 1677 | } |
| 1678 | } |
| 1679 | |
| 1680 | @Override |
| 1681 | public void removeInterfaceAlert(String iface) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1682 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1683 | |
| 1684 | // silently discard when control disabled |
| 1685 | // TODO: eventually migrate to be always enabled |
| 1686 | if (!mBandwidthControlEnabled) return; |
| 1687 | |
| 1688 | synchronized (mQuotaLock) { |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1689 | if (!mActiveAlerts.containsKey(iface)) { |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1690 | // TODO: eventually consider throwing |
| 1691 | return; |
| 1692 | } |
| 1693 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1694 | try { |
| 1695 | // TODO: support alert shared across interfaces |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1696 | mConnector.execute("bandwidth", "removeinterfacealert", iface); |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1697 | mActiveAlerts.remove(iface); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1698 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1699 | throw e.rethrowAsParcelableException(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1700 | } |
| 1701 | } |
| 1702 | } |
| 1703 | |
| 1704 | @Override |
| 1705 | public void setGlobalAlert(long alertBytes) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1706 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1707 | |
| 1708 | // silently discard when control disabled |
| 1709 | // TODO: eventually migrate to be always enabled |
| 1710 | if (!mBandwidthControlEnabled) return; |
| 1711 | |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1712 | try { |
Jeff Sharkey | ba2896e | 2011-11-30 18:13:54 -0800 | [diff] [blame] | 1713 | mConnector.execute("bandwidth", "setglobalalert", alertBytes); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1714 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1715 | throw e.rethrowAsParcelableException(); |
Jeff Sharkey | 41ff7ec | 2011-07-25 15:21:22 -0700 | [diff] [blame] | 1716 | } |
| 1717 | } |
| 1718 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 1719 | private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1720 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1721 | |
Jeff Sharkey | 350083e | 2011-06-29 10:45:16 -0700 | [diff] [blame] | 1722 | // silently discard when control disabled |
| 1723 | // TODO: eventually migrate to be always enabled |
| 1724 | if (!mBandwidthControlEnabled) return; |
| 1725 | |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 1726 | final String chain = blacklist ? "naughtyapps" : "niceapps"; |
| 1727 | final String suffix = enable ? "add" : "remove"; |
| 1728 | |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 1729 | synchronized (mQuotaLock) { |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 1730 | boolean oldEnable; |
| 1731 | SparseBooleanArray quotaList; |
| 1732 | synchronized (mRulesLock) { |
| 1733 | quotaList = blacklist ? mUidRejectOnMetered : mUidAllowOnMetered; |
| 1734 | oldEnable = quotaList.get(uid, false); |
| 1735 | } |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 1736 | if (oldEnable == enable) { |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1737 | // TODO: eventually consider throwing |
| 1738 | return; |
| 1739 | } |
| 1740 | |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 1741 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "inetd bandwidth"); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1742 | try { |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 1743 | mConnector.execute("bandwidth", suffix + chain, uid); |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 1744 | synchronized (mRulesLock) { |
| 1745 | if (enable) { |
| 1746 | quotaList.put(uid, true); |
| 1747 | } else { |
| 1748 | quotaList.delete(uid); |
| 1749 | } |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1750 | } |
| 1751 | } catch (NativeDaemonConnectorException e) { |
Jeff Sharkey | 276642b | 2011-12-01 11:24:24 -0800 | [diff] [blame] | 1752 | throw e.rethrowAsParcelableException(); |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 1753 | } finally { |
| 1754 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Jeff Sharkey | b3f19ca | 2011-06-29 23:54:13 -0700 | [diff] [blame] | 1755 | } |
Ashish Sharma | 50fd36d | 2011-06-15 19:34:53 -0700 | [diff] [blame] | 1756 | } |
| 1757 | } |
| 1758 | |
Jeff Sharkey | 63d27a9 | 2011-08-03 17:04:22 -0700 | [diff] [blame] | 1759 | @Override |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 1760 | public void setUidMeteredNetworkBlacklist(int uid, boolean enable) { |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 1761 | setUidOnMeteredNetworkList(uid, true, enable); |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 1762 | } |
| 1763 | |
| 1764 | @Override |
| 1765 | public void setUidMeteredNetworkWhitelist(int uid, boolean enable) { |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 1766 | setUidOnMeteredNetworkList(uid, false, enable); |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 1767 | } |
| 1768 | |
| 1769 | @Override |
| 1770 | public boolean setDataSaverModeEnabled(boolean enable) { |
| 1771 | if (DBG) Log.d(TAG, "setDataSaverMode: " + enable); |
| 1772 | synchronized (mQuotaLock) { |
| 1773 | if (mDataSaverMode == enable) { |
| 1774 | Log.w(TAG, "setDataSaverMode(): already " + mDataSaverMode); |
| 1775 | return true; |
| 1776 | } |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 1777 | Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "bandwidthEnableDataSaver"); |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 1778 | try { |
| 1779 | final boolean changed = mNetdService.bandwidthEnableDataSaver(enable); |
| 1780 | if (changed) { |
| 1781 | mDataSaverMode = enable; |
| 1782 | } else { |
| 1783 | Log.w(TAG, "setDataSaverMode(" + enable + "): netd command silently failed"); |
| 1784 | } |
| 1785 | return changed; |
| 1786 | } catch (RemoteException e) { |
| 1787 | Log.w(TAG, "setDataSaverMode(" + enable + "): netd command failed", e); |
| 1788 | return false; |
Felipe Leme | 29e72ea | 2016-09-08 13:26:55 -0700 | [diff] [blame] | 1789 | } finally { |
| 1790 | Trace.traceEnd(Trace.TRACE_TAG_NETWORK); |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 1791 | } |
| 1792 | } |
| 1793 | } |
| 1794 | |
| 1795 | @Override |
Robin Lee | 17e6183 | 2016-05-09 13:46:28 +0100 | [diff] [blame] | 1796 | public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges) |
| 1797 | throws ServiceSpecificException { |
| 1798 | try { |
| 1799 | mNetdService.networkRejectNonSecureVpn(add, uidRanges); |
| 1800 | } catch (ServiceSpecificException e) { |
| 1801 | Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")" |
| 1802 | + ": netd command failed", e); |
| 1803 | throw e; |
| 1804 | } catch (RemoteException e) { |
| 1805 | Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")" |
| 1806 | + ": netd command failed", e); |
| 1807 | throw e.rethrowAsRuntimeException(); |
| 1808 | } |
| 1809 | } |
| 1810 | |
Lorenzo Colitti | 8c253ad | 2017-07-19 00:23:44 +0900 | [diff] [blame] | 1811 | private void applyUidCleartextNetworkPolicy(int uid, int policy) { |
| 1812 | final String policyString; |
| 1813 | switch (policy) { |
| 1814 | case StrictMode.NETWORK_POLICY_ACCEPT: |
| 1815 | policyString = "accept"; |
| 1816 | break; |
| 1817 | case StrictMode.NETWORK_POLICY_LOG: |
| 1818 | policyString = "log"; |
| 1819 | break; |
| 1820 | case StrictMode.NETWORK_POLICY_REJECT: |
| 1821 | policyString = "reject"; |
| 1822 | break; |
| 1823 | default: |
| 1824 | throw new IllegalArgumentException("Unknown policy " + policy); |
| 1825 | } |
| 1826 | |
| 1827 | try { |
| 1828 | mConnector.execute("strict", "set_uid_cleartext_policy", uid, policyString); |
| 1829 | mUidCleartextPolicy.put(uid, policy); |
| 1830 | } catch (NativeDaemonConnectorException e) { |
| 1831 | throw e.rethrowAsParcelableException(); |
| 1832 | } |
| 1833 | } |
| 1834 | |
Robin Lee | 17e6183 | 2016-05-09 13:46:28 +0100 | [diff] [blame] | 1835 | @Override |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 1836 | public void setUidCleartextNetworkPolicy(int uid, int policy) { |
| 1837 | if (Binder.getCallingUid() != uid) { |
| 1838 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 1839 | } |
| 1840 | |
| 1841 | synchronized (mQuotaLock) { |
| 1842 | final int oldPolicy = mUidCleartextPolicy.get(uid, StrictMode.NETWORK_POLICY_ACCEPT); |
| 1843 | if (oldPolicy == policy) { |
Lorenzo Colitti | 8c253ad | 2017-07-19 00:23:44 +0900 | [diff] [blame] | 1844 | // This also ensures we won't needlessly apply an ACCEPT policy if we've just |
| 1845 | // enabled strict and the underlying iptables rules are empty. |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 1846 | return; |
| 1847 | } |
| 1848 | |
| 1849 | if (!mStrictEnabled) { |
| 1850 | // Module isn't enabled yet; stash the requested policy away to |
| 1851 | // apply later once the daemon is connected. |
| 1852 | mUidCleartextPolicy.put(uid, policy); |
| 1853 | return; |
| 1854 | } |
| 1855 | |
Lorenzo Colitti | 8c253ad | 2017-07-19 00:23:44 +0900 | [diff] [blame] | 1856 | // netd does not keep state on strict mode policies, and cannot replace a non-accept |
| 1857 | // policy without deleting it first. Rather than add state to netd, just always send |
| 1858 | // it an accept policy when switching between two non-accept policies. |
Lorenzo Colitti | 26364f1 | 2017-08-20 11:54:57 +0900 | [diff] [blame] | 1859 | // TODO: consider keeping state in netd so we can simplify this code. |
Lorenzo Colitti | 8c253ad | 2017-07-19 00:23:44 +0900 | [diff] [blame] | 1860 | if (oldPolicy != StrictMode.NETWORK_POLICY_ACCEPT && |
| 1861 | policy != StrictMode.NETWORK_POLICY_ACCEPT) { |
Lorenzo Colitti | 26364f1 | 2017-08-20 11:54:57 +0900 | [diff] [blame] | 1862 | applyUidCleartextNetworkPolicy(uid, StrictMode.NETWORK_POLICY_ACCEPT); |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 1863 | } |
Lorenzo Colitti | 26364f1 | 2017-08-20 11:54:57 +0900 | [diff] [blame] | 1864 | |
| 1865 | applyUidCleartextNetworkPolicy(uid, policy); |
Jeff Sharkey | 605eb79 | 2014-11-04 13:34:06 -0800 | [diff] [blame] | 1866 | } |
| 1867 | } |
| 1868 | |
| 1869 | @Override |
Jeff Sharkey | 63d27a9 | 2011-08-03 17:04:22 -0700 | [diff] [blame] | 1870 | public boolean isBandwidthControlEnabled() { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1871 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 63d27a9 | 2011-08-03 17:04:22 -0700 | [diff] [blame] | 1872 | return mBandwidthControlEnabled; |
| 1873 | } |
| 1874 | |
| 1875 | @Override |
Jeff Sharkey | eedcb95 | 2011-05-17 14:55:15 -0700 | [diff] [blame] | 1876 | public NetworkStats getNetworkStatsUidDetail(int uid) { |
Jeff Sharkey | 4529bb6 | 2011-12-14 10:31:54 -0800 | [diff] [blame] | 1877 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Jeff Sharkey | 9a2c2a6 | 2013-01-14 16:48:51 -0800 | [diff] [blame] | 1878 | try { |
Dianne Hackborn | d0c5b9a | 2014-02-21 16:19:05 -0800 | [diff] [blame] | 1879 | return mStatsFactory.readNetworkStatsDetail(uid, null, TAG_ALL, null); |
Jeff Sharkey | 9a2c2a6 | 2013-01-14 16:48:51 -0800 | [diff] [blame] | 1880 | } catch (IOException e) { |
| 1881 | throw new IllegalStateException(e); |
| 1882 | } |
Jeff Sharkey | eedcb95 | 2011-05-17 14:55:15 -0700 | [diff] [blame] | 1883 | } |
| 1884 | |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 1885 | private class NetdTetheringStatsProvider extends ITetheringStatsProvider.Stub { |
| 1886 | @Override |
Lorenzo Colitti | 5356a35 | 2017-08-17 19:23:08 +0900 | [diff] [blame] | 1887 | public NetworkStats getTetherStats(int how) { |
| 1888 | // We only need to return per-UID stats. Per-device stats are already counted by |
| 1889 | // interface counters. |
| 1890 | if (how != STATS_PER_UID) { |
| 1891 | return new NetworkStats(SystemClock.elapsedRealtime(), 0); |
| 1892 | } |
| 1893 | |
Lorenzo Colitti | 563dc45 | 2017-09-01 17:12:34 +0900 | [diff] [blame] | 1894 | final PersistableBundle bundle; |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 1895 | try { |
Lorenzo Colitti | 563dc45 | 2017-09-01 17:12:34 +0900 | [diff] [blame] | 1896 | bundle = mNetdService.tetherGetStats(); |
| 1897 | } catch (RemoteException | ServiceSpecificException e) { |
| 1898 | throw new IllegalStateException("problem parsing tethering stats: ", e); |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 1899 | } |
Jeff Sharkey | e4984be | 2013-09-10 21:03:27 -0700 | [diff] [blame] | 1900 | |
Lorenzo Colitti | 563dc45 | 2017-09-01 17:12:34 +0900 | [diff] [blame] | 1901 | final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), |
| 1902 | bundle.size()); |
| 1903 | final NetworkStats.Entry entry = new NetworkStats.Entry(); |
| 1904 | |
| 1905 | for (String iface : bundle.keySet()) { |
| 1906 | long[] statsArray = bundle.getLongArray(iface); |
Jeff Sharkey | e4984be | 2013-09-10 21:03:27 -0700 | [diff] [blame] | 1907 | try { |
Lorenzo Colitti | 563dc45 | 2017-09-01 17:12:34 +0900 | [diff] [blame] | 1908 | entry.iface = iface; |
Jeff Sharkey | e4984be | 2013-09-10 21:03:27 -0700 | [diff] [blame] | 1909 | entry.uid = UID_TETHERING; |
| 1910 | entry.set = SET_DEFAULT; |
| 1911 | entry.tag = TAG_NONE; |
Lorenzo Colitti | 563dc45 | 2017-09-01 17:12:34 +0900 | [diff] [blame] | 1912 | entry.rxBytes = statsArray[INetd.TETHER_STATS_RX_BYTES]; |
| 1913 | entry.rxPackets = statsArray[INetd.TETHER_STATS_RX_PACKETS]; |
| 1914 | entry.txBytes = statsArray[INetd.TETHER_STATS_TX_BYTES]; |
| 1915 | entry.txPackets = statsArray[INetd.TETHER_STATS_TX_PACKETS]; |
Jeff Sharkey | e4984be | 2013-09-10 21:03:27 -0700 | [diff] [blame] | 1916 | stats.combineValues(entry); |
Lorenzo Colitti | 563dc45 | 2017-09-01 17:12:34 +0900 | [diff] [blame] | 1917 | } catch (ArrayIndexOutOfBoundsException e) { |
| 1918 | throw new IllegalStateException("invalid tethering stats for " + iface, e); |
Jeff Sharkey | e4984be | 2013-09-10 21:03:27 -0700 | [diff] [blame] | 1919 | } |
| 1920 | } |
Lorenzo Colitti | 563dc45 | 2017-09-01 17:12:34 +0900 | [diff] [blame] | 1921 | |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 1922 | return stats; |
| 1923 | } |
Lorenzo Colitti | 50b60fc | 2017-08-11 13:47:49 +0900 | [diff] [blame] | 1924 | |
| 1925 | @Override |
| 1926 | public void setInterfaceQuota(String iface, long quotaBytes) { |
| 1927 | // Do nothing. netd is already informed of quota changes in setInterfaceQuota. |
| 1928 | } |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 1929 | } |
| 1930 | |
| 1931 | @Override |
Lorenzo Colitti | 5356a35 | 2017-08-17 19:23:08 +0900 | [diff] [blame] | 1932 | public NetworkStats getNetworkStatsTethering(int how) { |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 1933 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 1934 | |
| 1935 | final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1); |
| 1936 | synchronized (mTetheringStatsProviders) { |
| 1937 | for (ITetheringStatsProvider provider: mTetheringStatsProviders.keySet()) { |
| 1938 | try { |
Lorenzo Colitti | 5356a35 | 2017-08-17 19:23:08 +0900 | [diff] [blame] | 1939 | stats.combineAllValues(provider.getTetherStats(how)); |
Lorenzo Colitti | 07f1304 | 2017-07-10 19:06:57 +0900 | [diff] [blame] | 1940 | } catch (RemoteException e) { |
| 1941 | Log.e(TAG, "Problem reading tethering stats from " + |
| 1942 | mTetheringStatsProviders.get(provider) + ": " + e); |
| 1943 | } |
| 1944 | } |
Jeff Sharkey | cdd02c5d | 2011-09-16 01:52:49 -0700 | [diff] [blame] | 1945 | } |
Jeff Sharkey | e4984be | 2013-09-10 21:03:27 -0700 | [diff] [blame] | 1946 | return stats; |
Jeff Sharkey | cdd02c5d | 2011-09-16 01:52:49 -0700 | [diff] [blame] | 1947 | } |
| 1948 | |
Jeff Sharkey | af75c33 | 2011-11-18 12:41:12 -0800 | [diff] [blame] | 1949 | @Override |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 1950 | public void setDnsConfigurationForNetwork(int netId, String[] servers, String domains) { |
| 1951 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 1952 | |
Erik Kline | 4d09223 | 2017-10-30 15:29:44 +0900 | [diff] [blame] | 1953 | final ContentResolver cr = mContext.getContentResolver(); |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 1954 | |
Erik Kline | 4d09223 | 2017-10-30 15:29:44 +0900 | [diff] [blame] | 1955 | int sampleValidity = Settings.Global.getInt(cr, |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 1956 | Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS, |
| 1957 | DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS); |
| 1958 | if (sampleValidity < 0 || sampleValidity > 65535) { |
| 1959 | Slog.w(TAG, "Invalid sampleValidity=" + sampleValidity + ", using default=" + |
| 1960 | DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS); |
| 1961 | sampleValidity = DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS; |
| 1962 | } |
| 1963 | |
Erik Kline | 4d09223 | 2017-10-30 15:29:44 +0900 | [diff] [blame] | 1964 | int successThreshold = Settings.Global.getInt(cr, |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 1965 | Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT, |
| 1966 | DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT); |
| 1967 | if (successThreshold < 0 || successThreshold > 100) { |
| 1968 | Slog.w(TAG, "Invalid successThreshold=" + successThreshold + ", using default=" + |
| 1969 | DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT); |
| 1970 | successThreshold = DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT; |
| 1971 | } |
| 1972 | |
Erik Kline | 4d09223 | 2017-10-30 15:29:44 +0900 | [diff] [blame] | 1973 | int minSamples = Settings.Global.getInt(cr, |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 1974 | Settings.Global.DNS_RESOLVER_MIN_SAMPLES, DNS_RESOLVER_DEFAULT_MIN_SAMPLES); |
Erik Kline | 4d09223 | 2017-10-30 15:29:44 +0900 | [diff] [blame] | 1975 | int maxSamples = Settings.Global.getInt(cr, |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 1976 | Settings.Global.DNS_RESOLVER_MAX_SAMPLES, DNS_RESOLVER_DEFAULT_MAX_SAMPLES); |
| 1977 | if (minSamples < 0 || minSamples > maxSamples || maxSamples > 64) { |
| 1978 | Slog.w(TAG, "Invalid sample count (min, max)=(" + minSamples + ", " + maxSamples + |
| 1979 | "), using default=(" + DNS_RESOLVER_DEFAULT_MIN_SAMPLES + ", " + |
| 1980 | DNS_RESOLVER_DEFAULT_MAX_SAMPLES + ")"); |
| 1981 | minSamples = DNS_RESOLVER_DEFAULT_MIN_SAMPLES; |
| 1982 | maxSamples = DNS_RESOLVER_DEFAULT_MAX_SAMPLES; |
| 1983 | } |
| 1984 | |
| 1985 | final String[] domainStrs = domains == null ? new String[0] : domains.split(" "); |
| 1986 | final int[] params = { sampleValidity, successThreshold, minSamples, maxSamples }; |
Erik Kline | 4d09223 | 2017-10-30 15:29:44 +0900 | [diff] [blame] | 1987 | final boolean useTls = shouldUseTls(cr); |
| 1988 | // TODO: Populate tlsHostname once it's decided how the hostname's IP |
| 1989 | // addresses will be resolved: |
| 1990 | // |
| 1991 | // [1] network-provided DNS servers are included here with the |
| 1992 | // hostname and netd will use the network-provided servers to |
| 1993 | // resolve the hostname and fix up its internal structures, or |
| 1994 | // |
| 1995 | // [2] network-provided DNS servers are included here without the |
| 1996 | // hostname, the ConnectivityService layer resolves the given |
| 1997 | // hostname, and then reconfigures netd with this information. |
| 1998 | // |
| 1999 | // In practice, there will always be a need for ConnectivityService or |
| 2000 | // the captive portal app to use the network-provided services to make |
| 2001 | // some queries. This argues in favor of [1], in concert with another |
| 2002 | // mechanism, perhaps setting a high bit in the netid, to indicate |
| 2003 | // via existing DNS APIs which set of servers (network-provided or |
| 2004 | // non-network-provided private DNS) should be queried. |
Ben Schwartz | 6ec28df | 2017-10-02 13:08:06 -0400 | [diff] [blame] | 2005 | final String tlsHostname = ""; |
| 2006 | final String[] tlsFingerprints = new String[0]; |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 2007 | try { |
Ben Schwartz | 6ec28df | 2017-10-02 13:08:06 -0400 | [diff] [blame] | 2008 | mNetdService.setResolverConfiguration(netId, servers, domainStrs, params, |
| 2009 | useTls, tlsHostname, tlsFingerprints); |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 2010 | } catch (RemoteException e) { |
| 2011 | throw new RuntimeException(e); |
| 2012 | } |
| 2013 | } |
| 2014 | |
Erik Kline | 4d09223 | 2017-10-30 15:29:44 +0900 | [diff] [blame] | 2015 | private static boolean shouldUseTls(ContentResolver cr) { |
| 2016 | String privateDns = Settings.Global.getString(cr, Settings.Global.PRIVATE_DNS_MODE); |
| 2017 | if (TextUtils.isEmpty(privateDns)) { |
| 2018 | privateDns = PRIVATE_DNS_DEFAULT_MODE; |
| 2019 | } |
| 2020 | return privateDns.equals(PRIVATE_DNS_MODE_OPPORTUNISTIC) || |
| 2021 | privateDns.startsWith(PRIVATE_DNS_MODE_PROVIDER_HOSTNAME); |
| 2022 | } |
| 2023 | |
Pierre Imai | 8e48e67 | 2016-04-21 13:30:43 +0900 | [diff] [blame] | 2024 | @Override |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 2025 | public void addVpnUidRanges(int netId, UidRange[] ranges) { |
Chad Brubaker | 3277620a | 2013-06-12 13:37:30 -0700 | [diff] [blame] | 2026 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 2027 | Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND]; |
| 2028 | argv[0] = "users"; |
| 2029 | argv[1] = "add"; |
| 2030 | argv[2] = netId; |
| 2031 | int argc = 3; |
| 2032 | // Avoid overly long commands by limiting number of UID ranges per command. |
| 2033 | for (int i = 0; i < ranges.length; i++) { |
| 2034 | argv[argc++] = ranges[i].toString(); |
| 2035 | if (i == (ranges.length - 1) || argc == argv.length) { |
| 2036 | try { |
| 2037 | mConnector.execute("network", Arrays.copyOf(argv, argc)); |
| 2038 | } catch (NativeDaemonConnectorException e) { |
| 2039 | throw e.rethrowAsParcelableException(); |
| 2040 | } |
| 2041 | argc = 3; |
| 2042 | } |
Chad Brubaker | 3277620a | 2013-06-12 13:37:30 -0700 | [diff] [blame] | 2043 | } |
| 2044 | } |
| 2045 | |
| 2046 | @Override |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 2047 | public void removeVpnUidRanges(int netId, UidRange[] ranges) { |
Chad Brubaker | 3277620a | 2013-06-12 13:37:30 -0700 | [diff] [blame] | 2048 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 2049 | Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND]; |
| 2050 | argv[0] = "users"; |
| 2051 | argv[1] = "remove"; |
| 2052 | argv[2] = netId; |
| 2053 | int argc = 3; |
| 2054 | // Avoid overly long commands by limiting number of UID ranges per command. |
| 2055 | for (int i = 0; i < ranges.length; i++) { |
| 2056 | argv[argc++] = ranges[i].toString(); |
| 2057 | if (i == (ranges.length - 1) || argc == argv.length) { |
| 2058 | try { |
| 2059 | mConnector.execute("network", Arrays.copyOf(argv, argc)); |
| 2060 | } catch (NativeDaemonConnectorException e) { |
| 2061 | throw e.rethrowAsParcelableException(); |
| 2062 | } |
| 2063 | argc = 3; |
| 2064 | } |
Chad Brubaker | cca54c4 | 2013-06-27 17:41:38 -0700 | [diff] [blame] | 2065 | } |
| 2066 | } |
| 2067 | |
| 2068 | @Override |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2069 | public void setFirewallEnabled(boolean enabled) { |
Jeff Sharkey | f56e243 | 2012-09-06 17:54:29 -0700 | [diff] [blame] | 2070 | enforceSystemUid(); |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2071 | try { |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 2072 | mConnector.execute("firewall", "enable", enabled ? "whitelist" : "blacklist"); |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2073 | mFirewallEnabled = enabled; |
| 2074 | } catch (NativeDaemonConnectorException e) { |
| 2075 | throw e.rethrowAsParcelableException(); |
| 2076 | } |
| 2077 | } |
| 2078 | |
| 2079 | @Override |
| 2080 | public boolean isFirewallEnabled() { |
Jeff Sharkey | f56e243 | 2012-09-06 17:54:29 -0700 | [diff] [blame] | 2081 | enforceSystemUid(); |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2082 | return mFirewallEnabled; |
| 2083 | } |
| 2084 | |
| 2085 | @Override |
Jeff Sharkey | 2c09298 | 2012-08-24 11:44:40 -0700 | [diff] [blame] | 2086 | public void setFirewallInterfaceRule(String iface, boolean allow) { |
Jeff Sharkey | f56e243 | 2012-09-06 17:54:29 -0700 | [diff] [blame] | 2087 | enforceSystemUid(); |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2088 | Preconditions.checkState(mFirewallEnabled); |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 2089 | final String rule = allow ? "allow" : "deny"; |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2090 | try { |
| 2091 | mConnector.execute("firewall", "set_interface_rule", iface, rule); |
| 2092 | } catch (NativeDaemonConnectorException e) { |
| 2093 | throw e.rethrowAsParcelableException(); |
| 2094 | } |
| 2095 | } |
| 2096 | |
Lorenzo Colitti | 3fef723 | 2016-04-29 18:00:03 +0900 | [diff] [blame] | 2097 | private void closeSocketsForFirewallChainLocked(int chain, String chainName) { |
Lorenzo Colitti | 4cb4240 | 2016-04-24 12:52:00 +0900 | [diff] [blame] | 2098 | // UID ranges to close sockets on. |
| 2099 | UidRange[] ranges; |
| 2100 | // UID ranges whose sockets we won't touch. |
| 2101 | int[] exemptUids; |
| 2102 | |
Lorenzo Colitti | 4cb4240 | 2016-04-24 12:52:00 +0900 | [diff] [blame] | 2103 | int numUids = 0; |
| 2104 | |
| 2105 | if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) { |
| 2106 | // Close all sockets on all non-system UIDs... |
| 2107 | ranges = new UidRange[] { |
| 2108 | // TODO: is there a better way of finding all existing users? If so, we could |
| 2109 | // specify their ranges here. |
| 2110 | new UidRange(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE), |
| 2111 | }; |
| 2112 | // ... except for the UIDs that have allow rules. |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2113 | synchronized (mRulesLock) { |
| 2114 | final SparseIntArray rules = getUidFirewallRulesLR(chain); |
| 2115 | exemptUids = new int[rules.size()]; |
| 2116 | for (int i = 0; i < exemptUids.length; i++) { |
| 2117 | if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_ALLOW) { |
| 2118 | exemptUids[numUids] = rules.keyAt(i); |
| 2119 | numUids++; |
| 2120 | } |
Lorenzo Colitti | 4cb4240 | 2016-04-24 12:52:00 +0900 | [diff] [blame] | 2121 | } |
| 2122 | } |
| 2123 | // Normally, whitelist chains only contain deny rules, so numUids == exemptUids.length. |
| 2124 | // But the code does not guarantee this in any way, and at least in one case - if we add |
| 2125 | // a UID rule to the firewall, and then disable the firewall - the chains can contain |
| 2126 | // the wrong type of rule. In this case, don't close connections that we shouldn't. |
| 2127 | // |
| 2128 | // TODO: tighten up this code by ensuring we never set the wrong type of rule, and |
| 2129 | // fix setFirewallEnabled to grab mQuotaLock and clear rules. |
| 2130 | if (numUids != exemptUids.length) { |
| 2131 | exemptUids = Arrays.copyOf(exemptUids, numUids); |
| 2132 | } |
| 2133 | } else { |
| 2134 | // Close sockets for every UID that has a deny rule... |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2135 | synchronized (mRulesLock) { |
| 2136 | final SparseIntArray rules = getUidFirewallRulesLR(chain); |
| 2137 | ranges = new UidRange[rules.size()]; |
| 2138 | for (int i = 0; i < ranges.length; i++) { |
| 2139 | if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_DENY) { |
| 2140 | int uid = rules.keyAt(i); |
| 2141 | ranges[numUids] = new UidRange(uid, uid); |
| 2142 | numUids++; |
| 2143 | } |
Lorenzo Colitti | 4cb4240 | 2016-04-24 12:52:00 +0900 | [diff] [blame] | 2144 | } |
| 2145 | } |
| 2146 | // As above; usually numUids == ranges.length, but not always. |
| 2147 | if (numUids != ranges.length) { |
| 2148 | ranges = Arrays.copyOf(ranges, numUids); |
| 2149 | } |
| 2150 | // ... with no exceptions. |
| 2151 | exemptUids = new int[0]; |
| 2152 | } |
| 2153 | |
| 2154 | try { |
| 2155 | mNetdService.socketDestroy(ranges, exemptUids); |
| 2156 | } catch(RemoteException | ServiceSpecificException e) { |
| 2157 | Slog.e(TAG, "Error closing sockets after enabling chain " + chainName + ": " + e); |
| 2158 | } |
| 2159 | } |
| 2160 | |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2161 | @Override |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2162 | public void setFirewallChainEnabled(int chain, boolean enable) { |
Jeff Sharkey | f56e243 | 2012-09-06 17:54:29 -0700 | [diff] [blame] | 2163 | enforceSystemUid(); |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2164 | synchronized (mQuotaLock) { |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2165 | synchronized (mRulesLock) { |
| 2166 | if (getFirewallChainState(chain) == enable) { |
| 2167 | // All is the same, nothing to do. This relies on the fact that netd has child |
| 2168 | // chains default detached. |
| 2169 | return; |
| 2170 | } |
| 2171 | setFirewallChainState(chain, enable); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2172 | } |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2173 | |
| 2174 | final String operation = enable ? "enable_chain" : "disable_chain"; |
Lorenzo Colitti | 3fef723 | 2016-04-29 18:00:03 +0900 | [diff] [blame] | 2175 | final String chainName; |
Lorenzo Colitti | 4cb4240 | 2016-04-24 12:52:00 +0900 | [diff] [blame] | 2176 | switch(chain) { |
| 2177 | case FIREWALL_CHAIN_STANDBY: |
| 2178 | chainName = FIREWALL_CHAIN_NAME_STANDBY; |
| 2179 | break; |
| 2180 | case FIREWALL_CHAIN_DOZABLE: |
| 2181 | chainName = FIREWALL_CHAIN_NAME_DOZABLE; |
| 2182 | break; |
| 2183 | case FIREWALL_CHAIN_POWERSAVE: |
| 2184 | chainName = FIREWALL_CHAIN_NAME_POWERSAVE; |
| 2185 | break; |
| 2186 | default: |
| 2187 | throw new IllegalArgumentException("Bad child chain: " + chain); |
| 2188 | } |
| 2189 | |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2190 | try { |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2191 | mConnector.execute("firewall", operation, chainName); |
| 2192 | } catch (NativeDaemonConnectorException e) { |
| 2193 | throw e.rethrowAsParcelableException(); |
| 2194 | } |
Lorenzo Colitti | 4cb4240 | 2016-04-24 12:52:00 +0900 | [diff] [blame] | 2195 | |
| 2196 | // Close any sockets that were opened by the affected UIDs. This has to be done after |
| 2197 | // disabling network connectivity, in case they react to the socket close by reopening |
| 2198 | // the connection and race with the iptables commands that enable the firewall. All |
| 2199 | // whitelist and blacklist chains allow RSTs through. |
| 2200 | if (enable) { |
| 2201 | if (DBG) Slog.d(TAG, "Closing sockets after enabling chain " + chainName); |
Lorenzo Colitti | 3fef723 | 2016-04-29 18:00:03 +0900 | [diff] [blame] | 2202 | closeSocketsForFirewallChainLocked(chain, chainName); |
Lorenzo Colitti | 4cb4240 | 2016-04-24 12:52:00 +0900 | [diff] [blame] | 2203 | } |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 2204 | } |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2205 | } |
| 2206 | |
| 2207 | private int getFirewallType(int chain) { |
| 2208 | switch (chain) { |
| 2209 | case FIREWALL_CHAIN_STANDBY: |
| 2210 | return FIREWALL_TYPE_BLACKLIST; |
| 2211 | case FIREWALL_CHAIN_DOZABLE: |
| 2212 | return FIREWALL_TYPE_WHITELIST; |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2213 | case FIREWALL_CHAIN_POWERSAVE: |
| 2214 | return FIREWALL_TYPE_WHITELIST; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2215 | default: |
| 2216 | return isFirewallEnabled() ? FIREWALL_TYPE_WHITELIST : FIREWALL_TYPE_BLACKLIST; |
| 2217 | } |
| 2218 | } |
| 2219 | |
| 2220 | @Override |
| 2221 | public void setFirewallUidRules(int chain, int[] uids, int[] rules) { |
| 2222 | enforceSystemUid(); |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2223 | synchronized (mQuotaLock) { |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2224 | synchronized (mRulesLock) { |
| 2225 | SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain); |
| 2226 | SparseIntArray newRules = new SparseIntArray(); |
| 2227 | // apply new set of rules |
| 2228 | for (int index = uids.length - 1; index >= 0; --index) { |
| 2229 | int uid = uids[index]; |
| 2230 | int rule = rules[index]; |
| 2231 | updateFirewallUidRuleLocked(chain, uid, rule); |
| 2232 | newRules.put(uid, rule); |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2233 | } |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2234 | // collect the rules to remove. |
| 2235 | SparseIntArray rulesToRemove = new SparseIntArray(); |
| 2236 | for (int index = uidFirewallRules.size() - 1; index >= 0; --index) { |
| 2237 | int uid = uidFirewallRules.keyAt(index); |
| 2238 | if (newRules.indexOfKey(uid) < 0) { |
| 2239 | rulesToRemove.put(uid, FIREWALL_RULE_DEFAULT); |
| 2240 | } |
| 2241 | } |
| 2242 | // remove dead rules |
| 2243 | for (int index = rulesToRemove.size() - 1; index >= 0; --index) { |
| 2244 | int uid = rulesToRemove.keyAt(index); |
| 2245 | updateFirewallUidRuleLocked(chain, uid, FIREWALL_RULE_DEFAULT); |
| 2246 | } |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2247 | } |
| 2248 | try { |
| 2249 | switch (chain) { |
| 2250 | case FIREWALL_CHAIN_DOZABLE: |
| 2251 | mNetdService.firewallReplaceUidChain("fw_dozable", true, uids); |
| 2252 | break; |
| 2253 | case FIREWALL_CHAIN_STANDBY: |
| 2254 | mNetdService.firewallReplaceUidChain("fw_standby", false, uids); |
| 2255 | break; |
| 2256 | case FIREWALL_CHAIN_POWERSAVE: |
| 2257 | mNetdService.firewallReplaceUidChain("fw_powersave", true, uids); |
| 2258 | break; |
| 2259 | case FIREWALL_CHAIN_NONE: |
| 2260 | default: |
| 2261 | Slog.d(TAG, "setFirewallUidRules() called on invalid chain: " + chain); |
| 2262 | } |
| 2263 | } catch (RemoteException e) { |
| 2264 | Slog.w(TAG, "Error flushing firewall chain " + chain, e); |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2265 | } |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2266 | } |
| 2267 | } |
| 2268 | |
| 2269 | @Override |
| 2270 | public void setFirewallUidRule(int chain, int uid, int rule) { |
| 2271 | enforceSystemUid(); |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2272 | synchronized (mQuotaLock) { |
| 2273 | setFirewallUidRuleLocked(chain, uid, rule); |
| 2274 | } |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2275 | } |
| 2276 | |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2277 | private void setFirewallUidRuleLocked(int chain, int uid, int rule) { |
| 2278 | if (updateFirewallUidRuleLocked(chain, uid, rule)) { |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 2279 | try { |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2280 | mConnector.execute("firewall", "set_uid_rule", getFirewallChainName(chain), uid, |
| 2281 | getFirewallRuleName(chain, rule)); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 2282 | } catch (NativeDaemonConnectorException e) { |
| 2283 | throw e.rethrowAsParcelableException(); |
| 2284 | } |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2285 | } |
| 2286 | } |
| 2287 | |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2288 | // TODO: now that netd supports batching, NMS should not keep these data structures anymore... |
| 2289 | private boolean updateFirewallUidRuleLocked(int chain, int uid, int rule) { |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2290 | synchronized (mRulesLock) { |
| 2291 | SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain); |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2292 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2293 | final int oldUidFirewallRule = uidFirewallRules.get(uid, FIREWALL_RULE_DEFAULT); |
| 2294 | if (DBG) { |
| 2295 | Slog.d(TAG, "oldRule = " + oldUidFirewallRule |
| 2296 | + ", newRule=" + rule + " for uid=" + uid + " on chain " + chain); |
| 2297 | } |
| 2298 | if (oldUidFirewallRule == rule) { |
| 2299 | if (DBG) Slog.d(TAG, "!!!!! Skipping change"); |
| 2300 | // TODO: eventually consider throwing |
| 2301 | return false; |
| 2302 | } |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2303 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2304 | String ruleName = getFirewallRuleName(chain, rule); |
| 2305 | String oldRuleName = getFirewallRuleName(chain, oldUidFirewallRule); |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2306 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2307 | if (rule == NetworkPolicyManager.FIREWALL_RULE_DEFAULT) { |
| 2308 | uidFirewallRules.delete(uid); |
| 2309 | } else { |
| 2310 | uidFirewallRules.put(uid, rule); |
| 2311 | } |
| 2312 | return !ruleName.equals(oldRuleName); |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2313 | } |
Felipe Leme | a701cad | 2016-05-12 09:58:14 -0700 | [diff] [blame] | 2314 | } |
| 2315 | |
Xiaohui Chen | 8dca36d | 2015-06-19 12:44:59 -0700 | [diff] [blame] | 2316 | private @NonNull String getFirewallRuleName(int chain, int rule) { |
| 2317 | String ruleName; |
| 2318 | if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) { |
| 2319 | if (rule == NetworkPolicyManager.FIREWALL_RULE_ALLOW) { |
| 2320 | ruleName = "allow"; |
| 2321 | } else { |
| 2322 | ruleName = "deny"; |
| 2323 | } |
| 2324 | } else { // Blacklist mode |
| 2325 | if (rule == NetworkPolicyManager.FIREWALL_RULE_DENY) { |
| 2326 | ruleName = "deny"; |
| 2327 | } else { |
| 2328 | ruleName = "allow"; |
| 2329 | } |
| 2330 | } |
| 2331 | return ruleName; |
| 2332 | } |
| 2333 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2334 | private @NonNull SparseIntArray getUidFirewallRulesLR(int chain) { |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2335 | switch (chain) { |
| 2336 | case FIREWALL_CHAIN_STANDBY: |
| 2337 | return mUidFirewallStandbyRules; |
| 2338 | case FIREWALL_CHAIN_DOZABLE: |
| 2339 | return mUidFirewallDozableRules; |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2340 | case FIREWALL_CHAIN_POWERSAVE: |
| 2341 | return mUidFirewallPowerSaveRules; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2342 | case FIREWALL_CHAIN_NONE: |
| 2343 | return mUidFirewallRules; |
| 2344 | default: |
| 2345 | throw new IllegalArgumentException("Unknown chain:" + chain); |
| 2346 | } |
| 2347 | } |
| 2348 | |
| 2349 | public @NonNull String getFirewallChainName(int chain) { |
| 2350 | switch (chain) { |
| 2351 | case FIREWALL_CHAIN_STANDBY: |
| 2352 | return FIREWALL_CHAIN_NAME_STANDBY; |
| 2353 | case FIREWALL_CHAIN_DOZABLE: |
| 2354 | return FIREWALL_CHAIN_NAME_DOZABLE; |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2355 | case FIREWALL_CHAIN_POWERSAVE: |
| 2356 | return FIREWALL_CHAIN_NAME_POWERSAVE; |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2357 | case FIREWALL_CHAIN_NONE: |
| 2358 | return FIREWALL_CHAIN_NAME_NONE; |
| 2359 | default: |
| 2360 | throw new IllegalArgumentException("Unknown chain:" + chain); |
| 2361 | } |
| 2362 | } |
| 2363 | |
Jeff Sharkey | f56e243 | 2012-09-06 17:54:29 -0700 | [diff] [blame] | 2364 | private static void enforceSystemUid() { |
| 2365 | final int uid = Binder.getCallingUid(); |
| 2366 | if (uid != Process.SYSTEM_UID) { |
| 2367 | throw new SecurityException("Only available to AID_SYSTEM"); |
| 2368 | } |
| 2369 | } |
| 2370 | |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2371 | @Override |
Lorenzo Colitti | 7975184 | 2013-02-28 16:16:03 +0900 | [diff] [blame] | 2372 | public void startClatd(String interfaceName) throws IllegalStateException { |
| 2373 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2374 | |
| 2375 | try { |
| 2376 | mConnector.execute("clatd", "start", interfaceName); |
| 2377 | } catch (NativeDaemonConnectorException e) { |
| 2378 | throw e.rethrowAsParcelableException(); |
| 2379 | } |
| 2380 | } |
| 2381 | |
| 2382 | @Override |
Lorenzo Colitti | 9543946 | 2014-10-09 13:44:48 +0900 | [diff] [blame] | 2383 | public void stopClatd(String interfaceName) throws IllegalStateException { |
Lorenzo Colitti | 7975184 | 2013-02-28 16:16:03 +0900 | [diff] [blame] | 2384 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2385 | |
| 2386 | try { |
Lorenzo Colitti | 9543946 | 2014-10-09 13:44:48 +0900 | [diff] [blame] | 2387 | mConnector.execute("clatd", "stop", interfaceName); |
Lorenzo Colitti | 7975184 | 2013-02-28 16:16:03 +0900 | [diff] [blame] | 2388 | } catch (NativeDaemonConnectorException e) { |
| 2389 | throw e.rethrowAsParcelableException(); |
| 2390 | } |
| 2391 | } |
| 2392 | |
| 2393 | @Override |
Lorenzo Colitti | 9543946 | 2014-10-09 13:44:48 +0900 | [diff] [blame] | 2394 | public boolean isClatdStarted(String interfaceName) { |
Lorenzo Colitti | 7975184 | 2013-02-28 16:16:03 +0900 | [diff] [blame] | 2395 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2396 | |
| 2397 | final NativeDaemonEvent event; |
| 2398 | try { |
Lorenzo Colitti | 9543946 | 2014-10-09 13:44:48 +0900 | [diff] [blame] | 2399 | event = mConnector.execute("clatd", "status", interfaceName); |
Lorenzo Colitti | 7975184 | 2013-02-28 16:16:03 +0900 | [diff] [blame] | 2400 | } catch (NativeDaemonConnectorException e) { |
| 2401 | throw e.rethrowAsParcelableException(); |
| 2402 | } |
| 2403 | |
| 2404 | event.checkCode(ClatdStatusResult); |
| 2405 | return event.getMessage().endsWith("started"); |
| 2406 | } |
| 2407 | |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 2408 | @Override |
| 2409 | public void registerNetworkActivityListener(INetworkActivityListener listener) { |
| 2410 | mNetworkActivityListeners.register(listener); |
| 2411 | } |
| 2412 | |
| 2413 | @Override |
| 2414 | public void unregisterNetworkActivityListener(INetworkActivityListener listener) { |
| 2415 | mNetworkActivityListeners.unregister(listener); |
| 2416 | } |
| 2417 | |
| 2418 | @Override |
| 2419 | public boolean isNetworkActive() { |
| 2420 | synchronized (mNetworkActivityListeners) { |
| 2421 | return mNetworkActive || mActiveIdleTimers.isEmpty(); |
| 2422 | } |
| 2423 | } |
| 2424 | |
| 2425 | private void reportNetworkActive() { |
| 2426 | final int length = mNetworkActivityListeners.beginBroadcast(); |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 2427 | try { |
| 2428 | for (int i = 0; i < length; i++) { |
| 2429 | try { |
| 2430 | mNetworkActivityListeners.getBroadcastItem(i).onNetworkActive(); |
Felipe Leme | 03e689d | 2016-03-02 16:17:38 -0800 | [diff] [blame] | 2431 | } catch (RemoteException | RuntimeException e) { |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 2432 | } |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 2433 | } |
Robert Greenwalt | 2c9f547 | 2014-04-21 14:50:28 -0700 | [diff] [blame] | 2434 | } finally { |
| 2435 | mNetworkActivityListeners.finishBroadcast(); |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 2436 | } |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 2437 | } |
| 2438 | |
Mattias Falk | 8b47b36 | 2011-08-23 14:15:13 +0200 | [diff] [blame] | 2439 | /** {@inheritDoc} */ |
Jeff Sharkey | 7b4596f | 2013-02-25 10:55:29 -0800 | [diff] [blame] | 2440 | @Override |
Jeff Sharkey | fa23c5a | 2011-08-09 21:44:24 -0700 | [diff] [blame] | 2441 | public void monitor() { |
| 2442 | if (mConnector != null) { |
| 2443 | mConnector.monitor(); |
| 2444 | } |
| 2445 | } |
Jeff Sharkey | 47eb102 | 2011-08-25 17:48:52 -0700 | [diff] [blame] | 2446 | |
| 2447 | @Override |
| 2448 | protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) { |
Jeff Sharkey | fe9a53b | 2017-03-31 14:08:23 -0600 | [diff] [blame] | 2449 | if (!DumpUtils.checkDumpPermission(mContext, TAG, pw)) return; |
Jeff Sharkey | 47eb102 | 2011-08-25 17:48:52 -0700 | [diff] [blame] | 2450 | |
Robert Greenwalt | 470fd72 | 2012-01-18 12:51:15 -0800 | [diff] [blame] | 2451 | pw.println("NetworkManagementService NativeDaemonConnector Log:"); |
| 2452 | mConnector.dump(fd, pw, args); |
| 2453 | pw.println(); |
| 2454 | |
Jeff Sharkey | 47eb102 | 2011-08-25 17:48:52 -0700 | [diff] [blame] | 2455 | pw.print("Bandwidth control enabled: "); pw.println(mBandwidthControlEnabled); |
Dianne Hackborn | 2ffa11e | 2014-04-21 15:56:18 -0700 | [diff] [blame] | 2456 | pw.print("mMobileActivityFromRadio="); pw.print(mMobileActivityFromRadio); |
| 2457 | pw.print(" mLastPowerStateFromRadio="); pw.println(mLastPowerStateFromRadio); |
| 2458 | pw.print("mNetworkActive="); pw.println(mNetworkActive); |
Jeff Sharkey | 47eb102 | 2011-08-25 17:48:52 -0700 | [diff] [blame] | 2459 | |
| 2460 | synchronized (mQuotaLock) { |
Jeff Sharkey | b24a785 | 2012-05-01 15:19:37 -0700 | [diff] [blame] | 2461 | pw.print("Active quota ifaces: "); pw.println(mActiveQuotas.toString()); |
| 2462 | pw.print("Active alert ifaces: "); pw.println(mActiveAlerts.toString()); |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 2463 | pw.print("Data saver mode: "); pw.println(mDataSaverMode); |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2464 | synchronized (mRulesLock) { |
| 2465 | dumpUidRuleOnQuotaLocked(pw, "blacklist", mUidRejectOnMetered); |
| 2466 | dumpUidRuleOnQuotaLocked(pw, "whitelist", mUidAllowOnMetered); |
| 2467 | } |
Jeff Sharkey | 47eb102 | 2011-08-25 17:48:52 -0700 | [diff] [blame] | 2468 | } |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2469 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2470 | synchronized (mRulesLock) { |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2471 | dumpUidFirewallRule(pw, "", mUidFirewallRules); |
Amith Yamasani | 15e47235 | 2015-04-24 19:06:07 -0700 | [diff] [blame] | 2472 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2473 | pw.print("UID firewall standby chain enabled: "); pw.println( |
| 2474 | getFirewallChainState(FIREWALL_CHAIN_STANDBY)); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2475 | dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_STANDBY, mUidFirewallStandbyRules); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2476 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2477 | pw.print("UID firewall dozable chain enabled: "); pw.println( |
| 2478 | getFirewallChainState(FIREWALL_CHAIN_DOZABLE)); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2479 | dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_DOZABLE, mUidFirewallDozableRules); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2480 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2481 | pw.println("UID firewall powersave chain enabled: " + |
| 2482 | getFirewallChainState(FIREWALL_CHAIN_POWERSAVE)); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2483 | dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_POWERSAVE, mUidFirewallPowerSaveRules); |
Xiaohui Chen | b41c9f7 | 2015-06-17 15:55:37 -0700 | [diff] [blame] | 2484 | } |
| 2485 | |
Dianne Hackborn | 77b987f | 2014-02-26 16:20:52 -0800 | [diff] [blame] | 2486 | synchronized (mIdleTimerLock) { |
| 2487 | pw.println("Idle timers:"); |
| 2488 | for (HashMap.Entry<String, IdleTimerParams> ent : mActiveIdleTimers.entrySet()) { |
| 2489 | pw.print(" "); pw.print(ent.getKey()); pw.println(":"); |
| 2490 | IdleTimerParams params = ent.getValue(); |
| 2491 | pw.print(" timeout="); pw.print(params.timeout); |
| 2492 | pw.print(" type="); pw.print(params.type); |
| 2493 | pw.print(" networkCount="); pw.println(params.networkCount); |
| 2494 | } |
| 2495 | } |
| 2496 | |
Jeff Sharkey | c268f0b | 2012-08-24 10:25:31 -0700 | [diff] [blame] | 2497 | pw.print("Firewall enabled: "); pw.println(mFirewallEnabled); |
Felipe Leme | 65be302 | 2016-03-22 14:53:13 -0700 | [diff] [blame] | 2498 | pw.print("Netd service status: " ); |
| 2499 | if (mNetdService == null) { |
| 2500 | pw.println("disconnected"); |
| 2501 | } else { |
| 2502 | try { |
| 2503 | final boolean alive = mNetdService.isAlive(); |
| 2504 | pw.println(alive ? "alive": "dead"); |
| 2505 | } catch (RemoteException e) { |
| 2506 | pw.println("unreachable"); |
| 2507 | } |
| 2508 | } |
| 2509 | } |
| 2510 | |
| 2511 | private void dumpUidRuleOnQuotaLocked(PrintWriter pw, String name, SparseBooleanArray list) { |
| 2512 | pw.print("UID bandwith control "); |
| 2513 | pw.print(name); |
| 2514 | pw.print(" rule: ["); |
| 2515 | final int size = list.size(); |
| 2516 | for (int i = 0; i < size; i++) { |
| 2517 | pw.print(list.keyAt(i)); |
| 2518 | if (i < size - 1) pw.print(","); |
| 2519 | } |
| 2520 | pw.println("]"); |
Jeff Sharkey | 47eb102 | 2011-08-25 17:48:52 -0700 | [diff] [blame] | 2521 | } |
Robert Greenwalt | 9ba9c58 | 2014-03-19 17:56:12 -0700 | [diff] [blame] | 2522 | |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2523 | private void dumpUidFirewallRule(PrintWriter pw, String name, SparseIntArray rules) { |
Lorenzo Colitti | 4cb4240 | 2016-04-24 12:52:00 +0900 | [diff] [blame] | 2524 | pw.print("UID firewall "); |
Felipe Leme | 011b98f | 2016-02-10 17:28:31 -0800 | [diff] [blame] | 2525 | pw.print(name); |
| 2526 | pw.print(" rule: ["); |
| 2527 | final int size = rules.size(); |
| 2528 | for (int i = 0; i < size; i++) { |
| 2529 | pw.print(rules.keyAt(i)); |
| 2530 | pw.print(":"); |
| 2531 | pw.print(rules.valueAt(i)); |
| 2532 | if (i < size - 1) pw.print(","); |
| 2533 | } |
| 2534 | pw.println("]"); |
| 2535 | } |
| 2536 | |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2537 | @Override |
Paul Jensen | 487ffe7 | 2015-07-24 15:57:11 -0400 | [diff] [blame] | 2538 | public void createPhysicalNetwork(int netId, String permission) { |
Robert Greenwalt | 9ba9c58 | 2014-03-19 17:56:12 -0700 | [diff] [blame] | 2539 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2540 | |
| 2541 | try { |
Paul Jensen | 487ffe7 | 2015-07-24 15:57:11 -0400 | [diff] [blame] | 2542 | if (permission != null) { |
| 2543 | mConnector.execute("network", "create", netId, permission); |
| 2544 | } else { |
| 2545 | mConnector.execute("network", "create", netId); |
| 2546 | } |
Robert Greenwalt | 9ba9c58 | 2014-03-19 17:56:12 -0700 | [diff] [blame] | 2547 | } catch (NativeDaemonConnectorException e) { |
| 2548 | throw e.rethrowAsParcelableException(); |
| 2549 | } |
| 2550 | } |
| 2551 | |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2552 | @Override |
Sreeram Ramachandran | 8cd33ed | 2014-07-23 15:23:15 -0700 | [diff] [blame] | 2553 | public void createVirtualNetwork(int netId, boolean hasDNS, boolean secure) { |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 2554 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2555 | |
| 2556 | try { |
Sreeram Ramachandran | 8cd33ed | 2014-07-23 15:23:15 -0700 | [diff] [blame] | 2557 | mConnector.execute("network", "create", netId, "vpn", hasDNS ? "1" : "0", |
| 2558 | secure ? "1" : "0"); |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 2559 | } catch (NativeDaemonConnectorException e) { |
| 2560 | throw e.rethrowAsParcelableException(); |
| 2561 | } |
| 2562 | } |
| 2563 | |
| 2564 | @Override |
Robert Greenwalt | 9ba9c58 | 2014-03-19 17:56:12 -0700 | [diff] [blame] | 2565 | public void removeNetwork(int netId) { |
| 2566 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2567 | |
| 2568 | try { |
| 2569 | mConnector.execute("network", "destroy", netId); |
| 2570 | } catch (NativeDaemonConnectorException e) { |
| 2571 | throw e.rethrowAsParcelableException(); |
| 2572 | } |
| 2573 | } |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2574 | |
| 2575 | @Override |
Paul Jensen | 992f252 | 2014-04-28 10:33:11 -0400 | [diff] [blame] | 2576 | public void addInterfaceToNetwork(String iface, int netId) { |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 2577 | modifyInterfaceInNetwork("add", "" + netId, iface); |
Paul Jensen | 992f252 | 2014-04-28 10:33:11 -0400 | [diff] [blame] | 2578 | } |
| 2579 | |
| 2580 | @Override |
| 2581 | public void removeInterfaceFromNetwork(String iface, int netId) { |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 2582 | modifyInterfaceInNetwork("remove", "" + netId, iface); |
| 2583 | } |
Paul Jensen | 992f252 | 2014-04-28 10:33:11 -0400 | [diff] [blame] | 2584 | |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 2585 | private void modifyInterfaceInNetwork(String action, String netId, String iface) { |
| 2586 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
Paul Jensen | 992f252 | 2014-04-28 10:33:11 -0400 | [diff] [blame] | 2587 | try { |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 2588 | mConnector.execute("network", "interface", action, netId, iface); |
Paul Jensen | 992f252 | 2014-04-28 10:33:11 -0400 | [diff] [blame] | 2589 | } catch (NativeDaemonConnectorException e) { |
| 2590 | throw e.rethrowAsParcelableException(); |
| 2591 | } |
| 2592 | } |
| 2593 | |
| 2594 | @Override |
Robert Greenwalt | 913c895 | 2014-04-07 17:36:35 -0700 | [diff] [blame] | 2595 | public void addLegacyRouteForNetId(int netId, RouteInfo routeInfo, int uid) { |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2596 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2597 | |
Sreeram Ramachandran | 03666c7 | 2014-07-19 23:21:46 -0700 | [diff] [blame] | 2598 | final Command cmd = new Command("network", "route", "legacy", uid, "add", netId); |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2599 | |
Sreeram Ramachandran | 1fbcb27 | 2014-05-22 16:30:48 -0700 | [diff] [blame] | 2600 | // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr |
Sreeram Ramachandran | cc91c7b | 2014-06-03 18:41:43 -0700 | [diff] [blame] | 2601 | final LinkAddress la = routeInfo.getDestinationLinkAddress(); |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2602 | cmd.appendArg(routeInfo.getInterface()); |
Lorenzo Colitti | 7dc78cf | 2014-06-09 22:58:46 +0900 | [diff] [blame] | 2603 | cmd.appendArg(la.getAddress().getHostAddress() + "/" + la.getPrefixLength()); |
Sreeram Ramachandran | 1fbcb27 | 2014-05-22 16:30:48 -0700 | [diff] [blame] | 2604 | if (routeInfo.hasGateway()) { |
| 2605 | cmd.appendArg(routeInfo.getGateway().getHostAddress()); |
| 2606 | } |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2607 | |
| 2608 | try { |
| 2609 | mConnector.execute(cmd); |
| 2610 | } catch (NativeDaemonConnectorException e) { |
| 2611 | throw e.rethrowAsParcelableException(); |
| 2612 | } |
| 2613 | } |
| 2614 | |
| 2615 | @Override |
Sreeram Ramachandran | f047f2a | 2014-04-15 16:04:26 -0700 | [diff] [blame] | 2616 | public void setDefaultNetId(int netId) { |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2617 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2618 | |
| 2619 | try { |
Sreeram Ramachandran | f047f2a | 2014-04-15 16:04:26 -0700 | [diff] [blame] | 2620 | mConnector.execute("network", "default", "set", netId); |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2621 | } catch (NativeDaemonConnectorException e) { |
| 2622 | throw e.rethrowAsParcelableException(); |
| 2623 | } |
| 2624 | } |
| 2625 | |
| 2626 | @Override |
| 2627 | public void clearDefaultNetId() { |
| 2628 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2629 | |
| 2630 | try { |
| 2631 | mConnector.execute("network", "default", "clear"); |
| 2632 | } catch (NativeDaemonConnectorException e) { |
| 2633 | throw e.rethrowAsParcelableException(); |
| 2634 | } |
| 2635 | } |
| 2636 | |
| 2637 | @Override |
Paul Jensen | 487ffe7 | 2015-07-24 15:57:11 -0400 | [diff] [blame] | 2638 | public void setNetworkPermission(int netId, String permission) { |
| 2639 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2640 | |
| 2641 | try { |
| 2642 | if (permission != null) { |
| 2643 | mConnector.execute("network", "permission", "network", "set", permission, netId); |
| 2644 | } else { |
| 2645 | mConnector.execute("network", "permission", "network", "clear", netId); |
| 2646 | } |
| 2647 | } catch (NativeDaemonConnectorException e) { |
| 2648 | throw e.rethrowAsParcelableException(); |
| 2649 | } |
| 2650 | } |
| 2651 | |
| 2652 | |
| 2653 | @Override |
Sreeram Ramachandran | e4a05af | 2014-09-24 09:16:19 -0700 | [diff] [blame] | 2654 | public void setPermission(String permission, int[] uids) { |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2655 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2656 | |
Sreeram Ramachandran | e4a05af | 2014-09-24 09:16:19 -0700 | [diff] [blame] | 2657 | Object[] argv = new Object[4 + MAX_UID_RANGES_PER_COMMAND]; |
| 2658 | argv[0] = "permission"; |
| 2659 | argv[1] = "user"; |
| 2660 | argv[2] = "set"; |
| 2661 | argv[3] = permission; |
| 2662 | int argc = 4; |
| 2663 | // Avoid overly long commands by limiting number of UIDs per command. |
| 2664 | for (int i = 0; i < uids.length; ++i) { |
| 2665 | argv[argc++] = uids[i]; |
| 2666 | if (i == uids.length - 1 || argc == argv.length) { |
| 2667 | try { |
| 2668 | mConnector.execute("network", Arrays.copyOf(argv, argc)); |
| 2669 | } catch (NativeDaemonConnectorException e) { |
| 2670 | throw e.rethrowAsParcelableException(); |
| 2671 | } |
| 2672 | argc = 4; |
| 2673 | } |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2674 | } |
| 2675 | } |
| 2676 | |
| 2677 | @Override |
| 2678 | public void clearPermission(int[] uids) { |
| 2679 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2680 | |
Sreeram Ramachandran | e4a05af | 2014-09-24 09:16:19 -0700 | [diff] [blame] | 2681 | Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND]; |
| 2682 | argv[0] = "permission"; |
| 2683 | argv[1] = "user"; |
| 2684 | argv[2] = "clear"; |
| 2685 | int argc = 3; |
| 2686 | // Avoid overly long commands by limiting number of UIDs per command. |
| 2687 | for (int i = 0; i < uids.length; ++i) { |
| 2688 | argv[argc++] = uids[i]; |
| 2689 | if (i == uids.length - 1 || argc == argv.length) { |
| 2690 | try { |
| 2691 | mConnector.execute("network", Arrays.copyOf(argv, argc)); |
| 2692 | } catch (NativeDaemonConnectorException e) { |
| 2693 | throw e.rethrowAsParcelableException(); |
| 2694 | } |
| 2695 | argc = 3; |
| 2696 | } |
Robert Greenwalt | 568891d | 2014-04-04 13:38:00 -0700 | [diff] [blame] | 2697 | } |
| 2698 | } |
Paul Jensen | 6bc2c2c | 2014-05-07 15:27:40 -0400 | [diff] [blame] | 2699 | |
| 2700 | @Override |
| 2701 | public void allowProtect(int uid) { |
| 2702 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2703 | |
| 2704 | try { |
| 2705 | mConnector.execute("network", "protect", "allow", uid); |
| 2706 | } catch (NativeDaemonConnectorException e) { |
| 2707 | throw e.rethrowAsParcelableException(); |
| 2708 | } |
| 2709 | } |
| 2710 | |
| 2711 | @Override |
| 2712 | public void denyProtect(int uid) { |
| 2713 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2714 | |
| 2715 | try { |
| 2716 | mConnector.execute("network", "protect", "deny", uid); |
| 2717 | } catch (NativeDaemonConnectorException e) { |
| 2718 | throw e.rethrowAsParcelableException(); |
| 2719 | } |
| 2720 | } |
| 2721 | |
Sreeram Ramachandran | a77760d | 2014-07-17 17:09:07 -0700 | [diff] [blame] | 2722 | @Override |
| 2723 | public void addInterfaceToLocalNetwork(String iface, List<RouteInfo> routes) { |
| 2724 | modifyInterfaceInNetwork("add", "local", iface); |
| 2725 | |
| 2726 | for (RouteInfo route : routes) { |
| 2727 | if (!route.isDefaultRoute()) { |
| 2728 | modifyRoute("add", "local", route); |
| 2729 | } |
| 2730 | } |
| 2731 | } |
| 2732 | |
| 2733 | @Override |
| 2734 | public void removeInterfaceFromLocalNetwork(String iface) { |
| 2735 | modifyInterfaceInNetwork("remove", "local", iface); |
| 2736 | } |
Erik Kline | 6599ee8 | 2016-07-17 21:28:39 +0900 | [diff] [blame] | 2737 | |
| 2738 | @Override |
| 2739 | public int removeRoutesFromLocalNetwork(List<RouteInfo> routes) { |
| 2740 | int failures = 0; |
| 2741 | |
| 2742 | for (RouteInfo route : routes) { |
| 2743 | try { |
| 2744 | modifyRoute("remove", "local", route); |
| 2745 | } catch (IllegalStateException e) { |
| 2746 | failures++; |
| 2747 | } |
| 2748 | } |
| 2749 | |
| 2750 | return failures; |
| 2751 | } |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2752 | |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 2753 | @Override |
| 2754 | public boolean isNetworkRestricted(int uid) { |
| 2755 | mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); |
| 2756 | return isNetworkRestrictedInternal(uid); |
| 2757 | } |
| 2758 | |
| 2759 | private boolean isNetworkRestrictedInternal(int uid) { |
| 2760 | synchronized (mRulesLock) { |
| 2761 | if (getFirewallChainState(FIREWALL_CHAIN_STANDBY) |
| 2762 | && mUidFirewallStandbyRules.get(uid) == FIREWALL_RULE_DENY) { |
| 2763 | if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of app standby mode"); |
| 2764 | return true; |
| 2765 | } |
| 2766 | if (getFirewallChainState(FIREWALL_CHAIN_DOZABLE) |
| 2767 | && mUidFirewallDozableRules.get(uid) != FIREWALL_RULE_ALLOW) { |
| 2768 | if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of device idle mode"); |
| 2769 | return true; |
| 2770 | } |
| 2771 | if (getFirewallChainState(FIREWALL_CHAIN_POWERSAVE) |
| 2772 | && mUidFirewallPowerSaveRules.get(uid) != FIREWALL_RULE_ALLOW) { |
| 2773 | if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of power saver mode"); |
| 2774 | return true; |
| 2775 | } |
| 2776 | if (mUidRejectOnMetered.get(uid)) { |
| 2777 | if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of no metered data" |
| 2778 | + " in the background"); |
| 2779 | return true; |
| 2780 | } |
| 2781 | if (mDataSaverMode && !mUidAllowOnMetered.get(uid)) { |
| 2782 | if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of data saver mode"); |
| 2783 | return true; |
| 2784 | } |
| 2785 | return false; |
| 2786 | } |
| 2787 | } |
| 2788 | |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2789 | private void setFirewallChainState(int chain, boolean state) { |
| 2790 | synchronized (mRulesLock) { |
| 2791 | mFirewallChainStates.put(chain, state); |
| 2792 | } |
| 2793 | } |
| 2794 | |
| 2795 | private boolean getFirewallChainState(int chain) { |
| 2796 | synchronized (mRulesLock) { |
| 2797 | return mFirewallChainStates.get(chain); |
| 2798 | } |
| 2799 | } |
| 2800 | |
| 2801 | @VisibleForTesting |
| 2802 | class LocalService extends NetworkManagementInternal { |
| 2803 | @Override |
| 2804 | public boolean isNetworkRestrictedForUid(int uid) { |
Sudheer Shanka | b8f2316 | 2017-08-04 13:30:10 -0700 | [diff] [blame] | 2805 | return isNetworkRestrictedInternal(uid); |
Sudheer Shanka | 62f5c17 | 2017-03-17 16:25:55 -0700 | [diff] [blame] | 2806 | } |
| 2807 | } |
| 2808 | |
| 2809 | @VisibleForTesting |
| 2810 | Injector getInjector() { |
| 2811 | return new Injector(); |
| 2812 | } |
| 2813 | |
| 2814 | @VisibleForTesting |
| 2815 | class Injector { |
| 2816 | void setDataSaverMode(boolean dataSaverMode) { |
| 2817 | mDataSaverMode = dataSaverMode; |
| 2818 | } |
| 2819 | |
| 2820 | void setFirewallChainState(int chain, boolean state) { |
| 2821 | NetworkManagementService.this.setFirewallChainState(chain, state); |
| 2822 | } |
| 2823 | |
| 2824 | void setFirewallRule(int chain, int uid, int rule) { |
| 2825 | synchronized (mRulesLock) { |
| 2826 | getUidFirewallRulesLR(chain).put(uid, rule); |
| 2827 | } |
| 2828 | } |
| 2829 | |
| 2830 | void setUidOnMeteredNetworkList(boolean blacklist, int uid, boolean enable) { |
| 2831 | synchronized (mRulesLock) { |
| 2832 | if (blacklist) { |
| 2833 | mUidRejectOnMetered.put(uid, enable); |
| 2834 | } else { |
| 2835 | mUidAllowOnMetered.put(uid, enable); |
| 2836 | } |
| 2837 | } |
| 2838 | } |
| 2839 | |
| 2840 | void reset() { |
| 2841 | synchronized (mRulesLock) { |
| 2842 | setDataSaverMode(false); |
| 2843 | final int[] chains = { |
| 2844 | FIREWALL_CHAIN_DOZABLE, |
| 2845 | FIREWALL_CHAIN_STANDBY, |
| 2846 | FIREWALL_CHAIN_POWERSAVE |
| 2847 | }; |
| 2848 | for (int chain : chains) { |
| 2849 | setFirewallChainState(chain, false); |
| 2850 | getUidFirewallRulesLR(chain).clear(); |
| 2851 | } |
| 2852 | mUidAllowOnMetered.clear(); |
| 2853 | mUidRejectOnMetered.clear(); |
| 2854 | } |
| 2855 | } |
| 2856 | } |
San Mehat | 873f214 | 2010-01-14 10:25:07 -0800 | [diff] [blame] | 2857 | } |