Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / bccbd009edf909747a47cdfaa4cbd34343fb13b1 / . / services / core / java / com / android / server / NetworkManagementService.java
blob: b1d6f7353bdb400c40f1f30519cee25c704b91f8 [file] [log] [blame]
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1/*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server;
18
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]19import static android.Manifest.permission.CONNECTIVITY_INTERNAL;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]20import static android.Manifest.permission.DUMP;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]21import static android.Manifest.permission.NETWORK_STACK;
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]22import static android.Manifest.permission.SHUTDOWN;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]23import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE;
24import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE;
25import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]26import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]27import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_STANDBY;
28import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]29import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]30import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_STANDBY;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]31import static android.net.NetworkPolicyManager.FIREWALL_RULE_ALLOW;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]32import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]33import static android.net.NetworkPolicyManager.FIREWALL_RULE_DENY;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]34import static android.net.NetworkPolicyManager.FIREWALL_TYPE_BLACKLIST;
35import static android.net.NetworkPolicyManager.FIREWALL_TYPE_WHITELIST;
Jeff Sharkeyb5d55e32011-08-10 17:53:27 -0700[diff] [blame]36import static android.net.NetworkStats.SET_DEFAULT;
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]37import static android.net.NetworkStats.STATS_PER_UID;
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]38import static android.net.NetworkStats.TAG_ALL;
Jeff Sharkey1b5a2a92011-06-18 18:34:16 -0700[diff] [blame]39import static android.net.NetworkStats.TAG_NONE;
40import static android.net.NetworkStats.UID_ALL;
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]41import static android.net.TrafficStats.UID_TETHERING;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]42import static com.android.server.NetworkManagementService.NetdResponseCode.ClatdStatusResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]43import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceGetCfgResult;
44import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]45import static com.android.server.NetworkManagementService.NetdResponseCode.IpFwdStatusResult;
46import static com.android.server.NetworkManagementService.NetdResponseCode.TetherDnsFwdTgtListResult;
47import static com.android.server.NetworkManagementService.NetdResponseCode.TetherInterfaceListResult;
48import static com.android.server.NetworkManagementService.NetdResponseCode.TetherStatusResult;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]49import static com.android.server.NetworkManagementService.NetdResponseCode.TetheringStatsListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]50import static com.android.server.NetworkManagementService.NetdResponseCode.TtyListResult;
Jeff Sharkeya63ba592011-07-19 23:47:12 -0700[diff] [blame]51import static com.android.server.NetworkManagementSocketTagger.PROP_QTAGUID_ENABLED;
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]52
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]53import android.annotation.NonNull;
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]54import android.app.ActivityManager;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]55import android.content.ContentResolver;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]56import android.content.Context;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]57import android.net.ConnectivityManager;
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]58import android.net.INetd;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]59import android.net.INetworkManagementEventObserver;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]60import android.net.ITetheringStatsProvider;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]61import android.net.InterfaceConfiguration;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]62import android.net.IpPrefix;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]63import android.net.LinkAddress;
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]64import android.net.Network;
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]65import android.net.NetworkPolicyManager;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]66import android.net.NetworkStats;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]67import android.net.NetworkUtils;
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]68import android.net.RouteInfo;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]69import android.net.UidRange;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]70import android.net.util.NetdService;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]71import android.net.wifi.WifiConfiguration;
72import android.net.wifi.WifiConfiguration.KeyMgmt;
Dianne Hackborn91268cf2013-06-13 19:06:50 -0700[diff] [blame]73import android.os.BatteryStats;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]74import android.os.Binder;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]75import android.os.Handler;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]76import android.os.IBinder;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]77import android.os.INetworkActivityListener;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]78import android.os.INetworkManagementService;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]79import android.os.PersistableBundle;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]80import android.os.PowerManager;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]81import android.os.Process;
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]82import android.os.RemoteCallbackList;
83import android.os.RemoteException;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]84import android.os.ServiceManager;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]85import android.os.ServiceSpecificException;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]86import android.os.StrictMode;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]87import android.os.SystemClock;
Marco Nelissen62dbb222010-02-18 10:56:30 -0800[diff] [blame]88import android.os.SystemProperties;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]89import android.os.Trace;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]90import android.provider.Settings;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]91import android.telephony.DataConnectionRealTimeInfo;
92import android.telephony.PhoneStateListener;
Wink Savillefb40dd42014-06-12 17:02:31 -0700[diff] [blame]93import android.telephony.SubscriptionManager;
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]94import android.telephony.TelephonyManager;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]95import android.util.Log;
Joe Onorato8a9b2202010-02-26 18:56:32 -0800[diff] [blame]96import android.util.Slog;
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]97import android.util.SparseBooleanArray;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]98import android.util.SparseIntArray;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]99
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]100import com.android.internal.annotations.GuardedBy;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]101import com.android.internal.annotations.VisibleForTesting;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]102import com.android.internal.app.IBatteryStats;
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]103import com.android.internal.net.NetworkStatsFactory;
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]104import com.android.internal.util.DumpUtils;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]105import com.android.internal.util.HexDump;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]106import com.android.internal.util.Preconditions;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]107import com.android.server.NativeDaemonConnector.Command;
Jeff Sharkey56cd6462013-06-07 15:09:15 -0700[diff] [blame]108import com.android.server.NativeDaemonConnector.SensitiveArg;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]109import com.google.android.collect.Maps;
Jeff Sharkey4414cea2011-06-24 17:05:24 -0700[diff] [blame]110
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]111import java.io.BufferedReader;
112import java.io.DataInputStream;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]113import java.io.File;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]114import java.io.FileDescriptor;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]115import java.io.FileInputStream;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]116import java.io.IOException;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]117import java.io.InputStreamReader;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]118import java.io.PrintWriter;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]119import java.net.InetAddress;
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]120import java.net.InterfaceAddress;
121import java.net.NetworkInterface;
122import java.net.SocketException;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]123import java.util.ArrayList;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]124import java.util.Arrays;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]125import java.util.HashMap;
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]126import java.util.List;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]127import java.util.Map;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]128import java.util.NoSuchElementException;
129import java.util.StringTokenizer;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]130import java.util.concurrent.CountDownLatch;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]131
132/**
133 * @hide
134 */
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]135public class NetworkManagementService extends INetworkManagementService.Stub
136 implements Watchdog.Monitor {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]137
138 /**
139 * Helper class that encapsulates NetworkManagementService dependencies and makes them
140 * easier to mock in unit tests.
141 */
142 static class SystemServices {
143 public IBinder getService(String name) {
144 return ServiceManager.getService(name);
145 }
146 public void registerLocalService(NetworkManagementInternal nmi) {
147 LocalServices.addService(NetworkManagementInternal.class, nmi);
148 }
149 public INetd getNetd() {
150 return NetdService.get();
151 }
152 }
153
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]154 private static final String TAG = "NetworkManagement";
155 private static final boolean DBG = Log.isLoggable(TAG, Log.DEBUG);
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]156 private static final String NETD_TAG = "NetdConnector";
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]157 static final String NETD_SERVICE_NAME = "netd";
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]158
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]159 private static final int MAX_UID_RANGES_PER_COMMAND = 10;
160
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]161 /**
162 * Name representing {@link #setGlobalAlert(long)} limit when delivered to
163 * {@link INetworkManagementEventObserver#limitReached(String, String)}.
164 */
165 public static final String LIMIT_GLOBAL_ALERT = "globalAlert";
166
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]167 /**
168 * String to pass to netd to indicate that a network is only accessible
169 * to apps that have the CHANGE_NETWORK_STATE permission.
170 */
171 public static final String PERMISSION_NETWORK = "NETWORK";
172
173 /**
174 * String to pass to netd to indicate that a network is only
175 * accessible to system apps and those with the CONNECTIVITY_INTERNAL
176 * permission.
177 */
178 public static final String PERMISSION_SYSTEM = "SYSTEM";
179
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]180 static class NetdResponseCode {
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]181 /* Keep in sync with system/netd/server/ResponseCode.h */
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]182 public static final int InterfaceListResult = 110;
183 public static final int TetherInterfaceListResult = 111;
184 public static final int TetherDnsFwdTgtListResult = 112;
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]185 public static final int TtyListResult = 113;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]186 public static final int TetheringStatsListResult = 114;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]187
188 public static final int TetherStatusResult = 210;
189 public static final int IpFwdStatusResult = 211;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]190 public static final int InterfaceGetCfgResult = 213;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]191 public static final int SoftapStatusResult = 214;
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]192 public static final int InterfaceRxCounterResult = 216;
193 public static final int InterfaceTxCounterResult = 217;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]194 public static final int QuotaCounterResult = 220;
195 public static final int TetheringStatsResult = 221;
Selim Gurun84c00c62012-02-27 15:42:38 -0800[diff] [blame]196 public static final int DnsProxyQueryResult = 222;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]197 public static final int ClatdStatusResult = 223;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]198
199 public static final int InterfaceChange = 600;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]200 public static final int BandwidthControl = 601;
Haoyu Bai6b7358d2012-07-17 16:36:50 -0700[diff] [blame]201 public static final int InterfaceClassActivity = 613;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]202 public static final int InterfaceAddressChange = 614;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]203 public static final int InterfaceDnsServerInfo = 615;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]204 public static final int RouteChange = 616;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]205 public static final int StrictCleartext = 617;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]206 }
207
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]208 /* Defaults for resolver parameters. */
209 public static final int DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS = 1800;
210 public static final int DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT = 25;
211 public static final int DNS_RESOLVER_DEFAULT_MIN_SAMPLES = 8;
212 public static final int DNS_RESOLVER_DEFAULT_MAX_SAMPLES = 64;
213
Rebecca Silbersteine2ec94f2016-03-24 13:29:00 -0700[diff] [blame]214 /**
215 * String indicating a softap command.
216 */
217 static final String SOFT_AP_COMMAND = "softap";
218
219 /**
220 * String passed back to netd connector indicating softap command success.
221 */
222 static final String SOFT_AP_COMMAND_SUCCESS = "Ok";
223
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]224 static final int DAEMON_MSG_MOBILE_CONN_REAL_TIME_INFO = 1;
225
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]226 /**
227 * Binder context for this service
228 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]229 private final Context mContext;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]230
231 /**
232 * connector object for communicating with netd
233 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]234 private final NativeDaemonConnector mConnector;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]235
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]236 private final Handler mFgHandler;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]237 private final Handler mDaemonHandler;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]238
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]239 private final SystemServices mServices;
240
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]241 private INetd mNetdService;
242
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]243 private IBatteryStats mBatteryStats;
244
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]245 private final Thread mThread;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]246 private CountDownLatch mConnectedSignal = new CountDownLatch(1);
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]247
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]248 private final RemoteCallbackList<INetworkManagementEventObserver> mObservers =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]249 new RemoteCallbackList<>();
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]250
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]251 private final NetworkStatsFactory mStatsFactory = new NetworkStatsFactory();
252
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]253 @GuardedBy("mTetheringStatsProviders")
254 private final HashMap<ITetheringStatsProvider, String>
255 mTetheringStatsProviders = Maps.newHashMap();
256
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]257 /**
258 * If both locks need to be held, then they should be obtained in the order:
259 * first {@link #mQuotaLock} and then {@link #mRulesLock}.
260 */
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]261 private final Object mQuotaLock = new Object();
Andrew Scull519291f2017-05-23 13:11:03 +0100[diff] [blame]262 private final Object mRulesLock = new Object();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]263
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]264 /** Set of interfaces with active quotas. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]265 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]266 private HashMap<String, Long> mActiveQuotas = Maps.newHashMap();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]267 /** Set of interfaces with active alerts. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]268 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]269 private HashMap<String, Long> mActiveAlerts = Maps.newHashMap();
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]270 /** Set of UIDs blacklisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]271 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]272 private SparseBooleanArray mUidRejectOnMetered = new SparseBooleanArray();
273 /** Set of UIDs whitelisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]274 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]275 private SparseBooleanArray mUidAllowOnMetered = new SparseBooleanArray();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]276 /** Set of UIDs with cleartext penalties. */
277 @GuardedBy("mQuotaLock")
278 private SparseIntArray mUidCleartextPolicy = new SparseIntArray();
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]279 /** Set of UIDs that are to be blocked/allowed by firewall controller. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]280 @GuardedBy("mRulesLock")
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]281 private SparseIntArray mUidFirewallRules = new SparseIntArray();
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]282 /**
283 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
284 * to application idles.
285 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]286 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]287 private SparseIntArray mUidFirewallStandbyRules = new SparseIntArray();
288 /**
289 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
290 * to device idles.
291 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]292 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]293 private SparseIntArray mUidFirewallDozableRules = new SparseIntArray();
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]294 /**
295 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
296 * to device on power-save mode.
297 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]298 @GuardedBy("mRulesLock")
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]299 private SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]300 /** Set of states for the child firewall chains. True if the chain is active. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]301 @GuardedBy("mRulesLock")
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]302 final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]303
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]304 @GuardedBy("mQuotaLock")
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]305 private volatile boolean mDataSaverMode;
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]306
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]307 private final Object mIdleTimerLock = new Object();
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]308 /** Set of interfaces with active idle timers. */
309 private static class IdleTimerParams {
310 public final int timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]311 public final int type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]312 public int networkCount;
313
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]314 IdleTimerParams(int timeout, int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]315 this.timeout = timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]316 this.type = type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]317 this.networkCount = 1;
318 }
319 }
320 private HashMap<String, IdleTimerParams> mActiveIdleTimers = Maps.newHashMap();
321
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]322 private volatile boolean mBandwidthControlEnabled;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]323 private volatile boolean mFirewallEnabled;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]324 private volatile boolean mStrictEnabled;
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]325
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]326 private boolean mMobileActivityFromRadio = false;
327 private int mLastPowerStateFromRadio = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]328 private int mLastPowerStateFromWifi = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]329
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]330 private final RemoteCallbackList<INetworkActivityListener> mNetworkActivityListeners =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]331 new RemoteCallbackList<>();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]332 private boolean mNetworkActive;
333
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]334 /**
335 * Constructs a new NetworkManagementService instance
336 *
337 * @param context Binder context for this service
338 */
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]339 private NetworkManagementService(
340 Context context, String socket, SystemServices services) {
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]341 mContext = context;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]342 mServices = services;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]343
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]344 // make sure this is on the same looper as our NativeDaemonConnector for sync purposes
345 mFgHandler = new Handler(FgThread.get().getLooper());
346
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]347 // Don't need this wake lock, since we now have a time stamp for when
348 // the network actually went inactive. (It might be nice to still do this,
349 // but I don't want to do it through the power manager because that pollutes the
350 // battery stats history with pointless noise.)
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]351 //PowerManager pm = (PowerManager)context.getSystemService(Context.POWER_SERVICE);
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]352 PowerManager.WakeLock wl = null; //pm.newWakeLock(PowerManager.PARTIAL_WAKE_LOCK, NETD_TAG);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]353
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]354 mConnector = new NativeDaemonConnector(
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]355 new NetdCallbackReceiver(), socket, 10, NETD_TAG, 160, wl,
356 FgThread.get().getLooper());
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]357 mThread = new Thread(mConnector, NETD_TAG);
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]358
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]359 mDaemonHandler = new Handler(FgThread.get().getLooper());
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]360
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]361 // Add ourself to the Watchdog monitors.
362 Watchdog.getInstance().addMonitor(this);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]363
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]364 mServices.registerLocalService(new LocalService());
Lorenzo Colitti8228eb32017-07-19 06:17:33 +0900[diff] [blame]365
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]366 synchronized (mTetheringStatsProviders) {
367 mTetheringStatsProviders.put(new NetdTetheringStatsProvider(), "netd");
368 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]369 }
370
371 @VisibleForTesting
372 NetworkManagementService() {
373 mConnector = null;
374 mContext = null;
375 mDaemonHandler = null;
376 mFgHandler = null;
377 mThread = null;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]378 mServices = null;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]379 }
380
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]381 static NetworkManagementService create(Context context, String socket, SystemServices services)
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]382 throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]383 final NetworkManagementService service =
384 new NetworkManagementService(context, socket, services);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]385 final CountDownLatch connectedSignal = service.mConnectedSignal;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]386 if (DBG) Slog.d(TAG, "Creating NetworkManagementService");
387 service.mThread.start();
388 if (DBG) Slog.d(TAG, "Awaiting socket connection");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]389 connectedSignal.await();
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]390 if (DBG) Slog.d(TAG, "Connected");
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]391 if (DBG) Slog.d(TAG, "Connecting native netd service");
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]392 service.connectNativeNetdService();
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]393 if (DBG) Slog.d(TAG, "Connected");
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]394 return service;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]395 }
396
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]397 public static NetworkManagementService create(Context context) throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]398 return create(context, NETD_SERVICE_NAME, new SystemServices());
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]399 }
400
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]401 public void systemReady() {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]402 if (DBG) {
403 final long start = System.currentTimeMillis();
404 prepareNativeDaemon();
405 final long delta = System.currentTimeMillis() - start;
406 Slog.d(TAG, "Prepared in " + delta + "ms");
407 return;
408 } else {
409 prepareNativeDaemon();
410 }
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]411 }
412
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]413 private IBatteryStats getBatteryStats() {
414 synchronized (this) {
415 if (mBatteryStats != null) {
416 return mBatteryStats;
417 }
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]418 mBatteryStats =
419 IBatteryStats.Stub.asInterface(mServices.getService(BatteryStats.SERVICE_NAME));
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]420 return mBatteryStats;
421 }
422 }
423
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]424 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]425 public void registerObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]426 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]427 mObservers.register(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]428 }
429
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]430 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]431 public void unregisterObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]432 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]433 mObservers.unregister(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]434 }
435
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]436 @FunctionalInterface
437 private interface NetworkManagementEventCallback {
438 public void sendCallback(INetworkManagementEventObserver o) throws RemoteException;
439 }
440
441 private void invokeForAllObservers(NetworkManagementEventCallback eventCallback) {
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]442 final int length = mObservers.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]443 try {
444 for (int i = 0; i < length; i++) {
445 try {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]446 eventCallback.sendCallback(mObservers.getBroadcastItem(i));
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]447 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]448 }
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]449 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]450 } finally {
451 mObservers.finishBroadcast();
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]452 }
453 }
454
455 /**
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]456 * Notify our observers of an interface status change
457 */
458 private void notifyInterfaceStatusChanged(String iface, boolean up) {
459 invokeForAllObservers(o -> o.interfaceStatusChanged(iface, up));
460 }
461
462 /**
Mike J. Chenf59c7d02011-06-23 15:33:15 -0700[diff] [blame]463 * Notify our observers of an interface link state change
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]464 * (typically, an Ethernet cable has been plugged-in or unplugged).
465 */
466 private void notifyInterfaceLinkStateChanged(String iface, boolean up) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]467 invokeForAllObservers(o -> o.interfaceLinkStateChanged(iface, up));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]468 }
469
470 /**
471 * Notify our observers of an interface addition.
472 */
473 private void notifyInterfaceAdded(String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]474 invokeForAllObservers(o -> o.interfaceAdded(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]475 }
476
477 /**
478 * Notify our observers of an interface removal.
479 */
480 private void notifyInterfaceRemoved(String iface) {
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]481 // netd already clears out quota and alerts for removed ifaces; update
482 // our sanity-checking state.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]483 mActiveAlerts.remove(iface);
484 mActiveQuotas.remove(iface);
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]485
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]486 invokeForAllObservers(o -> o.interfaceRemoved(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]487 }
488
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]489 /**
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]490 * Notify our observers of a limit reached.
491 */
492 private void notifyLimitReached(String limitName, String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]493 invokeForAllObservers(o -> o.limitReached(limitName, iface));
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]494 }
495
496 /**
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]497 * Notify our observers of a change in the data activity state of the interface
498 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]499 private void notifyInterfaceClassActivity(int type, int powerState, long tsNanos,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]500 int uid, boolean fromRadio) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]501 final boolean isMobile = ConnectivityManager.isNetworkTypeMobile(type);
502 if (isMobile) {
503 if (!fromRadio) {
504 if (mMobileActivityFromRadio) {
505 // If this call is not coming from a report from the radio itself, but we
506 // have previously received reports from the radio, then we will take the
507 // power state to just be whatever the radio last reported.
508 powerState = mLastPowerStateFromRadio;
509 }
510 } else {
511 mMobileActivityFromRadio = true;
512 }
513 if (mLastPowerStateFromRadio != powerState) {
514 mLastPowerStateFromRadio = powerState;
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]515 try {
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]516 getBatteryStats().noteMobileRadioPowerState(powerState, tsNanos, uid);
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]517 } catch (RemoteException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]518 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]519 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]520 }
521
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]522 if (ConnectivityManager.isNetworkTypeWifi(type)) {
523 if (mLastPowerStateFromWifi != powerState) {
524 mLastPowerStateFromWifi = powerState;
525 try {
Adam Lesinski5f056f62016-07-14 16:56:08 -0700[diff] [blame]526 getBatteryStats().noteWifiRadioPowerState(powerState, tsNanos, uid);
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]527 } catch (RemoteException e) {
528 }
529 }
530 }
531
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]532 boolean isActive = powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_MEDIUM
533 || powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH;
534
535 if (!isMobile || fromRadio || !mMobileActivityFromRadio) {
536 // Report the change in data activity. We don't do this if this is a change
537 // on the mobile network, that is not coming from the radio itself, and we
538 // have previously seen change reports from the radio. In that case only
539 // the radio is the authority for the current state.
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]540 final boolean active = isActive;
541 invokeForAllObservers(o -> o.interfaceClassDataActivityChanged(
542 Integer.toString(type), active, tsNanos));
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]543 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]544
545 boolean report = false;
546 synchronized (mIdleTimerLock) {
547 if (mActiveIdleTimers.isEmpty()) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]548 // If there are no idle timers, we are not monitoring activity, so we
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]549 // are always considered active.
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]550 isActive = true;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]551 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]552 if (mNetworkActive != isActive) {
553 mNetworkActive = isActive;
554 report = isActive;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]555 }
556 }
557 if (report) {
558 reportNetworkActive();
559 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]560 }
561
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]562 @Override
563 public void registerTetheringStatsProvider(ITetheringStatsProvider provider, String name) {
564 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
565 Preconditions.checkNotNull(provider);
566 synchronized(mTetheringStatsProviders) {
567 mTetheringStatsProviders.put(provider, name);
568 }
569 }
570
571 @Override
572 public void unregisterTetheringStatsProvider(ITetheringStatsProvider provider) {
573 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
574 synchronized(mTetheringStatsProviders) {
575 mTetheringStatsProviders.remove(provider);
576 }
577 }
578
Lorenzo Colitti9f0baa92017-08-15 19:25:51 +0900[diff] [blame]579 @Override
580 public void tetherLimitReached(ITetheringStatsProvider provider) {
581 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
582 synchronized(mTetheringStatsProviders) {
583 if (!mTetheringStatsProviders.containsKey(provider)) {
584 return;
585 }
586 // No current code examines the interface parameter in a global alert. Just pass null.
587 notifyLimitReached(LIMIT_GLOBAL_ALERT, null);
588 }
589 }
590
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]591 // Sync the state of the given chain with the native daemon.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]592 private void syncFirewallChainLocked(int chain, String name) {
593 SparseIntArray rules;
594 synchronized (mRulesLock) {
595 final SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]596 // Make a copy of the current rules, and then clear them. This is because
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]597 // setFirewallUidRuleInternal only pushes down rules to the native daemon if they
598 // are different from the current rules stored in the mUidFirewall*Rules array for
599 // the specified chain. If we don't clear the rules, setFirewallUidRuleInternal
600 // will do nothing.
601 rules = uidFirewallRules.clone();
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]602 uidFirewallRules.clear();
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]603 }
604 if (rules.size() > 0) {
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]605 // Now push the rules. setFirewallUidRuleInternal will push each of these down to the
606 // native daemon, and also add them to the mUidFirewall*Rules array for the specified
607 // chain.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]608 if (DBG) Slog.d(TAG, "Pushing " + rules.size() + " active firewall "
609 + name + "UID rules");
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]610 for (int i = 0; i < rules.size(); i++) {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]611 setFirewallUidRuleLocked(chain, rules.keyAt(i), rules.valueAt(i));
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]612 }
613 }
614 }
615
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]616 private void connectNativeNetdService() {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]617 mNetdService = mServices.getNetd();
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]618 }
619
620 /**
621 * Prepare native daemon once connected, enabling modules and pushing any
622 * existing in-memory rules.
623 */
624 private void prepareNativeDaemon() {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]625
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]626 mBandwidthControlEnabled = false;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]627
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]628 // only enable bandwidth control when support exists
629 final boolean hasKernelSupport = new File("/proc/net/xt_qtaguid/ctrl").exists();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]630
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]631 // push any existing quota or UID rules
632 synchronized (mQuotaLock) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]633
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]634 if (hasKernelSupport) {
635 Slog.d(TAG, "enabling bandwidth control");
636 try {
637 mConnector.execute("bandwidth", "enable");
638 mBandwidthControlEnabled = true;
639 } catch (NativeDaemonConnectorException e) {
640 Log.wtf(TAG, "problem enabling bandwidth controls", e);
641 }
642 } else {
643 Slog.i(TAG, "not enabling bandwidth control");
644 }
645
646 SystemProperties.set(PROP_QTAGUID_ENABLED, mBandwidthControlEnabled ? "1" : "0");
647
648 try {
649 mConnector.execute("strict", "enable");
650 mStrictEnabled = true;
651 } catch (NativeDaemonConnectorException e) {
652 Log.wtf(TAG, "Failed strict enable", e);
653 }
654
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]655 setDataSaverModeEnabled(mDataSaverMode);
656
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]657 int size = mActiveQuotas.size();
658 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]659 if (DBG) Slog.d(TAG, "Pushing " + size + " active quota rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]660 final HashMap<String, Long> activeQuotas = mActiveQuotas;
661 mActiveQuotas = Maps.newHashMap();
662 for (Map.Entry<String, Long> entry : activeQuotas.entrySet()) {
663 setInterfaceQuota(entry.getKey(), entry.getValue());
664 }
665 }
666
667 size = mActiveAlerts.size();
668 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]669 if (DBG) Slog.d(TAG, "Pushing " + size + " active alert rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]670 final HashMap<String, Long> activeAlerts = mActiveAlerts;
671 mActiveAlerts = Maps.newHashMap();
672 for (Map.Entry<String, Long> entry : activeAlerts.entrySet()) {
673 setInterfaceAlert(entry.getKey(), entry.getValue());
674 }
675 }
676
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]677 SparseBooleanArray uidRejectOnQuota = null;
678 SparseBooleanArray uidAcceptOnQuota = null;
679 synchronized (mRulesLock) {
680 size = mUidRejectOnMetered.size();
681 if (size > 0) {
682 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered blacklist rules");
683 uidRejectOnQuota = mUidRejectOnMetered;
684 mUidRejectOnMetered = new SparseBooleanArray();
685 }
686
687 size = mUidAllowOnMetered.size();
688 if (size > 0) {
689 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered whitelist rules");
690 uidAcceptOnQuota = mUidAllowOnMetered;
691 mUidAllowOnMetered = new SparseBooleanArray();
692 }
693 }
694 if (uidRejectOnQuota != null) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]695 for (int i = 0; i < uidRejectOnQuota.size(); i++) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]696 setUidMeteredNetworkBlacklist(uidRejectOnQuota.keyAt(i),
697 uidRejectOnQuota.valueAt(i));
698 }
699 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]700 if (uidAcceptOnQuota != null) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]701 for (int i = 0; i < uidAcceptOnQuota.size(); i++) {
702 setUidMeteredNetworkWhitelist(uidAcceptOnQuota.keyAt(i),
703 uidAcceptOnQuota.valueAt(i));
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]704 }
705 }
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]706
707 size = mUidCleartextPolicy.size();
708 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]709 if (DBG) Slog.d(TAG, "Pushing " + size + " active UID cleartext policies");
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]710 final SparseIntArray local = mUidCleartextPolicy;
711 mUidCleartextPolicy = new SparseIntArray();
712 for (int i = 0; i < local.size(); i++) {
713 setUidCleartextNetworkPolicy(local.keyAt(i), local.valueAt(i));
714 }
715 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]716
Robin Leec3736bc2017-03-10 16:19:54 +0000[diff] [blame]717 setFirewallEnabled(mFirewallEnabled);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]718
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]719 syncFirewallChainLocked(FIREWALL_CHAIN_NONE, "");
720 syncFirewallChainLocked(FIREWALL_CHAIN_STANDBY, "standby ");
721 syncFirewallChainLocked(FIREWALL_CHAIN_DOZABLE, "dozable ");
722 syncFirewallChainLocked(FIREWALL_CHAIN_POWERSAVE, "powersave ");
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]723
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]724 final int[] chains =
725 {FIREWALL_CHAIN_STANDBY, FIREWALL_CHAIN_DOZABLE, FIREWALL_CHAIN_POWERSAVE};
726 for (int chain : chains) {
727 if (getFirewallChainState(chain)) {
728 setFirewallChainEnabled(chain, true);
729 }
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]730 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]731 }
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]732
733 if (mBandwidthControlEnabled) {
734 try {
735 getBatteryStats().noteNetworkStatsEnabled();
736 } catch (RemoteException e) {
737 }
738 }
739
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]740 }
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]741
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]742 /**
743 * Notify our observers of a new or updated interface address.
744 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]745 private void notifyAddressUpdated(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]746 invokeForAllObservers(o -> o.addressUpdated(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]747 }
748
749 /**
750 * Notify our observers of a deleted interface address.
751 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]752 private void notifyAddressRemoved(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]753 invokeForAllObservers(o -> o.addressRemoved(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]754 }
755
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]756 /**
757 * Notify our observers of DNS server information received.
758 */
759 private void notifyInterfaceDnsServerInfo(String iface, long lifetime, String[] addresses) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]760 invokeForAllObservers(o -> o.interfaceDnsServerInfo(iface, lifetime, addresses));
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]761 }
762
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]763 /**
764 * Notify our observers of a route change.
765 */
766 private void notifyRouteChange(String action, RouteInfo route) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]767 if (action.equals("updated")) {
768 invokeForAllObservers(o -> o.routeUpdated(route));
769 } else {
770 invokeForAllObservers(o -> o.routeRemoved(route));
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]771 }
772 }
773
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]774 //
775 // Netd Callback handling
776 //
777
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]778 private class NetdCallbackReceiver implements INativeDaemonConnectorCallbacks {
779 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]780 public void onDaemonConnected() {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]781 Slog.i(TAG, "onDaemonConnected()");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]782 // event is dispatched from internal NDC thread, so we prepare the
783 // daemon back on main thread.
784 if (mConnectedSignal != null) {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]785 // The system is booting and we're connecting to netd for the first time.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]786 mConnectedSignal.countDown();
787 mConnectedSignal = null;
788 } else {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]789 // We're reconnecting to netd after the socket connection
790 // was interrupted (e.g., if it crashed).
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]791 mFgHandler.post(new Runnable() {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]792 @Override
793 public void run() {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]794 connectNativeNetdService();
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]795 prepareNativeDaemon();
796 }
797 });
798 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]799 }
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]800
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]801 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]802 public boolean onCheckHoldWakeLock(int code) {
803 return code == NetdResponseCode.InterfaceClassActivity;
804 }
805
806 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]807 public boolean onEvent(int code, String raw, String[] cooked) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]808 String errorMessage = String.format("Invalid event from daemon (%s)", raw);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]809 switch (code) {
810 case NetdResponseCode.InterfaceChange:
811 /*
812 * a network interface change occured
813 * Format: "NNN Iface added <name>"
814 * "NNN Iface removed <name>"
815 * "NNN Iface changed <name> <up/down>"
816 * "NNN Iface linkstatus <name> <up/down>"
817 */
818 if (cooked.length < 4 || !cooked[1].equals("Iface")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]819 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]820 }
821 if (cooked[2].equals("added")) {
822 notifyInterfaceAdded(cooked[3]);
823 return true;
824 } else if (cooked[2].equals("removed")) {
825 notifyInterfaceRemoved(cooked[3]);
826 return true;
827 } else if (cooked[2].equals("changed") && cooked.length == 5) {
828 notifyInterfaceStatusChanged(cooked[3], cooked[4].equals("up"));
829 return true;
830 } else if (cooked[2].equals("linkstate") && cooked.length == 5) {
831 notifyInterfaceLinkStateChanged(cooked[3], cooked[4].equals("up"));
832 return true;
833 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]834 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]835 // break;
836 case NetdResponseCode.BandwidthControl:
837 /*
838 * Bandwidth control needs some attention
839 * Format: "NNN limit alert <alertName> <ifaceName>"
840 */
841 if (cooked.length < 5 || !cooked[1].equals("limit")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]842 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]843 }
844 if (cooked[2].equals("alert")) {
845 notifyLimitReached(cooked[3], cooked[4]);
846 return true;
847 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]848 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]849 // break;
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]850 case NetdResponseCode.InterfaceClassActivity:
851 /*
852 * An network interface class state changed (active/idle)
853 * Format: "NNN IfaceClass <active/idle> <label>"
854 */
855 if (cooked.length < 4 || !cooked[1].equals("IfaceClass")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]856 throw new IllegalStateException(errorMessage);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]857 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]858 long timestampNanos = 0;
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]859 int processUid = -1;
860 if (cooked.length >= 5) {
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]861 try {
862 timestampNanos = Long.parseLong(cooked[4]);
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]863 if (cooked.length == 6) {
864 processUid = Integer.parseInt(cooked[5]);
865 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]866 } catch(NumberFormatException ne) {}
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]867 } else {
868 timestampNanos = SystemClock.elapsedRealtimeNanos();
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]869 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]870 boolean isActive = cooked[2].equals("active");
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]871 notifyInterfaceClassActivity(Integer.parseInt(cooked[3]),
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]872 isActive ? DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]873 : DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
874 timestampNanos, processUid, false);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]875 return true;
876 // break;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]877 case NetdResponseCode.InterfaceAddressChange:
878 /*
879 * A network address change occurred
880 * Format: "NNN Address updated <addr> <iface> <flags> <scope>"
881 * "NNN Address removed <addr> <iface> <flags> <scope>"
882 */
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]883 if (cooked.length < 7 || !cooked[1].equals("Address")) {
884 throw new IllegalStateException(errorMessage);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]885 }
886
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]887 String iface = cooked[4];
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]888 LinkAddress address;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]889 try {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]890 int flags = Integer.parseInt(cooked[5]);
891 int scope = Integer.parseInt(cooked[6]);
892 address = new LinkAddress(cooked[3], flags, scope);
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]893 } catch(NumberFormatException e) { // Non-numeric lifetime or scope.
894 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]895 } catch(IllegalArgumentException e) { // Malformed/invalid IP address.
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]896 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]897 }
898
899 if (cooked[2].equals("updated")) {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]900 notifyAddressUpdated(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]901 } else {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]902 notifyAddressRemoved(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]903 }
904 return true;
905 // break;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]906 case NetdResponseCode.InterfaceDnsServerInfo:
907 /*
908 * Information about available DNS servers has been received.
909 * Format: "NNN DnsInfo servers <interface> <lifetime> <servers>"
910 */
911 long lifetime; // Actually a 32-bit unsigned integer.
912
913 if (cooked.length == 6 &&
914 cooked[1].equals("DnsInfo") &&
915 cooked[2].equals("servers")) {
916 try {
917 lifetime = Long.parseLong(cooked[4]);
918 } catch (NumberFormatException e) {
919 throw new IllegalStateException(errorMessage);
920 }
921 String[] servers = cooked[5].split(",");
922 notifyInterfaceDnsServerInfo(cooked[3], lifetime, servers);
923 }
924 return true;
925 // break;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]926 case NetdResponseCode.RouteChange:
927 /*
928 * A route has been updated or removed.
929 * Format: "NNN Route <updated|removed> <dst> [via <gateway] [dev <iface>]"
930 */
931 if (!cooked[1].equals("Route") || cooked.length < 6) {
932 throw new IllegalStateException(errorMessage);
933 }
934
935 String via = null;
936 String dev = null;
937 boolean valid = true;
938 for (int i = 4; (i + 1) < cooked.length && valid; i += 2) {
939 if (cooked[i].equals("dev")) {
940 if (dev == null) {
941 dev = cooked[i+1];
942 } else {
943 valid = false; // Duplicate interface.
944 }
945 } else if (cooked[i].equals("via")) {
946 if (via == null) {
947 via = cooked[i+1];
948 } else {
949 valid = false; // Duplicate gateway.
950 }
951 } else {
952 valid = false; // Unknown syntax.
953 }
954 }
955 if (valid) {
956 try {
957 // InetAddress.parseNumericAddress(null) inexplicably returns ::1.
958 InetAddress gateway = null;
959 if (via != null) gateway = InetAddress.parseNumericAddress(via);
960 RouteInfo route = new RouteInfo(new IpPrefix(cooked[3]), gateway, dev);
961 notifyRouteChange(cooked[2], route);
962 return true;
963 } catch (IllegalArgumentException e) {}
964 }
965 throw new IllegalStateException(errorMessage);
966 // break;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]967 case NetdResponseCode.StrictCleartext:
968 final int uid = Integer.parseInt(cooked[1]);
969 final byte[] firstPacket = HexDump.hexStringToByteArray(cooked[2]);
970 try {
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]971 ActivityManager.getService().notifyCleartextNetwork(uid, firstPacket);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]972 } catch (RemoteException ignored) {
973 }
974 break;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]975 default: break;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]976 }
977 return false;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]978 }
979 }
980
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]981
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]982 //
983 // INetworkManagementService members
984 //
Erik Kline4e37b702016-07-05 11:34:21 +0900[diff] [blame]985 @Override
986 public INetd getNetdService() throws RemoteException {
987 final CountDownLatch connectedSignal = mConnectedSignal;
988 if (connectedSignal != null) {
989 try {
990 connectedSignal.await();
991 } catch (InterruptedException ignored) {}
992 }
993
994 return mNetdService;
995 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]996
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]997 @Override
998 public String[] listInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]999 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1000 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1001 return NativeDaemonEvent.filterMessageList(
1002 mConnector.executeForList("interface", "list"), InterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1003 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1004 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1005 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1006 }
1007
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1008 @Override
1009 public InterfaceConfiguration getInterfaceConfig(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1010 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1011
1012 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1013 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1014 event = mConnector.execute("interface", "getcfg", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1015 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1016 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1017 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1018
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1019 event.checkCode(InterfaceGetCfgResult);
1020
1021 // Rsp: 213 xx:xx:xx:xx:xx:xx yyy.yyy.yyy.yyy zzz flag1 flag2 flag3
1022 final StringTokenizer st = new StringTokenizer(event.getMessage());
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1023
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1024 InterfaceConfiguration cfg;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1025 try {
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1026 cfg = new InterfaceConfiguration();
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1027 cfg.setHardwareAddress(st.nextToken(" "));
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1028 InetAddress addr = null;
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1029 int prefixLength = 0;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1030 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1031 addr = NetworkUtils.numericToInetAddress(st.nextToken());
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1032 } catch (IllegalArgumentException iae) {
1033 Slog.e(TAG, "Failed to parse ipaddr", iae);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1034 }
1035
1036 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1037 prefixLength = Integer.parseInt(st.nextToken());
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1038 } catch (NumberFormatException nfe) {
1039 Slog.e(TAG, "Failed to parse prefixLength", nfe);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1040 }
Robert Greenwalt04808c22010-12-13 17:01:41 -0800[diff] [blame]1041
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1042 cfg.setLinkAddress(new LinkAddress(addr, prefixLength));
1043 while (st.hasMoreTokens()) {
1044 cfg.setFlag(st.nextToken());
1045 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1046 } catch (NoSuchElementException nsee) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1047 throw new IllegalStateException("Invalid response from daemon: " + event);
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1048 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1049 return cfg;
1050 }
1051
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1052 @Override
1053 public void setInterfaceConfig(String iface, InterfaceConfiguration cfg) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1054 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1055 LinkAddress linkAddr = cfg.getLinkAddress();
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1056 if (linkAddr == null || linkAddr.getAddress() == null) {
1057 throw new IllegalStateException("Null LinkAddress given");
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1058 }
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1059
1060 final Command cmd = new Command("interface", "setcfg", iface,
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1061 linkAddr.getAddress().getHostAddress(),
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]1062 linkAddr.getPrefixLength());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1063 for (String flag : cfg.getFlags()) {
1064 cmd.appendArg(flag);
1065 }
1066
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1067 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1068 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1069 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1070 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1071 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1072 }
1073
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1074 @Override
1075 public void setInterfaceDown(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1076 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1077 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1078 ifcg.setInterfaceDown();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1079 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1080 }
1081
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1082 @Override
1083 public void setInterfaceUp(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1084 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1085 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1086 ifcg.setInterfaceUp();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1087 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1088 }
1089
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1090 @Override
1091 public void setInterfaceIpv6PrivacyExtensions(String iface, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1092 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1093 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1094 mConnector.execute(
1095 "interface", "ipv6privacyextensions", iface, enable ? "enable" : "disable");
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1096 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1097 throw e.rethrowAsParcelableException();
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1098 }
1099 }
1100
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1101 /* TODO: This is right now a IPv4 only function. Works for wifi which loses its
1102 IPv6 addresses on interface down, but we need to do full clean up here */
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1103 @Override
1104 public void clearInterfaceAddresses(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1105 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1106 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1107 mConnector.execute("interface", "clearaddrs", iface);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1108 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1109 throw e.rethrowAsParcelableException();
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1110 }
1111 }
1112
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1113 @Override
1114 public void enableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1115 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1116 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1117 mConnector.execute("interface", "ipv6", iface, "enable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1118 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1119 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1120 }
1121 }
1122
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1123 @Override
Joel Scherpelz2db10742017-06-07 15:38:38 +0900[diff] [blame]1124 public void setIPv6AddrGenMode(String iface, int mode) throws ServiceSpecificException {
1125 try {
1126 mNetdService.setIPv6AddrGenMode(iface, mode);
1127 } catch (RemoteException e) {
1128 throw e.rethrowAsRuntimeException();
1129 }
1130 }
1131
1132 @Override
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1133 public void disableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1134 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1135 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1136 mConnector.execute("interface", "ipv6", iface, "disable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1137 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1138 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1139 }
1140 }
1141
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1142 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1143 public void addRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1144 modifyRoute("add", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1145 }
1146
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1147 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1148 public void removeRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1149 modifyRoute("remove", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1150 }
1151
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1152 private void modifyRoute(String action, String netId, RouteInfo route) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1153 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1154
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1155 final Command cmd = new Command("network", "route", action, netId);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1156
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1157 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1158 cmd.appendArg(route.getInterface());
Lorenzo Colitti4b0f8e62014-09-19 01:49:05 +0900[diff] [blame]1159 cmd.appendArg(route.getDestination().toString());
1160
1161 switch (route.getType()) {
1162 case RouteInfo.RTN_UNICAST:
1163 if (route.hasGateway()) {
1164 cmd.appendArg(route.getGateway().getHostAddress());
1165 }
1166 break;
1167 case RouteInfo.RTN_UNREACHABLE:
1168 cmd.appendArg("unreachable");
1169 break;
1170 case RouteInfo.RTN_THROW:
1171 cmd.appendArg("throw");
1172 break;
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]1173 }
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1174
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1175 try {
1176 mConnector.execute(cmd);
1177 } catch (NativeDaemonConnectorException e) {
1178 throw e.rethrowAsParcelableException();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1179 }
1180 }
1181
1182 private ArrayList<String> readRouteList(String filename) {
1183 FileInputStream fstream = null;
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1184 ArrayList<String> list = new ArrayList<>();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1185
1186 try {
1187 fstream = new FileInputStream(filename);
1188 DataInputStream in = new DataInputStream(fstream);
1189 BufferedReader br = new BufferedReader(new InputStreamReader(in));
1190 String s;
1191
1192 // throw away the title line
1193
1194 while (((s = br.readLine()) != null) && (s.length() != 0)) {
1195 list.add(s);
1196 }
1197 } catch (IOException ex) {
1198 // return current list, possibly empty
1199 } finally {
1200 if (fstream != null) {
1201 try {
1202 fstream.close();
1203 } catch (IOException ex) {}
1204 }
1205 }
1206
1207 return list;
1208 }
1209
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1210 @Override
sy.yun9d9b74a2013-09-02 05:24:09 +0900[diff] [blame]1211 public void setMtu(String iface, int mtu) {
1212 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1213
1214 final NativeDaemonEvent event;
1215 try {
1216 event = mConnector.execute("interface", "setmtu", iface, mtu);
1217 } catch (NativeDaemonConnectorException e) {
1218 throw e.rethrowAsParcelableException();
1219 }
1220 }
1221
1222 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1223 public void shutdown() {
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1224 // TODO: remove from aidl if nobody calls externally
1225 mContext.enforceCallingOrSelfPermission(SHUTDOWN, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1226
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]1227 Slog.i(TAG, "Shutting down");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1228 }
1229
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1230 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1231 public boolean getIpForwardingEnabled() throws IllegalStateException{
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1232 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1233
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1234 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1235 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1236 event = mConnector.execute("ipfwd", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1237 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1238 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1239 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1240
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1241 // 211 Forwarding enabled
1242 event.checkCode(IpFwdStatusResult);
1243 return event.getMessage().endsWith("enabled");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1244 }
1245
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1246 @Override
1247 public void setIpForwardingEnabled(boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1248 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1249 try {
Nilesh Poddarf3d4a582015-02-24 12:11:11 -0800[diff] [blame]1250 mConnector.execute("ipfwd", enable ? "enable" : "disable", "tethering");
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1251 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1252 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1253 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1254 }
1255
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1256 @Override
1257 public void startTethering(String[] dhcpRange) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1258 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1259 // cmd is "tether start first_start first_stop second_start second_stop ..."
1260 // an odd number of addrs will fail
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1261
1262 final Command cmd = new Command("tether", "start");
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1263 for (String d : dhcpRange) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1264 cmd.appendArg(d);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1265 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1266
1267 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1268 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1269 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1270 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1271 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1272 }
1273
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1274 @Override
1275 public void stopTethering() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1276 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1277 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1278 mConnector.execute("tether", "stop");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1279 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1280 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1281 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1282 }
1283
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1284 @Override
1285 public boolean isTetheringStarted() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1286 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1287
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1288 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1289 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1290 event = mConnector.execute("tether", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1291 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1292 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1293 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1294
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1295 // 210 Tethering services started
1296 event.checkCode(TetherStatusResult);
1297 return event.getMessage().endsWith("started");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1298 }
Matthew Xiefe19f122012-07-12 16:03:32 -0700[diff] [blame]1299
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1300 @Override
1301 public void tetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1302 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1303 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1304 mConnector.execute("tether", "interface", "add", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1305 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1306 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1307 }
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1308 List<RouteInfo> routes = new ArrayList<>();
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1309 // The RouteInfo constructor truncates the LinkAddress to a network prefix, thus making it
1310 // suitable to use as a route destination.
1311 routes.add(new RouteInfo(getInterfaceConfig(iface).getLinkAddress(), null, iface));
1312 addInterfaceToLocalNetwork(iface, routes);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1313 }
1314
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1315 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1316 public void untetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1317 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1318 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1319 mConnector.execute("tether", "interface", "remove", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1320 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1321 throw e.rethrowAsParcelableException();
Erik Kline1f4278a2016-08-16 16:46:33 +0900[diff] [blame]1322 } finally {
1323 removeInterfaceFromLocalNetwork(iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1324 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1325 }
1326
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1327 @Override
1328 public String[] listTetheredInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1329 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1330 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1331 return NativeDaemonEvent.filterMessageList(
1332 mConnector.executeForList("tether", "interface", "list"),
1333 TetherInterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1334 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1335 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1336 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1337 }
1338
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1339 @Override
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1340 public void setDnsForwarders(Network network, String[] dns) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1341 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1342
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1343 int netId = (network != null) ? network.netId : ConnectivityManager.NETID_UNSET;
1344 final Command cmd = new Command("tether", "dns", "set", netId);
1345
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1346 for (String s : dns) {
1347 cmd.appendArg(NetworkUtils.numericToInetAddress(s).getHostAddress());
1348 }
1349
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1350 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1351 mConnector.execute(cmd);
1352 } catch (NativeDaemonConnectorException e) {
1353 throw e.rethrowAsParcelableException();
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1354 }
1355 }
1356
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1357 @Override
1358 public String[] getDnsForwarders() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1359 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1360 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1361 return NativeDaemonEvent.filterMessageList(
1362 mConnector.executeForList("tether", "dns", "list"), TetherDnsFwdTgtListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1363 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1364 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1365 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1366 }
1367
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1368 private List<InterfaceAddress> excludeLinkLocal(List<InterfaceAddress> addresses) {
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1369 ArrayList<InterfaceAddress> filtered = new ArrayList<>(addresses.size());
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1370 for (InterfaceAddress ia : addresses) {
1371 if (!ia.getAddress().isLinkLocalAddress())
1372 filtered.add(ia);
1373 }
1374 return filtered;
1375 }
1376
Lorenzo Colitti35e36db2015-02-26 01:25:36 +0900[diff] [blame]1377 private void modifyInterfaceForward(boolean add, String fromIface, String toIface) {
1378 final Command cmd = new Command("ipfwd", add ? "add" : "remove", fromIface, toIface);
1379 try {
1380 mConnector.execute(cmd);
1381 } catch (NativeDaemonConnectorException e) {
1382 throw e.rethrowAsParcelableException();
1383 }
1384 }
1385
1386 @Override
1387 public void startInterfaceForwarding(String fromIface, String toIface) {
1388 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1389 modifyInterfaceForward(true, fromIface, toIface);
1390 }
1391
1392 @Override
1393 public void stopInterfaceForwarding(String fromIface, String toIface) {
1394 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1395 modifyInterfaceForward(false, fromIface, toIface);
1396 }
1397
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1398 private void modifyNat(String action, String internalInterface, String externalInterface)
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1399 throws SocketException {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1400 final Command cmd = new Command("nat", action, internalInterface, externalInterface);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1401
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1402 final NetworkInterface internalNetworkInterface = NetworkInterface.getByName(
1403 internalInterface);
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1404 if (internalNetworkInterface == null) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1405 cmd.appendArg("0");
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1406 } else {
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1407 // Don't touch link-local routes, as link-local addresses aren't routable,
1408 // kernel creates link-local routes on all interfaces automatically
1409 List<InterfaceAddress> interfaceAddresses = excludeLinkLocal(
1410 internalNetworkInterface.getInterfaceAddresses());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1411 cmd.appendArg(interfaceAddresses.size());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1412 for (InterfaceAddress ia : interfaceAddresses) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1413 InetAddress addr = NetworkUtils.getNetworkPart(
1414 ia.getAddress(), ia.getNetworkPrefixLength());
1415 cmd.appendArg(addr.getHostAddress() + "/" + ia.getNetworkPrefixLength());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1416 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1417 }
1418
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1419 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1420 mConnector.execute(cmd);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1421 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1422 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1423 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1424 }
1425
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1426 @Override
1427 public void enableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1428 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1429 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1430 modifyNat("enable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1431 } catch (SocketException e) {
1432 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1433 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1434 }
1435
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1436 @Override
1437 public void disableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1438 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1439 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1440 modifyNat("disable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1441 } catch (SocketException e) {
1442 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1443 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1444 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1445
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1446 @Override
1447 public String[] listTtys() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1448 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1449 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1450 return NativeDaemonEvent.filterMessageList(
1451 mConnector.executeForList("list_ttys"), TtyListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1452 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1453 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1454 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1455 }
1456
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1457 @Override
1458 public void attachPppd(
1459 String tty, String localAddr, String remoteAddr, String dns1Addr, String dns2Addr) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1460 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1461 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1462 mConnector.execute("pppd", "attach", tty,
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1463 NetworkUtils.numericToInetAddress(localAddr).getHostAddress(),
1464 NetworkUtils.numericToInetAddress(remoteAddr).getHostAddress(),
1465 NetworkUtils.numericToInetAddress(dns1Addr).getHostAddress(),
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1466 NetworkUtils.numericToInetAddress(dns2Addr).getHostAddress());
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1467 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1468 throw e.rethrowAsParcelableException();
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1469 }
1470 }
1471
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1472 @Override
1473 public void detachPppd(String tty) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1474 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1475 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1476 mConnector.execute("pppd", "detach", tty);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1477 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1478 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1479 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1480 }
Robert Greenwaltce1200d2010-02-18 11:25:54 -0800[diff] [blame]1481
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1482 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1483 public void addIdleTimer(String iface, int timeout, final int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1484 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1485
1486 if (DBG) Slog.d(TAG, "Adding idletimer");
1487
1488 synchronized (mIdleTimerLock) {
1489 IdleTimerParams params = mActiveIdleTimers.get(iface);
1490 if (params != null) {
1491 // the interface already has idletimer, update network count
1492 params.networkCount++;
1493 return;
1494 }
1495
1496 try {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1497 mConnector.execute("idletimer", "add", iface, Integer.toString(timeout),
1498 Integer.toString(type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1499 } catch (NativeDaemonConnectorException e) {
1500 throw e.rethrowAsParcelableException();
1501 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1502 mActiveIdleTimers.put(iface, new IdleTimerParams(timeout, type));
1503
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]1504 // Networks start up.
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1505 if (ConnectivityManager.isNetworkTypeMobile(type)) {
1506 mNetworkActive = false;
1507 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1508 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1509 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1510 notifyInterfaceClassActivity(type,
1511 DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1512 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1513 }
1514 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1515 }
1516 }
1517
1518 @Override
1519 public void removeIdleTimer(String iface) {
1520 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1521
1522 if (DBG) Slog.d(TAG, "Removing idletimer");
1523
1524 synchronized (mIdleTimerLock) {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1525 final IdleTimerParams params = mActiveIdleTimers.get(iface);
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1526 if (params == null || --(params.networkCount) > 0) {
1527 return;
1528 }
1529
1530 try {
1531 mConnector.execute("idletimer", "remove", iface,
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1532 Integer.toString(params.timeout), Integer.toString(params.type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1533 } catch (NativeDaemonConnectorException e) {
1534 throw e.rethrowAsParcelableException();
1535 }
1536 mActiveIdleTimers.remove(iface);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1537 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1538 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1539 notifyInterfaceClassActivity(params.type,
1540 DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1541 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1542 }
1543 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1544 }
1545 }
1546
1547 @Override
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1548 public NetworkStats getNetworkStatsSummaryDev() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1549 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1550 try {
1551 return mStatsFactory.readNetworkStatsSummaryDev();
1552 } catch (IOException e) {
1553 throw new IllegalStateException(e);
1554 }
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1555 }
1556
1557 @Override
1558 public NetworkStats getNetworkStatsSummaryXt() {
1559 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1560 try {
1561 return mStatsFactory.readNetworkStatsSummaryXt();
1562 } catch (IOException e) {
1563 throw new IllegalStateException(e);
1564 }
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]1565 }
1566
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1567 @Override
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]1568 public NetworkStats getNetworkStatsDetail() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1569 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1570 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1571 return mStatsFactory.readNetworkStatsDetail(UID_ALL, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1572 } catch (IOException e) {
1573 throw new IllegalStateException(e);
1574 }
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]1575 }
1576
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1577 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1578 public void setInterfaceQuota(String iface, long quotaBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1579 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1580
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1581 // silently discard when control disabled
1582 // TODO: eventually migrate to be always enabled
1583 if (!mBandwidthControlEnabled) return;
1584
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1585 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1586 if (mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1587 throw new IllegalStateException("iface " + iface + " already has quota");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1588 }
1589
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1590 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1591 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1592 mConnector.execute("bandwidth", "setiquota", iface, quotaBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1593 mActiveQuotas.put(iface, quotaBytes);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1594 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1595 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1596 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1597
1598 synchronized (mTetheringStatsProviders) {
1599 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1600 try {
1601 provider.setInterfaceQuota(iface, quotaBytes);
1602 } catch (RemoteException e) {
1603 Log.e(TAG, "Problem setting tethering data limit on provider " +
1604 mTetheringStatsProviders.get(provider) + ": " + e);
1605 }
1606 }
1607 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1608 }
1609 }
1610
1611 @Override
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1612 public void removeInterfaceQuota(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1613 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1614
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1615 // silently discard when control disabled
1616 // TODO: eventually migrate to be always enabled
1617 if (!mBandwidthControlEnabled) return;
1618
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1619 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1620 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1621 // TODO: eventually consider throwing
1622 return;
1623 }
1624
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1625 mActiveQuotas.remove(iface);
1626 mActiveAlerts.remove(iface);
Jeff Sharkey38ddeaa2011-11-08 13:04:22 -0800[diff] [blame]1627
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1628 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1629 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1630 mConnector.execute("bandwidth", "removeiquota", iface);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1631 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1632 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1633 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1634
1635 synchronized (mTetheringStatsProviders) {
1636 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1637 try {
1638 provider.setInterfaceQuota(iface, ITetheringStatsProvider.QUOTA_UNLIMITED);
1639 } catch (RemoteException e) {
1640 Log.e(TAG, "Problem removing tethering data limit on provider " +
1641 mTetheringStatsProviders.get(provider) + ": " + e);
1642 }
1643 }
1644 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1645 }
1646 }
1647
1648 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1649 public void setInterfaceAlert(String iface, long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1650 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1651
1652 // silently discard when control disabled
1653 // TODO: eventually migrate to be always enabled
1654 if (!mBandwidthControlEnabled) return;
1655
1656 // quick sanity check
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1657 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1658 throw new IllegalStateException("setting alert requires existing quota on iface");
1659 }
1660
1661 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1662 if (mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1663 throw new IllegalStateException("iface " + iface + " already has alert");
1664 }
1665
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1666 try {
1667 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1668 mConnector.execute("bandwidth", "setinterfacealert", iface, alertBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1669 mActiveAlerts.put(iface, alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1670 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1671 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1672 }
1673 }
1674 }
1675
1676 @Override
1677 public void removeInterfaceAlert(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1678 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1679
1680 // silently discard when control disabled
1681 // TODO: eventually migrate to be always enabled
1682 if (!mBandwidthControlEnabled) return;
1683
1684 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1685 if (!mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1686 // TODO: eventually consider throwing
1687 return;
1688 }
1689
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1690 try {
1691 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1692 mConnector.execute("bandwidth", "removeinterfacealert", iface);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1693 mActiveAlerts.remove(iface);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1694 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1695 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1696 }
1697 }
1698 }
1699
1700 @Override
1701 public void setGlobalAlert(long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1702 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1703
1704 // silently discard when control disabled
1705 // TODO: eventually migrate to be always enabled
1706 if (!mBandwidthControlEnabled) return;
1707
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1708 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1709 mConnector.execute("bandwidth", "setglobalalert", alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1710 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1711 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1712 }
1713 }
1714
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1715 private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1716 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1717
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1718 // silently discard when control disabled
1719 // TODO: eventually migrate to be always enabled
1720 if (!mBandwidthControlEnabled) return;
1721
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1722 final String chain = blacklist ? "naughtyapps" : "niceapps";
1723 final String suffix = enable ? "add" : "remove";
1724
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1725 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1726 boolean oldEnable;
1727 SparseBooleanArray quotaList;
1728 synchronized (mRulesLock) {
1729 quotaList = blacklist ? mUidRejectOnMetered : mUidAllowOnMetered;
1730 oldEnable = quotaList.get(uid, false);
1731 }
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1732 if (oldEnable == enable) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1733 // TODO: eventually consider throwing
1734 return;
1735 }
1736
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1737 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "inetd bandwidth");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1738 try {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1739 mConnector.execute("bandwidth", suffix + chain, uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1740 synchronized (mRulesLock) {
1741 if (enable) {
1742 quotaList.put(uid, true);
1743 } else {
1744 quotaList.delete(uid);
1745 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1746 }
1747 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1748 throw e.rethrowAsParcelableException();
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1749 } finally {
1750 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1751 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1752 }
1753 }
1754
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1755 @Override
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1756 public void setUidMeteredNetworkBlacklist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1757 setUidOnMeteredNetworkList(uid, true, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1758 }
1759
1760 @Override
1761 public void setUidMeteredNetworkWhitelist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1762 setUidOnMeteredNetworkList(uid, false, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1763 }
1764
1765 @Override
1766 public boolean setDataSaverModeEnabled(boolean enable) {
1767 if (DBG) Log.d(TAG, "setDataSaverMode: " + enable);
1768 synchronized (mQuotaLock) {
1769 if (mDataSaverMode == enable) {
1770 Log.w(TAG, "setDataSaverMode(): already " + mDataSaverMode);
1771 return true;
1772 }
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1773 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "bandwidthEnableDataSaver");
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1774 try {
1775 final boolean changed = mNetdService.bandwidthEnableDataSaver(enable);
1776 if (changed) {
1777 mDataSaverMode = enable;
1778 } else {
1779 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command silently failed");
1780 }
1781 return changed;
1782 } catch (RemoteException e) {
1783 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command failed", e);
1784 return false;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1785 } finally {
1786 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1787 }
1788 }
1789 }
1790
1791 @Override
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1792 public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges)
1793 throws ServiceSpecificException {
1794 try {
1795 mNetdService.networkRejectNonSecureVpn(add, uidRanges);
1796 } catch (ServiceSpecificException e) {
1797 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1798 + ": netd command failed", e);
1799 throw e;
1800 } catch (RemoteException e) {
1801 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1802 + ": netd command failed", e);
1803 throw e.rethrowAsRuntimeException();
1804 }
1805 }
1806
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1807 private void applyUidCleartextNetworkPolicy(int uid, int policy) {
1808 final String policyString;
1809 switch (policy) {
1810 case StrictMode.NETWORK_POLICY_ACCEPT:
1811 policyString = "accept";
1812 break;
1813 case StrictMode.NETWORK_POLICY_LOG:
1814 policyString = "log";
1815 break;
1816 case StrictMode.NETWORK_POLICY_REJECT:
1817 policyString = "reject";
1818 break;
1819 default:
1820 throw new IllegalArgumentException("Unknown policy " + policy);
1821 }
1822
1823 try {
1824 mConnector.execute("strict", "set_uid_cleartext_policy", uid, policyString);
1825 mUidCleartextPolicy.put(uid, policy);
1826 } catch (NativeDaemonConnectorException e) {
1827 throw e.rethrowAsParcelableException();
1828 }
1829 }
1830
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1831 @Override
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1832 public void setUidCleartextNetworkPolicy(int uid, int policy) {
1833 if (Binder.getCallingUid() != uid) {
1834 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1835 }
1836
1837 synchronized (mQuotaLock) {
1838 final int oldPolicy = mUidCleartextPolicy.get(uid, StrictMode.NETWORK_POLICY_ACCEPT);
1839 if (oldPolicy == policy) {
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1840 // This also ensures we won't needlessly apply an ACCEPT policy if we've just
1841 // enabled strict and the underlying iptables rules are empty.
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1842 return;
1843 }
1844
1845 if (!mStrictEnabled) {
1846 // Module isn't enabled yet; stash the requested policy away to
1847 // apply later once the daemon is connected.
1848 mUidCleartextPolicy.put(uid, policy);
1849 return;
1850 }
1851
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1852 // netd does not keep state on strict mode policies, and cannot replace a non-accept
1853 // policy without deleting it first. Rather than add state to netd, just always send
1854 // it an accept policy when switching between two non-accept policies.
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1855 // TODO: consider keeping state in netd so we can simplify this code.
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1856 if (oldPolicy != StrictMode.NETWORK_POLICY_ACCEPT &&
1857 policy != StrictMode.NETWORK_POLICY_ACCEPT) {
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1858 applyUidCleartextNetworkPolicy(uid, StrictMode.NETWORK_POLICY_ACCEPT);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1859 }
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1860
1861 applyUidCleartextNetworkPolicy(uid, policy);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1862 }
1863 }
1864
1865 @Override
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1866 public boolean isBandwidthControlEnabled() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1867 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1868 return mBandwidthControlEnabled;
1869 }
1870
1871 @Override
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1872 public NetworkStats getNetworkStatsUidDetail(int uid) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1873 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1874 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1875 return mStatsFactory.readNetworkStatsDetail(uid, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1876 } catch (IOException e) {
1877 throw new IllegalStateException(e);
1878 }
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1879 }
1880
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1881 private class NetdTetheringStatsProvider extends ITetheringStatsProvider.Stub {
1882 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1883 public NetworkStats getTetherStats(int how) {
1884 // We only need to return per-UID stats. Per-device stats are already counted by
1885 // interface counters.
1886 if (how != STATS_PER_UID) {
1887 return new NetworkStats(SystemClock.elapsedRealtime(), 0);
1888 }
1889
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1890 final PersistableBundle bundle;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1891 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1892 bundle = mNetdService.tetherGetStats();
1893 } catch (RemoteException | ServiceSpecificException e) {
1894 throw new IllegalStateException("problem parsing tethering stats: ", e);
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1895 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1896
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1897 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(),
1898 bundle.size());
1899 final NetworkStats.Entry entry = new NetworkStats.Entry();
1900
1901 for (String iface : bundle.keySet()) {
1902 long[] statsArray = bundle.getLongArray(iface);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1903 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1904 entry.iface = iface;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1905 entry.uid = UID_TETHERING;
1906 entry.set = SET_DEFAULT;
1907 entry.tag = TAG_NONE;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1908 entry.rxBytes = statsArray[INetd.TETHER_STATS_RX_BYTES];
1909 entry.rxPackets = statsArray[INetd.TETHER_STATS_RX_PACKETS];
1910 entry.txBytes = statsArray[INetd.TETHER_STATS_TX_BYTES];
1911 entry.txPackets = statsArray[INetd.TETHER_STATS_TX_PACKETS];
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1912 stats.combineValues(entry);
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1913 } catch (ArrayIndexOutOfBoundsException e) {
1914 throw new IllegalStateException("invalid tethering stats for " + iface, e);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1915 }
1916 }
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1917
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1918 return stats;
1919 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1920
1921 @Override
1922 public void setInterfaceQuota(String iface, long quotaBytes) {
1923 // Do nothing. netd is already informed of quota changes in setInterfaceQuota.
1924 }
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1925 }
1926
1927 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1928 public NetworkStats getNetworkStatsTethering(int how) {
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1929 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1930
1931 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1);
1932 synchronized (mTetheringStatsProviders) {
1933 for (ITetheringStatsProvider provider: mTetheringStatsProviders.keySet()) {
1934 try {
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1935 stats.combineAllValues(provider.getTetherStats(how));
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1936 } catch (RemoteException e) {
1937 Log.e(TAG, "Problem reading tethering stats from " +
1938 mTetheringStatsProviders.get(provider) + ": " + e);
1939 }
1940 }
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1941 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1942 return stats;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1943 }
1944
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1945 @Override
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1946 public void setDnsConfigurationForNetwork(int netId, String[] servers, String domains) {
1947 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1948
1949 ContentResolver resolver = mContext.getContentResolver();
1950
1951 int sampleValidity = Settings.Global.getInt(resolver,
1952 Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS,
1953 DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS);
1954 if (sampleValidity < 0 || sampleValidity > 65535) {
1955 Slog.w(TAG, "Invalid sampleValidity=" + sampleValidity + ", using default=" +
1956 DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS);
1957 sampleValidity = DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS;
1958 }
1959
1960 int successThreshold = Settings.Global.getInt(resolver,
1961 Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT,
1962 DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT);
1963 if (successThreshold < 0 || successThreshold > 100) {
1964 Slog.w(TAG, "Invalid successThreshold=" + successThreshold + ", using default=" +
1965 DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT);
1966 successThreshold = DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT;
1967 }
1968
1969 int minSamples = Settings.Global.getInt(resolver,
1970 Settings.Global.DNS_RESOLVER_MIN_SAMPLES, DNS_RESOLVER_DEFAULT_MIN_SAMPLES);
1971 int maxSamples = Settings.Global.getInt(resolver,
1972 Settings.Global.DNS_RESOLVER_MAX_SAMPLES, DNS_RESOLVER_DEFAULT_MAX_SAMPLES);
1973 if (minSamples < 0 || minSamples > maxSamples || maxSamples > 64) {
1974 Slog.w(TAG, "Invalid sample count (min, max)=(" + minSamples + ", " + maxSamples +
1975 "), using default=(" + DNS_RESOLVER_DEFAULT_MIN_SAMPLES + ", " +
1976 DNS_RESOLVER_DEFAULT_MAX_SAMPLES + ")");
1977 minSamples = DNS_RESOLVER_DEFAULT_MIN_SAMPLES;
1978 maxSamples = DNS_RESOLVER_DEFAULT_MAX_SAMPLES;
1979 }
1980
1981 final String[] domainStrs = domains == null ? new String[0] : domains.split(" ");
1982 final int[] params = { sampleValidity, successThreshold, minSamples, maxSamples };
Ben Schwartzbccbd002017-10-02 13:27:13 -0400[diff] [blame^]1983 final boolean useTls = Settings.Global.getInt(resolver,
1984 Settings.Global.DNS_TLS_DISABLED, 0) == 0;
Ben Schwartz6ec28df2017-10-02 13:08:06 -0400[diff] [blame]1985 final String tlsHostname = "";
1986 final String[] tlsFingerprints = new String[0];
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1987 try {
Ben Schwartz6ec28df2017-10-02 13:08:06 -0400[diff] [blame]1988 mNetdService.setResolverConfiguration(netId, servers, domainStrs, params,
1989 useTls, tlsHostname, tlsFingerprints);
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1990 } catch (RemoteException e) {
1991 throw new RuntimeException(e);
1992 }
1993 }
1994
1995 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1996 public void addVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1997 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1998 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1999 argv[0] = "users";
2000 argv[1] = "add";
2001 argv[2] = netId;
2002 int argc = 3;
2003 // Avoid overly long commands by limiting number of UID ranges per command.
2004 for (int i = 0; i < ranges.length; i++) {
2005 argv[argc++] = ranges[i].toString();
2006 if (i == (ranges.length - 1) || argc == argv.length) {
2007 try {
2008 mConnector.execute("network", Arrays.copyOf(argv, argc));
2009 } catch (NativeDaemonConnectorException e) {
2010 throw e.rethrowAsParcelableException();
2011 }
2012 argc = 3;
2013 }
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]2014 }
2015 }
2016
2017 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2018 public void removeVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]2019 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2020 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
2021 argv[0] = "users";
2022 argv[1] = "remove";
2023 argv[2] = netId;
2024 int argc = 3;
2025 // Avoid overly long commands by limiting number of UID ranges per command.
2026 for (int i = 0; i < ranges.length; i++) {
2027 argv[argc++] = ranges[i].toString();
2028 if (i == (ranges.length - 1) || argc == argv.length) {
2029 try {
2030 mConnector.execute("network", Arrays.copyOf(argv, argc));
2031 } catch (NativeDaemonConnectorException e) {
2032 throw e.rethrowAsParcelableException();
2033 }
2034 argc = 3;
2035 }
Chad Brubakercca54c42013-06-27 17:41:38 -0700[diff] [blame]2036 }
2037 }
2038
2039 @Override
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2040 public void setFirewallEnabled(boolean enabled) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2041 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2042 try {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2043 mConnector.execute("firewall", "enable", enabled ? "whitelist" : "blacklist");
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2044 mFirewallEnabled = enabled;
2045 } catch (NativeDaemonConnectorException e) {
2046 throw e.rethrowAsParcelableException();
2047 }
2048 }
2049
2050 @Override
2051 public boolean isFirewallEnabled() {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2052 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2053 return mFirewallEnabled;
2054 }
2055
2056 @Override
Jeff Sharkey2c092982012-08-24 11:44:40 -0700[diff] [blame]2057 public void setFirewallInterfaceRule(String iface, boolean allow) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2058 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2059 Preconditions.checkState(mFirewallEnabled);
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2060 final String rule = allow ? "allow" : "deny";
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2061 try {
2062 mConnector.execute("firewall", "set_interface_rule", iface, rule);
2063 } catch (NativeDaemonConnectorException e) {
2064 throw e.rethrowAsParcelableException();
2065 }
2066 }
2067
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2068 private void closeSocketsForFirewallChainLocked(int chain, String chainName) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2069 // UID ranges to close sockets on.
2070 UidRange[] ranges;
2071 // UID ranges whose sockets we won't touch.
2072 int[] exemptUids;
2073
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2074 int numUids = 0;
2075
2076 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2077 // Close all sockets on all non-system UIDs...
2078 ranges = new UidRange[] {
2079 // TODO: is there a better way of finding all existing users? If so, we could
2080 // specify their ranges here.
2081 new UidRange(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE),
2082 };
2083 // ... except for the UIDs that have allow rules.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2084 synchronized (mRulesLock) {
2085 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2086 exemptUids = new int[rules.size()];
2087 for (int i = 0; i < exemptUids.length; i++) {
2088 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2089 exemptUids[numUids] = rules.keyAt(i);
2090 numUids++;
2091 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2092 }
2093 }
2094 // Normally, whitelist chains only contain deny rules, so numUids == exemptUids.length.
2095 // But the code does not guarantee this in any way, and at least in one case - if we add
2096 // a UID rule to the firewall, and then disable the firewall - the chains can contain
2097 // the wrong type of rule. In this case, don't close connections that we shouldn't.
2098 //
2099 // TODO: tighten up this code by ensuring we never set the wrong type of rule, and
2100 // fix setFirewallEnabled to grab mQuotaLock and clear rules.
2101 if (numUids != exemptUids.length) {
2102 exemptUids = Arrays.copyOf(exemptUids, numUids);
2103 }
2104 } else {
2105 // Close sockets for every UID that has a deny rule...
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2106 synchronized (mRulesLock) {
2107 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2108 ranges = new UidRange[rules.size()];
2109 for (int i = 0; i < ranges.length; i++) {
2110 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2111 int uid = rules.keyAt(i);
2112 ranges[numUids] = new UidRange(uid, uid);
2113 numUids++;
2114 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2115 }
2116 }
2117 // As above; usually numUids == ranges.length, but not always.
2118 if (numUids != ranges.length) {
2119 ranges = Arrays.copyOf(ranges, numUids);
2120 }
2121 // ... with no exceptions.
2122 exemptUids = new int[0];
2123 }
2124
2125 try {
2126 mNetdService.socketDestroy(ranges, exemptUids);
2127 } catch(RemoteException | ServiceSpecificException e) {
2128 Slog.e(TAG, "Error closing sockets after enabling chain " + chainName + ": " + e);
2129 }
2130 }
2131
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2132 @Override
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2133 public void setFirewallChainEnabled(int chain, boolean enable) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2134 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2135 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2136 synchronized (mRulesLock) {
2137 if (getFirewallChainState(chain) == enable) {
2138 // All is the same, nothing to do. This relies on the fact that netd has child
2139 // chains default detached.
2140 return;
2141 }
2142 setFirewallChainState(chain, enable);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2143 }
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2144
2145 final String operation = enable ? "enable_chain" : "disable_chain";
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2146 final String chainName;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2147 switch(chain) {
2148 case FIREWALL_CHAIN_STANDBY:
2149 chainName = FIREWALL_CHAIN_NAME_STANDBY;
2150 break;
2151 case FIREWALL_CHAIN_DOZABLE:
2152 chainName = FIREWALL_CHAIN_NAME_DOZABLE;
2153 break;
2154 case FIREWALL_CHAIN_POWERSAVE:
2155 chainName = FIREWALL_CHAIN_NAME_POWERSAVE;
2156 break;
2157 default:
2158 throw new IllegalArgumentException("Bad child chain: " + chain);
2159 }
2160
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2161 try {
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2162 mConnector.execute("firewall", operation, chainName);
2163 } catch (NativeDaemonConnectorException e) {
2164 throw e.rethrowAsParcelableException();
2165 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2166
2167 // Close any sockets that were opened by the affected UIDs. This has to be done after
2168 // disabling network connectivity, in case they react to the socket close by reopening
2169 // the connection and race with the iptables commands that enable the firewall. All
2170 // whitelist and blacklist chains allow RSTs through.
2171 if (enable) {
2172 if (DBG) Slog.d(TAG, "Closing sockets after enabling chain " + chainName);
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2173 closeSocketsForFirewallChainLocked(chain, chainName);
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2174 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2175 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2176 }
2177
2178 private int getFirewallType(int chain) {
2179 switch (chain) {
2180 case FIREWALL_CHAIN_STANDBY:
2181 return FIREWALL_TYPE_BLACKLIST;
2182 case FIREWALL_CHAIN_DOZABLE:
2183 return FIREWALL_TYPE_WHITELIST;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2184 case FIREWALL_CHAIN_POWERSAVE:
2185 return FIREWALL_TYPE_WHITELIST;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2186 default:
2187 return isFirewallEnabled() ? FIREWALL_TYPE_WHITELIST : FIREWALL_TYPE_BLACKLIST;
2188 }
2189 }
2190
2191 @Override
2192 public void setFirewallUidRules(int chain, int[] uids, int[] rules) {
2193 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2194 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2195 synchronized (mRulesLock) {
2196 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
2197 SparseIntArray newRules = new SparseIntArray();
2198 // apply new set of rules
2199 for (int index = uids.length - 1; index >= 0; --index) {
2200 int uid = uids[index];
2201 int rule = rules[index];
2202 updateFirewallUidRuleLocked(chain, uid, rule);
2203 newRules.put(uid, rule);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2204 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2205 // collect the rules to remove.
2206 SparseIntArray rulesToRemove = new SparseIntArray();
2207 for (int index = uidFirewallRules.size() - 1; index >= 0; --index) {
2208 int uid = uidFirewallRules.keyAt(index);
2209 if (newRules.indexOfKey(uid) < 0) {
2210 rulesToRemove.put(uid, FIREWALL_RULE_DEFAULT);
2211 }
2212 }
2213 // remove dead rules
2214 for (int index = rulesToRemove.size() - 1; index >= 0; --index) {
2215 int uid = rulesToRemove.keyAt(index);
2216 updateFirewallUidRuleLocked(chain, uid, FIREWALL_RULE_DEFAULT);
2217 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2218 }
2219 try {
2220 switch (chain) {
2221 case FIREWALL_CHAIN_DOZABLE:
2222 mNetdService.firewallReplaceUidChain("fw_dozable", true, uids);
2223 break;
2224 case FIREWALL_CHAIN_STANDBY:
2225 mNetdService.firewallReplaceUidChain("fw_standby", false, uids);
2226 break;
2227 case FIREWALL_CHAIN_POWERSAVE:
2228 mNetdService.firewallReplaceUidChain("fw_powersave", true, uids);
2229 break;
2230 case FIREWALL_CHAIN_NONE:
2231 default:
2232 Slog.d(TAG, "setFirewallUidRules() called on invalid chain: " + chain);
2233 }
2234 } catch (RemoteException e) {
2235 Slog.w(TAG, "Error flushing firewall chain " + chain, e);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2236 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2237 }
2238 }
2239
2240 @Override
2241 public void setFirewallUidRule(int chain, int uid, int rule) {
2242 enforceSystemUid();
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2243 synchronized (mQuotaLock) {
2244 setFirewallUidRuleLocked(chain, uid, rule);
2245 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2246 }
2247
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2248 private void setFirewallUidRuleLocked(int chain, int uid, int rule) {
2249 if (updateFirewallUidRuleLocked(chain, uid, rule)) {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2250 try {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2251 mConnector.execute("firewall", "set_uid_rule", getFirewallChainName(chain), uid,
2252 getFirewallRuleName(chain, rule));
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2253 } catch (NativeDaemonConnectorException e) {
2254 throw e.rethrowAsParcelableException();
2255 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2256 }
2257 }
2258
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2259 // TODO: now that netd supports batching, NMS should not keep these data structures anymore...
2260 private boolean updateFirewallUidRuleLocked(int chain, int uid, int rule) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2261 synchronized (mRulesLock) {
2262 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2263
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2264 final int oldUidFirewallRule = uidFirewallRules.get(uid, FIREWALL_RULE_DEFAULT);
2265 if (DBG) {
2266 Slog.d(TAG, "oldRule = " + oldUidFirewallRule
2267 + ", newRule=" + rule + " for uid=" + uid + " on chain " + chain);
2268 }
2269 if (oldUidFirewallRule == rule) {
2270 if (DBG) Slog.d(TAG, "!!!!! Skipping change");
2271 // TODO: eventually consider throwing
2272 return false;
2273 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2274
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2275 String ruleName = getFirewallRuleName(chain, rule);
2276 String oldRuleName = getFirewallRuleName(chain, oldUidFirewallRule);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2277
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2278 if (rule == NetworkPolicyManager.FIREWALL_RULE_DEFAULT) {
2279 uidFirewallRules.delete(uid);
2280 } else {
2281 uidFirewallRules.put(uid, rule);
2282 }
2283 return !ruleName.equals(oldRuleName);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2284 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2285 }
2286
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2287 private @NonNull String getFirewallRuleName(int chain, int rule) {
2288 String ruleName;
2289 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2290 if (rule == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2291 ruleName = "allow";
2292 } else {
2293 ruleName = "deny";
2294 }
2295 } else { // Blacklist mode
2296 if (rule == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2297 ruleName = "deny";
2298 } else {
2299 ruleName = "allow";
2300 }
2301 }
2302 return ruleName;
2303 }
2304
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2305 private @NonNull SparseIntArray getUidFirewallRulesLR(int chain) {
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2306 switch (chain) {
2307 case FIREWALL_CHAIN_STANDBY:
2308 return mUidFirewallStandbyRules;
2309 case FIREWALL_CHAIN_DOZABLE:
2310 return mUidFirewallDozableRules;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2311 case FIREWALL_CHAIN_POWERSAVE:
2312 return mUidFirewallPowerSaveRules;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2313 case FIREWALL_CHAIN_NONE:
2314 return mUidFirewallRules;
2315 default:
2316 throw new IllegalArgumentException("Unknown chain:" + chain);
2317 }
2318 }
2319
2320 public @NonNull String getFirewallChainName(int chain) {
2321 switch (chain) {
2322 case FIREWALL_CHAIN_STANDBY:
2323 return FIREWALL_CHAIN_NAME_STANDBY;
2324 case FIREWALL_CHAIN_DOZABLE:
2325 return FIREWALL_CHAIN_NAME_DOZABLE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2326 case FIREWALL_CHAIN_POWERSAVE:
2327 return FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2328 case FIREWALL_CHAIN_NONE:
2329 return FIREWALL_CHAIN_NAME_NONE;
2330 default:
2331 throw new IllegalArgumentException("Unknown chain:" + chain);
2332 }
2333 }
2334
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2335 private static void enforceSystemUid() {
2336 final int uid = Binder.getCallingUid();
2337 if (uid != Process.SYSTEM_UID) {
2338 throw new SecurityException("Only available to AID_SYSTEM");
2339 }
2340 }
2341
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2342 @Override
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2343 public void startClatd(String interfaceName) throws IllegalStateException {
2344 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2345
2346 try {
2347 mConnector.execute("clatd", "start", interfaceName);
2348 } catch (NativeDaemonConnectorException e) {
2349 throw e.rethrowAsParcelableException();
2350 }
2351 }
2352
2353 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2354 public void stopClatd(String interfaceName) throws IllegalStateException {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2355 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2356
2357 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2358 mConnector.execute("clatd", "stop", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2359 } catch (NativeDaemonConnectorException e) {
2360 throw e.rethrowAsParcelableException();
2361 }
2362 }
2363
2364 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2365 public boolean isClatdStarted(String interfaceName) {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2366 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2367
2368 final NativeDaemonEvent event;
2369 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2370 event = mConnector.execute("clatd", "status", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2371 } catch (NativeDaemonConnectorException e) {
2372 throw e.rethrowAsParcelableException();
2373 }
2374
2375 event.checkCode(ClatdStatusResult);
2376 return event.getMessage().endsWith("started");
2377 }
2378
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2379 @Override
2380 public void registerNetworkActivityListener(INetworkActivityListener listener) {
2381 mNetworkActivityListeners.register(listener);
2382 }
2383
2384 @Override
2385 public void unregisterNetworkActivityListener(INetworkActivityListener listener) {
2386 mNetworkActivityListeners.unregister(listener);
2387 }
2388
2389 @Override
2390 public boolean isNetworkActive() {
2391 synchronized (mNetworkActivityListeners) {
2392 return mNetworkActive || mActiveIdleTimers.isEmpty();
2393 }
2394 }
2395
2396 private void reportNetworkActive() {
2397 final int length = mNetworkActivityListeners.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2398 try {
2399 for (int i = 0; i < length; i++) {
2400 try {
2401 mNetworkActivityListeners.getBroadcastItem(i).onNetworkActive();
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]2402 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2403 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2404 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2405 } finally {
2406 mNetworkActivityListeners.finishBroadcast();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2407 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2408 }
2409
Mattias Falk8b47b362011-08-23 14:15:13 +0200[diff] [blame]2410 /** {@inheritDoc} */
Jeff Sharkey7b4596f2013-02-25 10:55:29 -0800[diff] [blame]2411 @Override
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]2412 public void monitor() {
2413 if (mConnector != null) {
2414 mConnector.monitor();
2415 }
2416 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2417
2418 @Override
2419 protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]2420 if (!DumpUtils.checkDumpPermission(mContext, TAG, pw)) return;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2421
Robert Greenwalt470fd722012-01-18 12:51:15 -0800[diff] [blame]2422 pw.println("NetworkManagementService NativeDaemonConnector Log:");
2423 mConnector.dump(fd, pw, args);
2424 pw.println();
2425
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2426 pw.print("Bandwidth control enabled: "); pw.println(mBandwidthControlEnabled);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]2427 pw.print("mMobileActivityFromRadio="); pw.print(mMobileActivityFromRadio);
2428 pw.print(" mLastPowerStateFromRadio="); pw.println(mLastPowerStateFromRadio);
2429 pw.print("mNetworkActive="); pw.println(mNetworkActive);
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2430
2431 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]2432 pw.print("Active quota ifaces: "); pw.println(mActiveQuotas.toString());
2433 pw.print("Active alert ifaces: "); pw.println(mActiveAlerts.toString());
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2434 pw.print("Data saver mode: "); pw.println(mDataSaverMode);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2435 synchronized (mRulesLock) {
2436 dumpUidRuleOnQuotaLocked(pw, "blacklist", mUidRejectOnMetered);
2437 dumpUidRuleOnQuotaLocked(pw, "whitelist", mUidAllowOnMetered);
2438 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2439 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2440
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2441 synchronized (mRulesLock) {
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2442 dumpUidFirewallRule(pw, "", mUidFirewallRules);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2443
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2444 pw.print("UID firewall standby chain enabled: "); pw.println(
2445 getFirewallChainState(FIREWALL_CHAIN_STANDBY));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2446 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_STANDBY, mUidFirewallStandbyRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2447
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2448 pw.print("UID firewall dozable chain enabled: "); pw.println(
2449 getFirewallChainState(FIREWALL_CHAIN_DOZABLE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2450 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_DOZABLE, mUidFirewallDozableRules);
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2451
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2452 pw.println("UID firewall powersave chain enabled: " +
2453 getFirewallChainState(FIREWALL_CHAIN_POWERSAVE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2454 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_POWERSAVE, mUidFirewallPowerSaveRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2455 }
2456
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2457 synchronized (mIdleTimerLock) {
2458 pw.println("Idle timers:");
2459 for (HashMap.Entry<String, IdleTimerParams> ent : mActiveIdleTimers.entrySet()) {
2460 pw.print(" "); pw.print(ent.getKey()); pw.println(":");
2461 IdleTimerParams params = ent.getValue();
2462 pw.print(" timeout="); pw.print(params.timeout);
2463 pw.print(" type="); pw.print(params.type);
2464 pw.print(" networkCount="); pw.println(params.networkCount);
2465 }
2466 }
2467
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2468 pw.print("Firewall enabled: "); pw.println(mFirewallEnabled);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2469 pw.print("Netd service status: " );
2470 if (mNetdService == null) {
2471 pw.println("disconnected");
2472 } else {
2473 try {
2474 final boolean alive = mNetdService.isAlive();
2475 pw.println(alive ? "alive": "dead");
2476 } catch (RemoteException e) {
2477 pw.println("unreachable");
2478 }
2479 }
2480 }
2481
2482 private void dumpUidRuleOnQuotaLocked(PrintWriter pw, String name, SparseBooleanArray list) {
2483 pw.print("UID bandwith control ");
2484 pw.print(name);
2485 pw.print(" rule: [");
2486 final int size = list.size();
2487 for (int i = 0; i < size; i++) {
2488 pw.print(list.keyAt(i));
2489 if (i < size - 1) pw.print(",");
2490 }
2491 pw.println("]");
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2492 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2493
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2494 private void dumpUidFirewallRule(PrintWriter pw, String name, SparseIntArray rules) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2495 pw.print("UID firewall ");
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2496 pw.print(name);
2497 pw.print(" rule: [");
2498 final int size = rules.size();
2499 for (int i = 0; i < size; i++) {
2500 pw.print(rules.keyAt(i));
2501 pw.print(":");
2502 pw.print(rules.valueAt(i));
2503 if (i < size - 1) pw.print(",");
2504 }
2505 pw.println("]");
2506 }
2507
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2508 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2509 public void createPhysicalNetwork(int netId, String permission) {
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2510 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2511
2512 try {
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2513 if (permission != null) {
2514 mConnector.execute("network", "create", netId, permission);
2515 } else {
2516 mConnector.execute("network", "create", netId);
2517 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2518 } catch (NativeDaemonConnectorException e) {
2519 throw e.rethrowAsParcelableException();
2520 }
2521 }
2522
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2523 @Override
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2524 public void createVirtualNetwork(int netId, boolean hasDNS, boolean secure) {
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2525 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2526
2527 try {
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2528 mConnector.execute("network", "create", netId, "vpn", hasDNS ? "1" : "0",
2529 secure ? "1" : "0");
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2530 } catch (NativeDaemonConnectorException e) {
2531 throw e.rethrowAsParcelableException();
2532 }
2533 }
2534
2535 @Override
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2536 public void removeNetwork(int netId) {
2537 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2538
2539 try {
2540 mConnector.execute("network", "destroy", netId);
2541 } catch (NativeDaemonConnectorException e) {
2542 throw e.rethrowAsParcelableException();
2543 }
2544 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2545
2546 @Override
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2547 public void addInterfaceToNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2548 modifyInterfaceInNetwork("add", "" + netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2549 }
2550
2551 @Override
2552 public void removeInterfaceFromNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2553 modifyInterfaceInNetwork("remove", "" + netId, iface);
2554 }
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2555
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2556 private void modifyInterfaceInNetwork(String action, String netId, String iface) {
2557 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2558 try {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2559 mConnector.execute("network", "interface", action, netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2560 } catch (NativeDaemonConnectorException e) {
2561 throw e.rethrowAsParcelableException();
2562 }
2563 }
2564
2565 @Override
Robert Greenwalt913c8952014-04-07 17:36:35 -0700[diff] [blame]2566 public void addLegacyRouteForNetId(int netId, RouteInfo routeInfo, int uid) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2567 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2568
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]2569 final Command cmd = new Command("network", "route", "legacy", uid, "add", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2570
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2571 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandrancc91c7b2014-06-03 18:41:43 -0700[diff] [blame]2572 final LinkAddress la = routeInfo.getDestinationLinkAddress();
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2573 cmd.appendArg(routeInfo.getInterface());
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]2574 cmd.appendArg(la.getAddress().getHostAddress() + "/" + la.getPrefixLength());
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2575 if (routeInfo.hasGateway()) {
2576 cmd.appendArg(routeInfo.getGateway().getHostAddress());
2577 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2578
2579 try {
2580 mConnector.execute(cmd);
2581 } catch (NativeDaemonConnectorException e) {
2582 throw e.rethrowAsParcelableException();
2583 }
2584 }
2585
2586 @Override
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2587 public void setDefaultNetId(int netId) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2588 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2589
2590 try {
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2591 mConnector.execute("network", "default", "set", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2592 } catch (NativeDaemonConnectorException e) {
2593 throw e.rethrowAsParcelableException();
2594 }
2595 }
2596
2597 @Override
2598 public void clearDefaultNetId() {
2599 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2600
2601 try {
2602 mConnector.execute("network", "default", "clear");
2603 } catch (NativeDaemonConnectorException e) {
2604 throw e.rethrowAsParcelableException();
2605 }
2606 }
2607
2608 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2609 public void setNetworkPermission(int netId, String permission) {
2610 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2611
2612 try {
2613 if (permission != null) {
2614 mConnector.execute("network", "permission", "network", "set", permission, netId);
2615 } else {
2616 mConnector.execute("network", "permission", "network", "clear", netId);
2617 }
2618 } catch (NativeDaemonConnectorException e) {
2619 throw e.rethrowAsParcelableException();
2620 }
2621 }
2622
2623
2624 @Override
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2625 public void setPermission(String permission, int[] uids) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2626 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2627
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2628 Object[] argv = new Object[4 + MAX_UID_RANGES_PER_COMMAND];
2629 argv[0] = "permission";
2630 argv[1] = "user";
2631 argv[2] = "set";
2632 argv[3] = permission;
2633 int argc = 4;
2634 // Avoid overly long commands by limiting number of UIDs per command.
2635 for (int i = 0; i < uids.length; ++i) {
2636 argv[argc++] = uids[i];
2637 if (i == uids.length - 1 || argc == argv.length) {
2638 try {
2639 mConnector.execute("network", Arrays.copyOf(argv, argc));
2640 } catch (NativeDaemonConnectorException e) {
2641 throw e.rethrowAsParcelableException();
2642 }
2643 argc = 4;
2644 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2645 }
2646 }
2647
2648 @Override
2649 public void clearPermission(int[] uids) {
2650 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2651
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2652 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
2653 argv[0] = "permission";
2654 argv[1] = "user";
2655 argv[2] = "clear";
2656 int argc = 3;
2657 // Avoid overly long commands by limiting number of UIDs per command.
2658 for (int i = 0; i < uids.length; ++i) {
2659 argv[argc++] = uids[i];
2660 if (i == uids.length - 1 || argc == argv.length) {
2661 try {
2662 mConnector.execute("network", Arrays.copyOf(argv, argc));
2663 } catch (NativeDaemonConnectorException e) {
2664 throw e.rethrowAsParcelableException();
2665 }
2666 argc = 3;
2667 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2668 }
2669 }
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2670
2671 @Override
2672 public void allowProtect(int uid) {
2673 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2674
2675 try {
2676 mConnector.execute("network", "protect", "allow", uid);
2677 } catch (NativeDaemonConnectorException e) {
2678 throw e.rethrowAsParcelableException();
2679 }
2680 }
2681
2682 @Override
2683 public void denyProtect(int uid) {
2684 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2685
2686 try {
2687 mConnector.execute("network", "protect", "deny", uid);
2688 } catch (NativeDaemonConnectorException e) {
2689 throw e.rethrowAsParcelableException();
2690 }
2691 }
2692
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2693 @Override
2694 public void addInterfaceToLocalNetwork(String iface, List<RouteInfo> routes) {
2695 modifyInterfaceInNetwork("add", "local", iface);
2696
2697 for (RouteInfo route : routes) {
2698 if (!route.isDefaultRoute()) {
2699 modifyRoute("add", "local", route);
2700 }
2701 }
2702 }
2703
2704 @Override
2705 public void removeInterfaceFromLocalNetwork(String iface) {
2706 modifyInterfaceInNetwork("remove", "local", iface);
2707 }
Erik Kline6599ee82016-07-17 21:28:39 +0900[diff] [blame]2708
2709 @Override
2710 public int removeRoutesFromLocalNetwork(List<RouteInfo> routes) {
2711 int failures = 0;
2712
2713 for (RouteInfo route : routes) {
2714 try {
2715 modifyRoute("remove", "local", route);
2716 } catch (IllegalStateException e) {
2717 failures++;
2718 }
2719 }
2720
2721 return failures;
2722 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2723
2724 private void setFirewallChainState(int chain, boolean state) {
2725 synchronized (mRulesLock) {
2726 mFirewallChainStates.put(chain, state);
2727 }
2728 }
2729
2730 private boolean getFirewallChainState(int chain) {
2731 synchronized (mRulesLock) {
2732 return mFirewallChainStates.get(chain);
2733 }
2734 }
2735
2736 @VisibleForTesting
2737 class LocalService extends NetworkManagementInternal {
2738 @Override
2739 public boolean isNetworkRestrictedForUid(int uid) {
2740 synchronized (mRulesLock) {
2741 if (getFirewallChainState(FIREWALL_CHAIN_STANDBY)
2742 && mUidFirewallStandbyRules.get(uid) == FIREWALL_RULE_DENY) {
2743 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of app standby mode");
2744 return true;
2745 }
2746 if (getFirewallChainState(FIREWALL_CHAIN_DOZABLE)
2747 && mUidFirewallDozableRules.get(uid) != FIREWALL_RULE_ALLOW) {
2748 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of device idle mode");
2749 return true;
2750 }
2751 if (getFirewallChainState(FIREWALL_CHAIN_POWERSAVE)
2752 && mUidFirewallPowerSaveRules.get(uid) != FIREWALL_RULE_ALLOW) {
2753 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of power saver mode");
2754 return true;
2755 }
2756 if (mUidRejectOnMetered.get(uid)) {
2757 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of no metered data"
2758 + " in the background");
2759 return true;
2760 }
2761 if (mDataSaverMode && !mUidAllowOnMetered.get(uid)) {
2762 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of data saver mode");
2763 return true;
2764 }
2765 return false;
2766 }
2767 }
2768 }
2769
2770 @VisibleForTesting
2771 Injector getInjector() {
2772 return new Injector();
2773 }
2774
2775 @VisibleForTesting
2776 class Injector {
2777 void setDataSaverMode(boolean dataSaverMode) {
2778 mDataSaverMode = dataSaverMode;
2779 }
2780
2781 void setFirewallChainState(int chain, boolean state) {
2782 NetworkManagementService.this.setFirewallChainState(chain, state);
2783 }
2784
2785 void setFirewallRule(int chain, int uid, int rule) {
2786 synchronized (mRulesLock) {
2787 getUidFirewallRulesLR(chain).put(uid, rule);
2788 }
2789 }
2790
2791 void setUidOnMeteredNetworkList(boolean blacklist, int uid, boolean enable) {
2792 synchronized (mRulesLock) {
2793 if (blacklist) {
2794 mUidRejectOnMetered.put(uid, enable);
2795 } else {
2796 mUidAllowOnMetered.put(uid, enable);
2797 }
2798 }
2799 }
2800
2801 void reset() {
2802 synchronized (mRulesLock) {
2803 setDataSaverMode(false);
2804 final int[] chains = {
2805 FIREWALL_CHAIN_DOZABLE,
2806 FIREWALL_CHAIN_STANDBY,
2807 FIREWALL_CHAIN_POWERSAVE
2808 };
2809 for (int chain : chains) {
2810 setFirewallChainState(chain, false);
2811 getUidFirewallRulesLR(chain).clear();
2812 }
2813 mUidAllowOnMetered.clear();
2814 mUidRejectOnMetered.clear();
2815 }
2816 }
2817 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]2818}