Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / d66cf56ba662f10f2da1d0f844116632ad0a0dbb / . / services / core / java / com / android / server / NetworkManagementService.java
blob: 901e1e7c424df97500b6a624246a04b7c4785645 [file] [log] [blame]
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1/*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server;
18
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]19import static android.Manifest.permission.CONNECTIVITY_INTERNAL;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]20import static android.Manifest.permission.DUMP;
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]21import static android.Manifest.permission.NETWORK_STACK;
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]22import static android.Manifest.permission.SHUTDOWN;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]23import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE;
24import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE;
25import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]26import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]27import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_STANDBY;
28import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]29import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]30import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_STANDBY;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]31import static android.net.NetworkPolicyManager.FIREWALL_RULE_ALLOW;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]32import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]33import static android.net.NetworkPolicyManager.FIREWALL_RULE_DENY;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]34import static android.net.NetworkPolicyManager.FIREWALL_TYPE_BLACKLIST;
35import static android.net.NetworkPolicyManager.FIREWALL_TYPE_WHITELIST;
Jeff Sharkeyb5d55e32011-08-10 17:53:27 -0700[diff] [blame]36import static android.net.NetworkStats.SET_DEFAULT;
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]37import static android.net.NetworkStats.TAG_ALL;
Jeff Sharkey1b5a2a92011-06-18 18:34:16 -0700[diff] [blame]38import static android.net.NetworkStats.TAG_NONE;
39import static android.net.NetworkStats.UID_ALL;
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]40import static android.net.TrafficStats.UID_TETHERING;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]41import static com.android.server.NetworkManagementService.NetdResponseCode.ClatdStatusResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]42import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceGetCfgResult;
43import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]44import static com.android.server.NetworkManagementService.NetdResponseCode.IpFwdStatusResult;
45import static com.android.server.NetworkManagementService.NetdResponseCode.TetherDnsFwdTgtListResult;
46import static com.android.server.NetworkManagementService.NetdResponseCode.TetherInterfaceListResult;
47import static com.android.server.NetworkManagementService.NetdResponseCode.TetherStatusResult;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]48import static com.android.server.NetworkManagementService.NetdResponseCode.TetheringStatsListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]49import static com.android.server.NetworkManagementService.NetdResponseCode.TtyListResult;
Jeff Sharkeya63ba592011-07-19 23:47:12 -0700[diff] [blame]50import static com.android.server.NetworkManagementSocketTagger.PROP_QTAGUID_ENABLED;
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]51
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]52import android.annotation.NonNull;
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]53import android.app.ActivityManager;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]54import android.content.ContentResolver;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]55import android.content.Context;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]56import android.net.ConnectivityManager;
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]57import android.net.INetd;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]58import android.net.INetworkManagementEventObserver;
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]59import android.net.ITetheringStatsProvider;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]60import android.net.InterfaceConfiguration;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]61import android.net.IpPrefix;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]62import android.net.LinkAddress;
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]63import android.net.Network;
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]64import android.net.NetworkPolicyManager;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]65import android.net.NetworkStats;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]66import android.net.NetworkUtils;
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]67import android.net.RouteInfo;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]68import android.net.UidRange;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]69import android.net.wifi.WifiConfiguration;
70import android.net.wifi.WifiConfiguration.KeyMgmt;
Dianne Hackborn91268cf2013-06-13 19:06:50 -0700[diff] [blame]71import android.os.BatteryStats;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]72import android.os.Binder;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]73import android.os.Handler;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]74import android.os.INetworkActivityListener;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]75import android.os.INetworkManagementService;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]76import android.os.PowerManager;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]77import android.os.Process;
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]78import android.os.RemoteCallbackList;
79import android.os.RemoteException;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]80import android.os.ServiceManager;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]81import android.os.ServiceSpecificException;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]82import android.os.StrictMode;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]83import android.os.SystemClock;
Marco Nelissen62dbb222010-02-18 10:56:30 -0800[diff] [blame]84import android.os.SystemProperties;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]85import android.os.Trace;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]86import android.provider.Settings;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]87import android.telephony.DataConnectionRealTimeInfo;
88import android.telephony.PhoneStateListener;
Wink Savillefb40dd42014-06-12 17:02:31 -0700[diff] [blame]89import android.telephony.SubscriptionManager;
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]90import android.telephony.TelephonyManager;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]91import android.util.Log;
Joe Onorato8a9b2202010-02-26 18:56:32 -0800[diff] [blame]92import android.util.Slog;
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]93import android.util.SparseBooleanArray;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]94import android.util.SparseIntArray;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]95
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]96import com.android.internal.annotations.GuardedBy;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]97import com.android.internal.annotations.VisibleForTesting;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]98import com.android.internal.app.IBatteryStats;
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]99import com.android.internal.net.NetworkStatsFactory;
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]100import com.android.internal.util.DumpUtils;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]101import com.android.internal.util.HexDump;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]102import com.android.internal.util.Preconditions;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]103import com.android.server.NativeDaemonConnector.Command;
Jeff Sharkey56cd6462013-06-07 15:09:15 -0700[diff] [blame]104import com.android.server.NativeDaemonConnector.SensitiveArg;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]105import com.google.android.collect.Maps;
Jeff Sharkey4414cea2011-06-24 17:05:24 -0700[diff] [blame]106
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]107import java.io.BufferedReader;
108import java.io.DataInputStream;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]109import java.io.File;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]110import java.io.FileDescriptor;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]111import java.io.FileInputStream;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]112import java.io.IOException;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]113import java.io.InputStreamReader;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]114import java.io.PrintWriter;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]115import java.net.InetAddress;
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]116import java.net.InterfaceAddress;
117import java.net.NetworkInterface;
118import java.net.SocketException;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]119import java.util.ArrayList;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]120import java.util.Arrays;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]121import java.util.HashMap;
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]122import java.util.List;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]123import java.util.Map;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]124import java.util.NoSuchElementException;
125import java.util.StringTokenizer;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]126import java.util.concurrent.CountDownLatch;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]127
128/**
129 * @hide
130 */
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]131public class NetworkManagementService extends INetworkManagementService.Stub
132 implements Watchdog.Monitor {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]133 private static final String TAG = "NetworkManagement";
134 private static final boolean DBG = Log.isLoggable(TAG, Log.DEBUG);
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]135 private static final String NETD_TAG = "NetdConnector";
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]136 private static final String NETD_SERVICE_NAME = "netd";
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]137
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]138 private static final int MAX_UID_RANGES_PER_COMMAND = 10;
139
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]140 /**
141 * Name representing {@link #setGlobalAlert(long)} limit when delivered to
142 * {@link INetworkManagementEventObserver#limitReached(String, String)}.
143 */
144 public static final String LIMIT_GLOBAL_ALERT = "globalAlert";
145
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]146 /**
147 * String to pass to netd to indicate that a network is only accessible
148 * to apps that have the CHANGE_NETWORK_STATE permission.
149 */
150 public static final String PERMISSION_NETWORK = "NETWORK";
151
152 /**
153 * String to pass to netd to indicate that a network is only
154 * accessible to system apps and those with the CONNECTIVITY_INTERNAL
155 * permission.
156 */
157 public static final String PERMISSION_SYSTEM = "SYSTEM";
158
Andrew Scull64464e72017-05-19 15:37:20 +0100[diff] [blame]159 static class NetdResponseCode {
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]160 /* Keep in sync with system/netd/server/ResponseCode.h */
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]161 public static final int InterfaceListResult = 110;
162 public static final int TetherInterfaceListResult = 111;
163 public static final int TetherDnsFwdTgtListResult = 112;
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]164 public static final int TtyListResult = 113;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]165 public static final int TetheringStatsListResult = 114;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]166
167 public static final int TetherStatusResult = 210;
168 public static final int IpFwdStatusResult = 211;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]169 public static final int InterfaceGetCfgResult = 213;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]170 public static final int SoftapStatusResult = 214;
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]171 public static final int InterfaceRxCounterResult = 216;
172 public static final int InterfaceTxCounterResult = 217;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]173 public static final int QuotaCounterResult = 220;
174 public static final int TetheringStatsResult = 221;
Selim Gurun84c00c62012-02-27 15:42:38 -0800[diff] [blame]175 public static final int DnsProxyQueryResult = 222;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]176 public static final int ClatdStatusResult = 223;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]177
178 public static final int InterfaceChange = 600;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]179 public static final int BandwidthControl = 601;
Haoyu Bai6b7358d2012-07-17 16:36:50 -0700[diff] [blame]180 public static final int InterfaceClassActivity = 613;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]181 public static final int InterfaceAddressChange = 614;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]182 public static final int InterfaceDnsServerInfo = 615;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]183 public static final int RouteChange = 616;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]184 public static final int StrictCleartext = 617;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]185 }
186
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]187 /* Defaults for resolver parameters. */
188 public static final int DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS = 1800;
189 public static final int DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT = 25;
190 public static final int DNS_RESOLVER_DEFAULT_MIN_SAMPLES = 8;
191 public static final int DNS_RESOLVER_DEFAULT_MAX_SAMPLES = 64;
192
Rebecca Silbersteine2ec94f2016-03-24 13:29:00 -0700[diff] [blame]193 /**
194 * String indicating a softap command.
195 */
196 static final String SOFT_AP_COMMAND = "softap";
197
198 /**
199 * String passed back to netd connector indicating softap command success.
200 */
201 static final String SOFT_AP_COMMAND_SUCCESS = "Ok";
202
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]203 static final int DAEMON_MSG_MOBILE_CONN_REAL_TIME_INFO = 1;
204
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]205 /**
206 * Binder context for this service
207 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]208 private final Context mContext;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]209
210 /**
211 * connector object for communicating with netd
212 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]213 private final NativeDaemonConnector mConnector;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]214
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]215 private final Handler mFgHandler;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]216 private final Handler mDaemonHandler;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]217
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]218 private INetd mNetdService;
219
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]220 private IBatteryStats mBatteryStats;
221
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]222 private final Thread mThread;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]223 private CountDownLatch mConnectedSignal = new CountDownLatch(1);
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]224
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]225 private final RemoteCallbackList<INetworkManagementEventObserver> mObservers =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]226 new RemoteCallbackList<>();
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]227
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]228 private final NetworkStatsFactory mStatsFactory = new NetworkStatsFactory();
229
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]230 @GuardedBy("mTetheringStatsProviders")
231 private final HashMap<ITetheringStatsProvider, String>
232 mTetheringStatsProviders = Maps.newHashMap();
233
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]234 /**
235 * If both locks need to be held, then they should be obtained in the order:
236 * first {@link #mQuotaLock} and then {@link #mRulesLock}.
237 */
Andrew Scull64464e72017-05-19 15:37:20 +0100[diff] [blame]238 private final Object mQuotaLock = new Object();
239 private final Object mRulesLock = new Object();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]240
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]241 /** Set of interfaces with active quotas. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]242 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]243 private HashMap<String, Long> mActiveQuotas = Maps.newHashMap();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]244 /** Set of interfaces with active alerts. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]245 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]246 private HashMap<String, Long> mActiveAlerts = Maps.newHashMap();
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]247 /** Set of UIDs blacklisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]248 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]249 private SparseBooleanArray mUidRejectOnMetered = new SparseBooleanArray();
250 /** Set of UIDs whitelisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]251 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]252 private SparseBooleanArray mUidAllowOnMetered = new SparseBooleanArray();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]253 /** Set of UIDs with cleartext penalties. */
254 @GuardedBy("mQuotaLock")
255 private SparseIntArray mUidCleartextPolicy = new SparseIntArray();
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]256 /** Set of UIDs that are to be blocked/allowed by firewall controller. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]257 @GuardedBy("mRulesLock")
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]258 private SparseIntArray mUidFirewallRules = new SparseIntArray();
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]259 /**
260 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
261 * to application idles.
262 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]263 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]264 private SparseIntArray mUidFirewallStandbyRules = new SparseIntArray();
265 /**
266 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
267 * to device idles.
268 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]269 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]270 private SparseIntArray mUidFirewallDozableRules = new SparseIntArray();
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]271 /**
272 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
273 * to device on power-save mode.
274 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]275 @GuardedBy("mRulesLock")
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]276 private SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]277 /** Set of states for the child firewall chains. True if the chain is active. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]278 @GuardedBy("mRulesLock")
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]279 final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]280
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]281 @GuardedBy("mQuotaLock")
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]282 private volatile boolean mDataSaverMode;
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]283
Andrew Scull64464e72017-05-19 15:37:20 +0100[diff] [blame]284 private final Object mIdleTimerLock = new Object();
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]285 /** Set of interfaces with active idle timers. */
286 private static class IdleTimerParams {
287 public final int timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]288 public final int type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]289 public int networkCount;
290
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]291 IdleTimerParams(int timeout, int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]292 this.timeout = timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]293 this.type = type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]294 this.networkCount = 1;
295 }
296 }
297 private HashMap<String, IdleTimerParams> mActiveIdleTimers = Maps.newHashMap();
298
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]299 private volatile boolean mBandwidthControlEnabled;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]300 private volatile boolean mFirewallEnabled;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]301 private volatile boolean mStrictEnabled;
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]302
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]303 private boolean mMobileActivityFromRadio = false;
304 private int mLastPowerStateFromRadio = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]305 private int mLastPowerStateFromWifi = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]306
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]307 private final RemoteCallbackList<INetworkActivityListener> mNetworkActivityListeners =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]308 new RemoteCallbackList<>();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]309 private boolean mNetworkActive;
310
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]311 /**
312 * Constructs a new NetworkManagementService instance
313 *
314 * @param context Binder context for this service
315 */
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]316 private NetworkManagementService(Context context, String socket) {
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]317 mContext = context;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]318
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]319 // make sure this is on the same looper as our NativeDaemonConnector for sync purposes
320 mFgHandler = new Handler(FgThread.get().getLooper());
321
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]322 // Don't need this wake lock, since we now have a time stamp for when
323 // the network actually went inactive. (It might be nice to still do this,
324 // but I don't want to do it through the power manager because that pollutes the
325 // battery stats history with pointless noise.)
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]326 //PowerManager pm = (PowerManager)context.getSystemService(Context.POWER_SERVICE);
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]327 PowerManager.WakeLock wl = null; //pm.newWakeLock(PowerManager.PARTIAL_WAKE_LOCK, NETD_TAG);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]328
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]329 mConnector = new NativeDaemonConnector(
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]330 new NetdCallbackReceiver(), socket, 10, NETD_TAG, 160, wl,
331 FgThread.get().getLooper());
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]332 mThread = new Thread(mConnector, NETD_TAG);
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]333
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]334 mDaemonHandler = new Handler(FgThread.get().getLooper());
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]335
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]336 // Add ourself to the Watchdog monitors.
337 Watchdog.getInstance().addMonitor(this);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]338
339 LocalServices.addService(NetworkManagementInternal.class, new LocalService());
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]340
341 synchronized (mTetheringStatsProviders) {
342 mTetheringStatsProviders.put(new NetdTetheringStatsProvider(), "netd");
343 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]344 }
345
346 @VisibleForTesting
347 NetworkManagementService() {
348 mConnector = null;
349 mContext = null;
350 mDaemonHandler = null;
351 mFgHandler = null;
352 mThread = null;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]353 }
354
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]355 static NetworkManagementService create(Context context, String socket)
356 throws InterruptedException {
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]357 final NetworkManagementService service = new NetworkManagementService(context, socket);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]358 final CountDownLatch connectedSignal = service.mConnectedSignal;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]359 if (DBG) Slog.d(TAG, "Creating NetworkManagementService");
360 service.mThread.start();
361 if (DBG) Slog.d(TAG, "Awaiting socket connection");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]362 connectedSignal.await();
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]363 if (DBG) Slog.d(TAG, "Connected");
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]364 service.connectNativeNetdService();
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]365 return service;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]366 }
367
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]368 public static NetworkManagementService create(Context context) throws InterruptedException {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]369 return create(context, NETD_SERVICE_NAME);
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]370 }
371
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]372 public void systemReady() {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]373 if (DBG) {
374 final long start = System.currentTimeMillis();
375 prepareNativeDaemon();
376 final long delta = System.currentTimeMillis() - start;
377 Slog.d(TAG, "Prepared in " + delta + "ms");
378 return;
379 } else {
380 prepareNativeDaemon();
381 }
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]382 }
383
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]384 private IBatteryStats getBatteryStats() {
385 synchronized (this) {
386 if (mBatteryStats != null) {
387 return mBatteryStats;
388 }
389 mBatteryStats = IBatteryStats.Stub.asInterface(ServiceManager.getService(
390 BatteryStats.SERVICE_NAME));
391 return mBatteryStats;
392 }
393 }
394
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]395 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]396 public void registerObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]397 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]398 mObservers.register(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]399 }
400
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]401 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]402 public void unregisterObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]403 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]404 mObservers.unregister(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]405 }
406
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]407 @FunctionalInterface
408 private interface NetworkManagementEventCallback {
409 public void sendCallback(INetworkManagementEventObserver o) throws RemoteException;
410 }
411
412 private void invokeForAllObservers(NetworkManagementEventCallback eventCallback) {
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]413 final int length = mObservers.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]414 try {
415 for (int i = 0; i < length; i++) {
416 try {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]417 eventCallback.sendCallback(mObservers.getBroadcastItem(i));
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]418 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]419 }
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]420 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]421 } finally {
422 mObservers.finishBroadcast();
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]423 }
424 }
425
426 /**
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]427 * Notify our observers of an interface status change
428 */
429 private void notifyInterfaceStatusChanged(String iface, boolean up) {
430 invokeForAllObservers(o -> o.interfaceStatusChanged(iface, up));
431 }
432
433 /**
Mike J. Chenf59c7d02011-06-23 15:33:15 -0700[diff] [blame]434 * Notify our observers of an interface link state change
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]435 * (typically, an Ethernet cable has been plugged-in or unplugged).
436 */
437 private void notifyInterfaceLinkStateChanged(String iface, boolean up) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]438 invokeForAllObservers(o -> o.interfaceLinkStateChanged(iface, up));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]439 }
440
441 /**
442 * Notify our observers of an interface addition.
443 */
444 private void notifyInterfaceAdded(String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]445 invokeForAllObservers(o -> o.interfaceAdded(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]446 }
447
448 /**
449 * Notify our observers of an interface removal.
450 */
451 private void notifyInterfaceRemoved(String iface) {
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]452 // netd already clears out quota and alerts for removed ifaces; update
453 // our sanity-checking state.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]454 mActiveAlerts.remove(iface);
455 mActiveQuotas.remove(iface);
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]456
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]457 invokeForAllObservers(o -> o.interfaceRemoved(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]458 }
459
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]460 /**
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]461 * Notify our observers of a limit reached.
462 */
463 private void notifyLimitReached(String limitName, String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]464 invokeForAllObservers(o -> o.limitReached(limitName, iface));
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]465 }
466
467 /**
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]468 * Notify our observers of a change in the data activity state of the interface
469 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]470 private void notifyInterfaceClassActivity(int type, int powerState, long tsNanos,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]471 int uid, boolean fromRadio) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]472 final boolean isMobile = ConnectivityManager.isNetworkTypeMobile(type);
473 if (isMobile) {
474 if (!fromRadio) {
475 if (mMobileActivityFromRadio) {
476 // If this call is not coming from a report from the radio itself, but we
477 // have previously received reports from the radio, then we will take the
478 // power state to just be whatever the radio last reported.
479 powerState = mLastPowerStateFromRadio;
480 }
481 } else {
482 mMobileActivityFromRadio = true;
483 }
484 if (mLastPowerStateFromRadio != powerState) {
485 mLastPowerStateFromRadio = powerState;
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]486 try {
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]487 getBatteryStats().noteMobileRadioPowerState(powerState, tsNanos, uid);
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]488 } catch (RemoteException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]489 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]490 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]491 }
492
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]493 if (ConnectivityManager.isNetworkTypeWifi(type)) {
494 if (mLastPowerStateFromWifi != powerState) {
495 mLastPowerStateFromWifi = powerState;
496 try {
Adam Lesinski5f056f62016-07-14 16:56:08 -0700[diff] [blame]497 getBatteryStats().noteWifiRadioPowerState(powerState, tsNanos, uid);
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]498 } catch (RemoteException e) {
499 }
500 }
501 }
502
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]503 boolean isActive = powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_MEDIUM
504 || powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH;
505
506 if (!isMobile || fromRadio || !mMobileActivityFromRadio) {
507 // Report the change in data activity. We don't do this if this is a change
508 // on the mobile network, that is not coming from the radio itself, and we
509 // have previously seen change reports from the radio. In that case only
510 // the radio is the authority for the current state.
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]511 final boolean active = isActive;
512 invokeForAllObservers(o -> o.interfaceClassDataActivityChanged(
513 Integer.toString(type), active, tsNanos));
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]514 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]515
516 boolean report = false;
517 synchronized (mIdleTimerLock) {
518 if (mActiveIdleTimers.isEmpty()) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]519 // If there are no idle timers, we are not monitoring activity, so we
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]520 // are always considered active.
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]521 isActive = true;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]522 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]523 if (mNetworkActive != isActive) {
524 mNetworkActive = isActive;
525 report = isActive;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]526 }
527 }
528 if (report) {
529 reportNetworkActive();
530 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]531 }
532
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]533 @Override
534 public void registerTetheringStatsProvider(ITetheringStatsProvider provider, String name) {
535 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
536 Preconditions.checkNotNull(provider);
537 synchronized(mTetheringStatsProviders) {
538 mTetheringStatsProviders.put(provider, name);
539 }
540 }
541
542 @Override
543 public void unregisterTetheringStatsProvider(ITetheringStatsProvider provider) {
544 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
545 synchronized(mTetheringStatsProviders) {
546 mTetheringStatsProviders.remove(provider);
547 }
548 }
549
Lorenzo Colittid66cf562017-08-15 19:25:51 +0900[diff] [blame^]550 @Override
551 public void tetherLimitReached(ITetheringStatsProvider provider) {
552 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
553 synchronized(mTetheringStatsProviders) {
554 if (!mTetheringStatsProviders.containsKey(provider)) {
555 return;
556 }
557 // No current code examines the interface parameter in a global alert. Just pass null.
558 notifyLimitReached(LIMIT_GLOBAL_ALERT, null);
559 }
560 }
561
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]562 // Sync the state of the given chain with the native daemon.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]563 private void syncFirewallChainLocked(int chain, String name) {
564 SparseIntArray rules;
565 synchronized (mRulesLock) {
566 final SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]567 // Make a copy of the current rules, and then clear them. This is because
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]568 // setFirewallUidRuleInternal only pushes down rules to the native daemon if they
569 // are different from the current rules stored in the mUidFirewall*Rules array for
570 // the specified chain. If we don't clear the rules, setFirewallUidRuleInternal
571 // will do nothing.
572 rules = uidFirewallRules.clone();
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]573 uidFirewallRules.clear();
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]574 }
575 if (rules.size() > 0) {
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]576 // Now push the rules. setFirewallUidRuleInternal will push each of these down to the
577 // native daemon, and also add them to the mUidFirewall*Rules array for the specified
578 // chain.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]579 if (DBG) Slog.d(TAG, "Pushing " + rules.size() + " active firewall "
580 + name + "UID rules");
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]581 for (int i = 0; i < rules.size(); i++) {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]582 setFirewallUidRuleLocked(chain, rules.keyAt(i), rules.valueAt(i));
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]583 }
584 }
585 }
586
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]587 private void connectNativeNetdService() {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]588 boolean nativeServiceAvailable = false;
589 try {
590 mNetdService = INetd.Stub.asInterface(ServiceManager.getService(NETD_SERVICE_NAME));
591 nativeServiceAvailable = mNetdService.isAlive();
592 } catch (RemoteException e) {}
593 if (!nativeServiceAvailable) {
594 Slog.wtf(TAG, "Can't connect to NativeNetdService " + NETD_SERVICE_NAME);
595 }
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]596 }
597
598 /**
599 * Prepare native daemon once connected, enabling modules and pushing any
600 * existing in-memory rules.
601 */
602 private void prepareNativeDaemon() {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]603
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]604 mBandwidthControlEnabled = false;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]605
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]606 // only enable bandwidth control when support exists
607 final boolean hasKernelSupport = new File("/proc/net/xt_qtaguid/ctrl").exists();
608 if (hasKernelSupport) {
609 Slog.d(TAG, "enabling bandwidth control");
610 try {
611 mConnector.execute("bandwidth", "enable");
612 mBandwidthControlEnabled = true;
613 } catch (NativeDaemonConnectorException e) {
614 Log.wtf(TAG, "problem enabling bandwidth controls", e);
615 }
616 } else {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]617 Slog.i(TAG, "not enabling bandwidth control");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]618 }
619
620 SystemProperties.set(PROP_QTAGUID_ENABLED, mBandwidthControlEnabled ? "1" : "0");
621
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]622 if (mBandwidthControlEnabled) {
623 try {
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]624 getBatteryStats().noteNetworkStatsEnabled();
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]625 } catch (RemoteException e) {
626 }
627 }
628
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]629 try {
630 mConnector.execute("strict", "enable");
631 mStrictEnabled = true;
632 } catch (NativeDaemonConnectorException e) {
633 Log.wtf(TAG, "Failed strict enable", e);
634 }
635
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]636 // push any existing quota or UID rules
637 synchronized (mQuotaLock) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]638
639 setDataSaverModeEnabled(mDataSaverMode);
640
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]641 int size = mActiveQuotas.size();
642 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]643 if (DBG) Slog.d(TAG, "Pushing " + size + " active quota rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]644 final HashMap<String, Long> activeQuotas = mActiveQuotas;
645 mActiveQuotas = Maps.newHashMap();
646 for (Map.Entry<String, Long> entry : activeQuotas.entrySet()) {
647 setInterfaceQuota(entry.getKey(), entry.getValue());
648 }
649 }
650
651 size = mActiveAlerts.size();
652 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]653 if (DBG) Slog.d(TAG, "Pushing " + size + " active alert rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]654 final HashMap<String, Long> activeAlerts = mActiveAlerts;
655 mActiveAlerts = Maps.newHashMap();
656 for (Map.Entry<String, Long> entry : activeAlerts.entrySet()) {
657 setInterfaceAlert(entry.getKey(), entry.getValue());
658 }
659 }
660
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]661 SparseBooleanArray uidRejectOnQuota = null;
662 SparseBooleanArray uidAcceptOnQuota = null;
663 synchronized (mRulesLock) {
664 size = mUidRejectOnMetered.size();
665 if (size > 0) {
666 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered blacklist rules");
667 uidRejectOnQuota = mUidRejectOnMetered;
668 mUidRejectOnMetered = new SparseBooleanArray();
669 }
670
671 size = mUidAllowOnMetered.size();
672 if (size > 0) {
673 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered whitelist rules");
674 uidAcceptOnQuota = mUidAllowOnMetered;
675 mUidAllowOnMetered = new SparseBooleanArray();
676 }
677 }
678 if (uidRejectOnQuota != null) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]679 for (int i = 0; i < uidRejectOnQuota.size(); i++) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]680 setUidMeteredNetworkBlacklist(uidRejectOnQuota.keyAt(i),
681 uidRejectOnQuota.valueAt(i));
682 }
683 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]684 if (uidAcceptOnQuota != null) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]685 for (int i = 0; i < uidAcceptOnQuota.size(); i++) {
686 setUidMeteredNetworkWhitelist(uidAcceptOnQuota.keyAt(i),
687 uidAcceptOnQuota.valueAt(i));
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]688 }
689 }
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]690
691 size = mUidCleartextPolicy.size();
692 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]693 if (DBG) Slog.d(TAG, "Pushing " + size + " active UID cleartext policies");
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]694 final SparseIntArray local = mUidCleartextPolicy;
695 mUidCleartextPolicy = new SparseIntArray();
696 for (int i = 0; i < local.size(); i++) {
697 setUidCleartextNetworkPolicy(local.keyAt(i), local.valueAt(i));
698 }
699 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]700
Robin Leec3736bc2017-03-10 16:19:54 +0000[diff] [blame]701 setFirewallEnabled(mFirewallEnabled);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]702
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]703 syncFirewallChainLocked(FIREWALL_CHAIN_NONE, "");
704 syncFirewallChainLocked(FIREWALL_CHAIN_STANDBY, "standby ");
705 syncFirewallChainLocked(FIREWALL_CHAIN_DOZABLE, "dozable ");
706 syncFirewallChainLocked(FIREWALL_CHAIN_POWERSAVE, "powersave ");
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]707
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]708 final int[] chains =
709 {FIREWALL_CHAIN_STANDBY, FIREWALL_CHAIN_DOZABLE, FIREWALL_CHAIN_POWERSAVE};
710 for (int chain : chains) {
711 if (getFirewallChainState(chain)) {
712 setFirewallChainEnabled(chain, true);
713 }
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]714 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]715 }
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]716 }
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]717
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]718 /**
719 * Notify our observers of a new or updated interface address.
720 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]721 private void notifyAddressUpdated(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]722 invokeForAllObservers(o -> o.addressUpdated(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]723 }
724
725 /**
726 * Notify our observers of a deleted interface address.
727 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]728 private void notifyAddressRemoved(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]729 invokeForAllObservers(o -> o.addressRemoved(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]730 }
731
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]732 /**
733 * Notify our observers of DNS server information received.
734 */
735 private void notifyInterfaceDnsServerInfo(String iface, long lifetime, String[] addresses) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]736 invokeForAllObservers(o -> o.interfaceDnsServerInfo(iface, lifetime, addresses));
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]737 }
738
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]739 /**
740 * Notify our observers of a route change.
741 */
742 private void notifyRouteChange(String action, RouteInfo route) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]743 if (action.equals("updated")) {
744 invokeForAllObservers(o -> o.routeUpdated(route));
745 } else {
746 invokeForAllObservers(o -> o.routeRemoved(route));
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]747 }
748 }
749
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]750 //
751 // Netd Callback handling
752 //
753
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]754 private class NetdCallbackReceiver implements INativeDaemonConnectorCallbacks {
755 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]756 public void onDaemonConnected() {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]757 Slog.i(TAG, "onDaemonConnected()");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]758 // event is dispatched from internal NDC thread, so we prepare the
759 // daemon back on main thread.
760 if (mConnectedSignal != null) {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]761 // The system is booting and we're connecting to netd for the first time.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]762 mConnectedSignal.countDown();
763 mConnectedSignal = null;
764 } else {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]765 // We're reconnecting to netd after the socket connection
766 // was interrupted (e.g., if it crashed).
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]767 mFgHandler.post(new Runnable() {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]768 @Override
769 public void run() {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]770 connectNativeNetdService();
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]771 prepareNativeDaemon();
772 }
773 });
774 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]775 }
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]776
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]777 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]778 public boolean onCheckHoldWakeLock(int code) {
779 return code == NetdResponseCode.InterfaceClassActivity;
780 }
781
782 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]783 public boolean onEvent(int code, String raw, String[] cooked) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]784 String errorMessage = String.format("Invalid event from daemon (%s)", raw);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]785 switch (code) {
786 case NetdResponseCode.InterfaceChange:
787 /*
788 * a network interface change occured
789 * Format: "NNN Iface added <name>"
790 * "NNN Iface removed <name>"
791 * "NNN Iface changed <name> <up/down>"
792 * "NNN Iface linkstatus <name> <up/down>"
793 */
794 if (cooked.length < 4 || !cooked[1].equals("Iface")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]795 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]796 }
797 if (cooked[2].equals("added")) {
798 notifyInterfaceAdded(cooked[3]);
799 return true;
800 } else if (cooked[2].equals("removed")) {
801 notifyInterfaceRemoved(cooked[3]);
802 return true;
803 } else if (cooked[2].equals("changed") && cooked.length == 5) {
804 notifyInterfaceStatusChanged(cooked[3], cooked[4].equals("up"));
805 return true;
806 } else if (cooked[2].equals("linkstate") && cooked.length == 5) {
807 notifyInterfaceLinkStateChanged(cooked[3], cooked[4].equals("up"));
808 return true;
809 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]810 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]811 // break;
812 case NetdResponseCode.BandwidthControl:
813 /*
814 * Bandwidth control needs some attention
815 * Format: "NNN limit alert <alertName> <ifaceName>"
816 */
817 if (cooked.length < 5 || !cooked[1].equals("limit")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]818 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]819 }
820 if (cooked[2].equals("alert")) {
821 notifyLimitReached(cooked[3], cooked[4]);
822 return true;
823 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]824 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]825 // break;
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]826 case NetdResponseCode.InterfaceClassActivity:
827 /*
828 * An network interface class state changed (active/idle)
829 * Format: "NNN IfaceClass <active/idle> <label>"
830 */
831 if (cooked.length < 4 || !cooked[1].equals("IfaceClass")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]832 throw new IllegalStateException(errorMessage);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]833 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]834 long timestampNanos = 0;
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]835 int processUid = -1;
836 if (cooked.length >= 5) {
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]837 try {
838 timestampNanos = Long.parseLong(cooked[4]);
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]839 if (cooked.length == 6) {
840 processUid = Integer.parseInt(cooked[5]);
841 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]842 } catch(NumberFormatException ne) {}
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]843 } else {
844 timestampNanos = SystemClock.elapsedRealtimeNanos();
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]845 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]846 boolean isActive = cooked[2].equals("active");
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]847 notifyInterfaceClassActivity(Integer.parseInt(cooked[3]),
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]848 isActive ? DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]849 : DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
850 timestampNanos, processUid, false);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]851 return true;
852 // break;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]853 case NetdResponseCode.InterfaceAddressChange:
854 /*
855 * A network address change occurred
856 * Format: "NNN Address updated <addr> <iface> <flags> <scope>"
857 * "NNN Address removed <addr> <iface> <flags> <scope>"
858 */
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]859 if (cooked.length < 7 || !cooked[1].equals("Address")) {
860 throw new IllegalStateException(errorMessage);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]861 }
862
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]863 String iface = cooked[4];
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]864 LinkAddress address;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]865 try {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]866 int flags = Integer.parseInt(cooked[5]);
867 int scope = Integer.parseInt(cooked[6]);
868 address = new LinkAddress(cooked[3], flags, scope);
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]869 } catch(NumberFormatException e) { // Non-numeric lifetime or scope.
870 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]871 } catch(IllegalArgumentException e) { // Malformed/invalid IP address.
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]872 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]873 }
874
875 if (cooked[2].equals("updated")) {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]876 notifyAddressUpdated(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]877 } else {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]878 notifyAddressRemoved(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]879 }
880 return true;
881 // break;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]882 case NetdResponseCode.InterfaceDnsServerInfo:
883 /*
884 * Information about available DNS servers has been received.
885 * Format: "NNN DnsInfo servers <interface> <lifetime> <servers>"
886 */
887 long lifetime; // Actually a 32-bit unsigned integer.
888
889 if (cooked.length == 6 &&
890 cooked[1].equals("DnsInfo") &&
891 cooked[2].equals("servers")) {
892 try {
893 lifetime = Long.parseLong(cooked[4]);
894 } catch (NumberFormatException e) {
895 throw new IllegalStateException(errorMessage);
896 }
897 String[] servers = cooked[5].split(",");
898 notifyInterfaceDnsServerInfo(cooked[3], lifetime, servers);
899 }
900 return true;
901 // break;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]902 case NetdResponseCode.RouteChange:
903 /*
904 * A route has been updated or removed.
905 * Format: "NNN Route <updated|removed> <dst> [via <gateway] [dev <iface>]"
906 */
907 if (!cooked[1].equals("Route") || cooked.length < 6) {
908 throw new IllegalStateException(errorMessage);
909 }
910
911 String via = null;
912 String dev = null;
913 boolean valid = true;
914 for (int i = 4; (i + 1) < cooked.length && valid; i += 2) {
915 if (cooked[i].equals("dev")) {
916 if (dev == null) {
917 dev = cooked[i+1];
918 } else {
919 valid = false; // Duplicate interface.
920 }
921 } else if (cooked[i].equals("via")) {
922 if (via == null) {
923 via = cooked[i+1];
924 } else {
925 valid = false; // Duplicate gateway.
926 }
927 } else {
928 valid = false; // Unknown syntax.
929 }
930 }
931 if (valid) {
932 try {
933 // InetAddress.parseNumericAddress(null) inexplicably returns ::1.
934 InetAddress gateway = null;
935 if (via != null) gateway = InetAddress.parseNumericAddress(via);
936 RouteInfo route = new RouteInfo(new IpPrefix(cooked[3]), gateway, dev);
937 notifyRouteChange(cooked[2], route);
938 return true;
939 } catch (IllegalArgumentException e) {}
940 }
941 throw new IllegalStateException(errorMessage);
942 // break;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]943 case NetdResponseCode.StrictCleartext:
944 final int uid = Integer.parseInt(cooked[1]);
945 final byte[] firstPacket = HexDump.hexStringToByteArray(cooked[2]);
946 try {
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]947 ActivityManager.getService().notifyCleartextNetwork(uid, firstPacket);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]948 } catch (RemoteException ignored) {
949 }
950 break;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]951 default: break;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]952 }
953 return false;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]954 }
955 }
956
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]957
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]958 //
959 // INetworkManagementService members
960 //
Erik Kline4e37b702016-07-05 11:34:21 +0900[diff] [blame]961 @Override
962 public INetd getNetdService() throws RemoteException {
963 final CountDownLatch connectedSignal = mConnectedSignal;
964 if (connectedSignal != null) {
965 try {
966 connectedSignal.await();
967 } catch (InterruptedException ignored) {}
968 }
969
970 return mNetdService;
971 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]972
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]973 @Override
974 public String[] listInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]975 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]976 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]977 return NativeDaemonEvent.filterMessageList(
978 mConnector.executeForList("interface", "list"), InterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]979 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]980 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]981 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]982 }
983
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]984 @Override
985 public InterfaceConfiguration getInterfaceConfig(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]986 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]987
988 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]989 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]990 event = mConnector.execute("interface", "getcfg", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]991 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]992 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]993 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]994
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]995 event.checkCode(InterfaceGetCfgResult);
996
997 // Rsp: 213 xx:xx:xx:xx:xx:xx yyy.yyy.yyy.yyy zzz flag1 flag2 flag3
998 final StringTokenizer st = new StringTokenizer(event.getMessage());
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]999
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1000 InterfaceConfiguration cfg;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1001 try {
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1002 cfg = new InterfaceConfiguration();
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1003 cfg.setHardwareAddress(st.nextToken(" "));
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1004 InetAddress addr = null;
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1005 int prefixLength = 0;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1006 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1007 addr = NetworkUtils.numericToInetAddress(st.nextToken());
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1008 } catch (IllegalArgumentException iae) {
1009 Slog.e(TAG, "Failed to parse ipaddr", iae);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1010 }
1011
1012 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1013 prefixLength = Integer.parseInt(st.nextToken());
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1014 } catch (NumberFormatException nfe) {
1015 Slog.e(TAG, "Failed to parse prefixLength", nfe);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1016 }
Robert Greenwalt04808c22010-12-13 17:01:41 -0800[diff] [blame]1017
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1018 cfg.setLinkAddress(new LinkAddress(addr, prefixLength));
1019 while (st.hasMoreTokens()) {
1020 cfg.setFlag(st.nextToken());
1021 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1022 } catch (NoSuchElementException nsee) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1023 throw new IllegalStateException("Invalid response from daemon: " + event);
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1024 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1025 return cfg;
1026 }
1027
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1028 @Override
1029 public void setInterfaceConfig(String iface, InterfaceConfiguration cfg) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1030 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1031 LinkAddress linkAddr = cfg.getLinkAddress();
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1032 if (linkAddr == null || linkAddr.getAddress() == null) {
1033 throw new IllegalStateException("Null LinkAddress given");
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1034 }
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1035
1036 final Command cmd = new Command("interface", "setcfg", iface,
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1037 linkAddr.getAddress().getHostAddress(),
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]1038 linkAddr.getPrefixLength());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1039 for (String flag : cfg.getFlags()) {
1040 cmd.appendArg(flag);
1041 }
1042
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1043 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1044 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1045 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1046 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1047 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1048 }
1049
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1050 @Override
1051 public void setInterfaceDown(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1052 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1053 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1054 ifcg.setInterfaceDown();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1055 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1056 }
1057
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1058 @Override
1059 public void setInterfaceUp(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1060 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1061 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1062 ifcg.setInterfaceUp();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1063 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1064 }
1065
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1066 @Override
1067 public void setInterfaceIpv6PrivacyExtensions(String iface, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1068 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1069 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1070 mConnector.execute(
1071 "interface", "ipv6privacyextensions", iface, enable ? "enable" : "disable");
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1072 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1073 throw e.rethrowAsParcelableException();
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1074 }
1075 }
1076
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1077 /* TODO: This is right now a IPv4 only function. Works for wifi which loses its
1078 IPv6 addresses on interface down, but we need to do full clean up here */
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1079 @Override
1080 public void clearInterfaceAddresses(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1081 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1082 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1083 mConnector.execute("interface", "clearaddrs", iface);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1084 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1085 throw e.rethrowAsParcelableException();
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1086 }
1087 }
1088
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1089 @Override
1090 public void enableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1091 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1092 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1093 mConnector.execute("interface", "ipv6", iface, "enable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1094 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1095 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1096 }
1097 }
1098
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1099 @Override
Joel Scherpelz3ee447c2017-06-07 15:38:38 +0900[diff] [blame]1100 public void setIPv6AddrGenMode(String iface, int mode) throws ServiceSpecificException {
1101 try {
1102 mNetdService.setIPv6AddrGenMode(iface, mode);
1103 } catch (RemoteException e) {
1104 throw e.rethrowAsRuntimeException();
1105 }
1106 }
1107
1108 @Override
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1109 public void disableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1110 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1111 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1112 mConnector.execute("interface", "ipv6", iface, "disable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1113 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1114 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1115 }
1116 }
1117
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1118 @Override
Lorenzo Colittie21a26b2014-10-28 15:24:03 +0900[diff] [blame]1119 public void setInterfaceIpv6NdOffload(String iface, boolean enable) {
1120 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1121 try {
1122 mConnector.execute(
1123 "interface", "ipv6ndoffload", iface, (enable ? "enable" : "disable"));
1124 } catch (NativeDaemonConnectorException e) {
1125 throw e.rethrowAsParcelableException();
1126 }
1127 }
1128
1129 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1130 public void addRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1131 modifyRoute("add", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1132 }
1133
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1134 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1135 public void removeRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1136 modifyRoute("remove", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1137 }
1138
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1139 private void modifyRoute(String action, String netId, RouteInfo route) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1140 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1141
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1142 final Command cmd = new Command("network", "route", action, netId);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1143
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1144 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1145 cmd.appendArg(route.getInterface());
Lorenzo Colitti4b0f8e62014-09-19 01:49:05 +0900[diff] [blame]1146 cmd.appendArg(route.getDestination().toString());
1147
1148 switch (route.getType()) {
1149 case RouteInfo.RTN_UNICAST:
1150 if (route.hasGateway()) {
1151 cmd.appendArg(route.getGateway().getHostAddress());
1152 }
1153 break;
1154 case RouteInfo.RTN_UNREACHABLE:
1155 cmd.appendArg("unreachable");
1156 break;
1157 case RouteInfo.RTN_THROW:
1158 cmd.appendArg("throw");
1159 break;
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]1160 }
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1161
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1162 try {
1163 mConnector.execute(cmd);
1164 } catch (NativeDaemonConnectorException e) {
1165 throw e.rethrowAsParcelableException();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1166 }
1167 }
1168
1169 private ArrayList<String> readRouteList(String filename) {
1170 FileInputStream fstream = null;
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1171 ArrayList<String> list = new ArrayList<>();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1172
1173 try {
1174 fstream = new FileInputStream(filename);
1175 DataInputStream in = new DataInputStream(fstream);
1176 BufferedReader br = new BufferedReader(new InputStreamReader(in));
1177 String s;
1178
1179 // throw away the title line
1180
1181 while (((s = br.readLine()) != null) && (s.length() != 0)) {
1182 list.add(s);
1183 }
1184 } catch (IOException ex) {
1185 // return current list, possibly empty
1186 } finally {
1187 if (fstream != null) {
1188 try {
1189 fstream.close();
1190 } catch (IOException ex) {}
1191 }
1192 }
1193
1194 return list;
1195 }
1196
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1197 @Override
sy.yun9d9b74a2013-09-02 05:24:09 +0900[diff] [blame]1198 public void setMtu(String iface, int mtu) {
1199 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1200
1201 final NativeDaemonEvent event;
1202 try {
1203 event = mConnector.execute("interface", "setmtu", iface, mtu);
1204 } catch (NativeDaemonConnectorException e) {
1205 throw e.rethrowAsParcelableException();
1206 }
1207 }
1208
1209 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1210 public void shutdown() {
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1211 // TODO: remove from aidl if nobody calls externally
1212 mContext.enforceCallingOrSelfPermission(SHUTDOWN, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1213
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]1214 Slog.i(TAG, "Shutting down");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1215 }
1216
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1217 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1218 public boolean getIpForwardingEnabled() throws IllegalStateException{
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1219 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1220
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1221 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1222 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1223 event = mConnector.execute("ipfwd", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1224 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1225 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1226 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1227
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1228 // 211 Forwarding enabled
1229 event.checkCode(IpFwdStatusResult);
1230 return event.getMessage().endsWith("enabled");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1231 }
1232
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1233 @Override
1234 public void setIpForwardingEnabled(boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1235 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1236 try {
Nilesh Poddarf3d4a582015-02-24 12:11:11 -0800[diff] [blame]1237 mConnector.execute("ipfwd", enable ? "enable" : "disable", "tethering");
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1238 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1239 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1240 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1241 }
1242
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1243 @Override
1244 public void startTethering(String[] dhcpRange) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1245 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1246 // cmd is "tether start first_start first_stop second_start second_stop ..."
1247 // an odd number of addrs will fail
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1248
1249 final Command cmd = new Command("tether", "start");
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1250 for (String d : dhcpRange) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1251 cmd.appendArg(d);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1252 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1253
1254 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1255 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1256 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1257 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1258 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1259 }
1260
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1261 @Override
1262 public void stopTethering() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1263 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1264 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1265 mConnector.execute("tether", "stop");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1266 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1267 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1268 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1269 }
1270
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1271 @Override
1272 public boolean isTetheringStarted() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1273 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1274
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1275 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1276 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1277 event = mConnector.execute("tether", "status");
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1278 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1279 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1280 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1281
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1282 // 210 Tethering services started
1283 event.checkCode(TetherStatusResult);
1284 return event.getMessage().endsWith("started");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1285 }
Matthew Xiefe19f122012-07-12 16:03:32 -0700[diff] [blame]1286
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1287 @Override
1288 public void tetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1289 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1290 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1291 mConnector.execute("tether", "interface", "add", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1292 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1293 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1294 }
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1295 List<RouteInfo> routes = new ArrayList<>();
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1296 // The RouteInfo constructor truncates the LinkAddress to a network prefix, thus making it
1297 // suitable to use as a route destination.
1298 routes.add(new RouteInfo(getInterfaceConfig(iface).getLinkAddress(), null, iface));
1299 addInterfaceToLocalNetwork(iface, routes);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1300 }
1301
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1302 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1303 public void untetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1304 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1305 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1306 mConnector.execute("tether", "interface", "remove", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1307 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1308 throw e.rethrowAsParcelableException();
Erik Kline1f4278a2016-08-16 16:46:33 +0900[diff] [blame]1309 } finally {
1310 removeInterfaceFromLocalNetwork(iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1311 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1312 }
1313
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1314 @Override
1315 public String[] listTetheredInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1316 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1317 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1318 return NativeDaemonEvent.filterMessageList(
1319 mConnector.executeForList("tether", "interface", "list"),
1320 TetherInterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1321 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1322 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1323 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1324 }
1325
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1326 @Override
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1327 public void setDnsForwarders(Network network, String[] dns) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1328 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1329
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1330 int netId = (network != null) ? network.netId : ConnectivityManager.NETID_UNSET;
1331 final Command cmd = new Command("tether", "dns", "set", netId);
1332
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1333 for (String s : dns) {
1334 cmd.appendArg(NetworkUtils.numericToInetAddress(s).getHostAddress());
1335 }
1336
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1337 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1338 mConnector.execute(cmd);
1339 } catch (NativeDaemonConnectorException e) {
1340 throw e.rethrowAsParcelableException();
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1341 }
1342 }
1343
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1344 @Override
1345 public String[] getDnsForwarders() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1346 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1347 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1348 return NativeDaemonEvent.filterMessageList(
1349 mConnector.executeForList("tether", "dns", "list"), TetherDnsFwdTgtListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1350 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1351 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1352 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1353 }
1354
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1355 private List<InterfaceAddress> excludeLinkLocal(List<InterfaceAddress> addresses) {
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1356 ArrayList<InterfaceAddress> filtered = new ArrayList<>(addresses.size());
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1357 for (InterfaceAddress ia : addresses) {
1358 if (!ia.getAddress().isLinkLocalAddress())
1359 filtered.add(ia);
1360 }
1361 return filtered;
1362 }
1363
Lorenzo Colitti35e36db2015-02-26 01:25:36 +0900[diff] [blame]1364 private void modifyInterfaceForward(boolean add, String fromIface, String toIface) {
1365 final Command cmd = new Command("ipfwd", add ? "add" : "remove", fromIface, toIface);
1366 try {
1367 mConnector.execute(cmd);
1368 } catch (NativeDaemonConnectorException e) {
1369 throw e.rethrowAsParcelableException();
1370 }
1371 }
1372
1373 @Override
1374 public void startInterfaceForwarding(String fromIface, String toIface) {
1375 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1376 modifyInterfaceForward(true, fromIface, toIface);
1377 }
1378
1379 @Override
1380 public void stopInterfaceForwarding(String fromIface, String toIface) {
1381 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1382 modifyInterfaceForward(false, fromIface, toIface);
1383 }
1384
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1385 private void modifyNat(String action, String internalInterface, String externalInterface)
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1386 throws SocketException {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1387 final Command cmd = new Command("nat", action, internalInterface, externalInterface);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1388
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1389 final NetworkInterface internalNetworkInterface = NetworkInterface.getByName(
1390 internalInterface);
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1391 if (internalNetworkInterface == null) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1392 cmd.appendArg("0");
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1393 } else {
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1394 // Don't touch link-local routes, as link-local addresses aren't routable,
1395 // kernel creates link-local routes on all interfaces automatically
1396 List<InterfaceAddress> interfaceAddresses = excludeLinkLocal(
1397 internalNetworkInterface.getInterfaceAddresses());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1398 cmd.appendArg(interfaceAddresses.size());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1399 for (InterfaceAddress ia : interfaceAddresses) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1400 InetAddress addr = NetworkUtils.getNetworkPart(
1401 ia.getAddress(), ia.getNetworkPrefixLength());
1402 cmd.appendArg(addr.getHostAddress() + "/" + ia.getNetworkPrefixLength());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1403 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1404 }
1405
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1406 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1407 mConnector.execute(cmd);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1408 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1409 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1410 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1411 }
1412
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1413 @Override
1414 public void enableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1415 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1416 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1417 modifyNat("enable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1418 } catch (SocketException e) {
1419 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1420 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1421 }
1422
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1423 @Override
1424 public void disableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1425 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1426 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1427 modifyNat("disable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1428 } catch (SocketException e) {
1429 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1430 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1431 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1432
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1433 @Override
1434 public String[] listTtys() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1435 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1436 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1437 return NativeDaemonEvent.filterMessageList(
1438 mConnector.executeForList("list_ttys"), TtyListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1439 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1440 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1441 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1442 }
1443
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1444 @Override
1445 public void attachPppd(
1446 String tty, String localAddr, String remoteAddr, String dns1Addr, String dns2Addr) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1447 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1448 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1449 mConnector.execute("pppd", "attach", tty,
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1450 NetworkUtils.numericToInetAddress(localAddr).getHostAddress(),
1451 NetworkUtils.numericToInetAddress(remoteAddr).getHostAddress(),
1452 NetworkUtils.numericToInetAddress(dns1Addr).getHostAddress(),
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1453 NetworkUtils.numericToInetAddress(dns2Addr).getHostAddress());
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1454 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1455 throw e.rethrowAsParcelableException();
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1456 }
1457 }
1458
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1459 @Override
1460 public void detachPppd(String tty) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1461 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1462 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1463 mConnector.execute("pppd", "detach", tty);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1464 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1465 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1466 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1467 }
Robert Greenwaltce1200d2010-02-18 11:25:54 -0800[diff] [blame]1468
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1469 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1470 public void addIdleTimer(String iface, int timeout, final int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1471 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1472
1473 if (DBG) Slog.d(TAG, "Adding idletimer");
1474
1475 synchronized (mIdleTimerLock) {
1476 IdleTimerParams params = mActiveIdleTimers.get(iface);
1477 if (params != null) {
1478 // the interface already has idletimer, update network count
1479 params.networkCount++;
1480 return;
1481 }
1482
1483 try {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1484 mConnector.execute("idletimer", "add", iface, Integer.toString(timeout),
1485 Integer.toString(type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1486 } catch (NativeDaemonConnectorException e) {
1487 throw e.rethrowAsParcelableException();
1488 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1489 mActiveIdleTimers.put(iface, new IdleTimerParams(timeout, type));
1490
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]1491 // Networks start up.
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1492 if (ConnectivityManager.isNetworkTypeMobile(type)) {
1493 mNetworkActive = false;
1494 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1495 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1496 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1497 notifyInterfaceClassActivity(type,
1498 DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1499 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1500 }
1501 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1502 }
1503 }
1504
1505 @Override
1506 public void removeIdleTimer(String iface) {
1507 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1508
1509 if (DBG) Slog.d(TAG, "Removing idletimer");
1510
1511 synchronized (mIdleTimerLock) {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1512 final IdleTimerParams params = mActiveIdleTimers.get(iface);
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1513 if (params == null || --(params.networkCount) > 0) {
1514 return;
1515 }
1516
1517 try {
1518 mConnector.execute("idletimer", "remove", iface,
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1519 Integer.toString(params.timeout), Integer.toString(params.type));
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1520 } catch (NativeDaemonConnectorException e) {
1521 throw e.rethrowAsParcelableException();
1522 }
1523 mActiveIdleTimers.remove(iface);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1524 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1525 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1526 notifyInterfaceClassActivity(params.type,
1527 DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1528 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1529 }
1530 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1531 }
1532 }
1533
1534 @Override
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1535 public NetworkStats getNetworkStatsSummaryDev() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1536 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1537 try {
1538 return mStatsFactory.readNetworkStatsSummaryDev();
1539 } catch (IOException e) {
1540 throw new IllegalStateException(e);
1541 }
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1542 }
1543
1544 @Override
1545 public NetworkStats getNetworkStatsSummaryXt() {
1546 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1547 try {
1548 return mStatsFactory.readNetworkStatsSummaryXt();
1549 } catch (IOException e) {
1550 throw new IllegalStateException(e);
1551 }
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]1552 }
1553
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1554 @Override
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]1555 public NetworkStats getNetworkStatsDetail() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1556 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1557 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1558 return mStatsFactory.readNetworkStatsDetail(UID_ALL, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1559 } catch (IOException e) {
1560 throw new IllegalStateException(e);
1561 }
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]1562 }
1563
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1564 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1565 public void setInterfaceQuota(String iface, long quotaBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1566 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1567
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1568 // silently discard when control disabled
1569 // TODO: eventually migrate to be always enabled
1570 if (!mBandwidthControlEnabled) return;
1571
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1572 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1573 if (mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1574 throw new IllegalStateException("iface " + iface + " already has quota");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1575 }
1576
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1577 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1578 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1579 mConnector.execute("bandwidth", "setiquota", iface, quotaBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1580 mActiveQuotas.put(iface, quotaBytes);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1581 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1582 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1583 }
Lorenzo Colitti62801ec2017-08-11 13:47:49 +0900[diff] [blame]1584
1585 synchronized (mTetheringStatsProviders) {
1586 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1587 try {
1588 provider.setInterfaceQuota(iface, quotaBytes);
1589 } catch (RemoteException e) {
1590 Log.e(TAG, "Problem setting tethering data limit on provider " +
1591 mTetheringStatsProviders.get(provider) + ": " + e);
1592 }
1593 }
1594 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1595 }
1596 }
1597
1598 @Override
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1599 public void removeInterfaceQuota(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1600 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1601
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1602 // silently discard when control disabled
1603 // TODO: eventually migrate to be always enabled
1604 if (!mBandwidthControlEnabled) return;
1605
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1606 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1607 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1608 // TODO: eventually consider throwing
1609 return;
1610 }
1611
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1612 mActiveQuotas.remove(iface);
1613 mActiveAlerts.remove(iface);
Jeff Sharkey38ddeaa2011-11-08 13:04:22 -0800[diff] [blame]1614
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1615 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1616 // TODO: support quota shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1617 mConnector.execute("bandwidth", "removeiquota", iface);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1618 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1619 throw e.rethrowAsParcelableException();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1620 }
Lorenzo Colitti62801ec2017-08-11 13:47:49 +0900[diff] [blame]1621
1622 synchronized (mTetheringStatsProviders) {
1623 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1624 try {
1625 provider.setInterfaceQuota(iface, ITetheringStatsProvider.QUOTA_UNLIMITED);
1626 } catch (RemoteException e) {
1627 Log.e(TAG, "Problem removing tethering data limit on provider " +
1628 mTetheringStatsProviders.get(provider) + ": " + e);
1629 }
1630 }
1631 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1632 }
1633 }
1634
1635 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1636 public void setInterfaceAlert(String iface, long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1637 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1638
1639 // silently discard when control disabled
1640 // TODO: eventually migrate to be always enabled
1641 if (!mBandwidthControlEnabled) return;
1642
1643 // quick sanity check
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1644 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1645 throw new IllegalStateException("setting alert requires existing quota on iface");
1646 }
1647
1648 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1649 if (mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1650 throw new IllegalStateException("iface " + iface + " already has alert");
1651 }
1652
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1653 try {
1654 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1655 mConnector.execute("bandwidth", "setinterfacealert", iface, alertBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1656 mActiveAlerts.put(iface, alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1657 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1658 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1659 }
1660 }
1661 }
1662
1663 @Override
1664 public void removeInterfaceAlert(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1665 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1666
1667 // silently discard when control disabled
1668 // TODO: eventually migrate to be always enabled
1669 if (!mBandwidthControlEnabled) return;
1670
1671 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1672 if (!mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1673 // TODO: eventually consider throwing
1674 return;
1675 }
1676
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1677 try {
1678 // TODO: support alert shared across interfaces
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1679 mConnector.execute("bandwidth", "removeinterfacealert", iface);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1680 mActiveAlerts.remove(iface);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1681 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1682 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1683 }
1684 }
1685 }
1686
1687 @Override
1688 public void setGlobalAlert(long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1689 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1690
1691 // silently discard when control disabled
1692 // TODO: eventually migrate to be always enabled
1693 if (!mBandwidthControlEnabled) return;
1694
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1695 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1696 mConnector.execute("bandwidth", "setglobalalert", alertBytes);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1697 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1698 throw e.rethrowAsParcelableException();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1699 }
1700 }
1701
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1702 private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1703 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1704
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]1705 // silently discard when control disabled
1706 // TODO: eventually migrate to be always enabled
1707 if (!mBandwidthControlEnabled) return;
1708
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1709 final String chain = blacklist ? "naughtyapps" : "niceapps";
1710 final String suffix = enable ? "add" : "remove";
1711
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1712 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1713 boolean oldEnable;
1714 SparseBooleanArray quotaList;
1715 synchronized (mRulesLock) {
1716 quotaList = blacklist ? mUidRejectOnMetered : mUidAllowOnMetered;
1717 oldEnable = quotaList.get(uid, false);
1718 }
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1719 if (oldEnable == enable) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1720 // TODO: eventually consider throwing
1721 return;
1722 }
1723
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1724 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "inetd bandwidth");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1725 try {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1726 mConnector.execute("bandwidth", suffix + chain, uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1727 synchronized (mRulesLock) {
1728 if (enable) {
1729 quotaList.put(uid, true);
1730 } else {
1731 quotaList.delete(uid);
1732 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1733 }
1734 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1735 throw e.rethrowAsParcelableException();
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1736 } finally {
1737 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1738 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1739 }
1740 }
1741
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1742 @Override
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1743 public void setUidMeteredNetworkBlacklist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1744 setUidOnMeteredNetworkList(uid, true, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1745 }
1746
1747 @Override
1748 public void setUidMeteredNetworkWhitelist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1749 setUidOnMeteredNetworkList(uid, false, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1750 }
1751
1752 @Override
1753 public boolean setDataSaverModeEnabled(boolean enable) {
1754 if (DBG) Log.d(TAG, "setDataSaverMode: " + enable);
1755 synchronized (mQuotaLock) {
1756 if (mDataSaverMode == enable) {
1757 Log.w(TAG, "setDataSaverMode(): already " + mDataSaverMode);
1758 return true;
1759 }
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1760 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "bandwidthEnableDataSaver");
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1761 try {
1762 final boolean changed = mNetdService.bandwidthEnableDataSaver(enable);
1763 if (changed) {
1764 mDataSaverMode = enable;
1765 } else {
1766 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command silently failed");
1767 }
1768 return changed;
1769 } catch (RemoteException e) {
1770 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command failed", e);
1771 return false;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1772 } finally {
1773 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1774 }
1775 }
1776 }
1777
1778 @Override
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1779 public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges)
1780 throws ServiceSpecificException {
1781 try {
1782 mNetdService.networkRejectNonSecureVpn(add, uidRanges);
1783 } catch (ServiceSpecificException e) {
1784 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1785 + ": netd command failed", e);
1786 throw e;
1787 } catch (RemoteException e) {
1788 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1789 + ": netd command failed", e);
1790 throw e.rethrowAsRuntimeException();
1791 }
1792 }
1793
1794 @Override
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1795 public void setUidCleartextNetworkPolicy(int uid, int policy) {
1796 if (Binder.getCallingUid() != uid) {
1797 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1798 }
1799
1800 synchronized (mQuotaLock) {
1801 final int oldPolicy = mUidCleartextPolicy.get(uid, StrictMode.NETWORK_POLICY_ACCEPT);
1802 if (oldPolicy == policy) {
1803 return;
1804 }
1805
1806 if (!mStrictEnabled) {
1807 // Module isn't enabled yet; stash the requested policy away to
1808 // apply later once the daemon is connected.
1809 mUidCleartextPolicy.put(uid, policy);
1810 return;
1811 }
1812
1813 final String policyString;
1814 switch (policy) {
1815 case StrictMode.NETWORK_POLICY_ACCEPT:
1816 policyString = "accept";
1817 break;
1818 case StrictMode.NETWORK_POLICY_LOG:
1819 policyString = "log";
1820 break;
1821 case StrictMode.NETWORK_POLICY_REJECT:
1822 policyString = "reject";
1823 break;
1824 default:
1825 throw new IllegalArgumentException("Unknown policy " + policy);
1826 }
1827
1828 try {
1829 mConnector.execute("strict", "set_uid_cleartext_policy", uid, policyString);
1830 mUidCleartextPolicy.put(uid, policy);
1831 } catch (NativeDaemonConnectorException e) {
1832 throw e.rethrowAsParcelableException();
1833 }
1834 }
1835 }
1836
1837 @Override
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1838 public boolean isBandwidthControlEnabled() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1839 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1840 return mBandwidthControlEnabled;
1841 }
1842
1843 @Override
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1844 public NetworkStats getNetworkStatsUidDetail(int uid) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1845 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1846 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1847 return mStatsFactory.readNetworkStatsDetail(uid, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1848 } catch (IOException e) {
1849 throw new IllegalStateException(e);
1850 }
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1851 }
1852
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]1853 private class NetdTetheringStatsProvider extends ITetheringStatsProvider.Stub {
1854 @Override
1855 public NetworkStats getTetherStats() {
1856 final NativeDaemonEvent[] events;
1857 try {
1858 events = mConnector.executeForList("bandwidth", "gettetherstats");
1859 } catch (NativeDaemonConnectorException e) {
1860 throw e.rethrowAsParcelableException();
1861 }
1862 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1863 for (NativeDaemonEvent event : events) {
1864 if (event.getCode() != TetheringStatsListResult) continue;
1865
1866 // 114 ifaceIn ifaceOut rx_bytes rx_packets tx_bytes tx_packets
1867 final StringTokenizer tok = new StringTokenizer(event.getMessage());
1868 try {
1869 final String ifaceIn = tok.nextToken();
1870 final String ifaceOut = tok.nextToken();
1871
1872 final NetworkStats.Entry entry = new NetworkStats.Entry();
1873 entry.iface = ifaceOut;
1874 entry.uid = UID_TETHERING;
1875 entry.set = SET_DEFAULT;
1876 entry.tag = TAG_NONE;
1877 entry.rxBytes = Long.parseLong(tok.nextToken());
1878 entry.rxPackets = Long.parseLong(tok.nextToken());
1879 entry.txBytes = Long.parseLong(tok.nextToken());
1880 entry.txPackets = Long.parseLong(tok.nextToken());
1881 stats.combineValues(entry);
1882 } catch (NoSuchElementException e) {
1883 throw new IllegalStateException("problem parsing tethering stats: " + event);
1884 } catch (NumberFormatException e) {
1885 throw new IllegalStateException("problem parsing tethering stats: " + event);
1886 }
1887 }
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]1888 return stats;
1889 }
Lorenzo Colitti62801ec2017-08-11 13:47:49 +0900[diff] [blame]1890
1891 @Override
1892 public void setInterfaceQuota(String iface, long quotaBytes) {
1893 // Do nothing. netd is already informed of quota changes in setInterfaceQuota.
1894 }
Lorenzo Colittief7b2a12017-07-10 19:06:57 +0900[diff] [blame]1895 }
1896
1897 @Override
1898 public NetworkStats getNetworkStatsTethering() {
1899 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1900
1901 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1);
1902 synchronized (mTetheringStatsProviders) {
1903 for (ITetheringStatsProvider provider: mTetheringStatsProviders.keySet()) {
1904 try {
1905 stats.combineAllValues(provider.getTetherStats());
1906 } catch (RemoteException e) {
1907 Log.e(TAG, "Problem reading tethering stats from " +
1908 mTetheringStatsProviders.get(provider) + ": " + e);
1909 }
1910 }
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1911 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1912 return stats;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1913 }
1914
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1915 @Override
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1916 public void setDnsConfigurationForNetwork(int netId, String[] servers, String domains) {
1917 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1918
1919 ContentResolver resolver = mContext.getContentResolver();
1920
1921 int sampleValidity = Settings.Global.getInt(resolver,
1922 Settings.Global.DNS_RESOLVER_SAMPLE_VALIDITY_SECONDS,
1923 DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS);
1924 if (sampleValidity < 0 || sampleValidity > 65535) {
1925 Slog.w(TAG, "Invalid sampleValidity=" + sampleValidity + ", using default=" +
1926 DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS);
1927 sampleValidity = DNS_RESOLVER_DEFAULT_SAMPLE_VALIDITY_SECONDS;
1928 }
1929
1930 int successThreshold = Settings.Global.getInt(resolver,
1931 Settings.Global.DNS_RESOLVER_SUCCESS_THRESHOLD_PERCENT,
1932 DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT);
1933 if (successThreshold < 0 || successThreshold > 100) {
1934 Slog.w(TAG, "Invalid successThreshold=" + successThreshold + ", using default=" +
1935 DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT);
1936 successThreshold = DNS_RESOLVER_DEFAULT_SUCCESS_THRESHOLD_PERCENT;
1937 }
1938
1939 int minSamples = Settings.Global.getInt(resolver,
1940 Settings.Global.DNS_RESOLVER_MIN_SAMPLES, DNS_RESOLVER_DEFAULT_MIN_SAMPLES);
1941 int maxSamples = Settings.Global.getInt(resolver,
1942 Settings.Global.DNS_RESOLVER_MAX_SAMPLES, DNS_RESOLVER_DEFAULT_MAX_SAMPLES);
1943 if (minSamples < 0 || minSamples > maxSamples || maxSamples > 64) {
1944 Slog.w(TAG, "Invalid sample count (min, max)=(" + minSamples + ", " + maxSamples +
1945 "), using default=(" + DNS_RESOLVER_DEFAULT_MIN_SAMPLES + ", " +
1946 DNS_RESOLVER_DEFAULT_MAX_SAMPLES + ")");
1947 minSamples = DNS_RESOLVER_DEFAULT_MIN_SAMPLES;
1948 maxSamples = DNS_RESOLVER_DEFAULT_MAX_SAMPLES;
1949 }
1950
1951 final String[] domainStrs = domains == null ? new String[0] : domains.split(" ");
1952 final int[] params = { sampleValidity, successThreshold, minSamples, maxSamples };
1953 try {
1954 mNetdService.setResolverConfiguration(netId, servers, domainStrs, params);
1955 } catch (RemoteException e) {
1956 throw new RuntimeException(e);
1957 }
1958 }
1959
1960 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1961 public void addVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1962 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1963 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1964 argv[0] = "users";
1965 argv[1] = "add";
1966 argv[2] = netId;
1967 int argc = 3;
1968 // Avoid overly long commands by limiting number of UID ranges per command.
1969 for (int i = 0; i < ranges.length; i++) {
1970 argv[argc++] = ranges[i].toString();
1971 if (i == (ranges.length - 1) || argc == argv.length) {
1972 try {
1973 mConnector.execute("network", Arrays.copyOf(argv, argc));
1974 } catch (NativeDaemonConnectorException e) {
1975 throw e.rethrowAsParcelableException();
1976 }
1977 argc = 3;
1978 }
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1979 }
1980 }
1981
1982 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1983 public void removeVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1984 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1985 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1986 argv[0] = "users";
1987 argv[1] = "remove";
1988 argv[2] = netId;
1989 int argc = 3;
1990 // Avoid overly long commands by limiting number of UID ranges per command.
1991 for (int i = 0; i < ranges.length; i++) {
1992 argv[argc++] = ranges[i].toString();
1993 if (i == (ranges.length - 1) || argc == argv.length) {
1994 try {
1995 mConnector.execute("network", Arrays.copyOf(argv, argc));
1996 } catch (NativeDaemonConnectorException e) {
1997 throw e.rethrowAsParcelableException();
1998 }
1999 argc = 3;
2000 }
Chad Brubakercca54c42013-06-27 17:41:38 -0700[diff] [blame]2001 }
2002 }
2003
2004 @Override
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2005 public void setFirewallEnabled(boolean enabled) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2006 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2007 try {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2008 mConnector.execute("firewall", "enable", enabled ? "whitelist" : "blacklist");
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2009 mFirewallEnabled = enabled;
2010 } catch (NativeDaemonConnectorException e) {
2011 throw e.rethrowAsParcelableException();
2012 }
2013 }
2014
2015 @Override
2016 public boolean isFirewallEnabled() {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2017 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2018 return mFirewallEnabled;
2019 }
2020
2021 @Override
Jeff Sharkey2c092982012-08-24 11:44:40 -0700[diff] [blame]2022 public void setFirewallInterfaceRule(String iface, boolean allow) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2023 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2024 Preconditions.checkState(mFirewallEnabled);
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2025 final String rule = allow ? "allow" : "deny";
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2026 try {
2027 mConnector.execute("firewall", "set_interface_rule", iface, rule);
2028 } catch (NativeDaemonConnectorException e) {
2029 throw e.rethrowAsParcelableException();
2030 }
2031 }
2032
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2033 private void closeSocketsForFirewallChainLocked(int chain, String chainName) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2034 // UID ranges to close sockets on.
2035 UidRange[] ranges;
2036 // UID ranges whose sockets we won't touch.
2037 int[] exemptUids;
2038
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2039 int numUids = 0;
2040
2041 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2042 // Close all sockets on all non-system UIDs...
2043 ranges = new UidRange[] {
2044 // TODO: is there a better way of finding all existing users? If so, we could
2045 // specify their ranges here.
2046 new UidRange(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE),
2047 };
2048 // ... except for the UIDs that have allow rules.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2049 synchronized (mRulesLock) {
2050 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2051 exemptUids = new int[rules.size()];
2052 for (int i = 0; i < exemptUids.length; i++) {
2053 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2054 exemptUids[numUids] = rules.keyAt(i);
2055 numUids++;
2056 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2057 }
2058 }
2059 // Normally, whitelist chains only contain deny rules, so numUids == exemptUids.length.
2060 // But the code does not guarantee this in any way, and at least in one case - if we add
2061 // a UID rule to the firewall, and then disable the firewall - the chains can contain
2062 // the wrong type of rule. In this case, don't close connections that we shouldn't.
2063 //
2064 // TODO: tighten up this code by ensuring we never set the wrong type of rule, and
2065 // fix setFirewallEnabled to grab mQuotaLock and clear rules.
2066 if (numUids != exemptUids.length) {
2067 exemptUids = Arrays.copyOf(exemptUids, numUids);
2068 }
2069 } else {
2070 // Close sockets for every UID that has a deny rule...
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2071 synchronized (mRulesLock) {
2072 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2073 ranges = new UidRange[rules.size()];
2074 for (int i = 0; i < ranges.length; i++) {
2075 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2076 int uid = rules.keyAt(i);
2077 ranges[numUids] = new UidRange(uid, uid);
2078 numUids++;
2079 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2080 }
2081 }
2082 // As above; usually numUids == ranges.length, but not always.
2083 if (numUids != ranges.length) {
2084 ranges = Arrays.copyOf(ranges, numUids);
2085 }
2086 // ... with no exceptions.
2087 exemptUids = new int[0];
2088 }
2089
2090 try {
2091 mNetdService.socketDestroy(ranges, exemptUids);
2092 } catch(RemoteException | ServiceSpecificException e) {
2093 Slog.e(TAG, "Error closing sockets after enabling chain " + chainName + ": " + e);
2094 }
2095 }
2096
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2097 @Override
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2098 public void setFirewallChainEnabled(int chain, boolean enable) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2099 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2100 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2101 synchronized (mRulesLock) {
2102 if (getFirewallChainState(chain) == enable) {
2103 // All is the same, nothing to do. This relies on the fact that netd has child
2104 // chains default detached.
2105 return;
2106 }
2107 setFirewallChainState(chain, enable);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2108 }
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2109
2110 final String operation = enable ? "enable_chain" : "disable_chain";
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2111 final String chainName;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2112 switch(chain) {
2113 case FIREWALL_CHAIN_STANDBY:
2114 chainName = FIREWALL_CHAIN_NAME_STANDBY;
2115 break;
2116 case FIREWALL_CHAIN_DOZABLE:
2117 chainName = FIREWALL_CHAIN_NAME_DOZABLE;
2118 break;
2119 case FIREWALL_CHAIN_POWERSAVE:
2120 chainName = FIREWALL_CHAIN_NAME_POWERSAVE;
2121 break;
2122 default:
2123 throw new IllegalArgumentException("Bad child chain: " + chain);
2124 }
2125
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2126 try {
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2127 mConnector.execute("firewall", operation, chainName);
2128 } catch (NativeDaemonConnectorException e) {
2129 throw e.rethrowAsParcelableException();
2130 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2131
2132 // Close any sockets that were opened by the affected UIDs. This has to be done after
2133 // disabling network connectivity, in case they react to the socket close by reopening
2134 // the connection and race with the iptables commands that enable the firewall. All
2135 // whitelist and blacklist chains allow RSTs through.
2136 if (enable) {
2137 if (DBG) Slog.d(TAG, "Closing sockets after enabling chain " + chainName);
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2138 closeSocketsForFirewallChainLocked(chain, chainName);
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2139 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2140 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2141 }
2142
2143 private int getFirewallType(int chain) {
2144 switch (chain) {
2145 case FIREWALL_CHAIN_STANDBY:
2146 return FIREWALL_TYPE_BLACKLIST;
2147 case FIREWALL_CHAIN_DOZABLE:
2148 return FIREWALL_TYPE_WHITELIST;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2149 case FIREWALL_CHAIN_POWERSAVE:
2150 return FIREWALL_TYPE_WHITELIST;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2151 default:
2152 return isFirewallEnabled() ? FIREWALL_TYPE_WHITELIST : FIREWALL_TYPE_BLACKLIST;
2153 }
2154 }
2155
2156 @Override
2157 public void setFirewallUidRules(int chain, int[] uids, int[] rules) {
2158 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2159 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2160 synchronized (mRulesLock) {
2161 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
2162 SparseIntArray newRules = new SparseIntArray();
2163 // apply new set of rules
2164 for (int index = uids.length - 1; index >= 0; --index) {
2165 int uid = uids[index];
2166 int rule = rules[index];
2167 updateFirewallUidRuleLocked(chain, uid, rule);
2168 newRules.put(uid, rule);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2169 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2170 // collect the rules to remove.
2171 SparseIntArray rulesToRemove = new SparseIntArray();
2172 for (int index = uidFirewallRules.size() - 1; index >= 0; --index) {
2173 int uid = uidFirewallRules.keyAt(index);
2174 if (newRules.indexOfKey(uid) < 0) {
2175 rulesToRemove.put(uid, FIREWALL_RULE_DEFAULT);
2176 }
2177 }
2178 // remove dead rules
2179 for (int index = rulesToRemove.size() - 1; index >= 0; --index) {
2180 int uid = rulesToRemove.keyAt(index);
2181 updateFirewallUidRuleLocked(chain, uid, FIREWALL_RULE_DEFAULT);
2182 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2183 }
2184 try {
2185 switch (chain) {
2186 case FIREWALL_CHAIN_DOZABLE:
2187 mNetdService.firewallReplaceUidChain("fw_dozable", true, uids);
2188 break;
2189 case FIREWALL_CHAIN_STANDBY:
2190 mNetdService.firewallReplaceUidChain("fw_standby", false, uids);
2191 break;
2192 case FIREWALL_CHAIN_POWERSAVE:
2193 mNetdService.firewallReplaceUidChain("fw_powersave", true, uids);
2194 break;
2195 case FIREWALL_CHAIN_NONE:
2196 default:
2197 Slog.d(TAG, "setFirewallUidRules() called on invalid chain: " + chain);
2198 }
2199 } catch (RemoteException e) {
2200 Slog.w(TAG, "Error flushing firewall chain " + chain, e);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2201 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2202 }
2203 }
2204
2205 @Override
2206 public void setFirewallUidRule(int chain, int uid, int rule) {
2207 enforceSystemUid();
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2208 synchronized (mQuotaLock) {
2209 setFirewallUidRuleLocked(chain, uid, rule);
2210 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2211 }
2212
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2213 private void setFirewallUidRuleLocked(int chain, int uid, int rule) {
2214 if (updateFirewallUidRuleLocked(chain, uid, rule)) {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2215 try {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2216 mConnector.execute("firewall", "set_uid_rule", getFirewallChainName(chain), uid,
2217 getFirewallRuleName(chain, rule));
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2218 } catch (NativeDaemonConnectorException e) {
2219 throw e.rethrowAsParcelableException();
2220 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2221 }
2222 }
2223
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2224 // TODO: now that netd supports batching, NMS should not keep these data structures anymore...
2225 private boolean updateFirewallUidRuleLocked(int chain, int uid, int rule) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2226 synchronized (mRulesLock) {
2227 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2228
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2229 final int oldUidFirewallRule = uidFirewallRules.get(uid, FIREWALL_RULE_DEFAULT);
2230 if (DBG) {
2231 Slog.d(TAG, "oldRule = " + oldUidFirewallRule
2232 + ", newRule=" + rule + " for uid=" + uid + " on chain " + chain);
2233 }
2234 if (oldUidFirewallRule == rule) {
2235 if (DBG) Slog.d(TAG, "!!!!! Skipping change");
2236 // TODO: eventually consider throwing
2237 return false;
2238 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2239
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2240 String ruleName = getFirewallRuleName(chain, rule);
2241 String oldRuleName = getFirewallRuleName(chain, oldUidFirewallRule);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2242
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2243 if (rule == NetworkPolicyManager.FIREWALL_RULE_DEFAULT) {
2244 uidFirewallRules.delete(uid);
2245 } else {
2246 uidFirewallRules.put(uid, rule);
2247 }
2248 return !ruleName.equals(oldRuleName);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2249 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2250 }
2251
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2252 private @NonNull String getFirewallRuleName(int chain, int rule) {
2253 String ruleName;
2254 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2255 if (rule == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2256 ruleName = "allow";
2257 } else {
2258 ruleName = "deny";
2259 }
2260 } else { // Blacklist mode
2261 if (rule == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2262 ruleName = "deny";
2263 } else {
2264 ruleName = "allow";
2265 }
2266 }
2267 return ruleName;
2268 }
2269
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2270 private @NonNull SparseIntArray getUidFirewallRulesLR(int chain) {
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2271 switch (chain) {
2272 case FIREWALL_CHAIN_STANDBY:
2273 return mUidFirewallStandbyRules;
2274 case FIREWALL_CHAIN_DOZABLE:
2275 return mUidFirewallDozableRules;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2276 case FIREWALL_CHAIN_POWERSAVE:
2277 return mUidFirewallPowerSaveRules;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2278 case FIREWALL_CHAIN_NONE:
2279 return mUidFirewallRules;
2280 default:
2281 throw new IllegalArgumentException("Unknown chain:" + chain);
2282 }
2283 }
2284
2285 public @NonNull String getFirewallChainName(int chain) {
2286 switch (chain) {
2287 case FIREWALL_CHAIN_STANDBY:
2288 return FIREWALL_CHAIN_NAME_STANDBY;
2289 case FIREWALL_CHAIN_DOZABLE:
2290 return FIREWALL_CHAIN_NAME_DOZABLE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2291 case FIREWALL_CHAIN_POWERSAVE:
2292 return FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2293 case FIREWALL_CHAIN_NONE:
2294 return FIREWALL_CHAIN_NAME_NONE;
2295 default:
2296 throw new IllegalArgumentException("Unknown chain:" + chain);
2297 }
2298 }
2299
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2300 private static void enforceSystemUid() {
2301 final int uid = Binder.getCallingUid();
2302 if (uid != Process.SYSTEM_UID) {
2303 throw new SecurityException("Only available to AID_SYSTEM");
2304 }
2305 }
2306
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2307 @Override
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2308 public void startClatd(String interfaceName) throws IllegalStateException {
2309 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2310
2311 try {
2312 mConnector.execute("clatd", "start", interfaceName);
2313 } catch (NativeDaemonConnectorException e) {
2314 throw e.rethrowAsParcelableException();
2315 }
2316 }
2317
2318 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2319 public void stopClatd(String interfaceName) throws IllegalStateException {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2320 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2321
2322 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2323 mConnector.execute("clatd", "stop", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2324 } catch (NativeDaemonConnectorException e) {
2325 throw e.rethrowAsParcelableException();
2326 }
2327 }
2328
2329 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2330 public boolean isClatdStarted(String interfaceName) {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2331 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2332
2333 final NativeDaemonEvent event;
2334 try {
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2335 event = mConnector.execute("clatd", "status", interfaceName);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2336 } catch (NativeDaemonConnectorException e) {
2337 throw e.rethrowAsParcelableException();
2338 }
2339
2340 event.checkCode(ClatdStatusResult);
2341 return event.getMessage().endsWith("started");
2342 }
2343
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2344 @Override
2345 public void registerNetworkActivityListener(INetworkActivityListener listener) {
2346 mNetworkActivityListeners.register(listener);
2347 }
2348
2349 @Override
2350 public void unregisterNetworkActivityListener(INetworkActivityListener listener) {
2351 mNetworkActivityListeners.unregister(listener);
2352 }
2353
2354 @Override
2355 public boolean isNetworkActive() {
2356 synchronized (mNetworkActivityListeners) {
2357 return mNetworkActive || mActiveIdleTimers.isEmpty();
2358 }
2359 }
2360
2361 private void reportNetworkActive() {
2362 final int length = mNetworkActivityListeners.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2363 try {
2364 for (int i = 0; i < length; i++) {
2365 try {
2366 mNetworkActivityListeners.getBroadcastItem(i).onNetworkActive();
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]2367 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2368 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2369 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2370 } finally {
2371 mNetworkActivityListeners.finishBroadcast();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2372 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2373 }
2374
Mattias Falk8b47b362011-08-23 14:15:13 +0200[diff] [blame]2375 /** {@inheritDoc} */
Jeff Sharkey7b4596f2013-02-25 10:55:29 -0800[diff] [blame]2376 @Override
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]2377 public void monitor() {
2378 if (mConnector != null) {
2379 mConnector.monitor();
2380 }
2381 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2382
2383 @Override
2384 protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]2385 if (!DumpUtils.checkDumpPermission(mContext, TAG, pw)) return;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2386
Robert Greenwalt470fd722012-01-18 12:51:15 -0800[diff] [blame]2387 pw.println("NetworkManagementService NativeDaemonConnector Log:");
2388 mConnector.dump(fd, pw, args);
2389 pw.println();
2390
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2391 pw.print("Bandwidth control enabled: "); pw.println(mBandwidthControlEnabled);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]2392 pw.print("mMobileActivityFromRadio="); pw.print(mMobileActivityFromRadio);
2393 pw.print(" mLastPowerStateFromRadio="); pw.println(mLastPowerStateFromRadio);
2394 pw.print("mNetworkActive="); pw.println(mNetworkActive);
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2395
2396 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]2397 pw.print("Active quota ifaces: "); pw.println(mActiveQuotas.toString());
2398 pw.print("Active alert ifaces: "); pw.println(mActiveAlerts.toString());
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2399 pw.print("Data saver mode: "); pw.println(mDataSaverMode);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2400 synchronized (mRulesLock) {
2401 dumpUidRuleOnQuotaLocked(pw, "blacklist", mUidRejectOnMetered);
2402 dumpUidRuleOnQuotaLocked(pw, "whitelist", mUidAllowOnMetered);
2403 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2404 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2405
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2406 synchronized (mRulesLock) {
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2407 dumpUidFirewallRule(pw, "", mUidFirewallRules);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2408
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2409 pw.print("UID firewall standby chain enabled: "); pw.println(
2410 getFirewallChainState(FIREWALL_CHAIN_STANDBY));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2411 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_STANDBY, mUidFirewallStandbyRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2412
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2413 pw.print("UID firewall dozable chain enabled: "); pw.println(
2414 getFirewallChainState(FIREWALL_CHAIN_DOZABLE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2415 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_DOZABLE, mUidFirewallDozableRules);
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2416
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2417 pw.println("UID firewall powersave chain enabled: " +
2418 getFirewallChainState(FIREWALL_CHAIN_POWERSAVE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2419 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_POWERSAVE, mUidFirewallPowerSaveRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2420 }
2421
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2422 synchronized (mIdleTimerLock) {
2423 pw.println("Idle timers:");
2424 for (HashMap.Entry<String, IdleTimerParams> ent : mActiveIdleTimers.entrySet()) {
2425 pw.print(" "); pw.print(ent.getKey()); pw.println(":");
2426 IdleTimerParams params = ent.getValue();
2427 pw.print(" timeout="); pw.print(params.timeout);
2428 pw.print(" type="); pw.print(params.type);
2429 pw.print(" networkCount="); pw.println(params.networkCount);
2430 }
2431 }
2432
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2433 pw.print("Firewall enabled: "); pw.println(mFirewallEnabled);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2434 pw.print("Netd service status: " );
2435 if (mNetdService == null) {
2436 pw.println("disconnected");
2437 } else {
2438 try {
2439 final boolean alive = mNetdService.isAlive();
2440 pw.println(alive ? "alive": "dead");
2441 } catch (RemoteException e) {
2442 pw.println("unreachable");
2443 }
2444 }
2445 }
2446
2447 private void dumpUidRuleOnQuotaLocked(PrintWriter pw, String name, SparseBooleanArray list) {
2448 pw.print("UID bandwith control ");
2449 pw.print(name);
2450 pw.print(" rule: [");
2451 final int size = list.size();
2452 for (int i = 0; i < size; i++) {
2453 pw.print(list.keyAt(i));
2454 if (i < size - 1) pw.print(",");
2455 }
2456 pw.println("]");
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2457 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2458
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2459 private void dumpUidFirewallRule(PrintWriter pw, String name, SparseIntArray rules) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2460 pw.print("UID firewall ");
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2461 pw.print(name);
2462 pw.print(" rule: [");
2463 final int size = rules.size();
2464 for (int i = 0; i < size; i++) {
2465 pw.print(rules.keyAt(i));
2466 pw.print(":");
2467 pw.print(rules.valueAt(i));
2468 if (i < size - 1) pw.print(",");
2469 }
2470 pw.println("]");
2471 }
2472
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2473 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2474 public void createPhysicalNetwork(int netId, String permission) {
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2475 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2476
2477 try {
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2478 if (permission != null) {
2479 mConnector.execute("network", "create", netId, permission);
2480 } else {
2481 mConnector.execute("network", "create", netId);
2482 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2483 } catch (NativeDaemonConnectorException e) {
2484 throw e.rethrowAsParcelableException();
2485 }
2486 }
2487
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2488 @Override
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2489 public void createVirtualNetwork(int netId, boolean hasDNS, boolean secure) {
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2490 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2491
2492 try {
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2493 mConnector.execute("network", "create", netId, "vpn", hasDNS ? "1" : "0",
2494 secure ? "1" : "0");
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2495 } catch (NativeDaemonConnectorException e) {
2496 throw e.rethrowAsParcelableException();
2497 }
2498 }
2499
2500 @Override
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2501 public void removeNetwork(int netId) {
2502 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2503
2504 try {
2505 mConnector.execute("network", "destroy", netId);
2506 } catch (NativeDaemonConnectorException e) {
2507 throw e.rethrowAsParcelableException();
2508 }
2509 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2510
2511 @Override
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2512 public void addInterfaceToNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2513 modifyInterfaceInNetwork("add", "" + netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2514 }
2515
2516 @Override
2517 public void removeInterfaceFromNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2518 modifyInterfaceInNetwork("remove", "" + netId, iface);
2519 }
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2520
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2521 private void modifyInterfaceInNetwork(String action, String netId, String iface) {
2522 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2523 try {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2524 mConnector.execute("network", "interface", action, netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2525 } catch (NativeDaemonConnectorException e) {
2526 throw e.rethrowAsParcelableException();
2527 }
2528 }
2529
2530 @Override
Robert Greenwalt913c8952014-04-07 17:36:35 -0700[diff] [blame]2531 public void addLegacyRouteForNetId(int netId, RouteInfo routeInfo, int uid) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2532 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2533
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]2534 final Command cmd = new Command("network", "route", "legacy", uid, "add", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2535
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2536 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandrancc91c7b2014-06-03 18:41:43 -0700[diff] [blame]2537 final LinkAddress la = routeInfo.getDestinationLinkAddress();
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2538 cmd.appendArg(routeInfo.getInterface());
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]2539 cmd.appendArg(la.getAddress().getHostAddress() + "/" + la.getPrefixLength());
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2540 if (routeInfo.hasGateway()) {
2541 cmd.appendArg(routeInfo.getGateway().getHostAddress());
2542 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2543
2544 try {
2545 mConnector.execute(cmd);
2546 } catch (NativeDaemonConnectorException e) {
2547 throw e.rethrowAsParcelableException();
2548 }
2549 }
2550
2551 @Override
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2552 public void setDefaultNetId(int netId) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2553 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2554
2555 try {
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2556 mConnector.execute("network", "default", "set", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2557 } catch (NativeDaemonConnectorException e) {
2558 throw e.rethrowAsParcelableException();
2559 }
2560 }
2561
2562 @Override
2563 public void clearDefaultNetId() {
2564 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2565
2566 try {
2567 mConnector.execute("network", "default", "clear");
2568 } catch (NativeDaemonConnectorException e) {
2569 throw e.rethrowAsParcelableException();
2570 }
2571 }
2572
2573 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2574 public void setNetworkPermission(int netId, String permission) {
2575 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2576
2577 try {
2578 if (permission != null) {
2579 mConnector.execute("network", "permission", "network", "set", permission, netId);
2580 } else {
2581 mConnector.execute("network", "permission", "network", "clear", netId);
2582 }
2583 } catch (NativeDaemonConnectorException e) {
2584 throw e.rethrowAsParcelableException();
2585 }
2586 }
2587
2588
2589 @Override
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2590 public void setPermission(String permission, int[] uids) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2591 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2592
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2593 Object[] argv = new Object[4 + MAX_UID_RANGES_PER_COMMAND];
2594 argv[0] = "permission";
2595 argv[1] = "user";
2596 argv[2] = "set";
2597 argv[3] = permission;
2598 int argc = 4;
2599 // Avoid overly long commands by limiting number of UIDs per command.
2600 for (int i = 0; i < uids.length; ++i) {
2601 argv[argc++] = uids[i];
2602 if (i == uids.length - 1 || argc == argv.length) {
2603 try {
2604 mConnector.execute("network", Arrays.copyOf(argv, argc));
2605 } catch (NativeDaemonConnectorException e) {
2606 throw e.rethrowAsParcelableException();
2607 }
2608 argc = 4;
2609 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2610 }
2611 }
2612
2613 @Override
2614 public void clearPermission(int[] uids) {
2615 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2616
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2617 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
2618 argv[0] = "permission";
2619 argv[1] = "user";
2620 argv[2] = "clear";
2621 int argc = 3;
2622 // Avoid overly long commands by limiting number of UIDs per command.
2623 for (int i = 0; i < uids.length; ++i) {
2624 argv[argc++] = uids[i];
2625 if (i == uids.length - 1 || argc == argv.length) {
2626 try {
2627 mConnector.execute("network", Arrays.copyOf(argv, argc));
2628 } catch (NativeDaemonConnectorException e) {
2629 throw e.rethrowAsParcelableException();
2630 }
2631 argc = 3;
2632 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2633 }
2634 }
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2635
2636 @Override
2637 public void allowProtect(int uid) {
2638 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2639
2640 try {
2641 mConnector.execute("network", "protect", "allow", uid);
2642 } catch (NativeDaemonConnectorException e) {
2643 throw e.rethrowAsParcelableException();
2644 }
2645 }
2646
2647 @Override
2648 public void denyProtect(int uid) {
2649 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2650
2651 try {
2652 mConnector.execute("network", "protect", "deny", uid);
2653 } catch (NativeDaemonConnectorException e) {
2654 throw e.rethrowAsParcelableException();
2655 }
2656 }
2657
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2658 @Override
2659 public void addInterfaceToLocalNetwork(String iface, List<RouteInfo> routes) {
2660 modifyInterfaceInNetwork("add", "local", iface);
2661
2662 for (RouteInfo route : routes) {
2663 if (!route.isDefaultRoute()) {
2664 modifyRoute("add", "local", route);
2665 }
2666 }
2667 }
2668
2669 @Override
2670 public void removeInterfaceFromLocalNetwork(String iface) {
2671 modifyInterfaceInNetwork("remove", "local", iface);
2672 }
Erik Kline6599ee82016-07-17 21:28:39 +0900[diff] [blame]2673
2674 @Override
2675 public int removeRoutesFromLocalNetwork(List<RouteInfo> routes) {
2676 int failures = 0;
2677
2678 for (RouteInfo route : routes) {
2679 try {
2680 modifyRoute("remove", "local", route);
2681 } catch (IllegalStateException e) {
2682 failures++;
2683 }
2684 }
2685
2686 return failures;
2687 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2688
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2689 @Override
2690 public boolean isNetworkRestricted(int uid) {
2691 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2692 return isNetworkRestrictedInternal(uid);
2693 }
2694
2695 private boolean isNetworkRestrictedInternal(int uid) {
2696 synchronized (mRulesLock) {
2697 if (getFirewallChainState(FIREWALL_CHAIN_STANDBY)
2698 && mUidFirewallStandbyRules.get(uid) == FIREWALL_RULE_DENY) {
2699 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of app standby mode");
2700 return true;
2701 }
2702 if (getFirewallChainState(FIREWALL_CHAIN_DOZABLE)
2703 && mUidFirewallDozableRules.get(uid) != FIREWALL_RULE_ALLOW) {
2704 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of device idle mode");
2705 return true;
2706 }
2707 if (getFirewallChainState(FIREWALL_CHAIN_POWERSAVE)
2708 && mUidFirewallPowerSaveRules.get(uid) != FIREWALL_RULE_ALLOW) {
2709 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of power saver mode");
2710 return true;
2711 }
2712 if (mUidRejectOnMetered.get(uid)) {
2713 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of no metered data"
2714 + " in the background");
2715 return true;
2716 }
2717 if (mDataSaverMode && !mUidAllowOnMetered.get(uid)) {
2718 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of data saver mode");
2719 return true;
2720 }
2721 return false;
2722 }
2723 }
2724
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2725 private void setFirewallChainState(int chain, boolean state) {
2726 synchronized (mRulesLock) {
2727 mFirewallChainStates.put(chain, state);
2728 }
2729 }
2730
2731 private boolean getFirewallChainState(int chain) {
2732 synchronized (mRulesLock) {
2733 return mFirewallChainStates.get(chain);
2734 }
2735 }
2736
2737 @VisibleForTesting
2738 class LocalService extends NetworkManagementInternal {
2739 @Override
2740 public boolean isNetworkRestrictedForUid(int uid) {
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2741 return isNetworkRestrictedInternal(uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2742 }
2743 }
2744
2745 @VisibleForTesting
2746 Injector getInjector() {
2747 return new Injector();
2748 }
2749
2750 @VisibleForTesting
2751 class Injector {
2752 void setDataSaverMode(boolean dataSaverMode) {
2753 mDataSaverMode = dataSaverMode;
2754 }
2755
2756 void setFirewallChainState(int chain, boolean state) {
2757 NetworkManagementService.this.setFirewallChainState(chain, state);
2758 }
2759
2760 void setFirewallRule(int chain, int uid, int rule) {
2761 synchronized (mRulesLock) {
2762 getUidFirewallRulesLR(chain).put(uid, rule);
2763 }
2764 }
2765
2766 void setUidOnMeteredNetworkList(boolean blacklist, int uid, boolean enable) {
2767 synchronized (mRulesLock) {
2768 if (blacklist) {
2769 mUidRejectOnMetered.put(uid, enable);
2770 } else {
2771 mUidAllowOnMetered.put(uid, enable);
2772 }
2773 }
2774 }
2775
2776 void reset() {
2777 synchronized (mRulesLock) {
2778 setDataSaverMode(false);
2779 final int[] chains = {
2780 FIREWALL_CHAIN_DOZABLE,
2781 FIREWALL_CHAIN_STANDBY,
2782 FIREWALL_CHAIN_POWERSAVE
2783 };
2784 for (int chain : chains) {
2785 setFirewallChainState(chain, false);
2786 getUidFirewallRulesLR(chain).clear();
2787 }
2788 mUidAllowOnMetered.clear();
2789 mUidRejectOnMetered.clear();
2790 }
2791 }
2792 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]2793}