Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / f5845d14e1b32a1a7cf39a6fe3a6982931715283 / . / services / core / java / com / android / server / NetworkManagementService.java
blob: ab0a56516ff4c69c094902d01b7cf4d58abf7ed1 [file] [log] [blame]
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1/*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server;
18
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]19import static android.Manifest.permission.CONNECTIVITY_INTERNAL;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]20import static android.Manifest.permission.DUMP;
Sehee Parka9139bc2017-12-22 13:54:05 +0900[diff] [blame]21import static android.Manifest.permission.NETWORK_SETTINGS;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]22import static android.Manifest.permission.NETWORK_STACK;
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]23import static android.Manifest.permission.SHUTDOWN;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]24import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE;
25import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE;
26import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]27import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]28import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_STANDBY;
29import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NONE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]30import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]31import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_STANDBY;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]32import static android.net.NetworkPolicyManager.FIREWALL_RULE_ALLOW;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]33import static android.net.NetworkPolicyManager.FIREWALL_RULE_DEFAULT;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]34import static android.net.NetworkPolicyManager.FIREWALL_RULE_DENY;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]35import static android.net.NetworkPolicyManager.FIREWALL_TYPE_BLACKLIST;
36import static android.net.NetworkPolicyManager.FIREWALL_TYPE_WHITELIST;
Jeff Sharkeyb5d55e32011-08-10 17:53:27 -0700[diff] [blame]37import static android.net.NetworkStats.SET_DEFAULT;
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]38import static android.net.NetworkStats.STATS_PER_UID;
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]39import static android.net.NetworkStats.TAG_ALL;
Jeff Sharkey1b5a2a92011-06-18 18:34:16 -0700[diff] [blame]40import static android.net.NetworkStats.TAG_NONE;
41import static android.net.NetworkStats.UID_ALL;
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]42import static android.net.TrafficStats.UID_TETHERING;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]43import static com.android.server.NetworkManagementService.NetdResponseCode.ClatdStatusResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]44import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceGetCfgResult;
45import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]46import static com.android.server.NetworkManagementService.NetdResponseCode.IpFwdStatusResult;
47import static com.android.server.NetworkManagementService.NetdResponseCode.TetherDnsFwdTgtListResult;
48import static com.android.server.NetworkManagementService.NetdResponseCode.TetherInterfaceListResult;
49import static com.android.server.NetworkManagementService.NetdResponseCode.TetherStatusResult;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]50import static com.android.server.NetworkManagementService.NetdResponseCode.TetheringStatsListResult;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]51import static com.android.server.NetworkManagementService.NetdResponseCode.TtyListResult;
Jeff Sharkeya63ba592011-07-19 23:47:12 -0700[diff] [blame]52import static com.android.server.NetworkManagementSocketTagger.PROP_QTAGUID_ENABLED;
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]53
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]54import android.annotation.NonNull;
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]55import android.app.ActivityManager;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]56import android.content.ContentResolver;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]57import android.content.Context;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]58import android.net.ConnectivityManager;
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]59import android.net.INetd;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]60import android.net.INetworkManagementEventObserver;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]61import android.net.ITetheringStatsProvider;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]62import android.net.InterfaceConfiguration;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]63import android.net.IpPrefix;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]64import android.net.LinkAddress;
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]65import android.net.Network;
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]66import android.net.NetworkPolicyManager;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]67import android.net.NetworkStats;
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]68import android.net.NetworkUtils;
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]69import android.net.RouteInfo;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]70import android.net.UidRange;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]71import android.net.util.NetdService;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]72import android.net.wifi.WifiConfiguration;
73import android.net.wifi.WifiConfiguration.KeyMgmt;
Dianne Hackborn91268cf2013-06-13 19:06:50 -0700[diff] [blame]74import android.os.BatteryStats;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]75import android.os.Binder;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]76import android.os.Handler;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]77import android.os.IBinder;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]78import android.os.INetworkActivityListener;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]79import android.os.INetworkManagementService;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]80import android.os.PersistableBundle;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]81import android.os.PowerManager;
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]82import android.os.Process;
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]83import android.os.RemoteCallbackList;
84import android.os.RemoteException;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]85import android.os.ServiceManager;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]86import android.os.ServiceSpecificException;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]87import android.os.StrictMode;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]88import android.os.SystemClock;
Marco Nelissen62dbb222010-02-18 10:56:30 -0800[diff] [blame]89import android.os.SystemProperties;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]90import android.os.Trace;
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]91import android.provider.Settings;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]92import android.telephony.DataConnectionRealTimeInfo;
93import android.telephony.PhoneStateListener;
Wink Savillefb40dd42014-06-12 17:02:31 -0700[diff] [blame]94import android.telephony.SubscriptionManager;
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]95import android.telephony.TelephonyManager;
Erik Kline4d092232017-10-30 15:29:44 +0900[diff] [blame]96import android.text.TextUtils;
Irfan Sheriff9ab518ad2010-03-12 15:48:17 -0800[diff] [blame]97import android.util.Log;
Joe Onorato8a9b2202010-02-26 18:56:32 -0800[diff] [blame]98import android.util.Slog;
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]99import android.util.SparseBooleanArray;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]100import android.util.SparseIntArray;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]101
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]102import com.android.internal.annotations.GuardedBy;
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]103import com.android.internal.annotations.VisibleForTesting;
Jeff Sharkey7a1c3fc2013-06-04 12:29:00 -0700[diff] [blame]104import com.android.internal.app.IBatteryStats;
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]105import com.android.internal.net.NetworkStatsFactory;
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]106import com.android.internal.util.DumpUtils;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]107import com.android.internal.util.HexDump;
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]108import com.android.internal.util.Preconditions;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]109import com.android.server.NativeDaemonConnector.Command;
Jeff Sharkey56cd6462013-06-07 15:09:15 -0700[diff] [blame]110import com.android.server.NativeDaemonConnector.SensitiveArg;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]111import com.google.android.collect.Maps;
Jeff Sharkey4414cea2011-06-24 17:05:24 -0700[diff] [blame]112
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]113import java.io.BufferedReader;
114import java.io.DataInputStream;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]115import java.io.File;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]116import java.io.FileDescriptor;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]117import java.io.FileInputStream;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]118import java.io.IOException;
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]119import java.io.InputStreamReader;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]120import java.io.PrintWriter;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]121import java.net.InetAddress;
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]122import java.net.InterfaceAddress;
123import java.net.NetworkInterface;
124import java.net.SocketException;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]125import java.util.ArrayList;
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]126import java.util.Arrays;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]127import java.util.HashMap;
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]128import java.util.List;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]129import java.util.Map;
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]130import java.util.NoSuchElementException;
131import java.util.StringTokenizer;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]132import java.util.concurrent.CountDownLatch;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]133
134/**
135 * @hide
136 */
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]137public class NetworkManagementService extends INetworkManagementService.Stub
138 implements Watchdog.Monitor {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]139
140 /**
141 * Helper class that encapsulates NetworkManagementService dependencies and makes them
142 * easier to mock in unit tests.
143 */
144 static class SystemServices {
145 public IBinder getService(String name) {
146 return ServiceManager.getService(name);
147 }
148 public void registerLocalService(NetworkManagementInternal nmi) {
149 LocalServices.addService(NetworkManagementInternal.class, nmi);
150 }
151 public INetd getNetd() {
152 return NetdService.get();
153 }
154 }
155
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]156 private static final String TAG = "NetworkManagement";
157 private static final boolean DBG = Log.isLoggable(TAG, Log.DEBUG);
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]158 private static final String NETD_TAG = "NetdConnector";
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]159 static final String NETD_SERVICE_NAME = "netd";
Kenny Root305bcbf2010-09-03 07:56:38 -0700[diff] [blame]160
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]161 private static final int MAX_UID_RANGES_PER_COMMAND = 10;
162
Luke Huang4a32bf42018-08-21 19:09:45 +0800[diff] [blame]163 private static final String[] EMPTY_STRING_ARRAY = new String[0];
164
Jeff Sharkey8e9992a2011-08-23 18:37:23 -0700[diff] [blame]165 /**
166 * Name representing {@link #setGlobalAlert(long)} limit when delivered to
167 * {@link INetworkManagementEventObserver#limitReached(String, String)}.
168 */
169 public static final String LIMIT_GLOBAL_ALERT = "globalAlert";
170
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]171 /**
172 * String to pass to netd to indicate that a network is only accessible
173 * to apps that have the CHANGE_NETWORK_STATE permission.
174 */
175 public static final String PERMISSION_NETWORK = "NETWORK";
176
177 /**
178 * String to pass to netd to indicate that a network is only
179 * accessible to system apps and those with the CONNECTIVITY_INTERNAL
180 * permission.
181 */
182 public static final String PERMISSION_SYSTEM = "SYSTEM";
183
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]184 static class NetdResponseCode {
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]185 /* Keep in sync with system/netd/server/ResponseCode.h */
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]186 public static final int InterfaceListResult = 110;
187 public static final int TetherInterfaceListResult = 111;
188 public static final int TetherDnsFwdTgtListResult = 112;
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]189 public static final int TtyListResult = 113;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]190 public static final int TetheringStatsListResult = 114;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]191
192 public static final int TetherStatusResult = 210;
193 public static final int IpFwdStatusResult = 211;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]194 public static final int InterfaceGetCfgResult = 213;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]195 public static final int SoftapStatusResult = 214;
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]196 public static final int InterfaceRxCounterResult = 216;
197 public static final int InterfaceTxCounterResult = 217;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]198 public static final int QuotaCounterResult = 220;
199 public static final int TetheringStatsResult = 221;
Selim Gurun84c00c62012-02-27 15:42:38 -0800[diff] [blame]200 public static final int DnsProxyQueryResult = 222;
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]201 public static final int ClatdStatusResult = 223;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]202
203 public static final int InterfaceChange = 600;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]204 public static final int BandwidthControl = 601;
Haoyu Bai6b7358d2012-07-17 16:36:50 -0700[diff] [blame]205 public static final int InterfaceClassActivity = 613;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]206 public static final int InterfaceAddressChange = 614;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]207 public static final int InterfaceDnsServerInfo = 615;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]208 public static final int RouteChange = 616;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]209 public static final int StrictCleartext = 617;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]210 }
211
Rebecca Silbersteine2ec94f2016-03-24 13:29:00 -0700[diff] [blame]212 /**
213 * String indicating a softap command.
214 */
215 static final String SOFT_AP_COMMAND = "softap";
216
217 /**
218 * String passed back to netd connector indicating softap command success.
219 */
220 static final String SOFT_AP_COMMAND_SUCCESS = "Ok";
221
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]222 static final int DAEMON_MSG_MOBILE_CONN_REAL_TIME_INFO = 1;
223
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]224 /**
225 * Binder context for this service
226 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]227 private final Context mContext;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]228
229 /**
230 * connector object for communicating with netd
231 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]232 private final NativeDaemonConnector mConnector;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]233
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]234 private final Handler mFgHandler;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]235 private final Handler mDaemonHandler;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]236
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]237 private final SystemServices mServices;
238
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]239 private INetd mNetdService;
240
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]241 private IBatteryStats mBatteryStats;
242
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]243 private final Thread mThread;
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]244 private CountDownLatch mConnectedSignal = new CountDownLatch(1);
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]245
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]246 private final RemoteCallbackList<INetworkManagementEventObserver> mObservers =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]247 new RemoteCallbackList<>();
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]248
Jeff Sharkey1059c3c2011-10-04 16:54:49 -0700[diff] [blame]249 private final NetworkStatsFactory mStatsFactory = new NetworkStatsFactory();
250
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]251 @GuardedBy("mTetheringStatsProviders")
252 private final HashMap<ITetheringStatsProvider, String>
253 mTetheringStatsProviders = Maps.newHashMap();
254
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]255 /**
256 * If both locks need to be held, then they should be obtained in the order:
257 * first {@link #mQuotaLock} and then {@link #mRulesLock}.
258 */
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]259 private final Object mQuotaLock = new Object();
Andrew Scull519291f2017-05-23 13:11:03 +0100[diff] [blame]260 private final Object mRulesLock = new Object();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]261
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]262 /** Set of interfaces with active quotas. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]263 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]264 private HashMap<String, Long> mActiveQuotas = Maps.newHashMap();
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]265 /** Set of interfaces with active alerts. */
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]266 @GuardedBy("mQuotaLock")
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]267 private HashMap<String, Long> mActiveAlerts = Maps.newHashMap();
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]268 /** Set of UIDs blacklisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]269 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]270 private SparseBooleanArray mUidRejectOnMetered = new SparseBooleanArray();
271 /** Set of UIDs whitelisted on metered networks. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]272 @GuardedBy("mRulesLock")
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]273 private SparseBooleanArray mUidAllowOnMetered = new SparseBooleanArray();
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]274 /** Set of UIDs with cleartext penalties. */
275 @GuardedBy("mQuotaLock")
276 private SparseIntArray mUidCleartextPolicy = new SparseIntArray();
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]277 /** Set of UIDs that are to be blocked/allowed by firewall controller. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]278 @GuardedBy("mRulesLock")
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]279 private SparseIntArray mUidFirewallRules = new SparseIntArray();
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]280 /**
281 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
282 * to application idles.
283 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]284 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]285 private SparseIntArray mUidFirewallStandbyRules = new SparseIntArray();
286 /**
287 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
288 * to device idles.
289 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]290 @GuardedBy("mRulesLock")
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]291 private SparseIntArray mUidFirewallDozableRules = new SparseIntArray();
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]292 /**
293 * Set of UIDs that are to be blocked/allowed by firewall controller. This set of Ids matches
294 * to device on power-save mode.
295 */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]296 @GuardedBy("mRulesLock")
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]297 private SparseIntArray mUidFirewallPowerSaveRules = new SparseIntArray();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]298 /** Set of states for the child firewall chains. True if the chain is active. */
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]299 @GuardedBy("mRulesLock")
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]300 final SparseBooleanArray mFirewallChainStates = new SparseBooleanArray();
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]301
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]302 @GuardedBy("mQuotaLock")
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]303 private volatile boolean mDataSaverMode;
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]304
Andrew Scull45f533c2017-05-19 15:37:20 +0100[diff] [blame]305 private final Object mIdleTimerLock = new Object();
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]306 /** Set of interfaces with active idle timers. */
307 private static class IdleTimerParams {
308 public final int timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]309 public final int type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]310 public int networkCount;
311
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]312 IdleTimerParams(int timeout, int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]313 this.timeout = timeout;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]314 this.type = type;
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]315 this.networkCount = 1;
316 }
317 }
318 private HashMap<String, IdleTimerParams> mActiveIdleTimers = Maps.newHashMap();
319
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]320 private volatile boolean mFirewallEnabled;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]321 private volatile boolean mStrictEnabled;
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]322
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]323 private boolean mMobileActivityFromRadio = false;
324 private int mLastPowerStateFromRadio = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]325 private int mLastPowerStateFromWifi = DataConnectionRealTimeInfo.DC_POWER_STATE_LOW;
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]326
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]327 private final RemoteCallbackList<INetworkActivityListener> mNetworkActivityListeners =
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]328 new RemoteCallbackList<>();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]329 private boolean mNetworkActive;
330
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]331 /**
332 * Constructs a new NetworkManagementService instance
333 *
334 * @param context Binder context for this service
335 */
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]336 private NetworkManagementService(
337 Context context, String socket, SystemServices services) {
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]338 mContext = context;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]339 mServices = services;
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]340
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]341 // make sure this is on the same looper as our NativeDaemonConnector for sync purposes
342 mFgHandler = new Handler(FgThread.get().getLooper());
343
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]344 // Don't need this wake lock, since we now have a time stamp for when
345 // the network actually went inactive. (It might be nice to still do this,
346 // but I don't want to do it through the power manager because that pollutes the
347 // battery stats history with pointless noise.)
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]348 //PowerManager pm = (PowerManager)context.getSystemService(Context.POWER_SERVICE);
Dianne Hackborn4590e522014-03-24 13:36:46 -0700[diff] [blame]349 PowerManager.WakeLock wl = null; //pm.newWakeLock(PowerManager.PARTIAL_WAKE_LOCK, NETD_TAG);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]350
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]351 mConnector = new NativeDaemonConnector(
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]352 new NetdCallbackReceiver(), socket, 10, NETD_TAG, 160, wl,
353 FgThread.get().getLooper());
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]354 mThread = new Thread(mConnector, NETD_TAG);
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]355
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]356 mDaemonHandler = new Handler(FgThread.get().getLooper());
Wink Saville67e07892014-06-18 16:43:14 -0700[diff] [blame]357
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]358 // Add ourself to the Watchdog monitors.
359 Watchdog.getInstance().addMonitor(this);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]360
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]361 mServices.registerLocalService(new LocalService());
Lorenzo Colitti8228eb32017-07-19 06:17:33 +0900[diff] [blame]362
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]363 synchronized (mTetheringStatsProviders) {
364 mTetheringStatsProviders.put(new NetdTetheringStatsProvider(), "netd");
365 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]366 }
367
368 @VisibleForTesting
369 NetworkManagementService() {
370 mConnector = null;
371 mContext = null;
372 mDaemonHandler = null;
373 mFgHandler = null;
374 mThread = null;
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]375 mServices = null;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]376 }
377
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]378 static NetworkManagementService create(Context context, String socket, SystemServices services)
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]379 throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]380 final NetworkManagementService service =
381 new NetworkManagementService(context, socket, services);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]382 final CountDownLatch connectedSignal = service.mConnectedSignal;
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]383 if (DBG) Slog.d(TAG, "Creating NetworkManagementService");
384 service.mThread.start();
385 if (DBG) Slog.d(TAG, "Awaiting socket connection");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]386 connectedSignal.await();
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]387 if (DBG) Slog.d(TAG, "Connected");
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]388 if (DBG) Slog.d(TAG, "Connecting native netd service");
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]389 service.connectNativeNetdService();
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]390 if (DBG) Slog.d(TAG, "Connected");
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]391 return service;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]392 }
393
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]394 public static NetworkManagementService create(Context context) throws InterruptedException {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]395 return create(context, NETD_SERVICE_NAME, new SystemServices());
Lorenzo Colitti7421a012013-08-20 22:51:24 +0900[diff] [blame]396 }
397
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]398 public void systemReady() {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]399 if (DBG) {
400 final long start = System.currentTimeMillis();
401 prepareNativeDaemon();
402 final long delta = System.currentTimeMillis() - start;
403 Slog.d(TAG, "Prepared in " + delta + "ms");
404 return;
405 } else {
406 prepareNativeDaemon();
407 }
Jeff Sharkey350083e2011-06-29 10:45:16 -0700[diff] [blame]408 }
409
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]410 private IBatteryStats getBatteryStats() {
411 synchronized (this) {
412 if (mBatteryStats != null) {
413 return mBatteryStats;
414 }
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]415 mBatteryStats =
416 IBatteryStats.Stub.asInterface(mServices.getService(BatteryStats.SERVICE_NAME));
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]417 return mBatteryStats;
418 }
419 }
420
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]421 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]422 public void registerObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]423 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]424 mObservers.register(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]425 }
426
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]427 @Override
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]428 public void unregisterObserver(INetworkManagementEventObserver observer) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]429 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]430 mObservers.unregister(observer);
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]431 }
432
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]433 @FunctionalInterface
434 private interface NetworkManagementEventCallback {
435 public void sendCallback(INetworkManagementEventObserver o) throws RemoteException;
436 }
437
438 private void invokeForAllObservers(NetworkManagementEventCallback eventCallback) {
Jeff Sharkey3df273e2011-12-15 15:47:12 -0800[diff] [blame]439 final int length = mObservers.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]440 try {
441 for (int i = 0; i < length; i++) {
442 try {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]443 eventCallback.sendCallback(mObservers.getBroadcastItem(i));
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]444 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]445 }
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]446 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]447 } finally {
448 mObservers.finishBroadcast();
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]449 }
450 }
451
452 /**
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]453 * Notify our observers of an interface status change
454 */
455 private void notifyInterfaceStatusChanged(String iface, boolean up) {
456 invokeForAllObservers(o -> o.interfaceStatusChanged(iface, up));
457 }
458
459 /**
Mike J. Chenf59c7d02011-06-23 15:33:15 -0700[diff] [blame]460 * Notify our observers of an interface link state change
Mike J. Chen6143f5f2011-06-23 15:17:51 -0700[diff] [blame]461 * (typically, an Ethernet cable has been plugged-in or unplugged).
462 */
463 private void notifyInterfaceLinkStateChanged(String iface, boolean up) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]464 invokeForAllObservers(o -> o.interfaceLinkStateChanged(iface, up));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]465 }
466
467 /**
468 * Notify our observers of an interface addition.
469 */
470 private void notifyInterfaceAdded(String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]471 invokeForAllObservers(o -> o.interfaceAdded(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]472 }
473
474 /**
475 * Notify our observers of an interface removal.
476 */
477 private void notifyInterfaceRemoved(String iface) {
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]478 // netd already clears out quota and alerts for removed ifaces; update
479 // our sanity-checking state.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]480 mActiveAlerts.remove(iface);
481 mActiveQuotas.remove(iface);
Jeff Sharkey89b8a212011-10-11 11:58:11 -0700[diff] [blame]482
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]483 invokeForAllObservers(o -> o.interfaceRemoved(iface));
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]484 }
485
Robert Greenwalte5c3afb2010-09-22 14:32:35 -0700[diff] [blame]486 /**
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]487 * Notify our observers of a limit reached.
488 */
489 private void notifyLimitReached(String limitName, String iface) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]490 invokeForAllObservers(o -> o.limitReached(limitName, iface));
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]491 }
492
493 /**
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]494 * Notify our observers of a change in the data activity state of the interface
495 */
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]496 private void notifyInterfaceClassActivity(int type, int powerState, long tsNanos,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]497 int uid, boolean fromRadio) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]498 final boolean isMobile = ConnectivityManager.isNetworkTypeMobile(type);
499 if (isMobile) {
500 if (!fromRadio) {
501 if (mMobileActivityFromRadio) {
502 // If this call is not coming from a report from the radio itself, but we
503 // have previously received reports from the radio, then we will take the
504 // power state to just be whatever the radio last reported.
505 powerState = mLastPowerStateFromRadio;
506 }
507 } else {
508 mMobileActivityFromRadio = true;
509 }
510 if (mLastPowerStateFromRadio != powerState) {
511 mLastPowerStateFromRadio = powerState;
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]512 try {
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]513 getBatteryStats().noteMobileRadioPowerState(powerState, tsNanos, uid);
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]514 } catch (RemoteException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]515 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]516 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]517 }
518
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]519 if (ConnectivityManager.isNetworkTypeWifi(type)) {
520 if (mLastPowerStateFromWifi != powerState) {
521 mLastPowerStateFromWifi = powerState;
522 try {
Adam Lesinski5f056f62016-07-14 16:56:08 -0700[diff] [blame]523 getBatteryStats().noteWifiRadioPowerState(powerState, tsNanos, uid);
Adam Lesinskie08af192015-03-25 16:42:59 -0700[diff] [blame]524 } catch (RemoteException e) {
525 }
526 }
527 }
528
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]529 boolean isActive = powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_MEDIUM
530 || powerState == DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH;
531
532 if (!isMobile || fromRadio || !mMobileActivityFromRadio) {
533 // Report the change in data activity. We don't do this if this is a change
534 // on the mobile network, that is not coming from the radio itself, and we
535 // have previously seen change reports from the radio. In that case only
536 // the radio is the authority for the current state.
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]537 final boolean active = isActive;
538 invokeForAllObservers(o -> o.interfaceClassDataActivityChanged(
539 Integer.toString(type), active, tsNanos));
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]540 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]541
542 boolean report = false;
543 synchronized (mIdleTimerLock) {
544 if (mActiveIdleTimers.isEmpty()) {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]545 // If there are no idle timers, we are not monitoring activity, so we
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]546 // are always considered active.
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]547 isActive = true;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]548 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]549 if (mNetworkActive != isActive) {
550 mNetworkActive = isActive;
551 report = isActive;
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]552 }
553 }
554 if (report) {
555 reportNetworkActive();
556 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]557 }
558
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]559 @Override
560 public void registerTetheringStatsProvider(ITetheringStatsProvider provider, String name) {
561 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
562 Preconditions.checkNotNull(provider);
563 synchronized(mTetheringStatsProviders) {
564 mTetheringStatsProviders.put(provider, name);
565 }
566 }
567
568 @Override
569 public void unregisterTetheringStatsProvider(ITetheringStatsProvider provider) {
570 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
571 synchronized(mTetheringStatsProviders) {
572 mTetheringStatsProviders.remove(provider);
573 }
574 }
575
Lorenzo Colitti9f0baa92017-08-15 19:25:51 +0900[diff] [blame]576 @Override
577 public void tetherLimitReached(ITetheringStatsProvider provider) {
578 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
579 synchronized(mTetheringStatsProviders) {
580 if (!mTetheringStatsProviders.containsKey(provider)) {
581 return;
582 }
583 // No current code examines the interface parameter in a global alert. Just pass null.
584 notifyLimitReached(LIMIT_GLOBAL_ALERT, null);
585 }
586 }
587
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]588 // Sync the state of the given chain with the native daemon.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]589 private void syncFirewallChainLocked(int chain, String name) {
590 SparseIntArray rules;
591 synchronized (mRulesLock) {
592 final SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]593 // Make a copy of the current rules, and then clear them. This is because
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]594 // setFirewallUidRuleInternal only pushes down rules to the native daemon if they
595 // are different from the current rules stored in the mUidFirewall*Rules array for
596 // the specified chain. If we don't clear the rules, setFirewallUidRuleInternal
597 // will do nothing.
598 rules = uidFirewallRules.clone();
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]599 uidFirewallRules.clear();
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]600 }
601 if (rules.size() > 0) {
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]602 // Now push the rules. setFirewallUidRuleInternal will push each of these down to the
603 // native daemon, and also add them to the mUidFirewall*Rules array for the specified
604 // chain.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]605 if (DBG) Slog.d(TAG, "Pushing " + rules.size() + " active firewall "
606 + name + "UID rules");
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]607 for (int i = 0; i < rules.size(); i++) {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]608 setFirewallUidRuleLocked(chain, rules.keyAt(i), rules.valueAt(i));
Lorenzo Colitti9eb844e2016-03-23 23:22:49 +0900[diff] [blame]609 }
610 }
611 }
612
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]613 private void connectNativeNetdService() {
Lorenzo Colittia0868002017-07-11 02:29:28 +0900[diff] [blame]614 mNetdService = mServices.getNetd();
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]615 }
616
617 /**
618 * Prepare native daemon once connected, enabling modules and pushing any
619 * existing in-memory rules.
620 */
621 private void prepareNativeDaemon() {
Lorenzo Colitti58967ba2016-02-02 17:21:21 +0900[diff] [blame]622
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]623 // push any existing quota or UID rules
624 synchronized (mQuotaLock) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]625
Luke Huang56a03a02018-09-07 12:02:16 +0800[diff] [blame]626 // Netd unconditionally enable bandwidth control
627 SystemProperties.set(PROP_QTAGUID_ENABLED, "1");
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]628
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame]629 mStrictEnabled = true;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]630
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]631 setDataSaverModeEnabled(mDataSaverMode);
632
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]633 int size = mActiveQuotas.size();
634 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]635 if (DBG) Slog.d(TAG, "Pushing " + size + " active quota rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]636 final HashMap<String, Long> activeQuotas = mActiveQuotas;
637 mActiveQuotas = Maps.newHashMap();
638 for (Map.Entry<String, Long> entry : activeQuotas.entrySet()) {
639 setInterfaceQuota(entry.getKey(), entry.getValue());
640 }
641 }
642
643 size = mActiveAlerts.size();
644 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]645 if (DBG) Slog.d(TAG, "Pushing " + size + " active alert rules");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]646 final HashMap<String, Long> activeAlerts = mActiveAlerts;
647 mActiveAlerts = Maps.newHashMap();
648 for (Map.Entry<String, Long> entry : activeAlerts.entrySet()) {
649 setInterfaceAlert(entry.getKey(), entry.getValue());
650 }
651 }
652
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]653 SparseBooleanArray uidRejectOnQuota = null;
654 SparseBooleanArray uidAcceptOnQuota = null;
655 synchronized (mRulesLock) {
656 size = mUidRejectOnMetered.size();
657 if (size > 0) {
658 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered blacklist rules");
659 uidRejectOnQuota = mUidRejectOnMetered;
660 mUidRejectOnMetered = new SparseBooleanArray();
661 }
662
663 size = mUidAllowOnMetered.size();
664 if (size > 0) {
665 if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered whitelist rules");
666 uidAcceptOnQuota = mUidAllowOnMetered;
667 mUidAllowOnMetered = new SparseBooleanArray();
668 }
669 }
670 if (uidRejectOnQuota != null) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]671 for (int i = 0; i < uidRejectOnQuota.size(); i++) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]672 setUidMeteredNetworkBlacklist(uidRejectOnQuota.keyAt(i),
673 uidRejectOnQuota.valueAt(i));
674 }
675 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]676 if (uidAcceptOnQuota != null) {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]677 for (int i = 0; i < uidAcceptOnQuota.size(); i++) {
678 setUidMeteredNetworkWhitelist(uidAcceptOnQuota.keyAt(i),
679 uidAcceptOnQuota.valueAt(i));
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]680 }
681 }
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]682
683 size = mUidCleartextPolicy.size();
684 if (size > 0) {
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]685 if (DBG) Slog.d(TAG, "Pushing " + size + " active UID cleartext policies");
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]686 final SparseIntArray local = mUidCleartextPolicy;
687 mUidCleartextPolicy = new SparseIntArray();
688 for (int i = 0; i < local.size(); i++) {
689 setUidCleartextNetworkPolicy(local.keyAt(i), local.valueAt(i));
690 }
691 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]692
Robin Leec3736bc2017-03-10 16:19:54 +0000[diff] [blame]693 setFirewallEnabled(mFirewallEnabled);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]694
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]695 syncFirewallChainLocked(FIREWALL_CHAIN_NONE, "");
696 syncFirewallChainLocked(FIREWALL_CHAIN_STANDBY, "standby ");
697 syncFirewallChainLocked(FIREWALL_CHAIN_DOZABLE, "dozable ");
698 syncFirewallChainLocked(FIREWALL_CHAIN_POWERSAVE, "powersave ");
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]699
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]700 final int[] chains =
701 {FIREWALL_CHAIN_STANDBY, FIREWALL_CHAIN_DOZABLE, FIREWALL_CHAIN_POWERSAVE};
702 for (int chain : chains) {
703 if (getFirewallChainState(chain)) {
704 setFirewallChainEnabled(chain, true);
705 }
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]706 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]707 }
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]708
Luke Huang56a03a02018-09-07 12:02:16 +0800[diff] [blame]709
710 try {
711 getBatteryStats().noteNetworkStatsEnabled();
712 } catch (RemoteException e) {
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]713 }
714
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]715 }
San Mehat4d02d002010-01-22 16:07:46 -0800[diff] [blame]716
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]717 /**
718 * Notify our observers of a new or updated interface address.
719 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]720 private void notifyAddressUpdated(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]721 invokeForAllObservers(o -> o.addressUpdated(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]722 }
723
724 /**
725 * Notify our observers of a deleted interface address.
726 */
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]727 private void notifyAddressRemoved(String iface, LinkAddress address) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]728 invokeForAllObservers(o -> o.addressRemoved(iface, address));
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]729 }
730
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]731 /**
732 * Notify our observers of DNS server information received.
733 */
734 private void notifyInterfaceDnsServerInfo(String iface, long lifetime, String[] addresses) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]735 invokeForAllObservers(o -> o.interfaceDnsServerInfo(iface, lifetime, addresses));
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]736 }
737
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]738 /**
739 * Notify our observers of a route change.
740 */
741 private void notifyRouteChange(String action, RouteInfo route) {
Erik Klineb2cfdfb2017-01-18 20:54:14 +0900[diff] [blame]742 if (action.equals("updated")) {
743 invokeForAllObservers(o -> o.routeUpdated(route));
744 } else {
745 invokeForAllObservers(o -> o.routeRemoved(route));
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]746 }
747 }
748
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]749 //
750 // Netd Callback handling
751 //
752
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]753 private class NetdCallbackReceiver implements INativeDaemonConnectorCallbacks {
754 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]755 public void onDaemonConnected() {
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]756 Slog.i(TAG, "onDaemonConnected()");
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]757 // event is dispatched from internal NDC thread, so we prepare the
758 // daemon back on main thread.
759 if (mConnectedSignal != null) {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]760 // The system is booting and we're connecting to netd for the first time.
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]761 mConnectedSignal.countDown();
762 mConnectedSignal = null;
763 } else {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]764 // We're reconnecting to netd after the socket connection
765 // was interrupted (e.g., if it crashed).
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]766 mFgHandler.post(new Runnable() {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]767 @Override
768 public void run() {
bohu07cc3bb2016-05-03 15:58:01 -0700[diff] [blame]769 connectNativeNetdService();
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]770 prepareNativeDaemon();
771 }
772 });
773 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]774 }
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]775
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]776 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]777 public boolean onCheckHoldWakeLock(int code) {
778 return code == NetdResponseCode.InterfaceClassActivity;
779 }
780
781 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]782 public boolean onEvent(int code, String raw, String[] cooked) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]783 String errorMessage = String.format("Invalid event from daemon (%s)", raw);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]784 switch (code) {
785 case NetdResponseCode.InterfaceChange:
786 /*
787 * a network interface change occured
788 * Format: "NNN Iface added <name>"
789 * "NNN Iface removed <name>"
790 * "NNN Iface changed <name> <up/down>"
791 * "NNN Iface linkstatus <name> <up/down>"
792 */
793 if (cooked.length < 4 || !cooked[1].equals("Iface")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]794 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]795 }
796 if (cooked[2].equals("added")) {
797 notifyInterfaceAdded(cooked[3]);
798 return true;
799 } else if (cooked[2].equals("removed")) {
800 notifyInterfaceRemoved(cooked[3]);
801 return true;
802 } else if (cooked[2].equals("changed") && cooked.length == 5) {
803 notifyInterfaceStatusChanged(cooked[3], cooked[4].equals("up"));
804 return true;
805 } else if (cooked[2].equals("linkstate") && cooked.length == 5) {
806 notifyInterfaceLinkStateChanged(cooked[3], cooked[4].equals("up"));
807 return true;
808 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]809 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]810 // break;
811 case NetdResponseCode.BandwidthControl:
812 /*
813 * Bandwidth control needs some attention
814 * Format: "NNN limit alert <alertName> <ifaceName>"
815 */
816 if (cooked.length < 5 || !cooked[1].equals("limit")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]817 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]818 }
819 if (cooked[2].equals("alert")) {
820 notifyLimitReached(cooked[3], cooked[4]);
821 return true;
822 }
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]823 throw new IllegalStateException(errorMessage);
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]824 // break;
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]825 case NetdResponseCode.InterfaceClassActivity:
826 /*
827 * An network interface class state changed (active/idle)
828 * Format: "NNN IfaceClass <active/idle> <label>"
829 */
830 if (cooked.length < 4 || !cooked[1].equals("IfaceClass")) {
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]831 throw new IllegalStateException(errorMessage);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]832 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]833 long timestampNanos = 0;
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]834 int processUid = -1;
835 if (cooked.length >= 5) {
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]836 try {
837 timestampNanos = Long.parseLong(cooked[4]);
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]838 if (cooked.length == 6) {
839 processUid = Integer.parseInt(cooked[5]);
840 }
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]841 } catch(NumberFormatException ne) {}
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]842 } else {
843 timestampNanos = SystemClock.elapsedRealtimeNanos();
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]844 }
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]845 boolean isActive = cooked[2].equals("active");
Ashish Sharma0535a9f2014-03-12 18:42:23 -0700[diff] [blame]846 notifyInterfaceClassActivity(Integer.parseInt(cooked[3]),
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]847 isActive ? DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]848 : DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
849 timestampNanos, processUid, false);
Haoyu Baidb3c8672012-06-20 14:29:57 -0700[diff] [blame]850 return true;
851 // break;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]852 case NetdResponseCode.InterfaceAddressChange:
853 /*
854 * A network address change occurred
855 * Format: "NNN Address updated <addr> <iface> <flags> <scope>"
856 * "NNN Address removed <addr> <iface> <flags> <scope>"
857 */
Lorenzo Colittia9626c12013-11-04 17:44:09 +0900[diff] [blame]858 if (cooked.length < 7 || !cooked[1].equals("Address")) {
859 throw new IllegalStateException(errorMessage);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]860 }
861
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]862 String iface = cooked[4];
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]863 LinkAddress address;
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]864 try {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]865 int flags = Integer.parseInt(cooked[5]);
866 int scope = Integer.parseInt(cooked[6]);
867 address = new LinkAddress(cooked[3], flags, scope);
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]868 } catch(NumberFormatException e) { // Non-numeric lifetime or scope.
869 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]870 } catch(IllegalArgumentException e) { // Malformed/invalid IP address.
Lorenzo Colitti5ad421a2013-11-17 15:05:02 +0900[diff] [blame]871 throw new IllegalStateException(errorMessage, e);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]872 }
873
874 if (cooked[2].equals("updated")) {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]875 notifyAddressUpdated(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]876 } else {
Lorenzo Colitti64483942013-11-15 18:43:52 +0900[diff] [blame]877 notifyAddressRemoved(iface, address);
Lorenzo Colitti5c7daac2013-08-05 10:39:37 +0900[diff] [blame]878 }
879 return true;
880 // break;
Lorenzo Colitti5ae4a532013-10-31 11:59:46 +0900[diff] [blame]881 case NetdResponseCode.InterfaceDnsServerInfo:
882 /*
883 * Information about available DNS servers has been received.
884 * Format: "NNN DnsInfo servers <interface> <lifetime> <servers>"
885 */
886 long lifetime; // Actually a 32-bit unsigned integer.
887
888 if (cooked.length == 6 &&
889 cooked[1].equals("DnsInfo") &&
890 cooked[2].equals("servers")) {
891 try {
892 lifetime = Long.parseLong(cooked[4]);
893 } catch (NumberFormatException e) {
894 throw new IllegalStateException(errorMessage);
895 }
896 String[] servers = cooked[5].split(",");
897 notifyInterfaceDnsServerInfo(cooked[3], lifetime, servers);
898 }
899 return true;
900 // break;
Lorenzo Colittic18cbfd2014-06-13 21:21:03 +0900[diff] [blame]901 case NetdResponseCode.RouteChange:
902 /*
903 * A route has been updated or removed.
904 * Format: "NNN Route <updated|removed> <dst> [via <gateway] [dev <iface>]"
905 */
906 if (!cooked[1].equals("Route") || cooked.length < 6) {
907 throw new IllegalStateException(errorMessage);
908 }
909
910 String via = null;
911 String dev = null;
912 boolean valid = true;
913 for (int i = 4; (i + 1) < cooked.length && valid; i += 2) {
914 if (cooked[i].equals("dev")) {
915 if (dev == null) {
916 dev = cooked[i+1];
917 } else {
918 valid = false; // Duplicate interface.
919 }
920 } else if (cooked[i].equals("via")) {
921 if (via == null) {
922 via = cooked[i+1];
923 } else {
924 valid = false; // Duplicate gateway.
925 }
926 } else {
927 valid = false; // Unknown syntax.
928 }
929 }
930 if (valid) {
931 try {
932 // InetAddress.parseNumericAddress(null) inexplicably returns ::1.
933 InetAddress gateway = null;
934 if (via != null) gateway = InetAddress.parseNumericAddress(via);
935 RouteInfo route = new RouteInfo(new IpPrefix(cooked[3]), gateway, dev);
936 notifyRouteChange(cooked[2], route);
937 return true;
938 } catch (IllegalArgumentException e) {}
939 }
940 throw new IllegalStateException(errorMessage);
941 // break;
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]942 case NetdResponseCode.StrictCleartext:
943 final int uid = Integer.parseInt(cooked[1]);
944 final byte[] firstPacket = HexDump.hexStringToByteArray(cooked[2]);
945 try {
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]946 ActivityManager.getService().notifyCleartextNetwork(uid, firstPacket);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]947 } catch (RemoteException ignored) {
948 }
949 break;
JP Abgrall12b933d2011-07-14 18:09:22 -0700[diff] [blame]950 default: break;
Robert Greenwalte3253922010-02-18 09:23:25 -0800[diff] [blame]951 }
952 return false;
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]953 }
954 }
955
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]956
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]957 //
958 // INetworkManagementService members
959 //
Erik Kline4e37b702016-07-05 11:34:21 +0900[diff] [blame]960 @Override
961 public INetd getNetdService() throws RemoteException {
962 final CountDownLatch connectedSignal = mConnectedSignal;
963 if (connectedSignal != null) {
964 try {
965 connectedSignal.await();
966 } catch (InterruptedException ignored) {}
967 }
968
969 return mNetdService;
970 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]971
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]972 @Override
973 public String[] listInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]974 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]975 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]976 return NativeDaemonEvent.filterMessageList(
977 mConnector.executeForList("interface", "list"), InterfaceListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]978 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]979 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]980 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]981 }
982
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]983 @Override
984 public InterfaceConfiguration getInterfaceConfig(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]985 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]986
987 final NativeDaemonEvent event;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]988 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]989 event = mConnector.execute("interface", "getcfg", iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]990 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]991 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]992 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]993
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]994 event.checkCode(InterfaceGetCfgResult);
995
996 // Rsp: 213 xx:xx:xx:xx:xx:xx yyy.yyy.yyy.yyy zzz flag1 flag2 flag3
997 final StringTokenizer st = new StringTokenizer(event.getMessage());
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]998
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]999 InterfaceConfiguration cfg;
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1000 try {
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1001 cfg = new InterfaceConfiguration();
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1002 cfg.setHardwareAddress(st.nextToken(" "));
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1003 InetAddress addr = null;
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1004 int prefixLength = 0;
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1005 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1006 addr = NetworkUtils.numericToInetAddress(st.nextToken());
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1007 } catch (IllegalArgumentException iae) {
1008 Slog.e(TAG, "Failed to parse ipaddr", iae);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1009 }
1010
1011 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1012 prefixLength = Integer.parseInt(st.nextToken());
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1013 } catch (NumberFormatException nfe) {
1014 Slog.e(TAG, "Failed to parse prefixLength", nfe);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1015 }
Robert Greenwalt04808c22010-12-13 17:01:41 -0800[diff] [blame]1016
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1017 cfg.setLinkAddress(new LinkAddress(addr, prefixLength));
1018 while (st.hasMoreTokens()) {
1019 cfg.setFlag(st.nextToken());
1020 }
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1021 } catch (NoSuchElementException nsee) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1022 throw new IllegalStateException("Invalid response from daemon: " + event);
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1023 }
San Mehated4fc8a2010-01-22 12:28:36 -0800[diff] [blame]1024 return cfg;
1025 }
1026
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1027 @Override
1028 public void setInterfaceConfig(String iface, InterfaceConfiguration cfg) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1029 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1030 LinkAddress linkAddr = cfg.getLinkAddress();
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1031 if (linkAddr == null || linkAddr.getAddress() == null) {
1032 throw new IllegalStateException("Null LinkAddress given");
Robert Greenwalted126402011-01-28 15:34:55 -0800[diff] [blame]1033 }
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1034
1035 final Command cmd = new Command("interface", "setcfg", iface,
Robert Greenwalt2d2afd12011-02-01 15:30:46 -0800[diff] [blame]1036 linkAddr.getAddress().getHostAddress(),
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]1037 linkAddr.getPrefixLength());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1038 for (String flag : cfg.getFlags()) {
1039 cmd.appendArg(flag);
1040 }
1041
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1042 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1043 mConnector.execute(cmd);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1044 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1045 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1046 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1047 }
1048
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1049 @Override
1050 public void setInterfaceDown(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1051 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1052 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1053 ifcg.setInterfaceDown();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1054 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1055 }
1056
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1057 @Override
1058 public void setInterfaceUp(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1059 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1060 final InterfaceConfiguration ifcg = getInterfaceConfig(iface);
Jeff Sharkeyddba1062011-11-29 18:37:04 -0800[diff] [blame]1061 ifcg.setInterfaceUp();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1062 setInterfaceConfig(iface, ifcg);
Irfan Sheriff7244c972011-08-05 20:40:45 -0700[diff] [blame]1063 }
1064
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1065 @Override
1066 public void setInterfaceIpv6PrivacyExtensions(String iface, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1067 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1068 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1069 mConnector.execute(
1070 "interface", "ipv6privacyextensions", iface, enable ? "enable" : "disable");
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1071 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1072 throw e.rethrowAsParcelableException();
Irfan Sheriff73293612011-09-14 12:31:56 -0700[diff] [blame]1073 }
1074 }
1075
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1076 /* TODO: This is right now a IPv4 only function. Works for wifi which loses its
1077 IPv6 addresses on interface down, but we need to do full clean up here */
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1078 @Override
1079 public void clearInterfaceAddresses(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1080 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1081 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1082 mConnector.execute("interface", "clearaddrs", iface);
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1083 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1084 throw e.rethrowAsParcelableException();
Irfan Sherifff5600612011-06-16 10:26:28 -0700[diff] [blame]1085 }
1086 }
1087
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1088 @Override
1089 public void enableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1090 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1091 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1092 mConnector.execute("interface", "ipv6", iface, "enable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1093 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1094 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1095 }
1096 }
1097
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1098 @Override
Joel Scherpelz2db10742017-06-07 15:38:38 +0900[diff] [blame]1099 public void setIPv6AddrGenMode(String iface, int mode) throws ServiceSpecificException {
1100 try {
1101 mNetdService.setIPv6AddrGenMode(iface, mode);
1102 } catch (RemoteException e) {
1103 throw e.rethrowAsRuntimeException();
1104 }
1105 }
1106
1107 @Override
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1108 public void disableIpv6(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1109 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1110 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1111 mConnector.execute("interface", "ipv6", iface, "disable");
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1112 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1113 throw e.rethrowAsParcelableException();
repo sync7960d9f2011-09-29 12:40:02 -0700[diff] [blame]1114 }
1115 }
1116
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1117 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1118 public void addRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1119 modifyRoute("add", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1120 }
1121
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1122 @Override
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1123 public void removeRoute(int netId, RouteInfo route) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1124 modifyRoute("remove", "" + netId, route);
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1125 }
1126
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1127 private void modifyRoute(String action, String netId, RouteInfo route) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1128 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1129
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1130 final Command cmd = new Command("network", "route", action, netId);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1131
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1132 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandranb2829fa2014-04-15 19:07:12 -0700[diff] [blame]1133 cmd.appendArg(route.getInterface());
Lorenzo Colitti4b0f8e62014-09-19 01:49:05 +0900[diff] [blame]1134 cmd.appendArg(route.getDestination().toString());
1135
1136 switch (route.getType()) {
1137 case RouteInfo.RTN_UNICAST:
1138 if (route.hasGateway()) {
1139 cmd.appendArg(route.getGateway().getHostAddress());
1140 }
1141 break;
1142 case RouteInfo.RTN_UNREACHABLE:
1143 cmd.appendArg("unreachable");
1144 break;
1145 case RouteInfo.RTN_THROW:
1146 cmd.appendArg("throw");
1147 break;
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]1148 }
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1149
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1150 try {
1151 mConnector.execute(cmd);
1152 } catch (NativeDaemonConnectorException e) {
1153 throw e.rethrowAsParcelableException();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1154 }
1155 }
1156
1157 private ArrayList<String> readRouteList(String filename) {
1158 FileInputStream fstream = null;
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1159 ArrayList<String> list = new ArrayList<>();
Robert Greenwalt59b1a4e2011-05-10 15:05:02 -0700[diff] [blame]1160
1161 try {
1162 fstream = new FileInputStream(filename);
1163 DataInputStream in = new DataInputStream(fstream);
1164 BufferedReader br = new BufferedReader(new InputStreamReader(in));
1165 String s;
1166
1167 // throw away the title line
1168
1169 while (((s = br.readLine()) != null) && (s.length() != 0)) {
1170 list.add(s);
1171 }
1172 } catch (IOException ex) {
1173 // return current list, possibly empty
1174 } finally {
1175 if (fstream != null) {
1176 try {
1177 fstream.close();
1178 } catch (IOException ex) {}
1179 }
1180 }
1181
1182 return list;
1183 }
1184
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1185 @Override
sy.yun9d9b74a2013-09-02 05:24:09 +0900[diff] [blame]1186 public void setMtu(String iface, int mtu) {
1187 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1188
1189 final NativeDaemonEvent event;
1190 try {
1191 event = mConnector.execute("interface", "setmtu", iface, mtu);
1192 } catch (NativeDaemonConnectorException e) {
1193 throw e.rethrowAsParcelableException();
1194 }
1195 }
1196
1197 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1198 public void shutdown() {
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1199 // TODO: remove from aidl if nobody calls externally
1200 mContext.enforceCallingOrSelfPermission(SHUTDOWN, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1201
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]1202 Slog.i(TAG, "Shutting down");
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1203 }
1204
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1205 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1206 public boolean getIpForwardingEnabled() throws IllegalStateException{
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1207 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1208
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1209 try {
Luke Huang4db488b2018-08-16 15:37:31 +0800[diff] [blame]1210 final boolean isEnabled = mNetdService.ipfwdEnabled();
1211 return isEnabled;
1212 } catch (RemoteException | ServiceSpecificException e) {
1213 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1214 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1215 }
1216
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1217 @Override
1218 public void setIpForwardingEnabled(boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1219 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1220 try {
Luke Huang4db488b2018-08-16 15:37:31 +0800[diff] [blame]1221 if (enable) {
1222 mNetdService.ipfwdEnableForwarding("tethering");
1223 } else {
1224 mNetdService.ipfwdDisableForwarding("tethering");
1225 }
1226 } catch (RemoteException | ServiceSpecificException e) {
1227 throw new IllegalStateException(e);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1228 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1229 }
1230
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1231 @Override
1232 public void startTethering(String[] dhcpRange) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1233 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Robert Greenwaltbfb7bfa2010-03-24 16:03:21 -0700[diff] [blame]1234 // an odd number of addrs will fail
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1235
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1236 try {
Luke Huang4a32bf42018-08-21 19:09:45 +0800[diff] [blame]1237 mNetdService.tetherStart(dhcpRange);
1238 } catch (RemoteException | ServiceSpecificException e) {
1239 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1240 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1241 }
1242
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1243 @Override
1244 public void stopTethering() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1245 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1246 try {
Luke Huang4a32bf42018-08-21 19:09:45 +0800[diff] [blame]1247 mNetdService.tetherStop();
1248 } catch (RemoteException | ServiceSpecificException e) {
1249 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1250 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1251 }
1252
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1253 @Override
1254 public boolean isTetheringStarted() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1255 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1256
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1257 try {
Luke Huang4a32bf42018-08-21 19:09:45 +0800[diff] [blame]1258 final boolean isEnabled = mNetdService.tetherIsEnabled();
1259 return isEnabled;
1260 } catch (RemoteException | ServiceSpecificException e) {
1261 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1262 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1263 }
Matthew Xiefe19f122012-07-12 16:03:32 -0700[diff] [blame]1264
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1265 @Override
1266 public void tetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1267 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1268 try {
Luke Huang4a32bf42018-08-21 19:09:45 +0800[diff] [blame]1269 mNetdService.tetherInterfaceAdd(iface);
1270 } catch (RemoteException | ServiceSpecificException e) {
1271 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1272 }
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1273 List<RouteInfo> routes = new ArrayList<>();
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1274 // The RouteInfo constructor truncates the LinkAddress to a network prefix, thus making it
1275 // suitable to use as a route destination.
1276 routes.add(new RouteInfo(getInterfaceConfig(iface).getLinkAddress(), null, iface));
1277 addInterfaceToLocalNetwork(iface, routes);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1278 }
1279
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1280 @Override
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1281 public void untetherInterface(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1282 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1283 try {
Luke Huang4a32bf42018-08-21 19:09:45 +0800[diff] [blame]1284 mNetdService.tetherInterfaceRemove(iface);
1285 } catch (RemoteException | ServiceSpecificException e) {
1286 throw new IllegalStateException(e);
Erik Kline1f4278a2016-08-16 16:46:33 +0900[diff] [blame]1287 } finally {
1288 removeInterfaceFromLocalNetwork(iface);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1289 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1290 }
1291
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1292 @Override
1293 public String[] listTetheredInterfaces() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1294 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1295 try {
Luke Huang4a32bf42018-08-21 19:09:45 +0800[diff] [blame]1296 final List<String> result = mNetdService.tetherInterfaceList();
1297 return result.toArray(EMPTY_STRING_ARRAY);
1298 } catch (RemoteException | ServiceSpecificException e) {
1299 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1300 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1301 }
1302
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1303 @Override
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1304 public void setDnsForwarders(Network network, String[] dns) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1305 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1306
Lorenzo Colittib57edc52014-08-22 17:10:50 -0700[diff] [blame]1307 int netId = (network != null) ? network.netId : ConnectivityManager.NETID_UNSET;
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1308
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1309 try {
Luke Huang4a32bf42018-08-21 19:09:45 +0800[diff] [blame]1310 mNetdService.tetherDnsSet(netId, dns);
1311 } catch (RemoteException | ServiceSpecificException e) {
1312 throw new IllegalStateException(e);
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1313 }
1314 }
1315
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1316 @Override
1317 public String[] getDnsForwarders() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1318 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1319 try {
Luke Huang4a32bf42018-08-21 19:09:45 +0800[diff] [blame]1320 final List<String> result = mNetdService.tetherDnsList();
1321 return result.toArray(EMPTY_STRING_ARRAY);
1322 } catch (RemoteException | ServiceSpecificException e) {
1323 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1324 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1325 }
1326
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1327 private List<InterfaceAddress> excludeLinkLocal(List<InterfaceAddress> addresses) {
Christopher Wiley212b95f2016-08-02 11:38:57 -0700[diff] [blame]1328 ArrayList<InterfaceAddress> filtered = new ArrayList<>(addresses.size());
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1329 for (InterfaceAddress ia : addresses) {
1330 if (!ia.getAddress().isLinkLocalAddress())
1331 filtered.add(ia);
1332 }
1333 return filtered;
1334 }
1335
Lorenzo Colitti35e36db2015-02-26 01:25:36 +0900[diff] [blame]1336 private void modifyInterfaceForward(boolean add, String fromIface, String toIface) {
Lorenzo Colitti35e36db2015-02-26 01:25:36 +0900[diff] [blame]1337 try {
Luke Huang4db488b2018-08-16 15:37:31 +0800[diff] [blame]1338 if (add) {
1339 mNetdService.ipfwdAddInterfaceForward(fromIface, toIface);
1340 } else {
1341 mNetdService.ipfwdRemoveInterfaceForward(fromIface, toIface);
1342 }
1343 } catch (RemoteException | ServiceSpecificException e) {
1344 throw new IllegalStateException(e);
Lorenzo Colitti35e36db2015-02-26 01:25:36 +0900[diff] [blame]1345 }
1346 }
1347
1348 @Override
1349 public void startInterfaceForwarding(String fromIface, String toIface) {
1350 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1351 modifyInterfaceForward(true, fromIface, toIface);
1352 }
1353
1354 @Override
1355 public void stopInterfaceForwarding(String fromIface, String toIface) {
1356 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1357 modifyInterfaceForward(false, fromIface, toIface);
1358 }
1359
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1360 private void modifyNat(String action, String internalInterface, String externalInterface)
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1361 throws SocketException {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1362 final Command cmd = new Command("nat", action, internalInterface, externalInterface);
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1363
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1364 final NetworkInterface internalNetworkInterface = NetworkInterface.getByName(
1365 internalInterface);
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1366 if (internalNetworkInterface == null) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1367 cmd.appendArg("0");
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1368 } else {
jiaguo1da35f72014-01-09 16:39:59 +0800[diff] [blame]1369 // Don't touch link-local routes, as link-local addresses aren't routable,
1370 // kernel creates link-local routes on all interfaces automatically
1371 List<InterfaceAddress> interfaceAddresses = excludeLinkLocal(
1372 internalNetworkInterface.getInterfaceAddresses());
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1373 cmd.appendArg(interfaceAddresses.size());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1374 for (InterfaceAddress ia : interfaceAddresses) {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1375 InetAddress addr = NetworkUtils.getNetworkPart(
1376 ia.getAddress(), ia.getNetworkPrefixLength());
1377 cmd.appendArg(addr.getHostAddress() + "/" + ia.getNetworkPrefixLength());
Robert Greenwalte83d1812011-11-21 14:44:39 -0800[diff] [blame]1378 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1379 }
1380
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1381 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1382 mConnector.execute(cmd);
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1383 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1384 throw e.rethrowAsParcelableException();
Jeff Sharkey31c6e482011-11-18 17:09:01 -0800[diff] [blame]1385 }
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1386 }
1387
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1388 @Override
1389 public void enableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1390 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1391 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1392 modifyNat("enable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1393 } catch (SocketException e) {
1394 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1395 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1396 }
1397
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1398 @Override
1399 public void disableNat(String internalInterface, String externalInterface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1400 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1401 try {
Robert Greenwalt3b28e9a2011-11-02 14:37:19 -0700[diff] [blame]1402 modifyNat("disable", internalInterface, externalInterface);
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1403 } catch (SocketException e) {
1404 throw new IllegalStateException(e);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1405 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]1406 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1407
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1408 @Override
1409 public String[] listTtys() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1410 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1411 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1412 return NativeDaemonEvent.filterMessageList(
1413 mConnector.executeForList("list_ttys"), TtyListResult);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1414 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1415 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1416 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1417 }
1418
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1419 @Override
1420 public void attachPppd(
1421 String tty, String localAddr, String remoteAddr, String dns1Addr, String dns2Addr) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1422 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1423 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1424 mConnector.execute("pppd", "attach", tty,
Robert Greenwalte5903732011-02-22 16:00:42 -0800[diff] [blame]1425 NetworkUtils.numericToInetAddress(localAddr).getHostAddress(),
1426 NetworkUtils.numericToInetAddress(remoteAddr).getHostAddress(),
1427 NetworkUtils.numericToInetAddress(dns1Addr).getHostAddress(),
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1428 NetworkUtils.numericToInetAddress(dns2Addr).getHostAddress());
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1429 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1430 throw e.rethrowAsParcelableException();
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1431 }
1432 }
1433
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1434 @Override
1435 public void detachPppd(String tty) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1436 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1437 try {
Jeff Sharkeyba2896e2011-11-30 18:13:54 -0800[diff] [blame]1438 mConnector.execute("pppd", "detach", tty);
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1439 } catch (NativeDaemonConnectorException e) {
Jeff Sharkey276642b2011-12-01 11:24:24 -0800[diff] [blame]1440 throw e.rethrowAsParcelableException();
Kenny Roota80ce062010-06-01 13:23:53 -0700[diff] [blame]1441 }
San Mehat72759df2010-01-19 13:50:37 -0800[diff] [blame]1442 }
Robert Greenwaltce1200d2010-02-18 11:25:54 -0800[diff] [blame]1443
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1444 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1445 public void addIdleTimer(String iface, int timeout, final int type) {
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1446 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1447
1448 if (DBG) Slog.d(TAG, "Adding idletimer");
1449
1450 synchronized (mIdleTimerLock) {
1451 IdleTimerParams params = mActiveIdleTimers.get(iface);
1452 if (params != null) {
1453 // the interface already has idletimer, update network count
1454 params.networkCount++;
1455 return;
1456 }
1457
1458 try {
Luke Huanga62d0492018-07-27 20:08:21 +0800[diff] [blame]1459 mNetdService.idletimerAddInterface(iface, timeout, Integer.toString(type));
1460 } catch (RemoteException | ServiceSpecificException e) {
1461 throw new IllegalStateException(e);
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1462 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1463 mActiveIdleTimers.put(iface, new IdleTimerParams(timeout, type));
1464
Dianne Hackborne13c4c02014-02-11 17:18:35 -0800[diff] [blame]1465 // Networks start up.
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1466 if (ConnectivityManager.isNetworkTypeMobile(type)) {
1467 mNetworkActive = false;
1468 }
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1469 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1470 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1471 notifyInterfaceClassActivity(type,
1472 DataConnectionRealTimeInfo.DC_POWER_STATE_HIGH,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1473 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1474 }
1475 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1476 }
1477 }
1478
1479 @Override
1480 public void removeIdleTimer(String iface) {
1481 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1482
1483 if (DBG) Slog.d(TAG, "Removing idletimer");
1484
1485 synchronized (mIdleTimerLock) {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1486 final IdleTimerParams params = mActiveIdleTimers.get(iface);
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1487 if (params == null || --(params.networkCount) > 0) {
1488 return;
1489 }
1490
1491 try {
Luke Huanga62d0492018-07-27 20:08:21 +0800[diff] [blame]1492 mNetdService.idletimerRemoveInterface(iface,
1493 params.timeout, Integer.toString(params.type));
1494 } catch (RemoteException | ServiceSpecificException e) {
1495 throw new IllegalStateException(e);
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1496 }
1497 mActiveIdleTimers.remove(iface);
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1498 mDaemonHandler.post(new Runnable() {
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1499 @Override public void run() {
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]1500 notifyInterfaceClassActivity(params.type,
1501 DataConnectionRealTimeInfo.DC_POWER_STATE_LOW,
Ruchi Kandoifa97fcf2016-05-13 15:10:39 -0700[diff] [blame]1502 SystemClock.elapsedRealtimeNanos(), -1, false);
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]1503 }
1504 });
Haoyu Bai04124232012-06-28 15:26:19 -0700[diff] [blame]1505 }
1506 }
1507
1508 @Override
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1509 public NetworkStats getNetworkStatsSummaryDev() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1510 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1511 try {
1512 return mStatsFactory.readNetworkStatsSummaryDev();
1513 } catch (IOException e) {
1514 throw new IllegalStateException(e);
1515 }
Jeff Sharkeye8914c32012-05-01 16:26:09 -0700[diff] [blame]1516 }
1517
1518 @Override
1519 public NetworkStats getNetworkStatsSummaryXt() {
1520 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1521 try {
1522 return mStatsFactory.readNetworkStatsSummaryXt();
1523 } catch (IOException e) {
1524 throw new IllegalStateException(e);
1525 }
Jeff Sharkeyae2c1812011-10-04 13:11:40 -0700[diff] [blame]1526 }
1527
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1528 @Override
Jeff Sharkey9a13f362011-04-26 16:25:36 -0700[diff] [blame]1529 public NetworkStats getNetworkStatsDetail() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1530 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1531 try {
Dianne Hackbornd0c5b9a2014-02-21 16:19:05 -0800[diff] [blame]1532 return mStatsFactory.readNetworkStatsDetail(UID_ALL, null, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1533 } catch (IOException e) {
1534 throw new IllegalStateException(e);
1535 }
San Mehat91cac642010-03-31 14:31:36 -0700[diff] [blame]1536 }
1537
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1538 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1539 public void setInterfaceQuota(String iface, long quotaBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1540 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1541
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1542 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1543 if (mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1544 throw new IllegalStateException("iface " + iface + " already has quota");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1545 }
1546
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1547 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1548 // TODO: support quota shared across interfaces
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1549 mNetdService.bandwidthSetInterfaceQuota(iface, quotaBytes);
1550
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1551 mActiveQuotas.put(iface, quotaBytes);
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1552 } catch (RemoteException | ServiceSpecificException e) {
1553 throw new IllegalStateException(e);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1554 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1555
1556 synchronized (mTetheringStatsProviders) {
1557 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1558 try {
1559 provider.setInterfaceQuota(iface, quotaBytes);
1560 } catch (RemoteException e) {
1561 Log.e(TAG, "Problem setting tethering data limit on provider " +
1562 mTetheringStatsProviders.get(provider) + ": " + e);
1563 }
1564 }
1565 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1566 }
1567 }
1568
1569 @Override
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1570 public void removeInterfaceQuota(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1571 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1572
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1573 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1574 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1575 // TODO: eventually consider throwing
1576 return;
1577 }
1578
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1579 mActiveQuotas.remove(iface);
1580 mActiveAlerts.remove(iface);
Jeff Sharkey38ddeaa2011-11-08 13:04:22 -0800[diff] [blame]1581
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1582 try {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1583 // TODO: support quota shared across interfaces
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1584 mNetdService.bandwidthRemoveInterfaceQuota(iface);
1585 } catch (RemoteException | ServiceSpecificException e) {
1586 throw new IllegalStateException(e);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1587 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1588
1589 synchronized (mTetheringStatsProviders) {
1590 for (ITetheringStatsProvider provider : mTetheringStatsProviders.keySet()) {
1591 try {
1592 provider.setInterfaceQuota(iface, ITetheringStatsProvider.QUOTA_UNLIMITED);
1593 } catch (RemoteException e) {
1594 Log.e(TAG, "Problem removing tethering data limit on provider " +
1595 mTetheringStatsProviders.get(provider) + ": " + e);
1596 }
1597 }
1598 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1599 }
1600 }
1601
1602 @Override
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1603 public void setInterfaceAlert(String iface, long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1604 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1605
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1606 // quick sanity check
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1607 if (!mActiveQuotas.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1608 throw new IllegalStateException("setting alert requires existing quota on iface");
1609 }
1610
1611 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1612 if (mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1613 throw new IllegalStateException("iface " + iface + " already has alert");
1614 }
1615
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1616 try {
1617 // TODO: support alert shared across interfaces
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1618 mNetdService.bandwidthSetInterfaceAlert(iface, alertBytes);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1619 mActiveAlerts.put(iface, alertBytes);
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1620 } catch (RemoteException | ServiceSpecificException e) {
1621 throw new IllegalStateException(e);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1622 }
1623 }
1624 }
1625
1626 @Override
1627 public void removeInterfaceAlert(String iface) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1628 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1629
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1630 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1631 if (!mActiveAlerts.containsKey(iface)) {
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1632 // TODO: eventually consider throwing
1633 return;
1634 }
1635
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1636 try {
1637 // TODO: support alert shared across interfaces
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1638 mNetdService.bandwidthRemoveInterfaceAlert(iface);
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1639 mActiveAlerts.remove(iface);
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1640 } catch (RemoteException | ServiceSpecificException e) {
1641 throw new IllegalStateException(e);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1642 }
1643 }
1644 }
1645
1646 @Override
1647 public void setGlobalAlert(long alertBytes) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1648 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1649
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1650 try {
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1651 mNetdService.bandwidthSetGlobalAlert(alertBytes);
1652 } catch (RemoteException | ServiceSpecificException e) {
1653 throw new IllegalStateException(e);
Jeff Sharkey41ff7ec2011-07-25 15:21:22 -0700[diff] [blame]1654 }
1655 }
1656
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1657 private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1658 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1659
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]1660 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1661 boolean oldEnable;
1662 SparseBooleanArray quotaList;
1663 synchronized (mRulesLock) {
1664 quotaList = blacklist ? mUidRejectOnMetered : mUidAllowOnMetered;
1665 oldEnable = quotaList.get(uid, false);
1666 }
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1667 if (oldEnable == enable) {
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1668 // TODO: eventually consider throwing
1669 return;
1670 }
1671
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1672 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "inetd bandwidth");
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1673 try {
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1674 if (blacklist) {
1675 if (enable) {
1676 mNetdService.bandwidthAddNaughtyApp(uid);
1677 } else {
1678 mNetdService.bandwidthRemoveNaughtyApp(uid);
1679 }
1680 } else {
1681 if (enable) {
1682 mNetdService.bandwidthAddNiceApp(uid);
1683 } else {
1684 mNetdService.bandwidthRemoveNiceApp(uid);
1685 }
1686 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1687 synchronized (mRulesLock) {
1688 if (enable) {
1689 quotaList.put(uid, true);
1690 } else {
1691 quotaList.delete(uid);
1692 }
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1693 }
Luke Huangc7bea8662018-08-07 16:04:26 +0800[diff] [blame]1694 } catch (RemoteException | ServiceSpecificException e) {
1695 throw new IllegalStateException(e);
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1696 } finally {
1697 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Jeff Sharkeyb3f19ca2011-06-29 23:54:13 -0700[diff] [blame]1698 }
Ashish Sharma50fd36d2011-06-15 19:34:53 -0700[diff] [blame]1699 }
1700 }
1701
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1702 @Override
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1703 public void setUidMeteredNetworkBlacklist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1704 setUidOnMeteredNetworkList(uid, true, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1705 }
1706
1707 @Override
1708 public void setUidMeteredNetworkWhitelist(int uid, boolean enable) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]1709 setUidOnMeteredNetworkList(uid, false, enable);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1710 }
1711
1712 @Override
1713 public boolean setDataSaverModeEnabled(boolean enable) {
Sehee Parka9139bc2017-12-22 13:54:05 +0900[diff] [blame]1714 mContext.enforceCallingOrSelfPermission(NETWORK_SETTINGS, TAG);
1715
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1716 if (DBG) Log.d(TAG, "setDataSaverMode: " + enable);
1717 synchronized (mQuotaLock) {
1718 if (mDataSaverMode == enable) {
1719 Log.w(TAG, "setDataSaverMode(): already " + mDataSaverMode);
1720 return true;
1721 }
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1722 Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "bandwidthEnableDataSaver");
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1723 try {
1724 final boolean changed = mNetdService.bandwidthEnableDataSaver(enable);
1725 if (changed) {
1726 mDataSaverMode = enable;
1727 } else {
1728 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command silently failed");
1729 }
1730 return changed;
1731 } catch (RemoteException e) {
1732 Log.w(TAG, "setDataSaverMode(" + enable + "): netd command failed", e);
1733 return false;
Felipe Leme29e72ea2016-09-08 13:26:55 -0700[diff] [blame]1734 } finally {
1735 Trace.traceEnd(Trace.TRACE_TAG_NETWORK);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]1736 }
1737 }
1738 }
1739
1740 @Override
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1741 public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges)
1742 throws ServiceSpecificException {
Rubin Xu2ea6c552018-01-11 10:59:19 +0000[diff] [blame]1743 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
1744
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1745 try {
1746 mNetdService.networkRejectNonSecureVpn(add, uidRanges);
1747 } catch (ServiceSpecificException e) {
1748 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1749 + ": netd command failed", e);
1750 throw e;
1751 } catch (RemoteException e) {
1752 Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")"
1753 + ": netd command failed", e);
1754 throw e.rethrowAsRuntimeException();
1755 }
1756 }
1757
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1758 private void applyUidCleartextNetworkPolicy(int uid, int policy) {
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame]1759 final int policyValue;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1760 switch (policy) {
1761 case StrictMode.NETWORK_POLICY_ACCEPT:
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame]1762 policyValue = INetd.PENALTY_POLICY_ACCEPT;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1763 break;
1764 case StrictMode.NETWORK_POLICY_LOG:
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame]1765 policyValue = INetd.PENALTY_POLICY_LOG;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1766 break;
1767 case StrictMode.NETWORK_POLICY_REJECT:
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame]1768 policyValue = INetd.PENALTY_POLICY_REJECT;
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1769 break;
1770 default:
1771 throw new IllegalArgumentException("Unknown policy " + policy);
1772 }
1773
1774 try {
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame]1775 mNetdService.strictUidCleartextPenalty(uid, policyValue);
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1776 mUidCleartextPolicy.put(uid, policy);
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame]1777 } catch (RemoteException | ServiceSpecificException e) {
1778 throw new IllegalStateException(e);
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1779 }
1780 }
1781
Robin Lee17e61832016-05-09 13:46:28 +0100[diff] [blame]1782 @Override
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1783 public void setUidCleartextNetworkPolicy(int uid, int policy) {
1784 if (Binder.getCallingUid() != uid) {
1785 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1786 }
1787
1788 synchronized (mQuotaLock) {
1789 final int oldPolicy = mUidCleartextPolicy.get(uid, StrictMode.NETWORK_POLICY_ACCEPT);
1790 if (oldPolicy == policy) {
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1791 // This also ensures we won't needlessly apply an ACCEPT policy if we've just
1792 // enabled strict and the underlying iptables rules are empty.
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1793 return;
1794 }
1795
Luke Huang473eb872018-07-26 17:33:14 +0800[diff] [blame]1796 // TODO: remove this code after removing prepareNativeDaemon()
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1797 if (!mStrictEnabled) {
1798 // Module isn't enabled yet; stash the requested policy away to
1799 // apply later once the daemon is connected.
1800 mUidCleartextPolicy.put(uid, policy);
1801 return;
1802 }
1803
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1804 // netd does not keep state on strict mode policies, and cannot replace a non-accept
1805 // policy without deleting it first. Rather than add state to netd, just always send
1806 // it an accept policy when switching between two non-accept policies.
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1807 // TODO: consider keeping state in netd so we can simplify this code.
Lorenzo Colitti8c253ad2017-07-19 00:23:44 +0900[diff] [blame]1808 if (oldPolicy != StrictMode.NETWORK_POLICY_ACCEPT &&
1809 policy != StrictMode.NETWORK_POLICY_ACCEPT) {
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1810 applyUidCleartextNetworkPolicy(uid, StrictMode.NETWORK_POLICY_ACCEPT);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1811 }
Lorenzo Colitti26364f12017-08-20 11:54:57 +0900[diff] [blame]1812
1813 applyUidCleartextNetworkPolicy(uid, policy);
Jeff Sharkey605eb792014-11-04 13:34:06 -0800[diff] [blame]1814 }
1815 }
1816
1817 @Override
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1818 public boolean isBandwidthControlEnabled() {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1819 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Luke Huang56a03a02018-09-07 12:02:16 +0800[diff] [blame]1820 return true;
Jeff Sharkey63d27a92011-08-03 17:04:22 -0700[diff] [blame]1821 }
1822
1823 @Override
Remi NGUYEN VAN088ff682018-03-06 12:36:54 +0900[diff] [blame]1824 public NetworkStats getNetworkStatsUidDetail(int uid, String[] ifaces) {
Jeff Sharkey4529bb62011-12-14 10:31:54 -0800[diff] [blame]1825 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1826 try {
Remi NGUYEN VAN088ff682018-03-06 12:36:54 +0900[diff] [blame]1827 return mStatsFactory.readNetworkStatsDetail(uid, ifaces, TAG_ALL, null);
Jeff Sharkey9a2c2a62013-01-14 16:48:51 -0800[diff] [blame]1828 } catch (IOException e) {
1829 throw new IllegalStateException(e);
1830 }
Jeff Sharkeyeedcb952011-05-17 14:55:15 -0700[diff] [blame]1831 }
1832
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1833 private class NetdTetheringStatsProvider extends ITetheringStatsProvider.Stub {
1834 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1835 public NetworkStats getTetherStats(int how) {
1836 // We only need to return per-UID stats. Per-device stats are already counted by
1837 // interface counters.
1838 if (how != STATS_PER_UID) {
1839 return new NetworkStats(SystemClock.elapsedRealtime(), 0);
1840 }
1841
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1842 final PersistableBundle bundle;
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1843 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1844 bundle = mNetdService.tetherGetStats();
1845 } catch (RemoteException | ServiceSpecificException e) {
1846 throw new IllegalStateException("problem parsing tethering stats: ", e);
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1847 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1848
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1849 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(),
1850 bundle.size());
1851 final NetworkStats.Entry entry = new NetworkStats.Entry();
1852
1853 for (String iface : bundle.keySet()) {
1854 long[] statsArray = bundle.getLongArray(iface);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1855 try {
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1856 entry.iface = iface;
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1857 entry.uid = UID_TETHERING;
1858 entry.set = SET_DEFAULT;
1859 entry.tag = TAG_NONE;
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1860 entry.rxBytes = statsArray[INetd.TETHER_STATS_RX_BYTES];
1861 entry.rxPackets = statsArray[INetd.TETHER_STATS_RX_PACKETS];
1862 entry.txBytes = statsArray[INetd.TETHER_STATS_TX_BYTES];
1863 entry.txPackets = statsArray[INetd.TETHER_STATS_TX_PACKETS];
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1864 stats.combineValues(entry);
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1865 } catch (ArrayIndexOutOfBoundsException e) {
1866 throw new IllegalStateException("invalid tethering stats for " + iface, e);
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1867 }
1868 }
Lorenzo Colitti563dc452017-09-01 17:12:34 +0900[diff] [blame]1869
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1870 return stats;
1871 }
Lorenzo Colitti50b60fc2017-08-11 13:47:49 +0900[diff] [blame]1872
1873 @Override
1874 public void setInterfaceQuota(String iface, long quotaBytes) {
1875 // Do nothing. netd is already informed of quota changes in setInterfaceQuota.
1876 }
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1877 }
1878
1879 @Override
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1880 public NetworkStats getNetworkStatsTethering(int how) {
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1881 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1882
1883 final NetworkStats stats = new NetworkStats(SystemClock.elapsedRealtime(), 1);
1884 synchronized (mTetheringStatsProviders) {
1885 for (ITetheringStatsProvider provider: mTetheringStatsProviders.keySet()) {
1886 try {
Lorenzo Colittif1912ca2017-08-17 19:23:08 +0900[diff] [blame]1887 stats.combineAllValues(provider.getTetherStats(how));
Lorenzo Colitti07f13042017-07-10 19:06:57 +0900[diff] [blame]1888 } catch (RemoteException e) {
1889 Log.e(TAG, "Problem reading tethering stats from " +
1890 mTetheringStatsProviders.get(provider) + ": " + e);
1891 }
1892 }
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1893 }
Jeff Sharkeye4984be2013-09-10 21:03:27 -0700[diff] [blame]1894 return stats;
Jeff Sharkeycdd02c5d2011-09-16 01:52:49 -0700[diff] [blame]1895 }
1896
Jeff Sharkeyaf75c332011-11-18 12:41:12 -0800[diff] [blame]1897 @Override
Erik Kline1742fe12017-12-13 19:40:49 +0900[diff] [blame]1898 public void setDnsConfigurationForNetwork(int netId, String[] servers, String[] domains,
Erik Klinee5dac902018-03-04 21:01:01 +0900[diff] [blame]1899 int[] params, String tlsHostname, String[] tlsServers) {
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1900 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
1901
Ben Schwartz6ec28df2017-10-02 13:08:06 -0400[diff] [blame]1902 final String[] tlsFingerprints = new String[0];
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1903 try {
Erik Kline1742fe12017-12-13 19:40:49 +0900[diff] [blame]1904 mNetdService.setResolverConfiguration(
Erik Klinee5dac902018-03-04 21:01:01 +0900[diff] [blame]1905 netId, servers, domains, params, tlsHostname, tlsServers, tlsFingerprints);
Pierre Imai8e48e672016-04-21 13:30:43 +0900[diff] [blame]1906 } catch (RemoteException e) {
1907 throw new RuntimeException(e);
1908 }
1909 }
1910
1911 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1912 public void addVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1913 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1914 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1915 argv[0] = "users";
1916 argv[1] = "add";
1917 argv[2] = netId;
1918 int argc = 3;
1919 // Avoid overly long commands by limiting number of UID ranges per command.
1920 for (int i = 0; i < ranges.length; i++) {
1921 argv[argc++] = ranges[i].toString();
1922 if (i == (ranges.length - 1) || argc == argv.length) {
1923 try {
1924 mConnector.execute("network", Arrays.copyOf(argv, argc));
1925 } catch (NativeDaemonConnectorException e) {
1926 throw e.rethrowAsParcelableException();
1927 }
1928 argc = 3;
1929 }
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1930 }
1931 }
1932
1933 @Override
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1934 public void removeVpnUidRanges(int netId, UidRange[] ranges) {
Chad Brubaker3277620a2013-06-12 13:37:30 -0700[diff] [blame]1935 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]1936 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
1937 argv[0] = "users";
1938 argv[1] = "remove";
1939 argv[2] = netId;
1940 int argc = 3;
1941 // Avoid overly long commands by limiting number of UID ranges per command.
1942 for (int i = 0; i < ranges.length; i++) {
1943 argv[argc++] = ranges[i].toString();
1944 if (i == (ranges.length - 1) || argc == argv.length) {
1945 try {
1946 mConnector.execute("network", Arrays.copyOf(argv, argc));
1947 } catch (NativeDaemonConnectorException e) {
1948 throw e.rethrowAsParcelableException();
1949 }
1950 argc = 3;
1951 }
Chad Brubakercca54c42013-06-27 17:41:38 -0700[diff] [blame]1952 }
1953 }
1954
1955 @Override
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]1956 public void setFirewallEnabled(boolean enabled) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]1957 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]1958 try {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]1959 mConnector.execute("firewall", "enable", enabled ? "whitelist" : "blacklist");
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]1960 mFirewallEnabled = enabled;
1961 } catch (NativeDaemonConnectorException e) {
1962 throw e.rethrowAsParcelableException();
1963 }
1964 }
1965
1966 @Override
1967 public boolean isFirewallEnabled() {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]1968 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]1969 return mFirewallEnabled;
1970 }
1971
1972 @Override
Jeff Sharkey2c092982012-08-24 11:44:40 -0700[diff] [blame]1973 public void setFirewallInterfaceRule(String iface, boolean allow) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]1974 enforceSystemUid();
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]1975 Preconditions.checkState(mFirewallEnabled);
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]1976 final String rule = allow ? "allow" : "deny";
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]1977 try {
1978 mConnector.execute("firewall", "set_interface_rule", iface, rule);
1979 } catch (NativeDaemonConnectorException e) {
1980 throw e.rethrowAsParcelableException();
1981 }
1982 }
1983
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]1984 private void closeSocketsForFirewallChainLocked(int chain, String chainName) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]1985 // UID ranges to close sockets on.
1986 UidRange[] ranges;
1987 // UID ranges whose sockets we won't touch.
1988 int[] exemptUids;
1989
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]1990 int numUids = 0;
1991
1992 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
1993 // Close all sockets on all non-system UIDs...
1994 ranges = new UidRange[] {
1995 // TODO: is there a better way of finding all existing users? If so, we could
1996 // specify their ranges here.
1997 new UidRange(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE),
1998 };
1999 // ... except for the UIDs that have allow rules.
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2000 synchronized (mRulesLock) {
2001 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2002 exemptUids = new int[rules.size()];
2003 for (int i = 0; i < exemptUids.length; i++) {
2004 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2005 exemptUids[numUids] = rules.keyAt(i);
2006 numUids++;
2007 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2008 }
2009 }
2010 // Normally, whitelist chains only contain deny rules, so numUids == exemptUids.length.
2011 // But the code does not guarantee this in any way, and at least in one case - if we add
2012 // a UID rule to the firewall, and then disable the firewall - the chains can contain
2013 // the wrong type of rule. In this case, don't close connections that we shouldn't.
2014 //
2015 // TODO: tighten up this code by ensuring we never set the wrong type of rule, and
2016 // fix setFirewallEnabled to grab mQuotaLock and clear rules.
2017 if (numUids != exemptUids.length) {
2018 exemptUids = Arrays.copyOf(exemptUids, numUids);
2019 }
2020 } else {
2021 // Close sockets for every UID that has a deny rule...
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2022 synchronized (mRulesLock) {
2023 final SparseIntArray rules = getUidFirewallRulesLR(chain);
2024 ranges = new UidRange[rules.size()];
2025 for (int i = 0; i < ranges.length; i++) {
2026 if (rules.valueAt(i) == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2027 int uid = rules.keyAt(i);
2028 ranges[numUids] = new UidRange(uid, uid);
2029 numUids++;
2030 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2031 }
2032 }
2033 // As above; usually numUids == ranges.length, but not always.
2034 if (numUids != ranges.length) {
2035 ranges = Arrays.copyOf(ranges, numUids);
2036 }
2037 // ... with no exceptions.
2038 exemptUids = new int[0];
2039 }
2040
2041 try {
2042 mNetdService.socketDestroy(ranges, exemptUids);
2043 } catch(RemoteException | ServiceSpecificException e) {
2044 Slog.e(TAG, "Error closing sockets after enabling chain " + chainName + ": " + e);
2045 }
2046 }
2047
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2048 @Override
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2049 public void setFirewallChainEnabled(int chain, boolean enable) {
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2050 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2051 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2052 synchronized (mRulesLock) {
2053 if (getFirewallChainState(chain) == enable) {
2054 // All is the same, nothing to do. This relies on the fact that netd has child
2055 // chains default detached.
2056 return;
2057 }
2058 setFirewallChainState(chain, enable);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2059 }
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2060
2061 final String operation = enable ? "enable_chain" : "disable_chain";
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2062 final String chainName;
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2063 switch(chain) {
2064 case FIREWALL_CHAIN_STANDBY:
2065 chainName = FIREWALL_CHAIN_NAME_STANDBY;
2066 break;
2067 case FIREWALL_CHAIN_DOZABLE:
2068 chainName = FIREWALL_CHAIN_NAME_DOZABLE;
2069 break;
2070 case FIREWALL_CHAIN_POWERSAVE:
2071 chainName = FIREWALL_CHAIN_NAME_POWERSAVE;
2072 break;
2073 default:
2074 throw new IllegalArgumentException("Bad child chain: " + chain);
2075 }
2076
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2077 try {
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2078 mConnector.execute("firewall", operation, chainName);
2079 } catch (NativeDaemonConnectorException e) {
2080 throw e.rethrowAsParcelableException();
2081 }
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2082
2083 // Close any sockets that were opened by the affected UIDs. This has to be done after
2084 // disabling network connectivity, in case they react to the socket close by reopening
2085 // the connection and race with the iptables commands that enable the firewall. All
2086 // whitelist and blacklist chains allow RSTs through.
2087 if (enable) {
2088 if (DBG) Slog.d(TAG, "Closing sockets after enabling chain " + chainName);
Lorenzo Colitti3fef7232016-04-29 18:00:03 +0900[diff] [blame]2089 closeSocketsForFirewallChainLocked(chain, chainName);
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2090 }
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2091 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2092 }
2093
2094 private int getFirewallType(int chain) {
2095 switch (chain) {
2096 case FIREWALL_CHAIN_STANDBY:
2097 return FIREWALL_TYPE_BLACKLIST;
2098 case FIREWALL_CHAIN_DOZABLE:
2099 return FIREWALL_TYPE_WHITELIST;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2100 case FIREWALL_CHAIN_POWERSAVE:
2101 return FIREWALL_TYPE_WHITELIST;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2102 default:
2103 return isFirewallEnabled() ? FIREWALL_TYPE_WHITELIST : FIREWALL_TYPE_BLACKLIST;
2104 }
2105 }
2106
2107 @Override
2108 public void setFirewallUidRules(int chain, int[] uids, int[] rules) {
2109 enforceSystemUid();
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2110 synchronized (mQuotaLock) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2111 synchronized (mRulesLock) {
2112 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
2113 SparseIntArray newRules = new SparseIntArray();
2114 // apply new set of rules
2115 for (int index = uids.length - 1; index >= 0; --index) {
2116 int uid = uids[index];
2117 int rule = rules[index];
2118 updateFirewallUidRuleLocked(chain, uid, rule);
2119 newRules.put(uid, rule);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2120 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2121 // collect the rules to remove.
2122 SparseIntArray rulesToRemove = new SparseIntArray();
2123 for (int index = uidFirewallRules.size() - 1; index >= 0; --index) {
2124 int uid = uidFirewallRules.keyAt(index);
2125 if (newRules.indexOfKey(uid) < 0) {
2126 rulesToRemove.put(uid, FIREWALL_RULE_DEFAULT);
2127 }
2128 }
2129 // remove dead rules
2130 for (int index = rulesToRemove.size() - 1; index >= 0; --index) {
2131 int uid = rulesToRemove.keyAt(index);
2132 updateFirewallUidRuleLocked(chain, uid, FIREWALL_RULE_DEFAULT);
2133 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2134 }
2135 try {
2136 switch (chain) {
2137 case FIREWALL_CHAIN_DOZABLE:
2138 mNetdService.firewallReplaceUidChain("fw_dozable", true, uids);
2139 break;
2140 case FIREWALL_CHAIN_STANDBY:
2141 mNetdService.firewallReplaceUidChain("fw_standby", false, uids);
2142 break;
2143 case FIREWALL_CHAIN_POWERSAVE:
2144 mNetdService.firewallReplaceUidChain("fw_powersave", true, uids);
2145 break;
2146 case FIREWALL_CHAIN_NONE:
2147 default:
2148 Slog.d(TAG, "setFirewallUidRules() called on invalid chain: " + chain);
2149 }
2150 } catch (RemoteException e) {
2151 Slog.w(TAG, "Error flushing firewall chain " + chain, e);
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2152 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2153 }
2154 }
2155
2156 @Override
2157 public void setFirewallUidRule(int chain, int uid, int rule) {
2158 enforceSystemUid();
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2159 synchronized (mQuotaLock) {
2160 setFirewallUidRuleLocked(chain, uid, rule);
2161 }
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2162 }
2163
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2164 private void setFirewallUidRuleLocked(int chain, int uid, int rule) {
2165 if (updateFirewallUidRuleLocked(chain, uid, rule)) {
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2166 try {
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2167 mConnector.execute("firewall", "set_uid_rule", getFirewallChainName(chain), uid,
2168 getFirewallRuleName(chain, rule));
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2169 } catch (NativeDaemonConnectorException e) {
2170 throw e.rethrowAsParcelableException();
2171 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2172 }
2173 }
2174
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2175 // TODO: now that netd supports batching, NMS should not keep these data structures anymore...
2176 private boolean updateFirewallUidRuleLocked(int chain, int uid, int rule) {
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2177 synchronized (mRulesLock) {
2178 SparseIntArray uidFirewallRules = getUidFirewallRulesLR(chain);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2179
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2180 final int oldUidFirewallRule = uidFirewallRules.get(uid, FIREWALL_RULE_DEFAULT);
2181 if (DBG) {
2182 Slog.d(TAG, "oldRule = " + oldUidFirewallRule
2183 + ", newRule=" + rule + " for uid=" + uid + " on chain " + chain);
2184 }
2185 if (oldUidFirewallRule == rule) {
2186 if (DBG) Slog.d(TAG, "!!!!! Skipping change");
2187 // TODO: eventually consider throwing
2188 return false;
2189 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2190
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2191 String ruleName = getFirewallRuleName(chain, rule);
2192 String oldRuleName = getFirewallRuleName(chain, oldUidFirewallRule);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2193
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2194 if (rule == NetworkPolicyManager.FIREWALL_RULE_DEFAULT) {
2195 uidFirewallRules.delete(uid);
2196 } else {
2197 uidFirewallRules.put(uid, rule);
2198 }
2199 return !ruleName.equals(oldRuleName);
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2200 }
Felipe Lemea701cad2016-05-12 09:58:14 -0700[diff] [blame]2201 }
2202
Xiaohui Chen8dca36d2015-06-19 12:44:59 -0700[diff] [blame]2203 private @NonNull String getFirewallRuleName(int chain, int rule) {
2204 String ruleName;
2205 if (getFirewallType(chain) == FIREWALL_TYPE_WHITELIST) {
2206 if (rule == NetworkPolicyManager.FIREWALL_RULE_ALLOW) {
2207 ruleName = "allow";
2208 } else {
2209 ruleName = "deny";
2210 }
2211 } else { // Blacklist mode
2212 if (rule == NetworkPolicyManager.FIREWALL_RULE_DENY) {
2213 ruleName = "deny";
2214 } else {
2215 ruleName = "allow";
2216 }
2217 }
2218 return ruleName;
2219 }
2220
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2221 private @NonNull SparseIntArray getUidFirewallRulesLR(int chain) {
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2222 switch (chain) {
2223 case FIREWALL_CHAIN_STANDBY:
2224 return mUidFirewallStandbyRules;
2225 case FIREWALL_CHAIN_DOZABLE:
2226 return mUidFirewallDozableRules;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2227 case FIREWALL_CHAIN_POWERSAVE:
2228 return mUidFirewallPowerSaveRules;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2229 case FIREWALL_CHAIN_NONE:
2230 return mUidFirewallRules;
2231 default:
2232 throw new IllegalArgumentException("Unknown chain:" + chain);
2233 }
2234 }
2235
2236 public @NonNull String getFirewallChainName(int chain) {
2237 switch (chain) {
2238 case FIREWALL_CHAIN_STANDBY:
2239 return FIREWALL_CHAIN_NAME_STANDBY;
2240 case FIREWALL_CHAIN_DOZABLE:
2241 return FIREWALL_CHAIN_NAME_DOZABLE;
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2242 case FIREWALL_CHAIN_POWERSAVE:
2243 return FIREWALL_CHAIN_NAME_POWERSAVE;
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2244 case FIREWALL_CHAIN_NONE:
2245 return FIREWALL_CHAIN_NAME_NONE;
2246 default:
2247 throw new IllegalArgumentException("Unknown chain:" + chain);
2248 }
2249 }
2250
Jeff Sharkeyf56e2432012-09-06 17:54:29 -0700[diff] [blame]2251 private static void enforceSystemUid() {
2252 final int uid = Binder.getCallingUid();
2253 if (uid != Process.SYSTEM_UID) {
2254 throw new SecurityException("Only available to AID_SYSTEM");
2255 }
2256 }
2257
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2258 @Override
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2259 public void startClatd(String interfaceName) throws IllegalStateException {
2260 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2261
2262 try {
Luke Huang69369f32018-08-02 15:51:41 +0800[diff] [blame]2263 mNetdService.clatdStart(interfaceName);
2264 } catch (RemoteException | ServiceSpecificException e) {
2265 throw new IllegalStateException(e);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2266 }
2267 }
2268
2269 @Override
Lorenzo Colitti95439462014-10-09 13:44:48 +0900[diff] [blame]2270 public void stopClatd(String interfaceName) throws IllegalStateException {
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2271 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2272
2273 try {
Luke Huang69369f32018-08-02 15:51:41 +0800[diff] [blame]2274 mNetdService.clatdStop(interfaceName);
2275 } catch (RemoteException | ServiceSpecificException e) {
2276 throw new IllegalStateException(e);
Lorenzo Colitti79751842013-02-28 16:16:03 +0900[diff] [blame]2277 }
2278 }
2279
2280 @Override
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2281 public void registerNetworkActivityListener(INetworkActivityListener listener) {
2282 mNetworkActivityListeners.register(listener);
2283 }
2284
2285 @Override
2286 public void unregisterNetworkActivityListener(INetworkActivityListener listener) {
2287 mNetworkActivityListeners.unregister(listener);
2288 }
2289
2290 @Override
2291 public boolean isNetworkActive() {
2292 synchronized (mNetworkActivityListeners) {
2293 return mNetworkActive || mActiveIdleTimers.isEmpty();
2294 }
2295 }
2296
2297 private void reportNetworkActive() {
2298 final int length = mNetworkActivityListeners.beginBroadcast();
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2299 try {
2300 for (int i = 0; i < length; i++) {
2301 try {
2302 mNetworkActivityListeners.getBroadcastItem(i).onNetworkActive();
Felipe Leme03e689d2016-03-02 16:17:38 -0800[diff] [blame]2303 } catch (RemoteException | RuntimeException e) {
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2304 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2305 }
Robert Greenwalt2c9f5472014-04-21 14:50:28 -0700[diff] [blame]2306 } finally {
2307 mNetworkActivityListeners.finishBroadcast();
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2308 }
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2309 }
2310
Mattias Falk8b47b362011-08-23 14:15:13 +0200[diff] [blame]2311 /** {@inheritDoc} */
Jeff Sharkey7b4596f2013-02-25 10:55:29 -0800[diff] [blame]2312 @Override
Jeff Sharkeyfa23c5a2011-08-09 21:44:24 -0700[diff] [blame]2313 public void monitor() {
2314 if (mConnector != null) {
2315 mConnector.monitor();
2316 }
2317 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2318
2319 @Override
2320 protected void dump(FileDescriptor fd, PrintWriter pw, String[] args) {
Jeff Sharkeyfe9a53b2017-03-31 14:08:23 -0600[diff] [blame]2321 if (!DumpUtils.checkDumpPermission(mContext, TAG, pw)) return;
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2322
Robert Greenwalt470fd722012-01-18 12:51:15 -0800[diff] [blame]2323 pw.println("NetworkManagementService NativeDaemonConnector Log:");
2324 mConnector.dump(fd, pw, args);
2325 pw.println();
2326
Dianne Hackborn2ffa11e2014-04-21 15:56:18 -0700[diff] [blame]2327 pw.print("mMobileActivityFromRadio="); pw.print(mMobileActivityFromRadio);
2328 pw.print(" mLastPowerStateFromRadio="); pw.println(mLastPowerStateFromRadio);
2329 pw.print("mNetworkActive="); pw.println(mNetworkActive);
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2330
2331 synchronized (mQuotaLock) {
Jeff Sharkeyb24a7852012-05-01 15:19:37 -0700[diff] [blame]2332 pw.print("Active quota ifaces: "); pw.println(mActiveQuotas.toString());
2333 pw.print("Active alert ifaces: "); pw.println(mActiveAlerts.toString());
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2334 pw.print("Data saver mode: "); pw.println(mDataSaverMode);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2335 synchronized (mRulesLock) {
2336 dumpUidRuleOnQuotaLocked(pw, "blacklist", mUidRejectOnMetered);
2337 dumpUidRuleOnQuotaLocked(pw, "whitelist", mUidAllowOnMetered);
2338 }
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2339 }
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2340
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2341 synchronized (mRulesLock) {
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2342 dumpUidFirewallRule(pw, "", mUidFirewallRules);
Amith Yamasani15e472352015-04-24 19:06:07 -0700[diff] [blame]2343
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2344 pw.print("UID firewall standby chain enabled: "); pw.println(
2345 getFirewallChainState(FIREWALL_CHAIN_STANDBY));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2346 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_STANDBY, mUidFirewallStandbyRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2347
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2348 pw.print("UID firewall dozable chain enabled: "); pw.println(
2349 getFirewallChainState(FIREWALL_CHAIN_DOZABLE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2350 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_DOZABLE, mUidFirewallDozableRules);
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2351
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2352 pw.println("UID firewall powersave chain enabled: " +
2353 getFirewallChainState(FIREWALL_CHAIN_POWERSAVE));
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2354 dumpUidFirewallRule(pw, FIREWALL_CHAIN_NAME_POWERSAVE, mUidFirewallPowerSaveRules);
Xiaohui Chenb41c9f72015-06-17 15:55:37 -0700[diff] [blame]2355 }
2356
Dianne Hackborn77b987f2014-02-26 16:20:52 -0800[diff] [blame]2357 synchronized (mIdleTimerLock) {
2358 pw.println("Idle timers:");
2359 for (HashMap.Entry<String, IdleTimerParams> ent : mActiveIdleTimers.entrySet()) {
2360 pw.print(" "); pw.print(ent.getKey()); pw.println(":");
2361 IdleTimerParams params = ent.getValue();
2362 pw.print(" timeout="); pw.print(params.timeout);
2363 pw.print(" type="); pw.print(params.type);
2364 pw.print(" networkCount="); pw.println(params.networkCount);
2365 }
2366 }
2367
Jeff Sharkeyc268f0b2012-08-24 10:25:31 -0700[diff] [blame]2368 pw.print("Firewall enabled: "); pw.println(mFirewallEnabled);
Felipe Leme65be3022016-03-22 14:53:13 -0700[diff] [blame]2369 pw.print("Netd service status: " );
2370 if (mNetdService == null) {
2371 pw.println("disconnected");
2372 } else {
2373 try {
2374 final boolean alive = mNetdService.isAlive();
2375 pw.println(alive ? "alive": "dead");
2376 } catch (RemoteException e) {
2377 pw.println("unreachable");
2378 }
2379 }
2380 }
2381
2382 private void dumpUidRuleOnQuotaLocked(PrintWriter pw, String name, SparseBooleanArray list) {
2383 pw.print("UID bandwith control ");
2384 pw.print(name);
2385 pw.print(" rule: [");
2386 final int size = list.size();
2387 for (int i = 0; i < size; i++) {
2388 pw.print(list.keyAt(i));
2389 if (i < size - 1) pw.print(",");
2390 }
2391 pw.println("]");
Jeff Sharkey47eb1022011-08-25 17:48:52 -0700[diff] [blame]2392 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2393
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2394 private void dumpUidFirewallRule(PrintWriter pw, String name, SparseIntArray rules) {
Lorenzo Colitti4cb42402016-04-24 12:52:00 +0900[diff] [blame]2395 pw.print("UID firewall ");
Felipe Leme011b98f2016-02-10 17:28:31 -0800[diff] [blame]2396 pw.print(name);
2397 pw.print(" rule: [");
2398 final int size = rules.size();
2399 for (int i = 0; i < size; i++) {
2400 pw.print(rules.keyAt(i));
2401 pw.print(":");
2402 pw.print(rules.valueAt(i));
2403 if (i < size - 1) pw.print(",");
2404 }
2405 pw.println("]");
2406 }
2407
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2408 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2409 public void createPhysicalNetwork(int netId, String permission) {
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2410 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2411
2412 try {
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2413 if (permission != null) {
2414 mConnector.execute("network", "create", netId, permission);
2415 } else {
2416 mConnector.execute("network", "create", netId);
2417 }
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2418 } catch (NativeDaemonConnectorException e) {
2419 throw e.rethrowAsParcelableException();
2420 }
2421 }
2422
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2423 @Override
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2424 public void createVirtualNetwork(int netId, boolean hasDNS, boolean secure) {
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2425 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2426
2427 try {
Sreeram Ramachandran8cd33ed2014-07-23 15:23:15 -0700[diff] [blame]2428 mConnector.execute("network", "create", netId, "vpn", hasDNS ? "1" : "0",
2429 secure ? "1" : "0");
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2430 } catch (NativeDaemonConnectorException e) {
2431 throw e.rethrowAsParcelableException();
2432 }
2433 }
2434
2435 @Override
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2436 public void removeNetwork(int netId) {
Erik Kline33d8e5c2018-01-15 17:05:07 +0900[diff] [blame]2437 mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2438
2439 try {
Erik Kline33d8e5c2018-01-15 17:05:07 +0900[diff] [blame]2440 mNetdService.networkDestroy(netId);
2441 } catch (ServiceSpecificException e) {
2442 Log.w(TAG, "removeNetwork(" + netId + "): ", e);
2443 throw e;
2444 } catch (RemoteException e) {
2445 Log.w(TAG, "removeNetwork(" + netId + "): ", e);
2446 throw e.rethrowAsRuntimeException();
Robert Greenwalt9ba9c582014-03-19 17:56:12 -0700[diff] [blame]2447 }
2448 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2449
2450 @Override
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2451 public void addInterfaceToNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2452 modifyInterfaceInNetwork("add", "" + netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2453 }
2454
2455 @Override
2456 public void removeInterfaceFromNetwork(String iface, int netId) {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2457 modifyInterfaceInNetwork("remove", "" + netId, iface);
2458 }
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2459
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2460 private void modifyInterfaceInNetwork(String action, String netId, String iface) {
2461 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2462 try {
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2463 mConnector.execute("network", "interface", action, netId, iface);
Paul Jensen992f2522014-04-28 10:33:11 -0400[diff] [blame]2464 } catch (NativeDaemonConnectorException e) {
2465 throw e.rethrowAsParcelableException();
2466 }
2467 }
2468
2469 @Override
Robert Greenwalt913c8952014-04-07 17:36:35 -0700[diff] [blame]2470 public void addLegacyRouteForNetId(int netId, RouteInfo routeInfo, int uid) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2471 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2472
Sreeram Ramachandran03666c72014-07-19 23:21:46 -0700[diff] [blame]2473 final Command cmd = new Command("network", "route", "legacy", uid, "add", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2474
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2475 // create triplet: interface dest-ip-addr/prefixlength gateway-ip-addr
Sreeram Ramachandrancc91c7b2014-06-03 18:41:43 -0700[diff] [blame]2476 final LinkAddress la = routeInfo.getDestinationLinkAddress();
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2477 cmd.appendArg(routeInfo.getInterface());
Lorenzo Colitti7dc78cf2014-06-09 22:58:46 +0900[diff] [blame]2478 cmd.appendArg(la.getAddress().getHostAddress() + "/" + la.getPrefixLength());
Sreeram Ramachandran1fbcb272014-05-22 16:30:48 -0700[diff] [blame]2479 if (routeInfo.hasGateway()) {
2480 cmd.appendArg(routeInfo.getGateway().getHostAddress());
2481 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2482
2483 try {
2484 mConnector.execute(cmd);
2485 } catch (NativeDaemonConnectorException e) {
2486 throw e.rethrowAsParcelableException();
2487 }
2488 }
2489
2490 @Override
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2491 public void setDefaultNetId(int netId) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2492 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2493
2494 try {
Sreeram Ramachandranf047f2a2014-04-15 16:04:26 -0700[diff] [blame]2495 mConnector.execute("network", "default", "set", netId);
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2496 } catch (NativeDaemonConnectorException e) {
2497 throw e.rethrowAsParcelableException();
2498 }
2499 }
2500
2501 @Override
2502 public void clearDefaultNetId() {
2503 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2504
2505 try {
2506 mConnector.execute("network", "default", "clear");
2507 } catch (NativeDaemonConnectorException e) {
2508 throw e.rethrowAsParcelableException();
2509 }
2510 }
2511
2512 @Override
Paul Jensen487ffe72015-07-24 15:57:11 -0400[diff] [blame]2513 public void setNetworkPermission(int netId, String permission) {
2514 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2515
2516 try {
2517 if (permission != null) {
2518 mConnector.execute("network", "permission", "network", "set", permission, netId);
2519 } else {
2520 mConnector.execute("network", "permission", "network", "clear", netId);
2521 }
2522 } catch (NativeDaemonConnectorException e) {
2523 throw e.rethrowAsParcelableException();
2524 }
2525 }
2526
2527
2528 @Override
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2529 public void setPermission(String permission, int[] uids) {
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2530 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2531
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2532 Object[] argv = new Object[4 + MAX_UID_RANGES_PER_COMMAND];
2533 argv[0] = "permission";
2534 argv[1] = "user";
2535 argv[2] = "set";
2536 argv[3] = permission;
2537 int argc = 4;
2538 // Avoid overly long commands by limiting number of UIDs per command.
2539 for (int i = 0; i < uids.length; ++i) {
2540 argv[argc++] = uids[i];
2541 if (i == uids.length - 1 || argc == argv.length) {
2542 try {
2543 mConnector.execute("network", Arrays.copyOf(argv, argc));
2544 } catch (NativeDaemonConnectorException e) {
2545 throw e.rethrowAsParcelableException();
2546 }
2547 argc = 4;
2548 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2549 }
2550 }
2551
2552 @Override
2553 public void clearPermission(int[] uids) {
2554 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2555
Sreeram Ramachandrane4a05af2014-09-24 09:16:19 -0700[diff] [blame]2556 Object[] argv = new Object[3 + MAX_UID_RANGES_PER_COMMAND];
2557 argv[0] = "permission";
2558 argv[1] = "user";
2559 argv[2] = "clear";
2560 int argc = 3;
2561 // Avoid overly long commands by limiting number of UIDs per command.
2562 for (int i = 0; i < uids.length; ++i) {
2563 argv[argc++] = uids[i];
2564 if (i == uids.length - 1 || argc == argv.length) {
2565 try {
2566 mConnector.execute("network", Arrays.copyOf(argv, argc));
2567 } catch (NativeDaemonConnectorException e) {
2568 throw e.rethrowAsParcelableException();
2569 }
2570 argc = 3;
2571 }
Robert Greenwalt568891d2014-04-04 13:38:00 -0700[diff] [blame]2572 }
2573 }
Paul Jensen6bc2c2c2014-05-07 15:27:40 -0400[diff] [blame]2574
2575 @Override
2576 public void allowProtect(int uid) {
2577 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2578
2579 try {
2580 mConnector.execute("network", "protect", "allow", uid);
2581 } catch (NativeDaemonConnectorException e) {
2582 throw e.rethrowAsParcelableException();
2583 }
2584 }
2585
2586 @Override
2587 public void denyProtect(int uid) {
2588 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2589
2590 try {
2591 mConnector.execute("network", "protect", "deny", uid);
2592 } catch (NativeDaemonConnectorException e) {
2593 throw e.rethrowAsParcelableException();
2594 }
2595 }
2596
Sreeram Ramachandrana77760d2014-07-17 17:09:07 -0700[diff] [blame]2597 @Override
2598 public void addInterfaceToLocalNetwork(String iface, List<RouteInfo> routes) {
2599 modifyInterfaceInNetwork("add", "local", iface);
2600
2601 for (RouteInfo route : routes) {
2602 if (!route.isDefaultRoute()) {
2603 modifyRoute("add", "local", route);
2604 }
2605 }
2606 }
2607
2608 @Override
2609 public void removeInterfaceFromLocalNetwork(String iface) {
2610 modifyInterfaceInNetwork("remove", "local", iface);
2611 }
Erik Kline6599ee82016-07-17 21:28:39 +0900[diff] [blame]2612
2613 @Override
2614 public int removeRoutesFromLocalNetwork(List<RouteInfo> routes) {
2615 int failures = 0;
2616
2617 for (RouteInfo route : routes) {
2618 try {
2619 modifyRoute("remove", "local", route);
2620 } catch (IllegalStateException e) {
2621 failures++;
2622 }
2623 }
2624
2625 return failures;
2626 }
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2627
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2628 @Override
2629 public boolean isNetworkRestricted(int uid) {
2630 mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
2631 return isNetworkRestrictedInternal(uid);
2632 }
2633
2634 private boolean isNetworkRestrictedInternal(int uid) {
2635 synchronized (mRulesLock) {
2636 if (getFirewallChainState(FIREWALL_CHAIN_STANDBY)
2637 && mUidFirewallStandbyRules.get(uid) == FIREWALL_RULE_DENY) {
2638 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of app standby mode");
2639 return true;
2640 }
2641 if (getFirewallChainState(FIREWALL_CHAIN_DOZABLE)
2642 && mUidFirewallDozableRules.get(uid) != FIREWALL_RULE_ALLOW) {
2643 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of device idle mode");
2644 return true;
2645 }
2646 if (getFirewallChainState(FIREWALL_CHAIN_POWERSAVE)
2647 && mUidFirewallPowerSaveRules.get(uid) != FIREWALL_RULE_ALLOW) {
2648 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of power saver mode");
2649 return true;
2650 }
2651 if (mUidRejectOnMetered.get(uid)) {
2652 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of no metered data"
2653 + " in the background");
2654 return true;
2655 }
2656 if (mDataSaverMode && !mUidAllowOnMetered.get(uid)) {
2657 if (DBG) Slog.d(TAG, "Uid " + uid + " restricted because of data saver mode");
2658 return true;
2659 }
2660 return false;
2661 }
2662 }
2663
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2664 private void setFirewallChainState(int chain, boolean state) {
2665 synchronized (mRulesLock) {
2666 mFirewallChainStates.put(chain, state);
2667 }
2668 }
2669
2670 private boolean getFirewallChainState(int chain) {
2671 synchronized (mRulesLock) {
2672 return mFirewallChainStates.get(chain);
2673 }
2674 }
2675
2676 @VisibleForTesting
2677 class LocalService extends NetworkManagementInternal {
2678 @Override
2679 public boolean isNetworkRestrictedForUid(int uid) {
Sudheer Shankab8f23162017-08-04 13:30:10 -0700[diff] [blame]2680 return isNetworkRestrictedInternal(uid);
Sudheer Shanka62f5c172017-03-17 16:25:55 -0700[diff] [blame]2681 }
2682 }
2683
2684 @VisibleForTesting
2685 Injector getInjector() {
2686 return new Injector();
2687 }
2688
2689 @VisibleForTesting
2690 class Injector {
2691 void setDataSaverMode(boolean dataSaverMode) {
2692 mDataSaverMode = dataSaverMode;
2693 }
2694
2695 void setFirewallChainState(int chain, boolean state) {
2696 NetworkManagementService.this.setFirewallChainState(chain, state);
2697 }
2698
2699 void setFirewallRule(int chain, int uid, int rule) {
2700 synchronized (mRulesLock) {
2701 getUidFirewallRulesLR(chain).put(uid, rule);
2702 }
2703 }
2704
2705 void setUidOnMeteredNetworkList(boolean blacklist, int uid, boolean enable) {
2706 synchronized (mRulesLock) {
2707 if (blacklist) {
2708 mUidRejectOnMetered.put(uid, enable);
2709 } else {
2710 mUidAllowOnMetered.put(uid, enable);
2711 }
2712 }
2713 }
2714
2715 void reset() {
2716 synchronized (mRulesLock) {
2717 setDataSaverMode(false);
2718 final int[] chains = {
2719 FIREWALL_CHAIN_DOZABLE,
2720 FIREWALL_CHAIN_STANDBY,
2721 FIREWALL_CHAIN_POWERSAVE
2722 };
2723 for (int chain : chains) {
2724 setFirewallChainState(chain, false);
2725 getUidFirewallRulesLR(chain).clear();
2726 }
2727 mUidAllowOnMetered.clear();
2728 mUidRejectOnMetered.clear();
2729 }
2730 }
2731 }
San Mehat873f2142010-01-14 10:25:07 -0800[diff] [blame]2732}