Add an RPC to replace a UID firewall rule.
Also add a binder_test that exercises binder RPCs to the real
netd service running on the device
Bug: 21725996
Bug: 27239233
Change-Id: Ic83d81605021a0578d6cd32f889290be61d76125
diff --git a/server/NetdNativeService.cpp b/server/NetdNativeService.cpp
index f4b5a10..46f4315 100644
--- a/server/NetdNativeService.cpp
+++ b/server/NetdNativeService.cpp
@@ -16,6 +16,8 @@
#define LOG_TAG "Netd"
+#include <vector>
+
#include <android-base/stringprintf.h>
#include <cutils/log.h>
#include <utils/Errors.h>
@@ -24,6 +26,7 @@
#include <binder/IServiceManager.h>
#include "android/net/BnNetd.h"
+#include "Controllers.h"
#include "NetdConstants.h"
#include "NetdNativeService.h"
@@ -55,19 +58,31 @@
} \
}
-#define NETD_LOCKING_RPC(permission) \
- ENFORCE_PERMISSION(permission); \
- android::RWLock::AutoWLock lock(gBigNetdLock);
+#define NETD_LOCKING_RPC(permission, lock) \
+ ENFORCE_PERMISSION(permission); \
+ android::RWLock::AutoWLock _lock(lock);
+
+#define NETD_BIG_LOCK_RPC(permission) NETD_LOCKING_RPC((permission), gBigNetdLock)
} // namespace
binder::Status NetdNativeService::isAlive(bool *alive) {
- NETD_LOCKING_RPC(CONNECTIVITY_INTERNAL);
+ NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL);
*alive = true;
return binder::Status::ok();
}
+binder::Status NetdNativeService::firewallReplaceUidChain(const android::String16& chainName,
+ bool isWhitelist, const std::vector<int32_t>& uids, bool *ret) {
+ NETD_LOCKING_RPC(CONNECTIVITY_INTERNAL, gCtls->firewallCtrl.lock);
+
+ android::String8 name = android::String8(chainName);
+ int err = gCtls->firewallCtrl.replaceUidChain(name.string(), isWhitelist, uids);
+ *ret = (err == 0);
+ return binder::Status::ok();
+
+}
} // namespace net
} // namespace android