Add UID range support to VPNs.
This adds the necessary routing rules.
Future CLs will add the ability to select the right netId for connect(),
setNetworkForSocket(), DNS resolutions, etc.
Bug: 15409918
Change-Id: I88a67660d49cecda834dd72ab947fbfed250f09d
diff --git a/server/RouteController.h b/server/RouteController.h
index c6cd760..9162023 100644
--- a/server/RouteController.h
+++ b/server/RouteController.h
@@ -22,6 +22,8 @@
#include <sys/types.h>
+class UidRanges;
+
class RouteController {
public:
// How the routing table number is determined for route modification requests.
@@ -40,8 +42,10 @@
static int removeInterfaceFromNetwork(unsigned netId, const char* interface,
Permission permission) WARN_UNUSED_RESULT;
- static int addInterfaceToVpn(unsigned netId, const char* interface) WARN_UNUSED_RESULT;
- static int removeInterfaceFromVpn(unsigned netId, const char* interface) WARN_UNUSED_RESULT;
+ static int addInterfaceToVpn(unsigned netId, const char* interface,
+ const UidRanges& uidRanges) WARN_UNUSED_RESULT;
+ static int removeInterfaceFromVpn(unsigned netId, const char* interface,
+ const UidRanges& uidRanges) WARN_UNUSED_RESULT;
static int modifyNetworkPermission(unsigned netId, const char* interface,
Permission oldPermission,
@@ -51,6 +55,11 @@
static int removeFromDefaultNetwork(const char* interface,
Permission permission) WARN_UNUSED_RESULT;
+ static int addUsersToVpn(unsigned netId, const char* interface,
+ const UidRanges& uidRanges) WARN_UNUSED_RESULT;
+ static int removeUsersFromVpn(unsigned netId, const char* interface,
+ const UidRanges& uidRanges) WARN_UNUSED_RESULT;
+
static int addRoute(const char* interface, const char* destination, const char* nexthop,
TableType tableType, uid_t uid) WARN_UNUSED_RESULT;
static int removeRoute(const char* interface, const char* destination, const char* nexthop,