Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / e20a526adfe021f3de3e60f25cf119f98093ba03^! / . / server / TetherController.cpp
commite20a526adfe021f3de3e60f25cf119f98093ba03[log] [tgz]
authorLorenzo Colitti <lorenzo@google.com>Tue May 09 18:30:44 2017 +0900
committerLorenzo Colitti <lorenzo@google.com>Tue May 09 18:30:44 2017 +0900
treea78fdec16c18038ee823b883af44faa28c2ef076
parenteac77a70fc96ae7d11a9adc4ad7c275830f66c61 [diff] [blame]
Pass dnsmasq the socket mark to use for listen sockets.

This allows us to configure dnsmasq to reply to DHCP requests and
DNS queries when a VPN is up.

Bug: 37778642
Test: bullhead builds and boots
Test: succesfully tethered when a VPN was connected
Change-Id: I7d5899f80fae856a52a2019550b155bccee2888a

diff --git a/server/TetherController.cpp b/server/TetherController.cpp
index 7bf4a92..1785ec7 100644
--- a/server/TetherController.cpp
+++ b/server/TetherController.cpp

@@ -36,6 +36,7 @@
 #include "NetdConstants.h"
 #include "Permission.h"
 #include "InterfaceController.h"
+#include "NetworkController.h"
 #include "TetherController.h"
 
 namespace {
@@ -86,6 +87,9 @@
 
 }  // namespace
 
+namespace android {
+namespace net {
+
 TetherController::TetherController() {
     mDnsNetId = 0;
     mDaemonFd = -1;
@@ -129,7 +133,7 @@
     return mForwardingRequests.size();
 }
 
-#define TETHER_START_CONST_ARG        8
+#define TETHER_START_CONST_ARG        10
 
 int TetherController::startTethering(int num_addrs, char **dhcp_ranges) {
     if (mDaemonPid != 0) {
@@ -169,6 +173,14 @@
             close(pipefd[0]);
         }
 
+        Fwmark fwmark;
+        fwmark.netId = NetworkController::LOCAL_NET_ID;
+        fwmark.explicitlySelected = true;
+        fwmark.protectedFromVpn = true;
+        fwmark.permission = PERMISSION_SYSTEM;
+        char markStr[UINT32_HEX_STRLEN];
+        snprintf(markStr, sizeof(markStr), "0x%x", fwmark.intValue);
+
         int num_processed_args = TETHER_START_CONST_ARG + (num_addrs/2) + 1;
         char **args = (char **)malloc(sizeof(char *) * num_processed_args);
         args[num_processed_args - 1] = NULL;
@@ -180,7 +192,9 @@
         // TODO: pipe through metered status from ConnService
         args[5] = (char *)"--dhcp-option-force=43,ANDROID_METERED";
         args[6] = (char *)"--pid-file";
-        args[7] = (char *)"";
+        args[7] = (char *)"--listen-mark";
+        args[8] = (char *)markStr;
+        args[9] = (char *)"";
 
         int nextArg = TETHER_START_CONST_ARG;
         for (int addrIndex = 0; addrIndex < num_addrs; addrIndex += 2) {
@@ -356,3 +370,6 @@
 const std::list<std::string> &TetherController::getTetheredInterfaceList() const {
     return mInterfaces;
 }
+
+}  // namespace net
+}  // namespace android