Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / 08cb2111a7863870da3495e4821bc2f4973e2ee6 / . / server / NetdNativeService.cpp
blob: 322604a19771edff4acdb3b6f2f664fd5c7805b1 [file] [log] [blame]
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]1/**
2 * Copyright (c) 2016, The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#define LOG_TAG "Netd"
18
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]19#include <cinttypes>
Xiao Ma33d562a2018-12-16 16:27:38 +0900[diff] [blame]20#include <numeric>
Ben Schwartz4204ecf2017-10-02 12:35:48 -0400[diff] [blame]21#include <set>
Xiao Ma64b15b72019-03-20 11:33:15 +0900[diff] [blame]22#include <string>
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]23#include <tuple>
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]24#include <vector>
25
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]26#include <android-base/file.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]27#include <android-base/stringprintf.h>
Ben Schwartz4204ecf2017-10-02 12:35:48 -0400[diff] [blame]28#include <android-base/strings.h>
Luke Huange3f11812019-05-02 18:10:15 +0800[diff] [blame]29#include <binder/IPCThreadState.h>
30#include <binder/IServiceManager.h>
31#include <binder/Status.h>
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]32#include <cutils/properties.h>
Logan Chien3f461482018-04-23 14:31:32 +0800[diff] [blame]33#include <log/log.h>
Luke Huange3f11812019-05-02 18:10:15 +0800[diff] [blame]34#include <netdutils/DumpWriter.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]35#include <utils/Errors.h>
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]36#include <utils/String16.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]37
Luke Huange3f11812019-05-02 18:10:15 +0800[diff] [blame]38#include "BinderUtil.h"
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]39#include "Controllers.h"
Chiachang Wang00fc62f2019-12-04 20:38:26 +0800[diff] [blame]40#include "Fwmark.h"
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]41#include "InterfaceController.h"
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]42#include "NetdNativeService.h"
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]43#include "NetdPermissions.h"
Luke Huang0e5e69d2019-03-06 15:42:38 +0800[diff] [blame]44#include "OemNetdListener.h"
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]45#include "Permission.h"
Erik Kline85890042018-05-25 19:19:11 +0900[diff] [blame]46#include "Process.h"
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]47#include "RouteController.h"
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]48#include "SockDiag.h"
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]49#include "UidRanges.h"
Xiao Ma33d562a2018-12-16 16:27:38 +0900[diff] [blame]50#include "android/net/BnNetd.h"
Bernie Innocenti189eb502018-10-01 23:10:18 +0900[diff] [blame]51#include "netid_client.h" // NETID_UNSET
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]52
53using android::base::StringPrintf;
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]54using android::base::WriteStringToFile;
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]55using android::net::TetherStatsParcel;
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]56using android::net::UidRangeParcel;
Luke Huangb257d612019-03-14 21:19:13 +0800[diff] [blame]57using android::netdutils::DumpWriter;
58using android::netdutils::ScopedIndent;
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]59using android::os::ParcelFileDescriptor;
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]60
61namespace android {
62namespace net {
63
64namespace {
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]65const char OPT_SHORT[] = "--short";
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]66
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]67binder::Status checkAnyPermission(const std::vector<const char*>& permissions) {
Luke Huanga38b65c2018-09-26 16:31:03 +0800[diff] [blame]68 pid_t pid = IPCThreadState::self()->getCallingPid();
69 uid_t uid = IPCThreadState::self()->getCallingUid();
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]70
Luke Huanga38b65c2018-09-26 16:31:03 +0800[diff] [blame]71 // If the caller is the system UID, don't check permissions.
72 // Otherwise, if the system server's binder thread pool is full, and all the threads are
73 // blocked on a thread that's waiting for us to complete, we deadlock. http://b/69389492
74 //
75 // From a security perspective, there is currently no difference, because:
76 // 1. The only permissions we check in netd's binder interface are CONNECTIVITY_INTERNAL
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]77 // and NETWORK_STACK, which the system server always has (or MAINLINE_NETWORK_STACK, which
78 // is equivalent to having both CONNECTIVITY_INTERNAL and NETWORK_STACK).
Luke Huanga38b65c2018-09-26 16:31:03 +0800[diff] [blame]79 // 2. AID_SYSTEM always has all permissions. See ActivityManager#checkComponentPermission.
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]80 if (uid == AID_SYSTEM) {
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]81 return binder::Status::ok();
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]82 }
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]83
84 for (const char* permission : permissions) {
85 if (checkPermission(String16(permission), pid, uid)) {
86 return binder::Status::ok();
87 }
88 }
89
90 auto err = StringPrintf("UID %d / PID %d does not have any of the following permissions: %s",
91 uid, pid, android::base::Join(permissions, ',').c_str());
92 return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, err.c_str());
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]93}
94
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]95#define ENFORCE_ANY_PERMISSION(...) \
96 do { \
97 binder::Status status = checkAnyPermission({__VA_ARGS__}); \
98 if (!status.isOk()) { \
99 return status; \
100 } \
101 } while (0)
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]102
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]103#define NETD_LOCKING_RPC(lock, ... /* permissions */) \
104 ENFORCE_ANY_PERMISSION(__VA_ARGS__); \
Bernie Innocentiabf8a342018-08-10 15:17:16 +0900[diff] [blame]105 std::lock_guard _lock(lock);
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]106
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]107#define NETD_BIG_LOCK_RPC(... /* permissions */) NETD_LOCKING_RPC(gBigNetdLock, __VA_ARGS__)
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]108
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]109#define RETURN_BINDER_STATUS_IF_NOT_OK(logEntry, res) \
110 do { \
111 if (!isOk((res))) { \
112 logErrorStatus((logEntry), (res)); \
113 return asBinderStatus((res)); \
114 } \
115 } while (0)
116
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]117#define ENFORCE_INTERNAL_PERMISSIONS() \
118 ENFORCE_ANY_PERMISSION(PERM_CONNECTIVITY_INTERNAL, PERM_MAINLINE_NETWORK_STACK)
119
120#define ENFORCE_NETWORK_STACK_PERMISSIONS() \
121 ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK)
122
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]123void logErrorStatus(netdutils::LogEntry& logEntry, const netdutils::Status& status) {
124 gLog.log(logEntry.returns(status.code()).withAutomaticDuration());
125}
126
Bernie Innocenti97f388f2018-10-16 19:17:08 +0900[diff] [blame]127binder::Status asBinderStatus(const netdutils::Status& status) {
128 if (isOk(status)) {
129 return binder::Status::ok();
130 }
131 return binder::Status::fromServiceSpecificError(status.code(), status.msg().c_str());
132}
133
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]134inline binder::Status statusFromErrcode(int ret) {
135 if (ret) {
136 return binder::Status::fromServiceSpecificError(-ret, strerror(-ret));
137 }
138 return binder::Status::ok();
139}
140
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]141bool contains(const Vector<String16>& words, const String16& word) {
142 for (const auto& w : words) {
143 if (w == word) return true;
144 }
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]145
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]146 return false;
147}
148
149} // namespace
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]150
Luke Huange3f11812019-05-02 18:10:15 +0800[diff] [blame]151NetdNativeService::NetdNativeService() {
152 // register log callback to BnNetd::logFunc
153 BnNetd::logFunc = std::bind(binderCallLogFn, std::placeholders::_1,
154 [](const std::string& msg) { gLog.info("%s", msg.c_str()); });
155}
156
Lorenzo Colittie4851de2016-03-17 13:23:28 +0900[diff] [blame]157status_t NetdNativeService::start() {
158 IPCThreadState::self()->disableBackgroundScheduling(true);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]159 const status_t ret = BinderService<NetdNativeService>::publish();
Lorenzo Colittie4851de2016-03-17 13:23:28 +0900[diff] [blame]160 if (ret != android::OK) {
161 return ret;
162 }
163 sp<ProcessState> ps(ProcessState::self());
164 ps->startThreadPool();
165 ps->giveThreadPoolName();
Xiao Ma33d562a2018-12-16 16:27:38 +0900[diff] [blame]166
Lorenzo Colittie4851de2016-03-17 13:23:28 +0900[diff] [blame]167 return android::OK;
168}
169
Hugo Benichi7b314e12018-01-15 21:54:00 +0900[diff] [blame]170status_t NetdNativeService::dump(int fd, const Vector<String16> &args) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]171 const binder::Status dump_permission = checkAnyPermission({PERM_DUMP});
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]172 if (!dump_permission.isOk()) {
173 const String8 msg(dump_permission.toString8());
174 write(fd, msg.string(), msg.size());
175 return PERMISSION_DENIED;
176 }
177
178 // This method does not grab any locks. If individual classes need locking
179 // their dump() methods MUST handle locking appropriately.
Hugo Benichi7b314e12018-01-15 21:54:00 +0900[diff] [blame]180
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]181 DumpWriter dw(fd);
Hugo Benichi7b314e12018-01-15 21:54:00 +0900[diff] [blame]182
183 if (!args.isEmpty() && args[0] == TcpSocketMonitor::DUMP_KEYWORD) {
184 dw.blankline();
185 gCtls->tcpSocketMonitor.dump(dw);
186 dw.blankline();
187 return NO_ERROR;
188 }
189
Chenbo Fengef297172018-03-26 10:53:33 -0700[diff] [blame]190 if (!args.isEmpty() && args[0] == TrafficController::DUMP_KEYWORD) {
191 dw.blankline();
192 gCtls->trafficCtrl.dump(dw, true);
193 dw.blankline();
194 return NO_ERROR;
195 }
196
Erik Kline85890042018-05-25 19:19:11 +0900[diff] [blame]197 process::dump(dw);
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]198 dw.blankline();
199 gCtls->netCtrl.dump(dw);
200 dw.blankline();
201
Chenbo Fengef297172018-03-26 10:53:33 -0700[diff] [blame]202 gCtls->trafficCtrl.dump(dw, false);
203 dw.blankline();
204
Benedict Wongaf855432018-05-10 17:07:37 -0700[diff] [blame]205 gCtls->xfrmCtrl.dump(dw);
206 dw.blankline();
207
Maciej Żenczykowski55262712019-03-29 23:44:56 -0700[diff] [blame]208 gCtls->clatdCtrl.dump(dw);
209 dw.blankline();
210
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]211 {
212 ScopedIndent indentLog(dw);
213 if (contains(args, String16(OPT_SHORT))) {
214 dw.println("Log: <omitted>");
215 } else {
216 dw.println("Log:");
217 ScopedIndent indentLogEntries(dw);
218 gLog.forEachEntry([&dw](const std::string& entry) mutable { dw.println(entry); });
219 }
220 dw.blankline();
221 }
222
Luke Huang528af602018-08-29 19:06:05 +0800[diff] [blame]223 {
224 ScopedIndent indentLog(dw);
225 if (contains(args, String16(OPT_SHORT))) {
226 dw.println("UnsolicitedLog: <omitted>");
227 } else {
228 dw.println("UnsolicitedLog:");
229 ScopedIndent indentLogEntries(dw);
230 gUnsolicitedLog.forEachEntry(
231 [&dw](const std::string& entry) mutable { dw.println(entry); });
232 }
233 dw.blankline();
234 }
235
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]236 return NO_ERROR;
237}
238
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]239binder::Status NetdNativeService::isAlive(bool *alive) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]240 NETD_BIG_LOCK_RPC(PERM_CONNECTIVITY_INTERNAL, PERM_MAINLINE_NETWORK_STACK);
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]241
242 *alive = true;
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]243
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]244 return binder::Status::ok();
245}
246
Erik Klinef52d4522018-03-14 15:01:46 +0900[diff] [blame]247binder::Status NetdNativeService::firewallReplaceUidChain(const std::string& chainName,
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]248 bool isWhitelist, const std::vector<int32_t>& uids, bool *ret) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]249 NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_CONNECTIVITY_INTERNAL,
250 PERM_MAINLINE_NETWORK_STACK);
Erik Klinef52d4522018-03-14 15:01:46 +0900[diff] [blame]251 int err = gCtls->firewallCtrl.replaceUidChain(chainName, isWhitelist, uids);
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]252 *ret = (err == 0);
253 return binder::Status::ok();
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]254}
Lorenzo Colittidedd2712016-03-22 12:36:29 +0900[diff] [blame]255
256binder::Status NetdNativeService::bandwidthEnableDataSaver(bool enable, bool *ret) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]257 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_CONNECTIVITY_INTERNAL,
258 PERM_MAINLINE_NETWORK_STACK);
Lorenzo Colittidedd2712016-03-22 12:36:29 +0900[diff] [blame]259 int err = gCtls->bandwidthCtrl.enableDataSaver(enable);
260 *ret = (err == 0);
261 return binder::Status::ok();
262}
263
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]264binder::Status NetdNativeService::bandwidthSetInterfaceQuota(const std::string& ifName,
265 int64_t bytes) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]266 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]267 int res = gCtls->bandwidthCtrl.setInterfaceQuota(ifName, bytes);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]268 return statusFromErrcode(res);
269}
270
271binder::Status NetdNativeService::bandwidthRemoveInterfaceQuota(const std::string& ifName) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]272 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]273 int res = gCtls->bandwidthCtrl.removeInterfaceQuota(ifName);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]274 return statusFromErrcode(res);
275}
276
277binder::Status NetdNativeService::bandwidthSetInterfaceAlert(const std::string& ifName,
278 int64_t bytes) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]279 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]280 int res = gCtls->bandwidthCtrl.setInterfaceAlert(ifName, bytes);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]281 return statusFromErrcode(res);
282}
283
284binder::Status NetdNativeService::bandwidthRemoveInterfaceAlert(const std::string& ifName) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]285 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]286 int res = gCtls->bandwidthCtrl.removeInterfaceAlert(ifName);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]287 return statusFromErrcode(res);
288}
289
290binder::Status NetdNativeService::bandwidthSetGlobalAlert(int64_t bytes) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]291 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]292 int res = gCtls->bandwidthCtrl.setGlobalAlert(bytes);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]293 return statusFromErrcode(res);
294}
295
296binder::Status NetdNativeService::bandwidthAddNaughtyApp(int32_t uid) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]297 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]298 std::vector<std::string> appStrUids = {std::to_string(abs(uid))};
299 int res = gCtls->bandwidthCtrl.addNaughtyApps(appStrUids);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]300 return statusFromErrcode(res);
301}
302
303binder::Status NetdNativeService::bandwidthRemoveNaughtyApp(int32_t uid) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]304 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]305 std::vector<std::string> appStrUids = {std::to_string(abs(uid))};
306 int res = gCtls->bandwidthCtrl.removeNaughtyApps(appStrUids);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]307 return statusFromErrcode(res);
308}
309
310binder::Status NetdNativeService::bandwidthAddNiceApp(int32_t uid) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]311 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]312 std::vector<std::string> appStrUids = {std::to_string(abs(uid))};
313 int res = gCtls->bandwidthCtrl.addNiceApps(appStrUids);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]314 return statusFromErrcode(res);
315}
316
317binder::Status NetdNativeService::bandwidthRemoveNiceApp(int32_t uid) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]318 NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]319 std::vector<std::string> appStrUids = {std::to_string(abs(uid))};
320 int res = gCtls->bandwidthCtrl.removeNiceApps(appStrUids);
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]321 return statusFromErrcode(res);
322}
323
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]324binder::Status NetdNativeService::networkCreatePhysical(int32_t netId, int32_t permission) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]325 ENFORCE_INTERNAL_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]326 int ret = gCtls->netCtrl.createPhysicalNetwork(netId, convertPermission(permission));
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]327 return statusFromErrcode(ret);
328}
329
cken67cd14c2018-12-05 17:26:59 +0900[diff] [blame]330binder::Status NetdNativeService::networkCreateVpn(int32_t netId, bool secure) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]331 ENFORCE_NETWORK_STACK_PERMISSIONS();
cken67cd14c2018-12-05 17:26:59 +0900[diff] [blame]332 int ret = gCtls->netCtrl.createVirtualNetwork(netId, secure);
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]333 return statusFromErrcode(ret);
334}
335
336binder::Status NetdNativeService::networkDestroy(int32_t netId) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]337 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangd33a8f42019-03-14 16:10:04 +0800[diff] [blame]338 // NetworkController::destroyNetwork is thread-safe.
Mike Yu4fe1b9c2019-01-29 17:50:19 +0800[diff] [blame]339 const int ret = gCtls->netCtrl.destroyNetwork(netId);
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]340 return statusFromErrcode(ret);
341}
342
343binder::Status NetdNativeService::networkAddInterface(int32_t netId, const std::string& iface) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]344 ENFORCE_INTERNAL_PERMISSIONS();
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]345 int ret = gCtls->netCtrl.addInterfaceToNetwork(netId, iface.c_str());
346 return statusFromErrcode(ret);
347}
348
349binder::Status NetdNativeService::networkRemoveInterface(int32_t netId, const std::string& iface) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]350 ENFORCE_INTERNAL_PERMISSIONS();
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]351 int ret = gCtls->netCtrl.removeInterfaceFromNetwork(netId, iface.c_str());
352 return statusFromErrcode(ret);
353}
354
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]355binder::Status NetdNativeService::networkAddUidRanges(
356 int32_t netId, const std::vector<UidRangeParcel>& uidRangeArray) {
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]357 // NetworkController::addUsersToNetwork is thread-safe.
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]358 ENFORCE_INTERNAL_PERMISSIONS();
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]359 int ret = gCtls->netCtrl.addUsersToNetwork(netId, UidRanges(uidRangeArray));
360 return statusFromErrcode(ret);
361}
362
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]363binder::Status NetdNativeService::networkRemoveUidRanges(
364 int32_t netId, const std::vector<UidRangeParcel>& uidRangeArray) {
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]365 // NetworkController::removeUsersFromNetwork is thread-safe.
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]366 ENFORCE_INTERNAL_PERMISSIONS();
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]367 int ret = gCtls->netCtrl.removeUsersFromNetwork(netId, UidRanges(uidRangeArray));
368 return statusFromErrcode(ret);
369}
370
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]371binder::Status NetdNativeService::networkRejectNonSecureVpn(
372 bool add, const std::vector<UidRangeParcel>& uidRangeArray) {
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]373 // TODO: elsewhere RouteController is only used from the tethering and network controllers, so
374 // it should be possible to use the same lock as NetworkController. However, every call through
375 // the CommandListener "network" command will need to hold this lock too, not just the ones that
376 // read/modify network internal state (that is sufficient for ::dump() because it doesn't
377 // look at routes, but it's not enough here).
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]378 NETD_BIG_LOCK_RPC(PERM_CONNECTIVITY_INTERNAL, PERM_MAINLINE_NETWORK_STACK);
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]379 UidRanges uidRanges(uidRangeArray);
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]380
381 int err;
382 if (add) {
383 err = RouteController::addUsersToRejectNonSecureNetworkRule(uidRanges);
384 } else {
385 err = RouteController::removeUsersFromRejectNonSecureNetworkRule(uidRanges);
386 }
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]387 return statusFromErrcode(err);
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]388}
389
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]390binder::Status NetdNativeService::socketDestroy(const std::vector<UidRangeParcel>& uids,
391 const std::vector<int32_t>& skipUids) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]392 ENFORCE_INTERNAL_PERMISSIONS();
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]393
394 SockDiag sd;
395 if (!sd.open()) {
396 return binder::Status::fromServiceSpecificError(EIO,
397 String8("Could not open SOCK_DIAG socket"));
398 }
399
400 UidRanges uidRanges(uids);
Lorenzo Colittie5c3c992016-07-26 17:53:50 +0900[diff] [blame]401 int err = sd.destroySockets(uidRanges, std::set<uid_t>(skipUids.begin(), skipUids.end()),
402 true /* excludeLoopback */);
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]403 if (err) {
404 return binder::Status::fromServiceSpecificError(-err,
405 String8::format("destroySockets: %s", strerror(-err)));
406 }
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]407 return binder::Status::ok();
408}
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]409
Erik Klinef48e4dd2016-07-18 04:02:07 +0900[diff] [blame]410binder::Status NetdNativeService::tetherApplyDnsInterfaces(bool *ret) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]411 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Erik Klinef48e4dd2016-07-18 04:02:07 +0900[diff] [blame]412 *ret = gCtls->tetherCtrl.applyDnsInterfaces();
413 return binder::Status::ok();
414}
415
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]416namespace {
417
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]418void tetherAddStatsByInterface(TetherController::TetherStats* tetherStatsParcel,
419 const TetherController::TetherStats& tetherStats) {
420 if (tetherStatsParcel->extIface == tetherStats.extIface) {
421 tetherStatsParcel->rxBytes += tetherStats.rxBytes;
422 tetherStatsParcel->rxPackets += tetherStats.rxPackets;
423 tetherStatsParcel->txBytes += tetherStats.txBytes;
424 tetherStatsParcel->txPackets += tetherStats.txPackets;
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]425 }
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]426}
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]427
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]428TetherStatsParcel toTetherStatsParcel(const TetherController::TetherStats& stats) {
429 TetherStatsParcel result;
430 result.iface = stats.extIface;
431 result.rxBytes = stats.rxBytes;
432 result.rxPackets = stats.rxPackets;
433 result.txBytes = stats.txBytes;
434 result.txPackets = stats.txPackets;
435 return result;
436}
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]437
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]438void setTetherStatsParcelVecByInterface(std::vector<TetherStatsParcel>* tetherStatsVec,
439 const TetherController::TetherStatsList& statsList) {
440 std::map<std::string, TetherController::TetherStats> statsMap;
441 for (const auto& stats : statsList) {
442 auto iter = statsMap.find(stats.extIface);
443 if (iter != statsMap.end()) {
444 tetherAddStatsByInterface(&(iter->second), stats);
445 } else {
446 statsMap.insert(
447 std::pair<std::string, TetherController::TetherStats>(stats.extIface, stats));
448 }
449 }
450 for (auto iter = statsMap.begin(); iter != statsMap.end(); iter++) {
451 tetherStatsVec->push_back(toTetherStatsParcel(iter->second));
452 }
453}
454
455std::vector<std::string> tetherStatsParcelVecToStringVec(std::vector<TetherStatsParcel>* tVec) {
456 std::vector<std::string> result;
457 for (const auto& t : *tVec) {
458 result.push_back(StringPrintf("%s:%" PRId64 ",%" PRId64 ",%" PRId64 ",%" PRId64,
459 t.iface.c_str(), t.rxBytes, t.rxPackets, t.txBytes,
460 t.txPackets));
461 }
462 return result;
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]463}
464
465} // namespace
466
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]467binder::Status NetdNativeService::tetherGetStats(
468 std::vector<TetherStatsParcel>* tetherStatsParcelVec) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]469 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Lorenzo Colitti5192bf72017-09-04 13:30:59 +0900[diff] [blame]470 const auto& statsList = gCtls->tetherCtrl.getTetherStats();
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]471 if (!isOk(statsList)) {
Nathan Harold28ccfef2018-03-16 19:02:47 -0700[diff] [blame]472 return asBinderStatus(statsList);
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]473 }
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]474 setTetherStatsParcelVecByInterface(tetherStatsParcelVec, statsList.value());
475 auto statsResults = tetherStatsParcelVecToStringVec(tetherStatsParcelVec);
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]476 return binder::Status::ok();
477}
478
Erik Kline53c20882016-08-02 15:22:53 +0900[diff] [blame]479binder::Status NetdNativeService::interfaceAddAddress(const std::string &ifName,
480 const std::string &addrString, int prefixLength) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]481 ENFORCE_INTERNAL_PERMISSIONS();
Erik Kline53c20882016-08-02 15:22:53 +0900[diff] [blame]482 const int err = InterfaceController::addAddress(
483 ifName.c_str(), addrString.c_str(), prefixLength);
484 if (err != 0) {
485 return binder::Status::fromServiceSpecificError(-err,
486 String8::format("InterfaceController error: %s", strerror(-err)));
487 }
488 return binder::Status::ok();
489}
490
491binder::Status NetdNativeService::interfaceDelAddress(const std::string &ifName,
492 const std::string &addrString, int prefixLength) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]493 ENFORCE_INTERNAL_PERMISSIONS();
Erik Kline53c20882016-08-02 15:22:53 +0900[diff] [blame]494 const int err = InterfaceController::delAddress(
495 ifName.c_str(), addrString.c_str(), prefixLength);
496 if (err != 0) {
497 return binder::Status::fromServiceSpecificError(-err,
498 String8::format("InterfaceController error: %s", strerror(-err)));
499 }
500 return binder::Status::ok();
501}
502
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]503namespace {
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]504
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]505std::tuple<binder::Status, const char*, const char*> getPathComponents(int32_t ipversion,
506 int32_t category) {
507 const char* ipversionStr = nullptr;
508 switch (ipversion) {
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]509 case INetd::IPV4:
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]510 ipversionStr = "ipv4";
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]511 break;
512 case INetd::IPV6:
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]513 ipversionStr = "ipv6";
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]514 break;
515 default:
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]516 return {binder::Status::fromServiceSpecificError(EAFNOSUPPORT, "Bad IP version"),
517 nullptr, nullptr};
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]518 }
519
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]520 const char* whichStr = nullptr;
521 switch (category) {
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]522 case INetd::CONF:
523 whichStr = "conf";
524 break;
525 case INetd::NEIGH:
526 whichStr = "neigh";
527 break;
528 default:
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]529 return {binder::Status::fromServiceSpecificError(EINVAL, "Bad category"), nullptr,
530 nullptr};
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]531 }
532
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]533 return {binder::Status::ok(), ipversionStr, whichStr};
534}
535
536} // namespace
537
538binder::Status NetdNativeService::getProcSysNet(int32_t ipversion, int32_t which,
539 const std::string& ifname,
540 const std::string& parameter, std::string* value) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]541 ENFORCE_NETWORK_STACK_PERMISSIONS();
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]542 const auto pathParts = getPathComponents(ipversion, which);
543 const auto& pathStatus = std::get<0>(pathParts);
544 if (!pathStatus.isOk()) {
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]545 return pathStatus;
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]546 }
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]547
548 const int err = InterfaceController::getParameter(std::get<1>(pathParts),
549 std::get<2>(pathParts), ifname.c_str(),
550 parameter.c_str(), value);
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]551 return statusFromErrcode(err);
552}
553
554binder::Status NetdNativeService::setProcSysNet(int32_t ipversion, int32_t which,
555 const std::string& ifname,
556 const std::string& parameter,
557 const std::string& value) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]558 ENFORCE_NETWORK_STACK_PERMISSIONS();
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]559 const auto pathParts = getPathComponents(ipversion, which);
560 const auto& pathStatus = std::get<0>(pathParts);
561 if (!pathStatus.isOk()) {
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]562 return pathStatus;
563 }
564
565 const int err = InterfaceController::setParameter(std::get<1>(pathParts),
566 std::get<2>(pathParts), ifname.c_str(),
567 parameter.c_str(), value.c_str());
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]568 return statusFromErrcode(err);
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]569}
570
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]571binder::Status NetdNativeService::ipSecSetEncapSocketOwner(const ParcelFileDescriptor& socket,
572 int newUid) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]573 ENFORCE_NETWORK_STACK_PERMISSIONS();
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]574 gLog.log("ipSecSetEncapSocketOwner()");
Benedict Wongb2daefb2017-12-06 22:05:46 -0800[diff] [blame]575
576 uid_t callerUid = IPCThreadState::self()->getCallingUid();
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]577 return asBinderStatus(
578 gCtls->xfrmCtrl.ipSecSetEncapSocketOwner(socket.get(), newUid, callerUid));
Benedict Wongb2daefb2017-12-06 22:05:46 -0800[diff] [blame]579}
580
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]581binder::Status NetdNativeService::ipSecAllocateSpi(
582 int32_t transformId,
Nathan Haroldda54f122018-01-09 16:42:57 -0800[diff] [blame]583 const std::string& sourceAddress,
584 const std::string& destinationAddress,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]585 int32_t inSpi,
586 int32_t* outSpi) {
587 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]588 ENFORCE_INTERNAL_PERMISSIONS();
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]589 gLog.log("ipSecAllocateSpi()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame]590 return asBinderStatus(gCtls->xfrmCtrl.ipSecAllocateSpi(
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]591 transformId,
Nathan Haroldda54f122018-01-09 16:42:57 -0800[diff] [blame]592 sourceAddress,
593 destinationAddress,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]594 inSpi,
595 outSpi));
596}
597
598binder::Status NetdNativeService::ipSecAddSecurityAssociation(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]599 int32_t transformId, int32_t mode, const std::string& sourceAddress,
600 const std::string& destinationAddress, int32_t underlyingNetId, int32_t spi,
601 int32_t markValue, int32_t markMask, const std::string& authAlgo,
602 const std::vector<uint8_t>& authKey, int32_t authTruncBits, const std::string& cryptAlgo,
603 const std::vector<uint8_t>& cryptKey, int32_t cryptTruncBits, const std::string& aeadAlgo,
604 const std::vector<uint8_t>& aeadKey, int32_t aeadIcvBits, int32_t encapType,
605 int32_t encapLocalPort, int32_t encapRemotePort, int32_t interfaceId) {
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]606 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]607 ENFORCE_INTERNAL_PERMISSIONS();
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]608 gLog.log("ipSecAddSecurityAssociation()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame]609 return asBinderStatus(gCtls->xfrmCtrl.ipSecAddSecurityAssociation(
Benedict Wongad600cb2018-05-14 17:22:35 -0700[diff] [blame]610 transformId, mode, sourceAddress, destinationAddress, underlyingNetId, spi, markValue,
611 markMask, authAlgo, authKey, authTruncBits, cryptAlgo, cryptKey, cryptTruncBits,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]612 aeadAlgo, aeadKey, aeadIcvBits, encapType, encapLocalPort, encapRemotePort,
613 interfaceId));
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]614}
615
616binder::Status NetdNativeService::ipSecDeleteSecurityAssociation(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]617 int32_t transformId, const std::string& sourceAddress,
618 const std::string& destinationAddress, int32_t spi, int32_t markValue, int32_t markMask,
619 int32_t interfaceId) {
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]620 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]621 ENFORCE_INTERNAL_PERMISSIONS();
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]622 gLog.log("ipSecDeleteSecurityAssociation()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame]623 return asBinderStatus(gCtls->xfrmCtrl.ipSecDeleteSecurityAssociation(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]624 transformId, sourceAddress, destinationAddress, spi, markValue, markMask, interfaceId));
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]625}
626
627binder::Status NetdNativeService::ipSecApplyTransportModeTransform(
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]628 const ParcelFileDescriptor& socket, int32_t transformId, int32_t direction,
629 const std::string& sourceAddress, const std::string& destinationAddress, int32_t spi) {
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]630 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]631 ENFORCE_INTERNAL_PERMISSIONS();
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]632 gLog.log("ipSecApplyTransportModeTransform()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame]633 return asBinderStatus(gCtls->xfrmCtrl.ipSecApplyTransportModeTransform(
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]634 socket.get(), transformId, direction, sourceAddress, destinationAddress, spi));
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]635}
636
637binder::Status NetdNativeService::ipSecRemoveTransportModeTransform(
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]638 const ParcelFileDescriptor& socket) {
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]639 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]640 ENFORCE_INTERNAL_PERMISSIONS();
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]641 gLog.log("ipSecRemoveTransportModeTransform()");
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]642 return asBinderStatus(gCtls->xfrmCtrl.ipSecRemoveTransportModeTransform(socket.get()));
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]643}
644
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]645binder::Status NetdNativeService::ipSecAddSecurityPolicy(int32_t transformId, int32_t selAddrFamily,
646 int32_t direction,
Benedict Wongad600cb2018-05-14 17:22:35 -0700[diff] [blame]647 const std::string& tmplSrcAddress,
648 const std::string& tmplDstAddress,
649 int32_t spi, int32_t markValue,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]650 int32_t markMask, int32_t interfaceId) {
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]651 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]652 ENFORCE_NETWORK_STACK_PERMISSIONS();
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]653 gLog.log("ipSecAddSecurityPolicy()");
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]654 return asBinderStatus(gCtls->xfrmCtrl.ipSecAddSecurityPolicy(
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]655 transformId, selAddrFamily, direction, tmplSrcAddress, tmplDstAddress, spi, markValue,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]656 markMask, interfaceId));
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]657}
658
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]659binder::Status NetdNativeService::ipSecUpdateSecurityPolicy(
660 int32_t transformId, int32_t selAddrFamily, int32_t direction,
661 const std::string& tmplSrcAddress, const std::string& tmplDstAddress, int32_t spi,
662 int32_t markValue, int32_t markMask, int32_t interfaceId) {
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]663 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]664 ENFORCE_NETWORK_STACK_PERMISSIONS();
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]665 gLog.log("ipSecAddSecurityPolicy()");
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]666 return asBinderStatus(gCtls->xfrmCtrl.ipSecUpdateSecurityPolicy(
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]667 transformId, selAddrFamily, direction, tmplSrcAddress, tmplDstAddress, spi, markValue,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]668 markMask, interfaceId));
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]669}
670
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]671binder::Status NetdNativeService::ipSecDeleteSecurityPolicy(int32_t transformId,
672 int32_t selAddrFamily,
673 int32_t direction, int32_t markValue,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]674 int32_t markMask, int32_t interfaceId) {
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]675 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]676 ENFORCE_NETWORK_STACK_PERMISSIONS();
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]677 gLog.log("ipSecAddSecurityPolicy()");
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]678 return asBinderStatus(gCtls->xfrmCtrl.ipSecDeleteSecurityPolicy(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]679 transformId, selAddrFamily, direction, markValue, markMask, interfaceId));
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]680}
681
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]682binder::Status NetdNativeService::ipSecAddTunnelInterface(const std::string& deviceName,
683 const std::string& localAddress,
684 const std::string& remoteAddress,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]685 int32_t iKey, int32_t oKey,
686 int32_t interfaceId) {
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]687 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]688 ENFORCE_NETWORK_STACK_PERMISSIONS();
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]689 netdutils::Status result = gCtls->xfrmCtrl.ipSecAddTunnelInterface(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]690 deviceName, localAddress, remoteAddress, iKey, oKey, interfaceId, false);
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]691 return binder::Status::ok();
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]692}
693
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]694binder::Status NetdNativeService::ipSecUpdateTunnelInterface(const std::string& deviceName,
695 const std::string& localAddress,
696 const std::string& remoteAddress,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]697 int32_t iKey, int32_t oKey,
698 int32_t interfaceId) {
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]699 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]700 ENFORCE_NETWORK_STACK_PERMISSIONS();
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]701 netdutils::Status result = gCtls->xfrmCtrl.ipSecAddTunnelInterface(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]702 deviceName, localAddress, remoteAddress, iKey, oKey, interfaceId, true);
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]703 return binder::Status::ok();
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]704}
705
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]706binder::Status NetdNativeService::ipSecRemoveTunnelInterface(const std::string& deviceName) {
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]707 // Necessary locking done in IpSecService and kernel
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]708 ENFORCE_NETWORK_STACK_PERMISSIONS();
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]709 netdutils::Status result = gCtls->xfrmCtrl.ipSecRemoveTunnelInterface(deviceName);
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]710 return binder::Status::ok();
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]711}
712
Joel Scherpelzde937962017-06-01 13:20:21 +0900[diff] [blame]713binder::Status NetdNativeService::setIPv6AddrGenMode(const std::string& ifName,
714 int32_t mode) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]715 ENFORCE_NETWORK_STACK_PERMISSIONS();
Nathan Harold28ccfef2018-03-16 19:02:47 -0700[diff] [blame]716 return asBinderStatus(InterfaceController::setIPv6AddrGenMode(ifName, mode));
Joel Scherpelzde937962017-06-01 13:20:21 +0900[diff] [blame]717}
718
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]719binder::Status NetdNativeService::wakeupAddInterface(const std::string& ifName,
720 const std::string& prefix, int32_t mark,
721 int32_t mask) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]722 ENFORCE_NETWORK_STACK_PERMISSIONS();
Nathan Harold28ccfef2018-03-16 19:02:47 -0700[diff] [blame]723 return asBinderStatus(gCtls->wakeupCtrl.addInterface(ifName, prefix, mark, mask));
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]724}
725
726binder::Status NetdNativeService::wakeupDelInterface(const std::string& ifName,
727 const std::string& prefix, int32_t mark,
728 int32_t mask) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]729 ENFORCE_NETWORK_STACK_PERMISSIONS();
Nathan Harold28ccfef2018-03-16 19:02:47 -0700[diff] [blame]730 return asBinderStatus(gCtls->wakeupCtrl.delInterface(ifName, prefix, mark, mask));
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]731}
732
Chenbo Feng873ae142019-04-10 12:26:06 -0700[diff] [blame]733binder::Status NetdNativeService::trafficSwapActiveStatsMap() {
734 ENFORCE_NETWORK_STACK_PERMISSIONS();
735 return asBinderStatus(gCtls->trafficCtrl.swapActiveStatsMap());
736}
737
Luke Huang0051a622018-07-23 20:30:16 +0800[diff] [blame]738binder::Status NetdNativeService::idletimerAddInterface(const std::string& ifName, int32_t timeout,
739 const std::string& classLabel) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]740 NETD_LOCKING_RPC(gCtls->idletimerCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang0051a622018-07-23 20:30:16 +0800[diff] [blame]741 int res =
742 gCtls->idletimerCtrl.addInterfaceIdletimer(ifName.c_str(), timeout, classLabel.c_str());
Luke Huang0051a622018-07-23 20:30:16 +0800[diff] [blame]743 return statusFromErrcode(res);
744}
745
746binder::Status NetdNativeService::idletimerRemoveInterface(const std::string& ifName,
747 int32_t timeout,
748 const std::string& classLabel) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]749 NETD_LOCKING_RPC(gCtls->idletimerCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang0051a622018-07-23 20:30:16 +0800[diff] [blame]750 int res = gCtls->idletimerCtrl.removeInterfaceIdletimer(ifName.c_str(), timeout,
751 classLabel.c_str());
Luke Huang0051a622018-07-23 20:30:16 +0800[diff] [blame]752 return statusFromErrcode(res);
753}
Luke Huanga67dd562018-07-17 19:58:25 +0800[diff] [blame]754
755binder::Status NetdNativeService::strictUidCleartextPenalty(int32_t uid, int32_t policyPenalty) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]756 NETD_LOCKING_RPC(gCtls->strictCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huanga67dd562018-07-17 19:58:25 +0800[diff] [blame]757 StrictPenalty penalty;
758 switch (policyPenalty) {
759 case INetd::PENALTY_POLICY_REJECT:
760 penalty = REJECT;
761 break;
762 case INetd::PENALTY_POLICY_LOG:
763 penalty = LOG;
764 break;
765 case INetd::PENALTY_POLICY_ACCEPT:
766 penalty = ACCEPT;
767 break;
768 default:
769 return statusFromErrcode(-EINVAL);
770 break;
771 }
772 int res = gCtls->strictCtrl.setUidCleartextPenalty((uid_t) uid, penalty);
Luke Huanga67dd562018-07-17 19:58:25 +0800[diff] [blame]773 return statusFromErrcode(res);
774}
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]775
Lorenzo Colitti7ef8c0f2019-01-11 22:34:58 +0900[diff] [blame]776binder::Status NetdNativeService::clatdStart(const std::string& ifName,
777 const std::string& nat64Prefix, std::string* v6Addr) {
Maciej Żenczykowski56280272019-03-30 03:32:51 -0700[diff] [blame]778 ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Lorenzo Colitti7ef8c0f2019-01-11 22:34:58 +0900[diff] [blame]779 int res = gCtls->clatdCtrl.startClatd(ifName.c_str(), nat64Prefix, v6Addr);
Luke Huang6d301232018-08-01 14:05:18 +0800[diff] [blame]780 return statusFromErrcode(res);
781}
782
783binder::Status NetdNativeService::clatdStop(const std::string& ifName) {
Maciej Żenczykowski56280272019-03-30 03:32:51 -0700[diff] [blame]784 ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang6d301232018-08-01 14:05:18 +0800[diff] [blame]785 int res = gCtls->clatdCtrl.stopClatd(ifName.c_str());
Luke Huang6d301232018-08-01 14:05:18 +0800[diff] [blame]786 return statusFromErrcode(res);
787}
Luke Huanga67dd562018-07-17 19:58:25 +0800[diff] [blame]788
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]789binder::Status NetdNativeService::ipfwdEnabled(bool* status) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]790 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang728cf4c2019-03-14 19:43:02 +0800[diff] [blame]791 *status = (gCtls->tetherCtrl.getIpfwdRequesterList().size() > 0) ? true : false;
792 return binder::Status::ok();
793}
794
795binder::Status NetdNativeService::ipfwdGetRequesterList(std::vector<std::string>* requesterList) {
796 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
797 for (const auto& requester : gCtls->tetherCtrl.getIpfwdRequesterList()) {
798 requesterList->push_back(requester);
799 }
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]800 return binder::Status::ok();
801}
802
803binder::Status NetdNativeService::ipfwdEnableForwarding(const std::string& requester) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]804 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]805 int res = (gCtls->tetherCtrl.enableForwarding(requester.c_str())) ? 0 : -EREMOTEIO;
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]806 return statusFromErrcode(res);
807}
808
809binder::Status NetdNativeService::ipfwdDisableForwarding(const std::string& requester) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]810 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]811 int res = (gCtls->tetherCtrl.disableForwarding(requester.c_str())) ? 0 : -EREMOTEIO;
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]812 return statusFromErrcode(res);
813}
814
815binder::Status NetdNativeService::ipfwdAddInterfaceForward(const std::string& fromIface,
816 const std::string& toIface) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]817 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]818 int res = RouteController::enableTethering(fromIface.c_str(), toIface.c_str());
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]819 return statusFromErrcode(res);
820}
821
822binder::Status NetdNativeService::ipfwdRemoveInterfaceForward(const std::string& fromIface,
823 const std::string& toIface) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]824 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]825 int res = RouteController::disableTethering(fromIface.c_str(), toIface.c_str());
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]826 return statusFromErrcode(res);
827}
828
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]829namespace {
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]830std::string addCurlyBrackets(const std::string& s) {
831 return "{" + s + "}";
832}
833
834} // namespace
Xiao Ma33d562a2018-12-16 16:27:38 +0900[diff] [blame]835
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]836binder::Status NetdNativeService::interfaceGetList(std::vector<std::string>* interfaceListResult) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]837 NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]838 const auto& ifaceList = InterfaceController::getIfaceNames();
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]839
840 interfaceListResult->clear();
841 interfaceListResult->reserve(ifaceList.value().size());
842 interfaceListResult->insert(end(*interfaceListResult), begin(ifaceList.value()),
843 end(ifaceList.value()));
844
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]845 return binder::Status::ok();
846}
847
848std::string interfaceConfigurationParcelToString(const InterfaceConfigurationParcel& cfg) {
849 std::vector<std::string> result{cfg.ifName, cfg.hwAddr, cfg.ipv4Addr,
850 std::to_string(cfg.prefixLength)};
851 result.insert(end(result), begin(cfg.flags), end(cfg.flags));
852 return addCurlyBrackets(base::Join(result, ", "));
853}
854
855binder::Status NetdNativeService::interfaceGetCfg(
856 const std::string& ifName, InterfaceConfigurationParcel* interfaceGetCfgResult) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]857 NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]858 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);
859
860 const auto& cfgRes = InterfaceController::getCfg(ifName);
861 RETURN_BINDER_STATUS_IF_NOT_OK(entry, cfgRes);
862
863 *interfaceGetCfgResult = cfgRes.value();
864 gLog.log(entry.returns(interfaceConfigurationParcelToString(*interfaceGetCfgResult))
865 .withAutomaticDuration());
866 return binder::Status::ok();
867}
868
869binder::Status NetdNativeService::interfaceSetCfg(const InterfaceConfigurationParcel& cfg) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]870 NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]871 auto entry = gLog.newEntry()
872 .prettyFunction(__PRETTY_FUNCTION__)
873 .arg(interfaceConfigurationParcelToString(cfg));
874
875 const auto& res = InterfaceController::setCfg(cfg);
876 RETURN_BINDER_STATUS_IF_NOT_OK(entry, res);
877
878 gLog.log(entry.withAutomaticDuration());
879 return binder::Status::ok();
880}
881
882binder::Status NetdNativeService::interfaceSetIPv6PrivacyExtensions(const std::string& ifName,
883 bool enable) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]884 NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]885 int res = InterfaceController::setIPv6PrivacyExtensions(ifName.c_str(), enable);
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]886 return statusFromErrcode(res);
887}
888
889binder::Status NetdNativeService::interfaceClearAddrs(const std::string& ifName) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]890 NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]891 int res = InterfaceController::clearAddrs(ifName.c_str());
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]892 return statusFromErrcode(res);
893}
894
895binder::Status NetdNativeService::interfaceSetEnableIPv6(const std::string& ifName, bool enable) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]896 NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]897 int res = InterfaceController::setEnableIPv6(ifName.c_str(), enable);
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]898 return statusFromErrcode(res);
899}
900
901binder::Status NetdNativeService::interfaceSetMtu(const std::string& ifName, int32_t mtuValue) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]902 NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]903 std::string mtu = std::to_string(mtuValue);
904 int res = InterfaceController::setMtu(ifName.c_str(), mtu.c_str());
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]905 return statusFromErrcode(res);
906}
907
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]908binder::Status NetdNativeService::tetherStart(const std::vector<std::string>& dhcpRanges) {
Chiachang Wang08cb2112019-12-10 09:53:24 +0800[diff] [blame^]909 TetherConfigParcel config;
910 config.usingLegacyDnsProxy = true;
911 config.dhcpRanges = dhcpRanges;
912 return tetherStartWithConfiguration(config);
Luke Huang91bd3e12019-08-20 11:33:52 +0800[diff] [blame]913}
914
Chiachang Wang08cb2112019-12-10 09:53:24 +0800[diff] [blame^]915binder::Status NetdNativeService::tetherStartWithConfiguration(const TetherConfigParcel& config) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]916 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Chiachang Wang08cb2112019-12-10 09:53:24 +0800[diff] [blame^]917 if (config.dhcpRanges.size() % 2 == 1) {
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]918 return statusFromErrcode(-EINVAL);
919 }
Chiachang Wang08cb2112019-12-10 09:53:24 +0800[diff] [blame^]920 // TODO: Pass TetherConfigParcel directly.
921 int res = gCtls->tetherCtrl.startTethering(config.usingLegacyDnsProxy, config.dhcpRanges);
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]922 return statusFromErrcode(res);
923}
924
925binder::Status NetdNativeService::tetherStop() {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]926 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]927 int res = gCtls->tetherCtrl.stopTethering();
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]928 return statusFromErrcode(res);
929}
930
931binder::Status NetdNativeService::tetherIsEnabled(bool* enabled) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]932 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]933 *enabled = gCtls->tetherCtrl.isTetheringStarted();
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]934 return binder::Status::ok();
935}
936
937binder::Status NetdNativeService::tetherInterfaceAdd(const std::string& ifName) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]938 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]939 int res = gCtls->tetherCtrl.tetherInterface(ifName.c_str());
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]940 return statusFromErrcode(res);
941}
942
943binder::Status NetdNativeService::tetherInterfaceRemove(const std::string& ifName) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]944 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]945 int res = gCtls->tetherCtrl.untetherInterface(ifName.c_str());
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]946 return statusFromErrcode(res);
947}
948
949binder::Status NetdNativeService::tetherInterfaceList(std::vector<std::string>* ifList) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]950 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]951 for (const auto& ifname : gCtls->tetherCtrl.getTetheredInterfaceList()) {
952 ifList->push_back(ifname);
953 }
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]954 return binder::Status::ok();
955}
956
957binder::Status NetdNativeService::tetherDnsSet(int32_t netId,
958 const std::vector<std::string>& dnsAddrs) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]959 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]960 int res = gCtls->tetherCtrl.setDnsForwarders(netId, dnsAddrs);
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]961 return statusFromErrcode(res);
962}
963
964binder::Status NetdNativeService::tetherDnsList(std::vector<std::string>* dnsList) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]965 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]966 for (const auto& fwdr : gCtls->tetherCtrl.getDnsForwarders()) {
967 dnsList->push_back(fwdr);
968 }
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]969 return binder::Status::ok();
970}
971
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]972binder::Status NetdNativeService::networkAddRoute(int32_t netId, const std::string& ifName,
973 const std::string& destination,
974 const std::string& nextHop) {
975 // Public methods of NetworkController are thread-safe.
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]976 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]977 bool legacy = false;
978 uid_t uid = 0; // UID is only meaningful for legacy routes.
979 int res = gCtls->netCtrl.addRoute(netId, ifName.c_str(), destination.c_str(),
980 nextHop.empty() ? nullptr : nextHop.c_str(), legacy, uid);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]981 return statusFromErrcode(res);
982}
983
984binder::Status NetdNativeService::networkRemoveRoute(int32_t netId, const std::string& ifName,
985 const std::string& destination,
986 const std::string& nextHop) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]987 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]988 bool legacy = false;
989 uid_t uid = 0; // UID is only meaningful for legacy routes.
990 int res = gCtls->netCtrl.removeRoute(netId, ifName.c_str(), destination.c_str(),
991 nextHop.empty() ? nullptr : nextHop.c_str(), legacy, uid);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]992 return statusFromErrcode(res);
993}
994
995binder::Status NetdNativeService::networkAddLegacyRoute(int32_t netId, const std::string& ifName,
996 const std::string& destination,
997 const std::string& nextHop, int32_t uid) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]998 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]999 bool legacy = true;
1000 int res = gCtls->netCtrl.addRoute(netId, ifName.c_str(), destination.c_str(),
1001 nextHop.empty() ? nullptr : nextHop.c_str(), legacy,
1002 (uid_t) uid);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1003 return statusFromErrcode(res);
1004}
1005
1006binder::Status NetdNativeService::networkRemoveLegacyRoute(int32_t netId, const std::string& ifName,
1007 const std::string& destination,
1008 const std::string& nextHop,
1009 int32_t uid) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1010 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1011 bool legacy = true;
1012 int res = gCtls->netCtrl.removeRoute(netId, ifName.c_str(), destination.c_str(),
1013 nextHop.empty() ? nullptr : nextHop.c_str(), legacy,
1014 (uid_t) uid);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1015 return statusFromErrcode(res);
1016}
1017
1018binder::Status NetdNativeService::networkGetDefault(int32_t* netId) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1019 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1020 *netId = gCtls->netCtrl.getDefaultNetwork();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1021 return binder::Status::ok();
1022}
1023
1024binder::Status NetdNativeService::networkSetDefault(int32_t netId) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1025 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1026 int res = gCtls->netCtrl.setDefaultNetwork(netId);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1027 return statusFromErrcode(res);
1028}
1029
1030binder::Status NetdNativeService::networkClearDefault() {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1031 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1032 unsigned netId = NETID_UNSET;
1033 int res = gCtls->netCtrl.setDefaultNetwork(netId);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1034 return statusFromErrcode(res);
1035}
1036
1037std::vector<uid_t> NetdNativeService::intsToUids(const std::vector<int32_t>& intUids) {
1038 return {begin(intUids), end(intUids)};
1039}
1040
1041Permission NetdNativeService::convertPermission(int32_t permission) {
1042 switch (permission) {
1043 case INetd::PERMISSION_NETWORK:
1044 return Permission::PERMISSION_NETWORK;
1045 case INetd::PERMISSION_SYSTEM:
1046 return Permission::PERMISSION_SYSTEM;
1047 default:
1048 return Permission::PERMISSION_NONE;
1049 }
1050}
1051
1052binder::Status NetdNativeService::networkSetPermissionForNetwork(int32_t netId,
1053 int32_t permission) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1054 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1055 std::vector<unsigned> netIds = {(unsigned) netId};
1056 int res = gCtls->netCtrl.setPermissionForNetworks(convertPermission(permission), netIds);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1057 return statusFromErrcode(res);
1058}
1059
1060binder::Status NetdNativeService::networkSetPermissionForUser(int32_t permission,
1061 const std::vector<int32_t>& uids) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1062 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1063 gCtls->netCtrl.setPermissionForUsers(convertPermission(permission), intsToUids(uids));
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1064 return binder::Status::ok();
1065}
1066
1067binder::Status NetdNativeService::networkClearPermissionForUser(const std::vector<int32_t>& uids) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1068 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1069 Permission permission = Permission::PERMISSION_NONE;
1070 gCtls->netCtrl.setPermissionForUsers(permission, intsToUids(uids));
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1071 return binder::Status::ok();
1072}
1073
1074binder::Status NetdNativeService::NetdNativeService::networkSetProtectAllow(int32_t uid) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1075 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1076 std::vector<uid_t> uids = {(uid_t) uid};
1077 gCtls->netCtrl.allowProtect(uids);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1078 return binder::Status::ok();
1079}
1080
1081binder::Status NetdNativeService::networkSetProtectDeny(int32_t uid) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1082 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1083 std::vector<uid_t> uids = {(uid_t) uid};
1084 gCtls->netCtrl.denyProtect(uids);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1085 return binder::Status::ok();
1086}
1087
1088binder::Status NetdNativeService::networkCanProtect(int32_t uid, bool* ret) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1089 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1090 *ret = gCtls->netCtrl.canProtect((uid_t) uid);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1091 return binder::Status::ok();
1092}
1093
Chenbo Feng48eaed32018-12-26 17:40:21 -0800[diff] [blame]1094binder::Status NetdNativeService::trafficSetNetPermForUids(int32_t permission,
1095 const std::vector<int32_t>& uids) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1096 ENFORCE_NETWORK_STACK_PERMISSIONS();
Chenbo Feng48eaed32018-12-26 17:40:21 -0800[diff] [blame]1097 gCtls->trafficCtrl.setPermissionForUids(permission, intsToUids(uids));
Chenbo Feng48eaed32018-12-26 17:40:21 -0800[diff] [blame]1098 return binder::Status::ok();
1099}
1100
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1101binder::Status NetdNativeService::firewallSetFirewallType(int32_t firewallType) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1102 NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1103 auto type = static_cast<FirewallType>(firewallType);
1104
1105 int res = gCtls->firewallCtrl.setFirewallType(type);
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1106 return statusFromErrcode(res);
1107}
1108
1109binder::Status NetdNativeService::firewallSetInterfaceRule(const std::string& ifName,
1110 int32_t firewallRule) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1111 NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1112 auto rule = static_cast<FirewallRule>(firewallRule);
1113
1114 int res = gCtls->firewallCtrl.setInterfaceRule(ifName.c_str(), rule);
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1115 return statusFromErrcode(res);
1116}
1117
1118binder::Status NetdNativeService::firewallSetUidRule(int32_t childChain, int32_t uid,
1119 int32_t firewallRule) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1120 NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1121 auto chain = static_cast<ChildChain>(childChain);
1122 auto rule = static_cast<FirewallRule>(firewallRule);
1123
1124 int res = gCtls->firewallCtrl.setUidRule(chain, uid, rule);
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1125 return statusFromErrcode(res);
1126}
1127
1128binder::Status NetdNativeService::firewallEnableChildChain(int32_t childChain, bool enable) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1129 NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1130 auto chain = static_cast<ChildChain>(childChain);
1131
1132 int res = gCtls->firewallCtrl.enableChildChains(chain, enable);
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1133 return statusFromErrcode(res);
1134}
1135
Rubin Xuec27ff22019-01-08 21:33:03 +0000[diff] [blame]1136binder::Status NetdNativeService::firewallAddUidInterfaceRules(const std::string& ifName,
1137 const std::vector<int32_t>& uids) {
1138 ENFORCE_NETWORK_STACK_PERMISSIONS();
1139
1140 return asBinderStatus(gCtls->trafficCtrl.addUidInterfaceRules(
1141 RouteController::getIfIndex(ifName.c_str()), uids));
1142}
1143
1144binder::Status NetdNativeService::firewallRemoveUidInterfaceRules(
1145 const std::vector<int32_t>& uids) {
1146 ENFORCE_NETWORK_STACK_PERMISSIONS();
1147
1148 return asBinderStatus(gCtls->trafficCtrl.removeUidInterfaceRules(uids));
1149}
1150
Luke Huang19b49c52018-10-22 12:12:05 +0900[diff] [blame]1151binder::Status NetdNativeService::tetherAddForward(const std::string& intIface,
1152 const std::string& extIface) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1153 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huang19b49c52018-10-22 12:12:05 +0900[diff] [blame]1154
1155 int res = gCtls->tetherCtrl.enableNat(intIface.c_str(), extIface.c_str());
Luke Huang19b49c52018-10-22 12:12:05 +0900[diff] [blame]1156 return statusFromErrcode(res);
1157}
1158
1159binder::Status NetdNativeService::tetherRemoveForward(const std::string& intIface,
1160 const std::string& extIface) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1161 NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);
Luke Huangae038f82018-11-05 11:17:31 +0900[diff] [blame]1162 int res = gCtls->tetherCtrl.disableNat(intIface.c_str(), extIface.c_str());
Luke Huang19b49c52018-10-22 12:12:05 +0900[diff] [blame]1163 return statusFromErrcode(res);
1164}
1165
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]1166binder::Status NetdNativeService::setTcpRWmemorySize(const std::string& rmemValues,
1167 const std::string& wmemValues) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1168 ENFORCE_NETWORK_STACK_PERMISSIONS();
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]1169 if (!WriteStringToFile(rmemValues, TCP_RMEM_PROC_FILE)) {
1170 int ret = -errno;
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]1171 return statusFromErrcode(ret);
1172 }
1173
1174 if (!WriteStringToFile(wmemValues, TCP_WMEM_PROC_FILE)) {
1175 int ret = -errno;
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]1176 return statusFromErrcode(ret);
1177 }
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]1178 return binder::Status::ok();
1179}
1180
Luke Huang528af602018-08-29 19:06:05 +0800[diff] [blame]1181binder::Status NetdNativeService::registerUnsolicitedEventListener(
1182 const android::sp<android::net::INetdUnsolicitedEventListener>& listener) {
Remi NGUYEN VANa686ebc2019-02-07 12:25:23 +0900[diff] [blame]1183 ENFORCE_NETWORK_STACK_PERMISSIONS();
Bernie Innocenti9ee088d2019-02-01 17:14:32 +0900[diff] [blame]1184 gCtls->eventReporter.registerUnsolEventListener(listener);
Luke Huang528af602018-08-29 19:06:05 +0800[diff] [blame]1185 return binder::Status::ok();
1186}
1187
Luke Huange60bfd82019-04-26 11:39:31 +0800[diff] [blame]1188binder::Status NetdNativeService::getOemNetd(android::sp<android::IBinder>* listener) {
1189 ENFORCE_NETWORK_STACK_PERMISSIONS();
Luke Huang0e5e69d2019-03-06 15:42:38 +0800[diff] [blame]1190 *listener = com::android::internal::net::OemNetdListener::getListener();
1191
Luke Huange60bfd82019-04-26 11:39:31 +0800[diff] [blame]1192 return binder::Status::ok();
1193}
1194
Chiachang Wang00fc62f2019-12-04 20:38:26 +0800[diff] [blame]1195binder::Status NetdNativeService::getFwmarkForNetwork(int32_t netId, MarkMaskParcel* markMask) {
1196 ENFORCE_NETWORK_STACK_PERMISSIONS();
1197
1198 Fwmark fwmark;
1199 fwmark.netId = netId;
1200 markMask->mask = FWMARK_NET_ID_MASK;
1201 markMask->mark = fwmark.intValue;
1202 return binder::Status::ok();
1203}
1204
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]1205} // namespace net
1206} // namespace android