Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / 4fe1b9c0640d079288fe8642869e89290cc368d4 / . / server / NetdNativeService.cpp
blob: 2098ad528a0dc6fd44ec0f405a4341b6613e4158 [file] [log] [blame]
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]1/**
2 * Copyright (c) 2016, The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#define LOG_TAG "Netd"
18
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]19#include <cinttypes>
Ben Schwartz4204ecf2017-10-02 12:35:48 -0400[diff] [blame]20#include <set>
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]21#include <tuple>
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]22#include <vector>
23
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]24#include <android-base/file.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]25#include <android-base/stringprintf.h>
Ben Schwartz4204ecf2017-10-02 12:35:48 -0400[diff] [blame]26#include <android-base/strings.h>
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]27#include <cutils/properties.h>
Logan Chien3f461482018-04-23 14:31:32 +0800[diff] [blame]28#include <log/log.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]29#include <utils/Errors.h>
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]30#include <utils/String16.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]31
32#include <binder/IPCThreadState.h>
33#include <binder/IServiceManager.h>
34#include "android/net/BnNetd.h"
35
Ben Schwartze7601812017-04-28 16:38:29 -0400[diff] [blame]36#include <openssl/base64.h>
37
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]38#include "Controllers.h"
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]39#include "DumpWriter.h"
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]40#include "InterfaceController.h"
Mike Yu5ae61542018-10-19 22:11:43 +0800[diff] [blame]41#include "NetdConstants.h" // SHA256_SIZE
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]42#include "NetdNativeService.h"
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]43#include "Permission.h"
Erik Kline85890042018-05-25 19:19:11 +0900[diff] [blame]44#include "Process.h"
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]45#include "RouteController.h"
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]46#include "SockDiag.h"
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]47#include "UidRanges.h"
Bernie Innocenti189eb502018-10-01 23:10:18 +0900[diff] [blame]48#include "netid_client.h" // NETID_UNSET
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]49
50using android::base::StringPrintf;
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]51using android::base::WriteStringToFile;
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]52using android::net::TetherStatsParcel;
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]53using android::net::UidRangeParcel;
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]54using android::os::ParcelFileDescriptor;
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]55
56namespace android {
57namespace net {
58
59namespace {
60
61const char CONNECTIVITY_INTERNAL[] = "android.permission.CONNECTIVITY_INTERNAL";
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]62const char NETWORK_STACK[] = "android.permission.NETWORK_STACK";
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]63const char DUMP[] = "android.permission.DUMP";
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]64const char OPT_SHORT[] = "--short";
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]65
66binder::Status checkPermission(const char *permission) {
Luke Huanga38b65c2018-09-26 16:31:03 +0800[diff] [blame]67 pid_t pid = IPCThreadState::self()->getCallingPid();
68 uid_t uid = IPCThreadState::self()->getCallingUid();
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]69
Luke Huanga38b65c2018-09-26 16:31:03 +0800[diff] [blame]70 // If the caller is the system UID, don't check permissions.
71 // Otherwise, if the system server's binder thread pool is full, and all the threads are
72 // blocked on a thread that's waiting for us to complete, we deadlock. http://b/69389492
73 //
74 // From a security perspective, there is currently no difference, because:
75 // 1. The only permissions we check in netd's binder interface are CONNECTIVITY_INTERNAL
76 // and NETWORK_STACK, which the system server will always need to have.
77 // 2. AID_SYSTEM always has all permissions. See ActivityManager#checkComponentPermission.
78 if (uid == AID_SYSTEM || checkPermission(String16(permission), pid, uid)) {
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]79 return binder::Status::ok();
80 } else {
81 auto err = StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission);
82 return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str()));
83 }
84}
85
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]86#define ENFORCE_DEBUGGABLE() { \
87 char value[PROPERTY_VALUE_MAX + 1]; \
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]88 if (property_get("ro.debuggable", value, nullptr) != 1 \
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]89 || value[0] != '1') { \
90 return binder::Status::fromExceptionCode( \
91 binder::Status::EX_SECURITY, \
92 String8("Not available in production builds.") \
93 ); \
94 } \
95}
96
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]97#define ENFORCE_PERMISSION(permission) { \
98 binder::Status status = checkPermission((permission)); \
99 if (!status.isOk()) { \
100 return status; \
101 } \
102}
103
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]104#define NETD_LOCKING_RPC(permission, lock) \
105 ENFORCE_PERMISSION(permission); \
Bernie Innocentiabf8a342018-08-10 15:17:16 +0900[diff] [blame]106 std::lock_guard _lock(lock);
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]107
108#define NETD_BIG_LOCK_RPC(permission) NETD_LOCKING_RPC((permission), gBigNetdLock)
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]109
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]110#define RETURN_BINDER_STATUS_IF_NOT_OK(logEntry, res) \
111 do { \
112 if (!isOk((res))) { \
113 logErrorStatus((logEntry), (res)); \
114 return asBinderStatus((res)); \
115 } \
116 } while (0)
117
118void logErrorStatus(netdutils::LogEntry& logEntry, const netdutils::Status& status) {
119 gLog.log(logEntry.returns(status.code()).withAutomaticDuration());
120}
121
Bernie Innocenti97f388f2018-10-16 19:17:08 +0900[diff] [blame]122binder::Status asBinderStatus(const netdutils::Status& status) {
123 if (isOk(status)) {
124 return binder::Status::ok();
125 }
126 return binder::Status::fromServiceSpecificError(status.code(), status.msg().c_str());
127}
128
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]129inline binder::Status statusFromErrcode(int ret) {
130 if (ret) {
131 return binder::Status::fromServiceSpecificError(-ret, strerror(-ret));
132 }
133 return binder::Status::ok();
134}
135
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]136bool contains(const Vector<String16>& words, const String16& word) {
137 for (const auto& w : words) {
138 if (w == word) return true;
139 }
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]140
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]141 return false;
142}
143
144} // namespace
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]145
Lorenzo Colittie4851de2016-03-17 13:23:28 +0900[diff] [blame]146status_t NetdNativeService::start() {
147 IPCThreadState::self()->disableBackgroundScheduling(true);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]148 const status_t ret = BinderService<NetdNativeService>::publish();
Lorenzo Colittie4851de2016-03-17 13:23:28 +0900[diff] [blame]149 if (ret != android::OK) {
150 return ret;
151 }
152 sp<ProcessState> ps(ProcessState::self());
153 ps->startThreadPool();
154 ps->giveThreadPoolName();
155 return android::OK;
156}
157
Hugo Benichi7b314e12018-01-15 21:54:00 +0900[diff] [blame]158status_t NetdNativeService::dump(int fd, const Vector<String16> &args) {
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]159 const binder::Status dump_permission = checkPermission(DUMP);
160 if (!dump_permission.isOk()) {
161 const String8 msg(dump_permission.toString8());
162 write(fd, msg.string(), msg.size());
163 return PERMISSION_DENIED;
164 }
165
166 // This method does not grab any locks. If individual classes need locking
167 // their dump() methods MUST handle locking appropriately.
Hugo Benichi7b314e12018-01-15 21:54:00 +0900[diff] [blame]168
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]169 DumpWriter dw(fd);
Hugo Benichi7b314e12018-01-15 21:54:00 +0900[diff] [blame]170
171 if (!args.isEmpty() && args[0] == TcpSocketMonitor::DUMP_KEYWORD) {
172 dw.blankline();
173 gCtls->tcpSocketMonitor.dump(dw);
174 dw.blankline();
175 return NO_ERROR;
176 }
177
Chenbo Fengef297172018-03-26 10:53:33 -0700[diff] [blame]178 if (!args.isEmpty() && args[0] == TrafficController::DUMP_KEYWORD) {
179 dw.blankline();
180 gCtls->trafficCtrl.dump(dw, true);
181 dw.blankline();
182 return NO_ERROR;
183 }
184
Erik Kline85890042018-05-25 19:19:11 +0900[diff] [blame]185 process::dump(dw);
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]186 dw.blankline();
187 gCtls->netCtrl.dump(dw);
188 dw.blankline();
189
Chenbo Fengef297172018-03-26 10:53:33 -0700[diff] [blame]190 gCtls->trafficCtrl.dump(dw, false);
191 dw.blankline();
192
Benedict Wongaf855432018-05-10 17:07:37 -0700[diff] [blame]193 gCtls->xfrmCtrl.dump(dw);
194 dw.blankline();
195
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]196 {
197 ScopedIndent indentLog(dw);
198 if (contains(args, String16(OPT_SHORT))) {
199 dw.println("Log: <omitted>");
200 } else {
201 dw.println("Log:");
202 ScopedIndent indentLogEntries(dw);
203 gLog.forEachEntry([&dw](const std::string& entry) mutable { dw.println(entry); });
204 }
205 dw.blankline();
206 }
207
Luke Huang528af602018-08-29 19:06:05 +0800[diff] [blame]208 {
209 ScopedIndent indentLog(dw);
210 if (contains(args, String16(OPT_SHORT))) {
211 dw.println("UnsolicitedLog: <omitted>");
212 } else {
213 dw.println("UnsolicitedLog:");
214 ScopedIndent indentLogEntries(dw);
215 gUnsolicitedLog.forEachEntry(
216 [&dw](const std::string& entry) mutable { dw.println(entry); });
217 }
218 dw.blankline();
219 }
220
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]221 return NO_ERROR;
222}
223
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]224binder::Status NetdNativeService::isAlive(bool *alive) {
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]225 NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]226 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]227
228 *alive = true;
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]229
230 gLog.log(entry.returns(*alive));
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]231 return binder::Status::ok();
232}
233
Erik Klinef52d4522018-03-14 15:01:46 +0900[diff] [blame]234binder::Status NetdNativeService::firewallReplaceUidChain(const std::string& chainName,
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]235 bool isWhitelist, const std::vector<int32_t>& uids, bool *ret) {
236 NETD_LOCKING_RPC(CONNECTIVITY_INTERNAL, gCtls->firewallCtrl.lock);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]237 auto entry = gLog.newEntry()
238 .prettyFunction(__PRETTY_FUNCTION__)
239 .arg(chainName)
240 .arg(isWhitelist)
241 .arg(uids);
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]242
Erik Klinef52d4522018-03-14 15:01:46 +0900[diff] [blame]243 int err = gCtls->firewallCtrl.replaceUidChain(chainName, isWhitelist, uids);
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]244 *ret = (err == 0);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]245
246 gLog.log(entry.returns(*ret).withAutomaticDuration());
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]247 return binder::Status::ok();
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]248}
Lorenzo Colittidedd2712016-03-22 12:36:29 +0900[diff] [blame]249
250binder::Status NetdNativeService::bandwidthEnableDataSaver(bool enable, bool *ret) {
251 NETD_LOCKING_RPC(CONNECTIVITY_INTERNAL, gCtls->bandwidthCtrl.lock);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]252 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(enable);
Lorenzo Colittidedd2712016-03-22 12:36:29 +0900[diff] [blame]253
254 int err = gCtls->bandwidthCtrl.enableDataSaver(enable);
255 *ret = (err == 0);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]256 gLog.log(entry.returns(*ret).withAutomaticDuration());
Lorenzo Colittidedd2712016-03-22 12:36:29 +0900[diff] [blame]257 return binder::Status::ok();
258}
259
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]260binder::Status NetdNativeService::bandwidthSetInterfaceQuota(const std::string& ifName,
261 int64_t bytes) {
262 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->bandwidthCtrl.lock);
263 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName).arg(bytes);
264
265 int res = gCtls->bandwidthCtrl.setInterfaceQuota(ifName, bytes);
266
267 gLog.log(entry.returns(res).withAutomaticDuration());
268 return statusFromErrcode(res);
269}
270
271binder::Status NetdNativeService::bandwidthRemoveInterfaceQuota(const std::string& ifName) {
272 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->bandwidthCtrl.lock);
273 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);
274
275 int res = gCtls->bandwidthCtrl.removeInterfaceQuota(ifName);
276
277 gLog.log(entry.returns(res).withAutomaticDuration());
278 return statusFromErrcode(res);
279}
280
281binder::Status NetdNativeService::bandwidthSetInterfaceAlert(const std::string& ifName,
282 int64_t bytes) {
283 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->bandwidthCtrl.lock);
284 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName).arg(bytes);
285
286 int res = gCtls->bandwidthCtrl.setInterfaceAlert(ifName, bytes);
287
288 gLog.log(entry.returns(res).withAutomaticDuration());
289 return statusFromErrcode(res);
290}
291
292binder::Status NetdNativeService::bandwidthRemoveInterfaceAlert(const std::string& ifName) {
293 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->bandwidthCtrl.lock);
294 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);
295
296 int res = gCtls->bandwidthCtrl.removeInterfaceAlert(ifName);
297
298 gLog.log(entry.returns(res).withAutomaticDuration());
299 return statusFromErrcode(res);
300}
301
302binder::Status NetdNativeService::bandwidthSetGlobalAlert(int64_t bytes) {
303 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->bandwidthCtrl.lock);
304 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(bytes);
305
306 int res = gCtls->bandwidthCtrl.setGlobalAlert(bytes);
307
308 gLog.log(entry.returns(res).withAutomaticDuration());
309 return statusFromErrcode(res);
310}
311
312binder::Status NetdNativeService::bandwidthAddNaughtyApp(int32_t uid) {
313 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->bandwidthCtrl.lock);
314 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(uid);
315
316 std::vector<std::string> appStrUids = {std::to_string(abs(uid))};
317 int res = gCtls->bandwidthCtrl.addNaughtyApps(appStrUids);
318
319 gLog.log(entry.returns(res).withAutomaticDuration());
320 return statusFromErrcode(res);
321}
322
323binder::Status NetdNativeService::bandwidthRemoveNaughtyApp(int32_t uid) {
324 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->bandwidthCtrl.lock);
325 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(uid);
326
327 std::vector<std::string> appStrUids = {std::to_string(abs(uid))};
328 int res = gCtls->bandwidthCtrl.removeNaughtyApps(appStrUids);
329
330 gLog.log(entry.returns(res).withAutomaticDuration());
331 return statusFromErrcode(res);
332}
333
334binder::Status NetdNativeService::bandwidthAddNiceApp(int32_t uid) {
335 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->bandwidthCtrl.lock);
336 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(uid);
337
338 std::vector<std::string> appStrUids = {std::to_string(abs(uid))};
339 int res = gCtls->bandwidthCtrl.addNiceApps(appStrUids);
340
341 gLog.log(entry.returns(res).withAutomaticDuration());
342 return statusFromErrcode(res);
343}
344
345binder::Status NetdNativeService::bandwidthRemoveNiceApp(int32_t uid) {
346 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->bandwidthCtrl.lock);
347 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(uid);
348
349 std::vector<std::string> appStrUids = {std::to_string(abs(uid))};
350 int res = gCtls->bandwidthCtrl.removeNiceApps(appStrUids);
351
352 gLog.log(entry.returns(res).withAutomaticDuration());
353 return statusFromErrcode(res);
354}
355
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]356binder::Status NetdNativeService::networkCreatePhysical(int32_t netId, int32_t permission) {
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]357 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]358 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(netId).arg(permission);
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]359 int ret = gCtls->netCtrl.createPhysicalNetwork(netId, convertPermission(permission));
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]360 gLog.log(entry.returns(ret).withAutomaticDuration());
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]361 return statusFromErrcode(ret);
362}
363
cken67cd14c2018-12-05 17:26:59 +0900[diff] [blame]364binder::Status NetdNativeService::networkCreateVpn(int32_t netId, bool secure) {
Ken Chen87f1ec92018-12-18 20:15:28 +0800[diff] [blame]365 ENFORCE_PERMISSION(NETWORK_STACK);
cken67cd14c2018-12-05 17:26:59 +0900[diff] [blame]366 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).args(netId, secure);
367 int ret = gCtls->netCtrl.createVirtualNetwork(netId, secure);
368 gLog.log(entry.returns(ret).withAutomaticDuration());
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]369 return statusFromErrcode(ret);
370}
371
372binder::Status NetdNativeService::networkDestroy(int32_t netId) {
Erik Klinec8b6a9c2018-01-15 17:06:48 +0900[diff] [blame]373 ENFORCE_PERMISSION(NETWORK_STACK);
374 // Both of these functions manage their own locking internally.
Mike Yu4fe1b9c2019-01-29 17:50:19 +0800[diff] [blame^]375 // Clear DNS servers before delete the cache to avoid the cache being created again.
Erik Klinec8b6a9c2018-01-15 17:06:48 +0900[diff] [blame]376 gCtls->resolverCtrl.clearDnsServers(netId);
Mike Yu4fe1b9c2019-01-29 17:50:19 +0800[diff] [blame^]377 const int ret = gCtls->netCtrl.destroyNetwork(netId);
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]378 return statusFromErrcode(ret);
379}
380
381binder::Status NetdNativeService::networkAddInterface(int32_t netId, const std::string& iface) {
382 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
383 int ret = gCtls->netCtrl.addInterfaceToNetwork(netId, iface.c_str());
384 return statusFromErrcode(ret);
385}
386
387binder::Status NetdNativeService::networkRemoveInterface(int32_t netId, const std::string& iface) {
388 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
389 int ret = gCtls->netCtrl.removeInterfaceFromNetwork(netId, iface.c_str());
390 return statusFromErrcode(ret);
391}
392
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]393namespace {
394
395std::string uidRangeParcelVecToString(const std::vector<UidRangeParcel>& uidRangeArray) {
396 std::vector<std::string> result;
397 result.reserve(uidRangeArray.size());
398 for (const auto& uidRange : uidRangeArray) {
399 result.push_back(StringPrintf("%d-%d", uidRange.start, uidRange.stop));
400 }
401
402 return base::Join(result, ", ");
403}
404
405} // namespace
406
407binder::Status NetdNativeService::networkAddUidRanges(
408 int32_t netId, const std::vector<UidRangeParcel>& uidRangeArray) {
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]409 // NetworkController::addUsersToNetwork is thread-safe.
410 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]411 auto entry = gLog.newEntry()
412 .prettyFunction(__PRETTY_FUNCTION__)
413 .args(netId, uidRangeParcelVecToString(uidRangeArray));
414
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]415 int ret = gCtls->netCtrl.addUsersToNetwork(netId, UidRanges(uidRangeArray));
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]416 gLog.log(entry.returns(ret).withAutomaticDuration());
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]417 return statusFromErrcode(ret);
418}
419
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]420binder::Status NetdNativeService::networkRemoveUidRanges(
421 int32_t netId, const std::vector<UidRangeParcel>& uidRangeArray) {
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]422 // NetworkController::removeUsersFromNetwork is thread-safe.
423 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]424 auto entry = gLog.newEntry()
425 .prettyFunction(__PRETTY_FUNCTION__)
426 .args(netId, uidRangeParcelVecToString(uidRangeArray));
427
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]428 int ret = gCtls->netCtrl.removeUsersFromNetwork(netId, UidRanges(uidRangeArray));
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]429 gLog.log(entry.returns(ret).withAutomaticDuration());
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]430 return statusFromErrcode(ret);
431}
432
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]433binder::Status NetdNativeService::networkRejectNonSecureVpn(
434 bool add, const std::vector<UidRangeParcel>& uidRangeArray) {
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]435 // TODO: elsewhere RouteController is only used from the tethering and network controllers, so
436 // it should be possible to use the same lock as NetworkController. However, every call through
437 // the CommandListener "network" command will need to hold this lock too, not just the ones that
438 // read/modify network internal state (that is sufficient for ::dump() because it doesn't
439 // look at routes, but it's not enough here).
440 NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL);
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]441 auto entry = gLog.newEntry()
442 .prettyFunction(__PRETTY_FUNCTION__)
443 .args(add, uidRangeParcelVecToString(uidRangeArray));
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]444 UidRanges uidRanges(uidRangeArray);
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]445
446 int err;
447 if (add) {
448 err = RouteController::addUsersToRejectNonSecureNetworkRule(uidRanges);
449 } else {
450 err = RouteController::removeUsersFromRejectNonSecureNetworkRule(uidRanges);
451 }
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]452 gLog.log(entry.returns(err).withAutomaticDuration());
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]453 return statusFromErrcode(err);
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]454}
455
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]456binder::Status NetdNativeService::socketDestroy(const std::vector<UidRangeParcel>& uids,
457 const std::vector<int32_t>& skipUids) {
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]458 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
459
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]460 auto entry = gLog.newEntry()
461 .prettyFunction(__PRETTY_FUNCTION__)
462 .arg(uidRangeParcelVecToString(uids));
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]463 SockDiag sd;
464 if (!sd.open()) {
465 return binder::Status::fromServiceSpecificError(EIO,
466 String8("Could not open SOCK_DIAG socket"));
467 }
468
469 UidRanges uidRanges(uids);
Lorenzo Colittie5c3c992016-07-26 17:53:50 +0900[diff] [blame]470 int err = sd.destroySockets(uidRanges, std::set<uid_t>(skipUids.begin(), skipUids.end()),
471 true /* excludeLoopback */);
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]472
Luke Huang94658ac2018-10-18 19:35:12 +0900[diff] [blame]473 gLog.log(entry.returns(err).withAutomaticDuration());
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]474 if (err) {
475 return binder::Status::fromServiceSpecificError(-err,
476 String8::format("destroySockets: %s", strerror(-err)));
477 }
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]478 return binder::Status::ok();
479}
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]480
Ben Schwartz4204ecf2017-10-02 12:35:48 -0400[diff] [blame]481// Parse a base64 encoded string into a vector of bytes.
482// On failure, return an empty vector.
483static std::vector<uint8_t> parseBase64(const std::string& input) {
484 std::vector<uint8_t> decoded;
485 size_t out_len;
486 if (EVP_DecodedLength(&out_len, input.size()) != 1) {
487 return decoded;
488 }
489 // out_len is now an upper bound on the output length.
490 decoded.resize(out_len);
491 if (EVP_DecodeBase64(decoded.data(), &out_len, decoded.size(),
492 reinterpret_cast<const uint8_t*>(input.data()), input.size()) == 1) {
493 // Possibly shrink the vector if the actual output was smaller than the bound.
494 decoded.resize(out_len);
495 } else {
496 decoded.clear();
497 }
498 if (out_len != SHA256_SIZE) {
499 decoded.clear();
500 }
501 return decoded;
502}
503
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]504binder::Status NetdNativeService::setResolverConfiguration(int32_t netId,
505 const std::vector<std::string>& servers, const std::vector<std::string>& domains,
Erik Klinea1476fb2018-03-04 21:01:56 +0900[diff] [blame]506 const std::vector<int32_t>& params, const std::string& tlsName,
507 const std::vector<std::string>& tlsServers,
Ben Schwartz4204ecf2017-10-02 12:35:48 -0400[diff] [blame]508 const std::vector<std::string>& tlsFingerprints) {
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]509 // This function intentionally does not lock within Netd, as Bionic is thread-safe.
510 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]511 auto entry = gLog.newEntry()
512 .prettyFunction(__PRETTY_FUNCTION__)
513 .arg(netId)
514 .arg(servers)
515 .arg(domains)
516 .arg(params)
517 .arg(tlsName)
518 .arg(tlsServers)
519 .arg(tlsFingerprints);
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]520
Ben Schwartz4204ecf2017-10-02 12:35:48 -0400[diff] [blame]521 std::set<std::vector<uint8_t>> decoded_fingerprints;
522 for (const std::string& fingerprint : tlsFingerprints) {
523 std::vector<uint8_t> decoded = parseBase64(fingerprint);
524 if (decoded.empty()) {
525 return binder::Status::fromServiceSpecificError(EINVAL,
526 String8::format("ResolverController error: bad fingerprint"));
527 }
528 decoded_fingerprints.emplace(decoded);
529 }
530
531 int err = gCtls->resolverCtrl.setResolverConfiguration(netId, servers, domains, params,
Erik Klinea1476fb2018-03-04 21:01:56 +0900[diff] [blame]532 tlsName, tlsServers, decoded_fingerprints);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]533 gLog.log(entry.returns(err).withAutomaticDuration());
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]534 if (err != 0) {
535 return binder::Status::fromServiceSpecificError(-err,
536 String8::format("ResolverController error: %s", strerror(-err)));
537 }
538 return binder::Status::ok();
539}
540
Mike Yuda77e8e2018-11-26 13:26:21 +0900[diff] [blame]541binder::Status NetdNativeService::getResolverInfo(int32_t netId, std::vector<std::string>* servers,
542 std::vector<std::string>* domains,
543 std::vector<std::string>* tlsServers,
544 std::vector<int32_t>* params,
545 std::vector<int32_t>* stats) {
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]546 // This function intentionally does not lock within Netd, as Bionic is thread-safe.
Mike Yuda77e8e2018-11-26 13:26:21 +0900[diff] [blame]547 ENFORCE_PERMISSION(NETWORK_STACK);
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]548
Mike Yuda77e8e2018-11-26 13:26:21 +0900[diff] [blame]549 int err =
550 gCtls->resolverCtrl.getResolverInfo(netId, servers, domains, tlsServers, params, stats);
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]551 if (err != 0) {
552 return binder::Status::fromServiceSpecificError(-err,
553 String8::format("ResolverController error: %s", strerror(-err)));
554 }
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]555 return binder::Status::ok();
556}
557
Erik Klinef48e4dd2016-07-18 04:02:07 +0900[diff] [blame]558binder::Status NetdNativeService::tetherApplyDnsInterfaces(bool *ret) {
Luke Huangd1ee4622018-06-29 13:49:58 +0800[diff] [blame]559 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
Erik Klinef48e4dd2016-07-18 04:02:07 +0900[diff] [blame]560
561 *ret = gCtls->tetherCtrl.applyDnsInterfaces();
562 return binder::Status::ok();
563}
564
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]565namespace {
566
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]567void tetherAddStatsByInterface(TetherController::TetherStats* tetherStatsParcel,
568 const TetherController::TetherStats& tetherStats) {
569 if (tetherStatsParcel->extIface == tetherStats.extIface) {
570 tetherStatsParcel->rxBytes += tetherStats.rxBytes;
571 tetherStatsParcel->rxPackets += tetherStats.rxPackets;
572 tetherStatsParcel->txBytes += tetherStats.txBytes;
573 tetherStatsParcel->txPackets += tetherStats.txPackets;
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]574 }
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]575}
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]576
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]577TetherStatsParcel toTetherStatsParcel(const TetherController::TetherStats& stats) {
578 TetherStatsParcel result;
579 result.iface = stats.extIface;
580 result.rxBytes = stats.rxBytes;
581 result.rxPackets = stats.rxPackets;
582 result.txBytes = stats.txBytes;
583 result.txPackets = stats.txPackets;
584 return result;
585}
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]586
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]587void setTetherStatsParcelVecByInterface(std::vector<TetherStatsParcel>* tetherStatsVec,
588 const TetherController::TetherStatsList& statsList) {
589 std::map<std::string, TetherController::TetherStats> statsMap;
590 for (const auto& stats : statsList) {
591 auto iter = statsMap.find(stats.extIface);
592 if (iter != statsMap.end()) {
593 tetherAddStatsByInterface(&(iter->second), stats);
594 } else {
595 statsMap.insert(
596 std::pair<std::string, TetherController::TetherStats>(stats.extIface, stats));
597 }
598 }
599 for (auto iter = statsMap.begin(); iter != statsMap.end(); iter++) {
600 tetherStatsVec->push_back(toTetherStatsParcel(iter->second));
601 }
602}
603
604std::vector<std::string> tetherStatsParcelVecToStringVec(std::vector<TetherStatsParcel>* tVec) {
605 std::vector<std::string> result;
606 for (const auto& t : *tVec) {
607 result.push_back(StringPrintf("%s:%" PRId64 ",%" PRId64 ",%" PRId64 ",%" PRId64,
608 t.iface.c_str(), t.rxBytes, t.rxPackets, t.txBytes,
609 t.txPackets));
610 }
611 return result;
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]612}
613
614} // namespace
615
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]616binder::Status NetdNativeService::tetherGetStats(
617 std::vector<TetherStatsParcel>* tetherStatsParcelVec) {
Luke Huangd1ee4622018-06-29 13:49:58 +0800[diff] [blame]618 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]619
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]620 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
621
Lorenzo Colitti5192bf72017-09-04 13:30:59 +0900[diff] [blame]622 const auto& statsList = gCtls->tetherCtrl.getTetherStats();
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]623 if (!isOk(statsList)) {
Nathan Harold28ccfef2018-03-16 19:02:47 -0700[diff] [blame]624 return asBinderStatus(statsList);
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]625 }
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]626 setTetherStatsParcelVecByInterface(tetherStatsParcelVec, statsList.value());
627 auto statsResults = tetherStatsParcelVecToStringVec(tetherStatsParcelVec);
628 gLog.log(entry.returns(base::Join(statsResults, ";")).withAutomaticDuration());
Lorenzo Colitti9a8a9ff2017-01-31 19:06:59 +0900[diff] [blame]629 return binder::Status::ok();
630}
631
Erik Kline53c20882016-08-02 15:22:53 +0900[diff] [blame]632binder::Status NetdNativeService::interfaceAddAddress(const std::string &ifName,
633 const std::string &addrString, int prefixLength) {
634 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
635
636 const int err = InterfaceController::addAddress(
637 ifName.c_str(), addrString.c_str(), prefixLength);
638 if (err != 0) {
639 return binder::Status::fromServiceSpecificError(-err,
640 String8::format("InterfaceController error: %s", strerror(-err)));
641 }
642 return binder::Status::ok();
643}
644
645binder::Status NetdNativeService::interfaceDelAddress(const std::string &ifName,
646 const std::string &addrString, int prefixLength) {
647 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
648
649 const int err = InterfaceController::delAddress(
650 ifName.c_str(), addrString.c_str(), prefixLength);
651 if (err != 0) {
652 return binder::Status::fromServiceSpecificError(-err,
653 String8::format("InterfaceController error: %s", strerror(-err)));
654 }
655 return binder::Status::ok();
656}
657
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]658namespace {
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]659
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]660std::tuple<binder::Status, const char*, const char*> getPathComponents(int32_t ipversion,
661 int32_t category) {
662 const char* ipversionStr = nullptr;
663 switch (ipversion) {
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]664 case INetd::IPV4:
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]665 ipversionStr = "ipv4";
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]666 break;
667 case INetd::IPV6:
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]668 ipversionStr = "ipv6";
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]669 break;
670 default:
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]671 return {binder::Status::fromServiceSpecificError(EAFNOSUPPORT, "Bad IP version"),
672 nullptr, nullptr};
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]673 }
674
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]675 const char* whichStr = nullptr;
676 switch (category) {
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]677 case INetd::CONF:
678 whichStr = "conf";
679 break;
680 case INetd::NEIGH:
681 whichStr = "neigh";
682 break;
683 default:
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]684 return {binder::Status::fromServiceSpecificError(EINVAL, "Bad category"), nullptr,
685 nullptr};
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]686 }
687
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]688 return {binder::Status::ok(), ipversionStr, whichStr};
689}
690
691} // namespace
692
693binder::Status NetdNativeService::getProcSysNet(int32_t ipversion, int32_t which,
694 const std::string& ifname,
695 const std::string& parameter, std::string* value) {
696 ENFORCE_PERMISSION(NETWORK_STACK);
697 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__)
698 .args(ipversion, which, ifname, parameter);
699
700 const auto pathParts = getPathComponents(ipversion, which);
701 const auto& pathStatus = std::get<0>(pathParts);
702 if (!pathStatus.isOk()) {
703 gLog.log(entry.returns(pathStatus.exceptionCode()).withAutomaticDuration());
704 return pathStatus;
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]705 }
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]706
707 const int err = InterfaceController::getParameter(std::get<1>(pathParts),
708 std::get<2>(pathParts), ifname.c_str(),
709 parameter.c_str(), value);
710 entry.returns(err);
711 if (err == 0) entry.returns(*value);
712 gLog.log(entry.withAutomaticDuration());
713 return statusFromErrcode(err);
714}
715
716binder::Status NetdNativeService::setProcSysNet(int32_t ipversion, int32_t which,
717 const std::string& ifname,
718 const std::string& parameter,
719 const std::string& value) {
720 ENFORCE_PERMISSION(NETWORK_STACK);
721 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__)
722 .args(ipversion, which, ifname, parameter, value);
723
724 const auto pathParts = getPathComponents(ipversion, which);
725 const auto& pathStatus = std::get<0>(pathParts);
726 if (!pathStatus.isOk()) {
727 gLog.log(entry.returns(pathStatus.exceptionCode()).withAutomaticDuration());
728 return pathStatus;
729 }
730
731 const int err = InterfaceController::setParameter(std::get<1>(pathParts),
732 std::get<2>(pathParts), ifname.c_str(),
733 parameter.c_str(), value.c_str());
734 gLog.log(entry.returns(err).withAutomaticDuration());
735 return statusFromErrcode(err);
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]736}
737
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]738binder::Status NetdNativeService::ipSecSetEncapSocketOwner(const ParcelFileDescriptor& socket,
739 int newUid) {
Benedict Wongb2daefb2017-12-06 22:05:46 -0800[diff] [blame]740 ENFORCE_PERMISSION(NETWORK_STACK)
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]741 gLog.log("ipSecSetEncapSocketOwner()");
Benedict Wongb2daefb2017-12-06 22:05:46 -0800[diff] [blame]742
743 uid_t callerUid = IPCThreadState::self()->getCallingUid();
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]744 return asBinderStatus(
745 gCtls->xfrmCtrl.ipSecSetEncapSocketOwner(socket.get(), newUid, callerUid));
Benedict Wongb2daefb2017-12-06 22:05:46 -0800[diff] [blame]746}
747
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]748binder::Status NetdNativeService::ipSecAllocateSpi(
749 int32_t transformId,
Nathan Haroldda54f122018-01-09 16:42:57 -0800[diff] [blame]750 const std::string& sourceAddress,
751 const std::string& destinationAddress,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]752 int32_t inSpi,
753 int32_t* outSpi) {
754 // Necessary locking done in IpSecService and kernel
755 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]756 gLog.log("ipSecAllocateSpi()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame]757 return asBinderStatus(gCtls->xfrmCtrl.ipSecAllocateSpi(
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]758 transformId,
Nathan Haroldda54f122018-01-09 16:42:57 -0800[diff] [blame]759 sourceAddress,
760 destinationAddress,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]761 inSpi,
762 outSpi));
763}
764
765binder::Status NetdNativeService::ipSecAddSecurityAssociation(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]766 int32_t transformId, int32_t mode, const std::string& sourceAddress,
767 const std::string& destinationAddress, int32_t underlyingNetId, int32_t spi,
768 int32_t markValue, int32_t markMask, const std::string& authAlgo,
769 const std::vector<uint8_t>& authKey, int32_t authTruncBits, const std::string& cryptAlgo,
770 const std::vector<uint8_t>& cryptKey, int32_t cryptTruncBits, const std::string& aeadAlgo,
771 const std::vector<uint8_t>& aeadKey, int32_t aeadIcvBits, int32_t encapType,
772 int32_t encapLocalPort, int32_t encapRemotePort, int32_t interfaceId) {
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]773 // Necessary locking done in IpSecService and kernel
774 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]775 gLog.log("ipSecAddSecurityAssociation()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame]776 return asBinderStatus(gCtls->xfrmCtrl.ipSecAddSecurityAssociation(
Benedict Wongad600cb2018-05-14 17:22:35 -0700[diff] [blame]777 transformId, mode, sourceAddress, destinationAddress, underlyingNetId, spi, markValue,
778 markMask, authAlgo, authKey, authTruncBits, cryptAlgo, cryptKey, cryptTruncBits,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]779 aeadAlgo, aeadKey, aeadIcvBits, encapType, encapLocalPort, encapRemotePort,
780 interfaceId));
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]781}
782
783binder::Status NetdNativeService::ipSecDeleteSecurityAssociation(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]784 int32_t transformId, const std::string& sourceAddress,
785 const std::string& destinationAddress, int32_t spi, int32_t markValue, int32_t markMask,
786 int32_t interfaceId) {
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]787 // Necessary locking done in IpSecService and kernel
788 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]789 gLog.log("ipSecDeleteSecurityAssociation()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame]790 return asBinderStatus(gCtls->xfrmCtrl.ipSecDeleteSecurityAssociation(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]791 transformId, sourceAddress, destinationAddress, spi, markValue, markMask, interfaceId));
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]792}
793
794binder::Status NetdNativeService::ipSecApplyTransportModeTransform(
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]795 const ParcelFileDescriptor& socket, int32_t transformId, int32_t direction,
796 const std::string& sourceAddress, const std::string& destinationAddress, int32_t spi) {
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]797 // Necessary locking done in IpSecService and kernel
798 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]799 gLog.log("ipSecApplyTransportModeTransform()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame]800 return asBinderStatus(gCtls->xfrmCtrl.ipSecApplyTransportModeTransform(
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]801 socket.get(), transformId, direction, sourceAddress, destinationAddress, spi));
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]802}
803
804binder::Status NetdNativeService::ipSecRemoveTransportModeTransform(
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]805 const ParcelFileDescriptor& socket) {
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]806 // Necessary locking done in IpSecService and kernel
807 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]808 gLog.log("ipSecRemoveTransportModeTransform()");
Luke Huange203a152018-11-23 11:47:28 +0800[diff] [blame]809 return asBinderStatus(gCtls->xfrmCtrl.ipSecRemoveTransportModeTransform(socket.get()));
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]810}
811
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]812binder::Status NetdNativeService::ipSecAddSecurityPolicy(int32_t transformId, int32_t selAddrFamily,
813 int32_t direction,
Benedict Wongad600cb2018-05-14 17:22:35 -0700[diff] [blame]814 const std::string& tmplSrcAddress,
815 const std::string& tmplDstAddress,
816 int32_t spi, int32_t markValue,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]817 int32_t markMask, int32_t interfaceId) {
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]818 // Necessary locking done in IpSecService and kernel
819 ENFORCE_PERMISSION(NETWORK_STACK);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]820 gLog.log("ipSecAddSecurityPolicy()");
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]821 return asBinderStatus(gCtls->xfrmCtrl.ipSecAddSecurityPolicy(
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]822 transformId, selAddrFamily, direction, tmplSrcAddress, tmplDstAddress, spi, markValue,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]823 markMask, interfaceId));
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]824}
825
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]826binder::Status NetdNativeService::ipSecUpdateSecurityPolicy(
827 int32_t transformId, int32_t selAddrFamily, int32_t direction,
828 const std::string& tmplSrcAddress, const std::string& tmplDstAddress, int32_t spi,
829 int32_t markValue, int32_t markMask, int32_t interfaceId) {
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]830 // Necessary locking done in IpSecService and kernel
831 ENFORCE_PERMISSION(NETWORK_STACK);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]832 gLog.log("ipSecAddSecurityPolicy()");
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]833 return asBinderStatus(gCtls->xfrmCtrl.ipSecUpdateSecurityPolicy(
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]834 transformId, selAddrFamily, direction, tmplSrcAddress, tmplDstAddress, spi, markValue,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]835 markMask, interfaceId));
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]836}
837
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]838binder::Status NetdNativeService::ipSecDeleteSecurityPolicy(int32_t transformId,
839 int32_t selAddrFamily,
840 int32_t direction, int32_t markValue,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]841 int32_t markMask, int32_t interfaceId) {
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]842 // Necessary locking done in IpSecService and kernel
843 ENFORCE_PERMISSION(NETWORK_STACK);
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]844 gLog.log("ipSecAddSecurityPolicy()");
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]845 return asBinderStatus(gCtls->xfrmCtrl.ipSecDeleteSecurityPolicy(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]846 transformId, selAddrFamily, direction, markValue, markMask, interfaceId));
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]847}
848
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]849binder::Status NetdNativeService::ipSecAddTunnelInterface(const std::string& deviceName,
850 const std::string& localAddress,
851 const std::string& remoteAddress,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]852 int32_t iKey, int32_t oKey,
853 int32_t interfaceId) {
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]854 // Necessary locking done in IpSecService and kernel
855 ENFORCE_PERMISSION(NETWORK_STACK);
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]856 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]857
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]858 netdutils::Status result = gCtls->xfrmCtrl.ipSecAddTunnelInterface(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]859 deviceName, localAddress, remoteAddress, iKey, oKey, interfaceId, false);
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]860 RETURN_BINDER_STATUS_IF_NOT_OK(entry, result);
861
862 gLog.log(entry.returns(result).withAutomaticDuration());
863 return binder::Status::ok();
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]864}
865
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]866binder::Status NetdNativeService::ipSecUpdateTunnelInterface(const std::string& deviceName,
867 const std::string& localAddress,
868 const std::string& remoteAddress,
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]869 int32_t iKey, int32_t oKey,
870 int32_t interfaceId) {
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]871 // Necessary locking done in IpSecService and kernel
872 ENFORCE_PERMISSION(NETWORK_STACK);
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]873 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]874
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]875 netdutils::Status result = gCtls->xfrmCtrl.ipSecAddTunnelInterface(
Benedict Wonga450e722018-05-07 10:29:02 -0700[diff] [blame]876 deviceName, localAddress, remoteAddress, iKey, oKey, interfaceId, true);
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]877 RETURN_BINDER_STATUS_IF_NOT_OK(entry, result);
878
879 gLog.log(entry.returns(result).withAutomaticDuration());
880 return binder::Status::ok();
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]881}
882
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]883binder::Status NetdNativeService::ipSecRemoveTunnelInterface(const std::string& deviceName) {
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]884 // Necessary locking done in IpSecService and kernel
885 ENFORCE_PERMISSION(NETWORK_STACK);
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]886 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]887
Benedict Wong319f17e2018-05-15 17:06:44 -0700[diff] [blame]888 netdutils::Status result = gCtls->xfrmCtrl.ipSecRemoveTunnelInterface(deviceName);
889 RETURN_BINDER_STATUS_IF_NOT_OK(entry, result);
890
891 gLog.log(entry.returns(result).withAutomaticDuration());
892 return binder::Status::ok();
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]893}
894
Joel Scherpelzde937962017-06-01 13:20:21 +0900[diff] [blame]895binder::Status NetdNativeService::setIPv6AddrGenMode(const std::string& ifName,
896 int32_t mode) {
897 ENFORCE_PERMISSION(NETWORK_STACK);
Nathan Harold28ccfef2018-03-16 19:02:47 -0700[diff] [blame]898 return asBinderStatus(InterfaceController::setIPv6AddrGenMode(ifName, mode));
Joel Scherpelzde937962017-06-01 13:20:21 +0900[diff] [blame]899}
900
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]901binder::Status NetdNativeService::wakeupAddInterface(const std::string& ifName,
902 const std::string& prefix, int32_t mark,
903 int32_t mask) {
904 ENFORCE_PERMISSION(NETWORK_STACK);
Nathan Harold28ccfef2018-03-16 19:02:47 -0700[diff] [blame]905 return asBinderStatus(gCtls->wakeupCtrl.addInterface(ifName, prefix, mark, mask));
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]906}
907
908binder::Status NetdNativeService::wakeupDelInterface(const std::string& ifName,
909 const std::string& prefix, int32_t mark,
910 int32_t mask) {
911 ENFORCE_PERMISSION(NETWORK_STACK);
Nathan Harold28ccfef2018-03-16 19:02:47 -0700[diff] [blame]912 return asBinderStatus(gCtls->wakeupCtrl.delInterface(ifName, prefix, mark, mask));
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]913}
914
Chenbo Feng07d43fe2017-12-21 14:38:51 -0800[diff] [blame]915binder::Status NetdNativeService::trafficCheckBpfStatsEnable(bool* ret) {
916 ENFORCE_PERMISSION(NETWORK_STACK);
917 *ret = gCtls->trafficCtrl.checkBpfStatsEnable();
918 return binder::Status::ok();
919}
920
Luke Huang0051a622018-07-23 20:30:16 +0800[diff] [blame]921binder::Status NetdNativeService::idletimerAddInterface(const std::string& ifName, int32_t timeout,
922 const std::string& classLabel) {
923 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->idletimerCtrl.lock);
924 auto entry = gLog.newEntry()
925 .prettyFunction(__PRETTY_FUNCTION__)
926 .arg(ifName)
927 .arg(timeout)
928 .arg(classLabel);
929 int res =
930 gCtls->idletimerCtrl.addInterfaceIdletimer(ifName.c_str(), timeout, classLabel.c_str());
931 gLog.log(entry.returns(res).withAutomaticDuration());
932 return statusFromErrcode(res);
933}
934
935binder::Status NetdNativeService::idletimerRemoveInterface(const std::string& ifName,
936 int32_t timeout,
937 const std::string& classLabel) {
938 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->idletimerCtrl.lock);
939 auto entry = gLog.newEntry()
940 .prettyFunction(__PRETTY_FUNCTION__)
941 .arg(ifName)
942 .arg(timeout)
943 .arg(classLabel);
944 int res = gCtls->idletimerCtrl.removeInterfaceIdletimer(ifName.c_str(), timeout,
945 classLabel.c_str());
946 gLog.log(entry.returns(res).withAutomaticDuration());
947 return statusFromErrcode(res);
948}
Luke Huanga67dd562018-07-17 19:58:25 +0800[diff] [blame]949
950binder::Status NetdNativeService::strictUidCleartextPenalty(int32_t uid, int32_t policyPenalty) {
951 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->strictCtrl.lock);
952 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(uid).arg(policyPenalty);
953 StrictPenalty penalty;
954 switch (policyPenalty) {
955 case INetd::PENALTY_POLICY_REJECT:
956 penalty = REJECT;
957 break;
958 case INetd::PENALTY_POLICY_LOG:
959 penalty = LOG;
960 break;
961 case INetd::PENALTY_POLICY_ACCEPT:
962 penalty = ACCEPT;
963 break;
964 default:
965 return statusFromErrcode(-EINVAL);
966 break;
967 }
968 int res = gCtls->strictCtrl.setUidCleartextPenalty((uid_t) uid, penalty);
969 gLog.log(entry.returns(res).withAutomaticDuration());
970 return statusFromErrcode(res);
971}
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]972
Luke Huang6d301232018-08-01 14:05:18 +0800[diff] [blame]973binder::Status NetdNativeService::clatdStart(const std::string& ifName) {
974 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->clatdCtrl.mutex);
975 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);
976 int res = gCtls->clatdCtrl.startClatd(ifName.c_str());
977 gLog.log(entry.returns(res).withAutomaticDuration());
978 return statusFromErrcode(res);
979}
980
981binder::Status NetdNativeService::clatdStop(const std::string& ifName) {
982 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->clatdCtrl.mutex);
983 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);
984 int res = gCtls->clatdCtrl.stopClatd(ifName.c_str());
985 gLog.log(entry.returns(res).withAutomaticDuration());
986 return statusFromErrcode(res);
987}
Luke Huanga67dd562018-07-17 19:58:25 +0800[diff] [blame]988
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]989binder::Status NetdNativeService::ipfwdEnabled(bool* status) {
990 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
991 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
992 *status = (gCtls->tetherCtrl.forwardingRequestCount() > 0) ? true : false;
993 gLog.log(entry.returns(*status).withAutomaticDuration());
994 return binder::Status::ok();
995}
996
997binder::Status NetdNativeService::ipfwdEnableForwarding(const std::string& requester) {
998 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
999 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(requester);
1000 int res = (gCtls->tetherCtrl.enableForwarding(requester.c_str())) ? 0 : -EREMOTEIO;
1001 gLog.log(entry.returns(res).withAutomaticDuration());
1002 return statusFromErrcode(res);
1003}
1004
1005binder::Status NetdNativeService::ipfwdDisableForwarding(const std::string& requester) {
1006 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1007 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(requester);
1008 int res = (gCtls->tetherCtrl.disableForwarding(requester.c_str())) ? 0 : -EREMOTEIO;
1009 gLog.log(entry.returns(res).withAutomaticDuration());
1010 return statusFromErrcode(res);
1011}
1012
1013binder::Status NetdNativeService::ipfwdAddInterfaceForward(const std::string& fromIface,
1014 const std::string& toIface) {
1015 ENFORCE_PERMISSION(NETWORK_STACK);
1016 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(fromIface).arg(toIface);
1017 int res = RouteController::enableTethering(fromIface.c_str(), toIface.c_str());
1018 gLog.log(entry.returns(res).withAutomaticDuration());
1019 return statusFromErrcode(res);
1020}
1021
1022binder::Status NetdNativeService::ipfwdRemoveInterfaceForward(const std::string& fromIface,
1023 const std::string& toIface) {
1024 ENFORCE_PERMISSION(NETWORK_STACK);
1025 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(fromIface).arg(toIface);
1026 int res = RouteController::disableTethering(fromIface.c_str(), toIface.c_str());
1027 gLog.log(entry.returns(res).withAutomaticDuration());
1028 return statusFromErrcode(res);
1029}
1030
Luke Huangf7782042018-08-08 13:13:04 +0800[diff] [blame]1031namespace {
1032std::string addSquareBrackets(const std::string& s) {
1033 return "[" + s + "]";
1034}
1035
1036std::string addCurlyBrackets(const std::string& s) {
1037 return "{" + s + "}";
1038}
1039
1040} // namespace
1041binder::Status NetdNativeService::interfaceGetList(std::vector<std::string>* interfaceListResult) {
1042 NETD_LOCKING_RPC(NETWORK_STACK, InterfaceController::mutex);
1043 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
1044
1045 const auto& ifaceList = InterfaceController::getIfaceNames();
1046 RETURN_BINDER_STATUS_IF_NOT_OK(entry, ifaceList);
1047
1048 interfaceListResult->clear();
1049 interfaceListResult->reserve(ifaceList.value().size());
1050 interfaceListResult->insert(end(*interfaceListResult), begin(ifaceList.value()),
1051 end(ifaceList.value()));
1052
1053 gLog.log(entry.returns(addSquareBrackets(base::Join(*interfaceListResult, ", ")))
1054 .withAutomaticDuration());
1055 return binder::Status::ok();
1056}
1057
1058std::string interfaceConfigurationParcelToString(const InterfaceConfigurationParcel& cfg) {
1059 std::vector<std::string> result{cfg.ifName, cfg.hwAddr, cfg.ipv4Addr,
1060 std::to_string(cfg.prefixLength)};
1061 result.insert(end(result), begin(cfg.flags), end(cfg.flags));
1062 return addCurlyBrackets(base::Join(result, ", "));
1063}
1064
1065binder::Status NetdNativeService::interfaceGetCfg(
1066 const std::string& ifName, InterfaceConfigurationParcel* interfaceGetCfgResult) {
1067 NETD_LOCKING_RPC(NETWORK_STACK, InterfaceController::mutex);
1068 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);
1069
1070 const auto& cfgRes = InterfaceController::getCfg(ifName);
1071 RETURN_BINDER_STATUS_IF_NOT_OK(entry, cfgRes);
1072
1073 *interfaceGetCfgResult = cfgRes.value();
1074 gLog.log(entry.returns(interfaceConfigurationParcelToString(*interfaceGetCfgResult))
1075 .withAutomaticDuration());
1076 return binder::Status::ok();
1077}
1078
1079binder::Status NetdNativeService::interfaceSetCfg(const InterfaceConfigurationParcel& cfg) {
1080 NETD_LOCKING_RPC(NETWORK_STACK, InterfaceController::mutex);
1081 auto entry = gLog.newEntry()
1082 .prettyFunction(__PRETTY_FUNCTION__)
1083 .arg(interfaceConfigurationParcelToString(cfg));
1084
1085 const auto& res = InterfaceController::setCfg(cfg);
1086 RETURN_BINDER_STATUS_IF_NOT_OK(entry, res);
1087
1088 gLog.log(entry.withAutomaticDuration());
1089 return binder::Status::ok();
1090}
1091
1092binder::Status NetdNativeService::interfaceSetIPv6PrivacyExtensions(const std::string& ifName,
1093 bool enable) {
1094 NETD_LOCKING_RPC(NETWORK_STACK, InterfaceController::mutex);
1095 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).args(ifName, enable);
1096 int res = InterfaceController::setIPv6PrivacyExtensions(ifName.c_str(), enable);
1097 gLog.log(entry.returns(res).withAutomaticDuration());
1098 return statusFromErrcode(res);
1099}
1100
1101binder::Status NetdNativeService::interfaceClearAddrs(const std::string& ifName) {
1102 NETD_LOCKING_RPC(NETWORK_STACK, InterfaceController::mutex);
1103 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);
1104 int res = InterfaceController::clearAddrs(ifName.c_str());
1105 gLog.log(entry.returns(res).withAutomaticDuration());
1106 return statusFromErrcode(res);
1107}
1108
1109binder::Status NetdNativeService::interfaceSetEnableIPv6(const std::string& ifName, bool enable) {
1110 NETD_LOCKING_RPC(NETWORK_STACK, InterfaceController::mutex);
1111 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).args(ifName, enable);
1112 int res = InterfaceController::setEnableIPv6(ifName.c_str(), enable);
1113 gLog.log(entry.returns(res).withAutomaticDuration());
1114 return statusFromErrcode(res);
1115}
1116
1117binder::Status NetdNativeService::interfaceSetMtu(const std::string& ifName, int32_t mtuValue) {
1118 NETD_LOCKING_RPC(NETWORK_STACK, InterfaceController::mutex);
1119 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).args(ifName, mtuValue);
1120 std::string mtu = std::to_string(mtuValue);
1121 int res = InterfaceController::setMtu(ifName.c_str(), mtu.c_str());
1122 gLog.log(entry.returns(res).withAutomaticDuration());
1123 return statusFromErrcode(res);
1124}
1125
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]1126binder::Status NetdNativeService::tetherStart(const std::vector<std::string>& dhcpRanges) {
1127 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1128 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(dhcpRanges);
1129 if (dhcpRanges.size() % 2 == 1) {
1130 return statusFromErrcode(-EINVAL);
1131 }
1132 int res = gCtls->tetherCtrl.startTethering(dhcpRanges);
1133 gLog.log(entry.returns(res).withAutomaticDuration());
1134 return statusFromErrcode(res);
1135}
1136
1137binder::Status NetdNativeService::tetherStop() {
1138 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1139 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
1140 int res = gCtls->tetherCtrl.stopTethering();
1141 gLog.log(entry.returns(res).withAutomaticDuration());
1142 return statusFromErrcode(res);
1143}
1144
1145binder::Status NetdNativeService::tetherIsEnabled(bool* enabled) {
1146 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1147 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
1148 *enabled = gCtls->tetherCtrl.isTetheringStarted();
1149 gLog.log(entry.returns(*enabled).withAutomaticDuration());
1150 return binder::Status::ok();
1151}
1152
1153binder::Status NetdNativeService::tetherInterfaceAdd(const std::string& ifName) {
1154 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1155 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);
1156 int res = gCtls->tetherCtrl.tetherInterface(ifName.c_str());
1157 gLog.log(entry.returns(res).withAutomaticDuration());
1158 return statusFromErrcode(res);
1159}
1160
1161binder::Status NetdNativeService::tetherInterfaceRemove(const std::string& ifName) {
1162 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1163 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);
1164 int res = gCtls->tetherCtrl.untetherInterface(ifName.c_str());
1165 gLog.log(entry.returns(res).withAutomaticDuration());
1166 return statusFromErrcode(res);
1167}
1168
1169binder::Status NetdNativeService::tetherInterfaceList(std::vector<std::string>* ifList) {
1170 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1171 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
1172 for (const auto& ifname : gCtls->tetherCtrl.getTetheredInterfaceList()) {
1173 ifList->push_back(ifname);
1174 }
1175 gLog.log(entry.returns(true).withAutomaticDuration());
1176 return binder::Status::ok();
1177}
1178
1179binder::Status NetdNativeService::tetherDnsSet(int32_t netId,
1180 const std::vector<std::string>& dnsAddrs) {
1181 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1182 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(netId).arg(dnsAddrs);
1183 int res = gCtls->tetherCtrl.setDnsForwarders(netId, dnsAddrs);
1184 gLog.log(entry.returns(res).withAutomaticDuration());
1185 return statusFromErrcode(res);
1186}
1187
1188binder::Status NetdNativeService::tetherDnsList(std::vector<std::string>* dnsList) {
1189 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1190 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
1191 for (const auto& fwdr : gCtls->tetherCtrl.getDnsForwarders()) {
1192 dnsList->push_back(fwdr);
1193 }
1194 gLog.log(entry.returns(true).withAutomaticDuration());
1195 return binder::Status::ok();
1196}
1197
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame]1198binder::Status NetdNativeService::networkAddRoute(int32_t netId, const std::string& ifName,
1199 const std::string& destination,
1200 const std::string& nextHop) {
1201 // Public methods of NetworkController are thread-safe.
1202 ENFORCE_PERMISSION(NETWORK_STACK);
1203 auto entry = gLog.newEntry()
1204 .prettyFunction(__PRETTY_FUNCTION__)
1205 .arg(netId)
1206 .arg(ifName)
1207 .arg(destination)
1208 .arg(nextHop);
1209 bool legacy = false;
1210 uid_t uid = 0; // UID is only meaningful for legacy routes.
1211 int res = gCtls->netCtrl.addRoute(netId, ifName.c_str(), destination.c_str(),
1212 nextHop.empty() ? nullptr : nextHop.c_str(), legacy, uid);
1213 gLog.log(entry.returns(res).withAutomaticDuration());
1214 return statusFromErrcode(res);
1215}
1216
1217binder::Status NetdNativeService::networkRemoveRoute(int32_t netId, const std::string& ifName,
1218 const std::string& destination,
1219 const std::string& nextHop) {
1220 ENFORCE_PERMISSION(NETWORK_STACK);
1221 auto entry = gLog.newEntry()
1222 .prettyFunction(__PRETTY_FUNCTION__)
1223 .arg(netId)
1224 .arg(ifName)
1225 .arg(destination)
1226 .arg(nextHop);
1227 bool legacy = false;
1228 uid_t uid = 0; // UID is only meaningful for legacy routes.
1229 int res = gCtls->netCtrl.removeRoute(netId, ifName.c_str(), destination.c_str(),
1230 nextHop.empty() ? nullptr : nextHop.c_str(), legacy, uid);
1231 gLog.log(entry.returns(res).withAutomaticDuration());
1232 return statusFromErrcode(res);
1233}
1234
1235binder::Status NetdNativeService::networkAddLegacyRoute(int32_t netId, const std::string& ifName,
1236 const std::string& destination,
1237 const std::string& nextHop, int32_t uid) {
1238 ENFORCE_PERMISSION(NETWORK_STACK);
1239 auto entry = gLog.newEntry()
1240 .prettyFunction(__PRETTY_FUNCTION__)
1241 .arg(netId)
1242 .arg(ifName)
1243 .arg(destination)
1244 .arg(nextHop)
1245 .arg(uid);
1246 bool legacy = true;
1247 int res = gCtls->netCtrl.addRoute(netId, ifName.c_str(), destination.c_str(),
1248 nextHop.empty() ? nullptr : nextHop.c_str(), legacy,
1249 (uid_t) uid);
1250 gLog.log(entry.returns(res).withAutomaticDuration());
1251 return statusFromErrcode(res);
1252}
1253
1254binder::Status NetdNativeService::networkRemoveLegacyRoute(int32_t netId, const std::string& ifName,
1255 const std::string& destination,
1256 const std::string& nextHop,
1257 int32_t uid) {
1258 ENFORCE_PERMISSION(NETWORK_STACK);
1259 auto entry = gLog.newEntry()
1260 .prettyFunction(__PRETTY_FUNCTION__)
1261 .arg(netId)
1262 .arg(ifName)
1263 .arg(destination)
1264 .arg(nextHop)
1265 .arg(uid);
1266 bool legacy = true;
1267 int res = gCtls->netCtrl.removeRoute(netId, ifName.c_str(), destination.c_str(),
1268 nextHop.empty() ? nullptr : nextHop.c_str(), legacy,
1269 (uid_t) uid);
1270 gLog.log(entry.returns(res).withAutomaticDuration());
1271 return statusFromErrcode(res);
1272}
1273
1274binder::Status NetdNativeService::networkGetDefault(int32_t* netId) {
1275 ENFORCE_PERMISSION(NETWORK_STACK);
1276 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
1277 *netId = gCtls->netCtrl.getDefaultNetwork();
1278 gLog.log(entry.returns(*netId).withAutomaticDuration());
1279 return binder::Status::ok();
1280}
1281
1282binder::Status NetdNativeService::networkSetDefault(int32_t netId) {
1283 ENFORCE_PERMISSION(NETWORK_STACK);
1284 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(netId);
1285 int res = gCtls->netCtrl.setDefaultNetwork(netId);
1286 gLog.log(entry.returns(res).withAutomaticDuration());
1287 return statusFromErrcode(res);
1288}
1289
1290binder::Status NetdNativeService::networkClearDefault() {
1291 ENFORCE_PERMISSION(NETWORK_STACK);
1292 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
1293 unsigned netId = NETID_UNSET;
1294 int res = gCtls->netCtrl.setDefaultNetwork(netId);
1295 gLog.log(entry.returns(res).withAutomaticDuration());
1296 return statusFromErrcode(res);
1297}
1298
1299std::vector<uid_t> NetdNativeService::intsToUids(const std::vector<int32_t>& intUids) {
1300 return {begin(intUids), end(intUids)};
1301}
1302
1303Permission NetdNativeService::convertPermission(int32_t permission) {
1304 switch (permission) {
1305 case INetd::PERMISSION_NETWORK:
1306 return Permission::PERMISSION_NETWORK;
1307 case INetd::PERMISSION_SYSTEM:
1308 return Permission::PERMISSION_SYSTEM;
1309 default:
1310 return Permission::PERMISSION_NONE;
1311 }
1312}
1313
1314binder::Status NetdNativeService::networkSetPermissionForNetwork(int32_t netId,
1315 int32_t permission) {
1316 ENFORCE_PERMISSION(NETWORK_STACK);
1317 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(netId).arg(permission);
1318 std::vector<unsigned> netIds = {(unsigned) netId};
1319 int res = gCtls->netCtrl.setPermissionForNetworks(convertPermission(permission), netIds);
1320 gLog.log(entry.returns(res).withAutomaticDuration());
1321 return statusFromErrcode(res);
1322}
1323
1324binder::Status NetdNativeService::networkSetPermissionForUser(int32_t permission,
1325 const std::vector<int32_t>& uids) {
1326 ENFORCE_PERMISSION(NETWORK_STACK);
1327 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(permission).arg(uids);
1328 gCtls->netCtrl.setPermissionForUsers(convertPermission(permission), intsToUids(uids));
1329 gLog.log(entry.withAutomaticDuration());
1330 return binder::Status::ok();
1331}
1332
1333binder::Status NetdNativeService::networkClearPermissionForUser(const std::vector<int32_t>& uids) {
1334 ENFORCE_PERMISSION(NETWORK_STACK);
1335 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(uids);
1336 Permission permission = Permission::PERMISSION_NONE;
1337 gCtls->netCtrl.setPermissionForUsers(permission, intsToUids(uids));
1338 gLog.log(entry.withAutomaticDuration());
1339 return binder::Status::ok();
1340}
1341
1342binder::Status NetdNativeService::NetdNativeService::networkSetProtectAllow(int32_t uid) {
1343 ENFORCE_PERMISSION(NETWORK_STACK);
1344 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(uid);
1345 std::vector<uid_t> uids = {(uid_t) uid};
1346 gCtls->netCtrl.allowProtect(uids);
1347 gLog.log(entry.withAutomaticDuration());
1348 return binder::Status::ok();
1349}
1350
1351binder::Status NetdNativeService::networkSetProtectDeny(int32_t uid) {
1352 ENFORCE_PERMISSION(NETWORK_STACK);
1353 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(uid);
1354 std::vector<uid_t> uids = {(uid_t) uid};
1355 gCtls->netCtrl.denyProtect(uids);
1356 gLog.log(entry.withAutomaticDuration());
1357 return binder::Status::ok();
1358}
1359
1360binder::Status NetdNativeService::networkCanProtect(int32_t uid, bool* ret) {
1361 ENFORCE_PERMISSION(NETWORK_STACK);
1362 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(uid);
1363 *ret = gCtls->netCtrl.canProtect((uid_t) uid);
1364 gLog.log(entry.returns(*ret).withAutomaticDuration());
1365 return binder::Status::ok();
1366}
1367
Chenbo Feng48eaed32018-12-26 17:40:21 -0800[diff] [blame]1368binder::Status NetdNativeService::trafficSetNetPermForUids(int32_t permission,
1369 const std::vector<int32_t>& uids) {
1370 ENFORCE_PERMISSION(NETWORK_STACK);
1371 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(permission).arg(uids);
1372 gCtls->trafficCtrl.setPermissionForUids(permission, intsToUids(uids));
1373 gLog.log(entry.withAutomaticDuration());
1374 return binder::Status::ok();
1375}
1376
Luke Huange64fa382018-07-24 16:38:22 +0800[diff] [blame]1377namespace {
1378std::string ruleToString(int32_t rule) {
1379 switch (rule) {
1380 case INetd::FIREWALL_RULE_DENY:
1381 return "DENY";
1382 case INetd::FIREWALL_RULE_ALLOW:
1383 return "ALLOW";
1384 default:
1385 return "INVALID";
1386 }
1387}
1388
1389std::string typeToString(int32_t type) {
1390 switch (type) {
1391 case INetd::FIREWALL_WHITELIST:
1392 return "WHITELIST";
1393 case INetd::FIREWALL_BLACKLIST:
1394 return "BLACKLIST";
1395 default:
1396 return "INVALID";
1397 }
1398}
1399
1400std::string chainToString(int32_t chain) {
1401 switch (chain) {
1402 case INetd::FIREWALL_CHAIN_NONE:
1403 return "NONE";
1404 case INetd::FIREWALL_CHAIN_DOZABLE:
1405 return "DOZABLE";
1406 case INetd::FIREWALL_CHAIN_STANDBY:
1407 return "STANDBY";
1408 case INetd::FIREWALL_CHAIN_POWERSAVE:
1409 return "POWERSAVE";
1410 default:
1411 return "INVALID";
1412 }
1413}
1414
1415} // namespace
1416
1417binder::Status NetdNativeService::firewallSetFirewallType(int32_t firewallType) {
1418 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->firewallCtrl.lock);
1419 auto entry =
1420 gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(typeToString(firewallType));
1421 auto type = static_cast<FirewallType>(firewallType);
1422
1423 int res = gCtls->firewallCtrl.setFirewallType(type);
1424 gLog.log(entry.returns(res).withAutomaticDuration());
1425 return statusFromErrcode(res);
1426}
1427
1428binder::Status NetdNativeService::firewallSetInterfaceRule(const std::string& ifName,
1429 int32_t firewallRule) {
1430 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->firewallCtrl.lock);
1431 auto entry = gLog.newEntry()
1432 .prettyFunction(__PRETTY_FUNCTION__)
1433 .args(ifName, ruleToString(firewallRule));
1434 auto rule = static_cast<FirewallRule>(firewallRule);
1435
1436 int res = gCtls->firewallCtrl.setInterfaceRule(ifName.c_str(), rule);
1437 gLog.log(entry.returns(res).withAutomaticDuration());
1438 return statusFromErrcode(res);
1439}
1440
1441binder::Status NetdNativeService::firewallSetUidRule(int32_t childChain, int32_t uid,
1442 int32_t firewallRule) {
1443 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->firewallCtrl.lock);
1444 auto entry = gLog.newEntry()
1445 .prettyFunction(__PRETTY_FUNCTION__)
1446 .args(chainToString(childChain), uid, ruleToString(firewallRule));
1447 auto chain = static_cast<ChildChain>(childChain);
1448 auto rule = static_cast<FirewallRule>(firewallRule);
1449
1450 int res = gCtls->firewallCtrl.setUidRule(chain, uid, rule);
1451 gLog.log(entry.returns(res).withAutomaticDuration());
1452 return statusFromErrcode(res);
1453}
1454
1455binder::Status NetdNativeService::firewallEnableChildChain(int32_t childChain, bool enable) {
1456 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->firewallCtrl.lock);
1457 auto entry = gLog.newEntry()
1458 .prettyFunction(__PRETTY_FUNCTION__)
1459 .args(chainToString(childChain), enable);
1460 auto chain = static_cast<ChildChain>(childChain);
1461
1462 int res = gCtls->firewallCtrl.enableChildChains(chain, enable);
1463 gLog.log(entry.returns(res).withAutomaticDuration());
1464 return statusFromErrcode(res);
1465}
1466
Luke Huang19b49c52018-10-22 12:12:05 +0900[diff] [blame]1467binder::Status NetdNativeService::tetherAddForward(const std::string& intIface,
1468 const std::string& extIface) {
1469 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
1470 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).args(intIface, extIface);
1471
1472 int res = gCtls->tetherCtrl.enableNat(intIface.c_str(), extIface.c_str());
Luke Huang19b49c52018-10-22 12:12:05 +0900[diff] [blame]1473 gLog.log(entry.returns(res).withAutomaticDuration());
1474 return statusFromErrcode(res);
1475}
1476
1477binder::Status NetdNativeService::tetherRemoveForward(const std::string& intIface,
1478 const std::string& extIface) {
1479 NETD_LOCKING_RPC(NETWORK_STACK, gCtls->tetherCtrl.lock);
Luke Huang19b49c52018-10-22 12:12:05 +0900[diff] [blame]1480 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).args(intIface, extIface);
1481
Luke Huangae038f82018-11-05 11:17:31 +0900[diff] [blame]1482 int res = gCtls->tetherCtrl.disableNat(intIface.c_str(), extIface.c_str());
Luke Huang19b49c52018-10-22 12:12:05 +0900[diff] [blame]1483 gLog.log(entry.returns(res).withAutomaticDuration());
1484 return statusFromErrcode(res);
1485}
1486
Chenbo Fengf5663d82018-11-08 16:10:48 -0800[diff] [blame]1487binder::Status NetdNativeService::setTcpRWmemorySize(const std::string& rmemValues,
1488 const std::string& wmemValues) {
1489 ENFORCE_PERMISSION(NETWORK_STACK);
1490 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).args(rmemValues, wmemValues);
1491 if (!WriteStringToFile(rmemValues, TCP_RMEM_PROC_FILE)) {
1492 int ret = -errno;
1493 gLog.log(entry.returns(ret).withAutomaticDuration());
1494 return statusFromErrcode(ret);
1495 }
1496
1497 if (!WriteStringToFile(wmemValues, TCP_WMEM_PROC_FILE)) {
1498 int ret = -errno;
1499 gLog.log(entry.returns(ret).withAutomaticDuration());
1500 return statusFromErrcode(ret);
1501 }
1502 gLog.log(entry.withAutomaticDuration());
1503 return binder::Status::ok();
1504}
1505
nuccachenf52f7a52018-07-17 18:07:23 +0800[diff] [blame]1506binder::Status NetdNativeService::getPrefix64(int netId, std::string* _aidl_return) {
1507 ENFORCE_PERMISSION(NETWORK_STACK);
1508
1509 netdutils::IPPrefix prefix{};
1510 int err = gCtls->resolverCtrl.getPrefix64(netId, &prefix);
1511 if (err != 0) {
1512 return binder::Status::fromServiceSpecificError(
1513 -err, String8::format("ResolverController error: %s", strerror(-err)));
1514 }
1515 *_aidl_return = prefix.toString();
1516 return binder::Status::ok();
1517}
1518
Luke Huang528af602018-08-29 19:06:05 +0800[diff] [blame]1519binder::Status NetdNativeService::registerUnsolicitedEventListener(
1520 const android::sp<android::net::INetdUnsolicitedEventListener>& listener) {
1521 ENFORCE_PERMISSION(NETWORK_STACK);
Bernie Innocenti9ee088d2019-02-01 17:14:32 +0900[diff] [blame]1522 auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
1523 gCtls->eventReporter.registerUnsolEventListener(listener);
Luke Huang528af602018-08-29 19:06:05 +0800[diff] [blame]1524 gLog.log(entry.withAutomaticDuration());
1525 return binder::Status::ok();
1526}
1527
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]1528} // namespace net
1529} // namespace android