Blame - server/NetdNativeService.cpp - platform/system/netd

2016-02-02 17:19:04 +0900

[diff] [blame]

/**

*

* Licensed under the Apache License, Version 2.0 (the "License");

5

* you may not use this file except in compliance with the License.

6

* You may obtain a copy of the License at

7

*

8

* http://www.apache.org/licenses/LICENSE-2.0

9

*

10

* Unless required by applicable law or agreed to in writing, software

11

* distributed under the License is distributed on an "AS IS" BASIS,

12

* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

13

* See the License for the specific language governing permissions and

14

* limitations under the License.

15

*/

16

17

#define LOG_TAG "Netd"

18

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

19

#include <cinttypes>

Xiao Ma

2018-12-16 16:27:38 +0900

[diff] [blame]

20

#include <numeric>

Ben Schwartz

4204ecf

2017-10-02 12:35:48 -0400

[diff] [blame]

21

#include <set>

Xiao Ma

64b15b7

2019-03-20 11:33:15 +0900

[diff] [blame]

22

#include <string>

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

23

#include <tuple>

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

24

#include <vector>

25

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

26

#include <android-base/file.h>

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

27

#include <android-base/stringprintf.h>

Ben Schwartz

4204ecf

2017-10-02 12:35:48 -0400

[diff] [blame]

28

#include <android-base/strings.h>

Luke Huang

2019-05-02 18:10:15 +0800

[diff] [blame]

29

#include <binder/IPCThreadState.h>

30

#include <binder/IServiceManager.h>

31

#include <binder/Status.h>

Robin Lee

2cf5617

2016-09-13 18:55:42 +0900

[diff] [blame]

32

#include <cutils/properties.h>

Logan Chien

3f46148

2018-04-23 14:31:32 +0800

[diff] [blame]

33

#include <log/log.h>

Luke Huang

2019-05-02 18:10:15 +0800

[diff] [blame]

34

#include <netdutils/DumpWriter.h>

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

35

#include <utils/Errors.h>

Pierre Imai

beedec3

2016-04-13 06:44:51 +0900

[diff] [blame]

36

#include <utils/String16.h>

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

37

Luke Huang

2019-05-02 18:10:15 +0800

[diff] [blame]

38

#include "BinderUtil.h"

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

39

#include "Controllers.h"

Chiachang Wang

00fc62f

2019-12-04 20:38:26 +0800

[diff] [blame]

40

#include "Fwmark.h"

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

41

#include "InterfaceController.h"

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

42

#include "NetdNativeService.h"

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

43

#include "NetdPermissions.h"

Luke Huang

0e5e69d

2019-03-06 15:42:38 +0800

[diff] [blame]

44

#include "OemNetdListener.h"

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

45

#include "Permission.h"

Erik Kline

8589004

2018-05-25 19:19:11 +0900

[diff] [blame]

46

#include "Process.h"

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

47

#include "RouteController.h"

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

48

#include "SockDiag.h"

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

49

#include "UidRanges.h"

Xiao Ma

2018-12-16 16:27:38 +0900

[diff] [blame]

50

#include "android/net/BnNetd.h"

Bernie Innocenti

189eb50

2018-10-01 23:10:18 +0900

[diff] [blame]

51

#include "netid_client.h" // NETID_UNSET

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

52

53

using android::base::StringPrintf;

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

54

using android::base::WriteStringToFile;

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

55

using android::net::TetherStatsParcel;

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

56

using android::net::UidRangeParcel;

Luke Huang

b257d61

2019-03-14 21:19:13 +0800

[diff] [blame]

57

using android::netdutils::DumpWriter;

58

using android::netdutils::ScopedIndent;

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

59

using android::os::ParcelFileDescriptor;

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

namespace android {

namespace net {

namespace {

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

65

const char OPT_SHORT[] = "--short";

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

66

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

67

binder::Status checkAnyPermission(const std::vector<const char*>& permissions) {

Luke Huang

a38b65c

2018-09-26 16:31:03 +0800

[diff] [blame]

68

pid_t pid = IPCThreadState::self()->getCallingPid();

69

uid_t uid = IPCThreadState::self()->getCallingUid();

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

70

Luke Huang

a38b65c

2018-09-26 16:31:03 +0800

[diff] [blame]

71

// If the caller is the system UID, don't check permissions.

72

// Otherwise, if the system server's binder thread pool is full, and all the threads are

73

// blocked on a thread that's waiting for us to complete, we deadlock. http://b/69389492

74

//

75

// From a security perspective, there is currently no difference, because:

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

76

// 1. The system server has the NETWORK_STACK permission, which grants access to all the

77

// IPCs in this file.

Luke Huang

a38b65c

2018-09-26 16:31:03 +0800

[diff] [blame]

78

// 2. AID_SYSTEM always has all permissions. See ActivityManager#checkComponentPermission.

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

79

if (uid == AID_SYSTEM) {

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

80

return binder::Status::ok();

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

81

}

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

82

83

for (const char* permission : permissions) {

84

if (checkPermission(String16(permission), pid, uid)) {

85

return binder::Status::ok();

}

}

auto err = StringPrintf("UID %d / PID %d does not have any of the following permissions: %s",

90

uid, pid, android::base::Join(permissions, ',').c_str());

91

return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, err.c_str());

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

92

}

93

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

94

#define ENFORCE_ANY_PERMISSION(...) \

95

do { \

96

binder::Status status = checkAnyPermission({__VA_ARGS__}); \

97

if (!status.isOk()) { \

98

return status; \

99

} \

100

} while (0)

Robin Lee

2cf5617

2016-09-13 18:55:42 +0900

[diff] [blame]

101

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

102

#define NETD_LOCKING_RPC(lock, ... /* permissions */) \

103

ENFORCE_ANY_PERMISSION(__VA_ARGS__); \

Bernie Innocenti

abf8a34

2018-08-10 15:17:16 +0900

[diff] [blame]

104

std::lock_guard _lock(lock);

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

105

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

106

#define NETD_BIG_LOCK_RPC(... /* permissions */) NETD_LOCKING_RPC(gBigNetdLock, __VA_ARGS__)

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

107

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

108

#define RETURN_BINDER_STATUS_IF_NOT_OK(logEntry, res) \

109

do { \

110

if (!isOk((res))) { \

111

logErrorStatus((logEntry), (res)); \

112

return asBinderStatus((res)); \

} \

} while (0)

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

116

#define ENFORCE_NETWORK_STACK_PERMISSIONS() \

117

ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK)

118

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

119

void logErrorStatus(netdutils::LogEntry& logEntry, const netdutils::Status& status) {

120

gLog.log(logEntry.returns(status.code()).withAutomaticDuration());

121

}

122

Bernie Innocenti

97f388f

2018-10-16 19:17:08 +0900

[diff] [blame]

123

binder::Status asBinderStatus(const netdutils::Status& status) {

124

if (isOk(status)) {

125

return binder::Status::ok();

126

}

127

return binder::Status::fromServiceSpecificError(status.code(), status.msg().c_str());

128

}

129

Lorenzo Colitti

e801d3c

2020-02-18 00:00:35 +0900

[diff] [blame]

130

template <typename T>

131

binder::Status asBinderStatus(const base::Result<T> result) {

132

if (result.ok()) return binder::Status::ok();

133

134

return binder::Status::fromServiceSpecificError(result.error().code(),

135

result.error().message().c_str());

136

}

137

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

138

inline binder::Status statusFromErrcode(int ret) {

139

if (ret) {

140

return binder::Status::fromServiceSpecificError(-ret, strerror(-ret));

141

}

142

return binder::Status::ok();

143

}

144

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

145

bool contains(const Vector<String16>& words, const String16& word) {

146

for (const auto& w : words) {

147

if (w == word) return true;

148

}

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

149

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

return false;

}

} // namespace

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

154

Luke Huang

2019-05-02 18:10:15 +0800

[diff] [blame]

155

NetdNativeService::NetdNativeService() {

156

// register log callback to BnNetd::logFunc

157

BnNetd::logFunc = std::bind(binderCallLogFn, std::placeholders::_1,

158

[](const std::string& msg) { gLog.info("%s", msg.c_str()); });

159

}

160

Lorenzo Colitti

e4851de

2016-03-17 13:23:28 +0900

[diff] [blame]

161

status_t NetdNativeService::start() {

162

IPCThreadState::self()->disableBackgroundScheduling(true);

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

163

const status_t ret = BinderService<NetdNativeService>::publish();

Lorenzo Colitti

e4851de

2016-03-17 13:23:28 +0900

[diff] [blame]

164

if (ret != android::OK) {

165

return ret;

166

}

167

sp<ProcessState> ps(ProcessState::self());

168

ps->startThreadPool();

169

ps->giveThreadPoolName();

Xiao Ma

2018-12-16 16:27:38 +0900

[diff] [blame]

170

Lorenzo Colitti

e4851de

2016-03-17 13:23:28 +0900

[diff] [blame]

return android::OK;

}

Hugo Benichi

2018-01-15 21:54:00 +0900

[diff] [blame]

174

status_t NetdNativeService::dump(int fd, const Vector<String16> &args) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

175

const binder::Status dump_permission = checkAnyPermission({PERM_DUMP});

Erik Kline

2d3a163

2016-03-15 16:33:48 +0900

[diff] [blame]

176

if (!dump_permission.isOk()) {

177

const String8 msg(dump_permission.toString8());

178

write(fd, msg.string(), msg.size());

179

return PERMISSION_DENIED;

180

}

181

182

// This method does not grab any locks. If individual classes need locking

183

// their dump() methods MUST handle locking appropriately.

Hugo Benichi

7b314e1

2018-01-15 21:54:00 +0900

[diff] [blame]

184

Erik Kline

2d3a163

2016-03-15 16:33:48 +0900

[diff] [blame]

185

DumpWriter dw(fd);

Hugo Benichi

7b314e1

2018-01-15 21:54:00 +0900

[diff] [blame]

186

187

if (!args.isEmpty() && args[0] == TcpSocketMonitor::DUMP_KEYWORD) {

188

dw.blankline();

189

gCtls->tcpSocketMonitor.dump(dw);

dw.blankline();

return NO_ERROR;

}

Chenbo Feng

2018-03-26 10:53:33 -0700

[diff] [blame]

194

if (!args.isEmpty() && args[0] == TrafficController::DUMP_KEYWORD) {

195

dw.blankline();

196

gCtls->trafficCtrl.dump(dw, true);

dw.blankline();

return NO_ERROR;

}

Erik Kline

2018-05-25 19:19:11 +0900

[diff] [blame]

201

process::dump(dw);

Erik Kline

2d3a163

2016-03-15 16:33:48 +0900

[diff] [blame]

202

dw.blankline();

203

gCtls->netCtrl.dump(dw);

204

dw.blankline();

205

Chenbo Feng

ef29717

2018-03-26 10:53:33 -0700

[diff] [blame]

206

gCtls->trafficCtrl.dump(dw, false);

207

dw.blankline();

208

Benedict Wong

af85543

2018-05-10 17:07:37 -0700

[diff] [blame]

209

gCtls->xfrmCtrl.dump(dw);

210

dw.blankline();

211

Maciej Żenczykowski

5526271

2019-03-29 23:44:56 -0700

[diff] [blame]

212

gCtls->clatdCtrl.dump(dw);

213

dw.blankline();

214

Lorenzo Colitti

52db391

2020-02-17 23:59:45 +0900

[diff] [blame]

215

gCtls->tetherCtrl.dump(dw);

216

dw.blankline();

217

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

218

{

219

ScopedIndent indentLog(dw);

220

if (contains(args, String16(OPT_SHORT))) {

221

dw.println("Log: <omitted>");

222

} else {

223

dw.println("Log:");

224

ScopedIndent indentLogEntries(dw);

225

gLog.forEachEntry([&dw](const std::string& entry) mutable { dw.println(entry); });

}

dw.blankline();

}

Luke Huang

2018-08-29 19:06:05 +0800

[diff] [blame]

230

{

231

ScopedIndent indentLog(dw);

232

if (contains(args, String16(OPT_SHORT))) {

233

dw.println("UnsolicitedLog: <omitted>");

234

} else {

235

dw.println("UnsolicitedLog:");

236

ScopedIndent indentLogEntries(dw);

237

gUnsolicitedLog.forEachEntry(

238

[&dw](const std::string& entry) mutable { dw.println(entry); });

}

dw.blankline();

}

Erik Kline

2016-03-15 16:33:48 +0900

[diff] [blame]

return NO_ERROR;

}

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

246

binder::Status NetdNativeService::isAlive(bool *alive) {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

247

NETD_BIG_LOCK_RPC(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

248

249

*alive = true;

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

250

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

251

return binder::Status::ok();

252

}

253

Erik Kline

f52d452

2018-03-14 15:01:46 +0900

[diff] [blame]

254

binder::Status NetdNativeService::firewallReplaceUidChain(const std::string& chainName,

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

255

bool isWhitelist, const std::vector<int32_t>& uids, bool *ret) {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

256

NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Erik Kline

f52d452

2018-03-14 15:01:46 +0900

[diff] [blame]

257

int err = gCtls->firewallCtrl.replaceUidChain(chainName, isWhitelist, uids);

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

258

*ret = (err == 0);

259

return binder::Status::ok();

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

260

}

Lorenzo Colitti

dedd271

2016-03-22 12:36:29 +0900

[diff] [blame]

261

262

binder::Status NetdNativeService::bandwidthEnableDataSaver(bool enable, bool *ret) {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

263

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Lorenzo Colitti

dedd271

2016-03-22 12:36:29 +0900

[diff] [blame]

264

int err = gCtls->bandwidthCtrl.enableDataSaver(enable);

265

*ret = (err == 0);

266

return binder::Status::ok();

267

}

268

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

269

binder::Status NetdNativeService::bandwidthSetInterfaceQuota(const std::string& ifName,

270

int64_t bytes) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

271

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

272

int res = gCtls->bandwidthCtrl.setInterfaceQuota(ifName, bytes);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

273

return statusFromErrcode(res);

274

}

275

276

binder::Status NetdNativeService::bandwidthRemoveInterfaceQuota(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

277

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

278

int res = gCtls->bandwidthCtrl.removeInterfaceQuota(ifName);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

279

return statusFromErrcode(res);

280

}

281

282

binder::Status NetdNativeService::bandwidthSetInterfaceAlert(const std::string& ifName,

283

int64_t bytes) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

284

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

285

int res = gCtls->bandwidthCtrl.setInterfaceAlert(ifName, bytes);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

286

return statusFromErrcode(res);

287

}

288

289

binder::Status NetdNativeService::bandwidthRemoveInterfaceAlert(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

290

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

291

int res = gCtls->bandwidthCtrl.removeInterfaceAlert(ifName);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

292

return statusFromErrcode(res);

293

}

294

295

binder::Status NetdNativeService::bandwidthSetGlobalAlert(int64_t bytes) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

296

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

297

int res = gCtls->bandwidthCtrl.setGlobalAlert(bytes);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

298

return statusFromErrcode(res);

299

}

300

301

binder::Status NetdNativeService::bandwidthAddNaughtyApp(int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

302

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

303

std::vector<std::string> appStrUids = {std::to_string(abs(uid))};

304

int res = gCtls->bandwidthCtrl.addNaughtyApps(appStrUids);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

305

return statusFromErrcode(res);

306

}

307

308

binder::Status NetdNativeService::bandwidthRemoveNaughtyApp(int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

309

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

310

std::vector<std::string> appStrUids = {std::to_string(abs(uid))};

311

int res = gCtls->bandwidthCtrl.removeNaughtyApps(appStrUids);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

312

return statusFromErrcode(res);

313

}

314

315

binder::Status NetdNativeService::bandwidthAddNiceApp(int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

316

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

317

std::vector<std::string> appStrUids = {std::to_string(abs(uid))};

318

int res = gCtls->bandwidthCtrl.addNiceApps(appStrUids);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

319

return statusFromErrcode(res);

320

}

321

322

binder::Status NetdNativeService::bandwidthRemoveNiceApp(int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

323

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

324

std::vector<std::string> appStrUids = {std::to_string(abs(uid))};

325

int res = gCtls->bandwidthCtrl.removeNiceApps(appStrUids);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

326

return statusFromErrcode(res);

327

}

328

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

329

binder::Status NetdNativeService::networkCreatePhysical(int32_t netId, int32_t permission) {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

330

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

331

int ret = gCtls->netCtrl.createPhysicalNetwork(netId, convertPermission(permission));

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

332

return statusFromErrcode(ret);

333

}

334

cken

67cd14c

2018-12-05 17:26:59 +0900

[diff] [blame]

335

binder::Status NetdNativeService::networkCreateVpn(int32_t netId, bool secure) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

336

ENFORCE_NETWORK_STACK_PERMISSIONS();

cken

67cd14c

2018-12-05 17:26:59 +0900

[diff] [blame]

337

int ret = gCtls->netCtrl.createVirtualNetwork(netId, secure);

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

338

return statusFromErrcode(ret);

339

}

340

341

binder::Status NetdNativeService::networkDestroy(int32_t netId) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

342

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

d33a8f4

2019-03-14 16:10:04 +0800

[diff] [blame]

343

// NetworkController::destroyNetwork is thread-safe.

Mike Yu

4fe1b9c

2019-01-29 17:50:19 +0800

[diff] [blame]

344

const int ret = gCtls->netCtrl.destroyNetwork(netId);

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

345

return statusFromErrcode(ret);

346

}

347

348

binder::Status NetdNativeService::networkAddInterface(int32_t netId, const std::string& iface) {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

349

ENFORCE_NETWORK_STACK_PERMISSIONS();

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

350

int ret = gCtls->netCtrl.addInterfaceToNetwork(netId, iface.c_str());

351

return statusFromErrcode(ret);

352

}

353

354

binder::Status NetdNativeService::networkRemoveInterface(int32_t netId, const std::string& iface) {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

355

ENFORCE_NETWORK_STACK_PERMISSIONS();

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

356

int ret = gCtls->netCtrl.removeInterfaceFromNetwork(netId, iface.c_str());

357

return statusFromErrcode(ret);

358

}

359

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

360

binder::Status NetdNativeService::networkAddUidRanges(

361

int32_t netId, const std::vector<UidRangeParcel>& uidRangeArray) {

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

362

// NetworkController::addUsersToNetwork is thread-safe.

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

363

ENFORCE_NETWORK_STACK_PERMISSIONS();

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

364

int ret = gCtls->netCtrl.addUsersToNetwork(netId, UidRanges(uidRangeArray));

365

return statusFromErrcode(ret);

366

}

367

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

368

binder::Status NetdNativeService::networkRemoveUidRanges(

369

int32_t netId, const std::vector<UidRangeParcel>& uidRangeArray) {

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

370

// NetworkController::removeUsersFromNetwork is thread-safe.

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

371

ENFORCE_NETWORK_STACK_PERMISSIONS();

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

372

int ret = gCtls->netCtrl.removeUsersFromNetwork(netId, UidRanges(uidRangeArray));

373

return statusFromErrcode(ret);

374

}

375

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

376

binder::Status NetdNativeService::networkRejectNonSecureVpn(

377

bool add, const std::vector<UidRangeParcel>& uidRangeArray) {

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

378

// TODO: elsewhere RouteController is only used from the tethering and network controllers, so

379

// it should be possible to use the same lock as NetworkController. However, every call through

380

// the CommandListener "network" command will need to hold this lock too, not just the ones that

381

// read/modify network internal state (that is sufficient for ::dump() because it doesn't

382

// look at routes, but it's not enough here).

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

383

NETD_BIG_LOCK_RPC(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

384

UidRanges uidRanges(uidRangeArray);

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

int err;

if (add) {

err = RouteController::addUsersToRejectNonSecureNetworkRule(uidRanges);

389

} else {

390

err = RouteController::removeUsersFromRejectNonSecureNetworkRule(uidRanges);

391

}

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

392

return statusFromErrcode(err);

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

393

}

394

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

395

binder::Status NetdNativeService::socketDestroy(const std::vector<UidRangeParcel>& uids,

396

const std::vector<int32_t>& skipUids) {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

397

ENFORCE_NETWORK_STACK_PERMISSIONS();

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

SockDiag sd;

if (!sd.open()) {

return binder::Status::fromServiceSpecificError(EIO,

402

String8("Could not open SOCK_DIAG socket"));

403

}

404

405

UidRanges uidRanges(uids);

Lorenzo Colitti

e5c3c99

2016-07-26 17:53:50 +0900

[diff] [blame]

406

int err = sd.destroySockets(uidRanges, std::set<uid_t>(skipUids.begin(), skipUids.end()),

407

true /* excludeLoopback */);

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

408

if (err) {

409

return binder::Status::fromServiceSpecificError(-err,

410

String8::format("destroySockets: %s", strerror(-err)));

411

}

Pierre Imai

beedec3

2016-04-13 06:44:51 +0900

[diff] [blame]

412

return binder::Status::ok();

413

}

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

414

Erik Kline

f48e4dd

2016-07-18 04:02:07 +0900

[diff] [blame]

415

binder::Status NetdNativeService::tetherApplyDnsInterfaces(bool *ret) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

416

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Erik Kline

f48e4dd

2016-07-18 04:02:07 +0900

[diff] [blame]

417

*ret = gCtls->tetherCtrl.applyDnsInterfaces();

418

return binder::Status::ok();

419

}

420

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

421

namespace {

422

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

423

void tetherAddStatsByInterface(TetherController::TetherStats* tetherStatsParcel,

424

const TetherController::TetherStats& tetherStats) {

425

if (tetherStatsParcel->extIface == tetherStats.extIface) {

426

tetherStatsParcel->rxBytes += tetherStats.rxBytes;

427

tetherStatsParcel->rxPackets += tetherStats.rxPackets;

428

tetherStatsParcel->txBytes += tetherStats.txBytes;

429

tetherStatsParcel->txPackets += tetherStats.txPackets;

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

430

}

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

431

}

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

432

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

433

TetherStatsParcel toTetherStatsParcel(const TetherController::TetherStats& stats) {

434

TetherStatsParcel result;

435

result.iface = stats.extIface;

436

result.rxBytes = stats.rxBytes;

437

result.rxPackets = stats.rxPackets;

438

result.txBytes = stats.txBytes;

439

result.txPackets = stats.txPackets;

440

return result;

441

}

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

442

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

443

void setTetherStatsParcelVecByInterface(std::vector<TetherStatsParcel>* tetherStatsVec,

444

const TetherController::TetherStatsList& statsList) {

445

std::map<std::string, TetherController::TetherStats> statsMap;

446

for (const auto& stats : statsList) {

447

auto iter = statsMap.find(stats.extIface);

448

if (iter != statsMap.end()) {

449

tetherAddStatsByInterface(&(iter->second), stats);

450

} else {

451

statsMap.insert(

452

std::pair<std::string, TetherController::TetherStats>(stats.extIface, stats));

453

}

454

}

455

for (auto iter = statsMap.begin(); iter != statsMap.end(); iter++) {

456

tetherStatsVec->push_back(toTetherStatsParcel(iter->second));

}

}

std::vector<std::string> tetherStatsParcelVecToStringVec(std::vector<TetherStatsParcel>* tVec) {

461

std::vector<std::string> result;

462

for (const auto& t : *tVec) {

463

result.push_back(StringPrintf("%s:%" PRId64 ",%" PRId64 ",%" PRId64 ",%" PRId64,

464

t.iface.c_str(), t.rxBytes, t.rxPackets, t.txBytes,

465

t.txPackets));

466

}

467

return result;

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

}

} // namespace

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

472

binder::Status NetdNativeService::tetherGetStats(

473

std::vector<TetherStatsParcel>* tetherStatsParcelVec) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

474

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Lorenzo Colitti

5192bf7

2017-09-04 13:30:59 +0900

[diff] [blame]

475

const auto& statsList = gCtls->tetherCtrl.getTetherStats();

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

476

if (!isOk(statsList)) {

Nathan Harold

2018-03-16 19:02:47 -0700

[diff] [blame]

477

return asBinderStatus(statsList);

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

478

}

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

479

setTetherStatsParcelVecByInterface(tetherStatsParcelVec, statsList.value());

480

auto statsResults = tetherStatsParcelVecToStringVec(tetherStatsParcelVec);

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

481

return binder::Status::ok();

482

}

483

Erik Kline

53c2088

2016-08-02 15:22:53 +0900

[diff] [blame]

484

binder::Status NetdNativeService::interfaceAddAddress(const std::string &ifName,

485

const std::string &addrString, int prefixLength) {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

486

ENFORCE_NETWORK_STACK_PERMISSIONS();

Erik Kline

53c2088

2016-08-02 15:22:53 +0900

[diff] [blame]

487

const int err = InterfaceController::addAddress(

488

ifName.c_str(), addrString.c_str(), prefixLength);

489

if (err != 0) {

490

return binder::Status::fromServiceSpecificError(-err,

491

String8::format("InterfaceController error: %s", strerror(-err)));

492

}

493

return binder::Status::ok();

494

}

495

496

binder::Status NetdNativeService::interfaceDelAddress(const std::string &ifName,

497

const std::string &addrString, int prefixLength) {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

498

ENFORCE_NETWORK_STACK_PERMISSIONS();

Erik Kline

53c2088

2016-08-02 15:22:53 +0900

[diff] [blame]

499

const int err = InterfaceController::delAddress(

500

ifName.c_str(), addrString.c_str(), prefixLength);

501

if (err != 0) {

502

return binder::Status::fromServiceSpecificError(-err,

503

String8::format("InterfaceController error: %s", strerror(-err)));

504

}

505

return binder::Status::ok();

506

}

507

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

508

namespace {

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

509

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

510

std::tuple<binder::Status, const char*, const char*> getPathComponents(int32_t ipversion,

511

int32_t category) {

512

const char* ipversionStr = nullptr;

513

switch (ipversion) {

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

514

case INetd::IPV4:

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

515

ipversionStr = "ipv4";

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

516

break;

517

case INetd::IPV6:

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

518

ipversionStr = "ipv6";

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

519

break;

520

default:

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

521

return {binder::Status::fromServiceSpecificError(EAFNOSUPPORT, "Bad IP version"),

522

nullptr, nullptr};

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

523

}

524

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

525

const char* whichStr = nullptr;

526

switch (category) {

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

case INetd::CONF:

whichStr = "conf";

break;

case INetd::NEIGH:

whichStr = "neigh";

break;

default:

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

534

return {binder::Status::fromServiceSpecificError(EINVAL, "Bad category"), nullptr,

535

nullptr};

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

536

}

537

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

538

return {binder::Status::ok(), ipversionStr, whichStr};

}

} // namespace

binder::Status NetdNativeService::getProcSysNet(int32_t ipversion, int32_t which,

544

const std::string& ifname,

545

const std::string& parameter, std::string* value) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

546

ENFORCE_NETWORK_STACK_PERMISSIONS();

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

547

const auto pathParts = getPathComponents(ipversion, which);

548

const auto& pathStatus = std::get<0>(pathParts);

549

if (!pathStatus.isOk()) {

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

550

return pathStatus;

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

551

}

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

552

553

const int err = InterfaceController::getParameter(std::get<1>(pathParts),

554

std::get<2>(pathParts), ifname.c_str(),

555

parameter.c_str(), value);

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

556

return statusFromErrcode(err);

557

}

558

559

binder::Status NetdNativeService::setProcSysNet(int32_t ipversion, int32_t which,

560

const std::string& ifname,

561

const std::string& parameter,

562

const std::string& value) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

563

ENFORCE_NETWORK_STACK_PERMISSIONS();

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

564

const auto pathParts = getPathComponents(ipversion, which);

565

const auto& pathStatus = std::get<0>(pathParts);

566

if (!pathStatus.isOk()) {

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

return pathStatus;

}

const int err = InterfaceController::setParameter(std::get<1>(pathParts),

571

std::get<2>(pathParts), ifname.c_str(),

572

parameter.c_str(), value.c_str());

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

573

return statusFromErrcode(err);

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

574

}

575

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

576

binder::Status NetdNativeService::ipSecSetEncapSocketOwner(const ParcelFileDescriptor& socket,

577

int newUid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

578

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

b2daefb

2017-12-06 22:05:46 -0800

[diff] [blame]

579

580

uid_t callerUid = IPCThreadState::self()->getCallingUid();

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

581

return asBinderStatus(

582

gCtls->xfrmCtrl.ipSecSetEncapSocketOwner(socket.get(), newUid, callerUid));

Benedict Wong

b2daefb

2017-12-06 22:05:46 -0800

[diff] [blame]

583

}

584

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

585

binder::Status NetdNativeService::ipSecAllocateSpi(

586

int32_t transformId,

Nathan Harold

da54f12

2018-01-09 16:42:57 -0800

[diff] [blame]

587

const std::string& sourceAddress,

588

const std::string& destinationAddress,

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

589

int32_t inSpi,

590

int32_t* outSpi) {

591

// Necessary locking done in IpSecService and kernel

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

592

ENFORCE_NETWORK_STACK_PERMISSIONS();

ludi

2017-08-14 14:40:37 -0700

[diff] [blame]

593

return asBinderStatus(gCtls->xfrmCtrl.ipSecAllocateSpi(

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

594

transformId,

Nathan Harold

da54f12

2018-01-09 16:42:57 -0800

[diff] [blame]

595

sourceAddress,

596

destinationAddress,

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

inSpi,

outSpi));

}

binder::Status NetdNativeService::ipSecAddSecurityAssociation(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

602

int32_t transformId, int32_t mode, const std::string& sourceAddress,

603

const std::string& destinationAddress, int32_t underlyingNetId, int32_t spi,

604

int32_t markValue, int32_t markMask, const std::string& authAlgo,

605

const std::vector<uint8_t>& authKey, int32_t authTruncBits, const std::string& cryptAlgo,

606

const std::vector<uint8_t>& cryptKey, int32_t cryptTruncBits, const std::string& aeadAlgo,

607

const std::vector<uint8_t>& aeadKey, int32_t aeadIcvBits, int32_t encapType,

608

int32_t encapLocalPort, int32_t encapRemotePort, int32_t interfaceId) {

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

609

// Necessary locking done in IpSecService and kernel

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

610

ENFORCE_NETWORK_STACK_PERMISSIONS();

ludi

2017-08-14 14:40:37 -0700

[diff] [blame]

611

return asBinderStatus(gCtls->xfrmCtrl.ipSecAddSecurityAssociation(

Benedict Wong

ad600cb

2018-05-14 17:22:35 -0700

[diff] [blame]

612

transformId, mode, sourceAddress, destinationAddress, underlyingNetId, spi, markValue,

613

markMask, authAlgo, authKey, authTruncBits, cryptAlgo, cryptKey, cryptTruncBits,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

614

aeadAlgo, aeadKey, aeadIcvBits, encapType, encapLocalPort, encapRemotePort,

615

interfaceId));

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

616

}

617

618

binder::Status NetdNativeService::ipSecDeleteSecurityAssociation(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

619

int32_t transformId, const std::string& sourceAddress,

620

const std::string& destinationAddress, int32_t spi, int32_t markValue, int32_t markMask,

621

int32_t interfaceId) {

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

622

// Necessary locking done in IpSecService and kernel

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

623

ENFORCE_NETWORK_STACK_PERMISSIONS();

ludi

2017-08-14 14:40:37 -0700

[diff] [blame]

624

return asBinderStatus(gCtls->xfrmCtrl.ipSecDeleteSecurityAssociation(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

625

transformId, sourceAddress, destinationAddress, spi, markValue, markMask, interfaceId));

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

626

}

627

628

binder::Status NetdNativeService::ipSecApplyTransportModeTransform(

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

629

const ParcelFileDescriptor& socket, int32_t transformId, int32_t direction,

630

const std::string& sourceAddress, const std::string& destinationAddress, int32_t spi) {

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

631

// Necessary locking done in IpSecService and kernel

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

632

ENFORCE_NETWORK_STACK_PERMISSIONS();

ludi

2017-08-14 14:40:37 -0700

[diff] [blame]

633

return asBinderStatus(gCtls->xfrmCtrl.ipSecApplyTransportModeTransform(

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

634

socket.get(), transformId, direction, sourceAddress, destinationAddress, spi));

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

635

}

636

637

binder::Status NetdNativeService::ipSecRemoveTransportModeTransform(

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

638

const ParcelFileDescriptor& socket) {

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

639

// Necessary locking done in IpSecService and kernel

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

640

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

641

return asBinderStatus(gCtls->xfrmCtrl.ipSecRemoveTransportModeTransform(socket.get()));

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

642

}

643

Benedict Wong

2018-05-09 21:42:42 -0700

[diff] [blame]

644

binder::Status NetdNativeService::ipSecAddSecurityPolicy(int32_t transformId, int32_t selAddrFamily,

645

int32_t direction,

Benedict Wong

ad600cb

2018-05-14 17:22:35 -0700

[diff] [blame]

646

const std::string& tmplSrcAddress,

647

const std::string& tmplDstAddress,

648

int32_t spi, int32_t markValue,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

649

int32_t markMask, int32_t interfaceId) {

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

650

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

651

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

652

return asBinderStatus(gCtls->xfrmCtrl.ipSecAddSecurityPolicy(

Benedict Wong

2018-05-09 21:42:42 -0700

[diff] [blame]

653

transformId, selAddrFamily, direction, tmplSrcAddress, tmplDstAddress, spi, markValue,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

654

markMask, interfaceId));

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

655

}

656

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

657

binder::Status NetdNativeService::ipSecUpdateSecurityPolicy(

658

int32_t transformId, int32_t selAddrFamily, int32_t direction,

659

const std::string& tmplSrcAddress, const std::string& tmplDstAddress, int32_t spi,

660

int32_t markValue, int32_t markMask, int32_t interfaceId) {

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

661

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

662

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

663

return asBinderStatus(gCtls->xfrmCtrl.ipSecUpdateSecurityPolicy(

Benedict Wong

2018-05-09 21:42:42 -0700

[diff] [blame]

664

transformId, selAddrFamily, direction, tmplSrcAddress, tmplDstAddress, spi, markValue,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

665

markMask, interfaceId));

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

666

}

667

Benedict Wong

2018-05-09 21:42:42 -0700

[diff] [blame]

668

binder::Status NetdNativeService::ipSecDeleteSecurityPolicy(int32_t transformId,

669

int32_t selAddrFamily,

670

int32_t direction, int32_t markValue,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

671

int32_t markMask, int32_t interfaceId) {

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

672

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

673

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

674

return asBinderStatus(gCtls->xfrmCtrl.ipSecDeleteSecurityPolicy(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

675

transformId, selAddrFamily, direction, markValue, markMask, interfaceId));

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

676

}

677

Benedict Wong

2018-05-15 17:06:44 -0700

[diff] [blame]

678

binder::Status NetdNativeService::ipSecAddTunnelInterface(const std::string& deviceName,

679

const std::string& localAddress,

680

const std::string& remoteAddress,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

681

int32_t iKey, int32_t oKey,

682

int32_t interfaceId) {

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

683

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

684

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

2018-05-15 17:06:44 -0700

[diff] [blame]

685

netdutils::Status result = gCtls->xfrmCtrl.ipSecAddTunnelInterface(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

686

deviceName, localAddress, remoteAddress, iKey, oKey, interfaceId, false);

Benedict Wong

2018-05-15 17:06:44 -0700

[diff] [blame]

687

return binder::Status::ok();

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

688

}

689

Benedict Wong

2018-05-15 17:06:44 -0700

[diff] [blame]

690

binder::Status NetdNativeService::ipSecUpdateTunnelInterface(const std::string& deviceName,

691

const std::string& localAddress,

692

const std::string& remoteAddress,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

693

int32_t iKey, int32_t oKey,

694

int32_t interfaceId) {

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

695

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

696

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

2018-05-15 17:06:44 -0700

[diff] [blame]

697

netdutils::Status result = gCtls->xfrmCtrl.ipSecAddTunnelInterface(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

698

deviceName, localAddress, remoteAddress, iKey, oKey, interfaceId, true);

Benedict Wong

2018-05-15 17:06:44 -0700

[diff] [blame]

699

return binder::Status::ok();

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

700

}

701

Benedict Wong

2018-05-15 17:06:44 -0700

[diff] [blame]

702

binder::Status NetdNativeService::ipSecRemoveTunnelInterface(const std::string& deviceName) {

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

703

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

704

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

2018-05-15 17:06:44 -0700

[diff] [blame]

705

netdutils::Status result = gCtls->xfrmCtrl.ipSecRemoveTunnelInterface(deviceName);

Benedict Wong

2018-05-15 17:06:44 -0700

[diff] [blame]

706

return binder::Status::ok();

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

707

}

708

Joel Scherpelz

de93796

2017-06-01 13:20:21 +0900

[diff] [blame]

709

binder::Status NetdNativeService::setIPv6AddrGenMode(const std::string& ifName,

710

int32_t mode) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

711

ENFORCE_NETWORK_STACK_PERMISSIONS();

Nathan Harold

2018-03-16 19:02:47 -0700

[diff] [blame]

712

return asBinderStatus(InterfaceController::setIPv6AddrGenMode(ifName, mode));

Joel Scherpelz

de93796

2017-06-01 13:20:21 +0900

[diff] [blame]

713

}

714

Joel Scherpelz

08b84cd

2017-05-22 13:11:54 +0900

[diff] [blame]

715

binder::Status NetdNativeService::wakeupAddInterface(const std::string& ifName,

716

const std::string& prefix, int32_t mark,

717

int32_t mask) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

718

ENFORCE_NETWORK_STACK_PERMISSIONS();

Nathan Harold

2018-03-16 19:02:47 -0700

[diff] [blame]

719

return asBinderStatus(gCtls->wakeupCtrl.addInterface(ifName, prefix, mark, mask));

Joel Scherpelz

08b84cd

2017-05-22 13:11:54 +0900

[diff] [blame]

720

}

721

722

binder::Status NetdNativeService::wakeupDelInterface(const std::string& ifName,

723

const std::string& prefix, int32_t mark,

724

int32_t mask) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

725

ENFORCE_NETWORK_STACK_PERMISSIONS();

Nathan Harold

2018-03-16 19:02:47 -0700

[diff] [blame]

726

return asBinderStatus(gCtls->wakeupCtrl.delInterface(ifName, prefix, mark, mask));

Joel Scherpelz

08b84cd

2017-05-22 13:11:54 +0900

[diff] [blame]

727

}

728

Chenbo Feng

873ae14

2019-04-10 12:26:06 -0700

[diff] [blame]

729

binder::Status NetdNativeService::trafficSwapActiveStatsMap() {

730

ENFORCE_NETWORK_STACK_PERMISSIONS();

731

return asBinderStatus(gCtls->trafficCtrl.swapActiveStatsMap());

732

}

733

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

734

binder::Status NetdNativeService::idletimerAddInterface(const std::string& ifName, int32_t timeout,

735

const std::string& classLabel) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

736

NETD_LOCKING_RPC(gCtls->idletimerCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

737

int res =

738

gCtls->idletimerCtrl.addInterfaceIdletimer(ifName.c_str(), timeout, classLabel.c_str());

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

739

return statusFromErrcode(res);

740

}

741

742

binder::Status NetdNativeService::idletimerRemoveInterface(const std::string& ifName,

743

int32_t timeout,

744

const std::string& classLabel) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

745

NETD_LOCKING_RPC(gCtls->idletimerCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

746

int res = gCtls->idletimerCtrl.removeInterfaceIdletimer(ifName.c_str(), timeout,

747

classLabel.c_str());

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

748

return statusFromErrcode(res);

749

}

Luke Huang

2018-07-17 19:58:25 +0800

[diff] [blame]

750

751

binder::Status NetdNativeService::strictUidCleartextPenalty(int32_t uid, int32_t policyPenalty) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

752

NETD_LOCKING_RPC(gCtls->strictCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-17 19:58:25 +0800

[diff] [blame]

753

StrictPenalty penalty;

754

switch (policyPenalty) {

755

case INetd::PENALTY_POLICY_REJECT:

756

penalty = REJECT;

757

break;

758

case INetd::PENALTY_POLICY_LOG:

759

penalty = LOG;

760

break;

761

case INetd::PENALTY_POLICY_ACCEPT:

penalty = ACCEPT;

break;

default:

return statusFromErrcode(-EINVAL);

766

break;

767

}

768

int res = gCtls->strictCtrl.setUidCleartextPenalty((uid_t) uid, penalty);

Luke Huang

2018-07-17 19:58:25 +0800

[diff] [blame]

769

return statusFromErrcode(res);

770

}

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

771

Lorenzo Colitti

7ef8c0f

2019-01-11 22:34:58 +0900

[diff] [blame]

772

binder::Status NetdNativeService::clatdStart(const std::string& ifName,

773

const std::string& nat64Prefix, std::string* v6Addr) {

Maciej Żenczykowski

5628027

2019-03-30 03:32:51 -0700

[diff] [blame]

774

ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Lorenzo Colitti

7ef8c0f

2019-01-11 22:34:58 +0900

[diff] [blame]

775

int res = gCtls->clatdCtrl.startClatd(ifName.c_str(), nat64Prefix, v6Addr);

Luke Huang

6d30123

2018-08-01 14:05:18 +0800

[diff] [blame]

776

return statusFromErrcode(res);

777

}

778

779

binder::Status NetdNativeService::clatdStop(const std::string& ifName) {

Maciej Żenczykowski

5628027

2019-03-30 03:32:51 -0700

[diff] [blame]

780

ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

6d30123

2018-08-01 14:05:18 +0800

[diff] [blame]

781

int res = gCtls->clatdCtrl.stopClatd(ifName.c_str());

Luke Huang

6d30123

2018-08-01 14:05:18 +0800

[diff] [blame]

782

return statusFromErrcode(res);

783

}

Luke Huang

2018-07-17 19:58:25 +0800

[diff] [blame]

784

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

785

binder::Status NetdNativeService::ipfwdEnabled(bool* status) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

786

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

728cf4c

2019-03-14 19:43:02 +0800

[diff] [blame]

787

*status = (gCtls->tetherCtrl.getIpfwdRequesterList().size() > 0) ? true : false;

788

return binder::Status::ok();

789

}

790

791

binder::Status NetdNativeService::ipfwdGetRequesterList(std::vector<std::string>* requesterList) {

792

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

793

for (const auto& requester : gCtls->tetherCtrl.getIpfwdRequesterList()) {

794

requesterList->push_back(requester);

795

}

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

796

return binder::Status::ok();

797

}

798

799

binder::Status NetdNativeService::ipfwdEnableForwarding(const std::string& requester) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

800

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

801

int res = (gCtls->tetherCtrl.enableForwarding(requester.c_str())) ? 0 : -EREMOTEIO;

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

802

return statusFromErrcode(res);

803

}

804

805

binder::Status NetdNativeService::ipfwdDisableForwarding(const std::string& requester) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

806

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

807

int res = (gCtls->tetherCtrl.disableForwarding(requester.c_str())) ? 0 : -EREMOTEIO;

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

808

return statusFromErrcode(res);

809

}

810

811

binder::Status NetdNativeService::ipfwdAddInterfaceForward(const std::string& fromIface,

812

const std::string& toIface) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

813

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

814

int res = RouteController::enableTethering(fromIface.c_str(), toIface.c_str());

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

815

return statusFromErrcode(res);

816

}

817

818

binder::Status NetdNativeService::ipfwdRemoveInterfaceForward(const std::string& fromIface,

819

const std::string& toIface) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

820

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

821

int res = RouteController::disableTethering(fromIface.c_str(), toIface.c_str());

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

822

return statusFromErrcode(res);

823

}

824

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

825

namespace {

Automerger Merge Worker

2020-03-05 10:29:36 +0000

[diff] [blame^]

826

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

827

std::string addCurlyBrackets(const std::string& s) {

828

return "{" + s + "}";

829

}

830

831

} // namespace

Xiao Ma

2018-12-16 16:27:38 +0900

[diff] [blame]

832

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

833

binder::Status NetdNativeService::interfaceGetList(std::vector<std::string>* interfaceListResult) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

834

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

835

const auto& ifaceList = InterfaceController::getIfaceNames();

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

836

837

interfaceListResult->clear();

838

interfaceListResult->reserve(ifaceList.value().size());

839

interfaceListResult->insert(end(*interfaceListResult), begin(ifaceList.value()),

840

end(ifaceList.value()));

841

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

842

return binder::Status::ok();

843

}

844

845

std::string interfaceConfigurationParcelToString(const InterfaceConfigurationParcel& cfg) {

846

std::vector<std::string> result{cfg.ifName, cfg.hwAddr, cfg.ipv4Addr,

847

std::to_string(cfg.prefixLength)};

848

result.insert(end(result), begin(cfg.flags), end(cfg.flags));

849

return addCurlyBrackets(base::Join(result, ", "));

850

}

851

852

binder::Status NetdNativeService::interfaceGetCfg(

853

const std::string& ifName, InterfaceConfigurationParcel* interfaceGetCfgResult) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

854

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

855

auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);

856

857

const auto& cfgRes = InterfaceController::getCfg(ifName);

858

RETURN_BINDER_STATUS_IF_NOT_OK(entry, cfgRes);

859

860

*interfaceGetCfgResult = cfgRes.value();

861

gLog.log(entry.returns(interfaceConfigurationParcelToString(*interfaceGetCfgResult))

862

.withAutomaticDuration());

863

return binder::Status::ok();

864

}

865

866

binder::Status NetdNativeService::interfaceSetCfg(const InterfaceConfigurationParcel& cfg) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

867

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

868

auto entry = gLog.newEntry()

869

.prettyFunction(__PRETTY_FUNCTION__)

870

.arg(interfaceConfigurationParcelToString(cfg));

871

872

const auto& res = InterfaceController::setCfg(cfg);

873

RETURN_BINDER_STATUS_IF_NOT_OK(entry, res);

874

875

gLog.log(entry.withAutomaticDuration());

876

return binder::Status::ok();

877

}

878

879

binder::Status NetdNativeService::interfaceSetIPv6PrivacyExtensions(const std::string& ifName,

880

bool enable) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

881

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

882

int res = InterfaceController::setIPv6PrivacyExtensions(ifName.c_str(), enable);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

883

return statusFromErrcode(res);

884

}

885

886

binder::Status NetdNativeService::interfaceClearAddrs(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

887

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

888

int res = InterfaceController::clearAddrs(ifName.c_str());

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

889

return statusFromErrcode(res);

890

}

891

892

binder::Status NetdNativeService::interfaceSetEnableIPv6(const std::string& ifName, bool enable) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

893

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

894

int res = InterfaceController::setEnableIPv6(ifName.c_str(), enable);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

895

return statusFromErrcode(res);

896

}

897

898

binder::Status NetdNativeService::interfaceSetMtu(const std::string& ifName, int32_t mtuValue) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

899

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

900

std::string mtu = std::to_string(mtuValue);

901

int res = InterfaceController::setMtu(ifName.c_str(), mtu.c_str());

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

902

return statusFromErrcode(res);

903

}

904

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

905

binder::Status NetdNativeService::tetherStart(const std::vector<std::string>& dhcpRanges) {

Chiachang Wang

2019-12-10 09:53:24 +0800

[diff] [blame]

906

TetherConfigParcel config;

907

config.usingLegacyDnsProxy = true;

908

config.dhcpRanges = dhcpRanges;

909

return tetherStartWithConfiguration(config);

Luke Huang

91bd3e1

2019-08-20 11:33:52 +0800

[diff] [blame]

910

}

911

Chiachang Wang

2019-12-10 09:53:24 +0800

[diff] [blame]

912

binder::Status NetdNativeService::tetherStartWithConfiguration(const TetherConfigParcel& config) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

913

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Chiachang Wang

2019-12-10 09:53:24 +0800

[diff] [blame]

914

if (config.dhcpRanges.size() % 2 == 1) {

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

915

return statusFromErrcode(-EINVAL);

916

}

Chiachang Wang

2019-12-10 09:53:24 +0800

[diff] [blame]

917

// TODO: Pass TetherConfigParcel directly.

918

int res = gCtls->tetherCtrl.startTethering(config.usingLegacyDnsProxy, config.dhcpRanges);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

919

return statusFromErrcode(res);

920

}

921

922

binder::Status NetdNativeService::tetherStop() {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

923

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

924

int res = gCtls->tetherCtrl.stopTethering();

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

925

return statusFromErrcode(res);

926

}

927

928

binder::Status NetdNativeService::tetherIsEnabled(bool* enabled) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

929

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

930

*enabled = gCtls->tetherCtrl.isTetheringStarted();

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

931

return binder::Status::ok();

932

}

933

934

binder::Status NetdNativeService::tetherInterfaceAdd(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

935

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

936

int res = gCtls->tetherCtrl.tetherInterface(ifName.c_str());

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

937

return statusFromErrcode(res);

938

}

939

940

binder::Status NetdNativeService::tetherInterfaceRemove(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

941

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

942

int res = gCtls->tetherCtrl.untetherInterface(ifName.c_str());

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

943

return statusFromErrcode(res);

944

}

945

946

binder::Status NetdNativeService::tetherInterfaceList(std::vector<std::string>* ifList) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

947

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

948

for (const auto& ifname : gCtls->tetherCtrl.getTetheredInterfaceList()) {

949

ifList->push_back(ifname);

950

}

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

951

return binder::Status::ok();

952

}

953

954

binder::Status NetdNativeService::tetherDnsSet(int32_t netId,

955

const std::vector<std::string>& dnsAddrs) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

956

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

957

int res = gCtls->tetherCtrl.setDnsForwarders(netId, dnsAddrs);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

958

return statusFromErrcode(res);

959

}

960

961

binder::Status NetdNativeService::tetherDnsList(std::vector<std::string>* dnsList) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

962

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

963

for (const auto& fwdr : gCtls->tetherCtrl.getDnsForwarders()) {

964

dnsList->push_back(fwdr);

965

}

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

966

return binder::Status::ok();

967

}

968

Tyler Wear

fa94a27

2019-12-05 15:01:48 -0800

[diff] [blame]

969

binder::Status NetdNativeService::networkAddRouteParcel(int32_t netId,

970

const RouteInfoParcel& route) {

971

// Public methods of NetworkController are thread-safe.

972

ENFORCE_NETWORK_STACK_PERMISSIONS();

973

bool legacy = false;

974

uid_t uid = 0; // UID is only meaningful for legacy routes.

975

976

// convert Parcel to parameters

977

int res = gCtls->netCtrl.addRoute(netId, route.ifName.c_str(), route.destination.c_str(),

978

route.nextHop.empty() ? nullptr : route.nextHop.c_str(),

979

legacy, uid, route.mtu);

980

return statusFromErrcode(res);

981

}

982

983

binder::Status NetdNativeService::networkUpdateRouteParcel(int32_t netId,

984

const RouteInfoParcel& route) {

985

// Public methods of NetworkController are thread-safe.

986

ENFORCE_NETWORK_STACK_PERMISSIONS();

987

bool legacy = false;

988

uid_t uid = 0; // UID is only meaningful for legacy routes.

989

990

// convert Parcel to parameters

991

int res = gCtls->netCtrl.updateRoute(netId, route.ifName.c_str(), route.destination.c_str(),

992

route.nextHop.empty() ? nullptr : route.nextHop.c_str(),

993

legacy, uid, route.mtu);

994

return statusFromErrcode(res);

995

}

996

997

binder::Status NetdNativeService::networkRemoveRouteParcel(int32_t netId,

998

const RouteInfoParcel& route) {

999

return networkRemoveRoute(netId, route.ifName, route.destination, route.nextHop);

1000

}

1001

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1002

binder::Status NetdNativeService::networkAddRoute(int32_t netId, const std::string& ifName,

1003

const std::string& destination,

1004

const std::string& nextHop) {

1005

// Public methods of NetworkController are thread-safe.

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1006

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1007

bool legacy = false;

1008

uid_t uid = 0; // UID is only meaningful for legacy routes.

1009

int res = gCtls->netCtrl.addRoute(netId, ifName.c_str(), destination.c_str(),

Tyler Wear

fa94a27

2019-12-05 15:01:48 -0800

[diff] [blame]

1010

nextHop.empty() ? nullptr : nextHop.c_str(), legacy, uid, 0);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1011

return statusFromErrcode(res);

1012

}

1013

1014

binder::Status NetdNativeService::networkRemoveRoute(int32_t netId, const std::string& ifName,

1015

const std::string& destination,

1016

const std::string& nextHop) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1017

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1018

bool legacy = false;

1019

uid_t uid = 0; // UID is only meaningful for legacy routes.

1020

int res = gCtls->netCtrl.removeRoute(netId, ifName.c_str(), destination.c_str(),

1021

nextHop.empty() ? nullptr : nextHop.c_str(), legacy, uid);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1022

return statusFromErrcode(res);

1023

}

1024

1025

binder::Status NetdNativeService::networkAddLegacyRoute(int32_t netId, const std::string& ifName,

1026

const std::string& destination,

1027

const std::string& nextHop, int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1028

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1029

bool legacy = true;

1030

int res = gCtls->netCtrl.addRoute(netId, ifName.c_str(), destination.c_str(),

1031

nextHop.empty() ? nullptr : nextHop.c_str(), legacy,

Tyler Wear

fa94a27

2019-12-05 15:01:48 -0800

[diff] [blame]

1032

(uid_t)uid, 0);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1033

return statusFromErrcode(res);

1034

}

1035

1036

binder::Status NetdNativeService::networkRemoveLegacyRoute(int32_t netId, const std::string& ifName,

1037

const std::string& destination,

1038

const std::string& nextHop,

1039

int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1040

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1041

bool legacy = true;

1042

int res = gCtls->netCtrl.removeRoute(netId, ifName.c_str(), destination.c_str(),

1043

nextHop.empty() ? nullptr : nextHop.c_str(), legacy,

1044

(uid_t) uid);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1045

return statusFromErrcode(res);

1046

}

1047

1048

binder::Status NetdNativeService::networkGetDefault(int32_t* netId) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1049

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1050

*netId = gCtls->netCtrl.getDefaultNetwork();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1051

return binder::Status::ok();

1052

}

1053

1054

binder::Status NetdNativeService::networkSetDefault(int32_t netId) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1055

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1056

int res = gCtls->netCtrl.setDefaultNetwork(netId);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1057

return statusFromErrcode(res);

1058

}

1059

1060

binder::Status NetdNativeService::networkClearDefault() {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1061

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1062

unsigned netId = NETID_UNSET;

1063

int res = gCtls->netCtrl.setDefaultNetwork(netId);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1064

return statusFromErrcode(res);

1065

}

1066

1067

std::vector<uid_t> NetdNativeService::intsToUids(const std::vector<int32_t>& intUids) {

1068

return {begin(intUids), end(intUids)};

1069

}

1070

1071

Permission NetdNativeService::convertPermission(int32_t permission) {

1072

switch (permission) {

1073

case INetd::PERMISSION_NETWORK:

1074

return Permission::PERMISSION_NETWORK;

1075

case INetd::PERMISSION_SYSTEM:

1076

return Permission::PERMISSION_SYSTEM;

1077

default:

1078

return Permission::PERMISSION_NONE;

}

}

binder::Status NetdNativeService::networkSetPermissionForNetwork(int32_t netId,

1083

int32_t permission) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1084

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1085

std::vector<unsigned> netIds = {(unsigned) netId};

1086

int res = gCtls->netCtrl.setPermissionForNetworks(convertPermission(permission), netIds);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1087

return statusFromErrcode(res);

1088

}

1089

1090

binder::Status NetdNativeService::networkSetPermissionForUser(int32_t permission,

1091

const std::vector<int32_t>& uids) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1092

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1093

gCtls->netCtrl.setPermissionForUsers(convertPermission(permission), intsToUids(uids));

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1094

return binder::Status::ok();

1095

}

1096

1097

binder::Status NetdNativeService::networkClearPermissionForUser(const std::vector<int32_t>& uids) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1098

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1099

Permission permission = Permission::PERMISSION_NONE;

1100

gCtls->netCtrl.setPermissionForUsers(permission, intsToUids(uids));

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1101

return binder::Status::ok();

1102

}

1103

1104

binder::Status NetdNativeService::NetdNativeService::networkSetProtectAllow(int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1105

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1106

std::vector<uid_t> uids = {(uid_t) uid};

1107

gCtls->netCtrl.allowProtect(uids);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1108

return binder::Status::ok();

1109

}

1110

1111

binder::Status NetdNativeService::networkSetProtectDeny(int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1112

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1113

std::vector<uid_t> uids = {(uid_t) uid};

1114

gCtls->netCtrl.denyProtect(uids);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1115

return binder::Status::ok();

1116

}

1117

1118

binder::Status NetdNativeService::networkCanProtect(int32_t uid, bool* ret) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1119

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1120

*ret = gCtls->netCtrl.canProtect((uid_t) uid);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1121

return binder::Status::ok();

1122

}

1123

Chenbo Feng

48eaed3

2018-12-26 17:40:21 -0800

[diff] [blame]

1124

binder::Status NetdNativeService::trafficSetNetPermForUids(int32_t permission,

1125

const std::vector<int32_t>& uids) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1126

ENFORCE_NETWORK_STACK_PERMISSIONS();

Chenbo Feng

48eaed3

2018-12-26 17:40:21 -0800

[diff] [blame]

1127

gCtls->trafficCtrl.setPermissionForUids(permission, intsToUids(uids));

Chenbo Feng

48eaed3

2018-12-26 17:40:21 -0800

[diff] [blame]

1128

return binder::Status::ok();

1129

}

1130

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1131

binder::Status NetdNativeService::firewallSetFirewallType(int32_t firewallType) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1132

NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1133

auto type = static_cast<FirewallType>(firewallType);

1134

1135

int res = gCtls->firewallCtrl.setFirewallType(type);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1136

return statusFromErrcode(res);

1137

}

1138

1139

binder::Status NetdNativeService::firewallSetInterfaceRule(const std::string& ifName,

1140

int32_t firewallRule) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1141

NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1142

auto rule = static_cast<FirewallRule>(firewallRule);

1143

1144

int res = gCtls->firewallCtrl.setInterfaceRule(ifName.c_str(), rule);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1145

return statusFromErrcode(res);

1146

}

1147

1148

binder::Status NetdNativeService::firewallSetUidRule(int32_t childChain, int32_t uid,

1149

int32_t firewallRule) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1150

NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1151

auto chain = static_cast<ChildChain>(childChain);

1152

auto rule = static_cast<FirewallRule>(firewallRule);

1153

1154

int res = gCtls->firewallCtrl.setUidRule(chain, uid, rule);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1155

return statusFromErrcode(res);

1156

}

1157

1158

binder::Status NetdNativeService::firewallEnableChildChain(int32_t childChain, bool enable) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1159

NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1160

auto chain = static_cast<ChildChain>(childChain);

1161

1162

int res = gCtls->firewallCtrl.enableChildChains(chain, enable);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1163

return statusFromErrcode(res);

1164

}

1165

Rubin Xu

ec27ff2

2019-01-08 21:33:03 +0000

[diff] [blame]

1166

binder::Status NetdNativeService::firewallAddUidInterfaceRules(const std::string& ifName,

1167

const std::vector<int32_t>& uids) {

1168

ENFORCE_NETWORK_STACK_PERMISSIONS();

1169

1170

return asBinderStatus(gCtls->trafficCtrl.addUidInterfaceRules(

1171

RouteController::getIfIndex(ifName.c_str()), uids));

1172

}

1173

1174

binder::Status NetdNativeService::firewallRemoveUidInterfaceRules(

1175

const std::vector<int32_t>& uids) {

1176

ENFORCE_NETWORK_STACK_PERMISSIONS();

1177

1178

return asBinderStatus(gCtls->trafficCtrl.removeUidInterfaceRules(uids));

1179

}

1180

Luke Huang

2018-10-22 12:12:05 +0900

[diff] [blame]

1181

binder::Status NetdNativeService::tetherAddForward(const std::string& intIface,

1182

const std::string& extIface) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1183

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-10-22 12:12:05 +0900

[diff] [blame]

1184

1185

int res = gCtls->tetherCtrl.enableNat(intIface.c_str(), extIface.c_str());

Luke Huang

2018-10-22 12:12:05 +0900

[diff] [blame]

1186

return statusFromErrcode(res);

1187

}

1188

1189

binder::Status NetdNativeService::tetherRemoveForward(const std::string& intIface,

1190

const std::string& extIface) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1191

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

ae038f8

2018-11-05 11:17:31 +0900

[diff] [blame]

1192

int res = gCtls->tetherCtrl.disableNat(intIface.c_str(), extIface.c_str());

Luke Huang

2018-10-22 12:12:05 +0900

[diff] [blame]

1193

return statusFromErrcode(res);

1194

}

1195

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1196

binder::Status NetdNativeService::setTcpRWmemorySize(const std::string& rmemValues,

1197

const std::string& wmemValues) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1198

ENFORCE_NETWORK_STACK_PERMISSIONS();

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1199

if (!WriteStringToFile(rmemValues, TCP_RMEM_PROC_FILE)) {

1200

int ret = -errno;

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1201

return statusFromErrcode(ret);

1202

}

1203

1204

if (!WriteStringToFile(wmemValues, TCP_WMEM_PROC_FILE)) {

1205

int ret = -errno;

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1206

return statusFromErrcode(ret);

1207

}

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1208

return binder::Status::ok();

1209

}

1210

Luke Huang

528af60

2018-08-29 19:06:05 +0800

[diff] [blame]

1211

binder::Status NetdNativeService::registerUnsolicitedEventListener(

1212

const android::sp<android::net::INetdUnsolicitedEventListener>& listener) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1213

ENFORCE_NETWORK_STACK_PERMISSIONS();

Bernie Innocenti

9ee088d

2019-02-01 17:14:32 +0900

[diff] [blame]

1214

gCtls->eventReporter.registerUnsolEventListener(listener);

Luke Huang

528af60

2018-08-29 19:06:05 +0800

[diff] [blame]

1215

return binder::Status::ok();

1216

}

1217

Luke Huang

e60bfd8

2019-04-26 11:39:31 +0800

[diff] [blame]

1218

binder::Status NetdNativeService::getOemNetd(android::sp<android::IBinder>* listener) {

1219

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

0e5e69d

2019-03-06 15:42:38 +0800

[diff] [blame]

1220

*listener = com::android::internal::net::OemNetdListener::getListener();

1221

Luke Huang

e60bfd8

2019-04-26 11:39:31 +0800

[diff] [blame]

1222

return binder::Status::ok();

1223

}

1224

Chiachang Wang

00fc62f

2019-12-04 20:38:26 +0800

[diff] [blame]

1225

binder::Status NetdNativeService::getFwmarkForNetwork(int32_t netId, MarkMaskParcel* markMask) {

1226

ENFORCE_NETWORK_STACK_PERMISSIONS();

1227

1228

Fwmark fwmark;

1229

fwmark.netId = netId;

1230

markMask->mask = FWMARK_NET_ID_MASK;

1231

markMask->mark = fwmark.intValue;

1232

return binder::Status::ok();

1233

}

1234

Lorenzo Colitti

e801d3c

2020-02-18 00:00:35 +0900

[diff] [blame]

1235

binder::Status NetdNativeService::tetherRuleAddDownstreamIpv6(

1236

int intIfaceIndex, int extIfaceIndex, const std::vector<uint8_t>& ipAddress,

1237

const std::vector<uint8_t>& srcL2Address, const std::vector<uint8_t>& dstL2Address) {

1238

ENFORCE_NETWORK_STACK_PERMISSIONS();

1239

1240

return asBinderStatus(gCtls->tetherCtrl.addDownstreamIpv6Rule(

1241

intIfaceIndex, extIfaceIndex, ipAddress, srcL2Address, dstL2Address));

1242

}

1243

1244

binder::Status NetdNativeService::tetherRuleRemoveDownstreamIpv6(

1245

int extIfaceIndex, const std::vector<uint8_t>& ipAddress) {

1246

ENFORCE_NETWORK_STACK_PERMISSIONS();

1247

1248

return asBinderStatus(gCtls->tetherCtrl.removeDownstreamIpv6Rule(extIfaceIndex, ipAddress));

1249

}

1250

Lorenzo Colitti