Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / 6e8eccdf229ff183755f5fda697d78a909496264 / . / server / NetdNativeService.cpp
blob: 3a4fbb9d0be20de7f95983a03723028fdd93e816 [file] [log] [blame]
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]1/**
2 * Copyright (c) 2016, The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#define LOG_TAG "Netd"
18
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]19#include <vector>
20
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]21#include <android-base/stringprintf.h>
22#include <cutils/log.h>
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]23#include <cutils/properties.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]24#include <utils/Errors.h>
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]25#include <utils/String16.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]26
27#include <binder/IPCThreadState.h>
28#include <binder/IServiceManager.h>
29#include "android/net/BnNetd.h"
30
Ben Schwartze7601812017-04-28 16:38:29 -0400[diff] [blame]31#include <openssl/base64.h>
32
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]33#include "Controllers.h"
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]34#include "DumpWriter.h"
Michal Karpinskid5440112016-10-06 16:56:04 +0100[diff] [blame]35#include "EventReporter.h"
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]36#include "InterfaceController.h"
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]37#include "NetdConstants.h"
38#include "NetdNativeService.h"
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]39#include "RouteController.h"
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]40#include "SockDiag.h"
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]41#include "UidRanges.h"
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]42
43using android::base::StringPrintf;
44
45namespace android {
46namespace net {
47
48namespace {
49
50const char CONNECTIVITY_INTERNAL[] = "android.permission.CONNECTIVITY_INTERNAL";
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]51const char NETWORK_STACK[] = "android.permission.NETWORK_STACK";
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]52const char DUMP[] = "android.permission.DUMP";
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]53
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]54binder::Status toBinderStatus(const netdutils::Status s) {
55 if (isOk(s)) {
56 return binder::Status::ok();
57 }
Joel Scherpelzde937962017-06-01 13:20:21 +0900[diff] [blame]58 return binder::Status::fromServiceSpecificError(s.code(), s.msg().c_str());
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]59}
60
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]61binder::Status checkPermission(const char *permission) {
62 pid_t pid;
63 uid_t uid;
64
65 if (checkCallingPermission(String16(permission), (int32_t *) &pid, (int32_t *) &uid)) {
66 return binder::Status::ok();
67 } else {
68 auto err = StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission);
69 return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str()));
70 }
71}
72
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]73#define ENFORCE_DEBUGGABLE() { \
74 char value[PROPERTY_VALUE_MAX + 1]; \
75 if (property_get("ro.debuggable", value, NULL) != 1 \
76 || value[0] != '1') { \
77 return binder::Status::fromExceptionCode( \
78 binder::Status::EX_SECURITY, \
79 String8("Not available in production builds.") \
80 ); \
81 } \
82}
83
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]84#define ENFORCE_PERMISSION(permission) { \
85 binder::Status status = checkPermission((permission)); \
86 if (!status.isOk()) { \
87 return status; \
88 } \
89}
90
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]91#define NETD_LOCKING_RPC(permission, lock) \
92 ENFORCE_PERMISSION(permission); \
93 android::RWLock::AutoWLock _lock(lock);
94
95#define NETD_BIG_LOCK_RPC(permission) NETD_LOCKING_RPC((permission), gBigNetdLock)
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]96} // namespace
97
98
Lorenzo Colittie4851de2016-03-17 13:23:28 +0900[diff] [blame]99status_t NetdNativeService::start() {
100 IPCThreadState::self()->disableBackgroundScheduling(true);
101 status_t ret = BinderService<NetdNativeService>::publish();
102 if (ret != android::OK) {
103 return ret;
104 }
105 sp<ProcessState> ps(ProcessState::self());
106 ps->startThreadPool();
107 ps->giveThreadPoolName();
108 return android::OK;
109}
110
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]111status_t NetdNativeService::dump(int fd, const Vector<String16> & /* args */) {
112 const binder::Status dump_permission = checkPermission(DUMP);
113 if (!dump_permission.isOk()) {
114 const String8 msg(dump_permission.toString8());
115 write(fd, msg.string(), msg.size());
116 return PERMISSION_DENIED;
117 }
118
119 // This method does not grab any locks. If individual classes need locking
120 // their dump() methods MUST handle locking appropriately.
121 DumpWriter dw(fd);
122 dw.blankline();
123 gCtls->netCtrl.dump(dw);
124 dw.blankline();
125
126 return NO_ERROR;
127}
128
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]129binder::Status NetdNativeService::isAlive(bool *alive) {
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]130 NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL);
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]131
132 *alive = true;
133 return binder::Status::ok();
134}
135
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]136binder::Status NetdNativeService::firewallReplaceUidChain(const android::String16& chainName,
137 bool isWhitelist, const std::vector<int32_t>& uids, bool *ret) {
138 NETD_LOCKING_RPC(CONNECTIVITY_INTERNAL, gCtls->firewallCtrl.lock);
139
140 android::String8 name = android::String8(chainName);
141 int err = gCtls->firewallCtrl.replaceUidChain(name.string(), isWhitelist, uids);
142 *ret = (err == 0);
143 return binder::Status::ok();
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]144}
Lorenzo Colittidedd2712016-03-22 12:36:29 +0900[diff] [blame]145
146binder::Status NetdNativeService::bandwidthEnableDataSaver(bool enable, bool *ret) {
147 NETD_LOCKING_RPC(CONNECTIVITY_INTERNAL, gCtls->bandwidthCtrl.lock);
148
149 int err = gCtls->bandwidthCtrl.enableDataSaver(enable);
150 *ret = (err == 0);
151 return binder::Status::ok();
152}
153
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]154binder::Status NetdNativeService::networkRejectNonSecureVpn(bool add,
155 const std::vector<UidRange>& uidRangeArray) {
156 // TODO: elsewhere RouteController is only used from the tethering and network controllers, so
157 // it should be possible to use the same lock as NetworkController. However, every call through
158 // the CommandListener "network" command will need to hold this lock too, not just the ones that
159 // read/modify network internal state (that is sufficient for ::dump() because it doesn't
160 // look at routes, but it's not enough here).
161 NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL);
162
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]163 UidRanges uidRanges(uidRangeArray);
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]164
165 int err;
166 if (add) {
167 err = RouteController::addUsersToRejectNonSecureNetworkRule(uidRanges);
168 } else {
169 err = RouteController::removeUsersFromRejectNonSecureNetworkRule(uidRanges);
170 }
171
172 if (err != 0) {
173 return binder::Status::fromServiceSpecificError(-err,
174 String8::format("RouteController error: %s", strerror(-err)));
175 }
176 return binder::Status::ok();
177}
178
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]179binder::Status NetdNativeService::socketDestroy(const std::vector<UidRange>& uids,
180 const std::vector<int32_t>& skipUids) {
181
182 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
183
184 SockDiag sd;
185 if (!sd.open()) {
186 return binder::Status::fromServiceSpecificError(EIO,
187 String8("Could not open SOCK_DIAG socket"));
188 }
189
190 UidRanges uidRanges(uids);
Lorenzo Colittie5c3c992016-07-26 17:53:50 +0900[diff] [blame]191 int err = sd.destroySockets(uidRanges, std::set<uid_t>(skipUids.begin(), skipUids.end()),
192 true /* excludeLoopback */);
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]193
194 if (err) {
195 return binder::Status::fromServiceSpecificError(-err,
196 String8::format("destroySockets: %s", strerror(-err)));
197 }
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]198 return binder::Status::ok();
199}
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]200
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]201binder::Status NetdNativeService::setResolverConfiguration(int32_t netId,
202 const std::vector<std::string>& servers, const std::vector<std::string>& domains,
203 const std::vector<int32_t>& params) {
204 // This function intentionally does not lock within Netd, as Bionic is thread-safe.
205 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
206
207 int err = gCtls->resolverCtrl.setResolverConfiguration(netId, servers, domains, params);
208 if (err != 0) {
209 return binder::Status::fromServiceSpecificError(-err,
210 String8::format("ResolverController error: %s", strerror(-err)));
211 }
212 return binder::Status::ok();
213}
214
215binder::Status NetdNativeService::getResolverInfo(int32_t netId,
216 std::vector<std::string>* servers, std::vector<std::string>* domains,
217 std::vector<int32_t>* params, std::vector<int32_t>* stats) {
218 // This function intentionally does not lock within Netd, as Bionic is thread-safe.
219 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
220
221 int err = gCtls->resolverCtrl.getResolverInfo(netId, servers, domains, params, stats);
222 if (err != 0) {
223 return binder::Status::fromServiceSpecificError(-err,
224 String8::format("ResolverController error: %s", strerror(-err)));
225 }
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]226 return binder::Status::ok();
227}
228
Ben Schwartze7601812017-04-28 16:38:29 -0400[diff] [blame]229binder::Status NetdNativeService::addPrivateDnsServer(const std::string& server, int32_t port,
230 const std::string& fingerprintAlgorithm, const std::vector<std::string>& fingerprints) {
231 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
232 std::set<std::vector<uint8_t>> decoded_fingerprints;
233 for (const std::string& input : fingerprints) {
234 size_t out_len;
235 if (EVP_DecodedLength(&out_len, input.size()) != 1) {
236 return binder::Status::fromServiceSpecificError(INetd::PRIVATE_DNS_BAD_FINGERPRINT,
237 "ResolverController error: bad fingerprint length");
238 }
239 // out_len is now an upper bound on the output length.
240 std::vector<uint8_t> decoded(out_len);
241 if (EVP_DecodeBase64(decoded.data(), &out_len, decoded.size(),
242 reinterpret_cast<const uint8_t*>(input.data()), input.size()) == 1) {
243 // Possibly shrink the vector if the actual output was smaller than the bound.
244 decoded.resize(out_len);
245 } else {
246 return binder::Status::fromServiceSpecificError(INetd::PRIVATE_DNS_BAD_FINGERPRINT,
247 "ResolverController error: Base64 parsing failed");
248 }
249 decoded_fingerprints.insert(decoded);
250 }
251 const int err = gCtls->resolverCtrl.addPrivateDnsServer(server, port,
252 fingerprintAlgorithm, decoded_fingerprints);
253 if (err != INetd::PRIVATE_DNS_SUCCESS) {
254 return binder::Status::fromServiceSpecificError(err,
255 String8::format("ResolverController error: %d", err));
256 }
257 return binder::Status::ok();
258}
259
260binder::Status NetdNativeService::removePrivateDnsServer(const std::string& server) {
261 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
262 const int err = gCtls->resolverCtrl.removePrivateDnsServer(server);
263 if (err != INetd::PRIVATE_DNS_SUCCESS) {
264 return binder::Status::fromServiceSpecificError(err,
265 String8::format("ResolverController error: %d", err));
266 }
267 return binder::Status::ok();
268}
269
Erik Klinef48e4dd2016-07-18 04:02:07 +0900[diff] [blame]270binder::Status NetdNativeService::tetherApplyDnsInterfaces(bool *ret) {
271 NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL);
272
273 *ret = gCtls->tetherCtrl.applyDnsInterfaces();
274 return binder::Status::ok();
275}
276
Erik Kline53c20882016-08-02 15:22:53 +0900[diff] [blame]277binder::Status NetdNativeService::interfaceAddAddress(const std::string &ifName,
278 const std::string &addrString, int prefixLength) {
279 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
280
281 const int err = InterfaceController::addAddress(
282 ifName.c_str(), addrString.c_str(), prefixLength);
283 if (err != 0) {
284 return binder::Status::fromServiceSpecificError(-err,
285 String8::format("InterfaceController error: %s", strerror(-err)));
286 }
287 return binder::Status::ok();
288}
289
290binder::Status NetdNativeService::interfaceDelAddress(const std::string &ifName,
291 const std::string &addrString, int prefixLength) {
292 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
293
294 const int err = InterfaceController::delAddress(
295 ifName.c_str(), addrString.c_str(), prefixLength);
296 if (err != 0) {
297 return binder::Status::fromServiceSpecificError(-err,
298 String8::format("InterfaceController error: %s", strerror(-err)));
299 }
300 return binder::Status::ok();
301}
302
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]303binder::Status NetdNativeService::setProcSysNet(
304 int32_t family, int32_t which, const std::string &ifname, const std::string &parameter,
305 const std::string &value) {
306 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
307
308 const char *familyStr;
309 switch (family) {
310 case INetd::IPV4:
311 familyStr = "ipv4";
312 break;
313 case INetd::IPV6:
314 familyStr = "ipv6";
315 break;
316 default:
317 return binder::Status::fromServiceSpecificError(EAFNOSUPPORT, String8("Bad family"));
318 }
319
320 const char *whichStr;
321 switch (which) {
322 case INetd::CONF:
323 whichStr = "conf";
324 break;
325 case INetd::NEIGH:
326 whichStr = "neigh";
327 break;
328 default:
329 return binder::Status::fromServiceSpecificError(EINVAL, String8("Bad category"));
330 }
331
332 const int err = InterfaceController::setParameter(
333 familyStr, whichStr, ifname.c_str(), parameter.c_str(),
334 value.c_str());
335 if (err != 0) {
336 return binder::Status::fromServiceSpecificError(-err,
337 String8::format("ResolverController error: %s", strerror(-err)));
338 }
339 return binder::Status::ok();
340}
341
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]342binder::Status NetdNativeService::getMetricsReportingLevel(int *reportingLevel) {
343 // This function intentionally does not lock, since the only thing it does is one read from an
344 // atomic_int.
345 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
346 ENFORCE_DEBUGGABLE();
347
Michal Karpinskid5440112016-10-06 16:56:04 +0100[diff] [blame]348 *reportingLevel = gCtls->eventReporter.getMetricsReportingLevel();
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]349 return binder::Status::ok();
350}
351
352binder::Status NetdNativeService::setMetricsReportingLevel(const int reportingLevel) {
353 // This function intentionally does not lock, since the only thing it does is one write to an
354 // atomic_int.
355 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
356 ENFORCE_DEBUGGABLE();
357
Michal Karpinskid5440112016-10-06 16:56:04 +0100[diff] [blame]358 return (gCtls->eventReporter.setMetricsReportingLevel(reportingLevel) == 0)
359 ? binder::Status::ok()
360 : binder::Status::fromExceptionCode(binder::Status::EX_ILLEGAL_ARGUMENT);
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]361}
362
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]363binder::Status NetdNativeService::ipSecAllocateSpi(
364 int32_t transformId,
365 int32_t direction,
366 const std::string& localAddress,
367 const std::string& remoteAddress,
368 int32_t inSpi,
369 int32_t* outSpi) {
370 // Necessary locking done in IpSecService and kernel
371 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
372 ALOGD("ipSecAllocateSpi()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame^]373 return asBinderStatus(gCtls->xfrmCtrl.ipSecAllocateSpi(
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]374 transformId,
375 direction,
376 localAddress,
377 remoteAddress,
378 inSpi,
379 outSpi));
380}
381
382binder::Status NetdNativeService::ipSecAddSecurityAssociation(
383 int32_t transformId,
384 int32_t mode,
385 int32_t direction,
386 const std::string& localAddress,
387 const std::string& remoteAddress,
388 int64_t underlyingNetworkHandle,
389 int32_t spi,
390 const std::string& authAlgo, const std::vector<uint8_t>& authKey, int32_t authTruncBits,
391 const std::string& cryptAlgo, const std::vector<uint8_t>& cryptKey, int32_t cryptTruncBits,
392 int32_t encapType,
393 int32_t encapLocalPort,
ludiec836052017-05-20 14:17:05 -0700[diff] [blame]394 int32_t encapRemotePort) {
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]395 // Necessary locking done in IpSecService and kernel
396 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
397 ALOGD("ipSecAddSecurityAssociation()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame^]398 return asBinderStatus(gCtls->xfrmCtrl.ipSecAddSecurityAssociation(
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]399 transformId, mode, direction, localAddress, remoteAddress,
400 underlyingNetworkHandle,
401 spi,
402 authAlgo, authKey, authTruncBits,
403 cryptAlgo, cryptKey, cryptTruncBits,
ludiec836052017-05-20 14:17:05 -0700[diff] [blame]404 encapType, encapLocalPort, encapRemotePort));
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]405}
406
407binder::Status NetdNativeService::ipSecDeleteSecurityAssociation(
408 int32_t transformId,
409 int32_t direction,
410 const std::string& localAddress,
411 const std::string& remoteAddress,
412 int32_t spi) {
413 // Necessary locking done in IpSecService and kernel
414 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
415 ALOGD("ipSecDeleteSecurityAssociation()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame^]416 return asBinderStatus(gCtls->xfrmCtrl.ipSecDeleteSecurityAssociation(
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]417 transformId,
418 direction,
419 localAddress,
420 remoteAddress,
421 spi));
422}
423
424binder::Status NetdNativeService::ipSecApplyTransportModeTransform(
425 const android::base::unique_fd& socket,
426 int32_t transformId,
427 int32_t direction,
428 const std::string& localAddress,
429 const std::string& remoteAddress,
430 int32_t spi) {
431 // Necessary locking done in IpSecService and kernel
432 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
433 ALOGD("ipSecApplyTransportModeTransform()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame^]434 return asBinderStatus(gCtls->xfrmCtrl.ipSecApplyTransportModeTransform(
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]435 socket,
436 transformId,
437 direction,
438 localAddress,
439 remoteAddress,
440 spi));
441}
442
443binder::Status NetdNativeService::ipSecRemoveTransportModeTransform(
444 const android::base::unique_fd& socket) {
445 // Necessary locking done in IpSecService and kernel
446 ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
447 ALOGD("ipSecRemoveTransportModeTransform()");
ludi6e8eccd2017-08-14 14:40:37 -0700[diff] [blame^]448 return asBinderStatus(gCtls->xfrmCtrl.ipSecRemoveTransportModeTransform(
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]449 socket));
450}
451
Joel Scherpelzde937962017-06-01 13:20:21 +0900[diff] [blame]452binder::Status NetdNativeService::setIPv6AddrGenMode(const std::string& ifName,
453 int32_t mode) {
454 ENFORCE_PERMISSION(NETWORK_STACK);
455 return toBinderStatus(InterfaceController::setIPv6AddrGenMode(ifName, mode));
456}
457
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]458binder::Status NetdNativeService::wakeupAddInterface(const std::string& ifName,
459 const std::string& prefix, int32_t mark,
460 int32_t mask) {
461 ENFORCE_PERMISSION(NETWORK_STACK);
462 return toBinderStatus(gCtls->wakeupCtrl.addInterface(ifName, prefix, mark, mask));
463}
464
465binder::Status NetdNativeService::wakeupDelInterface(const std::string& ifName,
466 const std::string& prefix, int32_t mark,
467 int32_t mask) {
468 ENFORCE_PERMISSION(NETWORK_STACK);
469 return toBinderStatus(gCtls->wakeupCtrl.delInterface(ifName, prefix, mark, mask));
470}
471
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]472} // namespace net
473} // namespace android