Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / b670d16e224878d2bae71db8d6788372926baea8 / . / server / NetdNativeService.h
blob: 1d5caf68486520207c5b6f7f7721c8751cf997fa [file] [log] [blame]
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]1/**
2 * Copyright (c) 2016, The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef _NETD_NATIVE_SERVICE_H_
18#define _NETD_NATIVE_SERVICE_H_
19
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]20#include <vector>
21
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]22#include <binder/BinderService.h>
Erik Klineb31fd692018-06-06 20:50:11 +0900[diff] [blame]23#include <netdutils/Log.h>
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]24
25#include "android/net/BnNetd.h"
Robin Lee9f9aae92016-03-30 18:33:07 +0100[diff] [blame]26#include "android/net/UidRange.h"
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]27
28namespace android {
29namespace net {
30
31class NetdNativeService : public BinderService<NetdNativeService>, public BnNetd {
32 public:
Lorenzo Colittie4851de2016-03-17 13:23:28 +0900[diff] [blame]33 static status_t start();
Lorenzo Colittic2c7b752016-02-23 22:25:11 +0900[diff] [blame]34 static char const* getServiceName() { return "netd"; }
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]35 virtual status_t dump(int fd, const Vector<String16> &args) override;
36
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]37 binder::Status isAlive(bool *alive) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]38
39 // Firewall commands.
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]40 binder::Status firewallReplaceUidChain(
Erik Klinef52d4522018-03-14 15:01:46 +0900[diff] [blame]41 const std::string& chainName, bool isWhitelist,
Erik Kline2d3a1632016-03-15 16:33:48 +0900[diff] [blame]42 const std::vector<int32_t>& uids, bool *ret) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]43
44 // Bandwidth control commands.
Lorenzo Colittidedd2712016-03-22 12:36:29 +0900[diff] [blame]45 binder::Status bandwidthEnableDataSaver(bool enable, bool *ret) override;
Luke Huang531f5d32018-08-03 15:19:05 +0800[diff] [blame]46 binder::Status bandwidthSetInterfaceQuota(const std::string& ifName, int64_t bytes) override;
47 binder::Status bandwidthRemoveInterfaceQuota(const std::string& ifName) override;
48 binder::Status bandwidthSetInterfaceAlert(const std::string& ifName, int64_t bytes) override;
49 binder::Status bandwidthRemoveInterfaceAlert(const std::string& ifName) override;
50 binder::Status bandwidthSetGlobalAlert(int64_t bytes) override;
51 binder::Status bandwidthAddNaughtyApp(int32_t uid) override;
52 binder::Status bandwidthRemoveNaughtyApp(int32_t uid) override;
53 binder::Status bandwidthAddNiceApp(int32_t uid) override;
54 binder::Status bandwidthRemoveNiceApp(int32_t uid) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]55
56 // Network and routing commands.
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame^]57 binder::Status networkCreatePhysical(int32_t netId, int32_t permission) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]58 binder::Status networkCreateVpn(int32_t netId, bool hasDns, bool secure) override;
59 binder::Status networkDestroy(int32_t netId) override;
60
61 binder::Status networkAddInterface(int32_t netId, const std::string& iface) override;
62 binder::Status networkRemoveInterface(int32_t netId, const std::string& iface) override;
63
64 binder::Status networkAddUidRanges(int32_t netId, const std::vector<UidRange>& uids)
65 override;
66 binder::Status networkRemoveUidRanges(int32_t netId, const std::vector<UidRange>& uids)
67 override;
Robin Leeb8087362016-03-30 18:43:08 +0100[diff] [blame]68 binder::Status networkRejectNonSecureVpn(bool enable, const std::vector<UidRange>& uids)
69 override;
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame^]70 binder::Status networkAddRoute(int32_t netId, const std::string& ifName,
71 const std::string& destination,
72 const std::string& nextHop) override;
73 binder::Status networkRemoveRoute(int32_t netId, const std::string& ifName,
74 const std::string& destination,
75 const std::string& nextHop) override;
76 binder::Status networkAddLegacyRoute(int32_t netId, const std::string& ifName,
77 const std::string& destination, const std::string& nextHop,
78 int32_t uid) override;
79 binder::Status networkRemoveLegacyRoute(int32_t netId, const std::string& ifName,
80 const std::string& destination,
81 const std::string& nextHop, int32_t uid) override;
82 binder::Status networkSetDefault(int32_t netId) override;
83 binder::Status networkClearDefault() override;
84 binder::Status networkSetPermissionForNetwork(int32_t netId, int32_t permission) override;
85 binder::Status networkSetPermissionForUser(int32_t permission,
86 const std::vector<int32_t>& uids) override;
87 binder::Status networkClearPermissionForUser(const std::vector<int32_t>& uids) override;
88 binder::Status networkSetProtectAllow(int32_t uid) override;
89 binder::Status networkSetProtectDeny(int32_t uid) override;
90 // For test (internal use only).
91 binder::Status networkGetDefault(int32_t* netId) override;
92 binder::Status networkCanProtect(int32_t uid, bool* ret) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]93
94 // SOCK_DIAG commands.
Lorenzo Colitti563d98b2016-04-24 13:13:14 +0900[diff] [blame]95 binder::Status socketDestroy(const std::vector<UidRange>& uids,
96 const std::vector<int32_t>& skipUids) override;
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]97
98 // Resolver commands.
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]99 binder::Status setResolverConfiguration(int32_t netId, const std::vector<std::string>& servers,
Ben Schwartz4204ecf2017-10-02 12:35:48 -0400[diff] [blame]100 const std::vector<std::string>& domains, const std::vector<int32_t>& params,
Erik Klinea1476fb2018-03-04 21:01:56 +0900[diff] [blame]101 const std::string& tlsName,
102 const std::vector<std::string>& tlsServers,
Ben Schwartz4204ecf2017-10-02 12:35:48 -0400[diff] [blame]103 const std::vector<std::string>& tlsFingerprints) override;
Pierre Imaibeedec32016-04-13 06:44:51 +0900[diff] [blame]104 binder::Status getResolverInfo(int32_t netId, std::vector<std::string>* servers,
105 std::vector<std::string>* domains, std::vector<int32_t>* params,
106 std::vector<int32_t>* stats) override;
Erik Klinef48e4dd2016-07-18 04:02:07 +0900[diff] [blame]107
Joel Scherpelzde937962017-06-01 13:20:21 +0900[diff] [blame]108 binder::Status setIPv6AddrGenMode(const std::string& ifName, int32_t mode) override;
109
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]110 // NFLOG-related commands
111 binder::Status wakeupAddInterface(const std::string& ifName, const std::string& prefix,
112 int32_t mark, int32_t mask) override;
113
114 binder::Status wakeupDelInterface(const std::string& ifName, const std::string& prefix,
115 int32_t mark, int32_t mask) override;
116
Erik Klinef48e4dd2016-07-18 04:02:07 +0900[diff] [blame]117 // Tethering-related commands.
118 binder::Status tetherApplyDnsInterfaces(bool *ret) override;
Luke Huangcaebcbb2018-09-27 20:37:14 +0800[diff] [blame]119 binder::Status tetherGetStats(
120 std::vector<android::net::TetherStatsParcel>* tetherStatsVec) override;
Luke Huangb5733d72018-08-21 17:17:19 +0800[diff] [blame]121 binder::Status tetherStart(const std::vector<std::string>& dhcpRanges) override;
122 binder::Status tetherStop() override;
123 binder::Status tetherIsEnabled(bool* enabled) override;
124 binder::Status tetherInterfaceAdd(const std::string& ifName) override;
125 binder::Status tetherInterfaceRemove(const std::string& ifName) override;
126 binder::Status tetherInterfaceList(std::vector<std::string>* ifList) override;
127 binder::Status tetherDnsSet(int32_t netId, const std::vector<std::string>& dnsAddrs) override;
128 binder::Status tetherDnsList(std::vector<std::string>* dnsList) override;
Erik Kline53c20882016-08-02 15:22:53 +0900[diff] [blame]129
Lorenzo Colittid33e96d2016-12-15 23:59:01 +0900[diff] [blame]130 // Interface-related commands.
Erik Kline53c20882016-08-02 15:22:53 +0900[diff] [blame]131 binder::Status interfaceAddAddress(const std::string &ifName,
132 const std::string &addrString, int prefixLength) override;
133 binder::Status interfaceDelAddress(const std::string &ifName,
134 const std::string &addrString, int prefixLength) override;
Erik Kline55b06f82016-07-04 09:57:18 +0900[diff] [blame]135
Erik Kline38e51f12018-09-06 20:14:44 +0900[diff] [blame]136 binder::Status getProcSysNet(int32_t ipversion, int32_t which, const std::string& ifname,
137 const std::string& parameter, std::string* value) override;
138 binder::Status setProcSysNet(int32_t ipversion, int32_t which, const std::string& ifname,
139 const std::string& parameter, const std::string& value) override;
Robin Lee2cf56172016-09-13 18:55:42 +0900[diff] [blame]140
141 // Metrics reporting level set / get (internal use only).
142 binder::Status getMetricsReportingLevel(int *reportingLevel) override;
143 binder::Status setMetricsReportingLevel(const int reportingLevel) override;
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]144
Benedict Wongb2daefb2017-12-06 22:05:46 -0800[diff] [blame]145 binder::Status ipSecSetEncapSocketOwner(const android::base::unique_fd& socket, int newUid);
146
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]147 binder::Status ipSecAllocateSpi(
148 int32_t transformId,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]149 const std::string& localAddress,
150 const std::string& remoteAddress,
151 int32_t inSpi,
152 int32_t* outSpi);
153
154 binder::Status ipSecAddSecurityAssociation(
155 int32_t transformId,
156 int32_t mode,
Nathan Haroldda54f122018-01-09 16:42:57 -0800[diff] [blame]157 const std::string& sourceAddress,
158 const std::string& destinationAddress,
Benedict Wong96abf482018-01-22 13:56:41 -0800[diff] [blame]159 int32_t underlyingNetId,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]160 int32_t spi,
Di Lu2ccb3e52018-01-03 16:19:20 -0800[diff] [blame]161 int32_t markValue,
162 int32_t markMask,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]163 const std::string& authAlgo,
164 const std::vector<uint8_t>& authKey,
165 int32_t authTruncBits,
166 const std::string& cryptAlgo,
167 const std::vector<uint8_t>& cryptKey,
168 int32_t cryptTruncBits,
Benedict Wongbe65b432017-08-22 21:43:14 -0700[diff] [blame]169 const std::string& aeadAlgo,
170 const std::vector<uint8_t>& aeadKey,
171 int32_t aeadIcvBits,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]172 int32_t encapType,
173 int32_t encapLocalPort,
ludiec836052017-05-20 14:17:05 -0700[diff] [blame]174 int32_t encapRemotePort);
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]175
176 binder::Status ipSecDeleteSecurityAssociation(
177 int32_t transformId,
Nathan Haroldda54f122018-01-09 16:42:57 -0800[diff] [blame]178 const std::string& sourceAddress,
179 const std::string& destinationAddress,
Di Lu2ccb3e52018-01-03 16:19:20 -0800[diff] [blame]180 int32_t spi,
181 int32_t markValue,
182 int32_t markMask);
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]183
184 binder::Status ipSecApplyTransportModeTransform(
185 const android::base::unique_fd& socket,
186 int32_t transformId,
187 int32_t direction,
Nathan Haroldda54f122018-01-09 16:42:57 -0800[diff] [blame]188 const std::string& sourceAddress,
189 const std::string& destinationAddress,
Nathan Harold1a371532017-01-30 12:30:48 -0800[diff] [blame]190 int32_t spi);
191
192 binder::Status ipSecRemoveTransportModeTransform(
193 const android::base::unique_fd& socket);
Chenbo Feng07d43fe2017-12-21 14:38:51 -0800[diff] [blame]194
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]195 binder::Status ipSecAddSecurityPolicy(int32_t transformId, int32_t selAddrFamily,
196 int32_t direction, const std::string& tmplSrcAddress,
Benedict Wongad600cb2018-05-14 17:22:35 -0700[diff] [blame]197 const std::string& tmplDstAddress, int32_t spi,
198 int32_t markValue, int32_t markMask);
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]199
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]200 binder::Status ipSecUpdateSecurityPolicy(int32_t transformId, int32_t selAddrFamily,
201 int32_t direction, const std::string& tmplSrcAddress,
Benedict Wongad600cb2018-05-14 17:22:35 -0700[diff] [blame]202 const std::string& tmplDstAddress, int32_t spi,
203 int32_t markValue, int32_t markMask);
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]204
Benedict Wonga04ffa72018-05-09 21:42:42 -0700[diff] [blame]205 binder::Status ipSecDeleteSecurityPolicy(int32_t transformId, int32_t selAddrFamily,
206 int32_t direction, int32_t markValue,
Benedict Wongad600cb2018-05-14 17:22:35 -0700[diff] [blame]207 int32_t markMask);
Benedict Wong84a8dca2018-01-19 12:12:17 -0800[diff] [blame]208
Chenbo Feng07d43fe2017-12-21 14:38:51 -0800[diff] [blame]209 binder::Status trafficCheckBpfStatsEnable(bool* ret) override;
manojboopathi8707f232018-01-02 14:45:47 -0800[diff] [blame]210
211 binder::Status addVirtualTunnelInterface(
212 const std::string& deviceName,
213 const std::string& localAddress,
214 const std::string& remoteAddress,
215 int32_t iKey,
216 int32_t oKey);
217
218 binder::Status updateVirtualTunnelInterface(
219 const std::string& deviceName,
220 const std::string& localAddress,
221 const std::string& remoteAddress,
222 int32_t iKey,
223 int32_t oKey);
224
225 binder::Status removeVirtualTunnelInterface(const std::string& deviceName);
Luke Huang0051a622018-07-23 20:30:16 +0800[diff] [blame]226
227 // Idletimer-related commands
228 binder::Status idletimerAddInterface(const std::string& ifName, int32_t timeout,
229 const std::string& classLabel) override;
230 binder::Status idletimerRemoveInterface(const std::string& ifName, int32_t timeout,
231 const std::string& classLabel) override;
Luke Huang6d301232018-08-01 14:05:18 +0800[diff] [blame]232
Luke Huanga67dd562018-07-17 19:58:25 +0800[diff] [blame]233 // Strict-related commands
234 binder::Status strictUidCleartextPenalty(int32_t uid, int32_t policyPenalty) override;
Luke Huang6d301232018-08-01 14:05:18 +0800[diff] [blame]235
236 // Clatd-related commands
237 binder::Status clatdStart(const std::string& ifName) override;
238 binder::Status clatdStop(const std::string& ifName) override;
Luke Huang457d4702018-08-16 15:39:15 +0800[diff] [blame]239
240 // Ipfw-related commands
241 binder::Status ipfwdEnabled(bool* status) override;
242 binder::Status ipfwdEnableForwarding(const std::string& requester) override;
243 binder::Status ipfwdDisableForwarding(const std::string& requester) override;
244 binder::Status ipfwdAddInterfaceForward(const std::string& fromIface,
245 const std::string& toIface) override;
246 binder::Status ipfwdRemoveInterfaceForward(const std::string& fromIface,
247 const std::string& toIface) override;
Luke Huangb670d162018-08-23 20:01:13 +0800[diff] [blame^]248
249 private:
250 std::vector<uid_t> intsToUids(const std::vector<int32_t>& intUids);
251 Permission convertPermission(int32_t permission);
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]252};
253
254} // namespace net
255} // namespace android
256
257#endif // _NETD_NATIVE_SERVICE_H_