Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / e4851dede1dd24bbd80ffd30c4e89c7753fed121 / . / server / NetdNativeService.cpp
blob: 678d19a6e1397a1836c0b6dae1a0dc7a201a6daa [file] [log] [blame]
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]1/**
2 * Copyright (c) 2016, The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#define LOG_TAG "Netd"
18
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]19#include <vector>
20
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]21#include <android-base/stringprintf.h>
22#include <cutils/log.h>
23#include <utils/Errors.h>
24
25#include <binder/IPCThreadState.h>
26#include <binder/IServiceManager.h>
27#include "android/net/BnNetd.h"
28
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]29#include "Controllers.h"
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]30#include "NetdConstants.h"
31#include "NetdNativeService.h"
32
33using android::base::StringPrintf;
34
35namespace android {
36namespace net {
37
38namespace {
39
40const char CONNECTIVITY_INTERNAL[] = "android.permission.CONNECTIVITY_INTERNAL";
41
42binder::Status checkPermission(const char *permission) {
43 pid_t pid;
44 uid_t uid;
45
46 if (checkCallingPermission(String16(permission), (int32_t *) &pid, (int32_t *) &uid)) {
47 return binder::Status::ok();
48 } else {
49 auto err = StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission);
50 return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str()));
51 }
52}
53
54#define ENFORCE_PERMISSION(permission) { \
55 binder::Status status = checkPermission((permission)); \
56 if (!status.isOk()) { \
57 return status; \
58 } \
59}
60
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]61#define NETD_LOCKING_RPC(permission, lock) \
62 ENFORCE_PERMISSION(permission); \
63 android::RWLock::AutoWLock _lock(lock);
64
65#define NETD_BIG_LOCK_RPC(permission) NETD_LOCKING_RPC((permission), gBigNetdLock)
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]66
67} // namespace
68
69
Lorenzo Colittie4851de2016-03-17 13:23:28 +0900[diff] [blame^]70status_t NetdNativeService::start() {
71 IPCThreadState::self()->disableBackgroundScheduling(true);
72 status_t ret = BinderService<NetdNativeService>::publish();
73 if (ret != android::OK) {
74 return ret;
75 }
76 sp<ProcessState> ps(ProcessState::self());
77 ps->startThreadPool();
78 ps->giveThreadPoolName();
79 return android::OK;
80}
81
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]82binder::Status NetdNativeService::isAlive(bool *alive) {
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]83 NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL);
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]84
85 *alive = true;
86 return binder::Status::ok();
87}
88
Lorenzo Colitti89faa342016-02-26 11:38:47 +0900[diff] [blame]89binder::Status NetdNativeService::firewallReplaceUidChain(const android::String16& chainName,
90 bool isWhitelist, const std::vector<int32_t>& uids, bool *ret) {
91 NETD_LOCKING_RPC(CONNECTIVITY_INTERNAL, gCtls->firewallCtrl.lock);
92
93 android::String8 name = android::String8(chainName);
94 int err = gCtls->firewallCtrl.replaceUidChain(name.string(), isWhitelist, uids);
95 *ret = (err == 0);
96 return binder::Status::ok();
97
98}
Lorenzo Colittie4d626e2016-02-02 17:19:04 +0900[diff] [blame]99} // namespace net
100} // namespace android