Gitiles
Code Review Sign In
review.blissroms.org / platform_packages_modules_DnsResolver / e93d9ae12ae8df2eac9b1a06c98b6141b08a3fe3
commite93d9ae12ae8df2eac9b1a06c98b6141b08a3fe3[log] [tgz]
authorMike Yu <yumike@google.com>Tue Aug 25 19:09:51 2020 +0800
committerMike Yu <yumike@google.com>Sat Sep 26 19:18:44 2020 +0800
treef02c32b2f1fba07019da937e07eac2bb8cf65ebc
parent6bcde8897a67562932202b2b1d2720539e72963b [diff]
Allow to do TLS handshake on DnsTlsSocket loop thread

There are some performance concerns about running connection handshake
on query threads (which are launched from DnsProxyListener):
  - Until a handshake running on a query thread finishes, other
    query threads get blocked from acquiring the lock, which
    is hard to implement timeout.
  - If the handshake fails, all of the waiting query threads can't
    know it. Then, one of the them will do another handshake which
    is likely to fail again.

This change introduces a flag which moves connection handshake from
query threads to DnsTlsSocket loop thread to address the concerns.
  - Before a handshake finishes, query threads are waiting their
    std::future result. This helps future implementation for query
    timeout.
  - If the handshake fails kMaxTries times, none of the waiting query
    threads does another handshake to the same DoT server again.
    They can either try next DoT server or falls back to Do53.

Besides, with the flag enabled, DnsTlsSocket can be aware of
shutdown request and instantly stop connection handshake if needed.

Bug: 149445907
Test: cd packages/modules/DnsResolver
      set the flag on, ran atest
      rebooted, set the flag off, ran atest
Change-Id: I6a0a4c962c9eaf78ca2796128018f7ba06897b16
5 files changed
tree: f02c32b2f1fba07019da937e07eac2bb8cf65ebc
  1. aidl_api/
  2. apex/
  3. binder/
  4. include/
  5. tests/
  6. .clang-format ⇨ ../../../build/soong/scripts/system-clang-format
  7. .editorconfig
  8. Android.bp
  9. Dns64Configuration.cpp
  10. Dns64Configuration.h
  11. DnsProxyListener.cpp
  12. DnsProxyListener.h
  13. DnsQueryLog.cpp
  14. DnsQueryLog.h
  15. DnsQueryLogTest.cpp
  16. DnsResolver.cpp
  17. DnsResolver.h
  18. DnsResolverService.cpp
  19. DnsResolverService.h
  20. DnsStats.cpp
  21. DnsStats.h
  22. DnsStatsTest.cpp
  23. DnsTlsDispatcher.cpp
  24. DnsTlsDispatcher.h
  25. DnsTlsQueryMap.cpp
  26. DnsTlsQueryMap.h
  27. DnsTlsServer.cpp
  28. DnsTlsServer.h
  29. DnsTlsSessionCache.cpp
  30. DnsTlsSessionCache.h
  31. DnsTlsSocket.cpp
  32. DnsTlsSocket.h
  33. DnsTlsSocketFactory.h
  34. DnsTlsTransport.cpp
  35. DnsTlsTransport.h
  36. Experiments.cpp
  37. Experiments.h
  38. ExperimentsTest.cpp
  39. getaddrinfo.cpp
  40. getaddrinfo.h
  41. gethnamaddr.cpp
  42. gethnamaddr.h
  43. hostent.h
  44. IDnsTlsSocket.h
  45. IDnsTlsSocketFactory.h
  46. IDnsTlsSocketObserver.h
  47. libnetd_resolv.map.txt
  48. LockedQueue.h
  49. NOTICE
  50. OWNERS
  51. params.h
  52. PREUPLOAD.cfg
  53. PrivateDnsConfiguration.cpp
  54. PrivateDnsConfiguration.h
  55. README-DoT.md
  56. README.md
  57. res_cache.cpp
  58. res_comp.cpp
  59. res_comp.h
  60. res_debug.cpp
  61. res_debug.h
  62. res_init.cpp
  63. res_init.h
  64. res_mkquery.cpp
  65. res_query.cpp
  66. res_send.cpp
  67. res_send.h
  68. res_stats.cpp
  69. resolv_cache.h
  70. resolv_cache_unit_test.cpp
  71. resolv_callback_unit_test.cpp
  72. resolv_private.h
  73. resolv_test_config_template.xml
  74. resolv_tls_unit_test.cpp
  75. resolv_unit_test.cpp
  76. ResolverController.cpp
  77. ResolverController.h
  78. ResolverEventReporter.cpp
  79. ResolverEventReporter.h
  80. ResolverStats.h
  81. sethostent.cpp
  82. stats.h
  83. stats.proto
  84. TEST_MAPPING
  85. util.cpp
  86. util.h
README.md

Logging

This code uses LOG(X) for logging. Log levels are VERBOSE,DEBUG,INFO,WARNING and ERROR. The default setting is WARNING and logs relate to WARNING and ERROR will be shown. If you want to enable the DEBUG level logs, using following command. adb shell service call dnsresolver 10 i32 1 VERBOSE 0 DEBUG 1 INFO 2 WARNING 3 ERROR 4 Verbose resolver logs could contain PII -- do NOT enable in production builds.