Blame - server/NetdNativeService.cpp - platform_system_netd

2016-02-02 17:19:04 +0900

[diff] [blame]

/**

*

* Licensed under the Apache License, Version 2.0 (the "License");

5

* you may not use this file except in compliance with the License.

6

* You may obtain a copy of the License at

7

*

8

* http://www.apache.org/licenses/LICENSE-2.0

9

*

10

* Unless required by applicable law or agreed to in writing, software

11

* distributed under the License is distributed on an "AS IS" BASIS,

12

* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

13

* See the License for the specific language governing permissions and

14

* limitations under the License.

15

*/

16

17

#define LOG_TAG "Netd"

18

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

19

#include <cinttypes>

Xiao Ma

2018-12-16 16:27:38 +0900

[diff] [blame]

20

#include <numeric>

Ben Schwartz

4204ecf

2017-10-02 12:35:48 -0400

[diff] [blame]

21

#include <set>

Xiao Ma

64b15b7

2019-03-20 11:33:15 +0900

[diff] [blame]

22

#include <string>

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

23

#include <tuple>

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

24

#include <vector>

25

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

26

#include <android-base/file.h>

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

27

#include <android-base/stringprintf.h>

Ben Schwartz

4204ecf

2017-10-02 12:35:48 -0400

[diff] [blame]

28

#include <android-base/strings.h>

Luke Huang

2019-05-02 18:10:15 +0800

[diff] [blame]

29

#include <binder/IPCThreadState.h>

30

#include <binder/IServiceManager.h>

31

#include <binder/Status.h>

Robin Lee

2cf5617

2016-09-13 18:55:42 +0900

[diff] [blame]

32

#include <cutils/properties.h>

Logan Chien

3f46148

2018-04-23 14:31:32 +0800

[diff] [blame]

33

#include <log/log.h>

Luke Huang

2019-05-02 18:10:15 +0800

[diff] [blame]

34

#include <netdutils/DumpWriter.h>

waynema

5851b03

2021-11-24 17:08:25 +0800

[diff] [blame]

35

#include <netdutils/Utils.h>

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

36

#include <utils/Errors.h>

Pierre Imai

beedec3

2016-04-13 06:44:51 +0900

[diff] [blame]

37

#include <utils/String16.h>

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

38

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

39

#include "Controllers.h"

Chiachang Wang

00fc62f

2019-12-04 20:38:26 +0800

[diff] [blame]

40

#include "Fwmark.h"

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

41

#include "InterfaceController.h"

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

42

#include "NetdNativeService.h"

Luke Huang

0e5e69d

2019-03-06 15:42:38 +0800

[diff] [blame]

43

#include "OemNetdListener.h"

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

44

#include "Permission.h"

Erik Kline

8589004

2018-05-25 19:19:11 +0900

[diff] [blame]

45

#include "Process.h"

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

46

#include "RouteController.h"

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

47

#include "SockDiag.h"

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

48

#include "UidRanges.h"

Xiao Ma

2018-12-16 16:27:38 +0900

[diff] [blame]

49

#include "android/net/BnNetd.h"

Luke Huang

743e031

2020-05-26 17:21:28 +0800

[diff] [blame]

50

#include "binder_utils/BinderUtil.h"

51

#include "binder_utils/NetdPermissions.h"

Bernie Innocenti

189eb50

2018-10-01 23:10:18 +0900

[diff] [blame]

52

#include "netid_client.h" // NETID_UNSET

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

53

54

using android::base::StringPrintf;

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

55

using android::base::WriteStringToFile;

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

56

using android::net::TetherStatsParcel;

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

57

using android::net::UidRangeParcel;

Ken Chen

2021-05-23 14:56:43 +0800

[diff] [blame]

58

using android::net::netd::aidl::NativeUidRangeConfig;

Luke Huang

b257d61

2019-03-14 21:19:13 +0800

[diff] [blame]

59

using android::netdutils::DumpWriter;

waynema

5851b03

2021-11-24 17:08:25 +0800

[diff] [blame]

60

using android::netdutils::getIfaceNames;

Luke Huang

b257d61

2019-03-14 21:19:13 +0800

[diff] [blame]

61

using android::netdutils::ScopedIndent;

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

62

using android::os::ParcelFileDescriptor;

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

namespace android {

namespace net {

namespace {

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

68

const char OPT_SHORT[] = "--short";

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

69

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

70

#define ENFORCE_ANY_PERMISSION(...) \

71

do { \

72

binder::Status status = checkAnyPermission({__VA_ARGS__}); \

73

if (!status.isOk()) { \

74

return status; \

75

} \

76

} while (0)

Robin Lee

2cf5617

2016-09-13 18:55:42 +0900

[diff] [blame]

77

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

78

#define NETD_LOCKING_RPC(lock, ... /* permissions */) \

79

ENFORCE_ANY_PERMISSION(__VA_ARGS__); \

Bernie Innocenti

abf8a34

2018-08-10 15:17:16 +0900

[diff] [blame]

80

std::lock_guard _lock(lock);

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

81

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

82

#define NETD_BIG_LOCK_RPC(... /* permissions */) NETD_LOCKING_RPC(gBigNetdLock, __VA_ARGS__)

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

83

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

84

#define RETURN_BINDER_STATUS_IF_NOT_OK(logEntry, res) \

85

do { \

86

if (!isOk((res))) { \

87

logErrorStatus((logEntry), (res)); \

88

return asBinderStatus((res)); \

} \

} while (0)

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

92

#define ENFORCE_NETWORK_STACK_PERMISSIONS() \

93

ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK)

94

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

95

void logErrorStatus(netdutils::LogEntry& logEntry, const netdutils::Status& status) {

96

gLog.log(logEntry.returns(status.code()).withAutomaticDuration());

97

}

98

Bernie Innocenti

97f388f

2018-10-16 19:17:08 +0900

[diff] [blame]

99

binder::Status asBinderStatus(const netdutils::Status& status) {

100

if (isOk(status)) {

101

return binder::Status::ok();

102

}

103

return binder::Status::fromServiceSpecificError(status.code(), status.msg().c_str());

104

}

105

Lorenzo Colitti

2020-02-18 00:00:35 +0900

[diff] [blame]

106

template <typename T>

107

binder::Status asBinderStatus(const base::Result<T> result) {

108

if (result.ok()) return binder::Status::ok();

109

110

return binder::Status::fromServiceSpecificError(result.error().code(),

111

result.error().message().c_str());

112

}

113

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

114

bool contains(const Vector<String16>& words, const String16& word) {

115

for (const auto& w : words) {

116

if (w == word) return true;

117

}

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

118

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

return false;

}

} // namespace

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

123

Luke Huang

2019-05-02 18:10:15 +0800

[diff] [blame]

124

NetdNativeService::NetdNativeService() {

125

// register log callback to BnNetd::logFunc

Jooyung Han

f242258

2020-11-04 14:21:46 +0900

[diff] [blame]

126

BnNetd::logFunc = [](const auto& log) {

127

binderCallLogFn(log, [](const std::string& msg) { gLog.info("%s", msg.c_str()); });

128

};

Luke Huang

2019-05-02 18:10:15 +0800

[diff] [blame]

129

}

130

Lorenzo Colitti

e4851de

2016-03-17 13:23:28 +0900

[diff] [blame]

131

status_t NetdNativeService::start() {

132

IPCThreadState::self()->disableBackgroundScheduling(true);

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

133

const status_t ret = BinderService<NetdNativeService>::publish();

Lorenzo Colitti

e4851de

2016-03-17 13:23:28 +0900

[diff] [blame]

134

if (ret != android::OK) {

135

return ret;

136

}

137

sp<ProcessState> ps(ProcessState::self());

138

ps->startThreadPool();

139

ps->giveThreadPoolName();

Xiao Ma

2018-12-16 16:27:38 +0900

[diff] [blame]

140

Lorenzo Colitti

e4851de

2016-03-17 13:23:28 +0900

[diff] [blame]

return android::OK;

}

Hugo Benichi

2018-01-15 21:54:00 +0900

[diff] [blame]

144

status_t NetdNativeService::dump(int fd, const Vector<String16> &args) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

145

const binder::Status dump_permission = checkAnyPermission({PERM_DUMP});

Erik Kline

2d3a163

2016-03-15 16:33:48 +0900

[diff] [blame]

146

if (!dump_permission.isOk()) {

147

const String8 msg(dump_permission.toString8());

148

write(fd, msg.string(), msg.size());

149

return PERMISSION_DENIED;

150

}

151

152

// This method does not grab any locks. If individual classes need locking

153

// their dump() methods MUST handle locking appropriately.

Hugo Benichi

7b314e1

2018-01-15 21:54:00 +0900

[diff] [blame]

154

Erik Kline

2d3a163

2016-03-15 16:33:48 +0900

[diff] [blame]

155

DumpWriter dw(fd);

Hugo Benichi

7b314e1

2018-01-15 21:54:00 +0900

[diff] [blame]

156

157

if (!args.isEmpty() && args[0] == TcpSocketMonitor::DUMP_KEYWORD) {

158

dw.blankline();

159

gCtls->tcpSocketMonitor.dump(dw);

dw.blankline();

return NO_ERROR;

}

Erik Kline

2018-05-25 19:19:11 +0900

[diff] [blame]

164

process::dump(dw);

Erik Kline

2d3a163

2016-03-15 16:33:48 +0900

[diff] [blame]

165

dw.blankline();

166

gCtls->netCtrl.dump(dw);

167

dw.blankline();

168

Benedict Wong

af85543

2018-05-10 17:07:37 -0700

[diff] [blame]

169

gCtls->xfrmCtrl.dump(dw);

170

dw.blankline();

171

Lorenzo Colitti

52db391

2020-02-17 23:59:45 +0900

[diff] [blame]

172

gCtls->tetherCtrl.dump(dw);

173

dw.blankline();

174

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

175

{

176

ScopedIndent indentLog(dw);

177

if (contains(args, String16(OPT_SHORT))) {

178

dw.println("Log: <omitted>");

179

} else {

180

dw.println("Log:");

181

ScopedIndent indentLogEntries(dw);

182

gLog.forEachEntry([&dw](const std::string& entry) mutable { dw.println(entry); });

}

dw.blankline();

}

Luke Huang

2018-08-29 19:06:05 +0800

[diff] [blame]

187

{

188

ScopedIndent indentLog(dw);

189

if (contains(args, String16(OPT_SHORT))) {

190

dw.println("UnsolicitedLog: <omitted>");

191

} else {

192

dw.println("UnsolicitedLog:");

193

ScopedIndent indentLogEntries(dw);

194

gUnsolicitedLog.forEachEntry(

195

[&dw](const std::string& entry) mutable { dw.println(entry); });

}

dw.blankline();

}

Erik Kline

2016-03-15 16:33:48 +0900

[diff] [blame]

return NO_ERROR;

}

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

203

binder::Status NetdNativeService::isAlive(bool *alive) {

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

204

NETD_BIG_LOCK_RPC(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

205

206

*alive = true;

Erik Kline

2018-06-06 20:50:11 +0900

[diff] [blame]

207

Lorenzo Colitti

2016-02-02 17:19:04 +0900

[diff] [blame]

208

return binder::Status::ok();

209

}

210

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

211

binder::Status NetdNativeService::firewallReplaceUidChain(const std::string&, bool,

212

const std::vector<int32_t>&, bool*) {

213

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Lorenzo Colitti

2016-02-26 11:38:47 +0900

[diff] [blame]

214

}

Lorenzo Colitti

dedd271

2016-03-22 12:36:29 +0900

[diff] [blame]

215

216

binder::Status NetdNativeService::bandwidthEnableDataSaver(bool enable, bool *ret) {

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

217

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Lorenzo Colitti

dedd271

2016-03-22 12:36:29 +0900

[diff] [blame]

218

int err = gCtls->bandwidthCtrl.enableDataSaver(enable);

219

*ret = (err == 0);

220

return binder::Status::ok();

221

}

222

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

223

binder::Status NetdNativeService::bandwidthSetInterfaceQuota(const std::string& ifName,

224

int64_t bytes) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

225

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

226

int res = gCtls->bandwidthCtrl.setInterfaceQuota(ifName, bytes);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

227

return statusFromErrcode(res);

228

}

229

230

binder::Status NetdNativeService::bandwidthRemoveInterfaceQuota(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

231

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

232

int res = gCtls->bandwidthCtrl.removeInterfaceQuota(ifName);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

233

return statusFromErrcode(res);

234

}

235

236

binder::Status NetdNativeService::bandwidthSetInterfaceAlert(const std::string& ifName,

237

int64_t bytes) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

238

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

239

int res = gCtls->bandwidthCtrl.setInterfaceAlert(ifName, bytes);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

240

return statusFromErrcode(res);

241

}

242

243

binder::Status NetdNativeService::bandwidthRemoveInterfaceAlert(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

244

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

245

int res = gCtls->bandwidthCtrl.removeInterfaceAlert(ifName);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

246

return statusFromErrcode(res);

247

}

248

249

binder::Status NetdNativeService::bandwidthSetGlobalAlert(int64_t bytes) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

250

NETD_LOCKING_RPC(gCtls->bandwidthCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

251

int res = gCtls->bandwidthCtrl.setGlobalAlert(bytes);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

252

return statusFromErrcode(res);

253

}

254

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

255

binder::Status NetdNativeService::bandwidthAddNaughtyApp(int32_t) {

256

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

waynema

dc07cd4

2021-11-03 10:11:59 +0800

[diff] [blame]

257

}

258

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

259

binder::Status NetdNativeService::bandwidthRemoveNaughtyApp(int32_t) {

260

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

waynema

dc07cd4

2021-11-03 10:11:59 +0800

[diff] [blame]

261

}

262

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

263

binder::Status NetdNativeService::bandwidthAddNiceApp(int32_t) {

264

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

waynema

dc07cd4

2021-11-03 10:11:59 +0800

[diff] [blame]

265

}

266

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

267

binder::Status NetdNativeService::bandwidthRemoveNiceApp(int32_t) {

268

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Luke Huang

2018-08-03 15:19:05 +0800

[diff] [blame]

269

}

270

Ken Chen

2021-04-04 11:28:06 +0800

[diff] [blame]

271

// TODO: Remove this function when there are no users. Currently, it is still used by DNS resolver

272

// tests.

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

273

binder::Status NetdNativeService::networkCreatePhysical(int32_t netId, int32_t permission) {

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

274

ENFORCE_NETWORK_STACK_PERMISSIONS();

Chalard Jean

0484514

2022-12-02 19:39:36 +0900

[diff] [blame]

275

int ret = gCtls->netCtrl.createPhysicalNetwork(netId, convertPermission(permission),

276

false /* local */);

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

277

return statusFromErrcode(ret);

278

}

279

Ken Chen

2021-04-04 11:28:06 +0800

[diff] [blame]

280

// TODO: Remove this function when there are no users. Currently, it is still used by DNS resolver

281

// tests.

cken

67cd14c

2018-12-05 17:26:59 +0900

[diff] [blame]

282

binder::Status NetdNativeService::networkCreateVpn(int32_t netId, bool secure) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

283

ENFORCE_NETWORK_STACK_PERMISSIONS();

Ken Chen

2021-04-04 11:28:06 +0800

[diff] [blame]

284

// The value of vpnType does not matter here, because it is not used in AOSP and is only

285

// implemented by OEMs. Also, the RPC is going to deprecate. Just pick a value defined in INetd

286

// as default.

Chiachang Wang

2b0abee

2022-01-12 10:03:17 +0800

[diff] [blame]

287

int ret = gCtls->netCtrl.createVirtualNetwork(netId, secure, NativeVpnType::LEGACY,

288

false /* excludeLocalRoutes */);

Ken Chen

2021-04-04 11:28:06 +0800

[diff] [blame]

289

return statusFromErrcode(ret);

290

}

291

292

binder::Status NetdNativeService::networkCreate(const NativeNetworkConfig& config) {

293

ENFORCE_NETWORK_STACK_PERMISSIONS();

294

int ret = -EINVAL;

295

if (config.networkType == NativeNetworkType::PHYSICAL) {

Chalard Jean

0484514

2022-12-02 19:39:36 +0900

[diff] [blame]

296

ret = gCtls->netCtrl.createPhysicalNetwork(

297

config.netId, convertPermission(config.permission), false /* isLocalNetwork */);

298

} else if (config.networkType == NativeNetworkType::PHYSICAL_LOCAL) {

299

ret = gCtls->netCtrl.createPhysicalNetwork(

300

config.netId, convertPermission(config.permission), true /* isLocalNetwork */);

Ken Chen

2021-04-04 11:28:06 +0800

[diff] [blame]

301

} else if (config.networkType == NativeNetworkType::VIRTUAL) {

Chiachang Wang

2b0abee

2022-01-12 10:03:17 +0800

[diff] [blame]

302

ret = gCtls->netCtrl.createVirtualNetwork(config.netId, config.secure, config.vpnType,

303

config.excludeLocalRoutes);

Ken Chen

2021-04-04 11:28:06 +0800

[diff] [blame]

304

}

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

305

return statusFromErrcode(ret);

306

}

307

308

binder::Status NetdNativeService::networkDestroy(int32_t netId) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

309

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

d33a8f4

2019-03-14 16:10:04 +0800

[diff] [blame]

310

// NetworkController::destroyNetwork is thread-safe.

Mike Yu

4fe1b9c

2019-01-29 17:50:19 +0800

[diff] [blame]

311

const int ret = gCtls->netCtrl.destroyNetwork(netId);

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

312

return statusFromErrcode(ret);

313

}

314

315

binder::Status NetdNativeService::networkAddInterface(int32_t netId, const std::string& iface) {

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

316

ENFORCE_NETWORK_STACK_PERMISSIONS();

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

317

int ret = gCtls->netCtrl.addInterfaceToNetwork(netId, iface.c_str());

318

return statusFromErrcode(ret);

319

}

320

321

binder::Status NetdNativeService::networkRemoveInterface(int32_t netId, const std::string& iface) {

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

322

ENFORCE_NETWORK_STACK_PERMISSIONS();

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

323

int ret = gCtls->netCtrl.removeInterfaceFromNetwork(netId, iface.c_str());

324

return statusFromErrcode(ret);

325

}

326

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

327

binder::Status NetdNativeService::networkAddUidRanges(

328

int32_t netId, const std::vector<UidRangeParcel>& uidRangeArray) {

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

329

// NetworkController::addUsersToNetwork is thread-safe.

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

330

ENFORCE_NETWORK_STACK_PERMISSIONS();

Ken Chen

2021-05-23 14:56:43 +0800

[diff] [blame]

331

int ret = gCtls->netCtrl.addUsersToNetwork(netId, UidRanges(uidRangeArray),

Patrick Rohr

e2f1b5a

2022-01-25 21:36:50 +0100

[diff] [blame]

332

UidRanges::SUB_PRIORITY_HIGHEST);

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

333

return statusFromErrcode(ret);

334

}

335

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

336

binder::Status NetdNativeService::networkRemoveUidRanges(

337

int32_t netId, const std::vector<UidRangeParcel>& uidRangeArray) {

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

338

// NetworkController::removeUsersFromNetwork is thread-safe.

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

339

ENFORCE_NETWORK_STACK_PERMISSIONS();

Ken Chen

2021-05-23 14:56:43 +0800

[diff] [blame]

340

int ret = gCtls->netCtrl.removeUsersFromNetwork(netId, UidRanges(uidRangeArray),

Patrick Rohr

e2f1b5a

2022-01-25 21:36:50 +0100

[diff] [blame]

341

UidRanges::SUB_PRIORITY_HIGHEST);

Ken Chen

2021-05-23 14:56:43 +0800

[diff] [blame]

342

return statusFromErrcode(ret);

343

}

344

345

binder::Status NetdNativeService::networkAddUidRangesParcel(const NativeUidRangeConfig& config) {

346

ENFORCE_NETWORK_STACK_PERMISSIONS();

347

int ret = gCtls->netCtrl.addUsersToNetwork(config.netId, UidRanges(config.uidRanges),

348

config.subPriority);

349

return statusFromErrcode(ret);

350

}

351

352

binder::Status NetdNativeService::networkRemoveUidRangesParcel(const NativeUidRangeConfig& config) {

353

ENFORCE_NETWORK_STACK_PERMISSIONS();

354

int ret = gCtls->netCtrl.removeUsersFromNetwork(config.netId, UidRanges(config.uidRanges),

355

config.subPriority);

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

356

return statusFromErrcode(ret);

357

}

358

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

359

binder::Status NetdNativeService::networkRejectNonSecureVpn(

360

bool add, const std::vector<UidRangeParcel>& uidRangeArray) {

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

361

// TODO: elsewhere RouteController is only used from the tethering and network controllers, so

362

// it should be possible to use the same lock as NetworkController. However, every call through

363

// the CommandListener "network" command will need to hold this lock too, not just the ones that

364

// read/modify network internal state (that is sufficient for ::dump() because it doesn't

365

// look at routes, but it's not enough here).

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

366

NETD_BIG_LOCK_RPC(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

367

UidRanges uidRanges(uidRangeArray);

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

int err;

if (add) {

err = RouteController::addUsersToRejectNonSecureNetworkRule(uidRanges);

372

} else {

373

err = RouteController::removeUsersFromRejectNonSecureNetworkRule(uidRanges);

374

}

Lorenzo Colitti

2016-12-15 23:59:01 +0900

[diff] [blame]

375

return statusFromErrcode(err);

Robin Lee

2016-03-30 18:43:08 +0100

[diff] [blame]

376

}

377

Luke Huang

2018-10-18 19:35:12 +0900

[diff] [blame]

378

binder::Status NetdNativeService::socketDestroy(const std::vector<UidRangeParcel>& uids,

379

const std::vector<int32_t>& skipUids) {

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

380

ENFORCE_NETWORK_STACK_PERMISSIONS();

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

SockDiag sd;

if (!sd.open()) {

return binder::Status::fromServiceSpecificError(EIO,

385

String8("Could not open SOCK_DIAG socket"));

386

}

387

388

UidRanges uidRanges(uids);

Lorenzo Colitti

e5c3c99

2016-07-26 17:53:50 +0900

[diff] [blame]

389

int err = sd.destroySockets(uidRanges, std::set<uid_t>(skipUids.begin(), skipUids.end()),

390

true /* excludeLoopback */);

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

391

if (err) {

392

return binder::Status::fromServiceSpecificError(-err,

393

String8::format("destroySockets: %s", strerror(-err)));

394

}

Pierre Imai

beedec3

2016-04-13 06:44:51 +0900

[diff] [blame]

395

return binder::Status::ok();

396

}

Lorenzo Colitti

2016-04-24 13:13:14 +0900

[diff] [blame]

397

Erik Kline

f48e4dd

2016-07-18 04:02:07 +0900

[diff] [blame]

398

binder::Status NetdNativeService::tetherApplyDnsInterfaces(bool *ret) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

399

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Erik Kline

f48e4dd

2016-07-18 04:02:07 +0900

[diff] [blame]

400

*ret = gCtls->tetherCtrl.applyDnsInterfaces();

401

return binder::Status::ok();

402

}

403

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

404

namespace {

405

Hungming Chen

2020-03-12 16:21:03 +0800

[diff] [blame]

406

constexpr const int UNUSED_IFINDEX = 0;

407

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

408

void tetherAddStatsByInterface(TetherController::TetherStats* tetherStatsParcel,

409

const TetherController::TetherStats& tetherStats) {

410

if (tetherStatsParcel->extIface == tetherStats.extIface) {

411

tetherStatsParcel->rxBytes += tetherStats.rxBytes;

412

tetherStatsParcel->rxPackets += tetherStats.rxPackets;

413

tetherStatsParcel->txBytes += tetherStats.txBytes;

414

tetherStatsParcel->txPackets += tetherStats.txPackets;

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

415

}

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

416

}

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

417

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

418

TetherStatsParcel toTetherStatsParcel(const TetherController::TetherStats& stats) {

419

TetherStatsParcel result;

420

result.iface = stats.extIface;

421

result.rxBytes = stats.rxBytes;

422

result.rxPackets = stats.rxPackets;

423

result.txBytes = stats.txBytes;

424

result.txPackets = stats.txPackets;

Hungming Chen

2020-03-12 16:21:03 +0800

[diff] [blame]

425

result.ifIndex = UNUSED_IFINDEX;

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

426

return result;

427

}

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

428

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

429

void setTetherStatsParcelVecByInterface(std::vector<TetherStatsParcel>* tetherStatsVec,

430

const TetherController::TetherStatsList& statsList) {

431

std::map<std::string, TetherController::TetherStats> statsMap;

432

for (const auto& stats : statsList) {

433

auto iter = statsMap.find(stats.extIface);

434

if (iter != statsMap.end()) {

435

tetherAddStatsByInterface(&(iter->second), stats);

436

} else {

437

statsMap.insert(

438

std::pair<std::string, TetherController::TetherStats>(stats.extIface, stats));

439

}

440

}

441

for (auto iter = statsMap.begin(); iter != statsMap.end(); iter++) {

442

tetherStatsVec->push_back(toTetherStatsParcel(iter->second));

}

}

std::vector<std::string> tetherStatsParcelVecToStringVec(std::vector<TetherStatsParcel>* tVec) {

447

std::vector<std::string> result;

448

for (const auto& t : *tVec) {

449

result.push_back(StringPrintf("%s:%" PRId64 ",%" PRId64 ",%" PRId64 ",%" PRId64,

450

t.iface.c_str(), t.rxBytes, t.rxPackets, t.txBytes,

451

t.txPackets));

452

}

453

return result;

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

}

} // namespace

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

458

binder::Status NetdNativeService::tetherGetStats(

459

std::vector<TetherStatsParcel>* tetherStatsParcelVec) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

460

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Lorenzo Colitti

5192bf7

2017-09-04 13:30:59 +0900

[diff] [blame]

461

const auto& statsList = gCtls->tetherCtrl.getTetherStats();

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

462

if (!isOk(statsList)) {

Nathan Harold

2018-03-16 19:02:47 -0700

[diff] [blame]

463

return asBinderStatus(statsList);

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

464

}

Luke Huang

2018-09-27 20:37:14 +0800

[diff] [blame]

465

setTetherStatsParcelVecByInterface(tetherStatsParcelVec, statsList.value());

466

auto statsResults = tetherStatsParcelVecToStringVec(tetherStatsParcelVec);

Lorenzo Colitti

2017-01-31 19:06:59 +0900

[diff] [blame]

467

return binder::Status::ok();

468

}

469

Erik Kline

53c2088

2016-08-02 15:22:53 +0900

[diff] [blame]

470

binder::Status NetdNativeService::interfaceAddAddress(const std::string &ifName,

471

const std::string &addrString, int prefixLength) {

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

472

ENFORCE_NETWORK_STACK_PERMISSIONS();

Erik Kline

53c2088

2016-08-02 15:22:53 +0900

[diff] [blame]

473

const int err = InterfaceController::addAddress(

474

ifName.c_str(), addrString.c_str(), prefixLength);

475

if (err != 0) {

476

return binder::Status::fromServiceSpecificError(-err,

477

String8::format("InterfaceController error: %s", strerror(-err)));

478

}

479

return binder::Status::ok();

480

}

481

482

binder::Status NetdNativeService::interfaceDelAddress(const std::string &ifName,

483

const std::string &addrString, int prefixLength) {

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

484

ENFORCE_NETWORK_STACK_PERMISSIONS();

Erik Kline

53c2088

2016-08-02 15:22:53 +0900

[diff] [blame]

485

const int err = InterfaceController::delAddress(

486

ifName.c_str(), addrString.c_str(), prefixLength);

487

if (err != 0) {

488

return binder::Status::fromServiceSpecificError(-err,

489

String8::format("InterfaceController error: %s", strerror(-err)));

490

}

491

return binder::Status::ok();

492

}

493

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

494

namespace {

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

495

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

496

std::tuple<binder::Status, const char*, const char*> getPathComponents(int32_t ipversion,

497

int32_t category) {

498

const char* ipversionStr = nullptr;

499

switch (ipversion) {

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

500

case INetd::IPV4:

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

501

ipversionStr = "ipv4";

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

502

break;

503

case INetd::IPV6:

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

504

ipversionStr = "ipv6";

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

505

break;

506

default:

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

507

return {binder::Status::fromServiceSpecificError(EAFNOSUPPORT, "Bad IP version"),

508

nullptr, nullptr};

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

509

}

510

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

511

const char* whichStr = nullptr;

512

switch (category) {

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

case INetd::CONF:

whichStr = "conf";

break;

case INetd::NEIGH:

whichStr = "neigh";

break;

default:

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

520

return {binder::Status::fromServiceSpecificError(EINVAL, "Bad category"), nullptr,

521

nullptr};

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

522

}

523

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

524

return {binder::Status::ok(), ipversionStr, whichStr};

}

} // namespace

binder::Status NetdNativeService::getProcSysNet(int32_t ipversion, int32_t which,

530

const std::string& ifname,

531

const std::string& parameter, std::string* value) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

532

ENFORCE_NETWORK_STACK_PERMISSIONS();

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

533

const auto pathParts = getPathComponents(ipversion, which);

534

const auto& pathStatus = std::get<0>(pathParts);

535

if (!pathStatus.isOk()) {

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

536

return pathStatus;

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

537

}

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

538

539

const int err = InterfaceController::getParameter(std::get<1>(pathParts),

540

std::get<2>(pathParts), ifname.c_str(),

541

parameter.c_str(), value);

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

542

return statusFromErrcode(err);

543

}

544

545

binder::Status NetdNativeService::setProcSysNet(int32_t ipversion, int32_t which,

546

const std::string& ifname,

547

const std::string& parameter,

548

const std::string& value) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

549

ENFORCE_NETWORK_STACK_PERMISSIONS();

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

550

const auto pathParts = getPathComponents(ipversion, which);

551

const auto& pathStatus = std::get<0>(pathParts);

552

if (!pathStatus.isOk()) {

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

return pathStatus;

}

const int err = InterfaceController::setParameter(std::get<1>(pathParts),

557

std::get<2>(pathParts), ifname.c_str(),

558

parameter.c_str(), value.c_str());

Erik Kline

2018-09-06 20:14:44 +0900

[diff] [blame]

559

return statusFromErrcode(err);

Erik Kline

2016-07-04 09:57:18 +0900

[diff] [blame]

560

}

561

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

562

binder::Status NetdNativeService::ipSecSetEncapSocketOwner(const ParcelFileDescriptor& socket,

563

int newUid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

564

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

b2daefb

2017-12-06 22:05:46 -0800

[diff] [blame]

565

566

uid_t callerUid = IPCThreadState::self()->getCallingUid();

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

567

return asBinderStatus(

568

gCtls->xfrmCtrl.ipSecSetEncapSocketOwner(socket.get(), newUid, callerUid));

Benedict Wong

b2daefb

2017-12-06 22:05:46 -0800

[diff] [blame]

569

}

570

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

571

binder::Status NetdNativeService::ipSecAllocateSpi(

572

int32_t transformId,

Nathan Harold

da54f12

2018-01-09 16:42:57 -0800

[diff] [blame]

573

const std::string& sourceAddress,

574

const std::string& destinationAddress,

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

575

int32_t inSpi,

576

int32_t* outSpi) {

577

// Necessary locking done in IpSecService and kernel

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

578

ENFORCE_NETWORK_STACK_PERMISSIONS();

ludi

2017-08-14 14:40:37 -0700

[diff] [blame]

579

return asBinderStatus(gCtls->xfrmCtrl.ipSecAllocateSpi(

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

580

transformId,

Nathan Harold

da54f12

2018-01-09 16:42:57 -0800

[diff] [blame]

581

sourceAddress,

582

destinationAddress,

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

inSpi,

outSpi));

}

binder::Status NetdNativeService::ipSecAddSecurityAssociation(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

588

int32_t transformId, int32_t mode, const std::string& sourceAddress,

589

const std::string& destinationAddress, int32_t underlyingNetId, int32_t spi,

590

int32_t markValue, int32_t markMask, const std::string& authAlgo,

591

const std::vector<uint8_t>& authKey, int32_t authTruncBits, const std::string& cryptAlgo,

592

const std::vector<uint8_t>& cryptKey, int32_t cryptTruncBits, const std::string& aeadAlgo,

593

const std::vector<uint8_t>& aeadKey, int32_t aeadIcvBits, int32_t encapType,

594

int32_t encapLocalPort, int32_t encapRemotePort, int32_t interfaceId) {

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

595

// Necessary locking done in IpSecService and kernel

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

596

ENFORCE_NETWORK_STACK_PERMISSIONS();

ludi

2017-08-14 14:40:37 -0700

[diff] [blame]

597

return asBinderStatus(gCtls->xfrmCtrl.ipSecAddSecurityAssociation(

Benedict Wong

ad600cb

2018-05-14 17:22:35 -0700

[diff] [blame]

598

transformId, mode, sourceAddress, destinationAddress, underlyingNetId, spi, markValue,

599

markMask, authAlgo, authKey, authTruncBits, cryptAlgo, cryptKey, cryptTruncBits,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

600

aeadAlgo, aeadKey, aeadIcvBits, encapType, encapLocalPort, encapRemotePort,

601

interfaceId));

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

602

}

603

604

binder::Status NetdNativeService::ipSecDeleteSecurityAssociation(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

605

int32_t transformId, const std::string& sourceAddress,

606

const std::string& destinationAddress, int32_t spi, int32_t markValue, int32_t markMask,

607

int32_t interfaceId) {

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

608

// Necessary locking done in IpSecService and kernel

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

609

ENFORCE_NETWORK_STACK_PERMISSIONS();

ludi

2017-08-14 14:40:37 -0700

[diff] [blame]

610

return asBinderStatus(gCtls->xfrmCtrl.ipSecDeleteSecurityAssociation(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

611

transformId, sourceAddress, destinationAddress, spi, markValue, markMask, interfaceId));

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

612

}

613

614

binder::Status NetdNativeService::ipSecApplyTransportModeTransform(

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

615

const ParcelFileDescriptor& socket, int32_t transformId, int32_t direction,

616

const std::string& sourceAddress, const std::string& destinationAddress, int32_t spi) {

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

617

// Necessary locking done in IpSecService and kernel

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

618

ENFORCE_NETWORK_STACK_PERMISSIONS();

ludi

2017-08-14 14:40:37 -0700

[diff] [blame]

619

return asBinderStatus(gCtls->xfrmCtrl.ipSecApplyTransportModeTransform(

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

620

socket.get(), transformId, direction, sourceAddress, destinationAddress, spi));

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

621

}

622

623

binder::Status NetdNativeService::ipSecRemoveTransportModeTransform(

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

624

const ParcelFileDescriptor& socket) {

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

625

// Necessary locking done in IpSecService and kernel

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

626

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-11-23 11:47:28 +0800

[diff] [blame]

627

return asBinderStatus(gCtls->xfrmCtrl.ipSecRemoveTransportModeTransform(socket.get()));

Nathan Harold

2017-01-30 12:30:48 -0800

[diff] [blame]

628

}

629

Benedict Wong

2018-05-09 21:42:42 -0700

[diff] [blame]

630

binder::Status NetdNativeService::ipSecAddSecurityPolicy(int32_t transformId, int32_t selAddrFamily,

631

int32_t direction,

Benedict Wong

ad600cb

2018-05-14 17:22:35 -0700

[diff] [blame]

632

const std::string& tmplSrcAddress,

633

const std::string& tmplDstAddress,

634

int32_t spi, int32_t markValue,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

635

int32_t markMask, int32_t interfaceId) {

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

636

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

637

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

638

return asBinderStatus(gCtls->xfrmCtrl.ipSecAddSecurityPolicy(

Benedict Wong

2018-05-09 21:42:42 -0700

[diff] [blame]

639

transformId, selAddrFamily, direction, tmplSrcAddress, tmplDstAddress, spi, markValue,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

640

markMask, interfaceId));

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

641

}

642

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

643

binder::Status NetdNativeService::ipSecUpdateSecurityPolicy(

644

int32_t transformId, int32_t selAddrFamily, int32_t direction,

645

const std::string& tmplSrcAddress, const std::string& tmplDstAddress, int32_t spi,

646

int32_t markValue, int32_t markMask, int32_t interfaceId) {

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

647

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

648

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

649

return asBinderStatus(gCtls->xfrmCtrl.ipSecUpdateSecurityPolicy(

Benedict Wong

2018-05-09 21:42:42 -0700

[diff] [blame]

650

transformId, selAddrFamily, direction, tmplSrcAddress, tmplDstAddress, spi, markValue,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

651

markMask, interfaceId));

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

652

}

653

Benedict Wong

2018-05-09 21:42:42 -0700

[diff] [blame]

654

binder::Status NetdNativeService::ipSecDeleteSecurityPolicy(int32_t transformId,

655

int32_t selAddrFamily,

656

int32_t direction, int32_t markValue,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

657

int32_t markMask, int32_t interfaceId) {

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

658

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

659

ENFORCE_NETWORK_STACK_PERMISSIONS();

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

660

return asBinderStatus(gCtls->xfrmCtrl.ipSecDeleteSecurityPolicy(

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

661

transformId, selAddrFamily, direction, markValue, markMask, interfaceId));

Benedict Wong

2018-01-19 12:12:17 -0800

[diff] [blame]

662

}

663

Benedict Wong

319f17e

2018-05-15 17:06:44 -0700

[diff] [blame]

664

binder::Status NetdNativeService::ipSecAddTunnelInterface(const std::string& deviceName,

665

const std::string& localAddress,

666

const std::string& remoteAddress,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

667

int32_t iKey, int32_t oKey,

668

int32_t interfaceId) {

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

669

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

670

ENFORCE_NETWORK_STACK_PERMISSIONS();

Xiao Ma

ce45dcc

2022-10-13 17:23:25 +0900

[diff] [blame]

671

return asBinderStatus(gCtls->xfrmCtrl.ipSecAddTunnelInterface(

672

deviceName, localAddress, remoteAddress, iKey, oKey, interfaceId, false));

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

673

}

674

Benedict Wong

319f17e

2018-05-15 17:06:44 -0700

[diff] [blame]

675

binder::Status NetdNativeService::ipSecUpdateTunnelInterface(const std::string& deviceName,

676

const std::string& localAddress,

677

const std::string& remoteAddress,

Benedict Wong

2018-05-07 10:29:02 -0700

[diff] [blame]

678

int32_t iKey, int32_t oKey,

679

int32_t interfaceId) {

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

680

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

681

ENFORCE_NETWORK_STACK_PERMISSIONS();

Xiao Ma

ce45dcc

2022-10-13 17:23:25 +0900

[diff] [blame]

682

return asBinderStatus(gCtls->xfrmCtrl.ipSecAddTunnelInterface(

683

deviceName, localAddress, remoteAddress, iKey, oKey, interfaceId, true));

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

684

}

685

Benedict Wong

319f17e

2018-05-15 17:06:44 -0700

[diff] [blame]

686

binder::Status NetdNativeService::ipSecRemoveTunnelInterface(const std::string& deviceName) {

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

687

// Necessary locking done in IpSecService and kernel

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

688

ENFORCE_NETWORK_STACK_PERMISSIONS();

Xiao Ma

ce45dcc

2022-10-13 17:23:25 +0900

[diff] [blame]

689

return asBinderStatus(gCtls->xfrmCtrl.ipSecRemoveTunnelInterface(deviceName));

manojboopathi

2018-01-02 14:45:47 -0800

[diff] [blame]

690

}

691

Yan Yan

f9c4679

2022-10-13 00:25:43 +0000

[diff] [blame]

692

binder::Status NetdNativeService::ipSecMigrate(const IpSecMigrateInfoParcel& migrateInfo) {

693

// Necessary locking done in IpSecService and kernel

694

ENFORCE_NETWORK_STACK_PERMISSIONS();

695

return asBinderStatus(gCtls->xfrmCtrl.ipSecMigrate(

696

migrateInfo.requestId, migrateInfo.selAddrFamily, migrateInfo.direction,

697

migrateInfo.oldSourceAddress, migrateInfo.oldDestinationAddress,

698

migrateInfo.newSourceAddress, migrateInfo.newDestinationAddress,

699

migrateInfo.interfaceId));

700

}

701

Joel Scherpelz

de93796

2017-06-01 13:20:21 +0900

[diff] [blame]

702

binder::Status NetdNativeService::setIPv6AddrGenMode(const std::string& ifName,

703

int32_t mode) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

704

ENFORCE_NETWORK_STACK_PERMISSIONS();

Nathan Harold

2018-03-16 19:02:47 -0700

[diff] [blame]

705

return asBinderStatus(InterfaceController::setIPv6AddrGenMode(ifName, mode));

Joel Scherpelz

de93796

2017-06-01 13:20:21 +0900

[diff] [blame]

706

}

707

Joel Scherpelz

08b84cd

2017-05-22 13:11:54 +0900

[diff] [blame]

708

binder::Status NetdNativeService::wakeupAddInterface(const std::string& ifName,

709

const std::string& prefix, int32_t mark,

710

int32_t mask) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

711

ENFORCE_NETWORK_STACK_PERMISSIONS();

Nathan Harold

2018-03-16 19:02:47 -0700

[diff] [blame]

712

return asBinderStatus(gCtls->wakeupCtrl.addInterface(ifName, prefix, mark, mask));

Joel Scherpelz

08b84cd

2017-05-22 13:11:54 +0900

[diff] [blame]

713

}

714

715

binder::Status NetdNativeService::wakeupDelInterface(const std::string& ifName,

716

const std::string& prefix, int32_t mark,

717

int32_t mask) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

718

ENFORCE_NETWORK_STACK_PERMISSIONS();

Nathan Harold

2018-03-16 19:02:47 -0700

[diff] [blame]

719

return asBinderStatus(gCtls->wakeupCtrl.delInterface(ifName, prefix, mark, mask));

Joel Scherpelz

08b84cd

2017-05-22 13:11:54 +0900

[diff] [blame]

720

}

721

Chenbo Feng

873ae14

2019-04-10 12:26:06 -0700

[diff] [blame]

722

binder::Status NetdNativeService::trafficSwapActiveStatsMap() {

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

723

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Chenbo Feng

873ae14

2019-04-10 12:26:06 -0700

[diff] [blame]

724

}

725

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

726

binder::Status NetdNativeService::idletimerAddInterface(const std::string& ifName, int32_t timeout,

727

const std::string& classLabel) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

728

NETD_LOCKING_RPC(gCtls->idletimerCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

729

int res =

730

gCtls->idletimerCtrl.addInterfaceIdletimer(ifName.c_str(), timeout, classLabel.c_str());

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

731

return statusFromErrcode(res);

732

}

733

734

binder::Status NetdNativeService::idletimerRemoveInterface(const std::string& ifName,

735

int32_t timeout,

736

const std::string& classLabel) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

737

NETD_LOCKING_RPC(gCtls->idletimerCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

738

int res = gCtls->idletimerCtrl.removeInterfaceIdletimer(ifName.c_str(), timeout,

739

classLabel.c_str());

Luke Huang

2018-07-23 20:30:16 +0800

[diff] [blame]

740

return statusFromErrcode(res);

741

}

Luke Huang

2018-07-17 19:58:25 +0800

[diff] [blame]

742

743

binder::Status NetdNativeService::strictUidCleartextPenalty(int32_t uid, int32_t policyPenalty) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

744

NETD_LOCKING_RPC(gCtls->strictCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-17 19:58:25 +0800

[diff] [blame]

745

StrictPenalty penalty;

746

switch (policyPenalty) {

747

case INetd::PENALTY_POLICY_REJECT:

748

penalty = REJECT;

749

break;

750

case INetd::PENALTY_POLICY_LOG:

751

penalty = LOG;

752

break;

753

case INetd::PENALTY_POLICY_ACCEPT:

penalty = ACCEPT;

break;

default:

return statusFromErrcode(-EINVAL);

758

break;

759

}

760

int res = gCtls->strictCtrl.setUidCleartextPenalty((uid_t) uid, penalty);

Luke Huang

2018-07-17 19:58:25 +0800

[diff] [blame]

761

return statusFromErrcode(res);

762

}

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

763

Hungming Chen

2022-04-22 15:25:23 +0800

[diff] [blame]

764

// TODO: remark @deprecated in INetd.aidl.

765

binder::Status NetdNativeService::clatdStart(const std::string& /* ifName */,

766

const std::string& /* nat64Prefix */,

767

std::string* /* v6Addr */) {

Maciej Żenczykowski

5628027

2019-03-30 03:32:51 -0700

[diff] [blame]

768

ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Hungming Chen

2022-04-22 15:25:23 +0800

[diff] [blame]

769

// deprecated

770

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Luke Huang

6d30123

2018-08-01 14:05:18 +0800

[diff] [blame]

771

}

772

Hungming Chen

2022-04-22 15:25:23 +0800

[diff] [blame]

773

// TODO: remark @deprecated in INetd.aidl.

774

binder::Status NetdNativeService::clatdStop(const std::string& /* ifName */) {

Maciej Żenczykowski

5628027

2019-03-30 03:32:51 -0700

[diff] [blame]

775

ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Hungming Chen

2022-04-22 15:25:23 +0800

[diff] [blame]

776

// deprecated

777

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Luke Huang

6d30123

2018-08-01 14:05:18 +0800

[diff] [blame]

778

}

Luke Huang

2018-07-17 19:58:25 +0800

[diff] [blame]

779

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

780

binder::Status NetdNativeService::ipfwdEnabled(bool* status) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

781

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

728cf4c

2019-03-14 19:43:02 +0800

[diff] [blame]

782

*status = (gCtls->tetherCtrl.getIpfwdRequesterList().size() > 0) ? true : false;

783

return binder::Status::ok();

784

}

785

786

binder::Status NetdNativeService::ipfwdGetRequesterList(std::vector<std::string>* requesterList) {

787

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

788

for (const auto& requester : gCtls->tetherCtrl.getIpfwdRequesterList()) {

789

requesterList->push_back(requester);

790

}

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

791

return binder::Status::ok();

792

}

793

794

binder::Status NetdNativeService::ipfwdEnableForwarding(const std::string& requester) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

795

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

796

int res = (gCtls->tetherCtrl.enableForwarding(requester.c_str())) ? 0 : -EREMOTEIO;

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

797

return statusFromErrcode(res);

798

}

799

800

binder::Status NetdNativeService::ipfwdDisableForwarding(const std::string& requester) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

801

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

802

int res = (gCtls->tetherCtrl.disableForwarding(requester.c_str())) ? 0 : -EREMOTEIO;

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

803

return statusFromErrcode(res);

804

}

805

806

binder::Status NetdNativeService::ipfwdAddInterfaceForward(const std::string& fromIface,

807

const std::string& toIface) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

808

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

809

int res = RouteController::enableTethering(fromIface.c_str(), toIface.c_str());

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

810

return statusFromErrcode(res);

811

}

812

813

binder::Status NetdNativeService::ipfwdRemoveInterfaceForward(const std::string& fromIface,

814

const std::string& toIface) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

815

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

816

int res = RouteController::disableTethering(fromIface.c_str(), toIface.c_str());

Luke Huang

2018-08-16 15:39:15 +0800

[diff] [blame]

817

return statusFromErrcode(res);

818

}

819

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

820

namespace {

Luke Huang

2020-03-04 16:43:12 +0800

[diff] [blame]

821

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

822

std::string addCurlyBrackets(const std::string& s) {

823

return "{" + s + "}";

824

}

825

826

} // namespace

Xiao Ma

2018-12-16 16:27:38 +0900

[diff] [blame]

827

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

828

binder::Status NetdNativeService::interfaceGetList(std::vector<std::string>* interfaceListResult) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

829

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

waynema

5851b03

2021-11-24 17:08:25 +0800

[diff] [blame]

830

const auto& ifaceList = getIfaceNames();

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

831

832

interfaceListResult->clear();

833

interfaceListResult->reserve(ifaceList.value().size());

834

interfaceListResult->insert(end(*interfaceListResult), begin(ifaceList.value()),

835

end(ifaceList.value()));

836

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

837

return binder::Status::ok();

838

}

839

840

std::string interfaceConfigurationParcelToString(const InterfaceConfigurationParcel& cfg) {

841

std::vector<std::string> result{cfg.ifName, cfg.hwAddr, cfg.ipv4Addr,

842

std::to_string(cfg.prefixLength)};

843

result.insert(end(result), begin(cfg.flags), end(cfg.flags));

844

return addCurlyBrackets(base::Join(result, ", "));

845

}

846

847

binder::Status NetdNativeService::interfaceGetCfg(

848

const std::string& ifName, InterfaceConfigurationParcel* interfaceGetCfgResult) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

849

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

850

auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).arg(ifName);

851

852

const auto& cfgRes = InterfaceController::getCfg(ifName);

853

RETURN_BINDER_STATUS_IF_NOT_OK(entry, cfgRes);

854

855

*interfaceGetCfgResult = cfgRes.value();

856

gLog.log(entry.returns(interfaceConfigurationParcelToString(*interfaceGetCfgResult))

857

.withAutomaticDuration());

858

return binder::Status::ok();

859

}

860

861

binder::Status NetdNativeService::interfaceSetCfg(const InterfaceConfigurationParcel& cfg) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

862

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

863

auto entry = gLog.newEntry()

864

.prettyFunction(__PRETTY_FUNCTION__)

865

.arg(interfaceConfigurationParcelToString(cfg));

866

867

const auto& res = InterfaceController::setCfg(cfg);

868

RETURN_BINDER_STATUS_IF_NOT_OK(entry, res);

869

870

gLog.log(entry.withAutomaticDuration());

871

return binder::Status::ok();

872

}

873

874

binder::Status NetdNativeService::interfaceSetIPv6PrivacyExtensions(const std::string& ifName,

875

bool enable) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

876

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

877

int res = InterfaceController::setIPv6PrivacyExtensions(ifName.c_str(), enable);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

878

return statusFromErrcode(res);

879

}

880

881

binder::Status NetdNativeService::interfaceClearAddrs(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

882

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

883

int res = InterfaceController::clearAddrs(ifName.c_str());

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

884

return statusFromErrcode(res);

885

}

886

887

binder::Status NetdNativeService::interfaceSetEnableIPv6(const std::string& ifName, bool enable) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

888

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

889

int res = InterfaceController::setEnableIPv6(ifName.c_str(), enable);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

890

return statusFromErrcode(res);

891

}

892

893

binder::Status NetdNativeService::interfaceSetMtu(const std::string& ifName, int32_t mtuValue) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

894

NETD_LOCKING_RPC(InterfaceController::mutex, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

895

std::string mtu = std::to_string(mtuValue);

896

int res = InterfaceController::setMtu(ifName.c_str(), mtu.c_str());

Luke Huang

2018-08-08 13:13:04 +0800

[diff] [blame]

897

return statusFromErrcode(res);

898

}

899

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

900

binder::Status NetdNativeService::tetherStart(const std::vector<std::string>& dhcpRanges) {

Chiachang Wang

2019-12-10 09:53:24 +0800

[diff] [blame]

901

TetherConfigParcel config;

902

config.usingLegacyDnsProxy = true;

903

config.dhcpRanges = dhcpRanges;

904

return tetherStartWithConfiguration(config);

Luke Huang

91bd3e1

2019-08-20 11:33:52 +0800

[diff] [blame]

905

}

906

Chiachang Wang

2019-12-10 09:53:24 +0800

[diff] [blame]

907

binder::Status NetdNativeService::tetherStartWithConfiguration(const TetherConfigParcel& config) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

908

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Chiachang Wang

2019-12-10 09:53:24 +0800

[diff] [blame]

909

if (config.dhcpRanges.size() % 2 == 1) {

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

910

return statusFromErrcode(-EINVAL);

911

}

Chiachang Wang

2019-12-10 09:53:24 +0800

[diff] [blame]

912

// TODO: Pass TetherConfigParcel directly.

913

int res = gCtls->tetherCtrl.startTethering(config.usingLegacyDnsProxy, config.dhcpRanges);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

914

return statusFromErrcode(res);

915

}

916

917

binder::Status NetdNativeService::tetherStop() {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

918

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

919

int res = gCtls->tetherCtrl.stopTethering();

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

920

return statusFromErrcode(res);

921

}

922

923

binder::Status NetdNativeService::tetherIsEnabled(bool* enabled) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

924

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

925

*enabled = gCtls->tetherCtrl.isTetheringStarted();

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

926

return binder::Status::ok();

927

}

928

929

binder::Status NetdNativeService::tetherInterfaceAdd(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

930

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

931

int res = gCtls->tetherCtrl.tetherInterface(ifName.c_str());

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

932

return statusFromErrcode(res);

933

}

934

935

binder::Status NetdNativeService::tetherInterfaceRemove(const std::string& ifName) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

936

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

937

int res = gCtls->tetherCtrl.untetherInterface(ifName.c_str());

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

938

return statusFromErrcode(res);

939

}

940

941

binder::Status NetdNativeService::tetherInterfaceList(std::vector<std::string>* ifList) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

942

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

943

for (const auto& ifname : gCtls->tetherCtrl.getTetheredInterfaceList()) {

944

ifList->push_back(ifname);

945

}

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

946

return binder::Status::ok();

947

}

948

949

binder::Status NetdNativeService::tetherDnsSet(int32_t netId,

950

const std::vector<std::string>& dnsAddrs) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

951

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

952

int res = gCtls->tetherCtrl.setDnsForwarders(netId, dnsAddrs);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

953

return statusFromErrcode(res);

954

}

955

956

binder::Status NetdNativeService::tetherDnsList(std::vector<std::string>* dnsList) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

957

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

958

for (const auto& fwdr : gCtls->tetherCtrl.getDnsForwarders()) {

959

dnsList->push_back(fwdr);

960

}

Luke Huang

2018-08-21 17:17:19 +0800

[diff] [blame]

961

return binder::Status::ok();

962

}

963

Tyler Wear

fa94a27

2019-12-05 15:01:48 -0800

[diff] [blame]

964

binder::Status NetdNativeService::networkAddRouteParcel(int32_t netId,

965

const RouteInfoParcel& route) {

966

// Public methods of NetworkController are thread-safe.

967

ENFORCE_NETWORK_STACK_PERMISSIONS();

968

bool legacy = false;

969

uid_t uid = 0; // UID is only meaningful for legacy routes.

970

971

// convert Parcel to parameters

972

int res = gCtls->netCtrl.addRoute(netId, route.ifName.c_str(), route.destination.c_str(),

973

route.nextHop.empty() ? nullptr : route.nextHop.c_str(),

974

legacy, uid, route.mtu);

975

return statusFromErrcode(res);

976

}

977

978

binder::Status NetdNativeService::networkUpdateRouteParcel(int32_t netId,

979

const RouteInfoParcel& route) {

980

// Public methods of NetworkController are thread-safe.

981

ENFORCE_NETWORK_STACK_PERMISSIONS();

982

bool legacy = false;

983

uid_t uid = 0; // UID is only meaningful for legacy routes.

984

985

// convert Parcel to parameters

986

int res = gCtls->netCtrl.updateRoute(netId, route.ifName.c_str(), route.destination.c_str(),

987

route.nextHop.empty() ? nullptr : route.nextHop.c_str(),

988

legacy, uid, route.mtu);

989

return statusFromErrcode(res);

990

}

991

992

binder::Status NetdNativeService::networkRemoveRouteParcel(int32_t netId,

993

const RouteInfoParcel& route) {

994

return networkRemoveRoute(netId, route.ifName, route.destination, route.nextHop);

995

}

996

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

997

binder::Status NetdNativeService::networkAddRoute(int32_t netId, const std::string& ifName,

998

const std::string& destination,

999

const std::string& nextHop) {

1000

// Public methods of NetworkController are thread-safe.

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1001

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1002

bool legacy = false;

1003

uid_t uid = 0; // UID is only meaningful for legacy routes.

1004

int res = gCtls->netCtrl.addRoute(netId, ifName.c_str(), destination.c_str(),

Tyler Wear

fa94a27

2019-12-05 15:01:48 -0800

[diff] [blame]

1005

nextHop.empty() ? nullptr : nextHop.c_str(), legacy, uid, 0);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1006

return statusFromErrcode(res);

1007

}

1008

1009

binder::Status NetdNativeService::networkRemoveRoute(int32_t netId, const std::string& ifName,

1010

const std::string& destination,

1011

const std::string& nextHop) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1012

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1013

bool legacy = false;

1014

uid_t uid = 0; // UID is only meaningful for legacy routes.

1015

int res = gCtls->netCtrl.removeRoute(netId, ifName.c_str(), destination.c_str(),

1016

nextHop.empty() ? nullptr : nextHop.c_str(), legacy, uid);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1017

return statusFromErrcode(res);

1018

}

1019

1020

binder::Status NetdNativeService::networkAddLegacyRoute(int32_t netId, const std::string& ifName,

1021

const std::string& destination,

1022

const std::string& nextHop, int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1023

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1024

bool legacy = true;

1025

int res = gCtls->netCtrl.addRoute(netId, ifName.c_str(), destination.c_str(),

1026

nextHop.empty() ? nullptr : nextHop.c_str(), legacy,

Tyler Wear

fa94a27

2019-12-05 15:01:48 -0800

[diff] [blame]

1027

(uid_t)uid, 0);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1028

return statusFromErrcode(res);

1029

}

1030

1031

binder::Status NetdNativeService::networkRemoveLegacyRoute(int32_t netId, const std::string& ifName,

1032

const std::string& destination,

1033

const std::string& nextHop,

1034

int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1035

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1036

bool legacy = true;

1037

int res = gCtls->netCtrl.removeRoute(netId, ifName.c_str(), destination.c_str(),

1038

nextHop.empty() ? nullptr : nextHop.c_str(), legacy,

1039

(uid_t) uid);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1040

return statusFromErrcode(res);

1041

}

1042

1043

binder::Status NetdNativeService::networkGetDefault(int32_t* netId) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1044

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1045

*netId = gCtls->netCtrl.getDefaultNetwork();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1046

return binder::Status::ok();

1047

}

1048

1049

binder::Status NetdNativeService::networkSetDefault(int32_t netId) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1050

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1051

int res = gCtls->netCtrl.setDefaultNetwork(netId);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1052

return statusFromErrcode(res);

1053

}

1054

1055

binder::Status NetdNativeService::networkClearDefault() {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1056

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1057

unsigned netId = NETID_UNSET;

1058

int res = gCtls->netCtrl.setDefaultNetwork(netId);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1059

return statusFromErrcode(res);

1060

}

1061

1062

std::vector<uid_t> NetdNativeService::intsToUids(const std::vector<int32_t>& intUids) {

1063

return {begin(intUids), end(intUids)};

1064

}

1065

1066

Permission NetdNativeService::convertPermission(int32_t permission) {

1067

switch (permission) {

1068

case INetd::PERMISSION_NETWORK:

1069

return Permission::PERMISSION_NETWORK;

1070

case INetd::PERMISSION_SYSTEM:

1071

return Permission::PERMISSION_SYSTEM;

1072

default:

1073

return Permission::PERMISSION_NONE;

}

}

binder::Status NetdNativeService::networkSetPermissionForNetwork(int32_t netId,

1078

int32_t permission) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1079

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1080

std::vector<unsigned> netIds = {(unsigned) netId};

1081

int res = gCtls->netCtrl.setPermissionForNetworks(convertPermission(permission), netIds);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1082

return statusFromErrcode(res);

1083

}

1084

1085

binder::Status NetdNativeService::networkSetPermissionForUser(int32_t permission,

1086

const std::vector<int32_t>& uids) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1087

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1088

gCtls->netCtrl.setPermissionForUsers(convertPermission(permission), intsToUids(uids));

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1089

return binder::Status::ok();

1090

}

1091

1092

binder::Status NetdNativeService::networkClearPermissionForUser(const std::vector<int32_t>& uids) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1093

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1094

Permission permission = Permission::PERMISSION_NONE;

1095

gCtls->netCtrl.setPermissionForUsers(permission, intsToUids(uids));

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1096

return binder::Status::ok();

1097

}

1098

Ken Chen

155fb6a

2020-12-10 18:50:19 +0800

[diff] [blame]

1099

binder::Status NetdNativeService::networkSetProtectAllow(int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1100

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1101

std::vector<uid_t> uids = {(uid_t) uid};

1102

gCtls->netCtrl.allowProtect(uids);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1103

return binder::Status::ok();

1104

}

1105

1106

binder::Status NetdNativeService::networkSetProtectDeny(int32_t uid) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1107

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1108

std::vector<uid_t> uids = {(uid_t) uid};

1109

gCtls->netCtrl.denyProtect(uids);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1110

return binder::Status::ok();

1111

}

1112

1113

binder::Status NetdNativeService::networkCanProtect(int32_t uid, bool* ret) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1114

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1115

*ret = gCtls->netCtrl.canProtect((uid_t) uid);

Luke Huang

2018-08-23 20:01:13 +0800

[diff] [blame]

1116

return binder::Status::ok();

1117

}

1118

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

1119

binder::Status NetdNativeService::trafficSetNetPermForUids(int32_t, const std::vector<int32_t>&) {

1120

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Chenbo Feng

48eaed3

2018-12-26 17:40:21 -0800

[diff] [blame]

1121

}

1122

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1123

binder::Status NetdNativeService::firewallSetFirewallType(int32_t firewallType) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1124

NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1125

auto type = static_cast<FirewallType>(firewallType);

1126

1127

int res = gCtls->firewallCtrl.setFirewallType(type);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1128

return statusFromErrcode(res);

1129

}

1130

1131

binder::Status NetdNativeService::firewallSetInterfaceRule(const std::string& ifName,

1132

int32_t firewallRule) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1133

NETD_LOCKING_RPC(gCtls->firewallCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1134

auto rule = static_cast<FirewallRule>(firewallRule);

1135

1136

int res = gCtls->firewallCtrl.setInterfaceRule(ifName.c_str(), rule);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1137

return statusFromErrcode(res);

1138

}

1139

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

1140

binder::Status NetdNativeService::firewallSetUidRule(int32_t, int32_t, int32_t) {

1141

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1142

}

1143

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

1144

binder::Status NetdNativeService::firewallEnableChildChain(int32_t, bool) {

1145

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Luke Huang

2018-07-24 16:38:22 +0800

[diff] [blame]

1146

}

1147

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

1148

binder::Status NetdNativeService::firewallAddUidInterfaceRules(const std::string&,

1149

const std::vector<int32_t>&) {

1150

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Rubin Xu

ec27ff2

2019-01-08 21:33:03 +0000

[diff] [blame]

1151

}

1152

Patrick Rohr

2022-02-01 22:13:27 +0100

[diff] [blame]

1153

binder::Status NetdNativeService::firewallRemoveUidInterfaceRules(const std::vector<int32_t>&) {

1154

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Rubin Xu

ec27ff2

2019-01-08 21:33:03 +0000

[diff] [blame]

1155

}

1156

Luke Huang

2018-10-22 12:12:05 +0900

[diff] [blame]

1157

binder::Status NetdNativeService::tetherAddForward(const std::string& intIface,

1158

const std::string& extIface) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1159

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

2018-10-22 12:12:05 +0900

[diff] [blame]

1160

1161

int res = gCtls->tetherCtrl.enableNat(intIface.c_str(), extIface.c_str());

Luke Huang

2018-10-22 12:12:05 +0900

[diff] [blame]

1162

return statusFromErrcode(res);

1163

}

1164

1165

binder::Status NetdNativeService::tetherRemoveForward(const std::string& intIface,

1166

const std::string& extIface) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1167

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Luke Huang

ae038f8

2018-11-05 11:17:31 +0900

[diff] [blame]

1168

int res = gCtls->tetherCtrl.disableNat(intIface.c_str(), extIface.c_str());

Luke Huang

2018-10-22 12:12:05 +0900

[diff] [blame]

1169

return statusFromErrcode(res);

1170

}

1171

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1172

binder::Status NetdNativeService::setTcpRWmemorySize(const std::string& rmemValues,

1173

const std::string& wmemValues) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1174

ENFORCE_NETWORK_STACK_PERMISSIONS();

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1175

if (!WriteStringToFile(rmemValues, TCP_RMEM_PROC_FILE)) {

1176

int ret = -errno;

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1177

return statusFromErrcode(ret);

1178

}

1179

1180

if (!WriteStringToFile(wmemValues, TCP_WMEM_PROC_FILE)) {

1181

int ret = -errno;

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1182

return statusFromErrcode(ret);

1183

}

Chenbo Feng

2018-11-08 16:10:48 -0800

[diff] [blame]

1184

return binder::Status::ok();

1185

}

1186

Luke Huang

528af60

2018-08-29 19:06:05 +0800

[diff] [blame]

1187

binder::Status NetdNativeService::registerUnsolicitedEventListener(

1188

const android::sp<android::net::INetdUnsolicitedEventListener>& listener) {

Remi NGUYEN VAN

2019-02-07 12:25:23 +0900

[diff] [blame]

1189

ENFORCE_NETWORK_STACK_PERMISSIONS();

Bernie Innocenti

9ee088d

2019-02-01 17:14:32 +0900

[diff] [blame]

1190

gCtls->eventReporter.registerUnsolEventListener(listener);

Luke Huang

528af60

2018-08-29 19:06:05 +0800

[diff] [blame]

1191

return binder::Status::ok();

1192

}

1193

Luke Huang

e60bfd8

2019-04-26 11:39:31 +0800

[diff] [blame]

1194

binder::Status NetdNativeService::getOemNetd(android::sp<android::IBinder>* listener) {

1195

ENFORCE_NETWORK_STACK_PERMISSIONS();

Luke Huang

0e5e69d

2019-03-06 15:42:38 +0800

[diff] [blame]

1196

*listener = com::android::internal::net::OemNetdListener::getListener();

1197

Luke Huang

e60bfd8

2019-04-26 11:39:31 +0800

[diff] [blame]

1198

return binder::Status::ok();

1199

}

1200

Chiachang Wang

00fc62f

2019-12-04 20:38:26 +0800

[diff] [blame]

1201

binder::Status NetdNativeService::getFwmarkForNetwork(int32_t netId, MarkMaskParcel* markMask) {

1202

ENFORCE_NETWORK_STACK_PERMISSIONS();

1203

1204

Fwmark fwmark;

1205

fwmark.netId = netId;

1206

markMask->mask = FWMARK_NET_ID_MASK;

1207

markMask->mark = fwmark.intValue;

1208

return binder::Status::ok();

1209

}

1210

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1211

// TODO: remark @deprecated in INetd.aidl.

1212

binder::Status NetdNativeService::tetherOffloadRuleAdd(const TetherOffloadRuleParcel& /* rule */) {

1213

// deprecated

Lorenzo Colitti

2020-02-18 00:00:35 +0900

[diff] [blame]

1214

ENFORCE_NETWORK_STACK_PERMISSIONS();

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1215

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Lorenzo Colitti

2020-02-18 00:00:35 +0900

[diff] [blame]

1216

}

1217

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1218

// TODO: remark @deprecated in INetd.aidl.

1219

binder::Status NetdNativeService::tetherOffloadRuleRemove(

1220

const TetherOffloadRuleParcel& /* rule */) {

1221

// deprecated

Lorenzo Colitti

2020-02-18 00:00:35 +0900

[diff] [blame]

1222

ENFORCE_NETWORK_STACK_PERMISSIONS();

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1223

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Lorenzo Colitti

2020-02-18 00:00:35 +0900

[diff] [blame]

1224

}

1225

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1226

// TODO: remark @deprecated in INetd.aidl.

Hungming Chen

2020-03-12 16:21:03 +0800

[diff] [blame]

1227

binder::Status NetdNativeService::tetherOffloadGetStats(

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1228

std::vector<TetherStatsParcel>* /* tetherStatsParcelVec */) {

1229

// deprecated

Hungming Chen

2020-03-12 16:21:03 +0800

[diff] [blame]

1230

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1231

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Hungming Chen

2020-03-12 16:21:03 +0800

[diff] [blame]

1232

}

1233

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1234

// TODO: remark @deprecated in INetd.aidl.

1235

binder::Status NetdNativeService::tetherOffloadSetInterfaceQuota(int /* ifIndex */,

1236

int64_t /* quotaBytes */) {

1237

// deprecated

Hungming Chen

0c47671

2020-03-16 13:53:19 +0800

[diff] [blame]

1238

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1239

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Hungming Chen

0c47671

2020-03-16 13:53:19 +0800

[diff] [blame]

1240

}

1241

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1242

// TODO: remark @deprecated in INetd.aidl.

Hungming Chen

468a20c

2020-04-17 20:00:27 +0800

[diff] [blame]

1243

binder::Status NetdNativeService::tetherOffloadGetAndClearStats(

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1244

int /* ifIndex */, android::net::TetherStatsParcel* /* tetherStats */) {

1245

// deprecated

Hungming Chen

468a20c

2020-04-17 20:00:27 +0800

[diff] [blame]

1246

NETD_LOCKING_RPC(gCtls->tetherCtrl.lock, PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK);

Hungming Chen

2021-02-04 20:31:52 +0800

[diff] [blame]

1247

return binder::Status::fromExceptionCode(binder::Status::EX_UNSUPPORTED_OPERATION);

Hungming Chen

468a20c

2020-04-17 20:00:27 +0800

[diff] [blame]

1248

}

1249

Ken Chen

0c209f8

2022-12-22 15:11:39 +0800

[diff] [blame]

1250

binder::Status NetdNativeService::setNetworkAllowlist(

Ken Chen

04ee609

2022-12-26 17:35:33 +0800

[diff] [blame]

1251

const std::vector<NativeUidRangeConfig>& rangeConfigs) {

Ken Chen

0c209f8

2022-12-22 15:11:39 +0800

[diff] [blame]

1252

ENFORCE_NETWORK_STACK_PERMISSIONS();

Ken Chen

04ee609

2022-12-26 17:35:33 +0800

[diff] [blame]

1253

return statusFromErrcode(gCtls->netCtrl.setNetworkAllowlist(rangeConfigs));

Ken Chen

0c209f8

2022-12-22 15:11:39 +0800

[diff] [blame]

1254

}

1255

Lorenzo Colitti