135f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lypage.title=Overview 235f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly@jd:body 335f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly 435f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly<!-- 5768b82a9dfbdd8504eae2736d283a60a37c7a547Clay Murphy Copyright 2013 The Android Open Source Project 635f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly 735f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly Licensed under the Apache License, Version 2.0 (the "License"); 835f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly you may not use this file except in compliance with the License. 935f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly You may obtain a copy of the License at 1035f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly 1135f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly http://www.apache.org/licenses/LICENSE-2.0 1235f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly 1335f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly Unless required by applicable law or agreed to in writing, software 1435f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly distributed under the License is distributed on an "AS IS" BASIS, 1535f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1635f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly See the License for the specific language governing permissions and 1735f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly limitations under the License. 1835f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly--> 1935f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly<p>The per-application/delegated data usage monitoring and tracking 2035f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyfunctionality relies on the xt_qtaguid module in the android-3.0 Linux 2135f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lykernel (<code>kernel/net/netfilter/xt_qtaguid</code>). The socket tagging 2235f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyfunctionality in the framework (<code>system/core/libcutils/qtaguid.c</code>) 2335f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyrelies mainly on the existence of <code>/proc/net/xt_qtaguid/ctrl</code> 2435f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyinterface exported by the <code>xt_qtaguid</code> kernel module.</p> 2535f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly<p>The <code>quota2</code> netfilter module (originally part of <code>xtables-addons</code>) 2635f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyallows the functionality to set named quota limits and was extended to 2735f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lysupport notifying userspace when certain limits are reached. Once the 2835f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyquota limit is reached, the <code>quota2</code> module discards all subsequent 2935f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lynetwork traffic. The framework can also specify additional rules to 3035f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyrestrict background data traffic for an application (refer to 3135f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly<code>com.android.server.NetworkManagementSocketTagger.setKernelCounterSet</code> 3235f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyand 3335f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly<code>android.net.NetworkPolicyManager.POLICY_REJECT_METERED_BACKGROUND</code>).</p> 3435f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly<h1 id="how-does-it-work">How does it work?</h1> 3535f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly<p>The <code>qtaguid</code> netfilter module tracks the network traffic on a 3635f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyper-socket basis for every application using the unique UID of the 3735f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyowning application. There are two tag components associated with any 3835f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lysocket in the system. The first is the UID which uniquely identifies 3935f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lythe application which is responsible for the data transfer (Linux 4035f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyallows the ability to ascribe the ownership of each network socket to 4135f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lythe UID of the calling application). The second tag component is used 4235f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyto support additional characterization of the traffic into application 4335f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lydeveloper specified categories. Using these application level tags, an 4435f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyapplication can profile the traffic into several sub-categories.</p> 4535f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly<p>In the case of applications that provide network data transfer as a 4635f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyservice, such as the download manager, media streaming service, etc, 4735f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyit is possible to attribute the ownership of the network data transfer 4835f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyto the UID of the requesting application using the 4935f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Ly<code>TrafficStats.setThreadStatsUid()</code> function call. The caller must hold 5035f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lythe “<code>android.permission.MODIFY_NETWORK_ACCOUNTING</code>” permission to 5135f2fda6aaeaf733ab68a3b7f7ccc67f009c09a9Robert Lyre-assign the ownership of the network traffic.</p> 52