1e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti/** 2e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * Copyright (c) 2016, The Android Open Source Project 3e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * 4e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * Licensed under the Apache License, Version 2.0 (the "License"); 5e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * you may not use this file except in compliance with the License. 6e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * You may obtain a copy of the License at 7e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * 8e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * http://www.apache.org/licenses/LICENSE-2.0 9e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * 10e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * Unless required by applicable law or agreed to in writing, software 11e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * distributed under the License is distributed on an "AS IS" BASIS, 12e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * See the License for the specific language governing permissions and 14e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti * limitations under the License. 15e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti */ 16e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 17e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#define LOG_TAG "Netd" 18e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 1989faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti#include <vector> 2089faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti 21e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#include <android-base/stringprintf.h> 22e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#include <cutils/log.h> 23e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#include <utils/Errors.h> 24beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai#include <utils/String16.h> 25e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 26e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#include <binder/IPCThreadState.h> 27e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#include <binder/IServiceManager.h> 28e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#include "android/net/BnNetd.h" 29e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 3089faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti#include "Controllers.h" 312d3a163433c435ff053402ae8965f8602c7ac6daErik Kline#include "DumpWriter.h" 32b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline#include "InterfaceController.h" 33e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#include "NetdConstants.h" 34e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#include "NetdNativeService.h" 35b8087363143050d214d48e5620a330776ca95a69Robin Lee#include "RouteController.h" 36563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti#include "SockDiag.h" 37b8087363143050d214d48e5620a330776ca95a69Robin Lee#include "UidRanges.h" 38e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 39e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colittiusing android::base::StringPrintf; 40e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 41e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colittinamespace android { 42e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colittinamespace net { 43e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 44e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colittinamespace { 45e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 46e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitticonst char CONNECTIVITY_INTERNAL[] = "android.permission.CONNECTIVITY_INTERNAL"; 472d3a163433c435ff053402ae8965f8602c7ac6daErik Klineconst char DUMP[] = "android.permission.DUMP"; 48e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 49e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colittibinder::Status checkPermission(const char *permission) { 50e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti pid_t pid; 51e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti uid_t uid; 52e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 53e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti if (checkCallingPermission(String16(permission), (int32_t *) &pid, (int32_t *) &uid)) { 54e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti return binder::Status::ok(); 55e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti } else { 56e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti auto err = StringPrintf("UID %d / PID %d lacks permission %s", uid, pid, permission); 57e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti return binder::Status::fromExceptionCode(binder::Status::EX_SECURITY, String8(err.c_str())); 58e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti } 59e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti} 60e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 61e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti#define ENFORCE_PERMISSION(permission) { \ 62e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti binder::Status status = checkPermission((permission)); \ 63e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti if (!status.isOk()) { \ 64e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti return status; \ 65e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti } \ 66e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti} 67e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 6889faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti#define NETD_LOCKING_RPC(permission, lock) \ 6989faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti ENFORCE_PERMISSION(permission); \ 7089faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti android::RWLock::AutoWLock _lock(lock); 7189faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti 7289faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti#define NETD_BIG_LOCK_RPC(permission) NETD_LOCKING_RPC((permission), gBigNetdLock) 73e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti} // namespace 74e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 75e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 76e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colittistatus_t NetdNativeService::start() { 77e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti IPCThreadState::self()->disableBackgroundScheduling(true); 78e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti status_t ret = BinderService<NetdNativeService>::publish(); 79e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti if (ret != android::OK) { 80e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti return ret; 81e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti } 82e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti sp<ProcessState> ps(ProcessState::self()); 83e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti ps->startThreadPool(); 84e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti ps->giveThreadPoolName(); 85e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti return android::OK; 86e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti} 87e4851dede1dd24bbd80ffd30c4e89c7753fed121Lorenzo Colitti 882d3a163433c435ff053402ae8965f8602c7ac6daErik Klinestatus_t NetdNativeService::dump(int fd, const Vector<String16> & /* args */) { 892d3a163433c435ff053402ae8965f8602c7ac6daErik Kline const binder::Status dump_permission = checkPermission(DUMP); 902d3a163433c435ff053402ae8965f8602c7ac6daErik Kline if (!dump_permission.isOk()) { 912d3a163433c435ff053402ae8965f8602c7ac6daErik Kline const String8 msg(dump_permission.toString8()); 922d3a163433c435ff053402ae8965f8602c7ac6daErik Kline write(fd, msg.string(), msg.size()); 932d3a163433c435ff053402ae8965f8602c7ac6daErik Kline return PERMISSION_DENIED; 942d3a163433c435ff053402ae8965f8602c7ac6daErik Kline } 952d3a163433c435ff053402ae8965f8602c7ac6daErik Kline 962d3a163433c435ff053402ae8965f8602c7ac6daErik Kline // This method does not grab any locks. If individual classes need locking 972d3a163433c435ff053402ae8965f8602c7ac6daErik Kline // their dump() methods MUST handle locking appropriately. 982d3a163433c435ff053402ae8965f8602c7ac6daErik Kline DumpWriter dw(fd); 992d3a163433c435ff053402ae8965f8602c7ac6daErik Kline dw.blankline(); 1002d3a163433c435ff053402ae8965f8602c7ac6daErik Kline gCtls->netCtrl.dump(dw); 1012d3a163433c435ff053402ae8965f8602c7ac6daErik Kline dw.blankline(); 1022d3a163433c435ff053402ae8965f8602c7ac6daErik Kline 1032d3a163433c435ff053402ae8965f8602c7ac6daErik Kline return NO_ERROR; 1042d3a163433c435ff053402ae8965f8602c7ac6daErik Kline} 1052d3a163433c435ff053402ae8965f8602c7ac6daErik Kline 106e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colittibinder::Status NetdNativeService::isAlive(bool *alive) { 10789faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL); 108e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 109e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti *alive = true; 110e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti return binder::Status::ok(); 111e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti} 112e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti 11389faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colittibinder::Status NetdNativeService::firewallReplaceUidChain(const android::String16& chainName, 11489faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti bool isWhitelist, const std::vector<int32_t>& uids, bool *ret) { 11589faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti NETD_LOCKING_RPC(CONNECTIVITY_INTERNAL, gCtls->firewallCtrl.lock); 11689faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti 11789faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti android::String8 name = android::String8(chainName); 11889faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti int err = gCtls->firewallCtrl.replaceUidChain(name.string(), isWhitelist, uids); 11989faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti *ret = (err == 0); 12089faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti return binder::Status::ok(); 121dedd271d9961dbe8b99ffa7d54ffd63ac326f866Lorenzo Colitti} 122dedd271d9961dbe8b99ffa7d54ffd63ac326f866Lorenzo Colitti 123dedd271d9961dbe8b99ffa7d54ffd63ac326f866Lorenzo Colittibinder::Status NetdNativeService::bandwidthEnableDataSaver(bool enable, bool *ret) { 124dedd271d9961dbe8b99ffa7d54ffd63ac326f866Lorenzo Colitti NETD_LOCKING_RPC(CONNECTIVITY_INTERNAL, gCtls->bandwidthCtrl.lock); 12589faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti 126dedd271d9961dbe8b99ffa7d54ffd63ac326f866Lorenzo Colitti int err = gCtls->bandwidthCtrl.enableDataSaver(enable); 127dedd271d9961dbe8b99ffa7d54ffd63ac326f866Lorenzo Colitti *ret = (err == 0); 128dedd271d9961dbe8b99ffa7d54ffd63ac326f866Lorenzo Colitti return binder::Status::ok(); 12989faa349525ad1110b6fa3f2149e6ef825c65662Lorenzo Colitti} 130dedd271d9961dbe8b99ffa7d54ffd63ac326f866Lorenzo Colitti 131b8087363143050d214d48e5620a330776ca95a69Robin Leebinder::Status NetdNativeService::networkRejectNonSecureVpn(bool add, 132b8087363143050d214d48e5620a330776ca95a69Robin Lee const std::vector<UidRange>& uidRangeArray) { 133b8087363143050d214d48e5620a330776ca95a69Robin Lee // TODO: elsewhere RouteController is only used from the tethering and network controllers, so 134b8087363143050d214d48e5620a330776ca95a69Robin Lee // it should be possible to use the same lock as NetworkController. However, every call through 135b8087363143050d214d48e5620a330776ca95a69Robin Lee // the CommandListener "network" command will need to hold this lock too, not just the ones that 136b8087363143050d214d48e5620a330776ca95a69Robin Lee // read/modify network internal state (that is sufficient for ::dump() because it doesn't 137b8087363143050d214d48e5620a330776ca95a69Robin Lee // look at routes, but it's not enough here). 138b8087363143050d214d48e5620a330776ca95a69Robin Lee NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL); 139b8087363143050d214d48e5620a330776ca95a69Robin Lee 140563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti UidRanges uidRanges(uidRangeArray); 141b8087363143050d214d48e5620a330776ca95a69Robin Lee 142b8087363143050d214d48e5620a330776ca95a69Robin Lee int err; 143b8087363143050d214d48e5620a330776ca95a69Robin Lee if (add) { 144b8087363143050d214d48e5620a330776ca95a69Robin Lee err = RouteController::addUsersToRejectNonSecureNetworkRule(uidRanges); 145b8087363143050d214d48e5620a330776ca95a69Robin Lee } else { 146b8087363143050d214d48e5620a330776ca95a69Robin Lee err = RouteController::removeUsersFromRejectNonSecureNetworkRule(uidRanges); 147b8087363143050d214d48e5620a330776ca95a69Robin Lee } 148b8087363143050d214d48e5620a330776ca95a69Robin Lee 149b8087363143050d214d48e5620a330776ca95a69Robin Lee if (err != 0) { 150b8087363143050d214d48e5620a330776ca95a69Robin Lee return binder::Status::fromServiceSpecificError(-err, 151b8087363143050d214d48e5620a330776ca95a69Robin Lee String8::format("RouteController error: %s", strerror(-err))); 152b8087363143050d214d48e5620a330776ca95a69Robin Lee } 153b8087363143050d214d48e5620a330776ca95a69Robin Lee return binder::Status::ok(); 154b8087363143050d214d48e5620a330776ca95a69Robin Lee} 155b8087363143050d214d48e5620a330776ca95a69Robin Lee 156563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colittibinder::Status NetdNativeService::socketDestroy(const std::vector<UidRange>& uids, 157563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti const std::vector<int32_t>& skipUids) { 158563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti 159563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL); 160563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti 161563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti SockDiag sd; 162563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti if (!sd.open()) { 163563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti return binder::Status::fromServiceSpecificError(EIO, 164563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti String8("Could not open SOCK_DIAG socket")); 165563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti } 166563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti 167563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti UidRanges uidRanges(uids); 1680726fec82842883a2332318aa675f7f04670db51Lorenzo Colitti int err = sd.destroySockets(uidRanges, std::set<uid_t>(skipUids.begin(), skipUids.end()), 1690726fec82842883a2332318aa675f7f04670db51Lorenzo Colitti true /* excludeLoopback */); 170563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti 171563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti if (err) { 172563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti return binder::Status::fromServiceSpecificError(-err, 173563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti String8::format("destroySockets: %s", strerror(-err))); 174563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti } 175beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai return binder::Status::ok(); 176beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai} 177beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai 178beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imaibinder::Status NetdNativeService::setResolverConfiguration(int32_t netId, 179beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai const std::vector<std::string>& servers, const std::vector<std::string>& domains, 180beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai const std::vector<int32_t>& params) { 181beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai // This function intentionally does not lock within Netd, as Bionic is thread-safe. 182beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL); 183563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti 184beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai int err = gCtls->resolverCtrl.setResolverConfiguration(netId, servers, domains, params); 185beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai if (err != 0) { 186beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai return binder::Status::fromServiceSpecificError(-err, 187beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai String8::format("ResolverController error: %s", strerror(-err))); 188beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai } 189beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai return binder::Status::ok(); 190beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai} 191beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai 192beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imaibinder::Status NetdNativeService::getResolverInfo(int32_t netId, 193beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai std::vector<std::string>* servers, std::vector<std::string>* domains, 194beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai std::vector<int32_t>* params, std::vector<int32_t>* stats) { 195beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai // This function intentionally does not lock within Netd, as Bionic is thread-safe. 196beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL); 197beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai 198beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai int err = gCtls->resolverCtrl.getResolverInfo(netId, servers, domains, params, stats); 199beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai if (err != 0) { 200beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai return binder::Status::fromServiceSpecificError(-err, 201beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai String8::format("ResolverController error: %s", strerror(-err))); 202beedec3bc42d6f40a2c83a65522e85b5ff046f79Pierre Imai } 203563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti return binder::Status::ok(); 204563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti} 205563d98b27d02a1d694fc4ed82b5554fd534c9dafLorenzo Colitti 206212c405c296ed869eda927e683734aff80248872Erik Klinebinder::Status NetdNativeService::tetherApplyDnsInterfaces(bool *ret) { 207212c405c296ed869eda927e683734aff80248872Erik Kline NETD_BIG_LOCK_RPC(CONNECTIVITY_INTERNAL); 208212c405c296ed869eda927e683734aff80248872Erik Kline 209212c405c296ed869eda927e683734aff80248872Erik Kline *ret = gCtls->tetherCtrl.applyDnsInterfaces(); 210212c405c296ed869eda927e683734aff80248872Erik Kline return binder::Status::ok(); 211212c405c296ed869eda927e683734aff80248872Erik Kline} 212212c405c296ed869eda927e683734aff80248872Erik Kline 213c296f098b63a986265ded8adf13118ba512a0fa7Erik Klinebinder::Status NetdNativeService::interfaceAddAddress(const std::string &ifName, 214c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline const std::string &addrString, int prefixLength) { 215c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL); 216c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline 217c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline const int err = InterfaceController::addAddress( 218c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline ifName.c_str(), addrString.c_str(), prefixLength); 219c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline if (err != 0) { 220c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline return binder::Status::fromServiceSpecificError(-err, 221c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline String8::format("InterfaceController error: %s", strerror(-err))); 222c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline } 223c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline return binder::Status::ok(); 224c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline} 225c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline 226c296f098b63a986265ded8adf13118ba512a0fa7Erik Klinebinder::Status NetdNativeService::interfaceDelAddress(const std::string &ifName, 227c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline const std::string &addrString, int prefixLength) { 228c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL); 229c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline 230c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline const int err = InterfaceController::delAddress( 231c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline ifName.c_str(), addrString.c_str(), prefixLength); 232c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline if (err != 0) { 233c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline return binder::Status::fromServiceSpecificError(-err, 234c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline String8::format("InterfaceController error: %s", strerror(-err))); 235c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline } 236c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline return binder::Status::ok(); 237c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline} 238c296f098b63a986265ded8adf13118ba512a0fa7Erik Kline 239b218a87e0777d3d2c93231e03ef7315d783e3279Erik Klinebinder::Status NetdNativeService::setProcSysNet( 240b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline int32_t family, int32_t which, const std::string &ifname, const std::string ¶meter, 241b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline const std::string &value) { 242b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL); 243b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline 244b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline const char *familyStr; 245b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline switch (family) { 246b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline case INetd::IPV4: 247b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline familyStr = "ipv4"; 248b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline break; 249b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline case INetd::IPV6: 250b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline familyStr = "ipv6"; 251b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline break; 252b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline default: 253b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline return binder::Status::fromServiceSpecificError(EAFNOSUPPORT, String8("Bad family")); 254b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline } 255b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline 256b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline const char *whichStr; 257b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline switch (which) { 258b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline case INetd::CONF: 259b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline whichStr = "conf"; 260b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline break; 261b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline case INetd::NEIGH: 262b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline whichStr = "neigh"; 263b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline break; 264b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline default: 265b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline return binder::Status::fromServiceSpecificError(EINVAL, String8("Bad category")); 266b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline } 267b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline 268b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline const int err = InterfaceController::setParameter( 269b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline familyStr, whichStr, ifname.c_str(), parameter.c_str(), 270b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline value.c_str()); 271b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline if (err != 0) { 272b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline return binder::Status::fromServiceSpecificError(-err, 273b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline String8::format("ResolverController error: %s", strerror(-err))); 274b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline } 275b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline return binder::Status::ok(); 276b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline} 277b218a87e0777d3d2c93231e03ef7315d783e3279Erik Kline 278e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti} // namespace net 279e4d626ea35b7a402388b524e2feafc81e6387697Lorenzo Colitti} // namespace android 280