8ef9907bdbbeaae00be914c77f3425e2e31c2f28 |
|
06-Oct-2016 |
Michal Karpinski <mkarpinski@google.com> |
DO NOT MERGE Adding EventReporter class This class stores the reporting level and can be used to get the event listener service. Bug: 29748723 (cherry picked from commit be581e228bd1a97efd179edcdd3e744622fb99b8) Change-Id: I825dbce5d40af6b781d177a611ab606853fc2e01
/system/netd/server/NetworkController.cpp
|
a0f5ae964233c91971711d61fc1b25d8b6b75b62 |
|
13-Sep-2016 |
Robin Lee <rgl@google.com> |
DO NOT MERGE Benchmarks for network metrics reporting Bug: 29748723 Test: this is an APCT test. (cherry picked from commit 484dac1d071c7476895c4a3184e8dbdd7b63e524) Change-Id: I102aeb84c92716f5e022b50792c2fd1cde98e286
/system/netd/server/NetworkController.cpp
|
1f28b6403effcbf8a2c6fd35a7b1474b60bc0463 |
|
26-Sep-2016 |
Lorenzo Colitti <lorenzo@google.com> |
List network permissions in dumpsys netd. Bug: 23113288 Change-Id: Iea225ead1f6296ded29fcee2435a8c6aa2a67429
/system/netd/server/NetworkController.cpp
|
c6201c3754710e235f16118761b23760ff4136ad |
|
13-Sep-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Close sockets when changing network permissions. Bug: 23113288 Change-Id: I8dcb02c79c81244e5b7288cb50770ac6a5867fcc
/system/netd/server/NetworkController.cpp
|
c63059c8a7423b13cecc8b65885d54c12aae0d10 |
|
21-Jun-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Always use the default network DNS servers if a VPN does not set any. When a VPN provides no DNS servers, DNS lookups are usually sent to the default network's DNS servers. However, if a DNS lookup is explicitly made on the VPN (e.g., via Network#openConnection), then it just fails. This breaks system proxies which perform network traffic on VPNs on behalf of other apps, e.g., the download manager. Fix this by doing the query to the default DNS servers (via the default network) instead. This is consistent with what we do with DNS queries that do not specify a network. While this is a change in behaviour, it shouldn't cause much breakage because the query would previously just fail. Bug: 29498052 Change-Id: Ie4002c9835bb1ff6d3d92c00c9c04e634fc3cda4
/system/netd/server/NetworkController.cpp
|
6be561952ca91e19bc1ba6195ec47e33b43ae7fd |
|
16-May-2016 |
Pierre Imai <imaipi@google.com> |
Fix P2TP VPNs by adding an exception for VPN user. BUG: 27199751 Change-Id: I1144228febba0c4cce1333fb39ea186d2963ed10
/system/netd/server/NetworkController.cpp
|
3a272070fc318ef1a7a5a04e500483f1a7c629a8 |
|
19-Apr-2016 |
Pierre Imai <imaipi@google.com> |
Add dumpsys support to ResolverController BUG: 25731675 Change-Id: I1c715368b1f2d5e732528cd226b3f69792b75321
/system/netd/server/NetworkController.cpp
|
fff4bd31ff2bad0acfd8f2439eccf7df70e9695f |
|
13-Apr-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Kill sockets when a VPN comes up. 1. Change the SockDiag callback function to be a filter that returns a bool instead of a function that optionally kills a socket. All existing callbacks basically only existed to kill sockets under certain conditions, and making them return a boolean allows reusing the same callback function signature to filter sockets as well. 2. Add a new SockDiag method to kill sockets based on a UidRanges object (which contains a number of UID ranges) and a list of users to skip. 3. Add a new UIDRANGE mode to SockDiagTest to test the above. 4. When UID ranges are added or removed from the VPN, kill sockets in those UID ranges unless the socket UIDs are in mProtectableUsers and thus their creator might have set the protect bit on their mark. Short of actually being able to see the socket mark on each socket and basing our decision on that, this is the best we can do. Bug: 26976388 Change-Id: I53a30df3feb63254a6451a29fa6041c9b679f9bb
/system/netd/server/NetworkController.cpp
|
2d3a163433c435ff053402ae8965f8602c7ac6da |
|
15-Mar-2016 |
Erik Kline <ek@google.com> |
Add initial dump() method to NetdNativeService This is called by "dumpsys netd". Bug: 27239233 Change-Id: I27fb308f8067243ff241a6f8fd6a83f406087d2a
/system/netd/server/NetworkController.cpp
|
492ca5bca129186b53f203386ebe3e28f9143c9e |
|
09-Mar-2016 |
Erik Kline <ek@google.com> |
More correctly set app_mark in getNetworkContext. Specifically: set explicitlySelected, protectedFromVpn and permissions. Bug: 26256264 Change-Id: I1ebd2c1878fb7166ac63c061c8731e66b0050a30
/system/netd/server/NetworkController.cpp
|
cea2d3455eb7c0d9ad1430607cbe98cc09251c1f |
|
25-Jun-2015 |
Erik Kline <ek@google.com> |
Use struct android_net_context when interfacing with bionic Add a new NetworkController::getNetworkContext() that builds the contents of a struct net_context out of getNetworkForConnect() and getNetworkForDns(). Bug: 19470192 Bug: 20733156 Bug: 21832279 Change-Id: I5a69b0413a83d33be28b78c0a99359b109517a8f
/system/netd/server/NetworkController.cpp
|
3667936aadcabddc708797ac38ce1ffb2f992cb3 |
|
25-Feb-2015 |
Lorenzo Colitti <lorenzo@google.com> |
Add a dummy network that discards all packets. Bug: 19500693 Change-Id: Ic25f2d8c481f1528e887e43ca3fa868189582110
/system/netd/server/NetworkController.cpp
|
a1067c8d2b2165f1058a3a8216bed4efacfa1c80 |
|
02-Oct-2014 |
Lorenzo Colitti <lorenzo@google.com> |
Improve error return values on network selection. It's very confusing to see EPERM when opening or connecting a socket when the problem is not security-related. In the (common) case where an app cannot select a network because it does not exist, return ENONET ("Machine is not on network") instead. Also, return EREMOTEIO for when we can't figure out who the user is, and use EPERM for VPN denials and EACCES for permission bits. Bug: 17702933 Change-Id: Ia680c485e0ea1efad1ad374231d994e9bfd4cd5a
/system/netd/server/NetworkController.cpp
|
bbdde9909b7b4fd31c5857156ceb00049bf4992d |
|
06-Sep-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Reserve NetIds 1..50 for OEM use. Also reserve 51..100 for our use. Bug: 17303534 Change-Id: Id082368b493dc3c5b5c479e51d273458d80ec6aa
/system/netd/server/NetworkController.cpp
|
99286fe1ef6fc325c28dd10b651b5adedd549495 |
|
12-Aug-2014 |
Lorenzo Colitti <lorenzo@google.com> |
Make destroying networks more robust. 1. Retry route flushes if they fail. 2. Make destroyNetwork ignore (but return) errors. Bug: 16944962 Change-Id: I26301613437d7cc373ff64955fd44d716e9982b9
/system/netd/server/NetworkController.cpp
|
738c93ee075354ffafb3a8ceef76e9aa711f057b |
|
30-Jul-2014 |
Lorenzo Colitti <lorenzo@google.com> |
Minor improvements to NetworkController error reporting. Currently, when trying to perform an operation on netId that does not exist, we return EINVAL. This can be confusing because lots of things can return EINVAL for many different reasons. Instead, change this to ENONET ("Machine is not on network"), which was what Sreeram originally implemented before we changed it to EINVAL. I also considered ENOENT ("No such file or directory"), but on reflection that seems less appropriate, and it's used by other things as well. ENONET appears to have no uses in our tree. It is also clearly separate from the ESRCH we return for nonexistent rules. While I'm at it, also disambiguate some of the if (foo || bar ) { return EFOO; } to return two different error codes. Bug: 16667349 Change-Id: Ief2d720a58679aa746f5ba273d545487d0825e52
/system/netd/server/NetworkController.cpp
|
507e7c5bbfcd1d68f67477866497adb1748c5fd5 |
|
28-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Merge "Fix fwmark handling for bypassable VPNs and DNS." into lmp-dev
|
1011b4941d96d9fd90bc7243be387b63ec775936 |
|
25-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Fix fwmark handling for bypassable VPNs and DNS. This is a significant change to the way fwmarks are handled for two purposes: 1. Bypassable VPN. This was introduced in http://ag/510058 and had an issue that if there's a default network, it would always be used in connect(), so the bypassable VPN wouldn't get any traffic. This CL fixes that issue by using the bypassable VPN's NetId in connect(). See the comments in the code for more details. 2. DNS. The previous DNS code (specifically, getNetworkForUser()) had two problems: + Even if a user asks for a NetId they have permission for, we'd always use the user's VPN if they were subject to one. So, for example, a system IMS app that brings up the mobile network in the presence of a VPN would still have its DNS queries sent over the VPN, instead of mobile as desired. + Any user could perform DNS over any valid network, even one they didn't have permissions for, as long as they weren't subject to a VPN. So, for example, an app could use the DNS servers of a different profile's VPN. This CL fixes those problems. See getNetworkForDns() for more details. The two pieces above are inter-related. Previously, we never set the explicit bit from the DNS code. But we need to do that if the user asks for a network explicitly, for two reasons: o So that the DNS query is really restricted to that network and doesn't fallthrough to the default network. o So that the heuristic described in ON_CONNECT works in all cases. I.e., if the DNS proxy's connect() request comes in with the explicit bit NOT set, we know that the NetId can only be either the default network or a VPN. This CL is not intended to be robust against race conditions. In general, very little of the netd code is resilient. A separate effort needs to be undertaken to carefully audit all the code and logic to guard against things like: * A VPN being established between calls to getNetworkForDns() and connect(). * State changes between multiple calls to NetworkController from clients such as FwmarkServer and DnsProxyListener. * Routing rules / iptables rules being set up in a less-than-ideal order. * ... etc. Bug: 15347374 Change-Id: I5baad9168c4f4f3ef4129e07234b4bf24b0d8ba2
/system/netd/server/NetworkController.cpp
|
48e19b037e7e20674048ef76bf31ce65c741347c |
|
23-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Implement the fallthrough rule to support split tunnel VPNs. Change-Id: Ibc48caedb5954c6b12bfa553d978bab56c4b09aa
/system/netd/server/NetworkController.cpp
|
95684ba176a9fe5ea59207d7202e47fa12bbfdbe |
|
23-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Implement support for bypassable VPNs. Bypassable VPNs grab all traffic by default (just like secure VPNs), but: + They allow all apps to choose other networks using the multinetwork APIs. If these other networks are insecure ("untrusted"), they will enforce that the app holds the necessary permissions, such as CHANGE_NETWORK_STATE. + They support consistent routing. If an app has an existing connection over some other network when the bypassable VPN comes up, it's not interrupted. Bug: 15347374 Change-Id: Iaee9c6f6fa8103215738570d2b65d3fcf10343f3
/system/netd/server/NetworkController.cpp
|
87475a1471373b72ffc9f81f17dfd7884723fa86 |
|
16-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Fix WiFi-Direct and Tethering. A LocalNetwork object now always exists in the NetworkController, with a fixed NetId that's guaranteed not to collide with NetIds created by the framework. When routes are added on an interface tracked by the LocalNetwork, they are added to a fixed "local_network" table. When NAT is enabled, we add a special "iif -> oif" tethering rule. Bug: 15413694 Bug: 15413741 Change-Id: I36effc438d5ac193a77174493bf196cb68a5b97a
/system/netd/server/NetworkController.cpp
|
070b2d296de30e3dbc68c21f542acb1f2914d870 |
|
12-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Don't reset a VPN's NetId in the connect() shim. Change-Id: I0cc6c0e221a40c9100c8f4c0c5e761fce3f9b0ae
/system/netd/server/NetworkController.cpp
|
6a773534e7f8541f221f27fb8063af079b1a5936 |
|
11-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Fix tethering in the case of a regular upstream connection. Fixes tethering via Ethernet, Bluetooth and WiFi (hotspot). Tethering when the upstream has a DUN-specific APN is likely still broken (untested). For now, assign a fixed NetId (a hack) until we can change the framework to create a valid NetworkAgent and all that jazz. Bug: 15968336 Bug: 14988803 Change-Id: Idcf4d492d9329a9c87913e27be6dd835a792bea2
/system/netd/server/NetworkController.cpp
|
e09b20aee85f1dfd8c18c3d8581ac875d939ba70 |
|
06-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Add full support for UIDs in VPNs. Major: + Implement the functions mentioned in http://go/android-multinetwork-routing correctly, including handling accept(), connect(), setNetworkForSocket() and protect() and supporting functions like canUserSelectNetwork(). + Eliminate the old code path of getting/setting UID ranges through SecondaryTableController (which is currently unused) and mUidMap. Minor: + Rename some methods/variables for clarity and consistency. + Moved some methods in .cpp files to match declaration order in the .h files. Bug: 15409918 Change-Id: Ic6ce3646c58cf645db0d9a53cbeefdd7ffafff93
/system/netd/server/NetworkController.cpp
|
5009d5ef3fbcdc69d772b528fd22184b7d605afa |
|
03-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Update routing rules. As per the latest changes to: http://go/android-multinetwork-routing Functional changes: + Add explicit=NO to the implicit network rules, though it's a no-op. + Remove most of the UID=0 (kernel access) rules since they are no longer needed, except in one case to allow access to a VPN. + Add the explicit, protect and permissions bits to the incoming packet mark. + VPNs now don't need an implicit network rule. + Modifying network permissions now modifies the incoming packet mark as well. Cosmetic changes: + Renamed the legacy tables to match their permissions (SYSTEM and NETWORK). + Renamed most functions and methods for clarity and consistency. + Renamed and adjusted some ule priorities. + Move most rule modifications into their own functions, to prevent brittle reliance on the previous state of the fwmark/mask variables. Change-Id: I958a7e158ee918d5254de606fcfa55fe23327438
/system/netd/server/NetworkController.cpp
|
ed4bd1f7d219f9f5f56763ea02cf4947e78397f6 |
|
05-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Fix permissions handling. + Rename the permissions as per: http://go/android-multinetwork-routing + Make the SYSTEM permission explicitly include NETWORK. + Grant the SYSTEM permission to system UIDs by default, but allow the framework to override them if necessary. + Move the "string to permission" parsing to CommandListener.cpp, thus allowing us to get rid of Permission.cpp. + There's no need to support multiple permissions string arguments, so tighten that up. Change-Id: I73d51b5e2f44a97e6d5ab5943ff198cebfbcc0c4
/system/netd/server/NetworkController.cpp
|
89dad013e4dd98434b0409a84567f38782894029 |
|
02-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Keep track of users allowed to call protect() explicitly. This is an API change between ConnectivityService and Netd. The ownerUid was meant for this purpose, but it's insufficient, as apps need to call protect() _before_ they create a VPN. Bug: 15409918 Change-Id: If804aa106002e96d5ffb623d32db35fd76928367
/system/netd/server/NetworkController.cpp
|
36ed53e37b2639681055b2d3d8777241e7dd6982 |
|
02-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Cosmetic: Add a way to query the type of a network. This is a cosmetic change, i.e., there's no change in functionality. This is the poor man's RTTI. It turns out that maintaining separate lists (or maps) of the different types of networks gets burdensome pretty quickly (especially in an upcoming CL where we add functions like canUserSelectNetwork()). Change-Id: If5250c0fc106045f681d0fd71278b793addbe1e3
/system/netd/server/NetworkController.cpp
|
eb27b7ec10faf47a93fbc2863092cc667b05e252 |
|
01-Jul-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Fix routing rules. Fix the rules in RouteController as per the latest iteration of the routing design: http://go/android-multinetwork-routing. Changes include: + The legacy tables have to be global. So remove the UID being passed in to modifyRoute() and remove the associated TODOs. + Add UID=0 rules to let the kernel access routes on privileged networks. + Add a UID=0 clause to the directly-connected hack, thus fixing the TODO. + Add the privileged_legacy table just above the legacy table, when overriding the default network. (The same table remains added at the top of the rule chain, to override VPNs, but only for CONNECTIVITY_INTERNAL-privileged apps). Other cosmetic changes: + Update the names and values of the rule priorities. + Move the legacy table IDs to the .h file in anticipation of using them from bugreport / dump commands. + Make 'action' the first parameter consistently. Change-Id: I6634a19ddc8062b2ef55d926c7892fff8c586106
/system/netd/server/NetworkController.cpp
|
b1425cc09f8a29350520db0d4f489331df5a689b |
|
24-Jun-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Add UID range support to VPNs. This adds the necessary routing rules. Future CLs will add the ability to select the right netId for connect(), setNetworkForSocket(), DNS resolutions, etc. Bug: 15409918 Change-Id: I88a67660d49cecda834dd72ab947fbfed250f09d
/system/netd/server/NetworkController.cpp
|
4043f01f8e25f24246efadc710ad7440aab75529 |
|
23-Jun-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Introduce VPN support. This change sets up the basic routing rules for VPNs. It doesn't yet handle UID ranges (that are meant to apply to the VPN) correctly. That's forthcoming in other CLs. Bug: 15409918 Change-Id: I284de04f176dcf6ba702361de6a614266256d04e
/system/netd/server/NetworkController.cpp
|
f4f6c8de3f091be4b91a5a9d7f14e8882ec6d502 |
|
23-Jun-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Refactor: Encapsulate permissions and interfaces into a Network class. Currently, there's a lot of logic in NetworkController surrounding events such as interface addition/removal, network creation/destruction and default network change, because these events are interwined. For example, adding an interface means also adding a corresponding default network rule if the interface is being added to the current default network. When we introduce VPNs into this mix, things will get hairy real quick for all this logic in NetworkController. In this refactor, we introduce an abstract base class Network which supports adding and removing interfaces. The main concrete implementation of this is PhysicalNetwork, which allows setting permissions and "default network" state. Since we've moved network permissions into the above class, and user permissions into NetworkController, PermissionsController is unused and has been removed. Also fix a few bugs in RouteController: + Use uidEnd correctly. + Check for all error cases in inet_pton. + Check the return value of android_fork_execvp() correctly. + The "return cmd1() && cmd2()" pattern is wrong. Rewrite that code. Also (non-functional changes): + Remove instantiations of RouteController. It has static methods only. + Reorder some blocks in CommandListener so that the most frequent commands are checked first. + Remove unused paramError() and clearNetworkPreference(). + Change all return codes to int (negative errno) wherever applicable. + Add WARN_UNUSED_RESULT everywhere. + Cleanup some style in RouteController and NetworkController. + Use uid_t instead of unsigned for user IDs. + Add clearer log messages at the source of failures. + Add a check for when fwmark bits are set without corresponding mask bits. Bug: 15409918 Change-Id: Ibba78b0850160f9f3d17d476f16331a6db0025d1
/system/netd/server/NetworkController.cpp
|
96f261e8b28048b8cb48f5a4e81822c73bb813f4 |
|
23-Jun-2014 |
Lorenzo Colitti <lorenzo@google.com> |
Pass rule modification errors back to CommandListener. Change-Id: If01334dccad8b6230648713a57fd58be180ac66b
/system/netd/server/NetworkController.cpp
|
f7fc8eccb0a6a4fbca4cafdf53f5c167c8f1d755 |
|
17-Jun-2014 |
Lorenzo Colitti <lorenzo@google.com> |
Pass route add/delete errors back to CommandListener. Change-Id: Id1d6d578963080e141f71bc1303801fc53bce40a
/system/netd/server/NetworkController.cpp
|
a561e121c724e9163b2e256e15eef660e3a326da |
|
12-Jun-2014 |
Paul Jensen <pauljensen@google.com> |
Cache interface indices in case interfaces go away. Without caching them netd will fail to remove rules and routes, for example, when the Bluetooth reverse-tether interface ("bt-pan") goes away. bug:15407087 Change-Id: I99fcf00f9645a0b029455516a705b70110f62ff6
/system/netd/server/NetworkController.cpp
|
6ff16785ae1f67f44a73ad00d6c86690af6772d2 |
|
11-Jun-2014 |
Paul Jensen <pauljensen@google.com> |
Fix use-after-free of interface name during network destruction. bug:15560990 Change-Id: I899827c4f50847a3a60b6359f829bee5d6eb4f00
/system/netd/server/NetworkController.cpp
|
bfe8e77344c713844dbb40b14999f50a1e2a2142 |
|
30-May-2014 |
Lorenzo Colitti <lorenzo@google.com> |
am ce8f583f: Set errno in NetworkController commands. * commit 'ce8f583ff6620a19602d3c4604557e1b1501cafa': Set errno in NetworkController commands.
|
38b7af1f2cb9579895465fabc37865f5dadcac25 |
|
22-May-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Support legacy routes added by apps via ensureRouteToHost(). This adds the routes to two fixed tables: + LEGACY, which has higher priority than other non-explicit lookup tables (per-network and default network). + PRIVILEGED_LEGACY, available only to system apps and has higher priority than VPNs (system apps are those with the CONNECTIVITY_INTERNAL permission). This will be changed to per-UID tables once the kernel supports UID-based routing, so that these legacy routes are scoped to each app and not global. Also, fix a TODO: The framework (as of http://ag/471599) will not set the gateway argument if it's actually a direct-connected route. Change-Id: I0ee1ca89fdc859d75a89021ca8c1902811b1e4a9
/system/netd/server/NetworkController.cpp
|
ce8f583ff6620a19602d3c4604557e1b1501cafa |
|
28-May-2014 |
Lorenzo Colitti <lorenzo@google.com> |
Set errno in NetworkController commands. Set errno in the NetworkController functions that are called by CommandListener and where failure causes an operationError. This is because operationError always appends errno to its messages, and "400 481 addInterfaceToNetwork() failed (Device or resource busy)" is more useful than: "400 481 addInterfaceToNetwork() failed (Success)" We already call ALOGE to put descriptive messages in the system log, but the bugreport already conveniently aggregates all netd commands in one place in the network_management service dump, and it would help if the errno in those messages were accurate. Unfortunately many of the route and iptables commands shell out to /sbin/ip and we can't return meaningful values, but we'll fix that when (if?) we replace that with a proper netlink implementation. Bug: 15316764 Change-Id: Ia47f451029d611491aa72bca602de77333f2c6a0
/system/netd/server/NetworkController.cpp
|
72604075e74af459fb4637404fbf030422c6b6b6 |
|
21-May-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Rework the determination of a "valid network". + isNetIdValid() doesn't make much sense. What we want is whether the netId has actually been created (via createNetwork()). + It isn't an error to call deleteNetwork() or setDefaultNetwork() even when there are no interfaces assigned to the network. + Secure all accesses to the maps in PermissionsController with locks; they are called from many threads (CommandListener, DnsProxyListener and FwmarkServer). + Remove the redundant mIfaceNetidMap. + Minor cosmetic changes to things such as #includes and log messages. Change-Id: Ieb154589b24f00ba8067eaaec4def3534aec4923
/system/netd/server/NetworkController.cpp
|
f4cfad361175a7f9ccf4d41e76a9b289c3c3da22 |
|
21-May-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Move netd_client into netd. Change-Id: Ie4b6b303225c93f2448a503d6ea9cebb552cbad5
/system/netd/server/NetworkController.cpp
|