History log of /system/netd/client/NetdClient.cpp
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
794c5c714a4d4cf169769ec956845a6fb24e7ebc 31-Oct-2016 Hugo Benichi <hugobenichi@google.com> Add success/errno to connect() event reporting

Test: $ runtest -x system/netd/tests/netd_integration_test.cpp
Bug: 32198976
Change-Id: I050a1fc4172214f38d1ab9ca2b83d882766e9522
/system/netd/client/NetdClient.cpp
4b9b78aa02336de9291e5085401cef44c03c3bba 06-Oct-2016 Michal Karpinski <mkarpinski@google.com> Add connect event reporting

Adds reporting of connect events including netId, destination IP address,
destination port, uid and connect latency.

Also enables the relevant tests in the connect_benchmark.

Currently ignores the new data it receives, further work will be
done in the subsequent CLs.

Test: for now just the benchmarking, in the future CTS

Bug: 29748723
Change-Id: Id9819552a6d9ad5efc1aff5262d44caa994952aa
/system/netd/client/NetdClient.cpp
cc544162e08dd0df271cd77a3f2c85dbaaa461e2 21-Sep-2016 Robin Lee <rgl@google.com> Move Stopwatch into its own header

Bug: 29748723
Change-Id: I7433f766909177b0ec945aa26f98534069b35891
Test: netd_integration_test
/system/netd/client/NetdClient.cpp
d1df597001aadd5d83c9a3d1fe8bbde2bc9256ca 06-May-2015 Paul Jensen <pauljensen@google.com> Add FwmarkServer support for querying whether a UID can access a NetID

This new FwmarkServer API is only accessible from system apps.

Bug:20470604
Change-Id: Ie2376cdddc10f658fcc5802ef3e8dc9f1948d5c0
/system/netd/client/NetdClient.cpp
53ea9cadf6cc5f8be1c16b5b6b660cd7366fd3f0 31-Jan-2015 Nick Kralevich <nnk@google.com> Avoid leaking file descriptors

Add O_CLOEXEC on open() calls, and SOCK_CLOEXEC on socket calls.
This avoids leaking file descriptors across execs.

Addresses the following SELinux denial:

audit(1422740213.283:8): avc: denied { read write } for pid=2597 comm="clatd" path="socket:[6709]" dev="sockfs" ino=6709 scontext=u:r:clatd:s0 tcontext=u:r:netd:s0 tclass=netlink_socket

and allows the removal of some other SELinux rules which were
inappropriately added because of leaking file descriptors.

Change-Id: I9c180488ea1969d610e488f967a7276a672bb477
/system/netd/client/NetdClient.cpp
aa1be2b3d24d99f3ccb98ff4fbb2a81b63587eff 06-Jan-2015 Dan Albert <danalbert@google.com> Fix missing errno.h includes after libc cleanup.

These issues hadn't been found yet because a libc++ header was
unconditionally pulling in errno.h. I've fixed the libc++ header now.

Change-Id: Ib096634cdd231fc75bf7548e4b99babc7442dc53
/system/netd/client/NetdClient.cpp
a69d9472ac48d4e09f049fb740e60b7217e03861 12-Jul-2014 Sreeram Ramachandran <sreeram@google.com> Introduce a SELECT_FOR_USER fwmarkd command.

This lets SYSTEM apps mark a socket with the network that would apply to an
arbitrary UID. I.e., either the VPN that applies to that user, or the default
network, if there's no such VPN.

This command will be used by system apps that proxy stuff for a user, so that
they can route the same way that user would have. Examples of such system apps
are the DnsProxyListener, MediaServer and DownloadManager.

The "explicit" bit is NOT set, so that if the user's VPN is a split tunnel, the
route lookup will fall-through to the default network as desired.

The "protect" bit is set, so that the socket bypasses any VPN applicable to the
system app itself. Note that even if the uid being proxied for is also subject
to the same VPN, this still works because the relevant rule doesn't care about
the protected bit (see modifyVpnSystemPermissionRule() in RouteController.cpp).

Change-Id: I4d501e5214b127f4ae9eaeb7befb1751cd102308
/system/netd/client/NetdClient.cpp
d36c49c1d66585769d33d95f0eb2c9c524b337a4 02-Jul-2014 Sreeram Ramachandran <sreeram@google.com> Minor style change.

Change-Id: Ib1f89bff55506cf3881047dd876adbf97c789423
/system/netd/client/NetdClient.cpp
3a069e6a76752a0ee73c60f276ae362d1c01467f 22-Jun-2014 Sreeram Ramachandran <sreeram@google.com> Return negative errno (instead of positive) on failure.

http://ag/489245 changed some return values from bools to errno values. However,
in forthcoming CLs, @lorenzo uses the convention of negative errno to indicate
failure. So, be consistent with that style.

Change-Id: I3eac8f142c36a2e779cda289c07ee374c49e2f6b
/system/netd/client/NetdClient.cpp
4d4c8b7e294d845103ecb10f968713717a3e6406 20-Jun-2014 Sreeram Ramachandran <sreeram@google.com> Add getNetworkForSocket().

This doesn't require a roundtrip to netd, since anybody can read the SO_MARK.

Change-Id: I51dd17725c4534cb0d5dbc8e93e844e6a7847959
/system/netd/client/NetdClient.cpp
31f4210e6fc5c9b749468a2af0bac94992352010 20-Jun-2014 Sreeram Ramachandran <sreeram@google.com> Return errors explicitly instead of using errno.

Change-Id: Ia29f500e747a8c72d13a8f38c3b08c319c8c029a
/system/netd/client/NetdClient.cpp
d794e580dbe1a8b4192850b0e117654401514af8 19-Jun-2014 Sreeram Ramachandran <sreeram@google.com> Add a client API to protect a socket from VPNs.

The server side hasn't been implemented yet (see FwmarkServer.cpp).

A UID can only be in a single VPN at any time, so there's no need
to specify a netId or vpnId.

Change-Id: Ie9c4590a9900e1ebf28418c4b9c4760cc0a5501a
/system/netd/client/NetdClient.cpp
9fa2b130d86fa74eefdb847cf9694059205fd4cb 03-Jun-2014 Sreeram Ramachandran <sreeram@google.com> Use std::atomic<> instead of volatile sig_atomic_t.

std::atomic<> comes with true load/store barriers, so it's preferable.

Change-Id: Ife47b0e404f41aa74aeb168befd1ff4a6603f3ed
/system/netd/client/NetdClient.cpp
2756045bebaac342f7cb70dad11519f896d44833 31-May-2014 Sreeram Ramachandran <sreeram@google.com> Use AF_INET sockets when checking netIds in setNetworkFor{Process,Resolv}().

AF_UNIX sockets don't need to be marked, so we don't give netd the permission to
operate on them (cf: netd.te). I.e., netd doesn't expect to receive them.

Make sure that the creation of the AF_INET socket doesn't trigger another
wasteful check with netd by calling the libc version directly.

Bug: 13885501
Change-Id: I6b549232e57cacd47501edcefa4c0b4b79df9da0
/system/netd/client/NetdClient.cpp
5fc275794ab41d110abbdb7683ed9db45918985f 21-May-2014 Sreeram Ramachandran <sreeram@google.com> Mark sockets on creation (socket()) and accept4().

Continued from: https://android-review.git.corp.google.com/#/c/95094/

Change-Id: Ib0b8f5d7c5013b91eae6bbc3847852eb355c7714
/system/netd/client/NetdClient.cpp
efbe05d203f2f1cc3c24ddc111be159a1ff1f292 21-May-2014 Sreeram Ramachandran <sreeram@google.com> New network selection APIs.

Continued from: https://android-review.git.corp.google.com/#/c/94977/

Change-Id: Ie0576888f50a8ce91bbb0a4794708b406eb0aa35
/system/netd/client/NetdClient.cpp
f4cfad361175a7f9ccf4d41e76a9b289c3c3da22 21-May-2014 Sreeram Ramachandran <sreeram@google.com> Move netd_client into netd.

Change-Id: Ie4b6b303225c93f2448a503d6ea9cebb552cbad5
/system/netd/client/NetdClient.cpp