summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--core/api/system-current.txt13
-rw-r--r--core/java/android/net/VpnService.java3
-rw-r--r--core/java/android/net/util/SocketUtils.java (renamed from packages/Connectivity/framework/src/android/net/util/SocketUtils.java)5
-rw-r--r--core/java/com/android/internal/net/NetworkUtilsInternal.java16
-rw-r--r--core/jni/Android.bp2
-rw-r--r--core/jni/android_net_NetworkUtils.cpp (renamed from core/jni/android_net_NetUtils.cpp)13
-rw-r--r--core/jni/com_android_internal_net_NetworkUtilsInternal.cpp13
-rw-r--r--packages/Connectivity/framework/api/system-current.txt13
-rw-r--r--packages/Connectivity/framework/src/android/net/NetworkUtils.java16
9 files changed, 49 insertions, 45 deletions
diff --git a/core/api/system-current.txt b/core/api/system-current.txt
index afdf3356201d..302a92a674c4 100644
--- a/core/api/system-current.txt
+++ b/core/api/system-current.txt
@@ -6449,6 +6449,19 @@ package android.net.sip {
}
+package android.net.util {
+
+ public final class SocketUtils {
+ method public static void bindSocketToInterface(@NonNull java.io.FileDescriptor, @NonNull String) throws android.system.ErrnoException;
+ method public static void closeSocket(@Nullable java.io.FileDescriptor) throws java.io.IOException;
+ method @NonNull public static java.net.SocketAddress makeNetlinkSocketAddress(int, int);
+ method @NonNull public static java.net.SocketAddress makePacketSocketAddress(int, int);
+ method @Deprecated @NonNull public static java.net.SocketAddress makePacketSocketAddress(int, @NonNull byte[]);
+ method @NonNull public static java.net.SocketAddress makePacketSocketAddress(int, int, @NonNull byte[]);
+ }
+
+}
+
package android.net.vcn {
public class VcnManager {
diff --git a/core/java/android/net/VpnService.java b/core/java/android/net/VpnService.java
index f90fbaf1e0fb..fa3ff8a26862 100644
--- a/core/java/android/net/VpnService.java
+++ b/core/java/android/net/VpnService.java
@@ -41,6 +41,7 @@ import android.os.RemoteException;
import android.os.ServiceManager;
import android.os.UserHandle;
+import com.android.internal.net.NetworkUtilsInternal;
import com.android.internal.net.VpnConfig;
import java.net.DatagramSocket;
@@ -254,7 +255,7 @@ public class VpnService extends Service {
* @return {@code true} on success.
*/
public boolean protect(int socket) {
- return NetworkUtils.protectFromVpn(socket);
+ return NetworkUtilsInternal.protectFromVpn(socket);
}
/**
diff --git a/packages/Connectivity/framework/src/android/net/util/SocketUtils.java b/core/java/android/net/util/SocketUtils.java
index e64060f1b220..69edc757ce8a 100644
--- a/packages/Connectivity/framework/src/android/net/util/SocketUtils.java
+++ b/core/java/android/net/util/SocketUtils.java
@@ -22,12 +22,13 @@ import static android.system.OsConstants.SO_BINDTODEVICE;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.annotation.SystemApi;
-import android.net.NetworkUtils;
import android.system.ErrnoException;
import android.system.NetlinkSocketAddress;
import android.system.Os;
import android.system.PacketSocketAddress;
+import com.android.internal.net.NetworkUtilsInternal;
+
import libcore.io.IoBridge;
import java.io.FileDescriptor;
@@ -51,7 +52,7 @@ public final class SocketUtils {
// of struct ifreq is a NULL-terminated interface name.
// TODO: add a setsockoptString()
Os.setsockoptIfreq(socket, SOL_SOCKET, SO_BINDTODEVICE, iface);
- NetworkUtils.protectFromVpn(socket);
+ NetworkUtilsInternal.protectFromVpn(socket);
}
/**
diff --git a/core/java/com/android/internal/net/NetworkUtilsInternal.java b/core/java/com/android/internal/net/NetworkUtilsInternal.java
index 571d7e721094..052959abff69 100644
--- a/core/java/com/android/internal/net/NetworkUtilsInternal.java
+++ b/core/java/com/android/internal/net/NetworkUtilsInternal.java
@@ -22,6 +22,8 @@ import static android.system.OsConstants.AF_INET6;
import android.annotation.NonNull;
import android.system.Os;
+import java.io.FileDescriptor;
+
/** @hide */
public class NetworkUtilsInternal {
@@ -36,6 +38,20 @@ public class NetworkUtilsInternal {
public static native void setAllowNetworkingForProcess(boolean allowNetworking);
/**
+ * Protect {@code fd} from VPN connections. After protecting, data sent through
+ * this socket will go directly to the underlying network, so its traffic will not be
+ * forwarded through the VPN.
+ */
+ public static native boolean protectFromVpn(FileDescriptor fd);
+
+ /**
+ * Protect {@code socketfd} from VPN connections. After protecting, data sent through
+ * this socket will go directly to the underlying network, so its traffic will not be
+ * forwarded through the VPN.
+ */
+ public static native boolean protectFromVpn(int socketfd);
+
+ /**
* Returns true if the hostname is weakly validated.
* @param hostname Name of host to validate.
* @return True if it's a valid-ish hostname.
diff --git a/core/jni/Android.bp b/core/jni/Android.bp
index e58ad79de89e..afd19b63bc71 100644
--- a/core/jni/Android.bp
+++ b/core/jni/Android.bp
@@ -149,7 +149,7 @@ cc_library_shared {
"android_os_VintfRuntimeInfo.cpp",
"android_os_incremental_IncrementalManager.cpp",
"android_net_LocalSocketImpl.cpp",
- "android_net_NetUtils.cpp",
+ "android_net_NetworkUtils.cpp",
"android_service_DataLoaderService.cpp",
"android_util_AssetManager.cpp",
"android_util_Binder.cpp",
diff --git a/core/jni/android_net_NetUtils.cpp b/core/jni/android_net_NetworkUtils.cpp
index e2af87ee1adf..750810840bde 100644
--- a/core/jni/android_net_NetUtils.cpp
+++ b/core/jni/android_net_NetworkUtils.cpp
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-#define LOG_TAG "NetUtils"
+#define LOG_TAG "NetworkUtils"
#include <vector>
@@ -123,15 +123,6 @@ static jint android_net_utils_bindSocketToNetwork(JNIEnv *env, jobject thiz, job
return setNetworkForSocket(netId, AFileDescriptor_getFD(env, javaFd));
}
-static jboolean android_net_utils_protectFromVpn(JNIEnv *env, jobject thiz, jint socket)
-{
- return (jboolean) !protectFromVpn(socket);
-}
-
-static jboolean android_net_utils_protectFromVpnWithFd(JNIEnv *env, jobject thiz, jobject javaFd) {
- return android_net_utils_protectFromVpn(env, thiz, AFileDescriptor_getFD(env, javaFd));
-}
-
static jboolean android_net_utils_queryUserAccess(JNIEnv *env, jobject thiz, jint uid, jint netId)
{
return (jboolean) !queryUserAccess(uid, netId);
@@ -276,8 +267,6 @@ static const JNINativeMethod gNetworkUtilMethods[] = {
{ "getBoundNetworkForProcess", "()I", (void*) android_net_utils_getBoundNetworkForProcess },
{ "bindProcessToNetworkForHostResolution", "(I)Z", (void*) android_net_utils_bindProcessToNetworkForHostResolution },
{ "bindSocketToNetwork", "(Ljava/io/FileDescriptor;I)I", (void*) android_net_utils_bindSocketToNetwork },
- { "protectFromVpn", "(I)Z", (void*) android_net_utils_protectFromVpn },
- { "protectFromVpn", "(Ljava/io/FileDescriptor;)Z", (void*) android_net_utils_protectFromVpnWithFd },
{ "queryUserAccess", "(II)Z", (void*)android_net_utils_queryUserAccess },
{ "attachDropAllBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_attachDropAllBPFFilter },
{ "detachBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_detachBPFFilter },
diff --git a/core/jni/com_android_internal_net_NetworkUtilsInternal.cpp b/core/jni/com_android_internal_net_NetworkUtilsInternal.cpp
index 10fc18dcd386..980e12d0bb40 100644
--- a/core/jni/com_android_internal_net_NetworkUtilsInternal.cpp
+++ b/core/jni/com_android_internal_net_NetworkUtilsInternal.cpp
@@ -14,6 +14,8 @@
* limitations under the License.
*/
+#include <android/file_descriptor_jni.h>
+
#include "NetdClient.h"
#include "core_jni_helpers.h"
#include "jni.h"
@@ -24,9 +26,20 @@ static void android_net_utils_setAllowNetworkingForProcess(JNIEnv *env, jobject
setAllowNetworkingForProcess(hasConnectivity == JNI_TRUE);
}
+static jboolean android_net_utils_protectFromVpn(JNIEnv *env, jobject thiz, jint socket) {
+ return (jboolean)!protectFromVpn(socket);
+}
+
+static jboolean android_net_utils_protectFromVpnWithFd(JNIEnv *env, jobject thiz, jobject javaFd) {
+ return android_net_utils_protectFromVpn(env, thiz, AFileDescriptor_getFD(env, javaFd));
+}
+
static const JNINativeMethod gNetworkUtilMethods[] = {
{"setAllowNetworkingForProcess", "(Z)V",
(void *)android_net_utils_setAllowNetworkingForProcess},
+ {"protectFromVpn", "(I)Z", (void *)android_net_utils_protectFromVpn},
+ {"protectFromVpn", "(Ljava/io/FileDescriptor;)Z",
+ (void *)android_net_utils_protectFromVpnWithFd},
};
int register_com_android_internal_net_NetworkUtilsInternal(JNIEnv *env) {
diff --git a/packages/Connectivity/framework/api/system-current.txt b/packages/Connectivity/framework/api/system-current.txt
index 41ebc5774f3d..b541e5238ffc 100644
--- a/packages/Connectivity/framework/api/system-current.txt
+++ b/packages/Connectivity/framework/api/system-current.txt
@@ -392,16 +392,3 @@ package android.net.apf {
}
-package android.net.util {
-
- public final class SocketUtils {
- method public static void bindSocketToInterface(@NonNull java.io.FileDescriptor, @NonNull String) throws android.system.ErrnoException;
- method public static void closeSocket(@Nullable java.io.FileDescriptor) throws java.io.IOException;
- method @NonNull public static java.net.SocketAddress makeNetlinkSocketAddress(int, int);
- method @NonNull public static java.net.SocketAddress makePacketSocketAddress(int, int);
- method @Deprecated @NonNull public static java.net.SocketAddress makePacketSocketAddress(int, @NonNull byte[]);
- method @NonNull public static java.net.SocketAddress makePacketSocketAddress(int, int, @NonNull byte[]);
- }
-
-}
-
diff --git a/packages/Connectivity/framework/src/android/net/NetworkUtils.java b/packages/Connectivity/framework/src/android/net/NetworkUtils.java
index b5e8a614b8ea..9e42bbecbe9d 100644
--- a/packages/Connectivity/framework/src/android/net/NetworkUtils.java
+++ b/packages/Connectivity/framework/src/android/net/NetworkUtils.java
@@ -87,22 +87,6 @@ public class NetworkUtils {
public static native int bindSocketToNetwork(FileDescriptor fd, int netId);
/**
- * Protect {@code fd} from VPN connections. After protecting, data sent through
- * this socket will go directly to the underlying network, so its traffic will not be
- * forwarded through the VPN.
- */
- @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553,
- publicAlternatives = "Use {@link android.net.VpnService#protect} instead.")
- public static native boolean protectFromVpn(FileDescriptor fd);
-
- /**
- * Protect {@code socketfd} from VPN connections. After protecting, data sent through
- * this socket will go directly to the underlying network, so its traffic will not be
- * forwarded through the VPN.
- */
- public native static boolean protectFromVpn(int socketfd);
-
- /**
* Determine if {@code uid} can access network designated by {@code netId}.
* @return {@code true} if {@code uid} can access network, {@code false} otherwise.
*/
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-11-01 16:40:57 +0000