diff options
| -rw-r--r-- | core/java/android/net/InterfaceConfiguration.java | 36 | ||||
| -rw-r--r-- | core/java/android/net/UidRange.java | 31 | ||||
| -rw-r--r-- | packages/NetworkStack/jarjar-rules-shared.txt | 8 | ||||
| -rw-r--r-- | services/core/java/com/android/server/NetworkManagementService.java | 77 |
4 files changed, 90 insertions, 62 deletions
diff --git a/core/java/android/net/InterfaceConfiguration.java b/core/java/android/net/InterfaceConfiguration.java index b9d49c14f6c6..61bc19f82d82 100644 --- a/core/java/android/net/InterfaceConfiguration.java +++ b/core/java/android/net/InterfaceConfiguration.java @@ -19,11 +19,9 @@ package android.net; import android.annotation.UnsupportedAppUsage; import android.os.Parcel; import android.os.Parcelable; -import android.text.TextUtils; import com.google.android.collect.Sets; -import java.net.InetAddress; import java.util.HashSet; /** @@ -117,40 +115,6 @@ public class InterfaceConfiguration implements Parcelable { } /** - * Construct InterfaceConfiguration from InterfaceConfigurationParcel. - */ - public static InterfaceConfiguration fromParcel(InterfaceConfigurationParcel p) { - InterfaceConfiguration cfg = new InterfaceConfiguration(); - cfg.setHardwareAddress(p.hwAddr); - - final InetAddress addr = NetworkUtils.numericToInetAddress(p.ipv4Addr); - cfg.setLinkAddress(new LinkAddress(addr, p.prefixLength)); - for (String flag : p.flags) { - cfg.setFlag(flag); - } - - return cfg; - } - - /** - * Convert InterfaceConfiguration to InterfaceConfigurationParcel with given ifname. - */ - public InterfaceConfigurationParcel toParcel(String iface) { - InterfaceConfigurationParcel cfgParcel = new InterfaceConfigurationParcel(); - cfgParcel.ifName = iface; - if (!TextUtils.isEmpty(mHwAddr)) { - cfgParcel.hwAddr = mHwAddr; - } else { - cfgParcel.hwAddr = ""; - } - cfgParcel.ipv4Addr = mAddr.getAddress().getHostAddress(); - cfgParcel.prefixLength = mAddr.getPrefixLength(); - cfgParcel.flags = mFlags.toArray(EMPTY_STRING_ARRAY); - - return cfgParcel; - } - - /** * This function determines if the interface is up and has a valid IP * configuration (IP address has a non zero octet). * diff --git a/core/java/android/net/UidRange.java b/core/java/android/net/UidRange.java index 793c82dc68e1..fa0eeb9e0e49 100644 --- a/core/java/android/net/UidRange.java +++ b/core/java/android/net/UidRange.java @@ -19,14 +19,17 @@ package android.net; import static android.os.UserHandle.PER_USER_RANGE; import android.os.Parcel; +import android.os.Parcelable; /** * An inclusive range of UIDs. * * @hide */ -public final class UidRange extends UidRangeParcel { - private UidRange() {} +public final class UidRange implements Parcelable { + public final int start; + public final int stop; + public UidRange(int startUid, int stopUid) { if (startUid < 0) throw new IllegalArgumentException("Invalid start UID."); if (stopUid < 0) throw new IllegalArgumentException("Invalid stop UID."); @@ -86,18 +89,28 @@ public final class UidRange extends UidRangeParcel { return start + "-" + stop; } - /** - * DO NOT override "writeToParcel" and "readFromParcel" in this class. - * The parceling code is autogenerated by the superclass. - */ + // Implement the Parcelable interface + // TODO: Consider making this class no longer parcelable, since all users are likely in the + // system server. + @Override + public int describeContents() { + return 0; + } + + @Override + public void writeToParcel(Parcel dest, int flags) { + dest.writeInt(start); + dest.writeInt(stop); + } public static final Creator<UidRange> CREATOR = new Creator<UidRange>() { @Override public UidRange createFromParcel(Parcel in) { - UidRange obj = new UidRange(); - obj.readFromParcel(in); - return obj; + int start = in.readInt(); + int stop = in.readInt(); + + return new UidRange(start, stop); } @Override public UidRange[] newArray(int size) { diff --git a/packages/NetworkStack/jarjar-rules-shared.txt b/packages/NetworkStack/jarjar-rules-shared.txt index a8c712a3336d..c2058ca5ecdf 100644 --- a/packages/NetworkStack/jarjar-rules-shared.txt +++ b/packages/NetworkStack/jarjar-rules-shared.txt @@ -9,11 +9,5 @@ rule android.net.DhcpResultsParcelable* @0 rule android.net.DhcpResults* android.net.networkstack.DhcpResults@1 rule android.net.LocalLog* android.net.networkstack.LocalLog@1 -# TODO: remove from framework dependencies, then remove here -rule android.net.InterfaceConfigurationParcel* android.net.networkstack.InterfaceConfigurationParcel@1 -rule android.net.TetherStatsParcel* android.net.networkstack.TetherStatsParcel@1 - -# Used by UidRange, which is used by framework classes such as NetworkCapabilities. -rule android.net.UidRangeParcel* android.net.networkstack.UidRangeParcel@1 # TODO: move TcpKeepalivePacketData to services.net and delete -rule android.net.TcpKeepalivePacketDataParcelable* android.net.networkstack.TcpKeepalivePacketDataParcelable@1
\ No newline at end of file +rule android.net.TcpKeepalivePacketDataParcelable* android.net.networkstack.TcpKeepalivePacketDataParcelable@1 diff --git a/services/core/java/com/android/server/NetworkManagementService.java b/services/core/java/com/android/server/NetworkManagementService.java index a9645c419108..88f192f0fa70 100644 --- a/services/core/java/com/android/server/NetworkManagementService.java +++ b/services/core/java/com/android/server/NetworkManagementService.java @@ -62,6 +62,7 @@ import android.net.NetworkUtils; import android.net.RouteInfo; import android.net.TetherStatsParcel; import android.net.UidRange; +import android.net.UidRangeParcel; import android.net.util.NetdService; import android.os.BatteryStats; import android.os.Binder; @@ -80,6 +81,7 @@ import android.os.SystemClock; import android.os.SystemProperties; import android.os.Trace; import android.telephony.DataConnectionRealTimeInfo; +import android.text.TextUtils; import android.util.Log; import android.util.Slog; import android.util.SparseBooleanArray; @@ -1023,6 +1025,46 @@ public class NetworkManagementService extends INetworkManagementService.Stub } } + /** + * Convert InterfaceConfiguration to InterfaceConfigurationParcel with given ifname. + */ + private static InterfaceConfigurationParcel toStableParcel(InterfaceConfiguration cfg, + String iface) { + InterfaceConfigurationParcel cfgParcel = new InterfaceConfigurationParcel(); + cfgParcel.ifName = iface; + String hwAddr = cfg.getHardwareAddress(); + if (!TextUtils.isEmpty(hwAddr)) { + cfgParcel.hwAddr = hwAddr; + } else { + cfgParcel.hwAddr = ""; + } + cfgParcel.ipv4Addr = cfg.getLinkAddress().getAddress().getHostAddress(); + cfgParcel.prefixLength = cfg.getLinkAddress().getPrefixLength(); + ArrayList<String> flags = new ArrayList<>(); + for (String flag : cfg.getFlags()) { + flags.add(flag); + } + cfgParcel.flags = flags.toArray(new String[0]); + + return cfgParcel; + } + + /** + * Construct InterfaceConfiguration from InterfaceConfigurationParcel. + */ + public static InterfaceConfiguration fromStableParcel(InterfaceConfigurationParcel p) { + InterfaceConfiguration cfg = new InterfaceConfiguration(); + cfg.setHardwareAddress(p.hwAddr); + + final InetAddress addr = NetworkUtils.numericToInetAddress(p.ipv4Addr); + cfg.setLinkAddress(new LinkAddress(addr, p.prefixLength)); + for (String flag : p.flags) { + cfg.setFlag(flag); + } + + return cfg; + } + @Override public InterfaceConfiguration getInterfaceConfig(String iface) { mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); @@ -1034,7 +1076,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub } try { - final InterfaceConfiguration cfg = InterfaceConfiguration.fromParcel(result); + final InterfaceConfiguration cfg = fromStableParcel(result); return cfg; } catch (IllegalArgumentException iae) { throw new IllegalStateException("Invalid InterfaceConfigurationParcel", iae); @@ -1049,7 +1091,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub throw new IllegalStateException("Null LinkAddress given"); } - final InterfaceConfigurationParcel cfgParcel = cfg.toParcel(iface); + final InterfaceConfigurationParcel cfgParcel = toStableParcel(cfg, iface); try { mNetdService.interfaceSetCfg(cfgParcel); @@ -1713,12 +1755,27 @@ public class NetworkManagementService extends INetworkManagementService.Stub } } + private static UidRangeParcel makeUidRangeParcel(int start, int stop) { + UidRangeParcel range = new UidRangeParcel(); + range.start = start; + range.stop = stop; + return range; + } + + private static UidRangeParcel[] toStableParcels(UidRange[] ranges) { + UidRangeParcel[] stableRanges = new UidRangeParcel[ranges.length]; + for (int i = 0; i < ranges.length; i++) { + stableRanges[i] = makeUidRangeParcel(ranges[i].start, ranges[i].stop); + } + return stableRanges; + } + @Override public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges) throws ServiceSpecificException { mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG); try { - mNetdService.networkRejectNonSecureVpn(add, uidRanges); + mNetdService.networkRejectNonSecureVpn(add, toStableParcels(uidRanges)); } catch (ServiceSpecificException e) { Log.w(TAG, "setAllowOnlyVpnForUids(" + add + ", " + Arrays.toString(uidRanges) + ")" + ": netd command failed", e); @@ -1887,7 +1944,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); try { - mNetdService.networkAddUidRanges(netId, ranges); + mNetdService.networkAddUidRanges(netId, toStableParcels(ranges)); } catch (RemoteException | ServiceSpecificException e) { throw new IllegalStateException(e); } @@ -1897,7 +1954,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub public void removeVpnUidRanges(int netId, UidRange[] ranges) { mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG); try { - mNetdService.networkRemoveUidRanges(netId, ranges); + mNetdService.networkRemoveUidRanges(netId, toStableParcels(ranges)); } catch (RemoteException | ServiceSpecificException e) { throw new IllegalStateException(e); } @@ -1935,7 +1992,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub private void closeSocketsForFirewallChainLocked(int chain, String chainName) { // UID ranges to close sockets on. - UidRange[] ranges; + UidRangeParcel[] ranges; // UID ranges whose sockets we won't touch. int[] exemptUids; @@ -1943,10 +2000,10 @@ public class NetworkManagementService extends INetworkManagementService.Stub if (DBG) Slog.d(TAG, "Closing sockets after enabling chain " + chainName); if (getFirewallType(chain) == FIREWALL_WHITELIST) { // Close all sockets on all non-system UIDs... - ranges = new UidRange[] { + ranges = new UidRangeParcel[] { // TODO: is there a better way of finding all existing users? If so, we could // specify their ranges here. - new UidRange(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE), + makeUidRangeParcel(Process.FIRST_APPLICATION_UID, Integer.MAX_VALUE), }; // ... except for the UIDs that have allow rules. synchronized (mRulesLock) { @@ -1973,11 +2030,11 @@ public class NetworkManagementService extends INetworkManagementService.Stub // Close sockets for every UID that has a deny rule... synchronized (mRulesLock) { final SparseIntArray rules = getUidFirewallRulesLR(chain); - ranges = new UidRange[rules.size()]; + ranges = new UidRangeParcel[rules.size()]; for (int i = 0; i < ranges.length; i++) { if (rules.valueAt(i) == FIREWALL_RULE_DENY) { int uid = rules.keyAt(i); - ranges[numUids] = new UidRange(uid, uid); + ranges[numUids] = makeUidRangeParcel(uid, uid); numUids++; } } |