Search in sources :

Example 61 with LinkProperties

use of android.net.LinkProperties in project android_frameworks_base by ResurrectionRemix.

the class ConnectivityService method getFilteredNetworkState.

private NetworkState getFilteredNetworkState(int networkType, int uid, boolean ignoreBlocked) {
    if (mLegacyTypeTracker.isTypeSupported(networkType)) {
        final NetworkAgentInfo nai = mLegacyTypeTracker.getNetworkForType(networkType);
        final NetworkState state;
        if (nai != null) {
            state = nai.getNetworkState();
            state.networkInfo.setType(networkType);
        } else {
            final NetworkInfo info = new NetworkInfo(networkType, 0, getNetworkTypeName(networkType), "");
            info.setDetailedState(NetworkInfo.DetailedState.DISCONNECTED, null, null);
            info.setIsAvailable(true);
            state = new NetworkState(info, new LinkProperties(), new NetworkCapabilities(), null, null, null);
        }
        filterNetworkStateForUid(state, uid, ignoreBlocked);
        return state;
    } else {
        return NetworkState.EMPTY;
    }
}
Also used : NetworkInfo(android.net.NetworkInfo) NetworkAgentInfo(com.android.server.connectivity.NetworkAgentInfo) NetworkState(android.net.NetworkState) LinkProperties(android.net.LinkProperties) NetworkCapabilities(android.net.NetworkCapabilities)

Example 62 with LinkProperties

use of android.net.LinkProperties in project android_frameworks_base by ResurrectionRemix.

the class ApfTest method testApfFilterMulticast.

@LargeTest
public void testApfFilterMulticast() throws Exception {
    final byte[] unicastIpv4Addr = { (byte) 192, 0, 2, 63 };
    final byte[] broadcastIpv4Addr = { (byte) 192, 0, 2, (byte) 255 };
    final byte[] multicastIpv4Addr = { (byte) 224, 0, 0, 1 };
    final byte[] multicastIpv6Addr = { (byte) 0xff, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, (byte) 0xfb };
    MockIpManagerCallback ipManagerCallback = new MockIpManagerCallback();
    LinkAddress link = new LinkAddress(InetAddress.getByAddress(unicastIpv4Addr), 24);
    LinkProperties lp = new LinkProperties();
    lp.addLinkAddress(link);
    ApfFilter apfFilter = new TestApfFilter(ipManagerCallback, ALLOW_MULTICAST, mLog);
    apfFilter.setLinkProperties(lp);
    byte[] program = ipManagerCallback.getApfProgram();
    // Construct IPv4 and IPv6 multicast packets.
    ByteBuffer mcastv4packet = ByteBuffer.wrap(new byte[100]);
    mcastv4packet.putShort(ETH_ETHERTYPE_OFFSET, (short) ETH_P_IP);
    put(mcastv4packet, IPV4_DEST_ADDR_OFFSET, multicastIpv4Addr);
    ByteBuffer mcastv6packet = ByteBuffer.wrap(new byte[100]);
    mcastv6packet.putShort(ETH_ETHERTYPE_OFFSET, (short) ETH_P_IPV6);
    mcastv6packet.put(IPV6_NEXT_HEADER_OFFSET, (byte) IPPROTO_UDP);
    put(mcastv6packet, IPV6_DEST_ADDR_OFFSET, multicastIpv6Addr);
    // Construct IPv4 broadcast packet.
    ByteBuffer bcastv4packet1 = ByteBuffer.wrap(new byte[100]);
    bcastv4packet1.put(ETH_BROADCAST_MAC_ADDRESS);
    bcastv4packet1.putShort(ETH_ETHERTYPE_OFFSET, (short) ETH_P_IP);
    put(bcastv4packet1, IPV4_DEST_ADDR_OFFSET, multicastIpv4Addr);
    ByteBuffer bcastv4packet2 = ByteBuffer.wrap(new byte[100]);
    bcastv4packet2.put(ETH_BROADCAST_MAC_ADDRESS);
    bcastv4packet2.putShort(ETH_ETHERTYPE_OFFSET, (short) ETH_P_IP);
    put(bcastv4packet2, IPV4_DEST_ADDR_OFFSET, IPV4_BROADCAST_ADDRESS);
    // Construct IPv4 broadcast with L2 unicast address packet (b/30231088).
    ByteBuffer bcastv4unicastl2packet = ByteBuffer.wrap(new byte[100]);
    bcastv4unicastl2packet.put(TestApfFilter.MOCK_MAC_ADDR);
    bcastv4unicastl2packet.putShort(ETH_ETHERTYPE_OFFSET, (short) ETH_P_IP);
    put(bcastv4unicastl2packet, IPV4_DEST_ADDR_OFFSET, broadcastIpv4Addr);
    // Verify initially disabled multicast filter is off
    assertPass(program, mcastv4packet.array());
    assertPass(program, mcastv6packet.array());
    assertPass(program, bcastv4packet1.array());
    assertPass(program, bcastv4packet2.array());
    assertPass(program, bcastv4unicastl2packet.array());
    // Turn on multicast filter and verify it works
    ipManagerCallback.resetApfProgramWait();
    apfFilter.setMulticastFilter(true);
    program = ipManagerCallback.getApfProgram();
    assertDrop(program, mcastv4packet.array());
    assertDrop(program, mcastv6packet.array());
    assertDrop(program, bcastv4packet1.array());
    assertDrop(program, bcastv4packet2.array());
    assertDrop(program, bcastv4unicastl2packet.array());
    // Turn off multicast filter and verify it's off
    ipManagerCallback.resetApfProgramWait();
    apfFilter.setMulticastFilter(false);
    program = ipManagerCallback.getApfProgram();
    assertPass(program, mcastv4packet.array());
    assertPass(program, mcastv6packet.array());
    assertPass(program, bcastv4packet1.array());
    assertPass(program, bcastv4packet2.array());
    assertPass(program, bcastv4unicastl2packet.array());
    // Verify it can be initialized to on
    ipManagerCallback.resetApfProgramWait();
    apfFilter.shutdown();
    apfFilter = new TestApfFilter(ipManagerCallback, DROP_MULTICAST, mLog);
    apfFilter.setLinkProperties(lp);
    program = ipManagerCallback.getApfProgram();
    assertDrop(program, mcastv4packet.array());
    assertDrop(program, mcastv6packet.array());
    assertDrop(program, bcastv4packet1.array());
    assertDrop(program, bcastv4unicastl2packet.array());
    // Verify that ICMPv6 multicast is not dropped.
    mcastv6packet.put(IPV6_NEXT_HEADER_OFFSET, (byte) IPPROTO_ICMPV6);
    assertPass(program, mcastv6packet.array());
    apfFilter.shutdown();
}
Also used : LinkAddress(android.net.LinkAddress) ApfFilter(android.net.apf.ApfFilter) LinkProperties(android.net.LinkProperties) ByteBuffer(java.nio.ByteBuffer) LargeTest(android.test.suitebuilder.annotation.LargeTest)

Example 63 with LinkProperties

use of android.net.LinkProperties in project android_frameworks_base by ResurrectionRemix.

the class LockdownVpnTracker method handleStateChangedLocked.

/**
     * Watch for state changes to both active egress network, kicking off a VPN
     * connection when ready, or setting firewall rules once VPN is connected.
     */
private void handleStateChangedLocked() {
    final NetworkInfo egressInfo = mConnService.getActiveNetworkInfoUnfiltered();
    final LinkProperties egressProp = mConnService.getActiveLinkProperties();
    final NetworkInfo vpnInfo = mVpn.getNetworkInfo();
    final VpnConfig vpnConfig = mVpn.getLegacyVpnConfig();
    // Restart VPN when egress network disconnected or changed
    final boolean egressDisconnected = egressInfo == null || State.DISCONNECTED.equals(egressInfo.getState());
    final boolean egressChanged = egressProp == null || !TextUtils.equals(mAcceptedEgressIface, egressProp.getInterfaceName());
    final String egressTypeName = (egressInfo == null) ? null : ConnectivityManager.getNetworkTypeName(egressInfo.getType());
    final String egressIface = (egressProp == null) ? null : egressProp.getInterfaceName();
    Slog.d(TAG, "handleStateChanged: egress=" + egressTypeName + " " + mAcceptedEgressIface + "->" + egressIface);
    if (egressDisconnected || egressChanged) {
        clearSourceRulesLocked();
        mAcceptedEgressIface = null;
        mVpn.stopLegacyVpnPrivileged();
    }
    if (egressDisconnected) {
        hideNotification();
        return;
    }
    final int egressType = egressInfo.getType();
    if (vpnInfo.getDetailedState() == DetailedState.FAILED) {
        EventLogTags.writeLockdownVpnError(egressType);
    }
    if (mErrorCount > MAX_ERROR_COUNT) {
        showNotification(R.string.vpn_lockdown_error, R.drawable.vpn_disconnected);
    } else if (egressInfo.isConnected() && !vpnInfo.isConnectedOrConnecting()) {
        if (mProfile.isValidLockdownProfile()) {
            Slog.d(TAG, "Active network connected; starting VPN");
            EventLogTags.writeLockdownVpnConnecting(egressType);
            showNotification(R.string.vpn_lockdown_connecting, R.drawable.vpn_disconnected);
            mAcceptedEgressIface = egressProp.getInterfaceName();
            try {
                // Use the privileged method because Lockdown VPN is initiated by the system, so
                // no additional permission checks are necessary.
                mVpn.startLegacyVpnPrivileged(mProfile, KeyStore.getInstance(), egressProp);
            } catch (IllegalStateException e) {
                mAcceptedEgressIface = null;
                Slog.e(TAG, "Failed to start VPN", e);
                showNotification(R.string.vpn_lockdown_error, R.drawable.vpn_disconnected);
            }
        } else {
            Slog.e(TAG, "Invalid VPN profile; requires IP-based server and DNS");
            showNotification(R.string.vpn_lockdown_error, R.drawable.vpn_disconnected);
        }
    } else if (vpnInfo.isConnected() && vpnConfig != null) {
        final String iface = vpnConfig.interfaze;
        final List<LinkAddress> sourceAddrs = vpnConfig.addresses;
        if (TextUtils.equals(iface, mAcceptedIface) && sourceAddrs.equals(mAcceptedSourceAddr)) {
            return;
        }
        Slog.d(TAG, "VPN connected using iface=" + iface + ", sourceAddr=" + sourceAddrs.toString());
        EventLogTags.writeLockdownVpnConnected(egressType);
        showNotification(R.string.vpn_lockdown_connected, R.drawable.vpn_connected);
        try {
            clearSourceRulesLocked();
            mNetService.setFirewallInterfaceRule(iface, true);
            for (LinkAddress addr : sourceAddrs) {
                setFirewallEgressSourceRule(addr, true);
            }
            mNetService.setFirewallUidRule(FIREWALL_CHAIN_NONE, ROOT_UID, FIREWALL_RULE_ALLOW);
            mNetService.setFirewallUidRule(FIREWALL_CHAIN_NONE, Os.getuid(), FIREWALL_RULE_ALLOW);
            mErrorCount = 0;
            mAcceptedIface = iface;
            mAcceptedSourceAddr = sourceAddrs;
        } catch (RemoteException e) {
            throw new RuntimeException("Problem setting firewall rules", e);
        }
        final NetworkInfo clone = new NetworkInfo(egressInfo);
        augmentNetworkInfo(clone);
        mConnService.sendConnectedBroadcast(clone);
    }
}
Also used : LinkAddress(android.net.LinkAddress) VpnConfig(com.android.internal.net.VpnConfig) NetworkInfo(android.net.NetworkInfo) RemoteException(android.os.RemoteException) LinkProperties(android.net.LinkProperties)

Example 64 with LinkProperties

use of android.net.LinkProperties in project android_frameworks_base by ResurrectionRemix.

the class NetworkStatsService method updateIfacesLocked.

/**
     * Inspect all current {@link NetworkState} to derive mapping from {@code
     * iface} to {@link NetworkStatsHistory}. When multiple {@link NetworkInfo}
     * are active on a single {@code iface}, they are combined under a single
     * {@link NetworkIdentitySet}.
     */
private void updateIfacesLocked() {
    if (!mSystemReady)
        return;
    if (LOGV)
        Slog.v(TAG, "updateIfacesLocked()");
    // take one last stats snapshot before updating iface mapping. this
    // isn't perfect, since the kernel may already be counting traffic from
    // the updated network.
    // poll, but only persist network stats to keep codepath fast. UID stats
    // will be persisted during next alarm poll event.
    performPollLocked(FLAG_PERSIST_NETWORK);
    final NetworkState[] states;
    final LinkProperties activeLink;
    try {
        states = mConnManager.getAllNetworkState();
        activeLink = mConnManager.getActiveLinkProperties();
    } catch (RemoteException e) {
        // ignored; service lives in system_server
        return;
    }
    mActiveIface = activeLink != null ? activeLink.getInterfaceName() : null;
    // Rebuild active interfaces based on connected networks
    mActiveIfaces.clear();
    mActiveUidIfaces.clear();
    final ArraySet<String> mobileIfaces = new ArraySet<>();
    for (NetworkState state : states) {
        if (state.networkInfo.isConnected() && (state.networkCapabilities == null || !state.networkCapabilities.hasTransport(NetworkCapabilities.TRANSPORT_CELLULAR) || state.networkCapabilities.hasCapability(NetworkCapabilities.NET_CAPABILITY_INTERNET) || hasImsNetworkCapability(state))) {
            final boolean isMobile = isNetworkTypeMobile(state.networkInfo.getType());
            final NetworkIdentity ident = NetworkIdentity.buildNetworkIdentity(mContext, state);
            // Traffic occurring on the base interface is always counted for
            // both total usage and UID details.
            final String baseIface = state.linkProperties.getInterfaceName();
            if (baseIface != null) {
                findOrCreateNetworkIdentitySet(mActiveIfaces, baseIface).add(ident);
                findOrCreateNetworkIdentitySet(mActiveUidIfaces, baseIface).add(ident);
                // per carrier's policy, modem will report 0 usage for VT calls.
                if (state.networkCapabilities.hasCapability(NetworkCapabilities.NET_CAPABILITY_IMS) && !ident.getMetered()) {
                    // Copy the identify from IMS one but mark it as metered.
                    NetworkIdentity vtIdent = new NetworkIdentity(ident.getType(), ident.getSubType(), ident.getSubscriberId(), ident.getNetworkId(), ident.getRoaming(), true);
                    findOrCreateNetworkIdentitySet(mActiveIfaces, VT_INTERFACE).add(vtIdent);
                    findOrCreateNetworkIdentitySet(mActiveUidIfaces, VT_INTERFACE).add(vtIdent);
                }
                if (isMobile) {
                    mobileIfaces.add(baseIface);
                }
            }
            // Traffic occurring on stacked interfaces is usually clatd,
            // which is already accounted against its final egress interface
            // by the kernel. Thus, we only need to collect stacked
            // interface stats at the UID level.
            final List<LinkProperties> stackedLinks = state.linkProperties.getStackedLinks();
            for (LinkProperties stackedLink : stackedLinks) {
                final String stackedIface = stackedLink.getInterfaceName();
                if (stackedIface != null) {
                    findOrCreateNetworkIdentitySet(mActiveUidIfaces, stackedIface).add(ident);
                    if (isMobile) {
                        mobileIfaces.add(stackedIface);
                    }
                }
            }
        }
    }
    mMobileIfaces = mobileIfaces.toArray(new String[mobileIfaces.size()]);
}
Also used : ArraySet(android.util.ArraySet) NetworkIdentity(android.net.NetworkIdentity) NetworkState(android.net.NetworkState) RemoteException(android.os.RemoteException) LinkProperties(android.net.LinkProperties)

Example 65 with LinkProperties

use of android.net.LinkProperties in project android_frameworks_base by ResurrectionRemix.

the class IPv6TetheringCoordinator method getIPv6OnlyLinkProperties.

private static LinkProperties getIPv6OnlyLinkProperties(LinkProperties lp) {
    final LinkProperties v6only = new LinkProperties();
    if (lp == null) {
        return v6only;
    }
    // NOTE: At this time we don't copy over any information about any
    // stacked links. No current stacked link configuration has IPv6.
    v6only.setInterfaceName(lp.getInterfaceName());
    v6only.setMtu(lp.getMtu());
    for (LinkAddress linkAddr : lp.getLinkAddresses()) {
        if (linkAddr.isGlobalPreferred() && linkAddr.getPrefixLength() == 64) {
            v6only.addLinkAddress(linkAddr);
        }
    }
    for (RouteInfo routeInfo : lp.getRoutes()) {
        final IpPrefix destination = routeInfo.getDestination();
        if ((destination.getAddress() instanceof Inet6Address) && (destination.getPrefixLength() <= 64)) {
            v6only.addRoute(routeInfo);
        }
    }
    for (InetAddress dnsServer : lp.getDnsServers()) {
        if (isIPv6GlobalAddress(dnsServer)) {
            // For now we include ULAs.
            v6only.addDnsServer(dnsServer);
        }
    }
    v6only.setDomains(lp.getDomains());
    return v6only;
}
Also used : LinkAddress(android.net.LinkAddress) IpPrefix(android.net.IpPrefix) Inet6Address(java.net.Inet6Address) RouteInfo(android.net.RouteInfo) LinkProperties(android.net.LinkProperties) InetAddress(java.net.InetAddress)

Aggregations

LinkProperties (android.net.LinkProperties)283 RouteInfo (android.net.RouteInfo)72 LinkAddress (android.net.LinkAddress)70 SmallTest (android.test.suitebuilder.annotation.SmallTest)66 InetAddress (java.net.InetAddress)52 NetworkAgentInfo (com.android.server.connectivity.NetworkAgentInfo)40 NetworkInfo (android.net.NetworkInfo)38 NetworkState (android.net.NetworkState)36 RemoteException (android.os.RemoteException)36 NetworkCapabilities (android.net.NetworkCapabilities)23 Network (android.net.Network)21 ProvisioningChange (android.net.LinkProperties.ProvisioningChange)20 ArrayList (java.util.ArrayList)17 IpPrefix (android.net.IpPrefix)15 Inet6Address (java.net.Inet6Address)15 NetworkRequest (android.net.NetworkRequest)14 ApfFilter (android.net.apf.ApfFilter)12 LargeTest (android.test.suitebuilder.annotation.LargeTest)12 UnknownHostException (java.net.UnknownHostException)12 NetworkMisc (android.net.NetworkMisc)10