Examples with ApfGenerator android.net.apf.ApfGenerator used on opensource projects

Search in sources :

Example 11 with ApfGenerator

use of android.net.apf.ApfGenerator in project platform_frameworks_base by android.

the class ApfFilter method installNewProgramLocked.

/**
     * Generate and install a new filter program.
     */
@GuardedBy("this")
@VisibleForTesting
void installNewProgramLocked() {
    purgeExpiredRasLocked();
    ArrayList<Ra> rasToFilter = new ArrayList<>();
    final byte[] program;
    long programMinLifetime = Long.MAX_VALUE;
    try {
        // Step 1: Determine how many RA filters we can fit in the program.
        ApfGenerator gen = beginProgramLocked();
        for (Ra ra : mRas) {
            ra.generateFilterLocked(gen);
            // Stop if we get too big.
            if (gen.programLengthOverEstimate() > mApfCapabilities.maximumApfProgramSize)
                break;
            rasToFilter.add(ra);
        }
        // Step 2: Actually generate the program
        gen = beginProgramLocked();
        for (Ra ra : rasToFilter) {
            programMinLifetime = Math.min(programMinLifetime, ra.generateFilterLocked(gen));
        }
        // Execution will reach the end of the program if no filters match, which will pass the
        // packet to the AP.
        program = gen.generate();
    } catch (IllegalInstructionException | IllegalStateException e) {
        Log.e(TAG, "Failed to generate APF program.", e);
        return;
    }
    mLastTimeInstalledProgram = currentTimeSeconds();
    mLastInstalledProgramMinLifetime = programMinLifetime;
    mLastInstalledProgram = program;
    mNumProgramUpdates++;
    if (VDBG) {
        hexDump("Installing filter: ", program, program.length);
    }
    mIpManagerCallback.installPacketFilter(program);
    int flags = ApfProgramEvent.flagsFor(mIPv4Address != null, mMulticastFilter);
    mMetricsLog.log(new ApfProgramEvent(programMinLifetime, rasToFilter.size(), mRas.size(), program.length, flags));
}
Also used : IllegalInstructionException(android.net.apf.ApfGenerator.IllegalInstructionException) ApfGenerator(android.net.apf.ApfGenerator) ArrayList(java.util.ArrayList) ApfProgramEvent(android.net.metrics.ApfProgramEvent) VisibleForTesting(com.android.internal.annotations.VisibleForTesting) GuardedBy(com.android.internal.annotations.GuardedBy)

Example 12 with ApfGenerator

use of android.net.apf.ApfGenerator in project platform_frameworks_base by android.

the class ApfFilter method beginProgramLocked.

/**
     * Begin generating an APF program to:
     * <ul>
     * <li>Drop ARP requests not for us, if mIPv4Address is set,
     * <li>Drop IPv4 broadcast packets, except DHCP destined to our MAC,
     * <li>Drop IPv4 multicast packets, if mMulticastFilter,
     * <li>Pass all other IPv4 packets,
     * <li>Drop all broadcast non-IP non-ARP packets.
     * <li>Pass all non-ICMPv6 IPv6 packets,
     * <li>Pass all non-IPv4 and non-IPv6 packets,
     * <li>Drop IPv6 ICMPv6 NAs to ff02::1.
     * <li>Drop IPv6 ICMPv6 RSs.
     * <li>Let execution continue off the end of the program for IPv6 ICMPv6 packets. This allows
     *     insertion of RA filters here, or if there aren't any, just passes the packets.
     * </ul>
     */
@GuardedBy("this")
private ApfGenerator beginProgramLocked() throws IllegalInstructionException {
    ApfGenerator gen = new ApfGenerator();
    // This is guaranteed to return true because of the check in maybeCreate.
    gen.setApfVersion(mApfCapabilities.apfVersionSupported);
    // Here's a basic summary of what the initial program does:
    //
    // if it's ARP:
    //   insert ARP filter to drop or pass these appropriately
    // if it's IPv4:
    //   insert IPv4 filter to drop or pass these appropriately
    // if it's not IPv6:
    //   if it's broadcast:
    //     drop
    //   pass
    // insert IPv6 filter to drop, pass, or fall off the end for ICMPv6 packets
    // Add ARP filters:
    String skipArpFiltersLabel = "skipArpFilters";
    gen.addLoad16(Register.R0, ETH_ETHERTYPE_OFFSET);
    gen.addJumpIfR0NotEquals(ETH_P_ARP, skipArpFiltersLabel);
    generateArpFilterLocked(gen);
    gen.defineLabel(skipArpFiltersLabel);
    // Add IPv4 filters:
    String skipIPv4FiltersLabel = "skipIPv4Filters";
    // NOTE: Relies on R0 containing ethertype. This is safe because if we got here, we did not
    // execute the ARP filter, since that filter does not fall through, but either drops or
    // passes.
    gen.addJumpIfR0NotEquals(ETH_P_IP, skipIPv4FiltersLabel);
    generateIPv4FilterLocked(gen);
    gen.defineLabel(skipIPv4FiltersLabel);
    // Check for IPv6:
    // NOTE: Relies on R0 containing ethertype. This is safe because if we got here, we did not
    // execute the ARP or IPv4 filters, since those filters do not fall through, but either
    // drop or pass.
    String ipv6FilterLabel = "IPv6Filters";
    gen.addJumpIfR0Equals(ETH_P_IPV6, ipv6FilterLabel);
    // Drop non-IP non-ARP broadcasts, pass the rest
    gen.addLoadImmediate(Register.R0, ETH_DEST_ADDR_OFFSET);
    gen.addJumpIfBytesNotEqual(Register.R0, ETH_BROADCAST_MAC_ADDRESS, gen.PASS_LABEL);
    gen.addJump(gen.DROP_LABEL);
    // Add IPv6 filters:
    gen.defineLabel(ipv6FilterLabel);
    generateIPv6FilterLocked(gen);
    return gen;
}
Also used : ApfGenerator(android.net.apf.ApfGenerator) GuardedBy(com.android.internal.annotations.GuardedBy)

Example 13 with ApfGenerator

use of android.net.apf.ApfGenerator in project android_frameworks_base by DirtyUnicorns.

the class ApfFilter method installNewProgramLocked.

/**
     * Generate and install a new filter program.
     */
@GuardedBy("this")
@VisibleForTesting
void installNewProgramLocked() {
    purgeExpiredRasLocked();
    ArrayList<Ra> rasToFilter = new ArrayList<>();
    final byte[] program;
    long programMinLifetime = Long.MAX_VALUE;
    try {
        // Step 1: Determine how many RA filters we can fit in the program.
        ApfGenerator gen = beginProgramLocked();
        for (Ra ra : mRas) {
            ra.generateFilterLocked(gen);
            // Stop if we get too big.
            if (gen.programLengthOverEstimate() > mApfCapabilities.maximumApfProgramSize)
                break;
            rasToFilter.add(ra);
        }
        // Step 2: Actually generate the program
        gen = beginProgramLocked();
        for (Ra ra : rasToFilter) {
            programMinLifetime = Math.min(programMinLifetime, ra.generateFilterLocked(gen));
        }
        // Execution will reach the end of the program if no filters match, which will pass the
        // packet to the AP.
        program = gen.generate();
    } catch (IllegalInstructionException e) {
        Log.e(TAG, "Program failed to generate: ", e);
        return;
    }
    mLastTimeInstalledProgram = curTime();
    mLastInstalledProgramMinLifetime = programMinLifetime;
    mLastInstalledProgram = program;
    mNumProgramUpdates++;
    if (VDBG) {
        hexDump("Installing filter: ", program, program.length);
    }
    mIpManagerCallback.installPacketFilter(program);
    int flags = ApfProgramEvent.flagsFor(mIPv4Address != null, mMulticastFilter);
    mMetricsLog.log(new ApfProgramEvent(programMinLifetime, rasToFilter.size(), mRas.size(), program.length, flags));
}
Also used : IllegalInstructionException(android.net.apf.ApfGenerator.IllegalInstructionException) ApfGenerator(android.net.apf.ApfGenerator) ArrayList(java.util.ArrayList) ApfProgramEvent(android.net.metrics.ApfProgramEvent) VisibleForTesting(com.android.internal.annotations.VisibleForTesting) GuardedBy(com.android.internal.annotations.GuardedBy)

Example 14 with ApfGenerator

use of android.net.apf.ApfGenerator in project android_frameworks_base by DirtyUnicorns.

the class ApfFilter method beginProgramLocked.

/**
     * Begin generating an APF program to:
     * <ul>
     * <li>Drop ARP requests not for us, if mIPv4Address is set,
     * <li>Drop IPv4 broadcast packets, except DHCP destined to our MAC,
     * <li>Drop IPv4 multicast packets, if mMulticastFilter,
     * <li>Pass all other IPv4 packets,
     * <li>Drop all broadcast non-IP non-ARP packets.
     * <li>Pass all non-ICMPv6 IPv6 packets,
     * <li>Pass all non-IPv4 and non-IPv6 packets,
     * <li>Drop IPv6 ICMPv6 NAs to ff02::1.
     * <li>Drop IPv6 ICMPv6 RSs.
     * <li>Let execution continue off the end of the program for IPv6 ICMPv6 packets. This allows
     *     insertion of RA filters here, or if there aren't any, just passes the packets.
     * </ul>
     */
@GuardedBy("this")
private ApfGenerator beginProgramLocked() throws IllegalInstructionException {
    ApfGenerator gen = new ApfGenerator();
    // This is guaranteed to return true because of the check in maybeCreate.
    gen.setApfVersion(mApfCapabilities.apfVersionSupported);
    // Here's a basic summary of what the initial program does:
    //
    // if it's ARP:
    //   insert ARP filter to drop or pass these appropriately
    // if it's IPv4:
    //   insert IPv4 filter to drop or pass these appropriately
    // if it's not IPv6:
    //   if it's broadcast:
    //     drop
    //   pass
    // insert IPv6 filter to drop, pass, or fall off the end for ICMPv6 packets
    // Add ARP filters:
    String skipArpFiltersLabel = "skipArpFilters";
    gen.addLoad16(Register.R0, ETH_ETHERTYPE_OFFSET);
    gen.addJumpIfR0NotEquals(ETH_P_ARP, skipArpFiltersLabel);
    generateArpFilterLocked(gen);
    gen.defineLabel(skipArpFiltersLabel);
    // Add IPv4 filters:
    String skipIPv4FiltersLabel = "skipIPv4Filters";
    // NOTE: Relies on R0 containing ethertype. This is safe because if we got here, we did not
    // execute the ARP filter, since that filter does not fall through, but either drops or
    // passes.
    gen.addJumpIfR0NotEquals(ETH_P_IP, skipIPv4FiltersLabel);
    generateIPv4FilterLocked(gen);
    gen.defineLabel(skipIPv4FiltersLabel);
    // Check for IPv6:
    // NOTE: Relies on R0 containing ethertype. This is safe because if we got here, we did not
    // execute the ARP or IPv4 filters, since those filters do not fall through, but either
    // drop or pass.
    String ipv6FilterLabel = "IPv6Filters";
    gen.addJumpIfR0Equals(ETH_P_IPV6, ipv6FilterLabel);
    // Drop non-IP non-ARP broadcasts, pass the rest
    gen.addLoadImmediate(Register.R0, ETH_DEST_ADDR_OFFSET);
    gen.addJumpIfBytesNotEqual(Register.R0, ETH_BROADCAST_MAC_ADDRESS, gen.PASS_LABEL);
    gen.addJump(gen.DROP_LABEL);
    // Add IPv6 filters:
    gen.defineLabel(ipv6FilterLabel);
    generateIPv6FilterLocked(gen);
    return gen;
}
Also used : ApfGenerator(android.net.apf.ApfGenerator) GuardedBy(com.android.internal.annotations.GuardedBy)

Example 15 with ApfGenerator

use of android.net.apf.ApfGenerator in project android_frameworks_base by ResurrectionRemix.

the class ApfFilter method installNewProgramLocked.

/**
     * Generate and install a new filter program.
     */
@GuardedBy("this")
@VisibleForTesting
void installNewProgramLocked() {
    purgeExpiredRasLocked();
    ArrayList<Ra> rasToFilter = new ArrayList<>();
    final byte[] program;
    long programMinLifetime = Long.MAX_VALUE;
    try {
        // Step 1: Determine how many RA filters we can fit in the program.
        ApfGenerator gen = beginProgramLocked();
        for (Ra ra : mRas) {
            ra.generateFilterLocked(gen);
            // Stop if we get too big.
            if (gen.programLengthOverEstimate() > mApfCapabilities.maximumApfProgramSize)
                break;
            rasToFilter.add(ra);
        }
        // Step 2: Actually generate the program
        gen = beginProgramLocked();
        for (Ra ra : rasToFilter) {
            programMinLifetime = Math.min(programMinLifetime, ra.generateFilterLocked(gen));
        }
        // Execution will reach the end of the program if no filters match, which will pass the
        // packet to the AP.
        program = gen.generate();
    } catch (IllegalInstructionException e) {
        Log.e(TAG, "Program failed to generate: ", e);
        return;
    }
    mLastTimeInstalledProgram = curTime();
    mLastInstalledProgramMinLifetime = programMinLifetime;
    mLastInstalledProgram = program;
    mNumProgramUpdates++;
    if (VDBG) {
        hexDump("Installing filter: ", program, program.length);
    }
    mIpManagerCallback.installPacketFilter(program);
    int flags = ApfProgramEvent.flagsFor(mIPv4Address != null, mMulticastFilter);
    mMetricsLog.log(new ApfProgramEvent(programMinLifetime, rasToFilter.size(), mRas.size(), program.length, flags));
}
Also used : IllegalInstructionException(android.net.apf.ApfGenerator.IllegalInstructionException) ApfGenerator(android.net.apf.ApfGenerator) ArrayList(java.util.ArrayList) ApfProgramEvent(android.net.metrics.ApfProgramEvent) VisibleForTesting(com.android.internal.annotations.VisibleForTesting) GuardedBy(com.android.internal.annotations.GuardedBy)

Aggregations

ApfGenerator (android.net.apf.ApfGenerator)16 GuardedBy (com.android.internal.annotations.GuardedBy)8 IllegalInstructionException (android.net.apf.ApfGenerator.IllegalInstructionException)4 ApfProgramEvent (android.net.metrics.ApfProgramEvent)4 VisibleForTesting (com.android.internal.annotations.VisibleForTesting)4 BufferedReader (java.io.BufferedReader)4 InputStreamReader (java.io.InputStreamReader)4 ArrayList (java.util.ArrayList)4 LargeTest (android.test.suitebuilder.annotation.LargeTest)3 SmallTest (android.test.suitebuilder.annotation.SmallTest)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial