LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update jni to get int descriptor in native layer

Browse Source 
ConnectivityService is going to become a mainline module which
can not access the hidden APIs. The int descriptor of a
FileDescriptor is hidden for internal use only. The Network and
NetworkUtls will be parts of CS module. The corresponding usage
should be removed. There is no way in a module to access the
descriptor, so update the jni to set a FileDescriptor to native
to get the int descriptor inside the platform.

Also, update the other references in android_net_NetUtils for
getting fd to use the NDK functions in the libnativehelper.

Bug: 170598012
Test: atest FrameworksNetTests CtsNetTestCasesLatestSdk
Test: manually connect to a VPN
Change-Id: I2143c079feac53917a6e7bf7422f3180f51437fb
This commit is contained in:
Chiachang Wang
2021-01-19 10:36:03 +08:00
parent 40344bcf90
commit 3f7f79e658
3 changed files with 20 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/java/android/net/Network.java
View File

@@ -420,7 +420,7 @@ public class Network implements Parcelable {
throw new SocketException("Only AF_INET/AF_INET6 sockets supported"); throw new SocketException("Only AF_INET/AF_INET6 sockets supported");
} }
final int err = NetworkUtils.bindSocketToNetwork(fd.getInt$(), netId); final int err = NetworkUtils.bindSocketToNetwork(fd, netId);
if (err != 0) { if (err != 0) {
// bindSocketToNetwork returns negative errno. // bindSocketToNetwork returns negative errno.
throw new ErrnoException("Binding socket to network " + netId, -err) throw new ErrnoException("Binding socket to network " + netId, -err)

8
core/java/android/net/NetworkUtils.java
View File

@@ -81,11 +81,11 @@ public class NetworkUtils {
public native static boolean bindProcessToNetworkForHostResolution(int netId); public native static boolean bindProcessToNetworkForHostResolution(int netId);
/** /**
* Explicitly binds {@code socketfd} to the network designated by {@code netId}. This * Explicitly binds {@code fd} to the network designated by {@code netId}. This
* overrides any binding via {@link #bindProcessToNetwork}. * overrides any binding via {@link #bindProcessToNetwork}.
* @return 0 on success or negative errno on failure. * @return 0 on success or negative errno on failure.
*/ */
public native static int bindSocketToNetwork(int socketfd, int netId); public static native int bindSocketToNetwork(FileDescriptor fd, int netId);
/** /**
* Protect {@code fd} from VPN connections. After protecting, data sent through * Protect {@code fd} from VPN connections. After protecting, data sent through
@@ -93,9 +93,7 @@ public class NetworkUtils {
* forwarded through the VPN. * forwarded through the VPN.
*/ */
@UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
public static boolean protectFromVpn(FileDescriptor fd) { public static native boolean protectFromVpn(FileDescriptor fd);
return protectFromVpn(fd.getInt$());
}
/** /**
* Protect {@code socketfd} from VPN connections. After protecting, data sent through * Protect {@code socketfd} from VPN connections. After protecting, data sent through

27
core/jni/android_net_NetUtils.cpp
View File

@@ -18,6 +18,7 @@
#include <vector> #include <vector>
#include <android/file_descriptor_jni.h>
#include <arpa/inet.h> #include <arpa/inet.h>
#include <linux/filter.h> #include <linux/filter.h>
#include <linux/if_arp.h> #include <linux/if_arp.h>
@@ -83,7 +84,7 @@ static void android_net_utils_attachDropAllBPFFilter(JNIEnv *env, jobject clazz,
filter_code, filter_code,
}; };
int fd = jniGetFDFromFileDescriptor(env, javaFd); int fd = AFileDescriptor_getFD(env, javaFd);
if (setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)) != 0) { if (setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)) != 0) {
jniThrowExceptionFmt(env, "java/net/SocketException", jniThrowExceptionFmt(env, "java/net/SocketException",
"setsockopt(SO_ATTACH_FILTER): %s", strerror(errno)); "setsockopt(SO_ATTACH_FILTER): %s", strerror(errno));
@@ -93,7 +94,7 @@ static void android_net_utils_attachDropAllBPFFilter(JNIEnv *env, jobject clazz,
static void android_net_utils_detachBPFFilter(JNIEnv *env, jobject clazz, jobject javaFd) static void android_net_utils_detachBPFFilter(JNIEnv *env, jobject clazz, jobject javaFd)
{ {
int optval_ignored = 0; int optval_ignored = 0;
int fd = jniGetFDFromFileDescriptor(env, javaFd); int fd = AFileDescriptor_getFD(env, javaFd);
if (setsockopt(fd, SOL_SOCKET, SO_DETACH_FILTER, &optval_ignored, sizeof(optval_ignored)) != if (setsockopt(fd, SOL_SOCKET, SO_DETACH_FILTER, &optval_ignored, sizeof(optval_ignored)) !=
0) { 0) {
jniThrowExceptionFmt(env, "java/net/SocketException", jniThrowExceptionFmt(env, "java/net/SocketException",
@@ -117,10 +118,9 @@ static jboolean android_net_utils_bindProcessToNetworkForHostResolution(JNIEnv *
return (jboolean) !setNetworkForResolv(netId); return (jboolean) !setNetworkForResolv(netId);
} }
static jint android_net_utils_bindSocketToNetwork(JNIEnv *env, jobject thiz, jint socket, static jint android_net_utils_bindSocketToNetwork(JNIEnv *env, jobject thiz, jobject javaFd,
jint netId) jint netId) {
{ return setNetworkForSocket(netId, AFileDescriptor_getFD(env, javaFd));
return setNetworkForSocket(netId, socket);
} }
static jboolean android_net_utils_protectFromVpn(JNIEnv *env, jobject thiz, jint socket) static jboolean android_net_utils_protectFromVpn(JNIEnv *env, jobject thiz, jint socket)
@@ -128,6 +128,10 @@ static jboolean android_net_utils_protectFromVpn(JNIEnv *env, jobject thiz, jint
return (jboolean) !protectFromVpn(socket); return (jboolean) !protectFromVpn(socket);
} }
static jboolean android_net_utils_protectFromVpnWithFd(JNIEnv *env, jobject thiz, jobject javaFd) {
return android_net_utils_protectFromVpn(env, thiz, AFileDescriptor_getFD(env, javaFd));
}
static jboolean android_net_utils_queryUserAccess(JNIEnv *env, jobject thiz, jint uid, jint netId) static jboolean android_net_utils_queryUserAccess(JNIEnv *env, jobject thiz, jint uid, jint netId)
{ {
return (jboolean) !queryUserAccess(uid, netId); return (jboolean) !queryUserAccess(uid, netId);
@@ -178,7 +182,7 @@ static jobject android_net_utils_resNetworkSend(JNIEnv *env, jobject thiz, jint
} }
static jobject android_net_utils_resNetworkResult(JNIEnv *env, jobject thiz, jobject javaFd) { static jobject android_net_utils_resNetworkResult(JNIEnv *env, jobject thiz, jobject javaFd) {
int fd = jniGetFDFromFileDescriptor(env, javaFd); int fd = AFileDescriptor_getFD(env, javaFd);
int rcode; int rcode;
std::vector<uint8_t> buf(MAXPACKETSIZE, 0); std::vector<uint8_t> buf(MAXPACKETSIZE, 0);
@@ -205,7 +209,7 @@ static jobject android_net_utils_resNetworkResult(JNIEnv *env, jobject thiz, job
} }
static void android_net_utils_resNetworkCancel(JNIEnv *env, jobject thiz, jobject javaFd) { static void android_net_utils_resNetworkCancel(JNIEnv *env, jobject thiz, jobject javaFd) {
int fd = jniGetFDFromFileDescriptor(env, javaFd); int fd = AFileDescriptor_getFD(env, javaFd);
resNetworkCancel(fd); resNetworkCancel(fd);
jniSetFileDescriptorOfFD(env, javaFd, -1); jniSetFileDescriptorOfFD(env, javaFd, -1);
} }
@@ -231,7 +235,7 @@ static jobject android_net_utils_getTcpRepairWindow(JNIEnv *env, jobject thiz, j
return NULL; return NULL;
} }
int fd = jniGetFDFromFileDescriptor(env, javaFd); int fd = AFileDescriptor_getFD(env, javaFd);
struct tcp_repair_window trw = {}; struct tcp_repair_window trw = {};
socklen_t size = sizeof(trw); socklen_t size = sizeof(trw);
@@ -271,8 +275,9 @@ static const JNINativeMethod gNetworkUtilMethods[] = {
{ "bindProcessToNetwork", "(I)Z", (void*) android_net_utils_bindProcessToNetwork }, { "bindProcessToNetwork", "(I)Z", (void*) android_net_utils_bindProcessToNetwork },
{ "getBoundNetworkForProcess", "()I", (void*) android_net_utils_getBoundNetworkForProcess }, { "getBoundNetworkForProcess", "()I", (void*) android_net_utils_getBoundNetworkForProcess },
{ "bindProcessToNetworkForHostResolution", "(I)Z", (void*) android_net_utils_bindProcessToNetworkForHostResolution }, { "bindProcessToNetworkForHostResolution", "(I)Z", (void*) android_net_utils_bindProcessToNetworkForHostResolution },
{ "bindSocketToNetwork", "(II)I", (void*) android_net_utils_bindSocketToNetwork }, { "bindSocketToNetwork", "(Ljava/io/FileDescriptor;I)I", (void*) android_net_utils_bindSocketToNetwork },
{ "protectFromVpn", "(I)Z", (void*)android_net_utils_protectFromVpn }, { "protectFromVpn", "(I)Z", (void*) android_net_utils_protectFromVpn },
{ "protectFromVpn", "(Ljava/io/FileDescriptor;)Z", (void*) android_net_utils_protectFromVpnWithFd },
{ "queryUserAccess", "(II)Z", (void*)android_net_utils_queryUserAccess }, { "queryUserAccess", "(II)Z", (void*)android_net_utils_queryUserAccess },
{ "attachDropAllBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_attachDropAllBPFFilter }, { "attachDropAllBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_attachDropAllBPFFilter },
{ "detachBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_detachBPFFilter }, { "detachBPFFilter", "(Ljava/io/FileDescriptor;)V", (void*) android_net_utils_detachBPFFilter },