LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Remove dead code in BpfNetMaps."

Browse Source
This commit is contained in:
Mark Chien
2022-03-07 15:19:25 +00:00
committed by Gerrit Code Review
parent 3b45bca306 82244fd16c
commit e06458378d
3 changed files with 12 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
service/src/com/android/server/BpfNetMaps.java
View File

@@ -69,15 +69,10 @@ public class BpfNetMaps {
* Add naughty app bandwidth rule for specific app * Add naughty app bandwidth rule for specific app
* *
* @param uid uid of target app * @param uid uid of target app
* @throws RemoteException when netd has crashed.
* @throws ServiceSpecificException in case of failure, with an error code indicating the * @throws ServiceSpecificException in case of failure, with an error code indicating the
* cause of the failure. * cause of the failure.
*/ */
public void addNaughtyApp(final int uid) throws RemoteException { public void addNaughtyApp(final int uid) {
if (USE_NETD) {
mNetd.bandwidthAddNaughtyApp(uid);
return;
}
final int err = native_addNaughtyApp(uid); final int err = native_addNaughtyApp(uid);
maybeThrow(err, "Unable to add naughty app"); maybeThrow(err, "Unable to add naughty app");
} }
@@ -86,15 +81,10 @@ public class BpfNetMaps {
* Remove naughty app bandwidth rule for specific app * Remove naughty app bandwidth rule for specific app
* *
* @param uid uid of target app * @param uid uid of target app
* @throws RemoteException when netd has crashed.
* @throws ServiceSpecificException in case of failure, with an error code indicating the * @throws ServiceSpecificException in case of failure, with an error code indicating the
* cause of the failure. * cause of the failure.
*/ */
public void removeNaughtyApp(final int uid) throws RemoteException { public void removeNaughtyApp(final int uid) {
if (USE_NETD) {
mNetd.bandwidthRemoveNaughtyApp(uid);
return;
}
final int err = native_removeNaughtyApp(uid); final int err = native_removeNaughtyApp(uid);
maybeThrow(err, "Unable to remove naughty app"); maybeThrow(err, "Unable to remove naughty app");
} }
@@ -103,15 +93,10 @@ public class BpfNetMaps {
* Add nice app bandwidth rule for specific app * Add nice app bandwidth rule for specific app
* *
* @param uid uid of target app * @param uid uid of target app
* @throws RemoteException when netd has crashed.
* @throws ServiceSpecificException in case of failure, with an error code indicating the * @throws ServiceSpecificException in case of failure, with an error code indicating the
* cause of the failure. * cause of the failure.
*/ */
public void addNiceApp(final int uid) throws RemoteException { public void addNiceApp(final int uid) {
if (USE_NETD) {
mNetd.bandwidthAddNiceApp(uid);
return;
}
final int err = native_addNiceApp(uid); final int err = native_addNiceApp(uid);
maybeThrow(err, "Unable to add nice app"); maybeThrow(err, "Unable to add nice app");
} }
@@ -120,15 +105,10 @@ public class BpfNetMaps {
* Remove nice app bandwidth rule for specific app * Remove nice app bandwidth rule for specific app
* *
* @param uid uid of target app * @param uid uid of target app
* @throws RemoteException when netd has crashed.
* @throws ServiceSpecificException in case of failure, with an error code indicating the * @throws ServiceSpecificException in case of failure, with an error code indicating the
* cause of the failure. * cause of the failure.
*/ */
public void removeNiceApp(final int uid) throws RemoteException { public void removeNiceApp(final int uid) {
if (USE_NETD) {
mNetd.bandwidthRemoveNiceApp(uid);
return;
}
final int err = native_removeNiceApp(uid); final int err = native_removeNiceApp(uid);
maybeThrow(err, "Unable to remove nice app"); maybeThrow(err, "Unable to remove nice app");
} }
@@ -138,15 +118,10 @@ public class BpfNetMaps {
* *
* @param childChain target chain to enable * @param childChain target chain to enable
* @param enable whether to enable or disable child chain. * @param enable whether to enable or disable child chain.
* @throws RemoteException when netd has crashed.
* @throws ServiceSpecificException in case of failure, with an error code indicating the * @throws ServiceSpecificException in case of failure, with an error code indicating the
* cause of the failure. * cause of the failure.
*/ */
public void setChildChain(final int childChain, final boolean enable) throws RemoteException { public void setChildChain(final int childChain, final boolean enable) {
if (USE_NETD) {
mNetd.firewallEnableChildChain(childChain, enable);
return;
}
final int err = native_setChildChain(childChain, enable); final int err = native_setChildChain(childChain, enable);
maybeThrow(err, "Unable to set child chain"); maybeThrow(err, "Unable to set child chain");
} }
@@ -163,14 +138,9 @@ public class BpfNetMaps {
* @param isAllowlist Whether this is an allowlist or denylist chain. * @param isAllowlist Whether this is an allowlist or denylist chain.
* @param uids The list of UIDs to allow/deny. * @param uids The list of UIDs to allow/deny.
* @return 0 if the chain was successfully replaced, errno otherwise. * @return 0 if the chain was successfully replaced, errno otherwise.
* @throws RemoteException when netd has crashed.
*/ */
public int replaceUidChain(final String chainName, final boolean isAllowlist, public int replaceUidChain(final String chainName, final boolean isAllowlist,
final int[] uids) throws RemoteException { final int[] uids) {
if (USE_NETD) {
mNetd.firewallReplaceUidChain(chainName, isAllowlist, uids);
return 0;
}
final int err = native_replaceUidChain(chainName, isAllowlist, uids); final int err = native_replaceUidChain(chainName, isAllowlist, uids);
if (err != 0) { if (err != 0) {
Log.e(TAG, "replaceUidChain failed: " + Os.strerror(-err)); Log.e(TAG, "replaceUidChain failed: " + Os.strerror(-err));
@@ -184,16 +154,10 @@ public class BpfNetMaps {
* @param childChain target chain * @param childChain target chain
* @param uid uid to allow/deny * @param uid uid to allow/deny
* @param firewallRule either FIREWALL_RULE_ALLOW or FIREWALL_RULE_DENY * @param firewallRule either FIREWALL_RULE_ALLOW or FIREWALL_RULE_DENY
* @throws RemoteException when netd has crashed.
* @throws ServiceSpecificException in case of failure, with an error code indicating the * @throws ServiceSpecificException in case of failure, with an error code indicating the
* cause of the failure. * cause of the failure.
*/ */
public void setUidRule(final int childChain, final int uid, final int firewallRule) public void setUidRule(final int childChain, final int uid, final int firewallRule) {
throws RemoteException {
if (USE_NETD) {
mNetd.firewallSetUidRule(childChain, uid, firewallRule);
return;
}
final int err = native_setUidRule(childChain, uid, firewallRule); final int err = native_setUidRule(childChain, uid, firewallRule);
maybeThrow(err, "Unable to set uid rule"); maybeThrow(err, "Unable to set uid rule");
} }

10
service/src/com/android/server/ConnectivityService.java
View File

@@ -11056,7 +11056,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
} else { } else {
mBpfNetMaps.removeNiceApp(uid); mBpfNetMaps.removeNiceApp(uid);
} }
} catch (RemoteException | ServiceSpecificException e) { } catch (ServiceSpecificException e) {
throw new IllegalStateException(e); throw new IllegalStateException(e);
} }
} }
@@ -11071,7 +11071,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
} else { } else {
mBpfNetMaps.removeNaughtyApp(uid); mBpfNetMaps.removeNaughtyApp(uid);
} }
} catch (RemoteException | ServiceSpecificException e) { } catch (ServiceSpecificException e) {
throw new IllegalStateException(e); throw new IllegalStateException(e);
} }
} }
@@ -11083,7 +11083,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
try { try {
mBpfNetMaps.setUidRule(chain, uid, mBpfNetMaps.setUidRule(chain, uid,
allow ? INetd.FIREWALL_RULE_ALLOW : INetd.FIREWALL_RULE_DENY); allow ? INetd.FIREWALL_RULE_ALLOW : INetd.FIREWALL_RULE_DENY);
} catch (RemoteException | ServiceSpecificException e) { } catch (ServiceSpecificException e) {
throw new IllegalStateException(e); throw new IllegalStateException(e);
} }
} }
@@ -11094,7 +11094,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
try { try {
mBpfNetMaps.setChildChain(chain, enable); mBpfNetMaps.setChildChain(chain, enable);
} catch (RemoteException | ServiceSpecificException e) { } catch (ServiceSpecificException e) {
throw new IllegalStateException(e); throw new IllegalStateException(e);
} }
} }
@@ -11125,7 +11125,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
throw new IllegalArgumentException("replaceFirewallChain with invalid chain: " throw new IllegalArgumentException("replaceFirewallChain with invalid chain: "
+ chain); + chain);
} }
} catch (RemoteException | ServiceSpecificException e) { } catch (ServiceSpecificException e) {
throw new IllegalStateException(e); throw new IllegalStateException(e);
} }
} }

16
tests/unit/java/com/android/server/BpfNetMapsTest.java
View File

@@ -16,8 +16,6 @@
package com.android.server; package com.android.server;
import static android.net.INetd.FIREWALL_CHAIN_DOZABLE;
import static android.net.INetd.FIREWALL_RULE_ALLOW;
import static android.net.INetd.PERMISSION_INTERNET; import static android.net.INetd.PERMISSION_INTERNET;
import static org.junit.Assume.assumeFalse; import static org.junit.Assume.assumeFalse;
@@ -60,20 +58,6 @@ public final class BpfNetMapsTest {
@Test @Test
public void testBpfNetMapsBeforeT() throws Exception { public void testBpfNetMapsBeforeT() throws Exception {
assumeFalse(SdkLevel.isAtLeastT()); assumeFalse(SdkLevel.isAtLeastT());
mBpfNetMaps.addNaughtyApp(TEST_UID);
verify(mNetd).bandwidthAddNaughtyApp(TEST_UID);
mBpfNetMaps.removeNaughtyApp(TEST_UID);
verify(mNetd).bandwidthRemoveNaughtyApp(TEST_UID);
mBpfNetMaps.addNiceApp(TEST_UID);
verify(mNetd).bandwidthAddNiceApp(TEST_UID);
mBpfNetMaps.removeNiceApp(TEST_UID);
verify(mNetd).bandwidthRemoveNiceApp(TEST_UID);
mBpfNetMaps.setChildChain(FIREWALL_CHAIN_DOZABLE, true);
verify(mNetd).firewallEnableChildChain(FIREWALL_CHAIN_DOZABLE, true);
mBpfNetMaps.replaceUidChain(CHAINNAME, true, TEST_UIDS);
verify(mNetd).firewallReplaceUidChain(CHAINNAME, true, TEST_UIDS);
mBpfNetMaps.setUidRule(FIREWALL_CHAIN_DOZABLE, TEST_UID, FIREWALL_RULE_ALLOW);
verify(mNetd).firewallSetUidRule(FIREWALL_CHAIN_DOZABLE, TEST_UID, FIREWALL_RULE_ALLOW);
mBpfNetMaps.addUidInterfaceRules(IFNAME, TEST_UIDS); mBpfNetMaps.addUidInterfaceRules(IFNAME, TEST_UIDS);
verify(mNetd).firewallAddUidInterfaceRules(IFNAME, TEST_UIDS); verify(mNetd).firewallAddUidInterfaceRules(IFNAME, TEST_UIDS);
mBpfNetMaps.removeUidInterfaceRules(TEST_UIDS); mBpfNetMaps.removeUidInterfaceRules(TEST_UIDS);