Merge "New firewall chain for default background restrictions" into main
diff --git a/service/Android.bp b/service/Android.bp
index 15ae501..38c0110 100644
--- a/service/Android.bp
+++ b/service/Android.bp
@@ -107,11 +107,16 @@
"-Werror",
"-Wno-unused-parameter",
"-Wthread-safety",
+
+ // AServiceManager_waitForService is available on only 31+, but it's still safe for Thread
+ // service because it's enabled on only 34+
+ "-Wno-unguarded-availability",
],
srcs: [
":services.connectivity-netstats-jni-sources",
"jni/com_android_server_BpfNetMaps.cpp",
"jni/com_android_server_connectivity_ClatCoordinator.cpp",
+ "jni/com_android_server_ServiceManagerWrapper.cpp",
"jni/com_android_server_TestNetworkService.cpp",
"jni/onload.cpp",
],
@@ -128,6 +133,7 @@
],
shared_libs: [
"libbase",
+ "libbinder_ndk",
"libcutils",
"libnetdutils",
"liblog",
@@ -203,6 +209,8 @@
visibility: [
"//packages/modules/Connectivity/service-t",
"//packages/modules/Connectivity/tests:__subpackages__",
+ "//packages/modules/Connectivity/thread/service:__subpackages__",
+ "//packages/modules/Connectivity/thread/tests:__subpackages__",
],
}
diff --git a/service/jni/com_android_server_ServiceManagerWrapper.cpp b/service/jni/com_android_server_ServiceManagerWrapper.cpp
new file mode 100644
index 0000000..0cd58f4
--- /dev/null
+++ b/service/jni/com_android_server_ServiceManagerWrapper.cpp
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <android/binder_ibinder_jni.h>
+#include <android/binder_manager.h>
+#include <jni.h>
+#include "nativehelper/JNIHelp.h"
+#include <nativehelper/ScopedUtfChars.h>
+#include <private/android_filesystem_config.h>
+
+namespace android {
+static jobject com_android_server_ServiceManagerWrapper_waitForService(
+ JNIEnv* env, jobject clazz, jstring serviceName) {
+ ScopedUtfChars name(env, serviceName);
+ return AIBinder_toJavaBinder(env, AServiceManager_waitForService(name.c_str()));
+}
+
+/*
+ * JNI registration.
+ */
+
+static const JNINativeMethod gMethods[] = {
+ /* name, signature, funcPtr */
+ {"nativeWaitForService",
+ "(Ljava/lang/String;)Landroid/os/IBinder;",
+ (void*)com_android_server_ServiceManagerWrapper_waitForService},
+};
+
+int register_com_android_server_ServiceManagerWrapper(JNIEnv* env) {
+ return jniRegisterNativeMethods(env,
+ "android/net/connectivity/com/android/server/ServiceManagerWrapper",
+ gMethods, NELEM(gMethods));
+}
+
+}; // namespace android
diff --git a/service/jni/onload.cpp b/service/jni/onload.cpp
index ed74430..5e89ad0 100644
--- a/service/jni/onload.cpp
+++ b/service/jni/onload.cpp
@@ -26,6 +26,7 @@
int register_com_android_server_connectivity_ClatCoordinator(JNIEnv* env);
int register_android_server_net_NetworkStatsFactory(JNIEnv* env);
int register_android_server_net_NetworkStatsService(JNIEnv* env);
+int register_com_android_server_ServiceManagerWrapper(JNIEnv* env);
extern "C" jint JNI_OnLoad(JavaVM* vm, void*) {
JNIEnv *env;
@@ -38,6 +39,10 @@
return JNI_ERR;
}
+ if (register_com_android_server_ServiceManagerWrapper(env) < 0) {
+ return JNI_ERR;
+ }
+
if (android::modules::sdklevel::IsAtLeastT()) {
if (register_com_android_server_BpfNetMaps(env) < 0) {
return JNI_ERR;
diff --git a/service/native/include/Common.h b/service/native/include/Common.h
deleted file mode 100644
index b5f5f0a..0000000
--- a/service/native/include/Common.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Copyright (C) 2022 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#pragma once
-// TODO: deduplicate with the constants in NetdConstants.h.
-#include <aidl/android/net/INetd.h>
-#include "clat_mark.h"
-
-using aidl::android::net::INetd;
-
-static_assert(INetd::CLAT_MARK == CLAT_MARK, "must be 0xDEADC1A7");
diff --git a/service/native/libs/libclat/Android.bp b/service/native/libs/libclat/Android.bp
index 996706e..5c6b123 100644
--- a/service/native/libs/libclat/Android.bp
+++ b/service/native/libs/libclat/Android.bp
@@ -43,11 +43,15 @@
srcs: [
"clatutils_test.cpp",
],
+ header_libs: [
+ "bpf_connectivity_headers",
+ ],
static_libs: [
"libbase",
"libclat",
"libip_checksum",
"libnetd_test_tun_interface",
+ "netd_aidl_interface-lateststable-ndk",
],
shared_libs: [
"liblog",
diff --git a/service/native/libs/libclat/clatutils_test.cpp b/service/native/libs/libclat/clatutils_test.cpp
index f4f97db..cf6492f 100644
--- a/service/native/libs/libclat/clatutils_test.cpp
+++ b/service/native/libs/libclat/clatutils_test.cpp
@@ -26,6 +26,10 @@
#include "checksum.h"
}
+#include <aidl/android/net/INetd.h>
+#include "clat_mark.h"
+static_assert(aidl::android::net::INetd::CLAT_MARK == CLAT_MARK, "must be 0xDEADC1A7");
+
// Default translation parameters.
static const char kIPv4LocalAddr[] = "192.0.0.4";
diff --git a/service/src/com/android/server/ServiceManagerWrapper.java b/service/src/com/android/server/ServiceManagerWrapper.java
new file mode 100644
index 0000000..6d99f33
--- /dev/null
+++ b/service/src/com/android/server/ServiceManagerWrapper.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server;
+
+import android.annotation.RequiresApi;
+import android.os.IBinder;
+import android.os.Build;
+import android.os.ServiceManager;
+
+/** Provides a way to access {@link ServiceManager#waitForService} API. */
+@RequiresApi(Build.VERSION_CODES.S)
+public final class ServiceManagerWrapper {
+ static {
+ System.loadLibrary("service-connectivity");
+ }
+
+ private ServiceManagerWrapper() {}
+
+ /**
+ * Returns the specified service from the service manager.
+ *
+ * If the service is not running, service manager will attempt to start it, and this function
+ * will wait for it to be ready.
+ *
+ * @return {@code null} only if there are permission problems or fatal errors
+ */
+ public static IBinder waitForService(String serviceName) {
+ return nativeWaitForService(serviceName);
+ }
+
+ private static native IBinder nativeWaitForService(String serviceName);
+}
diff --git a/thread/service/Android.bp b/thread/service/Android.bp
index f1af653..fcf9521 100644
--- a/thread/service/Android.bp
+++ b/thread/service/Android.bp
@@ -34,6 +34,7 @@
srcs: [":service-thread-sources"],
libs: [
"framework-connectivity-t-pre-jarjar",
+ "service-connectivity-pre-jarjar",
],
static_libs: [
"net-utils-device-common",