Loading core/java/android/app/admin/DevicePolicyManager.java +2 −2 Original line number Diff line number Diff line Loading @@ -53,7 +53,6 @@ import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ParceledListSlice; import android.content.pm.UserInfo; import android.graphics.Bitmap; import android.net.NetworkUtils; import android.net.PrivateDnsConnectivityChecker; import android.net.ProxyInfo; import android.net.Uri; Loading Loading @@ -90,6 +89,7 @@ import android.util.ArraySet; import android.util.Log; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.net.NetworkUtilsInternal; import com.android.internal.os.BackgroundThread; import com.android.internal.util.Preconditions; import com.android.org.conscrypt.TrustedCertificateStore; Loading Loading @@ -11466,7 +11466,7 @@ public class DevicePolicyManager { return PRIVATE_DNS_SET_ERROR_FAILURE_SETTING; } if (NetworkUtils.isWeaklyValidatedHostname(privateDnsHost)) { if (NetworkUtilsInternal.isWeaklyValidatedHostname(privateDnsHost)) { if (!PrivateDnsConnectivityChecker.canConnectToPrivateDnsServer(privateDnsHost)) { return PRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING; } core/java/android/net/NetworkStatsHistory.java +1 −1 Original line number Diff line number Diff line Loading @@ -26,9 +26,9 @@ import static android.net.NetworkStatsHistory.DataStreamUtils.writeVarLongArray; import static android.net.NetworkStatsHistory.Entry.UNKNOWN; import static android.net.NetworkStatsHistory.ParcelUtils.readLongArray; import static android.net.NetworkStatsHistory.ParcelUtils.writeLongArray; import static android.net.NetworkUtils.multiplySafeByRational; import static android.text.format.DateUtils.SECOND_IN_MILLIS; import static com.android.internal.net.NetworkUtilsInternal.multiplySafeByRational; import static com.android.internal.util.ArrayUtils.total; import android.compat.annotation.UnsupportedAppUsage; Loading core/java/android/net/NetworkUtils.java +0 −69 Original line number Diff line number Diff line Loading @@ -16,14 +16,9 @@ package android.net; import static android.system.OsConstants.AF_INET; import static android.system.OsConstants.AF_INET6; import android.annotation.NonNull; import android.compat.annotation.UnsupportedAppUsage; import android.os.Build; import android.system.ErrnoException; import android.system.Os; import android.util.Log; import android.util.Pair; Loading Loading @@ -154,14 +149,6 @@ public class NetworkUtils { */ public static native Network getDnsNetwork() throws ErrnoException; /** * Allow/Disallow creating AF_INET/AF_INET6 sockets and DNS lookups for current process. * * @param allowNetworking whether to allow or disallow creating AF_INET/AF_INET6 sockets * and DNS lookups. */ public static native void setAllowNetworkingForProcess(boolean allowNetworking); /** * Get the tcp repair window associated with the {@code fd}. * Loading Loading @@ -437,60 +424,4 @@ public class NetworkUtils { return routedIPCount; } private static final int[] ADDRESS_FAMILIES = new int[] {AF_INET, AF_INET6}; /** * Returns true if the hostname is weakly validated. * @param hostname Name of host to validate. * @return True if it's a valid-ish hostname. * * @hide */ public static boolean isWeaklyValidatedHostname(@NonNull String hostname) { // TODO(b/34953048): Use a validation method that permits more accurate, // but still inexpensive, checking of likely valid DNS hostnames. final String weakHostnameRegex = "^[a-zA-Z0-9_.-]+$"; if (!hostname.matches(weakHostnameRegex)) { return false; } for (int address_family : ADDRESS_FAMILIES) { if (Os.inet_pton(address_family, hostname) != null) { return false; } } return true; } /** * Safely multiple a value by a rational. * <p> * Internally it uses integer-based math whenever possible, but switches * over to double-based math if values would overflow. * @hide */ public static long multiplySafeByRational(long value, long num, long den) { if (den == 0) { throw new ArithmeticException("Invalid Denominator"); } long x = value; long y = num; // Logic shamelessly borrowed from Math.multiplyExact() long r = x * y; long ax = Math.abs(x); long ay = Math.abs(y); if (((ax | ay) >>> 31 != 0)) { // Some bits greater than 2^31 that might cause overflow // Check the result using the divide operator // and check for the special case of Long.MIN_VALUE * -1 if (((y != 0) && (r / y != x)) || (x == Long.MIN_VALUE && y == -1)) { // Use double math to avoid overflowing return (long) (((double) num / den) * value); } } return r / den; } } core/java/com/android/internal/net/NetworkUtilsInternal.java 0 → 100644 +92 −0 Original line number Diff line number Diff line /* * Copyright (C) 2020 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.internal.net; import static android.system.OsConstants.AF_INET; import static android.system.OsConstants.AF_INET6; import android.annotation.NonNull; import android.system.Os; /** @hide */ public class NetworkUtilsInternal { private static final int[] ADDRESS_FAMILIES = new int[] {AF_INET, AF_INET6}; /** * Allow/Disallow creating AF_INET/AF_INET6 sockets and DNS lookups for current process. * * @param allowNetworking whether to allow or disallow creating AF_INET/AF_INET6 sockets * and DNS lookups. */ public static native void setAllowNetworkingForProcess(boolean allowNetworking); /** * Returns true if the hostname is weakly validated. * @param hostname Name of host to validate. * @return True if it's a valid-ish hostname. * * @hide */ public static boolean isWeaklyValidatedHostname(@NonNull String hostname) { // TODO(b/34953048): Use a validation method that permits more accurate, // but still inexpensive, checking of likely valid DNS hostnames. final String weakHostnameRegex = "^[a-zA-Z0-9_.-]+$"; if (!hostname.matches(weakHostnameRegex)) { return false; } for (int address_family : ADDRESS_FAMILIES) { if (Os.inet_pton(address_family, hostname) != null) { return false; } } return true; } /** * Safely multiple a value by a rational. * <p> * Internally it uses integer-based math whenever possible, but switches * over to double-based math if values would overflow. * @hide */ public static long multiplySafeByRational(long value, long num, long den) { if (den == 0) { throw new ArithmeticException("Invalid Denominator"); } long x = value; long y = num; // Logic shamelessly borrowed from Math.multiplyExact() long r = x * y; long ax = Math.abs(x); long ay = Math.abs(y); if (((ax | ay) >>> 31 != 0)) { // Some bits greater than 2^31 that might cause overflow // Check the result using the divide operator // and check for the special case of Long.MIN_VALUE * -1 if (((y != 0) && (r / y != x)) || (x == Long.MIN_VALUE && y == -1)) { // Use double math to avoid overflowing return (long) (((double) num / den) * value); } } return r / den; } } core/java/com/android/internal/os/Zygote.java +3 −2 Original line number Diff line number Diff line Loading @@ -24,7 +24,6 @@ import android.content.pm.ApplicationInfo; import android.net.Credentials; import android.net.LocalServerSocket; import android.net.LocalSocket; import android.net.NetworkUtils; import android.os.FactoryTest; import android.os.IVold; import android.os.Process; Loading @@ -35,6 +34,8 @@ import android.system.ErrnoException; import android.system.Os; import android.util.Log; import com.android.internal.net.NetworkUtilsInternal; import dalvik.annotation.optimization.FastNative; import dalvik.system.ZygoteHooks; Loading Loading @@ -352,7 +353,7 @@ public final class Zygote { // If no GIDs were specified, don't make any permissions changes based on groups. if (gids != null && gids.length > 0) { NetworkUtils.setAllowNetworkingForProcess(containsInetGid(gids)); NetworkUtilsInternal.setAllowNetworkingForProcess(containsInetGid(gids)); } } Loading Loading
core/java/android/app/admin/DevicePolicyManager.java +2 −2 Original line number Diff line number Diff line Loading @@ -53,7 +53,6 @@ import android.content.pm.PackageManager.NameNotFoundException; import android.content.pm.ParceledListSlice; import android.content.pm.UserInfo; import android.graphics.Bitmap; import android.net.NetworkUtils; import android.net.PrivateDnsConnectivityChecker; import android.net.ProxyInfo; import android.net.Uri; Loading Loading @@ -90,6 +89,7 @@ import android.util.ArraySet; import android.util.Log; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.net.NetworkUtilsInternal; import com.android.internal.os.BackgroundThread; import com.android.internal.util.Preconditions; import com.android.org.conscrypt.TrustedCertificateStore; Loading Loading @@ -11466,7 +11466,7 @@ public class DevicePolicyManager { return PRIVATE_DNS_SET_ERROR_FAILURE_SETTING; } if (NetworkUtils.isWeaklyValidatedHostname(privateDnsHost)) { if (NetworkUtilsInternal.isWeaklyValidatedHostname(privateDnsHost)) { if (!PrivateDnsConnectivityChecker.canConnectToPrivateDnsServer(privateDnsHost)) { return PRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING; }
core/java/android/net/NetworkStatsHistory.java +1 −1 Original line number Diff line number Diff line Loading @@ -26,9 +26,9 @@ import static android.net.NetworkStatsHistory.DataStreamUtils.writeVarLongArray; import static android.net.NetworkStatsHistory.Entry.UNKNOWN; import static android.net.NetworkStatsHistory.ParcelUtils.readLongArray; import static android.net.NetworkStatsHistory.ParcelUtils.writeLongArray; import static android.net.NetworkUtils.multiplySafeByRational; import static android.text.format.DateUtils.SECOND_IN_MILLIS; import static com.android.internal.net.NetworkUtilsInternal.multiplySafeByRational; import static com.android.internal.util.ArrayUtils.total; import android.compat.annotation.UnsupportedAppUsage; Loading
core/java/android/net/NetworkUtils.java +0 −69 Original line number Diff line number Diff line Loading @@ -16,14 +16,9 @@ package android.net; import static android.system.OsConstants.AF_INET; import static android.system.OsConstants.AF_INET6; import android.annotation.NonNull; import android.compat.annotation.UnsupportedAppUsage; import android.os.Build; import android.system.ErrnoException; import android.system.Os; import android.util.Log; import android.util.Pair; Loading Loading @@ -154,14 +149,6 @@ public class NetworkUtils { */ public static native Network getDnsNetwork() throws ErrnoException; /** * Allow/Disallow creating AF_INET/AF_INET6 sockets and DNS lookups for current process. * * @param allowNetworking whether to allow or disallow creating AF_INET/AF_INET6 sockets * and DNS lookups. */ public static native void setAllowNetworkingForProcess(boolean allowNetworking); /** * Get the tcp repair window associated with the {@code fd}. * Loading Loading @@ -437,60 +424,4 @@ public class NetworkUtils { return routedIPCount; } private static final int[] ADDRESS_FAMILIES = new int[] {AF_INET, AF_INET6}; /** * Returns true if the hostname is weakly validated. * @param hostname Name of host to validate. * @return True if it's a valid-ish hostname. * * @hide */ public static boolean isWeaklyValidatedHostname(@NonNull String hostname) { // TODO(b/34953048): Use a validation method that permits more accurate, // but still inexpensive, checking of likely valid DNS hostnames. final String weakHostnameRegex = "^[a-zA-Z0-9_.-]+$"; if (!hostname.matches(weakHostnameRegex)) { return false; } for (int address_family : ADDRESS_FAMILIES) { if (Os.inet_pton(address_family, hostname) != null) { return false; } } return true; } /** * Safely multiple a value by a rational. * <p> * Internally it uses integer-based math whenever possible, but switches * over to double-based math if values would overflow. * @hide */ public static long multiplySafeByRational(long value, long num, long den) { if (den == 0) { throw new ArithmeticException("Invalid Denominator"); } long x = value; long y = num; // Logic shamelessly borrowed from Math.multiplyExact() long r = x * y; long ax = Math.abs(x); long ay = Math.abs(y); if (((ax | ay) >>> 31 != 0)) { // Some bits greater than 2^31 that might cause overflow // Check the result using the divide operator // and check for the special case of Long.MIN_VALUE * -1 if (((y != 0) && (r / y != x)) || (x == Long.MIN_VALUE && y == -1)) { // Use double math to avoid overflowing return (long) (((double) num / den) * value); } } return r / den; } }
core/java/com/android/internal/net/NetworkUtilsInternal.java 0 → 100644 +92 −0 Original line number Diff line number Diff line /* * Copyright (C) 2020 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.android.internal.net; import static android.system.OsConstants.AF_INET; import static android.system.OsConstants.AF_INET6; import android.annotation.NonNull; import android.system.Os; /** @hide */ public class NetworkUtilsInternal { private static final int[] ADDRESS_FAMILIES = new int[] {AF_INET, AF_INET6}; /** * Allow/Disallow creating AF_INET/AF_INET6 sockets and DNS lookups for current process. * * @param allowNetworking whether to allow or disallow creating AF_INET/AF_INET6 sockets * and DNS lookups. */ public static native void setAllowNetworkingForProcess(boolean allowNetworking); /** * Returns true if the hostname is weakly validated. * @param hostname Name of host to validate. * @return True if it's a valid-ish hostname. * * @hide */ public static boolean isWeaklyValidatedHostname(@NonNull String hostname) { // TODO(b/34953048): Use a validation method that permits more accurate, // but still inexpensive, checking of likely valid DNS hostnames. final String weakHostnameRegex = "^[a-zA-Z0-9_.-]+$"; if (!hostname.matches(weakHostnameRegex)) { return false; } for (int address_family : ADDRESS_FAMILIES) { if (Os.inet_pton(address_family, hostname) != null) { return false; } } return true; } /** * Safely multiple a value by a rational. * <p> * Internally it uses integer-based math whenever possible, but switches * over to double-based math if values would overflow. * @hide */ public static long multiplySafeByRational(long value, long num, long den) { if (den == 0) { throw new ArithmeticException("Invalid Denominator"); } long x = value; long y = num; // Logic shamelessly borrowed from Math.multiplyExact() long r = x * y; long ax = Math.abs(x); long ay = Math.abs(y); if (((ax | ay) >>> 31 != 0)) { // Some bits greater than 2^31 that might cause overflow // Check the result using the divide operator // and check for the special case of Long.MIN_VALUE * -1 if (((y != 0) && (r / y != x)) || (x == Long.MIN_VALUE && y == -1)) { // Use double math to avoid overflowing return (long) (((double) num / den) * value); } } return r / den; } }
core/java/com/android/internal/os/Zygote.java +3 −2 Original line number Diff line number Diff line Loading @@ -24,7 +24,6 @@ import android.content.pm.ApplicationInfo; import android.net.Credentials; import android.net.LocalServerSocket; import android.net.LocalSocket; import android.net.NetworkUtils; import android.os.FactoryTest; import android.os.IVold; import android.os.Process; Loading @@ -35,6 +34,8 @@ import android.system.ErrnoException; import android.system.Os; import android.util.Log; import com.android.internal.net.NetworkUtilsInternal; import dalvik.annotation.optimization.FastNative; import dalvik.system.ZygoteHooks; Loading Loading @@ -352,7 +353,7 @@ public final class Zygote { // If no GIDs were specified, don't make any permissions changes based on groups. if (gids != null && gids.length > 0) { NetworkUtils.setAllowNetworkingForProcess(containsInetGid(gids)); NetworkUtilsInternal.setAllowNetworkingForProcess(containsInetGid(gids)); } } Loading
