Loading Android.bp +6 −5 Original line number Diff line number Diff line Loading @@ -53,12 +53,12 @@ cc_library_headers { ], } dnsresolver_aidl_interface_lateststable_version = "V8" dnsresolver_aidl_interface_lateststable_version = "V9" cc_library_static { name: "dnsresolver_aidl_interface-lateststable-ndk_platform", name: "dnsresolver_aidl_interface-lateststable-ndk", whole_static_libs: [ "dnsresolver_aidl_interface-" + dnsresolver_aidl_interface_lateststable_version + "-ndk_platform", "dnsresolver_aidl_interface-" + dnsresolver_aidl_interface_lateststable_version + "-ndk", ], apex_available: [ "com.android.resolv", Loading Loading @@ -106,6 +106,7 @@ aidl_interface { "6", "7", "8", "9", ], dumpapi: { no_license: true, Loading Loading @@ -191,7 +192,7 @@ cc_library { // Link most things statically to minimize our dependence on system ABIs. stl: "libc++_static", static_libs: [ "dnsresolver_aidl_interface-lateststable-ndk_platform", "dnsresolver_aidl_interface-lateststable-ndk", "libbase", "libcutils", "libnetdutils", Loading @@ -200,7 +201,7 @@ cc_library { "libstatslog_resolv", "libstatspush_compat", "libsysutils", "netd_event_listener_interface-lateststable-ndk_platform", "netd_event_listener_interface-lateststable-ndk", "server_configurable_flags", "stats_proto", ], Loading DnsResolverService.cpp +9 −0 Original line number Diff line number Diff line Loading @@ -36,6 +36,7 @@ #include "ResolverEventReporter.h" #include "resolv_cache.h" using aidl::android::net::ResolverOptionsParcel; using aidl::android::net::ResolverParamsParcel; using android::base::Join; using android::base::StringPrintf; Loading Loading @@ -307,5 +308,13 @@ binder_status_t DnsResolverService::dump(int fd, const char** args, uint32_t num return statusFromErrcode(res); } ::ndk::ScopedAStatus DnsResolverService::setResolverOptions(int32_t netId, const ResolverOptionsParcel& options) { // Locking happens in res_cache.cpp functions. ENFORCE_NETWORK_STACK_PERMISSIONS(); return statusFromErrcode(resolv_set_options(netId, options)); } } // namespace net } // namespace android DnsResolverService.h +2 −0 Original line number Diff line number Diff line Loading @@ -55,6 +55,8 @@ class DnsResolverService : public aidl::android::net::BnDnsResolver { ::ndk::ScopedAStatus destroyNetworkCache(int32_t netId) override; ::ndk::ScopedAStatus createNetworkCache(int32_t netId) override; ::ndk::ScopedAStatus flushNetworkCache(int32_t netId) override; ::ndk::ScopedAStatus setResolverOptions( int32_t netId, const aidl::android::net::ResolverOptionsParcel& options) override; // DNS64-related commands ::ndk::ScopedAStatus startPrefix64Discovery(int32_t netId) override; Loading PrivateDnsConfiguration.cpp +4 −0 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ #include <android-base/format.h> #include <android-base/logging.h> #include <android-base/stringprintf.h> #include <android/binder_ibinder.h> #include <netdutils/Slice.h> #include <netdutils/ThreadUtil.h> #include <sys/socket.h> Loading Loading @@ -444,6 +445,9 @@ int PrivateDnsConfiguration::setDoh(int32_t netId, uint32_t mark, const auto& doh = entry.getDohIdentity(sortedServers, name); if (!doh.ok()) continue; // The internal tests are supposed to have root permission. if (entry.forTesting && AIBinder_getCallingUid() != AID_ROOT) continue; auto it = mDohTracker.find(netId); // Skip if the same server already exists and its status == success. if (it != mDohTracker.end() && it->second == doh.value() && Loading PrivateDnsConfiguration.h +13 −3 Original line number Diff line number Diff line Loading @@ -200,6 +200,7 @@ class PrivateDnsConfiguration { std::set<std::string> ips; std::string host; std::string httpsTemplate; bool forTesting; base::Result<DohIdentity> getDohIdentity(const std::vector<std::string>& ips, const std::string& host) const { if (!host.empty() && this->host != host) return Errorf("host {} not matched", host); Loading @@ -215,15 +216,24 @@ class PrivateDnsConfiguration { // TODO: Move below DoH relevant stuff into Rust implementation. std::map<unsigned, DohIdentity> mDohTracker GUARDED_BY(mPrivateDnsLock); std::array<DohProviderEntry, 2> mAvailableDoHProviders = {{ std::array<DohProviderEntry, 3> mAvailableDoHProviders = {{ {"Google", {"2001:4860:4860::8888", "2001:4860:4860::8844", "8.8.8.8", "8.8.4.4"}, "dns.google", "https://dns.google/dns-query"}, "https://dns.google/dns-query", false}, {"Cloudflare", {"2606:4700::6810:f8f9", "2606:4700::6810:f9f9", "104.16.248.249", "104.16.249.249"}, "cloudflare-dns.com", "https://cloudflare-dns.com/dns-query"}, "https://cloudflare-dns.com/dns-query", false}, // The DoH provider for testing. {"ResolverTestProvider", {"127.0.0.3", "::1"}, "example.com", "https://example.com/dns-query", true}, }}; struct RecordEntry { Loading Loading
Android.bp +6 −5 Original line number Diff line number Diff line Loading @@ -53,12 +53,12 @@ cc_library_headers { ], } dnsresolver_aidl_interface_lateststable_version = "V8" dnsresolver_aidl_interface_lateststable_version = "V9" cc_library_static { name: "dnsresolver_aidl_interface-lateststable-ndk_platform", name: "dnsresolver_aidl_interface-lateststable-ndk", whole_static_libs: [ "dnsresolver_aidl_interface-" + dnsresolver_aidl_interface_lateststable_version + "-ndk_platform", "dnsresolver_aidl_interface-" + dnsresolver_aidl_interface_lateststable_version + "-ndk", ], apex_available: [ "com.android.resolv", Loading Loading @@ -106,6 +106,7 @@ aidl_interface { "6", "7", "8", "9", ], dumpapi: { no_license: true, Loading Loading @@ -191,7 +192,7 @@ cc_library { // Link most things statically to minimize our dependence on system ABIs. stl: "libc++_static", static_libs: [ "dnsresolver_aidl_interface-lateststable-ndk_platform", "dnsresolver_aidl_interface-lateststable-ndk", "libbase", "libcutils", "libnetdutils", Loading @@ -200,7 +201,7 @@ cc_library { "libstatslog_resolv", "libstatspush_compat", "libsysutils", "netd_event_listener_interface-lateststable-ndk_platform", "netd_event_listener_interface-lateststable-ndk", "server_configurable_flags", "stats_proto", ], Loading
DnsResolverService.cpp +9 −0 Original line number Diff line number Diff line Loading @@ -36,6 +36,7 @@ #include "ResolverEventReporter.h" #include "resolv_cache.h" using aidl::android::net::ResolverOptionsParcel; using aidl::android::net::ResolverParamsParcel; using android::base::Join; using android::base::StringPrintf; Loading Loading @@ -307,5 +308,13 @@ binder_status_t DnsResolverService::dump(int fd, const char** args, uint32_t num return statusFromErrcode(res); } ::ndk::ScopedAStatus DnsResolverService::setResolverOptions(int32_t netId, const ResolverOptionsParcel& options) { // Locking happens in res_cache.cpp functions. ENFORCE_NETWORK_STACK_PERMISSIONS(); return statusFromErrcode(resolv_set_options(netId, options)); } } // namespace net } // namespace android
DnsResolverService.h +2 −0 Original line number Diff line number Diff line Loading @@ -55,6 +55,8 @@ class DnsResolverService : public aidl::android::net::BnDnsResolver { ::ndk::ScopedAStatus destroyNetworkCache(int32_t netId) override; ::ndk::ScopedAStatus createNetworkCache(int32_t netId) override; ::ndk::ScopedAStatus flushNetworkCache(int32_t netId) override; ::ndk::ScopedAStatus setResolverOptions( int32_t netId, const aidl::android::net::ResolverOptionsParcel& options) override; // DNS64-related commands ::ndk::ScopedAStatus startPrefix64Discovery(int32_t netId) override; Loading
PrivateDnsConfiguration.cpp +4 −0 Original line number Diff line number Diff line Loading @@ -23,6 +23,7 @@ #include <android-base/format.h> #include <android-base/logging.h> #include <android-base/stringprintf.h> #include <android/binder_ibinder.h> #include <netdutils/Slice.h> #include <netdutils/ThreadUtil.h> #include <sys/socket.h> Loading Loading @@ -444,6 +445,9 @@ int PrivateDnsConfiguration::setDoh(int32_t netId, uint32_t mark, const auto& doh = entry.getDohIdentity(sortedServers, name); if (!doh.ok()) continue; // The internal tests are supposed to have root permission. if (entry.forTesting && AIBinder_getCallingUid() != AID_ROOT) continue; auto it = mDohTracker.find(netId); // Skip if the same server already exists and its status == success. if (it != mDohTracker.end() && it->second == doh.value() && Loading
PrivateDnsConfiguration.h +13 −3 Original line number Diff line number Diff line Loading @@ -200,6 +200,7 @@ class PrivateDnsConfiguration { std::set<std::string> ips; std::string host; std::string httpsTemplate; bool forTesting; base::Result<DohIdentity> getDohIdentity(const std::vector<std::string>& ips, const std::string& host) const { if (!host.empty() && this->host != host) return Errorf("host {} not matched", host); Loading @@ -215,15 +216,24 @@ class PrivateDnsConfiguration { // TODO: Move below DoH relevant stuff into Rust implementation. std::map<unsigned, DohIdentity> mDohTracker GUARDED_BY(mPrivateDnsLock); std::array<DohProviderEntry, 2> mAvailableDoHProviders = {{ std::array<DohProviderEntry, 3> mAvailableDoHProviders = {{ {"Google", {"2001:4860:4860::8888", "2001:4860:4860::8844", "8.8.8.8", "8.8.4.4"}, "dns.google", "https://dns.google/dns-query"}, "https://dns.google/dns-query", false}, {"Cloudflare", {"2606:4700::6810:f8f9", "2606:4700::6810:f9f9", "104.16.248.249", "104.16.249.249"}, "cloudflare-dns.com", "https://cloudflare-dns.com/dns-query"}, "https://cloudflare-dns.com/dns-query", false}, // The DoH provider for testing. {"ResolverTestProvider", {"127.0.0.3", "::1"}, "example.com", "https://example.com/dns-query", true}, }}; struct RecordEntry { Loading
