diff options
| author | Erik Kline <ek@google.com> | 2018-02-16 15:08:09 +0900 |
|---|---|---|
| committer | Erik Kline <ek@google.com> | 2018-02-22 18:25:13 -0800 |
| commit | 5f0358b22f7730f708131ff7ba5abf755a8a5b1a (patch) | |
| tree | ef66cae8020d31f547d6fc23cadaf58c80a0d10e /server/TetherController.cpp | |
| parent | 5b09ac1dcea2f707e115eda5e43b8b066006f563 (diff) | |
Run dnsmasq as dns_tether rather than nobody
AID_DNS_TETHER from android_filesystem_config.h is found and made
"friendly" by fs_config_generator.py (strip off AID_ and lowercase).
Test: as follows
- built
- flashed
- booted
Bug: 29881876
Bug: 70673901
Change-Id: I3335a40dcd8c276421a9d663b7e66aef3a13b46b
Diffstat (limited to 'server/TetherController.cpp')
| -rw-r--r-- | server/TetherController.cpp | 52 |
1 files changed, 30 insertions, 22 deletions
diff --git a/server/TetherController.cpp b/server/TetherController.cpp index a60024ea..c1d73081 100644 --- a/server/TetherController.cpp +++ b/server/TetherController.cpp @@ -18,7 +18,6 @@ #include <fcntl.h> #include <inttypes.h> #include <netdb.h> -#include <stdlib.h> #include <string.h> #include <sys/socket.h> @@ -29,6 +28,11 @@ #include <netinet/in.h> #include <arpa/inet.h> +#include <array> +#include <cstdlib> +#include <string> +#include <vector> + #define LOG_TAG "TetherController" #include <android-base/strings.h> #include <android-base/stringprintf.h> @@ -58,6 +62,9 @@ const char IPV6_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv6/conf/all/forwarding const char SEPARATOR[] = "|"; constexpr const char kTcpBeLiberal[] = "/proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal"; +// Chosen to match AID_DNS_TETHER, as made "friendly" by fs_config_generator.py. +constexpr const char kDnsmasqUsername[] = "dns_tether"; + bool writeToFile(const char* filename, const char* value) { int fd = open(filename, O_WRONLY | O_CLOEXEC); if (fd < 0) { @@ -160,8 +167,6 @@ size_t TetherController::forwardingRequestCount() { return mForwardingRequests.size(); } -#define TETHER_START_CONST_ARG 10 - int TetherController::startTethering(int num_addrs, char **dhcp_ranges) { if (mDaemonPid != 0) { ALOGE("Tethering already started"); @@ -208,29 +213,32 @@ int TetherController::startTethering(int num_addrs, char **dhcp_ranges) { char markStr[UINT32_HEX_STRLEN]; snprintf(markStr, sizeof(markStr), "0x%x", fwmark.intValue); - int num_processed_args = TETHER_START_CONST_ARG + (num_addrs/2) + 1; - char **args = (char **)malloc(sizeof(char *) * num_processed_args); - args[num_processed_args - 1] = NULL; - args[0] = (char *)"/system/bin/dnsmasq"; - args[1] = (char *)"--keep-in-foreground"; - args[2] = (char *)"--no-resolv"; - args[3] = (char *)"--no-poll"; - args[4] = (char *)"--dhcp-authoritative"; - // TODO: pipe through metered status from ConnService - args[5] = (char *)"--dhcp-option-force=43,ANDROID_METERED"; - args[6] = (char *)"--pid-file"; - args[7] = (char *)"--listen-mark"; - args[8] = (char *)markStr; - args[9] = (char *)""; - - int nextArg = TETHER_START_CONST_ARG; + std::vector<const std::string> argVector = { + "/system/bin/dnsmasq", + "--keep-in-foreground", + "--no-resolv", + "--no-poll", + "--dhcp-authoritative", + // TODO: pipe through metered status from ConnService + "--dhcp-option-force=43,ANDROID_METERED", + "--pid-file", + "--listen-mark", markStr, + "--user", kDnsmasqUsername, + }; + for (int addrIndex = 0; addrIndex < num_addrs; addrIndex += 2) { - asprintf(&(args[nextArg++]),"--dhcp-range=%s,%s,1h", - dhcp_ranges[addrIndex], dhcp_ranges[addrIndex+1]); + argVector.push_back( + StringPrintf("--dhcp-range=%s,%s,1h", + dhcp_ranges[addrIndex], dhcp_ranges[addrIndex+1])); + } + + auto args = (char**)std::calloc(argVector.size() + 1, sizeof(char*)); + for (unsigned i = 0; i < argVector.size(); i++) { + args[i] = (char*)argVector[i].c_str(); } if (execv(args[0], args)) { - ALOGE("execl failed (%s)", strerror(errno)); + ALOGE("execv failed (%s)", strerror(errno)); } ALOGE("Should never get here!"); _exit(-1); |