Currently DNS lookups are all sent as UID 0. In N we added an
AID_DNS user, but we never used it. A separate UID allows us to
account for and route DNS traffic differently from other UID 0
traffic such as kernel-originated traffic.
Bug: 70673901
Test: DNS lookups continue to work
Test: netd_{unit,integration}_test pass
Change-Id: Ife3ca7df45de51b92437d2cfe627fb4703b672fb
Behavior is compliant with
https://tools.ietf.org/html/draft-ietf-dprive-padding-policy-04
EDNS0 is only enabled when the netcontext requests it, i.e. in DNS-over-TLS
mode.
Bug: 69623036
Bug: 64133961
Test: Wireshark verified. Integration tests echo padding and pass.
Change-Id: I5ef600e02a572d281441e890cc981614f150629b
This effectively enables these features only in TLS mode
Test: Integration tests pass
Bug:69623036
Change-Id: I153a259b0c07717f664ee268b43da867a9b42152
This change does not enable EDNS0, so it should not
result in any behavior change. However, enabling EDNS0
should now be possible with only a small additional change
to "flip the switch".
This change has also landed in NetBSD upstream
(http://gnats.netbsd.org/52578) so this change reduces
divergence from upstream.
Most of the code in this change is for caching of queries that contain
an additional section.
Bug: 15132200
Test: Added integration tests for fallback to the netd suite.
Change-Id: Ic64bed0754e1d529dc0c0ab6a5e2f1ea201ff0d5
This change
- adds a query hook to android_net_context
- exposes relevant definitions to netd
- corrects a bug in query hooks' interaction with the cache
This change does not introduce any code to read the query hook
from the net context or make use of it.
Bug: 34953048
Test: Netd test suite passes
Change-Id: Ie091980e22ce9da07a3c4d387b371e544379d762
This library is used by a number of different libraries in the system.
Make it easy for platform libraries to use this library and create
an actual exported include file.
Change the names of the functions to reflect the new name of the library.
Run clang_format on the async_safe_log.cpp file since the formatting is
all over the place.
Bug: 31919199
Test: Compiled for angler/bullhead, and booted.
Test: Ran bionic unit tests.
Test: Ran the malloc debug tests.
Change-Id: I8071bf690c17b0ea3bc8dc5749cdd5b6ad58478a
For security reasons, when a binary is executed which causes a security
transition (eg, a setuid binary, setgid binary, filesystem capabilities,
or SELinux domain transition), the AT_SECURE flag is set. This causes
certain blacklisted environment variables to be stripped before the
process is executed. The list of blacklisted environment variables is
stored in UNSAFE_VARIABLE_NAMES. Generally speaking, most environment
variables used internally by libc show up in this list.
Add ANDROID_DNS_MODE to the list of unsafe variables.
Similar to RESOLV_HOST_CONF and RES_OPTIONS (which are already
blacklisted), this variable controls how name resolution requests are
handled. Allowing ANDROID_DNS_MODE to be set across a security
boundary could induce resolution failures or otherwise impact
name resolution.
Remove BIONIC_DNSCACHE. This does not appear to be used, and setting
this variable across a security boundary could cause name resolution
problems.
Test: Android compiles and runs with no obvious problems.
Change-Id: I835a7b42d6afbc9c67866594c7951cfd9b355d81
Regenerating the NOTICE file the other day left me scratching my head at
various "how do they differ?" cases, resolved by this patch.
Test: N/A
Change-Id: I4230bfa1d7ec842a4b9fb8c73dd3b39443d74054
We need to make a clearer distinction for bionic on the host. This patch
doesn't fully address things like "should host bionic try to talk to netd?"
for now, but is a step in the right direction.
Bug: http://b/31559095
Test: bionic tests.
Change-Id: I49812f8b75d9d78c4fd8a8ddf5df1201d63771d6
_resolv_set_nameservers_for_net() so far did not update the search
paths, unless the servers changed as well.
BUG: 28437641
Change-Id: Id31f2d97c173e00357fb2ba95908afb4572c0fc1
Fix the resolver information returned by
android_net_res_stats_get_info_for_net,
erroneously included MAXDNSRCH empty results if no search path was set.
BUG: 25731675
Change-Id: I97ef5d2d47dc62ca403a3323c7f14902e47b29b6
android_net_res_stats_get_info_for_net returns the current name servers, search
domains, parameters and stats for the given network ID.
android_net_res_stats_aggregate provides statistics such as errors counts from
the raw stats data reported by android_net_res_stats_get_info_for_net.
android_net_res_stats_get_usable_servers uses the data returned by
android_net_res_stats_aggregate to determine which of the servers are
considered valid or broken by the resolver.
BUG: 25731675
Change-Id: I6059b68e5e8b809027a4d3135f6081588bee8a7d
Instead of keeping a sentinel after nameservers[], nsaddrinfo[] and
nstats[], store the server count in the structure, freeing up memory and
eliminating the need to enumerate the server count every time
_resolv_is_nameservers_equal_locked() is invoked.
Also increase MAXNS from 3 to 4.
BUG: 28153323
Change-Id: I11a7257af695157c9e32019cd00c67b535b63c75
Collect statistics about DNS query success state and delay. Ignore
servers that have been tried at least five times and have a success rate
of < 0.25. Retry these servers once every 180s.
Bug: 25731675
Change-Id: I78e24f43e388dca82fb81835e1796f4c7dce8da3
The DNS search string contains zeros as domain separator. The resolver
code erroneously used strlcpy(), which resulted in only the first domain
to be copied. The code uses pointers into this string to access the
individual domains. Since the structure is zero-initialized, this bug only
resulted in zero-length domains instead of accessing unitialized memory.
BUG: 27312811
Change-Id: Ia9d066c405dfcc5e82d6766d93ead2ce574e7b0d
Our FORTIFY _chk functions' implementations were very repetitive and verbose
but not very helpful. We'd also screwed up and put the SSIZE_MAX checks where
they would never fire unless you actually had a buffer as large as half your
address space, which probably doesn't happen very often.
Factor out the duplication and take the opportunity to actually show details
like how big the overrun buffer was, or by how much it was overrun.
Also remove the obsolete FORTIFY event logging.
Also remove the unused __libc_fatal_no_abort.
This change doesn't improve the diagnostics from the optimized assembler
implementations.
Change-Id: I176a90701395404d50975b547a00bd2c654e1252
Interestingly, this mostly involves cleaning up our implementation of
various <string.h> functions.
Change-Id: Ifaef49b5cb997134f7bc0cc31bdac844bdb9e089
The code now compiles with all combinations of DEBUG and
DEBUG_DATA except DEBUG_DATA=1, DEBUG=0, which is unsupported.
Change-Id: I9035a65c649df73092f1fc0864ae1cdd9a14aa3b
(cherrypick of 79a49c9857f3949fc13373eeb179f27b6ecdca81.)
Change-Id: I7bb44fd1fe3ef2ddfc115247f328eccfceeb5352
Signed-off-by: Patrick Tjin <pattjin@google.com>
When no DNS servers are configured (and thus there is no chance
that the DNS query will suceed), res_nsend returns early, but
it does not tell the cache that the query has failed.
Therefore, if the caller retries the query, it will block for
PENDING_REQUEST_TIMEOUT (= 20 seconds) waiting for the "existing
query" (which isn't actually doing anything) to complete.
Bug: 18240188
Bug: 18327075
Change-Id: I0df13ff4a17ee65e640be96695a3af31b020963a
Fix and use __RENAME (and lose ___RENAME --- two underscores should be
enough for anybody). This was the point of this change, because I want
to use __RENAME to support the two basename variants and the two
strerror_r variants.
Lose a bunch of macros that weren't being used.
Lose three dead files from the DNS code.
Bug: 17784968
(cherry picked from commit 2cfb4e8e2e)
Change-Id: I5e96146f92c0521248c78c0933bec5e9a9818222
