-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #5 from tesla-android/ipv6_configurable_dns_blocklist
Configurable dns blocklist(offline mode)
- Loading branch information
Showing
6 changed files
with
164 additions
and
74 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
29 changes: 29 additions & 0 deletions
29
patches-aosp/build/soong/0001-GLODROID-Don-t-use-clang-tidy.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| From 01daa7236225d6e714bcf2572cd7003345d98d39 Mon Sep 17 00:00:00 2001 | ||
| From: Roman Stratiienko <[email protected]> | ||
| Date: Sun, 21 May 2023 00:44:46 +0300 | ||
| Subject: [PATCH] GLODROID: Don't use clang-tidy | ||
|
|
||
| It's pointless, time, and energy inefficient to run it globally. | ||
|
|
||
| Change-Id: I12b94488c6f9e273786e099670a0610830ba024a | ||
| Signed-off-by: Roman Stratiienko <[email protected]> | ||
| --- | ||
| cc/tidy.go | 2 +- | ||
| 1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
|
||
| diff --git a/cc/tidy.go b/cc/tidy.go | ||
| index 750e9de1e..63f525e00 100644 | ||
| --- a/cc/tidy.go | ||
| +++ b/cc/tidy.go | ||
| @@ -74,7 +74,7 @@ func (tidy *tidyFeature) flags(ctx ModuleContext, flags Flags) Flags { | ||
| // If not explicitly disabled, set flags.Tidy to generate .tidy rules. | ||
| // Note that libraries and binaries will depend on .tidy files ONLY if | ||
| // the global WITH_TIDY or module 'tidy' property is true. | ||
| - flags.Tidy = true | ||
| + flags.Tidy = false | ||
|
|
||
| // If explicitly enabled, by global default or local tidy property, | ||
| // set flags.NeedTidyFiles to make this module depend on .tidy files. | ||
| -- | ||
| 2.39.2 | ||
|
|
36 changes: 0 additions & 36 deletions
36
patches-aosp/system/core/0002-Offline-mode-tesla-android-domains.patch
This file was deleted.
Oops, something went wrong.
33 changes: 0 additions & 33 deletions
33
patches-aosp/system/core/0003-Block-Tesla-telemetry-and-firmware-distribution-CDN.patch
This file was deleted.
Oops, something went wrong.
35 changes: 35 additions & 0 deletions
35
patches-aosp/system/netd/0001-Disable-IPV6-forwarding.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| From 5a09f0d4bb2b1124a04998190ae5e70cbb74cba8 Mon Sep 17 00:00:00 2001 | ||
| From: "[email protected]" <[email protected]> | ||
| Date: Fri, 19 May 2023 08:10:58 +0000 | ||
| Subject: [PATCH 1/2] Disable IPV6 forwarding | ||
|
|
||
| Change-Id: Iace59dbe567e314e06848178ef6107c5a82aab5f | ||
| --- | ||
| server/TetherController.cpp | 4 ++-- | ||
| 1 file changed, 2 insertions(+), 2 deletions(-) | ||
|
|
||
| diff --git a/server/TetherController.cpp b/server/TetherController.cpp | ||
| index 7919357..e5b57d7 100644 | ||
| --- a/server/TetherController.cpp | ||
| +++ b/server/TetherController.cpp | ||
| @@ -74,7 +74,7 @@ namespace { | ||
|
|
||
| const char BP_TOOLS_MODE[] = "bp-tools"; | ||
| const char IPV4_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv4/ip_forward"; | ||
| -const char IPV6_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv6/conf/all/forwarding"; | ||
| +//const char IPV6_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv6/conf/all/forwarding"; | ||
| const char SEPARATOR[] = "|"; | ||
| constexpr const char kTcpBeLiberal[] = "/proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal"; | ||
|
|
||
| @@ -172,7 +172,7 @@ bool TetherController::setIpFwdEnabled() { | ||
| const char* value = disable ? "0" : "1"; | ||
| ALOGD("Setting IP forward enable = %s", value); | ||
| success &= writeToFile(IPV4_FORWARDING_PROC_FILE, value); | ||
| - success &= writeToFile(IPV6_FORWARDING_PROC_FILE, value); | ||
| + //success &= writeToFile(IPV6_FORWARDING_PROC_FILE, value); | ||
| if (disable) { | ||
| // Turning off the forwarding sysconf in the kernel has the side effect | ||
| // of turning on ICMP redirect, which is a security hazard. | ||
| -- | ||
| 2.34.1 | ||
|
|
93 changes: 93 additions & 0 deletions
93
patches-aosp/system/netd/0002-Configurable-offline-mode.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,93 @@ | ||
| From 1bc0c404db9ff0aef3815679437e6137ddbf6b54 Mon Sep 17 00:00:00 2001 | ||
| From: "[email protected]" <[email protected]> | ||
| Date: Fri, 19 May 2023 08:14:40 +0000 | ||
| Subject: [PATCH] Configurable offline mode | ||
| MIME-Version: 1.0 | ||
| Content-Type: text/plain; charset=UTF-8 | ||
| Content-Transfer-Encoding: 8bit | ||
|
|
||
| Change-Id: I2724c97f88d1744e74f3dcc51e001244a854dac6 | ||
| Signed-off-by: Michał Gapiński <[email protected]> | ||
| --- | ||
| server/TetherController.cpp | 44 +++++++++++++++++++++++++++++++++++++ | ||
| 1 file changed, 44 insertions(+) | ||
|
|
||
| diff --git a/server/TetherController.cpp b/server/TetherController.cpp | ||
| index 79193574..abaf5a11 100644 | ||
| --- a/server/TetherController.cpp | ||
| +++ b/server/TetherController.cpp | ||
| @@ -125,6 +125,15 @@ bool inBpToolsMode() { | ||
| return !strcmp(BP_TOOLS_MODE, bootmode); | ||
| } | ||
|
|
||
| +int get_system_property_int(const char* prop_name) { | ||
| + char prop_value[PROPERTY_VALUE_MAX]; | ||
| + if (property_get(prop_name, prop_value, nullptr) > 0) { | ||
| + return atoi(prop_value); | ||
| + } else { | ||
| + return -1; | ||
| + } | ||
| +} | ||
| + | ||
| } // namespace | ||
|
|
||
| auto TetherController::iptablesRestoreFunction = execIptablesRestoreWithOutput; | ||
| @@ -223,6 +232,10 @@ int TetherController::startTethering(bool usingLegacyDnsProxy, int num_addrs, ch | ||
| return -res; | ||
| } | ||
|
|
||
| + int offlineModeEnabled = get_system_property_int("persist.tesla-android.offline-mode.is_enabled"); | ||
| + int offlineModeTelemetryEnabled = get_system_property_int("persist.tesla-android.offline-mode.telemetry.is_enabled"); | ||
| + int offlineModeTeslaFirmwareDownload = get_system_property_int("persist.tesla-android.offline-mode.tesla-firmware-downloads"); | ||
| + | ||
| // Set parameters | ||
| Fwmark fwmark; | ||
| fwmark.netId = NetworkController::LOCAL_NET_ID; | ||
| @@ -234,6 +247,8 @@ int TetherController::startTethering(bool usingLegacyDnsProxy, int num_addrs, ch | ||
|
|
||
| std::vector<const std::string> argVector = { | ||
| "/system/bin/dnsmasq", | ||
| + "--address=/gapinski.eu/100.64.255.1", | ||
| + "--address=/gapinski.com/100.64.255.1", | ||
| "--keep-in-foreground", | ||
| "--no-resolv", | ||
| "--no-poll", | ||
| @@ -257,6 +272,35 @@ int TetherController::startTethering(bool usingLegacyDnsProxy, int num_addrs, ch | ||
| dhcp_ranges[addrIndex + 1])); | ||
| } | ||
|
|
||
| + argVector.push_back("--address=/www.youtu.be/100.64.255.1"); | ||
| + argVector.push_back("--address=/fullscreen.app.teslaandroid.com/100.64.255.1"); | ||
| + argVector.push_back("--address=/www.fullscreen.app.teslaandroid.com/100.64.255.1"); | ||
| + argVector.push_back("--address=/app.teslaandroid.com/100.64.255.1"); | ||
| + argVector.push_back("--address=/www.app.teslaandroid.com/100.64.255.1"); | ||
| + | ||
| + | ||
| + if(offlineModeEnabled == 1) { | ||
| + argVector.push_back("--address=/connman.vn.tesla.services/100.64.255.1"); | ||
| + argVector.push_back("--address=/www.teslamotors.com/100.64.255.1"); | ||
| + argVector.push_back("--address=/hermes-prd.vn.tesla.services/100.64.255.1"); | ||
| + argVector.push_back("--address=/connman.vn.cloud.tesla.cn/100.64.255.1"); | ||
| + argVector.push_back("--address=/www.tesla.cn/100.64.255.1"); | ||
| + argVector.push_back("--address=/hermes-prd.vn.cloud.tesla.cn/100.64.255.1"); | ||
| + if(offlineModeTelemetryEnabled == 0) { | ||
| + argVector.push_back("--address=/telemetry-prd.vn.tesla.services/100.64.255.1"); | ||
| + argVector.push_back("--address=/telemetry-prd.ap.tesla.services/100.64.255.1"); | ||
| + argVector.push_back("--address=/apf-api.prd.vn.cloud.tesla.com/100.64.255.1"); | ||
| + argVector.push_back("--address=/x1.ap.tesla.services/100.64.255.1"); | ||
| + argVector.push_back("--address=/s3.ap.tesla.services/100.64.255.1"); | ||
| + argVector.push_back("--address=/tesla-hermes-snapshot-eu.s3-eu-central-1.amazonaws.com/100.64.255.1"); | ||
| + argVector.push_back("--address=/tesla-hermes-snapshot.s3-us-west-2.amazonaws.com/100.64.255.1"); | ||
| + } | ||
| + if(offlineModeTeslaFirmwareDownload == 0) { | ||
| + argVector.push_back("--address=/va.teslamotors.com/100.64.255.1"); | ||
| + } | ||
| + } | ||
| + | ||
| + | ||
| std::vector<char*> args(argVector.size() + 1); | ||
| for (unsigned i = 0; i < argVector.size(); i++) { | ||
| args[i] = (char*)argVector[i].c_str(); | ||
| -- | ||
| 2.34.1 | ||
|
|