8 files changed, 0 insertions, 78 deletions

diff --git a/core/java/android/net/IConnectivityManager.aidl b/core/java/android/net/IConnectivityManager.aidl
index b9c6491..f61984a 100644
--- a/core/java/android/net/IConnectivityManager.aidl
+++ b/core/java/android/net/IConnectivityManager.aidl
@@ -42,9 +42,6 @@ import com.android.internal.net.VpnProfile;
 /** {@hide} */
 interface IConnectivityManager
 {
-    // Keep this in sync with framework/native/services/connectivitymanager/ConnectivityManager.h
-    void markSocketAsUser(in ParcelFileDescriptor socket, int uid);
-
     NetworkInfo getActiveNetworkInfo();
     NetworkInfo getActiveNetworkInfoForUid(int uid);
     NetworkInfo getNetworkInfo(int networkType);
diff --git a/core/java/android/net/NetworkUtils.java b/core/java/android/net/NetworkUtils.java
index af860b0..9b95305 100644
--- a/core/java/android/net/NetworkUtils.java
+++ b/core/java/android/net/NetworkUtils.java
@@ -106,11 +106,6 @@ public class NetworkUtils {
     public native static String getDhcpError();
 
     /**
-     * Set the SO_MARK of {@code socketfd} to {@code mark}
-     */
-    public native static void markSocket(int socketfd, int mark);
-
-    /**
      * Binds the current process to the network designated by {@code netId}.  All sockets created
      * in the future (and not explicitly bound via a bound {@link SocketFactory} (see
      * {@link Network#getSocketFactory}) will be bound to this network.  Note that if this
diff --git a/core/java/android/os/INetworkManagementService.aidl b/core/java/android/os/INetworkManagementService.aidl
index 077d94c..207dc4a 100644
--- a/core/java/android/os/INetworkManagementService.aidl
+++ b/core/java/android/os/INetworkManagementService.aidl
@@ -336,11 +336,6 @@ interface INetworkManagementService
     void removeVpnUidRanges(int netId, in UidRange[] ranges);
 
     /**
-     * Get the SO_MARK associated with routing packets for user {@code uid}
-     */
-    int getMarkForUid(int uid);
-
-    /**
      * Exempts {@code host} from the routing set up by {@link setMarkedForwardingRoute}
      * All connects to {@code host} will use the global routing table
      */
diff --git a/core/jni/android_net_NetUtils.cpp b/core/jni/android_net_NetUtils.cpp
index 2325bc7..760ed45 100644
--- a/core/jni/android_net_NetUtils.cpp
+++ b/core/jni/android_net_NetUtils.cpp
@@ -246,13 +246,6 @@ static jstring android_net_utils_getDhcpError(JNIEnv* env, jobject clazz)
     return env->NewStringUTF(::dhcp_get_errmsg());
 }
 
-static void android_net_utils_markSocket(JNIEnv *env, jobject thiz, jint socket, jint mark)
-{
-    if (setsockopt(socket, SOL_SOCKET, SO_MARK, &mark, sizeof(mark)) < 0) {
-        jniThrowException(env, "java/lang/IllegalStateException", "Error marking socket");
-    }
-}
-
 static jboolean android_net_utils_bindProcessToNetwork(JNIEnv *env, jobject thiz, jint netId)
 {
     return (jboolean) !setNetworkForProcess(netId);
@@ -296,7 +289,6 @@ static JNINativeMethod gNetworkUtilMethods[] = {
     { "stopDhcp", "(Ljava/lang/String;)Z",  (void *)android_net_utils_stopDhcp },
     { "releaseDhcpLease", "(Ljava/lang/String;)Z",  (void *)android_net_utils_releaseDhcpLease },
     { "getDhcpError", "()Ljava/lang/String;", (void*) android_net_utils_getDhcpError },
-    { "markSocket", "(II)V", (void*) android_net_utils_markSocket },
     { "bindProcessToNetwork", "(I)Z", (void*) android_net_utils_bindProcessToNetwork },
     { "getNetworkBoundToProcess", "()I", (void*) android_net_utils_getNetworkBoundToProcess },
     { "bindProcessToNetworkForHostResolution", "(I)Z", (void*) android_net_utils_bindProcessToNetworkForHostResolution },
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index c34a971..4725cfb 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2602,16 +2602,6 @@
         android:description="@string/permdesc_modifyNetworkAccounting"
         android:protectionLevel="signature|system" />
 
-    <!-- @SystemApi Allows an application to mark traffic as from another user for per user routing.
-         Used by system wide services like media server that execute delegated network connections
-         for users.
-         @hide
-    -->
-    <permission android:name="android.permission.MARK_NETWORK_SOCKET"
-        android:label="@string/permlab_markNetworkSocket"
-        android:description="@string/permdesc_markNetworkSocket"
-        android:protectionLevel="signature|system" />
-
     <!-- C2DM permission.
          @hide Used internally.
      -->
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 7c60c6e..db597fd 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -2109,11 +2109,6 @@
     <string name="permdesc_modifyNetworkAccounting">Allows the app to modify how network usage is accounted against apps. Not for use by normal apps.</string>
 
     <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
-    <string name="permlab_markNetworkSocket">modify socket marks</string>
-    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
-    <string name="permdesc_markNetworkSocket">Allows the app to modify socket marks for routing</string>
-
-    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
     <string name="permlab_accessNotifications">access notifications</string>
     <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
     <string name="permdesc_accessNotifications">Allows the app to retrieve, examine, and clear notifications, including those posted by other apps.</string>
diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index b52aecf..6554ed3 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java
@@ -2122,16 +2122,6 @@ public class ConnectivityService extends IConnectivityManager.Stub {
                 "ConnectivityService");
     }
 
-    private void enforceMarkNetworkSocketPermission() {
-        //Media server special case
-        if (Binder.getCallingUid() == Process.MEDIA_UID) {
-            return;
-        }
-        mContext.enforceCallingOrSelfPermission(
-                android.Manifest.permission.MARK_NETWORK_SOCKET,
-                "ConnectivityService");
-    }
-
     /**
      * Handle a {@code DISCONNECTED} event. If this pertains to the non-active
      * network, we ignore it. If it is for the active network, we send out a
@@ -4084,23 +4074,6 @@ public class ConnectivityService extends IConnectivityManager.Stub {
         }
     }
 
-    @Override
-    public void markSocketAsUser(ParcelFileDescriptor socket, int uid) {
-        enforceMarkNetworkSocketPermission();
-        final long token = Binder.clearCallingIdentity();
-        try {
-            int mark = mNetd.getMarkForUid(uid);
-            // Clear the mark on the socket if no mark is needed to prevent socket reuse issues
-            if (mark == -1) {
-                mark = 0;
-            }
-            NetworkUtils.markSocket(socket.getFd(), mark);
-        } catch (RemoteException e) {
-        } finally {
-            Binder.restoreCallingIdentity(token);
-        }
-    }
-
     /**
      * Configure a TUN interface and return its file descriptor. Parameters
      * are encoded and opaque to this class. This method is used by VpnBuilder
diff --git a/services/core/java/com/android/server/NetworkManagementService.java b/services/core/java/com/android/server/NetworkManagementService.java
index c0862c0..2434f71 100644
--- a/services/core/java/com/android/server/NetworkManagementService.java
+++ b/services/core/java/com/android/server/NetworkManagementService.java
@@ -26,7 +26,6 @@ import static android.net.NetworkStats.TAG_NONE;
 import static android.net.NetworkStats.UID_ALL;
 import static android.net.TrafficStats.UID_TETHERING;
 import static com.android.server.NetworkManagementService.NetdResponseCode.ClatdStatusResult;
-import static com.android.server.NetworkManagementService.NetdResponseCode.GetMarkResult;
 import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceGetCfgResult;
 import static com.android.server.NetworkManagementService.NetdResponseCode.InterfaceListResult;
 import static com.android.server.NetworkManagementService.NetdResponseCode.IpFwdStatusResult;
@@ -144,7 +143,6 @@ public class NetworkManagementService extends INetworkManagementService.Stub
         public static final int TetheringStatsResult      = 221;
         public static final int DnsProxyQueryResult       = 222;
         public static final int ClatdStatusResult         = 223;
-        public static final int GetMarkResult             = 225;
 
         public static final int InterfaceChange           = 600;
         public static final int BandwidthControl          = 601;
@@ -1750,19 +1748,6 @@ public class NetworkManagementService extends INetworkManagementService.Stub
     }
 
     @Override
-    public int getMarkForUid(int uid) {
-        mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
-        final NativeDaemonEvent event;
-        try {
-            event = mConnector.execute("interface", "fwmark", "get", "mark", uid);
-        } catch (NativeDaemonConnectorException e) {
-            throw e.rethrowAsParcelableException();
-        }
-        event.checkCode(GetMarkResult);
-        return Integer.parseInt(event.getMessage());
-    }
-
-    @Override
     public void setHostExemption(LinkAddress host) {
         mContext.enforceCallingOrSelfPermission(CONNECTIVITY_INTERNAL, TAG);
         try {