1 <!-- 2 Copyright 2012 The Android Open Source Project 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 --> 16 17 # Overview # 18 19 The per-application/delegated data usage monitoring and tracking 20 functionality relies on the xt_qtaguid module in the android-3.0 Linux 21 kernel (`kernel/net/netfilter/xt_qtaguid`). The socket tagging 22 functionality in the framework (`system/core/libcutils/qtaguid.c`) 23 relies mainly on the existence of `/proc/net/xt_qtaguid/ctrl` 24 interface exported by the `xt_qtaguid` kernel module. 25 26 The `quota2` netfilter module (originally part of `xtables-addons`) 27 allows the functionality to set named quota limits and was extended to 28 support notifying userspace when certain limits are reached. Once the 29 quota limit is reached, the `quota2` module discards all subsequent 30 network traffic. The framework can also specify additional rules to 31 restrict background data traffic for an application (refer to 32 `com.android.server.NetworkManagementSocketTagger.setKernelCounterSet` 33 and 34 `android.net.NetworkPolicyManager.POLICY_REJECT_METERED_BACKGROUND`). 35 36 # How does it work? # 37 38 The `qtaguid` netfilter module tracks the network traffic on a 39 per-socket basis for every application using the unique UID of the 40 owning application. There are two tag components associated with any 41 socket in the system. The first is the UID which uniquely identifies 42 the application which is responsible for the data transfer (Linux 43 allows the ability to ascribe the ownership of each network socket to 44 the UID of the calling application). The second tag component is used 45 to support additional characterization of the traffic into application 46 developer specified categories. Using these application level tags, an 47 application can profile the traffic into several sub-categories. 48 49 In the case of applications that provide network data transfer as a 50 service, such as the download manager, media streaming service, etc, 51 it is possible to attribute the ownership of the network data transfer 52 to the UID of the requesting application using the 53 `TrafficStats.setThreadStatsUid()` function call. The caller must hold 54 the `android.permission.MODIFY_NETWORK_ACCOUNTING` permission to 55 re-assign the ownership of the network traffic. 56
