介绍

客户想要通过APK来控制IPV6的启用和禁用，这里我们通过广播的方式来让客户控制IPV6。

效果展示

adb shell

ifconfig

这里我们用debug软件，将下面节点置为1 如图ipv6已被禁用了 

echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6

修改

接下来我们通过代码控制，动态注册广播

custom.action.intent.ipv6.on   //禁用ipv6

custom.action.intent.ipv6.off   //启用ipv6

路径：frameworks/base/services/core/java/com/android/server/policy/PhoneWindowManager.java

//*/soda water.20232328.ipv6 switch
import java.io.BufferedWriter;
import java.io.FileWriter;
//*///我们在 init 中动态注册广播public void init(Context context, IWindowManager windowManager,WindowManagerFuncs windowManagerFuncs) {//*/soda water.20232327.ipv6 switchfilter = new IntentFilter();filter.addAction("custom.action.intent.ipv6.on");filter.addAction("custom.action.intent.ipv6.off");context.registerReceiver(Ipv6Receiver, filter);//*/}//此处我们监听广播 这里定义广播//*/soda water.20232327.ipv6 switchBroadcastReceiver Ipv6Receiver = new BroadcastReceiver() {@Overridepublic void onReceive(Context context, Intent intent) {if ("custom.action.intent.ipv6.on".equals(intent.getAction())) {setIpv6(true);Log.d("soda water","on");}else if ("custom.action.intent.ipv6.off".equals(intent.getAction())){setIpv6(false);Log.d("soda water","off");}}};private static void setIpv6(Boolean commod) {BufferedWriter bufWriter;try {bufWriter = new BufferedWriter(new FileWriter("/proc/sys/net/ipv6/conf/all/disable_ipv6"));Log.d("soda water","one");bufWriter.write(commod?"1":"0");Log.d("soda water","two");bufWriter.close();} catch (IOException e) {e.printStackTrace();}}//*/

接下来我们尝试用apk发送广播

public class MainActivity extends AppCompatActivity {private ToggleButton tg_button;@Overrideprotected void onCreate(Bundle savedInstanceState) {super.onCreate(savedInstanceState);setContentView(R.layout.activity_main);tg_button = findViewById(R.id.bt_switch);tg_button.setOnCheckedChangeListener(new CompoundButton.OnCheckedChangeListener() {@Overridepublic void onCheckedChanged(CompoundButton compoundButton, boolean b) {Intent intent = new Intent();if (b) {intent.setAction("custom.action.intent.ipv6.on");sendBroadcast(intent);} else {intent.setAction("custom.action.intent.ipv6.off");sendBroadcast(intent);}}});}
}

验证发现缺少avc写入的权限

adb shell

logcat | grep avc

12-26 19:52:25.616  1310  1310 W system_server: type=1400 audit(0.0:193): avc: denied { write } for name="disable_ipv6" dev="proc" ino=27000 scontext=
u:r:system_server:s0 tcontext=u:object_r:proc_net:s0 tclass=file permissive=0

上面显示 proc_net 在 system_server 中没有 write 权限

在如下路径补上如下代码 此时在此发送广播发现可以动态控制ipv6的启用和禁用了

路径：system/sepolicy/private/system_server.te

allow system_server proc_net:file {open write getattr};