Blame - server/PhysicalNetwork.cpp - platform_system_netd

blob: 161fa2a78171b90cf8da3a86e5230cf3ed69f4c8 [file] [log] [blame]

Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	1	/*
				2	* Copyright (C) 2014 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
Luke Huang	94658ac	2018-10-18 19:35:12 +0900	[diff] [blame]	17	#define LOG_TAG "Netd"
				18
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	19	#include "PhysicalNetwork.h"
				20
				21	#include "RouteController.h"
Lorenzo Colitti	c6201c3	2016-09-14 02:25:05 +0900	[diff] [blame]	22	#include "SockDiag.h"
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	23
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	24	#include "log/log.h"
				25
Bernie Innocenti	762dcf4	2019-06-14 19:52:49 +0900	[diff] [blame]	26	namespace android::net {
Lorenzo Colitti	7035f22	2017-02-13 18:29:00 +0900	[diff] [blame]	27
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	28	namespace {
				29
Bernie Innocenti	762dcf4	2019-06-14 19:52:49 +0900	[diff] [blame]	30	[[nodiscard]] int addToDefault(unsigned netId, const std::string& interface, Permission permission,
				31	PhysicalNetwork::Delegate* delegate) {
Sreeram Ramachandran	5009d5e	2014-07-03 12:20:48 -0700	[diff] [blame]	32	if (int ret = RouteController::addInterfaceToDefaultNetwork(interface.c_str(), permission)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	33	ALOGE("failed to add interface %s to default netId %u", interface.c_str(), netId);
				34	return ret;
				35	}
Sreeram Ramachandran	48e19b0	2014-07-22 22:23:20 -0700	[diff] [blame]	36	if (int ret = delegate->addFallthrough(interface, permission)) {
				37	return ret;
				38	}
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	39	return 0;
				40	}
				41
Bernie Innocenti	762dcf4	2019-06-14 19:52:49 +0900	[diff] [blame]	42	[[nodiscard]] int removeFromDefault(unsigned netId, const std::string& interface,
				43	Permission permission, PhysicalNetwork::Delegate* delegate) {
Sreeram Ramachandran	5009d5e	2014-07-03 12:20:48 -0700	[diff] [blame]	44	if (int ret = RouteController::removeInterfaceFromDefaultNetwork(interface.c_str(),
				45	permission)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	46	ALOGE("failed to remove interface %s from default netId %u", interface.c_str(), netId);
				47	return ret;
				48	}
Sreeram Ramachandran	48e19b0	2014-07-22 22:23:20 -0700	[diff] [blame]	49	if (int ret = delegate->removeFallthrough(interface, permission)) {
				50	return ret;
				51	}
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	52	return 0;
				53	}
				54
				55	} // namespace
				56
Bernie Innocenti	762dcf4	2019-06-14 19:52:49 +0900	[diff] [blame]	57	PhysicalNetwork::Delegate::~Delegate() {}
Sreeram Ramachandran	48e19b0	2014-07-22 22:23:20 -0700	[diff] [blame]	58
Chalard Jean	0484514	2022-12-02 19:39:36 +0900	[diff] [blame]	59	PhysicalNetwork::PhysicalNetwork(unsigned netId, PhysicalNetwork::Delegate* delegate, bool local)
				60	: Network(netId),
				61	mDelegate(delegate),
				62	mPermission(PERMISSION_NONE),
				63	mIsDefault(false),
Chalard Jean	e479f31	2022-12-12 18:27:49 +0900	[diff] [blame]	64	mIsLocalNetwork(local) {}
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	65
Bernie Innocenti	762dcf4	2019-06-14 19:52:49 +0900	[diff] [blame]	66	PhysicalNetwork::~PhysicalNetwork() {}
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	67
				68	Permission PhysicalNetwork::getPermission() const {
				69	return mPermission;
				70	}
				71
Lorenzo Colitti	c6201c3	2016-09-14 02:25:05 +0900	[diff] [blame]	72	int PhysicalNetwork::destroySocketsLackingPermission(Permission permission) {
				73	if (permission == PERMISSION_NONE) return 0;
				74
				75	SockDiag sd;
				76	if (!sd.open()) {
				77	ALOGE("Error closing sockets for netId %d permission change", mNetId);
				78	return -EBADFD;
				79	}
				80	if (int ret = sd.destroySocketsLackingPermission(mNetId, permission,
				81	true /* excludeLoopback */)) {
				82	ALOGE("Failed to close sockets changing netId %d to permission %d: %s",
				83	mNetId, permission, strerror(-ret));
				84	return ret;
				85	}
				86	return 0;
				87	}
				88
Lorenzo Colitti	4662e16	2017-09-08 11:31:59 +0900	[diff] [blame]	89	void PhysicalNetwork::invalidateRouteCache(const std::string& interface) {
Taras Antoshchuk	0cceda2	2021-09-24 18:40:03 +0200	[diff] [blame]	90	// This method invalidates all socket destination cache entries in the kernel by creating and
				91	// removing a low-priority route.
				92	// This number is an arbitrary number that need to be higher than any other route created either
				93	// by netd or by an IPv6 RouterAdvertisement.
				94	int priority = 100000;
				95
Lorenzo Colitti	4662e16	2017-09-08 11:31:59 +0900	[diff] [blame]	96	for (const auto& dst : { "0.0.0.0/0", "::/0" }) {
				97	// If any of these operations fail, there's no point in logging because RouteController will
				98	// have already logged a message. There's also no point returning an error since there's
				99	// nothing we can do.
Tyler Wear	fa94a27	2019-12-05 15:01:48 -0800	[diff] [blame]	100	(void)RouteController::addRoute(interface.c_str(), dst, "throw", RouteController::INTERFACE,
Taras Antoshchuk	0cceda2	2021-09-24 18:40:03 +0200	[diff] [blame]	101	0 /* mtu */, priority);
				102	(void)RouteController::removeRoute(interface.c_str(), dst, "throw",
				103	RouteController::INTERFACE, priority);
Lorenzo Colitti	4662e16	2017-09-08 11:31:59 +0900	[diff] [blame]	104	}
				105	}
				106
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	107	int PhysicalNetwork::setPermission(Permission permission) {
				108	if (permission == mPermission) {
				109	return 0;
				110	}
Lorenzo Colitti	c6201c3	2016-09-14 02:25:05 +0900	[diff] [blame]	111	if (mInterfaces.empty()) {
				112	mPermission = permission;
				113	return 0;
				114	}
				115
				116	destroySocketsLackingPermission(permission);
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	117	for (const std::string& interface : mInterfaces) {
Chalard Jean	e479f31	2022-12-12 18:27:49 +0900	[diff] [blame]	118	if (int ret = RouteController::modifyPhysicalNetworkPermission(
				119	mNetId, interface.c_str(), mPermission, permission, mIsLocalNetwork)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	120	ALOGE("failed to change permission on interface %s of netId %u from %x to %x",
				121	interface.c_str(), mNetId, mPermission, permission);
				122	return ret;
				123	}
Lorenzo Colitti	4662e16	2017-09-08 11:31:59 +0900	[diff] [blame]	124	invalidateRouteCache(interface);
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	125	}
				126	if (mIsDefault) {
				127	for (const std::string& interface : mInterfaces) {
Sreeram Ramachandran	48e19b0	2014-07-22 22:23:20 -0700	[diff] [blame]	128	if (int ret = addToDefault(mNetId, interface, permission, mDelegate)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	129	return ret;
				130	}
Sreeram Ramachandran	48e19b0	2014-07-22 22:23:20 -0700	[diff] [blame]	131	if (int ret = removeFromDefault(mNetId, interface, mPermission, mDelegate)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	132	return ret;
				133	}
				134	}
				135	}
Lorenzo Colitti	c6201c3	2016-09-14 02:25:05 +0900	[diff] [blame]	136	// Destroy sockets again in case any were opened after we called destroySocketsLackingPermission
				137	// above and before we changed the permissions. These sockets won't be able to send any RST
				138	// packets because they are now no longer routed, but at least the apps will get errors.
				139	destroySocketsLackingPermission(permission);
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	140	mPermission = permission;
				141	return 0;
				142	}
				143
				144	int PhysicalNetwork::addAsDefault() {
				145	if (mIsDefault) {
				146	return 0;
				147	}
				148	for (const std::string& interface : mInterfaces) {
Sreeram Ramachandran	48e19b0	2014-07-22 22:23:20 -0700	[diff] [blame]	149	if (int ret = addToDefault(mNetId, interface, mPermission, mDelegate)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	150	return ret;
				151	}
				152	}
				153	mIsDefault = true;
				154	return 0;
				155	}
				156
				157	int PhysicalNetwork::removeAsDefault() {
				158	if (!mIsDefault) {
				159	return 0;
				160	}
				161	for (const std::string& interface : mInterfaces) {
Sreeram Ramachandran	48e19b0	2014-07-22 22:23:20 -0700	[diff] [blame]	162	if (int ret = removeFromDefault(mNetId, interface, mPermission, mDelegate)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	163	return ret;
				164	}
				165	}
				166	mIsDefault = false;
				167	return 0;
				168	}
				169
Ken Chen	53360bf	2021-12-10 02:41:05 +0800	[diff] [blame]	170	int PhysicalNetwork::addUsers(const UidRanges& uidRanges, int32_t subPriority) {
chiachangwang	65bc4ea	2022-09-07 08:10:30 +0000	[diff] [blame]	171	if (!isValidSubPriority(subPriority) \|\| !canAddUidRanges(uidRanges)) {
Ken Chen	c929e8a	2021-03-22 11:37:17 +0800	[diff] [blame]	172	return -EINVAL;
				173	}
				174
				175	for (const std::string& interface : mInterfaces) {
Chalard Jean	e479f31	2022-12-12 18:27:49 +0900	[diff] [blame]	176	int ret = RouteController::addUsersToPhysicalNetwork(
				177	mNetId, interface.c_str(), {{subPriority, uidRanges}}, mIsLocalNetwork);
Ken Chen	c929e8a	2021-03-22 11:37:17 +0800	[diff] [blame]	178	if (ret) {
				179	ALOGE("failed to add users on interface %s of netId %u", interface.c_str(), mNetId);
				180	return ret;
				181	}
				182	}
Ken Chen	4ea8846	2021-05-23 14:56:43 +0800	[diff] [blame]	183	addToUidRangeMap(uidRanges, subPriority);
Ken Chen	c929e8a	2021-03-22 11:37:17 +0800	[diff] [blame]	184	return 0;
				185	}
				186
Ken Chen	53360bf	2021-12-10 02:41:05 +0800	[diff] [blame]	187	int PhysicalNetwork::removeUsers(const UidRanges& uidRanges, int32_t subPriority) {
Ken Chen	4ea8846	2021-05-23 14:56:43 +0800	[diff] [blame]	188	if (!isValidSubPriority(subPriority)) return -EINVAL;
				189
Ken Chen	c929e8a	2021-03-22 11:37:17 +0800	[diff] [blame]	190	for (const std::string& interface : mInterfaces) {
Chalard Jean	e479f31	2022-12-12 18:27:49 +0900	[diff] [blame]	191	int ret = RouteController::removeUsersFromPhysicalNetwork(
				192	mNetId, interface.c_str(), {{subPriority, uidRanges}}, mIsLocalNetwork);
Ken Chen	c929e8a	2021-03-22 11:37:17 +0800	[diff] [blame]	193	if (ret) {
				194	ALOGE("failed to remove users on interface %s of netId %u", interface.c_str(), mNetId);
				195	return ret;
				196	}
				197	}
Ken Chen	4ea8846	2021-05-23 14:56:43 +0800	[diff] [blame]	198	removeFromUidRangeMap(uidRanges, subPriority);
Ken Chen	c929e8a	2021-03-22 11:37:17 +0800	[diff] [blame]	199	return 0;
				200	}
				201
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	202	int PhysicalNetwork::addInterface(const std::string& interface) {
				203	if (hasInterface(interface)) {
				204	return 0;
				205	}
Chalard Jean	e479f31	2022-12-12 18:27:49 +0900	[diff] [blame]	206	if (int ret = RouteController::addInterfaceToPhysicalNetwork(
				207	mNetId, interface.c_str(), mPermission, mUidRangeMap, mIsLocalNetwork)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	208	ALOGE("failed to add interface %s to netId %u", interface.c_str(), mNetId);
				209	return ret;
				210	}
				211	if (mIsDefault) {
Sreeram Ramachandran	48e19b0	2014-07-22 22:23:20 -0700	[diff] [blame]	212	if (int ret = addToDefault(mNetId, interface, mPermission, mDelegate)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	213	return ret;
				214	}
				215	}
				216	mInterfaces.insert(interface);
				217	return 0;
				218	}
				219
				220	int PhysicalNetwork::removeInterface(const std::string& interface) {
				221	if (!hasInterface(interface)) {
				222	return 0;
				223	}
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	224	if (mIsDefault) {
Sreeram Ramachandran	48e19b0	2014-07-22 22:23:20 -0700	[diff] [blame]	225	if (int ret = removeFromDefault(mNetId, interface, mPermission, mDelegate)) {
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	226	return ret;
				227	}
				228	}
Paul Jensen	6d7e623	2014-08-01 10:54:03 -0400	[diff] [blame]	229	// This step will flush the interface index from the cache in RouteController so it must be
				230	// done last as further requests to the RouteController regarding this interface will fail
				231	// to find the interface index in the cache in cases where the interface is already gone
				232	// (e.g. bt-pan).
Chalard Jean	e479f31	2022-12-12 18:27:49 +0900	[diff] [blame]	233	if (int ret = RouteController::removeInterfaceFromPhysicalNetwork(
				234	mNetId, interface.c_str(), mPermission, mUidRangeMap, mIsLocalNetwork)) {
Paul Jensen	6d7e623	2014-08-01 10:54:03 -0400	[diff] [blame]	235	ALOGE("failed to remove interface %s from netId %u", interface.c_str(), mNetId);
				236	return ret;
				237	}
Sreeram Ramachandran	f4f6c8d	2014-06-23 09:54:06 -0700	[diff] [blame]	238	mInterfaces.erase(interface);
				239	return 0;
				240	}
Lorenzo Colitti	7035f22	2017-02-13 18:29:00 +0900	[diff] [blame]	241
Ken Chen	53360bf	2021-12-10 02:41:05 +0800	[diff] [blame]	242	bool PhysicalNetwork::isValidSubPriority(int32_t priority) {
Patrick Rohr	e6f198c	2022-01-25 13:50:31 +0100	[diff] [blame]	243	// SUB_PRIORITY_NO_DEFAULT is a special value, see UidRanges.h.
				244	return (priority >= UidRanges::SUB_PRIORITY_HIGHEST &&
				245	priority <= UidRanges::SUB_PRIORITY_LOWEST) \|\|
				246	priority == UidRanges::SUB_PRIORITY_NO_DEFAULT;
Ken Chen	4ea8846	2021-05-23 14:56:43 +0800	[diff] [blame]	247	}
				248
Bernie Innocenti	762dcf4	2019-06-14 19:52:49 +0900	[diff] [blame]	249	} // namespace android::net