Gitiles
Code Review Sign In
review.blissroms.org / platform_system_netd / refs/heads/n-mr2 / . / client / NetdClient.cpp
blob: eeff4113f115040ad15a383aeb9d1217fac2e9cc [file] [log] [blame]
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]17#include "NetdClient.h"
18
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]19#include <arpa/inet.h>
Dan Albertaa1be2b2015-01-06 09:36:17 -0800[diff] [blame]20#include <errno.h>
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]21#include <math.h>
Dan Albertaa1be2b2015-01-06 09:36:17 -0800[diff] [blame]22#include <sys/socket.h>
23#include <unistd.h>
24
25#include <atomic>
26
Sreeram Ramachandran4d4c8b72014-06-20 11:59:40 -0700[diff] [blame]27#include "Fwmark.h"
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]28#include "FwmarkClient.h"
29#include "FwmarkCommand.h"
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]30#include "resolv_netid.h"
Robin Lee9484dab2016-09-21 16:31:33 +0900[diff] [blame]31#include "Stopwatch.h"
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]32
Devi Sandeep Endluri V V6139b842016-05-02 14:42:12 +0530[diff] [blame]33#ifdef USE_WRAPPER
34#include "codeaurora/PropClientDispatch.h"
35#endif
36
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]37namespace {
38
Sreeram Ramachandran9fa2b132014-06-03 12:51:08 -0700[diff] [blame]39std::atomic_uint netIdForProcess(NETID_UNSET);
40std::atomic_uint netIdForResolv(NETID_UNSET);
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]41
42typedef int (*Accept4FunctionType)(int, sockaddr*, socklen_t*, int);
43typedef int (*ConnectFunctionType)(int, const sockaddr*, socklen_t);
44typedef int (*SocketFunctionType)(int, int, int);
45typedef unsigned (*NetIdForResolvFunctionType)(unsigned);
46
Devi Sandeep Endluri V V6139b842016-05-02 14:42:12 +0530[diff] [blame]47#ifdef USE_WRAPPER
48typedef void (*SetConnectFunc) (ConnectFunctionType*);
49#endif
50
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]51// These variables are only modified at startup (when libc.so is loaded) and never afterwards, so
52// it's okay that they are read later at runtime without a lock.
53Accept4FunctionType libcAccept4 = 0;
54ConnectFunctionType libcConnect = 0;
55SocketFunctionType libcSocket = 0;
56
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]57int closeFdAndSetErrno(int fd, int error) {
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]58 close(fd);
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]59 errno = -error;
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]60 return -1;
61}
62
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]63int netdClientAccept4(int sockfd, sockaddr* addr, socklen_t* addrlen, int flags) {
64 int acceptedSocket = libcAccept4(sockfd, addr, addrlen, flags);
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]65 if (acceptedSocket == -1) {
66 return -1;
67 }
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]68 int family;
69 if (addr) {
70 family = addr->sa_family;
71 } else {
72 socklen_t familyLen = sizeof(family);
73 if (getsockopt(acceptedSocket, SOL_SOCKET, SO_DOMAIN, &family, &familyLen) == -1) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]74 return closeFdAndSetErrno(acceptedSocket, -errno);
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]75 }
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]76 }
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]77 if (FwmarkClient::shouldSetFwmark(family)) {
Sreeram Ramachandrana69d9472014-07-11 16:27:02 -0700[diff] [blame]78 FwmarkCommand command = {FwmarkCommand::ON_ACCEPT, 0, 0};
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]79 if (int error = FwmarkClient().send(&command, acceptedSocket, nullptr)) {
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]80 return closeFdAndSetErrno(acceptedSocket, error);
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]81 }
82 }
83 return acceptedSocket;
84}
85
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]86int netdClientConnect(int sockfd, const sockaddr* addr, socklen_t addrlen) {
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]87 const bool shouldSetFwmark = (sockfd >= 0) && addr
88 && FwmarkClient::shouldSetFwmark(addr->sa_family);
89 if (shouldSetFwmark) {
Sreeram Ramachandrana69d9472014-07-11 16:27:02 -0700[diff] [blame]90 FwmarkCommand command = {FwmarkCommand::ON_CONNECT, 0, 0};
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]91 if (int error = FwmarkClient().send(&command, sockfd, nullptr)) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]92 errno = -error;
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]93 return -1;
94 }
95 }
Devi Sandeep Endluri V V6139b842016-05-02 14:42:12 +0530[diff] [blame]96
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]97 // Latency measurement does not include time of sending commands to Fwmark
98 Stopwatch s;
Lalit Kansara0effbda2017-04-04 19:42:49 +0530[diff] [blame]99 int ret = -1;
Devi Sandeep Endluri V V6139b842016-05-02 14:42:12 +0530[diff] [blame]100#ifdef USE_WRAPPER
101 if ( FwmarkClient::shouldSetFwmark(addr->sa_family)) {
102 if( __propClientDispatch.propConnect ) {
Lalit Kansara0effbda2017-04-04 19:42:49 +0530[diff] [blame]103 ret = __propClientDispatch.propConnect(sockfd, addr, addrlen);
Devi Sandeep Endluri V V6139b842016-05-02 14:42:12 +0530[diff] [blame]104 } else {
Lalit Kansara0effbda2017-04-04 19:42:49 +0530[diff] [blame]105 ret = libcConnect(sockfd, addr, addrlen);
Devi Sandeep Endluri V V6139b842016-05-02 14:42:12 +0530[diff] [blame]106 }
Lalit Kansara0effbda2017-04-04 19:42:49 +0530[diff] [blame]107 } else {
108 ret = libcConnect(sockfd, addr, addrlen);
Devi Sandeep Endluri V V6139b842016-05-02 14:42:12 +0530[diff] [blame]109 }
Lalit Kansara0effbda2017-04-04 19:42:49 +0530[diff] [blame]110#else
111 ret = libcConnect(sockfd, addr, addrlen);
Devi Sandeep Endluri V V6139b842016-05-02 14:42:12 +0530[diff] [blame]112#endif
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]113 // Save errno so it isn't clobbered by sending ON_CONNECT_COMPLETE
114 const int connectErrno = errno;
115 const unsigned latencyMs = lround(s.timeTaken());
116 // Send an ON_CONNECT_COMPLETE command that includes sockaddr and connect latency for reporting
117 if (shouldSetFwmark && FwmarkClient::shouldReportConnectComplete(addr->sa_family)) {
Hugo Benichi483afa42016-10-31 15:07:23 +0900[diff] [blame]118 FwmarkConnectInfo connectInfo(ret == 0 ? 0 : connectErrno, latencyMs, addr);
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]119 // TODO: get the netId from the socket mark once we have continuous benchmark runs
120 FwmarkCommand command = {FwmarkCommand::ON_CONNECT_COMPLETE, /* netId (ignored) */ 0,
121 /* uid (filled in by the server) */ 0};
122 // Ignore return value since it's only used for logging
123 FwmarkClient().send(&command, sockfd, &connectInfo);
124 }
125 errno = connectErrno;
126 return ret;
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]127}
128
129int netdClientSocket(int domain, int type, int protocol) {
Devi Sandeep Endluri V V6139b842016-05-02 14:42:12 +0530[diff] [blame]130
131 int socketFd;
132#ifndef USE_WRAPPER
133 socketFd = libcSocket(domain, type, protocol);
134#else
135 if( __propClientDispatch.propSocket ) {
136 socketFd = __propClientDispatch.propSocket(domain, type, protocol);
137 } else {
138 socketFd = libcSocket(domain, type, protocol);
139 }
140#endif
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]141 if (socketFd == -1) {
142 return -1;
143 }
144 unsigned netId = netIdForProcess;
145 if (netId != NETID_UNSET && FwmarkClient::shouldSetFwmark(domain)) {
Sreeram Ramachandrand36c49c2014-07-02 14:49:33 -0700[diff] [blame]146 if (int error = setNetworkForSocket(netId, socketFd)) {
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]147 return closeFdAndSetErrno(socketFd, error);
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]148 }
149 }
150 return socketFd;
151}
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]152
153unsigned getNetworkForResolv(unsigned netId) {
154 if (netId != NETID_UNSET) {
155 return netId;
156 }
157 netId = netIdForProcess;
158 if (netId != NETID_UNSET) {
159 return netId;
160 }
161 return netIdForResolv;
162}
163
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]164int setNetworkForTarget(unsigned netId, std::atomic_uint* target) {
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]165 if (netId == NETID_UNSET) {
166 *target = netId;
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]167 return 0;
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]168 }
169 // Verify that we are allowed to use |netId|, by creating a socket and trying to have it marked
Sreeram Ramachandran27560452014-05-30 19:59:51 -0700[diff] [blame]170 // with the netId. Call libcSocket() directly; else the socket creation (via netdClientSocket())
171 // might itself cause another check with the fwmark server, which would be wasteful.
172 int socketFd;
173 if (libcSocket) {
Nick Kralevich53ea9ca2015-01-31 13:54:00 -0800[diff] [blame]174 socketFd = libcSocket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
Sreeram Ramachandran27560452014-05-30 19:59:51 -0700[diff] [blame]175 } else {
Nick Kralevich53ea9ca2015-01-31 13:54:00 -0800[diff] [blame]176 socketFd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
Sreeram Ramachandran27560452014-05-30 19:59:51 -0700[diff] [blame]177 }
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]178 if (socketFd < 0) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]179 return -errno;
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]180 }
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]181 int error = setNetworkForSocket(netId, socketFd);
182 if (!error) {
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]183 *target = netId;
184 }
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]185 close(socketFd);
186 return error;
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]187}
188
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]189} // namespace
190
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]191// accept() just calls accept4(..., 0), so there's no need to handle accept() separately.
192extern "C" void netdClientInitAccept4(Accept4FunctionType* function) {
193 if (function && *function) {
194 libcAccept4 = *function;
195 *function = netdClientAccept4;
196 }
197}
198
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]199extern "C" void netdClientInitConnect(ConnectFunctionType* function) {
200 if (function && *function) {
201 libcConnect = *function;
202 *function = netdClientConnect;
203 }
204}
205
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]206extern "C" void netdClientInitSocket(SocketFunctionType* function) {
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]207 if (function && *function) {
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]208 libcSocket = *function;
209 *function = netdClientSocket;
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]210 }
211}
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]212
213extern "C" void netdClientInitNetIdForResolv(NetIdForResolvFunctionType* function) {
214 if (function) {
215 *function = getNetworkForResolv;
216 }
217}
218
Sreeram Ramachandran4d4c8b72014-06-20 11:59:40 -0700[diff] [blame]219extern "C" int getNetworkForSocket(unsigned* netId, int socketFd) {
220 if (!netId || socketFd < 0) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]221 return -EBADF;
Sreeram Ramachandran4d4c8b72014-06-20 11:59:40 -0700[diff] [blame]222 }
223 Fwmark fwmark;
224 socklen_t fwmarkLen = sizeof(fwmark.intValue);
225 if (getsockopt(socketFd, SOL_SOCKET, SO_MARK, &fwmark.intValue, &fwmarkLen) == -1) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]226 return -errno;
Sreeram Ramachandran4d4c8b72014-06-20 11:59:40 -0700[diff] [blame]227 }
228 *netId = fwmark.netId;
229 return 0;
230}
231
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]232extern "C" unsigned getNetworkForProcess() {
233 return netIdForProcess;
234}
235
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]236extern "C" int setNetworkForSocket(unsigned netId, int socketFd) {
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]237 if (socketFd < 0) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]238 return -EBADF;
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]239 }
Sreeram Ramachandrana69d9472014-07-11 16:27:02 -0700[diff] [blame]240 FwmarkCommand command = {FwmarkCommand::SELECT_NETWORK, netId, 0};
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]241 return FwmarkClient().send(&command, socketFd, nullptr);
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]242}
243
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]244extern "C" int setNetworkForProcess(unsigned netId) {
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]245 return setNetworkForTarget(netId, &netIdForProcess);
246}
247
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]248extern "C" int setNetworkForResolv(unsigned netId) {
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]249 return setNetworkForTarget(netId, &netIdForResolv);
250}
Sreeram Ramachandrand794e582014-06-19 10:03:07 -0700[diff] [blame]251
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]252extern "C" int protectFromVpn(int socketFd) {
Sreeram Ramachandrand794e582014-06-19 10:03:07 -0700[diff] [blame]253 if (socketFd < 0) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]254 return -EBADF;
Sreeram Ramachandrand794e582014-06-19 10:03:07 -0700[diff] [blame]255 }
Sreeram Ramachandrana69d9472014-07-11 16:27:02 -0700[diff] [blame]256 FwmarkCommand command = {FwmarkCommand::PROTECT_FROM_VPN, 0, 0};
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]257 return FwmarkClient().send(&command, socketFd, nullptr);
Sreeram Ramachandrana69d9472014-07-11 16:27:02 -0700[diff] [blame]258}
259
260extern "C" int setNetworkForUser(uid_t uid, int socketFd) {
261 if (socketFd < 0) {
262 return -EBADF;
263 }
264 FwmarkCommand command = {FwmarkCommand::SELECT_FOR_USER, 0, uid};
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]265 return FwmarkClient().send(&command, socketFd, nullptr);
Paul Jensend1df5972015-05-06 07:29:56 -0400[diff] [blame]266}
267
268extern "C" int queryUserAccess(uid_t uid, unsigned netId) {
269 FwmarkCommand command = {FwmarkCommand::QUERY_USER_ACCESS, netId, uid};
Michal Karpinskieced78e2016-10-06 19:33:55 +0100[diff] [blame]270 return FwmarkClient().send(&command, -1, nullptr);
Sreeram Ramachandrand794e582014-06-19 10:03:07 -0700[diff] [blame]271}