server/TetherController.cpp

/*
 * Copyright (C) 2008 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include <stdlib.h>
#include <errno.h>
#include <fcntl.h>
#include <string.h>

#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <linux/capability.h>

#include <netinet/in.h>
#include <arpa/inet.h>

#define LOG_TAG "TetherController"
#define LOG_NDEBUG 0
#define LOG_NDDEBUG 0
#define LOG_NIDEBUG 0
#include <cutils/log.h>
#include <cutils/properties.h>

#include "Fwmark.h"
#include "NetdConstants.h"
#include "Permission.h"
#include "TetherController.h"

#include <private/android_filesystem_config.h>
#include <unistd.h>

#define RTRADVDAEMON "/system/bin/radish"
#define IP4_CFG_IP_FORWARD          "/proc/sys/net/ipv4/ip_forward"
#define IP6_CFG_ALL_PROXY_NDP       "/proc/sys/net/ipv6/conf/all/proxy_ndp"
#define IP6_CFG_ALL_FORWARDING      "/proc/sys/net/ipv6/conf/all/forwarding"
#define IP6_IFACE_CFG_ACCEPT_RA     "/proc/sys/net/ipv6/conf/%s/accept_ra"
#define PROC_PATH_SIZE              255
#define RTRADVDAEMON_MIN_IFACES     2
#define MAX_TABLE_LEN               11
#define MIN_TABLE_NUMBER            0
#define IP_ADDR                     "ip addr"
#define BASE_TABLE_NUMBER           1000
#define IF_INDEX_PATH               "/sys/class/net/%s/ifindex"
#define SYS_PATH_SIZE               PROC_PATH_SIZE

/* This is the number of arguments for RTRADVDAEMON which accounts for the
 * location of the daemon, the table name option, the name of the table
 * and a final empty string
 */
#define RTRADVDAEMON_ARGS_COUNT     4

TetherController::TetherController() {
    mInterfaces = new InterfaceCollection();
    mUpstreamInterfaces = new InterfaceCollection();
    mDnsForwarders = new NetAddressCollection();
    mDaemonFd = -1;
    mDaemonPid = 0;
}

TetherController::~TetherController() {
    InterfaceCollection::iterator it;

    for (it = mInterfaces->begin(); it != mInterfaces->end(); ++it) {
        free(*it);
    }
    mInterfaces->clear();

    for (it = mUpstreamInterfaces->begin(); it != mUpstreamInterfaces->end(); ++it) {
        free(*it);
    }
    mUpstreamInterfaces->clear();

    mDnsForwarders->clear();
}

static int config_write_setting(const char *path, const char *value)
{
    int fd = open(path, O_WRONLY);

    ALOGD("config_write_setting(%s, %s)", path, value);
    if (fd < 0) {
        ALOGE("Failed to open %s (%s)", path, strerror(errno));
        return -1;
    }
    if (write(fd, value, strlen(value)) != (int)strlen(value)) {
        ALOGE("Failed to write to %s (%s)", path, strerror(errno));
        close(fd);
        return -1;
    }
    close(fd);
    return 0;
}

int TetherController::setIpFwdEnabled(bool enable) {

    ALOGD("Setting IP forward enable = %d", enable);

    // In BP tools mode, do not disable IP forwarding
    char bootmode[PROPERTY_VALUE_MAX] = {0};
    property_get("ro.bootmode", bootmode, "unknown");
    if ((enable == false) && (0 == strcmp("bp-tools", bootmode))) {
        return 0;
    }

    int fd = open("/proc/sys/net/ipv4/ip_forward", O_WRONLY);
    if (fd < 0) {
        ALOGE("Failed to open ip_forward (%s)", strerror(errno));
        return -1;
    }

    if (write(fd, (enable ? "1" : "0"), 1) != 1) {
        ALOGE("Failed to write ip_forward (%s)", strerror(errno));
        close(fd);
        return -1;
    }
    close(fd);
    if (config_write_setting(
            IP6_CFG_ALL_PROXY_NDP, enable ? "2" : "0")) {
        ALOGE("Failed to write proxy_ndp (%s)", strerror(errno));
        return -1;
    }
    if (config_write_setting(
            IP6_CFG_ALL_FORWARDING, enable ? "2" : "0")) {
        ALOGE("Failed to write ip6 forwarding (%s)", strerror(errno));
        return -1;
    }

    return 0;
}

bool TetherController::getIpFwdEnabled() {
    int fd = open("/proc/sys/net/ipv4/ip_forward", O_RDONLY);

    if (fd < 0) {
        ALOGE("Failed to open ip_forward (%s)", strerror(errno));
        return false;
    }

    char enabled;
    if (read(fd, &enabled, 1) != 1) {
        ALOGE("Failed to read ip_forward (%s)", strerror(errno));
        close(fd);
        return -1;
    }

    close(fd);
    return (enabled  == '1' ? true : false);
}

#define TETHER_START_CONST_ARG        8

int TetherController::startTethering(int num_addrs, struct in_addr* addrs) {
    if (mDaemonPid != 0) {
        ALOGE("Tethering already started");
        errno = EBUSY;
        return -1;
    }

    ALOGD("Starting tethering services");

    pid_t pid;
    int pipefd[2];

    if (pipe(pipefd) < 0) {
        ALOGE("pipe failed (%s)", strerror(errno));
        return -1;
    }

    /*
     * TODO: Create a monitoring thread to handle and restart
     * the daemon if it exits prematurely
     */
    if ((pid = fork()) < 0) {
        ALOGE("fork failed (%s)", strerror(errno));
        close(pipefd[0]);
        close(pipefd[1]);
        return -1;
    }

    if (!pid) {
        close(pipefd[1]);
        if (pipefd[0] != STDIN_FILENO) {
            if (dup2(pipefd[0], STDIN_FILENO) != STDIN_FILENO) {
                ALOGE("dup2 failed (%s)", strerror(errno));
                return -1;
            }
            close(pipefd[0]);
        }

        int num_processed_args = TETHER_START_CONST_ARG + (num_addrs/2) + 1;
        char **args = (char **)malloc(sizeof(char *) * num_processed_args);
        args[num_processed_args - 1] = NULL;
        args[0] = (char *)"/system/bin/dnsmasq";
        args[1] = (char *)"--keep-in-foreground";
        args[2] = (char *)"--no-resolv";
        args[3] = (char *)"--no-poll";
        args[4] = (char *)"--dhcp-authoritative";
        // TODO: pipe through metered status from ConnService
        args[5] = (char *)"--dhcp-option-force=43,ANDROID_METERED";
        args[6] = (char *)"--pid-file";
        args[7] = (char *)"";

        int nextArg = TETHER_START_CONST_ARG;
        for (int addrIndex=0; addrIndex < num_addrs;) {
            char *start = strdup(inet_ntoa(addrs[addrIndex++]));
            char *end = strdup(inet_ntoa(addrs[addrIndex++]));
            asprintf(&(args[nextArg++]),"--dhcp-range=%s,%s,1h", start, end);
        }

        if (execv(args[0], args)) {
            ALOGE("execl failed (%s)", strerror(errno));
        }
        ALOGE("Should never get here!");
        _exit(-1);
    } else {
        close(pipefd[0]);
        mDaemonPid = pid;
        mDaemonFd = pipefd[1];
        applyDnsInterfaces();
        ALOGD("Tethering services running");
    }

    return 0;
}

int TetherController::stopTethering() {

    if (mDaemonPid == 0) {
        ALOGE("Tethering already stopped");
        return 0;
    }

    ALOGD("Stopping tethering services");

    kill(mDaemonPid, SIGTERM);
    waitpid(mDaemonPid, NULL, 0);
    mDaemonPid = 0;
    close(mDaemonFd);
    mDaemonFd = -1;
    ALOGD("Tethering services stopped");
    return 0;
}

bool TetherController::isTetheringStarted() {
    return (mDaemonPid == 0 ? false : true);
}

int TetherController::startV6RtrAdv(int num_ifaces, char **ifaces, int table_number) {
    int pid;
    int num_processed_args = 1;
    gid_t groups [] = { AID_NET_ADMIN, AID_NET_RAW, AID_INET };

    if (num_ifaces < RTRADVDAEMON_MIN_IFACES) {
        ALOGD("Need atleast two interfaces to start Router advertisement daemon");
        return 0;
    }

    if ((pid = fork()) < 0) {
        ALOGE("%s: fork failed (%s)", __func__, strerror(errno));
        return -1;
    }
    if (!pid) {
        char **args;
        const char *cmd = RTRADVDAEMON;

        args = (char **)calloc(num_ifaces * 3 + RTRADVDAEMON_ARGS_COUNT, sizeof(char *));
        if (!args) {
          ALOGE("%s: failed to allocate memory", __func__);
          return -1;
        }

        args[0] = strdup(RTRADVDAEMON);
        int aidx = 0;
        for (int i=0; i < num_ifaces; i++) {
            aidx = 3 * i + num_processed_args;
            args[aidx++] = (char *)"-i";
            args[aidx++] = ifaces[i];
            args[aidx++] = (char *)"-x";
        }
        if (table_number > MIN_TABLE_NUMBER) {
          char table_name[MAX_TABLE_LEN];
          unsigned int retval =  0;
          table_number += BASE_TABLE_NUMBER;
          retval = snprintf(table_name, sizeof(table_name), "%d", table_number);
          if (retval >= sizeof(table_name)) {
            ALOGE("%s: String truncation occured", __func__);
          } else {
            args[aidx++] = (char *)"-t";
            args[aidx] = table_name;
          }
        }

        setgroups(sizeof(groups)/sizeof(groups[0]), groups);
        setresgid(AID_RADIO, AID_RADIO, AID_RADIO);
        setresuid(AID_RADIO, AID_RADIO, AID_RADIO);

        if (execv(cmd, args)) {
            ALOGE("Unable to exec %s: (%s)" , cmd, strerror(errno));
        }
        free(args[0]);
        free(args);
        exit(0);
    } else {
        mRtrAdvPid = pid;
        ALOGD("Router advertisement daemon running");
    }
    return 0;
}

int TetherController::stopV6RtrAdv() {
    if (!mRtrAdvPid) {
        ALOGD("Router advertisement daemon already stopped");
        return 0;
    }

    kill(mRtrAdvPid, SIGTERM);
    waitpid(mRtrAdvPid, NULL, 0);
    mRtrAdvPid = 0;
    ALOGD("Router advertisement daemon stopped");
    return 0;
}

int TetherController::getIfaceIndexForIface(const char *iface)
{
   FILE *fp = NULL;
   char res[MAX_TABLE_LEN];
   int iface_num = -1;
   char if_index[SYS_PATH_SIZE];
   unsigned int retval = 0;
   if (iface == NULL)
   {
     ALOGE("%s() Interface is NULL", __func__);
     return iface_num;
   }

   memset(if_index, 0, sizeof(if_index));
   retval = snprintf(if_index, sizeof(if_index), IF_INDEX_PATH, iface);
   if (retval >= sizeof(if_index)) {
     ALOGE("%s() String truncation occurred", __func__);
     return iface_num;
   }

   ALOGD("%s() File path is %s", __func__, if_index);
   fp = fopen(if_index, "r");
   if (fp == NULL)
   {
     ALOGE("%s() Cannot read file : path %s, error %s", __func__, if_index, strerror(errno));
     return iface_num;
   }

   memset(res, 0, sizeof(res));
   while (fgets(res, sizeof(res)-1, fp) != NULL)
   {
      ALOGD("%s() %s", __func__, res);
      iface_num = atoi(res);
      ALOGD("%s() Interface index for interface %s is %d", __func__, iface, iface_num);
   }

   fclose(fp);
   return iface_num;
}

/* Stop and start the ipv6 router advertisement daemon with the updated
 * interfaces. Pass the table number as a command line argument when
 * tethering is enabled.
 */
int TetherController::configureV6RtrAdv() {
    char **args;
    int i;
    int len;
    InterfaceCollection::iterator it;
    int iface_index = -1;
    /* For now, just stop and start the daemon with the new interface list */

    len = mInterfaces->size() + mUpstreamInterfaces->size();
    args = (char **)calloc(len, sizeof(char *));

    if (!args) {
        errno = ENOMEM;
        return -1;
    }

    for (i = 0, it = mInterfaces->begin(); it != mInterfaces->end(); it++, i++) {
        args[i] = *it;
    }

    for (it = mUpstreamInterfaces->begin(); i < len && it != mUpstreamInterfaces->end(); it++, i++)
    {
        args[i] = *it;
        iface_index = getIfaceIndexForIface(args[i]);
        ALOGD("%s: Upstream Iface: %s iface index: %d", __func__, args[i], iface_index);
    }

    stopV6RtrAdv();
    startV6RtrAdv(i, args, iface_index);

    free(args);

    return 0;
}

bool TetherController::isV6RtrAdvStarted() {
    return (mRtrAdvPid == 0 ? false : true);
}

#define MAX_CMD_SIZE 1024

int TetherController::setDnsForwarders(unsigned netId, char **servers, int numServers) {
    int i;
    char daemonCmd[MAX_CMD_SIZE];

    Fwmark fwmark;
    fwmark.netId = netId;
    fwmark.explicitlySelected = true;
    fwmark.protectedFromVpn = true;
    fwmark.permission = PERMISSION_SYSTEM;

    snprintf(daemonCmd, sizeof(daemonCmd), "update_dns:0x%x", fwmark.intValue);
    int cmdLen = strlen(daemonCmd);

    mDnsForwarders->clear();
    for (i = 0; i < numServers; i++) {
        ALOGD("setDnsForwarders(0x%x %d = '%s')", fwmark.intValue, i, servers[i]);

        struct in_addr a;

        if (!inet_aton(servers[i], &a)) {
            ALOGE("Failed to parse DNS server '%s'", servers[i]);
            mDnsForwarders->clear();
            return -1;
        }

        cmdLen += (strlen(servers[i]) + 1);
        if (cmdLen + 1 >= MAX_CMD_SIZE) {
            ALOGD("Too many DNS servers listed");
            break;
        }

        strcat(daemonCmd, ":");
        strcat(daemonCmd, servers[i]);
        mDnsForwarders->push_back(a);
    }

    mDnsNetId = netId;
    if (mDaemonFd != -1) {
        ALOGD("Sending update msg to dnsmasq [%s]", daemonCmd);
        if (write(mDaemonFd, daemonCmd, strlen(daemonCmd) +1) < 0) {
            ALOGE("Failed to send update command to dnsmasq (%s)", strerror(errno));
            mDnsForwarders->clear();
            return -1;
        }
    }
    return 0;
}

unsigned TetherController::getDnsNetId() {
    return mDnsNetId;
}

int TetherController::addUpstreamInterface(char *iface)
{
    InterfaceCollection::iterator it;

    ALOGD("addUpstreamInterface(%s)\n", iface);

    if (!iface) {
        ALOGE("addUpstreamInterface: received null interface");
        return 0;
    }
    for (it = mUpstreamInterfaces->begin(); it != mUpstreamInterfaces->end(); ++it) {
        ALOGD(".");
        if (*it && !strcmp(iface, *it)) {
            ALOGD("addUpstreamInterface: interface %s already present", iface);
            return 0;
        }
    }
    mUpstreamInterfaces->push_back(strdup(iface));

    return configureV6RtrAdv();
}

int TetherController::removeUpstreamInterface(char *iface)
{
    InterfaceCollection::iterator it;

    if (!iface) {
        ALOGE("removeUpstreamInterface: Null interface name received");
        return 0;
    }
    for (it = mUpstreamInterfaces->begin(); it != mUpstreamInterfaces->end(); ++it) {
        if (*it && !strcmp(iface, *it)) {
            free(*it);
            mUpstreamInterfaces->erase(it);
            return configureV6RtrAdv();
        }
    }

    ALOGW("Couldn't find interface %s to remove", iface);
    return 0;
}

NetAddressCollection *TetherController::getDnsForwarders() {
    return mDnsForwarders;
}

int TetherController::applyDnsInterfaces() {
    char daemonCmd[MAX_CMD_SIZE];

    strcpy(daemonCmd, "update_ifaces");
    int cmdLen = strlen(daemonCmd);
    InterfaceCollection::iterator it;
    bool haveInterfaces = false;

    for (it = mInterfaces->begin(); it != mInterfaces->end(); ++it) {
        cmdLen += (strlen(*it) + 1);
        if (cmdLen + 1 >= MAX_CMD_SIZE) {
            ALOGD("Too many DNS ifaces listed");
            break;
        }

        strcat(daemonCmd, ":");
        strcat(daemonCmd, *it);
        haveInterfaces = true;
    }

    if ((mDaemonFd != -1) && haveInterfaces) {
        ALOGD("Sending update msg to dnsmasq [%s]", daemonCmd);
        if (write(mDaemonFd, daemonCmd, strlen(daemonCmd) +1) < 0) {
            ALOGE("Failed to send update command to dnsmasq (%s)", strerror(errno));
            return -1;
        }
    }
    return 0;
}

int TetherController::tetherInterface(const char *interface) {
    ALOGD("tetherInterface(%s)", interface);
    if (!isIfaceName(interface)) {
        errno = ENOENT;
        return -1;
    }
    mInterfaces->push_back(strdup(interface));

    configureV6RtrAdv();

    if (applyDnsInterfaces()) {
        InterfaceCollection::iterator it;
        for (it = mInterfaces->begin(); it != mInterfaces->end(); ++it) {
            if (!strcmp(interface, *it)) {
                free(*it);
                mInterfaces->erase(it);
                break;
            }
        }
        return -1;
    } else {
        return 0;
    }
}

int TetherController::untetherInterface(const char *interface) {
    InterfaceCollection::iterator it;

    ALOGD("untetherInterface(%s)", interface);

    for (it = mInterfaces->begin(); it != mInterfaces->end(); ++it) {
        if (!strcmp(interface, *it)) {
            free(*it);
            mInterfaces->erase(it);
            configureV6RtrAdv();
            return applyDnsInterfaces();
        }
    }
    errno = ENOENT;
    return -1;
}

InterfaceCollection *TetherController::getTetheredInterfaceList() {
    return mInterfaces;
}