blob: 6e5ca5bdaf770cb3fbe9776c979855b56ddaee37 [file] [log] [blame]
Luke Huang7b26b202019-03-28 14:09:24 +08001/*
2 * Copyright (C) 2018 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Ken Chen5471dca2019-04-15 15:25:35 +080017#define LOG_TAG "resolv"
Luke Huang7b26b202019-03-28 14:09:24 +080018
19#include "Dns64Configuration.h"
20
chenbruceaff85842019-05-31 15:46:42 +080021#include <android-base/logging.h>
Luke Huang7b26b202019-03-28 14:09:24 +080022#include <netdb.h>
Luke Huang9d2d25b2019-06-14 00:34:05 +080023#include <netdutils/BackoffSequence.h>
24#include <netdutils/DumpWriter.h>
25#include <netdutils/InternetAddresses.h>
Mike Yu04f1d482019-08-08 11:09:32 +080026#include <netdutils/ThreadUtil.h>
Ken Chenaa908502023-06-15 17:46:16 +080027#include <utils/StrongPointer.h>
Luke Huang7b26b202019-03-28 14:09:24 +080028#include <thread>
29#include <utility>
30
31#include <arpa/inet.h>
32
33#include "DnsResolver.h"
Bernie Innocentie71a28a2019-05-29 00:42:35 +090034#include "getaddrinfo.h"
Luke Huang7b26b202019-03-28 14:09:24 +080035#include "netd_resolv/resolv.h"
lifr94981782019-05-17 21:15:19 +080036#include "stats.pb.h"
Luke Huang7b26b202019-03-28 14:09:24 +080037
38namespace android {
39
Ken Chenaa908502023-06-15 17:46:16 +080040using android::sp;
Luke Huang7b26b202019-03-28 14:09:24 +080041using netdutils::DumpWriter;
42using netdutils::IPAddress;
43using netdutils::IPPrefix;
Luke Huang9d2d25b2019-06-14 00:34:05 +080044using netdutils::ScopedAddrinfo;
Mike Yucb902c92020-05-20 19:26:56 +080045using netdutils::setThreadName;
Luke Huang7b26b202019-03-28 14:09:24 +080046
47namespace net {
48
49const char Dns64Configuration::kIPv4OnlyHost[] = "ipv4only.arpa.";
50const char Dns64Configuration::kIPv4Literal1[] = "192.0.0.170";
51const char Dns64Configuration::kIPv4Literal2[] = "192.0.0.171";
52
53void Dns64Configuration::startPrefixDiscovery(unsigned netId) {
54 std::lock_guard guard(mMutex);
55
56 // TODO: Keep previous prefix for a while
57 // Currently, we remove current prefix, if any, before starting a prefix discovery.
58 // This causes that Netd and framework temporarily forgets DNS64 prefix even the prefix may be
59 // discovered in a short time.
60 removeDns64Config(netId);
61
62 Dns64Config cfg(getNextId(), netId);
63 // Emplace a copy of |cfg| in the map.
64 mDns64Configs.emplace(std::make_pair(netId, cfg));
65
Ken Chenaa908502023-06-15 17:46:16 +080066 const sp<Dns64Configuration> thiz = this;
Luke Huang7b26b202019-03-28 14:09:24 +080067 // Note that capturing |cfg| in this lambda creates a copy.
Ken Chenaa908502023-06-15 17:46:16 +080068 std::thread discovery_thread([thiz, cfg, netId] {
chenbruce9b72daa2021-08-20 00:00:49 +080069 setThreadName(fmt::format("Nat64Pfx_{}", netId));
Mike Yu04f1d482019-08-08 11:09:32 +080070
Luke Huang7b26b202019-03-28 14:09:24 +080071 // Make a mutable copy rather than mark the whole lambda mutable.
72 // No particular reason.
73 Dns64Config evalCfg(cfg);
74
75 auto backoff = netdutils::BackoffSequence<>::Builder()
76 .withInitialRetransmissionTime(std::chrono::seconds(1))
77 .withMaximumRetransmissionTime(std::chrono::seconds(3600))
78 .build();
79
80 while (true) {
Ken Chenaa908502023-06-15 17:46:16 +080081 if (!thiz->shouldContinueDiscovery(evalCfg)) break;
Luke Huang7b26b202019-03-28 14:09:24 +080082
83 android_net_context netcontext{};
Ken Chenaa908502023-06-15 17:46:16 +080084 thiz->mGetNetworkContextCallback(evalCfg.netId, 0, &netcontext);
Luke Huang7b26b202019-03-28 14:09:24 +080085
86 // Prefix discovery must bypass private DNS because in strict mode
87 // the server generally won't know the NAT64 prefix.
88 netcontext.flags |= NET_CONTEXT_FLAG_USE_LOCAL_NAMESERVERS;
89 if (doRfc7050PrefixDiscovery(netcontext, &evalCfg)) {
Ken Chenaa908502023-06-15 17:46:16 +080090 thiz->recordDns64Config(evalCfg);
Luke Huang7b26b202019-03-28 14:09:24 +080091 break;
92 }
93
Ken Chenaa908502023-06-15 17:46:16 +080094 if (!thiz->shouldContinueDiscovery(evalCfg)) break;
Luke Huang7b26b202019-03-28 14:09:24 +080095
96 if (!backoff.hasNextTimeout()) break;
97 {
Ken Chenaa908502023-06-15 17:46:16 +080098 std::unique_lock<std::mutex> cvGuard(thiz->mMutex);
Luke Huang7b26b202019-03-28 14:09:24 +080099 // TODO: Consider some chrono math, combined with wait_until()
100 // perhaps, to prevent early re-resolves from the removal of
101 // other netids with IPv6-only nameservers.
Ken Chenaa908502023-06-15 17:46:16 +0800102 thiz->mCv.wait_for(cvGuard, backoff.getNextTimeout());
Luke Huang7b26b202019-03-28 14:09:24 +0800103 }
104 }
105 });
106 discovery_thread.detach();
107}
108
109void Dns64Configuration::stopPrefixDiscovery(unsigned netId) {
110 std::lock_guard guard(mMutex);
111 removeDns64Config(netId);
112 mCv.notify_all();
113}
114
115IPPrefix Dns64Configuration::getPrefix64Locked(unsigned netId) const REQUIRES(mMutex) {
116 const auto& iter = mDns64Configs.find(netId);
117 if (iter != mDns64Configs.end()) return iter->second.prefix64;
118
119 return IPPrefix{};
120}
121
122IPPrefix Dns64Configuration::getPrefix64(unsigned netId) const {
123 std::lock_guard guard(mMutex);
124 return getPrefix64Locked(netId);
125}
126
127void Dns64Configuration::dump(DumpWriter& dw, unsigned netId) {
128 static const char kLabel[] = "DNS64 config";
129
130 std::lock_guard guard(mMutex);
131
132 const auto& iter = mDns64Configs.find(netId);
133 if (iter == mDns64Configs.end()) {
134 dw.println("%s: none", kLabel);
135 return;
136 }
137
138 const Dns64Config& cfg = iter->second;
139 if (cfg.prefix64.length() == 0) {
140 dw.println("%s: no prefix yet discovered", kLabel);
141 } else {
Lorenzo Colitti511b6d42020-05-21 22:57:31 +0900142 dw.println("%s: %s prefix %s", kLabel, cfg.isFromPrefixDiscovery() ? "discovered" : "set",
143 cfg.prefix64.toString().c_str());
Luke Huang7b26b202019-03-28 14:09:24 +0800144 }
145}
146
147// NOTE: The full RFC 7050 DNS64 discovery process is not implemented here.
148// Instead, and more simplistic version of the same thing is done, and it
149// currently assumes the DNS64 prefix is a /96.
150bool Dns64Configuration::doRfc7050PrefixDiscovery(const android_net_context& netcontext,
151 Dns64Config* cfg) {
chenbruceaff85842019-05-31 15:46:42 +0800152 LOG(WARNING) << "(" << cfg->netId << ", " << cfg->discoveryId
153 << ") Detecting NAT64 prefix from DNS...";
Luke Huang7b26b202019-03-28 14:09:24 +0800154
155 const struct addrinfo hints = {
156 .ai_family = AF_INET6,
157 };
158
159 // TODO: Refactor so that netd can get all the regular getaddrinfo handling
160 // that regular apps get. We bypass the UNIX socket connection back to
161 // ourselves, which means we also bypass all the special netcontext flag
162 // handling and the resolver event logging.
163 struct addrinfo* res = nullptr;
lifr94981782019-05-17 21:15:19 +0800164 NetworkDnsEventReported event;
165 const int status =
166 resolv_getaddrinfo(kIPv4OnlyHost, nullptr, &hints, &netcontext, &res, &event);
Luke Huang7b26b202019-03-28 14:09:24 +0800167 ScopedAddrinfo result(res);
168 if (status != 0) {
chenbruceaff85842019-05-31 15:46:42 +0800169 LOG(WARNING) << "(" << cfg->netId << ", " << cfg->discoveryId << ") plat_prefix/dns("
170 << kIPv4OnlyHost << ") status = " << status << "/" << gai_strerror(status);
Luke Huang7b26b202019-03-28 14:09:24 +0800171 return false;
172 }
173
174 // Use only the first result. If other records are present, possibly
175 // with differing DNS64 prefixes they are ignored. Note that this is a
176 // violation of https://tools.ietf.org/html/rfc7050#section-3
177 //
178 // "A node MUST look through all of the received AAAA resource records
179 // to collect one or more Pref64::/n."
180 //
181 // TODO: Consider remedying this.
182 if (result->ai_family != AF_INET6) {
chenbruceaff85842019-05-31 15:46:42 +0800183 LOG(WARNING) << "(" << cfg->netId << ", " << cfg->discoveryId
184 << ") plat_prefix/unexpected address family: " << result->ai_family;
Luke Huang7b26b202019-03-28 14:09:24 +0800185 return false;
186 }
187 const IPAddress ipv6(reinterpret_cast<sockaddr_in6*>(result->ai_addr)->sin6_addr);
188 // Only /96 DNS64 prefixes are supported at this time.
189 cfg->prefix64 = IPPrefix(ipv6, 96);
chenbruceaff85842019-05-31 15:46:42 +0800190 LOG(WARNING) << "(" << cfg->netId << ", " << cfg->discoveryId << ") Detected NAT64 prefix "
191 << cfg->prefix64.toString();
Luke Huang7b26b202019-03-28 14:09:24 +0800192 return true;
193}
194
195bool Dns64Configuration::isDiscoveryInProgress(const Dns64Config& cfg) const REQUIRES(mMutex) {
196 const auto& iter = mDns64Configs.find(cfg.netId);
197 if (iter == mDns64Configs.end()) return false;
198
199 const Dns64Config& currentCfg = iter->second;
200 return (currentCfg.discoveryId == cfg.discoveryId);
201}
202
203bool Dns64Configuration::reportNat64PrefixStatus(unsigned netId, bool added, const IPPrefix& pfx) {
204 if (pfx.ip().family() != AF_INET6 || pfx.ip().scope_id() != 0) {
chenbruceaff85842019-05-31 15:46:42 +0800205 LOG(WARNING) << "Abort to send NAT64 prefix notification. Unexpected NAT64 prefix ("
206 << netId << ", " << added << ", " << pfx.toString() << ").";
Luke Huang7b26b202019-03-28 14:09:24 +0800207 return false;
208 }
209 Nat64PrefixInfo args = {netId, added, pfx.ip().toString(), (uint8_t)pfx.length()};
210 mPrefixCallback(args);
211 return true;
212}
213
214bool Dns64Configuration::shouldContinueDiscovery(const Dns64Config& cfg) {
215 std::lock_guard guard(mMutex);
216 return isDiscoveryInProgress(cfg);
217}
218
219void Dns64Configuration::removeDns64Config(unsigned netId) REQUIRES(mMutex) {
Lorenzo Colittie51091d2020-05-20 02:48:44 +0900220 const auto& iter = mDns64Configs.find(netId);
221 if (iter == mDns64Configs.end()) return;
222
223 Dns64Config cfg = iter->second;
224 mDns64Configs.erase(iter);
225
226 // Only report a prefix removed event if the prefix was discovered, not if it was set.
227 if (cfg.isFromPrefixDiscovery() && !cfg.prefix64.isUninitialized()) {
228 reportNat64PrefixStatus(netId, PREFIX_REMOVED, cfg.prefix64);
Luke Huang7b26b202019-03-28 14:09:24 +0800229 }
230}
231
232void Dns64Configuration::recordDns64Config(const Dns64Config& cfg) {
233 std::lock_guard guard(mMutex);
234 if (!isDiscoveryInProgress(cfg)) return;
235
236 removeDns64Config(cfg.netId);
237 mDns64Configs.emplace(std::make_pair(cfg.netId, cfg));
238
239 reportNat64PrefixStatus(cfg.netId, PREFIX_ADDED, cfg.prefix64);
Lorenzo Colittie51091d2020-05-20 02:48:44 +0900240}
Luke Huang7b26b202019-03-28 14:09:24 +0800241
Lorenzo Colitti511b6d42020-05-21 22:57:31 +0900242int Dns64Configuration::setPrefix64(unsigned netId, const IPPrefix& pfx) {
243 if (pfx.isUninitialized() || pfx.family() != AF_INET6 || pfx.length() != 96) {
Lorenzo Colittie51091d2020-05-20 02:48:44 +0900244 return -EINVAL;
245 }
246
247 std::lock_guard guard(mMutex);
248
249 // This method may only be called if prefix discovery has been stopped or was never started.
250 auto iter = mDns64Configs.find(netId);
251 if (iter != mDns64Configs.end()) {
252 if (iter->second.isFromPrefixDiscovery()) {
253 return -EEXIST;
254 } else {
255 mDns64Configs.erase(iter);
256 }
257 }
258
259 Dns64Config cfg(kNoDiscoveryId, netId);
Lorenzo Colitti511b6d42020-05-21 22:57:31 +0900260 cfg.prefix64 = pfx;
Lorenzo Colittie51091d2020-05-20 02:48:44 +0900261 mDns64Configs.emplace(std::make_pair(netId, cfg));
262
263 return 0;
264}
265
266int Dns64Configuration::clearPrefix64(unsigned netId) {
267 std::lock_guard guard(mMutex);
268
269 const auto& iter = mDns64Configs.find(netId);
270 if (iter == mDns64Configs.end() || iter->second.isFromPrefixDiscovery()) {
271 return -ENOENT;
272 }
273
274 mDns64Configs.erase(iter);
275
276 return 0;
Luke Huang7b26b202019-03-28 14:09:24 +0800277}
278
279} // namespace net
280} // namespace android