Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / 20a60134708b2b959b7042bb910352c22cb9bbc3 / . / server / NetlinkManager.cpp
blob: e3c1db9445715c6c463bc939b2640fd2e14da966 [file] [log] [blame]
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]1/*
2 * Copyright (C) 2008 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]17#include <errno.h>
Dan Albert648cf022017-10-11 11:42:52 -0700[diff] [blame]18#include <stdio.h>
19#include <string.h>
Tom Cherry20a60132020-04-13 23:52:06 +0000[diff] [blame^]20#include <unistd.h>
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]21
22#include <sys/socket.h>
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]23#include <sys/time.h>
24#include <sys/types.h>
25#include <sys/un.h>
26
27#include <linux/netlink.h>
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]28#include <linux/rtnetlink.h>
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]29
30#define LOG_TAG "Netd"
31
Logan Chien3f461482018-04-23 14:31:32 +0800[diff] [blame]32#include <log/log.h>
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]33
Jeff Sharkeyfbe497f2014-10-28 16:50:07 -0700[diff] [blame]34#include <linux/netfilter/nfnetlink.h>
35#include <linux/netfilter/nfnetlink_log.h>
36#include <linux/netfilter/nfnetlink_compat.h>
37
38#include <arpa/inet.h>
39
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]40#include "NetlinkManager.h"
41#include "NetlinkHandler.h"
42
Jeff Sharkeyfbe497f2014-10-28 16:50:07 -0700[diff] [blame]43#include "pcap-netfilter-linux-android.h"
44
Lorenzo Colitti7035f222017-02-13 18:29:00 +0900[diff] [blame]45namespace android {
46namespace net {
47
JP Abgralle0ebc462011-07-21 17:21:49 -0700[diff] [blame]48const int NetlinkManager::NFLOG_QUOTA_GROUP = 1;
Jeff Sharkeyfbe497f2014-10-28 16:50:07 -0700[diff] [blame]49const int NetlinkManager::NETFILTER_STRICT_GROUP = 2;
Joel Scherpelz08b84cd2017-05-22 13:11:54 +0900[diff] [blame]50const int NetlinkManager::NFLOG_WAKEUP_GROUP = 3;
JP Abgralle0ebc462011-07-21 17:21:49 -0700[diff] [blame]51
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]52NetlinkManager *NetlinkManager::sInstance = nullptr;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]53
54NetlinkManager *NetlinkManager::Instance() {
55 if (!sInstance)
56 sInstance = new NetlinkManager();
57 return sInstance;
58}
59
60NetlinkManager::NetlinkManager() {
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]61 mBroadcaster = nullptr;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]62}
63
64NetlinkManager::~NetlinkManager() {
65}
66
JP Abgralle0ebc462011-07-21 17:21:49 -0700[diff] [blame]67NetlinkHandler *NetlinkManager::setupSocket(int *sock, int netlinkFamily,
Jeff Sharkey9088f102015-01-23 12:09:49 -0700[diff] [blame]68 int groups, int format, bool configNflog) {
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]69
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]70 struct sockaddr_nl nladdr;
71 int sz = 64 * 1024;
Nick Kralevich79b579c2011-04-18 15:54:13 -0700[diff] [blame]72 int on = 1;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]73
74 memset(&nladdr, 0, sizeof(nladdr));
75 nladdr.nl_family = AF_NETLINK;
Joel Scherpelz519ffc32017-06-14 10:27:47 +0900[diff] [blame]76 // Kernel will assign a unique nl_pid if set to zero.
77 nladdr.nl_pid = 0;
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]78 nladdr.nl_groups = groups;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]79
Nick Kralevich53ea9ca2015-01-31 13:54:00 -0800[diff] [blame]80 if ((*sock = socket(PF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC, netlinkFamily)) < 0) {
Hugo Benichi54c8f342018-07-25 15:29:16 +0900[diff] [blame]81 ALOGE("Unable to create netlink socket for family %d: %s", netlinkFamily, strerror(errno));
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]82 return nullptr;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]83 }
84
Luis Hector Chavez3c349ac2017-06-29 19:27:43 -0700[diff] [blame]85 // When running in a net/user namespace, SO_RCVBUFFORCE will fail because
86 // it will check for the CAP_NET_ADMIN capability in the root namespace.
87 // Try using SO_RCVBUF if that fails.
88 if (setsockopt(*sock, SOL_SOCKET, SO_RCVBUFFORCE, &sz, sizeof(sz)) < 0 &&
89 setsockopt(*sock, SOL_SOCKET, SO_RCVBUF, &sz, sizeof(sz)) < 0) {
90 ALOGE("Unable to set uevent socket SO_RCVBUF option: %s", strerror(errno));
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]91 close(*sock);
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]92 return nullptr;
Nick Kralevich79b579c2011-04-18 15:54:13 -0700[diff] [blame]93 }
94
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]95 if (setsockopt(*sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) {
Nick Kralevich79b579c2011-04-18 15:54:13 -0700[diff] [blame]96 SLOGE("Unable to set uevent socket SO_PASSCRED option: %s", strerror(errno));
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]97 close(*sock);
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]98 return nullptr;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]99 }
100
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]101 if (bind(*sock, (struct sockaddr *) &nladdr, sizeof(nladdr)) < 0) {
Steve Block5ea0c052012-01-06 19:18:11 +0000[diff] [blame]102 ALOGE("Unable to bind netlink socket: %s", strerror(errno));
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]103 close(*sock);
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]104 return nullptr;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]105 }
106
Jeff Sharkey9088f102015-01-23 12:09:49 -0700[diff] [blame]107 if (configNflog) {
108 if (android_nflog_send_config_cmd(*sock, 0, NFULNL_CFG_CMD_PF_UNBIND, AF_INET) < 0) {
109 ALOGE("Failed NFULNL_CFG_CMD_PF_UNBIND: %s", strerror(errno));
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]110 return nullptr;
Jeff Sharkey9088f102015-01-23 12:09:49 -0700[diff] [blame]111 }
112 if (android_nflog_send_config_cmd(*sock, 0, NFULNL_CFG_CMD_PF_BIND, AF_INET) < 0) {
113 ALOGE("Failed NFULNL_CFG_CMD_PF_BIND: %s", strerror(errno));
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]114 return nullptr;
Jeff Sharkey9088f102015-01-23 12:09:49 -0700[diff] [blame]115 }
116 if (android_nflog_send_config_cmd(*sock, 0, NFULNL_CFG_CMD_BIND, AF_UNSPEC) < 0) {
117 ALOGE("Failed NFULNL_CFG_CMD_BIND: %s", strerror(errno));
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]118 return nullptr;
Jeff Sharkey9088f102015-01-23 12:09:49 -0700[diff] [blame]119 }
120 }
121
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]122 NetlinkHandler *handler = new NetlinkHandler(this, *sock, format);
123 if (handler->start()) {
Steve Block5ea0c052012-01-06 19:18:11 +0000[diff] [blame]124 ALOGE("Unable to start NetlinkHandler: %s", strerror(errno));
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]125 close(*sock);
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]126 return nullptr;
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]127 }
128
129 return handler;
130}
131
132int NetlinkManager::start() {
133 if ((mUeventHandler = setupSocket(&mUeventSock, NETLINK_KOBJECT_UEVENT,
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]134 0xffffffff, NetlinkListener::NETLINK_FORMAT_ASCII, false)) == nullptr) {
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]135 return -1;
136 }
137
Lorenzo Colitti9b3cd762013-08-02 05:57:47 +0900[diff] [blame]138 if ((mRouteHandler = setupSocket(&mRouteSock, NETLINK_ROUTE,
139 RTMGRP_LINK |
140 RTMGRP_IPV4_IFADDR |
Lorenzo Colitti12acae82013-10-24 14:51:57 +0900[diff] [blame]141 RTMGRP_IPV6_IFADDR |
Lorenzo Colittibd0f2242014-06-12 13:51:05 +0900[diff] [blame]142 RTMGRP_IPV6_ROUTE |
Lorenzo Colitti12acae82013-10-24 14:51:57 +0900[diff] [blame]143 (1 << (RTNLGRP_ND_USEROPT - 1)),
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]144 NetlinkListener::NETLINK_FORMAT_BINARY, false)) == nullptr) {
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]145 return -1;
146 }
JP Abgralle0ebc462011-07-21 17:21:49 -0700[diff] [blame]147
148 if ((mQuotaHandler = setupSocket(&mQuotaSock, NETLINK_NFLOG,
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]149 NFLOG_QUOTA_GROUP, NetlinkListener::NETLINK_FORMAT_BINARY, false)) == nullptr) {
Bryse Flowers246ca102016-06-01 13:00:12 -0700[diff] [blame]150 ALOGW("Unable to open qlog quota socket, check if xt_quota2 can send via UeventHandler");
JP Abgrall8a412092011-07-26 15:36:40 -0700[diff] [blame]151 // TODO: return -1 once the emulator gets a new kernel.
JP Abgralle0ebc462011-07-21 17:21:49 -0700[diff] [blame]152 }
Ashish Sharma6337b882012-04-10 19:47:09 -0700[diff] [blame]153
Jeff Sharkeyfbe497f2014-10-28 16:50:07 -0700[diff] [blame]154 if ((mStrictHandler = setupSocket(&mStrictSock, NETLINK_NETFILTER,
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]155 0, NetlinkListener::NETLINK_FORMAT_BINARY_UNICAST, true)) == nullptr) {
Jeff Sharkeyfbe497f2014-10-28 16:50:07 -0700[diff] [blame]156 ALOGE("Unable to open strict socket");
157 // TODO: return -1 once the emulator gets a new kernel.
Jeff Sharkeyfbe497f2014-10-28 16:50:07 -0700[diff] [blame]158 }
159
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]160 return 0;
161}
162
163int NetlinkManager::stop() {
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]164 int status = 0;
165
166 if (mUeventHandler->stop()) {
Steve Block5ea0c052012-01-06 19:18:11 +0000[diff] [blame]167 ALOGE("Unable to stop uevent NetlinkHandler: %s", strerror(errno));
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]168 status = -1;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]169 }
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]170
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]171 delete mUeventHandler;
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]172 mUeventHandler = nullptr;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]173
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]174 close(mUeventSock);
175 mUeventSock = -1;
176
177 if (mRouteHandler->stop()) {
Steve Block5ea0c052012-01-06 19:18:11 +0000[diff] [blame]178 ALOGE("Unable to stop route NetlinkHandler: %s", strerror(errno));
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]179 status = -1;
180 }
181
182 delete mRouteHandler;
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]183 mRouteHandler = nullptr;
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]184
185 close(mRouteSock);
186 mRouteSock = -1;
187
JP Abgrall8a412092011-07-26 15:36:40 -0700[diff] [blame]188 if (mQuotaHandler) {
189 if (mQuotaHandler->stop()) {
Steve Block5ea0c052012-01-06 19:18:11 +0000[diff] [blame]190 ALOGE("Unable to stop quota NetlinkHandler: %s", strerror(errno));
JP Abgrall8a412092011-07-26 15:36:40 -0700[diff] [blame]191 status = -1;
192 }
193
194 delete mQuotaHandler;
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]195 mQuotaHandler = nullptr;
JP Abgrall8a412092011-07-26 15:36:40 -0700[diff] [blame]196
197 close(mQuotaSock);
198 mQuotaSock = -1;
JP Abgralle0ebc462011-07-21 17:21:49 -0700[diff] [blame]199 }
Ashish Sharma6337b882012-04-10 19:47:09 -0700[diff] [blame]200
Jeff Sharkeyfbe497f2014-10-28 16:50:07 -0700[diff] [blame]201 if (mStrictHandler) {
202 if (mStrictHandler->stop()) {
203 ALOGE("Unable to stop strict NetlinkHandler: %s", strerror(errno));
204 status = -1;
205 }
206
207 delete mStrictHandler;
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]208 mStrictHandler = nullptr;
Jeff Sharkeyfbe497f2014-10-28 16:50:07 -0700[diff] [blame]209
210 close(mStrictSock);
211 mStrictSock = -1;
212 }
213
Mike J. Chen564df4e2011-06-23 15:07:35 -0700[diff] [blame]214 return status;
San Mehatd1830422010-01-15 08:02:39 -0800[diff] [blame]215}
Lorenzo Colitti7035f222017-02-13 18:29:00 +0900[diff] [blame]216
217} // namespace net
218} // namespace android