Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / ccd04c58cf0dd6931272eddb092945b6185da513 / . / client / NetdClient.cpp
blob: 195c45d30676efc422101dc6499159e7ceb4b821 [file] [log] [blame]
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]17#include "NetdClient.h"
18
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]19#include <arpa/inet.h>
Dan Albertaa1be2b2015-01-06 09:36:17 -0800[diff] [blame]20#include <errno.h>
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]21#include <math.h>
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]22#include <resolv.h>
Luke Huangc5efae92018-11-19 17:45:13 +0800[diff] [blame]23#include <stdlib.h>
Dan Albertaa1be2b2015-01-06 09:36:17 -0800[diff] [blame]24#include <sys/socket.h>
Luke Huangc5efae92018-11-19 17:45:13 +0800[diff] [blame]25#include <sys/un.h>
Dan Albertaa1be2b2015-01-06 09:36:17 -0800[diff] [blame]26#include <unistd.h>
27
28#include <atomic>
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]29#include <string>
30#include <vector>
Dan Albertaa1be2b2015-01-06 09:36:17 -0800[diff] [blame]31
Sreeram Ramachandran4d4c8b72014-06-20 11:59:40 -0700[diff] [blame]32#include "Fwmark.h"
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]33#include "FwmarkClient.h"
34#include "FwmarkCommand.h"
Robin Leecc544162016-09-21 16:31:33 +0900[diff] [blame]35#include "Stopwatch.h"
Bernie Innocenti189eb502018-10-01 23:10:18 +0900[diff] [blame]36#include "netid_client.h"
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]37
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]38#include "android-base/unique_fd.h"
39
40using android::base::unique_fd;
41
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]42namespace {
43
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]44// Keep this in sync with CMD_BUF_SIZE in FrameworkListener.cpp.
Luke Huange92b75e2019-03-26 17:56:49 +0800[diff] [blame]45constexpr size_t MAX_CMD_SIZE = 4096;
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]46
Sreeram Ramachandran9fa2b132014-06-03 12:51:08 -0700[diff] [blame]47std::atomic_uint netIdForProcess(NETID_UNSET);
48std::atomic_uint netIdForResolv(NETID_UNSET);
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]49
50typedef int (*Accept4FunctionType)(int, sockaddr*, socklen_t*, int);
51typedef int (*ConnectFunctionType)(int, const sockaddr*, socklen_t);
52typedef int (*SocketFunctionType)(int, int, int);
53typedef unsigned (*NetIdForResolvFunctionType)(unsigned);
Luke Huangc5efae92018-11-19 17:45:13 +0800[diff] [blame]54typedef int (*DnsOpenProxyType)();
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]55
56// These variables are only modified at startup (when libc.so is loaded) and never afterwards, so
57// it's okay that they are read later at runtime without a lock.
Yi Kongbdfd57e2018-07-25 13:26:10 -0700[diff] [blame]58Accept4FunctionType libcAccept4 = nullptr;
59ConnectFunctionType libcConnect = nullptr;
60SocketFunctionType libcSocket = nullptr;
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]61
Lorenzo Colitti24601da2019-02-14 00:48:36 +0900[diff] [blame]62int checkSocket(int socketFd) {
63 if (socketFd < 0) {
64 return -EBADF;
65 }
66 int family;
67 socklen_t familyLen = sizeof(family);
68 if (getsockopt(socketFd, SOL_SOCKET, SO_DOMAIN, &family, &familyLen) == -1) {
69 return -errno;
70 }
71 if (!FwmarkClient::shouldSetFwmark(family)) {
72 return -EAFNOSUPPORT;
73 }
74 return 0;
75}
76
77bool shouldMarkSocket(int socketFd, const sockaddr* dst) {
78 // Only mark inet sockets that are connecting to inet destinations. This excludes, for example,
79 // inet sockets connecting to AF_UNSPEC (i.e., being disconnected), and non-inet sockets that
80 // for some reason the caller wants to attempt to connect to an inet destination.
81 return dst && FwmarkClient::shouldSetFwmark(dst->sa_family) && (checkSocket(socketFd) == 0);
82}
83
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]84int closeFdAndSetErrno(int fd, int error) {
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]85 close(fd);
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]86 errno = -error;
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]87 return -1;
88}
89
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]90int netdClientAccept4(int sockfd, sockaddr* addr, socklen_t* addrlen, int flags) {
91 int acceptedSocket = libcAccept4(sockfd, addr, addrlen, flags);
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]92 if (acceptedSocket == -1) {
93 return -1;
94 }
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]95 int family;
96 if (addr) {
97 family = addr->sa_family;
98 } else {
99 socklen_t familyLen = sizeof(family);
100 if (getsockopt(acceptedSocket, SOL_SOCKET, SO_DOMAIN, &family, &familyLen) == -1) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]101 return closeFdAndSetErrno(acceptedSocket, -errno);
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]102 }
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]103 }
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]104 if (FwmarkClient::shouldSetFwmark(family)) {
Chenbo Feng9944ba82017-10-10 17:33:20 -0700[diff] [blame]105 FwmarkCommand command = {FwmarkCommand::ON_ACCEPT, 0, 0, 0};
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]106 if (int error = FwmarkClient().send(&command, acceptedSocket, nullptr)) {
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]107 return closeFdAndSetErrno(acceptedSocket, error);
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]108 }
109 }
110 return acceptedSocket;
111}
112
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]113int netdClientConnect(int sockfd, const sockaddr* addr, socklen_t addrlen) {
Lorenzo Colitti24601da2019-02-14 00:48:36 +0900[diff] [blame]114 const bool shouldSetFwmark = shouldMarkSocket(sockfd, addr);
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]115 if (shouldSetFwmark) {
Chenbo Feng9944ba82017-10-10 17:33:20 -0700[diff] [blame]116 FwmarkCommand command = {FwmarkCommand::ON_CONNECT, 0, 0, 0};
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]117 if (int error = FwmarkClient().send(&command, sockfd, nullptr)) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]118 errno = -error;
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]119 return -1;
120 }
121 }
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]122 // Latency measurement does not include time of sending commands to Fwmark
123 Stopwatch s;
Hugo Benichi794c5c72016-10-31 15:07:23 +0900[diff] [blame]124 const int ret = libcConnect(sockfd, addr, addrlen);
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]125 // Save errno so it isn't clobbered by sending ON_CONNECT_COMPLETE
126 const int connectErrno = errno;
127 const unsigned latencyMs = lround(s.timeTaken());
128 // Send an ON_CONNECT_COMPLETE command that includes sockaddr and connect latency for reporting
129 if (shouldSetFwmark && FwmarkClient::shouldReportConnectComplete(addr->sa_family)) {
Hugo Benichi794c5c72016-10-31 15:07:23 +0900[diff] [blame]130 FwmarkConnectInfo connectInfo(ret == 0 ? 0 : connectErrno, latencyMs, addr);
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]131 // TODO: get the netId from the socket mark once we have continuous benchmark runs
132 FwmarkCommand command = {FwmarkCommand::ON_CONNECT_COMPLETE, /* netId (ignored) */ 0,
Chenbo Feng9944ba82017-10-10 17:33:20 -0700[diff] [blame]133 /* uid (filled in by the server) */ 0, 0};
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]134 // Ignore return value since it's only used for logging
135 FwmarkClient().send(&command, sockfd, &connectInfo);
136 }
137 errno = connectErrno;
138 return ret;
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]139}
140
141int netdClientSocket(int domain, int type, int protocol) {
142 int socketFd = libcSocket(domain, type, protocol);
143 if (socketFd == -1) {
144 return -1;
145 }
Lorenzo Colitti6b001262019-01-30 22:43:36 +0900[diff] [blame]146 unsigned netId = netIdForProcess & ~NETID_USE_LOCAL_NAMESERVERS;
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]147 if (netId != NETID_UNSET && FwmarkClient::shouldSetFwmark(domain)) {
Sreeram Ramachandrand36c49c2014-07-02 14:49:33 -0700[diff] [blame]148 if (int error = setNetworkForSocket(netId, socketFd)) {
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]149 return closeFdAndSetErrno(socketFd, error);
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]150 }
151 }
152 return socketFd;
153}
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]154
155unsigned getNetworkForResolv(unsigned netId) {
156 if (netId != NETID_UNSET) {
157 return netId;
158 }
Erik Kline1564d482018-03-07 17:09:35 +0900[diff] [blame]159 // Special case for DNS-over-TLS bypass; b/72345192 .
160 if ((netIdForResolv & ~NETID_USE_LOCAL_NAMESERVERS) != NETID_UNSET) {
161 return netIdForResolv;
162 }
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]163 netId = netIdForProcess;
164 if (netId != NETID_UNSET) {
165 return netId;
166 }
167 return netIdForResolv;
168}
169
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]170int setNetworkForTarget(unsigned netId, std::atomic_uint* target) {
Erik Kline1564d482018-03-07 17:09:35 +0900[diff] [blame]171 const unsigned requestedNetId = netId;
172 netId &= ~NETID_USE_LOCAL_NAMESERVERS;
173
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]174 if (netId == NETID_UNSET) {
175 *target = netId;
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]176 return 0;
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]177 }
178 // Verify that we are allowed to use |netId|, by creating a socket and trying to have it marked
Sreeram Ramachandran27560452014-05-30 19:59:51 -0700[diff] [blame]179 // with the netId. Call libcSocket() directly; else the socket creation (via netdClientSocket())
180 // might itself cause another check with the fwmark server, which would be wasteful.
Luke Huangc5efae92018-11-19 17:45:13 +0800[diff] [blame]181
182 const auto socketFunc = libcSocket ? libcSocket : socket;
183 int socketFd = socketFunc(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]184 if (socketFd < 0) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]185 return -errno;
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]186 }
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]187 int error = setNetworkForSocket(netId, socketFd);
188 if (!error) {
Lorenzo Colitti6b001262019-01-30 22:43:36 +0900[diff] [blame]189 *target = requestedNetId;
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]190 }
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]191 close(socketFd);
192 return error;
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]193}
194
Luke Huangc5efae92018-11-19 17:45:13 +0800[diff] [blame]195int dns_open_proxy() {
196 const char* cache_mode = getenv("ANDROID_DNS_MODE");
197 const bool use_proxy = (cache_mode == NULL || strcmp(cache_mode, "local") != 0);
198 if (!use_proxy) {
199 return -1;
200 }
201
202 const auto socketFunc = libcSocket ? libcSocket : socket;
203 int s = socketFunc(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
204 if (s == -1) {
205 return -1;
206 }
207 const int one = 1;
208 setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
209
210 static const struct sockaddr_un proxy_addr = {
211 .sun_family = AF_UNIX,
212 .sun_path = "/dev/socket/dnsproxyd",
213 };
214
215 const auto connectFunc = libcConnect ? libcConnect : connect;
216 if (TEMP_FAILURE_RETRY(
217 connectFunc(s, (const struct sockaddr*) &proxy_addr, sizeof(proxy_addr))) != 0) {
218 close(s);
219 return -1;
220 }
221
222 return s;
223}
224
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]225auto divCeil(size_t dividend, size_t divisor) {
226 return ((dividend + divisor - 1) / divisor);
227}
228
229// FrameworkListener only does only read() call, and fails if the read doesn't contain \0
230// Do single write here
231int sendData(int fd, const void* buf, size_t size) {
232 if (fd < 0) {
233 return -EBADF;
234 }
235
236 ssize_t rc = TEMP_FAILURE_RETRY(write(fd, (char*) buf, size));
237 if (rc > 0) {
238 return rc;
239 } else if (rc == 0) {
240 return -EIO;
241 } else {
242 return -errno;
243 }
244}
245
246int readData(int fd, void* buf, size_t size) {
247 if (fd < 0) {
248 return -EBADF;
249 }
250
251 size_t current = 0;
252 for (;;) {
253 ssize_t rc = TEMP_FAILURE_RETRY(read(fd, (char*) buf + current, size - current));
254 if (rc > 0) {
255 current += rc;
256 if (current == size) {
257 break;
258 }
259 } else if (rc == 0) {
260 return -EIO;
261 } else {
262 return -errno;
263 }
264 }
265 return 0;
266}
267
268bool readBE32(int fd, int32_t* result) {
269 int32_t tmp;
270 int n = TEMP_FAILURE_RETRY(read(fd, &tmp, sizeof(tmp)));
271 if (n < 0) {
272 return false;
273 }
274 *result = ntohl(tmp);
275 return true;
276}
277
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]278} // namespace
279
Remi NGUYEN VANeabc5da2018-04-24 18:54:58 +0900[diff] [blame]280#define CHECK_SOCKET_IS_MARKABLE(sock) \
281 do { \
282 int err; \
283 if ((err = checkSocket(sock)) != 0) { \
284 return err; \
285 } \
286 } while (false);
287
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]288// accept() just calls accept4(..., 0), so there's no need to handle accept() separately.
289extern "C" void netdClientInitAccept4(Accept4FunctionType* function) {
290 if (function && *function) {
291 libcAccept4 = *function;
292 *function = netdClientAccept4;
293 }
294}
295
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]296extern "C" void netdClientInitConnect(ConnectFunctionType* function) {
297 if (function && *function) {
298 libcConnect = *function;
299 *function = netdClientConnect;
300 }
301}
302
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]303extern "C" void netdClientInitSocket(SocketFunctionType* function) {
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]304 if (function && *function) {
Sreeram Ramachandran5fc27572014-05-21 13:08:34 -0700[diff] [blame]305 libcSocket = *function;
306 *function = netdClientSocket;
Sreeram Ramachandranf4cfad32014-05-21 08:54:07 -0700[diff] [blame]307 }
308}
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]309
310extern "C" void netdClientInitNetIdForResolv(NetIdForResolvFunctionType* function) {
311 if (function) {
312 *function = getNetworkForResolv;
313 }
314}
315
Luke Huangc5efae92018-11-19 17:45:13 +0800[diff] [blame]316extern "C" void netdClientInitDnsOpenProxy(DnsOpenProxyType* function) {
317 if (function) {
318 *function = dns_open_proxy;
319 }
320}
321
Sreeram Ramachandran4d4c8b72014-06-20 11:59:40 -0700[diff] [blame]322extern "C" int getNetworkForSocket(unsigned* netId, int socketFd) {
323 if (!netId || socketFd < 0) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]324 return -EBADF;
Sreeram Ramachandran4d4c8b72014-06-20 11:59:40 -0700[diff] [blame]325 }
326 Fwmark fwmark;
327 socklen_t fwmarkLen = sizeof(fwmark.intValue);
328 if (getsockopt(socketFd, SOL_SOCKET, SO_MARK, &fwmark.intValue, &fwmarkLen) == -1) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]329 return -errno;
Sreeram Ramachandran4d4c8b72014-06-20 11:59:40 -0700[diff] [blame]330 }
331 *netId = fwmark.netId;
332 return 0;
333}
334
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]335extern "C" unsigned getNetworkForProcess() {
Lorenzo Colitti6b001262019-01-30 22:43:36 +0900[diff] [blame]336 return netIdForProcess & ~NETID_USE_LOCAL_NAMESERVERS;
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]337}
338
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]339extern "C" int setNetworkForSocket(unsigned netId, int socketFd) {
Remi NGUYEN VANeabc5da2018-04-24 18:54:58 +0900[diff] [blame]340 CHECK_SOCKET_IS_MARKABLE(socketFd);
Chenbo Feng9944ba82017-10-10 17:33:20 -0700[diff] [blame]341 FwmarkCommand command = {FwmarkCommand::SELECT_NETWORK, netId, 0, 0};
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]342 return FwmarkClient().send(&command, socketFd, nullptr);
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]343}
344
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]345extern "C" int setNetworkForProcess(unsigned netId) {
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]346 return setNetworkForTarget(netId, &netIdForProcess);
347}
348
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]349extern "C" int setNetworkForResolv(unsigned netId) {
Sreeram Ramachandranefbe05d2014-05-21 11:41:39 -0700[diff] [blame]350 return setNetworkForTarget(netId, &netIdForResolv);
351}
Sreeram Ramachandrand794e582014-06-19 10:03:07 -0700[diff] [blame]352
Sreeram Ramachandran31f42102014-06-20 11:51:48 -0700[diff] [blame]353extern "C" int protectFromVpn(int socketFd) {
Sreeram Ramachandrand794e582014-06-19 10:03:07 -0700[diff] [blame]354 if (socketFd < 0) {
Sreeram Ramachandran3a069e62014-06-22 11:02:57 -0700[diff] [blame]355 return -EBADF;
Sreeram Ramachandrand794e582014-06-19 10:03:07 -0700[diff] [blame]356 }
Chenbo Feng9944ba82017-10-10 17:33:20 -0700[diff] [blame]357 FwmarkCommand command = {FwmarkCommand::PROTECT_FROM_VPN, 0, 0, 0};
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]358 return FwmarkClient().send(&command, socketFd, nullptr);
Sreeram Ramachandrana69d9472014-07-11 16:27:02 -0700[diff] [blame]359}
360
361extern "C" int setNetworkForUser(uid_t uid, int socketFd) {
Remi NGUYEN VANeabc5da2018-04-24 18:54:58 +0900[diff] [blame]362 CHECK_SOCKET_IS_MARKABLE(socketFd);
Chenbo Feng9944ba82017-10-10 17:33:20 -0700[diff] [blame]363 FwmarkCommand command = {FwmarkCommand::SELECT_FOR_USER, 0, uid, 0};
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]364 return FwmarkClient().send(&command, socketFd, nullptr);
Paul Jensend1df5972015-05-06 07:29:56 -0400[diff] [blame]365}
366
367extern "C" int queryUserAccess(uid_t uid, unsigned netId) {
Chenbo Feng9944ba82017-10-10 17:33:20 -0700[diff] [blame]368 FwmarkCommand command = {FwmarkCommand::QUERY_USER_ACCESS, netId, uid, 0};
369 return FwmarkClient().send(&command, -1, nullptr);
370}
371
372extern "C" int tagSocket(int socketFd, uint32_t tag, uid_t uid) {
Remi NGUYEN VANeabc5da2018-04-24 18:54:58 +0900[diff] [blame]373 CHECK_SOCKET_IS_MARKABLE(socketFd);
Chenbo Feng9944ba82017-10-10 17:33:20 -0700[diff] [blame]374 FwmarkCommand command = {FwmarkCommand::TAG_SOCKET, 0, uid, tag};
375 return FwmarkClient().send(&command, socketFd, nullptr);
376}
377
378extern "C" int untagSocket(int socketFd) {
Remi NGUYEN VANeabc5da2018-04-24 18:54:58 +0900[diff] [blame]379 CHECK_SOCKET_IS_MARKABLE(socketFd);
Chenbo Feng9944ba82017-10-10 17:33:20 -0700[diff] [blame]380 FwmarkCommand command = {FwmarkCommand::UNTAG_SOCKET, 0, 0, 0};
381 return FwmarkClient().send(&command, socketFd, nullptr);
382}
383
384extern "C" int setCounterSet(uint32_t counterSet, uid_t uid) {
385 FwmarkCommand command = {FwmarkCommand::SET_COUNTERSET, 0, uid, counterSet};
386 return FwmarkClient().send(&command, -1, nullptr);
387}
388
389extern "C" int deleteTagData(uint32_t tag, uid_t uid) {
390 FwmarkCommand command = {FwmarkCommand::DELETE_TAGDATA, 0, uid, tag};
Michal Karpinski4b9b78a2016-10-06 19:33:55 +0100[diff] [blame]391 return FwmarkClient().send(&command, -1, nullptr);
Sreeram Ramachandrand794e582014-06-19 10:03:07 -0700[diff] [blame]392}
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]393
Luke Huang110c54e2018-12-20 14:39:58 +0800[diff] [blame]394extern "C" int resNetworkQuery(unsigned netId, const char* dname, int ns_class, int ns_type,
395 uint32_t flags) {
Luke Huange48fbcb2018-12-17 16:37:33 +0800[diff] [blame]396 std::vector<uint8_t> buf(MAX_CMD_SIZE, 0);
397 int len = res_mkquery(ns_o_query, dname, ns_class, ns_type, nullptr, 0, nullptr, buf.data(),
398 MAX_CMD_SIZE);
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]399
Luke Huang110c54e2018-12-20 14:39:58 +0800[diff] [blame]400 return resNetworkSend(netId, buf.data(), len, flags);
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]401}
402
Luke Huang952d0942018-12-26 16:53:03 +0800[diff] [blame]403extern "C" int resNetworkSend(unsigned netId, const uint8_t* msg, size_t msglen, uint32_t flags) {
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]404 // Encode
405 // Base 64 encodes every 3 bytes into 4 characters, but then adds padding to the next
406 // multiple of 4 and a \0
407 const size_t encodedLen = divCeil(msglen, 3) * 4 + 1;
Luke Huange48fbcb2018-12-17 16:37:33 +0800[diff] [blame]408 std::string encodedQuery(encodedLen - 1, 0);
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]409 int enLen = b64_ntop(msg, msglen, encodedQuery.data(), encodedLen);
410
411 if (enLen < 0) {
412 // Unexpected behavior, encode failed
413 // b64_ntop only fails when size is too long.
414 return -EMSGSIZE;
415 }
416 // Send
417 netId = getNetworkForResolv(netId);
Luke Huang952d0942018-12-26 16:53:03 +0800[diff] [blame]418 const std::string cmd = "resnsend " + std::to_string(netId) + " " + std::to_string(flags) +
419 " " + encodedQuery + '\0';
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]420 if (cmd.size() > MAX_CMD_SIZE) {
421 // Cmd size must less than buffer size of FrameworkListener
422 return -EMSGSIZE;
423 }
424 int fd = dns_open_proxy();
425 if (fd == -1) {
426 return -errno;
427 }
428 ssize_t rc = sendData(fd, cmd.c_str(), cmd.size());
429 if (rc < 0) {
430 close(fd);
431 return rc;
432 }
433 shutdown(fd, SHUT_WR);
434 return fd;
435}
436
Luke Huange48fbcb2018-12-17 16:37:33 +0800[diff] [blame]437extern "C" int resNetworkResult(int fd, int* rcode, uint8_t* answer, size_t anslen) {
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]438 int32_t result = 0;
439 unique_fd ufd(fd);
440 // Read -errno/rcode
441 if (!readBE32(fd, &result)) {
442 // Unexpected behavior, read -errno/rcode fail
443 return -errno;
444 }
445 if (result < 0) {
446 // result < 0, it's -errno
447 return result;
448 }
449 // result >= 0, it's rcode
450 *rcode = result;
451
452 // Read answer
453 int32_t size = 0;
454 if (!readBE32(fd, &size)) {
455 // Unexpected behavior, read ans len fail
456 return -EREMOTEIO;
457 }
Luke Huange48fbcb2018-12-17 16:37:33 +0800[diff] [blame]458 if (anslen < static_cast<size_t>(size)) {
Luke Huangc68f1b92018-11-21 20:13:38 +0800[diff] [blame]459 // Answer buffer is too small
460 return -EMSGSIZE;
461 }
462 int rc = readData(fd, answer, size);
463 if (rc < 0) {
464 // Reading the answer failed.
465 return rc;
466 }
467 return size;
468}
469
470extern "C" void resNetworkCancel(int fd) {
471 close(fd);
Lorenzo Colitti6b001262019-01-30 22:43:36 +0900[diff] [blame]472}