xref: /aosp_15_r20/system/netd/server/Network.cpp (revision 8542734a0dd1db395a4d42aae09c37f3c3c3e7a1) 
1*8542734aSAndroid Build Coastguard Worker /*
2*8542734aSAndroid Build Coastguard Worker  * Copyright (C) 2014 The Android Open Source Project
3*8542734aSAndroid Build Coastguard Worker  *
4*8542734aSAndroid Build Coastguard Worker  * Licensed under the Apache License, Version 2.0 (the "License");
5*8542734aSAndroid Build Coastguard Worker  * you may not use this file except in compliance with the License.
6*8542734aSAndroid Build Coastguard Worker  * You may obtain a copy of the License at
7*8542734aSAndroid Build Coastguard Worker  *
8*8542734aSAndroid Build Coastguard Worker  *      http://www.apache.org/licenses/LICENSE-2.0
9*8542734aSAndroid Build Coastguard Worker  *
10*8542734aSAndroid Build Coastguard Worker  * Unless required by applicable law or agreed to in writing, software
11*8542734aSAndroid Build Coastguard Worker  * distributed under the License is distributed on an "AS IS" BASIS,
12*8542734aSAndroid Build Coastguard Worker  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13*8542734aSAndroid Build Coastguard Worker  * See the License for the specific language governing permissions and
14*8542734aSAndroid Build Coastguard Worker  * limitations under the License.
15*8542734aSAndroid Build Coastguard Worker  */
16*8542734aSAndroid Build Coastguard Worker #define LOG_TAG "Netd"
17*8542734aSAndroid Build Coastguard Worker 
18*8542734aSAndroid Build Coastguard Worker #include "Network.h"
19*8542734aSAndroid Build Coastguard Worker 
20*8542734aSAndroid Build Coastguard Worker #include "RouteController.h"
21*8542734aSAndroid Build Coastguard Worker #include "SockDiag.h"
22*8542734aSAndroid Build Coastguard Worker #include "log/log.h"
23*8542734aSAndroid Build Coastguard Worker 
24*8542734aSAndroid Build Coastguard Worker #include <android-base/strings.h>
25*8542734aSAndroid Build Coastguard Worker #include <sstream>
26*8542734aSAndroid Build Coastguard Worker 
27*8542734aSAndroid Build Coastguard Worker namespace android {
28*8542734aSAndroid Build Coastguard Worker namespace net {
29*8542734aSAndroid Build Coastguard Worker 
~Network()30*8542734aSAndroid Build Coastguard Worker Network::~Network() {
31*8542734aSAndroid Build Coastguard Worker     if (!mInterfaces.empty()) {
32*8542734aSAndroid Build Coastguard Worker         ALOGE("deleting network with netId %u without clearing its interfaces", mNetId);
33*8542734aSAndroid Build Coastguard Worker     }
34*8542734aSAndroid Build Coastguard Worker }
35*8542734aSAndroid Build Coastguard Worker 
getNetId() const36*8542734aSAndroid Build Coastguard Worker unsigned Network::getNetId() const {
37*8542734aSAndroid Build Coastguard Worker     return mNetId;
38*8542734aSAndroid Build Coastguard Worker }
39*8542734aSAndroid Build Coastguard Worker 
hasInterface(const std::string & interface) const40*8542734aSAndroid Build Coastguard Worker bool Network::hasInterface(const std::string& interface) const {
41*8542734aSAndroid Build Coastguard Worker     return mInterfaces.find(interface) != mInterfaces.end();
42*8542734aSAndroid Build Coastguard Worker }
43*8542734aSAndroid Build Coastguard Worker 
getInterfaces() const44*8542734aSAndroid Build Coastguard Worker const std::set<std::string>& Network::getInterfaces() const {
45*8542734aSAndroid Build Coastguard Worker     return mInterfaces;
46*8542734aSAndroid Build Coastguard Worker }
47*8542734aSAndroid Build Coastguard Worker 
clearInterfaces()48*8542734aSAndroid Build Coastguard Worker int Network::clearInterfaces() {
49*8542734aSAndroid Build Coastguard Worker     while (!mInterfaces.empty()) {
50*8542734aSAndroid Build Coastguard Worker         // Make a copy of the string, so removeInterface() doesn't lose its parameter when it
51*8542734aSAndroid Build Coastguard Worker         // removes the string from the set.
52*8542734aSAndroid Build Coastguard Worker         std::string interface = *mInterfaces.begin();
53*8542734aSAndroid Build Coastguard Worker         if (int ret = removeInterface(interface)) {
54*8542734aSAndroid Build Coastguard Worker             return ret;
55*8542734aSAndroid Build Coastguard Worker         }
56*8542734aSAndroid Build Coastguard Worker     }
57*8542734aSAndroid Build Coastguard Worker     return 0;
58*8542734aSAndroid Build Coastguard Worker }
59*8542734aSAndroid Build Coastguard Worker 
toString() const60*8542734aSAndroid Build Coastguard Worker std::string Network::toString() const {
61*8542734aSAndroid Build Coastguard Worker     const char kSeparator[] = " ";
62*8542734aSAndroid Build Coastguard Worker     std::stringstream repr;
63*8542734aSAndroid Build Coastguard Worker 
64*8542734aSAndroid Build Coastguard Worker     repr << mNetId << kSeparator << getTypeString();
65*8542734aSAndroid Build Coastguard Worker 
66*8542734aSAndroid Build Coastguard Worker     if (mInterfaces.size() > 0) {
67*8542734aSAndroid Build Coastguard Worker         repr << kSeparator << android::base::Join(mInterfaces, ",");
68*8542734aSAndroid Build Coastguard Worker     }
69*8542734aSAndroid Build Coastguard Worker 
70*8542734aSAndroid Build Coastguard Worker     return repr.str();
71*8542734aSAndroid Build Coastguard Worker }
72*8542734aSAndroid Build Coastguard Worker 
uidRangesToString() const73*8542734aSAndroid Build Coastguard Worker std::string Network::uidRangesToString() const {
74*8542734aSAndroid Build Coastguard Worker     if (mUidRangeMap.empty()) {
75*8542734aSAndroid Build Coastguard Worker         return "";
76*8542734aSAndroid Build Coastguard Worker     }
77*8542734aSAndroid Build Coastguard Worker 
78*8542734aSAndroid Build Coastguard Worker     std::ostringstream result;
79*8542734aSAndroid Build Coastguard Worker     for (auto it = mUidRangeMap.begin(); it != mUidRangeMap.end(); ++it) {
80*8542734aSAndroid Build Coastguard Worker         result << "prio " << it->first << " " << it->second.toString();
81*8542734aSAndroid Build Coastguard Worker         if (std::next(it) != mUidRangeMap.end()) result << "; ";
82*8542734aSAndroid Build Coastguard Worker     }
83*8542734aSAndroid Build Coastguard Worker     return result.str();
84*8542734aSAndroid Build Coastguard Worker }
85*8542734aSAndroid Build Coastguard Worker 
allowedUidsToString() const86*8542734aSAndroid Build Coastguard Worker std::string Network::allowedUidsToString() const {
87*8542734aSAndroid Build Coastguard Worker     if (!mAllowedUids) {
88*8542734aSAndroid Build Coastguard Worker         return "unrestricted";
89*8542734aSAndroid Build Coastguard Worker     }
90*8542734aSAndroid Build Coastguard Worker     return mAllowedUids->toString();
91*8542734aSAndroid Build Coastguard Worker }
92*8542734aSAndroid Build Coastguard Worker 
93*8542734aSAndroid Build Coastguard Worker // Check if the user has been added to this network. If yes, the highest priority of matching
94*8542734aSAndroid Build Coastguard Worker // setting is returned by subPriority. Thus caller can make choice among several matching
95*8542734aSAndroid Build Coastguard Worker // networks.
appliesToUser(uid_t uid,int32_t * subPriority) const96*8542734aSAndroid Build Coastguard Worker bool Network::appliesToUser(uid_t uid, int32_t* subPriority) const {
97*8542734aSAndroid Build Coastguard Worker     for (const auto& [priority, uidRanges] : mUidRangeMap) {
98*8542734aSAndroid Build Coastguard Worker         if (uidRanges.hasUid(uid)) {
99*8542734aSAndroid Build Coastguard Worker             *subPriority = priority;
100*8542734aSAndroid Build Coastguard Worker             return true;
101*8542734aSAndroid Build Coastguard Worker         }
102*8542734aSAndroid Build Coastguard Worker     }
103*8542734aSAndroid Build Coastguard Worker     return false;
104*8542734aSAndroid Build Coastguard Worker }
105*8542734aSAndroid Build Coastguard Worker 
addToUidRangeMap(const UidRanges & uidRanges,int32_t subPriority)106*8542734aSAndroid Build Coastguard Worker void Network::addToUidRangeMap(const UidRanges& uidRanges, int32_t subPriority) {
107*8542734aSAndroid Build Coastguard Worker     auto iter = mUidRangeMap.find(subPriority);
108*8542734aSAndroid Build Coastguard Worker     if (iter != mUidRangeMap.end()) {
109*8542734aSAndroid Build Coastguard Worker         iter->second.add(uidRanges);
110*8542734aSAndroid Build Coastguard Worker     } else {
111*8542734aSAndroid Build Coastguard Worker         mUidRangeMap[subPriority] = uidRanges;
112*8542734aSAndroid Build Coastguard Worker     }
113*8542734aSAndroid Build Coastguard Worker }
114*8542734aSAndroid Build Coastguard Worker 
removeFromUidRangeMap(const UidRanges & uidRanges,int32_t subPriority)115*8542734aSAndroid Build Coastguard Worker void Network::removeFromUidRangeMap(const UidRanges& uidRanges, int32_t subPriority) {
116*8542734aSAndroid Build Coastguard Worker     auto iter = mUidRangeMap.find(subPriority);
117*8542734aSAndroid Build Coastguard Worker     if (iter != mUidRangeMap.end()) {
118*8542734aSAndroid Build Coastguard Worker         iter->second.remove(uidRanges);
119*8542734aSAndroid Build Coastguard Worker         if (iter->second.empty()) {
120*8542734aSAndroid Build Coastguard Worker             mUidRangeMap.erase(subPriority);
121*8542734aSAndroid Build Coastguard Worker         }
122*8542734aSAndroid Build Coastguard Worker     } else {
123*8542734aSAndroid Build Coastguard Worker         ALOGW("uidRanges with priority %d not found", subPriority);
124*8542734aSAndroid Build Coastguard Worker     }
125*8542734aSAndroid Build Coastguard Worker }
126*8542734aSAndroid Build Coastguard Worker 
clearAllowedUids()127*8542734aSAndroid Build Coastguard Worker void Network::clearAllowedUids() {
128*8542734aSAndroid Build Coastguard Worker     mAllowedUids.reset();
129*8542734aSAndroid Build Coastguard Worker }
130*8542734aSAndroid Build Coastguard Worker 
setAllowedUids(const UidRanges & uidRanges)131*8542734aSAndroid Build Coastguard Worker void Network::setAllowedUids(const UidRanges& uidRanges) {
132*8542734aSAndroid Build Coastguard Worker     mAllowedUids = uidRanges;
133*8542734aSAndroid Build Coastguard Worker }
134*8542734aSAndroid Build Coastguard Worker 
isUidAllowed(uid_t uid)135*8542734aSAndroid Build Coastguard Worker bool Network::isUidAllowed(uid_t uid) {
136*8542734aSAndroid Build Coastguard Worker     return !mAllowedUids || mAllowedUids->hasUid(uid);
137*8542734aSAndroid Build Coastguard Worker }
138*8542734aSAndroid Build Coastguard Worker 
canAddUidRanges(const UidRanges & uidRanges) const139*8542734aSAndroid Build Coastguard Worker bool Network::canAddUidRanges(const UidRanges& uidRanges) const {
140*8542734aSAndroid Build Coastguard Worker     if (uidRanges.overlapsSelf()) {
141*8542734aSAndroid Build Coastguard Worker         ALOGE("uid range %s overlaps self", uidRanges.toString().c_str());
142*8542734aSAndroid Build Coastguard Worker         return false;
143*8542734aSAndroid Build Coastguard Worker     }
144*8542734aSAndroid Build Coastguard Worker 
145*8542734aSAndroid Build Coastguard Worker     return true;
146*8542734aSAndroid Build Coastguard Worker }
147*8542734aSAndroid Build Coastguard Worker 
isSecure() const148*8542734aSAndroid Build Coastguard Worker bool Network::isSecure() const {
149*8542734aSAndroid Build Coastguard Worker     return mSecure;
150*8542734aSAndroid Build Coastguard Worker }
151*8542734aSAndroid Build Coastguard Worker 
Network(unsigned netId,bool secure)152*8542734aSAndroid Build Coastguard Worker Network::Network(unsigned netId, bool secure) : mNetId(netId), mSecure(secure) {}
153*8542734aSAndroid Build Coastguard Worker 
154*8542734aSAndroid Build Coastguard Worker }  // namespace net
155*8542734aSAndroid Build Coastguard Worker }  // namespace android
156