xref: /aosp_15_r20/system/netd/server/NetworkController.h (revision 8542734a0dd1db395a4d42aae09c37f3c3c3e7a1)

/*
 * Copyright (C) 2014 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#pragma once

#include <android-base/thread_annotations.h>
#include <android/multinetwork.h>

#include "NetdConstants.h"
#include "Permission.h"
#include "PhysicalNetwork.h"
#include "UnreachableNetwork.h"
#include "android/net/INetd.h"
#include "netdutils/DumpWriter.h"

#include <sys/types.h>
#include <list>
#include <map>
#include <set>
#include <shared_mutex>
#include <unordered_map>
#include <unordered_set>
#include <vector>

struct android_net_context;

namespace android::net {

typedef std::shared_lock<std::shared_mutex> ScopedRLock;
typedef std::lock_guard<std::shared_mutex> ScopedWLock;

constexpr uint32_t kHandleMagic = 0xcafed00d;

// Utility to convert from netId to net_handle_t. Doing this here as opposed to exporting
// from net.c as it may have NDK implications. Besides no conversion available in net.c for
// obtaining handle given netId.
// TODO: Use getnetidfromhandle() in net.c.
static inline unsigned netHandleToNetId(net_handle_t fromNetHandle) {
    const uint32_t k32BitMask = 0xffffffff;
    // This value MUST be kept in sync with the corresponding value in
    // the android.net.Network#getNetworkHandle() implementation.

    // Check for minimum acceptable version of the API in the low bits.
    if (fromNetHandle != NETWORK_UNSPECIFIED &&
        (fromNetHandle & k32BitMask) != kHandleMagic) {
        return 0;
    }

    return ((fromNetHandle >> (CHAR_BIT * sizeof(k32BitMask))) & k32BitMask);
}

// Utility to convert from nethandle to netid, keep in sync with getNetworkHandle
// in Network.java.
static inline net_handle_t netIdToNetHandle(unsigned fromNetId) {
    if (!fromNetId) {
        return NETWORK_UNSPECIFIED;
    }
    return (((net_handle_t)fromNetId << 32) | kHandleMagic);
}

class Network;
class UidRanges;
class VirtualNetwork;

/*
 * Keeps track of default, per-pid, and per-uid-range network selection, as
 * well as the mark associated with each network. Networks are identified
 * by netid. In all set* commands netid == 0 means "unspecified" and is
 * equivalent to clearing the mapping.
 */
class NetworkController {
public:
    // NetIds 53..98 are reserved for future use.
    static constexpr int MIN_OEM_ID = 1;
    static constexpr int MAX_OEM_ID = 50;
    static constexpr int LOCAL_NET_ID = INetd::LOCAL_NET_ID;
    static constexpr int DUMMY_NET_ID = INetd::DUMMY_NET_ID;
    static constexpr int UNREACHABLE_NET_ID = INetd::UNREACHABLE_NET_ID;

    // Route mode for modify route
    enum RouteOperation { ROUTE_ADD, ROUTE_UPDATE, ROUTE_REMOVE };

    NetworkController();

    unsigned getDefaultNetwork() const;
    [[nodiscard]] int setDefaultNetwork(unsigned netId);

    unsigned getNetworkForUser(uid_t uid) const;
    unsigned getNetworkForConnect(uid_t uid) const;
    void getNetworkContext(unsigned netId, uid_t uid, struct android_net_context* netcontext) const;
    unsigned getNetworkForInterface(const char* interface) const;
    unsigned getNetworkForInterface(const int ifIndex) const;
    bool isVirtualNetwork(unsigned netId) const;

    [[nodiscard]] int createPhysicalNetwork(unsigned netId, Permission permission, bool local);
    [[nodiscard]] int createPhysicalOemNetwork(Permission permission, unsigned* netId);
    [[nodiscard]] int createVirtualNetwork(unsigned netId, bool secure, NativeVpnType vpnType,
                                           bool excludeLocalRoutes);
    [[nodiscard]] int destroyNetwork(unsigned netId);

    [[nodiscard]] int addInterfaceToNetwork(unsigned netId, const char* interface);
    [[nodiscard]] int removeInterfaceFromNetwork(unsigned netId, const char* interface);

    Permission getPermissionForUser(uid_t uid) const;
    void setPermissionForUsers(Permission permission, const std::vector<uid_t>& uids);
    int checkUserNetworkAccess(uid_t uid, unsigned netId) const;
    [[nodiscard]] int setPermissionForNetworks(Permission permission,
                                               const std::vector<unsigned>& netIds);

    [[nodiscard]] int addUsersToNetwork(unsigned netId, const UidRanges& uidRanges,
                                        int32_t subPriority);
    [[nodiscard]] int removeUsersFromNetwork(unsigned netId, const UidRanges& uidRanges,
                                             int32_t subPriority);

    // |nexthop| can be NULL (to indicate a directly-connected route), "unreachable" (to indicate a
    // route that's blocked), "throw" (to indicate the lack of a match), or a regular IP address.
    //
    // Routes are added to tables determined by the interface, so only |interface| is actually used.
    // |netId| is given only to sanity check that the interface has the correct netId.
    [[nodiscard]] int addRoute(unsigned netId, const char* interface, const char* destination,
                               const char* nexthop, bool legacy, uid_t uid, int mtu);
    [[nodiscard]] int updateRoute(unsigned netId, const char* interface, const char* destination,
                                  const char* nexthop, bool legacy, uid_t uid, int mtu);
    [[nodiscard]] int removeRoute(unsigned netId, const char* interface, const char* destination,
                                  const char* nexthop, bool legacy, uid_t uid);

    // Notes that the specified address has appeared on the specified interface.
    void addInterfaceAddress(unsigned ifIndex, const char* address);
    // Notes that the specified address has been removed from the specified interface.
    // Returns true if we should destroy sockets on this address.
    bool removeInterfaceAddress(unsigned ifIndex, const char* address);

    bool canProtect(uid_t uid, unsigned netId) const;
    int allowProtect(uid_t uid, unsigned netId);
    int denyProtect(uid_t uid, unsigned netId);

    void dump(netdutils::DumpWriter& dw);
    int setNetworkAllowlist(const std::vector<netd::aidl::NativeUidRangeConfig>& rangeConfigs);
    bool isUidAllowed(unsigned netId, uid_t uid) const;

  private:
    bool isValidNetworkLocked(unsigned netId) const;
    Network* getNetworkLocked(unsigned netId) const;

    // Sets |*netId| to an appropriate NetId to use for DNS for the given user. Call with |*netId|
    // set to a non-NETID_UNSET value if the user already has indicated a preference. Returns the
    // fwmark value to set on the socket when performing the DNS request.
    uint32_t getNetworkForDnsLocked(unsigned* netId, uid_t uid) const;
    unsigned getNetworkForConnectLocked(uid_t uid) const;
    unsigned getNetworkForInterfaceLocked(const char* interface) const;
    unsigned getNetworkForInterfaceLocked(const int ifIndex) const;
    bool isProtectableLocked(uid_t uid, unsigned netId) const;
    bool canProtectLocked(uid_t uid, unsigned netId) const;
    bool isVirtualNetworkLocked(unsigned netId) const;
    VirtualNetwork* getVirtualNetworkForUserLocked(uid_t uid) const;
    Network* getPhysicalOrUnreachableNetworkForUserLocked(uid_t uid) const;
    Permission getPermissionForUserLocked(uid_t uid) const;
    int checkUserNetworkAccessLocked(uid_t uid, unsigned netId) const;
    [[nodiscard]] int createPhysicalNetworkLocked(unsigned netId, Permission permission,
                                                  bool local);

    [[nodiscard]] int modifyRoute(unsigned netId, const char* interface, const char* destination,
                                  const char* nexthop, RouteOperation op, bool legacy, uid_t uid,
                                  int mtu);
    [[nodiscard]] int modifyFallthroughLocked(unsigned vpnNetId, bool add);
    void updateTcpSocketMonitorPolling();
    void clearAllowedUidsForAllNetworksLocked();

    class DelegateImpl;
    DelegateImpl* const mDelegateImpl;

    // mRWLock guards all accesses to mDefaultNetId, mNetworks, mUsers, mProtectableUsers,
    // mIfindexToLastNetId and mAddressToIfindices.
    mutable std::shared_mutex mRWLock;
    unsigned mDefaultNetId;
    std::map<unsigned, Network*> mNetworks;  // Map keys are NetIds.
    std::map<uid_t, Permission> mUsers;
    // Set of <UID, netId> pairs that specify which UIDs can protect sockets and bypass
    // VPNs. For each pair:
    //
    // - If the netId is NETID_UNSET, then the UID can call protectFromVpn and can
    //   bypass VPNs by explicitly selecting any network.
    // - Otherwise, the UID can bypass VPNs only by explicitly selecting the specified
    //   network, and cannot call protectFromVpn on its sockets.
    std::set<std::pair<uid_t, unsigned>> mProtectableUsers;
    // Map interface (ifIndex) to its current NetId, or the last NetId if the interface was removed
    // from the network and not added to another network. This state facilitates the interface to
    // NetId lookup during RTM_DELADDR (NetworkController::removeInterfaceAddress), when the
    // interface in question might already have been removed from the network.
    // An interface is added to this map when it is added to a network and removed from this map
    // when its network is destroyed.
    std::unordered_map<unsigned, unsigned> mIfindexToLastNetId;
    // Map IP address to the list of active interfaces (ifIndex) that have that address.
    // Also contains IP addresses configured on interfaces that have not been added to any network.
    // TODO: Does not track IP addresses present when netd is started or restarts after a crash.
    // This is not a problem for its intended use (tracking IP addresses on VPN interfaces), but
    // we should fix it.
    std::unordered_map<std::string, std::unordered_set<unsigned>> mAddressToIfindices;

};

}  // namespace android::net