1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "net_policy_rule.h"
17
18 #include "net_mgr_log_wrapper.h"
19
20 namespace OHOS {
21 namespace NetManagerStandard {
22 NetPolicyRule::NetPolicyRule() = default;
23
Init()24 void NetPolicyRule::Init()
25 {
26 // Init uid、policy and background allow status from file,and save uid、policy into uidPolicyRules_.
27 NETMGR_LOG_I("Start init uid and policy.");
28 const auto &uidsPolicies = GetFileInst()->GetNetPolicies();
29 backgroundAllow_ = GetFileInst()->GetBackgroundPolicy();
30
31 for (const auto &i : uidsPolicies) {
32 auto uid = CommonUtils::StrToUint(i.uid.c_str());
33 auto policy = CommonUtils::StrToUint(i.policy.c_str());
34 uidPolicyRules_[uid] = {.policy_ = policy};
35 TransPolicyToRule(uid, policy);
36 }
37 }
38
TransPolicyToRule()39 void NetPolicyRule::TransPolicyToRule()
40 {
41 // When system status is changed,traverse uidPolicyRules_ to calculate the rule and netsys.
42 for (const auto &[uid, policy] : uidPolicyRules_) {
43 TransPolicyToRule(uid, policy.policy_);
44 }
45 }
46
TransPolicyToRule(uint32_t uid)47 void NetPolicyRule::TransPolicyToRule(uint32_t uid)
48 {
49 uint32_t policy;
50 const auto &itr = uidPolicyRules_.find(uid);
51 if (itr == uidPolicyRules_.end()) {
52 policy = NET_POLICY_NONE;
53 } else {
54 policy = itr->second.policy_;
55 }
56 NETMGR_LOG_D("TransPolicyToRule only with uid value: uid[%{public}u] policy[%{public}u]", uid, policy);
57 TransPolicyToRule(uid, policy);
58 return;
59 }
60
TransPolicyToRule(uint32_t uid,uint32_t policy)61 int32_t NetPolicyRule::TransPolicyToRule(uint32_t uid, uint32_t policy)
62 {
63 if (!IsValidNetPolicy(policy)) {
64 return POLICY_ERR_INVALID_POLICY;
65 }
66 NetmanagerHiTrace::NetmanagerStartSyncTrace("TransPolicyToRule start");
67 auto policyRule = uidPolicyRules_.find(uid);
68 if (policyRule == uidPolicyRules_.end()) {
69 NETMGR_LOG_D("Don't find this uid, need to add uid:[%{public}u] policy[%{public}u].", uid, policy);
70 uidPolicyRules_[uid] = {.policy_ = policy};
71 GetCbInst()->NotifyNetUidPolicyChange(uid, policy);
72 } else {
73 if (policyRule->second.policy_ != policy) {
74 NETMGR_LOG_D("Update policy's value.uid:[%{public}u] policy[%{public}u]", uid, policy);
75 policyRule->second.policy_ = policy;
76 GetCbInst()->NotifyNetUidPolicyChange(uid, policy);
77 }
78 }
79
80 auto policyCondition = BuildTransCondition(uid, policy);
81 TransConditionToRuleAndNetsys(policyCondition, uid, policy);
82 NetmanagerHiTrace::NetmanagerFinishSyncTrace("TransPolicyToRule end");
83 return NETMANAGER_SUCCESS;
84 }
85
BuildTransCondition(uint32_t uid,uint32_t policy)86 uint32_t NetPolicyRule::BuildTransCondition(uint32_t uid, uint32_t policy)
87 {
88 // Integrate status values, the result of policyCondition will be use in TransConditionToRuleAndNetsys.
89 uint32_t policyCondition = ChangePolicyToPolicyTransitionCondition(policy);
90
91 if (IsIdleMode()) {
92 policyCondition |= POLICY_TRANS_CONDITION_IDLE_MODE;
93 }
94 if (InIdleAllowedList(uid)) {
95 policyCondition |= POLICY_TRANS_CONDITION_IDLE_ALLOWEDLIST;
96 }
97 if (IsLimitByAdmin()) {
98 policyCondition |= POLICY_TRANS_CONDITION_ADMIN_RESTRICT;
99 }
100 if (IsPowerSave()) {
101 policyCondition |= POLICY_TRANS_CONDITION_POWERSAVE_MODE;
102 }
103 if (InPowerSaveAllowedList(uid)) {
104 policyCondition |= POLICY_TRANS_CONDITION_POWERSAVE_ALLOWEDLIST;
105 }
106 if (IsLimitedBackground()) {
107 policyCondition |= POLICY_TRANS_CONDITION_BACKGROUND_RESTRICT;
108 }
109 if (IsForeground(uid)) {
110 policyCondition |= POLICY_TRANS_CONDITION_FOREGROUND;
111 }
112 NETMGR_LOG_D("BuildTransCondition uid[%{public}u] policy[%{public}u]", uid, policy);
113 return policyCondition;
114 }
115
TransConditionToRuleAndNetsys(uint32_t policyCondition,uint32_t uid,uint32_t policy)116 void NetPolicyRule::TransConditionToRuleAndNetsys(uint32_t policyCondition, uint32_t uid, uint32_t policy)
117 {
118 uint32_t conditionValue = GetMatchTransCondition(policyCondition);
119
120 auto rule = MoveToRuleBit(conditionValue & POLICY_TRANS_RULE_MASK);
121 NETMGR_LOG_D("NetPolicyRule->uid:[%{public}u] policy:[%{public}u] rule:[%{public}u] policyCondition[%{public}u]",
122 uid, policy, rule, policyCondition);
123 auto policyRuleNetsys = uidPolicyRules_.find(uid)->second;
124 auto netsys = conditionValue & POLICY_TRANS_NET_CTRL_MASK;
125
126 if (policyRuleNetsys.netsys_ != netsys) {
127 NetsysCtrl(uid, netsys);
128 policyRuleNetsys.netsys_ = netsys;
129 } else {
130 NETMGR_LOG_I("Same netsys and uid ,don't need to do others.now netsys is: [%{public}u]", netsys);
131 }
132
133 GetFileInst()->WriteFile(uid, policy);
134
135 if (policyRuleNetsys.rule_ == rule) {
136 NETMGR_LOG_D("Same rule and uid ,don't need to do others.uid is:[%{public}u] rule is:[%{public}u]", uid, rule);
137 return;
138 }
139
140 policyRuleNetsys.rule_ = rule;
141 GetCbInst()->NotifyNetUidRuleChange(uid, rule);
142 }
143
GetMatchTransCondition(uint32_t policyCondition)144 uint32_t NetPolicyRule::GetMatchTransCondition(uint32_t policyCondition)
145 {
146 for (const auto &i : POLICY_TRANS_MAP) {
147 auto condition = MoveToConditionBit(i & POLICY_TRANS_CONDITION_MASK);
148 if ((policyCondition & condition) == condition) {
149 NETMGR_LOG_D("GetMatchTransCondition condition: %{public}d.", i);
150 return i;
151 }
152 }
153 return POLICY_TRANS_MAP.back();
154 }
155
NetsysCtrl(uint32_t uid,uint32_t netsysCtrl)156 void NetPolicyRule::NetsysCtrl(uint32_t uid, uint32_t netsysCtrl)
157 {
158 switch (netsysCtrl) {
159 case POLICY_TRANS_CTRL_NONE:
160 NETMGR_LOG_D("Don't need to do anything,keep now status.");
161 break;
162 case POLICY_TRANS_CTRL_REMOVE_ALL:
163 GetNetsysInst()->BandwidthRemoveAllowedList(uid);
164 GetNetsysInst()->BandwidthRemoveDeniedList(uid);
165 break;
166 case POLICY_TRANS_CTRL_ADD_DENIEDLIST:
167 GetNetsysInst()->BandwidthAddDeniedList(uid);
168 GetNetsysInst()->BandwidthRemoveAllowedList(uid);
169 break;
170 case POLICY_TRANS_CTRL_ADD_ALLOWEDLIST:
171 GetNetsysInst()->BandwidthRemoveDeniedList(uid);
172 GetNetsysInst()->BandwidthAddAllowedList(uid);
173 break;
174 default:
175 NETMGR_LOG_E("Error netsysCtrl value, need to check");
176 break;
177 }
178 NETMGR_LOG_D("uid:[%{public}u] netsysCtrl: [%{public}u]", uid, netsysCtrl);
179 }
180
MoveToConditionBit(uint32_t value)181 uint32_t NetPolicyRule::MoveToConditionBit(uint32_t value)
182 {
183 return value >> CONDITION_START_BIT;
184 }
185
MoveToRuleBit(uint32_t value)186 uint32_t NetPolicyRule::MoveToRuleBit(uint32_t value)
187 {
188 return value >> RULE_START_BIT;
189 }
190
ChangePolicyToPolicyTransitionCondition(uint32_t policy)191 uint32_t NetPolicyRule::ChangePolicyToPolicyTransitionCondition(uint32_t policy)
192 {
193 if (policy == NET_POLICY_NONE) {
194 return POLICY_TRANS_CONDITION_UID_POLICY_NONE;
195 }
196 return policy << 1;
197 }
198
GetPolicyByUid(uint32_t uid,uint32_t & policy)199 int32_t NetPolicyRule::GetPolicyByUid(uint32_t uid, uint32_t &policy)
200 {
201 auto policyRule = uidPolicyRules_.find(uid);
202 if (policyRule == uidPolicyRules_.end()) {
203 NETMGR_LOG_D("Can't find uid:[%{public}u] and its policy, return default value.", uid);
204 policy = NET_POLICY_NONE;
205 return POLICY_ERR_QUOTA_POLICY_NOT_EXIST;
206 }
207 policy = policyRule->second.policy_;
208 return NETMANAGER_SUCCESS;
209 }
210
GetUidsByPolicy(uint32_t policy,std::vector<uint32_t> & uids)211 int32_t NetPolicyRule::GetUidsByPolicy(uint32_t policy, std::vector<uint32_t> &uids)
212 {
213 if (!IsValidNetPolicy(policy)) {
214 return POLICY_ERR_INVALID_POLICY;
215 }
216 NETMGR_LOG_I("GetUidsByPolicy:policy:[%{public}u]", policy);
217 for (auto &iter : uidPolicyRules_) {
218 if (iter.second.policy_ == policy) {
219 uids.push_back(iter.first);
220 }
221 }
222 return NETMANAGER_SUCCESS;
223 }
224
IsUidNetAllowed(uint32_t uid,bool metered,bool & isAllowed)225 int32_t NetPolicyRule::IsUidNetAllowed(uint32_t uid, bool metered, bool &isAllowed)
226 {
227 NETMGR_LOG_D("IsUidNetAllowed:uid[%{public}u] metered:[%{public}d]", uid, metered);
228 uint32_t rule = NetUidRule::NET_RULE_NONE;
229 auto iter = uidPolicyRules_.find(uid);
230 if (iter != uidPolicyRules_.end()) {
231 rule = iter->second.rule_;
232 }
233
234 if (rule == NetUidRule::NET_RULE_REJECT_ALL) {
235 isAllowed = false;
236 return NETMANAGER_SUCCESS;
237 }
238
239 if (!metered) {
240 isAllowed = true;
241 return NETMANAGER_SUCCESS;
242 }
243
244 if (rule == NetUidRule::NET_RULE_REJECT_METERED) {
245 isAllowed = false;
246 return NETMANAGER_SUCCESS;
247 }
248
249 if (rule == NetUidRule::NET_RULE_ALLOW_METERED) {
250 isAllowed = true;
251 return NETMANAGER_SUCCESS;
252 }
253
254 if (rule == NetUidRule::NET_RULE_ALLOW_METERED_FOREGROUND) {
255 isAllowed = true;
256 return NETMANAGER_SUCCESS;
257 }
258
259 if (!backgroundAllow_) {
260 isAllowed = false;
261 return NETMANAGER_SUCCESS;
262 }
263
264 isAllowed = true;
265 return NETMANAGER_SUCCESS;
266 }
267
SetBackgroundPolicy(bool allow)268 int32_t NetPolicyRule::SetBackgroundPolicy(bool allow)
269 {
270 if (backgroundAllow_ != allow) {
271 GetCbInst()->NotifyNetBackgroundPolicyChange(allow);
272 backgroundAllow_ = allow;
273 TransPolicyToRule();
274 GetFileInst()->SetBackgroundPolicy(allow);
275 NetmanagerHiTrace::NetmanagerStartSyncTrace("SetBackgroundPolicy policy start");
276 GetNetsysInst()->BandwidthEnableDataSaver(!allow);
277 NetmanagerHiTrace::NetmanagerFinishSyncTrace("SetBackgroundPolicy policy end");
278 return NETMANAGER_SUCCESS;
279 }
280 NETMGR_LOG_I("Same background policy,don't need to repeat set. now background policy is:[%{public}d]", allow);
281 return NETMANAGER_ERR_PARAMETER_ERROR;
282 }
283
GetBackgroundPolicyByUid(uint32_t uid,uint32_t & backgroundPolicyOfUid)284 int32_t NetPolicyRule::GetBackgroundPolicyByUid(uint32_t uid, uint32_t &backgroundPolicyOfUid)
285 {
286 uint32_t policy;
287 GetPolicyByUid(uid, policy);
288 NETMGR_LOG_D("GetBackgroundPolicyByUid GetPolicyByUid uid: %{public}u policy: %{public}u.", uid, policy);
289 if ((policy & NET_POLICY_REJECT_METERED_BACKGROUND) != 0) {
290 backgroundPolicyOfUid = NET_BACKGROUND_POLICY_DISABLE;
291 return NETMANAGER_SUCCESS;
292 }
293
294 if (backgroundAllow_) {
295 backgroundPolicyOfUid = NET_BACKGROUND_POLICY_ENABLE;
296 return NETMANAGER_SUCCESS;
297 }
298
299 if ((policy & NET_POLICY_ALLOW_METERED_BACKGROUND) != 0) {
300 backgroundPolicyOfUid = NET_BACKGROUND_POLICY_ALLOWEDLIST;
301 return NETMANAGER_SUCCESS;
302 }
303 backgroundPolicyOfUid = NET_BACKGROUND_POLICY_DISABLE;
304 return NETMANAGER_SUCCESS;
305 }
306
ResetPolicies()307 int32_t NetPolicyRule::ResetPolicies()
308 {
309 NETMGR_LOG_I("Reset uids-policies and backgroundpolicy");
310 for (auto iter : uidPolicyRules_) {
311 TransPolicyToRule(iter.first, NetUidPolicy::NET_POLICY_NONE);
312 }
313 return SetBackgroundPolicy(true);
314 }
315
GetBackgroundPolicy(bool & backgroundPolicy)316 int32_t NetPolicyRule::GetBackgroundPolicy(bool &backgroundPolicy)
317 {
318 NETMGR_LOG_I("GetBackgroundPolicy:backgroundAllow_[%{public}d", backgroundAllow_);
319 backgroundPolicy = backgroundAllow_;
320 return NETMANAGER_SUCCESS;
321 }
322
IsIdleMode()323 bool NetPolicyRule::IsIdleMode()
324 {
325 NETMGR_LOG_D("IsIdleMode:deviceIdleMode_[%{public}d", deviceIdleMode_);
326 return deviceIdleMode_;
327 }
328
InIdleAllowedList(uint32_t uid)329 bool NetPolicyRule::InIdleAllowedList(uint32_t uid)
330 {
331 if (std::find(deviceIdleAllowedList_.begin(), deviceIdleAllowedList_.end(), uid) != deviceIdleAllowedList_.end()) {
332 return true;
333 }
334 return false;
335 }
336
IsLimitByAdmin()337 bool NetPolicyRule::IsLimitByAdmin()
338 {
339 // to judge if limit by admin.
340 return false;
341 }
342
IsForeground(uint32_t uid)343 bool NetPolicyRule::IsForeground(uint32_t uid)
344 {
345 // to judge if this uid is foreground.
346 return false;
347 }
348
IsPowerSave()349 bool NetPolicyRule::IsPowerSave()
350 {
351 // to judge if in power save mode.
352 return false;
353 }
354
InPowerSaveAllowedList(uint32_t uid)355 bool NetPolicyRule::InPowerSaveAllowedList(uint32_t uid)
356 {
357 // to judge this uid if in power save allow list.
358 return false;
359 }
360
IsLimitedBackground()361 bool NetPolicyRule::IsLimitedBackground()
362 {
363 return !backgroundAllow_;
364 }
365
DeleteUid(uint32_t uid)366 void NetPolicyRule::DeleteUid(uint32_t uid)
367 {
368 NETMGR_LOG_D("DeleteUid:uid[%{public}u]", uid);
369
370 const auto &it = std::find_if(uidPolicyRules_.begin(), uidPolicyRules_.end(),
371 [&uid](const auto &pair) { return pair.first == uid; });
372 if (it != uidPolicyRules_.end()) {
373 uidPolicyRules_.erase(it);
374 }
375
376 GetNetsysInst()->BandwidthRemoveDeniedList(uid);
377 GetNetsysInst()->BandwidthRemoveAllowedList(uid);
378 }
379
HandleEvent(int32_t eventId,const std::shared_ptr<PolicyEvent> & policyEvent)380 void NetPolicyRule::HandleEvent(int32_t eventId, const std::shared_ptr<PolicyEvent> &policyEvent)
381 {
382 switch (eventId) {
383 case NetPolicyEventHandler::MSG_DEVICE_IDLE_LIST_UPDATED:
384 deviceIdleAllowedList_ = policyEvent->deviceIdleList;
385 break;
386 case NetPolicyEventHandler::MSG_DEVICE_IDLE_MODE_CHANGED:
387 deviceIdleMode_ = policyEvent->deviceIdleMode;
388 TransPolicyToRule();
389 break;
390 case NetPolicyEventHandler::MSG_UID_REMOVED:
391 DeleteUid(policyEvent->deletedUid);
392 break;
393 default:
394 break;
395 }
396 }
397
IsValidNetPolicy(uint32_t policy)398 bool NetPolicyRule::IsValidNetPolicy(uint32_t policy)
399 {
400 switch (policy) {
401 case NetUidPolicy::NET_POLICY_NONE:
402 case NetUidPolicy::NET_POLICY_ALLOW_METERED_BACKGROUND:
403 case NetUidPolicy::NET_POLICY_REJECT_METERED_BACKGROUND: {
404 return true;
405 }
406 default: {
407 NETMGR_LOG_E("Invalid policy [%{public}d]", policy);
408 return false;
409 }
410 }
411 }
412
GetDumpMessage(std::string & message)413 void NetPolicyRule::GetDumpMessage(std::string &message)
414 {
415 static const std::string TAB = " ";
416 message.append(TAB + "UidPolicy:\n");
417 std::for_each(uidPolicyRules_.begin(), uidPolicyRules_.end(), [&message](const auto &pair) {
418 message.append(TAB + TAB + "Uid: " + std::to_string(pair.first) + TAB + "Rule: " +
419 std::to_string(pair.second.rule_) + TAB + "Policy:" + std::to_string(pair.second.policy_) + TAB +
420 "NetSys: " + std::to_string(pair.second.netsys_) + "\n");
421 });
422 message.append(TAB + "DeviceIdleAllowList: {");
423 std::for_each(deviceIdleAllowedList_.begin(), deviceIdleAllowedList_.end(),
424 [&message](const auto &item) { message.append(std::to_string(item) + ", "); });
425 message.append("}\n");
426 message.append(TAB + "DeviceIdleMode: " + std::to_string(deviceIdleMode_) + "\n");
427 message.append(TAB + "BackgroundPolicy: " + std::to_string(backgroundAllow_) + "\n");
428 }
429 } // namespace NetManagerStandard
430 } // namespace OHOS
431