1 /*
2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "conn_manager.h"
17
18 #include "bpf_def.h"
19 #include "bpf_mapper.h"
20 #include "bpf_path.h"
21 #include "local_network.h"
22 #include "net_manager_constants.h"
23 #include "netnative_log_wrapper.h"
24 #include "physical_network.h"
25 #include "virtual_network.h"
26
27 namespace OHOS {
28 namespace nmd {
29 using namespace NetManagerStandard;
30 namespace {
31 constexpr int32_t INTERFACE_UNSET = -1;
32 constexpr int32_t LOCAL_NET_ID = 99;
33 } // namespace
34
ConnManager()35 ConnManager::ConnManager()
36 {
37 networks_.EnsureInsert(LOCAL_NET_ID, std::make_shared<LocalNetwork>(LOCAL_NET_ID));
38 defaultNetId_ = 0;
39 needReinitRouteFlag_ = false;
40 }
41
~ConnManager()42 ConnManager::~ConnManager()
43 {
44 networks_.Clear();
45 }
46
SetInternetPermission(uint32_t uid,uint8_t allow,uint8_t isBroker)47 int32_t ConnManager::SetInternetPermission(uint32_t uid, uint8_t allow, uint8_t isBroker)
48 {
49 // 0 means root
50 if (uid == 0) {
51 return NETMANAGER_ERROR;
52 }
53 if (isBroker) {
54 BpfMapper<sock_permission_key, sock_permission_value> permissionMap(BROKER_SOCKET_PERMISSION_MAP_PATH,
55 BPF_F_WRONLY);
56 if (!permissionMap.IsValid()) {
57 return NETMANAGER_ERROR;
58 }
59 // 0 means no permission
60 if (permissionMap.Write(uid, allow, 0) != 0) {
61 return NETMANAGER_ERROR;
62 }
63
64 return NETMANAGER_SUCCESS;
65 }
66 BpfMapper<sock_permission_key, sock_permission_value> permissionMap(OH_SOCKET_PERMISSION_MAP_PATH, BPF_F_WRONLY);
67 if (!permissionMap.IsValid()) {
68 return NETMANAGER_ERROR;
69 }
70 // 0 means no permission
71 if (permissionMap.Write(uid, allow, 0) != 0) {
72 return NETMANAGER_ERROR;
73 }
74
75 return NETMANAGER_SUCCESS;
76 }
77
CreatePhysicalNetwork(uint16_t netId,NetworkPermission permission)78 int32_t ConnManager::CreatePhysicalNetwork(uint16_t netId, NetworkPermission permission)
79 {
80 if (needReinitRouteFlag_) {
81 std::set<int32_t> netIds;
82 networks_.Iterate([&netIds](int32_t id, std::shared_ptr<NetsysNetwork> &NetsysNetworkPtr) {
83 if (id == LOCAL_NET_ID || NetsysNetworkPtr == nullptr) {
84 return;
85 }
86 netIds.insert(NetsysNetworkPtr->GetNetId());
87 });
88
89 for (auto netId : netIds) {
90 std::string interfaceName;
91 {
92 std::lock_guard<std::mutex> lock(interfaceNameMutex_);
93 interfaceName = physicalInterfaceName_[netId];
94 }
95 RemoveInterfaceFromNetwork(netId, interfaceName);
96 DestroyNetwork(netId);
97 }
98 needReinitRouteFlag_ = false;
99 }
100 std::shared_ptr<NetsysNetwork> network = std::make_shared<PhysicalNetwork>(netId, permission);
101 networks_.EnsureInsert(netId, network);
102 return NETMANAGER_SUCCESS;
103 }
104
CreateVirtualNetwork(uint16_t netId,bool hasDns)105 int32_t ConnManager::CreateVirtualNetwork(uint16_t netId, bool hasDns)
106 {
107 networks_.EnsureInsert(netId, std::make_shared<VirtualNetwork>(netId, hasDns));
108 return NETMANAGER_SUCCESS;
109 }
110
DestroyNetwork(int32_t netId)111 int32_t ConnManager::DestroyNetwork(int32_t netId)
112 {
113 if (netId == LOCAL_NET_ID) {
114 NETNATIVE_LOGE("Cannot destroy local network");
115 return NETMANAGER_ERROR;
116 }
117 const auto &net = FindNetworkById(netId);
118 if (std::get<0>(net)) {
119 std::shared_ptr<NetsysNetwork> nw = std::get<1>(net);
120 if (defaultNetId_ == netId) {
121 if (nw->IsPhysical()) {
122 static_cast<PhysicalNetwork *>(nw.get())->RemoveDefault();
123 }
124 defaultNetId_ = 0;
125 }
126 nw->ClearInterfaces();
127 }
128 networks_.Erase(netId);
129 return NETMANAGER_SUCCESS;
130 }
131
SetDefaultNetwork(int32_t netId)132 int32_t ConnManager::SetDefaultNetwork(int32_t netId)
133 {
134 if (defaultNetId_ == netId) {
135 return NETMANAGER_SUCCESS;
136 }
137
138 // check if this network exists
139 const auto &net = FindNetworkById(netId);
140 if (std::get<0>(net)) {
141 std::shared_ptr<NetsysNetwork> nw = std::get<1>(net);
142 if (!nw->IsPhysical()) {
143 NETNATIVE_LOGE("SetDefaultNetwork fail, network :%{public}d is not physical ", netId);
144 return NETMANAGER_ERROR;
145 }
146 static_cast<PhysicalNetwork *>(nw.get())->AddDefault();
147 }
148
149 if (defaultNetId_ != 0) {
150 const auto &defaultNet = FindNetworkById(defaultNetId_);
151 if (std::get<0>(defaultNet)) {
152 std::shared_ptr<NetsysNetwork> nw = std::get<1>(defaultNet);
153 if (!nw->IsPhysical()) {
154 NETNATIVE_LOGE("SetDefaultNetwork fail, defaultNetId_ :%{public}d is not physical", defaultNetId_);
155 return NETMANAGER_ERROR;
156 }
157 static_cast<PhysicalNetwork *>(nw.get())->RemoveDefault();
158 }
159 }
160 defaultNetId_ = netId;
161 return NETMANAGER_SUCCESS;
162 }
163
ClearDefaultNetwork()164 int32_t ConnManager::ClearDefaultNetwork()
165 {
166 if (defaultNetId_ != 0) {
167 const auto &net = FindNetworkById(defaultNetId_);
168 if (std::get<0>(net)) {
169 std::shared_ptr<NetsysNetwork> nw = std::get<1>(net);
170 if (!nw->IsPhysical()) {
171 NETNATIVE_LOGE("ClearDefaultNetwork fail, defaultNetId_ :%{public}d is not physical", defaultNetId_);
172 return NETMANAGER_ERROR;
173 }
174 static_cast<PhysicalNetwork *>(nw.get())->RemoveDefault();
175 }
176 }
177 defaultNetId_ = 0;
178 return NETMANAGER_SUCCESS;
179 }
180
FindNetworkById(int32_t netId)181 std::tuple<bool, std::shared_ptr<NetsysNetwork>> ConnManager::FindNetworkById(int32_t netId)
182 {
183 NETNATIVE_LOG_D("Entry ConnManager::FindNetworkById netId:%{public}d", netId);
184 std::shared_ptr<NetsysNetwork> netsysNetworkPtr;
185 bool ret = networks_.Find(netId, netsysNetworkPtr);
186 if (ret) {
187 return std::make_tuple(true, netsysNetworkPtr);
188 }
189 return std::make_tuple<bool, std::shared_ptr<NetsysNetwork>>(false, nullptr);
190 }
191
GetDefaultNetwork() const192 int32_t ConnManager::GetDefaultNetwork() const
193 {
194 return defaultNetId_;
195 }
196
GetNetworkForInterface(std::string & interfaceName)197 int32_t ConnManager::GetNetworkForInterface(std::string &interfaceName)
198 {
199 NETNATIVE_LOG_D("Entry ConnManager::GetNetworkForInterface interfaceName:%{public}s", interfaceName.c_str());
200 std::map<int32_t, std::shared_ptr<NetsysNetwork>>::iterator it;
201 int32_t InterfaceId = INTERFACE_UNSET;
202 networks_.Iterate([&InterfaceId, &interfaceName](int32_t id, std::shared_ptr<NetsysNetwork> &NetsysNetworkPtr) {
203 if (InterfaceId != INTERFACE_UNSET) {
204 return;
205 }
206 if (NetsysNetworkPtr != nullptr) {
207 if (NetsysNetworkPtr->ExistInterface(interfaceName)) {
208 InterfaceId = id;
209 }
210 }
211 });
212 return InterfaceId;
213 }
214
AddInterfaceToNetwork(int32_t netId,std::string & interfaceName)215 int32_t ConnManager::AddInterfaceToNetwork(int32_t netId, std::string &interfaceName)
216 {
217 NETNATIVE_LOG_D("Entry ConnManager::AddInterfaceToNetwork netId:%{public}d, interfaceName:%{public}s", netId,
218 interfaceName.c_str());
219 int32_t alreadySetNetId = GetNetworkForInterface(interfaceName);
220 if ((alreadySetNetId != netId) && (alreadySetNetId != INTERFACE_UNSET)) {
221 NETNATIVE_LOGE("AddInterfaceToNetwork failed alreadySetNetId:%{public}d", alreadySetNetId);
222 return NETMANAGER_ERROR;
223 }
224
225 const auto &net = FindNetworkById(netId);
226 if (std::get<0>(net)) {
227 std::shared_ptr<NetsysNetwork> nw = std::get<1>(net);
228 if (nw->IsPhysical()) {
229 std::lock_guard<std::mutex> lock(interfaceNameMutex_);
230 physicalInterfaceName_[netId] = interfaceName;
231 }
232 return nw->AddInterface(interfaceName);
233 }
234 return NETMANAGER_ERROR;
235 }
236
RemoveInterfaceFromNetwork(int32_t netId,std::string & interfaceName)237 int32_t ConnManager::RemoveInterfaceFromNetwork(int32_t netId, std::string &interfaceName)
238 {
239 int32_t alreadySetNetId = GetNetworkForInterface(interfaceName);
240 if ((alreadySetNetId != netId) || (alreadySetNetId == INTERFACE_UNSET)) {
241 return NETMANAGER_SUCCESS;
242 } else if (alreadySetNetId == netId) {
243 const auto &net = FindNetworkById(netId);
244 if (std::get<0>(net)) {
245 std::shared_ptr<NetsysNetwork> nw = std::get<1>(net);
246 int32_t ret = nw->RemoveInterface(interfaceName);
247 if (nw->IsPhysical()) {
248 std::lock_guard<std::mutex> lock(interfaceNameMutex_);
249 physicalInterfaceName_.erase(netId);
250 }
251 return ret;
252 }
253 }
254 return NETMANAGER_SUCCESS;
255 }
256
ReinitRoute()257 int32_t ConnManager::ReinitRoute()
258 {
259 NETNATIVE_LOG_D("ConnManager::ReInitRoute");
260 needReinitRouteFlag_ = true;
261 return NETMANAGER_SUCCESS;
262 }
263
AddRoute(int32_t netId,std::string interfaceName,std::string destination,std::string nextHop)264 int32_t ConnManager::AddRoute(int32_t netId, std::string interfaceName, std::string destination, std::string nextHop)
265 {
266 return RouteManager::AddRoute(GetTableType(netId), interfaceName, destination, nextHop);
267 }
268
RemoveRoute(int32_t netId,std::string interfaceName,std::string destination,std::string nextHop)269 int32_t ConnManager::RemoveRoute(int32_t netId, std::string interfaceName, std::string destination, std::string nextHop)
270 {
271 return RouteManager::RemoveRoute(GetTableType(netId), interfaceName, destination, nextHop);
272 }
273
UpdateRoute(int32_t netId,std::string interfaceName,std::string destination,std::string nextHop)274 int32_t ConnManager::UpdateRoute(int32_t netId, std::string interfaceName, std::string destination, std::string nextHop)
275 {
276 return RouteManager::UpdateRoute(GetTableType(netId), interfaceName, destination, nextHop);
277 }
278
GetTableType(int32_t netId)279 RouteManager::TableType ConnManager::GetTableType(int32_t netId)
280 {
281 if (netId == LOCAL_NET_ID) {
282 return RouteManager::LOCAL_NETWORK;
283 } else if (FindVirtualNetwork(netId) != nullptr) {
284 return RouteManager::VPN_NETWORK;
285 } else {
286 return RouteManager::INTERFACE;
287 }
288 }
289
GetFwmarkForNetwork(int32_t netId)290 int32_t ConnManager::GetFwmarkForNetwork(int32_t netId)
291 {
292 return NETMANAGER_ERROR;
293 }
294
SetPermissionForNetwork(int32_t netId,NetworkPermission permission)295 int32_t ConnManager::SetPermissionForNetwork(int32_t netId, NetworkPermission permission)
296 {
297 return NETMANAGER_ERROR;
298 }
299
FindVirtualNetwork(int32_t netId)300 std::shared_ptr<NetsysNetwork> ConnManager::FindVirtualNetwork(int32_t netId)
301 {
302 if (netId == LOCAL_NET_ID) {
303 return nullptr;
304 }
305 std::shared_ptr<NetsysNetwork> netsysNetworkPtr = nullptr;
306 auto ret = networks_.Find(netId, netsysNetworkPtr);
307 if (!ret || netsysNetworkPtr == nullptr) {
308 NETNATIVE_LOGE("invalid netId:%{public}d or nw is null.", netId);
309 return nullptr;
310 }
311 if (netsysNetworkPtr->IsPhysical()) {
312 return nullptr;
313 }
314 return netsysNetworkPtr;
315 }
316
AddUidsToNetwork(int32_t netId,const std::vector<NetManagerStandard::UidRange> & uidRanges)317 int32_t ConnManager::AddUidsToNetwork(int32_t netId, const std::vector<NetManagerStandard::UidRange> &uidRanges)
318 {
319 auto netsysNetwork = FindVirtualNetwork(netId);
320 if (netsysNetwork == nullptr) {
321 NETNATIVE_LOGE("cannot add uids to non-virtual network with netId:%{public}d", netId);
322 return NETMANAGER_ERROR;
323 }
324 return static_cast<VirtualNetwork *>(netsysNetwork.get())->AddUids(uidRanges);
325 }
326
RemoveUidsFromNetwork(int32_t netId,const std::vector<NetManagerStandard::UidRange> & uidRanges)327 int32_t ConnManager::RemoveUidsFromNetwork(int32_t netId, const std::vector<NetManagerStandard::UidRange> &uidRanges)
328 {
329 auto netsysNetwork = FindVirtualNetwork(netId);
330 if (netsysNetwork == nullptr) {
331 NETNATIVE_LOGE("cannot remove uids from non-virtual network with netId:%{public}d", netId);
332 return NETMANAGER_ERROR;
333 }
334 return static_cast<VirtualNetwork *>(netsysNetwork.get())->RemoveUids(uidRanges);
335 }
336
GetDumpInfos(std::string & infos)337 void ConnManager::GetDumpInfos(std::string &infos)
338 {
339 static const std::string TAB = " ";
340 infos.append("Netsys connect manager :\n");
341 infos.append(TAB + "default NetId: " + std::to_string(defaultNetId_) + "\n");
342 networks_.Iterate([&infos](int32_t id, std::shared_ptr<NetsysNetwork> &NetsysNetworkPtr) {
343 infos.append(TAB + "NetId:" + std::to_string(id));
344 std::string interfaces = TAB + "interfaces: {";
345 for (const auto &interface : NetsysNetworkPtr->GetAllInterface()) {
346 interfaces.append(interface + ", ");
347 }
348 infos.append(interfaces + "}\n");
349 });
350 }
351 } // namespace nmd
352 } // namespace OHOS
353