1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <thread>
17
18 #include "iservice_registry.h"
19 #include "net_manager_constants.h"
20 #include "netfirewall_client.h"
21 #include "netmgr_ext_log_wrapper.h"
22 #include "system_ability_definition.h"
23
24 using namespace OHOS::HiviewDFX;
25
26 namespace OHOS {
27 namespace NetManagerStandard {
28 namespace {
29 constexpr size_t WAIT_REMOTE_TIME_SEC = 15;
30 constexpr uint32_t WAIT_FOR_SERVICE_TIME_S = 1;
31 constexpr uint32_t MAX_GET_SERVICE_COUNT = 10;
32 std::condition_variable g_cv;
33 std::mutex g_mutexCv;
34 } // namespace
35
OnLoadSystemAbilitySuccess(int32_t systemAbilityId,const sptr<IRemoteObject> & remoteObject)36 void NetFirewallLoadCallback::OnLoadSystemAbilitySuccess(int32_t systemAbilityId,
37 const sptr<IRemoteObject> &remoteObject)
38 {
39 NETMGR_EXT_LOG_D("OnLoadSystemAbilitySuccess systemAbilityId: [%{public}d]", systemAbilityId);
40 std::unique_lock<std::mutex> lock(g_mutexCv);
41 remoteObject_ = remoteObject;
42 g_cv.notify_one();
43 }
44
OnLoadSystemAbilityFail(int32_t systemAbilityId)45 void NetFirewallLoadCallback::OnLoadSystemAbilityFail(int32_t systemAbilityId)
46 {
47 NETMGR_EXT_LOG_D("OnLoadSystemAbilityFail: [%{public}d]", systemAbilityId);
48 loadSAFailed_ = true;
49 }
50
IsFailed()51 bool NetFirewallLoadCallback::IsFailed()
52 {
53 return loadSAFailed_;
54 }
55
GetRemoteObject() const56 const sptr<IRemoteObject> &NetFirewallLoadCallback::GetRemoteObject() const
57 {
58 return remoteObject_;
59 }
60
61
GetInstance()62 NetFirewallClient &NetFirewallClient::GetInstance()
63 {
64 static NetFirewallClient instance;
65 return instance;
66 }
67
SetNetFirewallPolicy(const int32_t userId,const sptr<NetFirewallPolicy> & status)68 int32_t NetFirewallClient::SetNetFirewallPolicy(const int32_t userId, const sptr<NetFirewallPolicy> &status)
69 {
70 sptr<INetFirewallService> proxy = GetProxy();
71 if (proxy == nullptr) {
72 NETMGR_EXT_LOG_E("SetNetFirewallPolicy proxy is nullptr");
73 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
74 }
75 return proxy->SetNetFirewallPolicy(userId, status);
76 }
77
GetNetFirewallPolicy(const int32_t userId,sptr<NetFirewallPolicy> & status)78 int32_t NetFirewallClient::GetNetFirewallPolicy(const int32_t userId, sptr<NetFirewallPolicy> &status)
79 {
80 sptr<INetFirewallService> proxy = GetProxy();
81 if (proxy == nullptr) {
82 NETMGR_EXT_LOG_E("GetNetFirewallPolicy proxy is nullptr");
83 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
84 }
85 return proxy->GetNetFirewallPolicy(userId, status);
86 }
87
AddNetFirewallRule(const sptr<NetFirewallRule> & rule,int32_t & result)88 int32_t NetFirewallClient::AddNetFirewallRule(const sptr<NetFirewallRule> &rule, int32_t &result)
89 {
90 sptr<INetFirewallService> proxy = GetProxy();
91 if (proxy == nullptr) {
92 NETMGR_EXT_LOG_E("AddNetFirewallRule proxy is nullptr");
93 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
94 }
95 return proxy->AddNetFirewallRule(rule, result);
96 }
97
UpdateNetFirewallRule(const sptr<NetFirewallRule> & rule)98 int32_t NetFirewallClient::UpdateNetFirewallRule(const sptr<NetFirewallRule> &rule)
99 {
100 sptr<INetFirewallService> proxy = GetProxy();
101 if (proxy == nullptr) {
102 NETMGR_EXT_LOG_E("UpdateNetFirewallRule proxy is nullptr");
103 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
104 }
105 return proxy->UpdateNetFirewallRule(rule);
106 }
107
DeleteNetFirewallRule(const int32_t userId,const int32_t ruleId)108 int32_t NetFirewallClient::DeleteNetFirewallRule(const int32_t userId, const int32_t ruleId)
109 {
110 sptr<INetFirewallService> proxy = GetProxy();
111 if (proxy == nullptr) {
112 NETMGR_EXT_LOG_E("DeleteNetFirewallRule proxy is nullptr");
113 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
114 }
115 return proxy->DeleteNetFirewallRule(userId, ruleId);
116 }
117
GetNetFirewallRules(const int32_t userId,const sptr<RequestParam> & requestParam,sptr<FirewallRulePage> & info)118 int32_t NetFirewallClient::GetNetFirewallRules(const int32_t userId, const sptr<RequestParam> &requestParam,
119 sptr<FirewallRulePage> &info)
120 {
121 sptr<INetFirewallService> proxy = GetProxy();
122 if (proxy == nullptr) {
123 NETMGR_EXT_LOG_E("GetNetFirewallRules proxy is nullptr");
124 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
125 }
126 return proxy->GetNetFirewallRules(userId, requestParam, info);
127 }
128
GetNetFirewallRule(const int32_t userId,const int32_t ruleId,sptr<NetFirewallRule> & rule)129 int32_t NetFirewallClient::GetNetFirewallRule(const int32_t userId, const int32_t ruleId, sptr<NetFirewallRule> &rule)
130 {
131 sptr<INetFirewallService> proxy = GetProxy();
132 if (proxy == nullptr) {
133 NETMGR_EXT_LOG_E("GetNetFirewallRule proxy is nullptr");
134 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
135 }
136 return proxy->GetNetFirewallRule(userId, ruleId, rule);
137 }
138
GetInterceptRecords(const int32_t userId,const sptr<RequestParam> & requestParam,sptr<InterceptRecordPage> & info)139 int32_t NetFirewallClient::GetInterceptRecords(const int32_t userId, const sptr<RequestParam> &requestParam,
140 sptr<InterceptRecordPage> &info)
141 {
142 sptr<INetFirewallService> proxy = GetProxy();
143 if (proxy == nullptr) {
144 NETMGR_EXT_LOG_E("GetInterceptRecords proxy is nullptr");
145 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
146 }
147 return proxy->GetInterceptRecords(userId, requestParam, info);
148 }
149
GetProxy()150 sptr<INetFirewallService> NetFirewallClient::GetProxy()
151 {
152 NETMGR_EXT_LOG_I("NetFirewallClient getproxy");
153 std::lock_guard lock(mutex_);
154 if (netfirewallService_ != nullptr) {
155 return netfirewallService_;
156 }
157 loadCallback_ = new (std::nothrow) NetFirewallLoadCallback;
158 if (loadCallback_ == nullptr) {
159 NETMGR_EXT_LOG_E("loadCallback_ is nullptr");
160 return nullptr;
161 }
162 sptr<IRemoteObject> remote = LoadSaOnDemand();
163 if (remote == nullptr || !remote->IsProxyObject()) {
164 NETMGR_EXT_LOG_E("get Remote service failed");
165 return nullptr;
166 }
167
168 deathRecipient_ = new (std::nothrow) MonitorPcfirewallServiceDead(*this);
169 if (deathRecipient_ == nullptr) {
170 NETMGR_EXT_LOG_E("deathRecipient_ is nullptr");
171 return nullptr;
172 }
173 if ((remote->IsProxyObject()) && (!remote->AddDeathRecipient(deathRecipient_))) {
174 NETMGR_EXT_LOG_E("add death recipient failed");
175 return nullptr;
176 }
177 netfirewallService_ = iface_cast<INetFirewallService>(remote);
178 if (netfirewallService_ == nullptr) {
179 NETMGR_EXT_LOG_E("get Remote service proxy failed");
180 return nullptr;
181 }
182 return netfirewallService_;
183 }
184
LoadSaOnDemand()185 sptr<IRemoteObject> NetFirewallClient::LoadSaOnDemand()
186 {
187 NETMGR_EXT_LOG_D("NetFirewallClient OnRemoteDied");
188 if (loadCallback_->GetRemoteObject() == nullptr) {
189 sptr<ISystemAbilityManager> sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
190 if (sam == nullptr) {
191 NETMGR_EXT_LOG_E("GetSystemAbilityManager failed");
192 return nullptr;
193 }
194 int32_t result = sam->LoadSystemAbility(COMM_FIREWALL_MANAGER_SYS_ABILITY_ID, loadCallback_);
195 if (result != ERR_OK) {
196 NETMGR_EXT_LOG_E("LoadSystemAbility failed : [%{public}d]", result);
197 return nullptr;
198 }
199 std::unique_lock<std::mutex> lk(g_mutexCv);
200 if (!g_cv.wait_for(lk, std::chrono::seconds(WAIT_REMOTE_TIME_SEC),
201 [this]() { return loadCallback_->GetRemoteObject() != nullptr; })) {
202 NETMGR_EXT_LOG_E("LoadSystemAbility timeout");
203 return nullptr;
204 }
205 }
206 return loadCallback_->GetRemoteObject();
207 }
208
OnRemoteDied(const wptr<IRemoteObject> & remote)209 void NetFirewallClient::OnRemoteDied(const wptr<IRemoteObject> &remote)
210 {
211 NETMGR_EXT_LOG_D("NetFirewallClient OnRemoteDied");
212 if (remote == nullptr) {
213 NETMGR_EXT_LOG_E("remote object is nullptr");
214 return;
215 }
216 std::lock_guard lock(mutex_);
217 if (netfirewallService_ == nullptr) {
218 NETMGR_EXT_LOG_E("netfirewallService_ is nullptr");
219 return;
220 }
221 sptr<IRemoteObject> local = netfirewallService_->AsObject();
222 if (local != remote.promote()) {
223 NETMGR_EXT_LOG_E("proxy and stub is not same remote object");
224 return;
225 }
226 local->RemoveDeathRecipient(deathRecipient_);
227 netfirewallService_ = nullptr;
228
229 std::thread([this]() { this->RestartNetFirewallManagerSysAbility(); }).detach();
230 }
231
RestartNetFirewallManagerSysAbility()232 bool NetFirewallClient::RestartNetFirewallManagerSysAbility()
233 {
234 for (uint32_t i = 0; i < MAX_GET_SERVICE_COUNT; ++i) {
235 std::this_thread::sleep_for(std::chrono::seconds(WAIT_FOR_SERVICE_TIME_S));
236 sptr<INetFirewallService> proxy = GetProxy();
237 if (proxy) {
238 NETMGR_EXT_LOG_I("Restart NetFirewallManager success.");
239 return true;
240 }
241 }
242 NETMGR_EXT_LOG_E("Restart NetFirewallManager failed.");
243 return false;
244 }
245 } // namespace NetManagerStandard
246 } // namespace OHOS
247