• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include "NetdConstants.h"
20 #include "Permission.h"
21 #include "UidRanges.h"
22 
23 #include <set>
24 #include <string>
25 
26 namespace android::net {
27 
28 typedef std::map<int32_t, UidRanges> UidRangeMap;
29 
30 // A Network represents a collection of interfaces participating as a single administrative unit.
31 class Network {
32 public:
33     // You MUST ensure that no interfaces are still assigned to this network, say by calling
34     // clearInterfaces(), before deleting it. This is because interface removal may fail. If we
35     // automatically removed interfaces in the destructor, you wouldn't know if it failed.
36     virtual ~Network();
37 
38     virtual std::string getTypeString() const = 0;
39     unsigned getNetId() const;
40 
41     bool hasInterface(const std::string& interface) const;
42     const std::set<std::string>& getInterfaces() const;
43 
44     // These return 0 on success or negative errno on failure.
addInterface(const std::string &)45     [[nodiscard]] virtual int addInterface(const std::string&) { return -EINVAL; }
removeInterface(const std::string &)46     [[nodiscard]] virtual int removeInterface(const std::string&) { return -EINVAL; }
47     [[nodiscard]] int clearInterfaces();
48 
49     std::string toString() const;
50     std::string uidRangesToString() const;
51     std::string allowedUidsToString() const;
52     bool appliesToUser(uid_t uid, int32_t* subPriority) const;
53     virtual Permission getPermission() const = 0;
addUsers(const UidRanges &,int32_t)54     [[nodiscard]] virtual int addUsers(const UidRanges&, int32_t /*subPriority*/) {
55         return -EINVAL;
56     };
removeUsers(const UidRanges &,int32_t)57     [[nodiscard]] virtual int removeUsers(const UidRanges&, int32_t /*subPriority*/) {
58         return -EINVAL;
59     };
60     bool isSecure() const;
isPhysical()61     virtual bool isPhysical() { return false; }
isUnreachable()62     virtual bool isUnreachable() { return false; }
isVirtual()63     virtual bool isVirtual() { return false; }
canAddUsers()64     virtual bool canAddUsers() { return false; }
isValidSubPriority(int32_t)65     virtual bool isValidSubPriority(int32_t /*priority*/) { return false; }
66     virtual void addToUidRangeMap(const UidRanges& uidRanges, int32_t subPriority);
67     virtual void removeFromUidRangeMap(const UidRanges& uidRanges, int32_t subPriority);
68     void clearAllowedUids();
69     void setAllowedUids(const UidRanges& uidRanges);
70     bool isUidAllowed(uid_t uid);
71 
72   protected:
73     explicit Network(unsigned netId, bool secure = false);
74     bool canAddUidRanges(const UidRanges& uidRanges) const;
75 
76     const unsigned mNetId;
77     std::set<std::string> mInterfaces;
78     // Each subsidiary priority maps to a set of UID ranges of a feature.
79     std::map<int32_t, UidRanges> mUidRangeMap;
80     const bool mSecure;
81     // UIDs that can explicitly select this network. It means no restriction for all UIDs if the
82     // optional variable has no value.
83     std::optional<UidRanges> mAllowedUids;
84 
85   private:
86     enum Action {
87         REMOVE,
88         ADD,
89     };
90 };
91 
92 }  // namespace android::net
93