FwmarkServer.cpp revision a675b00423e5a370e72a7f10f6b632b4d15a1ff4
1/* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include "FwmarkServer.h" 18 19#include "Fwmark.h" 20#include "FwmarkCommand.h" 21#include "NetworkController.h" 22#include "resolv_netid.h" 23 24#include <sys/socket.h> 25#include <unistd.h> 26 27FwmarkServer::FwmarkServer(NetworkController* networkController) : 28 SocketListener("fwmarkd", true), mNetworkController(networkController) { 29} 30 31bool FwmarkServer::onDataAvailable(SocketClient* client) { 32 int fd = -1; 33 int error = processClient(client, &fd); 34 if (fd >= 0) { 35 close(fd); 36 } 37 38 // Always send a response even if there were connection errors or read errors, so that we don't 39 // inadvertently cause the client to hang (which always waits for a response). 40 client->sendData(&error, sizeof(error)); 41 42 // Always close the client connection (by returning false). This prevents a DoS attack where 43 // the client issues multiple commands on the same connection, never reading the responses, 44 // causing its receive buffer to fill up, and thus causing our client->sendData() to block. 45 return false; 46} 47 48int FwmarkServer::processClient(SocketClient* client, int* fd) { 49 FwmarkCommand command; 50 51 iovec iov; 52 iov.iov_base = &command; 53 iov.iov_len = sizeof(command); 54 55 msghdr message; 56 memset(&message, 0, sizeof(message)); 57 message.msg_iov = &iov; 58 message.msg_iovlen = 1; 59 60 union { 61 cmsghdr cmh; 62 char cmsg[CMSG_SPACE(sizeof(*fd))]; 63 } cmsgu; 64 65 memset(cmsgu.cmsg, 0, sizeof(cmsgu.cmsg)); 66 message.msg_control = cmsgu.cmsg; 67 message.msg_controllen = sizeof(cmsgu.cmsg); 68 69 int messageLength = TEMP_FAILURE_RETRY(recvmsg(client->getSocket(), &message, 0)); 70 if (messageLength <= 0) { 71 return -errno; 72 } 73 74 if (messageLength != sizeof(command)) { 75 return -EBADMSG; 76 } 77 78 cmsghdr* const cmsgh = CMSG_FIRSTHDR(&message); 79 if (cmsgh && cmsgh->cmsg_level == SOL_SOCKET && cmsgh->cmsg_type == SCM_RIGHTS && 80 cmsgh->cmsg_len == CMSG_LEN(sizeof(*fd))) { 81 memcpy(fd, CMSG_DATA(cmsgh), sizeof(*fd)); 82 } 83 84 if (*fd < 0) { 85 return -EBADF; 86 } 87 88 Fwmark fwmark; 89 socklen_t fwmarkLen = sizeof(fwmark.intValue); 90 if (getsockopt(*fd, SOL_SOCKET, SO_MARK, &fwmark.intValue, &fwmarkLen) == -1) { 91 return -errno; 92 } 93 94 Permission permission = mNetworkController->getPermissionForUser(client->getUid()); 95 96 switch (command.cmdId) { 97 case FwmarkCommand::ON_ACCEPT: { 98 // Called after a socket accept(). The kernel would've marked the netId and necessary 99 // permissions bits, so we just add the rest of the user's permissions here. 100 permission = static_cast<Permission>(permission | fwmark.permission); 101 break; 102 } 103 104 case FwmarkCommand::ON_CONNECT: { 105 // Set the netId (of the default network) into the fwmark, if it has not already been 106 // set explicitly. Called before a socket connect() happens. 107 if (!fwmark.explicitlySelected) { 108 fwmark.netId = mNetworkController->getDefaultNetwork(); 109 } 110 break; 111 } 112 113 case FwmarkCommand::SELECT_NETWORK: { 114 fwmark.netId = command.netId; 115 if (command.netId == NETID_UNSET) { 116 fwmark.explicitlySelected = false; 117 } else { 118 fwmark.explicitlySelected = true; 119 // If the socket already has the protectedFromVpn bit set, don't reset it, because 120 // non-CONNECTIVITY_INTERNAL apps (e.g.: VpnService) may also protect sockets. 121 if (permission & PERMISSION_CONNECTIVITY_INTERNAL) { 122 fwmark.protectedFromVpn = true; 123 } 124 if (!mNetworkController->isValidNetwork(command.netId)) { 125 return -ENONET; 126 } 127 if (!mNetworkController->isUserPermittedOnNetwork(client->getUid(), 128 command.netId)) { 129 return -EPERM; 130 } 131 } 132 break; 133 } 134 135 case FwmarkCommand::PROTECT_FROM_VPN: { 136 // set vpn protect 137 // TODO 138 break; 139 } 140 141 default: { 142 // unknown command 143 return -EPROTO; 144 } 145 } 146 147 fwmark.permission = permission; 148 149 if (setsockopt(*fd, SOL_SOCKET, SO_MARK, &fwmark.intValue, sizeof(fwmark.intValue)) == -1) { 150 return -errno; 151 } 152 153 return 0; 154} 155