/* * Copyright (C) 2014 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef NETD_INCLUDE_FWMARK_COMMAND_H #define NETD_INCLUDE_FWMARK_COMMAND_H #include #include #include // Additional information sent with ON_CONNECT_COMPLETE command struct FwmarkConnectInfo { int error; unsigned latencyMs; union { sockaddr s; sockaddr_in sin; sockaddr_in6 sin6; } addr; FwmarkConnectInfo() : error(0), latencyMs(0) {} FwmarkConnectInfo(const int connectErrno, const unsigned latency, const sockaddr* saddr) { error = connectErrno; latencyMs = latency; if (saddr->sa_family == AF_INET) { addr.sin = *((struct sockaddr_in*) saddr); } else if (saddr->sa_family == AF_INET6) { addr.sin6 = *((struct sockaddr_in6*) saddr); } else { // Cannot happen because we only call this if shouldSetFwmark returns true, and thus // the address family is one we understand. addr.s.sa_family = AF_UNSPEC; } } }; // Commands sent from clients to the fwmark server to mark sockets (i.e., set their SO_MARK). // ON_CONNECT_COMPLETE command should be accompanied by FwmarkConnectInfo which should contain // info about that connect attempt // TODO: rework this struct into a more flexible data structure such as union or // a hierarchy class. struct FwmarkCommand { enum CmdId { ON_ACCEPT, ON_CONNECT, SELECT_NETWORK, PROTECT_FROM_VPN, SELECT_FOR_USER, QUERY_USER_ACCESS, ON_CONNECT_COMPLETE, TAG_SOCKET, UNTAG_SOCKET, // TODO: use binder to pass the following two request in future after we // completely get rid of qtaguid module, since these are privileged // command. SET_COUNTERSET, DELETE_TAGDATA, ON_SENDMMSG, ON_SENDMSG, ON_SENDTO, } cmdId; unsigned netId; // used only in the SELECT_NETWORK command; ignored otherwise. uid_t uid; // used in the SELECT_FOR_USER, QUERY_USER_ACCESS, TAG_SOCKET, // SET_COUNTERSET, and DELETE_TAGDATA command; ignored otherwise. uint32_t trafficCtrlInfo; // used in TAG_SOCKET, SET_COUNTERSET and SET_PACIFIER command; // ignored otherwise. Depend on the case, it can be a tag, a // counterSet or a pacifier signal. static bool isSupportedFamily(int socketFamily) { return socketFamily == AF_INET || socketFamily == AF_INET6; } }; #endif // NETD_INCLUDE_FWMARK_COMMAND_H