1 /*
2 * Copyright (C) 2010 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "DnsProxyListener.h"
18
19 #include <arpa/inet.h>
20 #include <dirent.h>
21 #include <dlfcn.h>
22 #include <linux/if.h>
23 #include <math.h>
24 #include <net/if.h>
25 #include <netdb.h>
26 #include <netinet/in.h>
27 #include <resolv.h> // b64_pton()
28 #include <stdlib.h>
29 #include <string.h>
30 #include <sys/socket.h>
31
32 #define LOG_TAG "resolv"
33
34 #include <algorithm>
35 #include <vector>
36
37 #include <android-base/parseint.h>
38 #include <android/multinetwork.h> // ResNsendFlags
39 #include <cutils/misc.h> // FIRST_APPLICATION_UID
40 #include <cutils/multiuser.h>
41 #include <netdutils/InternetAddresses.h>
42 #include <netdutils/ResponseCode.h>
43 #include <netdutils/Stopwatch.h>
44 #include <netdutils/ThreadUtil.h>
45 #include <private/android_filesystem_config.h> // AID_SYSTEM
46 #include <statslog_resolv.h>
47 #include <sysutils/SocketClient.h>
48
49 #include "DnsResolver.h"
50 #include "Experiments.h"
51 #include "NetdPermissions.h"
52 #include "OperationLimiter.h"
53 #include "PrivateDnsConfiguration.h"
54 #include "ResolverEventReporter.h"
55 #include "dnsproxyd_protocol/DnsProxydProtocol.h" // NETID_USE_LOCAL_NAMESERVERS
56 #include "getaddrinfo.h"
57 #include "gethnamaddr.h"
58 #include "res_send.h"
59 #include "resolv_cache.h"
60 #include "resolv_private.h"
61 #include "stats.h" // RCODE_TIMEOUT
62 #include "stats.pb.h"
63 #include "util.h"
64
65 using aidl::android::net::metrics::INetdEventListener;
66 using aidl::android::net::resolv::aidl::DnsHealthEventParcel;
67 using aidl::android::net::resolv::aidl::IDnsResolverUnsolicitedEventListener;
68 using android::base::ParseInt;
69 using android::base::ParseUint;
70 using std::span;
71
72 namespace android {
73
74 using netdutils::MAX_QUERIES_IN_TOTAL;
75 using netdutils::MAX_QUERIES_PER_UID;
76 using netdutils::ResponseCode;
77 using netdutils::Stopwatch;
78
79 namespace net {
80 namespace {
81
82 android::netdutils::OperationLimiter<uid_t> queryLimiter(MAX_QUERIES_PER_UID);
83
startQueryLimiter(uid_t uid)84 bool startQueryLimiter(uid_t uid) {
85 const int globalLimit = android::net::Experiments::getInstance()->getFlag("max_queries_global",
86 MAX_QUERIES_IN_TOTAL);
87 return queryLimiter.start(uid, globalLimit);
88 }
89
endQueryLimiter(uid_t uid)90 void endQueryLimiter(uid_t uid) {
91 queryLimiter.finish(uid);
92 }
93
logArguments(int argc,char ** argv)94 void logArguments(int argc, char** argv) {
95 if (!WOULD_LOG(VERBOSE)) return;
96 for (int i = 0; i < argc; i++) {
97 LOG(VERBOSE) << __func__ << ": argv[" << i << "]=" << (argv[i] ? argv[i] : "null");
98 }
99 }
100
checkAndClearUseLocalNameserversFlag(unsigned * netid)101 bool checkAndClearUseLocalNameserversFlag(unsigned* netid) {
102 if (netid == nullptr || ((*netid) & NETID_USE_LOCAL_NAMESERVERS) == 0) {
103 return false;
104 }
105 *netid = (*netid) & ~NETID_USE_LOCAL_NAMESERVERS;
106 return true;
107 }
108
requestingUseLocalNameservers(unsigned flags)109 constexpr bool requestingUseLocalNameservers(unsigned flags) {
110 return (flags & NET_CONTEXT_FLAG_USE_LOCAL_NAMESERVERS) != 0;
111 }
112
queryingViaTls(unsigned dns_netid)113 bool queryingViaTls(unsigned dns_netid) {
114 const auto privateDnsStatus = PrivateDnsConfiguration::getInstance().getStatus(dns_netid);
115 switch (privateDnsStatus.mode) {
116 case PrivateDnsMode::OPPORTUNISTIC:
117 return !privateDnsStatus.validatedServers().empty();
118 case PrivateDnsMode::STRICT:
119 return true;
120 default:
121 return false;
122 }
123 }
124
hasPermissionToBypassPrivateDns(uid_t uid)125 bool hasPermissionToBypassPrivateDns(uid_t uid) {
126 static_assert(AID_SYSTEM >= 0 && AID_SYSTEM < FIRST_APPLICATION_UID,
127 "Calls from AID_SYSTEM must not result in a permission check to avoid deadlock.");
128 if (uid >= 0 && uid < FIRST_APPLICATION_UID) {
129 return true;
130 }
131
132 for (const char* const permission :
133 {PERM_CONNECTIVITY_USE_RESTRICTED_NETWORKS, PERM_NETWORK_BYPASS_PRIVATE_DNS,
134 PERM_MAINLINE_NETWORK_STACK}) {
135 if (gResNetdCallbacks.check_calling_permission(permission)) {
136 return true;
137 }
138 }
139 return false;
140 }
141
maybeFixupNetContext(android_net_context * ctx,pid_t pid)142 void maybeFixupNetContext(android_net_context* ctx, pid_t pid) {
143 if (requestingUseLocalNameservers(ctx->flags) && !hasPermissionToBypassPrivateDns(ctx->uid)) {
144 // Not permitted; clear the flag.
145 ctx->flags &= ~NET_CONTEXT_FLAG_USE_LOCAL_NAMESERVERS;
146 }
147
148 if (!requestingUseLocalNameservers(ctx->flags)) {
149 // If we're not explicitly bypassing DNS-over-TLS servers, check whether
150 // DNS-over-TLS is in use as an indicator for when to use more modern
151 // DNS resolution mechanics.
152 if (queryingViaTls(ctx->dns_netid)) {
153 ctx->flags |= NET_CONTEXT_FLAG_USE_DNS_OVER_TLS | NET_CONTEXT_FLAG_USE_EDNS;
154 }
155 }
156 ctx->pid = pid;
157 }
158
159 void addIpAddrWithinLimit(std::vector<std::string>* ip_addrs, const sockaddr* addr,
160 socklen_t addrlen);
161
extractResNsendAnswers(std::span<const uint8_t> answer,int ipType,std::vector<std::string> * ip_addrs)162 int extractResNsendAnswers(std::span<const uint8_t> answer, int ipType,
163 std::vector<std::string>* ip_addrs) {
164 int total_ip_addr_count = 0;
165 ns_msg handle;
166 if (ns_initparse(answer.data(), answer.size(), &handle) < 0) {
167 return 0;
168 }
169 int ancount = ns_msg_count(handle, ns_s_an);
170 ns_rr rr;
171 for (int i = 0; i < ancount; i++) {
172 if (ns_parserr(&handle, ns_s_an, i, &rr) < 0) {
173 continue;
174 }
175 const uint8_t* rdata = ns_rr_rdata(rr);
176 if (ipType == ns_t_a) {
177 sockaddr_in sin = {.sin_family = AF_INET};
178 memcpy(&sin.sin_addr, rdata, sizeof(sin.sin_addr));
179 addIpAddrWithinLimit(ip_addrs, (sockaddr*)&sin, sizeof(sin));
180 total_ip_addr_count++;
181 } else if (ipType == ns_t_aaaa) {
182 sockaddr_in6 sin6 = {.sin6_family = AF_INET6};
183 memcpy(&sin6.sin6_addr, rdata, sizeof(sin6.sin6_addr));
184 addIpAddrWithinLimit(ip_addrs, (sockaddr*)&sin6, sizeof(sin6));
185 total_ip_addr_count++;
186 }
187 }
188
189 return total_ip_addr_count;
190 }
191
extractGetAddrInfoAnswers(const addrinfo * result,std::vector<std::string> * ip_addrs)192 int extractGetAddrInfoAnswers(const addrinfo* result, std::vector<std::string>* ip_addrs) {
193 int total_ip_addr_count = 0;
194 if (result == nullptr) {
195 return 0;
196 }
197 for (const addrinfo* ai = result; ai; ai = ai->ai_next) {
198 sockaddr* ai_addr = ai->ai_addr;
199 if (ai_addr) {
200 addIpAddrWithinLimit(ip_addrs, ai_addr, ai->ai_addrlen);
201 total_ip_addr_count++;
202 }
203 }
204 return total_ip_addr_count;
205 }
206
extractGetHostByNameAnswers(const hostent * hp,std::vector<std::string> * ip_addrs)207 int extractGetHostByNameAnswers(const hostent* hp, std::vector<std::string>* ip_addrs) {
208 int total_ip_addr_count = 0;
209 if (hp == nullptr) {
210 return 0;
211 }
212 if (hp->h_addrtype == AF_INET) {
213 in_addr** list = (in_addr**)hp->h_addr_list;
214 for (int i = 0; list[i] != nullptr; i++) {
215 sockaddr_in sin = {.sin_family = AF_INET, .sin_addr = *list[i]};
216 addIpAddrWithinLimit(ip_addrs, (sockaddr*)&sin, sizeof(sin));
217 total_ip_addr_count++;
218 }
219 } else if (hp->h_addrtype == AF_INET6) {
220 in6_addr** list = (in6_addr**)hp->h_addr_list;
221 for (int i = 0; list[i] != nullptr; i++) {
222 sockaddr_in6 sin6 = {.sin6_family = AF_INET6, .sin6_addr = *list[i]};
223 addIpAddrWithinLimit(ip_addrs, (sockaddr*)&sin6, sizeof(sin6));
224 total_ip_addr_count++;
225 }
226 }
227 return total_ip_addr_count;
228 }
229
rcodeToAiError(int rcode)230 int rcodeToAiError(int rcode) {
231 switch (rcode) {
232 case NOERROR:
233 return 0;
234 case RCODE_TIMEOUT:
235 return NETD_RESOLV_TIMEOUT;
236 default:
237 return EAI_NODATA;
238 }
239 }
240
resNSendToAiError(int err,int rcode)241 int resNSendToAiError(int err, int rcode) {
242 if (err > 0) {
243 return rcodeToAiError(rcode);
244 }
245 if (err == -ETIMEDOUT) {
246 return NETD_RESOLV_TIMEOUT;
247 }
248 return EAI_SYSTEM;
249 }
250
setQueryId(span<uint8_t> msg,uint16_t query_id)251 bool setQueryId(span<uint8_t> msg, uint16_t query_id) {
252 if ((size_t)msg.size() < sizeof(HEADER)) {
253 LOG(ERROR) << __func__ << ": Invalid parameter";
254 return false;
255 }
256 auto hp = reinterpret_cast<HEADER*>(msg.data());
257 hp->id = htons(query_id);
258 return true;
259 }
260
parseQuery(span<const uint8_t> msg,uint16_t * query_id,int * rr_type,std::string * rr_name)261 bool parseQuery(span<const uint8_t> msg, uint16_t* query_id, int* rr_type, std::string* rr_name) {
262 ns_msg handle;
263 ns_rr rr;
264 if (ns_initparse(msg.data(), msg.size(), &handle) < 0 ||
265 ns_parserr(&handle, ns_s_qd, 0, &rr) < 0) {
266 return false;
267 }
268 *query_id = ns_msg_id(handle);
269 *rr_name = ns_rr_name(rr);
270 *rr_type = ns_rr_type(rr);
271 return true;
272 }
273
274 // Note: Even if it returns PDM_OFF, it doesn't mean there's no DoT stats in the message
275 // because Private DNS mode can change at any time.
getPrivateDnsModeForMetrics(uint32_t netId)276 PrivateDnsModes getPrivateDnsModeForMetrics(uint32_t netId) {
277 // If the network `netId` doesn't exist, getStatus() sets the mode to PrivateDnsMode::OFF and
278 // returns it. This is incorrect for the metrics. Consider returning PDM_UNKNOWN in such case.
279 return convertEnumType(PrivateDnsConfiguration::getInstance().getStatus(netId).mode);
280 }
281
initDnsEvent(NetworkDnsEventReported * event,const android_net_context & netContext)282 void initDnsEvent(NetworkDnsEventReported* event, const android_net_context& netContext) {
283 // The value 0 has the special meaning of unset/unknown in Statsd atoms. So, we set both
284 // flags to -1 as default value.
285 // 1. The hints flag is only used in resolv_getaddrinfo. When user set it to -1 in
286 // resolv_getaddrinfo, the flag will cause validation (validateHints) failure in
287 // getaddrinfo, so it will not do DNS query and will upload DNS stats log with
288 // return_code = RC_EAI_BADFLAGS.
289 // 2. The res_nsend flags are only used in resolv_res_nsend. When user set it to -1 in
290 // resolv_res_nsend,res_nsend will do nothing special by the setting.
291 event->set_hints_ai_flags(-1);
292 event->set_res_nsend_flags(-1);
293 event->set_private_dns_modes(getPrivateDnsModeForMetrics(netContext.dns_netid));
294 }
295
296 // Return 0 if the event should not be logged.
297 // Otherwise, return subsampling_denom
getDnsEventSubsamplingRate(int netid,int returnCode,bool isMdns)298 uint32_t getDnsEventSubsamplingRate(int netid, int returnCode, bool isMdns) {
299 uint32_t subsampling_denom = resolv_cache_get_subsampling_denom(netid, returnCode, isMdns);
300 if (subsampling_denom == 0) return 0;
301 // Sample the event with a chance of 1 / denom.
302 return (arc4random_uniform(subsampling_denom) == 0) ? subsampling_denom : 0;
303 }
304
maybeLogQuery(int eventType,const android_net_context & netContext,const NetworkDnsEventReported & event,const std::string & query_name,const std::vector<std::string> & ip_addrs)305 void maybeLogQuery(int eventType, const android_net_context& netContext,
306 const NetworkDnsEventReported& event, const std::string& query_name,
307 const std::vector<std::string>& ip_addrs) {
308 // Skip reverse queries.
309 if (eventType == INetdEventListener::EVENT_GETHOSTBYADDR) return;
310
311 for (const auto& query : event.dns_query_events().dns_query_event()) {
312 // Log it when the cache misses.
313 if (query.cache_hit() != CS_FOUND) {
314 const int timeTakenMs = event.latency_micros() / 1000;
315 DnsQueryLog::Record record(netContext.dns_netid, netContext.uid, netContext.pid,
316 query_name, ip_addrs, timeTakenMs);
317 gDnsResolv->dnsQueryLog().push(std::move(record));
318 return;
319 }
320 }
321 }
322
reportDnsEvent(int eventType,const android_net_context & netContext,int latencyUs,int returnCode,NetworkDnsEventReported & event,const std::string & query_name,bool skipStats,const std::vector<std::string> & ip_addrs={},int total_ip_addr_count=0)323 void reportDnsEvent(int eventType, const android_net_context& netContext, int latencyUs,
324 int returnCode, NetworkDnsEventReported& event, const std::string& query_name,
325 bool skipStats, const std::vector<std::string>& ip_addrs = {},
326 int total_ip_addr_count = 0) {
327 int32_t rate =
328 skipStats ? 0
329 : (query_name.ends_with(".local") && is_mdns_supported_network(netContext.dns_netid) &&
330 android::net::Experiments::getInstance()->getFlag("mdns_resolution", 1))
331 ? getDnsEventSubsamplingRate(netContext.dns_netid, returnCode, true)
332 : getDnsEventSubsamplingRate(netContext.dns_netid, returnCode, false);
333
334 if (rate) {
335 const std::string& dnsQueryStats = event.dns_query_events().SerializeAsString();
336 stats::BytesField dnsQueryBytesField{dnsQueryStats.c_str(), dnsQueryStats.size()};
337 event.set_return_code(static_cast<ReturnCode>(returnCode));
338 event.set_network_type(resolv_get_network_types_for_net(netContext.dns_netid));
339 event.set_uid(netContext.uid);
340 android::net::stats::stats_write(
341 android::net::stats::NETWORK_DNS_EVENT_REPORTED, event.event_type(),
342 event.return_code(), event.latency_micros(), event.hints_ai_flags(),
343 event.res_nsend_flags(), event.network_type(), event.private_dns_modes(),
344 dnsQueryBytesField, rate, event.uid());
345 }
346
347 maybeLogQuery(eventType, netContext, event, query_name, ip_addrs);
348
349 const auto& listeners = ResolverEventReporter::getInstance().getListeners();
350 if (listeners.empty()) {
351 LOG(ERROR) << __func__
352 << ": DNS event not sent since no INetdEventListener receiver is available.";
353 }
354 const int latencyMs = latencyUs / 1000;
355 for (const auto& it : listeners) {
356 it->onDnsEvent(netContext.dns_netid, eventType, returnCode, latencyMs, query_name, ip_addrs,
357 total_ip_addr_count, netContext.uid);
358 }
359
360 const auto& unsolEventListeners = ResolverEventReporter::getInstance().getUnsolEventListeners();
361
362 if (returnCode == NETD_RESOLV_TIMEOUT) {
363 const DnsHealthEventParcel dnsHealthEvent = {
364 .netId = static_cast<int32_t>(netContext.dns_netid),
365 .healthResult = IDnsResolverUnsolicitedEventListener::DNS_HEALTH_RESULT_TIMEOUT,
366 };
367 for (const auto& it : unsolEventListeners) {
368 it->onDnsHealthEvent(dnsHealthEvent);
369 }
370 } else if (returnCode == NOERROR) {
371 DnsHealthEventParcel dnsHealthEvent = {
372 .netId = static_cast<int32_t>(netContext.dns_netid),
373 .healthResult = IDnsResolverUnsolicitedEventListener::DNS_HEALTH_RESULT_OK,
374 };
375 for (const auto& query : event.dns_query_events().dns_query_event()) {
376 if (query.cache_hit() != CS_FOUND && query.rcode() == NS_R_NO_ERROR) {
377 dnsHealthEvent.successRttMicros.push_back(query.latency_micros());
378 }
379 }
380
381 if (!dnsHealthEvent.successRttMicros.empty()) {
382 for (const auto& it : unsolEventListeners) {
383 it->onDnsHealthEvent(dnsHealthEvent);
384 }
385 }
386 }
387 }
388
onlyIPv4Answers(const addrinfo * res)389 bool onlyIPv4Answers(const addrinfo* res) {
390 // Null addrinfo pointer isn't checked because the caller doesn't pass null pointer.
391
392 for (const addrinfo* ai = res; ai; ai = ai->ai_next)
393 if (ai->ai_family != AF_INET) return false;
394
395 return true;
396 }
397
isSpecialUseIPv4Address(const struct in_addr & ia)398 bool isSpecialUseIPv4Address(const struct in_addr& ia) {
399 const uint32_t addr = ntohl(ia.s_addr);
400
401 // Only check necessary IP ranges in RFC 5735 section 4
402 return ((addr & 0xff000000) == 0x00000000) || // "This" Network
403 ((addr & 0xff000000) == 0x7f000000) || // Loopback
404 ((addr & 0xffff0000) == 0xa9fe0000) || // Link Local
405 ((addr & 0xf0000000) == 0xe0000000) || // Multicast
406 (addr == INADDR_BROADCAST); // Limited Broadcast
407 }
408
isSpecialUseIPv4Address(const struct sockaddr * sa)409 bool isSpecialUseIPv4Address(const struct sockaddr* sa) {
410 if (sa->sa_family != AF_INET) return false;
411
412 return isSpecialUseIPv4Address(((struct sockaddr_in*)sa)->sin_addr);
413 }
414
onlyNonSpecialUseIPv4Addresses(struct hostent * hp)415 bool onlyNonSpecialUseIPv4Addresses(struct hostent* hp) {
416 // Null hostent pointer isn't checked because the caller doesn't pass null pointer.
417
418 if (hp->h_addrtype != AF_INET) return false;
419
420 for (int i = 0; hp->h_addr_list[i] != nullptr; i++)
421 if (isSpecialUseIPv4Address(*(struct in_addr*)hp->h_addr_list[i])) return false;
422
423 return true;
424 }
425
onlyNonSpecialUseIPv4Addresses(const addrinfo * res)426 bool onlyNonSpecialUseIPv4Addresses(const addrinfo* res) {
427 // Null addrinfo pointer isn't checked because the caller doesn't pass null pointer.
428
429 for (const addrinfo* ai = res; ai; ai = ai->ai_next) {
430 if (ai->ai_family != AF_INET) return false;
431 if (isSpecialUseIPv4Address(ai->ai_addr)) return false;
432 }
433
434 return true;
435 }
436
logDnsQueryResult(const struct hostent * hp)437 void logDnsQueryResult(const struct hostent* hp) {
438 if (!WOULD_LOG(DEBUG)) return;
439 if (hp == nullptr) return;
440
441 LOG(DEBUG) << __func__ << ": DNS records:";
442 for (int i = 0; hp->h_addr_list[i] != nullptr; i++) {
443 char ip_addr[INET6_ADDRSTRLEN];
444 if (inet_ntop(hp->h_addrtype, hp->h_addr_list[i], ip_addr, sizeof(ip_addr)) != nullptr) {
445 LOG(DEBUG) << __func__ << ": [" << i << "] " << hp->h_addrtype;
446 } else {
447 PLOG(DEBUG) << __func__ << ": [" << i << "] numeric hostname translation fail";
448 }
449 }
450 }
451
logDnsQueryResult(const addrinfo * res)452 void logDnsQueryResult(const addrinfo* res) {
453 if (!WOULD_LOG(DEBUG)) return;
454 if (res == nullptr) return;
455
456 int i;
457 const addrinfo* ai;
458 LOG(DEBUG) << __func__ << ": DNS records:";
459 for (ai = res, i = 0; ai; ai = ai->ai_next, i++) {
460 if ((ai->ai_family != AF_INET) && (ai->ai_family != AF_INET6)) continue;
461 // Reassign it to a local variable to avoid -Wnullable-to-nonnull-conversion on calling
462 // getnameinfo.
463 const sockaddr* ai_addr = ai->ai_addr;
464 char ip_addr[INET6_ADDRSTRLEN];
465 const int ret = getnameinfo(ai_addr, ai->ai_addrlen, ip_addr, sizeof(ip_addr), nullptr, 0,
466 NI_NUMERICHOST);
467 if (!ret) {
468 LOG(DEBUG) << __func__ << ": [" << i << "] " << ai->ai_flags << " " << ai->ai_family
469 << " " << ai->ai_socktype << " " << ai->ai_protocol << " " << ip_addr;
470 } else {
471 LOG(DEBUG) << __func__ << ": [" << i << "] numeric hostname translation fail " << ret;
472 }
473 }
474 }
475
isValidNat64Prefix(const netdutils::IPPrefix prefix)476 bool isValidNat64Prefix(const netdutils::IPPrefix prefix) {
477 if (prefix.family() != AF_INET6) {
478 LOG(ERROR) << __func__ << ": Only IPv6 NAT64 prefixes are supported " << prefix.family();
479 return false;
480 }
481 if (prefix.length() != 96) {
482 LOG(ERROR) << __func__ << ": Only /96 NAT64 prefixes are supported " << prefix.length();
483 return false;
484 }
485 return true;
486 }
487
synthesizeNat64PrefixWithARecord(const netdutils::IPPrefix & prefix,struct hostent * hp)488 bool synthesizeNat64PrefixWithARecord(const netdutils::IPPrefix& prefix, struct hostent* hp) {
489 if (hp == nullptr) return false;
490 if (!onlyNonSpecialUseIPv4Addresses(hp)) return false;
491 if (!isValidNat64Prefix(prefix)) return false;
492
493 struct sockaddr_storage ss = netdutils::IPSockAddr(prefix.ip());
494 struct sockaddr_in6* v6prefix = (struct sockaddr_in6*)&ss;
495 for (int i = 0; hp->h_addr_list[i] != nullptr; i++) {
496 struct in_addr iaOriginal = *(struct in_addr*)hp->h_addr_list[i];
497 struct in6_addr* ia6 = (struct in6_addr*)hp->h_addr_list[i];
498 memset(ia6, 0, sizeof(struct in6_addr));
499
500 // Synthesize /96 NAT64 prefix in place. The space has reserved by getanswer() and
501 // _hf_gethtbyname2() in system/netd/resolv/gethnamaddr.cpp and
502 // system/netd/resolv/sethostent.cpp.
503 *ia6 = v6prefix->sin6_addr;
504 ia6->s6_addr32[3] = iaOriginal.s_addr;
505
506 if (WOULD_LOG(VERBOSE)) {
507 char buf[INET6_ADDRSTRLEN]; // big enough for either IPv4 or IPv6
508 inet_ntop(AF_INET, &iaOriginal.s_addr, buf, sizeof(buf));
509 LOG(VERBOSE) << __func__ << ": DNS A record: " << buf;
510 inet_ntop(AF_INET6, &v6prefix->sin6_addr, buf, sizeof(buf));
511 LOG(VERBOSE) << __func__ << ": NAT64 prefix: " << buf;
512 inet_ntop(AF_INET6, ia6, buf, sizeof(buf));
513 LOG(VERBOSE) << __func__ << ": DNS64 Synthesized AAAA record: " << buf;
514 }
515 }
516 hp->h_addrtype = AF_INET6;
517 hp->h_length = sizeof(in6_addr);
518
519 logDnsQueryResult(hp);
520 return true;
521 }
522
synthesizeNat64PrefixWithARecord(const netdutils::IPPrefix & prefix,addrinfo ** res,bool unspecWantedButNoIPv6,const android_net_context * netcontext)523 bool synthesizeNat64PrefixWithARecord(const netdutils::IPPrefix& prefix, addrinfo** res,
524 bool unspecWantedButNoIPv6,
525 const android_net_context* netcontext) {
526 if (*res == nullptr) return false;
527 if (!onlyNonSpecialUseIPv4Addresses(*res)) return false;
528 if (!isValidNat64Prefix(prefix)) return false;
529
530 const sockaddr_storage ss = netdutils::IPSockAddr(prefix.ip());
531 const sockaddr_in6* v6prefix = (sockaddr_in6*)&ss;
532 addrinfo* const head4 = *res;
533 addrinfo* head6 = nullptr;
534 addrinfo* cur6 = nullptr;
535
536 // Build a synthesized AAAA addrinfo list from the queried A addrinfo list. Here is the diagram
537 // for the relationship of pointers.
538 //
539 // head4: point to the first queried A addrinfo
540 // |
541 // v
542 // +-------------+ +-------------+
543 // | addrinfo4#1 |-->| addrinfo4#2 |--> .. queried A addrinfo(s) for DNS64 synthesis
544 // +-------------+ +-------------+
545 // ^
546 // |
547 // cur4: current worked-on queried A addrinfo
548 //
549 // head6: point to the first synthesized AAAA addrinfo
550 // |
551 // v
552 // +-------------+ +-------------+
553 // | addrinfo6#1 |-->| addrinfo6#2 |--> .. synthesized DNS64 AAAA addrinfo(s)
554 // +-------------+ +-------------+
555 // ^
556 // |
557 // cur6: current worked-on synthesized addrinfo
558 //
559 for (const addrinfo* cur4 = head4; cur4; cur4 = cur4->ai_next) {
560 // Allocate a space for a synthesized AAAA addrinfo. Note that the addrinfo and sockaddr
561 // occupy one contiguous block of memory and are allocated and freed as a single block.
562 // See get_ai and freeaddrinfo in packages/modules/DnsResolver/getaddrinfo.cpp.
563 addrinfo* sa = (addrinfo*)calloc(1, sizeof(addrinfo) + sizeof(sockaddr_in6));
564 if (sa == nullptr) {
565 LOG(ERROR) << "allocate memory failed for synthesized result";
566 freeaddrinfo(head6);
567 return false;
568 }
569
570 // Initialize the synthesized AAAA addrinfo by the queried A addrinfo. The ai_addr will be
571 // set lately.
572 sa->ai_flags = cur4->ai_flags;
573 sa->ai_family = AF_INET6;
574 sa->ai_socktype = cur4->ai_socktype;
575 sa->ai_protocol = cur4->ai_protocol;
576 sa->ai_addrlen = sizeof(sockaddr_in6);
577 sa->ai_addr = (sockaddr*)(sa + 1);
578 sa->ai_canonname = nullptr;
579 sa->ai_next = nullptr;
580
581 if (cur4->ai_canonname != nullptr) {
582 // Reassign it to a local variable to avoid -Wnullable-to-nonnull-conversion on calling
583 // strdup.
584 const char* ai_canonname = cur4->ai_canonname;
585 sa->ai_canonname = strdup(ai_canonname);
586 if (sa->ai_canonname == nullptr) {
587 LOG(ERROR) << "allocate memory failed for canonname";
588 freeaddrinfo(sa);
589 freeaddrinfo(head6);
590 return false;
591 }
592 }
593
594 // Synthesize /96 NAT64 prefix with the queried IPv4 address.
595 const sockaddr_in* sin4 = (sockaddr_in*)cur4->ai_addr;
596 sockaddr_in6* sin6 = (sockaddr_in6*)sa->ai_addr;
597 sin6->sin6_addr = v6prefix->sin6_addr;
598 sin6->sin6_addr.s6_addr32[3] = sin4->sin_addr.s_addr;
599 sin6->sin6_family = AF_INET6;
600 sin6->sin6_port = sin4->sin_port;
601
602 // If the synthesized list is empty, this becomes the first element.
603 if (head6 == nullptr) {
604 head6 = sa;
605 }
606
607 // Add this element to the end of the synthesized list.
608 if (cur6 != nullptr) {
609 cur6->ai_next = sa;
610 }
611 cur6 = sa;
612
613 if (WOULD_LOG(VERBOSE)) {
614 char buf[INET6_ADDRSTRLEN]; // big enough for either IPv4 or IPv6
615 inet_ntop(AF_INET, &sin4->sin_addr.s_addr, buf, sizeof(buf));
616 LOG(VERBOSE) << __func__ << ": DNS A record: " << buf;
617 inet_ntop(AF_INET6, &v6prefix->sin6_addr, buf, sizeof(buf));
618 LOG(VERBOSE) << __func__ << ": NAT64 prefix: " << buf;
619 inet_ntop(AF_INET6, &sin6->sin6_addr, buf, sizeof(buf));
620 LOG(VERBOSE) << __func__ << ": DNS64 Synthesized AAAA record: " << buf;
621 }
622 }
623
624 // Simply concatenate the synthesized AAAA addrinfo list and the queried A addrinfo list when
625 // AF_UNSPEC is specified. In the other words, the IPv6 addresses are listed first and then
626 // IPv4 addresses. For example:
627 // 64:ff9b::102:304 (socktype=2, protocol=17) ->
628 // 64:ff9b::102:304 (socktype=1, protocol=6) ->
629 // 1.2.3.4 (socktype=2, protocol=17) ->
630 // 1.2.3.4 (socktype=1, protocol=6)
631 // Note that head6 and cur6 should be non-null because there was at least one IPv4 address
632 // synthesized. From the above example, the synthesized addrinfo list puts IPv6 and IPv4 in
633 // groups and sort by RFC 6724 later. This ordering is different from no synthesized case
634 // because resolv_getaddrinfo() sorts results in explore_options. resolv_getaddrinfo() calls
635 // explore_fqdn() many times by the different items of explore_options. It means that
636 // resolv_rfc6724_sort() only sorts the results in each explore_options and concatenates each
637 // results into one. For example, getaddrinfo() is called with null hints for a domain name
638 // which has both IPv4 and IPv6 addresses. The address order of the result addrinfo may be:
639 // 2001:db8::102:304 (socktype=2, protocol=17) -> 1.2.3.4 (socktype=2, protocol=17) ->
640 // 2001:db8::102:304 (socktype=1, protocol=6) -> 1.2.3.4 (socktype=1, protocol=6)
641 // In above example, the first two results come from one explore option and the last two come
642 // from another one. They are sorted first, and then concatenate together to be the result.
643 // See also resolv_getaddrinfo in packages/modules/DnsResolver/getaddrinfo.cpp.
644 if (unspecWantedButNoIPv6) {
645 cur6->ai_next = head4;
646 } else {
647 freeaddrinfo(head4);
648 }
649
650 // Sort the concatenated addresses by RFC 6724 section 2.1.
651 struct addrinfo sorting_head = {.ai_next = head6};
652 resolv_rfc6724_sort(&sorting_head, netcontext->app_mark, netcontext->uid);
653
654 *res = sorting_head.ai_next;
655 logDnsQueryResult(*res);
656 return true;
657 }
658
getDns64Prefix(unsigned netId,netdutils::IPPrefix * prefix)659 bool getDns64Prefix(unsigned netId, netdutils::IPPrefix* prefix) {
660 return !gDnsResolv->resolverCtrl.getPrefix64(netId, prefix);
661 }
662
makeThreadName(unsigned netId,uint32_t uid)663 std::string makeThreadName(unsigned netId, uint32_t uid) {
664 // The maximum of netId and app_id are 5-digit numbers.
665 return fmt::format("Dns_{}_{}", netId, multiuser_get_app_id(uid));
666 }
667
668 typedef int (*InitFn)();
669 typedef int (*IsUidBlockedFn)(uid_t, bool);
670
671 IsUidBlockedFn ADnsHelper_isUidNetworkingBlocked;
672
resolveIsUidNetworkingBlockedFn()673 IsUidBlockedFn resolveIsUidNetworkingBlockedFn() {
674 // Related BPF maps were mainlined from T.
675 if (!isAtLeastT()) return nullptr;
676
677 // TODO: Check whether it is safe to shared link the .so without using dlopen when the carrier
678 // APEX module (tethering) is fully released.
679 void* handle = dlopen("libcom.android.tethering.dns_helper.so", RTLD_NOW | RTLD_LOCAL);
680 if (!handle) {
681 LOG(WARNING) << __func__ << ": " << dlerror();
682 return nullptr;
683 }
684
685 InitFn ADnsHelper_init = reinterpret_cast<InitFn>(dlsym(handle, "ADnsHelper_init"));
686 if (!ADnsHelper_init) {
687 LOG(ERROR) << __func__ << ": " << dlerror();
688 // TODO: Change to abort() when NDK is finalized
689 return nullptr;
690 }
691 const int ret = (*ADnsHelper_init)();
692 if (ret) {
693 LOG(ERROR) << __func__ << ": ADnsHelper_init failed " << strerror(-ret);
694 abort();
695 }
696
697 IsUidBlockedFn f =
698 reinterpret_cast<IsUidBlockedFn>(dlsym(handle, "ADnsHelper_isUidNetworkingBlocked"));
699 if (!f) {
700 LOG(ERROR) << __func__ << ": " << dlerror();
701 // TODO: Change to abort() when NDK is finalized
702 return nullptr;
703 }
704 return f;
705 }
706
isUidNetworkingBlocked(uid_t uid,unsigned netId)707 bool isUidNetworkingBlocked(uid_t uid, unsigned netId) {
708 if (!ADnsHelper_isUidNetworkingBlocked) return false;
709
710 // The enforceDnsUid is an OEM feature that sets DNS packet with AID_DNS instead of the
711 // application's UID. Its DNS packets are not subject to certain network restriction features.
712 if (resolv_is_enforceDnsUid_enabled_network(netId)) return false;
713
714 // Feature flag that can disable the feature.
715 if (!android::net::Experiments::getInstance()->getFlag("fail_fast_on_uid_network_blocking",
716 1)) {
717 return false;
718 }
719
720 return (*ADnsHelper_isUidNetworkingBlocked)(uid, resolv_is_metered_network(netId)) == 1;
721 }
722
723 } // namespace
724
DnsProxyListener()725 DnsProxyListener::DnsProxyListener() : FrameworkListener(SOCKET_NAME) {
726 mGetAddrInfoCmd = std::make_unique<GetAddrInfoCmd>();
727 registerCmd(mGetAddrInfoCmd.get());
728
729 mGetHostByAddrCmd = std::make_unique<GetHostByAddrCmd>();
730 registerCmd(mGetHostByAddrCmd.get());
731
732 mGetHostByNameCmd = std::make_unique<GetHostByNameCmd>();
733 registerCmd(mGetHostByNameCmd.get());
734
735 mResNSendCommand = std::make_unique<ResNSendCommand>();
736 registerCmd(mResNSendCommand.get());
737
738 mGetDnsNetIdCommand = std::make_unique<GetDnsNetIdCommand>();
739 registerCmd(mGetDnsNetIdCommand.get());
740
741 ADnsHelper_isUidNetworkingBlocked = resolveIsUidNetworkingBlockedFn();
742 }
743
spawn()744 void DnsProxyListener::Handler::spawn() {
745 const int rval = netdutils::threadLaunch(this);
746 if (rval == 0) {
747 return;
748 }
749
750 char* msg = nullptr;
751 asprintf(&msg, "%s (%d)", strerror(-rval), -rval);
752 mClient->sendMsg(ResponseCode::OperationFailed, msg, false);
753 free(msg);
754 delete this;
755 }
756
GetAddrInfoHandler(SocketClient * c,std::string host,std::string service,std::unique_ptr<addrinfo> hints,const android_net_context & netcontext)757 DnsProxyListener::GetAddrInfoHandler::GetAddrInfoHandler(SocketClient* c, std::string host,
758 std::string service,
759 std::unique_ptr<addrinfo> hints,
760 const android_net_context& netcontext)
761 : Handler(c),
762 mHost(std::move(host)),
763 mService(std::move(service)),
764 mHints(std::move(hints)),
765 mNetContext(netcontext) {}
766
767 DnsProxyListener::GetAddrInfoHandler::~GetAddrInfoHandler() = default;
768
769 // Before U, the Netd callback is implemented by OEM to evaluate if a DNS query for the provided
770 // hostname is allowed. On U+, the Netd callback also checks if the user is allowed to send DNS on
771 // the specified network.
evaluate_domain_name(const android_net_context & netcontext,const char * host)772 static bool evaluate_domain_name(const android_net_context& netcontext, const char* host) {
773 if (!gResNetdCallbacks.evaluate_domain_name) return true;
774 return gResNetdCallbacks.evaluate_domain_name(netcontext, host);
775 }
776
HandleArgumentError(SocketClient * cli,int errorcode,std::string strerrormessage,int argc,char ** argv)777 static int HandleArgumentError(SocketClient* cli, int errorcode, std::string strerrormessage,
778 int argc, char** argv) {
779 for (int i = 0; i < argc; i++) {
780 strerrormessage += "argv[" + std::to_string(i) + "]=" + (argv[i] ? argv[i] : "null") + " ";
781 }
782
783 LOG(WARNING) << strerrormessage;
784 cli->sendMsg(errorcode, strerrormessage.c_str(), false);
785 return -1;
786 }
787
sendBE32(SocketClient * c,uint32_t data)788 static bool sendBE32(SocketClient* c, uint32_t data) {
789 uint32_t be_data = htonl(data);
790 return c->sendData(&be_data, sizeof(be_data)) == 0;
791 }
792
793 // Sends 4 bytes of big-endian length, followed by the data.
794 // Returns true on success.
sendLenAndData(SocketClient * c,const int len,const void * data)795 static bool sendLenAndData(SocketClient* c, const int len, const void* data) {
796 return sendBE32(c, len) && (len == 0 || c->sendData(data, len) == 0);
797 }
798
799 // Returns true on success
sendhostent(SocketClient * c,hostent * hp)800 static bool sendhostent(SocketClient* c, hostent* hp) {
801 bool success = true;
802 int i;
803 if (hp->h_name != nullptr) {
804 const char* h_name = hp->h_name;
805 success &= sendLenAndData(c, strlen(h_name) + 1, hp->h_name);
806 } else {
807 success &= sendLenAndData(c, 0, "") == 0;
808 }
809
810 for (i = 0; hp->h_aliases[i] != nullptr; i++) {
811 const char* h_aliases = hp->h_aliases[i];
812 success &= sendLenAndData(c, strlen(h_aliases) + 1, hp->h_aliases[i]);
813 }
814 success &= sendLenAndData(c, 0, ""); // null to indicate we're done
815
816 uint32_t buf = htonl(hp->h_addrtype);
817 success &= c->sendData(&buf, sizeof(buf)) == 0;
818
819 buf = htonl(hp->h_length);
820 success &= c->sendData(&buf, sizeof(buf)) == 0;
821
822 for (i = 0; hp->h_addr_list[i] != nullptr; i++) {
823 success &= sendLenAndData(c, 16, hp->h_addr_list[i]);
824 }
825 success &= sendLenAndData(c, 0, ""); // null to indicate we're done
826 return success;
827 }
828
sendaddrinfo(SocketClient * c,addrinfo * ai)829 static bool sendaddrinfo(SocketClient* c, addrinfo* ai) {
830 // struct addrinfo {
831 // int ai_flags; /* AI_PASSIVE, AI_CANONNAME, AI_NUMERICHOST */
832 // int ai_family; /* PF_xxx */
833 // int ai_socktype; /* SOCK_xxx */
834 // int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
835 // socklen_t ai_addrlen; /* length of ai_addr */
836 // char *ai_canonname; /* canonical name for hostname */
837 // struct sockaddr *ai_addr; /* binary address */
838 // struct addrinfo *ai_next; /* next structure in linked list */
839 // };
840
841 // Write the struct piece by piece because we might be a 64-bit netd
842 // talking to a 32-bit process.
843 bool success = sendBE32(c, ai->ai_flags) && sendBE32(c, ai->ai_family) &&
844 sendBE32(c, ai->ai_socktype) && sendBE32(c, ai->ai_protocol);
845 if (!success) {
846 return false;
847 }
848
849 // ai_addrlen and ai_addr.
850 if (!sendLenAndData(c, ai->ai_addrlen, ai->ai_addr)) {
851 return false;
852 }
853
854 // strlen(ai_canonname) and ai_canonname.
855 int len = 0;
856 if (ai->ai_canonname != nullptr) {
857 const char* ai_canonname = ai->ai_canonname;
858 len = strlen(ai_canonname) + 1;
859 }
860 if (!sendLenAndData(c, len, ai->ai_canonname)) {
861 return false;
862 }
863
864 return true;
865 }
866
doDns64Synthesis(int32_t * rv,addrinfo ** res,NetworkDnsEventReported * event)867 void DnsProxyListener::GetAddrInfoHandler::doDns64Synthesis(int32_t* rv, addrinfo** res,
868 NetworkDnsEventReported* event) {
869 const bool ipv6WantedButNoData = (mHints && mHints->ai_family == AF_INET6 && *rv == EAI_NODATA);
870 const bool unspecWantedButNoIPv6 =
871 ((!mHints || mHints->ai_family == AF_UNSPEC) && *rv == 0 && onlyIPv4Answers(*res));
872
873 if (!ipv6WantedButNoData && !unspecWantedButNoIPv6) {
874 return;
875 }
876
877 netdutils::IPPrefix prefix{};
878 if (!getDns64Prefix(mNetContext.dns_netid, &prefix)) {
879 return;
880 }
881
882 if (ipv6WantedButNoData) {
883 // If caller wants IPv6 answers but no data, try to query IPv4 answers for synthesis
884 const char* host = mHost.starts_with('^') ? nullptr : mHost.c_str();
885 const char* service = mService.starts_with('^') ? nullptr : mService.c_str();
886 mHints->ai_family = AF_INET;
887 // Don't need to do freeaddrinfo(res) before starting new DNS lookup because previous
888 // DNS lookup is failed with error EAI_NODATA.
889 *rv = resolv_getaddrinfo(host, service, mHints.get(), &mNetContext, res, event);
890 if (*rv) {
891 *rv = EAI_NODATA; // return original error code
892 return;
893 }
894 }
895
896 if (!synthesizeNat64PrefixWithARecord(prefix, res, unspecWantedButNoIPv6, &mNetContext)) {
897 if (ipv6WantedButNoData) {
898 // If caller wants IPv6 answers but no data and failed to synthesize IPv6 answers,
899 // don't return the IPv4 answers.
900 *rv = EAI_NODATA; // return original error code
901 if (*res) {
902 freeaddrinfo(*res);
903 *res = nullptr;
904 }
905 }
906 }
907 }
908
run()909 void DnsProxyListener::GetAddrInfoHandler::run() {
910 LOG(INFO) << "GetAddrInfoHandler::run: {" << mNetContext.toString() << "}";
911
912 addrinfo* result = nullptr;
913 Stopwatch s;
914 maybeFixupNetContext(&mNetContext, mClient->getPid());
915 const uid_t uid = mClient->getUid();
916 int32_t rv = 0;
917 NetworkDnsEventReported event;
918 initDnsEvent(&event, mNetContext);
919 const bool isUidBlocked = isUidNetworkingBlocked(mNetContext.uid, mNetContext.dns_netid);
920 if (isUidBlocked) {
921 LOG(INFO) << "GetAddrInfoHandler::run: network access blocked";
922 rv = EAI_FAIL;
923 } else if (startQueryLimiter(uid)) {
924 const char* host = mHost.starts_with('^') ? nullptr : mHost.c_str();
925 const char* service = mService.starts_with('^') ? nullptr : mService.c_str();
926 if (evaluate_domain_name(mNetContext, host)) {
927 rv = resolv_getaddrinfo(host, service, mHints.get(), &mNetContext, &result, &event);
928 doDns64Synthesis(&rv, &result, &event);
929 } else {
930 rv = EAI_SYSTEM;
931 }
932 endQueryLimiter(uid);
933 } else {
934 // Note that this error code is currently not passed down to the client.
935 // android_getaddrinfo_proxy() returns EAI_NODATA on any error.
936 rv = EAI_MEMORY;
937 LOG(ERROR) << "GetAddrInfoHandler::run: from UID " << uid
938 << ", max concurrent queries reached";
939 }
940
941 const int32_t latencyUs = saturate_cast<int32_t>(s.timeTakenUs());
942 event.set_latency_micros(latencyUs);
943 event.set_event_type(EVENT_GETADDRINFO);
944 event.set_hints_ai_flags((mHints ? mHints->ai_flags : 0));
945
946 bool success = true;
947 if (rv) {
948 // getaddrinfo failed
949 success = !mClient->sendBinaryMsg(ResponseCode::DnsProxyOperationFailed, &rv, sizeof(rv));
950 } else {
951 success = !mClient->sendCode(ResponseCode::DnsProxyQueryResult);
952 addrinfo* ai = result;
953 while (ai && success) {
954 success = sendBE32(mClient, 1) && sendaddrinfo(mClient, ai);
955 ai = ai->ai_next;
956 }
957 success = success && sendBE32(mClient, 0);
958 }
959
960 if (!success) {
961 PLOG(WARNING) << "GetAddrInfoHandler::run: Error writing DNS result to client uid " << uid
962 << " pid " << mClient->getPid();
963 }
964
965 std::vector<std::string> ip_addrs;
966 const int total_ip_addr_count = extractGetAddrInfoAnswers(result, &ip_addrs);
967 reportDnsEvent(INetdEventListener::EVENT_GETADDRINFO, mNetContext, latencyUs, rv, event, mHost,
968 isUidBlocked, ip_addrs, total_ip_addr_count);
969 freeaddrinfo(result);
970 }
971
threadName()972 std::string DnsProxyListener::GetAddrInfoHandler::threadName() {
973 return makeThreadName(mNetContext.dns_netid, mClient->getUid());
974 }
975
976 namespace {
977
addIpAddrWithinLimit(std::vector<std::string> * ip_addrs,const sockaddr * addr,socklen_t addrlen)978 void addIpAddrWithinLimit(std::vector<std::string>* ip_addrs, const sockaddr* addr,
979 socklen_t addrlen) {
980 // ipAddresses array is limited to first INetdEventListener::DNS_REPORTED_IP_ADDRESSES_LIMIT
981 // addresses for A and AAAA. Total count of addresses is provided, to be able to tell whether
982 // some addresses didn't get logged.
983 if (ip_addrs->size() < INetdEventListener::DNS_REPORTED_IP_ADDRESSES_LIMIT) {
984 char ip_addr[INET6_ADDRSTRLEN];
985 if (getnameinfo(addr, addrlen, ip_addr, sizeof(ip_addr), nullptr, 0, NI_NUMERICHOST) == 0) {
986 ip_addrs->push_back(std::string(ip_addr));
987 }
988 }
989 }
990
991 } // namespace
992
GetAddrInfoCmd()993 DnsProxyListener::GetAddrInfoCmd::GetAddrInfoCmd() : FrameworkCommand("getaddrinfo") {}
994
runCommand(SocketClient * cli,int argc,char ** argv)995 int DnsProxyListener::GetAddrInfoCmd::runCommand(SocketClient* cli, int argc, char** argv) {
996 logArguments(argc, argv);
997
998 int ai_flags = 0;
999 int ai_family = 0;
1000 int ai_socktype = 0;
1001 int ai_protocol = 0;
1002 unsigned netId = 0;
1003 std::string strErr = "GetAddrInfoCmd::runCommand: ";
1004
1005 if (argc != 8) {
1006 strErr = strErr + "invalid number of arguments: " + std::to_string(argc);
1007 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, 0, NULL);
1008 }
1009
1010 const std::string name = argv[1];
1011 const std::string service = argv[2];
1012 if (!ParseInt(argv[3], &ai_flags))
1013 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1014 if (!ParseInt(argv[4], &ai_family))
1015 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1016 if (!ParseInt(argv[5], &ai_socktype))
1017 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1018 if (!ParseInt(argv[6], &ai_protocol))
1019 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1020 if (!ParseUint(argv[7], &netId))
1021 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1022
1023 const bool useLocalNameservers = checkAndClearUseLocalNameserversFlag(&netId);
1024 const uid_t uid = cli->getUid();
1025
1026 android_net_context netcontext;
1027 gResNetdCallbacks.get_network_context(netId, uid, &netcontext);
1028
1029 if (useLocalNameservers) {
1030 netcontext.flags |= NET_CONTEXT_FLAG_USE_LOCAL_NAMESERVERS;
1031 }
1032
1033 std::unique_ptr<addrinfo> hints;
1034 if (ai_flags != -1 || ai_family != -1 || ai_socktype != -1 || ai_protocol != -1) {
1035 hints.reset((addrinfo*)calloc(1, sizeof(addrinfo)));
1036 hints->ai_flags = ai_flags;
1037 hints->ai_family = ai_family;
1038 hints->ai_socktype = ai_socktype;
1039 hints->ai_protocol = ai_protocol;
1040 }
1041
1042 (new GetAddrInfoHandler(cli, name, service, std::move(hints), netcontext))->spawn();
1043 return 0;
1044 }
1045
1046 /*******************************************************
1047 * ResNSendCommand *
1048 *******************************************************/
ResNSendCommand()1049 DnsProxyListener::ResNSendCommand::ResNSendCommand() : FrameworkCommand("resnsend") {}
1050
runCommand(SocketClient * cli,int argc,char ** argv)1051 int DnsProxyListener::ResNSendCommand::runCommand(SocketClient* cli, int argc, char** argv) {
1052 logArguments(argc, argv);
1053
1054 const uid_t uid = cli->getUid();
1055 if (argc != 4) {
1056 LOG(WARNING) << "ResNSendCommand::runCommand: resnsend: from UID " << uid
1057 << ", invalid number of arguments to resnsend: " << argc;
1058 sendBE32(cli, -EINVAL);
1059 return -1;
1060 }
1061
1062 unsigned netId;
1063 if (!ParseUint(argv[1], &netId)) {
1064 LOG(WARNING) << "ResNSendCommand::runCommand: resnsend: from UID " << uid
1065 << ", invalid netId";
1066 sendBE32(cli, -EINVAL);
1067 return -1;
1068 }
1069
1070 uint32_t flags;
1071 if (!ParseUint(argv[2], &flags)) {
1072 LOG(WARNING) << "ResNSendCommand::runCommand: resnsend: from UID " << uid
1073 << ", invalid flags";
1074 sendBE32(cli, -EINVAL);
1075 return -1;
1076 }
1077
1078 const bool useLocalNameservers = checkAndClearUseLocalNameserversFlag(&netId);
1079
1080 android_net_context netcontext;
1081 gResNetdCallbacks.get_network_context(netId, uid, &netcontext);
1082
1083 if (useLocalNameservers) {
1084 netcontext.flags |= NET_CONTEXT_FLAG_USE_LOCAL_NAMESERVERS;
1085 }
1086
1087 (new ResNSendHandler(cli, argv[3], flags, netcontext))->spawn();
1088 return 0;
1089 }
1090
ResNSendHandler(SocketClient * c,std::string msg,uint32_t flags,const android_net_context & netcontext)1091 DnsProxyListener::ResNSendHandler::ResNSendHandler(SocketClient* c, std::string msg, uint32_t flags,
1092 const android_net_context& netcontext)
1093 : Handler(c), mMsg(std::move(msg)), mFlags(flags), mNetContext(netcontext) {}
1094
run()1095 void DnsProxyListener::ResNSendHandler::run() {
1096 LOG(INFO) << "ResNSendHandler::run: " << mFlags << " / {" << mNetContext.toString() << "}";
1097
1098 Stopwatch s;
1099 maybeFixupNetContext(&mNetContext, mClient->getPid());
1100
1101 // Decode
1102 std::vector<uint8_t> msg(MAXPACKET, 0);
1103
1104 // Max length of mMsg is less than 1024 since the CMD_BUF_SIZE in FrameworkListener is 1024
1105 int msgLen = b64_pton(mMsg.c_str(), msg.data(), MAXPACKET);
1106 if (msgLen == -1) {
1107 // Decode fail
1108 sendBE32(mClient, -EILSEQ);
1109 return;
1110 }
1111
1112 const uid_t uid = mClient->getUid();
1113 int rr_type = 0;
1114 std::string rr_name;
1115 uint16_t original_query_id = 0;
1116
1117 // TODO: Handle the case which is msg contains more than one query
1118 if (!parseQuery(std::span(msg.data(), msgLen), &original_query_id, &rr_type, &rr_name) ||
1119 !setQueryId(std::span(msg.data(), msgLen), arc4random_uniform(65536))) {
1120 // If the query couldn't be parsed, block the request.
1121 LOG(WARNING) << "ResNSendHandler::run: resnsend: from UID " << uid << ", invalid query";
1122 sendBE32(mClient, -EINVAL);
1123 return;
1124 }
1125
1126 // Send DNS query
1127 std::vector<uint8_t> ansBuf(MAXPACKET, 0);
1128 int rcode = ns_r_noerror;
1129 int ansLen = -1;
1130 NetworkDnsEventReported event;
1131 initDnsEvent(&event, mNetContext);
1132 const bool isUidBlocked = isUidNetworkingBlocked(mNetContext.uid, mNetContext.dns_netid);
1133 if (isUidBlocked) {
1134 LOG(INFO) << "ResNSendHandler::run: network access blocked";
1135 ansLen = -ECONNREFUSED;
1136 } else if (startQueryLimiter(uid)) {
1137 if (evaluate_domain_name(mNetContext, rr_name.c_str())) {
1138 ansLen = resolv_res_nsend(&mNetContext, std::span(msg.data(), msgLen), ansBuf, &rcode,
1139 static_cast<ResNsendFlags>(mFlags), &event);
1140 } else {
1141 // TODO(b/307048182): It should return -errno.
1142 ansLen = -EAI_SYSTEM;
1143 }
1144 endQueryLimiter(uid);
1145 } else {
1146 LOG(WARNING) << "ResNSendHandler::run: resnsend: from UID " << uid
1147 << ", max concurrent queries reached";
1148 ansLen = -EBUSY;
1149 }
1150
1151 const int32_t latencyUs = saturate_cast<int32_t>(s.timeTakenUs());
1152 event.set_latency_micros(latencyUs);
1153 event.set_event_type(EVENT_RES_NSEND);
1154 event.set_res_nsend_flags(static_cast<ResNsendFlags>(mFlags));
1155
1156 // Fail, send -errno
1157 if (ansLen < 0) {
1158 if (!sendBE32(mClient, ansLen)) {
1159 PLOG(WARNING) << "ResNSendHandler::run: resnsend: failed to send errno to uid " << uid
1160 << " pid " << mClient->getPid();
1161 }
1162 if (rr_type == ns_t_a || rr_type == ns_t_aaaa) {
1163 reportDnsEvent(INetdEventListener::EVENT_RES_NSEND, mNetContext, latencyUs,
1164 resNSendToAiError(ansLen, rcode), event, rr_name, isUidBlocked);
1165 }
1166 return;
1167 }
1168
1169 // Send rcode
1170 if (!sendBE32(mClient, rcode)) {
1171 PLOG(WARNING) << "ResNSendHandler::run: resnsend: failed to send rcode to uid " << uid
1172 << " pid " << mClient->getPid();
1173 return;
1174 }
1175
1176 // Restore query id
1177 if (!setQueryId(std::span(ansBuf.data(), ansLen), original_query_id)) {
1178 LOG(WARNING) << "ResNSendHandler::run: resnsend: failed to restore query id";
1179 return;
1180 }
1181
1182 // Send answer
1183 if (!sendLenAndData(mClient, ansLen, ansBuf.data())) {
1184 PLOG(WARNING) << "ResNSendHandler::run: resnsend: failed to send answer to uid " << uid
1185 << " pid " << mClient->getPid();
1186 return;
1187 }
1188
1189 if (rr_type == ns_t_a || rr_type == ns_t_aaaa) {
1190 std::vector<std::string> ip_addrs;
1191 const int total_ip_addr_count =
1192 extractResNsendAnswers(std::span(ansBuf.data(), ansLen), rr_type, &ip_addrs);
1193 reportDnsEvent(INetdEventListener::EVENT_RES_NSEND, mNetContext, latencyUs,
1194 resNSendToAiError(ansLen, rcode), event, rr_name, /*skipStats=*/false,
1195 ip_addrs, total_ip_addr_count);
1196 }
1197 }
1198
threadName()1199 std::string DnsProxyListener::ResNSendHandler::threadName() {
1200 return makeThreadName(mNetContext.dns_netid, mClient->getUid());
1201 }
1202
1203 namespace {
1204
sendCodeAndBe32(SocketClient * c,int code,int data)1205 bool sendCodeAndBe32(SocketClient* c, int code, int data) {
1206 return !c->sendCode(code) && sendBE32(c, data);
1207 }
1208
1209 } // namespace
1210
1211 /*******************************************************
1212 * GetDnsNetId *
1213 *******************************************************/
GetDnsNetIdCommand()1214 DnsProxyListener::GetDnsNetIdCommand::GetDnsNetIdCommand() : FrameworkCommand("getdnsnetid") {}
1215
runCommand(SocketClient * cli,int argc,char ** argv)1216 int DnsProxyListener::GetDnsNetIdCommand::runCommand(SocketClient* cli, int argc, char** argv) {
1217 logArguments(argc, argv);
1218
1219 const uid_t uid = cli->getUid();
1220 if (argc != 2) {
1221 LOG(WARNING) << "GetDnsNetIdCommand::runCommand: getdnsnetid: from UID " << uid
1222 << ", invalid number of arguments to getdnsnetid: " << argc;
1223 sendCodeAndBe32(cli, ResponseCode::DnsProxyQueryResult, -EINVAL);
1224 return -1;
1225 }
1226
1227 unsigned netId;
1228 if (!ParseUint(argv[1], &netId)) {
1229 LOG(WARNING) << "GetDnsNetIdCommand::runCommand: getdnsnetid: from UID " << uid
1230 << ", invalid netId";
1231 sendCodeAndBe32(cli, ResponseCode::DnsProxyQueryResult, -EINVAL);
1232 return -1;
1233 }
1234
1235 const bool useLocalNameservers = checkAndClearUseLocalNameserversFlag(&netId);
1236 android_net_context netcontext;
1237 gResNetdCallbacks.get_network_context(netId, uid, &netcontext);
1238
1239 if (useLocalNameservers) {
1240 netcontext.app_netid |= NETID_USE_LOCAL_NAMESERVERS;
1241 }
1242
1243 const bool success =
1244 sendCodeAndBe32(cli, ResponseCode::DnsProxyQueryResult, netcontext.app_netid);
1245 if (!success) {
1246 PLOG(WARNING)
1247 << "GetDnsNetIdCommand::runCommand: getdnsnetid: failed to send result to uid "
1248 << uid << " pid " << cli->getPid();
1249 }
1250
1251 return success ? 0 : -1;
1252 }
1253
1254 /*******************************************************
1255 * GetHostByName *
1256 *******************************************************/
GetHostByNameCmd()1257 DnsProxyListener::GetHostByNameCmd::GetHostByNameCmd() : FrameworkCommand("gethostbyname") {}
1258
runCommand(SocketClient * cli,int argc,char ** argv)1259 int DnsProxyListener::GetHostByNameCmd::runCommand(SocketClient* cli, int argc, char** argv) {
1260 logArguments(argc, argv);
1261
1262 unsigned netId = 0;
1263 int af = 0;
1264 std::string strErr = "GetHostByNameCmd::runCommand: ";
1265
1266 if (argc != 4) {
1267 strErr = strErr + "invalid number of arguments: " + std::to_string(argc);
1268 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, 0, NULL);
1269 }
1270
1271 if (!ParseUint(argv[1], &netId))
1272 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1273 std::string name = argv[2];
1274 if (!ParseInt(argv[3], &af))
1275 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1276 uid_t uid = cli->getUid();
1277 const bool useLocalNameservers = checkAndClearUseLocalNameserversFlag(&netId);
1278
1279 android_net_context netcontext;
1280 gResNetdCallbacks.get_network_context(netId, uid, &netcontext);
1281
1282 if (useLocalNameservers) {
1283 netcontext.flags |= NET_CONTEXT_FLAG_USE_LOCAL_NAMESERVERS;
1284 }
1285
1286 (new GetHostByNameHandler(cli, name, af, netcontext))->spawn();
1287 return 0;
1288 }
1289
GetHostByNameHandler(SocketClient * c,std::string name,int af,const android_net_context & netcontext)1290 DnsProxyListener::GetHostByNameHandler::GetHostByNameHandler(SocketClient* c, std::string name,
1291 int af,
1292 const android_net_context& netcontext)
1293 : Handler(c), mName(std::move(name)), mAf(af), mNetContext(netcontext) {}
1294
doDns64Synthesis(int32_t * rv,hostent * hbuf,char * buf,size_t buflen,struct hostent ** hpp,NetworkDnsEventReported * event)1295 void DnsProxyListener::GetHostByNameHandler::doDns64Synthesis(int32_t* rv, hostent* hbuf, char* buf,
1296 size_t buflen, struct hostent** hpp,
1297 NetworkDnsEventReported* event) {
1298 // Don't have to consider family AF_UNSPEC case because gethostbyname{, 2} only supports
1299 // family AF_INET or AF_INET6.
1300 const bool ipv6WantedButNoData = (mAf == AF_INET6 && *rv == EAI_NODATA);
1301
1302 if (!ipv6WantedButNoData) {
1303 return;
1304 }
1305
1306 netdutils::IPPrefix prefix{};
1307 if (!getDns64Prefix(mNetContext.dns_netid, &prefix)) {
1308 return;
1309 }
1310
1311 // If caller wants IPv6 answers but no data, try to query IPv4 answers for synthesis
1312 const char* name = mName.starts_with('^') ? nullptr : mName.c_str();
1313 *rv = resolv_gethostbyname(name, AF_INET, hbuf, buf, buflen, &mNetContext, hpp, event);
1314 if (*rv) {
1315 *rv = EAI_NODATA; // return original error code
1316 return;
1317 }
1318
1319 if (!synthesizeNat64PrefixWithARecord(prefix, *hpp)) {
1320 // If caller wants IPv6 answers but no data and failed to synthesize IPv4 answers,
1321 // don't return the IPv4 answers.
1322 *hpp = nullptr;
1323 }
1324 }
1325
run()1326 void DnsProxyListener::GetHostByNameHandler::run() {
1327 LOG(INFO) << "GetHostByNameHandler::run: {" << mNetContext.toString() << "}";
1328 Stopwatch s;
1329 maybeFixupNetContext(&mNetContext, mClient->getPid());
1330 const uid_t uid = mClient->getUid();
1331 hostent* hp = nullptr;
1332 hostent hbuf;
1333 char tmpbuf[MAXPACKET];
1334 int32_t rv = 0;
1335 NetworkDnsEventReported event;
1336 initDnsEvent(&event, mNetContext);
1337 const bool isUidBlocked = isUidNetworkingBlocked(mNetContext.uid, mNetContext.dns_netid);
1338 if (isUidBlocked) {
1339 LOG(INFO) << "GetHostByNameHandler::run: network access blocked";
1340 rv = EAI_FAIL;
1341 } else if (startQueryLimiter(uid)) {
1342 const char* name = mName.starts_with('^') ? nullptr : mName.c_str();
1343 if (evaluate_domain_name(mNetContext, name)) {
1344 rv = resolv_gethostbyname(name, mAf, &hbuf, tmpbuf, sizeof tmpbuf, &mNetContext, &hp,
1345 &event);
1346 doDns64Synthesis(&rv, &hbuf, tmpbuf, sizeof tmpbuf, &hp, &event);
1347 } else {
1348 rv = EAI_SYSTEM;
1349 }
1350 endQueryLimiter(uid);
1351 } else {
1352 rv = EAI_MEMORY;
1353 LOG(ERROR) << "GetHostByNameHandler::run: from UID " << uid
1354 << ", max concurrent queries reached";
1355 }
1356
1357 const int32_t latencyUs = saturate_cast<int32_t>(s.timeTakenUs());
1358 event.set_latency_micros(latencyUs);
1359 event.set_event_type(EVENT_GETHOSTBYNAME);
1360
1361 if (rv) {
1362 LOG(DEBUG) << "GetHostByNameHandler::run: result failed: " << gai_strerror(rv);
1363 }
1364
1365 bool success = true;
1366 if (hp) {
1367 // hp is not nullptr iff. rv is 0.
1368 success = mClient->sendCode(ResponseCode::DnsProxyQueryResult) == 0;
1369 success &= sendhostent(mClient, hp);
1370 } else {
1371 success = mClient->sendBinaryMsg(ResponseCode::DnsProxyOperationFailed, nullptr, 0) == 0;
1372 }
1373
1374 if (!success) {
1375 PLOG(WARNING) << "GetHostByNameHandler::run: Error writing DNS result to client uid " << uid
1376 << " pid " << mClient->getPid();
1377 }
1378
1379 std::vector<std::string> ip_addrs;
1380 const int total_ip_addr_count = extractGetHostByNameAnswers(hp, &ip_addrs);
1381 reportDnsEvent(INetdEventListener::EVENT_GETHOSTBYNAME, mNetContext, latencyUs, rv, event,
1382 mName, isUidBlocked, ip_addrs, total_ip_addr_count);
1383 }
1384
threadName()1385 std::string DnsProxyListener::GetHostByNameHandler::threadName() {
1386 return makeThreadName(mNetContext.dns_netid, mClient->getUid());
1387 }
1388
1389 /*******************************************************
1390 * GetHostByAddr *
1391 *******************************************************/
GetHostByAddrCmd()1392 DnsProxyListener::GetHostByAddrCmd::GetHostByAddrCmd() : FrameworkCommand("gethostbyaddr") {}
1393
runCommand(SocketClient * cli,int argc,char ** argv)1394 int DnsProxyListener::GetHostByAddrCmd::runCommand(SocketClient* cli, int argc, char** argv) {
1395 logArguments(argc, argv);
1396 int addrLen = 0;
1397 int addrFamily = 0;
1398 unsigned netId = 0;
1399 std::string strErr = "GetHostByAddrCmd::runCommand: ";
1400
1401 if (argc != 5) {
1402 strErr = strErr + "invalid number of arguments: " + std::to_string(argc);
1403 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, 0, NULL);
1404 }
1405
1406 char* addrStr = argv[1];
1407 if (!ParseInt(argv[2], &addrLen))
1408 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1409 if (!ParseInt(argv[3], &addrFamily))
1410 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1411 if (!ParseUint(argv[4], &netId))
1412 return HandleArgumentError(cli, ResponseCode::CommandParameterError, strErr, argc, argv);
1413 uid_t uid = cli->getUid();
1414 const bool useLocalNameservers = checkAndClearUseLocalNameserversFlag(&netId);
1415
1416 in6_addr addr;
1417 errno = 0;
1418 int result = inet_pton(addrFamily, addrStr, &addr);
1419 if (result <= 0) {
1420 strErr = strErr + "inet_pton(\"" + addrStr + "\") failed " + strerror(errno);
1421 return HandleArgumentError(cli, ResponseCode::OperationFailed, strErr, 0, NULL);
1422 }
1423
1424 android_net_context netcontext;
1425 gResNetdCallbacks.get_network_context(netId, uid, &netcontext);
1426
1427 if (useLocalNameservers) {
1428 netcontext.flags |= NET_CONTEXT_FLAG_USE_LOCAL_NAMESERVERS;
1429 }
1430
1431 (new GetHostByAddrHandler(cli, addr, addrLen, addrFamily, netcontext))->spawn();
1432 return 0;
1433 }
1434
GetHostByAddrHandler(SocketClient * c,in6_addr address,int addressLen,int addressFamily,const android_net_context & netcontext)1435 DnsProxyListener::GetHostByAddrHandler::GetHostByAddrHandler(SocketClient* c, in6_addr address,
1436 int addressLen, int addressFamily,
1437 const android_net_context& netcontext)
1438 : Handler(c),
1439 mAddress(address),
1440 mAddressLen(addressLen),
1441 mAddressFamily(addressFamily),
1442 mNetContext(netcontext) {}
1443
doDns64ReverseLookup(hostent * hbuf,char * buf,size_t buflen,struct hostent ** hpp,NetworkDnsEventReported * event)1444 void DnsProxyListener::GetHostByAddrHandler::doDns64ReverseLookup(hostent* hbuf, char* buf,
1445 size_t buflen,
1446 struct hostent** hpp,
1447 NetworkDnsEventReported* event) {
1448 if (*hpp != nullptr || mAddressFamily != AF_INET6) {
1449 return;
1450 }
1451
1452 netdutils::IPPrefix prefix{};
1453 if (!getDns64Prefix(mNetContext.dns_netid, &prefix)) {
1454 return;
1455 }
1456
1457 if (!isValidNat64Prefix(prefix)) {
1458 return;
1459 }
1460
1461 struct sockaddr_storage ss = netdutils::IPSockAddr(prefix.ip());
1462 struct sockaddr_in6* v6prefix = (struct sockaddr_in6*)&ss;
1463 struct in6_addr v6addr = mAddress;
1464 // Check if address has NAT64 prefix. Only /96 IPv6 NAT64 prefixes are supported
1465 if ((v6addr.s6_addr32[0] != v6prefix->sin6_addr.s6_addr32[0]) ||
1466 (v6addr.s6_addr32[1] != v6prefix->sin6_addr.s6_addr32[1]) ||
1467 (v6addr.s6_addr32[2] != v6prefix->sin6_addr.s6_addr32[2])) {
1468 return;
1469 }
1470
1471 // Remove NAT64 prefix and do reverse DNS query
1472 struct in_addr v4addr = {.s_addr = v6addr.s6_addr32[3]};
1473 resolv_gethostbyaddr(&v4addr, sizeof(v4addr), AF_INET, hbuf, buf, buflen, &mNetContext, hpp,
1474 event);
1475 if (*hpp && (*hpp)->h_addr_list[0]) {
1476 // Replace IPv4 address with original queried IPv6 address in place. The space has
1477 // reserved by dns_gethtbyaddr() and netbsd_gethostent_r() in
1478 // system/netd/resolv/gethnamaddr.cpp.
1479 // Note that resolv_gethostbyaddr() returns only one entry in result.
1480 char* addr = (*hpp)->h_addr_list[0];
1481 memcpy(addr, &v6addr, sizeof(v6addr));
1482 (*hpp)->h_addrtype = AF_INET6;
1483 (*hpp)->h_length = sizeof(struct in6_addr);
1484 } else {
1485 LOG(ERROR) << __func__ << ": hpp or (*hpp)->h_addr_list[0] is null";
1486 }
1487 }
1488
run()1489 void DnsProxyListener::GetHostByAddrHandler::run() {
1490 LOG(INFO) << "GetHostByAddrHandler::run: {" << mNetContext.toString() << "}";
1491 Stopwatch s;
1492 maybeFixupNetContext(&mNetContext, mClient->getPid());
1493 const uid_t uid = mClient->getUid();
1494 hostent* hp = nullptr;
1495 hostent hbuf;
1496 char tmpbuf[MAXPACKET];
1497 int32_t rv = 0;
1498 NetworkDnsEventReported event;
1499 initDnsEvent(&event, mNetContext);
1500
1501 const bool isUidBlocked = isUidNetworkingBlocked(mNetContext.uid, mNetContext.dns_netid);
1502 if (isUidBlocked) {
1503 LOG(INFO) << "GetHostByAddrHandler::run: network access blocked";
1504 rv = EAI_FAIL;
1505 } else if (startQueryLimiter(uid)) {
1506 // From Android U, evaluate_domain_name() is not only for OEM customization, but also tells
1507 // DNS resolver whether the UID can send DNS on the specified network. The function needs
1508 // to be called even when there is no domain name to evaluate (GetHostByAddr). This is
1509 // applied on U+ only so that the behavior won’t change on T- OEM devices.
1510 // TODO: pass the actual name into evaluate_domain_name, e.g., 238.26.217.172.in-addr.arpa
1511 // when the lookup address is 172.217.26.238.
1512 if (isAtLeastU() && !evaluate_domain_name(mNetContext, nullptr)) {
1513 rv = EAI_SYSTEM;
1514 } else {
1515 rv = resolv_gethostbyaddr(&mAddress, mAddressLen, mAddressFamily, &hbuf, tmpbuf,
1516 sizeof tmpbuf, &mNetContext, &hp, &event);
1517 doDns64ReverseLookup(&hbuf, tmpbuf, sizeof tmpbuf, &hp, &event);
1518 }
1519 endQueryLimiter(uid);
1520 } else {
1521 rv = EAI_MEMORY;
1522 LOG(ERROR) << "GetHostByAddrHandler::run: from UID " << uid
1523 << ", max concurrent queries reached";
1524 }
1525
1526 const int32_t latencyUs = saturate_cast<int32_t>(s.timeTakenUs());
1527 event.set_latency_micros(latencyUs);
1528 event.set_event_type(EVENT_GETHOSTBYADDR);
1529
1530 if (rv) {
1531 LOG(DEBUG) << "GetHostByAddrHandler::run: result failed: " << gai_strerror(rv);
1532 }
1533
1534 bool success = true;
1535 if (hp) {
1536 success = mClient->sendCode(ResponseCode::DnsProxyQueryResult) == 0;
1537 success &= sendhostent(mClient, hp);
1538 } else {
1539 success = mClient->sendBinaryMsg(ResponseCode::DnsProxyOperationFailed, nullptr, 0) == 0;
1540 }
1541
1542 if (!success) {
1543 PLOG(WARNING) << "GetHostByAddrHandler::run: Error writing DNS result to client uid " << uid
1544 << " pid " << mClient->getPid();
1545 }
1546
1547 reportDnsEvent(INetdEventListener::EVENT_GETHOSTBYADDR, mNetContext, latencyUs, rv, event,
1548 (hp && hp->h_name) ? hp->h_name : "null", isUidBlocked, {}, 0);
1549 }
1550
threadName()1551 std::string DnsProxyListener::GetHostByAddrHandler::threadName() {
1552 return makeThreadName(mNetContext.dns_netid, mClient->getUid());
1553 }
1554
1555 } // namespace net
1556 } // namespace android
1557