1 /*
2  * Copyright (C) 2008 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <stdlib.h>
18 #include <errno.h>
19 #include <fcntl.h>
20 #include <netdb.h>
21 #include <string.h>
22 
23 #include <sys/socket.h>
24 #include <sys/stat.h>
25 #include <sys/types.h>
26 #include <sys/wait.h>
27 
28 #include <netinet/in.h>
29 #include <arpa/inet.h>
30 
31 #define LOG_TAG "TetherController"
32 #include <cutils/log.h>
33 #include <cutils/properties.h>
34 
35 #include "Fwmark.h"
36 #include "NetdConstants.h"
37 #include "Permission.h"
38 #include "TetherController.h"
39 
40 namespace {
41 
42 static const char BP_TOOLS_MODE[] = "bp-tools";
43 static const char IPV4_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv4/ip_forward";
44 static const char IPV6_FORWARDING_PROC_FILE[] = "/proc/sys/net/ipv6/conf/all/forwarding";
45 static const char SEPARATOR[] = "|";
46 
writeToFile(const char * filename,const char * value)47 bool writeToFile(const char* filename, const char* value) {
48     int fd = open(filename, O_WRONLY);
49     if (fd < 0) {
50         ALOGE("Failed to open %s: %s", filename, strerror(errno));
51         return false;
52     }
53 
54     const ssize_t len = strlen(value);
55     if (write(fd, value, len) != len) {
56         ALOGE("Failed to write %s to %s: %s", value, filename, strerror(errno));
57         close(fd);
58         return false;
59     }
60     close(fd);
61     return true;
62 }
63 
inBpToolsMode()64 bool inBpToolsMode() {
65     // In BP tools mode, do not disable IP forwarding
66     char bootmode[PROPERTY_VALUE_MAX] = {0};
67     property_get("ro.bootmode", bootmode, "unknown");
68     return !strcmp(BP_TOOLS_MODE, bootmode);
69 }
70 
71 }  // namespace
72 
TetherController()73 TetherController::TetherController() {
74     mInterfaces = new InterfaceCollection();
75     mDnsNetId = 0;
76     mDnsForwarders = new NetAddressCollection();
77     mDaemonFd = -1;
78     mDaemonPid = 0;
79     if (inBpToolsMode()) {
80         enableForwarding(BP_TOOLS_MODE);
81     } else {
82         setIpFwdEnabled();
83     }
84 }
85 
~TetherController()86 TetherController::~TetherController() {
87     InterfaceCollection::iterator it;
88 
89     for (it = mInterfaces->begin(); it != mInterfaces->end(); ++it) {
90         free(*it);
91     }
92     mInterfaces->clear();
93 
94     mDnsForwarders->clear();
95     mForwardingRequests.clear();
96 }
97 
setIpFwdEnabled()98 bool TetherController::setIpFwdEnabled() {
99     bool success = true;
100     const char* value = mForwardingRequests.empty() ? "0" : "1";
101     ALOGD("Setting IP forward enable = %s", value);
102     success &= writeToFile(IPV4_FORWARDING_PROC_FILE, value);
103     success &= writeToFile(IPV6_FORWARDING_PROC_FILE, value);
104     return success;
105 }
106 
enableForwarding(const char * requester)107 bool TetherController::enableForwarding(const char* requester) {
108     // Don't return an error if this requester already requested forwarding. Only return errors for
109     // things that the caller caller needs to care about, such as "couldn't write to the file to
110     // enable forwarding".
111     mForwardingRequests.insert(requester);
112     return setIpFwdEnabled();
113 }
114 
disableForwarding(const char * requester)115 bool TetherController::disableForwarding(const char* requester) {
116     mForwardingRequests.erase(requester);
117     return setIpFwdEnabled();
118 }
119 
forwardingRequestCount()120 size_t TetherController::forwardingRequestCount() {
121     return mForwardingRequests.size();
122 }
123 
124 #define TETHER_START_CONST_ARG        8
125 
startTethering(int num_addrs,char ** dhcp_ranges)126 int TetherController::startTethering(int num_addrs, char **dhcp_ranges) {
127     if (mDaemonPid != 0) {
128         ALOGE("Tethering already started");
129         errno = EBUSY;
130         return -1;
131     }
132 
133     ALOGD("Starting tethering services");
134 
135     pid_t pid;
136     int pipefd[2];
137 
138     if (pipe(pipefd) < 0) {
139         ALOGE("pipe failed (%s)", strerror(errno));
140         return -1;
141     }
142 
143     /*
144      * TODO: Create a monitoring thread to handle and restart
145      * the daemon if it exits prematurely
146      */
147     if ((pid = fork()) < 0) {
148         ALOGE("fork failed (%s)", strerror(errno));
149         close(pipefd[0]);
150         close(pipefd[1]);
151         return -1;
152     }
153 
154     if (!pid) {
155         close(pipefd[1]);
156         if (pipefd[0] != STDIN_FILENO) {
157             if (dup2(pipefd[0], STDIN_FILENO) != STDIN_FILENO) {
158                 ALOGE("dup2 failed (%s)", strerror(errno));
159                 return -1;
160             }
161             close(pipefd[0]);
162         }
163 
164         int num_processed_args = TETHER_START_CONST_ARG + (num_addrs/2) + 1;
165         char **args = (char **)malloc(sizeof(char *) * num_processed_args);
166         args[num_processed_args - 1] = NULL;
167         args[0] = (char *)"/system/bin/dnsmasq";
168         args[1] = (char *)"--keep-in-foreground";
169         args[2] = (char *)"--no-resolv";
170         args[3] = (char *)"--no-poll";
171         args[4] = (char *)"--dhcp-authoritative";
172         // TODO: pipe through metered status from ConnService
173         args[5] = (char *)"--dhcp-option-force=43,ANDROID_METERED";
174         args[6] = (char *)"--pid-file";
175         args[7] = (char *)"";
176 
177         int nextArg = TETHER_START_CONST_ARG;
178         for (int addrIndex = 0; addrIndex < num_addrs; addrIndex += 2) {
179             asprintf(&(args[nextArg++]),"--dhcp-range=%s,%s,1h",
180                      dhcp_ranges[addrIndex], dhcp_ranges[addrIndex+1]);
181         }
182 
183         if (execv(args[0], args)) {
184             ALOGE("execl failed (%s)", strerror(errno));
185         }
186         ALOGE("Should never get here!");
187         _exit(-1);
188     } else {
189         close(pipefd[0]);
190         mDaemonPid = pid;
191         mDaemonFd = pipefd[1];
192         applyDnsInterfaces();
193         ALOGD("Tethering services running");
194     }
195 
196     return 0;
197 }
198 
stopTethering()199 int TetherController::stopTethering() {
200 
201     if (mDaemonPid == 0) {
202         ALOGE("Tethering already stopped");
203         return 0;
204     }
205 
206     ALOGD("Stopping tethering services");
207 
208     kill(mDaemonPid, SIGTERM);
209     waitpid(mDaemonPid, NULL, 0);
210     mDaemonPid = 0;
211     close(mDaemonFd);
212     mDaemonFd = -1;
213     ALOGD("Tethering services stopped");
214     return 0;
215 }
216 
isTetheringStarted()217 bool TetherController::isTetheringStarted() {
218     return (mDaemonPid == 0 ? false : true);
219 }
220 
221 #define MAX_CMD_SIZE 1024
222 
setDnsForwarders(unsigned netId,char ** servers,int numServers)223 int TetherController::setDnsForwarders(unsigned netId, char **servers, int numServers) {
224     int i;
225     char daemonCmd[MAX_CMD_SIZE];
226 
227     Fwmark fwmark;
228     fwmark.netId = netId;
229     fwmark.explicitlySelected = true;
230     fwmark.protectedFromVpn = true;
231     fwmark.permission = PERMISSION_SYSTEM;
232 
233     snprintf(daemonCmd, sizeof(daemonCmd), "update_dns%s0x%x", SEPARATOR, fwmark.intValue);
234     int cmdLen = strlen(daemonCmd);
235 
236     mDnsForwarders->clear();
237     for (i = 0; i < numServers; i++) {
238         ALOGD("setDnsForwarders(0x%x %d = '%s')", fwmark.intValue, i, servers[i]);
239 
240         addrinfo *res, hints = { .ai_flags = AI_NUMERICHOST };
241         int ret = getaddrinfo(servers[i], NULL, &hints, &res);
242         freeaddrinfo(res);
243         if (ret) {
244             ALOGE("Failed to parse DNS server '%s'", servers[i]);
245             mDnsForwarders->clear();
246             errno = EINVAL;
247             return -1;
248         }
249 
250         cmdLen += (strlen(servers[i]) + 1);
251         if (cmdLen + 1 >= MAX_CMD_SIZE) {
252             ALOGD("Too many DNS servers listed");
253             break;
254         }
255 
256         strcat(daemonCmd, SEPARATOR);
257         strcat(daemonCmd, servers[i]);
258         mDnsForwarders->push_back(servers[i]);
259     }
260 
261     mDnsNetId = netId;
262     if (mDaemonFd != -1) {
263         ALOGD("Sending update msg to dnsmasq [%s]", daemonCmd);
264         if (write(mDaemonFd, daemonCmd, strlen(daemonCmd) +1) < 0) {
265             ALOGE("Failed to send update command to dnsmasq (%s)", strerror(errno));
266             mDnsForwarders->clear();
267             errno = EREMOTEIO;
268             return -1;
269         }
270     }
271     return 0;
272 }
273 
getDnsNetId()274 unsigned TetherController::getDnsNetId() {
275     return mDnsNetId;
276 }
277 
getDnsForwarders()278 NetAddressCollection *TetherController::getDnsForwarders() {
279     return mDnsForwarders;
280 }
281 
applyDnsInterfaces()282 int TetherController::applyDnsInterfaces() {
283     char daemonCmd[MAX_CMD_SIZE];
284 
285     strcpy(daemonCmd, "update_ifaces");
286     int cmdLen = strlen(daemonCmd);
287     InterfaceCollection::iterator it;
288     bool haveInterfaces = false;
289 
290     for (it = mInterfaces->begin(); it != mInterfaces->end(); ++it) {
291         cmdLen += (strlen(*it) + 1);
292         if (cmdLen + 1 >= MAX_CMD_SIZE) {
293             ALOGD("Too many DNS ifaces listed");
294             break;
295         }
296 
297         strcat(daemonCmd, SEPARATOR);
298         strcat(daemonCmd, *it);
299         haveInterfaces = true;
300     }
301 
302     if ((mDaemonFd != -1) && haveInterfaces) {
303         ALOGD("Sending update msg to dnsmasq [%s]", daemonCmd);
304         if (write(mDaemonFd, daemonCmd, strlen(daemonCmd) +1) < 0) {
305             ALOGE("Failed to send update command to dnsmasq (%s)", strerror(errno));
306             return -1;
307         }
308     }
309     return 0;
310 }
311 
tetherInterface(const char * interface)312 int TetherController::tetherInterface(const char *interface) {
313     ALOGD("tetherInterface(%s)", interface);
314     if (!isIfaceName(interface)) {
315         errno = ENOENT;
316         return -1;
317     }
318     mInterfaces->push_back(strdup(interface));
319 
320     if (applyDnsInterfaces()) {
321         InterfaceCollection::iterator it;
322         for (it = mInterfaces->begin(); it != mInterfaces->end(); ++it) {
323             if (!strcmp(interface, *it)) {
324                 free(*it);
325                 mInterfaces->erase(it);
326                 break;
327             }
328         }
329         return -1;
330     } else {
331         return 0;
332     }
333 }
334 
untetherInterface(const char * interface)335 int TetherController::untetherInterface(const char *interface) {
336     InterfaceCollection::iterator it;
337 
338     ALOGD("untetherInterface(%s)", interface);
339 
340     for (it = mInterfaces->begin(); it != mInterfaces->end(); ++it) {
341         if (!strcmp(interface, *it)) {
342             free(*it);
343             mInterfaces->erase(it);
344 
345             return applyDnsInterfaces();
346         }
347     }
348     errno = ENOENT;
349     return -1;
350 }
351 
getTetheredInterfaceList()352 InterfaceCollection *TetherController::getTetheredInterfaceList() {
353     return mInterfaces;
354 }
355