1 /*
2 * Copyright (C) 2008 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <stdio.h>
18 #include <errno.h>
19
20 #include <sys/socket.h>
21 #include <sys/select.h>
22 #include <sys/time.h>
23 #include <sys/types.h>
24 #include <sys/un.h>
25
26 #include <linux/netlink.h>
27 #include <linux/rtnetlink.h>
28
29 #define LOG_TAG "Netd"
30
31 #include <cutils/log.h>
32
33 #include <netlink/attr.h>
34 #include <netlink/genl/genl.h>
35 #include <netlink/handlers.h>
36 #include <netlink/msg.h>
37
38 #include <linux/netfilter/nfnetlink.h>
39 #include <linux/netfilter/nfnetlink_log.h>
40 #include <linux/netfilter/nfnetlink_compat.h>
41
42 #include <arpa/inet.h>
43
44 #include "NetlinkManager.h"
45 #include "NetlinkHandler.h"
46
47 #include "pcap-netfilter-linux-android.h"
48
49 const int NetlinkManager::NFLOG_QUOTA_GROUP = 1;
50 const int NetlinkManager::NETFILTER_STRICT_GROUP = 2;
51
52 NetlinkManager *NetlinkManager::sInstance = NULL;
53
Instance()54 NetlinkManager *NetlinkManager::Instance() {
55 if (!sInstance)
56 sInstance = new NetlinkManager();
57 return sInstance;
58 }
59
NetlinkManager()60 NetlinkManager::NetlinkManager() {
61 mBroadcaster = NULL;
62 }
63
~NetlinkManager()64 NetlinkManager::~NetlinkManager() {
65 }
66
setupSocket(int * sock,int netlinkFamily,int groups,int format,bool configNflog)67 NetlinkHandler *NetlinkManager::setupSocket(int *sock, int netlinkFamily,
68 int groups, int format, bool configNflog) {
69
70 struct sockaddr_nl nladdr;
71 int sz = 64 * 1024;
72 int on = 1;
73
74 memset(&nladdr, 0, sizeof(nladdr));
75 nladdr.nl_family = AF_NETLINK;
76 nladdr.nl_pid = getpid();
77 nladdr.nl_groups = groups;
78
79 if ((*sock = socket(PF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC, netlinkFamily)) < 0) {
80 ALOGE("Unable to create netlink socket: %s", strerror(errno));
81 return NULL;
82 }
83
84 if (setsockopt(*sock, SOL_SOCKET, SO_RCVBUFFORCE, &sz, sizeof(sz)) < 0) {
85 ALOGE("Unable to set uevent socket SO_RCVBUFFORCE option: %s", strerror(errno));
86 close(*sock);
87 return NULL;
88 }
89
90 if (setsockopt(*sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) {
91 SLOGE("Unable to set uevent socket SO_PASSCRED option: %s", strerror(errno));
92 close(*sock);
93 return NULL;
94 }
95
96 if (bind(*sock, (struct sockaddr *) &nladdr, sizeof(nladdr)) < 0) {
97 ALOGE("Unable to bind netlink socket: %s", strerror(errno));
98 close(*sock);
99 return NULL;
100 }
101
102 if (configNflog) {
103 if (android_nflog_send_config_cmd(*sock, 0, NFULNL_CFG_CMD_PF_UNBIND, AF_INET) < 0) {
104 ALOGE("Failed NFULNL_CFG_CMD_PF_UNBIND: %s", strerror(errno));
105 return NULL;
106 }
107 if (android_nflog_send_config_cmd(*sock, 0, NFULNL_CFG_CMD_PF_BIND, AF_INET) < 0) {
108 ALOGE("Failed NFULNL_CFG_CMD_PF_BIND: %s", strerror(errno));
109 return NULL;
110 }
111 if (android_nflog_send_config_cmd(*sock, 0, NFULNL_CFG_CMD_BIND, AF_UNSPEC) < 0) {
112 ALOGE("Failed NFULNL_CFG_CMD_BIND: %s", strerror(errno));
113 return NULL;
114 }
115 }
116
117 NetlinkHandler *handler = new NetlinkHandler(this, *sock, format);
118 if (handler->start()) {
119 ALOGE("Unable to start NetlinkHandler: %s", strerror(errno));
120 close(*sock);
121 return NULL;
122 }
123
124 return handler;
125 }
126
start()127 int NetlinkManager::start() {
128 if ((mUeventHandler = setupSocket(&mUeventSock, NETLINK_KOBJECT_UEVENT,
129 0xffffffff, NetlinkListener::NETLINK_FORMAT_ASCII, false)) == NULL) {
130 return -1;
131 }
132
133 if ((mRouteHandler = setupSocket(&mRouteSock, NETLINK_ROUTE,
134 RTMGRP_LINK |
135 RTMGRP_IPV4_IFADDR |
136 RTMGRP_IPV6_IFADDR |
137 RTMGRP_IPV6_ROUTE |
138 (1 << (RTNLGRP_ND_USEROPT - 1)),
139 NetlinkListener::NETLINK_FORMAT_BINARY, false)) == NULL) {
140 return -1;
141 }
142
143 if ((mQuotaHandler = setupSocket(&mQuotaSock, NETLINK_NFLOG,
144 NFLOG_QUOTA_GROUP, NetlinkListener::NETLINK_FORMAT_BINARY, false)) == NULL) {
145 ALOGE("Unable to open quota socket");
146 // TODO: return -1 once the emulator gets a new kernel.
147 }
148
149 if ((mStrictHandler = setupSocket(&mStrictSock, NETLINK_NETFILTER,
150 0, NetlinkListener::NETLINK_FORMAT_BINARY_UNICAST, true)) == NULL) {
151 ALOGE("Unable to open strict socket");
152 // TODO: return -1 once the emulator gets a new kernel.
153 }
154
155 return 0;
156 }
157
stop()158 int NetlinkManager::stop() {
159 int status = 0;
160
161 if (mUeventHandler->stop()) {
162 ALOGE("Unable to stop uevent NetlinkHandler: %s", strerror(errno));
163 status = -1;
164 }
165
166 delete mUeventHandler;
167 mUeventHandler = NULL;
168
169 close(mUeventSock);
170 mUeventSock = -1;
171
172 if (mRouteHandler->stop()) {
173 ALOGE("Unable to stop route NetlinkHandler: %s", strerror(errno));
174 status = -1;
175 }
176
177 delete mRouteHandler;
178 mRouteHandler = NULL;
179
180 close(mRouteSock);
181 mRouteSock = -1;
182
183 if (mQuotaHandler) {
184 if (mQuotaHandler->stop()) {
185 ALOGE("Unable to stop quota NetlinkHandler: %s", strerror(errno));
186 status = -1;
187 }
188
189 delete mQuotaHandler;
190 mQuotaHandler = NULL;
191
192 close(mQuotaSock);
193 mQuotaSock = -1;
194 }
195
196 if (mStrictHandler) {
197 if (mStrictHandler->stop()) {
198 ALOGE("Unable to stop strict NetlinkHandler: %s", strerror(errno));
199 status = -1;
200 }
201
202 delete mStrictHandler;
203 mStrictHandler = NULL;
204
205 close(mStrictSock);
206 mStrictSock = -1;
207 }
208
209 return status;
210 }
211