1 /*
2 * Copyright (C) 2008 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <stdio.h>
18 #include <errno.h>
19
20 #include <sys/socket.h>
21 #include <sys/select.h>
22 #include <sys/time.h>
23 #include <sys/types.h>
24 #include <sys/un.h>
25
26 #include <linux/netlink.h>
27 #include <linux/rtnetlink.h>
28
29 #define LOG_TAG "Netd"
30
31 #include <cutils/log.h>
32
33 #include <netlink/attr.h>
34 #include <netlink/genl/genl.h>
35 #include <netlink/handlers.h>
36 #include <netlink/msg.h>
37
38 #include <linux/netfilter/nfnetlink.h>
39 #include <linux/netfilter/nfnetlink_log.h>
40 #include <linux/netfilter/nfnetlink_compat.h>
41
42 #include <arpa/inet.h>
43
44 #include "NetlinkManager.h"
45 #include "NetlinkHandler.h"
46
47 #include "pcap-netfilter-linux-android.h"
48
49 namespace android {
50 namespace net {
51
52 const int NetlinkManager::NFLOG_QUOTA_GROUP = 1;
53 const int NetlinkManager::NETFILTER_STRICT_GROUP = 2;
54
55 NetlinkManager *NetlinkManager::sInstance = NULL;
56
Instance()57 NetlinkManager *NetlinkManager::Instance() {
58 if (!sInstance)
59 sInstance = new NetlinkManager();
60 return sInstance;
61 }
62
NetlinkManager()63 NetlinkManager::NetlinkManager() {
64 mBroadcaster = NULL;
65 }
66
~NetlinkManager()67 NetlinkManager::~NetlinkManager() {
68 }
69
setupSocket(int * sock,int netlinkFamily,int groups,int format,bool configNflog)70 NetlinkHandler *NetlinkManager::setupSocket(int *sock, int netlinkFamily,
71 int groups, int format, bool configNflog) {
72
73 struct sockaddr_nl nladdr;
74 int sz = 64 * 1024;
75 int on = 1;
76
77 memset(&nladdr, 0, sizeof(nladdr));
78 nladdr.nl_family = AF_NETLINK;
79 nladdr.nl_pid = getpid();
80 nladdr.nl_groups = groups;
81
82 if ((*sock = socket(PF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC, netlinkFamily)) < 0) {
83 ALOGE("Unable to create netlink socket: %s", strerror(errno));
84 return NULL;
85 }
86
87 if (setsockopt(*sock, SOL_SOCKET, SO_RCVBUFFORCE, &sz, sizeof(sz)) < 0) {
88 ALOGE("Unable to set uevent socket SO_RCVBUFFORCE option: %s", strerror(errno));
89 close(*sock);
90 return NULL;
91 }
92
93 if (setsockopt(*sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) {
94 SLOGE("Unable to set uevent socket SO_PASSCRED option: %s", strerror(errno));
95 close(*sock);
96 return NULL;
97 }
98
99 if (bind(*sock, (struct sockaddr *) &nladdr, sizeof(nladdr)) < 0) {
100 ALOGE("Unable to bind netlink socket: %s", strerror(errno));
101 close(*sock);
102 return NULL;
103 }
104
105 if (configNflog) {
106 if (android_nflog_send_config_cmd(*sock, 0, NFULNL_CFG_CMD_PF_UNBIND, AF_INET) < 0) {
107 ALOGE("Failed NFULNL_CFG_CMD_PF_UNBIND: %s", strerror(errno));
108 return NULL;
109 }
110 if (android_nflog_send_config_cmd(*sock, 0, NFULNL_CFG_CMD_PF_BIND, AF_INET) < 0) {
111 ALOGE("Failed NFULNL_CFG_CMD_PF_BIND: %s", strerror(errno));
112 return NULL;
113 }
114 if (android_nflog_send_config_cmd(*sock, 0, NFULNL_CFG_CMD_BIND, AF_UNSPEC) < 0) {
115 ALOGE("Failed NFULNL_CFG_CMD_BIND: %s", strerror(errno));
116 return NULL;
117 }
118 }
119
120 NetlinkHandler *handler = new NetlinkHandler(this, *sock, format);
121 if (handler->start()) {
122 ALOGE("Unable to start NetlinkHandler: %s", strerror(errno));
123 close(*sock);
124 return NULL;
125 }
126
127 return handler;
128 }
129
start()130 int NetlinkManager::start() {
131 if ((mUeventHandler = setupSocket(&mUeventSock, NETLINK_KOBJECT_UEVENT,
132 0xffffffff, NetlinkListener::NETLINK_FORMAT_ASCII, false)) == NULL) {
133 return -1;
134 }
135
136 if ((mRouteHandler = setupSocket(&mRouteSock, NETLINK_ROUTE,
137 RTMGRP_LINK |
138 RTMGRP_IPV4_IFADDR |
139 RTMGRP_IPV6_IFADDR |
140 RTMGRP_IPV6_ROUTE |
141 (1 << (RTNLGRP_ND_USEROPT - 1)),
142 NetlinkListener::NETLINK_FORMAT_BINARY, false)) == NULL) {
143 return -1;
144 }
145
146 if ((mQuotaHandler = setupSocket(&mQuotaSock, NETLINK_NFLOG,
147 NFLOG_QUOTA_GROUP, NetlinkListener::NETLINK_FORMAT_BINARY, false)) == NULL) {
148 ALOGW("Unable to open qlog quota socket, check if xt_quota2 can send via UeventHandler");
149 // TODO: return -1 once the emulator gets a new kernel.
150 }
151
152 if ((mStrictHandler = setupSocket(&mStrictSock, NETLINK_NETFILTER,
153 0, NetlinkListener::NETLINK_FORMAT_BINARY_UNICAST, true)) == NULL) {
154 ALOGE("Unable to open strict socket");
155 // TODO: return -1 once the emulator gets a new kernel.
156 }
157
158 return 0;
159 }
160
stop()161 int NetlinkManager::stop() {
162 int status = 0;
163
164 if (mUeventHandler->stop()) {
165 ALOGE("Unable to stop uevent NetlinkHandler: %s", strerror(errno));
166 status = -1;
167 }
168
169 delete mUeventHandler;
170 mUeventHandler = NULL;
171
172 close(mUeventSock);
173 mUeventSock = -1;
174
175 if (mRouteHandler->stop()) {
176 ALOGE("Unable to stop route NetlinkHandler: %s", strerror(errno));
177 status = -1;
178 }
179
180 delete mRouteHandler;
181 mRouteHandler = NULL;
182
183 close(mRouteSock);
184 mRouteSock = -1;
185
186 if (mQuotaHandler) {
187 if (mQuotaHandler->stop()) {
188 ALOGE("Unable to stop quota NetlinkHandler: %s", strerror(errno));
189 status = -1;
190 }
191
192 delete mQuotaHandler;
193 mQuotaHandler = NULL;
194
195 close(mQuotaSock);
196 mQuotaSock = -1;
197 }
198
199 if (mStrictHandler) {
200 if (mStrictHandler->stop()) {
201 ALOGE("Unable to stop strict NetlinkHandler: %s", strerror(errno));
202 status = -1;
203 }
204
205 delete mStrictHandler;
206 mStrictHandler = NULL;
207
208 close(mStrictSock);
209 mStrictSock = -1;
210 }
211
212 return status;
213 }
214
215 } // namespace net
216 } // namespace android
217