1 /*
2  * Copyright (C) 2008 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef _TETHER_CONTROLLER_H
18 #define _TETHER_CONTROLLER_H
19 
20 #include <list>
21 #include <set>
22 #include <string>
23 
24 #include <netdutils/DumpWriter.h>
25 #include <netdutils/StatusOr.h>
26 #include <sysutils/SocketClient.h>
27 
28 #include "NetdConstants.h"
29 #include "android-base/result.h"
30 
31 #include "android/net/TetherOffloadRuleParcel.h"
32 
33 #include "mainline/XtBpfProgLocations.h"
34 
35 namespace android {
36 namespace net {
37 
38 class TetherController {
39   private:
40     struct ForwardingDownstream {
41         std::string iface;
42         bool active;
43     };
44 
45     std::list<std::string> mInterfaces;
46 
47     // Map upstream iface -> downstream iface. A pair is in the map if forwarding was enabled at
48     // some point since the controller was initialized.
49     std::multimap<std::string, ForwardingDownstream> mFwdIfaces;
50 
51     bool mIsTetheringStarted = false;
52 
53     // NetId to use for forwarded DNS queries. This may not be the default
54     // network, e.g., in the case where we are tethering to a DUN APN.
55     unsigned               mDnsNetId = 0;
56     std::list<std::string> mDnsForwarders;
57     pid_t                  mDaemonPid = 0;
58     int                    mDaemonFd = -1;
59     std::set<std::string>  mForwardingRequests;
60 
61     struct DnsmasqState {
62         static int sendCmd(int daemonFd, const std::string& cmd);
63 
64         // List of downstream interfaces on which to serve. The format used is:
65         //     update_ifaces|<ifname1>|<ifname2>|...
66         std::string update_ifaces_cmd;
67         // Forwarding (upstream) DNS configuration to use. The format used is:
68         //     update_dns|<hex_socket_mark>|<ip1>|<ip2>|...
69         std::string update_dns_cmd;
70 
71         void clear();
72         int sendAllState(int daemonFd) const;
73     } mDnsmasqState{};
74 
75   public:
76     TetherController();
77     ~TetherController() = default;
78 
79     bool enableForwarding(const char* requester);
80     bool disableForwarding(const char* requester);
81     const std::set<std::string>& getIpfwdRequesterList() const;
82 
83     //TODO: Clean up the overload function
84     int startTethering(bool isLegacyDnsProxy, int num_addrs, char** dhcp_ranges);
85     int startTethering(bool isLegacyDnsProxy, const std::vector<std::string>& dhcpRanges);
86     int stopTethering();
87     bool isTetheringStarted();
88 
89     unsigned getDnsNetId();
90     int setDnsForwarders(unsigned netId, char **servers, int numServers);
91     int setDnsForwarders(unsigned netId, const std::vector<std::string>& servers);
92     const std::list<std::string> &getDnsForwarders() const;
93 
94     int tetherInterface(const char *interface);
95     int untetherInterface(const char *interface);
96     const std::list<std::string> &getTetheredInterfaceList() const;
97     bool applyDnsInterfaces();
98 
99     int enableNat(const char* intIface, const char* extIface);
100     int disableNat(const char* intIface, const char* extIface);
101     int setupIptablesHooks();
102 
103     class TetherStats {
104       public:
105         TetherStats() = default;
TetherStats(std::string intIfn,std::string extIfn,int64_t rxB,int64_t rxP,int64_t txB,int64_t txP)106         TetherStats(std::string intIfn, std::string extIfn,
107                 int64_t rxB, int64_t rxP,
108                 int64_t txB, int64_t txP)
109                         : intIface(intIfn), extIface(extIfn),
110                             rxBytes(rxB), rxPackets(rxP),
111                             txBytes(txB), txPackets(txP) {};
112         std::string intIface;
113         std::string extIface;
114         int64_t rxBytes = -1;
115         int64_t rxPackets = -1;
116         int64_t txBytes = -1;
117         int64_t txPackets = -1;
118 
addStatsIfMatch(const TetherStats & other)119         bool addStatsIfMatch(const TetherStats& other) {
120             if (intIface == other.intIface && extIface == other.extIface) {
121                 rxBytes   += other.rxBytes;
122                 rxPackets += other.rxPackets;
123                 txBytes   += other.txBytes;
124                 txPackets += other.txPackets;
125                 return true;
126             }
127             return false;
128         }
129     };
130 
131     typedef std::vector<TetherStats> TetherStatsList;
132 
133     netdutils::StatusOr<TetherStatsList> getTetherStats();
134 
135     /*
136      * extraProcessingInfo: contains raw parsed data, and error info.
137      * This strongly requires that setup of the rules is in a specific order:
138      *  in:intIface out:extIface
139      *  in:extIface out:intIface
140      * and the rules are grouped in pairs when more that one tethering was setup.
141      */
142     static int addForwardChainStats(TetherStatsList& statsList, const std::string& iptOutput,
143                                     std::string &extraProcessingInfo);
144 
145     static constexpr const char* LOCAL_FORWARD               = "tetherctrl_FORWARD";
146     static constexpr const char* LOCAL_MANGLE_FORWARD        = "tetherctrl_mangle_FORWARD";
147     static constexpr const char* LOCAL_NAT_POSTROUTING       = "tetherctrl_nat_POSTROUTING";
148     static constexpr const char* LOCAL_RAW_PREROUTING        = "tetherctrl_raw_PREROUTING";
149     static constexpr const char* LOCAL_TETHER_COUNTERS_CHAIN = "tetherctrl_counters";
150 
151     std::mutex lock;
152 
153     void dump(netdutils::DumpWriter& dw);
154     void dumpIfaces(netdutils::DumpWriter& dw);
155 
156   private:
157     bool setIpFwdEnabled();
158     std::vector<char*> toCstrVec(const std::vector<std::string>& addrs);
159     int setupIPv6CountersChain();
160     static std::string makeTetherCountingRule(const char *if1, const char *if2);
161     ForwardingDownstream* findForwardingDownstream(const std::string& intIface,
162         const std::string& extIface);
163     void addForwardingPair(const std::string& intIface, const std::string& extIface);
164     void markForwardingPairDisabled(const std::string& intIface, const std::string& extIface);
165 
166     bool isForwardingPairEnabled(const std::string& intIface, const std::string& extIface);
167     bool isAnyForwardingEnabledOnUpstream(const std::string& extIface);
168     bool isAnyForwardingPairEnabled();
169     bool tetherCountingRuleExists(const std::string& iface1, const std::string& iface2);
170 
171     int setDefaults();
172     int setTetherGlobalAlertRule();
173     int setForwardRules(bool set, const char *intIface, const char *extIface);
174     int setTetherCountingRules(bool add, const char *intIface, const char *extIface);
175 
176     static void addStats(TetherStatsList& statsList, const TetherStats& stats);
177 
178     // For testing.
179     friend class TetherControllerTest;
180     static int (*iptablesRestoreFunction)(IptablesTarget, const std::string&, std::string *);
181 };
182 
183 }  // namespace net
184 }  // namespace android
185 
186 #endif
187