Merge "Move shared packages to NetworkStack project"

    srcs: [

        "src/**/*.java",

        ":framework-tethering-shared-srcs",

        ":net-module-utils-srcs",

        ":services-tethering-shared-srcs",

        ":servicescore-tethering-src",

    ],

    static_libs: [

        "androidx.annotation_annotation",

        "netd_aidl_interface-java",

        "netlink-client",

        "networkstack-aidl-interfaces-java",

        "android.hardware.tetheroffload.control-V1.0-java",

        "tethering-client",

java_library_static {

    name: "services.net",

    srcs: [

        ":net-module-utils-srcs",

        ":tethering-servicesnet-srcs",

        "java/**/*.java",

    ],

    static_libs: [

        "dnsresolver_aidl_interface-V2-java",

        "netd_aidl_interface-unstable-java",

        "netlink-client",

        "networkstack-client",

        "tethering-client",

    ],

}

filegroup {

    name: "services-networkstack-shared-srcs",

    srcs: [

        "java/android/net/ip/InterfaceController.java", // TODO: move to NetworkStack with tethering

        "java/android/net/util/InterfaceParams.java", // TODO: move to NetworkStack with IpServer

        "java/android/net/shared/*.java",

        "java/android/net/netlink/*.java",

    ],

}

filegroup {

    name: "services-tethering-shared-srcs",

    srcs: [

        ":framework-annotations",

        "java/android/net/ConnectivityModuleConnector.java",

        "java/android/net/NetworkStackClient.java",

        "java/android/net/ip/InterfaceController.java",

        "java/android/net/netlink/*.java",

        "java/android/net/util/InterfaceParams.java",

        "java/android/net/util/NetdService.java",

        "java/android/net/util/NetworkConstants.java",

        "java/android/net/util/SharedLog.java"

    ],

}

/*

 * Copyright (C) 2017 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.net.ip;

import android.net.INetd;

import android.net.InterfaceConfigurationParcel;

import android.net.LinkAddress;

import android.net.util.SharedLog;

import android.os.RemoteException;

import android.os.ServiceSpecificException;

import android.system.OsConstants;

import java.net.Inet4Address;

import java.net.InetAddress;

/**

 * Encapsulates the multiple IP configuration operations performed on an interface.

 *

 * TODO: refactor/eliminate the redundant ways to set and clear addresses.

 *

 * @hide

 */

public class InterfaceController {

    private final static boolean DBG = false;

    private final String mIfName;

    private final INetd mNetd;

    private final SharedLog mLog;

    public InterfaceController(String ifname, INetd netd, SharedLog log) {

        mIfName = ifname;

        mNetd = netd;

        mLog = log;

    }

    private boolean setInterfaceAddress(LinkAddress addr) {

        final InterfaceConfigurationParcel ifConfig = new InterfaceConfigurationParcel();

        ifConfig.ifName = mIfName;

        ifConfig.ipv4Addr = addr.getAddress().getHostAddress();

        ifConfig.prefixLength = addr.getPrefixLength();

        ifConfig.hwAddr = "";

        ifConfig.flags = new String[0];

        try {

            mNetd.interfaceSetCfg(ifConfig);

        } catch (RemoteException | ServiceSpecificException e) {

            logError("Setting IPv4 address to %s/%d failed: %s",

                    ifConfig.ipv4Addr, ifConfig.prefixLength, e);

            return false;

        }

        return true;

    }

    /**

     * Set the IPv4 address of the interface.

     */

    public boolean setIPv4Address(LinkAddress address) {

        if (!(address.getAddress() instanceof Inet4Address)) {

            return false;

        }

        return setInterfaceAddress(address);

    }

    /**

     * Clear the IPv4Address of the interface.

     */

    public boolean clearIPv4Address() {

        return setInterfaceAddress(new LinkAddress("0.0.0.0/0"));

    }

    private boolean setEnableIPv6(boolean enabled) {

        try {

            mNetd.interfaceSetEnableIPv6(mIfName, enabled);

        } catch (RemoteException | ServiceSpecificException e) {

            logError("%s IPv6 failed: %s", (enabled ? "enabling" : "disabling"), e);

            return false;

        }

        return true;

    }

    /**

     * Enable IPv6 on the interface.

     */

    public boolean enableIPv6() {

        return setEnableIPv6(true);

    }

    /**

     * Disable IPv6 on the interface.

     */

    public boolean disableIPv6() {

        return setEnableIPv6(false);

    }

    /**

     * Enable or disable IPv6 privacy extensions on the interface.

     * @param enabled Whether the extensions should be enabled.

     */

    public boolean setIPv6PrivacyExtensions(boolean enabled) {

        try {

            mNetd.interfaceSetIPv6PrivacyExtensions(mIfName, enabled);

        } catch (RemoteException | ServiceSpecificException e) {

            logError("error %s IPv6 privacy extensions: %s",

                    (enabled ? "enabling" : "disabling"), e);

            return false;

        }

        return true;

    }

    /**

     * Set IPv6 address generation mode on the interface.

     *

     * <p>IPv6 should be disabled before changing the mode.

     */

    public boolean setIPv6AddrGenModeIfSupported(int mode) {

        try {

            mNetd.setIPv6AddrGenMode(mIfName, mode);

        } catch (RemoteException e) {

            logError("Unable to set IPv6 addrgen mode: %s", e);

            return false;

        } catch (ServiceSpecificException e) {

            if (e.errorCode != OsConstants.EOPNOTSUPP) {

                logError("Unable to set IPv6 addrgen mode: %s", e);

                return false;

            }

        }

        return true;

    }

    /**

     * Add an address to the interface.

     */

    public boolean addAddress(LinkAddress addr) {

        return addAddress(addr.getAddress(), addr.getPrefixLength());

    }

    /**

     * Add an address to the interface.

     */

    public boolean addAddress(InetAddress ip, int prefixLen) {

        try {

            mNetd.interfaceAddAddress(mIfName, ip.getHostAddress(), prefixLen);

        } catch (ServiceSpecificException | RemoteException e) {

            logError("failed to add %s/%d: %s", ip, prefixLen, e);

            return false;

        }

        return true;

    }

    /**

     * Remove an address from the interface.

     */

    public boolean removeAddress(InetAddress ip, int prefixLen) {

        try {

            mNetd.interfaceDelAddress(mIfName, ip.getHostAddress(), prefixLen);

        } catch (ServiceSpecificException | RemoteException e) {

            logError("failed to remove %s/%d: %s", ip, prefixLen, e);

            return false;

        }

        return true;

    }

    /**

     * Remove all addresses from the interface.

     */

    public boolean clearAllAddresses() {

        try {

            mNetd.interfaceClearAddrs(mIfName);

        } catch (Exception e) {

            logError("Failed to clear addresses: %s", e);

            return false;

        }

        return true;

    }

    private void logError(String fmt, Object... args) {

        mLog.e(String.format(fmt, args));

    }

}

/*

 * Copyright (C) 2017 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.net.netlink;

import static android.net.netlink.StructNlMsgHdr.NLM_F_ACK;

import static android.net.netlink.StructNlMsgHdr.NLM_F_REPLACE;

import static android.net.netlink.StructNlMsgHdr.NLM_F_REQUEST;

import static java.nio.ByteOrder.BIG_ENDIAN;

import android.system.OsConstants;

import java.net.Inet4Address;

import java.nio.ByteBuffer;

import java.nio.ByteOrder;

/**

 * A NetlinkMessage subclass for netlink conntrack messages.

 *

 * see also: <linux_src>/include/uapi/linux/netfilter/nfnetlink_conntrack.h

 *

 * @hide

 */

public class ConntrackMessage extends NetlinkMessage {

    public static final int STRUCT_SIZE = StructNlMsgHdr.STRUCT_SIZE + StructNfGenMsg.STRUCT_SIZE;

    public static final short NFNL_SUBSYS_CTNETLINK = 1;

    public static final short IPCTNL_MSG_CT_NEW = 0;

    // enum ctattr_type

    public static final short CTA_TUPLE_ORIG  = 1;

    public static final short CTA_TUPLE_REPLY = 2;

    public static final short CTA_TIMEOUT     = 7;

    // enum ctattr_tuple

    public static final short CTA_TUPLE_IP    = 1;

    public static final short CTA_TUPLE_PROTO = 2;

    // enum ctattr_ip

    public static final short CTA_IP_V4_SRC = 1;

    public static final short CTA_IP_V4_DST = 2;

    // enum ctattr_l4proto

    public static final short CTA_PROTO_NUM      = 1;

    public static final short CTA_PROTO_SRC_PORT = 2;

    public static final short CTA_PROTO_DST_PORT = 3;

    public static byte[] newIPv4TimeoutUpdateRequest(

            int proto, Inet4Address src, int sport, Inet4Address dst, int dport, int timeoutSec) {

        // *** STYLE WARNING ***

        //

        // Code below this point uses extra block indentation to highlight the

        // packing of nested tuple netlink attribute types.

        final StructNlAttr ctaTupleOrig = new StructNlAttr(CTA_TUPLE_ORIG,

                new StructNlAttr(CTA_TUPLE_IP,

                        new StructNlAttr(CTA_IP_V4_SRC, src),

                        new StructNlAttr(CTA_IP_V4_DST, dst)),

                new StructNlAttr(CTA_TUPLE_PROTO,

                        new StructNlAttr(CTA_PROTO_NUM, (byte) proto),

                        new StructNlAttr(CTA_PROTO_SRC_PORT, (short) sport, BIG_ENDIAN),

                        new StructNlAttr(CTA_PROTO_DST_PORT, (short) dport, BIG_ENDIAN)));

        final StructNlAttr ctaTimeout = new StructNlAttr(CTA_TIMEOUT, timeoutSec, BIG_ENDIAN);

        final int payloadLength = ctaTupleOrig.getAlignedLength() + ctaTimeout.getAlignedLength();

        final byte[] bytes = new byte[STRUCT_SIZE + payloadLength];

        final ByteBuffer byteBuffer = ByteBuffer.wrap(bytes);

        byteBuffer.order(ByteOrder.nativeOrder());

        final ConntrackMessage ctmsg = new ConntrackMessage();

        ctmsg.mHeader.nlmsg_len = bytes.length;

        ctmsg.mHeader.nlmsg_type = (NFNL_SUBSYS_CTNETLINK << 8) | IPCTNL_MSG_CT_NEW;

        ctmsg.mHeader.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | NLM_F_REPLACE;

        ctmsg.mHeader.nlmsg_seq = 1;

        ctmsg.pack(byteBuffer);

        ctaTupleOrig.pack(byteBuffer);

        ctaTimeout.pack(byteBuffer);

        return bytes;

    }

    protected StructNfGenMsg mNfGenMsg;

    private ConntrackMessage() {

        super(new StructNlMsgHdr());

        mNfGenMsg = new StructNfGenMsg((byte) OsConstants.AF_INET);

    }

    public void pack(ByteBuffer byteBuffer) {

        mHeader.pack(byteBuffer);

        mNfGenMsg.pack(byteBuffer);

    }

}

/*

 * Copyright (C) 2018 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package android.net.netlink;

import static android.net.netlink.NetlinkConstants.SOCK_DIAG_BY_FAMILY;

import static android.net.netlink.NetlinkSocket.DEFAULT_RECV_BUFSIZE;

import static android.net.netlink.StructNlMsgHdr.NLM_F_DUMP;

import static android.net.netlink.StructNlMsgHdr.NLM_F_REQUEST;

import static android.os.Process.INVALID_UID;

import static android.system.OsConstants.AF_INET;

import static android.system.OsConstants.AF_INET6;

import static android.system.OsConstants.IPPROTO_UDP;

import static android.system.OsConstants.NETLINK_INET_DIAG;

import android.annotation.Nullable;

import android.net.util.SocketUtils;

import android.system.ErrnoException;

import android.util.Log;

import java.io.FileDescriptor;

import java.io.IOException;

import java.io.InterruptedIOException;

import java.net.Inet4Address;

import java.net.Inet6Address;

import java.net.InetSocketAddress;

import java.net.SocketException;

import java.net.UnknownHostException;

import java.nio.ByteBuffer;

import java.nio.ByteOrder;

/**

 * A NetlinkMessage subclass for netlink inet_diag messages.

 *

 * see also: <linux_src>/include/uapi/linux/inet_diag.h

 *

 * @hide

 */

public class InetDiagMessage extends NetlinkMessage {

    public static final String TAG = "InetDiagMessage";

    private static final int TIMEOUT_MS = 500;

    public static byte[] InetDiagReqV2(int protocol, InetSocketAddress local,

            InetSocketAddress remote, int family, short flags) {

        return InetDiagReqV2(protocol, local, remote, family, flags, 0 /* pad */,

                0 /* idiagExt */, StructInetDiagReqV2.INET_DIAG_REQ_V2_ALL_STATES);

    }

    /**

     * Construct an inet_diag_req_v2 message. This method will throw {@code NullPointerException}

     * if local and remote are not both null or both non-null.

     *

     * @param protocol the request protocol type. This should be set to one of IPPROTO_TCP,

     *                 IPPROTO_UDP, or IPPROTO_UDPLITE.

     * @param local local socket address of the target socket. This will be packed into a

     *              {@Code StructInetDiagSockId}. Request to diagnose for all sockets if both of

     *              local or remote address is null.

     * @param remote remote socket address of the target socket. This will be packed into a

     *              {@Code StructInetDiagSockId}. Request to diagnose for all sockets if both of

     *              local or remote address is null.

     * @param family the ip family of the request message. This should be set to either AF_INET or

     *               AF_INET6 for IPv4 or IPv6 sockets respectively.

     * @param flags message flags. See <linux_src>/include/uapi/linux/netlink.h.

     * @param pad for raw socket protocol specification.

     * @param idiagExt a set of flags defining what kind of extended information to report.

     * @param state a bit mask that defines a filter of socket states.

     *

     * @return bytes array representation of the message

     **/

    public static byte[] InetDiagReqV2(int protocol, @Nullable InetSocketAddress local,

            @Nullable InetSocketAddress remote, int family, short flags, int pad, int idiagExt,

            int state) throws NullPointerException {

        final byte[] bytes = new byte[StructNlMsgHdr.STRUCT_SIZE + StructInetDiagReqV2.STRUCT_SIZE];

        final ByteBuffer byteBuffer = ByteBuffer.wrap(bytes);

        byteBuffer.order(ByteOrder.nativeOrder());

        final StructNlMsgHdr nlMsgHdr = new StructNlMsgHdr();

        nlMsgHdr.nlmsg_len = bytes.length;

        nlMsgHdr.nlmsg_type = SOCK_DIAG_BY_FAMILY;

        nlMsgHdr.nlmsg_flags = flags;

        nlMsgHdr.pack(byteBuffer);

        final StructInetDiagReqV2 inetDiagReqV2 =

                new StructInetDiagReqV2(protocol, local, remote, family, pad, idiagExt, state);

        inetDiagReqV2.pack(byteBuffer);

        return bytes;

    }

    public StructInetDiagMsg mStructInetDiagMsg;

    private InetDiagMessage(StructNlMsgHdr header) {

        super(header);

        mStructInetDiagMsg = new StructInetDiagMsg();

    }

    public static InetDiagMessage parse(StructNlMsgHdr header, ByteBuffer byteBuffer) {

        final InetDiagMessage msg = new InetDiagMessage(header);

        msg.mStructInetDiagMsg = StructInetDiagMsg.parse(byteBuffer);

        return msg;

    }

    private static int lookupUidByFamily(int protocol, InetSocketAddress local,

                                         InetSocketAddress remote, int family, short flags,

                                         FileDescriptor fd)

            throws ErrnoException, InterruptedIOException {

        byte[] msg = InetDiagReqV2(protocol, local, remote, family, flags);

        NetlinkSocket.sendMessage(fd, msg, 0, msg.length, TIMEOUT_MS);

        ByteBuffer response = NetlinkSocket.recvMessage(fd, DEFAULT_RECV_BUFSIZE, TIMEOUT_MS);

        final NetlinkMessage nlMsg = NetlinkMessage.parse(response);

        final StructNlMsgHdr hdr = nlMsg.getHeader();

        if (hdr.nlmsg_type == NetlinkConstants.NLMSG_DONE) {

            return INVALID_UID;

        }

        if (nlMsg instanceof InetDiagMessage) {

            return ((InetDiagMessage) nlMsg).mStructInetDiagMsg.idiag_uid;

        }

        return INVALID_UID;

    }

    private static final int FAMILY[] = {AF_INET6, AF_INET};

    private static int lookupUid(int protocol, InetSocketAddress local,

                                 InetSocketAddress remote, FileDescriptor fd)

            throws ErrnoException, InterruptedIOException {

        int uid;

        for (int family : FAMILY) {

            /**

             * For exact match lookup, swap local and remote for UDP lookups due to kernel

             * bug which will not be fixed. See aosp/755889 and

             * https://www.mail-archive.com/netdev@vger.kernel.org/msg248638.html

             */

            if (protocol == IPPROTO_UDP) {

                uid = lookupUidByFamily(protocol, remote, local, family, NLM_F_REQUEST, fd);

            } else {

                uid = lookupUidByFamily(protocol, local, remote, family, NLM_F_REQUEST, fd);

            }

            if (uid != INVALID_UID) {

                return uid;

            }

        }

        /**

         * For UDP it's possible for a socket to send packets to arbitrary destinations, even if the

         * socket is not connected (and even if the socket is connected to a different destination).

         * If we want this API to work for such packets, then on miss we need to do a second lookup

         * with only the local address and port filled in.

         * Always use flags == NLM_F_REQUEST | NLM_F_DUMP for wildcard.

         */

        if (protocol == IPPROTO_UDP) {

            try {

                InetSocketAddress wildcard = new InetSocketAddress(

                        Inet6Address.getByName("::"), 0);

                uid = lookupUidByFamily(protocol, local, wildcard, AF_INET6,

                        (short) (NLM_F_REQUEST | NLM_F_DUMP), fd);

                if (uid != INVALID_UID) {

                    return uid;

                }

                wildcard = new InetSocketAddress(Inet4Address.getByName("0.0.0.0"), 0);

                uid = lookupUidByFamily(protocol, local, wildcard, AF_INET,

                        (short) (NLM_F_REQUEST | NLM_F_DUMP), fd);

                if (uid != INVALID_UID) {

                    return uid;

                }

            } catch (UnknownHostException e) {

                Log.e(TAG, e.toString());

            }

        }

        return INVALID_UID;

    }

    /**

     * Use an inet_diag socket to look up the UID associated with the input local and remote

     * address/port and protocol of a connection.

     */

    public static int getConnectionOwnerUid(int protocol, InetSocketAddress local,

                                            InetSocketAddress remote) {

        int uid = INVALID_UID;

        FileDescriptor fd = null;

        try {

            fd = NetlinkSocket.forProto(NETLINK_INET_DIAG);

            NetlinkSocket.connectToKernel(fd);

            uid = lookupUid(protocol, local, remote, fd);

        } catch (ErrnoException | SocketException | IllegalArgumentException

                | InterruptedIOException e) {

            Log.e(TAG, e.toString());

        } finally {

            if (fd != null) {

                try {

                    SocketUtils.closeSocket(fd);

                } catch (IOException e) {

                    Log.e(TAG, e.toString());

                }

            }

        }

        return uid;

    }

    @Override

    public String toString() {

        return "InetDiagMessage{ "

                + "nlmsghdr{" + (mHeader == null ? "" : mHeader.toString()) + "}, "

                + "inet_diag_msg{"

                + (mStructInetDiagMsg == null ? "" : mStructInetDiagMsg.toString()) + "} "

                + "}";

    }

}