319 lines
12 KiB
C++
319 lines
12 KiB
C++
/**
|
|
* Copyright (c) 2019, The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#define LOG_TAG "resolv"
|
|
|
|
#include "DnsResolverService.h"
|
|
|
|
#include <set>
|
|
#include <vector>
|
|
|
|
#include <BinderUtil.h>
|
|
#include <android-base/strings.h>
|
|
#include <android/binder_manager.h>
|
|
#include <android/binder_process.h>
|
|
#include <netdutils/DumpWriter.h>
|
|
#include <private/android_filesystem_config.h> // AID_SYSTEM
|
|
|
|
#include "DnsResolver.h"
|
|
#include "Experiments.h"
|
|
#include "NetdPermissions.h" // PERM_*
|
|
#include "PrivateDnsConfiguration.h"
|
|
#include "ResolverEventReporter.h"
|
|
#include "resolv_cache.h"
|
|
|
|
using aidl::android::net::ResolverOptionsParcel;
|
|
using aidl::android::net::ResolverParamsParcel;
|
|
using android::base::Join;
|
|
using android::netdutils::DumpWriter;
|
|
using android::netdutils::IPPrefix;
|
|
|
|
namespace android {
|
|
namespace net {
|
|
|
|
namespace {
|
|
|
|
#define ENFORCE_ANY_PERMISSION(...) \
|
|
do { \
|
|
::ndk::ScopedAStatus status = checkAnyPermission({__VA_ARGS__}); \
|
|
if (!status.isOk()) { \
|
|
return status; \
|
|
} \
|
|
} while (0)
|
|
|
|
#define ENFORCE_INTERNAL_PERMISSIONS() \
|
|
ENFORCE_ANY_PERMISSION(PERM_CONNECTIVITY_INTERNAL, PERM_MAINLINE_NETWORK_STACK)
|
|
|
|
#define ENFORCE_NETWORK_STACK_PERMISSIONS() \
|
|
ENFORCE_ANY_PERMISSION(PERM_NETWORK_STACK, PERM_MAINLINE_NETWORK_STACK)
|
|
|
|
inline ::ndk::ScopedAStatus statusFromErrcode(int ret) {
|
|
if (ret) {
|
|
return ::ndk::ScopedAStatus(
|
|
AStatus_fromServiceSpecificErrorWithMessage(-ret, strerror(-ret)));
|
|
}
|
|
return ::ndk::ScopedAStatus(AStatus_newOk());
|
|
}
|
|
|
|
} // namespace
|
|
|
|
DnsResolverService::DnsResolverService() {
|
|
// register log callback to BnDnsResolver::logFunc
|
|
BnDnsResolver::logFunc = [](const auto& log) {
|
|
binderCallLogFn(log, [](const std::string& msg) { gResNetdCallbacks.log(msg.c_str()); });
|
|
};
|
|
}
|
|
|
|
binder_status_t DnsResolverService::start() {
|
|
// TODO: Add disableBackgroundScheduling(true) after libbinder_ndk support it. b/126506010
|
|
// NetdNativeService does call disableBackgroundScheduling currently, so it is fine now.
|
|
std::shared_ptr<DnsResolverService> resolverService =
|
|
::ndk::SharedRefBase::make<DnsResolverService>();
|
|
binder_status_t status =
|
|
AServiceManager_addService(resolverService->asBinder().get(), getServiceName());
|
|
if (status != STATUS_OK) {
|
|
return status;
|
|
}
|
|
|
|
ABinderProcess_startThreadPool();
|
|
|
|
// TODO: register log callback if binder NDK backend support it. b/126501406
|
|
|
|
return STATUS_OK;
|
|
}
|
|
|
|
binder_status_t DnsResolverService::dump(int fd, const char** args, uint32_t numArgs) {
|
|
auto dump_permission = checkAnyPermission({PERM_DUMP});
|
|
if (!dump_permission.isOk()) {
|
|
return STATUS_PERMISSION_DENIED;
|
|
}
|
|
|
|
// This method does not grab any locks. If individual classes need locking
|
|
// their dump() methods MUST handle locking appropriately.
|
|
DumpWriter dw(fd);
|
|
|
|
if (numArgs == 1 && std::string(args[0]) == DnsQueryLog::DUMP_KEYWORD) {
|
|
dw.blankline();
|
|
gDnsResolv->dnsQueryLog().dump(dw);
|
|
dw.blankline();
|
|
return STATUS_OK;
|
|
}
|
|
|
|
for (auto netId : resolv_list_caches()) {
|
|
dw.println("NetId: %u", netId);
|
|
gDnsResolv->resolverCtrl.dump(dw, netId);
|
|
dw.blankline();
|
|
}
|
|
|
|
PrivateDnsConfiguration::getInstance().dump(dw);
|
|
Experiments::getInstance()->dump(dw);
|
|
return STATUS_OK;
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::isAlive(bool* alive) {
|
|
ENFORCE_INTERNAL_PERMISSIONS();
|
|
|
|
*alive = true;
|
|
|
|
return ::ndk::ScopedAStatus(AStatus_newOk());
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::registerEventListener(
|
|
const std::shared_ptr<aidl::android::net::metrics::INetdEventListener>& listener) {
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
int res = ResolverEventReporter::getInstance().addListener(listener);
|
|
|
|
return statusFromErrcode(res);
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::registerUnsolicitedEventListener(
|
|
const std::shared_ptr<
|
|
aidl::android::net::resolv::aidl::IDnsResolverUnsolicitedEventListener>& listener) {
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
int res = ResolverEventReporter::getInstance().addUnsolEventListener(listener);
|
|
|
|
return statusFromErrcode(res);
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::checkAnyPermission(
|
|
const std::vector<const char*>& permissions) {
|
|
// TODO: Remove callback and move this to unnamed namespace after libbiner_ndk supports
|
|
// check_permission.
|
|
if (!gResNetdCallbacks.check_calling_permission) {
|
|
return ::ndk::ScopedAStatus(AStatus_fromExceptionCodeWithMessage(
|
|
EX_NULL_POINTER, "check_calling_permission is null"));
|
|
}
|
|
pid_t pid = AIBinder_getCallingPid();
|
|
uid_t uid = AIBinder_getCallingUid();
|
|
|
|
// If the caller is the system UID, don't check permissions.
|
|
// Otherwise, if the system server's binder thread pool is full, and all the threads are
|
|
// blocked on a thread that's waiting for us to complete, we deadlock. http://b/69389492
|
|
//
|
|
// From a security perspective, there is currently no difference, because:
|
|
// 1. The only permissions we check in netd's binder interface are CONNECTIVITY_INTERNAL
|
|
// and NETWORK_STACK, which the system server always has (or MAINLINE_NETWORK_STACK, which
|
|
// is equivalent to having both CONNECTIVITY_INTERNAL and NETWORK_STACK).
|
|
// 2. AID_SYSTEM always has all permissions. See ActivityManager#checkComponentPermission.
|
|
if (uid == AID_SYSTEM) {
|
|
return ::ndk::ScopedAStatus(AStatus_newOk());
|
|
}
|
|
|
|
for (const char* permission : permissions) {
|
|
if (gResNetdCallbacks.check_calling_permission(permission)) {
|
|
return ::ndk::ScopedAStatus(AStatus_newOk());
|
|
}
|
|
}
|
|
|
|
auto err = fmt::format("UID {} / PID {} does not have any of the following permissions: {}",
|
|
uid, pid, Join(permissions, ','));
|
|
return ::ndk::ScopedAStatus(AStatus_fromExceptionCodeWithMessage(EX_SECURITY, err.c_str()));
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::setResolverConfiguration(
|
|
const ResolverParamsParcel& resolverParams) {
|
|
// Locking happens in PrivateDnsConfiguration and res_* functions.
|
|
ENFORCE_INTERNAL_PERMISSIONS();
|
|
|
|
// TODO@: Switch to selinux based permission check if AIBinder_getCallingSid and
|
|
// AIBinder_setRequestingSid can be supported by libbinder_dnk (b/159135973).
|
|
uid_t uid = AIBinder_getCallingUid();
|
|
// CAUTION: caCertificate should NOT be used except for internal testing.
|
|
if (resolverParams.caCertificate.size() != 0 && uid != AID_ROOT) {
|
|
auto err = fmt::format("UID {} is not authorized to set a non-empty CA certificate", uid);
|
|
return ::ndk::ScopedAStatus(AStatus_fromExceptionCodeWithMessage(EX_SECURITY, err.c_str()));
|
|
}
|
|
|
|
// TODO: Remove this log after AIDL gen_log supporting more types, b/129732660
|
|
auto entry =
|
|
gDnsResolverLog.newEntry()
|
|
.prettyFunction(__PRETTY_FUNCTION__)
|
|
.args(resolverParams.netId, resolverParams.servers, resolverParams.domains,
|
|
resolverParams.sampleValiditySeconds, resolverParams.successThreshold,
|
|
resolverParams.minSamples, resolverParams.maxSamples,
|
|
resolverParams.baseTimeoutMsec, resolverParams.retryCount,
|
|
resolverParams.tlsName, resolverParams.tlsServers);
|
|
|
|
int res = gDnsResolv->resolverCtrl.setResolverConfiguration(resolverParams);
|
|
gResNetdCallbacks.log(entry.returns(res).withAutomaticDuration().toString().c_str());
|
|
|
|
return statusFromErrcode(res);
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::getResolverInfo(
|
|
int32_t netId, std::vector<std::string>* servers, std::vector<std::string>* domains,
|
|
std::vector<std::string>* tlsServers, std::vector<int32_t>* params,
|
|
std::vector<int32_t>* stats, std::vector<int32_t>* wait_for_pending_req_timeout_count) {
|
|
// Locking happens in PrivateDnsConfiguration and res_* functions.
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
int res = gDnsResolv->resolverCtrl.getResolverInfo(netId, servers, domains, tlsServers, params,
|
|
stats, wait_for_pending_req_timeout_count);
|
|
|
|
return statusFromErrcode(res);
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::startPrefix64Discovery(int32_t netId) {
|
|
// Locking happens in Dns64Configuration.
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
gDnsResolv->resolverCtrl.startPrefix64Discovery(netId);
|
|
|
|
return ::ndk::ScopedAStatus(AStatus_newOk());
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::stopPrefix64Discovery(int32_t netId) {
|
|
// Locking happens in Dns64Configuration.
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
gDnsResolv->resolverCtrl.stopPrefix64Discovery(netId);
|
|
|
|
return ::ndk::ScopedAStatus(AStatus_newOk());
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::getPrefix64(int netId, std::string* stringPrefix) {
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
netdutils::IPPrefix prefix{};
|
|
int res = gDnsResolv->resolverCtrl.getPrefix64(netId, &prefix);
|
|
*stringPrefix = prefix.toString();
|
|
|
|
return statusFromErrcode(res);
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::setPrefix64(int netId, const std::string& stringPrefix) {
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
if (stringPrefix.empty()) {
|
|
return statusFromErrcode(gDnsResolv->resolverCtrl.clearPrefix64(netId));
|
|
}
|
|
|
|
IPPrefix prefix;
|
|
if (!IPPrefix::forString(stringPrefix, &prefix)) {
|
|
return statusFromErrcode(-EINVAL);
|
|
}
|
|
|
|
return statusFromErrcode(gDnsResolv->resolverCtrl.setPrefix64(netId, prefix));
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::setLogSeverity(int32_t logSeverity) {
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
int res = gDnsResolv->setLogSeverity(logSeverity);
|
|
|
|
return statusFromErrcode(res);
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::destroyNetworkCache(int netId) {
|
|
// Locking happens in res_cache.cpp functions.
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
gDnsResolv->resolverCtrl.destroyNetworkCache(netId);
|
|
Experiments::getInstance()->update();
|
|
return ::ndk::ScopedAStatus(AStatus_newOk());
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::createNetworkCache(int netId) {
|
|
// Locking happens in res_cache.cpp functions.
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
int res = gDnsResolv->resolverCtrl.createNetworkCache(netId);
|
|
Experiments::getInstance()->update();
|
|
return statusFromErrcode(res);
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::flushNetworkCache(int netId) {
|
|
// Locking happens in res_cache.cpp functions.
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
int res = gDnsResolv->resolverCtrl.flushNetworkCache(netId);
|
|
|
|
return statusFromErrcode(res);
|
|
}
|
|
|
|
::ndk::ScopedAStatus DnsResolverService::setResolverOptions(int32_t netId,
|
|
const ResolverOptionsParcel& options) {
|
|
// Locking happens in res_cache.cpp functions.
|
|
ENFORCE_NETWORK_STACK_PERMISSIONS();
|
|
|
|
return statusFromErrcode(resolv_set_options(netId, options));
|
|
}
|
|
|
|
} // namespace net
|
|
} // namespace android
|