Add default implementation for Nlinterceptor
Add default Netlink Interceptor implementation
Bug: 201467304
Test: atest VtsHalNetlinkInterceptorV1_0Test
Change-Id: I7c765f9528a3d5be85bf5554e22eae51c1607548
diff --git a/wifi/netlinkinterceptor/libnlinterceptor/Android.bp b/wifi/netlinkinterceptor/libnlinterceptor/Android.bp
new file mode 100644
index 0000000..a5e1766
--- /dev/null
+++ b/wifi/netlinkinterceptor/libnlinterceptor/Android.bp
@@ -0,0 +1,56 @@
+//
+// Copyright (C) 2021 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+cc_defaults {
+ name: "nlinterceptor@defaults",
+ cpp_std: "experimental",
+ cflags: [
+ "-Wall",
+ "-Wextra",
+ "-Wsuggest-override",
+ "-Werror",
+ ],
+ shared_libs: [
+ "libbase",
+ "libutils",
+ ],
+ sanitize: {
+ address: true,
+ undefined: true,
+ all_undefined: true,
+ fuzzer: true,
+ cfi: true,
+ integer_overflow: true,
+ scs: true,
+ },
+ strip: {
+ keep_symbols_and_debug_frame: true,
+ },
+}
+
+cc_library_static {
+ name: "libnlinterceptor",
+ defaults: ["nlinterceptor@defaults"],
+ vendor_available: true,
+ shared_libs: [
+ "android.hardware.net.nlinterceptor-V1-ndk",
+ "libbinder_ndk",
+ ],
+ srcs: [
+ "libnlinterceptor.cpp",
+ ],
+ export_include_dirs: ["include"],
+}
diff --git a/wifi/netlinkinterceptor/libnlinterceptor/include/libnlinterceptor/libnlinterceptor.h b/wifi/netlinkinterceptor/libnlinterceptor/include/libnlinterceptor/libnlinterceptor.h
new file mode 100644
index 0000000..ac8653e
--- /dev/null
+++ b/wifi/netlinkinterceptor/libnlinterceptor/include/libnlinterceptor/libnlinterceptor.h
@@ -0,0 +1,131 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#ifdef __cplusplus
+
+#include <aidl/android/hardware/net/nlinterceptor/InterceptedSocket.h>
+#include <android-base/unique_fd.h>
+#include <linux/netlink.h>
+
+#include <optional>
+#include <string>
+
+namespace android::nlinterceptor {
+
+/**
+ * Wrapper structure to uniquely identifies a socket that Netlink Interceptor
+ * has allocated for us.
+ */
+struct InterceptedSocket {
+ uint32_t nlFamily;
+ uint32_t portId;
+
+ InterceptedSocket(
+ ::aidl::android::hardware::net::nlinterceptor::InterceptedSocket sock);
+ InterceptedSocket(uint32_t nlFamily, uint32_t portId);
+
+ bool operator<(const InterceptedSocket& other) const;
+ operator sockaddr_nl() const;
+ operator ::aidl::android::hardware::net::nlinterceptor::InterceptedSocket()
+ const;
+};
+
+/**
+ * Output stream operator for InterceptedSocket
+ */
+std::ostream& operator<<(std::ostream& os, const InterceptedSocket& sock);
+
+/**
+ * Checks if an instance Netlink Interceptor exists.
+ *
+ * \return true if supported, false if not.
+ */
+bool isEnabled();
+
+/**
+ * Asks Netlink Interceptor to allocate a socket to which we can send Netlink
+ * traffic.
+ *
+ * \param clientSocket - File descriptor for the client's Netlink socket.
+ * \param clientName - Human readable name of the client application.
+ * \return Identifier for the socket created by Netlink Interceptor, nullopt on
+ * error.
+ */
+std::optional<InterceptedSocket> createSocket(base::borrowed_fd clientSocket,
+ const std::string& clientName);
+
+/**
+ * Asks Netlink Interceptor to close a socket that it created for us previously,
+ * if it exists.
+ *
+ * \param sock - Identifier for the socket created by Netlink Interceptor.
+ */
+void closeSocket(const InterceptedSocket& sock);
+
+/**
+ * Asks Netlink Interceptor to subscribe a socket that it created for us
+ * previously to a specified multicast group.
+ *
+ * \param sock - Identifier for the socket created by Netlink Interceptor.
+ * \param group - A single Netlink multicast group for which we would like to
+ * receive events.
+ * \return true for success, false if something went wrong.
+ */
+bool subscribe(const InterceptedSocket& sock, uint32_t group);
+
+/**
+ * Asks Netlink Interceptor to unsubscribe a socket that it created for us
+ * previously from a specified multicast group.
+ *
+ * \param sock - Identifier for the socket created by Netlink Interceptor.
+ * \param group - A single Netlink multicast group for which we no longer wish
+ * to receive events.
+ * \return true for success, false if something went wrong.
+ */
+bool unsubscribe(const InterceptedSocket& sock, uint32_t group);
+} // namespace android::nlinterceptor
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+// C wrappers for libnlinterceptor
+struct android_nlinterceptor_InterceptedSocket {
+ uint32_t nlFamily;
+ uint32_t portId;
+};
+
+bool android_nlinterceptor_isEnabled();
+
+bool android_nlinterceptor_createSocket(
+ int clientSocketFd, const char* clientName,
+ struct android_nlinterceptor_InterceptedSocket* interceptedSocket);
+
+void android_nlinterceptor_closeSocket(
+ const struct android_nlinterceptor_InterceptedSocket* sock);
+
+bool android_nlinterceptor_subscribe(
+ const struct android_nlinterceptor_InterceptedSocket* sock, uint32_t group);
+
+bool android_nlinterceptor_unsubscribe(
+ const struct android_nlinterceptor_InterceptedSocket* sock, uint32_t group);
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/wifi/netlinkinterceptor/libnlinterceptor/libnlinterceptor.cpp b/wifi/netlinkinterceptor/libnlinterceptor/libnlinterceptor.cpp
new file mode 100644
index 0000000..575f900
--- /dev/null
+++ b/wifi/netlinkinterceptor/libnlinterceptor/libnlinterceptor.cpp
@@ -0,0 +1,174 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <aidl/android/hardware/net/nlinterceptor/IInterceptor.h>
+#include <android-base/logging.h>
+#include <android-base/macros.h>
+#include <android/binder_manager.h>
+#include <libnlinterceptor/libnlinterceptor.h>
+#include <linux/netlink.h>
+
+#include <mutex>
+
+namespace android::nlinterceptor {
+using namespace std::string_literals;
+using namespace ::aidl::android::hardware::net::nlinterceptor;
+using base::borrowed_fd;
+using AidlInterceptedSocket =
+ ::aidl::android::hardware::net::nlinterceptor::InterceptedSocket;
+
+static const auto kServiceName = IInterceptor::descriptor + "/default"s;
+
+InterceptedSocket::InterceptedSocket(
+ ::aidl::android::hardware::net::nlinterceptor::InterceptedSocket sock)
+ : nlFamily(sock.nlFamily), portId(sock.portId) {}
+
+InterceptedSocket::InterceptedSocket(uint32_t nlFamily, uint32_t portId)
+ : nlFamily(nlFamily), portId(portId) {}
+
+std::ostream& operator<<(std::ostream& os, const InterceptedSocket& sock) {
+ return os << "family: " << sock.nlFamily << ", portId: " << sock.portId;
+}
+
+bool InterceptedSocket::operator<(const InterceptedSocket& other) const {
+ if (nlFamily != other.nlFamily) {
+ return nlFamily < other.nlFamily;
+ }
+ return portId < other.portId;
+}
+
+InterceptedSocket::operator sockaddr_nl() const {
+ return {
+ .nl_family = AF_NETLINK,
+ .nl_pad = 0,
+ .nl_pid = portId,
+ .nl_groups = 0,
+ };
+}
+
+InterceptedSocket::operator AidlInterceptedSocket() const {
+ return {
+ .nlFamily = static_cast<int32_t>(nlFamily),
+ .portId = static_cast<int32_t>(portId),
+ };
+}
+
+bool isEnabled() {
+ static std::mutex supportedMutex;
+ static std::optional<bool> interceptorSupported;
+ // Avoid querying service manager when we can cache the result.
+ if (interceptorSupported.has_value()) return *interceptorSupported;
+ std::lock_guard lock(supportedMutex);
+ if (interceptorSupported.has_value()) return *interceptorSupported;
+
+ if (!AServiceManager_isDeclared(kServiceName.c_str())) {
+ interceptorSupported = false;
+ return false;
+ }
+ interceptorSupported = true;
+ return true;
+}
+
+static IInterceptor& getInstance() {
+ static std::mutex instanceMutex;
+ static std::shared_ptr<IInterceptor> interceptorInstance;
+ CHECK(isEnabled()) << "Can't getInstance! Interceptor not supported!";
+ // Don't overwrite the pointer once we've acquired it.
+ if (interceptorInstance != nullptr) return *interceptorInstance;
+ std::lock_guard lock(instanceMutex);
+ if (interceptorInstance != nullptr) return *interceptorInstance;
+ interceptorInstance = IInterceptor::fromBinder(
+ ndk::SpAIBinder(AServiceManager_waitForService(kServiceName.c_str())));
+ CHECK(interceptorInstance != nullptr)
+ << "Failed to get Netlink Interceptor service!";
+ return *interceptorInstance;
+}
+
+std::optional<InterceptedSocket> createSocket(borrowed_fd clientSocket,
+ const std::string& clientName) {
+ sockaddr_nl nladdr = {};
+ socklen_t nlsize = sizeof(nladdr);
+ if (getsockname(clientSocket.get(), reinterpret_cast<sockaddr*>(&nladdr),
+ &nlsize) < 0) {
+ PLOG(ERROR) << "Failed to get pid of fd passed by " << clientName;
+ return std::nullopt;
+ }
+
+ ::aidl::android::hardware::net::nlinterceptor::InterceptedSocket
+ interceptedSocket;
+ auto aidlStatus = getInstance().createSocket(
+ nladdr.nl_family, nladdr.nl_pid, clientName, &interceptedSocket);
+ if (!aidlStatus.isOk()) {
+ return std::nullopt;
+ }
+
+ return InterceptedSocket{nladdr.nl_family,
+ uint32_t(interceptedSocket.portId)};
+}
+
+void closeSocket(const InterceptedSocket& sock) {
+ auto aidlStatus = getInstance().closeSocket(sock);
+ if (!aidlStatus.isOk()) {
+ LOG(ERROR) << "Failed to close socket with pid = " << sock.portId;
+ }
+}
+
+bool subscribe(const InterceptedSocket& sock, uint32_t group) {
+ auto aidlStatus = getInstance().subscribeGroup(sock, group);
+ return aidlStatus.isOk();
+}
+
+bool unsubscribe(const InterceptedSocket& sock, uint32_t group) {
+ auto aidlStatus = getInstance().unsubscribeGroup(sock, group);
+ return aidlStatus.isOk();
+}
+
+extern "C" bool android_nlinterceptor_isEnabled() { return isEnabled(); }
+
+extern "C" bool android_nlinterceptor_createSocket(
+ int clientSocketFd, const char* clientName,
+ android_nlinterceptor_InterceptedSocket* interceptedSocket) {
+ if (!clientName || clientSocketFd <= 0) return false;
+ const auto maybeSocket =
+ createSocket(borrowed_fd(clientSocketFd), clientName);
+ if (!maybeSocket) return false;
+ *interceptedSocket = {.nlFamily = maybeSocket->nlFamily,
+ .portId = maybeSocket->portId};
+ return true;
+}
+
+extern "C" void android_nlinterceptor_closeSocket(
+ const android_nlinterceptor_InterceptedSocket* sock) {
+ if (!sock) {
+ LOG(ERROR) << "Can't close socket identified by a null pointer!";
+ return;
+ }
+ closeSocket({sock->nlFamily, sock->portId});
+}
+
+extern "C" bool android_nlinterceptor_subscribe(
+ const android_nlinterceptor_InterceptedSocket* sock, uint32_t group) {
+ if (!sock) return false;
+ return subscribe({sock->nlFamily, sock->portId}, group);
+}
+
+extern "C" bool android_nlinterceptor_unsubscribe(
+ const android_nlinterceptor_InterceptedSocket* sock, uint32_t group) {
+ if (!sock) return false;
+ return unsubscribe({sock->nlFamily, sock->portId}, group);
+}
+
+} // namespace android::nlinterceptor