Commit graph

22 commits

Author SHA1 Message Date
Bram Bonné
5a7f3ef9a8 Enable RTM_GETLINK restrictions on all apps
Extend existing restrictions targeting only apps with API level >= 30 to
all apps.

Actual enforcement happens in SELinux. This change just prevents
logspam.

To be merged when automerge to sc-dev ends.

Bug: 170188668
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Test: Connect to Wi-Fi network
Test: atest CtsSelinuxTargetSdk27TestCases
Test: atest CtsSelinuxTargetSdk28TestCasesTest: atest
CtsSelinuxTargetSdk29TestCases
Test: atest CtsSelinuxTargetSdkCurrentTestCases

Change-Id: If1761354216b23a1e55e6b9606de452899afff0c
2021-04-30 15:52:27 +02:00
Bram Bonné
bca8a4474b Revert "Reland: Soft-enable MAC address restrictions with allowlist."
Revert "Updates CTS tests for MAC address restrictions."

Revert submission 1528409-mac-softrestrict

Reason for revert: App compatibility
Reverted Changes:
I74a50b990:Return anonymized MAC for apps targeting SDK < 30
I8738f7912:Reland: Soft-enable MAC address restrictions with ...
Id13670747:Updates CTS tests for MAC address restrictions.

Change-Id: I64e17cb04acf2862bc657e60694067a456b4f936
2021-04-08 11:39:33 +02:00
Bram Bonné
95ca52a7d6 Reland: Soft-enable MAC address restrictions with allowlist.
Soft-limits apps from calling bind() on NETLINK_ROUTE sockets, and
getting link info through getifaddrs(), while still allowing apps on the
allowlist to temporarily perform these actions.

This is different from existing behavior, where apps targeting an API
level < 30 were exempted from this restriction.

Actual enforcement will happen through SELinux (as is currently the
case for apps targeting API >= 30). This temporary change will then be
reverted.

If you arrived at this change due to an app showing unexpected behavior,
please file a bug at go/netlink-bug.

Bug: 170188668
Bug: 170214442
Test: Call bind() on NETLINK_ROUTE for an app on the allowlist.
Test: Call bind() on NETLINK_ROUTE for an app not on the allowlist.
Test: Call getifaddrs() for an app on the allowlist.
Test: Call getifaddrs() for an app not on the allowlist.
Test: Call bind() on a AF_UNIX socket with its protocol set to
NETLINK_ROUTE, confirm it can succeed.
Test: Verify that previously broken apps are no longer broken.

Change-Id: I8738f7912fdc816e0d30205557728ff9e84bf7e6
2020-12-15 16:52:58 +01:00
Bram Bonné
9e97280414 Revert "Soft-enable MAC address restrictions with allowlist."
Revert "Updates CTS tests for MAC address restrictions."

Revert submission 1518603-soft-restrict-mac

Reason for revert: Missing type check
Reverted Changes:
I0488932de:Soft-enable MAC address restrictions with allowlis...
Idb9d940e4:Updates CTS tests for MAC address restrictions.
I9461f287e:Return anonymized MAC for apps targeting SDK < 30

Change-Id: I7e8e593518088ff5c8f6083b34e6966852475b9b
2020-12-14 14:14:23 +01:00
Bram Bonné
0ba499896a Soft-enable MAC address restrictions with allowlist.
Soft-limits apps from calling bind() on NETLINK_ROUTE sockets, and
getting link info through getifaddrs(), while still allowing apps on the
allowlist to temporarily perform these actions.

This is different from existing behavior, where apps targeting an API
level < 30 were exempted from this restriction.

Actual enforcement will happen through SELinux (as is currently the
case for apps targeting API >= 30). This temporary change will then be
reverted.

If you arrived at this change due to an app showing unexpected behavior,
please file a bug at go/netlink-bug.

Bug: 170188668
Bug: 170214442
Test: Call bind() on NETLINK_ROUTE for an app on the allowlist.
Test: Call bind() on NETLINK_ROUTE for an app not on the allowlist.
Test: Call getifaddrs() for an app on the allowlist.
Test: Call getifaddrs() for an app not on the allowlist.
Change-Id: I0488932deea2a7211e55a24bc33bfa3cfb16fba2
2020-12-10 11:55:45 +01:00
Bram Bonné
d994cd7349 Revert^3 "Soft-enables new MAC address restrictions."
53211a98dc

Revert submission 1498525-revert-1499099-revert-1450615-mac-address-restrictions-MNRMVNXRJM-OSETMCLBXY

Reason for revert: b/173384499#comment21
Reverted Changes:
I320d3bcf8:Revert^2 "Enforce RTM_GETLINK restrictions on all ...
I51c83733c:Revert^2 "Return anonymized MAC for apps targeting...
I0e8280c74:Revert "Revert "Updates tests for untrusted app MA...
Ia9f61819f:Revert^2 "Soft-enables new MAC address restriction...

Change-Id: I03a78644105f561a3b704deaf7333be683ecb9f7
2020-12-01 10:04:02 +00:00
Bram Bonné
53211a98dc Revert^2 "Soft-enables new MAC address restrictions."
259776d8ff

The original change was reverted due to InterfaceParamsTest failing.
This test has now been fixed in r.android.com/1498525.
The original change message is below.

Updates getifaddrs() to behave as if RTM_GETLINK requests are not
allowed for non-system apps. This is different from previous behavior,
where apps targeting an API level < 30 were exempted from this
restriction.

Actual enforcement happens in SELinux. This change:
- Soft-enables the behavior until SELinux changes are in place
- Prevents logspam from SELinux denials after they are in place

Bug: 170188668
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Test: Connect to Wi-Fi network
Test: Call getifaddrs() directly from within an app.
Test: Call NetworkInterface#getNetworkInterfaces() from within an app.

Change-Id: Ia9f61819f8fdf878c0e67e57de7e893fb3b1c233
2020-11-16 12:53:49 +00:00
Tej Singh
259776d8ff Revert "Soft-enables new MAC address restrictions."
Revert "Enforce RTM_GETLINK restrictions on all 3p apps"

Revert "Updates tests for untrusted app MAC address restrictions"

Revert submission 1450615-mac-address-restrictions

Reason for revert: DroidMonitor: Potential culprit for Bug 173243616 - verifying through Forrest before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted

Reverted Changes:
I08c709b2b:Enforce RTM_GETLINK restrictions on all 3p apps
I95d124ae8:Soft-enables new MAC address restrictions.
I5392f8339:Updates tests for untrusted app MAC address restri...
I9d214c5d0:Return anonymized MAC for apps targeting SDK < 30

Change-Id: If09920b24370077d647d60cfda7fc0a110b77851
2020-11-13 22:27:15 +00:00
Bram Bonné
18286ed465 Soft-enables new MAC address restrictions.
Updates getifaddrs() to behave as if RTM_GETLINK requests are not
allowed for non-system apps. This is different from previous behavior,
where apps targeting an API level < 30 were exempted from this
restriction.

Actual enforcement happens in SELinux. This change:
- Soft-enables the behavior until SELinux changes are in place
- Prevents logspam from SELinux denials after they are in place

Bug: 170188668
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Test: Connect to Wi-Fi network
Test: Call getifaddrs() directly from within an app.
Test: Call NetworkInterface#getNetworkInterfaces() from within an app.

Change-Id: I95d124ae81bcb26583db5ad01d95d441d52f973c
2020-10-06 13:42:19 +02:00
Bram Bonné
8e20ac4413 Resolve interface flags using SIOCGIFFLAGS ioctl
Normally, getifaddrs() gets its information about interface flags from
RTM_NEWLINK messages. With the ability for non-system apps to send
RTM_GETLINK messages going away, resolve these flags by performing a
SIOCGIFFLAGS ioctl call instead.

This fixes a bug where the flags were erroneously copied over from an
ifaddrmsg's ifa_flags.

Bug: 141455849
Test: atest bionic-unit-tests-static
Test: Connect to wireless network.
Test: Call getifaddrs() from a non-system app targeting API R+, verify
that the interface flags are correct.

Change-Id: I552f3b9d21072f59ee6f0890f47cb1bdf3cfcf20
2020-07-21 19:14:12 +02:00
Bram Bonné
918bd72225 Cleans up logging and comments in ifaddrs.
To prevent unnecessary SELinux denials, the check referred to by the
comment is kept in place. This allows us to keep auditing the
SELinux denial in order to catch apps that intentionally send
RTM_GETLINK messages.

Fix: 141455849
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Change-Id: I41e5ad6f071c820a8246177a0c629b3be788a942
2020-02-27 16:02:30 +01:00
Bram Bonné
14e5c3c3b6 Try to resolve interface names before removing nameless interfaces.
For interfaces that didn't get their name set, try to resolve their name
using if_indextoname first, before removing them from the list.

This allows getifaddrs() to keep returning interfaces that only have an
IPv6 address set (as opposed to the previous behavior where only
interfaces with an IPv4 address would be returned).

Change-Id: I0e4e6611948b12794cd3e354538f2964fbf31078
Fix: 148886805
Bug: 141455849
Test: atest NetworkInterfaceTest
Test: atest bionic-unit-tests-static
Test: atest IpSecManagerTunnelTest
2020-02-24 10:56:57 +01:00
Bram Bonné
d3df35e026 Soft-enables MAC address restrictions.
Updates getifaddrs() to behave as if RTM_GETLINK requests are not
allowed for non-system apps that have their target SDK set to R.

This change will be reverted when kernel changes enforcing this behavior
are merged, and is purely meant to check for potential appcompat issues
beforehand.

Bug: 141455849
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Test: Connect to Wi-Fi network
Test: Set up hotspot
Test: Cast from device
Test: Pair Bluetooth device
Test: Call getifaddrs() directly from within an app.
Test: Call NetworkInterface#getNetworkInterfaces() from within an app.
Test: Repeat above tests with an app that targets Android R.
Change-Id: I472891d3e8a18c86ae478be1bab1048636aa95b4
2020-01-23 17:05:42 +01:00
Bram Bonné
d54ad07f50 Extends ifaddrs for cases where the client cannot send RTM_GETLINK requests.
The previous implementation of getifaddrs() depended on RTM_GETLINK requests being allowed, returning an error otherwise. This change makes getifaddrs() attempt to get all necessary information from RTM_NEWADDR messages when RTM_NEWLINK messages are not available.

The code is functionally the same when RTM_GETLINK requests are allowed. When RTM_GETLINK requests are denied, only interfaces that have a network address are returned, and physical addresses for these interfaces remain unset.

In addition, this change updates the copyright notice because repohooks asked nicely.

Bug: 141455849
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Test: Connect to Wi-Fi network
Test: Set up hotspot
Test: Cast from device
Test: Pair Bluetooth device
Test: Call getifaddrs() directly from within an app.
Test: Call NetworkInterface#getNetworkInterfaces() from within an app.

Change-Id: Ia47e037d181ca5df6d9fdae19b405cabfafc6b0f
2020-01-23 16:15:44 +01:00
Chih-Hung Hsieh
62e3a078aa Fix google-explicit-constructor warnings.
Bug: 28341362
Change-Id: I84effbdfa1b9b39328a909b7f70fe17e7ee316c8
2016-05-03 12:08:05 -07:00
Elliott Hughes
ef925e50d3 Fix getifaddrs' handling of point-to-point interfaces.
Also remove an if that implied that IFA_BROADCAST is a possibility for
AF_INET6.

The existing tests fail if you have a point-to-point interface configured,
so no new test necessary.

Bug: http://b/27442503
Change-Id: I4c5823b32204ae6c15527853414c2a0cef320b53
2016-03-01 20:05:59 -08:00
Elliott Hughes
7dac8b8aab Fix scope ids for link-local IPv6 addresses from getifaddrs(3).
Bug: http://b/27219454
Change-Id: I7a166ff5553565f7afdab18dd2c703af4d475ab4
2016-02-17 14:38:09 -08:00
Elliott Hughes
ed57b98758 Implement if_nameindex(3)/if_freenameindex(3).
This is just a subset of the recently-implemented getifaddrs(3), though if
we want to handle interfaces (such as "rmnet_*") that don't have an address,
we need to either expose ifaddrs_storage and keep track of which interfaces
we've already seen (which is pretty messy), or refactor the netlink code so
we can reuse it and just extract the information we need for if_nameindex(3).
This patch goes the latter route.

Also clean up if_nametoindex(3) and if_indextoname(3).

Change-Id: I5ffc5df0bab62286cdda2e7af06f032c767119a8
2016-01-18 12:07:38 -08:00
Yi Kong
fdb2963e0a Handle AF_PACKET in getifaddr(3).
Also fix a bug where we were mutating the address/broadcast address
of an existing entry rather than the new entry, and use 'const' to
ensure we don't make that mistake again.

Change-Id: I31c127a5d21879b52c85cd0f7ed2e66554a21e39
2016-01-08 19:18:44 -08:00
Elliott Hughes
9cddb482b4 Revert "Revert "Implement getifaddrs(3)/freeifaddrs(3).""
This reverts commit 76814a8250.

This differs from the original in fixing the GCC -Werror build:

  bionic/libc/bionic/ifaddrs.cpp: In function 'void __handle_netlink_response(ifaddrs**, nlmsghdr*)':
  bionic/libc/bionic/ifaddrs.cpp:113:62: error: use of old-style cast [-Werror=old-style-cast]
       ifinfomsg* ifi = reinterpret_cast<ifinfomsg*>(NLMSG_DATA(hdr));

This appears to be a GCC bug; the GCC command-line correctly uses -isystem,
and manually adding #pragma GCC system_header doesn't help. So just turn the
warning off for GCC for now. We won't need to worry about building with GCC
soon anyway.

Bug: http://b/26238832
Change-Id: I01615bd335edf11baf487b1c83a9157cd780f4a1
2016-01-04 13:00:39 -08:00
Yi Kong
76814a8250 Revert "Implement getifaddrs(3)/freeifaddrs(3)."
Werror build broken. Revert while working on a fix.

This reverts commit 0945ed5cc5.

Change-Id: I67edab7a7a3b9aa673ce9d14aa95380f947838a1
2015-12-22 17:47:54 +00:00
Elliott Hughes
0945ed5cc5 Implement getifaddrs(3)/freeifaddrs(3).
Time to dust off the old libcore implementation from gingerbread and add it
to bionic. Unlike the original, this actually looks at both RTM_NEWLINK and
RTM_NEWADDR.

Bug: http://b/26238832
Change-Id: I7bb4b432deb766065b66b9c9ff36ed68249aba82
2015-12-19 14:49:09 -08:00