1 /*
2  * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef NET_POLICY_FILE_H
17 #define NET_POLICY_FILE_H
18 
19 #include <climits>
20 #include <fcntl.h>
21 #include <fstream>
22 #include <iostream>
23 #include <memory>
24 #include <mutex>
25 #include <sstream>
26 #include <sys/sendfile.h>
27 #include <sys/stat.h>
28 #include <sys/types.h>
29 #include <unistd.h>
30 #include <vector>
31 
32 #include "cJSON.h"
33 #include "singleton.h"
34 
35 #include "netmanager_base_common_utils.h"
36 #include "net_policy_constants.h"
37 #include "net_policy_file_event_handler.h"
38 #include "net_policy_inner_define.h"
39 #include "net_quota_policy.h"
40 
41 namespace OHOS {
42 namespace NetManagerStandard {
43 enum NetUidPolicyOpType {
44     NET_POLICY_UID_OP_TYPE_DO_NOTHING = 0,
45     NET_POLICY_UID_OP_TYPE_ADD = 1,
46     NET_POLICY_UID_OP_TYPE_DELETE = 2,
47     NET_POLICY_UID_OP_TYPE_UPDATE = 3,
48 };
49 
50 class NetPolicyFile : public std::enable_shared_from_this<NetPolicyFile> {
51     DECLARE_DELAYED_SINGLETON(NetPolicyFile);
52 
53 public:
54     /**
55      * Init by reading policy from file.
56      * @return true Return true means init policy successful.
57      * @return false Return false means init policy failed.
58      */
59     bool InitPolicy();
60 
61     /**
62      * Reset policy to default.
63      */
64     int32_t ResetPolicies();
65 
66     /**
67      * Used by net_policy_rule.cpp to get policy from file.
68      *
69      * @return const std::vector<UidPolicy>&
70      */
71     const std::vector<UidPolicy> &ReadUidPolicies();
72 
73     /**
74      * Used by net_policy_rule.cpp to write policy to file.
75      *
76      * @param uid The specified UID of app.
77      * @param policy The network policy for application.
78      *      For details, see {@link NetUidPolicy}.
79      */
80     void WritePolicyByUid(uint32_t uid, uint32_t policy);
81 
82     /**
83      * Used by net_policy_traffic.cpp to get quota policy from file.
84      *
85      * @param quotaPolicies The list of network quota policy, {@link NetQuotaPolicy}.
86      */
87     void ReadQuotaPolicies(std::vector<NetQuotaPolicy> &quotaPolicies);
88 
89     /**
90      * Used by net_policy_rule.cpp to write quota policy to file.
91      *
92      * @param quotaPolicies  The list of network quota policy, {@link NetQuotaPolicy}.
93      * @return true Return true means successful.
94      * @return false Return false means failed.
95      */
96     bool WriteQuotaPolicies(const std::vector<NetQuotaPolicy> &quotaPolicies);
97 
98     /**
99      * Used by net_policy_rule.cpp to get background policy from file.
100      *
101      * @return true Return true means allow access net on background.
102      * @return false Return false means reject access net on background.
103      */
104     bool ReadBackgroundPolicy();
105 
106     /**
107      * Used by net_policy_rule.cpp to write background policy to file.
108      *
109      * @param allowBackground Allow or Reject access net on background.
110      */
111     void WriteBackgroundPolicy(bool allowBackground);
112 
113     /**
114      * Used by net_policy_firewall.cpp to get firewall policy from file.
115      *
116      * @param chainType The firewall's type.Include "Powersave" or "DeviceIdle".
117      * @param allowedList Firewall's allowed list.
118      * @param deniedList Firewall's denied list.
119      */
120     int32_t ReadFirewallRules(uint32_t chainType, std::set<uint32_t> &allowedList, std::set<uint32_t> &deniedList);
121 
122     /**
123      * Used by net_policy_firewall.cpp to write firewall policy from file.
124      *
125      * @param chainType The firewall's type.Include "Powersave" or "DeviceIdle".
126      * @param allowedList Firewall's allowed list.
127      * @param deniedList Firewall's denied list.
128      */
129     void WriteFirewallRules(uint32_t chainType, const std::set<uint32_t> &allowedList,
130                             const std::set<uint32_t> &deniedList);
131 
132     /**
133      * Used by net_policy_rule.cpp, when an app is removed from system,
134      * this uid will be also remove from file.
135      *
136      * @param uid The specified UID of app that removed.
137      */
138     void RemoveInexistentUid(uint32_t uid);
139 
140 private:
141     bool Json2Obj(const std::string &content, NetPolicy &netPolicy);
142     bool Obj2Json(const NetPolicy &netPolicy, std::string &content);
143 
144     bool ReadFile(const std::string &filePath);
145     bool ReadFile();
146     bool WriteFile();
147 
148     void AddUidPolicy(cJSON *root);
149     void AddBackgroundPolicy(cJSON *root);
150     void AddQuotaPolicy(cJSON *root);
151     void AddFirewallRule(cJSON *root);
152 
153     void ParseUidPolicy(const cJSON* const root, NetPolicy &netPolicy);
154     void ParseBackgroundPolicy(const cJSON* const root, NetPolicy &netPolicy);
155     void ParseQuotaPolicy(const cJSON* const root, NetPolicy &netPolicy);
156     void ParseFirewallRule(const cJSON* const root, NetPolicy &netPolicy);
157 
158     bool UpdateQuotaPolicyExist(const NetQuotaPolicy &quotaPolicy);
159     uint32_t ArbitrationWritePolicyToFile(uint32_t uid, uint32_t policy);
160     void WritePolicyByUid(uint32_t netUidPolicyOpType, uint32_t uid, uint32_t policy);
161 
ToQuotaPolicy(const NetPolicyQuota & netPolicyQuota,NetQuotaPolicy & quotaPolicy)162     inline void ToQuotaPolicy(const NetPolicyQuota& netPolicyQuota, NetQuotaPolicy &quotaPolicy)
163     {
164         quotaPolicy.quotapolicy.lastLimitRemind = CommonUtils::StrToLong(netPolicyQuota.lastLimitSnooze, REMIND_NEVER);
165         quotaPolicy.quotapolicy.limitBytes = CommonUtils::StrToLong(netPolicyQuota.limitBytes, DATA_USAGE_UNKNOWN);
166         quotaPolicy.quotapolicy.metered = CommonUtils::StrToBool(netPolicyQuota.metered, false);
167         quotaPolicy.networkmatchrule.netType = CommonUtils::StrToInt(netPolicyQuota.netType, BEARER_DEFAULT);
168         quotaPolicy.quotapolicy.periodDuration = netPolicyQuota.periodDuration;
169         quotaPolicy.quotapolicy.periodStartTime = CommonUtils::StrToLong(netPolicyQuota.periodStartTime);
170         quotaPolicy.networkmatchrule.simId = netPolicyQuota.simId;
171         quotaPolicy.quotapolicy.warningBytes = CommonUtils::StrToLong(netPolicyQuota.warningBytes, DATA_USAGE_UNKNOWN);
172         quotaPolicy.networkmatchrule.ident = netPolicyQuota.ident;
173     }
174 
175     std::shared_ptr<NetPolicyFileEventHandler> GetHandler();
176 
177 public:
178     NetPolicy netPolicy_;
179 };
180 } // namespace NetManagerStandard
181 } // namespace OHOS
182 #endif // NET_POLICY_FILE_H
183