1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <thread>
17
18 #include "hilog/log.h"
19 #include "iservice_registry.h"
20 #include "net_manager_constants.h"
21 #include "netfirewall_client.h"
22 #include "netmgr_ext_log_wrapper.h"
23 #include "system_ability_definition.h"
24
25 using namespace OHOS::HiviewDFX;
26
27 namespace OHOS {
28 namespace NetManagerStandard {
29 namespace {
30 constexpr size_t WAIT_REMOTE_TIME_SEC = 15;
31 constexpr uint32_t WAIT_FOR_SERVICE_TIME_S = 1;
32 constexpr uint32_t MAX_GET_SERVICE_COUNT = 10;
33 std::condition_variable g_cv;
34 std::mutex g_mutexCv;
35 } // namespace
36
OnLoadSystemAbilitySuccess(int32_t systemAbilityId,const sptr<IRemoteObject> & remoteObject)37 void NetFirewallLoadCallback::OnLoadSystemAbilitySuccess(int32_t systemAbilityId,
38 const sptr<IRemoteObject> &remoteObject)
39 {
40 NETMGR_EXT_LOG_D("OnLoadSystemAbilitySuccess systemAbilityId: [%{public}d]", systemAbilityId);
41 std::unique_lock<std::mutex> lock(g_mutexCv);
42 remoteObject_ = remoteObject;
43 g_cv.notify_one();
44 }
45
OnLoadSystemAbilityFail(int32_t systemAbilityId)46 void NetFirewallLoadCallback::OnLoadSystemAbilityFail(int32_t systemAbilityId)
47 {
48 NETMGR_EXT_LOG_D("OnLoadSystemAbilityFail: [%{public}d]", systemAbilityId);
49 loadSAFailed_ = true;
50 }
51
IsFailed()52 bool NetFirewallLoadCallback::IsFailed()
53 {
54 return loadSAFailed_;
55 }
56
GetRemoteObject() const57 const sptr<IRemoteObject> &NetFirewallLoadCallback::GetRemoteObject() const
58 {
59 return remoteObject_;
60 }
61
62
GetInstance()63 NetFirewallClient &NetFirewallClient::GetInstance()
64 {
65 static NetFirewallClient instance;
66 return instance;
67 }
68
SetNetFirewallPolicy(const int32_t userId,const sptr<NetFirewallPolicy> & status)69 int32_t NetFirewallClient::SetNetFirewallPolicy(const int32_t userId, const sptr<NetFirewallPolicy> &status)
70 {
71 sptr<INetFirewallService> proxy = GetProxy();
72 if (proxy == nullptr) {
73 NETMGR_EXT_LOG_E("SetNetFirewallPolicy proxy is nullptr");
74 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
75 }
76 return proxy->SetNetFirewallPolicy(userId, status);
77 }
78
GetNetFirewallPolicy(const int32_t userId,sptr<NetFirewallPolicy> & status)79 int32_t NetFirewallClient::GetNetFirewallPolicy(const int32_t userId, sptr<NetFirewallPolicy> &status)
80 {
81 sptr<INetFirewallService> proxy = GetProxy();
82 if (proxy == nullptr) {
83 NETMGR_EXT_LOG_E("GetNetFirewallPolicy proxy is nullptr");
84 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
85 }
86 return proxy->GetNetFirewallPolicy(userId, status);
87 }
88
AddNetFirewallRule(const sptr<NetFirewallRule> & rule,int32_t & result)89 int32_t NetFirewallClient::AddNetFirewallRule(const sptr<NetFirewallRule> &rule, int32_t &result)
90 {
91 sptr<INetFirewallService> proxy = GetProxy();
92 if (proxy == nullptr) {
93 NETMGR_EXT_LOG_E("AddNetFirewallRule proxy is nullptr");
94 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
95 }
96 return proxy->AddNetFirewallRule(rule, result);
97 }
98
UpdateNetFirewallRule(const sptr<NetFirewallRule> & rule)99 int32_t NetFirewallClient::UpdateNetFirewallRule(const sptr<NetFirewallRule> &rule)
100 {
101 sptr<INetFirewallService> proxy = GetProxy();
102 if (proxy == nullptr) {
103 NETMGR_EXT_LOG_E("UpdateNetFirewallRule proxy is nullptr");
104 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
105 }
106 return proxy->UpdateNetFirewallRule(rule);
107 }
108
DeleteNetFirewallRule(const int32_t userId,const int32_t ruleId)109 int32_t NetFirewallClient::DeleteNetFirewallRule(const int32_t userId, const int32_t ruleId)
110 {
111 sptr<INetFirewallService> proxy = GetProxy();
112 if (proxy == nullptr) {
113 NETMGR_EXT_LOG_E("DeleteNetFirewallRule proxy is nullptr");
114 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
115 }
116 return proxy->DeleteNetFirewallRule(userId, ruleId);
117 }
118
GetNetFirewallRules(const int32_t userId,const sptr<RequestParam> & requestParam,sptr<FirewallRulePage> & info)119 int32_t NetFirewallClient::GetNetFirewallRules(const int32_t userId, const sptr<RequestParam> &requestParam,
120 sptr<FirewallRulePage> &info)
121 {
122 sptr<INetFirewallService> proxy = GetProxy();
123 if (proxy == nullptr) {
124 NETMGR_EXT_LOG_E("GetNetFirewallRules proxy is nullptr");
125 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
126 }
127 return proxy->GetNetFirewallRules(userId, requestParam, info);
128 }
129
GetNetFirewallRule(const int32_t userId,const int32_t ruleId,sptr<NetFirewallRule> & rule)130 int32_t NetFirewallClient::GetNetFirewallRule(const int32_t userId, const int32_t ruleId, sptr<NetFirewallRule> &rule)
131 {
132 sptr<INetFirewallService> proxy = GetProxy();
133 if (proxy == nullptr) {
134 NETMGR_EXT_LOG_E("GetNetFirewallRule proxy is nullptr");
135 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
136 }
137 return proxy->GetNetFirewallRule(userId, ruleId, rule);
138 }
139
GetInterceptRecords(const int32_t userId,const sptr<RequestParam> & requestParam,sptr<InterceptRecordPage> & info)140 int32_t NetFirewallClient::GetInterceptRecords(const int32_t userId, const sptr<RequestParam> &requestParam,
141 sptr<InterceptRecordPage> &info)
142 {
143 sptr<INetFirewallService> proxy = GetProxy();
144 if (proxy == nullptr) {
145 NETMGR_EXT_LOG_E("GetInterceptRecords proxy is nullptr");
146 return NETMANAGER_EXT_ERR_GET_PROXY_FAIL;
147 }
148 return proxy->GetInterceptRecords(userId, requestParam, info);
149 }
150
GetProxy()151 sptr<INetFirewallService> NetFirewallClient::GetProxy()
152 {
153 NETMGR_EXT_LOG_I("NetFirewallClient getproxy");
154 std::lock_guard lock(mutex_);
155 if (netfirewallService_ != nullptr) {
156 return netfirewallService_;
157 }
158 loadCallback_ = new (std::nothrow) NetFirewallLoadCallback;
159 if (loadCallback_ == nullptr) {
160 NETMGR_EXT_LOG_E("loadCallback_ is nullptr");
161 return nullptr;
162 }
163 sptr<IRemoteObject> remote = LoadSaOnDemand();
164 if (remote == nullptr || !remote->IsProxyObject()) {
165 NETMGR_EXT_LOG_E("get Remote service failed");
166 return nullptr;
167 }
168
169 deathRecipient_ = new (std::nothrow) MonitorPcfirewallServiceDead(*this);
170 if (deathRecipient_ == nullptr) {
171 NETMGR_EXT_LOG_E("deathRecipient_ is nullptr");
172 return nullptr;
173 }
174 if ((remote->IsProxyObject()) && (!remote->AddDeathRecipient(deathRecipient_))) {
175 NETMGR_EXT_LOG_E("add death recipient failed");
176 return nullptr;
177 }
178 netfirewallService_ = iface_cast<INetFirewallService>(remote);
179 if (netfirewallService_ == nullptr) {
180 NETMGR_EXT_LOG_E("get Remote service proxy failed");
181 return nullptr;
182 }
183 return netfirewallService_;
184 }
185
LoadSaOnDemand()186 sptr<IRemoteObject> NetFirewallClient::LoadSaOnDemand()
187 {
188 NETMGR_EXT_LOG_D("NetFirewallClient OnRemoteDied");
189 if (loadCallback_->GetRemoteObject() == nullptr) {
190 sptr<ISystemAbilityManager> sam = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager();
191 if (sam == nullptr) {
192 NETMGR_EXT_LOG_E("GetSystemAbilityManager failed");
193 return nullptr;
194 }
195 int32_t result = sam->LoadSystemAbility(COMM_FIREWALL_MANAGER_SYS_ABILITY_ID, loadCallback_);
196 if (result != ERR_OK) {
197 NETMGR_EXT_LOG_E("LoadSystemAbility failed : [%{public}d]", result);
198 return nullptr;
199 }
200 std::unique_lock<std::mutex> lk(g_mutexCv);
201 if (!g_cv.wait_for(lk, std::chrono::seconds(WAIT_REMOTE_TIME_SEC),
202 [this]() { return loadCallback_->GetRemoteObject() != nullptr; })) {
203 NETMGR_EXT_LOG_E("LoadSystemAbility timeout");
204 return nullptr;
205 }
206 }
207 return loadCallback_->GetRemoteObject();
208 }
209
OnRemoteDied(const wptr<IRemoteObject> & remote)210 void NetFirewallClient::OnRemoteDied(const wptr<IRemoteObject> &remote)
211 {
212 NETMGR_EXT_LOG_D("NetFirewallClient OnRemoteDied");
213 if (remote == nullptr) {
214 NETMGR_EXT_LOG_E("remote object is nullptr");
215 return;
216 }
217 std::lock_guard lock(mutex_);
218 if (netfirewallService_ == nullptr) {
219 NETMGR_EXT_LOG_E("netfirewallService_ is nullptr");
220 return;
221 }
222 sptr<IRemoteObject> local = netfirewallService_->AsObject();
223 if (local != remote.promote()) {
224 NETMGR_EXT_LOG_E("proxy and stub is not same remote object");
225 return;
226 }
227 local->RemoveDeathRecipient(deathRecipient_);
228 netfirewallService_ = nullptr;
229
230 std::thread([this]() { this->RestartNetFirewallManagerSysAbility(); }).detach();
231 }
232
RestartNetFirewallManagerSysAbility()233 bool NetFirewallClient::RestartNetFirewallManagerSysAbility()
234 {
235 for (uint32_t i = 0; i < MAX_GET_SERVICE_COUNT; ++i) {
236 std::this_thread::sleep_for(std::chrono::seconds(WAIT_FOR_SERVICE_TIME_S));
237 sptr<INetFirewallService> proxy = GetProxy();
238 if (proxy) {
239 NETMGR_EXT_LOG_I("Restart NetFirewallManager success.");
240 return true;
241 }
242 }
243 NETMGR_EXT_LOG_E("Restart NetFirewallManager failed.");
244 return false;
245 }
246 } // namespace NetManagerStandard
247 } // namespace OHOS
248