Snap for 10186302 from 4b950725243c3f6ffe2771e826c0eaf96d18eaa0 to udc-qpr1-release
Change-Id: Iad45df261ecece40e2c661046026357738e5ca6c
diff --git a/common/native/bpf_headers/Android.bp b/common/native/bpf_headers/Android.bp
index 31adef9..41184ea 100644
--- a/common/native/bpf_headers/Android.bp
+++ b/common/native/bpf_headers/Android.bp
@@ -33,8 +33,10 @@
min_sdk_version: "30",
apex_available: [
"//apex_available:platform",
- "com.android.tethering",
"com.android.art.debug",
+ "com.android.os.statsd",
+ "com.android.resolv",
+ "com.android.tethering",
],
}
diff --git a/common/native/bpf_headers/include/bpf/BpfUtils.h b/common/native/bpf_headers/include/bpf/BpfUtils.h
index 99c7a91..9dd5822 100644
--- a/common/native/bpf_headers/include/bpf/BpfUtils.h
+++ b/common/native/bpf_headers/include/bpf/BpfUtils.h
@@ -28,7 +28,7 @@
#include <log/log.h>
-#include "KernelVersion.h"
+#include "KernelUtils.h"
namespace android {
namespace bpf {
diff --git a/common/native/bpf_headers/include/bpf/KernelVersion.h b/common/native/bpf_headers/include/bpf/KernelUtils.h
similarity index 100%
rename from common/native/bpf_headers/include/bpf/KernelVersion.h
rename to common/native/bpf_headers/include/bpf/KernelUtils.h
diff --git a/common/native/bpf_headers/include/bpf/bpf_helpers.h b/common/native/bpf_headers/include/bpf/bpf_helpers.h
index 4939483..20b5bf1 100644
--- a/common/native/bpf_headers/include/bpf/bpf_helpers.h
+++ b/common/native/bpf_headers/include/bpf/bpf_helpers.h
@@ -103,6 +103,30 @@
#define KVER(a, b, c) (((a) << 24) + ((b) << 16) + (c))
#define KVER_INF 0xFFFFFFFFu
+/*
+ * BPFFS (ie. /sys/fs/bpf) labelling is as follows:
+ * subdirectory selinux context mainline usecase / usable by
+ * / fs_bpf no [*] core operating system (ie. platform)
+ * /loader fs_bpf_loader no, U+ (as yet unused)
+ * /net_private fs_bpf_net_private yes, T+ network_stack
+ * /net_shared fs_bpf_net_shared yes, T+ network_stack & system_server
+ * /netd_readonly fs_bpf_netd_readonly yes, T+ network_stack & system_server & r/o to netd
+ * /netd_shared fs_bpf_netd_shared yes, T+ network_stack & system_server & netd [**]
+ * /tethering fs_bpf_tethering yes, S+ network_stack
+ * /vendor fs_bpf_vendor no, T+ vendor
+ *
+ * [*] initial support for bpf was added back in P,
+ * but things worked differently back then with no bpfloader,
+ * and instead netd doing stuff by hand,
+ * bpfloader with pinning into /sys/fs/bpf was (I believe) added in Q
+ * (and was definitely there in R).
+ *
+ * [**] additionally bpf programs are accessible to netutils_wrapper
+ * for use by iptables xt_bpf extensions.
+ *
+ * See cs/p:aosp-master%20-file:prebuilts/%20file:genfs_contexts%20"genfscon%20bpf"
+ */
+
/* generic functions */
/*
diff --git a/common/native/bpf_headers/include/bpf/bpf_map_def.h b/common/native/bpf_headers/include/bpf/bpf_map_def.h
index d286eba..e430200 100644
--- a/common/native/bpf_headers/include/bpf/bpf_map_def.h
+++ b/common/native/bpf_headers/include/bpf/bpf_map_def.h
@@ -180,6 +180,14 @@
bool ignore_on_eng:1;
bool ignore_on_user:1;
bool ignore_on_userdebug:1;
+ // The following 5 ignore_on_* fields were added in version 0.38 (U). These are ignored in
+ // older bpfloader versions, and zero in programs compiled before 0.38.
+ // These are tests on the kernel architecture, ie. they ignore userspace bit-ness.
+ bool ignore_on_arm32:1;
+ bool ignore_on_aarch64:1;
+ bool ignore_on_x86_32:1;
+ bool ignore_on_x86_64:1;
+ bool ignore_on_riscv64:1;
char pad0[2]; // manually pad up to 4 byte alignment, may be used for extensions in the future
@@ -209,6 +217,14 @@
bool ignore_on_eng:1;
bool ignore_on_user:1;
bool ignore_on_userdebug:1;
+ // The following 5 ignore_on_* fields were added in version 0.38 (U). These are ignored in
+ // older bpfloader versions, and zero in programs compiled before 0.38.
+ // These are tests on the kernel architecture, ie. they ignore userspace bit-ness.
+ bool ignore_on_arm32:1;
+ bool ignore_on_aarch64:1;
+ bool ignore_on_x86_32:1;
+ bool ignore_on_x86_64:1;
+ bool ignore_on_riscv64:1;
char pad0[2]; // manually pad up to 4 byte alignment, may be used for extensions in the future
diff --git a/common/native/bpf_syscall_wrappers/Android.bp b/common/native/bpf_syscall_wrappers/Android.bp
index 125d631..b3efc21 100644
--- a/common/native/bpf_syscall_wrappers/Android.bp
+++ b/common/native/bpf_syscall_wrappers/Android.bp
@@ -33,6 +33,8 @@
"//apex_available:platform",
"com.android.art.debug",
"com.android.mediaprovider",
+ "com.android.os.statsd",
+ "com.android.resolv",
"com.android.tethering",
],
}
diff --git a/common/native/bpfmapjni/com_android_net_module_util_BpfMap.cpp b/common/native/bpfmapjni/com_android_net_module_util_BpfMap.cpp
index 2146d17..f93d6e1 100644
--- a/common/native/bpfmapjni/com_android_net_module_util_BpfMap.cpp
+++ b/common/native/bpfmapjni/com_android_net_module_util_BpfMap.cpp
@@ -25,7 +25,7 @@
#define BPF_FD_JUST_USE_INT
#include "BpfSyscallWrappers.h"
-#include "bpf/KernelVersion.h"
+#include "bpf/KernelUtils.h"
namespace android {
diff --git a/common/native/tcutils/tcutils.cpp b/common/native/tcutils/tcutils.cpp
index 37a7ec8..c82390f 100644
--- a/common/native/tcutils/tcutils.cpp
+++ b/common/native/tcutils/tcutils.cpp
@@ -19,7 +19,7 @@
#include "tcutils/tcutils.h"
#include "logging.h"
-#include "bpf/KernelVersion.h"
+#include "bpf/KernelUtils.h"
#include "scopeguard.h"
#include <arpa/inet.h>
diff --git a/common/native/tcutils/tests/tcutils_test.cpp b/common/native/tcutils/tests/tcutils_test.cpp
index 53835d7..7732247 100644
--- a/common/native/tcutils/tests/tcutils_test.cpp
+++ b/common/native/tcutils/tests/tcutils_test.cpp
@@ -18,7 +18,7 @@
#include <gtest/gtest.h>
-#include "bpf/KernelVersion.h"
+#include "bpf/KernelUtils.h"
#include <tcutils/tcutils.h>
#include <BpfSyscallWrappers.h>