commit c38a70b3180c3cdc954f04c0472e15c2f345d638
author Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Sat Oct 21 23:23:20 2023 +0000
committer Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Sat Oct 21 23:23:20 2023 +0000
tree 85b51c89bd5539333918a2039e095fa7e2409d01
parent b19239a6001fce5dbd851a3d7a4f3cbfdb982a22
parent ed0480cf94b93077191abd5f4e1437d1562d0d45

Snap for 10986202 from ed0480cf94b93077191abd5f4e1437d1562d0d45 to 24Q1-release

Change-Id: I9c749405ad09153b8b3d475fb49dad5fc0cd7753

bpfloader/BpfLoader.cpp

diff --git a/bpfloader/BpfLoader.cpp b/bpfloader/BpfLoader.cpp
index 8d8ae4f..f153b40 100644
--- a/bpfloader/BpfLoader.cpp
+++ b/bpfloader/BpfLoader.cpp
@@ -227,5 +227,10 @@
         }
     }
 
+    if (android::base::SetProperty("bpf.progs_loaded", "1") == false) {
+        ALOGE("Failed to set bpf.progs_loaded property");
+        return 1;
+    }
+
     return 0;
 }

bpfloader/bpfloader.rc

diff --git a/bpfloader/bpfloader.rc b/bpfloader/bpfloader.rc
index 1f7f815..14181dc 100644
--- a/bpfloader/bpfloader.rc
+++ b/bpfloader/bpfloader.rc
@@ -16,16 +16,16 @@
 #
 on load_bpf_programs
     exec_start bpfloader
-    exec_start netbpfload
 
-service bpfloader /system/bin/bpfloader
-    capabilities CHOWN SYS_ADMIN
+service bpfloader /system/bin/netbpfload
+    # netbpfload will do network bpf loading, then execute /system/bin/bpfloader
+    capabilities CHOWN SYS_ADMIN NET_ADMIN
     # The following group memberships are a workaround for lack of DAC_OVERRIDE
     # and allow us to open (among other things) files that we created and are
     # no longer root owned (due to CHOWN) but still have group read access to
     # one of the following groups.  This is not perfect, but a more correct
     # solution requires significantly more effort to implement.
-    group root graphics system
+    group root graphics network_stack net_admin net_bw_acct net_bw_stats net_raw system
     user root
     #
     # Set RLIMIT_MEMLOCK to 1GiB for bpfloader
@@ -37,8 +37,9 @@
     # memlock data before bpfloader even gets a chance to run, it would fail
     # if its memlock rlimit is only 8MiB - since there would be none left for it.
     #
-    # bpfloader succeeding is critical to system health:
-    # the only way to recover is a full kernel reboot.
+    # bpfloader succeeding is critical to system health, since a failure will
+    # cause netd crashloop and thus system server crashloop... and the only
+    # recovery is a full kernel reboot.
     #
     # We've had issues where devices would sometimes (rarely) boot into
     # a crashloop because bpfloader would occasionally lose a boot time
@@ -67,10 +68,10 @@
     # 2. comment out 'reboot_on_failure reboot,bpfloader-failed' below
     # 3. rebuild/reflash/reboot
     # 4. as the device is booting up capture bpfloader logs via:
-    #    adb logcat -s 'bpfloader:*' 'LibBpfLoader:*'
+    #    adb logcat -s 'bpfloader:*' 'LibBpfLoader:*' 'NetBpfLoad:*' 'NetBpfLoader:*'
     #
     # something like:
-    #   $ adb reboot; sleep 1; adb wait-for-device; adb root; sleep 1; adb wait-for-device; adb logcat -s 'bpfloader:*' 'LibBpfLoader:*'
+    #   $ adb reboot; sleep 1; adb wait-for-device; adb root; sleep 1; adb wait-for-device; adb logcat -s 'bpfloader:*' 'LibBpfLoader:*' 'NetBpfLoad:*' 'NetBpfLoader:*'
     # will take care of capturing logs as early as possible
     #
     # 5. look through the logs from the kernel's bpf verifier that bpfloader dumps out,
@@ -83,14 +84,3 @@
     reboot_on_failure reboot,bpfloader-failed
     # we're not really updatable, but want to be able to load bpf programs shipped in apexes
     updatable
-
-# Note: comments for 'bpfloader' from up above also apply here.
-# Use: adb logcat -s 'NetBpfLoad:*' 'NetBpfLoader:*'
-service netbpfload /system/bin/netbpfload
-    capabilities CHOWN SYS_ADMIN NET_ADMIN
-    group root network_stack net_admin net_bw_acct net_bw_stats net_raw system
-    user root
-    rlimit memlock 1073741824 1073741824
-    oneshot
-    reboot_on_failure reboot,netbpfload-failed
-    updatable