commit 2686cea965f153e9ca2bb0a65531aed603f15fea
author Motomu Utsumi <motomuman@google.com> Wed Mar 29 15:20:56 2023 +0900
committer Motomu Utsumi <motomuman@google.com> Mon May 08 16:44:26 2023 +0900
tree 0be88fdf7cfd51cac1e5171749b1e4e3225de619
parent c28e11716e326fab4cb42847c0ba58d7b053ef59

Close sockets from ConnectivityService#setFirewallChainEnabled

And replace netd.socketDestroy by Java implementation

Bug: 270298713
Test: atest FrameworksNetTests CtsNetTestCases
Change-Id: I744b98ac1be04a1aede9d96787305e5a1a9d9ae6

staticlibs/device/com/android/net/module/util/netlink/InetDiagMessage.java

diff --git a/staticlibs/device/com/android/net/module/util/netlink/InetDiagMessage.java b/staticlibs/device/com/android/net/module/util/netlink/InetDiagMessage.java
index d462c53..e69a844 100644
--- a/staticlibs/device/com/android/net/module/util/netlink/InetDiagMessage.java
+++ b/staticlibs/device/com/android/net/module/util/netlink/InetDiagMessage.java
@@ -468,6 +468,23 @@
                         && !isAdbSocket(diagMsg));
     }
 
+    /**
+     * Close tcp sockets that match the following condition
+     *  1. TCP status is one of TCP_ESTABLISHED, TCP_SYN_SENT, and TCP_SYN_RECV
+     *  2. Owner uid of socket is in the targetUids
+     *  3. Socket is not loopback
+     *  4. Socket is not adb socket
+     *
+     * @param ownerUids target uids to close sockets
+     */
+    public static void destroyLiveTcpSocketsByOwnerUids(Set<Integer> ownerUids)
+            throws SocketException, InterruptedIOException, ErrnoException {
+        destroySockets(IPPROTO_TCP, TCP_ALIVE_STATE_FILTER,
+                (diagMsg) -> ownerUids.contains(diagMsg.inetDiagMsg.idiag_uid)
+                        && !isLoopback(diagMsg)
+                        && !isAdbSocket(diagMsg));
+    }
+
     @Override
     public String toString() {
         return "InetDiagMessage{ "