switch to classic bpf macros
Note: this switches
com_android_networkstack_tethering_util_setupIcmpFilter
over to relative cbpf which in turn is called from:
com_android_networkstack_tethering_util_setupNaSocket
com_android_networkstack_tethering_util_setupNsSocket
and tested by p/m/C's:
TetheringUtilsTest.java - testIcmpSocketFilters()
Test: TreeHugger, atest TetheringUtilsTest
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I22a5ea8f8e3b879a37fe4acd84f61020661eaa71
diff --git a/Tethering/jni/com_android_networkstack_tethering_util_TetheringUtils.cpp b/Tethering/jni/com_android_networkstack_tethering_util_TetheringUtils.cpp
index a878fa5..14e4b9a 100644
--- a/Tethering/jni/com_android_networkstack_tethering_util_TetheringUtils.cpp
+++ b/Tethering/jni/com_android_networkstack_tethering_util_TetheringUtils.cpp
@@ -18,21 +18,19 @@
#include <error.h>
#include <jni.h>
#include <linux/filter.h>
+#include <linux/ipv6.h>
#include <nativehelper/JNIHelp.h>
#include <nativehelper/ScopedUtfChars.h>
#include <netjniutils/netjniutils.h>
#include <net/if.h>
#include <netinet/ether.h>
-#include <netinet/ip6.h>
#include <netinet/icmp6.h>
#include <sys/socket.h>
#include <stdio.h>
-namespace android {
+#include <bpf/BpfClassic.h>
-static const uint32_t kIPv6NextHeaderOffset = offsetof(ip6_hdr, ip6_nxt);
-static const uint32_t kIPv6PayloadStart = sizeof(ip6_hdr);
-static const uint32_t kICMPv6TypeOffset = kIPv6PayloadStart + offsetof(icmp6_hdr, icmp6_type);
+namespace android {
static void throwSocketException(JNIEnv *env, const char* msg, int error) {
jniThrowExceptionFmt(env, "java/net/SocketException", "%s: %s", msg, strerror(error));
@@ -42,18 +40,14 @@
uint32_t type) {
sock_filter filter_code[] = {
// Check header is ICMPv6.
- BPF_STMT(BPF_LD | BPF_B | BPF_ABS, kIPv6NextHeaderOffset),
- BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, IPPROTO_ICMPV6, 0, 3),
+ BPF_LOAD_IPV6_U8(nexthdr),
+ BPF2_REJECT_IF_NOT_EQUAL(IPPROTO_ICMPV6),
// Check ICMPv6 type.
- BPF_STMT(BPF_LD | BPF_B | BPF_ABS, kICMPv6TypeOffset),
- BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, type, 0, 1),
+ BPF_LOAD_NET_RELATIVE_U8(sizeof(ipv6hdr) + offsetof(icmp6_hdr, icmp6_type)),
+ BPF2_REJECT_IF_NOT_EQUAL(type),
- // Accept.
- BPF_STMT(BPF_RET | BPF_K, 0xffff),
-
- // Reject.
- BPF_STMT(BPF_RET | BPF_K, 0)
+ BPF_ACCEPT,
};
const sock_fprog filter = {
diff --git a/framework/Android.bp b/framework/Android.bp
index 2d729c5..8476a5d 100644
--- a/framework/Android.bp
+++ b/framework/Android.bp
@@ -183,6 +183,7 @@
"libnativehelper",
],
header_libs: [
+ "bpf_headers",
"dnsproxyd_protocol_headers",
],
stl: "none",
diff --git a/framework/jni/android_net_NetworkUtils.cpp b/framework/jni/android_net_NetworkUtils.cpp
index 38e0059..ca297e5 100644
--- a/framework/jni/android_net_NetworkUtils.cpp
+++ b/framework/jni/android_net_NetworkUtils.cpp
@@ -23,6 +23,7 @@
#include <netinet/in.h>
#include <string.h>
+#include <bpf/BpfClassic.h>
#include <DnsProxydProtocol.h> // NETID_USE_LOCAL_NAMESERVERS
#include <nativehelper/JNIPlatformHelp.h>
#include <utils/Log.h>
@@ -55,11 +56,10 @@
static void android_net_utils_attachDropAllBPFFilter(JNIEnv *env, jclass clazz, jobject javaFd)
{
- struct sock_filter filter_code[] = {
- // Reject all.
- BPF_STMT(BPF_RET | BPF_K, 0)
+ static struct sock_filter filter_code[] = {
+ BPF_REJECT,
};
- struct sock_fprog filter = {
+ static const struct sock_fprog filter = {
sizeof(filter_code) / sizeof(filter_code[0]),
filter_code,
};