BpfHandler: abort on U+ if unexpected cgroup mount path am: 65075bb8f8
Original change: https://android-review.googlesource.com/c/platform/packages/modules/Connectivity/+/2612449
Change-Id: I1dc2b9ddaa699a65d24685c3b20f01475bd1203b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/netd/Android.bp b/netd/Android.bp
index 473460d..4325d89 100644
--- a/netd/Android.bp
+++ b/netd/Android.bp
@@ -35,6 +35,9 @@
"BpfHandler.cpp",
"NetdUpdatable.cpp",
],
+ static_libs: [
+ "libmodules-utils-build",
+ ],
shared_libs: [
"libbase",
"liblog",
diff --git a/netd/BpfHandler.cpp b/netd/BpfHandler.cpp
index 8081d12..6409374 100644
--- a/netd/BpfHandler.cpp
+++ b/netd/BpfHandler.cpp
@@ -21,6 +21,7 @@
#include <linux/bpf.h>
#include <android-base/unique_fd.h>
+#include <android-modules-utils/sdk_level.h>
#include <bpf/WaitForProgsLoaded.h>
#include <log/log.h>
#include <netdutils/UidConstants.h>
@@ -74,9 +75,11 @@
}
static Status initPrograms(const char* cg2_path) {
+ if (modules::sdklevel::IsAtLeastU() && !!strcmp(cg2_path, "/sys/fs/cgroup")) abort();
+
unique_fd cg_fd(open(cg2_path, O_DIRECTORY | O_RDONLY | O_CLOEXEC));
if (cg_fd == -1) {
- int ret = errno;
+ const int ret = errno;
ALOGE("Failed to open the cgroup directory: %s", strerror(ret));
return statusFromErrno(ret, "Open the cgroup directory failed");
}