Merge "BpfHandler: add 25Q2+ netd map create and write test" into main

commit: 6825d9fa3e6c3cd1d9f7daee2b71693e0857aa5a [log] [tgz]
author: Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> Thu Jan 30 16:11:15 2025 -0800
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Thu Jan 30 16:11:15 2025 -0800
tree: 1424e18d4767ad49d1e127d502ad67d20729ccb3
parent: 645b2d9755939d7bc29fc8fa4fb5c9761a1508d2 [diff]
parent: 48f244ece45137ba15ca5c8fb139c09b79c0ac70 [diff]
diff --git a/bpf/netd/BpfHandler.cpp b/bpf/netd/BpfHandler.cpp
index bcd0cba..58ac931 100644
--- a/bpf/netd/BpfHandler.cpp
+++ b/bpf/netd/BpfHandler.cpp

@@ -274,6 +274,16 @@
     RETURN_IF_NOT_OK(initPrograms(cg2_path));
     RETURN_IF_NOT_OK(initMaps());
 
+    if (android_get_device_api_level() > __ANDROID_API_V__) {
+        // make sure netd can create & write maps.  sepolicy is V+, but enough to enforce on 25Q2+
+        int key = 1;
+        int value = 123;
+        unique_fd map(bpf::createMap(BPF_MAP_TYPE_ARRAY, sizeof(key), sizeof(value), 2, 0));
+        if (!map.ok()) return statusFromErrno(errno, fmt::format("map create failed"));
+        int rv = bpf::writeToMapEntry(map, &key, &value, BPF_ANY);
+        if (rv) return statusFromErrno(errno, fmt::format("map write failed (rv={})", rv));
+    }
+
     return netdutils::status::ok;
 }
commit	6825d9fa3e6c3cd1d9f7daee2b71693e0857aa5a	[log] [tgz]
author	Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com>	Thu Jan 30 16:11:15 2025 -0800
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Thu Jan 30 16:11:15 2025 -0800
tree	1424e18d4767ad49d1e127d502ad67d20729ccb3
parent	645b2d9755939d7bc29fc8fa4fb5c9761a1508d2 [diff]
parent	48f244ece45137ba15ca5c8fb139c09b79c0ac70 [diff]