Snap for 12272146 from 078a0b599772899de59d0ec36f3f79a1cada9a5d to 24Q4-release
Change-Id: I8cefc9e41e90a8efa8ced83ba9dcce800beac347
diff --git a/staticlibs/native/bpf_headers/Android.bp b/bpf/headers/Android.bp
similarity index 100%
rename from staticlibs/native/bpf_headers/Android.bp
rename to bpf/headers/Android.bp
diff --git a/staticlibs/native/bpf_headers/BpfMapTest.cpp b/bpf/headers/BpfMapTest.cpp
similarity index 100%
rename from staticlibs/native/bpf_headers/BpfMapTest.cpp
rename to bpf/headers/BpfMapTest.cpp
diff --git a/staticlibs/native/bpf_headers/BpfRingbufTest.cpp b/bpf/headers/BpfRingbufTest.cpp
similarity index 100%
rename from staticlibs/native/bpf_headers/BpfRingbufTest.cpp
rename to bpf/headers/BpfRingbufTest.cpp
diff --git a/staticlibs/native/bpf_headers/TEST_MAPPING b/bpf/headers/TEST_MAPPING
similarity index 100%
rename from staticlibs/native/bpf_headers/TEST_MAPPING
rename to bpf/headers/TEST_MAPPING
diff --git a/staticlibs/native/bpf_headers/include/bpf/BpfClassic.h b/bpf/headers/include/bpf/BpfClassic.h
similarity index 100%
rename from staticlibs/native/bpf_headers/include/bpf/BpfClassic.h
rename to bpf/headers/include/bpf/BpfClassic.h
diff --git a/staticlibs/native/bpf_headers/include/bpf/BpfMap.h b/bpf/headers/include/bpf/BpfMap.h
similarity index 100%
rename from staticlibs/native/bpf_headers/include/bpf/BpfMap.h
rename to bpf/headers/include/bpf/BpfMap.h
diff --git a/staticlibs/native/bpf_headers/include/bpf/BpfRingbuf.h b/bpf/headers/include/bpf/BpfRingbuf.h
similarity index 100%
rename from staticlibs/native/bpf_headers/include/bpf/BpfRingbuf.h
rename to bpf/headers/include/bpf/BpfRingbuf.h
diff --git a/staticlibs/native/bpf_headers/include/bpf/BpfUtils.h b/bpf/headers/include/bpf/BpfUtils.h
similarity index 100%
rename from staticlibs/native/bpf_headers/include/bpf/BpfUtils.h
rename to bpf/headers/include/bpf/BpfUtils.h
diff --git a/staticlibs/native/bpf_headers/include/bpf/KernelUtils.h b/bpf/headers/include/bpf/KernelUtils.h
similarity index 100%
rename from staticlibs/native/bpf_headers/include/bpf/KernelUtils.h
rename to bpf/headers/include/bpf/KernelUtils.h
diff --git a/staticlibs/native/bpf_headers/include/bpf/WaitForProgsLoaded.h b/bpf/headers/include/bpf/WaitForProgsLoaded.h
similarity index 100%
rename from staticlibs/native/bpf_headers/include/bpf/WaitForProgsLoaded.h
rename to bpf/headers/include/bpf/WaitForProgsLoaded.h
diff --git a/staticlibs/native/bpf_headers/include/bpf/bpf_helpers.h b/bpf/headers/include/bpf_helpers.h
similarity index 100%
rename from staticlibs/native/bpf_headers/include/bpf/bpf_helpers.h
rename to bpf/headers/include/bpf_helpers.h
diff --git a/staticlibs/native/bpf_headers/include/bpf/bpf_map_def.h b/bpf/headers/include/bpf_map_def.h
similarity index 100%
rename from staticlibs/native/bpf_headers/include/bpf/bpf_map_def.h
rename to bpf/headers/include/bpf_map_def.h
diff --git a/bpf/loader/NetBpfLoad.cpp b/bpf/loader/NetBpfLoad.cpp
index 00362b4..22f12d1 100644
--- a/bpf/loader/NetBpfLoad.cpp
+++ b/bpf/loader/NetBpfLoad.cpp
@@ -60,7 +60,7 @@
#include "BpfSyscallWrappers.h"
#include "bpf/BpfUtils.h"
-#include "bpf/bpf_map_def.h"
+#include "bpf_map_def.h"
using android::base::EndsWith;
using android::base::StartsWith;
@@ -372,7 +372,7 @@
value += static_cast<unsigned char>(theBytes[1]);
value <<= 8;
value += static_cast<unsigned char>(theBytes[0]);
- ALOGI("Section %s value is %u [0x%x]", name, value, value);
+ ALOGD("Section %s value is %u [0x%x]", name, value, value);
return value;
}
}
@@ -673,28 +673,28 @@
if (md[i].zero != 0) abort();
if (bpfloader_ver < md[i].bpfloader_min_ver) {
- ALOGI("skipping map %s which requires bpfloader min ver 0x%05x", mapNames[i].c_str(),
+ ALOGD("skipping map %s which requires bpfloader min ver 0x%05x", mapNames[i].c_str(),
md[i].bpfloader_min_ver);
mapFds.push_back(unique_fd());
continue;
}
if (bpfloader_ver >= md[i].bpfloader_max_ver) {
- ALOGI("skipping map %s which requires bpfloader max ver 0x%05x", mapNames[i].c_str(),
+ ALOGD("skipping map %s which requires bpfloader max ver 0x%05x", mapNames[i].c_str(),
md[i].bpfloader_max_ver);
mapFds.push_back(unique_fd());
continue;
}
if (kvers < md[i].min_kver) {
- ALOGI("skipping map %s which requires kernel version 0x%x >= 0x%x",
+ ALOGD("skipping map %s which requires kernel version 0x%x >= 0x%x",
mapNames[i].c_str(), kvers, md[i].min_kver);
mapFds.push_back(unique_fd());
continue;
}
if (kvers >= md[i].max_kver) {
- ALOGI("skipping map %s which requires kernel version 0x%x < 0x%x",
+ ALOGD("skipping map %s which requires kernel version 0x%x < 0x%x",
mapNames[i].c_str(), kvers, md[i].max_kver);
mapFds.push_back(unique_fd());
continue;
@@ -702,7 +702,7 @@
if ((md[i].ignore_on_eng && isEng()) || (md[i].ignore_on_user && isUser()) ||
(md[i].ignore_on_userdebug && isUserdebug())) {
- ALOGI("skipping map %s which is ignored on %s builds", mapNames[i].c_str(),
+ ALOGD("skipping map %s which is ignored on %s builds", mapNames[i].c_str(),
getBuildType().c_str());
mapFds.push_back(unique_fd());
continue;
@@ -713,7 +713,7 @@
(isX86() && isKernel32Bit() && md[i].ignore_on_x86_32) ||
(isX86() && isKernel64Bit() && md[i].ignore_on_x86_64) ||
(isRiscV() && md[i].ignore_on_riscv64)) {
- ALOGI("skipping map %s which is ignored on %s", mapNames[i].c_str(),
+ ALOGD("skipping map %s which is ignored on %s", mapNames[i].c_str(),
describeArch());
mapFds.push_back(unique_fd());
continue;
@@ -1109,19 +1109,19 @@
// inclusive lower bound check
if (bpfloader_ver < bpfLoaderMinVer) {
- ALOGI("BpfLoader version 0x%05x ignoring ELF object %s with min ver 0x%05x",
+ ALOGD("BpfLoader version 0x%05x ignoring ELF object %s with min ver 0x%05x",
bpfloader_ver, elfPath, bpfLoaderMinVer);
return 0;
}
// exclusive upper bound check
if (bpfloader_ver >= bpfLoaderMaxVer) {
- ALOGI("BpfLoader version 0x%05x ignoring ELF object %s with max ver 0x%05x",
+ ALOGD("BpfLoader version 0x%05x ignoring ELF object %s with max ver 0x%05x",
bpfloader_ver, elfPath, bpfLoaderMaxVer);
return 0;
}
- ALOGI("BpfLoader version 0x%05x processing ELF object %s with ver [0x%05x,0x%05x)",
+ ALOGD("BpfLoader version 0x%05x processing ELF object %s with ver [0x%05x,0x%05x)",
bpfloader_ver, elfPath, bpfLoaderMinVer, bpfLoaderMaxVer);
ret = readCodeSections(elfFile, cs);
diff --git a/bpf/progs/dscpPolicy.c b/bpf/progs/dscpPolicy.c
index 93542ee..4bdd3ed 100644
--- a/bpf/progs/dscpPolicy.c
+++ b/bpf/progs/dscpPolicy.c
@@ -28,7 +28,7 @@
DEFINE_BPF_MAP_GRW(ipv4_dscp_policies_map, ARRAY, uint32_t, DscpPolicy, MAX_POLICIES, AID_SYSTEM)
DEFINE_BPF_MAP_GRW(ipv6_dscp_policies_map, ARRAY, uint32_t, DscpPolicy, MAX_POLICIES, AID_SYSTEM)
-static inline __always_inline void match_policy(struct __sk_buff* skb, bool ipv4) {
+static inline __always_inline void match_policy(struct __sk_buff* skb, const bool ipv4) {
void* data = (void*)(long)skb->data;
const void* data_end = (void*)(long)skb->data_end;
@@ -145,8 +145,10 @@
policy = bpf_ipv6_dscp_policies_map_lookup_elem(&key);
}
- // If the policy lookup failed, just continue (this should not ever happen)
- if (!policy) continue;
+ // Lookup failure cannot happen on an array with MAX_POLICIES entries.
+ // While 'continue' would make logical sense here, 'return' should be
+ // easier for the verifier to analyze.
+ if (!policy) return;
// If policy iface index does not match skb, then skip to next policy.
if (policy->ifindex != skb->ifindex) continue;
diff --git a/common/OWNERS b/common/OWNERS
index e7f5d11..989d286 100644
--- a/common/OWNERS
+++ b/common/OWNERS
@@ -1 +1,2 @@
per-file thread_flags.aconfig = file:platform/packages/modules/Connectivity:main:/thread/OWNERS
+per-file networksecurity_flags.aconfig = file:platform/packages/modules/Connectivity:main:/networksecurity/OWNERS
\ No newline at end of file
diff --git a/common/networksecurity_flags.aconfig b/common/networksecurity_flags.aconfig
index ef8ffcd..6438ba4 100644
--- a/common/networksecurity_flags.aconfig
+++ b/common/networksecurity_flags.aconfig
@@ -6,4 +6,5 @@
namespace: "network_security"
description: "Enable service for certificate transparency log list data"
bug: "319829948"
+ is_fixed_read_only: true
}
diff --git a/staticlibs/device/com/android/net/module/util/Struct.java b/staticlibs/device/com/android/net/module/util/Struct.java
index ff7a711..69ca678 100644
--- a/staticlibs/device/com/android/net/module/util/Struct.java
+++ b/staticlibs/device/com/android/net/module/util/Struct.java
@@ -105,6 +105,7 @@
*/
public class Struct {
public enum Type {
+ Bool, // bool, size = 1 byte
U8, // unsigned byte, size = 1 byte
U16, // unsigned short, size = 2 bytes
U32, // unsigned int, size = 4 bytes
@@ -169,6 +170,9 @@
private static void checkAnnotationType(final Field annotation, final Class fieldType) {
switch (annotation.type()) {
+ case Bool:
+ if (fieldType == Boolean.TYPE) return;
+ break;
case U8:
case S16:
if (fieldType == Short.TYPE) return;
@@ -218,6 +222,7 @@
private static int getFieldLength(final Field annotation) {
int length = 0;
switch (annotation.type()) {
+ case Bool:
case U8:
case S8:
length = 1;
@@ -357,6 +362,9 @@
final Object value;
checkAnnotationType(fieldInfo.annotation, fieldInfo.field.getType());
switch (fieldInfo.annotation.type()) {
+ case Bool:
+ value = buf.get() != 0;
+ break;
case U8:
value = (short) (buf.get() & 0xFF);
break;
@@ -457,6 +465,9 @@
private static void putFieldValue(final ByteBuffer output, final FieldInfo fieldInfo,
final Object value) throws BufferUnderflowException {
switch (fieldInfo.annotation.type()) {
+ case Bool:
+ output.put((byte) (value != null && (boolean) value ? 1 : 0));
+ break;
case U8:
output.put((byte) (((short) value) & 0xFF));
break;
@@ -748,6 +759,16 @@
return sb.toString();
}
+ /** A simple Struct which only contains a bool field. */
+ public static class Bool extends Struct {
+ @Struct.Field(order = 0, type = Struct.Type.Bool)
+ public final boolean val;
+
+ public Bool(final boolean val) {
+ this.val = val;
+ }
+ }
+
/** A simple Struct which only contains a u8 field. */
public static class U8 extends Struct {
@Struct.Field(order = 0, type = Struct.Type.U8)
diff --git a/staticlibs/tests/unit/src/com/android/net/module/util/StructTest.java b/staticlibs/tests/unit/src/com/android/net/module/util/StructTest.java
index a39b7a3..0c2605f 100644
--- a/staticlibs/tests/unit/src/com/android/net/module/util/StructTest.java
+++ b/staticlibs/tests/unit/src/com/android/net/module/util/StructTest.java
@@ -32,6 +32,7 @@
import androidx.test.filters.SmallTest;
import androidx.test.runner.AndroidJUnit4;
+import com.android.net.module.util.Struct.Bool;
import com.android.net.module.util.Struct.Field;
import com.android.net.module.util.Struct.Type;
@@ -133,6 +134,29 @@
verifyHeaderParsing(msg);
}
+ @Test
+ public void testBoolStruct() {
+ assertEquals(1, Struct.getSize(Bool.class));
+
+ assertEquals(false, Struct.parse(Bool.class, toByteBuffer("00")).val);
+ assertEquals(true, Struct.parse(Bool.class, toByteBuffer("01")).val);
+ // maybe these should throw instead, but currently only 0 is false...
+ assertEquals(true, Struct.parse(Bool.class, toByteBuffer("02")).val);
+ assertEquals(true, Struct.parse(Bool.class, toByteBuffer("7F")).val);
+ assertEquals(true, Struct.parse(Bool.class, toByteBuffer("80")).val);
+ assertEquals(true, Struct.parse(Bool.class, toByteBuffer("FF")).val);
+
+ final var f = new Bool(false);
+ final var t = new Bool(true);
+ assertEquals(f.val, false);
+ assertEquals(t.val, true);
+
+ assertArrayEquals(toByteBuffer("00").array(), f.writeToBytes(ByteOrder.BIG_ENDIAN));
+ assertArrayEquals(toByteBuffer("00").array(), f.writeToBytes(ByteOrder.LITTLE_ENDIAN));
+ assertArrayEquals(toByteBuffer("01").array(), t.writeToBytes(ByteOrder.BIG_ENDIAN));
+ assertArrayEquals(toByteBuffer("01").array(), t.writeToBytes(ByteOrder.LITTLE_ENDIAN));
+ }
+
public static class HeaderMsgWithoutConstructor extends Struct {
static int sType;
static int sLength;