Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Connectivity / 7c87aaa50a8c0068d91b8980ec3cab57916d5258
commit7c87aaa50a8c0068d91b8980ec3cab57916d5258[log] [tgz]
authorMaciej Żenczykowski <maze@google.com>Fri Oct 22 16:07:00 2021 -0700
committerMaciej Żenczykowski <maze@google.com>Thu Nov 18 19:08:28 2021 +0000
tree68e3dececd525389b257abb9310662a6e68acb26
parent50303534ceaef9d0a71811cccb9b444f1e695a3f [diff]
clatd: drop AID_INET and AID_VPN supplementary groups

I can't see a reason for these still existing.

AID_VPN was needed in order to open tap/tun devices,
but this logic has long been moved out of clatd and into netd.

AID_INET is something left over from the
Paranoid Android kernel patch days.

Paranoid Android was definitely removed from the beginning of the
Android Common Kernel 4.14-r branch, but we later removed it
from 4.14-q as well (at least as far as AID_INET is concerned,
it looks like AID_NET_RAW/AID_NET_ADMIN support stayed around).

Anyway, the last branches in which AID_INET has special meaning
are ACK 4.9-Q and 4.14-P.

We effectively already require 4.9+ Q+ in Android S due to
Android Q clat bpf requirements.  Besides, the upgrade path
for any 4.14-P kernels is trivial enough: 4.14-Q or 4.14-R.

Nowadays '/sys/fs/bpf/prog_netd_cgroupsock_inet_create'
*must* load on *all* 4.14 devices or bpfloader panics.
This should enforce the internet permission via bpf
as opposed to requiring Paranoid Android kernel patch.

As such we should have all the privs necessary for correct
functionality without this - at least on any 4.14+ devices.

We dropped support for <4.9 || <Q devices in Android S,
this patch bumps the minimum kernel version to 4.14
for Android T.  Alternatively it requires 4.9 kernels
to have Paranoid Android patchset reverted (trivial),
which in turn probably requires backporting support for
cgroupsock programs.  However devices running 4.9
were launched on Android Q or earlier -- likely on P.
There is a very low probability anyone will want to
go to the effort of porting Android T to low tier
Android Q or mid tier Android P devices.

launch P devices: 4.4  4.9  4.14 - upgradable to Q, R, to S via 4.9/14-q kernel
launch Q devices: 4.9  4.14 4.19 - upgradable to R, S, to T via 4.14/19-r kernel
launch R devices: 4.14 4.19 5.4  - upgradable to S, T
launch S devices: 4.19 5.4  5.10 - upgradable to T
launch T devices: 5.4 5.10  5.~15

Either way, the next patch will actually move socket creation
ahead of priv dropping which means everything should once
again work even on 4.9 devices.

While longer term the plan is to move all socket creation out of clatd
and into it's caller (and pass them in via inherited fds).

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I8fe2e2c0232b6cf0d4b7b2585f840a574080afa9
1 file changed
tree: 68e3dececd525389b257abb9310662a6e68acb26
  1. .clang-format
  2. Android.bp
  3. BUGS
  4. clatd.c
  5. clatd.h
  6. clatd_test.cpp
  7. common.h
  8. config.h
  9. debug.h
  10. dump.c
  11. dump.h
  12. getaddr.c
  13. getaddr.h
  14. icmp.c
  15. icmp.h
  16. ipv4.c
  17. ipv6.c
  18. LICENSE
  19. logging.c
  20. logging.h
  21. main.c
  22. METADATA
  23. MODULE_LICENSE_APACHE2
  24. netlink_callbacks.c
  25. netlink_callbacks.h
  26. netlink_msg.c
  27. netlink_msg.h
  28. NOTICE
  29. OWNERS
  30. PREUPLOAD.cfg
  31. setif.c
  32. setif.h
  33. TEST_MAPPING
  34. translate.c
  35. translate.h
  36. vendor-464xlat.rc