Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Connectivity / c834fdb760f78b6a21f9acadb5bc3dd399404d18^! / . / netbpfload / NetBpfLoad.cpp
commitc834fdb760f78b6a21f9acadb5bc3dd399404d18[log] [tgz]
authorMaciej Żenczykowski <maze@google.com>Sun Jun 02 22:24:01 2024 +0000
committerMaciej Żenczykowski <maze@google.com>Sun Jun 02 22:28:35 2024 +0000
tree416cf5043a76c1a06d034980559a2a7c567a1388
parentd1c52e3eb0aa13f8e671d5141c84183f2ff82880 [diff] [blame]
move V+ kernel/arch/bitness checks from BpfHandler to NetBpfLoad

Mainline netbpfload is mandatory on V+, so it matters little
whether we perform the checks in it, or in BpfHandler
(which runs as part of netd startup via libnetd_updatable.so),
and this avoids the need to reimplement isTV() opt-out.

Bug: 333970930
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I599f2c9d6710f0caa2cd71f0946459d43ddbfc17

diff --git a/netbpfload/NetBpfLoad.cpp b/netbpfload/NetBpfLoad.cpp
index f42e8a5..80df552 100644
--- a/netbpfload/NetBpfLoad.cpp
+++ b/netbpfload/NetBpfLoad.cpp

@@ -286,22 +286,34 @@
         return 1;
     }
 
+    // both S and T require kernel 4.9 (and eBpf support)
     if (isAtLeastT && !isAtLeastKernelVersion(4, 9, 0)) {
         ALOGE("Android T requires kernel 4.9.");
         return 1;
     }
 
+    // U bumps the kernel requirement up to 4.14
     if (isAtLeastU && !isAtLeastKernelVersion(4, 14, 0)) {
         ALOGE("Android U requires kernel 4.14.");
         return 1;
     }
 
+    // V bumps the kernel requirement up to 4.19
+    // see also: //system/netd/tests/kernel_test.cpp TestKernel419
     if (isAtLeastV && !isAtLeastKernelVersion(4, 19, 0)) {
         ALOGE("Android V requires kernel 4.19.");
         return 1;
     }
 
-    if (isAtLeastV && isX86() && !isKernel64Bit()) {
+    // Technically already required by U, but only enforce on V+
+    // see also: //system/netd/tests/kernel_test.cpp TestKernel64Bit
+    if (isAtLeastV && isKernel32Bit() && isAtLeastKernelVersion(5, 16, 0)) {
+        ALOGE("Android V+ platform with 32 bit kernel version >= 5.16.0 is unsupported");
+        if (!isTV()) return 1;
+    }
+
+    // Various known ABI layout issues, particularly wrt. bpf and ipsec/xfrm.
+    if (isAtLeastV && isKernel32Bit() && isX86()) {
         ALOGE("Android V requires X86 kernel to be 64-bit.");
         if (!isTV()) return 1;
     }
@@ -350,6 +362,10 @@
          * Some of these have userspace or kernel workarounds/hacks.
          * Some of them don't...
          * We're going to be removing the hacks.
+         * (for example "ANDROID: xfrm: remove in_compat_syscall() checks").
+         * Note: this check/enforcement only applies to *system* userspace code,
+         * it does not affect unprivileged apps, the 32-on-64 compatibility
+         * problems are AFAIK limited to various CAP_NET_ADMIN protected interfaces.
          *
          * Additionally the 32-bit kernel jit support is poor,
          * and 32-bit userspace on 64-bit kernel bpf ringbuffer compatibility is broken.