Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 1 | This directory contains comment stripped versions of |
| 2 | //system/bpf/bpfloader/bpfloader.rc |
Maciej Żenczykowski | 4693637 | 2024-10-02 19:32:50 +0000 | [diff] [blame] | 3 | or |
| 4 | //packages/modules/Connectivity/bpf/loader/netbpfload.rc |
| 5 | (as appropriate) from previous versions of Android. |
Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 6 | |
| 7 | Generated via: |
Maciej Żenczykowski | 4693637 | 2024-10-02 19:32:50 +0000 | [diff] [blame] | 8 | (cd ../../../../../../system/bpf && git cat-file -p remotes/aosp/android11-release:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk30-11-R.rc |
| 9 | (cd ../../../../../../system/bpf && git cat-file -p remotes/aosp/android12-release:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk31-12-S.rc |
| 10 | (cd ../../../../../../system/bpf && git cat-file -p remotes/aosp/android13-release:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk33-13-T.rc |
| 11 | (cd ../../../../../../system/bpf && git cat-file -p remotes/aosp/android14-release:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk34-14-U.rc |
| 12 | git cat-file -p remotes/aosp/android14-qpr2-release:netbpfload/netbpfload.rc | egrep -v '^ *#' > bpfloader-sdk34-14-U-QPR2-24Q1.rc |
| 13 | git cat-file -p remotes/aosp/android14-qpr3-release:netbpfload/netbpfload.rc | egrep -v '^ *#' > bpfloader-sdk34-14-U-QPR3-24Q2.rc |
| 14 | git cat-file -p remotes/aosp/android15-release:netbpfload/netbpfload.rc | egrep -v '^ *#' > bpfloader-sdk35-15-V-24Q3.rc |
| 15 | git cat-file -p remotes/aosp/main:bpf/loader/netbpfload.rc | egrep -v '^ *#' > bpfloader-sdk35-15-V-QPR1-24Q4.rc |
| 16 | |
| 17 | see also: |
| 18 | https://android.googlesource.com/platform/system/bpf/+/refs/heads/android11-release/bpfloader/bpfloader.rc |
| 19 | https://android.googlesource.com/platform/system/bpf/+/refs/heads/android12-release/bpfloader/bpfloader.rc |
| 20 | https://android.googlesource.com/platform/system/bpf/+/refs/heads/android13-release/bpfloader/bpfloader.rc |
| 21 | https://android.googlesource.com/platform/system/bpf/+/refs/heads/android14-release/bpfloader/bpfloader.rc |
| 22 | https://android.googlesource.com/platform/system/bpf/+/refs/heads/android14-qpr1-release/bpfloader/bpfloader.rc |
| 23 | https://android.googlesource.com/platform/system/bpf/+/refs/heads/android14-qpr2-release/bpfloader/ (rc file is gone in QPR2) |
| 24 | https://android.googlesource.com/platform/packages/modules/Connectivity/+/refs/heads/android14-qpr2-release/netbpfload/netbpfload.rc |
| 25 | https://android.googlesource.com/platform/packages/modules/Connectivity/+/refs/heads/android14-qpr3-release/netbpfload/netbpfload.rc |
| 26 | https://android.googlesource.com/platform/packages/modules/Connectivity/+/refs/heads/android15-release/netbpfload/netbpfload.rc |
| 27 | https://android.googlesource.com/platform/packages/modules/Connectivity/+/refs/heads/android15-qpr1-release/netbpfload/netbpfload.rc |
| 28 | https://android.googlesource.com/platform/packages/modules/Connectivity/+/refs/heads/main/netbpfload/netbpfload.rc |
| 29 | or: |
| 30 | https://googleplex-android.googlesource.com/platform/packages/modules/Connectivity/+/refs/heads/24Q1-release/netbpfload/netbpfload.rc |
| 31 | https://googleplex-android.googlesource.com/platform/packages/modules/Connectivity/+/refs/heads/24Q2-release/netbpfload/netbpfload.rc |
| 32 | https://googleplex-android.googlesource.com/platform/packages/modules/Connectivity/+/refs/heads/24Q3-release/netbpfload/netbpfload.rc |
| 33 | https://googleplex-android.googlesource.com/platform/packages/modules/Connectivity/+/refs/heads/24Q4-release/bpf/loader/netbpfload.rc |
Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 34 | |
| 35 | this is entirely equivalent to: |
| 36 | (cd /android1/system/bpf && git cat-file -p remotes/goog/rvc-dev:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk30-11-R.rc |
| 37 | (cd /android1/system/bpf && git cat-file -p remotes/goog/sc-dev:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk31-12-S.rc |
| 38 | (cd /android1/system/bpf && git cat-file -p remotes/goog/tm-dev:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk33-13-T.rc |
| 39 | (cd /android1/system/bpf && git cat-file -p remotes/goog/udc-dev:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk34-14-U.rc |
Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 40 | |
| 41 | it is also equivalent to: |
| 42 | (cd /android1/system/bpf && git cat-file -p remotes/goog/rvc-qpr-dev:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk30-11-R.rc |
| 43 | (cd /android1/system/bpf && git cat-file -p remotes/goog/sc-v2-dev:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk31-12-S.rc |
| 44 | (cd /android1/system/bpf && git cat-file -p remotes/goog/tm-qpr-dev:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk33-13-T.rc |
| 45 | (cd /android1/system/bpf && git cat-file -p remotes/goog/udc-qpr-dev:bpfloader/bpfloader.rc; ) | egrep -v '^ *#' > bpfloader-sdk34-14-U.rc |
| 46 | |
| 47 | ie. there were no changes between R/S/T and R/S/T QPR3, and no change between U and U QPR1. |
| 48 | |
| 49 | Note: Sv2 sdk/api level is actually 32, it just didn't change anything wrt. bpf, so doesn't matter. |
| 50 | |
| 51 | |
| 52 | Key takeaways: |
| 53 | |
Maciej Żenczykowski | 4e9230d | 2024-10-02 22:33:21 +0000 | [diff] [blame^] | 54 | = R bpfloader (platform) |
Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 55 | - CHOWN + SYS_ADMIN |
| 56 | - asynchronous startup |
| 57 | - platform only |
| 58 | - proc file setup handled by initrc |
| 59 | |
Maciej Żenczykowski | 4e9230d | 2024-10-02 22:33:21 +0000 | [diff] [blame^] | 60 | = S bpfloader (platform) |
Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 61 | - adds NET_ADMIN |
| 62 | - synchronous startup |
| 63 | - platform + mainline tethering offload |
| 64 | |
Maciej Żenczykowski | 4e9230d | 2024-10-02 22:33:21 +0000 | [diff] [blame^] | 65 | = T bpfloader (platform) |
Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 66 | - platform + mainline networking (including tethering offload) |
| 67 | - supported btf for maps via exec of btfloader |
| 68 | |
Maciej Żenczykowski | 4e9230d | 2024-10-02 22:33:21 +0000 | [diff] [blame^] | 69 | = U bpfloader (platform) |
Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 70 | - proc file setup moved into bpfloader binary |
| 71 | - explicitly specified user and groups: |
| 72 | group root graphics network_stack net_admin net_bw_acct net_bw_stats net_raw system |
| 73 | user root |
| 74 | |
Maciej Żenczykowski | 4e9230d | 2024-10-02 22:33:21 +0000 | [diff] [blame^] | 75 | = U QPR2 [24Q1] bpfloader (platform netbpfload -> platform bpfloader) |
Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 76 | - drops support of btf for maps |
| 77 | - invocation of /system/bin/netbpfload binary, which after handling *all* |
| 78 | networking bpf related things executes the platform /system/bin/bpfloader |
| 79 | which handles non-networking bpf. |
Maciej Żenczykowski | 4e9230d | 2024-10-02 22:33:21 +0000 | [diff] [blame^] | 80 | - Note: this does not (by itself) call into apex NetBpfLoad |
| 81 | |
| 82 | = U QPR3 [24Q2] bpfloader (platform netbpfload -> apex netbpfload -> platform bpfloader) |
| 83 | - platform NetBpfload *always* execs into apex NetBpfLoad, |
| 84 | - shipped with mainline tethering apex that includes NetBpfLoad binary. |
| 85 | |
| 86 | = V [24Q3] bpfloader (apex netbpfload -> platform bpfloader) |
| 87 | - no significant changes, though it does hard require the apex NetBpfLoad |
| 88 | by virtue of the platform NetBpfLoad no longer being present. |
| 89 | ie. the apex must override the platform 'bpfloader' service for 35+: |
| 90 | the V FRC M-2024-08+ tethering apex does this. |
| 91 | |
| 92 | = V QPR1 [24Q4] bpfloader (apex netbpfload -> platform bpfloader) |
| 93 | - made netd start earlier (previously happened in parallel to zygote) |
| 94 | - renamed and moved the trigger out of netbpload.rc into |
| 95 | //system/core/rootdir/init.rc |
| 96 | - the new sequence is: |
| 97 | trigger post-fs-data (logd available, starts apexd) |
| 98 | trigger load-bpf-programs (does: exec_start bpfloader) |
| 99 | trigger bpf-progs-loaded (does: start netd) |
| 100 | trigger zygote-start |
| 101 | - this is more or less irrelevant from the point of view of the bpfloader, |
| 102 | but it does mean netd init could fail and abort the boot earlier, |
| 103 | before 'A/B update_verifier marks a successful boot'. |
| 104 | Though note that due to netd being started asynchronously, it is racy. |
Maciej Żenczykowski | b094027 | 2023-10-23 22:45:43 -0700 | [diff] [blame] | 105 | |
| 106 | Note that there is now a copy of 'netbpfload' provided by the tethering apex |
| 107 | mainline module at /apex/com.android.tethering/bin/netbpfload, which due |
| 108 | to the use of execve("/system/bin/bpfloader") relies on T+ selinux which was |
| 109 | added for btf map support (specifically the ability to exec the "btfloader"). |
Maciej Żenczykowski | 4e9230d | 2024-10-02 22:33:21 +0000 | [diff] [blame^] | 110 | |
| 111 | = mainline tethering apex M-2024-08+ overrides the platform service for V+ |
| 112 | thus loading mainline (ie. networking) bpf programs from mainline 'NetBpfLoad' |
| 113 | and platform ones from platform 'bpfloader'. |
| 114 | |
| 115 | = mainline tethering apex M-2024-09+ changes T+ behaviour (U QPR3+ unaffected) |
| 116 | netd -> netd_updatable.so -> ctl.start=mdnsd_netbpfload -> load net bpf programs |