service/libconnectivity/include/connectivity_native.h

/*
 * Copyright (C) 2022 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef LIBCONNECTIVITY_CONNECTIVITY_NATIVE_H_
#define LIBCONNECTIVITY_CONNECTIVITY_NATIVE_H_

#include <sys/cdefs.h>
#include <netinet/in.h>

// For branches that do not yet have __ANDROID_API_U__ defined, like module
// release branches.
#ifndef __ANDROID_API_U__
#define __ANDROID_API_U__ 34
#endif

__BEGIN_DECLS

/**
 * Blocks a port from being assigned during bind(). The caller is responsible for updating
 * /proc/sys/net/ipv4/ip_local_port_range with the port being blocked so that calls to connect()
 * will not automatically assign one of the blocked ports.
 * Will return success even if port was already blocked.
 *
 * Returns 0 on success, or a POSIX error code (see errno.h) on failure:
 *  - EINVAL for invalid port number
 *  - EPERM if the UID of the client doesn't have network stack permission
 *  - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html
 *
 * @param port Int corresponding to port number.
 */
int AConnectivityNative_blockPortForBind(in_port_t port) __INTRODUCED_IN(__ANDROID_API_U__);

/**
 * Unblocks a port that has previously been blocked.
 * Will return success even if port was already unblocked.
 *
 * Returns 0 on success, or a POSIX error code (see errno.h) on failure:
 *  - EINVAL for invalid port number
 *  - EPERM if the UID of the client doesn't have network stack permission
 *  - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html
 *
 * @param port Int corresponding to port number.
 */
int AConnectivityNative_unblockPortForBind(in_port_t port) __INTRODUCED_IN(__ANDROID_API_U__);

/**
 * Unblocks all ports that have previously been blocked.
 *
 * Returns 0 on success, or a POSIX error code (see errno.h) on failure:
 *  - EINVAL for invalid port number
 *  - EPERM if the UID of the client doesn't have network stack permission
 *  - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html
 */
int AConnectivityNative_unblockAllPortsForBind() __INTRODUCED_IN(__ANDROID_API_U__);

/**
 * Gets the list of ports that have been blocked.
 *
 * Returns 0 on success, or a POSIX error code (see errno.h) on failure:
 *  - EINVAL for invalid port number
 *  - EPERM if the UID of the client doesn't have network stack permission
 *  - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html
 *
 * @param ports Array of ports that will be filled with the port numbers.
 * @param count Pointer to the size of the ports array; the value will be set to the total number of
 *              blocked ports, which may be larger than the ports array that was filled.
 */
int AConnectivityNative_getPortsBlockedForBind(in_port_t *ports, size_t *count)
    __INTRODUCED_IN(__ANDROID_API_U__);

__END_DECLS


#endif