| Remi NGUYEN VAN | fb70eba | 2022-04-04 20:26:16 +0900 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright (C) 2022 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #ifndef LIBCONNECTIVITY_CONNECTIVITY_NATIVE_H_ |
| 18 | #define LIBCONNECTIVITY_CONNECTIVITY_NATIVE_H_ |
| 19 | |
| 20 | #include <sys/cdefs.h> |
| 21 | #include <netinet/in.h> |
| 22 | |
| 23 | // For branches that do not yet have __ANDROID_API_U__ defined, like module |
| 24 | // release branches. |
| 25 | #ifndef __ANDROID_API_U__ |
| 26 | #define __ANDROID_API_U__ 34 |
| 27 | #endif |
| 28 | |
| 29 | __BEGIN_DECLS |
| 30 | |
| 31 | /** |
| 32 | * Blocks a port from being assigned during bind(). The caller is responsible for updating |
| 33 | * /proc/sys/net/ipv4/ip_local_port_range with the port being blocked so that calls to connect() |
| 34 | * will not automatically assign one of the blocked ports. |
| 35 | * Will return success even if port was already blocked. |
| 36 | * |
| 37 | * Returns 0 on success, or a POSIX error code (see errno.h) on failure: |
| 38 | * - EINVAL for invalid port number |
| 39 | * - EPERM if the UID of the client doesn't have network stack permission |
| 40 | * - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html |
| 41 | * |
| 42 | * @param port Int corresponding to port number. |
| 43 | */ |
| 44 | int AConnectivityNative_blockPortForBind(in_port_t port) __INTRODUCED_IN(__ANDROID_API_U__); |
| 45 | |
| 46 | /** |
| 47 | * Unblocks a port that has previously been blocked. |
| 48 | * Will return success even if port was already unblocked. |
| 49 | * |
| 50 | * Returns 0 on success, or a POSIX error code (see errno.h) on failure: |
| 51 | * - EINVAL for invalid port number |
| 52 | * - EPERM if the UID of the client doesn't have network stack permission |
| 53 | * - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html |
| 54 | * |
| 55 | * @param port Int corresponding to port number. |
| 56 | */ |
| 57 | int AConnectivityNative_unblockPortForBind(in_port_t port) __INTRODUCED_IN(__ANDROID_API_U__); |
| 58 | |
| 59 | /** |
| 60 | * Unblocks all ports that have previously been blocked. |
| 61 | * |
| 62 | * Returns 0 on success, or a POSIX error code (see errno.h) on failure: |
| 63 | * - EINVAL for invalid port number |
| 64 | * - EPERM if the UID of the client doesn't have network stack permission |
| 65 | * - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html |
| 66 | */ |
| 67 | int AConnectivityNative_unblockAllPortsForBind() __INTRODUCED_IN(__ANDROID_API_U__); |
| 68 | |
| 69 | /** |
| 70 | * Gets the list of ports that have been blocked. |
| 71 | * |
| 72 | * Returns 0 on success, or a POSIX error code (see errno.h) on failure: |
| 73 | * - EINVAL for invalid port number |
| 74 | * - EPERM if the UID of the client doesn't have network stack permission |
| 75 | * - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html |
| 76 | * |
| 77 | * @param ports Array of ports that will be filled with the port numbers. |
| 78 | * @param count Pointer to the size of the ports array; the value will be set to the total number of |
| 79 | * blocked ports, which may be larger than the ports array that was filled. |
| 80 | */ |
| 81 | int AConnectivityNative_getPortsBlockedForBind(in_port_t *ports, size_t *count) |
| 82 | __INTRODUCED_IN(__ANDROID_API_U__); |
| 83 | |
| 84 | __END_DECLS |
| 85 | |
| 86 | |
| 87 | #endif |