Add cgroup socket bpf kernel program support Add support for cgroup socket filter program loading in bpfloader, and create a uid permission map to store the uids that have INTERNET permission. Bug: 111560570 Bug: 111560739 Test: dumpsys netd trafficcontroller Change-Id: I658f533d302cb594d7b36d4a3a2a70e394874c33

commit: 5aee2f14a5c69a4748440c15c14b9b15e8609185 [log] [tgz]
author: Chenbo Feng <fengc@google.com> Wed Dec 26 16:14:05 2018 -0800
committer: Chenbo Feng <fengc@google.com> Mon Jan 28 15:21:59 2019 -0800
tree: 97d1973c2c7e72da5732b9b8e16d7537ae003bc8
parent: b78998c4477c0a16795a89e4af4d3b2270ce8ad2 [diff]
diff --git a/progs/Android.bp b/progs/Android.bp
index 35ba797..4302129 100644
--- a/progs/Android.bp
+++ b/progs/Android.bp

@@ -24,5 +24,8 @@
         "-Wall",
         "-Werror",
     ],
-    include_dirs: ["system/netd/libnetdbpf/include"],
+    include_dirs: [
+        "system/netd/libnetdbpf/include",
+        "system/netd/libnetdutils/include",
+    ],
 }

diff --git a/progs/netd.c b/progs/netd.c
index 0ea51a9..5f89839 100644
--- a/progs/netd.c
+++ b/progs/netd.c

@@ -58,4 +58,11 @@
     return BPF_NOMATCH;
 }
 
+struct bpf_map_def SEC("maps") uid_permission_map = {
+    .type = BPF_MAP_TYPE_HASH,
+    .key_size = sizeof(uint32_t),
+    .value_size = sizeof(uint8_t),
+    .max_entries = UID_OWNER_MAP_SIZE,
+};
+
 char _license[] SEC("license") = "Apache 2.0";
commit	5aee2f14a5c69a4748440c15c14b9b15e8609185	[log] [tgz]
author	Chenbo Feng <fengc@google.com>	Wed Dec 26 16:14:05 2018 -0800
committer	Chenbo Feng <fengc@google.com>	Mon Jan 28 15:21:59 2019 -0800
tree	97d1973c2c7e72da5732b9b8e16d7537ae003bc8
parent	b78998c4477c0a16795a89e4af4d3b2270ce8ad2 [diff]