bpfloader - allow writeProcSysFile failure on misconfigured kernels
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I20c486ab89669c60cf1e1ebc3a5d66ef0efc1389
diff --git a/bpfloader/BpfLoader.cpp b/bpfloader/BpfLoader.cpp
index 1ad5a7d..ecba2cd 100644
--- a/bpfloader/BpfLoader.cpp
+++ b/bpfloader/BpfLoader.cpp
@@ -263,15 +263,19 @@
android::bpf::isAtLeastKernelVersion(5, 13, 0)) return 1;
// Enable the eBPF JIT -- but do note that on 64-bit kernels it is likely
- // already force enabled by the kernel config option BPF_JIT_ALWAYS_ON
+ // already force enabled by the kernel config option BPF_JIT_ALWAYS_ON.
// (Note: this (open) will fail with ENOENT 'No such file or directory' if
// kernel does not have CONFIG_BPF_JIT=y)
- if (writeProcSysFile("/proc/sys/net/core/bpf_jit_enable", "1\n")) return 1;
+ // BPF_JIT is required by R VINTF (which means 4.14/4.19/5.4 kernels),
+ // but 4.14/4.19 were released with P & Q, and only 5.4 is new in R+.
+ if (writeProcSysFile("/proc/sys/net/core/bpf_jit_enable", "1\n") &&
+ android::bpf::isAtLeastKernelVersion(5, 4, 0)) return 1;
// Enable JIT kallsyms export for privileged users only
// (Note: this (open) will fail with ENOENT 'No such file or directory' if
// kernel does not have CONFIG_HAVE_EBPF_JIT=y)
- if (writeProcSysFile("/proc/sys/net/core/bpf_jit_kallsyms", "1\n")) return 1;
+ if (writeProcSysFile("/proc/sys/net/core/bpf_jit_kallsyms", "1\n") &&
+ android::bpf::isAtLeastKernelVersion(5, 4, 0)) return 1;
// This is ugly... but this allows InProcessTethering which runs as system_server,
// instead of as network_stack to access /sys/fs/bpf/tethering, which would otherwise