Gitiles
Code Review Sign In
review.blissroms.org / platform_packages_modules_Connectivity-old / a9716ffcb8b16ea488969a35af68a46a2f745043^! / . / service / native / include
commita9716ffcb8b16ea488969a35af68a46a2f745043[log] [tgz]
authorWayne Ma <waynema@google.com>Wed Jan 12 10:37:04 2022 +0800
committerWayne Ma <waynema@google.com>Sat Jan 22 12:33:49 2022 +0800
tree72e5d19ff9e6e096352f0bd0782c6eb7c313bd4f
parent29d5f0adbe0ad328e17d58d46f0fee2ca1cb5a7a [diff]
[NETD-TC#11] Make TrafficController as libtraffic_controller into
Tethering module.

Delete tagSocket(), privilegedTagSocket() and untagSocket() since
they are moved out of TrafficController in aosp/1849156.

Bug: 202086915
Test: m; flash; boot;
Change-Id: Ifeaeb060fbf1add9f06748e7846b9e11e0345bda

diff --git a/service/native/include/Common.h b/service/native/include/Common.h
new file mode 100644
index 0000000..7c0b797
--- /dev/null
+++ b/service/native/include/Common.h

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+// TODO: deduplicate with the constants in NetdConstants.h.
+#include <aidl/android/net/INetd.h>
+
+using aidl::android::net::INetd;
+
+enum FirewallRule { ALLOW = INetd::FIREWALL_RULE_ALLOW, DENY = INetd::FIREWALL_RULE_DENY };
+
+// ALLOWLIST means the firewall denies all by default, uids must be explicitly ALLOWed
+// DENYLIST means the firewall allows all by default, uids must be explicitly DENYed
+
+enum FirewallType { ALLOWLIST = INetd::FIREWALL_ALLOWLIST, DENYLIST = INetd::FIREWALL_DENYLIST };
+
+enum ChildChain {
+    NONE = INetd::FIREWALL_CHAIN_NONE,
+    DOZABLE = INetd::FIREWALL_CHAIN_DOZABLE,
+    STANDBY = INetd::FIREWALL_CHAIN_STANDBY,
+    POWERSAVE = INetd::FIREWALL_CHAIN_POWERSAVE,
+    RESTRICTED = INetd::FIREWALL_CHAIN_RESTRICTED,
+    INVALID_CHAIN
+};

diff --git a/service/native/include/TrafficController.h b/service/native/include/TrafficController.h
index 3e98b68..c050871 100644
--- a/service/native/include/TrafficController.h
+++ b/service/native/include/TrafficController.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2017 The Android Open Source Project
+ * Copyright (C) 2022 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,12 +14,11 @@
  * limitations under the License.
  */
 
-#ifndef NETD_SERVER_TRAFFIC_CONTROLLER_H
-#define NETD_SERVER_TRAFFIC_CONTROLLER_H
+#pragma once
 
-#include <linux/bpf.h>
+#include <set>
+#include <Common.h>
 
-#include "NetlinkListener.h"
 #include "android-base/thread_annotations.h"
 #include "bpf/BpfMap.h"
 #include "bpf_shared.h"
@@ -31,6 +30,8 @@
 namespace android {
 namespace net {
 
+using netdutils::StatusOr;
+
 class TrafficController {
   public:
     /*
@@ -38,9 +39,6 @@
      */
     netdutils::Status start();
 
-    /*
-     * Similiar as above, no external lock required.
-     */
     int setCounterSet(int counterSetNum, uid_t uid, uid_t callingUid) EXCLUDES(mMutex);
 
     /*
@@ -84,7 +82,7 @@
             EXCLUDES(mMutex);
     netdutils::Status removeUidInterfaceRules(const std::vector<int32_t>& uids) EXCLUDES(mMutex);
 
-    netdutils::Status updateUidOwnerMap(const std::vector<uint32_t>& appStrUids,
+    netdutils::Status updateUidOwnerMap(const uint32_t uid,
                                         UidOwnerMatchType matchType, IptOp op) EXCLUDES(mMutex);
     static const String16 DUMP_KEYWORD;
 
@@ -187,21 +185,6 @@
     netdutils::Status addRule(uint32_t uid, UidOwnerMatchType match, uint32_t iif = 0)
             REQUIRES(mMutex);
 
-    // mMutex guards all accesses to mConfigurationMap, mUidOwnerMap, mUidPermissionMap,
-    // mStatsMapA, mStatsMapB and mPrivilegedUser. It is designed to solve the following
-    // problems:
-    // 1. Prevent concurrent access and modification to mConfigurationMap, mUidOwnerMap,
-    //    mUidPermissionMap, and mPrivilegedUser. These data members are controlled by netd but can
-    //    be modified from different threads. TrafficController provides several APIs directly
-    //    called by the binder RPC, and different binder threads can concurrently access these data
-    //    members mentioned above. Some of the data members such as mUidPermissionMap and
-    //    mPrivilegedUsers are also accessed from a different thread when tagging sockets or
-    //    setting the counterSet through FwmarkServer
-    // 2. Coordinate the deletion of uid stats in mStatsMapA and mStatsMapB. The system server
-    //    always call into netd to ask for a live stats map change before it pull and clean up the
-    //    stats from the inactive map. The mMutex will block netd from accessing the stats map when
-    //    the mConfigurationMap is updating the current stats map so netd will not accidentally
-    //    read the map that system_server is cleaning up.
     std::mutex mMutex;
 
     netdutils::Status initMaps() EXCLUDES(mMutex);
@@ -218,5 +201,3 @@
 
 }  // namespace net
 }  // namespace android
-
-#endif  // NETD_SERVER_TRAFFIC_CONTROLLER_H