Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / 10a5892fa2be06665ff477c996dc1823129dd19f^! / . / server / FirewallController.cpp
commit10a5892fa2be06665ff477c996dc1823129dd19f[log] [tgz]
authorMaciej Żenczykowski <maze@google.com>Tue Feb 11 15:40:19 2020 -0800
committerMaciej Żenczykowski <maze@google.com>Tue Feb 11 17:05:34 2020 -0800
treea35c7987b36fa8514f790b42acaa571cd4d9ce4d
parent69cd822147e99259616757edc06159ea23891938 [diff] [blame]
FirewallController - make mUseBpfOwnerMatch a bool

Test: builds, atest
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I422a74e7a6f44259bb5f0c7a88222328e432c35b

diff --git a/server/FirewallController.cpp b/server/FirewallController.cpp
index 7512c09..85a054a 100644
--- a/server/FirewallController.cpp
+++ b/server/FirewallController.cpp

@@ -54,8 +54,8 @@
 // Proc file containing the uid mapping for the user namespace of the current process.
 const char kUidMapProcFile[] = "/proc/self/uid_map";
 
-android::bpf::BpfLevel getBpfOwnerStatus() {
-    return gCtls->trafficCtrl.getBpfLevel();
+bool getBpfOwnerStatus() {
+    return gCtls->trafficCtrl.getBpfLevel() != BpfLevel::NONE;
 }
 
 }  // namespace
@@ -96,7 +96,7 @@
 int FirewallController::setupIptablesHooks(void) {
     int res = 0;
     mUseBpfOwnerMatch = getBpfOwnerStatus();
-    if (mUseBpfOwnerMatch != BpfLevel::NONE) {
+    if (mUseBpfOwnerMatch) {
         return res;
     }
     res |= createChain(LOCAL_DOZABLE, getFirewallType(DOZABLE));
@@ -160,7 +160,7 @@
             return res;
     }
 
-    if (mUseBpfOwnerMatch != BpfLevel::NONE) {
+    if (mUseBpfOwnerMatch) {
         return gCtls->trafficCtrl.toggleUidOwnerMap(chain, enable);
     }
 
@@ -259,7 +259,7 @@
             ALOGW("Unknown child chain: %d", chain);
             return -EINVAL;
     }
-    if (mUseBpfOwnerMatch != BpfLevel::NONE) {
+    if (mUseBpfOwnerMatch) {
         return gCtls->trafficCtrl.changeUidOwnerRule(chain, uid, rule, firewallType);
     }
 
@@ -347,12 +347,12 @@
 
 int FirewallController::replaceUidChain(
         const std::string &name, bool isWhitelist, const std::vector<int32_t>& uids) {
-    if (mUseBpfOwnerMatch != BpfLevel::NONE) {
+    if (mUseBpfOwnerMatch) {
         return gCtls->trafficCtrl.replaceUidOwnerMap(name, isWhitelist, uids);
-   }
-   std::string commands4 = makeUidRules(V4, name.c_str(), isWhitelist, uids);
-   std::string commands6 = makeUidRules(V6, name.c_str(), isWhitelist, uids);
-   return execIptablesRestore(V4, commands4.c_str()) | execIptablesRestore(V6, commands6.c_str());
+    }
+    std::string commands4 = makeUidRules(V4, name.c_str(), isWhitelist, uids);
+    std::string commands6 = makeUidRules(V6, name.c_str(), isWhitelist, uids);
+    return execIptablesRestore(V4, commands4.c_str()) | execIptablesRestore(V6, commands6.c_str());
 }
 
 /* static */