Add XFRM Interface creation logic
This change adds logic to create XFRM interfaces.
AddVirtualTunnelInterface and RemoveVirtualTunnelInterface also have
been renamed to the more standard ipSec* naming scheme, as well as
returning a Status instead of integers as part of extracting common
code.
This patch should change no functionality.
This is part of a patch set to enable XFRM-I support, with automatic
fallbacks to VTI in XfrmController (1/3)
Bug: 77856928
Test: Binder, unit tests passing on devices with, and without XFRM-I
Change-Id: I403b01f7817715117faa270277db67ba40bbf6dd
diff --git a/server/NetdNativeService.cpp b/server/NetdNativeService.cpp
index ebf1788..7bcc392 100644
--- a/server/NetdNativeService.cpp
+++ b/server/NetdNativeService.cpp
@@ -869,59 +869,48 @@
transformId, selAddrFamily, direction, markValue, markMask));
}
-binder::Status NetdNativeService::addVirtualTunnelInterface(
- const std::string& deviceName,
- const std::string& localAddress,
- const std::string& remoteAddress,
- int32_t iKey,
- int32_t oKey) {
+binder::Status NetdNativeService::ipSecAddTunnelInterface(const std::string& deviceName,
+ const std::string& localAddress,
+ const std::string& remoteAddress,
+ int32_t iKey, int32_t oKey) {
// Necessary locking done in IpSecService and kernel
ENFORCE_PERMISSION(NETWORK_STACK);
- gLog.log("addVirtualTunnelInterface()");
- int ret = gCtls->xfrmCtrl.addVirtualTunnelInterface(
- deviceName,
- localAddress,
- remoteAddress,
- iKey,
- oKey,
- false);
+ auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
- return (ret == 0) ? binder::Status::ok() :
- asBinderStatus(netdutils::statusFromErrno(
- ret, "Error in creating virtual tunnel interface."));
+ netdutils::Status result = gCtls->xfrmCtrl.ipSecAddTunnelInterface(
+ deviceName, localAddress, remoteAddress, iKey, oKey, false);
+ RETURN_BINDER_STATUS_IF_NOT_OK(entry, result);
+
+ gLog.log(entry.returns(result).withAutomaticDuration());
+ return binder::Status::ok();
}
-binder::Status NetdNativeService::updateVirtualTunnelInterface(
- const std::string& deviceName,
- const std::string& localAddress,
- const std::string& remoteAddress,
- int32_t iKey,
- int32_t oKey) {
+binder::Status NetdNativeService::ipSecUpdateTunnelInterface(const std::string& deviceName,
+ const std::string& localAddress,
+ const std::string& remoteAddress,
+ int32_t iKey, int32_t oKey) {
// Necessary locking done in IpSecService and kernel
ENFORCE_PERMISSION(NETWORK_STACK);
- gLog.log("updateVirtualTunnelInterface()");
- int ret = gCtls->xfrmCtrl.addVirtualTunnelInterface(
- deviceName,
- localAddress,
- remoteAddress,
- iKey,
- oKey,
- true);
+ auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
- return (ret == 0) ? binder::Status::ok() :
- asBinderStatus(netdutils::statusFromErrno(
- ret, "Error in updating virtual tunnel interface."));
+ netdutils::Status result = gCtls->xfrmCtrl.ipSecAddTunnelInterface(
+ deviceName, localAddress, remoteAddress, iKey, oKey, true);
+ RETURN_BINDER_STATUS_IF_NOT_OK(entry, result);
+
+ gLog.log(entry.returns(result).withAutomaticDuration());
+ return binder::Status::ok();
}
-binder::Status NetdNativeService::removeVirtualTunnelInterface(const std::string& deviceName) {
+binder::Status NetdNativeService::ipSecRemoveTunnelInterface(const std::string& deviceName) {
// Necessary locking done in IpSecService and kernel
ENFORCE_PERMISSION(NETWORK_STACK);
- gLog.log("removeVirtualTunnelInterface()");
- int ret = gCtls->xfrmCtrl.removeVirtualTunnelInterface(deviceName);
+ auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__);
- return (ret == 0) ? binder::Status::ok() :
- asBinderStatus(netdutils::statusFromErrno(
- ret, "Error in removing virtual tunnel interface."));
+ netdutils::Status result = gCtls->xfrmCtrl.ipSecRemoveTunnelInterface(deviceName);
+ RETURN_BINDER_STATUS_IF_NOT_OK(entry, result);
+
+ gLog.log(entry.returns(result).withAutomaticDuration());
+ return binder::Status::ok();
}
binder::Status NetdNativeService::setIPv6AddrGenMode(const std::string& ifName,