simplify: BpfLevel -> BpfEnabled where appropriate
bpf::BpfLevel getBpfLevel() --> bool getBpfEnabled()
bpf::BpfLevel mBpfLevel --> bool mBpfEnabled
Test: build, atest
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Idb5f9ed10e123a5653047b9d31c7245b9cb8a46e
diff --git a/server/Controllers.cpp b/server/Controllers.cpp
index f844544..5af8a91 100644
--- a/server/Controllers.cpp
+++ b/server/Controllers.cpp
@@ -288,7 +288,7 @@
}
gLog.info("Initializing traffic control: %" PRId64 "us", s.getTimeAndResetUs());
- bandwidthCtrl.setBpfEnabled(trafficCtrl.getBpfLevel() != android::bpf::BpfLevel::NONE);
+ bandwidthCtrl.setBpfEnabled(trafficCtrl.getBpfEnabled());
bandwidthCtrl.enableBandwidthControl();
gLog.info("Enabling bandwidth control: %" PRId64 "us", s.getTimeAndResetUs());
diff --git a/server/FirewallController.cpp b/server/FirewallController.cpp
index 85a054a..3c070ce 100644
--- a/server/FirewallController.cpp
+++ b/server/FirewallController.cpp
@@ -41,7 +41,6 @@
using android::base::Split;
using android::base::StringAppendF;
using android::base::StringPrintf;
-using android::bpf::BpfLevel;
using android::net::gCtls;
namespace {
@@ -55,7 +54,7 @@
const char kUidMapProcFile[] = "/proc/self/uid_map";
bool getBpfOwnerStatus() {
- return gCtls->trafficCtrl.getBpfLevel() != BpfLevel::NONE;
+ return gCtls->trafficCtrl.getBpfEnabled();
}
} // namespace
diff --git a/server/TrafficController.cpp b/server/TrafficController.cpp
index 55f8cd0..d676ac5 100644
--- a/server/TrafficController.cpp
+++ b/server/TrafficController.cpp
@@ -182,12 +182,12 @@
}
TrafficController::TrafficController()
- : mBpfLevel(getBpfSupportLevel()),
+ : mBpfEnabled(isBpfSupported()),
mPerUidStatsEntriesLimit(PER_UID_STATS_ENTRIES_LIMIT),
mTotalUidStatsEntriesLimit(TOTAL_UID_STATS_ENTRIES_LIMIT) {}
TrafficController::TrafficController(uint32_t perUidLimit, uint32_t totalLimit)
- : mBpfLevel(getBpfSupportLevel()),
+ : mBpfEnabled(isBpfSupported()),
mPerUidStatsEntriesLimit(perUidLimit),
mTotalUidStatsEntriesLimit(totalLimit) {}
@@ -297,7 +297,7 @@
}
Status TrafficController::start() {
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
return netdutils::status::ok;
}
@@ -364,7 +364,7 @@
return -EPERM;
}
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
if (legacy_tagSocket(sockFd, tag, uid)) return -errno;
return 0;
}
@@ -432,7 +432,7 @@
int TrafficController::untagSocket(int sockFd) {
std::lock_guard guard(mMutex);
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
if (legacy_untagSocket(sockFd)) return -errno;
return 0;
}
@@ -453,7 +453,7 @@
std::lock_guard guard(mMutex);
if (!hasUpdateDeviceStatsPermission(callingUid)) return -EPERM;
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
if (legacy_setCounterSet(counterSetNum, uid)) return -errno;
return 0;
}
@@ -486,7 +486,7 @@
std::lock_guard guard(mMutex);
if (!hasUpdateDeviceStatsPermission(callingUid)) return -EPERM;
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
if (legacy_deleteTagData(tag, uid)) return -errno;
return 0;
}
@@ -551,7 +551,7 @@
}
int TrafficController::addInterface(const char* name, uint32_t ifaceIndex) {
- if (mBpfLevel == BpfLevel::NONE) return 0;
+ if (!mBpfEnabled) return 0;
IfaceValue iface;
if (ifaceIndex == 0) {
@@ -668,7 +668,7 @@
int TrafficController::changeUidOwnerRule(ChildChain chain, uid_t uid, FirewallRule rule,
FirewallType type) {
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
ALOGE("bpf is not set up, should use iptables rule");
return -ENOSYS;
}
@@ -721,7 +721,7 @@
Status TrafficController::addUidInterfaceRules(const int iif,
const std::vector<int32_t>& uidsToAdd) {
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
ALOGW("UID ingress interface filtering not possible without BPF owner match");
return statusFromErrno(EOPNOTSUPP, "eBPF not supported");
}
@@ -740,7 +740,7 @@
}
Status TrafficController::removeUidInterfaceRules(const std::vector<int32_t>& uidsToDelete) {
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
ALOGW("UID ingress interface filtering not possible without BPF owner match");
return statusFromErrno(EOPNOTSUPP, "eBPF not supported");
}
@@ -818,14 +818,14 @@
return -res.code();
}
-BpfLevel TrafficController::getBpfLevel() {
- return mBpfLevel;
+bool TrafficController::getBpfEnabled() {
+ return mBpfEnabled;
}
Status TrafficController::swapActiveStatsMap() {
std::lock_guard guard(mMutex);
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
return statusFromErrno(EOPNOTSUPP, "This device doesn't have eBPF support");
}
@@ -871,7 +871,7 @@
// Clean up all permission information for the related uid if all the
// packages related to it are uninstalled.
mPrivilegedUser.erase(uid);
- if (mBpfLevel > BpfLevel::NONE) {
+ if (mBpfEnabled) {
Status ret = mUidPermissionMap.deleteValue(uid);
if (!isOk(ret) && ret.code() != ENOENT) {
ALOGE("Failed to clean up the permission for %u: %s", uid,
@@ -892,7 +892,7 @@
}
// Skip the bpf map operation if not supported.
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
continue;
}
// The map stores all the permissions that the UID has, except if the only permission
@@ -950,9 +950,10 @@
dw.println("TrafficController");
ScopedIndent indentPreBpfModule(dw);
- dw.println("BPF module status: %s", BpfLevelToString(mBpfLevel).c_str());
+ dw.println("BPF module status: %s", mBpfEnabled ? "enabled" : "disabled");
+ dw.println("BPF support level: %s", BpfLevelToString(getBpfSupportLevel()).c_str());
- if (mBpfLevel == BpfLevel::NONE) {
+ if (!mBpfEnabled) {
return;
}
diff --git a/server/TrafficController.h b/server/TrafficController.h
index 741ceb7..a2539a9 100644
--- a/server/TrafficController.h
+++ b/server/TrafficController.h
@@ -81,7 +81,7 @@
* Check if the current device have the bpf traffic stats accounting service
* running.
*/
- bpf::BpfLevel getBpfLevel();
+ bool getBpfEnabled();
/*
* Swap the stats map config from current active stats map to the idle one.
@@ -209,7 +209,7 @@
netdutils::Status addRule(BpfMap<uint32_t, UidOwnerValue>& map, uint32_t uid,
UidOwnerMatchType match, uint32_t iif = 0) REQUIRES(mMutex);
- bpf::BpfLevel mBpfLevel;
+ bool mBpfEnabled;
// mMutex guards all accesses to mConfigurationMap, mUidOwnerMap, mUidPermissionMap,
// mStatsMapA, mStatsMapB and mPrivilegedUser. It is designed to solve the following