commit 47dd073ca85df9fa7dc611f7b6fafcb0f7fccefa
author Chenbo Feng <fengc@google.com> Tue Dec 11 12:23:24 2018 -0800
committer Chenbo Feng <fengc@google.com> Fri Feb 15 04:33:30 2019 +0000
tree 2819bfe21613d72a1e7f89f3c71b5d77ff6f9d83
parent abdb0bde3a39717c5b8c2e1f8b2b5687880bf85e

Get bpf level when check bpf support

Instead of return boolean, bpf support check now returns a integer
represent the current bpf level on device. This level is used to decide
if the device support some advanced bpf feature such as map_in_map and
bpf cgroup socket filter. Delete the binder call for bpf status check
since no one is using it.

Bug: 111441138
Test: libnetdbpf_test, netd_integration_test
Change-Id: Ib70c07647ffe491d493b4582b4b4b0eba7caf3a9

server/TrafficController.cpp

diff --git a/server/TrafficController.cpp b/server/TrafficController.cpp
index e3b950c..677f32c 100644
--- a/server/TrafficController.cpp
+++ b/server/TrafficController.cpp
@@ -157,9 +157,7 @@
     return netdutils::status::ok;
 }
 
-TrafficController::TrafficController() {
-    ebpfSupported = hasBpfSupport();
-}
+TrafficController::TrafficController() : mBpfLevel(getBpfSupportLevel()) {}
 
 Status TrafficController::initMaps() {
     std::lock_guard ownerMapGuard(mOwnerMatchMutex);
@@ -260,8 +258,7 @@
 }
 
 Status TrafficController::start() {
-
-    if (!ebpfSupported) {
+    if (mBpfLevel == BpfLevel::NONE) {
         return netdutils::status::ok;
     }
 
@@ -326,7 +323,7 @@
         return -EPERM;
     }
 
-    if (!ebpfSupported) {
+    if (mBpfLevel == BpfLevel::NONE) {
         if (legacy_tagSocket(sockFd, tag, uid)) return -errno;
         return 0;
     }
@@ -349,7 +346,7 @@
 }
 
 int TrafficController::untagSocket(int sockFd) {
-    if (!ebpfSupported) {
+    if (mBpfLevel == BpfLevel::NONE) {
         if (legacy_untagSocket(sockFd)) return -errno;
         return 0;
     }
@@ -368,7 +365,7 @@
 
     if (!hasUpdateDeviceStatsPermission(callingUid)) return -EPERM;
 
-    if (!ebpfSupported) {
+    if (mBpfLevel == BpfLevel::NONE) {
         if (legacy_setCounterSet(counterSetNum, uid)) return -errno;
         return 0;
     }
@@ -400,7 +397,7 @@
 int TrafficController::deleteTagData(uint32_t tag, uid_t uid, uid_t callingUid) {
     if (!hasUpdateDeviceStatsPermission(callingUid)) return -EPERM;
 
-    if (!ebpfSupported) {
+    if (mBpfLevel == BpfLevel::NONE) {
         if (legacy_deleteTagData(tag, uid)) return -errno;
         return 0;
     }
@@ -462,7 +459,7 @@
 }
 
 int TrafficController::addInterface(const char* name, uint32_t ifaceIndex) {
-    if (!ebpfSupported) return 0;
+    if (mBpfLevel == BpfLevel::NONE) return 0;
 
     IfaceValue iface;
     if (ifaceIndex == 0) {
@@ -563,7 +560,7 @@
 
 int TrafficController::changeUidOwnerRule(ChildChain chain, uid_t uid, FirewallRule rule,
                                           FirewallType type) {
-    if (!ebpfSupported) {
+    if (mBpfLevel == BpfLevel::NONE) {
         ALOGE("bpf is not set up, should use iptables rule");
         return -ENOSYS;
     }
@@ -677,8 +674,8 @@
     return -res.code();
 }
 
-bool TrafficController::checkBpfStatsEnable() {
-    return ebpfSupported;
+BpfLevel TrafficController::getBpfLevel() {
+    return mBpfLevel;
 }
 
 void TrafficController::setPermissionForUids(int permission, const std::vector<uid_t>& uids) {
@@ -746,9 +743,9 @@
     dw.println("TrafficController");
 
     ScopedIndent indentPreBpfModule(dw);
-    dw.println("BPF module status: %s", ebpfSupported? "ON" : "OFF");
+    dw.println("BPF module status: %s", BpfLevelToString(mBpfLevel).c_str());
 
-    if (!ebpfSupported) {
+    if (mBpfLevel == BpfLevel::NONE) {
         return;
     }