commit 84a8dcaf07edd78977dbce2924d950500a66293b
author Benedict Wong <benedictwong@google.com> Fri Jan 19 12:12:17 2018 -0800
committer Nathan Harold <nharold@google.com> Wed Jan 24 00:44:44 2018 -0800
tree 5da2c0295b2bf7672d422bdb7c260b792b0feeec
parent 3bc6509b7495238b98b52a363ce5edf7926e8279

Add global policy methods to aidl

Exposes global policy add/remove methods to aidl, allowing java system
services to use it. This will be used for tunnel mode, where security
policies must be added/updated/deleted, and logic should preferably be
in IpSecService.

Bug: 63588681
Test: Compiles
Change-Id: Ie6e99ba18ac5930273c91e81e320a2987fa17815

server/NetdNativeService.h

diff --git a/server/NetdNativeService.h b/server/NetdNativeService.h
index 90a5c87..5858588 100644
--- a/server/NetdNativeService.h
+++ b/server/NetdNativeService.h
@@ -149,6 +149,32 @@
     binder::Status ipSecRemoveTransportModeTransform(
             const android::base::unique_fd& socket);
 
+    binder::Status ipSecAddSecurityPolicy(
+            int32_t transformId,
+            int32_t direction,
+            const std::string& sourceAddress,
+            const std::string& destinationAddress,
+            int32_t spi,
+            int32_t markValue,
+            int32_t markMask);
+
+    binder::Status ipSecUpdateSecurityPolicy(
+            int32_t transformId,
+            int32_t direction,
+            const std::string& sourceAddress,
+            const std::string& destinationAddress,
+            int32_t spi,
+            int32_t markValue,
+            int32_t markMask);
+
+    binder::Status ipSecDeleteSecurityPolicy(
+            int32_t transformId,
+            int32_t direction,
+            const std::string& sourceAddress,
+            const std::string& destinationAddress,
+            int32_t markValue,
+            int32_t markMask);
+
     binder::Status trafficCheckBpfStatsEnable(bool* ret) override;
 };