Switch to using typesafe kernel ebpf map accessors
Test: atest libbpf_android_test libnetdbpf_test netd_integration_test netd_unit_test netdutils_test resolv_integration_test resolv_unit_test
Bug: 130746652
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I1a2e8fe1bdf0914a90902666895705b45fd1f959
diff --git a/bpf_progs/netd.c b/bpf_progs/netd.c
index e752dc3..65f3b47 100644
--- a/bpf_progs/netd.c
+++ b/bpf_progs/netd.c
@@ -45,7 +45,7 @@
int xt_bpf_whitelist_prog(struct __sk_buff* skb) {
uint32_t sock_uid = bpf_get_socket_uid(skb);
if (is_system_uid(sock_uid)) return BPF_MATCH;
- struct UidOwnerValue* whitelistMatch = bpf_map_lookup_elem(&uid_owner_map, &sock_uid);
+ UidOwnerValue* whitelistMatch = bpf_uid_owner_map_lookup_elem(&sock_uid);
if (whitelistMatch) return whitelistMatch->rule & HAPPY_BOX_MATCH;
return BPF_NOMATCH;
}
@@ -53,17 +53,12 @@
SEC("skfilter/blacklist/xtbpf")
int xt_bpf_blacklist_prog(struct __sk_buff* skb) {
uint32_t sock_uid = bpf_get_socket_uid(skb);
- struct UidOwnerValue* blacklistMatch = bpf_map_lookup_elem(&uid_owner_map, &sock_uid);
+ UidOwnerValue* blacklistMatch = bpf_uid_owner_map_lookup_elem(&sock_uid);
if (blacklistMatch) return blacklistMatch->rule & PENALTY_BOX_MATCH;
return BPF_NOMATCH;
}
-struct bpf_map_def SEC("maps") uid_permission_map = {
- .type = BPF_MAP_TYPE_HASH,
- .key_size = sizeof(uint32_t),
- .value_size = sizeof(uint8_t),
- .max_entries = UID_OWNER_MAP_SIZE,
-};
+DEFINE_BPF_MAP(uid_permission_map, HASH, uint32_t, uint8_t, UID_OWNER_MAP_SIZE)
SEC("cgroupsock/inet/create")
int inet_socket_create(struct bpf_sock* sk) {
@@ -75,7 +70,7 @@
* run time. See UserHandle#isSameApp for detail.
*/
uint32_t appId = (gid_uid & 0xffffffff) % PER_USER_RANGE;
- uint8_t* permissions = bpf_map_lookup_elem(&uid_permission_map, &appId);
+ uint8_t* permissions = bpf_uid_permission_map_lookup_elem(&appId);
if (!permissions) {
// UID not in map. Default to just INTERNET permission.
return 1;