commit fbe76b984233d0d8a84f5eafeaa01da7151c64ad
author Lorenzo Colitti <lorenzo@google.com> Wed Sep 14 02:25:05 2016 +0900
committer Lorenzo Colitti <lorenzo@google.com> Tue Oct 25 17:52:49 2016 +0900
tree c2bfc419f8b5c651535a220c9cc15952b4bec4e4
parent 55b06f85b13553b7b0b5a76f650f452d5a9473c5

Close sockets when changing network permissions.

Bug: 23113288

(cherry picked from commit c6201c3754710e235f16118761b23760ff4136ad)

Change-Id: I1407644e06e960e453a31b298e46ef866f0eebd2

server/SockDiag.h

diff --git a/server/SockDiag.h b/server/SockDiag.h
index e397793..396b915 100644
--- a/server/SockDiag.h
+++ b/server/SockDiag.h
@@ -24,6 +24,7 @@
 #include <functional>
 #include <set>
 
+#include "Permission.h"
 #include "UidRanges.h"
 
 struct inet_diag_msg;
@@ -58,6 +59,10 @@
     // Destroys all "live" (CONNECTED, SYN_SENT, SYN_RECV) TCP sockets for the given UID ranges.
     int destroySockets(const UidRanges& uidRanges, const std::set<uid_t>& skipUids,
                        bool excludeLoopback);
+    // Destroys all "live" (CONNECTED, SYN_SENT, SYN_RECV) TCP sockets that no longer have
+    // the permissions required by the specified network.
+    int destroySocketsLackingPermission(unsigned netId, Permission permission,
+                                        bool excludeLoopback);
 
   private:
     friend class SockDiagTest;
@@ -66,7 +71,7 @@
     int mSocketsDestroyed;
     int sendDumpRequest(uint8_t proto, uint8_t family, uint32_t states, iovec *iov, int iovcnt);
     int destroySockets(uint8_t proto, int family, const char *addrstr);
-    int destroyLiveSockets(DumpCallback destroy);
+    int destroyLiveSockets(DumpCallback destroy, const char *what, iovec *iov, int iovcnt);
     bool hasSocks() { return mSock != -1 && mWriteSock != -1; }
     void closeSocks() { close(mSock); close(mWriteSock); mSock = mWriteSock = -1; }
     static bool isLoopbackSocket(const inet_diag_msg *msg);