From 2686cea965f153e9ca2bb0a65531aed603f15fea Mon Sep 17 00:00:00 2001 From: Motomu Utsumi Date: Wed, 29 Mar 2023 15:20:56 +0900 Subject: [PATCH] Close sockets from ConnectivityService#setFirewallChainEnabled And replace netd.socketDestroy by Java implementation Bug: 270298713 Test: atest FrameworksNetTests CtsNetTestCases Change-Id: I744b98ac1be04a1aede9d96787305e5a1a9d9ae6 --- .../module/util/netlink/InetDiagMessage.java | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/staticlibs/device/com/android/net/module/util/netlink/InetDiagMessage.java b/staticlibs/device/com/android/net/module/util/netlink/InetDiagMessage.java index d462c53a68..e69a844c61 100644 --- a/staticlibs/device/com/android/net/module/util/netlink/InetDiagMessage.java +++ b/staticlibs/device/com/android/net/module/util/netlink/InetDiagMessage.java @@ -468,6 +468,23 @@ public class InetDiagMessage extends NetlinkMessage { && !isAdbSocket(diagMsg)); } + /** + * Close tcp sockets that match the following condition + * 1. TCP status is one of TCP_ESTABLISHED, TCP_SYN_SENT, and TCP_SYN_RECV + * 2. Owner uid of socket is in the targetUids + * 3. Socket is not loopback + * 4. Socket is not adb socket + * + * @param ownerUids target uids to close sockets + */ + public static void destroyLiveTcpSocketsByOwnerUids(Set ownerUids) + throws SocketException, InterruptedIOException, ErrnoException { + destroySockets(IPPROTO_TCP, TCP_ALIVE_STATE_FILTER, + (diagMsg) -> ownerUids.contains(diagMsg.inetDiagMsg.idiag_uid) + && !isLoopback(diagMsg) + && !isAdbSocket(diagMsg)); + } + @Override public String toString() { return "InetDiagMessage{ "