switch to classic bpf macros

Note: this switches
  com_android_networkstack_tethering_util_setupIcmpFilter
over to relative cbpf which in turn is called from:
  com_android_networkstack_tethering_util_setupNaSocket
  com_android_networkstack_tethering_util_setupNsSocket
and tested by p/m/C's:
  TetheringUtilsTest.java - testIcmpSocketFilters()

Test: TreeHugger, atest TetheringUtilsTest
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I22a5ea8f8e3b879a37fe4acd84f61020661eaa71

Tethering/jni/com_android_networkstack_tethering_util_TetheringUtils.cpp

@@ -18,21 +18,19 @@
 #include <error.h>
 #include <jni.h>
 #include <linux/filter.h>
+#include <linux/ipv6.h>
 #include <nativehelper/JNIHelp.h>
 #include <nativehelper/ScopedUtfChars.h>
 #include <netjniutils/netjniutils.h>
 #include <net/if.h>
 #include <netinet/ether.h>
-#include <netinet/ip6.h>
 #include <netinet/icmp6.h>
 #include <sys/socket.h>
 #include <stdio.h>
 
-namespace android {
+#include <bpf/BpfClassic.h>
 
-static const uint32_t kIPv6NextHeaderOffset = offsetof(ip6_hdr, ip6_nxt);
+namespace android {
-static const uint32_t kIPv6PayloadStart = sizeof(ip6_hdr);
-static const uint32_t kICMPv6TypeOffset = kIPv6PayloadStart + offsetof(icmp6_hdr, icmp6_type);
 
 static void throwSocketException(JNIEnv *env, const char* msg, int error) {
     jniThrowExceptionFmt(env, "java/net/SocketException", "%s: %s", msg, strerror(error));
@@ -42,18 +40,14 @@ static void com_android_networkstack_tethering_util_setupIcmpFilter(JNIEnv *env,
         uint32_t type) {
     sock_filter filter_code[] = {
         // Check header is ICMPv6.
-        BPF_STMT(BPF_LD  | BPF_B   | BPF_ABS,  kIPv6NextHeaderOffset),
+        BPF_LOAD_IPV6_U8(nexthdr),
-        BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K,    IPPROTO_ICMPV6, 0, 3),
+        BPF2_REJECT_IF_NOT_EQUAL(IPPROTO_ICMPV6),
 
         // Check ICMPv6 type.
-        BPF_STMT(BPF_LD  | BPF_B   | BPF_ABS,  kICMPv6TypeOffset),
+        BPF_LOAD_NET_RELATIVE_U8(sizeof(ipv6hdr) + offsetof(icmp6_hdr, icmp6_type)),
-        BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K,    type, 0, 1),
+        BPF2_REJECT_IF_NOT_EQUAL(type),
 
-        // Accept.
+        BPF_ACCEPT,
-        BPF_STMT(BPF_RET | BPF_K,              0xffff),
-
-        // Reject.
-        BPF_STMT(BPF_RET | BPF_K,              0)
     };
 
     const sock_fprog filter = {

framework/Android.bp

@@ -183,6 +183,7 @@ cc_library_shared {
         "libnativehelper",
     ],
     header_libs: [
+        "bpf_headers",
         "dnsproxyd_protocol_headers",
     ],
     stl: "none",

framework/jni/android_net_NetworkUtils.cpp

@@ -23,6 +23,7 @@
 #include <netinet/in.h>
 #include <string.h>
 
+#include <bpf/BpfClassic.h>
 #include <DnsProxydProtocol.h> // NETID_USE_LOCAL_NAMESERVERS
 #include <nativehelper/JNIPlatformHelp.h>
 #include <utils/Log.h>
@@ -55,11 +56,10 @@ static inline T MakeGlobalRefOrDie(JNIEnv* env, T in) {
 
 static void android_net_utils_attachDropAllBPFFilter(JNIEnv *env, jclass clazz, jobject javaFd)
 {
-    struct sock_filter filter_code[] = {
+    static struct sock_filter filter_code[] = {
-        // Reject all.
+        BPF_REJECT,
-        BPF_STMT(BPF_RET | BPF_K, 0)
     };
-    struct sock_fprog filter = {
+    static const struct sock_fprog filter = {
         sizeof(filter_code) / sizeof(filter_code[0]),
         filter_code,
     };