LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "bpf: don't offload IPv4 packets with TCP port 21 (ftp) and 1723 (pptp)"

Browse Source
This commit is contained in:
Lorenzo Colitti
2021-08-20 03:24:09 +00:00
committed by Gerrit Code Review
parent 1c603e7ec3 bc85178435
commit ad8fb7fce4
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
Tethering/src/com/android/networkstack/tethering/BpfCoordinator.java
View File

@@ -131,6 +131,11 @@ public class BpfCoordinator {
@VisibleForTesting @VisibleForTesting
static final int NF_CONNTRACK_UDP_TIMEOUT_STREAM = 180; static final int NF_CONNTRACK_UDP_TIMEOUT_STREAM = 180;
// List of TCP port numbers which aren't offloaded because the packets require the netfilter
// conntrack helper. See also TetherController::setForwardRules in netd.
static final short [] NON_OFFLOADED_UPSTREAM_IPV4_TCP_PORTS = new short [] {
21 /* ftp */, 1723 /* pptp */};
@VisibleForTesting @VisibleForTesting
enum StatsType { enum StatsType {
STATS_PER_IFACE, STATS_PER_IFACE,
@@ -1556,7 +1561,18 @@ public class BpfCoordinator {
0 /* lastUsed, filled by bpf prog only */); 0 /* lastUsed, filled by bpf prog only */);
} }
private boolean requireOffload(ConntrackEvent e) {
if (e.tupleOrig.protoNum != OsConstants.IPPROTO_TCP) return true;
for (final short port : NON_OFFLOADED_UPSTREAM_IPV4_TCP_PORTS) {
if (port == e.tupleOrig.dstPort) return false;
}
return true;
}
public void accept(ConntrackEvent e) { public void accept(ConntrackEvent e) {
if (!requireOffload(e)) return;
final ClientInfo tetherClient = getClientInfo(e.tupleOrig.srcIp); final ClientInfo tetherClient = getClientInfo(e.tupleOrig.srcIp);
if (tetherClient == null) return; if (tetherClient == null) return;