Change gid of cgroupskb/<ingress|egress>/stats

Change gid BPF programs from AID_ROOT to AID_SYSTEM because system_server needs to access them. Bug: 202086915 Test: test in Ib0e935ee2b714ac61daceba6d13fa7a20f97f68f Change-Id: I8c0019f141414994aad2986cc5dfdb7dd027a36a
2022-02-09 10:00:30 +08:00
parent 1513c9991e
commit e541aa40ac
1 changed files with 2 additions and 2 deletions
--- a/bpf_progs/netd.c
+++ b/bpf_progs/netd.c
@@ -297,12 +297,12 @@ static __always_inline inline int bpf_traffic_account(struct __sk_buff* skb, int
    return match;
 }

-DEFINE_BPF_PROG("cgroupskb/ingress/stats", AID_ROOT, AID_ROOT, bpf_cgroup_ingress)
+DEFINE_BPF_PROG("cgroupskb/ingress/stats", AID_ROOT, AID_SYSTEM, bpf_cgroup_ingress)
 (struct __sk_buff* skb) {
    return bpf_traffic_account(skb, BPF_INGRESS);
 }

-DEFINE_BPF_PROG("cgroupskb/egress/stats", AID_ROOT, AID_ROOT, bpf_cgroup_egress)
+DEFINE_BPF_PROG("cgroupskb/egress/stats", AID_ROOT, AID_SYSTEM, bpf_cgroup_egress)
 (struct __sk_buff* skb) {
    return bpf_traffic_account(skb, BPF_EGRESS);
 }