Merge "Dump bpf program status in dumpsys" into main

2023-10-19 09:33:27 +00:00
parent 6809bbde8e 155760b57b
commit eb75416136
4 changed files with 61 additions and 6 deletions
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -100,6 +100,11 @@ import static android.system.OsConstants.ETH_P_ALL;
 import static android.system.OsConstants.IPPROTO_TCP;
 import static android.system.OsConstants.IPPROTO_UDP;

+import static com.android.net.module.util.BpfUtils.BPF_CGROUP_INET4_BIND;
+import static com.android.net.module.util.BpfUtils.BPF_CGROUP_INET6_BIND;
+import static com.android.net.module.util.BpfUtils.BPF_CGROUP_INET_EGRESS;
+import static com.android.net.module.util.BpfUtils.BPF_CGROUP_INET_INGRESS;
+import static com.android.net.module.util.BpfUtils.BPF_CGROUP_INET_SOCK_CREATE;
 import static com.android.net.module.util.NetworkMonitorUtils.isPrivateDnsValidationRequired;
 import static com.android.net.module.util.PermissionUtils.checkAnyPermissionOf;
 import static com.android.net.module.util.PermissionUtils.enforceAnyPermissionOf;
@@ -279,6 +284,7 @@ import com.android.modules.utils.build.SdkLevel;
 import com.android.net.module.util.BaseNetdUnsolicitedEventListener;
 import com.android.net.module.util.BinderUtils;
 import com.android.net.module.util.BitUtils;
+import com.android.net.module.util.BpfUtils;
 import com.android.net.module.util.CollectionUtils;
 import com.android.net.module.util.DeviceConfigUtils;
 import com.android.net.module.util.InterfaceParams;
@@ -1527,6 +1533,14 @@ public class ConnectivityService extends IConnectivityManager.Stub
            }
        }

+        /**
+         * Get BPF program Id from CGROUP. See {@link BpfUtils#getProgramId}.
+         */
+        public int getBpfProgramId(final int attachType, @NonNull final String cgroupPath)
+                throws IOException {
+            return BpfUtils.getProgramId(attachType, cgroupPath);
+        }
+
        /**
         * Wraps {@link BroadcastOptionsShimImpl#newInstance(BroadcastOptions)}
         */
@@ -3251,6 +3265,26 @@ public class ConnectivityService extends IConnectivityManager.Stub
        pw.decreaseIndent();
    }

+    private void dumpBpfProgramStatus(IndentingPrintWriter pw) {
+        pw.println("Bpf Program Status:");
+        pw.increaseIndent();
+        try {
+            pw.print("CGROUP_INET_INGRESS: ");
+            pw.println(mDeps.getBpfProgramId(BPF_CGROUP_INET_INGRESS, BpfUtils.CGROUP_PATH));
+            pw.print("CGROUP_INET_EGRESS: ");
+            pw.println(mDeps.getBpfProgramId(BPF_CGROUP_INET_EGRESS, BpfUtils.CGROUP_PATH));
+            pw.print("CGROUP_INET_SOCK_CREATE: ");
+            pw.println(mDeps.getBpfProgramId(BPF_CGROUP_INET_SOCK_CREATE, BpfUtils.CGROUP_PATH));
+            pw.print("CGROUP_INET4_BIND: ");
+            pw.println(mDeps.getBpfProgramId(BPF_CGROUP_INET4_BIND, BpfUtils.CGROUP_PATH));
+            pw.print("CGROUP_INET6_BIND: ");
+            pw.println(mDeps.getBpfProgramId(BPF_CGROUP_INET6_BIND, BpfUtils.CGROUP_PATH));
+        } catch (IOException e) {
+            pw.println("  IOException");
+        }
+        pw.decreaseIndent();
+    }
+
    @VisibleForTesting
    static final String KEY_DESTROY_FROZEN_SOCKETS_VERSION = "destroy_frozen_sockets_version";
    @VisibleForTesting
@@ -3864,6 +3898,9 @@ public class ConnectivityService extends IConnectivityManager.Stub
        pw.println();
        dumpCloseFrozenAppSockets(pw);

+        pw.println();
+        dumpBpfProgramStatus(pw);
+
        pw.println();

        if (!CollectionUtils.contains(args, SHORT_ARG)) {
--- a/service/src/com/android/server/connectivity/ConnectivityNativeService.java
+++ b/service/src/com/android/server/connectivity/ConnectivityNativeService.java
@@ -16,9 +16,6 @@

 package com.android.server.connectivity;

-import static com.android.net.module.util.BpfUtils.BPF_CGROUP_INET4_BIND;
-import static com.android.net.module.util.BpfUtils.BPF_CGROUP_INET6_BIND;
-
 import android.annotation.NonNull;
 import android.annotation.Nullable;
 import android.content.Context;
@@ -31,11 +28,9 @@ import android.util.Log;

 import com.android.internal.annotations.VisibleForTesting;
 import com.android.net.module.util.BpfBitmap;
-import com.android.net.module.util.BpfUtils;
 import com.android.net.module.util.CollectionUtils;
 import com.android.net.module.util.PermissionUtils;

-import java.io.IOException;
 import java.util.ArrayList;

 /**
@@ -45,7 +40,7 @@ public class ConnectivityNativeService extends ConnectivityNative.Stub {
    public static final String SERVICE_NAME = "connectivity_native";

    private static final String TAG = ConnectivityNativeService.class.getSimpleName();
-    private static final String CGROUP_PATH = "/sys/fs/cgroup";
+
    private static final String BLOCKED_PORTS_MAP_PATH =
            "/sys/fs/bpf/net_shared/map_block_blocked_ports_map";

--- a/staticlibs/device/com/android/net/module/util/BpfUtils.java
+++ b/staticlibs/device/com/android/net/module/util/BpfUtils.java
@@ -32,9 +32,13 @@ public class BpfUtils {
    // Defined in include/uapi/linux/bpf.h. Only adding the CGROUPS currently being used for now.
    public static final int BPF_CGROUP_INET_INGRESS = 0;
    public static final int BPF_CGROUP_INET_EGRESS = 1;
+    public static final int BPF_CGROUP_INET_SOCK_CREATE = 2;
    public static final int BPF_CGROUP_INET4_BIND = 8;
    public static final int BPF_CGROUP_INET6_BIND = 9;

+    // Note: This is only guaranteed to be accurate on U+ devices. It is likely to be accurate
+    // on T+ devices as well, but this is not guaranteed.
+    public static final String CGROUP_PATH = "/sys/fs/cgroup/";

    /**
     * Attach BPF program to CGROUP
@@ -52,6 +56,20 @@ public class BpfUtils {
        native_detachProgramFromCgroup(type, cgroupPath);
    }

+    /**
+     * Get BPF program Id from CGROUP.
+     *
+     * Note: This requires a 4.19 kernel which is only guaranteed on V+.
+     *
+     * @param attachType Bpf attach type. See bpf_attach_type in include/uapi/linux/bpf.h.
+     * @param cgroupPath Path of cgroup.
+     * @return Positive integer for a Program Id. 0 if no program is attached.
+     * @throws IOException if failed to open the cgroup directory or query bpf program.
+     */
+    public static int getProgramId(int attachType, @NonNull String cgroupPath) throws IOException {
+        return native_getProgramIdFromCgroup(attachType, cgroupPath);
+    }
+
    /**
     * Detach single BPF program from CGROUP
     */
--- a/tests/unit/java/com/android/server/ConnectivityServiceTest.java
+++ b/tests/unit/java/com/android/server/ConnectivityServiceTest.java
@@ -2275,6 +2275,11 @@ public class ConnectivityServiceTest {
            mActiveRateLimit.put(iface, -1L);
        }

+        @Override
+        public int getBpfProgramId(final int attachType, @NonNull final String cgroupPath) {
+            return 0;
+        }
+
        @Override
        public BroadcastOptionsShim makeBroadcastOptionsShim(BroadcastOptions options) {
            reset(mBroadcastOptionsShim);