because it is not appropriate for use in XDP programs
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ibd5dac9676bae7aa5f10fbcfd777291f72bec819
and more importantly unconditionally. This requires less effort
on the part of the in-kernel bpf verifier.
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ibaa94bf096fc81c4d984dfabf515131b1c81ef09
Currently, this is the default so this is a no-op,
But the default is changing to true.
Bug: 180375550
Test: Treehugger
Change-Id: Ib841e474ab2b2ff2b54c160bb06c3bbbeea92675
We've backported the necessary support to all 4.14+ ACK kernels,
but we can't actually enforce that these changes will be picked
up by all devices. Thus we can only make the full featured
implementations optional on [4.14..5.8) kernels, with a tcp-only
version for those 4.14+ devices where the full featured version
fails to load.
Note: there's still a fair bit of implementation work left
in the do_forward4() function itself. This is really just
the skeleton.
Test: atest, TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: If78123e00d55a77f2ecd7da1547581797e23f9b2
This will facilitate providing a tcp-only version of the programs
which due to TCP's very long timeouts will not need to use the
Linux 5.8+ bpf_ktime_get_boot_ns() helpers.
Test: atest, TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I1e49b6758d3754782ac6f8820e0c15aa20e4c61d
As this is the actual version that is required,
ie. the version that supports bpf_ktime_get_boot_ns() helper.
Test: atest, TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I2ea4830597a0bed53950a5d0c483a47208959f35
The tethering module uses JNI in various classes, but only calls
System.loadLibrary in TetheringService#makeTethering. This means
that:
1. Any test that uses a class that uses JNI must load the
library itself.
2. Any code that runs before TetheringService#makeTethering could
potentially crash if it uses JNI. We may never have such code
though.
Instead, make every class that has a native method load the JNI
library itself at static initialization time. This guarantees
that the class will have the JNI code available in any context
(production, test, etc.)
System.loadLibrary is documented not to do anything if called
more than once with the same library name:
https://docs.oracle.com/javase/7/docs/api/java/lang/Runtime.html#loadLibrary(java.lang.String)
and the implementation has a lock so it is safe to call from
multiple threads concurrently.
Test: builds, boots, tethering starts
Test: atest TetheringCoverageTests
Change-Id: I9c0147ae9a28877f416aaff387b426d304ae552d
This CL adds the counters collected by the tethering programs to
the output of "dumpsys tethering bpf". The counter names are
fetched by JNI code at startup and then read by the debugging
code on demand.
Example from my device:
Forwarding errors:
TCP_CONTROL_PACKET: 67
NON_GLOBAL_SRC: 13
NON_GLOBAL_DST: 17
LOCAL_SRC_DST: 7
Test: manual (debug-only code)
Change-Id: I7ec7992612556a4bca5f1b6bb52c655d6d870201
Currently, the dump methods open BpfMap objects and never close
them. This leaks filedescriptors, and if dump is called often
enough, will crash the networkstack process.
Fix this by using try-with-resources statements that
automatically close the map when exiting the try block.
Change the signature of BpfMap#close from "throws Exception" to
"throws ErrnoException" since it does not throw any other type
of checked exceptions.
Test: "lsof | grep network_st" while running "dumpsys tethering bpf" in a loop
Change-Id: I66c407454c2715bf41bf3a2e81bd582f9ea5a905
Currently, debugging the tethering programs is not easy because
in case of any failure they simply return TC_ACT_OK. This CL adds
a number of counters that the program can increment in the case
of interesting events such as malformed packets.
At the moment the counters are stored in a global tethering error
map, which is an ARRAY map of 32-bit counters. This should not
take up much space because there are only a dozen of these.
We might not need all of these counters. In future CLs we can
reduce the number of counters, or perhaps move them to a map of
maps so as to have separate counters on a per-interface basis.
Test: manual
Change-Id: I3fcd7eb8d318700092949ff2f39987bf4ba3656c
This provides a place to store common definitions that can be
used by both the programs and by JNI code in the tethering
module.
Over time much of the tethering-specific code in bpf_shared.h
could move here.
Test: m
Bug: 177884581
Change-Id: I4bf2c762d61cd5db003d59880e6bf7d107ff1a07
