This is needed for the iorapd project (i/o readahead).
Change-Id: If6a3de682296bbce0fc808a0eced6bd778106292
Signed-off-by: Joel Fernandes <joelaf@google.com>
Add a helper function to set sufficient MEMLOCK rlimit
for bpf related unit tests.
Bug: 119279144
Bug: 129246448
Test: libbpf_android_test
Change-Id: I5390f4d3b21436abff69a661d1c6e6a6749542ed
Since bpfloader is only used to create the bpf maps and load bpf
programs on android devices. It is okay to set the MEMLOCK rlimit of
bpfloader to the proper size needed by bpf maps regardless of the global
device values. It helps partner to adopt the bpf feature without
changing the device configuration.
Bug: 119279144
Bug: 129246448
Test: remove device specific rlimit and build and verify bpf maps
created.
Change-Id: Ib97d1d304f4ea9a6215afed76e1c1e28f1415221
We don't have the appropriate selinux privs to create the maps anyway.
Test: builds (when combined with system/netd change)
'git grep getOrCreate' in system/{bpf,netd} comes up empty
atest netd_unit_test netd_integration_test libbpf_android_test
Bug: 65674744
Bug: 129654883
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Idffbce5b28b723943c6495cfafdecddc7a0f4e67
This was necessary when the netd BPF program lived in system/bpf,
but it's no longer necessary.
Test: m
Bug: 65674744
Change-Id: I1fcf7e41276341b1258adf9d3795e81b6139f84f
The data collected by this program currently has no consumers, so
there's no need to load it or include it in the bpfloader build yet.
Test: make bpfloader
Change-Id: I206d94e3da34dc3b81bdbfdd4a00b05cfb624f48
Signed-off-by: Connor O'Brien <connoro@google.com>
For the eBPF programs that only related to networking, move them back
to netd so for the future changes in networking eBPF area, there is not
need to make changes in both netd project and bpf project.
Bug: 112334572
Test: mmma -j32 system/bpf
Change-Id: Icd0efd165c60c055a00fe88705a0c8070c0d22f5
For devices with 4.14 kernel shipping with bpf feature, they support more
functionality compared to 4.9 kernels. So when checking if the device
supports a given bpf feature, return a bpf level dependent on the detailed
kernel version instead of a simple boolean. This information would be
useful when we support new features such as map_in_map and cgroup socket
filters.
Bug: 111441138
Test: libnetdbpf_test, netd_integration_test
Change-Id: Ib51a56a35643ad76b58987ba1938c69905d28141
The BPF helper is moved into system/bpf/include/ and is available
to all BPF programs in the include search path. Make use of it.
Only minor refactor, no functional change.
Bug: 122665156
Change-Id: Ib5b495aff83874d39abe3640fb369b2ff92b3239
Signed-off-by: Joel Fernandes <joelaf@google.com>
Changed finds that use a string with a single character ("X"), to 'X'.
Remove using statements from header file.
Add a couple of missing includes.
Changed a couple of functions that take a string to const string& to
avoid extra copies.
Test: No warnings when compiled, unit tests pass.
Change-Id: I218ee0e6b6c7fb1c79d1337c1ce3d6f1e318a3cd
For new kernel that support cgroup socket filter, use bpf programs to
control the creation of inet socket.
Bug: 111560570
Bug: 111560739
Test: dumpsys netd trafficcontroller
Change-Id: I94efcdccfcd17f08c731caa700ea5797f2f56e7d
Add support for cgroup socket filter program loading in bpfloader,
and create a uid permission map to store the uids that have INTERNET
permission.
Bug: 111560570
Bug: 111560739
Test: dumpsys netd trafficcontroller
Change-Id: I658f533d302cb594d7b36d4a3a2a70e394874c33
which maps to BPF_PROG_TYPE_SCHED_CLS
Bug: 65674744
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I7ca5912756c575e2c0667b9dae2d24471845e028
bpfloader now has CAP_SYS_ADMIN, which allows it to load programs like
time_in_state.o that use eBPF's tracepoint support.
Test: make bpfloader
Test: ls /sys/fs/bpf/ shows time_in_state progs and maps are created
Bug: 112334572
Bug: 78498733
Change-Id: Iedff50381c9ee2b3bdfc6c01b2e2ccaeaf0917d5
Signed-off-by: Connor O'Brien <connoro@google.com>
Use two maps to record the details of network stats and swap and clean
up after system server pulls the stats. The kernel program checks the
bpf map currently enabled before updating the stats and updates on the
corresponding map. Remove the TAG_STATS_MAP since we don't need to worry
about uid stats overflow problem. All the stats can be stored in the
same map until system server scrapes the stats and clean it up.
Bug: 79171384
Test: dumpsys netd trafficcontroller
CtsUsageStatsTestCases
Change-Id: Ic79e382f51bf21eee78c4cac5a8a97edaf3654cd
