diff options
author | Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> | 2024-05-30 19:11:20 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2024-05-30 19:11:20 +0000 |
commit | 5f30a0c93606809044a4a629840c8d8755ccb3aa (patch) | |
tree | fdc577fd63271cb5b0b88de875c7be1bfee197d9 | |
parent | ce53978dd7166aaf3dd025b6c78cb132ce9f5aed (diff) | |
parent | 0a47ca4f15f5e66f3271fd214ecdd87fef4ae27a (diff) | |
download | netd-master.tar.gz |
-rw-r--r-- | include/Fwmark.h | 6 | ||||
-rw-r--r-- | server/RouteController.cpp | 4 | ||||
-rw-r--r-- | server/RouteControllerTest.cpp | 6 | ||||
-rw-r--r-- | tests/binder_test.cpp | 6 |
4 files changed, 14 insertions, 8 deletions
diff --git a/include/Fwmark.h b/include/Fwmark.h index dc802307..1c3e2f01 100644 --- a/include/Fwmark.h +++ b/include/Fwmark.h @@ -40,6 +40,12 @@ union Fwmark { m.uidBillingDone = true; return m.intValue; } + + static inline uint32_t getIngressCpuWakeupMask() { + Fwmark m; + m.ingress_cpu_wakeup = true; + return m.intValue; + } }; static const unsigned FWMARK_NET_ID_MASK = 0xffff; diff --git a/server/RouteController.cpp b/server/RouteController.cpp index afaf80ae..d7a6e834 100644 --- a/server/RouteController.cpp +++ b/server/RouteController.cpp @@ -489,11 +489,11 @@ int modifyIncomingPacketMark(unsigned netId, const char* interface, Permission p fwmark.protectedFromVpn = true; fwmark.permission = permission; - const uint32_t mask = ~Fwmark::getUidBillingMask(); + const uint32_t mask = Fwmark::getUidBillingMask() | Fwmark::getIngressCpuWakeupMask(); std::string cmd = StringPrintf( "%s %s -i %s -j MARK --set-mark 0x%x/0x%x", add ? "-A" : "-D", - RouteController::LOCAL_MANGLE_INPUT, interface, fwmark.intValue, mask); + RouteController::LOCAL_MANGLE_INPUT, interface, fwmark.intValue, ~mask); if (RouteController::iptablesRestoreCommandFunction(V4V6, "mangle", cmd, nullptr) != 0) { ALOGE("failed to change iptables rule that sets incoming packet mark"); return -EREMOTEIO; diff --git a/server/RouteControllerTest.cpp b/server/RouteControllerTest.cpp index 03802e19..555ffd1c 100644 --- a/server/RouteControllerTest.cpp +++ b/server/RouteControllerTest.cpp @@ -114,7 +114,7 @@ TEST_F(RouteControllerTest, TestRouteFlush) { } TEST_F(RouteControllerTest, TestModifyIncomingPacketMark) { - uint32_t mask = ~Fwmark::getUidBillingMask(); + uint32_t mask = Fwmark::getUidBillingMask() | Fwmark::getIngressCpuWakeupMask(); static constexpr int TEST_NETID = 30; EXPECT_EQ(0, modifyIncomingPacketMark(TEST_NETID, "netdtest0", @@ -122,14 +122,14 @@ TEST_F(RouteControllerTest, TestModifyIncomingPacketMark) { expectIptablesRestoreCommands({StringPrintf( "-t mangle -A routectrl_mangle_INPUT -i netdtest0 -j MARK --set-mark " "0x3001e/0x%x", - mask)}); + ~mask)}); EXPECT_EQ(0, modifyIncomingPacketMark(TEST_NETID, "netdtest0", PERMISSION_NONE, false)); expectIptablesRestoreCommands({StringPrintf( "-t mangle -D routectrl_mangle_INPUT -i netdtest0 -j MARK --set-mark " "0x3001e/0x%x", - mask)}); + ~mask)}); } bool hasLocalInterfaceInRouteTable(const char* iface) { diff --git a/tests/binder_test.cpp b/tests/binder_test.cpp index 2c48a602..359a28f4 100644 --- a/tests/binder_test.cpp +++ b/tests/binder_test.cpp @@ -1784,13 +1784,13 @@ void expectNetworkPermissionIptablesRuleExists(const char* ifName, int permissio std::string networkIncomingPacketMarkRule = ""; switch (permission) { case INetd::PERMISSION_NONE: - networkIncomingPacketMarkRule = "MARK xset 0x3ffdd/0xffefffff"; + networkIncomingPacketMarkRule = "MARK xset 0x3ffdd/0x7fefffff"; break; case INetd::PERMISSION_NETWORK: - networkIncomingPacketMarkRule = "MARK xset 0x7ffdd/0xffefffff"; + networkIncomingPacketMarkRule = "MARK xset 0x7ffdd/0x7fefffff"; break; case INetd::PERMISSION_SYSTEM: - networkIncomingPacketMarkRule = "MARK xset 0xfffdd/0xffefffff"; + networkIncomingPacketMarkRule = "MARK xset 0xfffdd/0x7fefffff"; break; } |