ebtables: Android makefiles to build ebtables on Android

This patch also adds some missing header files to compile
all the extensions. Some of the header files also needed
to be updated to include some missing components.

Change-Id: Ic212d2d2c6f270df30a0259b85886b6ce578536d

15 files changed, 294 insertions, 2 deletions

diff --git a/Android.mk b/Android.mk
new file mode 100644
index 0000000..02b9bee
--- /dev/null
+++ b/Android.mk
@@ -0,0 +1,6 @@
+#Avoid building ebtables for emulator
+ifeq ($(call is-vendor-board-platform,QCOM),true)
+    include $(call all-subdir-makefiles)
+else
+    $(info "ebtables is disabled on this build")
+endif
diff --git a/kernel/linux/include/linux/netfilter_bridge.h b/kernel/linux/include/linux/netfilter_bridge.h
index 3c271c6..4c2a5aa 100644
--- a/kernel/linux/include/linux/netfilter_bridge.h
+++ b/kernel/linux/include/linux/netfilter_bridge.h
@@ -6,6 +6,7 @@
 
 #include <linux/config.h>
 #include <linux/netfilter.h>
+#include  <limits.h>
 
 /* Bridge Hooks */
 /* After promisc drops, checksum checks. */
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_arp.h b/kernel/linux/include/linux/netfilter_bridge/ebt_arp.h
index 537ec6b..91ae858 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_arp.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_arp.h
@@ -8,8 +8,9 @@
 #define EBT_ARP_DST_IP 0x10
 #define EBT_ARP_SRC_MAC 0x20
 #define EBT_ARP_DST_MAC 0x40
+#define EBT_ARP_GRAT 0x80
 #define EBT_ARP_MASK (EBT_ARP_OPCODE | EBT_ARP_HTYPE | EBT_ARP_PTYPE | \
-   EBT_ARP_SRC_IP | EBT_ARP_DST_IP | EBT_ARP_SRC_MAC | EBT_ARP_DST_MAC)
+   EBT_ARP_SRC_IP | EBT_ARP_DST_IP | EBT_ARP_SRC_MAC | EBT_ARP_DST_MAC | EBT_ARP_GRAT)
 #define EBT_ARP_MATCH "arp"
 
 struct ebt_arp_info
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_ip6.h b/kernel/linux/include/linux/netfilter_bridge/ebt_ip6.h
new file mode 100644
index 0000000..42b8896
--- /dev/null
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_ip6.h
@@ -0,0 +1,50 @@
+/*
+ *  ebt_ip6
+ *
+ *	Authors:
+ * Kuo-Lang Tseng <kuo-lang.tseng@intel.com>
+ * Manohar Castelino <manohar.r.castelino@intel.com>
+ *
+ *  Jan 11, 2008
+ *
+ */
+
+#ifndef __LINUX_BRIDGE_EBT_IP6_H
+#define __LINUX_BRIDGE_EBT_IP6_H
+
+#include <linux/types.h>
+
+#define EBT_IP6_SOURCE 0x01
+#define EBT_IP6_DEST 0x02
+#define EBT_IP6_TCLASS 0x04
+#define EBT_IP6_PROTO 0x08
+#define EBT_IP6_SPORT 0x10
+#define EBT_IP6_DPORT 0x20
+#define EBT_IP6_ICMP6 0x40
+
+#define EBT_IP6_MASK (EBT_IP6_SOURCE | EBT_IP6_DEST | EBT_IP6_TCLASS |\
+		      EBT_IP6_PROTO | EBT_IP6_SPORT | EBT_IP6_DPORT | \
+		      EBT_IP6_ICMP6)
+#define EBT_IP6_MATCH "ip6"
+
+/* the same values are used for the invflags */
+struct ebt_ip6_info {
+	struct in6_addr saddr;
+	struct in6_addr daddr;
+	struct in6_addr smsk;
+	struct in6_addr dmsk;
+	__u8  tclass;
+	__u8  protocol;
+	__u8  bitmask;
+	__u8  invflags;
+	union {
+		__u16 sport[2];
+		__u8 icmpv6_type[2];
+	};
+	union {
+		__u16 dport[2];
+		__u8 icmpv6_code[2];
+	};
+};
+
+#endif
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_log.h b/kernel/linux/include/linux/netfilter_bridge/ebt_log.h
index d3e7377..0dee3f3 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_log.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_log.h
@@ -3,7 +3,9 @@
 
 #define EBT_LOG_IP 0x01 // if the frame is made by ip, log the ip information
 #define EBT_LOG_ARP 0x02
-#define EBT_LOG_MASK (EBT_LOG_IP | EBT_LOG_ARP)
+#define EBT_LOG_NFLOG 0x04
+#define EBT_LOG_IP6 0x0
+#define EBT_LOG_MASK (EBT_LOG_IP | EBT_LOG_ARP | EBT_LOG_IP6)
 #define EBT_LOG_PREFIX_SIZE 30
 #define EBT_LOG_WATCHER "log"
 
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h
index 301524f..c057abf 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h
@@ -1,6 +1,8 @@
 #ifndef __LINUX_BRIDGE_EBT_MARK_M_H
 #define __LINUX_BRIDGE_EBT_MARK_M_H
 
+#include <linux/types.h>
+
 #define EBT_MARK_AND 0x01
 #define EBT_MARK_OR 0x02
 #define EBT_MARK_MASK (EBT_MARK_AND | EBT_MARK_OR)
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h
index f84d2ad..8cb5764 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h
@@ -1,6 +1,18 @@
 #ifndef __LINUX_BRIDGE_EBT_MARK_T_H
 #define __LINUX_BRIDGE_EBT_MARK_T_H
 
+/* The target member is reused for adding new actions, the
+ * value of the real target is -1 to -NUM_STANDARD_TARGETS.
+ * For backward compatibility, the 4 lsb (2 would be enough,
+ * but let's play it safe) are kept to designate this target.
+ * The remaining bits designate the action. By making the set
+ * action 0xfffffff0, the result will look ok for older
+ * versions. [September 2006] */
+#define MARK_SET_VALUE (0xfffffff0)
+#define MARK_OR_VALUE  (0xffffffe0)
+#define MARK_AND_VALUE (0xffffffd0)
+#define MARK_XOR_VALUE (0xffffffc0)
+
 struct ebt_mark_t_info
 {
 	unsigned long mark;
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_nat.h b/kernel/linux/include/linux/netfilter_bridge/ebt_nat.h
index eac1871..879377f 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_nat.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_nat.h
@@ -1,6 +1,8 @@
 #ifndef __LINUX_BRIDGE_EBT_NAT_H
 #define __LINUX_BRIDGE_EBT_NAT_H
 
+#define NAT_ARP_BIT  (0x00000010)
+
 struct ebt_nat_info
 {
 	unsigned char mac[ETH_ALEN];
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_nflog.h b/kernel/linux/include/linux/netfilter_bridge/ebt_nflog.h
new file mode 100644
index 0000000..df829fc
--- /dev/null
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_nflog.h
@@ -0,0 +1,23 @@
+#ifndef __LINUX_BRIDGE_EBT_NFLOG_H
+#define __LINUX_BRIDGE_EBT_NFLOG_H
+
+#include <linux/types.h>
+
+#define EBT_NFLOG_MASK 0x0
+
+#define EBT_NFLOG_PREFIX_SIZE 64
+#define EBT_NFLOG_WATCHER "nflog"
+
+#define EBT_NFLOG_DEFAULT_GROUP		0x1
+#define EBT_NFLOG_DEFAULT_THRESHOLD	1
+
+struct ebt_nflog_info {
+	__u32 len;
+	__u16 group;
+	__u16 threshold;
+	__u16 flags;
+	__u16 pad;
+	char prefix[EBT_NFLOG_PREFIX_SIZE];
+};
+
+#endif				/* __LINUX_BRIDGE_EBT_NFLOG_H */
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_ulog.h b/kernel/linux/include/linux/netfilter_bridge/ebt_ulog.h
new file mode 100644
index 0000000..89a6bec
--- /dev/null
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_ulog.h
@@ -0,0 +1,38 @@
+#ifndef _EBT_ULOG_H
+#define _EBT_ULOG_H
+
+#include <linux/types.h>
+
+#define EBT_ULOG_DEFAULT_NLGROUP 0
+#define EBT_ULOG_DEFAULT_QTHRESHOLD 1
+#define EBT_ULOG_MAXNLGROUPS 32 /* hardcoded netlink max */
+#define EBT_ULOG_PREFIX_LEN 32
+#define EBT_ULOG_MAX_QLEN 50
+#define EBT_ULOG_WATCHER "ulog"
+#define EBT_ULOG_VERSION 1
+
+struct ebt_ulog_info {
+	__u32 nlgroup;
+	unsigned int cprange;
+	unsigned int qthreshold;
+	char prefix[EBT_ULOG_PREFIX_LEN];
+};
+
+typedef struct ebt_ulog_packet_msg {
+	int version;
+	char indev[IFNAMSIZ];
+	char outdev[IFNAMSIZ];
+	char physindev[IFNAMSIZ];
+	char physoutdev[IFNAMSIZ];
+	char prefix[EBT_ULOG_PREFIX_LEN];
+	struct timeval stamp;
+	unsigned long mark;
+	unsigned int hook;
+	size_t data_len;
+	/* The complete packet, including Ethernet header and perhaps
+	 * the VLAN header is appended */
+	unsigned char data[0] __attribute__
+	                      ((aligned (__alignof__(struct ebt_ulog_info))));
+} ebt_ulog_packet_msg_t;
+
+#endif /* _EBT_ULOG_H */
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebtables.h b/kernel/linux/include/linux/netfilter_bridge/ebtables.h
index 81543a8..e4a5690 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebtables.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebtables.h
@@ -26,6 +26,10 @@
 #define EBT_CONTINUE -3
 #define EBT_RETURN   -4
 #define NUM_STANDARD_TARGETS   4
+/* ebtables target modules store the verdict inside an int. We can
+ * reclaim a part of this int for backwards compatible extensions.
+ * The 4 lsb are more than enough to store the verdict. */
+#define EBT_VERDICT_BITS 0x0000000F
 
 struct ebt_counter
 {
diff --git a/userspace/Android.mk b/userspace/Android.mk
new file mode 100644
index 0000000..5053e7d
--- /dev/null
+++ b/userspace/Android.mk
@@ -0,0 +1 @@
+include $(call all-subdir-makefiles)
diff --git a/userspace/ebtables2/Android.mk b/userspace/ebtables2/Android.mk
new file mode 100644
index 0000000..59b07b3
--- /dev/null
+++ b/userspace/ebtables2/Android.mk
@@ -0,0 +1,141 @@
+# BUILD libebtc.so
+
+LOCAL_PATH:= $(call my-dir)
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := getethertype.c
+LOCAL_SRC_FILES += communication.c
+LOCAL_SRC_FILES += libebtc.c
+LOCAL_SRC_FILES += useful_functions.c
+LOCAL_SRC_FILES += ebtables.c
+
+LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
+LOCAL_C_INCLUDES += $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr/include
+LOCAL_ADDITIONAL_DEPENDENCIES := $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr
+
+LOCAL_CFLAGS += -DPROGNAME=\"ebtables\" \
+        -DPROGVERSION=\"2.0.10\" \
+        -DPROGDATE=\"December\ 2011\" \
+        -D__THROW=
+
+LOCAL_CFLAGS += -O2 -g -Wno-ignored-qualifiers
+LOCAL_CFLAGS += -Wno-sign-compare \
+                -Wno-missing-field-initializers \
+                -Wno-pointer-arith
+
+LOCAL_MODULE := libebtc
+
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SHARED_LIBRARY)
+
+# sources and intermediate files are separated
+
+c_includes := $(LOCAL_PATH)/include
+c_includes += $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr/include
+local_additional_dependencies := $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr
+
+cflags := -O2 -g \
+        -DPROGNAME=\"ebtables\" \
+        -DPROGVERSION=\"2.0.10\" \
+        -DPROGDATE=\"December\ 2011\" \
+        -Wno-sign-compare -Wno-missing-field-initializers \
+        -Wno-ignored-qualifiers
+
+extensions_src_files := \
+        extensions/ebt_802_3.c \
+        extensions/ebt_among.c \
+        extensions/ebt_arp.c \
+        extensions/ebt_arpreply.c \
+        extensions/ebt_ip.c \
+        extensions/ebt_ip6.c \
+        extensions/ebt_limit.c \
+        extensions/ebt_log.c \
+        extensions/ebt_mark.c \
+        extensions/ebt_mark_m.c \
+        extensions/ebt_nat.c \
+        extensions/ebt_nflog.c \
+        extensions/ebt_pkttype.c \
+        extensions/ebt_redirect.c \
+        extensions/ebt_standard.c \
+        extensions/ebt_stp.c \
+        extensions/ebt_ulog.c \
+        extensions/ebt_vlan.c \
+        extensions/ebtable_broute.c \
+        extensions/ebtable_filter.c \
+        extensions/ebtable_nat.c
+
+ld_flags := -nostartfiles
+shared_libs := libebtc
+module_tags := eng
+
+$(foreach file,$(extensions_src_files), \
+    $(eval include $(CLEAR_VARS)) \
+    $(eval LOCAL_C_INCLUDES := $(c_includes)) \
+    $(eval LOCAL_ADDITIONAL_DEPENDENCIES := $(local_additional_dependencies)) \
+    $(eval LOCAL_SRC_FILES := $(file)) \
+    $(eval tmp_file := $(notdir $(file:%.c=%))) \
+    $(eval tmp_file := $(addprefix lib, $(tmp_file))) \
+    $(eval LOCAL_MODULE := $(tmp_file)) \
+    $(eval LOCAL_MODULE_TAGS := $(module_tags)) \
+    $(eval LOCAL_LDFLAGS := $(ld_flags)) \
+    $(eval LOCAL_CFLAGS := $(cflags)) \
+    $(eval LOCAL_SHARED_LIBRARIES := $(shared_libs)) \
+    $(eval include $(BUILD_SHARED_LIBRARY)) \
+)
+
+
+###############################
+include $(CLEAR_VARS)
+
+LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
+LOCAL_C_INCLUDES += $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr/include
+LOCAL_ADDITIONAL_DEPENDENCIES := $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr
+
+LOCAL_CFLAGS += -DPROGNAME=\"ebtables\" \
+        -DPROGVERSION=\"2.0.10\" \
+        -DPROGDATE=\"December\ 2011\"
+
+LOCAL_SRC_FILES := ebtables-standalone.c
+
+LOCAL_SHARED_LIBRARIES += \
+        libebtc \
+        libebt_802_3 \
+        libebt_among \
+        libebt_arp \
+        libebt_arpreply \
+        libebt_ip \
+        libebt_ip6 \
+        libebt_limit \
+        libebt_log \
+        libebt_mark \
+        libebt_mark_m \
+        libebt_nat \
+        libebt_nflog \
+        libebt_pkttype \
+        libebt_redirect \
+        libebt_standard \
+        libebt_stp \
+        libebt_ulog \
+        libebt_vlan \
+        libebtable_broute \
+        libebtable_filter \
+        libebtable_nat
+
+LOCAL_MODULE := ebtables
+
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_EXECUTABLE)
+
+
+#######dss_test_104##########
+include $(CLEAR_VARS)
+LOCAL_MODULE:= ethertypes
+LOCAL_MODULE_CLASS := EXECUTABLES
+LOCAL_SRC_FILES := ethertypes
+LOCAL_MODULE_TAGS := optional
+LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)
+include $(BUILD_PREBUILT)
+
diff --git a/userspace/ebtables2/include/ebtables_u.h b/userspace/ebtables2/include/ebtables_u.h
index ab615c1..07dae8e 100644
--- a/userspace/ebtables2/include/ebtables_u.h
+++ b/userspace/ebtables2/include/ebtables_u.h
@@ -24,7 +24,14 @@
 #ifndef EBTABLES_U_H
 #define EBTABLES_U_H
 #include <netinet/in.h>
+
+#ifdef __ANDROID_API__
+#pragma message "Found __ANDRIOD_API__, #undef __unused"
+#undef __unused
+#include <ebtables.h>
+#else
 #include <linux/netfilter_bridge/ebtables.h>
+#endif
 #include <linux/netfilter/x_tables.h>
 
 #ifndef IPPROTO_SCTP
diff --git a/userspace/ebtables2/include/ethernetdb.h b/userspace/ebtables2/include/ethernetdb.h
index 46d8bfd..22b6f7f 100644
--- a/userspace/ebtables2/include/ethernetdb.h
+++ b/userspace/ebtables2/include/ethernetdb.h
@@ -30,6 +30,8 @@
 #define	_PATH_ETHERTYPES	"/etc/ethertypes"
 #endif				/* _PATH_ETHERTYPES */
 
+#define __THROW
+
 struct ethertypeent {
 	char *e_name;		/* Official ethernet type name.  */
 	char **e_aliases;	/* Alias list.  */