Merge changes I8e33c883,I0a2d1615,I401fc0b4,Ie0fb5b59

* changes:
  libcutils: qtaguid: support socket untagging, return errors.
  Move qtaguid.c from common sources in Android.mk to fix windows build.
  Fix header file inclusion for type uid_t.
  Add communication support for xt_qtaguid(network traffic accounting) kernel module.

3 files changed, 110 insertions, 1 deletions

diff --git a/include/cutils/qtaguid.h b/include/cutils/qtaguid.h
new file mode 100644
index 000000000..e6d61e639
--- /dev/null
+++ b/include/cutils/qtaguid.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2011 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __CUTILS_QTAGUID_H
+#define __CUTILS_QTAGUID_H
+
+#include <stdint.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Set tags (and owning UIDs) for network sockets.
+*/
+extern int qtaguid_tagSocket(int sockfd, int tag, uid_t uid);
+
+/*
+ * Untag a network socket before closing.
+*/
+extern int qtaguid_untagSocket(int sockfd);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __CUTILS_QTAG_UID_H */
diff --git a/libcutils/Android.mk b/libcutils/Android.mk
index 84cccd989..03e6e9a61 100644
--- a/libcutils/Android.mk
+++ b/libcutils/Android.mk
@@ -110,7 +110,7 @@ else #!sim
 # ========================================================
 include $(CLEAR_VARS)
 LOCAL_MODULE := libcutils
-LOCAL_SRC_FILES := $(commonSources) ashmem-dev.c mq.c uevent.c
+LOCAL_SRC_FILES := $(commonSources) ashmem-dev.c mq.c uevent.c qtaguid.c
 
 ifeq ($(TARGET_ARCH),arm)
 LOCAL_SRC_FILES += arch-arm/memset32.S
diff --git a/libcutils/qtaguid.c b/libcutils/qtaguid.c
new file mode 100644
index 000000000..218a21f13
--- /dev/null
+++ b/libcutils/qtaguid.c
@@ -0,0 +1,67 @@
+/* libcutils/qtaguid.c
+**
+** Copyright 2011, The Android Open Source Project
+**
+** Licensed under the Apache License, Version 2.0 (the "License");
+** you may not use this file except in compliance with the License.
+** You may obtain a copy of the License at
+**
+**     http://www.apache.org/licenses/LICENSE-2.0
+**
+** Unless required by applicable law or agreed to in writing, software
+** distributed under the License is distributed on an "AS IS" BASIS,
+** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+** See the License for the specific language governing permissions and
+** limitations under the License.
+*/
+
+#define LOG_TAG "qtaguid"
+
+#include <cutils/qtaguid.h>
+#include <cutils/log.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+extern int qtaguid_tagSocket(int sockfd, int tag, uid_t uid) {
+    char lineBuf[128];
+    int fd, cnt = 0, res = 0;
+    uint64_t kTag = (uint64_t)tag << 32;
+    snprintf(lineBuf, sizeof(lineBuf), "t %d %llu %d", sockfd, kTag, uid);
+
+    LOGI("Tagging socket %d with tag %llx(%d) for uid %d", sockfd, kTag, tag, uid);
+    fd = open("/proc/net/xt_qtaguid/ctrl", O_WRONLY);
+    if (fd < 0) {
+        return -errno;
+    }
+
+    cnt = write(fd, lineBuf, strlen(lineBuf));
+    if (cnt < 0) {
+        res = -errno;
+    }
+
+    close(fd);
+    return res;
+}
+
+extern int qtaguid_untagSocket(int sockfd) {
+    char lineBuf[128];
+    int fd, cnt = 0, res = 0;
+    snprintf(lineBuf, sizeof(lineBuf), "u %d", sockfd);
+
+    LOGI("Untagging socket %d", sockfd);
+    fd = open("/proc/net/xt_qtaguid/ctrl", O_WRONLY);
+    if (fd < 0) {
+        return -errno;
+    }
+
+    cnt = write(fd, lineBuf, strlen(lineBuf));
+    if (cnt < 0) {
+        res = -errno;
+    }
+
+    close(fd);
+    return res;
+}