summaryrefslogtreecommitdiffstats
path: root/libnetdutils/Syscalls.cpp
diff options
context:
space:
mode:
authorBenedict Wong <benedictwong@google.com>2017-12-06 22:05:46 -0800
committerBenedict Wong <benedictwong@google.com>2017-12-18 15:56:49 -0800
commitb2daefb0fd5eb1e6ed4ff2149e13a09ee5748711 (patch)
treee0eb183f036a0dff44be2ecc60db908dd2b0fd09 /libnetdutils/Syscalls.cpp
parent164c8966c6bce401907c2f140e8c69452a89d227 (diff)
downloadplatform_system_netd-b2daefb0fd5eb1e6ed4ff2149e13a09ee5748711.tar.gz
platform_system_netd-b2daefb0fd5eb1e6ed4ff2149e13a09ee5748711.tar.bz2
platform_system_netd-b2daefb0fd5eb1e6ed4ff2149e13a09ee5748711.zip
[ipsec-doze] Add fchown capabilities, and fw rules
Add some firewall rules to allow doze mode packets to be sent/received on ESP & no-socket packets. No-socket packets are no security risk because they are either forwarded, going to be forwarded, or will be dropped at routing tables (unless they are ESP). Bug: 62994731 Test: New tests added, run Change-Id: I2d8704498b564403d94123e4938091dee8fb98c1
Diffstat (limited to 'libnetdutils/Syscalls.cpp')
-rw-r--r--libnetdutils/Syscalls.cpp9
1 files changed, 9 insertions, 0 deletions
diff --git a/libnetdutils/Syscalls.cpp b/libnetdutils/Syscalls.cpp
index 535434173..9a05e3bb1 100644
--- a/libnetdutils/Syscalls.cpp
+++ b/libnetdutils/Syscalls.cpp
@@ -65,6 +65,15 @@ class RealSyscalls final : public Syscalls {
return status::ok;
}
+ Status getsockopt(Fd sock, int level, int optname, void* optval,
+ socklen_t* optlen) const override {
+ auto rv = ::getsockopt(sock.get(), level, optname, optval, optlen);
+ if (rv == -1) {
+ return statusFromErrno(errno, "getsockopt() failed");
+ }
+ return status::ok;
+ }
+
Status setsockopt(Fd sock, int level, int optname, const void* optval,
socklen_t optlen) const override {
auto rv = ::setsockopt(sock.get(), level, optname, optval, optlen);
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-06 19:33:52 +0000