diff options
| author | Benedict Wong <benedictwong@google.com> | 2017-12-06 22:05:46 -0800 |
|---|---|---|
| committer | Benedict Wong <benedictwong@google.com> | 2017-12-18 15:56:49 -0800 |
| commit | b2daefb0fd5eb1e6ed4ff2149e13a09ee5748711 (patch) | |
| tree | e0eb183f036a0dff44be2ecc60db908dd2b0fd09 /libnetdutils/include/netdutils | |
| parent | 164c8966c6bce401907c2f140e8c69452a89d227 (diff) | |
| download | platform_system_netd-b2daefb0fd5eb1e6ed4ff2149e13a09ee5748711.tar.gz platform_system_netd-b2daefb0fd5eb1e6ed4ff2149e13a09ee5748711.tar.bz2 platform_system_netd-b2daefb0fd5eb1e6ed4ff2149e13a09ee5748711.zip | |
[ipsec-doze] Add fchown capabilities, and fw rules
Add some firewall rules to allow doze mode packets to be sent/received
on ESP & no-socket packets. No-socket packets are no security risk
because they are either forwarded, going to be forwarded, or will be
dropped at routing tables (unless they are ESP).
Bug: 62994731
Test: New tests added, run
Change-Id: I2d8704498b564403d94123e4938091dee8fb98c1
Diffstat (limited to 'libnetdutils/include/netdutils')
| -rw-r--r-- | libnetdutils/include/netdutils/MockSyscalls.h | 2 | ||||
| -rw-r--r-- | libnetdutils/include/netdutils/Syscalls.h | 8 |
2 files changed, 10 insertions, 0 deletions
diff --git a/libnetdutils/include/netdutils/MockSyscalls.h b/libnetdutils/include/netdutils/MockSyscalls.h index 149ba5960..06ca85948 100644 --- a/libnetdutils/include/netdutils/MockSyscalls.h +++ b/libnetdutils/include/netdutils/MockSyscalls.h @@ -37,6 +37,8 @@ class MockSyscalls : public Syscalls { StatusOr<UniqueFd>(const std::string& pathname, int flags, mode_t mode)); MOCK_CONST_METHOD3(socket, StatusOr<UniqueFd>(int domain, int type, int protocol)); MOCK_CONST_METHOD3(getsockname, Status(Fd sock, sockaddr* addr, socklen_t* addrlen)); + MOCK_CONST_METHOD5(getsockopt, Status(Fd sock, int level, int optname, void* optval, + socklen_t *optlen)); MOCK_CONST_METHOD5(setsockopt, Status(Fd sock, int level, int optname, const void* optval, socklen_t optlen)); diff --git a/libnetdutils/include/netdutils/Syscalls.h b/libnetdutils/include/netdutils/Syscalls.h index 0e336b66f..4c9a004c4 100644 --- a/libnetdutils/include/netdutils/Syscalls.h +++ b/libnetdutils/include/netdutils/Syscalls.h @@ -47,6 +47,9 @@ class Syscalls { virtual Status getsockname(Fd sock, sockaddr* addr, socklen_t* addrlen) const = 0; + virtual Status getsockopt(Fd sock, int level, int optname, void *optval, + socklen_t *optlen) const = 0; + virtual Status setsockopt(Fd sock, int level, int optname, const void* optval, socklen_t optlen) const = 0; @@ -115,6 +118,11 @@ class Syscalls { } template <typename SockoptT> + Status getsockopt(Fd sock, int level, int optname, void* optval, socklen_t* optlen) const { + return getsockopt(sock, level, optname, optval, optlen); + } + + template <typename SockoptT> Status setsockopt(Fd sock, int level, int optname, const SockoptT& opt) const { return setsockopt(sock, level, optname, &opt, sizeof(opt)); } |