libcutils: qtaguid: Support new functions, add tag resource tracking.

* Add support for
  deleteTagData(tag, uid)
  setCounterSet(counterSetNum, uid)
  setPacifier(on)

* Add resource tracking
(If only kernel process termination had a hook)
Because the xt_qtaguid netfilter module needs to keep track of
tagged sockets, it needs a way to know when the process owning
the socket has died.
Normally the app will untag the sockets. But not on crash.
So the process opens the qtaguid misc dev, which is closed on crash,
at which point the xt_qtaguid can force-untag the processes sockets,
and thus allowing their refcount to go down and release them.

* Add pacifier support
 Add function to enable/disable pacification of the xt_qtaguid
 kernel module. (mostly for debugging)

Change-Id: I7f2228e65208046dd37ec1c7407ee307d5ba9b99

1 files changed, 24 insertions, 0 deletions

diff --git a/include/cutils/qtaguid.h b/include/cutils/qtaguid.h
index e6d61e63..f8550fda 100644
--- a/include/cutils/qtaguid.h
+++ b/include/cutils/qtaguid.h
@@ -35,6 +35,30 @@ extern int qtaguid_tagSocket(int sockfd, int tag, uid_t uid);
 */
 extern int qtaguid_untagSocket(int sockfd);
 
+/*
+ * For the given uid, switch counter sets.
+ * The kernel only keeps a limited number of sets.
+ * 2 for now.
+ */
+extern int qtaguid_setCounterSet(int counterSetNum, uid_t uid);
+
+/*
+ * Delete all tag info that relates to the given tag an uid.
+ * If the tag is 0, then ALL info about the uid is freeded.
+ * The delete data also affects active tagged socketd, which are
+ * then untagged.
+ * The calling process can only operate on its own tags.
+ * Unless it is part of the happy AID_NET_BW_ACCT group.
+ * In which case it can clobber everything.
+ */
+extern int qtaguid_deleteTagData(int tag, uid_t uid);
+
+/*
+ * Enable/disable qtaguid functionnality at a lower level.
+ * When pacified, the kernel will accept commands but do nothing.
+ */
+extern int qtaguid_setPacifier(int on);
+
 #ifdef __cplusplus
 }
 #endif