Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fc9aa724 authored by Maciej Żenczykowski's avatar Maciej Żenczykowski
Browse files

DnsResolver - disable fchown() on Q 



since it is not compatible with ebpf VPN isolation as implemented on Q.

Test: builds, atest, dnsresolver tests, TreeHugger
Bug: 159994981
Signed-off-by: default avatarMaciej Żenczykowski <maze@google.com>
Change-Id: I9f0694a03c0c74c3ba35345b96b9f5fbea821070
parent 701238f5

resolv_private.h

+6 −2
Original line number Diff line number Diff line
@@ -169,16 +169,20 @@ android::net::NsType getQueryType(const uint8_t* msg, size_t msgLen); 
android::net::IpVersion ipFamilyToIPVersion(int ipFamily);



inline void resolv_tag_socket(int sock, uid_t uid, pid_t pid) {

    // This is effectively equivalent to testing for R+

    if (android::net::gResNetdCallbacks.tagSocket != nullptr) {

        if (int err = android::net::gResNetdCallbacks.tagSocket(sock, TAG_SYSTEM_DNS, uid, pid)) {

            LOG(WARNING) << "Failed to tag socket: " << strerror(-err);

        }

    }



    // R+, since fchown() incompatible with Q's ebpf vpn isolation feature

    if (android::net::gApiLevel >= 30) {

        if (fchown(sock, uid, -1) == -1) {

            LOG(WARNING) << "Failed to chown socket: " << strerror(errno);

        }

    }

}



inline std::string addrToString(const sockaddr_storage* addr) {

    char out[INET6_ADDRSTRLEN] = {0};