Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit a675b004 authored by Sreeram Ramachandran's avatar Sreeram Ramachandran
Browse files

Only add permissions in accept(); do not try to enforce anything. 

Previously, we were enforcing that the user has access to the network over which
the socket is accepted. This has two problems:

1. We weren't handling the loopback interface ('lo') correctly. It's not part of
   any network, so the NetId in the fwmark is NETID_UNSET. In
   NetworkController::isUserPermittedOnNetwork(), we would fail to find a valid
   network, and so we would return false.

2. We have decided that in fact, we don't want to enforce this even for other
   interfaces, due to the SYN-ACK problem. See the comments and discussion at:
   http://go/android-multinetwork-routing

Bug: 16079376
Change-Id: I3f07f67d06dd7b48bfdfa5616ee22e098e31f8af
parent 72999d6c
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment