1 /*
2  * Copyright (C) 2022 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef LIBCONNECTIVITY_CONNECTIVITY_NATIVE_H_
18 #define LIBCONNECTIVITY_CONNECTIVITY_NATIVE_H_
19 
20 #include <sys/cdefs.h>
21 #include <netinet/in.h>
22 
23 // For branches that do not yet have __ANDROID_API_U__ defined, like module
24 // release branches.
25 #ifndef __ANDROID_API_U__
26 #define __ANDROID_API_U__ 34
27 #endif
28 
29 __BEGIN_DECLS
30 
31 /**
32  * Blocks a port from being assigned during bind(). The caller is responsible for updating
33  * /proc/sys/net/ipv4/ip_local_port_range with the port being blocked so that calls to connect()
34  * will not automatically assign one of the blocked ports.
35  * Will return success even if port was already blocked.
36  *
37  * Returns 0 on success, or a POSIX error code (see errno.h) on failure:
38  *  - EINVAL for invalid port number
39  *  - EPERM if the UID of the client doesn't have network stack permission
40  *  - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html
41  *
42  * @param port Int corresponding to port number.
43  */
44 int AConnectivityNative_blockPortForBind(in_port_t port) __INTRODUCED_IN(__ANDROID_API_U__);
45 
46 /**
47  * Unblocks a port that has previously been blocked.
48  * Will return success even if port was already unblocked.
49  *
50  * Returns 0 on success, or a POSIX error code (see errno.h) on failure:
51  *  - EINVAL for invalid port number
52  *  - EPERM if the UID of the client doesn't have network stack permission
53  *  - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html
54  *
55  * @param port Int corresponding to port number.
56  */
57 int AConnectivityNative_unblockPortForBind(in_port_t port) __INTRODUCED_IN(__ANDROID_API_U__);
58 
59 /**
60  * Unblocks all ports that have previously been blocked.
61  *
62  * Returns 0 on success, or a POSIX error code (see errno.h) on failure:
63  *  - EINVAL for invalid port number
64  *  - EPERM if the UID of the client doesn't have network stack permission
65  *  - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html
66  */
67 int AConnectivityNative_unblockAllPortsForBind() __INTRODUCED_IN(__ANDROID_API_U__);
68 
69 /**
70  * Gets the list of ports that have been blocked.
71  *
72  * Returns 0 on success, or a POSIX error code (see errno.h) on failure:
73  *  - EINVAL for invalid port number
74  *  - EPERM if the UID of the client doesn't have network stack permission
75  *  - Other errors as per https://man7.org/linux/man-pages/man2/bpf.2.html
76  *
77  * @param ports Array of ports that will be filled with the port numbers.
78  * @param count Pointer to the size of the ports array; the value will be set to the total number of
79  *              blocked ports, which may be larger than the ports array that was filled.
80  */
81 int AConnectivityNative_getPortsBlockedForBind(in_port_t* _Nonnull ports, size_t* _Nonnull count)
82     __INTRODUCED_IN(__ANDROID_API_U__);
83 
84 __END_DECLS
85 
86 
87 #endif
88