Add NETLINK_XFRM and IPPROTO_ESP
Allow the system server (IpSecService) to create xfrm netlink
socket and set up ESP SA
Bug: 308011229
Test: make
Change-Id: I108cc538a845a39b5a7560d8e3654cf27e32ea94
diff --git a/api/current.txt b/api/current.txt
index fbdd533..c61243f 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -339,6 +339,7 @@
field public static final int IFF_RUNNING;
field public static final int IFF_SLAVE;
field public static final int IFF_UP;
+ field public static final int IPPROTO_ESP;
field public static final int IPPROTO_ICMP;
field public static final int IPPROTO_ICMPV6;
field public static final int IPPROTO_IP;
@@ -391,6 +392,7 @@
field public static final int NETLINK_INET_DIAG;
field public static final int NETLINK_NETFILTER;
field public static final int NETLINK_ROUTE;
+ field public static final int NETLINK_XFRM;
field public static final int NI_DGRAM;
field public static final int NI_NAMEREQD;
field public static final int NI_NOFQDN;
diff --git a/luni/src/main/java/android/system/OsConstants.java b/luni/src/main/java/android/system/OsConstants.java
index 9435cae..c078f92 100644
--- a/luni/src/main/java/android/system/OsConstants.java
+++ b/luni/src/main/java/android/system/OsConstants.java
@@ -392,6 +392,14 @@
public static final int IPPROTO_RAW = placeholder();
public static final int IPPROTO_TCP = placeholder();
public static final int IPPROTO_UDP = placeholder();
+
+ /**
+ * Encapsulation Security Payload protocol
+ *
+ * <p>Defined in /uapi/linux/in.h
+ */
+ public static final int IPPROTO_ESP = placeholder();
+
public static final int IPV6_CHECKSUM = placeholder();
public static final int IPV6_MULTICAST_HOPS = placeholder();
public static final int IPV6_MULTICAST_IF = placeholder();
@@ -468,6 +476,14 @@
* SELinux enforces that only system_server and netd may use this netlink socket type.
*/
public static final int NETLINK_INET_DIAG = placeholder();
+
+ /**
+ * SELinux enforces that only system_server and netd may use this netlink socket type.
+ *
+ * @see <a href="https://man7.org/linux/man-pages/man7/netlink.7.html">netlink(7)</a>
+ */
+ public static final int NETLINK_XFRM = placeholder();
+
public static final int NI_DGRAM = placeholder();
public static final int NI_NAMEREQD = placeholder();
public static final int NI_NOFQDN = placeholder();
diff --git a/luni/src/main/native/android_system_OsConstants.cpp b/luni/src/main/native/android_system_OsConstants.cpp
index fcbe1f9..3f8ce60 100644
--- a/luni/src/main/native/android_system_OsConstants.cpp
+++ b/luni/src/main/native/android_system_OsConstants.cpp
@@ -324,6 +324,7 @@
initConstant(env, c, "IPPROTO_RAW", IPPROTO_RAW);
initConstant(env, c, "IPPROTO_TCP", IPPROTO_TCP);
initConstant(env, c, "IPPROTO_UDP", IPPROTO_UDP);
+ initConstant(env, c, "IPPROTO_ESP", IPPROTO_ESP);
initConstant(env, c, "IPV6_CHECKSUM", IPV6_CHECKSUM);
initConstant(env, c, "IPV6_MULTICAST_HOPS", IPV6_MULTICAST_HOPS);
initConstant(env, c, "IPV6_MULTICAST_IF", IPV6_MULTICAST_IF);
@@ -405,6 +406,7 @@
initConstant(env, c, "NETLINK_NETFILTER", NETLINK_NETFILTER);
initConstant(env, c, "NETLINK_ROUTE", NETLINK_ROUTE);
initConstant(env, c, "NETLINK_INET_DIAG", NETLINK_INET_DIAG);
+ initConstant(env, c, "NETLINK_XFRM", NETLINK_XFRM);
initConstant(env, c, "NI_DGRAM", NI_DGRAM);
initConstant(env, c, "NI_NAMEREQD", NI_NAMEREQD);
initConstant(env, c, "NI_NOFQDN", NI_NOFQDN);
