Add socket filter to allowed programs for vendor and remove tracepoint am: 16c9360b1f am: beadee38ea am: 38cb6fd47a am: 58950886d8

Original change: https://android-review.googlesource.com/c/platform/system/bpf/+/2021482

Change-Id: I0ae78277a0c2a25b2df848287fa5290e2f1f05d7

2 files changed, 3 insertions, 3 deletions

diff --git a/bpfloader/BpfLoader.cpp b/bpfloader/BpfLoader.cpp
index 5c24f0a..74ecfbc 100644
--- a/bpfloader/BpfLoader.cpp
+++ b/bpfloader/BpfLoader.cpp
@@ -58,7 +58,7 @@ using std::string;
 // attachment of programs to shared resources (or to detect when a shared resource
 // has one BPF program replace another that is attached there)
 constexpr bpf_prog_type kVendorAllowedProgTypes[] = {
-        BPF_PROG_TYPE_TRACEPOINT,
+        BPF_PROG_TYPE_SOCKET_FILTER,
 };
 
 struct Location {
diff --git a/libbpf_android/Loader.cpp b/libbpf_android/Loader.cpp
index eab8e96..108c76e 100644
--- a/libbpf_android/Loader.cpp
+++ b/libbpf_android/Loader.cpp
@@ -32,7 +32,7 @@
 
 // This is BpfLoader v0.10
 #define BPFLOADER_VERSION_MAJOR 0u
-#define BPFLOADER_VERSION_MINOR 10u
+#define BPFLOADER_VERSION_MINOR 11u
 #define BPFLOADER_VERSION ((BPFLOADER_VERSION_MAJOR << 16) | BPFLOADER_VERSION_MINOR)
 
 #include "bpf/BpfUtils.h"
@@ -881,13 +881,13 @@ static int loadCodeSections(const char* elfPath, vector<codeSection>& cs, const
         if (!reuse) {
             ret = bpf_obj_pin(fd, progPinLoc.c_str());
             if (ret) return -errno;
+            if (chmod(progPinLoc.c_str(), 0440)) return -errno;
             if (cs[i].prog_def.has_value()) {
                 if (chown(progPinLoc.c_str(), (uid_t)cs[i].prog_def->uid,
                           (gid_t)cs[i].prog_def->gid)) {
                     return -errno;
                 }
             }
-            if (chmod(progPinLoc.c_str(), 0440)) return -errno;
         }
 
         cs[i].prog_fd.reset(fd);