Netlink implementation for the Android NDK

Question

I have a requirement for similar task as mentioned in this link.. Passive monitoring of sockets in Android. One way is parsing the /proc/net/{tcp,udp,...} tables. But we have to keep on reading continuously for keep on monitoring; which is not efficient way. As it will be a mobile device app, it will eat up the battery as it requires CPU Time for keep on monitoring for time interval (say 1 sec).

But, I am looking for an event based approach. As I googled about the same, I ended with NETLINK for monitoring the sockets. But I observe that Android NDK doesn't have support for the

#include <linux/sock_diag.h>
#include <linux/inet_diag.h>
#include <linux/unix_diag.h>
#include <linux/packet_diag.h>
#include <linux/netlink_diag.h>

Does anyone tried using NETLINK in Android for monitoring the INET sockets? If so please share the information.

Thanks.

---

UPDATE: I tried copy pasting the above mentioned files in the "jni" folder and built using ndk-build. Building was successful and also no crashes at the runtime. But, socket creation of type

socket(AF_NETLINK, SOCK_DGRAM, NETLINK_INET_DIAG)

is failing with error EACCES(13) - Permission to create a socket of the specified type and/or protocol is denied.

Any suggestions how to proceed further?

Answer 1

In Android Lollipop, Security Enhanced Linux (SELinux) in Android is enabled in "enforce" mode. By observing/looking at the sandbox definitions Android Source Code - SE Policy of the app.te (Below pasted excerpt), there will not be any supports for the netlink sockets.

app.te

# Privileged netlink socket interfaces.
 
neverallow appdomain
 
    self:{
 
        netlink_socket
 
        netlink_firewall_socket
 
        netlink_tcpdiag_socket
 
        netlink_nflog_socket
 
        netlink_xfrm_socket
 
        netlink_audit_socket
 
        netlink_ip6fw_socket
 
        netlink_dnrt_socket
 
    } *;

Answer 2

i think, your app should have root permision!