Loading services/core/java/com/android/server/IpSecService.java +9 −15 Original line number Diff line number Diff line Loading @@ -48,7 +48,6 @@ import android.net.TrafficStats; import android.net.util.NetdService; import android.os.Binder; import android.os.IBinder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.os.RemoteException; import android.os.ServiceSpecificException; Loading @@ -64,6 +63,7 @@ import android.util.SparseBooleanArray; import com.android.internal.annotations.GuardedBy; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.util.Preconditions; import com.android.net.module.util.NetdUtils; import libcore.io.IoUtils; Loading Loading @@ -117,9 +117,6 @@ public class IpSecService extends IIpSecService.Stub { /* Binder context for this service */ private final Context mContext; /* NetworkManager instance */ private final INetworkManagementService mNetworkManager; /** * The next non-repeating global ID for tracking resources between users, this service, and * kernel data structures. Accessing this variable is not thread safe, so it is only read or Loading Loading @@ -1014,13 +1011,13 @@ public class IpSecService extends IIpSecService.Stub { * * @param context Binder context for this service */ private IpSecService(Context context, INetworkManagementService networkManager) { this(context, networkManager, IpSecServiceConfiguration.GETSRVINSTANCE); private IpSecService(Context context) { this(context, IpSecServiceConfiguration.GETSRVINSTANCE); } static IpSecService create(Context context, INetworkManagementService networkManager) static IpSecService create(Context context) throws InterruptedException { final IpSecService service = new IpSecService(context, networkManager); final IpSecService service = new IpSecService(context); service.connectNativeNetdService(); return service; } Loading @@ -1034,11 +1031,9 @@ public class IpSecService extends IIpSecService.Stub { /** @hide */ @VisibleForTesting public IpSecService(Context context, INetworkManagementService networkManager, IpSecServiceConfiguration config) { public IpSecService(Context context, IpSecServiceConfiguration config) { this( context, networkManager, config, (fd, uid) -> { try { Loading @@ -1052,10 +1047,9 @@ public class IpSecService extends IIpSecService.Stub { /** @hide */ @VisibleForTesting public IpSecService(Context context, INetworkManagementService networkManager, IpSecServiceConfiguration config, UidFdTagger uidFdTagger) { public IpSecService(Context context, IpSecServiceConfiguration config, UidFdTagger uidFdTagger) { mContext = context; mNetworkManager = Objects.requireNonNull(networkManager); mSrvConfig = config; mUidFdTagger = uidFdTagger; } Loading Loading @@ -1335,7 +1329,7 @@ public class IpSecService extends IIpSecService.Stub { netd.ipSecAddTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey, resourceId); Binder.withCleanCallingIdentity(() -> { mNetworkManager.setInterfaceUp(intfName); NetdUtils.setInterfaceUp(netd, intfName); }); for (int selAddrFamily : ADDRESS_FAMILIES) { Loading services/core/java/com/android/server/connectivity/Vpn.java +2 −1 Original line number Diff line number Diff line Loading @@ -113,6 +113,7 @@ import com.android.internal.messages.nano.SystemMessageProto.SystemMessage; import com.android.internal.net.LegacyVpnInfo; import com.android.internal.net.VpnConfig; import com.android.internal.net.VpnProfile; import com.android.net.module.util.NetdUtils; import com.android.net.module.util.NetworkStackConstants; import com.android.server.DeviceIdleInternal; import com.android.server.LocalServices; Loading Loading @@ -2528,7 +2529,7 @@ public class Vpn { address /* unused */, address /* unused */, network); mNms.setInterfaceUp(mTunnelIface.getInterfaceName()); NetdUtils.setInterfaceUp(mNetd, mTunnelIface.getInterfaceName()); mSession = mIkev2SessionCreator.createIkeSession( mContext, Loading services/java/com/android/server/SystemServer.java +1 −1 Original line number Diff line number Diff line Loading @@ -1785,7 +1785,7 @@ public final class SystemServer implements Dumpable { t.traceBegin("StartIpSecService"); try { ipSecService = IpSecService.create(context, networkManagement); ipSecService = IpSecService.create(context); ServiceManager.addService(Context.IPSEC_SERVICE, ipSecService); } catch (Throwable e) { reportWtf("starting IpSec Service", e); Loading tests/net/java/com/android/server/IpSecServiceParameterizedTest.java +20 −6 Original line number Diff line number Diff line Loading @@ -16,12 +16,16 @@ package com.android.server; import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.net.INetd.IF_STATE_DOWN; import static android.net.INetd.IF_STATE_UP; import static android.system.OsConstants.AF_INET; import static android.system.OsConstants.AF_INET6; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.fail; import static org.mockito.ArgumentMatchers.argThat; import static org.mockito.Matchers.anyInt; import static org.mockito.Matchers.anyString; import static org.mockito.Matchers.eq; Loading @@ -36,6 +40,7 @@ import android.content.pm.PackageManager; import android.net.ConnectivityManager; import android.net.INetd; import android.net.InetAddresses; import android.net.InterfaceConfigurationParcel; import android.net.IpSecAlgorithm; import android.net.IpSecConfig; import android.net.IpSecManager; Loading @@ -48,7 +53,6 @@ import android.net.LinkAddress; import android.net.LinkProperties; import android.net.Network; import android.os.Binder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.system.Os; import android.test.mock.MockContext; Loading Loading @@ -148,10 +152,17 @@ public class IpSecServiceParameterizedTest { } throw new SecurityException("Unavailable permission requested"); } @Override public int checkCallingOrSelfPermission(String permission) { if (android.Manifest.permission.NETWORK_STACK.equals(permission)) { return PERMISSION_GRANTED; } throw new UnsupportedOperationException(); } }; INetd mMockNetd; INetworkManagementService mNetworkManager; PackageManager mMockPkgMgr; IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig; IpSecService mIpSecService; Loading Loading @@ -181,10 +192,9 @@ public class IpSecServiceParameterizedTest { @Before public void setUp() throws Exception { mMockNetd = mock(INetd.class); mNetworkManager = mock(INetworkManagementService.class); mMockPkgMgr = mock(PackageManager.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService(mMockContext, mNetworkManager, mMockIpSecSrvConfig); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); // Injecting mock netd when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd); Loading Loading @@ -644,7 +654,10 @@ public class IpSecServiceParameterizedTest { } private IpSecTunnelInterfaceResponse createAndValidateTunnel( String localAddr, String remoteAddr, String pkgName) { String localAddr, String remoteAddr, String pkgName) throws Exception { final InterfaceConfigurationParcel config = new InterfaceConfigurationParcel(); config.flags = new String[] {IF_STATE_DOWN}; when(mMockNetd.interfaceGetCfg(anyString())).thenReturn(config); IpSecTunnelInterfaceResponse createTunnelResp = mIpSecService.createTunnelInterface( mSourceAddr, mDestinationAddr, fakeNetwork, new Binder(), pkgName); Loading Loading @@ -674,7 +687,8 @@ public class IpSecServiceParameterizedTest { anyInt(), anyInt(), anyInt()); verify(mNetworkManager).setInterfaceUp(createTunnelResp.interfaceName); verify(mMockNetd).interfaceSetCfg(argThat( config -> Arrays.asList(config.flags).contains(IF_STATE_UP))); } @Test Loading tests/net/java/com/android/server/IpSecServiceRefcountedResourceTest.java +1 −3 Original line number Diff line number Diff line Loading @@ -31,7 +31,6 @@ import static org.mockito.Mockito.verify; import android.content.Context; import android.os.Binder; import android.os.IBinder; import android.os.INetworkManagementService; import android.os.RemoteException; import androidx.test.filters.SmallTest; Loading Loading @@ -62,8 +61,7 @@ public class IpSecServiceRefcountedResourceTest { public void setUp() throws Exception { mMockContext = mock(Context.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService( mMockContext, mock(INetworkManagementService.class), mMockIpSecSrvConfig); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); } private void assertResourceState( Loading Loading
services/core/java/com/android/server/IpSecService.java +9 −15 Original line number Diff line number Diff line Loading @@ -48,7 +48,6 @@ import android.net.TrafficStats; import android.net.util.NetdService; import android.os.Binder; import android.os.IBinder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.os.RemoteException; import android.os.ServiceSpecificException; Loading @@ -64,6 +63,7 @@ import android.util.SparseBooleanArray; import com.android.internal.annotations.GuardedBy; import com.android.internal.annotations.VisibleForTesting; import com.android.internal.util.Preconditions; import com.android.net.module.util.NetdUtils; import libcore.io.IoUtils; Loading Loading @@ -117,9 +117,6 @@ public class IpSecService extends IIpSecService.Stub { /* Binder context for this service */ private final Context mContext; /* NetworkManager instance */ private final INetworkManagementService mNetworkManager; /** * The next non-repeating global ID for tracking resources between users, this service, and * kernel data structures. Accessing this variable is not thread safe, so it is only read or Loading Loading @@ -1014,13 +1011,13 @@ public class IpSecService extends IIpSecService.Stub { * * @param context Binder context for this service */ private IpSecService(Context context, INetworkManagementService networkManager) { this(context, networkManager, IpSecServiceConfiguration.GETSRVINSTANCE); private IpSecService(Context context) { this(context, IpSecServiceConfiguration.GETSRVINSTANCE); } static IpSecService create(Context context, INetworkManagementService networkManager) static IpSecService create(Context context) throws InterruptedException { final IpSecService service = new IpSecService(context, networkManager); final IpSecService service = new IpSecService(context); service.connectNativeNetdService(); return service; } Loading @@ -1034,11 +1031,9 @@ public class IpSecService extends IIpSecService.Stub { /** @hide */ @VisibleForTesting public IpSecService(Context context, INetworkManagementService networkManager, IpSecServiceConfiguration config) { public IpSecService(Context context, IpSecServiceConfiguration config) { this( context, networkManager, config, (fd, uid) -> { try { Loading @@ -1052,10 +1047,9 @@ public class IpSecService extends IIpSecService.Stub { /** @hide */ @VisibleForTesting public IpSecService(Context context, INetworkManagementService networkManager, IpSecServiceConfiguration config, UidFdTagger uidFdTagger) { public IpSecService(Context context, IpSecServiceConfiguration config, UidFdTagger uidFdTagger) { mContext = context; mNetworkManager = Objects.requireNonNull(networkManager); mSrvConfig = config; mUidFdTagger = uidFdTagger; } Loading Loading @@ -1335,7 +1329,7 @@ public class IpSecService extends IIpSecService.Stub { netd.ipSecAddTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey, resourceId); Binder.withCleanCallingIdentity(() -> { mNetworkManager.setInterfaceUp(intfName); NetdUtils.setInterfaceUp(netd, intfName); }); for (int selAddrFamily : ADDRESS_FAMILIES) { Loading
services/core/java/com/android/server/connectivity/Vpn.java +2 −1 Original line number Diff line number Diff line Loading @@ -113,6 +113,7 @@ import com.android.internal.messages.nano.SystemMessageProto.SystemMessage; import com.android.internal.net.LegacyVpnInfo; import com.android.internal.net.VpnConfig; import com.android.internal.net.VpnProfile; import com.android.net.module.util.NetdUtils; import com.android.net.module.util.NetworkStackConstants; import com.android.server.DeviceIdleInternal; import com.android.server.LocalServices; Loading Loading @@ -2528,7 +2529,7 @@ public class Vpn { address /* unused */, address /* unused */, network); mNms.setInterfaceUp(mTunnelIface.getInterfaceName()); NetdUtils.setInterfaceUp(mNetd, mTunnelIface.getInterfaceName()); mSession = mIkev2SessionCreator.createIkeSession( mContext, Loading
services/java/com/android/server/SystemServer.java +1 −1 Original line number Diff line number Diff line Loading @@ -1785,7 +1785,7 @@ public final class SystemServer implements Dumpable { t.traceBegin("StartIpSecService"); try { ipSecService = IpSecService.create(context, networkManagement); ipSecService = IpSecService.create(context); ServiceManager.addService(Context.IPSEC_SERVICE, ipSecService); } catch (Throwable e) { reportWtf("starting IpSec Service", e); Loading
tests/net/java/com/android/server/IpSecServiceParameterizedTest.java +20 −6 Original line number Diff line number Diff line Loading @@ -16,12 +16,16 @@ package com.android.server; import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.net.INetd.IF_STATE_DOWN; import static android.net.INetd.IF_STATE_UP; import static android.system.OsConstants.AF_INET; import static android.system.OsConstants.AF_INET6; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.fail; import static org.mockito.ArgumentMatchers.argThat; import static org.mockito.Matchers.anyInt; import static org.mockito.Matchers.anyString; import static org.mockito.Matchers.eq; Loading @@ -36,6 +40,7 @@ import android.content.pm.PackageManager; import android.net.ConnectivityManager; import android.net.INetd; import android.net.InetAddresses; import android.net.InterfaceConfigurationParcel; import android.net.IpSecAlgorithm; import android.net.IpSecConfig; import android.net.IpSecManager; Loading @@ -48,7 +53,6 @@ import android.net.LinkAddress; import android.net.LinkProperties; import android.net.Network; import android.os.Binder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.system.Os; import android.test.mock.MockContext; Loading Loading @@ -148,10 +152,17 @@ public class IpSecServiceParameterizedTest { } throw new SecurityException("Unavailable permission requested"); } @Override public int checkCallingOrSelfPermission(String permission) { if (android.Manifest.permission.NETWORK_STACK.equals(permission)) { return PERMISSION_GRANTED; } throw new UnsupportedOperationException(); } }; INetd mMockNetd; INetworkManagementService mNetworkManager; PackageManager mMockPkgMgr; IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig; IpSecService mIpSecService; Loading Loading @@ -181,10 +192,9 @@ public class IpSecServiceParameterizedTest { @Before public void setUp() throws Exception { mMockNetd = mock(INetd.class); mNetworkManager = mock(INetworkManagementService.class); mMockPkgMgr = mock(PackageManager.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService(mMockContext, mNetworkManager, mMockIpSecSrvConfig); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); // Injecting mock netd when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd); Loading Loading @@ -644,7 +654,10 @@ public class IpSecServiceParameterizedTest { } private IpSecTunnelInterfaceResponse createAndValidateTunnel( String localAddr, String remoteAddr, String pkgName) { String localAddr, String remoteAddr, String pkgName) throws Exception { final InterfaceConfigurationParcel config = new InterfaceConfigurationParcel(); config.flags = new String[] {IF_STATE_DOWN}; when(mMockNetd.interfaceGetCfg(anyString())).thenReturn(config); IpSecTunnelInterfaceResponse createTunnelResp = mIpSecService.createTunnelInterface( mSourceAddr, mDestinationAddr, fakeNetwork, new Binder(), pkgName); Loading Loading @@ -674,7 +687,8 @@ public class IpSecServiceParameterizedTest { anyInt(), anyInt(), anyInt()); verify(mNetworkManager).setInterfaceUp(createTunnelResp.interfaceName); verify(mMockNetd).interfaceSetCfg(argThat( config -> Arrays.asList(config.flags).contains(IF_STATE_UP))); } @Test Loading
tests/net/java/com/android/server/IpSecServiceRefcountedResourceTest.java +1 −3 Original line number Diff line number Diff line Loading @@ -31,7 +31,6 @@ import static org.mockito.Mockito.verify; import android.content.Context; import android.os.Binder; import android.os.IBinder; import android.os.INetworkManagementService; import android.os.RemoteException; import androidx.test.filters.SmallTest; Loading Loading @@ -62,8 +61,7 @@ public class IpSecServiceRefcountedResourceTest { public void setUp() throws Exception { mMockContext = mock(Context.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService( mMockContext, mock(INetworkManagementService.class), mMockIpSecSrvConfig); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); } private void assertResourceState( Loading
