Merge "Refactor IpSecServiceConfiguration to Dependencies" (033ccab2) · Commits · e / os / android_frameworks_base

packages/ConnectivityT/service/src/com/android/server/IpSecService.java

+54 −45

Original line number	Diff line number	Diff line
		@@ -119,6 +119,7 @@ public class IpSecService extends IIpSecService.Stub {

		/* Binder context for this service */
		private final Context mContext;
		private final Dependencies mDeps;

		/**
		* The next non-repeating global ID for tracking resources between users, this service, and
		@@ -129,23 +130,24 @@ public class IpSecService extends IIpSecService.Stub {
		@GuardedBy("IpSecService.this")
		private int mNextResourceId = 1;

		interface IpSecServiceConfiguration {
		INetd getNetdInstance() throws RemoteException;

		IpSecServiceConfiguration GETSRVINSTANCE =
		new IpSecServiceConfiguration() {
		@Override
		public INetd getNetdInstance() throws RemoteException {
		final INetd netd = NetdService.getInstance();
		/**
		* Dependencies of IpSecService, for injection in tests.
		*/
		@VisibleForTesting
		public static class Dependencies {
		/**
		* Get a reference to INetd.
		*/
		public INetd getNetdInstance(Context context) throws RemoteException {
		final INetd netd = INetd.Stub.asInterface((IBinder)
		context.getSystemService(Context.NETD_SERVICE));
		if (netd == null) {
		throw new RemoteException("Failed to Get Netd Instance");
		}
		return netd;
		}
		};
		}

		private final IpSecServiceConfiguration mSrvConfig;
		final UidFdTagger mUidFdTagger;

		/**
		@@ -625,8 +627,8 @@ public class IpSecService extends IIpSecService.Stub {
		public void freeUnderlyingResources() {
		int spi = mSpi.getSpi();
		try {
		mSrvConfig
		.getNetdInstance()
		mDeps
		.getNetdInstance(mContext)
		.ipSecDeleteSecurityAssociation(
		mUid,
		mConfig.getSourceAddress(),
		@@ -678,11 +680,14 @@ public class IpSecService extends IIpSecService.Stub {
		private final String mSourceAddress;
		private final String mDestinationAddress;
		private int mSpi;
		private final Context mContext;

		private boolean mOwnedByTransform = false;

		SpiRecord(int resourceId, String sourceAddress, String destinationAddress, int spi) {
		SpiRecord(Context context, int resourceId, String sourceAddress,
		String destinationAddress, int spi) {
		super(resourceId);
		mContext = context;
		mSourceAddress = sourceAddress;
		mDestinationAddress = destinationAddress;
		mSpi = spi;
		@@ -693,8 +698,8 @@ public class IpSecService extends IIpSecService.Stub {
		public void freeUnderlyingResources() {
		try {
		if (!mOwnedByTransform) {
		mSrvConfig
		.getNetdInstance()
		mDeps
		.getNetdInstance(mContext)
		.ipSecDeleteSecurityAssociation(
		mUid, mSourceAddress, mDestinationAddress, mSpi, 0 /* mark */,
		0 /* mask /, 0 / if_id */);
		@@ -816,8 +821,10 @@ public class IpSecService extends IIpSecService.Stub {
		private final int mIfId;

		private Network mUnderlyingNetwork;
		private final Context mContext;

		TunnelInterfaceRecord(
		Context context,
		int resourceId,
		String interfaceName,
		Network underlyingNetwork,
		@@ -828,6 +835,7 @@ public class IpSecService extends IIpSecService.Stub {
		int intfId) {
		super(resourceId);

		mContext = context;
		mInterfaceName = interfaceName;
		mUnderlyingNetwork = underlyingNetwork;
		mLocalAddress = localAddr;
		@@ -844,7 +852,7 @@ public class IpSecService extends IIpSecService.Stub {
		// Teardown VTI
		// Delete global policies
		try {
		final INetd netd = mSrvConfig.getNetdInstance();
		final INetd netd = mDeps.getNetdInstance(mContext);
		netd.ipSecRemoveTunnelInterface(mInterfaceName);

		for (int selAddrFamily : ADDRESS_FAMILIES) {
		@@ -1012,7 +1020,7 @@ public class IpSecService extends IIpSecService.Stub {
		* @param context Binder context for this service
		*/
		private IpSecService(Context context) {
		this(context, IpSecServiceConfiguration.GETSRVINSTANCE);
		this(context, new Dependencies());
		}

		static IpSecService create(Context context)
		@@ -1031,10 +1039,10 @@ public class IpSecService extends IIpSecService.Stub {

		/** @hide */
		@VisibleForTesting
		public IpSecService(Context context, IpSecServiceConfiguration config) {
		public IpSecService(Context context, Dependencies deps) {
		this(
		context,
		config,
		deps,
		(fd, uid) -> {
		try {
		TrafficStats.setThreadStatsUid(uid);
		@@ -1047,10 +1055,9 @@ public class IpSecService extends IIpSecService.Stub {

		/** @hide */
		@VisibleForTesting
		public IpSecService(Context context, IpSecServiceConfiguration config,
		UidFdTagger uidFdTagger) {
		public IpSecService(Context context, Dependencies deps, UidFdTagger uidFdTagger) {
		mContext = context;
		mSrvConfig = config;
		mDeps = deps;
		mUidFdTagger = uidFdTagger;
		}

		@@ -1077,7 +1084,7 @@ public class IpSecService extends IIpSecService.Stub {

		synchronized boolean isNetdAlive() {
		try {
		final INetd netd = mSrvConfig.getNetdInstance();
		final INetd netd = mDeps.getNetdInstance(mContext);
		if (netd == null) {
		return false;
		}
		@@ -1143,14 +1150,15 @@ public class IpSecService extends IIpSecService.Stub {
		}

		spi =
		mSrvConfig
		.getNetdInstance()
		mDeps
		.getNetdInstance(mContext)
		.ipSecAllocateSpi(callingUid, "", destinationAddress, requestedSpi);
		Log.d(TAG, "Allocated SPI " + spi);
		userRecord.mSpiRecords.put(
		resourceId,
		new RefcountedResource<SpiRecord>(
		new SpiRecord(resourceId, "", destinationAddress, spi), binder));
		new SpiRecord(mContext, resourceId, "",
		destinationAddress, spi), binder));
		} catch (ServiceSpecificException e) {
		if (e.errorCode == OsConstants.ENOENT) {
		return new IpSecSpiResponse(
		@@ -1267,7 +1275,7 @@ public class IpSecService extends IIpSecService.Stub {
		OsConstants.UDP_ENCAP,
		OsConstants.UDP_ENCAP_ESPINUDP);

		mSrvConfig.getNetdInstance().ipSecSetEncapSocketOwner(
		mDeps.getNetdInstance(mContext).ipSecSetEncapSocketOwner(
		new ParcelFileDescriptor(sockFd), callingUid);
		if (port != 0) {
		Log.v(TAG, "Binding to port " + port);
		@@ -1330,7 +1338,7 @@ public class IpSecService extends IIpSecService.Stub {
		// Create VTI
		// Add inbound/outbound global policies
		// (use reqid = 0)
		final INetd netd = mSrvConfig.getNetdInstance();
		final INetd netd = mDeps.getNetdInstance(mContext);
		netd.ipSecAddTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey, resourceId);

		BinderUtils.withCleanCallingIdentity(() -> {
		@@ -1385,6 +1393,7 @@ public class IpSecService extends IIpSecService.Stub {
		resourceId,
		new RefcountedResource<TunnelInterfaceRecord>(
		new TunnelInterfaceRecord(
		mContext,
		resourceId,
		intfName,
		underlyingNetwork,
		@@ -1426,8 +1435,8 @@ public class IpSecService extends IIpSecService.Stub {
		try {
		// We can assume general validity of the IP address, since we get them as a
		// LinkAddress, which does some validation.
		mSrvConfig
		.getNetdInstance()
		mDeps
		.getNetdInstance(mContext)
		.interfaceAddAddress(
		tunnelInterfaceInfo.mInterfaceName,
		localAddr.getAddress().getHostAddress(),
		@@ -1455,8 +1464,8 @@ public class IpSecService extends IIpSecService.Stub {
		try {
		// We can assume general validity of the IP address, since we get them as a
		// LinkAddress, which does some validation.
		mSrvConfig
		.getNetdInstance()
		mDeps
		.getNetdInstance(mContext)
		.interfaceDelAddress(
		tunnelInterfaceInfo.mInterfaceName,
		localAddr.getAddress().getHostAddress(),
		@@ -1670,8 +1679,8 @@ public class IpSecService extends IIpSecService.Stub {
		cryptName = crypt.getName();
		}

		mSrvConfig
		.getNetdInstance()
		mDeps
		.getNetdInstance(mContext)
		.ipSecAddSecurityAssociation(
		Binder.getCallingUid(),
		c.getMode(),
		@@ -1782,8 +1791,8 @@ public class IpSecService extends IIpSecService.Stub {
		c.getMode() == IpSecTransform.MODE_TRANSPORT,
		"Transform mode was not Transport mode; cannot be applied to a socket");

		mSrvConfig
		.getNetdInstance()
		mDeps
		.getNetdInstance(mContext)
		.ipSecApplyTransportModeTransform(
		socket,
		callingUid,
		@@ -1802,8 +1811,8 @@ public class IpSecService extends IIpSecService.Stub {
		@Override
		public synchronized void removeTransportModeTransforms(ParcelFileDescriptor socket)
		throws RemoteException {
		mSrvConfig
		.getNetdInstance()
		mDeps
		.getNetdInstance(mContext)
		.ipSecRemoveTransportModeTransform(socket);
		}

		@@ -1879,8 +1888,8 @@ public class IpSecService extends IIpSecService.Stub {

		// Always update the policy with the relevant XFRM_IF_ID
		for (int selAddrFamily : ADDRESS_FAMILIES) {
		mSrvConfig
		.getNetdInstance()
		mDeps
		.getNetdInstance(mContext)
		.ipSecUpdateSecurityPolicy(
		callingUid,
		selAddrFamily,