Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 07d4708a authored by Lucas Lin's avatar Lucas Lin Committed by Automerger Merge Worker
Browse files

Merge changes I852e3a53,I86755647,I0ed8b0c6 am: 654b0fff am: d319fef0 

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1553736

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ic520c715578c8c5dd70040bbdc4c535330b0a453
parents ec81e831 d319fef0

services/core/java/com/android/server/IpSecService.java

+9 −15
Original line number Diff line number Diff line
@@ -48,7 +48,6 @@ import android.net.TrafficStats; 
import android.net.util.NetdService;

import android.os.Binder;

import android.os.IBinder;

import android.os.INetworkManagementService;

import android.os.ParcelFileDescriptor;

import android.os.RemoteException;

import android.os.ServiceSpecificException;
@@ -64,6 +63,7 @@ import android.util.SparseBooleanArray; 
import com.android.internal.annotations.GuardedBy;

import com.android.internal.annotations.VisibleForTesting;

import com.android.internal.util.Preconditions;

import com.android.net.module.util.NetdUtils;



import libcore.io.IoUtils;
@@ -117,9 +117,6 @@ public class IpSecService extends IIpSecService.Stub { 
    /* Binder context for this service */

    private final Context mContext;



    /* NetworkManager instance */

    private final INetworkManagementService mNetworkManager;



    /**

     * The next non-repeating global ID for tracking resources between users, this service, and

     * kernel data structures. Accessing this variable is not thread safe, so it is only read or
@@ -1014,13 +1011,13 @@ public class IpSecService extends IIpSecService.Stub { 
     *

     * @param context Binder context for this service

     */

    private IpSecService(Context context, INetworkManagementService networkManager) {

        this(context, networkManager, IpSecServiceConfiguration.GETSRVINSTANCE);

    private IpSecService(Context context) {

        this(context, IpSecServiceConfiguration.GETSRVINSTANCE);

    }



    static IpSecService create(Context context, INetworkManagementService networkManager)

    static IpSecService create(Context context)

            throws InterruptedException {

        final IpSecService service = new IpSecService(context, networkManager);

        final IpSecService service = new IpSecService(context);

        service.connectNativeNetdService();

        return service;

    }
@@ -1034,11 +1031,9 @@ public class IpSecService extends IIpSecService.Stub { 


    /** @hide */

    @VisibleForTesting

    public IpSecService(Context context, INetworkManagementService networkManager,

            IpSecServiceConfiguration config) {

    public IpSecService(Context context, IpSecServiceConfiguration config) {

        this(

                context,

                networkManager,

                config,

                (fd, uid) -> {

                    try {
@@ -1052,10 +1047,9 @@ public class IpSecService extends IIpSecService.Stub { 


    /** @hide */

    @VisibleForTesting

    public IpSecService(Context context, INetworkManagementService networkManager,

            IpSecServiceConfiguration config, UidFdTagger uidFdTagger) {

    public IpSecService(Context context, IpSecServiceConfiguration config,

            UidFdTagger uidFdTagger) {

        mContext = context;

        mNetworkManager = Objects.requireNonNull(networkManager);

        mSrvConfig = config;

        mUidFdTagger = uidFdTagger;

    }
@@ -1335,7 +1329,7 @@ public class IpSecService extends IIpSecService.Stub { 
            netd.ipSecAddTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey, resourceId);



            Binder.withCleanCallingIdentity(() -> {

                mNetworkManager.setInterfaceUp(intfName);

                NetdUtils.setInterfaceUp(netd, intfName);

            });



            for (int selAddrFamily : ADDRESS_FAMILIES) {

services/core/java/com/android/server/connectivity/Vpn.java

+2 −1
Original line number Diff line number Diff line
@@ -113,6 +113,7 @@ import com.android.internal.messages.nano.SystemMessageProto.SystemMessage; 
import com.android.internal.net.LegacyVpnInfo;

import com.android.internal.net.VpnConfig;

import com.android.internal.net.VpnProfile;

import com.android.net.module.util.NetdUtils;

import com.android.net.module.util.NetworkStackConstants;

import com.android.server.DeviceIdleInternal;

import com.android.server.LocalServices;
@@ -2528,7 +2529,7 @@ public class Vpn { 
                                    address /* unused */,

                                    address /* unused */,

                                    network);

                    mNms.setInterfaceUp(mTunnelIface.getInterfaceName());

                    NetdUtils.setInterfaceUp(mNetd, mTunnelIface.getInterfaceName());



                    mSession = mIkev2SessionCreator.createIkeSession(

                            mContext,

services/java/com/android/server/SystemServer.java

+1 −1
Original line number Diff line number Diff line
@@ -1534,7 +1534,7 @@ public final class SystemServer { 


            t.traceBegin("StartIpSecService");

            try {

                ipSecService = IpSecService.create(context, networkManagement);

                ipSecService = IpSecService.create(context);

                ServiceManager.addService(Context.IPSEC_SERVICE, ipSecService);

            } catch (Throwable e) {

                reportWtf("starting IpSec Service", e);

tests/net/java/com/android/server/IpSecServiceParameterizedTest.java

+20 −6
Original line number Diff line number Diff line
@@ -16,12 +16,16 @@ 


package com.android.server;



import static android.content.pm.PackageManager.PERMISSION_GRANTED;

import static android.net.INetd.IF_STATE_DOWN;

import static android.net.INetd.IF_STATE_UP;

import static android.system.OsConstants.AF_INET;

import static android.system.OsConstants.AF_INET6;



import static org.junit.Assert.assertEquals;

import static org.junit.Assert.assertNotNull;

import static org.junit.Assert.fail;

import static org.mockito.ArgumentMatchers.argThat;

import static org.mockito.Matchers.anyInt;

import static org.mockito.Matchers.anyString;

import static org.mockito.Matchers.eq;
@@ -36,6 +40,7 @@ import android.content.pm.PackageManager; 
import android.net.ConnectivityManager;

import android.net.INetd;

import android.net.InetAddresses;

import android.net.InterfaceConfigurationParcel;

import android.net.IpSecAlgorithm;

import android.net.IpSecConfig;

import android.net.IpSecManager;
@@ -48,7 +53,6 @@ import android.net.LinkAddress; 
import android.net.LinkProperties;

import android.net.Network;

import android.os.Binder;

import android.os.INetworkManagementService;

import android.os.ParcelFileDescriptor;

import android.system.Os;

import android.test.mock.MockContext;
@@ -148,10 +152,17 @@ public class IpSecServiceParameterizedTest { 
            }

            throw new SecurityException("Unavailable permission requested");

        }



        @Override

        public int checkCallingOrSelfPermission(String permission) {

            if (android.Manifest.permission.NETWORK_STACK.equals(permission)) {

                return PERMISSION_GRANTED;

            }

            throw new UnsupportedOperationException();

        }

    };



    INetd mMockNetd;

    INetworkManagementService mNetworkManager;

    PackageManager mMockPkgMgr;

    IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig;

    IpSecService mIpSecService;
@@ -181,10 +192,9 @@ public class IpSecServiceParameterizedTest { 
    @Before

    public void setUp() throws Exception {

        mMockNetd = mock(INetd.class);

        mNetworkManager = mock(INetworkManagementService.class);

        mMockPkgMgr = mock(PackageManager.class);

        mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class);

        mIpSecService = new IpSecService(mMockContext, mNetworkManager, mMockIpSecSrvConfig);

        mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig);



        // Injecting mock netd

        when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd);
@@ -644,7 +654,10 @@ public class IpSecServiceParameterizedTest { 
    }



    private IpSecTunnelInterfaceResponse createAndValidateTunnel(

            String localAddr, String remoteAddr, String pkgName) {

            String localAddr, String remoteAddr, String pkgName) throws Exception {

        final InterfaceConfigurationParcel config = new InterfaceConfigurationParcel();

        config.flags = new String[] {IF_STATE_DOWN};

        when(mMockNetd.interfaceGetCfg(anyString())).thenReturn(config);

        IpSecTunnelInterfaceResponse createTunnelResp =

                mIpSecService.createTunnelInterface(

                        mSourceAddr, mDestinationAddr, fakeNetwork, new Binder(), pkgName);
@@ -674,7 +687,8 @@ public class IpSecServiceParameterizedTest { 
                        anyInt(),

                        anyInt(),

                        anyInt());

        verify(mNetworkManager).setInterfaceUp(createTunnelResp.interfaceName);

        verify(mMockNetd).interfaceSetCfg(argThat(

                config -> Arrays.asList(config.flags).contains(IF_STATE_UP)));

    }



    @Test

tests/net/java/com/android/server/IpSecServiceRefcountedResourceTest.java

+1 −3
Original line number Diff line number Diff line
@@ -31,7 +31,6 @@ import static org.mockito.Mockito.verify; 
import android.content.Context;

import android.os.Binder;

import android.os.IBinder;

import android.os.INetworkManagementService;

import android.os.RemoteException;



import androidx.test.filters.SmallTest;
@@ -62,8 +61,7 @@ public class IpSecServiceRefcountedResourceTest { 
    public void setUp() throws Exception {

        mMockContext = mock(Context.class);

        mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class);

        mIpSecService = new IpSecService(

                mMockContext, mock(INetworkManagementService.class), mMockIpSecSrvConfig);

        mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig);

    }



    private void assertResourceState(