Loading services/core/java/com/android/server/IpSecService.java +19 −7 Original line number Diff line number Diff line Loading @@ -46,6 +46,7 @@ import android.net.TrafficStats; import android.net.util.NetdService; import android.os.Binder; import android.os.IBinder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.os.RemoteException; import android.os.ServiceSpecificException; Loading Loading @@ -114,6 +115,9 @@ public class IpSecService extends IIpSecService.Stub { /* Binder context for this service */ private final Context mContext; /* NetworkManager instance */ private final INetworkManagementService mNetworkManager; /** * The next non-repeating global ID for tracking resources between users, this service, and * kernel data structures. Accessing this variable is not thread safe, so it is only read or Loading Loading @@ -992,12 +996,13 @@ public class IpSecService extends IIpSecService.Stub { * * @param context Binder context for this service */ private IpSecService(Context context) { this(context, IpSecServiceConfiguration.GETSRVINSTANCE); private IpSecService(Context context, INetworkManagementService networkManager) { this(context, networkManager, IpSecServiceConfiguration.GETSRVINSTANCE); } static IpSecService create(Context context) throws InterruptedException { final IpSecService service = new IpSecService(context); static IpSecService create(Context context, INetworkManagementService networkManager) throws InterruptedException { final IpSecService service = new IpSecService(context, networkManager); service.connectNativeNetdService(); return service; } Loading @@ -1011,9 +1016,11 @@ public class IpSecService extends IIpSecService.Stub { /** @hide */ @VisibleForTesting public IpSecService(Context context, IpSecServiceConfiguration config) { public IpSecService(Context context, INetworkManagementService networkManager, IpSecServiceConfiguration config) { this( context, networkManager, config, (fd, uid) -> { try { Loading @@ -1027,9 +1034,10 @@ public class IpSecService extends IIpSecService.Stub { /** @hide */ @VisibleForTesting public IpSecService( Context context, IpSecServiceConfiguration config, UidFdTagger uidFdTagger) { public IpSecService(Context context, INetworkManagementService networkManager, IpSecServiceConfiguration config, UidFdTagger uidFdTagger) { mContext = context; mNetworkManager = Objects.requireNonNull(networkManager); mSrvConfig = config; mUidFdTagger = uidFdTagger; } Loading Loading @@ -1308,6 +1316,10 @@ public class IpSecService extends IIpSecService.Stub { final INetd netd = mSrvConfig.getNetdInstance(); netd.ipSecAddTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey, resourceId); Binder.withCleanCallingIdentity(() -> { mNetworkManager.setInterfaceUp(intfName); }); for (int selAddrFamily : ADDRESS_FAMILIES) { // Always send down correct local/remote addresses for template. netd.ipSecAddSecurityPolicy( Loading services/java/com/android/server/SystemServer.java +1 −1 Original line number Diff line number Diff line Loading @@ -1415,7 +1415,7 @@ public final class SystemServer { t.traceBegin("StartIpSecService"); try { ipSecService = IpSecService.create(context); ipSecService = IpSecService.create(context, networkManagement); ServiceManager.addService(Context.IPSEC_SERVICE, ipSecService); } catch (Throwable e) { reportWtf("starting IpSec Service", e); Loading tests/net/java/com/android/server/IpSecServiceParameterizedTest.java +5 −1 Original line number Diff line number Diff line Loading @@ -46,6 +46,7 @@ import android.net.LinkAddress; import android.net.Network; import android.net.NetworkUtils; import android.os.Binder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.system.Os; import android.test.mock.MockContext; Loading Loading @@ -135,6 +136,7 @@ public class IpSecServiceParameterizedTest { }; INetd mMockNetd; INetworkManagementService mNetworkManager; PackageManager mMockPkgMgr; IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig; IpSecService mIpSecService; Loading @@ -160,9 +162,10 @@ public class IpSecServiceParameterizedTest { @Before public void setUp() throws Exception { mMockNetd = mock(INetd.class); mNetworkManager = mock(INetworkManagementService.class); mMockPkgMgr = mock(PackageManager.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); mIpSecService = new IpSecService(mMockContext, mNetworkManager, mMockIpSecSrvConfig); // Injecting mock netd when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd); Loading Loading @@ -609,6 +612,7 @@ public class IpSecServiceParameterizedTest { anyInt(), anyInt(), anyInt()); verify(mNetworkManager).setInterfaceUp(createTunnelResp.interfaceName); } @Test Loading tests/net/java/com/android/server/IpSecServiceRefcountedResourceTest.java +3 −1 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ import static org.mockito.Mockito.verify; import android.content.Context; import android.os.Binder; import android.os.IBinder; import android.os.INetworkManagementService; import android.os.RemoteException; import androidx.test.filters.SmallTest; Loading Loading @@ -61,7 +62,8 @@ public class IpSecServiceRefcountedResourceTest { public void setUp() throws Exception { mMockContext = mock(Context.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); mIpSecService = new IpSecService( mMockContext, mock(INetworkManagementService.class), mMockIpSecSrvConfig); } private void assertResourceState( Loading tests/net/java/com/android/server/IpSecServiceTest.java +7 −4 Original line number Diff line number Diff line Loading @@ -42,6 +42,7 @@ import android.net.IpSecManager; import android.net.IpSecSpiResponse; import android.net.IpSecUdpEncapResponse; import android.os.Binder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.os.Process; import android.system.ErrnoException; Loading Loading @@ -115,6 +116,7 @@ public class IpSecServiceTest { } Context mMockContext; INetworkManagementService mMockNetworkManager; INetd mMockNetd; IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig; IpSecService mIpSecService; Loading @@ -122,9 +124,10 @@ public class IpSecServiceTest { @Before public void setUp() throws Exception { mMockContext = mock(Context.class); mMockNetworkManager = mock(INetworkManagementService.class); mMockNetd = mock(INetd.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); mIpSecService = new IpSecService(mMockContext, mMockNetworkManager, mMockIpSecSrvConfig); // Injecting mock netd when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd); Loading @@ -132,7 +135,7 @@ public class IpSecServiceTest { @Test public void testIpSecServiceCreate() throws InterruptedException { IpSecService ipSecSrv = IpSecService.create(mMockContext); IpSecService ipSecSrv = IpSecService.create(mMockContext, mMockNetworkManager); assertNotNull(ipSecSrv); } Loading Loading @@ -604,8 +607,8 @@ public class IpSecServiceTest { @Test public void testOpenUdpEncapSocketTagsSocket() throws Exception { IpSecService.UidFdTagger mockTagger = mock(IpSecService.UidFdTagger.class); IpSecService testIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig, mockTagger); IpSecService testIpSecService = new IpSecService( mMockContext, mMockNetworkManager, mMockIpSecSrvConfig, mockTagger); IpSecUdpEncapResponse udpEncapResp = testIpSecService.openUdpEncapsulationSocket(0, new Binder()); Loading Loading
services/core/java/com/android/server/IpSecService.java +19 −7 Original line number Diff line number Diff line Loading @@ -46,6 +46,7 @@ import android.net.TrafficStats; import android.net.util.NetdService; import android.os.Binder; import android.os.IBinder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.os.RemoteException; import android.os.ServiceSpecificException; Loading Loading @@ -114,6 +115,9 @@ public class IpSecService extends IIpSecService.Stub { /* Binder context for this service */ private final Context mContext; /* NetworkManager instance */ private final INetworkManagementService mNetworkManager; /** * The next non-repeating global ID for tracking resources between users, this service, and * kernel data structures. Accessing this variable is not thread safe, so it is only read or Loading Loading @@ -992,12 +996,13 @@ public class IpSecService extends IIpSecService.Stub { * * @param context Binder context for this service */ private IpSecService(Context context) { this(context, IpSecServiceConfiguration.GETSRVINSTANCE); private IpSecService(Context context, INetworkManagementService networkManager) { this(context, networkManager, IpSecServiceConfiguration.GETSRVINSTANCE); } static IpSecService create(Context context) throws InterruptedException { final IpSecService service = new IpSecService(context); static IpSecService create(Context context, INetworkManagementService networkManager) throws InterruptedException { final IpSecService service = new IpSecService(context, networkManager); service.connectNativeNetdService(); return service; } Loading @@ -1011,9 +1016,11 @@ public class IpSecService extends IIpSecService.Stub { /** @hide */ @VisibleForTesting public IpSecService(Context context, IpSecServiceConfiguration config) { public IpSecService(Context context, INetworkManagementService networkManager, IpSecServiceConfiguration config) { this( context, networkManager, config, (fd, uid) -> { try { Loading @@ -1027,9 +1034,10 @@ public class IpSecService extends IIpSecService.Stub { /** @hide */ @VisibleForTesting public IpSecService( Context context, IpSecServiceConfiguration config, UidFdTagger uidFdTagger) { public IpSecService(Context context, INetworkManagementService networkManager, IpSecServiceConfiguration config, UidFdTagger uidFdTagger) { mContext = context; mNetworkManager = Objects.requireNonNull(networkManager); mSrvConfig = config; mUidFdTagger = uidFdTagger; } Loading Loading @@ -1308,6 +1316,10 @@ public class IpSecService extends IIpSecService.Stub { final INetd netd = mSrvConfig.getNetdInstance(); netd.ipSecAddTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey, resourceId); Binder.withCleanCallingIdentity(() -> { mNetworkManager.setInterfaceUp(intfName); }); for (int selAddrFamily : ADDRESS_FAMILIES) { // Always send down correct local/remote addresses for template. netd.ipSecAddSecurityPolicy( Loading
services/java/com/android/server/SystemServer.java +1 −1 Original line number Diff line number Diff line Loading @@ -1415,7 +1415,7 @@ public final class SystemServer { t.traceBegin("StartIpSecService"); try { ipSecService = IpSecService.create(context); ipSecService = IpSecService.create(context, networkManagement); ServiceManager.addService(Context.IPSEC_SERVICE, ipSecService); } catch (Throwable e) { reportWtf("starting IpSec Service", e); Loading
tests/net/java/com/android/server/IpSecServiceParameterizedTest.java +5 −1 Original line number Diff line number Diff line Loading @@ -46,6 +46,7 @@ import android.net.LinkAddress; import android.net.Network; import android.net.NetworkUtils; import android.os.Binder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.system.Os; import android.test.mock.MockContext; Loading Loading @@ -135,6 +136,7 @@ public class IpSecServiceParameterizedTest { }; INetd mMockNetd; INetworkManagementService mNetworkManager; PackageManager mMockPkgMgr; IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig; IpSecService mIpSecService; Loading @@ -160,9 +162,10 @@ public class IpSecServiceParameterizedTest { @Before public void setUp() throws Exception { mMockNetd = mock(INetd.class); mNetworkManager = mock(INetworkManagementService.class); mMockPkgMgr = mock(PackageManager.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); mIpSecService = new IpSecService(mMockContext, mNetworkManager, mMockIpSecSrvConfig); // Injecting mock netd when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd); Loading Loading @@ -609,6 +612,7 @@ public class IpSecServiceParameterizedTest { anyInt(), anyInt(), anyInt()); verify(mNetworkManager).setInterfaceUp(createTunnelResp.interfaceName); } @Test Loading
tests/net/java/com/android/server/IpSecServiceRefcountedResourceTest.java +3 −1 Original line number Diff line number Diff line Loading @@ -31,6 +31,7 @@ import static org.mockito.Mockito.verify; import android.content.Context; import android.os.Binder; import android.os.IBinder; import android.os.INetworkManagementService; import android.os.RemoteException; import androidx.test.filters.SmallTest; Loading Loading @@ -61,7 +62,8 @@ public class IpSecServiceRefcountedResourceTest { public void setUp() throws Exception { mMockContext = mock(Context.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); mIpSecService = new IpSecService( mMockContext, mock(INetworkManagementService.class), mMockIpSecSrvConfig); } private void assertResourceState( Loading
tests/net/java/com/android/server/IpSecServiceTest.java +7 −4 Original line number Diff line number Diff line Loading @@ -42,6 +42,7 @@ import android.net.IpSecManager; import android.net.IpSecSpiResponse; import android.net.IpSecUdpEncapResponse; import android.os.Binder; import android.os.INetworkManagementService; import android.os.ParcelFileDescriptor; import android.os.Process; import android.system.ErrnoException; Loading Loading @@ -115,6 +116,7 @@ public class IpSecServiceTest { } Context mMockContext; INetworkManagementService mMockNetworkManager; INetd mMockNetd; IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig; IpSecService mIpSecService; Loading @@ -122,9 +124,10 @@ public class IpSecServiceTest { @Before public void setUp() throws Exception { mMockContext = mock(Context.class); mMockNetworkManager = mock(INetworkManagementService.class); mMockNetd = mock(INetd.class); mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class); mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig); mIpSecService = new IpSecService(mMockContext, mMockNetworkManager, mMockIpSecSrvConfig); // Injecting mock netd when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd); Loading @@ -132,7 +135,7 @@ public class IpSecServiceTest { @Test public void testIpSecServiceCreate() throws InterruptedException { IpSecService ipSecSrv = IpSecService.create(mMockContext); IpSecService ipSecSrv = IpSecService.create(mMockContext, mMockNetworkManager); assertNotNull(ipSecSrv); } Loading Loading @@ -604,8 +607,8 @@ public class IpSecServiceTest { @Test public void testOpenUdpEncapSocketTagsSocket() throws Exception { IpSecService.UidFdTagger mockTagger = mock(IpSecService.UidFdTagger.class); IpSecService testIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig, mockTagger); IpSecService testIpSecService = new IpSecService( mMockContext, mMockNetworkManager, mMockIpSecSrvConfig, mockTagger); IpSecUdpEncapResponse udpEncapResp = testIpSecService.openUdpEncapsulationSocket(0, new Binder()); Loading
