Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 364b846e authored by Aaron Huang's avatar Aaron Huang Committed by Automerger Merge Worker
Browse files

Merge "Refactor IpSecServiceConfiguration to Dependencies" am: 033ccab2 am:... 

Merge "Refactor IpSecServiceConfiguration to Dependencies" am: 033ccab2 am: ec882c67 am: 94f55de9

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1903977

Change-Id: If6cbecd0b69bad0b15fb922da2c6bdc3673e0559
parents 922fdc6d 94f55de9

packages/ConnectivityT/service/src/com/android/server/IpSecService.java

+54 −45
Original line number Diff line number Diff line
@@ -119,6 +119,7 @@ public class IpSecService extends IIpSecService.Stub { 


    /* Binder context for this service */

    private final Context mContext;

    private final Dependencies mDeps;



    /**

     * The next non-repeating global ID for tracking resources between users, this service, and
@@ -129,23 +130,24 @@ public class IpSecService extends IIpSecService.Stub { 
    @GuardedBy("IpSecService.this")

    private int mNextResourceId = 1;



    interface IpSecServiceConfiguration {

        INetd getNetdInstance() throws RemoteException;



        IpSecServiceConfiguration GETSRVINSTANCE =

                new IpSecServiceConfiguration() {

                    @Override

                    public INetd getNetdInstance() throws RemoteException {

                        final INetd netd = NetdService.getInstance();

    /**

     * Dependencies of IpSecService, for injection in tests.

     */

    @VisibleForTesting

    public static class Dependencies {

        /**

         * Get a reference to INetd.

         */

        public INetd getNetdInstance(Context context) throws RemoteException {

            final INetd netd = INetd.Stub.asInterface((IBinder)

                    context.getSystemService(Context.NETD_SERVICE));

            if (netd == null) {

                throw new RemoteException("Failed to Get Netd Instance");

            }

            return netd;

        }

                };

    }



    private final IpSecServiceConfiguration mSrvConfig;

    final UidFdTagger mUidFdTagger;



    /**
@@ -625,8 +627,8 @@ public class IpSecService extends IIpSecService.Stub { 
        public void freeUnderlyingResources() {

            int spi = mSpi.getSpi();

            try {

                mSrvConfig

                        .getNetdInstance()

                mDeps

                        .getNetdInstance(mContext)

                        .ipSecDeleteSecurityAssociation(

                                mUid,

                                mConfig.getSourceAddress(),
@@ -678,11 +680,14 @@ public class IpSecService extends IIpSecService.Stub { 
        private final String mSourceAddress;

        private final String mDestinationAddress;

        private int mSpi;

        private final Context mContext;



        private boolean mOwnedByTransform = false;



        SpiRecord(int resourceId, String sourceAddress, String destinationAddress, int spi) {

        SpiRecord(Context context, int resourceId, String sourceAddress,

                String destinationAddress, int spi) {

            super(resourceId);

            mContext = context;

            mSourceAddress = sourceAddress;

            mDestinationAddress = destinationAddress;

            mSpi = spi;
@@ -693,8 +698,8 @@ public class IpSecService extends IIpSecService.Stub { 
        public void freeUnderlyingResources() {

            try {

                if (!mOwnedByTransform) {

                    mSrvConfig

                            .getNetdInstance()

                    mDeps

                            .getNetdInstance(mContext)

                            .ipSecDeleteSecurityAssociation(

                                    mUid, mSourceAddress, mDestinationAddress, mSpi, 0 /* mark */,

                                    0 /* mask */, 0 /* if_id */);
@@ -816,8 +821,10 @@ public class IpSecService extends IIpSecService.Stub { 
        private final int mIfId;



        private Network mUnderlyingNetwork;

        private final Context mContext;



        TunnelInterfaceRecord(

                Context context,

                int resourceId,

                String interfaceName,

                Network underlyingNetwork,
@@ -828,6 +835,7 @@ public class IpSecService extends IIpSecService.Stub { 
                int intfId) {

            super(resourceId);



            mContext = context;

            mInterfaceName = interfaceName;

            mUnderlyingNetwork = underlyingNetwork;

            mLocalAddress = localAddr;
@@ -844,7 +852,7 @@ public class IpSecService extends IIpSecService.Stub { 
            //       Teardown VTI

            //       Delete global policies

            try {

                final INetd netd = mSrvConfig.getNetdInstance();

                final INetd netd = mDeps.getNetdInstance(mContext);

                netd.ipSecRemoveTunnelInterface(mInterfaceName);



                for (int selAddrFamily : ADDRESS_FAMILIES) {
@@ -1012,7 +1020,7 @@ public class IpSecService extends IIpSecService.Stub { 
     * @param context Binder context for this service

     */

    private IpSecService(Context context) {

        this(context, IpSecServiceConfiguration.GETSRVINSTANCE);

        this(context, new Dependencies());

    }



    static IpSecService create(Context context)
@@ -1031,10 +1039,10 @@ public class IpSecService extends IIpSecService.Stub { 


    /** @hide */

    @VisibleForTesting

    public IpSecService(Context context, IpSecServiceConfiguration config) {

    public IpSecService(Context context, Dependencies deps) {

        this(

                context,

                config,

                deps,

                (fd, uid) -> {

                    try {

                        TrafficStats.setThreadStatsUid(uid);
@@ -1047,10 +1055,9 @@ public class IpSecService extends IIpSecService.Stub { 


    /** @hide */

    @VisibleForTesting

    public IpSecService(Context context, IpSecServiceConfiguration config,

            UidFdTagger uidFdTagger) {

    public IpSecService(Context context, Dependencies deps, UidFdTagger uidFdTagger) {

        mContext = context;

        mSrvConfig = config;

        mDeps = deps;

        mUidFdTagger = uidFdTagger;

    }
@@ -1077,7 +1084,7 @@ public class IpSecService extends IIpSecService.Stub { 


    synchronized boolean isNetdAlive() {

        try {

            final INetd netd = mSrvConfig.getNetdInstance();

            final INetd netd = mDeps.getNetdInstance(mContext);

            if (netd == null) {

                return false;

            }
@@ -1143,14 +1150,15 @@ public class IpSecService extends IIpSecService.Stub { 
            }



            spi =

                    mSrvConfig

                            .getNetdInstance()

                    mDeps

                            .getNetdInstance(mContext)

                            .ipSecAllocateSpi(callingUid, "", destinationAddress, requestedSpi);

            Log.d(TAG, "Allocated SPI " + spi);

            userRecord.mSpiRecords.put(

                    resourceId,

                    new RefcountedResource<SpiRecord>(

                            new SpiRecord(resourceId, "", destinationAddress, spi), binder));

                            new SpiRecord(mContext, resourceId, "",

                            destinationAddress, spi), binder));

        } catch (ServiceSpecificException e) {

            if (e.errorCode == OsConstants.ENOENT) {

                return new IpSecSpiResponse(
@@ -1267,7 +1275,7 @@ public class IpSecService extends IIpSecService.Stub { 
                    OsConstants.UDP_ENCAP,

                    OsConstants.UDP_ENCAP_ESPINUDP);



            mSrvConfig.getNetdInstance().ipSecSetEncapSocketOwner(

            mDeps.getNetdInstance(mContext).ipSecSetEncapSocketOwner(

                        new ParcelFileDescriptor(sockFd), callingUid);

            if (port != 0) {

                Log.v(TAG, "Binding to port " + port);
@@ -1330,7 +1338,7 @@ public class IpSecService extends IIpSecService.Stub { 
            //       Create VTI

            //       Add inbound/outbound global policies

            //              (use reqid = 0)

            final INetd netd = mSrvConfig.getNetdInstance();

            final INetd netd = mDeps.getNetdInstance(mContext);

            netd.ipSecAddTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey, resourceId);



            BinderUtils.withCleanCallingIdentity(() -> {
@@ -1385,6 +1393,7 @@ public class IpSecService extends IIpSecService.Stub { 
                    resourceId,

                    new RefcountedResource<TunnelInterfaceRecord>(

                            new TunnelInterfaceRecord(

                                    mContext,

                                    resourceId,

                                    intfName,

                                    underlyingNetwork,
@@ -1426,8 +1435,8 @@ public class IpSecService extends IIpSecService.Stub { 
        try {

            // We can assume general validity of the IP address, since we get them as a

            // LinkAddress, which does some validation.

            mSrvConfig

                    .getNetdInstance()

            mDeps

                    .getNetdInstance(mContext)

                    .interfaceAddAddress(

                            tunnelInterfaceInfo.mInterfaceName,

                            localAddr.getAddress().getHostAddress(),
@@ -1455,8 +1464,8 @@ public class IpSecService extends IIpSecService.Stub { 
        try {

            // We can assume general validity of the IP address, since we get them as a

            // LinkAddress, which does some validation.

            mSrvConfig

                    .getNetdInstance()

            mDeps

                    .getNetdInstance(mContext)

                    .interfaceDelAddress(

                            tunnelInterfaceInfo.mInterfaceName,

                            localAddr.getAddress().getHostAddress(),
@@ -1670,8 +1679,8 @@ public class IpSecService extends IIpSecService.Stub { 
            cryptName = crypt.getName();

        }



        mSrvConfig

                .getNetdInstance()

        mDeps

                .getNetdInstance(mContext)

                .ipSecAddSecurityAssociation(

                        Binder.getCallingUid(),

                        c.getMode(),
@@ -1782,8 +1791,8 @@ public class IpSecService extends IIpSecService.Stub { 
                c.getMode() == IpSecTransform.MODE_TRANSPORT,

                "Transform mode was not Transport mode; cannot be applied to a socket");



        mSrvConfig

                .getNetdInstance()

        mDeps

                .getNetdInstance(mContext)

                .ipSecApplyTransportModeTransform(

                        socket,

                        callingUid,
@@ -1802,8 +1811,8 @@ public class IpSecService extends IIpSecService.Stub { 
    @Override

    public synchronized void removeTransportModeTransforms(ParcelFileDescriptor socket)

            throws RemoteException {

        mSrvConfig

                .getNetdInstance()

        mDeps

                .getNetdInstance(mContext)

                .ipSecRemoveTransportModeTransform(socket);

    }
@@ -1879,8 +1888,8 @@ public class IpSecService extends IIpSecService.Stub { 


            // Always update the policy with the relevant XFRM_IF_ID

            for (int selAddrFamily : ADDRESS_FAMILIES) {

                mSrvConfig

                        .getNetdInstance()

                mDeps

                        .getNetdInstance(mContext)

                        .ipSecUpdateSecurityPolicy(

                                callingUid,

                                selAddrFamily,