Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3de24326 authored by Cody Kesting's avatar Cody Kesting
Browse files

Clear UIDs when sharing NetworkCapabilties for ConnectivityDiagnostics. 

ConnectivityDiagnostics shares NetworkCapabilities in
ConnectivityReports and DataStallReports. These NetworkCapabilities need
to have their UIDs scrubbed before they are shared with callbacks.

Bug: 148942124
Test: atest FrameworksNetTests
Change-Id: I5bde5a8116f7e36b8f4de49adf4cab8ec45a5aa4
parent f00c5483

services/core/java/com/android/server/ConnectivityService.java

+14 −2
Original line number Diff line number Diff line
@@ -7832,12 +7832,15 @@ public class ConnectivityService extends IConnectivityManager.Stub 
    private void handleNetworkTestedWithExtras(

            @NonNull ConnectivityReportEvent reportEvent, @NonNull PersistableBundle extras) {

        final NetworkAgentInfo nai = reportEvent.mNai;

        final NetworkCapabilities networkCapabilities =

                new NetworkCapabilities(nai.networkCapabilities);

        clearNetworkCapabilitiesUids(networkCapabilities);

        final ConnectivityReport report =

                new ConnectivityReport(

                        reportEvent.mNai.network,

                        reportEvent.mTimestampMillis,

                        nai.linkProperties,

                        nai.networkCapabilities,

                        networkCapabilities,

                        extras);

        final List<IConnectivityDiagnosticsCallback> results =

                getMatchingPermissionedCallbacks(nai);
@@ -7853,13 +7856,16 @@ public class ConnectivityService extends IConnectivityManager.Stub 
    private void handleDataStallSuspected(

            @NonNull NetworkAgentInfo nai, long timestampMillis, int detectionMethod,

            @NonNull PersistableBundle extras) {

        final NetworkCapabilities networkCapabilities =

                new NetworkCapabilities(nai.networkCapabilities);

        clearNetworkCapabilitiesUids(networkCapabilities);

        final DataStallReport report =

                new DataStallReport(

                        nai.network,

                        timestampMillis,

                        detectionMethod,

                        nai.linkProperties,

                        nai.networkCapabilities,

                        networkCapabilities,

                        extras);

        final List<IConnectivityDiagnosticsCallback> results =

                getMatchingPermissionedCallbacks(nai);
@@ -7885,6 +7891,12 @@ public class ConnectivityService extends IConnectivityManager.Stub 
        }

    }



    private void clearNetworkCapabilitiesUids(@NonNull NetworkCapabilities nc) {

        nc.setUids(null);

        nc.setAdministratorUids(Collections.EMPTY_LIST);

        nc.setOwnerUid(Process.INVALID_UID);

    }



    private List<IConnectivityDiagnosticsCallback> getMatchingPermissionedCallbacks(

            @NonNull NetworkAgentInfo nai) {

        final List<IConnectivityDiagnosticsCallback> results = new ArrayList<>();

tests/net/java/com/android/server/ConnectivityServiceTest.java

+15 −5
Original line number Diff line number Diff line
@@ -23,8 +23,6 @@ import static android.content.pm.PackageManager.GET_PERMISSIONS; 
import static android.content.pm.PackageManager.MATCH_ANY_USER;

import static android.content.pm.PackageManager.PERMISSION_DENIED;

import static android.content.pm.PackageManager.PERMISSION_GRANTED;

import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport;

import static android.net.ConnectivityDiagnosticsManager.DataStallReport;

import static android.net.ConnectivityManager.ACTION_CAPTIVE_PORTAL_SIGN_IN;

import static android.net.ConnectivityManager.CONNECTIVITY_ACTION;

import static android.net.ConnectivityManager.CONNECTIVITY_ACTION_SUPL;
@@ -100,6 +98,7 @@ import static org.junit.Assert.assertTrue; 
import static org.junit.Assert.fail;

import static org.mockito.ArgumentMatchers.anyLong;

import static org.mockito.ArgumentMatchers.anyString;

import static org.mockito.ArgumentMatchers.argThat;

import static org.mockito.ArgumentMatchers.eq;

import static org.mockito.ArgumentMatchers.startsWith;

import static org.mockito.Matchers.anyInt;
@@ -6840,8 +6839,13 @@ public class ConnectivityServiceTest { 
        HandlerUtilsKt.waitForIdle(mCsHandlerThread, TIMEOUT_MS);



        // Verify onConnectivityReport fired

        verify(mConnectivityDiagnosticsCallback)

                .onConnectivityReport(any(ConnectivityReport.class));

        verify(mConnectivityDiagnosticsCallback).onConnectivityReport(

                argThat(report -> {

                    final NetworkCapabilities nc = report.getNetworkCapabilities();

                    return nc.getUids() == null

                            && nc.getAdministratorUids().isEmpty()

                            && nc.getOwnerUid() == Process.INVALID_UID;

                }));

    }



    @Test
@@ -6856,7 +6860,13 @@ public class ConnectivityServiceTest { 
        HandlerUtilsKt.waitForIdle(mCsHandlerThread, TIMEOUT_MS);



        // Verify onDataStallSuspected fired

        verify(mConnectivityDiagnosticsCallback).onDataStallSuspected(any(DataStallReport.class));

        verify(mConnectivityDiagnosticsCallback).onDataStallSuspected(

                argThat(report -> {

                    final NetworkCapabilities nc = report.getNetworkCapabilities();

                    return nc.getUids() == null

                            && nc.getAdministratorUids().isEmpty()

                            && nc.getOwnerUid() == Process.INVALID_UID;

                }));

    }



    @Test