Loading services/core/java/com/android/server/IpSecService.java +8 −6 Original line number Diff line number Diff line Loading @@ -988,12 +988,6 @@ public class IpSecService extends IIpSecService.Stub { sockFd = Os.socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); mUidFdTagger.tag(sockFd, callingUid); if (port != 0) { Log.v(TAG, "Binding to port " + port); Os.bind(sockFd, INADDR_ANY, port); } else { port = bindToRandomPort(sockFd); } // This code is common to both the unspecified and specified port cases Os.setsockoptInt( sockFd, Loading @@ -1001,6 +995,14 @@ public class IpSecService extends IIpSecService.Stub { OsConstants.UDP_ENCAP, OsConstants.UDP_ENCAP_ESPINUDP); mSrvConfig.getNetdInstance().ipSecSetEncapSocketOwner(sockFd, callingUid); if (port != 0) { Log.v(TAG, "Binding to port " + port); Os.bind(sockFd, INADDR_ANY, port); } else { port = bindToRandomPort(sockFd); } userRecord.mEncapSocketRecords.put( resourceId, new RefcountedResource<EncapSocketRecord>( Loading tests/net/java/com/android/server/IpSecServiceTest.java +22 −0 Original line number Diff line number Diff line Loading @@ -475,4 +475,26 @@ public class IpSecServiceTest { testIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId); udpEncapResp.fileDescriptor.close(); } @Test public void testOpenUdpEncapsulationSocketCallsSetEncapSocketOwner() throws Exception { IpSecUdpEncapResponse udpEncapResp = mIpSecService.openUdpEncapsulationSocket(0, new Binder()); FileDescriptor sockFd = udpEncapResp.fileDescriptor.getFileDescriptor(); ArgumentMatcher<FileDescriptor> fdMatcher = (arg) -> { try { StructStat sockStat = Os.fstat(sockFd); StructStat argStat = Os.fstat(arg); return sockStat.st_ino == argStat.st_ino && sockStat.st_dev == argStat.st_dev; } catch (ErrnoException e) { return false; } }; verify(mMockNetd).ipSecSetEncapSocketOwner(argThat(fdMatcher), eq(Os.getuid())); mIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId); } } Loading
services/core/java/com/android/server/IpSecService.java +8 −6 Original line number Diff line number Diff line Loading @@ -988,12 +988,6 @@ public class IpSecService extends IIpSecService.Stub { sockFd = Os.socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); mUidFdTagger.tag(sockFd, callingUid); if (port != 0) { Log.v(TAG, "Binding to port " + port); Os.bind(sockFd, INADDR_ANY, port); } else { port = bindToRandomPort(sockFd); } // This code is common to both the unspecified and specified port cases Os.setsockoptInt( sockFd, Loading @@ -1001,6 +995,14 @@ public class IpSecService extends IIpSecService.Stub { OsConstants.UDP_ENCAP, OsConstants.UDP_ENCAP_ESPINUDP); mSrvConfig.getNetdInstance().ipSecSetEncapSocketOwner(sockFd, callingUid); if (port != 0) { Log.v(TAG, "Binding to port " + port); Os.bind(sockFd, INADDR_ANY, port); } else { port = bindToRandomPort(sockFd); } userRecord.mEncapSocketRecords.put( resourceId, new RefcountedResource<EncapSocketRecord>( Loading
tests/net/java/com/android/server/IpSecServiceTest.java +22 −0 Original line number Diff line number Diff line Loading @@ -475,4 +475,26 @@ public class IpSecServiceTest { testIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId); udpEncapResp.fileDescriptor.close(); } @Test public void testOpenUdpEncapsulationSocketCallsSetEncapSocketOwner() throws Exception { IpSecUdpEncapResponse udpEncapResp = mIpSecService.openUdpEncapsulationSocket(0, new Binder()); FileDescriptor sockFd = udpEncapResp.fileDescriptor.getFileDescriptor(); ArgumentMatcher<FileDescriptor> fdMatcher = (arg) -> { try { StructStat sockStat = Os.fstat(sockFd); StructStat argStat = Os.fstat(arg); return sockStat.st_ino == argStat.st_ino && sockStat.st_dev == argStat.st_dev; } catch (ErrnoException e) { return false; } }; verify(mMockNetd).ipSecSetEncapSocketOwner(argThat(fdMatcher), eq(Os.getuid())); mIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId); } }
