Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d22c7588 authored by Lorenzo Colitti's avatar Lorenzo Colitti
Browse files

Test a bug with NETWORK_SETTINGS+registerDefaultNetworkCallback. 

Currently, if a process with NETWORK_SETTINGS registers a default
network callback, its uid will be ignored and replaced with an
empty list of UIDs. This means it will incorrectly match VPNs
with any UID range.

Add a test for this bug to make it easier to review the upcoming
change that fixes it.

Bug: 165835257
Test: test-only change
Change-Id: If58524b01fdd60045fb7236d17dedf31fb563f99
parent cfa02cd6

tests/net/java/com/android/server/ConnectivityServiceTest.java

+17 −0
Original line number Diff line number Diff line
@@ -7487,6 +7487,9 @@ public class ConnectivityServiceTest { 
        final NetworkRequest vpnUidRequest = new NetworkRequest.Builder().build();

        registerNetworkCallbackAsUid(vpnUidRequest, vpnUidCallback, VPN_UID);













        final TestNetworkCallback vpnUidDefaultCallback = new TestNetworkCallback();













        registerDefaultNetworkCallbackAsUid(vpnUidDefaultCallback, VPN_UID);



























        final int uid = Process.myUid();















        final int userId = UserHandle.getUserId(uid);















        final ArrayList<String> allowList = new ArrayList<>();









@@ -7505,6 +7508,7 @@ public class ConnectivityServiceTest {













        callback.expectAvailableCallbacksUnvalidatedAndBlocked(mWiFiNetworkAgent);















        defaultCallback.expectAvailableCallbacksUnvalidatedAndBlocked(mWiFiNetworkAgent);















        vpnUidCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);













        vpnUidDefaultCallback.expectAvailableCallbacksUnvalidated(mWiFiNetworkAgent);















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(VPN_UID));















        assertNull(mCm.getActiveNetwork());















        assertActiveNetworkInfo(TYPE_WIFI, DetailedState.BLOCKED);









@@ -7517,6 +7521,7 @@ public class ConnectivityServiceTest {













        callback.expectBlockedStatusCallback(false, mWiFiNetworkAgent);















        defaultCallback.expectBlockedStatusCallback(false, mWiFiNetworkAgent);















        vpnUidCallback.assertNoCallback();













        vpnUidDefaultCallback.assertNoCallback();















        expectNetworkRejectNonSecureVpn(inOrder, false, firstHalf, secondHalf);















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(VPN_UID));















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetwork());









@@ -7531,6 +7536,7 @@ public class ConnectivityServiceTest {













        callback.assertNoCallback();















        defaultCallback.assertNoCallback();















        vpnUidCallback.assertNoCallback();













        vpnUidDefaultCallback.assertNoCallback();





























        // The following requires that the UID of this test package is greater than VPN_UID. This















        // is always true in practice because a plain AOSP build with no apps installed has almost









@@ -7551,6 +7557,7 @@ public class ConnectivityServiceTest {













        callback.expectAvailableCallbacksUnvalidated(mCellNetworkAgent);















        defaultCallback.assertNoCallback();















        vpnUidCallback.expectAvailableCallbacksUnvalidated(mCellNetworkAgent);













        vpnUidDefaultCallback.assertNoCallback();















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(VPN_UID));















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetwork());















        assertActiveNetworkInfo(TYPE_WIFI, DetailedState.CONNECTED);









@@ -7571,6 +7578,7 @@ public class ConnectivityServiceTest {













        defaultCallback.expectBlockedStatusCallback(true, mWiFiNetworkAgent);















        assertBlockedCallbackInAnyOrder(callback, true, mWiFiNetworkAgent, mCellNetworkAgent);















        vpnUidCallback.assertNoCallback();













        vpnUidDefaultCallback.assertNoCallback();















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(VPN_UID));















        assertNull(mCm.getActiveNetwork());















        assertActiveNetworkInfo(TYPE_WIFI, DetailedState.BLOCKED);









@@ -7582,6 +7590,7 @@ public class ConnectivityServiceTest {













        defaultCallback.expectBlockedStatusCallback(false, mWiFiNetworkAgent);















        assertBlockedCallbackInAnyOrder(callback, false, mWiFiNetworkAgent, mCellNetworkAgent);















        vpnUidCallback.assertNoCallback();













        vpnUidDefaultCallback.assertNoCallback();















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(VPN_UID));















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetwork());















        assertActiveNetworkInfo(TYPE_WIFI, DetailedState.CONNECTED);









@@ -7596,6 +7605,7 @@ public class ConnectivityServiceTest {













        callback.assertNoCallback();















        defaultCallback.assertNoCallback();















        vpnUidCallback.assertNoCallback();













        vpnUidDefaultCallback.assertNoCallback();















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(VPN_UID));















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetwork());















        assertActiveNetworkInfo(TYPE_WIFI, DetailedState.CONNECTED);









@@ -7607,6 +7617,7 @@ public class ConnectivityServiceTest {













        callback.assertNoCallback();















        defaultCallback.assertNoCallback();















        vpnUidCallback.assertNoCallback();













        vpnUidDefaultCallback.assertNoCallback();















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(VPN_UID));















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetwork());















        assertActiveNetworkInfo(TYPE_WIFI, DetailedState.CONNECTED);









@@ -7619,6 +7630,7 @@ public class ConnectivityServiceTest {













        defaultCallback.expectBlockedStatusCallback(true, mWiFiNetworkAgent);















        assertBlockedCallbackInAnyOrder(callback, true, mWiFiNetworkAgent, mCellNetworkAgent);















        vpnUidCallback.assertNoCallback();













        vpnUidDefaultCallback.assertNoCallback();















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(VPN_UID));















        assertNull(mCm.getActiveNetwork());















        assertActiveNetworkInfo(TYPE_WIFI, DetailedState.BLOCKED);









@@ -7629,6 +7641,8 @@ public class ConnectivityServiceTest {













        assertUidRangesUpdatedForMyUid(true);















        defaultCallback.expectAvailableThenValidatedCallbacks(mMockVpn);















        vpnUidCallback.assertNoCallback();  // vpnUidCallback has NOT_VPN capability.













        // TODO: this is a bug. The VPN does not apply to VPN_UID.













        vpnUidDefaultCallback.expectAvailableThenValidatedCallbacks(mMockVpn);















        assertEquals(mMockVpn.getNetwork(), mCm.getActiveNetwork());















        assertEquals(mWiFiNetworkAgent.getNetwork(), mCm.getActiveNetworkForUid(VPN_UID));















        assertActiveNetworkInfo(TYPE_WIFI, DetailedState.CONNECTED);









@@ -7639,11 +7653,14 @@ public class ConnectivityServiceTest {













        mMockVpn.disconnect();















        defaultCallback.expectCallback(CallbackEntry.LOST, mMockVpn);















        defaultCallback.expectAvailableCallbacksUnvalidatedAndBlocked(mWiFiNetworkAgent);













        vpnUidCallback.assertNoCallback();













        vpnUidDefaultCallback.expectCallback(CallbackEntry.LOST, mMockVpn);  // BUG!















        assertNull(mCm.getActiveNetwork());





























        mCm.unregisterNetworkCallback(callback);















        mCm.unregisterNetworkCallback(defaultCallback);















        mCm.unregisterNetworkCallback(vpnUidCallback);













        mCm.unregisterNetworkCallback(vpnUidDefaultCallback);















    }





























    private void setupLegacyLockdownVpn() {