Merge "Add xfrm mark in IpSecConfig" am: 73f79ceae9 am: 4077e802ad (e65d8141) · Commits · e / os / android_frameworks_base

core/java/android/net/IpSecConfig.java

+31 −1

Original line number	Diff line number	Diff line
		@@ -65,6 +65,10 @@ public final class IpSecConfig implements Parcelable {
		// An interval, in seconds between the NattKeepalive packets
		private int mNattKeepaliveInterval;

		// XFRM mark and mask
		private int mMarkValue;
		private int mMarkMask;

		/** Set the mode for this IPsec transform */
		public void setMode(int mode) {
		mMode = mode;
		@@ -121,6 +125,14 @@ public final class IpSecConfig implements Parcelable {
		mNattKeepaliveInterval = interval;
		}

		public void setMarkValue(int mark) {
		mMarkValue = mark;
		}

		public void setMarkMask(int mask) {
		mMarkMask = mask;
		}

		// Transport or Tunnel
		public int getMode() {
		return mMode;
		@@ -170,6 +182,14 @@ public final class IpSecConfig implements Parcelable {
		return mNattKeepaliveInterval;
		}

		public int getMarkValue() {
		return mMarkValue;
		}

		public int getMarkMask() {
		return mMarkMask;
		}

		// Parcelable Methods

		@Override
		@@ -191,6 +211,8 @@ public final class IpSecConfig implements Parcelable {
		out.writeInt(mEncapSocketResourceId);
		out.writeInt(mEncapRemotePort);
		out.writeInt(mNattKeepaliveInterval);
		out.writeInt(mMarkValue);
		out.writeInt(mMarkMask);
		}

		@VisibleForTesting
		@@ -212,6 +234,8 @@ public final class IpSecConfig implements Parcelable {
		mEncapSocketResourceId = in.readInt();
		mEncapRemotePort = in.readInt();
		mNattKeepaliveInterval = in.readInt();
		mMarkValue = in.readInt();
		mMarkMask = in.readInt();
		}

		@Override
		@@ -242,6 +266,10 @@ public final class IpSecConfig implements Parcelable {
		.append(mAuthentication)
		.append(", mAuthenticatedEncryption=")
		.append(mAuthenticatedEncryption)
		.append(", mMarkValue=")
		.append(mMarkValue)
		.append(", mMarkMask=")
		.append(mMarkMask)
		.append("}");

		return strBuilder.toString();
		@@ -275,6 +303,8 @@ public final class IpSecConfig implements Parcelable {
		&& IpSecAlgorithm.equals(lhs.mEncryption, rhs.mEncryption)
		&& IpSecAlgorithm.equals(
		lhs.mAuthenticatedEncryption, rhs.mAuthenticatedEncryption)
		&& IpSecAlgorithm.equals(lhs.mAuthentication, rhs.mAuthentication));
		&& IpSecAlgorithm.equals(lhs.mAuthentication, rhs.mAuthentication)
		&& lhs.mMarkValue == rhs.mMarkValue
		&& lhs.mMarkMask == rhs.mMarkMask);
		}
		}

services/core/java/com/android/server/IpSecService.java

+6 −2

Original line number	Diff line number	Diff line
		@@ -594,7 +594,9 @@ public class IpSecService extends IIpSecService.Stub {
		mResourceId,
		mConfig.getSourceAddress(),
		mConfig.getDestinationAddress(),
		spi);
		spi,
		mConfig.getMarkValue(),
		mConfig.getMarkMask());
		} catch (ServiceSpecificException e) {
		// FIXME: get the error code and throw is at an IOException from Errno Exception
		} catch (RemoteException e) {
		@@ -657,7 +659,7 @@ public class IpSecService extends IIpSecService.Stub {
		mSrvConfig
		.getNetdInstance()
		.ipSecDeleteSecurityAssociation(
		mResourceId, mSourceAddress, mDestinationAddress, mSpi);
		mResourceId, mSourceAddress, mDestinationAddress, mSpi, 0, 0);
		} catch (ServiceSpecificException e) {
		// FIXME: get the error code and throw is at an IOException from Errno Exception
		} catch (RemoteException e) {
		@@ -1190,6 +1192,8 @@ public class IpSecService extends IIpSecService.Stub {
		c.getDestinationAddress(),
		(c.getNetwork() != null) ? c.getNetwork().netId : 0,
		spiRecord.getSpi(),
		c.getMarkValue(),
		c.getMarkMask(),
		(auth != null) ? auth.getName() : "",
		(auth != null) ? auth.getKey() : new byte[] {},
		(auth != null) ? auth.getTruncationLengthBits() : 0,

tests/net/java/com/android/server/IpSecServiceParameterizedTest.java

+28 −4

Original line number	Diff line number	Diff line
		@@ -136,7 +136,12 @@ public class IpSecServiceParameterizedTest {

		verify(mMockNetd)
		.ipSecDeleteSecurityAssociation(
		eq(spiResp.resourceId), anyString(), anyString(), eq(TEST_SPI));
		eq(spiResp.resourceId),
		anyString(),
		anyString(),
		eq(TEST_SPI),
		anyInt(),
		anyInt());

		// Verify quota and RefcountedResource objects cleaned up
		IpSecService.UserRecord userRecord =
		@@ -168,7 +173,12 @@ public class IpSecServiceParameterizedTest {

		verify(mMockNetd)
		.ipSecDeleteSecurityAssociation(
		eq(spiResp.resourceId), anyString(), anyString(), eq(TEST_SPI));
		eq(spiResp.resourceId),
		anyString(),
		anyString(),
		eq(TEST_SPI),
		anyInt(),
		anyInt());

		// Verify quota and RefcountedResource objects cleaned up
		assertEquals(0, userRecord.mSpiQuotaTracker.mCurrent);
		@@ -221,6 +231,8 @@ public class IpSecServiceParameterizedTest {
		anyString(),
		anyLong(),
		eq(TEST_SPI),
		anyInt(),
		anyInt(),
		eq(IpSecAlgorithm.AUTH_HMAC_SHA256),
		eq(AUTH_KEY),
		anyInt(),
		@@ -254,6 +266,8 @@ public class IpSecServiceParameterizedTest {
		anyString(),
		anyLong(),
		eq(TEST_SPI),
		anyInt(),
		anyInt(),
		eq(""),
		eq(new byte[] {}),
		eq(0),
		@@ -305,7 +319,12 @@ public class IpSecServiceParameterizedTest {

		verify(mMockNetd)
		.ipSecDeleteSecurityAssociation(
		eq(createTransformResp.resourceId), anyString(), anyString(), eq(TEST_SPI));
		eq(createTransformResp.resourceId),
		anyString(),
		anyString(),
		eq(TEST_SPI),
		anyInt(),
		anyInt());

		// Verify quota and RefcountedResource objects cleaned up
		IpSecService.UserRecord userRecord =
		@@ -339,7 +358,12 @@ public class IpSecServiceParameterizedTest {

		verify(mMockNetd)
		.ipSecDeleteSecurityAssociation(
		eq(createTransformResp.resourceId), anyString(), anyString(), eq(TEST_SPI));
		eq(createTransformResp.resourceId),
		anyString(),
		anyString(),
		eq(TEST_SPI),
		anyInt(),
		anyInt());

		// Verify quota and RefcountedResource objects cleaned up
		assertEquals(0, userRecord.mTransformQuotaTracker.mCurrent);