Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fd57083e authored by Cody Kesting's avatar Cody Kesting
Browse files

Create test-mode for VcnConfig. 

This CL creates a test-mode for VcnConfig so that they will only
match with Test Networks. This is necessary for CTS testing so
that VCNs can run on test networks and IKE negotiations can be
injected over the Test Networks.

Bug: 182291467
Test: atest FrameworksVcnTests CtsVcnTestCases
Change-Id: I5cc340e5aaa34c5de8efafa52de49185a18d4bd3
parent 92959d67

core/java/android/net/vcn/VcnConfig.java

+39 −4
Original line number Diff line number Diff line
@@ -52,12 +52,17 @@ public final class VcnConfig implements Parcelable { 
    private static final String GATEWAY_CONNECTION_CONFIGS_KEY = "mGatewayConnectionConfigs";

    @NonNull private final Set<VcnGatewayConnectionConfig> mGatewayConnectionConfigs;



    private static final String IS_TEST_MODE_PROFILE_KEY = "mIsTestModeProfile";

    private final boolean mIsTestModeProfile;



    private VcnConfig(

            @NonNull String packageName,

            @NonNull Set<VcnGatewayConnectionConfig> gatewayConnectionConfigs) {

            @NonNull Set<VcnGatewayConnectionConfig> gatewayConnectionConfigs,

            boolean isTestModeProfile) {

        mPackageName = packageName;

        mGatewayConnectionConfigs =

                Collections.unmodifiableSet(new ArraySet<>(gatewayConnectionConfigs));

        mIsTestModeProfile = isTestModeProfile;



        validate();

    }
@@ -77,6 +82,7 @@ public final class VcnConfig implements Parcelable { 
                new ArraySet<>(

                        PersistableBundleUtils.toList(

                                gatewayConnectionConfigsBundle, VcnGatewayConnectionConfig::new));

        mIsTestModeProfile = in.getBoolean(IS_TEST_MODE_PROFILE_KEY);



        validate();

    }
@@ -103,6 +109,15 @@ public final class VcnConfig implements Parcelable { 
        return Collections.unmodifiableSet(mGatewayConnectionConfigs);

    }



    /**

     * Returns whether or not this VcnConfig is restricted to test networks.

     *

     * @hide

     */

    public boolean isTestModeProfile() {

        return mIsTestModeProfile;

    }



    /**

     * Serializes this object to a PersistableBundle.

     *
@@ -119,13 +134,14 @@ public final class VcnConfig implements Parcelable { 
                        new ArrayList<>(mGatewayConnectionConfigs),

                        VcnGatewayConnectionConfig::toPersistableBundle);

        result.putPersistableBundle(GATEWAY_CONNECTION_CONFIGS_KEY, gatewayConnectionConfigsBundle);

        result.putBoolean(IS_TEST_MODE_PROFILE_KEY, mIsTestModeProfile);



        return result;

    }



    @Override

    public int hashCode() {

        return Objects.hash(mPackageName, mGatewayConnectionConfigs);

        return Objects.hash(mPackageName, mGatewayConnectionConfigs, mIsTestModeProfile);

    }



    @Override
@@ -136,7 +152,8 @@ public final class VcnConfig implements Parcelable { 


        final VcnConfig rhs = (VcnConfig) other;

        return mPackageName.equals(rhs.mPackageName)

                && mGatewayConnectionConfigs.equals(rhs.mGatewayConnectionConfigs);

                && mGatewayConnectionConfigs.equals(rhs.mGatewayConnectionConfigs)

                && mIsTestModeProfile == rhs.mIsTestModeProfile;

    }



    // Parcelable methods
@@ -172,6 +189,8 @@ public final class VcnConfig implements Parcelable { 
        @NonNull

        private final Set<VcnGatewayConnectionConfig> mGatewayConnectionConfigs = new ArraySet<>();



        private boolean mIsTestModeProfile = false;



        public Builder(@NonNull Context context) {

            Objects.requireNonNull(context, "context was null");
@@ -206,6 +225,22 @@ public final class VcnConfig implements Parcelable { 
            return this;

        }



        /**

         * Restricts this VcnConfig to matching with test networks (only).

         *

         * <p>This method is for testing only, and must not be used by apps. Calling {@link

         * VcnManager#setVcnConfig(ParcelUuid, VcnConfig)} with a VcnConfig where test-network usage

         * is enabled will require the MANAGE_TEST_NETWORKS permission.

         *

         * @return this {@link Builder} instance, for chaining

         * @hide

         */

        @NonNull

        public Builder setIsTestModeProfile() {

            mIsTestModeProfile = true;

            return this;

        }



        /**

         * Builds and validates the VcnConfig.

         *
@@ -213,7 +248,7 @@ public final class VcnConfig implements Parcelable { 
         */

        @NonNull

        public VcnConfig build() {

            return new VcnConfig(mPackageName, mGatewayConnectionConfigs);

            return new VcnConfig(mPackageName, mGatewayConnectionConfigs, mIsTestModeProfile);

        }

    }

}

services/core/java/com/android/server/VcnManagementService.java

+9 −0
Original line number Diff line number Diff line
@@ -421,6 +421,14 @@ public class VcnManagementService extends IVcnManagementService.Stub { 
                "Carrier privilege required for subscription group to set VCN Config");

    }



    private void enforceManageTestNetworksForTestMode(@NonNull VcnConfig vcnConfig) {

        if (vcnConfig.isTestModeProfile()) {

            mContext.enforceCallingPermission(

                    android.Manifest.permission.MANAGE_TEST_NETWORKS,

                    "Test-mode require the MANAGE_TEST_NETWORKS permission");

        }

    }



    private class VcnSubscriptionTrackerCallback implements TelephonySubscriptionTrackerCallback {

        /**

         * Handles subscription group changes, as notified by {@link TelephonySubscriptionTracker}
@@ -588,6 +596,7 @@ public class VcnManagementService extends IVcnManagementService.Stub { 


        mContext.getSystemService(AppOpsManager.class)

                .checkPackage(mDeps.getBinderCallingUid(), config.getProvisioningPackageName());

        enforceManageTestNetworksForTestMode(config);

        enforceCallingUserAndCarrierPrivilege(subscriptionGroup, opPkgName);



        Binder.withCleanCallingIdentity(() -> {

tests/vcn/java/com/android/server/VcnManagementServiceTest.java

+23 −0
Original line number Diff line number Diff line
@@ -66,6 +66,7 @@ import android.net.vcn.IVcnStatusCallback; 
import android.net.vcn.IVcnUnderlyingNetworkPolicyListener;

import android.net.vcn.VcnConfig;

import android.net.vcn.VcnConfigTest;

import android.net.vcn.VcnGatewayConnectionConfigTest;

import android.net.vcn.VcnManager;

import android.net.vcn.VcnUnderlyingNetworkPolicy;

import android.os.IBinder;
@@ -527,6 +528,28 @@ public class VcnManagementServiceTest { 
        verify(mConfigReadWriteHelper).writeToDisk(any(PersistableBundle.class));

    }



    @Test

    public void testSetVcnConfigTestModeRequiresPermission() throws Exception {

        doThrow(new SecurityException("Requires MANAGE_TEST_NETWORKS"))

                .when(mMockContext)

                .enforceCallingPermission(

                        eq(android.Manifest.permission.MANAGE_TEST_NETWORKS), any());



        final VcnConfig vcnConfig =

                new VcnConfig.Builder(mMockContext)

                        .addGatewayConnectionConfig(

                                VcnGatewayConnectionConfigTest.buildTestConfig())

                        .setIsTestModeProfile()

                        .build();



        try {

            mVcnMgmtSvc.setVcnConfig(TEST_UUID_2, vcnConfig, TEST_PACKAGE_NAME);

            fail("Expected exception due to using test-mode without permission");

        } catch (SecurityException e) {

            verify(mMockPolicyListener, never()).onPolicyChanged();

        }

    }



    @Test

    public void testSetVcnConfigNotifiesStatusCallback() throws Exception {

        triggerSubscriptionTrackerCbAndGetSnapshot(Collections.singleton(TEST_UUID_2));