From 145b425facf02f5494df7c749f12f46d35d44eb6 Mon Sep 17 00:00:00 2001 From: Benedict Wong Date: Thu, 18 Jan 2018 18:31:45 -0800 Subject: [PATCH] Add TunnelInterface API and KernelResourceRecords This change adds one KernelResourceRecord type (TunnelInterfaceRecord), and adds methods for the creation of TunnelInterfaces, as well as the application of Transforms to the given TunnelInterfaces As part of the generation of ikeys/okeys, a ReserveKeyTracker manages a java bitset to avoid collisions and reserve/release keys. Bug: 63588681 Test: Compiles, CTS, unit tests all pass on AOSP_marlin Change-Id: I9e9b6455e27073acd4491eae666aa966b3b10e0f --- .../android/server/ConnectivityService.java | 4 ++-- .../com/android/server/IpSecServiceTest.java | 21 +++++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 6dbf53850e..bff5c10d4e 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -456,8 +456,8 @@ public class ConnectivityService extends IConnectivityManager.Stub private LingerMonitor mLingerMonitor; // sequence number for Networks; keep in sync with system/netd/NetworkController.cpp - private final static int MIN_NET_ID = 100; // some reserved marks - private final static int MAX_NET_ID = 65535; + private static final int MIN_NET_ID = 100; // some reserved marks + private static final int MAX_NET_ID = 65535 - 0x0400; // Top 1024 bits reserved by IpSecService private int mNextNetId = MIN_NET_ID; // sequence number of NetworkRequests diff --git a/tests/net/java/com/android/server/IpSecServiceTest.java b/tests/net/java/com/android/server/IpSecServiceTest.java index a375b600ca..2c94a601fb 100644 --- a/tests/net/java/com/android/server/IpSecServiceTest.java +++ b/tests/net/java/com/android/server/IpSecServiceTest.java @@ -635,4 +635,25 @@ public class IpSecServiceTest { verify(mMockNetd).ipSecSetEncapSocketOwner(argThat(fdMatcher), eq(Os.getuid())); mIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId); } + + @Test + public void testReserveNetId() { + int start = mIpSecService.TUN_INTF_NETID_START; + for (int i = 0; i < mIpSecService.TUN_INTF_NETID_RANGE; i++) { + assertEquals(start + i, mIpSecService.reserveNetId()); + } + + // Check that resource exhaustion triggers an exception + try { + mIpSecService.reserveNetId(); + fail("Did not throw error for all netIds reserved"); + } catch (IllegalStateException expected) { + } + + // Now release one and try again + int releasedNetId = + mIpSecService.TUN_INTF_NETID_START + mIpSecService.TUN_INTF_NETID_RANGE / 2; + mIpSecService.releaseNetId(releasedNetId); + assertEquals(releasedNetId, mIpSecService.reserveNetId()); + } }