From 18b00acd92c200066d38f9b46e2702796203134a Mon Sep 17 00:00:00 2001 From: Lorenzo Colitti Date: Tue, 24 Nov 2020 21:44:15 +0900 Subject: [PATCH] Stop calling Vpn#updateCapabilities in CS. Instead, make Vpn#onUserAdded and Vpn#onUserRemoved notify CS of UID range changes through the VPN's NetworkAgent. After this change, ConnectivityService no longer touches the VPN's NetworkCapabilities directly, which is a much cleaner design. Bug: 173331190 Test: passes existing tests in ConnectivityServiceTest Change-Id: If2201f392cdb5f00c89a97683ad4ce6bda7b89e5 --- .../android/server/ConnectivityService.java | 15 ----------- .../server/ConnectivityServiceTest.java | 26 +++---------------- 2 files changed, 3 insertions(+), 38 deletions(-) diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 3361322908..bcd722e633 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -4821,15 +4821,6 @@ public class ConnectivityService extends IConnectivityManager.Stub } } - private void updateVpnCapabilities(Vpn vpn, @Nullable NetworkCapabilities nc) { - ensureRunningOnConnectivityServiceThread(); - NetworkAgentInfo vpnNai = getNetworkAgentInfoForNetId(vpn.getNetId()); - if (vpnNai == null || nc == null) { - return; - } - updateCapabilities(vpnNai.getCurrentScore(), vpnNai, nc); - } - @Override public boolean updateLockdownVpn() { if (Binder.getCallingUid() != Process.SYSTEM_UID) { @@ -5169,28 +5160,22 @@ public class ConnectivityService extends IConnectivityManager.Stub private void onUserAdded(int userId) { mPermissionMonitor.onUserAdded(userId); - Network defaultNetwork = getNetwork(getDefaultNetwork()); synchronized (mVpns) { final int vpnsSize = mVpns.size(); for (int i = 0; i < vpnsSize; i++) { Vpn vpn = mVpns.valueAt(i); vpn.onUserAdded(userId); - NetworkCapabilities nc = vpn.updateCapabilities(defaultNetwork); - updateVpnCapabilities(vpn, nc); } } } private void onUserRemoved(int userId) { mPermissionMonitor.onUserRemoved(userId); - Network defaultNetwork = getNetwork(getDefaultNetwork()); synchronized (mVpns) { final int vpnsSize = mVpns.size(); for (int i = 0; i < vpnsSize; i++) { Vpn vpn = mVpns.valueAt(i); vpn.onUserRemoved(userId); - NetworkCapabilities nc = vpn.updateCapabilities(defaultNetwork); - updateVpnCapabilities(vpn, nc); } } } diff --git a/tests/net/java/com/android/server/ConnectivityServiceTest.java b/tests/net/java/com/android/server/ConnectivityServiceTest.java index 5037553d8a..c54190aa43 100644 --- a/tests/net/java/com/android/server/ConnectivityServiceTest.java +++ b/tests/net/java/com/android/server/ConnectivityServiceTest.java @@ -1058,7 +1058,9 @@ public class ConnectivityServiceTest { public void setUids(Set uids) { mNetworkCapabilities.setUids(uids); - updateCapabilitiesInternal(null /* defaultNetwork */, true); + if (mAgentRegistered) { + mMockNetworkAgent.setNetworkCapabilities(mNetworkCapabilities, true); + } } public void setVpnType(int vpnType) { @@ -1143,28 +1145,6 @@ public class ConnectivityServiceTest { mMockNetworkAgent.sendLinkProperties(lp); } - private NetworkCapabilities updateCapabilitiesInternal(Network defaultNetwork, - boolean sendToConnectivityService) { - if (!mAgentRegistered) return null; - super.updateCapabilities(defaultNetwork); - // Because super.updateCapabilities will update the capabilities of the agent but - // not the mock agent, the mock agent needs to know about them. - copyCapabilitiesToNetworkAgent(sendToConnectivityService); - return new NetworkCapabilities(mNetworkCapabilities); - } - - private void copyCapabilitiesToNetworkAgent(boolean sendToConnectivityService) { - if (null != mMockNetworkAgent) { - mMockNetworkAgent.setNetworkCapabilities(mNetworkCapabilities, - sendToConnectivityService); - } - } - - @Override - public NetworkCapabilities updateCapabilities(Network defaultNetwork) { - return updateCapabilitiesInternal(defaultNetwork, false); - } - public void disconnect() { if (mMockNetworkAgent != null) mMockNetworkAgent.disconnect(); mAgentRegistered = false;