LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[ipsec-doze] Add fchown to IpSecService to support doze

Browse Source 
Encap sockets are currently created as the system server, and should be
fchown'd to the user for whom it was created on behalf of.

Bug: 62994731
Test: New tests added and run to IpSecService
Change-Id: Icc49e709ae588981e69765fdb77537d7ffbac5fe
This commit is contained in:
Benedict Wong
2017-12-06 21:56:35 -08:00
parent 0b8bf40ae4
commit 42e3fa137d
1 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
tests/net/java/com/android/server/IpSecServiceTest.java
View File

@@ -475,4 +475,26 @@ public class IpSecServiceTest {
testIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId);
udpEncapResp.fileDescriptor.close();
}
@Test
public void testOpenUdpEncapsulationSocketCallsSetEncapSocketOwner() throws Exception {
IpSecUdpEncapResponse udpEncapResp =
mIpSecService.openUdpEncapsulationSocket(0, new Binder());
FileDescriptor sockFd = udpEncapResp.fileDescriptor.getFileDescriptor();
ArgumentMatcher<FileDescriptor> fdMatcher = (arg) -> {
try {
StructStat sockStat = Os.fstat(sockFd);
StructStat argStat = Os.fstat(arg);
return sockStat.st_ino == argStat.st_ino
&& sockStat.st_dev == argStat.st_dev;
} catch (ErrnoException e) {
return false;
}
};
verify(mMockNetd).ipSecSetEncapSocketOwner(argThat(fdMatcher), eq(Os.getuid()));
mIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId);
}
}