LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge changes Ibff278a6,If6d537a3

Browse Source 
* changes:
  Revert "Add NATT keepalive resources and methods into IpSecService"
  Revert "[KA11] Verify fd ownership and allocate resource for NattKeepalive"
This commit is contained in:
Treehugger Robot
2019-05-10 01:42:26 +00:00
committed by Gerrit Code Review
parent b4da895ce0 b4864e6c40
commit 5cb924da73
4 changed files with 27 additions and 211 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
tests/net/java/com/android/server/ConnectivityServiceTest.java
View File

@@ -4269,25 +4269,6 @@ public class ConnectivityServiceTest {
callback.expectStarted();
ka.stop();
callback.expectStopped();
// Check that the same NATT socket cannot be used by 2 keepalives.
try (SocketKeepalive ka2 = mCm.createSocketKeepalive(
myNet, testSocket, myIPv4, dstIPv4, executor, callback)) {
// Check that second keepalive cannot be started if the first one is running.
ka.start(validKaInterval);
callback.expectStarted();
ka2.start(validKaInterval);
callback.expectError(SocketKeepalive.ERROR_INVALID_SOCKET);
ka.stop();
callback.expectStopped();
// Check that second keepalive can be started/stopped normally if the first one is
// stopped.
ka2.start(validKaInterval);
callback.expectStarted();
ka2.stop();
callback.expectStopped();
}
}
// Check that deleting the IP address stops the keepalive.
@@ -4351,10 +4332,6 @@ public class ConnectivityServiceTest {
testSocket.close();
testSocket2.close();
}
// Check that the closed socket cannot be used to start keepalive.
ka.start(validKaInterval);
callback.expectError(SocketKeepalive.ERROR_INVALID_SOCKET);
}
// Check that there is no port leaked after all keepalives and sockets are closed.

96
tests/net/java/com/android/server/IpSecServiceTest.java
View File

@@ -118,7 +118,6 @@ public class IpSecServiceTest {
INetd mMockNetd;
IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig;
IpSecService mIpSecService;
int mUid = Os.getuid();
@Before
public void setUp() throws Exception {
@@ -666,99 +665,4 @@ public class IpSecServiceTest {
mIpSecService.releaseNetId(releasedNetId);
assertEquals(releasedNetId, mIpSecService.reserveNetId());
}
@Test
public void testLockEncapSocketForNattKeepalive() throws Exception {
IpSecUdpEncapResponse udpEncapResp =
mIpSecService.openUdpEncapsulationSocket(0, new Binder());
assertNotNull(udpEncapResp);
assertEquals(IpSecManager.Status.OK, udpEncapResp.status);
// Verify no NATT keepalive records upon startup
IpSecService.UserRecord userRecord = mIpSecService.mUserResourceTracker.getUserRecord(mUid);
assertEquals(0, userRecord.mNattKeepaliveRecords.size());
int nattKeepaliveResourceId =
mIpSecService.lockEncapSocketForNattKeepalive(udpEncapResp.resourceId, mUid);
// Validate response, and record was added
assertNotEquals(IpSecManager.INVALID_RESOURCE_ID, nattKeepaliveResourceId);
assertEquals(1, userRecord.mNattKeepaliveRecords.size());
// Validate keepalive can be released and removed.
mIpSecService.releaseNattKeepalive(nattKeepaliveResourceId, mUid);
assertEquals(0, userRecord.mNattKeepaliveRecords.size());
mIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId);
}
@Test
public void testLockEncapSocketForNattKeepaliveInvalidUid() throws Exception {
IpSecUdpEncapResponse udpEncapResp =
mIpSecService.openUdpEncapsulationSocket(0, new Binder());
assertNotNull(udpEncapResp);
assertEquals(IpSecManager.Status.OK, udpEncapResp.status);
// Verify no NATT keepalive records upon startup
IpSecService.UserRecord userRecord = mIpSecService.mUserResourceTracker.getUserRecord(mUid);
assertEquals(0, userRecord.mNattKeepaliveRecords.size());
try {
int nattKeepaliveResourceId =
mIpSecService.lockEncapSocketForNattKeepalive(
udpEncapResp.resourceId, mUid + 1);
fail("Expected SecurityException for invalid user");
} catch (SecurityException expected) {
}
// Validate keepalive was not added to lists
assertEquals(0, userRecord.mNattKeepaliveRecords.size());
}
@Test
public void testLockEncapSocketForNattKeepaliveInvalidResourceId() throws Exception {
// Verify no NATT keepalive records upon startup
IpSecService.UserRecord userRecord = mIpSecService.mUserResourceTracker.getUserRecord(mUid);
assertEquals(0, userRecord.mNattKeepaliveRecords.size());
try {
int nattKeepaliveResourceId =
mIpSecService.lockEncapSocketForNattKeepalive(12345, mUid);
fail("Expected IllegalArgumentException for invalid resource ID");
} catch (IllegalArgumentException expected) {
}
// Validate keepalive was not added to lists
assertEquals(0, userRecord.mNattKeepaliveRecords.size());
}
@Test
public void testEncapSocketReleasedBeforeKeepaliveReleased() throws Exception {
IpSecUdpEncapResponse udpEncapResp =
mIpSecService.openUdpEncapsulationSocket(0, new Binder());
assertNotNull(udpEncapResp);
assertEquals(IpSecManager.Status.OK, udpEncapResp.status);
// Get encap socket record, verify initial starting refcount.
IpSecService.UserRecord userRecord = mIpSecService.mUserResourceTracker.getUserRecord(mUid);
IpSecService.RefcountedResource encapSocketRefcountedRecord =
userRecord.mEncapSocketRecords.getRefcountedResourceOrThrow(
udpEncapResp.resourceId);
assertEquals(1, encapSocketRefcountedRecord.mRefCount);
// Verify that the reference was added
int nattKeepaliveResourceId =
mIpSecService.lockEncapSocketForNattKeepalive(udpEncapResp.resourceId, mUid);
assertNotEquals(IpSecManager.INVALID_RESOURCE_ID, nattKeepaliveResourceId);
assertEquals(2, encapSocketRefcountedRecord.mRefCount);
// Close UDP encap socket, but expect the refcountedRecord to still have a reference.
mIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId);
assertEquals(1, encapSocketRefcountedRecord.mRefCount);
// Verify UDP encap socket cleaned up once reference is removed. Expect -1 if cleanup
// was properly completed.
mIpSecService.releaseNattKeepalive(nattKeepaliveResourceId, mUid);
assertEquals(-1, encapSocketRefcountedRecord.mRefCount);
}
}