Add unit test for IpSecService

Test: runtest frameworks-net

Bug:38259578
Change-Id: I4a049d5fdec79e36692e3b12306bd0758c19ad75

core/java/android/net/IpSecTransform.java

@@ -26,6 +26,7 @@ import android.os.IBinder;
 import android.os.RemoteException;
 import android.os.ServiceManager;
 import android.util.Log;
+import com.android.internal.annotations.VisibleForTesting;
 import com.android.internal.util.Preconditions;
 import dalvik.system.CloseGuard;
 import java.io.IOException;
@@ -487,5 +488,14 @@ public final class IpSecTransform implements AutoCloseable {
             mContext = context;
             mConfig = new IpSecConfig();
         }
+
+        /**
+         * Return an {@link IpSecConfig} object for testing purposes.
+         * @hide
+         */
+        @VisibleForTesting
+        public IpSecConfig getIpSecConfig() {
+            return mConfig;
+        }
     }
 }

services/core/java/com/android/server/IpSecService.java

@@ -46,6 +46,7 @@ import android.util.Log;
 import android.util.Slog;
 import android.util.SparseArray;
 import com.android.internal.annotations.GuardedBy;
+import com.android.internal.annotations.VisibleForTesting;
 import java.io.FileDescriptor;
 import java.io.IOException;
 import java.io.PrintWriter;
@@ -64,7 +65,7 @@ public class IpSecService extends IIpSecService.Stub {
     private static final int[] DIRECTIONS =
             new int[] {IpSecTransform.DIRECTION_OUT, IpSecTransform.DIRECTION_IN};
 
-    private static final int NETD_FETCH_TIMEOUT = 5000; //ms
+    private static final int NETD_FETCH_TIMEOUT_MS = 5000; // ms
     private static final int MAX_PORT_BIND_ATTEMPTS = 10;
     private static final InetAddress INADDR_ANY;
 
@@ -96,6 +97,24 @@ public class IpSecService extends IIpSecService.Stub {
     private final ManagedResourceArray<UdpSocketRecord> mUdpSocketRecords =
             new ManagedResourceArray<>();
 
+    interface IpSecServiceConfiguration {
+        INetd getNetdInstance() throws RemoteException;
+
+        static IpSecServiceConfiguration GETSRVINSTANCE =
+                new IpSecServiceConfiguration() {
+                    @Override
+                    public INetd getNetdInstance() throws RemoteException {
+                        final INetd netd = NetdService.getInstance();
+                        if (netd == null) {
+                            throw new RemoteException("Failed to Get Netd Instance");
+                        }
+                        return netd;
+                    }
+                };
+    }
+
+    private final IpSecServiceConfiguration mSrvConfig;
+
     /**
      * The ManagedResource class provides a facility to cleanly and reliably release system
      * resources. It relies on two things: an IBinder that allows ManagedResource to automatically
@@ -198,8 +217,7 @@ public class IpSecService extends IIpSecService.Stub {
     };
 
     /**
-     * Minimal wrapper around SparseArray that performs ownership
+     * Minimal wrapper around SparseArray that performs ownership validation on element accesses.
-     * validation on element accesses.
      */
     private class ManagedResourceArray<T extends ManagedResource> {
         SparseArray<T> mArray = new SparseArray<>();
@@ -264,7 +282,8 @@ public class IpSecService extends IIpSecService.Stub {
             for (int direction : DIRECTIONS) {
                 int spi = mSpis[direction].getSpi();
                 try {
-                    getNetdInstance()
+                    mSrvConfig
+                            .getNetdInstance()
                             .ipSecDeleteSecurityAssociation(
                                     mResourceId,
                                     direction,
@@ -328,7 +347,8 @@ public class IpSecService extends IIpSecService.Stub {
             }
 
             try {
-                getNetdInstance()
+                mSrvConfig
+                        .getNetdInstance()
                         .ipSecDeleteSecurityAssociation(
                                 mResourceId, mDirection, mLocalAddress, mRemoteAddress, mSpi);
             } catch (ServiceSpecificException e) {
@@ -387,7 +407,7 @@ public class IpSecService extends IIpSecService.Stub {
      * @param context Binder context for this service
      */
     private IpSecService(Context context) {
-        mContext = context;
+        this(context, IpSecServiceConfiguration.GETSRVINSTANCE);
     }
 
     static IpSecService create(Context context) throws InterruptedException {
@@ -396,6 +416,13 @@ public class IpSecService extends IIpSecService.Stub {
         return service;
     }
 
+    /** @hide */
+    @VisibleForTesting
+    public IpSecService(Context context, IpSecServiceConfiguration config) {
+        mContext = context;
+        mSrvConfig = config;
+    }
+
     public void systemReady() {
         if (isNetdAlive()) {
             Slog.d(TAG, "IpSecService is ready");
@@ -410,23 +437,15 @@ public class IpSecService extends IIpSecService.Stub {
             @Override
             public void run() {
                 synchronized (IpSecService.this) {
-                    NetdService.get(NETD_FETCH_TIMEOUT);
+                    NetdService.get(NETD_FETCH_TIMEOUT_MS);
                 }
             }
         }.start();
     }
 
-    INetd getNetdInstance() throws RemoteException {
-        final INetd netd = NetdService.getInstance();
-        if (netd == null) {
-            throw new RemoteException("Failed to Get Netd Instance");
-        }
-        return netd;
-    }
-
     synchronized boolean isNetdAlive() {
         try {
-            final INetd netd = getNetdInstance();
+            final INetd netd = mSrvConfig.getNetdInstance();
             if (netd == null) {
                 return false;
             }
@@ -447,7 +466,8 @@ public class IpSecService extends IIpSecService.Stub {
         String localAddress = "";
         try {
             spi =
-                    getNetdInstance()
+                    mSrvConfig
+                            .getNetdInstance()
                             .ipSecAllocateSpi(
                                     resourceId,
                                     direction,
@@ -606,7 +626,7 @@ public class IpSecService extends IIpSecService.Stub {
             spis[direction] = mSpiRecords.get(c.getSpiResourceId(direction));
             int spi = spis[direction].getSpi();
             try {
-                getNetdInstance()
+                mSrvConfig.getNetdInstance()
                         .ipSecAddSecurityAssociation(
                                 resourceId,
                                 c.getMode(),
@@ -676,7 +696,8 @@ public class IpSecService extends IIpSecService.Stub {
         IpSecConfig c = info.getConfig();
         try {
             for (int direction : DIRECTIONS) {
-                getNetdInstance()
+                mSrvConfig
+                        .getNetdInstance()
                         .ipSecApplyTransportModeTransform(
                                 socket.getFileDescriptor(),
                                 resourceId,
@@ -704,7 +725,9 @@ public class IpSecService extends IIpSecService.Stub {
     public void removeTransportModeTransform(ParcelFileDescriptor socket, int resourceId)
             throws RemoteException {
         try {
-            getNetdInstance().ipSecRemoveTransportModeTransform(socket.getFileDescriptor());
+            mSrvConfig
+                    .getNetdInstance()
+                    .ipSecRemoveTransportModeTransform(socket.getFileDescriptor());
         } catch (ServiceSpecificException e) {
             // FIXME: get the error code and throw is at an IOException from Errno Exception
         }