LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use java BpfMap in BpfNetMaps#removeNaughtyApp

Browse Source 
Bug: 217624062
Test: atest BpfNetMapsTest HostsideRestrictBackgroundNetworkTests
Change-Id: Ibfb3ae48427b7dc5d06708e63f4a16f7527ce86c
This commit is contained in:
Motomu Utsumi
2022-06-24 10:38:57 +00:00
parent 5a68a21926
commit 60ed3be43b
2 changed files with 104 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
tests/unit/java/com/android/server/BpfNetMapsTest.java
View File

@@ -26,8 +26,15 @@ import static android.net.ConnectivityManager.FIREWALL_CHAIN_RESTRICTED;
import static android.net.ConnectivityManager.FIREWALL_CHAIN_STANDBY;
import static android.net.INetd.PERMISSION_INTERNET;
import static com.android.server.BpfNetMaps.DOZABLE_MATCH;
import static com.android.server.BpfNetMaps.IIF_MATCH;
import static com.android.server.BpfNetMaps.PENALTY_BOX_MATCH;
import static com.android.server.BpfNetMaps.POWERSAVE_MATCH;
import static com.android.server.BpfNetMaps.RESTRICTED_MATCH;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.junit.Assume.assumeFalse;
@@ -68,7 +75,9 @@ public final class BpfNetMapsTest {
private static final int TEST_UID = 10086;
private static final int[] TEST_UIDS = {10002, 10003};
private static final String IFNAME = "wlan0";
private static final String TEST_IF_NAME = "wlan0";
private static final int TEST_IF_INDEX = 7;
private static final int NO_IIF = 0;
private static final String CHAINNAME = "fw_dozable";
private static final U32 UID_RULES_CONFIGURATION_KEY = new U32(0);
private static final List<Integer> FIREWALL_CHAINS = List.of(
@@ -100,8 +109,8 @@ public final class BpfNetMapsTest {
@Test
public void testBpfNetMapsBeforeT() throws Exception {
assumeFalse(SdkLevel.isAtLeastT());
mBpfNetMaps.addUidInterfaceRules(IFNAME, TEST_UIDS);
verify(mNetd).firewallAddUidInterfaceRules(IFNAME, TEST_UIDS);
mBpfNetMaps.addUidInterfaceRules(TEST_IF_NAME, TEST_UIDS);
verify(mNetd).firewallAddUidInterfaceRules(TEST_IF_NAME, TEST_UIDS);
mBpfNetMaps.removeUidInterfaceRules(TEST_UIDS);
verify(mNetd).firewallRemoveUidInterfaceRules(TEST_UIDS);
mBpfNetMaps.setNetPermForUids(PERMISSION_INTERNET, TEST_UIDS);
@@ -241,4 +250,53 @@ public final class BpfNetMapsTest {
assertThrows(UnsupportedOperationException.class,
() -> mBpfNetMaps.setChildChain(FIREWALL_CHAIN_DOZABLE, true /* enable */));
}
private void checkUidOwnerValue(final long uid, final long expectedIif,
final long expectedMatch) throws Exception {
final UidOwnerValue config = mUidOwnerMap.getValue(new U32(uid));
if (expectedMatch == 0) {
assertNull(config);
} else {
assertEquals(expectedIif, config.iif);
assertEquals(expectedMatch, config.rule);
}
}
private void doTestRemoveNaughtyApp(final long iif, final long match) throws Exception {
mUidOwnerMap.updateEntry(new U32(TEST_UID), new UidOwnerValue(iif, match));
mBpfNetMaps.removeNaughtyApp(TEST_UID);
checkUidOwnerValue(TEST_UID, iif, match & ~PENALTY_BOX_MATCH);
}
@Test
@IgnoreUpTo(Build.VERSION_CODES.S_V2)
public void testRemoveNaughtyApp() throws Exception {
doTestRemoveNaughtyApp(NO_IIF, PENALTY_BOX_MATCH);
// PENALTY_BOX_MATCH with other matches
doTestRemoveNaughtyApp(NO_IIF, PENALTY_BOX_MATCH | DOZABLE_MATCH | POWERSAVE_MATCH);
// PENALTY_BOX_MATCH with IIF_MATCH
doTestRemoveNaughtyApp(TEST_IF_INDEX, PENALTY_BOX_MATCH | IIF_MATCH);
// PENALTY_BOX_MATCH is not enabled
doTestRemoveNaughtyApp(NO_IIF, DOZABLE_MATCH | POWERSAVE_MATCH | RESTRICTED_MATCH);
}
@Test
@IgnoreUpTo(Build.VERSION_CODES.S_V2)
public void testRemoveNaughtyAppMissingUid() {
// UidOwnerMap does not have entry for TEST_UID
assertThrows(ServiceSpecificException.class,
() -> mBpfNetMaps.removeNaughtyApp(TEST_UID));
}
@Test
@IgnoreAfter(Build.VERSION_CODES.S_V2)
public void testRemoveNaughtyAppBeforeT() {
assertThrows(UnsupportedOperationException.class,
() -> mBpfNetMaps.removeNaughtyApp(TEST_UID));
}
}