Merge "Add allowed capabilities on non cellular test networks" am: d71f6efa89

Original change: https://android-review.googlesource.com/c/platform/packages/modules/Connectivity/+/2470461 Change-Id: I6a803323be027a508b0b0e21686caa87eac13805 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-30 17:12:37 +00:00
parent 04e3ee5df8 d71f6efa89
commit 63df2d1b66
2 changed files with 67 additions and 15 deletions
--- a/framework/src/android/net/NetworkCapabilities.java
+++ b/framework/src/android/net/NetworkCapabilities.java
@@ -757,10 +757,10 @@ public final class NetworkCapabilities implements Parcelable {
                    NET_CAPABILITY_PARTIAL_CONNECTIVITY);

    /**
-     * Capabilities that are allowed for test networks. This list must be set so that it is safe
-     * for an unprivileged user to create a network with these capabilities via shell. As such,
-     * it must never contain capabilities that are generally useful to the system, such as
-     * INTERNET, IMS, SUPL, etc.
+     * Capabilities that are allowed for all test networks. This list must be set so that it is safe
+     * for an unprivileged user to create a network with these capabilities via shell. As such, it
+     * must never contain capabilities that are generally useful to the system, such as INTERNET,
+     * IMS, SUPL, etc.
     */
    private static final long TEST_NETWORKS_ALLOWED_CAPABILITIES =
            BitUtils.packBitList(
@@ -773,6 +773,14 @@ public final class NetworkCapabilities implements Parcelable {
            NET_CAPABILITY_NOT_SUSPENDED,
            NET_CAPABILITY_NOT_VCN_MANAGED);

+    /**
+     * Extra allowed capabilities for test networks that do not have TRANSPORT_CELLULAR. Test
+     * networks with TRANSPORT_CELLULAR must not have those capabilities in order to mitigate
+     * the risk of being used by running apps.
+     */
+    private static final long TEST_NETWORKS_EXTRA_ALLOWED_CAPABILITIES_ON_NON_CELL =
+            BitUtils.packBitList(NET_CAPABILITY_CBS, NET_CAPABILITY_DUN, NET_CAPABILITY_RCS);
+
    /**
     * Adds the given capability to this {@code NetworkCapability} instance.
     * Note that when searching for a network to satisfy a request, all capabilities
@@ -1133,7 +1141,13 @@ public final class NetworkCapabilities implements Parcelable {
            // If the test network is restricted, then it may declare any transport.
            mTransportTypes = (originalTransportTypes | (1 << TRANSPORT_TEST));
        }
+
        mNetworkCapabilities = originalCapabilities & TEST_NETWORKS_ALLOWED_CAPABILITIES;
+        if (!hasTransport(TRANSPORT_CELLULAR)) {
+            mNetworkCapabilities |=
+                    (originalCapabilities & TEST_NETWORKS_EXTRA_ALLOWED_CAPABILITIES_ON_NON_CELL);
+        }
+
        mNetworkSpecifier = originalSpecifier;
        mSignalStrength = originalSignalStrength;
        mTransportInfo = originalTransportInfo;
--- a/tests/common/java/android/net/NetworkCapabilitiesTest.java
+++ b/tests/common/java/android/net/NetworkCapabilitiesTest.java
@@ -21,6 +21,7 @@ import static android.net.NetworkCapabilities.MAX_TRANSPORT;
 import static android.net.NetworkCapabilities.MIN_TRANSPORT;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_CAPTIVE_PORTAL;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_CBS;
+import static android.net.NetworkCapabilities.NET_CAPABILITY_DUN;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_EIMS;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_ENTERPRISE;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_FOREGROUND;
@@ -36,6 +37,7 @@ import static android.net.NetworkCapabilities.NET_CAPABILITY_OEM_PRIVATE;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_PARTIAL_CONNECTIVITY;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_PRIORITIZE_BANDWIDTH;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_PRIORITIZE_LATENCY;
+import static android.net.NetworkCapabilities.NET_CAPABILITY_RCS;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_SUPL;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_TRUSTED;
 import static android.net.NetworkCapabilities.NET_CAPABILITY_VALIDATED;
@@ -113,6 +115,9 @@ public class NetworkCapabilitiesTest {
    private static final int TEST_SUBID2 = 2;
    private static final int TEST_SUBID3 = 3;

+    private static final Set<Integer> TEST_NETWORKS_EXTRA_ALLOWED_CAPS_ON_NON_CELL =
+            Set.of(NET_CAPABILITY_CBS, NET_CAPABILITY_DUN, NET_CAPABILITY_RCS);
+
    @Rule
    public DevSdkIgnoreRule mDevSdkIgnoreRule = new DevSdkIgnoreRule();

@@ -1321,16 +1326,31 @@ public class NetworkCapabilitiesTest {
    }

    @Test
-    public void testRestrictCapabilitiesForTestNetworkByNotOwnerWithRestrictedNc() {
-        testRestrictCapabilitiesForTestNetworkWithRestrictedNc(false /* isOwner */);
+    public void testRestrictCapabilitiesForTestNetworkRestrictedNc_NotOwner_NotCell() {
+        testRestrictCapabilitiesForTestNetworkWithRestrictedNc(
+                false /* isOwner */, false /* isCell */);
    }

    @Test
-    public void testRestrictCapabilitiesForTestNetworkByOwnerWithRestrictedNc() {
-        testRestrictCapabilitiesForTestNetworkWithRestrictedNc(true /* isOwner */);
+    public void testRestrictCapabilitiesForTestNetworkRestrictedNc_Owner_NotCell() {
+        testRestrictCapabilitiesForTestNetworkWithRestrictedNc(
+                true /* isOwner */, false /* isCell */);
    }

-    private void testRestrictCapabilitiesForTestNetworkWithRestrictedNc(boolean isOwner) {
+    @Test
+    public void testRestrictCapabilitiesForTestNetworkRestrictedNc_NotOwner_Cell() {
+        testRestrictCapabilitiesForTestNetworkWithRestrictedNc(
+                false /* isOwner */, true /* isCell */);
+    }
+
+    @Test
+    public void testRestrictCapabilitiesForTestNetworkRestrictedNc_Owner_Cell() {
+        testRestrictCapabilitiesForTestNetworkWithRestrictedNc(
+                true /* isOwner */, false /* isCell */);
+    }
+
+    private void testRestrictCapabilitiesForTestNetworkWithRestrictedNc(
+            boolean isOwner, boolean isCell) {
        final int ownerUid = 1234;
        final int signalStrength = -80;
        final int[] administratorUids = {1001, ownerUid};
@@ -1339,29 +1359,47 @@ public class NetworkCapabilitiesTest {
        // the networkCapabilities will contain more than one transport type. However,
        // networkCapabilities must have a single transport specified to use NetworkSpecifier. Thus,
        // do not verify this part since it's verified in other tests.
-        final NetworkCapabilities restrictedNc = new NetworkCapabilities.Builder()
+        final NetworkCapabilities.Builder restrictedNcBuilder = new NetworkCapabilities.Builder()
                .removeCapability(NET_CAPABILITY_NOT_RESTRICTED)
-                .addTransportType(TRANSPORT_CELLULAR)
                .addCapability(NET_CAPABILITY_MMS)
                .addCapability(NET_CAPABILITY_NOT_METERED)
                .setAdministratorUids(administratorUids)
                .setOwnerUid(ownerUid)
                .setSignalStrength(signalStrength)
                .setTransportInfo(transportInfo)
-                .setSubscriptionIds(Set.of(TEST_SUBID1)).build();
+                .setSubscriptionIds(Set.of(TEST_SUBID1));
+        for (int cap : TEST_NETWORKS_EXTRA_ALLOWED_CAPS_ON_NON_CELL) {
+            restrictedNcBuilder.addCapability(cap);
+        }
+
+        if (isCell) {
+            restrictedNcBuilder.addTransportType(TRANSPORT_CELLULAR);
+        }
+        final NetworkCapabilities restrictedNc = restrictedNcBuilder.build();
+
        final int creatorUid = isOwner ? ownerUid : INVALID_UID;
        restrictedNc.restrictCapabilitiesForTestNetwork(creatorUid);

        final NetworkCapabilities.Builder expectedNcBuilder = new NetworkCapabilities.Builder()
                .removeCapability(NET_CAPABILITY_NOT_RESTRICTED);
-        // If the test network is restricted, then the network may declare any transport, and
-        // appended with TRANSPORT_TEST.
-        expectedNcBuilder.addTransportType(TRANSPORT_CELLULAR);
+
+        if (isCell) {
+            // If the test network is restricted, then the network may declare any transport, and
+            // appended with TRANSPORT_TEST.
+            expectedNcBuilder.addTransportType(TRANSPORT_CELLULAR);
+        }
        expectedNcBuilder.addTransportType(TRANSPORT_TEST);
+
        // Only TEST_NETWORKS_ALLOWED_CAPABILITIES will be kept.
        expectedNcBuilder.addCapability(NET_CAPABILITY_NOT_METERED);
        expectedNcBuilder.removeCapability(NET_CAPABILITY_TRUSTED);

+        if (!isCell) {
+            for (int cap : TEST_NETWORKS_EXTRA_ALLOWED_CAPS_ON_NON_CELL) {
+                expectedNcBuilder.addCapability(cap);
+            }
+        }
+
        expectedNcBuilder.setSignalStrength(signalStrength).setTransportInfo(transportInfo);
        if (creatorUid == ownerUid) {
            // Only retain the owner and administrator UIDs if they match the app registering the