From 1b88f0e6ab410767079bf4763b679ec176974401 Mon Sep 17 00:00:00 2001 From: Nathan Harold Date: Wed, 28 Mar 2018 08:52:51 -0700 Subject: [PATCH] Disallow Reserved SPI Allocation Disallow the allocation of SPIs in the range reserved for future use by RFC 4303. Bug: 77205120 Test: runtest frameworks-net Merged-In: I05e26ed34b5871f1a07d5bd7b58b79a64cd74b67 Change-Id: I05e26ed34b5871f1a07d5bd7b58b79a64cd74b67 (cherry picked from commit 7f606ee8e57d9d8b7c5d0cb2a78421aa02efb385) --- core/java/android/net/IpSecManager.java | 3 ++- services/core/java/com/android/server/IpSecService.java | 5 ++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/core/java/android/net/IpSecManager.java b/core/java/android/net/IpSecManager.java index c7234e3165..1525508326 100644 --- a/core/java/android/net/IpSecManager.java +++ b/core/java/android/net/IpSecManager.java @@ -274,7 +274,8 @@ public final class IpSecManager { * * @param destinationAddress the destination address for traffic bearing the requested SPI. * For inbound traffic, the destination should be an address currently assigned on-device. - * @param requestedSpi the requested SPI, or '0' to allocate a random SPI + * @param requestedSpi the requested SPI, or '0' to allocate a random SPI. The range 1-255 is + * reserved and may not be used. See RFC 4303 Section 2.1. * @return the reserved SecurityParameterIndex * @throws {@link #ResourceUnavailableException} indicating that too many SPIs are * currently allocated for this user diff --git a/services/core/java/com/android/server/IpSecService.java b/services/core/java/com/android/server/IpSecService.java index 06c10564ab..bde6bd8db6 100644 --- a/services/core/java/com/android/server/IpSecService.java +++ b/services/core/java/com/android/server/IpSecService.java @@ -1065,7 +1065,10 @@ public class IpSecService extends IIpSecService.Stub { public synchronized IpSecSpiResponse allocateSecurityParameterIndex( String destinationAddress, int requestedSpi, IBinder binder) throws RemoteException { checkInetAddress(destinationAddress); - /* requestedSpi can be anything in the int range, so no check is needed. */ + // RFC 4303 Section 2.1 - 0=local, 1-255=reserved. + if (requestedSpi > 0 && requestedSpi < 256) { + throw new IllegalArgumentException("ESP SPI must not be in the range of 0-255."); + } checkNotNull(binder, "Null Binder passed to allocateSecurityParameterIndex"); UserRecord userRecord = mUserResourceTracker.getUserRecord(Binder.getCallingUid());