LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor IpSecServiceConfiguration to Dependencies

Browse Source 
IpSecService is going to be moved into ConnectivityService module,
so the hidden API usage should be removed.

NetdService.getNetdInstance is a hidden API, therefore the alternative
is to get the instance by Context.getSystemService.

Bug: 204153604
Test: FrameworksNetTests

Change-Id: I1bd8efc03c37654d12a8eadd3e78ed45e10b5691
This commit is contained in:
Aaron Huang
2021-11-27 00:30:35 +08:00
parent fbae308e6a
commit 9b27b0e6bf
1 changed files with 54 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
service-t/src/com/android/server/IpSecService.java
View File

@@ -119,6 +119,7 @@ public class IpSecService extends IIpSecService.Stub {
/* Binder context for this service */
private final Context mContext;
private final Dependencies mDeps;
/**
* The next non-repeating global ID for tracking resources between users, this service, and
@@ -129,23 +130,24 @@ public class IpSecService extends IIpSecService.Stub {
@GuardedBy("IpSecService.this")
private int mNextResourceId = 1;
interface IpSecServiceConfiguration {
INetd getNetdInstance() throws RemoteException;
IpSecServiceConfiguration GETSRVINSTANCE =
new IpSecServiceConfiguration() {
@Override
public INetd getNetdInstance() throws RemoteException {
final INetd netd = NetdService.getInstance();
if (netd == null) {
throw new RemoteException("Failed to Get Netd Instance");
}
return netd;
}
};
/**
* Dependencies of IpSecService, for injection in tests.
*/
@VisibleForTesting
public static class Dependencies {
/**
* Get a reference to INetd.
*/
public INetd getNetdInstance(Context context) throws RemoteException {
final INetd netd = INetd.Stub.asInterface((IBinder)
context.getSystemService(Context.NETD_SERVICE));
if (netd == null) {
throw new RemoteException("Failed to Get Netd Instance");
}
return netd;
}
}
private final IpSecServiceConfiguration mSrvConfig;
final UidFdTagger mUidFdTagger;
/**
@@ -625,8 +627,8 @@ public class IpSecService extends IIpSecService.Stub {
public void freeUnderlyingResources() {
int spi = mSpi.getSpi();
try {
mSrvConfig
.getNetdInstance()
mDeps
.getNetdInstance(mContext)
.ipSecDeleteSecurityAssociation(
mUid,
mConfig.getSourceAddress(),
@@ -678,11 +680,14 @@ public class IpSecService extends IIpSecService.Stub {
private final String mSourceAddress;
private final String mDestinationAddress;
private int mSpi;
private final Context mContext;
private boolean mOwnedByTransform = false;
SpiRecord(int resourceId, String sourceAddress, String destinationAddress, int spi) {
SpiRecord(Context context, int resourceId, String sourceAddress,
String destinationAddress, int spi) {
super(resourceId);
mContext = context;
mSourceAddress = sourceAddress;
mDestinationAddress = destinationAddress;
mSpi = spi;
@@ -693,8 +698,8 @@ public class IpSecService extends IIpSecService.Stub {
public void freeUnderlyingResources() {
try {
if (!mOwnedByTransform) {
mSrvConfig
.getNetdInstance()
mDeps
.getNetdInstance(mContext)
.ipSecDeleteSecurityAssociation(
mUid, mSourceAddress, mDestinationAddress, mSpi, 0 /* mark */,
0 /* mask */, 0 /* if_id */);
@@ -816,8 +821,10 @@ public class IpSecService extends IIpSecService.Stub {
private final int mIfId;
private Network mUnderlyingNetwork;
private final Context mContext;
TunnelInterfaceRecord(
Context context,
int resourceId,
String interfaceName,
Network underlyingNetwork,
@@ -828,6 +835,7 @@ public class IpSecService extends IIpSecService.Stub {
int intfId) {
super(resourceId);
mContext = context;
mInterfaceName = interfaceName;
mUnderlyingNetwork = underlyingNetwork;
mLocalAddress = localAddr;
@@ -844,7 +852,7 @@ public class IpSecService extends IIpSecService.Stub {
// Teardown VTI
// Delete global policies
try {
final INetd netd = mSrvConfig.getNetdInstance();
final INetd netd = mDeps.getNetdInstance(mContext);
netd.ipSecRemoveTunnelInterface(mInterfaceName);
for (int selAddrFamily : ADDRESS_FAMILIES) {
@@ -1012,7 +1020,7 @@ public class IpSecService extends IIpSecService.Stub {
* @param context Binder context for this service
*/
private IpSecService(Context context) {
this(context, IpSecServiceConfiguration.GETSRVINSTANCE);
this(context, new Dependencies());
}
static IpSecService create(Context context)
@@ -1031,10 +1039,10 @@ public class IpSecService extends IIpSecService.Stub {
/** @hide */
@VisibleForTesting
public IpSecService(Context context, IpSecServiceConfiguration config) {
public IpSecService(Context context, Dependencies deps) {
this(
context,
config,
deps,
(fd, uid) -> {
try {
TrafficStats.setThreadStatsUid(uid);
@@ -1047,10 +1055,9 @@ public class IpSecService extends IIpSecService.Stub {
/** @hide */
@VisibleForTesting
public IpSecService(Context context, IpSecServiceConfiguration config,
UidFdTagger uidFdTagger) {
public IpSecService(Context context, Dependencies deps, UidFdTagger uidFdTagger) {
mContext = context;
mSrvConfig = config;
mDeps = deps;
mUidFdTagger = uidFdTagger;
}
@@ -1077,7 +1084,7 @@ public class IpSecService extends IIpSecService.Stub {
synchronized boolean isNetdAlive() {
try {
final INetd netd = mSrvConfig.getNetdInstance();
final INetd netd = mDeps.getNetdInstance(mContext);
if (netd == null) {
return false;
}
@@ -1143,14 +1150,15 @@ public class IpSecService extends IIpSecService.Stub {
}
spi =
mSrvConfig
.getNetdInstance()
mDeps
.getNetdInstance(mContext)
.ipSecAllocateSpi(callingUid, "", destinationAddress, requestedSpi);
Log.d(TAG, "Allocated SPI " + spi);
userRecord.mSpiRecords.put(
resourceId,
new RefcountedResource<SpiRecord>(
new SpiRecord(resourceId, "", destinationAddress, spi), binder));
new SpiRecord(mContext, resourceId, "",
destinationAddress, spi), binder));
} catch (ServiceSpecificException e) {
if (e.errorCode == OsConstants.ENOENT) {
return new IpSecSpiResponse(
@@ -1267,7 +1275,7 @@ public class IpSecService extends IIpSecService.Stub {
OsConstants.UDP_ENCAP,
OsConstants.UDP_ENCAP_ESPINUDP);
mSrvConfig.getNetdInstance().ipSecSetEncapSocketOwner(
mDeps.getNetdInstance(mContext).ipSecSetEncapSocketOwner(
new ParcelFileDescriptor(sockFd), callingUid);
if (port != 0) {
Log.v(TAG, "Binding to port " + port);
@@ -1330,7 +1338,7 @@ public class IpSecService extends IIpSecService.Stub {
// Create VTI
// Add inbound/outbound global policies
// (use reqid = 0)
final INetd netd = mSrvConfig.getNetdInstance();
final INetd netd = mDeps.getNetdInstance(mContext);
netd.ipSecAddTunnelInterface(intfName, localAddr, remoteAddr, ikey, okey, resourceId);
BinderUtils.withCleanCallingIdentity(() -> {
@@ -1385,6 +1393,7 @@ public class IpSecService extends IIpSecService.Stub {
resourceId,
new RefcountedResource<TunnelInterfaceRecord>(
new TunnelInterfaceRecord(
mContext,
resourceId,
intfName,
underlyingNetwork,
@@ -1426,8 +1435,8 @@ public class IpSecService extends IIpSecService.Stub {
try {
// We can assume general validity of the IP address, since we get them as a
// LinkAddress, which does some validation.
mSrvConfig
.getNetdInstance()
mDeps
.getNetdInstance(mContext)
.interfaceAddAddress(
tunnelInterfaceInfo.mInterfaceName,
localAddr.getAddress().getHostAddress(),
@@ -1455,8 +1464,8 @@ public class IpSecService extends IIpSecService.Stub {
try {
// We can assume general validity of the IP address, since we get them as a
// LinkAddress, which does some validation.
mSrvConfig
.getNetdInstance()
mDeps
.getNetdInstance(mContext)
.interfaceDelAddress(
tunnelInterfaceInfo.mInterfaceName,
localAddr.getAddress().getHostAddress(),
@@ -1670,8 +1679,8 @@ public class IpSecService extends IIpSecService.Stub {
cryptName = crypt.getName();
}
mSrvConfig
.getNetdInstance()
mDeps
.getNetdInstance(mContext)
.ipSecAddSecurityAssociation(
Binder.getCallingUid(),
c.getMode(),
@@ -1782,8 +1791,8 @@ public class IpSecService extends IIpSecService.Stub {
c.getMode() == IpSecTransform.MODE_TRANSPORT,
"Transform mode was not Transport mode; cannot be applied to a socket");
mSrvConfig
.getNetdInstance()
mDeps
.getNetdInstance(mContext)
.ipSecApplyTransportModeTransform(
socket,
callingUid,
@@ -1802,8 +1811,8 @@ public class IpSecService extends IIpSecService.Stub {
@Override
public synchronized void removeTransportModeTransforms(ParcelFileDescriptor socket)
throws RemoteException {
mSrvConfig
.getNetdInstance()
mDeps
.getNetdInstance(mContext)
.ipSecRemoveTransportModeTransform(socket);
}
@@ -1879,8 +1888,8 @@ public class IpSecService extends IIpSecService.Stub {
// Always update the policy with the relevant XFRM_IF_ID
for (int selAddrFamily : ADDRESS_FAMILIES) {
mSrvConfig
.getNetdInstance()
mDeps
.getNetdInstance(mContext)
.ipSecUpdateSecurityPolicy(
callingUid,
selAddrFamily,