Merge changes I852e3a53,I86755647,I0ed8b0c6
* changes: Remove unused INetworkManagementService from IpSecService Use NetdUtils instead of NetworkManagementService in Vpn Use NetdUtils instead of NetworkManagementService in IpSecService
This commit is contained in:
Lucas Lin
@@ -16,12 +16,16 @@
|
|||||||
|
|
||||||
package com.android.server;
|
package com.android.server;
|
||||||
|
|
||||||
|
import static android.content.pm.PackageManager.PERMISSION_GRANTED;
|
||||||
|
import static android.net.INetd.IF_STATE_DOWN;
|
||||||
|
import static android.net.INetd.IF_STATE_UP;
|
||||||
import static android.system.OsConstants.AF_INET;
|
import static android.system.OsConstants.AF_INET;
|
||||||
import static android.system.OsConstants.AF_INET6;
|
import static android.system.OsConstants.AF_INET6;
|
||||||
|
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.assertNotNull;
|
import static org.junit.Assert.assertNotNull;
|
||||||
import static org.junit.Assert.fail;
|
import static org.junit.Assert.fail;
|
||||||
|
import static org.mockito.ArgumentMatchers.argThat;
|
||||||
import static org.mockito.Matchers.anyInt;
|
import static org.mockito.Matchers.anyInt;
|
||||||
import static org.mockito.Matchers.anyString;
|
import static org.mockito.Matchers.anyString;
|
||||||
import static org.mockito.Matchers.eq;
|
import static org.mockito.Matchers.eq;
|
||||||
@@ -36,6 +40,7 @@ import android.content.pm.PackageManager;
|
|||||||
import android.net.ConnectivityManager;
|
import android.net.ConnectivityManager;
|
||||||
import android.net.INetd;
|
import android.net.INetd;
|
||||||
import android.net.InetAddresses;
|
import android.net.InetAddresses;
|
||||||
|
import android.net.InterfaceConfigurationParcel;
|
||||||
import android.net.IpSecAlgorithm;
|
import android.net.IpSecAlgorithm;
|
||||||
import android.net.IpSecConfig;
|
import android.net.IpSecConfig;
|
||||||
import android.net.IpSecManager;
|
import android.net.IpSecManager;
|
||||||
@@ -48,7 +53,6 @@ import android.net.LinkAddress;
|
|||||||
import android.net.LinkProperties;
|
import android.net.LinkProperties;
|
||||||
import android.net.Network;
|
import android.net.Network;
|
||||||
import android.os.Binder;
|
import android.os.Binder;
|
||||||
import android.os.INetworkManagementService;
|
|
||||||
import android.os.ParcelFileDescriptor;
|
import android.os.ParcelFileDescriptor;
|
||||||
import android.system.Os;
|
import android.system.Os;
|
||||||
import android.test.mock.MockContext;
|
import android.test.mock.MockContext;
|
||||||
@@ -148,10 +152,17 @@ public class IpSecServiceParameterizedTest {
|
|||||||
}
|
}
|
||||||
throw new SecurityException("Unavailable permission requested");
|
throw new SecurityException("Unavailable permission requested");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int checkCallingOrSelfPermission(String permission) {
|
||||||
|
if (android.Manifest.permission.NETWORK_STACK.equals(permission)) {
|
||||||
|
return PERMISSION_GRANTED;
|
||||||
|
}
|
||||||
|
throw new UnsupportedOperationException();
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
INetd mMockNetd;
|
INetd mMockNetd;
|
||||||
INetworkManagementService mNetworkManager;
|
|
||||||
PackageManager mMockPkgMgr;
|
PackageManager mMockPkgMgr;
|
||||||
IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig;
|
IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig;
|
||||||
IpSecService mIpSecService;
|
IpSecService mIpSecService;
|
||||||
@@ -181,10 +192,9 @@ public class IpSecServiceParameterizedTest {
|
|||||||
@Before
|
@Before
|
||||||
public void setUp() throws Exception {
|
public void setUp() throws Exception {
|
||||||
mMockNetd = mock(INetd.class);
|
mMockNetd = mock(INetd.class);
|
||||||
mNetworkManager = mock(INetworkManagementService.class);
|
|
||||||
mMockPkgMgr = mock(PackageManager.class);
|
mMockPkgMgr = mock(PackageManager.class);
|
||||||
mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class);
|
mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class);
|
||||||
mIpSecService = new IpSecService(mMockContext, mNetworkManager, mMockIpSecSrvConfig);
|
mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig);
|
||||||
|
|
||||||
// Injecting mock netd
|
// Injecting mock netd
|
||||||
when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd);
|
when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd);
|
||||||
@@ -644,7 +654,10 @@ public class IpSecServiceParameterizedTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private IpSecTunnelInterfaceResponse createAndValidateTunnel(
|
private IpSecTunnelInterfaceResponse createAndValidateTunnel(
|
||||||
String localAddr, String remoteAddr, String pkgName) {
|
String localAddr, String remoteAddr, String pkgName) throws Exception {
|
||||||
|
final InterfaceConfigurationParcel config = new InterfaceConfigurationParcel();
|
||||||
|
config.flags = new String[] {IF_STATE_DOWN};
|
||||||
|
when(mMockNetd.interfaceGetCfg(anyString())).thenReturn(config);
|
||||||
IpSecTunnelInterfaceResponse createTunnelResp =
|
IpSecTunnelInterfaceResponse createTunnelResp =
|
||||||
mIpSecService.createTunnelInterface(
|
mIpSecService.createTunnelInterface(
|
||||||
mSourceAddr, mDestinationAddr, fakeNetwork, new Binder(), pkgName);
|
mSourceAddr, mDestinationAddr, fakeNetwork, new Binder(), pkgName);
|
||||||
@@ -674,7 +687,8 @@ public class IpSecServiceParameterizedTest {
|
|||||||
anyInt(),
|
anyInt(),
|
||||||
anyInt(),
|
anyInt(),
|
||||||
anyInt());
|
anyInt());
|
||||||
verify(mNetworkManager).setInterfaceUp(createTunnelResp.interfaceName);
|
verify(mMockNetd).interfaceSetCfg(argThat(
|
||||||
|
config -> Arrays.asList(config.flags).contains(IF_STATE_UP)));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|||||||
@@ -31,7 +31,6 @@ import static org.mockito.Mockito.verify;
|
|||||||
import android.content.Context;
|
import android.content.Context;
|
||||||
import android.os.Binder;
|
import android.os.Binder;
|
||||||
import android.os.IBinder;
|
import android.os.IBinder;
|
||||||
import android.os.INetworkManagementService;
|
|
||||||
import android.os.RemoteException;
|
import android.os.RemoteException;
|
||||||
|
|
||||||
import androidx.test.filters.SmallTest;
|
import androidx.test.filters.SmallTest;
|
||||||
@@ -62,8 +61,7 @@ public class IpSecServiceRefcountedResourceTest {
|
|||||||
public void setUp() throws Exception {
|
public void setUp() throws Exception {
|
||||||
mMockContext = mock(Context.class);
|
mMockContext = mock(Context.class);
|
||||||
mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class);
|
mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class);
|
||||||
mIpSecService = new IpSecService(
|
mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig);
|
||||||
mMockContext, mock(INetworkManagementService.class), mMockIpSecSrvConfig);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private void assertResourceState(
|
private void assertResourceState(
|
||||||
|
|||||||
@@ -42,7 +42,6 @@ import android.net.IpSecManager;
|
|||||||
import android.net.IpSecSpiResponse;
|
import android.net.IpSecSpiResponse;
|
||||||
import android.net.IpSecUdpEncapResponse;
|
import android.net.IpSecUdpEncapResponse;
|
||||||
import android.os.Binder;
|
import android.os.Binder;
|
||||||
import android.os.INetworkManagementService;
|
|
||||||
import android.os.ParcelFileDescriptor;
|
import android.os.ParcelFileDescriptor;
|
||||||
import android.os.Process;
|
import android.os.Process;
|
||||||
import android.system.ErrnoException;
|
import android.system.ErrnoException;
|
||||||
@@ -116,7 +115,6 @@ public class IpSecServiceTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
Context mMockContext;
|
Context mMockContext;
|
||||||
INetworkManagementService mMockNetworkManager;
|
|
||||||
INetd mMockNetd;
|
INetd mMockNetd;
|
||||||
IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig;
|
IpSecService.IpSecServiceConfiguration mMockIpSecSrvConfig;
|
||||||
IpSecService mIpSecService;
|
IpSecService mIpSecService;
|
||||||
@@ -124,10 +122,9 @@ public class IpSecServiceTest {
|
|||||||
@Before
|
@Before
|
||||||
public void setUp() throws Exception {
|
public void setUp() throws Exception {
|
||||||
mMockContext = mock(Context.class);
|
mMockContext = mock(Context.class);
|
||||||
mMockNetworkManager = mock(INetworkManagementService.class);
|
|
||||||
mMockNetd = mock(INetd.class);
|
mMockNetd = mock(INetd.class);
|
||||||
mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class);
|
mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class);
|
||||||
mIpSecService = new IpSecService(mMockContext, mMockNetworkManager, mMockIpSecSrvConfig);
|
mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig);
|
||||||
|
|
||||||
// Injecting mock netd
|
// Injecting mock netd
|
||||||
when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd);
|
when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd);
|
||||||
@@ -135,7 +132,7 @@ public class IpSecServiceTest {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testIpSecServiceCreate() throws InterruptedException {
|
public void testIpSecServiceCreate() throws InterruptedException {
|
||||||
IpSecService ipSecSrv = IpSecService.create(mMockContext, mMockNetworkManager);
|
IpSecService ipSecSrv = IpSecService.create(mMockContext);
|
||||||
assertNotNull(ipSecSrv);
|
assertNotNull(ipSecSrv);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -608,7 +605,7 @@ public class IpSecServiceTest {
|
|||||||
public void testOpenUdpEncapSocketTagsSocket() throws Exception {
|
public void testOpenUdpEncapSocketTagsSocket() throws Exception {
|
||||||
IpSecService.UidFdTagger mockTagger = mock(IpSecService.UidFdTagger.class);
|
IpSecService.UidFdTagger mockTagger = mock(IpSecService.UidFdTagger.class);
|
||||||
IpSecService testIpSecService = new IpSecService(
|
IpSecService testIpSecService = new IpSecService(
|
||||||
mMockContext, mMockNetworkManager, mMockIpSecSrvConfig, mockTagger);
|
mMockContext, mMockIpSecSrvConfig, mockTagger);
|
||||||
|
|
||||||
IpSecUdpEncapResponse udpEncapResp =
|
IpSecUdpEncapResponse udpEncapResp =
|
||||||
testIpSecService.openUdpEncapsulationSocket(0, new Binder());
|
testIpSecService.openUdpEncapsulationSocket(0, new Binder());
|
||||||
|
|||||||
@@ -21,6 +21,8 @@ import static android.content.pm.UserInfo.FLAG_MANAGED_PROFILE;
|
|||||||
import static android.content.pm.UserInfo.FLAG_PRIMARY;
|
import static android.content.pm.UserInfo.FLAG_PRIMARY;
|
||||||
import static android.content.pm.UserInfo.FLAG_RESTRICTED;
|
import static android.content.pm.UserInfo.FLAG_RESTRICTED;
|
||||||
import static android.net.ConnectivityManager.NetworkCallback;
|
import static android.net.ConnectivityManager.NetworkCallback;
|
||||||
|
import static android.net.INetd.IF_STATE_DOWN;
|
||||||
|
import static android.net.INetd.IF_STATE_UP;
|
||||||
|
|
||||||
import static org.junit.Assert.assertArrayEquals;
|
import static org.junit.Assert.assertArrayEquals;
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
@@ -62,6 +64,7 @@ import android.net.ConnectivityManager;
|
|||||||
import android.net.INetd;
|
import android.net.INetd;
|
||||||
import android.net.Ikev2VpnProfile;
|
import android.net.Ikev2VpnProfile;
|
||||||
import android.net.InetAddresses;
|
import android.net.InetAddresses;
|
||||||
|
import android.net.InterfaceConfigurationParcel;
|
||||||
import android.net.IpPrefix;
|
import android.net.IpPrefix;
|
||||||
import android.net.IpSecManager;
|
import android.net.IpSecManager;
|
||||||
import android.net.IpSecTunnelInterfaceResponse;
|
import android.net.IpSecTunnelInterfaceResponse;
|
||||||
@@ -872,17 +875,28 @@ public class VpnTest {
|
|||||||
eq(AppOpsManager.MODE_IGNORED));
|
eq(AppOpsManager.MODE_IGNORED));
|
||||||
}
|
}
|
||||||
|
|
||||||
private NetworkCallback triggerOnAvailableAndGetCallback() {
|
private NetworkCallback triggerOnAvailableAndGetCallback() throws Exception {
|
||||||
final ArgumentCaptor<NetworkCallback> networkCallbackCaptor =
|
final ArgumentCaptor<NetworkCallback> networkCallbackCaptor =
|
||||||
ArgumentCaptor.forClass(NetworkCallback.class);
|
ArgumentCaptor.forClass(NetworkCallback.class);
|
||||||
verify(mConnectivityManager, timeout(TEST_TIMEOUT_MS))
|
verify(mConnectivityManager, timeout(TEST_TIMEOUT_MS))
|
||||||
.requestNetwork(any(), networkCallbackCaptor.capture());
|
.requestNetwork(any(), networkCallbackCaptor.capture());
|
||||||
|
|
||||||
|
// onAvailable() will trigger onDefaultNetworkChanged(), so NetdUtils#setInterfaceUp will be
|
||||||
|
// invoked. Set the return value of INetd#interfaceGetCfg to prevent NullPointerException.
|
||||||
|
final InterfaceConfigurationParcel config = new InterfaceConfigurationParcel();
|
||||||
|
config.flags = new String[] {IF_STATE_DOWN};
|
||||||
|
when(mNetd.interfaceGetCfg(anyString())).thenReturn(config);
|
||||||
final NetworkCallback cb = networkCallbackCaptor.getValue();
|
final NetworkCallback cb = networkCallbackCaptor.getValue();
|
||||||
cb.onAvailable(TEST_NETWORK);
|
cb.onAvailable(TEST_NETWORK);
|
||||||
return cb;
|
return cb;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void verifyInterfaceSetCfgWithFlags(String flag) throws Exception {
|
||||||
|
// Add a timeout for waiting for interfaceSetCfg to be called.
|
||||||
|
verify(mNetd, timeout(TEST_TIMEOUT_MS)).interfaceSetCfg(argThat(
|
||||||
|
config -> Arrays.asList(config.flags).contains(flag)));
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testStartPlatformVpnAuthenticationFailed() throws Exception {
|
public void testStartPlatformVpnAuthenticationFailed() throws Exception {
|
||||||
final ArgumentCaptor<IkeSessionCallback> captor =
|
final ArgumentCaptor<IkeSessionCallback> captor =
|
||||||
@@ -894,6 +908,8 @@ public class VpnTest {
|
|||||||
final Vpn vpn = startLegacyVpn(createVpn(primaryUser.id), (mVpnProfile));
|
final Vpn vpn = startLegacyVpn(createVpn(primaryUser.id), (mVpnProfile));
|
||||||
final NetworkCallback cb = triggerOnAvailableAndGetCallback();
|
final NetworkCallback cb = triggerOnAvailableAndGetCallback();
|
||||||
|
|
||||||
|
verifyInterfaceSetCfgWithFlags(IF_STATE_UP);
|
||||||
|
|
||||||
// Wait for createIkeSession() to be called before proceeding in order to ensure consistent
|
// Wait for createIkeSession() to be called before proceeding in order to ensure consistent
|
||||||
// state
|
// state
|
||||||
verify(mIkev2SessionCreator, timeout(TEST_TIMEOUT_MS))
|
verify(mIkev2SessionCreator, timeout(TEST_TIMEOUT_MS))
|
||||||
@@ -912,6 +928,8 @@ public class VpnTest {
|
|||||||
final Vpn vpn = startLegacyVpn(createVpn(primaryUser.id), mVpnProfile);
|
final Vpn vpn = startLegacyVpn(createVpn(primaryUser.id), mVpnProfile);
|
||||||
final NetworkCallback cb = triggerOnAvailableAndGetCallback();
|
final NetworkCallback cb = triggerOnAvailableAndGetCallback();
|
||||||
|
|
||||||
|
verifyInterfaceSetCfgWithFlags(IF_STATE_UP);
|
||||||
|
|
||||||
// Wait for createIkeSession() to be called before proceeding in order to ensure consistent
|
// Wait for createIkeSession() to be called before proceeding in order to ensure consistent
|
||||||
// state
|
// state
|
||||||
verify(mConnectivityManager, timeout(TEST_TIMEOUT_MS)).unregisterNetworkCallback(eq(cb));
|
verify(mConnectivityManager, timeout(TEST_TIMEOUT_MS)).unregisterNetworkCallback(eq(cb));
|
||||||
|
|||||||
Reference in New Issue
Block a user