diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 8a9f59b955..145b307728 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -458,8 +458,8 @@ public class ConnectivityService extends IConnectivityManager.Stub private LingerMonitor mLingerMonitor; // sequence number for Networks; keep in sync with system/netd/NetworkController.cpp - private final static int MIN_NET_ID = 100; // some reserved marks - private final static int MAX_NET_ID = 65535; + private static final int MIN_NET_ID = 100; // some reserved marks + private static final int MAX_NET_ID = 65535 - 0x0400; // Top 1024 bits reserved by IpSecService private int mNextNetId = MIN_NET_ID; // sequence number of NetworkRequests diff --git a/tests/net/java/com/android/server/IpSecServiceTest.java b/tests/net/java/com/android/server/IpSecServiceTest.java index a375b600ca..2c94a601fb 100644 --- a/tests/net/java/com/android/server/IpSecServiceTest.java +++ b/tests/net/java/com/android/server/IpSecServiceTest.java @@ -635,4 +635,25 @@ public class IpSecServiceTest { verify(mMockNetd).ipSecSetEncapSocketOwner(argThat(fdMatcher), eq(Os.getuid())); mIpSecService.closeUdpEncapsulationSocket(udpEncapResp.resourceId); } + + @Test + public void testReserveNetId() { + int start = mIpSecService.TUN_INTF_NETID_START; + for (int i = 0; i < mIpSecService.TUN_INTF_NETID_RANGE; i++) { + assertEquals(start + i, mIpSecService.reserveNetId()); + } + + // Check that resource exhaustion triggers an exception + try { + mIpSecService.reserveNetId(); + fail("Did not throw error for all netIds reserved"); + } catch (IllegalStateException expected) { + } + + // Now release one and try again + int releasedNetId = + mIpSecService.TUN_INTF_NETID_START + mIpSecService.TUN_INTF_NETID_RANGE / 2; + mIpSecService.releaseNetId(releasedNetId); + assertEquals(releasedNetId, mIpSecService.reserveNetId()); + } }