Merge "Update VPN isolation code for excluded routes"

2022-05-03 17:40:12 +00:00
parent c670977937 2b97bbebf4
commit a1c6dbbd53
3 changed files with 28 additions and 1 deletions
--- a/framework/src/android/net/LinkProperties.java
+++ b/framework/src/android/net/LinkProperties.java
@@ -1365,6 +1365,21 @@ public final class LinkProperties implements Parcelable {
        return false;
    }

+    /**
+     * Returns true if this link has a throw route.
+     *
+     * @return {@code true} if there is an exclude route, {@code false} otherwise.
+     * @hide
+     */
+    public boolean hasExcludeRoute() {
+        for (RouteInfo r : mRoutes) {
+            if (r.getType() == RouteInfo.RTN_THROW) {
+                return true;
+            }
+        }
+        return false;
+    }
+
    /**
     * Compares this {@code LinkProperties} interface name against the target
     *
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -8087,7 +8087,8 @@ public class ConnectivityService extends IConnectivityManager.Stub
                && nc.getOwnerUid() != Process.SYSTEM_UID
                && lp.getInterfaceName() != null
                && (lp.hasIpv4DefaultRoute() || lp.hasIpv4UnreachableDefaultRoute())
-                && (lp.hasIpv6DefaultRoute() || lp.hasIpv6UnreachableDefaultRoute());
+                && (lp.hasIpv6DefaultRoute() || lp.hasIpv6UnreachableDefaultRoute())
+                && !lp.hasExcludeRoute();
    }

    private static UidRangeParcel[] toUidRangeStableParcels(final @NonNull Set<UidRange> ranges) {
--- a/tests/common/java/android/net/LinkPropertiesTest.java
+++ b/tests/common/java/android/net/LinkPropertiesTest.java
@@ -1261,6 +1261,17 @@ public class LinkPropertiesTest {
        assertFalse(lp.hasIpv4UnreachableDefaultRoute());
    }

+    @Test @IgnoreUpTo(Build.VERSION_CODES.S_V2)
+    public void testHasExcludeRoute() {
+        LinkProperties lp = new LinkProperties();
+        lp.setInterfaceName("VPN");
+        lp.addRoute(new RouteInfo(new IpPrefix(ADDRV4, 2), RTN_UNICAST));
+        lp.addRoute(new RouteInfo(new IpPrefix(ADDRV6, 0), RTN_UNICAST));
+        assertFalse(lp.hasExcludeRoute());
+        lp.addRoute(new RouteInfo(new IpPrefix(ADDRV6, 2), RTN_THROW));
+        assertTrue(lp.hasExcludeRoute());
+    }
+
    @Test @IgnoreUpTo(Build.VERSION_CODES.Q)
    @EnableCompatChanges({LinkProperties.EXCLUDED_ROUTES})
    public void testRouteAddWithSameKey() throws Exception {