From 5f3c53a268556bd4d8252b40b328f8cd2c26c5e1 Mon Sep 17 00:00:00 2001 From: Cody Kesting Date: Tue, 11 Feb 2020 10:03:26 -0800 Subject: [PATCH 1/5] Clear UIDs when sharing NetworkCapabilties for ConnectivityDiagnostics. ConnectivityDiagnostics shares NetworkCapabilities in ConnectivityReports and DataStallReports. These NetworkCapabilities need to have their UIDs scrubbed before they are shared with callbacks. Bug: 148942124 Test: atest FrameworksNetTests Change-Id: I5bde5a8116f7e36b8f4de49adf4cab8ec45a5aa4 Merged-In: I5bde5a8116f7e36b8f4de49adf4cab8ec45a5aa4 (cherry picked from commit 3de243265558fb5505b4daabe715a5090104450f) --- .../android/server/ConnectivityService.java | 16 +++++++++++++-- .../server/ConnectivityServiceTest.java | 20 ++++++++++++++----- 2 files changed, 29 insertions(+), 7 deletions(-) diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index ff41d1cc67..6e0f52063a 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -7835,12 +7835,15 @@ public class ConnectivityService extends IConnectivityManager.Stub private void handleNetworkTestedWithExtras( @NonNull ConnectivityReportEvent reportEvent, @NonNull PersistableBundle extras) { final NetworkAgentInfo nai = reportEvent.mNai; + final NetworkCapabilities networkCapabilities = + new NetworkCapabilities(nai.networkCapabilities); + clearNetworkCapabilitiesUids(networkCapabilities); final ConnectivityReport report = new ConnectivityReport( reportEvent.mNai.network, reportEvent.mTimestampMillis, nai.linkProperties, - nai.networkCapabilities, + networkCapabilities, extras); final List results = getMatchingPermissionedCallbacks(nai); @@ -7856,13 +7859,16 @@ public class ConnectivityService extends IConnectivityManager.Stub private void handleDataStallSuspected( @NonNull NetworkAgentInfo nai, long timestampMillis, int detectionMethod, @NonNull PersistableBundle extras) { + final NetworkCapabilities networkCapabilities = + new NetworkCapabilities(nai.networkCapabilities); + clearNetworkCapabilitiesUids(networkCapabilities); final DataStallReport report = new DataStallReport( nai.network, timestampMillis, detectionMethod, nai.linkProperties, - nai.networkCapabilities, + networkCapabilities, extras); final List results = getMatchingPermissionedCallbacks(nai); @@ -7888,6 +7894,12 @@ public class ConnectivityService extends IConnectivityManager.Stub } } + private void clearNetworkCapabilitiesUids(@NonNull NetworkCapabilities nc) { + nc.setUids(null); + nc.setAdministratorUids(Collections.EMPTY_LIST); + nc.setOwnerUid(Process.INVALID_UID); + } + private List getMatchingPermissionedCallbacks( @NonNull NetworkAgentInfo nai) { final List results = new ArrayList<>(); diff --git a/tests/net/java/com/android/server/ConnectivityServiceTest.java b/tests/net/java/com/android/server/ConnectivityServiceTest.java index c2c3ba3e8b..c1999dba69 100644 --- a/tests/net/java/com/android/server/ConnectivityServiceTest.java +++ b/tests/net/java/com/android/server/ConnectivityServiceTest.java @@ -23,8 +23,6 @@ import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.content.pm.PackageManager.MATCH_ANY_USER; import static android.content.pm.PackageManager.PERMISSION_DENIED; import static android.content.pm.PackageManager.PERMISSION_GRANTED; -import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport; -import static android.net.ConnectivityDiagnosticsManager.DataStallReport; import static android.net.ConnectivityManager.ACTION_CAPTIVE_PORTAL_SIGN_IN; import static android.net.ConnectivityManager.CONNECTIVITY_ACTION; import static android.net.ConnectivityManager.CONNECTIVITY_ACTION_SUPL; @@ -100,6 +98,7 @@ import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import static org.mockito.ArgumentMatchers.anyLong; import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.ArgumentMatchers.argThat; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.startsWith; import static org.mockito.Matchers.anyInt; @@ -6875,8 +6874,13 @@ public class ConnectivityServiceTest { HandlerUtilsKt.waitForIdle(mCsHandlerThread, TIMEOUT_MS); // Verify onConnectivityReport fired - verify(mConnectivityDiagnosticsCallback) - .onConnectivityReport(any(ConnectivityReport.class)); + verify(mConnectivityDiagnosticsCallback).onConnectivityReport( + argThat(report -> { + final NetworkCapabilities nc = report.getNetworkCapabilities(); + return nc.getUids() == null + && nc.getAdministratorUids().isEmpty() + && nc.getOwnerUid() == Process.INVALID_UID; + })); } @Test @@ -6891,7 +6895,13 @@ public class ConnectivityServiceTest { HandlerUtilsKt.waitForIdle(mCsHandlerThread, TIMEOUT_MS); // Verify onDataStallSuspected fired - verify(mConnectivityDiagnosticsCallback).onDataStallSuspected(any(DataStallReport.class)); + verify(mConnectivityDiagnosticsCallback).onDataStallSuspected( + argThat(report -> { + final NetworkCapabilities nc = report.getNetworkCapabilities(); + return nc.getUids() == null + && nc.getAdministratorUids().isEmpty() + && nc.getOwnerUid() == Process.INVALID_UID; + })); } @Test From 1494a56ecfc63b3d7a9b8d1c5928dc0c88da8fce Mon Sep 17 00:00:00 2001 From: Automerger Merge Worker Date: Wed, 11 Mar 2020 11:14:59 +0000 Subject: [PATCH 2/5] Add CTS for SocketUtils.makePacketSocketAddress(int, int, byte[]) Bug: 149426063 Bug: 150640362 Test: atest CtsNetTestCasesLatestSdk:android.net.util.SocketUtilsTest on both Q and R devices Change-Id: I4b5a3dfb78b404d414b7dc358e6f16c3414a8b33 Merged-In: I4b5a3dfb78b404d414b7dc358e6f16c3414a8b33 (cherry picked from aosp/1243868) --- .../java/android/net/util/SocketUtilsTest.kt | 24 +++++++++++++++---- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/tests/net/common/java/android/net/util/SocketUtilsTest.kt b/tests/net/common/java/android/net/util/SocketUtilsTest.kt index 9c7cfb0c71..aaf97f3688 100644 --- a/tests/net/common/java/android/net/util/SocketUtilsTest.kt +++ b/tests/net/common/java/android/net/util/SocketUtilsTest.kt @@ -14,8 +14,9 @@ * limitations under the License. */ -package android.net.util; +package android.net.util +import android.os.Build import android.system.NetlinkSocketAddress import android.system.Os import android.system.OsConstants.AF_INET @@ -26,18 +27,26 @@ import android.system.OsConstants.SOCK_DGRAM import android.system.PacketSocketAddress import androidx.test.filters.SmallTest import androidx.test.runner.AndroidJUnit4 +import com.android.testutils.DevSdkIgnoreRule +import com.android.testutils.DevSdkIgnoreRule.IgnoreUpTo import org.junit.Assert.assertEquals import org.junit.Assert.assertFalse import org.junit.Assert.assertTrue import org.junit.Assert.fail +import org.junit.Rule import org.junit.Test import org.junit.runner.RunWith private const val TEST_INDEX = 123 private const val TEST_PORT = 555 +private const val FF_BYTE = 0xff.toByte() + @RunWith(AndroidJUnit4::class) @SmallTest class SocketUtilsTest { + @Rule @JvmField + val ignoreRule = DevSdkIgnoreRule() + @Test fun testMakeNetlinkSocketAddress() { val nlAddress = SocketUtils.makeNetlinkSocketAddress(TEST_PORT, RTMGRP_NEIGH) @@ -50,16 +59,21 @@ class SocketUtilsTest { } @Test - fun testMakePacketSocketAddress() { + fun testMakePacketSocketAddress_Q() { val pkAddress = SocketUtils.makePacketSocketAddress(ETH_P_ALL, TEST_INDEX) assertTrue("Not PacketSocketAddress object", pkAddress is PacketSocketAddress) - val ff = 0xff.toByte() - val pkAddress2 = SocketUtils.makePacketSocketAddress(TEST_INDEX, - byteArrayOf(ff, ff, ff, ff, ff, ff)) + val pkAddress2 = SocketUtils.makePacketSocketAddress(TEST_INDEX, ByteArray(6) { FF_BYTE }) assertTrue("Not PacketSocketAddress object", pkAddress2 is PacketSocketAddress) } + @Test @IgnoreUpTo(Build.VERSION_CODES.Q) + fun testMakePacketSocketAddress() { + val pkAddress = SocketUtils.makePacketSocketAddress( + ETH_P_ALL, TEST_INDEX, ByteArray(6) { FF_BYTE }) + assertTrue("Not PacketSocketAddress object", pkAddress is PacketSocketAddress) + } + @Test fun testCloseSocket() { // Expect no exception happening with null object. From 58d144f6ed3e5aca99781fa4391bb85922cf70f2 Mon Sep 17 00:00:00 2001 From: Roshan Pius Date: Thu, 20 Feb 2020 21:47:01 -0800 Subject: [PATCH 3/5] services.net: Use the new ModuleNetworkStackClient Use the new ModuleNetworkStackClient to retrieve instances IpMemoryStore & IpClient. Bug: 145825329 Test: Compiles Change-Id: I065525fdbd64b9509ef0f47bb35954d267c65fd2 --- tests/net/java/android/net/IpMemoryStoreTest.java | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/tests/net/java/android/net/IpMemoryStoreTest.java b/tests/net/java/android/net/IpMemoryStoreTest.java index b81ca36429..442ac5605e 100644 --- a/tests/net/java/android/net/IpMemoryStoreTest.java +++ b/tests/net/java/android/net/IpMemoryStoreTest.java @@ -35,6 +35,7 @@ import android.net.ipmemorystore.IOnStatusListener; import android.net.ipmemorystore.NetworkAttributes; import android.net.ipmemorystore.NetworkAttributesParcelable; import android.net.ipmemorystore.Status; +import android.net.networkstack.ModuleNetworkStackClient; import android.os.RemoteException; import androidx.test.filters.SmallTest; @@ -67,7 +68,7 @@ public class IpMemoryStoreTest { @Mock Context mMockContext; @Mock - NetworkStackClient mNetworkStackClient; + ModuleNetworkStackClient mModuleNetworkStackClient; @Mock IIpMemoryStore mMockService; @Mock @@ -90,14 +91,14 @@ public class IpMemoryStoreTest { ((IIpMemoryStoreCallbacks) invocation.getArgument(0)) .onIpMemoryStoreFetched(mMockService); return null; - }).when(mNetworkStackClient).fetchIpMemoryStore(any()); + }).when(mModuleNetworkStackClient).fetchIpMemoryStore(any()); } else { - doNothing().when(mNetworkStackClient).fetchIpMemoryStore(mCbCaptor.capture()); + doNothing().when(mModuleNetworkStackClient).fetchIpMemoryStore(mCbCaptor.capture()); } mStore = new IpMemoryStore(mMockContext) { @Override - protected NetworkStackClient getNetworkStackClient() { - return mNetworkStackClient; + protected ModuleNetworkStackClient getModuleNetworkStackClient(Context ctx) { + return mModuleNetworkStackClient; } }; } From 7b4eada7c272ca4870cc3cfaa25b13738e6e3cfe Mon Sep 17 00:00:00 2001 From: Automerger Merge Worker Date: Thu, 12 Mar 2020 11:12:31 +0000 Subject: [PATCH 4/5] Add javadoc for Network#netId Bug: 151156820 Test: m doc-comment-check-docs Change-Id: I18e6022c7b0b8bf132069f33d916d1b16d53d4f0 Merged-In: Iea34a5c58a8b77c83258a39a8a44601e21a482f5 (cherry picked from commit ab23c0fef8c02a9d63b1b48628eb687f589aac72) --- core/java/android/net/Network.java | 1 + 1 file changed, 1 insertion(+) diff --git a/core/java/android/net/Network.java b/core/java/android/net/Network.java index c5681cb6d7..6f5471baa7 100644 --- a/core/java/android/net/Network.java +++ b/core/java/android/net/Network.java @@ -61,6 +61,7 @@ import javax.net.SocketFactory; public class Network implements Parcelable { /** + * The unique id of the network. * @hide */ @SystemApi From 1378facba476eb8320f00fc0cbe36dfbf3fbbf6a Mon Sep 17 00:00:00 2001 From: Roshan Pius Date: Fri, 21 Feb 2020 07:37:30 -0800 Subject: [PATCH 5/5] services.net: Add a static library needed by wifi module Add a new static library that compiles against system_current which includes all the parts needed by the wifi mainline module. Also, a) Refactored TcpKeepalivePacketData to use public APIs. The parcel read/write methods in the base class are @hide and they're not used by the other child class (NatKeepalivePacketData). So, remove the @hide method from base class and use it direcly in the child class. b) Add jar-jar rules for all the statically linked dependencies in wifi service jar rules. Exempt-From-Owner-Approval: Minor change on top of owner's approval. Bug: 145825329 Test: Device boots up & connects to wifi networks. Change-Id: Ifde69b579cfe5b813766f676acb10e436e64a44c --- .../java/android/net/KeepalivePacketData.java | 22 +++---------------- 1 file changed, 3 insertions(+), 19 deletions(-) diff --git a/core/java/android/net/KeepalivePacketData.java b/core/java/android/net/KeepalivePacketData.java index 2b8b7e69de..6c0ba2f63a 100644 --- a/core/java/android/net/KeepalivePacketData.java +++ b/core/java/android/net/KeepalivePacketData.java @@ -22,7 +22,6 @@ import static android.net.InvalidPacketException.ERROR_INVALID_PORT; import android.annotation.NonNull; import android.annotation.SystemApi; import android.net.util.IpUtils; -import android.os.Parcel; import android.util.Log; import java.net.InetAddress; @@ -30,7 +29,6 @@ import java.net.InetAddress; /** * Represents the actual packets that are sent by the * {@link android.net.SocketKeepalive} API. - * * @hide */ @SystemApi @@ -54,6 +52,9 @@ public class KeepalivePacketData { /** Packet data. A raw byte string of packet data, not including the link-layer header. */ private final byte[] mPacket; + // Note: If you add new fields, please modify the parcelling code in the child classes. + + // This should only be constructed via static factory methods, such as // nattKeepalivePacket. /** @@ -87,21 +88,4 @@ public class KeepalivePacketData { return mPacket.clone(); } - /** @hide */ - public void writeToParcel(Parcel out, int flags) { - out.writeString(srcAddress.getHostAddress()); - out.writeString(dstAddress.getHostAddress()); - out.writeInt(srcPort); - out.writeInt(dstPort); - out.writeByteArray(mPacket); - } - - /** @hide */ - protected KeepalivePacketData(Parcel in) { - srcAddress = NetworkUtils.numericToInetAddress(in.readString()); - dstAddress = NetworkUtils.numericToInetAddress(in.readString()); - srcPort = in.readInt(); - dstPort = in.readInt(); - mPacket = in.createByteArray(); - } }