LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add tests for Tunnel, Transport mode application with released SPIs

Browse Source 
This change adds tests to validate that both transport and tunnel mode
transforms continue to work even after the SPI resource has been
released. Specifically, since SPI resources are effectively subsumed by
the creation of a Transform, the SPI resource is still "alive", but
removed from the user-tracking sparse arrays.

Bug: 142072071
Test: Added these new tests. Failing prior to aosp/1133555, passes with.
Change-Id: I37dd459d08b57b14f72f3b28ea80fa231b152f10
This commit is contained in:
Benedict Wong
2020-03-10 23:38:04 -07:00
parent 73808bd4cf
commit b645699cdb
1 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
tests/net/java/com/android/server/IpSecServiceParameterizedTest.java
View File

@@ -544,6 +544,16 @@ public class IpSecServiceParameterizedTest {
@Test @Test
public void testApplyTransportModeTransform() throws Exception { public void testApplyTransportModeTransform() throws Exception {
verifyApplyTransportModeTransformCommon(false);
}
@Test
public void testApplyTransportModeTransformReleasedSpi() throws Exception {
verifyApplyTransportModeTransformCommon(true);
}
public void verifyApplyTransportModeTransformCommon(
boolean closeSpiBeforeApply) throws Exception {
IpSecConfig ipSecConfig = new IpSecConfig(); IpSecConfig ipSecConfig = new IpSecConfig();
addDefaultSpisAndRemoteAddrToIpSecConfig(ipSecConfig); addDefaultSpisAndRemoteAddrToIpSecConfig(ipSecConfig);
addAuthAndCryptToIpSecConfig(ipSecConfig); addAuthAndCryptToIpSecConfig(ipSecConfig);
@@ -551,6 +561,10 @@ public class IpSecServiceParameterizedTest {
IpSecTransformResponse createTransformResp = IpSecTransformResponse createTransformResp =
mIpSecService.createTransform(ipSecConfig, new Binder(), "blessedPackage"); mIpSecService.createTransform(ipSecConfig, new Binder(), "blessedPackage");
if (closeSpiBeforeApply) {
mIpSecService.releaseSecurityParameterIndex(ipSecConfig.getSpiResourceId());
}
Socket socket = new Socket(); Socket socket = new Socket();
socket.bind(null); socket.bind(null);
ParcelFileDescriptor pfd = ParcelFileDescriptor.fromSocket(socket); ParcelFileDescriptor pfd = ParcelFileDescriptor.fromSocket(socket);
@@ -656,6 +670,15 @@ public class IpSecServiceParameterizedTest {
@Test @Test
public void testApplyTunnelModeTransform() throws Exception { public void testApplyTunnelModeTransform() throws Exception {
verifyApplyTunnelModeTransformCommon(false);
}
@Test
public void testApplyTunnelModeTransformReleasedSpi() throws Exception {
verifyApplyTunnelModeTransformCommon(true);
}
public void verifyApplyTunnelModeTransformCommon(boolean closeSpiBeforeApply) throws Exception {
IpSecConfig ipSecConfig = new IpSecConfig(); IpSecConfig ipSecConfig = new IpSecConfig();
ipSecConfig.setMode(IpSecTransform.MODE_TUNNEL); ipSecConfig.setMode(IpSecTransform.MODE_TUNNEL);
addDefaultSpisAndRemoteAddrToIpSecConfig(ipSecConfig); addDefaultSpisAndRemoteAddrToIpSecConfig(ipSecConfig);
@@ -666,6 +689,10 @@ public class IpSecServiceParameterizedTest {
IpSecTunnelInterfaceResponse createTunnelResp = IpSecTunnelInterfaceResponse createTunnelResp =
createAndValidateTunnel(mSourceAddr, mDestinationAddr, "blessedPackage"); createAndValidateTunnel(mSourceAddr, mDestinationAddr, "blessedPackage");
if (closeSpiBeforeApply) {
mIpSecService.releaseSecurityParameterIndex(ipSecConfig.getSpiResourceId());
}
int transformResourceId = createTransformResp.resourceId; int transformResourceId = createTransformResp.resourceId;
int tunnelResourceId = createTunnelResp.resourceId; int tunnelResourceId = createTunnelResp.resourceId;
mIpSecService.applyTunnelModeTransform(tunnelResourceId, IpSecManager.DIRECTION_OUT, mIpSecService.applyTunnelModeTransform(tunnelResourceId, IpSecManager.DIRECTION_OUT,