LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename setAccessUids to setAllowedUids

Browse Source 
Bug: 217725769
Test: ConnectivityServiceTest CtsNetTestCases
Change-Id: Ic8a3f91553d1462b7f54259c467fb90a950bdd59
Merged-In: I8860fbb353eedf5d01e9dc248e4d765046bd562c
This commit is contained in:
Chalard Jean
2022-02-25 16:12:12 +09:00
committed by Sooraj Sasindran
parent 2ccbfe9d8f
commit de665266cd
7 changed files with 98 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
framework/api/module-lib-current.txt
View File

@@ -141,7 +141,7 @@ package android.net {
}
public final class NetworkCapabilities implements android.os.Parcelable {
method @NonNull @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public java.util.Set<java.lang.Integer> getAccessUids();
method @NonNull @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public java.util.Set<java.lang.Integer> getAllowedUids();
method @Nullable public java.util.Set<android.util.Range<java.lang.Integer>> getUids();
method public boolean hasForbiddenCapability(int);
field public static final long REDACT_ALL = -1L; // 0xffffffffffffffffL
@@ -153,7 +153,7 @@ package android.net {
}
public static final class NetworkCapabilities.Builder {
method @NonNull @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public android.net.NetworkCapabilities.Builder setAccessUids(@NonNull java.util.Set<java.lang.Integer>);
method @NonNull @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public android.net.NetworkCapabilities.Builder setAllowedUids(@NonNull java.util.Set<java.lang.Integer>);
method @NonNull public android.net.NetworkCapabilities.Builder setUids(@Nullable java.util.Set<android.util.Range<java.lang.Integer>>);
}

63
framework/src/android/net/NetworkCapabilities.java
View File

@@ -269,7 +269,7 @@ public final class NetworkCapabilities implements Parcelable {
mTransportInfo = null;
mSignalStrength = SIGNAL_STRENGTH_UNSPECIFIED;
mUids = null;
mAccessUids.clear();
mAllowedUids.clear();
mAdministratorUids = new int[0];
mOwnerUid = Process.INVALID_UID;
mSSID = null;
@@ -300,7 +300,7 @@ public final class NetworkCapabilities implements Parcelable {
}
mSignalStrength = nc.mSignalStrength;
mUids = (nc.mUids == null) ? null : new ArraySet<>(nc.mUids);
setAccessUids(nc.mAccessUids);
setAllowedUids(nc.mAllowedUids);
setAdministratorUids(nc.getAdministratorUids());
mOwnerUid = nc.mOwnerUid;
mForbiddenNetworkCapabilities = nc.mForbiddenNetworkCapabilities;
@@ -1034,7 +1034,7 @@ public final class NetworkCapabilities implements Parcelable {
final int[] originalAdministratorUids = getAdministratorUids();
final TransportInfo originalTransportInfo = getTransportInfo();
final Set<Integer> originalSubIds = getSubscriptionIds();
final Set<Integer> originalAccessUids = new ArraySet<>(mAccessUids);
final Set<Integer> originalAllowedUids = new ArraySet<>(mAllowedUids);
clearAll();
if (0 != (originalCapabilities & (1 << NET_CAPABILITY_NOT_RESTRICTED))) {
// If the test network is not restricted, then it is only allowed to declare some
@@ -1054,7 +1054,7 @@ public final class NetworkCapabilities implements Parcelable {
mNetworkSpecifier = originalSpecifier;
mSignalStrength = originalSignalStrength;
mTransportInfo = originalTransportInfo;
mAccessUids.addAll(originalAccessUids);
mAllowedUids.addAll(originalAllowedUids);
// Only retain the owner and administrator UIDs if they match the app registering the remote
// caller that registered the network.
@@ -1841,20 +1841,20 @@ public final class NetworkCapabilities implements Parcelable {
* @hide
*/
@NonNull
private final ArraySet<Integer> mAccessUids = new ArraySet<>();
private final ArraySet<Integer> mAllowedUids = new ArraySet<>();
/**
* Set the list of UIDs that can always access this network.
* @param uids
* @hide
*/
public void setAccessUids(@NonNull final Set<Integer> uids) {
public void setAllowedUids(@NonNull final Set<Integer> uids) {
// could happen with nc.set(nc), cheaper than always making a defensive copy
if (uids == mAccessUids) return;
if (uids == mAllowedUids) return;
Objects.requireNonNull(uids);
mAccessUids.clear();
mAccessUids.addAll(uids);
mAllowedUids.clear();
mAllowedUids.addAll(uids);
}
/**
@@ -1872,35 +1872,36 @@ public final class NetworkCapabilities implements Parcelable {
*/
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
@RequiresPermission(android.Manifest.permission.NETWORK_FACTORY)
public @NonNull Set<Integer> getAccessUids() {
return new ArraySet<>(mAccessUids);
public @NonNull Set<Integer> getAllowedUids() {
return new ArraySet<>(mAllowedUids);
}
/** @hide */
// For internal clients that know what they are doing and need to avoid the performance hit
// of the defensive copy.
public @NonNull ArraySet<Integer> getAccessUidsNoCopy() {
return mAccessUids;
public @NonNull ArraySet<Integer> getAllowedUidsNoCopy() {
return mAllowedUids;
}
/**
* Test whether this UID has special permission to access this network, as per mAccessUids.
* Test whether this UID has special permission to access this network, as per mAllowedUids.
* @hide
*/
public boolean isAccessUid(int uid) {
return mAccessUids.contains(uid);
// TODO : should this be "doesUidHaveAccess" and check the USE_RESTRICTED_NETWORKS permission ?
public boolean isUidWithAccess(int uid) {
return mAllowedUids.contains(uid);
}
/**
* @return whether any UID is in the list of access UIDs
* @hide
*/
public boolean hasAccessUids() {
return !mAccessUids.isEmpty();
public boolean hasAllowedUids() {
return !mAllowedUids.isEmpty();
}
private boolean equalsAccessUids(@NonNull NetworkCapabilities other) {
return mAccessUids.equals(other.mAccessUids);
private boolean equalsAllowedUids(@NonNull NetworkCapabilities other) {
return mAllowedUids.equals(other.mAllowedUids);
}
/**
@@ -2057,7 +2058,7 @@ public final class NetworkCapabilities implements Parcelable {
&& equalsSpecifier(that)
&& equalsTransportInfo(that)
&& equalsUids(that)
&& equalsAccessUids(that)
&& equalsAllowedUids(that)
&& equalsSSID(that)
&& equalsOwnerUid(that)
&& equalsPrivateDnsBroken(that)
@@ -2082,7 +2083,7 @@ public final class NetworkCapabilities implements Parcelable {
+ mSignalStrength * 29
+ mOwnerUid * 31
+ Objects.hashCode(mUids) * 37
+ Objects.hashCode(mAccessUids) * 41
+ Objects.hashCode(mAllowedUids) * 41
+ Objects.hashCode(mSSID) * 43
+ Objects.hashCode(mTransportInfo) * 47
+ Objects.hashCode(mPrivateDnsBroken) * 53
@@ -2119,7 +2120,7 @@ public final class NetworkCapabilities implements Parcelable {
dest.writeParcelable((Parcelable) mTransportInfo, flags);
dest.writeInt(mSignalStrength);
writeParcelableArraySet(dest, mUids, flags);
dest.writeIntArray(CollectionUtils.toIntArray(mAccessUids));
dest.writeIntArray(CollectionUtils.toIntArray(mAllowedUids));
dest.writeString(mSSID);
dest.writeBoolean(mPrivateDnsBroken);
dest.writeIntArray(getAdministratorUids());
@@ -2146,10 +2147,10 @@ public final class NetworkCapabilities implements Parcelable {
netCap.mTransportInfo = in.readParcelable(null);
netCap.mSignalStrength = in.readInt();
netCap.mUids = readParcelableArraySet(in, null /* ClassLoader, null for default */);
final int[] accessUids = in.createIntArray();
netCap.mAccessUids.ensureCapacity(accessUids.length);
for (int uid : accessUids) {
netCap.mAccessUids.add(uid);
final int[] allowedUids = in.createIntArray();
netCap.mAllowedUids.ensureCapacity(allowedUids.length);
for (int uid : allowedUids) {
netCap.mAllowedUids.add(uid);
}
netCap.mSSID = in.readString();
netCap.mPrivateDnsBroken = in.readBoolean();
@@ -2228,8 +2229,8 @@ public final class NetworkCapabilities implements Parcelable {
}
}
if (hasAccessUids()) {
sb.append(" AccessUids: <").append(mAccessUids).append(">");
if (hasAllowedUids()) {
sb.append(" AllowedUids: <").append(mAllowedUids).append(">");
}
if (mOwnerUid != Process.INVALID_UID) {
@@ -3048,9 +3049,9 @@ public final class NetworkCapabilities implements Parcelable {
@NonNull
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
@RequiresPermission(android.Manifest.permission.NETWORK_FACTORY)
public Builder setAccessUids(@NonNull Set<Integer> uids) {
public Builder setAllowedUids(@NonNull Set<Integer> uids) {
Objects.requireNonNull(uids);
mCaps.setAccessUids(uids);
mCaps.setAllowedUids(uids);
return this;
}

18
service/src/com/android/server/ConnectivityService.java
View File

@@ -2252,7 +2252,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
newNc.setAdministratorUids(new int[0]);
if (!checkAnyPermissionOf(
callerPid, callerUid, android.Manifest.permission.NETWORK_FACTORY)) {
newNc.setAccessUids(new ArraySet<>());
newNc.setAllowedUids(new ArraySet<>());
newNc.setSubscriptionIds(Collections.emptySet());
}
@@ -6466,7 +6466,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
if (nc.isPrivateDnsBroken()) {
throw new IllegalArgumentException("Can't request broken private DNS");
}
if (nc.hasAccessUids()) {
if (nc.hasAllowedUids()) {
throw new IllegalArgumentException("Can't request access UIDs");
}
}
@@ -7923,7 +7923,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
final NetworkCapabilities prevNc = nai.getAndSetNetworkCapabilities(newNc);
updateVpnUids(nai, prevNc, newNc);
updateAccessUids(nai, prevNc, newNc);
updateAllowedUids(nai, prevNc, newNc);
nai.updateScoreForNetworkAgentUpdate();
if (nai.getCurrentScore() == oldScore && newNc.equalRequestableCapabilities(prevNc)) {
@@ -8153,17 +8153,17 @@ public class ConnectivityService extends IConnectivityManager.Stub
}
}
private void updateAccessUids(@NonNull NetworkAgentInfo nai,
private void updateAllowedUids(@NonNull NetworkAgentInfo nai,
@Nullable NetworkCapabilities prevNc, @Nullable NetworkCapabilities newNc) {
// In almost all cases both NC code for empty access UIDs. return as fast as possible.
final boolean prevEmpty = null == prevNc || prevNc.getAccessUidsNoCopy().isEmpty();
final boolean newEmpty = null == newNc || newNc.getAccessUidsNoCopy().isEmpty();
final boolean prevEmpty = null == prevNc || prevNc.getAllowedUidsNoCopy().isEmpty();
final boolean newEmpty = null == newNc || newNc.getAllowedUidsNoCopy().isEmpty();
if (prevEmpty && newEmpty) return;
final ArraySet<Integer> prevUids =
null == prevNc ? new ArraySet<>() : prevNc.getAccessUidsNoCopy();
null == prevNc ? new ArraySet<>() : prevNc.getAllowedUidsNoCopy();
final ArraySet<Integer> newUids =
null == newNc ? new ArraySet<>() : newNc.getAccessUidsNoCopy();
null == newNc ? new ArraySet<>() : newNc.getAllowedUidsNoCopy();
if (prevUids.equals(newUids)) return;
@@ -9113,7 +9113,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
}
networkAgent.created = true;
networkAgent.onNetworkCreated();
updateAccessUids(networkAgent, null, networkAgent.networkCapabilities);
updateAllowedUids(networkAgent, null, networkAgent.networkCapabilities);
}
if (!networkAgent.everConnected && state == NetworkInfo.State.CONNECTED) {

12
service/src/com/android/server/connectivity/NetworkAgentInfo.java
View File

@@ -1219,16 +1219,16 @@ public class NetworkAgentInfo implements Comparable<NetworkAgentInfo>, NetworkRa
if (nc.hasTransport(TRANSPORT_TEST)) {
nc.restrictCapabilitiesForTestNetwork(creatorUid);
}
if (!areAccessUidsAcceptableFromNetworkAgent(nc, authenticator)) {
nc.setAccessUids(new ArraySet<>());
if (!areAllowedUidsAcceptableFromNetworkAgent(nc, authenticator)) {
nc.setAllowedUids(new ArraySet<>());
}
}
private static boolean areAccessUidsAcceptableFromNetworkAgent(
private static boolean areAllowedUidsAcceptableFromNetworkAgent(
@NonNull final NetworkCapabilities nc,
@Nullable final CarrierPrivilegeAuthenticator carrierPrivilegeAuthenticator) {
// NCs without access UIDs are fine.
if (!nc.hasAccessUids()) return true;
if (!nc.hasAllowedUids()) return true;
// S and below must never accept access UIDs, even if an agent sends them, because netd
// didn't support the required feature in S.
if (!SdkLevel.isAtLeastT()) return false;
@@ -1244,9 +1244,9 @@ public class NetworkAgentInfo implements Comparable<NetworkAgentInfo>, NetworkRa
// This can only work in T where there is support for CarrierPrivilegeAuthenticator
if (null != carrierPrivilegeAuthenticator
&& nc.hasSingleTransport(TRANSPORT_CELLULAR)
&& (1 == nc.getAccessUidsNoCopy().size())
&& (1 == nc.getAllowedUidsNoCopy().size())
&& (carrierPrivilegeAuthenticator.hasCarrierPrivilegeForNetworkCapabilities(
nc.getAccessUidsNoCopy().valueAt(0), nc))) {
nc.getAllowedUidsNoCopy().valueAt(0), nc))) {
return true;
}

40
tests/common/java/android/net/NetworkCapabilitiesTest.java
View File

@@ -310,38 +310,38 @@ public class NetworkCapabilitiesTest {
}
@Test @IgnoreUpTo(SC_V2)
public void testSetAccessUids() {
public void testSetAllowedUids() {
final NetworkCapabilities nc = new NetworkCapabilities();
assertThrows(NullPointerException.class, () -> nc.setAccessUids(null));
assertFalse(nc.hasAccessUids());
assertFalse(nc.isAccessUid(0));
assertFalse(nc.isAccessUid(1000));
assertEquals(0, nc.getAccessUids().size());
nc.setAccessUids(new ArraySet<>());
assertFalse(nc.hasAccessUids());
assertFalse(nc.isAccessUid(0));
assertFalse(nc.isAccessUid(1000));
assertEquals(0, nc.getAccessUids().size());
assertThrows(NullPointerException.class, () -> nc.setAllowedUids(null));
assertFalse(nc.hasAllowedUids());
assertFalse(nc.isUidWithAccess(0));
assertFalse(nc.isUidWithAccess(1000));
assertEquals(0, nc.getAllowedUids().size());
nc.setAllowedUids(new ArraySet<>());
assertFalse(nc.hasAllowedUids());
assertFalse(nc.isUidWithAccess(0));
assertFalse(nc.isUidWithAccess(1000));
assertEquals(0, nc.getAllowedUids().size());
final ArraySet<Integer> uids = new ArraySet<>();
uids.add(200);
uids.add(250);
uids.add(-1);
uids.add(Integer.MAX_VALUE);
nc.setAccessUids(uids);
nc.setAllowedUids(uids);
assertNotEquals(nc, new NetworkCapabilities());
assertTrue(nc.hasAccessUids());
assertTrue(nc.hasAllowedUids());
final List<Integer> includedList = List.of(-2, 0, 199, 700, 901, 1000, Integer.MIN_VALUE);
final List<Integer> excludedList = List.of(-1, 200, 250, Integer.MAX_VALUE);
for (final int uid : includedList) {
assertFalse(nc.isAccessUid(uid));
assertFalse(nc.isUidWithAccess(uid));
}
for (final int uid : excludedList) {
assertTrue(nc.isAccessUid(uid));
assertTrue(nc.isUidWithAccess(uid));
}
final Set<Integer> outUids = nc.getAccessUids();
final Set<Integer> outUids = nc.getAllowedUids();
assertEquals(4, outUids.size());
for (final int uid : includedList) {
assertFalse(outUids.contains(uid));
@@ -361,10 +361,10 @@ public class NetworkCapabilitiesTest {
.addCapability(NET_CAPABILITY_EIMS)
.addCapability(NET_CAPABILITY_NOT_METERED);
if (isAtLeastS()) {
final ArraySet<Integer> accessUids = new ArraySet<>();
accessUids.add(4);
accessUids.add(9);
netCap.setAccessUids(accessUids);
final ArraySet<Integer> allowedUids = new ArraySet<>();
allowedUids.add(4);
allowedUids.add(9);
netCap.setAllowedUids(allowedUids);
netCap.setSubscriptionIds(Set.of(TEST_SUBID1, TEST_SUBID2));
netCap.setUids(uids);
}

12
tests/cts/net/src/android/net/cts/NetworkAgentTest.kt
View File

@@ -493,33 +493,33 @@ class NetworkAgentTest {
}
}
private fun ncWithAccessUids(vararg uids: Int) = NetworkCapabilities.Builder()
private fun ncWithAllowedUids(vararg uids: Int) = NetworkCapabilities.Builder()
.addTransportType(TRANSPORT_TEST)
.setAccessUids(uids.toSet()).build()
.setAllowedUids(uids.toSet()).build()
@Test
fun testRejectedUpdates() {
val callback = TestableNetworkCallback(DEFAULT_TIMEOUT_MS)
// will be cleaned up in tearDown
registerNetworkCallback(makeTestNetworkRequest(), callback)
val agent = createNetworkAgent(initialNc = ncWithAccessUids(200))
val agent = createNetworkAgent(initialNc = ncWithAllowedUids(200))
agent.register()
agent.markConnected()
// Make sure the UIDs have been ignored.
callback.expectCallback<Available>(agent.network!!)
callback.expectCapabilitiesThat(agent.network!!) {
it.accessUids.isEmpty() && !it.hasCapability(NET_CAPABILITY_VALIDATED)
it.allowedUids.isEmpty() && !it.hasCapability(NET_CAPABILITY_VALIDATED)
}
callback.expectCallback<LinkPropertiesChanged>(agent.network!!)
callback.expectCallback<BlockedStatus>(agent.network!!)
callback.expectCapabilitiesThat(agent.network!!) {
it.accessUids.isEmpty() && it.hasCapability(NET_CAPABILITY_VALIDATED)
it.allowedUids.isEmpty() && it.hasCapability(NET_CAPABILITY_VALIDATED)
}
callback.assertNoCallback(NO_CALLBACK_TIMEOUT)
// Make sure that the UIDs are also ignored upon update
agent.sendNetworkCapabilities(ncWithAccessUids(200, 300))
agent.sendNetworkCapabilities(ncWithAllowedUids(200, 300))
callback.assertNoCallback(NO_CALLBACK_TIMEOUT)
}

46
tests/unit/java/com/android/server/ConnectivityServiceTest.java
View File

@@ -3906,14 +3906,14 @@ public class ConnectivityServiceTest {
}
@Test
public void testNoAccessUidsInNetworkRequests() throws Exception {
public void testNoAllowedUidsInNetworkRequests() throws Exception {
final PendingIntent pendingIntent = PendingIntent.getBroadcast(
mContext, 0 /* requestCode */, new Intent("a"), FLAG_IMMUTABLE);
final NetworkRequest r = new NetworkRequest.Builder().build();
final ArraySet<Integer> accessUids = new ArraySet<>();
accessUids.add(6);
accessUids.add(9);
r.networkCapabilities.setAccessUids(accessUids);
final ArraySet<Integer> allowedUids = new ArraySet<>();
allowedUids.add(6);
allowedUids.add(9);
r.networkCapabilities.setAllowedUids(allowedUids);
final Handler handler = new Handler(ConnectivityThread.getInstanceLooper());
final NetworkCallback cb = new NetworkCallback();
@@ -3928,7 +3928,7 @@ public class ConnectivityServiceTest {
// Make sure that resetting the access UIDs to the empty set will allow calling
// requestNetwork and registerNetworkCallback.
r.networkCapabilities.setAccessUids(Collections.emptySet());
r.networkCapabilities.setAllowedUids(Collections.emptySet());
mCm.requestNetwork(r, cb);
mCm.unregisterNetworkCallback(cb);
mCm.registerNetworkCallback(r, cb);
@@ -14688,7 +14688,7 @@ public class ConnectivityServiceTest {
}
@Test
public void testAccessUids() throws Exception {
public void testAllowedUids() throws Exception {
final int preferenceOrder =
ConnectivityService.PREFERENCE_ORDER_IRRELEVANT_BECAUSE_NOT_DEFAULT;
mServiceContext.setPermission(NETWORK_FACTORY, PERMISSION_GRANTED);
@@ -14705,7 +14705,7 @@ public class ConnectivityServiceTest {
final NetworkCapabilities nc = new NetworkCapabilities.Builder()
.addTransportType(TRANSPORT_TEST)
.removeCapability(NET_CAPABILITY_NOT_RESTRICTED)
.setAccessUids(uids)
.setAllowedUids(uids)
.build();
final TestNetworkAgentWrapper agent = new TestNetworkAgentWrapper(TRANSPORT_TEST,
new LinkProperties(), nc);
@@ -14723,10 +14723,10 @@ public class ConnectivityServiceTest {
uids.add(300);
uids.add(400);
nc.setAccessUids(uids);
nc.setAllowedUids(uids);
agent.setNetworkCapabilities(nc, true /* sendToConnectivityService */);
if (SdkLevel.isAtLeastT()) {
cb.expectCapabilitiesThat(agent, caps -> caps.getAccessUids().equals(uids));
cb.expectCapabilitiesThat(agent, caps -> caps.getAllowedUids().equals(uids));
} else {
cb.assertNoCallback();
}
@@ -14740,10 +14740,10 @@ public class ConnectivityServiceTest {
inOrder.verify(mMockNetd, times(1)).networkAddUidRangesParcel(uids300400Parcel);
}
nc.setAccessUids(uids);
nc.setAllowedUids(uids);
agent.setNetworkCapabilities(nc, true /* sendToConnectivityService */);
if (SdkLevel.isAtLeastT()) {
cb.expectCapabilitiesThat(agent, caps -> caps.getAccessUids().equals(uids));
cb.expectCapabilitiesThat(agent, caps -> caps.getAllowedUids().equals(uids));
inOrder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(uids200Parcel);
} else {
cb.assertNoCallback();
@@ -14751,10 +14751,10 @@ public class ConnectivityServiceTest {
uids.clear();
uids.add(600);
nc.setAccessUids(uids);
nc.setAllowedUids(uids);
agent.setNetworkCapabilities(nc, true /* sendToConnectivityService */);
if (SdkLevel.isAtLeastT()) {
cb.expectCapabilitiesThat(agent, caps -> caps.getAccessUids().equals(uids));
cb.expectCapabilitiesThat(agent, caps -> caps.getAllowedUids().equals(uids));
} else {
cb.assertNoCallback();
}
@@ -14768,10 +14768,10 @@ public class ConnectivityServiceTest {
}
uids.clear();
nc.setAccessUids(uids);
nc.setAllowedUids(uids);
agent.setNetworkCapabilities(nc, true /* sendToConnectivityService */);
if (SdkLevel.isAtLeastT()) {
cb.expectCapabilitiesThat(agent, caps -> caps.getAccessUids().isEmpty());
cb.expectCapabilitiesThat(agent, caps -> caps.getAllowedUids().isEmpty());
inOrder.verify(mMockNetd, times(1)).networkRemoveUidRangesParcel(uids600Parcel);
} else {
cb.assertNoCallback();
@@ -14782,7 +14782,7 @@ public class ConnectivityServiceTest {
}
@Test
public void testCbsAccessUids() throws Exception {
public void testCbsAllowedUids() throws Exception {
mServiceContext.setPermission(NETWORK_FACTORY, PERMISSION_GRANTED);
mServiceContext.setPermission(MANAGE_TEST_NETWORKS, PERMISSION_GRANTED);
@@ -14819,29 +14819,29 @@ public class ConnectivityServiceTest {
new LinkProperties(), ncb.build());
mCellNetworkAgent.connect(true);
cb.expectAvailableThenValidatedCallbacks(mCellNetworkAgent);
ncb.setAccessUids(serviceUidSet);
ncb.setAllowedUids(serviceUidSet);
mCellNetworkAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
if (SdkLevel.isAtLeastT()) {
cb.expectCapabilitiesThat(mCellNetworkAgent,
caps -> caps.getAccessUids().equals(serviceUidSet));
caps -> caps.getAllowedUids().equals(serviceUidSet));
} else {
// S must ignore access UIDs.
cb.assertNoCallback(TEST_CALLBACK_TIMEOUT_MS);
}
// ...but not to some other UID. Rejection sets UIDs to the empty set
ncb.setAccessUids(nonServiceUidSet);
ncb.setAllowedUids(nonServiceUidSet);
mCellNetworkAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
if (SdkLevel.isAtLeastT()) {
cb.expectCapabilitiesThat(mCellNetworkAgent,
caps -> caps.getAccessUids().isEmpty());
caps -> caps.getAllowedUids().isEmpty());
} else {
// S must ignore access UIDs.
cb.assertNoCallback(TEST_CALLBACK_TIMEOUT_MS);
}
// ...and also not to multiple UIDs even including the service UID
ncb.setAccessUids(serviceUidSetPlus);
ncb.setAllowedUids(serviceUidSetPlus);
mCellNetworkAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
cb.assertNoCallback(TEST_CALLBACK_TIMEOUT_MS);
@@ -14864,7 +14864,7 @@ public class ConnectivityServiceTest {
new LinkProperties(), ncb.build());
mWiFiNetworkAgent.connect(true);
cb.expectAvailableThenValidatedCallbacks(mWiFiNetworkAgent);
ncb.setAccessUids(serviceUidSet);
ncb.setAllowedUids(serviceUidSet);
mWiFiNetworkAgent.setNetworkCapabilities(ncb.build(), true /* sendToCS */);
cb.assertNoCallback(TEST_CALLBACK_TIMEOUT_MS);
mCm.unregisterNetworkCallback(cb);