LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge changes from topic "ipsec-resource-id-cleanup" am: 2b36299c73

Browse Source 
am: d7319df4d0

Change-Id: If6ab575e2f30fc70d73e6f8787c87f3c7a2ab09d
This commit is contained in:
nharold
2018-01-08 20:16:08 +00:00
committed by android-build-merger
parent 3e4af1dfe7 fdafce24cf
commit f81e9dcf6a
4 changed files with 31 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
core/java/android/net/IpSecConfig.java
View File

@@ -102,17 +102,11 @@ public final class IpSecConfig implements Parcelable {
/** Set the local IP address for Tunnel mode */ /** Set the local IP address for Tunnel mode */
public void setLocalAddress(String localAddress) { public void setLocalAddress(String localAddress) {
if (localAddress == null) {
throw new IllegalArgumentException("localAddress may not be null!");
}
mLocalAddress = localAddress; mLocalAddress = localAddress;
} }
/** Set the remote IP address for this IPsec transform */ /** Set the remote IP address for this IPsec transform */
public void setRemoteAddress(String remoteAddress) { public void setRemoteAddress(String remoteAddress) {
if (remoteAddress == null) {
throw new IllegalArgumentException("remoteAddress may not be null!");
}
mRemoteAddress = remoteAddress; mRemoteAddress = remoteAddress;
} }

8
core/java/android/net/IpSecManager.java
View File

@@ -69,7 +69,7 @@ public final class IpSecManager {
} }
/** @hide */ /** @hide */
public static final int INVALID_RESOURCE_ID = 0; public static final int INVALID_RESOURCE_ID = -1;
/** /**
* Thrown to indicate that a requested SPI is in use. * Thrown to indicate that a requested SPI is in use.
@@ -128,7 +128,7 @@ public final class IpSecManager {
private final InetAddress mRemoteAddress; private final InetAddress mRemoteAddress;
private final CloseGuard mCloseGuard = CloseGuard.get(); private final CloseGuard mCloseGuard = CloseGuard.get();
private int mSpi = INVALID_SECURITY_PARAMETER_INDEX; private int mSpi = INVALID_SECURITY_PARAMETER_INDEX;
private int mResourceId; private int mResourceId = INVALID_RESOURCE_ID;
/** Get the underlying SPI held by this object. */ /** Get the underlying SPI held by this object. */
public int getSpi() { public int getSpi() {
@@ -146,6 +146,7 @@ public final class IpSecManager {
public void close() { public void close() {
try { try {
mService.releaseSecurityParameterIndex(mResourceId); mService.releaseSecurityParameterIndex(mResourceId);
mResourceId = INVALID_RESOURCE_ID;
} catch (RemoteException e) { } catch (RemoteException e) {
throw e.rethrowFromSystemServer(); throw e.rethrowFromSystemServer();
} }
@@ -501,7 +502,7 @@ public final class IpSecManager {
public static final class UdpEncapsulationSocket implements AutoCloseable { public static final class UdpEncapsulationSocket implements AutoCloseable {
private final ParcelFileDescriptor mPfd; private final ParcelFileDescriptor mPfd;
private final IIpSecService mService; private final IIpSecService mService;
private final int mResourceId; private int mResourceId = INVALID_RESOURCE_ID;
private final int mPort; private final int mPort;
private final CloseGuard mCloseGuard = CloseGuard.get(); private final CloseGuard mCloseGuard = CloseGuard.get();
@@ -554,6 +555,7 @@ public final class IpSecManager {
public void close() throws IOException { public void close() throws IOException {
try { try {
mService.closeUdpEncapsulationSocket(mResourceId); mService.closeUdpEncapsulationSocket(mResourceId);
mResourceId = INVALID_RESOURCE_ID;
} catch (RemoteException e) { } catch (RemoteException e) {
throw e.rethrowFromSystemServer(); throw e.rethrowFromSystemServer();
} }

17
core/java/android/net/IpSecTransform.java
View File

@@ -347,6 +347,9 @@ public final class IpSecTransform implements AutoCloseable {
*/ */
public IpSecTransform.Builder setSpi( public IpSecTransform.Builder setSpi(
@TransformDirection int direction, IpSecManager.SecurityParameterIndex spi) { @TransformDirection int direction, IpSecManager.SecurityParameterIndex spi) {
if (spi.getResourceId() == INVALID_RESOURCE_ID) {
throw new IllegalArgumentException("Invalid SecurityParameterIndex");
}
mConfig.setSpiResourceId(direction, spi.getResourceId()); mConfig.setSpiResourceId(direction, spi.getResourceId());
return this; return this;
} }
@@ -381,6 +384,9 @@ public final class IpSecTransform implements AutoCloseable {
public IpSecTransform.Builder setIpv4Encapsulation( public IpSecTransform.Builder setIpv4Encapsulation(
IpSecManager.UdpEncapsulationSocket localSocket, int remotePort) { IpSecManager.UdpEncapsulationSocket localSocket, int remotePort) {
mConfig.setEncapType(ENCAP_ESPINUDP); mConfig.setEncapType(ENCAP_ESPINUDP);
if (localSocket.getResourceId() == INVALID_RESOURCE_ID) {
throw new IllegalArgumentException("Invalid UdpEncapsulationSocket");
}
mConfig.setEncapSocketResourceId(localSocket.getResourceId()); mConfig.setEncapSocketResourceId(localSocket.getResourceId());
mConfig.setEncapRemotePort(remotePort); mConfig.setEncapRemotePort(remotePort);
return this; return this;
@@ -426,6 +432,9 @@ public final class IpSecTransform implements AutoCloseable {
public IpSecTransform buildTransportModeTransform(InetAddress remoteAddress) public IpSecTransform buildTransportModeTransform(InetAddress remoteAddress)
throws IpSecManager.ResourceUnavailableException, throws IpSecManager.ResourceUnavailableException,
IpSecManager.SpiUnavailableException, IOException { IpSecManager.SpiUnavailableException, IOException {
if (remoteAddress == null) {
throw new IllegalArgumentException("Remote address may not be null or empty!");
}
mConfig.setMode(MODE_TRANSPORT); mConfig.setMode(MODE_TRANSPORT);
mConfig.setRemoteAddress(remoteAddress.getHostAddress()); mConfig.setRemoteAddress(remoteAddress.getHostAddress());
// FIXME: modifying a builder after calling build can change the built transform. // FIXME: modifying a builder after calling build can change the built transform.
@@ -447,8 +456,12 @@ public final class IpSecTransform implements AutoCloseable {
*/ */
public IpSecTransform buildTunnelModeTransform( public IpSecTransform buildTunnelModeTransform(
InetAddress localAddress, InetAddress remoteAddress) { InetAddress localAddress, InetAddress remoteAddress) {
// FIXME: argument validation here if (localAddress == null) {
// throw new IllegalArgumentException("Natt Keepalive requires UDP Encapsulation"); throw new IllegalArgumentException("Local address may not be null or empty!");
}
if (remoteAddress == null) {
throw new IllegalArgumentException("Remote address may not be null or empty!");
}
mConfig.setLocalAddress(localAddress.getHostAddress()); mConfig.setLocalAddress(localAddress.getHostAddress());
mConfig.setRemoteAddress(remoteAddress.getHostAddress()); mConfig.setRemoteAddress(remoteAddress.getHostAddress());
mConfig.setMode(MODE_TUNNEL); mConfig.setMode(MODE_TUNNEL);

16
services/core/java/com/android/server/IpSecService.java
View File

@@ -102,8 +102,14 @@ public class IpSecService extends IIpSecService.Stub {
/* Binder context for this service */ /* Binder context for this service */
private final Context mContext; private final Context mContext;
/** Should be a never-repeating global ID for resources */ /**
private static AtomicInteger mNextResourceId = new AtomicInteger(0x00FADED0); * The next non-repeating global ID for tracking resources between users, this service,
* and kernel data structures. Accessing this variable is not thread safe, so it is
* only read or modified within blocks synchronized on IpSecService.this. We want to
* avoid -1 (INVALID_RESOURCE_ID) and 0 (we probably forgot to initialize it).
*/
@GuardedBy("IpSecService.this")
private int mNextResourceId = 1;
interface IpSecServiceConfiguration { interface IpSecServiceConfiguration {
INetd getNetdInstance() throws RemoteException; INetd getNetdInstance() throws RemoteException;
@@ -856,7 +862,7 @@ public class IpSecService extends IIpSecService.Stub {
checkNotNull(binder, "Null Binder passed to allocateSecurityParameterIndex"); checkNotNull(binder, "Null Binder passed to allocateSecurityParameterIndex");
UserRecord userRecord = mUserResourceTracker.getUserRecord(Binder.getCallingUid()); UserRecord userRecord = mUserResourceTracker.getUserRecord(Binder.getCallingUid());
int resourceId = mNextResourceId.getAndIncrement(); final int resourceId = mNextResourceId++;
int spi = IpSecManager.INVALID_SECURITY_PARAMETER_INDEX; int spi = IpSecManager.INVALID_SECURITY_PARAMETER_INDEX;
String localAddress = ""; String localAddress = "";
@@ -979,7 +985,7 @@ public class IpSecService extends IIpSecService.Stub {
int callingUid = Binder.getCallingUid(); int callingUid = Binder.getCallingUid();
UserRecord userRecord = mUserResourceTracker.getUserRecord(callingUid); UserRecord userRecord = mUserResourceTracker.getUserRecord(callingUid);
int resourceId = mNextResourceId.getAndIncrement(); final int resourceId = mNextResourceId++;
FileDescriptor sockFd = null; FileDescriptor sockFd = null;
try { try {
if (!userRecord.mSocketQuotaTracker.isAvailable()) { if (!userRecord.mSocketQuotaTracker.isAvailable()) {
@@ -1102,7 +1108,7 @@ public class IpSecService extends IIpSecService.Stub {
IpSecConfig c, IBinder binder) throws RemoteException { IpSecConfig c, IBinder binder) throws RemoteException {
checkIpSecConfig(c); checkIpSecConfig(c);
checkNotNull(binder, "Null Binder passed to createTransportModeTransform"); checkNotNull(binder, "Null Binder passed to createTransportModeTransform");
int resourceId = mNextResourceId.getAndIncrement(); final int resourceId = mNextResourceId++;
UserRecord userRecord = mUserResourceTracker.getUserRecord(Binder.getCallingUid()); UserRecord userRecord = mUserResourceTracker.getUserRecord(Binder.getCallingUid());