diff options
| author | Ken Chen <cken@google.com> | 2021-05-13 01:20:39 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2021-05-13 01:20:39 +0000 |
| commit | c9d5cd9fbcd39fe28bb20f8762b6bd713da8f7dd (patch) | |
| tree | 095b558c4c22f4886242b3a33a2714794fd5e92c | |
| parent | 576dad467388cbf5864b3e499f3eaf7f047f6b30 (diff) | |
| parent | 8dbaacfe454bea447085c9ee364ac78580515305 (diff) | |
Merge "Switch from networkCreate[Physical/Vpn] to networkCreate"
4 files changed, 65 insertions, 35 deletions
diff --git a/core/java/android/net/VpnManager.java b/core/java/android/net/VpnManager.java index 662ebb356f4c..0d1b31cdb3fa 100644 --- a/core/java/android/net/VpnManager.java +++ b/core/java/android/net/VpnManager.java @@ -58,6 +58,7 @@ import java.util.List; * @see Ikev2VpnProfile */ public class VpnManager { + // TODO: add a unit test to ensure that TYPE_VPN_xxx matches android.net.NativeVpnType. /** Type representing a lack of VPN @hide */ @SystemApi(client = MODULE_LIBRARIES) public static final int TYPE_VPN_NONE = -1; diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 61bb740ae6a0..75fbb9fa4856 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -133,6 +133,8 @@ import android.net.IpMemoryStore; import android.net.IpPrefix; import android.net.LinkProperties; import android.net.MatchAllNetworkSpecifier; +import android.net.NativeNetworkConfig; +import android.net.NativeNetworkType; import android.net.NattSocketKeepalive; import android.net.Network; import android.net.NetworkAgent; @@ -3804,36 +3806,43 @@ public class ConnectivityService extends IConnectivityManager.Stub nai.onNetworkDestroyed(); } - private boolean createNativeNetwork(@NonNull NetworkAgentInfo networkAgent) { + private boolean createNativeNetwork(@NonNull NetworkAgentInfo nai) { try { // This should never fail. Specifying an already in use NetID will cause failure. - if (networkAgent.isVPN()) { - mNetd.networkCreateVpn(networkAgent.network.getNetId(), - (networkAgent.networkAgentConfig == null - || !networkAgent.networkAgentConfig.allowBypass)); + final NativeNetworkConfig config; + if (nai.isVPN()) { + if (getVpnType(nai) == VpnManager.TYPE_VPN_NONE) { + Log.wtf(TAG, "Unable to get VPN type from network " + nai.network.getNetId()); + return false; + } + config = new NativeNetworkConfig(nai.network.getNetId(), NativeNetworkType.VIRTUAL, + INetd.PERMISSION_NONE, + (nai.networkAgentConfig == null || !nai.networkAgentConfig.allowBypass), + getVpnType(nai)); } else { - mNetd.networkCreatePhysical(networkAgent.network.getNetId(), - getNetworkPermission(networkAgent.networkCapabilities)); - } - mDnsResolver.createNetworkCache(networkAgent.network.getNetId()); - mDnsManager.updateTransportsForNetwork(networkAgent.network.getNetId(), - networkAgent.networkCapabilities.getTransportTypes()); + config = new NativeNetworkConfig(nai.network.getNetId(), NativeNetworkType.PHYSICAL, + getNetworkPermission(nai.networkCapabilities), /*secure=*/ false, + VpnManager.TYPE_VPN_NONE); + } + mNetd.networkCreate(config); + mDnsResolver.createNetworkCache(nai.network.getNetId()); + mDnsManager.updateTransportsForNetwork(nai.network.getNetId(), + nai.networkCapabilities.getTransportTypes()); return true; } catch (RemoteException | ServiceSpecificException e) { - loge("Error creating network " + networkAgent.network.getNetId() + ": " - + e.getMessage()); + loge("Error creating network " + nai.network.getNetId() + ": " + e.getMessage()); return false; } } - private void destroyNativeNetwork(@NonNull NetworkAgentInfo networkAgent) { + private void destroyNativeNetwork(@NonNull NetworkAgentInfo nai) { try { - mNetd.networkDestroy(networkAgent.network.getNetId()); + mNetd.networkDestroy(nai.network.getNetId()); } catch (RemoteException | ServiceSpecificException e) { loge("Exception destroying network(networkDestroy): " + e); } try { - mDnsResolver.destroyNetworkCache(networkAgent.network.getNetId()); + mDnsResolver.destroyNetworkCache(nai.network.getNetId()); } catch (RemoteException | ServiceSpecificException e) { loge("Exception destroying network: " + e); } diff --git a/tests/net/integration/util/com/android/server/NetworkAgentWrapper.java b/tests/net/integration/util/com/android/server/NetworkAgentWrapper.java index e2d43cbb8efd..e80955014fe7 100644 --- a/tests/net/integration/util/com/android/server/NetworkAgentWrapper.java +++ b/tests/net/integration/util/com/android/server/NetworkAgentWrapper.java @@ -370,4 +370,8 @@ public class NetworkAgentWrapper implements TestableNetworkCallback.HasNetwork { } } } + + public boolean isBypassableVpn() { + return mNetworkAgentConfig.isBypassableVpn(); + } } diff --git a/tests/net/java/com/android/server/ConnectivityServiceTest.java b/tests/net/java/com/android/server/ConnectivityServiceTest.java index 458e9b3b75fb..ab5079820611 100644 --- a/tests/net/java/com/android/server/ConnectivityServiceTest.java +++ b/tests/net/java/com/android/server/ConnectivityServiceTest.java @@ -211,6 +211,8 @@ import android.net.IpSecManager.UdpEncapsulationSocket; import android.net.LinkAddress; import android.net.LinkProperties; import android.net.MatchAllNetworkSpecifier; +import android.net.NativeNetworkConfig; +import android.net.NativeNetworkType; import android.net.Network; import android.net.NetworkAgent; import android.net.NetworkAgentConfig; @@ -1253,6 +1255,8 @@ public class ConnectivityServiceTest { verify(mMockNetd, never()) .networkRemoveUidRanges(eq(mMockVpn.getNetwork().getNetId()), any()); mAgentRegistered = true; + verify(mMockNetd).networkCreate(nativeNetworkConfigVpn(getNetwork().netId, + !mMockNetworkAgent.isBypassableVpn(), mVpnType)); updateState(NetworkInfo.DetailedState.CONNECTED, "registerAgent"); mNetworkCapabilities.set(mMockNetworkAgent.getNetworkCapabilities()); mNetworkAgent = mMockNetworkAgent.getNetworkAgent(); @@ -2861,6 +2865,16 @@ public class ConnectivityServiceTest { mCm.unregisterNetworkCallback(callback); } + private NativeNetworkConfig nativeNetworkConfigPhysical(int netId, int permission) { + return new NativeNetworkConfig(netId, NativeNetworkType.PHYSICAL, permission, + /*secure=*/ false, VpnManager.TYPE_VPN_NONE); + } + + private NativeNetworkConfig nativeNetworkConfigVpn(int netId, boolean secure, int vpnType) { + return new NativeNetworkConfig(netId, NativeNetworkType.VIRTUAL, INetd.PERMISSION_NONE, + secure, vpnType); + } + @Test public void testNetworkAgentCallbacks() throws Exception { // Keeps track of the order of events that happen in this test. @@ -2882,8 +2896,8 @@ public class ConnectivityServiceTest { wifiNetwork.set(mWiFiNetworkAgent.getNetwork()); assertNotNull(wifiNetwork.get()); try { - verify(mMockNetd).networkCreatePhysical(wifiNetwork.get().getNetId(), - INetd.PERMISSION_NONE); + verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical( + wifiNetwork.get().getNetId(), INetd.PERMISSION_NONE)); } catch (RemoteException impossible) { fail(); } @@ -8327,7 +8341,8 @@ public class ConnectivityServiceTest { final int cellNetId = mCellNetworkAgent.getNetwork().netId; waitForIdle(); - verify(mMockNetd, times(1)).networkCreatePhysical(eq(cellNetId), anyInt()); + verify(mMockNetd, times(1)).networkCreate(nativeNetworkConfigPhysical(cellNetId, + INetd.PERMISSION_NONE)); assertRoutesAdded(cellNetId, ipv6Subnet, defaultRoute); verify(mMockDnsResolver, times(1)).createNetworkCache(eq(cellNetId)); verify(mMockNetd, times(1)).networkAddInterface(cellNetId, MOBILE_IFNAME); @@ -11982,8 +11997,9 @@ public class ConnectivityServiceTest { mSystemDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent); mDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent); mProfileDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent); - inOrder.verify(mMockNetd).networkCreatePhysical(mCellNetworkAgent.getNetwork().netId, - INetd.PERMISSION_NONE); + inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical( + mCellNetworkAgent.getNetwork().netId, INetd.PERMISSION_NONE)); + final TestOnCompleteListener listener = new TestOnCompleteListener(); mCm.setProfileNetworkPreference(testHandle, PROFILE_NETWORK_PREFERENCE_ENTERPRISE, @@ -12010,8 +12026,8 @@ public class ConnectivityServiceTest { mProfileDefaultNetworkCallback.expectAvailableCallbacksUnvalidated(workAgent); mSystemDefaultNetworkCallback.assertNoCallback(); mDefaultNetworkCallback.assertNoCallback(); - inOrder.verify(mMockNetd).networkCreatePhysical(workAgent.getNetwork().netId, - INetd.PERMISSION_SYSTEM); + inOrder.verify(mMockNetd).networkCreate( + nativeNetworkConfigPhysical(workAgent.getNetwork().netId, INetd.PERMISSION_SYSTEM)); inOrder.verify(mMockNetd).networkAddUidRanges(workAgent.getNetwork().netId, uidRangeFor(testHandle)); inOrder.verify(mMockNetd).networkRemoveUidRanges(mCellNetworkAgent.getNetwork().netId, @@ -12054,8 +12070,8 @@ public class ConnectivityServiceTest { mSystemDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent); mDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent); mProfileDefaultNetworkCallback.assertNoCallback(); - inOrder.verify(mMockNetd).networkCreatePhysical(mCellNetworkAgent.getNetwork().netId, - INetd.PERMISSION_NONE); + inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical( + mCellNetworkAgent.getNetwork().netId, INetd.PERMISSION_NONE)); // When the agent disconnects, test that the app on the work profile falls back to the // default network. @@ -12085,8 +12101,8 @@ public class ConnectivityServiceTest { mProfileDefaultNetworkCallback.expectAvailableCallbacksUnvalidated(workAgent2); assertNoCallbacks(mSystemDefaultNetworkCallback, mDefaultNetworkCallback); - inOrder.verify(mMockNetd).networkCreatePhysical(workAgent2.getNetwork().netId, - INetd.PERMISSION_SYSTEM); + inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical( + workAgent2.getNetwork().netId, INetd.PERMISSION_SYSTEM)); inOrder.verify(mMockNetd).networkAddUidRanges(workAgent2.getNetwork().netId, uidRangeFor(testHandle)); @@ -12131,8 +12147,8 @@ public class ConnectivityServiceTest { mCm.setProfileNetworkPreference(testHandle, PROFILE_NETWORK_PREFERENCE_ENTERPRISE, r -> r.run(), listener); listener.expectOnComplete(); - inOrder.verify(mMockNetd).networkCreatePhysical(mCellNetworkAgent.getNetwork().netId, - INetd.PERMISSION_NONE); + inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical( + mCellNetworkAgent.getNetwork().netId, INetd.PERMISSION_NONE)); inOrder.verify(mMockNetd).networkAddUidRanges(workAgent.getNetwork().netId, uidRangeFor(testHandle)); @@ -12184,10 +12200,10 @@ public class ConnectivityServiceTest { mDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent); mProfileDefaultNetworkCallback.expectAvailableThenValidatedCallbacks(mCellNetworkAgent); app4Cb.expectAvailableThenValidatedCallbacks(mCellNetworkAgent); - inOrder.verify(mMockNetd).networkCreatePhysical(mCellNetworkAgent.getNetwork().netId, - INetd.PERMISSION_NONE); - inOrder.verify(mMockNetd).networkCreatePhysical(workAgent.getNetwork().netId, - INetd.PERMISSION_SYSTEM); + inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical( + mCellNetworkAgent.getNetwork().netId, INetd.PERMISSION_NONE)); + inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical( + workAgent.getNetwork().netId, INetd.PERMISSION_SYSTEM)); final TestOnCompleteListener listener = new TestOnCompleteListener(); mCm.setProfileNetworkPreference(testHandle2, PROFILE_NETWORK_PREFERENCE_ENTERPRISE, @@ -12239,8 +12255,8 @@ public class ConnectivityServiceTest { mCm.setProfileNetworkPreference(testHandle, PROFILE_NETWORK_PREFERENCE_ENTERPRISE, r -> r.run(), listener); listener.expectOnComplete(); - inOrder.verify(mMockNetd).networkCreatePhysical(mCellNetworkAgent.getNetwork().netId, - INetd.PERMISSION_NONE); + inOrder.verify(mMockNetd).networkCreate(nativeNetworkConfigPhysical( + mCellNetworkAgent.getNetwork().netId, INetd.PERMISSION_NONE)); inOrder.verify(mMockNetd).networkAddUidRanges(mCellNetworkAgent.getNetwork().netId, uidRangeFor(testHandle)); |