diff options
4 files changed, 50 insertions, 49 deletions
diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 81bbf68bb081..ecb935edde21 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -4957,7 +4957,7 @@ public class ConnectivityService extends IConnectivityManager.Stub Slog.w(TAG, "User " + userId + " has no Vpn configuration"); return null; } - return vpn.getLockdownWhitelist(); + return vpn.getLockdownAllowlist(); } } diff --git a/services/core/java/com/android/server/IpSecService.java b/services/core/java/com/android/server/IpSecService.java index 6402e07bddc3..b2f0c8376db1 100644 --- a/services/core/java/com/android/server/IpSecService.java +++ b/services/core/java/com/android/server/IpSecService.java @@ -1477,7 +1477,7 @@ public class IpSecService extends IIpSecService.Stub { } /** - * Checks an IpSecConfig parcel to ensure that the contents are sane and throws an + * Checks an IpSecConfig parcel to ensure that the contents are valid and throws an * IllegalArgumentException if they are not. */ private void checkIpSecConfig(IpSecConfig config) { diff --git a/services/core/java/com/android/server/connectivity/Vpn.java b/services/core/java/com/android/server/connectivity/Vpn.java index b5d0dc354443..2c31cd3fd1e0 100644 --- a/services/core/java/com/android/server/connectivity/Vpn.java +++ b/services/core/java/com/android/server/connectivity/Vpn.java @@ -153,8 +153,8 @@ public class Vpn { private static final boolean LOGD = true; // Length of time (in milliseconds) that an app hosting an always-on VPN is placed on - // the device idle whitelist during service launch and VPN bootstrap. - private static final long VPN_LAUNCH_IDLE_WHITELIST_DURATION_MS = 60 * 1000; + // the device idle allowlist during service launch and VPN bootstrap. + private static final long VPN_LAUNCH_IDLE_ALLOWLIST_DURATION_MS = 60 * 1000; // Settings for how much of the address space should be routed so that Vpn considers // "most" of the address space is routed. This is used to determine whether this Vpn @@ -180,7 +180,8 @@ public class Vpn { // This is taken as a total of IPv4 + IPV6 routes for simplicity, but the algorithm // is actually O(n²)+O(n²). private static final int MAX_ROUTES_TO_EVALUATE = 150; - + private static final String LOCKDOWN_ALLOWLIST_SETTING_NAME = + Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN_WHITELIST; /** * Largest profile size allowable for Platform VPNs. * @@ -236,7 +237,7 @@ public class Vpn { * Set of packages in addition to the VPN app itself that can access the network directly when * VPN is not connected even if {@code mLockdown} is set. */ - private @NonNull List<String> mLockdownWhitelist = Collections.emptyList(); + private @NonNull List<String> mLockdownAllowlist = Collections.emptyList(); /** * A memory of what UIDs this class told netd to block for the lockdown feature. @@ -520,7 +521,7 @@ public class Vpn { } } if (!hadUnderlyingNetworks) { - // No idea what the underlying networks are; assume sane defaults + // No idea what the underlying networks are; assume the safer defaults metered = true; roaming = false; congested = false; @@ -653,18 +654,18 @@ public class Vpn { * * @param packageName the package to designate as always-on VPN supplier. * @param lockdown whether to prevent traffic outside of a VPN, for example while connecting. - * @param lockdownWhitelist packages to be whitelisted from lockdown. + * @param lockdownAllowlist packages to be allowed from lockdown. * @param keyStore the Keystore instance to use for checking of PlatformVpnProfile(s) * @return {@code true} if the package has been set as always-on, {@code false} otherwise. */ public synchronized boolean setAlwaysOnPackage( @Nullable String packageName, boolean lockdown, - @Nullable List<String> lockdownWhitelist, + @Nullable List<String> lockdownAllowlist, @NonNull KeyStore keyStore) { enforceControlPermissionOrInternalCaller(); - if (setAlwaysOnPackageInternal(packageName, lockdown, lockdownWhitelist, keyStore)) { + if (setAlwaysOnPackageInternal(packageName, lockdown, lockdownAllowlist, keyStore)) { saveAlwaysOnPackage(); return true; } @@ -679,7 +680,7 @@ public class Vpn { * * @param packageName the package to designate as always-on VPN supplier. * @param lockdown whether to prevent traffic outside of a VPN, for example while connecting. - * @param lockdownWhitelist packages to be whitelisted from lockdown. This is only used if + * @param lockdownAllowlist packages to be allowed to bypass lockdown. This is only used if * {@code lockdown} is {@code true}. Packages must not contain commas. * @param keyStore the system keystore instance to check for profiles * @return {@code true} if the package has been set as always-on, {@code false} otherwise. @@ -687,16 +688,16 @@ public class Vpn { @GuardedBy("this") private boolean setAlwaysOnPackageInternal( @Nullable String packageName, boolean lockdown, - @Nullable List<String> lockdownWhitelist, @NonNull KeyStore keyStore) { + @Nullable List<String> lockdownAllowlist, @NonNull KeyStore keyStore) { if (VpnConfig.LEGACY_VPN.equals(packageName)) { Log.w(TAG, "Not setting legacy VPN \"" + packageName + "\" as always-on."); return false; } - if (lockdownWhitelist != null) { - for (String pkg : lockdownWhitelist) { + if (lockdownAllowlist != null) { + for (String pkg : lockdownAllowlist) { if (pkg.contains(",")) { - Log.w(TAG, "Not setting always-on vpn, invalid whitelisted package: " + pkg); + Log.w(TAG, "Not setting always-on vpn, invalid allowed package: " + pkg); return false; } } @@ -724,8 +725,8 @@ public class Vpn { } mLockdown = (mAlwaysOn && lockdown); - mLockdownWhitelist = (mLockdown && lockdownWhitelist != null) - ? Collections.unmodifiableList(new ArrayList<>(lockdownWhitelist)) + mLockdownAllowlist = (mLockdown && lockdownAllowlist != null) + ? Collections.unmodifiableList(new ArrayList<>(lockdownAllowlist)) : Collections.emptyList(); if (isCurrentPreparedPackage(packageName)) { @@ -754,10 +755,10 @@ public class Vpn { } /** - * @return an immutable list of packages whitelisted from always-on VPN lockdown. + * @return an immutable list of packages allowed to bypass always-on VPN lockdown. */ - public synchronized List<String> getLockdownWhitelist() { - return mLockdown ? mLockdownWhitelist : null; + public synchronized List<String> getLockdownAllowlist() { + return mLockdown ? mLockdownAllowlist : null; } /** @@ -772,8 +773,8 @@ public class Vpn { mSystemServices.settingsSecurePutIntForUser(Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN, (mAlwaysOn && mLockdown ? 1 : 0), mUserHandle); mSystemServices.settingsSecurePutStringForUser( - Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN_WHITELIST, - String.join(",", mLockdownWhitelist), mUserHandle); + LOCKDOWN_ALLOWLIST_SETTING_NAME, + String.join(",", mLockdownAllowlist), mUserHandle); } finally { Binder.restoreCallingIdentity(token); } @@ -788,12 +789,12 @@ public class Vpn { Settings.Secure.ALWAYS_ON_VPN_APP, mUserHandle); final boolean alwaysOnLockdown = mSystemServices.settingsSecureGetIntForUser( Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN, 0 /*default*/, mUserHandle) != 0; - final String whitelistString = mSystemServices.settingsSecureGetStringForUser( - Settings.Secure.ALWAYS_ON_VPN_LOCKDOWN_WHITELIST, mUserHandle); - final List<String> whitelistedPackages = TextUtils.isEmpty(whitelistString) - ? Collections.emptyList() : Arrays.asList(whitelistString.split(",")); + final String allowlistString = mSystemServices.settingsSecureGetStringForUser( + LOCKDOWN_ALLOWLIST_SETTING_NAME, mUserHandle); + final List<String> allowedPackages = TextUtils.isEmpty(allowlistString) + ? Collections.emptyList() : Arrays.asList(allowlistString.split(",")); setAlwaysOnPackageInternal( - alwaysOnPackage, alwaysOnLockdown, whitelistedPackages, keyStore); + alwaysOnPackage, alwaysOnLockdown, allowedPackages, keyStore); } finally { Binder.restoreCallingIdentity(token); } @@ -849,7 +850,7 @@ public class Vpn { DeviceIdleController.LocalService idleController = LocalServices.getService(DeviceIdleController.LocalService.class); idleController.addPowerSaveTempWhitelistApp(Process.myUid(), alwaysOnPackage, - VPN_LAUNCH_IDLE_WHITELIST_DURATION_MS, mUserHandle, false, "vpn"); + VPN_LAUNCH_IDLE_ALLOWLIST_DURATION_MS, mUserHandle, false, "vpn"); // Start the VPN service declared in the app's manifest. Intent serviceIntent = new Intent(VpnConfig.SERVICE_INTERFACE); @@ -1212,7 +1213,7 @@ public class Vpn { // applications have changed. Consider diffing UID ranges and only applying the delta. if (!Objects.equals(oldConfig.allowedApplications, mConfig.allowedApplications) || !Objects.equals(oldConfig.disallowedApplications, mConfig.disallowedApplications)) { - Log.i(TAG, "Handover not possible due to changes to whitelisted/blacklisted apps"); + Log.i(TAG, "Handover not possible due to changes to allowed/denied apps"); return false; } @@ -1440,13 +1441,13 @@ public class Vpn { * associated with one user, and any restricted profiles attached to that user. * * <p>If one of {@param allowedApplications} or {@param disallowedApplications} is provided, - * the UID ranges will match the app whitelist or blacklist specified there. Otherwise, all UIDs + * the UID ranges will match the app list specified there. Otherwise, all UIDs * in each user and profile will be included. * * @param userHandle The userId to create UID ranges for along with any of its restricted * profiles. - * @param allowedApplications (optional) whitelist of applications to include. - * @param disallowedApplications (optional) blacklist of applications to exclude. + * @param allowedApplications (optional) List of applications to allow. + * @param disallowedApplications (optional) List of applications to deny. */ @VisibleForTesting Set<UidRange> createUserAndRestrictedProfilesRanges(@UserIdInt int userHandle, @@ -1480,13 +1481,13 @@ public class Vpn { * associated with one user. * * <p>If one of {@param allowedApplications} or {@param disallowedApplications} is provided, - * the UID ranges will match the app whitelist or blacklist specified there. Otherwise, all UIDs + * the UID ranges will match the app allowlist or denylist specified there. Otherwise, all UIDs * in the user will be included. * * @param ranges {@link Set} of {@link UidRange}s to which to add. * @param userHandle The userId to add to {@param ranges}. - * @param allowedApplications (optional) whitelist of applications to include. - * @param disallowedApplications (optional) blacklist of applications to exclude. + * @param allowedApplications (optional) allowlist of applications to include. + * @param disallowedApplications (optional) denylist of applications to exclude. */ @VisibleForTesting void addUserToRanges(@NonNull Set<UidRange> ranges, @UserIdInt int userHandle, @@ -1608,7 +1609,7 @@ public class Vpn { /** * Restricts network access from all UIDs affected by this {@link Vpn}, apart from the VPN - * service app itself and whitelisted packages, to only sockets that have had {@code protect()} + * service app itself and allowed packages, to only sockets that have had {@code protect()} * called on them. All non-VPN traffic is blocked via a {@code PROHIBIT} response from the * kernel. * @@ -1630,7 +1631,7 @@ public class Vpn { if (isNullOrLegacyVpn(mPackage)) { exemptedPackages = null; } else { - exemptedPackages = new ArrayList<>(mLockdownWhitelist); + exemptedPackages = new ArrayList<>(mLockdownAllowlist); exemptedPackages.add(mPackage); } final Set<UidRange> rangesToTellNetdToRemove = new ArraySet<>(mBlockedUidsAsToldToNetd); @@ -1675,7 +1676,7 @@ public class Vpn { * Tell netd to add or remove a list of {@link UidRange}s to the list of UIDs that are only * allowed to make connections through sockets that have had {@code protect()} called on them. * - * @param enforce {@code true} to add to the blacklist, {@code false} to remove. + * @param enforce {@code true} to add to the denylist, {@code false} to remove. * @param ranges {@link Collection} of {@link UidRange}s to add (if {@param enforce} is * {@code true}) or to remove. * @return {@code true} if all of the UIDs were added/removed. {@code false} otherwise, diff --git a/tests/net/java/com/android/server/connectivity/VpnTest.java b/tests/net/java/com/android/server/connectivity/VpnTest.java index de1c5759ee87..e8c4ee9c628d 100644 --- a/tests/net/java/com/android/server/connectivity/VpnTest.java +++ b/tests/net/java/com/android/server/connectivity/VpnTest.java @@ -270,12 +270,12 @@ public class VpnTest { } @Test - public void testUidWhiteAndBlacklist() throws Exception { + public void testUidAllowAndDenylist() throws Exception { final Vpn vpn = createVpn(primaryUser.id); final UidRange user = UidRange.createForUser(primaryUser.id); final String[] packages = {PKGS[0], PKGS[1], PKGS[2]}; - // Whitelist + // Allowed list final Set<UidRange> allow = vpn.createUserAndRestrictedProfilesRanges(primaryUser.id, Arrays.asList(packages), null); assertEquals(new ArraySet<>(Arrays.asList(new UidRange[] { @@ -283,7 +283,7 @@ public class VpnTest { new UidRange(user.start + PKG_UIDS[1], user.start + PKG_UIDS[2]) })), allow); - // Blacklist + // Denied list final Set<UidRange> disallow = vpn.createUserAndRestrictedProfilesRanges(primaryUser.id, null, Arrays.asList(packages)); assertEquals(new ArraySet<>(Arrays.asList(new UidRange[] { @@ -354,11 +354,11 @@ public class VpnTest { } @Test - public void testLockdownWhitelist() throws Exception { + public void testLockdownAllowlist() throws Exception { final Vpn vpn = createVpn(primaryUser.id); final UidRange user = UidRange.createForUser(primaryUser.id); - // Set always-on with lockdown and whitelist app PKGS[2] from lockdown. + // Set always-on with lockdown and allow app PKGS[2] from lockdown. assertTrue(vpn.setAlwaysOnPackage( PKGS[1], true, Collections.singletonList(PKGS[2]), mKeyStore)); verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] { @@ -368,7 +368,7 @@ public class VpnTest { assertBlocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[3]); assertUnblocked(vpn, user.start + PKG_UIDS[1], user.start + PKG_UIDS[2]); - // Change whitelisted app to PKGS[3]. + // Change allowed app list to PKGS[3]. assertTrue(vpn.setAlwaysOnPackage( PKGS[1], true, Collections.singletonList(PKGS[3]), mKeyStore)); verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[] { @@ -395,7 +395,7 @@ public class VpnTest { assertBlocked(vpn, user.start + PKG_UIDS[1], user.start + PKG_UIDS[2]); assertUnblocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[3]); - // Remove the whitelist. + // Remove the list of allowed packages. assertTrue(vpn.setAlwaysOnPackage(PKGS[0], true, null, mKeyStore)); verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[] { new UidRange(user.start + PKG_UIDS[0] + 1, user.start + PKG_UIDS[3] - 1), @@ -408,7 +408,7 @@ public class VpnTest { user.start + PKG_UIDS[3]); assertUnblocked(vpn, user.start + PKG_UIDS[0]); - // Add the whitelist. + // Add the list of allowed packages. assertTrue(vpn.setAlwaysOnPackage( PKGS[0], true, Collections.singletonList(PKGS[1]), mKeyStore)); verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[] { @@ -421,12 +421,12 @@ public class VpnTest { assertBlocked(vpn, user.start + PKG_UIDS[2], user.start + PKG_UIDS[3]); assertUnblocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[1]); - // Try whitelisting a package with a comma, should be rejected. + // Try allowing a package with a comma, should be rejected. assertFalse(vpn.setAlwaysOnPackage( PKGS[0], true, Collections.singletonList("a.b,c.d"), mKeyStore)); - // Pass a non-existent packages in the whitelist, they (and only they) should be ignored. - // Whitelisted package should change from PGKS[1] to PKGS[2]. + // Pass a non-existent packages in the allowlist, they (and only they) should be ignored. + // allowed package should change from PGKS[1] to PKGS[2]. assertTrue(vpn.setAlwaysOnPackage( PKGS[0], true, Arrays.asList("com.foo.app", PKGS[2], "com.bar.app"), mKeyStore)); verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[]{ |