Merge changes from topic "lmkd_ams"
* changes:
AMS: added caching DataInputStream object
ActivityManagerService: reroute lmkd atoms logging
diff --git a/Android.bp b/Android.bp
index c916f5d..c5d557c 100644
--- a/Android.bp
+++ b/Android.bp
@@ -435,6 +435,19 @@
"--api-lint-ignore-prefix junit. " +
"--api-lint-ignore-prefix org. "
+packages_to_document = [
+ "android",
+ "dalvik",
+ "java",
+ "javax",
+ "junit",
+ "org.apache.http",
+ "org.json",
+ "org.w3c.dom",
+ "org.xml.sax",
+ "org.xmlpull",
+]
+
filegroup {
name: "android-non-updatable-stub-sources",
srcs: [
@@ -484,7 +497,7 @@
"android.hardware.usb.gadget-V1.0-java",
"android.hardware.vibrator-V1.3-java",
"framework-protos",
- "stable.core.platform.api.stubs",
+ "art.module.public.api",
// There are a few classes from modules used by the core that
// need to be resolved by metalava. We use a prebuilt stub of the
// full sdk to ensure we can resolve them. If a new class gets added,
@@ -493,6 +506,7 @@
// NOTE: The below can be removed once the prebuilt stub contains IKE.
"sdk_system_current_android.net.ipsec.ike",
],
+ filter_packages: packages_to_document,
high_mem: true, // Lots of sources => high memory use, see b/170701554
installable: false,
annotations_enabled: true,
diff --git a/ApiDocs.bp b/ApiDocs.bp
index c6a70d9..83ace02 100644
--- a/ApiDocs.bp
+++ b/ApiDocs.bp
@@ -89,13 +89,14 @@
":updatable-media-srcs",
// No longer part of the stubs, but are included in the docs.
- "test-base/src/**/*.java",
- "test-mock/src/**/*.java",
- "test-runner/src/**/*.java",
+ ":android-test-base-sources",
+ ":android-test-mock-sources",
+ ":android-test-runner-sources",
],
libs: framework_docs_only_libs,
create_doc_stubs: true,
annotations_enabled: true,
+ filter_packages: packages_to_document,
api_levels_annotations_enabled: true,
api_levels_annotations_dirs: [
"sdk-dir",
diff --git a/StubLibraries.bp b/StubLibraries.bp
index 96aac1a..626f977 100644
--- a/StubLibraries.bp
+++ b/StubLibraries.bp
@@ -27,24 +27,10 @@
// Common metalava configs
/////////////////////////////////////////////////////////////////////
-packages_to_document = [
- "android",
- "dalvik",
- "java",
- "javax",
- "junit",
- "org.apache.http",
- "org.json",
- "org.w3c.dom",
- "org.xml.sax",
- "org.xmlpull",
-]
-
stubs_defaults {
name: "metalava-non-updatable-api-stubs-default",
defaults: ["android-non-updatable-stubs-defaults"],
api_levels_annotations_enabled: false,
- filter_packages: packages_to_document,
defaults_visibility: ["//visibility:private"],
}
diff --git a/build/boot/boot-image-profile.txt b/boot/boot-image-profile.txt
similarity index 100%
rename from build/boot/boot-image-profile.txt
rename to boot/boot-image-profile.txt
diff --git a/build/boot/preloaded-classes b/boot/preloaded-classes
similarity index 100%
rename from build/boot/preloaded-classes
rename to boot/preloaded-classes
diff --git a/core/java/android/net/IpSecManager.java b/core/java/android/net/IpSecManager.java
index 98acd98..01d1aa5 100644
--- a/core/java/android/net/IpSecManager.java
+++ b/core/java/android/net/IpSecManager.java
@@ -79,6 +79,16 @@
public static final int DIRECTION_OUT = 1;
/**
+ * Used when applying a transform to direct traffic through an {@link IpSecTransform} for
+ * forwarding between interfaces.
+ *
+ * <p>See {@link #applyTransportModeTransform(Socket, int, IpSecTransform)}.
+ *
+ * @hide
+ */
+ public static final int DIRECTION_FWD = 2;
+
+ /**
* The Security Parameter Index (SPI) 0 indicates an unknown or invalid index.
*
* <p>No IPsec packet may contain an SPI of 0.
diff --git a/core/java/android/os/Build.java b/core/java/android/os/Build.java
index e47ffcc..5017d9e 100755
--- a/core/java/android/os/Build.java
+++ b/core/java/android/os/Build.java
@@ -424,7 +424,8 @@
* Magic version number for a current development build, which has
* not yet turned into an official release.
*/
- public static final int CUR_DEVELOPMENT = VMRuntime.SDK_VERSION_CUR_DEVELOPMENT;
+ // This must match VMRuntime.SDK_VERSION_CUR_DEVELOPMENT.
+ public static final int CUR_DEVELOPMENT = 10000;
/**
* October 2008: The original, first, version of Android. Yay!
@@ -1311,6 +1312,7 @@
* selinux into "permissive" mode in particular.
* @hide
*/
+ @UnsupportedAppUsage
public static final boolean IS_DEBUGGABLE =
SystemProperties.getInt("ro.debuggable", 0) == 1;
diff --git a/core/java/android/os/Debug.java b/core/java/android/os/Debug.java
index 1e60f74..a7516a4 100644
--- a/core/java/android/os/Debug.java
+++ b/core/java/android/os/Debug.java
@@ -74,8 +74,9 @@
*
* @deprecated Accurate counting is a burden on the runtime and may be removed.
*/
+ // This must match VMDebug.TRACE_COUNT_ALLOCS.
@Deprecated
- public static final int TRACE_COUNT_ALLOCS = VMDebug.TRACE_COUNT_ALLOCS;
+ public static final int TRACE_COUNT_ALLOCS = 1;
/**
* Flags for printLoadedClasses(). Default behavior is to only show
diff --git a/libs/hwui/Android.bp b/libs/hwui/Android.bp
index 6220abe..e74d3966a 100644
--- a/libs/hwui/Android.bp
+++ b/libs/hwui/Android.bp
@@ -528,6 +528,7 @@
"libhwui_defaults",
"android_graphics_apex",
"android_graphics_jni",
+ "linker_hugepage_aligned",
],
export_header_lib_headers: ["android_graphics_apex_headers"],
}
diff --git a/location/java/com/android/internal/location/GpsNetInitiatedHandler.java b/location/java/com/android/internal/location/GpsNetInitiatedHandler.java
index 139474c..67a040d 100644
--- a/location/java/com/android/internal/location/GpsNetInitiatedHandler.java
+++ b/location/java/com/android/internal/location/GpsNetInitiatedHandler.java
@@ -28,6 +28,7 @@
import android.os.RemoteException;
import android.os.SystemClock;
import android.os.UserHandle;
+import android.telephony.PhoneNumberUtils;
import android.telephony.PhoneStateListener;
import android.telephony.TelephonyManager;
import android.util.Log;
@@ -160,7 +161,7 @@
be set to true when the phone is having emergency call, and then will
be set to false by mPhoneStateListener when the emergency call ends.
*/
- mIsInEmergencyCall = mTelephonyManager.isEmergencyNumber(phoneNumber);
+ mIsInEmergencyCall = PhoneNumberUtils.isEmergencyNumber(phoneNumber);
if (DEBUG) Log.v(TAG, "ACTION_NEW_OUTGOING_CALL - " + getInEmergency());
} else if (action.equals(LocationManager.MODE_CHANGED_ACTION)) {
updateLocationMode();
diff --git a/packages/Connectivity/framework/src/android/net/NetworkCapabilities.java b/packages/Connectivity/framework/src/android/net/NetworkCapabilities.java
index 937a9d2..950b1c7 100644
--- a/packages/Connectivity/framework/src/android/net/NetworkCapabilities.java
+++ b/packages/Connectivity/framework/src/android/net/NetworkCapabilities.java
@@ -2444,7 +2444,8 @@
* For example {@code TRANSPORT_WIFI} and {@code TRANSPORT_ETHERNET} added to a
* {@code NetworkCapabilities} would cause either a Wi-Fi network or an Ethernet network
* to be selected. This is logically different than
- * {@code NetworkCapabilities.NET_CAPABILITY_*}.
+ * {@code NetworkCapabilities.NET_CAPABILITY_*}. Also note that multiple networks with the
+ * same transport type may be active concurrently.
*
* @param transportType the transport type to be added or removed.
* @return this builder
diff --git a/packages/SettingsLib/tests/integ/src/com/android/settingslib/wifi/AccessPointTest.java b/packages/SettingsLib/tests/integ/src/com/android/settingslib/wifi/AccessPointTest.java
index bcabec8..2c1d3e2 100644
--- a/packages/SettingsLib/tests/integ/src/com/android/settingslib/wifi/AccessPointTest.java
+++ b/packages/SettingsLib/tests/integ/src/com/android/settingslib/wifi/AccessPointTest.java
@@ -683,6 +683,16 @@
assertThat(ap.getTitle()).isEqualTo(providerFriendlyName);
}
+ // This method doesn't copy mIsFailover, mIsAvailable and mIsRoaming because NetworkInfo
+ // doesn't expose those three set methods. But that's fine since the tests don't use those three
+ // variables.
+ private NetworkInfo copyNetworkInfo(NetworkInfo ni) {
+ final NetworkInfo copy = new NetworkInfo(ni.getType(), ni.getSubtype(), ni.getTypeName(),
+ ni.getSubtypeName());
+ copy.setDetailedState(ni.getDetailedState(), ni.getReason(), ni.getExtraInfo());
+ return copy;
+ }
+
@Test
public void testUpdateNetworkInfo_returnsTrue() {
int networkId = 123;
@@ -704,7 +714,7 @@
.setWifiInfo(wifiInfo)
.build();
- NetworkInfo newInfo = new NetworkInfo(networkInfo);
+ NetworkInfo newInfo = copyNetworkInfo(networkInfo);
newInfo.setDetailedState(NetworkInfo.DetailedState.CONNECTED, "", "");
assertThat(ap.update(config, wifiInfo, newInfo)).isTrue();
}
@@ -730,7 +740,7 @@
.setWifiInfo(wifiInfo)
.build();
- NetworkInfo newInfo = new NetworkInfo(networkInfo); // same values
+ NetworkInfo newInfo = copyNetworkInfo(networkInfo); // same values
assertThat(ap.update(config, wifiInfo, newInfo)).isFalse();
}
@@ -755,7 +765,7 @@
.setWifiInfo(wifiInfo)
.build();
- NetworkInfo newInfo = new NetworkInfo(networkInfo); // same values
+ NetworkInfo newInfo = copyNetworkInfo(networkInfo); // same values
wifiInfo.setRssi(rssi + 1);
assertThat(ap.update(config, wifiInfo, newInfo)).isTrue();
}
@@ -781,7 +791,7 @@
.setWifiInfo(wifiInfo)
.build();
- NetworkInfo newInfo = new NetworkInfo(networkInfo); // same values
+ NetworkInfo newInfo = copyNetworkInfo(networkInfo); // same values
wifiInfo.setRssi(WifiInfo.INVALID_RSSI);
assertThat(ap.update(config, wifiInfo, newInfo)).isFalse();
}
diff --git a/services/core/java/com/android/server/IpSecService.java b/services/core/java/com/android/server/IpSecService.java
index 794cb93..d6ee951 100644
--- a/services/core/java/com/android/server/IpSecService.java
+++ b/services/core/java/com/android/server/IpSecService.java
@@ -49,6 +49,7 @@
import android.os.Binder;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
+import android.os.Process;
import android.os.RemoteException;
import android.os.ServiceSpecificException;
import android.system.ErrnoException;
@@ -65,6 +66,7 @@
import com.android.internal.annotations.VisibleForTesting;
import com.android.internal.util.Preconditions;
import com.android.net.module.util.NetdUtils;
+import com.android.net.module.util.PermissionUtils;
import libcore.io.IoUtils;
@@ -466,8 +468,7 @@
/** Safety method; guards against access of other user's UserRecords */
private void checkCallerUid(int uid) {
- if (uid != Binder.getCallingUid()
- && android.os.Process.SYSTEM_UID != Binder.getCallingUid()) {
+ if (uid != Binder.getCallingUid() && Process.SYSTEM_UID != Binder.getCallingUid()) {
throw new SecurityException("Attempted access of unowned resources");
}
}
@@ -1105,11 +1106,15 @@
* Checks the user-provided direction field and throws an IllegalArgumentException if it is not
* DIRECTION_IN or DIRECTION_OUT
*/
- private static void checkDirection(int direction) {
+ private void checkDirection(int direction) {
switch (direction) {
case IpSecManager.DIRECTION_OUT:
case IpSecManager.DIRECTION_IN:
return;
+ case IpSecManager.DIRECTION_FWD:
+ // Only NETWORK_STACK or MAINLINE_NETWORK_STACK allowed to use forward policies
+ PermissionUtils.enforceNetworkStackPermission(mContext);
+ return;
}
throw new IllegalArgumentException("Invalid Direction: " + direction);
}
@@ -1353,6 +1358,26 @@
ikey,
0xffffffff,
resourceId);
+
+ // Add a forwarding policy on the tunnel interface. In order to support forwarding
+ // the IpSecTunnelInterface must have a forwarding policy matching the incoming SA.
+ //
+ // Unless a IpSecTransform is also applied against this interface in DIRECTION_FWD,
+ // forwarding will be blocked by default (as would be the case if this policy was
+ // absent).
+ //
+ // This is necessary only on the tunnel interface, and not any the interface to
+ // which traffic will be forwarded to.
+ netd.ipSecAddSecurityPolicy(
+ callerUid,
+ selAddrFamily,
+ IpSecManager.DIRECTION_FWD,
+ remoteAddr,
+ localAddr,
+ 0,
+ ikey,
+ 0xffffffff,
+ resourceId);
}
userRecord.mTunnelInterfaceRecords.put(
@@ -1820,7 +1845,7 @@
int mark =
(direction == IpSecManager.DIRECTION_OUT)
? tunnelInterfaceInfo.getOkey()
- : tunnelInterfaceInfo.getIkey();
+ : tunnelInterfaceInfo.getIkey(); // Ikey also used for FWD policies
try {
// Default to using the invalid SPI of 0 for inbound SAs. This allows policies to skip
diff --git a/services/core/java/com/android/server/pm/BackgroundDexOptService.java b/services/core/java/com/android/server/pm/BackgroundDexOptService.java
index acec93c..77c1c1d 100644
--- a/services/core/java/com/android/server/pm/BackgroundDexOptService.java
+++ b/services/core/java/com/android/server/pm/BackgroundDexOptService.java
@@ -16,7 +16,6 @@
package com.android.server.pm;
-import static com.android.server.pm.PackageManagerService.DEBUG_DEXOPT;
import static com.android.server.pm.PackageManagerService.PLATFORM_PACKAGE_NAME;
import android.annotation.Nullable;
@@ -24,12 +23,13 @@
import android.app.job.JobParameters;
import android.app.job.JobScheduler;
import android.app.job.JobService;
+import android.content.BroadcastReceiver;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.pm.PackageInfo;
-import android.os.BatteryManager;
+import android.os.BatteryManagerInternal;
import android.os.Environment;
import android.os.ServiceManager;
import android.os.SystemProperties;
@@ -37,6 +37,7 @@
import android.os.storage.StorageManager;
import android.util.ArraySet;
import android.util.Log;
+import android.util.Slog;
import com.android.internal.util.ArrayUtils;
import com.android.internal.util.FrameworkStatsLog;
@@ -65,9 +66,7 @@
private static final int JOB_IDLE_OPTIMIZE = 800;
private static final int JOB_POST_BOOT_UPDATE = 801;
- private static final long IDLE_OPTIMIZATION_PERIOD = DEBUG
- ? TimeUnit.MINUTES.toMillis(1)
- : TimeUnit.DAYS.toMillis(1);
+ private static final long IDLE_OPTIMIZATION_PERIOD = TimeUnit.DAYS.toMillis(1);
private static ComponentName sDexoptServiceName = new ComponentName(
"android",
@@ -115,14 +114,24 @@
return;
}
- JobScheduler js = (JobScheduler) context.getSystemService(Context.JOB_SCHEDULER_SERVICE);
+ final JobScheduler js = context.getSystemService(JobScheduler.class);
// Schedule a one-off job which scans installed packages and updates
- // out-of-date oat files.
- js.schedule(new JobInfo.Builder(JOB_POST_BOOT_UPDATE, sDexoptServiceName)
- .setMinimumLatency(TimeUnit.MINUTES.toMillis(1))
- .setOverrideDeadline(TimeUnit.MINUTES.toMillis(1))
- .build());
+ // out-of-date oat files. Schedule it 10 minutes after the boot complete event,
+ // so that we don't overload the boot with additional dex2oat compilations.
+ context.registerReceiver(new BroadcastReceiver() {
+ @Override
+ public void onReceive(Context context, Intent intent) {
+ js.schedule(new JobInfo.Builder(JOB_POST_BOOT_UPDATE, sDexoptServiceName)
+ .setMinimumLatency(TimeUnit.MINUTES.toMillis(10))
+ .setOverrideDeadline(TimeUnit.MINUTES.toMillis(60))
+ .build());
+ context.unregisterReceiver(this);
+ if (DEBUG) {
+ Slog.i(TAG, "BootBgDexopt scheduled");
+ }
+ }
+ }, new IntentFilter(Intent.ACTION_BOOT_COMPLETED));
// Schedule a daily job which scans installed packages and compiles
// those with fresh profiling data.
@@ -132,8 +141,8 @@
.setPeriodic(IDLE_OPTIMIZATION_PERIOD)
.build());
- if (DEBUG_DEXOPT) {
- Log.i(TAG, "Jobs scheduled");
+ if (DEBUG) {
+ Slog.d(TAG, "BgDexopt scheduled");
}
}
@@ -149,32 +158,11 @@
}
}
- // Returns the current battery level as a 0-100 integer.
- private int getBatteryLevel() {
- IntentFilter filter = new IntentFilter(Intent.ACTION_BATTERY_CHANGED);
- Intent intent = registerReceiver(null, filter);
- int level = intent.getIntExtra(BatteryManager.EXTRA_LEVEL, -1);
- int scale = intent.getIntExtra(BatteryManager.EXTRA_SCALE, -1);
- boolean present = intent.getBooleanExtra(BatteryManager.EXTRA_PRESENT, true);
-
- if (!present) {
- // No battery, treat as if 100%, no possibility of draining battery.
- return 100;
- }
-
- if (level < 0 || scale <= 0) {
- // Battery data unavailable. This should never happen, so assume the worst.
- return 0;
- }
-
- return (100 * level / scale);
- }
-
private long getLowStorageThreshold(Context context) {
@SuppressWarnings("deprecation")
final long lowThreshold = StorageManager.from(context).getStorageLowBytes(mDataDir);
if (lowThreshold == 0) {
- Log.e(TAG, "Invalid low storage threshold");
+ Slog.e(TAG, "Invalid low storage threshold");
}
return lowThreshold;
@@ -198,9 +186,8 @@
private void postBootUpdate(JobParameters jobParams, PackageManagerService pm,
ArraySet<String> pkgs) {
- // Load low battery threshold from the system config. This is a 0-100 integer.
- final int lowBatteryThreshold = getResources().getInteger(
- com.android.internal.R.integer.config_lowBatteryWarningLevel);
+ final BatteryManagerInternal batteryManagerInternal =
+ LocalServices.getService(BatteryManagerInternal.class);
final long lowThreshold = getLowStorageThreshold(this);
mAbortPostBootUpdate.set(false);
@@ -215,20 +202,19 @@
// Different job, which supersedes this one, is running.
break;
}
- if (getBatteryLevel() < lowBatteryThreshold) {
+ if (batteryManagerInternal.getBatteryLevelLow()) {
// Rather bail than completely drain the battery.
break;
}
long usableSpace = mDataDir.getUsableSpace();
if (usableSpace < lowThreshold) {
// Rather bail than completely fill up the disk.
- Log.w(TAG, "Aborting background dex opt job due to low storage: " +
+ Slog.w(TAG, "Aborting background dex opt job due to low storage: " +
usableSpace);
break;
}
-
- if (DEBUG_DEXOPT) {
- Log.i(TAG, "Updating package " + pkg);
+ if (DEBUG) {
+ Slog.i(TAG, "Updating package " + pkg);
}
// Update package if needed. Note that there can be no race between concurrent
@@ -260,13 +246,13 @@
public void run() {
int result = idleOptimization(pm, pkgs, BackgroundDexOptService.this);
if (result == OPTIMIZE_PROCESSED) {
- Log.i(TAG, "Idle optimizations completed.");
+ Slog.i(TAG, "Idle optimizations completed.");
} else if (result == OPTIMIZE_ABORT_NO_SPACE_LEFT) {
- Log.w(TAG, "Idle optimizations aborted because of space constraints.");
+ Slog.w(TAG, "Idle optimizations aborted because of space constraints.");
} else if (result == OPTIMIZE_ABORT_BY_JOB_SCHEDULER) {
- Log.w(TAG, "Idle optimizations aborted by job scheduler.");
+ Slog.w(TAG, "Idle optimizations aborted by job scheduler.");
} else {
- Log.w(TAG, "Idle optimizations ended with unexpected code: " + result);
+ Slog.w(TAG, "Idle optimizations ended with unexpected code: " + result);
}
if (result != OPTIMIZE_ABORT_BY_JOB_SCHEDULER) {
// Abandon our timeslice and do not reschedule.
@@ -280,7 +266,7 @@
// Optimize the given packages and return the optimization result (one of the OPTIMIZE_* codes).
private int idleOptimization(PackageManagerService pm, ArraySet<String> pkgs,
Context context) {
- Log.i(TAG, "Performing idle optimizations");
+ Slog.i(TAG, "Performing idle optimizations");
// If post-boot update is still running, request that it exits early.
mExitPostBootUpdate.set(true);
mAbortIdleOptimization.set(false);
@@ -355,11 +341,15 @@
final long lowStorageThresholdForDowngrade = LOW_THRESHOLD_MULTIPLIER_FOR_DOWNGRADE
* lowStorageThreshold;
boolean shouldDowngrade = shouldDowngrade(lowStorageThresholdForDowngrade);
- Log.d(TAG, "Should Downgrade " + shouldDowngrade);
+ if (DEBUG) {
+ Slog.d(TAG, "Should Downgrade " + shouldDowngrade);
+ }
if (shouldDowngrade) {
Set<String> unusedPackages =
pm.getUnusedPackages(mDowngradeUnusedAppsThresholdInMillis);
- Log.d(TAG, "Unsused Packages " + String.join(",", unusedPackages));
+ if (DEBUG) {
+ Slog.d(TAG, "Unsused Packages " + String.join(",", unusedPackages));
+ }
if (!unusedPackages.isEmpty()) {
for (String pkg : unusedPackages) {
@@ -431,7 +421,9 @@
*/
private boolean downgradePackage(PackageManagerService pm, String pkg,
boolean isForPrimaryDex) {
- Log.d(TAG, "Downgrading " + pkg);
+ if (DEBUG) {
+ Slog.d(TAG, "Downgrading " + pkg);
+ }
boolean dex_opt_performed = false;
int reason = PackageManagerService.REASON_INACTIVE_PACKAGE_DOWNGRADE;
int dexoptFlags = DexoptOptions.DEXOPT_BOOT_COMPLETE
@@ -553,7 +545,7 @@
long usableSpace = mDataDir.getUsableSpace();
if (usableSpace < lowStorageThreshold) {
// Rather bail than completely fill up the disk.
- Log.w(TAG, "Aborting background dex opt job due to low storage: " + usableSpace);
+ Slog.w(TAG, "Aborting background dex opt job due to low storage: " + usableSpace);
return OPTIMIZE_ABORT_NO_SPACE_LEFT;
}
@@ -592,8 +584,8 @@
@Override
public boolean onStartJob(JobParameters params) {
- if (DEBUG_DEXOPT) {
- Log.i(TAG, "onStartJob");
+ if (DEBUG) {
+ Slog.i(TAG, "onStartJob");
}
// NOTE: PackageManagerService.isStorageLow uses a different set of criteria from
@@ -601,17 +593,13 @@
// restart with a period of ~1 minute.
PackageManagerService pm = (PackageManagerService)ServiceManager.getService("package");
if (pm.isStorageLow()) {
- if (DEBUG_DEXOPT) {
- Log.i(TAG, "Low storage, skipping this run");
- }
+ Slog.i(TAG, "Low storage, skipping this run");
return false;
}
final ArraySet<String> pkgs = pm.getOptimizablePackages();
if (pkgs.isEmpty()) {
- if (DEBUG_DEXOPT) {
- Log.i(TAG, "No packages to optimize");
- }
+ Slog.i(TAG, "No packages to optimize");
return false;
}
@@ -627,8 +615,8 @@
@Override
public boolean onStopJob(JobParameters params) {
- if (DEBUG_DEXOPT) {
- Log.i(TAG, "onStopJob");
+ if (DEBUG) {
+ Slog.d(TAG, "onStopJob");
}
if (params.getJobId() == JOB_POST_BOOT_UPDATE) {
@@ -649,7 +637,7 @@
private void notifyPinService(ArraySet<String> updatedPackages) {
PinnerService pinnerService = LocalServices.getService(PinnerService.class);
if (pinnerService != null) {
- Log.i(TAG, "Pinning optimized code " + updatedPackages);
+ Slog.i(TAG, "Pinning optimized code " + updatedPackages);
pinnerService.update(updatedPackages, false /* force */);
}
}
@@ -684,7 +672,7 @@
final String sysPropKey = "pm.dexopt.downgrade_after_inactive_days";
String sysPropValue = SystemProperties.get(sysPropKey);
if (sysPropValue == null || sysPropValue.isEmpty()) {
- Log.w(TAG, "SysProp " + sysPropKey + " not set");
+ Slog.w(TAG, "SysProp " + sysPropKey + " not set");
return Long.MAX_VALUE;
}
return TimeUnit.DAYS.toMillis(Long.parseLong(sysPropValue));
diff --git a/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java b/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java
index 12e55e5..ed4a7bf 100644
--- a/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java
+++ b/services/core/java/com/android/server/recoverysystem/RecoverySystemService.java
@@ -27,6 +27,7 @@
import static android.ota.nano.OtaPackageMetadata.ApexMetadata;
import static com.android.internal.widget.LockSettingsInternal.ARM_REBOOT_ERROR_NONE;
+import static com.android.internal.widget.LockSettingsInternal.ARM_REBOOT_ERROR_NO_PROVIDER;
import android.annotation.IntDef;
import android.apex.CompressedApexInfo;
@@ -398,7 +399,13 @@
@VisibleForTesting
void onSystemServicesReady() {
- mInjector.getLockSettingsService().setRebootEscrowListener(this);
+ LockSettingsInternal lockSettings = mInjector.getLockSettingsService();
+ if (lockSettings == null) {
+ Slog.e(TAG, "Failed to get lock settings service, skipping set"
+ + " RebootEscrowListener");
+ return;
+ }
+ lockSettings.setRebootEscrowListener(this);
}
@Override // Binder call
@@ -564,12 +571,18 @@
case ROR_NEED_PREPARATION:
final long origId = Binder.clearCallingIdentity();
try {
- boolean result = mInjector.getLockSettingsService().prepareRebootEscrow();
- // Clear the RoR preparation state if lock settings reports an failure.
- if (!result) {
- clearRoRPreparationState();
+ LockSettingsInternal lockSettings = mInjector.getLockSettingsService();
+ if (lockSettings == null) {
+ Slog.e(TAG, "Failed to get lock settings service, skipping"
+ + " prepareRebootEscrow");
+ return false;
}
- return result;
+ // Clear the RoR preparation state if lock settings reports an failure.
+ if (!lockSettings.prepareRebootEscrow()) {
+ clearRoRPreparationState();
+ return false;
+ }
+ return true;
} finally {
Binder.restoreCallingIdentity(origId);
}
@@ -684,7 +697,14 @@
case ROR_REQUESTED_NEED_CLEAR:
final long origId = Binder.clearCallingIdentity();
try {
- return mInjector.getLockSettingsService().clearRebootEscrow();
+ LockSettingsInternal lockSettings = mInjector.getLockSettingsService();
+ if (lockSettings == null) {
+ Slog.e(TAG, "Failed to get lock settings service, skipping"
+ + " clearRebootEscrow");
+ return false;
+ }
+
+ return lockSettings.clearRebootEscrow();
} finally {
Binder.restoreCallingIdentity(origId);
}
@@ -778,7 +798,15 @@
final long origId = Binder.clearCallingIdentity();
int providerErrorCode;
try {
- providerErrorCode = mInjector.getLockSettingsService().armRebootEscrow();
+ LockSettingsInternal lockSettings = mInjector.getLockSettingsService();
+ if (lockSettings == null) {
+ Slog.e(TAG, "Failed to get lock settings service, skipping"
+ + " armRebootEscrow");
+ return new RebootPreparationError(
+ RESUME_ON_REBOOT_REBOOT_ERROR_PROVIDER_PREPARATION_FAILURE,
+ ARM_REBOOT_ERROR_NO_PROVIDER);
+ }
+ providerErrorCode = lockSettings.armRebootEscrow();
} finally {
Binder.restoreCallingIdentity(origId);
}
diff --git a/services/core/java/com/android/server/vcn/Vcn.java b/services/core/java/com/android/server/vcn/Vcn.java
index edb042f..f918827 100644
--- a/services/core/java/com/android/server/vcn/Vcn.java
+++ b/services/core/java/com/android/server/vcn/Vcn.java
@@ -50,6 +50,7 @@
import com.android.internal.util.IndentingPrintWriter;
import com.android.server.VcnManagementService.VcnCallback;
import com.android.server.vcn.TelephonySubscriptionTracker.TelephonySubscriptionSnapshot;
+import com.android.server.vcn.util.LogUtils;
import java.util.Arrays;
import java.util.Collections;
@@ -305,15 +306,13 @@
handleTeardown();
break;
default:
- Slog.wtf(getLogTag(), "Unknown msg.what: " + msg.what);
+ logWtf("Unknown msg.what: " + msg.what);
}
}
private void handleConfigUpdated(@NonNull VcnConfig config) {
// TODO: Add a dump function in VcnConfig that omits PII. Until then, use hashCode()
- Slog.d(
- getLogTag(),
- "Config updated: old = " + mConfig.hashCode() + "; new = " + config.hashCode());
+ logDbg("Config updated: old = " + mConfig.hashCode() + "; new = " + config.hashCode());
mConfig = config;
@@ -328,8 +327,7 @@
// connection details may have changed).
if (!mConfig.getGatewayConnectionConfigs().contains(gatewayConnectionConfig)) {
if (gatewayConnection == null) {
- Slog.wtf(
- getLogTag(), "Found gatewayConnectionConfig without GatewayConnection");
+ logWtf("Found gatewayConnectionConfig without GatewayConnection");
} else {
gatewayConnection.teardownAsynchronously();
}
@@ -342,7 +340,7 @@
}
private void handleTeardown() {
- Slog.d(getLogTag(), "Tearing down");
+ logDbg("Tearing down");
mVcnContext.getVcnNetworkProvider().unregisterListener(mRequestListener);
for (VcnGatewayConnection gatewayConnection : mVcnGatewayConnections.values()) {
@@ -353,7 +351,7 @@
}
private void handleSafeModeStatusChanged() {
- Slog.d(getLogTag(), "VcnGatewayConnection safe mode status changed");
+ logDbg("VcnGatewayConnection safe mode status changed");
boolean hasSafeModeGatewayConnection = false;
// If any VcnGatewayConnection is in safe mode, mark the entire VCN as being in safe mode
@@ -369,24 +367,19 @@
hasSafeModeGatewayConnection ? VCN_STATUS_CODE_SAFE_MODE : VCN_STATUS_CODE_ACTIVE;
if (oldStatus != mCurrentStatus) {
mVcnCallback.onSafeModeStatusChanged(hasSafeModeGatewayConnection);
- Slog.d(
- getLogTag(),
+ logDbg(
"Safe mode "
+ (mCurrentStatus == VCN_STATUS_CODE_SAFE_MODE ? "entered" : "exited"));
}
}
private void handleNetworkRequested(@NonNull NetworkRequest request) {
- if (VDBG) {
- Slog.v(getLogTag(), "Received request " + request);
- }
+ logVdbg("Received request " + request);
// If preexisting VcnGatewayConnection(s) satisfy request, return
for (VcnGatewayConnectionConfig gatewayConnectionConfig : mVcnGatewayConnections.keySet()) {
if (isRequestSatisfiedByGatewayConnectionConfig(request, gatewayConnectionConfig)) {
- Slog.d(
- getLogTag(),
- "Request already satisfied by existing VcnGatewayConnection: " + request);
+ logDbg("Request already satisfied by existing VcnGatewayConnection: " + request);
return;
}
}
@@ -396,7 +389,7 @@
for (VcnGatewayConnectionConfig gatewayConnectionConfig :
mConfig.getGatewayConnectionConfigs()) {
if (isRequestSatisfiedByGatewayConnectionConfig(request, gatewayConnectionConfig)) {
- Slog.d(getLogTag(), "Bringing up new VcnGatewayConnection for request " + request);
+ logDbg("Bringing up new VcnGatewayConnection for request " + request);
if (getExposedCapabilitiesForMobileDataState(gatewayConnectionConfig).isEmpty()) {
// Skip; this network does not provide any services if mobile data is disabled.
@@ -407,8 +400,9 @@
// pre-existing VcnGatewayConnections that satisfy a given request, but if state
// that affects the satsifying of requests changes, this is theoretically possible.
if (mVcnGatewayConnections.containsKey(gatewayConnectionConfig)) {
- Slog.wtf(getLogTag(), "Attempted to bring up VcnGatewayConnection for config "
- + "with existing VcnGatewayConnection");
+ logWtf(
+ "Attempted to bring up VcnGatewayConnection for config "
+ + "with existing VcnGatewayConnection");
return;
}
@@ -426,9 +420,7 @@
}
}
- if (VDBG) {
- Slog.v(getLogTag(), "Request could not be fulfilled by VCN: " + request);
- }
+ logVdbg("Request could not be fulfilled by VCN: " + request);
}
private Set<Integer> getExposedCapabilitiesForMobileDataState(
@@ -445,7 +437,7 @@
}
private void handleGatewayConnectionQuit(VcnGatewayConnectionConfig config) {
- Slog.d(getLogTag(), "VcnGatewayConnection quit: " + config);
+ logDbg("VcnGatewayConnection quit: " + config);
mVcnGatewayConnections.remove(config);
// Trigger a re-evaluation of all NetworkRequests (to make sure any that can be satisfied
@@ -480,9 +472,7 @@
if (exposedCaps.contains(NET_CAPABILITY_INTERNET)
|| exposedCaps.contains(NET_CAPABILITY_DUN)) {
if (gatewayConnection == null) {
- Slog.wtf(
- getLogTag(),
- "Found gatewayConnectionConfig without GatewayConnection");
+ logWtf("Found gatewayConnectionConfig without" + " GatewayConnection");
} else {
// TODO(b/184868850): Optimize by restarting NetworkAgents without teardown.
gatewayConnection.teardownAsynchronously();
@@ -493,7 +483,7 @@
// Trigger re-evaluation of all requests; mobile data state impacts supported caps.
mVcnContext.getVcnNetworkProvider().resendAllRequests(mRequestListener);
- Slog.d(getLogTag(), "Mobile data " + (mIsMobileDataEnabled ? "enabled" : "disabled"));
+ logDbg("Mobile data " + (mIsMobileDataEnabled ? "enabled" : "disabled"));
}
}
@@ -522,8 +512,38 @@
return request.canBeSatisfiedBy(builder.build());
}
- private String getLogTag() {
- return TAG + " [" + mSubscriptionGroup.hashCode() + "]";
+ private String getLogPrefix() {
+ return "[" + LogUtils.getHashedSubscriptionGroup(mSubscriptionGroup) + "]: ";
+ }
+
+ private void logVdbg(String msg) {
+ if (VDBG) {
+ Slog.v(TAG, getLogPrefix() + msg);
+ }
+ }
+
+ private void logDbg(String msg) {
+ Slog.d(TAG, getLogPrefix() + msg);
+ }
+
+ private void logDbg(String msg, Throwable tr) {
+ Slog.d(TAG, getLogPrefix() + msg, tr);
+ }
+
+ private void logErr(String msg) {
+ Slog.e(TAG, getLogPrefix() + msg);
+ }
+
+ private void logErr(String msg, Throwable tr) {
+ Slog.e(TAG, getLogPrefix() + msg, tr);
+ }
+
+ private void logWtf(String msg) {
+ Slog.wtf(TAG, getLogPrefix() + msg);
+ }
+
+ private void logWtf(String msg, Throwable tr) {
+ Slog.wtf(TAG, getLogPrefix() + msg, tr);
}
/**
diff --git a/services/core/java/com/android/server/vcn/VcnGatewayConnection.java b/services/core/java/com/android/server/vcn/VcnGatewayConnection.java
index 46fd228..5cecff6 100644
--- a/services/core/java/com/android/server/vcn/VcnGatewayConnection.java
+++ b/services/core/java/com/android/server/vcn/VcnGatewayConnection.java
@@ -88,6 +88,7 @@
import com.android.server.vcn.UnderlyingNetworkTracker.UnderlyingNetworkRecord;
import com.android.server.vcn.UnderlyingNetworkTracker.UnderlyingNetworkTrackerCallback;
import com.android.server.vcn.Vcn.VcnGatewayStatusCallback;
+import com.android.server.vcn.util.LogUtils;
import com.android.server.vcn.util.MtuUtils;
import java.io.IOException;
@@ -701,7 +702,7 @@
* <p>Once torn down, this VcnTunnel CANNOT be started again.
*/
public void teardownAsynchronously() {
- Slog.d(TAG, "Triggering async teardown");
+ logDbg("Triggering async teardown");
sendDisconnectRequestedAndAcquireWakelock(
DISCONNECT_REASON_TEARDOWN, true /* shouldQuit */);
@@ -711,7 +712,7 @@
@Override
protected void onQuitting() {
- Slog.d(TAG, "Quitting VcnGatewayConnection");
+ logDbg("Quitting VcnGatewayConnection");
// No need to call setInterfaceDown(); the IpSecInterface is being fully torn down.
if (mTunnelIface != null) {
@@ -753,8 +754,7 @@
// TODO(b/180132994): explore safely removing this Thread check
mVcnContext.ensureRunningOnLooperThread();
- Slog.d(
- TAG,
+ logDbg(
"Selected underlying network changed: "
+ (underlying == null ? null : underlying.network));
@@ -783,9 +783,7 @@
if (!mIsQuitting) {
mWakeLock.acquire();
- if (VDBG) {
- Slog.v(TAG, "Wakelock acquired: " + mWakeLock);
- }
+ logVdbg("Wakelock acquired: " + mWakeLock);
}
}
@@ -794,9 +792,7 @@
mWakeLock.release();
- if (VDBG) {
- Slog.v(TAG, "Wakelock released: " + mWakeLock);
- }
+ logVdbg("Wakelock released: " + mWakeLock);
}
/**
@@ -814,8 +810,7 @@
@Override
public void sendMessage(int what) {
- Slog.wtf(
- TAG,
+ logWtf(
"sendMessage should not be used in VcnGatewayConnection. See"
+ " sendMessageAndAcquireWakeLock()");
super.sendMessage(what);
@@ -823,8 +818,7 @@
@Override
public void sendMessage(int what, Object obj) {
- Slog.wtf(
- TAG,
+ logWtf(
"sendMessage should not be used in VcnGatewayConnection. See"
+ " sendMessageAndAcquireWakeLock()");
super.sendMessage(what, obj);
@@ -832,8 +826,7 @@
@Override
public void sendMessage(int what, int arg1) {
- Slog.wtf(
- TAG,
+ logWtf(
"sendMessage should not be used in VcnGatewayConnection. See"
+ " sendMessageAndAcquireWakeLock()");
super.sendMessage(what, arg1);
@@ -841,8 +834,7 @@
@Override
public void sendMessage(int what, int arg1, int arg2) {
- Slog.wtf(
- TAG,
+ logWtf(
"sendMessage should not be used in VcnGatewayConnection. See"
+ " sendMessageAndAcquireWakeLock()");
super.sendMessage(what, arg1, arg2);
@@ -850,8 +842,7 @@
@Override
public void sendMessage(int what, int arg1, int arg2, Object obj) {
- Slog.wtf(
- TAG,
+ logWtf(
"sendMessage should not be used in VcnGatewayConnection. See"
+ " sendMessageAndAcquireWakeLock()");
super.sendMessage(what, arg1, arg2, obj);
@@ -859,8 +850,7 @@
@Override
public void sendMessage(Message msg) {
- Slog.wtf(
- TAG,
+ logWtf(
"sendMessage should not be used in VcnGatewayConnection. See"
+ " sendMessageAndAcquireWakeLock()");
super.sendMessage(msg);
@@ -951,15 +941,12 @@
}
private void setTeardownTimeoutAlarm() {
- if (VDBG) {
- Slog.v(TAG, "Setting teardown timeout alarm; mCurrentToken: " + mCurrentToken);
- }
+ logVdbg("Setting teardown timeout alarm; mCurrentToken: " + mCurrentToken);
// Safe to assign this alarm because it is either 1) already null, or 2) already fired. In
// either case, there is nothing to cancel.
if (mTeardownTimeoutAlarm != null) {
- Slog.wtf(
- TAG,
+ logWtf(
"mTeardownTimeoutAlarm should be null before being set; mCurrentToken: "
+ mCurrentToken);
}
@@ -973,9 +960,7 @@
}
private void cancelTeardownTimeoutAlarm() {
- if (VDBG) {
- Slog.v(TAG, "Cancelling teardown timeout alarm; mCurrentToken: " + mCurrentToken);
- }
+ logVdbg("Cancelling teardown timeout alarm; mCurrentToken: " + mCurrentToken);
if (mTeardownTimeoutAlarm != null) {
mTeardownTimeoutAlarm.cancel();
@@ -987,12 +972,10 @@
}
private void setDisconnectRequestAlarm() {
- if (VDBG) {
- Slog.v(
- TAG,
- "Setting alarm to disconnect due to underlying network loss; mCurrentToken: "
- + mCurrentToken);
- }
+ logVdbg(
+ "Setting alarm to disconnect due to underlying network loss;"
+ + " mCurrentToken: "
+ + mCurrentToken);
// Only schedule a NEW alarm if none is already set.
if (mDisconnectRequestAlarm != null) {
@@ -1014,12 +997,10 @@
}
private void cancelDisconnectRequestAlarm() {
- if (VDBG) {
- Slog.v(
- TAG,
- "Cancelling alarm to disconnect due to underlying network loss; mCurrentToken: "
- + mCurrentToken);
- }
+ logVdbg(
+ "Cancelling alarm to disconnect due to underlying network loss;"
+ + " mCurrentToken: "
+ + mCurrentToken);
if (mDisconnectRequestAlarm != null) {
mDisconnectRequestAlarm.cancel();
@@ -1034,15 +1015,12 @@
}
private void setRetryTimeoutAlarm(long delay) {
- if (VDBG) {
- Slog.v(TAG, "Setting retry alarm; mCurrentToken: " + mCurrentToken);
- }
+ logVdbg("Setting retry alarm; mCurrentToken: " + mCurrentToken);
// Safe to assign this alarm because it is either 1) already null, or 2) already fired. In
// either case, there is nothing to cancel.
if (mRetryTimeoutAlarm != null) {
- Slog.wtf(
- TAG,
+ logWtf(
"mRetryTimeoutAlarm should be null before being set; mCurrentToken: "
+ mCurrentToken);
}
@@ -1052,9 +1030,7 @@
}
private void cancelRetryTimeoutAlarm() {
- if (VDBG) {
- Slog.v(TAG, "Cancel retry alarm; mCurrentToken: " + mCurrentToken);
- }
+ logVdbg("Cancel retry alarm; mCurrentToken: " + mCurrentToken);
if (mRetryTimeoutAlarm != null) {
mRetryTimeoutAlarm.cancel();
@@ -1066,9 +1042,7 @@
@VisibleForTesting(visibility = Visibility.PRIVATE)
void setSafeModeAlarm() {
- if (VDBG) {
- Slog.v(TAG, "Setting safe mode alarm; mCurrentToken: " + mCurrentToken);
- }
+ logVdbg("Setting safe mode alarm; mCurrentToken: " + mCurrentToken);
// Only schedule a NEW alarm if none is already set.
if (mSafeModeTimeoutAlarm != null) {
@@ -1084,9 +1058,7 @@
}
private void cancelSafeModeAlarm() {
- if (VDBG) {
- Slog.v(TAG, "Cancel safe mode alarm; mCurrentToken: " + mCurrentToken);
- }
+ logVdbg("Cancel safe mode alarm; mCurrentToken: " + mCurrentToken);
if (mSafeModeTimeoutAlarm != null) {
mSafeModeTimeoutAlarm.cancel();
@@ -1152,8 +1124,7 @@
+ exception.getMessage();
}
- Slog.d(
- TAG,
+ logDbg(
"Encountered error; code="
+ errorCode
+ ", exceptionClass="
@@ -1206,7 +1177,7 @@
try {
enterState();
} catch (Exception e) {
- Slog.wtf(TAG, "Uncaught exception", e);
+ logWtf("Uncaught exception", e);
sendDisconnectRequestedAndAcquireWakelock(
DISCONNECT_REASON_INTERNAL_ERROR + e.toString(), true /* shouldQuit */);
}
@@ -1238,14 +1209,14 @@
public final boolean processMessage(Message msg) {
final int token = msg.arg1;
if (!isValidToken(token)) {
- Slog.v(TAG, "Message called with obsolete token: " + token + "; what: " + msg.what);
+ logDbg("Message called with obsolete token: " + token + "; what: " + msg.what);
return HANDLED;
}
try {
processStateMsg(msg);
} catch (Exception e) {
- Slog.wtf(TAG, "Uncaught exception", e);
+ logWtf("Uncaught exception", e);
sendDisconnectRequestedAndAcquireWakelock(
DISCONNECT_REASON_INTERNAL_ERROR + e.toString(), true /* shouldQuit */);
}
@@ -1263,7 +1234,7 @@
try {
exitState();
} catch (Exception e) {
- Slog.wtf(TAG, "Uncaught exception", e);
+ logWtf("Uncaught exception", e);
sendDisconnectRequestedAndAcquireWakelock(
DISCONNECT_REASON_INTERNAL_ERROR + e.toString(), true /* shouldQuit */);
}
@@ -1303,7 +1274,7 @@
protected void handleDisconnectRequested(EventDisconnectRequestedInfo info) {
// TODO(b/180526152): notify VcnStatusCallback for Network loss
- Slog.d(TAG, "Tearing down. Cause: " + info.reason);
+ logDbg("Tearing down. Cause: " + info.reason);
mIsQuitting = info.shouldQuit;
teardownNetwork();
@@ -1319,7 +1290,7 @@
protected void handleSafeModeTimeoutExceeded() {
mSafeModeTimeoutAlarm = null;
- Slog.d(TAG, "Entering safe mode after timeout exceeded");
+ logDbg("Entering safe mode after timeout exceeded");
// Connectivity for this GatewayConnection is broken; tear down the Network.
teardownNetwork();
@@ -1328,13 +1299,15 @@
}
protected void logUnexpectedEvent(int what) {
- Slog.d(TAG, String.format(
- "Unexpected event code %d in state %s", what, this.getClass().getSimpleName()));
+ logDbg(
+ "Unexpected event code "
+ + what
+ + " in state "
+ + this.getClass().getSimpleName());
}
protected void logWtfUnknownEvent(int what) {
- Slog.wtf(TAG, String.format(
- "Unknown event code %d in state %s", what, this.getClass().getSimpleName()));
+ logWtf("Unknown event code " + what + " in state " + this.getClass().getSimpleName());
}
}
@@ -1351,7 +1324,7 @@
}
if (mIkeSession != null || mNetworkAgent != null) {
- Slog.wtf(TAG, "Active IKE Session or NetworkAgent in DisconnectedState");
+ logWtf("Active IKE Session or NetworkAgent in DisconnectedState");
}
cancelSafeModeAlarm();
@@ -1419,7 +1392,7 @@
@Override
protected void enterState() throws Exception {
if (mIkeSession == null) {
- Slog.wtf(TAG, "IKE session was already closed when entering Disconnecting state.");
+ logWtf("IKE session was already closed when entering Disconnecting state.");
sendMessageAndAcquireWakeLock(EVENT_SESSION_CLOSED, mCurrentToken);
return;
}
@@ -1506,7 +1479,7 @@
@Override
protected void enterState() {
if (mIkeSession != null) {
- Slog.wtf(TAG, "ConnectingState entered with active session");
+ logWtf("ConnectingState entered with active session");
// Attempt to recover.
mIkeSession.kill();
@@ -1525,7 +1498,7 @@
if (oldUnderlying == null) {
// This should never happen, but if it does, there's likely a nasty bug.
- Slog.wtf(TAG, "Old underlying network was null in connected state. Bug?");
+ logWtf("Old underlying network was null in connected state. Bug?");
}
// If new underlying is null, all underlying networks have been lost; disconnect
@@ -1620,11 +1593,11 @@
// new NetworkAgent replaces an old one before the unwanted() call
// is processed.
if (mNetworkAgent != agentRef) {
- Slog.d(TAG, "unwanted() called on stale NetworkAgent");
+ logDbg("unwanted() called on stale NetworkAgent");
return;
}
- Slog.d(TAG, "NetworkAgent was unwanted");
+ logDbg("NetworkAgent was unwanted");
teardownAsynchronously();
} /* networkUnwantedCallback */,
(status) -> {
@@ -1638,8 +1611,7 @@
setSafeModeAlarm();
break;
default:
- Slog.wtf(
- TAG,
+ logWtf(
"Unknown validation status "
+ status
+ "; ignoring");
@@ -1672,13 +1644,26 @@
@NonNull Network underlyingNetwork,
@NonNull IpSecTransform transform,
int direction) {
+ if (direction != IpSecManager.DIRECTION_IN && direction != IpSecManager.DIRECTION_OUT) {
+ Slog.wtf(TAG, "Applying transform for unexpected direction: " + direction);
+ }
+
try {
tunnelIface.setUnderlyingNetwork(underlyingNetwork);
// Transforms do not need to be persisted; the IkeSession will keep them alive
mIpSecManager.applyTunnelModeTransform(tunnelIface, direction, transform);
+
+ // For inbound transforms, additionally allow forwarded traffic to bridge to DUN (as
+ // needed)
+ final Set<Integer> exposedCaps = mConnectionConfig.getAllExposedCapabilities();
+ if (direction == IpSecManager.DIRECTION_IN
+ && exposedCaps.contains(NET_CAPABILITY_DUN)) {
+ mIpSecManager.applyTunnelModeTransform(
+ tunnelIface, IpSecManager.DIRECTION_FWD, transform);
+ }
} catch (IOException e) {
- Slog.d(TAG, "Transform application failed for network " + token, e);
+ logDbg("Transform application failed for network " + token, e);
sessionLost(token, e);
}
}
@@ -1712,7 +1697,7 @@
tunnelIface.removeAddress(address.getAddress(), address.getPrefixLength());
}
} catch (IOException e) {
- Slog.d(TAG, "Adding address to tunnel failed for token " + token, e);
+ logDbg("Adding address to tunnel failed for token " + token, e);
sessionLost(token, e);
}
}
@@ -1792,7 +1777,7 @@
}
private void handleMigrationCompleted(EventMigrationCompletedInfo migrationCompletedInfo) {
- Slog.v(TAG, "Migration completed: " + mUnderlying.network);
+ logDbg("Migration completed: " + mUnderlying.network);
applyTransform(
mCurrentToken,
@@ -1816,7 +1801,7 @@
mUnderlying = ((EventUnderlyingNetworkChangedInfo) msg.obj).newUnderlying;
if (mUnderlying == null) {
- Slog.v(TAG, "Underlying network lost");
+ logDbg("Underlying network lost");
// Ignored for now; a new network may be coming up. If none does, the delayed
// NETWORK_LOST disconnect will be fired, and tear down the session + network.
@@ -1826,7 +1811,7 @@
// mUnderlying assumed non-null, given check above.
// If network changed, migrate. Otherwise, update any existing networkAgent.
if (oldUnderlying == null || !oldUnderlying.network.equals(mUnderlying.network)) {
- Slog.v(TAG, "Migrating to new network: " + mUnderlying.network);
+ logDbg("Migrating to new network: " + mUnderlying.network);
mIkeSession.setNetwork(mUnderlying.network);
} else {
// oldUnderlying is non-null & underlying network itself has not changed
@@ -1877,7 +1862,7 @@
mFailedAttempts++;
if (mUnderlying == null) {
- Slog.wtf(TAG, "Underlying network was null in retry state");
+ logWtf("Underlying network was null in retry state");
transitionTo(mDisconnectedState);
} else {
// Safe to blindly set up, as it is cancelled and cleared on exiting this state
@@ -2047,25 +2032,25 @@
@Override
public void onOpened(@NonNull IkeSessionConfiguration ikeSessionConfig) {
- Slog.v(TAG, "IkeOpened for token " + mToken);
+ logDbg("IkeOpened for token " + mToken);
// Nothing to do here.
}
@Override
public void onClosed() {
- Slog.v(TAG, "IkeClosed for token " + mToken);
+ logDbg("IkeClosed for token " + mToken);
sessionClosed(mToken, null);
}
@Override
public void onClosedExceptionally(@NonNull IkeException exception) {
- Slog.v(TAG, "IkeClosedExceptionally for token " + mToken, exception);
+ logDbg("IkeClosedExceptionally for token " + mToken, exception);
sessionClosed(mToken, exception);
}
@Override
public void onError(@NonNull IkeProtocolException exception) {
- Slog.v(TAG, "IkeError for token " + mToken, exception);
+ logDbg("IkeError for token " + mToken, exception);
// Non-fatal, log and continue.
}
}
@@ -2082,7 +2067,7 @@
/** Internal proxy method for injecting of mocked ChildSessionConfiguration */
@VisibleForTesting(visibility = Visibility.PRIVATE)
void onOpened(@NonNull VcnChildSessionConfiguration childConfig) {
- Slog.v(TAG, "ChildOpened for token " + mToken);
+ logDbg("ChildOpened for token " + mToken);
childOpened(mToken, childConfig);
}
@@ -2093,19 +2078,19 @@
@Override
public void onClosed() {
- Slog.v(TAG, "ChildClosed for token " + mToken);
+ logDbg("ChildClosed for token " + mToken);
sessionLost(mToken, null);
}
@Override
public void onClosedExceptionally(@NonNull IkeException exception) {
- Slog.v(TAG, "ChildClosedExceptionally for token " + mToken, exception);
+ logDbg("ChildClosedExceptionally for token " + mToken, exception);
sessionLost(mToken, exception);
}
@Override
public void onIpSecTransformCreated(@NonNull IpSecTransform transform, int direction) {
- Slog.v(TAG, "ChildTransformCreated; Direction: " + direction + "; token " + mToken);
+ logDbg("ChildTransformCreated; Direction: " + direction + "; token " + mToken);
childTransformCreated(mToken, transform, direction);
}
@@ -2113,7 +2098,7 @@
public void onIpSecTransformsMigrated(
@NonNull IpSecTransform inIpSecTransform,
@NonNull IpSecTransform outIpSecTransform) {
- Slog.v(TAG, "ChildTransformsMigrated; token " + mToken);
+ logDbg("ChildTransformsMigrated; token " + mToken);
migrationCompleted(mToken, inIpSecTransform, outIpSecTransform);
}
@@ -2121,10 +2106,48 @@
public void onIpSecTransformDeleted(@NonNull IpSecTransform transform, int direction) {
// Nothing to be done; no references to the IpSecTransform are held, and this transform
// will be closed by the IKE library.
- Slog.v(TAG, "ChildTransformDeleted; Direction: " + direction + "; for token " + mToken);
+ logDbg("ChildTransformDeleted; Direction: " + direction + "; for token " + mToken);
}
}
+ private String getLogPrefix() {
+ return "["
+ + LogUtils.getHashedSubscriptionGroup(mSubscriptionGroup)
+ + "-"
+ + mConnectionConfig.getGatewayConnectionName()
+ + "]: ";
+ }
+
+ private void logVdbg(String msg) {
+ if (VDBG) {
+ Slog.v(TAG, getLogPrefix() + msg);
+ }
+ }
+
+ private void logDbg(String msg) {
+ Slog.d(TAG, getLogPrefix() + msg);
+ }
+
+ private void logDbg(String msg, Throwable tr) {
+ Slog.d(TAG, getLogPrefix() + msg, tr);
+ }
+
+ private void logErr(String msg) {
+ Slog.e(TAG, getLogPrefix() + msg);
+ }
+
+ private void logErr(String msg, Throwable tr) {
+ Slog.e(TAG, getLogPrefix() + msg, tr);
+ }
+
+ private void logWtf(String msg) {
+ Slog.wtf(TAG, getLogPrefix() + msg);
+ }
+
+ private void logWtf(String msg, Throwable tr) {
+ Slog.wtf(TAG, getLogPrefix() + msg, tr);
+ }
+
/**
* Dumps the state of this VcnGatewayConnection for logging and debugging purposes.
*
diff --git a/services/core/java/com/android/server/vcn/util/LogUtils.java b/services/core/java/com/android/server/vcn/util/LogUtils.java
new file mode 100644
index 0000000..93728ce
--- /dev/null
+++ b/services/core/java/com/android/server/vcn/util/LogUtils.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.vcn.util;
+
+import android.annotation.Nullable;
+import android.os.ParcelUuid;
+
+import com.android.internal.util.HexDump;
+
+/** @hide */
+public class LogUtils {
+ /**
+ * Returns the hash of the subscription group in hexadecimal format.
+ *
+ * @return the hexadecimal encoded string if uuid was non-null, else {@code null}
+ */
+ @Nullable
+ public static String getHashedSubscriptionGroup(@Nullable ParcelUuid uuid) {
+ if (uuid == null) {
+ return null;
+ }
+
+ return HexDump.toHexString(uuid.hashCode());
+ }
+}
diff --git a/telecomm/java/android/telecom/CallerInfo.java b/telecomm/java/android/telecom/CallerInfo.java
index 2983e63..a63ee46 100644
--- a/telecomm/java/android/telecom/CallerInfo.java
+++ b/telecomm/java/android/telecom/CallerInfo.java
@@ -406,8 +406,7 @@
// Change the callerInfo number ONLY if it is an emergency number
// or if it is the voicemail number. If it is either, take a
// shortcut and skip the query.
- TelephonyManager tm = context.getSystemService(TelephonyManager.class);
- if (tm.isEmergencyNumber(number)) {
+ if (PhoneNumberUtils.isLocalEmergencyNumber(context, number)) {
return new CallerInfo().markAsEmergency(context);
} else if (PhoneNumberUtils.isVoiceMailNumber(null, subId, number)) {
return new CallerInfo().markAsVoiceMail(context, subId);
diff --git a/telecomm/java/android/telecom/CallerInfoAsyncQuery.java b/telecomm/java/android/telecom/CallerInfoAsyncQuery.java
index a9e1a8f..bf49f3c 100644
--- a/telecomm/java/android/telecom/CallerInfoAsyncQuery.java
+++ b/telecomm/java/android/telecom/CallerInfoAsyncQuery.java
@@ -483,7 +483,16 @@
// check to see if these are recognized numbers, and use shortcuts if we can.
TelephonyManager tm = context.getSystemService(TelephonyManager.class);
- if (tm.isEmergencyNumber(number)) {
+ boolean isEmergencyNumber = false;
+ try {
+ isEmergencyNumber = tm.isEmergencyNumber(number);
+ } catch (IllegalStateException ise) {
+ // Ignore the exception that Telephony is not up. Use PhoneNumberUtils API now.
+ // Ideally the PhoneNumberUtils API needs to be removed once the
+ // telphony service not up issue can be fixed (b/187412989)
+ isEmergencyNumber = PhoneNumberUtils.isLocalEmergencyNumber(context, number);
+ }
+ if (isEmergencyNumber) {
cw.event = EVENT_EMERGENCY_NUMBER;
} else if (PhoneNumberUtils.isVoiceMailNumber(context, subId, number)) {
cw.event = EVENT_VOICEMAIL_NUMBER;
diff --git a/telephony/common/com/android/internal/telephony/PackageChangeReceiver.java b/telephony/common/com/android/internal/telephony/PackageChangeReceiver.java
index 0b47547..e9b7d95 100644
--- a/telephony/common/com/android/internal/telephony/PackageChangeReceiver.java
+++ b/telephony/common/com/android/internal/telephony/PackageChangeReceiver.java
@@ -14,7 +14,7 @@
* limitations under the License.
*/
-package android.telephony;
+package com.android.internal.telephony;
import android.annotation.NonNull;
import android.annotation.Nullable;
diff --git a/telephony/common/com/android/internal/telephony/SmsApplication.java b/telephony/common/com/android/internal/telephony/SmsApplication.java
index b8b60da..16614c8 100644
--- a/telephony/common/com/android/internal/telephony/SmsApplication.java
+++ b/telephony/common/com/android/internal/telephony/SmsApplication.java
@@ -40,7 +40,6 @@
import android.os.UserHandle;
import android.provider.Telephony;
import android.provider.Telephony.Sms.Intents;
-import android.telephony.PackageChangeReceiver;
import android.telephony.TelephonyManager;
import android.util.Log;
diff --git a/test-base/Android.bp b/test-base/Android.bp
index 9bd639b..b58aa11 100644
--- a/test-base/Android.bp
+++ b/test-base/Android.bp
@@ -32,7 +32,7 @@
java_sdk_library {
name: "android.test.base",
- srcs: ["src/**/*.java"],
+ srcs: [":android-test-base-sources"],
errorprone: {
javacflags: ["-Xep:DepAnn:ERROR"],
@@ -66,7 +66,7 @@
name: "android.test.base_static",
installable: false,
- srcs: ["src/**/*.java"],
+ srcs: [":android-test-base-sources"],
errorprone: {
javacflags: ["-Xep:DepAnn:ERROR"],
@@ -114,6 +114,12 @@
],
}
+filegroup {
+ name: "android-test-base-sources",
+ srcs: ["src/**/*.java"],
+ path: "src",
+}
+
// Make the current.txt available for use by the cts/tests/signature tests.
// ========================================================================
filegroup {
diff --git a/test-mock/Android.bp b/test-mock/Android.bp
index b83bce6..107292c 100644
--- a/test-mock/Android.bp
+++ b/test-mock/Android.bp
@@ -29,7 +29,7 @@
name: "android.test.mock",
srcs: [
- "src/**/*.java",
+ ":android-test-mock-sources",
// Note: Below are NOT APIs of this library. We only take APIs under
// the android.test.mock package. They however provide private APIs that
// android.test.mock APIs references to.
@@ -61,3 +61,9 @@
"api/current.txt",
],
}
+
+filegroup {
+ name: "android-test-mock-sources",
+ srcs: ["src/**/*.java"],
+ path: "src",
+}
diff --git a/test-runner/Android.bp b/test-runner/Android.bp
index fe007e39..c380ae3 100644
--- a/test-runner/Android.bp
+++ b/test-runner/Android.bp
@@ -29,7 +29,7 @@
java_sdk_library {
name: "android.test.runner",
- srcs: ["src/**/*.java"],
+ srcs: [":android-test-runner-sources"],
errorprone: {
javacflags: ["-Xep:DepAnn:ERROR"],
@@ -76,7 +76,7 @@
java_library_static {
name: "repackaged.android.test.runner",
- srcs: ["src/**/*.java"],
+ srcs: [":android-test-runner-sources"],
exclude_srcs: [
"src/android/test/ActivityUnitTestCase.java",
"src/android/test/ApplicationTestCase.java",
@@ -108,3 +108,9 @@
"api/current.txt",
],
}
+
+filegroup {
+ name: "android-test-runner-sources",
+ srcs: ["src/**/*.java"],
+ path: "src",
+}
diff --git a/tests/net/java/com/android/server/IpSecServiceParameterizedTest.java b/tests/net/java/com/android/server/IpSecServiceParameterizedTest.java
index 32c95f1..cf2c9c7 100644
--- a/tests/net/java/com/android/server/IpSecServiceParameterizedTest.java
+++ b/tests/net/java/com/android/server/IpSecServiceParameterizedTest.java
@@ -16,9 +16,14 @@
package com.android.server;
+import static android.content.pm.PackageManager.PERMISSION_DENIED;
import static android.content.pm.PackageManager.PERMISSION_GRANTED;
import static android.net.INetd.IF_STATE_DOWN;
import static android.net.INetd.IF_STATE_UP;
+import static android.net.IpSecManager.DIRECTION_FWD;
+import static android.net.IpSecManager.DIRECTION_IN;
+import static android.net.IpSecManager.DIRECTION_OUT;
+import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK;
import static android.system.OsConstants.AF_INET;
import static android.system.OsConstants.AF_INET6;
@@ -56,6 +61,7 @@
import android.os.ParcelFileDescriptor;
import android.system.Os;
import android.test.mock.MockContext;
+import android.util.ArraySet;
import androidx.test.filters.SmallTest;
@@ -71,6 +77,7 @@
import java.net.Socket;
import java.util.Arrays;
import java.util.Collection;
+import java.util.Set;
/** Unit tests for {@link IpSecService}. */
@SmallTest
@@ -119,7 +126,18 @@
AppOpsManager mMockAppOps = mock(AppOpsManager.class);
ConnectivityManager mMockConnectivityMgr = mock(ConnectivityManager.class);
- MockContext mMockContext = new MockContext() {
+ TestContext mTestContext = new TestContext();
+
+ private class TestContext extends MockContext {
+ private Set<String> mAllowedPermissions = new ArraySet<>(Arrays.asList(
+ android.Manifest.permission.MANAGE_IPSEC_TUNNELS,
+ android.Manifest.permission.NETWORK_STACK,
+ PERMISSION_MAINLINE_NETWORK_STACK));
+
+ private void setAllowedPermissions(String... permissions) {
+ mAllowedPermissions = new ArraySet<>(permissions);
+ }
+
@Override
public Object getSystemService(String name) {
switch(name) {
@@ -147,20 +165,22 @@
@Override
public void enforceCallingOrSelfPermission(String permission, String message) {
- if (permission == android.Manifest.permission.MANAGE_IPSEC_TUNNELS) {
+ if (mAllowedPermissions.contains(permission)) {
return;
+ } else {
+ throw new SecurityException("Unavailable permission requested");
}
- throw new SecurityException("Unavailable permission requested");
}
@Override
public int checkCallingOrSelfPermission(String permission) {
- if (android.Manifest.permission.NETWORK_STACK.equals(permission)) {
+ if (mAllowedPermissions.contains(permission)) {
return PERMISSION_GRANTED;
+ } else {
+ return PERMISSION_DENIED;
}
- throw new UnsupportedOperationException();
}
- };
+ }
INetd mMockNetd;
PackageManager mMockPkgMgr;
@@ -194,7 +214,7 @@
mMockNetd = mock(INetd.class);
mMockPkgMgr = mock(PackageManager.class);
mMockIpSecSrvConfig = mock(IpSecService.IpSecServiceConfiguration.class);
- mIpSecService = new IpSecService(mMockContext, mMockIpSecSrvConfig);
+ mIpSecService = new IpSecService(mTestContext, mMockIpSecSrvConfig);
// Injecting mock netd
when(mMockIpSecSrvConfig.getNetdInstance()).thenReturn(mMockNetd);
@@ -664,6 +684,21 @@
assertNotNull(createTunnelResp);
assertEquals(IpSecManager.Status.OK, createTunnelResp.status);
+ for (int direction : new int[] {DIRECTION_IN, DIRECTION_OUT, DIRECTION_FWD}) {
+ for (int selAddrFamily : ADDRESS_FAMILIES) {
+ verify(mMockNetd).ipSecAddSecurityPolicy(
+ eq(mUid),
+ eq(selAddrFamily),
+ eq(direction),
+ anyString(),
+ anyString(),
+ eq(0),
+ anyInt(), // iKey/oKey
+ anyInt(), // mask
+ eq(createTunnelResp.resourceId));
+ }
+ }
+
return createTunnelResp;
}
@@ -798,16 +833,51 @@
}
@Test
- public void testApplyTunnelModeTransform() throws Exception {
- verifyApplyTunnelModeTransformCommon(false);
+ public void testApplyTunnelModeTransformOutbound() throws Exception {
+ verifyApplyTunnelModeTransformCommon(false /* closeSpiBeforeApply */, DIRECTION_OUT);
}
@Test
- public void testApplyTunnelModeTransformReleasedSpi() throws Exception {
- verifyApplyTunnelModeTransformCommon(true);
+ public void testApplyTunnelModeTransformOutboundNonNetworkStack() throws Exception {
+ mTestContext.setAllowedPermissions(android.Manifest.permission.MANAGE_IPSEC_TUNNELS);
+ verifyApplyTunnelModeTransformCommon(false /* closeSpiBeforeApply */, DIRECTION_OUT);
}
- public void verifyApplyTunnelModeTransformCommon(boolean closeSpiBeforeApply) throws Exception {
+ @Test
+ public void testApplyTunnelModeTransformOutboundReleasedSpi() throws Exception {
+ verifyApplyTunnelModeTransformCommon(true /* closeSpiBeforeApply */, DIRECTION_OUT);
+ }
+
+ @Test
+ public void testApplyTunnelModeTransformInbound() throws Exception {
+ verifyApplyTunnelModeTransformCommon(true /* closeSpiBeforeApply */, DIRECTION_IN);
+ }
+
+ @Test
+ public void testApplyTunnelModeTransformInboundNonNetworkStack() throws Exception {
+ mTestContext.setAllowedPermissions(android.Manifest.permission.MANAGE_IPSEC_TUNNELS);
+ verifyApplyTunnelModeTransformCommon(true /* closeSpiBeforeApply */, DIRECTION_IN);
+ }
+
+ @Test
+ public void testApplyTunnelModeTransformForward() throws Exception {
+ verifyApplyTunnelModeTransformCommon(true /* closeSpiBeforeApply */, DIRECTION_FWD);
+ }
+
+ @Test
+ public void testApplyTunnelModeTransformForwardNonNetworkStack() throws Exception {
+ mTestContext.setAllowedPermissions(android.Manifest.permission.MANAGE_IPSEC_TUNNELS);
+
+ try {
+ verifyApplyTunnelModeTransformCommon(true /* closeSpiBeforeApply */, DIRECTION_FWD);
+ fail("Expected security exception due to use of forward policies without NETWORK_STACK"
+ + " or MAINLINE_NETWORK_STACK permission");
+ } catch (SecurityException expected) {
+ }
+ }
+
+ public void verifyApplyTunnelModeTransformCommon(boolean closeSpiBeforeApply, int direction)
+ throws Exception {
IpSecConfig ipSecConfig = new IpSecConfig();
ipSecConfig.setMode(IpSecTransform.MODE_TUNNEL);
addDefaultSpisAndRemoteAddrToIpSecConfig(ipSecConfig);
@@ -825,17 +895,17 @@
int transformResourceId = createTransformResp.resourceId;
int tunnelResourceId = createTunnelResp.resourceId;
mIpSecService.applyTunnelModeTransform(
- tunnelResourceId, IpSecManager.DIRECTION_OUT, transformResourceId, BLESSED_PACKAGE);
+ tunnelResourceId, direction, transformResourceId, BLESSED_PACKAGE);
for (int selAddrFamily : ADDRESS_FAMILIES) {
verify(mMockNetd)
.ipSecUpdateSecurityPolicy(
eq(mUid),
eq(selAddrFamily),
- eq(IpSecManager.DIRECTION_OUT),
+ eq(direction),
anyString(),
anyString(),
- eq(TEST_SPI),
+ eq(direction == DIRECTION_OUT ? TEST_SPI : 0),
anyInt(), // iKey/oKey
anyInt(), // mask
eq(tunnelResourceId));
diff --git a/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionConnectedStateTest.java b/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionConnectedStateTest.java
index eedaac4..39f7386 100644
--- a/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionConnectedStateTest.java
+++ b/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionConnectedStateTest.java
@@ -16,8 +16,11 @@
package com.android.server.vcn;
+import static android.net.IpSecManager.DIRECTION_FWD;
import static android.net.IpSecManager.DIRECTION_IN;
import static android.net.IpSecManager.DIRECTION_OUT;
+import static android.net.NetworkCapabilities.NET_CAPABILITY_DUN;
+import static android.net.NetworkCapabilities.NET_CAPABILITY_INTERNET;
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
import static android.net.NetworkCapabilities.TRANSPORT_WIFI;
import static android.net.ipsec.ike.exceptions.IkeProtocolException.ERROR_TYPE_AUTHENTICATION_FAILED;
@@ -54,6 +57,8 @@
import android.net.ipsec.ike.exceptions.IkeException;
import android.net.ipsec.ike.exceptions.IkeInternalException;
import android.net.ipsec.ike.exceptions.IkeProtocolException;
+import android.net.vcn.VcnGatewayConnectionConfig;
+import android.net.vcn.VcnGatewayConnectionConfigTest;
import android.net.vcn.VcnManager.VcnErrorCode;
import androidx.test.filters.SmallTest;
@@ -143,8 +148,9 @@
assertEquals(mGatewayConnection.mConnectedState, mGatewayConnection.getCurrentState());
}
- @Test
- public void testCreatedTransformsAreApplied() throws Exception {
+ private void verifyVcnTransformsApplied(
+ VcnGatewayConnection vcnGatewayConnection, boolean expectForwardTransform)
+ throws Exception {
for (int direction : new int[] {DIRECTION_IN, DIRECTION_OUT}) {
getChildSessionCallback().onIpSecTransformCreated(makeDummyIpSecTransform(), direction);
mTestLooper.dispatchAll();
@@ -154,7 +160,40 @@
eq(TEST_IPSEC_TUNNEL_RESOURCE_ID), eq(direction), anyInt(), any());
}
- assertEquals(mGatewayConnection.mConnectedState, mGatewayConnection.getCurrentState());
+ verify(mIpSecSvc, expectForwardTransform ? times(1) : never())
+ .applyTunnelModeTransform(
+ eq(TEST_IPSEC_TUNNEL_RESOURCE_ID), eq(DIRECTION_FWD), anyInt(), any());
+
+ assertEquals(vcnGatewayConnection.mConnectedState, vcnGatewayConnection.getCurrentState());
+ }
+
+ @Test
+ public void testCreatedTransformsAreApplied() throws Exception {
+ verifyVcnTransformsApplied(mGatewayConnection, false /* expectForwardTransform */);
+ }
+
+ @Test
+ public void testCreatedTransformsAreAppliedWithDun() throws Exception {
+ VcnGatewayConnectionConfig gatewayConfig =
+ VcnGatewayConnectionConfigTest.buildTestConfigWithExposedCaps(
+ NET_CAPABILITY_INTERNET, NET_CAPABILITY_DUN);
+ VcnGatewayConnection gatewayConnection =
+ new VcnGatewayConnection(
+ mVcnContext,
+ TEST_SUB_GRP,
+ TEST_SUBSCRIPTION_SNAPSHOT,
+ gatewayConfig,
+ mGatewayStatusCallback,
+ true /* isMobileDataEnabled */,
+ mDeps);
+ gatewayConnection.setUnderlyingNetwork(TEST_UNDERLYING_NETWORK_RECORD_1);
+ final VcnIkeSession session =
+ gatewayConnection.buildIkeSession(TEST_UNDERLYING_NETWORK_RECORD_1.network);
+ gatewayConnection.setIkeSession(session);
+ gatewayConnection.transitionTo(gatewayConnection.mConnectedState);
+ mTestLooper.dispatchAll();
+
+ verifyVcnTransformsApplied(gatewayConnection, true /* expectForwardTransform */);
}
@Test
diff --git a/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionTestBase.java b/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionTestBase.java
index 284f1f8..1ecb4c9 100644
--- a/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionTestBase.java
+++ b/tests/vcn/java/com/android/server/vcn/VcnGatewayConnectionTestBase.java
@@ -220,7 +220,7 @@
protected VcnChildSessionCallback getChildSessionCallback() {
ArgumentCaptor<ChildSessionCallback> captor =
ArgumentCaptor.forClass(ChildSessionCallback.class);
- verify(mDeps).newIkeSession(any(), any(), any(), any(), captor.capture());
+ verify(mDeps, atLeastOnce()).newIkeSession(any(), any(), any(), any(), captor.capture());
return (VcnChildSessionCallback) captor.getValue();
}