Clear UIDs when sharing NetworkCapabilties for ConnectivityDiagnostics.
ConnectivityDiagnostics shares NetworkCapabilities in
ConnectivityReports and DataStallReports. These NetworkCapabilities need
to have their UIDs scrubbed before they are shared with callbacks.
Bug: 148942124
Test: atest FrameworksNetTests
Change-Id: I5bde5a8116f7e36b8f4de49adf4cab8ec45a5aa4
diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index 34b7be4..845a322 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java
@@ -7832,12 +7832,15 @@
private void handleNetworkTestedWithExtras(
@NonNull ConnectivityReportEvent reportEvent, @NonNull PersistableBundle extras) {
final NetworkAgentInfo nai = reportEvent.mNai;
+ final NetworkCapabilities networkCapabilities =
+ new NetworkCapabilities(nai.networkCapabilities);
+ clearNetworkCapabilitiesUids(networkCapabilities);
final ConnectivityReport report =
new ConnectivityReport(
reportEvent.mNai.network,
reportEvent.mTimestampMillis,
nai.linkProperties,
- nai.networkCapabilities,
+ networkCapabilities,
extras);
final List<IConnectivityDiagnosticsCallback> results =
getMatchingPermissionedCallbacks(nai);
@@ -7853,13 +7856,16 @@
private void handleDataStallSuspected(
@NonNull NetworkAgentInfo nai, long timestampMillis, int detectionMethod,
@NonNull PersistableBundle extras) {
+ final NetworkCapabilities networkCapabilities =
+ new NetworkCapabilities(nai.networkCapabilities);
+ clearNetworkCapabilitiesUids(networkCapabilities);
final DataStallReport report =
new DataStallReport(
nai.network,
timestampMillis,
detectionMethod,
nai.linkProperties,
- nai.networkCapabilities,
+ networkCapabilities,
extras);
final List<IConnectivityDiagnosticsCallback> results =
getMatchingPermissionedCallbacks(nai);
@@ -7885,6 +7891,12 @@
}
}
+ private void clearNetworkCapabilitiesUids(@NonNull NetworkCapabilities nc) {
+ nc.setUids(null);
+ nc.setAdministratorUids(Collections.EMPTY_LIST);
+ nc.setOwnerUid(Process.INVALID_UID);
+ }
+
private List<IConnectivityDiagnosticsCallback> getMatchingPermissionedCallbacks(
@NonNull NetworkAgentInfo nai) {
final List<IConnectivityDiagnosticsCallback> results = new ArrayList<>();
diff --git a/tests/net/java/com/android/server/ConnectivityServiceTest.java b/tests/net/java/com/android/server/ConnectivityServiceTest.java
index 86ba8af..2980ff7 100644
--- a/tests/net/java/com/android/server/ConnectivityServiceTest.java
+++ b/tests/net/java/com/android/server/ConnectivityServiceTest.java
@@ -23,8 +23,6 @@
import static android.content.pm.PackageManager.MATCH_ANY_USER;
import static android.content.pm.PackageManager.PERMISSION_DENIED;
import static android.content.pm.PackageManager.PERMISSION_GRANTED;
-import static android.net.ConnectivityDiagnosticsManager.ConnectivityReport;
-import static android.net.ConnectivityDiagnosticsManager.DataStallReport;
import static android.net.ConnectivityManager.ACTION_CAPTIVE_PORTAL_SIGN_IN;
import static android.net.ConnectivityManager.CONNECTIVITY_ACTION;
import static android.net.ConnectivityManager.CONNECTIVITY_ACTION_SUPL;
@@ -100,6 +98,7 @@
import static org.junit.Assert.fail;
import static org.mockito.ArgumentMatchers.anyLong;
import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.ArgumentMatchers.argThat;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.ArgumentMatchers.startsWith;
import static org.mockito.Matchers.anyInt;
@@ -6840,8 +6839,13 @@
HandlerUtilsKt.waitForIdle(mCsHandlerThread, TIMEOUT_MS);
// Verify onConnectivityReport fired
- verify(mConnectivityDiagnosticsCallback)
- .onConnectivityReport(any(ConnectivityReport.class));
+ verify(mConnectivityDiagnosticsCallback).onConnectivityReport(
+ argThat(report -> {
+ final NetworkCapabilities nc = report.getNetworkCapabilities();
+ return nc.getUids() == null
+ && nc.getAdministratorUids().isEmpty()
+ && nc.getOwnerUid() == Process.INVALID_UID;
+ }));
}
@Test
@@ -6856,7 +6860,13 @@
HandlerUtilsKt.waitForIdle(mCsHandlerThread, TIMEOUT_MS);
// Verify onDataStallSuspected fired
- verify(mConnectivityDiagnosticsCallback).onDataStallSuspected(any(DataStallReport.class));
+ verify(mConnectivityDiagnosticsCallback).onDataStallSuspected(
+ argThat(report -> {
+ final NetworkCapabilities nc = report.getNetworkCapabilities();
+ return nc.getUids() == null
+ && nc.getAdministratorUids().isEmpty()
+ && nc.getOwnerUid() == Process.INVALID_UID;
+ }));
}
@Test