Skip TestDropPacketToVpnAddress if the feature is disabled
INGRESS_TO_VPN_ADDRESS_FILTERING is disabled due to b/352424251 and
testDropPacketToVpnAddress fails if the feature is disabled.
So skip testDropPacketToVpnAddress if the feature is disabled.
Bug: 362434644
Test: adb shell device_config put tethering
ingress_to_vpn_address_filtering -1
Test: atest CtsHostsideNetworkTests
Change-Id: Ib16a7550dcf93dd9ecf29047b1c4f101ff6d610d
diff --git a/framework/src/android/net/ConnectivityManager.java b/framework/src/android/net/ConnectivityManager.java
index 63a6cd2..1ebc4a3 100644
--- a/framework/src/android/net/ConnectivityManager.java
+++ b/framework/src/android/net/ConnectivityManager.java
@@ -6734,4 +6734,33 @@
throw e.rethrowFromSystemServer();
}
}
+
+ /**
+ * Get the specified ConnectivityService feature status. This method is for test code to check
+ * whether the feature is enabled or not.
+ * Note that tests can not just read DeviceConfig since ConnectivityService reads flag at
+ * startup. For example, it's possible that the current flag value is "disable"(-1) but the
+ * feature is enabled since the flag value was "enable"(1) when ConnectivityService started up.
+ * If the ConnectivityManager needs to check the ConnectivityService feature status for non-test
+ * purpose, define feature in {@link ConnectivityManagerFeature} and use
+ * {@link #isFeatureEnabled} instead.
+ *
+ * @param featureFlag target flag for feature
+ * @return {@code true} if the feature is enabled, {@code false} if the feature is disabled.
+ * @throws IllegalArgumentException if the flag is invalid
+ *
+ * @hide
+ */
+ @RequiresPermission(anyOf = {
+ android.Manifest.permission.NETWORK_SETTINGS,
+ android.Manifest.permission.NETWORK_STACK,
+ NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK
+ })
+ public boolean isConnectivityServiceFeatureEnabledForTesting(final String featureFlag) {
+ try {
+ return mService.isConnectivityServiceFeatureEnabledForTesting(featureFlag);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
}
diff --git a/framework/src/android/net/IConnectivityManager.aidl b/framework/src/android/net/IConnectivityManager.aidl
index 988cc92..47b3316 100644
--- a/framework/src/android/net/IConnectivityManager.aidl
+++ b/framework/src/android/net/IConnectivityManager.aidl
@@ -262,4 +262,6 @@
IBinder getRoutingCoordinatorService();
long getEnabledConnectivityManagerFeatures();
+
+ boolean isConnectivityServiceFeatureEnabledForTesting(String featureFlag);
}
diff --git a/service/src/com/android/server/ConnectivityService.java b/service/src/com/android/server/ConnectivityService.java
index 9af250b..990f43e 100755
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -14505,4 +14505,14 @@
}
return features;
}
+
+ @Override
+ public boolean isConnectivityServiceFeatureEnabledForTesting(String featureFlag) {
+ switch (featureFlag) {
+ case INGRESS_TO_VPN_ADDRESS_FILTERING:
+ return mIngressToVpnAddressFiltering;
+ default:
+ throw new IllegalArgumentException("Unknown flag: " + featureFlag);
+ }
+ }
}
diff --git a/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java b/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
index e186c6b..2db1db5 100755
--- a/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
+++ b/tests/cts/hostside/app/src/com/android/cts/net/hostside/VpnTest.java
@@ -213,6 +213,8 @@
private static final String AUTOMATIC_ON_OFF_KEEPALIVE_VERSION =
"automatic_on_off_keepalive_version";
+ private static final String INGRESS_TO_VPN_ADDRESS_FILTERING =
+ "ingress_to_vpn_address_filtering";
// Enabled since version 1 means it's always enabled because the version is always above 1
private static final String AUTOMATIC_ON_OFF_KEEPALIVE_ENABLED = "1";
private static final long TEST_TCP_POLLING_TIMER_EXPIRED_PERIOD_MS = 60_000L;
@@ -1949,6 +1951,9 @@
*/
private void doTestDropPacketToVpnAddress(final boolean duplicatedAddress)
throws Exception {
+ assumeTrue(mCM.isConnectivityServiceFeatureEnabledForTesting(
+ INGRESS_TO_VPN_ADDRESS_FILTERING));
+
final NetworkRequest request = new NetworkRequest.Builder()
.removeCapability(NetworkCapabilities.NET_CAPABILITY_NOT_VPN)
.removeCapability(NetworkCapabilities.NET_CAPABILITY_TRUSTED)