diff options
author | Yan Yan <evitayan@google.com> | 2024-05-08 21:57:42 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2024-05-08 21:57:42 +0000 |
commit | c176987ebb2ce8201485baca297437d249b74a0c (patch) | |
tree | 38e11c42365c73d0211bdb191934253a23e7cbdb | |
parent | 86b9f6441afa9c03ccf777f92e6886fb3ffa1187 (diff) | |
parent | 43ee23b0d7cf2bc27f76a81a8adbcc692594baac (diff) | |
download | base-c176987ebb2ce8201485baca297437d249b74a0c.tar.gz |
Merge "Make VCN HSUM compatible" into main
3 files changed, 53 insertions, 14 deletions
diff --git a/core/java/android/net/vcn/flags.aconfig b/core/java/android/net/vcn/flags.aconfig index 9fe0befb4f97..d4d1ed22dd4e 100644 --- a/core/java/android/net/vcn/flags.aconfig +++ b/core/java/android/net/vcn/flags.aconfig @@ -38,6 +38,16 @@ flag{ } flag{ + name: "enforce_main_user" + namespace: "vcn" + description: "Enforce main user to make VCN HSUM compatible" + bug: "310310661" + metadata { + purpose: PURPOSE_BUGFIX + } +} + +flag{ name: "handle_seq_num_leap" namespace: "vcn" description: "Do not report bad network when there is a suspected sequence number leap" diff --git a/services/core/java/com/android/server/VcnManagementService.java b/services/core/java/com/android/server/VcnManagementService.java index 7acca19f9d79..e2b6bd6ae360 100644 --- a/services/core/java/com/android/server/VcnManagementService.java +++ b/services/core/java/com/android/server/VcnManagementService.java @@ -36,6 +36,7 @@ import static java.util.Objects.requireNonNull; import android.annotation.NonNull; import android.annotation.Nullable; +import android.annotation.SuppressLint; import android.app.AppOpsManager; import android.content.BroadcastReceiver; import android.content.Context; @@ -47,6 +48,7 @@ import android.net.LinkProperties; import android.net.Network; import android.net.NetworkCapabilities; import android.net.NetworkRequest; +import android.net.vcn.Flags; import android.net.vcn.IVcnManagementService; import android.net.vcn.IVcnStatusCallback; import android.net.vcn.IVcnUnderlyingNetworkPolicyListener; @@ -68,6 +70,7 @@ import android.os.Process; import android.os.RemoteException; import android.os.ServiceSpecificException; import android.os.UserHandle; +import android.os.UserManager; import android.telephony.SubscriptionInfo; import android.telephony.SubscriptionManager; import android.telephony.TelephonyManager; @@ -431,6 +434,8 @@ public class VcnManagementService extends IVcnManagementService.Stub { mTelephonySubscriptionTracker.register(); } + // The system server automatically has the required permissions for #getMainUser() + @SuppressLint("AndroidFrameworkRequiresPermission") private void enforcePrimaryUser() { final int uid = mDeps.getBinderCallingUid(); if (uid == Process.SYSTEM_UID) { @@ -438,7 +443,20 @@ public class VcnManagementService extends IVcnManagementService.Stub { "Calling identity was System Server. Was Binder calling identity cleared?"); } - if (!UserHandle.getUserHandleForUid(uid).isSystem()) { + final UserHandle userHandle = UserHandle.getUserHandleForUid(uid); + + if (Flags.enforceMainUser()) { + final UserManager userManager = mContext.getSystemService(UserManager.class); + + Binder.withCleanCallingIdentity( + () -> { + if (!Objects.equals(userManager.getMainUser(), userHandle)) { + throw new SecurityException( + "VcnManagementService can only be used by callers running as" + + " the main user"); + } + }); + } else if (!userHandle.isSystem()) { throw new SecurityException( "VcnManagementService can only be used by callers running as the primary user"); } diff --git a/tests/vcn/java/com/android/server/VcnManagementServiceTest.java b/tests/vcn/java/com/android/server/VcnManagementServiceTest.java index 960b57cb632a..580efe126ea3 100644 --- a/tests/vcn/java/com/android/server/VcnManagementServiceTest.java +++ b/tests/vcn/java/com/android/server/VcnManagementServiceTest.java @@ -70,6 +70,7 @@ import android.net.Network; import android.net.NetworkCapabilities; import android.net.NetworkRequest; import android.net.Uri; +import android.net.vcn.Flags; import android.net.vcn.IVcnStatusCallback; import android.net.vcn.IVcnUnderlyingNetworkPolicyListener; import android.net.vcn.VcnConfig; @@ -82,7 +83,9 @@ import android.os.ParcelUuid; import android.os.PersistableBundle; import android.os.Process; import android.os.UserHandle; +import android.os.UserManager; import android.os.test.TestLooper; +import android.platform.test.flag.junit.SetFlagsRule; import android.telephony.SubscriptionInfo; import android.telephony.SubscriptionManager; import android.telephony.TelephonyManager; @@ -101,6 +104,7 @@ import com.android.server.vcn.util.PersistableBundleUtils; import com.android.server.vcn.util.PersistableBundleUtils.PersistableBundleWrapper; import org.junit.Before; +import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.ArgumentCaptor; @@ -118,6 +122,8 @@ import java.util.UUID; @RunWith(AndroidJUnit4.class) @SmallTest public class VcnManagementServiceTest { + @Rule public final SetFlagsRule mSetFlagsRule = new SetFlagsRule(); + private static final String CONTEXT_ATTRIBUTION_TAG = "VCN"; private static final String TEST_PACKAGE_NAME = VcnManagementServiceTest.class.getPackage().getName(); @@ -129,7 +135,12 @@ public class VcnManagementServiceTest { private static final ParcelUuid TEST_UUID_3 = new ParcelUuid(new UUID(2, 2)); private static final VcnConfig TEST_VCN_CONFIG; private static final VcnConfig TEST_VCN_CONFIG_PKG_2; - private static final int TEST_UID = Process.FIRST_APPLICATION_UID; + + private static final int TEST_UID = 1010000; // A non-system user + private static final UserHandle TEST_USER_HANDLE = UserHandle.getUserHandleForUid(TEST_UID); + private static final UserHandle TEST_USER_HANDLE_OTHER = + UserHandle.of(TEST_USER_HANDLE.getIdentifier() + 1); + private static final String TEST_IFACE_NAME = "TEST_IFACE"; private static final String TEST_IFACE_NAME_2 = "TEST_IFACE2"; private static final LinkProperties TEST_LP_1 = new LinkProperties(); @@ -187,6 +198,7 @@ public class VcnManagementServiceTest { private final TelephonyManager mTelMgr = mock(TelephonyManager.class); private final SubscriptionManager mSubMgr = mock(SubscriptionManager.class); private final AppOpsManager mAppOpsMgr = mock(AppOpsManager.class); + private final UserManager mUserManager = mock(UserManager.class); private final VcnContext mVcnContext = mock(VcnContext.class); private final PersistableBundleUtils.LockingReadWriteHelper mConfigReadWriteHelper = mock(PersistableBundleUtils.LockingReadWriteHelper.class); @@ -218,6 +230,9 @@ public class VcnManagementServiceTest { Context.TELEPHONY_SUBSCRIPTION_SERVICE, SubscriptionManager.class); setupSystemService(mMockContext, mAppOpsMgr, Context.APP_OPS_SERVICE, AppOpsManager.class); + setupSystemService(mMockContext, mUserManager, Context.USER_SERVICE, UserManager.class); + + doReturn(TEST_USER_HANDLE).when(mUserManager).getMainUser(); doReturn(TEST_PACKAGE_NAME).when(mMockContext).getOpPackageName(); @@ -267,6 +282,8 @@ public class VcnManagementServiceTest { @Before public void setUp() { + mSetFlagsRule.enableFlags(Flags.FLAG_ENFORCE_MAIN_USER); + doNothing() .when(mMockContext) .enforceCallingOrSelfPermission( @@ -717,10 +734,8 @@ public class VcnManagementServiceTest { } @Test - public void testSetVcnConfigRequiresSystemUser() throws Exception { - doReturn(UserHandle.getUid(UserHandle.MIN_SECONDARY_USER_ID, TEST_UID)) - .when(mMockDeps) - .getBinderCallingUid(); + public void testSetVcnConfigRequiresMainUser() throws Exception { + doReturn(TEST_USER_HANDLE_OTHER).when(mUserManager).getMainUser(); try { mVcnMgmtSvc.setVcnConfig(TEST_UUID_1, TEST_VCN_CONFIG, TEST_PACKAGE_NAME); @@ -832,10 +847,8 @@ public class VcnManagementServiceTest { } @Test - public void testClearVcnConfigRequiresSystemUser() throws Exception { - doReturn(UserHandle.getUid(UserHandle.MIN_SECONDARY_USER_ID, TEST_UID)) - .when(mMockDeps) - .getBinderCallingUid(); + public void testClearVcnConfigRequiresMainUser() throws Exception { + doReturn(TEST_USER_HANDLE_OTHER).when(mUserManager).getMainUser(); try { mVcnMgmtSvc.clearVcnConfig(TEST_UUID_1, TEST_PACKAGE_NAME); @@ -921,10 +934,8 @@ public class VcnManagementServiceTest { } @Test - public void testGetConfiguredSubscriptionGroupsRequiresSystemUser() throws Exception { - doReturn(UserHandle.getUid(UserHandle.MIN_SECONDARY_USER_ID, TEST_UID)) - .when(mMockDeps) - .getBinderCallingUid(); + public void testGetConfiguredSubscriptionGroupsRequiresMainUser() throws Exception { + doReturn(TEST_USER_HANDLE_OTHER).when(mUserManager).getMainUser(); try { mVcnMgmtSvc.getConfiguredSubscriptionGroups(TEST_PACKAGE_NAME); |