1 /* 2 * Copyright (C) 2021 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.ipsec.ike.cts; 18 19 import android.content.Context; 20 import android.ipsec.ike.cts.TestNetworkUtils.TestNetworkCallback; 21 import android.net.ConnectivityManager; 22 import android.net.IpSecManager; 23 import android.net.IpSecTransform; 24 import android.net.LinkAddress; 25 import android.net.Network; 26 import android.net.TestNetworkInterface; 27 import android.net.TestNetworkManager; 28 import android.net.ipsec.ike.ChildSessionConfiguration; 29 import android.net.ipsec.ike.IkeSessionConnectionInfo; 30 import android.os.Binder; 31 import android.os.ParcelFileDescriptor; 32 import android.util.CloseGuard; 33 34 import androidx.test.InstrumentationRegistry; 35 import androidx.test.ext.junit.runners.AndroidJUnit4; 36 37 import com.android.modules.utils.build.SdkLevel; 38 39 import org.junit.AfterClass; 40 import org.junit.BeforeClass; 41 import org.junit.runner.RunWith; 42 43 import java.io.Closeable; 44 import java.io.IOException; 45 import java.net.Inet4Address; 46 import java.net.InetAddress; 47 import java.util.Arrays; 48 49 @RunWith(AndroidJUnit4.class) 50 abstract class IkeTestNetworkBase extends IkeTestBase { 51 // Static state to reduce setup/teardown 52 static Context sContext = InstrumentationRegistry.getContext(); 53 static ConnectivityManager sCM = sContext.getSystemService(ConnectivityManager.class); 54 static TestNetworkManager sTNM; 55 56 // This method is guaranteed to run in subclasses and will run before subclasses' @BeforeClass 57 // methods. 58 @BeforeClass setUpPermissionBeforeClass()59 public static void setUpPermissionBeforeClass() throws Exception { 60 InstrumentationRegistry.getInstrumentation() 61 .getUiAutomation() 62 .adoptShellPermissionIdentity(); 63 sTNM = sContext.getSystemService(TestNetworkManager.class); 64 } 65 66 // This method is guaranteed to run in subclasses and will run after subclasses' @AfterClass 67 // methods. 68 @AfterClass tearDownPermissionAfterClass()69 public static void tearDownPermissionAfterClass() throws Exception { 70 InstrumentationRegistry.getInstrumentation() 71 .getUiAutomation() 72 .dropShellPermissionIdentity(); 73 } 74 75 // Package private for use in IkeExceptionTest 76 static class TunNetworkContext implements Closeable { 77 public final ParcelFileDescriptor tunFd; 78 public final TestNetworkCallback tunNetworkCallback; 79 public final Network tunNetwork; 80 public final IkeTunUtils tunUtils; 81 TunNetworkContext(InetAddress... addresses)82 TunNetworkContext(InetAddress... addresses) throws Exception { 83 final LinkAddress[] linkAddresses = new LinkAddress[addresses.length]; 84 for (int i = 0; i < linkAddresses.length; i++) { 85 InetAddress addr = addresses[i]; 86 if (addr instanceof Inet4Address) { 87 linkAddresses[i] = new LinkAddress(addr, IP4_PREFIX_LEN); 88 } else { 89 linkAddresses[i] = new LinkAddress(addr, IP6_PREFIX_LEN); 90 } 91 } 92 93 try { 94 final TestNetworkInterface testIface = 95 SdkLevel.isAtLeastS() 96 ? sTNM.createTunInterface(Arrays.asList(linkAddresses)) 97 // createTunInterface(LinkAddress[]) was TestApi until R. 98 // Wrap linkAddresses in an Object[], so Method#invoke(Object, 99 // Object...) doesn't treat linkAddresses as the varargs input. 100 : (TestNetworkInterface) 101 sTNM.getClass() 102 .getMethod( 103 "createTunInterface", LinkAddress[].class) 104 .invoke(sTNM, new Object[] {linkAddresses}); 105 106 tunFd = testIface.getFileDescriptor(); 107 tunNetworkCallback = 108 TestNetworkUtils.setupAndGetTestNetwork( 109 sCM, sTNM, testIface.getInterfaceName(), new Binder()); 110 tunNetwork = tunNetworkCallback.getNetworkBlocking(); 111 } catch (Exception e) { 112 close(); 113 throw e; 114 } 115 116 tunUtils = new IkeTunUtils(tunFd); 117 } 118 119 @Override close()120 public void close() throws IOException { 121 if (tunNetworkCallback != null) { 122 sCM.unregisterNetworkCallback(tunNetworkCallback); 123 } 124 125 if (tunNetwork != null) { 126 sTNM.teardownTestNetwork(tunNetwork); 127 } 128 129 if (tunFd != null) { 130 tunFd.close(); 131 } 132 } 133 } 134 135 static class TunIpSecNetworkWrapper implements AutoCloseable { 136 public final IpSecManager.IpSecTunnelInterface tunnelIface; 137 public final TestNetworkCallback networkCallback; 138 public final Network ipSecNetwork; 139 140 private final CloseGuard mCloseGuard = new CloseGuard(); 141 TunIpSecNetworkWrapper( IkeSessionConnectionInfo connectionInfo, ChildSessionConfiguration childConf, IpSecTransform inTransform, IpSecTransform outTransform)142 TunIpSecNetworkWrapper( 143 IkeSessionConnectionInfo connectionInfo, 144 ChildSessionConfiguration childConf, 145 IpSecTransform inTransform, 146 IpSecTransform outTransform) 147 throws Exception { 148 final IpSecManager ipsecMgr = sContext.getSystemService(IpSecManager.class); 149 150 tunnelIface = 151 ipsecMgr.createIpSecTunnelInterface( 152 connectionInfo.getLocalAddress(), 153 connectionInfo.getRemoteAddress(), 154 connectionInfo.getNetwork()); 155 156 final LinkAddress localInner = childConf.getInternalAddresses().get(0); 157 tunnelIface.addAddress(localInner.getAddress(), localInner.getPrefixLength()); 158 159 ipsecMgr.applyTunnelModeTransform(tunnelIface, IpSecManager.DIRECTION_IN, inTransform); 160 ipsecMgr.applyTunnelModeTransform(tunnelIface, IpSecManager.DIRECTION_OUT, inTransform); 161 162 networkCallback = 163 TestNetworkUtils.setupAndGetTestNetwork( 164 sCM, sTNM, tunnelIface.getInterfaceName(), new Binder()); 165 ipSecNetwork = networkCallback.getNetworkBlocking(); 166 } 167 168 @Override close()169 public void close() { 170 mCloseGuard.close(); 171 172 if (tunnelIface != null) { 173 tunnelIface.close(); 174 } 175 if (networkCallback != null) { 176 sCM.unregisterNetworkCallback(networkCallback); 177 } 178 if (ipSecNetwork != null) { 179 sTNM.teardownTestNetwork(ipSecNetwork); 180 } 181 } 182 183 @Override finalize()184 public void finalize() { 185 mCloseGuard.warnIfOpen(); 186 close(); 187 } 188 } 189 } 190