Immediately redact VcnTransportInfo. Redaction of NetworkCapabilities is changing from redacting at parcel time to redacting immediately when makeCopy() is called. Update VcnTransportInfo redaction accordingly. Bug: 183938194 Test: atest VcnTransportInfoTest Change-Id: I0c9406f426b66fd36b47d11799955def531c16ba

commit: 327cff1969067adee4f92f059dadaf5ea7e50a47 [log] [tgz]
author: Lorenzo Colitti <lorenzo@google.com> Mon May 10 10:19:11 2021 +0900
committer: Lorenzo Colitti <lorenzo@google.com> Tue May 11 22:47:34 2021 +0900
tree: 693b9073fadfb5fc1196b8585caa4939f275be36
parent: 58250b203225ec16619d010e2df7e4d7e349412a [diff]
diff --git a/core/java/android/net/vcn/VcnTransportInfo.java b/core/java/android/net/vcn/VcnTransportInfo.java
index 0e9ccf1..1f18184 100644
--- a/core/java/android/net/vcn/VcnTransportInfo.java
+++ b/core/java/android/net/vcn/VcnTransportInfo.java

@@ -16,23 +16,17 @@
 
 package android.net.vcn;
 
-import static android.net.NetworkCapabilities.REDACT_ALL;
-import static android.net.NetworkCapabilities.REDACT_FOR_NETWORK_SETTINGS;
+import static android.net.NetworkCapabilities.REDACT_NONE;
 import static android.telephony.SubscriptionManager.INVALID_SUBSCRIPTION_ID;
 
-import static com.android.internal.annotations.VisibleForTesting.Visibility.PRIVATE;
-
 import android.annotation.NonNull;
 import android.annotation.Nullable;
-import android.net.NetworkCapabilities;
 import android.net.TransportInfo;
 import android.net.wifi.WifiInfo;
 import android.os.Parcel;
 import android.os.Parcelable;
 import android.telephony.SubscriptionManager;
 
-import com.android.internal.annotations.VisibleForTesting;
-
 import java.util.Objects;
 
 /**
@@ -55,32 +49,17 @@
     @Nullable private final WifiInfo mWifiInfo;
     private final int mSubId;
 
-    /**
-     * The redaction scheme to use when parcelling.
-     *
-     * <p>The TransportInfo/NetworkCapabilities redaction mechanisms rely on redaction being
-     * performed at parcelling time. This means that the redaction scheme must be stored for later
-     * use.
-     *
-     * <p>Since the redaction scheme itself is not parcelled, this field is listed as a transient.
-     *
-     * <p>Defaults to REDACT_ALL when constructed using public constructors, or creating from
-     * parcels.
-     */
-    private final transient long mRedactions;
-
     public VcnTransportInfo(@NonNull WifiInfo wifiInfo) {
-        this(wifiInfo, INVALID_SUBSCRIPTION_ID, REDACT_ALL);
+        this(wifiInfo, INVALID_SUBSCRIPTION_ID);
     }
 
     public VcnTransportInfo(int subId) {
-        this(null /* wifiInfo */, subId, REDACT_ALL);
+        this(null /* wifiInfo */, subId);
     }
 
-    private VcnTransportInfo(@Nullable WifiInfo wifiInfo, int subId, long redactions) {
+    private VcnTransportInfo(@Nullable WifiInfo wifiInfo, int subId) {
         mWifiInfo = wifiInfo;
         mSubId = subId;
-        mRedactions = redactions;
     }
 
     /**
@@ -102,25 +81,14 @@
      * SubscriptionManager#INVALID_SUBSCRIPTION_ID}.
      *
      * @return the Subscription ID if a cellular underlying Network is present, else {@link
-     *     android.telephony.SubscriptionManager.INVALID_SUBSCRIPTION_ID}.
+     *     android.telephony.SubscriptionManager#INVALID_SUBSCRIPTION_ID}.
      */
     public int getSubId() {
         return mSubId;
     }
 
-    /**
-     * Gets the redaction scheme
-     *
-     * @hide
-     */
-    @VisibleForTesting(visibility = PRIVATE)
-    public long getRedaction() {
-        return mRedactions;
-    }
-
     @Override
     public int hashCode() {
-        // mRedactions not hashed, as it is a transient, for control of parcelling
         return Objects.hash(mWifiInfo, mSubId);
     }
 
@@ -128,8 +96,6 @@
     public boolean equals(Object o) {
         if (!(o instanceof VcnTransportInfo)) return false;
         final VcnTransportInfo that = (VcnTransportInfo) o;
-
-        // mRedactions not compared, as it is a transient, for control of parcelling
         return Objects.equals(mWifiInfo, that.mWifiInfo) && mSubId == that.mSubId;
     }
 
@@ -143,31 +109,19 @@
     @NonNull
     public TransportInfo makeCopy(long redactions) {
         return new VcnTransportInfo(
-                mWifiInfo == null ? null : mWifiInfo.makeCopy(redactions), mSubId, redactions);
+                (mWifiInfo == null) ? null : mWifiInfo.makeCopy(redactions), mSubId);
     }
 
     @Override
     public long getApplicableRedactions() {
-        long redactions = REDACT_FOR_NETWORK_SETTINGS;
-
-        // Add additional wifi redactions if necessary
-        if (mWifiInfo != null) {
-            redactions |= mWifiInfo.getApplicableRedactions();
-        }
-
-        return redactions;
-    }
-
-    private boolean shouldParcelNetworkSettingsFields() {
-        return (mRedactions & NetworkCapabilities.REDACT_FOR_NETWORK_SETTINGS) == 0;
+        return (mWifiInfo == null) ? REDACT_NONE : mWifiInfo.getApplicableRedactions();
     }
 
     /** {@inheritDoc} */
     @Override
     public void writeToParcel(@NonNull Parcel dest, int flags) {
-        dest.writeInt(shouldParcelNetworkSettingsFields() ? mSubId : INVALID_SUBSCRIPTION_ID);
-        dest.writeParcelable(
-                shouldParcelNetworkSettingsFields() ? (Parcelable) mWifiInfo : null, flags);
+        dest.writeInt(mSubId);
+        dest.writeParcelable(mWifiInfo, flags);
     }
 
     @Override
@@ -181,17 +135,7 @@
                 public VcnTransportInfo createFromParcel(Parcel in) {
                     final int subId = in.readInt();
                     final WifiInfo wifiInfo = in.readParcelable(null);
-
-                    // If all fields are their null values, return null TransportInfo to avoid
-                    // leaking information about this being a VCN Network (instead of macro
-                    // cellular, etc)
-                    if (wifiInfo == null && subId == INVALID_SUBSCRIPTION_ID) {
-                        return null;
-                    }
-
-                    // Prevent further forwarding by redacting everything in future parcels from
-                    // this VcnTransportInfo
-                    return new VcnTransportInfo(wifiInfo, subId, REDACT_ALL);
+                    return new VcnTransportInfo(wifiInfo, subId);
                 }
 
                 public VcnTransportInfo[] newArray(int size) {

diff --git a/tests/vcn/java/android/net/vcn/VcnTransportInfoTest.java b/tests/vcn/java/android/net/vcn/VcnTransportInfoTest.java
index 582275d..00a0bff 100644
--- a/tests/vcn/java/android/net/vcn/VcnTransportInfoTest.java
+++ b/tests/vcn/java/android/net/vcn/VcnTransportInfoTest.java

@@ -16,14 +16,17 @@
 
 package android.net.vcn;
 
-import static android.net.NetworkCapabilities.REDACT_ALL;
+import static android.net.NetworkCapabilities.REDACT_FOR_ACCESS_FINE_LOCATION;
+import static android.net.NetworkCapabilities.REDACT_FOR_LOCAL_MAC_ADDRESS;
 import static android.net.NetworkCapabilities.REDACT_FOR_NETWORK_SETTINGS;
+import static android.net.NetworkCapabilities.REDACT_NONE;
 import static android.telephony.SubscriptionManager.INVALID_SUBSCRIPTION_ID;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotEquals;
 import static org.junit.Assert.assertNull;
 
+import android.net.wifi.WifiConfiguration;
 import android.net.wifi.WifiInfo;
 import android.os.Parcel;
 
@@ -39,12 +42,6 @@
     private static final VcnTransportInfo WIFI_UNDERLYING_INFO = new VcnTransportInfo(WIFI_INFO);
 
     @Test
-    public void testRedactionDefaults() {
-        assertEquals(REDACT_ALL, CELL_UNDERLYING_INFO.getRedaction());
-        assertEquals(REDACT_ALL, WIFI_UNDERLYING_INFO.getRedaction());
-    }
-
-    @Test
     public void testGetWifiInfo() {
         assertEquals(WIFI_INFO, WIFI_UNDERLYING_INFO.getWifiInfo());
 
@@ -59,15 +56,15 @@
     }
 
     @Test
-    public void testMakeCopySetsRedactions() {
+    public void testMakeCopyRedactForAccessFineLocation() {
         assertEquals(
-                REDACT_FOR_NETWORK_SETTINGS,
-                ((VcnTransportInfo) CELL_UNDERLYING_INFO.makeCopy(REDACT_FOR_NETWORK_SETTINGS))
-                        .getRedaction());
+                SUB_ID,
+                ((VcnTransportInfo) CELL_UNDERLYING_INFO.makeCopy(REDACT_FOR_ACCESS_FINE_LOCATION))
+                        .getSubId());
         assertEquals(
-                REDACT_FOR_NETWORK_SETTINGS,
-                ((VcnTransportInfo) WIFI_UNDERLYING_INFO.makeCopy(REDACT_FOR_NETWORK_SETTINGS))
-                        .getRedaction());
+                WifiConfiguration.INVALID_NETWORK_ID,
+                ((VcnTransportInfo) WIFI_UNDERLYING_INFO.makeCopy(REDACT_FOR_ACCESS_FINE_LOCATION))
+                        .getWifiInfo().getNetworkId());
     }
 
     @Test
@@ -78,35 +75,31 @@
     }
 
     @Test
-    public void testParcelUnparcel() {
-        verifyParcelingIsNull(CELL_UNDERLYING_INFO);
-        verifyParcelingIsNull(WIFI_UNDERLYING_INFO);
-    }
-
-    private void verifyParcelingIsNull(VcnTransportInfo vcnTransportInfo) {
-        // Verify redacted by default
-        Parcel parcel = Parcel.obtain();
-        vcnTransportInfo.writeToParcel(parcel, 0 /* flags */);
-        parcel.setDataPosition(0);
-
-        assertNull(VcnTransportInfo.CREATOR.createFromParcel(parcel));
+    public void testApplicableRedactions() {
+        assertEquals(REDACT_NONE, CELL_UNDERLYING_INFO.getApplicableRedactions());
+        assertEquals(REDACT_FOR_ACCESS_FINE_LOCATION | REDACT_FOR_LOCAL_MAC_ADDRESS
+                        | REDACT_FOR_NETWORK_SETTINGS,
+                WIFI_UNDERLYING_INFO.getApplicableRedactions());
     }
 
     @Test
-    public void testParcelUnparcelNotRedactedForSysUi() {
-        verifyParcelingForSysUi(CELL_UNDERLYING_INFO);
-        verifyParcelingForSysUi(WIFI_UNDERLYING_INFO);
+    public void testParcelNotRedactedForSysUi() {
+        VcnTransportInfo cellRedacted = parcelForSysUi(CELL_UNDERLYING_INFO);
+        assertEquals(SUB_ID, cellRedacted.getSubId());
+        VcnTransportInfo wifiRedacted = parcelForSysUi(WIFI_UNDERLYING_INFO);
+        assertEquals(NETWORK_ID, wifiRedacted.getWifiInfo().getNetworkId());
     }
 
-    private void verifyParcelingForSysUi(VcnTransportInfo vcnTransportInfo) {
+    private VcnTransportInfo parcelForSysUi(VcnTransportInfo vcnTransportInfo) {
         // Allow fully unredacted; SysUI will have all the relevant permissions.
-        final VcnTransportInfo unRedacted = (VcnTransportInfo) vcnTransportInfo.makeCopy(0);
+        final VcnTransportInfo unRedacted = (VcnTransportInfo) vcnTransportInfo.makeCopy(
+                REDACT_NONE);
         final Parcel parcel = Parcel.obtain();
         unRedacted.writeToParcel(parcel, 0 /* flags */);
         parcel.setDataPosition(0);
 
         final VcnTransportInfo unparceled = VcnTransportInfo.CREATOR.createFromParcel(parcel);
         assertEquals(vcnTransportInfo, unparceled);
-        assertEquals(REDACT_ALL, unparceled.getRedaction());
+        return unparceled;
     }
 }
commit	327cff1969067adee4f92f059dadaf5ea7e50a47	[log] [tgz]
author	Lorenzo Colitti <lorenzo@google.com>	Mon May 10 10:19:11 2021 +0900
committer	Lorenzo Colitti <lorenzo@google.com>	Tue May 11 22:47:34 2021 +0900
tree	693b9073fadfb5fc1196b8585caa4939f275be36
parent	58250b203225ec16619d010e2df7e4d7e349412a [diff]