WifiService: Ignore wifi state change API in crypt debounce state

When the device is in crypt debounce state (transitioning to full disk encryption), we don't start wifi stack. Hence WifiController state machine is not initialized in this state and any public API calls from settings or other parts of the system will cause a crash. Handle this state more gracefully by explicitly failing all the state change API's in this state. Bug: 136799715 Test: atest com.android.server.wifi.WifiServiceImplTest Change-Id: I36a603c01b1421bfa5e015696902946154ea0989
author: Roshan Pius <rpius@google.com> 2019-07-29 13:24:21 -0700
committer: Roshan Pius <rpius@google.com> 2019-08-06 12:19:13 -0700
commit: 840cdc08391ef0f24adf2f46fa1ea017d3d5eac4 (patch)
tree: 368755f953467c41b4214f543314cb517d8c29d1
parent: e2921b824d04071ae5dcea6d594986b3eeda0752 (diff)
2 files changed, 83 insertions, 1 deletions
diff --git a/service/java/com/android/server/wifi/WifiServiceImpl.java b/service/java/com/android/server/wifi/WifiServiceImpl.java
index b25a84593..ea1be63eb 100644
--- a/service/java/com/android/server/wifi/WifiServiceImpl.java
+++ b/service/java/com/android/server/wifi/WifiServiceImpl.java
@@ -893,6 +893,11 @@ public class WifiServiceImpl extends BaseWifiService {
             return false;
         }
 
+        // If we're in crypt debounce, ignore any wifi state change APIs.
+        if (mFrameworkFacade.inStorageManagerCryptKeeperBounce()) {
+            return false;
+        }
+
         mLog.info("setWifiEnabled package=% uid=% enable=%").c(packageName)
                 .c(Binder.getCallingUid()).c(enable).flush();
         long ident = Binder.clearCallingIdentity();
@@ -1045,6 +1050,10 @@ public class WifiServiceImpl extends BaseWifiService {
     public boolean startSoftAp(WifiConfiguration wifiConfig) {
         // NETWORK_STACK is a signature only permission.
         enforceNetworkStackPermission();
+        // If we're in crypt debounce, ignore any wifi state change APIs.
+        if (mFrameworkFacade.inStorageManagerCryptKeeperBounce()) {
+            return false;
+        }
 
         mLog.info("startSoftAp uid=%").c(Binder.getCallingUid()).flush();
 
@@ -1091,6 +1100,10 @@ public class WifiServiceImpl extends BaseWifiService {
     public boolean stopSoftAp() {
         // NETWORK_STACK is a signature only permission.
         enforceNetworkStackPermission();
+        // If we're in crypt debounce, ignore any wifi state change APIs.
+        if (mFrameworkFacade.inStorageManagerCryptKeeperBounce()) {
+            return false;
+        }
 
         // only permitted callers are allowed to this point - they must have gone through
         // connectivity service since this method is protected with the NETWORK_STACK PERMISSION
@@ -1421,6 +1434,10 @@ public class WifiServiceImpl extends BaseWifiService {
             return LocalOnlyHotspotCallback.ERROR_INCOMPATIBLE_MODE;
         }
 
+        if (mFrameworkFacade.inStorageManagerCryptKeeperBounce()) {
+            return LocalOnlyHotspotCallback.ERROR_INCOMPATIBLE_MODE;
+        }
+
         mLog.info("startLocalOnlyHotspot uid=% pid=%").c(uid).c(pid).flush();
 
         synchronized (mLocalOnlyHotspotRequests) {
diff --git a/tests/wifitests/src/com/android/server/wifi/WifiServiceImplTest.java b/tests/wifitests/src/com/android/server/wifi/WifiServiceImplTest.java
index 80b7406ee..4ff59be5b 100644
--- a/tests/wifitests/src/com/android/server/wifi/WifiServiceImplTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/WifiServiceImplTest.java
@@ -617,6 +617,20 @@ public class WifiServiceImplTest {
     }
 
     /**
+     * Verify that wifi is not enabled when wificontroller is not started.
+     */
+    @Test
+    public void testSetWifiEnabledFailureWhenInCryptDebounce() throws Exception {
+        when(mFrameworkFacade.inStorageManagerCryptKeeperBounce()).thenReturn(true);
+        when(mContext.checkPermission(eq(android.Manifest.permission.NETWORK_SETTINGS),
+                anyInt(), anyInt())).thenReturn(PackageManager.PERMISSION_GRANTED);
+        when(mSettingsStore.handleWifiToggled(eq(true))).thenReturn(true);
+        when(mSettingsStore.isAirplaneModeOn()).thenReturn(false);
+        assertFalse(mWifiServiceImpl.setWifiEnabled(TEST_PACKAGE_NAME, true));
+        verifyZeroInteractions(mWifiController);
+    }
+
+    /**
      * Verify that wifi cannot be enabled by the apps targeting Q SDK.
      */
     @Test
@@ -829,6 +843,20 @@ public class WifiServiceImplTest {
     }
 
     /**
+     * Verify that wifi is not disabled when wificontroller is not started.
+     */
+    @Test
+    public void testSetWifiDisabledFailureWhenInCryptDebounce() throws Exception {
+        when(mFrameworkFacade.inStorageManagerCryptKeeperBounce()).thenReturn(true);
+        when(mContext.checkPermission(eq(android.Manifest.permission.NETWORK_SETTINGS),
+                anyInt(), anyInt())).thenReturn(PackageManager.PERMISSION_GRANTED);
+        when(mSettingsStore.handleWifiToggled(eq(false))).thenReturn(false);
+        when(mSettingsStore.isAirplaneModeOn()).thenReturn(false);
+        assertFalse(mWifiServiceImpl.setWifiEnabled(TEST_PACKAGE_NAME, false));
+        verifyZeroInteractions(mWifiController);
+    }
+
+    /**
      * Verify that wifi cannot be disabled by the apps targeting Q SDK.
      */
     @Test
@@ -1085,6 +1113,19 @@ public class WifiServiceImplTest {
     }
 
     /**
+     * Verify does not start softap when wificontroller is not started.
+     */
+    @Test
+    public void testStartSoftApWhenInCryptDebounce() {
+        when(mFrameworkFacade.inStorageManagerCryptKeeperBounce()).thenReturn(true);
+
+        WifiConfiguration config = createValidSoftApConfiguration();
+        boolean result = mWifiServiceImpl.startSoftAp(config);
+        assertFalse(result);
+        verifyZeroInteractions(mWifiController);
+    }
+
+    /**
      * Verify a SecurityException is thrown when a caller without the correct permission attempts to
      * start softap.
      */
@@ -1108,6 +1149,18 @@ public class WifiServiceImplTest {
     }
 
     /**
+     * Verify does not stop softap when wificontroller is not started.
+     */
+    @Test
+    public void testStopSoftApWhenInCryptDebounce() {
+        when(mFrameworkFacade.inStorageManagerCryptKeeperBounce()).thenReturn(true);
+
+        boolean result = mWifiServiceImpl.stopSoftAp();
+        assertFalse(result);
+        verifyZeroInteractions(mWifiController);
+    }
+
+    /**
      * Verify SecurityException is thrown when a caller without the correct permission attempts to
      * stop softap.
      */
@@ -1462,6 +1515,19 @@ public class WifiServiceImplTest {
     }
 
     /**
+     * Only start LocalOnlyHotspot if device is in crypt debounce mode.
+     */
+    @Test
+    public void testStartLocalOnlyHotspotFailsIfInCryptDebounce() throws Exception {
+        when(mWifiPermissionsUtil.isLocationModeEnabled()).thenReturn(true);
+        when(mFrameworkFacade.isAppForeground(anyInt())).thenReturn(true);
+        when(mFrameworkFacade.inStorageManagerCryptKeeperBounce()).thenReturn(true);
+        int result = mWifiServiceImpl.startLocalOnlyHotspot(mAppMessenger, mAppBinder,
+                TEST_PACKAGE_NAME);
+        assertEquals(LocalOnlyHotspotCallback.ERROR_INCOMPATIBLE_MODE, result);
+    }
+
+    /**
      * Only start LocalOnlyHotspot if we are not tethering.
      */
     @Test
@@ -1479,7 +1545,6 @@ public class WifiServiceImplTest {
 
         // Start another session without a stop, that should fail.
         assertFalse(mWifiServiceImpl.startSoftAp(createValidSoftApConfiguration()));
-
         verifyNoMoreInteractions(mWifiController);
     }
author	Roshan Pius <rpius@google.com>	2019-07-29 13:24:21 -0700
committer	Roshan Pius <rpius@google.com>	2019-08-06 12:19:13 -0700
commit	840cdc08391ef0f24adf2f46fa1ea017d3d5eac4 (patch)
tree	368755f953467c41b4214f543314cb517d8c29d1
parent	e2921b824d04071ae5dcea6d594986b3eeda0752 (diff)