Add xfrm mark in IpSecConfig
Bug: 63589600
Test: runtest frameworks-net
Change-Id: I2d38d781b8b31d8bf39fd4e9a7e31509f15a9e16
diff --git a/core/java/android/net/IpSecConfig.java b/core/java/android/net/IpSecConfig.java
index 80b0af3..6a262e2 100644
--- a/core/java/android/net/IpSecConfig.java
+++ b/core/java/android/net/IpSecConfig.java
@@ -65,6 +65,10 @@
// An interval, in seconds between the NattKeepalive packets
private int mNattKeepaliveInterval;
+ // XFRM mark and mask
+ private int mMarkValue;
+ private int mMarkMask;
+
/** Set the mode for this IPsec transform */
public void setMode(int mode) {
mMode = mode;
@@ -121,6 +125,14 @@
mNattKeepaliveInterval = interval;
}
+ public void setMarkValue(int mark) {
+ mMarkValue = mark;
+ }
+
+ public void setMarkMask(int mask) {
+ mMarkMask = mask;
+ }
+
// Transport or Tunnel
public int getMode() {
return mMode;
@@ -170,6 +182,14 @@
return mNattKeepaliveInterval;
}
+ public int getMarkValue() {
+ return mMarkValue;
+ }
+
+ public int getMarkMask() {
+ return mMarkMask;
+ }
+
// Parcelable Methods
@Override
@@ -191,6 +211,8 @@
out.writeInt(mEncapSocketResourceId);
out.writeInt(mEncapRemotePort);
out.writeInt(mNattKeepaliveInterval);
+ out.writeInt(mMarkValue);
+ out.writeInt(mMarkMask);
}
@VisibleForTesting
@@ -212,6 +234,8 @@
mEncapSocketResourceId = in.readInt();
mEncapRemotePort = in.readInt();
mNattKeepaliveInterval = in.readInt();
+ mMarkValue = in.readInt();
+ mMarkMask = in.readInt();
}
@Override
@@ -242,6 +266,10 @@
.append(mAuthentication)
.append(", mAuthenticatedEncryption=")
.append(mAuthenticatedEncryption)
+ .append(", mMarkValue=")
+ .append(mMarkValue)
+ .append(", mMarkMask=")
+ .append(mMarkMask)
.append("}");
return strBuilder.toString();
@@ -275,6 +303,8 @@
&& IpSecAlgorithm.equals(lhs.mEncryption, rhs.mEncryption)
&& IpSecAlgorithm.equals(
lhs.mAuthenticatedEncryption, rhs.mAuthenticatedEncryption)
- && IpSecAlgorithm.equals(lhs.mAuthentication, rhs.mAuthentication));
+ && IpSecAlgorithm.equals(lhs.mAuthentication, rhs.mAuthentication)
+ && lhs.mMarkValue == rhs.mMarkValue
+ && lhs.mMarkMask == rhs.mMarkMask);
}
}
diff --git a/services/core/java/com/android/server/IpSecService.java b/services/core/java/com/android/server/IpSecService.java
index 46a35ec..09d7d9b 100644
--- a/services/core/java/com/android/server/IpSecService.java
+++ b/services/core/java/com/android/server/IpSecService.java
@@ -566,7 +566,9 @@
mResourceId,
mConfig.getSourceAddress(),
mConfig.getDestinationAddress(),
- spi);
+ spi,
+ mConfig.getMarkValue(),
+ mConfig.getMarkMask());
} catch (ServiceSpecificException e) {
// FIXME: get the error code and throw is at an IOException from Errno Exception
} catch (RemoteException e) {
@@ -634,7 +636,7 @@
mSrvConfig
.getNetdInstance()
.ipSecDeleteSecurityAssociation(
- mResourceId, mSourceAddress, mDestinationAddress, mSpi);
+ mResourceId, mSourceAddress, mDestinationAddress, mSpi, 0, 0);
} catch (ServiceSpecificException e) {
// FIXME: get the error code and throw is at an IOException from Errno Exception
} catch (RemoteException e) {
@@ -1153,6 +1155,8 @@
c.getDestinationAddress(),
(c.getNetwork() != null) ? c.getNetwork().netId : 0,
spiRecord.getSpi(),
+ c.getMarkValue(),
+ c.getMarkMask(),
(auth != null) ? auth.getName() : "",
(auth != null) ? auth.getKey() : new byte[] {},
(auth != null) ? auth.getTruncationLengthBits() : 0,