Merge remote branch 'goog/honeycomb-mr1' into honeycomb-mr2
diff --git a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
index 4c4d82c..a90d48d 100644
--- a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
+++ b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
@@ -183,10 +183,26 @@
"/data/dalvik-cache",
"/data/data/.drm",
"/data/data/.drm/.wmdrm",
+ "/data/data/cw",
+ "/data/data/com.android.htcprofile",
+ "/data/data/com.htc.android.qxdm2sd",
+ "/data/data/com.htc.android.qxdm2sd/bin",
+ "/data/data/com.htc.android.qxdm2sd/data",
+ "/data/data/com.htc.android.qxdm2sd/tmp",
+ "/data/data/com.htc.android.netlogger/data",
+ "/data/data/com.htc.messagecs/att",
+ "/data/data/com.htc.messagecs/pdu",
+ "/data/data/com.htc.loggers/bin",
+ "/data/data/com.htc.loggers/data",
+ "/data/data/com.htc.loggers/htclog",
+ "/data/data/com.htc.loggers/tmp",
+ "/data/data/com.htc.loggers/htcghost",
+ "/data/data/com.android.providers.drm/rights",
"/data/dontpanic",
"/data/drm",
"/data/drm/rights",
"/data/dump",
+ "/data/htcfs",
"/data/local",
"/data/local/tmp/com.nuance.android.vsuite.vsuiteapp",
"/data/log",
@@ -204,11 +220,13 @@
"/data/wiper",
"/data/wpstiles",
"/dbdata/databases",
+ "/efs/.android",
"/mnt_ext",
"/mnt_ext/badablk2",
"/mnt_ext/badablk3",
"/mnt_ext/cache",
- "/mnt_ext/data"
+ "/mnt_ext/data",
+ "/system/etc/security/drm"
)
);
diff --git a/tests/tests/security/src/android/security/cts/VoldExploitTest.java b/tests/tests/security/src/android/security/cts/VoldExploitTest.java
index 8fbf874..3957bbe 100644
--- a/tests/tests/security/src/android/security/cts/VoldExploitTest.java
+++ b/tests/tests/security/src/android/security/cts/VoldExploitTest.java
@@ -25,7 +25,9 @@
import android.os.storage.StorageManager;
import android.test.AndroidTestCase;
+import java.io.BufferedReader;
import java.io.File;
+import java.io.FileReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
@@ -50,8 +52,7 @@
* is the typical failure for this test.
*/
public void testZergRushCrash() throws Exception {
- Set<Integer> pids = getPids();
- assertTrue(pids.size() > 1); // at least vold and netd should exist
+ int pid = findVold();
StorageManager sm = (StorageManager) getContext().getSystemService(Context.STORAGE_SERVICE);
try {
@@ -63,19 +64,17 @@
+ "AAAA AAAA AAAA AAAA"
+ "AAAA AAAA AAAA AAAA"
+ "AAAA AAAA AAAA AAAA");
- fail("Should have gotten an IllegalStateException");
} catch (IllegalStateException e) {
// expected
}
- // Check to see if all the processes are still alive. If
- // any of them have died, we found an exploitable bug.
- for (int i : pids) {
- assertTrue(
- "PID=" + i + " crashed due to a malformed mount message."
- + " Detected unpatched ZergRush vulnerability (CVE-2011-3874).",
- new File("/proc/" + i + "/cmdline").exists());
- }
+ Thread.sleep(2000); // give vold some time to crash
+
+ // Check to see if vold is still alive.
+ assertTrue(
+ "PID=" + pid + " crashed due to a malformed mount message."
+ + " Detected unpatched ZergRush vulnerability (CVE-2011-3874).",
+ new File("/proc/" + pid + "/cmdline").exists());
}
/**
@@ -91,15 +90,14 @@
*
* This test accomplishes the same thing as {@link #testZergRushCrash()}
*/
- public void testZergRushUsingRelection() {
+ public void testZergRushUsingRelection() throws Exception {
// This test assumes we have the MOUNT_UNMOUNT_FILESYSTEMS permission
// Check it first so we know we're reaching the vulnerable code.
assertEquals(PackageManager.PERMISSION_GRANTED,
getContext().checkCallingOrSelfPermission(
android.Manifest.permission.MOUNT_UNMOUNT_FILESYSTEMS));
- Set<Integer> pids = getPids();
- assertTrue(pids.size() > 1); // at least vold and netd should exist
+ int pid = findVold();
try {
Object iBinderObj = Class.forName("android.os.ServiceManager")
@@ -143,14 +141,13 @@
// remote failure. Assume not exploitable.
}
- // Check to see if all the processes are still alive. If
- // any of them have died, we found an exploitable bug.
- for (int i : pids) {
- assertTrue(
- "PID=" + i + " crashed due to a malformed mount message."
- + " Detected unpatched ZergRush vulnerability (CVE-2011-3874).",
- new File("/proc/" + i + "/cmdline").exists());
- }
+ Thread.sleep(2000); // give vold some time to crash
+
+ // Check to see if vold is still alive.
+ assertTrue(
+ "PID=" + pid + " crashed due to a malformed mount message."
+ + " Detected unpatched ZergRush vulnerability (CVE-2011-3874).",
+ new File("/proc/" + pid + "/cmdline").exists());
}
/**
@@ -282,6 +279,29 @@
}
}
+ private static int findVold() throws IOException {
+ File f = new File("/proc");
+ for (File d : f.listFiles()) {
+ String cmdLineString = d.getAbsolutePath() + "/cmdline";
+ File cmdLine = new File(cmdLineString);
+ if (cmdLine.exists()) {
+ BufferedReader in = null;
+ try {
+ in = new BufferedReader(new FileReader(cmdLine));
+ String line = in.readLine();
+ if ((line != null) && line.startsWith("/system/bin/vold")) {
+ return Integer.decode(d.getName());
+ }
+ } finally {
+ if (in != null) {
+ in.close();
+ }
+ }
+ }
+ }
+ throw new RuntimeException("should never get here");
+ }
+
/**
* Extract all the PIDs listening for netlink messages.
*/
diff --git a/tests/tests/text/src/android/text/method/cts/TextKeyListenerTest.java b/tests/tests/text/src/android/text/method/cts/TextKeyListenerTest.java
index 1d239f7..932e5c0 100644
--- a/tests/tests/text/src/android/text/method/cts/TextKeyListenerTest.java
+++ b/tests/tests/text/src/android/text/method/cts/TextKeyListenerTest.java
@@ -244,11 +244,6 @@
}
}
- private int getKeyboardType() {
- KeyCharacterMap kmap = KeyCharacterMap.load(KeyCharacterMap.BUILT_IN_KEYBOARD);
- return kmap.getKeyboardType();
- }
-
/**
* Check point:
* 1. press KEYCODE_4 once. if it's ALPHA key board, text will be "4", if it's
@@ -274,7 +269,6 @@
public void testPressKey() {
final TextKeyListener textKeyListener
= TextKeyListener.getInstance(false, Capitalize.NONE);
- int keyType = getKeyboardType();
mActivity.runOnUiThread(new Runnable() {
public void run() {
@@ -290,7 +284,9 @@
sendKeys(KeyEvent.KEYCODE_4);
waitForListenerTimeout();
String text = mTextView.getText().toString();
- if (KeyCharacterMap.ALPHA == keyType) {
+ int keyType = KeyCharacterMap.load(KeyCharacterMap.VIRTUAL_KEYBOARD).getKeyboardType();
+ if (KeyCharacterMap.ALPHA == keyType
+ || KeyCharacterMap.FULL == keyType) {
assertEquals("4", text);
} else if (KeyCharacterMap.NUMERIC == keyType) {
assertEquals("g", text);