Merge "Modify UiAutomator cts tests and app to improve scroll check" into jb-mr2-dev
diff --git a/tests/tests/location/src/android/location/cts/LocationManagerTest.java b/tests/tests/location/src/android/location/cts/LocationManagerTest.java
index 5e823bc..2a2274c 100755
--- a/tests/tests/location/src/android/location/cts/LocationManagerTest.java
+++ b/tests/tests/location/src/android/location/cts/LocationManagerTest.java
@@ -660,6 +660,13 @@
// update location to outside proximity range
updateLocationAndWait(FUSED_PROVIDER_NAME, 30, 30);
registerProximityListener(0, 0, 1000, expiration);
+
+ // Adding geofences is asynchronous, the return of LocationManager.addProximityAlert
+ // doesn't mean that geofences are already being monitored. Wait for a few milliseconds
+ // so that GeofenceManager is actively monitoring locations before we send the mock
+ // location to avoid flaky tests.
+ Thread.sleep(500);
+
updateLocationAndWait(FUSED_PROVIDER_NAME, 0, 0);
waitForReceiveBroadcast();
assertProximityType(true);
diff --git a/tests/tests/media/src/android/media/cts/DecoderTest.java b/tests/tests/media/src/android/media/cts/DecoderTest.java
index 8fbee93..1e91c09 100644
--- a/tests/tests/media/src/android/media/cts/DecoderTest.java
+++ b/tests/tests/media/src/android/media/cts/DecoderTest.java
@@ -103,7 +103,6 @@
short [] mono = decodeToMemory(res, false);
if (mono.length == 44100) {
// expected
- return;
} else if (mono.length == 88200) {
// the decoder output 2 channels instead of 1, check that the left and right channel
// are identical
@@ -116,7 +115,7 @@
// we should get the same data when reconfiguring the codec
short [] mono2 = decodeToMemory(res, true);
- Arrays.equals(mono, mono2);
+ assertTrue(Arrays.equals(mono, mono2));
}
/**
diff --git a/tests/tests/permission/jni/android_permission_cts_FileUtils.cpp b/tests/tests/permission/jni/android_permission_cts_FileUtils.cpp
index c658af6..272bbdc 100644
--- a/tests/tests/permission/jni/android_permission_cts_FileUtils.cpp
+++ b/tests/tests/permission/jni/android_permission_cts_FileUtils.cpp
@@ -16,10 +16,15 @@
#include <jni.h>
#include <stdio.h>
+#include <cutils/log.h>
+#include <linux/xattr.h>
#include <sys/types.h>
#include <sys/stat.h>
+#include <sys/xattr.h>
+#include <sys/capability.h>
#include <grp.h>
#include <pwd.h>
+#include <string.h>
static jfieldID gFileStatusDevFieldID;
static jfieldID gFileStatusInoFieldID;
@@ -87,6 +92,44 @@
return env->NewStringUTF(grp->gr_name);
}
+static jboolean isPermittedCapBitSet(JNIEnv* env, jstring path, size_t capId)
+{
+ const char* pathStr = env->GetStringUTFChars(path, NULL);
+ jboolean ret = false;
+
+ struct vfs_cap_data capData;
+ memset(&capData, 0, sizeof(capData));
+
+ ssize_t result = getxattr(pathStr, XATTR_NAME_CAPS, &capData,
+ sizeof(capData));
+ if (result > 0) {
+ ret = (capData.data[CAP_TO_INDEX(capId)].permitted &
+ CAP_TO_MASK(capId)) != 0;
+ ALOGD("isPermittedCapBitSet(): getxattr(\"%s\") call succeeded, "
+ "cap bit %u %s",
+ pathStr, capId, ret ? "set" : "unset");
+ } else {
+ ALOGD("isPermittedCapBitSet(): getxattr(\"%s\") call failed: "
+ "return %d (error: %s (%d))\n",
+ pathStr, result, strerror(errno), errno);
+ }
+
+ env->ReleaseStringUTFChars(path, pathStr);
+ return ret;
+}
+
+jboolean android_permission_cts_FileUtils_hasSetUidCapability(JNIEnv* env,
+ jobject clazz, jstring path)
+{
+ return isPermittedCapBitSet(env, path, CAP_SETUID);
+}
+
+jboolean android_permission_cts_FileUtils_hasSetGidCapability(JNIEnv* env,
+ jobject clazz, jstring path)
+{
+ return isPermittedCapBitSet(env, path, CAP_SETGID);
+}
+
static JNINativeMethod gMethods[] = {
{ "getFileStatus", "(Ljava/lang/String;Landroid/permission/cts/FileUtils$FileStatus;Z)Z",
(void *) android_permission_cts_FileUtils_getFileStatus },
@@ -94,6 +137,10 @@
(void *) android_permission_cts_FileUtils_getUserName },
{ "getGroupName", "(I)Ljava/lang/String;",
(void *) android_permission_cts_FileUtils_getGroupName },
+ { "hasSetUidCapability", "(Ljava/lang/String;)Z",
+ (void *) android_permission_cts_FileUtils_hasSetUidCapability },
+ { "hasSetGidCapability", "(Ljava/lang/String;)Z",
+ (void *) android_permission_cts_FileUtils_hasSetGidCapability },
};
int register_android_permission_cts_FileUtils(JNIEnv* env)
diff --git a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
index 3f37249..66b59f5 100644
--- a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
+++ b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
@@ -389,6 +389,7 @@
"/data/data/recovery/HTCFOTA",
"/data/data/recovery/OMADM",
"/data/data/shared",
+ "/data/diag_logs",
"/data/dontpanic",
"/data/drm",
"/data/drm/fwdlock",
@@ -456,6 +457,7 @@
"/data/property",
"/data/radio",
"/data/secure",
+ "/data/security",
"/data/sensors",
"/data/shared",
"/data/simcom",
@@ -464,6 +466,7 @@
"/data/system",
"/data/tmp",
"/data/tombstones",
+ "/data/tombstones/ramdump",
"/data/tpapi",
"/data/tpapi/etc",
"/data/tpapi/etc/tpa",
@@ -736,6 +739,30 @@
(status.mode & 0666) == 0666);
}
+ /**
+ * Test that the /system/bin/run-as command has setuid and setgid
+ * attributes set on the file. If these calls fail, debugger
+ * breakpoints for native code will not work as run-as will not
+ * be able to perform required elevated-privilege functionality.
+ */
+ public void testRunAsHasCorrectCapabilities() throws Exception {
+ // ensure file is user and group read/executable
+ String filename = "/system/bin/run-as";
+ FileUtils.FileStatus status = new FileUtils.FileStatus();
+ assertTrue(FileUtils.getFileStatus(filename, status, false));
+ assertTrue(status.hasModeFlag(FileUtils.S_IRUSR | FileUtils.S_IXUSR));
+ assertTrue(status.hasModeFlag(FileUtils.S_IRGRP | FileUtils.S_IXGRP));
+
+ // ensure file owner/group is set correctly
+ File f = new File(filename);
+ assertFileOwnedBy(f, "root");
+ assertFileOwnedByGroup(f, "shell");
+
+ // ensure file has setuid/setgid enabled
+ assertTrue(FileUtils.hasSetUidCapability(filename));
+ assertTrue(FileUtils.hasSetGidCapability(filename));
+ }
+
private static Set<File>
getAllInsecureDevicesInDirAndSubdir(File dir, int type) throws Exception {
assertTrue(dir.isDirectory());
diff --git a/tests/tests/permission/src/android/permission/cts/FileUtils.java b/tests/tests/permission/src/android/permission/cts/FileUtils.java
index 56e773a..9cd4999 100644
--- a/tests/tests/permission/src/android/permission/cts/FileUtils.java
+++ b/tests/tests/permission/src/android/permission/cts/FileUtils.java
@@ -94,4 +94,7 @@
public native static String getGroupName(int gid);
+ public native static boolean hasSetUidCapability(String path);
+
+ public native static boolean hasSetGidCapability(String path);
}
diff --git a/tests/tests/security/src/android/security/cts/BannedFilesTest.java b/tests/tests/security/src/android/security/cts/BannedFilesTest.java
index 6ce8588..f1db0cb 100644
--- a/tests/tests/security/src/android/security/cts/BannedFilesTest.java
+++ b/tests/tests/security/src/android/security/cts/BannedFilesTest.java
@@ -20,6 +20,8 @@
import junit.framework.TestCase;
+import java.io.File;
+
public class BannedFilesTest extends TestCase {
/**
@@ -38,6 +40,26 @@
assertNotSetugid("/system/bin/sync_agent");
}
+ public void testNoSu() {
+ assertFalse("/sbin/su", new File("/sbin/su").exists());
+ assertFalse("/system/bin/su", new File("/system/bin/su").exists());
+ assertFalse("/system/sbin/su", new File("/system/sbin/su").exists());
+ assertFalse("/system/xbin/su", new File("/system/xbin/su").exists());
+ assertFalse("/vendor/bin/su", new File("/vendor/bin/su").exists());
+ }
+
+ public void testNoSuInPath() {
+ String path = System.getenv("PATH");
+ if (path == null) {
+ return;
+ }
+ String[] elems = path.split(":");
+ for (String i : elems) {
+ File f = new File(i, "su");
+ assertFalse(f.getAbsolutePath() + " exists", f.exists());
+ }
+ }
+
/**
* setuid or setgid "ip" command can be used to modify the
* routing tables of a device, potentially allowing a malicious