Merge "Merge "Merge "Merge "BannedFilesTest: Detect "rootmydevice" vulnerability" into kitkat-cts-dev am: dd8ee3dca0" into lollipop-cts-dev am: 0732f30afe" into lollipop-mr1-cts-dev am: dba358fa3e" into marshmallow-cts-dev
am: 0675f542a8
* commit '0675f542a8a6d364cbda582cc6b9d7e208809324':
BannedFilesTest: Detect "rootmydevice" vulnerability
Change-Id: I201305fb8e410bdee54ed8b0b1b8ae97ad209828
diff --git a/tests/tests/security/src/android/security/cts/BannedFilesTest.java b/tests/tests/security/src/android/security/cts/BannedFilesTest.java
index 00c4631..83d979d 100644
--- a/tests/tests/security/src/android/security/cts/BannedFilesTest.java
+++ b/tests/tests/security/src/android/security/cts/BannedFilesTest.java
@@ -139,4 +139,15 @@
assertTrue("File \"" + file + "\" is setUID", (fs.mode & FileUtils.S_ISUID) == 0);
assertTrue("File \"" + file + "\" is setGID", (fs.mode & FileUtils.S_ISGID) == 0);
}
+
+ /**
+ * Detect "rootmydevice" vulnerability
+ *
+ * References:
+ *
+ * http://www.theregister.co.uk/2016/05/09/allwinners_allloser_custom_kernel_has_a_nasty_root_backdoor/
+ */
+ public void testNoSunxiDebug() {
+ assertFalse("/proc/sunxi_debug/sunxi_debug", new File("/proc/sunxi_debug/sunxi_debug").exists());
+ }
}