commit 9023598e21e3972f6deb58fcf9864a853ca38766
author William Roberts <william.c.roberts@intel.com> Tue Apr 05 08:15:54 2016 -0700
committer dcashman <dcashman@google.com> Thu Apr 28 13:33:42 2016 -0700
tree bb1cf4420cc956fd56b7d8eb274310b381aef7ec
parent a96231f250be67dccd12c1cf2049014f55ab6194

testAllBlockDevicesAreSecure: move to host side test

The testAllBlockDevicesAreSecure test is broken. Having
testAllBlockDevicesAreSecure as a device side test would require
granting permissions to the untrusted_app domain, which was
undesirable.

Move this test to host side and add permissions for shell to getattr
on block devices.

bug: 28306036
Change-Id: I36566e0b28b5c8ca69dc99a49e4cf9518b8323e2
Signed-off-by: William Roberts <william.c.roberts@intel.com>

hostsidetests/security/src/android/cts/security/FileSystemPermissionTest.java

diff --git a/hostsidetests/security/src/android/cts/security/FileSystemPermissionTest.java b/hostsidetests/security/src/android/cts/security/FileSystemPermissionTest.java
index 56cc87a..0cbd1cc 100644
--- a/hostsidetests/security/src/android/cts/security/FileSystemPermissionTest.java
+++ b/hostsidetests/security/src/android/cts/security/FileSystemPermissionTest.java
@@ -108,6 +108,12 @@
                 insecure.isEmpty());
     }
 
+    public void testAllBlockDevicesAreSecure() throws Exception {
+        Set<String> insecure = getAllInsecureDevicesInDirAndSubdir("/dev", "b");
+        assertTrue("Found insecure block devices: " + insecure.toString(),
+                insecure.isEmpty());
+    }
+
     /**
      * Searches for all world accessable files, note this may need sepolicy to search the desired
      * location and stat files.

tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java

diff --git a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
index 43313d0..24b3f2f 100644
--- a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
+++ b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
@@ -803,12 +803,6 @@
         assertTrue("/data is not mounted NODEV", (vfs.f_flag & OsConstants.ST_NODEV) != 0);
     }
 
-    public void testAllBlockDevicesAreSecure() throws Exception {
-        Set<File> insecure = getAllInsecureDevicesInDirAndSubdir(new File("/dev"), FileUtils.S_IFBLK);
-        assertTrue("Found insecure block devices: " + insecure.toString(),
-                insecure.isEmpty());
-    }
-
     public void testDevRandomWorldReadableAndWritable() throws Exception {
         File f = new File("/dev/random");