diff options
| author | Mark Salyzyn | 2017-04-20 11:59:01 -0500 |
|---|---|---|
| committer | Mark Salyzyn | 2017-04-21 10:20:56 -0500 |
| commit | b7140c26d5a4628ca1feae19988585df9e11d652 (patch) | |
| tree | 992f3d76025efae28dd294435ce702e24586ee80 /liblog/tests | |
| parent | ad8d533a045d44c7eb3142f38e715ffbb6b80b2c (diff) | |
| download | platform-system-core-b7140c26d5a4628ca1feae19988585df9e11d652.tar.gz platform-system-core-b7140c26d5a4628ca1feae19988585df9e11d652.tar.xz platform-system-core-b7140c26d5a4628ca1feae19988585df9e11d652.zip | |
liblog: test: liblog.__security miscalculation
(cherry pick from commit b867beac562edeec9006f876956407d00b71b314)
The gTest should not be able to set ro.device_owner, either as a unit
test or a CTS test. The CTS test should not be able to set
persist.logd.security, the gTest may as it is run on userdebug with
root, so check if we are root to discern expectations.
Test: gTest liblog-unit-tests --gtest_filter=liblog.__security
Test: cts-tradefed run cts-dev -a armeabi-v7a -m CtsLiblogTestCases -t liblog#__security
Bug: 36480230
Change-Id: I1da88aae34da4e2fca8dd88d740eeb879d9c65bb
Diffstat (limited to 'liblog/tests')
| -rw-r--r-- | liblog/tests/liblog_test.cpp | 61 |
1 files changed, 51 insertions, 10 deletions
diff --git a/liblog/tests/liblog_test.cpp b/liblog/tests/liblog_test.cpp index 70b8a28a4..ec32da076 100644 --- a/liblog/tests/liblog_test.cpp +++ b/liblog/tests/liblog_test.cpp | |||
| @@ -1839,6 +1839,7 @@ TEST(liblog, __security) { | |||
| 1839 | // that it can be determined the property is not set. | 1839 | // that it can be determined the property is not set. |
| 1840 | static const char nothing_val[] = "_NOTHING_TO_SEE_HERE_"; | 1840 | static const char nothing_val[] = "_NOTHING_TO_SEE_HERE_"; |
| 1841 | char persist[PROP_VALUE_MAX]; | 1841 | char persist[PROP_VALUE_MAX]; |
| 1842 | char persist_hold[PROP_VALUE_MAX]; | ||
| 1842 | char readonly[PROP_VALUE_MAX]; | 1843 | char readonly[PROP_VALUE_MAX]; |
| 1843 | 1844 | ||
| 1844 | // First part of this test requires the test itself to have the appropriate | 1845 | // First part of this test requires the test itself to have the appropriate |
| @@ -1846,14 +1847,16 @@ TEST(liblog, __security) { | |||
| 1846 | // bail rather than give a failing grade. | 1847 | // bail rather than give a failing grade. |
| 1847 | property_get(persist_key, persist, ""); | 1848 | property_get(persist_key, persist, ""); |
| 1848 | fprintf(stderr, "INFO: getprop %s -> %s\n", persist_key, persist); | 1849 | fprintf(stderr, "INFO: getprop %s -> %s\n", persist_key, persist); |
| 1850 | strncpy(persist_hold, persist, PROP_VALUE_MAX); | ||
| 1849 | property_get(readonly_key, readonly, nothing_val); | 1851 | property_get(readonly_key, readonly, nothing_val); |
| 1850 | fprintf(stderr, "INFO: getprop %s -> %s\n", readonly_key, readonly); | 1852 | fprintf(stderr, "INFO: getprop %s -> %s\n", readonly_key, readonly); |
| 1851 | 1853 | ||
| 1852 | if (!strcmp(readonly, nothing_val)) { | 1854 | if (!strcmp(readonly, nothing_val)) { |
| 1855 | // Lets check if we can set the value (we should not be allowed to do so) | ||
| 1853 | EXPECT_FALSE(__android_log_security()); | 1856 | EXPECT_FALSE(__android_log_security()); |
| 1854 | fprintf(stderr, "WARNING: setting ro.device_owner to a domain\n"); | 1857 | fprintf(stderr, "WARNING: setting ro.device_owner to a domain\n"); |
| 1855 | static const char domain[] = "com.google.android.SecOps.DeviceOwner"; | 1858 | static const char domain[] = "com.google.android.SecOps.DeviceOwner"; |
| 1856 | property_set(readonly_key, domain); | 1859 | EXPECT_NE(0, property_set(readonly_key, domain)); |
| 1857 | useconds_t total_time = 0; | 1860 | useconds_t total_time = 0; |
| 1858 | static const useconds_t seconds = 1000000; | 1861 | static const useconds_t seconds = 1000000; |
| 1859 | static const useconds_t max_time = 5 * seconds; // not going to happen | 1862 | static const useconds_t max_time = 5 * seconds; // not going to happen |
| @@ -1870,9 +1873,12 @@ TEST(liblog, __security) { | |||
| 1870 | break; | 1873 | break; |
| 1871 | } | 1874 | } |
| 1872 | } | 1875 | } |
| 1873 | EXPECT_STREQ(readonly, domain); | 1876 | EXPECT_STRNE(domain, readonly); |
| 1874 | } else if (!strcasecmp(readonly, "false") || !readonly[0]) { | 1877 | } |
| 1875 | // not enough permissions to run | 1878 | |
| 1879 | if (!strcasecmp(readonly, "false") || !readonly[0] || | ||
| 1880 | !strcmp(readonly, nothing_val)) { | ||
| 1881 | // not enough permissions to run tests surrounding persist.logd.security | ||
| 1876 | EXPECT_FALSE(__android_log_security()); | 1882 | EXPECT_FALSE(__android_log_security()); |
| 1877 | return; | 1883 | return; |
| 1878 | } | 1884 | } |
| @@ -1883,16 +1889,51 @@ TEST(liblog, __security) { | |||
| 1883 | EXPECT_FALSE(__android_log_security()); | 1889 | EXPECT_FALSE(__android_log_security()); |
| 1884 | } | 1890 | } |
| 1885 | property_set(persist_key, "TRUE"); | 1891 | property_set(persist_key, "TRUE"); |
| 1886 | EXPECT_TRUE(__android_log_security()); | 1892 | property_get(persist_key, persist, ""); |
| 1893 | uid_t uid = getuid(); | ||
| 1894 | gid_t gid = getgid(); | ||
| 1895 | bool perm = (gid == AID_ROOT) || (uid == AID_ROOT); | ||
| 1896 | EXPECT_STREQ(perm ? "TRUE" : persist_hold, persist); | ||
| 1897 | if (!strcasecmp(persist, "true")) { | ||
| 1898 | EXPECT_TRUE(__android_log_security()); | ||
| 1899 | } else { | ||
| 1900 | EXPECT_FALSE(__android_log_security()); | ||
| 1901 | } | ||
| 1887 | property_set(persist_key, "FALSE"); | 1902 | property_set(persist_key, "FALSE"); |
| 1888 | EXPECT_FALSE(__android_log_security()); | 1903 | property_get(persist_key, persist, ""); |
| 1904 | EXPECT_STREQ(perm ? "FALSE" : persist_hold, persist); | ||
| 1905 | if (!strcasecmp(persist, "true")) { | ||
| 1906 | EXPECT_TRUE(__android_log_security()); | ||
| 1907 | } else { | ||
| 1908 | EXPECT_FALSE(__android_log_security()); | ||
| 1909 | } | ||
| 1889 | property_set(persist_key, "true"); | 1910 | property_set(persist_key, "true"); |
| 1890 | EXPECT_TRUE(__android_log_security()); | 1911 | property_get(persist_key, persist, ""); |
| 1912 | EXPECT_STREQ(perm ? "true" : persist_hold, persist); | ||
| 1913 | if (!strcasecmp(persist, "true")) { | ||
| 1914 | EXPECT_TRUE(__android_log_security()); | ||
| 1915 | } else { | ||
| 1916 | EXPECT_FALSE(__android_log_security()); | ||
| 1917 | } | ||
| 1891 | property_set(persist_key, "false"); | 1918 | property_set(persist_key, "false"); |
| 1892 | EXPECT_FALSE(__android_log_security()); | 1919 | property_get(persist_key, persist, ""); |
| 1920 | EXPECT_STREQ(perm ? "false" : persist_hold, persist); | ||
| 1921 | if (!strcasecmp(persist, "true")) { | ||
| 1922 | EXPECT_TRUE(__android_log_security()); | ||
| 1923 | } else { | ||
| 1924 | EXPECT_FALSE(__android_log_security()); | ||
| 1925 | } | ||
| 1893 | property_set(persist_key, ""); | 1926 | property_set(persist_key, ""); |
| 1894 | EXPECT_FALSE(__android_log_security()); | 1927 | property_get(persist_key, persist, ""); |
| 1895 | property_set(persist_key, persist); | 1928 | EXPECT_STREQ(perm ? "" : persist_hold, persist); |
| 1929 | if (!strcasecmp(persist, "true")) { | ||
| 1930 | EXPECT_TRUE(__android_log_security()); | ||
| 1931 | } else { | ||
| 1932 | EXPECT_FALSE(__android_log_security()); | ||
| 1933 | } | ||
| 1934 | property_set(persist_key, persist_hold); | ||
| 1935 | property_get(persist_key, persist, ""); | ||
| 1936 | EXPECT_STREQ(persist_hold, persist); | ||
| 1896 | #else | 1937 | #else |
| 1897 | GTEST_LOG_(INFO) << "This test does nothing.\n"; | 1938 | GTEST_LOG_(INFO) << "This test does nothing.\n"; |
| 1898 | #endif | 1939 | #endif |