diff options
| author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-11-15 01:51:59 +0000 |
|---|---|---|
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-11-15 01:51:59 +0000 |
| commit | 2f315a626e742e3520bb0d3414f5adbd20f8fe26 (patch) | |
| tree | 453f4cfc7815bb30be595389f3dfceffd281164c | |
| parent | 0e6e41947f8c11f3e0bbb2e233b04a1a28c24972 (diff) | |
| parent | a448ffc825a5a7d9f3c6a8365ff3a76cd9ba05a8 (diff) | |
| download | cts-android13-qpr1-s5-release.tar.gz | |
Merge cherrypicks of [20111692] into tm-qpr1-release.android-13.0.0_r30android-13.0.0_r29android-13.0.0_r28android-13.0.0_r27android-13.0.0_r24android-13.0.0_r23android-13.0.0_r22android-13.0.0_r21android-13.0.0_r20android-13.0.0_r19android13-qpr1-s8-releaseandroid13-qpr1-s7-releaseandroid13-qpr1-s6-releaseandroid13-qpr1-s5-releaseandroid13-qpr1-s4-releaseandroid13-qpr1-s3-releaseandroid13-qpr1-s2-releaseandroid13-qpr1-release
Change-Id: I70ad180838b89444d038be9c1f9eb935c7585e4d
| -rw-r--r-- | hostsidetests/security/src/android/security/cts/FileSystemPermissionTest.java | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/hostsidetests/security/src/android/security/cts/FileSystemPermissionTest.java b/hostsidetests/security/src/android/security/cts/FileSystemPermissionTest.java index 1372e2f50d2..66a004c6cf7 100644 --- a/hostsidetests/security/src/android/security/cts/FileSystemPermissionTest.java +++ b/hostsidetests/security/src/android/security/cts/FileSystemPermissionTest.java @@ -1,7 +1,7 @@ package android.security.cts; -import com.android.tradefed.device.ITestDevice; import com.android.tradefed.device.DeviceNotAvailableException; +import com.android.tradefed.device.ITestDevice; import com.android.tradefed.testtype.DeviceTestCase; import java.util.Arrays; @@ -64,15 +64,14 @@ public class FileSystemPermissionTest extends DeviceTestCase { // This test asserts that, if present, /dev/hw_random must: // - // 1. Have ownership root:root - // 2. Have permissions 0600 (the kernel default). Only the kernel hwrng - // thread needs access to the HW RNG output. Neither apps nor system - // code should use it directly. + // 1. Have ownership prng_seeder:prng_seeder + // 2. Have permissions 0400 - The only user space process requiring + // access is the PRNG seeder daemon which only needs read access. // 3. Be a character device with major:minor 10:183 (the kernel // default). // That translates to `ls -l` output like this: - // crw------- 1 root root 10, 183 2021-02-11 17:55 /dev/hw_random + // cr-------- 1 prng_seeder prng_seeder 10, 183 2021-02-11 17:55 /dev/hw_random String command = "ls -l " + HW_RNG_DEVICE; String output = mDevice.executeShellCommand(command).trim(); @@ -80,9 +79,9 @@ public class FileSystemPermissionTest extends DeviceTestCase { fail("Unexpected output from " + command + ": \"" + output + "\""); } String[] outputWords = output.split("\\s"); - assertEquals("Wrong mode on " + HW_RNG_DEVICE, "crw-------", outputWords[0]); - assertEquals("Wrong owner of " + HW_RNG_DEVICE, "root", outputWords[2]); - assertEquals("Wrong group of " + HW_RNG_DEVICE, "root", outputWords[3]); + assertEquals("Wrong mode on " + HW_RNG_DEVICE, "cr--------", outputWords[0]); + assertEquals("Wrong owner of " + HW_RNG_DEVICE, "prng_seeder", outputWords[2]); + assertEquals("Wrong group of " + HW_RNG_DEVICE, "prng_seeder", outputWords[3]); assertEquals("Wrong device major on " + HW_RNG_DEVICE, "10,", outputWords[4]); assertEquals("Wrong device minor on " + HW_RNG_DEVICE, "183", outputWords[5]); } |