Merge "Updated CTS test for Android Security b/271281996" into rvc-dev

2 files changed, 25 insertions, 11 deletions

diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2023-20913/src/android/security/cts/CVE_2023_20913/DeviceTest.java b/hostsidetests/securitybulletin/test-apps/CVE-2023-20913/src/android/security/cts/CVE_2023_20913/DeviceTest.java
index 49b26be5911..8e70f319f56 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2023-20913/src/android/security/cts/CVE_2023_20913/DeviceTest.java
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2023-20913/src/android/security/cts/CVE_2023_20913/DeviceTest.java
@@ -58,8 +58,9 @@ public class DeviceTest {
         try {
             ui.adoptShellPermissionIdentity(android.Manifest.permission.INTERACT_ACROSS_USERS);
             Intent intent = new Intent(TelecomManager.ACTION_CHANGE_PHONE_ACCOUNTS);
-            ResolveInfo info = mPackageManager.resolveActivityAsUser(intent,
-                    PackageManager.MATCH_SYSTEM_ONLY, UserHandle.USER_SYSTEM);
+            ResolveInfo info =
+                    mPackageManager.resolveActivityAsUser(
+                            intent, PackageManager.MATCH_SYSTEM_ONLY, UserHandle.USER_SYSTEM);
             name = info.activityInfo.packageName;
         } catch (Exception e) {
             assumeNoException(e);
@@ -77,14 +78,18 @@ public class DeviceTest {
 
             // Start the overlay service
             Intent serviceIntent = new Intent(mContext, PocService.class);
-            assumeTrue(mContext.getString(R.string.msgCannotDrawOverlays),
+            assumeTrue(
+                    mContext.getString(R.string.msgCannotDrawOverlays),
                     Settings.canDrawOverlays(mContext));
             mContext.startService(serviceIntent);
 
             // Wait for the overlay window
-            Pattern overlayTextPattern = Pattern.compile(
-                    mContext.getString(R.string.textOverlayButton), Pattern.CASE_INSENSITIVE);
+            Pattern overlayTextPattern =
+                    Pattern.compile(
+                            mContext.getString(R.string.textOverlayButton),
+                            Pattern.CASE_INSENSITIVE);
             final long launchTimeoutMs = 20_000L;
+
             if (!device.wait(Until.hasObject(By.text(overlayTextPattern)), launchTimeoutMs)) {
                 mViolations.add(cls + mContext.getString(R.string.overlayUiScreenError));
                 return;
@@ -109,10 +114,12 @@ public class DeviceTest {
                     device.wait(Until.gone(By.text(overlayTextPattern)), launchTimeoutMs);
 
             // Check if the currently running activity is the vulnerable activity
-            String activityDump = device.executeShellCommand(
-                    mContext.getString(R.string.dumpsysActivityCmd, vulActivity));
-            Pattern activityPattern = Pattern.compile(mContext.getString(R.string.mResumedTrue),
-                    Pattern.CASE_INSENSITIVE);
+            String activityDump =
+                    device.executeShellCommand(
+                            mContext.getString(R.string.dumpsysActivityCmd, vulActivity));
+            Pattern activityPattern =
+                    Pattern.compile(
+                            mContext.getString(R.string.mResumedTrue), Pattern.CASE_INSENSITIVE);
             if (!(activityPattern.matcher(activityDump).find())) {
                 mViolations.add(
                         cls + mContext.getString(R.string.vulActivityNotRunningError, vulActivity));
@@ -141,7 +148,8 @@ public class DeviceTest {
             mContext = getInstrumentation().getTargetContext();
             KeyguardManager keyguardManager = mContext.getSystemService(KeyguardManager.class);
             PowerManager powerManager = mContext.getSystemService(PowerManager.class);
-            assumeTrue(mContext.getString(R.string.msgDeviceLocked),
+            assumeTrue(
+                    mContext.getString(R.string.msgDeviceLocked),
                     powerManager.isInteractive() && !keyguardManager.isKeyguardLocked());
             mViolations = new ArrayList<String>();
             mVulnerabilities = new ArrayList<String>();
@@ -149,7 +157,8 @@ public class DeviceTest {
             testActivity(mContext.getString(R.string.activityPhoneAccountSettings));
             testActivity(mContext.getString(R.string.activityVoicemailSettings));
             if (mVulnerabilities.isEmpty()) {
-                assumeTrue(mContext.getString(R.string.msgAssumptionFailure) + mViolations,
+                assumeTrue(
+                        mContext.getString(R.string.msgAssumptionFailure) + mViolations,
                         mViolations.isEmpty());
             } else {
                 fail(mContext.getString(R.string.msgOverlayError) + mVulnerabilities);
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2023-20913/src/android/security/cts/CVE_2023_20913/PocService.java b/hostsidetests/securitybulletin/test-apps/CVE-2023-20913/src/android/security/cts/CVE_2023_20913/PocService.java
index 6ac55d98cff..a04d31c2613 100644
--- a/hostsidetests/securitybulletin/test-apps/CVE-2023-20913/src/android/security/cts/CVE_2023_20913/PocService.java
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2023-20913/src/android/security/cts/CVE_2023_20913/PocService.java
@@ -16,6 +16,8 @@
 
 package android.security.cts.CVE_2023_20913;
 
+import static android.content.pm.ActivityInfo.SCREEN_ORIENTATION_PORTRAIT;
+
 import android.app.Service;
 import android.content.Intent;
 import android.content.res.Resources;
@@ -48,6 +50,9 @@ public class PocService extends Service {
             layoutParams.x = displayMetrics.widthPixels / 2;
             layoutParams.y = displayMetrics.heightPixels / 2;
 
+            // Setting the orientation of overlay window as portrait
+            layoutParams.screenOrientation = SCREEN_ORIENTATION_PORTRAIT;
+
             // Show the floating window
             mButton = new Button(this);
             mButton.setText(getString(R.string.textOverlayButton));