Merge "Remove ineffective sock_diag cts test."android-wear-5.0.0_r1lollipop-wear-release

2 files changed, 0 insertions, 99 deletions

diff --git a/tests/tests/security/jni/android_security_cts_NativeCodeTest.cpp b/tests/tests/security/jni/android_security_cts_NativeCodeTest.cpp
index faa6eea531f..955398364e1 100644
--- a/tests/tests/security/jni/android_security_cts_NativeCodeTest.cpp
+++ b/tests/tests/security/jni/android_security_cts_NativeCodeTest.cpp
@@ -16,10 +16,6 @@
 
 #include <jni.h>
 #include <linux/futex.h>
-#include <linux/netlink.h>
-#include <linux/sock_diag.h>
-#include <stdio.h>
-#include <sys/socket.h>
 #include <sys/types.h>
 #include <sys/syscall.h>
 #include <unistd.h>
@@ -38,9 +34,6 @@
 #include <inttypes.h>
 #include <linux/sysctl.h>
 
-#define PASSED 0
-#define UNKNOWN_ERROR -1
-
 /*
  * Returns true iff this device is vulnerable to CVE-2013-2094.
  * A patch for CVE-2013-2094 can be found at
@@ -90,84 +83,6 @@ static jboolean android_security_cts_NativeCodeTest_doPerfEventTest2(JNIEnv* env
 }
 
 /*
- * Will hang if vulnerable, return 0 if successful, -1 on unforseen
- * error.
- */
-static jint android_security_cts_NativeCodeTest_doSockDiagTest(JNIEnv* env, jobject thiz)
-{
-    int fd, nlmsg_size, err, len;
-    char buf[1024];
-    struct sockaddr_nl nladdr;
-    struct nlmsghdr *nlh;
-    struct msghdr msg;
-    struct iovec iov;
-    struct sock_diag_req* sock_diag_data;
-
-    int major, minor;
-    struct utsname uts;
-    if (uname(&uts) != -1 &&
-        sscanf(uts.release, "%d.%d", &major, &minor) == 2 &&
-        ((major > 3) || ((major == 3) && (minor > 8)))) {
-        // Kernels above 3.8 are patched against CVE-2013-1763
-        // This test generates false positives if run on > 3.8.
-        // b/17253473
-        return PASSED;
-    }
-
-    fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_SOCK_DIAG);
-    if (fd == -1) {
-        switch (errno) {
-            /* NETLINK_SOCK_DIAG not accessible, vector dne */
-            case EACCES:
-            case EAFNOSUPPORT:
-            case EPERM:
-            case EPROTONOSUPPORT:
-                return PASSED;
-            default:
-                return UNKNOWN_ERROR;
-        }
-    }
-    /* prepare and send netlink packet */
-    memset(&nladdr, 0, sizeof(nladdr));
-    nladdr.nl_family = AF_NETLINK;
-    nlmsg_size = NLMSG_ALIGN(NLMSG_HDRLEN + sizeof(sock_diag_data));
-    nlh = (nlmsghdr *)malloc(nlmsg_size);
-    nlh->nlmsg_len = nlmsg_size;
-    nlh->nlmsg_pid = 0;      //send packet to kernel
-    nlh->nlmsg_type = SOCK_DIAG_BY_FAMILY;
-    nlh->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
-    iov = { (void *) nlh, nlmsg_size };
-    msg = { (void *) &nladdr, sizeof(nladdr), &iov, 1, NULL, 0, 0 };
-    sock_diag_data = (sock_diag_req *) NLMSG_DATA(nlh);
-    sock_diag_data->sdiag_family = AF_MAX+1;
-    if ((err = sendmsg(fd, &msg, 0)) == -1) {
-        /* SELinux blocked it */
-        if (errno == 22) {
-            return PASSED;
-        } else {
-            return UNKNOWN_ERROR;
-        }
-    }
-    free(nlh);
-
-    memset(&nladdr, 0, sizeof(nladdr));
-    iov = { buf, sizeof(buf) };
-    msg = { (void *) &nladdr, sizeof(nladdr), &iov, 1, NULL, 0, 0 };
-    if ((len = recvmsg(fd, &msg, 0)) == -1) {
-        return UNKNOWN_ERROR;
-    }
-    for (nlh = (struct nlmsghdr *) buf; NLMSG_OK(nlh, len); nlh = NLMSG_NEXT (nlh, len)){
-        if (nlh->nlmsg_type == NLMSG_ERROR) {
-            /* -22 = -EINVAL from kernel */
-            if (*(int *)NLMSG_DATA(nlh) == -22) {
-                return PASSED;
-            }
-        }
-    }
-    return UNKNOWN_ERROR;
-}
-
-/*
  * Prior to https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/arm/include/asm/uaccess.h?id=8404663f81d212918ff85f493649a7991209fa04
  * there was a flaw in the kernel's handling of get_user and put_user
  * requests. Normally, get_user and put_user are supposed to guarantee
@@ -288,8 +203,6 @@ static JNINativeMethod gMethods[] = {
             (void *) android_security_cts_NativeCodeTest_doPerfEventTest },
     {  "doPerfEventTest2", "()Z",
             (void *) android_security_cts_NativeCodeTest_doPerfEventTest2 },
-    {  "doSockDiagTest", "()I",
-            (void *) android_security_cts_NativeCodeTest_doSockDiagTest },
     {  "doVrootTest", "()Z",
             (void *) android_security_cts_NativeCodeTest_doVrootTest },
     {  "doCVE20141710Test", "()Z",
diff --git a/tests/tests/security/src/android/security/cts/NativeCodeTest.java b/tests/tests/security/src/android/security/cts/NativeCodeTest.java
index 4be00b677ea..f6e6029524b 100644
--- a/tests/tests/security/src/android/security/cts/NativeCodeTest.java
+++ b/tests/tests/security/src/android/security/cts/NativeCodeTest.java
@@ -42,12 +42,6 @@ public class NativeCodeTest extends TestCase {
         assertTrue(doPerfEventTest2());
     }
 
-    public void testSockDiag() throws Exception {
-        int result = doSockDiagTest();
-        assertFalse("Encountered unexpected error: " + result + ".", (result == -1));
-        assertEquals(0, result);
-    }
-
     public void testFutex() throws Exception {
         assertTrue("Device is vulnerable to CVE-2014-3153, a vulnerability in the futex() system "
                    + "call. Please apply the security patch at "
@@ -79,12 +73,6 @@ public class NativeCodeTest extends TestCase {
     private static native boolean doPerfEventTest2();
 
     /**
-     * Hangs if device is vulnerable to CVE-2013-1763, returns -1 if
-     * unexpected error occurs, 0 otherwise.
-     */
-    private static native int doSockDiagTest();
-
-    /**
      * ANDROID-11234878 / CVE-2013-6282
      *
      * Returns true if the device is patched against the vroot vulnerability, false otherwise.