From a7a959f780cfad1a516ae4e586eb65545d873c09 Mon Sep 17 00:00:00 2001 From: Varun Praveen Goyal Date: Wed, 6 Jul 2022 04:12:06 +0000 Subject: Updated CTS test for Android Security b/143559931 Bug: 143559931 Bug: 202759784 Test: Ran the new testcase on android-10.0.0_r41 to test with/without patch Change-Id: I7e261dbb566531e23cb46dc24f9986021219433b --- .../src/android/security/cts/CVE_2021_0954.java | 46 +++--- .../test-apps/CVE-2021-0954/Android.bp | 8 +- .../test-apps/CVE-2021-0954/AndroidManifest.xml | 18 +-- .../CVE-2021-0954/res/values/integers.xml | 21 +++ .../test-apps/CVE-2021-0954/res/values/strings.xml | 38 +++++ .../security/cts/CVE_2021_0954/DeviceTest.java | 164 ++++++++++++--------- .../security/cts/CVE_2021_0954/PocService.java | 98 ++++++------ 7 files changed, 238 insertions(+), 155 deletions(-) create mode 100644 hostsidetests/securitybulletin/test-apps/CVE-2021-0954/res/values/integers.xml create mode 100644 hostsidetests/securitybulletin/test-apps/CVE-2021-0954/res/values/strings.xml diff --git a/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0954.java b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0954.java index 12287b0151d..95c90d4ec4b 100644 --- a/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0954.java +++ b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0954.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 The Android Open Source Project + * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,43 +16,39 @@ package android.security.cts; -import android.platform.test.annotations.AppModeFull; +import static org.junit.Assume.assumeNoException; + import android.platform.test.annotations.AsbSecurityTest; +import com.android.sts.common.tradefed.testtype.StsExtraBusinessLogicHostTestBase; import com.android.tradefed.device.ITestDevice; import com.android.tradefed.testtype.DeviceJUnit4ClassRunner; -import com.android.sts.common.tradefed.testtype.StsExtraBusinessLogicHostTestBase; -import org.junit.Assert; -import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; @RunWith(DeviceJUnit4ClassRunner.class) public class CVE_2021_0954 extends StsExtraBusinessLogicHostTestBase { - private static final String TEST_PKG = "android.security.cts.cve_2021_0954"; - private static final String TEST_CLASS = TEST_PKG + "." + "DeviceTest"; - private static final String TEST_APP = "CVE-2021-0954.apk"; - private ITestDevice device; - - @Before - public void setUp() throws Exception { - device = getDevice(); - uninstallPackage(device, TEST_PKG); - - /* Wake up the screen */ - AdbUtils.runCommandLine("input keyevent KEYCODE_WAKEUP", device); - AdbUtils.runCommandLine("input keyevent KEYCODE_MENU", device); - AdbUtils.runCommandLine("input keyevent KEYCODE_HOME", device); - } + private static final String TEST_PKG = "android.security.cts.CVE_2021_0954"; - @AppModeFull @AsbSecurityTest(cveBugId = 143559931) @Test public void testPocCVE_2021_0954() throws Exception { - installPackage(TEST_APP); - AdbUtils.runCommandLine("pm grant " + TEST_PKG + " android.permission.SYSTEM_ALERT_WINDOW", - device); - runDeviceTests(TEST_PKG, TEST_CLASS, "testVulnerableActivityPresence"); + try { + ITestDevice device = getDevice(); + uninstallPackage(device, TEST_PKG); + + /* Wake up the screen */ + AdbUtils.runCommandLine("input keyevent KEYCODE_WAKEUP", device); + AdbUtils.runCommandLine("input keyevent KEYCODE_MENU", device); + AdbUtils.runCommandLine("input keyevent KEYCODE_HOME", device); + + installPackage("CVE-2021-0954.apk"); + AdbUtils.runCommandLine( + "pm grant " + TEST_PKG + " android.permission.SYSTEM_ALERT_WINDOW", device); + runDeviceTests(TEST_PKG, TEST_PKG + "." + "DeviceTest", "testOverlayButtonPresence"); + } catch (Exception e) { + assumeNoException(e); + } } } diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/Android.bp b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/Android.bp index aa9f71f574b..59350cf546f 100644 --- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/Android.bp +++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/Android.bp @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 The Android Open Source Project + * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,10 +18,10 @@ android_test_helper_app { name: "CVE-2021-0954", defaults: ["cts_support_defaults"], - srcs: ["src/**/*.java"], + srcs: [ + "src/**/*.java" + ], test_suites: [ - "cts", - "vts10", "sts", ], static_libs: [ diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/AndroidManifest.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/AndroidManifest.xml index a7e0218c422..75299c4ddfe 100644 --- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/AndroidManifest.xml +++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/AndroidManifest.xml @@ -1,5 +1,5 @@ + - - - - + + android:exported="true" /> - + android:targetPackage="android.security.cts.CVE_2021_0954" /> diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/res/values/integers.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/res/values/integers.xml new file mode 100644 index 00000000000..363df0001d7 --- /dev/null +++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/res/values/integers.xml @@ -0,0 +1,21 @@ + + + + + -1 + 0 + diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/res/values/strings.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/res/values/strings.xml new file mode 100644 index 00000000000..7c4d959b70f --- /dev/null +++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/res/values/strings.xml @@ -0,0 +1,38 @@ + + + + + The application cannot draw overlays + Could not get message key in shared preferences + dumpsys activity %1$s + + Device is vulnerable to b/143559931 hence any app with + "SYSTEM_ALERT_WINDOW can overlay the %1$s screen + mResumed=true + message + OverlayButton + Overlay UI did not appear on the screen + result + CVE_2021_0954_prefs + Timed out waiting on a result from PocActivity + com.android.internal.app.ResolverActivity + com.android.car.activityresolver.CarResolverActivity + android + com.android.car.activityresolver + The %1$s is not currently running on the device + + diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/src/android/security/cts/CVE_2021_0954/DeviceTest.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/src/android/security/cts/CVE_2021_0954/DeviceTest.java index f98690625e9..9a94ef953c1 100644 --- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/src/android/security/cts/CVE_2021_0954/DeviceTest.java +++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/src/android/security/cts/CVE_2021_0954/DeviceTest.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 The Android Open Source Project + * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,17 +14,20 @@ * limitations under the License. */ -package android.security.cts.cve_2021_0954; +package android.security.cts.CVE_2021_0954; import static androidx.test.core.app.ApplicationProvider.getApplicationContext; import static androidx.test.platform.app.InstrumentationRegistry.getInstrumentation; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertNull; + +import static org.junit.Assert.assertTrue; import static org.junit.Assume.assumeNoException; +import static org.junit.Assume.assumeTrue; -import android.content.ActivityNotFoundException; import android.content.Context; import android.content.Intent; +import android.content.SharedPreferences; +import android.content.SharedPreferences.OnSharedPreferenceChangeListener; +import android.content.pm.PackageManager; import android.provider.Settings; import androidx.test.runner.AndroidJUnit4; @@ -32,90 +35,107 @@ import androidx.test.uiautomator.By; import androidx.test.uiautomator.UiDevice; import androidx.test.uiautomator.Until; -import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import java.io.IOException; +import java.util.concurrent.Semaphore; +import java.util.concurrent.TimeUnit; import java.util.regex.Pattern; @RunWith(AndroidJUnit4.class) public class DeviceTest { - private static final String TEST_PKG = "android.security.cts.cve_2021_0954"; - private static final String TEST_VULNERABLE_PKG = "android"; - private static final String TEST_VULNERABLE_ACTIVITY = - "com.android.internal.app.ResolverActivity"; - private static final int LAUNCH_TIMEOUT_MS = 20000; - private static final String vulnerableActivityName = "ResolverActivity"; - private UiDevice mDevice; - String activityDump = ""; - - private void startOverlayService() { - Context context = getApplicationContext(); - assertNotNull(context); - Intent intent = new Intent(context, PocService.class); - assertNotNull(intent); - - if (Settings.canDrawOverlays(getApplicationContext())) { - context.startService(intent); - } else { - try { - context.startService(intent); - } catch (Exception e) { - throw new RuntimeException("Unable to start the overlay service", e); - } - } + private Context mContext = getApplicationContext(); + private static final int TIMEOUT_MS = 10000; + + private boolean hasFeature(String feature) { + return mContext.getPackageManager().hasSystemFeature(feature); } - public void startVulnerableActivity() { - Context context = getApplicationContext(); - Intent intent = new Intent(); - intent.setClassName(TEST_VULNERABLE_PKG, TEST_VULNERABLE_ACTIVITY); - intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); - try { - context.startActivity(intent); - } catch (ActivityNotFoundException e) { - assumeNoException("Activity not found on device", e); - } + private boolean isAuto() { + return hasFeature(PackageManager.FEATURE_AUTOMOTIVE); } - @Before - public void setUp() throws Exception { - mDevice = UiDevice.getInstance(getInstrumentation()); + String getStringRes(int key) { + return mContext.getResources().getString(key); + } - /* Start the vulnerable activity */ - startVulnerableActivity(); - if (!mDevice.wait(Until.hasObject(By.res("android:id/contentPanel") - .clazz("android.widget.ScrollView").pkg("android")), LAUNCH_TIMEOUT_MS)) { - return; - } + String getStringResWithArg(int key, String arg) { + return mContext.getResources().getString(key, arg); + } - /* Start the overlay service */ - startOverlayService(); + int getIntegerRes(int key) { + return mContext.getResources().getInteger(key); } @Test - public void testVulnerableActivityPresence() { - Pattern overlayTextPattern = Pattern.compile("OverlayButton", Pattern.CASE_INSENSITIVE); - if (!mDevice.wait(Until.hasObject(By.text(overlayTextPattern)), LAUNCH_TIMEOUT_MS)) { - return; - } - - /* - * Check if the currently running activity is the vulnerable activity, if not abort the test - */ + public void testOverlayButtonPresence() { try { - activityDump = mDevice.executeShellCommand("dumpsys activity"); - } catch (IOException e) { - throw new RuntimeException("Could not execute dumpsys activity command"); - } - Pattern activityPattern = - Pattern.compile("mResumedActivity.*" + vulnerableActivityName + ".*\n"); - if (!activityPattern.matcher(activityDump).find()) { - return; + UiDevice device = UiDevice.getInstance(getInstrumentation()); + + /* Start the overlay service */ + assumeTrue(getStringRes(R.string.canNotDrawOverlaysMsg), + Settings.canDrawOverlays(mContext)); + Intent intent = new Intent(mContext, PocService.class); + mContext.startService(intent); + + /* Wait for a result from overlay service */ + SharedPreferences sharedPrefs = mContext.getSharedPreferences( + getStringRes(R.string.sharedPreferences), Context.MODE_PRIVATE); + final Semaphore preferenceChanged = new Semaphore(0); + OnSharedPreferenceChangeListener listener = new OnSharedPreferenceChangeListener() { + @Override + public void onSharedPreferenceChanged(SharedPreferences sharedPreferences, + String key) { + if (key.equals(getStringRes(R.string.resultKey))) { + preferenceChanged.release(); + } + } + }; + sharedPrefs.registerOnSharedPreferenceChangeListener(listener); + assumeTrue(preferenceChanged.tryAcquire(TIMEOUT_MS, TimeUnit.MILLISECONDS)); + int result = sharedPrefs.getInt(getStringRes(R.string.resultKey), + getIntegerRes(R.integer.assumptionFailure)); + String message = sharedPrefs.getString(getStringRes(R.string.messageKey), + getStringRes(R.string.defaultSemaphoreMsg)); + assumeTrue(message, result != getIntegerRes(R.integer.assumptionFailure)); + + /* Wait for the UI of overlay window to appear */ + Pattern overlayTextPattern = Pattern.compile( + mContext.getString(R.string.overlayButtonText), Pattern.CASE_INSENSITIVE); + assumeTrue(mContext.getString(R.string.overlayUiScreenError), + device.wait(Until.hasObject(By.text(overlayTextPattern)), TIMEOUT_MS)); + + /* Start the vulnerable activity */ + intent = new Intent(); + String vulActivity = getStringRes(R.string.vulClass); + String vulPkg = getStringRes(R.string.vulPkg); + if (isAuto()) { + vulActivity = getStringRes(R.string.vulClassAuto); + vulPkg = getStringRes(R.string.vulPkgAuto); + } + intent.setClassName(vulPkg, vulActivity); + intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK); + mContext.startActivity(intent); + + /* Wait until the object of overlay window is gone */ + boolean overlayDisallowed = + device.wait(Until.gone(By.pkg(mContext.getPackageName())), TIMEOUT_MS); + + /* + * Check if the currently running activity is the vulnerable activity, if not abort the + * test + */ + String activityDump = device.executeShellCommand( + getStringResWithArg(R.string.cmdDumpsysActivity, vulActivity)); + Pattern activityPattern = Pattern.compile(getStringRes(R.string.mResumedTrue)); + assumeTrue(getStringRes(R.string.vulActivityNotRunningError), + activityPattern.matcher(activityDump).find()); + + /* Failing the test as fix is not present */ + assertTrue(getStringResWithArg(R.string.overlayErrorMessage, vulActivity), + overlayDisallowed); + } catch (Exception e) { + assumeNoException(e); } - String message = "Device is vulnerable to b/143559931 hence any app with " - + "SYSTEM_ALERT_WINDOW can overlay the ResolverActivity screen"; - assertNull(message, mDevice.findObject(By.text(overlayTextPattern))); } } diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/src/android/security/cts/CVE_2021_0954/PocService.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/src/android/security/cts/CVE_2021_0954/PocService.java index 82b78a2beba..79270baa65e 100644 --- a/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/src/android/security/cts/CVE_2021_0954/PocService.java +++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0954/src/android/security/cts/CVE_2021_0954/PocService.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2021 The Android Open Source Project + * Copyright (C) 2022 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,47 +14,65 @@ * limitations under the License. */ -package android.security.cts.cve_2021_0954; +package android.security.cts.CVE_2021_0954; import android.app.Service; +import android.content.Context; import android.content.Intent; +import android.content.SharedPreferences; import android.content.res.Resources; import android.graphics.PixelFormat; -import android.os.Handler; import android.os.IBinder; -import android.provider.Settings; import android.view.Gravity; import android.view.WindowManager; import android.view.WindowManager.LayoutParams; import android.widget.Button; public class PocService extends Service { - public static Button mButton; - private WindowManager mWindowManager; - private WindowManager.LayoutParams mLayoutParams; + Button mButton; + WindowManager mWindowManager; - private static int getScreenWidth() { + private int getScreenWidth() { return Resources.getSystem().getDisplayMetrics().widthPixels; } - private static int getScreenHeight() { + private int getScreenHeight() { return Resources.getSystem().getDisplayMetrics().heightPixels; } + String getStringRes(int key) { + return getResources().getString(key); + } + + int getIntegerRes(int key) { + return getResources().getInteger(key); + } + @Override public void onCreate() { - super.onCreate(); - mWindowManager = getSystemService(WindowManager.class); - mLayoutParams = new WindowManager.LayoutParams(); - mLayoutParams.type = WindowManager.LayoutParams.TYPE_APPLICATION_OVERLAY; - mLayoutParams.flags = WindowManager.LayoutParams.FLAG_NOT_TOUCH_MODAL - | WindowManager.LayoutParams.FLAG_NOT_FOCUSABLE; - mLayoutParams.format = PixelFormat.OPAQUE; - mLayoutParams.gravity = Gravity.LEFT | Gravity.TOP; - mLayoutParams.width = getScreenWidth(); - mLayoutParams.height = getScreenHeight(); - mLayoutParams.x = getScreenWidth() / 2; - mLayoutParams.y = getScreenHeight() / 2; + try { + super.onCreate(); + mWindowManager = getSystemService(WindowManager.class); + LayoutParams layoutParams = new LayoutParams(); + layoutParams.type = LayoutParams.TYPE_APPLICATION_OVERLAY; + layoutParams.flags = + LayoutParams.FLAG_NOT_TOUCH_MODAL | LayoutParams.FLAG_NOT_FOCUSABLE; + layoutParams.format = PixelFormat.OPAQUE; + layoutParams.gravity = Gravity.LEFT | Gravity.TOP; + layoutParams.width = getScreenWidth(); + layoutParams.height = getScreenHeight(); + layoutParams.x = getScreenWidth() / 2; + layoutParams.y = getScreenHeight() / 2; + + /* Show the floating window */ + mButton = new Button(this); + mButton.setText(getString(R.string.overlayButtonText)); + mWindowManager.addView(mButton, layoutParams); + } catch (Exception e) { + sendTestResult(getIntegerRes(R.integer.assumptionFailure), e.getMessage()); + return; + } + sendTestResult(getIntegerRes(R.integer.noAssumptionFailure), getStringRes(R.string.empty)); } @Override @@ -62,32 +80,28 @@ public class PocService extends Service { return null; } - @Override - public int onStartCommand(Intent intent, int flags, int startId) { - showFloatingWindow(); - return super.onStartCommand(intent, flags, startId); - } - @Override public void onDestroy() { - if (mWindowManager != null && mButton != null) { - mWindowManager.removeView(mButton); + try { + if (mWindowManager != null && mButton != null) { + mWindowManager.removeView(mButton); + } + super.onDestroy(); + } catch (Exception e) { + sendTestResult(getIntegerRes(R.integer.assumptionFailure), e.getMessage()); } - super.onDestroy(); } - private void showFloatingWindow() { - if (Settings.canDrawOverlays(this)) { - mButton = new Button(getApplicationContext()); - mButton.setText("OverlayButton"); - mWindowManager.addView(mButton, mLayoutParams); - new Handler().postDelayed(new Runnable() { - @Override - public void run() { - onDestroy(); - } - }, 60000); // one minute - mButton.setTag(mButton.getVisibility()); + private void sendTestResult(int result, String message) { + try { + SharedPreferences sh = getSharedPreferences(getStringRes(R.string.sharedPreferences), + Context.MODE_PRIVATE); + SharedPreferences.Editor edit = sh.edit(); + edit.putInt(getStringRes(R.string.resultKey), result); + edit.putString(getStringRes(R.string.messageKey), message); + edit.commit(); + } catch (Exception e) { + // ignore the exception } } } -- cgit v1.2.3 From 89e6854f2caf1b58e85470857a9b899467454fc0 Mon Sep 17 00:00:00 2001 From: Muhammad Qureshi Date: Thu, 23 Jun 2022 18:19:28 -0700 Subject: Relax testScreenBrightness assertions Don't assert for time difference between states. We already add lots of buffer around the max and min time difference so asserting on time difference is not very valuable. Also, only check for existence of expected states and their respective ordering while also allowing other states in the report. As long as the screen brightness states triggered by the test are present in the report with their relative ordering, the test should pass. Bug: 233973767 Test: atest --no-bazel-mode android.cts.statsdatom.statsd.UidAtomTests\#testScreenBrightness Merged-In: Idd279b54006f3fa88291d24d8cedfa54e56498b0 Change-Id: Idd279b54006f3fa88291d24d8cedfa54e56498b0 (cherry picked from commit 1704342f3ae0c2e8ca1148fb9e8ce1c5586bfcca) --- .../cts/statsdatom/statsd/UidAtomTests.java | 25 +++++++++------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/hostsidetests/statsdatom/src/android/cts/statsdatom/statsd/UidAtomTests.java b/hostsidetests/statsdatom/src/android/cts/statsdatom/statsd/UidAtomTests.java index 33422c1cec4..42b9b5c9cd7 100644 --- a/hostsidetests/statsdatom/src/android/cts/statsdatom/statsd/UidAtomTests.java +++ b/hostsidetests/statsdatom/src/android/cts/statsdatom/statsd/UidAtomTests.java @@ -598,30 +598,25 @@ public class UidAtomTests extends DeviceTestCase implements IBuildReceiver { final int atomTag = Atom.SCREEN_BRIGHTNESS_CHANGED_FIELD_NUMBER; - Set screenMin = new HashSet<>(Arrays.asList(47)); - Set screen100 = new HashSet<>(Arrays.asList(100)); - - // Add state sets to the list in order. - List> stateSet = Arrays.asList(screenMin, screen100); - ConfigUtils.uploadConfigForPushedAtom(getDevice(), DeviceUtils.STATSD_ATOM_TEST_PKG, atomTag); DeviceUtils.runDeviceTestsOnStatsdApp(getDevice(), ".AtomTests", "testScreenBrightness"); - // Sorted list of events in order in which they occurred. - List data = ReportUtils.getEventMetricDataList(getDevice()); + List expectedValues = Arrays.asList(47, 100); + + // Sorted list of brightness values in order in which they occurred, filtered to only + // contain expectedValues if they are present. + List data = ReportUtils.getEventMetricDataList(getDevice()) + .stream() + .map(e -> e.getAtom().getScreenBrightnessChanged().getLevel()) + .filter(expectedValues::contains) + .collect(Collectors.toList()); // Restore initial screen brightness setScreenBrightness(initialBrightness); setScreenBrightnessMode(isInitialManual); - AtomTestUtils.popUntilFind(data, screenMin, - atom -> atom.getScreenBrightnessChanged().getLevel()); - AtomTestUtils.popUntilFindFromEnd(data, screen100, - atom -> atom.getScreenBrightnessChanged().getLevel()); - // Assert that the events happened in the expected order. - AtomTestUtils.assertStatesOccurredInOrder(stateSet, data, AtomTestUtils.WAIT_TIME_SHORT, - atom -> atom.getScreenBrightnessChanged().getLevel()); + assertThat(data).containsExactlyElementsIn(expectedValues).inOrder(); } public void testSyncState() throws Exception { -- cgit v1.2.3 From f4e92dca995d1e5c9984638f48321f93e5c6b318 Mon Sep 17 00:00:00 2001 From: Alex Stetson Date: Wed, 29 Jun 2022 16:01:59 -0700 Subject: Skip testImeForceShowingNavigationBar for config When config_hideNavBarForKeyboard, it is intentional that the navigation bar is not showing when the keyboard appears. Therefore, this test should be disabled when that configuration is true. Bug: 235782227 Test: atest android.server.wm.WindowInsetsControllerTests#testImeForceShowingNavigationBar Change-Id: I145c67abfb79211f54c2fd6e7c42ef18c75a8dba --- .../src/android/server/wm/WindowInsetsControllerTests.java | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/framework/base/windowmanager/src/android/server/wm/WindowInsetsControllerTests.java b/tests/framework/base/windowmanager/src/android/server/wm/WindowInsetsControllerTests.java index 65465b27895..8dc33b1f745 100644 --- a/tests/framework/base/windowmanager/src/android/server/wm/WindowInsetsControllerTests.java +++ b/tests/framework/base/windowmanager/src/android/server/wm/WindowInsetsControllerTests.java @@ -59,6 +59,7 @@ import android.app.AlertDialog; import android.app.Instrumentation; import android.content.Context; import android.content.pm.PackageManager; +import android.content.res.Resources; import android.os.Bundle; import android.os.SystemClock; import android.platform.test.annotations.Presubmit; @@ -226,6 +227,11 @@ public class WindowInsetsControllerTests extends WindowManagerTestBase { final Instrumentation instrumentation = getInstrumentation(); assumeThat(MockImeSession.getUnavailabilityReason(instrumentation.getContext()), nullValue()); + final Resources resources = instrumentation.getContext().getResources(); + final boolean isHideNavBarForKeyboardEnabled = resources.getBoolean( + resources.getIdentifier("config_hideNavBarForKeyboard", "bool", "android")); + assumeFalse("Device is configured to not show navigation bar for keyboard", + isHideNavBarForKeyboardEnabled); final MockImeSession imeSession = MockImeHelper.createManagedMockImeSession(this); final ImeEventStream stream = imeSession.openEventStream(); final TestActivity activity = startActivityInWindowingModeFullScreen(TestActivity.class); -- cgit v1.2.3 From 07265b1c6ecd918a0839c7500972e1fc0dce382f Mon Sep 17 00:00:00 2001 From: Charles Chen Date: Wed, 6 Jul 2022 14:19:59 +0800 Subject: Fix TaskFragmentTrustedModeTest This CL removes the check to verify if Activity does not exist because it is started to Task instead after [1]. Test: atest TaskFragmentTrustedModeTest TaskFragmentOrganizerTest Test: atest TaskFragmentOrganizerPolicyTest SplitActivityLifecycleTest Fixes: 238054859 Bug: 233578672 [1]: b4bf0a8550911e3504cebf121062debdb1094f9e Merged-In: I60bf16544da340c8846ae5007ce73ed7415eb974 Change-Id: I60bf16544da340c8846ae5007ce73ed7415eb974 --- .../src/android/server/wm/TaskFragmentTrustedModeTest.java | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/tests/framework/base/windowmanager/src/android/server/wm/TaskFragmentTrustedModeTest.java b/tests/framework/base/windowmanager/src/android/server/wm/TaskFragmentTrustedModeTest.java index 385a5af9ed6..678cde1f05d 100644 --- a/tests/framework/base/windowmanager/src/android/server/wm/TaskFragmentTrustedModeTest.java +++ b/tests/framework/base/windowmanager/src/android/server/wm/TaskFragmentTrustedModeTest.java @@ -20,6 +20,7 @@ import static android.server.wm.WindowManagerState.STATE_RESUMED; import static android.server.wm.jetpack.second.Components.SECOND_UNTRUSTED_EMBEDDING_ACTIVITY; import static com.google.common.truth.Truth.assertThat; +import static com.google.common.truth.Truth.assertWithMessage; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; @@ -32,6 +33,7 @@ import android.content.Intent; import android.graphics.Rect; import android.os.Binder; import android.os.IBinder; +import android.platform.test.annotations.Presubmit; import android.server.wm.WindowManagerState.Task; import android.window.TaskFragmentCreationParams; import android.window.TaskFragmentInfo; @@ -47,6 +49,7 @@ import org.junit.Test; * Build/Install/Run: * atest CtsWindowManagerDeviceTestCases:TaskFragmentTrustedModeTest */ +@Presubmit public class TaskFragmentTrustedModeTest extends TaskFragmentOrganizerTestBase { private final ComponentName mTranslucentActivity = new ComponentName(mContext, @@ -239,7 +242,7 @@ public class TaskFragmentTrustedModeTest extends TaskFragmentOrganizerTestBase { */ @Test public void testUntrustedModeTaskFragment_startActivityInTaskFragmentOutsideOfParentBounds() { - final Task parentTask = mWmState.getRootTask(mOwnerTaskId); + Task parentTask = mWmState.getRootTask(mOwnerTaskId); final Rect parentBounds = new Rect(parentTask.getBounds()); final IBinder errorCallbackToken = new Binder(); final WindowContainerTransaction wct = new WindowContainerTransaction() @@ -254,8 +257,11 @@ public class TaskFragmentTrustedModeTest extends TaskFragmentOrganizerTestBase { // It is disallowed to start activity to TaskFragment with bounds outside of its parent // in untrusted mode. assertTaskFragmentError(errorCallbackToken, SecurityException.class); - mWmState.waitForAppTransitionIdleOnDisplay(mOwnerActivity.getDisplayId()); - mWmState.assertNotExist(SECOND_UNTRUSTED_EMBEDDING_ACTIVITY); + + parentTask = mWmState.getRootTask(mOwnerTaskId); + assertWithMessage("Activity must be started in parent Task because it's not" + + " allowed to be embedded").that(parentTask.mActivities).contains( + mWmState.getActivity(SECOND_UNTRUSTED_EMBEDDING_ACTIVITY)); } /** -- cgit v1.2.3 From 92515ba4c4de321b0b6209f344d3601c24b419ce Mon Sep 17 00:00:00 2001 From: Oriol Prieto Gasco Date: Fri, 8 Jul 2022 12:38:49 +0000 Subject: Rename the btservices apex Bug: 237556594 Test: TH Change-Id: I89aa78f6d492a0faf815060b3721864c3a4fb7e2 --- .../statsdatom/src/android/cts/statsdatom/lib/ConfigUtils.java | 4 ---- tests/tests/bluetooth/AndroidTest.xml | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/hostsidetests/statsdatom/src/android/cts/statsdatom/lib/ConfigUtils.java b/hostsidetests/statsdatom/src/android/cts/statsdatom/lib/ConfigUtils.java index be665ba4013..7f29d44673c 100644 --- a/hostsidetests/statsdatom/src/android/cts/statsdatom/lib/ConfigUtils.java +++ b/hostsidetests/statsdatom/src/android/cts/statsdatom/lib/ConfigUtils.java @@ -69,10 +69,6 @@ public final class ConfigUtils { .addAllowedLogSource("AID_SYSTEM") .addAllowedLogSource("AID_BLUETOOTH") .addAllowedLogSource("com.android.bluetooth") - // TODO(b/236681553): Remove this. - .addAllowedLogSource("com.android.bluetooth.services") - // TODO(b/236681553): Remove this. - .addAllowedLogSource("com.google.android.bluetooth.services") .addAllowedLogSource("AID_LMKD") .addAllowedLogSource("AID_MEDIA") .addAllowedLogSource("AID_RADIO") diff --git a/tests/tests/bluetooth/AndroidTest.xml b/tests/tests/bluetooth/AndroidTest.xml index 9a3075beee6..98189620bab 100644 --- a/tests/tests/bluetooth/AndroidTest.xml +++ b/tests/tests/bluetooth/AndroidTest.xml @@ -33,6 +33,6 @@ - -- cgit v1.2.3 From 8ecdcc1a53ddafcb04084e84aeb8026bf2e365d2 Mon Sep 17 00:00:00 2001 From: Jasmine Date: Fri, 1 Jul 2022 10:04:32 +0800 Subject: [CTS] Fix test CtsInputMethodTestCases Fail Change the tolerance in this file (cts/tests/inputmethod/mockime/src/com/android/cts/mockime/watermark.java) from 4 to 6, and then the CTS item can pass Bug: 233319624 Test: run cts -m CtsInputMethodTestCases -t android.view.inputmethod.cts.InputMethodServiceTest#testImeVisibleAfterRotation Change-Id: Ib15d13acdd7f5431dd77c2db16dee682c82c1408 --- tests/inputmethod/mockime/src/com/android/cts/mockime/Watermark.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/inputmethod/mockime/src/com/android/cts/mockime/Watermark.java b/tests/inputmethod/mockime/src/com/android/cts/mockime/Watermark.java index ccd8659e3de..8855dee537b 100644 --- a/tests/inputmethod/mockime/src/com/android/cts/mockime/Watermark.java +++ b/tests/inputmethod/mockime/src/com/android/cts/mockime/Watermark.java @@ -32,7 +32,7 @@ public final class Watermark { * *

See Bug 174534092 about why we ended up having this.

*/ - private static final int TOLERANCE = 4; + private static final int TOLERANCE = 6; /** * A utility class that represents A8R8G8B bitmap as an integer array. -- cgit v1.2.3 From 5c099cecf18d8558d497b20b935244803612ba34 Mon Sep 17 00:00:00 2001 From: Shivam Mishra Date: Mon, 11 Jul 2022 05:26:25 +0000 Subject: CTS test for Android Security b/221041256 Bug: 221041256 Bug: 235872911 Test: Ran the new testcase on android-10.0.0_r45 with/without patch Change-Id: I2c258a7869878f3898201ac590f25f880cccd794 --- .../src/android/security/cts/CVE_2022_20353.java | 54 ++++++++ .../test-apps/CVE-2022-20353/Android.bp | 38 ++++++ .../test-apps/CVE-2022-20353/AndroidManifest.xml | 35 +++++ .../CVE-2022-20353/res/values/integers.xml | 22 +++ .../CVE-2022-20353/res/values/strings.xml | 38 ++++++ .../security/cts/CVE_2022_20353/DeviceTest.java | 151 +++++++++++++++++++++ .../security/cts/CVE_2022_20353/PocActivity.java | 62 +++++++++ 7 files changed, 400 insertions(+) create mode 100644 hostsidetests/securitybulletin/src/android/security/cts/CVE_2022_20353.java create mode 100644 hostsidetests/securitybulletin/test-apps/CVE-2022-20353/Android.bp create mode 100644 hostsidetests/securitybulletin/test-apps/CVE-2022-20353/AndroidManifest.xml create mode 100644 hostsidetests/securitybulletin/test-apps/CVE-2022-20353/res/values/integers.xml create mode 100644 hostsidetests/securitybulletin/test-apps/CVE-2022-20353/res/values/strings.xml create mode 100644 hostsidetests/securitybulletin/test-apps/CVE-2022-20353/src/android/security/cts/CVE_2022_20353/DeviceTest.java create mode 100644 hostsidetests/securitybulletin/test-apps/CVE-2022-20353/src/android/security/cts/CVE_2022_20353/PocActivity.java diff --git a/hostsidetests/securitybulletin/src/android/security/cts/CVE_2022_20353.java b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2022_20353.java new file mode 100644 index 00000000000..e661b4ff4a1 --- /dev/null +++ b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2022_20353.java @@ -0,0 +1,54 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security.cts; + +import static org.junit.Assume.assumeNoException; + +import android.platform.test.annotations.AsbSecurityTest; + +import com.android.sts.common.tradefed.testtype.StsExtraBusinessLogicHostTestBase; +import com.android.tradefed.device.ITestDevice; +import com.android.tradefed.testtype.DeviceJUnit4ClassRunner; + +import org.junit.Test; +import org.junit.runner.RunWith; + +@RunWith(DeviceJUnit4ClassRunner.class) +public class CVE_2022_20353 extends StsExtraBusinessLogicHostTestBase { + + @AsbSecurityTest(cveBugId = 221041256) + @Test + public void testPocCVE_2022_20353() { + try { + final String testPkg = "android.security.cts.CVE_2022_20353"; + ITestDevice device = getDevice(); + + AdbUtils.runCommandLine("input keyevent KEYCODE_WAKEUP", device); + AdbUtils.runCommandLine("input keyevent KEYCODE_MENU", device); + AdbUtils.runCommandLine("input keyevent KEYCODE_HOME", device); + + // to generate NOTICE.html if not already present + AdbUtils.runCommandLine("am start -a android.settings.LICENSE", device); + + installPackage("CVE-2022-20353.apk"); + + runDeviceTests(testPkg, testPkg + ".DeviceTest", "testDefaultRingtonePreference"); + } catch (Exception e) { + assumeNoException(e); + } + } +} diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/Android.bp b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/Android.bp new file mode 100644 index 00000000000..37d35eb74f2 --- /dev/null +++ b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/Android.bp @@ -0,0 +1,38 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package { + default_applicable_licenses: ["Android-Apache-2.0"], +} + +android_test_helper_app { + name: "CVE-2022-20353", + defaults: [ + "cts_support_defaults", + ], + srcs: [ + "src/**/*.java", + ], + test_suites: [ + "sts", + ], + static_libs: [ + "androidx.test.core", + "androidx.test.rules", + "androidx.test.uiautomator_uiautomator", + ], + sdk_version: "current", +} diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/AndroidManifest.xml b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/AndroidManifest.xml new file mode 100644 index 00000000000..d4129ac8823 --- /dev/null +++ b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/AndroidManifest.xml @@ -0,0 +1,35 @@ + + + + + + + + + + + + + + diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/res/values/integers.xml b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/res/values/integers.xml new file mode 100644 index 00000000000..3207c29a0bd --- /dev/null +++ b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/res/values/integers.xml @@ -0,0 +1,22 @@ + + + + + -1 + 0 + 20000 + diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/res/values/strings.xml b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/res/values/strings.xml new file mode 100644 index 00000000000..27e87f65446 --- /dev/null +++ b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/res/values/strings.xml @@ -0,0 +1,38 @@ + + + + + android:id/button_always + CVE-2022-20353 + Could not get message key in shared preferences + + Device is vulnerable to b/221041256!! Privilege escalation possible in + com.android.settings.DefaultRingtonePreference + + NOTICE.html + settings get system ringtone + message + + content://com.android.settings.files/my_cache/NOTICE.html + + string + result + settings put system ringtone + sharedPreferences + ringtone_title + Unable to find UiObject with %1$s text/id + diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/src/android/security/cts/CVE_2022_20353/DeviceTest.java b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/src/android/security/cts/CVE_2022_20353/DeviceTest.java new file mode 100644 index 00000000000..af1f9782ab0 --- /dev/null +++ b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/src/android/security/cts/CVE_2022_20353/DeviceTest.java @@ -0,0 +1,151 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security.cts.CVE_2022_20353; + +import static androidx.test.platform.app.InstrumentationRegistry.getInstrumentation; +import static org.junit.Assert.assertFalse; +import static org.junit.Assume.assumeNoException; +import static org.junit.Assume.assumeTrue; + +import android.content.Context; +import android.content.Intent; +import android.content.SharedPreferences; +import android.content.SharedPreferences.OnSharedPreferenceChangeListener; +import android.content.res.Resources; +import android.provider.Settings; + +import androidx.test.runner.AndroidJUnit4; +import androidx.test.uiautomator.By; +import androidx.test.uiautomator.BySelector; +import androidx.test.uiautomator.UiDevice; +import androidx.test.uiautomator.UiScrollable; +import androidx.test.uiautomator.UiSelector; +import androidx.test.uiautomator.Until; + +import org.junit.Test; +import org.junit.runner.RunWith; + +import java.util.concurrent.Semaphore; +import java.util.concurrent.TimeUnit; + +@RunWith(AndroidJUnit4.class) +public class DeviceTest { + Resources mResources; + UiDevice mDevice; + Context mContext; + + // Wait for UiObject to appear and click on the UiObject if it is visible + private boolean clickUiObject(BySelector selector) { + boolean objectFound = + mDevice.wait(Until.hasObject(selector), mResources.getInteger(R.integer.timeoutMs)); + if (objectFound) { + mDevice.findObject(selector).click(); + } + return objectFound; + } + + @Test + public void testDefaultRingtonePreference() { + String defaultRingtone = null; + try { + mDevice = UiDevice.getInstance(getInstrumentation()); + mContext = getInstrumentation().getContext(); + mResources = mContext.getResources(); + defaultRingtone = + mDevice.executeShellCommand(mContext.getString(R.string.getRingtoneCmd)); + + Intent intent = new Intent(Settings.ACTION_SOUND_SETTINGS); + intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK); + mContext.startActivity(intent); + + String settingsPackageName = + intent.resolveActivity(mContext.getPackageManager()).getPackageName(); + Context settingsContext = mContext.createPackageContext(settingsPackageName, + Context.CONTEXT_IGNORE_SECURITY); + Resources res = settingsContext.getPackageManager() + .getResourcesForApplication(settingsPackageName); + String text = settingsContext + .getString(res.getIdentifier(mContext.getString(R.string.textResId), + mContext.getString(R.string.resType), settingsPackageName)); + // scroll until text 'Phone ringtone' is visible + UiScrollable uiScrollable = new UiScrollable(new UiSelector().scrollable(true)); + uiScrollable.scrollTextIntoView(text); + // click on 'Phone ringtone' + BySelector selector = By.text(text); + assumeTrue(mContext.getString(R.string.uiObjectNotFoundMsg, text), + clickUiObject(selector)); + // select CTS PoC app + text = mContext.getString(R.string.appName); + selector = By.text(text); + assumeTrue(mContext.getString(R.string.uiObjectNotFoundMsg, text), + clickUiObject(selector)); + // select 'Always' + String resId = mContext.getString(R.string.alwaysButtonId); + selector = By.res(resId); + assumeTrue(mContext.getString(R.string.uiObjectNotFoundMsg, resId), + clickUiObject(selector)); + + SharedPreferences sharedPrefs = mContext.getSharedPreferences( + mContext.getString(R.string.sharedPreferences), Context.MODE_APPEND); + Semaphore preferenceChanged = new Semaphore(0); + OnSharedPreferenceChangeListener sharedPrefListener = + new OnSharedPreferenceChangeListener() { + @Override + public void onSharedPreferenceChanged(SharedPreferences sharedPreferences, + String key) { + if (key.equals(mContext.getString(R.string.resultKey))) { + preferenceChanged.release(); + } + } + }; + sharedPrefs.registerOnSharedPreferenceChangeListener(sharedPrefListener); + // wait for PocActivity to complete + assumeTrue(preferenceChanged.tryAcquire(mResources.getInteger(R.integer.timeoutMs), + TimeUnit.MILLISECONDS)); + int result = sharedPrefs.getInt(mContext.getString(R.string.resultKey), + mResources.getInteger(R.integer.assumptionFailure)); + String message = sharedPrefs.getString(mContext.getString(R.string.messageKey), + mContext.getString(R.string.defaultSemaphoreMsg)); + assumeTrue(message, result != mResources.getInteger(R.integer.assumptionFailure)); + + String ringtoneUri = ""; + boolean isVulnerable = false; + long startTime = System.currentTimeMillis(); + while ((System.currentTimeMillis() - startTime) < mResources + .getInteger(R.integer.timeoutMs)) { + ringtoneUri = + mDevice.executeShellCommand(mContext.getString(R.string.getRingtoneCmd)); + if (ringtoneUri.contains(mContext.getString(R.string.fileName))) { + isVulnerable = true; + break; + } + } + assertFalse(mContext.getString(R.string.failureMessage), isVulnerable); + } catch (Exception e) { + assumeNoException(e); + } finally { + try { + // reset ringtone to default (other than 'null') present before test + mDevice.executeShellCommand( + mContext.getString(R.string.setRingtoneCmd) + " " + defaultRingtone); + mDevice.pressHome(); + } catch (Exception e) { + // ignore exception here + } + } + } +} diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/src/android/security/cts/CVE_2022_20353/PocActivity.java b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/src/android/security/cts/CVE_2022_20353/PocActivity.java new file mode 100644 index 00000000000..977e647d2e2 --- /dev/null +++ b/hostsidetests/securitybulletin/test-apps/CVE-2022-20353/src/android/security/cts/CVE_2022_20353/PocActivity.java @@ -0,0 +1,62 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security.cts.CVE_2022_20353; + +import android.app.Activity; +import android.content.Context; +import android.content.Intent; +import android.content.SharedPreferences; +import android.media.RingtoneManager; +import android.net.Uri; +import android.os.Bundle; + +/* PocActivity is required in this test since it is required that CTS PoC app is selected when */ +/* choosing an app for setting default ringtone. RingtonePicker appears due to actions done in */ +/* DeviceTest. */ +public class PocActivity extends Activity { + + @Override + protected void onCreate(Bundle savedInstanceState) { + try { + super.onCreate(savedInstanceState); + Intent intent = new Intent(); + /* set NOTICE.html file uri as EXTRA_RINGTONE_PICKED_URI which sets NOTICE.html as */ + /* default ringtone if vulnerability is present */ + intent.putExtra(RingtoneManager.EXTRA_RINGTONE_PICKED_URI, + Uri.parse(getString(R.string.noticeUri))); + setResult(Activity.RESULT_OK, intent); + finish(); + sendTestResult(getResources().getInteger(R.integer.success), ""); + } catch (Exception e) { + sendTestResult(getResources().getInteger(R.integer.assumptionFailure), e.getMessage()); + } + } + + void sendTestResult(int result, String message) { + try { + SharedPreferences sh = getSharedPreferences(getString(R.string.sharedPreferences), + Context.MODE_PRIVATE); + SharedPreferences.Editor edit = sh.edit(); + edit.putInt(getString(R.string.resultKey), result); + edit.putString(getString(R.string.messageKey), message); + edit.commit(); + } catch (Exception e) { + // ignore exception here + } + } + +} -- cgit v1.2.3 From e7a6f576624be324104b0586bebca08709f10248 Mon Sep 17 00:00:00 2001 From: Robert Shih Date: Mon, 11 Jul 2022 07:58:42 +0000 Subject: Check drmserver domain only if exists Bug: 237037163 Test: SELinuxHostTest#testDrmServerDomain Change-Id: I57614081c88461d054a8cfdecf3205a87dc128d0 --- hostsidetests/security/src/android/security/cts/SELinuxHostTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hostsidetests/security/src/android/security/cts/SELinuxHostTest.java b/hostsidetests/security/src/android/security/cts/SELinuxHostTest.java index 573035c2de3..13ade8b0585 100644 --- a/hostsidetests/security/src/android/security/cts/SELinuxHostTest.java +++ b/hostsidetests/security/src/android/security/cts/SELinuxHostTest.java @@ -1367,7 +1367,7 @@ public class SELinuxHostTest extends BaseHostJUnit4Test { @CddTest(requirement="9.7") @Test public void testDrmServerDomain() throws DeviceNotAvailableException { - assertDomainN("u:r:drmserver:s0", "/system/bin/drmserver", "/system/bin/drmserver64"); + assertDomainHasExecutable("u:r:drmserver:s0", "/system/bin/drmserver", "/system/bin/drmserver64"); } /* Installd is always running */ -- cgit v1.2.3 From 8825c60b72e7592fef0a335060c66c23c368f7ec Mon Sep 17 00:00:00 2001 From: Alex Stetson Date: Thu, 23 Jun 2022 15:36:52 -0700 Subject: Scroll notifications via UiScrollable If the notifications panel does not occupy the entire screen, swipe scrolling logic may not catch the correct view. This can be avoided by finding the scrollable element on the screen first and then scrolling that. Bug: 227419880 Test: atest com.android.cts.content.CtsSyncAccountAccessOtherCertTestCases#testAccountAccess_otherCertAsAuthenticatorCanNotSeeAccount Change-Id: Ic64d83de2119b30ca8648142ec31d86e1cdf4ae4 --- .../content/CtsSyncAccountAccessOtherCertTestCases.java | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/tests/tests/content/CtsSyncAccountAccessOtherCertTests/src/com/android/cts/content/CtsSyncAccountAccessOtherCertTestCases.java b/tests/tests/content/CtsSyncAccountAccessOtherCertTests/src/com/android/cts/content/CtsSyncAccountAccessOtherCertTestCases.java index 49b72549b7e..8bd1bb8fb33 100644 --- a/tests/tests/content/CtsSyncAccountAccessOtherCertTests/src/com/android/cts/content/CtsSyncAccountAccessOtherCertTestCases.java +++ b/tests/tests/content/CtsSyncAccountAccessOtherCertTests/src/com/android/cts/content/CtsSyncAccountAccessOtherCertTestCases.java @@ -43,6 +43,9 @@ import android.content.res.Configuration; import android.support.test.uiautomator.By; import android.support.test.uiautomator.UiDevice; import android.support.test.uiautomator.UiObject2; +import android.support.test.uiautomator.UiObjectNotFoundException; +import android.support.test.uiautomator.UiScrollable; +import android.support.test.uiautomator.UiSelector; import android.support.test.uiautomator.Until; import android.util.Log; @@ -140,7 +143,7 @@ public class CtsSyncAccountAccessOtherCertTestCases { } catch (Throwable t) { if (scrollUps < 10) { // The notification we search for is below the fold, scroll to find it - swipeUp(uiDevice); + scrollNotifications(); scrollUps++; continue; } @@ -200,6 +203,18 @@ public class CtsSyncAccountAccessOtherCertTestCases { 50 /* numberOfSteps */); } + private boolean scrollNotifications() { + UiScrollable scrollable = new UiScrollable(new UiSelector().scrollable(true)); + if (!scrollable.exists()) { + return false; + } + try { + return scrollable.scrollForward(50); + } catch (UiObjectNotFoundException e) { + return false; + } + } + private boolean isRunningInVR() { final Context context = InstrumentationRegistry.getTargetContext(); return ((context.getResources().getConfiguration().uiMode & -- cgit v1.2.3 From 17c590b92beacd1b50fbe8d571e003003c819c52 Mon Sep 17 00:00:00 2001 From: Evan Severson Date: Mon, 11 Jul 2022 13:45:32 -0700 Subject: DO NOT MERGE: Revert "Add appops testcase for location disabled" This reverts commit 5e8b943e6fd6e79e43780694738dd738006b6d00. Bug: 231496105 Change-Id: Iaa40f3f5148b55c679ecd9e1fd53f839e60ac1ff --- .../cts/none/LocationDisabledAppOpsTest.java | 120 --------------------- 1 file changed, 120 deletions(-) delete mode 100644 tests/location/location_none/src/android/location/cts/none/LocationDisabledAppOpsTest.java diff --git a/tests/location/location_none/src/android/location/cts/none/LocationDisabledAppOpsTest.java b/tests/location/location_none/src/android/location/cts/none/LocationDisabledAppOpsTest.java deleted file mode 100644 index 990d1deb11f..00000000000 --- a/tests/location/location_none/src/android/location/cts/none/LocationDisabledAppOpsTest.java +++ /dev/null @@ -1,120 +0,0 @@ -/* - * Copyright (C) 2022 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package android.location.cts.none; - -import static android.app.AppOpsManager.MODE_ALLOWED; -import static android.app.AppOpsManager.OPSTR_FINE_LOCATION; - -import static com.android.compatibility.common.util.SystemUtil.runWithShellPermissionIdentity; - -import android.app.ActivityManager; -import android.app.AppOpsManager; -import android.content.Context; -import android.content.pm.ApplicationInfo; -import android.content.pm.PackageInfo; -import android.content.pm.PackageManager; -import android.location.LocationManager; -import android.os.PackageTagsList; -import android.os.Process; -import android.os.UserHandle; - -import androidx.test.InstrumentationRegistry; - -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; - -import java.util.ArrayList; -import java.util.List; - -public class LocationDisabledAppOpsTest { - - private final Context mContext = InstrumentationRegistry.getContext(); - private LocationManager mLm; - private AppOpsManager mAom; - - @Before - public void setUp() { - mLm = mContext.getSystemService(LocationManager.class); - mAom = mContext.getSystemService(AppOpsManager.class); - } - - @Test - public void testLocationAppOpIsIgnoredForAppsWhenLocationIsDisabled() { - PackageTagsList ignoreList = mLm.getIgnoreSettingsAllowlist(); - - UserHandle[] userArr = {UserHandle.SYSTEM}; - runWithShellPermissionIdentity(() -> { - userArr[0] = UserHandle.of(ActivityManager.getCurrentUser()); - }); - - UserHandle user = userArr[0]; - - boolean wasEnabled = mLm.isLocationEnabledForUser(user); - - try { - runWithShellPermissionIdentity(() -> { - mLm.setLocationEnabledForUser(false, user); - }); - - List bypassedNoteOps = new ArrayList<>(); - List bypassedCheckOps = new ArrayList<>(); - for (PackageInfo pi : mContext.getPackageManager().getInstalledPackagesAsUser( - 0, user.getIdentifier())) { - ApplicationInfo ai = pi.applicationInfo; - if (ai.uid != Process.SYSTEM_UID) { - final int[] mode = {MODE_ALLOWED}; - runWithShellPermissionIdentity(() -> { - mode[0] = mAom.noteOpNoThrow( - OPSTR_FINE_LOCATION, ai.uid, ai.packageName); - }); - if (mode[0] == MODE_ALLOWED && !ignoreList.containsAll(pi.packageName)) { - bypassedNoteOps.add(pi.packageName); - } - - - mode[0] = MODE_ALLOWED; - runWithShellPermissionIdentity(() -> { - mode[0] = mAom.checkOpNoThrow(OPSTR_FINE_LOCATION, ai.uid, ai.packageName); - }); - if (mode[0] == MODE_ALLOWED && !ignoreList.includes(pi.packageName)) { - bypassedCheckOps.add(pi.packageName); - } - - } - } - - String msg = ""; - if (!bypassedNoteOps.isEmpty()) { - msg += "Apps which still have access from noteOp " + bypassedNoteOps; - } - if (!bypassedCheckOps.isEmpty()) { - msg += (msg.isEmpty() ? "" : "\n\n") - + "Apps which still have access from checkOp " + bypassedCheckOps; - } - if(!msg.isEmpty()) { - Assert.fail(msg); - } - - } finally { - runWithShellPermissionIdentity(() -> { - mLm.setLocationEnabledForUser(wasEnabled, user); - }); - } - } - -} -- cgit v1.2.3 From c1aeabee2213a67f4b37c9c2fed7161e02b3b524 Mon Sep 17 00:00:00 2001 From: priyank Date: Thu, 23 Jun 2022 01:38:12 -0700 Subject: update tests to account for the display area Screenshots bitmap is for the entire physical display. With multiple TDA its possible that application is not running on fullscreen. Tests should account for the bounds of the display area within which the activity is running. Bug: 228639659 Fix: 227422236 Test: atest AssistTestBase Change-Id: Ifc47c99942da534137abbd48520dbab5cf2f91d0 (cherry picked from commit 02912c6f74a2b4dacde1308ffb8d65baa155cdd4) --- .../tests/assist/common/src/android/assist/common/Utils.java | 1 + .../src/android/assist/service/MainInteractionSession.java | 11 +++++++++-- tests/tests/assist/src/android/assist/cts/AssistTestBase.java | 4 +++- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/tests/tests/assist/common/src/android/assist/common/Utils.java b/tests/tests/assist/common/src/android/assist/common/Utils.java index 0ffcb271093..98e857689cf 100755 --- a/tests/tests/assist/common/src/android/assist/common/Utils.java +++ b/tests/tests/assist/common/src/android/assist/common/Utils.java @@ -56,6 +56,7 @@ public class Utils { public static final String COMPARE_SCREENSHOT_KEY = "compare_screenshot"; public static final String DISPLAY_WIDTH_KEY = "display_width"; public static final String DISPLAY_HEIGHT_KEY = "dislay_height"; + public static final String DISPLAY_AREA_BOUNDS_KEY = "display_area_bounds"; public static final String SCROLL_X_POSITION = "scroll_x_position"; public static final String SCROLL_Y_POSITION = "scroll_y_position"; public static final String SHOW_SESSION_FLAGS_TO_SET = "show_session_flags_to_set"; diff --git a/tests/tests/assist/service/src/android/assist/service/MainInteractionSession.java b/tests/tests/assist/service/src/android/assist/service/MainInteractionSession.java index 7f35367333a..25c080b9c0c 100644 --- a/tests/tests/assist/service/src/android/assist/service/MainInteractionSession.java +++ b/tests/tests/assist/service/src/android/assist/service/MainInteractionSession.java @@ -56,6 +56,7 @@ public class MainInteractionSession extends VoiceInteractionSession { private int mCurColor; private int mDisplayHeight; private int mDisplayWidth; + private Rect mDisplayAreaBounds; private BroadcastReceiver mReceiver; private String mTestName; private View mContentView; @@ -106,7 +107,7 @@ public class MainInteractionSession extends VoiceInteractionSession { public void onPrepareShow(Bundle args, int showFlags) { if (Utils.LIFECYCLE_NOUI.equals(args.getString(Utils.TESTCASE_TYPE, ""))) { setUiEnabled(false); - } else { + } else { setUiEnabled(true); } } @@ -122,6 +123,7 @@ public class MainInteractionSession extends VoiceInteractionSession { mCurColor = args.getInt(Utils.SCREENSHOT_COLOR_KEY); mDisplayHeight = args.getInt(Utils.DISPLAY_HEIGHT_KEY); mDisplayWidth = args.getInt(Utils.DISPLAY_WIDTH_KEY); + mDisplayAreaBounds = args.getParcelable(Utils.DISPLAY_AREA_BOUNDS_KEY); mRemoteCallback = args.getParcelable(Utils.EXTRA_REMOTE_CALLBACK); super.onShow(args, showFlags); if (mContentView == null) return; // Happens when ui is not enabled. @@ -256,6 +258,11 @@ public class MainInteractionSession extends VoiceInteractionSession { int[] pixels = new int[size.x * size.y]; screenshot.getPixels(pixels, 0, size.x, 0, 0, size.x, size.y); + // screenshot bitmap contains the screenshot for the entire physical display. A single + // physical display could have multiple display area with different applications. + // Let's grab the region of the display area from the original screenshot. + Bitmap displayAreaScreenshot = Bitmap.createBitmap(screenshot, mDisplayAreaBounds.left, + mDisplayAreaBounds.top, mDisplayAreaBounds.width(), mDisplayAreaBounds.height()); int expectedColor = 0; for (int pixel : pixels) { // Check for roughly the same because there are rounding errors converting from the @@ -267,7 +274,7 @@ public class MainInteractionSession extends VoiceInteractionSession { } } - int pixelCount = screenshot.getWidth() * screenshot.getHeight(); + int pixelCount = displayAreaScreenshot.getWidth() * displayAreaScreenshot.getHeight(); double colorRatio = (double) expectedColor / pixelCount; Log.i(TAG, "the ratio is " + colorRatio); return colorRatio >= 0.6; diff --git a/tests/tests/assist/src/android/assist/cts/AssistTestBase.java b/tests/tests/assist/src/android/assist/cts/AssistTestBase.java index 44a3109a740..c89119bdea1 100644 --- a/tests/tests/assist/src/android/assist/cts/AssistTestBase.java +++ b/tests/tests/assist/src/android/assist/cts/AssistTestBase.java @@ -35,9 +35,9 @@ import android.content.ComponentName; import android.content.Context; import android.content.Intent; import android.graphics.Point; +import android.graphics.Rect; import android.os.Bundle; import android.os.Handler; -import android.os.HandlerThread; import android.os.LocaleList; import android.os.RemoteCallback; import android.provider.Settings; @@ -341,6 +341,8 @@ abstract class AssistTestBase { Display.Mode dMode = mTestActivity.getWindowManager().getDefaultDisplay().getMode(); mDisplaySize = new Point(dMode.getPhysicalWidth(), dMode.getPhysicalHeight()); } + Rect bounds = mTestActivity.getWindowManager().getMaximumWindowMetrics().getBounds(); + intent.putExtra(Utils.DISPLAY_AREA_BOUNDS_KEY, bounds); intent.putExtra(Utils.DISPLAY_WIDTH_KEY, mDisplaySize.x); intent.putExtra(Utils.DISPLAY_HEIGHT_KEY, mDisplaySize.y); } -- cgit v1.2.3 From a1deb7ceee15f0b4e5f916a4e1bc3018c8f4f908 Mon Sep 17 00:00:00 2001 From: Chris Li Date: Tue, 12 Jul 2022 12:57:22 +0800 Subject: Skip TaskFragmentTrustedModeTest for device not supporting AE Bug: 238587417 Test: atest CtsWindowManagerDeviceTestCases :TaskFragmentTrustedModeTest Change-Id: Ief707eb89d103b7c2e60a9f5c97f283a1b525938 Merged-In: Ief707eb89d103b7c2e60a9f5c97f283a1b525938 --- tests/framework/base/windowmanager/Android.bp | 1 + tests/framework/base/windowmanager/AndroidManifest.xml | 2 ++ .../android/server/wm/jetpack/utils/ActivityEmbeddingUtil.java | 10 ++++++++++ .../src/android/server/wm/TaskFragmentTrustedModeTest.java | 9 +++++++++ 4 files changed, 22 insertions(+) diff --git a/tests/framework/base/windowmanager/Android.bp b/tests/framework/base/windowmanager/Android.bp index 168ee3f24b6..b786d833b67 100644 --- a/tests/framework/base/windowmanager/Android.bp +++ b/tests/framework/base/windowmanager/Android.bp @@ -67,6 +67,7 @@ android_test { "cts-wm-overlayapp-base", "cts-wm-shared", "platform-compat-test-rules", + "cts_window_jetpack_utils", ], test_suites: [ diff --git a/tests/framework/base/windowmanager/AndroidManifest.xml b/tests/framework/base/windowmanager/AndroidManifest.xml index 39c3d3ecbfd..1a86422e02c 100644 --- a/tests/framework/base/windowmanager/AndroidManifest.xml +++ b/tests/framework/base/windowmanager/AndroidManifest.xml @@ -38,6 +38,8 @@ android:enableOnBackInvokedCallback="true" android:testOnly="true"> + splitInfoList, @NonNull Activity primaryActivity, @NonNull Activity secondaryActivity) { assertFalse("Split info callback should not be empty", splitInfoList.isEmpty()); diff --git a/tests/framework/base/windowmanager/src/android/server/wm/TaskFragmentTrustedModeTest.java b/tests/framework/base/windowmanager/src/android/server/wm/TaskFragmentTrustedModeTest.java index 385a5af9ed6..c13c4eec7f8 100644 --- a/tests/framework/base/windowmanager/src/android/server/wm/TaskFragmentTrustedModeTest.java +++ b/tests/framework/base/windowmanager/src/android/server/wm/TaskFragmentTrustedModeTest.java @@ -18,6 +18,7 @@ package android.server.wm; import static android.server.wm.WindowManagerState.STATE_RESUMED; import static android.server.wm.jetpack.second.Components.SECOND_UNTRUSTED_EMBEDDING_ACTIVITY; +import static android.server.wm.jetpack.utils.ActivityEmbeddingUtil.assumeActivityEmbeddingSupportedDevice; import static com.google.common.truth.Truth.assertThat; @@ -39,6 +40,7 @@ import android.window.WindowContainerTransaction; import androidx.annotation.NonNull; +import org.junit.Before; import org.junit.Test; /** @@ -52,6 +54,13 @@ public class TaskFragmentTrustedModeTest extends TaskFragmentOrganizerTestBase { private final ComponentName mTranslucentActivity = new ComponentName(mContext, TranslucentActivity.class); + @Before + @Override + public void setUp() throws Exception { + super.setUp(); + assumeActivityEmbeddingSupportedDevice(); + } + /** * Verifies the visibility of a task fragment that has overlays on top of activities embedded * in untrusted mode when there is an overlay over the task fragment. -- cgit v1.2.3 From d0510d741d2d5980b1851649f9e1282ddf551395 Mon Sep 17 00:00:00 2001 From: Chao Meng Date: Tue, 12 Jul 2022 03:31:45 +0000 Subject: Revert "Fix cts failures of BT Le PeriodicAdvertising Test" This reverts commit e85d521a628799ade8d76c0cfac08b254afc7767. Reason for revert: commit 1e87a74d9f327afc7887d2b507a3d1a0436a4521 has merged for same issue Skip periodic advertising test if not supported by BT controller Bug: 237059340 Change-Id: I8a8286959db90c500be2e67025667aab31718235 Test: Run CtsVerifier->Bluetooth Test -> Bluetooth LE Advertiser Test -> Bluetooth LE Advertising Set Test Change-Id: I201098046dedf3e964b8ba44d6e222fdf4b5efc6 (cherry picked from commit 562cbe38292802e1a7256178fbf92a2446fd8821) --- .../bluetooth/BleAdvertisingSetTestActivity.java | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/apps/CtsVerifier/src/com/android/cts/verifier/bluetooth/BleAdvertisingSetTestActivity.java b/apps/CtsVerifier/src/com/android/cts/verifier/bluetooth/BleAdvertisingSetTestActivity.java index 07a70c69cb4..164992b94a9 100644 --- a/apps/CtsVerifier/src/com/android/cts/verifier/bluetooth/BleAdvertisingSetTestActivity.java +++ b/apps/CtsVerifier/src/com/android/cts/verifier/bluetooth/BleAdvertisingSetTestActivity.java @@ -99,11 +99,6 @@ public class BleAdvertisingSetTestActivity extends PassFailButtons.Activity { R.string.ble_advertising_set_test_info, -1); getPassButton().setEnabled(false); - mBluetoothManager = getSystemService(BluetoothManager.class); - mBluetoothAdapter = mBluetoothManager.getAdapter(); - mAdvertiser = mBluetoothAdapter.getBluetoothLeAdvertiser(); - mCallback = new TestAdvertisingSetCallback(); - mTestAdapter = new TestAdapter(this, setupTestList()); ListView listView = findViewById(R.id.ble_advertising_set_tests); listView.setAdapter(mTestAdapter); @@ -133,9 +128,7 @@ public class BleAdvertisingSetTestActivity extends PassFailButtons.Activity { testEnableAndDisableAdvertising(); testSetAdvertisingData(); testSetAdvertisingParameters(); - if (mBluetoothAdapter.isLePeriodicAdvertisingSupported()) { - testPeriodicAdvertising(); - } + testPeriodicAdvertising(); testSetScanResponseData(); stopAdvertisingSet(); } catch (InterruptedException e) { @@ -167,6 +160,11 @@ public class BleAdvertisingSetTestActivity extends PassFailButtons.Activity { }); mAllTestsPassed = 0; + + mBluetoothManager = getSystemService(BluetoothManager.class); + mBluetoothAdapter = mBluetoothManager.getAdapter(); + mAdvertiser = mBluetoothAdapter.getBluetoothLeAdvertiser(); + mCallback = new TestAdvertisingSetCallback(); } private void startAdvertisingSet() throws InterruptedException { @@ -323,11 +321,9 @@ public class BleAdvertisingSetTestActivity extends PassFailButtons.Activity { testList.add(R.string.ble_advertising_set_enable_disable); testList.add(R.string.ble_advertising_set_advertising_data); testList.add(R.string.ble_advertising_set_advertising_params); - if (mBluetoothAdapter.isLePeriodicAdvertisingSupported()) { - testList.add(R.string.ble_advertising_set_periodic_advertising_data); - testList.add(R.string.ble_advertising_set_periodic_advertising_enabled_disabled); - testList.add(R.string.ble_advertising_set_periodic_advertising_params); - } + testList.add(R.string.ble_advertising_set_periodic_advertising_data); + testList.add(R.string.ble_advertising_set_periodic_advertising_enabled_disabled); + testList.add(R.string.ble_advertising_set_periodic_advertising_params); testList.add(R.string.ble_advertising_set_scan_response_data); testList.add(R.string.ble_advertising_set_stop); return testList; -- cgit v1.2.3 From cc29d405ffb0f746c5d761ec07564a0ec794e0e8 Mon Sep 17 00:00:00 2001 From: Shubhi Date: Wed, 6 Jul 2022 18:13:15 +0000 Subject: Add test to check rename restrictions Add test to check that rename restrictions are applied on both emulated and public volumes. Also test that we are not able to move files directly in the media directory. Bug: 177049768 Test: atest ScopedStorageDeviceTest#testRenameFileToExternalDir Change-Id: Ib293c4b9890599139f4006d41e2f1f7efe37a29f --- .../cts/device/ScopedStorageDeviceTest.java | 31 ++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/hostsidetests/scopedstorage/device/src/android/scopedstorage/cts/device/ScopedStorageDeviceTest.java b/hostsidetests/scopedstorage/device/src/android/scopedstorage/cts/device/ScopedStorageDeviceTest.java index 099a0ab7276..35cb549c529 100644 --- a/hostsidetests/scopedstorage/device/src/android/scopedstorage/cts/device/ScopedStorageDeviceTest.java +++ b/hostsidetests/scopedstorage/device/src/android/scopedstorage/cts/device/ScopedStorageDeviceTest.java @@ -1771,6 +1771,37 @@ public class ScopedStorageDeviceTest extends ScopedStorageBaseDeviceTest { } } + /** + * Test that renaming file paths to an external directory such as Android/* and Android/* /* + * except Android/media/* /* is not allowed. + */ + @Test + public void testRenameFileToAppSpecificDir() throws Exception { + final File testFile = new File(getExternalMediaDir(), IMAGE_FILE_NAME); + final File testFileNew = new File(getExternalMediaDir(), NONMEDIA_FILE_NAME); + + try { + // Create a file in app's external media directory + if (!testFile.exists()) { + assertThat(testFile.createNewFile()).isTrue(); + } + + final String androidDirPath = getExternalStorageDir().getPath() + "/Android"; + + // Verify that we can't rename a file to Android/ or Android/data or + // Android/media directory + assertCantRenameFile(testFile, new File(androidDirPath, IMAGE_FILE_NAME)); + assertCantRenameFile(testFile, new File(androidDirPath + "/data", IMAGE_FILE_NAME)); + assertCantRenameFile(testFile, new File(androidDirPath + "/media", IMAGE_FILE_NAME)); + + // Verify that we can rename a file to app specific media directory. + assertCanRenameFile(testFile, testFileNew); + } finally { + testFile.delete(); + testFileNew.delete(); + } + } + /** * Test that renaming directories is allowed and aligns to default directory restrictions. */ -- cgit v1.2.3 From 3ad6f3d27384599e03cfa64a0d28bc91eb81b2c9 Mon Sep 17 00:00:00 2001 From: Rucha Katakwar Date: Tue, 12 Jul 2022 10:25:05 -0700 Subject: CameraITS:Use the chart_dist value from config. Bug: 238402304 Change-Id: Ib3cb2bedd9dd4f2fd67581694783b9c56bb697ad --- apps/CameraITS/tests/scene4/test_preview_stabilization_fov.py | 2 +- apps/CameraITS/tests/scene4/test_video_aspect_ratio_and_crop.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/CameraITS/tests/scene4/test_preview_stabilization_fov.py b/apps/CameraITS/tests/scene4/test_preview_stabilization_fov.py index 3959b42ef27..95cf0cb3b0c 100644 --- a/apps/CameraITS/tests/scene4/test_preview_stabilization_fov.py +++ b/apps/CameraITS/tests/scene4/test_preview_stabilization_fov.py @@ -141,7 +141,7 @@ class PreviewStabilizationFoVTest(its_base_test.ItsBaseTest): # Load scene. its_session_utils.load_scene(cam, props, self.scene, - self.tablet, chart_distance=0) + self.tablet, self.chart_distance) # Check skip condition first_api_level = its_session_utils.get_first_api_level(self.dut.serial) diff --git a/apps/CameraITS/tests/scene4/test_video_aspect_ratio_and_crop.py b/apps/CameraITS/tests/scene4/test_video_aspect_ratio_and_crop.py index 6eaca195c22..8562ba474cf 100644 --- a/apps/CameraITS/tests/scene4/test_video_aspect_ratio_and_crop.py +++ b/apps/CameraITS/tests/scene4/test_video_aspect_ratio_and_crop.py @@ -143,7 +143,7 @@ class VideoAspectRatioAndCropTest(its_base_test.ItsBaseTest): # Load scene. its_session_utils.load_scene(cam, props, self.scene, - self.tablet, chart_distance=0) + self.tablet, self.chart_distance) # Determine camera capabilities. supported_video_qualities = cam.get_supported_video_qualities( -- cgit v1.2.3 From abf92c96597f800b150db5552926d03c9e792e85 Mon Sep 17 00:00:00 2001 From: Jayant Chowdhary Date: Thu, 23 Jun 2022 10:52:22 -0700 Subject: ITS scene4 preview stabilization: Update MAX_DIMENSION_SIZE to match updated mandatory streams. Also fix error in calculate_center_offset_threshold where we were returning pixel values instead of a threshold percentage ratio. Bug: 236889153 Test: test_preview_stabilization_fov.py still passes on device advertising preview stabilization Test: Log center threshold values and confirm they're not pixel values, they're a percent ratio Merged-In: Ia65cda36ec8a4bb8ec22ff631791ac335f1401e3 Change-Id: Ia65cda36ec8a4bb8ec22ff631791ac335f1401e3 Signed-off-by: Jayant Chowdhary (cherry picked from commit 1d0c54e165df4e3754dcf2d407b9ec8a63b573c1) --- .../tests/scene4/test_preview_stabilization_fov.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/apps/CameraITS/tests/scene4/test_preview_stabilization_fov.py b/apps/CameraITS/tests/scene4/test_preview_stabilization_fov.py index 3959b42ef27..1f5b7c0bad9 100644 --- a/apps/CameraITS/tests/scene4/test_preview_stabilization_fov.py +++ b/apps/CameraITS/tests/scene4/test_preview_stabilization_fov.py @@ -35,7 +35,7 @@ _MAX_STABILIZED_RADIUS_RATIO = 1.2 # radius of circle in stabilized preview _ROUNDESS_DELTA_THRESHOLD = 0.05 _MAX_CENTER_THRESHOLD_PERCENT = 0.075 -_MAX_DIMENSION_SIZE = (1920, 1080) # max preview size in Android +_MAX_DIMENSION_SIZE = (1920, 1440) # max mandatory preview stream resolution _MIN_CENTER_THRESHOLD_PERCENT = 0.02 _MIN_DIMENSION_SIZE = (176, 144) # assume QCIF to be min preview size @@ -90,7 +90,7 @@ def _calculate_center_offset_threshold(image_size): calculated. ex. (1920, 1080) Returns: - threshold value in pixels be which the circle centers can differ + threshold value ratio between which the circle centers can differ """ max_diagonal = _point_distance(0, 0, @@ -103,14 +103,17 @@ def _calculate_center_offset_threshold(image_size): normalized_diagonal = ((img_diagonal - min_diagonal) / (max_diagonal - min_diagonal)) + if normalized_diagonal > 1 or normalized_diagonal < 0: + raise AssertionError(f'normalized diagonal > 1 or < 0!' + f' img_diag: {img_diagonal}, ' + f' normalized_diagonal: {normalized_diagonal}') + # Threshold should be larger for images with smaller resolution normalized_threshold_percent = ((1 - normalized_diagonal) * (_MAX_CENTER_THRESHOLD_PERCENT - _MIN_CENTER_THRESHOLD_PERCENT)) - return ((normalized_threshold_percent + _MIN_CENTER_THRESHOLD_PERCENT) - * img_diagonal) - + return (normalized_threshold_percent + _MIN_CENTER_THRESHOLD_PERCENT) class PreviewStabilizationFoVTest(its_base_test.ItsBaseTest): """Tests if stabilized preview FoV is within spec. -- cgit v1.2.3 From 1572fcc4ee1620e74bc9b042cf8923f9868b347e Mon Sep 17 00:00:00 2001 From: zhujiatai Date: Fri, 8 Jul 2022 08:37:18 +0800 Subject: init wifi state before run multista test Bug: 238353617 Signed-off-by: zhujiatai Change-Id: Id171c2589f5eb97004c3050fbe1f04fb185ba6c7 --- .../net/wifi/cts/MultiStaConcurrencyMultiInternetWifiNetworkTest.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/tests/wifi/src/android/net/wifi/cts/MultiStaConcurrencyMultiInternetWifiNetworkTest.java b/tests/tests/wifi/src/android/net/wifi/cts/MultiStaConcurrencyMultiInternetWifiNetworkTest.java index b61f11db59f..314d0975c73 100644 --- a/tests/tests/wifi/src/android/net/wifi/cts/MultiStaConcurrencyMultiInternetWifiNetworkTest.java +++ b/tests/tests/wifi/src/android/net/wifi/cts/MultiStaConcurrencyMultiInternetWifiNetworkTest.java @@ -151,6 +151,8 @@ public class MultiStaConcurrencyMultiInternetWifiNetworkTest extends WifiJUnit4T () -> wifiManager.setScanThrottleEnabled(false)); // Enable Wifi + sWasWifiEnabled = ShellIdentityUtils.invokeWithShellPermissions( + () -> wifiManager.isWifiEnabled()); ShellIdentityUtils.invokeWithShellPermissions(() -> wifiManager.setWifiEnabled(true)); // Make sure wifi is enabled PollingCheck.check("Wifi not enabled", DURATION_MILLIS, () -> wifiManager.isWifiEnabled()); -- cgit v1.2.3 From eb289add1876d9855b7f7fc0ee2743cecf5e7ec2 Mon Sep 17 00:00:00 2001 From: Harish Mahendrakar Date: Thu, 23 Jun 2022 15:52:47 -0700 Subject: CodecInfoTest: Make P010 test conditional based on HDR display For devices launching with T, all codecs that advertised 10-bit profiles were mandated to support P010 format. This is now mandated only if device has HDR display. That is a device that doesn't support HDR display, can advertise 10-bit profiles without supporting P010 format. Bug: 236589866 Test: atest CtsMediaV2TestCases:CodecInfoTest Change-Id: Ic36611b26175815716e0b92a9beab040fe39082b --- tests/media/src/android/mediav2/cts/CodecInfoTest.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/media/src/android/mediav2/cts/CodecInfoTest.java b/tests/media/src/android/mediav2/cts/CodecInfoTest.java index 5f9aa09c891..39b90fff698 100644 --- a/tests/media/src/android/mediav2/cts/CodecInfoTest.java +++ b/tests/media/src/android/mediav2/cts/CodecInfoTest.java @@ -158,10 +158,10 @@ public class CodecInfoTest { .noneMatch(x -> x == COLOR_FormatSurface)); } - // For devices launching with Android T, if a codec supports an HDR profile, it must - // advertise P010 support + // For devices launching with Android T, if a codec supports an HDR profile and device + // supports HDR display, it must advertise P010 support int[] HdrProfileArray = mProfileHdrMap.get(mMediaType); - if (FIRST_SDK_IS_AT_LEAST_T && HdrProfileArray != null) { + if (FIRST_SDK_IS_AT_LEAST_T && HdrProfileArray != null && DISPLAY_HDR_TYPES.length > 0) { for (CodecProfileLevel pl : caps.profileLevels) { if (IntStream.of(HdrProfileArray).anyMatch(x -> x == pl.profile)) { assertFalse(mCodecInfo.getName() + " supports HDR profile " + pl.profile + "," + -- cgit v1.2.3 From 14e9b12677c4aedd6c0770881b9101f3dd9eaee4 Mon Sep 17 00:00:00 2001 From: Raphael Kim Date: Thu, 7 Jul 2022 22:59:33 -0700 Subject: Remove reference to a hidden method from CTS. Bug: 237990055 Test: Manually tested on a device Change-Id: I0981ec009bdace341b76c22b459eeab2f17cce8 (cherry picked from commit 62ebc9d960c52c615043429c84d4a3ca136fbd08) Change-Id: I6a3d40219f0415f80102a740f56bf5cbba7268ea --- .../companion/CompanionDeviceServiceTestActivity.java | 13 +++++++++---- .../cts/verifier/companion/DevicePresenceListener.java | 4 ++-- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/apps/CtsVerifier/src/com/android/cts/verifier/companion/CompanionDeviceServiceTestActivity.java b/apps/CtsVerifier/src/com/android/cts/verifier/companion/CompanionDeviceServiceTestActivity.java index b8b96023cb7..97ec07acf78 100644 --- a/apps/CtsVerifier/src/com/android/cts/verifier/companion/CompanionDeviceServiceTestActivity.java +++ b/apps/CtsVerifier/src/com/android/cts/verifier/companion/CompanionDeviceServiceTestActivity.java @@ -118,7 +118,7 @@ public class CompanionDeviceServiceTestActivity extends PassFailButtons.Activity /** Stop observing to associated device and then disassociate. */ private void disassociate(AssociationInfo association) { - String deviceAddress = association.getDeviceMacAddressAsString(); + String deviceAddress = association.getDeviceMacAddress().toString(); mCompanionDeviceManager.stopObservingDevicePresence(deviceAddress); mCompanionDeviceManager.disassociate(association.getId()); Log.d(LOG_TAG, "Disassociated with device: " + deviceAddress); @@ -142,11 +142,14 @@ public class CompanionDeviceServiceTestActivity extends PassFailButtons.Activity AssociationInfo association = data.getParcelableExtra(CompanionDeviceManager.EXTRA_ASSOCIATION, AssociationInfo.class); - String deviceAddress = association.getDeviceMacAddressAsString(); // This test is for bluetooth devices, which should all have a MAC address. - if (deviceAddress == null) fail("The device was present but its address was null."); + if (association == null || association.getDeviceMacAddress() == null) { + fail("The device was present but its address was null."); + return; + } + String deviceAddress = association.getDeviceMacAddress().toString(); mCompanionDeviceManager.startObservingDevicePresence(deviceAddress); mCurrentAssociation = getAssociation(association.getId()); Log.d(LOG_TAG, "Associated with device: " + deviceAddress); @@ -285,7 +288,9 @@ public class CompanionDeviceServiceTestActivity extends PassFailButtons.Activity @Override boolean verify() { // Check that it is associated and being observed. - return mCurrentAssociation != null && mCurrentAssociation.isNotifyOnDeviceNearby(); + // Bypass inaccessible AssociationInfo#isNotifyOnDeviceNearby() with toString() + return mCurrentAssociation != null + && mCurrentAssociation.toString().contains("mNotifyOnDeviceNearby=true"); } } diff --git a/apps/CtsVerifier/src/com/android/cts/verifier/companion/DevicePresenceListener.java b/apps/CtsVerifier/src/com/android/cts/verifier/companion/DevicePresenceListener.java index 37760d54440..11829c3d4b7 100644 --- a/apps/CtsVerifier/src/com/android/cts/verifier/companion/DevicePresenceListener.java +++ b/apps/CtsVerifier/src/com/android/cts/verifier/companion/DevicePresenceListener.java @@ -45,7 +45,7 @@ public class DevicePresenceListener extends CompanionDeviceService { @Override public void onDeviceAppeared(AssociationInfo association) { NEARBY_DEVICES.add(association.getId()); - String message = "Device appeared: " + association.getDeviceMacAddressAsString(); + String message = "Device appeared: " + association.getDeviceMacAddress(); Log.d(LOG_TAG, message); Toast.makeText(this, message, Toast.LENGTH_LONG).show(); } @@ -53,7 +53,7 @@ public class DevicePresenceListener extends CompanionDeviceService { @Override public void onDeviceDisappeared(AssociationInfo association) { NEARBY_DEVICES.remove(association.getId()); - String message = "Device disappeared: " + association.getDeviceMacAddressAsString(); + String message = "Device disappeared: " + association.getDeviceMacAddress(); Log.d(LOG_TAG, message); Toast.makeText(this, message, Toast.LENGTH_LONG).show(); } -- cgit v1.2.3 From 0694b9e3f8de7cb71fb21f29ee5b3de35ba96bf8 Mon Sep 17 00:00:00 2001 From: kholoud mohamed Date: Wed, 13 Jul 2022 10:43:18 +0100 Subject: Annotate CDD requirment tests Bug: 205290243 Test: N/A Change-Id: Iefeac3f253a77eac47bfdc8a39069df061425e8a --- .../android/devicepolicy/cts/DevicePolicyManagementRoleHolderTest.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/devicepolicy/src/android/devicepolicy/cts/DevicePolicyManagementRoleHolderTest.java b/tests/devicepolicy/src/android/devicepolicy/cts/DevicePolicyManagementRoleHolderTest.java index 286ccae00a8..eee4b10d821 100644 --- a/tests/devicepolicy/src/android/devicepolicy/cts/DevicePolicyManagementRoleHolderTest.java +++ b/tests/devicepolicy/src/android/devicepolicy/cts/DevicePolicyManagementRoleHolderTest.java @@ -65,6 +65,7 @@ import com.android.bedstead.nene.utils.Poll; import com.android.bedstead.remotedpc.RemoteDpc; import com.android.bedstead.testapp.TestApp; import com.android.bedstead.testapp.TestAppInstance; +import com.android.compatibility.common.util.CddTest; import com.android.eventlib.truth.EventLogsSubject; import com.android.queryable.queries.ActivityQuery; @@ -140,6 +141,7 @@ public class DevicePolicyManagementRoleHolderTest { @EnsureHasNoDpc @EnsureHasNoSecondaryUser @Test + @CddTest(requirements = {"3.9.4/C-3-1"}) public void createAndProvisionManagedProfile_roleHolderIsInWorkProfile() throws ProvisioningException, InterruptedException { UserHandle profile = null; @@ -173,6 +175,7 @@ public class DevicePolicyManagementRoleHolderTest { @RequireRunOnPrimaryUser @EnsureHasNoSecondaryUser @Test + @CddTest(requirements = {"3.9.4/C-3-1"}) public void createAndManageUser_roleHolderIsInManagedUser() throws InterruptedException { UserHandle managedUser = null; String roleHolderPackageName = null; -- cgit v1.2.3 From 91b8299f7c4550034e873fb9c5e796b79adba66b Mon Sep 17 00:00:00 2001 From: Sterling Huber Date: Tue, 12 Jul 2022 13:56:41 -0700 Subject: Add STS version of CTS testcase Bug: 231496105 Test: sts-tradefed run sts-dynamic-develop -m CtsSecurityTestCases -t android.security.cts.LocationDisabledAppOpsTest Change-Id: I5e939e2615832be9c6c3e17f51e2f336bc0da444 Merged-In: I5e939e2615832be9c6c3e17f51e2f336bc0da444 --- .../security/cts/LocationDisabledAppOpsTest.java | 132 +++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 tests/tests/security/src/android/security/cts/LocationDisabledAppOpsTest.java diff --git a/tests/tests/security/src/android/security/cts/LocationDisabledAppOpsTest.java b/tests/tests/security/src/android/security/cts/LocationDisabledAppOpsTest.java new file mode 100644 index 00000000000..c6b7e35b4ef --- /dev/null +++ b/tests/tests/security/src/android/security/cts/LocationDisabledAppOpsTest.java @@ -0,0 +1,132 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security.cts; + +import static android.app.AppOpsManager.MODE_ALLOWED; +import static android.app.AppOpsManager.OPSTR_FINE_LOCATION; + +import static com.android.compatibility.common.util.SystemUtil.eventually; +import static com.android.compatibility.common.util.SystemUtil.runWithShellPermissionIdentity; + +import android.app.ActivityManager; +import android.app.AppOpsManager; +import android.content.Context; +import android.content.pm.ApplicationInfo; +import android.content.pm.PackageInfo; +import android.location.LocationManager; +import android.os.PackageTagsList; +import android.os.Process; +import android.os.UserHandle; +import android.platform.test.annotations.AsbSecurityTest; + +import androidx.test.InstrumentationRegistry; +import androidx.test.runner.AndroidJUnit4; + +import com.android.sts.common.util.StsExtraBusinessLogicTestCase; + +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; + +import java.util.ArrayList; +import java.util.List; + +@RunWith(AndroidJUnit4.class) +public class LocationDisabledAppOpsTest extends StsExtraBusinessLogicTestCase { + + private final Context mContext = InstrumentationRegistry.getContext(); + private LocationManager mLm; + private AppOpsManager mAom; + + @Before + public void setUp() { + mLm = mContext.getSystemService(LocationManager.class); + mAom = mContext.getSystemService(AppOpsManager.class); + } + + @Test + @AsbSecurityTest(cveBugId = 231496105) + public void testLocationAppOpIsIgnoredForAppsWhenLocationIsDisabled() { + PackageTagsList ignoreList = mLm.getIgnoreSettingsAllowlist(); + + UserHandle[] userArr = {UserHandle.SYSTEM}; + runWithShellPermissionIdentity(() -> { + userArr[0] = UserHandle.of(ActivityManager.getCurrentUser()); + }); + + UserHandle user = userArr[0]; + + boolean wasEnabled = mLm.isLocationEnabledForUser(user); + + try { + runWithShellPermissionIdentity(() -> { + mLm.setLocationEnabledForUser(false, user); + }); + List pkgs = + mContext.getPackageManager().getInstalledPackagesAsUser( + 0, user.getIdentifier()); + + eventually(() -> { + List bypassedNoteOps = new ArrayList<>(); + List bypassedCheckOps = new ArrayList<>(); + for (PackageInfo pi : pkgs) { + ApplicationInfo ai = pi.applicationInfo; + if (ai.uid != Process.SYSTEM_UID) { + final int[] mode = {MODE_ALLOWED}; + runWithShellPermissionIdentity(() -> { + mode[0] = mAom.noteOpNoThrow( + OPSTR_FINE_LOCATION, ai.uid, ai.packageName); + }); + if (mode[0] == MODE_ALLOWED && !ignoreList.containsAll(pi.packageName)) { + bypassedNoteOps.add(pi.packageName); + } + + + mode[0] = MODE_ALLOWED; + runWithShellPermissionIdentity(() -> { + mode[0] = mAom + .checkOpNoThrow(OPSTR_FINE_LOCATION, ai.uid, ai.packageName); + }); + if (mode[0] == MODE_ALLOWED && !ignoreList.includes(pi.packageName)) { + bypassedCheckOps.add(pi.packageName); + } + + } + } + + String msg = ""; + if (!bypassedNoteOps.isEmpty()) { + msg += "Apps which still have access from noteOp " + bypassedNoteOps; + } + if (!bypassedCheckOps.isEmpty()) { + msg += (msg.isEmpty() ? "" : "\n\n") + + "Apps which still have access from checkOp " + bypassedCheckOps; + } + if (!msg.isEmpty()) { + Assert.fail(msg); + } + }); + } finally { + runWithShellPermissionIdentity(() -> { + mLm.setLocationEnabledForUser(wasEnabled, user); + }); + } + } + +} + -- cgit v1.2.3 From 4538a5b1c234ceb8d0d34dad2066fbb45fb8345e Mon Sep 17 00:00:00 2001 From: Sterling Huber Date: Tue, 12 Jul 2022 13:56:41 -0700 Subject: Add STS version of CTS testcase Bug: 231496105 Test: sts-tradefed run sts-dynamic-develop -m CtsSecurityTestCases -t android.security.cts.LocationDisabledAppOpsTest Change-Id: I5e939e2615832be9c6c3e17f51e2f336bc0da444 --- .../security/cts/LocationDisabledAppOpsTest.java | 132 +++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 tests/tests/security/src/android/security/cts/LocationDisabledAppOpsTest.java diff --git a/tests/tests/security/src/android/security/cts/LocationDisabledAppOpsTest.java b/tests/tests/security/src/android/security/cts/LocationDisabledAppOpsTest.java new file mode 100644 index 00000000000..c6b7e35b4ef --- /dev/null +++ b/tests/tests/security/src/android/security/cts/LocationDisabledAppOpsTest.java @@ -0,0 +1,132 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.security.cts; + +import static android.app.AppOpsManager.MODE_ALLOWED; +import static android.app.AppOpsManager.OPSTR_FINE_LOCATION; + +import static com.android.compatibility.common.util.SystemUtil.eventually; +import static com.android.compatibility.common.util.SystemUtil.runWithShellPermissionIdentity; + +import android.app.ActivityManager; +import android.app.AppOpsManager; +import android.content.Context; +import android.content.pm.ApplicationInfo; +import android.content.pm.PackageInfo; +import android.location.LocationManager; +import android.os.PackageTagsList; +import android.os.Process; +import android.os.UserHandle; +import android.platform.test.annotations.AsbSecurityTest; + +import androidx.test.InstrumentationRegistry; +import androidx.test.runner.AndroidJUnit4; + +import com.android.sts.common.util.StsExtraBusinessLogicTestCase; + +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; + +import java.util.ArrayList; +import java.util.List; + +@RunWith(AndroidJUnit4.class) +public class LocationDisabledAppOpsTest extends StsExtraBusinessLogicTestCase { + + private final Context mContext = InstrumentationRegistry.getContext(); + private LocationManager mLm; + private AppOpsManager mAom; + + @Before + public void setUp() { + mLm = mContext.getSystemService(LocationManager.class); + mAom = mContext.getSystemService(AppOpsManager.class); + } + + @Test + @AsbSecurityTest(cveBugId = 231496105) + public void testLocationAppOpIsIgnoredForAppsWhenLocationIsDisabled() { + PackageTagsList ignoreList = mLm.getIgnoreSettingsAllowlist(); + + UserHandle[] userArr = {UserHandle.SYSTEM}; + runWithShellPermissionIdentity(() -> { + userArr[0] = UserHandle.of(ActivityManager.getCurrentUser()); + }); + + UserHandle user = userArr[0]; + + boolean wasEnabled = mLm.isLocationEnabledForUser(user); + + try { + runWithShellPermissionIdentity(() -> { + mLm.setLocationEnabledForUser(false, user); + }); + List pkgs = + mContext.getPackageManager().getInstalledPackagesAsUser( + 0, user.getIdentifier()); + + eventually(() -> { + List bypassedNoteOps = new ArrayList<>(); + List bypassedCheckOps = new ArrayList<>(); + for (PackageInfo pi : pkgs) { + ApplicationInfo ai = pi.applicationInfo; + if (ai.uid != Process.SYSTEM_UID) { + final int[] mode = {MODE_ALLOWED}; + runWithShellPermissionIdentity(() -> { + mode[0] = mAom.noteOpNoThrow( + OPSTR_FINE_LOCATION, ai.uid, ai.packageName); + }); + if (mode[0] == MODE_ALLOWED && !ignoreList.containsAll(pi.packageName)) { + bypassedNoteOps.add(pi.packageName); + } + + + mode[0] = MODE_ALLOWED; + runWithShellPermissionIdentity(() -> { + mode[0] = mAom + .checkOpNoThrow(OPSTR_FINE_LOCATION, ai.uid, ai.packageName); + }); + if (mode[0] == MODE_ALLOWED && !ignoreList.includes(pi.packageName)) { + bypassedCheckOps.add(pi.packageName); + } + + } + } + + String msg = ""; + if (!bypassedNoteOps.isEmpty()) { + msg += "Apps which still have access from noteOp " + bypassedNoteOps; + } + if (!bypassedCheckOps.isEmpty()) { + msg += (msg.isEmpty() ? "" : "\n\n") + + "Apps which still have access from checkOp " + bypassedCheckOps; + } + if (!msg.isEmpty()) { + Assert.fail(msg); + } + }); + } finally { + runWithShellPermissionIdentity(() -> { + mLm.setLocationEnabledForUser(wasEnabled, user); + }); + } + } + +} + -- cgit v1.2.3 From 00246ac9346cc4ef95d01e4dacac50df64e65966 Mon Sep 17 00:00:00 2001 From: Karthik Ramakrishnan Date: Wed, 13 Jul 2022 22:25:15 +0000 Subject: CtsVerifier: Disable User Consent for Device logs for automotive This shows user consent when logcat runs in foreground or foreground service. Running in secondary user is not in scope. Bug: 223758902 Test: CtsVerifier. Test does not show up for automotive Change-Id: I1da7ee5ebde864f2c9239b85c27733ebe7a9f16e --- apps/CtsVerifier/AndroidManifest.xml | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/CtsVerifier/AndroidManifest.xml b/apps/CtsVerifier/AndroidManifest.xml index d26b02bb23c..7bffa69c620 100644 --- a/apps/CtsVerifier/AndroidManifest.xml +++ b/apps/CtsVerifier/AndroidManifest.xml @@ -6191,6 +6191,7 @@ + Date: Wed, 13 Jul 2022 23:12:19 +0000 Subject: Update Clipboard Test to reflect new CDD language This test now only asks the tester to confirm that a confirmation was generated, and also that redaction occurs if a preview is generated. Test: Manual Test on P21 Change-Id: I2765fd78d8f0134cec52cc649d50c5dc3834e80e --- apps/CtsVerifier/AndroidManifest.xml | 1 + apps/CtsVerifier/res/layout/clipboard_preview.xml | 80 -------------- apps/CtsVerifier/res/values/strings.xml | 6 +- .../clipboard/ClipboardPreviewTestActivity.java | 115 +++------------------ 4 files changed, 20 insertions(+), 182 deletions(-) diff --git a/apps/CtsVerifier/AndroidManifest.xml b/apps/CtsVerifier/AndroidManifest.xml index d26b02bb23c..3f983e034e7 100644 --- a/apps/CtsVerifier/AndroidManifest.xml +++ b/apps/CtsVerifier/AndroidManifest.xml @@ -248,6 +248,7 @@ + diff --git a/apps/CtsVerifier/res/layout/clipboard_preview.xml b/apps/CtsVerifier/res/layout/clipboard_preview.xml index 85f38c8eef7..efec118cb4d 100644 --- a/apps/CtsVerifier/res/layout/clipboard_preview.xml +++ b/apps/CtsVerifier/res/layout/clipboard_preview.xml @@ -31,86 +31,6 @@ android:layout_marginBottom="100dp" android:layout_marginTop="30dp" android:text="@string/clipboard_preview_test_copy_button"/> - - - - -