Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
halo
cts
Commits
3033f941
Commit
3033f941
authored
10 years ago
by
dcashman
Committed by
Gerrit Code Review
10 years ago
Browse files
Options
Download
Plain Diff
Merge "Remove ineffective sock_diag cts test."
parents
3551f488
247db5d5
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
0 additions
and
99 deletions
+0
-99
tests/tests/security/jni/android_security_cts_NativeCodeTest.cpp
...ests/security/jni/android_security_cts_NativeCodeTest.cpp
+0
-87
tests/tests/security/src/android/security/cts/NativeCodeTest.java
...sts/security/src/android/security/cts/NativeCodeTest.java
+0
-12
No files found.
tests/tests/security/jni/android_security_cts_NativeCodeTest.cpp
View file @
3033f941
...
...
@@ -16,10 +16,6 @@
#include <jni.h>
#include <linux/futex.h>
#include <linux/netlink.h>
#include <linux/sock_diag.h>
#include <stdio.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/syscall.h>
#include <unistd.h>
...
...
@@ -38,9 +34,6 @@
#include <inttypes.h>
#include <linux/sysctl.h>
#define PASSED 0
#define UNKNOWN_ERROR -1
/*
* Returns true iff this device is vulnerable to CVE-2013-2094.
* A patch for CVE-2013-2094 can be found at
...
...
@@ -89,84 +82,6 @@ static jboolean android_security_cts_NativeCodeTest_doPerfEventTest2(JNIEnv* env
return
true
;
}
/*
* Will hang if vulnerable, return 0 if successful, -1 on unforseen
* error.
*/
static
jint
android_security_cts_NativeCodeTest_doSockDiagTest
(
JNIEnv
*
env
,
jobject
thiz
)
{
int
fd
,
nlmsg_size
,
err
,
len
;
char
buf
[
1024
];
struct
sockaddr_nl
nladdr
;
struct
nlmsghdr
*
nlh
;
struct
msghdr
msg
;
struct
iovec
iov
;
struct
sock_diag_req
*
sock_diag_data
;
int
major
,
minor
;
struct
utsname
uts
;
if
(
uname
(
&
uts
)
!=
-
1
&&
sscanf
(
uts
.
release
,
"%d.%d"
,
&
major
,
&
minor
)
==
2
&&
((
major
>
3
)
||
((
major
==
3
)
&&
(
minor
>
8
))))
{
// Kernels above 3.8 are patched against CVE-2013-1763
// This test generates false positives if run on > 3.8.
// b/17253473
return
PASSED
;
}
fd
=
socket
(
AF_NETLINK
,
SOCK_RAW
,
NETLINK_SOCK_DIAG
);
if
(
fd
==
-
1
)
{
switch
(
errno
)
{
/* NETLINK_SOCK_DIAG not accessible, vector dne */
case
EACCES
:
case
EAFNOSUPPORT
:
case
EPERM
:
case
EPROTONOSUPPORT
:
return
PASSED
;
default:
return
UNKNOWN_ERROR
;
}
}
/* prepare and send netlink packet */
memset
(
&
nladdr
,
0
,
sizeof
(
nladdr
));
nladdr
.
nl_family
=
AF_NETLINK
;
nlmsg_size
=
NLMSG_ALIGN
(
NLMSG_HDRLEN
+
sizeof
(
sock_diag_data
));
nlh
=
(
nlmsghdr
*
)
malloc
(
nlmsg_size
);
nlh
->
nlmsg_len
=
nlmsg_size
;
nlh
->
nlmsg_pid
=
0
;
//send packet to kernel
nlh
->
nlmsg_type
=
SOCK_DIAG_BY_FAMILY
;
nlh
->
nlmsg_flags
=
NLM_F_REQUEST
|
NLM_F_ACK
;
iov
=
{
(
void
*
)
nlh
,
nlmsg_size
};
msg
=
{
(
void
*
)
&
nladdr
,
sizeof
(
nladdr
),
&
iov
,
1
,
NULL
,
0
,
0
};
sock_diag_data
=
(
sock_diag_req
*
)
NLMSG_DATA
(
nlh
);
sock_diag_data
->
sdiag_family
=
AF_MAX
+
1
;
if
((
err
=
sendmsg
(
fd
,
&
msg
,
0
))
==
-
1
)
{
/* SELinux blocked it */
if
(
errno
==
22
)
{
return
PASSED
;
}
else
{
return
UNKNOWN_ERROR
;
}
}
free
(
nlh
);
memset
(
&
nladdr
,
0
,
sizeof
(
nladdr
));
iov
=
{
buf
,
sizeof
(
buf
)
};
msg
=
{
(
void
*
)
&
nladdr
,
sizeof
(
nladdr
),
&
iov
,
1
,
NULL
,
0
,
0
};
if
((
len
=
recvmsg
(
fd
,
&
msg
,
0
))
==
-
1
)
{
return
UNKNOWN_ERROR
;
}
for
(
nlh
=
(
struct
nlmsghdr
*
)
buf
;
NLMSG_OK
(
nlh
,
len
);
nlh
=
NLMSG_NEXT
(
nlh
,
len
)){
if
(
nlh
->
nlmsg_type
==
NLMSG_ERROR
)
{
/* -22 = -EINVAL from kernel */
if
(
*
(
int
*
)
NLMSG_DATA
(
nlh
)
==
-
22
)
{
return
PASSED
;
}
}
}
return
UNKNOWN_ERROR
;
}
/*
* Prior to https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/arm/include/asm/uaccess.h?id=8404663f81d212918ff85f493649a7991209fa04
* there was a flaw in the kernel's handling of get_user and put_user
...
...
@@ -288,8 +203,6 @@ static JNINativeMethod gMethods[] = {
(
void
*
)
android_security_cts_NativeCodeTest_doPerfEventTest
},
{
"doPerfEventTest2"
,
"()Z"
,
(
void
*
)
android_security_cts_NativeCodeTest_doPerfEventTest2
},
{
"doSockDiagTest"
,
"()I"
,
(
void
*
)
android_security_cts_NativeCodeTest_doSockDiagTest
},
{
"doVrootTest"
,
"()Z"
,
(
void
*
)
android_security_cts_NativeCodeTest_doVrootTest
},
{
"doCVE20141710Test"
,
"()Z"
,
...
...
This diff is collapsed.
Click to expand it.
tests/tests/security/src/android/security/cts/NativeCodeTest.java
View file @
3033f941
...
...
@@ -42,12 +42,6 @@ public class NativeCodeTest extends TestCase {
assertTrue
(
doPerfEventTest2
());
}
public
void
testSockDiag
()
throws
Exception
{
int
result
=
doSockDiagTest
();
assertFalse
(
"Encountered unexpected error: "
+
result
+
"."
,
(
result
==
-
1
));
assertEquals
(
0
,
result
);
}
public
void
testFutex
()
throws
Exception
{
assertTrue
(
"Device is vulnerable to CVE-2014-3153, a vulnerability in the futex() system "
+
"call. Please apply the security patch at "
...
...
@@ -78,12 +72,6 @@ public class NativeCodeTest extends TestCase {
*/
private
static
native
boolean
doPerfEventTest2
();
/**
* Hangs if device is vulnerable to CVE-2013-1763, returns -1 if
* unexpected error occurs, 0 otherwise.
*/
private
static
native
int
doSockDiagTest
();
/**
* ANDROID-11234878 / CVE-2013-6282
*
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment