Assert that xattr support is in the kernel.
b/13445875
Verify that extended attributes (xattr) support is compiled
into the kernel. This is a prerequsite for SELinux and filesystem
capabilities. The failure to include support for extended attributes
may cause problems when upgrading to Android 4.4.
Change-Id: Ie641bf69d54486acb2c50a741e0b152898c1f961
diff --git a/tests/tests/security/jni/Android.mk b/tests/tests/security/jni/Android.mk
index 9e45a54..830a22a 100644
--- a/tests/tests/security/jni/Android.mk
+++ b/tests/tests/security/jni/Android.mk
@@ -24,6 +24,7 @@
LOCAL_SRC_FILES := \
CtsSecurityJniOnLoad.cpp \
android_security_cts_CharDeviceTest.cpp \
+ android_security_cts_KernelSettingsTest.cpp \
android_security_cts_LinuxRngTest.cpp \
android_security_cts_NativeCodeTest.cpp \
android_security_cts_LoadEffectLibraryTest.cpp
diff --git a/tests/tests/security/jni/CtsSecurityJniOnLoad.cpp b/tests/tests/security/jni/CtsSecurityJniOnLoad.cpp
index b9aeaf5..93b5175 100644
--- a/tests/tests/security/jni/CtsSecurityJniOnLoad.cpp
+++ b/tests/tests/security/jni/CtsSecurityJniOnLoad.cpp
@@ -17,6 +17,7 @@
#include <jni.h>
#include <stdio.h>
+extern int register_android_security_cts_KernelSettingsTest(JNIEnv*);
extern int register_android_security_cts_CharDeviceTest(JNIEnv*);
extern int register_android_security_cts_LinuxRngTest(JNIEnv*);
extern int register_android_security_cts_NativeCodeTest(JNIEnv*);
@@ -45,5 +46,9 @@
return JNI_ERR;
}
+ if (register_android_security_cts_KernelSettingsTest(env)) {
+ return JNI_ERR;
+ }
+
return JNI_VERSION_1_4;
}
diff --git a/tests/tests/security/jni/android_security_cts_KernelSettingsTest.cpp b/tests/tests/security/jni/android_security_cts_KernelSettingsTest.cpp
new file mode 100644
index 0000000..bab7b57
--- /dev/null
+++ b/tests/tests/security/jni/android_security_cts_KernelSettingsTest.cpp
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <jni.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <sys/xattr.h>
+#include <errno.h>
+
+static jboolean android_security_cts_KernelSettingsTest_supportsXattr(JNIEnv* env, jobject thiz)
+{
+ int result = getxattr("/system/bin/toolbox", "security.capability", NULL, 0);
+ return ((result >= 0) || (errno == ENODATA));
+}
+
+static JNINativeMethod gMethods[] = {
+ { "supportsXattr", "()Z",
+ (void *) android_security_cts_KernelSettingsTest_supportsXattr },
+};
+
+int register_android_security_cts_KernelSettingsTest(JNIEnv* env)
+{
+ jclass clazz = env->FindClass("android/security/cts/KernelSettingsTest");
+ return env->RegisterNatives(clazz, gMethods,
+ sizeof(gMethods) / sizeof(JNINativeMethod));
+}
diff --git a/tests/tests/security/src/android/security/cts/KernelSettingsTest.java b/tests/tests/security/src/android/security/cts/KernelSettingsTest.java
index e660009..bed5851 100644
--- a/tests/tests/security/src/android/security/cts/KernelSettingsTest.java
+++ b/tests/tests/security/src/android/security/cts/KernelSettingsTest.java
@@ -29,6 +29,10 @@
*/
public class KernelSettingsTest extends TestCase {
+ static {
+ System.loadLibrary("ctssecurity_jni");
+ }
+
/**
* Ensure that SELinux is not in enforcing mode.
*/
@@ -97,6 +101,23 @@
}
}
+ /**
+ * Verify that ext4 extended attributes (xattrs) are enabled in the
+ * Linux kernel.
+ *
+ * To fix this failure, you need to enable the following kernel options:
+ * - CONFIG_EXT4_FS_XATTR
+ * - CONFIG_EXT4_FS_SECURITY
+ *
+ * Failure to enable this option may result in upgrade problems when
+ * trying to upgrade to Android 4.4.
+ */
+ public void testXattrInKernel() {
+ assertTrue(supportsXattr());
+ }
+
+ private static native boolean supportsXattr();
+
private String getFile(String filename) throws IOException {
BufferedReader in = null;
try {
