[RESTRICT AUTOMERGE] CTS test for Android Security b/193444889
Bug: 193444889
Bug: 196879988
Test: Ran the new testcase on android-9.0.0_r35 with/without patch
Change-Id: I4cbcf9ee6e75a6a0b2dcc6c1ee5b5bcedf44b3d6
diff --git a/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0706.java b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0706.java
new file mode 100644
index 0000000..c46bede
--- /dev/null
+++ b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0706.java
@@ -0,0 +1,51 @@
+/**
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.cts;
+
+import android.platform.test.annotations.AppModeFull;
+import android.platform.test.annotations.AsbSecurityTest;
+import com.android.tradefed.device.ITestDevice;
+import com.android.tradefed.testtype.DeviceJUnit4ClassRunner;
+import com.android.tradefed.testtype.junit4.BaseHostJUnit4Test;
+import org.junit.Before;
+import org.junit.runner.RunWith;
+import org.junit.Test;
+
+@RunWith(DeviceJUnit4ClassRunner.class)
+public class CVE_2021_0706 extends BaseHostJUnit4Test {
+
+ private static final String TEST_PKG = "android.security.cts.CVE_2021_0706";
+ private static final String TEST_CLASS = TEST_PKG + "." + "DeviceTest";
+ private static final String TEST_APP = "CVE-2021-0706.apk";
+
+ @Before
+ public void setUp() throws Exception {
+ uninstallPackage(getDevice(), TEST_PKG);
+ }
+
+ @AppModeFull
+ @AsbSecurityTest(cveBugId = 193444889)
+ @Test
+ public void testPocCVE_2021_0706() throws Exception {
+ ITestDevice device = getDevice();
+ AdbUtils.runCommandLine("input keyevent KEYCODE_WAKEUP", device);
+ AdbUtils.runCommandLine("input keyevent KEYCODE_MENU", device);
+ AdbUtils.runCommandLine("input keyevent KEYCODE_HOME", device);
+ installPackage(TEST_APP);
+ runDeviceTests(TEST_PKG, TEST_CLASS, "testDisablePlugin");
+ }
+}
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/Android.mk b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/Android.mk
new file mode 100644
index 0000000..5d3862f
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/Android.mk
@@ -0,0 +1,31 @@
+# Copyright (C) 2021 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+LOCAL_PATH := $(call my-dir)
+include $(CLEAR_VARS)
+
+LOCAL_PACKAGE_NAME := CVE-2021-0706
+LOCAL_SRC_FILES := $(call all-java-files-under, src)
+LOCAL_MODULE_TAGS := tests
+LOCAL_SDK_VERSION := current
+LOCAL_STATIC_JAVA_LIBRARIES := androidx.test.core
+LOCAL_STATIC_JAVA_LIBRARIES += androidx.test.rules
+LOCAL_STATIC_JAVA_LIBRARIES += ub-uiautomator
+
+# Tag this module as a cts test artifact
+LOCAL_COMPATIBILITY_SUITE := cts vts sts
+
+LOCAL_PROGUARD_ENABLED := disabled
+LOCAL_DEX_PREOPT := false
+include $(BUILD_CTS_SUPPORT_PACKAGE)
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/AndroidManifest.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/AndroidManifest.xml
new file mode 100644
index 0000000..d625163
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/AndroidManifest.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ Copyright 2021 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+ package="android.security.cts.CVE_2021_0706"
+ android:versionCode="1"
+ android:versionName="1.0">
+ <application
+ android:label="CVE-2021-0706"
+ android:supportsRtl="true">
+ <activity android:name=".PocActivity" android:exported="true">
+ <intent-filter>
+ <action android:name="android.intent.action.MAIN" />
+ <category android:name="android.intent.category.LAUNCHER" />
+ </intent-filter>
+ </activity>
+ </application>
+ <instrumentation
+ android:name="androidx.test.runner.AndroidJUnitRunner"
+ android:targetPackage="android.security.cts.CVE_2021_0706" />
+</manifest>
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/res/layout/activity_main.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/res/layout/activity_main.xml
new file mode 100644
index 0000000..1500822
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/res/layout/activity_main.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ Copyright 2021 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+<LinearLayout
+ xmlns:android="http://schemas.android.com/apk/res/android"
+ android:layout_width="match_parent"
+ android:layout_height="match_parent">
+ <TextView
+ android:layout_width="match_parent"
+ android:layout_height="match_parent"
+ android:text="CVE-2021-0706"/>
+</LinearLayout>
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/DeviceTest.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/DeviceTest.java
new file mode 100644
index 0000000..271e2c8
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/DeviceTest.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.cts.CVE_2021_0706;
+
+import android.content.Context;
+import android.content.Intent;
+import android.content.pm.PackageManager;
+import android.net.Uri;
+import android.support.test.uiautomator.By;
+import android.support.test.uiautomator.UiDevice;
+import android.support.test.uiautomator.Until;
+import androidx.test.runner.AndroidJUnit4;
+import org.junit.runner.RunWith;
+import org.junit.Test;
+import static androidx.test.core.app.ApplicationProvider.getApplicationContext;
+import static androidx.test.platform.app.InstrumentationRegistry.getInstrumentation;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assume.assumeNotNull;
+
+@RunWith(AndroidJUnit4.class)
+public class DeviceTest {
+
+ @Test
+ public void testDisablePlugin() {
+ UiDevice mDevice = UiDevice.getInstance(getInstrumentation());
+ Context context = getApplicationContext();
+ assumeNotNull(context);
+ final int TIMEOUT_MS = 10000;
+ String TEST_PACKAGE = "android.security.cts.CVE_2021_0706";
+ String errorMessage = "PocActivity from package android.security.cts.CVE_2021_0706"
+ + " is disabled. Device is vulnerable to b/193444889!";
+ PackageManager packageManager = context.getPackageManager();
+ assumeNotNull(packageManager);
+ Intent intent = packageManager.getLaunchIntentForPackage(TEST_PACKAGE);
+ assumeNotNull(intent);
+ intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TASK);
+ context.startActivity(intent);
+ assumeNotNull(mDevice.wait(Until.hasObject(By.pkg(TEST_PACKAGE).depth(0)), TIMEOUT_MS));
+ Intent intentDisablePlugin = new Intent("com.android.systemui.action.DISABLE_PLUGIN");
+ Uri uri = Uri.parse("package://android.security.cts.CVE_2021_0706/.PocActivity");
+ intentDisablePlugin.setData(uri);
+ context.sendBroadcast(intentDisablePlugin);
+ assumeNotNull(mDevice.wait(Until.gone(By.pkg(TEST_PACKAGE).depth(0)), TIMEOUT_MS));
+ intent = packageManager.getLaunchIntentForPackage(TEST_PACKAGE);
+ assertNotNull(errorMessage, intent);
+ }
+}
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/PocActivity.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/PocActivity.java
new file mode 100644
index 0000000..0d79f1c
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/PocActivity.java
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.cts.CVE_2021_0706;
+
+import android.app.Activity;
+import android.os.Bundle;
+
+public class PocActivity extends Activity {
+
+ @Override
+ protected void onCreate(Bundle savedInstanceState) {
+ super.onCreate(savedInstanceState);
+ setContentView(R.layout.activity_main);
+ }
+}
