FileSystemPermissionTest: Distinguish between block and char devices
The exception list only applies to character devices, not to
block devices. Let's not lump everything together.
Change-Id: Iaf45a8816ea7b0674a359df7caa2f423802abde9
diff --git a/tests/src/android/os/cts/FileUtils.java b/tests/src/android/os/cts/FileUtils.java
index 6b71b86..ea31c54 100644
--- a/tests/src/android/os/cts/FileUtils.java
+++ b/tests/src/android/os/cts/FileUtils.java
@@ -25,6 +25,7 @@
/** Bits and pieces copied from hidden API of android.os.FileUtils. */
public class FileUtils {
+ public static final int S_IFMT = 0170000;
public static final int S_IFSOCK = 0140000;
public static final int S_IFLNK = 0120000;
public static final int S_IFREG = 0100000;
@@ -73,8 +74,18 @@
public long ctime;
public boolean hasModeFlag(int flag) {
+ if (((S_IRWXU | S_IRWXG | S_IRWXO) & flag) != flag) {
+ throw new IllegalArgumentException("Inappropriate flag " + flag);
+ }
return (mode & flag) == flag;
}
+
+ public boolean isOfType(int type) {
+ if ((type & S_IFMT) != type) {
+ throw new IllegalArgumentException("Unknown type " + type);
+ }
+ return (mode & S_IFMT) == type;
+ }
}
/**
diff --git a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
index 3abcbb6..3d254b4 100644
--- a/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
+++ b/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java
@@ -660,7 +660,13 @@
assertTrue("Cannot find /system partition", foundSystem);
}
- private static final Set<File> DEV_EXCEPTIONS = new HashSet<File>(
+ public void testAllBlockDevicesAreSecure() throws Exception {
+ Set<File> insecure = getAllInsecureDevicesInDirAndSubdir(new File("/dev"), FileUtils.S_IFBLK);
+ assertTrue("Found insecure block devices: " + insecure.toString(),
+ insecure.isEmpty());
+ }
+
+ private static final Set<File> CHAR_DEV_EXCEPTIONS = new HashSet<File>(
Arrays.asList(
// Known good devices- should be present everywhere
new File("/dev/ashmem"),
@@ -675,15 +681,15 @@
// Other exceptions go below here, along with a bug #
));
- public void testAllDevicesAreSecure() throws Exception {
- Set<File> insecure = getAllInsecureDevicesInDirAndSubdir(new File("/dev"));
- insecure.removeAll(DEV_EXCEPTIONS);
- assertTrue("Found insecure: " + insecure.toString(),
+ public void testAllCharacterDevicesAreSecure() throws Exception {
+ Set<File> insecure = getAllInsecureDevicesInDirAndSubdir(new File("/dev"), FileUtils.S_IFCHR);
+ insecure.removeAll(CHAR_DEV_EXCEPTIONS);
+ assertTrue("Found insecure character devices: " + insecure.toString(),
insecure.isEmpty());
}
private static Set<File>
- getAllInsecureDevicesInDirAndSubdir(File dir) throws Exception {
+ getAllInsecureDevicesInDirAndSubdir(File dir, int type) throws Exception {
assertTrue(dir.isDirectory());
Set<File> retval = new HashSet<File>();
@@ -702,7 +708,7 @@
/* recurse into subdirectories */
if (subDirectories != null) {
for (File f : subDirectories) {
- retval.addAll(getAllInsecureDevicesInDirAndSubdir(f));
+ retval.addAll(getAllInsecureDevicesInDirAndSubdir(f, type));
}
}
@@ -714,7 +720,7 @@
for (File f: filesInThisDirectory) {
FileUtils.FileStatus status = new FileUtils.FileStatus();
FileUtils.getFileStatus(f.getAbsolutePath(), status, false);
- if (status.hasModeFlag(FileUtils.S_IFBLK) || status.hasModeFlag(FileUtils.S_IFCHR)) {
+ if (status.isOfType(type)) {
if (f.canRead() || f.canWrite() || f.canExecute()) {
retval.add(f);
}
diff --git a/tests/tests/permission/src/android/permission/cts/FileUtils.java b/tests/tests/permission/src/android/permission/cts/FileUtils.java
index 5a869de..56e773a 100644
--- a/tests/tests/permission/src/android/permission/cts/FileUtils.java
+++ b/tests/tests/permission/src/android/permission/cts/FileUtils.java
@@ -19,6 +19,7 @@
/** Bits and pieces copied from hidden API of android.os.FileUtils. */
public class FileUtils {
+ public static final int S_IFMT = 0170000;
public static final int S_IFSOCK = 0140000;
public static final int S_IFLNK = 0120000;
public static final int S_IFREG = 0100000;
@@ -31,14 +32,17 @@
public static final int S_ISGID = 0002000;
public static final int S_ISVTX = 0001000;
+ public static final int S_IRWXU = 00700;
public static final int S_IRUSR = 00400;
public static final int S_IWUSR = 00200;
public static final int S_IXUSR = 00100;
+ public static final int S_IRWXG = 00070;
public static final int S_IRGRP = 00040;
public static final int S_IWGRP = 00020;
public static final int S_IXGRP = 00010;
+ public static final int S_IRWXO = 00007;
public static final int S_IROTH = 00004;
public static final int S_IWOTH = 00002;
public static final int S_IXOTH = 00001;
@@ -64,8 +68,18 @@
public long ctime;
public boolean hasModeFlag(int flag) {
+ if (((S_IRWXU | S_IRWXG | S_IRWXO) & flag) != flag) {
+ throw new IllegalArgumentException("Inappropriate flag " + flag);
+ }
return (mode & flag) == flag;
}
+
+ public boolean isOfType(int type) {
+ if ((type & S_IFMT) != type) {
+ throw new IllegalArgumentException("Unknown type " + type);
+ }
+ return (mode & S_IFMT) == type;
+ }
}
/**
