CTS test for Android Security b/193444889
Bug: 193444889
Bug: 196879988
Test: Ran the new testcase on android-10.0.0_r39 with/without patch
Change-Id: I4cbcf9ee6e75a6a0b2dcc6c1ee5b5bcedf44b3d6
diff --git a/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0706.java b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0706.java
new file mode 100644
index 0000000..c46bede
--- /dev/null
+++ b/hostsidetests/securitybulletin/src/android/security/cts/CVE_2021_0706.java
@@ -0,0 +1,51 @@
+/**
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.cts;
+
+import android.platform.test.annotations.AppModeFull;
+import android.platform.test.annotations.AsbSecurityTest;
+import com.android.tradefed.device.ITestDevice;
+import com.android.tradefed.testtype.DeviceJUnit4ClassRunner;
+import com.android.tradefed.testtype.junit4.BaseHostJUnit4Test;
+import org.junit.Before;
+import org.junit.runner.RunWith;
+import org.junit.Test;
+
+@RunWith(DeviceJUnit4ClassRunner.class)
+public class CVE_2021_0706 extends BaseHostJUnit4Test {
+
+ private static final String TEST_PKG = "android.security.cts.CVE_2021_0706";
+ private static final String TEST_CLASS = TEST_PKG + "." + "DeviceTest";
+ private static final String TEST_APP = "CVE-2021-0706.apk";
+
+ @Before
+ public void setUp() throws Exception {
+ uninstallPackage(getDevice(), TEST_PKG);
+ }
+
+ @AppModeFull
+ @AsbSecurityTest(cveBugId = 193444889)
+ @Test
+ public void testPocCVE_2021_0706() throws Exception {
+ ITestDevice device = getDevice();
+ AdbUtils.runCommandLine("input keyevent KEYCODE_WAKEUP", device);
+ AdbUtils.runCommandLine("input keyevent KEYCODE_MENU", device);
+ AdbUtils.runCommandLine("input keyevent KEYCODE_HOME", device);
+ installPackage(TEST_APP);
+ runDeviceTests(TEST_PKG, TEST_CLASS, "testDisablePlugin");
+ }
+}
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/Android.bp b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/Android.bp
new file mode 100644
index 0000000..d09ece9
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/Android.bp
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+android_test_helper_app {
+ name: "CVE-2021-0706",
+ defaults: [
+ "cts_support_defaults",
+ ],
+ srcs: [
+ "src/**/*.java",
+ ],
+ test_suites: [
+ "cts",
+ "vts10",
+ "sts",
+ ],
+ static_libs: [
+ "androidx.test.core",
+ "androidx.test.rules",
+ "androidx.test.uiautomator_uiautomator",
+ ],
+ sdk_version: "current",
+}
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/AndroidManifest.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/AndroidManifest.xml
new file mode 100644
index 0000000..d625163
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/AndroidManifest.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ Copyright 2021 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+ package="android.security.cts.CVE_2021_0706"
+ android:versionCode="1"
+ android:versionName="1.0">
+ <application
+ android:label="CVE-2021-0706"
+ android:supportsRtl="true">
+ <activity android:name=".PocActivity" android:exported="true">
+ <intent-filter>
+ <action android:name="android.intent.action.MAIN" />
+ <category android:name="android.intent.category.LAUNCHER" />
+ </intent-filter>
+ </activity>
+ </application>
+ <instrumentation
+ android:name="androidx.test.runner.AndroidJUnitRunner"
+ android:targetPackage="android.security.cts.CVE_2021_0706" />
+</manifest>
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/res/layout/activity_main.xml b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/res/layout/activity_main.xml
new file mode 100644
index 0000000..1500822
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/res/layout/activity_main.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ Copyright 2021 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+<LinearLayout
+ xmlns:android="http://schemas.android.com/apk/res/android"
+ android:layout_width="match_parent"
+ android:layout_height="match_parent">
+ <TextView
+ android:layout_width="match_parent"
+ android:layout_height="match_parent"
+ android:text="CVE-2021-0706"/>
+</LinearLayout>
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/DeviceTest.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/DeviceTest.java
new file mode 100644
index 0000000..89ebb8f
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/DeviceTest.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.cts.CVE_2021_0706;
+
+import android.content.Context;
+import android.content.Intent;
+import android.content.pm.PackageManager;
+import android.net.Uri;
+import androidx.test.runner.AndroidJUnit4;
+import androidx.test.uiautomator.By;
+import androidx.test.uiautomator.UiDevice;
+import androidx.test.uiautomator.Until;
+import org.junit.runner.RunWith;
+import org.junit.Test;
+import static androidx.test.core.app.ApplicationProvider.getApplicationContext;
+import static androidx.test.platform.app.InstrumentationRegistry.getInstrumentation;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assume.assumeNotNull;
+
+@RunWith(AndroidJUnit4.class)
+public class DeviceTest {
+
+ @Test
+ public void testDisablePlugin() {
+ UiDevice mDevice = UiDevice.getInstance(getInstrumentation());
+ Context context = getApplicationContext();
+ assumeNotNull(context);
+ final int TIMEOUT_MS = 10000;
+ String TEST_PACKAGE = "android.security.cts.CVE_2021_0706";
+ String errorMessage = "PocActivity from package android.security.cts.CVE_2021_0706"
+ + " is disabled. Device is vulnerable to b/193444889!";
+ PackageManager packageManager = context.getPackageManager();
+ assumeNotNull(packageManager);
+ Intent intent = packageManager.getLaunchIntentForPackage(TEST_PACKAGE);
+ assumeNotNull(intent);
+ intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TASK);
+ context.startActivity(intent);
+ assumeNotNull(mDevice.wait(Until.hasObject(By.pkg(TEST_PACKAGE).depth(0)), TIMEOUT_MS));
+ Intent intentDisablePlugin = new Intent("com.android.systemui.action.DISABLE_PLUGIN");
+ Uri uri = Uri.parse("package://android.security.cts.CVE_2021_0706/.PocActivity");
+ intentDisablePlugin.setData(uri);
+ context.sendBroadcast(intentDisablePlugin);
+ assumeNotNull(mDevice.wait(Until.gone(By.pkg(TEST_PACKAGE).depth(0)), TIMEOUT_MS));
+ intent = packageManager.getLaunchIntentForPackage(TEST_PACKAGE);
+ assertNotNull(errorMessage, intent);
+ }
+}
diff --git a/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/PocActivity.java b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/PocActivity.java
new file mode 100644
index 0000000..0d79f1c
--- /dev/null
+++ b/hostsidetests/securitybulletin/test-apps/CVE-2021-0706/src/android/security/cts/CVE_2021_0706/PocActivity.java
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.cts.CVE_2021_0706;
+
+import android.app.Activity;
+import android.os.Bundle;
+
+public class PocActivity extends Activity {
+
+ @Override
+ protected void onCreate(Bundle savedInstanceState) {
+ super.onCreate(savedInstanceState);
+ setContentView(R.layout.activity_main);
+ }
+}
