1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security;
18 
19 import android.test.AndroidTestCase;
20 import java.io.IOException;
21 
22 /**
23  * Verify the selinux domain for apps running with 25<targetSdkVersion<=27
24  */
25 public class SELinuxTargetSdkTest extends SELinuxTargetSdkTestBase
26 {
27     /**
28      * Verify that net.dns properties may not be read
29      */
testNoDns()30     public void testNoDns() throws IOException {
31         noDns();
32     }
33 
34     /**
35      * Verify that selinux context is the expected domain based on
36      * targetSdkVersion = 26-27
37      */
testAppDomainContext()38     public void testAppDomainContext() throws IOException {
39         String context = "u:r:untrusted_app_27:s0:c[0-9]+,c[0-9]+";
40         String msg = "Untrusted apps with targetSdkVersion in range 26-27 " +
41             "must run in the untrusted_app_27 selinux domain and use the levelFrom=user " +
42             "selector in SELinux seapp_contexts which adds two category types " +
43             "to the app's selinux context.\n" +
44             "Example expected value: u:r:untrusted_app_27:s0:c512,c768\n" +
45             "Actual value: ";
46         appDomainContext(context, msg);
47     }
48 
49     /**
50      * Verify that selinux context is the expected type based on
51      * targetSdkVersion = 26-27
52      */
testAppDataContext()53     public void testAppDataContext() throws Exception {
54         String context = "u:object_r:app_data_file:s0:c[0-9]+,c[0-9]+";
55         String msg = "Untrusted apps with targetSdkVersion in range 26-27 " +
56             "must use the app_data_file selinux context and use the levelFrom=user " +
57             "selector in SELinux seapp_contexts which adds two category types " +
58             "to the app_data_file context.\n" +
59             "Example expected value: u:object_r:app_data_file:s0:c512,c768\n" +
60             "Actual value: ";
61         appDataContext(context, msg);
62     }
63 
testDex2oat()64     public void testDex2oat() throws Exception {
65         checkDex2oatAccess(true);
66     }
67 
testNetworkInterface()68     public void testNetworkInterface() throws Exception {
69         checkNetworkInterface_returnsAnonymizedHardwareAddresses();
70     }
71 
testNoNetlinkRouteGetlink()72     public void testNoNetlinkRouteGetlink() throws IOException {
73         noNetlinkRouteGetlink();
74     }
75 
testNoNetlinkRouteBind()76     public void testNoNetlinkRouteBind() throws IOException {
77         noNetlinkRouteBind();
78     }
79 
testNetlinkRouteGetneigh()80     public void testNetlinkRouteGetneigh() throws IOException {
81         checkNetlinkRouteGetneigh(true);
82     }
83 }
84