1 /** 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.cts; 18 19 import android.platform.test.annotations.SecurityTest; 20 21 @SecurityTest 22 public class Poc16_12 extends SecurityTestCase { 23 24 //Criticals 25 /** 26 * b/31606947 27 */ 28 @SecurityTest 29 public void testPocCVE_2016_8424() throws Exception { 30 if(containsDriver(getDevice(), "/dev/nvmap")) { 31 AdbUtils.runPoc("CVE-2016-8424", getDevice(), 60); 32 } 33 } 34 35 /** 36 * b/31797770 37 */ 38 @SecurityTest 39 public void testPocCVE_2016_8425() throws Exception { 40 if(containsDriver(getDevice(), "/dev/nvhost-vic")) { 41 AdbUtils.runPoc("CVE-2016-8425", getDevice(), 60); 42 } 43 } 44 45 /** 46 * b/31799206 47 */ 48 @SecurityTest 49 public void testPocCVE_2016_8426() throws Exception { 50 if(containsDriver(getDevice(), "/dev/nvhost-gpu")) { 51 AdbUtils.runPoc("CVE-2016-8426", getDevice(), 60); 52 } 53 } 54 55 /** 56 * b/31799885 57 */ 58 @SecurityTest 59 public void testPocCVE_2016_8427() throws Exception { 60 if(containsDriver(getDevice(), "/dev/nvhost-gpu") || 61 containsDriver(getDevice(), "/dev/nvhost-dbg-gpu")) { 62 AdbUtils.runPoc("CVE-2016-8427", getDevice(), 60); 63 } 64 } 65 66 /** 67 * b/31993456 68 */ 69 @SecurityTest 70 public void testPocCVE_2016_8428() throws Exception { 71 if(containsDriver(getDevice(), "/dev/nvmap")) { 72 AdbUtils.runPoc("CVE-2016-8428", getDevice(), 60); 73 } 74 } 75 76 /** 77 * b/32160775 78 */ 79 @SecurityTest 80 public void testPocCVE_2016_8429() throws Exception { 81 if(containsDriver(getDevice(), "/dev/nvmap")) { 82 AdbUtils.runPoc("CVE-2016-8429", getDevice(), 60); 83 } 84 } 85 86 /** 87 * b/32225180 88 */ 89 @SecurityTest 90 public void testPocCVE_2016_8430() throws Exception { 91 if(containsDriver(getDevice(), "/dev/nvhost-vic")) { 92 AdbUtils.runPoc("CVE-2016-8430", getDevice(), 60); 93 } 94 } 95 96 /** 97 * b/32402179 98 */ 99 @SecurityTest 100 public void testPocCVE_2016_8431() throws Exception { 101 if(containsDriver(getDevice(), "/dev/dri/renderD129")) { 102 AdbUtils.runPoc("CVE-2016-8431", getDevice(), 60); 103 } 104 } 105 106 /** 107 * b/32447738 108 */ 109 @SecurityTest 110 public void testPocCVE_2016_8432() throws Exception { 111 if(containsDriver(getDevice(), "/dev/dri/renderD129")) { 112 AdbUtils.runPoc("CVE-2016-8432", getDevice(), 60); 113 } 114 } 115 116 /** 117 * b/32125137 118 */ 119 @SecurityTest 120 public void testPocCVE_2016_8434() throws Exception { 121 if(containsDriver(getDevice(), "/dev/kgsl-3d0")) { 122 // This poc is very verbose so we ignore the output to avoid using a lot of memory. 123 AdbUtils.runPocNoOutput("CVE-2016-8434", getDevice(), 60); 124 } 125 } 126 127 /** 128 * b/31668540 129 */ 130 @SecurityTest 131 public void testPocCVE_2016_8460() throws Exception { 132 if(containsDriver(getDevice(), "/dev/nvmap")) { 133 String result = AdbUtils.runPoc("CVE-2016-8460", getDevice(), 60); 134 assertTrue(!result.equals("Vulnerable")); 135 } 136 } 137 138 /** 139 * b/32659848 140 */ 141 @SecurityTest 142 public void testPoc32659848() throws Exception { 143 String command = 144 "echo 18014398509481980 > /sys/kernel/debug/tracing/buffer_size_kb"; 145 AdbUtils.runCommandLine(command, getDevice()); 146 } 147 } 148