From: Kevin Chyn Date: Fri, 7 Apr 2017 21:39:50 +0000 (-0700) Subject: setActiveGroup null, 0 length, unwritable dir should fail X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=d7e9b0fdc7e2c461973e34568fbca8f5bd0c0373;p=android-x86%2Fhardware-interfaces.git setActiveGroup null, 0 length, unwritable dir should fail with this change, VTS test needs to run in /data/system/ due to SELinux policy + Linux directory permissions Test: run VTS tests and make sure they all pass Fixes 37153318 Change-Id: Ib1f19ce7fc0d08ae2941aec5c08c5857c7a9f2fd --- diff --git a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp index 5b00675e..83c7de8c 100644 --- a/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp +++ b/biometrics/fingerprint/2.1/default/BiometricsFingerprint.cpp @@ -25,6 +25,7 @@ #include "BiometricsFingerprint.h" #include +#include namespace android { namespace hardware { @@ -189,7 +190,12 @@ Return BiometricsFingerprint::setActiveGroup(uint32_t gid, const hidl_string& storePath) { if (storePath.size() >= PATH_MAX || storePath.size() <= 0) { ALOGE("Bad path length: %zd", storePath.size()); + return RequestStatus::SYS_EINVAL; } + if (access(storePath.c_str(), W_OK)) { + return RequestStatus::SYS_EINVAL; + } + return ErrorFilter(mDevice->set_active_group(mDevice, gid, storePath.c_str())); } diff --git a/biometrics/fingerprint/2.1/vts/functional/VtsHalBiometricsFingerprintV2_1TargetTest.cpp b/biometrics/fingerprint/2.1/vts/functional/VtsHalBiometricsFingerprintV2_1TargetTest.cpp index d3f66126..29776b41 100644 --- a/biometrics/fingerprint/2.1/vts/functional/VtsHalBiometricsFingerprintV2_1TargetTest.cpp +++ b/biometrics/fingerprint/2.1/vts/functional/VtsHalBiometricsFingerprintV2_1TargetTest.cpp @@ -43,7 +43,7 @@ namespace { static const uint32_t kTimeout = 3; static const std::chrono::seconds kTimeoutInSeconds = std::chrono::seconds(kTimeout); static const uint32_t kGroupId = 99; -static const std::string kTmpDir = "/data/local/tmp/"; +static const std::string kTmpDir = "/data/system/"; static const uint32_t kIterations = 1000; // Wait for a callback to occur (signaled by the given future) up to the @@ -186,6 +186,8 @@ class FingerprintHidlTest : public ::testing::VtsHalHidlTargetTestBase { ASSERT_FALSE(mService == nullptr); // Create an active group + // FP service can only write to /data/system due to + // SELinux Policy and Linux Dir Permissions Return res = mService->setActiveGroup(kGroupId, kTmpDir); ASSERT_EQ(RequestStatus::SYS_OK, static_cast(res)); }