Add test for CVE-2013-2094

Detect CVE-2013-2094, the perf_event_open exploit. A patch
for this issue can be found at
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8176cced706b5e5d15887584150764894e94e02f

Bug: 8962304
Change-Id: Idc81ff9be8f2a5798e9b1e60fda5d45e268bc342
diff --git a/tests/tests/security/jni/Android.mk b/tests/tests/security/jni/Android.mk
index ee185c5..5821ec0 100644
--- a/tests/tests/security/jni/Android.mk
+++ b/tests/tests/security/jni/Android.mk
@@ -23,7 +23,8 @@
 
 LOCAL_SRC_FILES := \
 		CtsSecurityJniOnLoad.cpp \
-		android_security_cts_CharDeviceTest.cpp
+		android_security_cts_CharDeviceTest.cpp \
+		android_security_cts_NativeCodeTest.cpp
 
 LOCAL_C_INCLUDES := $(JNI_H_INCLUDE)
 
diff --git a/tests/tests/security/jni/CtsSecurityJniOnLoad.cpp b/tests/tests/security/jni/CtsSecurityJniOnLoad.cpp
index 045581f..7244fc2 100644
--- a/tests/tests/security/jni/CtsSecurityJniOnLoad.cpp
+++ b/tests/tests/security/jni/CtsSecurityJniOnLoad.cpp
@@ -18,6 +18,7 @@
 #include <stdio.h>
 
 extern int register_android_security_cts_CharDeviceTest(JNIEnv*);
+extern int register_android_security_cts_NativeCodeTest(JNIEnv*);
 
 jint JNI_OnLoad(JavaVM *vm, void *reserved) {
     JNIEnv *env = NULL;
@@ -30,5 +31,9 @@
         return JNI_ERR;
     }
 
+    if (register_android_security_cts_NativeCodeTest(env)) {
+        return JNI_ERR;
+    }
+
     return JNI_VERSION_1_4;
 }
diff --git a/tests/tests/security/jni/android_security_cts_NativeCodeTest.cpp b/tests/tests/security/jni/android_security_cts_NativeCodeTest.cpp
new file mode 100644
index 0000000..7af4298
--- /dev/null
+++ b/tests/tests/security/jni/android_security_cts_NativeCodeTest.cpp
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <jni.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <sys/syscall.h>
+
+/*
+ * Returns true iff this device is vulnerable to CVE-2013-2094.
+ * A patch for CVE-2013-2094 can be found at
+ * http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8176cced706b5e5d15887584150764894e94e02f
+ */
+static jboolean android_security_cts_NativeCodeTest_doPerfEventTest(JNIEnv* env, jobject thiz)
+{
+    uint64_t attr[10] = { 0x4800000001, (uint32_t) -1, 0, 0, 0, 0x300 };
+
+    int fd = syscall(__NR_perf_event_open, attr, 0, -1, -1, 0);
+    jboolean result = (fd != -1);
+
+    if (fd != -1) {
+        close(fd);
+    }
+
+    return result;
+}
+
+static JNINativeMethod gMethods[] = {
+    {  "doPerfEventTest", "()Z",
+            (void *) android_security_cts_NativeCodeTest_doPerfEventTest },
+};
+
+int register_android_security_cts_NativeCodeTest(JNIEnv* env)
+{
+    jclass clazz = env->FindClass("android/security/cts/NativeCodeTest");
+    return env->RegisterNatives(clazz, gMethods,
+            sizeof(gMethods) / sizeof(JNINativeMethod));
+}
diff --git a/tests/tests/security/src/android/security/cts/NativeCodeTest.java b/tests/tests/security/src/android/security/cts/NativeCodeTest.java
new file mode 100644
index 0000000..2522ef5
--- /dev/null
+++ b/tests/tests/security/src/android/security/cts/NativeCodeTest.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2013 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.security.cts;
+
+import junit.framework.TestCase;
+
+public class NativeCodeTest extends TestCase {
+
+    static {
+        System.loadLibrary("ctssecurity_jni");
+    }
+
+    public void testPerfEvent() throws Exception {
+        assertFalse("Device is vulnerable to CVE-2013-2094. Please apply security patch "
+                    + "at http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/"
+                    + "commit/?id=8176cced706b5e5d15887584150764894e94e02f",
+                    doPerfEventTest());
+    }
+
+    /**
+     * Returns true iff this device is vulnerable to CVE-2013-2094.
+     * A patch for CVE-2013-2094 can be found at
+     * http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8176cced706b5e5d15887584150764894e94e02f
+     */
+    private static native boolean doPerfEventTest();
+}