Add killbit tests

src/libraries/System.Runtime.Serialization.Formatters/tests/DisableBitTests.cs

@@ -0,0 +1,65 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using System.IO;
+using System.Runtime.Serialization.Formatters.Binary;
+using Microsoft.DotNet.RemoteExecutor;
+using Xunit;
+
+namespace System.Runtime.Serialization.Formatters.Tests
+{
+    public static class DisableBitTests
+    {
+        // these tests only make sense on platforms with both SecureAppContext and RemoteExecutor support
+        public static bool ShouldRunTests => !PlatformDetection.IsNetFramework && RemoteExecutor.IsSupported;
+
+        private const string EnableBinaryFormatterSwitchName = "System.Runtime.Serialization.EnableUnsafeBinaryFormatterSerialization";
+        private const string MoreInfoUrl = "https://aka.ms/binaryformatter";
+
+        [ConditionalFact(nameof(ShouldRunTests))]
+        public static void DisabledThroughAppContext()
+        {
+            RemoteExecutor.Invoke(() =>
+            {
+                AppContext.SetSwitch(EnableBinaryFormatterSwitchName, isEnabled: false);
+
+                // First, test serialization
+
+                MemoryStream ms = new MemoryStream();
+                BinaryFormatter bf = new BinaryFormatter();
+                var ex = Assert.Throws<NotSupportedException>(() => bf.Serialize(ms, "A string to serialize."));
+                Assert.Contains(MoreInfoUrl, ex.Message, StringComparison.Ordinal); // error message should link to the more info URL
+
+                // Then test deserialization
+
+                ex = Assert.Throws<NotSupportedException>(() => bf.Deserialize(ms));
+                Assert.Contains(MoreInfoUrl, ex.Message, StringComparison.Ordinal); // error message should link to the more info URL
+            }).Dispose();
+        }
+
+        [ConditionalFact(nameof(ShouldRunTests))]
+        public static void DisabledThroughSecureAppContext_CannotOverride()
+        {
+            RemoteInvokeOptions options = new RemoteInvokeOptions();
+            options.RuntimeConfigurationOptions[EnableBinaryFormatterSwitchName] = bool.FalseString;
+
+            RemoteExecutor.Invoke(() =>
+            {
+                AppContext.SetSwitch(EnableBinaryFormatterSwitchName, isEnabled: true); // shouldn't override SecureAppContext
+
+                // First, test serialization
+
+                MemoryStream ms = new MemoryStream();
+                BinaryFormatter bf = new BinaryFormatter();
+                var ex = Assert.Throws<NotSupportedException>(() => bf.Serialize(ms, "A string to serialize."));
+                Assert.Contains(MoreInfoUrl, ex.Message, StringComparison.Ordinal); // error message should link to the more info URL
+
+                // Then test deserialization
+
+                ex = Assert.Throws<NotSupportedException>(() => bf.Deserialize(ms));
+                Assert.Contains(MoreInfoUrl, ex.Message, StringComparison.Ordinal); // error message should link to the more info URL
+            }, options).Dispose();
+        }
+    }
+}

src/libraries/System.Runtime.Serialization.Formatters/tests/System.Runtime.Serialization.Formatters.Tests.csproj

@@ -7,6 +7,7 @@
   <ItemGroup>
     <Compile Include="BinaryFormatterTestData.cs" />
     <Compile Include="BinaryFormatterTests.cs" />
+    <Compile Include="DisableBitTests.cs" />
     <Compile Include="EqualityExtensions.cs" />
     <Compile Include="OptionalFieldAttributeTests.cs" />
     <Compile Include="FormatterConverterTests.cs" />