If the device does not advertise support for protected or
non-protected VMs, but still has the virt APEX installed, then that's
bad.
Fail fast to make this as noticeable as possible, and avoid wasting
resources, rather than waiting for things to go wrong later on.
While I'm here: make sure we consistently say "non-protected" rather
than "unprotected".
Bug: 254599807
Test: manual - fake property read, observe obvious failure
Test: atest MicrodroidTests MicrodroidHostTests
Change-Id: Ia0629f2d5b2094f6c1c41ff0fc3f2a76e285f0d7
Make the final changes to start running VMs using virtmgr:
* Have virtualizationservice host the VirtualizationServiceInternal
AIDL service.
* Remove memlock rlimit of virtmgr (instead of virtualizationservice)
via a method on VirtualizationServiceInternal.
* Have VirtualizationServiceInternal create the VM's temporary folder
and change its owner to the client's UID. The files keep the same
virtualizationservice_data_file SELinux label, but are now owned by
the client's virtmgr instance. To this end, virtualizationservice
requires CAP_CHOWN.
* Switch all users to the new vmclient/javalib API for spawning
virtmgr.
Bug: 245727626
Test: atest -p packages/modules/Virtualization:avf-presubmit
Change-Id: I93b2cadb67a8c125e1a86f9c1ba9cb98336f0cd4
* changes:
Send UID and VM identifier to existing atoms
Implement write_vm_exited_stats for VmExited atom
Implement write_vm_booted_stats for VmBooted atom
AVF presubmit test config currently runs all tests in the 'presubmit'
group. However, in presubmit the test configs are invoked with all
TEST_MAPPING paths from all affected CLs. Our test config can therefore
run tests from TEST_MAPPINGs outside of the Virtualization repo.
To work around this problem, move all Virtualization tests to
'avf-presubmit' group. Test config running in presubmit will still be
invoked with TEST_MAPPINGs from various repos but only our tests will
match the group.
Rename the postsubmit group to 'avf-postsubmit' for consistency.
Bug: 236755822
Test: atest --test-mapping packages/modules/Virtualization:avf-presubmit
Test: atest --test-mapping packages/modules/Virtualization:avf-postsubmit
Change-Id: I7be5781bef4b6e060a69724c7b4256423adc649c
Instead of having clients directly register a callback with VS,
implement a Rust level callback interface in vmclient. This saves an
extra binder call on each notification, a bunch of boilerplate code,
and allows us to provide a slightly better interface (e.g. we can use
the Rust DeathReason enum, as elsewhere in vmclient, for instantly
better logging).
I also replaced all our usages of <some_interface>::binder::{...} with
direct access to binder::{...}. That makes it clearer what depends on
the interface itself and what is just generic binder code. I realise
this should be a separate change, but I only realised that after doing
bits of both.
Test: composd_cmd test-compile, observe logs (on both success & failure)
Test: atest -b (to make sure all our tests build)
Test: Presubmits
Change-Id: Iceda8d7b8f8008f9d7a2c51106c2794f09bb378e
Now that we have wait_for_death_with_timeout, use it.
Test: Hack VM to not exit, see timeout error
Change-Id: I4f9d03f6de6d441277c949d148c8fd3b30c8f88e
Alan Stokes
David Brazdil
Victor Hsieh
Treehugger Robot
Seungjae Yoo
Andrew Walbran