This CL also renames some variables to make them consistent with
the apk structure spec.
Test: atest libapkverify.test
Change-Id: Iba2a060916a59f295e702d4ef5a3618076acf4ed
I only wanted this in one place, but thought we might as well do it
all in one go.
In a couple of places I added an explicit edition instead of using the
default (whatever that is).
See https://doc.rust-lang.org/edition-guide/rust-2021/index.html.
Test: find . -name "Android.bp" -type f|xargs grep edition | grep -v 2021
Test: atest ComposHostTestCases MicrodroidHostTestCases
Change-Id: I4de050078b303cc5614d230e0d36d5454d60a807
* changes:
Send UID and VM identifier to existing atoms
Implement write_vm_exited_stats for VmExited atom
Implement write_vm_booted_stats for VmBooted atom
AVF presubmit test config currently runs all tests in the 'presubmit'
group. However, in presubmit the test configs are invoked with all
TEST_MAPPING paths from all affected CLs. Our test config can therefore
run tests from TEST_MAPPINGs outside of the Virtualization repo.
To work around this problem, move all Virtualization tests to
'avf-presubmit' group. Test config running in presubmit will still be
invoked with TEST_MAPPINGs from various repos but only our tests will
match the group.
Rename the postsubmit group to 'avf-postsubmit' for consistency.
Bug: 236755822
Test: atest --test-mapping packages/modules/Virtualization:avf-presubmit
Test: atest --test-mapping packages/modules/Virtualization:avf-postsubmit
Change-Id: I7be5781bef4b6e060a69724c7b4256423adc649c
We are now default restricting bindgen visibility to subpackages. This
change is part of a set of changes adding explicit visibility for
bindgen libraries which are already being used elsewhere.
* If these visibility rules are to allow access by the safe bindings
library which lives elsewhere in the codebase, no action is needed.
* If safe bindings do not exist, and you own this library, now is a good
time to think about producing them and transitioning your (now
enumerated) client list.
* If safe bindings exist, but there is a surprise client of the raw
bindings on this list, now is a good time to talk to them about why
they don't want to use your safe bindings.
Bug: 166332519
Test: m
Change-Id: I3f731ac41b36d28a3f86d22133bf57f2721e9baa
The APEX handling library included VBMeta image verification and parsing
but split this out to its own library so that it can be used by other
components too. The new library hides the libavb FFI to provide a safe
interface.
The library is not complete, it only knows about hashtree descriptors
and its root digest, but other aspects can be exposed as there is need
for them.
Test: atest libvbmeta_rust.test
Test: atest libapexutil_rust.test
Bug: 234564414
Change-Id: Ie176b816f63d2ff7f75deab6c07e1f9bb2e54594
Our nested virtualization check failed on this target. Move to a
prefix check to support this device and any other ones that appear.
Also extract the code to do the check to a library, rather than
changing in two places.
Bug: 236922543
Test: Presubmit
Change-Id: Id1d424f5f107e2098d89ca2ea8089ba956f212ca
APKs are brought from tools/apksig/src/test/resources/com/android/apksig
Covered test for all existing v3-only apks at there.
Bug: 233573377
Test: atest libapkverify.integration_test
Change-Id: Icdad3afa352fec2286d70a395f18a0973e6e2def
Get the best APK digest from the APK and include it in the generated
idsig.
Test: atest libidsig.test
Bug: 234564414
Change-Id: If55eab3bb62131bcdb9dfeb6000b9a5ba7ab9236
The v4 signing scheme includes an APK digest to match the strongest
digest available in the v3 or v2. Add a function to extract that digest
from an APK.
Test: libapkverify.test
Bug: 234564414
Change-Id: I69ce9c9c5ff6daf1f09e1bd4620ebf1ce015b5fa
The signing algorithms were already ranked following the order of
preference used by the v4 signing scheme, so there's no functional
change. Documentation is added to make this connection explicit and a
functions for selecting the best signed is factored out.
Test: libapkverify.test
Bug: 234564414
Change-Id: I28e25ce744cbc5854d1cb2b73fee9f966d2f8eb6
Don't mark the tests as host supported as they will otherwise fail when
the server tries to run them as the dependencies don't get bundled
properly.
Test: presbumit
Change-Id: I8ce5a21e5a27e15df1df84ea7d682c24cd8c4d67
Switch to using the certified implementation of cryptographic
algorithms, boringssl, that's available through the openssl crate.
Add an ECDSA signed APK to the test suite to give that algorithm some
coverage.
Bug: 232676161
Test: atest libapkverify.test
Test: atest libapkverify.integration_test
Change-Id: I5f86b40e110d8aaeb22109757253950bd7824833
The library exposes two functions that are just wrappers around the v3
implementation. Make that more clear by simply re-exporting the v3
functions. The TODO for adding v2 support remains.
The documentation is consolidated so the same information remains.
Test: atest libapkverify.test
Change-Id: Id497486dd054474516a664be1539b41732085b79
Make a library for APEX handling using the microdroid_manager logic as
the basis. Other components are going to need to be able to extract the
keys from APEXs so make the logic reusable and available to host tools.
Test: atest microdroid_manager_test
Test: atest libapexutil_rust.test
Change-Id: I36abf21b59b67046b1464bf47f7be40186926410
VM config can now specify the requirement on the virtual platform
version. At runtime, the requirement is matched against the actual
virtual platform version that crosvm implements. If they don't match,
the VM can't be created. The version format follows SemVer, allowing us
to express backwards compatible and incompatible changes in the future.
Bug: 193504487
Test: atest VirtualizationTestCases
Change-Id: I23d370081e10399502178b9cfe8a46b05addf186
Root digests of APEX payload are now collected by microdroid_manager and
stored in instance.img and passed to apexd.
Bug: 199371341
Test: MicrodroidHostTestCases
Change-Id: I940347068400822f7d8140c3daf68036f553b087
Alice Wang
Treehugger Robot
Alan Stokes
Andrew Walbran
Seungjae Yoo
David Brazdil
Chris Wailes
Matthew Maurer
Andrew Scull
Jiyong Park
Jooyung Han