Merge "Update microdroid sepolicy modules to new modules"
diff --git a/apex/Android.bp b/apex/Android.bp
index fa3806f..bb73630 100644
--- a/apex/Android.bp
+++ b/apex/Android.bp
@@ -35,6 +35,8 @@
"vm",
],
filesystems: ["microdroid"],
+ prebuilts: ["com.android.virt.init.rc"],
+ file_contexts: ":com.android.virt-file_contexts",
}
apex_key {
@@ -47,3 +49,9 @@
name: "com.android.virt.certificate",
certificate: "com.android.virt",
}
+
+prebuilt_etc {
+ name: "com.android.virt.init.rc",
+ src: "virtmanager.rc",
+ filename: "init.rc",
+}
diff --git a/apex/virtmanager.rc b/apex/virtmanager.rc
new file mode 100644
index 0000000..4a41154
--- /dev/null
+++ b/apex/virtmanager.rc
@@ -0,0 +1,19 @@
+# Copyright (C) 2021 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+service virtmanager /apex/com.android.virt/bin/virtmanager
+ class main
+ user virtmanager
+ group virtmanager
+ disabled
diff --git a/authfs/src/file/remote_file.rs b/authfs/src/file/remote_file.rs
index f2ac23f..9d614f5 100644
--- a/authfs/src/file/remote_file.rs
+++ b/authfs/src/file/remote_file.rs
@@ -41,8 +41,9 @@
.unwrap()
.readFile(remote_fd, offset, buf.len() as i32)
.map_err(|e| io::Error::new(io::ErrorKind::Other, e.get_description()))?;
- buf.copy_from_slice(&chunk);
- Ok(min(buf.len(), chunk.len()))
+ let size = min(buf.len(), chunk.len());
+ buf[..size].copy_from_slice(&chunk[..size]);
+ Ok(size)
}
pub struct RemoteFileReader {
@@ -87,8 +88,9 @@
.unwrap()
.readFsverityMerkleTree(self.file_fd, offset, buf.len() as i32)
.map_err(|e| io::Error::new(io::ErrorKind::Other, e.get_description()))?;
- buf.copy_from_slice(&chunk);
- Ok(min(buf.len(), chunk.len()))
+ let size = min(buf.len(), chunk.len());
+ buf[..size].copy_from_slice(&chunk[..size]);
+ Ok(size)
}
}
diff --git a/microdroid/Android.bp b/microdroid/Android.bp
index 484a509..5d48a4b 100644
--- a/microdroid/Android.bp
+++ b/microdroid/Android.bp
@@ -161,9 +161,7 @@
"printk.devkmsg=on " +
"androidboot.first_stage_console=1 " +
"androidboot.hardware=microdroid " +
- "androidboot.boot_devices=10000.pci " +
- // TODO(b/181747352) remove this to enforce selinux
- "androidboot.selinux=permissive",
+ "androidboot.boot_devices=10000.pci ",
dtb_prebuilt: "dummy_dtb.img",
header_version: "4",
partition_name: "boot",