Make authfs start optional
Only start the service if the VM config requests it.
Make CompOS explicitly request authfs, since it requires it.
Also improve the error messages if authfs is missing (which I
triggered while working on this).
This doesn't include restricting the use of the config option, but we
have a seperate bug to handle that in general.
Bug: 245262525
Test: atest MicrodroidTests MicrodroidHostTestCases
Change-Id: I4363daf0f5cfb0c1c7ffbb7ae2ca2b9cc395167d
diff --git a/compos/apk/assets/vm_config.json b/compos/apk/assets/vm_config.json
index c4abfd9..1f5cdba 100644
--- a/compos/apk/assets/vm_config.json
+++ b/compos/apk/assets/vm_config.json
@@ -26,5 +26,6 @@
"name": "{CLASSPATH}"
}
],
- "export_tombstones": true
+ "export_tombstones": true,
+ "enable_authfs": true
}
diff --git a/compos/apk/assets/vm_config_staged.json b/compos/apk/assets/vm_config_staged.json
index 0be6e78..37b1d7a 100644
--- a/compos/apk/assets/vm_config_staged.json
+++ b/compos/apk/assets/vm_config_staged.json
@@ -27,5 +27,6 @@
"name": "{CLASSPATH}"
}
],
- "export_tombstones": true
+ "export_tombstones": true,
+ "enable_authfs": true
}
diff --git a/compos/apk/assets/vm_config_system_ext.json b/compos/apk/assets/vm_config_system_ext.json
index e60dee7..1ef43f0 100644
--- a/compos/apk/assets/vm_config_system_ext.json
+++ b/compos/apk/assets/vm_config_system_ext.json
@@ -29,5 +29,6 @@
"name": "{CLASSPATH}"
}
],
- "export_tombstones": true
+ "export_tombstones": true,
+ "enable_authfs": true
}
diff --git a/compos/apk/assets/vm_config_system_ext_staged.json b/compos/apk/assets/vm_config_system_ext_staged.json
index 99a4160..9103a9e 100644
--- a/compos/apk/assets/vm_config_system_ext_staged.json
+++ b/compos/apk/assets/vm_config_system_ext_staged.json
@@ -30,5 +30,6 @@
"name": "{CLASSPATH}"
}
],
- "export_tombstones": true
+ "export_tombstones": true,
+ "enable_authfs": true
}
diff --git a/compos/src/compsvc.rs b/compos/src/compsvc.rs
index 7ce60cd..3dbb4da 100644
--- a/compos/src/compsvc.rs
+++ b/compos/src/compsvc.rs
@@ -117,7 +117,7 @@
));
}
- let context = to_binder_result(OdrefreshContext::new(
+ let context = OdrefreshContext::new(
compilation_mode,
system_dir_fd,
if system_ext_dir_fd >= 0 { Some(system_ext_dir_fd) } else { None },
@@ -126,21 +126,9 @@
target_dir_name,
zygote_arch,
system_server_compiler_filter,
- ))?;
+ );
- let authfs_service = binder::get_interface(AUTHFS_SERVICE_NAME)?;
- let exit_code = to_binder_result(
- odrefresh(&self.odrefresh_path, context, authfs_service, |output_dir| {
- // authfs only shows us the files we created, so it's ok to just sign everything
- // under the output directory.
- let mut artifact_signer = ArtifactSigner::new(&output_dir);
- add_artifacts(&output_dir, &mut artifact_signer)?;
-
- artifact_signer.write_info_and_signature(&output_dir.join("compos.info"))
- })
- .context("odrefresh failed"),
- )?;
- Ok(exit_code as i8)
+ to_binder_result(context.and_then(|c| self.do_odrefresh(c)))
}
fn getPublicKey(&self) -> BinderResult<Vec<u8>> {
@@ -158,6 +146,23 @@
}
}
+impl CompOsService {
+ fn do_odrefresh(&self, context: OdrefreshContext) -> Result<i8> {
+ let authfs_service = binder::get_interface(AUTHFS_SERVICE_NAME)
+ .context("Unable to connect to AuthFS service")?;
+ let exit_code = odrefresh(&self.odrefresh_path, context, authfs_service, |output_dir| {
+ // authfs only shows us the files we created, so it's ok to just sign everything
+ // under the output directory.
+ let mut artifact_signer = ArtifactSigner::new(&output_dir);
+ add_artifacts(&output_dir, &mut artifact_signer)?;
+
+ artifact_signer.write_info_and_signature(&output_dir.join("compos.info"))
+ })
+ .context("odrefresh failed")?;
+ Ok(exit_code as i8)
+ }
+}
+
fn add_artifacts(target_dir: &Path, artifact_signer: &mut ArtifactSigner) -> Result<()> {
for entry in
read_dir(&target_dir).with_context(|| format!("Traversing {}", target_dir.display()))?
diff --git a/microdroid/init.rc b/microdroid/init.rc
index cd7332b..4e36726 100644
--- a/microdroid/init.rc
+++ b/microdroid/init.rc
@@ -149,7 +149,6 @@
restorecon /data/misc
mkdir /data/misc/authfs 0700 root root
- start authfs_service
on late-fs && property:ro.debuggable=1
# Ensure that tracefs has the correct permissions.
diff --git a/microdroid/payload/config/src/lib.rs b/microdroid/payload/config/src/lib.rs
index b82544f..54b745e 100644
--- a/microdroid/payload/config/src/lib.rs
+++ b/microdroid/payload/config/src/lib.rs
@@ -42,6 +42,11 @@
/// Whether to export the tomsbtones (VM crashes) out of VM to host
/// This does not have a default & the value is expected to be in json for deserialization
pub export_tombstones: bool,
+
+ /// Whether the authfs service should be started in the VM. This enables read or write of host
+ /// files with integrity checking, but not confidentiality.
+ #[serde(default)]
+ pub enable_authfs: bool,
}
/// OS config
diff --git a/microdroid_manager/src/main.rs b/microdroid_manager/src/main.rs
index e3ad495..7629291 100644
--- a/microdroid_manager/src/main.rs
+++ b/microdroid_manager/src/main.rs
@@ -323,6 +323,11 @@
let config = load_config(Path::new(&metadata.payload_config_path))?;
+ let task = config
+ .task
+ .as_ref()
+ .ok_or_else(|| MicrodroidError::InvalidConfig("No task in VM config".to_string()))?;
+
if config.extra_apks.len() != verified_data.extra_apks_data.len() {
return Err(anyhow!(
"config expects {} extra apks, but found only {}",
@@ -338,18 +343,23 @@
// Start tombstone_transmit if enabled
if config.export_tombstones {
- system_properties::write("ctl.start", "tombstone_transmit")
- .context("Failed to start tombstone_transmit")?;
+ control_service("start", "tombstone_transmit")?;
} else {
- system_properties::write("ctl.stop", "tombstoned").context("Failed to stop tombstoned")?;
+ control_service("stop", "tombstoned")?;
}
- ensure!(
- config.task.is_some(),
- MicrodroidError::InvalidConfig("No task in VM config".to_string())
- );
+ // Start authfs if enabled
+ if config.enable_authfs {
+ control_service("start", "authfs_service")?;
+ }
+
system_properties::write("dev.bootcomplete", "1").context("set dev.bootcomplete")?;
- exec_task(&config.task.unwrap(), service)
+ exec_task(task, service)
+}
+
+fn control_service(action: &str, service: &str) -> Result<()> {
+ system_properties::write(&format!("ctl.{}", action), service)
+ .with_context(|| format!("Failed to {} {}", action, service))
}
struct ApkDmverityArgument<'a> {