virtiofs: Add AVF API to share directory paths
This patch adds the API to share directory path between host
and guest.
The path to be shared is taken as an input from vm_config.json;
```
"sharedPath": [
{
"sharedPath": "/data/data/com.google.android.virtualization.terminal/files"
}
],
```
The UID-GID mapping between host and guest is constructed on the fly
based on the active user.
Currently, terminal app's internal storage is set as default; but this
can be changed as required.
This is now disabled by default - the feature will be enabled once
all the dependencies related to crosvm lands.
Bug: 372171883
Test: Share terminal app internal storage to guest VM. Read "debian.log"
files inside the guest. Verify UID-GID mappings are set correctly to the
files.
Change-Id: I9f2e7d9167a00c8383523bbd238a48b06afa4c2e
Signed-off-by: Akilesh Kailash <akailash@google.com>
diff --git a/android/virtmgr/src/aidl.rs b/android/virtmgr/src/aidl.rs
index 52bfd87..5dac07f 100644
--- a/android/virtmgr/src/aidl.rs
+++ b/android/virtmgr/src/aidl.rs
@@ -17,7 +17,7 @@
use crate::{get_calling_pid, get_calling_uid, get_this_pid};
use crate::atom::{write_vm_booted_stats, write_vm_creation_stats};
use crate::composite::make_composite_image;
-use crate::crosvm::{AudioConfig, CrosvmConfig, DiskFile, DisplayConfig, GpuConfig, InputDeviceOption, PayloadState, UsbConfig, VmContext, VmInstance, VmState};
+use crate::crosvm::{AudioConfig, CrosvmConfig, DiskFile, SharedPathConfig, DisplayConfig, GpuConfig, InputDeviceOption, PayloadState, UsbConfig, VmContext, VmInstance, VmState};
use crate::debug_config::DebugConfig;
use crate::dt_overlay::{create_device_tree_overlay, VM_DT_OVERLAY_MAX_SIZE, VM_DT_OVERLAY_PATH};
use crate::payload::{add_microdroid_payload_images, add_microdroid_system_images, add_microdroid_vendor_image};
@@ -32,6 +32,7 @@
AssignableDevice::AssignableDevice,
CpuTopology::CpuTopology,
DiskImage::DiskImage,
+ SharedPath::SharedPath,
InputDevice::InputDevice,
IVirtualMachine::{self, BnVirtualMachine},
IVirtualMachineCallback::IVirtualMachineCallback,
@@ -613,6 +614,8 @@
})
.collect::<Result<Vec<DiskFile>, _>>()?;
+ let shared_paths = assemble_shared_paths(&config.sharedPaths, &temporary_directory)?;
+
let (cpus, host_cpu_topology) = match config.cpuTopology {
CpuTopology::MATCH_HOST => (None, true),
CpuTopology::ONE_CPU => (NonZeroU32::new(1), false),
@@ -719,6 +722,7 @@
kernel,
initrd,
disks,
+ shared_paths,
params: config.params.to_owned(),
protected: *is_protected,
debug_config,
@@ -956,6 +960,32 @@
},
})
}
+
+fn assemble_shared_paths(
+ shared_paths: &[SharedPath],
+ temporary_directory: &Path,
+) -> Result<Vec<SharedPathConfig>, Status> {
+ if shared_paths.is_empty() {
+ return Ok(Vec::new()); // Return an empty vector if shared_paths is empty
+ }
+
+ shared_paths
+ .iter()
+ .map(|path| {
+ Ok(SharedPathConfig {
+ path: path.sharedPath.clone(),
+ host_uid: path.hostUid,
+ host_gid: path.hostGid,
+ guest_uid: path.guestUid,
+ guest_gid: path.guestGid,
+ mask: path.mask,
+ tag: path.tag.clone(),
+ socket_path: temporary_directory.join(&path.socket).to_string_lossy().to_string(),
+ })
+ })
+ .collect()
+}
+
/// Given the configuration for a disk image, assembles the `DiskFile` to pass to crosvm.
///
/// This may involve assembling a composite disk from a set of partition images.
diff --git a/android/virtmgr/src/crosvm.rs b/android/virtmgr/src/crosvm.rs
index 25271f8..fcc5d3b 100644
--- a/android/virtmgr/src/crosvm.rs
+++ b/android/virtmgr/src/crosvm.rs
@@ -108,6 +108,7 @@
pub kernel: Option<File>,
pub initrd: Option<File>,
pub disks: Vec<DiskFile>,
+ pub shared_paths: Vec<SharedPathConfig>,
pub params: Option<String>,
pub protected: bool,
pub debug_config: DebugConfig,
@@ -224,6 +225,19 @@
pub writable: bool,
}
+/// Shared path between host and guest VM.
+#[derive(Debug)]
+pub struct SharedPathConfig {
+ pub path: String,
+ pub host_uid: i32,
+ pub host_gid: i32,
+ pub guest_uid: i32,
+ pub guest_gid: i32,
+ pub mask: i32,
+ pub tag: String,
+ pub socket_path: String,
+}
+
/// virtio-input device configuration from `external/crosvm/src/crosvm/config.rs`
#[derive(Debug)]
#[allow(dead_code)]
@@ -306,6 +320,8 @@
let tap =
if let Some(tap_file) = &config.tap { Some(tap_file.try_clone()?) } else { None };
+ run_virtiofs(&config)?;
+
// If this fails and returns an error, `self` will be left in the `Failed` state.
let child =
Arc::new(run_vm(config, &instance.crosvm_control_socket_path, failure_pipe_write)?);
@@ -884,6 +900,39 @@
}
}
+fn run_virtiofs(config: &CrosvmConfig) -> io::Result<()> {
+ for shared_path in &config.shared_paths {
+ let ugid_map_value = format!(
+ "{} {} {} {} {} /",
+ shared_path.guest_uid,
+ shared_path.guest_gid,
+ shared_path.host_uid,
+ shared_path.host_gid,
+ shared_path.mask,
+ );
+
+ let cfg_arg = format!("writeback=true,cache_policy=always,ugid_map='{}'", ugid_map_value);
+
+ let mut command = Command::new(CROSVM_PATH);
+ command
+ .arg("device")
+ .arg("fs")
+ .arg(format!("--socket={}", &shared_path.socket_path))
+ .arg(format!("--tag={}", &shared_path.tag))
+ .arg(format!("--shared-dir={}", &shared_path.path))
+ .arg("--cfg")
+ .arg(cfg_arg.as_str())
+ .arg("--disable-sandbox");
+
+ print_crosvm_args(&command);
+
+ let result = SharedChild::spawn(&mut command)?;
+ info!("Spawned virtiofs crosvm({})", result.id());
+ }
+
+ Ok(())
+}
+
/// Starts an instance of `crosvm` to manage a new VM.
fn run_vm(
config: CrosvmConfig,
@@ -1187,6 +1236,12 @@
command.arg(vfio_argument_for_platform_device(&device)?);
}
+ for shared_path in &config.shared_paths {
+ command
+ .arg("--vhost-user-fs")
+ .arg(format!("{},tag={}", &shared_path.socket_path, &shared_path.tag));
+ }
+
debug!("Preserving FDs {:?}", preserved_fds);
command.preserved_fds(preserved_fds);