Merge "[test] Check vm attestation certificate chain in CTS tests" into main
diff --git a/java/framework/api/test-current.txt b/java/framework/api/test-current.txt
index 25eab18..d20d543 100644
--- a/java/framework/api/test-current.txt
+++ b/java/framework/api/test-current.txt
@@ -27,6 +27,7 @@
method @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") @NonNull public java.util.List<java.lang.String> getSupportedOSList() throws android.system.virtualmachine.VirtualMachineException;
method @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") @RequiresPermission(android.system.virtualmachine.VirtualMachine.MANAGE_VIRTUAL_MACHINE_PERMISSION) public boolean isFeatureEnabled(String) throws android.system.virtualmachine.VirtualMachineException;
method @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") @RequiresPermission(android.system.virtualmachine.VirtualMachine.MANAGE_VIRTUAL_MACHINE_PERMISSION) public boolean isRemoteAttestationSupported() throws android.system.virtualmachine.VirtualMachineException;
+ method @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") @RequiresPermission(android.system.virtualmachine.VirtualMachine.MANAGE_VIRTUAL_MACHINE_PERMISSION) public boolean isUpdatableVmSupported() throws android.system.virtualmachine.VirtualMachineException;
field @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") public static final String FEATURE_DICE_CHANGES = "com.android.kvm.DICE_CHANGES";
field @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") public static final String FEATURE_LLPVM_CHANGES = "com.android.kvm.LLPVM_CHANGES";
field @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") public static final String FEATURE_MULTI_TENANT = "com.android.kvm.MULTI_TENANT";
diff --git a/java/framework/src/android/system/virtualmachine/VirtualMachineManager.java b/java/framework/src/android/system/virtualmachine/VirtualMachineManager.java
index 9c965ec..091d317 100644
--- a/java/framework/src/android/system/virtualmachine/VirtualMachineManager.java
+++ b/java/framework/src/android/system/virtualmachine/VirtualMachineManager.java
@@ -413,4 +413,25 @@
}
}
}
+
+ /**
+ * Returns {@code true} if Updatable VM feature is supported by AVF. Updatable VM allow secrets
+ * and data to be accessible even after updates of boot images and apks. For more info see
+ * packages/modules/Virtualization/docs/updatable_vm.md
+ *
+ * @hide
+ */
+ @TestApi
+ @FlaggedApi(Flags.FLAG_AVF_V_TEST_APIS)
+ @RequiresPermission(VirtualMachine.MANAGE_VIRTUAL_MACHINE_PERMISSION)
+ public boolean isUpdatableVmSupported() throws VirtualMachineException {
+ synchronized (sCreateLock) {
+ VirtualizationService service = VirtualizationService.getInstance();
+ try {
+ return service.getBinder().isUpdatableVmSupported();
+ } catch (RemoteException e) {
+ throw e.rethrowAsRuntimeException();
+ }
+ }
+ }
}
diff --git a/rialto/tests/test.rs b/rialto/tests/test.rs
index 8899875..422dfc9 100644
--- a/rialto/tests/test.rs
+++ b/rialto/tests/test.rs
@@ -52,8 +52,12 @@
const INSTANCE_IMG_PATH: &str = "/data/local/tmp/rialto_test/arm64/instance.img";
const TEST_CERT_CHAIN_PATH: &str = "testdata/rkp_cert_chain.der";
+#[cfg(dice_changes)]
#[test]
fn process_requests_in_protected_vm() -> Result<()> {
+ // The test is skipped if the feature flag |dice_changes| is not enabled, because when
+ // the flag is off, the DICE chain is truncated in the pvmfw, and the service VM cannot
+ // verify the chain due to the missing entries in the chain.
check_processing_requests(VmType::ProtectedVm)
}
diff --git a/tests/helper/src/java/com/android/microdroid/test/device/MicrodroidDeviceTestBase.java b/tests/helper/src/java/com/android/microdroid/test/device/MicrodroidDeviceTestBase.java
index b7e2b8f..6c82de8 100644
--- a/tests/helper/src/java/com/android/microdroid/test/device/MicrodroidDeviceTestBase.java
+++ b/tests/helper/src/java/com/android/microdroid/test/device/MicrodroidDeviceTestBase.java
@@ -208,6 +208,12 @@
.isNotEqualTo("5.4");
}
+ protected void assumeNoUpdatableVmSupport() throws VirtualMachineException {
+ assume().withMessage("Secretkeeper not supported")
+ .that(getVirtualMachineManager().isUpdatableVmSupported())
+ .isFalse();
+ }
+
public abstract static class VmEventListener implements VirtualMachineCallback {
private ExecutorService mExecutorService = Executors.newSingleThreadExecutor();
private OptionalLong mVcpuStartedNanoTime = OptionalLong.empty();
diff --git a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
index c3d9757..1195cd3 100644
--- a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
+++ b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
@@ -1332,6 +1332,8 @@
"9.17/C-2-7"
})
public void bootFailsWhenMicrodroidDataIsCompromised() throws Exception {
+ // If Updatable VM is supported => No instance.img required
+ assumeNoUpdatableVmSupport();
assertThatBootFailsAfterCompromisingPartition(MICRODROID_PARTITION_UUID);
}
@@ -1341,6 +1343,8 @@
"9.17/C-2-7"
})
public void bootFailsWhenPvmFwDataIsCompromised() throws Exception {
+ // If Updatable VM is supported => No instance.img required
+ assumeNoUpdatableVmSupport();
if (mProtectedVm) {
assertThatBootFailsAfterCompromisingPartition(PVM_FW_PARTITION_UUID);
} else {
diff --git a/virtualizationmanager/src/aidl.rs b/virtualizationmanager/src/aidl.rs
index d0d3878..a72f724 100644
--- a/virtualizationmanager/src/aidl.rs
+++ b/virtualizationmanager/src/aidl.rs
@@ -318,6 +318,14 @@
check_manage_access()?;
GLOBAL_SERVICE.isRemoteAttestationSupported()
}
+
+ fn isUpdatableVmSupported(&self) -> binder::Result<bool> {
+ // The response is specific to Microdroid. Updatable VMs are only possible if device
+ // supports Secretkeeper. Guest OS needs to use Secretkeeper based secrets. Microdroid does
+ // this, however other guest OSes may do things differently.
+ check_manage_access()?;
+ Ok(is_secretkeeper_supported())
+ }
}
impl VirtualizationService {
diff --git a/virtualizationservice/aidl/android/system/virtualizationservice/IVirtualizationService.aidl b/virtualizationservice/aidl/android/system/virtualizationservice/IVirtualizationService.aidl
index e2063a9..462932c 100644
--- a/virtualizationservice/aidl/android/system/virtualizationservice/IVirtualizationService.aidl
+++ b/virtualizationservice/aidl/android/system/virtualizationservice/IVirtualizationService.aidl
@@ -91,4 +91,11 @@
* Returns {@code true} if the pVM remote attestation feature is supported
*/
boolean isRemoteAttestationSupported();
+
+ /**
+ * Check if Updatable VM feature is supported by AVF. Updatable VM allows secrets and data of
+ * a VM instance to be accessible even after updates of boot images and apks.
+ * For more info see packages/modules/Virtualization/docs/updatable_vm.md
+ */
+ boolean isUpdatableVmSupported();
}