Merge "Rename "signature" to "metadata""
diff --git a/apex/Android.bp b/apex/Android.bp
index 9c0ef23..3db4c1a 100644
--- a/apex/Android.bp
+++ b/apex/Android.bp
@@ -60,7 +60,6 @@
         "com.android.virt.init.rc",
         "microdroid_cdisk.json",
         "microdroid_cdisk_env.json",
-        "microdroid_cdisk_userdata.json",
         "microdroid_payload.json",
         "microdroid_uboot_env",
         "microdroid_bootloader",
diff --git a/apex/virtualizationservice.rc b/apex/virtualizationservice.rc
index 6e0b045..7e71105 100644
--- a/apex/virtualizationservice.rc
+++ b/apex/virtualizationservice.rc
@@ -16,4 +16,6 @@
     class main
     user virtualizationservice
     group virtualizationservice
+    interface aidl android.system.virtualizationservice
     disabled
+    oneshot
diff --git a/microdroid/Android.bp b/microdroid/Android.bp
index 8ccced7..b878b3e 100644
--- a/microdroid/Android.bp
+++ b/microdroid/Android.bp
@@ -57,8 +57,6 @@
         "logd",
         "run-as",
         "secilc",
-        "mke2fs",
-        "e2fsdroid",
 
         // "com.android.adbd" requires these,
         "libadbd_auth",
@@ -69,15 +67,11 @@
 
         "apexd",
         "debuggerd",
-        "e2fsck",
         "keystore2",
         "linker",
         "linkerconfig",
         "servicemanager",
         "tombstoned",
-        "tune2fs",
-        "vdc",
-        "vold",
         "wait_for_keymaster",
         "cgroups.json",
         "public.libraries.android.txt",
@@ -218,8 +212,7 @@
             cmdline: microdroid_boot_cmdline +
                 "pci=noacpi " +
                 "androidboot.boot_devices=pci0000:00/0000:00:01.0," + // os
-                "pci0000:00/0000:00:03.0," + // payload
-                "pci0000:00/0000:00:04.0", // userdata
+                "pci0000:00/0000:00:03.0", // payload
         },
     },
     dtb_prebuilt: "dummy_dtb.img",
@@ -404,11 +397,6 @@
 }
 
 prebuilt_etc {
-    name: "microdroid_cdisk_userdata.json",
-    src: "microdroid_cdisk_userdata.json",
-}
-
-prebuilt_etc {
     name: "microdroid_payload.json",
     src: "microdroid_payload.json",
 }
diff --git a/microdroid/README.md b/microdroid/README.md
index 489791a..6b9f4b1 100644
--- a/microdroid/README.md
+++ b/microdroid/README.md
@@ -105,16 +105,6 @@
     {
       "image": "/data/local/tmp/microdroid/payload.img",
       "writable": false
-    },
-    {
-      "partitions": [
-        {
-          "label": "userdata",
-          "path": "/data/local/tmp/microdroid/userdata.img",
-          "writable": true
-        }
-      ],
-      "writable": true
     }
   ]
 }
@@ -129,7 +119,6 @@
 $ adb root
 $ adb shell 'mkdir /data/local/tmp/microdroid'
 $ adb shell 'dd if=/dev/zero of=/data/local/tmp/microdroid/misc.img bs=4k count=256'
-$ adb shell 'dd if=/dev/zero of=/data/local/tmp/microdroid/userdata.img bs=1 count=0 seek=4G'
 $ adb shell 'cd /data/local/tmp/microdroid; /apex/com.android.virt/bin/mk_payload /apex/com.android.virt/etc/microdroid_payload.json payload.img'
 $ adb shell 'chmod go+r /data/local/tmp/microdroid/payload*'
 $ adb push microdroid.json /data/local/tmp/microdroid/microdroid.json
diff --git a/microdroid/fstab.microdroid b/microdroid/fstab.microdroid
index fd8d395..129718e 100644
--- a/microdroid/fstab.microdroid
+++ b/microdroid/fstab.microdroid
@@ -1,4 +1,2 @@
 system /system ext4 noatime,ro,errors=panic wait,first_stage_mount,logical
 vendor /vendor ext4 noatime,ro,errors=panic wait,first_stage_mount,logical
-
-/dev/block/by-name/userdata /data ext4 noatime,nosuid,nodev,errors=panic latemount,wait,check,formattable,fileencryption=aes-256-xts
diff --git a/microdroid/init.rc b/microdroid/init.rc
index 074e118..2385d8f 100644
--- a/microdroid/init.rc
+++ b/microdroid/init.rc
@@ -99,9 +99,6 @@
     trigger early-boot
     trigger boot
 
-on early-fs
-    start vold
-
 on post-fs
     # Once everything is setup, no need to modify /.
     # The bind+remount combination allows this to work in containers.
@@ -114,7 +111,8 @@
 
     exec_start wait_for_keymaster
 
-    mount_all /vendor/etc/fstab.microdroid --late
+    # TODO(b/185767624): change the hard-coded size?
+    mount tmpfs tmpfs /data noatime nosuid nodev rw size=128M
 
 on post-fs-data
     mark_post_data
@@ -126,25 +124,22 @@
     # We restorecon /data in case the userdata partition has been reset.
     restorecon /data
 
-    # Make sure we have the device encryption key.
-    installkey /data
-
-    mkdir /data/vendor 0771 root root encryption=Require
-    mkdir /data/vendor_ce 0771 root root encryption=None
-    mkdir /data/vendor_de 0771 root root encryption=None
+    mkdir /data/vendor 0771 root root
+    mkdir /data/vendor_ce 0771 root root
+    mkdir /data/vendor_de 0771 root root
     mkdir /data/vendor/hardware 0771 root root
 
     # Start tombstoned early to be able to store tombstones.
     # microdroid doesn't have anr, but tombstoned requires it
-    mkdir /data/anr 0775 system system encryption=Require
-    mkdir /data/tombstones 0771 system system encryption=Require
+    mkdir /data/anr 0775 system system
+    mkdir /data/tombstones 0771 system system
     mkdir /data/vendor/tombstones 0771 root root
 
     start tombstoned
 
     # set up keystore directory structure first so that we can end early boot
     # and start apexd
-    mkdir /data/misc 01771 system misc encryption=Require
+    mkdir /data/misc 01771 system misc
     mkdir /data/misc/keystore 0700 keystore keystore
     # work around b/183668221
     restorecon /data/misc /data/misc/keystore
@@ -155,15 +150,9 @@
     # to leave room for earlier levels.
     setprop keystore.boot_level 30
 
-    # Now that /data is mounted and we have created /data/misc/keystore,
-    # we can tell keystore to stop allowing use of early-boot keys,
-    # and access its database for the first time to support creation and
-    # use of MAX_BOOT_LEVEL keys.
-    exec - system system -- /system/bin/vdc keymaster earlyBootEnded
-
     # For security reasons, /data/local/tmp should always be empty.
     # Do not place files or directories in /data/local/tmp
-    mkdir /data/local 0751 root root encryption=Require
+    mkdir /data/local 0751 root root
     mkdir /data/local/tmp 0771 shell shell
 
 service ueventd /system/bin/ueventd
@@ -189,6 +178,3 @@
 
 on property:sys.boot_completed=1
     start logd-auditctl
-
-on property:vold.decrypt=trigger_post_fs_data
-    trigger post-fs-data
diff --git a/microdroid/microdroid_cdisk_userdata.json b/microdroid/microdroid_cdisk_userdata.json
deleted file mode 100644
index 04af3f2..0000000
--- a/microdroid/microdroid_cdisk_userdata.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-  "partitions": [
-    {
-      "label": "userdata",
-      "path": "userdata.img",
-      "writable": true
-    }
-  ]
-}
diff --git a/tests/AndroidTest.xml b/tests/AndroidTest.xml
index a58c08c..f170f48 100644
--- a/tests/AndroidTest.xml
+++ b/tests/AndroidTest.xml
@@ -41,17 +41,6 @@
         <option name="push-file" key="virt_test_initramfs.img" value="/data/local/tmp/virt-test/initramfs" />
     </target_preparer>
 
-    <!-- Root currently needed to run CrosVM.
-         TODO: Give sufficient permissions to the adb shell user (b/171240450). -->
-    <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer"/>
-
-    <!-- Run VirtualizationService for the duration of the test.
-         TODO: Run VirtualizationService as a system service. -->
-    <target_preparer class="com.android.tradefed.targetprep.RunCommandTargetPreparer">
-        <option name="throw-if-cmd-fail" value="true" />
-        <option name="run-command" value="start virtualizationservice" />
-    </target_preparer>
-
     <test class="com.android.tradefed.testtype.GTest" >
         <option name="native-test-device-path" value="/data/local/tmp/virt-test" />
         <option name="module-name" value="VirtualizationTestCases" />
diff --git a/tests/common.cc b/tests/common.cc
index fbda6c6..a9f0807 100644
--- a/tests/common.cc
+++ b/tests/common.cc
@@ -19,10 +19,9 @@
 namespace virt {
 
 void VirtualizationTest::SetUp() {
-    status_t err =
-            getService<IVirtualizationService>(String16("android.system.virtualizationservice"),
-                                               &mVirtualizationService);
-    ASSERT_EQ(err, 0);
+    mVirtualizationService = waitForService<IVirtualizationService>(
+            String16("android.system.virtualizationservice"));
+    ASSERT_NE(mVirtualizationService, nullptr);
 }
 
 } // namespace virt
diff --git a/tests/hostside/java/android/virt/test/MicrodroidTestCase.java b/tests/hostside/java/android/virt/test/MicrodroidTestCase.java
index b3c3e27..a1043f7 100644
--- a/tests/hostside/java/android/virt/test/MicrodroidTestCase.java
+++ b/tests/hostside/java/android/virt/test/MicrodroidTestCase.java
@@ -78,13 +78,11 @@
                                 + "cp %setc/microdroid_bootloader bootloader && "
                                 + "cp %setc/fs/*.img . && "
                                 + "cp %setc/uboot_env.img . && "
-                                + "dd if=/dev/zero of=misc.img bs=4k count=256 && "
-                                + "dd if=/dev/zero of=userdata.img bs=1 count=0 seek=4G && "
-                                + "mkfs.ext4 userdata.img",
+                                + "dd if=/dev/zero of=misc.img bs=4k count=256",
                         TEST_ROOT, TEST_ROOT, VIRT_APEX, VIRT_APEX, VIRT_APEX);
         getDevice().executeShellCommand(prepareImagesCmd);
 
-        // Create os_composite.img, env_composite.img, userdata.img, and payload.img
+        // Create os_composite.img, env_composite.img, and payload.img
         String makeOsCompositeCmd =
                 String.format(
                         "cd %s; %sbin/mk_cdisk %setc/microdroid_cdisk.json os_composite.img",
@@ -95,12 +93,6 @@
                         "cd %s; %sbin/mk_cdisk %setc/microdroid_cdisk_env.json env_composite.img",
                         TEST_ROOT, VIRT_APEX, VIRT_APEX);
         getDevice().executeShellCommand(makeEnvCompositeCmd);
-        String makeDataCompositeCmd =
-                String.format(
-                        "cd %s; %sbin/mk_cdisk %setc/microdroid_cdisk_userdata.json"
-                                + " userdata_composite.img",
-                        TEST_ROOT, VIRT_APEX, VIRT_APEX);
-        getDevice().executeShellCommand(makeDataCompositeCmd);
         String makePayloadCompositeCmd =
                 String.format(
                         "cd %s; %sbin/mk_payload %setc/microdroid_payload.json payload.img",
@@ -113,7 +105,6 @@
                         Arrays.asList(
                                 TEST_ROOT + "/os_composite.img",
                                 TEST_ROOT + "/env_composite.img",
-                                TEST_ROOT + "/userdata_composite.img",
                                 TEST_ROOT + "/payload.img"));
         CommandResult result =
                 getDevice().executeShellV2Command("du -b " + String.join(" ", compositeImages));
@@ -126,8 +117,7 @@
                 String.format(
                         "cd %s; %sbin/crosvm run --cid=%d --disable-sandbox --bios=bootloader"
                                 + " --serial=type=syslog --disk=os_composite.img"
-                                + " --disk=env_composite.img --disk=payload.img"
-                                + " --rwdisk=userdata_composite.img &",
+                                + " --disk=env_composite.img --disk=payload.img &",
                         TEST_ROOT, VIRT_APEX, TEST_VM_CID);
         executor.execute(
                 () -> {
@@ -193,7 +183,7 @@
     private void waitForMicrodroidBoot(long timeoutMinutes) throws Exception {
         // Wait for a specific log from logd
         // TODO(jiyong): use a more reasonable marker
-        final String pattern = "logd:\\ logd\\ reinit";
+        final String pattern = "logd.auditd: start";
         getDevice()
                 .executeShellV2Command(
                         "logcat --regex=\"" + pattern + "\" -m 1",
diff --git a/vm/src/main.rs b/vm/src/main.rs
index 84f7d18..bdb574c 100644
--- a/vm/src/main.rs
+++ b/vm/src/main.rs
@@ -19,7 +19,7 @@
 mod sync;
 
 use android_system_virtualizationservice::aidl::android::system::virtualizationservice::IVirtualizationService::IVirtualizationService;
-use android_system_virtualizationservice::binder::{get_interface, ProcessState, Strong};
+use android_system_virtualizationservice::binder::{wait_for_interface, ProcessState, Strong};
 use anyhow::{Context, Error};
 use run::command_run;
 use std::path::PathBuf;
@@ -58,7 +58,7 @@
     // We need to start the thread pool for Binder to work properly, especially link_to_death.
     ProcessState::start_thread_pool();
 
-    let service = get_interface(VIRTUALIZATION_SERVICE_BINDER_SERVICE_IDENTIFIER)
+    let service = wait_for_interface(VIRTUALIZATION_SERVICE_BINDER_SERVICE_IDENTIFIER)
         .context("Failed to find VirtualizationService")?;
 
     match opt {