Merge "[pvmfw][microdroid] Make empty_file filegroup for reuse"
diff --git a/authfs/service/authfs_service.rc b/authfs/service/authfs_service.rc
index 409e91c..bc67c83 100644
--- a/authfs/service/authfs_service.rc
+++ b/authfs/service/authfs_service.rc
@@ -3,3 +3,4 @@
socket authfs_service stream 0666 root system
# SYS_ADMIN capability allows to mount FUSE filesystem
capabilities SYS_ADMIN
+ user root
diff --git a/authfs/tests/benchmarks/Android.bp b/authfs/tests/benchmarks/Android.bp
index b30ecdd..110d000 100644
--- a/authfs/tests/benchmarks/Android.bp
+++ b/authfs/tests/benchmarks/Android.bp
@@ -12,6 +12,7 @@
"AuthFsHostTestCommon",
"MicrodroidHostTestHelper",
"cts-host-utils",
+ "MicrodroidTestPreparer", // Workaround for sandboxed test environment to install this
],
test_suites: ["general-tests"],
data_device_bins_first: [
diff --git a/compos/common/compos_client.rs b/compos/common/compos_client.rs
index bf4c678..bc6ab25 100644
--- a/compos/common/compos_client.rs
+++ b/compos/common/compos_client.rs
@@ -53,6 +53,8 @@
/// Parameters to be used when creating a virtual machine instance.
#[derive(Default, Debug, Clone)]
pub struct VmParameters {
+ /// The name of VM for identifying.
+ pub name: String,
/// Whether the VM should be debuggable.
pub debug_mode: bool,
/// CPU topology of the VM. Defaults to 1 vCPU.
@@ -115,7 +117,7 @@
};
let config = VirtualMachineConfig::AppConfig(VirtualMachineAppConfig {
- name: String::from("Compos"),
+ name: parameters.name.clone(),
apk: Some(apk_fd),
idsig: Some(idsig_fd),
instanceImage: Some(instance_fd),
diff --git a/compos/composd/src/instance_manager.rs b/compos/composd/src/instance_manager.rs
index 2ce12f8..d7c0f9a 100644
--- a/compos/composd/src/instance_manager.rs
+++ b/compos/composd/src/instance_manager.rs
@@ -41,12 +41,14 @@
pub fn start_current_instance(&self) -> Result<CompOsInstance> {
let mut vm_parameters = new_vm_parameters()?;
+ vm_parameters.name = String::from("Composd");
vm_parameters.prefer_staged = true;
self.start_instance(CURRENT_INSTANCE_DIR, vm_parameters)
}
pub fn start_test_instance(&self, prefer_staged: bool) -> Result<CompOsInstance> {
let mut vm_parameters = new_vm_parameters()?;
+ vm_parameters.name = String::from("ComposdTest");
vm_parameters.debug_mode = true;
vm_parameters.prefer_staged = prefer_staged;
self.start_instance(TEST_INSTANCE_DIR, vm_parameters)
diff --git a/compos/verify/verify.rs b/compos/verify/verify.rs
index 13e9292..952e9c7 100644
--- a/compos/verify/verify.rs
+++ b/compos/verify/verify.rs
@@ -115,6 +115,7 @@
&idsig_manifest_apk,
&idsig_manifest_ext_apk,
&VmParameters {
+ name: String::from("ComposVerify"),
cpu_topology: VmCpuTopology::OneCpu, // This VM runs very little work at boot
debug_mode: args.debug,
..Default::default()
diff --git a/microdroid_manager/microdroid_manager.rc b/microdroid_manager/microdroid_manager.rc
index 97d14b5..e257547 100644
--- a/microdroid_manager/microdroid_manager.rc
+++ b/microdroid_manager/microdroid_manager.rc
@@ -11,4 +11,5 @@
# CAP_SETCAP is required to allow microdroid_manager to drop capabilities
# before executing the payload
capabilities AUDIT_CONTROL SYS_ADMIN SYS_BOOT SETPCAP
+ user root
socket vm_payload_service stream 0666 system system
diff --git a/pvmfw/Android.bp b/pvmfw/Android.bp
index 7f7787d..6d5226a 100644
--- a/pvmfw/Android.bp
+++ b/pvmfw/Android.bp
@@ -20,6 +20,7 @@
"liblibfdt",
"liblog_rust_nostd",
"libonce_cell_nostd",
+ "libpsci",
"libpvmfw_avb_nostd",
"libpvmfw_embedded_key",
"libpvmfw_fdt_template",
diff --git a/pvmfw/src/hvc.rs b/pvmfw/src/hvc.rs
index 08edd86..b5b0909 100644
--- a/pvmfw/src/hvc.rs
+++ b/pvmfw/src/hvc.rs
@@ -78,7 +78,8 @@
let mut args = [0u64; 17];
args[0] = ipa;
- // TODO(b/253586500): pKVM currently returns a i32 instead of a i64.
+ // TODO(b/277859415): pKVM returns a i32 instead of a i64 in T.
+ // Drop this hack once T reaches EoL.
let is_i32_error_code = |n| u32::try_from(n).ok().filter(|v| (*v as i32) < 0).is_some();
match checked_hvc64_expect_zero(VENDOR_HYP_KVM_MMIO_GUARD_MAP_FUNC_ID, args) {
Err(smccc::Error::Unexpected(e)) if is_i32_error_code(e) => {
@@ -98,7 +99,8 @@
let mut args = [0u64; 17];
args[0] = ipa;
- // TODO(b/251426790): pKVM currently returns NOT_SUPPORTED for SUCCESS.
+ // TODO(b/277860860): pKVM returns NOT_SUPPORTED for SUCCESS in T.
+ // Drop this hack once T reaches EoL.
match checked_hvc64_expect_zero(VENDOR_HYP_KVM_MMIO_GUARD_UNMAP_FUNC_ID, args) {
Err(smccc::Error::NotSupported) | Ok(_) => Ok(()),
x => x,
diff --git a/pvmfw/src/hvc/trng.rs b/pvmfw/src/hvc/trng.rs
index d347693..53d5881 100644
--- a/pvmfw/src/hvc/trng.rs
+++ b/pvmfw/src/hvc/trng.rs
@@ -12,9 +12,9 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-use crate::smccc;
use core::fmt;
use core::result;
+use psci::smccc;
/// Standard SMCCC TRNG error values as described in DEN 0098 1.0 REL0.
#[derive(Debug, Clone)]
diff --git a/pvmfw/src/smccc.rs b/pvmfw/src/smccc.rs
index ccf2680..16f5a62 100644
--- a/pvmfw/src/smccc.rs
+++ b/pvmfw/src/smccc.rs
@@ -13,40 +13,7 @@
// limitations under the License.
use core::{fmt, result};
-
-// TODO(b/245889995): use psci-0.1.1 crate
-#[inline(always)]
-pub fn hvc64(function: u32, args: [u64; 17]) -> [u64; 18] {
- #[cfg(target_arch = "aarch64")]
- unsafe {
- let mut ret = [0; 18];
-
- core::arch::asm!(
- "hvc #0",
- inout("x0") function as u64 => ret[0],
- inout("x1") args[0] => ret[1],
- inout("x2") args[1] => ret[2],
- inout("x3") args[2] => ret[3],
- inout("x4") args[3] => ret[4],
- inout("x5") args[4] => ret[5],
- inout("x6") args[5] => ret[6],
- inout("x7") args[6] => ret[7],
- inout("x8") args[7] => ret[8],
- inout("x9") args[8] => ret[9],
- inout("x10") args[9] => ret[10],
- inout("x11") args[10] => ret[11],
- inout("x12") args[11] => ret[12],
- inout("x13") args[12] => ret[13],
- inout("x14") args[13] => ret[14],
- inout("x15") args[14] => ret[15],
- inout("x16") args[15] => ret[16],
- inout("x17") args[16] => ret[17],
- options(nomem, nostack)
- );
-
- ret
- }
-}
+use psci::smccc::hvc64;
/// Standard SMCCC error values as described in DEN 0028E.
#[derive(Debug, Clone)]
diff --git a/tests/hostside/Android.bp b/tests/hostside/Android.bp
index c71a8ec..873cc38 100644
--- a/tests/hostside/Android.bp
+++ b/tests/hostside/Android.bp
@@ -38,6 +38,7 @@
"compatibility-host-util",
"cts-statsd-atom-host-test-utils",
"microdroid_payload_metadata",
+ "MicrodroidTestPreparer", // Workaround for sandboxed test environment to install this
],
per_testcase_directory: true,
data: [
diff --git a/virtualizationmanager/src/atom.rs b/virtualizationmanager/src/atom.rs
index 02d46ec..d6eb141 100644
--- a/virtualizationmanager/src/atom.rs
+++ b/virtualizationmanager/src/atom.rs
@@ -93,6 +93,7 @@
}
/// Write the stats of VMCreation to statsd
+/// The function creates a separate thread which waits for statsd to start to push atom
pub fn write_vm_creation_stats(
config: &VirtualMachineConfig,
is_protected: bool,
@@ -158,7 +159,7 @@
}
/// Write the stats of VM boot to statsd
-/// The function creates a separate thread which waits fro statsd to start to push atom
+/// The function creates a separate thread which waits for statsd to start to push atom
pub fn write_vm_booted_stats(
uid: i32,
vm_identifier: &str,
@@ -182,8 +183,7 @@
}
/// Write the stats of VM exit to statsd
-/// The function creates a separate thread which waits fro statsd to start to push atom
-pub fn write_vm_exited_stats(
+pub fn write_vm_exited_stats_sync(
uid: i32,
vm_identifier: &str,
reason: DeathReason,
@@ -207,9 +207,7 @@
};
info!("Writing VmExited atom into statsd.");
- thread::spawn(move || {
- GLOBAL_SERVICE.atomVmExited(&atom).unwrap_or_else(|e| {
- warn!("Failed to write VmExited atom: {e}");
- });
+ GLOBAL_SERVICE.atomVmExited(&atom).unwrap_or_else(|e| {
+ warn!("Failed to write VmExited atom: {e}");
});
}
diff --git a/virtualizationmanager/src/crosvm.rs b/virtualizationmanager/src/crosvm.rs
index a8cad94..60dd4cf 100644
--- a/virtualizationmanager/src/crosvm.rs
+++ b/virtualizationmanager/src/crosvm.rs
@@ -15,7 +15,7 @@
//! Functions for running instances of `crosvm`.
use crate::aidl::{remove_temporary_files, Cid, VirtualMachineCallbacks};
-use crate::atom::{get_num_cpus, write_vm_exited_stats};
+use crate::atom::{get_num_cpus, write_vm_exited_stats_sync};
use crate::debug_config::DebugConfig;
use anyhow::{anyhow, bail, Context, Error, Result};
use command_fds::CommandFdExt;
@@ -381,7 +381,7 @@
self.callbacks.callback_on_died(self.cid, death_reason);
let vm_metric = self.vm_metric.lock().unwrap();
- write_vm_exited_stats(
+ write_vm_exited_stats_sync(
self.requester_uid as i32,
&self.name,
death_reason,