Multi_tenant is the new payload_not_root
Trying to have more fine-grained Rust configs than feature flags was
actually a terrible idea, and means extra work if I need to add
something that is multi-tenant related but not root related.
Use consistent naming throughout instead.
Bug: 302677468
Test: Builds
Change-Id: I2dfe97e8c62f24590522df89d9b373774a43d495
diff --git a/Android.bp b/Android.bp
index 22581b0..2f6fc20 100644
--- a/Android.bp
+++ b/Android.bp
@@ -54,7 +54,7 @@
cfgs: ["llpvm_changes"],
},
release_avf_enable_multi_tenant_microdroid_vm: {
- cfgs: ["payload_not_root"],
+ cfgs: ["multi_tenant"],
},
release_avf_enable_remote_attestation: {
cfgs: ["remote_attestation"],
diff --git a/encryptedstore/src/main.rs b/encryptedstore/src/main.rs
index db3d4f6..dcb1cba 100644
--- a/encryptedstore/src/main.rs
+++ b/encryptedstore/src/main.rs
@@ -94,7 +94,7 @@
}
mount(&crypt_device, mountpoint)
.with_context(|| format!("Unable to mount {:?}", crypt_device))?;
- if cfg!(payload_not_root) && needs_formatting {
+ if cfg!(multi_tenant) && needs_formatting {
set_root_dir_permissions(mountpoint)?;
}
Ok(())
diff --git a/javalib/api/test-current.txt b/javalib/api/test-current.txt
index 7c61712..12c099d 100644
--- a/javalib/api/test-current.txt
+++ b/javalib/api/test-current.txt
@@ -20,7 +20,7 @@
public class VirtualMachineManager {
method @RequiresPermission(android.system.virtualmachine.VirtualMachine.MANAGE_VIRTUAL_MACHINE_PERMISSION) public boolean isFeatureEnabled(String) throws android.system.virtualmachine.VirtualMachineException;
field public static final String FEATURE_DICE_CHANGES = "com.android.kvm.DICE_CHANGES";
- field public static final String FEATURE_PAYLOAD_NOT_ROOT = "com.android.kvm.PAYLOAD_NON_ROOT";
+ field public static final String FEATURE_MULTI_TENANT = "com.android.kvm.MULTI_TENANT";
field public static final String FEATURE_VENDOR_MODULES = "com.android.kvm.VENDOR_MODULES";
}
diff --git a/javalib/src/android/system/virtualmachine/VirtualMachineManager.java b/javalib/src/android/system/virtualmachine/VirtualMachineManager.java
index e45fe99..a4927db 100644
--- a/javalib/src/android/system/virtualmachine/VirtualMachineManager.java
+++ b/javalib/src/android/system/virtualmachine/VirtualMachineManager.java
@@ -107,7 +107,7 @@
@Retention(RetentionPolicy.SOURCE)
@StringDef(
prefix = "FEATURE_",
- value = {FEATURE_DICE_CHANGES, FEATURE_PAYLOAD_NOT_ROOT, FEATURE_VENDOR_MODULES})
+ value = {FEATURE_DICE_CHANGES, FEATURE_MULTI_TENANT, FEATURE_VENDOR_MODULES})
public @interface Features {}
/**
@@ -123,8 +123,7 @@
* @hide
*/
@TestApi
- public static final String FEATURE_PAYLOAD_NOT_ROOT =
- IVirtualizationService.FEATURE_PAYLOAD_NON_ROOT;
+ public static final String FEATURE_MULTI_TENANT = IVirtualizationService.FEATURE_MULTI_TENANT;
/**
* Feature to allow vendor modules in Microdroid.
diff --git a/libs/microdroid_uids/src/lib.rs b/libs/microdroid_uids/src/lib.rs
index 04dc190..0248c61 100644
--- a/libs/microdroid_uids/src/lib.rs
+++ b/libs/microdroid_uids/src/lib.rs
@@ -29,7 +29,7 @@
// helps avoid confusion.)
/// Group ID shared by all payload users.
-pub const MICRODROID_PAYLOAD_GID: u32 = if cfg!(payload_not_root) { 6000 } else { 0 };
+pub const MICRODROID_PAYLOAD_GID: u32 = if cfg!(multi_tenant) { 6000 } else { 0 };
/// User ID for the initial payload user.
-pub const MICRODROID_PAYLOAD_UID: u32 = if cfg!(payload_not_root) { 6000 } else { 0 };
+pub const MICRODROID_PAYLOAD_UID: u32 = if cfg!(multi_tenant) { 6000 } else { 0 };
diff --git a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
index 2500f3b..40c5cae 100644
--- a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
+++ b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
@@ -1550,7 +1550,7 @@
@CddTest(requirements = {"9.17/C-1-1"})
public void payloadIsNotRoot() throws Exception {
assumeSupportedDevice();
- assumeFeatureEnabled(VirtualMachineManager.FEATURE_PAYLOAD_NOT_ROOT);
+ assumeFeatureEnabled(VirtualMachineManager.FEATURE_MULTI_TENANT);
VirtualMachineConfig config =
newVmConfigBuilder()
diff --git a/virtualizationmanager/src/aidl.rs b/virtualizationmanager/src/aidl.rs
index 8456888..684aa64 100644
--- a/virtualizationmanager/src/aidl.rs
+++ b/virtualizationmanager/src/aidl.rs
@@ -34,7 +34,7 @@
IVirtualMachine::{BnVirtualMachine, IVirtualMachine},
IVirtualMachineCallback::IVirtualMachineCallback,
IVirtualizationService::IVirtualizationService,
- IVirtualizationService::FEATURE_PAYLOAD_NON_ROOT,
+ IVirtualizationService::FEATURE_MULTI_TENANT,
IVirtualizationService::FEATURE_VENDOR_MODULES,
IVirtualizationService::FEATURE_DICE_CHANGES,
MemoryTrimLevel::MemoryTrimLevel,
@@ -276,7 +276,7 @@
// TODO(b/298012279): make this scalable.
match feature {
FEATURE_DICE_CHANGES => Ok(cfg!(dice_changes)),
- FEATURE_PAYLOAD_NON_ROOT => Ok(cfg!(payload_not_root)),
+ FEATURE_MULTI_TENANT => Ok(cfg!(multi_tenant)),
FEATURE_VENDOR_MODULES => Ok(cfg!(vendor_modules)),
_ => {
warn!("unknown feature {feature}");
diff --git a/virtualizationservice/aidl/android/system/virtualizationservice/IVirtualizationService.aidl b/virtualizationservice/aidl/android/system/virtualizationservice/IVirtualizationService.aidl
index 9255e1c..d6a1299 100644
--- a/virtualizationservice/aidl/android/system/virtualizationservice/IVirtualizationService.aidl
+++ b/virtualizationservice/aidl/android/system/virtualizationservice/IVirtualizationService.aidl
@@ -23,7 +23,7 @@
interface IVirtualizationService {
const String FEATURE_DICE_CHANGES = "com.android.kvm.DICE_CHANGES";
- const String FEATURE_PAYLOAD_NON_ROOT = "com.android.kvm.PAYLOAD_NON_ROOT";
+ const String FEATURE_MULTI_TENANT = "com.android.kvm.MULTI_TENANT";
const String FEATURE_VENDOR_MODULES = "com.android.kvm.VENDOR_MODULES";
/**