Mount /data with MS_NOEXEC We want to ensure that W^X is guaranteed for Microdroid VMs. This change doesn't guarantee that W^X is enforced for FULL_DEBUG VMs, as a user can enable adb root, and remount the /data without MS_NOEXEC flag. This is intended, as it allows developers to debug & get familiar with the Microdroid execution environment. This is an attempt at relanding aosp/I622e3d95d9d8fd6d26bfb690499acf7208ca4d52 Bug: 265261525 Test: atest MicrodroidTestApp Change-Id: Id826bd46f6fcf2ed1cf64710cfa057ffe7036ef8

commit: 29e15c83d1cbfe0db7c5c2e7dacfbc2bb53f6b84 [log] [tgz]
author: Nikita Ioffe <ioffe@google.com> Sat Feb 25 02:31:51 2023 +0000
committer: Nikita Ioffe <ioffe@google.com> Mon Feb 27 17:47:05 2023 +0000
tree: 136ad3ad2de56585e4b19219a92d11130690f90e
parent: a12763c7e2c7cbcff00242e02726b5ce3c3c65a5 [diff] [blame]
diff --git a/tests/testapk/Android.bp b/tests/testapk/Android.bp
index 9f80433..fe8f5c9 100644
--- a/tests/testapk/Android.bp
+++ b/tests/testapk/Android.bp

@@ -63,6 +63,7 @@
     static_libs: [
         "com.android.microdroid.testservice-ndk",
         "libbase",
+        "libfstab",
         "libfsverity_digests_proto_cc",
         "liblog",
         "libprotobuf-cpp-lite-ndk",
commit	29e15c83d1cbfe0db7c5c2e7dacfbc2bb53f6b84	[log] [tgz]
author	Nikita Ioffe <ioffe@google.com>	Sat Feb 25 02:31:51 2023 +0000
committer	Nikita Ioffe <ioffe@google.com>	Mon Feb 27 17:47:05 2023 +0000
tree	136ad3ad2de56585e4b19219a92d11130690f90e
parent	a12763c7e2c7cbcff00242e02726b5ce3c3c65a5 [diff] [blame]