Add test case for sharing VM with encrypted storage
The first app (MicrodroidTestApp) writes a file to encrypted storage,
and then shares the VM with the second app (MicrodroidVmShareApp). The
second app (MicrodroidVmShareApp) starts the VM and reads the file from
the encrypted storage.
Bug: 259384440
Test: atest MicrodroidTestApp
Change-Id: Ia3e093b6b659611b09c8c0550ea9ee79efb42c48
diff --git a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
index 13d56e1..d0f9941 100644
--- a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
+++ b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
@@ -1688,6 +1688,58 @@
}
}
+ @Test
+ public void testShareVmWithAnotherApp_encryptedStorage() throws Exception {
+ assumeSupportedKernel();
+
+ Context ctx = getContext();
+ Context otherAppCtx = ctx.createPackageContext(VM_SHARE_APP_PACKAGE_NAME, 0);
+
+ VirtualMachineConfig config =
+ new VirtualMachineConfig.Builder(otherAppCtx)
+ .setDebugLevel(DEBUG_LEVEL_FULL)
+ .setProtectedVm(isProtectedVm())
+ .setEncryptedStorageBytes(3_000_000)
+ .setPayloadBinaryName("MicrodroidPayloadInOtherAppNativeLib.so")
+ .build();
+
+ VirtualMachine vm = forceCreateNewVirtualMachine("vm_to_share", config);
+ // Just start & stop the VM.
+ runVmTestService(
+ vm,
+ (ts, tr) -> {
+ ts.writeToFile(EXAMPLE_STRING, "/mnt/encryptedstore/private.key");
+ });
+ // Get a descriptor that we will share with another app (VM_SHARE_APP_PACKAGE_NAME)
+ VirtualMachineDescriptor vmDesc = vm.toDescriptor();
+
+ Intent serviceIntent = new Intent();
+ serviceIntent.setComponent(
+ new ComponentName(
+ VM_SHARE_APP_PACKAGE_NAME,
+ "com.android.microdroid.test.sharevm.VmShareServiceImpl"));
+
+ VmShareServiceConnection connection = new VmShareServiceConnection();
+ boolean ret = ctx.bindService(serviceIntent, connection, Context.BIND_AUTO_CREATE);
+ assertWithMessage("Failed to bind to " + serviceIntent).that(ret).isTrue();
+
+ IVmShareTestService service = connection.waitForService();
+ assertWithMessage("Timed out connecting to " + serviceIntent).that(service).isNotNull();
+
+ try {
+ // Send the VM descriptor to the other app. When received, it will reconstruct the VM
+ // from the descriptor, start it, connect to the ITestService in it, creates a "proxy"
+ // ITestService binder that delegates all the calls to the VM, and share it with this
+ // app. It will allow us to verify assertions on the running VM in the other app.
+ ITestService testServiceProxy = service.startVm(vmDesc);
+
+ String result = testServiceProxy.readFromFile("/mnt/encryptedstore/private.key");
+ assertThat(result).isEqualTo(EXAMPLE_STRING);
+ } finally {
+ ctx.unbindService(connection);
+ }
+ }
+
private static class VmShareServiceConnection implements ServiceConnection {
private final CountDownLatch mLatch = new CountDownLatch(1);
diff --git a/tests/vmshareapp/src/java/com/android/microdroid/test/sharevm/VmShareServiceImpl.java b/tests/vmshareapp/src/java/com/android/microdroid/test/sharevm/VmShareServiceImpl.java
index 215bc6d..278e1a2 100644
--- a/tests/vmshareapp/src/java/com/android/microdroid/test/sharevm/VmShareServiceImpl.java
+++ b/tests/vmshareapp/src/java/com/android/microdroid/test/sharevm/VmShareServiceImpl.java
@@ -226,8 +226,7 @@
@Override
public String readFromFile(String path) throws RemoteException {
- // TODO(b/259384440): implement for the VM share test including trusted storage.
- throw new UnsupportedOperationException("Not supported");
+ return mServiceInVm.readFromFile(path);
}
@Override