Merge changes I6ab7f3c2,I1f905379
* changes:
Use the unused /dev/hvc1 as the ramdump sink
VirtualizationService notifies to its client when ramdump is available
diff --git a/authfs/Android.bp b/authfs/Android.bp
index 84eb0f4..40643b8 100644
--- a/authfs/Android.bp
+++ b/authfs/Android.bp
@@ -65,3 +65,32 @@
"testdata/input.4m.fsv_meta.bad_merkle",
],
}
+
+java_genrule {
+ name: "authfs_test_apk_assets",
+ out: ["authfs_test_apk_assets.jar"],
+ tools: [
+ "fsverity_manifest_generator",
+ "fsverity",
+ ],
+ srcs: [
+ "testdata/input.4k",
+ "testdata/input.4k1",
+ "testdata/input.4m",
+ ],
+ /*
+ * Create a JAR file with an assets directory that can merge into the
+ * assets of an APK that depends on it in static_libs. Use this mechanism
+ * to load a generated fsverity manifest for the test input files into the
+ * test VM.
+ */
+ cmd: "out_dir=$$(dirname $(out))" +
+ "&& assets_dir=\"assets\" " +
+ "&& mkdir -p $$out_dir/$$assets_dir" +
+ "&& $(location fsverity_manifest_generator) " +
+ " --fsverity-path $(location fsverity) " +
+ " --base-dir $$(dirname $(in) | head -1) " +
+ " --output $$out_dir/$$assets_dir/input_manifest.pb " +
+ " $(in) " +
+ "&& jar cf $(out) -C $$out_dir $$assets_dir",
+}
diff --git a/authfs/tests/java/src/com/android/fs/AuthFsHostTest.java b/authfs/tests/java/src/com/android/fs/AuthFsHostTest.java
index 749f3c1..f5254bc 100644
--- a/authfs/tests/java/src/com/android/fs/AuthFsHostTest.java
+++ b/authfs/tests/java/src/com/android/fs/AuthFsHostTest.java
@@ -76,7 +76,7 @@
private static final String TEST_APK_NAME = "MicrodroidTestApp.apk";
/** VM config entry path in the test APK */
- private static final String VM_CONFIG_PATH_IN_APK = "assets/vm_config_extra_apk.json";
+ private static final String VM_CONFIG_PATH_IN_APK = "assets/vm_config.json";
/** Path to open_then_run on Android */
private static final String OPEN_THEN_RUN_BIN = "/data/local/tmp/open_then_run";
@@ -90,11 +90,8 @@
/** Path to authfs on Microdroid */
private static final String AUTHFS_BIN = "/system/bin/authfs";
- /** Idsig paths to be created for each APK in the "extra_apks" of vm_config_extra_apk.json. */
- private static final String EXTRA_IDSIG_PATH = TEST_DIR + "BuildManifest.apk.idsig";
-
- /** Build manifest path in the VM. 0 is the index of extra_apks in vm_config_extra_apk.json. */
- private static final String BUILD_MANIFEST_PATH = "/mnt/extra-apk/0/assets/build_manifest.pb";
+ /** Input manifest path in the VM. */
+ private static final String INPUT_MANIFEST_PATH = "/mnt/apk/assets/input_manifest.pb";
/** Plenty of time for authfs to get ready */
private static final int AUTHFS_INIT_TIMEOUT_MS = 3000;
@@ -145,7 +142,6 @@
MicrodroidBuilder
.fromFile(findTestApk(testInfo.getBuildInfo()), VM_CONFIG_PATH_IN_APK)
.debugLevel("full")
- .addExtraIdsigPath(EXTRA_IDSIG_PATH)
.build((TestDevice) androidDevice);
// From this point on, we need to tear down the Microdroid instance
@@ -588,16 +584,15 @@
public void testInputDirectory_CanReadFile() throws Exception {
// Setup
String authfsInputDir = MOUNT_DIR + "/3";
- runFdServerOnAndroid("--open-dir 3:/system", "--ro-dirs 3");
- runAuthFsOnMicrodroid("--remote-ro-dir 3:" + BUILD_MANIFEST_PATH + ":system/ --cid "
+ runFdServerOnAndroid("--open-dir 3:" + TEST_DIR, "--ro-dirs 3");
+ runAuthFsOnMicrodroid("--remote-ro-dir 3:" + INPUT_MANIFEST_PATH + ": --cid "
+ VMADDR_CID_HOST);
// Action
- String actualHash =
- computeFileHash(sMicrodroid, authfsInputDir + "/system/framework/framework.jar");
+ String actualHash = computeFileHash(sMicrodroid, authfsInputDir + "/input.4m");
// Verify
- String expectedHash = computeFileHash(sAndroid, "/system/framework/framework.jar");
+ String expectedHash = computeFileHash(sAndroid, TEST_DIR + "/input.4m");
assertEquals("Expect consistent hash through /authfs/3: ", expectedHash, actualHash);
}
@@ -605,13 +600,13 @@
public void testInputDirectory_OnlyAllowlistedFilesExist() throws Exception {
// Setup
String authfsInputDir = MOUNT_DIR + "/3";
- runFdServerOnAndroid("--open-dir 3:/system", "--ro-dirs 3");
- runAuthFsOnMicrodroid("--remote-ro-dir 3:" + BUILD_MANIFEST_PATH + ":system/ --cid "
+ runFdServerOnAndroid("--open-dir 3:" + TEST_DIR, "--ro-dirs 3");
+ runAuthFsOnMicrodroid("--remote-ro-dir 3:" + INPUT_MANIFEST_PATH + ": --cid "
+ VMADDR_CID_HOST);
// Verify
- sMicrodroid.run("test -f " + authfsInputDir + "/system/framework/services.jar");
- assertThat(sMicrodroid.runForResult("test -f " + authfsInputDir + "/system/bin/sh"))
+ sMicrodroid.run("test -f " + authfsInputDir + "/input.4k");
+ assertThat(sMicrodroid.runForResult("test -f " + authfsInputDir + "/input.4k.fsv_meta"))
.isFailed();
}
diff --git a/microdroid/kdump/kernel/Android.bp b/microdroid/kdump/kernel/Android.bp
index 093e7c7..0705875 100644
--- a/microdroid/kdump/kernel/Android.bp
+++ b/microdroid/kdump/kernel/Android.bp
@@ -21,4 +21,5 @@
src: "x86_64/kernel-5.15",
},
},
+ installable: false,
}
diff --git a/pvmfw/Android.bp b/pvmfw/Android.bp
index c90f262..4fcde74 100644
--- a/pvmfw/Android.bp
+++ b/pvmfw/Android.bp
@@ -38,7 +38,10 @@
nocrt: true,
system_shared_libs: ["libc"],
stl: "none",
- linker_scripts: ["image.ld"],
+ linker_scripts: [
+ "image.ld",
+ ":vmbase_sections",
+ ],
installable: false,
enabled: false,
target: {
diff --git a/pvmfw/image.ld b/pvmfw/image.ld
index e122c72..aeb5046 100644
--- a/pvmfw/image.ld
+++ b/pvmfw/image.ld
@@ -20,101 +20,3 @@
dtb_region : ORIGIN = 0x80000000, LENGTH = 2M
writable_data : ORIGIN = 0x80400000, LENGTH = 2M
}
-
-/*
- * Code will start running at this symbol which is placed at the start of the
- * image.
- */
-ENTRY(entry)
-
-/*
- * The following would be useful to check that .init code is not called back
- * into once it has completed but it isn't supported by ld.lld.
- *
- * NOCROSSREFS_TO(.init .text)
- */
-
-SECTIONS
-{
- .dtb (NOLOAD) : {
- dtb_begin = .;
- . += LENGTH(dtb_region);
- dtb_end = .;
- } >dtb_region
-
- /*
- * Collect together the code. This is page aligned so it can be mapped
- * as executable-only.
- */
- .init : ALIGN(4096) {
- text_begin = .;
- *(.init.entry)
- *(.init.*)
- } >image
- .text : {
- *(.text.*)
- } >image
- text_end = .;
-
- /*
- * Collect together read-only data. This is page aligned so it can be
- * mapped as read-only and non-executable.
- */
- .rodata : ALIGN(4096) {
- rodata_begin = .;
- *(.rodata.*)
- } >image
- .got : {
- *(.got)
- } >image
- rodata_end = .;
-
- /*
- * Collect together the read-write data including .bss at the end which
- * will be zero'd by the entry code. This is page aligned so it can be
- * mapped as non-executable.
- */
- .data : ALIGN(4096) {
- data_begin = .;
- *(.data.*)
- /*
- * The entry point code assumes that .data is a multiple of 32
- * bytes long.
- */
- . = ALIGN(32);
- data_end = .;
- } >writable_data AT>image
- data_lma = LOADADDR(.data);
-
- /* Everything beyond this point will not be included in the binary. */
- bin_end = .;
-
- /* The entry point code assumes that .bss is 16-byte aligned. */
- .bss : ALIGN(16) {
- bss_begin = .;
- *(.bss.*)
- *(COMMON)
- . = ALIGN(16);
- bss_end = .;
- } >writable_data
-
- .stack (NOLOAD) : ALIGN(4096) {
- boot_stack_begin = .;
- . += 40 * 4096;
- . = ALIGN(4096);
- boot_stack_end = .;
- } >writable_data
-
- /*
- * Remove unused sections from the image.
- */
- /DISCARD/ : {
- /* The image loads itself so doesn't need these sections. */
- *(.gnu.hash)
- *(.hash)
- *(.interp)
- *(.eh_frame_hdr)
- *(.eh_frame)
- *(.note.gnu.build-id)
- }
-}
diff --git a/tests/testapk/Android.bp b/tests/testapk/Android.bp
index 818c05a..b3b0808 100644
--- a/tests/testapk/Android.bp
+++ b/tests/testapk/Android.bp
@@ -12,6 +12,7 @@
static_libs: [
"androidx.test.runner",
"androidx.test.ext.junit",
+ "authfs_test_apk_assets",
"cbor-java",
"com.android.microdroid.testservice-java",
"truth-prebuilt",
diff --git a/vmbase/Android.bp b/vmbase/Android.bp
index 473103e..e88420e 100644
--- a/vmbase/Android.bp
+++ b/vmbase/Android.bp
@@ -39,3 +39,8 @@
},
apex_available: ["com.android.virt"],
}
+
+filegroup {
+ name: "vmbase_sections",
+ srcs: ["sections.ld"],
+}
diff --git a/vmbase/README.md b/vmbase/README.md
index 8e804c0..3554ae6 100644
--- a/vmbase/README.md
+++ b/vmbase/README.md
@@ -152,7 +152,10 @@
nocrt: true,
system_shared_libs: ["libc"],
stl: "none",
- linker_scripts: ["image.ld"],
+ linker_scripts: [
+ "image.ld",
+ ":vmbase_sections",
+ ],
installable: false,
enabled: false,
target: {
@@ -165,8 +168,9 @@
This takes your Rust library (`libvmbase_example`), the vmbase library entry point and exception
vector (`libvmbase_entry`) and your initial idmap (`idmap.S`) and builds a static binary with your
-linker script (`image.ld`). This is an ELF binary, but to run it as a VM bootloader you need to
-`objcopy` it to a raw binary image instead, which you can do with a `raw_binary` rule:
+linker script (`image.ld`) and the one provided by vmbase ([`sections.ld`](sections.ld)). This is an
+ELF binary, but to run it as a VM bootloader you need to `objcopy` it to a raw binary image instead,
+which you can do with a `raw_binary` rule:
```soong
raw_binary {
diff --git a/vmbase/example/Android.bp b/vmbase/example/Android.bp
index d540f4d..c75820c 100644
--- a/vmbase/example/Android.bp
+++ b/vmbase/example/Android.bp
@@ -40,7 +40,10 @@
nocrt: true,
system_shared_libs: ["libc"],
stl: "none",
- linker_scripts: ["image.ld"],
+ linker_scripts: [
+ "image.ld",
+ ":vmbase_sections",
+ ],
installable: false,
enabled: false,
target: {
diff --git a/vmbase/example/image.ld b/vmbase/example/image.ld
index 4655f68..368acbb 100644
--- a/vmbase/example/image.ld
+++ b/vmbase/example/image.ld
@@ -20,101 +20,3 @@
image : ORIGIN = 0x80200000, LENGTH = 2M
writable_data : ORIGIN = 0x80400000, LENGTH = 2M
}
-
-/*
- * Code will start running at this symbol which is placed at the start of the
- * image.
- */
-ENTRY(entry)
-
-/*
- * The following would be useful to check that .init code is not called back
- * into once it has completed but it isn't supported by ld.lld.
- *
- * NOCROSSREFS_TO(.init .text)
- */
-
-SECTIONS
-{
- .dtb (NOLOAD) : {
- dtb_begin = .;
- . += LENGTH(dtb_region);
- dtb_end = .;
- } >dtb_region
-
- /*
- * Collect together the code. This is page aligned so it can be mapped
- * as executable-only.
- */
- .init : ALIGN(4096) {
- text_begin = .;
- *(.init.entry)
- *(.init.*)
- } >image
- .text : {
- *(.text.*)
- } >image
- text_end = .;
-
- /*
- * Collect together read-only data. This is page aligned so it can be
- * mapped as read-only and non-executable.
- */
- .rodata : ALIGN(4096) {
- rodata_begin = .;
- *(.rodata.*)
- } >image
- .got : {
- *(.got)
- } >image
- rodata_end = .;
-
- /*
- * Collect together the read-write data including .bss at the end which
- * will be zero'd by the entry code. This is page aligned so it can be
- * mapped as non-executable.
- */
- .data : ALIGN(4096) {
- data_begin = .;
- *(.data.*)
- /*
- * The entry point code assumes that .data is a multiple of 32
- * bytes long.
- */
- . = ALIGN(32);
- data_end = .;
- } >writable_data AT>image
- data_lma = LOADADDR(.data);
-
- /* Everything beyond this point will not be included in the binary. */
- bin_end = .;
-
- /* The entry point code assumes that .bss is 16-byte aligned. */
- .bss : ALIGN(16) {
- bss_begin = .;
- *(.bss.*)
- *(COMMON)
- . = ALIGN(16);
- bss_end = .;
- } >writable_data
-
- .stack (NOLOAD) : ALIGN(4096) {
- boot_stack_begin = .;
- . += 40 * 4096;
- . = ALIGN(4096);
- boot_stack_end = .;
- } >writable_data
-
- /*
- * Remove unused sections from the image.
- */
- /DISCARD/ : {
- /* The image loads itself so doesn't need these sections. */
- *(.gnu.hash)
- *(.hash)
- *(.interp)
- *(.eh_frame_hdr)
- *(.eh_frame)
- *(.note.gnu.build-id)
- }
-}
diff --git a/vmbase/sections.ld b/vmbase/sections.ld
new file mode 100644
index 0000000..88033e3
--- /dev/null
+++ b/vmbase/sections.ld
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * Code will start running at this symbol which is placed at the start of the
+ * image.
+ */
+ENTRY(entry)
+
+/*
+ * The following would be useful to check that .init code is not called back
+ * into once it has completed but it isn't supported by ld.lld.
+ *
+ * NOCROSSREFS_TO(.init .text)
+ */
+
+SECTIONS
+{
+ .dtb (NOLOAD) : {
+ dtb_begin = .;
+ . += LENGTH(dtb_region);
+ dtb_end = .;
+ } >dtb_region
+
+ /*
+ * Collect together the code. This is page aligned so it can be mapped
+ * as executable-only.
+ */
+ .init : ALIGN(4096) {
+ text_begin = .;
+ *(.init.entry)
+ *(.init.*)
+ } >image
+ .text : {
+ *(.text.*)
+ } >image
+ text_end = .;
+
+ /*
+ * Collect together read-only data. This is page aligned so it can be
+ * mapped as read-only and non-executable.
+ */
+ .rodata : ALIGN(4096) {
+ rodata_begin = .;
+ *(.rodata.*)
+ } >image
+ .got : {
+ *(.got)
+ } >image
+ rodata_end = .;
+
+ /*
+ * Collect together the read-write data including .bss at the end which
+ * will be zero'd by the entry code. This is page aligned so it can be
+ * mapped as non-executable.
+ */
+ .data : ALIGN(4096) {
+ data_begin = .;
+ *(.data.*)
+ /*
+ * The entry point code assumes that .data is a multiple of 32
+ * bytes long.
+ */
+ . = ALIGN(32);
+ data_end = .;
+ } >writable_data AT>image
+ data_lma = LOADADDR(.data);
+
+ /* Everything beyond this point will not be included in the binary. */
+ bin_end = .;
+
+ /* The entry point code assumes that .bss is 16-byte aligned. */
+ .bss : ALIGN(16) {
+ bss_begin = .;
+ *(.bss.*)
+ *(COMMON)
+ . = ALIGN(16);
+ bss_end = .;
+ } >writable_data
+
+ .stack (NOLOAD) : ALIGN(4096) {
+ boot_stack_begin = .;
+ . += 40 * 4096;
+ . = ALIGN(4096);
+ boot_stack_end = .;
+ } >writable_data
+
+ /*
+ * Remove unused sections from the image.
+ */
+ /DISCARD/ : {
+ /* The image loads itself so doesn't need these sections. */
+ *(.gnu.hash)
+ *(.hash)
+ *(.interp)
+ *(.eh_frame_hdr)
+ *(.eh_frame)
+ *(.note.gnu.build-id)
+ }
+}