Allow only preinstalled app to use VmLauncherApp
Bug: 348303697
Test: Press the launcher icon of FerrochromeApp
Test: adb shell am start-activity -n com.android.virtualization.ferrochrome/.OpenUrlActivity -a android.intent.action.SEND -e android.intent.extra.TEXT http://google.com
Test: adb shell su root am start-activity -a android.virtualization.VM_LAUNCHER
Change-Id: I16710ea287fcbe7d86df09650afd79e375b6c3fb
diff --git a/android/FerrochromeApp/AndroidManifest.xml b/android/FerrochromeApp/AndroidManifest.xml
index 7afffe5..d640c4a 100644
--- a/android/FerrochromeApp/AndroidManifest.xml
+++ b/android/FerrochromeApp/AndroidManifest.xml
@@ -6,6 +6,8 @@
<uses-permission android:name="android.permission.KILL_BACKGROUND_PROCESSES" />
<uses-permission android:name="android.permission.KILL_ALL_BACKGROUND_PROCESSES" />
<uses-permission android:name="android.permission.MANAGE_EXTERNAL_STORAGE" />
+ <uses-permission android:name="com.android.virtualization.vmlauncher.permission.USE_VM_LAUNCHER" />
+
<queries>
<intent>
<action android:name="android.virtualization.VM_LAUNCHER" />
diff --git a/android/VmLauncherApp/AndroidManifest.xml b/android/VmLauncherApp/AndroidManifest.xml
index c6ab1f2..67b7a45 100644
--- a/android/VmLauncherApp/AndroidManifest.xml
+++ b/android/VmLauncherApp/AndroidManifest.xml
@@ -7,6 +7,10 @@
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.RECORD_AUDIO" />
<uses-feature android:name="android.software.virtualization_framework" android:required="true" />
+
+ <permission android:name="com.android.virtualization.vmlauncher.permission.USE_VM_LAUNCHER"
+ android:protectionLevel="signature|preinstalled"/>
+
<application
android:label="VmLauncherApp">
<activity android:name=".MainActivity"
@@ -14,6 +18,7 @@
android:configChanges="orientation|screenSize|keyboard|keyboardHidden|navigation|uiMode"
android:theme="@style/MyTheme"
android:resizeableActivity="false"
+ android:permission="com.android.virtualization.vmlauncher.permission.USE_VM_LAUNCHER"
android:exported="true">
<intent-filter>
<action android:name="android.virtualization.VM_LAUNCHER" />
diff --git a/docs/custom_vm.md b/docs/custom_vm.md
index 6422678..cdeddf5 100644
--- a/docs/custom_vm.md
+++ b/docs/custom_vm.md
@@ -207,28 +207,17 @@
### Running the VM
-First, enable the `VmLauncherApp` app. This needs to be done only once. In the
-future, this step won't be necesssary.
+1. Grant permission to the `VmLauncherApp` if the virt apex is Google-signed.
+ ```shell
+ $ adb shell su root pm grant com.google.android.virtualization.vmlauncher android.permission.USE_CUSTOM_VIRTUAL_MACHINE
+ ```
-```
-$ adb root
-$ adb shell pm enable com.android.virtualization.vmlauncher/.MainActivityAlias
-$ adb unroot
-```
+2. Ensure your device is connected to the Internet.
-If virt apex is Google-signed, you need to enable the app and grant the
-permission to the app.
-```
-$ adb root
-$ adb shell pm enable com.google.android.virtualization.vmlauncher/com.android.virtualization.vmlauncher.MainActivityAlias
-$ adb shell pm grant com.google.android.virtualization.vmlauncher android.permission.USE_CUSTOM_VIRTUAL_MACHINE
-$ adb unroot
-```
-
-Second, ensure your device is connected to the Internet.
-
-Finally, tap the VmLauncherApp app from the launcher UI. You will see
-Ferrochrome booting!
+3. Launch the app with adb.
+ ```shell
+ $ adb shell su root am start-activity -a android.virtualization.VM_LAUNCHER
+ ```
If it doesn’t work well, try