Start using virtmgr for running VMs
Make the final changes to start running VMs using virtmgr:
* Have virtualizationservice host the VirtualizationServiceInternal
AIDL service.
* Remove memlock rlimit of virtmgr (instead of virtualizationservice)
via a method on VirtualizationServiceInternal.
* Have VirtualizationServiceInternal create the VM's temporary folder
and change its owner to the client's UID. The files keep the same
virtualizationservice_data_file SELinux label, but are now owned by
the client's virtmgr instance. To this end, virtualizationservice
requires CAP_CHOWN.
* Switch all users to the new vmclient/javalib API for spawning
virtmgr.
Bug: 245727626
Test: atest -p packages/modules/Virtualization:avf-presubmit
Change-Id: I93b2cadb67a8c125e1a86f9c1ba9cb98336f0cd4
diff --git a/virtualizationservice/src/crosvm.rs b/virtualizationservice/src/crosvm.rs
index 94248f8..98e7d99 100644
--- a/virtualizationservice/src/crosvm.rs
+++ b/virtualizationservice/src/crosvm.rs
@@ -14,7 +14,7 @@
//! Functions for running instances of `crosvm`.
-use crate::aidl::{Cid, VirtualMachineCallbacks};
+use crate::aidl::{remove_temporary_files, Cid, VirtualMachineCallbacks};
use crate::atom::write_vm_exited_stats;
use anyhow::{anyhow, bail, Context, Error, Result};
use command_fds::CommandFdExt;
@@ -29,7 +29,7 @@
use std::borrow::Cow;
use std::cmp::max;
use std::fmt;
-use std::fs::{read_to_string, remove_dir_all, File};
+use std::fs::{read_to_string, File};
use std::io::{self, Read};
use std::mem;
use std::num::NonZeroU32;
@@ -379,10 +379,10 @@
&*vm_metric,
);
- // Delete temporary files.
- if let Err(e) = remove_dir_all(&self.temporary_directory) {
- error!("Error removing temporary directory {:?}: {}", self.temporary_directory, e);
- }
+ // Delete temporary files. The folder itself is removed by VirtualizationServiceInternal.
+ remove_temporary_files(&self.temporary_directory).unwrap_or_else(|e| {
+ error!("Error removing temporary files from {:?}: {}", self.temporary_directory, e);
+ });
}
/// Waits until payload is started, or timeout expires. When timeout occurs, kill