Start using virtmgr for running VMs
Make the final changes to start running VMs using virtmgr:
* Have virtualizationservice host the VirtualizationServiceInternal
AIDL service.
* Remove memlock rlimit of virtmgr (instead of virtualizationservice)
via a method on VirtualizationServiceInternal.
* Have VirtualizationServiceInternal create the VM's temporary folder
and change its owner to the client's UID. The files keep the same
virtualizationservice_data_file SELinux label, but are now owned by
the client's virtmgr instance. To this end, virtualizationservice
requires CAP_CHOWN.
* Switch all users to the new vmclient/javalib API for spawning
virtmgr.
Bug: 245727626
Test: atest -p packages/modules/Virtualization:avf-presubmit
Change-Id: I93b2cadb67a8c125e1a86f9c1ba9cb98336f0cd4
diff --git a/virtualizationservice/src/virtmgr.rs b/virtualizationservice/src/virtmgr.rs
index 1aa3df9..90b4789 100644
--- a/virtualizationservice/src/virtmgr.rs
+++ b/virtualizationservice/src/virtmgr.rs
@@ -21,10 +21,10 @@
mod payload;
mod selinux;
-use crate::aidl::VirtualizationService;
+use crate::aidl::{GLOBAL_SERVICE, VirtualizationService};
use android_system_virtualizationservice::aidl::android::system::virtualizationservice::IVirtualizationService::BnVirtualizationService;
use anyhow::{bail, Context};
-use binder::BinderFeatures;
+use binder::{BinderFeatures, ProcessState};
use lazy_static::lazy_static;
use log::{info, Level};
use rpcbinder::{FileDescriptorTransportMode, RpcServer};
@@ -102,6 +102,11 @@
let ready_fd = take_fd_ownership(args.ready_fd, &mut owned_fds)
.expect("Failed to take ownership of ready_fd");
+ // Start thread pool for kernel Binder connection to VirtualizationServiceInternal.
+ ProcessState::start_thread_pool();
+
+ GLOBAL_SERVICE.removeMemlockRlimit().expect("Failed to remove memlock rlimit");
+
let service = VirtualizationService::init();
let service =
BnVirtualizationService::new_binder(service, BinderFeatures::default()).as_binder();