Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 5f6e4ef8ea8a93713b16d3ed1bd1e0e005978ea8^2..5f6e4ef8ea8a93713b16d3ed1bd1e0e005978ea8 / .
commit5f6e4ef8ea8a93713b16d3ed1bd1e0e005978ea8[log] [tgz]
authorTreehugger Robot <treehugger-gerrit@google.com>Mon Feb 07 15:56:38 2022 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>Mon Feb 07 15:56:38 2022 +0000
tree29d9eadcb5be5ec4c8a690f806ecc8f6a74a045f
parent926806da784401e467ded913252ec14322c3a13a [diff]
parentb54646f8a2ad664391cb237984cda433de739780 [diff]
Merge "Remove unnecessary kernel modules"
diff --git a/TEST_MAPPING b/TEST_MAPPING
index 6338c82..7be81a8 100644
--- a/TEST_MAPPING
+++ b/TEST_MAPPING

@@ -7,7 +7,7 @@
       "name": "ComposHostTestCases"
     },
     {
-      "name": "VirtualizationTestCases"
+      "name": "VirtualizationTestCases.64"
     },
     {
       "name": "MicrodroidTestApp"

diff --git a/authfs/tests/Android.bp b/authfs/tests/Android.bp
index ca403e8..1b5cf09 100644
--- a/authfs/tests/Android.bp
+++ b/authfs/tests/Android.bp

@@ -15,9 +15,10 @@
     ],
     test_suites: ["general-tests"],
     data_device_bins: ["open_then_run"],
+    per_testcase_directory: true,
     data: [
         ":authfs_test_files",
-        ":MicrodroidTestApp.signed",
+        ":MicrodroidTestApp",
     ],
 }
 

diff --git a/compos/apk/assets/vm_config.json b/compos/apk/assets/vm_config.json
index 260332e..b93c3f7 100644
--- a/compos/apk/assets/vm_config.json
+++ b/compos/apk/assets/vm_config.json

@@ -5,10 +5,7 @@
   },
   "task": {
     "type": "executable",
-    "command": "/apex/com.android.compos/bin/compsvc",
-    "args": [
-      "--log_to_stderr"
-    ]
+    "command": "/apex/com.android.compos/bin/compsvc"
   },
   "extra_apks": [
     {

diff --git a/compos/apk/assets/vm_config_staged.json b/compos/apk/assets/vm_config_staged.json
index 1affa79..83fa6eb 100644
--- a/compos/apk/assets/vm_config_staged.json
+++ b/compos/apk/assets/vm_config_staged.json

@@ -5,10 +5,7 @@
   },
   "task": {
     "type": "executable",
-    "command": "/apex/com.android.compos/bin/compsvc",
-    "args": [
-      "--log_to_stderr"
-    ]
+    "command": "/apex/com.android.compos/bin/compsvc"
   },
   "prefer_staged": true,
   "extra_apks": [

diff --git a/compos/composd/src/odrefresh_task.rs b/compos/composd/src/odrefresh_task.rs
index 47ff590..82eedc4 100644
--- a/compos/composd/src/odrefresh_task.rs
+++ b/compos/composd/src/odrefresh_task.rs

@@ -27,7 +27,7 @@
     CompilationMode::CompilationMode, ICompOsService,
 };
 use compos_common::odrefresh::ExitCode;
-use log::{error, warn};
+use log::{error, info, warn};
 use rustutils::system_properties;
 use std::fs::{remove_dir_all, File, OpenOptions};
 use std::os::unix::fs::OpenOptionsExt;
@@ -96,7 +96,10 @@
             // We don't do the callback if cancel has already happened.
             if let Some(task) = task {
                 let result = match exit_code {
-                    Ok(ExitCode::CompilationSuccess) => task.callback.onSuccess(),
+                    Ok(ExitCode::CompilationSuccess) => {
+                        info!("CompilationSuccess");
+                        task.callback.onSuccess()
+                    }
                     Ok(exit_code) => {
                         error!("Unexpected odrefresh result: {:?}", exit_code);
                         task.callback.onFailure()

diff --git a/compos/src/compsvc_main.rs b/compos/src/compsvc_main.rs
index ebb5514..16e3031 100644
--- a/compos/src/compsvc_main.rs
+++ b/compos/src/compsvc_main.rs

@@ -51,20 +51,13 @@
 }
 
 fn try_main() -> Result<()> {
-    let args = clap::App::new("compsvc")
-        .arg(clap::Arg::with_name("log_to_stderr").long("log_to_stderr"))
-        .get_matches();
-    if args.is_present("log_to_stderr") {
-        env_logger::builder().filter_level(log::LevelFilter::Debug).init();
-    } else {
-        android_logger::init_once(
-            android_logger::Config::default().with_tag("compsvc").with_min_level(log::Level::Debug),
-        );
-        // Redirect panic messages to logcat.
-        panic::set_hook(Box::new(|panic_info| {
-            log::error!("{}", panic_info);
-        }));
-    }
+    android_logger::init_once(
+        android_logger::Config::default().with_tag("compsvc").with_min_level(log::Level::Debug),
+    );
+    // Redirect panic messages to logcat.
+    panic::set_hook(Box::new(|panic_info| {
+        error!("{}", panic_info);
+    }));
 
     let service = compsvc::new_binder()?.as_binder();
     let vm_service = get_vm_service()?;

diff --git a/compos/tests/Android.bp b/compos/tests/Android.bp
index d380059..c178ddd 100644
--- a/compos/tests/Android.bp
+++ b/compos/tests/Android.bp

@@ -13,5 +13,7 @@
     static_libs: [
         "VirtualizationTestHelper",
     ],
-    test_suites: ["general-tests"],
+    test_suites: [
+        "general-tests",
+    ],
 }

diff --git a/docs/getting_started/index.md b/docs/getting_started/index.md
index 6d3b208..ac5d38b 100644
--- a/docs/getting_started/index.md
+++ b/docs/getting_started/index.md

@@ -36,7 +36,7 @@
 all can run via `atest`.
 
 ```shell
-atest VirtualizationTestCases
+atest VirtualizationTestCases.64
 atest MicrodroidHostTestCases
 atest MicrodroidTestApp
 ```

diff --git a/javalib/src/android/system/virtualmachine/VirtualMachineConfig.java b/javalib/src/android/system/virtualmachine/VirtualMachineConfig.java
index 35d600a..3a2d581 100644
--- a/javalib/src/android/system/virtualmachine/VirtualMachineConfig.java
+++ b/javalib/src/android/system/virtualmachine/VirtualMachineConfig.java

@@ -24,6 +24,7 @@
 import android.content.pm.Signature; // This actually is certificate!
 import android.os.ParcelFileDescriptor;
 import android.os.PersistableBundle;
+import android.sysprop.HypervisorProperties;
 import android.system.virtualizationservice.VirtualMachineAppConfig;
 
 import java.io.File;
@@ -330,6 +331,16 @@
                         + " is invalid");
             }
 
+            if (mProtectedVm
+                    && !HypervisorProperties.hypervisor_protected_vm_supported().orElse(false)) {
+                throw new UnsupportedOperationException(
+                        "Protected VMs are not supported on this device.");
+            }
+            if (!mProtectedVm && !HypervisorProperties.hypervisor_vm_supported().orElse(false)) {
+                throw new UnsupportedOperationException(
+                        "Unprotected VMs are not supported on this device.");
+            }
+
             return new VirtualMachineConfig(
                     apkPath, certs, mPayloadConfigPath, mDebugLevel, mProtectedVm, mMemoryMib,
                     mNumCpus, mCpuAffinity);

diff --git a/microdroid_manager/src/instance.rs b/microdroid_manager/src/instance.rs
index f3bbf16..4d65421 100644
--- a/microdroid_manager/src/instance.rs
+++ b/microdroid_manager/src/instance.rs

@@ -33,6 +33,8 @@
 //! The payload of a partition is encrypted/signed by a key that is unique to the loader and to the
 //! VM as well. Failing to decrypt/authenticate a partition by a loader stops the boot process.
 
+use crate::ioutil;
+
 use android_security_dice::aidl::android::security::dice::IDiceNode::IDiceNode;
 use anyhow::{anyhow, bail, Context, Result};
 use binder::wait_for_interface;
@@ -180,7 +182,7 @@
 
         // Persist the encrypted payload data
         self.file.write_all(&data)?;
-        self.file.flush()?;
+        ioutil::blkflsbuf(&mut self.file)?;
 
         Ok(())
     }

diff --git a/microdroid_manager/src/ioutil.rs b/microdroid_manager/src/ioutil.rs
index 8ab2413..8ac3712 100644
--- a/microdroid_manager/src/ioutil.rs
+++ b/microdroid_manager/src/ioutil.rs

@@ -14,11 +14,13 @@
 
 //! IO utilities
 
-use anyhow::{anyhow, Result};
+use anyhow::{anyhow, bail, Result};
 use log::debug;
 use std::fmt::Debug;
 use std::fs::File;
 use std::io;
+use std::os::unix::fs::FileTypeExt;
+use std::os::unix::io::AsRawFd;
 use std::path::Path;
 use std::thread;
 use std::time::{Duration, Instant};
@@ -45,6 +47,20 @@
     }
 }
 
+// From include/uapi/linux/fs.h
+const BLK: u8 = 0x12;
+const BLKFLSBUF: u8 = 97;
+nix::ioctl_none!(_blkflsbuf, BLK, BLKFLSBUF);
+
+pub fn blkflsbuf(f: &mut File) -> Result<()> {
+    if !f.metadata()?.file_type().is_block_device() {
+        bail!("{:?} is not a block device", f.as_raw_fd());
+    }
+    // SAFETY: The file is kept open until the end of this function.
+    unsafe { _blkflsbuf(f.as_raw_fd()) }?;
+    Ok(())
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;

diff --git a/tests/Android.bp b/tests/Android.bp
index 35ff6a0..74d58f5 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp

@@ -21,8 +21,13 @@
 kernel_stem = "kernel_prebuilts-" + kernel_version
 
 cc_test {
-    name: "VirtualizationTestCases",
-    test_suites: ["general-tests"],
+    // ".64" suffix is to work around cts-unit-test which is demanding that all
+    // executables in CTS should have both 32 and 64 ABIs.
+    name: "VirtualizationTestCases.64",
+    test_suites: [
+        "cts",
+        "general-tests",
+    ],
     srcs: [
         "common.cc",
         "vsock_test.cc",

diff --git a/tests/AndroidTest.xml b/tests/AndroidTest.xml
index 5e7faf9..68e9c1b 100644
--- a/tests/AndroidTest.xml
+++ b/tests/AndroidTest.xml

@@ -15,11 +15,16 @@
 -->
 
 <configuration description="Config for Virtualization tests">
+    <option name="test-suite-tag" value="cts" />
+    <option name="config-descriptor:metadata" key="component" value="security" />
+    <option name="config-descriptor:metadata" key="parameter" value="not_instant_app" />
+    <option name="config-descriptor:metadata" key="parameter" value="not_multi_abi" />
+    <option name="config-descriptor:metadata" key="parameter" value="secondary_user" />
     <!-- Push test binaries to the device. -->
     <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
         <option name="cleanup" value="true" />
         <option name="abort-on-push-failure" value="true" />
-        <option name="push-file" key="VirtualizationTestCases" value="/data/local/tmp/virt-test/VirtualizationTestCases" />
+        <option name="push-file" key="VirtualizationTestCases.64" value="/data/local/tmp/virt-test/VirtualizationTestCases.64" />
         <option name="push-file" key="virt_test_kernel"        value="/data/local/tmp/virt-test/kernel" />
         <option name="push-file" key="virt_test_initramfs.img" value="/data/local/tmp/virt-test/initramfs" />
     </target_preparer>
@@ -30,7 +35,7 @@
 
     <test class="com.android.tradefed.testtype.GTest" >
         <option name="native-test-device-path" value="/data/local/tmp/virt-test" />
-        <option name="module-name" value="VirtualizationTestCases" />
+        <option name="module-name" value="VirtualizationTestCases.64" />
         <!-- test-timeout unit is ms, value = 2 minutes -->
         <option name="native-test-timeout" value="120000" />
     </test>

diff --git a/tests/hostside/Android.bp b/tests/hostside/Android.bp
index d1318b5..bc8a4a5 100644
--- a/tests/hostside/Android.bp
+++ b/tests/hostside/Android.bp

@@ -5,12 +5,16 @@
 java_test_host {
     name: "MicrodroidHostTestCases",
     srcs: ["java/**/*.java"],
-    test_suites: ["general-tests"],
+    test_suites: [
+        "cts",
+        "general-tests",
+    ],
     libs: [
         "tradefed",
     ],
     static_libs: [
         "VirtualizationTestHelper",
     ],
-    data: [":MicrodroidTestApp.signed"],
+    per_testcase_directory: true,
+    data: [":MicrodroidTestApp"],
 }

diff --git a/tests/hostside/AndroidTest.xml b/tests/hostside/AndroidTest.xml
index e8aced6..79428ce 100644
--- a/tests/hostside/AndroidTest.xml
+++ b/tests/hostside/AndroidTest.xml

@@ -14,6 +14,11 @@
      limitations under the License.
 -->
 <configuration description="Tests for microdroid">
+    <option name="test-suite-tag" value="cts" />
+    <option name="config-descriptor:metadata" key="component" value="security" />
+    <option name="config-descriptor:metadata" key="parameter" value="not_instant_app" />
+    <option name="config-descriptor:metadata" key="parameter" value="not_multi_abi" />
+    <option name="config-descriptor:metadata" key="parameter" value="secondary_user" />
     <test class="com.android.compatibility.common.tradefed.testtype.JarHostTest" >
         <option name="jar" value="MicrodroidHostTestCases.jar" />
     </test>

diff --git a/tests/testapk/Android.bp b/tests/testapk/Android.bp
index 7dca024..0699e3d 100644
--- a/tests/testapk/Android.bp
+++ b/tests/testapk/Android.bp

@@ -4,7 +4,10 @@
 
 android_test {
     name: "MicrodroidTestApp",
-    test_suites: ["general-tests"],
+    test_suites: [
+        "cts",
+        "general-tests",
+    ],
     srcs: ["src/java/**/*.java"],
     static_libs: [
         "androidx.test.runner",
@@ -16,6 +19,8 @@
     jni_libs: ["MicrodroidTestNativeLib"],
     platform_apis: true,
     use_embedded_native_libs: true,
+    // We only support 64-bit ABI, but CTS demands all APKs to be multi-ABI.
+    compile_multilib: "both",
 }
 
 // TODO(jiyong): make this a binary, not a shared library
@@ -42,20 +47,3 @@
     name: "MicrodroidTestNativeLibSub",
     srcs: ["src/native/testlib.cpp"],
 }
-
-genrule {
-    name: "MicrodroidTestApp.signed",
-    out: [
-        "MicrodroidTestApp.apk",
-        "MicrodroidTestApp.apk.idsig",
-    ],
-    srcs: [":MicrodroidTestApp"],
-    tools: ["apksigner"],
-    tool_files: ["test.keystore"],
-    cmd: "$(location apksigner) sign " +
-        "--ks $(location test.keystore) " +
-        "--ks-pass=pass:testkey --key-pass=pass:testkey " +
-        "--in $(in) " +
-        "--out $(genDir)/MicrodroidTestApp.apk",
-    // $(genDir)/MicrodroidTestApp.apk.idsig is generated implicitly
-}

diff --git a/tests/testapk/AndroidTest.xml b/tests/testapk/AndroidTest.xml
index c7097db..e8bb1aa 100644
--- a/tests/testapk/AndroidTest.xml
+++ b/tests/testapk/AndroidTest.xml

@@ -14,7 +14,12 @@
      limitations under the License.
 -->
 <configuration description="Runs sample instrumentation test.">
-    <target_preparer class="com.android.tradefed.targetprep.TestAppInstallSetup">
+    <option name="test-suite-tag" value="cts" />
+    <option name="config-descriptor:metadata" key="component" value="security" />
+    <option name="config-descriptor:metadata" key="parameter" value="not_instant_app" />
+    <option name="config-descriptor:metadata" key="parameter" value="not_multi_abi" />
+    <option name="config-descriptor:metadata" key="parameter" value="secondary_user" />
+    <target_preparer class="com.android.tradefed.targetprep.suite.SuiteApkInstaller">
         <option name="test-file-name" value="MicrodroidTestApp.apk" />
     </target_preparer>
     <target_preparer class="com.android.tradefed.targetprep.RunCommandTargetPreparer">

diff --git a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
index 803bdc6..8cfb3a1 100644
--- a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
+++ b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java

@@ -226,11 +226,6 @@
                 new VmEventListener() {
                     @Override
                     public void onPayloadReady(VirtualMachine vm) {
-                        // TODO(b/208639280): remove this sleep. For now, we need to wait for a few
-                        // seconds so that crosvm can actually persist instance.img.
-                        try {
-                            Thread.sleep(30 * 1000);
-                        } catch (InterruptedException e) { }
                         forceStop(vm);
                     }
                 };
@@ -291,11 +286,6 @@
                         } catch (Exception e) {
                             fail("Exception while connecting to service: " + e.toString());
                         }
-                        // TODO(b/208639280): remove this sleep. For now, we need to wait for a few
-                        // seconds so that crosvm can actually persist instance.img.
-                        try {
-                            Thread.sleep(30 * 1000);
-                        } catch (InterruptedException e) { }
                         forceStop(vm);
                     }
                 };