Moving network config to VirtualMachineCustomImageConfig
Bug: 325929096
Test: Presubmit
Test: Running Ferrochrome with adding network config on code
Change-Id: I49e5337100e9bcf3497a25c05516b2ecd29f9b6e
diff --git a/TEST_MAPPING b/TEST_MAPPING
index 6d585a6..db0b43a 100644
--- a/TEST_MAPPING
+++ b/TEST_MAPPING
@@ -18,9 +18,6 @@
"name": "MicrodroidTestApp"
},
{
- "name": "MicrodroidTestAppNoInternetPerm"
- },
- {
"name": "MicrodroidTestAppNoPerm"
},
{
diff --git a/java/framework/api/test-current.txt b/java/framework/api/test-current.txt
index 30dd7d9..7e8da26 100644
--- a/java/framework/api/test-current.txt
+++ b/java/framework/api/test-current.txt
@@ -11,14 +11,12 @@
method @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") @NonNull public java.util.List<java.lang.String> getExtraApks();
method @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") @NonNull public String getOs();
method @Nullable public String getPayloadConfigPath();
- method public boolean isNetworkSupported();
method public boolean isVmConsoleInputSupported();
field @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") public static final String MICRODROID = "microdroid";
}
public static final class VirtualMachineConfig.Builder {
method @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") @NonNull public android.system.virtualmachine.VirtualMachineConfig.Builder addExtraApk(@NonNull String);
- method @NonNull @RequiresPermission(allOf={android.system.virtualmachine.VirtualMachine.USE_CUSTOM_VIRTUAL_MACHINE_PERMISSION, android.Manifest.permission.INTERNET}) public android.system.virtualmachine.VirtualMachineConfig.Builder setNetworkSupported(boolean);
method @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") @NonNull @RequiresPermission(android.system.virtualmachine.VirtualMachine.USE_CUSTOM_VIRTUAL_MACHINE_PERMISSION) public android.system.virtualmachine.VirtualMachineConfig.Builder setOs(@NonNull String);
method @NonNull @RequiresPermission(android.system.virtualmachine.VirtualMachine.USE_CUSTOM_VIRTUAL_MACHINE_PERMISSION) public android.system.virtualmachine.VirtualMachineConfig.Builder setPayloadConfigPath(@NonNull String);
method @FlaggedApi("com.android.system.virtualmachine.flags.avf_v_test_apis") @NonNull @RequiresPermission(android.system.virtualmachine.VirtualMachine.USE_CUSTOM_VIRTUAL_MACHINE_PERMISSION) public android.system.virtualmachine.VirtualMachineConfig.Builder setVendorDiskImage(@NonNull java.io.File);
diff --git a/java/framework/src/android/system/virtualmachine/VirtualMachine.java b/java/framework/src/android/system/virtualmachine/VirtualMachine.java
index b6f811e..195c538 100644
--- a/java/framework/src/android/system/virtualmachine/VirtualMachine.java
+++ b/java/framework/src/android/system/virtualmachine/VirtualMachine.java
@@ -924,6 +924,11 @@
}
rawConfig.inputDevices = inputDevices.toArray(new InputDevice[0]);
+ // Handle network support
+ if (vmConfig.getCustomImageConfig() != null) {
+ rawConfig.networkSupported = vmConfig.getCustomImageConfig().useNetwork();
+ }
+
return android.system.virtualizationservice.VirtualMachineConfig.rawConfig(rawConfig);
}
diff --git a/java/framework/src/android/system/virtualmachine/VirtualMachineConfig.java b/java/framework/src/android/system/virtualmachine/VirtualMachineConfig.java
index 4446b29..e18aca2 100644
--- a/java/framework/src/android/system/virtualmachine/VirtualMachineConfig.java
+++ b/java/framework/src/android/system/virtualmachine/VirtualMachineConfig.java
@@ -22,7 +22,6 @@
import static java.util.Objects.requireNonNull;
-import android.Manifest;
import android.annotation.FlaggedApi;
import android.annotation.IntDef;
import android.annotation.IntRange;
@@ -82,7 +81,7 @@
// These define the schema of the config file persisted on disk.
// Please bump up the version number when adding a new key.
- private static final int VERSION = 9;
+ private static final int VERSION = 10;
private static final String KEY_VERSION = "version";
private static final String KEY_PACKAGENAME = "packageName";
private static final String KEY_APKPATH = "apkPath";
@@ -101,7 +100,6 @@
private static final String KEY_VENDOR_DISK_IMAGE_PATH = "vendorDiskImagePath";
private static final String KEY_OS = "os";
private static final String KEY_EXTRA_APKS = "extraApks";
- private static final String KEY_NETWORK_SUPPORTED = "networkSupported";
private static final String KEY_SHOULD_BOOST_UCLAMP = "shouldBoostUclamp";
private static final String KEY_SHOULD_USE_HUGEPAGES = "shouldUseHugepages";
@@ -211,9 +209,6 @@
/** OS name of the VM using payload binaries. */
@NonNull @OsName private final String mOs;
- /** Whether to run the VM with supporting network feature or not. */
- private final boolean mNetworkSupported;
-
private final boolean mShouldBoostUclamp;
private final boolean mShouldUseHugepages;
@@ -253,7 +248,6 @@
boolean connectVmConsole,
@Nullable File vendorDiskImage,
@NonNull @OsName String os,
- boolean networkSupported,
boolean shouldBoostUclamp,
boolean shouldUseHugepages) {
// This is only called from Builder.build(); the builder handles parameter validation.
@@ -278,7 +272,6 @@
mConnectVmConsole = connectVmConsole;
mVendorDiskImage = vendorDiskImage;
mOs = os;
- mNetworkSupported = networkSupported;
mShouldBoostUclamp = shouldBoostUclamp;
mShouldUseHugepages = shouldUseHugepages;
}
@@ -381,8 +374,6 @@
}
}
- builder.setNetworkSupported(b.getBoolean(KEY_NETWORK_SUPPORTED));
-
builder.setShouldBoostUclamp(b.getBoolean(KEY_SHOULD_BOOST_UCLAMP));
builder.setShouldUseHugepages(b.getBoolean(KEY_SHOULD_USE_HUGEPAGES));
@@ -436,7 +427,6 @@
String[] extraApks = mExtraApks.toArray(new String[0]);
b.putStringArray(KEY_EXTRA_APKS, extraApks);
}
- b.putBoolean(KEY_NETWORK_SUPPORTED, mNetworkSupported);
b.putBoolean(KEY_SHOULD_BOOST_UCLAMP, mShouldBoostUclamp);
b.putBoolean(KEY_SHOULD_USE_HUGEPAGES, mShouldUseHugepages);
b.writeToStream(output);
@@ -615,16 +605,6 @@
}
/**
- * Returns whether the network feature is supported to the VM or not.
- *
- * @hide
- */
- @TestApi
- public boolean isNetworkSupported() {
- return mNetworkSupported;
- }
-
- /**
* Tests if this config is compatible with other config. Being compatible means that the configs
* can be interchangeably used for the same virtual machine; they do not change the VM identity
* or secrets. Such changes include varying the number of CPUs or the size of the RAM. Changes
@@ -728,7 +708,6 @@
config.cpuTopology = (byte) this.mCpuTopology;
config.consoleInputDevice = mConsoleInputDevice;
config.devices = EMPTY_STRING_ARRAY;
- config.networkSupported = this.mNetworkSupported;
config.platformVersion = "~1.0";
return config;
}
@@ -781,22 +760,18 @@
break;
}
- if (mVendorDiskImage != null || mNetworkSupported) {
+ if (mVendorDiskImage != null) {
VirtualMachineAppConfig.CustomConfig customConfig =
new VirtualMachineAppConfig.CustomConfig();
customConfig.devices = EMPTY_STRING_ARRAY;
- if (mVendorDiskImage != null) {
- try {
- customConfig.vendorImage =
- ParcelFileDescriptor.open(mVendorDiskImage, MODE_READ_ONLY);
- } catch (FileNotFoundException e) {
- throw new VirtualMachineException(
- "Failed to open vendor disk image "
- + mVendorDiskImage.getAbsolutePath(),
- e);
- }
+ try {
+ customConfig.vendorImage =
+ ParcelFileDescriptor.open(mVendorDiskImage, MODE_READ_ONLY);
+ } catch (FileNotFoundException e) {
+ throw new VirtualMachineException(
+ "Failed to open vendor disk image " + mVendorDiskImage.getAbsolutePath(),
+ e);
}
- customConfig.networkSupported = mNetworkSupported;
vsConfig.customConfig = customConfig;
}
@@ -882,7 +857,6 @@
private boolean mConnectVmConsole = false;
@Nullable private File mVendorDiskImage;
@NonNull @OsName private String mOs = DEFAULT_OS;
- private boolean mNetworkSupported;
private boolean mShouldBoostUclamp = false;
private boolean mShouldUseHugepages = false;
@@ -961,10 +935,6 @@
"debug level must be FULL to connect to the console");
}
- if (mNetworkSupported && mProtectedVm) {
- throw new IllegalStateException("network is not supported on pVM");
- }
-
return new VirtualMachineConfig(
packageName,
apkPath,
@@ -983,7 +953,6 @@
mConnectVmConsole,
mVendorDiskImage,
mOs,
- mNetworkSupported,
mShouldBoostUclamp,
mShouldUseHugepages);
}
@@ -1291,23 +1260,6 @@
return this;
}
- /**
- * Sets whether to support network feature to VM. Default is {@code false}.
- *
- * @hide
- */
- @TestApi
- @RequiresPermission(
- allOf = {
- VirtualMachine.USE_CUSTOM_VIRTUAL_MACHINE_PERMISSION,
- Manifest.permission.INTERNET
- })
- @NonNull
- public Builder setNetworkSupported(boolean networkSupported) {
- mNetworkSupported = networkSupported;
- return this;
- }
-
/** @hide */
public Builder setShouldBoostUclamp(boolean shouldBoostUclamp) {
mShouldBoostUclamp = shouldBoostUclamp;
diff --git a/java/framework/src/android/system/virtualmachine/VirtualMachineCustomImageConfig.java b/java/framework/src/android/system/virtualmachine/VirtualMachineCustomImageConfig.java
index c0ff11a..8d4886a 100644
--- a/java/framework/src/android/system/virtualmachine/VirtualMachineCustomImageConfig.java
+++ b/java/framework/src/android/system/virtualmachine/VirtualMachineCustomImageConfig.java
@@ -36,6 +36,7 @@
private static final String KEY_TOUCH = "touch";
private static final String KEY_KEYBOARD = "keyboard";
private static final String KEY_MOUSE = "mouse";
+ private static final String KEY_NETWORK = "network";
private static final String KEY_GPU = "gpu";
@Nullable private final String name;
@@ -48,6 +49,7 @@
private final boolean touch;
private final boolean keyboard;
private final boolean mouse;
+ private final boolean network;
@Nullable private final GpuConfig gpuConfig;
@Nullable
@@ -92,6 +94,10 @@
return mouse;
}
+ public boolean useNetwork() {
+ return network;
+ }
+
/** @hide */
public VirtualMachineCustomImageConfig(
String name,
@@ -104,6 +110,7 @@
boolean touch,
boolean keyboard,
boolean mouse,
+ boolean network,
GpuConfig gpuConfig) {
this.name = name;
this.kernelPath = kernelPath;
@@ -115,6 +122,7 @@
this.touch = touch;
this.keyboard = keyboard;
this.mouse = mouse;
+ this.network = network;
this.gpuConfig = gpuConfig;
}
@@ -146,6 +154,7 @@
builder.useTouch(customImageConfigBundle.getBoolean(KEY_TOUCH));
builder.useKeyboard(customImageConfigBundle.getBoolean(KEY_KEYBOARD));
builder.useMouse(customImageConfigBundle.getBoolean(KEY_MOUSE));
+ builder.useNetwork(customImageConfigBundle.getBoolean(KEY_NETWORK));
builder.setGpuConfig(GpuConfig.from(customImageConfigBundle.getPersistableBundle(KEY_GPU)));
return builder.build();
}
@@ -178,6 +187,7 @@
pb.putBoolean(KEY_TOUCH, touch);
pb.putBoolean(KEY_KEYBOARD, keyboard);
pb.putBoolean(KEY_MOUSE, mouse);
+ pb.putBoolean(KEY_NETWORK, network);
pb.putPersistableBundle(
KEY_GPU,
Optional.ofNullable(gpuConfig).map(gc -> gc.toPersistableBundle()).orElse(null));
@@ -237,6 +247,7 @@
private boolean touch;
private boolean keyboard;
private boolean mouse;
+ private boolean network;
private GpuConfig gpuConfig;
/** @hide */
@@ -309,6 +320,12 @@
}
/** @hide */
+ public Builder useNetwork(boolean network) {
+ this.network = network;
+ return this;
+ }
+
+ /** @hide */
public VirtualMachineCustomImageConfig build() {
return new VirtualMachineCustomImageConfig(
this.name,
@@ -321,6 +338,7 @@
touch,
keyboard,
mouse,
+ network,
gpuConfig);
}
}
diff --git a/tests/testapk/AndroidManifestV5.xml b/tests/testapk/AndroidManifestV5.xml
index b869586..7d97680 100644
--- a/tests/testapk/AndroidManifestV5.xml
+++ b/tests/testapk/AndroidManifestV5.xml
@@ -18,7 +18,6 @@
android:versionCode="5">
<uses-permission android:name="android.permission.MANAGE_VIRTUAL_MACHINE" />
<uses-permission android:name="android.permission.USE_CUSTOM_VIRTUAL_MACHINE" />
- <uses-permission android:name="android.permission.INTERNET" />
<uses-sdk android:minSdkVersion="33" android:targetSdkVersion="33" />
<uses-feature android:name="android.software.virtualization_framework" android:required="false" />
<queries>
diff --git a/tests/testapk/AndroidManifestV6.xml b/tests/testapk/AndroidManifestV6.xml
index c55da85..19d5674 100644
--- a/tests/testapk/AndroidManifestV6.xml
+++ b/tests/testapk/AndroidManifestV6.xml
@@ -18,7 +18,6 @@
android:versionCode="6">
<uses-permission android:name="android.permission.MANAGE_VIRTUAL_MACHINE" />
<uses-permission android:name="android.permission.USE_CUSTOM_VIRTUAL_MACHINE" />
- <uses-permission android:name="android.permission.INTERNET" />
<uses-sdk android:minSdkVersion="33" android:targetSdkVersion="33" />
<uses-feature android:name="android.software.virtualization_framework" android:required="false" />
<queries>
diff --git a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
index 4d0f5eb..55badcc 100644
--- a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
+++ b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
@@ -576,7 +576,6 @@
assertThat(minimal.getEncryptedStorageBytes()).isEqualTo(0);
assertThat(minimal.isVmOutputCaptured()).isFalse();
assertThat(minimal.getOs()).isEqualTo("microdroid");
- assertThat(minimal.isNetworkSupported()).isFalse();
// Maximal has everything that can be set to some non-default value. (And has different
// values than minimal for the required fields.)
@@ -593,9 +592,6 @@
.setEncryptedStorageBytes(1_000_000)
.setVmOutputCaptured(true)
.setOs("microdroid_gki-android14-6.1");
- if (!mProtectedVm) {
- maximalBuilder.setNetworkSupported(true);
- }
VirtualMachineConfig maximal = maximalBuilder.build();
assertThat(maximal.getApkPath()).isEqualTo("/apk/path");
@@ -612,9 +608,6 @@
assertThat(maximal.getEncryptedStorageBytes()).isEqualTo(1_000_000);
assertThat(maximal.isVmOutputCaptured()).isTrue();
assertThat(maximal.getOs()).isEqualTo("microdroid_gki-android14-6.1");
- if (!mProtectedVm) {
- assertThat(maximal.isNetworkSupported()).isTrue();
- }
assertThat(minimal.isCompatibleWith(maximal)).isFalse();
assertThat(minimal.isCompatibleWith(minimal)).isTrue();
@@ -669,18 +662,6 @@
.setVmConsoleInputSupported(true);
e = assertThrows(IllegalStateException.class, () -> captureInputOnNonDebuggable.build());
assertThat(e).hasMessageThat().contains("debug level must be FULL to use console input");
-
- if (mProtectedVm) {
- VirtualMachineConfig.Builder networkSupportedOnProtectedVm =
- newVmConfigBuilderWithPayloadBinary("binary.so")
- .setProtectedVm(mProtectedVm)
- .setNetworkSupported(true);
- e =
- assertThrows(
- IllegalStateException.class,
- () -> networkSupportedOnProtectedVm.build());
- assertThat(e).hasMessageThat().contains("network is not supported on pVM");
- }
}
@Test
@@ -2322,49 +2303,6 @@
}
}
- private VirtualMachineConfig buildVmConfigWithNetworkSupported() throws Exception {
- return buildVmConfigWithNetworkSupported("MicrodroidTestNativeLib.so");
- }
-
- private VirtualMachineConfig buildVmConfigWithNetworkSupported(String binaryPath)
- throws Exception {
- assumeSupportedDevice();
- assumeNonProtectedVM();
- assumeFeatureEnabled(VirtualMachineManager.FEATURE_NETWORK);
- VirtualMachineConfig config =
- newVmConfigBuilderWithPayloadBinary(binaryPath)
- .setNetworkSupported(true)
- .setDebugLevel(DEBUG_LEVEL_FULL)
- .build();
- grantPermission(VirtualMachine.USE_CUSTOM_VIRTUAL_MACHINE_PERMISSION);
- return config;
- }
-
- @Test
- public void configuringNetworkSupportedRequiresCustomPermission() throws Exception {
- VirtualMachineConfig config = buildVmConfigWithNetworkSupported();
- revokePermission(VirtualMachine.USE_CUSTOM_VIRTUAL_MACHINE_PERMISSION);
-
- VirtualMachine vm =
- forceCreateNewVirtualMachine(
- "test_network_supported_req_custom_permission", config);
- SecurityException e =
- assertThrows(
- SecurityException.class, () -> runVmTestService(TAG, vm, (ts, tr) -> {}));
- assertThat(e)
- .hasMessageThat()
- .contains("android.permission.USE_CUSTOM_VIRTUAL_MACHINE permission");
- }
-
- @Test
- public void bootsWithNetworkSupported() throws Exception {
- VirtualMachineConfig config = buildVmConfigWithNetworkSupported();
-
- VirtualMachine vm =
- forceCreateNewVirtualMachine("test_boot_with_network_supported", config);
- runVmTestService(TAG, vm, (ts, tr) -> {}).assertNoException();
- }
-
@Test
public void createAndRunRustVm() throws Exception {
// This test is here mostly to exercise the Rust wrapper around the VM Payload API.
diff --git a/tests/testapk_no_internet_perm/Android.bp b/tests/testapk_no_internet_perm/Android.bp
deleted file mode 100644
index d23081f..0000000
--- a/tests/testapk_no_internet_perm/Android.bp
+++ /dev/null
@@ -1,26 +0,0 @@
-package {
- default_applicable_licenses: ["Android-Apache-2.0"],
-}
-
-android_test {
- name: "MicrodroidTestAppNoInternetPerm",
- static_libs: [
- "MicrodroidDeviceTestHelper",
- "MicrodroidTestHelper",
- "androidx.test.runner",
- "androidx.test.ext.junit",
- "com.android.microdroid.testservice-java",
- "truth",
- "compatibility-common-util-devicesidelib",
- ],
- jni_libs: [
- "MicrodroidTestNativeLib",
- ],
- test_suites: [
- "general-tests",
- "cts",
- ],
- srcs: ["src/java/**/*.java"],
- defaults: ["MicrodroidTestAppsDefaults"],
- min_sdk_version: "34",
-}
diff --git a/tests/testapk_no_internet_perm/AndroidManifest.xml b/tests/testapk_no_internet_perm/AndroidManifest.xml
deleted file mode 100644
index 87b302a..0000000
--- a/tests/testapk_no_internet_perm/AndroidManifest.xml
+++ /dev/null
@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (C) 2024 The Android Open Source Project
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-
-<manifest xmlns:android="http://schemas.android.com/apk/res/android"
- package="com.android.microdroid.test_no_internet_perm">
- <uses-permission android:name="android.permission.MANAGE_VIRTUAL_MACHINE" />
- <uses-permission android:name="android.permission.USE_CUSTOM_VIRTUAL_MACHINE" />
- <uses-sdk android:minSdkVersion="34" android:targetSdkVersion="34" />
- <uses-feature android:name="android.software.virtualization_framework" android:required="false" />
- <application />
- <instrumentation android:name="androidx.test.runner.AndroidJUnitRunner"
- android:targetPackage="com.android.microdroid.test_no_internet_perm"
- android:label="No Internet Permission Microdroid Test" />
-</manifest>
diff --git a/tests/testapk_no_internet_perm/AndroidTest.xml b/tests/testapk_no_internet_perm/AndroidTest.xml
deleted file mode 100644
index 61f8b8c..0000000
--- a/tests/testapk_no_internet_perm/AndroidTest.xml
+++ /dev/null
@@ -1,31 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (C) 2024 The Android Open Source Project
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<configuration description="Runs Microdroid Tests with no internet permission">
- <option name="test-suite-tag" value="cts" />
- <option name="config-descriptor:metadata" key="component" value="security" />
- <option name="config-descriptor:metadata" key="parameter" value="not_instant_app" />
- <option name="config-descriptor:metadata" key="parameter" value="not_multi_abi" />
- <option name="config-descriptor:metadata" key="parameter" value="secondary_user" />
- <target_preparer class="com.android.tradefed.targetprep.suite.SuiteApkInstaller">
- <option name="test-file-name" value="MicrodroidTestAppNoInternetPerm.apk" />
- </target_preparer>
- <test class="com.android.tradefed.testtype.AndroidJUnitTest" >
- <option name="package" value="com.android.microdroid.test_no_internet_perm" />
- <option name="runner" value="androidx.test.runner.AndroidJUnitRunner" />
- <option name="shell-timeout" value="300000" />
- <option name="test-timeout" value="300000" />
- </test>
-</configuration>
diff --git a/tests/testapk_no_internet_perm/src/java/com/android/microdroid/test/MicrodroidTestAppNoInternetPerm.java b/tests/testapk_no_internet_perm/src/java/com/android/microdroid/test/MicrodroidTestAppNoInternetPerm.java
deleted file mode 100644
index 767f745..0000000
--- a/tests/testapk_no_internet_perm/src/java/com/android/microdroid/test/MicrodroidTestAppNoInternetPerm.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright 2024 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package com.android.microdroid.test;
-
-import static com.google.common.truth.Truth.assertThat;
-
-import static org.junit.Assert.assertThrows;
-
-import android.system.virtualmachine.VirtualMachine;
-import android.system.virtualmachine.VirtualMachineConfig;
-import android.system.virtualmachine.VirtualMachineManager;
-
-import com.android.microdroid.test.device.MicrodroidDeviceTestBase;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.runners.Parameterized;
-
-/**
- * Test that the android.permission.MANAGE_VIRTUAL_MACHINE is enforced and that an app cannot launch
- * a VM without said permission.
- */
-@RunWith(Parameterized.class)
-public class MicrodroidTestAppNoInternetPerm extends MicrodroidDeviceTestBase {
- private static final String TAG = "MicrodroidTestAppNoInternetPerm";
-
- @Parameterized.Parameters(name = "protectedVm={0}")
- public static Object[] protectedVmConfigs() {
- return new Object[] {false, true};
- }
-
- @Parameterized.Parameter public boolean mProtectedVm;
-
- @Before
- public void setup() {
- prepareTestSetup(mProtectedVm, null);
- }
-
- @Test
- public void configuringNetworkSupportedRequiresInternetPermission() throws Exception {
- assumeSupportedDevice();
- assumeNonProtectedVM();
- assumeFeatureEnabled(VirtualMachineManager.FEATURE_NETWORK);
-
- VirtualMachineConfig config =
- newVmConfigBuilderWithPayloadBinary("MicrodroidTestNativeLib.so")
- .setNetworkSupported(true)
- .build();
-
- VirtualMachine vm =
- forceCreateNewVirtualMachine(
- "config_network_supported_req_internet_permission", config);
- SecurityException e =
- assertThrows(
- SecurityException.class, () -> runVmTestService(TAG, vm, (ts, tr) -> {}));
- assertThat(e).hasMessageThat().contains("android.permission.INTERNET permission");
- }
-}
diff --git a/vmlauncher_app/java/com/android/virtualization/vmlauncher/MainActivity.java b/vmlauncher_app/java/com/android/virtualization/vmlauncher/MainActivity.java
index a103dd0..c2f218a 100644
--- a/vmlauncher_app/java/com/android/virtualization/vmlauncher/MainActivity.java
+++ b/vmlauncher_app/java/com/android/virtualization/vmlauncher/MainActivity.java
@@ -83,7 +83,6 @@
configBuilder.setCpuTopology(CPU_TOPOLOGY_MATCH_HOST);
configBuilder.setProtectedVm(false);
- configBuilder.setNetworkSupported(true);
if (DEBUG) {
configBuilder.setDebugLevel(VirtualMachineConfig.DEBUG_LEVEL_FULL);
configBuilder.setVmOutputCaptured(true);
@@ -189,6 +188,7 @@
customImageConfigBuilder.useTouch(true);
customImageConfigBuilder.useKeyboard(true);
customImageConfigBuilder.useMouse(true);
+ customImageConfigBuilder.useNetwork(true);
configBuilder.setCustomImageConfig(customImageConfigBuilder.build());