Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 65bbb91d4870cceb47a6064296e99410068ea3ab^! / . / vm_payload / include
commit65bbb91d4870cceb47a6064296e99410068ea3ab[log] [tgz]
authorAlan Stokes <alanstokes@google.com>Wed Nov 23 09:39:34 2022 +0000
committerAlan Stokes <alanstokes@google.com>Wed Nov 23 15:36:11 2022 +0000
treec8af54f029074b473fb3c3a5a48850d760c26e34
parent06cba6fd5fc71f80e0b034e0036880ff15a3b800 [diff]
Panic on non-actionable failures

This is based on Michael's comments on aosp/2280849. For methods which
should never fail unless the VM is already dying, and for which
clients cannot take any meaningful action, panic instead of returning
false. Make sure we log the cause first.

Update client code to match. Update doc comments in the header file.

Also clarify that calling notify read more than once is harmless
(otherwise it would panic).

Incidentally, rename vs_payload_service.rs because it was confusing me
(we have a file of the same name in microdroid manager which actually
implements the service.)

Changes to AVmPayload_runVsockRpcServer will come later.

Bug: 243512108
Test: atest MicrodroidTests
Test: composd_cmd --test-compile
Change-Id: Ie6f6203ba54246cac669f4a68e8ab76f0a5792ae

diff --git a/vm_payload/include/vm_payload.h b/vm_payload/include/vm_payload.h
index 48518ff..0ad4c64 100644
--- a/vm_payload/include/vm_payload.h
+++ b/vm_payload/include/vm_payload.h

@@ -30,9 +30,13 @@
 /**
  * Notifies the host that the payload is ready.
  *
- * \return true if the notification succeeds else false.
+ * If the host app has set a `VirtualMachineCallback` for the VM, its
+ * `onPayloadReady` method will be called.
+ *
+ * Note that subsequent calls to this function after the first have no effect;
+ * `onPayloadReady` is never called more than once.
  */
-bool AVmPayload_notifyPayloadReady(void);
+void AVmPayload_notifyPayloadReady(void);
 
 /**
  * Runs a binder RPC server, serving the supplied binder service implementation on the given vsock
@@ -57,17 +61,15 @@
 
 /**
  * Get a secret that is uniquely bound to this VM instance. The secrets are
- * values up to 32 bytes long and the value associated with an identifier will
- * not change over the lifetime of the VM instance.
+ * 32-byte values and the value associated with an identifier will not change
+ * over the lifetime of the VM instance.
  *
  * \param identifier identifier of the secret to return.
  * \param identifier_size size of the secret identifier.
  * \param secret pointer to size bytes where the secret is written.
- * \param size number of bytes of the secret to get, up to the secret size.
- *
- * \return true on success and false on failure.
+ * \param size number of bytes of the secret to get, <= 32.
  */
-bool AVmPayload_getVmInstanceSecret(const void *identifier, size_t identifier_size, void *secret,
+void AVmPayload_getVmInstanceSecret(const void *identifier, size_t identifier_size, void *secret,
                                     size_t size);
 
 /**