Add a property to reflect the app debuggability
Set a build-time config to declare app debuggability that is used as
input to DICE and by apps, such as compos, that make decisions based on
this state. This will make it easier to tweak the definition of
debuggability and keep it consistent across dependents.
Bug: 219740340
Test: atest ComposHostTestCases
Test: atest MicrodroidTests
Change-Id: I770ae615a958dd6939925c400336a2550a3d950d
diff --git a/compos/src/compilation.rs b/compos/src/compilation.rs
index 6049991..e14cd94 100644
--- a/compos/src/compilation.rs
+++ b/compos/src/compilation.rs
@@ -59,9 +59,10 @@
system_server_compiler_filter: &'a str,
) -> Result<Self> {
if compilation_mode != CompilationMode::NORMAL_COMPILE {
- let debuggable = is_property_set("ro.boot.microdroid.debuggable")
- || is_property_set("ro.boot.logd.enabled")
- || is_property_set("ro.boot.adb.enabled");
+ // Conservatively check debuggability.
+ let debuggable =
+ system_properties::read_bool("ro.boot.microdroid.app_debuggable", false)
+ .unwrap_or(false);
if !debuggable {
bail!("Requested compilation mode only available in debuggable VMs");
}
@@ -96,12 +97,6 @@
}
}
-// Return whether the named property is definitely enabled. Deliberately conservative; returns
-// false if the property does not exist or cannot be read or is malformed.
-fn is_property_set(name: &str) -> bool {
- system_properties::read_bool(name, false).unwrap_or(false)
-}
-
pub fn odrefresh<F>(
odrefresh_path: &Path,
context: OdrefreshContext,
diff --git a/microdroid/bootconfig.app_debuggable b/microdroid/bootconfig.app_debuggable
index 5257b6e..0d85186 100644
--- a/microdroid/bootconfig.app_debuggable
+++ b/microdroid/bootconfig.app_debuggable
@@ -1,3 +1,6 @@
+# The app is debuggable.
+androidboot.microdroid.app_debuggable=1
+
# TODO(b/203369076) This should be 0 to disable adb rooting. For now, we can't do that because
# if this is set to 0, adbd enforces the host authentication but we don't put the adb
# public key (which represents the owner) in the VM yet.
diff --git a/microdroid/bootconfig.full_debuggable b/microdroid/bootconfig.full_debuggable
index fd8a83e..0bdd810 100644
--- a/microdroid/bootconfig.full_debuggable
+++ b/microdroid/bootconfig.full_debuggable
@@ -1,3 +1,6 @@
+# The app is debuggable as full_debuggable is a superser of app_debuggable.
+androidboot.microdroid.app_debuggable=1
+
# ro.debuggable is set.
androidboot.microdroid.debuggable=1
diff --git a/microdroid/bootconfig.normal b/microdroid/bootconfig.normal
index 4378dbc..708d64b 100644
--- a/microdroid/bootconfig.normal
+++ b/microdroid/bootconfig.normal
@@ -1,3 +1,6 @@
+# The app is not debuggable.
+androidboot.microdroid.app_debuggable=0
+
# ro.debuggable is off
androidboot.microdroid.debuggable=0
diff --git a/microdroid_manager/src/main.rs b/microdroid_manager/src/main.rs
index 1b3aa7f..b644285 100644
--- a/microdroid_manager/src/main.rs
+++ b/microdroid_manager/src/main.rs
@@ -67,8 +67,7 @@
const APEX_CONFIG_DONE_PROP: &str = "apex_config.done";
const LOGD_ENABLED_PROP: &str = "ro.boot.logd.enabled";
-const ADBD_ENABLED_PROP: &str = "ro.boot.adb.enabled";
-const DEBUGGABLE_PROP: &str = "ro.boot.microdroid.debuggable";
+const APP_DEBUGGABLE_PROP: &str = "ro.boot.microdroid.app_debuggable";
#[derive(thiserror::Error, Debug)]
enum MicrodroidError {
@@ -145,15 +144,6 @@
}
}
-fn is_debuggable() -> Result<bool> {
- // Read all the properties so the behaviour is most similar between debug and non-debug boots.
- // Defensively default to debug enabled for unrecognised values.
- let adb = system_properties::read_bool(ADBD_ENABLED_PROP, true)?;
- let logd = system_properties::read_bool(LOGD_ENABLED_PROP, true)?;
- let debuggable = system_properties::read_bool(DEBUGGABLE_PROP, true)?;
- Ok(adb || logd || debuggable)
-}
-
fn dice_derivation(verified_data: MicrodroidData, payload_config_path: &str) -> Result<()> {
// Calculate compound digests of code and authorities
let mut code_hash_ctx = digest::Context::new(&digest::SHA512);
@@ -183,6 +173,9 @@
encode_header(3, config_path_bytes.len().try_into().unwrap(), &mut config_desc)?;
config_desc.extend_from_slice(config_path_bytes);
+ // Check app debuggability, conervatively assuming it is debuggable
+ let app_debuggable = system_properties::read_bool(APP_DEBUGGABLE_PROP, true)?;
+
// Send the details to diced
let diced =
wait_for_interface::<dyn IDiceMaintenance>("android.security.dice.IDiceMaintenance")
@@ -193,7 +186,7 @@
config: Config { desc: config_desc },
authorityHash: authority_hash,
authorityDescriptor: None,
- mode: if is_debuggable()? { Mode::DEBUG } else { Mode::NORMAL },
+ mode: if app_debuggable { Mode::DEBUG } else { Mode::NORMAL },
hidden: verified_data.salt.try_into().unwrap(),
}])
.context("IDiceMaintenance::demoteSelf failed")?;