Add a tap device if it is available
It needs to turn off sepolicy enforcement to use a tap device.
But it's still useful for development
Test: if ro.crosvm.network.setup.done is false, work as-is
Test: adb root; adb shell /data/local/tmp/setup_network.sh and then run
the launcher
Bug: 334888563
Bug: 333309141
Change-Id: I5ae9f9d489e8a30b7677112ccc5e8a1c86bb43e4
diff --git a/virtualizationmanager/src/crosvm.rs b/virtualizationmanager/src/crosvm.rs
index d5b9e03..040e552 100644
--- a/virtualizationmanager/src/crosvm.rs
+++ b/virtualizationmanager/src/crosvm.rs
@@ -977,6 +977,15 @@
}
if cfg!(paravirtualized_devices) {
+ // TODO(b/325929096): Need to set up network from the config
+ if rustutils::system_properties::read_bool("ro.crosvm.network.setup.done", false)
+ .unwrap_or(false)
+ {
+ command.arg("--net").arg("tap-name=crosvm_tap");
+ }
+ }
+
+ if cfg!(paravirtualized_devices) {
for input_device_option in config.input_device_options.iter() {
command.arg("--input");
command.arg(match input_device_option {
diff --git a/vmlauncher_app/AndroidManifest.xml b/vmlauncher_app/AndroidManifest.xml
index 607a895..d800ec7 100644
--- a/vmlauncher_app/AndroidManifest.xml
+++ b/vmlauncher_app/AndroidManifest.xml
@@ -4,9 +4,11 @@
<uses-permission android:name="android.permission.MANAGE_VIRTUAL_MACHINE" />
<uses-permission android:name="android.permission.USE_CUSTOM_VIRTUAL_MACHINE" />
+ <uses-permission android:name="android.permission.INTERNET" />
<uses-feature android:name="android.software.virtualization_framework" android:required="true" />
<application
- android:label="VmLauncherApp">
+ android:label="VmLauncherApp"
+ android:networkSecurityConfig="@xml/network_security_config">
<activity android:name=".MainActivity"
android:enabled="false"
android:screenOrientation="landscape"
diff --git a/vmlauncher_app/res/xml/network_security_config.xml b/vmlauncher_app/res/xml/network_security_config.xml
new file mode 100644
index 0000000..f27fa56
--- /dev/null
+++ b/vmlauncher_app/res/xml/network_security_config.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ ~ Copyright (C) 2024 The Android Open Source Project
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<network-security-config>
+ <domain-config cleartextTrafficPermitted="true">
+ <domain includeSubdomains="true">localhost</domain>
+ </domain-config>
+</network-security-config>