commit 6f03c944f6434d6302809142c95538d2b7677cb0
author Shikha Panwar <shikhapanwar@google.com> Wed Apr 13 20:26:50 2022 +0000
committer Shikha Panwar <shikhapanwar@google.com> Tue Apr 19 14:40:04 2022 +0000
tree 67543b1e4347db80e8f71986fa1c7eb249d203be
parent 52d83d4da5edd38a88a4a5d79523706748755476

Make exporting tombstone (out of VM) configurable

VM owner must specify export_tombstones value in assets/vm_config in
payload apk to enable/disable exporting the tombstones out of VM. This
is also dm-verity protected so only the owner of the VM can make the
change.  There is no default value for this for now. Virtualization
service will fail at load_config() throw binder_exception to client.

Test: atest . (all tests in /packages/modules/Virtualization)
Bug: 227443903

Change-Id: I82325a9ffc57d4d4825d51d9d41ebb767e6c1f6f

compos/apk/assets/vm_config.json

diff --git a/compos/apk/assets/vm_config.json b/compos/apk/assets/vm_config.json
index b93c3f7..c4abfd9 100644
--- a/compos/apk/assets/vm_config.json
+++ b/compos/apk/assets/vm_config.json
@@ -25,5 +25,6 @@
     {
       "name": "{CLASSPATH}"
     }
-  ]
+  ],
+  "export_tombstones": true
 }

compos/apk/assets/vm_config_staged.json

diff --git a/compos/apk/assets/vm_config_staged.json b/compos/apk/assets/vm_config_staged.json
index 83fa6eb..0be6e78 100644
--- a/compos/apk/assets/vm_config_staged.json
+++ b/compos/apk/assets/vm_config_staged.json
@@ -26,5 +26,6 @@
     {
       "name": "{CLASSPATH}"
     }
-  ]
+  ],
+  "export_tombstones": true
 }

demo/assets/vm_config.json

diff --git a/demo/assets/vm_config.json b/demo/assets/vm_config.json
index b814394..da420ff 100644
--- a/demo/assets/vm_config.json
+++ b/demo/assets/vm_config.json
@@ -9,5 +9,6 @@
       "hello",
       "microdroid"
     ]
-  }
+  },
+  "export_tombstones": true
 }

microdroid/bootconfig.common

diff --git a/microdroid/bootconfig.common b/microdroid/bootconfig.common
index c202ba0..eda95a2 100644
--- a/microdroid/bootconfig.common
+++ b/microdroid/bootconfig.common
@@ -1,6 +1,2 @@
 androidboot.first_stage_console = 1
 androidboot.hardware = microdroid
-
-# tombstone_transmit is enabled. Tombstones will be transmitted to the host
-# TODO(b/227443903) : Make this configurable by VM owners
-androidboot.tombstone_transmit.enabled=1

microdroid/init.rc

diff --git a/microdroid/init.rc b/microdroid/init.rc
index dbe5ac7..93cced8 100644
--- a/microdroid/init.rc
+++ b/microdroid/init.rc
@@ -173,9 +173,6 @@
     mkdir /data/local 0751 root root
     mkdir /data/local/tmp 0771 shell shell
 
-on init && property:ro.boot.tombstone_transmit.enabled=1
-     start tombstone_transmit
-
 service tombstone_transmit /system/bin/tombstone_transmit.microdroid -cid 2 -port 2000
     user root
     group system

microdroid/payload/config/src/lib.rs

diff --git a/microdroid/payload/config/src/lib.rs b/microdroid/payload/config/src/lib.rs
index 67e8feb..b82544f 100644
--- a/microdroid/payload/config/src/lib.rs
+++ b/microdroid/payload/config/src/lib.rs
@@ -38,6 +38,10 @@
     /// Tells VirtualizationService to use staged APEXes if possible
     #[serde(default)]
     pub prefer_staged: bool,
+
+    /// Whether to export the tomsbtones (VM crashes) out of VM to host
+    /// This does not have a default & the value is expected to be in json for deserialization
+    pub export_tombstones: bool,
 }
 
 /// OS config

microdroid_manager/src/main.rs

diff --git a/microdroid_manager/src/main.rs b/microdroid_manager/src/main.rs
index 9e159d2..8c85d3e 100644
--- a/microdroid_manager/src/main.rs
+++ b/microdroid_manager/src/main.rs
@@ -254,6 +254,13 @@
     );
 
     let config = load_config(Path::new(&metadata.payload_config_path))?;
+
+    // Start tombstone_transmit if enabled
+    if config.export_tombstones {
+        system_properties::write("ctl.start", "tombstone_transmit")
+            .context("Failed to start tombstone_transmit")?;
+    }
+
     if config.extra_apks.len() != verified_data.extra_apks_data.len() {
         return Err(anyhow!(
             "config expects {} extra apks, but found only {}",

tests/benchmark/assets/vm_config.json

diff --git a/tests/benchmark/assets/vm_config.json b/tests/benchmark/assets/vm_config.json
index d431877..d8cbb86 100644
--- a/tests/benchmark/assets/vm_config.json
+++ b/tests/benchmark/assets/vm_config.json
@@ -6,6 +6,7 @@
     "type": "microdroid_launcher",
     "command": "empty_payload.so",
     "args": []
-  }
+  },
+  "export_tombstones": true
 }
 

tests/testapk/assets/vm_config.json

diff --git a/tests/testapk/assets/vm_config.json b/tests/testapk/assets/vm_config.json
index b814394..da420ff 100644
--- a/tests/testapk/assets/vm_config.json
+++ b/tests/testapk/assets/vm_config.json
@@ -9,5 +9,6 @@
       "hello",
       "microdroid"
     ]
-  }
+  },
+  "export_tombstones": true
 }

tests/testapk/assets/vm_config_extra_apk.json

diff --git a/tests/testapk/assets/vm_config_extra_apk.json b/tests/testapk/assets/vm_config_extra_apk.json
index a5bae63..d7d3dd7 100644
--- a/tests/testapk/assets/vm_config_extra_apk.json
+++ b/tests/testapk/assets/vm_config_extra_apk.json
@@ -14,5 +14,6 @@
     {
       "path": "/system/etc/security/fsverity/BuildManifest.apk"
     }
-  ]
+  ],
+  "export_tombstones": true
 }