commit 7bc146c6659d5ea35a8219f5abea1f50950f4417
author Alan Stokes <alanstokes@google.com> Thu Oct 20 17:10:32 2022 +0100
committer Alan Stokes <alanstokes@google.com> Fri Oct 21 17:15:24 2022 +0100
tree 769986ebd678b8f167ca07c99fe550b371321982
parent b3fe40df155272addde56d0f29bc707d54012004

Config file requires custom VM permission

Modify VS to require the USE_CUSTOM_VIRTUAL_MACHINE permission if a
config file is specified.

Modify the tests to grant the necessary permissions at runtime rather
than via AndroidTest.xml. Make use of a config file explicit, and only
do so (and grant the custom VM permission) for the tests that need it.

Moved the existing permission test to a device test and added a new
one for the custom VM permission. That failed unexpectedly, so I fixed
the way we were reporting the exception.

Other minor tidying up. Renamed MicrodroidTestCase to
MicrodroidHostTests because it kept confusing me.

Bug: 243513572
Test: atest MicrodroidTests MicrodroidHostTests
Change-Id: Ie67e7ed214dc9c95e453ca1fcc38a1b18d4f5f88

tests/hostside/AndroidTest.xml

diff --git a/tests/hostside/AndroidTest.xml b/tests/hostside/AndroidTest.xml
index 5c3e5d1..18728ad 100644
--- a/tests/hostside/AndroidTest.xml
+++ b/tests/hostside/AndroidTest.xml
@@ -13,7 +13,7 @@
      See the License for the specific language governing permissions and
      limitations under the License.
 -->
-<configuration description="Tests for microdroid">
+<configuration description="Host driven tests for Microdroid">
     <option name="test-suite-tag" value="cts" />
     <option name="config-descriptor:metadata" key="component" value="security" />
     <option name="config-descriptor:metadata" key="parameter" value="not_instant_app" />

tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java

diff --git a/tests/hostside/java/com/android/microdroid/test/MicrodroidTestCase.java b/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java
similarity index 94%
rename from tests/hostside/java/com/android/microdroid/test/MicrodroidTestCase.java
rename to tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java
index 190c524..c9df624 100644
--- a/tests/hostside/java/com/android/microdroid/test/MicrodroidTestCase.java
+++ b/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java
@@ -38,11 +38,8 @@
 import com.android.os.AtomsProto;
 import com.android.os.StatsLog;
 import com.android.tradefed.device.DeviceNotAvailableException;
-import com.android.tradefed.result.TestDescription;
-import com.android.tradefed.result.TestResult;
 import com.android.tradefed.testtype.DeviceJUnit4ClassRunner;
 import com.android.tradefed.testtype.DeviceJUnit4ClassRunner.TestMetrics;
-import com.android.tradefed.testtype.junit4.DeviceTestRunOptions;
 import com.android.tradefed.util.CommandResult;
 import com.android.tradefed.util.FileUtil;
 import com.android.tradefed.util.RunUtil;
@@ -73,7 +70,7 @@
 import java.util.regex.Pattern;
 
 @RunWith(DeviceJUnit4ClassRunner.class)
-public class MicrodroidTestCase extends MicrodroidHostTestCaseBase {
+public class MicrodroidHostTests extends MicrodroidHostTestCaseBase {
     private static final String APK_NAME = "MicrodroidTestApp.apk";
     private static final String PACKAGE_NAME = "com.android.microdroid.test";
     private static final String SHELL_PACKAGE_NAME = "com.android.shell";
@@ -106,29 +103,6 @@
         runOnMicrodroidForResult("watch -e \"getprop dev.bootcomplete | grep '^0$'\"");
     }
 
-    @Test
-    @CddTest(requirements = {"9.17/C-1-1", "9.17/C-1-2", "9.17/C-1-4"})
-    public void testCreateVmRequiresPermission() throws Exception {
-        // Revoke the MANAGE_VIRTUAL_MACHINE permission for the test app
-        CommandRunner android = new CommandRunner(getDevice());
-        android.run("pm", "revoke", PACKAGE_NAME, "android.permission.MANAGE_VIRTUAL_MACHINE");
-
-        // Run MicrodroidTests#connectToVmService test, which should fail
-        final DeviceTestRunOptions options =
-                new DeviceTestRunOptions(PACKAGE_NAME)
-                        .setTestClassName(PACKAGE_NAME + ".MicrodroidTests")
-                        .setTestMethodName("connectToVmService[protectedVm=false]")
-                        .setCheckResults(false);
-        assertThat(runDeviceTests(options)).isFalse();
-
-        Map<TestDescription, TestResult> results = getLastDeviceRunResults().getTestResults();
-        assertThat(results).hasSize(1);
-        TestResult result = results.values().toArray(new TestResult[0])[0];
-        assertWithMessage("The test should fail with a permission error")
-                .that(result.getStackTrace())
-                .contains("android.permission.MANAGE_VIRTUAL_MACHINE permission");
-    }
-
     private static JSONObject newPartition(String label, String path) {
         return new JSONObject(Map.of("label", label, "path", path));
     }
@@ -364,13 +338,10 @@
         final String initrdPath = TEST_ROOT + "etc/microdroid_initrd_full_debuggable.img";
         config.put("initrd", initrdPath);
         // Add instance image as a partition in disks[1]
-        disks.put(
-            new JSONObject()
+        disks.put(new JSONObject()
                 .put("writable", true)
-                .put(
-                    "partitions",
-                    new JSONArray()
-                        .put(newPartition("vm-instance", instanceImgPath))));
+                .put("partitions",
+                        new JSONArray().put(newPartition("vm-instance", instanceImgPath))));
         // Add payload image disk with partitions:
         // - payload-metadata
         // - apexes: com.android.os.statsd, com.android.adbd, [sharedlib apex](optional)