Merge "Remove connect_console in vm_config.json" into main

commit: 7e7a6190616d1a6c9a604752356b84c0b2c64a41 [log] [tgz]
author: Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> Wed Nov 13 05:17:17 2024 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Nov 13 05:17:17 2024 +0000
tree: 501ececfb0032c816f93ef80ba2f845f64e46668
parent: 18329c1bb91e0c4d8a73879ffdb0c3717c09079f [diff]
parent: 5b1d9b3ee4a4df633aa18981b5df06e6e289a787 [diff]
diff --git a/android/TerminalApp/java/com/android/virtualization/terminal/InstallerActivity.java b/android/TerminalApp/java/com/android/virtualization/terminal/InstallerActivity.java
index 0774bb1..1abba85 100644
--- a/android/TerminalApp/java/com/android/virtualization/terminal/InstallerActivity.java
+++ b/android/TerminalApp/java/com/android/virtualization/terminal/InstallerActivity.java

@@ -32,11 +32,11 @@
 import android.view.View;
 import android.widget.CheckBox;
 import android.widget.TextView;
-import android.widget.Toast;
 
 import com.android.internal.annotations.VisibleForTesting;
 
 import com.google.android.material.progressindicator.LinearProgressIndicator;
+import com.google.android.material.snackbar.Snackbar;
 
 import java.lang.ref.WeakReference;
 import java.util.concurrent.ExecutorService;
@@ -110,10 +110,10 @@
 
     public void handleCriticalError(Exception e) {
         if (Build.isDebuggable()) {
-            Toast.makeText(
-                            this,
+            Snackbar.make(
+                            findViewById(android.R.id.content),
                             e.getMessage() + ". File a bugreport to go/ferrochrome-bug",
-                            Toast.LENGTH_LONG)
+                            Snackbar.LENGTH_INDEFINITE)
                     .show();
         }
         Log.e(TAG, "Internal error", e);
@@ -189,9 +189,9 @@
 
     @MainThread
     private void handleError(String displayText) {
-        // TODO(b/375542145): Display error with snackbar.
         if (Build.isDebuggable()) {
-            Toast.makeText(this, displayText, Toast.LENGTH_LONG).show();
+            Snackbar.make(findViewById(android.R.id.content), displayText, Snackbar.LENGTH_LONG)
+                    .show();
         }
         setInstallEnabled(true);
     }

diff --git a/android/TerminalApp/java/com/android/virtualization/terminal/MainActivity.java b/android/TerminalApp/java/com/android/virtualization/terminal/MainActivity.java
index ebf6154..fdf1f3b 100644
--- a/android/TerminalApp/java/com/android/virtualization/terminal/MainActivity.java
+++ b/android/TerminalApp/java/com/android/virtualization/terminal/MainActivity.java

@@ -88,7 +88,7 @@
     private AccessibilityManager mAccessibilityManager;
     private ConditionVariable mBootCompleted = new ConditionVariable();
     private static final int POST_NOTIFICATIONS_PERMISSION_REQUEST_CODE = 101;
-    private ActivityResultLauncher<Intent> manageExternalStorageActivityResultLauncher;
+    private ActivityResultLauncher<Intent> mManageExternalStorageActivityResultLauncher;
     private static int diskSizeStep;
 
     @Override
@@ -122,27 +122,17 @@
         readClientCertificate();
         connectToTerminalService();
 
-        manageExternalStorageActivityResultLauncher =
+        mManageExternalStorageActivityResultLauncher =
                 registerForActivityResult(
                         new ActivityResultContracts.StartActivityForResult(),
                         (ActivityResult result) -> {
-                            if (Environment.isExternalStorageManager()) {
-                                Toast.makeText(this, "Storage permission set!", Toast.LENGTH_SHORT)
-                                        .show();
-                            } else {
-                                Toast.makeText(
-                                                this,
-                                                "Storage permission not set",
-                                                Toast.LENGTH_SHORT)
-                                        .show();
-                            }
                             startVm();
                         });
 
         // if installer is launched, it will be handled in onActivityResult
         if (!launchInstaller) {
             if (!Environment.isExternalStorageManager()) {
-                requestStoragePermissions(this, manageExternalStorageActivityResultLauncher);
+                requestStoragePermissions(this, mManageExternalStorageActivityResultLauncher);
             } else {
                 startVm();
             }
@@ -435,7 +425,7 @@
                 finish();
             }
             if (!Environment.isExternalStorageManager()) {
-                requestStoragePermissions(this, manageExternalStorageActivityResultLauncher);
+                requestStoragePermissions(this, mManageExternalStorageActivityResultLauncher);
             } else {
                 startVm();
             }

diff --git a/build/debian/fai_config/package_config/AVF b/build/debian/fai_config/package_config/AVF
index 7d86d41..1be57fe 100644
--- a/build/debian/fai_config/package_config/AVF
+++ b/build/debian/fai_config/package_config/AVF

@@ -1,4 +1,3 @@
 PACKAGES install
 
-# Just for testing
-tree
+procps

diff --git a/guest/trusty/security_vm/launcher/src/main.rs b/guest/trusty/security_vm/launcher/src/main.rs
index bdb4ed8..4298181 100644
--- a/guest/trusty/security_vm/launcher/src/main.rs
+++ b/guest/trusty/security_vm/launcher/src/main.rs

@@ -15,8 +15,8 @@
 //! A client for trusty security VMs during early boot.
 
 use android_system_virtualizationservice::aidl::android::system::virtualizationservice::{
-    IVirtualizationService::IVirtualizationService, VirtualMachineConfig::VirtualMachineConfig,
-    VirtualMachineRawConfig::VirtualMachineRawConfig,
+    CpuTopology::CpuTopology, IVirtualizationService::IVirtualizationService,
+    VirtualMachineConfig::VirtualMachineConfig, VirtualMachineRawConfig::VirtualMachineRawConfig,
 };
 use android_system_virtualizationservice::binder::{ParcelFileDescriptor, Strong};
 use anyhow::{Context, Result};
@@ -26,7 +26,8 @@
 use vmclient::VmInstance;
 
 #[derive(Parser)]
-struct Args {
+/// Collection of CLI for trusty_security_vm_launcher
+pub struct Args {
     /// Path to the trusty kernel image.
     #[arg(long)]
     kernel: PathBuf,
@@ -42,6 +43,10 @@
     /// Memory size of the VM in MiB
     #[arg(long, default_value_t = 128)]
     memory_size_mib: i32,
+
+    /// CPU Topology exposed to the VM <one-cpu|match_host>
+    #[arg(long, default_value = "one_cpu", value_parser = parse_cpu_topology)]
+    cpu_topology: CpuTopology,
 }
 
 fn get_service() -> Result<Strong<dyn IVirtualizationService>> {
@@ -50,6 +55,14 @@
     virtmgr.connect().context("Failed to connect to VirtualizationService")
 }
 
+fn parse_cpu_topology(s: &str) -> Result<CpuTopology, String> {
+    match s {
+        "one-cpu" => Ok(CpuTopology::ONE_CPU),
+        "match-host" => Ok(CpuTopology::MATCH_HOST),
+        _ => Err(format!("Invalid cpu topology {}", s)),
+    }
+}
+
 fn main() -> Result<()> {
     let args = Args::parse();
 
@@ -63,6 +76,7 @@
         kernel: Some(ParcelFileDescriptor::new(kernel)),
         protectedVm: args.protected,
         memoryMib: args.memory_size_mib,
+        cpuTopology: args.cpu_topology,
         platformVersion: "~1.0".to_owned(),
         // TODO: add instanceId
         ..Default::default()

diff --git a/libs/vm_launcher_lib/java/com/android/virtualization/vmlauncher/DebianServiceImpl.java b/libs/vm_launcher_lib/java/com/android/virtualization/vmlauncher/DebianServiceImpl.java
index 1f65fcb..68ff2ec 100644
--- a/libs/vm_launcher_lib/java/com/android/virtualization/vmlauncher/DebianServiceImpl.java
+++ b/libs/vm_launcher_lib/java/com/android/virtualization/vmlauncher/DebianServiceImpl.java

@@ -59,20 +59,6 @@
         mCallback = callback;
         mContext = context;
         mSharedPref = mContext.getSharedPreferences(PREFERENCE_FILE_KEY, Context.MODE_PRIVATE);
-        // TODO(b/340126051): Instead of putting fixed value, receive active port list info from the
-        // guest.
-        if (!mSharedPref.contains(PREFERENCE_FORWARDING_PORTS)) {
-            SharedPreferences.Editor editor = mSharedPref.edit();
-            Set<String> ports = new HashSet<>();
-            for (int port = 8080; port < 8090; port++) {
-                ports.add(Integer.toString(port));
-                editor.putBoolean(
-                        PREFERENCE_FORWARDING_PORT_IS_ENABLED_PREFIX + Integer.toString(port),
-                        false);
-            }
-            editor.putStringSet(PREFERENCE_FORWARDING_PORTS, ports);
-            editor.apply();
-        }
     }
 
     @Override
@@ -80,7 +66,21 @@
             ReportVmActivePortsRequest request,
             StreamObserver<ReportVmActivePortsResponse> responseObserver) {
         Log.d(DebianServiceImpl.TAG, "reportVmActivePorts: " + request.toString());
-        // TODO(b/340126051): Modify shared preference based on information in the request.
+
+        SharedPreferences.Editor editor = mSharedPref.edit();
+        Set<String> ports = new HashSet<>();
+        for (int port : request.getPortsList()) {
+            ports.add(Integer.toString(port));
+            if (!mSharedPref.contains(
+                    PREFERENCE_FORWARDING_PORT_IS_ENABLED_PREFIX + Integer.toString(port))) {
+                editor.putBoolean(
+                        PREFERENCE_FORWARDING_PORT_IS_ENABLED_PREFIX + Integer.toString(port),
+                        false);
+            }
+        }
+        editor.putStringSet(PREFERENCE_FORWARDING_PORTS, ports);
+        editor.apply();
+
         ReportVmActivePortsResponse reply =
                 ReportVmActivePortsResponse.newBuilder().setSuccess(true).build();
         responseObserver.onNext(reply);

diff --git a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
index 917a027..a6c79cb 100644
--- a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
+++ b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java

@@ -221,6 +221,7 @@
 
     @Test
     @CddTest(requirements = {"9.17/C-1-1", "9.17/C-2-1"})
+    @VsrTest(requirements = {"VSR-7.1-001.006"})
     public void vmAttestationWhenRemoteAttestationIsNotSupported() throws Exception {
         // pVM remote attestation is only supported on protected VMs.
         assumeProtectedVM();
@@ -249,6 +250,7 @@
 
     @Test
     @CddTest(requirements = {"9.17/C-1-1", "9.17/C-2-1"})
+    @VsrTest(requirements = {"VSR-7.1-001.006"})
     public void vmAttestationWithVendorPartitionWhenSupported() throws Exception {
         // pVM remote attestation is only supported on protected VMs.
         assumeProtectedVM();
@@ -267,6 +269,7 @@
 
     @Test
     @CddTest(requirements = {"9.17/C-1-1", "9.17/C-2-1"})
+    @VsrTest(requirements = {"VSR-7.1-001.006"})
     public void vmAttestationWhenRemoteAttestationIsSupported() throws Exception {
         // pVM remote attestation is only supported on protected VMs.
         assumeProtectedVM();
commit	7e7a6190616d1a6c9a604752356b84c0b2c64a41	[log] [tgz]
author	Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com>	Wed Nov 13 05:17:17 2024 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed Nov 13 05:17:17 2024 +0000
tree	501ececfb0032c816f93ef80ba2f845f64e46668
parent	18329c1bb91e0c4d8a73879ffdb0c3717c09079f [diff]
parent	5b1d9b3ee4a4df633aa18981b5df06e6e289a787 [diff]