Restrict setting cpu affinity or task profiles
Require the USE_CUSTOM_VIRTUAL_MACHINE permission so that only
platform signed code can use these features.
Bug: 243513572
Test: atest MicrodroidTests MicrodroidHostTestCases
Tests: composd_cmd test-compile
Change-Id: I2735995789d12aae57217f0b9b0b493055f11843
diff --git a/virtualizationservice/aidl/android/system/virtualizationservice/VirtualMachineAppConfig.aidl b/virtualizationservice/aidl/android/system/virtualizationservice/VirtualMachineAppConfig.aidl
index d86f2bf..a6b228d 100644
--- a/virtualizationservice/aidl/android/system/virtualizationservice/VirtualMachineAppConfig.aidl
+++ b/virtualizationservice/aidl/android/system/virtualizationservice/VirtualMachineAppConfig.aidl
@@ -68,11 +68,15 @@
* Comma-separated list of CPUs or CPU ranges to run vCPUs on (e.g. 0,1-3,5), or
* colon-separated list of assignments of vCPU to host CPU assignments (e.g. 0=0:1=1:2=2).
* Default is no mask which means a vCPU can run on any host CPU.
+ *
+ * Note: Using a non-null value requires android.permission.USE_CUSTOM_VIRTUAL_MACHINE.
*/
@nullable String cpuAffinity;
/**
* List of task profile names to apply for the VM
+ *
+ * Note: Specifying a value here requires android.permission.USE_CUSTOM_VIRTUAL_MACHINE.
*/
String[] taskProfiles;
}
diff --git a/virtualizationservice/src/aidl.rs b/virtualizationservice/src/aidl.rs
index 352b4f1..dcc2d48 100644
--- a/virtualizationservice/src/aidl.rs
+++ b/virtualizationservice/src/aidl.rs
@@ -596,6 +596,12 @@
config: &VirtualMachineAppConfig,
temporary_directory: &Path,
) -> Result<VirtualMachineRawConfig> {
+ // Controlling CPUs is reserved for platform apps only, even when using
+ // VirtualMachineAppConfig.
+ if config.cpuAffinity.is_some() || !config.taskProfiles.is_empty() {
+ check_use_custom_virtual_machine()?
+ }
+
let apk_file = clone_file(config.apk.as_ref().unwrap())?;
let idsig_file = clone_file(config.idsig.as_ref().unwrap())?;
let instance_file = clone_file(config.instanceImage.as_ref().unwrap())?;