virtmgr: fail fast on misconfigured device
If the device does not advertise support for protected or
non-protected VMs, but still has the virt APEX installed, then that's
bad.
Fail fast to make this as noticeable as possible, and avoid wasting
resources, rather than waiting for things to go wrong later on.
While I'm here: make sure we consistently say "non-protected" rather
than "unprotected".
Bug: 254599807
Test: manual - fake property read, observe obvious failure
Test: atest MicrodroidTests MicrodroidHostTests
Change-Id: Ia0629f2d5b2094f6c1c41ff0fc3f2a76e285f0d7
diff --git a/virtualizationservice/src/virtmgr.rs b/virtualizationservice/src/virtmgr.rs
index 5616097..dca64cb 100644
--- a/virtualizationservice/src/virtmgr.rs
+++ b/virtualizationservice/src/virtmgr.rs
@@ -33,6 +33,7 @@
use nix::fcntl::{fcntl, F_GETFD, F_SETFD, FdFlag};
use nix::unistd::{Pid, Uid};
use std::os::unix::raw::{pid_t, uid_t};
+use rustutils::system_properties;
const LOG_TAG: &str = "virtmgr";
@@ -91,6 +92,11 @@
Ok(unsafe { OwnedFd::from_raw_fd(raw_fd) })
}
+fn is_property_set(name: &str) -> bool {
+ system_properties::read_bool(name, false)
+ .unwrap_or_else(|e| panic!("Failed to read {name}: {e:?}"))
+}
+
fn main() {
android_logger::init_once(
android_logger::Config::default()
@@ -99,6 +105,15 @@
.with_log_id(android_logger::LogId::System),
);
+ let non_protected_vm_supported = is_property_set("ro.boot.hypervisor.vm.supported");
+ let protected_vm_supported = is_property_set("ro.boot.hypervisor.protected_vm.supported");
+ if !non_protected_vm_supported && !protected_vm_supported {
+ // This should never happen, it indicates a misconfigured device where the virt APEX
+ // is present but VMs are not supported. If it does happen, fail fast to avoid wasting
+ // resources trying.
+ panic!("Device doesn't support protected or unprotected VMs");
+ }
+
let args = Args::parse();
let mut owned_fds = vec![];