Only accept binary name not path
I think we've discussed this a couple of times, although I can't now
find a link.
There's really no reason to specify a path, it's complicated to
describe, and it might open up weird path traversal attacks,so
disallow it.
Rename setPayloadBinaryPath to setPayloadBinaryName to reflect this
(and rename lots of other things to match). Add a check that it isn't
a path, and a test for that (and fix some other tests that were
breaking the new rule).
Also expand on the Javadoc around ABI & 32/64-bit.
Also add a check inside VS (because checks in the payload code can be
bypassed), and a host test for that.
Note that a VM created with a config file can still specify a path
inside the config file; CompOS relies on that to run code from its
APEX.
Bug: 261037705
Test: atest MicrodroidTests MicrodroidHostTests
Change-Id: Ie59b9c81d13a7a3e4ec62cf874d43bfaf6163431
diff --git a/vm/src/main.rs b/vm/src/main.rs
index 002e505..9fa805e 100644
--- a/vm/src/main.rs
+++ b/vm/src/main.rs
@@ -51,9 +51,10 @@
#[clap(long)]
config_path: Option<String>,
- /// Path to VM payload binary within APK (e.g. MicrodroidTestNativeLib.so)
+ /// Name of VM payload binary within APK (e.g. MicrodroidTestNativeLib.so)
#[clap(long)]
- payload_path: Option<String>,
+ #[clap(alias = "payload_path")]
+ payload_binary_name: Option<String>,
/// Name of VM
#[clap(long)]
@@ -258,7 +259,7 @@
storage,
storage_size,
config_path,
- payload_path,
+ payload_binary_name,
daemonize,
console,
log,
@@ -277,7 +278,7 @@
storage.as_deref(),
storage_size,
config_path,
- payload_path,
+ payload_binary_name,
daemonize,
console.as_deref(),
log.as_deref(),