Merge "[benchmark][authfs] Add benchmarks for authfs random read"
diff --git a/OWNERS b/OWNERS
index 5bd97f3..ecd24ed 100644
--- a/OWNERS
+++ b/OWNERS
@@ -9,6 +9,7 @@
# Other owners
alanstokes@google.com
+aliceywang@google.com
ardb@google.com
ascull@google.com
inseob@google.com
diff --git a/libs/apkverify/Android.bp b/libs/apkverify/Android.bp
index 78192d2..1862820 100644
--- a/libs/apkverify/Android.bp
+++ b/libs/apkverify/Android.bp
@@ -33,6 +33,7 @@
name: "libapkverify.test",
defaults: ["libapkverify.defaults"],
test_suites: ["general-tests"],
+ rustlibs: ["libhex"],
data: ["tests/data/*"],
}
diff --git a/libs/apkverify/src/v4.rs b/libs/apkverify/src/v4.rs
index 715f742..6c085f6 100644
--- a/libs/apkverify/src/v4.rs
+++ b/libs/apkverify/src/v4.rs
@@ -312,10 +312,6 @@
const TEST_APK_PATH: &str = "tests/data/v4-digest-v3-Sha256withEC.apk";
- fn hexstring_from(s: &[u8]) -> String {
- s.iter().map(|byte| format!("{:02x}", byte)).reduce(|i, j| i + &j).unwrap_or_default()
- }
-
#[test]
fn parse_idsig_file() {
let parsed = V4Signature::from_idsig_path(format!("{}.idsig", TEST_APK_PATH)).unwrap();
@@ -325,22 +321,22 @@
let hi = parsed.hashing_info;
assert_eq!(HashAlgorithm::SHA256, hi.hash_algorithm);
assert_eq!(12, hi.log2_blocksize);
- assert_eq!("", hexstring_from(hi.salt.as_ref()));
+ assert_eq!("", hex::encode(hi.salt.as_ref()));
assert_eq!(
"77f063b48b63f846690fa76450a8d3b61a295b6158f50592e873f76dbeeb0201",
- hexstring_from(hi.raw_root_hash.as_ref())
+ hex::encode(hi.raw_root_hash.as_ref())
);
let si = parsed.signing_info;
assert_eq!(
"c02fe2eddeb3078801828b930de546ea4f98d37fb98b40c7c7ed169b0d713583",
- hexstring_from(si.apk_digest.as_ref())
+ hex::encode(si.apk_digest.as_ref())
);
- assert_eq!("", hexstring_from(si.additional_data.as_ref()));
+ assert_eq!("", hex::encode(si.additional_data.as_ref()));
assert_eq!(
"3046022100fb6383ba300dc7e1e6931a25b381398a16e5575baefd82afd12ba88660d9a6\
4c022100ebdcae13ab18c4e30bf6ae634462e526367e1ba26c2647a1d87a0f42843fc128",
- hexstring_from(si.signature.as_ref())
+ hex::encode(si.signature.as_ref())
);
assert_eq!(SignatureAlgorithmID::EcdsaWithSha256, si.signature_algorithm_id);
diff --git a/virtualizationservice/aidl/android/system/virtualizationservice/VirtualMachineDebugInfo.aidl b/virtualizationservice/aidl/android/system/virtualizationservice/VirtualMachineDebugInfo.aidl
index bed4097..424eec1 100644
--- a/virtualizationservice/aidl/android/system/virtualizationservice/VirtualMachineDebugInfo.aidl
+++ b/virtualizationservice/aidl/android/system/virtualizationservice/VirtualMachineDebugInfo.aidl
@@ -28,9 +28,6 @@
/** The UID of the process which requested the VM. */
int requesterUid;
- /** The SID of the process which requested the VM. */
- @utf8InCpp String requesterSid;
-
/**
* The PID of the process which requested the VM. Note that this process may no longer exist and
* the PID may have been reused for a different process, so this should not be trusted.
diff --git a/virtualizationservice/src/aidl.rs b/virtualizationservice/src/aidl.rs
index f956062..e8cbb6e 100644
--- a/virtualizationservice/src/aidl.rs
+++ b/virtualizationservice/src/aidl.rs
@@ -111,8 +111,6 @@
.or(Err(StatusCode::UNKNOWN_ERROR))?;
writeln!(file, "\trequester_uid: {}", vm.requester_uid)
.or(Err(StatusCode::UNKNOWN_ERROR))?;
- writeln!(file, "\trequester_sid: {}", vm.requester_sid)
- .or(Err(StatusCode::UNKNOWN_ERROR))?;
writeln!(file, "\trequester_debug_pid: {}", vm.requester_debug_pid)
.or(Err(StatusCode::UNKNOWN_ERROR))?;
}
@@ -217,7 +215,6 @@
cid: vm.cid as i32,
temporaryDirectory: vm.temporary_directory.to_string_lossy().to_string(),
requesterUid: vm.requester_uid as i32,
- requesterSid: vm.requester_sid.clone(),
requesterPid: vm.requester_debug_pid,
state: get_state(&vm),
})
@@ -346,7 +343,6 @@
let console_fd = console_fd.map(clone_file).transpose()?;
let log_fd = log_fd.map(clone_file).transpose()?;
let requester_uid = ThreadState::get_calling_uid();
- let requester_sid = get_calling_sid()?;
let requester_debug_pid = ThreadState::get_calling_pid();
let cid = next_cid().or(Err(ExceptionCode::ILLEGAL_STATE))?;
@@ -466,20 +462,14 @@
detect_hangup: is_app_config,
};
let instance = Arc::new(
- VmInstance::new(
- crosvm_config,
- temporary_directory,
- requester_uid,
- requester_sid,
- requester_debug_pid,
- )
- .map_err(|e| {
- error!("Failed to create VM with config {:?}: {:?}", config, e);
- Status::new_service_specific_error_str(
- -1,
- Some(format!("Failed to create VM: {:?}", e)),
- )
- })?,
+ VmInstance::new(crosvm_config, temporary_directory, requester_uid, requester_debug_pid)
+ .map_err(|e| {
+ error!("Failed to create VM with config {:?}: {:?}", config, e);
+ Status::new_service_specific_error_str(
+ -1,
+ Some(format!("Failed to create VM: {:?}", e)),
+ )
+ })?,
);
state.add_vm(Arc::downgrade(&instance));
Ok(VirtualMachine::create(instance))
@@ -705,27 +695,6 @@
footer: PathBuf,
}
-/// Gets the calling SID of the current Binder thread.
-fn get_calling_sid() -> Result<String, Status> {
- ThreadState::with_calling_sid(|sid| {
- if let Some(sid) = sid {
- match sid.to_str() {
- Ok(sid) => Ok(sid.to_owned()),
- Err(e) => {
- error!("SID was not valid UTF-8: {}", e);
- Err(Status::new_exception_str(
- ExceptionCode::ILLEGAL_ARGUMENT,
- Some(format!("SID was not valid UTF-8: {}", e)),
- ))
- }
- }
- } else {
- error!("Missing SID on createVm");
- Err(Status::new_exception_str(ExceptionCode::SECURITY, Some("Missing SID on createVm")))
- }
- })
-}
-
/// Checks whether the caller has a specific permission
fn check_permission(perm: &str) -> binder::Result<()> {
let calling_pid = ThreadState::get_calling_pid();
diff --git a/virtualizationservice/src/crosvm.rs b/virtualizationservice/src/crosvm.rs
index 54cdeb6..fa961c2 100644
--- a/virtualizationservice/src/crosvm.rs
+++ b/virtualizationservice/src/crosvm.rs
@@ -185,8 +185,6 @@
pub temporary_directory: PathBuf,
/// The UID of the process which requested the VM.
pub requester_uid: u32,
- /// The SID of the process which requested the VM.
- pub requester_sid: String,
/// The PID of the process which requested the VM. Note that this process may no longer exist
/// and the PID may have been reused for a different process, so this should not be trusted.
pub requester_debug_pid: i32,
@@ -210,7 +208,6 @@
config: CrosvmConfig,
temporary_directory: PathBuf,
requester_uid: u32,
- requester_sid: String,
requester_debug_pid: i32,
) -> Result<VmInstance, Error> {
validate_config(&config)?;
@@ -224,7 +221,6 @@
protected,
temporary_directory,
requester_uid,
- requester_sid,
requester_debug_pid,
callbacks: Default::default(),
stream: Mutex::new(None),
diff --git a/virtualizationservice/src/main.rs b/virtualizationservice/src/main.rs
index cb10eff..327a45d 100644
--- a/virtualizationservice/src/main.rs
+++ b/virtualizationservice/src/main.rs
@@ -50,10 +50,7 @@
clear_temporary_files().expect("Failed to delete old temporary files");
let service = VirtualizationService::init();
- let service = BnVirtualizationService::new_binder(
- service,
- BinderFeatures { set_requesting_sid: true, ..BinderFeatures::default() },
- );
+ let service = BnVirtualizationService::new_binder(service, BinderFeatures::default());
register_lazy_service(BINDER_SERVICE_IDENTIFIER, service.as_binder()).unwrap();
info!("Registered Binder service, joining threadpool.");
ProcessState::join_thread_pool();