Claim ownership of VM instance during VM transfer Apps can transfer a VM instance to another. Claim the ownership of the VM (at the receiver end) using `claimVmInstance`. Additionally, check that caller has the permission while allocating instance_id. Test: atest #importedVmAndOriginalVmHaveTheSameCdi \ and look for log "Claiming a VM's instance_id *" Bug: 294177871 Change-Id: I870a3ff48cb39bdc8be9cfbb7f55aa1148596c44

commit: bd5eba9959f9a2127a18eda144db0df8b397c88d [log] [tgz]
author: Shikha Panwar <shikhapanwar@google.com> Wed Mar 27 20:23:31 2024 +0000
committer: Shikha Panwar <shikhapanwar@google.com> Thu Apr 04 16:58:42 2024 +0000
tree: 2cf39abb455d2a6bf22f71091b60e023aa1f1d1b
parent: ae05ea3d04b6a85a7d0f5d8f4202700340f2f966 [diff] [blame]
diff --git a/virtualizationmanager/src/aidl.rs b/virtualizationmanager/src/aidl.rs
index b8c6315..a9ccd88 100644
--- a/virtualizationmanager/src/aidl.rs
+++ b/virtualizationmanager/src/aidl.rs

@@ -231,6 +231,7 @@
 
     /// Allocate a new instance_id to the VM
     fn allocateInstanceId(&self) -> binder::Result<[u8; 64]> {
+        check_manage_access()?;
         GLOBAL_SERVICE.allocateInstanceId()
     }
 
@@ -326,6 +327,11 @@
         check_manage_access()?;
         Ok(is_secretkeeper_supported())
     }
+
+    fn claimVmInstance(&self, instance_id: &[u8; 64]) -> binder::Result<()> {
+        check_manage_access()?;
+        GLOBAL_SERVICE.claimVmInstance(instance_id)
+    }
 }
 
 impl VirtualizationService {
commit	bd5eba9959f9a2127a18eda144db0df8b397c88d	[log] [tgz]
author	Shikha Panwar <shikhapanwar@google.com>	Wed Mar 27 20:23:31 2024 +0000
committer	Shikha Panwar <shikhapanwar@google.com>	Thu Apr 04 16:58:42 2024 +0000
tree	2cf39abb455d2a6bf22f71091b60e023aa1f1d1b
parent	ae05ea3d04b6a85a7d0f5d8f4202700340f2f966 [diff] [blame]