Merge "Add test to check if microdroid selinux is enabled"
diff --git a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
index 0587299..63fdca1 100644
--- a/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
+++ b/tests/testapk/src/java/com/android/microdroid/test/MicrodroidTests.java
@@ -38,6 +38,7 @@
import android.system.virtualmachine.VirtualMachineException;
import android.system.virtualmachine.VirtualMachineManager;
+import androidx.annotation.CallSuper;
import androidx.test.core.app.ApplicationProvider;
import com.android.microdroid.testservice.ITestService;
@@ -114,13 +115,7 @@
}
void forceStop(VirtualMachine vm) {
- try {
- vm.stop();
- this.onDied(vm, VirtualMachineCallback.DEATH_REASON_KILLED);
- mExecutorService.shutdown();
- } catch (VirtualMachineException e) {
- throw new RuntimeException(e);
- }
+ this.onDied(vm, VirtualMachineCallback.DEATH_REASON_KILLED);
}
@Override
@@ -136,7 +131,15 @@
public void onError(VirtualMachine vm, int errorCode, String message) {}
@Override
- public void onDied(VirtualMachine vm, @DeathReason int reason) {}
+ @CallSuper
+ public void onDied(VirtualMachine vm, @DeathReason int reason) {
+ try {
+ vm.stop();
+ mExecutorService.shutdown();
+ } catch (VirtualMachineException e) {
+ throw new RuntimeException(e);
+ }
+ }
}
private static final int MIN_MEM_ARM64 = 135;
@@ -214,6 +217,7 @@
public void onDied(VirtualMachine vm, @DeathReason int reason) {
assertTrue(mPayloadReadyCalled);
assertTrue(mPayloadStartedCalled);
+ super.onDied(vm, reason);
}
};
listener.runToFinish(mInner.mVm);
@@ -277,6 +281,7 @@
public void onDied(VirtualMachine vm, @DeathReason int reason) {
assertFalse(mPayloadStarted);
assertTrue(mErrorOccurred);
+ super.onDied(vm, reason);
}
};
listener.runToFinish(mInner.mVm);
@@ -378,6 +383,7 @@
@Override
public void onDied(VirtualMachine vm, @DeathReason int reason) {
assertTrue(mPayloadReadyCalled);
+ super.onDied(vm, reason);
}
};
listener.runToFinish(mInner.mVm);
@@ -420,6 +426,7 @@
public void onDied(VirtualMachine vm, @DeathReason int reason) {
assertFalse(mPayloadStarted);
assertTrue(mErrorOccurred);
+ super.onDied(vm, reason);
}
};
listener.runToFinish(mInner.mVm);
diff --git a/virtualizationservice/src/aidl.rs b/virtualizationservice/src/aidl.rs
index 7e0c634..89c6e8a 100644
--- a/virtualizationservice/src/aidl.rs
+++ b/virtualizationservice/src/aidl.rs
@@ -29,7 +29,6 @@
IVirtualizationService::IVirtualizationService,
Partition::Partition,
PartitionType::PartitionType,
- VirtualMachineAppConfig::DebugLevel::DebugLevel,
VirtualMachineAppConfig::VirtualMachineAppConfig,
VirtualMachineConfig::VirtualMachineConfig,
VirtualMachineDebugInfo::VirtualMachineDebugInfo,
@@ -131,8 +130,8 @@
) -> binder::Result<Strong<dyn IVirtualMachine>> {
check_manage_access()?;
let state = &mut *self.state.lock().unwrap();
- let mut console_fd = console_fd.map(clone_file).transpose()?;
- let mut log_fd = log_fd.map(clone_file).transpose()?;
+ let console_fd = console_fd.map(clone_file).transpose()?;
+ let log_fd = log_fd.map(clone_file).transpose()?;
let requester_uid = ThreadState::get_calling_uid();
let requester_sid = get_calling_sid()?;
let requester_debug_pid = ThreadState::get_calling_pid();
@@ -163,27 +162,7 @@
)
})?;
- // Disable console logging if debug level != full. Note that kernel anyway doesn't use the
- // console output when debug level != full. So, users won't be able to see the kernel
- // output even without this overriding. This is to silence output from the bootloader which
- // doesn't understand the bootconfig parameters.
- if let VirtualMachineConfig::AppConfig(config) = config {
- if config.debugLevel != DebugLevel::FULL {
- console_fd = None;
- }
- if config.debugLevel == DebugLevel::NONE {
- log_fd = None;
- }
- }
-
let is_app_config = matches!(config, VirtualMachineConfig::AppConfig(_));
- let is_debug_level_full = matches!(
- config,
- VirtualMachineConfig::AppConfig(VirtualMachineAppConfig {
- debugLevel: DebugLevel::FULL,
- ..
- })
- );
let config = match config {
VirtualMachineConfig::AppConfig(config) => BorrowedOrOwned::Owned(
@@ -201,14 +180,6 @@
let config = config.as_ref();
let protected = config.protectedVm;
- // Debug level FULL is only supported for non-protected VMs.
- if is_debug_level_full && protected {
- return Err(new_binder_exception(
- ExceptionCode::SERVICE_SPECIFIC,
- "FULL debug level not supported for protected VMs.",
- ));
- };
-
// Check if partition images are labeled incorrectly. This is to prevent random images
// which are not protected by the Android Verified Boot (e.g. bits downloaded by apps) from
// being loaded in a pVM. Specifically, for images in the raw config, nothing is allowed