Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / c874cd2131a0f3dc7c6c4fec0db74b3275b27ca1^! / . / vm_payload / wrapper / lib.rs
commitc874cd2131a0f3dc7c6c4fec0db74b3275b27ca1[log] [tgz]
authorAlan Stokes <alanstokes@google.com>Tue Jun 11 16:23:18 2024 +0100
committerAlan Stokes <alanstokes@google.com>Mon Jun 17 09:43:52 2024 +0000
treea91109a932df22c5f55ce484004bc6e95fbe5061
parent9fd57b04ea903d93a5e03c57fd8584bf1787631c [diff] [blame]
Add tests for Rust VM Payload

Make sure we exercise the Rust wrapper by having a test payload using
it.

API tweaks in the process:
- Add a module for restricted functions to make them more obvious.
- Remove a bogus generic parameter.

Test tweaks in the process:
- Test retrieving VM secrets in more places, it's not a restricted
  operation unlike CDIs etc.

Note that attestation-related APIs are exercised by
VmAttestationTestApp, so aren't covered here.

Bug: 340857915
Test: atest MicrodroidTests
Change-Id: I8f4166ffea5db17381875c83119c592d6be48296

diff --git a/vm_payload/wrapper/lib.rs b/vm_payload/wrapper/lib.rs
index bc26802..d3f03d7 100644
--- a/vm_payload/wrapper/lib.rs
+++ b/vm_payload/wrapper/lib.rs

@@ -22,9 +22,7 @@
 
 mod attestation;
 
-pub use attestation::{
-    request_attestation, request_attestation_for_testing, AttestationError, AttestationResult,
-};
+pub use attestation::{request_attestation, AttestationError, AttestationResult};
 use binder::unstable_api::AsNative;
 use binder::{FromIBinder, Strong};
 use std::ffi::{c_void, CStr, OsStr};
@@ -36,6 +34,16 @@
     AVmPayload_getVmInstanceSecret, AVmPayload_notifyPayloadReady, AVmPayload_runVsockRpcServer,
 };
 
+/// The functions declared here are restricted to VMs created with a config file;
+/// they will fail, or panic, if called in other VMs. The ability to create such VMs
+/// requires the android.permission.USE_CUSTOM_VIRTUAL_MACHINE permission, and is
+/// therefore not available to privileged or third party apps.
+///
+/// These functions can be used by tests, if the permission is granted via shell.
+pub mod restricted {
+    pub use crate::attestation::request_attestation_for_testing;
+}
+
 /// Marks the main function of the VM payload.
 ///
 /// When the VM is run, this function is called. If it returns, the VM ends normally with a 0 exit
@@ -171,7 +179,7 @@
 ///
 /// The secret is returned in [`secret`], truncated to its size, which must be between
 /// 1 and 32 bytes (inclusive) or the function will panic.
-pub fn get_vm_instance_secret<const N: usize>(identifier: &[u8], secret: &mut [u8]) {
+pub fn get_vm_instance_secret(identifier: &[u8], secret: &mut [u8]) {
     let secret_size = secret.len();
     assert!((1..=32).contains(&secret_size), "VM instance secrets can be up to 32 bytes long");