Allow preinstalled apps to use the AVF APIs
Guarded by a build-time flag.
Bug: 278765584
Test: Builds, with and without the flag enabled
Test: With flag enabled, preinstalled app gets permission
Change-Id: I9dc43d88060744b1d9d50fd8ff6b12c156bfcbf3
diff --git a/javalib/Android.bp b/javalib/Android.bp
index a124af7..cbc2a17 100644
--- a/javalib/Android.bp
+++ b/javalib/Android.bp
@@ -2,12 +2,25 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
+soong_config_module_type {
+ name: "avf_flag_aware_android_app",
+ module_type: "android_app",
+ config_namespace: "ANDROID",
+ bool_variables: ["release_avf_allow_preinstalled_apps"],
+ properties: ["manifest"],
+}
+
// Defines our permissions
-android_app {
+avf_flag_aware_android_app {
name: "android.system.virtualmachine.res",
installable: true,
apex_available: ["com.android.virt"],
platform_apis: true,
+ soong_config_variables: {
+ release_avf_allow_preinstalled_apps: {
+ manifest: "AndroidManifestNext.xml",
+ },
+ },
}
java_sdk_library {
diff --git a/javalib/AndroidManifestNext.xml b/javalib/AndroidManifestNext.xml
new file mode 100644
index 0000000..ebcb8ba
--- /dev/null
+++ b/javalib/AndroidManifestNext.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ -->
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+ package="com.android.virtualmachine.res">
+
+ <!-- @SystemApi Allows an application to create and run a Virtual Machine
+ using the Virtualization Framework APIs
+ (android.system.virtualmachine.*).
+ <p>Protection level: signature|preinstalled|development
+ @hide
+ -->
+ <permission android:name="android.permission.MANAGE_VIRTUAL_MACHINE"
+ android:protectionLevel="signature|preinstalled|development" />
+
+ <!-- @hide Allows an application to run a Virtual Machine with a custom
+ kernel or a Microdroid configuration file.
+ <p>Not for use by third-party applications.
+ -->
+ <permission android:name="android.permission.USE_CUSTOM_VIRTUAL_MACHINE"
+ android:protectionLevel="signature|development" />
+
+ <!-- @hide Allows an application to access various Virtual Machine debug
+ facilities, e.g. list all running VMs.
+ <p>Not for use by third-party applications.
+ -->
+ <permission android:name="android.permission.DEBUG_VIRTUAL_MACHINE"
+ android:protectionLevel="signature" />
+
+ <application android:hasCode="false" />
+</manifest>