Make SecurityException being detected in nativeSpawn
When android.permission.MANAGE_VIRTUAL_MACHINE isn't granted to the app,
framework API should throw SecurityException for permission check. After
granting CAP_SYS_NICE to virtmgr, connection is not made between virtmgr
and Java framework side. This change does sending any single character
from virtmgr through readyFd-waitFd pipe, so that nativeSpawn function
of framework side can detect if connection is healthy, before trying to
create actual binder connection. And this health check can leave more
descriptive error with throwing Security Exception.
Bug: 328051532
Test: atest MicrodroidTestAppNoPerm
Test: atest MicrodroidTestApp
Change-Id: Iee246a136459fbf30e21a480fc9f8a786711324f
diff --git a/virtualizationmanager/src/main.rs b/virtualizationmanager/src/main.rs
index b2a734a..a31fd0a 100644
--- a/virtualizationmanager/src/main.rs
+++ b/virtualizationmanager/src/main.rs
@@ -30,10 +30,10 @@
use lazy_static::lazy_static;
use log::{info, LevelFilter};
use rpcbinder::{FileDescriptorTransportMode, RpcServer};
-use std::os::unix::io::{FromRawFd, OwnedFd, RawFd};
+use std::os::unix::io::{AsFd, FromRawFd, OwnedFd, RawFd};
use clap::Parser;
use nix::fcntl::{fcntl, F_GETFD, F_SETFD, FdFlag};
-use nix::unistd::{Pid, Uid};
+use nix::unistd::{write, Pid, Uid};
use std::os::unix::raw::{pid_t, uid_t};
const LOG_TAG: &str = "virtmgr";
@@ -138,6 +138,8 @@
info!("Started VirtualizationService RpcServer. Ready to accept connections");
// Signal readiness to the caller by closing our end of the pipe.
+ write(ready_fd.as_fd(), "o".as_bytes())
+ .expect("Failed to write a single character through ready_fd");
drop(ready_fd);
server.join();