Merge "vmbase: Provide baremetal DiceClearMemory() as lib" into main
diff --git a/android/TerminalApp/AndroidManifest.xml b/android/TerminalApp/AndroidManifest.xml
index 6a1ecaf..1af6c8a 100644
--- a/android/TerminalApp/AndroidManifest.xml
+++ b/android/TerminalApp/AndroidManifest.xml
@@ -34,6 +34,7 @@
android:icon="@mipmap/ic_launcher"
android:theme="@style/Theme.Material3.DayNight.NoActionBar"
android:usesCleartextTraffic="true"
+ android:supportsRtl="true"
android:enabled="false">
<activity android:name=".MainActivity"
android:configChanges="orientation|screenSize|keyboard|keyboardHidden|navigation|uiMode|screenLayout|smallestScreenSize"
diff --git a/android/TerminalApp/java/com/android/virtualization/terminal/MainActivity.java b/android/TerminalApp/java/com/android/virtualization/terminal/MainActivity.java
index 10451ec..2f0d301 100644
--- a/android/TerminalApp/java/com/android/virtualization/terminal/MainActivity.java
+++ b/android/TerminalApp/java/com/android/virtualization/terminal/MainActivity.java
@@ -289,16 +289,6 @@
}
}
- public static File getPartitionFile(Context context, String fileName)
- throws FileNotFoundException {
- File file = new File(InstallUtils.getInternalStorageDir(context), fileName);
- if (!file.exists()) {
- Log.d(TAG, file.getAbsolutePath() + " - file not found");
- throw new FileNotFoundException("File not found: " + fileName);
- }
- return file;
- }
-
private static void allocateSpace(File file, long sizeInBytes) throws IOException {
try {
RandomAccessFile raf = new RandomAccessFile(file, "rw");
@@ -536,7 +526,7 @@
private void resizeDiskIfNecessary() {
try {
- File file = getPartitionFile(this, "root_part");
+ File file = InstallUtils.getRootfsFile(this);
SharedPreferences sharedPref = this.getSharedPreferences(
getString(R.string.preference_file_key), Context.MODE_PRIVATE);
SharedPreferences.Editor editor = sharedPref.edit();
diff --git a/android/TerminalApp/java/com/android/virtualization/terminal/SettingsActivity.kt b/android/TerminalApp/java/com/android/virtualization/terminal/SettingsActivity.kt
index 03768e9..73bb0b9 100644
--- a/android/TerminalApp/java/com/android/virtualization/terminal/SettingsActivity.kt
+++ b/android/TerminalApp/java/com/android/virtualization/terminal/SettingsActivity.kt
@@ -30,7 +30,6 @@
val toolbar: MaterialToolbar = findViewById(R.id.settings_toolbar)
setSupportActionBar(toolbar)
- supportActionBar?.title = resources.getString(R.string.action_settings)
val settingsItems = arrayOf(
SettingsItem(
resources.getString(R.string.settings_disk_resize_title),
diff --git a/android/TerminalApp/java/com/android/virtualization/terminal/SettingsDiskResizeActivity.kt b/android/TerminalApp/java/com/android/virtualization/terminal/SettingsDiskResizeActivity.kt
index 58be98d..7ccce9c 100644
--- a/android/TerminalApp/java/com/android/virtualization/terminal/SettingsDiskResizeActivity.kt
+++ b/android/TerminalApp/java/com/android/virtualization/terminal/SettingsDiskResizeActivity.kt
@@ -27,6 +27,7 @@
import android.widget.TextView
import androidx.appcompat.app.AppCompatActivity
import androidx.core.view.isVisible
+import com.android.virtualization.vmlauncher.InstallUtils
import com.google.android.material.button.MaterialButton
import com.google.android.material.slider.Slider
import java.util.regex.Pattern
@@ -55,7 +56,7 @@
0
)
).toFloat();
- val partition = MainActivity.getPartitionFile(this, "root_part")
+ val partition = InstallUtils.getRootfsFile(this)
val minDiskSizeMb =
bytesToMb(MainActivity.getMinFilesystemSize(partition)).toFloat()
.coerceAtMost(diskSizeMb)
diff --git a/android/TerminalApp/res/layout/activity_installer.xml b/android/TerminalApp/res/layout/activity_installer.xml
index ce37129..fcd3f1a 100644
--- a/android/TerminalApp/res/layout/activity_installer.xml
+++ b/android/TerminalApp/res/layout/activity_installer.xml
@@ -38,8 +38,7 @@
android:adjustViewBounds="true"
android:layout_alignParentStart="true"
android:layout_marginTop="48dp"
- android:layout_marginLeft="32dp"
- android:layout_marginRight="32dp"
+ android:layout_marginHorizontal="32dp"
app:tint="?attr/colorPrimary" />
<TextView
@@ -49,10 +48,8 @@
android:singleLine="false"
android:text="@string/installer_title_text"
android:layout_below="@id/installer_terminal_icon"
- android:layout_marginTop="24dp"
- android:layout_marginBottom="24dp"
- android:layout_marginLeft="32dp"
- android:layout_marginRight="32dp"
+ android:layout_marginVertical="24dp"
+ android:layout_marginHorizontal="32dp"
android:textSize="36sp" />
<TextView
@@ -63,8 +60,7 @@
android:layout_below="@id/installer_title"
android:lineSpacingExtra="5dp"
android:layout_marginTop="24dp"
- android:layout_marginLeft="32dp"
- android:layout_marginRight="32dp"
+ android:layout_marginHorizontal="32dp"
android:textSize="16sp" />
<CheckBox
@@ -72,8 +68,7 @@
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:textSize="16sp"
- android:layout_marginLeft="42dp"
- android:layout_marginRight="42dp"
+ android:layout_marginHorizontal="42dp"
android:layout_above="@id/installer_install_button"
android:layout_alignParentEnd="true"
android:text="@string/installer_wait_for_wifi_checkbox_text" />
@@ -85,8 +80,7 @@
android:layout_alignParentBottom="true"
android:layout_alignParentEnd="true"
android:layout_marginBottom="32dp"
- android:layout_marginLeft="40dp"
- android:layout_marginRight="40dp"
+ android:layout_marginHorizontal="40dp"
android:backgroundTint="?attr/colorPrimaryDark"
android:text="@string/installer_install_button_enabled_text" />
</RelativeLayout>
diff --git a/android/TerminalApp/res/layout/settings_activity.xml b/android/TerminalApp/res/layout/settings_activity.xml
index 9edfd96..adeff36 100644
--- a/android/TerminalApp/res/layout/settings_activity.xml
+++ b/android/TerminalApp/res/layout/settings_activity.xml
@@ -25,6 +25,7 @@
android:id="@+id/settings_toolbar"
android:layout_width="match_parent"
android:layout_height="?attr/actionBarSize"
+ app:title="@string/action_settings"
app:layout_constraintTop_toTopOf="parent"/>
<androidx.recyclerview.widget.RecyclerView
android:id="@+id/settings_list_recycler_view"
diff --git a/android/TerminalApp/res/layout/settings_list_item.xml b/android/TerminalApp/res/layout/settings_list_item.xml
index 7b27421..b48c5d3 100644
--- a/android/TerminalApp/res/layout/settings_list_item.xml
+++ b/android/TerminalApp/res/layout/settings_list_item.xml
@@ -14,61 +14,56 @@
limitations under the License.
-->
-<FrameLayout xmlns:android="http://schemas.android.com/apk/res/android"
+<com.google.android.material.card.MaterialCardView
+ xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:app="http://schemas.android.com/apk/res-auto"
- android:layout_width="match_parent"
- android:gravity="center_vertical"
- android:layout_height="wrap_content">
+ android:id="@+id/settings_list_item_card"
+ app:strokeWidth="0dp"
+ app:cardCornerRadius="28dp"
+ app:checkedIcon="@null"
+ android:focusable="true"
+ android:checkable="true"
+ android:layout_height="wrap_content"
+ android:layout_width="match_parent">
- <com.google.android.material.card.MaterialCardView
- android:id="@+id/settings_list_item_card"
- app:strokeWidth="0dp"
- app:cardCornerRadius="28dp"
- app:checkedIcon="@null"
- android:focusable="true"
- android:checkable="true"
- android:layout_height="wrap_content"
- android:layout_width="match_parent">
+ <androidx.constraintlayout.widget.ConstraintLayout
+ android:layout_width="match_parent"
+ android:layout_height="88dp"
+ android:layout_marginStart="24dp"
+ android:layout_marginEnd="16dp">
- <androidx.constraintlayout.widget.ConstraintLayout
- android:layout_width="match_parent"
- android:layout_height="88dp"
+ <com.google.android.material.imageview.ShapeableImageView
+ android:id="@+id/settings_list_item_icon"
+ android:layout_width="24dp"
+ android:layout_height="24dp"
+ android:layout_marginEnd="24dp"
+ android:scaleType="centerCrop"
+ app:layout_constraintTop_toTopOf="parent"
+ app:layout_constraintBottom_toBottomOf="parent"
+ app:layout_constraintStart_toStartOf="parent" />
+
+ <TextView
+ android:id="@+id/settings_list_item_title"
+ android:layout_width="0dp"
+ android:layout_height="wrap_content"
+ android:layout_marginTop="20dp"
android:layout_marginStart="24dp"
- android:layout_marginEnd="16dp">
+ android:textSize="20sp"
+ app:layout_constraintTop_toTopOf="parent"
+ app:layout_constraintBottom_toTopOf="@+id/settings_list_item_sub_title"
+ app:layout_constraintStart_toEndOf="@id/settings_list_item_icon"
+ app:layout_constraintEnd_toEndOf="parent" />
- <com.google.android.material.imageview.ShapeableImageView
- android:id="@+id/settings_list_item_icon"
- android:layout_width="24dp"
- android:layout_height="24dp"
- android:layout_marginEnd="24dp"
- android:scaleType="centerCrop"
- app:layout_constraintTop_toTopOf="parent"
- app:layout_constraintBottom_toBottomOf="parent"
- app:layout_constraintLeft_toLeftOf="parent" />
-
- <TextView
- android:id="@+id/settings_list_item_title"
- android:layout_width="0dp"
- android:layout_height="wrap_content"
- android:layout_marginTop="20dp"
- android:layout_marginStart="24dp"
- android:textSize="20sp"
- app:layout_constraintTop_toTopOf="parent"
- app:layout_constraintBottom_toTopOf="@+id/settings_list_item_sub_title"
- app:layout_constraintStart_toEndOf="@id/settings_list_item_icon"
- app:layout_constraintEnd_toEndOf="parent" />
-
- <TextView
- android:id="@+id/settings_list_item_sub_title"
- android:layout_width="0dp"
- android:layout_height="wrap_content"
- android:textSize="14sp"
- android:layout_marginBottom="20dp"
- android:layout_marginStart="24dp"
- app:layout_constraintTop_toBottomOf="@+id/settings_list_item_title"
- app:layout_constraintBottom_toBottomOf="parent"
- app:layout_constraintStart_toEndOf="@id/settings_list_item_icon"
- app:layout_constraintEnd_toEndOf="parent" />
- </androidx.constraintlayout.widget.ConstraintLayout>
- </com.google.android.material.card.MaterialCardView>
-</FrameLayout>
\ No newline at end of file
+ <TextView
+ android:id="@+id/settings_list_item_sub_title"
+ android:layout_width="0dp"
+ android:layout_height="wrap_content"
+ android:textSize="14sp"
+ android:layout_marginBottom="20dp"
+ android:layout_marginStart="24dp"
+ app:layout_constraintTop_toBottomOf="@+id/settings_list_item_title"
+ app:layout_constraintBottom_toBottomOf="parent"
+ app:layout_constraintStart_toEndOf="@id/settings_list_item_icon"
+ app:layout_constraintEnd_toEndOf="parent" />
+ </androidx.constraintlayout.widget.ConstraintLayout>
+</com.google.android.material.card.MaterialCardView>
\ No newline at end of file
diff --git a/android/TerminalApp/res/layout/settings_port_forwarding_item.xml b/android/TerminalApp/res/layout/settings_port_forwarding_item.xml
index 5418bf8..8a57b41 100644
--- a/android/TerminalApp/res/layout/settings_port_forwarding_item.xml
+++ b/android/TerminalApp/res/layout/settings_port_forwarding_item.xml
@@ -14,11 +14,12 @@
limitations under the License.
-->
-<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
+<androidx.constraintlayout.widget.ConstraintLayout
+ xmlns:android="http://schemas.android.com/apk/res/android"
+ xmlns:app="http://schemas.android.com/apk/res-auto"
android:layout_width="match_parent"
android:layout_height="wrap_content"
- app:layout_constraintCircleRadius="@dimen/material_emphasis_medium"
- xmlns:app="http://schemas.android.com/apk/res-auto">
+ app:layout_constraintCircleRadius="@dimen/material_emphasis_medium">
<TextView
android:id="@+id/settings_port_forwarding_item_port"
@@ -26,13 +27,13 @@
android:layout_width="match_parent"
app:layout_constraintTop_toTopOf="parent"
app:layout_constraintBottom_toBottomOf="parent"
- app:layout_constraintLeft_toLeftOf="parent"/>
+ app:layout_constraintStart_toStartOf="parent"/>
<com.google.android.material.materialswitch.MaterialSwitch
android:id="@+id/settings_port_forwarding_item_enabled_switch"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
app:layout_constraintTop_toTopOf="parent"
- app:layout_constraintRight_toRightOf="parent" />
+ app:layout_constraintEnd_toEndOf="parent" />
</androidx.constraintlayout.widget.ConstraintLayout>
\ No newline at end of file
diff --git a/android/TerminalApp/res/layout/settings_recovery.xml b/android/TerminalApp/res/layout/settings_recovery.xml
index 12344c6..4cce61d 100644
--- a/android/TerminalApp/res/layout/settings_recovery.xml
+++ b/android/TerminalApp/res/layout/settings_recovery.xml
@@ -57,7 +57,7 @@
android:text="@string/settings_recovery_reset_title"
app:layout_constraintTop_toTopOf="parent"
app:layout_constraintBottom_toTopOf="@+id/settings_recovery_reset_sub_title"
- app:layout_constraintLeft_toLeftOf="parent" />
+ app:layout_constraintStart_toStartOf="parent" />
<TextView
android:id="@+id/settings_recovery_reset_sub_title"
@@ -69,7 +69,7 @@
android:text="@string/settings_recovery_reset_sub_title"
app:layout_constraintTop_toBottomOf="@+id/settings_recovery_reset_title"
app:layout_constraintBottom_toBottomOf="parent"
- app:layout_constraintLeft_toLeftOf="parent" />
+ app:layout_constraintStart_toStartOf="parent" />
</androidx.constraintlayout.widget.ConstraintLayout>
</com.google.android.material.card.MaterialCardView>
</LinearLayout>
\ No newline at end of file
diff --git a/android/TerminalApp/res/values/strings.xml b/android/TerminalApp/res/values/strings.xml
index c89fcfa..4dd33f4 100644
--- a/android/TerminalApp/res/values/strings.xml
+++ b/android/TerminalApp/res/values/strings.xml
@@ -95,6 +95,18 @@
<string name="settings_recovery_reset_dialog_confirm">Confirm</string>
<!-- Dialog button cancel for resetting the terminal [CHAR LIMIT=16] -->
<string name="settings_recovery_reset_dialog_cancel">Cancel</string>
+ <!-- Dialog option to back up previous image(/mnt/backup is the path which is supposed not to be translated) [CHAR LIMIT=none] -->
+ <string name="settings_recovery_reset_dialog_backup_option">Back up data to <xliff:g id="path" example="/mnt/backup">/mnt/backup</xliff:g></string>
+ <!-- Snankbar to indicate recovery error due to backup [CHAR LIMIT=none] -->
+ <string name="settings_recovery_error_due_to_backup">Recovery failed because backup failed</string>
+ <!-- Snankbar to indicate recovery error [CHAR LIMIT=none] -->
+ <string name="settings_recovery_error">Recovery failed</string>
+ <!-- Snankbar to indicate recovery error during removing backup [CHAR LIMIT=none] -->
+ <string name="settings_recovery_error_during_removing_backup">Cannot remove backup file</string>
+ <!-- Settings menu title for removing backup data [CHAR LIMIT=none] -->
+ <string name="settings_recovery_remove_backup_title">Remove backup data</string>
+ <!-- Settings menu sub title for removing backup data(/mnt/backup is the path which is supposed not to be translated) [CHAR LIMIT=none] -->
+ <string name="settings_recovery_remove_backup_sub_title">Clean up <xliff:g id="path" example="/mnt/backup">/mnt/backup</xliff:g></string>
<!-- Notification action button for settings [CHAR LIMIT=20] -->
<string name="service_notification_settings">Settings</string>
diff --git a/guest/pvmfw/avb/Android.bp b/guest/pvmfw/avb/Android.bp
index f97a713..bc5cbfe 100644
--- a/guest/pvmfw/avb/Android.bp
+++ b/guest/pvmfw/avb/Android.bp
@@ -33,6 +33,7 @@
":microdroid_kernel_signed",
":microdroid_initrd_normal",
":microdroid_initrd_debuggable",
+ ":trusty_security_vm_signed",
":test_image_with_one_hashdesc",
":test_image_with_non_initrd_hashdesc",
":test_image_with_initrd_and_non_initrd_desc",
diff --git a/guest/pvmfw/avb/tests/api_test.rs b/guest/pvmfw/avb/tests/api_test.rs
index 01c13d4..72c795c 100644
--- a/guest/pvmfw/avb/tests/api_test.rs
+++ b/guest/pvmfw/avb/tests/api_test.rs
@@ -55,6 +55,17 @@
}
#[test]
+fn latest_trusty_security_vm_kernel_passes_verification() -> Result<()> {
+ let salt = b"trusty_security_vm_salt";
+ let expected_rollback_index = 1;
+ assert_payload_without_initrd_passes_verification(
+ &load_latest_trusty_security_vm_signed_kernel()?,
+ salt,
+ expected_rollback_index,
+ )
+}
+
+#[test]
fn latest_debug_payload_passes_verification() -> Result<()> {
assert_latest_payload_verification_passes(
&load_latest_initrd_debug()?,
diff --git a/guest/pvmfw/avb/tests/utils.rs b/guest/pvmfw/avb/tests/utils.rs
index e989579..0e836d5 100644
--- a/guest/pvmfw/avb/tests/utils.rs
+++ b/guest/pvmfw/avb/tests/utils.rs
@@ -33,6 +33,7 @@
const MICRODROID_KERNEL_IMG_PATH: &str = "microdroid_kernel";
const INITRD_NORMAL_IMG_PATH: &str = "microdroid_initrd_normal.img";
const INITRD_DEBUG_IMG_PATH: &str = "microdroid_initrd_debuggable.img";
+const TRUSTY_SECURITY_VM_KERNEL_IMG_PATH: &str = "trusty_security_vm_signed";
const PUBLIC_KEY_RSA4096_PATH: &str = "data/testkey_rsa4096_pub.bin";
pub const PUBLIC_KEY_RSA2048_PATH: &str = "data/testkey_rsa2048_pub.bin";
@@ -60,6 +61,10 @@
Ok(fs::read(MICRODROID_KERNEL_IMG_PATH)?)
}
+pub fn load_latest_trusty_security_vm_signed_kernel() -> Result<Vec<u8>> {
+ Ok(fs::read(TRUSTY_SECURITY_VM_KERNEL_IMG_PATH)?)
+}
+
pub fn load_latest_initrd_normal() -> Result<Vec<u8>> {
Ok(fs::read(INITRD_NORMAL_IMG_PATH)?)
}
@@ -134,6 +139,35 @@
Ok(())
}
+pub fn assert_payload_without_initrd_passes_verification(
+ kernel: &[u8],
+ salt: &[u8],
+ expected_rollback_index: u64,
+) -> Result<()> {
+ let public_key = load_trusted_public_key()?;
+ let verified_boot_data = verify_payload(
+ kernel,
+ None, // initrd
+ &public_key,
+ )
+ .map_err(|e| anyhow!("Verification failed. Error: {}", e))?;
+
+ let footer = extract_avb_footer(kernel)?;
+ let kernel_digest =
+ hash(&[&hash(&[salt]), &kernel[..usize::try_from(footer.original_image_size)?]]);
+ let expected_boot_data = VerifiedBootData {
+ debug_level: DebugLevel::None,
+ kernel_digest,
+ initrd_digest: None,
+ public_key: &public_key,
+ capabilities: vec![],
+ rollback_index: expected_rollback_index,
+ };
+ assert_eq!(expected_boot_data, verified_boot_data);
+
+ Ok(())
+}
+
pub fn hash(inputs: &[&[u8]]) -> Digest {
let mut digester = sha::Sha256::new();
inputs.iter().for_each(|input| digester.update(input));
diff --git a/guest/trusty/security_vm/launcher/Android.bp b/guest/trusty/security_vm/launcher/Android.bp
index c90d893..38e3e42 100644
--- a/guest/trusty/security_vm/launcher/Android.bp
+++ b/guest/trusty/security_vm/launcher/Android.bp
@@ -57,7 +57,7 @@
enabled: false,
arch: {
x86_64: {
- src: ":trusty-test-lk.elf",
+ src: ":trusty-lk.elf",
enabled: true,
},
arm64: {
diff --git a/libs/vm_launcher_lib/java/com/android/virtualization/vmlauncher/InstallUtils.java b/libs/vm_launcher_lib/java/com/android/virtualization/vmlauncher/InstallUtils.java
index 57691bf..d55d268 100644
--- a/libs/vm_launcher_lib/java/com/android/virtualization/vmlauncher/InstallUtils.java
+++ b/libs/vm_launcher_lib/java/com/android/virtualization/vmlauncher/InstallUtils.java
@@ -28,6 +28,7 @@
import java.io.BufferedInputStream;
import java.io.File;
+import java.io.FileNotFoundException;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
@@ -41,6 +42,7 @@
private static final String VM_CONFIG_FILENAME = "vm_config.json";
private static final String COMPRESSED_PAYLOAD_FILENAME = "images.tar.gz";
+ private static final String ROOTFS_FILENAME = "root_part";
private static final String INSTALLATION_COMPLETED_FILENAME = "completed";
private static final String PAYLOAD_DIR = "linux";
@@ -172,4 +174,13 @@
return false;
}
}
+
+ public static File getRootfsFile(Context context) throws FileNotFoundException {
+ File file = new File(getInternalStorageDir(context), ROOTFS_FILENAME);
+ if (!file.exists()) {
+ Log.d(TAG, file.getAbsolutePath() + " - file not found");
+ throw new FileNotFoundException("File not found: " + ROOTFS_FILENAME);
+ }
+ return file;
+ }
}