[attestation] Rename test_apk to demo_apk for Vm attestation
A separate test_apk will be added in a subsequent cl for e2e test.
Specifically, the demo_apk calls the real request attestation API
and interacts with RKPD to retrieve the real remotely provisioned
keys; while the test_apk will call the request attestation API
for testing only and will not trigger RKPD, a mock key will be used
in this case.
Test: Run VmAttestationDemoApp manually
Change-Id: I5e02dc071d167156e98088829227e83300899461
diff --git a/service_vm/test_apk/Android.bp b/service_vm/demo_apk/Android.bp
similarity index 69%
rename from service_vm/test_apk/Android.bp
rename to service_vm/demo_apk/Android.bp
index 681f4e8..5644819 100644
--- a/service_vm/test_apk/Android.bp
+++ b/service_vm/demo_apk/Android.bp
@@ -4,9 +4,9 @@
}
android_app {
- name: "ServiceVmClientTestApp",
+ name: "VmAttestationDemoApp",
installable: true,
- jni_libs: ["libservice_vm_client"],
+ jni_libs: ["libvm_attestation_payload"],
jni_uses_platform_apis: true,
use_embedded_native_libs: true,
sdk_version: "system_current",
@@ -15,8 +15,8 @@
}
rust_defaults {
- name: "service_vm_client_defaults",
- crate_name: "service_vm_client",
+ name: "vm_attestation_payload_defaults",
+ crate_name: "vm_attestation_payload",
defaults: ["avf_build_flags_rust"],
srcs: ["src/main.rs"],
prefer_rlib: true,
@@ -29,6 +29,6 @@
}
rust_ffi {
- name: "libservice_vm_client",
- defaults: ["service_vm_client_defaults"],
+ name: "libvm_attestation_payload",
+ defaults: ["vm_attestation_payload_defaults"],
}
diff --git a/service_vm/test_apk/AndroidManifest.xml b/service_vm/demo_apk/AndroidManifest.xml
similarity index 94%
rename from service_vm/test_apk/AndroidManifest.xml
rename to service_vm/demo_apk/AndroidManifest.xml
index b3598fc..228195d 100644
--- a/service_vm/test_apk/AndroidManifest.xml
+++ b/service_vm/demo_apk/AndroidManifest.xml
@@ -13,7 +13,7 @@
limitations under the License.
-->
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
- package="com.android.virt.service_vm.client">
+ package="com.android.virt.vm_attestation.demo">
<uses-permission android:name="android.permission.MANAGE_VIRTUAL_MACHINE" />
<uses-permission android:name="android.permission.USE_CUSTOM_VIRTUAL_MACHINE" />
diff --git a/service_vm/demo_apk/README.md b/service_vm/demo_apk/README.md
new file mode 100644
index 0000000..551d47b
--- /dev/null
+++ b/service_vm/demo_apk/README.md
@@ -0,0 +1,53 @@
+# VmAttestationDemoApp
+
+## Overview
+
+The *VmAttestationDemoApp* is an Android application that provides a practical
+demonstration of how to interact with the VM Attestation APIs. This app focuses
+on the payload of the Android app and the payload performs two main tasks:
+requesting attestation and validating the attestation result.
+
+## Building
+
+To build the VmAttestationDemoApp, use the following command:
+
+```
+m VmAttestationDemoApp
+```
+
+## Installing
+
+To install the app on your device, execute the following command:
+
+```
+adb install $ANDROID_PRODUCT_OUT/system/app/VmAttestationDemoApp/VmAttestationDemoApp.apk
+```
+
+## Running
+
+Before running the app, make sure that the device has an internet connection and
+that the remote provisioning host is not empty. You can use the following
+command to check the remote provisioning host:
+
+```
+$ adb shell getprop remote_provisioning.hostname
+remoteprovisioning.googleapis.com
+```
+
+Once you have confirmed the remote provisioning host, you can run the app using
+the following command:
+
+```
+TEST_ROOT=/data/local/tmp/virt && adb shell /apex/com.android.virt/bin/vm run-app \
+ --config-path assets/config.json --debug full \
+ $(adb shell pm path com.android.virt.vm_attestation.demo | cut -c 9-) \
+ $TEST_ROOT/VmAttestationDemoApp.apk.idsig \
+ $TEST_ROOT/instance.vm_attestation.debug.img --protected
+```
+
+Please note that remote attestation is only available for protected VMs.
+Therefore, ensure that the VM is launched in protected mode using the
+`--protected` flag.
+
+If everything is set up correctly, you should be able to see the attestation
+result printed out in the VM logs.
diff --git a/service_vm/test_apk/assets/config.json b/service_vm/demo_apk/assets/config.json
similarity index 74%
rename from service_vm/test_apk/assets/config.json
rename to service_vm/demo_apk/assets/config.json
index 02749fe..1684696 100644
--- a/service_vm/test_apk/assets/config.json
+++ b/service_vm/demo_apk/assets/config.json
@@ -4,7 +4,7 @@
},
"task": {
"type": "microdroid_launcher",
- "command": "libservice_vm_client.so"
+ "command": "libvm_attestation_payload.so"
},
"export_tombstones": true
}
\ No newline at end of file
diff --git a/service_vm/test_apk/src/main.rs b/service_vm/demo_apk/src/main.rs
similarity index 99%
rename from service_vm/test_apk/src/main.rs
rename to service_vm/demo_apk/src/main.rs
index df60325..0d1efb0 100644
--- a/service_vm/test_apk/src/main.rs
+++ b/service_vm/demo_apk/src/main.rs
@@ -224,6 +224,6 @@
// static string.
let message = unsafe { AVmAttestationResult_resultToString(status) };
// SAFETY: The pointer returned by `AVmAttestationResult_resultToString` is guaranteed to
- // point to a valid C String.
+ // point to a valid C String that lives forever.
unsafe { CStr::from_ptr(message) }
}