Merge "virtmgr: loosen kernel/initrd SELinux requirements for vendor VMs" into main
diff --git a/android/composd/aidl/android/system/composd/IIsolatedCompilationService.aidl b/android/composd/aidl/android/system/composd/IIsolatedCompilationService.aidl
index 3748899..d7757db 100644
--- a/android/composd/aidl/android/system/composd/IIsolatedCompilationService.aidl
+++ b/android/composd/aidl/android/system/composd/IIsolatedCompilationService.aidl
@@ -35,7 +35,7 @@
* callback, unless the returned ICompilationTask is cancelled. The caller should maintain
* a reference to the ICompilationTask until compilation completes or is cancelled.
*/
- ICompilationTask startStagedApexCompile(ICompilationTaskCallback callback);
+ ICompilationTask startStagedApexCompile(ICompilationTaskCallback callback, String os);
/**
* Run odrefresh in a test instance of CompOS until completed or failed.
diff --git a/android/composd/src/instance_manager.rs b/android/composd/src/instance_manager.rs
index d1b0b99..a7154ec 100644
--- a/android/composd/src/instance_manager.rs
+++ b/android/composd/src/instance_manager.rs
@@ -39,10 +39,11 @@
Self { service, state: Default::default() }
}
- pub fn start_current_instance(&self) -> Result<CompOsInstance> {
+ pub fn start_current_instance(&self, os: &str) -> Result<CompOsInstance> {
let mut vm_parameters = new_vm_parameters()?;
vm_parameters.name = String::from("Composd");
vm_parameters.prefer_staged = true;
+ vm_parameters.os = os.to_owned();
self.start_instance(CURRENT_INSTANCE_DIR, vm_parameters)
}
diff --git a/android/composd/src/service.rs b/android/composd/src/service.rs
index 3cc40af..1e38eee 100644
--- a/android/composd/src/service.rs
+++ b/android/composd/src/service.rs
@@ -51,9 +51,10 @@
fn startStagedApexCompile(
&self,
callback: &Strong<dyn ICompilationTaskCallback>,
+ os: &str,
) -> binder::Result<Strong<dyn ICompilationTask>> {
check_permissions()?;
- to_binder_result(self.do_start_staged_apex_compile(callback))
+ to_binder_result(self.do_start_staged_apex_compile(callback, os))
}
fn startTestCompile(
@@ -76,8 +77,10 @@
fn do_start_staged_apex_compile(
&self,
callback: &Strong<dyn ICompilationTaskCallback>,
+ os: &str,
) -> Result<Strong<dyn ICompilationTask>> {
- let comp_os = self.instance_manager.start_current_instance().context("Starting CompOS")?;
+ let comp_os =
+ self.instance_manager.start_current_instance(os).context("Starting CompOS")?;
let target_dir_name = PENDING_ARTIFACTS_SUBDIR.to_owned();
let task = OdrefreshTask::start(
diff --git a/android/composd_cmd/composd_cmd.rs b/android/composd_cmd/composd_cmd.rs
index 6281bd0..c944c17 100644
--- a/android/composd_cmd/composd_cmd.rs
+++ b/android/composd_cmd/composd_cmd.rs
@@ -39,7 +39,11 @@
#[derive(Parser)]
enum Actions {
/// Compile classpath for real. Output can be used after a reboot.
- StagedApexCompile {},
+ StagedApexCompile {
+ /// OS for the VM.
+ #[clap(long, default_value = "microdroid")]
+ os: String,
+ },
/// Compile classpath in a debugging VM. Output is ignored.
TestCompile {
@@ -59,7 +63,7 @@
ProcessState::start_thread_pool();
match action {
- Actions::StagedApexCompile {} => run_staged_apex_compile()?,
+ Actions::StagedApexCompile { os } => run_staged_apex_compile(&os)?,
Actions::TestCompile { prefer_staged, os } => run_test_compile(prefer_staged, &os)?,
}
@@ -116,8 +120,8 @@
}
}
-fn run_staged_apex_compile() -> Result<()> {
- run_async_compilation(|service, callback| service.startStagedApexCompile(callback))
+fn run_staged_apex_compile(os: &str) -> Result<()> {
+ run_async_compilation(|service, callback| service.startStagedApexCompile(callback, os))
}
fn run_test_compile(prefer_staged: bool, os: &str) -> Result<()> {
diff --git a/android/virtmgr/src/crosvm.rs b/android/virtmgr/src/crosvm.rs
index 8500421..9ee181a 100644
--- a/android/virtmgr/src/crosvm.rs
+++ b/android/virtmgr/src/crosvm.rs
@@ -628,6 +628,7 @@
fn monitor_vm_status(&self, child: Arc<SharedChild>) {
let pid = child.id();
+ let mut metric_countdown = 0;
loop {
{
@@ -637,23 +638,34 @@
break;
}
- let mut vm_metric = self.vm_metric.lock().unwrap();
+ if metric_countdown > 0 {
+ metric_countdown -= 1;
+ } else {
+ metric_countdown = 10;
+ let mut vm_metric = self.vm_metric.lock().unwrap();
- // Get CPU Information
- match get_guest_time(pid) {
- Ok(guest_time) => vm_metric.cpu_guest_time = Some(guest_time),
- Err(e) => error!("Failed to get guest CPU time: {e:?}"),
- }
-
- // Get Memory Information
- match get_rss(pid) {
- Ok(rss) => {
- vm_metric.rss = match &vm_metric.rss {
- Some(x) => Some(Rss::extract_max(x, &rss)),
- None => Some(rss),
+ // Get CPU Information
+ match get_guest_time(pid) {
+ Ok(guest_time) => vm_metric.cpu_guest_time = Some(guest_time),
+ Err(e) => {
+ metric_countdown = 0;
+ error!("Failed to get guest CPU time: {e:?}");
}
}
- Err(e) => error!("Failed to get guest RSS: {}", e),
+
+ // Get Memory Information
+ match get_rss(pid) {
+ Ok(rss) => {
+ vm_metric.rss = match &vm_metric.rss {
+ Some(x) => Some(Rss::extract_max(x, &rss)),
+ None => Some(rss),
+ }
+ }
+ Err(e) => {
+ metric_countdown = 0;
+ error!("Failed to get guest RSS: {}", e);
+ }
+ }
}
}
diff --git a/build/debian/build.sh b/build/debian/build.sh
index 6facfcf..616dd00 100755
--- a/build/debian/build.sh
+++ b/build/debian/build.sh
@@ -269,7 +269,7 @@
--extract "${dsc_file}"
pushd "linux-${debian_kver%-*}" > /dev/null
- local kpatches_src="$SCRIPT_DIR/kernel_patches"
+ local kpatches_src="$SCRIPT_DIR/kernel/patches"
cp -r "${kpatches_src}/avf" debian/patches/
cat "${kpatches_src}/series" >> debian/patches/series
./debian/rules orig
@@ -282,9 +282,8 @@
# 2. Define our custom flavour and regenerate control file
# NOTE: Our flavour extends Debian's `cloud` config on the `none` featureset.
- cat > debian/config/${debian_arch}/config.${debarch_flavour} <<EOF
-# TODO: Add our custom kernel config to this file
-EOF
+ cp "$SCRIPT_DIR/kernel/config" \
+ debian/config/${debian_arch}/config.${debarch_flavour}
sed -z "s;\[base\]\nflavours:;[base]\nflavours:\n ${debarch_flavour};" \
-i debian/config/${debian_arch}/none/defines
diff --git a/build/debian/fai_config/files/usr/local/bin/enable_display/AVF b/build/debian/fai_config/files/usr/local/bin/enable_display/AVF
index 69dce6a..76f9f97 100644
--- a/build/debian/fai_config/files/usr/local/bin/enable_display/AVF
+++ b/build/debian/fai_config/files/usr/local/bin/enable_display/AVF
@@ -1,4 +1,6 @@
#!/bin/bash
sudo systemd-run --collect -E XDG_SESSION_TYPE=wayland --uid=1000 -p PAMName=login -p TTYPath=/dev/tty7 sleep 1d
systemctl --user start weston
-export DISPLAY=:0
\ No newline at end of file
+export DISPLAY=:0
+export MESA_LOADER_DRIVER_OVERRIDE=zink
+export LIBGL_ALWAYS_SOFTWARE=1
\ No newline at end of file
diff --git a/build/debian/fai_config/scripts/AVF/20-useradd b/build/debian/fai_config/scripts/AVF/20-useradd
index 1c93772..b92648a 100755
--- a/build/debian/fai_config/scripts/AVF/20-useradd
+++ b/build/debian/fai_config/scripts/AVF/20-useradd
@@ -1,4 +1,4 @@
#!/bin/bash
-$ROOTCMD useradd -m -u 1000 -N -G sudo -s /usr/bin/bash droid
+$ROOTCMD useradd -m -u 1000 -N -G sudo,video,render -s /usr/bin/bash droid
$ROOTCMD echo 'droid ALL=(ALL) NOPASSWD:ALL' >> $target/etc/sudoers
diff --git a/build/debian/kernel/config b/build/debian/kernel/config
new file mode 100644
index 0000000..1ba603c
--- /dev/null
+++ b/build/debian/kernel/config
@@ -0,0 +1 @@
+CONFIG_DRM=m
diff --git a/build/debian/kernel_patches/avf/arm64-balloon.patch b/build/debian/kernel/patches/avf/arm64-balloon.patch
similarity index 100%
rename from build/debian/kernel_patches/avf/arm64-balloon.patch
rename to build/debian/kernel/patches/avf/arm64-balloon.patch
diff --git a/build/debian/kernel_patches/series b/build/debian/kernel/patches/series
similarity index 100%
rename from build/debian/kernel_patches/series
rename to build/debian/kernel/patches/series
diff --git a/build/debian/vm_config.json.aarch64 b/build/debian/vm_config.json.aarch64
index 96254f8..463583f 100644
--- a/build/debian/vm_config.json.aarch64
+++ b/build/debian/vm_config.json.aarch64
@@ -35,5 +35,8 @@
"console_out": true,
"console_input_device": "ttyS0",
"network": true,
- "auto_memory_balloon": true
+ "auto_memory_balloon": true,
+ "gpu": {
+ "backend": "2d"
+ }
}
diff --git a/build/debian/vm_config.json.x86_64 b/build/debian/vm_config.json.x86_64
index c34a0f2..bc4e00a 100644
--- a/build/debian/vm_config.json.x86_64
+++ b/build/debian/vm_config.json.x86_64
@@ -44,5 +44,8 @@
"console_out": true,
"console_input_device": "ttyS0",
"network": true,
- "auto_memory_balloon": true
+ "auto_memory_balloon": true,
+ "gpu": {
+ "backend": "2d"
+ }
}
diff --git a/guest/pvmfw/README.md b/guest/pvmfw/README.md
index 766a923..652ca90 100644
--- a/guest/pvmfw/README.md
+++ b/guest/pvmfw/README.md
@@ -461,7 +461,12 @@
- `secretkeeper_protection`: pvmfw defers rollback protection to the guest
- `supports_uefi_boot`: pvmfw boots the VM as a EFI payload (experimental)
- `trusty_security_vm`: pvmfw skips rollback protection
-- `"com.android.virt.page_size"`: the guest page size in KiB (optional, defaults to 4)
+- `"com.android.virt.page_size"`: (optional) the guest page size in KiB, defaults to 4
+- `"com.android.virt.name"`: (optional) VM name, used as the
+ [`component_name`][dice-comp-name] (defaults to `"vm_entry"`) in the guest
+ DICE certificate and to identify special VMs
+
+[dice-comp-name]: https://cs.android.com/android/platform/superproject/main/+/main:external/open-dice/docs/android.md;l=81;drc=6d511e9533eac05d64d47fcd78ac5d881e72c3de
## Development
diff --git a/guest/pvmfw/avb/Android.bp b/guest/pvmfw/avb/Android.bp
index 141c1d2..0d55d7c 100644
--- a/guest/pvmfw/avb/Android.bp
+++ b/guest/pvmfw/avb/Android.bp
@@ -37,6 +37,7 @@
":test_image_with_one_hashdesc",
":test_image_with_non_initrd_hashdesc",
":test_image_with_initrd_and_non_initrd_desc",
+ ":test_image_with_name",
":test_image_with_invalid_page_size",
":test_image_with_negative_page_size",
":test_image_with_overflow_page_size",
@@ -123,6 +124,20 @@
}
avb_add_hash_footer {
+ name: "test_image_with_name",
+ src: ":unsigned_test_image",
+ partition_name: "boot",
+ private_key: ":pvmfw_sign_key",
+ salt: "2134",
+ props: [
+ {
+ name: "com.android.virt.name",
+ value: "test_vm_name",
+ },
+ ],
+}
+
+avb_add_hash_footer {
name: "test_image_with_invalid_page_size",
src: ":unsigned_test_image",
partition_name: "boot",
diff --git a/guest/pvmfw/avb/src/error.rs b/guest/pvmfw/avb/src/error.rs
index 1307e15..eb82837 100644
--- a/guest/pvmfw/avb/src/error.rs
+++ b/guest/pvmfw/avb/src/error.rs
@@ -30,6 +30,8 @@
UnknownVbmetaProperty,
/// VBMeta has invalid page_size property.
InvalidPageSize,
+ /// VBMeta has invalid VM name property.
+ InvalidVmName,
}
impl From<SlotVerifyError<'_>> for PvmfwVerifyError {
@@ -54,6 +56,7 @@
}
Self::UnknownVbmetaProperty => write!(f, "Unknown vbmeta property"),
Self::InvalidPageSize => write!(f, "Invalid page_size property"),
+ Self::InvalidVmName => write!(f, "Invalid name property"),
}
}
}
diff --git a/guest/pvmfw/avb/src/verify.rs b/guest/pvmfw/avb/src/verify.rs
index 8810696..6a3d7de 100644
--- a/guest/pvmfw/avb/src/verify.rs
+++ b/guest/pvmfw/avb/src/verify.rs
@@ -17,7 +17,7 @@
use crate::ops::{Ops, Payload};
use crate::partition::PartitionName;
use crate::PvmfwVerifyError;
-use alloc::vec::Vec;
+use alloc::{string::String, vec::Vec};
use avb::{
Descriptor, DescriptorError, DescriptorResult, HashDescriptor, PartitionData, SlotVerifyError,
SlotVerifyNoDataResult, VbmetaData,
@@ -47,6 +47,8 @@
pub rollback_index: u64,
/// Page size of kernel, if present.
pub page_size: Option<usize>,
+ /// Name of the guest payload, if present.
+ pub name: Option<String>,
}
impl VerifiedBootData<'_> {
@@ -238,6 +240,18 @@
Ok(Some(size))
}
+/// Returns the indicated payload name, if present.
+fn read_name(vbmeta_data: &VbmetaData) -> Result<Option<String>, PvmfwVerifyError> {
+ let Some(property) = vbmeta_data.get_property_value("com.android.virt.name") else {
+ return Ok(None);
+ };
+ let name = str::from_utf8(property).map_err(|_| PvmfwVerifyError::InvalidVmName)?;
+ if name.is_empty() {
+ return Err(PvmfwVerifyError::InvalidVmName);
+ }
+ Ok(Some(name.into()))
+}
+
/// Verifies the given initrd partition, and checks that the resulting contents looks like expected.
fn verify_initrd(
ops: &mut Ops,
@@ -275,6 +289,7 @@
let hash_descriptors = HashDescriptors::get(&descriptors)?;
let capabilities = Capability::get_capabilities(vbmeta_image)?;
let page_size = read_page_size(vbmeta_image)?;
+ let name = read_name(vbmeta_image)?;
if initrd.is_none() {
hash_descriptors.verify_no_initrd()?;
@@ -286,6 +301,7 @@
capabilities,
rollback_index,
page_size,
+ name,
});
}
@@ -307,5 +323,6 @@
capabilities,
rollback_index,
page_size,
+ name,
})
}
diff --git a/guest/pvmfw/avb/tests/api_test.rs b/guest/pvmfw/avb/tests/api_test.rs
index 3027c47..b3899d9 100644
--- a/guest/pvmfw/avb/tests/api_test.rs
+++ b/guest/pvmfw/avb/tests/api_test.rs
@@ -27,6 +27,7 @@
use utils::*;
const TEST_IMG_WITH_ONE_HASHDESC_PATH: &str = "test_image_with_one_hashdesc.img";
+const TEST_IMG_WITH_NAME_PATH: &str = "test_image_with_name.img";
const TEST_IMG_WITH_INVALID_PAGE_SIZE_PATH: &str = "test_image_with_invalid_page_size.img";
const TEST_IMG_WITH_NEGATIVE_PAGE_SIZE_PATH: &str = "test_image_with_negative_page_size.img";
const TEST_IMG_WITH_OVERFLOW_PAGE_SIZE_PATH: &str = "test_image_with_overflow_page_size.img";
@@ -102,6 +103,7 @@
capabilities: vec![],
rollback_index: 0,
page_size: None,
+ name: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
@@ -147,6 +149,7 @@
capabilities: vec![Capability::RemoteAttest],
rollback_index: 0,
page_size: None,
+ name: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
@@ -247,6 +250,18 @@
}
#[test]
+fn kernel_has_expected_valid_name() {
+ let kernel = fs::read(TEST_IMG_WITH_NAME_PATH).unwrap();
+ assert_eq!(read_name(&kernel), Ok(Some("test_vm_name".to_owned())));
+}
+
+#[test]
+fn kernel_has_expected_missing_name() {
+ let kernel = fs::read(TEST_IMG_WITH_ONE_HASHDESC_PATH).unwrap();
+ assert_eq!(read_name(&kernel), Ok(None));
+}
+
+#[test]
fn kernel_has_expected_page_size_invalid() {
let kernel = fs::read(TEST_IMG_WITH_INVALID_PAGE_SIZE_PATH).unwrap();
assert_eq!(read_page_size(&kernel), Err(PvmfwVerifyError::InvalidPageSize));
@@ -483,6 +498,7 @@
capabilities: vec![],
rollback_index: 5,
page_size: None,
+ name: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
Ok(())
diff --git a/guest/pvmfw/avb/tests/utils.rs b/guest/pvmfw/avb/tests/utils.rs
index 7282f3e..227daa2 100644
--- a/guest/pvmfw/avb/tests/utils.rs
+++ b/guest/pvmfw/avb/tests/utils.rs
@@ -28,6 +28,7 @@
use std::{
fs,
mem::{size_of, transmute, MaybeUninit},
+ string::String,
};
const MICRODROID_KERNEL_IMG_PATH: &str = "microdroid_kernel";
@@ -134,6 +135,7 @@
capabilities,
rollback_index: 1,
page_size,
+ name: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
@@ -166,12 +168,23 @@
capabilities,
rollback_index: expected_rollback_index,
page_size,
+ name: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
Ok(())
}
+pub fn read_name(kernel: &[u8]) -> Result<Option<String>, PvmfwVerifyError> {
+ let public_key = load_trusted_public_key().unwrap();
+ let verified_boot_data = verify_payload(
+ kernel,
+ None, // initrd
+ &public_key,
+ )?;
+ Ok(verified_boot_data.name)
+}
+
pub fn read_page_size(kernel: &[u8]) -> Result<Option<usize>, PvmfwVerifyError> {
let public_key = load_trusted_public_key().unwrap();
let verified_boot_data = verify_payload(
diff --git a/guest/pvmfw/src/dice.rs b/guest/pvmfw/src/dice.rs
index f49fedb..49a3807 100644
--- a/guest/pvmfw/src/dice.rs
+++ b/guest/pvmfw/src/dice.rs
@@ -16,6 +16,7 @@
extern crate alloc;
use alloc::format;
+use alloc::string::String;
use alloc::vec::Vec;
use ciborium::cbor;
use ciborium::Value;
@@ -83,6 +84,7 @@
pub mode: DiceMode,
pub security_version: u64,
pub rkp_vm_marker: bool,
+ component_name: String,
}
impl PartialInputs {
@@ -90,12 +92,13 @@
let code_hash = to_dice_hash(data)?;
let auth_hash = hash(data.public_key)?;
let mode = to_dice_mode(data.debug_level);
+ let component_name = data.name.clone().unwrap_or(String::from("vm_entry"));
// We use rollback_index from vbmeta as the security_version field in dice certificate.
let security_version = data.rollback_index;
let rkp_vm_marker = data.has_capability(Capability::RemoteAttest)
|| data.has_capability(Capability::TrustySecurityVm);
- Ok(Self { code_hash, auth_hash, mode, security_version, rkp_vm_marker })
+ Ok(Self { code_hash, auth_hash, mode, security_version, rkp_vm_marker, component_name })
}
pub fn write_next_bcc(
@@ -156,7 +159,7 @@
fn generate_config_descriptor(&self, instance_hash: Option<Hash>) -> Result<Vec<u8>> {
let mut config = Vec::with_capacity(4);
- config.push((cbor!(COMPONENT_NAME_KEY)?, cbor!("vm_entry")?));
+ config.push((cbor!(COMPONENT_NAME_KEY)?, cbor!(self.component_name.as_str())?));
config.push((cbor!(SECURITY_VERSION_KEY)?, cbor!(self.security_version)?));
if self.rkp_vm_marker {
config.push((cbor!(RKP_VM_MARKER_KEY)?, Value::Null))
@@ -200,6 +203,7 @@
kernel_digest: [1u8; size_of::<Digest>()],
initrd_digest: Some([2u8; size_of::<Digest>()]),
public_key: b"public key",
+ name: None,
capabilities: vec![],
rollback_index: 42,
page_size: None,
@@ -249,12 +253,13 @@
}
#[test]
- fn rkp_vm_config_descriptor_has_rkp_vm_marker() {
+ fn rkp_vm_config_descriptor_has_rkp_vm_marker_and_component_name() {
let vb_data =
VerifiedBootData { capabilities: vec![Capability::RemoteAttest], ..BASE_VB_DATA };
let inputs = PartialInputs::new(&vb_data).unwrap();
let config_map = decode_config_descriptor(&inputs, Some(HASH));
+ assert_eq!(config_map.get(&COMPONENT_NAME_KEY).unwrap().as_text().unwrap(), "vm_entry");
assert!(config_map.get(&RKP_VM_MARKER_KEY).unwrap().is_null());
}
diff --git a/libs/framework-virtualization/src/android/system/virtualmachine/VirtualMachine.java b/libs/framework-virtualization/src/android/system/virtualmachine/VirtualMachine.java
index 5f634ef..af313a1 100644
--- a/libs/framework-virtualization/src/android/system/virtualmachine/VirtualMachine.java
+++ b/libs/framework-virtualization/src/android/system/virtualmachine/VirtualMachine.java
@@ -276,28 +276,16 @@
@Override
public void onTrimMemory(int level) {
- int percent;
+ /* Treat level < TRIM_MEMORY_UI_HIDDEN as generic low-memory warnings */
+ int percent = 10;
- switch (level) {
- case ComponentCallbacks2.TRIM_MEMORY_RUNNING_CRITICAL:
- percent = 50;
- break;
- case ComponentCallbacks2.TRIM_MEMORY_RUNNING_LOW:
- percent = 30;
- break;
- case ComponentCallbacks2.TRIM_MEMORY_RUNNING_MODERATE:
- percent = 10;
- break;
- case ComponentCallbacks2.TRIM_MEMORY_BACKGROUND:
- case ComponentCallbacks2.TRIM_MEMORY_MODERATE:
- case ComponentCallbacks2.TRIM_MEMORY_COMPLETE:
- /* Release as much memory as we can. The app is on the LMKD LRU kill list. */
- percent = 50;
- break;
- default:
- /* Treat unrecognised messages as generic low-memory warnings. */
- percent = 30;
- break;
+ if (level >= ComponentCallbacks2.TRIM_MEMORY_UI_HIDDEN) {
+ percent = 30;
+ }
+
+ if (level >= ComponentCallbacks2.TRIM_MEMORY_BACKGROUND) {
+ /* Release as much memory as we can. The app is on the LMKD LRU kill list. */
+ percent = 50;
}
synchronized (mLock) {
diff --git a/libs/service-compos/java/com/android/server/compos/IsolatedCompilationJobService.java b/libs/service-compos/java/com/android/server/compos/IsolatedCompilationJobService.java
index adc0300..3033991 100644
--- a/libs/service-compos/java/com/android/server/compos/IsolatedCompilationJobService.java
+++ b/libs/service-compos/java/com/android/server/compos/IsolatedCompilationJobService.java
@@ -174,7 +174,7 @@
}
try {
- ICompilationTask composTask = composd.startStagedApexCompile(this);
+ ICompilationTask composTask = composd.startStagedApexCompile(this, "microdroid");
mMetrics.onCompilationStarted();
mTask.set(composTask);
composTask.asBinder().linkToDeath(this, 0);
diff --git a/tests/benchmark_hostside/java/android/avf/test/AVFHostTestCase.java b/tests/benchmark_hostside/java/android/avf/test/AVFHostTestCase.java
index e2956f2..003c3f0 100644
--- a/tests/benchmark_hostside/java/android/avf/test/AVFHostTestCase.java
+++ b/tests/benchmark_hostside/java/android/avf/test/AVFHostTestCase.java
@@ -19,6 +19,7 @@
import static com.android.tradefed.device.TestDevice.MicrodroidBuilder;
import static com.android.tradefed.testtype.DeviceJUnit4ClassRunner.TestMetrics;
+import static com.google.common.truth.Truth.assertThat;
import static com.google.common.truth.Truth.assertWithMessage;
import static com.google.common.truth.TruthJUnit.assume;
@@ -113,16 +114,78 @@
@Test
public void testBootWithCompOS() throws Exception {
- composTestHelper(true);
+ composTestHelper(true, "microdroid");
+ }
+
+ @Test
+ public void testBootWithCompOS_os_android15_66() throws Exception {
+ composTestHelper(true, "android15_66");
+ }
+
+ @Test
+ public void testBootWithCompOS_os_microdroid_16k() throws Exception {
+ composTestHelper(true, "microdroid_16k");
}
@Test
public void testBootWithoutCompOS() throws Exception {
- composTestHelper(false);
+ composTestHelper(false, null);
}
@Test
public void testNoLongHypSections() throws Exception {
+ noLongHypSectionsHelper("microdroid");
+ }
+
+ @Test
+ public void testNoLongHypSections_os_android15_66() throws Exception {
+ noLongHypSectionsHelper("android15_66");
+ }
+
+ @Test
+ public void testNoLongHypSections_os_microdroid_16k() throws Exception {
+ noLongHypSectionsHelper("microdroid_16k");
+ }
+
+ @Test
+ public void testPsciMemProtect() throws Exception {
+ psciMemProtectHelper("microdroid");
+ }
+
+ @Test
+ public void testPsciMemProtect_os_android15_66() throws Exception {
+ psciMemProtectHelper("android15_66");
+ }
+
+ @Test
+ public void testPsciMemProtect_os_microdroid_16k() throws Exception {
+ psciMemProtectHelper("microdroid_16k");
+ }
+
+ @Test
+ public void testCameraAppStartupTime() throws Exception {
+ String[] launchIntentPackages = {
+ "com.android.camera2",
+ "com.google.android.GoogleCamera/com.android.camera.CameraLauncher"
+ };
+ String launchIntentPackage = findSupportedPackage(launchIntentPackages);
+ assume().withMessage("No supported camera package").that(launchIntentPackage).isNotNull();
+ appStartupHelper(launchIntentPackage);
+ }
+
+ @Test
+ public void testSettingsAppStartupTime() throws Exception {
+ String[] launchIntentPackages = {"com.android.settings"};
+ String launchIntentPackage = findSupportedPackage(launchIntentPackages);
+ assume().withMessage("No supported settings package").that(launchIntentPackage).isNotNull();
+ appStartupHelper(launchIntentPackage);
+ }
+
+ private void noLongHypSectionsHelper(String osKey) throws Exception {
+ assumeKernelSupported(osKey);
+ assumeVmTypeSupported(osKey, true);
+ String os = SUPPORTED_OSES.get(osKey);
+
String[] hypEvents = {"hyp_enter", "hyp_exit"};
assumeTrue(
@@ -130,7 +193,7 @@
KvmHypTracer.isSupported(getDevice(), hypEvents));
KvmHypTracer tracer = new KvmHypTracer(getDevice(), hypEvents);
- String result = tracer.run(COMPOSD_CMD_BIN + " test-compile");
+ String result = tracer.run(COMPOSD_CMD_BIN + " test-compile --os " + os);
assertWithMessage("Failed to test compilation VM.")
.that(result)
.ignoringCase()
@@ -141,8 +204,11 @@
CLog.i("Hypervisor traces parsed successfully.");
}
- @Test
- public void testPsciMemProtect() throws Exception {
+ public void psciMemProtectHelper(String osKey) throws Exception {
+ assumeKernelSupported(osKey);
+ assumeVmTypeSupported(osKey, true);
+ String os = SUPPORTED_OSES.get(osKey);
+
String[] hypEvents = {"psci_mem_protect"};
assumeTrue(
@@ -151,7 +217,12 @@
KvmHypTracer tracer = new KvmHypTracer(getDevice(), hypEvents);
/* We need to wait for crosvm to die so all the VM pages are reclaimed */
- String result = tracer.run(COMPOSD_CMD_BIN + " test-compile && killall -w crosvm || true");
+ String result =
+ tracer.run(
+ COMPOSD_CMD_BIN
+ + " test-compile --os "
+ + os
+ + " && killall -w crosvm || true");
assertWithMessage("Failed to test compilation VM.")
.that(result)
.ignoringCase()
@@ -176,25 +247,6 @@
.isGreaterThan(0);
}
- @Test
- public void testCameraAppStartupTime() throws Exception {
- String[] launchIntentPackages = {
- "com.android.camera2",
- "com.google.android.GoogleCamera/com.android.camera.CameraLauncher"
- };
- String launchIntentPackage = findSupportedPackage(launchIntentPackages);
- assume().withMessage("No supported camera package").that(launchIntentPackage).isNotNull();
- appStartupHelper(launchIntentPackage);
- }
-
- @Test
- public void testSettingsAppStartupTime() throws Exception {
- String[] launchIntentPackages = {"com.android.settings"};
- String launchIntentPackage = findSupportedPackage(launchIntentPackages);
- assume().withMessage("No supported settings package").that(launchIntentPackage).isNotNull();
- appStartupHelper(launchIntentPackage);
- }
-
private void appStartupHelper(String launchIntentPackage) throws Exception {
assumeTrue(
"Skip on non-protected VMs",
@@ -471,8 +523,14 @@
throw new IllegalArgumentException("Failed to get boot time info.");
}
- private void composTestHelper(boolean isWithCompos) throws Exception {
+ private void composTestHelper(boolean isWithCompos, String osKey) throws Exception {
assumeFalse("Skip on CF; too slow", isCuttlefish());
+ if (isWithCompos) {
+ assumeKernelSupported(osKey);
+ assumeVmTypeSupported(osKey, true);
+ } else {
+ assertThat(osKey).isNull();
+ }
List<Double> bootDmesgTime = new ArrayList<>(ROUND_COUNT);
@@ -480,7 +538,8 @@
reInstallApex(REINSTALL_APEX_TIMEOUT_SEC);
try {
if (isWithCompos) {
- compileStagedApex(COMPILE_STAGED_APEX_TIMEOUT_SEC);
+ String os = SUPPORTED_OSES.get(osKey);
+ compileStagedApex(COMPILE_STAGED_APEX_TIMEOUT_SEC, os);
}
} finally {
// If compilation fails, we still have a staged APEX, and we need to reboot to
@@ -518,7 +577,7 @@
getDevice().enableAdbRoot();
}
- private void compileStagedApex(int timeoutSec) throws Exception {
+ private void compileStagedApex(int timeoutSec, String os) throws Exception {
long timeStart = System.currentTimeMillis();
long timeEnd = timeStart + timeoutSec * 1000L;
@@ -530,7 +589,7 @@
String result =
android.runWithTimeout(
- 3 * 60 * 1000, COMPOSD_CMD_BIN + " staged-apex-compile");
+ 3 * 60 * 1000, COMPOSD_CMD_BIN + " staged-apex-compile --os " + os);
assertWithMessage("Failed to compile staged APEX. Reason: " + result)
.that(result)
.ignoringCase()
diff --git a/tests/hostside/helper/java/com/android/microdroid/test/host/MicrodroidHostTestCaseBase.java b/tests/hostside/helper/java/com/android/microdroid/test/host/MicrodroidHostTestCaseBase.java
index ad37dda..fcef19a 100644
--- a/tests/hostside/helper/java/com/android/microdroid/test/host/MicrodroidHostTestCaseBase.java
+++ b/tests/hostside/helper/java/com/android/microdroid/test/host/MicrodroidHostTestCaseBase.java
@@ -18,6 +18,7 @@
import static com.android.tradefed.testtype.DeviceJUnit4ClassRunner.TestLogData;
+import static com.google.common.truth.Truth.assertThat;
import static com.google.common.truth.Truth.assertWithMessage;
import static org.junit.Assume.assumeFalse;
@@ -267,4 +268,27 @@
protected boolean isPkvmHypervisor() throws DeviceNotAvailableException {
return "kvm.arm-protected".equals(getDevice().getProperty("ro.boot.hypervisor.version"));
}
+
+ protected TestDevice getAndroidDevice() {
+ TestDevice androidDevice = (TestDevice) getDevice();
+ assertThat(androidDevice).isNotNull();
+ return androidDevice;
+ }
+
+ protected void assumeKernelSupported(String osKey) throws Exception {
+ String os = SUPPORTED_OSES.get(osKey);
+ assumeTrue(
+ "Skipping test as OS \"" + os + "\" is not supported",
+ getSupportedOSList().contains(os));
+ }
+
+ protected void assumeVmTypeSupported(String os, boolean protectedVm) throws Exception {
+ // TODO(b/376870129): remove this check
+ if (protectedVm) {
+ assumeFalse("pVMs with 16k kernel are not supported yet :(", os.endsWith("_16k"));
+ }
+ assumeTrue(
+ "Microdroid is not supported for specific VM protection type",
+ getAndroidDevice().supportsMicrodroid(protectedVm));
+ }
}
diff --git a/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java b/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java
index 7864f3f..59a57f1 100644
--- a/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java
+++ b/tests/hostside/java/com/android/microdroid/test/MicrodroidHostTests.java
@@ -1474,12 +1474,6 @@
}
}
- private TestDevice getAndroidDevice() {
- TestDevice androidDevice = (TestDevice) getDevice();
- assertThat(androidDevice).isNotNull();
- return androidDevice;
- }
-
// The TradeFed Dockerfile sets LD_LIBRARY_PATH to a directory with an older libc++.so, which
// breaks binaries that are linked against a newer libc++.so. Binaries commonly use DT_RUNPATH
// to find an adjacent libc++.so (e.g. `$ORIGIN/../lib64`), but LD_LIBRARY_PATH overrides
@@ -1490,23 +1484,6 @@
return runUtil;
}
- private void assumeKernelSupported(String osKey) throws Exception {
- String os = SUPPORTED_OSES.get(osKey);
- assumeTrue(
- "Skipping test as OS \"" + os + "\" is not supported",
- getSupportedOSList().contains(os));
- }
-
- private void assumeVmTypeSupported(String os, boolean protectedVm) throws Exception {
- // TODO(b/376870129): remove this check
- if (protectedVm) {
- assumeFalse("pVMs with 16k kernel are not supported yet :(", os.endsWith("_16k"));
- }
- assumeTrue(
- "Microdroid is not supported for specific VM protection type",
- getAndroidDevice().supportsMicrodroid(protectedVm));
- }
-
private void assumeArm64Supported() throws Exception {
CommandRunner android = new CommandRunner(getDevice());
String abi = android.run("getprop", "ro.product.cpu.abi");