Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 1f53070aab1503805cf74a88bc769cc271af0113 / . / virtualizationservice / src / main.rs
blob: 9272e650b9090c1b01c8da2eae7957ee1530339f [file] [log] [blame]
Andrew Walbranb12a43e2020-11-10 14:22:42 +0000[diff] [blame]1// Copyright 2021, The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
Andrew Walbranf6bf6862021-05-21 12:41:13 +0000[diff] [blame]15//! Android VirtualizationService
Andrew Walbranb12a43e2020-11-10 14:22:42 +0000[diff] [blame]16
Andrew Walbrand6dce6f2021-03-05 16:39:08 +0000[diff] [blame]17mod aidl;
Seungjae Yoo0a8c84c2022-07-11 08:19:15 +0000[diff] [blame]18mod atom;
Andrew Walbranf5fbb7d2021-05-12 17:15:48 +0000[diff] [blame]19mod composite;
Andrew Walbrand6dce6f2021-03-05 16:39:08 +0000[diff] [blame]20mod crosvm;
Jooyung Han21e9b922021-06-26 04:14:16 +0900[diff] [blame]21mod payload;
Jiyong Park029977d2021-11-24 21:56:49 +0900[diff] [blame]22mod selinux;
Andrew Walbrand6dce6f2021-03-05 16:39:08 +0000[diff] [blame]23
David Brazdil1f530702022-10-03 12:18:10 +0100[diff] [blame^]24use crate::aidl::{VirtualizationService, TEMPORARY_DIRECTORY};
Jiyong Park6c60fea2022-10-24 16:10:01 +0900[diff] [blame]25use android_logger::{Config, FilterBuilder};
Andrew Walbranf6bf6862021-05-21 12:41:13 +0000[diff] [blame]26use android_system_virtualizationservice::aidl::android::system::virtualizationservice::IVirtualizationService::BnVirtualizationService;
David Brazdil533e3432022-10-28 14:06:49 +0100[diff] [blame]27use anyhow::{bail, Context, Error};
David Brazdil1f530702022-10-03 12:18:10 +0100[diff] [blame^]28use binder::{register_lazy_service, BinderFeatures, ProcessState, ThreadState};
Andrew Walbranbf1fb042021-03-15 16:54:09 +0000[diff] [blame]29use log::{info, Level};
Andrew Walbran488bd072021-07-14 13:29:51 +0000[diff] [blame]30use std::fs::{remove_dir_all, remove_file, read_dir};
David Brazdil1f530702022-10-03 12:18:10 +0100[diff] [blame^]31use std::os::unix::raw::{pid_t, uid_t};
Andrew Walbranb12a43e2020-11-10 14:22:42 +0000[diff] [blame]32
Andrew Walbranf6bf6862021-05-21 12:41:13 +0000[diff] [blame]33const LOG_TAG: &str = "VirtualizationService";
Andrew Walbranbf1fb042021-03-15 16:54:09 +0000[diff] [blame]34
David Brazdil1f530702022-10-03 12:18:10 +0100[diff] [blame^]35const BINDER_SERVICE_IDENTIFIER: &str = "android.system.virtualizationservice";
36
37fn get_calling_pid() -> pid_t {
38 ThreadState::get_calling_pid()
39}
40
41fn get_calling_uid() -> uid_t {
42 ThreadState::get_calling_uid()
43}
44
Andrew Walbranb12a43e2020-11-10 14:22:42 +0000[diff] [blame]45fn main() {
Andrew Walbran0909bc52021-03-17 12:11:56 +0000[diff] [blame]46 android_logger::init_once(
Jiyong Park6c60fea2022-10-24 16:10:01 +0900[diff] [blame]47 Config::default()
Alan Stokes9c069a42022-02-25 16:10:23 +0000[diff] [blame]48 .with_tag(LOG_TAG)
49 .with_min_level(Level::Info)
Jiyong Park6c60fea2022-10-24 16:10:01 +0900[diff] [blame]50 .with_log_id(android_logger::LogId::System)
51 .with_filter(
52 // Reduce logspam by silencing logs from the disk crate which don't provide much
53 // information to us.
54 FilterBuilder::new().parse("info,disk=off").build(),
55 ),
Andrew Walbran0909bc52021-03-17 12:11:56 +0000[diff] [blame]56 );
Andrew Walbranbf1fb042021-03-15 16:54:09 +0000[diff] [blame]57
David Brazdil533e3432022-10-28 14:06:49 +0100[diff] [blame]58 remove_memlock_rlimit().expect("Failed to remove memlock rlimit");
Andrew Walbran488bd072021-07-14 13:29:51 +0000[diff] [blame]59 clear_temporary_files().expect("Failed to delete old temporary files");
60
Jiyong Park8611a6c2021-07-09 18:17:44 +0900[diff] [blame]61 let service = VirtualizationService::init();
David Brazdil2d967202022-10-05 13:01:03 +0100[diff] [blame]62 let service = BnVirtualizationService::new_binder(service, BinderFeatures::default());
Alan Stokes7e54e292021-09-09 11:37:56 +0100[diff] [blame]63 register_lazy_service(BINDER_SERVICE_IDENTIFIER, service.as_binder()).unwrap();
Andrew Walbranb12a43e2020-11-10 14:22:42 +0000[diff] [blame]64 info!("Registered Binder service, joining threadpool.");
Andrew Walbrand6dce6f2021-03-05 16:39:08 +0000[diff] [blame]65 ProcessState::join_thread_pool();
Andrew Walbranb12a43e2020-11-10 14:22:42 +0000[diff] [blame]66}
Andrew Walbran488bd072021-07-14 13:29:51 +0000[diff] [blame]67
David Brazdil533e3432022-10-28 14:06:49 +0100[diff] [blame]68/// Set this PID's RLIMIT_MEMLOCK to RLIM_INFINITY to allow crosvm (a child process) to mlock()
69/// arbitrary amounts of memory. This is necessary for spawning protected VMs.
70fn remove_memlock_rlimit() -> Result<(), Error> {
71 let lim = libc::rlimit { rlim_cur: libc::RLIM_INFINITY, rlim_max: libc::RLIM_INFINITY };
72 // SAFETY - borrowing the new limit struct only
73 match unsafe { libc::setrlimit(libc::RLIMIT_MEMLOCK, &lim) } {
74 0 => Ok(()),
75 -1 => Err(std::io::Error::last_os_error()).context("setrlimit failed"),
76 n => bail!("Unexpected return value from setrlimit(): {}", n),
77 }
78}
79
Andrew Walbran488bd072021-07-14 13:29:51 +0000[diff] [blame]80/// Remove any files under `TEMPORARY_DIRECTORY`.
81fn clear_temporary_files() -> Result<(), Error> {
82 for dir_entry in read_dir(TEMPORARY_DIRECTORY)? {
83 let dir_entry = dir_entry?;
84 let path = dir_entry.path();
85 if dir_entry.file_type()?.is_dir() {
86 remove_dir_all(path)?;
87 } else {
88 remove_file(path)?;
89 }
90 }
91 Ok(())
92}