blob: c5643ec58cafdbc352983e8028a9d7463ac2cadf [file] [log] [blame]
David Brazdil49f8a4d2021-03-04 09:57:33 +00001/*
2 * Copyright (C) 2020 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Andrew Walbran3e73a092021-06-25 11:32:23 +000017#include <linux/kvm.h>
18#include <sys/ioctl.h>
David Brazdil49f8a4d2021-03-04 09:57:33 +000019#include <sys/socket.h>
20#include <unistd.h>
21
22// Needs to be included after sys/socket.h
23#include <linux/vm_sockets.h>
24
Jiyong Parkdd4720b2021-06-25 13:05:50 +090025#include <algorithm>
26#include <array>
David Brazdil49f8a4d2021-03-04 09:57:33 +000027#include <iostream>
Andrew Walbrana89fc132021-03-17 17:08:36 +000028#include <optional>
David Brazdil49f8a4d2021-03-04 09:57:33 +000029
30#include "android-base/file.h"
31#include "android-base/logging.h"
32#include "android-base/parseint.h"
33#include "android-base/unique_fd.h"
Andrew Walbranf6bf6862021-05-21 12:41:13 +000034#include "android/system/virtualizationservice/VirtualMachineConfig.h"
Jooyung Han21e9b922021-06-26 04:14:16 +090035#include "android/system/virtualizationservice/VirtualMachineRawConfig.h"
David Brazdil49f8a4d2021-03-04 09:57:33 +000036#include "virt/VirtualizationTest.h"
37
Andrew Walbran3e73a092021-06-25 11:32:23 +000038#define KVM_CAP_ARM_PROTECTED_VM 0xffbadab1
39
David Brazdil49f8a4d2021-03-04 09:57:33 +000040using namespace android::base;
Andrew Walbran06b5f5c2021-03-31 12:34:13 +000041using namespace android::os;
David Brazdil49f8a4d2021-03-04 09:57:33 +000042
43namespace virt {
44
45static constexpr int kGuestPort = 45678;
Andrew Walbran3a5a9212021-05-04 17:09:08 +000046static constexpr const char kVmKernelPath[] = "/data/local/tmp/virt-test/kernel";
47static constexpr const char kVmInitrdPath[] = "/data/local/tmp/virt-test/initramfs";
48static constexpr const char kVmParams[] = "rdinit=/bin/init bin/vsock_client 2 45678 HelloWorld";
David Brazdil49f8a4d2021-03-04 09:57:33 +000049static constexpr const char kTestMessage[] = "HelloWorld";
50
Jiyong Parkdd4720b2021-06-25 13:05:50 +090051bool isVmSupported() {
52 const std::array<const char *, 4> needed_files = {
53 "/dev/kvm",
54 "/dev/vhost-vsock",
55 "/apex/com.android.virt/bin/crosvm",
56 "/apex/com.android.virt/bin/virtualizationservice",
57 };
58 return std::all_of(needed_files.begin(), needed_files.end(),
59 [](const char *file) { return access(file, F_OK) == 0; });
60}
61
Andrew Walbran3e73a092021-06-25 11:32:23 +000062/** Returns true if the kernel supports Protected KVM. */
63bool isPkvmSupported() {
64 unique_fd kvm_fd(open("/dev/kvm", O_NONBLOCK | O_CLOEXEC));
65 return kvm_fd != 0 && ioctl(kvm_fd, KVM_CHECK_EXTENSION, KVM_CAP_ARM_PROTECTED_VM) == 1;
66}
Jiyong Parkdd4720b2021-06-25 13:05:50 +090067
Andrew Walbran3e73a092021-06-25 11:32:23 +000068void runTest(sp<IVirtualizationService> virtualization_service, bool protected_vm) {
David Brazdil49f8a4d2021-03-04 09:57:33 +000069 binder::Status status;
70
71 unique_fd server_fd(TEMP_FAILURE_RETRY(socket(AF_VSOCK, SOCK_STREAM, 0)));
72 ASSERT_GE(server_fd, 0) << strerror(errno);
73
74 struct sockaddr_vm server_sa = (struct sockaddr_vm){
75 .svm_family = AF_VSOCK,
76 .svm_port = kGuestPort,
77 .svm_cid = VMADDR_CID_ANY,
78 };
79
80 int ret = TEMP_FAILURE_RETRY(bind(server_fd, (struct sockaddr *)&server_sa, sizeof(server_sa)));
81 ASSERT_EQ(ret, 0) << strerror(errno);
82
83 LOG(INFO) << "Listening on port " << kGuestPort << "...";
84 ret = TEMP_FAILURE_RETRY(listen(server_fd, 1));
85 ASSERT_EQ(ret, 0) << strerror(errno);
86
Jooyung Han21e9b922021-06-26 04:14:16 +090087 VirtualMachineRawConfig raw_config;
88 raw_config.kernel = ParcelFileDescriptor(unique_fd(open(kVmKernelPath, O_RDONLY | O_CLOEXEC)));
89 raw_config.initrd = ParcelFileDescriptor(unique_fd(open(kVmInitrdPath, O_RDONLY | O_CLOEXEC)));
90 raw_config.params = kVmParams;
Andrew Walbrancc045902021-07-27 16:06:17 +000091 raw_config.protectedVm = protected_vm;
Andrew Walbran3a5a9212021-05-04 17:09:08 +000092
Jooyung Han21e9b922021-06-26 04:14:16 +090093 VirtualMachineConfig config(std::move(raw_config));
David Brazdil49f8a4d2021-03-04 09:57:33 +000094 sp<IVirtualMachine> vm;
Andrew Walbran3e73a092021-06-25 11:32:23 +000095 status = virtualization_service->startVm(config, std::nullopt, &vm);
David Brazdil49f8a4d2021-03-04 09:57:33 +000096 ASSERT_TRUE(status.isOk()) << "Error starting VM: " << status;
97
98 int32_t cid;
99 status = vm->getCid(&cid);
100 ASSERT_TRUE(status.isOk()) << "Error getting CID: " << status;
101 LOG(INFO) << "VM starting with CID " << cid;
102
103 LOG(INFO) << "Accepting connection...";
104 struct sockaddr_vm client_sa;
105 socklen_t client_sa_len = sizeof(client_sa);
106 unique_fd client_fd(
107 TEMP_FAILURE_RETRY(accept(server_fd, (struct sockaddr *)&client_sa, &client_sa_len)));
108 ASSERT_GE(client_fd, 0) << strerror(errno);
109 LOG(INFO) << "Connection from CID " << client_sa.svm_cid << " on port " << client_sa.svm_port;
110
111 LOG(INFO) << "Reading message from the client...";
112 std::string msg;
113 ASSERT_TRUE(ReadFdToString(client_fd, &msg));
114
115 LOG(INFO) << "Received message: " << msg;
116 ASSERT_EQ(msg, kTestMessage);
117}
118
Andrew Walbran3e73a092021-06-25 11:32:23 +0000119TEST_F(VirtualizationTest, TestVsock) {
120 if (!isVmSupported()) {
121 GTEST_SKIP() << "Device doesn't support KVM.";
122 }
123
124 runTest(mVirtualizationService, false);
125}
126
127TEST_F(VirtualizationTest, TestVsockProtected) {
128 if (!isVmSupported()) {
129 GTEST_SKIP() << "Device doesn't support KVM.";
130 } else if (!isPkvmSupported()) {
131 GTEST_SKIP() << "Skipping as pKVM is not supported on this device.";
132 }
133
134 runTest(mVirtualizationService, true);
135}
136
David Brazdil49f8a4d2021-03-04 09:57:33 +0000137} // namespace virt