Only allow debuggable Microdroid VMs to mount /vendor
Until the verification of the /vendor partition we restrict the usage of
the feature to only debuggable VMs. If a non-debuggable Microdroid VM
is requested to mount /vendor, first_stage_init will crash and the VM
won't boot.
Bug: 285855436
Test: vm run-microdroid --debug none --vendor test_vendor.img
Change-Id: I9d44ad5c1d971bac1a9173c291ce61b628f2f8e9
diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
index e871da2..7fabbac 100644
--- a/init/first_stage_init.cpp
+++ b/init/first_stage_init.cpp
@@ -357,6 +357,18 @@
LOG(INFO) << "init first stage started!";
+ // We only allow /vendor partition in debuggable Microdrod until it is verified during boot.
+ // TODO(b/285855436): remove this check.
+ if (IsMicrodroid()) {
+ bool mount_vendor =
+ cmdline.find("androidboot.microdroid.mount_vendor=1") != std::string::npos;
+ bool debuggable =
+ bootconfig.find("androidboot.microdroid.debuggable = \"1\"") != std::string::npos;
+ if (mount_vendor && !debuggable) {
+ LOG(FATAL) << "Attempted to mount /vendor partition for non-debuggable Microdroid VM";
+ }
+ }
+
auto old_root_dir = std::unique_ptr<DIR, decltype(&closedir)>{opendir("/"), closedir};
if (!old_root_dir) {
PLOG(ERROR) << "Could not opendir(\"/\"), not freeing ramdisk";