1 /*
2 * Copyright (C) 2020 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <android/sysprop/HypervisorProperties.sysprop.h>
18 #include <linux/kvm.h>
19 #include <sys/ioctl.h>
20 #include <sys/socket.h>
21 #include <unistd.h>
22
23 // Needs to be included after sys/socket.h
24 #include <linux/vm_sockets.h>
25
26 #include <algorithm>
27 #include <array>
28 #include <iostream>
29 #include <optional>
30
31 #include "android-base/file.h"
32 #include "android-base/logging.h"
33 #include "android-base/parseint.h"
34 #include "android-base/unique_fd.h"
35 #include "android/system/virtualizationservice/VirtualMachineConfig.h"
36 #include "android/system/virtualizationservice/VirtualMachineRawConfig.h"
37 #include "virt/VirtualizationTest.h"
38
39 #define KVM_CAP_ARM_PROTECTED_VM 0xffbadab1
40
41 using namespace android::base;
42 using namespace android::os;
43
44 namespace virt {
45
46 static constexpr int kGuestPort = 45678;
47 static constexpr const char kVmKernelPath[] = "/data/local/tmp/virt-test/kernel";
48 static constexpr const char kVmInitrdPath[] = "/data/local/tmp/virt-test/initramfs";
49 static constexpr const char kVmParams[] = "rdinit=/bin/init bin/vsock_client 2 45678 HelloWorld";
50 static constexpr const char kTestMessage[] = "HelloWorld";
51 static constexpr const char kPlatformVersion[] = "~1.0";
52
53 /** Returns true if the kernel supports unprotected VMs. */
isUnprotectedVmSupported()54 bool isUnprotectedVmSupported() {
55 return android::sysprop::HypervisorProperties::hypervisor_vm_supported().value_or(false);
56 }
57
TEST_F(VirtualizationTest,TestVsock)58 TEST_F(VirtualizationTest, TestVsock) {
59 if (!isUnprotectedVmSupported()) {
60 GTEST_SKIP() << "Skipping as unprotected VMs are not supported on this device.";
61 }
62
63 binder::Status status;
64
65 unique_fd server_fd(TEMP_FAILURE_RETRY(socket(AF_VSOCK, SOCK_STREAM, 0)));
66 ASSERT_GE(server_fd, 0) << strerror(errno);
67
68 struct sockaddr_vm server_sa = (struct sockaddr_vm){
69 .svm_family = AF_VSOCK,
70 .svm_port = kGuestPort,
71 .svm_cid = VMADDR_CID_ANY,
72 };
73
74 int ret = TEMP_FAILURE_RETRY(bind(server_fd, (struct sockaddr *)&server_sa, sizeof(server_sa)));
75 ASSERT_EQ(ret, 0) << strerror(errno);
76
77 LOG(INFO) << "Listening on port " << kGuestPort << "...";
78 ret = TEMP_FAILURE_RETRY(listen(server_fd, 1));
79 ASSERT_EQ(ret, 0) << strerror(errno);
80
81 VirtualMachineRawConfig raw_config;
82 raw_config.kernel = ParcelFileDescriptor(unique_fd(open(kVmKernelPath, O_RDONLY | O_CLOEXEC)));
83 raw_config.initrd = ParcelFileDescriptor(unique_fd(open(kVmInitrdPath, O_RDONLY | O_CLOEXEC)));
84 raw_config.params = kVmParams;
85 raw_config.protectedVm = false;
86 raw_config.platformVersion = kPlatformVersion;
87
88 VirtualMachineConfig config(std::move(raw_config));
89 sp<IVirtualMachine> vm;
90 status = mVirtualizationService->createVm(config, std::nullopt, std::nullopt, &vm);
91 ASSERT_TRUE(status.isOk()) << "Error creating VM: " << status;
92
93 int32_t cid;
94 status = vm->getCid(&cid);
95 ASSERT_TRUE(status.isOk()) << "Error getting CID: " << status;
96 LOG(INFO) << "VM starting with CID " << cid;
97
98 status = vm->start();
99 ASSERT_TRUE(status.isOk()) << "Error starting VM: " << status;
100
101 LOG(INFO) << "Accepting connection...";
102 struct sockaddr_vm client_sa;
103 socklen_t client_sa_len = sizeof(client_sa);
104 unique_fd client_fd(
105 TEMP_FAILURE_RETRY(accept(server_fd, (struct sockaddr *)&client_sa, &client_sa_len)));
106 ASSERT_GE(client_fd, 0) << strerror(errno);
107 LOG(INFO) << "Connection from CID " << client_sa.svm_cid << " on port " << client_sa.svm_port;
108
109 LOG(INFO) << "Reading message from the client...";
110 std::string msg;
111 ASSERT_TRUE(ReadFdToString(client_fd, &msg));
112
113 LOG(INFO) << "Received message: " << msg;
114 ASSERT_EQ(msg, kTestMessage);
115 }
116
TEST_F(VirtualizationTest,RejectIncompatiblePlatformVersion)117 TEST_F(VirtualizationTest, RejectIncompatiblePlatformVersion) {
118 VirtualMachineRawConfig raw_config;
119 raw_config.kernel = ParcelFileDescriptor(unique_fd(open(kVmKernelPath, O_RDONLY | O_CLOEXEC)));
120 raw_config.initrd = ParcelFileDescriptor(unique_fd(open(kVmInitrdPath, O_RDONLY | O_CLOEXEC)));
121 raw_config.params = kVmParams;
122 raw_config.platformVersion = "~2.0"; // The current platform version is 1.0.0.
123
124 VirtualMachineConfig config(std::move(raw_config));
125 sp<IVirtualMachine> vm;
126 auto status = mVirtualizationService->createVm(config, std::nullopt, std::nullopt, &vm);
127 ASSERT_FALSE(status.isOk());
128 }
129
130 } // namespace virt
131