1 /* 2 * Copyright 2021 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package com.android.microdroid.testservice; 17 18 import com.android.microdroid.testservice.IAppCallback; 19 20 /** 21 * This is the service exposed by the test payload, called by the test app. 22 * {@hide} 23 */ 24 interface ITestService { 25 const long PORT = 5678; 26 27 const long ECHO_REVERSE_PORT = 0x80000001L; // Deliberately chosen to be > 2^31, < 2^32 28 29 /* add two integers. */ addInteger(int a, int b)30 int addInteger(int a, int b); 31 32 /* read a system property. */ readProperty(String prop)33 String readProperty(String prop); 34 35 /* get a VM instance secret, this is _only_ done for testing. */ insecurelyExposeVmInstanceSecret()36 byte[] insecurelyExposeVmInstanceSecret(); 37 38 /* get the VM's attestation secret, this is _only_ done for testing. */ insecurelyExposeAttestationCdi()39 byte[] insecurelyExposeAttestationCdi(); 40 41 /* get the VM's boot certificate chain (BCC). */ getBcc()42 byte[] getBcc(); 43 44 /* get the APK contents path. */ getApkContentsPath()45 String getApkContentsPath(); 46 47 /* get the encrypted storage path. */ getEncryptedStoragePath()48 String getEncryptedStoragePath(); 49 50 /* get the size of the encrypted storage in bytes. */ getEncryptedStorageSize()51 long getEncryptedStorageSize(); 52 53 /* start a simple vsock server on ECHO_REVERSE_PORT that reads a line at a time and echoes 54 * each line reverse. 55 */ runEchoReverseServer()56 void runEchoReverseServer(); 57 58 /** Returns a mask of effective capabilities that the process running the payload binary has. */ getEffectiveCapabilities()59 String[] getEffectiveCapabilities(); 60 61 /* Return the uid of the process running the binary. */ getUid()62 int getUid(); 63 64 /* write the content into the specified file. */ writeToFile(String content, String path)65 void writeToFile(String content, String path); 66 67 /* get the content of the specified file. */ readFromFile(String path)68 String readFromFile(String path); 69 70 /* get file permissions of the give file by stat'ing it */ getFilePermissions(String path)71 int getFilePermissions(String path); 72 73 /** Returns flags for the given mountPoint. */ getMountFlags(String mountPoint)74 int getMountFlags(String mountPoint); 75 76 /** Returns page size of the VM. */ getPageSize()77 int getPageSize(); 78 79 /** Requests the VM to asynchronously call appCallback.setVmCallback() */ requestCallback(IAppCallback appCallback)80 void requestCallback(IAppCallback appCallback); 81 82 /** Read a line from /dev/console */ readLineFromConsole()83 String readLineFromConsole(); 84 85 /** 86 * Read payload's rollback protected data. The `AVmAccessRollbackProtectedSecretStatus` is 87 * wrapped as service_specific error in case of failure. This is _only_ used for testing. 88 */ insecurelyReadPayloadRpData()89 byte[32] insecurelyReadPayloadRpData(); 90 91 /** 92 * Request VM to write payload's rollback protected data. The 93 * `AVmAccessRollbackProtectedSecretStatus` is wrapped as service_specific error in case of 94 * failure. This is _only_ used for testing. 95 */ insecurelyWritePayloadRpData(in byte[32] data)96 void insecurelyWritePayloadRpData(in byte[32] data); 97 98 /** 99 * Request the service to exit, triggering the termination of the VM. This may cause any 100 * requests in flight to fail. 101 */ quit()102 oneway void quit(); 103 104 /** 105 * Checks whether the VM instance is new - i.e., if this is the first run of an instance. 106 * 107 * @return true on the first boot of the instance & false on subsequent boot. 108 */ isNewInstance()109 boolean isNewInstance(); 110 111 /** 112 * Checks that libicu is accessible to the payload that has com.android.i18n APEX mounted. 113 */ checkLibIcuIsAccessible()114 void checkLibIcuIsAccessible(); 115 } 116