1package { 2 default_applicable_licenses: ["Android-Apache-2.0"], 3} 4 5microdroid_filesystem_images = [ 6 "microdroid_super", 7 "microdroid_vbmeta", 8] 9 10soong_config_module_type { 11 name: "virt_apex", 12 module_type: "apex", 13 config_namespace: "ANDROID", 14 bool_variables: [ 15 "avf_enabled", 16 ], 17 properties: [ 18 "defaults", 19 ], 20} 21 22virt_apex { 23 name: "com.android.virt", 24 soong_config_variables: { 25 avf_enabled: { 26 defaults: ["com.android.virt_avf_enabled"], 27 conditions_default: { 28 defaults: ["com.android.virt_avf_disabled"], 29 }, 30 }, 31 }, 32} 33 34apex_defaults { 35 name: "com.android.virt_common", 36 // TODO(jiyong): make it updatable 37 updatable: false, 38 future_updatable: false, 39 platform_apis: true, 40 41 manifest: "manifest.json", 42 43 key: "com.android.virt.key", 44 certificate: ":com.android.virt.certificate", 45 46 apps: [ 47 "android.system.virtualmachine.res", 48 ], 49 50 file_contexts: ":com.android.virt-file_contexts", 51 52 bootclasspath_fragments: [ 53 "com.android.virt-bootclasspath-fragment", 54 ], 55 jni_libs: [ 56 "libvirtualizationservice_jni", 57 "libvirtualmachine_jni", 58 ], 59 native_shared_libs: ["libavf"], 60 // TODO(b/295593640) Unfortunately these are added to the apex even though they are unused. 61 // Once the build system is fixed, remove this. 62 unwanted_transitive_deps: [ 63 "libsso", 64 "libutils", 65 ], 66 67 systemserverclasspath_fragments: select(release_flag("RELEASE_AVF_ENABLE_LLPVM_CHANGES"), { 68 true: ["com.android.virt-systemserver-fragment"], 69 default: [], 70 }), 71 72 canned_fs_config: "canned_fs_config", 73} 74 75vintf_fragment { 76 name: "virtualizationservice.xml", 77 src: "virtualizationservice.xml", 78} 79 80apex_defaults { 81 name: "com.android.virt_avf_enabled", 82 83 defaults: ["com.android.virt_common"], 84 85 custom_sign_tool: "sign_virt_apex", 86 87 // crosvm and virtualizationservice are only enabled for 64-bit targets on device 88 arch: { 89 arm64: { 90 binaries: [ 91 "crosvm", 92 "virtmgr", 93 "virtualizationservice", 94 ] + select(release_flag("RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT"), { 95 true: ["vfio_handler"], 96 default: [], 97 }) + select(release_flag("RELEASE_AVF_ENABLE_NETWORK"), { 98 true: ["vmnic"], 99 default: [], 100 }) + select(release_flag("RELEASE_AVF_ENABLE_EARLY_VM"), { 101 true: ["early_virtmgr"], 102 default: [], 103 }), 104 filesystems: microdroid_filesystem_images, 105 prebuilts: [ 106 "rialto_bin", 107 "android_bootloader_crosvm_aarch64", 108 ], 109 }, 110 x86_64: { 111 binaries: [ 112 "crosvm", 113 "virtmgr", 114 "virtualizationservice", 115 ] + select(release_flag("RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT"), { 116 true: ["vfio_handler"], 117 default: [], 118 }) + select(release_flag("RELEASE_AVF_ENABLE_NETWORK"), { 119 true: ["vmnic"], 120 default: [], 121 }) + select(release_flag("RELEASE_AVF_ENABLE_EARLY_VM"), { 122 true: ["early_virtmgr"], 123 default: [], 124 }), 125 filesystems: microdroid_filesystem_images, 126 prebuilts: [ 127 "android_bootloader_crosvm_x86_64", 128 ], 129 }, 130 }, 131 binaries: [ 132 "fd_server", 133 "vm", 134 ], 135 prebuilts: [ 136 "microdroid_initrd_debuggable", 137 "microdroid_initrd_normal", 138 "microdroid.json", 139 "microdroid_kernel", 140 "com.android.virt.init.rc", 141 ] + select(soong_config_variable("ANDROID", "avf_microdroid_guest_gki_version"), { 142 "android15_66": [ 143 "microdroid_gki-android15-6.6_initrd_debuggable", 144 "microdroid_gki-android15-6.6_initrd_normal", 145 "microdroid_gki-android15-6.6_kernel", 146 "microdroid_gki-android15-6.6.json", 147 ], 148 "android16_612": [ 149 "microdroid_gki-android16-6.12_initrd_debuggable", 150 "microdroid_gki-android16-6.12_initrd_normal", 151 "microdroid_gki-android16-6.12_kernel", 152 "microdroid_gki-android16-6.12.json", 153 ], 154 // Internal option used by pkvm team while developing new features. 155 // Should not be used on production kernels. 156 "pkvm_experimental": [ 157 "microdroid_gki-pkvm_experimental_initrd_debuggable", 158 "microdroid_gki-pkvm_experimental_initrd_normal", 159 "microdroid_gki-pkvm_experimental_kernel", 160 "microdroid_gki-pkvm_experimental.json", 161 ], 162 default: [], 163 }) + select(release_flag("RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT"), { 164 true: ["com.android.virt.vfio_handler.rc"], 165 default: [], 166 }) + select(release_flag("RELEASE_AVF_ENABLE_NETWORK"), { 167 true: ["com.android.virt.vmnic.rc"], 168 default: [], 169 }) + select(soong_config_variable("ANDROID", "target_boots_16k"), { 170 true: [ 171 "microdroid_16k_initrd_debuggable", 172 "microdroid_16k_initrd_normal", 173 "microdroid_kernel_16k", 174 "microdroid_16k.json", 175 ], 176 default: [], 177 }), 178 host_required: [ 179 "vm_shell", 180 ], 181 apps: [ 182 "EmptyPayloadApp", 183 ] + select(release_flag("RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES"), { 184 true: [ 185 "VmTerminalApp", 186 ], 187 default: [], 188 }), 189 androidManifest: select(release_flag("RELEASE_AVF_ENABLE_LLPVM_CHANGES"), { 190 true: "AndroidManifest.xml", 191 default: unset, 192 }), 193 vintf_fragment_modules: select(soong_config_variable("ANDROID", "avf_remote_attestation_enabled"), { 194 "true": ["virtualizationservice.xml"], 195 default: unset, 196 }), 197} 198 199apex_defaults { 200 name: "com.android.virt_avf_disabled", 201 202 defaults: ["com.android.virt_common"], 203} 204 205apex_key { 206 name: "com.android.virt.key", 207 public_key: "com.android.virt.avbpubkey", 208 private_key: "com.android.virt.pem", 209} 210 211android_app_certificate { 212 name: "com.android.virt.certificate", 213 certificate: "com.android.virt", 214} 215 216genrule { 217 name: "virtualizationservice_rc_combined", 218 srcs: [ 219 "virtualizationservice.rc.base", 220 ] + select(release_flag("RELEASE_AVF_ENABLE_LLPVM_CHANGES"), { 221 true: ["virtualizationservice.rc.llpvm"], 222 default: [], 223 }) + select(soong_config_variable("ANDROID", "avf_remote_attestation_enabled"), { 224 "true": ["virtualizationservice.rc.ra"], 225 default: [], 226 }), 227 out: ["virtualizationservice.rc"], 228 cmd: "cat $(in) > $(out)", 229} 230 231prebuilt_etc { 232 name: "com.android.virt.init.rc", 233 src: ":virtualizationservice_rc_combined", 234 filename: "virtualizationservice.rc", 235 no_full_install: true, 236} 237 238prebuilt_etc { 239 name: "com.android.virt.vfio_handler.rc", 240 src: "vfio_handler.rc", 241 filename: "vfio_handler.rc", 242 no_full_install: true, 243} 244 245prebuilt_etc { 246 name: "com.android.virt.vmnic.rc", 247 src: "vmnic.rc", 248 filename: "vmnic.rc", 249 no_full_install: true, 250} 251 252// Virt apex needs a custom signer for its payload 253python_binary_host { 254 name: "sign_virt_apex", 255 srcs: [ 256 "sign_virt_apex.py", 257 ], 258 required: [ 259 // sign_virt_apex should be runnable from outside the source tree, 260 // therefore, any required tool should be listed in build/make/core/Makefile as well. 261 "img2simg", 262 "initrd_bootconfig", 263 "lpmake", 264 "lpunpack", 265 "lz4", 266 "simg2img", 267 ], 268} 269 270sh_test_host { 271 name: "sign_virt_apex_test", 272 src: "sign_virt_apex_test.sh", 273 test_config: "sign_virt_apex_test.xml", 274 data_bins: [ 275 // deapexer 276 "deapexer", 277 "debugfs_static", 278 "fsck.erofs", 279 280 // sign_virt_apex 281 "avbtool", 282 "img2simg", 283 "initrd_bootconfig", 284 "lpmake", 285 "lpunpack", 286 "lz4", 287 "sign_virt_apex", 288 "simg2img", 289 ], 290 data_libs: [ 291 "libbase", 292 "libc++", 293 "libcrypto_utils", 294 "libcrypto", 295 "libext4_utils", 296 "liblog", 297 "liblp", 298 "libsparse", 299 "libz", 300 ], 301 data: [ 302 ":test.com.android.virt.pem", 303 ], 304 device_common_data: [ 305 ":com.android.virt", 306 ], 307 test_suites: ["general-tests"], 308} 309 310filegroup { 311 name: "test.com.android.virt.pem", 312 srcs: ["test.com.android.virt.pem"], 313} 314 315filegroup { 316 name: "test2.com.android.virt.pem", 317 srcs: ["test2.com.android.virt.pem"], 318} 319 320// custom tool to replace bytes in a file 321python_binary_host { 322 name: "replace_bytes", 323 srcs: [ 324 "replace_bytes.py", 325 ], 326} 327 328// Encapsulate the contributions made by the com.android.virt to the bootclasspath. 329bootclasspath_fragment { 330 name: "com.android.virt-bootclasspath-fragment", 331 contents: ["framework-virtualization"], 332 apex_available: ["com.android.virt"], 333 334 // The bootclasspath_fragments that provide APIs on which this depends. 335 fragments: [ 336 { 337 apex: "com.android.art", 338 module: "art-bootclasspath-fragment", 339 }, 340 ], 341 342 // Additional stubs libraries that this fragment's contents use which are 343 // not provided by another bootclasspath_fragment. 344 additional_stubs: [ 345 "android-non-updatable", 346 ], 347 348 hidden_api: { 349 350 // This module does not contain any split packages. 351 split_packages: [], 352 353 // The following packages and all their subpackages currently only 354 // contain classes from this bootclasspath_fragment. Listing a package 355 // here won't prevent other bootclasspath modules from adding classes in 356 // any of those packages but it will prevent them from adding those 357 // classes into an API surface, e.g. public, system, etc.. Doing so will 358 // result in a build failure due to inconsistent flags. 359 package_prefixes: [ 360 "android.system.virtualmachine", 361 "android.system.virtualizationservice", 362 // android.sysprop.*, renamed by jarjar 363 "com.android.system.virtualmachine.sysprop", 364 ], 365 }, 366} 367 368systemserverclasspath_fragment { 369 name: "com.android.virt-systemserver-fragment", 370 contents: [ 371 "service-virtualization", 372 ], 373 apex_available: ["com.android.virt"], 374 enabled: select(release_flag("RELEASE_AVF_ENABLE_LLPVM_CHANGES"), { 375 true: true, 376 default: false, 377 }), 378} 379