1package { 2 default_applicable_licenses: ["Android-Apache-2.0"], 3} 4 5microdroid_filesystem_images = [ 6 "microdroid_super", 7 "microdroid_vbmeta", 8] 9 10soong_config_module_type { 11 name: "virt_apex", 12 module_type: "apex", 13 config_namespace: "ANDROID", 14 bool_variables: [ 15 "avf_enabled", 16 ], 17 properties: [ 18 "defaults", 19 ], 20} 21 22virt_apex { 23 name: "com.android.virt", 24 soong_config_variables: { 25 avf_enabled: { 26 defaults: ["com.android.virt_avf_enabled"], 27 conditions_default: { 28 defaults: ["com.android.virt_avf_disabled"], 29 }, 30 }, 31 }, 32} 33 34apex_defaults { 35 name: "com.android.virt_common", 36 // TODO(jiyong): make it updatable 37 updatable: false, 38 future_updatable: false, 39 platform_apis: true, 40 41 manifest: "manifest.json", 42 43 key: "com.android.virt.key", 44 certificate: ":com.android.virt.certificate", 45 46 apps: [ 47 "android.system.virtualmachine.res", 48 ], 49 50 file_contexts: ":com.android.virt-file_contexts", 51 52 bootclasspath_fragments: [ 53 "com.android.virt-bootclasspath-fragment", 54 ], 55 jni_libs: [ 56 "libvirtualizationservice_jni", 57 "libvirtualmachine_jni", 58 ], 59 // TODO(b/295593640) Unfortunately these are added to the apex even though they are unused. 60 // Once the build system is fixed, remove this. 61 unwanted_transitive_deps: [ 62 "libsso", 63 "libutils", 64 ], 65 66 systemserverclasspath_fragments: select(release_flag("RELEASE_AVF_ENABLE_LLPVM_CHANGES"), { 67 true: ["com.android.virt-systemserver-fragment"], 68 default: [], 69 }), 70 71 canned_fs_config: select(release_flag("RELEASE_AVF_ENABLE_VIRT_CPUFREQ"), { 72 true: "canned_fs_config_sys_nice", 73 default: "canned_fs_config", 74 }), 75} 76 77vintf_fragment { 78 name: "virtualizationservice.xml", 79 src: "virtualizationservice.xml", 80} 81 82apex_defaults { 83 name: "com.android.virt_avf_enabled", 84 85 defaults: ["com.android.virt_common"], 86 87 custom_sign_tool: "sign_virt_apex", 88 89 // crosvm and virtualizationservice are only enabled for 64-bit targets on device 90 arch: { 91 arm64: { 92 binaries: [ 93 "crosvm", 94 "virtmgr", 95 "virtualizationservice", 96 ] + select(release_flag("RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT"), { 97 true: ["vfio_handler"], 98 default: [], 99 }) + select(release_flag("RELEASE_AVF_ENABLE_NETWORK"), { 100 true: ["vmnic"], 101 default: [], 102 }) + select(release_flag("RELEASE_AVF_ENABLE_EARLY_VM"), { 103 true: ["early_virtmgr"], 104 default: [], 105 }), 106 filesystems: microdroid_filesystem_images, 107 prebuilts: [ 108 "rialto_bin", 109 "android_bootloader_crosvm_aarch64", 110 ], 111 native_shared_libs: ["libavf"], 112 }, 113 x86_64: { 114 binaries: [ 115 "crosvm", 116 "virtmgr", 117 "virtualizationservice", 118 ] + select(release_flag("RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT"), { 119 true: ["vfio_handler"], 120 default: [], 121 }) + select(release_flag("RELEASE_AVF_ENABLE_NETWORK"), { 122 true: ["vmnic"], 123 default: [], 124 }) + select(release_flag("RELEASE_AVF_ENABLE_EARLY_VM"), { 125 true: ["early_virtmgr"], 126 default: [], 127 }), 128 filesystems: microdroid_filesystem_images, 129 prebuilts: [ 130 "android_bootloader_crosvm_x86_64", 131 ], 132 native_shared_libs: ["libavf"], 133 }, 134 }, 135 binaries: [ 136 "fd_server", 137 "vm", 138 ], 139 prebuilts: [ 140 "microdroid_initrd_debuggable", 141 "microdroid_initrd_normal", 142 "microdroid.json", 143 "microdroid_kernel", 144 "com.android.virt.init.rc", 145 ] + select(soong_config_variable("ANDROID", "avf_microdroid_guest_gki_version"), { 146 "android15_66": [ 147 "microdroid_gki-android15-6.6_initrd_debuggable", 148 "microdroid_gki-android15-6.6_initrd_normal", 149 "microdroid_gki-android15-6.6_kernel", 150 "microdroid_gki-android15-6.6.json", 151 ], 152 // Internal option used by pkvm team while developing new features. 153 // Should not be used on production kernels. 154 "pkvm_experimental": [ 155 "microdroid_gki-pkvm_experimental_initrd_debuggable", 156 "microdroid_gki-pkvm_experimental_initrd_normal", 157 "microdroid_gki-pkvm_experimental_kernel", 158 "microdroid_gki-pkvm_experimental.json", 159 ], 160 default: [], 161 }) + select(release_flag("RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT"), { 162 true: ["com.android.virt.vfio_handler.rc"], 163 default: [], 164 }) + select(release_flag("RELEASE_AVF_ENABLE_NETWORK"), { 165 true: ["com.android.virt.vmnic.rc"], 166 default: [], 167 }) + select(soong_config_variable("ANDROID", "target_boots_16k"), { 168 true: [ 169 "microdroid_16k_initrd_debuggable", 170 "microdroid_16k_initrd_normal", 171 "microdroid_kernel_16k", 172 "microdroid_16k.json", 173 ], 174 default: [], 175 }), 176 host_required: [ 177 "vm_shell", 178 ], 179 apps: [ 180 "EmptyPayloadApp", 181 ] + select(release_flag("RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES"), { 182 true: [ 183 "VmTerminalApp", 184 ], 185 default: [], 186 }), 187 androidManifest: select(release_flag("RELEASE_AVF_ENABLE_LLPVM_CHANGES"), { 188 true: "AndroidManifest.xml", 189 default: unset, 190 }), 191 vintf_fragment_modules: select(soong_config_variable("ANDROID", "avf_remote_attestation_enabled"), { 192 "true": ["virtualizationservice.xml"], 193 default: unset, 194 }), 195} 196 197apex_defaults { 198 name: "com.android.virt_avf_disabled", 199 200 defaults: ["com.android.virt_common"], 201} 202 203apex_key { 204 name: "com.android.virt.key", 205 public_key: "com.android.virt.avbpubkey", 206 private_key: "com.android.virt.pem", 207} 208 209android_app_certificate { 210 name: "com.android.virt.certificate", 211 certificate: "com.android.virt", 212} 213 214genrule { 215 name: "virtualizationservice_rc_combined", 216 srcs: [ 217 "virtualizationservice.rc.base", 218 ] + select(release_flag("RELEASE_AVF_ENABLE_LLPVM_CHANGES"), { 219 true: ["virtualizationservice.rc.llpvm"], 220 default: [], 221 }) + select(soong_config_variable("ANDROID", "avf_remote_attestation_enabled"), { 222 "true": ["virtualizationservice.rc.ra"], 223 default: [], 224 }), 225 out: ["virtualizationservice.rc"], 226 cmd: "cat $(in) > $(out)", 227} 228 229prebuilt_etc { 230 name: "com.android.virt.init.rc", 231 src: ":virtualizationservice_rc_combined", 232 filename: "virtualizationservice.rc", 233 no_full_install: true, 234} 235 236prebuilt_etc { 237 name: "com.android.virt.vfio_handler.rc", 238 src: "vfio_handler.rc", 239 filename: "vfio_handler.rc", 240 no_full_install: true, 241} 242 243prebuilt_etc { 244 name: "com.android.virt.vmnic.rc", 245 src: "vmnic.rc", 246 filename: "vmnic.rc", 247 no_full_install: true, 248} 249 250// Virt apex needs a custom signer for its payload 251python_binary_host { 252 name: "sign_virt_apex", 253 srcs: [ 254 "sign_virt_apex.py", 255 ], 256 version: { 257 py3: { 258 embedded_launcher: true, 259 }, 260 }, 261 required: [ 262 // sign_virt_apex should be runnable from outside the source tree, 263 // therefore, any required tool should be listed in build/make/core/Makefile as well. 264 "img2simg", 265 "initrd_bootconfig", 266 "lpmake", 267 "lpunpack", 268 "lz4", 269 "simg2img", 270 ], 271} 272 273sh_test_host { 274 name: "sign_virt_apex_test", 275 src: "sign_virt_apex_test.sh", 276 test_config: "sign_virt_apex_test.xml", 277 data_bins: [ 278 // deapexer 279 "deapexer", 280 "debugfs_static", 281 "fsck.erofs", 282 283 // sign_virt_apex 284 "avbtool", 285 "img2simg", 286 "initrd_bootconfig", 287 "lpmake", 288 "lpunpack", 289 "lz4", 290 "sign_virt_apex", 291 "simg2img", 292 ], 293 data_libs: [ 294 "libbase", 295 "libc++", 296 "libcrypto_utils", 297 "libcrypto", 298 "libext4_utils", 299 "liblog", 300 "liblp", 301 "libsparse", 302 "libz", 303 ], 304 data: [ 305 ":test.com.android.virt.pem", 306 ], 307 device_common_data: [ 308 ":com.android.virt", 309 ], 310 test_suites: ["general-tests"], 311} 312 313filegroup { 314 name: "test.com.android.virt.pem", 315 srcs: ["test.com.android.virt.pem"], 316} 317 318filegroup { 319 name: "test2.com.android.virt.pem", 320 srcs: ["test2.com.android.virt.pem"], 321} 322 323// custom tool to replace bytes in a file 324python_binary_host { 325 name: "replace_bytes", 326 srcs: [ 327 "replace_bytes.py", 328 ], 329 version: { 330 py3: { 331 embedded_launcher: true, 332 }, 333 }, 334} 335 336// Encapsulate the contributions made by the com.android.virt to the bootclasspath. 337bootclasspath_fragment { 338 name: "com.android.virt-bootclasspath-fragment", 339 contents: ["framework-virtualization"], 340 apex_available: ["com.android.virt"], 341 342 // The bootclasspath_fragments that provide APIs on which this depends. 343 fragments: [ 344 { 345 apex: "com.android.art", 346 module: "art-bootclasspath-fragment", 347 }, 348 ], 349 350 // Additional stubs libraries that this fragment's contents use which are 351 // not provided by another bootclasspath_fragment. 352 additional_stubs: [ 353 "android-non-updatable", 354 ], 355 356 hidden_api: { 357 358 // This module does not contain any split packages. 359 split_packages: [], 360 361 // The following packages and all their subpackages currently only 362 // contain classes from this bootclasspath_fragment. Listing a package 363 // here won't prevent other bootclasspath modules from adding classes in 364 // any of those packages but it will prevent them from adding those 365 // classes into an API surface, e.g. public, system, etc.. Doing so will 366 // result in a build failure due to inconsistent flags. 367 package_prefixes: [ 368 "android.system.virtualmachine", 369 "android.system.virtualizationservice", 370 // android.sysprop.*, renamed by jarjar 371 "com.android.system.virtualmachine.sysprop", 372 ], 373 }, 374} 375 376systemserverclasspath_fragment { 377 name: "com.android.virt-systemserver-fragment", 378 contents: [ 379 "service-virtualization", 380 ], 381 apex_available: ["com.android.virt"], 382 enabled: select(release_flag("RELEASE_AVF_ENABLE_LLPVM_CHANGES"), { 383 true: true, 384 default: false, 385 }), 386} 387