1package { 2 default_applicable_licenses: ["Android-Apache-2.0"], 3} 4 5microdroid_filesystem_images = [ 6 "microdroid_super", 7 "microdroid_vbmeta", 8] 9 10soong_config_module_type { 11 name: "virt_apex", 12 module_type: "apex", 13 config_namespace: "ANDROID", 14 bool_variables: [ 15 "avf_enabled", 16 ], 17 properties: [ 18 "defaults", 19 "prebuilts", 20 ], 21} 22 23virt_apex { 24 name: "com.android.virt", 25 soong_config_variables: { 26 avf_enabled: { 27 defaults: ["com.android.virt_avf_enabled"], 28 conditions_default: { 29 defaults: ["com.android.virt_avf_disabled"], 30 }, 31 }, 32 }, 33} 34 35soong_config_string_variable { 36 name: "avf_microdroid_guest_gki_version", 37 values: [ 38 "android14_61_pkvm_experimental", 39 ], 40} 41 42soong_config_module_type { 43 name: "avf_flag_aware_apex_defaults", 44 module_type: "apex_defaults", 45 config_namespace: "ANDROID", 46 bool_variables: [ 47 "release_avf_enable_device_assignment", 48 "release_avf_enable_llpvm_changes", 49 "release_avf_enable_network", 50 "avf_remote_attestation_enabled", 51 "release_avf_enable_vendor_modules", 52 "release_avf_enable_virt_cpufreq", 53 "release_avf_support_custom_vm_with_paravirtualized_devices", 54 ], 55 variables: [ 56 "avf_microdroid_guest_gki_version", 57 ], 58 properties: [ 59 "androidManifest", 60 "arch", 61 "canned_fs_config", 62 "prebuilts", 63 "systemserverclasspath_fragments", 64 "vintf_fragments", 65 "apps", 66 ], 67} 68 69avf_flag_aware_apex_defaults { 70 name: "com.android.virt_common", 71 // TODO(jiyong): make it updatable 72 updatable: false, 73 future_updatable: false, 74 platform_apis: true, 75 76 manifest: "manifest.json", 77 78 key: "com.android.virt.key", 79 certificate: ":com.android.virt.certificate", 80 81 apps: [ 82 "android.system.virtualmachine.res", 83 ], 84 85 file_contexts: ":com.android.virt-file_contexts", 86 87 bootclasspath_fragments: [ 88 "com.android.virt-bootclasspath-fragment", 89 ], 90 jni_libs: [ 91 "libvirtualizationservice_jni", 92 "libvirtualmachine_jni", 93 ], 94 // TODO(b/295593640) Unfortunately these are added to the apex even though they are unused. 95 // Once the build system is fixed, remove this. 96 unwanted_transitive_deps: [ 97 "libsso", 98 "libutils", 99 ], 100 soong_config_variables: { 101 release_avf_enable_llpvm_changes: { 102 systemserverclasspath_fragments: [ 103 "com.android.virt-systemserver-fragment", 104 ], 105 }, 106 release_avf_enable_virt_cpufreq: { 107 canned_fs_config: "canned_fs_config_sys_nice", 108 conditions_default: { 109 canned_fs_config: "canned_fs_config", 110 }, 111 }, 112 release_avf_support_custom_vm_with_paravirtualized_devices: { 113 apps: [ 114 "VmLauncherApp", 115 ], 116 }, 117 }, 118} 119 120avf_flag_aware_apex_defaults { 121 name: "com.android.virt_avf_enabled", 122 123 defaults: ["com.android.virt_common"], 124 125 custom_sign_tool: "sign_virt_apex", 126 127 // crosvm and virtualizationservice are only enabled for 64-bit targets on device 128 arch: { 129 arm64: { 130 binaries: [ 131 "crosvm", 132 "virtmgr", 133 "virtualizationservice", 134 ], 135 filesystems: microdroid_filesystem_images, 136 prebuilts: [ 137 "rialto_bin", 138 ], 139 }, 140 x86_64: { 141 binaries: [ 142 "crosvm", 143 "virtmgr", 144 "virtualizationservice", 145 ], 146 filesystems: microdroid_filesystem_images, 147 }, 148 }, 149 binaries: [ 150 "fd_server", 151 "vm", 152 ], 153 prebuilts: [ 154 "features_com.android.virt.xml", 155 "microdroid_initrd_debuggable", 156 "microdroid_initrd_normal", 157 "microdroid.json", 158 "microdroid_kernel", 159 "com.android.virt.init.rc", 160 "android_bootloader_crosvm_aarch64", 161 ], 162 host_required: [ 163 "vm_shell", 164 ], 165 apps: [ 166 "EmptyPayloadApp", 167 ], 168 soong_config_variables: { 169 avf_microdroid_guest_gki_version: { 170 android14_61_pkvm_experimental: { 171 prebuilts: [ 172 "microdroid_gki-android14-6.1-pkvm_experimental_initrd_debuggable", 173 "microdroid_gki-android14-6.1-pkvm_experimental_initrd_normal", 174 "microdroid_gki-android14-6.1-pkvm_experimental_kernel", 175 "microdroid_gki-android14-6.1-pkvm_experimental.json", 176 ], 177 }, 178 }, 179 release_avf_enable_device_assignment: { 180 prebuilts: [ 181 "com.android.virt.vfio_handler.rc", 182 ], 183 arch: { 184 arm64: { 185 binaries: ["vfio_handler"], 186 }, 187 x86_64: { 188 binaries: ["vfio_handler"], 189 }, 190 }, 191 }, 192 release_avf_enable_llpvm_changes: { 193 androidManifest: "AndroidManifest.xml", 194 }, 195 release_avf_enable_network: { 196 prebuilts: [ 197 "com.android.virt.vmnic.rc", 198 ], 199 arch: { 200 arm64: { 201 binaries: ["vmnic"], 202 }, 203 x86_64: { 204 binaries: ["vmnic"], 205 }, 206 }, 207 }, 208 avf_remote_attestation_enabled: { 209 vintf_fragments: [ 210 "virtualizationservice.xml", 211 ], 212 }, 213 }, 214} 215 216apex_defaults { 217 name: "com.android.virt_avf_disabled", 218 219 defaults: ["com.android.virt_common"], 220} 221 222apex_key { 223 name: "com.android.virt.key", 224 public_key: "com.android.virt.avbpubkey", 225 private_key: "com.android.virt.pem", 226} 227 228android_app_certificate { 229 name: "com.android.virt.certificate", 230 certificate: "com.android.virt", 231} 232 233soong_config_module_type { 234 name: "avf_flag_aware_genrule", 235 module_type: "genrule", 236 config_namespace: "ANDROID", 237 bool_variables: [ 238 "release_avf_enable_llpvm_changes", 239 "avf_remote_attestation_enabled", 240 ], 241 properties: ["srcs"], 242} 243 244avf_flag_aware_genrule { 245 name: "virtualizationservice_rc_combined", 246 srcs: ["virtualizationservice.rc.base"], 247 soong_config_variables: { 248 release_avf_enable_llpvm_changes: { 249 srcs: ["virtualizationservice.rc.llpvm"], 250 }, 251 avf_remote_attestation_enabled: { 252 srcs: ["virtualizationservice.rc.ra"], 253 }, 254 }, 255 out: ["virtualizationservice.rc"], 256 cmd: "cat $(in) > $(out)", 257} 258 259prebuilt_etc { 260 name: "com.android.virt.init.rc", 261 src: ":virtualizationservice_rc_combined", 262 filename: "virtualizationservice.rc", 263 no_full_install: true, 264} 265 266prebuilt_etc { 267 name: "com.android.virt.vfio_handler.rc", 268 src: "vfio_handler.rc", 269 filename: "vfio_handler.rc", 270 no_full_install: true, 271} 272 273prebuilt_etc { 274 name: "com.android.virt.vmnic.rc", 275 src: "vmnic.rc", 276 filename: "vmnic.rc", 277 no_full_install: true, 278} 279 280// Virt apex needs a custom signer for its payload 281python_binary_host { 282 name: "sign_virt_apex", 283 srcs: [ 284 "sign_virt_apex.py", 285 ], 286 version: { 287 py3: { 288 embedded_launcher: true, 289 }, 290 }, 291 required: [ 292 // sign_virt_apex should be runnable from outside the source tree, 293 // therefore, any required tool should be listed in build/make/core/Makefile as well. 294 "img2simg", 295 "initrd_bootconfig", 296 "lpmake", 297 "lpunpack", 298 "lz4", 299 "simg2img", 300 ], 301} 302 303sh_test_host { 304 name: "sign_virt_apex_test", 305 src: "sign_virt_apex_test.sh", 306 test_config: "sign_virt_apex_test.xml", 307 data_bins: [ 308 // deapexer 309 "deapexer", 310 "debugfs_static", 311 "fsck.erofs", 312 313 // sign_virt_apex 314 "avbtool", 315 "img2simg", 316 "initrd_bootconfig", 317 "lpmake", 318 "lpunpack", 319 "lz4", 320 "sign_virt_apex", 321 "simg2img", 322 ], 323 data_libs: [ 324 "libbase", 325 "libc++", 326 "libcrypto_utils", 327 "libcrypto", 328 "libext4_utils", 329 "liblog", 330 "liblp", 331 "libsparse", 332 "libz", 333 ], 334 data: [ 335 ":com.android.virt", 336 ":test.com.android.virt.pem", 337 ], 338 test_suites: ["general-tests"], 339} 340 341filegroup { 342 name: "test.com.android.virt.pem", 343 srcs: ["test.com.android.virt.pem"], 344} 345 346filegroup { 347 name: "test2.com.android.virt.pem", 348 srcs: ["test2.com.android.virt.pem"], 349} 350 351// custom tool to replace bytes in a file 352python_binary_host { 353 name: "replace_bytes", 354 srcs: [ 355 "replace_bytes.py", 356 ], 357 version: { 358 py3: { 359 embedded_launcher: true, 360 }, 361 }, 362} 363 364// Encapsulate the contributions made by the com.android.virt to the bootclasspath. 365bootclasspath_fragment { 366 name: "com.android.virt-bootclasspath-fragment", 367 contents: ["framework-virtualization"], 368 apex_available: ["com.android.virt"], 369 370 // The bootclasspath_fragments that provide APIs on which this depends. 371 fragments: [ 372 { 373 apex: "com.android.art", 374 module: "art-bootclasspath-fragment", 375 }, 376 ], 377 378 // Additional stubs libraries that this fragment's contents use which are 379 // not provided by another bootclasspath_fragment. 380 additional_stubs: [ 381 "android-non-updatable", 382 ], 383 384 hidden_api: { 385 386 // This module does not contain any split packages. 387 split_packages: [], 388 389 // The following packages and all their subpackages currently only 390 // contain classes from this bootclasspath_fragment. Listing a package 391 // here won't prevent other bootclasspath modules from adding classes in 392 // any of those packages but it will prevent them from adding those 393 // classes into an API surface, e.g. public, system, etc.. Doing so will 394 // result in a build failure due to inconsistent flags. 395 package_prefixes: [ 396 "android.system.virtualmachine", 397 "android.system.virtualizationservice", 398 // android.sysprop.*, renamed by jarjar 399 "com.android.system.virtualmachine.sysprop", 400 ], 401 }, 402} 403 404soong_config_module_type { 405 name: "avf_flag_aware_systemserverclasspath_fragment", 406 module_type: "systemserverclasspath_fragment", 407 config_namespace: "ANDROID", 408 bool_variables: [ 409 "release_avf_enable_llpvm_changes", 410 ], 411 properties: [ 412 "enabled", 413 ], 414} 415 416avf_flag_aware_systemserverclasspath_fragment { 417 name: "com.android.virt-systemserver-fragment", 418 contents: [ 419 "service-virtualization", 420 ], 421 apex_available: ["com.android.virt"], 422 enabled: false, 423 soong_config_variables: { 424 release_avf_enable_llpvm_changes: { 425 enabled: true, 426 }, 427 }, 428} 429