Merge changes Iae7130f2,Ibe6629a2,If39f46d9
* changes:
vmbase: Rename configure_global_allocator_size
vmbase: Initialize heap in rust_entry
vmbase: Move heap.rs out of pvmfw
diff --git a/docs/getting_started/index.md b/docs/getting_started/index.md
index 0e4f2be..9dcd4fa 100644
--- a/docs/getting_started/index.md
+++ b/docs/getting_started/index.md
@@ -103,9 +103,12 @@
on pVM. You can run a Microdroid with empty payload using the following command:
```shell
-adb shell /apex/com.android.virt/bin/vm run-microdroid --debug full
+adb shell /apex/com.android.virt/bin/vm run-microdroid
```
+which spawns a "debuggable" VM by default to allow access to guest kernel logs.
+To run a production non-debuggable VM, pass `--debug none`.
+
## Building and updating CrosVM and VirtualizationService {#building-and-updating}
You can update CrosVM and the VirtualizationService by updating the `com.android.virt` APEX instead
diff --git a/libs/avb/Android.bp b/libs/avb/Android.bp
index 3a671e2..a2d9e1a 100644
--- a/libs/avb/Android.bp
+++ b/libs/avb/Android.bp
@@ -10,7 +10,6 @@
visibility: ["//packages/modules/Virtualization:__subpackages__"],
source_stem: "bindings",
bindgen_flags: [
- "--size_t-is-usize",
"--constified-enum-module AvbDescriptorTag",
"--default-enum-style rust",
"--allowlist-type=AvbDescriptorTag",
diff --git a/libs/libfdt/Android.bp b/libs/libfdt/Android.bp
index 2a6e75f..0540f26 100644
--- a/libs/libfdt/Android.bp
+++ b/libs/libfdt/Android.bp
@@ -8,7 +8,6 @@
wrapper_src: "bindgen/fdt.h",
source_stem: "bindings",
bindgen_flags: [
- "--size_t-is-usize",
"--allowlist-type=fdt_.*",
"--allowlist-function=fdt_.*",
"--allowlist-var=FDT_.*",
diff --git a/pvmfw/Android.bp b/pvmfw/Android.bp
index 09453e5..bbe00b5 100644
--- a/pvmfw/Android.bp
+++ b/pvmfw/Android.bp
@@ -7,7 +7,6 @@
crate_name: "pvmfw",
defaults: ["vmbase_ffi_defaults"],
srcs: ["src/main.rs"],
- edition: "2021",
// Require unsafe blocks for inside unsafe functions.
flags: ["-Dunsafe_op_in_unsafe_fn"],
features: [
@@ -82,7 +81,6 @@
// partition image. This is just to package the unstripped file into the
// symbols zip file for debugging purpose.
installable: true,
- native_coverage: false,
}
raw_binary {
@@ -134,11 +132,9 @@
rust_library_rlib {
name: "libpvmfw_embedded_key",
- defaults: ["vmbase_ffi_defaults"],
- prefer_rlib: true,
+ defaults: ["vmbase_rlib_defaults"],
srcs: [":pvmfw_embedded_key_rs"],
crate_name: "pvmfw_embedded_key",
- apex_available: ["com.android.virt"],
}
prebuilt_etc {
@@ -192,8 +188,7 @@
rust_library_rlib {
name: "libpvmfw_fdt_template",
- defaults: ["vmbase_ffi_defaults"],
- prefer_rlib: true,
+ defaults: ["vmbase_rlib_defaults"],
srcs: [":pvmfw_fdt_template_rs"],
crate_name: "pvmfw_fdt_template",
}
diff --git a/pvmfw/src/main.rs b/pvmfw/src/main.rs
index 61af048..61e2312 100644
--- a/pvmfw/src/main.rs
+++ b/pvmfw/src/main.rs
@@ -104,6 +104,11 @@
error!("Failed to verify the payload: {e}");
RebootReason::PayloadVerificationError
})?;
+ let debuggable = verified_boot_data.debug_level != DebugLevel::None;
+ if debuggable {
+ info!("Successfully verified a debuggable payload.");
+ info!("Please disregard any previous libavb ERROR about initrd_normal.");
+ }
if verified_boot_data.capabilities.contains(&Capability::RemoteAttest) {
info!("Service VM capable of remote attestation detected");
@@ -146,7 +151,6 @@
flush(next_bcc);
let strict_boot = true;
- let debuggable = verified_boot_data.debug_level != DebugLevel::None;
modify_for_next_stage(fdt, next_bcc, new_instance, strict_boot, debug_policy, debuggable)
.map_err(|e| {
error!("Failed to configure device tree: {e}");
diff --git a/rialto/Android.bp b/rialto/Android.bp
index 0a1dda8..9aa4667 100644
--- a/rialto/Android.bp
+++ b/rialto/Android.bp
@@ -6,7 +6,6 @@
name: "librialto",
crate_name: "rialto",
srcs: ["src/main.rs"],
- edition: "2021",
defaults: ["vmbase_ffi_defaults"],
rustlibs: [
"libaarch64_paging",
@@ -16,7 +15,6 @@
"liblog_rust_nostd",
"libvmbase",
],
- apex_available: ["com.android.virt"],
}
cc_binary {
@@ -28,13 +26,11 @@
],
static_libs: [
"librialto",
- "libvmbase_entry",
],
linker_scripts: [
"image.ld",
":vmbase_sections",
],
- apex_available: ["com.android.virt"],
}
raw_binary {
diff --git a/vm/src/run.rs b/vm/src/run.rs
index 663fa25..392fa1c 100644
--- a/vm/src/run.rs
+++ b/vm/src/run.rs
@@ -315,8 +315,13 @@
.context("Failed to create VM")?;
vm.start().context("Failed to start VM")?;
+ let debug_level = match config {
+ VirtualMachineConfig::AppConfig(config) => config.debugLevel,
+ _ => DebugLevel::NONE,
+ };
println!(
- "Created VM from {} with CID {}, state is {}.",
+ "Created {} from {} with CID {}, state is {}.",
+ if debug_level == DebugLevel::FULL { "debuggable VM" } else { "VM" },
payload_config,
vm.cid(),
state_to_str(vm.state()?)
diff --git a/vmbase/Android.bp b/vmbase/Android.bp
index ac010b9..46f4937 100644
--- a/vmbase/Android.bp
+++ b/vmbase/Android.bp
@@ -2,11 +2,28 @@
default_applicable_licenses: ["Android-Apache-2.0"],
}
+// The hierarchy of Soong modules to produce a vmbase-based binary is
+//
+// 0. rlibs may be used to provide high-level code (see "vmbase_rlib_defaults");
+// 1. rust_ffi_static packages low-level Rust code and any rlib into a static
+// library (see "vmbase_ffi_defaults") that cc_binary supports;
+// 2. cc_library_static may be used for extra C code (see "vmbase_cc_defaults");
+// 3. cc_binary produces an ELF from the (single) Rust-wrapping static library,
+// optional extra C libraries, and linker script (see "vmbase_elf_defaults");
+// 4. raw_binary strips the ELF into an image that can be loaded to memory;
+
+// Used by intermediate rust_library_rlib for vmbase-based binaries.
rust_defaults {
- name: "vmbase_rust_defaults",
+ name: "vmbase_rlib_defaults",
edition: "2021",
+ prefer_rlib: true,
host_supported: false,
enabled: false,
+ no_stdlibs: true,
+ stdlibs: [
+ "libcompiler_builtins.rust_sysroot",
+ "libcore.rust_sysroot",
+ ],
target: {
android_arm64: {
enabled: true,
@@ -14,19 +31,17 @@
},
}
+// Used by the "top-level" rust_ffi_static of vmbase-based binaries.
rust_defaults {
name: "vmbase_ffi_defaults",
- defaults: ["vmbase_rust_defaults"],
- no_stdlibs: true,
- stdlibs: [
- "libcompiler_builtins.rust_sysroot",
- "libcore.rust_sysroot",
- ],
+ defaults: ["vmbase_rlib_defaults"],
}
+// Used by extra cc_library_static linked into the final ELF.
cc_defaults {
name: "vmbase_cc_defaults",
nocrt: true,
+ no_libcrt: true,
system_shared_libs: [],
stl: "none",
installable: false,
@@ -39,8 +54,10 @@
sanitize: {
hwaddress: false,
},
+ native_coverage: false,
}
+// Used by cc_binary when producing the ELF of a vmbase-based binary.
cc_defaults {
name: "vmbase_elf_defaults",
defaults: ["vmbase_cc_defaults"],
@@ -48,18 +65,11 @@
static_libs: [
"libvmbase_entry",
],
- installable: false,
- enabled: false,
- target: {
- android_arm64: {
- enabled: true,
- },
- },
}
rust_library_rlib {
name: "libvmbase",
- defaults: ["vmbase_rust_defaults"],
+ defaults: ["vmbase_rlib_defaults"],
crate_name: "vmbase",
srcs: ["src/lib.rs"],
rustlibs: [
@@ -76,14 +86,12 @@
"libvirtio_drivers",
"libzeroize_nostd",
],
- no_stdlibs: true,
whole_static_libs: [
"librust_baremetal",
],
features: [
"cpu_feat_hafdbs",
],
- apex_available: ["com.android.virt"],
}
cc_library_static {
@@ -94,8 +102,6 @@
"exceptions.S",
"exceptions_panic.S",
],
- no_libcrt: true,
- apex_available: ["com.android.virt"],
}
filegroup {
diff --git a/vmbase/example/Android.bp b/vmbase/example/Android.bp
index ab8a8a1..ae1a593 100644
--- a/vmbase/example/Android.bp
+++ b/vmbase/example/Android.bp
@@ -7,7 +7,6 @@
defaults: ["vmbase_ffi_defaults"],
crate_name: "vmbase_example",
srcs: ["src/main.rs"],
- edition: "2021",
rustlibs: [
"libaarch64_paging",
"libdiced_open_dice_nostd",