commit 22e7045288f46768d0e6a58562a9f3e9e701d2a2
author Shikha Panwar <shikhapanwar@google.com> Mon Oct 10 18:32:55 2022 +0000
committer Shikha Panwar <shikhapanwar@google.com> Wed Oct 12 08:45:51 2022 +0000
tree 8643c3a79030186fa88ef90947c8fa07d9aa0003
parent 6e9a0bc68a5e9ee997cb2576e46bbf1859756557

Add persistent backing for encrypted storage in VM

Virtualization service will allow clients to pass the file that will
back the (encrypted) storage inside VM.

This patch:
1. Exposes (optional) encryptedStorageImage in VirtualMachineAppConfig.
2. Expose it as a block device to VM (by including it as partition in a
   writable disk).

Test: bin/vm run-app --storage -> inspect the block device in vm
Bug: 241543632
Change-Id: I9adbe832bda2c5f5a749d8614f056f51244ae52c

vm/src/main.rs

diff --git a/vm/src/main.rs b/vm/src/main.rs
index 21cc74b..3b887d3 100644
--- a/vm/src/main.rs
+++ b/vm/src/main.rs
@@ -58,6 +58,16 @@
         #[clap(short, long)]
         daemonize: bool,
 
+        /// Path to the file backing the storage.
+        /// Created if the option is used but the path does not exist in the device.
+        #[clap(long)]
+        storage: Option<PathBuf>,
+
+        /// Size of the storage. Used only if --storage is supplied but path does not exist
+        /// Default size is 10*1024*1024
+        #[clap(long)]
+        storage_size: Option<u64>,
+
         /// Path to file for VM console output.
         #[clap(long)]
         console: Option<PathBuf>,
@@ -188,6 +198,8 @@
             apk,
             idsig,
             instance,
+            storage,
+            storage_size,
             config_path,
             daemonize,
             console,
@@ -205,6 +217,8 @@
             &apk,
             &idsig,
             &instance,
+            storage.as_deref(),
+            storage_size,
             config_path.as_deref().unwrap_or(""),
             daemonize,
             console.as_deref(),