Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 309278e163678a53756ee0d266ca2111c1da1efc^1..309278e163678a53756ee0d266ca2111c1da1efc / .
commit309278e163678a53756ee0d266ca2111c1da1efc[log] [tgz]
authorAndroid Build Coastguard Worker <android-build-coastguard-worker@google.com>Thu Aug 15 23:21:55 2024 +0000
committerAndroid Build Coastguard Worker <android-build-coastguard-worker@google.com>Thu Aug 15 23:21:55 2024 +0000
treeb58f8a918c970aaec7f941d68d57f90b8262a357
parent35f6f4c1bdb4526e74fae6dea635d1e15f696076 [diff]
parentb5d9869372d2d9186ec4fb9b0e24bb13f479d201 [diff]
Snap for 12235414 from b5d9869372d2d9186ec4fb9b0e24bb13f479d201 to 24Q4-release

Change-Id: I7cd6c958a4b28f761b112a1bf672b3f42d7fd111

diff --git a/guest/rialto/idmap.S b/guest/rialto/idmap.S
index 9b5375a..eb4d823 100644
--- a/guest/rialto/idmap.S
+++ b/guest/rialto/idmap.S

@@ -28,8 +28,8 @@
 .set .PAGE_SIZE, .SZ_4K
 
 .set .ORIGIN_ADDR, 2 * .SZ_1G
-.set .TEXT_ADDR, .ORIGIN_ADDR + (1 * .SZ_2M)
-.set .DATA_ADDR, .ORIGIN_ADDR + (2 * .SZ_2M)
+.set .TEXT_ADDR, .ORIGIN_ADDR + (0 * .SZ_2M)
+.set .DATA_ADDR, .ORIGIN_ADDR + (1 * .SZ_2M)
 
 .set .L_TT_TYPE_BLOCK, 0x1
 .set .L_TT_TYPE_PAGE,  0x3
@@ -59,7 +59,7 @@
 	.balign .PAGE_SIZE, 0				// unmapped
 
 	/* level 2 */
-0:	.quad		0x0				// 2 MiB unmapped
+0:
 	.quad		.L_BLOCK_MEM_XIP | .TEXT_ADDR	// 2 MiB of DRAM containing image
 	.quad		.L_BLOCK_MEM | .DATA_ADDR	// 2 MiB of writable DRAM
 	.balign .PAGE_SIZE, 0				// unmapped

diff --git a/guest/rialto/image.ld b/guest/rialto/image.ld
index 95ffdf8..3bf910c 100644
--- a/guest/rialto/image.ld
+++ b/guest/rialto/image.ld

@@ -16,6 +16,6 @@
 
 MEMORY
 {
-	image		: ORIGIN = 0x80200000, LENGTH = 2M
-	writable_data	: ORIGIN = 0x80400000, LENGTH = 2M
+	image		: ORIGIN = 0x80000000, LENGTH = 2M
+	writable_data	: ORIGIN = 0x80200000, LENGTH = 2M
 }

diff --git a/guest/rialto/src/main.rs b/guest/rialto/src/main.rs
index 930f4e8..a98ec25 100644
--- a/guest/rialto/src/main.rs
+++ b/guest/rialto/src/main.rs

@@ -47,6 +47,7 @@
 use vmbase::{
     configure_heap,
     fdt::SwiotlbInfo,
+    generate_image_header,
     hyp::{get_mem_sharer, get_mmio_guard},
     layout::{self, crosvm, UART_PAGE_ADDR},
     main,
@@ -232,5 +233,6 @@
     }
 }
 
+generate_image_header!();
 main!(main);
 configure_heap!(SIZE_128KB * 2);

diff --git a/guest/rialto/tests/test.rs b/guest/rialto/tests/test.rs
index cf5630f..a90adea 100644
--- a/guest/rialto/tests/test.rs
+++ b/guest/rialto/tests/test.rs

@@ -34,7 +34,7 @@
 use service_vm_fake_chain::client_vm::{
     fake_client_vm_dice_artifacts, fake_sub_components, SubComponent,
 };
-use service_vm_manager::ServiceVm;
+use service_vm_manager::{ServiceVm, VM_MEMORY_MB};
 use std::fs;
 use std::fs::File;
 use std::panic;
@@ -59,7 +59,7 @@
         // The test is skipped if the feature flag |dice_changes| is not enabled, because when
         // the flag is off, the DICE chain is truncated in the pvmfw, and the service VM cannot
         // verify the chain due to the missing entries in the chain.
-        check_processing_requests(VmType::ProtectedVm)
+        check_processing_requests(VmType::ProtectedVm, None)
     } else {
         warn!("pVMs are not supported on device, skipping test");
         Ok(())
@@ -68,11 +68,17 @@
 
 #[test]
 fn process_requests_in_non_protected_vm() -> Result<()> {
-    check_processing_requests(VmType::NonProtectedVm)
+    check_processing_requests(VmType::NonProtectedVm, None)
 }
 
-fn check_processing_requests(vm_type: VmType) -> Result<()> {
-    let mut vm = start_service_vm(vm_type)?;
+#[test]
+fn process_requests_in_non_protected_vm_with_extra_ram() -> Result<()> {
+    const MEMORY_MB: i32 = 300;
+    check_processing_requests(VmType::NonProtectedVm, Some(MEMORY_MB))
+}
+
+fn check_processing_requests(vm_type: VmType, vm_memory_mb: Option<i32>) -> Result<()> {
+    let mut vm = start_service_vm(vm_type, vm_memory_mb)?;
 
     check_processing_reverse_request(&mut vm)?;
     let key_pair = check_processing_generating_key_pair_request(&mut vm)?;
@@ -285,7 +291,7 @@
     Ok(())
 }
 
-fn start_service_vm(vm_type: VmType) -> Result<ServiceVm> {
+fn start_service_vm(vm_type: VmType, vm_memory_mb: Option<i32>) -> Result<ServiceVm> {
     android_logger::init_once(
         android_logger::Config::default()
             .with_tag("rialto")
@@ -297,19 +303,20 @@
     }));
     // We need to start the thread pool for Binder to work properly, especially link_to_death.
     ProcessState::start_thread_pool();
-    ServiceVm::start_vm(vm_instance(vm_type)?, vm_type)
+    ServiceVm::start_vm(vm_instance(vm_type, vm_memory_mb)?, vm_type)
 }
 
-fn vm_instance(vm_type: VmType) -> Result<VmInstance> {
+fn vm_instance(vm_type: VmType, vm_memory_mb: Option<i32>) -> Result<VmInstance> {
     match vm_type {
         VmType::ProtectedVm => {
+            assert!(vm_memory_mb.is_none());
             service_vm_manager::protected_vm_instance(PathBuf::from(INSTANCE_IMG_PATH))
         }
-        VmType::NonProtectedVm => nonprotected_vm_instance(),
+        VmType::NonProtectedVm => nonprotected_vm_instance(vm_memory_mb.unwrap_or(VM_MEMORY_MB)),
     }
 }
 
-fn nonprotected_vm_instance() -> Result<VmInstance> {
+fn nonprotected_vm_instance(memory_mib: i32) -> Result<VmInstance> {
     let rialto = File::open(UNSIGNED_RIALTO_PATH).context("Failed to open Rialto kernel binary")?;
     // Do not use `#allocateInstanceId` to generate the instance ID because the method
     // also adds an instance ID to the database it manages.
@@ -317,10 +324,10 @@
     let mut instance_id = [0u8; 64];
     rand_bytes(&mut instance_id).unwrap();
     let config = VirtualMachineConfig::RawConfig(VirtualMachineRawConfig {
-        name: String::from("Non protected rialto"),
-        bootloader: Some(ParcelFileDescriptor::new(rialto)),
+        name: format!("Non protected rialto ({memory_mib}MiB)"),
+        kernel: Some(ParcelFileDescriptor::new(rialto)),
         protectedVm: false,
-        memoryMib: 300,
+        memoryMib: memory_mib,
         platformVersion: "~1.0".to_string(),
         instanceId: instance_id,
         ..Default::default()

diff --git a/libs/libservice_vm_manager/src/lib.rs b/libs/libservice_vm_manager/src/lib.rs
index 78ed85b..8564c51 100644
--- a/libs/libservice_vm_manager/src/lib.rs
+++ b/libs/libservice_vm_manager/src/lib.rs

@@ -37,12 +37,14 @@
 use vmclient::{DeathReason, VmInstance};
 use vsock::{VsockListener, VsockStream, VMADDR_CID_HOST};
 
+/// Size of virtual memory allocated to the Service VM.
+pub const VM_MEMORY_MB: i32 = 8;
+
 const VIRT_DATA_DIR: &str = "/data/misc/apexdata/com.android.virt";
 const RIALTO_PATH: &str = "/apex/com.android.virt/etc/rialto.bin";
 const INSTANCE_IMG_NAME: &str = "service_vm_instance.img";
 const INSTANCE_ID_FILENAME: &str = "service_vm_instance_id";
 const INSTANCE_IMG_SIZE_BYTES: i64 = 1 << 20; // 1MB
-const MEMORY_MB: i32 = 300;
 const WRITE_BUFFER_CAPACITY: usize = 512;
 const READ_TIMEOUT: Duration = Duration::from_secs(10);
 const WRITE_TIMEOUT: Duration = Duration::from_secs(10);
@@ -227,11 +229,11 @@
     let instance_id = get_or_allocate_instance_id(service.as_ref(), instance_id_file)?;
     let config = VirtualMachineConfig::RawConfig(VirtualMachineRawConfig {
         name: String::from("Service VM"),
-        bootloader: Some(ParcelFileDescriptor::new(rialto)),
+        kernel: Some(ParcelFileDescriptor::new(rialto)),
         disks: vec![DiskImage { image: None, partitions: writable_partitions, writable: true }],
         instanceId: instance_id,
         protectedVm: true,
-        memoryMib: MEMORY_MB,
+        memoryMib: VM_MEMORY_MB,
         cpuTopology: CpuTopology::ONE_CPU,
         platformVersion: "~1.0".to_string(),
         gdbPort: 0, // No gdb