commit 3dc5c1e6a0b1ae7d9a33e5c856d0c85bfa209ab6
author Treehugger Robot <treehugger-gerrit@google.com> Tue Feb 08 11:49:35 2022 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Tue Feb 08 11:49:35 2022 +0000
tree c94703c461a854230d7c312492d24ebc154cd0a5
parent d2256180436f6a12d130a1ce498f0598150bf3d7
parent 28c9c3c98ecc1569105259e722de6ed8b6d34de9

Merge "Stop checking for /dev/kvm"

apex/sign_virt_apex.py

diff --git a/apex/sign_virt_apex.py b/apex/sign_virt_apex.py
index 8fe3403..207c938 100644
--- a/apex/sign_virt_apex.py
+++ b/apex/sign_virt_apex.py
@@ -15,7 +15,8 @@
 # limitations under the License.
 """sign_virt_apex is a command line tool for sign the Virt APEX file.
 
-Typical usage: sign_virt_apex [-v] [--avbtool path_to_avbtool] path_to_key payload_contents_dir
+Typical usage:
+  sign_virt_apex [-v] [--avbtool path_to_avbtool] [--signing_args args] payload_key payload_dir
 
 sign_virt_apex uses external tools which are assumed to be available via PATH.
 - avbtool (--avbtool can override the tool)
@@ -26,6 +27,7 @@
 import hashlib
 import os
 import re
+import shlex
 import shutil
 import subprocess
 import sys
@@ -45,6 +47,10 @@
         default='avbtool',
         help='Optional flag that specifies the AVB tool to use. Defaults to `avbtool`.')
     parser.add_argument(
+        '--signing_args',
+        help='the extra signing arguments passed to avbtool.'
+    )
+    parser.add_argument(
         'key',
         help='path to the private key file.')
     parser.add_argument(
@@ -163,6 +169,8 @@
                '--partition_name', partition_name,
                '--partition_size', partition_size,
                '--image', image_path]
+        if args.signing_args:
+            cmd.extend(shlex.split(args.signing_args))
         RunCommand(args, cmd)
 
 
@@ -182,6 +190,8 @@
                '--partition_size', partition_size,
                '--do_not_generate_fec',
                '--image', image_path]
+        if args.signing_args:
+            cmd.extend(shlex.split(args.signing_args))
         RunCommand(args, cmd)
 
 
@@ -216,6 +226,9 @@
                 cmd.extend(['--chain_partition', '%s:%s:%s' %
                            (part_name, ril, avbpubkey)])
 
+        if args.signing_args:
+            cmd.extend(shlex.split(args.signing_args))
+
         RunCommand(args, cmd)
         # libavb expects to be able to read the maximum vbmeta size, so we must provide a partition
         # which matches this or the read will fail.

virtualizationservice/src/crosvm.rs

diff --git a/virtualizationservice/src/crosvm.rs b/virtualizationservice/src/crosvm.rs
index 2c50fed..df7a7d2 100644
--- a/virtualizationservice/src/crosvm.rs
+++ b/virtualizationservice/src/crosvm.rs
@@ -272,6 +272,13 @@
 
     if config.protected {
         command.arg("--protected-vm");
+
+        // 3 virtio-console devices + vsock = 4.
+        let virtio_pci_device_count = 4 + config.disks.len();
+        // crosvm virtio queue has 256 entries, so 2 MiB per device (2 pages per entry) should be
+        // enough.
+        let swiotlb_size_mib = 2 * virtio_pci_device_count;
+        command.arg("--swiotlb").arg(swiotlb_size_mib.to_string());
     }
 
     if let Some(memory_mib) = config.memory_mib {