Add support for encrypted storage expansion
Capability to configure the encrypted storage size
Partition resizing to the required size upon boot
New unit tests to validate this functionality
Bug: 381067202
Test: atest MicrodroidTests
Change-Id: I6f5737ee601e7c511bdd316b180bf50e3d102ab1
diff --git a/android/vm/src/run.rs b/android/vm/src/run.rs
index a362b8e..8385fb4 100644
--- a/android/vm/src/run.rs
+++ b/android/vm/src/run.rs
@@ -35,6 +35,7 @@
use rand::{distributions::Alphanumeric, Rng};
use std::fs;
use std::fs::File;
+use std::fs::OpenOptions;
use std::io;
use std::io::{Read, Write};
use std::os::fd::AsFd;
@@ -112,6 +113,8 @@
config.microdroid.storage_size.unwrap_or(10 * 1024 * 1024),
PartitionType::ENCRYPTEDSTORE,
)?;
+ } else if let Some(storage_size) = config.microdroid.storage_size {
+ set_encrypted_storage(service.as_ref(), path, storage_size)?;
}
Some(open_parcel_file(path, true)?)
} else {
@@ -370,6 +373,22 @@
Ok(config.extra_apks.into_iter().map(|x| x.path.into()).collect())
}
+fn set_encrypted_storage(
+ service: &dyn IVirtualizationService,
+ image_path: &Path,
+ size: u64,
+) -> Result<(), Error> {
+ let image = OpenOptions::new()
+ .create_new(false)
+ .read(true)
+ .write(true)
+ .open(image_path)
+ .with_context(|| format!("Failed to open {:?}", image_path))?;
+
+ service.setEncryptedStorageSize(&ParcelFileDescriptor::new(image), size.try_into()?)?;
+ Ok(())
+}
+
struct Callback {}
impl vmclient::VmCallback for Callback {