Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / ae625b6b15ce3ed130eadd595c23130e56a8869d
commitae625b6b15ce3ed130eadd595c23130e56a8869d[log] [tgz]
authorJiyong Park <jiyong@google.com>Thu Jun 13 21:47:52 2024 +0900
committerJiyong Park <jiyong@google.com>Thu Jun 13 21:47:52 2024 +0900
treec577f7e35abdaee314237310ee353dfa912636e9
parent03b3347b12177a9284f92f1d4281f6863df490eb [diff]
Add sizeof(swiotlb) to the mem size of pKVM pVMs

Previously (and even with this change), under pKVM, protected VMs
reserve some amount of memory as swiotlb. It is to share buffers for
virtio devices with the host safely. See [1] for more detail.

This however meant protected VMs, when compared to non-protected VMs,
got "effectively" smaller amount of RAM available. For VMs running
Microdroid, the swiotlb size is current 14 MB.

This CL fixes such an inconsistent experience across protected and
non-protected VMs. To counter balance the reserved memory for swiotlb,
this CL adds sizeof(swiotlb) (i.e. 14 MB currently) to protected VMs
running under pKVM.

Other hypervisors (GenieZone and Gunyah) don't need this treatment
because they statically allocate swiotlb outside of guest RAM.

Bug: 346770542
Test: watch our benchmark

[1] https://source.android.com/docs/core/virtualization/architecture#virtio

Change-Id: I82eb8796b248d4f6a189824841c245186cea2075
2 files changed
tree: c577f7e35abdaee314237310ee353dfa912636e9
  1. apex/
  2. apkdmverity/
  3. authfs/
  4. compos/
  5. demo/
  6. demo_native/
  7. docs/
  8. encryptedstore/
  9. flags/
  10. java/
  11. launcher/
  12. libs/
  13. microdroid/
  14. microdroid_manager/
  15. pvmfw/
  16. rialto/
  17. service_vm/
  18. tests/
  19. virtualizationmanager/
  20. virtualizationservice/
  21. vm/
  22. vm_payload/
  23. vmbase/
  24. vmclient/
  25. vmlauncher_app/
  26. zipfuse/
  27. .clang-format
  28. .gitignore
  29. Android.bp
  30. avf_flags.aconfig
  31. OWNERS
  32. PREUPLOAD.cfg
  33. README.md
  34. rustfmt.toml
  35. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: