[service-vm] Start a bare-metal service VM from a client app
This cl mainly sets up the general pipeline to trigger the
bare-metal VM from a client app. The real implementation of the
API will be adjusted in the future.
Test: Runs the RkpvmClientApp in VM
Bug: 241428822
Change-Id: I92cef7033db9a2d8cf4ad1fec22fee8c93b1cef6
diff --git a/virtualizationmanager/src/aidl.rs b/virtualizationmanager/src/aidl.rs
index 468ee19..f57cb59 100644
--- a/virtualizationmanager/src/aidl.rs
+++ b/virtualizationmanager/src/aidl.rs
@@ -1184,6 +1184,31 @@
))
}
}
+
+ fn requestCertificate(&self, csr: &[u8]) -> binder::Result<Vec<u8>> {
+ let cid = self.cid;
+ let Some(vm) = self.state.lock().unwrap().get_vm(cid) else {
+ error!("requestCertificate is called from an unknown CID {cid}");
+ return Err(Status::new_service_specific_error_str(
+ -1,
+ Some(format!("cannot find a VM with CID {}", cid)),
+ ))
+ };
+ let instance_img_path = vm.temporary_directory.join("rkpvm_instance.img");
+ let instance_img = OpenOptions::new()
+ .create(true)
+ .read(true)
+ .write(true)
+ .open(instance_img_path)
+ .map_err(|e| {
+ error!("Failed to create rkpvm_instance.img file: {:?}", e);
+ Status::new_service_specific_error_str(
+ -1,
+ Some(format!("Failed to create rkpvm_instance.img file: {:?}", e)),
+ )
+ })?;
+ GLOBAL_SERVICE.requestCertificate(csr, &ParcelFileDescriptor::new(instance_img))
+ }
}
impl VirtualMachineService {