guest: trusty: enable pvmfw-verified pVM for security and test VMs
- rules that use unsigned images for x86, signed images for arm64
- system_ext artifacts enabled only on devices enabling
`trusty_system_vm` via a soong config variable:
- VM payload configuration:
support a `placeholder_trusted_hal` soong bool variable allowing
to enable placeholder hals on devices that don't support
the Trusted HALs (Cuttlefish on x86_64 for example)
(placeholder_trusted_hal shall not be enabled in production)
- security_vm: update launcher build rules to also support arm64
and define .rc prebuilts to be reused by any device
(not just cuttlefish)
- test_vm: enable pvmfw-verified pVM by adding image signing rules
Bug: 391719387
Bug: 391210895
Test: qemu_trusty_arm64-trunk_staging-userdebug
Change-Id: I82dc911e482538e3f22dde6246a64e712bd0f1d0
diff --git a/guest/pvmfw/avb/Android.bp b/guest/pvmfw/avb/Android.bp
index 0294322..141c1d2 100644
--- a/guest/pvmfw/avb/Android.bp
+++ b/guest/pvmfw/avb/Android.bp
@@ -33,7 +33,7 @@
":microdroid_kernel_signed",
":microdroid_initrd_normal",
":microdroid_initrd_debuggable",
- ":trusty_security_vm_signed",
+ ":trusty_test_vm_signed_bin",
":test_image_with_one_hashdesc",
":test_image_with_non_initrd_hashdesc",
":test_image_with_initrd_and_non_initrd_desc",