Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / d504d6a5bec49b1f00e1d7e36548f0dadbfc43fe / . / guest / rialto / Android.bp
blob: 35ede7acae348cef8ab42f2441633f4504463cec [file] [log] [blame]
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]1package {
2 default_applicable_licenses: ["Android-Apache-2.0"],
3}
4
5rust_ffi_static {
6 name: "librialto",
7 crate_name: "rialto",
8 srcs: ["src/main.rs"],
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]9 defaults: ["vmbase_ffi_defaults"],
10 rustlibs: [
11 "libaarch64_paging",
Alice Wangc8f88f52023-09-25 14:02:17 +0000[diff] [blame]12 "libbssl_avf_nostd",
Alice Wang748b0322023-07-24 12:51:18 +0000[diff] [blame]13 "libciborium_io_nostd",
14 "libciborium_nostd",
Alice Wang474c0ee2023-09-14 12:52:33 +0000[diff] [blame]15 "libdiced_open_dice_nostd",
Per Larsen7ec45d32024-11-02 00:56:46 +0000[diff] [blame]16 "libhypervisor_backends",
Pierre-Clément Tosi992c2bb2024-10-02 10:37:42 +0100[diff] [blame]17 "liblibfdt_nostd",
David Brazdil05a72fd2022-07-09 17:33:08 +0100[diff] [blame]18 "liblog_rust_nostd",
Alice Wang748b0322023-07-24 12:51:18 +0000[diff] [blame]19 "libservice_vm_comm_nostd",
Alice Wang4ac9c8b2023-12-05 16:23:14 +0000[diff] [blame]20 "libservice_vm_fake_chain_nostd",
Alice Wang7b4b6132023-10-05 08:00:16 +0000[diff] [blame]21 "libservice_vm_requests_nostd",
Alice Wang953a6572023-08-24 13:40:10 +0000[diff] [blame]22 "libtinyvec_nostd",
Alice Wangd36c7112023-07-04 09:50:45 +0000[diff] [blame]23 "libvirtio_drivers",
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]24 "libvmbase",
Alice Wang7b2ab942023-09-12 13:04:42 +0000[diff] [blame]25 ],
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]26}
27
28cc_binary {
29 name: "rialto_elf",
30 stem: "rialto",
31 defaults: ["vmbase_elf_defaults"],
32 srcs: [
33 "idmap.S",
34 ],
35 static_libs: [
36 "librialto",
Pierre-Clément Tosi6203d672024-11-18 14:54:31 +0000[diff] [blame]37 "libvmbase_dice_clear_memory",
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]38 ],
39 linker_scripts: [
40 "image.ld",
41 ":vmbase_sections",
42 ],
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]43}
44
45raw_binary {
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]46 name: "rialto_unsigned",
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]47 src: ":rialto_elf",
48 enabled: false,
49 target: {
50 android_arm64: {
51 enabled: true,
52 },
53 },
54}
55
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]56// python -c "import hashlib; print(hashlib.sha256(b'rialto_salt').hexdigest())"
57rialto_salt = "ea9d8c3ae1785396884d0c16c7652921874e2b8703f336ff23760f2049ee9e29"
58
59filegroup {
60 name: "rialto_sign_key",
61 srcs: [":avb_testkey_rsa4096"],
62}
63
Alice Wang12e4c862023-12-11 13:52:27 +0000[diff] [blame]64// Both SERVICE_VM_VERSION and SERVICE_VM_VERSION_STRING should represent the
65// same version number for the service VM.
66SERVICE_VM_VERSION = 1
67SERVICE_VM_VERSION_STRING = "1"
68
69genrule {
70 name: "service_vm_version_rs",
71 out: ["lib.rs"],
72 cmd: "(" +
73 " echo '#![no_std]';" +
74 " echo '#![allow(missing_docs)]';" +
75 " echo 'pub const VERSION: u64 = " + SERVICE_VM_VERSION_STRING + ";'" +
76 ") > $(out)",
77}
78
79rust_library_rlib {
80 name: "libservice_vm_version",
81 crate_name: "service_vm_version",
82 defaults: ["vmbase_rlib_defaults"],
83 srcs: [":service_vm_version_rs"],
84}
85
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]86avb_add_hash_footer {
87 name: "rialto_signed",
88 src: ":empty_file",
89 filename: "rialto",
90 partition_name: "boot",
91 private_key: ":rialto_sign_key",
92 salt: rialto_salt,
Alice Wang12e4c862023-12-11 13:52:27 +0000[diff] [blame]93 rollback_index: SERVICE_VM_VERSION,
Alice Wangab0d0202023-05-17 08:07:41 +0000[diff] [blame]94 props: [
95 {
96 name: "com.android.virt.cap",
97 value: "remote_attest",
98 },
99 ],
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]100 enabled: false,
101 arch: {
102 arm64: {
103 src: ":rialto_unsigned",
104 enabled: true,
105 },
106 },
107}
108
109prebuilt_etc {
Alan Stokes1294f942023-08-21 14:34:12 +0100[diff] [blame]110 // rialto_bin is a prebuilt target wrapping the signed bare-metal service VM.
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]111 name: "rialto_bin",
112 filename: "rialto.bin",
113 target: {
114 android_arm64: {
115 src: ":rialto_signed",
116 },
117 },
118 src: ":empty_file",
119 installable: false,
120}
121
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]122rust_test {
123 name: "rialto_test",
124 crate_name: "rialto_test",
Nikita Ioffeda1b2732023-09-04 13:46:56 +0100[diff] [blame]125 defaults: ["avf_build_flags_rust"],
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]126 srcs: ["tests/test.rs"],
127 prefer_rlib: true,
128 edition: "2021",
129 rustlibs: [
130 "android.system.virtualizationservice-rust",
131 "libandroid_logger",
132 "libanyhow",
Alice Wang20b8ebc2023-11-17 09:54:47 +0000[diff] [blame]133 "libbssl_avf_nostd",
Alice Wangde6bee52023-11-10 09:58:40 +0000[diff] [blame]134 "libclient_vm_csr",
Alice Wang20b8ebc2023-11-17 09:54:47 +0000[diff] [blame]135 "libcoset",
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]136 "liblibc",
137 "liblog_rust",
Alice Wang68d11402024-01-02 13:59:44 +0000[diff] [blame]138 "libhwtrust",
Nikita Ioffebd2e2e42024-07-05 15:04:49 +0000[diff] [blame]139 "libhypervisor_props",
Alice Wang748b0322023-07-24 12:51:18 +0000[diff] [blame]140 "libservice_vm_comm",
Alice Wang4ac9c8b2023-12-05 16:23:14 +0000[diff] [blame]141 "libservice_vm_fake_chain",
Alice Wang17dc76e2023-09-06 09:43:52 +0000[diff] [blame]142 "libservice_vm_manager",
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]143 "libvmclient",
Alice Wang6a504ef2023-12-21 15:37:55 +0000[diff] [blame]144 "libx509_cert_nostd",
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]145 ],
146 data: [
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]147 ":rialto_unsigned",
Alice Wang20b8ebc2023-11-17 09:54:47 +0000[diff] [blame]148 ":test_rkp_cert_chain",
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]149 ],
150 test_suites: ["general-tests"],
151 enabled: false,
152 target: {
153 android_arm64: {
154 enabled: true,
155 },
156 },
157}