1 // Copyright 2021, The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 //! Android VM control tool.
16
17 mod create_idsig;
18 mod create_partition;
19 mod run;
20
21 use android_system_virtualizationservice::aidl::android::system::virtualizationservice::{
22 CpuTopology::CpuTopology, IVirtualizationService::IVirtualizationService,
23 PartitionType::PartitionType, VirtualMachineAppConfig::DebugLevel::DebugLevel,
24 };
25 #[cfg(not(llpvm_changes))]
26 use anyhow::anyhow;
27 use anyhow::{Context, Error};
28 use binder::{ProcessState, Strong};
29 use clap::{Args, Parser};
30 use create_idsig::command_create_idsig;
31 use create_partition::command_create_partition;
32 use run::{command_run, command_run_app, command_run_microdroid};
33 use serde::Serialize;
34 use std::num::NonZeroU16;
35 use std::path::{Path, PathBuf};
36
37 #[derive(Args, Default)]
38 /// Collection of flags that are at VM level and therefore applicable to all subcommands
39 pub struct CommonConfig {
40 /// Name of VM
41 #[arg(long)]
42 name: Option<String>,
43
44 /// Run VM with vCPU topology matching that of the host. If unspecified, defaults to 1 vCPU.
45 #[arg(long, default_value = "one_cpu", value_parser = parse_cpu_topology)]
46 cpu_topology: CpuTopology,
47
48 /// Memory size (in MiB) of the VM. If unspecified, defaults to the value of `memory_mib`
49 /// in the VM config file.
50 #[arg(short, long)]
51 mem: Option<u32>,
52
53 /// Run VM in protected mode.
54 #[arg(short, long)]
55 protected: bool,
56
57 /// Ask the kernel for transparent huge-pages (THP). This is only a hint and
58 /// the kernel will allocate THP-backed memory only if globally enabled by
59 /// the system and if any can be found. See
60 /// https://docs.kernel.org/admin-guide/mm/transhuge.html
61 #[arg(short, long)]
62 hugepages: bool,
63
64 /// Run VM with network feature.
65 #[cfg(network)]
66 #[arg(short, long)]
67 network_supported: bool,
68
69 /// Boost uclamp to stablise results for benchmarks.
70 #[arg(short, long)]
71 boost_uclamp: bool,
72 }
73
74 impl CommonConfig {
75 #[cfg(network)]
network_supported(&self) -> bool76 fn network_supported(&self) -> bool {
77 self.network_supported
78 }
79
80 #[cfg(not(network))]
network_supported(&self) -> bool81 fn network_supported(&self) -> bool {
82 false
83 }
84 }
85
86 #[derive(Args, Default)]
87 /// Collection of flags for debugging
88 pub struct DebugConfig {
89 /// Debug level of the VM. Supported values: "full" (default), and "none".
90 #[arg(long, default_value = "full", value_parser = parse_debug_level)]
91 debug: DebugLevel,
92
93 /// Path to file for VM console output.
94 #[arg(long)]
95 console: Option<PathBuf>,
96
97 /// Path to file for VM console input.
98 #[arg(long)]
99 console_in: Option<PathBuf>,
100
101 /// Path to file for VM log output.
102 #[arg(long)]
103 log: Option<PathBuf>,
104
105 /// Port at which crosvm will start a gdb server to debug guest kernel.
106 /// Note: this is only supported on Android kernels android14-5.15 and higher.
107 #[arg(long)]
108 gdb: Option<NonZeroU16>,
109 }
110
111 #[derive(Args, Default)]
112 /// Collection of flags that are Microdroid specific
113 pub struct MicrodroidConfig {
114 /// Path to the file backing the storage.
115 /// Created if the option is used but the path does not exist in the device.
116 #[arg(long)]
117 storage: Option<PathBuf>,
118
119 /// Size of the storage. Used only if --storage is supplied but path does not exist
120 /// Default size is 10*1024*1024
121 #[arg(long)]
122 storage_size: Option<u64>,
123
124 /// Path to disk image containing vendor-specific modules.
125 #[cfg(vendor_modules)]
126 #[arg(long)]
127 vendor: Option<PathBuf>,
128
129 /// SysFS nodes of devices to assign to VM
130 #[cfg(device_assignment)]
131 #[arg(long)]
132 devices: Vec<PathBuf>,
133
134 /// Version of GKI to use. If set, use instead of microdroid kernel
135 #[cfg(vendor_modules)]
136 #[arg(long)]
137 gki: Option<String>,
138 }
139
140 impl MicrodroidConfig {
141 #[cfg(vendor_modules)]
vendor(&self) -> &Option<PathBuf>142 fn vendor(&self) -> &Option<PathBuf> {
143 &self.vendor
144 }
145
146 #[cfg(not(vendor_modules))]
vendor(&self) -> Option<PathBuf>147 fn vendor(&self) -> Option<PathBuf> {
148 None
149 }
150
151 #[cfg(vendor_modules)]
gki(&self) -> Option<&str>152 fn gki(&self) -> Option<&str> {
153 self.gki.as_deref()
154 }
155
156 #[cfg(not(vendor_modules))]
gki(&self) -> Option<&str>157 fn gki(&self) -> Option<&str> {
158 None
159 }
160
161 #[cfg(device_assignment)]
devices(&self) -> &Vec<PathBuf>162 fn devices(&self) -> &Vec<PathBuf> {
163 &self.devices
164 }
165
166 #[cfg(not(device_assignment))]
devices(&self) -> Vec<PathBuf>167 fn devices(&self) -> Vec<PathBuf> {
168 Vec::new()
169 }
170 }
171
172 #[derive(Args, Default)]
173 /// Flags for the run_app subcommand
174 pub struct RunAppConfig {
175 #[command(flatten)]
176 common: CommonConfig,
177
178 #[command(flatten)]
179 debug: DebugConfig,
180
181 #[command(flatten)]
182 microdroid: MicrodroidConfig,
183
184 /// Path to VM Payload APK
185 apk: PathBuf,
186
187 /// Path to idsig of the APK
188 idsig: PathBuf,
189
190 /// Path to the instance image. Created if not exists.
191 instance: PathBuf,
192
193 /// Path to file containing instance_id. Required iff llpvm feature is enabled.
194 #[cfg(llpvm_changes)]
195 #[arg(long = "instance-id-file")]
196 instance_id: PathBuf,
197
198 /// Path to VM config JSON within APK (e.g. assets/vm_config.json)
199 #[arg(long)]
200 config_path: Option<String>,
201
202 /// Name of VM payload binary within APK (e.g. MicrodroidTestNativeLib.so)
203 #[arg(long)]
204 #[arg(alias = "payload_path")]
205 payload_binary_name: Option<String>,
206
207 /// Paths to extra apk files.
208 #[cfg(multi_tenant)]
209 #[arg(long = "extra-apk")]
210 #[clap(conflicts_with = "config_path")]
211 extra_apks: Vec<PathBuf>,
212
213 /// Paths to extra idsig files.
214 #[arg(long = "extra-idsig")]
215 extra_idsigs: Vec<PathBuf>,
216 }
217
218 impl RunAppConfig {
219 #[cfg(multi_tenant)]
extra_apks(&self) -> &[PathBuf]220 fn extra_apks(&self) -> &[PathBuf] {
221 &self.extra_apks
222 }
223
224 #[cfg(not(multi_tenant))]
extra_apks(&self) -> &[PathBuf]225 fn extra_apks(&self) -> &[PathBuf] {
226 &[]
227 }
228
229 #[cfg(llpvm_changes)]
instance_id(&self) -> Result<PathBuf, Error>230 fn instance_id(&self) -> Result<PathBuf, Error> {
231 Ok(self.instance_id.clone())
232 }
233
234 #[cfg(not(llpvm_changes))]
instance_id(&self) -> Result<PathBuf, Error>235 fn instance_id(&self) -> Result<PathBuf, Error> {
236 Err(anyhow!("LLPVM feature is disabled, --instance_id flag not supported"))
237 }
238
239 #[cfg(llpvm_changes)]
set_instance_id(&mut self, instance_id_file: PathBuf) -> Result<(), Error>240 fn set_instance_id(&mut self, instance_id_file: PathBuf) -> Result<(), Error> {
241 self.instance_id = instance_id_file;
242 Ok(())
243 }
244
245 #[cfg(not(llpvm_changes))]
set_instance_id(&mut self, _: PathBuf) -> Result<(), Error>246 fn set_instance_id(&mut self, _: PathBuf) -> Result<(), Error> {
247 Err(anyhow!("LLPVM feature is disabled, --instance_id flag not supported"))
248 }
249 }
250
251 #[derive(Args, Default)]
252 /// Flags for the run_microdroid subcommand
253 pub struct RunMicrodroidConfig {
254 #[command(flatten)]
255 common: CommonConfig,
256
257 #[command(flatten)]
258 debug: DebugConfig,
259
260 #[command(flatten)]
261 microdroid: MicrodroidConfig,
262
263 /// Path to the directory where VM-related files (e.g. instance.img, apk.idsig, etc.) will
264 /// be stored. If not specified a random directory under /data/local/tmp/microdroid will be
265 /// created and used.
266 #[arg(long)]
267 work_dir: Option<PathBuf>,
268 }
269
270 #[derive(Args, Default)]
271 /// Flags for the run subcommand
272 pub struct RunCustomVmConfig {
273 #[command(flatten)]
274 common: CommonConfig,
275
276 #[command(flatten)]
277 debug: DebugConfig,
278
279 /// Path to VM config JSON
280 config: PathBuf,
281 }
282
283 #[derive(Parser)]
284 enum Opt {
285 /// Check if the feature is enabled on device.
286 CheckFeatureEnabled { feature: String },
287 /// Run a virtual machine with a config in APK
288 RunApp {
289 #[command(flatten)]
290 config: RunAppConfig,
291 },
292 /// Run a virtual machine with Microdroid inside
293 RunMicrodroid {
294 #[command(flatten)]
295 config: RunMicrodroidConfig,
296 },
297 /// Run a virtual machine
298 Run {
299 #[command(flatten)]
300 config: RunCustomVmConfig,
301 },
302 /// List running virtual machines
303 List,
304 /// Print information about virtual machine support
305 Info,
306 /// Create a new empty partition to be used as a writable partition for a VM
307 CreatePartition {
308 /// Path at which to create the image file
309 path: PathBuf,
310
311 /// The desired size of the partition, in bytes.
312 size: u64,
313
314 /// Type of the partition
315 #[arg(short = 't', long = "type", default_value = "raw",
316 value_parser = parse_partition_type)]
317 partition_type: PartitionType,
318 },
319 /// Creates or update the idsig file by digesting the input APK file.
320 CreateIdsig {
321 /// Path to VM Payload APK
322 apk: PathBuf,
323
324 /// Path to idsig of the APK
325 path: PathBuf,
326 },
327 }
328
parse_debug_level(s: &str) -> Result<DebugLevel, String>329 fn parse_debug_level(s: &str) -> Result<DebugLevel, String> {
330 match s {
331 "none" => Ok(DebugLevel::NONE),
332 "full" => Ok(DebugLevel::FULL),
333 _ => Err(format!("Invalid debug level {}", s)),
334 }
335 }
336
parse_partition_type(s: &str) -> Result<PartitionType, String>337 fn parse_partition_type(s: &str) -> Result<PartitionType, String> {
338 match s {
339 "raw" => Ok(PartitionType::RAW),
340 "instance" => Ok(PartitionType::ANDROID_VM_INSTANCE),
341 _ => Err(format!("Invalid partition type {}", s)),
342 }
343 }
344
parse_cpu_topology(s: &str) -> Result<CpuTopology, String>345 fn parse_cpu_topology(s: &str) -> Result<CpuTopology, String> {
346 match s {
347 "one_cpu" => Ok(CpuTopology::ONE_CPU),
348 "match_host" => Ok(CpuTopology::MATCH_HOST),
349 _ => Err(format!("Invalid cpu topology {}", s)),
350 }
351 }
352
get_service() -> Result<Strong<dyn IVirtualizationService>, Error>353 fn get_service() -> Result<Strong<dyn IVirtualizationService>, Error> {
354 let virtmgr =
355 vmclient::VirtualizationService::new().context("Failed to spawn VirtualizationService")?;
356 virtmgr.connect().context("Failed to connect to VirtualizationService")
357 }
358
command_check_feature_enabled(feature: &str)359 fn command_check_feature_enabled(feature: &str) {
360 println!(
361 "Feature {feature} is {}",
362 if avf_features::is_feature_enabled(feature) { "enabled" } else { "disabled" }
363 );
364 }
365
main() -> Result<(), Error>366 fn main() -> Result<(), Error> {
367 env_logger::init();
368 let opt = Opt::parse();
369
370 // We need to start the thread pool for Binder to work properly, especially link_to_death.
371 ProcessState::start_thread_pool();
372
373 match opt {
374 Opt::CheckFeatureEnabled { feature } => {
375 command_check_feature_enabled(&feature);
376 Ok(())
377 }
378 Opt::RunApp { config } => command_run_app(config),
379 Opt::RunMicrodroid { config } => command_run_microdroid(config),
380 Opt::Run { config } => command_run(config),
381 Opt::List => command_list(get_service()?.as_ref()),
382 Opt::Info => command_info(),
383 Opt::CreatePartition { path, size, partition_type } => {
384 command_create_partition(get_service()?.as_ref(), &path, size, partition_type)
385 }
386 Opt::CreateIdsig { apk, path } => {
387 command_create_idsig(get_service()?.as_ref(), &apk, &path)
388 }
389 }
390 }
391
392 /// List the VMs currently running.
command_list(service: &dyn IVirtualizationService) -> Result<(), Error>393 fn command_list(service: &dyn IVirtualizationService) -> Result<(), Error> {
394 let vms = service.debugListVms().context("Failed to get list of VMs")?;
395 println!("Running VMs: {:#?}", vms);
396 Ok(())
397 }
398
399 /// Print information about supported VM types.
command_info() -> Result<(), Error>400 fn command_info() -> Result<(), Error> {
401 let non_protected_vm_supported = hypervisor_props::is_vm_supported()?;
402 let protected_vm_supported = hypervisor_props::is_protected_vm_supported()?;
403 match (non_protected_vm_supported, protected_vm_supported) {
404 (false, false) => println!("VMs are not supported."),
405 (false, true) => println!("Only protected VMs are supported."),
406 (true, false) => println!("Only non-protected VMs are supported."),
407 (true, true) => println!("Both protected and non-protected VMs are supported."),
408 }
409
410 if let Some(version) = hypervisor_props::version()? {
411 println!("Hypervisor version: {}", version);
412 } else {
413 println!("Hypervisor version not set.");
414 }
415
416 if Path::new("/dev/kvm").exists() {
417 println!("/dev/kvm exists.");
418 } else {
419 println!("/dev/kvm does not exist.");
420 }
421
422 if Path::new("/dev/vfio/vfio").exists() {
423 println!("/dev/vfio/vfio exists.");
424 } else {
425 println!("/dev/vfio/vfio does not exist.");
426 }
427
428 if Path::new("/sys/bus/platform/drivers/vfio-platform").exists() {
429 println!("VFIO-platform is supported.");
430 } else {
431 println!("VFIO-platform is not supported.");
432 }
433
434 #[derive(Serialize)]
435 struct AssignableDevice {
436 node: String,
437 dtbo_label: String,
438 }
439
440 let devices = get_service()?.getAssignableDevices()?;
441 let devices: Vec<_> = devices
442 .into_iter()
443 .map(|device| AssignableDevice { node: device.node, dtbo_label: device.dtbo_label })
444 .collect();
445 println!("Assignable devices: {}", serde_json::to_string(&devices)?);
446
447 let os_list = get_service()?.getSupportedOSList()?;
448 println!("Available OS list: {}", serde_json::to_string(&os_list)?);
449
450 Ok(())
451 }
452
453 #[cfg(test)]
454 mod tests {
455 use super::*;
456 use clap::CommandFactory;
457
458 #[test]
verify_app()459 fn verify_app() {
460 // Check that the command parsing has been configured in a valid way.
461 Opt::command().debug_assert();
462 }
463 }
464