From 4e18aa73ea1e44758731b6c113438833e05d36bd Mon Sep 17 00:00:00 2001
From: Andrew Scull <ascull@google.com>
Date: Mon, 1 Nov 2021 11:24:07 +0000
Subject: [PATCH] Start the pKVM experiment

Reflect the pKVM experiment status from the property into the misc
partition so the bootloader can apply it next boot. This is only done on
builds that don't have pKVM enabled by default by pkvm_enabler.

Bug: 192819132
Test: set property and observe change in pKVM state at reboot
Change-Id: Ief85fa196f630867d0a0ced7fa4744f0241d41ea
---
 device.mk               |  3 +++
 pkvm/pkvm_experiment.rc | 13 +++++++++++++
 2 files changed, 16 insertions(+)
 create mode 100644 pkvm/pkvm_experiment.rc

diff --git a/device.mk b/device.mk
index 57456d2d..964f9a42 100644
--- a/device.mk
+++ b/device.mk
@@ -1072,6 +1072,9 @@ $(call inherit-product, packages/modules/Virtualization/apex/product_packages.mk
 PRODUCT_BUILD_PVMFW_IMAGE := true
 ifeq ($(TARGET_PKVM_ENABLED),true)
     PRODUCT_PACKAGES += pkvm_enabler
+else
+    PRODUCT_COPY_FILES += \
+	    device/google/gs101/pkvm/pkvm_experiment.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/pkvm_experiment.rc
 endif
 
 # Enable watchdog timeout loop breaker.
diff --git a/pkvm/pkvm_experiment.rc b/pkvm/pkvm_experiment.rc
new file mode 100644
index 00000000..148f0841
--- /dev/null
+++ b/pkvm/pkvm_experiment.rc
@@ -0,0 +1,13 @@
+service vendor.pkvm_enable /vendor/bin/misc_writer --set-enable-pkvm
+    disabled
+    oneshot
+
+service vendor.pkvm_disable /vendor/bin/misc_writer --set-disable-pkvm
+    disabled
+    oneshot
+
+on property:persist.device_config.virtualization_framework_native.isolated_compilation_enabled=true
+    start vendor.pkvm_enable
+
+on property:persist.device_config.virtualization_framework_native.isolated_compilation_enabled=false
+    start vendor.pkvm_disable