Enable pkvm based on the relevant sysprop rather than /dev/kvm

1. This is simpler, as it can be triggered by logic in the init.rc 2. The old method of probing /dev/kvm fails if non-protected kvm is enabled: the device will exist, but pkvm is not enable Bug: 346525496 Test: observe that pkvm is enabled after double reboot Change-Id: I2f557ed56f13458a288ede34e672692b511b6bc9
2024-06-12 12:18:48 +00:00 · 2024-06-12 12:18:48 +00:00 · 4ff69cacdf
commit 4ff69cacdf
parent f34142e084
2 changed files with 7 additions and 18 deletions
--- a/pkvm/pkvm_enabler.c
+++ b/pkvm/pkvm_enabler.c
@ -24,7 +24,6 @@

 #include <log/log.h>

-#define KVM_DEVICE  "/dev/kvm"
 #define MISC_WRITER "/vendor/bin/misc_writer"

 int main() {
@ -33,22 +32,7 @@ int main() {
    pid_t pid;
    int ret, wstatus;

-    /* Check whether KVM device exists. */
-    ret = access(KVM_DEVICE, F_OK);
-
-    /* If KVM device exists, return SUCCESS to continue booting. */
-    if (ret == 0) {
-        exit(EXIT_SUCCESS);
-    }
-
-    if (ret != -ENOENT) {
-        ALOGW("Unexpected error from access(): %d", ret);
-    }
-
-    /*
-     * If KVM device does not exist, run misc_writer and return FAILURE
-     * to force a reboot.
-     */
+    /* Run misc_writer and return FAILURE to force a reboot. */
    pid = fork();
    if (pid == -1) {
        ALOGE("Could not fork: %d", errno);
--- a/pkvm/pkvm_enabler.gs101.rc
+++ b/pkvm/pkvm_enabler.gs101.rc
@ -2,5 +2,10 @@ service pkvm_enabler /vendor/bin/pkvm_enabler
    reboot_on_failure reboot,pkvm-not-enabled
    user root

-on early-init
+# Old bootloaders do not set the protected_vm sysprop when pkvm is disabled
+on early-init && property:ro.boot.hypervisor.protected_vm.supported=
+    exec_start pkvm_enabler
+
+# New bootloaders set the protected_vm sysprop to 0 when pkvm is disabled
+on early-init && property:ro.boot.hypervisor.protected_vm.supported=0
    exec_start pkvm_enabler