From f478e274b18ccfcd73b62536e9ab1ec8b9fc913f Mon Sep 17 00:00:00 2001
From: Jiyong Park <jiyong@google.com>
Date: Mon, 30 May 2022 16:11:39 +0900
Subject: [PATCH] ANDROID: add build configs for Microdroid

Microdroid [1] is a lightweight variant of Android for on-device VMs
which are intended to serve security/privacy sensitive tasks. So far,
Microdroid has used the GKI, which is for the full-fledged Android.
This isn't ideal because Microdroid doesn't support many features that
are built-in for Android: audio, bluetooth, gps, multiple filesystems,
etc. Such features makes the kernel unnecessarily bigger and a bit
slower for Microdroid. In addition, there has been a concern that such
unused features could increase the potenal attack surfaces.

Making GKI more modular is an option, however it is sub-optimal as there
are some features that can't be modularized but contribute a lot to the
kernel size (e.g. KALLSYMS_ALL, INET). Therefore, we decided to
introduce a new config.

This change introduces two arch-specific configs for Microdroid:
build.config.microdroid.aarch64 and build.config.microdroid.x86_64. As
the initial step, the two configs are identical to the corresponding
GKI configs. Follow-up changes will gradually turn off unnecessary
features.

Implementation wise, the new config is implemented as a config fragment
on top of the GKI config. The fragment will have `# CONFIG_XXX is not
set` to turn the feature `XXX` that GKI enables.

[1] https://android.googlesource.com/platform/packages/modules/Virtualization/+/HEAD/microdroid/README.md

Bug: 231106934
Test: BUILD_CONFIG=common/build/config.microdroid.aarch64 build/build.sh
Test: BUILD_CONFIG=common/build/config.microdroid.x86_64 build/build.sh
Signed-off-by: Jiyong Park <jiyong@google.com>
Change-Id: Iaf3654232b2d5eed0ffc1f52a2f96fa362e60cd7
---
 arch/arm64/configs/microdroid.fragment |  0
 arch/x86/configs/microdroid.fragment   |  0
 build.config.microdroid                | 15 +++++++++++++++
 build.config.microdroid.aarch64        |  3 +++
 build.config.microdroid.x86_64         |  3 +++
 5 files changed, 21 insertions(+)
 create mode 100644 arch/arm64/configs/microdroid.fragment
 create mode 100644 arch/x86/configs/microdroid.fragment
 create mode 100644 build.config.microdroid
 create mode 100644 build.config.microdroid.aarch64
 create mode 100644 build.config.microdroid.x86_64

diff --git a/arch/arm64/configs/microdroid.fragment b/arch/arm64/configs/microdroid.fragment
new file mode 100644
index 000000000000..e69de29bb2d1
diff --git a/arch/x86/configs/microdroid.fragment b/arch/x86/configs/microdroid.fragment
new file mode 100644
index 000000000000..e69de29bb2d1
diff --git a/build.config.microdroid b/build.config.microdroid
new file mode 100644
index 000000000000..2c644e5509d9
--- /dev/null
+++ b/build.config.microdroid
@@ -0,0 +1,15 @@
+SRCARCH=${ARCH}
+if [ "${ARCH}" = x86_64 ]; then
+    SRCARCH=x86
+fi
+
+DEFCONFIG=microdroid_defconfig
+
+# MERGED_CONFIG is created by merging GKI_DEFCONFIG and FRAGMENT_CONFIG using MERGE_SCRIPT
+MERGE_SCRIPT=${ROOT_DIR}/${KERNEL_DIR}/scripts/kconfig/merge_config.sh
+GKI_DEFCONFIG=${ROOT_DIR}/${KERNEL_DIR}/arch/${SRCARCH}/configs/gki_defconfig
+FRAGMENT_CONFIG=${ROOT_DIR}/${KERNEL_DIR}/arch/${SRCARCH}/configs/microdroid.fragment
+MERGED_CONFIG=${ROOT_DIR}/${KERNEL_DIR}/arch/${SRCARCH}/configs/${DEFCONFIG}
+
+PRE_DEFCONFIG_CMDS="KCONFIG_CONFIG=${MERGED_CONFIG} ${MERGE_SCRIPT} -m ${GKI_DEFCONFIG} ${FRAGMENT_CONFIG}"
+POST_DEFCONFIG_CMDS="rm ${MERGED_CONFIG}"
diff --git a/build.config.microdroid.aarch64 b/build.config.microdroid.aarch64
new file mode 100644
index 000000000000..48cece23f5c3
--- /dev/null
+++ b/build.config.microdroid.aarch64
@@ -0,0 +1,3 @@
+. ${ROOT_DIR}/${KERNEL_DIR}/build.config.common
+. ${ROOT_DIR}/${KERNEL_DIR}/build.config.aarch64
+. ${ROOT_DIR}/${KERNEL_DIR}/build.config.microdroid
diff --git a/build.config.microdroid.x86_64 b/build.config.microdroid.x86_64
new file mode 100644
index 000000000000..c2011219868f
--- /dev/null
+++ b/build.config.microdroid.x86_64
@@ -0,0 +1,3 @@
+. ${ROOT_DIR}/${KERNEL_DIR}/build.config.common
+. ${ROOT_DIR}/${KERNEL_DIR}/build.config.x86_64
+. ${ROOT_DIR}/${KERNEL_DIR}/build.config.microdroid