From 2384e8abfe2fb6be64bd3670f4d3bef2e039db3f Mon Sep 17 00:00:00 2001
From: Nikita Ioffe <ioffe@google.com>
Date: Tue, 12 Mar 2024 15:34:11 +0000
Subject: [PATCH] Mount /microdroid_resources as tmpfs

This will be used to store the new dice chain generated during
first_stage_init phase in case Microdroid VM is launched with
microdroid vendor partition.

Bug: 287593065
Test: atest MicrodroidTests
Test: start Microdroid VM & check microdroid_resources exists
Change-Id: I40677376bfed14d813ad51c78db6109b2d76d1d1
---
 init/Android.bp           | 7 ++++++-
 init/first_stage_init.cpp | 8 +++++++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/init/Android.bp b/init/Android.bp
index c3abefe14..419948454 100644
--- a/init/Android.bp
+++ b/init/Android.bp
@@ -162,6 +162,7 @@ libinit_cc_defaults {
     },
     static_libs: [
         "libavb",
+        "libavf_cc_flags",
         "libbootloader_message",
         "libc++fs",
         "libcgrouprc_format",
@@ -359,6 +360,7 @@ init_first_stage_cc_defaults {
     static_libs: [
         "libc++fs",
         "libfs_avb",
+        "libavf_cc_flags",
         "libfs_mgr",
         "libfec",
         "libfec_rs",
@@ -459,7 +461,10 @@ cc_binary {
 
 cc_binary {
     name: "init_first_stage.microdroid",
-    defaults: ["init_first_stage_defaults"],
+    defaults: [
+        "avf_build_flags_cc",
+        "init_first_stage_defaults"
+    ],
     cflags: ["-DMICRODROID=1"],
     installable: false,
 }
diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
index c4d0f758d..356aaa091 100644
--- a/init/first_stage_init.cpp
+++ b/init/first_stage_init.cpp
@@ -37,6 +37,7 @@
 #include <android-base/file.h>
 #include <android-base/logging.h>
 #include <android-base/stringprintf.h>
+#include <android/avf_cc_flags.h>
 #include <modprobe/modprobe.h>
 #include <private/android_filesystem_config.h>
 
@@ -385,7 +386,12 @@ int FirstStageMain(int argc, char** argv) {
     // /second_stage_resources is used to preserve files from first to second
     // stage init
     CHECKCALL(mount("tmpfs", kSecondStageRes, "tmpfs", MS_NOEXEC | MS_NOSUID | MS_NODEV,
-                    "mode=0755,uid=0,gid=0"))
+                    "mode=0755,uid=0,gid=0"));
+
+    if (IsMicrodroid() && android::virtualization::IsOpenDiceChangesFlagEnabled()) {
+        CHECKCALL(mount("tmpfs", "/microdroid_resources", "tmpfs", MS_NOEXEC | MS_NOSUID | MS_NODEV,
+                        "mode=0750,uid=0,gid=0"));
+    }
 #undef CHECKCALL
 
     SetStdioToDevNull(argv);