pvmfw: parse and validate incoming device tree
Validate the incoming device tree and parse it into DeviceTreeInfo. No
modification to the device tree is made with this CL. The follow-up CL
will patch the embedded device tree template with DeviceTreeInfo.
Bug: 249054080
Test: run protected VM and see the log message from pvmfw
Change-Id: Ie55fa4ba70c807c729407c136c5b7d262473dae5
diff --git a/pvmfw/src/main.rs b/pvmfw/src/main.rs
index 577ad6e..e1ecac4 100644
--- a/pvmfw/src/main.rs
+++ b/pvmfw/src/main.rs
@@ -45,6 +45,7 @@
use crate::dice::PartialInputs;
use crate::entry::RebootReason;
use crate::fdt::modify_for_next_stage;
+use crate::fdt::parse_device_tree;
use crate::helpers::flush;
use crate::helpers::GUEST_PAGE_SIZE;
use crate::instance::get_or_generate_instance_salt;
@@ -83,6 +84,11 @@
})?;
trace!("BCC: {bcc_handover:x?}");
+ // This parsing step includes validation. So this effectively ensures that the DT can't be
+ // abused by the host to attack pvmfw in pci::initialize below.
+ let device_tree_info = parse_device_tree(fdt)?;
+ debug!("Device tree info: {:?}", device_tree_info);
+
// Set up PCI bus for VirtIO devices.
let pci_info = PciInfo::from_fdt(fdt).map_err(handle_pci_error)?;
debug!("PCI: {:#x?}", pci_info);