Introduce VM base DTBO as pvmfw config v1.2
VM base DTBO will be constructed in ABL and passed into pvmfw via config
entry from v1.2. This change is required to control pvmfw config v1.2.
Properties in VM base DTBO will be sent to VM DT only when FDT come from
the host contains same property name.
Bug: 318431695
Test: adb shell /apex/com.android.virt/bin/vm run-microdroid --protected
Test: adb shell /apex/com.android.virt/bin/vm run-microdroid --protected --vendor /vendor/etc/avf/microdroid/microdroid_vendor.img
Test: adb -s <microdroid device> shell ls /sys/firmware/devicetree/base/avf
Test: adb -s <microdroid device> shell cat /sys/firmware/devicetree/base/avf/vendor_hashtree_descriptor_root_digest
Change-Id: Ia4889f61eb8975ead8dfe8c6d38abd94ba35f0ab
diff --git a/pvmfw/src/entry.rs b/pvmfw/src/entry.rs
index 8c4396d..c740d1b 100644
--- a/pvmfw/src/entry.rs
+++ b/pvmfw/src/entry.rs
@@ -88,6 +88,7 @@
kernel: usize,
kernel_size: usize,
vm_dtbo: Option<&mut [u8]>,
+ vm_base_dtbo: Option<&mut [u8]>,
) -> Result<Self, RebootReason> {
let fdt_size = NonZeroUsize::new(crosvm::FDT_MAX_SIZE).unwrap();
// TODO - Only map the FDT as read-only, until we modify it right before jump_to_payload()
@@ -101,7 +102,7 @@
// SAFETY: The tracker validated the range to be in main memory, mapped, and not overlap.
let fdt = unsafe { slice::from_raw_parts_mut(range.start as *mut u8, range.len()) };
- let info = fdt::sanitize_device_tree(fdt, vm_dtbo)?;
+ let info = fdt::sanitize_device_tree(fdt, vm_dtbo, vm_base_dtbo)?;
let fdt = libfdt::Fdt::from_mut_slice(fdt).map_err(|e| {
error!("Failed to load sanitized FDT: {e}");
RebootReason::InvalidFdt
@@ -227,7 +228,13 @@
Some(memory::appended_payload_range()),
));
- let slices = MemorySlices::new(fdt, payload, payload_size, config_entries.vm_dtbo)?;
+ let slices = MemorySlices::new(
+ fdt,
+ payload,
+ payload_size,
+ config_entries.vm_dtbo,
+ config_entries.vm_base_dtbo,
+ )?;
// This wrapper allows main() to be blissfully ignorant of platform details.
let next_bcc = crate::main(