pvmfw: Support instance.img for storing DICE salt
On boot, attempt to read the DICE hidden input (salt) from persistent
storage, in order to provide persistence of secrets across reboots of
the same kernel/ramdisk images. To ensure that the salt is only re-used
with the same preloaded images signed by the same authority, store the
other DICE inputs so that they can be verified to match on the next
boot.
Implement support for parsing GUID Partition Tables (GPT) on top of
virtio-blk, to locate, read from, and write to named partitions.
Implement support for the instance.img format, defined by the AVF team,
and conceptually acting as a filesystem within the GPT partition named
"vm-instance", where each stage of the pVM boot process owns an entry
(sometimes called a partition), identified through a UUID.
As the host is in charge of providing the file backing the virtual disk,
the content of the instance.img entry will be encrypted in a following
commit.
Bug: 262344886
Test: atest MicrodroidHostTests
Change-Id: Ic43bb7780b5e106002590f9c97cd900c3ff5e3d9
diff --git a/pvmfw/src/main.rs b/pvmfw/src/main.rs
index 223c24e..6545a07 100644
--- a/pvmfw/src/main.rs
+++ b/pvmfw/src/main.rs
@@ -26,9 +26,11 @@
mod entry;
mod exceptions;
mod fdt;
+mod gpt;
mod heap;
mod helpers;
mod hvc;
+mod instance;
mod memory;
mod mmio_guard;
mod mmu;
@@ -42,10 +44,11 @@
use crate::fdt::modify_for_next_stage;
use crate::helpers::flush;
use crate::helpers::GUEST_PAGE_SIZE;
+use crate::instance::get_or_generate_instance_salt;
use crate::memory::MemoryTracker;
use crate::virtio::pci;
-use crate::virtio::pci::find_virtio_devices;
-use diced_open_dice::{bcc_handover_main_flow, bcc_handover_parse, HIDDEN_SIZE};
+use diced_open_dice::bcc_handover_main_flow;
+use diced_open_dice::bcc_handover_parse;
use fdtpci::{PciError, PciInfo};
use libfdt::Fdt;
use log::{debug, error, info, trace};
@@ -80,7 +83,6 @@
let pci_info = PciInfo::from_fdt(fdt).map_err(handle_pci_error)?;
debug!("PCI: {:#x?}", pci_info);
let mut pci_root = pci::initialise(pci_info, memory)?;
- find_virtio_devices(&mut pci_root).map_err(handle_pci_error)?;
let verified_boot_data = verify_payload(signed_kernel, ramdisk, PUBLIC_KEY).map_err(|e| {
error!("Failed to verify the payload: {e}");
@@ -98,7 +100,13 @@
error!("Failed to compute partial DICE inputs: {e:?}");
RebootReason::InternalError
})?;
- let (new_instance, salt) = (false, [0; HIDDEN_SIZE]); // TODO(b/249723852): instance.img.
+ let (new_instance, salt) =
+ get_or_generate_instance_salt(&mut pci_root, &dice_inputs).map_err(|e| {
+ error!("Failed to get instance.img salt: {e}");
+ RebootReason::InternalError
+ })?;
+ trace!("Got salt from instance.img: {salt:x?}");
+
let dice_inputs = dice_inputs.into_input_values(&salt).map_err(|e| {
error!("Failed to generate DICE inputs: {e:?}");
RebootReason::InternalError