[avb] Define rust API for image verification and connect pvmfw
This CL
- defines the image verification rust API using avb_bindgen.
- defines the return error enum for the API.
- invokes the API from pvmfw.
- adds e2e test for the pvmfw run without error scenario.
Bug: 256148034
Test: atest MicrodroidHostTests
Change-Id: I272e9b8031e34137dca761b66ffabab264f055dd
diff --git a/pvmfw/src/entry.rs b/pvmfw/src/entry.rs
index 7859ff3..a274210 100644
--- a/pvmfw/src/entry.rs
+++ b/pvmfw/src/entry.rs
@@ -45,6 +45,8 @@
InvalidPayload,
/// The provided ramdisk was invalid.
InvalidRamdisk,
+ /// Failed to verify the payload.
+ PayloadVerificationError,
}
main!(start);
@@ -223,7 +225,10 @@
let slices = MemorySlices::new(fdt, payload, payload_size, &mut memory)?;
// This wrapper allows main() to be blissfully ignorant of platform details.
- crate::main(slices.fdt, slices.kernel, slices.ramdisk, bcc);
+ crate::main(slices.fdt, slices.kernel, slices.ramdisk, bcc).map_err(|e| {
+ error!("Failed to verify the payload: {e}");
+ RebootReason::PayloadVerificationError
+ })?;
// TODO: Overwrite BCC before jumping to payload to avoid leaking our sealing key.