[avb] Define rust API for image verification and connect pvmfw
This CL
- defines the image verification rust API using avb_bindgen.
- defines the return error enum for the API.
- invokes the API from pvmfw.
- adds e2e test for the pvmfw run without error scenario.
Bug: 256148034
Test: atest MicrodroidHostTests
Change-Id: I272e9b8031e34137dca761b66ffabab264f055dd
diff --git a/pvmfw/src/main.rs b/pvmfw/src/main.rs
index 6810fda..3d5629a 100644
--- a/pvmfw/src/main.rs
+++ b/pvmfw/src/main.rs
@@ -32,9 +32,16 @@
mod smccc;
use avb::PUBLIC_KEY;
+use avb_nostd::{verify_image, AvbImageVerifyError};
use log::{debug, info};
-fn main(fdt: &libfdt::Fdt, signed_kernel: &[u8], ramdisk: Option<&[u8]>, bcc: &[u8]) {
+/// TODO(b/256148034): Return RebootReason as error here
+fn main(
+ fdt: &libfdt::Fdt,
+ signed_kernel: &[u8],
+ ramdisk: Option<&[u8]>,
+ bcc: &[u8],
+) -> Result<(), AvbImageVerifyError> {
info!("pVM firmware");
debug!("FDT: {:?}", fdt as *const libfdt::Fdt);
debug!("Signed kernel: {:?} ({:#x} bytes)", signed_kernel.as_ptr(), signed_kernel.len());
@@ -44,6 +51,7 @@
debug!("Ramdisk: None");
}
debug!("BCC: {:?} ({:#x} bytes)", bcc.as_ptr(), bcc.len());
- debug!("AVB public key: addr={:?}, size={:#x} ({1})", PUBLIC_KEY.as_ptr(), PUBLIC_KEY.len());
- info!("Starting payload...");
+ verify_image(signed_kernel, PUBLIC_KEY)?;
+ info!("Payload verified. Starting payload...");
+ Ok(())
}