Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 49cf1270ab5b6ea17d0ac6c15d5c1f07cf7ceeec^! / . / guest / pvmfw
commit49cf1270ab5b6ea17d0ac6c15d5c1f07cf7ceeec[log] [tgz]
authorPierre-Clément Tosi <ptosi@google.com>Fri Mar 21 16:38:15 2025 +0000
committerPierre-Clément Tosi <ptosi@google.com>Fri Mar 21 19:17:28 2025 +0000
tree8606c82898f1493c7fde9280acd1b2a374b9c3f4
parent652504014ef5287b41f6e05aa794de413b814f2b [diff]
pvmfw: main: Introduce AVB helper function

Refactor for supporting optionally skipping AVB.

Note: No functional change intended.

Test: m pvmfw
Bug: 393977894
Change-Id: I0dfcac1d05e7227d7d6cbed94dc4bbe4b5615a59

diff --git a/guest/pvmfw/src/main.rs b/guest/pvmfw/src/main.rs
index bef6fcb..f505318 100644
--- a/guest/pvmfw/src/main.rs
+++ b/guest/pvmfw/src/main.rs

@@ -46,6 +46,7 @@
 use log::{debug, error, info, trace, warn};
 use pvmfw_avb::verify_payload;
 use pvmfw_avb::DebugLevel;
+use pvmfw_avb::VerifiedBootData;
 use pvmfw_embedded_key::PUBLIC_KEY;
 use vmbase::heap;
 use vmbase::memory::{flush, SIZE_4KB};
@@ -80,17 +81,9 @@
         debug_policy = None;
     }
 
-    let verified_boot_data = verify_payload(signed_kernel, ramdisk, PUBLIC_KEY).map_err(|e| {
-        error!("Failed to verify the payload: {e}");
-        RebootReason::PayloadVerificationError
-    })?;
-    let debuggable = verified_boot_data.debug_level != DebugLevel::None;
-    if debuggable {
-        info!("Successfully verified a debuggable payload.");
-        info!("Please disregard any previous libavb ERROR about initrd_normal.");
-    }
+    let (verified_boot_data, debuggable, guest_page_size) =
+        perform_verified_boot(signed_kernel, ramdisk)?;
 
-    let guest_page_size = verified_boot_data.page_size.unwrap_or(SIZE_4KB);
     let hyp_page_size = hypervisor_backends::get_granule_size();
     let _ =
         sanitize_device_tree(untrusted_fdt, vm_dtbo, vm_ref_dt, guest_page_size, hyp_page_size)?;
@@ -217,6 +210,24 @@
     Ok(next_dice_handover)
 }
 
+fn perform_verified_boot<'a>(
+    signed_kernel: &[u8],
+    ramdisk: Option<&[u8]>,
+) -> Result<(VerifiedBootData<'a>, bool, usize), RebootReason> {
+    let verified_boot_data = verify_payload(signed_kernel, ramdisk, PUBLIC_KEY).map_err(|e| {
+        error!("Failed to verify the payload: {e}");
+        RebootReason::PayloadVerificationError
+    })?;
+    let debuggable = verified_boot_data.debug_level != DebugLevel::None;
+    if debuggable {
+        info!("Successfully verified a debuggable payload.");
+        info!("Please disregard any previous libavb ERROR about initrd_normal.");
+    }
+    let guest_page_size = verified_boot_data.page_size.unwrap_or(SIZE_4KB);
+
+    Ok((verified_boot_data, debuggable, guest_page_size))
+}
+
 // Get the "salt" which is one of the input for DICE derivation.
 // This provides differentiation of secrets for different VM instances with same payloads.
 fn salt_from_instance_id(fdt: &Fdt) -> Result<Option<Hidden>, RebootReason> {