Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 4db76eb5946ceecf288a352f733d641d3936bf34^! / . / pvmfw / src / dice.rs
commit4db76eb5946ceecf288a352f733d641d3936bf34[log] [tgz]
authorAlan Stokes <alanstokes@google.com>Wed Apr 26 14:28:15 2023 +0100
committerAlan Stokes <alanstokes@google.com>Fri May 05 15:31:38 2023 +0100
treecf479f93152c99391697e0af0a3fffd5d8be7c5e
parent8ec05d17a90d359412fc0a011c93d9ba4d7d0269 [diff] [blame]
Add BCC checking

Check whether any stage in the received BCC is marked as debug. If
not, refuse to apply any debug policy we receive. (The bootloader
shouldn't pass one in this case, this is just to make sure we catch
any mistake here.)

In passing fix the lifetime of the config descriptor buffer
(b/280617929).

Bug: 275424867
Test: atest MicrodroidTests
Change-Id: I507fedee9e21e8cbda60044a4e0324e0d6530b00

diff --git a/pvmfw/src/dice.rs b/pvmfw/src/dice.rs
index bad3453..e588acb 100644
--- a/pvmfw/src/dice.rs
+++ b/pvmfw/src/dice.rs

@@ -60,13 +60,13 @@
     pub fn into_input_values(
         self,
         salt: &[u8; HIDDEN_SIZE],
+        config_descriptor_buffer: &mut [u8],
     ) -> diced_open_dice::Result<InputValues> {
-        let mut config_descriptor_buffer = [0; 128];
         let config_descriptor_size = bcc_format_config_descriptor(
             Some(cstr!("vm_entry")),
             None,  // component_version
             false, // resettable
-            &mut config_descriptor_buffer,
+            config_descriptor_buffer,
         )?;
         let config = &config_descriptor_buffer[..config_descriptor_size];