pvmfw: Perform DICE derivation
Integrate DICE derivation into pvmfw and fail if the operation fails.
Note that we still need to get the salt ("hidden" DICE input) from the
instance.img or TRNG and pass the result to the next stage.
Bug: 256827715
Test: atest MicrodroidHostTests
Change-Id: Ibebaf526fd6055b9d05ce6017b560fb8814471e5
diff --git a/pvmfw/src/main.rs b/pvmfw/src/main.rs
index b0177bf..efd3e7c 100644
--- a/pvmfw/src/main.rs
+++ b/pvmfw/src/main.rs
@@ -21,6 +21,7 @@
mod avb;
mod config;
+mod dice;
mod entry;
mod exceptions;
mod fdt;
@@ -35,16 +36,20 @@
use crate::{
avb::PUBLIC_KEY,
+ dice::derive_next_bcc,
entry::RebootReason,
+ helpers::GUEST_PAGE_SIZE,
memory::MemoryTracker,
pci::{find_virtio_devices, map_mmio},
};
-use dice::bcc;
+use ::dice::bcc;
use fdtpci::{PciError, PciInfo};
use libfdt::Fdt;
use log::{debug, error, info, trace};
use pvmfw_avb::verify_payload;
+const NEXT_BCC_SIZE: usize = GUEST_PAGE_SIZE;
+
fn main(
fdt: &Fdt,
signed_kernel: &[u8],
@@ -77,6 +82,32 @@
RebootReason::PayloadVerificationError
})?;
+ let mut scratch_bcc = [0; NEXT_BCC_SIZE];
+ let next_bcc = &mut scratch_bcc; // TODO(b/256827715): Pass result BCC to next stage.
+ let debug_mode = false; // TODO(b/256148034): Derive the DICE mode from the received initrd.
+ const HASH_SIZE: usize = 64;
+ let mut hashes = [0; HASH_SIZE * 2]; // TODO(b/256148034): Extract AvbHashDescriptor digests.
+ hashes[..HASH_SIZE].copy_from_slice(&::dice::hash(signed_kernel).map_err(|_| {
+ error!("Failed to hash the kernel");
+ RebootReason::InternalError
+ })?);
+ // Note: Using signed_kernel currently makes the DICE code input depend on its VBMeta fields.
+ let code_hash = if let Some(rd) = ramdisk {
+ hashes[HASH_SIZE..].copy_from_slice(&::dice::hash(rd).map_err(|_| {
+ error!("Failed to hash the ramdisk");
+ RebootReason::InternalError
+ })?);
+ &hashes[..]
+ } else {
+ &hashes[..HASH_SIZE]
+ };
+ let next_bcc_size =
+ derive_next_bcc(bcc, next_bcc, code_hash, debug_mode, PUBLIC_KEY).map_err(|e| {
+ error!("Failed to derive next-stage DICE secrets: {e:?}");
+ RebootReason::SecretDerivationError
+ })?;
+ trace!("Next BCC: {:x?}", bcc::Handover::new(&next_bcc[..next_bcc_size]));
+
info!("Starting payload...");
Ok(())
}