Merge "pvmfw: Replace "BCC" with proper DICE terminology" into main
diff --git a/guest/pvmfw/README.md b/guest/pvmfw/README.md
index 08b0d5c..0288741 100644
--- a/guest/pvmfw/README.md
+++ b/guest/pvmfw/README.md
@@ -521,12 +521,12 @@
and its configuration data.
As a quick prototyping solution, a valid DICE chain (such as this [test
-file][bcc.dat]) can be appended to the `pvmfw.bin` image with `pvmfw-tool`.
+file][dice.dat]) can be appended to the `pvmfw.bin` image with `pvmfw-tool`.
```shell
m pvmfw-tool pvmfw_bin
PVMFW_BIN=${ANDROID_PRODUCT_OUT}/system/etc/pvmfw.bin
-DICE=${ANDROID_BUILD_TOP}/packages/modules/Virtualization/tests/pvmfw/assets/bcc.dat
+DICE=${ANDROID_BUILD_TOP}/packages/modules/Virtualization/tests/pvmfw/assets/dice.dat
pvmfw-tool custom_pvmfw ${PVMFW_BIN} ${DICE}
```
@@ -548,7 +548,7 @@
Note: `adb root` is required to set the system property.
-[bcc.dat]: https://cs.android.com/android/platform/superproject/main/+/main:packages/modules/Virtualization/tests/pvmfw/assets/bcc.dat
+[dice.dat]: https://cs.android.com/android/platform/superproject/main/+/main:packages/modules/Virtualization/tests/pvmfw/assets/dice.dat
### Running pVM without pvmfw
diff --git a/guest/pvmfw/src/arch/aarch64/payload.rs b/guest/pvmfw/src/arch/aarch64/payload.rs
index 0da8297..3f3ee33 100644
--- a/guest/pvmfw/src/arch/aarch64/payload.rs
+++ b/guest/pvmfw/src/arch/aarch64/payload.rs
@@ -23,13 +23,13 @@
/// Function boot payload after cleaning all secret from pvmfw memory
pub fn jump_to_payload(entrypoint: usize, slices: &MemorySlices) -> ! {
let fdt_address = slices.fdt.as_ptr() as usize;
- let bcc = slices
- .dice_chain
+ let dice_handover = slices
+ .dice_handover
.map(|slice| {
let r = slice.as_ptr_range();
(r.start as usize)..(r.end as usize)
})
- .expect("Missing DICE chain");
+ .expect("Missing DICE handover");
deactivate_dynamic_page_tables();
@@ -50,9 +50,9 @@
assert_eq!(scratch.start.0 % ASM_STP_ALIGN, 0, "scratch memory is misaligned.");
assert_eq!(scratch.end.0 % ASM_STP_ALIGN, 0, "scratch memory is misaligned.");
- assert!(bcc.is_within(&(scratch.start.0..scratch.end.0)));
- assert_eq!(bcc.start % ASM_STP_ALIGN, 0, "Misaligned guest BCC.");
- assert_eq!(bcc.end % ASM_STP_ALIGN, 0, "Misaligned guest BCC.");
+ assert!(dice_handover.is_within(&(scratch.start.0..scratch.end.0)));
+ assert_eq!(dice_handover.start % ASM_STP_ALIGN, 0, "Misaligned guest DICE handover.");
+ assert_eq!(dice_handover.end % ASM_STP_ALIGN, 0, "Misaligned guest DICE handover.");
let stack = layout::stack_range();
@@ -73,17 +73,17 @@
// SAFETY: We're exiting pvmfw by passing the register values we need to a noreturn asm!().
unsafe {
asm!(
- "cmp {scratch}, {bcc}",
+ "cmp {scratch}, {dice_handover}",
"b.hs 1f",
- // Zero .data & .bss until BCC.
+ // Zero .data & .bss until DICE handover.
"0: stp xzr, xzr, [{scratch}], 16",
- "cmp {scratch}, {bcc}",
+ "cmp {scratch}, {dice_handover}",
"b.lo 0b",
"1:",
- // Skip BCC.
- "mov {scratch}, {bcc_end}",
+ // Skip DICE handover.
+ "mov {scratch}, {dice_handover_end}",
"cmp {scratch}, {scratch_end}",
"b.hs 1f",
@@ -93,7 +93,7 @@
"b.lo 0b",
"1:",
- // Flush d-cache over .data & .bss (including BCC).
+ // Flush d-cache over .data & .bss (including DICE handover).
"0: dc cvau, {cache_line}",
"add {cache_line}, {cache_line}, {dcache_line_size}",
"cmp {cache_line}, {scratch_end}",
@@ -159,8 +159,8 @@
"dsb nsh",
"br x30",
sctlr_el1_val = in(reg) SCTLR_EL1_VAL,
- bcc = in(reg) u64::try_from(bcc.start).unwrap(),
- bcc_end = in(reg) u64::try_from(bcc.end).unwrap(),
+ dice_handover = in(reg) u64::try_from(dice_handover.start).unwrap(),
+ dice_handover_end = in(reg) u64::try_from(dice_handover.end).unwrap(),
cache_line = in(reg) u64::try_from(scratch.start.0).unwrap(),
scratch = in(reg) u64::try_from(scratch.start.0).unwrap(),
scratch_end = in(reg) u64::try_from(scratch.end.0).unwrap(),
diff --git a/guest/pvmfw/src/config.rs b/guest/pvmfw/src/config.rs
index dbfde15..1f9eacf 100644
--- a/guest/pvmfw/src/config.rs
+++ b/guest/pvmfw/src/config.rs
@@ -124,7 +124,7 @@
#[derive(Clone, Copy, Debug)]
pub enum Entry {
- Bcc,
+ DiceHandover,
DebugPolicy,
VmDtbo,
VmBaseDtbo,
@@ -136,12 +136,12 @@
const COUNT: usize = Self::_VARIANT_COUNT as usize;
const ALL_ENTRIES: [Entry; Self::COUNT] =
- [Self::Bcc, Self::DebugPolicy, Self::VmDtbo, Self::VmBaseDtbo];
+ [Self::DiceHandover, Self::DebugPolicy, Self::VmDtbo, Self::VmBaseDtbo];
}
#[derive(Default)]
pub struct Entries<'a> {
- pub bcc: &'a mut [u8],
+ pub dice_handover: &'a mut [u8],
pub debug_policy: Option<&'a [u8]>,
pub vm_dtbo: Option<&'a mut [u8]>,
pub vm_ref_dt: Option<&'a [u8]>,
@@ -269,8 +269,8 @@
entry_size,
);
}
- // Ensures that BCC exists.
- ranges[Entry::Bcc as usize].ok_or(Error::MissingEntry(Entry::Bcc))?;
+ // Ensures that the DICE handover is present.
+ ranges[Entry::DiceHandover as usize].ok_or(Error::MissingEntry(Entry::DiceHandover))?;
Ok(Self { body, ranges })
}
@@ -293,15 +293,15 @@
entries[i] = Some(chunk);
}
}
- let [bcc, debug_policy, vm_dtbo, vm_ref_dt] = entries;
+ let [dice_handover, debug_policy, vm_dtbo, vm_ref_dt] = entries;
- // The platform BCC has always been required.
- let bcc = bcc.unwrap();
+ // The platform DICE handover has always been required.
+ let dice_handover = dice_handover.unwrap();
// We have no reason to mutate so drop the `mut`.
let debug_policy = debug_policy.map(|x| &*x);
let vm_ref_dt = vm_ref_dt.map(|x| &*x);
- Entries { bcc, debug_policy, vm_dtbo, vm_ref_dt }
+ Entries { dice_handover, debug_policy, vm_dtbo, vm_ref_dt }
}
}
diff --git a/guest/pvmfw/src/dice/chain.rs b/guest/pvmfw/src/dice/chain.rs
index 0f5b058..c8353fa 100644
--- a/guest/pvmfw/src/dice/chain.rs
+++ b/guest/pvmfw/src/dice/chain.rs
@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-//! Code to inspect/manipulate the BCC (DICE Chain) we receive from our loader (the hypervisor).
+//! Code to inspect/manipulate the DICE Chain we receive from our loader.
// TODO(b/279910232): Unify this, somehow, with the similar but different code in hwtrust.
@@ -25,55 +25,55 @@
use diced_open_dice::{BccHandover, Cdi, DiceArtifacts, DiceMode};
use log::trace;
-type Result<T> = core::result::Result<T, BccError>;
+type Result<T> = core::result::Result<T, DiceChainError>;
-pub enum BccError {
+pub enum DiceChainError {
CborDecodeError,
CborEncodeError,
CosetError(coset::CoseError),
DiceError(diced_open_dice::DiceError),
- MalformedBcc(&'static str),
- MissingBcc,
+ Malformed(&'static str),
+ Missing,
}
-impl From<coset::CoseError> for BccError {
+impl From<coset::CoseError> for DiceChainError {
fn from(e: coset::CoseError) -> Self {
Self::CosetError(e)
}
}
-impl fmt::Display for BccError {
+impl fmt::Display for DiceChainError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
match self {
- Self::CborDecodeError => write!(f, "Error parsing BCC CBOR"),
- Self::CborEncodeError => write!(f, "Error encoding BCC CBOR"),
+ Self::CborDecodeError => write!(f, "Error parsing DICE chain CBOR"),
+ Self::CborEncodeError => write!(f, "Error encoding DICE chain CBOR"),
Self::CosetError(e) => write!(f, "Encountered an error with coset: {e}"),
Self::DiceError(e) => write!(f, "Dice error: {e:?}"),
- Self::MalformedBcc(s) => {
- write!(f, "BCC does not have the expected CBOR structure: {s}")
+ Self::Malformed(s) => {
+ write!(f, "DICE chain does not have the expected CBOR structure: {s}")
}
- Self::MissingBcc => write!(f, "Missing BCC"),
+ Self::Missing => write!(f, "Missing DICE chain"),
}
}
}
/// Return a new CBOR encoded BccHandover that is based on the incoming CDIs but does not chain
-/// from the received BCC.
+/// from the received DICE chain.
#[cfg_attr(test, allow(dead_code))]
-pub fn truncate(bcc_handover: BccHandover) -> Result<Vec<u8>> {
+pub fn truncate(handover: BccHandover) -> Result<Vec<u8>> {
// Note: The strings here are deliberately different from those used in a normal DICE handover
// because we want this to not be equivalent to any valid DICE derivation.
- let cdi_seal = taint_cdi(bcc_handover.cdi_seal(), "TaintCdiSeal")?;
- let cdi_attest = taint_cdi(bcc_handover.cdi_attest(), "TaintCdiAttest")?;
+ let cdi_seal = taint_cdi(handover.cdi_seal(), "TaintCdiSeal")?;
+ let cdi_attest = taint_cdi(handover.cdi_attest(), "TaintCdiAttest")?;
// BccHandover = {
// 1 : bstr .size 32, ; CDI_Attest
// 2 : bstr .size 32, ; CDI_Seal
// ? 3 : Bcc, ; Certificate chain
// }
- let bcc_handover: Vec<(Value, Value)> =
+ let handover: Vec<(Value, Value)> =
vec![(1.into(), cdi_attest.as_slice().into()), (2.into(), cdi_seal.as_slice().into())];
- cbor_util::serialize(&bcc_handover).map_err(|_| BccError::CborEncodeError)
+ cbor_util::serialize(&handover).map_err(|_| DiceChainError::CborEncodeError)
}
#[cfg_attr(test, allow(dead_code))]
@@ -88,42 +88,39 @@
];
let mut result = [0u8; size_of::<Cdi>()];
diced_open_dice::kdf(cdi.as_slice(), &SALT, info.as_bytes(), result.as_mut_slice())
- .map_err(BccError::DiceError)?;
+ .map_err(DiceChainError::DiceError)?;
Ok(result)
}
-/// Represents a (partially) decoded BCC DICE chain.
-pub struct Bcc {
+/// Represents a (partially) decoded DICE chain.
+pub struct DiceChainInfo {
is_debug_mode: bool,
leaf_subject_pubkey: PublicKey,
}
-impl Bcc {
- pub fn new(received_bcc: Option<&[u8]>) -> Result<Bcc> {
- let received_bcc = received_bcc.unwrap_or(&[]);
- if received_bcc.is_empty() {
- return Err(BccError::MissingBcc);
- }
+impl DiceChainInfo {
+ pub fn new(handover: Option<&[u8]>) -> Result<Self> {
+ let handover = handover.filter(|h| !h.is_empty()).ok_or(DiceChainError::Missing)?;
- // We don't attempt to fully validate the BCC (e.g. we don't check the signatures) - we
- // have to trust our loader. But if it's invalid CBOR or otherwise clearly ill-formed,
+ // We don't attempt to fully validate the DICE chain (e.g. we don't check the signatures) -
+ // we have to trust our loader. But if it's invalid CBOR or otherwise clearly ill-formed,
// something is very wrong, so we fail.
- let bcc_cbor =
- cbor_util::deserialize(received_bcc).map_err(|_| BccError::CborDecodeError)?;
+ let handover_cbor =
+ cbor_util::deserialize(handover).map_err(|_| DiceChainError::CborDecodeError)?;
// Bcc = [
// PubKeyEd25519 / PubKeyECDSA256, // DK_pub
// + BccEntry, // Root -> leaf (KM_pub)
// ]
- let bcc = match bcc_cbor {
+ let dice_chain = match handover_cbor {
Value::Array(v) if v.len() >= 2 => v,
- _ => return Err(BccError::MalformedBcc("Invalid top level value")),
+ _ => return Err(DiceChainError::Malformed("Invalid top level value")),
};
// Decode all the DICE payloads to make sure they are well-formed.
- let payloads = bcc
+ let payloads = dice_chain
.into_iter()
.skip(1)
- .map(|v| BccEntry::new(v).payload())
+ .map(|v| DiceChainEntry::new(v).payload())
.collect::<Result<Vec<_>>>()?;
let is_debug_mode = is_any_payload_debug_mode(&payloads)?;
@@ -143,7 +140,7 @@
}
}
-fn is_any_payload_debug_mode(payloads: &[BccPayload]) -> Result<bool> {
+fn is_any_payload_debug_mode(payloads: &[DiceChainEntryPayload]) -> Result<bool> {
// Check if any payload in the chain is marked as Debug mode, which means the device is not
// secure. (Normal means it is a secure boot, for that stage at least; we ignore recovery
// & not configured /invalid values, since it's not clear what they would mean in this
@@ -157,10 +154,7 @@
}
#[repr(transparent)]
-struct BccEntry(Value);
-
-#[repr(transparent)]
-struct BccPayload(Value);
+struct DiceChainEntry(Value);
#[derive(Debug, Clone)]
pub struct PublicKey {
@@ -169,12 +163,12 @@
pub cose_alg: iana::Algorithm,
}
-impl BccEntry {
+impl DiceChainEntry {
pub fn new(entry: Value) -> Self {
Self(entry)
}
- pub fn payload(&self) -> Result<BccPayload> {
+ pub fn payload(&self) -> Result<DiceChainEntryPayload> {
// BccEntry = [ // COSE_Sign1 (untagged)
// protected : bstr .cbor {
// 1 : AlgorithmEdDSA / AlgorithmES256, // Algorithm
@@ -185,11 +179,13 @@
// // ECDSA(SigningKey, bstr .cbor BccEntryInput)
// // See RFC 8032 for details of how to encode the signature value for Ed25519.
// ]
+ let payload = self
+ .payload_bytes()
+ .ok_or(DiceChainError::Malformed("Invalid DiceChainEntryPayload"))?;
let payload =
- self.payload_bytes().ok_or(BccError::MalformedBcc("Invalid payload in BccEntry"))?;
- let payload = cbor_util::deserialize(payload).map_err(|_| BccError::CborDecodeError)?;
- trace!("Bcc payload: {payload:?}");
- Ok(BccPayload(payload))
+ cbor_util::deserialize(payload).map_err(|_| DiceChainError::CborDecodeError)?;
+ trace!("DiceChainEntryPayload: {payload:?}");
+ Ok(DiceChainEntryPayload(payload))
}
fn payload_bytes(&self) -> Option<&Vec<u8>> {
@@ -205,7 +201,10 @@
const MODE_DEBUG: u8 = DiceMode::kDiceModeDebug as u8;
const SUBJECT_PUBLIC_KEY: i32 = -4670552;
-impl BccPayload {
+#[repr(transparent)]
+struct DiceChainEntryPayload(Value);
+
+impl DiceChainEntryPayload {
pub fn is_debug_mode(&self) -> Result<bool> {
// BccPayload = { // CWT
// ...
@@ -221,11 +220,11 @@
// Profile for DICE spec.
let mode = if let Some(bytes) = value.as_bytes() {
if bytes.len() != 1 {
- return Err(BccError::MalformedBcc("Invalid mode bstr"));
+ return Err(DiceChainError::Malformed("Invalid mode bstr"));
}
bytes[0].into()
} else {
- value.as_integer().ok_or(BccError::MalformedBcc("Invalid type for mode"))?
+ value.as_integer().ok_or(DiceChainError::Malformed("Invalid type for mode"))?
};
Ok(mode == MODE_DEBUG.into())
}
@@ -239,9 +238,9 @@
// ...
// }
self.value_from_key(SUBJECT_PUBLIC_KEY)
- .ok_or(BccError::MalformedBcc("Subject public key missing"))?
+ .ok_or(DiceChainError::Malformed("Subject public key missing"))?
.as_bytes()
- .ok_or(BccError::MalformedBcc("Subject public key is not a byte string"))
+ .ok_or(DiceChainError::Malformed("Subject public key is not a byte string"))
.and_then(|v| PublicKey::from_slice(v))
}
@@ -264,7 +263,7 @@
fn from_slice(slice: &[u8]) -> Result<Self> {
let key = CoseKey::from_slice(slice)?;
let Some(Algorithm::Assigned(cose_alg)) = key.alg else {
- return Err(BccError::MalformedBcc("Invalid algorithm in public key"));
+ return Err(DiceChainError::Malformed("Invalid algorithm in public key"));
};
Ok(Self { cose_alg })
}
diff --git a/guest/pvmfw/src/dice/mod.rs b/guest/pvmfw/src/dice/mod.rs
index 94348a5..8317e48 100644
--- a/guest/pvmfw/src/dice/mod.rs
+++ b/guest/pvmfw/src/dice/mod.rs
@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-//! Support for DICE derivation and BCC generation.
+//! Support for DICE derivation and DICE chain generation.
extern crate alloc;
pub(crate) mod chain;
@@ -20,7 +20,7 @@
use alloc::format;
use alloc::string::String;
use alloc::vec::Vec;
-pub use chain::Bcc;
+pub use chain::DiceChainInfo;
use ciborium::cbor;
use ciborium::Value;
use core::mem::size_of;
@@ -104,13 +104,13 @@
Ok(Self { code_hash, auth_hash, mode, security_version, rkp_vm_marker, component_name })
}
- pub fn write_next_bcc(
+ pub fn write_next_handover(
self,
- current_bcc_handover: &[u8],
+ current_handover: &[u8],
salt: &[u8; HIDDEN_SIZE],
instance_hash: Option<Hash>,
deferred_rollback_protection: bool,
- next_bcc: &mut [u8],
+ next_handover: &mut [u8],
context: DiceContext,
) -> Result<()> {
let config = self
@@ -124,7 +124,7 @@
self.mode,
self.make_hidden(salt, deferred_rollback_protection)?,
);
- let _ = bcc_handover_main_flow(current_bcc_handover, &dice_inputs, next_bcc, context)?;
+ let _ = bcc_handover_main_flow(current_handover, &dice_inputs, next_handover, context)?;
Ok(())
}
@@ -184,6 +184,7 @@
SECURITY_VERSION_KEY,
};
use ciborium::Value;
+ use diced_open_dice::bcc_handover_parse;
use diced_open_dice::DiceArtifacts;
use diced_open_dice::DiceContext;
use diced_open_dice::DiceMode;
@@ -337,7 +338,7 @@
inputs
.clone()
- .write_next_bcc(
+ .write_next_handover(
sample_dice_input,
&[0u8; HIDDEN_SIZE],
Some([0u8; 64]),
@@ -346,11 +347,11 @@
context.clone(),
)
.unwrap();
- let bcc_handover1 = diced_open_dice::bcc_handover_parse(&buffer_without_defer).unwrap();
+ let handover1 = from_serialized_handover(&buffer_without_defer);
inputs
.clone()
- .write_next_bcc(
+ .write_next_handover(
sample_dice_input,
&[0u8; HIDDEN_SIZE],
Some([0u8; 64]),
@@ -359,11 +360,11 @@
context.clone(),
)
.unwrap();
- let bcc_handover2 = diced_open_dice::bcc_handover_parse(&buffer_with_defer).unwrap();
+ let handover2 = from_serialized_handover(&buffer_with_defer);
inputs
.clone()
- .write_next_bcc(
+ .write_next_handover(
sample_dice_input,
&[0u8; HIDDEN_SIZE],
Some([0u8; 64]),
@@ -372,25 +373,24 @@
context.clone(),
)
.unwrap();
- let bcc_handover3 =
- diced_open_dice::bcc_handover_parse(&buffer_without_defer_retry).unwrap();
+ let handover3 = from_serialized_handover(&buffer_without_defer_retry);
- assert_ne!(bcc_handover1.cdi_seal(), bcc_handover2.cdi_seal());
- assert_eq!(bcc_handover1.cdi_seal(), bcc_handover3.cdi_seal());
+ assert_ne!(handover1.cdi_seal(), handover2.cdi_seal());
+ assert_eq!(handover1.cdi_seal(), handover3.cdi_seal());
}
#[test]
fn dice_derivation_with_different_algorithms_is_valid() {
let dice_artifacts = make_sample_bcc_and_cdis().unwrap();
- let bcc_handover0_bytes = to_bcc_handover(&dice_artifacts);
+ let handover0_bytes = to_serialized_handover(&dice_artifacts);
let vb_data = VerifiedBootData { debug_level: DebugLevel::Full, ..BASE_VB_DATA };
let inputs = PartialInputs::new(&vb_data).unwrap();
let mut buffer = [0; 4096];
inputs
.clone()
- .write_next_bcc(
- &bcc_handover0_bytes,
+ .write_next_handover(
+ &handover0_bytes,
&[0u8; HIDDEN_SIZE],
Some([0u8; 64]),
true,
@@ -400,15 +400,15 @@
subject_algorithm: KeyAlgorithm::EcdsaP256,
},
)
- .expect("Failed to derive Ed25519 -> EcdsaP256 BCC");
- let bcc_handover1 = diced_open_dice::bcc_handover_parse(&buffer).unwrap();
- let bcc_handover1_bytes = to_bcc_handover(&bcc_handover1);
+ .expect("Failed to derive Ed25519 -> EcdsaP256 DICE chain");
+ let handover1 = from_serialized_handover(&buffer);
+ let handover1_bytes = to_serialized_handover(&handover1);
buffer.fill(0);
inputs
.clone()
- .write_next_bcc(
- &bcc_handover1_bytes,
+ .write_next_handover(
+ &handover1_bytes,
&[0u8; HIDDEN_SIZE],
Some([0u8; 64]),
true,
@@ -418,15 +418,15 @@
subject_algorithm: KeyAlgorithm::EcdsaP384,
},
)
- .expect("Failed to derive EcdsaP256 -> EcdsaP384 BCC");
- let bcc_handover2 = diced_open_dice::bcc_handover_parse(&buffer).unwrap();
- let bcc_handover2_bytes = to_bcc_handover(&bcc_handover2);
+ .expect("Failed to derive EcdsaP256 -> EcdsaP384 DICE chain");
+ let handover2 = from_serialized_handover(&buffer);
+ let handover2_bytes = to_serialized_handover(&handover2);
buffer.fill(0);
inputs
.clone()
- .write_next_bcc(
- &bcc_handover2_bytes,
+ .write_next_handover(
+ &handover2_bytes,
&[0u8; HIDDEN_SIZE],
Some([0u8; 64]),
true,
@@ -436,21 +436,25 @@
subject_algorithm: KeyAlgorithm::Ed25519,
},
)
- .expect("Failed to derive EcdsaP384 -> Ed25519 BCC");
- let bcc_handover3 = diced_open_dice::bcc_handover_parse(&buffer).unwrap();
+ .expect("Failed to derive EcdsaP384 -> Ed25519 DICE chain");
+ let handover3 = from_serialized_handover(&buffer);
let mut session = Session::default();
session.set_allow_any_mode(true);
- let _chain = dice::Chain::from_cbor(&session, bcc_handover3.bcc().unwrap()).unwrap();
+ let _chain = dice::Chain::from_cbor(&session, handover3.bcc().unwrap()).unwrap();
}
- fn to_bcc_handover(dice_artifacts: &dyn DiceArtifacts) -> Vec<u8> {
+ fn to_serialized_handover(dice_artifacts: &dyn DiceArtifacts) -> Vec<u8> {
let dice_chain = cbor_util::deserialize::<Value>(dice_artifacts.bcc().unwrap()).unwrap();
- let bcc_handover = Value::Map(vec![
+ let handover = Value::Map(vec![
(Value::Integer(1.into()), Value::Bytes(dice_artifacts.cdi_attest().to_vec())),
(Value::Integer(2.into()), Value::Bytes(dice_artifacts.cdi_seal().to_vec())),
(Value::Integer(3.into()), dice_chain),
]);
- cbor_util::serialize(&bcc_handover).unwrap()
+ cbor_util::serialize(&handover).unwrap()
+ }
+
+ fn from_serialized_handover(bytes: &[u8]) -> diced_open_dice::BccHandover {
+ bcc_handover_parse(bytes).unwrap()
}
}
diff --git a/guest/pvmfw/src/entry.rs b/guest/pvmfw/src/entry.rs
index cde4cfe..46b1971 100644
--- a/guest/pvmfw/src/entry.rs
+++ b/guest/pvmfw/src/entry.rs
@@ -33,8 +33,8 @@
#[derive(Debug, Clone)]
pub enum RebootReason {
- /// A malformed BCC was received.
- InvalidBcc,
+ /// A malformed DICE handover was received.
+ InvalidDiceHandover,
/// An invalid configuration was appended to pvmfw.
InvalidConfig,
/// An unexpected internal error happened.
@@ -54,7 +54,7 @@
impl RebootReason {
pub fn as_avf_reboot_string(&self) -> &'static str {
match self {
- Self::InvalidBcc => "PVM_FIRMWARE_INVALID_BCC",
+ Self::InvalidDiceHandover => "PVM_FIRMWARE_INVALID_DICE_HANDOVER",
Self::InvalidConfig => "PVM_FIRMWARE_INVALID_CONFIG_DATA",
Self::InternalError => "PVM_FIRMWARE_INTERNAL_ERROR",
Self::InvalidFdt => "PVM_FIRMWARE_INVALID_FDT",
@@ -135,21 +135,21 @@
let mut slices = MemorySlices::new(fdt, payload, payload_size)?;
// This wrapper allows main() to be blissfully ignorant of platform details.
- let (next_bcc, debuggable_payload) = crate::main(
+ let (next_dice_handover, debuggable_payload) = crate::main(
slices.fdt,
slices.kernel,
slices.ramdisk,
- config_entries.bcc,
+ config_entries.dice_handover,
config_entries.debug_policy,
config_entries.vm_dtbo,
config_entries.vm_ref_dt,
)?;
- slices.add_dice_chain(next_bcc);
+ slices.add_dice_handover(next_dice_handover);
// Keep UART MMIO_GUARD-ed for debuggable payloads, to enable earlycon.
let keep_uart = cfg!(debuggable_vms_improvements) && debuggable_payload;
// Writable-dirty regions will be flushed when MemoryTracker is dropped.
- config_entries.bcc.zeroize();
+ config_entries.dice_handover.zeroize();
unshare_all_mmio_except_uart().map_err(|e| {
error!("Failed to unshare MMIO ranges: {e}");
@@ -180,8 +180,8 @@
enum AppendedPayload<'a> {
/// Configuration data.
Config(config::Config<'a>),
- /// Deprecated raw BCC, as used in Android T.
- LegacyBcc(&'a mut [u8]),
+ /// Deprecated raw DICE handover, as used in Android T.
+ LegacyDiceHandover(&'a mut [u8]),
}
impl<'a> AppendedPayload<'a> {
@@ -201,9 +201,12 @@
// SAFETY: Pointer to a valid mut (not accessed elsewhere), 'a lifetime re-used.
let data: &'a mut _ = unsafe { &mut *data_ptr };
- const BCC_SIZE: usize = SIZE_4KB;
- warn!("Assuming the appended data at {:?} to be a raw BCC", data.as_ptr());
- Some(Self::LegacyBcc(&mut data[..BCC_SIZE]))
+ const DICE_CHAIN_SIZE: usize = SIZE_4KB;
+ warn!(
+ "Assuming the appended data at {:?} to be a raw DICE handover",
+ data.as_ptr()
+ );
+ Some(Self::LegacyDiceHandover(&mut data[..DICE_CHAIN_SIZE]))
}
Err(e) => {
error!("Invalid configuration data at {data_ptr:?}: {e}");
@@ -215,7 +218,9 @@
fn get_entries(self) -> config::Entries<'a> {
match self {
Self::Config(cfg) => cfg.get_entries(),
- Self::LegacyBcc(bcc) => config::Entries { bcc, ..Default::default() },
+ Self::LegacyDiceHandover(dice_handover) => {
+ config::Entries { dice_handover, ..Default::default() }
+ }
}
}
}
diff --git a/guest/pvmfw/src/fdt.rs b/guest/pvmfw/src/fdt.rs
index 6f55c21..8adf8e5 100644
--- a/guest/pvmfw/src/fdt.rs
+++ b/guest/pvmfw/src/fdt.rs
@@ -1360,7 +1360,7 @@
/// Modifies the input DT according to the fields of the configuration.
pub fn modify_for_next_stage(
fdt: &mut Fdt,
- bcc: &[u8],
+ dice_handover: &[u8],
new_instance: bool,
strict_boot: bool,
debug_policy: Option<&[u8]>,
@@ -1382,7 +1382,7 @@
fdt.unpack()?;
}
- patch_dice_node(fdt, bcc)?;
+ patch_dice_node(fdt, dice_handover)?;
if let Some(mut chosen) = fdt.chosen_mut()? {
empty_or_delete_prop(&mut chosen, c"avf,strict-boot", strict_boot)?;
@@ -1400,7 +1400,7 @@
Ok(())
}
-/// Patch the "google,open-dice"-compatible reserved-memory node to point to the bcc range
+/// Patch the "google,open-dice"-compatible reserved-memory node to point to the DICE handover.
fn patch_dice_node(fdt: &mut Fdt, handover: &[u8]) -> libfdt::Result<()> {
// The node is assumed to be present in the template DT.
let node = fdt.node_mut(c"/reserved-memory")?.ok_or(FdtError::NotFound)?;
diff --git a/guest/pvmfw/src/main.rs b/guest/pvmfw/src/main.rs
index d3d5527..9f1b5e6 100644
--- a/guest/pvmfw/src/main.rs
+++ b/guest/pvmfw/src/main.rs
@@ -31,7 +31,7 @@
mod memory;
mod rollback;
-use crate::dice::{Bcc, PartialInputs};
+use crate::dice::{DiceChainInfo, PartialInputs};
use crate::entry::RebootReason;
use crate::fdt::{modify_for_next_stage, read_instance_id, sanitize_device_tree};
use crate::rollback::perform_rollback_protection;
@@ -52,7 +52,7 @@
untrusted_fdt: &mut Fdt,
signed_kernel: &[u8],
ramdisk: Option<&[u8]>,
- current_bcc_handover: &[u8],
+ current_dice_handover: &[u8],
mut debug_policy: Option<&[u8]>,
vm_dtbo: Option<&mut [u8]>,
vm_ref_dt: Option<&[u8]>,
@@ -67,21 +67,21 @@
debug!("Ramdisk: None");
}
- let bcc_handover = bcc_handover_parse(current_bcc_handover).map_err(|e| {
- error!("Invalid BCC Handover: {e:?}");
- RebootReason::InvalidBcc
+ let dice_handover = bcc_handover_parse(current_dice_handover).map_err(|e| {
+ error!("Invalid DICE Handover: {e:?}");
+ RebootReason::InvalidDiceHandover
})?;
- trace!("BCC: {bcc_handover:x?}");
+ trace!("DICE handover: {dice_handover:x?}");
- let bcc = Bcc::new(bcc_handover.bcc()).map_err(|e| {
+ let dice_chain_info = DiceChainInfo::new(dice_handover.bcc()).map_err(|e| {
error!("{e}");
- RebootReason::InvalidBcc
+ RebootReason::InvalidDiceHandover
})?;
// The bootloader should never pass us a debug policy when the boot is secure (the bootloader
// is locked). If it gets it wrong, disregard it & log it, to avoid it causing problems.
- if debug_policy.is_some() && !bcc.is_debug_mode() {
- warn!("Ignoring debug policy, BCC does not indicate Debug mode");
+ if debug_policy.is_some() && !dice_chain_info.is_debug_mode() {
+ warn!("Ignoring debug policy, DICE handover does not indicate Debug mode");
debug_policy = None;
}
@@ -101,13 +101,14 @@
sanitize_device_tree(untrusted_fdt, vm_dtbo, vm_ref_dt, guest_page_size, hyp_page_size)?;
let fdt = untrusted_fdt; // DT has now been sanitized.
- let next_bcc_size = guest_page_size;
- let next_bcc = heap::aligned_boxed_slice(next_bcc_size, guest_page_size).ok_or_else(|| {
- error!("Failed to allocate the next-stage BCC");
- RebootReason::InternalError
- })?;
+ let next_dice_handover_size = guest_page_size;
+ let next_dice_handover = heap::aligned_boxed_slice(next_dice_handover_size, guest_page_size)
+ .ok_or_else(|| {
+ error!("Failed to allocate the next-stage DICE handover");
+ RebootReason::InternalError
+ })?;
// By leaking the slice, its content will be left behind for the next stage.
- let next_bcc = Box::leak(next_bcc);
+ let next_dice_handover = Box::leak(next_dice_handover);
let dice_inputs = PartialInputs::new(&verified_boot_data).map_err(|e| {
error!("Failed to compute partial DICE inputs: {e:?}");
@@ -119,49 +120,50 @@
fdt,
&verified_boot_data,
&dice_inputs,
- bcc_handover.cdi_seal(),
+ dice_handover.cdi_seal(),
instance_hash,
)?;
trace!("Got salt for instance: {salt:x?}");
- let new_bcc_handover = if cfg!(dice_changes) {
- Cow::Borrowed(current_bcc_handover)
+ let new_dice_handover = if cfg!(dice_changes) {
+ Cow::Borrowed(current_dice_handover)
} else {
// It is possible that the DICE chain we were given is rooted in the UDS. We do not want to
// give such a chain to the payload, or even the associated CDIs. So remove the
// entire chain we were given and taint the CDIs. Note that the resulting CDIs are
// still deterministically derived from those we received, so will vary iff they do.
// TODO(b/280405545): Remove this post Android 14.
- let truncated_bcc_handover = dice::chain::truncate(bcc_handover).map_err(|e| {
+ let truncated_dice_handover = dice::chain::truncate(dice_handover).map_err(|e| {
error!("{e}");
RebootReason::InternalError
})?;
- Cow::Owned(truncated_bcc_handover)
+ Cow::Owned(truncated_dice_handover)
};
- trace!("BCC leaf subject public key algorithm: {:?}", bcc.leaf_subject_pubkey().cose_alg);
+ let cose_alg = dice_chain_info.leaf_subject_pubkey().cose_alg;
+ trace!("DICE chain leaf subject public key algorithm: {:?}", cose_alg);
let dice_context = DiceContext {
- authority_algorithm: bcc.leaf_subject_pubkey().cose_alg.try_into().map_err(|e| {
+ authority_algorithm: cose_alg.try_into().map_err(|e| {
error!("{e}");
RebootReason::InternalError
})?,
subject_algorithm: VM_KEY_ALGORITHM,
};
dice_inputs
- .write_next_bcc(
- new_bcc_handover.as_ref(),
+ .write_next_handover(
+ new_dice_handover.as_ref(),
&salt,
instance_hash,
defer_rollback_protection,
- next_bcc,
+ next_dice_handover,
dice_context,
)
.map_err(|e| {
error!("Failed to derive next-stage DICE secrets: {e:?}");
RebootReason::SecretDerivationError
})?;
- flush(next_bcc);
+ flush(next_dice_handover);
let kaslr_seed = u64::from_ne_bytes(rand::random_array().map_err(|e| {
error!("Failed to generated guest KASLR seed: {e}");
@@ -170,7 +172,7 @@
let strict_boot = true;
modify_for_next_stage(
fdt,
- next_bcc,
+ next_dice_handover,
new_instance,
strict_boot,
debug_policy,
@@ -183,7 +185,7 @@
})?;
info!("Starting payload...");
- Ok((next_bcc, debuggable))
+ Ok((next_dice_handover, debuggable))
}
// Get the "salt" which is one of the input for DICE derivation.
diff --git a/guest/pvmfw/src/memory.rs b/guest/pvmfw/src/memory.rs
index a663008..8af5aae 100644
--- a/guest/pvmfw/src/memory.rs
+++ b/guest/pvmfw/src/memory.rs
@@ -31,7 +31,7 @@
pub fdt: &'a mut libfdt::Fdt,
pub kernel: &'a [u8],
pub ramdisk: Option<&'a [u8]>,
- pub dice_chain: Option<&'a [u8]>,
+ pub dice_handover: Option<&'a [u8]>,
}
impl<'a> MemorySlices<'a> {
@@ -112,12 +112,12 @@
None
};
- let dice_chain = None;
+ let dice_handover = None;
- Ok(Self { fdt: untrusted_fdt, kernel, ramdisk, dice_chain })
+ Ok(Self { fdt: untrusted_fdt, kernel, ramdisk, dice_handover })
}
- pub fn add_dice_chain(&mut self, dice_chain: &'a [u8]) {
- self.dice_chain = Some(dice_chain)
+ pub fn add_dice_handover(&mut self, slice: &'a [u8]) {
+ self.dice_handover = Some(slice)
}
}
diff --git a/tests/pvmfw/Android.bp b/tests/pvmfw/Android.bp
index 7f5f2af..f7a8aed 100644
--- a/tests/pvmfw/Android.bp
+++ b/tests/pvmfw/Android.bp
@@ -63,6 +63,6 @@
filegroup {
name: "test_avf_bcc_dat",
srcs: [
- "assets/bcc.dat",
+ "assets/dice.dat",
],
}
diff --git a/tests/pvmfw/assets/bcc.dat b/tests/pvmfw/assets/dice.dat
similarity index 100%
rename from tests/pvmfw/assets/bcc.dat
rename to tests/pvmfw/assets/dice.dat
Binary files differ
diff --git a/tests/pvmfw/java/com/android/pvmfw/test/CustomPvmfwHostTestCaseBase.java b/tests/pvmfw/java/com/android/pvmfw/test/CustomPvmfwHostTestCaseBase.java
index 296604b..1e9efae 100644
--- a/tests/pvmfw/java/com/android/pvmfw/test/CustomPvmfwHostTestCaseBase.java
+++ b/tests/pvmfw/java/com/android/pvmfw/test/CustomPvmfwHostTestCaseBase.java
@@ -40,7 +40,7 @@
/** Base class for testing custom pvmfw */
public class CustomPvmfwHostTestCaseBase extends MicrodroidHostTestCaseBase {
@NonNull public static final String PVMFW_FILE_NAME = "pvmfw_test.bin";
- @NonNull public static final String BCC_FILE_NAME = "bcc.dat";
+ @NonNull public static final String BCC_FILE_NAME = "dice.dat";
@NonNull public static final String PACKAGE_FILE_NAME = "MicrodroidTestApp.apk";
@NonNull public static final String PACKAGE_NAME = "com.android.microdroid.test";
@NonNull public static final String MICRODROID_DEBUG_FULL = "full";
diff --git a/tests/pvmfw/tools/PvmfwTool.java b/tests/pvmfw/tools/PvmfwTool.java
index 9f0cb42..5df0b48 100644
--- a/tests/pvmfw/tools/PvmfwTool.java
+++ b/tests/pvmfw/tools/PvmfwTool.java
@@ -28,7 +28,7 @@
System.out.println(" Requires BCC. VM Reference DT, VM DTBO, and Debug policy");
System.out.println(" can optionally be specified");
System.out.println(
- "Usage: pvmfw-tool <out> <pvmfw.bin> <bcc.dat> [VM reference DT] [VM DTBO] [debug"
+ "Usage: pvmfw-tool <out> <pvmfw.bin> <dice.dat> [VM reference DT] [VM DTBO] [debug"
+ " policy]");
}