vmbase: Configure stack guard from Rust
Move the thorough validation of the availability of TRNG that was
performed in assembly to Rust and call rand::init() from the entry code
of vmbase to unify the implementations.
Use TRNG from rust_entry() to configure the stack guard (see the comment
about rust_entry() ever returning). As a result, failing to configure
it will now result in a logged error message as, previously,
vmbase-based code would silently reboot, making it impossible to find
out which check had failed (see b/267262026#comment89).
Furthermore, failing to read the entropy for the u64 stack guard due to
NO_ENTROPY will now result in vmbase retrying the HVC where it
previously would abort the VM's boot.
This implementation now only accepts versions of SMCCC between 1.1 and
2.0 (excl.) and TRNG between 1.0 and 2.0 (excl.) instead of resp. 1.1
and above and 1.0 and above.
Bug: 274561905
Test: atest DebugPolicyHostTests#testNoAdbInDebugPolicy_withDebugLevelNone_boots
Test: atest rialto_test vmbase_example.integration_test
Change-Id: I5b95e77732e10ddfbc4476b6d7c698c5dc5f3b6e
diff --git a/vmbase/example/src/main.rs b/vmbase/example/src/main.rs
index 8aa9f04..8086885 100644
--- a/vmbase/example/src/main.rs
+++ b/vmbase/example/src/main.rs
@@ -109,6 +109,8 @@
// SAFETY: No concurrency issue should occur when running these tests.
let stack_guard = unsafe { bionic::TLS.stack_guard };
assert_ne!(stack_guard, 0);
+ // Check that a NULL-terminating value is added for C functions consuming strings from stack.
+ assert_eq!(stack_guard.to_ne_bytes().last(), Some(&0));
// Check that the TLS and guard are properly accessible from the dedicated register.
assert_eq!(stack_guard, bionic::__get_tls().stack_guard);
// Check that the LLVM __stack_chk_guard alias is also properly set up.