rialto: Initial commit
Clone of ./vmbase/example with basic setup code.
Test: atest rialto_test
Change-Id: Id3d4e96674c261316e79c020ff0b1bd88f4363ba
diff --git a/rialto/Android.bp b/rialto/Android.bp
new file mode 100644
index 0000000..cc71254
--- /dev/null
+++ b/rialto/Android.bp
@@ -0,0 +1,73 @@
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+rust_ffi_static {
+ name: "librialto",
+ crate_name: "rialto",
+ srcs: ["src/main.rs"],
+ edition: "2021",
+ defaults: ["vmbase_ffi_defaults"],
+ rustlibs: [
+ "libaarch64_paging",
+ "libbuddy_system_allocator",
+ "libvmbase",
+ ],
+ apex_available: ["com.android.virt"],
+}
+
+cc_binary {
+ name: "rialto_elf",
+ stem: "rialto",
+ defaults: ["vmbase_elf_defaults"],
+ srcs: [
+ "idmap.S",
+ ],
+ static_libs: [
+ "librialto",
+ "libvmbase_entry",
+ ],
+ linker_scripts: [
+ "image.ld",
+ ":vmbase_sections",
+ ],
+ apex_available: ["com.android.virt"],
+}
+
+raw_binary {
+ name: "rialto",
+ src: ":rialto_elf",
+ enabled: false,
+ target: {
+ android_arm64: {
+ enabled: true,
+ },
+ },
+}
+
+rust_test {
+ name: "rialto_test",
+ crate_name: "rialto_test",
+ srcs: ["tests/test.rs"],
+ prefer_rlib: true,
+ edition: "2021",
+ rustlibs: [
+ "android.system.virtualizationservice-rust",
+ "libandroid_logger",
+ "libanyhow",
+ "liblibc",
+ "liblog_rust",
+ "libnix",
+ "libvmclient",
+ ],
+ data: [
+ ":rialto",
+ ],
+ test_suites: ["general-tests"],
+ enabled: false,
+ target: {
+ android_arm64: {
+ enabled: true,
+ },
+ },
+}
diff --git a/rialto/idmap.S b/rialto/idmap.S
new file mode 100644
index 0000000..7281d9b
--- /dev/null
+++ b/rialto/idmap.S
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+//
+// Initial TTBR0 idmap activated before first memory write.
+// Remains active until a new page table is created by early Rust.
+//
+
+.set .SZ_1K, 1024
+.set .SZ_4K, 4 * .SZ_1K
+.set .SZ_1M, 1024 * .SZ_1K
+.set .SZ_2M, 2 * .SZ_1M
+.set .SZ_1G, 1024 * .SZ_1M
+
+.set .PAGE_SIZE, .SZ_4K
+
+.set .ORIGIN_ADDR, 2 * .SZ_1G
+.set .DTB_ADDR, .ORIGIN_ADDR + (0 * .SZ_2M)
+.set .TEXT_ADDR, .ORIGIN_ADDR + (1 * .SZ_2M)
+.set .DATA_ADDR, .ORIGIN_ADDR + (2 * .SZ_2M)
+
+.set .L_TT_TYPE_BLOCK, 0x1
+.set .L_TT_TYPE_PAGE, 0x3
+.set .L_TT_TYPE_TABLE, 0x3
+
+.set .L_TT_AF, 0x1 << 10 // Access flag
+.set .L_TT_NG, 0x1 << 11 // Not global
+.set .L_TT_RO, 0x2 << 6
+.set .L_TT_XN, 0x3 << 53
+
+.set .L_TT_MT_DEV, 0x0 << 2 // MAIR #0 (DEV_nGnRE)
+.set .L_TT_MT_MEM, (0x1 << 2) | (0x3 << 8) // MAIR #1 (MEM_WBWA), inner shareable
+
+.set .L_BLOCK_RO, .L_TT_TYPE_BLOCK | .L_TT_MT_MEM | .L_TT_AF | .L_TT_RO | .L_TT_XN
+.set .L_BLOCK_DEV, .L_TT_TYPE_BLOCK | .L_TT_MT_DEV | .L_TT_AF | .L_TT_XN
+.set .L_BLOCK_MEM, .L_TT_TYPE_BLOCK | .L_TT_MT_MEM | .L_TT_AF | .L_TT_XN | .L_TT_NG
+.set .L_BLOCK_MEM_XIP, .L_TT_TYPE_BLOCK | .L_TT_MT_MEM | .L_TT_AF | .L_TT_NG | .L_TT_RO
+
+.section ".rodata.idmap", "a", %progbits
+.global idmap
+.balign .PAGE_SIZE
+idmap:
+ /* level 1 */
+ .quad .L_BLOCK_DEV | 0x0 // 1 GiB of device mappings
+ .quad 0x0 // 1 GiB unmapped
+ .quad .L_TT_TYPE_TABLE + 0f // up to 1 GiB of DRAM
+ .balign .PAGE_SIZE, 0 // unmapped
+
+ /* level 2 */
+0: .quad .L_BLOCK_RO | .DTB_ADDR // DT provided by VMM
+ .quad .L_BLOCK_MEM_XIP | .TEXT_ADDR // 2 MiB of DRAM containing image
+ .quad .L_BLOCK_MEM | .DATA_ADDR // 2 MiB of writable DRAM
+ .balign .PAGE_SIZE, 0 // unmapped
diff --git a/rialto/image.ld b/rialto/image.ld
new file mode 100644
index 0000000..368acbb
--- /dev/null
+++ b/rialto/image.ld
@@ -0,0 +1,22 @@
+/*
+ * Copyright 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+MEMORY
+{
+ dtb_region : ORIGIN = 0x80000000, LENGTH = 2M
+ image : ORIGIN = 0x80200000, LENGTH = 2M
+ writable_data : ORIGIN = 0x80400000, LENGTH = 2M
+}
diff --git a/rialto/src/exceptions.rs b/rialto/src/exceptions.rs
new file mode 100644
index 0000000..61f7846
--- /dev/null
+++ b/rialto/src/exceptions.rs
@@ -0,0 +1,79 @@
+// Copyright 2022, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Exception handlers.
+
+use core::arch::asm;
+use vmbase::{console::emergency_write_str, eprintln, power::reboot};
+
+#[no_mangle]
+extern "C" fn sync_exception_current() {
+ emergency_write_str("sync_exception_current\n");
+ print_esr();
+ reboot();
+}
+
+#[no_mangle]
+extern "C" fn irq_current() {
+ emergency_write_str("irq_current\n");
+ reboot();
+}
+
+#[no_mangle]
+extern "C" fn fiq_current() {
+ emergency_write_str("fiq_current\n");
+ reboot();
+}
+
+#[no_mangle]
+extern "C" fn serr_current() {
+ emergency_write_str("serr_current\n");
+ print_esr();
+ reboot();
+}
+
+#[no_mangle]
+extern "C" fn sync_lower() {
+ emergency_write_str("sync_lower\n");
+ print_esr();
+ reboot();
+}
+
+#[no_mangle]
+extern "C" fn irq_lower() {
+ emergency_write_str("irq_lower\n");
+ reboot();
+}
+
+#[no_mangle]
+extern "C" fn fiq_lower() {
+ emergency_write_str("fiq_lower\n");
+ reboot();
+}
+
+#[no_mangle]
+extern "C" fn serr_lower() {
+ emergency_write_str("serr_lower\n");
+ print_esr();
+ reboot();
+}
+
+#[inline]
+fn print_esr() {
+ let mut esr: u64;
+ unsafe {
+ asm!("mrs {esr}, esr_el1", esr = out(reg) esr);
+ }
+ eprintln!("esr={:#08x}", esr);
+}
diff --git a/rialto/src/main.rs b/rialto/src/main.rs
new file mode 100644
index 0000000..a769abb
--- /dev/null
+++ b/rialto/src/main.rs
@@ -0,0 +1,128 @@
+// Copyright 2022, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Project Rialto main source file.
+
+#![no_main]
+#![no_std]
+#![feature(default_alloc_error_handler)]
+
+mod exceptions;
+
+extern crate alloc;
+extern crate log;
+
+use aarch64_paging::{
+ idmap::IdMap,
+ paging::{Attributes, MemoryRegion},
+ AddressRangeError,
+};
+use buddy_system_allocator::LockedHeap;
+use log::{debug, info};
+use vmbase::main;
+
+const SZ_1K: usize = 1024;
+const SZ_64K: usize = 64 * SZ_1K;
+const SZ_1M: usize = 1024 * SZ_1K;
+const SZ_1G: usize = 1024 * SZ_1M;
+
+// Root level is given by the value of TCR_EL1.TG0 and TCR_EL1.T0SZ, set in
+// entry.S. For 4KB granule and 39-bit VA, the root level is 1.
+const PT_ROOT_LEVEL: usize = 1;
+const PT_ASID: usize = 1;
+
+#[global_allocator]
+static HEAP_ALLOCATOR: LockedHeap<32> = LockedHeap::<32>::new();
+
+static mut HEAP: [u8; SZ_64K] = [0; SZ_64K];
+
+unsafe fn kimg_ptr(sym: &u8) -> *const u8 {
+ sym as *const u8
+}
+
+unsafe fn kimg_addr(sym: &u8) -> usize {
+ kimg_ptr(sym) as usize
+}
+
+unsafe fn kimg_region(begin: &u8, end: &u8) -> MemoryRegion {
+ MemoryRegion::new(kimg_addr(begin), kimg_addr(end))
+}
+
+fn init_heap() {
+ // SAFETY: Allocator set to otherwise unused, static memory.
+ unsafe {
+ HEAP_ALLOCATOR.lock().init(&mut HEAP as *mut u8 as usize, HEAP.len());
+ }
+ info!("Initialized heap.");
+}
+
+fn init_kernel_pgt(pgt: &mut IdMap) -> Result<(), AddressRangeError> {
+ // The first 1 GiB of address space is used by crosvm for MMIO.
+ let reg_dev = MemoryRegion::new(0, SZ_1G);
+ // SAFETY: Taking addresses of kernel image sections to set up page table
+ // mappings. Not taking ownerhip of the memory.
+ let reg_text = unsafe { kimg_region(&text_begin, &text_end) };
+ let reg_rodata = unsafe { kimg_region(&rodata_begin, &rodata_end) };
+ let reg_data = unsafe { kimg_region(&data_begin, &boot_stack_end) };
+
+ debug!("Preparing kernel page tables.");
+ debug!(" dev: {}-{}", reg_dev.start(), reg_dev.end());
+ debug!(" text: {}-{}", reg_text.start(), reg_text.end());
+ debug!(" rodata: {}-{}", reg_rodata.start(), reg_rodata.end());
+ debug!(" data: {}-{}", reg_data.start(), reg_data.end());
+
+ let prot_dev = Attributes::DEVICE_NGNRE | Attributes::EXECUTE_NEVER;
+ let prot_rx = Attributes::NORMAL | Attributes::NON_GLOBAL | Attributes::READ_ONLY;
+ let prot_ro = Attributes::NORMAL
+ | Attributes::NON_GLOBAL
+ | Attributes::READ_ONLY
+ | Attributes::EXECUTE_NEVER;
+ let prot_rw = Attributes::NORMAL | Attributes::NON_GLOBAL | Attributes::EXECUTE_NEVER;
+
+ pgt.map_range(®_dev, prot_dev)?;
+ pgt.map_range(®_text, prot_rx)?;
+ pgt.map_range(®_rodata, prot_ro)?;
+ pgt.map_range(®_data, prot_rw)?;
+
+ info!("Finished preparing kernel page table.");
+ Ok(())
+}
+
+fn activate_kernel_pgt(pgt: &mut IdMap) {
+ pgt.activate();
+ info!("Activated kernel page table.");
+}
+
+/// Entry point for Rialto.
+pub fn main(_a0: u64, _a1: u64, _a2: u64, _a3: u64) {
+ vmbase::logger::init(log::LevelFilter::Debug).unwrap();
+
+ info!("Welcome to Rialto!");
+ init_heap();
+
+ let mut pgt = IdMap::new(PT_ASID, PT_ROOT_LEVEL);
+ init_kernel_pgt(&mut pgt).unwrap();
+ activate_kernel_pgt(&mut pgt);
+}
+
+extern "C" {
+ static text_begin: u8;
+ static text_end: u8;
+ static rodata_begin: u8;
+ static rodata_end: u8;
+ static data_begin: u8;
+ static boot_stack_end: u8;
+}
+
+main!(main);
diff --git a/rialto/tests/test.rs b/rialto/tests/test.rs
new file mode 100644
index 0000000..6cd3f2f
--- /dev/null
+++ b/rialto/tests/test.rs
@@ -0,0 +1,93 @@
+// Copyright 2022, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Integration test for Rialto.
+
+use android_system_virtualizationservice::{
+ aidl::android::system::virtualizationservice::{
+ VirtualMachineConfig::VirtualMachineConfig,
+ VirtualMachineRawConfig::VirtualMachineRawConfig,
+ },
+ binder::{ParcelFileDescriptor, ProcessState},
+};
+use anyhow::{Context, Error};
+use log::info;
+use std::fs::File;
+use std::io::{self, BufRead, BufReader};
+use std::os::unix::io::FromRawFd;
+use std::panic;
+use std::thread;
+use vmclient::{DeathReason, VmInstance};
+
+const RIALTO_PATH: &str = "/data/local/tmp/rialto_test/arm64/rialto.bin";
+
+/// Runs the Rialto VM as an unprotected VM via VirtualizationService.
+#[test]
+fn test_boots() -> Result<(), Error> {
+ android_logger::init_once(
+ android_logger::Config::default().with_tag("rialto").with_min_level(log::Level::Debug),
+ );
+
+ // Redirect panic messages to logcat.
+ panic::set_hook(Box::new(|panic_info| {
+ log::error!("{}", panic_info);
+ }));
+
+ // We need to start the thread pool for Binder to work properly, especially link_to_death.
+ ProcessState::start_thread_pool();
+
+ let service = vmclient::connect().context("Failed to find VirtualizationService")?;
+ let rialto = File::open(RIALTO_PATH).context("Failed to open Rialto kernel binary")?;
+ let console = android_log_fd()?;
+ let log = android_log_fd()?;
+
+ let config = VirtualMachineConfig::RawConfig(VirtualMachineRawConfig {
+ kernel: None,
+ initrd: None,
+ params: None,
+ bootloader: Some(ParcelFileDescriptor::new(rialto)),
+ disks: vec![],
+ protectedVm: false,
+ memoryMib: 300,
+ numCpus: 1,
+ cpuAffinity: None,
+ platformVersion: "~1.0".to_string(),
+ taskProfiles: vec![],
+ });
+ let vm = VmInstance::create(service.as_ref(), &config, Some(console), Some(log))
+ .context("Failed to create VM")?;
+
+ vm.start().context("Failed to start VM")?;
+
+ // Wait for VM to finish, and check that it shut down cleanly.
+ let death_reason = vm.wait_for_death();
+ assert_eq!(death_reason, DeathReason::Shutdown);
+
+ Ok(())
+}
+
+fn android_log_fd() -> io::Result<File> {
+ let (reader_fd, writer_fd) = nix::unistd::pipe()?;
+
+ // SAFETY: These are new FDs with no previous owner.
+ let reader = unsafe { File::from_raw_fd(reader_fd) };
+ let writer = unsafe { File::from_raw_fd(writer_fd) };
+
+ thread::spawn(|| {
+ for line in BufReader::new(reader).lines() {
+ info!("{}", line.unwrap());
+ }
+ });
+ Ok(writer)
+}