Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 677de94066fd9f06fb5fe16a3ef3c3b739df3b82^! / .
commit677de94066fd9f06fb5fe16a3ef3c3b739df3b82[log] [tgz]
authorPierre-Clément Tosi <ptosi@google.com>Tue Feb 11 18:23:44 2025 +0000
committerPierre-Clément Tosi <ptosi@google.com>Wed Feb 12 11:27:48 2025 +0000
tree5e51545456e4eb529df8f930e25cbb62480453a6
parentf136935c360cdab478c443bf2ff7181f2b4510c8 [diff]
pvmfw: Use AVB VM name as DICE component_name

The pvmfw-generated DICE node representing the guest kernel (and
optional ramdisk) has used the hard-coded component name "vm_entry"
since Android 13. Support use-cases where the VM owner wants to set this
name by re-using the com.android.virt.name property (currently used to
identify a "special" VM) as this CBOR field.

Bug: 390527025
Test: atest libpvmfw.dice.test
Change-Id: I58337a5bb2b68728a70d0ee5bab2e00ed35a4c1b

diff --git a/guest/pvmfw/src/dice.rs b/guest/pvmfw/src/dice.rs
index 32ccda2..49a3807 100644
--- a/guest/pvmfw/src/dice.rs
+++ b/guest/pvmfw/src/dice.rs

@@ -16,6 +16,7 @@
 extern crate alloc;
 
 use alloc::format;
+use alloc::string::String;
 use alloc::vec::Vec;
 use ciborium::cbor;
 use ciborium::Value;
@@ -83,6 +84,7 @@
     pub mode: DiceMode,
     pub security_version: u64,
     pub rkp_vm_marker: bool,
+    component_name: String,
 }
 
 impl PartialInputs {
@@ -90,12 +92,13 @@
         let code_hash = to_dice_hash(data)?;
         let auth_hash = hash(data.public_key)?;
         let mode = to_dice_mode(data.debug_level);
+        let component_name = data.name.clone().unwrap_or(String::from("vm_entry"));
         // We use rollback_index from vbmeta as the security_version field in dice certificate.
         let security_version = data.rollback_index;
         let rkp_vm_marker = data.has_capability(Capability::RemoteAttest)
             || data.has_capability(Capability::TrustySecurityVm);
 
-        Ok(Self { code_hash, auth_hash, mode, security_version, rkp_vm_marker })
+        Ok(Self { code_hash, auth_hash, mode, security_version, rkp_vm_marker, component_name })
     }
 
     pub fn write_next_bcc(
@@ -156,7 +159,7 @@
 
     fn generate_config_descriptor(&self, instance_hash: Option<Hash>) -> Result<Vec<u8>> {
         let mut config = Vec::with_capacity(4);
-        config.push((cbor!(COMPONENT_NAME_KEY)?, cbor!("vm_entry")?));
+        config.push((cbor!(COMPONENT_NAME_KEY)?, cbor!(self.component_name.as_str())?));
         config.push((cbor!(SECURITY_VERSION_KEY)?, cbor!(self.security_version)?));
         if self.rkp_vm_marker {
             config.push((cbor!(RKP_VM_MARKER_KEY)?, Value::Null))
@@ -250,12 +253,13 @@
     }
 
     #[test]
-    fn rkp_vm_config_descriptor_has_rkp_vm_marker() {
+    fn rkp_vm_config_descriptor_has_rkp_vm_marker_and_component_name() {
         let vb_data =
             VerifiedBootData { capabilities: vec![Capability::RemoteAttest], ..BASE_VB_DATA };
         let inputs = PartialInputs::new(&vb_data).unwrap();
         let config_map = decode_config_descriptor(&inputs, Some(HASH));
 
+        assert_eq!(config_map.get(&COMPONENT_NAME_KEY).unwrap().as_text().unwrap(), "vm_entry");
         assert!(config_map.get(&RKP_VM_MARKER_KEY).unwrap().is_null());
     }