pvmfw: Defer rbp checks & instance.img is obsolete
If secretkeeper is supported on the device (and therefore DT has the
relevant property present), pvmfw can skip the code hash checks, payload
will take care of only releasing secrets to upgraded versions of the
images using appropriately set Dice Policies.
Additionally, make salt in instance.img obsolete. It should instead be
derived from instance_id in DT.
The consequence of above 2 is that instance.img will no longer be needed
by pvmfw.
As far as `new_instance` is concerned, if instance.img is present
(because Sk is not supported on device), instance img can still be used
to determine it. But if Sk is supported on devices (defer_rpb is set)
new_instance can no more determined, let it be false. Microdroid manager
will check if the get_secret() returns EntryNotFound Error & that would
indicate that this is indeed the first run of the instance.
Test: Inspect instance.img does not contain the pvmfw partition.
Test: Run a Microdroid instance, save its instance data (instance_id &
all). Rebuild Microdroid with higher rollback_index & flash the apex.
Re-run the instance, it succeeds. Again Rebuild Microdroid will lower
rollback_index & repeat. Check that the VM fails to boot with
DicePolicy error. Also inspect the sealing_policy.
Bug: 291213394
Change-Id: Iebfcdd5d89513b8f24c937b2f2cd9a298d01b74d
diff --git a/microdroid_manager/src/vm_secret.rs b/microdroid_manager/src/vm_secret.rs
index ed8ab1d..ec40b45 100644
--- a/microdroid_manager/src/vm_secret.rs
+++ b/microdroid_manager/src/vm_secret.rs
@@ -109,15 +109,14 @@
.ok_or(anyhow!("Missing explicit dice chain, this is unusual"))?;
let policy = sealing_policy(explicit_dice_chain)
.map_err(|e| anyhow!("Failed to build a sealing_policy: {e}"))?;
- if super::is_new_instance() {
- // New instance -> create a secret & store in Secretkeeper.
- *skp_secret = rand::random();
- store_secret(&mut session, id, skp_secret.clone(), policy)
- .context("Failed to store secret in Secretkeeper")?;
+ if let Some(secret) = get_secret(&mut session, id, Some(policy.clone()))? {
+ *skp_secret = secret;
} else {
- // Subsequent run of the pVM -> get the secret stored in Secretkeeper.
- *skp_secret = get_secret(&mut session, id, Some(policy))
- .context("Failed to get secret from Secretkeeper")?;
+ log::warn!(
+ "No entry found in Secretkeeper for this VM instance, creating new secret."
+ );
+ *skp_secret = rand::random();
+ store_secret(&mut session, id, skp_secret.clone(), policy)?;
}
}
Ok(Self::V2 {
@@ -248,21 +247,24 @@
session: &mut SkSession,
id: [u8; ID_SIZE],
updated_sealing_policy: Option<Vec<u8>>,
-) -> Result<[u8; SECRET_SIZE]> {
+) -> Result<Option<[u8; SECRET_SIZE]>> {
let get_request = GetSecretRequest { id: Id(id), updated_sealing_policy };
log::info!("Secretkeeper operation: {:?}", get_request);
let get_request = get_request.serialize_to_packet().to_vec().map_err(anyhow_err)?;
let get_response = session.secret_management_request(&get_request)?;
let get_response = ResponsePacket::from_slice(&get_response).map_err(anyhow_err)?;
let response_type = get_response.response_type().map_err(anyhow_err)?;
- ensure!(
- response_type == ResponseType::Success,
- "Secretkeeper get failed with error: {:?}",
- *SecretkeeperError::deserialize_from_packet(get_response).map_err(anyhow_err)?
- );
- let get_response =
- *GetSecretResponse::deserialize_from_packet(get_response).map_err(anyhow_err)?;
- Ok(get_response.secret.0)
+ if response_type == ResponseType::Success {
+ let get_response =
+ *GetSecretResponse::deserialize_from_packet(get_response).map_err(anyhow_err)?;
+ Ok(Some(get_response.secret.0))
+ } else {
+ let error = SecretkeeperError::deserialize_from_packet(get_response).map_err(anyhow_err)?;
+ if *error == SecretkeeperError::EntryNotFound {
+ return Ok(None);
+ }
+ Err(anyhow!("Secretkeeper get failed: {error:?}"))
+ }
}
#[inline]