[rialto][fdt] Map and validate FDT range in memory before parsing
Bug: 284462758
Test: atest rialto_test
Change-Id: I50c081ad806a59da9a3965dd6787b9a1f0c9795e
diff --git a/rialto/src/error.rs b/rialto/src/error.rs
index bf26639..8e2991c 100644
--- a/rialto/src/error.rs
+++ b/rialto/src/error.rs
@@ -19,6 +19,7 @@
use fdtpci::PciError;
use hyp::Error as HypervisorError;
use libfdt::FdtError;
+use vmbase::memory::MemoryTrackerError;
pub type Result<T> = result::Result<T, Error>;
@@ -34,6 +35,8 @@
InvalidFdt(FdtError),
/// Invalid PCI.
InvalidPci(PciError),
+ /// Failed memory operation.
+ MemoryOperationFailed(MemoryTrackerError),
}
impl fmt::Display for Error {
@@ -46,6 +49,7 @@
Self::LoggerInit => write!(f, "Failed to initialize the logger."),
Self::InvalidFdt(e) => write!(f, "Invalid FDT: {e}"),
Self::InvalidPci(e) => write!(f, "Invalid PCI: {e}"),
+ Self::MemoryOperationFailed(e) => write!(f, "Failed memory operation: {e}"),
}
}
}
@@ -73,3 +77,9 @@
Self::InvalidPci(e)
}
}
+
+impl From<MemoryTrackerError> for Error {
+ fn from(e: MemoryTrackerError) -> Self {
+ Self::MemoryOperationFailed(e)
+ }
+}
diff --git a/rialto/src/main.rs b/rialto/src/main.rs
index 44e83ee..45bda1b 100644
--- a/rialto/src/main.rs
+++ b/rialto/src/main.rs
@@ -24,6 +24,7 @@
use crate::error::{Error, Result};
use buddy_system_allocator::LockedHeap;
+use core::num::NonZeroUsize;
use core::slice;
use fdtpci::PciInfo;
use hyp::get_hypervisor;
@@ -84,12 +85,6 @@
/// * The `fdt_addr` must be a valid pointer and points to a valid `Fdt`.
unsafe fn try_main(fdt_addr: usize) -> Result<()> {
info!("Welcome to Rialto!");
- // SAFETY: The caller ensures that `fdt_addr` is valid.
- let fdt = unsafe { slice::from_raw_parts(fdt_addr as *mut u8, crosvm::FDT_MAX_SIZE) };
- let fdt = libfdt::Fdt::from_slice(fdt)?;
- let pci_info = PciInfo::from_fdt(fdt)?;
- debug!("PCI: {:#x?}", pci_info);
-
let page_table = new_page_table()?;
MEMORY.lock().replace(MemoryTracker::new(
@@ -98,6 +93,18 @@
crosvm::MMIO_RANGE,
None, // Rialto doesn't have any payload for now.
));
+
+ let fdt_range = MEMORY
+ .lock()
+ .as_mut()
+ .unwrap()
+ .alloc(fdt_addr, NonZeroUsize::new(crosvm::FDT_MAX_SIZE).unwrap())?;
+ // SAFETY: The tracker validated the range to be in main memory, mapped, and not overlap.
+ let fdt = unsafe { slice::from_raw_parts(fdt_range.start as *mut u8, fdt_range.len()) };
+ let fdt = libfdt::Fdt::from_slice(fdt)?;
+ let pci_info = PciInfo::from_fdt(fdt)?;
+ debug!("PCI: {pci_info:#x?}");
+
Ok(())
}