pvmfw: Randomize guest KASLR seed Patch the template DT with a random value to avoid passing the constant placeholder value (-1). Bug: 290909089 Test: Read /chosen/kaslr-seed from main_wrapper() Change-Id: I7d239e2a292b852faeeaa1458c35d9cef2c6abc8

commit: 8025197803a4244163379e0219af4108516ede88 [log] [tgz]
author: Pierre-Clément Tosi <ptosi@google.com> Wed Jul 12 12:51:12 2023 +0000
committer: Pierre-Clément Tosi <ptosi@google.com> Tue Sep 12 09:56:30 2023 +0100
tree: 9c0bf413e95d21c372b4813fabe78d47f51fb39d
parent: e9ac2dbdb8b6fe8d2c4a3f3ace60de6f85051bc2 [diff] [blame]
diff --git a/pvmfw/src/fdt.rs b/pvmfw/src/fdt.rs
index 244b192..61de423 100644
--- a/pvmfw/src/fdt.rs
+++ b/pvmfw/src/fdt.rs

@@ -732,6 +732,7 @@
     strict_boot: bool,
     debug_policy: Option<&mut [u8]>,
     debuggable: bool,
+    kaslr_seed: u64,
 ) -> libfdt::Result<()> {
     if let Some(debug_policy) = debug_policy {
         let backup = Vec::from(fdt.as_slice());
@@ -753,6 +754,7 @@
     if let Some(mut chosen) = fdt.chosen_mut()? {
         empty_or_delete_prop(&mut chosen, cstr!("avf,strict-boot"), strict_boot)?;
         empty_or_delete_prop(&mut chosen, cstr!("avf,new-instance"), new_instance)?;
+        chosen.setprop_inplace(cstr!("kaslr-seed"), &kaslr_seed.to_be_bytes())?;
     };
     if !debuggable {
         if let Some(bootargs) = read_bootargs_from(fdt)? {
commit	8025197803a4244163379e0219af4108516ede88	[log] [tgz]
author	Pierre-Clément Tosi <ptosi@google.com>	Wed Jul 12 12:51:12 2023 +0000
committer	Pierre-Clément Tosi <ptosi@google.com>	Tue Sep 12 09:56:30 2023 +0100
tree	9c0bf413e95d21c372b4813fabe78d47f51fb39d
parent	e9ac2dbdb8b6fe8d2c4a3f3ace60de6f85051bc2 [diff] [blame]