Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 843d83198a6aec513dcd271d922e6009cc467612^! / . / pvmfw / src / dice.rs
commit843d83198a6aec513dcd271d922e6009cc467612[log] [tgz]
authorAlice Wang <aliceywang@google.com>Wed Feb 15 09:47:06 2023 +0000
committerAlice Wang <aliceywang@google.com>Wed Feb 15 09:47:06 2023 +0000
treeeabb21aca214c55c120f376fd33725aaa8ef489f
parent738be14804bcd199c57f6f23f95a0509adf03bd8 [diff] [blame]
[dice] Use libdice_open_dice_nostd for DICE functions in pvmfw

This cl migrate two calls of bcc functions in pvmfw from
libdice_nostd to libdice_open_dice_nostd and removes the library
libdice_nostd.

libdice_open_dice_nostd is compiled from the same Rust code as
libdice_open_dice. The latter is used for DICE derivation inside
Microdroid and both libraries are covered by tests. It's better to
switch to libdice_open_dice_nostd than maintaining another copy of
open-dice wrapper.

As pvmfw already depends on libdice_open_dice_nostd prior to this cl,
this cl shouldn't cause build problems.

Test: m pvmfw_img
Bug: 267575445
Change-Id: I8d5688998754540fcc7b4082bd67cee237f229b4

diff --git a/pvmfw/src/dice.rs b/pvmfw/src/dice.rs
index 9c5f59a..14f522f 100644
--- a/pvmfw/src/dice.rs
+++ b/pvmfw/src/dice.rs

@@ -20,10 +20,9 @@
 use core::mem::size_of;
 use core::slice;
 
-use dice::Config;
-use dice::DiceMode;
-use dice::InputValues;
-use diced_open_dice::{bcc_format_config_descriptor, hash, HIDDEN_SIZE};
+use diced_open_dice::{
+    bcc_format_config_descriptor, hash, Config, DiceMode, Hash, InputValues, HIDDEN_SIZE,
+};
 use pvmfw_avb::{DebugLevel, Digest, VerifiedBootData};
 
 fn to_dice_mode(debug_level: DebugLevel) -> DiceMode {
@@ -33,7 +32,7 @@
     }
 }
 
-fn to_dice_hash(verified_boot_data: &VerifiedBootData) -> dice::Result<dice::Hash> {
+fn to_dice_hash(verified_boot_data: &VerifiedBootData) -> diced_open_dice::Result<Hash> {
     let mut digests = [0u8; size_of::<Digest>() * 2];
     digests[..size_of::<Digest>()].copy_from_slice(&verified_boot_data.kernel_digest);
     if let Some(initrd_digest) = verified_boot_data.initrd_digest {
@@ -43,13 +42,13 @@
 }
 
 pub struct PartialInputs {
-    code_hash: dice::Hash,
-    auth_hash: dice::Hash,
+    code_hash: Hash,
+    auth_hash: Hash,
     mode: DiceMode,
 }
 
 impl PartialInputs {
-    pub fn new(data: &VerifiedBootData) -> dice::Result<Self> {
+    pub fn new(data: &VerifiedBootData) -> diced_open_dice::Result<Self> {
         let code_hash = to_dice_hash(data)?;
         let auth_hash = hash(data.public_key)?;
         let mode = to_dice_mode(data.debug_level);
@@ -57,7 +56,10 @@
         Ok(Self { code_hash, auth_hash, mode })
     }
 
-    pub fn into_input_values(self, salt: &[u8; HIDDEN_SIZE]) -> dice::Result<InputValues> {
+    pub fn into_input_values(
+        self,
+        salt: &[u8; HIDDEN_SIZE],
+    ) -> diced_open_dice::Result<InputValues> {
         let component_name = CStr::from_bytes_with_nul(b"vm_entry\0").unwrap();
         let mut config_descriptor_buffer = [0; 128];
         let config_descriptor_size = bcc_format_config_descriptor(