Merge changes I4a85cb79,I67fb4512 into main
* changes:
Update kernel to builds 13003869
test microdroid vendor images: set avb_hash_algorithm to "sha256"
diff --git a/android/TerminalApp/res/values-az/strings.xml b/android/TerminalApp/res/values-az/strings.xml
index 94edf81..b3f45fc 100644
--- a/android/TerminalApp/res/values-az/strings.xml
+++ b/android/TerminalApp/res/values-az/strings.xml
@@ -33,7 +33,7 @@
<string name="installer_error_no_wifi" msgid="1180164894845030969">"Wi-Fi əlçatan olmadığı üçün quraşdırmaq alınmadı"</string>
<string name="installer_error_unknown" msgid="5657920711470180224">"Quraşdırmaq alınmadı. Yenidən cəhd edin"</string>
<string name="action_settings" msgid="5729342767795123227">"Ayarlar"</string>
- <string name="action_display" msgid="8487008779926038139">"Displey"</string>
+ <string name="action_display" msgid="8487008779926038139">"Göstərin"</string>
<string name="vm_creation_message" msgid="6594953532721367502">"Terminal hazırlanır"</string>
<string name="vm_stop_message" msgid="3978349856095529255">"Terminal dayandırılır"</string>
<string name="vm_error_message" msgid="5231867246177661525">"Terminal çökdü"</string>
diff --git a/android/TerminalApp/res/values-in/strings.xml b/android/TerminalApp/res/values-in/strings.xml
index a1fe894..b114246 100644
--- a/android/TerminalApp/res/values-in/strings.xml
+++ b/android/TerminalApp/res/values-in/strings.xml
@@ -33,7 +33,7 @@
<string name="installer_error_no_wifi" msgid="1180164894845030969">"Gagal menginstal karena Wi-Fi tidak tersedia"</string>
<string name="installer_error_unknown" msgid="5657920711470180224">"Gagal menginstal. Coba lagi"</string>
<string name="action_settings" msgid="5729342767795123227">"Setelan"</string>
- <string name="action_display" msgid="8487008779926038139">"Tampilan"</string>
+ <string name="action_display" msgid="8487008779926038139">"Layar"</string>
<string name="vm_creation_message" msgid="6594953532721367502">"Menyiapkan terminal"</string>
<string name="vm_stop_message" msgid="3978349856095529255">"Menghentikan terminal"</string>
<string name="vm_error_message" msgid="5231867246177661525">"Terminal error"</string>
diff --git a/android/virtmgr/src/crosvm.rs b/android/virtmgr/src/crosvm.rs
index df53bc6..00858cb 100644
--- a/android/virtmgr/src/crosvm.rs
+++ b/android/virtmgr/src/crosvm.rs
@@ -1105,7 +1105,7 @@
#[cfg(target_arch = "aarch64")]
command
.arg("--pci")
- .arg("mem=[start=0x70000000,size=0x2000000],cam=[start=0x72000000,size=0x1000000]");
+ .arg("mem=[start=0x2c000000,size=0x2000000],cam=[start=0x2e000000,size=0x1000000]");
command.arg("--mem").arg(memory_mib.to_string());
diff --git a/build/apex/Android.bp b/build/apex/Android.bp
index 946bc8c..20f44fe 100644
--- a/build/apex/Android.bp
+++ b/build/apex/Android.bp
@@ -149,6 +149,12 @@
"microdroid_gki-android15-6.6_kernel",
"microdroid_gki-android15-6.6.json",
],
+ "android16_612": [
+ "microdroid_gki-android16-6.12_initrd_debuggable",
+ "microdroid_gki-android16-6.12_initrd_normal",
+ "microdroid_gki-android16-6.12_kernel",
+ "microdroid_gki-android16-6.12.json",
+ ],
default: [],
}) + select(release_flag("RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT"), {
true: ["com.android.virt.vfio_handler.rc"],
diff --git a/build/apex/sign_virt_apex.py b/build/apex/sign_virt_apex.py
index e042f8d..57961a4 100644
--- a/build/apex/sign_virt_apex.py
+++ b/build/apex/sign_virt_apex.py
@@ -498,7 +498,7 @@
RunCommand(args, cmd)
-gki_versions = ['android15-6.6']
+gki_versions = ['android15-6.6', 'android16-6.12']
# dict of (key, file) for re-sign/verification. keys are un-versioned for readability.
virt_apex_non_gki_files = {
diff --git a/build/debian/kokoro/gcp_ubuntu_docker/aarch64/build.sh b/build/debian/kokoro/gcp_ubuntu_docker/aarch64/build.sh
index 43f0338..3868d63 100644
--- a/build/debian/kokoro/gcp_ubuntu_docker/aarch64/build.sh
+++ b/build/debian/kokoro/gcp_ubuntu_docker/aarch64/build.sh
@@ -2,6 +2,17 @@
set -e
+# pyenv set up to use python 3.11
+sudo apt update; sudo apt install --no-install-recommends --assume-yes \
+ build-essential libssl-dev zlib1g-dev \
+ libbz2-dev libreadline-dev libsqlite3-dev curl git \
+ libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev
+git clone https://github.com/pyenv/pyenv.git ~/.pyenv
+export PYENV_ROOT="$HOME/.pyenv"
+export PATH="$PYENV_ROOT/bin:$PATH"
+pyenv install 3.11
+pyenv global 3.11
+
cd "${KOKORO_ARTIFACTS_DIR}/git/avf/build/debian/"
sudo losetup -D
grep vmx /proc/cpuinfo || true
diff --git a/build/debian/kokoro/gcp_ubuntu_docker/x86_64/build.sh b/build/debian/kokoro/gcp_ubuntu_docker/x86_64/build.sh
index a935591..1712c24 100644
--- a/build/debian/kokoro/gcp_ubuntu_docker/x86_64/build.sh
+++ b/build/debian/kokoro/gcp_ubuntu_docker/x86_64/build.sh
@@ -2,6 +2,17 @@
set -e
+# pyenv set up to use python 3.11
+sudo apt update; sudo apt install --no-install-recommends --assume-yes \
+ build-essential libssl-dev zlib1g-dev \
+ libbz2-dev libreadline-dev libsqlite3-dev curl git \
+ libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev
+git clone https://github.com/pyenv/pyenv.git ~/.pyenv
+export PYENV_ROOT="$HOME/.pyenv"
+export PATH="$PYENV_ROOT/bin:$PATH"
+pyenv install 3.11
+pyenv global 3.11
+
cd "${KOKORO_ARTIFACTS_DIR}/git/avf/build/debian/"
sudo losetup -D
grep vmx /proc/cpuinfo || true
diff --git a/build/debian/vm_config.json.x86_64 b/build/debian/vm_config.json.x86_64
index 496e684..c34a0f2 100644
--- a/build/debian/vm_config.json.x86_64
+++ b/build/debian/vm_config.json.x86_64
@@ -43,5 +43,6 @@
"debuggable": true,
"console_out": true,
"console_input_device": "ttyS0",
- "network": true
+ "network": true,
+ "auto_memory_balloon": true
}
diff --git a/build/microdroid/Android.bp b/build/microdroid/Android.bp
index dea0bf3..059077a 100644
--- a/build/microdroid/Android.bp
+++ b/build/microdroid/Android.bp
@@ -633,7 +633,7 @@
}
avb_add_hash_footer_defaults {
- name: "microdroid_gki_kernel_signed_defaults",
+ name: "microdroid_gki-android15-6.6_kernel_signed_defaults",
defaults: ["microdroid_kernel_signed_defaults"],
arch: {
arm64: {
@@ -652,7 +652,7 @@
avb_add_hash_footer {
name: "microdroid_gki-android15-6.6_kernel_signed",
defaults: [
- "microdroid_gki_kernel_signed_defaults",
+ "microdroid_gki-android15-6.6_kernel_signed_defaults",
"microdroid_kernel_cap_defaults",
],
filename: "microdroid_gki-android15-6.6_kernel_signed",
@@ -661,7 +661,7 @@
avb_add_hash_footer {
name: "microdroid_gki-android15-6.6_kernel_signed_supports_uefi_boot",
defaults: [
- "microdroid_gki_kernel_signed_defaults",
+ "microdroid_gki-android15-6.6_kernel_signed_defaults",
"microdroid_kernel_cap_with_uefi_defaults",
],
filename: "microdroid_gki-android15-6.6_kernel_signed_supports_uefi_boot",
@@ -709,6 +709,91 @@
src: ":microdroid_gki-android15-6.6_initrd_debuggable",
}
+///////////////////////////////////////
+// GKI-android16-6.12
+///////////////////////////////////////
+prebuilt_etc {
+ name: "microdroid_gki-android16-6.12.json",
+ src: "microdroid_gki-android16-6.12.json",
+}
+
+avb_add_hash_footer_defaults {
+ name: "microdroid_gki-android16-6.12_kernel_signed_defaults",
+ defaults: ["microdroid_kernel_signed_defaults"],
+ arch: {
+ arm64: {
+ src: ":microdroid_gki_kernel_prebuilts-android16-6.12-arm64",
+ },
+ x86_64: {
+ src: ":microdroid_gki_kernel_prebuilts-android16-6.12-x86_64",
+ },
+ },
+ include_descriptors_from_images: [
+ ":microdroid_gki-android16-6.12_initrd_normal_hashdesc",
+ ":microdroid_gki-android16-6.12_initrd_debug_hashdesc",
+ ],
+}
+
+avb_add_hash_footer {
+ name: "microdroid_gki-android16-6.12_kernel_signed",
+ defaults: [
+ "microdroid_gki-android16-6.12_kernel_signed_defaults",
+ "microdroid_kernel_cap_defaults",
+ ],
+ filename: "microdroid_gki-android16-6.12_kernel_signed",
+}
+
+avb_add_hash_footer {
+ name: "microdroid_gki-android16-6.12_kernel_signed_supports_uefi_boot",
+ defaults: [
+ "microdroid_gki-android16-6.12_kernel_signed_defaults",
+ "microdroid_kernel_cap_with_uefi_defaults",
+ ],
+ filename: "microdroid_gki-android16-6.12_kernel_signed_supports_uefi_boot",
+}
+
+// HACK: use cc_genrule for arch-specific properties
+cc_genrule {
+ name: "microdroid_gki-android16-6.12_kernel_signed-lz4",
+ out: ["microdroid_gki-android16-6.12_kernel_signed-lz4"],
+ srcs: [":empty_file"],
+ arch: {
+ arm64: {
+ srcs: [":microdroid_gki-android16-6.12_kernel_signed"],
+ exclude_srcs: [":empty_file"],
+ },
+ },
+ tools: ["lz4"],
+ cmd: "$(location lz4) -9 $(in) $(out)",
+}
+
+prebuilt_etc {
+ name: "microdroid_gki-android16-6.12_kernel",
+ filename: "microdroid_gki-android16-6.12_kernel",
+ src: ":empty_file",
+ relative_install_path: "fs",
+ arch: {
+ arm64: {
+ src: ":microdroid_gki-android16-6.12_kernel_signed",
+ },
+ x86_64: {
+ src: ":microdroid_gki-android16-6.12_kernel_signed",
+ },
+ },
+}
+
+avb_gen_vbmeta_image {
+ name: "microdroid_gki-android16-6.12_initrd_normal_hashdesc",
+ defaults: ["microdroid_initrd_normal_defaults"],
+ src: ":microdroid_gki-android16-6.12_initrd_normal",
+}
+
+avb_gen_vbmeta_image {
+ name: "microdroid_gki-android16-6.12_initrd_debug_hashdesc",
+ defaults: ["microdroid_initrd_debug_defaults"],
+ src: ":microdroid_gki-android16-6.12_initrd_debuggable",
+}
+
python_binary_host {
name: "extract_microdroid_kernel_hashes",
srcs: ["extract_microdroid_kernel_hashes.py"],
@@ -723,11 +808,13 @@
arm64: {
srcs: [
":microdroid_gki-android15-6.6_kernel_signed",
+ ":microdroid_gki-android16-6.12_kernel_signed",
],
},
x86_64: {
srcs: [
":microdroid_gki-android15-6.6_kernel_signed",
+ ":microdroid_gki-android16-6.12_kernel_signed",
],
},
},
diff --git a/build/microdroid/bootconfig.arm64 b/build/microdroid/bootconfig.arm64
index 7509a2c..f257c81 100644
--- a/build/microdroid/bootconfig.arm64
+++ b/build/microdroid/bootconfig.arm64
@@ -1 +1 @@
-androidboot.boot_devices = 72000000.pci
+androidboot.boot_devices = 2e000000.pci
diff --git a/build/microdroid/initrd/Android.bp b/build/microdroid/initrd/Android.bp
index 7331e0b..d9aa108 100644
--- a/build/microdroid/initrd/Android.bp
+++ b/build/microdroid/initrd/Android.bp
@@ -52,6 +52,17 @@
}
java_genrule {
+ name: "microdroid_gki-android16-6.12_initrd_gen_arm64",
+ srcs: [
+ ":microdroid_ramdisk",
+ ":microdroid_first_stage_ramdisk",
+ ":microdroid_gki_modules-android16-6.12-arm64",
+ ],
+ out: ["microdroid_initrd.img"],
+ cmd: "cat $(in) > $(out)",
+}
+
+java_genrule {
name: "microdroid_gki-android15-6.6_initrd_gen_x86_64",
srcs: [
":microdroid_ramdisk",
@@ -62,6 +73,17 @@
cmd: "cat $(in) > $(out)",
}
+java_genrule {
+ name: "microdroid_gki-android16-6.12_initrd_gen_x86_64",
+ srcs: [
+ ":microdroid_ramdisk",
+ ":microdroid_first_stage_ramdisk",
+ ":microdroid_gki_modules-android16-6.12-x86_64",
+ ],
+ out: ["microdroid_initrd.img"],
+ cmd: "cat $(in) > $(out)",
+}
+
// This contains vbmeta hashes & related (boot)configs which are passed to kernel/init
java_genrule {
name: "microdroid_vbmeta_bootconfig_gen",
@@ -111,6 +133,17 @@
}
java_genrule {
+ name: "microdroid_gki-android16-6.12_initrd_debuggable_arm64",
+ tools: ["initrd_bootconfig"],
+ srcs: [
+ ":microdroid_gki-android16-6.12_initrd_gen_arm64",
+ ":microdroid_bootconfig_debuggable_src",
+ ] + bootconfigs_arm64,
+ out: ["microdroid_gki-android16-6.12_initrd_debuggable_arm64"],
+ cmd: "$(location initrd_bootconfig) attach --output $(out) $(in)",
+}
+
+java_genrule {
name: "microdroid_initrd_debuggable_x86_64",
tools: ["initrd_bootconfig"],
srcs: [
@@ -144,6 +177,17 @@
}
java_genrule {
+ name: "microdroid_gki-android16-6.12_initrd_debuggable_x86_64",
+ tools: ["initrd_bootconfig"],
+ srcs: [
+ ":microdroid_gki-android16-6.12_initrd_gen_x86_64",
+ ":microdroid_bootconfig_debuggable_src",
+ ] + bootconfigs_x86_64,
+ out: ["microdroid_gki-android16-6.12_initrd_debuggable_x86_64"],
+ cmd: "$(location initrd_bootconfig) attach --output $(out) $(in)",
+}
+
+java_genrule {
name: "microdroid_initrd_normal_arm64",
tools: ["initrd_bootconfig"],
srcs: [
@@ -166,6 +210,17 @@
}
java_genrule {
+ name: "microdroid_gki-android16-6.12_initrd_normal_arm64",
+ tools: ["initrd_bootconfig"],
+ srcs: [
+ ":microdroid_gki-android16-6.12_initrd_gen_arm64",
+ ":microdroid_bootconfig_normal_src",
+ ] + bootconfigs_arm64,
+ out: ["microdroid_gki-android16-6.12_initrd_normal_arm64"],
+ cmd: "$(location initrd_bootconfig) attach --output $(out) $(in)",
+}
+
+java_genrule {
name: "microdroid_initrd_normal_x86_64",
tools: ["initrd_bootconfig"],
srcs: [
@@ -198,6 +253,17 @@
cmd: "$(location initrd_bootconfig) attach --output $(out) $(in)",
}
+java_genrule {
+ name: "microdroid_gki-android16-6.12_initrd_normal_x86_64",
+ tools: ["initrd_bootconfig"],
+ srcs: [
+ ":microdroid_gki-android16-6.12_initrd_gen_x86_64",
+ ":microdroid_bootconfig_normal_src",
+ ] + bootconfigs_x86_64,
+ out: ["microdroid_gki-android16-6.12_initrd_normal_x86_64"],
+ cmd: "$(location initrd_bootconfig) attach --output $(out) $(in)",
+}
+
prebuilt_etc {
name: "microdroid_initrd_debuggable",
// We don't have ramdisk for architectures other than x86_64 & arm64
@@ -247,6 +313,21 @@
}
prebuilt_etc {
+ name: "microdroid_gki-android16-6.12_initrd_debuggable",
+ // We don't have ramdisk for architectures other than x86_64 & arm64
+ src: ":empty_file",
+ arch: {
+ arm64: {
+ src: ":microdroid_gki-android16-6.12_initrd_debuggable_arm64",
+ },
+ x86_64: {
+ src: ":microdroid_gki-android16-6.12_initrd_debuggable_x86_64",
+ },
+ },
+ filename: "microdroid_gki-android16-6.12_initrd_debuggable.img",
+}
+
+prebuilt_etc {
name: "microdroid_initrd_normal",
// We don't have ramdisk for architectures other than x86_64 & arm64
src: ":empty_file",
@@ -293,3 +374,18 @@
},
filename: "microdroid_gki-android15-6.6_initrd_normal.img",
}
+
+prebuilt_etc {
+ name: "microdroid_gki-android16-6.12_initrd_normal",
+ // We don't have ramdisk for architectures other than x86_64 & arm64
+ src: ":empty_file",
+ arch: {
+ arm64: {
+ src: ":microdroid_gki-android16-6.12_initrd_normal_arm64",
+ },
+ x86_64: {
+ src: ":microdroid_gki-android16-6.12_initrd_normal_x86_64",
+ },
+ },
+ filename: "microdroid_gki-android16-6.12_initrd_normal.img",
+}
diff --git a/build/microdroid/microdroid_gki-android16-6.12.json b/build/microdroid/microdroid_gki-android16-6.12.json
new file mode 100644
index 0000000..57adb24
--- /dev/null
+++ b/build/microdroid/microdroid_gki-android16-6.12.json
@@ -0,0 +1,20 @@
+{
+ "kernel": "/apex/com.android.virt/etc/fs/microdroid_gki-android16-6.12_kernel",
+ "disks": [
+ {
+ "partitions": [
+ {
+ "label": "vbmeta_a",
+ "path": "/apex/com.android.virt/etc/fs/microdroid_vbmeta.img"
+ },
+ {
+ "label": "super",
+ "path": "/apex/com.android.virt/etc/fs/microdroid_super.img"
+ }
+ ],
+ "writable": false
+ }
+ ],
+ "memory_mib": 256,
+ "platform_version": "~1.0"
+}
diff --git a/guest/forwarder_guest_launcher/src/main.rs b/guest/forwarder_guest_launcher/src/main.rs
index 963a531..f4c8ca9 100644
--- a/guest/forwarder_guest_launcher/src/main.rs
+++ b/guest/forwarder_guest_launcher/src/main.rs
@@ -36,14 +36,12 @@
const NON_PREVILEGED_PORT_RANGE_START: i32 = 1024;
const TTYD_PORT: i32 = 7681;
-const TCPSTATES_IP_4: i8 = 4;
const TCPSTATES_STATE_CLOSE: &str = "CLOSE";
const TCPSTATES_STATE_LISTEN: &str = "LISTEN";
#[derive(Debug, Deserialize)]
#[serde(rename_all = "UPPERCASE")]
struct TcpStateRow {
- ip: i8,
lport: i32,
rport: i32,
#[serde(alias = "C-COMM")]
@@ -127,10 +125,8 @@
// TODO(b/340126051): Consider using NETLINK_SOCK_DIAG for the optimization.
let listeners = listeners::get_all()?;
- // TODO(b/340126051): Support distinguished port forwarding for ipv6 as well.
let mut listening_ports: HashMap<_, _> = listeners
.iter()
- .filter(|x| x.socket.is_ipv4())
.map(|x| {
(
x.socket.port().into(),
@@ -144,9 +140,6 @@
let mut records = csv_reader.records();
while let Some(record) = records.next().await {
let row: TcpStateRow = record?.deserialize(Some(&header))?;
- if row.ip != TCPSTATES_IP_4 {
- continue;
- }
if !is_forwardable_port(row.lport) {
continue;
}
diff --git a/guest/microdroid_manager/src/dice.rs b/guest/microdroid_manager/src/dice.rs
index bf89358..dd5375f 100644
--- a/guest/microdroid_manager/src/dice.rs
+++ b/guest/microdroid_manager/src/dice.rs
@@ -153,7 +153,11 @@
subcomponents.into_iter().map(Subcomponent::into_value).collect::<Result<Vec<_>>>()?;
map.push((cbor!(-71002)?, cbor!(values)?));
}
- // Add a placeholder security version as it is required by the open-dice profile "Android.16"
+ // Add a placeholder security version as it is required by the open-dice profile "Android.16".
+ // Note: The DICE certificate derived in microdroid_manager primarily describes the APKs/APEXs
+ // loaded by microdroid_manager. Each APK/APEX is described separately with its own security
+ // version as a subcomponent within the certificate's config descriptor.
+ // Therefore, the global security version below (for the entire certificate) is unused.
map.push((cbor!(-70005)?, cbor!(0)?));
Ok(Value::Map(map).to_vec()?)
}
diff --git a/guest/pvmfw/platform.dts b/guest/pvmfw/platform.dts
index 643a5e4..653a70f 100644
--- a/guest/pvmfw/platform.dts
+++ b/guest/pvmfw/platform.dts
@@ -355,11 +355,11 @@
dma-coherent;
memory-region = <&swiotlb>;
ranges = <
- 0x3000000 0x0 0x70000000 0x0 0x70000000 0x00 0x02000000
+ 0x3000000 0x0 0x2c000000 0x0 0x2c000000 0x00 0x02000000
0x3000000 PLACEHOLDER2 PLACEHOLDER2 PLACEHOLDER2
>;
bus-range = <0x00 0x00>;
- reg = <0x00 0x72000000 0x00 0x1000000>;
+ reg = <0x00 0x2e000000 0x00 0x1000000>;
interrupt-map = <
0x0800 0x0 0x0 1 &intc 0 0 GIC_SPI (IRQ_BASE + 0) IRQ_TYPE_LEVEL_HIGH
0x1000 0x0 0x0 1 &intc 0 0 GIC_SPI (IRQ_BASE + 1) IRQ_TYPE_LEVEL_HIGH
diff --git a/libs/libavf/include/android/virtualization.h b/libs/libavf/include/android/virtualization.h
index ef57325..8d96fac 100644
--- a/libs/libavf/include/android/virtualization.h
+++ b/libs/libavf/include/android/virtualization.h
@@ -357,7 +357,7 @@
* For a graceful shutdown, you could request the virtual machine to exit itself, and wait for the
* virtual machine to stop by `AVirtualMachine_waitForStop`.
*
- * A stopped virtual machine can be re-started by calling `AVirtualMachine_start`.
+ * A stopped virtual machine cannot be re-started.
*
* `AVirtualMachine_stop` stops a virtual machine by sending a signal to the process. This operation
* is synchronous and `AVirtualMachine_stop` may block.
diff --git a/libs/libvm_payload/include/vm_payload.h b/libs/libvm_payload/include/vm_payload.h
index e4609fa..a3bb577 100644
--- a/libs/libvm_payload/include/vm_payload.h
+++ b/libs/libvm_payload/include/vm_payload.h
@@ -58,7 +58,7 @@
typedef enum AVmAccessRollbackProtectedSecretStatus : int32_t {
/**
* Relevant Entry not found. This can happen either due to no value was ever written or because
- * Android maliciously deleted the value (deletions may not be authenticated).
+ * it was deleted by host.
*/
AVMACCESSROLLBACKPROTECTEDSECRETSTATUS_ENTRY_NOT_FOUND = -1,
/** Requested access size is not supported by the implementation */
@@ -282,9 +282,9 @@
__INTRODUCED_IN(__ANDROID_API_V__);
/**
* Writes up to n bytes from buffer starting at `buf`, on behalf of the payload, to rollback
- * detectable storage. The number of bytes written may be less than n if, for example, the
- * underlying storage has size constraints. This stored data is confidential to the pVM and
- * protected via appropriate DICE policy on the payload's DICE chain.
+ * detectable storage. The data is written from the start. The number of bytes written may be less
+ * than n if, for example, the underlying storage has size constraints. This stored data is
+ * confidential to the VM instance.
*
* \param buf A pointer to data to be written. This should have the size of at least n bytes.
* \param n The maximum number of bytes to be filled in `buf`.
@@ -296,7 +296,7 @@
int32_t AVmPayload_writeRollbackProtectedSecret(const void* _Nonnull buf, size_t n)
__INTRODUCED_IN(36);
/**
- * Read up to n bytes of payload's data in rollback detectable storage into `buf`.
+ * Read the first n bytes of payload's data in rollback detectable storage into `buf`.
*
* \param buf A pointer to buffer where the requested data is written. This should have the size of
* at least n bytes.
@@ -307,7 +307,6 @@
* number) is returned.
*/
int32_t AVmPayload_readRollbackProtectedSecret(void* _Nullable buf, size_t n) __INTRODUCED_IN(36);
-;
/**
* Checks whether the VM instance is new - i.e., if this is the first run of an instance.
@@ -316,6 +315,6 @@
*
* \return true if this is the first run of an instance, false otherwise.
*/
-bool AVmPayload_isNewInstance() __INTRODUCED_IN(36);
+bool AVmPayload_isNewInstance(void) __INTRODUCED_IN(36);
__END_DECLS
diff --git a/tests/backcompat_test/goldens/dt_dump_golden.dts b/tests/backcompat_test/goldens/dt_dump_golden.dts
index a583514..99b2cff 100644
--- a/tests/backcompat_test/goldens/dt_dump_golden.dts
+++ b/tests/backcompat_test/goldens/dt_dump_golden.dts
@@ -102,8 +102,8 @@
dma-coherent;
interrupt-map = <0x800 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x04 0x04 0x1000 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x05 0x04 0x1800 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x06 0x04 0x2000 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x07 0x04 0x2800 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x08 0x04 0x3000 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x09 0x04 0x3800 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x0a 0x04 0x4000 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x0b 0x04>;
interrupt-map-mask = <0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07>;
- ranges = <0x3000000 0x00 0x70000000 0x00 0x70000000 0x00 0x2000000 0x43000000 0x00 0x93400000 0x00 0x93400000 0xff 0x6cc00000>;
- reg = <0x00 0x72000000 0x00 0x1000000>;
+ ranges = <0x3000000 0x00 0x2c000000 0x00 0x2c000000 0x00 0x2000000 0x43000000 0x00 0x93400000 0x00 0x93400000 0xff 0x6cc00000>;
+ reg = <0x00 0x2e000000 0x00 0x1000000>;
};
pclk@3M {
diff --git a/tests/backcompat_test/goldens/dt_dump_protected_golden.dts b/tests/backcompat_test/goldens/dt_dump_protected_golden.dts
index 656958d..7cea489 100644
--- a/tests/backcompat_test/goldens/dt_dump_protected_golden.dts
+++ b/tests/backcompat_test/goldens/dt_dump_protected_golden.dts
@@ -103,8 +103,8 @@
interrupt-map = <0x800 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x04 0x04 0x1000 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x05 0x04 0x1800 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x06 0x04 0x2000 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x07 0x04 0x2800 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x08 0x04 0x3000 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x09 0x04 0x3800 0x00 0x00 0x01 0x01 0x00 0x00 0x00 0x0a 0x04>;
interrupt-map-mask = <0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07 0xf800 0x00 0x00 0x07>;
memory-region = <0x02>;
- ranges = <0x3000000 0x00 0x70000000 0x00 0x70000000 0x00 0x2000000 0x43000000 0x00 0x94000000 0x00 0x94000000 0xff 0x6c000000>;
- reg = <0x00 0x72000000 0x00 0x1000000>;
+ ranges = <0x3000000 0x00 0x2c000000 0x00 0x2c000000 0x00 0x2000000 0x43000000 0x00 0x94000000 0x00 0x94000000 0xff 0x6c000000>;
+ reg = <0x00 0x2e000000 0x00 0x1000000>;
};
pclk@3M {