Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 90e19359632b87bc3f3e410cf4fd4e01a3891538^! / . / pvmfw / src / entry.rs
commit90e19359632b87bc3f3e410cf4fd4e01a3891538[log] [tgz]
authorPierre-Clément Tosi <ptosi@google.com>Mon Nov 21 17:11:48 2022 +0000
committerJaewan Kim <jaewan@google.com>Thu Jan 19 16:23:09 2023 +0900
treedbb3fc17bf119fb508cfef6d26c6108426e711b4
parent8253ac6b6ef6fec0c398a94f05213c837df4d457 [diff] [blame]
pvmfw: Apply debug policy from config to VM FDT

Apply the debug config device tree overlay obtained from the
configuration data to the final device tree that the payload will
receive.

Bug: 232900974
Test: atest MicrodroidTestApp # Uses default (userdebug?) DP
Change-Id: Ic616f6eddd669f09ad28e40fff61aa88a2bfb60c

diff --git a/pvmfw/src/entry.rs b/pvmfw/src/entry.rs
index bfcb423..4f30902 100644
--- a/pvmfw/src/entry.rs
+++ b/pvmfw/src/entry.rs

@@ -178,6 +178,37 @@
     }
 }
 
+/// Applies the debug policy device tree overlay to the pVM DT.
+///
+/// # Safety
+///
+/// When an error is returned by this function, the input `Fdt` should be discarded as it may have
+/// have been partially corrupted during the overlay application process.
+unsafe fn apply_debug_policy(
+    fdt: &mut libfdt::Fdt,
+    debug_policy: &mut [u8],
+) -> Result<(), RebootReason> {
+    let overlay = libfdt::Fdt::from_mut_slice(debug_policy).map_err(|e| {
+        error!("Failed to load the debug policy overlay: {e}");
+        RebootReason::InvalidConfig
+    })?;
+
+    fdt.unpack().map_err(|e| {
+        error!("Failed to unpack DT for debug policy: {e}");
+        RebootReason::InternalError
+    })?;
+
+    let fdt = fdt.apply_overlay(overlay).map_err(|e| {
+        error!("Failed to apply the debug policy overlay: {e}");
+        RebootReason::InvalidConfig
+    })?;
+
+    fdt.pack().map_err(|e| {
+        error!("Failed to re-pack DT after debug policy: {e}");
+        RebootReason::InternalError
+    })
+}
+
 /// Sets up the environment for main() and wraps its result for start().
 ///
 /// Provide the abstractions necessary for start() to abort the pVM boot and for main() to run with
@@ -252,6 +283,11 @@
     helpers::flushed_zeroize(bcc_slice);
     helpers::flush(slices.fdt.as_slice());
 
+    if let Some(debug_policy) = appended.get_debug_policy() {
+        // SAFETY - As we `?` the result, there is no risk of re-using a bad `slices.fdt`.
+        unsafe { apply_debug_policy(slices.fdt, debug_policy) }?;
+    }
+
     info!("Expecting a bug making MMIO_GUARD_UNMAP return NOT_SUPPORTED on success");
     memory.mmio_unmap_all().map_err(|e| {
         error!("Failed to unshare MMIO ranges: {e}");