pvmfw: Parametrise GUEST_PAGE_SIZE
Replace the const with variables trickling down from a centralized
assignment, in preparation for reading it from the verified kernel.
Note: No functional change intended.
Bug: 339779843
Bug: 339782511
Test: m pvmfw_bin
Change-Id: I5f88ff52cb3d8deb220568f789e6569862505e75
diff --git a/guest/pvmfw/avb/src/verify.rs b/guest/pvmfw/avb/src/verify.rs
index a073502..c85d886 100644
--- a/guest/pvmfw/avb/src/verify.rs
+++ b/guest/pvmfw/avb/src/verify.rs
@@ -45,6 +45,8 @@
pub capabilities: Vec<Capability>,
/// Rollback index of kernel.
pub rollback_index: u64,
+ /// Page size of kernel, if present.
+ pub page_size: Option<usize>,
}
impl VerifiedBootData<'_> {
@@ -279,6 +281,7 @@
let descriptors = vbmeta_image.descriptors()?;
let hash_descriptors = HashDescriptors::get(&descriptors)?;
let capabilities = verify_property_and_get_capabilities(&descriptors)?;
+ let page_size = None; // TODO(ptosi): Read from payload.
if initrd.is_none() {
hash_descriptors.verify_no_initrd()?;
@@ -289,6 +292,7 @@
public_key: trusted_public_key,
capabilities,
rollback_index,
+ page_size,
});
}
@@ -309,5 +313,6 @@
public_key: trusted_public_key,
capabilities,
rollback_index,
+ page_size,
})
}
diff --git a/guest/pvmfw/avb/tests/api_test.rs b/guest/pvmfw/avb/tests/api_test.rs
index 430c4b3..5bf777a 100644
--- a/guest/pvmfw/avb/tests/api_test.rs
+++ b/guest/pvmfw/avb/tests/api_test.rs
@@ -51,6 +51,7 @@
&load_latest_initrd_normal()?,
b"initrd_normal",
DebugLevel::None,
+ None,
)
}
@@ -63,6 +64,7 @@
salt,
expected_rollback_index,
vec![Capability::TrustySecurityVm],
+ None,
)
}
@@ -72,6 +74,7 @@
&load_latest_initrd_debug()?,
b"initrd_debug",
DebugLevel::Full,
+ None,
)
}
@@ -93,6 +96,7 @@
public_key: &public_key,
capabilities: vec![],
rollback_index: 0,
+ page_size: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
@@ -137,6 +141,7 @@
public_key: &public_key,
capabilities: vec![Capability::RemoteAttest],
rollback_index: 0,
+ page_size: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
@@ -412,6 +417,7 @@
public_key: &public_key,
capabilities: vec![],
rollback_index: 5,
+ page_size: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
Ok(())
diff --git a/guest/pvmfw/avb/tests/utils.rs b/guest/pvmfw/avb/tests/utils.rs
index 61bfbf2..86efbba 100644
--- a/guest/pvmfw/avb/tests/utils.rs
+++ b/guest/pvmfw/avb/tests/utils.rs
@@ -114,6 +114,7 @@
initrd: &[u8],
initrd_salt: &[u8],
expected_debug_level: DebugLevel,
+ page_size: Option<usize>,
) -> Result<()> {
let public_key = load_trusted_public_key()?;
let kernel = load_latest_signed_kernel()?;
@@ -133,6 +134,7 @@
public_key: &public_key,
capabilities,
rollback_index: if cfg!(llpvm_changes) { 1 } else { 0 },
+ page_size,
};
assert_eq!(expected_boot_data, verified_boot_data);
@@ -144,6 +146,7 @@
salt: &[u8],
expected_rollback_index: u64,
capabilities: Vec<Capability>,
+ page_size: Option<usize>,
) -> Result<()> {
let public_key = load_trusted_public_key()?;
let verified_boot_data = verify_payload(
@@ -163,6 +166,7 @@
public_key: &public_key,
capabilities,
rollback_index: expected_rollback_index,
+ page_size,
};
assert_eq!(expected_boot_data, verified_boot_data);
diff --git a/guest/pvmfw/src/dice.rs b/guest/pvmfw/src/dice.rs
index b597309..6694881 100644
--- a/guest/pvmfw/src/dice.rs
+++ b/guest/pvmfw/src/dice.rs
@@ -200,6 +200,7 @@
public_key: b"public key",
capabilities: vec![],
rollback_index: 42,
+ page_size: None,
};
const HASH: Hash = *b"sixtyfourbyteslongsentencearerarebutletsgiveitatrycantbethathard";
diff --git a/guest/pvmfw/src/fdt.rs b/guest/pvmfw/src/fdt.rs
index 4a7546a..bfbd2e6 100644
--- a/guest/pvmfw/src/fdt.rs
+++ b/guest/pvmfw/src/fdt.rs
@@ -16,7 +16,6 @@
use crate::bootargs::BootArgsIterator;
use crate::device_assignment::{self, DeviceAssignmentInfo, VmDtbo};
-use crate::helpers::GUEST_PAGE_SIZE;
use crate::Box;
use crate::RebootReason;
use alloc::collections::BTreeMap;
@@ -147,7 +146,10 @@
/// Reads and validates the memory range in the DT.
///
/// Only one memory range is expected with the crosvm setup for now.
-fn read_and_validate_memory_range(fdt: &Fdt) -> Result<Range<usize>, RebootReason> {
+fn read_and_validate_memory_range(
+ fdt: &Fdt,
+ guest_page_size: usize,
+) -> Result<Range<usize>, RebootReason> {
let mut memory = fdt.memory().map_err(|e| {
error!("Failed to read memory range from DT: {e}");
RebootReason::InvalidFdt
@@ -169,8 +171,8 @@
}
let size = range.len();
- if size % GUEST_PAGE_SIZE != 0 {
- error!("Memory size {:#x} is not a multiple of page size {:#x}", size, GUEST_PAGE_SIZE);
+ if size % guest_page_size != 0 {
+ error!("Memory size {:#x} is not a multiple of page size {:#x}", size, guest_page_size);
return Err(RebootReason::InvalidFdt);
}
@@ -854,16 +856,17 @@
fn validate_swiotlb_info(
swiotlb_info: &SwiotlbInfo,
memory: &Range<usize>,
+ guest_page_size: usize,
) -> Result<(), RebootReason> {
let size = swiotlb_info.size;
let align = swiotlb_info.align;
- if size == 0 || (size % GUEST_PAGE_SIZE) != 0 {
+ if size == 0 || (size % guest_page_size) != 0 {
error!("Invalid swiotlb size {:#x}", size);
return Err(RebootReason::InvalidFdt);
}
- if let Some(align) = align.filter(|&a| a % GUEST_PAGE_SIZE != 0) {
+ if let Some(align) = align.filter(|&a| a % guest_page_size != 0) {
error!("Invalid swiotlb alignment {:#x}", align);
return Err(RebootReason::InvalidFdt);
}
@@ -1017,6 +1020,7 @@
fdt: &mut Fdt,
vm_dtbo: Option<&mut [u8]>,
vm_ref_dt: Option<&[u8]>,
+ guest_page_size: usize,
) -> Result<DeviceTreeInfo, RebootReason> {
let vm_dtbo = match vm_dtbo {
Some(vm_dtbo) => Some(VmDtbo::from_mut_slice(vm_dtbo).map_err(|e| {
@@ -1026,7 +1030,7 @@
None => None,
};
- let info = parse_device_tree(fdt, vm_dtbo.as_deref())?;
+ let info = parse_device_tree(fdt, vm_dtbo.as_deref(), guest_page_size)?;
fdt.clone_from(FDT_TEMPLATE).map_err(|e| {
error!("Failed to instantiate FDT from the template DT: {e}");
@@ -1079,13 +1083,17 @@
Ok(info)
}
-fn parse_device_tree(fdt: &Fdt, vm_dtbo: Option<&VmDtbo>) -> Result<DeviceTreeInfo, RebootReason> {
+fn parse_device_tree(
+ fdt: &Fdt,
+ vm_dtbo: Option<&VmDtbo>,
+ guest_page_size: usize,
+) -> Result<DeviceTreeInfo, RebootReason> {
let initrd_range = read_initrd_range_from(fdt).map_err(|e| {
error!("Failed to read initrd range from DT: {e}");
RebootReason::InvalidFdt
})?;
- let memory_range = read_and_validate_memory_range(fdt)?;
+ let memory_range = read_and_validate_memory_range(fdt, guest_page_size)?;
let bootargs = read_bootargs_from(fdt).map_err(|e| {
error!("Failed to read bootargs from DT: {e}");
@@ -1138,7 +1146,7 @@
error!("Swiotlb info missing from DT");
RebootReason::InvalidFdt
})?;
- validate_swiotlb_info(&swiotlb_info, &memory_range)?;
+ validate_swiotlb_info(&swiotlb_info, &memory_range, guest_page_size)?;
let device_assignment = match vm_dtbo {
Some(vm_dtbo) => {
diff --git a/guest/pvmfw/src/helpers.rs b/guest/pvmfw/src/helpers.rs
deleted file mode 100644
index 0552640..0000000
--- a/guest/pvmfw/src/helpers.rs
+++ /dev/null
@@ -1,19 +0,0 @@
-// Copyright 2022, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! Miscellaneous helper functions.
-
-use vmbase::memory::SIZE_4KB;
-
-pub const GUEST_PAGE_SIZE: usize = SIZE_4KB;
diff --git a/guest/pvmfw/src/main.rs b/guest/pvmfw/src/main.rs
index 9f9614a..4e5d82c 100644
--- a/guest/pvmfw/src/main.rs
+++ b/guest/pvmfw/src/main.rs
@@ -28,7 +28,6 @@
mod exceptions;
mod fdt;
mod gpt;
-mod helpers;
mod instance;
mod memory;
@@ -36,7 +35,6 @@
use crate::dice::PartialInputs;
use crate::entry::RebootReason;
use crate::fdt::{modify_for_next_stage, sanitize_device_tree};
-use crate::helpers::GUEST_PAGE_SIZE;
use crate::instance::EntryBody;
use crate::instance::Error as InstanceError;
use crate::instance::{get_recorded_entry, record_instance_entry};
@@ -54,12 +52,10 @@
use pvmfw_embedded_key::PUBLIC_KEY;
use vmbase::fdt::pci::{PciError, PciInfo};
use vmbase::heap;
-use vmbase::memory::{flush, init_shared_pool};
+use vmbase::memory::{flush, init_shared_pool, SIZE_4KB};
use vmbase::rand;
use vmbase::virtio::pci;
-const NEXT_BCC_SIZE: usize = GUEST_PAGE_SIZE;
-
fn main(
untrusted_fdt: &mut Fdt,
signed_kernel: &[u8],
@@ -109,7 +105,8 @@
info!("Please disregard any previous libavb ERROR about initrd_normal.");
}
- let fdt_info = sanitize_device_tree(untrusted_fdt, vm_dtbo, vm_ref_dt)?;
+ let guest_page_size = verified_boot_data.page_size.unwrap_or(SIZE_4KB);
+ let fdt_info = sanitize_device_tree(untrusted_fdt, vm_dtbo, vm_ref_dt, guest_page_size)?;
let fdt = untrusted_fdt; // DT has now been sanitized.
let pci_info = PciInfo::from_fdt(fdt).map_err(handle_pci_error)?;
debug!("PCI: {:#x?}", pci_info);
@@ -123,7 +120,8 @@
RebootReason::InternalError
})?;
- let next_bcc = heap::aligned_boxed_slice(NEXT_BCC_SIZE, GUEST_PAGE_SIZE).ok_or_else(|| {
+ let next_bcc_size = guest_page_size;
+ let next_bcc = heap::aligned_boxed_slice(next_bcc_size, guest_page_size).ok_or_else(|| {
error!("Failed to allocate the next-stage BCC");
RebootReason::InternalError
})?;