Revert "Skip changingDebuggability related tests on Non-pVM" am: c895dcc440
Original change: https://android-review.googlesource.com/c/platform/packages/modules/Virtualization/+/2779131
Change-Id: I2d12974c6bcb534c0c82f99690f059ac2cc5bcc9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/pvmfw/src/fdt.rs b/pvmfw/src/fdt.rs
index a1377c4..e34e425 100644
--- a/pvmfw/src/fdt.rs
+++ b/pvmfw/src/fdt.rs
@@ -721,6 +721,7 @@
strict_boot: bool,
debug_policy: Option<&mut [u8]>,
debuggable: bool,
+ kaslr_seed: u64,
) -> libfdt::Result<()> {
if let Some(debug_policy) = debug_policy {
let backup = Vec::from(fdt.as_slice());
@@ -741,6 +742,7 @@
set_or_clear_chosen_flag(fdt, cstr!("avf,strict-boot"), strict_boot)?;
set_or_clear_chosen_flag(fdt, cstr!("avf,new-instance"), new_instance)?;
+ fdt.chosen_mut()?.unwrap().setprop_inplace(cstr!("kaslr-seed"), &kaslr_seed.to_be_bytes())?;
if !debuggable {
if let Some(bootargs) = read_bootargs_from(fdt)? {
diff --git a/pvmfw/src/main.rs b/pvmfw/src/main.rs
index 21521da..9b18616 100644
--- a/pvmfw/src/main.rs
+++ b/pvmfw/src/main.rs
@@ -148,13 +148,25 @@
})?;
flush(next_bcc);
+ let kaslr_seed = u64::from_ne_bytes(rand::random_array().map_err(|e| {
+ error!("Failed to generated guest KASLR seed: {e}");
+ RebootReason::InternalError
+ })?);
let strict_boot = true;
let debuggable = verified_boot_data.debug_level != DebugLevel::None;
- modify_for_next_stage(fdt, next_bcc, new_instance, strict_boot, debug_policy, debuggable)
- .map_err(|e| {
- error!("Failed to configure device tree: {e}");
- RebootReason::InternalError
- })?;
+ modify_for_next_stage(
+ fdt,
+ next_bcc,
+ new_instance,
+ strict_boot,
+ debug_policy,
+ debuggable,
+ kaslr_seed,
+ )
+ .map_err(|e| {
+ error!("Failed to configure device tree: {e}");
+ RebootReason::InternalError
+ })?;
info!("Starting payload...");