pvmfw: Rollback index of kernel & security_version
Capture rollback_index of guest kernel. Rollback indexes are available
in AvbSlotVerifyData returned from avb_slot_verify(). This is a slice of
uint64 where the position of the rollback_index is determined by
rollback_index_location (which defaults to 0).
This is then used as the 'security_version' in the dice config, that
can be used by guests OS to provide AntiRollback protection to secrets.
Note on TrunkStableFlagging - This is guarded by flag llpvm_changes,
based on which security_version is added to dice.
Test: #payload_with_rollback_index
Test: flash pvmfw => get dice chain from Compos => verify-dice-chain
contaisn security version = 1 for guest OS
Bug: 296830692
Change-Id: I0d6d993d8b2d1b98dcc39fb90895a59c7a699d7d
diff --git a/pvmfw/avb/src/ops.rs b/pvmfw/avb/src/ops.rs
index 539291b..c7b8b01 100644
--- a/pvmfw/avb/src/ops.rs
+++ b/pvmfw/avb/src/ops.rs
@@ -229,10 +229,14 @@
_rollback_index_location: usize,
out_rollback_index: *mut u64,
) -> AvbIOResult {
- // Rollback protection is not yet implemented, but this method is required by
- // `avb_slot_verify()`.
- // We set `out_rollback_index` to 0 to ensure that the default rollback index (0)
- // is never smaller than it, thus the rollback index check will pass.
+ // This method is used by `avb_slot_verify()` to read the stored_rollback_index at
+ // rollback_index_location.
+
+ // TODO(291213394) : Refine this comment once capability for rollback protection is defined.
+ // pvmfw does not compare stored_rollback_index with rollback_index for Antirollback protection
+ // Hence, we set `out_rollback_index` to 0 to ensure that the
+ // rollback_index (including default: 0) is never smaller than it,
+ // thus the rollback index check will pass.
result_to_io_enum(write(out_rollback_index, 0))
}
@@ -334,4 +338,8 @@
unsafe { slice::from_raw_parts(data.loaded_partitions, data.num_loaded_partitions) };
Ok(loaded_partitions)
}
+
+ pub(crate) fn rollback_indexes(&self) -> &[u64] {
+ &self.as_ref().rollback_indexes
+ }
}