[service-vm] Identitfy service VM in pvmfw with avb property
The kernel footer only accepted hash descriptor prior to this change.
With this change, at most one property descriptor is allow to
indicate that this VM is a service VM.
Test: atest libpvmfw_avb.integration_test
Bug: 279557218
Change-Id: Ied476eba2e88be63ab78eae7ed05512a97406ec2
diff --git a/pvmfw/avb/tests/api_test.rs b/pvmfw/avb/tests/api_test.rs
index a4a33f7..aa9ed36 100644
--- a/pvmfw/avb/tests/api_test.rs
+++ b/pvmfw/avb/tests/api_test.rs
@@ -18,12 +18,18 @@
use anyhow::{anyhow, Result};
use avb_bindgen::{AvbFooter, AvbVBMetaImageHeader};
-use pvmfw_avb::{verify_payload, AvbIOError, AvbSlotVerifyError, DebugLevel, VerifiedBootData};
+use pvmfw_avb::{
+ verify_payload, AvbIOError, AvbSlotVerifyError, Capability, DebugLevel, VerifiedBootData,
+};
use std::{fs, mem::size_of, ptr};
use utils::*;
const TEST_IMG_WITH_ONE_HASHDESC_PATH: &str = "test_image_with_one_hashdesc.img";
const TEST_IMG_WITH_PROP_DESC_PATH: &str = "test_image_with_prop_desc.img";
+const TEST_IMG_WITH_SERVICE_VM_PROP_PATH: &str = "test_image_with_service_vm_prop.img";
+const TEST_IMG_WITH_UNKNOWN_VM_TYPE_PROP_PATH: &str = "test_image_with_unknown_vm_type_prop.img";
+const TEST_IMG_WITH_MULTIPLE_PROPS_PATH: &str = "test_image_with_multiple_props.img";
+const TEST_IMG_WITH_DUPLICATED_CAP_PATH: &str = "test_image_with_duplicated_capability.img";
const TEST_IMG_WITH_NON_INITRD_HASHDESC_PATH: &str = "test_image_with_non_initrd_hashdesc.img";
const TEST_IMG_WITH_INITRD_AND_NON_INITRD_DESC_PATH: &str =
"test_image_with_initrd_and_non_initrd_desc.img";
@@ -67,6 +73,7 @@
kernel_digest,
initrd_digest: None,
public_key: &public_key,
+ capabilities: vec![],
};
assert_eq!(expected_boot_data, verified_boot_data);
@@ -94,12 +101,65 @@
}
#[test]
+fn payload_expecting_no_initrd_passes_verification_with_service_vm_prop() -> Result<()> {
+ let public_key = load_trusted_public_key()?;
+ let verified_boot_data = verify_payload(
+ &fs::read(TEST_IMG_WITH_SERVICE_VM_PROP_PATH)?,
+ /*initrd=*/ None,
+ &public_key,
+ )
+ .map_err(|e| anyhow!("Verification failed. Error: {}", e))?;
+
+ let kernel_digest = hash(&[&hex::decode("2131")?, &fs::read(UNSIGNED_TEST_IMG_PATH)?]);
+ let expected_boot_data = VerifiedBootData {
+ debug_level: DebugLevel::None,
+ kernel_digest,
+ initrd_digest: None,
+ public_key: &public_key,
+ capabilities: vec![Capability::RemoteAttest],
+ };
+ assert_eq!(expected_boot_data, verified_boot_data);
+
+ Ok(())
+}
+
+#[test]
+fn payload_with_unknown_vm_type_fails_verification_with_no_initrd() -> Result<()> {
+ assert_payload_verification_fails(
+ &fs::read(TEST_IMG_WITH_UNKNOWN_VM_TYPE_PROP_PATH)?,
+ /*initrd=*/ None,
+ &load_trusted_public_key()?,
+ AvbSlotVerifyError::UnknownVbmetaProperty,
+ )
+}
+
+#[test]
+fn payload_with_multiple_props_fails_verification_with_no_initrd() -> Result<()> {
+ assert_payload_verification_fails(
+ &fs::read(TEST_IMG_WITH_MULTIPLE_PROPS_PATH)?,
+ /*initrd=*/ None,
+ &load_trusted_public_key()?,
+ AvbSlotVerifyError::InvalidDescriptors(AvbIOError::Io),
+ )
+}
+
+#[test]
+fn payload_with_duplicated_capability_fails_verification_with_no_initrd() -> Result<()> {
+ assert_payload_verification_fails(
+ &fs::read(TEST_IMG_WITH_DUPLICATED_CAP_PATH)?,
+ /*initrd=*/ None,
+ &load_trusted_public_key()?,
+ AvbSlotVerifyError::InvalidMetadata,
+ )
+}
+
+#[test]
fn payload_with_prop_descriptor_fails_verification_with_no_initrd() -> Result<()> {
assert_payload_verification_fails(
&fs::read(TEST_IMG_WITH_PROP_DESC_PATH)?,
/*initrd=*/ None,
&load_trusted_public_key()?,
- AvbSlotVerifyError::InvalidDescriptors(AvbIOError::NoSuchValue),
+ AvbSlotVerifyError::UnknownVbmetaProperty,
)
}
diff --git a/pvmfw/avb/tests/utils.rs b/pvmfw/avb/tests/utils.rs
index 6713846..79fdfff 100644
--- a/pvmfw/avb/tests/utils.rs
+++ b/pvmfw/avb/tests/utils.rs
@@ -116,6 +116,7 @@
kernel_digest,
initrd_digest,
public_key: &public_key,
+ capabilities: vec![],
};
assert_eq!(expected_boot_data, verified_boot_data);