pvmfw: debug policy application failure is recoverable
If pvmfw fails to apply the debug policy, the original fdt is recovered
from the backup.
In this change also moves apply_debug_policy into modify_for_next_stage,
so that modification to the fdt after the verification is done in one
place.
Finally, error codes that are specific to debug policy are replaced with
the original errors from libfdt because the former don't give much
detail information than the other.
Bug: 275132866
Bug: 275306568
Test: forcibly modify a bit in debug_policy inside pvmfw and see if the
VM boots (without applying it). Flashing an invalid debug_policy was not
an option for the test because then ABL would reject it and doesn't pass
it to pvmfw at all.
Change-Id: I1c40967087449deb89a9698a87109fc16e588b70
diff --git a/pvmfw/src/main.rs b/pvmfw/src/main.rs
index 00ff61f..06cc81e 100644
--- a/pvmfw/src/main.rs
+++ b/pvmfw/src/main.rs
@@ -21,7 +21,6 @@
mod config;
mod crypto;
-mod debug_policy;
mod dice;
mod entry;
mod exceptions;
@@ -65,6 +64,7 @@
signed_kernel: &[u8],
ramdisk: Option<&[u8]>,
current_bcc_handover: &[u8],
+ debug_policy: Option<&mut [u8]>,
memory: &mut MemoryTracker,
) -> Result<(), RebootReason> {
info!("pVM firmware");
@@ -122,7 +122,7 @@
flush(next_bcc);
let strict_boot = true;
- modify_for_next_stage(fdt, next_bcc, new_instance, strict_boot).map_err(|e| {
+ modify_for_next_stage(fdt, next_bcc, new_instance, strict_boot, debug_policy).map_err(|e| {
error!("Failed to configure device tree: {e}");
RebootReason::InternalError
})?;