pvmfw: apply_debug_policy: Backup DT before unpacking am: 1c9b08f146 Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/modules/Virtualization/+/23107373 Change-Id: Idff2686be2a7a7d69df6ed1a0400cf7f203650fb Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

commit: c449cf19dacb1725fda9c5a6e5ad677aa308109f [log] [tgz]
author: Pierre-Clément Tosi <ptosi@google.com> Thu May 11 14:47:15 2023 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Thu May 11 14:47:15 2023 +0000
tree: ad9cb41542e0a2a0e6a26df68e65c7d30e230cbb
parent: fb24b7e5f00c45016ccedf00126877e5a50297ce [diff]
parent: 1c9b08f146eec24c761de48b612e070500a2d563 [diff]
diff --git a/pvmfw/src/fdt.rs b/pvmfw/src/fdt.rs
index b3ce483..c009971 100644
--- a/pvmfw/src/fdt.rs
+++ b/pvmfw/src/fdt.rs

@@ -722,21 +722,26 @@
     debug_policy: Option<&mut [u8]>,
     debuggable: bool,
 ) -> libfdt::Result<()> {
-    fdt.unpack()?;
+    if let Some(debug_policy) = debug_policy {
+        let backup = Vec::from(fdt.as_slice());
+        fdt.unpack()?;
+        let backup_fdt = Fdt::from_slice(backup.as_slice()).unwrap();
+        if apply_debug_policy(fdt, backup_fdt, debug_policy)? {
+            info!("Debug policy applied.");
+        } else {
+            // apply_debug_policy restored fdt to backup_fdt so unpack it again.
+            fdt.unpack()?;
+        }
+    } else {
+        info!("No debug policy found.");
+        fdt.unpack()?;
+    }
 
     patch_dice_node(fdt, bcc.as_ptr() as usize, bcc.len())?;
 
     set_or_clear_chosen_flag(fdt, cstr!("avf,strict-boot"), strict_boot)?;
     set_or_clear_chosen_flag(fdt, cstr!("avf,new-instance"), new_instance)?;
 
-    if let Some(debug_policy) = debug_policy {
-        if apply_debug_policy(fdt, debug_policy)? {
-            info!("Debug policy applied.");
-        }
-    } else {
-        info!("No debug policy found.");
-    }
-
     if debuggable {
         if let Some(bootargs) = read_bootargs_from(fdt)? {
             filter_out_dangerous_bootargs(fdt, &bootargs)?;
@@ -779,9 +784,11 @@
 /// Apply the debug policy overlay to the guest DT.
 ///
 /// Returns Ok(true) on success, Ok(false) on recovered failure and Err(_) on corruption of the DT.
-fn apply_debug_policy(fdt: &mut Fdt, debug_policy: &[u8]) -> libfdt::Result<bool> {
-    let backup_fdt = Vec::from(fdt.as_slice());
-
+fn apply_debug_policy(
+    fdt: &mut Fdt,
+    backup_fdt: &Fdt,
+    debug_policy: &[u8],
+) -> libfdt::Result<bool> {
     let mut debug_policy = Vec::from(debug_policy);
     let overlay = match Fdt::from_mut_slice(debug_policy.as_mut_slice()) {
         Ok(overlay) => overlay,
commit	c449cf19dacb1725fda9c5a6e5ad677aa308109f	[log] [tgz]
author	Pierre-Clément Tosi <ptosi@google.com>	Thu May 11 14:47:15 2023 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	Thu May 11 14:47:15 2023 +0000
tree	ad9cb41542e0a2a0e6a26df68e65c7d30e230cbb
parent	fb24b7e5f00c45016ccedf00126877e5a50297ce [diff]
parent	1c9b08f146eec24c761de48b612e070500a2d563 [diff]