pvmfw: sanitize bootargs

during the fdt sanitization, the bootargs string is parsed and then
only the allowed args are filtered. crashkernel= and console= are
conditionaly filtered; they are included only when the corresponding
debug policy is turned on.

Bug: 275306568
Test: inject foo=bar to bootargs and see if it's filtered out
Change-Id: I617bbf888575674f9544fca9b2ea11a7795a6e95
diff --git a/pvmfw/src/main.rs b/pvmfw/src/main.rs
index 662d705..a773f1a 100644
--- a/pvmfw/src/main.rs
+++ b/pvmfw/src/main.rs
@@ -19,6 +19,7 @@
 
 extern crate alloc;
 
+mod bootargs;
 mod config;
 mod crypto;
 mod dice;
@@ -52,6 +53,7 @@
 use libfdt::Fdt;
 use log::{debug, error, info, trace};
 use pvmfw_avb::verify_payload;
+use pvmfw_avb::DebugLevel;
 use pvmfw_embedded_key::PUBLIC_KEY;
 
 const NEXT_BCC_SIZE: usize = GUEST_PAGE_SIZE;
@@ -119,10 +121,12 @@
     flush(next_bcc);
 
     let strict_boot = true;
-    modify_for_next_stage(fdt, next_bcc, new_instance, strict_boot, debug_policy).map_err(|e| {
-        error!("Failed to configure device tree: {e}");
-        RebootReason::InternalError
-    })?;
+    let debuggable = verified_boot_data.debug_level != DebugLevel::None;
+    modify_for_next_stage(fdt, next_bcc, new_instance, strict_boot, debug_policy, debuggable)
+        .map_err(|e| {
+            error!("Failed to configure device tree: {e}");
+            RebootReason::InternalError
+        })?;
 
     info!("Starting payload...");
     Ok(())