pvmfw: Support com.android.virt.name property
Teach pvmfw to recognize a new AVB property that will be used to gate
features specific to particular VMs, such as the way we currently
support the RKP VM with special rollback protection and its DICE chain
marker. For now, only add the infrastructure and unit-tests.
Note: No functional change intended.
Bug: 378673494
Bug: 377276983
Test: m pvmfw_bin
Test: atest libpvmfw_avb.integration_test libpvmfw.dice.test
Change-Id: Ic1fd923df361e19b2d0cd323aa6a0ca866a281a6
diff --git a/guest/pvmfw/avb/tests/utils.rs b/guest/pvmfw/avb/tests/utils.rs
index 7282f3e..227daa2 100644
--- a/guest/pvmfw/avb/tests/utils.rs
+++ b/guest/pvmfw/avb/tests/utils.rs
@@ -28,6 +28,7 @@
use std::{
fs,
mem::{size_of, transmute, MaybeUninit},
+ string::String,
};
const MICRODROID_KERNEL_IMG_PATH: &str = "microdroid_kernel";
@@ -134,6 +135,7 @@
capabilities,
rollback_index: 1,
page_size,
+ name: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
@@ -166,12 +168,23 @@
capabilities,
rollback_index: expected_rollback_index,
page_size,
+ name: None,
};
assert_eq!(expected_boot_data, verified_boot_data);
Ok(())
}
+pub fn read_name(kernel: &[u8]) -> Result<Option<String>, PvmfwVerifyError> {
+ let public_key = load_trusted_public_key().unwrap();
+ let verified_boot_data = verify_payload(
+ kernel,
+ None, // initrd
+ &public_key,
+ )?;
+ Ok(verified_boot_data.name)
+}
+
pub fn read_page_size(kernel: &[u8]) -> Result<Option<usize>, PvmfwVerifyError> {
let public_key = load_trusted_public_key().unwrap();
let verified_boot_data = verify_payload(