Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / f3ae17a45df25d1c0913b5cca68fcea6e5a5ce05^1..f3ae17a45df25d1c0913b5cca68fcea6e5a5ce05 / .
commitf3ae17a45df25d1c0913b5cca68fcea6e5a5ce05[log] [tgz]
authorTreehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com>Tue Mar 18 12:49:19 2025 -0700
committerGerrit Code Review <noreply-gerritcodereview@google.com>Tue Mar 18 12:49:19 2025 -0700
treeed18fe87014ba4dab5bcb0f9790db68e548c8c3f
parentd1b44d2d2e81662a99e4efc7819e4ad0736c4d3f [diff]
parentdc02881880552aa4815e172402117cdb8b547ef8 [diff]
Merge "pvmfw: Update README for pvmfw 1.3 blob." into main
diff --git a/guest/pvmfw/README.md b/guest/pvmfw/README.md
index 652ca90..c7f3dd6 100644
--- a/guest/pvmfw/README.md
+++ b/guest/pvmfw/README.md

@@ -147,6 +147,10 @@
 |  offset = (FOURTH - HEAD)     |
 |  size = (FOURTH_END - FOURTH) |
 +-------------------------------+
+|           [Entry 4]           | <-- Entry 4 is present since version 1.3
+|  offset = (FIFTH - HEAD)      |
+|  size = (FIFTH_END - FIFTH)   |
++-------------------------------+
 |              ...              |
 +-------------------------------+
 |           [Entry n]           |
@@ -168,7 +172,11 @@
 | {Fourth blob: VM reference DT}|
 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ <-- FOURTH_END
 | (Padding to 8-byte alignment) |
-+===============================+
++===============================+ <-- FIFTH
+| {Fifth blob: Reserved Memory} |
++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ <-- FIFTH_END
+| (Padding to 8-byte alignment) |
++===============================+ <-- FIFTH
 |              ...              |
 +===============================+ <-- TAIL
 ```
@@ -238,6 +246,31 @@
 [secretkeeper_key]: https://android.googlesource.com/platform/system/secretkeeper/+/refs/heads/main/README.md#secretkeeper-public-key
 [vendor_hashtree_digest]: ../../build/microdroid/README.md#verification-of-vendor-image
 
+#### Version 1.3 {#pvmfw-data-v1-3}
+
+In version 1.3, a fifth blob is added.
+
+- entry 4, if present, contains potentially confidential data to be passed to
+  specific guests identified from their VM name. If the data is confidential,
+  this feature should only be used with guests using a fixed rollback
+  protection mechanism to prevent rollback attacks from a malicious host. Data
+  is passed as a reserved-memory region through the device tree with the
+  provided properties at an address which is implementation defined. Multiple
+  regions may be passed to the same guest. The format is as follows.
+
+  ```rust
+  #[repr(C)]
+  struct ReservedMemConfigEntry<const N: usize> {
+    /// The number of headers contained in this blob.
+    count: u32,
+    /// The [reserved memory headers](src/reserved_mem.rs) describing the passed data.
+    headers: [RMemHeader; N]
+    /// The actual data being passed. The reserved memory headers point to
+    /// offsets within this array.
+    data: [u8],
+  }
+  ```
+
 #### Virtual Platform DICE Chain Handover
 
 The format of the DICE chain entry mentioned above, compatible with the