Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 9e8f02476750e6d6447047b101672847398d2bc1 / . / guest / rialto / src / main.rs
blob: c3d36048b0fb9a401c47e52db2f030509b7af7df [file] [log] [blame]
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]1// Copyright 2022, The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15//! Project Rialto main source file.
16
17#![no_main]
18#![no_std]
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]19
Alice Wang4e082c32023-07-11 07:41:50 +0000[diff] [blame]20mod communication;
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]21mod error;
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]22mod exceptions;
Alice Wang474c0ee2023-09-14 12:52:33 +0000[diff] [blame]23mod fdt;
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]24
25extern crate alloc;
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]26
Alice Wang748b0322023-07-24 12:51:18 +0000[diff] [blame]27use crate::communication::VsockStream;
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]28use crate::error::{Error, Result};
Alice Wanga2228b92024-07-26 08:38:47 +0000[diff] [blame]29use crate::fdt::{read_dice_range_from, read_is_strict_boot, read_vendor_hashtree_root_digest};
Alice Wang77639bf2023-09-21 06:57:12 +0000[diff] [blame]30use alloc::boxed::Box;
Alice Wang953a6572023-08-24 13:40:10 +0000[diff] [blame]31use ciborium_io::Write;
Alice Wang74f7f4b2023-06-13 08:24:50 +0000[diff] [blame]32use core::num::NonZeroUsize;
Pierre-Clément Tosi3d4c5c32023-05-31 16:57:06 +0000[diff] [blame]33use core::slice;
Alice Wang77639bf2023-09-21 06:57:12 +0000[diff] [blame]34use diced_open_dice::{bcc_handover_parse, DiceArtifacts};
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]35use log::{debug, error, info};
Alice Wangb5d9a462024-02-09 10:10:47 +0000[diff] [blame]36use service_vm_comm::{ServiceVmRequest, VmType};
Alice Wang4ac9c8b2023-12-05 16:23:14 +0000[diff] [blame]37use service_vm_fake_chain::service_vm;
Alice Wang9eebbab2024-04-10 14:57:27 +0000[diff] [blame]38use service_vm_requests::{process_request, RequestContext};
Alice Wang62183352023-07-04 08:33:27 +0000[diff] [blame]39use virtio_drivers::{
Alice Wangd158e392023-08-30 12:51:12 +0000[diff] [blame]40 device::socket::{VsockAddr, VMADDR_CID_HOST},
Andrew Walbraneb75fb92024-12-13 15:37:30 +0000[diff] [blame]41 transport::{
42 pci::bus::{ConfigurationAccess, PciRoot},
43 DeviceType, Transport,
44 },
Alice Wang62183352023-07-04 08:33:27 +0000[diff] [blame]45 Hal,
46};
Alice Wang4b3cc112023-06-06 12:22:53 +0000[diff] [blame]47use vmbase::{
Pierre-Clément Tosi6a4808c2023-06-29 09:19:38 +0000[diff] [blame]48 configure_heap,
Pierre-Clément Tosif2c19d42024-10-01 17:42:04 +0100[diff] [blame]49 fdt::pci::PciInfo,
Alice Wangb6d2c642023-06-13 13:07:06 +0000[diff] [blame]50 fdt::SwiotlbInfo,
Frederick Mayle75842402024-08-05 19:32:08 -0700[diff] [blame]51 generate_image_header,
Pierre-Clément Tosiae071612024-11-02 13:13:34 +0000[diff] [blame]52 layout::crosvm,
Alice Wang89d29592023-06-12 09:41:29 +0000[diff] [blame]53 main,
Pierre-Clément Tosic26e2202024-11-01 23:12:23 +0000[diff] [blame]54 memory::{
55 init_shared_pool, map_rodata, map_rodata_outside_main_memory, resize_available_memory,
Pierre-Clément Tosiae071612024-11-02 13:13:34 +0000[diff] [blame]56 SIZE_128KB,
Pierre-Clément Tosic26e2202024-11-01 23:12:23 +0000[diff] [blame]57 },
Alice Wang4b3cc112023-06-06 12:22:53 +0000[diff] [blame]58 power::reboot,
Alice Wang62183352023-07-04 08:33:27 +0000[diff] [blame]59 virtio::{
60 pci::{self, PciTransportIterator, VirtIOSocket},
61 HalImpl,
62 },
Alice Wang4b3cc112023-06-06 12:22:53 +0000[diff] [blame]63};
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]64
Alice Wanga2228b92024-07-26 08:38:47 +0000[diff] [blame]65fn host_addr(fdt: &libfdt::Fdt) -> Result<VsockAddr> {
66 Ok(VsockAddr { cid: VMADDR_CID_HOST, port: vm_type(fdt)?.port() })
Alice Wang4e082c32023-07-11 07:41:50 +0000[diff] [blame]67}
68
Alice Wanga2228b92024-07-26 08:38:47 +0000[diff] [blame]69fn vm_type(fdt: &libfdt::Fdt) -> Result<VmType> {
70 if read_is_strict_boot(fdt)? {
71 Ok(VmType::ProtectedVm)
Alice Wang1d9a5872023-09-06 14:32:36 +0000[diff] [blame]72 } else {
Alice Wanga2228b92024-07-26 08:38:47 +0000[diff] [blame]73 Ok(VmType::NonProtectedVm)
Alice Wang1d9a5872023-09-06 14:32:36 +0000[diff] [blame]74 }
Alice Wang4e082c32023-07-11 07:41:50 +0000[diff] [blame]75}
76
Alice Wangdda3ba92023-05-25 15:15:30 +0000[diff] [blame]77/// # Safety
78///
79/// Behavior is undefined if any of the following conditions are violated:
80/// * The `fdt_addr` must be a valid pointer and points to a valid `Fdt`.
81unsafe fn try_main(fdt_addr: usize) -> Result<()> {
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]82 info!("Welcome to Rialto!");
Alice Wang74f7f4b2023-06-13 08:24:50 +0000[diff] [blame]83
Pierre-Clément Tosic26e2202024-11-01 23:12:23 +0000[diff] [blame]84 let fdt_size = NonZeroUsize::new(crosvm::FDT_MAX_SIZE).unwrap();
85 map_rodata(fdt_addr, fdt_size)?;
Alice Wang74f7f4b2023-06-13 08:24:50 +0000[diff] [blame]86 // SAFETY: The tracker validated the range to be in main memory, mapped, and not overlap.
Pierre-Clément Tosic26e2202024-11-01 23:12:23 +0000[diff] [blame]87 let fdt = unsafe { slice::from_raw_parts(fdt_addr as *mut u8, fdt_size.into()) };
Alice Wang674257a2023-06-13 09:44:53 +0000[diff] [blame]88 // We do not need to validate the DT since it is already validated in pvmfw.
Alice Wang74f7f4b2023-06-13 08:24:50 +0000[diff] [blame]89 let fdt = libfdt::Fdt::from_slice(fdt)?;
Alice Wang74f7f4b2023-06-13 08:24:50 +0000[diff] [blame]90
Alice Wang674257a2023-06-13 09:44:53 +0000[diff] [blame]91 let memory_range = fdt.first_memory_range()?;
Pierre-Clément Tosic26e2202024-11-01 23:12:23 +0000[diff] [blame]92 resize_available_memory(&memory_range).inspect_err(|_| {
Alice Wang674257a2023-06-13 09:44:53 +0000[diff] [blame]93 error!("Failed to use memory range value from DT: {memory_range:#x?}");
Alice Wang674257a2023-06-13 09:44:53 +0000[diff] [blame]94 })?;
Alice Wangb6d2c642023-06-13 13:07:06 +0000[diff] [blame]95
Pierre-Clément Tosic26e2202024-11-01 23:12:23 +0000[diff] [blame]96 let swiotlb_range = SwiotlbInfo::new_from_fdt(fdt)
97 .inspect_err(|_| {
98 error!("Rialto failed when access swiotlb");
99 })?
100 .and_then(|info| info.fixed_range());
101 init_shared_pool(swiotlb_range).inspect_err(|_| {
102 error!("Failed to initialize shared pool.");
103 })?;
Alice Wang7b2ab942023-09-12 13:04:42 +0000[diff] [blame]104
Alice Wanga2228b92024-07-26 08:38:47 +0000[diff] [blame]105 let bcc_handover: Box<dyn DiceArtifacts> = match vm_type(fdt)? {
Alice Wang474c0ee2023-09-14 12:52:33 +0000[diff] [blame]106 VmType::ProtectedVm => {
107 let dice_range = read_dice_range_from(fdt)?;
108 info!("DICE range: {dice_range:#x?}");
Pierre-Clément Tosic26e2202024-11-01 23:12:23 +0000[diff] [blame]109 let dice_size = dice_range.len().try_into().unwrap();
110 // SAFETY: The DICE memory region has been generated by pvmfw and doesn't overlap.
111 unsafe { map_rodata_outside_main_memory(dice_range.start, dice_size) }.inspect_err(
112 |_| {
113 error!("Failed to use DICE range from DT: {dice_range:#x?}");
114 },
115 )?;
Alice Wang9f3ca832023-09-20 09:33:14 +0000[diff] [blame]116 let dice_start = dice_range.start as *const u8;
117 // SAFETY: There's no memory overlap and the region is mapped as read-only data.
118 let bcc_handover = unsafe { slice::from_raw_parts(dice_start, dice_range.len()) };
Alice Wang77639bf2023-09-21 06:57:12 +0000[diff] [blame]119 Box::new(bcc_handover_parse(bcc_handover)?)
Alice Wang474c0ee2023-09-14 12:52:33 +0000[diff] [blame]120 }
Alice Wang77639bf2023-09-21 06:57:12 +0000[diff] [blame]121 // Currently, a sample DICE data is used for non-protected VMs, as these VMs only run
122 // in tests at the moment.
Alice Wang4ac9c8b2023-12-05 16:23:14 +0000[diff] [blame]123 VmType::NonProtectedVm => Box::new(service_vm::fake_service_vm_dice_artifacts()?),
Alice Wang474c0ee2023-09-14 12:52:33 +0000[diff] [blame]124 };
Alice Wangd36c7112023-07-04 09:50:45 +0000[diff] [blame]125
126 let pci_info = PciInfo::from_fdt(fdt)?;
127 debug!("PCI: {pci_info:#x?}");
Pierre-Clément Tosic26e2202024-11-01 23:12:23 +0000[diff] [blame]128 let mut pci_root = pci::initialize(pci_info).map_err(Error::PciInitializationFailed)?;
Alice Wang62183352023-07-04 08:33:27 +0000[diff] [blame]129 let socket_device = find_socket_device::<HalImpl>(&mut pci_root)?;
130 debug!("Found socket device: guest cid = {:?}", socket_device.guest_cid());
Alice Wang9eebbab2024-04-10 14:57:27 +0000[diff] [blame]131 let vendor_hashtree_root_digest = read_vendor_hashtree_root_digest(fdt)?;
132 let request_context =
133 RequestContext { dice_artifacts: bcc_handover.as_ref(), vendor_hashtree_root_digest };
Alice Wang4e082c32023-07-11 07:41:50 +0000[diff] [blame]134
Alice Wanga2228b92024-07-26 08:38:47 +0000[diff] [blame]135 let mut vsock_stream = VsockStream::new(socket_device, host_addr(fdt)?)?;
Alice Wangfbdc85b2023-09-07 12:56:46 +0000[diff] [blame]136 while let ServiceVmRequest::Process(req) = vsock_stream.read_request()? {
Alice Wang2e6cdc12024-02-19 11:36:36 +0000[diff] [blame]137 info!("Received request: {}", req.name());
Alice Wang9eebbab2024-04-10 14:57:27 +0000[diff] [blame]138 let response = process_request(req, &request_context);
Alice Wang2e6cdc12024-02-19 11:36:36 +0000[diff] [blame]139 info!("Sending response: {}", response.name());
Alice Wangfbdc85b2023-09-07 12:56:46 +0000[diff] [blame]140 vsock_stream.write_response(&response)?;
141 vsock_stream.flush()?;
142 }
Alice Wang748b0322023-07-24 12:51:18 +0000[diff] [blame]143 vsock_stream.shutdown()?;
Alice Wang4e082c32023-07-11 07:41:50 +0000[diff] [blame]144
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]145 Ok(())
146}
147
Andrew Walbraneb75fb92024-12-13 15:37:30 +0000[diff] [blame]148fn find_socket_device<T: Hal>(
149 pci_root: &mut PciRoot<impl ConfigurationAccess>,
150) -> Result<VirtIOSocket<T>> {
151 PciTransportIterator::<T, _>::new(pci_root)
Alice Wang62183352023-07-04 08:33:27 +0000[diff] [blame]152 .find(|t| DeviceType::Socket == t.device_type())
153 .map(VirtIOSocket::<T>::new)
154 .transpose()
155 .map_err(Error::VirtIOSocketCreationFailed)?
156 .ok_or(Error::MissingVirtIOSocketDevice)
157}
158
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]159/// Entry point for Rialto.
Alice Wangdda3ba92023-05-25 15:15:30 +0000[diff] [blame]160pub fn main(fdt_addr: u64, _a1: u64, _a2: u64, _a3: u64) {
Pierre-Clément Tosid3305482023-06-29 15:03:48 +0000[diff] [blame]161 log::set_max_level(log::LevelFilter::Debug);
Alice Wangdda3ba92023-05-25 15:15:30 +0000[diff] [blame]162 // SAFETY: `fdt_addr` is supposed to be a valid pointer and points to
163 // a valid `Fdt`.
Pierre-Clément Tosi38b6c782024-11-02 13:47:42 +0000[diff] [blame]164 if let Err(e) = unsafe { try_main(fdt_addr as usize) } {
165 error!("Rialto failed with {e}");
166 reboot()
Alice Wang9a8b39f2023-04-12 15:31:48 +0000[diff] [blame]167 }
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]168}
169
Frederick Mayle75842402024-08-05 19:32:08 -0700[diff] [blame]170generate_image_header!();
David Brazdil66fc1202022-07-04 21:48:45 +0100[diff] [blame]171main!(main);
Alice Wang65ea4cb2024-04-30 10:07:51 +0000[diff] [blame]172configure_heap!(SIZE_128KB * 2);