Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / a5604dc96f9892da8b9cc7848e9c8a9f0f1e7de8 / . / guest / pvmfw / src / main.rs
blob: d83df5c0cd6f12abd18bc0e9a51a678f4dff15ed [file] [log] [blame]
Andrew Walbran68a8c162022-03-07 15:38:42 +0000[diff] [blame]1// Copyright 2022, The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15//! pVM firmware.
16
17#![no_main]
18#![no_std]
19
Pierre-Clément Tosidb74cb12022-12-08 13:56:25 +0000[diff] [blame]20extern crate alloc;
21
Michał Mazurek8a45d0a2024-11-29 10:38:55 +0100[diff] [blame]22mod arch;
Jiyong Parkc5d2ef22023-04-11 01:23:46 +0900[diff] [blame]23mod bootargs;
Pierre-Clément Tosi20b60962022-10-17 13:35:27 +0100[diff] [blame]24mod config;
Jaewan Kimc6e023b2023-10-12 15:11:05 +0900[diff] [blame]25mod device_assignment;
Pierre-Clément Tosi4f4f5eb2022-12-08 14:31:42 +0000[diff] [blame]26mod dice;
Pierre-Clément Tosi5bbfca52022-10-21 12:14:35 +0100[diff] [blame]27mod entry;
Pierre-Clément Tosia0934c12022-11-25 20:54:11 +0000[diff] [blame]28mod fdt;
Pierre-Clément Tosi1cc5eb72023-02-02 11:09:18 +0000[diff] [blame]29mod gpt;
Pierre-Clément Tosi1cc5eb72023-02-02 11:09:18 +0000[diff] [blame]30mod instance;
Pierre-Clément Tosia0934c12022-11-25 20:54:11 +0000[diff] [blame]31mod memory;
Pierre-Clément Tosi10bea6f2024-11-26 22:04:10 +0000[diff] [blame]32mod rollback;
Andrew Walbran68a8c162022-03-07 15:38:42 +0000[diff] [blame]33
Pierre-Clément Tosi520664c2025-03-03 11:51:53 -0800[diff] [blame]34use crate::dice::{DiceChainInfo, PartialInputs};
Pierre-Clément Tosi4ba79662023-02-13 11:22:41 +0000[diff] [blame]35use crate::entry::RebootReason;
Pierre-Clément Tosi3729f652024-11-19 15:25:37 +0000[diff] [blame]36use crate::fdt::{modify_for_next_stage, read_instance_id, sanitize_device_tree};
Pierre-Clément Tosi10bea6f2024-11-26 22:04:10 +0000[diff] [blame]37use crate::rollback::perform_rollback_protection;
Alan Stokes7f27c0d2023-09-07 16:22:58 +0100[diff] [blame]38use alloc::borrow::Cow;
Alan Stokes4db76eb2023-04-26 14:28:15 +0100[diff] [blame]39use alloc::boxed::Box;
Pierre-Clément Tosi65250402025-03-21 16:36:58 +0000[diff] [blame]40use alloc::vec::Vec;
Shikha Panwar73ba0d42024-03-20 14:43:21 +0000[diff] [blame]41use bssl_avf::Digester;
Pierre-Clément Tosi65250402025-03-21 16:36:58 +0000[diff] [blame]42use diced_open_dice::{
43 bcc_handover_parse, DiceArtifacts, DiceContext, Hidden, HIDDEN_SIZE, VM_KEY_ALGORITHM,
44};
Pierre-Clément Tosi3729f652024-11-19 15:25:37 +0000[diff] [blame]45use libfdt::Fdt;
Alan Stokes4db76eb2023-04-26 14:28:15 +0100[diff] [blame]46use log::{debug, error, info, trace, warn};
Pierre-Clément Tosi2d652982023-01-09 19:30:17 +0000[diff] [blame]47use pvmfw_avb::verify_payload;
Jiyong Parkc5d2ef22023-04-11 01:23:46 +0900[diff] [blame]48use pvmfw_avb::DebugLevel;
Pierre-Clément Tosi49cf1272025-03-21 16:38:15 +0000[diff] [blame]49use pvmfw_avb::VerifiedBootData;
Alice Wang0aa30322023-01-31 11:00:10 +0000[diff] [blame]50use pvmfw_embedded_key::PUBLIC_KEY;
Pierre-Clément Tosic332fae2023-06-22 11:37:12 +0000[diff] [blame]51use vmbase::heap;
Pierre-Clément Tosiba666fe2024-11-19 16:44:33 +0000[diff] [blame]52use vmbase::memory::{flush, SIZE_4KB};
Pierre-Clément Tosi80251972023-07-12 12:51:12 +0000[diff] [blame]53use vmbase::rand;
Andrew Walbran68a8c162022-03-07 15:38:42 +0000[diff] [blame]54
Pierre-Clément Tosibfa40602024-12-09 20:13:57 +0000[diff] [blame]55fn main<'a>(
Pierre-Clément Tosi92778802024-11-19 17:36:14 +0000[diff] [blame]56 untrusted_fdt: &mut Fdt,
Alice Wang28cbcf12022-12-01 07:58:28 +0000[diff] [blame]57 signed_kernel: &[u8],
58 ramdisk: Option<&[u8]>,
Pierre-Clément Tosia5604dc2025-03-21 19:09:02 +0000[diff] [blame^]59 current_dice_handover: Option<&[u8]>,
Alan Stokes65618332023-12-15 14:09:25 +0000[diff] [blame]60 mut debug_policy: Option<&[u8]>,
Pierre-Clément Tosi92778802024-11-19 17:36:14 +0000[diff] [blame]61 vm_dtbo: Option<&mut [u8]>,
62 vm_ref_dt: Option<&[u8]>,
Pierre-Clément Tosi959e7aa2025-03-21 18:47:20 +0000[diff] [blame]63) -> Result<(Option<&'a [u8]>, bool), RebootReason> {
Pierre-Clément Tosi37105a62022-10-18 12:21:48 +0100[diff] [blame]64 info!("pVM firmware");
Pierre-Clément Tosi92778802024-11-19 17:36:14 +0000[diff] [blame]65 debug!("FDT: {:?}", untrusted_fdt.as_ptr());
Pierre-Clément Tosia0934c12022-11-25 20:54:11 +0000[diff] [blame]66 debug!("Signed kernel: {:?} ({:#x} bytes)", signed_kernel.as_ptr(), signed_kernel.len());
Alice Wanga78279c2022-12-16 12:41:19 +0000[diff] [blame]67 debug!("AVB public key: addr={:?}, size={:#x} ({1})", PUBLIC_KEY.as_ptr(), PUBLIC_KEY.len());
Pierre-Clément Tosia0934c12022-11-25 20:54:11 +0000[diff] [blame]68 if let Some(rd) = ramdisk {
69 debug!("Ramdisk: {:?} ({:#x} bytes)", rd.as_ptr(), rd.len());
70 } else {
71 debug!("Ramdisk: None");
72 }
Alan Stokes4db76eb2023-04-26 14:28:15 +0100[diff] [blame]73
Pierre-Clément Tosia5604dc2025-03-21 19:09:02 +0000[diff] [blame^]74 let (parsed_dice, dice_debug_mode) = parse_dice_handover(current_dice_handover)?;
Alan Stokes4db76eb2023-04-26 14:28:15 +0100[diff] [blame]75
76 // The bootloader should never pass us a debug policy when the boot is secure (the bootloader
77 // is locked). If it gets it wrong, disregard it & log it, to avoid it causing problems.
Pierre-Clément Tosi65250402025-03-21 16:36:58 +0000[diff] [blame]78 if debug_policy.is_some() && !dice_debug_mode {
Pierre-Clément Tosi520664c2025-03-03 11:51:53 -0800[diff] [blame]79 warn!("Ignoring debug policy, DICE handover does not indicate Debug mode");
Alan Stokes4db76eb2023-04-26 14:28:15 +0100[diff] [blame]80 debug_policy = None;
Alan Stokesd1ee63e2023-04-24 16:17:39 +0100[diff] [blame]81 }
82
Pierre-Clément Tosi959e7aa2025-03-21 18:47:20 +0000[diff] [blame]83 let (verified_boot_data, debuggable, guest_page_size) = {
84 let (dat, debug, sz) = perform_verified_boot(signed_kernel, ramdisk)?;
85 (Some(dat), debug, sz)
86 };
Pierre-Clément Tosi2d652982023-01-09 19:30:17 +0000[diff] [blame]87
Pierre-Clément Tosia30121b2025-03-12 11:30:32 +0000[diff] [blame]88 let hyp_page_size = hypervisor_backends::get_granule_size();
Pierre-Clément Tosic9edf0f2025-02-06 17:47:25 +0000[diff] [blame]89 let _ =
90 sanitize_device_tree(untrusted_fdt, vm_dtbo, vm_ref_dt, guest_page_size, hyp_page_size)?;
Pierre-Clément Tosi92778802024-11-19 17:36:14 +0000[diff] [blame]91 let fdt = untrusted_fdt; // DT has now been sanitized.
Pierre-Clément Tosi92778802024-11-19 17:36:14 +0000[diff] [blame]92
Pierre-Clément Tosi959e7aa2025-03-21 18:47:20 +0000[diff] [blame]93 let (next_dice_handover, new_instance) = if let Some(ref data) = verified_boot_data {
94 let instance_hash = salt_from_instance_id(fdt)?;
95 let dice_inputs = PartialInputs::new(data, instance_hash).map_err(|e| {
96 error!("Failed to compute partial DICE inputs: {e:?}");
97 RebootReason::InternalError
98 })?;
Pierre-Clément Tosia5604dc2025-03-21 19:09:02 +0000[diff] [blame^]99 let (dice_handover_bytes, dice_cdi_seal, dice_context) =
100 parsed_dice.expect("Missing DICE values with VB data");
Pierre-Clément Tosi959e7aa2025-03-21 18:47:20 +0000[diff] [blame]101 let (new_instance, salt, defer_rollback_protection) =
102 perform_rollback_protection(fdt, data, &dice_inputs, &dice_cdi_seal)?;
103 trace!("Got salt for instance: {salt:x?}");
Shikha Panwar37490d42024-03-19 22:14:58 +0000[diff] [blame]104
Pierre-Clément Tosi959e7aa2025-03-21 18:47:20 +0000[diff] [blame]105 let next_dice_handover = perform_dice_derivation(
106 dice_handover_bytes.as_ref(),
107 dice_context,
108 dice_inputs,
109 &salt,
110 defer_rollback_protection,
111 guest_page_size,
112 guest_page_size,
113 )?;
Pierre-Clément Tosi1cc5eb72023-02-02 11:09:18 +0000[diff] [blame]114
Pierre-Clément Tosi959e7aa2025-03-21 18:47:20 +0000[diff] [blame]115 (Some(next_dice_handover), new_instance)
116 } else {
117 (None, true)
118 };
Pierre-Clément Tosidb74cb12022-12-08 13:56:25 +0000[diff] [blame]119
Pierre-Clément Tosi80251972023-07-12 12:51:12 +0000[diff] [blame]120 let kaslr_seed = u64::from_ne_bytes(rand::random_array().map_err(|e| {
121 error!("Failed to generated guest KASLR seed: {e}");
122 RebootReason::InternalError
123 })?);
Pierre-Clément Tosib2d8aa72023-02-17 15:22:50 +0000[diff] [blame]124 let strict_boot = true;
Pierre-Clément Tosi80251972023-07-12 12:51:12 +0000[diff] [blame]125 modify_for_next_stage(
126 fdt,
Pierre-Clément Tosi520664c2025-03-03 11:51:53 -0800[diff] [blame]127 next_dice_handover,
Pierre-Clément Tosi80251972023-07-12 12:51:12 +0000[diff] [blame]128 new_instance,
129 strict_boot,
130 debug_policy,
131 debuggable,
132 kaslr_seed,
133 )
134 .map_err(|e| {
135 error!("Failed to configure device tree: {e}");
136 RebootReason::InternalError
137 })?;
Pierre-Clément Tosidb74cb12022-12-08 13:56:25 +0000[diff] [blame]138
Alice Wang4379c832022-12-05 15:50:20 +0000[diff] [blame]139 info!("Starting payload...");
Pierre-Clément Tosi520664c2025-03-03 11:51:53 -0800[diff] [blame]140 Ok((next_dice_handover, debuggable))
Pierre-Clément Tosi263ffd52022-10-05 20:27:50 +0100[diff] [blame]141}
Andrew Walbrand1d03182022-12-09 18:20:01 +0000[diff] [blame]142
Pierre-Clément Tosi65250402025-03-21 16:36:58 +0000[diff] [blame]143fn parse_dice_handover(
Pierre-Clément Tosia5604dc2025-03-21 19:09:02 +0000[diff] [blame^]144 bytes: Option<&[u8]>,
145) -> Result<(Option<(Cow<'_, [u8]>, Vec<u8>, DiceContext)>, bool), RebootReason> {
146 let Some(bytes) = bytes else {
147 return Ok((None, false));
148 };
Pierre-Clément Tosi65250402025-03-21 16:36:58 +0000[diff] [blame]149 let dice_handover = bcc_handover_parse(bytes).map_err(|e| {
150 error!("Invalid DICE Handover: {e:?}");
151 RebootReason::InvalidDiceHandover
152 })?;
153 trace!("DICE handover: {dice_handover:x?}");
154
155 let dice_chain_info = DiceChainInfo::new(dice_handover.bcc()).map_err(|e| {
156 error!("{e}");
157 RebootReason::InvalidDiceHandover
158 })?;
159 let is_debug_mode = dice_chain_info.is_debug_mode();
160 let cose_alg = dice_chain_info.leaf_subject_pubkey().cose_alg;
161 trace!("DICE chain leaf subject public key algorithm: {:?}", cose_alg);
162
163 let dice_context = DiceContext {
164 authority_algorithm: cose_alg.try_into().map_err(|e| {
165 error!("{e}");
166 RebootReason::InternalError
167 })?,
168 subject_algorithm: VM_KEY_ALGORITHM,
169 };
170
171 let cdi_seal = dice_handover.cdi_seal().to_vec();
172
173 let bytes_for_next = if cfg!(dice_changes) {
174 Cow::Borrowed(bytes)
175 } else {
176 // It is possible that the DICE chain we were given is rooted in the UDS. We do not want to
177 // give such a chain to the payload, or even the associated CDIs. So remove the
178 // entire chain we were given and taint the CDIs. Note that the resulting CDIs are
179 // still deterministically derived from those we received, so will vary iff they do.
180 // TODO(b/280405545): Remove this post Android 14.
181 let truncated_bytes = dice::chain::truncate(dice_handover).map_err(|e| {
182 error!("{e}");
183 RebootReason::InternalError
184 })?;
185 Cow::Owned(truncated_bytes)
186 };
187
Pierre-Clément Tosia5604dc2025-03-21 19:09:02 +0000[diff] [blame^]188 Ok((Some((bytes_for_next, cdi_seal, dice_context)), is_debug_mode))
Pierre-Clément Tosi65250402025-03-21 16:36:58 +0000[diff] [blame]189}
190
191fn perform_dice_derivation<'a>(
192 dice_handover_bytes: &[u8],
193 dice_context: DiceContext,
194 dice_inputs: PartialInputs,
195 salt: &[u8; HIDDEN_SIZE],
196 defer_rollback_protection: bool,
197 next_handover_size: usize,
198 next_handover_align: usize,
199) -> Result<&'a [u8], RebootReason> {
200 let next_dice_handover = heap::aligned_boxed_slice(next_handover_size, next_handover_align)
201 .ok_or_else(|| {
202 error!("Failed to allocate the next-stage DICE handover");
203 RebootReason::InternalError
204 })?;
205 // By leaking the slice, its content will be left behind for the next stage.
206 let next_dice_handover = Box::leak(next_dice_handover);
207
208 dice_inputs
209 .write_next_handover(
210 dice_handover_bytes.as_ref(),
211 salt,
212 defer_rollback_protection,
213 next_dice_handover,
214 dice_context,
215 )
216 .map_err(|e| {
217 error!("Failed to derive next-stage DICE secrets: {e:?}");
218 RebootReason::SecretDerivationError
219 })?;
220 flush(next_dice_handover);
221 Ok(next_dice_handover)
222}
223
Pierre-Clément Tosi49cf1272025-03-21 16:38:15 +0000[diff] [blame]224fn perform_verified_boot<'a>(
225 signed_kernel: &[u8],
226 ramdisk: Option<&[u8]>,
227) -> Result<(VerifiedBootData<'a>, bool, usize), RebootReason> {
228 let verified_boot_data = verify_payload(signed_kernel, ramdisk, PUBLIC_KEY).map_err(|e| {
229 error!("Failed to verify the payload: {e}");
230 RebootReason::PayloadVerificationError
231 })?;
232 let debuggable = verified_boot_data.debug_level != DebugLevel::None;
233 if debuggable {
234 info!("Successfully verified a debuggable payload.");
235 info!("Please disregard any previous libavb ERROR about initrd_normal.");
236 }
237 let guest_page_size = verified_boot_data.page_size.unwrap_or(SIZE_4KB);
238
239 Ok((verified_boot_data, debuggable, guest_page_size))
240}
241
Shikha Panwar73ba0d42024-03-20 14:43:21 +0000[diff] [blame]242// Get the "salt" which is one of the input for DICE derivation.
243// This provides differentiation of secrets for different VM instances with same payloads.
Pierre-Clément Tosif89759c2024-11-19 15:25:37 +0000[diff] [blame]244fn salt_from_instance_id(fdt: &Fdt) -> Result<Option<Hidden>, RebootReason> {
Pierre-Clément Tosi3729f652024-11-19 15:25:37 +0000[diff] [blame]245 let Some(id) = read_instance_id(fdt).map_err(|e| {
246 error!("Failed to get instance-id in DT: {e}");
247 RebootReason::InvalidFdt
248 })?
249 else {
250 return Ok(None);
251 };
Shikha Panwar73ba0d42024-03-20 14:43:21 +0000[diff] [blame]252 let salt = Digester::sha512()
253 .digest(&[&b"InstanceId:"[..], id].concat())
254 .map_err(|e| {
255 error!("Failed to get digest of instance-id: {e}");
256 RebootReason::InternalError
257 })?
258 .try_into()
259 .map_err(|_| RebootReason::InternalError)?;
Pierre-Clément Tosif89759c2024-11-19 15:25:37 +0000[diff] [blame]260 Ok(Some(salt))
Shikha Panwar73ba0d42024-03-20 14:43:21 +0000[diff] [blame]261}