Blame - pvmfw/avb/src/verify.rs - android_packages_modules_Virtualization

blob: 7f3ba3db95bf6a6815e0e73d82eaf9f1bfff905b [file] [log] [blame]

Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	1	// Copyright 2022, The Android Open Source Project
				2	//
				3	// Licensed under the Apache License, Version 2.0 (the "License");
				4	// you may not use this file except in compliance with the License.
				5	// You may obtain a copy of the License at
				6	//
				7	// http://www.apache.org/licenses/LICENSE-2.0
				8	//
				9	// Unless required by applicable law or agreed to in writing, software
				10	// distributed under the License is distributed on an "AS IS" BASIS,
				11	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				12	// See the License for the specific language governing permissions and
				13	// limitations under the License.
				14
Alice Wang	f3d96b1	2022-12-15 13:10:47 +0000	[diff] [blame^]	15	//! This module handles the pvmfw payload verification.
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	16
Alice Wang	f3d96b1	2022-12-15 13:10:47 +0000	[diff] [blame^]	17	use avb_bindgen::AvbSlotVerifyResult;
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	18	use core::fmt;
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	19
				20	/// Error code from AVB image verification.
Alice Wang	f3d96b1	2022-12-15 13:10:47 +0000	[diff] [blame^]	21	#[derive(Clone, Debug)]
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	22	pub enum AvbImageVerifyError {
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	23	/// AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_ARGUMENT
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	24	InvalidArgument,
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	25	/// AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	26	InvalidMetadata,
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	27	/// AVB_SLOT_VERIFY_RESULT_ERROR_IO
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	28	Io,
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	29	/// AVB_SLOT_VERIFY_RESULT_ERROR_OOM
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	30	Oom,
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	31	/// AVB_SLOT_VERIFY_RESULT_ERROR_PUBLIC_KEY_REJECTED
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	32	PublicKeyRejected,
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	33	/// AVB_SLOT_VERIFY_RESULT_ERROR_ROLLBACK_INDEX
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	34	RollbackIndex,
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	35	/// AVB_SLOT_VERIFY_RESULT_ERROR_UNSUPPORTED_VERSION
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	36	UnsupportedVersion,
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	37	/// AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	38	Verification,
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	39	}
				40
Alice Wang	f3d96b1	2022-12-15 13:10:47 +0000	[diff] [blame^]	41	impl fmt::Display for AvbImageVerifyError {
				42	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
				43	match self {
				44	Self::InvalidArgument => write!(f, "Invalid parameters."),
				45	Self::InvalidMetadata => write!(f, "Invalid metadata."),
				46	Self::Io => write!(f, "I/O error while trying to load data or get a rollback index."),
				47	Self::Oom => write!(f, "Unable to allocate memory."),
				48	Self::PublicKeyRejected => write!(f, "Public key rejected or data not signed."),
				49	Self::RollbackIndex => write!(f, "Rollback index is less than its stored value."),
				50	Self::UnsupportedVersion => write!(
				51	f,
				52	"Some of the metadata requires a newer version of libavb than what is in use."
				53	),
				54	Self::Verification => write!(f, "Data does not verify."),
				55	}
				56	}
				57	}
				58
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	59	fn to_avb_verify_result(result: AvbSlotVerifyResult) -> Result<(), AvbImageVerifyError> {
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	60	match result {
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	61	AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_OK => Ok(()),
				62	AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_ARGUMENT => {
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	63	Err(AvbImageVerifyError::InvalidArgument)
				64	}
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	65	AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_ERROR_INVALID_METADATA => {
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	66	Err(AvbImageVerifyError::InvalidMetadata)
				67	}
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	68	AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_ERROR_IO => Err(AvbImageVerifyError::Io),
				69	AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_ERROR_OOM => Err(AvbImageVerifyError::Oom),
				70	AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_ERROR_PUBLIC_KEY_REJECTED => {
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	71	Err(AvbImageVerifyError::PublicKeyRejected)
				72	}
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	73	AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_ERROR_ROLLBACK_INDEX => {
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	74	Err(AvbImageVerifyError::RollbackIndex)
				75	}
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	76	AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_ERROR_UNSUPPORTED_VERSION => {
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	77	Err(AvbImageVerifyError::UnsupportedVersion)
				78	}
Alice Wang	dc63fe0	2022-12-15 08:49:57 +0000	[diff] [blame]	79	AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION => {
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	80	Err(AvbImageVerifyError::Verification)
				81	}
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	82	}
				83	}
				84
Alice Wang	f3d96b1	2022-12-15 13:10:47 +0000	[diff] [blame^]	85	/// Verifies the payload (signed kernel + initrd) against the trusted public key.
				86	pub fn verify_payload(_public_key: &[u8]) -> Result<(), AvbImageVerifyError> {
				87	// TODO(b/256148034): Verify the kernel image with avb_slot_verify()
				88	// let result = unsafe {
				89	// avb_slot_verify(
				90	// &mut avb_ops,
				91	// requested_partitions.as_ptr(),
				92	// ab_suffix.as_ptr(),
				93	// flags,
				94	// hashtree_error_mode,
				95	// null_mut(),
				96	// )
				97	// };
				98	let result = AvbSlotVerifyResult::AVB_SLOT_VERIFY_RESULT_OK;
				99	to_avb_verify_result(result)
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	100	}
				101
Alice Wang	f3d96b1	2022-12-15 13:10:47 +0000	[diff] [blame^]	102	#[cfg(test)]
				103	mod tests {
				104	use super::*;
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	105
Alice Wang	f3d96b1	2022-12-15 13:10:47 +0000	[diff] [blame^]	106	// TODO(b/256148034): Test verification succeeds with valid payload later.
				107	#[test]
				108	fn verification_succeeds_with_placeholder_input() {
				109	let fake_public_key = [0u8; 2];
				110	assert!(verify_payload(&fake_public_key).is_ok());
Alice Wang	28cbcf1	2022-12-01 07:58:28 +0000	[diff] [blame]	111	}
				112	}