pa-fazil
/
android_packages_modules_Virtualization
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
android_packages_modules_Vi.../pvmfw/Android.bp

197 lines
5.1 KiB
Plaintext
Raw Normal View History

[LSC] Add LOCAL_LICENSE_KINDS to packages/modules/Virtualization Added SPDX-license-identifier-Apache-2.0 to: pvmfw/Android.bp Bug: 68860345 Bug: 151177513 Bug: 151953481 Test: m all Change-Id: I19cb30f64958f741cdb1612639854877184981c8
2022-04-07 17:44:22 +00:00
package {
default_applicable_licenses: ["Android-Apache-2.0"],
}
Start on pVM firmware in Rust. For now it is just the Rust entry point. This needs to be linked against some assembly code to initialise everything first. Bug: 223166344 Test: m libpvmfw Change-Id: I50a29a59a1aa60afb8a8ecc7db7fc57eb2a47c4b
2022-03-07 15:38:42 +00:00
rust_ffi_static {
name: "libpvmfw",
crate_name: "pvmfw",
vmbase/pvmfw: Extract common build properties to defaults All vmbase-based projects follow the same structure of build targets. Extract common properties of their build rules into defaults. vmbase_rust_defaults: rust_* targets, no-std, arm64 only vmbase_cc_defaults: cc_* targets, no std, arm64 only vmbase_elf_defaults: cc_binary, arm64 only, link vmbase_entry Test: m pvmfw vmbase_example Change-Id: I635ce939fd349b9ce02d20c26e48a95e8b84ca50
2022-07-07 14:30:14 +00:00
defaults: ["vmbase_ffi_defaults"],
Start on pVM firmware in Rust. For now it is just the Rust entry point. This needs to be linked against some assembly code to initialise everything first. Bug: 223166344 Test: m libpvmfw Change-Id: I50a29a59a1aa60afb8a8ecc7db7fc57eb2a47c4b
2022-03-07 15:38:42 +00:00
srcs: ["src/main.rs"],
edition: "2021",
Require unsafe blocks in unsafe functions Some hopefully harmless refactoring. Only minor behavioral changes are introduced. Turn on the unsafe_op_in_unsafe_fn lint, treated as an error, for all our low-level code, to ensure that unsafe code is properly highlighted & commented even inside unsafe functions. I've moved the setting from the code to the blueprint in order to make it the default for new code, and reduce clutter. Add unsafe blocks as required to fix all the errors that this surfaced, with appropriate safety comments. I've tried to keep them as small as possible. Slightly to my surprise I removed the unsafe marker from malloc_ (and renamed it in passing); I believe it has no preconditions and is always safe - although doing anything with the returned memory wouldn't be. Bug: 275693559 Test: flash pvmfw, atest MicrodroidTests Change-Id: Ia6f39102caea05c6517bc7500914b7fe7025286c
2023-04-14 16:59:50 +00:00
// Require unsafe blocks for inside unsafe functions.
flags: ["-Dunsafe_op_in_unsafe_fn"],
pvmfw: Expect an appended BCC In Android T, the BCC was passed by the platform to pvmfw by appending it to its binary at load time. Expect this behavior and make use of the BCC in main() by logging the slice, for now. Add the 'legacy' feature to control support for legacy interfaces; it is intended to be disabled in the future. Bug: 256827715 Test: atest MicrodroidTestApp Change-Id: I4d0cfb028e42f2f7f5d343a941124f64d4d93f9a
2022-10-17 12:35:27 +00:00
features: [
"legacy",
],
Add minimal UART driver for console. Bug: 223166344 Test: Ran unprotected VM under crosvm. Change-Id: I4e779ab0c87597db9384247f269b2b28f6e18b30
2022-03-15 17:32:53 +00:00
rustlibs: [
pvmfw: Support managing page tables dynamically Integrate the aarch64_paging crate to allow mapping/unmapping regions of memory as necessary. Bug: 249054080 Bug: 249723852 Bug: 256827715 Test: atest MicrodroidTestApp Change-Id: I97947c3852d4748bc29ce00709b4cec2d236e5a7
2022-11-03 14:16:46 +00:00
"libaarch64_paging",
pvmfw: Encrypt instance.img entries As the host owns the files backing the virtio-blk devices, encrypt the entries in a tamper-evident way. Derive the private key used for encryption from the sealing CDI. Note that this patch uses a _randnonce() AEAD but doesn't provide entropy, which will be added in a future patch. Implement a wrapper for BoringSSL AEAD functions, key derivation, hashing, and error handling. Implement the CRYPTO_sysrand* symbols those require. Add sterror(), required by ERR_reason_error_string, to vmbase instead of using the Bionic version, which is harder to integrate due to thread-safety support and TLS layout. Error reporting also requires the standard bsearch() function. Note: Entries added to an instance.img before applying this patch will now be rejected. Bug: 249723852 Test: atest MicrodroidHostTests Change-Id: If41aa8e1961121d9aee116c14b54d983dd10f61e
2023-02-17 11:19:56 +00:00
"libbssl_ffi_nostd",
pvmfw: Integrate buddy_system_allocator Add support for heap allocation. Test: atest MicrodroidTestApp Change-Id: I6b4df790b3cd86fe29db87dd312d5c671548e607
2022-10-20 11:22:23 +00:00
"libbuddy_system_allocator",
Add Ciborium to pvmfw Import Ciborium to enable us to validate & manipulate the BCC CBOR. Initially we do very minimal verification, just to prove that we can call into the crate. Bug: 266172411 Test: atest MicrodroidTests Change-Id: Iaa78f9fc4f9b5c32e26c54eafc45bf5b29046f1e Merged-In: Iaa78f9fc4f9b5c32e26c54eafc45bf5b29046f1e
2023-04-24 15:17:39 +00:00
"libciborium_nostd",
"libciborium_io_nostd",
[dice] Move hash function to the library libdiced_open_dice And migrate the usage of the original function to the new one. This is part of the project of merging the two existing dice wrapper libraries into one library. The upstream library libdiced_open_dice will be the merged library. Test: atest diced_utils_test diced_sample_inputs_test \ diced_test diced_vendor_test diced_open_dice_cbor_test Test: m pvmfw_img && m microdroid_manager Test: atest microdroid_manager_test vmbase_example.integration_test Bug: 267575445 Change-Id: Ic2c44b92dcc31bcc9c1fcd2317ae8058ef84faf6
2023-02-06 10:29:00 +00:00
"libdiced_open_dice_nostd",
Add new library to share FDT/PCI/VirtIO code. This is used both by the vmbase example and by the pVM firmware. Bug: 237249743 Test: Ran vmbase and pVM firmware manually Test: atest vmbase_example.integration_test Change-Id: Ia0e8e2434480bf6425c7396aa64cf2a1e9c520d7
2022-12-21 14:04:34 +00:00
"libfdtpci",
[pvmfw] Extract a library to support various hypervisor backends This cl extracts a library libhyp from pvmfw to support various hypervisor backends including kvm. Bug: 272226230 Test: m pvmfw_img Change-Id: I5307cb5d6cccc7a01af6bc9c46ae7111c0d51e93
2023-03-15 10:46:12 +00:00
"libhyp",
pvmfw: Add MemoryTracker & MemorySlices Add support for dynamically validating, mapping, and allocating non-overlapping slices of main RAM in a safe manner in MemoryTracker and use it in MemorySlices for the regions of interest, located through the inputs. Bug: 256148034 Bug: 249054080 Bug: 256827715 Test: atest MicrodroidTestApp Change-Id: I25f8db10df763c0473c281bf96f30e6b5fbe1619
2022-11-25 20:54:11 +00:00
"liblibfdt",
pvmfw: Use vmbase::logger and the log API For now, initialize the logger to print any log entry. Replace all println!() with their appropriate corresponding log macro. Rework the main() bootflow to have a single reboot() point. Test: - Change-Id: I3633b7f4c406887c6a810c43f2ec5a6ccf4b7907
2022-10-18 11:21:48 +00:00
"liblog_rust_nostd",
Validate that PCI MMIO regions are within the expected range. Bug: 237249346 Test: Built and ran pVM firmware manually Change-Id: Ic506486c8961f40fa6f08c602813bf17796be8e7
2023-01-24 14:45:46 +00:00
"libonce_cell_nostd",
Use new psci::smccc error handling rather than smccc library. Test: Built pvmfw and rialto Change-Id: I79eb0ca966a6e970dde1c1d73a55db38c549df5c
2023-04-17 14:26:23 +00:00
"libpsci",
pvmfw: Integrate verify_payload Call the payload verification function that has until now been developed in userspace, as part of libpvmfw_avb_nostd. Bug: 256148034 Test: atest MicrodroidHostTests Change-Id: I899084346156a341e91dc8dbf7f04093f8331925
2023-01-09 19:30:17 +00:00
"libpvmfw_avb_nostd",
pvmfw: Use pvmfw_embedded_key from Rust pvmfw will need the key to validate AVB-signed images so wrap it in a rlib to import it into Rust code while making sure Soong is aware of the dependency and handles file paths. As this will be used in the context of AVB, create the module and re-export the PUBLIC_KEY from there. Use a debug! statement in main() to ensure that the key is kept in the final binary by the toolchain. Bug: 255575669 Test: m pvmfw_bin # verify that it contains testkey_rsa4096_pub.bin Change-Id: I840a32a39f113d6becd50bea42b8552e551fee5f
2022-10-26 16:40:50 +00:00
"libpvmfw_embedded_key",
Embed the compiled template DT into pvmfw Specifically, the source dts file is pre-processed by clang to use some macros from the ARM dt-bindings headers. Then it is actually compiled into dtbo via the dtc compiler. Then create a rust source file where the content of the dtbo file is written as a byte array. Bug: 249054080 Test: m pvmfw Change-Id: Ib3ab38a10b27001c3e0ee43b3526fc624f8d1a03
2023-02-24 17:15:44 +00:00
"libpvmfw_fdt_template",
pvmfw: Support instance.img for storing DICE salt On boot, attempt to read the DICE hidden input (salt) from persistent storage, in order to provide persistence of secrets across reboots of the same kernel/ramdisk images. To ensure that the salt is only re-used with the same preloaded images signed by the same authority, store the other DICE inputs so that they can be verified to match on the next boot. Implement support for parsing GUID Partition Tables (GPT) on top of virtio-blk, to locate, read from, and write to named partitions. Implement support for the instance.img format, defined by the AVF team, and conceptually acting as a filesystem within the GPT partition named "vm-instance", where each stage of the pVM boot process owns an entry (sometimes called a partition), identified through a UUID. As the host is in charge of providing the file backing the virtual disk, the content of the instance.img entry will be encrypted in a following commit. Bug: 262344886 Test: atest MicrodroidHostTests Change-Id: Ic43bb7780b5e106002590f9c97cd900c3ff5e3d9
2023-02-02 11:09:18 +00:00
"libstatic_assertions",
pvmfw: Use tinyvec::ArrayVec in MemoryTracker Instead of a DIY implementation, make use of the crate-provided struct. Test: atest MicrodroidTestApp Change-Id: I19418245f990a4be2300890767a1004e21b48ee7
2022-11-25 18:20:42 +00:00
"libtinyvec_nostd",
pvmfw: Support instance.img for storing DICE salt On boot, attempt to read the DICE hidden input (salt) from persistent storage, in order to provide persistence of secrets across reboots of the same kernel/ramdisk images. To ensure that the salt is only re-used with the same preloaded images signed by the same authority, store the other DICE inputs so that they can be verified to match on the next boot. Implement support for parsing GUID Partition Tables (GPT) on top of virtio-blk, to locate, read from, and write to named partitions. Implement support for the instance.img format, defined by the AVF team, and conceptually acting as a filesystem within the GPT partition named "vm-instance", where each stage of the pVM boot process owns an entry (sometimes called a partition), identified through a UUID. As the host is in charge of providing the file backing the virtual disk, the content of the instance.img entry will be encrypted in a following commit. Bug: 262344886 Test: atest MicrodroidHostTests Change-Id: Ic43bb7780b5e106002590f9c97cd900c3ff5e3d9
2023-02-02 11:09:18 +00:00
"libuuid_nostd",
Allocate BARs for all VirtIO PCI devices. Bug: 237249346 Test: Ran pVM firmware manually. Change-Id: I5bf4707b9f9edb020b96fa3db740c24a4c4b789b
2022-12-09 18:20:01 +00:00
"libvirtio_drivers",
Move common VM functionality into a library. Bug: 223166344 Test: Ran unprotected VM under crosvm. Change-Id: I3b027c3a5de037c2adc75cf816518d8db5e10587
2022-04-14 16:12:50 +00:00
"libvmbase",
Require unsafe blocks in unsafe functions Some hopefully harmless refactoring. Only minor behavioral changes are introduced. Turn on the unsafe_op_in_unsafe_fn lint, treated as an error, for all our low-level code, to ensure that unsafe code is properly highlighted & commented even inside unsafe functions. I've moved the setting from the code to the blueprint in order to make it the default for new code, and reduce clutter. Add unsafe blocks as required to fix all the errors that this surfaced, with appropriate safety comments. I've tried to keep them as small as possible. Slightly to my surprise I removed the unsafe marker from malloc_ (and renamed it in passing); I believe it has no preconditions and is always safe - although doing anything with the returned memory wouldn't be. Bug: 275693559 Test: flash pvmfw, atest MicrodroidTests Change-Id: Ia6f39102caea05c6517bc7500914b7fe7025286c
2023-04-14 16:59:50 +00:00
"libzerocopy_nostd",
pvmfw: Zeroize BCC before jumping to payload As the BCC contains secrets used by pvmfw, zeroize it (and flush to PoU) to ensure that we don't leak those secrets to the payload. Bug: 256827715 Test: Read BCC from payload Change-Id: I38a4296e51c18936b9d42da8e76517fc99a2b98f
2022-11-01 14:07:29 +00:00
"libzeroize_nostd",
pvmfw: Move MemoryTracker to a global variable Exception handlers that maniplulate memory need access to MemoryTracker. To prepare for the implementation of such handlers, move the MemoryTracker into a global variable, and wrap it with a SpinMutex. Bug: 245267332 Test: atest MicrodroidTestApp Change-Id: Ib5b16006e25addca991c6c6d7854c9368d60a28b
2023-04-20 08:51:10 +00:00
"libspin_nostd",
Add minimal UART driver for console. Bug: 223166344 Test: Ran unprotected VM under crosvm. Change-Id: I4e779ab0c87597db9384247f269b2b28f6e18b30
2022-03-15 17:32:53 +00:00
],
Start on pVM firmware in Rust. For now it is just the Rust entry point. This needs to be linked against some assembly code to initialise everything first. Bug: 223166344 Test: m libpvmfw Change-Id: I50a29a59a1aa60afb8a8ecc7db7fc57eb2a47c4b
2022-03-07 15:38:42 +00:00
}
Entry point for Rust pvmfw. Bug: 223166344 Test: Ran unprotected VM under crosvm. Change-Id: I89b1c01f9b1ae3bbbe477044f11ed8b87287535a
2022-03-22 15:57:34 +00:00
[pvmfw][microdroid] Make empty_file filegroup for reuse Test: m pvmfw_test microdroid_initrd_debuggable \ microdroid_initrd_normal Change-Id: I9767ee97900e1b9fa60c45eee8556012cb9e0c20
2023-04-11 17:03:42 +00:00
// Generates an empty file.
genrule {
name: "empty_file",
out: ["empty_file"],
cmd: "touch $(out)",
}
pvmfw: sanitize bootargs during the fdt sanitization, the bootargs string is parsed and then only the allowed args are filtered. crashkernel= and console= are conditionaly filtered; they are included only when the corresponding debug policy is turned on. Bug: 275306568 Test: inject foo=bar to bootargs and see if it's filtered out Change-Id: I617bbf888575674f9544fca9b2ea11a7795a6e95
2023-04-10 16:23:46 +00:00
rust_test {
name: "libpvmfw.bootargs.test",
host_supported: true,
// For now, only bootargs.rs is written to be conditionally compiled with std.
srcs: ["src/bootargs.rs"],
test_suites: ["general-tests"],
test_options: {
unit_test: true,
},
rustlibs: [
"libzeroize",
],
}
Entry point for Rust pvmfw. Bug: 223166344 Test: Ran unprotected VM under crosvm. Change-Id: I89b1c01f9b1ae3bbbe477044f11ed8b87287535a
2022-03-22 15:57:34 +00:00
cc_binary {
vmbase: Keep base target names for ELF not bin Rename the targets to be more consistent: - m pvmfw -> builds pvmfw - m pvmfw_bin -> builds pvmfw.bin - m pvmfw_img -> builds pvmfw.img Test: TH Change-Id: I3eaea21609166409c7b5bfe3aa9122c32b229521
2022-09-09 10:01:06 +00:00
name: "pvmfw",
vmbase/pvmfw: Extract common build properties to defaults All vmbase-based projects follow the same structure of build targets. Extract common properties of their build rules into defaults. vmbase_rust_defaults: rust_* targets, no-std, arm64 only vmbase_cc_defaults: cc_* targets, no std, arm64 only vmbase_elf_defaults: cc_binary, arm64 only, link vmbase_entry Test: m pvmfw vmbase_example Change-Id: I635ce939fd349b9ce02d20c26e48a95e8b84ca50
2022-07-07 14:30:14 +00:00
defaults: ["vmbase_elf_defaults"],
Entry point for Rust pvmfw. Bug: 223166344 Test: Ran unprotected VM under crosvm. Change-Id: I89b1c01f9b1ae3bbbe477044f11ed8b87287535a
2022-03-22 15:57:34 +00:00
srcs: [
Use hardcoded pagetable initially. This pagetable is built into the binary, and maps device memory and enough RAM for the DT and image. It can later be replaced by a proper pagetable built in Rust. Using a hardcoded pagetable means we avoid making any memory access before enabling it, which avoids a bunch of cache issues. Bug: 223166344 Test: Ran unprotected VM under crosvm. Change-Id: I567e377ab93881aa357428f750b11be6b3aad034
2022-03-24 11:26:36 +00:00
"idmap.S",
Entry point for Rust pvmfw. Bug: 223166344 Test: Ran unprotected VM under crosvm. Change-Id: I89b1c01f9b1ae3bbbe477044f11ed8b87287535a
2022-03-22 15:57:34 +00:00
],
static_libs: [
"libpvmfw",
],
Split out common part of linker script. Bug: 223166344 Test: atest vmbase_example.integration_test Change-Id: Idaf10e631ba33fcc7026c4e2f603778186215667
2022-07-06 15:06:20 +00:00
linker_scripts: [
"image.ld",
":vmbase_sections",
],
Expose the pvmfw module to the Make world This is needed to make the debuggable (i.e. unstripped) elf file is added to the symbols zip file which is done in the Make world. Bug: 245896220 Test: check aosp_cheetah Change-Id: I22413548973fa96991e0b5461544149bfbb0f582
2022-12-16 05:36:24 +00:00
// `installable: false` is inherited from vmbase_elf_defaults, and that
// hides this module from Make, which makes it impossible for the Make world
// to place the unstripped binary to the symbols directory. Marking back as
// installable exposes this module to the Make world again. Note that this
// module (pvmfw) still is NOT installed to any of the filesystem images. It
// is fed into pvmfw_bin and then into pvmfw_img to become a standalone
// partition image. This is just to package the unstripped file into the
// symbols zip file for debugging purpose.
installable: true,
Disable native_coverage for pvmfw binary The pvmfw binary is compiled against a very limited subset of Rust, and hence building it with coverage enabled expectedly fails. Explicitly disable coverage, as instead we will split the pvmfw binary into separate testable rust crates. Bug: 272222944 Test: SKIP_ABI_CHECKS=true \ SOONG_COLLECT_JAVA_DEPS=true \ EMMA_INSTRUMENT=true \ EMMA_INSTRUMENT_FRAMEWORK=true \ CLANG_COVERAGE=true \ NATIVE_COVERAGE_PATHS='*' \ m Change-Id: I3cec0eca8fcac3dbc3269a8535788173f5a9eda5
2023-03-13 21:18:40 +00:00
native_coverage: false,
Entry point for Rust pvmfw. Bug: 223166344 Test: Ran unprotected VM under crosvm. Change-Id: I89b1c01f9b1ae3bbbe477044f11ed8b87287535a
2022-03-22 15:57:34 +00:00
}
pvmfw: Build raw binary Test: m pvmfw Change-Id: Ic06892d9917411b3b66040f13e3b1dccd39902f5
2022-04-25 13:47:06 +00:00
raw_binary {
vmbase: Keep base target names for ELF not bin Rename the targets to be more consistent: - m pvmfw -> builds pvmfw - m pvmfw_bin -> builds pvmfw.bin - m pvmfw_img -> builds pvmfw.img Test: TH Change-Id: I3eaea21609166409c7b5bfe3aa9122c32b229521
2022-09-09 10:01:06 +00:00
name: "pvmfw_bin",
stem: "pvmfw.bin",
src: ":pvmfw",
pvmfw: Build raw binary Test: m pvmfw Change-Id: Ic06892d9917411b3b66040f13e3b1dccd39902f5
2022-04-25 13:47:06 +00:00
enabled: false,
target: {
android_arm64: {
enabled: true,
},
},
}
pvmfw: Generate pvmfw.img Create boot image file containing pvmfw. This is what is flashed to the 'pvmfw' partition. Test: m pvmfw_img Bug: 237371962 Change-Id: Iae880b35f1be76f7ebf647de8b0f402fcd8df41a
2022-04-25 14:07:22 +00:00
Add debug policy tests for ramdump Bug: 243671509, Bug: 243630590 Test: atest Change-Id: Id414b6efb1c84bd5d77deb176b40819da9dbdf5d
2023-02-09 16:35:47 +00:00
// Provide pvmfw.bin binary regardless of the architecture for building test.
// Note that skipping tests on unsupported device is easy
// while configuring server configuration to make such tests to run on working
// devices.
prebuilt_etc {
name: "pvmfw_test",
filename: "pvmfw_test.bin",
target: {
android_arm64: {
src: ":pvmfw_bin",
},
},
[pvmfw][microdroid] Make empty_file filegroup for reuse Test: m pvmfw_test microdroid_initrd_debuggable \ microdroid_initrd_normal Change-Id: I9767ee97900e1b9fa60c45eee8556012cb9e0c20
2023-04-11 17:03:42 +00:00
src: ":empty_file",
Add debug policy tests for ramdump Bug: 243671509, Bug: 243630590 Test: atest Change-Id: Id414b6efb1c84bd5d77deb176b40819da9dbdf5d
2023-02-09 16:35:47 +00:00
installable: false,
}
pvmfw: Introduce pvmfw_embedded_key pvmfw contains a reference public key against which it compares the key used to sign the virtual machine payloads it receives. Export that public key as pvmfw_embedded_key, a binary file intended to be built into pvmfw. For release builds, the pvmfw image is expected to be post-processed to find-and-replace (in-place) that key with the public release key. Bug: 255575669 Test: m pvmfw_embedded_key Change-Id: Ia4490688cc3d1954a18e703a97812a9a28e63e7a
2022-10-26 14:14:45 +00:00
prebuilt_etc {
name: "pvmfw_embedded_key",
src: ":avb_testkey_rsa4096_pub_bin",
installable: false,
}
pvmfw: Use pvmfw_embedded_key from Rust pvmfw will need the key to validate AVB-signed images so wrap it in a rlib to import it into Rust code while making sure Soong is aware of the dependency and handles file paths. As this will be used in the context of AVB, create the module and re-export the PUBLIC_KEY from there. Use a debug! statement in main() to ensure that the key is kept in the final binary by the toolchain. Bug: 255575669 Test: m pvmfw_bin # verify that it contains testkey_rsa4096_pub.bin Change-Id: I840a32a39f113d6becd50bea42b8552e551fee5f
2022-10-26 16:40:50 +00:00
genrule {
name: "pvmfw_embedded_key_rs",
srcs: [":pvmfw_embedded_key"],
out: ["lib.rs"],
cmd: "(" +
" echo '#![no_std]';" +
" echo '#![allow(missing_docs)]';" +
" echo 'pub const PUBLIC_KEY: &[u8] = &[';" +
" xxd -i < $(in);" +
" echo '];';" +
") > $(out)",
}
rust_library_rlib {
name: "libpvmfw_embedded_key",
defaults: ["vmbase_ffi_defaults"],
prefer_rlib: true,
srcs: [":pvmfw_embedded_key_rs"],
crate_name: "pvmfw_embedded_key",
apex_available: ["com.android.virt"],
}
pvmfw.img: Generate an AVB-signed image Use a prebuilt_etc to be able to import it in make through $(call module-target-built-files,pvmfw_sign_key) Bug: 237371962 Test: m pvmfw_img Change-Id: Ie42f3e7b39e461b0baad5bd1ad51ef985c871976
2022-09-06 15:01:35 +00:00
prebuilt_etc {
name: "pvmfw_sign_key",
src: ":avb_testkey_rsa4096",
installable: false,
}
Embed the compiled template DT into pvmfw Specifically, the source dts file is pre-processed by clang to use some macros from the ARM dt-bindings headers. Then it is actually compiled into dtbo via the dtc compiler. Then create a rust source file where the content of the dtbo file is written as a byte array. Bug: 249054080 Test: m pvmfw Change-Id: Ib3ab38a10b27001c3e0ee43b3526fc624f8d1a03
2023-02-24 17:15:44 +00:00
// platform.dts is passed to clang for macro preprocessing, and then compiled to dtbo using dtc.
// The raw content of the dtbo file is then written as a Rust byte array.
genrule {
name: "pvmfw_fdt_template_rs",
srcs: [
"platform.dts",
":arm_dt_bindings_headers", // implicit dependency
],
out: ["lib.rs"],
tools: ["dtc"],
Update clang to r487747c Bug: 281596081 Test: presubmit (cherry picked from https://android-review.googlesource.com/q/commit:8ba2eb4bb6d45cc91f180f30c5f631280fe15e8b) Merged-In: I6a49d6b4d651759b240c5248a7de8fd2a2fb3a54 Change-Id: I6a49d6b4d651759b240c5248a7de8fd2a2fb3a54
2023-05-19 20:04:16 +00:00
cmd: "prebuilts/clang/host/linux-x86/clang-r487747c/bin/clang " + // UGLY!!!
Embed the compiled template DT into pvmfw Specifically, the source dts file is pre-processed by clang to use some macros from the ARM dt-bindings headers. Then it is actually compiled into dtbo via the dtc compiler. Then create a rust source file where the content of the dtbo file is written as a byte array. Bug: 249054080 Test: m pvmfw Change-Id: Ib3ab38a10b27001c3e0ee43b3526fc624f8d1a03
2023-02-24 17:15:44 +00:00
"-E -P -x assembler-with-cpp -I external/arm-trusted-firmware/include " +
"-o $(genDir)/preprocessed.dts $(location platform.dts) && " +
"$(location dtc) -I dts -O dtb -o $(genDir)/compiled.dtbo $(genDir)/preprocessed.dts && " +
"(" +
" echo '#![no_std]';" +
" echo '#![allow(missing_docs)]';" +
" echo 'pub const RAW: &[u8] = &[';" +
" xxd -i < $(genDir)/compiled.dtbo;" +
" echo '];';" +
") > $(out)",
}
rust_library_rlib {
name: "libpvmfw_fdt_template",
defaults: ["vmbase_ffi_defaults"],
prefer_rlib: true,
srcs: [":pvmfw_fdt_template_rs"],
crate_name: "pvmfw_fdt_template",
}
pvmfw: Generate pvmfw.img Create boot image file containing pvmfw. This is what is flashed to the 'pvmfw' partition. Test: m pvmfw_img Bug: 237371962 Change-Id: Iae880b35f1be76f7ebf647de8b0f402fcd8df41a
2022-04-25 14:07:22 +00:00
bootimg {
name: "pvmfw_img",
stem: "pvmfw.img",
kernel_prebuilt: ":pvmfw_bin",
header_version: "3",
partition_name: "pvmfw",
enabled: false,
target: {
android_arm64: {
enabled: true,
},
},
pvmfw.img: Generate an AVB-signed image Use a prebuilt_etc to be able to import it in make through $(call module-target-built-files,pvmfw_sign_key) Bug: 237371962 Test: m pvmfw_img Change-Id: Ie42f3e7b39e461b0baad5bd1ad51ef985c871976
2022-09-06 15:01:35 +00:00
use_avb: true,
avb_private_key: ":pvmfw_sign_key",
pvmfw: Generate pvmfw.img Create boot image file containing pvmfw. This is what is flashed to the 'pvmfw' partition. Test: m pvmfw_img Bug: 237371962 Change-Id: Iae880b35f1be76f7ebf647de8b0f402fcd8df41a
2022-04-25 14:07:22 +00:00
}