1 // Copyright 2023, The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 //! Functions for AVF debug policy and debug level
16
17 use android_system_virtualizationservice::aidl::android::system::virtualizationservice::{
18 VirtualMachineAppConfig::DebugLevel::DebugLevel,
19 };
20 use anyhow::{anyhow, Context, Error, Result};
21 use std::fs;
22 use std::io::ErrorKind;
23 use std::path::{Path, PathBuf};
24 use std::ffi::{CString, NulError};
25 use log::{warn, info};
26 use rustutils::system_properties;
27 use libfdt::{Fdt, FdtError};
28 use lazy_static::lazy_static;
29
30 const CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP: &str =
31 "hypervisor.virtualizationmanager.debug_policy.path";
32 const DEVICE_TREE_EMPTY_TREE_SIZE_BYTES: usize = 100; // rough estimation.
33
34 struct DPPath {
35 node_path: CString,
36 prop_name: CString,
37 }
38
39 impl DPPath {
new(node_path: &str, prop_name: &str) -> Result<Self, NulError>40 fn new(node_path: &str, prop_name: &str) -> Result<Self, NulError> {
41 Ok(Self { node_path: CString::new(node_path)?, prop_name: CString::new(prop_name)? })
42 }
43
to_path(&self) -> PathBuf44 fn to_path(&self) -> PathBuf {
45 // SAFETY -- unwrap() is safe for to_str() because node_path and prop_name were &str.
46 PathBuf::from(
47 [
48 "/sys/firmware/devicetree/base",
49 self.node_path.to_str().unwrap(),
50 "/",
51 self.prop_name.to_str().unwrap(),
52 ]
53 .concat(),
54 )
55 }
56 }
57
58 lazy_static! {
59 static ref DP_LOG_PATH: DPPath = DPPath::new("/avf/guest/common", "log").unwrap();
60 static ref DP_RAMDUMP_PATH: DPPath = DPPath::new("/avf/guest/common", "ramdump").unwrap();
61 static ref DP_ADB_PATH: DPPath = DPPath::new("/avf/guest/microdroid", "adb").unwrap();
62 }
63
64 /// Get debug policy value in bool. It's true iff the value is explicitly set to <1>.
get_debug_policy_bool(path: &Path) -> Result<bool>65 fn get_debug_policy_bool(path: &Path) -> Result<bool> {
66 let value = match fs::read(path) {
67 Ok(value) => value,
68 Err(error) if error.kind() == ErrorKind::NotFound => return Ok(false),
69 Err(error) => Err(error).with_context(|| format!("Failed to read {path:?}"))?,
70 };
71
72 // DT spec uses big endian although Android is always little endian.
73 match u32::from_be_bytes(value.try_into().map_err(|_| anyhow!("Malformed value in {path:?}"))?)
74 {
75 0 => Ok(false),
76 1 => Ok(true),
77 value => Err(anyhow!("Invalid value {value} in {path:?}")),
78 }
79 }
80
81 /// Get property value in bool. It's true iff the value is explicitly set to <1>.
82 /// It takes path as &str instead of &Path, because we don't want OsStr.
get_fdt_prop_bool(fdt: &Fdt, path: &DPPath) -> Result<bool>83 fn get_fdt_prop_bool(fdt: &Fdt, path: &DPPath) -> Result<bool> {
84 let (node_path, prop_name) = (&path.node_path, &path.prop_name);
85 let node = match fdt.node(node_path) {
86 Ok(Some(node)) => node,
87 Err(error) if error != FdtError::NotFound => Err(error)
88 .map_err(Error::msg)
89 .with_context(|| format!("Failed to get node {node_path:?}"))?,
90 _ => return Ok(false),
91 };
92
93 match node.getprop_u32(prop_name) {
94 Ok(Some(0)) => Ok(false),
95 Ok(Some(1)) => Ok(true),
96 Ok(Some(_)) => Err(anyhow!("Invalid prop value {prop_name:?} in node {node_path:?}")),
97 Err(error) if error != FdtError::NotFound => Err(error)
98 .map_err(Error::msg)
99 .with_context(|| format!("Failed to get prop {prop_name:?}")),
100 _ => Ok(false),
101 }
102 }
103
104 /// Fdt with owned vector.
105 struct OwnedFdt {
106 buffer: Vec<u8>,
107 }
108
109 impl OwnedFdt {
from_overlay_onto_new_fdt(overlay_file_path: &Path) -> Result<Self>110 fn from_overlay_onto_new_fdt(overlay_file_path: &Path) -> Result<Self> {
111 let mut overlay_buf = match fs::read(overlay_file_path) {
112 Ok(fdt) => fdt,
113 Err(error) if error.kind() == ErrorKind::NotFound => Default::default(),
114 Err(error) => {
115 Err(error).with_context(|| format!("Failed to read {overlay_file_path:?}"))?
116 }
117 };
118
119 let overlay_buf_size = overlay_buf.len();
120
121 let fdt_estimated_size = overlay_buf_size + DEVICE_TREE_EMPTY_TREE_SIZE_BYTES;
122 let mut fdt_buf = vec![0_u8; fdt_estimated_size];
123 let fdt = Fdt::create_empty_tree(fdt_buf.as_mut_slice())
124 .map_err(Error::msg)
125 .context("Failed to create an empty device tree")?;
126
127 if !overlay_buf.is_empty() {
128 let overlay_fdt = Fdt::from_mut_slice(overlay_buf.as_mut_slice())
129 .map_err(Error::msg)
130 .with_context(|| "Malformed {overlay_file_path:?}")?;
131
132 // SAFETY - Return immediately if error happens. Damaged fdt_buf and fdt are discarded.
133 unsafe {
134 fdt.apply_overlay(overlay_fdt).map_err(Error::msg).with_context(|| {
135 "Failed to overlay {overlay_file_path:?} onto empty device tree"
136 })?;
137 }
138 }
139
140 Ok(Self { buffer: fdt_buf })
141 }
142
as_fdt(&self) -> &Fdt143 fn as_fdt(&self) -> &Fdt {
144 // SAFETY - Checked validity of buffer when instantiate.
145 unsafe { Fdt::unchecked_from_slice(&self.buffer) }
146 }
147 }
148
149 /// Debug configurations for both debug level and debug policy
150 #[derive(Debug)]
151 pub struct DebugConfig {
152 pub debug_level: DebugLevel,
153 debug_policy_log: bool,
154 debug_policy_ramdump: bool,
155 debug_policy_adb: bool,
156 }
157
158 impl DebugConfig {
new(debug_level: DebugLevel) -> Self159 pub fn new(debug_level: DebugLevel) -> Self {
160 match system_properties::read(CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP).unwrap_or_default() {
161 Some(path) if !path.is_empty() => {
162 match Self::from_custom_debug_overlay_policy(debug_level, Path::new(&path)) {
163 Ok(debug_config) => {
164 info!("Loaded custom debug policy overlay {path}: {debug_config:?}");
165 return debug_config;
166 }
167 Err(err) => warn!("Failed to load custom debug policy overlay {path}: {err:?}"),
168 };
169 }
170 _ => {
171 match Self::from_host(debug_level) {
172 Ok(debug_config) => {
173 info!("Loaded debug policy from host OS: {debug_config:?}");
174 return debug_config;
175 }
176 Err(err) => warn!("Failed to load debug policy from host OS: {err:?}"),
177 };
178 }
179 }
180
181 info!("Debug policy is disabled");
182 Self {
183 debug_level,
184 debug_policy_log: false,
185 debug_policy_ramdump: false,
186 debug_policy_adb: false,
187 }
188 }
189
190 /// Get whether console output should be configred for VM to leave console and adb log.
191 /// Caller should create pipe and prepare for receiving VM log with it.
should_prepare_console_output(&self) -> bool192 pub fn should_prepare_console_output(&self) -> bool {
193 self.debug_level != DebugLevel::NONE || self.debug_policy_log || self.debug_policy_adb
194 }
195
196 /// Get whether debug apexes (MICRODROID_REQUIRED_APEXES_DEBUG) are required.
should_include_debug_apexes(&self) -> bool197 pub fn should_include_debug_apexes(&self) -> bool {
198 self.debug_level != DebugLevel::NONE || self.debug_policy_adb
199 }
200
201 /// Decision to support ramdump
is_ramdump_needed(&self) -> bool202 pub fn is_ramdump_needed(&self) -> bool {
203 self.debug_level != DebugLevel::NONE || self.debug_policy_ramdump
204 }
205
206 // TODO: Remove this code path in user build for removing libfdt depenency.
from_custom_debug_overlay_policy(debug_level: DebugLevel, path: &Path) -> Result<Self>207 fn from_custom_debug_overlay_policy(debug_level: DebugLevel, path: &Path) -> Result<Self> {
208 match OwnedFdt::from_overlay_onto_new_fdt(path) {
209 Ok(fdt) => Ok(Self {
210 debug_level,
211 debug_policy_log: get_fdt_prop_bool(fdt.as_fdt(), &DP_LOG_PATH)?,
212 debug_policy_ramdump: get_fdt_prop_bool(fdt.as_fdt(), &DP_RAMDUMP_PATH)?,
213 debug_policy_adb: get_fdt_prop_bool(fdt.as_fdt(), &DP_ADB_PATH)?,
214 }),
215 Err(err) => Err(err),
216 }
217 }
218
from_host(debug_level: DebugLevel) -> Result<Self>219 fn from_host(debug_level: DebugLevel) -> Result<Self> {
220 Ok(Self {
221 debug_level,
222 debug_policy_log: get_debug_policy_bool(&DP_LOG_PATH.to_path())?,
223 debug_policy_ramdump: get_debug_policy_bool(&DP_RAMDUMP_PATH.to_path())?,
224 debug_policy_adb: get_debug_policy_bool(&DP_ADB_PATH.to_path())?,
225 })
226 }
227 }
228
229 #[cfg(test)]
230 mod tests {
231 use super::*;
232 use anyhow::ensure;
233
can_set_sysprop() -> bool234 fn can_set_sysprop() -> bool {
235 if let Ok(Some(value)) = system_properties::read("ro.build.type") {
236 return "user".eq(&value);
237 }
238 false // if we're in doubt, skip test.
239 }
240
241 #[test]
test_read_avf_debug_policy_with_adb() -> Result<()>242 fn test_read_avf_debug_policy_with_adb() -> Result<()> {
243 let debug_config = DebugConfig::from_custom_debug_overlay_policy(
244 DebugLevel::FULL,
245 "avf_debug_policy_with_adb.dtbo".as_ref(),
246 )
247 .unwrap();
248
249 assert_eq!(DebugLevel::FULL, debug_config.debug_level);
250 assert!(!debug_config.debug_policy_log);
251 assert!(!debug_config.debug_policy_ramdump);
252 assert!(debug_config.debug_policy_adb);
253
254 Ok(())
255 }
256
257 #[test]
test_read_avf_debug_policy_without_adb() -> Result<()>258 fn test_read_avf_debug_policy_without_adb() -> Result<()> {
259 let debug_config = DebugConfig::from_custom_debug_overlay_policy(
260 DebugLevel::FULL,
261 "avf_debug_policy_without_adb.dtbo".as_ref(),
262 )
263 .unwrap();
264
265 assert_eq!(DebugLevel::FULL, debug_config.debug_level);
266 assert!(!debug_config.debug_policy_log);
267 assert!(!debug_config.debug_policy_ramdump);
268 assert!(!debug_config.debug_policy_adb);
269
270 Ok(())
271 }
272
273 #[test]
test_invalid_sysprop_disables_debug_policy() -> Result<()>274 fn test_invalid_sysprop_disables_debug_policy() -> Result<()> {
275 let debug_config = DebugConfig::from_custom_debug_overlay_policy(
276 DebugLevel::NONE,
277 "/a/does/not/exist/path.dtbo".as_ref(),
278 )
279 .unwrap();
280
281 assert_eq!(DebugLevel::NONE, debug_config.debug_level);
282 assert!(!debug_config.debug_policy_log);
283 assert!(!debug_config.debug_policy_ramdump);
284 assert!(!debug_config.debug_policy_adb);
285
286 Ok(())
287 }
288
test_new_with_custom_policy_internal() -> Result<()>289 fn test_new_with_custom_policy_internal() -> Result<()> {
290 let debug_config = DebugConfig::new(DebugLevel::NONE);
291
292 ensure!(debug_config.debug_level == DebugLevel::NONE);
293 ensure!(!debug_config.debug_policy_log);
294 ensure!(!debug_config.debug_policy_ramdump);
295 ensure!(debug_config.debug_policy_adb);
296
297 Ok(())
298 }
299
300 #[test]
test_new_with_custom_policy() -> Result<()>301 fn test_new_with_custom_policy() -> Result<()> {
302 if !can_set_sysprop() {
303 // Skip test if we can't override sysprop.
304 return Ok(());
305 }
306
307 // Setup
308 let old_sysprop = system_properties::read(CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP)
309 .context("Failed to read existing sysprop")?
310 .unwrap_or_default();
311 let file_name = "avf_debug_policy_with_adb.dtbo";
312 system_properties::write(CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP, file_name)
313 .context("Failed to set sysprop")?;
314
315 // Run test
316 let test_result = test_new_with_custom_policy_internal();
317
318 // Clean up.
319 system_properties::write(CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP, &old_sysprop)
320 .context("Failed to restore sysprop")?;
321
322 test_result
323 }
324 }
325