• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include "host/commands/assemble_cvd/boot_config.h"
18 
19 #include <fstream>
20 #include <sstream>
21 #include <string>
22 
23 #include <sys/stat.h>
24 
25 #include <android-base/logging.h>
26 #include <android-base/strings.h>
27 #include <gflags/gflags.h>
28 
29 #include "common/libs/utils/environment.h"
30 #include "common/libs/utils/files.h"
31 #include "common/libs/utils/size_utils.h"
32 #include "common/libs/utils/subprocess.h"
33 #include "host/libs/config/bootconfig_args.h"
34 #include "host/libs/config/cuttlefish_config.h"
35 #include "host/libs/config/kernel_args.h"
36 #include "host/libs/vm_manager/crosvm_manager.h"
37 #include "host/libs/vm_manager/vm_manager.h"
38 
39 using cuttlefish::vm_manager::CrosvmManager;
40 
41 DECLARE_string(vm_manager);
42 
43 // Taken from external/avb/avbtool.py; this define is not in the headers
44 #define MAX_AVB_METADATA_SIZE 69632ul
45 
46 namespace cuttlefish {
47 namespace {
48 
49 // The ordering of tap devices we're passing to crosvm / qemu is important
50 // Ethernet tap device is the second one (eth1) we're passing ATM
51 static constexpr char kUbootPrimaryEth[] = "eth1";
52 
WritePausedEntrypoint(std::ostream & env,const char * entrypoint,const CuttlefishConfig::InstanceSpecific & instance)53 void WritePausedEntrypoint(std::ostream& env, const char* entrypoint,
54                            const CuttlefishConfig::InstanceSpecific& instance) {
55   if (instance.pause_in_bootloader()) {
56     env << "if test $paused -ne 1; then paused=1; else " << entrypoint << "; fi";
57   } else {
58     env << entrypoint;
59   }
60 
61   env << '\0';
62 }
63 
WriteAndroidEnvironment(std::ostream & env,const CuttlefishConfig::InstanceSpecific & instance)64 void WriteAndroidEnvironment(
65     std::ostream& env,
66     const CuttlefishConfig::InstanceSpecific& instance) {
67   WritePausedEntrypoint(env, "run bootcmd_android", instance);
68 
69   if (!instance.boot_slot().empty()) {
70     env << "android_slot_suffix=_" << instance.boot_slot() << '\0';
71   }
72   env << '\0';
73 }
74 
WriteEFIEnvironment(std::ostream & env,const CuttlefishConfig::InstanceSpecific & instance)75 void WriteEFIEnvironment(
76     std::ostream& env, const CuttlefishConfig::InstanceSpecific& instance) {
77   // TODO(b/256602611): get rid of loadddr hardcode. make sure loadddr
78   // env setup in the bootloader.
79   WritePausedEntrypoint(env,
80     "load virtio 0:${devplist} 0x80200000 efi/boot/bootaa64.efi "
81     "&& bootefi 0x80200000 ${fdtcontroladdr}; "
82     "load virtio 0:${devplist} 0x02400000 efi/boot/bootia32.efi && "
83     "bootefi 0x02400000 ${fdtcontroladdr}", instance
84   );
85 }
86 
WriteEnvironment(const CuttlefishConfig::InstanceSpecific & instance,const CuttlefishConfig::InstanceSpecific::BootFlow & flow,const std::string & kernel_args,const std::string & env_path)87 size_t WriteEnvironment(const CuttlefishConfig::InstanceSpecific& instance,
88                         const CuttlefishConfig::InstanceSpecific::BootFlow& flow,
89                         const std::string& kernel_args,
90                         const std::string& env_path) {
91   std::ostringstream env;
92 
93   env << "ethprime=" << kUbootPrimaryEth << '\0';
94   if (!kernel_args.empty()) {
95     env << "uenvcmd=setenv bootargs \"$cbootargs " << kernel_args << "\" && ";
96   } else {
97     env << "uenvcmd=setenv bootargs \"$cbootargs\" && ";
98   }
99 
100   switch (flow) {
101     case CuttlefishConfig::InstanceSpecific::BootFlow::Android:
102       WriteAndroidEnvironment(env, instance);
103       break;
104     case CuttlefishConfig::InstanceSpecific::BootFlow::Linux:
105     case CuttlefishConfig::InstanceSpecific::BootFlow::Fuchsia:
106       WriteEFIEnvironment(env, instance);
107       break;
108   }
109 
110   std::string env_str = env.str();
111   std::ofstream file_out(env_path.c_str(), std::ios::binary);
112   file_out << env_str;
113 
114   if (!file_out.good()) {
115     return 0;
116   }
117 
118   return env_str.length();
119 }
120 
121 }  // namespace
122 
123 class InitBootloaderEnvPartitionImpl : public InitBootloaderEnvPartition {
124  public:
INJECT(InitBootloaderEnvPartitionImpl (const CuttlefishConfig & config,const CuttlefishConfig::InstanceSpecific & instance))125   INJECT(InitBootloaderEnvPartitionImpl(
126       const CuttlefishConfig& config,
127       const CuttlefishConfig::InstanceSpecific& instance))
128       : config_(config), instance_(instance) {}
129 
130   // SetupFeature
Name() const131   std::string Name() const override { return "InitBootloaderEnvPartitionImpl"; }
Enabled() const132   bool Enabled() const override { return !instance_.protected_vm(); }
133 
134  private:
Dependencies() const135   std::unordered_set<SetupFeature*> Dependencies() const override { return {}; }
Setup()136   bool Setup() override {
137     if (instance_.ap_boot_flow() == CuttlefishConfig::InstanceSpecific::APBootFlow::Grub) {
138       if (!PrepareBootEnvImage(instance_.ap_uboot_env_image_path(),
139           CuttlefishConfig::InstanceSpecific::BootFlow::Linux)) {
140         return false;
141       }
142     }
143     if (!PrepareBootEnvImage(instance_.uboot_env_image_path(), instance_.boot_flow())) {
144       return false;
145     }
146 
147     return true;
148   }
149 
ReplaceKernelBootArgs(const std::unordered_map<std::string,std::string> & args)150   std::unordered_map<std::string, std::string> ReplaceKernelBootArgs(
151       const std::unordered_map<std::string, std::string>& args) {
152     std::unordered_map<std::string, std::string> ret;
153     std::transform(std::begin(args), std::end(args),
154                    std::inserter(ret, ret.end()), [](const auto& kv) {
155                      const auto& k = kv.first;
156                      const auto& v = kv.second;
157                      return std::make_pair(
158                          android::base::StringReplace(k, " kernel.", " ", true),
159                          v);
160                    });
161     return ret;
162   }
163 
PrepareBootEnvImage(const std::string & image_path,const CuttlefishConfig::InstanceSpecific::BootFlow & flow)164   bool PrepareBootEnvImage(const std::string& image_path,
165                            const CuttlefishConfig::InstanceSpecific::BootFlow& flow) {
166     auto tmp_boot_env_image_path = image_path + ".tmp";
167     auto uboot_env_path = instance_.PerInstancePath("mkenvimg_input");
168     auto kernel_cmdline = android::base::Join(
169         KernelCommandLineFromConfig(config_, instance_), " ");
170     // If the bootconfig isn't supported in the guest kernel, the bootconfig
171     // args need to be passed in via the uboot env. This won't be an issue for
172     // protect kvm which is running a kernel with bootconfig support.
173     if (!instance_.bootconfig_supported()) {
174       auto bootconfig_args_result =
175           BootconfigArgsFromConfig(config_, instance_);
176       if (!bootconfig_args_result.ok()) {
177         LOG(ERROR) << "Unable to get bootconfig args from config: "
178                    << bootconfig_args_result.error().Message();
179         return false;
180       }
181       auto bootconfig_args = std::move(bootconfig_args_result.value());
182 
183       // "androidboot.hardware" kernel parameter has changed to "hardware" in
184       // bootconfig and needs to be replaced before being used in the kernel
185       // cmdline.
186       auto bootconfig_hardware_it = bootconfig_args.find("hardware");
187       if (bootconfig_hardware_it != bootconfig_args.end()) {
188         bootconfig_args["androidboot.hardware"] =
189             bootconfig_hardware_it->second;
190         bootconfig_args.erase(bootconfig_hardware_it);
191       }
192 
193       // TODO(b/182417593): Until we pass the module parameters through
194       // modules.options, we pass them through bootconfig using
195       // 'kernel.<key>=<value>' But if we don't support bootconfig, we need to
196       // rename them back to the old cmdline version
197       bootconfig_args = ReplaceKernelBootArgs(bootconfig_args);
198 
199       auto bootconfig_result =
200           BootconfigArgsString(bootconfig_args, " ");
201       if (!bootconfig_result.ok()) {
202         LOG(ERROR) << "Unable to get bootconfig args string from config: "
203                    << bootconfig_result.error().Message();
204         return false;
205       }
206 
207       kernel_cmdline += " ";
208       kernel_cmdline += bootconfig_result.value();
209     }
210 
211     if (!WriteEnvironment(instance_, flow, kernel_cmdline, uboot_env_path)) {
212       LOG(ERROR) << "Unable to write out plaintext env '" << uboot_env_path
213                  << ".'";
214       return false;
215     }
216 
217     auto mkimage_path = HostBinaryPath("mkenvimage_slim");
218     Command cmd(mkimage_path);
219     cmd.AddParameter("-output_path");
220     cmd.AddParameter(tmp_boot_env_image_path);
221     cmd.AddParameter("-input_path");
222     cmd.AddParameter(uboot_env_path);
223     int success = cmd.Start().Wait();
224     if (success != 0) {
225       LOG(ERROR) << "Unable to run mkenvimage_slim. Exited with status "
226                  << success;
227       return false;
228     }
229 
230     const off_t boot_env_size_bytes = AlignToPowerOf2(
231         MAX_AVB_METADATA_SIZE + 4096, PARTITION_SIZE_SHIFT);
232 
233     auto avbtool_path = HostBinaryPath("avbtool");
234     Command boot_env_hash_footer_cmd(avbtool_path);
235     boot_env_hash_footer_cmd.AddParameter("add_hash_footer");
236     boot_env_hash_footer_cmd.AddParameter("--image");
237     boot_env_hash_footer_cmd.AddParameter(tmp_boot_env_image_path);
238     boot_env_hash_footer_cmd.AddParameter("--partition_size");
239     boot_env_hash_footer_cmd.AddParameter(boot_env_size_bytes);
240     boot_env_hash_footer_cmd.AddParameter("--partition_name");
241     boot_env_hash_footer_cmd.AddParameter("uboot_env");
242     boot_env_hash_footer_cmd.AddParameter("--key");
243     boot_env_hash_footer_cmd.AddParameter(
244         DefaultHostArtifactsPath("etc/cvd_avb_testkey.pem"));
245     boot_env_hash_footer_cmd.AddParameter("--algorithm");
246     boot_env_hash_footer_cmd.AddParameter("SHA256_RSA4096");
247     success = boot_env_hash_footer_cmd.Start().Wait();
248     if (success != 0) {
249       LOG(ERROR) << "Unable to run append hash footer. Exited with status "
250                  << success;
251       return false;
252     }
253 
254     if (!FileExists(image_path) ||
255         ReadFile(image_path) != ReadFile(tmp_boot_env_image_path)) {
256       if (!RenameFile(tmp_boot_env_image_path, image_path).ok()) {
257         LOG(ERROR) << "Unable to delete the old env image.";
258         return false;
259       }
260       LOG(DEBUG) << "Updated bootloader environment image.";
261     } else {
262       RemoveFile(tmp_boot_env_image_path);
263     }
264 
265     return true;
266   }
267 
268   const CuttlefishConfig& config_;
269   const CuttlefishConfig::InstanceSpecific& instance_;
270 };
271 
272 fruit::Component<fruit::Required<const CuttlefishConfig,
273                                  const CuttlefishConfig::InstanceSpecific>,
274                  InitBootloaderEnvPartition>
InitBootloaderEnvPartitionComponent()275 InitBootloaderEnvPartitionComponent() {
276   return fruit::createComponent()
277       .bind<InitBootloaderEnvPartition, InitBootloaderEnvPartitionImpl>()
278       .addMultibinding<SetupFeature, InitBootloaderEnvPartition>();
279 }
280 
281 } // namespace cuttlefish
282