1 // Copyright 2023, The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 //! Functions for AVF debug policy and debug level
16
17 use android_system_virtualizationservice::aidl::android::system::virtualizationservice::{
18 VirtualMachineAppConfig::DebugLevel::DebugLevel, VirtualMachineConfig::VirtualMachineConfig,
19 };
20 use anyhow::{anyhow, Context, Error, Result};
21 use libfdt::{Fdt, FdtError};
22 use log::{info, warn};
23 use rustutils::system_properties;
24 use std::ffi::{CString, NulError};
25 use std::fs;
26 use std::io::ErrorKind;
27 use std::path::{Path, PathBuf};
28 use std::sync::LazyLock;
29 use vmconfig::get_debug_level;
30
31 const CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP: &str =
32 "hypervisor.virtualizationmanager.debug_policy.path";
33 const DUMP_DT_SYSPROP: &str = "hypervisor.virtualizationmanager.dump_device_tree";
34 const DEVICE_TREE_EMPTY_TREE_SIZE_BYTES: usize = 100; // rough estimation.
35
36 struct DPPath {
37 node_path: CString,
38 prop_name: CString,
39 }
40
41 impl DPPath {
new(node_path: &str, prop_name: &str) -> Result<Self, NulError>42 fn new(node_path: &str, prop_name: &str) -> Result<Self, NulError> {
43 Ok(Self { node_path: CString::new(node_path)?, prop_name: CString::new(prop_name)? })
44 }
45
to_path(&self) -> PathBuf46 fn to_path(&self) -> PathBuf {
47 // unwrap() is safe for to_str() because node_path and prop_name were &str.
48 PathBuf::from(
49 [
50 "/proc/device-tree",
51 self.node_path.to_str().unwrap(),
52 "/",
53 self.prop_name.to_str().unwrap(),
54 ]
55 .concat(),
56 )
57 }
58 }
59
60 static DP_LOG_PATH: LazyLock<DPPath> =
61 LazyLock::new(|| DPPath::new("/avf/guest/common", "log").unwrap());
62 static DP_RAMDUMP_PATH: LazyLock<DPPath> =
63 LazyLock::new(|| DPPath::new("/avf/guest/common", "ramdump").unwrap());
64 static DP_ADB_PATH: LazyLock<DPPath> =
65 LazyLock::new(|| DPPath::new("/avf/guest/microdroid", "adb").unwrap());
66
67 /// Get debug policy value in bool. It's true iff the value is explicitly set to <1>.
get_debug_policy_bool(path: &Path) -> Result<bool>68 fn get_debug_policy_bool(path: &Path) -> Result<bool> {
69 let value = match fs::read(path) {
70 Ok(value) => value,
71 Err(error) if error.kind() == ErrorKind::NotFound => return Ok(false),
72 Err(error) => Err(error).with_context(|| format!("Failed to read {path:?}"))?,
73 };
74
75 // DT spec uses big endian although Android is always little endian.
76 match u32::from_be_bytes(value.try_into().map_err(|_| anyhow!("Malformed value in {path:?}"))?)
77 {
78 0 => Ok(false),
79 1 => Ok(true),
80 value => Err(anyhow!("Invalid value {value} in {path:?}")),
81 }
82 }
83
84 /// Get property value in bool. It's true iff the value is explicitly set to <1>.
85 /// It takes path as &str instead of &Path, because we don't want OsStr.
get_fdt_prop_bool(fdt: &Fdt, path: &DPPath) -> Result<bool>86 fn get_fdt_prop_bool(fdt: &Fdt, path: &DPPath) -> Result<bool> {
87 let (node_path, prop_name) = (&path.node_path, &path.prop_name);
88 let node = match fdt.node(node_path) {
89 Ok(Some(node)) => node,
90 Err(error) if error != FdtError::NotFound => {
91 Err(Error::msg(error)).with_context(|| format!("Failed to get node {node_path:?}"))?
92 }
93 _ => return Ok(false),
94 };
95
96 match node.getprop_u32(prop_name) {
97 Ok(Some(0)) => Ok(false),
98 Ok(Some(1)) => Ok(true),
99 Ok(Some(_)) => Err(anyhow!("Invalid prop value {prop_name:?} in node {node_path:?}")),
100 Err(error) if error != FdtError::NotFound => {
101 Err(Error::msg(error)).with_context(|| format!("Failed to get prop {prop_name:?}"))
102 }
103 _ => Ok(false),
104 }
105 }
106
107 /// Fdt with owned vector.
108 struct OwnedFdt {
109 buffer: Vec<u8>,
110 }
111
112 impl OwnedFdt {
from_overlay_onto_new_fdt(overlay_file_path: &Path) -> Result<Self>113 fn from_overlay_onto_new_fdt(overlay_file_path: &Path) -> Result<Self> {
114 let mut overlay_buf = match fs::read(overlay_file_path) {
115 Ok(fdt) => fdt,
116 Err(error) if error.kind() == ErrorKind::NotFound => Default::default(),
117 Err(error) => {
118 Err(error).with_context(|| format!("Failed to read {overlay_file_path:?}"))?
119 }
120 };
121
122 let overlay_buf_size = overlay_buf.len();
123
124 let fdt_estimated_size = overlay_buf_size + DEVICE_TREE_EMPTY_TREE_SIZE_BYTES;
125 let mut fdt_buf = vec![0_u8; fdt_estimated_size];
126 let fdt = Fdt::create_empty_tree(fdt_buf.as_mut_slice())
127 .map_err(Error::msg)
128 .context("Failed to create an empty device tree")?;
129
130 if !overlay_buf.is_empty() {
131 let overlay_fdt = Fdt::from_mut_slice(overlay_buf.as_mut_slice())
132 .map_err(Error::msg)
133 .with_context(|| "Malformed {overlay_file_path:?}")?;
134
135 // SAFETY: Return immediately if error happens. Damaged fdt_buf and fdt are discarded.
136 unsafe {
137 fdt.apply_overlay(overlay_fdt).map_err(Error::msg).with_context(|| {
138 "Failed to overlay {overlay_file_path:?} onto empty device tree"
139 })?;
140 }
141 }
142
143 Ok(Self { buffer: fdt_buf })
144 }
145
as_fdt(&self) -> &Fdt146 fn as_fdt(&self) -> &Fdt {
147 // SAFETY: Checked validity of buffer when instantiate.
148 unsafe { Fdt::unchecked_from_slice(&self.buffer) }
149 }
150 }
151
152 /// Debug configurations for debug policy.
153 #[derive(Debug, Default)]
154 pub struct DebugPolicy {
155 log: bool,
156 ramdump: bool,
157 adb: bool,
158 }
159
160 impl DebugPolicy {
161 /// Build from the passed DTBO path.
from_overlay(path: &Path) -> Result<Self>162 pub fn from_overlay(path: &Path) -> Result<Self> {
163 let owned_fdt = OwnedFdt::from_overlay_onto_new_fdt(path)?;
164 let fdt = owned_fdt.as_fdt();
165
166 Ok(Self {
167 log: get_fdt_prop_bool(fdt, &DP_LOG_PATH)?,
168 ramdump: get_fdt_prop_bool(fdt, &DP_RAMDUMP_PATH)?,
169 adb: get_fdt_prop_bool(fdt, &DP_ADB_PATH)?,
170 })
171 }
172
173 /// Build from the /avf/guest subtree of the host DT.
from_host() -> Result<Self>174 pub fn from_host() -> Result<Self> {
175 Ok(Self {
176 log: get_debug_policy_bool(&DP_LOG_PATH.to_path())?,
177 ramdump: get_debug_policy_bool(&DP_RAMDUMP_PATH.to_path())?,
178 adb: get_debug_policy_bool(&DP_ADB_PATH.to_path())?,
179 })
180 }
181 }
182
183 /// Debug configurations for both debug level and debug policy
184 #[derive(Debug, Default)]
185 pub struct DebugConfig {
186 pub debug_level: DebugLevel,
187 pub dump_device_tree: bool,
188 debug_policy: DebugPolicy,
189 }
190
191 impl DebugConfig {
new(config: &VirtualMachineConfig) -> Self192 pub fn new(config: &VirtualMachineConfig) -> Self {
193 let debug_level = get_debug_level(config).unwrap_or(DebugLevel::NONE);
194 let debug_policy = Self::get_debug_policy(config).unwrap_or_else(|| {
195 info!("Debug policy is disabled");
196 Default::default()
197 });
198 let dump_dt_sysprop = system_properties::read_bool(DUMP_DT_SYSPROP, false);
199 let dump_device_tree = dump_dt_sysprop.unwrap_or_else(|e| {
200 warn!("Failed to read sysprop {DUMP_DT_SYSPROP}: {e}");
201 false
202 });
203
204 Self { debug_level, debug_policy, dump_device_tree }
205 }
206
get_debug_policy(config: &VirtualMachineConfig) -> Option<DebugPolicy>207 fn get_debug_policy(config: &VirtualMachineConfig) -> Option<DebugPolicy> {
208 if matches!(config, VirtualMachineConfig::RawConfig(_)) {
209 info!("Debug policy ignored for non-Microdroid VM");
210 return None;
211 }
212 let dp_sysprop = system_properties::read(CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP);
213 let custom_dp = dp_sysprop.unwrap_or_else(|e| {
214 warn!("Failed to read sysprop {CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP}: {e}");
215 Default::default()
216 });
217
218 match custom_dp {
219 Some(path) if !path.is_empty() => match DebugPolicy::from_overlay(Path::new(&path)) {
220 Ok(dp) => {
221 info!("Loaded custom debug policy overlay {path}: {dp:?}");
222 Some(dp)
223 }
224 Err(err) => {
225 warn!("Failed to load custom debug policy overlay {path}: {err:?}");
226 None
227 }
228 },
229 _ => match DebugPolicy::from_host() {
230 Ok(dp) => {
231 info!("Loaded debug policy from host OS: {dp:?}");
232 Some(dp)
233 }
234 Err(err) => {
235 warn!("Failed to load debug policy from host OS: {err:?}");
236 None
237 }
238 },
239 }
240 }
241
242 #[cfg(test)]
243 /// Creates a new DebugConfig with debug level. Only use this for test purpose.
new_with_debug_level(debug_level: DebugLevel) -> Self244 pub(crate) fn new_with_debug_level(debug_level: DebugLevel) -> Self {
245 Self { debug_level, ..Default::default() }
246 }
247
248 /// Get whether console output should be configred for VM to leave console and adb log.
249 /// Caller should create pipe and prepare for receiving VM log with it.
should_prepare_console_output(&self) -> bool250 pub fn should_prepare_console_output(&self) -> bool {
251 self.debug_level != DebugLevel::NONE || self.debug_policy.log || self.debug_policy.adb
252 }
253
254 /// Get whether debug apexes (MICRODROID_REQUIRED_APEXES_DEBUG) are required.
should_include_debug_apexes(&self) -> bool255 pub fn should_include_debug_apexes(&self) -> bool {
256 self.debug_level != DebugLevel::NONE || self.debug_policy.adb
257 }
258
259 /// Decision to support ramdump
is_ramdump_needed(&self) -> bool260 pub fn is_ramdump_needed(&self) -> bool {
261 self.debug_level != DebugLevel::NONE || self.debug_policy.ramdump
262 }
263 }
264
265 #[cfg(test)]
266 mod tests {
267 use super::*;
268
269 #[test]
test_read_avf_debug_policy_with_ramdump() -> Result<()>270 fn test_read_avf_debug_policy_with_ramdump() -> Result<()> {
271 let debug_policy =
272 DebugPolicy::from_overlay("avf_debug_policy_with_ramdump.dtbo".as_ref()).unwrap();
273
274 assert!(!debug_policy.log);
275 assert!(debug_policy.ramdump);
276 assert!(debug_policy.adb);
277
278 Ok(())
279 }
280
281 #[test]
test_read_avf_debug_policy_without_ramdump() -> Result<()>282 fn test_read_avf_debug_policy_without_ramdump() -> Result<()> {
283 let debug_policy =
284 DebugPolicy::from_overlay("avf_debug_policy_without_ramdump.dtbo".as_ref()).unwrap();
285
286 assert!(!debug_policy.log);
287 assert!(!debug_policy.ramdump);
288 assert!(debug_policy.adb);
289
290 Ok(())
291 }
292
293 #[test]
test_read_avf_debug_policy_with_adb() -> Result<()>294 fn test_read_avf_debug_policy_with_adb() -> Result<()> {
295 let debug_policy =
296 DebugPolicy::from_overlay("avf_debug_policy_with_adb.dtbo".as_ref()).unwrap();
297
298 assert!(!debug_policy.log);
299 assert!(!debug_policy.ramdump);
300 assert!(debug_policy.adb);
301
302 Ok(())
303 }
304
305 #[test]
test_read_avf_debug_policy_without_adb() -> Result<()>306 fn test_read_avf_debug_policy_without_adb() -> Result<()> {
307 let debug_policy =
308 DebugPolicy::from_overlay("avf_debug_policy_without_adb.dtbo".as_ref()).unwrap();
309
310 assert!(!debug_policy.log);
311 assert!(!debug_policy.ramdump);
312 assert!(!debug_policy.adb);
313
314 Ok(())
315 }
316
317 #[test]
test_invalid_sysprop_disables_debug_policy() -> Result<()>318 fn test_invalid_sysprop_disables_debug_policy() -> Result<()> {
319 let debug_policy =
320 DebugPolicy::from_overlay("/a/does/not/exist/path.dtbo".as_ref()).unwrap();
321
322 assert!(!debug_policy.log);
323 assert!(!debug_policy.ramdump);
324 assert!(!debug_policy.adb);
325
326 Ok(())
327 }
328
329 #[test]
test_new_with_debug_level() -> Result<()>330 fn test_new_with_debug_level() -> Result<()> {
331 assert_eq!(
332 DebugConfig::new_with_debug_level(DebugLevel::NONE).debug_level,
333 DebugLevel::NONE
334 );
335 assert_eq!(
336 DebugConfig::new_with_debug_level(DebugLevel::FULL).debug_level,
337 DebugLevel::FULL
338 );
339
340 Ok(())
341 }
342 }
343