1 // Copyright 2023, The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 //! Functions for AVF debug policy and debug level
16
17 use android_system_virtualizationservice::aidl::android::system::virtualizationservice::{
18 VirtualMachineAppConfig::DebugLevel::DebugLevel, VirtualMachineConfig::VirtualMachineConfig,
19 };
20 use anyhow::{anyhow, Context, Error, Result};
21 use lazy_static::lazy_static;
22 use libfdt::{Fdt, FdtError};
23 use log::{info, warn};
24 use rustutils::system_properties;
25 use std::ffi::{CString, NulError};
26 use std::fs;
27 use std::io::ErrorKind;
28 use std::path::{Path, PathBuf};
29 use vmconfig::get_debug_level;
30
31 const CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP: &str =
32 "hypervisor.virtualizationmanager.debug_policy.path";
33 const DEVICE_TREE_EMPTY_TREE_SIZE_BYTES: usize = 100; // rough estimation.
34
35 struct DPPath {
36 node_path: CString,
37 prop_name: CString,
38 }
39
40 impl DPPath {
new(node_path: &str, prop_name: &str) -> Result<Self, NulError>41 fn new(node_path: &str, prop_name: &str) -> Result<Self, NulError> {
42 Ok(Self { node_path: CString::new(node_path)?, prop_name: CString::new(prop_name)? })
43 }
44
to_path(&self) -> PathBuf45 fn to_path(&self) -> PathBuf {
46 // unwrap() is safe for to_str() because node_path and prop_name were &str.
47 PathBuf::from(
48 [
49 "/proc/device-tree",
50 self.node_path.to_str().unwrap(),
51 "/",
52 self.prop_name.to_str().unwrap(),
53 ]
54 .concat(),
55 )
56 }
57 }
58
59 lazy_static! {
60 static ref DP_LOG_PATH: DPPath = DPPath::new("/avf/guest/common", "log").unwrap();
61 static ref DP_RAMDUMP_PATH: DPPath = DPPath::new("/avf/guest/common", "ramdump").unwrap();
62 static ref DP_ADB_PATH: DPPath = DPPath::new("/avf/guest/microdroid", "adb").unwrap();
63 }
64
65 /// Get debug policy value in bool. It's true iff the value is explicitly set to <1>.
get_debug_policy_bool(path: &Path) -> Result<bool>66 fn get_debug_policy_bool(path: &Path) -> Result<bool> {
67 let value = match fs::read(path) {
68 Ok(value) => value,
69 Err(error) if error.kind() == ErrorKind::NotFound => return Ok(false),
70 Err(error) => Err(error).with_context(|| format!("Failed to read {path:?}"))?,
71 };
72
73 // DT spec uses big endian although Android is always little endian.
74 match u32::from_be_bytes(value.try_into().map_err(|_| anyhow!("Malformed value in {path:?}"))?)
75 {
76 0 => Ok(false),
77 1 => Ok(true),
78 value => Err(anyhow!("Invalid value {value} in {path:?}")),
79 }
80 }
81
82 /// Get property value in bool. It's true iff the value is explicitly set to <1>.
83 /// It takes path as &str instead of &Path, because we don't want OsStr.
get_fdt_prop_bool(fdt: &Fdt, path: &DPPath) -> Result<bool>84 fn get_fdt_prop_bool(fdt: &Fdt, path: &DPPath) -> Result<bool> {
85 let (node_path, prop_name) = (&path.node_path, &path.prop_name);
86 let node = match fdt.node(node_path) {
87 Ok(Some(node)) => node,
88 Err(error) if error != FdtError::NotFound => {
89 Err(Error::msg(error)).with_context(|| format!("Failed to get node {node_path:?}"))?
90 }
91 _ => return Ok(false),
92 };
93
94 match node.getprop_u32(prop_name) {
95 Ok(Some(0)) => Ok(false),
96 Ok(Some(1)) => Ok(true),
97 Ok(Some(_)) => Err(anyhow!("Invalid prop value {prop_name:?} in node {node_path:?}")),
98 Err(error) if error != FdtError::NotFound => {
99 Err(Error::msg(error)).with_context(|| format!("Failed to get prop {prop_name:?}"))
100 }
101 _ => Ok(false),
102 }
103 }
104
105 /// Fdt with owned vector.
106 struct OwnedFdt {
107 buffer: Vec<u8>,
108 }
109
110 impl OwnedFdt {
from_overlay_onto_new_fdt(overlay_file_path: &Path) -> Result<Self>111 fn from_overlay_onto_new_fdt(overlay_file_path: &Path) -> Result<Self> {
112 let mut overlay_buf = match fs::read(overlay_file_path) {
113 Ok(fdt) => fdt,
114 Err(error) if error.kind() == ErrorKind::NotFound => Default::default(),
115 Err(error) => {
116 Err(error).with_context(|| format!("Failed to read {overlay_file_path:?}"))?
117 }
118 };
119
120 let overlay_buf_size = overlay_buf.len();
121
122 let fdt_estimated_size = overlay_buf_size + DEVICE_TREE_EMPTY_TREE_SIZE_BYTES;
123 let mut fdt_buf = vec![0_u8; fdt_estimated_size];
124 let fdt = Fdt::create_empty_tree(fdt_buf.as_mut_slice())
125 .map_err(Error::msg)
126 .context("Failed to create an empty device tree")?;
127
128 if !overlay_buf.is_empty() {
129 let overlay_fdt = Fdt::from_mut_slice(overlay_buf.as_mut_slice())
130 .map_err(Error::msg)
131 .with_context(|| "Malformed {overlay_file_path:?}")?;
132
133 // SAFETY: Return immediately if error happens. Damaged fdt_buf and fdt are discarded.
134 unsafe {
135 fdt.apply_overlay(overlay_fdt).map_err(Error::msg).with_context(|| {
136 "Failed to overlay {overlay_file_path:?} onto empty device tree"
137 })?;
138 }
139 }
140
141 Ok(Self { buffer: fdt_buf })
142 }
143
as_fdt(&self) -> &Fdt144 fn as_fdt(&self) -> &Fdt {
145 // SAFETY: Checked validity of buffer when instantiate.
146 unsafe { Fdt::unchecked_from_slice(&self.buffer) }
147 }
148 }
149
150 /// Debug configurations for both debug level and debug policy
151 #[derive(Debug, Default)]
152 pub struct DebugConfig {
153 pub debug_level: DebugLevel,
154 debug_policy_log: bool,
155 debug_policy_ramdump: bool,
156 debug_policy_adb: bool,
157 }
158
159 impl DebugConfig {
new(config: &VirtualMachineConfig) -> Self160 pub fn new(config: &VirtualMachineConfig) -> Self {
161 let debug_level = get_debug_level(config).unwrap_or(DebugLevel::NONE);
162
163 let dp_sysprop = system_properties::read(CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP);
164 let custom_dp = dp_sysprop.unwrap_or_else(|e| {
165 warn!("Failed to read sysprop {CUSTOM_DEBUG_POLICY_OVERLAY_SYSPROP}: {e}");
166 Default::default()
167 });
168
169 match custom_dp {
170 Some(path) if !path.is_empty() => {
171 match Self::from_custom_debug_overlay_policy(debug_level, Path::new(&path)) {
172 Ok(debug_config) => {
173 info!("Loaded custom debug policy overlay {path}: {debug_config:?}");
174 return debug_config;
175 }
176 Err(err) => warn!("Failed to load custom debug policy overlay {path}: {err:?}"),
177 };
178 }
179 _ => {
180 match Self::from_host(debug_level) {
181 Ok(debug_config) => {
182 info!("Loaded debug policy from host OS: {debug_config:?}");
183 return debug_config;
184 }
185 Err(err) => warn!("Failed to load debug policy from host OS: {err:?}"),
186 };
187 }
188 }
189
190 info!("Debug policy is disabled");
191 Self {
192 debug_level,
193 debug_policy_log: false,
194 debug_policy_ramdump: false,
195 debug_policy_adb: false,
196 }
197 }
198
199 #[cfg(test)]
200 /// Creates a new DebugConfig with debug level. Only use this for test purpose.
new_with_debug_level(debug_level: DebugLevel) -> Self201 pub(crate) fn new_with_debug_level(debug_level: DebugLevel) -> Self {
202 Self { debug_level, ..Default::default() }
203 }
204
205 /// Get whether console output should be configred for VM to leave console and adb log.
206 /// Caller should create pipe and prepare for receiving VM log with it.
should_prepare_console_output(&self) -> bool207 pub fn should_prepare_console_output(&self) -> bool {
208 self.debug_level != DebugLevel::NONE || self.debug_policy_log || self.debug_policy_adb
209 }
210
211 /// Get whether debug apexes (MICRODROID_REQUIRED_APEXES_DEBUG) are required.
should_include_debug_apexes(&self) -> bool212 pub fn should_include_debug_apexes(&self) -> bool {
213 self.debug_level != DebugLevel::NONE || self.debug_policy_adb
214 }
215
216 /// Decision to support ramdump
is_ramdump_needed(&self) -> bool217 pub fn is_ramdump_needed(&self) -> bool {
218 self.debug_level != DebugLevel::NONE || self.debug_policy_ramdump
219 }
220
from_custom_debug_overlay_policy(debug_level: DebugLevel, path: &Path) -> Result<Self>221 fn from_custom_debug_overlay_policy(debug_level: DebugLevel, path: &Path) -> Result<Self> {
222 let owned_fdt = OwnedFdt::from_overlay_onto_new_fdt(path)?;
223 let fdt = owned_fdt.as_fdt();
224
225 Ok(Self {
226 debug_level,
227 debug_policy_log: get_fdt_prop_bool(fdt, &DP_LOG_PATH)?,
228 debug_policy_ramdump: get_fdt_prop_bool(fdt, &DP_RAMDUMP_PATH)?,
229 debug_policy_adb: get_fdt_prop_bool(fdt, &DP_ADB_PATH)?,
230 })
231 }
232
from_host(debug_level: DebugLevel) -> Result<Self>233 fn from_host(debug_level: DebugLevel) -> Result<Self> {
234 Ok(Self {
235 debug_level,
236 debug_policy_log: get_debug_policy_bool(&DP_LOG_PATH.to_path())?,
237 debug_policy_ramdump: get_debug_policy_bool(&DP_RAMDUMP_PATH.to_path())?,
238 debug_policy_adb: get_debug_policy_bool(&DP_ADB_PATH.to_path())?,
239 })
240 }
241 }
242
243 #[cfg(test)]
244 mod tests {
245 use super::*;
246
247 #[test]
test_read_avf_debug_policy_with_ramdump() -> Result<()>248 fn test_read_avf_debug_policy_with_ramdump() -> Result<()> {
249 let debug_config = DebugConfig::from_custom_debug_overlay_policy(
250 DebugLevel::FULL,
251 "avf_debug_policy_with_ramdump.dtbo".as_ref(),
252 )
253 .unwrap();
254
255 assert_eq!(DebugLevel::FULL, debug_config.debug_level);
256 assert!(!debug_config.debug_policy_log);
257 assert!(debug_config.debug_policy_ramdump);
258 assert!(debug_config.debug_policy_adb);
259
260 Ok(())
261 }
262
263 #[test]
test_read_avf_debug_policy_without_ramdump() -> Result<()>264 fn test_read_avf_debug_policy_without_ramdump() -> Result<()> {
265 let debug_config = DebugConfig::from_custom_debug_overlay_policy(
266 DebugLevel::FULL,
267 "avf_debug_policy_without_ramdump.dtbo".as_ref(),
268 )
269 .unwrap();
270
271 assert_eq!(DebugLevel::FULL, debug_config.debug_level);
272 assert!(!debug_config.debug_policy_log);
273 assert!(!debug_config.debug_policy_ramdump);
274 assert!(debug_config.debug_policy_adb);
275
276 Ok(())
277 }
278
279 #[test]
test_read_avf_debug_policy_with_adb() -> Result<()>280 fn test_read_avf_debug_policy_with_adb() -> Result<()> {
281 let debug_config = DebugConfig::from_custom_debug_overlay_policy(
282 DebugLevel::FULL,
283 "avf_debug_policy_with_adb.dtbo".as_ref(),
284 )
285 .unwrap();
286
287 assert_eq!(DebugLevel::FULL, debug_config.debug_level);
288 assert!(!debug_config.debug_policy_log);
289 assert!(!debug_config.debug_policy_ramdump);
290 assert!(debug_config.debug_policy_adb);
291
292 Ok(())
293 }
294
295 #[test]
test_read_avf_debug_policy_without_adb() -> Result<()>296 fn test_read_avf_debug_policy_without_adb() -> Result<()> {
297 let debug_config = DebugConfig::from_custom_debug_overlay_policy(
298 DebugLevel::FULL,
299 "avf_debug_policy_without_adb.dtbo".as_ref(),
300 )
301 .unwrap();
302
303 assert_eq!(DebugLevel::FULL, debug_config.debug_level);
304 assert!(!debug_config.debug_policy_log);
305 assert!(!debug_config.debug_policy_ramdump);
306 assert!(!debug_config.debug_policy_adb);
307
308 Ok(())
309 }
310
311 #[test]
test_invalid_sysprop_disables_debug_policy() -> Result<()>312 fn test_invalid_sysprop_disables_debug_policy() -> Result<()> {
313 let debug_config = DebugConfig::from_custom_debug_overlay_policy(
314 DebugLevel::NONE,
315 "/a/does/not/exist/path.dtbo".as_ref(),
316 )
317 .unwrap();
318
319 assert_eq!(DebugLevel::NONE, debug_config.debug_level);
320 assert!(!debug_config.debug_policy_log);
321 assert!(!debug_config.debug_policy_ramdump);
322 assert!(!debug_config.debug_policy_adb);
323
324 Ok(())
325 }
326
327 #[test]
test_new_with_debug_level() -> Result<()>328 fn test_new_with_debug_level() -> Result<()> {
329 assert_eq!(
330 DebugConfig::new_with_debug_level(DebugLevel::NONE).debug_level,
331 DebugLevel::NONE
332 );
333 assert_eq!(
334 DebugConfig::new_with_debug_level(DebugLevel::FULL).debug_level,
335 DebugLevel::FULL
336 );
337
338 Ok(())
339 }
340 }
341