| commit | 13748d239e930e06fa2214cec9daaf6add8e6ff3 | [log] [tgz] |
|---|---|---|
| author | Nikita Ioffe <ioffe@google.com> | Wed Oct 23 15:10:39 2024 +0000 |
| committer | Nikita Ioffe <ioffe@google.com> | Tue Nov 12 01:40:16 2024 +0000 |
| tree | 05bfce54b053e92876b98ed079c4e3874b977b91 | |
| parent | 6952187883e54296ab8a30d422d59b922ae5b16b [diff] |
Implement permission check for VMs that request tee_services
VM can request to access SMC services via new tee_services field in
RawConfig and AppConfig.
The policy on what VMs can access what SMC services is defined in the
sepolicy by specifying allow rules for the processes that starts VMs
("VM owner" processes), e.g.:
```
allow shell test_pkvm_tee_service:tee_service use;
```
The virtmngr will use getprevcon to get the secontext of the VM owner,
and then use libselinux to lookup the mapping from the tee_services
to selinux labels. It then will use selinux_check_permission to check if
the VM owner is allowed the access.
Bug: 360102915
Test: atest MicrodroidTests
Test: AVF presubmit
Test: atest virtualizationmanager_device_test
Test: adb shell /apex/com.android.virt/bin/vm run-microdroid \
--protected \
--tee-services test_pkvm_tee_service
Change-Id: I4a94df5b897cd6a256d0958c73f57afa3d911b4f
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: