| commit | aade427e105341b17d53b637c0d6c63761430942 | [log] [tgz] |
|---|---|---|
| author | Matt Gilbride <mattgilbride@google.com> | Thu Dec 05 13:52:42 2024 +0000 |
| committer | Matt Gilbride <mattgilbride@google.com> | Thu Dec 05 17:57:46 2024 +0000 |
| tree | 3e525cb3201952d5957c53a6435048c48dfd6923 | |
| parent | 73a36c714000825e515f374e0c7709a8dd07e57a [diff] |
Only interact with secretkeeper in updatable VMs Change I893604ce5fc25d3e1c7261afa0de915902154be6 introduced a call to secretkeeper to fetch its public key from v2 of the HAL (if available) as opposed to from the device tree. This is a problem for VMs that run on early boot, when secretkeeper is not yet available. Only attempt to access secretkeeper if an updatable VM is requested, which should only happen in VMs that run when secretkeeper *is* available. Bug: 382376014 Test: atest CompOsDenialHostTest#denyDueToInconsistentFileName Change-Id: I1c27ca5981500dc4ccaa0677ae61d0434b2d7653
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: