| commit | 49e26ce9bd6240263329d963cb1992897c8c0262 | [log] [tgz] |
|---|---|---|
| author | Pierre-Clément Tosi <ptosi@google.com> | Tue Mar 12 16:31:50 2024 +0000 |
| committer | Pierre-Clément Tosi <ptosi@google.com> | Thu Mar 14 10:23:51 2024 +0000 |
| tree | 0c9d5756eafe678f9e5e7ece86628e6f7abbfaef | |
| parent | 8b78bc3ad9514f8508146d9c7cfe810d2475eb03 [diff] |
pvmfw: Detect pvmfw overlap before REQUEST_MMIO As pKVM maps (stage-2) any MMIO region that pvmfw passes in the REQUEST_MMIO HVC, a malicious host could set up VFIO+KVM to map physical pages of MMIO in pvmfw's address space. As long as pvmfw hasn't (yet) touched those pages, they will be mapped by the hyp and then accessed unintentionally by pvmfw in place of the expected memory pages (e.g. for .text, .rodata, the appended config data, the stack, the payload, ...). Bug: 316862665 Test: atest libpvmfw.device_assignment.test Change-Id: I1dd2c16f3e5e407b14bfbf8b8481b43fbb059d1f
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: