Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 4e3015daaefaac4adbc7b1b2c0d02e3a1556e79c
commit4e3015daaefaac4adbc7b1b2c0d02e3a1556e79c[log] [tgz]
authorAlice Wang <aliceywang@google.com>Tue Oct 10 09:35:37 2023 +0000
committerAlice Wang <aliceywang@google.com>Wed Nov 08 08:54:39 2023 +0000
tree4a0859e91c9f4c361851b1cea2484cdbb3b65bea
parent180a7c2907687029b85144a2b34a0860a5495815 [diff]
[client-vm] Build client VM CSR and sign the CSR with two keys

This cl builds the CSR that a client VM sends to the RKP VM for
remote attestation and adjusted the API accordingly as discussed
in the doc go/pvm-remote-attestation

The CSR payload is signed with both the CDI_Leaf_Priv of the
client VM's DICE chain and the attestation key. RKP VM should
verify the signature later with the CDI_Leaf_Pub extracted
from the same DICE chain in the CSR and the attestation public
key.

The new unit tests are added to config at cl/577763874.

Bug: 303807447
Test: run ServiceVmClientTestApp
Test: atest libservice_vm_comm.test
Test: atest microdroid_manager_test
Change-Id: Ic2c09e7339d9981edda028e2694fa551c911a274
23 files changed
tree: 4a0859e91c9f4c361851b1cea2484cdbb3b65bea
  1. apex/
  2. apkdmverity/
  3. authfs/
  4. compos/
  5. demo/
  6. demo_native/
  7. docs/
  8. encryptedstore/
  9. javalib/
  10. launcher/
  11. libs/
  12. microdroid/
  13. microdroid_manager/
  14. pvmfw/
  15. rialto/
  16. secretkeeper/
  17. service_vm/
  18. tests/
  19. virtualizationmanager/
  20. virtualizationservice/
  21. vm/
  22. vm_payload/
  23. vmbase/
  24. vmclient/
  25. zipfuse/
  26. .clang-format
  27. .gitignore
  28. Android.bp
  29. OWNERS
  30. PREUPLOAD.cfg
  31. README.md
  32. rustfmt.toml
  33. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: