commit | 73ba0d48488aefa126f6d0d4b3687b834e84a959 | [log] [tgz] |
---|---|---|
author | Shikha Panwar <shikhapanwar@google.com> | Wed Mar 20 14:43:21 2024 +0000 |
committer | Shikha Panwar <shikhapanwar@google.com> | Thu Mar 21 16:54:18 2024 +0000 |
tree | cdfceb367e737275f2f33cc3b3119d9e9a117c2c | |
parent | 4f1798a724d411d437f16ca6f55ac9ff3d4f2ec0 [diff] |
pvmfw: Defer rbp checks & instance.img is obsolete If secretkeeper is supported on the device (and therefore DT has the relevant property present), pvmfw can skip the code hash checks, payload will take care of only releasing secrets to upgraded versions of the images using appropriately set Dice Policies. Additionally, make salt in instance.img obsolete. It should instead be derived from instance_id in DT. The consequence of above 2 is that instance.img will no longer be needed by pvmfw. As far as `new_instance` is concerned, if instance.img is present (because Sk is not supported on device), instance img can still be used to determine it. But if Sk is supported on devices (defer_rpb is set) new_instance can no more determined, let it be false. Microdroid manager will check if the get_secret() returns EntryNotFound Error & that would indicate that this is indeed the first run of the instance. Test: Inspect instance.img does not contain the pvmfw partition. Test: Run a Microdroid instance, save its instance data (instance_id & all). Rebuild Microdroid with higher rollback_index & flash the apex. Re-run the instance, it succeeds. Again Rebuild Microdroid will lower rollback_index & repeat. Check that the VM fails to boot with DicePolicy error. Also inspect the sealing_policy. Bug: 291213394 Change-Id: Iebfcdd5d89513b8f24c937b2f2cd9a298d01b74d
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: