| commit | c9edf0f007a5746e768af238b4fc43a7c3999cb3 | [log] [tgz] |
|---|---|---|
| author | Pierre-Clément Tosi <ptosi@google.com> | Thu Feb 06 17:47:25 2025 +0000 |
| committer | Pierre-Clément Tosi <ptosi@google.com> | Thu Feb 06 18:07:48 2025 +0000 |
| tree | 42223c6e9013b80ffeb29b870c61f350d41eb4cf | |
| parent | 4ae4da492030b9384e6f14d7d18eff6b6b93a34e [diff] |
pvmfw: Also check alignments against hyp page size Validate that the virtual platform isn't configured in such a way that would present the risk to a guest kernel with a (stage-1) page size smaller than the stage-2 page size used by the hypervisor of inadvertently sharing more than it expects by (wrongly) aligning against its own page size. This works by checking the alignment of - main memory: ensures that MMIO_GUARD_MAP will never map normal memory - swiotlb: ensures that MEM_SHARE will never share private memory Bug: 393095315 Test: m pvmfw Change-Id: I8c46ad0ce6a10baf556ab6eac64e6c9708938a08
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: