| commit | a2228b9dc74de3cf49ea90cf83caa4fac2beb82d | [log] [tgz] |
|---|---|---|
| author | Alice Wang <aliceywang@google.com> | Fri Jul 26 08:38:47 2024 +0000 |
| committer | Alice Wang <aliceywang@google.com> | Fri Jul 26 12:09:06 2024 +0000 |
| tree | 890b2e4e235a138fdfda8b6d387e91776f84286d | |
| parent | 2c21244118ab359bbb37279f2519469c79deeb66 [diff] |
[rkpvm] Decide whether VM is protected using FDT property It is not reliable to use MMIO support to decide whether rialto is running in protected mode or not, as certain hypervisors support protected VMs but do not implement MMIO. This cl replaces this check with an FDT property check. The property is only set in pvmfw. We note that this check is only relevant for testing. In production environments, rialto always operates in protected mode, rendering it inconsequential if a malicious host attempts to manipulate the DT by inserting this property. Bug: 353758405 Test: atest rialto_test Change-Id: Ic33be0fe1fcd1791515d50e31329d7cb9e873107
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: