Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 8edf72eafa4b1f4aa5c726a0573b6c2e18b49543
commit8edf72eafa4b1f4aa5c726a0573b6c2e18b49543[log] [tgz]
authorPierre-Clément Tosi <ptosi@google.com>Tue Dec 06 16:02:57 2022 +0000
committerPierre-Clément Tosi <ptosi@google.com>Thu Dec 08 16:29:12 2022 +0000
tree338cb1bf33c84467294ba691851ff9c4a1b43a28
parentdb14ada78bdfceac6f1a566815881d04c5f760c3 [diff]
pvmfw: Validate input BCC handover

Ensure that the BCC contained in the configuration data is properly
formatted as a "BCC Handover" [1] i.e. a CBOR-encoded map

    BccHandover = {
      1 : bstr .size 32,     ; CDI_Attest
      2 : bstr .size 32,     ; CDI_Seal
      3 : Bcc,               ; Certificate chain
    }

If not, abort the pVM boot.

[1]: https://pigweed.googlesource.com/open-dice/+/72ad792c4d9ffffef3412801b5da46568a6b3197/src/android/bcc.c#260

Bug: 256827715
Test: atest MicrodroidHostTests
Change-Id: Ibade0ebd1e50d912a59b32c1282022aa46235501
5 files changed
tree: 338cb1bf33c84467294ba691851ff9c4a1b43a28
  1. apex/
  2. apkdmverity/
  3. authfs/
  4. avmd/
  5. compos/
  6. demo/
  7. docs/
  8. encryptedstore/
  9. javalib/
  10. launcher/
  11. libs/
  12. microdroid/
  13. microdroid_manager/
  14. pvmfw/
  15. rialto/
  16. tests/
  17. virtualizationservice/
  18. vm/
  19. vm_payload/
  20. vmbase/
  21. vmclient/
  22. zipfuse/
  23. rustfmt.toml ⇨ ../../../build/soong/scripts/rustfmt.toml
  24. .clang-format
  25. .gitignore
  26. Android.bp
  27. OWNERS
  28. PREUPLOAD.cfg
  29. README.md
  30. TEST_MAPPING
README.md

Virtualization

This repository contains userspace services related to running virtual machines on Android, especially protected virtual machines. See the getting started documentation and Microdroid README for more information.