| commit | 8f12f2b7aa3bec1132ade6146a548991830bd111 | [log] [tgz] |
|---|---|---|
| author | Alan Stokes <alanstokes@google.com> | Mon Jan 09 09:19:20 2023 +0000 |
| committer | Alan Stokes <alanstokes@google.com> | Mon Jan 09 16:57:42 2023 +0000 |
| tree | a0cf5cf42f5c6eb58f3b448e2e52d02744dbe05a | |
| parent | 5d786d39273a9971a0b46ec28e438f7a0a2b537b [diff] |
Only accept binary name not path I think we've discussed this a couple of times, although I can't now find a link. There's really no reason to specify a path, it's complicated to describe, and it might open up weird path traversal attacks,so disallow it. Rename setPayloadBinaryPath to setPayloadBinaryName to reflect this (and rename lots of other things to match). Add a check that it isn't a path, and a test for that (and fix some other tests that were breaking the new rule). Also expand on the Javadoc around ABI & 32/64-bit. Also add a check inside VS (because checks in the payload code can be bypassed), and a host test for that. Note that a VM created with a config file can still specify a path inside the config file; CompOS relies on that to run code from its APEX. Bug: 261037705 Test: atest MicrodroidTests MicrodroidHostTests Change-Id: Ie59b9c81d13a7a3e4ec62cf874d43bfaf6163431
This repository contains userspace services related to running virtual machines on Android, especially protected virtual machines. See the getting started documentation and Microdroid README for more information.