| commit | 1cc5eb7ae9c3144b39e21351855397d3b6e46f6e | [log] [tgz] |
|---|---|---|
| author | Pierre-Clément Tosi <ptosi@google.com> | Thu Feb 02 11:09:18 2023 +0000 |
| committer | Pierre-Clément Tosi <ptosi@google.com> | Fri Feb 24 14:18:03 2023 +0000 |
| tree | e4923584aabc9fa6207e420479461618f415b1a3 | |
| parent | 4ba7966f2d40f2efe22553ee5f94af0b187d2fad [diff] |
pvmfw: Support instance.img for storing DICE salt On boot, attempt to read the DICE hidden input (salt) from persistent storage, in order to provide persistence of secrets across reboots of the same kernel/ramdisk images. To ensure that the salt is only re-used with the same preloaded images signed by the same authority, store the other DICE inputs so that they can be verified to match on the next boot. Implement support for parsing GUID Partition Tables (GPT) on top of virtio-blk, to locate, read from, and write to named partitions. Implement support for the instance.img format, defined by the AVF team, and conceptually acting as a filesystem within the GPT partition named "vm-instance", where each stage of the pVM boot process owns an entry (sometimes called a partition), identified through a UUID. As the host is in charge of providing the file backing the virtual disk, the content of the instance.img entry will be encrypted in a following commit. Bug: 262344886 Test: atest MicrodroidHostTests Change-Id: Ic43bb7780b5e106002590f9c97cd900c3ff5e3d9
This repository contains userspace services related to running virtual machines on Android, especially protected virtual machines. See the getting started documentation and Microdroid README for more information.