[attestation] Validate vendor module loaded by client VM in RKP VM

This cl added the following tasks to the RKP VM:

- Parses a client VM DICE chain containing an additional vendor
module entry.
- Validates the code hash in the vendor module DICE entry against
the code hash read from the device tree.

The cl also adds a CTS test that triggers the VM attestation from
a VM with vendor module.

Bug: 330678211
Test: atest MicrodroidTests
Change-Id: Id56c6edd8baa32bae6a8ad7b5bca7b18ce167022
8 files changed
tree: 8745eb9a179ff628a90314707482d4892b841ee4
  1. apex/
  2. apkdmverity/
  3. authfs/
  4. compos/
  5. demo/
  6. demo_native/
  7. docs/
  8. encryptedstore/
  9. flags/
  10. java/
  11. launcher/
  12. libs/
  13. microdroid/
  14. microdroid_manager/
  15. pvmfw/
  16. rialto/
  17. service_vm/
  18. tests/
  19. virtualizationmanager/
  20. virtualizationservice/
  21. vm/
  22. vm_payload/
  23. vmbase/
  24. vmclient/
  25. vmlauncher_app/
  26. zipfuse/
  27. .clang-format
  28. .gitignore
  29. Android.bp
  30. avf_flags.aconfig
  31. OWNERS
  32. PREUPLOAD.cfg
  33. README.md
  34. rustfmt.toml
  35. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: