| commit | bb6570176400d746b70e7ead4585c3fc48e806ab | [log] [tgz] |
|---|---|---|
| author | Pierre-Clément Tosi <ptosi@google.com> | Thu Nov 28 22:06:32 2024 +0000 |
| committer | Pierre-Clément Tosi <ptosi@google.com> | Mon Dec 02 16:25:30 2024 +0000 |
| tree | 7d00dcd4c249cb4fe8f61d0718e61e81c0d99689 | |
| parent | 0b02a2bda474950dcf644c8c5e179f02d4d86747 [diff] |
vmbase: Fix undetected EH stack overflows
If pvmfw receives a payload, it maps the region potentially containing
it (from ALIGN(bin_end, 4096) to ORIGIN(image) + LENGTH(image)) with
read-write permissions, meaning that the EH stack could overflow into it
and go undetected.
Address this by reserving a page of the writable_data region as guard
page instead and move the EH stack appropriately. Alternatively, we
could have "reserved" the last page of the image but this risks causing
unexpected issues when we say that the region available to the loader is
2 MiB but then unexpectedly crop it by one page.
Similar to the .stack, give the guard page its own section for clarity.
Bug: 381440625
Test: m {pvmfw,rialto,vmbase_example_{bios,kernel}}_bin
Change-Id: I17c32d5f8b5fae4fb7af325c05de3c08047922c1
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: