Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 0c3a2fa57a7b2ef98ebbeb354e98acb2a89d30e4
commit0c3a2fa57a7b2ef98ebbeb354e98acb2a89d30e4[log] [tgz]
authorShikha Panwar <shikhapanwar@google.com>Fri Dec 06 18:38:06 2024 +0000
committerShikha Panwar <shikhapanwar@google.com>Wed Jan 08 11:17:47 2025 +0000
tree078849ad0a7dfcf2d16fd1a1dcf79fbb8330d96a
parent4d74fc0aee7610c6e5c902545f0e61ec97b35bc6 [diff]
VM: Introduce writePayloadRpData/readPayloadRpData

VM payload require an api to allow storing n bytes' data with
confidentialty & tamper evidence integrity guarantees.

Microdroid Manager implements this using the vm_secret module, which
uses the payload's DICE chain to store/get secret from Secretkeeper.

Additionally introduce a test that uses these api.
Test: #rollbackProtectedDataOfPayload
Bug: 378911776

Change-Id: Id39f5c6c626531029bf33ef5d28dc237881e40e6
14 files changed
tree: 078849ad0a7dfcf2d16fd1a1dcf79fbb8330d96a
  1. android/
  2. build/
  3. docs/
  4. guest/
  5. libs/
  6. microfuchsia/
  7. tests/
  8. apexbuild/apex
  9. .clang-format
  10. .gitignore
  11. Android.bp
  12. dice_for_avf_guest.cddl
  13. OWNERS
  14. PREUPLOAD.cfg
  15. README.md
  16. rustfmt.toml
  17. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: