| commit | 64aff648626f6022f21b169610e6b7ac213bce61 | [log] [tgz] |
|---|---|---|
| author | Pierre-Clément Tosi <ptosi@google.com> | Wed Jul 31 16:20:21 2024 +0100 |
| committer | Pierre-Clément Tosi <ptosi@google.com> | Wed Jul 31 17:27:42 2024 +0100 |
| tree | 83f8d52011ac0920125bf7e36c7cb2a33fc447d9 | |
| parent | 273f20667eb4cd9b9952bffee0a313b5c51a928d [diff] |
pvmfw: Leave UART shared for debuggable pVMs When the payload is debuggable (detected through its VBMeta), pvmfw allows any cmdline argument to be passed to the guest kernel. For Linux, this means the host could enable earlycon through the 16550-inspired UARTs. However, as the Microdroid kernel does not support MMIO_GUARD for earlycon, this would not work (possibly resulting in a guest kernel panic due to the unhandled injected exception? TBD). To support this use-case, make pvmfw leave the UART mapped for the next stage if it detects that the payload is debuggable (should not be used in production & reflected in the payload's DICE chain). Note that debuggable payloads that already support sharing the UART (which, from the perspective of the hypervisor, would now be sharing it "twice") should not break as the HVC still succeeds when called on already guarded MMIO pages. Test: m pvmfw Bug: 356622725 Change-Id: I3f8cc3317142ec55d2c864bd658d42fa2c0ae345
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: