| commit | f50811bc9e1324cab2848714afc1adbcb18ebdb1 | [log] [tgz] |
|---|---|---|
| author | Armelle Laine <armellel@google.com> | Thu Jan 23 00:40:04 2025 +0000 |
| committer | Armelle Laine <armellel@google.com> | Mon Feb 10 22:46:57 2025 +0000 |
| tree | 4fa1883f8ed9b1ea6d3a3515f21657d80bafc6fa | |
| parent | b618d0822f0d0ec9fae244d18125f80fb9cf6844 [diff] |
guest: trusty: enable pvmfw-verified pVM for security and test VMs - rules that use unsigned images for x86, signed images for arm64 - system_ext artifacts enabled only on devices enabling `trusty_system_vm` via a soong config variable: - VM payload configuration: support a `placeholder_trusted_hal` soong bool variable allowing to enable placeholder hals on devices that don't support the Trusted HALs (Cuttlefish on x86_64 for example) (placeholder_trusted_hal shall not be enabled in production) - security_vm: update launcher build rules to also support arm64 and define .rc prebuilts to be reused by any device (not just cuttlefish) - test_vm: enable pvmfw-verified pVM by adding image signing rules Bug: 391719387 Bug: 391210895 Test: qemu_trusty_arm64-trunk_staging-userdebug Change-Id: I82dc911e482538e3f22dde6246a64e712bd0f1d0
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: