Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / df3037fc6be0ae065b86581029fc0b56e605d2be
commitdf3037fc6be0ae065b86581029fc0b56e605d2be[log] [tgz]
authorPierre-Clément Tosi <ptosi@google.com>Mon Jan 22 15:41:43 2024 +0000
committerPierre-Clément Tosi <ptosi@google.com>Tue Feb 06 10:25:40 2024 +0000
treece4dfba60cf8ae6451399916c4a2a8623fa4de12
parent42613e600e6074d5a4eee17fbeed35670967c10f [diff]
libfdt: Make ref casts & transmutes less unsafe

Use (safe) zerocopy::transmute! to transmute [u32; _] into [u8; _].

Implement FdtNodeMut::parent() with FdtNode::parent(), removing an
unsafe call to the C FFI fdt_parent_offset().

Give the compiler more information about Fdt::unchecked_from*_slice()
by casting the reference, instead of transmuting its bytes (which are
not the bytes of the type referred to!). The code remains unsafe
(because we're dereferencing a raw pointer) but is already more robust.

Rework the safety comments accordingly.

Clearly distinguish the fdt_property-to-FdtPropertyStruct ref cast from
the (*const)->& cast where the former is safe (thanks to 'transparent')
while the latter is only safe if we blindly trust C (this assumption
will be removed by a future patch).

Test: m pvmfw
Test: atest liblibfdt.integration_test
Change-Id: I42785d2f5ae2dde2163d571869b36a480406cdd9
2 files changed
tree: ce4dfba60cf8ae6451399916c4a2a8623fa4de12
  1. apex/
  2. apkdmverity/
  3. authfs/
  4. compos/
  5. demo/
  6. demo_native/
  7. docs/
  8. encryptedstore/
  9. javalib/
  10. launcher/
  11. libs/
  12. microdroid/
  13. microdroid_manager/
  14. pvmfw/
  15. rialto/
  16. service_vm/
  17. tests/
  18. virtualizationmanager/
  19. virtualizationservice/
  20. vm/
  21. vm_payload/
  22. vmbase/
  23. vmclient/
  24. zipfuse/
  25. .clang-format
  26. .gitignore
  27. Android.bp
  28. OWNERS
  29. PREUPLOAD.cfg
  30. README.md
  31. rustfmt.toml
  32. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: