Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 6b17832b6fbd3f399f3258d25c81ce2f899c49b8
commit6b17832b6fbd3f399f3258d25c81ce2f899c49b8[log] [tgz]
authorShikha Panwar <shikhapanwar@google.com>Sat Dec 23 00:05:17 2023 +0000
committerShikha Panwar <shikhapanwar@google.com>Wed Jan 10 16:49:43 2024 +0000
treeef9a89940cc5a31a1e67214a3fcc38b777c3fdcb
parent0ebd67e991dec5ad93f860baea7805a7dec4f6c6 [diff]
VmSecret::V2 use OwnedDiceArtifactsWithExplicitKey

Convert the owned_artifacts to owned_artifacts_with_explicit_key ones
for V2 secrets. This is needed because Dice policies are set on
ExplicitKey format only.  Additionally, AuthgraphKeyExchange protocol
accepts dice chain in this format only.

Also, create the sealing_policy from the dice chain. We put constraints
on AUTHORITY_HASH, KEY_MODE and SECURITY_VERSION fields. See
sealing_policy() method. The resulting policy is not yet used, but will
be needed for performing SecretManagement operations using real
identity.

Bug: 298217847
Test: MicrodroidTests#encryptedStorageIsPersistent
Test: Build
Change-Id: I15e1f1155bd2aa9969d7770bc3825ecd719e23b1
3 files changed
tree: ef9a89940cc5a31a1e67214a3fcc38b777c3fdcb
  1. apex/
  2. apkdmverity/
  3. authfs/
  4. compos/
  5. demo/
  6. demo_native/
  7. docs/
  8. encryptedstore/
  9. javalib/
  10. launcher/
  11. libs/
  12. microdroid/
  13. microdroid_manager/
  14. pvmfw/
  15. rialto/
  16. service_vm/
  17. tests/
  18. virtualizationmanager/
  19. virtualizationservice/
  20. vm/
  21. vm_payload/
  22. vmbase/
  23. vmclient/
  24. zipfuse/
  25. .clang-format
  26. .gitignore
  27. Android.bp
  28. OWNERS
  29. PREUPLOAD.cfg
  30. README.md
  31. rustfmt.toml
  32. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: