Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / de40e641be35687fb94fbb47a06468b8b8d80e46
commitde40e641be35687fb94fbb47a06468b8b8d80e46[log] [tgz]
authorAlan Stokes <alanstokes@google.com>Tue Jun 04 13:36:05 2024 +0100
committerAlan Stokes <alanstokes@google.com>Tue Jun 04 14:44:22 2024 +0100
treee9f52369d00fb74e006ff7cbf49b007b8cf5c761
parent55e57b98cdb27d292b80a07a5881a8b46f0ee8c4 [diff]
Only delete owned VM IDs

When a VM is deleted, only delete its secret from Secretkeeper (and
our tracking DB) if we believe it is owned by the caller.

This is intended to handle the VM transfer case - on transfer we mark
the recipient as owner, and we want them to retain access until they
delete the VM. The previous owner is encouraged to delete their copy
immediately, which shouldn't invalidate the secret.

Modify our e2e test for VM transfer to do the deletion after transfer
and before starting the VM, so we are exercising the expected use
case. This test then fails, as expected, without the code chage and
passed with it.

Bug: 340563554
Test: atest com.android.microdroid.test.MicrodroidTests#testShareVmWithAnotherApp
Change-Id: I1929a1a3e2f92343629f15893a3a68f51d244afc
6 files changed
tree: e9f52369d00fb74e006ff7cbf49b007b8cf5c761
  1. apex/
  2. apkdmverity/
  3. authfs/
  4. compos/
  5. demo/
  6. demo_native/
  7. docs/
  8. encryptedstore/
  9. flags/
  10. java/
  11. launcher/
  12. libs/
  13. microdroid/
  14. microdroid_manager/
  15. pvmfw/
  16. rialto/
  17. service_vm/
  18. tests/
  19. virtualizationmanager/
  20. virtualizationservice/
  21. vm/
  22. vm_payload/
  23. vmbase/
  24. vmclient/
  25. vmlauncher_app/
  26. zipfuse/
  27. .clang-format
  28. .gitignore
  29. Android.bp
  30. avf_flags.aconfig
  31. OWNERS
  32. PREUPLOAD.cfg
  33. README.md
  34. rustfmt.toml
  35. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: