| commit | f96cd6557e56347002a9121f172a06cae0eb1d05 | [log] [tgz] |
|---|---|---|
| author | Alan Stokes <alanstokes@google.com> | Tue Sep 07 12:25:38 2021 +0100 |
| committer | Inseob Kim <inseob@google.com> | Thu Sep 09 02:30:43 2021 +0000 |
| tree | ed435e636ab6062aff605c9e494f644cfa487048 | |
| parent | c71b2c18cc35e9299bd8239e88d37ccb35227372 [diff] |
Restrict VM usage to platform_app. Remove access from untrusted apps and instead grant it to platform_app (but on user builds as well as debug). Also restrict any app from creating a vsock_socket; using an already created one is fine. Bug: 193373841 Test: Microdroid demo app now gets a denial Test: Rebuild demo with certifcate: platform, adb install, no denial Change-Id: I7be011e05244767a42d4c56e26de792db4fe599d