commit	102067a6462747e2132421286f1bc065d833b766	[log] [tgz]
author	Andrew Scull <ascull@google.com>	Fri Oct 07 00:34:40 2022 +0000
committer	Andrew Scull <ascull@google.com>	Sun Oct 09 10:10:16 2022 +0000
tree	27f37a8a914f4cdb9a6d2da939a2a64e444f1d96
parent	3b80c9b14bd28c06f675f583e8b12693d9063705 [diff]

Remove direct access to the sealing CDI from the payload Change the API from offering the raw sealing CDI to offering VM instance secrets that happend to be derived from the sealing CDI. This makes it harder for the payload to leak its sealing CDI and losing the ability to have secrets in the VM. Bug: 243514248 Test: atest MicrodroidTests Test: atest ComposHostTestCases Change-Id: I0e72dabe7daca4d72a35788412d2ee19a3b446a5

tree: 27f37a8a914f4cdb9a6d2da939a2a64e444f1d96

.prebuilt_info/
apex/
apkdmverity/
authfs/
avmd/
compos/
demo/
docs/
javalib/
launcher/
libs/
microdroid/
microdroid_manager/
pvmfw/
rialto/
tests/
virtualizationservice/
vm/
vmbase/
vmclient/
zipfuse/
rustfmt.toml ⇨ ../../../build/soong/scripts/rustfmt.toml
.clang-format
.gitignore
Android.bp
OWNERS
PREUPLOAD.cfg
README.md
TEST_MAPPING

README.md

Virtualization

This repository contains userspace services related to running virtual machines on Android, especially protected virtual machines. See the getting started documentation and Microdroid README for more information.