Google Git
Sign in
android / platform / packages / modules / Virtualization / 15671bfe5
commit15671bfe5712c14fe807b8a0ad1a141e6d34977f[log] [tgz]
authorGil Cukierman <cukie@google.com>Fri Jul 11 15:52:27 2025 +0000
committerGil Cukierman <cukie@google.com>Fri Jul 11 16:56:58 2025 +0000
tree3bb7e7997b585f75d9260b2ef39b35a0af18f9de
parent2cc0d971c33876185c2c02c6592aa6f4c63a3624 [diff]
Allow trusty test vms to use FF-A

We set `--tee-services` as an arg to vm run directly because it is not
exposed as a json config parameter. To use `guest_ffa_tee_service` the
launching process must:

1. Have CAP_IPC_OWNER
2. Be granted permissions to use guest_ffa_tee_service in selinux

Our tests satisfy both of these conditions by nature of running with adb
root, which has all capabilities and runs under a permissive selinux
domain (su).

Bug: 430636671
Test: atest VtsSeeHalTargetTest \
	# on qemu_trusty_arm64-trunk_staging-userdebug \
	# Logs show that crosvm successfully starts a vm \
	# with --ffa=auto
Flag: EXEMPT only runs on qemu

Change-Id: Ibde77ae4c56ed1d6492b4388a00c7e8feb36e879
2 files changed
tree: 3bb7e7997b585f75d9260b2ef39b35a0af18f9de
  1. android/
  2. build/
  3. docs/
  4. guest/
  5. libs/
  6. microfuchsia/
  7. tests/
  8. apexbuild/apex
  9. .clang-format
  10. .gitignore
  11. Android.bp
  12. dice_for_avf_guest.cddl
  13. OWNERS
  14. PREUPLOAD.cfg
  15. README.md
  16. rustfmt.toml
  17. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: