Google Git
Sign in
android / platform / packages / modules / Virtualization / 29e15c83d1cbfe0db7c5c2e7dacfbc2bb53f6b84
commit29e15c83d1cbfe0db7c5c2e7dacfbc2bb53f6b84[log] [tgz]
authorNikita Ioffe <ioffe@google.com>Sat Feb 25 02:31:51 2023 +0000
committerNikita Ioffe <ioffe@google.com>Mon Feb 27 17:47:05 2023 +0000
tree136ad3ad2de56585e4b19219a92d11130690f90e
parenta12763c7e2c7cbcff00242e02726b5ce3c3c65a5 [diff]
Mount /data with MS_NOEXEC

We want to ensure that W^X is guaranteed for Microdroid VMs. This change
doesn't guarantee that W^X is enforced for FULL_DEBUG VMs, as a user can
enable adb root, and remount the /data without MS_NOEXEC flag.

This is intended, as it allows developers to debug & get familiar with
the Microdroid execution environment.

This is an attempt at relanding aosp/I622e3d95d9d8fd6d26bfb690499acf7208ca4d52

Bug: 265261525
Test: atest MicrodroidTestApp
Change-Id: Id826bd46f6fcf2ed1cf64710cfa057ffe7036ef8
7 files changed
tree: 136ad3ad2de56585e4b19219a92d11130690f90e
  1. apex/
  2. apkdmverity/
  3. authfs/
  4. avmd/
  5. compos/
  6. demo/
  7. docs/
  8. encryptedstore/
  9. javalib/
  10. launcher/
  11. libs/
  12. microdroid/
  13. microdroid_manager/
  14. pvmfw/
  15. rialto/
  16. tests/
  17. virtualizationmanager/
  18. virtualizationservice/
  19. vm/
  20. vm_payload/
  21. vmbase/
  22. vmclient/
  23. zipfuse/
  24. rustfmt.toml ⇨ ../../../build/soong/scripts/rustfmt.toml
  25. .clang-format
  26. .gitignore
  27. Android.bp
  28. OWNERS
  29. PREUPLOAD.cfg
  30. README.md
  31. TEST_MAPPING
README.md

Virtualization

This repository contains userspace services related to running virtual machines on Android, especially protected virtual machines. See the getting started documentation and Microdroid README for more information.