Google Git
Sign in
android / platform / packages / modules / Virtualization / 7672f6148
commit7672f61483ba64315c7f0530c4dbebb46a58f462[log] [tgz]
author[AShikha Panwar <shikhapanwar@google.com>Thu Aug 28 14:13:17 2025 +0000
committer[AShikha Panwar <shikhapanwar@google.com>Fri Aug 29 11:15:02 2025 +0000
treeb03a466e6c45a08c15cb8b38393450ac1830483d
parent694470b75c4a0cc6e66255e4a98f9f529482862d [diff]
Tenant APK: Validate apks against TenancyConfig

MM should ensure that the tenant apks presented by Android are a subset
of those present in TenancyConfig - which is a signed declaration of
tenancy & part of DICE based secret derivation in VM. This ensures
Android is not able to plug arbitrary tenant packages into the VM.

Test: MicrodroidTests.tenantApk
Bug: 429639517
Flag: build.RELEASE_AVF_ENABLE_ADVANCE_MULTITENANCY
Change-Id: Id1480bcc146b1e6be4130bc7fbeba85b9671281c
3 files changed
tree: b03a466e6c45a08c15cb8b38393450ac1830483d
  1. android/
  2. build/
  3. docs/
  4. guest/
  5. libs/
  6. microfuchsia/
  7. tests/
  8. apexbuild/apex
  9. .clang-format
  10. .gitignore
  11. Android.bp
  12. dice_for_avf_guest.cddl
  13. NOTICE
  14. OWNERS
  15. PREUPLOAD.cfg
  16. README.md
  17. rustfmt.toml
  18. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: