The AVMD image format is used to descibe the verified code that a VM will load. This repository contains tools and libraries for working with the AVMD image format.
When a VM boots, it loads and verifies a set of images that control execution within the VM. Therefore, describing what executes in a VM means describing what is loaded. The AVMD image format is designed, for this purpose, to describe the closure of images that can be loaded and how they should be verified.
The AVMD image format will only allow Android supported signing formats. The supported formats are currently limited to AVB and APK.
Verification of the images as they are loaded is the responsibility of the VM. The VM is required to only load the images described and to verify them against the included parameters. If the VM does not follow this requirement, the description of the VM may not be accurate and must not be trusted. Validating that the VM behaves as expected requires audit of all boot stages of the VM.
The .avmd file can be created as follows
avmdtool create /tmp/out.avmd \ --vbmeta pvmfw preload u-boot.bin \ --vbmeta uboot env_vbmeta disk1/vbmeta.imb \ --vbmeta uboot vbmeta micordoid/vbmeta.img \ --apk microdroid payload compos.apk \ --apk microdroid extra_apk extra_apk.apk \ --apex-payload microdroid art_apex art.apex
You can read the .avmd file with
avmdtool dump /tmp/out.avmd