Set user root for trusty security VM Bug: 431822422 Test: build and run qemu_trusty_arm64-trunk_staging-userdebug target Flag: EXEMPT only used in qemu Change-Id: I2b22fac92ea82ba2541147e0b5afe3eebb803d33

commit: abb32d5585145c94008f9fc28a0ef8bb4a00f641 [log] [tgz]
author: Armelle Laine <armellel@google.com> Mon Aug 25 22:55:49 2025 +0000
committer: Armelle Laine <armellel@google.com> Fri Aug 29 10:35:37 2025 +0000
tree: 02b371da4b36a703b478c2df7a316d1993db7daf
parent: 88f420b687babfaa3dd6cf5bd1bd0c71d207da8d [diff]
diff --git a/guest/trusty/security_vm/launcher/security_vm_launcher-arm64.rc b/guest/trusty/security_vm/launcher/security_vm_launcher-arm64.rc
index 28a7493..ae15750 100644
--- a/guest/trusty/security_vm/launcher/security_vm_launcher-arm64.rc
+++ b/guest/trusty/security_vm/launcher/security_vm_launcher-arm64.rc

@@ -7,7 +7,8 @@
 --protected \
 --allow-ffa
     disabled
-    user system
+    # TODO(b/404820976): revert to `user system` when LSM hook solution is available
+    user root
     group system virtualmachine
     capabilities IPC_LOCK NET_BIND_SERVICE SYS_RESOURCE SYS_NICE IPC_OWNER
     stdio_to_kmsg
commit	abb32d5585145c94008f9fc28a0ef8bb4a00f641	[log] [tgz]
author	Armelle Laine <armellel@google.com>	Mon Aug 25 22:55:49 2025 +0000
committer	Armelle Laine <armellel@google.com>	Fri Aug 29 10:35:37 2025 +0000
tree	02b371da4b36a703b478c2df7a316d1993db7daf
parent	88f420b687babfaa3dd6cf5bd1bd0c71d207da8d [diff]