commit | cf2158573046ecf9f72064de149fbb2c14e9a5fb | [log] [tgz] |
---|---|---|
author | Pierre-Clément Tosi <ptosi@google.com> | Tue Jul 11 13:33:14 2023 +0000 |
committer | Pierre-Clément Tosi <ptosi@google.com> | Wed Jul 12 10:39:26 2023 +0000 |
tree | 4796cb8b4d0d019d8bae41a588585b6f46a34316 | |
parent | 15ae4a5efb2040ef883725154273ae2acd205b95 [diff] |
libhyp: Detect non-protected through MMIO_GUARD To distinguish between protected and non-protected, we issue a MEM_SHARE HVC assuming that it is only supported in pVMs. This works for Android kernels based on 5.10 but breaks in 5.15 and 6.1 because the kernel now supports the HVC, even for non-protected VMs. Instead, rely on a similar HVC for MMIO_GUARD, assumed to never be supported for non-protected VMs. Bug: 290380929 Test: atest rialto_test # On a device running 5.15 Change-Id: Ia4dc9e72025a34cbc4edfdf3f0acd4e78f3f3bd0
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
How-Tos: