Google Git
Sign in
android / platform / packages / modules / Virtualization / fed743783
commitfed7437831b756893a6987d02a59b0083b89faac[log] [tgz]
authorAlice Wang <aliceywang@google.com>Wed Jul 16 12:02:45 2025 +0000
committerAlice Wang <aliceywang@google.com>Wed Jul 16 12:12:42 2025 +0000
treedb0960ab44100ebe9dc56d21837ee7cc53ce598b
parentf323fa5cb019c3ff019f28ebc8c77988e1fb78e9 [diff]
virtmgr: Allow vsock connections to Trusty VM ports

Trusty VM uses services on vsock ports within the 2-20 range. The
existing security policy in virtmgr blocks all connections to
privileged ports (below 1024), which prevents communication with
these Trusty services.

This change introduces a specific exception to permit vsock
connections to the port range required by Trusty (2-20), while
continuing to block other privileged ports.

Bug: 427392420
Test: Launch Trusty with KeyMint in VM on qemu
Flag: EXEMPT this change only affects Trusty qemu
Change-Id: I8190d704e42360b57220d9382a47c87f4f9ed41f
1 file changed
tree: db0960ab44100ebe9dc56d21837ee7cc53ce598b
  1. android/
  2. build/
  3. docs/
  4. guest/
  5. libs/
  6. microfuchsia/
  7. tests/
  8. apexbuild/apex
  9. .clang-format
  10. .gitignore
  11. Android.bp
  12. dice_for_avf_guest.cddl
  13. OWNERS
  14. PREUPLOAD.cfg
  15. README.md
  16. rustfmt.toml
  17. TEST_MAPPING
README.md

Android Virtualization Framework (AVF)

Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.

Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.

If you want a quick start, see the getting started guideline and follow the steps there.

For in-depth explanations about individual topics and components, visit the following links.

AVF components:

AVF APIs:

How-Tos: