Snippets Groups Projects

Forked from LMODroid / platform_packages_modules_Virtualization

276 commits behind the upstream repository.

pvmfw: Zero all scratch memory before guest runs

Pierre-Clément Tosi authored 1 year ago

Zero any memory that could still hold secrets before executing the guest
OS, to reduce as much as possible the risk of leaking them.

Note that this only covers memory that can't be zeroed from high-level
compiled code (i.e. the .bss and .data sections and stack regions) and
doesn't zero the received configuration data, which contains the
BccHandover holding the secret CDIs as that is (and must still be)
zeroed from Rust.

Furthermore, no other region is flushed so data such as the DT or BCC
that must be made available to the guest OS (even if it doesn't
immediately re-enable the MMU) should still be flushed from Rust.

Remove unnecessary ISB in jump_to_payload().

Bug: 270684188
Test: atest MicrodroidHostTests
Change-Id: I8e923a468d1826c00ce1d0b07e1a91f5d2909f99
Merged-In: I8e923a468d1826c00ce1d0b07e1a91f5d2909f99

68533613

68533613 1 year ago

Name	Last commit	Last update
apex
apkdmverity
authfs
compos
demo
docs
encryptedstore
javalib
launcher
libs
microdroid
microdroid_manager
pvmfw
rialto
tests
virtualizationmanager
virtualizationservice
vm
vm_payload
vmbase
vmclient
zipfuse
.clang-format
.gitignore
Android.bp
OWNERS
PREUPLOAD.cfg
README.md
TEST_MAPPING
rustfmt.toml

Virtualization

This repository contains userspace services related to running virtual machines on Android, especially protected virtual machines. See the getting started documentation and Microdroid README for more information.