pa-fazil
/
android_packages_modules_Virtualization
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
android_packages_modules_Vi.../microdroid/payload
History
Jooyung Han 6afd667daf Test: Protected VM fails if images are signed by unknown 
Arrange:
- prepare VM images signed with a test key
Act:
- start a protected VM
Assert:
- a boot process fails due to pubkey mismatch between pvmfw and
  bootloader

Bug: 218934597
Test: atest MicrodroidHostTestCases
Change-Id: I05755ddf32839ef531ca9a11b2939bbc251ff1fb
 		2022-02-22 16:59:29 +09:00
..
config Add a parameter for extra apks to payload config 2021-11-19 19:11:50 +09:00
include/microdroid Rename "signature" to "metadata" 2021-06-09 10:53:54 +09:00
metadata Rename payload metadata partition 2021-07-06 20:48:38 +09:00
Android.bp Clean up READMEs and remove unused target. 2021-08-16 12:19:16 +00:00
README.md Clean up READMEs and remove unused target. 2021-08-16 12:19:16 +00:00
metadata.cc Rename "signature" to "metadata" 2021-06-09 10:53:54 +09:00
metadata.proto Pass isFactory bit from host to Microdroid via payload metadata 2022-01-27 01:17:25 +09:00
mk_payload.cc Test: Protected VM fails if images are signed by unknown 2022-02-22 16:59:29 +09:00

README.md

Microdroid Payload

Payload disk is a composite disk image referencing host APEXes and an APK so that microdroid mounts/activates APK/APEXes and executes a binary within the APK.

Payload disk is created by VirtualizationService Service when starting a VM.

Partitions

Payload disk has 1 + N(number of APEX/APK payloads) partitions.

The first partition is a "payload-metadata" partition which describes other partitions. And APEXes and an APK are following as separate partitions.

For now, the order of partitions are important.

  • partition 1: Metadata partition
  • partition 2 ~ n: APEX payloads
  • partition n+1, n+2: APK payload and its idsig

It's subject to change in the future, though.

Metadata partition

Metadata partition provides description of the other partitions and the location for VM payload configuration.

The partition is a protobuf message prefixed with the size of the message.

offset size description
0 4 Header. unsigned int32: body length(L) in big endian
4 L Body. A protobuf message. schema

Payload partitions

Each payload partition presents APEX or APK passed from the host.

The size of a payload partition must be a multiple of 4096 bytes.

mk_payload

mk_payload is a small utility to create a payload disk image. It is used by ARCVM.

$ cat payload_config.json
{
  "apexes": [
    {
      "name": "com.my.hello",
      "path": "hello.apex",
    }
  ],
  "apk": {
    "name": "com.my.world",
    "path": "/path/to/world.apk",
    "idsigPath": "/path/to/world.apk.idsig",
  }
}
$ m mk_payload
$ mk_payload payload_config.json payload.img
$ ls
payload.img
payload-footer.img
payload-header.img
payload-metadata.img
payload-filler-0.img
payload-filler-1.img
...