acf31b0105
We need to verify the bootconfig partitions. Otherwise, attackers can compose a random bootconfig partition, and use it instead of the prebuilt ones. Then they would be able to modify the behavior of the VM. Now, bootconfig partitions are signed using avb just like other partitions. In addition, the disk 1 where the bootconfig is in has a new vbmeta partition. The partition has the bootconfig partition as the chained partition. This vbmeta partition can be used to add more bootconfig-like partitions in the future. Bug: 203031847 Test: run microdroid test app Change-Id: I66c7defd07785fcb13180a368786151bd973cc65 |
||
|---|---|---|
| .. | ||
| aidl | ||
| src | ||
| .gitignore | ||
| Android.bp | ||
| TEST_MAPPING | ||