Am I missing something here? The article lists technologies but does nothing to improve the readers understanding of the AVF at all.
I’ve compiled a concise explanation to make sense of it all
Article can be used to navigate detailed docs, https://source.android.com/docs/core/virtualization/architec...Microdroid, https://source.android.com/docs/core/virtualization/microdro...
SecretKeeper, https://android.googlesource.com/platform/system/secretkeepe...
Keymint, https://android-review.linaro.org/plugins/gitiles/platform/h...
Generic Kernel Image, https://source.android.com/docs/core/architecture/kernel
So the next cool "security"-branded thingie that will be used to enforce increasingly draconian DRM schemes upon the masses. I am not surprised any more - just wonder how long it will take for these virtuous technologies to also be used to finally effectively combat all the rampant "disinformation" on the 'Net </s>
DRM components are already present in TrustZone on phones, https://source.android.com/docs/core/virtualization/whyavf
> Arm’s TrustZone.. domains are too coarse-grained: only secure and nonsecure.. aren't good enough for dynamic use cases in which resources are allocated on demand.. In addition, the APIs used outside of the Android operating system are fragmented and restrict our ability to deploy use cases at the Android scale, including fundamentals like Keymint and Gatekeeper.
Importantly for user freedom, AVF can allow user-managed VMs (e.g. Debian Linux with root) to run alongside attested VMs with "official" apps.
"Google is preparing to let you run Linux apps on Android, just like Chrome OS", https://news.ycombinator.com/item?id=41816756