1# Delivery Microdroid pVM payload via Mainline modules 2 3Note: this feature is under development, use it with cauition! 4 5There are several additional challenges when a Microdroid pVM payload is 6delivered inside a Mainline module. 7 8## Mainline rollbacks 9 10Mainline modules are expected to be rolled back on a device in case a problem 11with a Mainline release has been detected. This doesn't work well with the 12rollback protection of Microdroid pVMs - if a payload is updated, then a 13previous version of the payload is not allowed to access it's secrets. 14 15To work around this challenge, payloads delivered via Mainline modules are 16expected to request 17`android.permission.USE_RELAXED_MICRODROID_ROLLBACK_PROTECTION` privileged 18permission. Additionally they need to specify a 19`android.system.virtualmachine.ROLLBACK_INDEX` property in their manifest, e.g.: 20 21```xml 22<uses-permission android:name="android.permission.USE_RELAXED_MICRODROID_ROLLBACK_PROTECTION" /> 23<application> 24 <property android:name="android.system.virtualmachine.ROLLBACK_INDEX" android:value="1" /> 25</application> 26``` 27 28If apk manifest has both permission and the property specified then the value of 29the `android.system.virtualmachine.ROLLBACK_INDEX` property is used by 30`microdroid_manager` when constructing the payload node of the dice chain. 31 32Please check the tests prefixed with `relaxedRollbackProtectionScheme` to get 33more context on the behaviour. 34 35