FileIntegrity API improvements. (b7e49a41) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/security/FileIntegrity.java

+12 −3

Original line number	Diff line number	Diff line
		@@ -16,6 +16,8 @@

		package com.android.server.security;

		import static android.os.ParcelFileDescriptor.MODE_READ_ONLY;

		import android.annotation.NonNull;
		import android.annotation.SystemApi;
		import android.os.ParcelFileDescriptor;
		@@ -36,18 +38,25 @@ public final class FileIntegrity {
		private FileIntegrity() {}

		/**
		* Enables fs-verity, if supported by the filesystem.
		* Enables fs-verity, if supported by the filesystem. This operation is atomic, i.e. it's either
		* enabled or not, even in case of power failure during or after the call.
		* @see <a href="https://www.kernel.org/doc/html/latest/filesystems/fsverity.html">
		*
		* @hide
		*/
		@SystemApi(client = SystemApi.Client.SYSTEM_SERVER)
		public static void setUpFsVerity(@NonNull File file) throws IOException {
		VerityUtils.setUpFsverity(file.getAbsolutePath());
		ParcelFileDescriptor pfd = ParcelFileDescriptor.open(file, MODE_READ_ONLY);
		setUpFsVerity(pfd);
		}

		/**
		* Enables fs-verity, if supported by the filesystem.
		* Enables fs-verity, if supported by the filesystem. This operation is atomic, i.e. it's either
		* enabled or not, even in case of power failure during or after the call.
		* @see <a href="https://www.kernel.org/doc/html/latest/filesystems/fsverity.html">
		*
		* @param parcelFileDescriptor an FD opened in {@link ParcelFileDescriptor#MODE_READ_ONLY}.
		*
		* @hide
		*/
		@SystemApi(client = SystemApi.Client.SYSTEM_SERVER)