installd: allow enabling fs-verity to a given file
The caller is allowed to request installd to enable fs-verity to a given file. Normally this is initiated by the app through an API, via system server. We must not allow an app to enable fs-verity to a file they don't own. In addition, the design also treat the less-privilged system server as untrusted and limit what it can do through the API. See code comments for more details. Bug: 285185747 Test: Call the API from a local client Test: atest installd_service_test Change-Id: I0782a9b23f3817898df0703cfdd9d8670f8fcdfb
Loading
Please register or sign in to comment