Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit c7ab564d authored by Victor Hsieh's avatar Victor Hsieh
Browse files

installd: allow enabling fs-verity to a given file 

The caller is allowed to request installd to enable fs-verity to a
given file. Normally this is initiated by the app through an API, via
system server.

We must not allow an app to enable fs-verity to a file they don't own.
In addition, the design also treat the less-privilged system server as
untrusted and limit what it can do through the API.

See code comments for more details.

Bug: 285185747
Test: Call the API from a local client
Test: atest installd_service_test
Change-Id: I0782a9b23f3817898df0703cfdd9d8670f8fcdfb
parent bd8b30c4
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment