Installd: new interface to enable apk verity Note that file-based verity can be enabled only with CAP_SYS_ADMIN. The implementation is dummy at the moment and waiting for kernel implementation to be ready. Having the interface ready first allows our iteration on the caller side in Package Manager. Test: Saw logs on install if ro.apk_verity.mode is 1 Bug: 30972906 Change-Id: I5fb03d745111028bafbff1029f480b0386906e8a

commit: 99de51619db9d23a1019354276c1385d63aa05dc [log] [tgz]
author: Victor Hsieh <victorhsieh@google.com> Fri Oct 06 14:44:14 2017 -0700
committer: Victor Hsieh <victorhsieh@google.com> Thu Jan 11 15:50:04 2018 -0800
tree: 103ef43ff4b566f2dddc5e6fa758519f0d83404b
parent: 4f9ecc63cff5a22e33df84efc354398927cf1d35 [diff] [blame]
diff --git a/cmds/installd/InstalldNativeService.h b/cmds/installd/InstalldNativeService.h
index 2d22934..e9e5ffc 100644
--- a/cmds/installd/InstalldNativeService.h
+++ b/cmds/installd/InstalldNativeService.h

@@ -117,6 +117,8 @@
             const std::string& outputPath);
     binder::Status deleteOdex(const std::string& apkPath, const std::string& instructionSet,
             const std::unique_ptr<std::string>& outputPath);
+    binder::Status installApkVerity(const std::string& filePath,
+            const ::android::base::unique_fd& verityInput);
     binder::Status reconcileSecondaryDexFile(const std::string& dexPath,
         const std::string& packageName, int32_t uid, const std::vector<std::string>& isa,
         const std::unique_ptr<std::string>& volumeUuid, int32_t storage_flag, bool* _aidl_return);
commit	99de51619db9d23a1019354276c1385d63aa05dc	[log] [tgz]
author	Victor Hsieh <victorhsieh@google.com>	Fri Oct 06 14:44:14 2017 -0700
committer	Victor Hsieh <victorhsieh@google.com>	Thu Jan 11 15:50:04 2018 -0800
tree	103ef43ff4b566f2dddc5e6fa758519f0d83404b
parent	4f9ecc63cff5a22e33df84efc354398927cf1d35 [diff] [blame]