Get apexd to verify manifest data Send the name and version we read from the manifest to apexd to make sure it doesn't change. Remove image hash since we have no use for it. Put the manifest extraction & verification behind a flag since it now has the potential to change behavior. Expand on the comment for verify(), to make it clearer what it does and doesn't verify. Bug: 313042092 Test: atest ApexTestCases Test: atest MicrodroidTests Test: atest libapexutil_rust.test Change-Id: Ida6d9e11b3bce5676b744dc945eadb09aa9a822f

commit: 185e34cdfe20645a4cf84b72142d15a2dad4f47f [log] [tgz]
author: Alan Stokes <alanstokes@google.com> Fri Nov 24 12:28:39 2023 +0000
committer: Alan Stokes <alanstokes@google.com> Tue Nov 28 15:54:26 2023 +0000
tree: 059b02e447b56616b57b50e6d59f02cb61a12228
parent: a5fc4d4acab1ed16e62a30371019a596abc50c5a [diff]
diff --git a/microdroid/payload/metadata.proto b/microdroid/payload/metadata.proto
index 6b999af..b03d466 100644
--- a/microdroid/payload/metadata.proto
+++ b/microdroid/payload/metadata.proto

@@ -37,14 +37,18 @@
 }
 
 message ApexPayload {
+  // Next id: 9
+
   // Required.
   string name = 1;
   string partition_name = 2;
 
   // Optional.
-  // When specified, apex payload should be verified with the public key and root digest.
+  // When specified, apex payload should be verified against these values.
   bytes public_key = 3;
   bytes root_digest = 4;
+  int64 manifest_version = 7;
+  string manifest_name = 8;
 
   // Required.
   // The timestamp in seconds when the APEX was last updated. This should match the value in
commit	185e34cdfe20645a4cf84b72142d15a2dad4f47f	[log] [tgz]
author	Alan Stokes <alanstokes@google.com>	Fri Nov 24 12:28:39 2023 +0000
committer	Alan Stokes <alanstokes@google.com>	Tue Nov 28 15:54:26 2023 +0000
tree	059b02e447b56616b57b50e6d59f02cb61a12228
parent	a5fc4d4acab1ed16e62a30371019a596abc50c5a [diff]