329f11213822c150604af2287167f6b02905f6ee - platform_system_apex

commit	329f11213822c150604af2287167f6b02905f6ee	[log] [tgz]
author	Martijn Coenen <maco@google.com>	Thu Feb 28 16:10:08 2019 +0100
committer	Martijn Coenen <maco@google.com>	Thu Feb 28 16:33:37 2019 +0100
tree	e040e91ff60b5fffc60c9cd40836bca12a1989dd
parent	2f6936c9b33bdf1544639c442cba90ce78661143 [diff]

Reject APEXes with manifest mismatches.

We initially use the manifest outside the filesystem to determine APEX
meta-data. But that manifest is not protected by dm-verity, and hence
shouldn't be trusted. To prevent tampering, verify that the manifest
inside the verified filesystem images matches the one outside it.

Bug: 126514108
Test: atest apexservice_test passes (with new test)
Change-Id: I2c9394cb4c409f212030d6008c15f4b681018996

apexd/Android.bp[diff]
apexd/apex_file.cpp[diff]
apexd/apex_file.h[diff]
apexd/apexd.cpp[diff]
apexd/apexservice_test.cpp[diff]

5 files changed

tree: e040e91ff60b5fffc60c9cd40836bca12a1989dd

apexd/
apexer/
proto/
tests/
OWNERS
PREUPLOAD.cfg
TEST_MAPPING