Verify filesystem image on stage.
The filesystem image inside an APEX could become corrupted, for example
when it's downloaded, or by a malicious attacker. We would not execute
code from such an image because it's protected by dm-verity, but at the
same time we would leave the system in a bad state, because dm-verity
failures result in either I/O errors or reboots.
To prevent this, read the entire filesystem image through dm-verity at
least once during stage, so we can prevent corruption at stage time.
Bug: 126514108
Test: apexservice_test
Change-Id: Ie6681c6c8a072aef0f91c7866b4e6987170e2c7c
3 files changed