package parser cache is usually < 1s saved time

2023-02-03 07:03:21 -05:00 · 2023-02-03 07:03:21 -05:00 · cdb0c5bc45
commit cdb0c5bc45
parent b0ff1577d6
1 changed files with 1 additions and 1 deletions
--- a/static/releases.html
+++ b/static/releases.html
@ -729,7 +729,7 @@
                        <li>Settings: fix issue preventing users from re-enabling system apps they previously disabled which can no longer be disabled</li>
                        <li>fix upstream Android bug causing out-of-band updates to system components using original-package to be rolled back after reboot if they're still using the old package name, which will allow us to ship Vanadium updates out-of-band without the browser package updates being rolled back for users with an older install where it's still <code>org.chromium.chrome</code> instead of <code>app.vanadium.browser</code></li>
                        <li>SELinux policy: drop base OS apk_data_file restrictions to avoid blocking out-of-band updates to APK-based system components (this was a minor security feature that's being replaced with our recent and ongoing improvements to package manager and verified boot security to close major weaknesses in the standard Android verified boot security model)</li>
-                        <li>disable package parser cache since it provides a verified boot bypass for system component updates for regular boots while not saving more than around a second of boot time</li>
+                        <li>disable package parser cache since it provides a verified boot bypass for system component updates for regular boots while saving less than a second of boot time</li>
                        <li>perform additional boot-time checks on system package updates in order to extend verified boot to out-of-band system package updates including enforcing having valid signed fs-verity metadata for continuous verification (Android does not even provide working boot-time verification for out-of-band APK updates for non-APEX components)</li>
                        <li>reimplement requiring fs-verity when installing system package updates in a better way</li>
                        <li>remove unnecessary warning for failed virtual A/B sideloaded updates since it's atomic just like A/B updates</li>