Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3af315ae authored by Badhri Jagan Sridharan's avatar Badhri Jagan Sridharan
Browse files

Extract public key ID from cert 

Extracts keyid inline using openssl commands.
The keyid is passed as one of the kernel command line parameters
for the dm-android-verity module to mount root fs(system)
with verity enabled.

BUG: 28384658
Change-Id: I8efbe1b0e415ef1d396f9b51cfa4b3fa01b22484
parent 97794d9c

core/Makefile

+12 −5
Original line number Diff line number Diff line
@@ -499,11 +499,6 @@ endif 


INTERNAL_BOOTIMAGE_FILES := $(filter-out --%,$(INTERNAL_BOOTIMAGE_ARGS))



BOARD_KERNEL_CMDLINE := $(strip $(BOARD_KERNEL_CMDLINE))

ifdef BOARD_KERNEL_CMDLINE

  INTERNAL_BOOTIMAGE_ARGS += --cmdline "$(BOARD_KERNEL_CMDLINE)"

endif



BOARD_KERNEL_BASE := $(strip $(BOARD_KERNEL_BASE))

ifdef BOARD_KERNEL_BASE

  INTERNAL_BOOTIMAGE_ARGS += --base $(BOARD_KERNEL_BASE)
@@ -514,6 +509,18 @@ ifdef BOARD_KERNEL_PAGESIZE 
  INTERNAL_BOOTIMAGE_ARGS += --pagesize $(BOARD_KERNEL_PAGESIZE)

endif



ifeq ($(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VERITY),true)

ifeq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)

VERITY_KEYID := veritykeyid=id:`openssl x509 -in $(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_VERITY_SIGNING_KEY).x509.pem -text \

                | grep keyid | sed 's/://g' | tr -d '[:space:]' | tr '[:upper:]' '[:lower:]' | sed 's/keyid//g'`

endif

endif



BOARD_KERNEL_CMDLINE := $(strip $(BOARD_KERNEL_CMDLINE) $(VERITY_KEYID))

ifdef BOARD_KERNEL_CMDLINE

INTERNAL_BOOTIMAGE_ARGS += --cmdline "$(BOARD_KERNEL_CMDLINE)"

endif



INTERNAL_MKBOOTIMG_VERSION_ARGS := \

    --os_version $(PLATFORM_VERSION) \

    --os_patch_level $(PLATFORM_SECURITY_PATCH)