Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 66e2127c authored by Xiaoyong Zhou's avatar Xiaoyong Zhou
Browse files

Loads fsverity keys 

This CL calls mini-keyctl to load fsverity keys.

Bug: 112038861
Test: cat /proc/keys
Change-Id: I3b7cf85c2f64116a56349c54ed5fa4e8cf14a730
parent cf5dbc20

rootdir/init.rc

+3 −0
Original line number Diff line number Diff line
@@ -587,6 +587,9 @@ on post-fs-data 
    # Check any timezone data in /data is newer than the copy in the runtime module, delete if not.

    exec - system system -- /system/bin/tzdatacheck /apex/com.android.runtime/etc/tz /data/misc/zoneinfo



    # load fsverity keys

    exec -- /system/bin/mini-keyctl -c /product/etc/security/cacerts_fsverity,/vendor/etc/security/cacerts_fsverity -k .fs-verity



    # Wait for apexd to finish activating APEXes before starting more processes.

    # This certainly reduces the parallelism but is required to make as many processes

    # as possible to use the bionic libs from the runtime APEX. This takes less than 50ms