Commit 79a67391 authored Jul 06, 2023 by Eric Biggers

init.rc: stop using fsverity_init --lock

Remove the code that "locked" the .fs-verity keyring at a certain point
in the boot.  It probably was thought that this achieved some useful
security property, which is a bit questionable.  Regardless, Android no
longer uses fsverity builtin signatures.  The only code that is still
being kept around is enough to access existing files on old kernels, and
for this "locking" the keyring is definitely not essential.

Bug: 290064770
Test: presubmit and booting Cuttlefish
Change-Id: Ide5729aeac5772658b2a3f0abe835988b8842b02

parent 0b2c5cde

rootdir/init.rc

+1 −5

Original line number	Diff line number	Diff line
		@@ -1021,13 +1021,9 @@ on post-fs-data
		# Must start after 'derive_classpath' to have *CLASSPATH variables set.
		start odsign

		# Before we can lock keys and proceed to the next boot stage, wait for
		# odsign to be done with the key
		# Wait for odsign to be done with the key.
		wait_for_prop odsign.key.done 1

		# Lock the fs-verity keyring, so no more keys can be added
		exec -- /system/bin/fsverity_init --lock

		# Bump the boot level to 1000000000; this prevents further on-device signing.
		# This is a special value that shuts down the thread which listens for
		# further updates.