Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fe2a3026 authored by Martijn Coenen's avatar Martijn Coenen Committed by Automerger Merge Worker
Browse files

Merge "Add some keystore boot levels." am: 43defd97 am: 5d0e102f 

Original change: https://android-review.googlesource.com/c/platform/system/core/+/1623763

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Iea54c9e8af2b9254979b006303ca69151705299f
parents b80a385d 5d0e102f

rootdir/init.rc

+5 −0
Original line number Diff line number Diff line
@@ -630,6 +630,9 @@ on late-fs 
    write /sys/kernel/tracing/instances/bootreceiver/events/error_report/error_report_end/enable 1



on post-fs-data

    # Boot level 30 - at this point daemons like apexd and odsign run

    setprop keystore.boot_level 30



    mark_post_data



    # Start checkpoint before we touch data
@@ -908,6 +911,8 @@ on post-fs-data 
    # Lock the fs-verity keyring, so no more keys can be added

    exec -- /system/bin/fsverity_init --lock



    setprop keystore.boot_level 40



    # Allow apexd to snapshot and restore device encrypted apex data in the case

    # of a rollback. This should be done immediately after DE_user data keys

    # are loaded. APEXes should not access this data until this has been