Revert^2 "Set earlyBootEnded before apex starts"
Revert submission revert-1660531-max-boot-level-crypto-KFMCEDKSIV
Reason for revert: topic:vold-use-keystore2 has landed fixing the bug
Reverted changes:
Ibf63734a: Revert "Set earlyBootEnded before apex starts"
Id02f63a7: Revert "Expose AID_KEYSTORE"
Ibcedeff4: Revert "Cryptographic security for MAX_BOOT_LEVEL"
Restored changes:
Ia3b968afc:Set earlyBootEnded before apex starts
Ia69891291:Expose AID_KEYSTORE
I12530cd13:Cryptographic security for MAX_BOOT_LEVEL
Reverted-SHA1: 82cfe66794
Original commit message:
earlyBootEnded signals to keystore2 to read the database for the first
time, and start the MAX_BOOT_LEVEL system. It must therefore run
after /data is mounted and /data/misc/keystore is created, but before
apexd or odsign starts.
Bug: 176450483
Test: atest com.android.tests.odsign.OnDeviceSigningHostTest#verifyArtUpgradeSignsFiles
Change-Id: Ib9c2b4bbdddecdf73924125f9bdc75c82e1dd257
This commit is contained in:
Paul Crowley
parent
37a413d1c3
commit
7583da1bcd
|
|
@ -471,9 +471,6 @@ on init
|
|||
chmod 0664 /sys/module/lowmemorykiller/parameters/minfree
|
||||
start lmkd
|
||||
|
||||
# Set an initial boot level - start at 10 in case we need to add earlier ones.
|
||||
setprop keystore.boot_level 10
|
||||
|
||||
# Start essential services.
|
||||
start servicemanager
|
||||
start hwservicemanager
|
||||
|
|
@ -630,8 +627,6 @@ on late-fs
|
|||
write /sys/kernel/tracing/instances/bootreceiver/events/error_report/error_report_end/enable 1
|
||||
|
||||
on post-fs-data
|
||||
# Boot level 30 - at this point daemons like apexd and odsign run
|
||||
setprop keystore.boot_level 30
|
||||
|
||||
mark_post_data
|
||||
|
||||
|
|
@ -652,6 +647,9 @@ on post-fs-data
|
|||
mkdir /data/bootchart 0755 shell shell encryption=Require
|
||||
bootchart start
|
||||
|
||||
# Avoid predictable entropy pool. Carry over entropy from previous boot.
|
||||
copy /data/system/entropy.dat /dev/urandom
|
||||
|
||||
mkdir /data/vendor 0771 root root encryption=Require
|
||||
mkdir /data/vendor_ce 0771 root root encryption=None
|
||||
mkdir /data/vendor_de 0771 root root encryption=None
|
||||
|
|
@ -667,6 +665,25 @@ on post-fs-data
|
|||
# Make sure that apexd is started in the default namespace
|
||||
enter_default_mount_ns
|
||||
|
||||
# set up keystore directory structure first so that we can end early boot
|
||||
# and start apexd
|
||||
mkdir /data/misc 01771 system misc encryption=Require
|
||||
mkdir /data/misc/keystore 0700 keystore keystore
|
||||
# work around b/183668221
|
||||
restorecon /data/misc /data/misc/keystore
|
||||
|
||||
# Boot level 30
|
||||
# odsign signing keys have MAX_BOOT_LEVEL=30
|
||||
# This is currently the earliest boot level, but we start at 30
|
||||
# to leave room for earlier levels.
|
||||
setprop keystore.boot_level 30
|
||||
|
||||
# Now that /data is mounted and we have created /data/misc/keystore,
|
||||
# we can tell keystore to stop allowing use of early-boot keys,
|
||||
# and access its database for the first time to support creation and
|
||||
# use of MAX_BOOT_LEVEL keys.
|
||||
exec - system system -- /system/bin/vdc keymaster earlyBootEnded
|
||||
|
||||
# /data/apex is now available. Start apexd to scan and activate APEXes.
|
||||
mkdir /data/apex 0755 root system encryption=None
|
||||
mkdir /data/apex/active 0755 root system
|
||||
|
|
@ -678,11 +695,7 @@ on post-fs-data
|
|||
mkdir /data/apex/ota_reserved 0700 root system encryption=Require
|
||||
start apexd
|
||||
|
||||
# Avoid predictable entropy pool. Carry over entropy from previous boot.
|
||||
copy /data/system/entropy.dat /dev/urandom
|
||||
|
||||
# create basic filesystem structure
|
||||
mkdir /data/misc 01771 system misc encryption=Require
|
||||
# create rest of basic filesystem structure
|
||||
mkdir /data/misc/recovery 0770 system log
|
||||
copy /data/misc/recovery/ro.build.fingerprint /data/misc/recovery/ro.build.fingerprint.1
|
||||
chmod 0440 /data/misc/recovery/ro.build.fingerprint.1
|
||||
|
|
@ -706,7 +719,6 @@ on post-fs-data
|
|||
mkdir /data/misc/nfc 0770 nfc nfc
|
||||
mkdir /data/misc/nfc/logs 0770 nfc nfc
|
||||
mkdir /data/misc/credstore 0700 credstore credstore
|
||||
mkdir /data/misc/keystore 0700 keystore keystore
|
||||
mkdir /data/misc/gatekeeper 0700 system system
|
||||
mkdir /data/misc/keychain 0771 system system
|
||||
mkdir /data/misc/net 0750 root shell
|
||||
|
|
@ -914,14 +926,13 @@ on post-fs-data
|
|||
# odsign to be done with the key
|
||||
wait_for_prop odsign.key.done 1
|
||||
|
||||
# After apexes are mounted, tell keymaster early boot has ended, so it will
|
||||
# stop allowing use of early-boot keys
|
||||
exec - system system -- /system/bin/vdc keymaster earlyBootEnded
|
||||
|
||||
# Lock the fs-verity keyring, so no more keys can be added
|
||||
exec -- /system/bin/fsverity_init --lock
|
||||
|
||||
setprop keystore.boot_level 40
|
||||
# Bump the boot level to 1000000000; this prevents further on-device signing.
|
||||
# This is a special value that shuts down the thread which listens for
|
||||
# further updates.
|
||||
setprop keystore.boot_level 1000000000
|
||||
|
||||
# Allow apexd to snapshot and restore device encrypted apex data in the case
|
||||
# of a rollback. This should be done immediately after DE_user data keys
|
||||
|
|
|
|||
Loading…
Reference in New Issue