diff options
| author | Bowgo Tsai <bowgotsai@google.com> | 2020-01-31 23:06:09 +0800 |
|---|---|---|
| committer | Bowgo Tsai <bowgotsai@google.com> | 2020-02-05 15:51:41 +0800 |
| commit | e0f5c1069175a28cd6db2abbf59b8f1fbf439948 (patch) | |
| tree | 033604d907426a95179366d3820b4280413c6542 /trusty/coverage/coverage.cpp | |
| parent | ab65ef22a545312544e927f93a0cb538ecd1d7c9 (diff) | |
first_stage_mount: reading all avb_keys before chroot
Avb keys used to verify a partition are stored in the first-stage
ramdisk. However, after /system is mounted, init will chroot into it.
This makes those keys inaccessible for later mounts, e.g., /vendor or
/product.
This change retains avb keys by reading all of them before chroot
into /system.
Note that it is intentional to perform public matching for both
preload_avb_key_blobs and fstab_entry.avb_keys in libfs_avb.
As some keys might only be availble before init chroots into /system,
e.g., /avb/key1 in the first-stage ramdisk, while other keys might
only be available after the chroot, e.g., /system/etc/avb/key2.
Bug: 147585411
Test: specify avb_keys for a partition and checks the keys are preloaded
Test: atest libfs_avb_test
Test: atest libfs_avb_internal_test
Change-Id: I6bd490c4215480db2937cdfc3fea0d616e224a91
Diffstat (limited to 'trusty/coverage/coverage.cpp')
0 files changed, 0 insertions, 0 deletions