diff options
Diffstat (limited to 'init/init.cpp')
| -rw-r--r-- | init/init.cpp | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/init/init.cpp b/init/init.cpp index 99ce5e6924..8758653a41 100644 --- a/init/init.cpp +++ b/init/init.cpp @@ -21,6 +21,7 @@ #include <errno.h> #include <fcntl.h> #include <inttypes.h> +#include <keyutils.h> #include <libgen.h> #include <paths.h> #include <signal.h> @@ -1015,6 +1016,11 @@ int main(int argc, char** argv) { InitKernelLogging(argv); LOG(INFO) << "init second stage started!"; + // Set up a session keyring that all processes will have access to. It + // will hold things like FBE encryption keys. No process should override + // its session keyring. + keyctl(KEYCTL_GET_KEYRING_ID, KEY_SPEC_SESSION_KEYRING, 1); + // Indicate that booting is in progress to background fw loaders, etc. close(open("/dev/.booting", O_WRONLY | O_CREAT | O_CLOEXEC, 0000)); |