commit e94b36637dd2084a3a611dc45a87c5bea7408707
author Martijn Coenen <maco@google.com> Tue Mar 09 10:57:00 2021 +0100
committer Martijn Coenen <maco@google.com> Tue Mar 09 09:59:57 2021 +0000
tree 47989ade2ae7872c9113c349efe10bc0d30316ca
parent 75a2bba1587ed4935aa5af4455dce99b31d21f6a

Add some keystore boot levels.

The first user of keystore boot levels is on-device signing; transition
the boot level to 30 before running the post-fs data hook, and
transition it to 40 right after on-device signing is done. This leaves
some space for future boot levels to be inserted, if we wanted.

Bug: 165630556
Test: inspect logs
Change-Id: If0a74cbe9ea8fce806020d8a42a978cfb9117ded

rootdir/init.rc

diff --git a/rootdir/init.rc b/rootdir/init.rc
index 04e954e..6873bd9 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -621,6 +621,9 @@
     exec -- /system/bin/fsverity_init --load-verified-keys
 
 on post-fs-data
+    # Boot level 30 - at this point daemons like apexd and odsign run
+    setprop keystore.boot_level 30
+
     mark_post_data
 
     # Start checkpoint before we touch data
@@ -899,6 +902,8 @@
     # Lock the fs-verity keyring, so no more keys can be added
     exec -- /system/bin/fsverity_init --lock
 
+    setprop keystore.boot_level 40
+
     # Allow apexd to snapshot and restore device encrypted apex data in the case
     # of a rollback. This should be done immediately after DE_user data keys
     # are loaded. APEXes should not access this data until this has been