Flag guard to make fsverity_init a no-op
As early as fsverity_init, the flag can only be static (thus
is_fixed_read_only). It is now a constant/false and will be flipped
during the ramp up at build time.
Bug: 290064770
Test: mma
Test: Inspect the generated code
Change-Id: I4bd1addb996705f6e6b9f75313bf22b9ecd3e11c
diff --git a/fsverity_init/fsverity_init.cpp b/fsverity_init/fsverity_init.cpp
index 797118d..717beeb 100644
--- a/fsverity_init/fsverity_init.cpp
+++ b/fsverity_init/fsverity_init.cpp
@@ -43,6 +43,7 @@
#include <android-base/file.h>
#include <android-base/logging.h>
#include <android-base/strings.h>
+#include <android_security_flag.h>
#include <log/log.h>
#include <mini_keyctl_utils.h>
@@ -79,6 +80,13 @@
}
int main(int argc, const char** argv) {
+ if (android::security::flag::deprecate_fsverity_init()) {
+ // Don't load keys to the built-in fs-verity keyring in kernel. This will make existing
+ // files not readable. We expect to only enable the flag when there are no such files or
+ // when failure is ok (e.g. with a fallback).
+ return 0;
+ }
+
if (argc < 2) {
LOG(ERROR) << "Not enough arguments";
return -1;