Stop adding cert of early boot key to fs-verity keyring
Since the file signature is removed, we can start removing the cert as
well. This is safe because we always fallback to the recompilation.
Here's what happened in the reboot when a cert is not provided:
1. odsign always needs to call `odrefresh --check` on boot
2. odrefresh will fail to read cache-info.xml if it's signed but the
key is not in the keyring:
odrefresh: Failed to parse cache-info file:
'/data/misc/apexdata/com.android.art/dalvik-cache/cache-info.xml':
Required key not available
3. odrefresh will "terminated by exit(79)"
4. on error, odsign starts the recovery/compilation
The only concern is whether this could trigger unnecessary
recompilation, i.e. some (if not all) of the artifacts can be reused,
but cannot due to the keyring change.
For eventual launch over OTA, we can't use the existing artifacts
anyway, so the concern is really just for weekly/daily droidfooders.
System server will need to be recompiled for sure, so the extra
recompilation shouldn't increase the boot time for too long. Plus it's a
one time internal problem. So this change leans toward solving the
technical debt.
Bug: 258061812
Test: atest odsign_e2e_tests_full
Test: OTA emulation
[setup] without the change, install art apex and reboot to
generate artifacts with fs-verity signature
[test] with the change, reboot
[observation] the error above occurred and recovered expectedly
Change-Id: I5ab4cb9a2b9e091407ad5e7ab8411f004ddbd01c
1 file changed