Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 31b4751a4d5ab89657a56989c74d80aef580790e
commit31b4751a4d5ab89657a56989c74d80aef580790e[log] [tgz]
authorEric Biggers <ebiggers@google.com>Thu Jul 06 17:10:28 2023 +0000
committerEric Biggers <ebiggers@google.com>Thu Jul 06 18:35:30 2023 +0000
treefe9ea219e75c8afe79b14c6afa134bc45a243971
parent5024ce5b46f4b80f9a184e158f25446bef5686f2 [diff]
fsverity_init: cleanly support kernels without builtin sig support

Since Android no longer uses fsverity builtin signatures, it's planned
to start configuring the kernel without
CONFIG_FS_VERITY_BUILTIN_SIGNATURES.  Therefore, make fsverity_init
cleanly handle the case of CONFIG_FS_VERITY_BUILTIN_SIGNATURES being
disabled.  Also document why fsverity_init still has to exist at all.

Bug: 290064770
Test: Booted Cuttlefish with android-mainline kernel with
      CONFIG_FS_VERITY_BUILTIN_SIGNATURES disabled.  Checked logcat for
      message indicating that 'fsverity_init --load-verified-keys'
      exited with status 0.
Change-Id: I0e232c9f4fb80f790ccafb03c10bb5dd5f24fe24
1 file changed
tree: fe9ea219e75c8afe79b14c6afa134bc45a243971
  1. diced/
  2. fsverity/
  3. fsverity_init/
  4. identity/
  5. keystore/
  6. keystore-engine/
  7. keystore2/
  8. ondevice-signing/
  9. prng_seeder/
  10. provisioner/
  11. rustfmt.toml ⇨ ../../build/soong/scripts/rustfmt.toml
  12. .clang-format
  13. .gitignore
  14. Android.bp
  15. METADATA
  16. MODULE_LICENSE_APACHE2
  17. NOTICE
  18. OWNERS
  19. PREUPLOAD.cfg