Change init sequence to support file level encryption
File level encryption must get the key between mounting userdata and calling post_fs_data when the directories are created. This requires access to keymaster, which in turn is found from a system property. Split property loaded into system and data, and load in right order. Bug: 22233063
This commit is contained in:
parent
8104616696
commit
948410a493
|
@ -803,9 +803,9 @@ int do_load_persist_props(int nargs, char **args) {
|
|||
return -1;
|
||||
}
|
||||
|
||||
int do_load_all_props(int nargs, char **args) {
|
||||
int do_load_system_props(int nargs, char **args) {
|
||||
if (nargs == 1) {
|
||||
load_all_props();
|
||||
load_system_props();
|
||||
return 0;
|
||||
}
|
||||
return -1;
|
||||
|
|
|
@ -159,7 +159,7 @@ static int lookup_keyword(const char *s)
|
|||
case 'l':
|
||||
if (!strcmp(s, "oglevel")) return K_loglevel;
|
||||
if (!strcmp(s, "oad_persist_props")) return K_load_persist_props;
|
||||
if (!strcmp(s, "oad_all_props")) return K_load_all_props;
|
||||
if (!strcmp(s, "oad_system_props")) return K_load_system_props;
|
||||
break;
|
||||
case 'm':
|
||||
if (!strcmp(s, "kdir")) return K_mkdir;
|
||||
|
|
|
@ -34,7 +34,7 @@ int do_chown(int nargs, char **args);
|
|||
int do_chmod(int nargs, char **args);
|
||||
int do_loglevel(int nargs, char **args);
|
||||
int do_load_persist_props(int nargs, char **args);
|
||||
int do_load_all_props(int nargs, char **args);
|
||||
int do_load_system_props(int nargs, char **args);
|
||||
int do_verity_load_state(int nargs, char **args);
|
||||
int do_verity_update_state(int nargs, char **args);
|
||||
int do_wait(int nargs, char **args);
|
||||
|
@ -66,7 +66,7 @@ enum {
|
|||
KEYWORD(installkey, COMMAND, 1, do_installkey)
|
||||
KEYWORD(ioprio, OPTION, 0, 0)
|
||||
KEYWORD(keycodes, OPTION, 0, 0)
|
||||
KEYWORD(load_all_props, COMMAND, 0, do_load_all_props)
|
||||
KEYWORD(load_system_props, COMMAND, 0, do_load_system_props)
|
||||
KEYWORD(load_persist_props, COMMAND, 0, do_load_persist_props)
|
||||
KEYWORD(loglevel, COMMAND, 1, do_loglevel)
|
||||
KEYWORD(mkdir, COMMAND, 1, do_mkdir)
|
||||
|
|
|
@ -560,16 +560,10 @@ void load_recovery_id_prop() {
|
|||
close(fd);
|
||||
}
|
||||
|
||||
void load_all_props() {
|
||||
void load_system_props() {
|
||||
load_properties_from_file(PROP_PATH_SYSTEM_BUILD, NULL);
|
||||
load_properties_from_file(PROP_PATH_VENDOR_BUILD, NULL);
|
||||
load_properties_from_file(PROP_PATH_FACTORY, "ro.*");
|
||||
|
||||
load_override_properties();
|
||||
|
||||
/* Read persistent properties after all default values have been loaded. */
|
||||
load_persistent_properties();
|
||||
|
||||
load_recovery_id_prop();
|
||||
}
|
||||
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
extern void property_init(void);
|
||||
extern void property_load_boot_defaults(void);
|
||||
extern void load_persist_props(void);
|
||||
extern void load_all_props(void);
|
||||
extern void load_system_props(void);
|
||||
extern void start_property_service(void);
|
||||
void get_property_workspace(int *fd, int *sz);
|
||||
extern int __property_get(const char *name, char *value);
|
||||
|
|
|
@ -181,8 +181,11 @@ on property:sys.boot_from_charger_mode=1
|
|||
trigger late-init
|
||||
|
||||
# Load properties from /system/ + /factory after fs mount.
|
||||
on load_all_props_action
|
||||
load_all_props
|
||||
on load_system_props_action
|
||||
load_system_props
|
||||
|
||||
on load_persist_props_action
|
||||
load_persist_props
|
||||
start logd
|
||||
start logd-reinit
|
||||
|
||||
|
@ -195,12 +198,16 @@ on late-init
|
|||
trigger early-fs
|
||||
trigger fs
|
||||
trigger post-fs
|
||||
trigger post-fs-data
|
||||
|
||||
# Load properties from /system/ + /factory after fs mount. Place
|
||||
# this in another action so that the load will be scheduled after the prior
|
||||
# issued fs triggers have completed.
|
||||
trigger load_all_props_action
|
||||
trigger load_system_props_action
|
||||
|
||||
# Now we can mount /data. File encryption requires keymaster to decrypt
|
||||
# /data, which in turn can only be loaded when system properties are present
|
||||
trigger post-fs-data
|
||||
trigger load_persist_props_action
|
||||
|
||||
# Remove a file to wake up anything waiting for firmware.
|
||||
trigger firmware_mounts_complete
|
||||
|
|
Loading…
Reference in New Issue