author | TreeHugger Robot <treehugger-gerrit@google.com> | 2020-11-11 09:05:34 (GMT) |
---|---|---|
committer | Android Partner Code Review <android-gerrit-partner@google.com> | 2020-11-11 09:05:34 (GMT) |
commit | 70eaf2e5cf2dbbe23f11f84b82fce91681d61be9 (patch) | |
tree | b04345871094509b80ed7d50da66bf2505a1fc1e | |
parent | da734abb913dbc386392a6b9f0c39914c8a5d24d (diff) | |
parent | b5723426a200f1a1619fb721073829714d6388a3 (diff) | |
download | common-70eaf2e5cf2dbbe23f11f84b82fce91681d61be9.zip common-70eaf2e5cf2dbbe23f11f84b82fce91681d61be9.tar.gz common-70eaf2e5cf2dbbe23f11f84b82fce91681d61be9.tar.bz2 |
Merge "metadata: enable Metadata Encryption in R 5.4 [1/5]" into r-tv-dev
-rw-r--r-- | core_amlogic.mk | 20 | ||||
-rwxr-xr-x | initscripts/fs_5.4.rc | 28 |
2 files changed, 48 insertions, 0 deletions
diff --git a/core_amlogic.mk b/core_amlogic.mk index 9bd3674..b55c79f 100644 --- a/core_amlogic.mk +++ b/core_amlogic.mk @@ -270,6 +270,18 @@ PRODUCT_COPY_FILES += \ endif endif +####################################################################### +# +# metadata encryption +# +####################################################################### +ifneq ($(TARGET_BUILD_KERNEL_4_9),true) +PRODUCT_PROPERTY_OVERRIDES += \ + ro.crypto.volume.metadata.method=dm-default-key \ + ro.crypto.dm_default_key.options_format.version=2 \ + ro.crypto.volume.options=::v2 \ + ro.crypto.state=encrypted +endif ######################################################################### # @@ -450,6 +462,14 @@ PRODUCT_COPY_FILES += \ device/amlogic/common/audio/audio_effects.xml:$(TARGET_COPY_OUT_VENDOR)/etc/audio_effects.xml \ device/amlogic/common/permissions/privapp-permissions-amlogic.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/privapp-permissions-amlogic.xml +ifneq ($(TARGET_BUILD_KERNEL_4_9),true) +PRODUCT_COPY_FILES += \ + device/amlogic/common/initscripts/fs_5.4.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/fs.rc +else +PRODUCT_COPY_FILES += \ + device/amlogic/common/initscripts/fs.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/fs.rc +endif + PRODUCT_COPY_FILES += \ device/amlogic/common/initscripts/ueventd.amlogic.rc:$(TARGET_COPY_OUT_VENDOR)/ueventd.rc \ device/amlogic/common/initscripts/fs.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/fs.rc \ diff --git a/initscripts/fs_5.4.rc b/initscripts/fs_5.4.rc new file mode 100755 index 0000000..ab5d577 --- a/dev/null +++ b/initscripts/fs_5.4.rc @@ -0,0 +1,28 @@ +on property:sys.boot_completed=1 + # Enable ZRAM on boot_complete + swapon_all /vendor/etc/fstab.amlogic + +on fs + mkdir /mnt/vendor/factory 0755 root root + mkdir /mnt/vendor/tee 0700 system system + mount_all /vendor/etc/fstab.amlogic --early + setprop ro.crypto.fuse_sdcard true + + restorecon_recursive /mnt/vendor/param + +on late-fs + # Wait for keymaster + exec_start wait_for_keymaster + + # Mount RW partitions which need run fsck + mount_all /vendor/etc/fstab.amlogic --late + +on post-fs-data + mkdir /data/vendor/wifi 0770 wifi wifi + mkdir /data/vendor/wifi/wpa 0770 wifi wifi + # we will remap this as /storage/sdcard0 with the sdcard fuse tool + mkdir /data/media 0770 media_rw media_rw + mkdir /data/vendor/cas 0700 root root + + # Set indication (checked by vold) that we have finished this action + setprop vold.post_fs_data_done 1 |