author | TreeHugger Robot <treehugger-gerrit@google.com> | 2020-11-11 09:26:38 (GMT) |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-11-11 09:26:38 (GMT) |
commit | a14989d27929c479292dc6e41c770e3f8d0fd199 (patch) | |
tree | 69011fb890fb4c2474091c4cf0f37863ba64881a | |
parent | a874af449f8cf6a714d953ad1f99f22085838454 (diff) | |
parent | 70eaf2e5cf2dbbe23f11f84b82fce91681d61be9 (diff) | |
download | common-a14989d27929c479292dc6e41c770e3f8d0fd199.zip common-a14989d27929c479292dc6e41c770e3f8d0fd199.tar.gz common-a14989d27929c479292dc6e41c770e3f8d0fd199.tar.bz2 |
Merge "metadata: enable Metadata Encryption in R 5.4 [1/5]" into r-tv-dev am: 70eaf2e5cf
Original change: undetermined
Change-Id: Ia2d51e099b39bc82105b2befd419f3019893c502
-rw-r--r-- | core_amlogic.mk | 20 | ||||
-rwxr-xr-x | initscripts/fs_5.4.rc | 28 |
2 files changed, 48 insertions, 0 deletions
diff --git a/core_amlogic.mk b/core_amlogic.mk index 9bd3674..b55c79f 100644 --- a/core_amlogic.mk +++ b/core_amlogic.mk @@ -270,6 +270,18 @@ PRODUCT_COPY_FILES += \ endif endif +####################################################################### +# +# metadata encryption +# +####################################################################### +ifneq ($(TARGET_BUILD_KERNEL_4_9),true) +PRODUCT_PROPERTY_OVERRIDES += \ + ro.crypto.volume.metadata.method=dm-default-key \ + ro.crypto.dm_default_key.options_format.version=2 \ + ro.crypto.volume.options=::v2 \ + ro.crypto.state=encrypted +endif ######################################################################### # @@ -450,6 +462,14 @@ PRODUCT_COPY_FILES += \ device/amlogic/common/audio/audio_effects.xml:$(TARGET_COPY_OUT_VENDOR)/etc/audio_effects.xml \ device/amlogic/common/permissions/privapp-permissions-amlogic.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/privapp-permissions-amlogic.xml +ifneq ($(TARGET_BUILD_KERNEL_4_9),true) +PRODUCT_COPY_FILES += \ + device/amlogic/common/initscripts/fs_5.4.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/fs.rc +else +PRODUCT_COPY_FILES += \ + device/amlogic/common/initscripts/fs.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/fs.rc +endif + PRODUCT_COPY_FILES += \ device/amlogic/common/initscripts/ueventd.amlogic.rc:$(TARGET_COPY_OUT_VENDOR)/ueventd.rc \ device/amlogic/common/initscripts/fs.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/fs.rc \ diff --git a/initscripts/fs_5.4.rc b/initscripts/fs_5.4.rc new file mode 100755 index 0000000..ab5d577 --- a/dev/null +++ b/initscripts/fs_5.4.rc @@ -0,0 +1,28 @@ +on property:sys.boot_completed=1 + # Enable ZRAM on boot_complete + swapon_all /vendor/etc/fstab.amlogic + +on fs + mkdir /mnt/vendor/factory 0755 root root + mkdir /mnt/vendor/tee 0700 system system + mount_all /vendor/etc/fstab.amlogic --early + setprop ro.crypto.fuse_sdcard true + + restorecon_recursive /mnt/vendor/param + +on late-fs + # Wait for keymaster + exec_start wait_for_keymaster + + # Mount RW partitions which need run fsck + mount_all /vendor/etc/fstab.amlogic --late + +on post-fs-data + mkdir /data/vendor/wifi 0770 wifi wifi + mkdir /data/vendor/wifi/wpa 0770 wifi wifi + # we will remap this as /storage/sdcard0 with the sdcard fuse tool + mkdir /data/media 0770 media_rw media_rw + mkdir /data/vendor/cas 0700 root root + + # Set indication (checked by vold) that we have finished this action + setprop vold.post_fs_data_done 1 |