Merge "Do not restrict .fs-verity keyring in debuggable build"
am: be51525424
Change-Id: I544db4a4e13de0fe680a15814c139155c32bf093
This commit is contained in:
Victor Hsieh
android-build-merger
commit
0cf9bfd4a6
1 changed files with 6 additions and 3 deletions
|
|
@ -24,6 +24,9 @@ for cert in /product/etc/security/fsverity/*.der; do
|
|||
log -p e -t fsverity_init "Failed to load $cert"
|
||||
done
|
||||
|
||||
# Prevent future key links to .fs-verity keyring
|
||||
/system/bin/mini-keyctl restrict_keyring .fs-verity ||
|
||||
log -p e -t fsverity_init "Failed to restrict .fs-verity keyring"
|
||||
DEBUGGABLE=$(getprop ro.debuggable)
|
||||
if [ $DEBUGGABLE != "1" ]; then
|
||||
# Prevent future key links to .fs-verity keyring
|
||||
/system/bin/mini-keyctl restrict_keyring .fs-verity ||
|
||||
log -p e -t fsverity_init "Failed to restrict .fs-verity keyring"
|
||||
fi
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue