From 0db6e92129806e4e390b8795a478c0576ea5919e Mon Sep 17 00:00:00 2001 From: Anton Hansson Date: Wed, 1 May 2019 16:42:56 +0100 Subject: [PATCH] Don't sign auto-generated RROs with platform cert Preinstalled overlays needn't be signed with the same cert as the package it overlays, simply being preinstalled is enough. Sign with the default cert instead for now, which provides fewer special privileges. Bug: 129373833 Test: internal overlay test Change-Id: Ie18f7ff749e3f079600f74203664bcb6d11f9d6a --- core/generate_enforce_rro.mk | 1 - 1 file changed, 1 deletion(-) diff --git a/core/generate_enforce_rro.mk b/core/generate_enforce_rro.mk index f7877f2067..6a23aeb393 100644 --- a/core/generate_enforce_rro.mk +++ b/core/generate_enforce_rro.mk @@ -34,7 +34,6 @@ ifeq ($(enforce_rro_use_res_lib),true) endif LOCAL_FULL_MANIFEST_FILE := $(rro_android_manifest_file) -LOCAL_CERTIFICATE := platform LOCAL_AAPT_FLAGS += --auto-add-overlay LOCAL_RESOURCE_DIR := $(enforce_rro_source_overlays)