Merge changes Ifbcde7da,Icee659ff,I267da2d5
* changes: Remove verity.mk, verity_key, PRODUCT_VERITY_SIGNING_KEY Remove PRODUCT_SUPPORTS_VERITY(_FEC) reference Remove BOOT_SIGNER and PRODUCT_SUPPORTS_BOOT_SIGNER
This commit is contained in:
Hung-Wei Chen
Gerrit Code Review
commit
a7dfb456a1
10 changed files with 7 additions and 177 deletions
|
|
@ -986,14 +986,8 @@ endif
|
|||
|
||||
INTERNAL_BOOTIMAGE_FILES := $(filter-out --%,$(INTERNAL_BOOTIMAGE_ARGS))
|
||||
|
||||
ifeq ($(PRODUCT_SUPPORTS_VERITY),true)
|
||||
ifeq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
|
||||
VERITY_KEYID := veritykeyid=id:`openssl x509 -in $(PRODUCT_VERITY_SIGNING_KEY).x509.pem -text \
|
||||
| grep keyid | sed 's/://g' | tr -d '[:space:]' | tr '[:upper:]' '[:lower:]' | sed 's/keyid//g'`
|
||||
endif
|
||||
endif
|
||||
|
||||
INTERNAL_KERNEL_CMDLINE := $(strip $(INTERNAL_KERNEL_CMDLINE) buildvariant=$(TARGET_BUILD_VARIANT) $(VERITY_KEYID))
|
||||
# TODO(b/241346584) Remove this when BOARD_BUILD_SYSTEM_ROOT_IMAGE is deprecated
|
||||
INTERNAL_KERNEL_CMDLINE := $(strip $(INTERNAL_KERNEL_CMDLINE) buildvariant=$(TARGET_BUILD_VARIANT))
|
||||
|
||||
# kernel cmdline/base/pagesize in boot.
|
||||
# - If using GKI, use GENERIC_KERNEL_CMDLINE. Remove kernel base and pagesize because they are
|
||||
|
|
@ -1110,30 +1104,7 @@ bootimage-nodeps: $(MKBOOTIMG) $(AVBTOOL) $(BOARD_AVB_BOOT_KEY_PATH) $(INTERNAL_
|
|||
@echo "make $@: ignoring dependencies"
|
||||
$(foreach b,$(INSTALLED_BOOTIMAGE_TARGET),$(call build_boot_board_avb_enabled,$(b)))
|
||||
|
||||
else ifeq (true,$(PRODUCT_SUPPORTS_BOOT_SIGNER)) # BOARD_AVB_ENABLE != true
|
||||
|
||||
# $1: boot image target
|
||||
define build_boot_supports_boot_signer
|
||||
$(MKBOOTIMG) --kernel $(call bootimage-to-kernel,$(1)) $(INTERNAL_BOOTIMAGE_ARGS) $(INTERNAL_MKBOOTIMG_VERSION_ARGS) $(BOARD_MKBOOTIMG_ARGS) --output $(1)
|
||||
$(BOOT_SIGNER) /boot $@ $(PRODUCT_VERITY_SIGNING_KEY).pk8 $(PRODUCT_VERITY_SIGNING_KEY).x509.pem $(1)
|
||||
$(call assert-max-image-size,$(1),$(call get-bootimage-partition-size,$(1),boot))
|
||||
endef
|
||||
|
||||
$(INSTALLED_BOOTIMAGE_TARGET): $(MKBOOTIMG) $(INTERNAL_BOOTIMAGE_FILES) $(BOOT_SIGNER)
|
||||
$(call pretty,"Target boot image: $@")
|
||||
$(call build_boot_supports_boot_signer,$@)
|
||||
|
||||
$(call declare-1p-container,$(INSTALLED_BOOTIMAGE_TARGET),)
|
||||
$(call declare-container-license-deps,$(INSTALLED_BOOTIMAGE_TARGET),$(INTERNAL_BOOTIMAGE_FILES),$(PRODUCT_OUT)/:/)
|
||||
|
||||
UNMOUNTED_NOTICE_DEPS += $(INSTALLED_BOOTIMAGE_TARGET)
|
||||
|
||||
.PHONY: bootimage-nodeps
|
||||
bootimage-nodeps: $(MKBOOTIMG) $(BOOT_SIGNER)
|
||||
@echo "make $@: ignoring dependencies"
|
||||
$(foreach b,$(INSTALLED_BOOTIMAGE_TARGET),$(call build_boot_supports_boot_signer,$(b)))
|
||||
|
||||
else ifeq (true,$(PRODUCT_SUPPORTS_VBOOT)) # PRODUCT_SUPPORTS_BOOT_SIGNER != true
|
||||
else ifeq (true,$(PRODUCT_SUPPORTS_VBOOT)) # BOARD_AVB_ENABLE != true
|
||||
|
||||
# $1: boot image target
|
||||
define build_boot_supports_vboot
|
||||
|
|
@ -1288,10 +1259,6 @@ endif # BUILDING_INIT_BOOT_IMAGE is not true
|
|||
INSTALLED_FILES_OUTSIDE_IMAGES := $(filter-out $(TARGET_VENDOR_RAMDISK_OUT)/%, $(INSTALLED_FILES_OUTSIDE_IMAGES))
|
||||
ifeq ($(BUILDING_VENDOR_BOOT_IMAGE),true)
|
||||
|
||||
ifeq ($(PRODUCT_SUPPORTS_VERITY),true)
|
||||
$(error vboot 1.0 does not support vendor_boot partition)
|
||||
endif
|
||||
|
||||
INTERNAL_VENDOR_RAMDISK_FILES := $(filter $(TARGET_VENDOR_RAMDISK_OUT)/%, \
|
||||
$(ALL_DEFAULT_INSTALLED_MODULES))
|
||||
|
||||
|
|
@ -1812,13 +1779,6 @@ ifneq ($(filter \
|
|||
INTERNAL_USERIMAGES_DEPS += $(MKSQUASHFSUSERIMG)
|
||||
endif
|
||||
|
||||
ifeq (true,$(PRODUCT_SUPPORTS_VERITY))
|
||||
INTERNAL_USERIMAGES_DEPS += $(BUILD_VERITY_METADATA) $(BUILD_VERITY_TREE) $(APPEND2SIMG) $(VERITY_SIGNER)
|
||||
ifeq (true,$(PRODUCT_SUPPORTS_VERITY_FEC))
|
||||
INTERNAL_USERIMAGES_DEPS += $(FEC)
|
||||
endif
|
||||
endif
|
||||
|
||||
ifeq ($(BOARD_AVB_ENABLE),true)
|
||||
INTERNAL_USERIMAGES_DEPS += $(AVBTOOL)
|
||||
endif
|
||||
|
|
@ -1835,14 +1795,6 @@ SELINUX_FC := $(call intermediates-dir-for,ETC,file_contexts.bin)/file_contexts.
|
|||
|
||||
INTERNAL_USERIMAGES_DEPS += $(SELINUX_FC)
|
||||
|
||||
ifeq (true,$(PRODUCT_USE_DYNAMIC_PARTITIONS))
|
||||
|
||||
ifeq ($(PRODUCT_SUPPORTS_VERITY),true)
|
||||
$(error vboot 1.0 doesn't support logical partition)
|
||||
endif
|
||||
|
||||
endif # PRODUCT_USE_DYNAMIC_PARTITIONS
|
||||
|
||||
# $(1) the partition name (eg system)
|
||||
# $(2) the image prop file
|
||||
define add-common-flags-to-image-props
|
||||
|
|
@ -1952,11 +1904,6 @@ $(if $(BOARD_EROFS_USE_LEGACY_COMPRESSION),$(hide) echo "erofs_use_legacy_compre
|
|||
$(if $(BOARD_EXT4_SHARE_DUP_BLOCKS),$(hide) echo "ext4_share_dup_blocks=$(BOARD_EXT4_SHARE_DUP_BLOCKS)" >> $(1))
|
||||
$(if $(BOARD_FLASH_LOGICAL_BLOCK_SIZE), $(hide) echo "flash_logical_block_size=$(BOARD_FLASH_LOGICAL_BLOCK_SIZE)" >> $(1))
|
||||
$(if $(BOARD_FLASH_ERASE_BLOCK_SIZE), $(hide) echo "flash_erase_block_size=$(BOARD_FLASH_ERASE_BLOCK_SIZE)" >> $(1))
|
||||
$(if $(PRODUCT_SUPPORTS_BOOT_SIGNER),$(hide) echo "boot_signer=$(PRODUCT_SUPPORTS_BOOT_SIGNER)" >> $(1))
|
||||
$(if $(PRODUCT_SUPPORTS_VERITY),$(hide) echo "verity=$(PRODUCT_SUPPORTS_VERITY)" >> $(1))
|
||||
$(if $(PRODUCT_SUPPORTS_VERITY),$(hide) echo "verity_key=$(PRODUCT_VERITY_SIGNING_KEY)" >> $(1))
|
||||
$(if $(PRODUCT_SUPPORTS_VERITY),$(hide) echo "verity_signer_cmd=$(notdir $(VERITY_SIGNER))" >> $(1))
|
||||
$(if $(PRODUCT_SUPPORTS_VERITY_FEC),$(hide) echo "verity_fec=$(PRODUCT_SUPPORTS_VERITY_FEC)" >> $(1))
|
||||
$(if $(filter eng, $(TARGET_BUILD_VARIANT)),$(hide) echo "verity_disable=true" >> $(1))
|
||||
$(if $(PRODUCT_SYSTEM_VERITY_PARTITION),$(hide) echo "system_verity_block_device=$(PRODUCT_SYSTEM_VERITY_PARTITION)" >> $(1))
|
||||
$(if $(PRODUCT_VENDOR_VERITY_PARTITION),$(hide) echo "vendor_verity_block_device=$(PRODUCT_VENDOR_VERITY_PARTITION)" >> $(1))
|
||||
|
|
@ -2486,12 +2433,6 @@ define build-recoveryimage-target
|
|||
$(MKBOOTIMG) $(if $(strip $(2)),--kernel $(strip $(2))) $(INTERNAL_RECOVERYIMAGE_ARGS) \
|
||||
$(INTERNAL_MKBOOTIMG_VERSION_ARGS) \
|
||||
$(BOARD_RECOVERY_MKBOOTIMG_ARGS) --output $(1))
|
||||
$(if $(filter true,$(PRODUCT_SUPPORTS_BOOT_SIGNER)),\
|
||||
$(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)),\
|
||||
$(BOOT_SIGNER) /boot $(1) $(PRODUCT_VERITY_SIGNING_KEY).pk8 $(PRODUCT_VERITY_SIGNING_KEY).x509.pem $(1),\
|
||||
$(BOOT_SIGNER) /recovery $(1) $(PRODUCT_VERITY_SIGNING_KEY).pk8 $(PRODUCT_VERITY_SIGNING_KEY).x509.pem $(1)\
|
||||
)\
|
||||
)
|
||||
$(if $(filter true,$(PRODUCT_SUPPORTS_VBOOT)), \
|
||||
$(VBOOT_SIGNER) $(FUTILITY) $(1).unsigned $(PRODUCT_VBOOT_SIGNING_KEY).vbpubk $(PRODUCT_VBOOT_SIGNING_KEY).vbprivk $(PRODUCT_VBOOT_SIGNING_SUBKEY).vbprivk $(1).keyblock $(1))
|
||||
$(if $(filter true,$(BOARD_USES_RECOVERY_AS_BOOT)), \
|
||||
|
|
@ -2504,9 +2445,6 @@ define build-recoveryimage-target
|
|||
endef
|
||||
|
||||
recoveryimage-deps := $(MKBOOTIMG) $(recovery_ramdisk) $(recovery_kernel)
|
||||
ifeq (true,$(PRODUCT_SUPPORTS_BOOT_SIGNER))
|
||||
recoveryimage-deps += $(BOOT_SIGNER)
|
||||
endif
|
||||
ifeq (true,$(PRODUCT_SUPPORTS_VBOOT))
|
||||
recoveryimage-deps += $(VBOOT_SIGNER)
|
||||
endif
|
||||
|
|
|
|||
|
|
@ -161,7 +161,10 @@ $(KATI_obsolete_var TARGET_NO_VENDOR_BOOT,Use PRODUCT_BUILD_VENDOR_BOOT_IMAGE in
|
|||
$(KATI_obsolete_var PRODUCT_CHECK_ELF_FILES,Use BUILD_BROKEN_PREBUILT_ELF_FILES instead)
|
||||
$(KATI_obsolete_var ALL_GENERATED_SOURCES,ALL_GENERATED_SOURCES is no longer used)
|
||||
$(KATI_obsolete_var ALL_ORIGINAL_DYNAMIC_BINARIES,ALL_ORIGINAL_DYNAMIC_BINARIES is no longer used)
|
||||
|
||||
$(KATI_obsolete_var PRODUCT_SUPPORTS_VERITY,VB 1.0 and related variables are no longer supported)
|
||||
$(KATI_obsolete_var PRODUCT_SUPPORTS_VERITY_FEC,VB 1.0 and related variables are no longer supported)
|
||||
$(KATI_obsolete_var PRODUCT_SUPPORTS_BOOT_SIGNER,VB 1.0 and related variables are no longer supported)
|
||||
$(KATI_obsolete_var PRODUCT_VERITY_SIGNING_KEY,VB 1.0 and related variables are no longer supported)
|
||||
# Used to force goals to build. Only use for conditionally defined goals.
|
||||
.PHONY: FORCE
|
||||
FORCE:
|
||||
|
|
@ -629,10 +632,8 @@ APPEND2SIMG := $(HOST_OUT_EXECUTABLES)/append2simg
|
|||
VERITY_SIGNER := $(HOST_OUT_EXECUTABLES)/verity_signer
|
||||
BUILD_VERITY_METADATA := $(HOST_OUT_EXECUTABLES)/build_verity_metadata
|
||||
BUILD_VERITY_TREE := $(HOST_OUT_EXECUTABLES)/build_verity_tree
|
||||
BOOT_SIGNER := $(HOST_OUT_EXECUTABLES)/boot_signer
|
||||
FUTILITY := $(HOST_OUT_EXECUTABLES)/futility-host
|
||||
VBOOT_SIGNER := $(HOST_OUT_EXECUTABLES)/vboot_signer
|
||||
FEC := $(HOST_OUT_EXECUTABLES)/fec
|
||||
|
||||
DEXDUMP := $(HOST_OUT_EXECUTABLES)/dexdump$(BUILD_EXECUTABLE_SUFFIX)
|
||||
PROFMAN := $(HOST_OUT_EXECUTABLES)/profman
|
||||
|
|
|
|||
|
|
@ -136,10 +136,7 @@ _product_list_vars += PRODUCT_BOOT_JARS
|
|||
# PRODUCT_BOOT_JARS, so that device-specific jars go after common jars.
|
||||
_product_list_vars += PRODUCT_BOOT_JARS_EXTRA
|
||||
|
||||
_product_single_value_vars += PRODUCT_SUPPORTS_BOOT_SIGNER
|
||||
_product_single_value_vars += PRODUCT_SUPPORTS_VBOOT
|
||||
_product_single_value_vars += PRODUCT_SUPPORTS_VERITY
|
||||
_product_single_value_vars += PRODUCT_SUPPORTS_VERITY_FEC
|
||||
_product_list_vars += PRODUCT_SYSTEM_SERVER_APPS
|
||||
# List of system_server classpath jars on the platform.
|
||||
_product_list_vars += PRODUCT_SYSTEM_SERVER_JARS
|
||||
|
|
@ -168,7 +165,6 @@ _product_list_vars += PRODUCT_DEXPREOPT_SPEED_APPS
|
|||
_product_list_vars += PRODUCT_LOADED_BY_PRIVILEGED_MODULES
|
||||
_product_single_value_vars += PRODUCT_VBOOT_SIGNING_KEY
|
||||
_product_single_value_vars += PRODUCT_VBOOT_SIGNING_SUBKEY
|
||||
_product_single_value_vars += PRODUCT_VERITY_SIGNING_KEY
|
||||
_product_single_value_vars += PRODUCT_SYSTEM_VERITY_PARTITION
|
||||
_product_single_value_vars += PRODUCT_VENDOR_VERITY_PARTITION
|
||||
_product_single_value_vars += PRODUCT_PRODUCT_VERITY_PARTITION
|
||||
|
|
|
|||
|
|
@ -62,8 +62,6 @@ custom_image_parameter_variables := \
|
|||
CUSTOM_IMAGE_MODULES \
|
||||
CUSTOM_IMAGE_COPY_FILES \
|
||||
CUSTOM_IMAGE_SELINUX \
|
||||
CUSTOM_IMAGE_SUPPORT_VERITY \
|
||||
CUSTOM_IMAGE_SUPPORT_VERITY_FEC \
|
||||
CUSTOM_IMAGE_VERITY_BLOCK_DEVICE \
|
||||
CUSTOM_IMAGE_AVB_HASH_ENABLE \
|
||||
CUSTOM_IMAGE_AVB_ADD_HASH_FOOTER_ARGS \
|
||||
|
|
|
|||
|
|
@ -91,9 +91,6 @@ $(my_built_custom_image): PRIVATE_STAGING_DIR := $(my_staging_dir)
|
|||
$(my_built_custom_image): PRIVATE_COPY_PAIRS := $(my_copy_pairs)
|
||||
$(my_built_custom_image): PRIVATE_PICKUP_FILES := $(my_pickup_files)
|
||||
$(my_built_custom_image): PRIVATE_SELINUX := $(CUSTOM_IMAGE_SELINUX)
|
||||
$(my_built_custom_image): PRIVATE_SUPPORT_VERITY := $(CUSTOM_IMAGE_SUPPORT_VERITY)
|
||||
$(my_built_custom_image): PRIVATE_SUPPORT_VERITY_FEC := $(CUSTOM_IMAGE_SUPPORT_VERITY_FEC)
|
||||
$(my_built_custom_image): PRIVATE_VERITY_KEY := $(PRODUCT_VERITY_SIGNING_KEY)
|
||||
$(my_built_custom_image): PRIVATE_VERITY_BLOCK_DEVICE := $(CUSTOM_IMAGE_VERITY_BLOCK_DEVICE)
|
||||
$(my_built_custom_image): PRIVATE_DICT_FILE := $(CUSTOM_IMAGE_DICT_FILE)
|
||||
$(my_built_custom_image): PRIVATE_AVB_AVBTOOL := $(AVBTOOL)
|
||||
|
|
@ -108,9 +105,6 @@ ifeq (true,$(filter true, $(CUSTOM_IMAGE_AVB_HASH_ENABLE) $(CUSTOM_IMAGE_AVB_HAS
|
|||
else ifneq (,$(filter true, $(CUSTOM_IMAGE_AVB_HASH_ENABLE) $(CUSTOM_IMAGE_AVB_HASHTREE_ENABLE)))
|
||||
$(error Cannot set both CUSTOM_IMAGE_AVB_HASH_ENABLE and CUSTOM_IMAGE_AVB_HASHTREE_ENABLE to true)
|
||||
endif
|
||||
ifeq (true,$(CUSTOM_IMAGE_SUPPORT_VERITY_FEC))
|
||||
$(my_built_custom_image): $(FEC)
|
||||
endif
|
||||
$(my_built_custom_image): $(INTERNAL_USERIMAGES_DEPS) $(my_built_modules) $(my_image_copy_files) $(my_custom_image_modules_dep) \
|
||||
$(CUSTOM_IMAGE_DICT_FILE)
|
||||
@echo "Build image $@"
|
||||
|
|
@ -130,13 +124,6 @@ $(my_built_custom_image): $(INTERNAL_USERIMAGES_DEPS) $(my_built_modules) $(my_i
|
|||
$(hide) echo "partition_size=$(PRIVATE_PARTITION_SIZE)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt
|
||||
$(hide) echo "ext_mkuserimg=$(notdir $(MKEXTUSERIMG))" >> $(PRIVATE_INTERMEDIATES)/image_info.txt
|
||||
$(if $(PRIVATE_SELINUX),$(hide) echo "selinux_fc=$(SELINUX_FC)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt)
|
||||
$(if $(PRIVATE_SUPPORT_VERITY),\
|
||||
$(hide) echo "verity=$(PRIVATE_SUPPORT_VERITY)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt;\
|
||||
echo "verity_key=$(PRIVATE_VERITY_KEY)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt;\
|
||||
echo "verity_signer_cmd=$(VERITY_SIGNER)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt;\
|
||||
echo "verity_block_device=$(PRIVATE_VERITY_BLOCK_DEVICE)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt)
|
||||
$(if $(PRIVATE_SUPPORT_VERITY_FEC),\
|
||||
$(hide) echo "verity_fec=$(PRIVATE_SUPPORT_VERITY_FEC)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt)
|
||||
$(if $(filter eng, $(TARGET_BUILD_VARIANT)),$(hide) echo "verity_disable=true" >> $(PRIVATE_INTERMEDIATES)/image_info.txt)
|
||||
$(hide) echo "avb_avbtool=$(PRIVATE_AVB_AVBTOOL)" >> $(PRIVATE_INTERMEDIATES)/image_info.txt
|
||||
$(if $(PRIVATE_AVB_KEY_PATH),\
|
||||
|
|
|
|||
|
|
@ -1,42 +1,5 @@
|
|||
LOCAL_PATH:= $(call my-dir)
|
||||
|
||||
#######################################
|
||||
# verity_key (installed to /, i.e. part of system.img)
|
||||
include $(CLEAR_VARS)
|
||||
|
||||
LOCAL_MODULE := verity_key
|
||||
LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
|
||||
LOCAL_LICENSE_CONDITIONS := notice
|
||||
LOCAL_NOTICE_FILE := build/soong/licenses/LICENSE
|
||||
LOCAL_SRC_FILES := $(LOCAL_MODULE)
|
||||
LOCAL_MODULE_CLASS := ETC
|
||||
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
|
||||
|
||||
# For devices using a separate ramdisk, we need a copy there to establish the chain of trust.
|
||||
ifneq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
|
||||
LOCAL_REQUIRED_MODULES := verity_key_ramdisk
|
||||
endif
|
||||
|
||||
include $(BUILD_PREBUILT)
|
||||
|
||||
#######################################
|
||||
# verity_key (installed to ramdisk)
|
||||
#
|
||||
# Enabling the target when using system-as-root would cause build failure, as TARGET_RAMDISK_OUT
|
||||
# points to the same location as TARGET_ROOT_OUT.
|
||||
ifneq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
|
||||
include $(CLEAR_VARS)
|
||||
LOCAL_MODULE := verity_key_ramdisk
|
||||
LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
|
||||
LOCAL_LICENSE_CONDITIONS := notice
|
||||
LOCAL_NOTICE_FILE := build/soong/licenses/LICENSE
|
||||
LOCAL_MODULE_CLASS := ETC
|
||||
LOCAL_SRC_FILES := verity_key
|
||||
LOCAL_MODULE_STEM := verity_key
|
||||
LOCAL_MODULE_PATH := $(TARGET_RAMDISK_OUT)
|
||||
include $(BUILD_PREBUILT)
|
||||
endif
|
||||
|
||||
#######################################
|
||||
# adb key, if configured via PRODUCT_ADB_KEYS
|
||||
ifdef PRODUCT_ADB_KEYS
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -1,24 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIID/TCCAuWgAwIBAgIJAJcPmDkJqolJMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
|
||||
VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4g
|
||||
VmlldzEQMA4GA1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UE
|
||||
AwwHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe
|
||||
Fw0xNDExMDYxOTA3NDBaFw00MjAzMjQxOTA3NDBaMIGUMQswCQYDVQQGEwJVUzET
|
||||
MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4G
|
||||
A1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UEAwwHQW5kcm9p
|
||||
ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCASIwDQYJKoZI
|
||||
hvcNAQEBBQADggEPADCCAQoCggEBAOjreE0vTVSRenuzO9vnaWfk0eQzYab0gqpi
|
||||
6xAzi6dmD+ugoEKJmbPiuE5Dwf21isZ9uhUUu0dQM46dK4ocKxMRrcnmGxydFn6o
|
||||
fs3ODJMXOkv2gKXL/FdbEPdDbxzdu8z3yk+W67udM/fW7WbaQ3DO0knu+izKak/3
|
||||
T41c5uoXmQ81UNtAzRGzGchNVXMmWuTGOkg6U+0I2Td7K8yvUMWhAWPPpKLtVH9r
|
||||
AL5TzjYNR92izdKcz3AjRsI3CTjtpiVABGeX0TcjRSuZB7K9EK56HV+OFNS6I1NP
|
||||
jdD7FIShyGlqqZdUOkAUZYanbpgeT5N7QL6uuqcGpoTOkalu6kkCAwEAAaNQME4w
|
||||
HQYDVR0OBBYEFH5DM/m7oArf4O3peeKO0ZIEkrQPMB8GA1UdIwQYMBaAFH5DM/m7
|
||||
oArf4O3peeKO0ZIEkrQPMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB
|
||||
AHO3NSvDE5jFvMehGGtS8BnFYdFKRIglDMc4niWSzhzOVYRH4WajxdtBWc5fx0ix
|
||||
NF/+hVKVhP6AIOQa+++sk+HIi7RvioPPbhjcsVlZe7cUEGrLSSveGouQyc+j0+m6
|
||||
JF84kszIl5GGNMTnx0XRPO+g8t6h5LWfnVydgZfpGRRg+WHewk1U2HlvTjIceb0N
|
||||
dcoJ8WKJAFWdcuE7VIm4w+vF/DYX/A2Oyzr2+QRhmYSv1cusgAeC1tvH4ap+J1Lg
|
||||
UnOu5Kh/FqPLLSwNVQp4Bu7b9QFfqK8Moj84bj88NqRGZgDyqzuTrFxn6FW7dmyA
|
||||
yttuAJAEAymk1mipd9+zp38=
|
||||
-----END CERTIFICATE-----
|
||||
Binary file not shown.
|
|
@ -1,29 +0,0 @@
|
|||
#
|
||||
# Copyright (C) 2014 The Android Open Source Project
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# Provides dependencies necessary for verified boot.
|
||||
|
||||
PRODUCT_SUPPORTS_BOOT_SIGNER := true
|
||||
PRODUCT_SUPPORTS_VERITY := true
|
||||
PRODUCT_SUPPORTS_VERITY_FEC := true
|
||||
|
||||
# The dev key is used to sign boot and recovery images, and the verity
|
||||
# metadata table. Actual product deliverables will be re-signed by hand.
|
||||
# We expect this file to exist with the suffixes ".x509.pem" and ".pk8".
|
||||
PRODUCT_VERITY_SIGNING_KEY := build/make/target/product/security/verity
|
||||
|
||||
PRODUCT_PACKAGES += \
|
||||
verity_key
|
||||
Loading…
Reference in a new issue