Remove verity.mk, verity_key, PRODUCT_VERITY_SIGNING_KEY
verity.mk is used to set the related variable for VB 1.0 support, but we already removed VB 1.0. This change removes the unused code. We also remove and block PRODUCT_VERITY_SIGNING_KEY in this change. Bug: 241044073 Test: atest under build/make Change-Id: Ifbcde7da27a931ef3b9d746b1c5a279d88c0ec85
This commit is contained in:
hungweichen
parent
bf11e34897
commit
e3ca398a1e
8 changed files with 1 additions and 88 deletions
|
|
@ -164,6 +164,7 @@ $(KATI_obsolete_var ALL_ORIGINAL_DYNAMIC_BINARIES,ALL_ORIGINAL_DYNAMIC_BINARIES
|
|||
$(KATI_obsolete_var PRODUCT_SUPPORTS_VERITY,VB 1.0 and related variables are no longer supported)
|
||||
$(KATI_obsolete_var PRODUCT_SUPPORTS_VERITY_FEC,VB 1.0 and related variables are no longer supported)
|
||||
$(KATI_obsolete_var PRODUCT_SUPPORTS_BOOT_SIGNER,VB 1.0 and related variables are no longer supported)
|
||||
$(KATI_obsolete_var PRODUCT_VERITY_SIGNING_KEY,VB 1.0 and related variables are no longer supported)
|
||||
# Used to force goals to build. Only use for conditionally defined goals.
|
||||
.PHONY: FORCE
|
||||
FORCE:
|
||||
|
|
|
|||
|
|
@ -165,7 +165,6 @@ _product_list_vars += PRODUCT_DEXPREOPT_SPEED_APPS
|
|||
_product_list_vars += PRODUCT_LOADED_BY_PRIVILEGED_MODULES
|
||||
_product_single_value_vars += PRODUCT_VBOOT_SIGNING_KEY
|
||||
_product_single_value_vars += PRODUCT_VBOOT_SIGNING_SUBKEY
|
||||
_product_single_value_vars += PRODUCT_VERITY_SIGNING_KEY
|
||||
_product_single_value_vars += PRODUCT_SYSTEM_VERITY_PARTITION
|
||||
_product_single_value_vars += PRODUCT_VENDOR_VERITY_PARTITION
|
||||
_product_single_value_vars += PRODUCT_PRODUCT_VERITY_PARTITION
|
||||
|
|
|
|||
|
|
@ -91,7 +91,6 @@ $(my_built_custom_image): PRIVATE_STAGING_DIR := $(my_staging_dir)
|
|||
$(my_built_custom_image): PRIVATE_COPY_PAIRS := $(my_copy_pairs)
|
||||
$(my_built_custom_image): PRIVATE_PICKUP_FILES := $(my_pickup_files)
|
||||
$(my_built_custom_image): PRIVATE_SELINUX := $(CUSTOM_IMAGE_SELINUX)
|
||||
$(my_built_custom_image): PRIVATE_VERITY_KEY := $(PRODUCT_VERITY_SIGNING_KEY)
|
||||
$(my_built_custom_image): PRIVATE_VERITY_BLOCK_DEVICE := $(CUSTOM_IMAGE_VERITY_BLOCK_DEVICE)
|
||||
$(my_built_custom_image): PRIVATE_DICT_FILE := $(CUSTOM_IMAGE_DICT_FILE)
|
||||
$(my_built_custom_image): PRIVATE_AVB_AVBTOOL := $(AVBTOOL)
|
||||
|
|
|
|||
|
|
@ -1,42 +1,5 @@
|
|||
LOCAL_PATH:= $(call my-dir)
|
||||
|
||||
#######################################
|
||||
# verity_key (installed to /, i.e. part of system.img)
|
||||
include $(CLEAR_VARS)
|
||||
|
||||
LOCAL_MODULE := verity_key
|
||||
LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
|
||||
LOCAL_LICENSE_CONDITIONS := notice
|
||||
LOCAL_NOTICE_FILE := build/soong/licenses/LICENSE
|
||||
LOCAL_SRC_FILES := $(LOCAL_MODULE)
|
||||
LOCAL_MODULE_CLASS := ETC
|
||||
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
|
||||
|
||||
# For devices using a separate ramdisk, we need a copy there to establish the chain of trust.
|
||||
ifneq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
|
||||
LOCAL_REQUIRED_MODULES := verity_key_ramdisk
|
||||
endif
|
||||
|
||||
include $(BUILD_PREBUILT)
|
||||
|
||||
#######################################
|
||||
# verity_key (installed to ramdisk)
|
||||
#
|
||||
# Enabling the target when using system-as-root would cause build failure, as TARGET_RAMDISK_OUT
|
||||
# points to the same location as TARGET_ROOT_OUT.
|
||||
ifneq ($(BOARD_BUILD_SYSTEM_ROOT_IMAGE),true)
|
||||
include $(CLEAR_VARS)
|
||||
LOCAL_MODULE := verity_key_ramdisk
|
||||
LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0
|
||||
LOCAL_LICENSE_CONDITIONS := notice
|
||||
LOCAL_NOTICE_FILE := build/soong/licenses/LICENSE
|
||||
LOCAL_MODULE_CLASS := ETC
|
||||
LOCAL_SRC_FILES := verity_key
|
||||
LOCAL_MODULE_STEM := verity_key
|
||||
LOCAL_MODULE_PATH := $(TARGET_RAMDISK_OUT)
|
||||
include $(BUILD_PREBUILT)
|
||||
endif
|
||||
|
||||
#######################################
|
||||
# adb key, if configured via PRODUCT_ADB_KEYS
|
||||
ifdef PRODUCT_ADB_KEYS
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -1,24 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIID/TCCAuWgAwIBAgIJAJcPmDkJqolJMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
|
||||
VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4g
|
||||
VmlldzEQMA4GA1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UE
|
||||
AwwHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe
|
||||
Fw0xNDExMDYxOTA3NDBaFw00MjAzMjQxOTA3NDBaMIGUMQswCQYDVQQGEwJVUzET
|
||||
MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4G
|
||||
A1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UEAwwHQW5kcm9p
|
||||
ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCASIwDQYJKoZI
|
||||
hvcNAQEBBQADggEPADCCAQoCggEBAOjreE0vTVSRenuzO9vnaWfk0eQzYab0gqpi
|
||||
6xAzi6dmD+ugoEKJmbPiuE5Dwf21isZ9uhUUu0dQM46dK4ocKxMRrcnmGxydFn6o
|
||||
fs3ODJMXOkv2gKXL/FdbEPdDbxzdu8z3yk+W67udM/fW7WbaQ3DO0knu+izKak/3
|
||||
T41c5uoXmQ81UNtAzRGzGchNVXMmWuTGOkg6U+0I2Td7K8yvUMWhAWPPpKLtVH9r
|
||||
AL5TzjYNR92izdKcz3AjRsI3CTjtpiVABGeX0TcjRSuZB7K9EK56HV+OFNS6I1NP
|
||||
jdD7FIShyGlqqZdUOkAUZYanbpgeT5N7QL6uuqcGpoTOkalu6kkCAwEAAaNQME4w
|
||||
HQYDVR0OBBYEFH5DM/m7oArf4O3peeKO0ZIEkrQPMB8GA1UdIwQYMBaAFH5DM/m7
|
||||
oArf4O3peeKO0ZIEkrQPMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB
|
||||
AHO3NSvDE5jFvMehGGtS8BnFYdFKRIglDMc4niWSzhzOVYRH4WajxdtBWc5fx0ix
|
||||
NF/+hVKVhP6AIOQa+++sk+HIi7RvioPPbhjcsVlZe7cUEGrLSSveGouQyc+j0+m6
|
||||
JF84kszIl5GGNMTnx0XRPO+g8t6h5LWfnVydgZfpGRRg+WHewk1U2HlvTjIceb0N
|
||||
dcoJ8WKJAFWdcuE7VIm4w+vF/DYX/A2Oyzr2+QRhmYSv1cusgAeC1tvH4ap+J1Lg
|
||||
UnOu5Kh/FqPLLSwNVQp4Bu7b9QFfqK8Moj84bj88NqRGZgDyqzuTrFxn6FW7dmyA
|
||||
yttuAJAEAymk1mipd9+zp38=
|
||||
-----END CERTIFICATE-----
|
||||
Binary file not shown.
|
|
@ -1,25 +0,0 @@
|
|||
#
|
||||
# Copyright (C) 2014 The Android Open Source Project
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# Provides dependencies necessary for verified boot.
|
||||
|
||||
# The dev key is used to sign boot and recovery images, and the verity
|
||||
# metadata table. Actual product deliverables will be re-signed by hand.
|
||||
# We expect this file to exist with the suffixes ".x509.pem" and ".pk8".
|
||||
PRODUCT_VERITY_SIGNING_KEY := build/make/target/product/security/verity
|
||||
|
||||
PRODUCT_PACKAGES += \
|
||||
verity_key
|
||||
Loading…
Reference in a new issue