6ceeb1a8bf
Adding verified boot metadata with a "disable magic". The resulting metadata at the end of each image (e.g., system.img, vendor.img) will be the same as triggering an "adb disable-verity" on an USERDEBUG image. This can help simplify the code on fs_mgr, which won't have to check if current image is an ENG build or not. Bug: 63056044 Test: boot sailfish eng/userdebug builds Change-Id: I95d23ac7b76c04d6d4483c9c4dc1de16bf0d9c3a
29 lines
1.1 KiB
Makefile
29 lines
1.1 KiB
Makefile
#
|
|
# Copyright (C) 2014 The Android Open Source Project
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
|
|
# Provides dependencies necessary for verified boot.
|
|
|
|
PRODUCT_SUPPORTS_BOOT_SIGNER := true
|
|
PRODUCT_SUPPORTS_VERITY := true
|
|
PRODUCT_SUPPORTS_VERITY_FEC := true
|
|
|
|
# The dev key is used to sign boot and recovery images, and the verity
|
|
# metadata table. Actual product deliverables will be re-signed by hand.
|
|
# We expect this file to exist with the suffixes ".x509.pem" and ".pk8".
|
|
PRODUCT_VERITY_SIGNING_KEY := build/target/product/security/verity
|
|
|
|
PRODUCT_PACKAGES += \
|
|
verity_key
|