From d815178b7512cb44d8b5f234e3f823b5a3e44dea Mon Sep 17 00:00:00 2001 From: Paul Lawrence Date: Wed, 1 Jul 2015 14:40:56 -0700 Subject: Change init sequence to support file level encryption File level encryption must get the key between mounting userdata and calling post_fs_data when the directories are created. This requires access to keymaster, which in turn is found from a system property. Split property loaded into system and data, and load in right order. Bug: 22233063 Change-Id: I8a6c40d44e17de386417a443c9dfc3b4e7fe59a5 --- rootdir/init.rc | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'rootdir') diff --git a/rootdir/init.rc b/rootdir/init.rc index 3353c64..b25a371 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -181,8 +181,8 @@ on property:sys.boot_from_charger_mode=1 trigger late-init # Load properties from /system/ + /factory after fs mount. -on load_all_props_action - load_all_props +on load_system_props_action + load_system_props start logd start logd-reinit @@ -195,12 +195,16 @@ on late-init trigger early-fs trigger fs trigger post-fs - trigger post-fs-data # Load properties from /system/ + /factory after fs mount. Place # this in another action so that the load will be scheduled after the prior # issued fs triggers have completed. - trigger load_all_props_action + trigger load_system_props_action + + # Now we can mount /data. File encryption requires keymaster to decrypt + # /data, which in turn can only be loaded when system properties are present + trigger post-fs-data + trigger load_persist_props # Remove a file to wake up anything waiting for firmware. trigger firmware_mounts_complete -- cgit v1.1