HiKey960: Enable metadata encryption

This fully enables metadata encryption on hikey960 by following the instructions here: https://source.android.com/security/encryption/metadata?hl=en Mostly just adding --early/--late mountall arguments in the init.rc and the "latemount" and "keydirectory=/metadata/vold/metadata_encryption" options to the userdata fstab line. Note: You will likely need to flash new userdata (and possibly reflash metadata as well) after applying this. Use the flashall script if you are having any trouble. Test: atest vts_kernel_encryption_test Reported-by: YongQin Liu <yongqin.liu@linaro.org> Signed-off-by: John Stultz <john.stultz@linaro.org> Change-Id: Idd57774ac21ca1535259e679fc92f127e1e710e0
author: John Stultz <john.stultz@linaro.org> 2021-07-27 04:34:04 +0000
committer: John Stultz <john.stultz@linaro.org> 2021-07-27 04:35:44 +0000
commit: 03c11dfce22a389404b492ed9475adc3441774dc (patch)
tree: 0a47edba4a3ab2de40bb1ba2abab2b9031fbc5fe /init.common.rc
parent: aa4874ddc8cbf666b5c6a8d7e03fa2d237066bb6 (diff)
download: hikey-03c11dfce22a389404b492ed9475adc3441774dc.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/init.common.rc b/init.common.rc
index 1ae164b7..7018eeff 100644
--- a/init.common.rc
+++ b/init.common.rc
@@ -16,8 +16,10 @@ on init
 
     start watchdogd
 
+on early-fs
+    start vold
+
 on fs
-    mount_all /vendor/etc/fstab.${ro.hardware}
     setprop ro.crypto.fuse_sdcard false
 
 on post-fs
author	John Stultz <john.stultz@linaro.org>	2021-07-27 04:34:04 +0000
committer	John Stultz <john.stultz@linaro.org>	2021-07-27 04:35:44 +0000
commit	03c11dfce22a389404b492ed9475adc3441774dc (patch)
tree	0a47edba4a3ab2de40bb1ba2abab2b9031fbc5fe /init.common.rc
parent	aa4874ddc8cbf666b5c6a8d7e03fa2d237066bb6 (diff)
download	hikey-03c11dfce22a389404b492ed9475adc3441774dc.tar.gz