diff --git a/BoardConfigCommon.mk b/BoardConfigCommon.mk index 889b81d..2ea88e5 100644 --- a/BoardConfigCommon.mk +++ b/BoardConfigCommon.mk @@ -153,9 +153,9 @@ BOARD_AVB_RECOVERY_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem BOARD_AVB_RECOVERY_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP) BOARD_AVB_RECOVERY_ROLLBACK_INDEX_LOCATION := 1 -BOARD_AVB_VBMETA_SYSTEM := product system system_ext -BOARD_AVB_VBMETA_SYSTEM_ALGORITHM := SHA256_RSA2048 -BOARD_AVB_VBMETA_SYSTEM_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem +BOARD_AVB_VBMETA_SYSTEM := odm product system system_dlkm system_ext vendor vendor_dlkm +BOARD_AVB_VBMETA_SYSTEM_ALGORITHM := SHA256_RSA4096 +BOARD_AVB_VBMETA_SYSTEM_KEY_PATH := external/avb/test/data/testkey_rsa4096.pem BOARD_AVB_VBMETA_SYSTEM_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP) BOARD_AVB_VBMETA_SYSTEM_ROLLBACK_INDEX_LOCATION := 2 diff --git a/init/fstab.qcom b/init/fstab.qcom index 21d9f38..24e5543 100644 --- a/init/fstab.qcom +++ b/init/fstab.qcom @@ -35,27 +35,40 @@ # specify MF_CHECK, and must come before any filesystems that do specify MF_CHECK # -system /system ext4 ro,barrier=1,discard wait,slotselect,avb=vbmeta_system,logical,first_stage_mount,avb_keys=/avb/q-gsi.avbpubkey:/avb/r-gsi.avbpubkey:/avb/s-gsi.avbpubkey:/avb/t-gsi.avbpubkey -system_ext /system_ext ext4 ro,barrier=1,discard wait,slotselect,avb=vbmeta_system,logical,first_stage_mount -product /product ext4 ro,barrier=1,discard wait,slotselect,avb=vbmeta_system,logical,first_stage_mount -vendor /vendor ext4 ro,barrier=1,discard wait,slotselect,avb=vbmeta,logical,first_stage_mount -vendor_dlkm /vendor_dlkm ext4 ro,barrier=1,discard wait,slotselect,avb=vbmeta,logical,first_stage_mount -system_dlkm /system_dlkm ext4 ro,barrier=1,discard wait,slotselect,avb=vbmeta,logical,first_stage_mount -odm /odm ext4 ro,barrier=1,discard wait,slotselect,avb=vbmeta,logical,first_stage_mount -/dev/block/by-name/boot /boot emmc defaults slotselect,avb=vbmeta,first_stage_mount -/dev/block/by-name/init_boot /init_boot emmc defaults slotselect,avb=vbmeta,first_stage_mount -/dev/block/by-name/vendor_boot /vendor_boot emmc defaults slotselect,avb=vbmeta,first_stage_mount -/dev/block/by-name/dtbo /dtbo emmc defaults slotselect,avb=vbmeta,first_stage_mount -/dev/block/by-name/recovery /recovery emmc defaults slotselect,avb=vbmeta,first_stage_mount -/dev/block/by-name/metadata /metadata f2fs noatime,nosuid,nodev,discard wait,check,formattable,first_stage_mount -/dev/block/bootdevice/by-name/persist /mnt/vendor/persist ext4 noatime,nosuid,nodev,barrier=1 wait -/dev/block/bootdevice/by-name/userdata /data f2fs noatime,nosuid,nodev,discard,reserve_root=32768,resgid=1065,fsync_mode=nobarrier,inlinecrypt latemount,wait,check,formattable,fileencryption=aes-256-xts:aes-256-cts:v2+inlinecrypt_optimized+wrappedkey_v0,keydirectory=/metadata/vold/metadata_encryption,metadata_encryption=aes-256-xts:wrappedkey_v0,quota,reservedsize=128M,sysfs_path=/sys/devices/platform/soc/1d84000.ufshc,checkpoint=fs -/dev/block/bootdevice/by-name/misc /misc emmc defaults defaults -/devices/platform/soc/8804000.sdhci/mmc_host* /storage/sdcard1 vfat nosuid,nodev wait,voldmanaged=sdcard1:auto,encryptable=footer -/devices/platform/soc/*.ssusb/*.dwc3/xhci-hcd.*.auto* /storage/usbotg vfat nosuid,nodev wait,voldmanaged=usbotg:auto -/dev/block/bootdevice/by-name/modem /vendor/firmware_mnt vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait,slotselect -/dev/block/bootdevice/by-name/dsp /vendor/dsp ext4 ro,nosuid,nodev,barrier=1 wait,slotselect -/dev/block/bootdevice/by-name/vm-bootsys /vendor/vm-system ext4 ro,nosuid,nodev,barrier=1 wait,slotselect +system /system ext4 ro avb=vbmeta_system,wait,logical,first_stage_mount,avb_keys=/avb/q-gsi.avbpubkey:/avb/r-gsi.avbpubkey:/avb/s-gsi.avbpubkey:/avb/t-gsi.avbpubkey +system_ext /system_ext ext4 ro avb=vbmeta_system,wait,logical,first_stage_mount,avb_keys=/avb/q-gsi.avbpubkey:/avb/r-gsi.avbpubkey:/avb/s-gsi.avbpubkey:/avb/t-gsi.avbpubkey +product /product ext4 ro avb,wait,logical,first_stage_mount +vendor /vendor ext4 ro avb,wait,logical,first_stage_mount +vendor_dlkm /vendor_dlkm ext4 ro avb,wait,logical,first_stage_mount +system_dlkm /system_dlkm ext4 ro avb,wait,logical,first_stage_mount +odm /odm ext4 ro avb,wait,logical,first_stage_mount +/dev/block/bootdevice/by-name/boot /boot emmc defaults defaults +/dev/block/bootdevice/by-name/init_boot /init_boot emmc defaults defaults,first_stage_mount +/dev/block/bootdevice/by-name/vendor_boot /vendor_boot emmc defaults defaults,first_stage_mount +/dev/block/bootdevice/by-name/recovery /recovery emmc defaults defaults +/dev/block/by-name/metadata /metadata ext4 noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic,sync wait,check,formattable,wrappedkey,first_stage_mount +/dev/block/bootdevice/by-name/userdata /data f2fs noatime,nosuid,nodev,discard,usrquota,grpquota,fsync_mode=nobarrier,reserve_root=32768,resgid=5678,whint_mode=fs-based,inlinecrypt latemount,wait,check,quota,reservedsize=128M,sysfs_path=/sys/devices/platform/soc/1d84000.ufshc,checkpoint=fs,fscompress,fileencryption=aes-256-xts:aes-256-cts:v2+inlinecrypt_optimized+wrappedkey_v0,metadata_encryption=aes-256-xts:wrappedkey_v0,keydirectory=/metadata/vold/metadata_encryption +/dev/block/bootdevice/by-name/cache /cache ext4 noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic wait,check +/dev/block/bootdevice/by-name/persist /mnt/vendor/persist ext4 noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic wait,check +/dev/block/bootdevice/by-name/misc /misc emmc defaults defaults,first_stage_mount +/dev/block/bootdevice/by-name/apnhlos /vendor/firmware_mnt vfat ro,context=u:object_r:firmware_file:s0,shortname=lower,uid=0,gid=1000,dmask=227,fmask=337 wait +/dev/block/bootdevice/by-name/modem /vendor/firmware-modem vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait +/dev/block/bootdevice/by-name/efs /mnt/vendor/efs ext4 noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic wait,check +/dev/block/bootdevice/by-name/sec_efs /efs ext4 noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic wait,check +/dev/block/bootdevice/by-name/dsp /vendor/dsp ext4 ro,nosuid,nodev,barrier=1 wait +/dev/block/bootdevice/by-name/carrier /carrier ext4 noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic defaults,nofail,check +/dev/block/bootdevice/by-name/abl /abl emmc defaults defaults,first_stage_mount +/dev/block/bootdevice/by-name/tz /tz emmc defaults defaults,first_stage_mount +/dev/block/bootdevice/by-name/hyp /hyp emmc defaults defaults,first_stage_mount +/dev/block/bootdevice/by-name/xbl /xbl emmc defaults defaults,first_stage_mount +/dev/block/bootdevice/by-name/vm-bootsys /vendor/vm-system ext4 ro,nosuid,nodev,barrier=1 wait /dev/block/bootdevice/by-name/vm-persist /mnt/product/vm-persist ext4 noatime,nosuid,nodev,barrier=1 wait -/dev/block/bootdevice/by-name/bluetooth /vendor/bt_firmware vfat ro,shortname=lower,uid=1002,gid=3002,dmask=227,fmask=337,context=u:object_r:bt_firmware_file:s0 wait,slotselect +/dev/block/bootdevice/by-name/bluetooth /vendor/bt_firmware vfat ro,shortname=lower,uid=1002,gid=3002,dmask=227,fmask=337,context=u:object_r:bt_firmware_file:s0 wait /dev/block/bootdevice/by-name/qmcs /mnt/vendor/qmcs vfat noatime,nosuid,nodev,context=u:object_r:vendor_qmcs_file:s0 wait,check,formattable + +/devices/platform/soc/*.ssusb/*.dwc3/xhci-hcd.*.auto* /storage/usbotg vfat nosuid,nodev wait,voldmanaged=usbotg:auto +/devices/platform/soc/8804000.sdhci/mmc_host* auto vfat defaults voldmanaged=sdcard:auto + +#CSC +/dev/block/platform/soc/1d84000.ufshc/by-name/prism /prism ext4 ro,barrier=1 avb,nofail,first_stage_mount +/dev/block/platform/soc/1d84000.ufshc/by-name/optics /optics ext4 ro,barrier=1 avb,nofail,first_stage_mount