2021-10-16 14:05:45 -04:00
|
|
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
2021-04-05 22:57:59 -04:00
|
|
|
From: Tad <tad@spotco.us>
|
|
|
|
Date: Mon, 5 Apr 2021 22:55:30 -0400
|
|
|
|
Subject: [PATCH] Allow setting OTA public keys from environment variable
|
|
|
|
|
2022-03-05 12:24:18 -05:00
|
|
|
Change-Id: Ib2a00de63b0c7a8790640462d13a84daf2076fa7
|
2021-04-05 22:57:59 -04:00
|
|
|
---
|
|
|
|
core/Makefile | 4 ++++
|
|
|
|
core/product_config.mk | 5 +++++
|
|
|
|
2 files changed, 9 insertions(+)
|
|
|
|
|
|
|
|
diff --git a/core/Makefile b/core/Makefile
|
2021-10-16 14:05:45 -04:00
|
|
|
index f6c2463439..7f4823a1ac 100644
|
2021-04-05 22:57:59 -04:00
|
|
|
--- a/core/Makefile
|
|
|
|
+++ b/core/Makefile
|
2021-10-16 14:05:45 -04:00
|
|
|
@@ -1895,6 +1895,10 @@ endif
|
2021-04-05 22:57:59 -04:00
|
|
|
# substitute other keys for this one.
|
|
|
|
OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
|
|
|
|
|
|
|
|
+ifneq ($(OTA_KEY_OVERRIDE_DIR),)
|
|
|
|
+ OTA_PUBLIC_KEYS := $(OTA_KEY_OVERRIDE_DIR)/releasekey.x509.pem
|
|
|
|
+endif
|
|
|
|
+
|
|
|
|
# Generate a file containing the keys that will be read by the
|
|
|
|
# recovery binary.
|
|
|
|
RECOVERY_INSTALL_OTA_KEYS := \
|
|
|
|
diff --git a/core/product_config.mk b/core/product_config.mk
|
2021-10-16 14:05:45 -04:00
|
|
|
index 9460357ca1..be4bfec75e 100644
|
2021-04-05 22:57:59 -04:00
|
|
|
--- a/core/product_config.mk
|
|
|
|
+++ b/core/product_config.mk
|
|
|
|
@@ -326,6 +326,11 @@ ENFORCE_SYSTEM_CERTIFICATE_WHITELIST := $(PRODUCT_ARTIFACT_SYSTEM_CERTIFICATE_RE
|
|
|
|
PRODUCT_OTA_PUBLIC_KEYS := $(sort $(PRODUCT_OTA_PUBLIC_KEYS))
|
|
|
|
PRODUCT_EXTRA_RECOVERY_KEYS := $(sort $(PRODUCT_EXTRA_RECOVERY_KEYS))
|
|
|
|
|
|
|
|
+ifneq ($(OTA_KEY_OVERRIDE_DIR),)
|
|
|
|
+ PRODUCT_OTA_PUBLIC_KEYS := $(OTA_KEY_OVERRIDE_DIR)/releasekey.x509.pem
|
|
|
|
+ PRODUCT_EXTRA_RECOVERY_KEYS := $(OTA_KEY_OVERRIDE_DIR)/extra
|
|
|
|
+endif
|
|
|
|
+
|
|
|
|
# Resolve and setup per-module dex-preopt configs.
|
|
|
|
DEXPREOPT_DISABLED_MODULES :=
|
|
|
|
# If a module has multiple setups, the first takes precedence.
|