[Replicant] [manifest] [PATCH v3] Add replicant-data
Denis 'GNUtoo' Carikli
GNUtoo at cyberdimension.org
Fri Oct 2 13:50:56 UTC 2020
This repository has all the Replicant releases certificates which are
needed to generate the keys-migration.sh script which will be added at
vendor/replicant/prebuilt/common/bin/keys-migration.sh.
As the prebuilt directory name imply it will have to be manually generated.
To do that a python script is being worked on.
The key-migration.sh script is needed because during the Replicant build,
keys and certificates are generated by vendor/replicant/sign-build.sh.
They are then used to sign system applications. If the application
signatures changes, the applications loose access to their data.
On Replicant 6 this results in the launcher always crashing, making the
device unusable after having installing a new image with different
signatures for system applications.
To fix that, the key-migration.sh script will be able to replace the old
certificates public keys with the new ones in /data/system/packages.xml.
As we already have several certificates sets due to developers changes
and to the fact that I didn't realize that I needed not to delete the
vendor/replicant-security directory, it's better to automatize the
key-migration.sh script creation.
In addition it enables to abstract away key management to make the cost
of deleting vendor/replicant-security irrelevant, and also enables
to create custom scripts for downgrade and to make it easier for users and
developers to run their own builds.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo at cyberdimension.org>
---
default.xml | 1 +
1 file changed, 1 insertion(+)
diff --git a/default.xml b/default.xml
index 843d796..b182014 100644
--- a/default.xml
+++ b/default.xml
@@ -294,6 +294,7 @@
<project path="system/security" name="LineageOS-mirror/android_system_security.git" groups="pdk" />
<project path="system/vold" name="LineageOS-mirror/android_system_vold.git" groups="pdk" />
<project path="vendor/replicant" name="replicant/vendor_replicant.git" remote="replicant" />
+ <project path="vendor/replicant-data" name="replicant/vendor_replicant-data.git" remote="replicant" revision="master" />
<project path="vendor/replicant-scripts" name="replicant/vendor_replicant-scripts.git" remote="replicant" />
<project path="vendor/cmsdk" name="replicant/vendor_cmsdk.git" remote="replicant" />
--
2.28.0
More information about the Replicant
mailing list