Ensure update_verifier run before zygote
Currently zygote is started early for FBE device but update_verifier is run later
which creates a potential risk. This CL ensures update_verifier run before
zygote touches anything within data/ partition. With this change, we also start zygote
early for unencrypted/unsupported encryption state device.
Bug: 37543411
Test: marlin boots
(cherry picked from commit 5dc05effecca88f06da090dbcdd257666e69c2c7)
Change-Id: I97cde0c20f74b1b17c995d84c2e31c86fe006395
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 4ebebb7..15fce90 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -498,13 +498,28 @@
# Set indication (checked by vold) that we have finished this action
#setprop vold.post_fs_data_done 1
-# This trigger will be triggered before 'zygote-start' since there is no zygote-start defined in
-# current init.rc. It is recommended to put unnecessary data/ initialization from post-fs-data
-# to start-zygote to unblock zygote start.
+# It is recommended to put unnecessary data/ initialization from post-fs-data
+# to start-zygote in device's init.rc to unblock zygote start.
+on zygote-start && property:ro.crypto.state=unencrypted
+ # A/B update verifier that marks a successful boot.
+ exec_start update_verifier_nonencrypted
+ start netd
+ start zygote
+ start zygote_secondary
+
+on zygote-start && property:ro.crypto.state=unsupported
+ # A/B update verifier that marks a successful boot.
+ exec_start update_verifier_nonencrypted
+ start netd
+ start zygote
+ start zygote_secondary
+
on zygote-start && property:ro.crypto.state=encrypted && property:ro.crypto.type=file
- start netd
- start zygote
- start zygote_secondary
+ # A/B update verifier that marks a successful boot.
+ exec_start update_verifier_nonencrypted
+ start netd
+ start zygote
+ start zygote_secondary
on boot
# basic network init
@@ -603,8 +618,6 @@
class_start core
on nonencrypted
- # A/B update verifier that marks a successful boot.
- exec_start update_verifier_nonencrypted
class_start main
class_start late_start