msm8996-common: Enable OEM unlock and bootable image signing

 * Given the fact that the bootloader allows bootable images with
   arbitrary signatures to boot, one can relock the bootloader after
   installing a signed custom recovery. After that, custom ROMs can be
   installed from recovery as usual, as long as the boot.img's are
   signed.
 * This is NOT a security vulnerability because unlocked bootloader is
   still prerequisite to access fastboot boot/flash, in contrast it's a
   feature suggested by Google.
 * To make it feasible with Lineage, sign the img with AOSP verity key
   which is publicly available.
 * This doesn't mean using custom ROMs with locked bootloader is
   suggested.

Change-Id: I178e9588e1dde96400dcb2178a027597d05949bd

0 files changed, 0 insertions, 0 deletions