From 21afa1693f662d9216147e5b502ba49641e91850 Mon Sep 17 00:00:00 2001
From: Mark Salyzyn <salyzyn@google.com>
Date: Wed, 29 Aug 2018 10:44:33 -0700
Subject: [PATCH] fs_mgr: overlay drop redundant check

fs_mgr_update_verity_state() provides the needed result, we do not
need to check verity state manually.

Caveat:

The open-coded verity check is not 100% redundant, as it ensures
that if /vendor is not mounted, where the device mount table resides
to aid in a correct enumeration of all verity-enabled mount points,
that /system is not accidentally overlay mounted on a verity checked
volume.  This is a unlikely corner condition.  A fix for this
condition in the future is to instead migrate this redundant
checking into fs_mgr_update_verity_state() since system is
considered ever present and can be blindly performed without the
required /system or / mount point entries in fstab.  Note that
the overlay logic is #ifdef'd out on user builds, so it is not
really a security or reliability issue on a release build.

Test: manual
Bug: 109821005
Change-Id: Ib4a7f9438b2a3cb008e263605a7a7647737c40f2
---
 fs_mgr/fs_mgr_overlayfs.cpp | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/fs_mgr/fs_mgr_overlayfs.cpp b/fs_mgr/fs_mgr_overlayfs.cpp
index ff7a75c1d..4934f5a9e 100644
--- a/fs_mgr/fs_mgr_overlayfs.cpp
+++ b/fs_mgr/fs_mgr_overlayfs.cpp
@@ -556,17 +556,11 @@ std::vector<std::string> fs_mgr_candidate_list(const fstab* fstab,
         return mounts;
     }
 
-    // Manually check dm state because stunted fstab (w/o system as root) borken
-    auto& dm = DeviceMapper::Instance();
-    auto found = false;
-    for (auto& system : {"system", "vroot"}) {
-        if (dm.GetState(system) == DmDeviceState::INVALID) continue;
-        std::vector<DeviceMapper::TargetInfo> table;
-        found = !dm.GetTableStatus(system, &table) || table.empty() || table[0].data.empty() ||
-                (table[0].data[0] == 'C') || (table[0].data[0] == 'V');
-        if (found) break;
-    }
-    if (!found) mounts.emplace_back("/system");
+    // We have a stunted fstab (w/o system or / ) passed in by the caller,
+    // verity claims are assumed accurate because they are collected internally
+    // from fs_mgr_fstab_default() from within fs_mgr_update_verity_state(),
+    // Can (re)evaluate /system with impunity since we know it is ever-present.
+    mounts.emplace_back("/system");
     return mounts;
 }