From 2f42554f18e2ba3d40b736ff9ff21e79953e86a5 Mon Sep 17 00:00:00 2001
From: Sami Tolvanen <samitolvanen@google.com>
Date: Fri, 19 Jun 2015 16:08:41 +0100
Subject: [PATCH] Update partition.*.verified even with ro.boot.veritymode set

We need to have partition.*.verified properties even when bootloader
is managing dm-verity mode, because we may have failed to set up the
verified partition and need a property to indicate this.

This means we still need to run fs_mgr_update_verity_state and walk
through all the partitions to verify the device mapper status, just
without updating verity mode.

Bug: 22489805
Change-Id: Iaf28185adb8b80e5452447e54e1f4e4417a34168
---
 fs_mgr/fs_mgr_verity.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/fs_mgr/fs_mgr_verity.c b/fs_mgr/fs_mgr_verity.c
index 0a945a38c..a4a99c387 100644
--- a/fs_mgr/fs_mgr_verity.c
+++ b/fs_mgr/fs_mgr_verity.c
@@ -859,6 +859,7 @@ out:
 int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback)
 {
     _Alignas(struct dm_ioctl) char buffer[DM_BUF_SIZE];
+    bool use_state = true;
     char fstab_filename[PROPERTY_VALUE_MAX + sizeof(FSTAB_PREFIX)];
     char *mount_point;
     char propbuf[PROPERTY_VALUE_MAX];
@@ -875,7 +876,10 @@ int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback)
     property_get("ro.boot.veritymode", propbuf, "");
 
     if (*propbuf != '\0') {
-        return 0; /* state is kept by the bootloader */
+        if (fs_mgr_load_verity_state(&mode) == -1) {
+            return -1;
+        }
+        use_state = false; /* state is kept by the bootloader */
     }
 
     fd = TEMP_FAILURE_RETRY(open("/dev/device-mapper", O_RDWR | O_CLOEXEC));
@@ -900,9 +904,11 @@ int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback)
             continue;
         }
 
-        if (get_verity_state_offset(&fstab->recs[i], &offset) < 0 ||
-            read_verity_state(fstab->recs[i].verity_loc, offset, &mode) < 0) {
-            continue;
+        if (use_state) {
+            if (get_verity_state_offset(&fstab->recs[i], &offset) < 0 ||
+                read_verity_state(fstab->recs[i].verity_loc, offset, &mode) < 0) {
+                continue;
+            }
         }
 
         mount_point = basename(fstab->recs[i].mount_point);
@@ -916,7 +922,7 @@ int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback)
 
         status = &buffer[io->data_start + sizeof(struct dm_target_spec)];
 
-        if (*status == 'C') {
+        if (use_state && *status == 'C') {
             if (write_verity_state(fstab->recs[i].verity_loc, offset,
                     VERITY_MODE_LOGGING) < 0) {
                 continue;