ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update partition.*.verified even with ro.boot.veritymode set

Browse source 
We need to have partition.*.verified properties even when bootloader
is managing dm-verity mode, because we may have failed to set up the
verified partition and need a property to indicate this.

This means we still need to run fs_mgr_update_verity_state and walk
through all the partitions to verify the device mapper status, just
without updating verity mode.

Bug: 22489805
Bug: 22507568
Change-Id: Iaf28185adb8b80e5452447e54e1f4e4417a34168
(cherry picked from commit 2f42554f18)
This commit is contained in:
Sami Tolvanen 2015-06-19 16:08:41 +01:00
parent a2d1f098df
commit 83d8701b06
1 changed files with 11 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
fs_mgr/fs_mgr_verity.c
View file

@ -859,6 +859,7 @@ out:
int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback)
{
_Alignas(struct dm_ioctl) char buffer[DM_BUF_SIZE];
bool use_state = true;
char fstab_filename[PROPERTY_VALUE_MAX + sizeof(FSTAB_PREFIX)];
char *mount_point;
char propbuf[PROPERTY_VALUE_MAX];
@ -875,7 +876,10 @@ int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback)
property_get("ro.boot.veritymode", propbuf, "");
if (*propbuf != '\0') {
return 0; /* state is kept by the bootloader */
if (fs_mgr_load_verity_state(&mode) == -1) {
return -1;
}
use_state = false; /* state is kept by the bootloader */
}
fd = TEMP_FAILURE_RETRY(open("/dev/device-mapper", O_RDWR | O_CLOEXEC));
@ -900,9 +904,11 @@ int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback)
continue;
}
if (get_verity_state_offset(&fstab->recs[i], &offset) < 0 ||
read_verity_state(fstab->recs[i].verity_loc, offset, &mode) < 0) {
continue;
if (use_state) {
if (get_verity_state_offset(&fstab->recs[i], &offset) < 0 ||
read_verity_state(fstab->recs[i].verity_loc, offset, &mode) < 0) {
continue;
}
}
mount_point = basename(fstab->recs[i].mount_point);
@ -916,7 +922,7 @@ int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback)
status = &buffer[io->data_start + sizeof(struct dm_target_spec)];
if (*status == 'C') {
if (use_state && *status == 'C') {
if (write_verity_state(fstab->recs[i].verity_loc, offset,
VERITY_MODE_LOGGING) < 0) {
continue;