From d1fe3bdbd6bcdc7f268f045e6b3b77de4d837a21 Mon Sep 17 00:00:00 2001 From: Bowgo Tsai Date: Wed, 5 Jul 2017 15:37:15 +0800 Subject: [PATCH] fs_mgr: allow no verity metadata when the device is unlocked. To boot with generic system.img for project Treble, we should allow no verity metadata when the device is unlocked. The previous fix checks system property "ro.boot.flash.locked" but it's unavailable during first stage mount. This CL checks "androidboot.verifiedbootstate" in kernel command line instead. Bug: 63268209 Test: boot sailfish without metadata on /vendor Change-Id: Ifd1dbeb2a2f09cd06903ecdd59bc94b3905a3fbd --- fs_mgr/fs_mgr.cpp | 10 ++++++++++ fs_mgr/fs_mgr_avb.cpp | 12 +----------- fs_mgr/fs_mgr_priv.h | 1 + fs_mgr/fs_mgr_verity.cpp | 4 ++-- 4 files changed, 14 insertions(+), 13 deletions(-) diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp index 8c19a812c..040b3de12 100644 --- a/fs_mgr/fs_mgr.cpp +++ b/fs_mgr/fs_mgr.cpp @@ -457,6 +457,16 @@ int fs_mgr_set_blk_ro(const char *blockdev) return rc; } +// Orange state means the device is unlocked, see the following link for details. +// https://source.android.com/security/verifiedboot/verified-boot#device_state +bool fs_mgr_is_device_unlocked() { + std::string verified_boot_state; + if (fs_mgr_get_boot_config("verifiedbootstate", &verified_boot_state)) { + return verified_boot_state == "orange"; + } + return false; +} + /* * __mount(): wrapper around the mount() system call which also * sets the underlying block device to read-only if the mount is read-only. diff --git a/fs_mgr/fs_mgr_avb.cpp b/fs_mgr/fs_mgr_avb.cpp index 2c99aa7c5..e939dbe83 100644 --- a/fs_mgr/fs_mgr_avb.cpp +++ b/fs_mgr/fs_mgr_avb.cpp @@ -473,16 +473,6 @@ static bool get_hashtree_descriptor(const std::string& partition_name, return true; } -// Orange state means the device is unlocked, see the following link for details. -// https://source.android.com/security/verifiedboot/verified-boot#device_state -static inline bool IsDeviceUnlocked() { - std::string verified_boot_state; - if (fs_mgr_get_boot_config("verifiedbootstate", &verified_boot_state)) { - return verified_boot_state == "orange"; - } - return false; -} - FsManagerAvbUniquePtr FsManagerAvbHandle::Open(const fstab& fstab) { FsManagerAvbOps avb_ops(fstab); return DoOpen(&avb_ops); @@ -498,7 +488,7 @@ FsManagerAvbUniquePtr FsManagerAvbHandle::Open(ByNameSymlinkMap&& by_name_symlin } FsManagerAvbUniquePtr FsManagerAvbHandle::DoOpen(FsManagerAvbOps* avb_ops) { - bool is_device_unlocked = IsDeviceUnlocked(); + bool is_device_unlocked = fs_mgr_is_device_unlocked(); FsManagerAvbUniquePtr avb_handle(new FsManagerAvbHandle()); if (!avb_handle) { diff --git a/fs_mgr/fs_mgr_priv.h b/fs_mgr/fs_mgr_priv.h index c985462af..5035c87a4 100644 --- a/fs_mgr/fs_mgr_priv.h +++ b/fs_mgr/fs_mgr_priv.h @@ -113,6 +113,7 @@ int fs_mgr_set_blk_ro(const char *blockdev); int fs_mgr_test_access(const char *device); bool fs_mgr_update_for_slotselect(struct fstab *fstab); +bool fs_mgr_is_device_unlocked(); bool is_dt_compatible(); bool is_device_secure(); int load_verity_state(struct fstab_rec* fstab, int* mode); diff --git a/fs_mgr/fs_mgr_verity.cpp b/fs_mgr/fs_mgr_verity.cpp index 8fa93705e..f9973235a 100644 --- a/fs_mgr/fs_mgr_verity.cpp +++ b/fs_mgr/fs_mgr_verity.cpp @@ -782,8 +782,8 @@ int fs_mgr_setup_verity(struct fstab_rec *fstab, bool wait_for_verity_dev) if (fec_verity_get_metadata(f, &verity) < 0) { PERROR << "Failed to get verity metadata '" << fstab->blk_device << "'"; // Allow verity disabled when the device is unlocked without metadata - if ("0" == android::base::GetProperty("ro.boot.flash.locked", "")) { - retval = FS_MGR_SETUP_VERITY_DISABLED; + if (fs_mgr_is_device_unlocked()) { + retval = FS_MGR_SETUP_VERITY_SKIPPED; LWARNING << "Allow invalid metadata when the device is unlocked"; } goto out;