ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "fs_mgr_avb: allow verification error when the device is unlocked" am: 7245ab6a11 am: 140d1f51a1

Browse source 
am: 5e953b0397

Change-Id: I50144f63c2f1b7c517f5cc7d9ac0d8b437f5848d
This commit is contained in:
Thierry Strudel 2017-05-05 16:51:21 +00:00 committed by android-build-merger
commit cd0ece0752
2 changed files with 43 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

68
fs_mgr/fs_mgr_avb.cpp
View file

@ -483,13 +483,34 @@ FsManagerAvbUniquePtr FsManagerAvbHandle::Open(const std::string& device_file_by
// Only allow two verify results: // Only allow two verify results:
// - AVB_SLOT_VERIFY_RESULT_OK. // - AVB_SLOT_VERIFY_RESULT_OK.
// - AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION (for UNLOCKED state). // - AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION (for UNLOCKED state).
if (verify_result == AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION) { // If the device is UNLOCKED, i.e., |allow_verification_error| is true for
if (!avb_verifier->IsDeviceUnlocked()) { // AvbSlotVerify(), then the following return values are all non-fatal:
LERROR << "ERROR_VERIFICATION isn't allowed"; // * AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION
// * AVB_SLOT_VERIFY_RESULT_ERROR_PUBLIC_KEY_REJECTED
// * AVB_SLOT_VERIFY_RESULT_ERROR_ROLLBACK_INDEX
// The latter two results were checked by bootloader prior to start fs_mgr so
// we just need to handle the first result here. See *dummy* operations in
// FsManagerAvbOps and the comments in external/avb/libavb/avb_slot_verify.h
// for more details.
switch (verify_result) {
case AVB_SLOT_VERIFY_RESULT_OK:
avb_handle->status_ = kFsManagerAvbHandleSuccess;
break;
case AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION:
if (!avb_verifier->IsDeviceUnlocked()) {
LERROR << "ERROR_VERIFICATION isn't allowed when the device is LOCKED";
return nullptr;
}
avb_handle->status_ = kFsManagerAvbHandleErrorVerification;
break;
default:
LERROR << "avb_slot_verify failed, result: " << verify_result;
return nullptr; return nullptr;
} }
} else if (verify_result != AVB_SLOT_VERIFY_RESULT_OK) {
LERROR << "avb_slot_verify failed, result: " << verify_result; // Verifies vbmeta images against the digest passed from bootloader.
if (!avb_verifier->VerifyVbmetaImages(*avb_handle->avb_slot_data_)) {
LERROR << "VerifyVbmetaImages failed";
return nullptr; return nullptr;
} }
@ -497,30 +518,20 @@ FsManagerAvbUniquePtr FsManagerAvbHandle::Open(const std::string& device_file_by
avb_handle->avb_version_ = avb_handle->avb_version_ =
android::base::StringPrintf("%d.%d", AVB_VERSION_MAJOR, AVB_VERSION_MINOR); android::base::StringPrintf("%d.%d", AVB_VERSION_MAJOR, AVB_VERSION_MINOR);
// Verifies vbmeta images against the digest passed from bootloader. // Checks whether FLAGS_HASHTREE_DISABLED is set.
if (!avb_verifier->VerifyVbmetaImages(*avb_handle->avb_slot_data_)) { AvbVBMetaImageHeader vbmeta_header;
LERROR << "VerifyVbmetaImages failed"; avb_vbmeta_image_header_to_host_byte_order(
return nullptr; (AvbVBMetaImageHeader*)avb_handle->avb_slot_data_->vbmeta_images[0].vbmeta_data,
} else { &vbmeta_header);
// Checks whether FLAGS_HASHTREE_DISABLED is set.
AvbVBMetaImageHeader vbmeta_header;
avb_vbmeta_image_header_to_host_byte_order(
(AvbVBMetaImageHeader*)avb_handle->avb_slot_data_->vbmeta_images[0].vbmeta_data,
&vbmeta_header);
bool hashtree_disabled = bool hashtree_disabled =
((AvbVBMetaImageFlags)vbmeta_header.flags & AVB_VBMETA_IMAGE_FLAGS_HASHTREE_DISABLED); ((AvbVBMetaImageFlags)vbmeta_header.flags & AVB_VBMETA_IMAGE_FLAGS_HASHTREE_DISABLED);
if (hashtree_disabled) { if (hashtree_disabled) {
avb_handle->status_ = kFsManagerAvbHandleHashtreeDisabled; avb_handle->status_ = kFsManagerAvbHandleHashtreeDisabled;
return avb_handle;
}
} }
if (verify_result == AVB_SLOT_VERIFY_RESULT_OK) { LINFO << "Returning avb_handle with status: " << avb_handle->status_;
avb_handle->status_ = kFsManagerAvbHandleSuccess; return avb_handle;
return avb_handle;
}
return nullptr;
} }
bool FsManagerAvbHandle::SetUpAvb(struct fstab_rec* fstab_entry, bool wait_for_verity_dev) { bool FsManagerAvbHandle::SetUpAvb(struct fstab_rec* fstab_entry, bool wait_for_verity_dev) {
@ -528,11 +539,12 @@ bool FsManagerAvbHandle::SetUpAvb(struct fstab_rec* fstab_entry, bool wait_for_v
if (!avb_slot_data_ || avb_slot_data_->num_vbmeta_images < 1) { if (!avb_slot_data_ || avb_slot_data_->num_vbmeta_images < 1) {
return false; return false;
} }
if (status_ == kFsManagerAvbHandleUninitialized) return false;
if (status_ == kFsManagerAvbHandleHashtreeDisabled) { if (status_ == kFsManagerAvbHandleHashtreeDisabled) {
LINFO << "AVB HASHTREE disabled on:" << fstab_entry->mount_point; LINFO << "AVB HASHTREE disabled on:" << fstab_entry->mount_point;
return true; return true;
} }
if (status_ != kFsManagerAvbHandleSuccess) return false;
std::string partition_name(basename(fstab_entry->mount_point)); std::string partition_name(basename(fstab_entry->mount_point));
if (!avb_validate_utf8((const uint8_t*)partition_name.c_str(), partition_name.length())) { if (!avb_validate_utf8((const uint8_t*)partition_name.c_str(), partition_name.length())) {

5
fs_mgr/include/fs_mgr_avb.h
View file

@ -25,9 +25,10 @@
#include "fs_mgr.h" #include "fs_mgr.h"
enum FsManagerAvbHandleStatus { enum FsManagerAvbHandleStatus {
kFsManagerAvbHandleUninitialized = -1,
kFsManagerAvbHandleSuccess = 0, kFsManagerAvbHandleSuccess = 0,
kFsManagerAvbHandleHashtreeDisabled = 1, kFsManagerAvbHandleHashtreeDisabled = 1,
kFsManagerAvbHandleFail = 2, kFsManagerAvbHandleErrorVerification = 2,
}; };
class FsManagerAvbHandle; class FsManagerAvbHandle;
@ -88,7 +89,7 @@ class FsManagerAvbHandle {
}; };
protected: protected:
FsManagerAvbHandle() : avb_slot_data_(nullptr), status_(kFsManagerAvbHandleFail) {} FsManagerAvbHandle() : avb_slot_data_(nullptr), status_(kFsManagerAvbHandleUninitialized) {}
private: private:
AvbSlotVerifyData* avb_slot_data_; AvbSlotVerifyData* avb_slot_data_;