Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 05ff38ba authored by Sandeep Patil's avatar Sandeep Patil
Browse files

init: early_mount: disallow partitions to be verified at boot 



While technically possible, the verification at boot basically will
block init for as long as the entire partition is read while nothing
else is running. Disallow that as this is not going to be used anywhere.

Bug: 27805372
Test: boot angler with verifyatboot fs_mgr option for early mounted
vendor partition. That resulted in a panic() as expected.

Change-Id: I9da5caa163cae8bce6dbfb630f0ed5605ea044a0
Signed-off-by: default avatarSandeep Patil <sspatil@google.com>
parent 0a3e36fb

fs_mgr/fs_mgr_fstab.cpp

+5 −0
Original line number Diff line number Diff line
@@ -557,6 +557,11 @@ int fs_mgr_is_verified(const struct fstab_rec *fstab) 
    return fstab->fs_mgr_flags & MF_VERIFY;

}



int fs_mgr_is_verifyatboot(const struct fstab_rec *fstab)

{

    return fstab->fs_mgr_flags & MF_VERIFYATBOOT;

}



int fs_mgr_is_encryptable(const struct fstab_rec *fstab)

{

    return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT | MF_FORCEFDEORFBE);

fs_mgr/include/fs_mgr.h

+1 −0
Original line number Diff line number Diff line
@@ -117,6 +117,7 @@ struct fstab_rec *fs_mgr_get_entry_for_mount_point(struct fstab *fstab, const ch 
int fs_mgr_is_voldmanaged(const struct fstab_rec *fstab);

int fs_mgr_is_nonremovable(const struct fstab_rec *fstab);

int fs_mgr_is_verified(const struct fstab_rec *fstab);

int fs_mgr_is_verifyatboot(const struct fstab_rec *fstab);

int fs_mgr_is_encryptable(const struct fstab_rec *fstab);

int fs_mgr_is_file_encrypted(const struct fstab_rec *fstab);

const char* fs_mgr_get_file_encryption_mode(const struct fstab_rec *fstab);

init/init.cpp

+8 −0
Original line number Diff line number Diff line
@@ -799,6 +799,14 @@ static bool early_mount() { 
        return true;

    }



    // don't allow verifyatboot for early mounted partitions

    if ((odm_rec && fs_mgr_is_verifyatboot(odm_rec)) ||

        (system_rec && fs_mgr_is_verifyatboot(system_rec)) ||

        (vendor_rec && fs_mgr_is_verifyatboot(vendor_rec))) {

        LOG(ERROR) << "Early mount partitions can't be verified at boot";

        return false;

    }



    // assume A/B device if we find 'slotselect' in any fstab entry

    bool is_ab = ((odm_rec && fs_mgr_is_slotselect(odm_rec)) ||

                  (system_rec && fs_mgr_is_slotselect(system_rec)) ||