Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4824e794 authored by Sami Tolvanen's avatar Sami Tolvanen Committed by Gerrit Code Review
Browse files

Merge "fs_mgr: validate corrected signatures"

parents 2546a7f8 98f1ea00

fs_mgr/fs_mgr_verity.cpp

+13 −2
Original line number Diff line number Diff line
@@ -142,6 +142,18 @@ out: 
    return retval;

}



static int verify_verity_signature(const struct fec_verity_metadata& verity)

{

    if (verify_table(verity.signature, sizeof(verity.signature),

            verity.table, verity.table_length) == 0 ||

        verify_table(verity.ecc_signature, sizeof(verity.ecc_signature),

            verity.table, verity.table_length) == 0) {

        return 0;

    }



    return -1;

}



static int invalidate_table(char *table, size_t table_length)

{

    size_t n = 0;
@@ -947,8 +959,7 @@ int fs_mgr_setup_verity(struct fstab_rec *fstab) 
    }



    // verify the signature on the table

    if (verify_table(verity.signature, sizeof(verity.signature), params.table,

            verity.table_length) < 0) {

    if (verify_verity_signature(verity) < 0) {

        if (params.mode == VERITY_MODE_LOGGING) {

            // the user has been warned, allow mounting without dm-verity

            retval = FS_MGR_SETUP_VERITY_SUCCESS;