Loading fs_mgr/Android.mk +2 −1 Original line number Diff line number Diff line Loading @@ -25,7 +25,8 @@ LOCAL_SRC_FILES:= \ fs_mgr_slotselect.cpp \ fs_mgr_verity.cpp \ fs_mgr_avb.cpp \ fs_mgr_avb_ops.cpp fs_mgr_avb_ops.cpp \ fs_mgr_boot_config.cpp LOCAL_C_INCLUDES := \ $(LOCAL_PATH)/include \ system/vold \ Loading fs_mgr/fs_mgr.cpp +20 −20 Original line number Diff line number Diff line Loading @@ -48,7 +48,6 @@ #include "fs_mgr_priv.h" #include "fs_mgr_priv_avb.h" #include "fs_mgr_priv_verity.h" #define KEY_LOC_PROP "ro.crypto.keyfile.userdata" #define KEY_IN_FOOTER "footer" Loading Loading @@ -661,6 +660,8 @@ static int handle_encryptable(const struct fstab_rec* rec) } } // TODO: add ueventd notifiers if they don't exist. // This is just doing a wait_for_device for maximum of 1s int fs_mgr_test_access(const char *device) { int tries = 25; while (tries--) { Loading Loading @@ -880,6 +881,24 @@ int fs_mgr_mount_all(struct fstab *fstab, int mount_mode) } } /* wrapper to __mount() and expects a fully prepared fstab_rec, * unlike fs_mgr_do_mount which does more things with avb / verity * etc. */ int fs_mgr_do_mount_one(struct fstab_rec *rec) { if (!rec) { return FS_MGR_DOMNT_FAILED; } int ret = __mount(rec->blk_device, rec->mount_point, rec); if (ret) { ret = (errno == EBUSY) ? FS_MGR_DOMNT_BUSY : FS_MGR_DOMNT_FAILED; } return ret; } /* If tmp_mount_point is non-null, mount the filesystem there. This is for the * tmp mount we do to check the user password * If multiple fstab entries are to be mounted on "n_name", it will try to mount each one Loading Loading @@ -1171,22 +1190,3 @@ int fs_mgr_get_crypt_info(struct fstab *fstab, char *key_loc, char *real_blk_dev return 0; } int fs_mgr_early_setup_verity(struct fstab_rec *fstab_rec) { if ((fstab_rec->fs_mgr_flags & MF_VERIFY) && device_is_secure()) { int rc = fs_mgr_setup_verity(fstab_rec, false); if (__android_log_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) { LINFO << "Verity disabled"; return FS_MGR_EARLY_SETUP_VERITY_NO_VERITY; } else if (rc == FS_MGR_SETUP_VERITY_SUCCESS) { return FS_MGR_EARLY_SETUP_VERITY_SUCCESS; } else { return FS_MGR_EARLY_SETUP_VERITY_FAIL; } } else if (device_is_secure()) { LERROR << "Verity must be enabled for early mounted partitions on secured devices"; return FS_MGR_EARLY_SETUP_VERITY_FAIL; } return FS_MGR_EARLY_SETUP_VERITY_NO_VERITY; } fs_mgr/fs_mgr_avb.cpp +15 −9 Original line number Diff line number Diff line Loading @@ -441,19 +441,24 @@ static bool get_hashtree_descriptor(const std::string& partition_name, static bool init_is_avb_used() { // When AVB is used, boot loader should set androidboot.vbmeta.{hash_alg, // size, digest} in kernel cmdline. They will then be imported by init // process to system properties: ro.boot.vbmeta.{hash_alg, size, digest}. // size, digest} in kernel cmdline or in device tree. They will then be // imported by init process to system properties: ro.boot.vbmeta.{hash_alg, size, digest}. // // In case of early mount, init properties are not initialized, so we also // ensure we look into kernel command line and device tree if the property is // not found // // Checks hash_alg as an indicator for whether AVB is used. // We don't have to parse and check all of them here. The check will // be done in fs_mgr_load_vbmeta_images() and FS_MGR_SETUP_AVB_FAIL will // be returned when there is an error. std::string hash_alg = android::base::GetProperty("ro.boot.vbmeta.hash_alg", ""); std::string hash_alg; if (fs_mgr_get_boot_config("vbmeta.hash_alg", &hash_alg) == 0) { if (hash_alg == "sha256" || hash_alg == "sha512") { return true; } } return false; } Loading Loading @@ -483,9 +488,10 @@ int fs_mgr_load_vbmeta_images(struct fstab* fstab) { // of HASH partitions into fs_mgr_avb_verify_data, which is not required as // fs_mgr only deals with HASHTREE partitions. const char *requested_partitions[] = {nullptr}; const char* ab_suffix = android::base::GetProperty("ro.boot.slot_suffix", "").c_str(); std::string ab_suffix; fs_mgr_get_boot_config("slot_suffix", &ab_suffix); AvbSlotVerifyResult verify_result = avb_slot_verify(fs_mgr_avb_ops, requested_partitions, ab_suffix, avb_slot_verify(fs_mgr_avb_ops, requested_partitions, ab_suffix.c_str(), fs_mgr_vbmeta_prop.allow_verification_error, &fs_mgr_avb_verify_data); // Only allow two verify results: Loading fs_mgr/fs_mgr_boot_config.cpp 0 → 100644 +71 −0 Original line number Diff line number Diff line /* * Copyright (C) 2017 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include <android-base/file.h> #include <android-base/stringprintf.h> #include <android-base/strings.h> #include <android-base/properties.h> #include "fs_mgr_priv.h" // Tries to get the boot config value in properties, kernel cmdline and // device tree (in that order). returns 'true' if successfully found, 'false' // otherwise bool fs_mgr_get_boot_config(const std::string& key, std::string* out_val) { FS_MGR_CHECK(out_val != nullptr); // first check if we have "ro.boot" property already *out_val = android::base::GetProperty("ro.boot." + key, ""); if (!out_val->empty()) { return true; } // fallback to kernel cmdline, properties may not be ready yet std::string cmdline; std::string cmdline_key("androidboot." + key); if (android::base::ReadFileToString("/proc/cmdline", &cmdline)) { for (const auto& entry : android::base::Split(android::base::Trim(cmdline), " ")) { std::vector<std::string> pieces = android::base::Split(entry, "="); if (pieces.size() == 2) { if (pieces[0] == cmdline_key) { *out_val = pieces[1]; return true; } } } } // lastly, check the device tree static const std::string android_dt_dir("/proc/device-tree/firmware/android"); std::string file_name = android_dt_dir + "/compatible"; std::string dt_value; if (android::base::ReadFileToString(file_name, &dt_value)) { if (dt_value != "android,firmware") { LERROR << "Error finding compatible android DT node"; return false; } file_name = android_dt_dir + "/" + key; // DT entries terminate with '\0' but so do the properties if (android::base::ReadFileToString(file_name, out_val)) { return true; } LERROR << "Error finding '" << key << "' in device tree"; } return false; } fs_mgr/fs_mgr_fstab.cpp +5 −0 Original line number Diff line number Diff line Loading @@ -557,6 +557,11 @@ int fs_mgr_is_verified(const struct fstab_rec *fstab) return fstab->fs_mgr_flags & MF_VERIFY; } int fs_mgr_is_verifyatboot(const struct fstab_rec *fstab) { return fstab->fs_mgr_flags & MF_VERIFYATBOOT; } int fs_mgr_is_encryptable(const struct fstab_rec *fstab) { return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT | MF_FORCEFDEORFBE); Loading Loading
fs_mgr/Android.mk +2 −1 Original line number Diff line number Diff line Loading @@ -25,7 +25,8 @@ LOCAL_SRC_FILES:= \ fs_mgr_slotselect.cpp \ fs_mgr_verity.cpp \ fs_mgr_avb.cpp \ fs_mgr_avb_ops.cpp fs_mgr_avb_ops.cpp \ fs_mgr_boot_config.cpp LOCAL_C_INCLUDES := \ $(LOCAL_PATH)/include \ system/vold \ Loading
fs_mgr/fs_mgr.cpp +20 −20 Original line number Diff line number Diff line Loading @@ -48,7 +48,6 @@ #include "fs_mgr_priv.h" #include "fs_mgr_priv_avb.h" #include "fs_mgr_priv_verity.h" #define KEY_LOC_PROP "ro.crypto.keyfile.userdata" #define KEY_IN_FOOTER "footer" Loading Loading @@ -661,6 +660,8 @@ static int handle_encryptable(const struct fstab_rec* rec) } } // TODO: add ueventd notifiers if they don't exist. // This is just doing a wait_for_device for maximum of 1s int fs_mgr_test_access(const char *device) { int tries = 25; while (tries--) { Loading Loading @@ -880,6 +881,24 @@ int fs_mgr_mount_all(struct fstab *fstab, int mount_mode) } } /* wrapper to __mount() and expects a fully prepared fstab_rec, * unlike fs_mgr_do_mount which does more things with avb / verity * etc. */ int fs_mgr_do_mount_one(struct fstab_rec *rec) { if (!rec) { return FS_MGR_DOMNT_FAILED; } int ret = __mount(rec->blk_device, rec->mount_point, rec); if (ret) { ret = (errno == EBUSY) ? FS_MGR_DOMNT_BUSY : FS_MGR_DOMNT_FAILED; } return ret; } /* If tmp_mount_point is non-null, mount the filesystem there. This is for the * tmp mount we do to check the user password * If multiple fstab entries are to be mounted on "n_name", it will try to mount each one Loading Loading @@ -1171,22 +1190,3 @@ int fs_mgr_get_crypt_info(struct fstab *fstab, char *key_loc, char *real_blk_dev return 0; } int fs_mgr_early_setup_verity(struct fstab_rec *fstab_rec) { if ((fstab_rec->fs_mgr_flags & MF_VERIFY) && device_is_secure()) { int rc = fs_mgr_setup_verity(fstab_rec, false); if (__android_log_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) { LINFO << "Verity disabled"; return FS_MGR_EARLY_SETUP_VERITY_NO_VERITY; } else if (rc == FS_MGR_SETUP_VERITY_SUCCESS) { return FS_MGR_EARLY_SETUP_VERITY_SUCCESS; } else { return FS_MGR_EARLY_SETUP_VERITY_FAIL; } } else if (device_is_secure()) { LERROR << "Verity must be enabled for early mounted partitions on secured devices"; return FS_MGR_EARLY_SETUP_VERITY_FAIL; } return FS_MGR_EARLY_SETUP_VERITY_NO_VERITY; }
fs_mgr/fs_mgr_avb.cpp +15 −9 Original line number Diff line number Diff line Loading @@ -441,19 +441,24 @@ static bool get_hashtree_descriptor(const std::string& partition_name, static bool init_is_avb_used() { // When AVB is used, boot loader should set androidboot.vbmeta.{hash_alg, // size, digest} in kernel cmdline. They will then be imported by init // process to system properties: ro.boot.vbmeta.{hash_alg, size, digest}. // size, digest} in kernel cmdline or in device tree. They will then be // imported by init process to system properties: ro.boot.vbmeta.{hash_alg, size, digest}. // // In case of early mount, init properties are not initialized, so we also // ensure we look into kernel command line and device tree if the property is // not found // // Checks hash_alg as an indicator for whether AVB is used. // We don't have to parse and check all of them here. The check will // be done in fs_mgr_load_vbmeta_images() and FS_MGR_SETUP_AVB_FAIL will // be returned when there is an error. std::string hash_alg = android::base::GetProperty("ro.boot.vbmeta.hash_alg", ""); std::string hash_alg; if (fs_mgr_get_boot_config("vbmeta.hash_alg", &hash_alg) == 0) { if (hash_alg == "sha256" || hash_alg == "sha512") { return true; } } return false; } Loading Loading @@ -483,9 +488,10 @@ int fs_mgr_load_vbmeta_images(struct fstab* fstab) { // of HASH partitions into fs_mgr_avb_verify_data, which is not required as // fs_mgr only deals with HASHTREE partitions. const char *requested_partitions[] = {nullptr}; const char* ab_suffix = android::base::GetProperty("ro.boot.slot_suffix", "").c_str(); std::string ab_suffix; fs_mgr_get_boot_config("slot_suffix", &ab_suffix); AvbSlotVerifyResult verify_result = avb_slot_verify(fs_mgr_avb_ops, requested_partitions, ab_suffix, avb_slot_verify(fs_mgr_avb_ops, requested_partitions, ab_suffix.c_str(), fs_mgr_vbmeta_prop.allow_verification_error, &fs_mgr_avb_verify_data); // Only allow two verify results: Loading
fs_mgr/fs_mgr_boot_config.cpp 0 → 100644 +71 −0 Original line number Diff line number Diff line /* * Copyright (C) 2017 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include <android-base/file.h> #include <android-base/stringprintf.h> #include <android-base/strings.h> #include <android-base/properties.h> #include "fs_mgr_priv.h" // Tries to get the boot config value in properties, kernel cmdline and // device tree (in that order). returns 'true' if successfully found, 'false' // otherwise bool fs_mgr_get_boot_config(const std::string& key, std::string* out_val) { FS_MGR_CHECK(out_val != nullptr); // first check if we have "ro.boot" property already *out_val = android::base::GetProperty("ro.boot." + key, ""); if (!out_val->empty()) { return true; } // fallback to kernel cmdline, properties may not be ready yet std::string cmdline; std::string cmdline_key("androidboot." + key); if (android::base::ReadFileToString("/proc/cmdline", &cmdline)) { for (const auto& entry : android::base::Split(android::base::Trim(cmdline), " ")) { std::vector<std::string> pieces = android::base::Split(entry, "="); if (pieces.size() == 2) { if (pieces[0] == cmdline_key) { *out_val = pieces[1]; return true; } } } } // lastly, check the device tree static const std::string android_dt_dir("/proc/device-tree/firmware/android"); std::string file_name = android_dt_dir + "/compatible"; std::string dt_value; if (android::base::ReadFileToString(file_name, &dt_value)) { if (dt_value != "android,firmware") { LERROR << "Error finding compatible android DT node"; return false; } file_name = android_dt_dir + "/" + key; // DT entries terminate with '\0' but so do the properties if (android::base::ReadFileToString(file_name, out_val)) { return true; } LERROR << "Error finding '" << key << "' in device tree"; } return false; }
fs_mgr/fs_mgr_fstab.cpp +5 −0 Original line number Diff line number Diff line Loading @@ -557,6 +557,11 @@ int fs_mgr_is_verified(const struct fstab_rec *fstab) return fstab->fs_mgr_flags & MF_VERIFY; } int fs_mgr_is_verifyatboot(const struct fstab_rec *fstab) { return fstab->fs_mgr_flags & MF_VERIFYATBOOT; } int fs_mgr_is_encryptable(const struct fstab_rec *fstab) { return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT | MF_FORCEFDEORFBE); Loading
