Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit a0aaf24d authored by Bowgo Tsai's avatar Bowgo Tsai
Browse files

fs_mgr_avb: allow verification error when the device is unlocked 

Current AVB flow in fs_mgr doesn't allow verification error even if the
device is unlocked. This makes first stage mount fail when the device
is flashed with a different-sized boot.img because there is verification
error (HASH_MISMATCH) for the boot partition.

Fix this by allowing verification error only when the device is
unlocked. Whether to enable dm-verity for HASHTREE partitions is still
controlled by the HASHTREE_DISABLED flag in the top-level vbmeta.

Bug: 37985430
Test: First stage mount /vendor with AVB on a device.
      Check dm-verity is enabled on /vendor.
Test: Unlock device, flash a different-sized boot.img. Boot device and check
      dm-verity is still enabled on /vendor.
Test: First stage mount /vendor with AVB on a device with HASHTREE_DISABLED
      is set on the top-level vbmeta, check dm-verity is not enable on /vendor.

Change-Id: I709431bc1c37e4f86133d171cee8e90621cdb857
Merged-In: I709431bc1c37e4f86133d171cee8e90621cdb857
(cherry picked from commit 11409548)
parent 886b1b45
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment