add API to get hash descriptor (b510d2bf) · Commits · e / os / android_system_core

fs_mgr/libfs_avb/avb_util.cpp

+58 −0

Original line number	Diff line number	Diff line
		@@ -124,6 +124,64 @@ bool HashtreeDmVeritySetup(FstabEntry* fstab_entry, const FsAvbHashtreeDescripto
		return true;
		}

		std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
		const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images) {
		bool found = false;
		const uint8_t* desc_partition_name;
		auto hash_desc = std::make_unique<FsAvbHashDescriptor>();

		for (const auto& vbmeta : vbmeta_images) {
		size_t num_descriptors;
		std::unique_ptr<const AvbDescriptor*[], decltype(&avb_free)> descriptors(
		avb_descriptor_get_all(vbmeta.data(), vbmeta.size(), &num_descriptors), avb_free);

		if (!descriptors \|\| num_descriptors < 1) {
		continue;
		}

		for (size_t n = 0; n < num_descriptors && !found; n++) {
		AvbDescriptor desc;
		if (!avb_descriptor_validate_and_byteswap(descriptors[n], &desc)) {
		LWARNING << "Descriptor[" << n << "] is invalid";
		continue;
		}
		if (desc.tag == AVB_DESCRIPTOR_TAG_HASH) {
		desc_partition_name = (const uint8_t*)descriptors[n] + sizeof(AvbHashDescriptor);
		if (!avb_hash_descriptor_validate_and_byteswap((AvbHashDescriptor*)descriptors[n],
		hash_desc.get())) {
		continue;
		}
		if (hash_desc->partition_name_len != partition_name.length()) {
		continue;
		}
		// Notes that desc_partition_name is not NUL-terminated.
		std::string hash_partition_name((const char*)desc_partition_name,
		hash_desc->partition_name_len);
		if (hash_partition_name == partition_name) {
		found = true;
		}
		}
		}

		if (found) break;
		}

		if (!found) {
		LERROR << "Hash descriptor not found: " << partition_name;
		return nullptr;
		}

		hash_desc->partition_name = partition_name;

		const uint8_t* desc_salt = desc_partition_name + hash_desc->partition_name_len;
		hash_desc->salt = BytesToHex(desc_salt, hash_desc->salt_len);

		const uint8_t* desc_digest = desc_salt + hash_desc->salt_len;
		hash_desc->digest = BytesToHex(desc_digest, hash_desc->digest_len);

		return hash_desc;
		}

		std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
		const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images) {
		bool found = false;

fs_mgr/libfs_avb/avb_util.h

+3 −0

Original line number	Diff line number	Diff line
		@@ -40,6 +40,9 @@ struct ChainInfo {
		std::string GetAvbPropertyDescriptor(const std::string& key,
		const std::vector<VBMetaData>& vbmeta_images);

		std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
		const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images);

		// AvbHashtreeDescriptor to dm-verity table setup.
		std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
		const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images);

fs_mgr/libfs_avb/fs_avb_util.cpp

+10 −0

Original line number	Diff line number	Diff line
		@@ -74,5 +74,15 @@ std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
		return GetHashtreeDescriptor(avb_partition_name, vbmeta_images);
		}

		// Given a path, loads and verifies the vbmeta, to extract the Avb Hash descriptor.
		std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(const std::string& avb_partition_name,
		VBMetaData&& vbmeta) {
		if (!vbmeta.size()) return nullptr;

		std::vector<VBMetaData> vbmeta_images;
		vbmeta_images.emplace_back(std::move(vbmeta));
		return GetHashDescriptor(avb_partition_name, vbmeta_images);
		}

		} // namespace fs_mgr
		} // namespace android

fs_mgr/libfs_avb/include/fs_avb/fs_avb_util.h

+11 −0

Original line number	Diff line number	Diff line
		@@ -32,9 +32,20 @@ std::unique_ptr<VBMetaData> LoadAndVerifyVbmeta(const FstabEntry& fstab_entry,
		std::string* out_avb_partition_name,
		VBMetaVerifyResult* out_verify_result);

		// Loads the single vbmeta from a given path.
		std::unique_ptr<VBMetaData> LoadAndVerifyVbmetaByPath(
		const std::string& image_path, const std::string& partition_name,
		const std::string& expected_public_key_blob, bool allow_verification_error,
		bool rollback_protection, bool is_chained_vbmeta, std::string* out_public_key_data,
		bool* out_verification_disabled, VBMetaVerifyResult* out_verify_result);

		// Gets the hashtree descriptor for avb_partition_name from the vbmeta.
		std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
		const std::string& avb_partition_name, VBMetaData&& vbmeta);

		// Gets the hash descriptor for avb_partition_name from the vbmeta.
		std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(const std::string& avb_partition_name,
		VBMetaData&& vbmeta);

		} // namespace fs_mgr
		} // namespace android

fs_mgr/libfs_avb/include/fs_avb/types.h

+6 −0

Original line number	Diff line number	Diff line
		@@ -55,6 +55,12 @@ enum class AvbHandleStatus {

		std::ostream& operator<<(std::ostream& os, AvbHandleStatus status);

		struct FsAvbHashDescriptor : AvbHashDescriptor {
		std::string partition_name;
		std::string salt;
		std::string digest;
		};

		struct FsAvbHashtreeDescriptor : AvbHashtreeDescriptor {
		std::string partition_name;
		std::string salt;