Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit b51722b4 authored by bowgotsai's avatar bowgotsai
Browse files

fs_mgr: support using libavb to enable dm-verity 

external/avb/libavb provides the new Android Verified Boot (AVB) flow.
It has different verity metadata format than previous formats in
fs_mgr_verity.cpp fs_mgr should support using libavb to read the metadata
(a.k.a. HASHTREE descriptor in AVB) to enable dm-verity in kernel.

Two important files in this commit:

 - fs_mgr_avb_ops.c: an implementation of struct AvbOps* for libavb to do
   platform dependent I/O operations, e.g., read_from_partition.

 - fs_mgr_avb.cpp: it reads the metadata (a.k.a. vbmeta images in AVB) from
   all partitions, verifies its integrity against the values of
   androidboot.vbmeta.{hash_alg, size, digest} passed from bootloader in
   kernel command line. Then enable dm-verity for partitions having the
   corresponding HASHTREE descriptor and with an 'avb' fstab flag.

Bug: 31264231
Test: Enable dm-verity on /system partition
Test: Enable dm-verity with FEC on /system partition

Change-Id: I4652806984fe5a30c61be0839135b5ca78323d38
parent 894f3ea7
Expand all Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment