Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d1fe3bdb authored by Bowgo Tsai's avatar Bowgo Tsai
Browse files

fs_mgr: allow no verity metadata when the device is unlocked. 

To boot with generic system.img for project Treble, we should allow no verity
metadata when the device is unlocked. The previous fix checks system property
"ro.boot.flash.locked" but it's unavailable during first stage mount.
This CL checks "androidboot.verifiedbootstate" in kernel command line instead.

Bug: 63268209
Test: boot sailfish without metadata on /vendor

Change-Id: Ifd1dbeb2a2f09cd06903ecdd59bc94b3905a3fbd
parent 7dbf1a18

fs_mgr/fs_mgr.cpp

+10 −0
Original line number Diff line number Diff line
@@ -457,6 +457,16 @@ int fs_mgr_set_blk_ro(const char *blockdev) 
    return rc;

}



// Orange state means the device is unlocked, see the following link for details.

// https://source.android.com/security/verifiedboot/verified-boot#device_state

bool fs_mgr_is_device_unlocked() {

    std::string verified_boot_state;

    if (fs_mgr_get_boot_config("verifiedbootstate", &verified_boot_state)) {

        return verified_boot_state == "orange";

    }

    return false;

}



/*

 * __mount(): wrapper around the mount() system call which also

 * sets the underlying block device to read-only if the mount is read-only.

fs_mgr/fs_mgr_avb.cpp

+1 −11
Original line number Diff line number Diff line
@@ -473,16 +473,6 @@ static bool get_hashtree_descriptor(const std::string& partition_name, 
    return true;

}



// Orange state means the device is unlocked, see the following link for details.

// https://source.android.com/security/verifiedboot/verified-boot#device_state

static inline bool IsDeviceUnlocked() {

    std::string verified_boot_state;

    if (fs_mgr_get_boot_config("verifiedbootstate", &verified_boot_state)) {

        return verified_boot_state == "orange";

    }

    return false;

}



FsManagerAvbUniquePtr FsManagerAvbHandle::Open(const fstab& fstab) {

    FsManagerAvbOps avb_ops(fstab);

    return DoOpen(&avb_ops);
@@ -498,7 +488,7 @@ FsManagerAvbUniquePtr FsManagerAvbHandle::Open(ByNameSymlinkMap&& by_name_symlin 
}



FsManagerAvbUniquePtr FsManagerAvbHandle::DoOpen(FsManagerAvbOps* avb_ops) {

    bool is_device_unlocked = IsDeviceUnlocked();

    bool is_device_unlocked = fs_mgr_is_device_unlocked();



    FsManagerAvbUniquePtr avb_handle(new FsManagerAvbHandle());

    if (!avb_handle) {

fs_mgr/fs_mgr_priv.h

+1 −0
Original line number Diff line number Diff line
@@ -113,6 +113,7 @@ 
int fs_mgr_set_blk_ro(const char *blockdev);

int fs_mgr_test_access(const char *device);

bool fs_mgr_update_for_slotselect(struct fstab *fstab);

bool fs_mgr_is_device_unlocked();

bool is_dt_compatible();

bool is_device_secure();

int load_verity_state(struct fstab_rec* fstab, int* mode);

fs_mgr/fs_mgr_verity.cpp

+2 −2
Original line number Diff line number Diff line
@@ -782,8 +782,8 @@ int fs_mgr_setup_verity(struct fstab_rec *fstab, bool wait_for_verity_dev) 
    if (fec_verity_get_metadata(f, &verity) < 0) {

        PERROR << "Failed to get verity metadata '" << fstab->blk_device << "'";

        // Allow verity disabled when the device is unlocked without metadata

        if ("0" == android::base::GetProperty("ro.boot.flash.locked", "")) {

            retval = FS_MGR_SETUP_VERITY_DISABLED;

        if (fs_mgr_is_device_unlocked()) {

            retval = FS_MGR_SETUP_VERITY_SKIPPED;

            LWARNING << "Allow invalid metadata when the device is unlocked";

        }

        goto out;