Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f2d93ceb authored by Nathan Huckleberry's avatar Nathan Huckleberry Committed by Gerrit Code Review
Browse files

Merge changes I8174adf8,I9d252b0b 

* changes:
  Expose system property for dm-verity check_at_most_once
  Fix flaky AVB test from late verity_update_state
parents 5e524e28 997d738d

fs_mgr/fs_mgr.cpp

+7 −21
Original line number Diff line number Diff line
@@ -2191,36 +2191,22 @@ std::optional<HashtreeInfo> fs_mgr_get_hashtree_info(const android::fs_mgr::Fsta 
        std::vector<std::string> tokens = android::base::Split(target.data, " \t\r\n");

        if (tokens[0] != "0" && tokens[0] != "1") {

            LOG(WARNING) << "Unrecognized device mapper version in " << target.data;

            return {};

        }



        // Hashtree algorithm & root digest are the 8th & 9th token in the output.

        return HashtreeInfo{.algorithm = android::base::Trim(tokens[7]),

                            .root_digest = android::base::Trim(tokens[8])};

        return HashtreeInfo{

                .algorithm = android::base::Trim(tokens[7]),

                .root_digest = android::base::Trim(tokens[8]),

                .check_at_most_once = target.data.find("check_at_most_once") != std::string::npos};

    }



    return {};

}



bool fs_mgr_verity_is_check_at_most_once(const android::fs_mgr::FstabEntry& entry) {

    if (!entry.fs_mgr_flags.avb) {

        return false;

    }



    DeviceMapper& dm = DeviceMapper::Instance();

    std::string device = GetVerityDeviceName(entry);



    std::vector<DeviceMapper::TargetInfo> table;

    if (dm.GetState(device) == DmDeviceState::INVALID || !dm.GetTableInfo(device, &table)) {

        return false;

    }

    for (const auto& target : table) {

        if (strcmp(target.spec.target_type, "verity") == 0 &&

            target.data.find("check_at_most_once") != std::string::npos) {

            return true;

        }

    }

    return false;

    auto hashtree_info = fs_mgr_get_hashtree_info(entry);

    if (!hashtree_info) return false;

    return hashtree_info->check_at_most_once;

}



std::string fs_mgr_get_super_partition_name(int slot) {

fs_mgr/include/fs_mgr.h

+2 −0
Original line number Diff line number Diff line
@@ -71,6 +71,8 @@ struct HashtreeInfo { 
    std::string algorithm;

    // The root digest of the merkle tree.

    std::string root_digest;

    // If check_at_most_once is enabled.

    bool check_at_most_once;

};



// fs_mgr_mount_all() updates fstab entries that reference device-mapper.

init/builtins.cpp

+2 −0
Original line number Diff line number Diff line
@@ -879,6 +879,8 @@ static Result<void> do_verity_update_state(const BuiltinArguments& args) { 
            SetProperty("partition." + partition + ".verified.hash_alg", hashtree_info->algorithm);

            SetProperty("partition." + partition + ".verified.root_digest",

                        hashtree_info->root_digest);

            SetProperty("partition." + partition + ".verified.check_at_most_once",

                        hashtree_info->check_at_most_once ? "1" : "0");

        }

    }

rootdir/init.rc

+3 −3
Original line number Diff line number Diff line
@@ -1037,6 +1037,9 @@ on post-fs-data 
    # Enable FUSE by default

    setprop persist.sys.fuse true



    # Update dm-verity state and set partition.*.verified properties.

    verity_update_state



# It is recommended to put unnecessary data/ initialization from post-fs-data

# to start-zygote in device's init.rc to unblock zygote start.

on zygote-start && property:ro.crypto.state=unencrypted
@@ -1175,9 +1178,6 @@ on boot 
    # Define default initial receive window size in segments.

    setprop net.tcp_def_init_rwnd 60



    # Update dm-verity state and set partition.*.verified properties.

    verity_update_state



    # Start standard binderized HAL daemons

    class_start hal