openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

fs_mg: allow getting VBMeta Digest from device-tree 

fs_mgr gets androidboot.vbmeta.{size, hash_alg, digest} from kernel
cmdline to assure the integrity of all vbmeta structs. This CL Allows
fs_mgr to get those parameters from device tree because they're only
consumed by userland instead of kernel.

  https://android.googlesource.com/platform/external/avb/+/master#The-VBMeta-Digest

Bootloader could construct a device tree overlay at run time then merge
it into main device tree. e.g.,

    firmware {
        android {
            vbmeta.size = "5245";
            vbmeta.hash_alg = "sha256";
            vbmeta.digest = "0c51233ca3ecaa...63c6d912e79b709";
        };
    };

Bug: 80168311
Test: boot a device using AVB

Change-Id: I6cf151713af04e6cf554d593e9f0b43e9e214d8c
This commit is contained in:
Bowgo Tsai 2018-06-11 17:08:01 +08:00
parent 158dd05b8a
commit 3474297379
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
fs_mgr/fs_mgr_avb.cpp
View File

@ -146,7 +146,7 @@ std::unique_ptr<FsManagerAvbVerifier> FsManagerAvbVerifier::Create() {
}
std::string value;
if (!fs_mgr_get_boot_config_from_kernel_cmdline("vbmeta.size", &value) ||
if (!fs_mgr_get_boot_config("vbmeta.size", &value) ||
!android::base::ParseUint(value.c_str(), &avb_verifier->vbmeta_size_)) {
LERROR << "Invalid hash size: " << value.c_str();
return nullptr;
@ -155,7 +155,7 @@ std::unique_ptr<FsManagerAvbVerifier> FsManagerAvbVerifier::Create() {
// Reads hash algorithm.
size_t expected_digest_size = 0;
std::string hash_alg;
fs_mgr_get_boot_config_from_kernel_cmdline("vbmeta.hash_alg", &hash_alg);
fs_mgr_get_boot_config("vbmeta.hash_alg", &hash_alg);
if (hash_alg == "sha256") {
expected_digest_size = SHA256_DIGEST_LENGTH * 2;
avb_verifier->hash_alg_ = kSHA256;
@ -169,7 +169,7 @@ std::unique_ptr<FsManagerAvbVerifier> FsManagerAvbVerifier::Create() {
// Reads digest.
std::string digest;
fs_mgr_get_boot_config_from_kernel_cmdline("vbmeta.digest", &digest);
fs_mgr_get_boot_config("vbmeta.digest", &digest);
if (digest.size() != expected_digest_size) {
LERROR << "Unexpected digest size: " << digest.size()
<< " (expected: " << expected_digest_size << ")";