openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

fs_mgr: set "partition.system.verified" when AVB is used in a A/B device 

In a A/B device, system partition is mounted by kernel as root.
In vboot 1.0, the dm device name of system partition is "system" with
the following configuration in kernel command line:
    - dm="system none ro,0 1 android-verity /dev/sda34"

In AVB, the dm device name is switched to vroot as:
    - dm="1 vroot none ro 1,0 5201456 verity 1 ..."

When sending ioctl DM_TABLE_STATUS to query status, we should use "vroot" as the
dm device name for AVB. But still pass "system" for the callback function to set
property [partition.system.verified] instead of [partition.vroot.verified].

Bug: 36900078
Test: Use AVB to mount system in a A/B device, checks the property exists
      [partition.system.verified]
Test: Use vboot 1.0 to mount system in a A/B device, checks the property exists
      [partition.system.verified]
Test: Checks 'adb remount' will output warning message:
        - dm_verity is enabled on the system and vendor partitions.
        - Use "adb disable-verity" to disable verity.

Change-Id: Iaee7eb2b00b03729bc07fa24f1b449488716d2ea
This commit is contained in:
Bowgo Tsai 2017-04-27 18:18:56 +08:00
parent 8a85c253bf
commit 48fdc292f9
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
fs_mgr/fs_mgr.cpp
View File

@ -1367,7 +1367,8 @@ bool fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback) {
std::string mount_point;
if (system_root && !strcmp(fstab->recs[i].mount_point, "/")) {
mount_point = "system";
// In AVB, the dm device name is vroot instead of system.
mount_point = fs_mgr_is_avb(&fstab->recs[i]) ? "vroot" : "system";
} else {
mount_point = basename(fstab->recs[i].mount_point);
}
@ -1386,6 +1387,10 @@ bool fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback) {
status = &buffer[io->data_start + sizeof(struct dm_target_spec)];
// To be consistent in vboot 1.0 and vboot 2.0 (AVB), change the mount_point
// back to 'system' for the callback. So it has property [partition.system.verified]
// instead of [partition.vroot.verified].
if (mount_point == "vroot") mount_point = "system";
if (*status == 'C' || *status == 'V') {
callback(&fstab->recs[i], mount_point.c_str(), mode, *status);
}