From a2ac846ff3ba09c719e89fadda52f7a21d338b04 Mon Sep 17 00:00:00 2001
From: Bowgo Tsai <bowgotsai@google.com>
Date: Wed, 11 Dec 2019 15:03:00 +0800
Subject: [PATCH] Using a dir /avb for DSU avb keys

Previously the AVB public keys for DSU is hard coded for each key path.
This adds the burden for maintaining the codebase, e.g., need to change
avb_keys each time when any new key is added or some old key is deleted.

With commit Ie74845d8c8e4aa45e8a9e3b862424cec641f8090, it's possible to
load avb keys from a directory. Let's use "/avb" for DSU AVB keys.

Also removing fstab entries that specifying vbmeta_partition. The AVB
keys used in DSU flow should be a separate set from the original
vbmeta.img (or vbmeta_system.img).

The following link has more info about DSU:
  https://developer.android.com/topic/dsu

Bug: 141284191
Bug: 144399552
Test: boot a GSI via DSU

Change-Id: I6bc1e068368e64cb0bbf6ef63805444b35a1fdfb
---
 fs_mgr/fs_mgr_fstab.cpp | 20 ++++----------------
 1 file changed, 4 insertions(+), 16 deletions(-)

diff --git a/fs_mgr/fs_mgr_fstab.cpp b/fs_mgr/fs_mgr_fstab.cpp
index c81a07941..9697a4c28 100644
--- a/fs_mgr/fs_mgr_fstab.cpp
+++ b/fs_mgr/fs_mgr_fstab.cpp
@@ -582,8 +582,7 @@ bool EraseFstabEntry(Fstab* fstab, const std::string& mount_point) {
 }  // namespace
 
 void TransformFstabForDsu(Fstab* fstab, const std::vector<std::string>& dsu_partitions) {
-    static constexpr char kGsiKeys[] =
-            "/avb/q-gsi.avbpubkey:/avb/r-gsi.avbpubkey:/avb/s-gsi.avbpubkey";
+    static constexpr char kDsuKeysDir[] = "/avb";
     // Convert userdata
     // Inherit fstab properties for userdata.
     FstabEntry userdata;
@@ -629,29 +628,18 @@ void TransformFstabForDsu(Fstab* fstab, const std::vector<std::string>& dsu_part
                     .fs_type = "ext4",
                     .flags = MS_RDONLY,
                     .fs_options = "barrier=1",
-                    .avb_keys = kGsiKeys,
+                    .avb_keys = kDsuKeysDir,
             };
             entry.fs_mgr_flags.wait = true;
             entry.fs_mgr_flags.logical = true;
             entry.fs_mgr_flags.first_stage_mount = true;
-            // Use the system key which may be in the vbmeta or vbmeta_system
-            // TODO: b/141284191
-            entry.vbmeta_partition = "vbmeta";
-            fstab->emplace_back(entry);
-            entry.vbmeta_partition = "vbmeta_system";
-            fstab->emplace_back(entry);
         } else {
             // If the corresponding partition exists, transform all its Fstab
             // by pointing .blk_device to the DSU partition.
             for (auto&& entry : entries) {
                 entry->blk_device = partition;
-                if (entry->avb_keys.size() > 0) {
-                    entry->avb_keys += ":";
-                }
-                // If the DSU is signed by OEM, the original Fstab already has the information
-                // required by avb, otherwise the DSU is GSI and will need the avb_keys as listed
-                // below.
-                entry->avb_keys += kGsiKeys;
+                // AVB keys for DSU should always be under kDsuKeysDir.
+                entry->avb_keys += kDsuKeysDir;
             }
             // Make sure the ext4 is included to support GSI.
             auto partition_ext4 =