Use the correct device name when system is mounted as root, and
validate dm-verity status to avoid confusing it with dm-linear.
Bug: 29277442
Change-Id: I36e115189f9a9430bad4bf89f26a376bcb8e8168
If signature verification fails and we have an error corrected
signature available, attempt to verify that instead.
Needs changes from
Ie913c21ba1d07d6df4c6feeb7226b2ec963f4d19
Bug: 28943429
Change-Id: I7d48701916fe430b17aa05acb120f22a1802733d
The dm-verity metadata contains the block device path that is given to
the dm-android-verity driver. If the device is using slot A/B, this
path is missing the slot suffix.
This patch makes fs_mgr replace all the block device path reference
with the one including the active slot suffix.
Change-Id: Ib624d0d18b12a8a287cac7f15605a2e0fb7c97c6
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
Bug: 28845874
This option allows fs_mgr to ignore mount errors on an optional
partition to allow booting to continue.
Bug: 28071890
Change-Id: I71a2b3c1c573297cab18884b4c4bd7c27ced2901
This reverts commit 2cd762d932.
This change adds 12 seconds or so to boot times - we need to revert it
and see if we can find a proper fix to the original problem if it is
still occurring.
Bug: 27849759
Change-Id: Ib3692e436c08468a51529f256f2ce5e9ccd2d35d
Don't look for breadcrumb files like convert_fde unless the fstab
flags indicate we actually care whether they are present or absent.
Bug: 26989796
Change-Id: I3cde9896b22fc6f5a4b63dc3f97ac4e3588b5568
Set up dm-verity even if kernel configuration doesn't have
CONFIG_DM_VERITY_FEC set. Fall back to the always safe EIO
mode if dm-verity doesn't support feature arguments.
Bug: 21893453
Change-Id: I4812bd74801c0abc8da479230f48b752858f9cd8
Until we figure out what is causing the filesystem
created on hammerhead's factory reset to be invalid,
force e2fsck to run
Bug:24763183
Change-Id: Iff015097ab8c22084f485ce77d5a4c47442bcf7c
If the device is corrupted, set up dm-verity in EIO mode instead of
logging mode. This prevents corrupted blocks from being returned to
user space. Note that restart mode is used by default and a warning
will be displayed to the user after corruption is first detected.
Bug: 19277516
Change-Id: I38966d73eb814836bc34b4bad1192583e5010b36
Change encryption to happen after a reboot, not before. This
removes the problem whereby if data cannot be unmounted, we cannot
encrypt.
Bug: 25426629
Change-Id: Icb2ec6cf330b5cc45b7e944c858a314f983fcaa4
This set of changes adds the screen that offers this conversion,
and the plumbing so the option is only available on suitable
devices.
It does not implement the conversion mechanism.
Change-Id: Idbe5ef5d5fad197cc8187e1b288c57feef2c2c0b
Set properties on verity_update_state even if verity state management
is not used.
Bug: 24865045
Change-Id: Ic68a9e1a230c959eeb2a769260ff7d8e100cb1e1
(cherry picked from 0eb0516665678aec7712d88b51c96aaf8b312060)
The if (read(...size) != size) pattern is unreliable, switch
to the android base ReadFully which wraps read in a loop.
Change-Id: I2324e4c45da3c9b53b18df6eb09ce69a6604b5d1
This is the minimal change just to keep it building, and doesn't
attempt to clean up any of the code.
Change-Id: I975710322ae33d8946497df25bf85b2fe28976a4
Currently, the device doesn't mount verified partitions if the
verity table signature is invalid, which usually means it fails to
boot. This change instead sets up dm-verity with an invalid root
hash and triggers device-specific error handling to recover from
the corruption.
Bug: 24256506
Change-Id: I6d693306fa0e7459c5500b028e433df61ecea6fb
(cherry picked from commit 47caa5c386)
Currently, the device doesn't mount verified partitions if the
verity table signature is invalid, which usually means it fails to
boot. This change instead sets up dm-verity with an invalid root
hash and triggers device-specific error handling to recover from
the corruption.
Bug: 24256506
Change-Id: I6d693306fa0e7459c5500b028e433df61ecea6fb
(cherry picked from commit 47caa5c386)
Instead of falling back to suffix _a, we now error out if neither the
kernel commandline nor the misc partition specifies the suffix. It's
cleaner this way.
Change-Id: I3f58928a664433504ebdf8d0ee05a319be5097cf
This will make fs_mgr look in the misc partition for the A/B suffix to
use if one of more fstab entries is using the slotselect option and the
bootloader doesn't specify the suffix.
Change-Id: I24233195f60dd352bf8e7ac32b0d95dcd3323156
Allow partitions to be marked as A/B partitions
using the slotselect flag in fstab. The partitions
can be identified by appending the correct suffix
to the block device listed in the fstab. The suffix
is provided by the bootloader through a command line
parameter or the device tree, and can be found in
ro.boot.slot_suffix or read from the boot_control HAL.
Change-Id: I6846d80e857f95bfb8f282f4ab81167394613bbe
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Sami Tolvanen