diff options
author | Sami Tolvanen <samitolvanen@google.com> | 2015-01-02 13:30:50 +0000 |
---|---|---|
committer | Sami Tolvanen <samitolvanen@google.com> | 2015-01-05 20:31:25 +0000 |
commit | 13449cd71464c3a644109c469a77bd7fd56c8af8 (patch) | |
tree | 203af11d7f9c1a2f81800767a738ae7fc14208df /adb | |
parent | 69159ba0b70178a24e6f592dfb9d903629c23a09 (diff) | |
download | system_core-13449cd71464c3a644109c469a77bd7fd56c8af8.zip system_core-13449cd71464c3a644109c469a77bd7fd56c8af8.tar.gz system_core-13449cd71464c3a644109c469a77bd7fd56c8af8.tar.bz2 |
Fix disable-verity when the underlying block device is RO
If verity is enabled and the underlying block device is marked
read-only, disable-verity fails. We cannot use the existing code
for enable-verity to make the device writable as the device in
/proc/mounts will be the verity device instead of the underlying
device we want to change. This change makes the correct device
writable when altering verity state.
Change-Id: I423ee50fb34d78cff2fe843318b9081c03c5142d
Diffstat (limited to 'adb')
-rw-r--r-- | adb/adb.h | 2 | ||||
-rw-r--r-- | adb/remount_service.c | 53 | ||||
-rw-r--r-- | adb/set_verity_enable_state_service.c | 12 |
3 files changed, 18 insertions, 49 deletions
@@ -329,7 +329,7 @@ int handle_forward_request(const char* service, transport_type ttype, char* seri #if !ADB_HOST void framebuffer_service(int fd, void *cookie); // Allow enable-verity to write to system and vendor block devices -int make_system_and_vendor_block_devices_writable(); +int make_block_device_writable(const char* dev); void remount_service(int fd, void *cookie); void set_verity_enabled_state_service(int fd, void* cookie); #endif diff --git a/adb/remount_service.c b/adb/remount_service.c index 9746f9a..2479f88 100644 --- a/adb/remount_service.c +++ b/adb/remount_service.c @@ -79,14 +79,12 @@ static int hasVendorPartition() return false; } -static int make_block_device_writable(const char* dir) +int make_block_device_writable(const char* dev) { - char *dev = 0; int fd = -1; int OFF = 0; int rc = -1; - dev = find_mount(dir); if (!dev) goto errout; @@ -104,36 +102,27 @@ errout: if (fd >= 0) { adb_close(fd); } - - if (dev) { - free(dev); - } return rc; } /* Init mounts /system as read only, remount to enable writes. */ static int remount(const char* dir, int* dir_ro) { - char *dev; - - if (dir_ro == 0) { - return 0; - } - - if (make_block_device_writable(dir)) { - return -1; - } + char *dev = 0; + int rc = -1; dev = find_mount(dir); - if (!dev) - return -1; + if (!dev || make_block_device_writable(dev)) { + goto errout; + } - *dir_ro = mount(dev, dir, "none", MS_REMOUNT, NULL); + rc = mount(dev, dir, "none", MS_REMOUNT, NULL); + *dir_ro = rc; +errout: free(dev); - - return *dir_ro; + return rc; } static void write_string(int fd, const char* str) @@ -141,28 +130,6 @@ static void write_string(int fd, const char* str) writex(fd, str, strlen(str)); } -int make_system_and_vendor_block_devices_writable(int fd) -{ - char buffer[200]; - if (make_block_device_writable("/system")) { - snprintf(buffer, sizeof(buffer), - "Failed to make system block device writable %s\n", - strerror(errno)); - write_string(fd, buffer); - return -1; - } - - if (hasVendorPartition() && make_block_device_writable("/vendor")) { - snprintf(buffer, sizeof(buffer), - "Failed to make vendor block device writable: %s\n", - strerror(errno)); - write_string(fd, buffer); - return -1; - } - - return 0; -} - void remount_service(int fd, void *cookie) { char buffer[200]; diff --git a/adb/set_verity_enable_state_service.c b/adb/set_verity_enable_state_service.c index 09e2eb9..2660ddd 100644 --- a/adb/set_verity_enable_state_service.c +++ b/adb/set_verity_enable_state_service.c @@ -87,9 +87,15 @@ static int set_verity_enabled_state(int fd, const char *block_device, const uint32_t new_magic = enable ? VERITY_METADATA_MAGIC_NUMBER : VERITY_METADATA_MAGIC_DISABLE; uint64_t device_length; - int device; + int device = -1; int retval = -1; + if (make_block_device_writable(block_device)) { + write_console(fd, "Could not make block device %s writable (%s).\n", + block_device, strerror(errno)); + goto errout; + } + device = adb_open(block_device, O_RDWR | O_CLOEXEC); if (device == -1) { write_console(fd, "Could not open block device %s (%s).\n", @@ -191,10 +197,6 @@ void set_verity_enabled_state_service(int fd, void* cookie) goto errout; } - if (enable && make_system_and_vendor_block_devices_writable(fd)) { - goto errout; - } - /* Loop through entries looking for ones that vold manages */ for (i = 0; i < fstab->num_entries; i++) { if(fs_mgr_is_verified(&fstab->recs[i])) { |