diff options
| author | Sami Tolvanen <samitolvanen@google.com> | 2015-06-19 16:08:41 +0100 |
|---|---|---|
| committer | Sami Tolvanen <samitolvanen@google.com> | 2015-07-15 19:13:43 +0000 |
| commit | 83d8701b0610882009bbdccad6ae8542e0d9eeee (patch) | |
| tree | 1b316fadc16073ea8bc5b9e53f511ffc4cb4befa /fs_mgr | |
| parent | a2d1f098dfc9d1a6e52229457bab8ca5a47bda55 (diff) | |
| download | system_core-83d8701b0610882009bbdccad6ae8542e0d9eeee.zip system_core-83d8701b0610882009bbdccad6ae8542e0d9eeee.tar.gz system_core-83d8701b0610882009bbdccad6ae8542e0d9eeee.tar.bz2 | |
Update partition.*.verified even with ro.boot.veritymode set
We need to have partition.*.verified properties even when bootloader
is managing dm-verity mode, because we may have failed to set up the
verified partition and need a property to indicate this.
This means we still need to run fs_mgr_update_verity_state and walk
through all the partitions to verify the device mapper status, just
without updating verity mode.
Bug: 22489805
Bug: 22507568
Change-Id: Iaf28185adb8b80e5452447e54e1f4e4417a34168
(cherry picked from commit 2f42554f18e2ba3d40b736ff9ff21e79953e86a5)
Diffstat (limited to 'fs_mgr')
| -rw-r--r-- | fs_mgr/fs_mgr_verity.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/fs_mgr/fs_mgr_verity.c b/fs_mgr/fs_mgr_verity.c index 2d1abbe..60f5398 100644 --- a/fs_mgr/fs_mgr_verity.c +++ b/fs_mgr/fs_mgr_verity.c @@ -859,6 +859,7 @@ out: int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback) { _Alignas(struct dm_ioctl) char buffer[DM_BUF_SIZE]; + bool use_state = true; char fstab_filename[PROPERTY_VALUE_MAX + sizeof(FSTAB_PREFIX)]; char *mount_point; char propbuf[PROPERTY_VALUE_MAX]; @@ -875,7 +876,10 @@ int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback) property_get("ro.boot.veritymode", propbuf, ""); if (*propbuf != '\0') { - return 0; /* state is kept by the bootloader */ + if (fs_mgr_load_verity_state(&mode) == -1) { + return -1; + } + use_state = false; /* state is kept by the bootloader */ } fd = TEMP_FAILURE_RETRY(open("/dev/device-mapper", O_RDWR | O_CLOEXEC)); @@ -900,9 +904,11 @@ int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback) continue; } - if (get_verity_state_offset(&fstab->recs[i], &offset) < 0 || - read_verity_state(fstab->recs[i].verity_loc, offset, &mode) < 0) { - continue; + if (use_state) { + if (get_verity_state_offset(&fstab->recs[i], &offset) < 0 || + read_verity_state(fstab->recs[i].verity_loc, offset, &mode) < 0) { + continue; + } } mount_point = basename(fstab->recs[i].mount_point); @@ -916,7 +922,7 @@ int fs_mgr_update_verity_state(fs_mgr_verity_state_callback callback) status = &buffer[io->data_start + sizeof(struct dm_target_spec)]; - if (*status == 'C') { + if (use_state && *status == 'C') { if (write_verity_state(fstab->recs[i].verity_loc, offset, VERITY_MODE_LOGGING) < 0) { continue; |