diff options
author | Nick Kralevich <nnk@google.com> | 2014-10-08 23:58:59 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2014-10-08 23:59:00 +0000 |
commit | a49bfc0d2620a9ad95ddfa7ec61ce06a77066d97 (patch) | |
tree | 4e105447943b41b5718f7abcc6207dfab7b84a86 | |
parent | fd4f05ce058cfff745c1edbe06d0703cc4a2954d (diff) | |
parent | 152d2d4234ba89e0c20c4af13e291b6049a7bc33 (diff) | |
download | core-a49bfc0d2620a9ad95ddfa7ec61ce06a77066d97.tar.gz core-a49bfc0d2620a9ad95ddfa7ec61ce06a77066d97.tar.bz2 core-a49bfc0d2620a9ad95ddfa7ec61ce06a77066d97.zip |
Merge "Revert "Enable verity on userdebug, and add disable-verity to adb"" into lmp-mr1-dev
-rw-r--r-- | adb/Android.mk | 15 | ||||
-rw-r--r-- | adb/adb.h | 1 | ||||
-rw-r--r-- | adb/commandline.c | 6 | ||||
-rw-r--r-- | adb/disable_verity_service.c | 199 | ||||
-rw-r--r-- | adb/services.c | 2 | ||||
-rw-r--r-- | fs_mgr/Android.mk | 4 | ||||
-rw-r--r-- | fs_mgr/fs_mgr.c | 26 | ||||
-rw-r--r-- | fs_mgr/fs_mgr_fstab.c | 5 | ||||
-rw-r--r-- | fs_mgr/fs_mgr_priv_verity.h | 5 | ||||
-rw-r--r-- | fs_mgr/fs_mgr_verity.c | 39 | ||||
-rw-r--r-- | fs_mgr/include/fs_mgr.h | 8 |
11 files changed, 24 insertions, 286 deletions
diff --git a/adb/Android.mk b/adb/Android.mk index b70c153db..af7d7e58b 100644 --- a/adb/Android.mk +++ b/adb/Android.mk @@ -111,7 +111,6 @@ LOCAL_SRC_FILES := \ jdwp_service.c \ framebuffer_service.c \ remount_service.c \ - disable_verity_service.c \ usb_linux_client.c LOCAL_CFLAGS := -O2 -g -DADB_HOST=0 -Wall -Wno-unused-parameter -Werror @@ -121,25 +120,13 @@ ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT))) LOCAL_CFLAGS += -DALLOW_ADBD_ROOT=1 endif -ifneq (,$(filter userdebug,$(TARGET_BUILD_VARIANT))) -LOCAL_CFLAGS += -DALLOW_ADBD_DISABLE_VERITY=1 -endif - LOCAL_MODULE := adbd LOCAL_FORCE_STATIC_EXECUTABLE := true LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT_SBIN) LOCAL_UNSTRIPPED_PATH := $(TARGET_ROOT_OUT_SBIN_UNSTRIPPED) -LOCAL_C_INCLUDES += system/extras/ext4_utils system/core/fs_mgr/include - -LOCAL_STATIC_LIBRARIES := liblog \ - libfs_mgr \ - libcutils \ - libc \ - libmincrypt \ - libselinux \ - libext4_utils_static +LOCAL_STATIC_LIBRARIES := liblog libcutils libc libmincrypt libselinux include $(BUILD_EXECUTABLE) @@ -329,7 +329,6 @@ int handle_forward_request(const char* service, transport_type ttype, char* seri #if !ADB_HOST void framebuffer_service(int fd, void *cookie); void remount_service(int fd, void *cookie); -void disable_verity_service(int fd, void* cookie); #endif /* packet allocator */ diff --git a/adb/commandline.c b/adb/commandline.c index 87baeb909..05b4ef6fc 100644 --- a/adb/commandline.c +++ b/adb/commandline.c @@ -189,7 +189,6 @@ void help() "\n" " adb restore <file> - restore device contents from the <file> backup archive\n" "\n" - " adb disable-verity - disable dm-verity checking on USERDEBUG builds\n" " adb help - show this help message\n" " adb version - show version num\n" "\n" @@ -206,7 +205,8 @@ void help() " adb reboot-bootloader - reboots the device into the bootloader\n" " adb root - restarts the adbd daemon with root permissions\n" " adb usb - restarts the adbd daemon listening on USB\n" - " adb tcpip <port> - restarts the adbd daemon listening on TCP on the specified port\n" + " adb tcpip <port> - restarts the adbd daemon listening on TCP on the specified port" + "\n" "networking:\n" " adb ppp <tty> [parameters] - Run PPP over USB.\n" " Note: you should not automatically start a PPP connection.\n" @@ -1437,7 +1437,7 @@ top: if(!strcmp(argv[0], "remount") || !strcmp(argv[0], "reboot") || !strcmp(argv[0], "reboot-bootloader") || !strcmp(argv[0], "tcpip") || !strcmp(argv[0], "usb") - || !strcmp(argv[0], "root") || !strcmp(argv[0], "disable-verity")) { + || !strcmp(argv[0], "root")) { char command[100]; if (!strcmp(argv[0], "reboot-bootloader")) snprintf(command, sizeof(command), "reboot:bootloader"); diff --git a/adb/disable_verity_service.c b/adb/disable_verity_service.c deleted file mode 100644 index ed3da5210..000000000 --- a/adb/disable_verity_service.c +++ /dev/null @@ -1,199 +0,0 @@ -/* - * Copyright (C) 2014 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "sysdeps.h" - -#define TRACE_TAG TRACE_ADB -#include "adb.h" - -#include <stdio.h> -#include <stdarg.h> -#include <sys/stat.h> -#include <fcntl.h> -#include <inttypes.h> - -#include "cutils/properties.h" -#include "ext4_sb.h" -#include <fs_mgr.h> - -#define FSTAB_PREFIX "/fstab." -struct fstab *fstab; - -__attribute__((__format__(printf, 2, 3))) __nonnull((2)) -static void write_console(int fd, const char* format, ...) -{ - char buffer[256]; - va_list args; - va_start (args, format); - vsnprintf (buffer, sizeof(buffer), format, args); - va_end (args); - - adb_write(fd, buffer, strnlen(buffer, sizeof(buffer))); -} - -static int get_target_device_size(int fd, const char *blk_device, - uint64_t *device_size) -{ - int data_device; - struct ext4_super_block sb; - struct fs_info info; - - info.len = 0; /* Only len is set to 0 to ask the device for real size. */ - - data_device = adb_open(blk_device, O_RDONLY | O_CLOEXEC); - if (data_device < 0) { - write_console(fd, "Error opening block device (%s)\n", strerror(errno)); - return -1; - } - - if (lseek64(data_device, 1024, SEEK_SET) < 0) { - write_console(fd, "Error seeking to superblock\n"); - adb_close(data_device); - return -1; - } - - if (adb_read(data_device, &sb, sizeof(sb)) != sizeof(sb)) { - write_console(fd, "Error reading superblock\n"); - adb_close(data_device); - return -1; - } - - ext4_parse_sb(&sb, &info); - *device_size = info.len; - - adb_close(data_device); - return 0; -} - -static int disable_verity(int fd, const char *block_device, - const char* mount_point) -{ - uint32_t magic_number; - const uint32_t voff = VERITY_METADATA_MAGIC_DISABLE; - uint64_t device_length; - int device; - int retval = -1; - - device = adb_open(block_device, O_RDWR | O_CLOEXEC); - if (device == -1) { - write_console(fd, "Could not open block device %s (%s).\n", - block_device, strerror(errno)); - write_console(fd, "Maybe run adb remount?\n"); - goto errout; - } - - // find the start of the verity metadata - if (get_target_device_size(fd, (char*)block_device, &device_length) < 0) { - write_console(fd, "Could not get target device size.\n"); - goto errout; - } - - if (lseek64(device, device_length, SEEK_SET) < 0) { - write_console(fd, - "Could not seek to start of verity metadata block.\n"); - goto errout; - } - - // check the magic number - if (adb_read(device, &magic_number, sizeof(magic_number)) - != sizeof(magic_number)) { - write_console(fd, "Couldn't read magic number!\n"); - goto errout; - } - - if (magic_number == VERITY_METADATA_MAGIC_DISABLE) { - write_console(fd, "Verity already disabled on %s\n", mount_point); - goto errout; - } - - if (magic_number != VERITY_METADATA_MAGIC_NUMBER) { - write_console(fd, - "Couldn't find verity metadata at offset %"PRIu64"!\n", - device_length); - goto errout; - } - - if (lseek64(device, device_length, SEEK_SET) < 0) { - write_console(fd, - "Could not seek to start of verity metadata block.\n"); - goto errout; - } - - if (adb_write(device, &voff, sizeof(voff)) != sizeof(voff)) { - write_console(fd, "Could not set verity disabled flag on device %s\n", - block_device); - goto errout; - } - - write_console(fd, "Verity disabled on %s\n", mount_point); - retval = 0; -errout: - if (device != -1) - adb_close(device); - return retval; -} - -void disable_verity_service(int fd, void* cookie) -{ -#ifdef ALLOW_ADBD_DISABLE_VERITY - char fstab_filename[PROPERTY_VALUE_MAX + sizeof(FSTAB_PREFIX)]; - char propbuf[PROPERTY_VALUE_MAX]; - int i; - bool any_disabled = false; - - property_get("ro.secure", propbuf, "0"); - if (strcmp(propbuf, "1")) { - write_console(fd, "verity not enabled - ENG build\n"); - goto errout; - } - - property_get("ro.debuggable", propbuf, "0"); - if (strcmp(propbuf, "1")) { - write_console(fd, "verity cannot be disabled - USER build\n"); - goto errout; - } - - property_get("ro.hardware", propbuf, ""); - snprintf(fstab_filename, sizeof(fstab_filename), FSTAB_PREFIX"%s", propbuf); - - fstab = fs_mgr_read_fstab(fstab_filename); - if (!fstab) { - write_console(fd, "Failed to open %s\nMaybe run adb root?\n", - fstab_filename); - goto errout; - } - - /* Loop through entries looking for ones that vold manages */ - for (i = 0; i < fstab->num_entries; i++) { - if(fs_mgr_is_verified(&fstab->recs[i])) { - if (!disable_verity(fd, fstab->recs[i].blk_device, - fstab->recs[i].mount_point)) { - any_disabled = true; - } - } - } - - if (any_disabled) { - write_console(fd, - "Now reboot your device for settings to take effect\n"); - } -#else - write_console(fd, "disable-verity only works for userdebug builds\n"); -#endif - -errout: - adb_close(fd); -} diff --git a/adb/services.c b/adb/services.c index 21b08dc20..e61371ab1 100644 --- a/adb/services.c +++ b/adb/services.c @@ -469,8 +469,6 @@ int service_to_fd(const char *name) free(cookie); } } - } else if(!strncmp(name, "disable-verity:", 15)) { - ret = create_service_thread(disable_verity_service, NULL); #endif } if (ret >= 0) { diff --git a/fs_mgr/Android.mk b/fs_mgr/Android.mk index 61bf1ee6a..7cffc37a5 100644 --- a/fs_mgr/Android.mk +++ b/fs_mgr/Android.mk @@ -13,10 +13,6 @@ LOCAL_C_INCLUDES += system/extras/ext4_utils LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include LOCAL_CFLAGS := -Werror -ifneq (,$(filter userdebug,$(TARGET_BUILD_VARIANT))) -LOCAL_CFLAGS += -DALLOW_ADBD_DISABLE_VERITY=1 -endif - include $(BUILD_STATIC_LIBRARY) diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c index 40878c1f6..91e6c3326 100644 --- a/fs_mgr/fs_mgr.c +++ b/fs_mgr/fs_mgr.c @@ -245,16 +245,6 @@ static int device_is_debuggable() { return strcmp(value, "1") ? 0 : 1; } -static int device_is_secure() { - int ret = -1; - char value[PROP_VALUE_MAX]; - ret = __system_property_get("ro.secure", value); - /* If error, we want to fail secure */ - if (ret < 0) - return 1; - return strcmp(value, "0") ? 1 : 0; -} - /* * Tries to mount any of the consecutive fstab entries that match * the mountpoint of the one given by fstab->recs[start_idx]. @@ -360,11 +350,9 @@ int fs_mgr_mount_all(struct fstab *fstab) wait_for_file(fstab->recs[i].blk_device, WAIT_TIMEOUT); } - if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) { - int rc = fs_mgr_setup_verity(&fstab->recs[i]); - if (device_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) { - INFO("Verity disabled"); - } else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) { + if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && + !device_is_debuggable()) { + if (fs_mgr_setup_verity(&fstab->recs[i]) < 0) { ERROR("Could not set up verified partition, skipping!\n"); continue; } @@ -479,11 +467,9 @@ int fs_mgr_do_mount(struct fstab *fstab, char *n_name, char *n_blk_device, fstab->recs[i].mount_point); } - if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) { - int rc = fs_mgr_setup_verity(&fstab->recs[i]); - if (device_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) { - INFO("Verity disabled"); - } else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) { + if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && + !device_is_debuggable()) { + if (fs_mgr_setup_verity(&fstab->recs[i]) < 0) { ERROR("Could not set up verified partition, skipping!\n"); continue; } diff --git a/fs_mgr/fs_mgr_fstab.c b/fs_mgr/fs_mgr_fstab.c index ab8f128ce..3f841792c 100644 --- a/fs_mgr/fs_mgr_fstab.c +++ b/fs_mgr/fs_mgr_fstab.c @@ -418,11 +418,6 @@ int fs_mgr_is_nonremovable(struct fstab_rec *fstab) return fstab->fs_mgr_flags & MF_NONREMOVABLE; } -int fs_mgr_is_verified(struct fstab_rec *fstab) -{ - return fstab->fs_mgr_flags & MF_VERIFY; -} - int fs_mgr_is_encryptable(struct fstab_rec *fstab) { return fstab->fs_mgr_flags & (MF_CRYPT | MF_FORCECRYPT); diff --git a/fs_mgr/fs_mgr_priv_verity.h b/fs_mgr/fs_mgr_priv_verity.h index f90e59683..61937849a 100644 --- a/fs_mgr/fs_mgr_priv_verity.h +++ b/fs_mgr/fs_mgr_priv_verity.h @@ -14,7 +14,4 @@ * limitations under the License. */ -#define FS_MGR_SETUP_VERITY_DISABLED -2 -#define FS_MGR_SETUP_VERITY_FAIL -1 -#define FS_MGR_SETUP_VERITY_SUCCESS 0 -int fs_mgr_setup_verity(struct fstab_rec *fstab); +int fs_mgr_setup_verity(struct fstab_rec *fstab);
\ No newline at end of file diff --git a/fs_mgr/fs_mgr_verity.c b/fs_mgr/fs_mgr_verity.c index ef87ddce9..b79a4a842 100644 --- a/fs_mgr/fs_mgr_verity.c +++ b/fs_mgr/fs_mgr_verity.c @@ -43,6 +43,7 @@ #include "fs_mgr_priv_verity.h" #define VERITY_METADATA_SIZE 32768 +#define VERITY_METADATA_MAGIC_NUMBER 0xb001b001 #define VERITY_TABLE_RSA_KEY "/verity_key" extern struct fs_info info; @@ -154,7 +155,7 @@ static int read_verity_metadata(char *block_device, char **signature, char **tab uint64_t device_length; int protocol_version; FILE *device; - int retval = FS_MGR_SETUP_VERITY_FAIL; + int retval = -1; device = fopen(block_device, "r"); if (!device) { @@ -177,18 +178,8 @@ static int read_verity_metadata(char *block_device, char **signature, char **tab ERROR("Couldn't read magic number!\n"); goto out; } - -#ifdef ALLOW_ADBD_DISABLE_VERITY - if (magic_number == VERITY_METADATA_MAGIC_DISABLE) { - retval = FS_MGR_SETUP_VERITY_DISABLED; - INFO("Attempt to cleanly disable verity - only works in USERDEBUG"); - goto out; - } -#endif - if (magic_number != VERITY_METADATA_MAGIC_NUMBER) { - ERROR("Couldn't find verity metadata at offset %"PRIu64"!\n", - device_length); + ERROR("Couldn't find verity metadata at offset %"PRIu64"!\n", device_length); goto out; } @@ -235,7 +226,7 @@ static int read_verity_metadata(char *block_device, char **signature, char **tab goto out; } - retval = FS_MGR_SETUP_VERITY_SUCCESS; + retval = 0; out: if (device) @@ -367,7 +358,6 @@ static int set_verified_property(char *name) { int fs_mgr_setup_verity(struct fstab_rec *fstab) { int retval = -1; - int fd = -1; char *verity_blk_name; char *verity_table; @@ -388,16 +378,8 @@ int fs_mgr_setup_verity(struct fstab_rec *fstab) { return retval; } - // read the verity block at the end of the block device - // send error code up the chain so we can detect attempts to disable verity - retval = read_verity_metadata(fstab->blk_device, - &verity_table_signature, - &verity_table); - if (retval< 0) { - goto out; - } - // get the device mapper fd + int fd; if ((fd = open("/dev/device-mapper", O_RDWR)) < 0) { ERROR("Error opening device mapper (%s)", strerror(errno)); return retval; @@ -415,6 +397,13 @@ int fs_mgr_setup_verity(struct fstab_rec *fstab) { goto out; } + // read the verity block at the end of the block device + if (read_verity_metadata(fstab->blk_device, + &verity_table_signature, + &verity_table) < 0) { + goto out; + } + // verify the signature on the table if (verify_table(verity_table_signature, verity_table, @@ -445,8 +434,6 @@ int fs_mgr_setup_verity(struct fstab_rec *fstab) { retval = set_verified_property(mount_point); out: - if (fd != -1) { - close(fd); - } + close(fd); return retval; } diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h index 5e2ff416a..0c7eb20d2 100644 --- a/fs_mgr/include/fs_mgr.h +++ b/fs_mgr/include/fs_mgr.h @@ -20,13 +20,6 @@ #include <stdint.h> #include <linux/dm-ioctl.h> -// Magic number at start of verity metadata -#define VERITY_METADATA_MAGIC_NUMBER 0xb001b001 - -// Replacement magic number at start of verity metadata to cleanly -// turn verity off in userdebug builds. -#define VERITY_METADATA_MAGIC_DISABLE 0x46464f56 // "VOFF" - #ifdef __cplusplus extern "C" { #endif @@ -81,7 +74,6 @@ int fs_mgr_add_entry(struct fstab *fstab, struct fstab_rec *fs_mgr_get_entry_for_mount_point(struct fstab *fstab, const char *path); int fs_mgr_is_voldmanaged(struct fstab_rec *fstab); int fs_mgr_is_nonremovable(struct fstab_rec *fstab); -int fs_mgr_is_verified(struct fstab_rec *fstab); int fs_mgr_is_encryptable(struct fstab_rec *fstab); int fs_mgr_is_noemulatedsd(struct fstab_rec *fstab); int fs_mgr_swapon_all(struct fstab *fstab); |