summaryrefslogtreecommitdiffstats
path: root/fs_mgr
diff options
context:
space:
mode:
authorBowgo Tsai <bowgotsai@google.com>2017-04-13 13:05:42 +0800
committerBowgo Tsai <bowgotsai@google.com>2017-04-13 18:29:10 +0800
commit80d1ad17ed5dd1ca63cc3cca24e801c9f63bc48f (patch)
treedf6d23f527dc53fa6a277f46d0fd187fa4cb281c /fs_mgr
parent95c966a8599a069c40707c933c31155d625bd355 (diff)
downloadcore-80d1ad17ed5dd1ca63cc3cca24e801c9f63bc48f.tar.gz
core-80d1ad17ed5dd1ca63cc3cca24e801c9f63bc48f.tar.bz2
core-80d1ad17ed5dd1ca63cc3cca24e801c9f63bc48f.zip
fs_mgr: adds/changes some public APIs for early mount in init
Several changes in this CL: - Moves class FsManagerAvbHandle to public API - Adds a parameter 'wait_for_verity_dev' for FsManagerAvbHandle::SetUpAvb() to allow not to wait for verity device gets created - Adds FsManagerAvbHandle::AvbHashtreeDisabled() to query whether AVB is disabled - Adds fs_mgr_is_avb() to query whether a fstab_rec has MF_AVB flag Bug: 33254008 Test: test AVB on bullhead Change-Id: I89c43ca574ae632db8a700fc2590a1f80212c993
Diffstat (limited to 'fs_mgr')
-rw-r--r--fs_mgr/fs_mgr.cpp7
-rw-r--r--fs_mgr/fs_mgr_avb.cpp13
-rw-r--r--fs_mgr/fs_mgr_fstab.cpp5
-rw-r--r--fs_mgr/include/fs_mgr.h1
-rw-r--r--fs_mgr/include/fs_mgr_avb.h (renamed from fs_mgr/fs_mgr_priv_avb.h)22
5 files changed, 30 insertions, 18 deletions
diff --git a/fs_mgr/fs_mgr.cpp b/fs_mgr/fs_mgr.cpp
index 78d0c070f..28da9dbd5 100644
--- a/fs_mgr/fs_mgr.cpp
+++ b/fs_mgr/fs_mgr.cpp
@@ -47,8 +47,9 @@
#include <logwrap/logwrap.h>
#include <private/android_logger.h> // for __android_log_is_debuggable()
+#include "fs_mgr.h"
+#include "fs_mgr_avb.h"
#include "fs_mgr_priv.h"
-#include "fs_mgr_priv_avb.h"
#define KEY_LOC_PROP "ro.crypto.keyfile.userdata"
#define KEY_IN_FOOTER "footer"
@@ -819,7 +820,7 @@ int fs_mgr_mount_all(struct fstab *fstab, int mount_mode)
return -1;
}
}
- if (!avb_handle->SetUpAvb(&fstab->recs[i])) {
+ if (!avb_handle->SetUpAvb(&fstab->recs[i], true /* wait_for_verity_dev */)) {
LERROR << "Failed to set up AVB on partition: "
<< fstab->recs[i].mount_point << ", skipping!";
/* Skips mounting the device. */
@@ -1031,7 +1032,7 @@ int fs_mgr_do_mount(struct fstab *fstab, const char *n_name, char *n_blk_device,
return -1;
}
}
- if (!avb_handle->SetUpAvb(&fstab->recs[i])) {
+ if (!avb_handle->SetUpAvb(&fstab->recs[i], true /* wait_for_verity_dev */)) {
LERROR << "Failed to set up AVB on partition: "
<< fstab->recs[i].mount_point << ", skipping!";
/* Skips mounting the device. */
diff --git a/fs_mgr/fs_mgr_avb.cpp b/fs_mgr/fs_mgr_avb.cpp
index 76ec236b5..7c82bb1e6 100644
--- a/fs_mgr/fs_mgr_avb.cpp
+++ b/fs_mgr/fs_mgr_avb.cpp
@@ -38,9 +38,9 @@
#include <utils/Compat.h>
#include "fs_mgr.h"
+#include "fs_mgr_avb.h"
#include "fs_mgr_avb_ops.h"
#include "fs_mgr_priv.h"
-#include "fs_mgr_priv_avb.h"
#include "fs_mgr_priv_dm_ioctl.h"
#include "fs_mgr_priv_sha.h"
@@ -336,7 +336,8 @@ static bool hashtree_load_verity_table(struct dm_ioctl* io, const std::string& d
static bool hashtree_dm_verity_setup(struct fstab_rec* fstab_entry,
const AvbHashtreeDescriptor& hashtree_desc,
- const std::string& salt, const std::string& root_digest) {
+ const std::string& salt, const std::string& root_digest,
+ bool wait_for_verity_dev) {
// Gets the device mapper fd.
android::base::unique_fd fd(open("/dev/device-mapper", O_RDWR));
if (fd < 0) {
@@ -375,13 +376,12 @@ static bool hashtree_dm_verity_setup(struct fstab_rec* fstab_entry,
// Marks the underlying block device as read-only.
fs_mgr_set_blk_ro(fstab_entry->blk_device);
- // TODO(bowgotsai): support verified all partition at boot.
// Updates fstab_rec->blk_device to verity device name.
free(fstab_entry->blk_device);
fstab_entry->blk_device = strdup(verity_blk_name.c_str());
// Makes sure we've set everything up properly.
- if (fs_mgr_test_access(verity_blk_name.c_str()) < 0) {
+ if (wait_for_verity_dev && fs_mgr_test_access(verity_blk_name.c_str()) < 0) {
return false;
}
@@ -519,7 +519,7 @@ FsManagerAvbUniquePtr FsManagerAvbHandle::Open(const std::string& device_file_by
return nullptr;
}
-bool FsManagerAvbHandle::SetUpAvb(struct fstab_rec* fstab_entry) {
+bool FsManagerAvbHandle::SetUpAvb(struct fstab_rec* fstab_entry, bool wait_for_verity_dev) {
if (!fstab_entry) return false;
if (!avb_slot_data_ || avb_slot_data_->num_vbmeta_images < 1) {
return false;
@@ -545,7 +545,8 @@ bool FsManagerAvbHandle::SetUpAvb(struct fstab_rec* fstab_entry) {
}
// Converts HASHTREE descriptor to verity_table_params.
- if (!hashtree_dm_verity_setup(fstab_entry, hashtree_descriptor, salt, root_digest)) {
+ if (!hashtree_dm_verity_setup(fstab_entry, hashtree_descriptor, salt, root_digest,
+ wait_for_verity_dev)) {
return false;
}
return true;
diff --git a/fs_mgr/fs_mgr_fstab.cpp b/fs_mgr/fs_mgr_fstab.cpp
index dfbde18d1..dc73c242f 100644
--- a/fs_mgr/fs_mgr_fstab.cpp
+++ b/fs_mgr/fs_mgr_fstab.cpp
@@ -768,6 +768,11 @@ int fs_mgr_is_verified(const struct fstab_rec *fstab)
return fstab->fs_mgr_flags & MF_VERIFY;
}
+int fs_mgr_is_avb(const struct fstab_rec *fstab)
+{
+ return fstab->fs_mgr_flags & MF_AVB;
+}
+
int fs_mgr_is_verifyatboot(const struct fstab_rec *fstab)
{
return fstab->fs_mgr_flags & MF_VERIFYATBOOT;
diff --git a/fs_mgr/include/fs_mgr.h b/fs_mgr/include/fs_mgr.h
index 3c2fea4d2..cea70b449 100644
--- a/fs_mgr/include/fs_mgr.h
+++ b/fs_mgr/include/fs_mgr.h
@@ -123,6 +123,7 @@ int fs_mgr_is_voldmanaged(const struct fstab_rec *fstab);
int fs_mgr_is_nonremovable(const struct fstab_rec *fstab);
int fs_mgr_is_verified(const struct fstab_rec *fstab);
int fs_mgr_is_verifyatboot(const struct fstab_rec *fstab);
+int fs_mgr_is_avb(const struct fstab_rec *fstab);
int fs_mgr_is_encryptable(const struct fstab_rec *fstab);
int fs_mgr_is_file_encrypted(const struct fstab_rec *fstab);
const char* fs_mgr_get_file_encryption_mode(const struct fstab_rec *fstab);
diff --git a/fs_mgr/fs_mgr_priv_avb.h b/fs_mgr/include/fs_mgr_avb.h
index 99a033e59..526a5ce06 100644
--- a/fs_mgr/fs_mgr_priv_avb.h
+++ b/fs_mgr/include/fs_mgr_avb.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2016 The Android Open Source Project
+ * Copyright (C) 2017 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -14,8 +14,8 @@
* limitations under the License.
*/
-#ifndef __CORE_FS_MGR_PRIV_AVB_H
-#define __CORE_FS_MGR_PRIV_AVB_H
+#ifndef __CORE_FS_MGR_AVB_H
+#define __CORE_FS_MGR_AVB_H
#include <memory>
#include <string>
@@ -63,18 +63,22 @@ class FsManagerAvbHandle {
static FsManagerAvbUniquePtr Open(const std::string& device_file_by_name_prefix);
// Sets up dm-verity on the given fstab entry.
+ // The 'wait_for_verity_dev' parameter makes this function wait for the
+ // verity device to get created before return.
// Returns true if the mount point is eligible to mount, it includes:
// - status_ is kFsMgrAvbHandleHashtreeDisabled or
// - status_ is kFsMgrAvbHandleSuccess and sending ioctl DM_TABLE_LOAD
// to load verity table is success.
// Otherwise, returns false.
- bool SetUpAvb(fstab_rec* fstab_entry);
+ bool SetUpAvb(fstab_rec* fstab_entry, bool wait_for_verity_dev);
- FsManagerAvbHandle(const FsManagerAvbHandle&) = delete; // no copy
- FsManagerAvbHandle& operator=(const FsManagerAvbHandle&) = delete; // no assignment
+ bool AvbHashtreeDisabled() { return status_ == kFsManagerAvbHandleHashtreeDisabled; }
- FsManagerAvbHandle(FsManagerAvbHandle&&) noexcept = delete; // no move
- FsManagerAvbHandle& operator=(FsManagerAvbHandle&&) noexcept = delete; // no move assignment
+ FsManagerAvbHandle(const FsManagerAvbHandle&) = delete; // no copy
+ FsManagerAvbHandle& operator=(const FsManagerAvbHandle&) = delete; // no assignment
+
+ FsManagerAvbHandle(FsManagerAvbHandle&&) noexcept = delete; // no move
+ FsManagerAvbHandle& operator=(FsManagerAvbHandle&&) noexcept = delete; // no move assignment
~FsManagerAvbHandle() {
if (avb_slot_data_) {
@@ -90,4 +94,4 @@ class FsManagerAvbHandle {
FsManagerAvbHandleStatus status_;
};
-#endif /* __CORE_FS_MGR_PRIV_AVB_H */
+#endif /* __CORE_FS_MGR_AVB_H */