diff options
| author | Tom Cherry <tomcherry@google.com> | 2019-01-07 14:25:31 -0800 |
|---|---|---|
| committer | Tom Cherry <tomcherry@google.com> | 2019-02-11 12:50:22 -0800 |
| commit | cf80b6d6e59a71a80ffc9d7489523137301974cd (patch) | |
| tree | 209c19167ff87ea6643a4ef405078b46bdc985f1 /init/builtins.cpp | |
| parent | 6576e139958992a75174b09bbb0cec23d3ffb680 (diff) | |
Refactor fs_mgr_update_verity_state()
fs_mgr_update_verity_state() has two callers with generally different
intentions. One caller loops through all entries in the default fstab
to set partition.<mount_point>.verified properties. The other caller
is only interested in whether or a specific mount point has verity
enabled.
Given this, we refactor fs_mgr_update_verity_state() to
fs_mgr_get_verity_mount_point() which takes a single FstabEntry and
returns the mount point used for the dm-verity device or an empty
option if verity is not enabled on that mount point.
Test: adb-remount-test.sh test on blueline
Change-Id: Ic7dd8390509e95b2931b21e544c919a544138864
Diffstat (limited to 'init/builtins.cpp')
| -rw-r--r-- | init/builtins.cpp | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/init/builtins.cpp b/init/builtins.cpp index c8ceb0ce9..538ed00eb 100644 --- a/init/builtins.cpp +++ b/init/builtins.cpp @@ -75,6 +75,7 @@ using namespace std::literals::string_literals; +using android::base::Basename; using android::base::unique_fd; using android::fs_mgr::Fstab; using android::fs_mgr::ReadFstabFromFile; @@ -749,11 +750,27 @@ static Result<Success> do_verity_load_state(const BuiltinArguments& args) { } static Result<Success> do_verity_update_state(const BuiltinArguments& args) { - if (!fs_mgr_update_verity_state([](const std::string& mount_point, int mode) { - property_set("partition." + mount_point + ".verified", std::to_string(mode)); - })) { - return Error() << "fs_mgr_update_verity_state() failed"; + int mode; + if (!fs_mgr_load_verity_state(&mode)) { + return Error() << "fs_mgr_load_verity_state() failed"; } + + Fstab fstab; + if (!ReadDefaultFstab(&fstab)) { + return Error() << "Failed to read default fstab"; + } + + for (const auto& entry : fstab) { + if (!fs_mgr_is_verity_enabled(entry)) { + continue; + } + + // To be consistent in vboot 1.0 and vboot 2.0 (AVB), use "system" for the partition even + // for system as root, so it has property [partition.system.verified]. + std::string partition = entry.mount_point == "/" ? "system" : Basename(entry.mount_point); + property_set("partition." + partition + ".verified", std::to_string(mode)); + } + return Success(); } |