diff options
| author | Bowgo Tsai <bowgotsai@google.com> | 2020-01-07 21:32:38 +0800 |
|---|---|---|
| committer | Bowgo Tsai <bowgotsai@google.com> | 2020-01-07 22:17:27 +0800 |
| commit | a61c3ab44f8b0d3706b391166c0c1c736fbeecee (patch) | |
| tree | e03a08cc54432375090cb955008ef9c0753f3c28 /trusty/coverage/coverage_test.cpp | |
| parent | e4d95b77d5c5983a3cdc71f05fbea168898b0cfb (diff) | |
Support AVB chain partitions for HASH descriptors
Commit Ida1a6da988c10d364b3ccdaa6c5d63e5264d1b27 allows specifying
AVB-related partitions to be probed in first-state mount, e.g.,
"avb=vbmeta_system" in the fs_mgr_flags will make init wait uevents
for vbmeta_system partition, which is required for AVB verification.
However, when specifying "avb=dtbo" to chain a /dtbo partition, first-stage
init will emit the following error as it assumes all partitions are
verified by Hashtree descriptors.
init: [libfs_avb]Hashtree descriptor not found: dtbo
This change fixes this by skipping raw partitions for first-stage mounting,
where raw partitions should already be verified by bootloader with Hash
descriptors. Although first-stage init does not perform Hash verification,
it still reads all Hash/Hashtree descriptors to calculate then compare
the "VBMeta Digest" passed from bootloader.
https://android.googlesource.com/platform/external/avb/#The-VBMeta-Digest
The following is an example of a fstab entry to chain /dtbo partition:
/dev/block/bootdevice/by-name/dtbo /dtbo emmc defaults slotselect,avb=dtbo,first_stage_mount
Bug: 146935233
Test: enable /dtbo as a chain partition, then boot the device
Change-Id: I590f1d9b78ef89b5aef21cb7bf19fdb90b27f808
Diffstat (limited to 'trusty/coverage/coverage_test.cpp')
0 files changed, 0 insertions, 0 deletions