File: fs_avb_util.cpp

package info (click to toggle)
android-platform-system-core 1%3A10.0.0%2Br36-7
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 123,760 kB
  • sloc: cpp: 197,034; ansic: 18,211; asm: 3,606; sh: 3,180; python: 2,671; java: 693; xml: 266; makefile: 237
file content (78 lines) | stat: -rw-r--r-- 3,359 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
/*
 * Copyright (C) 2019 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include "fs_avb/fs_avb_util.h"

#include <memory>
#include <string>
#include <vector>

#include <android-base/strings.h>
#include <fstab/fstab.h>
#include <libavb/libavb.h>
#include <libdm/dm.h>

#include "avb_util.h"
#include "util.h"

namespace android {
namespace fs_mgr {

// Given a FstabEntry, loads and verifies the vbmeta, to extract the Avb Hashtree descriptor.
std::unique_ptr<VBMetaData> LoadAndVerifyVbmeta(const FstabEntry& fstab_entry,
                                                const std::string& expected_public_key_blob,
                                                std::string* out_public_key_data,
                                                std::string* out_avb_partition_name,
                                                VBMetaVerifyResult* out_verify_result) {
    // Derives partition_name from blk_device to query the corresponding AVB HASHTREE descriptor
    // to setup dm-verity. The partition_names in AVB descriptors are without A/B suffix.
    std::string avb_partition_name = DeriveAvbPartitionName(fstab_entry, fs_mgr_get_slot_suffix(),
                                                            fs_mgr_get_other_slot_suffix());
    if (out_avb_partition_name) {
        *out_avb_partition_name = avb_partition_name;
    }

    // Updates fstab_entry->blk_device from <partition> to /dev/block/dm-<N> if
    // it's a logical partition.
    std::string device_path = fstab_entry.blk_device;
    if (fstab_entry.fs_mgr_flags.logical &&
        !android::base::StartsWith(fstab_entry.blk_device, "/")) {
        dm::DeviceMapper& dm = dm::DeviceMapper::Instance();
        if (!dm.GetDmDevicePathByName(fstab_entry.blk_device, &device_path)) {
            LERROR << "Failed to resolve logical device path for: " << fstab_entry.blk_device;
            return nullptr;
        }
    }

    return LoadAndVerifyVbmetaByPath(device_path, avb_partition_name, expected_public_key_blob,
                                     true /* allow_verification_error */,
                                     false /* rollback_protection */, false /* is_chained_vbmeta */,
                                     out_public_key_data, nullptr /* out_verification_disabled */,
                                     out_verify_result);
}

// Given a path, loads and verifies the vbmeta, to extract the Avb Hashtree descriptor.
std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
        const std::string& avb_partition_name, VBMetaData&& vbmeta) {
    if (!vbmeta.size()) return nullptr;

    std::vector<VBMetaData> vbmeta_images;
    vbmeta_images.emplace_back(std::move(vbmeta));
    return GetHashtreeDescriptor(avb_partition_name, vbmeta_images);
}

}  // namespace fs_mgr
}  // namespace android