Merge "update_verifier: Support AVB." am: e248e434ea

am: 1f108dae49 Change-Id: I85544f829783fade5e91cfa1d48013047056924d
2017-06-22 19:26:10 +00:00 · 2017-06-22 19:26:10 +00:00 · b0c38f1cce
commit b0c38f1cce
parent 8daabacce5 1f108dae49
4 changed files with 24 additions and 7 deletions
--- a/tests/Android.mk
+++ b/tests/Android.mk
@ -92,6 +92,10 @@ ifeq ($(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VERITY),true)
 LOCAL_CFLAGS += -DPRODUCT_SUPPORTS_VERITY=1
 endif

+ifeq ($(BOARD_AVB_ENABLE),true)
+LOCAL_CFLAGS += -DBOARD_AVB_ENABLE=1
+endif
+
 LOCAL_MODULE := recovery_component_test
 LOCAL_COMPATIBILITY_SUITE := device-tests
 LOCAL_C_INCLUDES := bootable/recovery
--- a/tests/component/update_verifier_test.cpp
+++ b/tests/component/update_verifier_test.cpp
@ -24,7 +24,7 @@
 class UpdateVerifierTest : public ::testing::Test {
 protected:
  void SetUp() override {
-#ifdef PRODUCT_SUPPORTS_VERITY
+#if defined(PRODUCT_SUPPORTS_VERITY) || defined(BOARD_AVB_ENABLE)
    verity_supported = true;
 #else
    verity_supported = false;
--- a/update_verifier/Android.mk
+++ b/update_verifier/Android.mk
@ -39,6 +39,10 @@ ifeq ($(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VERITY),true)
 LOCAL_CFLAGS += -DPRODUCT_SUPPORTS_VERITY=1
 endif

+ifeq ($(BOARD_AVB_ENABLE),true)
+LOCAL_CFLAGS += -DBOARD_AVB_ENABLE=1
+endif
+
 include $(BUILD_STATIC_LIBRARY)

 # update_verifier (executable)
--- a/update_verifier/update_verifier.cpp
+++ b/update_verifier/update_verifier.cpp
@ -99,13 +99,22 @@ static bool read_blocks(const std::string& partition, const std::string& range_s
    std::string content;
    if (!android::base::ReadFileToString(path, &content)) {
      PLOG(WARNING) << "Failed to read " << path;
-    } else if (android::base::Trim(content) == partition) {
+    } else {
+      std::string dm_block_name = android::base::Trim(content);
+#ifdef BOARD_AVB_ENABLE
+      // AVB is using 'vroot' for the root block device but we're expecting 'system'.
+      if (dm_block_name == "vroot") {
+        dm_block_name = "system";
+      }
+#endif
+      if (dm_block_name == partition) {
        dm_block_device = DEV_PATH + std::string(namelist[n]->d_name);
        while (n--) {
          free(namelist[n]);
        }
        break;
      }
+    }
    free(namelist[n]);
  }
  free(namelist);
@ -229,7 +238,7 @@ int update_verifier(int argc, char** argv) {
  if (is_successful == BoolResult::FALSE) {
    // The current slot has not booted successfully.

-#ifdef PRODUCT_SUPPORTS_VERITY
+#if defined(PRODUCT_SUPPORTS_VERITY) || defined(BOARD_AVB_ENABLE)
    std::string verity_mode = android::base::GetProperty("ro.boot.veritymode", "");
    if (verity_mode.empty()) {
      LOG(ERROR) << "Failed to get dm-verity mode.";