tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "libfs_avb: Export more utilities to facilitate VTS" am: c126ad8214 am: ce0cdb1a58 am: 51c240f5c4 am: 93432daac5

Browse source 
Original change: https://android-review.googlesource.com/c/platform/system/core/+/1940852

Change-Id: I2052f1dcede88f6dc1dfa2c33cce91fc56d10e1c
This commit is contained in:
Yi-yo Chiang 2022-01-11 06:48:59 +00:00 committed by Automerger Merge Worker
commit 74ad59226d
6 changed files with 79 additions and 77 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

71
fs_mgr/libfs_avb/avb_util.cpp
View file

@ -35,19 +35,6 @@ using android::base::unique_fd;
namespace android {
namespace fs_mgr {
std::string GetAvbPropertyDescriptor(const std::string& key,
const std::vector<VBMetaData>& vbmeta_images) {
size_t value_size;
for (const auto& vbmeta : vbmeta_images) {
const char* value = avb_property_lookup(vbmeta.data(), vbmeta.size(), key.data(),
key.size(), &value_size);
if (value != nullptr) {
return {value, value_size};
}
}
return "";
}
// Constructs dm-verity arguments for sending DM_TABLE_LOAD ioctl to kernel.
// See the following link for more details:
// https://gitlab.com/cryptsetup/cryptsetup/wikis/DMVerity
@ -130,64 +117,6 @@ bool HashtreeDmVeritySetup(FstabEntry* fstab_entry, const FsAvbHashtreeDescripto
return true;
}
std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images) {
bool found = false;
const uint8_t* desc_partition_name;
auto hash_desc = std::make_unique<FsAvbHashDescriptor>();
for (const auto& vbmeta : vbmeta_images) {
size_t num_descriptors;
std::unique_ptr<const AvbDescriptor*[], decltype(&avb_free)> descriptors(
avb_descriptor_get_all(vbmeta.data(), vbmeta.size(), &num_descriptors), avb_free);
if (!descriptors || num_descriptors < 1) {
continue;
}
for (size_t n = 0; n < num_descriptors && !found; n++) {
AvbDescriptor desc;
if (!avb_descriptor_validate_and_byteswap(descriptors[n], &desc)) {
LWARNING << "Descriptor[" << n << "] is invalid";
continue;
}
if (desc.tag == AVB_DESCRIPTOR_TAG_HASH) {
desc_partition_name = (const uint8_t*)descriptors[n] + sizeof(AvbHashDescriptor);
if (!avb_hash_descriptor_validate_and_byteswap((AvbHashDescriptor*)descriptors[n],
hash_desc.get())) {
continue;
}
if (hash_desc->partition_name_len != partition_name.length()) {
continue;
}
// Notes that desc_partition_name is not NUL-terminated.
std::string hash_partition_name((const char*)desc_partition_name,
hash_desc->partition_name_len);
if (hash_partition_name == partition_name) {
found = true;
}
}
}
if (found) break;
}
if (!found) {
LERROR << "Hash descriptor not found: " << partition_name;
return nullptr;
}
hash_desc->partition_name = partition_name;
const uint8_t* desc_salt = desc_partition_name + hash_desc->partition_name_len;
hash_desc->salt = BytesToHex(desc_salt, hash_desc->salt_len);
const uint8_t* desc_digest = desc_salt + hash_desc->salt_len;
hash_desc->digest = BytesToHex(desc_digest, hash_desc->digest_len);
return hash_desc;
}
std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images) {
bool found = false;

6
fs_mgr/libfs_avb/avb_util.h
View file

@ -37,12 +37,6 @@ struct ChainInfo {
: partition_name(chain_partition_name), public_key_blob(chain_public_key_blob) {}
};
std::string GetAvbPropertyDescriptor(const std::string& key,
const std::vector<VBMetaData>& vbmeta_images);
std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images);
// AvbHashtreeDescriptor to dm-verity table setup.
std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images);

1
fs_mgr/libfs_avb/fs_avb.cpp
View file

@ -37,6 +37,7 @@
#include "avb_ops.h"
#include "avb_util.h"
#include "fs_avb/fs_avb_util.h"
#include "sha.h"
#include "util.h"

71
fs_mgr/libfs_avb/fs_avb_util.cpp
View file

@ -74,6 +74,64 @@ std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
return GetHashtreeDescriptor(avb_partition_name, vbmeta_images);
}
std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images) {
bool found = false;
const uint8_t* desc_partition_name;
auto hash_desc = std::make_unique<FsAvbHashDescriptor>();
for (const auto& vbmeta : vbmeta_images) {
size_t num_descriptors;
std::unique_ptr<const AvbDescriptor*[], decltype(&avb_free)> descriptors(
avb_descriptor_get_all(vbmeta.data(), vbmeta.size(), &num_descriptors), avb_free);
if (!descriptors || num_descriptors < 1) {
continue;
}
for (size_t n = 0; n < num_descriptors && !found; n++) {
AvbDescriptor desc;
if (!avb_descriptor_validate_and_byteswap(descriptors[n], &desc)) {
LWARNING << "Descriptor[" << n << "] is invalid";
continue;
}
if (desc.tag == AVB_DESCRIPTOR_TAG_HASH) {
desc_partition_name = (const uint8_t*)descriptors[n] + sizeof(AvbHashDescriptor);
if (!avb_hash_descriptor_validate_and_byteswap((AvbHashDescriptor*)descriptors[n],
hash_desc.get())) {
continue;
}
if (hash_desc->partition_name_len != partition_name.length()) {
continue;
}
// Notes that desc_partition_name is not NUL-terminated.
std::string hash_partition_name((const char*)desc_partition_name,
hash_desc->partition_name_len);
if (hash_partition_name == partition_name) {
found = true;
}
}
}
if (found) break;
}
if (!found) {
LERROR << "Hash descriptor not found: " << partition_name;
return nullptr;
}
hash_desc->partition_name = partition_name;
const uint8_t* desc_salt = desc_partition_name + hash_desc->partition_name_len;
hash_desc->salt = BytesToHex(desc_salt, hash_desc->salt_len);
const uint8_t* desc_digest = desc_salt + hash_desc->salt_len;
hash_desc->digest = BytesToHex(desc_digest, hash_desc->digest_len);
return hash_desc;
}
// Given a path, loads and verifies the vbmeta, to extract the Avb Hash descriptor.
std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(const std::string& avb_partition_name,
VBMetaData&& vbmeta) {
@ -84,5 +142,18 @@ std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(const std::string& avb_pa
return GetHashDescriptor(avb_partition_name, vbmeta_images);
}
std::string GetAvbPropertyDescriptor(const std::string& key,
const std::vector<VBMetaData>& vbmeta_images) {
size_t value_size;
for (const auto& vbmeta : vbmeta_images) {
const char* value = avb_property_lookup(vbmeta.data(), vbmeta.size(), key.data(),
key.size(), &value_size);
if (value != nullptr) {
return {value, value_size};
}
}
return "";
}
} // namespace fs_mgr
} // namespace android

6
fs_mgr/libfs_avb/include/fs_avb/fs_avb_util.h
View file

@ -43,9 +43,15 @@ std::unique_ptr<VBMetaData> LoadAndVerifyVbmetaByPath(
std::unique_ptr<FsAvbHashtreeDescriptor> GetHashtreeDescriptor(
const std::string& avb_partition_name, VBMetaData&& vbmeta);
std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(
const std::string& partition_name, const std::vector<VBMetaData>& vbmeta_images);
// Gets the hash descriptor for avb_partition_name from the vbmeta.
std::unique_ptr<FsAvbHashDescriptor> GetHashDescriptor(const std::string& avb_partition_name,
VBMetaData&& vbmeta);
std::string GetAvbPropertyDescriptor(const std::string& key,
const std::vector<VBMetaData>& vbmeta_images);
} // namespace fs_mgr
} // namespace android

1
fs_mgr/libfs_avb/tests/avb_util_test.cpp
View file

@ -23,6 +23,7 @@
#include <libavb/libavb.h>
#include "avb_util.h"
#include "fs_avb/fs_avb_util.h"
#include "fs_avb_test_util.h"
// Target classes or functions to test: