Using a dir /avb for DSU avb keys

Previously the AVB public keys for DSU is hard coded for each key path. This adds the burden for maintaining the codebase, e.g., need to change avb_keys each time when any new key is added or some old key is deleted. With commit Ie74845d8c8e4aa45e8a9e3b862424cec641f8090, it's possible to load avb keys from a directory. Let's use "/avb" for DSU AVB keys. Also removing fstab entries that specifying vbmeta_partition. The AVB keys used in DSU flow should be a separate set from the original vbmeta.img (or vbmeta_system.img). The following link has more info about DSU: https://developer.android.com/topic/dsu Bug: 141284191 Bug: 144399552 Test: boot a GSI via DSU Change-Id: I6bc1e068368e64cb0bbf6ef63805444b35a1fdfb
2019-12-11 15:03:00 +08:00 · 2019-12-11 15:03:00 +08:00 · a2ac846ff3
commit a2ac846ff3
parent 9af7878ec5
1 changed files with 4 additions and 16 deletions
--- a/fs_mgr/fs_mgr_fstab.cpp
+++ b/fs_mgr/fs_mgr_fstab.cpp
@ -582,8 +582,7 @@ bool EraseFstabEntry(Fstab* fstab, const std::string& mount_point) {
 }  // namespace

 void TransformFstabForDsu(Fstab* fstab, const std::vector<std::string>& dsu_partitions) {
-    static constexpr char kGsiKeys[] =
-            "/avb/q-gsi.avbpubkey:/avb/r-gsi.avbpubkey:/avb/s-gsi.avbpubkey";
+    static constexpr char kDsuKeysDir[] = "/avb";
    // Convert userdata
    // Inherit fstab properties for userdata.
    FstabEntry userdata;
@ -629,29 +628,18 @@ void TransformFstabForDsu(Fstab* fstab, const std::vector<std::string>& dsu_part
                    .fs_type = "ext4",
                    .flags = MS_RDONLY,
                    .fs_options = "barrier=1",
-                    .avb_keys = kGsiKeys,
+                    .avb_keys = kDsuKeysDir,
            };
            entry.fs_mgr_flags.wait = true;
            entry.fs_mgr_flags.logical = true;
            entry.fs_mgr_flags.first_stage_mount = true;
-            // Use the system key which may be in the vbmeta or vbmeta_system
-            // TODO: b/141284191
-            entry.vbmeta_partition = "vbmeta";
-            fstab->emplace_back(entry);
-            entry.vbmeta_partition = "vbmeta_system";
-            fstab->emplace_back(entry);
        } else {
            // If the corresponding partition exists, transform all its Fstab
            // by pointing .blk_device to the DSU partition.
            for (auto&& entry : entries) {
                entry->blk_device = partition;
-                if (entry->avb_keys.size() > 0) {
-                    entry->avb_keys += ":";
-                }
-                // If the DSU is signed by OEM, the original Fstab already has the information
-                // required by avb, otherwise the DSU is GSI and will need the avb_keys as listed
-                // below.
-                entry->avb_keys += kGsiKeys;
+                // AVB keys for DSU should always be under kDsuKeysDir.
+                entry->avb_keys += kDsuKeysDir;
            }
            // Make sure the ext4 is included to support GSI.
            auto partition_ext4 =