We need to have partition.*.verified properties even when bootloader
is managing dm-verity mode, because we may have failed to set up the
verified partition and need a property to indicate this.
This means we still need to run fs_mgr_update_verity_state and walk
through all the partitions to verify the device mapper status, just
without updating verity mode.
Bug: 22489805
Change-Id: Iaf28185adb8b80e5452447e54e1f4e4417a34168
If verity state is managed by bootloader, it will pass the verity
mode to the kernel in the androidboot.veritymode command line
parameter. Init copies the value to the ro.boot.veritymode property.
Check for ro.boot.veritymode in fs_mgr and use the value to set
dm-verity mode. If this property is not set, store verity state in
metadata as before, if a storage location is specified in fstab.
Change-Id: Ife3c978c133248432c302583d3b70e179605fe42
This option only exists for ext4 filesystems, so it shouldn't be
used when mounting ext2/ext3.
This bug would cause the mount system call in check_fs to always fail
with ext2/ext3 filesystems.
Change-Id: I3c8938029357a4a4170355118b6757f61ff4b227
Using logical op on unitialized memory is a bad thing. Good thing
is that this bug is dead because the structure is completely
cleared later via create_verity_device() -> verity_ioctl_init().
Change-Id: Idf5515a888bc6216eda0e23885a789f9b0320bac
- Cleanup the code to get filesystem size in a block device
- Add support to reading size of squashfs in a block device
Change-Id: I3848a705ed4dc2fc9afad20331f0fdecfee545c5
Signed-off-by: Mohamad Ayyash <mkayyash@google.com>
Store verity state separately for each verified partition, and store
a hash of the last verity table signature for each partition. If the
signature changes, assume the partition has been reflashed and reset
verity state.
Bug: 20006638
Change-Id: I1c85fb816bfec1a54b1033c938bf1fdaf572f849
Set the verity mode as the value for partition.%s.verified to make it
easier for userspace to determine in which mode dm-verity was started.
Change-Id: Icc635515f8a8ede941277aed196867351d8387cb
Specify the location of verity metadata in fstab, and use a
type-length-value format for the metadata that allows other
data to be stored in the same location in an extensible way.
Change-Id: Id8711f7d51dc1e4e9a4d84f9951240f64528e69d
Add a command that updates dm-verity state and sets partition.%.verified
properties used by adb remount.
This is needed in init since fs_mgr cannot set properties:
I6a28cccb1ccce960841af20a4b20c32d424b5524
Change-Id: I0fdf5bc29c56690dcadff9d0eb216d3c68483538
Both init and libcutils define a property_set function. The init
version sets the property directly while libcutils simply calls
__system_property_set, which sends a message to init to set the
property.
Since libfs_mgr is statically linked to libcutils, any calls to
property_set end up sending a message to init and waiting for a
response. When libfs_mgr is further statically linked to init,
this leads to init sending a message to itself when property_set
is called in fs_mgr.
Because send_prop_msg in bionic only waits for a response for
250ms, this does not cause a deadlock. However, using libcutils
to set a property in the init process is hardly a good idea.
This change removes the property_set call from fs_mgr_verity.c.
If this property is required later, it should be set elsewhere.
Change-Id: I6a28cccb1ccce960841af20a4b20c32d424b5524
Add support for dm-verity modes and storing persistent state in
a location specified by the following properties:
ro.verity.state.location
ro.verity.state.offset
If these properties do not exist, dm-verity is always loaded in
EIO mode. If the properties do exist, but the location does not
have valid state data, dm-verity is loaded in RESTART mode. The
mode is updated to LOGGING if a dm-verity triggered restart has
occurred.
Change-Id: Ibb82953594d234f81ad21c40f524190b88e4ac8f
Currently, when verity is set up on a block device, the underlying
device is still accessible directly. Change the existing function
fs_set_blk_ro visible to other fs_mgr modules, change the behavior
to match the comment above the function definition, and call it to
disable write access to the block device when setting up verity.
Bug: 18609347
Change-Id: I7884175df15f9161174788d74d20a08e4cd472ca
This reverts commit bda6272446.
The original fix seems to have led to boot failures in QA. Rather than
risk shipping, revert the change. Bug 18764230 reopened.
Requires change
https://googleplex-android-review.git.corp.google.com/#/c/629764/
Bug: 19278390
Bug: 19199624
Change-Id: I8b6ab585666f2b0f585ffb2a5f61ac2e3462e06e
Don't silently ignore umount errors. At a minimum, log them.
Add strerror(errno) to another umount call, to make sure we get
some actionable data.
check_fs: try 5 times umounting the filesystem. It appears that
the umount is failing, perhaps because some service is opening
the file on the device or other error. Try unmounting it multiple
times in case it's a transient problem and we can recover.
Bug: 19199624
Bug: 19156134
Change-Id: I7213eb52d55116fb2419a36494d26d5e159981a7
Delay mounting encryptable but unencrypted volumes until we can
check the ro.vold.forceencrypt flag, then optionally encrypt.
Requires matching vold change from
https://googleplex-android-review.git.corp.google.com/#/c/615309/
Bug: 18764230
Change-Id: If22008be8de6a4f3216b349f81ace49be1730314
This allows a vendor to force encryption on devices via a vendor
partition flag:
ro.vold.forceencryption 1
Bug: 18764230
Change-Id: Id0049ce64e34e4f6f96e593aadd70c277ac131c8
When mounting fstab entries it is practical to be able to specify
for example LABEL=data instead of a specific block device.
This is particularly important for the new Android Emulator code base,
which uses virtio block devices for the various partitions
(system,data,cache), because there is no defined ordering between the
way the filesystems are specified to the emulator and how they are
enumerated by the android kernel as /dev/vdX.
Change-Id: I7aef95f12e8f7b02ac2e33804ba7897fdcb9ad7f
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
