Commit graph

19 commits

Author SHA1 Message Date
Oriol Prieto Gasco
85d84ff9ed Set the container field of aconfig flags
Test: m
Bug: 312769710
Change-Id: I366717c7139886e30360914256ad7710da5095e9
2024-02-03 02:39:40 +00:00
Victor Hsieh
0da66a5537 Flag guard to make fsverity_init a no-op
As early as fsverity_init, the flag can only be static (thus
is_fixed_read_only). It is now a constant/false and will be flipped
during the ramp up at build time.

Bug: 290064770
Test: mma
Test: Inspect the generated code
Change-Id: I4bd1addb996705f6e6b9f75313bf22b9ecd3e11c
2023-10-17 10:54:28 -07:00
Yunkai Lim
0d850139b6 Revert "Remove fsverity_init"
Revert submission 2662658-fsverity-init-cleanup

Reason for revert: Culprit for test breakage b/293232766

Reverted changes: /q/submissionid:2662658-fsverity-init-cleanup

Change-Id: Ib29f082e5a48cacc726a5228029ec3a1b6561cb1
2023-07-26 06:21:30 +00:00
Eric Biggers
997fd3392a Remove fsverity_init
Now that fsverity_init is no longer used, it can be removed.
For more details, see https://r.android.com/2662658.

Bug: 290064770
Test: presubmit
Change-Id: I9a90a7141d708ea8aaeefc54288083ee5a0f52ff
2023-07-19 01:13:40 +00:00
Eric Biggers
6ae155d8ee fsverity_init: remove unneeded functionality
The --load-extra-key option to 'fsverity_init' was only used by odsign,
and --lock was only used by init.rc.  Since these uses have been
removed, remove the code that implemented these options as well.

Bug: 290064770
Test: presubmit
Change-Id: Iaad4b78926748f24dcaddecb27dc28e4c659a574
2023-07-06 18:36:16 +00:00
Eric Biggers
31b4751a4d fsverity_init: cleanly support kernels without builtin sig support
Since Android no longer uses fsverity builtin signatures, it's planned
to start configuring the kernel without
CONFIG_FS_VERITY_BUILTIN_SIGNATURES.  Therefore, make fsverity_init
cleanly handle the case of CONFIG_FS_VERITY_BUILTIN_SIGNATURES being
disabled.  Also document why fsverity_init still has to exist at all.

Bug: 290064770
Test: Booted Cuttlefish with android-mainline kernel with
      CONFIG_FS_VERITY_BUILTIN_SIGNATURES disabled.  Checked logcat for
      message indicating that 'fsverity_init --load-verified-keys'
      exited with status 0.
Change-Id: I0e232c9f4fb80f790ccafb03c10bb5dd5f24fe24
2023-07-06 18:35:30 +00:00
Eric Biggers
5024ce5b46 Revert "fsverity_init: refactor into library + binary"
This reverts commit 3fc82ead6b because the
only user of libfsverity_init other than fsverity_init has been removed.

(Don't add "liblogwrap" back to shared_libs, as it isn't needed.)

Bug: 290064770
Test: presubmit
Change-Id: Ia5a0e60a16c1f88974ceb4500084b0c3773d3e43
2023-07-06 18:18:32 +00:00
Victor Hsieh
1b8ac1a879 Do not require fs-verity built-in signature
There are use cases where fs-verity without signature is helpful. Relax
the restriction. Existing use cases (other than work-in-progress
features) of fs-verity in AOSP has been migrated to signature check in
userspace.

Bug: 249158715
Test: CtsAppSecurityHostTestCases:android.appsecurity.cts.ApkVerityInstallTest
Ignore-AOSP-First: Security implication requires some change in frameworks/base
Change-Id: I6b7d7143485ad304d4aa7e8a924d32d558540b92
Merged-In: I6b7d7143485ad304d4aa7e8a924d32d558540b92
2022-12-05 11:04:08 -08:00
Treehugger Robot
13a3347a09 Merge "fsverity_init: refactor into library + binary" 2021-11-23 17:54:32 +00:00
Jeff Vander Stoep
fae9b8081e Add OWNERS for fsverity files
Test: TH
Change-Id: Ic5c283250cb7c3ec30400847e27c06ffbc654056
2021-11-23 17:12:28 +00:00
Jeff Vander Stoep
3fc82ead6b fsverity_init: refactor into library + binary
This is needed to import some of the functionality into first stage
init.

Bug: 199914227
Test: build
Change-Id: I0a78f62b1957404d7fe78c79151a1620834ea3a1
2021-11-22 21:24:52 +01:00
Alan Stokes
246a7f13ac Improved error checking for fsverity_init/odsign.
When attempting to load a non-existent cert I got:
  06-10 12:48:11.939   662   662 E fsverity_init: Failed to add key: Invalid argument
  06-10 12:48:11.940   662   662 E fsverity_init: Failed to load key from stdin
  06-10 12:48:11.941   648   648 I odsign  : Added CompOs key to fs-verity keyring
Which looks like everything worked when nothing did.

Added more error checks on both sides.

Test: Presubmits
Test: Manual
Change-Id: Ib2b17ce75e58dafb0ad6905106e35b11b55e91d0
2021-06-11 10:01:33 +01:00
Treehugger Robot
f9fd5631b9 Merge "Make key names unique." 2021-03-31 17:06:39 +00:00
Kohsuke Yatoh
a51ce46a98 Make key names unique.
Bug: 184053707
Test: flash the device and check logcat
Change-Id: I38d267f09b9694f171955ee6c045dcace1238962
2021-03-30 23:47:10 +00:00
Bob Badour
4c7858c848 [LSC] Add LOCAL_LICENSE_KINDS to system/security
Added SPDX-license-identifier-Apache-2.0 to:
  fsverity_init/Android.bp
  identity/Android.bp
  keystore/tests/Android.bp
  keystore2/Android.bp
  keystore2/aaid/Android.bp
  keystore2/aidl/Android.bp
  keystore2/apc_compat/Android.bp
  keystore2/selinux/Android.bp
  keystore2/src/crypto/Android.bp
  keystore2/src/km_compat/Android.bp
  ondevice-signing/Android.bp
  provisioner/Android.bp

Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
  Android.bp
  keystore/Android.bp

Added SPDX-license-identifier-BSD to:
  keystore-engine/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: Ic9e19695bd19c3f127dfd545df60e4c9df89af77
2021-02-14 10:37:25 -08:00
Martijn Coenen
0aeee3d632 Split fsverity_init in multiple phases.
Soon we'll have a need for multiple fs-verity keys in the keyring; we
need a central place to manage the keys, as well as restrict the
keyring. fsverity_init makes most sense for this.

Allow fsverity_init to be called in 3 different ways:
--load-verified-keys: loads preloaded keys from trusted partitions
--load-extra-key: loads an additional key passed in from stdin; the key
name is given as an argument.
--lock: locks the keyring, and prevents new keys from being loaded

Bug: 165630556
Test: boot, cat /proc/keys/
Change-Id: I758e49a5c4229edc531d01ac2e8873a22a1da73e
2020-12-03 10:03:17 +01:00
Victor Hsieh
753ac2a34b Also load fs-verity cert from /system/etc/security/fsverity/
Bug: 153112812
Test: able to use the new cert after reboot
Change-Id: I01085913f81898592a3a1edcaa97aff6dc8ac89c
2020-04-03 15:30:09 -07:00
Victor Hsieh
2bcd5376ec Stop reading fs-verity certificate from keystore
We punting support for extra certificate to S.

Test: boot
Bug: 112038744
Change-Id: I3bc342a7df0c47c02494ef6fdae24e7ad00a8507
2020-02-26 12:39:15 -08:00
Victor Hsieh
d0a4b202a4 Rewrite fsverity_init in C++ and load keys from keystore
Test: still see keys loaded from /product appears in /proc/keys
Test: Add X.509 DER cert files to keystore, see the key in
      /proc/keys after reboot
Bug: 112038744
Change-Id: I08006d8befa69e4bf416a2bed9e1813725877147
2019-09-25 09:52:19 -07:00