fs_mg: allow getting VBMeta Digest from device-tree
fs_mgr gets androidboot.vbmeta.{size, hash_alg, digest} from kernel
cmdline to assure the integrity of all vbmeta structs. This CL Allows
fs_mgr to get those parameters from device tree because they're only
consumed by userland instead of kernel.
https://android.googlesource.com/platform/external/avb/+/master#The-VBMeta-Digest
Bootloader could construct a device tree overlay at run time then merge
it into main device tree. e.g.,
firmware {
android {
vbmeta.size = "5245";
vbmeta.hash_alg = "sha256";
vbmeta.digest = "0c51233ca3ecaa...63c6d912e79b709";
};
};
Bug: 80168311
Test: boot a device using AVB
Change-Id: I6cf151713af04e6cf554d593e9f0b43e9e214d8c
diff --git a/fs_mgr/fs_mgr_avb.cpp b/fs_mgr/fs_mgr_avb.cpp
index 5d688e1..2020fa6 100644
--- a/fs_mgr/fs_mgr_avb.cpp
+++ b/fs_mgr/fs_mgr_avb.cpp
@@ -146,7 +146,7 @@
}
std::string value;
- if (!fs_mgr_get_boot_config_from_kernel_cmdline("vbmeta.size", &value) ||
+ if (!fs_mgr_get_boot_config("vbmeta.size", &value) ||
!android::base::ParseUint(value.c_str(), &avb_verifier->vbmeta_size_)) {
LERROR << "Invalid hash size: " << value.c_str();
return nullptr;
@@ -155,7 +155,7 @@
// Reads hash algorithm.
size_t expected_digest_size = 0;
std::string hash_alg;
- fs_mgr_get_boot_config_from_kernel_cmdline("vbmeta.hash_alg", &hash_alg);
+ fs_mgr_get_boot_config("vbmeta.hash_alg", &hash_alg);
if (hash_alg == "sha256") {
expected_digest_size = SHA256_DIGEST_LENGTH * 2;
avb_verifier->hash_alg_ = kSHA256;
@@ -169,7 +169,7 @@
// Reads digest.
std::string digest;
- fs_mgr_get_boot_config_from_kernel_cmdline("vbmeta.digest", &digest);
+ fs_mgr_get_boot_config("vbmeta.digest", &digest);
if (digest.size() != expected_digest_size) {
LERROR << "Unexpected digest size: " << digest.size()
<< " (expected: " << expected_digest_size << ")";