DO NOT MERGE: Do not mount devices with invalid verity metadata The return value of read_verity_metadata is propagated to caller even if the verity metadata is invalid, provided that it can be read from the device. This results in devices with invalid verity metadata signatures to be mounted normally, which is not desirable. This change fixes the bug by changing the return value in case of verification failure to FS_MGR_SETUP_VERITY_FAIL. Bug: 15984840 Bug: 18120110 Change-Id: Ic29f37a23cb417c2538d60fb05de9dd310d50f4a (cherry picked from commit c95e9da39660f278ace4b14d688dc6818d1a38bf)

commit: 72f0d92c722447e0c87cfe765516a7352db3d51a [log] [tgz]
author: Sami Tolvanen <samitolvanen@google.com> Fri Nov 07 10:20:02 2014 -0800
committer: Iliyan Malchev <malchev@google.com> Thu Nov 13 15:43:08 2014 -0800
tree: f2e584aa196a335f39bff21c01f99c29cefc0e16
parent: 9573a13bbc015c555adff1e4e0fbef2a18963111 [diff]
diff --git a/fs_mgr/fs_mgr_verity.c b/fs_mgr/fs_mgr_verity.c
index b2f493a..a82db4e 100644
--- a/fs_mgr/fs_mgr_verity.c
+++ b/fs_mgr/fs_mgr_verity.c

@@ -376,7 +376,7 @@
 
 int fs_mgr_setup_verity(struct fstab_rec *fstab) {
 
-    int retval = -1;
+    int retval = FS_MGR_SETUP_VERITY_FAIL;
     int fd = -1;
 
     char *verity_blk_name = 0;
@@ -407,6 +407,8 @@
         goto out;
     }
 
+    retval = FS_MGR_SETUP_VERITY_FAIL;
+
     // get the device mapper fd
     if ((fd = open("/dev/device-mapper", O_RDWR)) < 0) {
         ERROR("Error opening device mapper (%s)", strerror(errno));
commit	72f0d92c722447e0c87cfe765516a7352db3d51a	[log] [tgz]
author	Sami Tolvanen <samitolvanen@google.com>	Fri Nov 07 10:20:02 2014 -0800
committer	Iliyan Malchev <malchev@google.com>	Thu Nov 13 15:43:08 2014 -0800
tree	f2e584aa196a335f39bff21c01f99c29cefc0e16
parent	9573a13bbc015c555adff1e4e0fbef2a18963111 [diff]