Merge "fs_mgr: allow disable dm-verity when the device is unlocked without metadata" am: 17c84b2cca am: 63b22a3eb1 Change-Id: I15110e1403bbd3b99f9f2ad72d1e092b83beeb0b

commit: 7f1847e66b0878385aed1ae7ad3f4ca30b91ece6 [log] [tgz]
author: Bowgo Tsai <bowgotsai@google.com> Mon Mar 06 19:09:47 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Mon Mar 06 19:09:47 2017 +0000
tree: 0a371ab19dc0054ff41f9a94d4913ac8e1fbc6aa
parent: bc659665e17d41e07baff088a3c3bc043d148d32 [diff]
parent: 6e5e64bd6e13301238191519c2cc788fbb256d4a [diff]
diff --git a/fs_mgr/fs_mgr_verity.cpp b/fs_mgr/fs_mgr_verity.cpp
index e8ed6a2..54a6f71 100644
--- a/fs_mgr/fs_mgr_verity.cpp
+++ b/fs_mgr/fs_mgr_verity.cpp

@@ -30,6 +30,7 @@
 #include <unistd.h>
 
 #include <android-base/file.h>
+#include <android-base/properties.h>
 #include <android-base/strings.h>
 #include <android-base/unique_fd.h>
 #include <crypto_utils/android_pubkey.h>
@@ -874,6 +875,11 @@
     // read verity metadata
     if (fec_verity_get_metadata(f, &verity) < 0) {
         PERROR << "Failed to get verity metadata '" << fstab->blk_device << "'";
+        // Allow verity disabled when the device is unlocked without metadata
+        if ("0" == android::base::GetProperty("ro.boot.flash.locked", "")) {
+            retval = FS_MGR_SETUP_VERITY_DISABLED;
+            LWARNING << "Allow invalid metadata when the device is unlocked";
+        }
         goto out;
     }
commit	7f1847e66b0878385aed1ae7ad3f4ca30b91ece6	[log] [tgz]
author	Bowgo Tsai <bowgotsai@google.com>	Mon Mar 06 19:09:47 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Mon Mar 06 19:09:47 2017 +0000
tree	0a371ab19dc0054ff41f9a94d4913ac8e1fbc6aa
parent	bc659665e17d41e07baff088a3c3bc043d148d32 [diff]
parent	6e5e64bd6e13301238191519c2cc788fbb256d4a [diff]