Support AVB chain partitions for HASH descriptors
Commit Ida1a6da988c10d364b3ccdaa6c5d63e5264d1b27 allows specifying
AVB-related partitions to be probed in first-state mount, e.g.,
"avb=vbmeta_system" in the fs_mgr_flags will make init wait uevents
for vbmeta_system partition, which is required for AVB verification.
However, when specifying "avb=dtbo" to chain a /dtbo partition, first-stage
init will emit the following error as it assumes all partitions are
verified by Hashtree descriptors.
init: [libfs_avb]Hashtree descriptor not found: dtbo
This change fixes this by skipping raw partitions for first-stage mounting,
where raw partitions should already be verified by bootloader with Hash
descriptors. Although first-stage init does not perform Hash verification,
it still reads all Hash/Hashtree descriptors to calculate then compare
the "VBMeta Digest" passed from bootloader.
https://android.googlesource.com/platform/external/avb/#The-VBMeta-Digest
The following is an example of a fstab entry to chain /dtbo partition:
/dev/block/bootdevice/by-name/dtbo /dtbo emmc defaults slotselect,avb=dtbo,first_stage_mount
Bug: 146935233
Test: enable /dtbo as a chain partition, then boot the device
Change-Id: I590f1d9b78ef89b5aef21cb7bf19fdb90b27f808
diff --git a/init/first_stage_mount.cpp b/init/first_stage_mount.cpp
index 9121bac..57d7dd7 100644
--- a/init/first_stage_mount.cpp
+++ b/init/first_stage_mount.cpp
@@ -556,6 +556,14 @@
continue;
}
+ // Skip raw partition entries such as boot, dtbo, etc.
+ // Having emmc fstab entries allows us to probe current->vbmeta_partition
+ // in InitDevices() when they are AVB chained partitions.
+ if (current->fs_type == "emmc") {
+ ++current;
+ continue;
+ }
+
Fstab::iterator end;
if (!MountPartition(current, false /* erase_same_mounts */, &end)) {
if (current->fs_mgr_flags.no_fail) {