Blame - patches/vendor/bliss/0001-Revert-verity_tool-Implement-status-getter.patch - treble_patches

blob: 9565555d46c87d89ef092ec941e443595d241dd5 [file] [log] [blame]

Jackeagle	a76b726	2019-05-03 14:53:47 +0200	[diff] [blame^]	1	From 3f9a9d9c86cb260124124afd8938c6715236098c Mon Sep 17 00:00:00 2001
Jackeagle	d3ba228	2018-11-17 20:49:22 -0700	[diff] [blame]	2	From: Jackeagle <jackeagle102@gmail.com>
Jackeagle	a3ae16b	2018-12-04 11:30:49 -0500	[diff] [blame]	3	Date: Mon, 3 Dec 2018 10:55:28 -0500
Jackeagle	a76b726	2019-05-03 14:53:47 +0200	[diff] [blame^]	4	Subject: [PATCH 01/17] Revert "verity_tool: Implement status getter"
Jackeagle	d3ba228	2018-11-17 20:49:22 -0700	[diff] [blame]	5
				6	This reverts commit 385296fd334a854915d41ef556ce7bb981f66bb3.
Jackeagle	d3ba228	2018-11-17 20:49:22 -0700	[diff] [blame]	7	---
				8	config/BoardConfigBliss.mk \| 8 ++--
				9	verity_tool/include/verity_tool.h \| 15 --------
				10	verity_tool/main.cpp \| 27 +------------
				11	verity_tool/verity_tool.cpp \| 63 -------------------------------
				12	4 files changed, 6 insertions(+), 107 deletions(-)
				13
				14	diff --git a/config/BoardConfigBliss.mk b/config/BoardConfigBliss.mk
Jackeagle	a76b726	2019-05-03 14:53:47 +0200	[diff] [blame^]	15	index 032e0613..7ccae1d4 100644
Jackeagle	d3ba228	2018-11-17 20:49:22 -0700	[diff] [blame]	16	--- a/config/BoardConfigBliss.mk
				17	+++ b/config/BoardConfigBliss.mk
				18	@@ -9,8 +9,8 @@ ifeq ($(TARGET_HW_DISK_ENCRYPTION),true)
				19	endif
				20
				21	include vendor/bliss/config/BoardConfigKernel.mk
				22	-include vendor/bliss/config/BoardConfigSoong.mk
				23	+include vendor/lineage/config/BoardConfigSoong.mk
				24
				25	-ifeq ($(BOARD_USES_QCOM_HARDWARE),true)
				26	-include vendor/bliss/config/BoardConfigQcom.mk
				27	-endif
				28	+ifeq ($(BOARD_USES_QCOM_HARDWARE),true)
				29	+include vendor/bliss/config/BoardConfigQcom.mk
				30	+endif
				31	diff --git a/verity_tool/include/verity_tool.h b/verity_tool/include/verity_tool.h
Jackeagle	a76b726	2019-05-03 14:53:47 +0200	[diff] [blame^]	32	index b81eda1a..25a6a7c2 100644
Jackeagle	d3ba228	2018-11-17 20:49:22 -0700	[diff] [blame]	33	--- a/verity_tool/include/verity_tool.h
				34	+++ b/verity_tool/include/verity_tool.h
				35	@@ -18,14 +18,6 @@
				36
				37	#include <string>
				38
				39	-typedef enum {
				40	- VERITY_STATE_UNKNOWN,
				41	- VERITY_STATE_NO_DEVICE,
				42	- VERITY_STATE_DISABLED,
				43	- VERITY_STATE_ENABLED,
				44	- VERITY_STATE_MAX = VERITY_STATE_ENABLED
				45	-} verity_state_t;
				46	-
				47	/*
				48	* Return codes:
				49	*
				50	@@ -35,13 +27,6 @@ typedef enum {
				51	bool set_block_device_verity_enabled(const std::string& block_device,
				52	bool enable);
				53
				54	-/*
				55	- * Return codes:
				56	- *
				57	- * verity state (unknown, disabled, enabled)
				58	- */
				59	-verity_state_t get_verity_state();
				60	-
				61	/*
				62	* Return codes:
				63	*
				64	diff --git a/verity_tool/main.cpp b/verity_tool/main.cpp
Jackeagle	a76b726	2019-05-03 14:53:47 +0200	[diff] [blame^]	65	index befdafac..f5f026aa 100644
Jackeagle	d3ba228	2018-11-17 20:49:22 -0700	[diff] [blame]	66	--- a/verity_tool/main.cpp
				67	+++ b/verity_tool/main.cpp
				68	@@ -24,23 +24,20 @@ static void print_usage() {
				69	printf("veritytool - toggle block device verification\n"
				70	" --help show this help\n"
				71	" --enable enable dm-verity\n"
				72	- " --disable disable dm-verity\n"
				73	- " --show show current dm-verity state\n");
				74	+ " --disable disable dm-verity\n");
				75	}
				76
				77	int main(int argc, char** argv) {
				78	int c, rc;
				79	int enable = 0;
				80	- int show = 0;
				81	bool flag_set = false;
				82	struct option long_opts[] = {
				83	{"disable", no_argument, &enable, 0},
				84	{"enable", no_argument, &enable, 1},
				85	- {"show", no_argument, &show, 1},
				86	{NULL, 0, NULL, 0},
				87	};
				88
				89	- while ((c = getopt_long(argc, argv, "des", long_opts, NULL)) != -1) {
				90	+ while ((c = getopt_long(argc, argv, "de", long_opts, NULL)) != -1) {
				91	switch (c) {
				92	case 0:
				93	flag_set = true;
				94	@@ -56,26 +53,6 @@ int main(int argc, char** argv) {
				95	exit(0);
				96	}
				97
				98	- if (show) {
				99	- printf("dm-verity state: ");
				100	- switch (get_verity_state()) {
				101	- case VERITY_STATE_NO_DEVICE:
				102	- printf("NO DEVICE");
				103	- break;
				104	- case VERITY_STATE_DISABLED:
				105	- printf("DISABLED");
				106	- break;
				107	- case VERITY_STATE_ENABLED:
				108	- printf("ENABLED");
				109	- break;
				110	- default:
				111	- printf("UNKNOWN");
				112	- break;
				113	- }
				114	- printf("\n");
				115	- return 0;
				116	- }
				117	-
				118	if (!set_verity_enabled(enable)) {
				119	printf("Error occurred in set_verity_enable\n");
				120	exit(EXIT_FAILURE);
				121	diff --git a/verity_tool/verity_tool.cpp b/verity_tool/verity_tool.cpp
Jackeagle	a76b726	2019-05-03 14:53:47 +0200	[diff] [blame^]	122	index 48e95b67..9575c4c1 100644
Jackeagle	d3ba228	2018-11-17 20:49:22 -0700	[diff] [blame]	123	--- a/verity_tool/verity_tool.cpp
				124	+++ b/verity_tool/verity_tool.cpp
				125	@@ -108,69 +108,6 @@ static std::string get_ab_suffix() {
				126	return ab_suffix;
				127	}
				128
				129	-verity_state_t get_verity_state() {
				130	- verity_state_t rc = VERITY_STATE_NO_DEVICE;
				131	- std::string ab_suffix = get_ab_suffix();
				132	-
				133	- // Figure out if we're using VB1.0 or VB2.0 (aka AVB) - by
				134	- // contract, androidboot.vbmeta.digest is set by the bootloader
				135	- // when using AVB).
				136	- bool using_avb = !android::base::GetProperty("ro.boot.vbmeta.digest", "").empty();
				137	-
				138	- if (using_avb) {
				139	- // Yep, the system is using AVB.
				140	- AvbOps* ops = avb_ops_user_new();
				141	- if (ops == nullptr) {
				142	- LOG(ERROR) << "Error getting AVB ops";
				143	- avb_ops_user_free(ops);
				144	- return VERITY_STATE_UNKNOWN;
				145	- }
				146	- bool verity_enabled;
				147	- if (!avb_user_verity_get(ops, ab_suffix.c_str(), &verity_enabled)) {
				148	- LOG(ERROR) << "Error getting verity state";
				149	- avb_ops_user_free(ops);
				150	- return VERITY_STATE_UNKNOWN;
				151	- }
				152	- rc = verity_enabled ? VERITY_STATE_ENABLED : VERITY_STATE_DISABLED;
				153	- avb_ops_user_free(ops);
				154	- } else {
				155	- // Not using AVB - assume VB1.0.
				156	-
				157	- // read all fstab entries at once from all sources
				158	- struct fstab* fstab = fs_mgr_read_fstab_default();
				159	- if (!fstab) {
				160	- LOG(ERROR) << "Failed to read fstab";
				161	- fs_mgr_free_fstab(fstab);
				162	- return VERITY_STATE_UNKNOWN;
				163	- }
				164	-
				165	- // Loop through entries looking for ones that vold manages.
				166	- for (int i = 0; i < fstab->num_entries; i++) {
				167	- if (fs_mgr_is_verified(&fstab->recs[i])) {
				168	- std::string block_device = fstab->recs[i].blk_device;
				169	- fec::io fh(block_device, O_RDONLY);
				170	- if (!fh) {
				171	- PLOG(ERROR) << "Could not open block device " << block_device;
				172	- rc = VERITY_STATE_UNKNOWN;
				173	- break;
				174	- }
				175	-
				176	- fec_verity_metadata metadata;
				177	- if (!fh.get_verity_metadata(metadata)) {
				178	- LOG(ERROR) << "Couldn't find verity metadata!";
				179	- rc = VERITY_STATE_UNKNOWN;
				180	- break;
				181	- }
				182	-
				183	- rc = metadata.disabled ? VERITY_STATE_DISABLED : VERITY_STATE_ENABLED;
				184	- }
				185	- }
				186	- fs_mgr_free_fstab(fstab);
				187	- }
				188	-
				189	- return rc;
				190	-}
				191	-
				192	/* Use AVB to turn verity on/off */
				193	static bool set_avb_verity_enabled_state(AvbOps* ops, bool enable_verity) {
				194	std::string ab_suffix = get_ab_suffix();
				195	--
Jackeagle	a76b726	2019-05-03 14:53:47 +0200	[diff] [blame^]	196	2.21.0
Jackeagle	d3ba228	2018-11-17 20:49:22 -0700	[diff] [blame]	197