3fd58ae7e57344ff4c1671c1f12dbc7094171538 |
|
03-Jun-2015 |
Sami Tolvanen <samitolvanen@google.com> |
fs_mgr: Use ro.boot.veritymode If verity state is managed by bootloader, it will pass the verity mode to the kernel in the androidboot.veritymode command line parameter. Init copies the value to the ro.boot.veritymode property. Check for ro.boot.veritymode in fs_mgr and use the value to set dm-verity mode. If this property is not set, store verity state in metadata as before, if a storage location is specified in fstab. Bug: 21605676 Change-Id: Ife3c978c133248432c302583d3b70e179605fe42 (cherry picked from commit ac5c1224cfc959b96f7a34068a807db9aaab9358)
/system/core/fs_mgr/fs_mgr_verity.c
|
9fc834377297cb2dcc418e4ce7e38e89dd09812b |
|
16-May-2015 |
Elliott Hughes <enh@google.com> |
Don't use TEMP_FAILURE_RETRY on close in system/core. Bug: http://b/20501816 Change-Id: I1839b48ee4f891b8431ecb809e37a4566a5b3e50 (cherry picked from commit 47b0134ec2b5e8c8b5b5671cd4a3e41261275532)
/system/core/fs_mgr/fs_mgr_verity.c
|
030ef35966ab30bc36f1a047df4fd45e466427ef |
|
09-Apr-2015 |
Mohamad Ayyash <mkayyash@google.com> |
Revert "Revert "fs_mgr_verity: Add support for squashfs"" This reverts commit 7b97c7a3fa0f1bdae5b45a70f625ff48f9dab0c1. Change-Id: Id47e70479fe9247b7936f2e54d4dbfbb4f63f635
/system/core/fs_mgr/fs_mgr_verity.c
|
e322ae1996fd52e1c4d8fdbe29f4631d4bd936a3 |
|
08-Apr-2015 |
Mohamad Ayyash <mkayyash@google.com> |
Merge "Revert "fs_mgr_verity: Add support for squashfs""
|
7b97c7a3fa0f1bdae5b45a70f625ff48f9dab0c1 |
|
08-Apr-2015 |
Mohamad Ayyash <mkayyash@google.com> |
Revert "fs_mgr_verity: Add support for squashfs" This reverts commit 807f47004f03653997edbe3c83d46350cb056cd4. Change-Id: I2d7972c0828c842b44747dd08fbe44668f2a55db
/system/core/fs_mgr/fs_mgr_verity.c
|
70f81ceeeb1c88a164b0e02e05110043ceef8885 |
|
08-Apr-2015 |
Mohamad Ayyash <mkayyash@google.com> |
Merge "fs_mgr_verity: Add support for squashfs"
|
807f47004f03653997edbe3c83d46350cb056cd4 |
|
07-Apr-2015 |
Mohamad Ayyash <mkayyash@google.com> |
fs_mgr_verity: Add support for squashfs - Cleanup the code to get filesystem size in a block device - Add support to reading size of squashfs in a block device Change-Id: I3848a705ed4dc2fc9afad20331f0fdecfee545c5 Signed-off-by: Mohamad Ayyash <mkayyash@google.com>
/system/core/fs_mgr/fs_mgr_verity.c
|
6122edbac4d8740a221ced304c25d5a7a048d9f5 |
|
31-Mar-2015 |
Sami Tolvanen <samitolvanen@google.com> |
Restore verity state when verified partition is reflashed Store verity state separately for each verified partition, and store a hash of the last verity table signature for each partition. If the signature changes, assume the partition has been reflashed and reset verity state. Bug: 20006638 Change-Id: I1c85fb816bfec1a54b1033c938bf1fdaf572f849
/system/core/fs_mgr/fs_mgr_verity.c
|
454742392f72079dbdb0d23ea24e01b5703c1aa5 |
|
30-Mar-2015 |
Sami Tolvanen <samitolvanen@google.com> |
Set verity mode as the verified property value Set the verity mode as the value for partition.%s.verified to make it easier for userspace to determine in which mode dm-verity was started. Change-Id: Icc635515f8a8ede941277aed196867351d8387cb
/system/core/fs_mgr/fs_mgr_verity.c
|
4d3ead9d7c08d2bb0f3af2166b72f57e6e1755e0 |
|
26-Mar-2015 |
Sami Tolvanen <samitolvanen@google.com> |
Fix build Fix build breakage in aosp_fugu-userdebug_clang (linux) caused by Id8711f7d51dc1e4e9a4d84f9951240f64528e69d Change-Id: Icd04aeaf131be045cf5788846ae9832e6cbbb944
/system/core/fs_mgr/fs_mgr_verity.c
|
946a0f3e1925c8cc9be08e3e34758d577cbe7f31 |
|
22-Mar-2015 |
Sami Tolvanen <samitolvanen@google.com> |
Use structured format for verity metadata Specify the location of verity metadata in fstab, and use a type-length-value format for the metadata that allows other data to be stored in the same location in an extensible way. Change-Id: Id8711f7d51dc1e4e9a4d84f9951240f64528e69d
/system/core/fs_mgr/fs_mgr_verity.c
|
acbf9bef43bc650ed84ba891183ebdf689dafb64 |
|
19-Mar-2015 |
Sami Tolvanen <samitolvanen@google.com> |
Add init command to set verified properties Add a command that updates dm-verity state and sets partition.%.verified properties used by adb remount. This is needed in init since fs_mgr cannot set properties: I6a28cccb1ccce960841af20a4b20c32d424b5524 Change-Id: I0fdf5bc29c56690dcadff9d0eb216d3c68483538
/system/core/fs_mgr/fs_mgr_verity.c
|
9fabbbfb03a877e13936b8829e4641cf1b9aebb7 |
|
11-Mar-2015 |
Sami Tolvanen <samitolvanen@google.com> |
Merge "Do not call libcutils property_set in init through libfs_mgr"
|
86cddf40741024961839dbbcfa005e908314e681 |
|
05-Mar-2015 |
Sami Tolvanen <samitolvanen@google.com> |
Do not call libcutils property_set in init through libfs_mgr Both init and libcutils define a property_set function. The init version sets the property directly while libcutils simply calls __system_property_set, which sends a message to init to set the property. Since libfs_mgr is statically linked to libcutils, any calls to property_set end up sending a message to init and waiting for a response. When libfs_mgr is further statically linked to init, this leads to init sending a message to itself when property_set is called in fs_mgr. Because send_prop_msg in bionic only waits for a response for 250ms, this does not cause a deadlock. However, using libcutils to set a property in the init process is hardly a good idea. This change removes the property_set call from fs_mgr_verity.c. If this property is required later, it should be set elsewhere. Change-Id: I6a28cccb1ccce960841af20a4b20c32d424b5524
/system/core/fs_mgr/fs_mgr_verity.c
|
8c2c089ae2b9e07131e4125da9c44387954d04f5 |
|
04-Mar-2015 |
Andreas Gampe <agampe@google.com> |
am 291ce5b8: Merge "Fs_mgr: Fix format code" * commit '291ce5b82d8a504be69132f1827e20041833c488': Fs_mgr: Fix format code
|
6904e0c263a02f08c9c6f555dceafa2cce467954 |
|
04-Mar-2015 |
Sami Tolvanen <samitolvanen@google.com> |
am a88fb24a: Merge "Add fs_mgr support for dm-verity modes" * commit 'a88fb24ab43eec9710a0d4d15aedb6d4bc51a2ec': Add fs_mgr support for dm-verity modes
|
eb69e857685a086538020b59396ee3fea4ba6c93 |
|
04-Mar-2015 |
Andreas Gampe <agampe@google.com> |
Fs_mgr: Fix format code Suggested printing for off_t is to cast to intmax_t and print that. Follow-up to https://android-review.googlesource.com/133111. Change-Id: Icff6844044c3d0fa6372c3f399453a526fd89954
/system/core/fs_mgr/fs_mgr_verity.c
|
a88fb24ab43eec9710a0d4d15aedb6d4bc51a2ec |
|
04-Mar-2015 |
Sami Tolvanen <samitolvanen@google.com> |
Merge "Add fs_mgr support for dm-verity modes"
|
51bf11ad95aa871e4131edf4d9d72cc7c7034cdc |
|
16-Feb-2015 |
Sami Tolvanen <samitolvanen@google.com> |
Add fs_mgr support for dm-verity modes Add support for dm-verity modes and storing persistent state in a location specified by the following properties: ro.verity.state.location ro.verity.state.offset If these properties do not exist, dm-verity is always loaded in EIO mode. If the properties do exist, but the location does not have valid state data, dm-verity is loaded in RESTART mode. The mode is updated to LOGGING if a dm-verity triggered restart has occurred. Change-Id: Ibb82953594d234f81ad21c40f524190b88e4ac8f
/system/core/fs_mgr/fs_mgr_verity.c
|
622d44d86481295660534cd06a8b5914466acf29 |
|
28-Feb-2015 |
Sami Tolvanen <samitolvanen@google.com> |
am fbb3f8ca: Merge "Set underlying block device RO when enabling verity" * commit 'fbb3f8ca499b04c82437155f87c8666cad607c6b': Set underlying block device RO when enabling verity
|
214f33b8c095feedfdbaa680ff6ffb763f47d375 |
|
18-Dec-2014 |
Sami Tolvanen <samitolvanen@google.com> |
Set underlying block device RO when enabling verity Currently, when verity is set up on a block device, the underlying device is still accessible directly. Change the existing function fs_set_blk_ro visible to other fs_mgr modules, change the behavior to match the comment above the function definition, and call it to disable write access to the block device when setting up verity. Bug: 18609347 Change-Id: I7884175df15f9161174788d74d20a08e4cd472ca
/system/core/fs_mgr/fs_mgr_verity.c
|
0cc8da09473affeb8a396b92813e5f8ce5500292 |
|
19-Feb-2015 |
Bill Yi <byi@google.com> |
Merge commit '9c1bc6bbc82e3e4f005e9fcacfca94b2dd82ca31' into HEAD
|
e2d63af002a3b494f6bd464f2652b6e1997e7a52 |
|
18-Feb-2015 |
Yabin Cui <yabinc@google.com> |
Move sprintf to snprintf. Bug: 19340053 Change-Id: Id0d866e6195ed4752b4be6081eeb2aab8b1dbe9a
/system/core/fs_mgr/fs_mgr_verity.c
|
9ccf0cbaf1059ac07058f290d1dd83d3b50a9f24 |
|
10-Dec-2014 |
Elliott Hughes <enh@google.com> |
am a97c1075: Merge "Fix Nick\'s nits" * commit 'a97c10755442e3800c0b1011d986d554ce2096db': Fix Nick's nits
|
603c7d0d95e6d406004da58287c60568fab4d1be |
|
10-Dec-2014 |
Elliott Hughes <enh@google.com> |
am 294e610f: Merge "Fix verity on system partitions larger than 2G" * commit '294e610f886eeb839d16172bb5b98559a6a7434d': Fix verity on system partitions larger than 2G
|
88a12fb381875639e5c381b333bcfeaf83b1efbf |
|
09-Oct-2014 |
Paul Lawrence <paullawrence@google.com> |
Fix Nick's nits (cherry-pick of 97e487311b1cb780dfd3b0994917c72047d6188f.) Change-Id: Ide7925e7ad328f0343d444d63ff72f1a26206d4c
/system/core/fs_mgr/fs_mgr_verity.c
|
02c698d93f627e92795234eb8a78fad585a2f191 |
|
25-Oct-2014 |
Sami Tolvanen <samitolvanen@google.com> |
Fix verity on system partitions larger than 2G If the system partition is larger than 2G, the device fails to read verity metadata, because fseek accepts only a 32-bit signed offset. Switch from fseek to lseek64 to allow seeking using a 64-bit offset, which solves the problem. At the same time, move away from stdio in the function. (cherry-pick of 4cafe2ff89b49329e0e880900195d8e061bd3750.) Bug: 17705619 Change-Id: I226320498dcb750ec6cde84411c7fe0774c9cab7
/system/core/fs_mgr/fs_mgr_verity.c
|
32e9163b2ab439d3313adf8c03441e4ddfe0bb36 |
|
10-Dec-2014 |
Elliott Hughes <enh@google.com> |
resolved conflicts for merge of b471f524 to lmp-mr1-dev-plus-aosp Change-Id: I6efd0d4a0ece0b065d02796916355ad5ae8b4eea
|
ec900bba20630934dc51a1b3a57d6d7a30fed325 |
|
09-Oct-2014 |
Paul Lawrence <paullawrence@google.com> |
Revert "Revert "Enable verity on userdebug, and add disable-verity to adb"" This reverts commit 152d2d4234ba89e0c20c4af13e291b6049a7bc33. Fixed build error, and also fixed memory leak spotted from warning. (cherry-pick of bbb36319119edde9377fb80015235893c30d2bc9.) Bug: 17691572 Change-Id: I23b5ba537f7b557432041d4338b38b9be434e981
/system/core/fs_mgr/fs_mgr_verity.c
|
99184bab35c0b88dfc70c8be1d88cfb100dbf4cd |
|
14-Nov-2014 |
Sami Tolvanen <samitolvanen@google.com> |
am 72f0d92c: DO NOT MERGE: Do not mount devices with invalid verity metadata * commit '72f0d92c722447e0c87cfe765516a7352db3d51a': DO NOT MERGE: Do not mount devices with invalid verity metadata
|
2dfadac1569126d72b2da42233afc908b7ec10a7 |
|
14-Nov-2014 |
Sami Tolvanen <samitolvanen@google.com> |
am 9573a13b: DO NOT MERGE: Switch fs_mgr to use SHA-256 instead of SHA-1 * commit '9573a13bbc015c555adff1e4e0fbef2a18963111': DO NOT MERGE: Switch fs_mgr to use SHA-256 instead of SHA-1
|
72f0d92c722447e0c87cfe765516a7352db3d51a |
|
07-Nov-2014 |
Sami Tolvanen <samitolvanen@google.com> |
DO NOT MERGE: Do not mount devices with invalid verity metadata The return value of read_verity_metadata is propagated to caller even if the verity metadata is invalid, provided that it can be read from the device. This results in devices with invalid verity metadata signatures to be mounted normally, which is not desirable. This change fixes the bug by changing the return value in case of verification failure to FS_MGR_SETUP_VERITY_FAIL. Bug: 15984840 Bug: 18120110 Change-Id: Ic29f37a23cb417c2538d60fb05de9dd310d50f4a (cherry picked from commit c95e9da39660f278ace4b14d688dc6818d1a38bf)
/system/core/fs_mgr/fs_mgr_verity.c
|
9573a13bbc015c555adff1e4e0fbef2a18963111 |
|
07-Nov-2014 |
Sami Tolvanen <samitolvanen@google.com> |
DO NOT MERGE: Switch fs_mgr to use SHA-256 instead of SHA-1 Verity metadata signatures will be switched to SHA-256. Switch fs_mgr signature verification to use the correct algorithm. Needs matching changes from https://googleplex-android-review.git.corp.google.com/#/c/579905/ https://googleplex-android-review.git.corp.google.com/#/c/583213/ https://googleplex-android-review.git.corp.google.com/#/c/583214/ https://googleplex-android-review.git.corp.google.com/#/c/583233/ Bug: 15984840 Bug: 18120110 Bug: 17917515 Change-Id: I8f90519bffa105a0eb7abeaad3aea1ffceb851e2 (cherry picked from commit a3465e250cfc3c00931735711e11ad61cf84d8b2)
/system/core/fs_mgr/fs_mgr_verity.c
|
7a59c852c23695e2629ec52a70816a0f976868c2 |
|
31-Oct-2014 |
Sami Tolvanen <samitolvanen@google.com> |
am 4cafe2ff: Fix verity on system partitions larger than 2G * commit '4cafe2ff89b49329e0e880900195d8e061bd3750': Fix verity on system partitions larger than 2G
|
4cafe2ff89b49329e0e880900195d8e061bd3750 |
|
25-Oct-2014 |
Sami Tolvanen <samitolvanen@google.com> |
Fix verity on system partitions larger than 2G If the system partition is larger than 2G, the device fails to read verity metadata, because fseek accepts only a 32-bit signed offset. Switch from fseek to lseek64 to allow seeking using a 64-bit offset, which solves the problem. At the same time, move away from stdio in the function. Bug: 17705619 Change-Id: I226320498dcb750ec6cde84411c7fe0774c9cab7
/system/core/fs_mgr/fs_mgr_verity.c
|
a1ab5a8ecf4fe806732e9ecec0c471a7a7329ea9 |
|
10-Oct-2014 |
Paul Lawrence <paullawrence@google.com> |
am 97e48731: Fix Nick\'s nits * commit '97e487311b1cb780dfd3b0994917c72047d6188f': Fix Nick's nits
|
6e9857da67d46d658e28f73500f08182a9b15b7e |
|
10-Oct-2014 |
Paul Lawrence <paullawrence@google.com> |
resolved conflicts for merge of bbb36319 to lmp-mr1-dev-plus-aosp Change-Id: I6b62347c3acfda7c2c954e719547021009d20c01
|
c638c6647d0a8e30b2e176e36b1c08ef57766f06 |
|
10-Oct-2014 |
Paul Lawrence <paullawrence@google.com> |
resolved conflicts for merge of a49bfc0d to lmp-mr1-dev-plus-aosp Change-Id: I9ff777a6309aab2b5b18323dd4ee7617cb1c3180
|
cc496dbcd709230c35016e3d84ad06d1e44de9b8 |
|
09-Oct-2014 |
Paul Lawrence <paullawrence@google.com> |
resolved conflicts for merge of ae413a71 to lmp-mr1-dev-plus-aosp Change-Id: Icdc9306b460c116441aad21bfcf3ab549224a141
|
97e487311b1cb780dfd3b0994917c72047d6188f |
|
09-Oct-2014 |
Paul Lawrence <paullawrence@google.com> |
Fix Nick's nits Change-Id: Ide7925e7ad328f0343d444d63ff72f1a26206d4c
/system/core/fs_mgr/fs_mgr_verity.c
|
bbb36319119edde9377fb80015235893c30d2bc9 |
|
09-Oct-2014 |
Paul Lawrence <paullawrence@google.com> |
Revert "Revert "Enable verity on userdebug, and add disable-verity to adb"" This reverts commit 152d2d4234ba89e0c20c4af13e291b6049a7bc33. Fixed build error, and also fixed memory leak spotted from warning. Bug: 17691572 Change-Id: I23b5ba537f7b557432041d4338b38b9be434e981
/system/core/fs_mgr/fs_mgr_verity.c
|
3e64bf45e65641c0dd946de6eefa552718f14c1c |
|
09-Oct-2014 |
Mark Salyzyn <salyzyn@google.com> |
am af191cd1: am 6b66025f: Merge "fs_mgr: fix build breakage" * commit 'af191cd157f076ee5d99890711e2881a60d7770a': fs_mgr: fix build breakage
|
ee80cf87553be3f21223b12d2118a252e75acf02 |
|
09-Oct-2014 |
Mark Salyzyn <salyzyn@google.com> |
am af191cd1: am 6b66025f: Merge "fs_mgr: fix build breakage" * commit 'af191cd157f076ee5d99890711e2881a60d7770a': fs_mgr: fix build breakage
|
152d2d4234ba89e0c20c4af13e291b6049a7bc33 |
|
09-Oct-2014 |
Nick Kralevich <nnk@google.com> |
Revert "Enable verity on userdebug, and add disable-verity to adb" Build is broken. system/core/fs_mgr/fs_mgr_verity.c: In function 'fs_mgr_setup_verity': system/core/fs_mgr/fs_mgr_verity.c:103:20: error: 'verity_table_signature' may be used uninitialized in this function [-Werror=maybe-uninitialized] if (!RSA_verify(key, ^ system/core/fs_mgr/fs_mgr_verity.c:374:11: note: 'verity_table_signature' was declared here char *verity_table_signature; ^ cc1: all warnings being treated as errors make: *** [out/target/product/minnow/obj/STATIC_LIBRARIES/libfs_mgr_intermediates/fs_mgr_verity.o] Error 1 make: *** Waiting for unfinished jobs.... This reverts commit d4cea0bc16d1ad96cc6d6177232d7b339785460c. Change-Id: I6862cc79ef9d944a2472b6fb2e46dae514cea8ce
/system/core/fs_mgr/fs_mgr_verity.c
|
89fa114e2a52f652bb12eca03941b269591290d3 |
|
09-Oct-2014 |
Mark Salyzyn <salyzyn@google.com> |
fs_mgr: fix build breakage Some compilers are not as smart as other compilers Change-Id: I9d93c73bdbd2dca37373d8a42a2ed510d0559274
/system/core/fs_mgr/fs_mgr_verity.c
|
d4cea0bc16d1ad96cc6d6177232d7b339785460c |
|
07-Oct-2014 |
Paul Lawrence <paullawrence@google.com> |
Enable verity on userdebug, and add disable-verity to adb Bug: 17691572 Change-Id: I58f588f318e7952d06a41325337d946d7c007e31
/system/core/fs_mgr/fs_mgr_verity.c
|
aed0769eefd99588c4d6bfb0c024244ce591fbf0 |
|
10-Sep-2014 |
Chih-Hung Hsieh <chh@google.com> |
am 04929638: am da3510b2: Merge "Avoid partial initialization warning." * commit '049296382d3604868378c957e999ae63cf3a1f5f': Avoid partial initialization warning.
|
e32b8952a630f6a125f2a151f3084b59b9074bb8 |
|
06-Sep-2014 |
Chih-Hung Hsieh <chh@google.com> |
Avoid partial initialization warning. Clang compiler is picky about partial initialization and here we only need to initialize the 'len' field. BUG: 17410010 Change-Id: I718582cef96d5f4076b5ff1c7b8162327e7809b6
/system/core/fs_mgr/fs_mgr_verity.c
|
87f1dd5da173dcd297fa8455e0a7845572931046 |
|
08-May-2014 |
Mark Salyzyn <salyzyn@google.com> |
am af0df46d: am e6246ca6: am 01ef52e1: Merge "fs_mgr: turn on -Werror" * commit 'af0df46d74368bb98edaadb3c09ddbc7252d3110': fs_mgr: turn on -Werror
|
86e3f22b6ae048ba8c9284b4900258c3ccd17cdf |
|
01-May-2014 |
Mark Salyzyn <salyzyn@google.com> |
fs_mgr: turn on -Werror - deal with some -Wunused-variable issues Change-Id: Ie0140d4777ddf862e4bbed76142a1dbb8320c1b0
/system/core/fs_mgr/fs_mgr_verity.c
|
05699b3e3e05b976a3de50a634b18a6f5109cf95 |
|
17-Mar-2014 |
Geremy Condra <gcondra@google.com> |
fs_mgr: Set the 'partition.*.verified' property for verified partitions. This modifies fs_mgr to set the partition.*.verified properties. Each of these should be used as a weak indicator that a given partition is verified. For instance, if the 'partition.system.verified' property is set to '1', this could indicate that the system partition is verified and therefore should not be modified by, e.g., adb sync. Note that these properties can be mutated by the system, and so should not be used as the basis for security decisions. Change-Id: I27215a3d3628a1b1e184df9eaad90541b9d8b841
/system/core/fs_mgr/fs_mgr_verity.c
|
a8be6279350211d610d2cf30173bd4bcb6405dfb |
|
23-Jan-2014 |
Colin Cross <ccross@android.com> |
fs_mgr: update ext4_parse_sb to match change in ext4_utils ext4_parse_sb now takes the struct fs_info to fill out to avoid using the global info from external callers. Change-Id: I0984ba01c0dbdd5b68b825817faf0c5cf5aa5510
/system/core/fs_mgr/fs_mgr_verity.c
|
ccecf1425412beb2bc3bb38d470293fdc244d6f1 |
|
16-Jan-2014 |
Elliott Hughes <enh@google.com> |
system/core 64-bit cleanup. This cleans up most of the size-related problems in system/core. There are still a few changes needed for a clean 64-bit build, but they look like they might require changes to things like the fastboot protocol. Change-Id: I1560425a289fa158e13e2e3173cc3e71976f92c0
/system/core/fs_mgr/fs_mgr_verity.c
|
3ad3d1c4b5856d4e314febc5671c74e78a76db00 |
|
23-Feb-2013 |
Geremy Condra <gcondra@google.com> |
Add basic verity support to fs_mgr. This change adds a "verify" fs_mgr flag specifying that the device in question should be verified. Devices marked with this flag are expected to have a footer immediately after their data containing all the information needed to set up a verity instance. Change-Id: I10101f2c3240228ee0932e3767fe35e673d2e720
/system/core/fs_mgr/fs_mgr_verity.c
|