Merge "fs_mgr: add verify_dev flag to fs_mgr_setup_verity()" am: abc26ed753 am: 7da0c3db16 am: 70bcce4deb
am: 82f542f5a1
Change-Id: I427f830f6021a0abde66e9db200a9ce6ba8ddcea
diff --git a/fs_mgr/fs_mgr.c b/fs_mgr/fs_mgr.c
index 88b5c98..99778a4 100644
--- a/fs_mgr/fs_mgr.c
+++ b/fs_mgr/fs_mgr.c
@@ -701,7 +701,7 @@
}
if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) {
- int rc = fs_mgr_setup_verity(&fstab->recs[i]);
+ int rc = fs_mgr_setup_verity(&fstab->recs[i], true);
if (__android_log_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) {
INFO("Verity disabled");
} else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) {
@@ -870,7 +870,7 @@
}
if ((fstab->recs[i].fs_mgr_flags & MF_VERIFY) && device_is_secure()) {
- int rc = fs_mgr_setup_verity(&fstab->recs[i]);
+ int rc = fs_mgr_setup_verity(&fstab->recs[i], true);
if (__android_log_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) {
INFO("Verity disabled");
} else if (rc != FS_MGR_SETUP_VERITY_SUCCESS) {
@@ -1086,7 +1086,7 @@
int fs_mgr_early_setup_verity(struct fstab_rec *fstab_rec)
{
if ((fstab_rec->fs_mgr_flags & MF_VERIFY) && device_is_secure()) {
- int rc = fs_mgr_setup_verity(fstab_rec);
+ int rc = fs_mgr_setup_verity(fstab_rec, false);
if (__android_log_is_debuggable() && rc == FS_MGR_SETUP_VERITY_DISABLED) {
INFO("Verity disabled");
return FS_MGR_EARLY_SETUP_VERITY_NO_VERITY;
diff --git a/fs_mgr/fs_mgr_priv_verity.h b/fs_mgr/fs_mgr_priv_verity.h
index d9e17bb..1a6d215 100644
--- a/fs_mgr/fs_mgr_priv_verity.h
+++ b/fs_mgr/fs_mgr_priv_verity.h
@@ -22,6 +22,6 @@
__BEGIN_DECLS
-int fs_mgr_setup_verity(struct fstab_rec *fstab);
+int fs_mgr_setup_verity(struct fstab_rec *fstab, bool verify_dev);
__END_DECLS
diff --git a/fs_mgr/fs_mgr_verity.cpp b/fs_mgr/fs_mgr_verity.cpp
index 8c47b3c..d43c756 100644
--- a/fs_mgr/fs_mgr_verity.cpp
+++ b/fs_mgr/fs_mgr_verity.cpp
@@ -933,7 +933,7 @@
*table = strdup(result.c_str());
}
-int fs_mgr_setup_verity(struct fstab_rec *fstab)
+int fs_mgr_setup_verity(struct fstab_rec *fstab, bool verify_dev)
{
int retval = FS_MGR_SETUP_VERITY_FAIL;
int fd = -1;
@@ -1101,7 +1101,7 @@
}
// make sure we've set everything up properly
- if (test_access(fstab->blk_device) < 0) {
+ if (verify_dev && test_access(fstab->blk_device) < 0) {
goto out;
}