summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTreehugger Robot2017-03-06 12:57:01 -0600
committerGerrit Code Review2017-03-06 12:57:02 -0600
commit17c84b2ccaebe55ba9387e1ad13d616d36acfaf8 (patch)
treee210900cddd4c8cc9a02a2bbe19737644a1fccf2
parent58381648b1b4f8dace17db5d6e195568d758bd3e (diff)
parent7ad3159db9be8fcb7246fbb750884f5a9edf368f (diff)
downloadplatform-system-core-17c84b2ccaebe55ba9387e1ad13d616d36acfaf8.tar.gz
platform-system-core-17c84b2ccaebe55ba9387e1ad13d616d36acfaf8.tar.xz
platform-system-core-17c84b2ccaebe55ba9387e1ad13d616d36acfaf8.zip
Merge "fs_mgr: allow disable dm-verity when the device is unlocked without metadata"
-rw-r--r--fs_mgr/fs_mgr_verity.cpp6
1 files changed, 6 insertions, 0 deletions
diff --git a/fs_mgr/fs_mgr_verity.cpp b/fs_mgr/fs_mgr_verity.cpp
index e8ed6a2aa..54a6f71c7 100644
--- a/fs_mgr/fs_mgr_verity.cpp
+++ b/fs_mgr/fs_mgr_verity.cpp
@@ -30,6 +30,7 @@
30#include <unistd.h> 30#include <unistd.h>
31 31
32#include <android-base/file.h> 32#include <android-base/file.h>
33#include <android-base/properties.h>
33#include <android-base/strings.h> 34#include <android-base/strings.h>
34#include <android-base/unique_fd.h> 35#include <android-base/unique_fd.h>
35#include <crypto_utils/android_pubkey.h> 36#include <crypto_utils/android_pubkey.h>
@@ -874,6 +875,11 @@ int fs_mgr_setup_verity(struct fstab_rec *fstab, bool wait_for_verity_dev)
874 // read verity metadata 875 // read verity metadata
875 if (fec_verity_get_metadata(f, &verity) < 0) { 876 if (fec_verity_get_metadata(f, &verity) < 0) {
876 PERROR << "Failed to get verity metadata '" << fstab->blk_device << "'"; 877 PERROR << "Failed to get verity metadata '" << fstab->blk_device << "'";
878 // Allow verity disabled when the device is unlocked without metadata
879 if ("0" == android::base::GetProperty("ro.boot.flash.locked", "")) {
880 retval = FS_MGR_SETUP_VERITY_DISABLED;
881 LWARNING << "Allow invalid metadata when the device is unlocked";
882 }
877 goto out; 883 goto out;
878 } 884 }
879 885