review.tizen.org Git - platform/kernel/linux-amlogic.git/commit

ANDROID: AVB2: Enable avb2 driver [3/6]

PD#164745
PD#168166

ANDROID: AVB error handler to invalidate vbmeta partition.

If androidboot.vbmeta.device is set and points to a device with vbmeta
magic, this header will be overwritten upon an irrecoverable dm-verity
error. The side-effect of this is that the slot will fail to verify on
next reboot, effectively triggering the boot loader to fallback to
another slot. This work both if the vbmeta struct is at the start of a
partition or if there's an AVB footer at the end.

This code is based on drivers/md/dm-verity-chromeos.c from ChromiumOS.

Example:

[    0.000000] Kernel command line: rootfstype=ext4 init=/init console=ttyS0,115200 androidboot.console=ttyS0 androidboot.hardware=uefi_x86_64 enforcing=0 androidboot.selinux=permissive androidboot.debuggable=1 buildvariant=eng dm="1 vroot none ro 1,0 2080496 verity 1 PARTUUID=6779df46-78f6-4c69-bf53-59bb1fbf126b PARTUUID=6779df46-78f6-4c69-bf53-59bb1fbf126b 4096 4096 260062 260062 sha1 4f76354c86e430e27426d584a726f2fbffecae32 7e4085342d634065269631ac9a199e1a43f4632c 1 ignore_zero_blocks" root=0xfd00 androidboot.vbmeta.device=PARTUUID=b865935d-38fb-4c4e-b8b4-70dc67321552 androidboot.slot_suffix=_a androidboot.vbmeta.device_state=unlocked androidboot.vbmeta.hash_alg=sha256 androidboot.vbmeta.size=3200 androidboot.vbmeta.digest=14fe41c2b3696c31b7ad5eae7877d7d188995e1ab122c604aaaf4785850b91f7 skip_initramfs
[...]
[    0.612802] device-mapper: verity-avb: AVB error handler initialized with vbmeta device: PARTUUID=b865935d-38fb-4c4e-b8b4-70dc67321552
[...]
[    1.213804] device-mapper: init: attempting early device configuration.
[    1.214752] device-mapper: init: adding target '0 2080496 verity 1 PARTUUID=6779df46-78f6-4c69-bf53-59bb1fbf126b PARTUUID=6779df46-78f6-4c69-bf53-59bb1fbf126b 4096 4096 260062 260062 sha1 4f76354c86e430e27426d584a726f2fbffecae32 7e4085342d634065269631ac9a199e1a43f4632c 1 ignore_zero_blocks'
[    1.217643] device-mapper: init: dm-0 is ready
[    1.226694] device-mapper: verity: 8:6: data block 0 is corrupted
[    1.227666] device-mapper: verity-avb: AVB error handler called for PARTUUID=b865935d-38fb-4c4e-b8b4-70dc67321552
[    1.234308] device-mapper: verity-avb: invalidate_vbmeta: found vbmeta partition
[    1.235848] device-mapper: verity-avb: invalidate_vbmeta: completed.
[...]

Bug: 31622239
Test: Manually tested (other arch).
Change-Id: Idf6be32d6a3d28e15de9302aa26ad6a516d663aa
Signed-off-by: David Zeuthen <zeuthen@google.com>
Change-Id: I4b9229dbba3198ca55a00812e42762f424b59ec4
Signed-off-by: Mingyen Hung <mingyen.hung@amlogic.com>
Signed-off-by: Xindong Xu <xindong.xu@amlogic.com>
Signed-off-by: Matthew Shyu <matthew.shyu@amlogic.com>

author	David Zeuthen <zeuthen@google.com>
	Tue, 24 Jan 2017 18:17:01 +0000 (13:17 -0500)
committer	Matthew Shyu <matthew.shyu@amlogic.com>
	Mon, 9 Jul 2018 03:31:20 +0000 (11:31 +0800)
commit	4efc1b8a17a3ff375a61fc81b987c79d25c9b657
tree	374216ebb9fc791a247632640315116fbe5005d5	tree \| snapshot
parent	1241edd3bc47c6b30790c0d05c71b000f4a5bb3d	commit \| diff

MAINTAINERS		diff \| blob \| history
arch/arm64/boot/dts/amlogic/firmware_avb.dtsi	[new file with mode: 0644]	blob
arch/arm64/boot/dts/amlogic/firmware_normal.dtsi	[new file with mode: 0644]	blob
arch/arm64/boot/dts/amlogic/partition_mbox_ab.dtsi		diff \| blob \| history
arch/arm64/boot/dts/amlogic/partition_mbox_ab_avb.dtsi	[new file with mode: 0644]	blob
arch/arm64/boot/dts/amlogic/partition_mbox_normal_P_32.dtsi	[new file with mode: 0644]	blob
arch/arm64/boot/dts/amlogic/partition_mbox_normal_P_64.dtsi	[new file with mode: 0644]	blob
arch/arm64/boot/dts/amlogic/partition_mbox_p241_P.dtsi	[new file with mode: 0644]	blob
arch/arm64/configs/meson64_defconfig		diff \| blob \| history
drivers/md/Kconfig		diff \| blob \| history
drivers/md/Makefile		diff \| blob \| history
drivers/md/dm-verity-avb.c	[new file with mode: 0644]	blob
drivers/md/dm-verity-target.c		diff \| blob \| history
drivers/md/dm-verity.h		diff \| blob \| history