Modify scripts to verify and add verifying script

Change-Id: Ia14c0564d6bea295151a1c918d75214cf12fd64c
Signed-off-by: SangYoun Kwak <sy.kwak@samsung.com>
(cherry picked from commit 192865bf0c986d636bf37c203de68f76805bcf30)

diff --git a/scripts/mkinitrd.sh b/scripts/mkinitrd.sh
index 47a361f..9f8bbb2 100755 (executable)
--- a/scripts/mkinitrd.sh
+++ b/scripts/mkinitrd.sh
@@ -16,6 +16,7 @@ if [ "z$ARCH" == "zarmv7l" ]; then
 elif [ "z$ARCH" == "zaarch64" ]; then
        LD_LINUX="/lib64/ld-linux-aarch64.so.1"
        INIT="/usr/lib64/initrd/init.sh"
+       DMVERITY_ROOTFS_VERIFY_HASH="/usr/lib64/initrd/bin/dmverity-rootfs-verify-hash.sh"
        OBJECTS_SPECIFY_LIST="/usr/lib64/initrd/initrd-file.list /usr/lib64/initrd/initrd-file-64bit.list /usr/lib64/initrd/initrd-file-dmverity.list @ASAN_FILE_LIST@"
 elif [ "z$ARCH" == "zi686" ]; then
        LD_LINUX="/lib/ld-linux.so.2"
@@ -164,6 +165,9 @@ make_initrd() {
     symlink_objects $SYM_LINKS
 
     "$CP" -f "$INIT" "$INITRD_ROOT/sbin/init"
+    if [ ! -z ${DMVERITY_ROOTFS_VERIFY_HASH+x} ]; then
+           "$CP" -f "$DMVERITY_ROOTFS_VERIFY_HASH" "$INITRD_ROOT/usr/bin/dmverity-rootfs-verify-hash.sh"
+    fi
     "$TOUCH" "$INITRD_ROOT/etc/initrd-release"
 }
 

diff --git a/scripts/verityctl b/scripts/verityctl
index f0c1c51..389feaf 100755 (executable)
--- a/scripts/verityctl
+++ b/scripts/verityctl
@@ -181,6 +181,9 @@ create()
                        # /bin/rm -f /tmp/root_hash_salt.sha512
                        # if [ $signing_result != 0 ]; then exit 2; fi
                        ############################################################################
+                       if [ -x /usr/bin/dmverity-rootfs-verify-hash.sh ]; then
+                               /usr/bin/dmverity-rootfs-verify-hash.sh ${ROOTFS} ${root_hash} ${salt} ${meta_sign_offset}
+                       fi
 
                        # replace dmsetup to veritysetup
                        # veritysetup reads super block to retrieve parameters: