projects / firefly-linux-kernel-4.4.55.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d5dc479)
ANDROID: dm: allow adb disable-verity only in userdebug
authorBadhri Jagan Sridharan <Badhri@google.com>
Mon, 27 Jun 2016 23:25:55 +0000 (16:25 -0700)
committerAmit Pundir <amit.pundir@linaro.org>
Thu, 18 Aug 2016 13:26:03 +0000 (18:56 +0530)
adb disable-verity was allowed when the phone is in the
unlocked state. Since the driver is now aware of the build
variant, honor "adb disable-verity" only in userdebug
builds.

(Cherry-picked from
https://partner-android-review.git.corp.google.com/#/c/622117)

BUG: 29276559
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
Change-Id: I7ce9f38d8c7a62361392c5a8ccebb288f8a3a2ea

drivers/md/dm-android-verity.c patch | blob | history

diff --git a/drivers/md/dm-android-verity.c b/drivers/md/dm-android-verity.c
index e1a8e284e7e47c6299e609ea413ff3b11eb43029..999e75bf2ba00fa804219593cdc265861370b0b9 100644 (file)
--- a/drivers/md/dm-android-verity.c
+++ b/drivers/md/dm-android-verity.c
@@ -109,6 +109,14 @@ static inline bool is_eng(void)
        return !strncmp(buildvariant, typeeng, sizeof(typeeng));
 }
 
+static inline bool is_userdebug(void)
+{
+       static const char typeuserdebug[]  = "userdebug";
+
+       return !strncmp(buildvariant, typeuserdebug, sizeof(typeuserdebug));
+}
+
+
 static int table_extract_mpi_array(struct public_key_signature *pks,
                                const void *data, size_t len)
 {
@@ -499,19 +507,6 @@ const char *find_dt_value(const char *name)
        return value;
 }
 
-static bool is_unlocked(void)
-{
-       static const char unlocked[]  = "orange";
-       static const char verified_boot_prop[] = "verifiedbootstate";
-       const char *value;
-
-       value = find_dt_value(verified_boot_prop);
-       if (!value)
-               value = verifiedbootstate;
-
-       return !strncmp(value, unlocked, sizeof(unlocked) - 1);
-}
-
 static int verity_mode(void)
 {
        static const char enforcing[] = "enforcing";
@@ -531,7 +526,7 @@ static int verify_header(struct android_metadata_header *header)
 {
        int retval = -EINVAL;
 
-       if (is_unlocked() && le32_to_cpu(header->magic_number) ==
+       if (is_userdebug() && le32_to_cpu(header->magic_number) ==
                VERITY_METADATA_MAGIC_DISABLE) {
                retval = VERITY_STATE_DISABLE;
                return retval;
Unnamed repository; edit this file 'description' to name the repository.