evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ANDROID: dm: allow adb disable-verity only in userdebug

Browse source 
adb disable-verity was allowed when the phone is in the
unlocked state. Since the driver is now aware of the build
variant, honor "adb disable-verity" only in userdebug
builds.

(Cherry-picked from
https://partner-android-review.git.corp.google.com/#/c/622117)

BUG: 29276559
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
Change-Id: I7ce9f38d8c7a62361392c5a8ccebb288f8a3a2ea
This commit is contained in:
Badhri Jagan Sridharan 2016-06-27 16:25:55 -07:00 committed by Amit Pundir
parent d5dc479e87
commit 255fb5b678
1 changed files with 9 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
drivers/md/dm-android-verity.c
View file

@ -109,6 +109,14 @@ static inline bool is_eng(void)
return !strncmp(buildvariant, typeeng, sizeof(typeeng));
}
static inline bool is_userdebug(void)
{
static const char typeuserdebug[] = "userdebug";
return !strncmp(buildvariant, typeuserdebug, sizeof(typeuserdebug));
}
static int table_extract_mpi_array(struct public_key_signature *pks,
const void *data, size_t len)
{
@ -499,19 +507,6 @@ const char *find_dt_value(const char *name)
return value;
}
static bool is_unlocked(void)
{
static const char unlocked[] = "orange";
static const char verified_boot_prop[] = "verifiedbootstate";
const char *value;
value = find_dt_value(verified_boot_prop);
if (!value)
value = verifiedbootstate;
return !strncmp(value, unlocked, sizeof(unlocked) - 1);
}
static int verity_mode(void)
{
static const char enforcing[] = "enforcing";
@ -531,7 +526,7 @@ static int verify_header(struct android_metadata_header *header)
{
int retval = -EINVAL;
if (is_unlocked() && le32_to_cpu(header->magic_number) ==
if (is_userdebug() && le32_to_cpu(header->magic_number) ==
VERITY_METADATA_MAGIC_DISABLE) {
retval = VERITY_STATE_DISABLE;
return retval;