init/mount: support for dm-verity verified root

This commit adds support for kernel initialized dm-verity on legacy SAR
devices.

Tested on a Pixel 2 XL with a kernel patch to initialize mappings
specified via the `dm=` kernel parameter even when an initramfs is used.
This commit is contained in:
Leorize 2020-09-23 16:18:51 -05:00 committed by John Wu
parent 966e23b846
commit d0b6318b90

View File

@ -12,11 +12,19 @@
using namespace std; using namespace std;
static string rtrim(string &&str) {
// Trim space, newline, and null byte from end of string
while (memchr(" \n\r", str[str.length() - 1], 4))
str.pop_back();
return std::move(str);
}
struct devinfo { struct devinfo {
int major; int major;
int minor; int minor;
char devname[32]; char devname[32];
char partname[32]; char partname[32];
char dmname[32];
}; };
static vector<devinfo> dev_list; static vector<devinfo> dev_list;
@ -46,6 +54,12 @@ static void collect_devices() {
continue; continue;
sprintf(path, "/sys/dev/block/%s/uevent", entry->d_name); sprintf(path, "/sys/dev/block/%s/uevent", entry->d_name);
parse_device(&dev, path); parse_device(&dev, path);
dev.dmname[0] = '\0';
sprintf(path, "/sys/dev/block/%s/dm/name", entry->d_name);
if (access(path, F_OK) == 0) {
auto name = rtrim(full_read(path));
strcpy(dev.dmname, name.c_str());
}
dev_list.push_back(dev); dev_list.push_back(dev);
} }
} }
@ -72,6 +86,11 @@ static int64_t setup_block(bool write_block = true) {
dev_t rdev = makedev(dev.major, dev.minor); dev_t rdev = makedev(dev.major, dev.minor);
mknod(blk_info.block_dev, S_IFBLK | 0600, rdev); mknod(blk_info.block_dev, S_IFBLK | 0600, rdev);
return rdev; return rdev;
} else if (strcasecmp(dev.dmname, blk_info.partname) == 0) {
LOGD("Setup %s: [%s] (%d, %d)\n", dev.dmname, dev.devname, dev.major, dev.minor);
dev_t rdev = makedev(dev.major, dev.minor);
mknod(blk_info.block_dev, S_IFBLK | 0600, rdev);
return rdev;
} }
} }
// Wait 10ms and try again // Wait 10ms and try again
@ -91,13 +110,6 @@ static bool is_lnk(const char *name) {
return S_ISLNK(st.st_mode); return S_ISLNK(st.st_mode);
} }
static string rtrim(string &&str) {
// Trim space, newline, and null byte from end of string
while (memchr(" \n\r", str[str.length() - 1], 4))
str.pop_back();
return std::move(str);
}
#define read_info(val) \ #define read_info(val) \
if (access(#val, F_OK) == 0) {\ if (access(#val, F_OK) == 0) {\
entry.val = rtrim(full_read(#val)); \ entry.val = rtrim(full_read(#val)); \
@ -243,19 +255,28 @@ void SARBase::backup_files() {
void SARBase::mount_system_root() { void SARBase::mount_system_root() {
LOGD("Early mount system_root\n"); LOGD("Early mount system_root\n");
strcpy(blk_info.block_dev, "/dev/root");
// Try legacy SAR dm-verity
strcpy(blk_info.partname, "vroot");
auto dev = setup_block(false);
if (dev >= 0)
goto mount_root;
// Try NVIDIA naming scheme // Try NVIDIA naming scheme
strcpy(blk_info.partname, "APP"); strcpy(blk_info.partname, "APP");
strcpy(blk_info.block_dev, "/dev/root"); dev = setup_block(false);
auto dev = setup_block(false); if (dev >= 0)
if (dev < 0) { goto mount_root;
sprintf(blk_info.partname, "system%s", cmd->slot); sprintf(blk_info.partname, "system%s", cmd->slot);
dev = setup_block(false); dev = setup_block(false);
if (dev < 0) { if (dev >= 0)
goto mount_root;
// We don't really know what to do at this point... // We don't really know what to do at this point...
LOGE("Cannot find root partition, abort\n"); LOGE("Cannot find root partition, abort\n");
exit(1); exit(1);
} mount_root:
}
xmkdir("/system_root", 0755); xmkdir("/system_root", 0755);
if (xmount("/dev/root", "/system_root", "ext4", MS_RDONLY, nullptr)) if (xmount("/dev/root", "/system_root", "ext4", MS_RDONLY, nullptr))
xmount("/dev/root", "/system_root", "erofs", MS_RDONLY, nullptr); xmount("/dev/root", "/system_root", "erofs", MS_RDONLY, nullptr);