Merge "Only allow debuggable Microdroid VMs to mount /vendor" into main

commit: 7f9b2c17396fdf0e7575cc081468d02229e23a23 [log] [tgz]
author: Nikita Ioffe <ioffe@google.com> Fri Jul 07 15:46:39 2023 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Jul 07 15:46:39 2023 +0000
tree: 97c13b7d38973083d61fe0d048eade55700245bd
parent: 230af767573b747ace95edcebea2e76f7eaf1114 [diff]
parent: df0e96e962af40df7d6a89f61642e75ff0b6284c [diff]
diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
index e871da2..7fabbac 100644
--- a/init/first_stage_init.cpp
+++ b/init/first_stage_init.cpp

@@ -357,6 +357,18 @@
 
     LOG(INFO) << "init first stage started!";
 
+    // We only allow /vendor partition in debuggable Microdrod until it is verified during boot.
+    // TODO(b/285855436): remove this check.
+    if (IsMicrodroid()) {
+        bool mount_vendor =
+                cmdline.find("androidboot.microdroid.mount_vendor=1") != std::string::npos;
+        bool debuggable =
+                bootconfig.find("androidboot.microdroid.debuggable = \"1\"") != std::string::npos;
+        if (mount_vendor && !debuggable) {
+            LOG(FATAL) << "Attempted to mount /vendor partition for non-debuggable Microdroid VM";
+        }
+    }
+
     auto old_root_dir = std::unique_ptr<DIR, decltype(&closedir)>{opendir("/"), closedir};
     if (!old_root_dir) {
         PLOG(ERROR) << "Could not opendir(\"/\"), not freeing ramdisk";
commit	7f9b2c17396fdf0e7575cc081468d02229e23a23	[log] [tgz]
author	Nikita Ioffe <ioffe@google.com>	Fri Jul 07 15:46:39 2023 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Fri Jul 07 15:46:39 2023 +0000
tree	97c13b7d38973083d61fe0d048eade55700245bd
parent	230af767573b747ace95edcebea2e76f7eaf1114 [diff]
parent	df0e96e962af40df7d6a89f61642e75ff0b6284c [diff]