Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_core / b4a86eeb2f758d5cd718f9818ea43a7fad55647c^! / .
commitb4a86eeb2f758d5cd718f9818ea43a7fad55647c[log] [tgz]
authorYi-Yo Chiang <yochiang@google.com>Tue Nov 22 15:01:31 2022 +0800
committerYi-Yo Chiang <yochiang@google.com>Tue Nov 22 15:26:37 2022 +0800
treeac7f86f90322ae4d631f60ca9b394cab215e3b0f
parent3fca6e72cff8d20f8ac06a2f8f5d2a4821213a94 [diff]
remount: Treat disable verity error as fatal only if verity is enabled

If device doesn't enable AVB altogether, then it might not have a vbmeta
partition at all. In this case, we shall ignore disable-verity errors.
We still disable verity unconditionally to keep the logic simple, but we
ignore any disable-verity error if AVB is not enabled in the first
place.

Bug: 241688845
Test: adb-remount-test on emulator
Test: Test remount on yukawa
Change-Id: Ifc763b3f0ca6989550c139a8c3a2308c9c2a7c3e

diff --git a/fs_mgr/fs_mgr_remount.cpp b/fs_mgr/fs_mgr_remount.cpp
index 3f14d6a..23bc8e8 100644
--- a/fs_mgr/fs_mgr_remount.cpp
+++ b/fs_mgr/fs_mgr_remount.cpp

@@ -479,19 +479,24 @@
 
     // Disable verity.
     auto verity_result = SetVerityState(false /* enable_verity */);
-    if (!verity_result.success) {
-        return false;
+
+    // Treat error as fatal and suggest reboot only if verity is enabled.
+    // TODO(b/260041315): We check the device mapper for any "<partition>-verity" device present
+    // instead of checking ro.boot.veritymode because emulator has incorrect property value.
+    bool must_disable_verity = false;
+    for (const auto& partition : partitions) {
+        if (fs_mgr_is_verity_enabled(partition)) {
+            must_disable_verity = true;
+            break;
+        }
     }
-    if (verity_result.want_reboot) {
-        // TODO(b/259207493): emulator has incorrect androidboot.veritymode value, causing
-        // .want_reboot to always be true. In order to workaround this, double check device mapper
-        // to see if verity is already disabled.
-        for (const auto& partition : partitions) {
-            if (fs_mgr_is_verity_enabled(partition)) {
-                check_result->reboot_later = true;
-                check_result->disabled_verity = true;
-                break;
-            }
+    if (must_disable_verity) {
+        if (!verity_result.success) {
+            return false;
+        }
+        if (verity_result.want_reboot) {
+            check_result->reboot_later = true;
+            check_result->disabled_verity = true;
         }
     }
 

diff --git a/fs_mgr/tests/adb-remount-test.sh b/fs_mgr/tests/adb-remount-test.sh
index 68f8152..c87e564 100755
--- a/fs_mgr/tests/adb-remount-test.sh
+++ b/fs_mgr/tests/adb-remount-test.sh

@@ -1422,9 +1422,12 @@
 LOG RUN "flash vendor, and confirm vendor override disappears"
 
 is_bootloader_fastboot=true
-# cuttlefish?
-[[ "$(get_property ro.product.vendor.device)" == vsoc_* ]] &&
-  is_bootloader_fastboot=false
+# virtual device?
+case "$(get_property ro.product.vendor.device)" in
+  vsoc_* | emulator_* | emulator64_*)
+    is_bootloader_fastboot=false
+    ;;
+esac
 is_userspace_fastboot=false
 
 if ! ${is_bootloader_fastboot}; then