commit 838793dc39746fd0eba99daaa0f62f8a402777e5
author Tianjie <xunchang@google.com> Thu Jan 14 22:05:13 2021 -0800
committer Tianjie Xu <xunchang@google.com> Thu Jan 28 18:26:59 2021 +0000
tree 1173db93bffda2cf3bdbdeedc759548c003d1163
parent 8e2dce0ccc2699a0df9d8473fa586811f4b1b69c

Calculate vbmetadigest of inactive slot

We want to improve the security of the keystore encryption key for resume
on reboot. One AI is to create the key with the vbmeta digest of the
next slot to boot into. After reboot, the decryption will fail if
ro.boot.vbmeta.digest of the new slot doesn't match the calculated value
before reboot.

Since update_engine manages the slot switch, let it calculate the digest
as well.

Bug: 177625570
Test: do a update, check that the sysprop is set.

Change-Id: I74b20fca72f6946d980b93d76990f1c8b8f246a9

cros/hardware_chromeos.cc

diff --git a/cros/hardware_chromeos.cc b/cros/hardware_chromeos.cc
index 14f2497..a57cd78 100644
--- a/cros/hardware_chromeos.cc
+++ b/cros/hardware_chromeos.cc
@@ -349,6 +349,8 @@
 
 void HardwareChromeOS::SetWarmReset(bool warm_reset) {}
 
+void HardwareChromeOS::SetVbmetaDigestForInactiveSlot(bool reset) {}
+
 std::string HardwareChromeOS::GetVersionForLogging(
     const std::string& partition_name) const {
   // TODO(zhangkelvin) Implement per-partition timestamp for Chrome OS.

cros/hardware_chromeos.h

diff --git a/cros/hardware_chromeos.h b/cros/hardware_chromeos.h
index de84d78..8a920ef 100644
--- a/cros/hardware_chromeos.h
+++ b/cros/hardware_chromeos.h
@@ -62,6 +62,7 @@
   bool GetFirstActiveOmahaPingSent() const override;
   bool SetFirstActiveOmahaPingSent() override;
   void SetWarmReset(bool warm_reset) override;
+  void SetVbmetaDigestForInactiveSlot(bool reset) override;
   std::string GetVersionForLogging(
       const std::string& partition_name) const override;
   ErrorCode IsPartitionUpdateValid(