From 336cbce2526e4ce6990aed5b98d39814e6456ea2 Mon Sep 17 00:00:00 2001
From: David Zeuthen <zeuthen@google.com>
Date: Mon, 8 May 2017 13:41:28 -0400
Subject: update_verifier: Support AVB.

When using AVB, PRODUCT_SUPPORTS_VERITY is not set so check for
BOARD_ENABLE_AVB as well. Also AVB sets up the root filesystem as
'vroot' so map that to 'system' since this is what is
expected. Managed to test at least that the code is at least compiled
in:

 $ fastboot --set-active=_a
 Setting current slot to 'a'...
 OKAY [  0.023s]
 finished. total time: 0.023s

 $ fastboot reboot
 rebooting...

 finished. total time: 0.050s

 $ adb wait-for-device

 $ adb logcat |grep update_verifier
 03-04 05:28:56.773   630   630 I /system/bin/update_verifier: Started with arg 1: nonencrypted
 03-04 05:28:56.776   630   630 I /system/bin/update_verifier: Booting slot 0: isSlotMarkedSuccessful=0
 03-04 05:28:56.776   630   630 W /system/bin/update_verifier: Failed to open /data/ota_package/care_map.txt: No such file or directory
 03-04 05:28:56.788   630   630 I /system/bin/update_verifier: Marked slot 0 as booted successfully.
 03-04 05:28:56.788   630   630 I /system/bin/update_verifier: Leaving update_verifier.

Bug: 62464819
Test: Manually tested on device using AVB bootloader.
Merged-In: I13c0fe1cc5d0f397e36f5e62fcc05c8dfee5fd85
Change-Id: I2834b17688053411e7b904e31df9c83bf904cd56
---
 tests/Android.mk                         |  4 ++++
 tests/component/update_verifier_test.cpp |  2 +-
 update_verifier/Android.mk               |  4 ++++
 update_verifier/update_verifier.cpp      | 21 +++++++++++++++------
 4 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/tests/Android.mk b/tests/Android.mk
index 262f4ffdd..346873dbe 100644
--- a/tests/Android.mk
+++ b/tests/Android.mk
@@ -92,6 +92,10 @@ ifeq ($(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VERITY),true)
 LOCAL_CFLAGS += -DPRODUCT_SUPPORTS_VERITY=1
 endif
 
+ifeq ($(BOARD_AVB_ENABLE),true)
+LOCAL_CFLAGS += -DBOARD_AVB_ENABLE=1
+endif
+
 LOCAL_MODULE := recovery_component_test
 LOCAL_COMPATIBILITY_SUITE := device-tests
 LOCAL_C_INCLUDES := bootable/recovery
diff --git a/tests/component/update_verifier_test.cpp b/tests/component/update_verifier_test.cpp
index 73b4478aa..5fc7ef63f 100644
--- a/tests/component/update_verifier_test.cpp
+++ b/tests/component/update_verifier_test.cpp
@@ -24,7 +24,7 @@
 class UpdateVerifierTest : public ::testing::Test {
  protected:
   void SetUp() override {
-#ifdef PRODUCT_SUPPORTS_VERITY
+#if defined(PRODUCT_SUPPORTS_VERITY) || defined(BOARD_AVB_ENABLE)
     verity_supported = true;
 #else
     verity_supported = false;
diff --git a/update_verifier/Android.mk b/update_verifier/Android.mk
index 37d9bfed3..33c5fe9e7 100644
--- a/update_verifier/Android.mk
+++ b/update_verifier/Android.mk
@@ -39,6 +39,10 @@ ifeq ($(PRODUCTS.$(INTERNAL_PRODUCT).PRODUCT_SUPPORTS_VERITY),true)
 LOCAL_CFLAGS += -DPRODUCT_SUPPORTS_VERITY=1
 endif
 
+ifeq ($(BOARD_AVB_ENABLE),true)
+LOCAL_CFLAGS += -DBOARD_AVB_ENABLE=1
+endif
+
 include $(BUILD_STATIC_LIBRARY)
 
 # update_verifier (executable)
diff --git a/update_verifier/update_verifier.cpp b/update_verifier/update_verifier.cpp
index fdbcfde56..d3a5185b8 100644
--- a/update_verifier/update_verifier.cpp
+++ b/update_verifier/update_verifier.cpp
@@ -99,12 +99,21 @@ static bool read_blocks(const std::string& partition, const std::string& range_s
     std::string content;
     if (!android::base::ReadFileToString(path, &content)) {
       PLOG(WARNING) << "Failed to read " << path;
-    } else if (android::base::Trim(content) == partition) {
-      dm_block_device = DEV_PATH + std::string(namelist[n]->d_name);
-      while (n--) {
-        free(namelist[n]);
+    } else {
+      std::string dm_block_name = android::base::Trim(content);
+#ifdef BOARD_AVB_ENABLE
+      // AVB is using 'vroot' for the root block device but we're expecting 'system'.
+      if (dm_block_name == "vroot") {
+        dm_block_name = "system";
+      }
+#endif
+      if (dm_block_name == partition) {
+        dm_block_device = DEV_PATH + std::string(namelist[n]->d_name);
+        while (n--) {
+          free(namelist[n]);
+        }
+        break;
       }
-      break;
     }
     free(namelist[n]);
   }
@@ -229,7 +238,7 @@ int update_verifier(int argc, char** argv) {
   if (is_successful == BoolResult::FALSE) {
     // The current slot has not booted successfully.
 
-#ifdef PRODUCT_SUPPORTS_VERITY
+#if defined(PRODUCT_SUPPORTS_VERITY) || defined(BOARD_AVB_ENABLE)
     std::string verity_mode = android::base::GetProperty("ro.boot.veritymode", "");
     if (verity_mode.empty()) {
       LOG(ERROR) << "Failed to get dm-verity mode.";
-- 
cgit v1.2.3