1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef __CORE_FS_MGR_AVB_H
18 #define __CORE_FS_MGR_AVB_H
19 
20 #include <map>
21 #include <memory>
22 #include <string>
23 
24 #include <libavb/libavb.h>
25 
26 #include "fs_mgr.h"
27 
28 enum FsManagerAvbHandleStatus {
29     kFsManagerAvbHandleUninitialized = -1,
30     kFsManagerAvbHandleSuccess = 0,
31     kFsManagerAvbHandleHashtreeDisabled = 1,
32     kFsManagerAvbHandleErrorVerification = 2,
33 };
34 
35 class FsManagerAvbOps;
36 
37 class FsManagerAvbHandle;
38 using FsManagerAvbUniquePtr = std::unique_ptr<FsManagerAvbHandle>;
39 
40 using ByNameSymlinkMap = std::map<std::string, std::string>;
41 
42 // Provides a factory method to return a unique_ptr pointing to itself and the
43 // SetUpAvb() function to extract dm-verity parameters from AVB metadata to
44 // load verity table into kernel through ioctl.
45 class FsManagerAvbHandle {
46   public:
47     // The factory method to return a FsManagerAvbUniquePtr that holds
48     // the verified AVB (external/avb) metadata of all verified partitions
49     // in avb_slot_data_.vbmeta_images[].
50     //
51     // The metadata is checked against the following values from /proc/cmdline.
52     //   - androidboot.vbmeta.{hash_alg, size, digest}.
53     //
54     // A typical usage will be:
55     //   - FsManagerAvbUniquePtr handle = FsManagerAvbHandle::Open();
56     //
57     // There are two overloaded Open() functions with a single parameter.
58     // The argument can be a ByNameSymlinkMap describing the mapping from partition
59     // name to by-name symlink, or a fstab file to which the ByNameSymlinkMap is
60     // constructed from. e.g.,
61     //   - /dev/block/platform/soc.0/7824900.sdhci/by-name/system_a ->
62     //   - ByNameSymlinkMap["system_a"] = "/dev/block/platform/soc.0/7824900.sdhci/by-name/system_a"
63     //
64     // Possible return values:
65     //   - nullptr: any error when reading and verifying the metadata,
66     //     e.g., I/O error, digest value mismatch, size mismatch, etc.
67     //
68     //   - a valid unique_ptr with status kFsMgrAvbHandleHashtreeDisabled:
69     //     to support the existing 'adb disable-verity' feature in Android.
70     //     It's very helpful for developers to make the filesystem writable to
71     //     allow replacing binaries on the device.
72     //
73     //   - a valid unique_ptr with status kFsMgrAvbHandleSuccess: the metadata
74     //     is verified and can be trusted.
75     //
76     static FsManagerAvbUniquePtr Open(const fstab& fstab);
77     static FsManagerAvbUniquePtr Open(ByNameSymlinkMap&& by_name_symlink_map);
78 
79     // Sets up dm-verity on the given fstab entry.
80     // The 'wait_for_verity_dev' parameter makes this function wait for the
81     // verity device to get created before return.
82     // Returns true if the mount point is eligible to mount, it includes:
83     //   - status_ is kFsMgrAvbHandleHashtreeDisabled or
84     //   - status_ is kFsMgrAvbHandleSuccess and sending ioctl DM_TABLE_LOAD
85     //     to load verity table is success.
86     // Otherwise, returns false.
87     bool SetUpAvb(fstab_rec* fstab_entry, bool wait_for_verity_dev);
88 
hashtree_disabled()89     bool hashtree_disabled() const { return status_ == kFsManagerAvbHandleHashtreeDisabled; }
avb_version()90     const std::string& avb_version() const { return avb_version_; }
91 
92     FsManagerAvbHandle(const FsManagerAvbHandle&) = delete;             // no copy
93     FsManagerAvbHandle& operator=(const FsManagerAvbHandle&) = delete;  // no assignment
94 
95     FsManagerAvbHandle(FsManagerAvbHandle&&) noexcept = delete;             // no move
96     FsManagerAvbHandle& operator=(FsManagerAvbHandle&&) noexcept = delete;  // no move assignment
97 
~FsManagerAvbHandle()98     ~FsManagerAvbHandle() {
99         if (avb_slot_data_) {
100             avb_slot_verify_data_free(avb_slot_data_);
101         }
102     };
103 
104   private:
FsManagerAvbHandle()105     FsManagerAvbHandle() : avb_slot_data_(nullptr), status_(kFsManagerAvbHandleUninitialized) {}
106     static FsManagerAvbUniquePtr DoOpen(FsManagerAvbOps* avb_ops);
107 
108     AvbSlotVerifyData* avb_slot_data_;
109     FsManagerAvbHandleStatus status_;
110     std::string avb_version_;
111 };
112 
113 #endif /* __CORE_FS_MGR_AVB_H */
114