static char verifiedbootstate[VERITY_COMMANDLINE_PARAM_LENGTH];
static char veritymode[VERITY_COMMANDLINE_PARAM_LENGTH];
+static char veritykeyid[VERITY_DEFAULT_KEY_ID_LENGTH];
static bool target_added;
static bool verity_enabled = true;
__setup("androidboot.veritymode=", verity_mode_param);
+static int __init verity_keyid_param(char *line)
+{
+ strlcpy(veritykeyid, line, sizeof(veritykeyid));
+ return 1;
+}
+
+__setup("veritykeyid=", verity_keyid_param);
+
+static inline bool default_verity_key_id(void)
+{
+ return veritykeyid[0] != '\0';
+}
+
static int table_extract_mpi_array(struct public_key_signature *pks,
const void *data, size_t len)
{
dev_t uninitialized_var(dev);
struct android_metadata *uninitialized_var(metadata);
int err = 0, i, mode;
- char *key_id, *table_ptr, dummy,
+ char *key_id, *table_ptr, dummy, *target_device,
*verity_table_args[VERITY_TABLE_ARGS + 2 + VERITY_TABLE_OPT_FEC_ARGS];
/* One for specifying number of opt args and one for mode */
sector_t data_sectors;
char buf[FEC_ARG_LENGTH], *buf_ptr;
unsigned long long tmpll;
- if (argc != 2) {
+ if (argc == 1) {
+ /* Use the default keyid */
+ if (default_verity_key_id())
+ key_id = veritykeyid;
+ else {
+ DMERR("veritykeyid= is not set");
+ handle_error();
+ return -EINVAL;
+ }
+ } else if (argc == 2)
+ key_id = argv[1];
+ else {
DMERR("Incorrect number of arguments");
handle_error();
return -EINVAL;
}
- /* should come as one of the arguments for the verity target */
- key_id = argv[0];
- strreplace(argv[0], '#', ' ');
+ strreplace(key_id, '#', ' ');
+ target_device = argv[0];
- dev = name_to_dev_t(argv[1]);
+ dev = name_to_dev_t(target_device);
if (!dev) {
- DMERR("no dev found for %s", argv[1]);
+ DMERR("no dev found for %s", target_device);
handle_error();
return -EINVAL;
}
- DMINFO("key:%s dev:%s", argv[0], argv[1]);
+ DMINFO("key:%s dev:%s", key_id, target_device);
if (extract_fec_header(dev, &fec, &ecc)) {
DMERR("Error while extracting fec header");
/* Setup linear target and free */
if (!verity_enabled) {
- err = add_as_linear_device(ti, argv[1]);
+ err = add_as_linear_device(ti, target_device);
goto free_metadata;
}
/*substitute data_dev and hash_dev*/
- verity_table_args[1] = argv[1];
- verity_table_args[2] = argv[1];
+ verity_table_args[1] = target_device;
+ verity_table_args[2] = target_device;
mode = verity_mode();
if (ecc.valid && IS_BUILTIN(CONFIG_DM_VERITY_FEC)) {
if (mode) {
err = snprintf(buf, FEC_ARG_LENGTH,
- "%u %s " VERITY_TABLE_OPT_FEC_FORMAT,
- 1 + VERITY_TABLE_OPT_FEC_ARGS,
- mode == DM_VERITY_MODE_RESTART ?
- VERITY_TABLE_OPT_RESTART : VERITY_TABLE_OPT_LOGGING,
- argv[1], ecc.start / FEC_BLOCK_SIZE, ecc.blocks,
- ecc.roots);
+ "%u %s " VERITY_TABLE_OPT_FEC_FORMAT,
+ 1 + VERITY_TABLE_OPT_FEC_ARGS,
+ mode == DM_VERITY_MODE_RESTART ?
+ VERITY_TABLE_OPT_RESTART :
+ VERITY_TABLE_OPT_LOGGING,
+ target_device,
+ ecc.start / FEC_BLOCK_SIZE, ecc.blocks,
+ ecc.roots);
} else {
err = snprintf(buf, FEC_ARG_LENGTH,
- "%u " VERITY_TABLE_OPT_FEC_FORMAT,
- VERITY_TABLE_OPT_FEC_ARGS, argv[1],
- ecc.start / FEC_BLOCK_SIZE, ecc.blocks, ecc.roots);
+ "%u " VERITY_TABLE_OPT_FEC_FORMAT,
+ VERITY_TABLE_OPT_FEC_ARGS, target_device,
+ ecc.start / FEC_BLOCK_SIZE, ecc.blocks,
+ ecc.roots);
}
} else if (mode) {
err = snprintf(buf, FEC_ARG_LENGTH,
projects / GitHub / MotorolaMobilityLLC / kernel-slsi.git / commitdiff