• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "dm_verity.h"
17 #include "fs_hvb.h"
18 #include "hvb_cmdline.h"
19 #include "securec.h"
20 #include "beget_ext.h"
21 #include <stdbool.h>
22 
23 #ifdef __cplusplus
24 #if __cplusplus
25 extern "C" {
26 #endif
27 #endif
28 
29 #define HVB_VB_STATE_STR_MAX_LEN 32
30 #define HVB_FORCE_ENABLE_STR_MAX_LEN 16
31 #define HVB_CMDLINE_HVB_FORCE_ENABLE "ohos.boot.hvb.oem_swtype"
32 
33 #define DM_VERITY_RETURN_ERR_IF_NULL(__ptr)             \
34     do {                                                \
35         if ((__ptr) == NULL) {                          \
36             BEGET_LOGE("error, %s is NULL\n", #__ptr); \
37             return -1;                                  \
38         }                                               \
39     } while (0)
40 
HvbDmVerityIsEnable(void)41 static bool HvbDmVerityIsEnable(void)
42 {
43     int rc;
44     char forceEnable[HVB_FORCE_ENABLE_STR_MAX_LEN] = {0};
45     char vBState[HVB_VB_STATE_STR_MAX_LEN] = {0};
46 
47     rc = FsHvbGetValueFromCmdLine(&forceEnable[0], sizeof(forceEnable), HVB_CMDLINE_HVB_FORCE_ENABLE);
48     if (rc == 0 && strcmp(&forceEnable[0], "factory") == 0) {
49         return true;
50     }
51 
52     rc = FsHvbGetValueFromCmdLine(&vBState[0], sizeof(vBState), HVB_CMDLINE_VB_STATE);
53 
54     if (rc != 0) {
55         BEGET_LOGE("error 0x%x, get verifed boot state", rc);
56         return false;
57     }
58 
59     if (strcmp(&vBState[0], "false") == 0 || strcmp(&vBState[0], "FALSE") == 0) {
60         return false;
61     }
62 
63     return true;
64 }
65 
HvbDmVerityinit(const Fstab * fstab)66 int HvbDmVerityinit(const Fstab *fstab)
67 {
68     int rc;
69     FstabItem *p = NULL;
70 
71     if (!HvbDmVerityIsEnable()) {
72         BEGET_LOGI("hvb not enable, not init");
73         return 0;
74     }
75 
76     for (p = fstab->head; p != NULL; p = p->next) {
77         if (p->fsManagerFlags & FS_MANAGER_HVB)
78             break;
79     }
80 
81     if (p == NULL) {
82         BEGET_LOGI("no need init fs hvb");
83         return 0;
84     }
85 
86     rc = FsHvbInit();
87     if (rc != 0) {
88         BEGET_LOGE("init fs hvb error, ret=%d", rc);
89         return rc;
90     }
91 
92     return rc;
93 }
94 
HvbDmVeritySetUp(FstabItem * fsItem)95 int HvbDmVeritySetUp(FstabItem *fsItem)
96 {
97     int rc;
98 
99     if (!HvbDmVerityIsEnable()) {
100         BEGET_LOGI("hvb not enable, not setup");
101         return 0;
102     }
103 
104     DM_VERITY_RETURN_ERR_IF_NULL(fsItem);
105 
106     if ((fsItem->fsManagerFlags & FS_MANAGER_HVB) == 0) {
107         BEGET_LOGW("device %s not need hvb", fsItem->deviceName ? fsItem->deviceName : "none");
108         return 0;
109     }
110 
111     rc = FsHvbSetupHashtree(fsItem);
112     if (rc != 0) {
113         BEGET_LOGE("error, setup hashtree fail, ret=%d", rc);
114         return rc;
115     }
116 
117     return rc;
118 }
119 
HvbDmVerityFinal(void)120 void HvbDmVerityFinal(void)
121 {
122     int rc;
123 
124     if (!HvbDmVerityIsEnable()) {
125         BEGET_LOGI("hvb not enable, not final");
126         return;
127     }
128 
129     rc = FsHvbFinal();
130     if (rc != 0) {
131         BEGET_LOGE("final fs hvb error, ret=%d", rc);
132         return;
133     }
134 }
135 
136 #ifdef __cplusplus
137 #if __cplusplus
138 }
139 #endif
140 #endif
141