/system/update_engine/payload_generator/ |
D | payload_generation_config_android_unittest.cc | 151 const VerityConfig& verity = image_config_.partitions[0].verity; in TEST_F() local 152 EXPECT_FALSE(verity.IsEmpty()); in TEST_F() 153 EXPECT_EQ(ExtentForRange(0, 2), verity.hash_tree_data_extent); in TEST_F() 154 EXPECT_EQ(ExtentForRange(2, 1), verity.hash_tree_extent); in TEST_F() 155 EXPECT_EQ("sha1", verity.hash_tree_algorithm); in TEST_F() 157 EXPECT_EQ(salt, verity.hash_tree_salt); in TEST_F() 158 EXPECT_EQ(ExtentForRange(0, 3), verity.fec_data_extent); in TEST_F() 159 EXPECT_EQ(ExtentForRange(3, 2), verity.fec_extent); in TEST_F() 160 EXPECT_EQ(2u, verity.fec_roots); in TEST_F() 170 const VerityConfig& verity = image_config_.partitions[0].verity; in TEST_F() local [all …]
|
D | payload_generation_config_android.cc | 48 part->verity.hash_tree_algorithm = in AvbDescriptorCallback() 54 part->verity.hash_tree_salt.assign(salt, salt + hashtree.salt_len); in AvbDescriptorCallback() 58 part->verity.hash_tree_data_extent = in AvbDescriptorCallback() 63 part->verity.hash_tree_extent = ExtentForBytes( in AvbDescriptorCallback() 67 part->verity.fec_data_extent = in AvbDescriptorCallback() 69 part->verity.fec_extent = ExtentForBytes( in AvbDescriptorCallback() 71 part->verity.fec_roots = hashtree.fec_num_roots; in AvbDescriptorCallback() 80 if (part.verity.hash_tree_extent.num_blocks() != 0) { in VerifyVerityConfig() 82 HashTreeBuilder::HashFunction(part.verity.hash_tree_algorithm); in VerifyVerityConfig() 86 part.verity.hash_tree_data_extent.num_blocks() * block_size; in VerifyVerityConfig() [all …]
|
D | payload_file.cc | 100 part.verity = new_conf.verity; in AddPartition() 152 if (!part.verity.IsEmpty()) { in WritePayload() 153 if (part.verity.hash_tree_extent.num_blocks() != 0) { in WritePayload() 155 part.verity.hash_tree_data_extent; in WritePayload() 156 *partition->mutable_hash_tree_extent() = part.verity.hash_tree_extent; in WritePayload() 157 partition->set_hash_tree_algorithm(part.verity.hash_tree_algorithm); in WritePayload() 158 if (!part.verity.hash_tree_salt.empty()) in WritePayload() 159 partition->set_hash_tree_salt(part.verity.hash_tree_salt.data(), in WritePayload() 160 part.verity.hash_tree_salt.size()); in WritePayload() 162 if (part.verity.fec_extent.num_blocks() != 0) { in WritePayload() [all …]
|
D | payload_file.h | 98 VerityConfig verity; member
|
D | payload_generation_config.h | 118 VerityConfig verity; member
|
D | payload_generation_config.cc | 295 TEST_AND_RETURN_FALSE(part.verity.IsEmpty()); in Validate() 316 TEST_AND_RETURN_FALSE(part.verity.IsEmpty()); in Validate()
|
/system/core/fs_mgr/ |
D | fs_mgr_verity.cpp | 148 static int verify_verity_signature(const struct fec_verity_metadata& verity) in verify_verity_signature() argument 150 if (verify_table(verity.signature, sizeof(verity.signature), in verify_verity_signature() 151 verity.table, verity.table_length) == 0 || in verify_verity_signature() 152 verify_table(verity.ecc_signature, sizeof(verity.ecc_signature), in verify_verity_signature() 153 verity.table, verity.table_length) == 0) { in verify_verity_signature() 385 struct fec_verity_metadata verity; in fs_mgr_setup_verity() local 400 if (fec_verity_get_metadata(f, &verity) < 0) { in fs_mgr_setup_verity() 411 if (verity.disabled) { in fs_mgr_setup_verity() 433 if (!verity.table) { in fs_mgr_setup_verity() 437 params.table = strdup(verity.table); in fs_mgr_setup_verity() [all …]
|
/system/core/set-verity-state/ |
D | Android.bp | 4 name: "set-verity-state", 5 srcs: ["set-verity-state.cpp"], 22 "enable-verity", 23 "disable-verity",
|
/system/extras/verity/ |
D | verity_verifier.cpp | 107 fec_verity_metadata verity; in main() local 108 if (!input.get_verity_metadata(verity)) { in main() 113 int ret = verify_table(argv[3], verity.signature, sizeof(verity.signature), in main() 114 verity.table, verity.table_length); in main()
|
D | BootSignature.mf | 1 Main-Class: com.android.verity.BootSignature
|
D | VeritySigner.mf | 1 Main-Class: com.android.verity.VeritySigner
|
D | VeritySigner.java | 17 package com.android.verity;
|
/system/extras/boottime_tools/io_analysis/ |
D | check_verity.py | 109 io, verity, total, blocks = get_average_and_std_dev(l) 111 verity[0], verity[1], verity[2], "total:", total[0], total[1], total[2] 112 return io, verity, total, blocks 116 io, verity, total, blocks = self.dump_list ("total,", self.reads) 118 verity_latency_per_1024KB = verity[2] / blocks * (1024 / 4)
|
/system/extras/libfec/ |
D | fec_open.cpp | 314 f->verity.hashtree.hash_start); in load_verity() 324 f->verity.hashtree.hash_start); in load_verity() 338 f->verity.hashtree.hash_start); in load_verity() 405 f->verity = {}; in reset_handle() 436 if (!f->verity.metadata_start) { in fec_verity_get_metadata() 441 check(f->data_size <= f->verity.hashtree.hash_start); in fec_verity_get_metadata() 442 check(f->data_size <= f->verity.metadata_start); in fec_verity_get_metadata() 443 check(!f->verity.table.empty()); in fec_verity_get_metadata() 445 data->disabled = f->verity.disabled; in fec_verity_get_metadata() 447 memcpy(data->signature, f->verity.header.signature, in fec_verity_get_metadata() [all …]
|
D | fec_private.h | 144 verity_info verity; member 148 return avb.valid ? avb.hashtree : verity.hashtree; in hashtree()
|
D | fec_verity.cpp | 445 verity_info *v = &f->verity; in parse_table() 484 verity_info *v = &f->verity; in rewrite_metadata() 548 verity_info *v = &f->verity; in verity_parse_header() 637 verity_info *v = &f->verity; in fec_verity_set_status()
|
/system/connectivity/wifilogd/ |
D | runtests.sh | 40 adb disable-verity
|
/system/extras/libfec/test/ |
D | fec_unittest.cpp | 141 handle->verity.metadata_start); in TEST_F() 142 ASSERT_EQ(verity_header_.length, handle->verity.header.length); in TEST_F() 143 ASSERT_EQ(verity_table_, handle->verity.table); in TEST_F() 175 handle->verity.metadata_start); in TEST_F() 186 ASSERT_EQ(handle->verity.metadata_start + 8 * 4096, ecc_metadata.start); in TEST_F()
|
/system/connectivity/wificond/ |
D | runtests.sh | 41 adb disable-verity
|
/system/sepolicy/prebuilts/api/30.0/private/ |
D | fsverity_init.te | 15 # Allow init to write to /proc/sys/fs/verity/require_signatures
|
D | installd.te | 40 # Allow installd to access apk verity feature flag (for legacy case).
|
/system/sepolicy/private/ |
D | fsverity_init.te | 15 # Allow init to write to /proc/sys/fs/verity/require_signatures
|
D | installd.te | 40 # Allow installd to access apk verity feature flag (for legacy case).
|
/system/sepolicy/prebuilts/api/29.0/private/ |
D | fsverity_init.te | 19 # Allow init to write to /proc/sys/fs/verity/require_signatures
|
/system/apex/docs/ |
D | README.md | 64 `apex_payload.img` is an ext4 file system image backed by dm-verity. The image 156 already over dm-verity, so the APEX files are mounted directly over the loop 168 kernel features are required: the loop driver and dm-verity. The loop 169 driver mounts the file system image in an APEX module and dm-verity verifies the 172 The performance of the loop driver and dm-verity is important in achieving 207 - Revert "ANDROID: dm verity: add minimum prefetch size" 227 (*) CONFIG_CRYPTO_SHA1=Y # SHA1 hash for DM-verity 228 (*) CONFIG_CRYPTO_SHA256=Y # SHA256 hash for DM-verity 229 CONFIG_DM_VERITY=Y # DM-verity support 546 file systems whose integrity is protected by dm-verity for every I/O. Any [all …]
|