)]}' { "commit": "fd0ba0d49101461dbb493cfb28c3a0a2158559b9", "tree": "b389467c4f5230592fda4016cdd0ee49ef19058b", "parents": [ "09543592072e9705ea7019c4633f3bcbc8621409" ], "author": { "name": "Darren Krahn", "email": "dkrahn@google.com", "time": "Thu Feb 01 18:06:34 2018 -0800" }, "committer": { "name": "Darren Krahn", "email": "dkrahn@google.com", "time": "Fri Feb 23 16:57:00 2018 -0800" }, "message": "Implement support for on-device persistent digests.\n\nThis feature allows digests from on-device persistent storage to be used\nin place of digests embedded in descriptors. This allows verification of\npartitions which hold per-device configuration data set during a factory\nor provisioning stage and expected to remain unchanged from that point\nforward.\n\nSupport is added for both \u0027hash\u0027 and \u0027hashtree\u0027 descriptors. In the case\nof hashtree descriptors, the verity root digest needs to be added to the\nkernel command line so this can be configured later without access to\nAVB persistent storage. This is accomplished by supporting substitutions\nof the form $(AVB_\u003cpart_name\u003e_ROOT_DIGEST) where \u003cpart_name\u003e is the\nuppercase partition name. For example, if the partition name was\n\u0027factory\u0027 the kernel command line descriptor would hold:\n\n \"androidboot.vbmeta.root_digest.factory\u003d$(AVB_FACTORY_ROOT_DIGEST)\"\n\nThe persistent value ops are designed to be reusable. Persistent values\nare expected to be tamper-proof, similar to rollback indexes, and are\nnot expected to be available outside of the boot code running AVB.\n\nUsing persistent digests also requires that the partition not use A/B.\nA new flag has been added to avbtool to support this as well as a\n\u0027flags\u0027 field in hash and hashtree descriptors.\n\nThis CL bumps the AVB version to 1.1 and any use of persistent digests\n(or the --do_not_use_ab flag) will set the minimum libavb version in\nvbmeta to 1.1. If these features are not used, the minimum remains 1.0.\n\nBug: 73020477\nTest: Unit\n\nChange-Id: Iffef31b232492bc8700ab8496c5da2ccfb49be44\n", "tree_diff": [ { "type": "modify", "old_id": "0ad0a0b4548b191d29cb6a64b3a85f7d87006b9e", "old_mode": 33188, "old_path": "README.md", "new_id": "bbcf96cf89ad0bab0872677a9b57ae840ede33d4", "new_mode": 33188, "new_path": "README.md" }, { "type": "modify", "old_id": "b742466a100995530e363e4abc3e66da7ac926b0", "old_mode": 33261, "old_path": "avbtool", "new_id": "14914ce806b926d968365f7161c1b2459d262aff", "new_mode": 33261, "new_path": "avbtool" }, { "type": "modify", "old_id": "3df7a3088254e30fbeb4e01cf6ccf62c2b3fa329", "old_mode": 33188, "old_path": "libavb/avb_cmdline.c", "new_id": "426f909a9641555dece57fbf6ad74a1a623dc0f5", "new_mode": 33188, "new_path": "libavb/avb_cmdline.c" }, { "type": "modify", "old_id": "648e20262cf7047d83d7908e98969be08264adfc", "old_mode": 33188, "old_path": "libavb/avb_cmdline.h", "new_id": "996535d088c9dd60af4468d48f853f799b8c34fa", "new_mode": 33188, "new_path": "libavb/avb_cmdline.h" }, { "type": "modify", "old_id": "7e8d7e21ca4805465373baaa1b37c960898ef020", "old_mode": 33188, "old_path": "libavb/avb_crypto.h", "new_id": "0903baa8c1c02ff2261975f72851ed2980d8da3c", "new_mode": 33188, "new_path": "libavb/avb_crypto.h" }, { "type": "modify", "old_id": "2e427de9397e10c03e628d58cdb1b5389f5b915a", "old_mode": 33188, "old_path": "libavb/avb_hash_descriptor.c", "new_id": "3a6b8c8809118294aa3b7e044d270ed97ee4b4ee", "new_mode": 33188, "new_path": "libavb/avb_hash_descriptor.c" }, { "type": "modify", "old_id": "266811847410625dafa6c523685e3d15c6d39d8d", "old_mode": 33188, "old_path": "libavb/avb_hash_descriptor.h", "new_id": "9ee89971235872d5ef81183a3cd0ae45042796b2", "new_mode": 33188, "new_path": "libavb/avb_hash_descriptor.h" }, { "type": "modify", "old_id": "b961e47cc6d4a4c30c83f64e0a7f305f15cbeffa", "old_mode": 33188, "old_path": "libavb/avb_hashtree_descriptor.c", "new_id": "0822458f84bb9647c4c8d294a48363729bf1a206", "new_mode": 33188, "new_path": "libavb/avb_hashtree_descriptor.c" }, { "type": "modify", "old_id": "a5aafbf0584595e7e50bd477d860a523086c2f69", "old_mode": 33188, "old_path": "libavb/avb_hashtree_descriptor.h", "new_id": "d0f7e2c2885efcc9f84408c0f275953af91099f8", "new_mode": 33188, "new_path": "libavb/avb_hashtree_descriptor.h" }, { "type": "modify", "old_id": "bfc21fd8ae5278bbd868f7202ccf9471e3db428b", "old_mode": 33188, "old_path": "libavb/avb_ops.h", "new_id": "77f7ec3c127f633c7671ea125faede5e1c113c12", "new_mode": 33188, "new_path": "libavb/avb_ops.h" }, { "type": "modify", "old_id": "f8c941c48ae0fb34cf0b98a339f4ff73af49a619", "old_mode": 33188, "old_path": "libavb/avb_slot_verify.c", "new_id": "3e6b04c1627fef07cfa22c2b9bb672a1a86ef129", "new_mode": 33188, "new_path": "libavb/avb_slot_verify.c" }, { "type": "modify", "old_id": "fafde01113799cef1b283138f8d9863f147078e0", "old_mode": 33188, "old_path": "libavb/avb_util.c", "new_id": "c04c79ae71cf6bc04b2d87e612d7e1606a0b69e7", "new_mode": 33188, "new_path": "libavb/avb_util.c" }, { "type": "modify", "old_id": "07c325876803a24c8dd951814e10f4bfc9c02a9b", "old_mode": 33188, "old_path": "libavb/avb_util.h", "new_id": "be1b3c9b21f97f7b59b135f868f20d1a7b0cb258", "new_mode": 33188, "new_path": "libavb/avb_util.h" }, { "type": "modify", "old_id": "9d929700747b060a77e38556099bcba3dff06ecf", "old_mode": 33188, "old_path": "libavb/avb_version.h", "new_id": "ce4313604e0cc5bc6155603740fc57fd995d0494", "new_mode": 33188, "new_path": "libavb/avb_version.h" }, { "type": "modify", "old_id": "0299b512e2b6b1011b35649a592570d5ba80a793", "old_mode": 33188, "old_path": "test/avb_atx_validate_unittest.cc", "new_id": "c32ecf8003bc2f1a282481088bfb231418dc36d9", "new_mode": 33188, "new_path": "test/avb_atx_validate_unittest.cc" }, { "type": "modify", "old_id": "86d756ef046bd2c9fccd9eb61857fe906df129ab", "old_mode": 33188, "old_path": "test/avb_slot_verify_unittest.cc", "new_id": "9584439caa6a6139eeeac495cb21b57d7049c1d2", "new_mode": 33188, "new_path": "test/avb_slot_verify_unittest.cc" }, { "type": "modify", "old_id": "a2561bd43a234e958b2080d94d1045a6d9d27a51", "old_mode": 33188, "old_path": "test/avbtool_unittest.cc", "new_id": "fe7d3ba9b64b777824158565834ca2645838e841", "new_mode": 33188, "new_path": "test/avbtool_unittest.cc" }, { "type": "modify", "old_id": "9d3963ab7a1fd57d22aae0e61a247000f18b2c0b", "old_mode": 33188, "old_path": "test/fake_avb_ops.cc", "new_id": "6ee128aadfd7499f9a0537de47615170d5b6f896", "new_mode": 33188, "new_path": "test/fake_avb_ops.cc" }, { "type": "modify", "old_id": "93c7ee935fe8a8b4d3cfaabad1b4c2cf83cda30f", "old_mode": 33188, "old_path": "test/fake_avb_ops.h", "new_id": "769f3cc51feae67fa21ce5d6906fc3beb8a39a0a", "new_mode": 33188, "new_path": "test/fake_avb_ops.h" } ] }