[再起動の問題] AndroidPがdm-verity検出をバイパスする
Android P Bypasses Dm Verity Detection
update_verifierでdm-verity検出をバイパスします
//bootable/recovery/update_verifier/update_verifier.cpp //int update_verifier(int argc, char** argv) { ... #endif } else if (android::base::EqualsIgnoreCase(verity_mode, 'eio')) { // We shouldn't see verity in EIO mode if the current slot hasn't booted successfully before. // Continue the verification until we fail to read some blocks. LOG(WARNING) << 'Found dm-verity in EIO mode.' } else if (android::base::EqualsIgnoreCase(verity_mode, 'disabled')) { LOG(WARNING) << 'dm-verity in disabled mode marking without verification.' skip_verification = true + } else if (verity_mode == 'logging') { + LOG(ERROR) << 'Ethan skip here, dm-verity mode : ' << verity_mode << ', expecting work around.' + skip_verification = true } else if (verity_mode != 'enforcing') { LOG(ERROR) << 'Unexpected dm-verity mode : ' << verity_mode << ', expecting enforcing.' return reboot_device()参照文書:
https://source.android.google.cn/devices/tech/ota/ab/
https://source.android.google.cn/security/verifiedboot/dm-verity.html