首页 > 编程入门 文章详情

AVB 部分流程

编程入门 行业动态 更新时间:2024-10-25 22:29:32

AVB 部分<a href=https://www.elefans.com/category/jswz/34/1770115.html style=流程"/>

AVB 部分流程

fs_mgr

仅有部分关键函数


函数入口点:system/core/init/main.cpp-->int main()-->BuiltinFunctionMap& function_map = GetBuiltinFunctionMap();
//function_map 中有所有库中的函数的映射后的命令,以do_mount_all  ~~ mount_all 为例

vbmeta verity 相关

AvbHandle::Open()FsManagerAvbOps::AvbSlotVerify()AvbVerifier::Create(); //1AvbVerifier::VerifyVbmetaImages(const std::vector<VBMetaData>& vbmeta_images) //2VerifyVbmetaDigest<SHA256Hasher>(vbmeta_images, digest_); //针对不同的加密方式使用不同的vbmeta校验方式,还有hash512,并结合1/2 
do_mount_all()MountAllResult fs_mgr_mount_all(Fstab* fstab, int mount_mode)AvbHashtreeResult AvbHandle::SetUpStandaloneAvbHashtree(FstabEntry* fstab_entry,bool wait_for_verity_dev)AvbUniquePtr AvbHandle::LoadAndVerifyVbmeta(const FstabEntry& fstab_entry,const std::vector[std::string](std::string)& preload_avb_key_blobs) //返回一个avb_handleLoadAndVerifyVbmetaByPath()AvbHandle::SetUpAvbHashtree()LoadAvbHashtreeToEnableVerity()DeriveAvbPartitionName() //将fstab blk 中带后缀的名字重命名: system_a  systemGetHashtreeDescriptor()HashtreeDmVeritySetup() //最后准备工作ConstructVerityTable()SetBlockDeviceReadOnly()  //构建verity table ,设置分区读写属性等

上面提到LoadAndVerifyVbmetaByPath失败的原因有:

  • waitforfile fail
  • open fail
  • VerifyVBMetaData: 这里校验的依据有:
    • footer
    • offset
    • data_size等等

入口点:system/vold/vdc.cppint main(int argc, char** argv) VoldNativeService::mountFstabfscrypt_mount_metadata_encrypted()mount_via_fs_mgr(const char* mount_point, const char* blk_device, bool needs_encrypt)fs_mgr_do_mount()fs_mgr_do_mount_helper()SetUpStandaloneAvbHashtree()

有两个时机会运行fscrypt_mount_metadata_encrypted(),

  • VoldNativeService::mountFstab //本处以此为例
  • VoldNativeService::encryptFstab

挂载流程分析

分区挂载相关

main(int argc, char** argv)//agrv[1]==secondSecondStageMain(int argc, char** argv)//agrv[1]==firstFirstStageMain(int argc, char** argv)DoFirstStageMount(bool create_devices)IsRecoveryMode() // access("/system/bin/recovery", F_OK)FirstStageMount::Create();DoCreateDevices()FirstStageMount::DoFirstStageMount()IsDmLinearEnabled() && fstab_.empty()  //相关属性检查FirstStageMount::MountPartitions()TrySwitchSystemAsRoot()MountPartition(system_partition, false /* erase_same_mounts */) //先挂载system分区,挂载失败,直接返回SwitchRoot("/system");  //system as rootSkipMountingPartitions() //一些跳过mount的分区,如GSI下几句跳过system-ext/productMountPartition(current, false /* erase_same_mounts */, &end))SetUpDmVerity(&(*begin))if(!fstab_entry->avb_keys.empty())if(avb-handle = disable/error) //return true 直接挂载镜像else AvbHandle::LoadAndVerifyVbmeta(*fstab_entry, preload_avb_key_blobs_[])LoadAndVerifyVbmetaByPath(stab_entry.blk_device, "" ,""  , allow_verification_error, rollback_protection,false , &public_key_data, &verification_disabled, &verify_result);WaitForFile((image_path, 1s))open(image_path.c_str(), O_RDONLY | O_CLOEXEC)VerifyVBMetaData()SetUpAvbHashtree(fstab_entry, false /* wait_for_verity_dev */);BlockDevInitializer::InitDmDevice(const std::string& device)else if (fstab_entry->fs_mgr_flags.avb)if (!InitAvbHandle()) return false;hashtree_result =avb_handle_->SetUpAvbHashtree()                                        fs_mgr_mount_overlayfs_fstab_entry(entry); // fs-type = overlayGetRootEntry(&root_entry) //如fstab中没有/system或者/ ,就创建一个入口block_dev_init_.InitDmDevice(*iter) //Creates "/dev/block/dm-XX" for dm nodes by running coldboot on /sys/block/dm-XX.fs_mgr_overlayfs_mount_all(&fstab_)fs_mgr_mount_point(entry.mount_point);fs_mgr_overlayfs_already_mounted(mount_point)fs_mgr_overlayfs_mount(entry)

驱动部分

module_init(dm_verity_init)dm_register_target(&verity_target);static struct target_type verity_target = {.name		= "verity",.features	= DM_TARGET_IMMUTABLE,.version	= {1, 5, 0},.module		= THIS_MODULE,.ctr		= verity_ctr,.dtr		= verity_dtr,.map		= verity_map,.status		= verity_status,.prepare_ioctl	= verity_prepare_ioctl,.iterate_devices = verity_iterate_devices,.io_hints	= verity_io_hints,
};
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
verity_map(struct dm_target *ti, struct bio *bio)verity_end_io(struct bio *bio)INIT_WORK(&io->work, verity_work);  //verity_work()verity_finish_io(io, errno_to_blk_status(verity_verify_io(io))) //errno_to_blk_status->blk-core.c 功能未知verity_verify_io(struct dm_verity_io *io)*bio = dm_bio_from_per_bio_data(io, v->ti->per_io_data_size);for(::) //对每一个n_blocksverity_hash_for_block(v, io, cur_block,verity_io_want_digest(v, io),&is_zero);verity_verify_level()verity_hash(v, verity_io_hash_req(v, io), data, 1 << v->hash_dev_block_bits, verity_io_real_digest(v, io))likely(memcmp(verity_io_real_digest(v, io), want_digest, v->digest_size) == 0)verity_fec_decode(v, io, DM_VERITY_BLOCK_TYPE_METADATA, hash_block, data, NULL)verity_handle_err(v, DM_VERITY_BLOCK_TYPE_METADATA, hash_block)  //经过verity-hash/ 比较digest/ fec纠错后都失败,处理错误块verity_fec_init_io(io);verity_submit_prefetch(v, io);generic_make_request(bio);
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++

更多推荐

AVB 部分流程

本文发布于:2024-02-04 17:29:31,感谢您对本站的认可!
本文链接:https://www.elefans.com/category/jswz/34/1673265.html
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。
本文标签:流程   AVB

发布评论

评论列表 (有 0 条评论)

最近发表

草根站长

>www.elefans.com

编程频道|电子爱好者 - 技术资讯及电子产品介绍!

热门文章

标签列表