Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
libfs_avb: Disable dm-verity when AVB is permissive
When the bootloader is unlocked (i.e. AVB is permissive), enforcing dm-verity on system partitions is meaningless because the bootloader doesn't enforce verification on the root of the high-level verified boot chain: the kernel. As a result, mounting system partitions with dm-verity (hashtree verification) is futile when the code performing verification has not been verified in the first place; users can also disable dm-verity manually by flashing vbmeta with `fastboot flash --disable-verity vbmeta vbmeta.img`. For user and developer convenience, disable dm-verity automatically when the bootloader is unlocked by checking for permissive AVB. This makes it possible to ship enforcing vbmeta images for security-conscious users to lock their bootloader and reap the benefits of verified boot, while still allowing users with unlocked bootloaders to modify system partitions. Change-Id: Ie88362cfbda75561ef450e00fdc82ade221facb5
- Loading branch information