Question

此问题与device-mapper-verity（dm-verity）内核功能有关，该功能提供了块设备的透明完整性检查。 dm-verity有助于防止持久的rootkit，这些rootkit可以保留root权限并破坏设备。

以下命令可以在userdebug版本上禁用或启用verity。

adb disable-verity 
adb enable-verity

但是这些命令不适用于用户构建。用户构建有什么替代方法吗？

Answer 1

简而言之，我无法为您提供解决方案。

但是这里有一些有用的提示：那是我得到的错误：

C:\Users\Test>adb remount
dm_verity is enabled on the system and vendor partitions.
Use "adb disable-verity" to disable verity.
If you do not, remount may succeed, however, you will still not be able to write to these volumes.
remount of system failed: Permission denied
remount failed

（ ^一些确切的文字对于在谷歌搜索的人来说也很重要^ ）

逆向工程/反编译＆＃39; \ sbin \ adbd ＆＃39;我注意到IDA Hex-rays 输出此错误的相关 adbd 源代码位于net：

void remount_service(int fd, void *cookie)
{
    char buffer[200];
    char prop_buf[PROPERTY_VALUE_MAX];

    bool system_verified = false, vendor_verified = false;
    property_get("partition.system.verified", prop_buf, "0");
    if (!strcmp(prop_buf, "1")) {
        system_verified = true;
    }

    property_get("partition.vendor.verified", prop_buf, "0");
    if (!strcmp(prop_buf, "1")) {
        vendor_verified = true;
    }

    if (system_verified || vendor_verified) {
        // Allow remount but warn of likely bad effects
        bool both = system_verified && vendor_verified;
        snprintf(buffer, sizeof(buffer),
                 "dm_verity is enabled on the %s%s%s partition%s.\n",
                 system_verified ? "system" : "",
                 both ? " and " : "",
                 vendor_verified ? "vendor" : "",
                 both ? "s" : "");
        write_string(fd, buffer);
        snprintf(buffer, sizeof(buffer),
                 "Use \"adb disable-verity\" to disable verity.\n"
                 "If you do not, remount may succeed, however, you will still "
                 "not be able to write to these volumes.\n");
        write_string(fd, buffer);
    }

    if (remount("/system", &system_ro)) {
        snprintf(buffer, sizeof(buffer), "remount of system failed: %s\n",strerror(errno));
        write_string(fd, buffer);
    }

    if (hasVendorPartition()) {
        if (remount("/vendor", &vendor_ro)) {
            snprintf(buffer, sizeof(buffer), "remount of vendor failed: %s\n",strerror(errno));
            write_string(fd, buffer);
        }
    }

    if (!system_ro && (!vendor_ro || !hasVendorPartition()))
        write_string(fd, "remount succeeded\n");
    else {
        write_string(fd, "remount failed\n");
    }

    adb_close(fd);
}

http://www.contrib.andrew.cmu.edu/~rjkohler/android-tools-5.0.1+git20141213/core/adb/remount_service.c 顺便说一下，我曾经解除的adb deamon来自Android 5.1.1。

所以这里的要点是 partition.vendor.verified 和 partition.system.verified 。如果他们设置为＆＃34; 1＆＃34;你会收到错误。

接下来将是寻找原因和方法 ......以及如何防止这种情况。

然而 adb remount 所做的只是重新安装 / system （可能 / vendor ）。您也可以自己动手：

adb shell su mount -o remount /system

这条小线通常会帮助我完成同样的事情。 su - 这就是诀窍。（但是，只有当你的设备被“生根”时， su 命令才会出现。）

Answer 2

adb disable-verity仅适用于adb版本1.0.33及更高版本。所以升级您的adb版本

如何在Android设备上启用和禁用dm verity？

2 个答案: