Add AVB_SLOT_VERIFY_FLAGS_NO_VBMETA_PARTITION flag.
On Android devices not using A/B, the recovery partition usually isn't
updated along with other partitions and therefore can't be referenced
from the main vbmeta partition.
To make it possible to use AVB to protect this partition (and others)
add a new flag AVB_SLOT_VERIFY_FLAGS_NO_VBMETA_PARTITION which can be
passed to avb_slot_verify(). In this mode the vbmeta partition is
never read from and the key used to sign each requested partition is
verified by a new validate_public_key_for_partition() operation which
is also used to return the rollback index location to be used.
Test: New unit test + all unit tests pass.
Bug: 130351427
Change-Id: Iaa4b25d9c10e33f7a79021cfedf64f38ea923888
5 files changed