1 #define TAG "ext4_utils"
3 #include "ext4_crypt.h"
11 #include <sys/mount.h>
14 #include <cutils/klog.h>
15 #include <cutils/properties.h>
16 #include <cutils/sockets.h>
19 #include "unencrypted_properties.h"
21 // ext4enc:TODO Include structure from somewhere sensible
22 // MUST be in sync with ext4_crypto.c in kernel
23 #define EXT4_MAX_KEY_SIZE 76
24 struct ext4_encryption_key {
26 char raw[EXT4_MAX_KEY_SIZE];
30 static const std::string keyring = "@s";
31 static const std::string arbitrary_sequence_number = "42";
32 static const int vold_command_timeout_ms = 10 * 1000;
34 static key_serial_t device_keyring = -1;
36 static std::string vold_command(std::string const& command)
38 KLOG_INFO(TAG, "Running command %s\n", command.c_str());
39 int sock = socket_local_client("vold",
40 ANDROID_SOCKET_NAMESPACE_RESERVED,
44 KLOG_INFO(TAG, "Cannot open vold, failing command\n");
52 CloseSocket(int sock) : sock_(sock) {}
53 ~CloseSocket() { close(sock_); }
58 // Use arbitrary sequence number. This should only be used when the
59 // framework is down, so this is (mostly) OK.
60 std::string actual_command = arbitrary_sequence_number + " " + command;
61 if (write(sock, actual_command.c_str(), actual_command.size() + 1) < 0) {
62 KLOG_ERROR(TAG, "Cannot write command\n");
66 struct pollfd poll_sock = {sock, POLLIN, 0};
68 int rc = poll(&poll_sock, 1, vold_command_timeout_ms);
70 KLOG_ERROR(TAG, "Error in poll %s\n", strerror(errno));
73 if (!(poll_sock.revents & POLLIN)) {
74 KLOG_ERROR(TAG, "Timeout\n");
78 memset(buffer, 0, sizeof(buffer));
79 rc = read(sock, buffer, sizeof(buffer));
82 KLOG_ERROR(TAG, "Lost connection to Vold - did it crash?\n");
84 KLOG_ERROR(TAG, "Error reading data (%s)\n", strerror(errno));
89 // We don't truly know that this is the correct result. However,
90 // since this will only be used when the framework is down,
91 // it should be OK unless someone is running vdc at the same time.
92 // Worst case we force a reboot in the very rare synchronization
94 return std::string(buffer, rc);
97 int e4crypt_create_device_key(const char* dir,
98 int ensure_dir_exists(const char*))
100 // Make sure folder exists. Use make_dir to set selinux permissions.
101 KLOG_INFO(TAG, "Creating test device key\n");
102 UnencryptedProperties props(dir);
103 if (ensure_dir_exists(props.GetPath().c_str())) {
104 KLOG_ERROR(TAG, "Failed to create %s with error %s\n",
105 props.GetPath().c_str(), strerror(errno));
109 if (props.Get<std::string>(properties::key).empty()) {
110 // Create new key since it doesn't already exist
111 std::ifstream urandom("/dev/urandom", std::ifstream::binary);
113 KLOG_ERROR(TAG, "Failed to open /dev/urandom\n");
117 // ext4enc:TODO Don't hardcode 32
118 std::string key_material(32, '\0');
119 urandom.read(&key_material[0], key_material.length());
121 KLOG_ERROR(TAG, "Failed to read random bytes\n");
125 if (!props.Set(properties::key, key_material)) {
126 KLOG_ERROR(TAG, "Failed to write key material\n");
131 if (!props.Remove(properties::ref)) {
132 KLOG_ERROR(TAG, "Failed to remove key ref\n");
139 int e4crypt_install_keyring()
141 device_keyring = add_key("keyring",
145 KEY_SPEC_SESSION_KEYRING);
147 if (device_keyring == -1) {
148 KLOG_ERROR(TAG, "Failed to create keyring\n");
152 KLOG_INFO(TAG, "Keyring created wth id %d in process %d\n",
153 device_keyring, getpid());
155 // ext4enc:TODO set correct permissions
156 long result = keyctl_setperm(device_keyring, 0x3f3f3f3f);
158 KLOG_ERROR(TAG, "KEYCTL_SETPERM failed with error %ld\n", result);
165 int e4crypt_install_key(const char* dir)
167 UnencryptedProperties props(dir);
168 auto key = props.Get<std::string>(properties::key);
170 // Get password to decrypt as needed
171 if (e4crypt_non_default_key(dir)) {
172 std::string result = vold_command("cryptfs getpw");
176 // 200 0 {{sensitive}} 0001020304
177 // where 0001020304 is hex encoding of password
178 std::istringstream i(result);
182 KLOG_ERROR(TAG, "Expecting 200\n");
187 if (bit != arbitrary_sequence_number) {
188 KLOG_ERROR(TAG, "Expecting %s\n", arbitrary_sequence_number.c_str());
193 if (bit != "{{sensitive}}") {
194 KLOG_INFO(TAG, "Not encrypted\n");
201 // Add key to keyring
202 ext4_encryption_key ext4_key = {0, {0}, 0};
203 if (key.length() > sizeof(ext4_key.raw)) {
204 KLOG_ERROR(TAG, "Key too long\n");
209 memcpy(ext4_key.raw, &key[0], key.length());
210 ext4_key.size = key.length();
212 // ext4enc:TODO Use better reference not 1234567890
213 key_serial_t key_id = add_key("logon", "ext4-key:1234567890",
214 (void*)&ext4_key, sizeof(ext4_key),
218 KLOG_ERROR(TAG, "Failed to insert key into keyring with error %s\n",
223 KLOG_INFO(TAG, "Added key %d to keyring %d in process %d\n",
224 key_id, device_keyring, getpid());
226 // ext4enc:TODO set correct permissions
227 long result = keyctl_setperm(key_id, 0x3f3f3f3f);
229 KLOG_ERROR(TAG, "KEYCTL_SETPERM failed with error %ld\n", result);
233 // Save reference to key so we can set policy later
234 if (!props.Set(properties::ref, "ext4-key:1234567890")) {
235 KLOG_ERROR(TAG, "Cannot save key reference\n");
242 int e4crypt_set_directory_policy(const char* dir)
244 // Only set policy on first level /data directories
245 // To make this less restrictive, consider using a policy file.
246 // However this is overkill for as long as the policy is simply
247 // to apply a global policy to all /data folders created via makedir
248 if (!dir || strncmp(dir, "/data/", 6) || strchr(dir + 6, '/')) {
252 UnencryptedProperties props("/data");
253 std::string ref = props.Get<std::string>(properties::ref);
254 std::string policy = keyring + "." + ref;
255 KLOG_INFO(TAG, "Setting policy %s\n", policy.c_str());
256 int result = do_policy_set(dir, policy.c_str());
258 KLOG_ERROR(TAG, "Setting policy on %s failed!\n", dir);