OSDN Git Service
android-build-team Robot [Thu, 6 May 2021 01:11:11 +0000 (01:11 +0000)]
Snap for
7339742 from
d24f5a26e8f3ed699523fcd801e831c23eb3c0b1 to sc-v2-release
Change-Id: I8ce45d62424789ef79eaea03ff81d09d116ed367
Alan Stokes [Wed, 5 May 2021 15:04:04 +0000 (15:04 +0000)]
[automerger skipped] Merge "Only kill apps with storage app data isolation enabled" am:
b2678b6654 am:
53d7796ccd am:
dedb2c1a13 -s ours
am skip reason: Merged-In I45d9a63ed47cbc27aebb63357a43f51ad62275db with SHA-1
a58b535495 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1690874
Change-Id: I641a83e69e7b3ffc267997503cc741cb8a04f030
Alan Stokes [Wed, 5 May 2021 14:45:44 +0000 (14:45 +0000)]
Merge "Only kill apps with storage app data isolation enabled" am:
b2678b6654 am:
53d7796ccd
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1690874
Change-Id: I807f10f18d56c8ff1ef36f6b5cad85f2ee911184
Alan Stokes [Wed, 5 May 2021 14:30:21 +0000 (14:30 +0000)]
Merge "Only kill apps with storage app data isolation enabled" am:
b2678b6654
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1690874
Change-Id: I063073d4419566c11207a147ac3260d4cee671a3
Alan Stokes [Wed, 5 May 2021 14:16:00 +0000 (14:16 +0000)]
Merge "Only kill apps with storage app data isolation enabled"
android-build-team Robot [Wed, 5 May 2021 01:10:33 +0000 (01:10 +0000)]
Snap for
7336869 from
630fa5785ea1c3feeaa649301b264758c9cd83bf to sc-v2-release
Change-Id: Iaa244ba2909603631247c84469257b8db65c22f9
Eric Biggers [Tue, 4 May 2021 16:58:24 +0000 (16:58 +0000)]
Merge "Log error message if setting project quota ID fails" am:
7505efbd5d am:
44df16de69 am:
1768a47b25
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1694189
Change-Id: If76a5f6341b8f21ed49e079e14bd67362fb35f7a
Eric Biggers [Tue, 4 May 2021 16:42:09 +0000 (16:42 +0000)]
Merge "Log error message if setting project quota ID fails" am:
7505efbd5d am:
44df16de69
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1694189
Change-Id: Idc0cff5798358f977445ebe4f104ccf2fbb42cce
Eric Biggers [Tue, 4 May 2021 16:19:11 +0000 (16:19 +0000)]
Merge "Log error message if setting project quota ID fails" am:
7505efbd5d
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1694189
Change-Id: I64ee98eb6505837197aa509a8b9e21a952739966
Eric Biggers [Tue, 4 May 2021 16:06:14 +0000 (16:06 +0000)]
Merge "Log error message if setting project quota ID fails"
Songchun Fan [Tue, 4 May 2021 00:14:40 +0000 (00:14 +0000)]
Merge "[vold] pass sysfs_name to mount options" into sc-dev
Eric Biggers [Mon, 3 May 2021 19:29:40 +0000 (12:29 -0700)]
Log error message if setting project quota ID fails
Otherwise, the only sign of what went wrong may be system_server
logging a "ServiceSpecificException".
Bug:
187079978
Change-Id: I59b2ba2b0e679dfd1ec1fd8fff6790256fbfdf29
android-build-team Robot [Sat, 1 May 2021 03:10:35 +0000 (03:10 +0000)]
Snap for
7328689 from
cebee9c533bbe0fadd6dc1eae424fb7d831ad598 to sc-v2-release
Change-Id: Ibb659e83be03bfea25b62ec55865db737f9a5a2b
Ricky Wai [Fri, 30 Apr 2021 08:53:07 +0000 (09:53 +0100)]
Only kill apps with storage app data isolation enabled
Originally it kills all the apps with obb and data mounted.
Due to recent changes, all apps will have obb and data dirs mounted
in default root namespace. Hence all apps will be killed by
by KillProcessesWithMounts().
To fix this, we also check if the dir is mounted as tmpfs,
as the default namespace one is bind mounted to lowerfs,
which app data isolation is mounted as tmpfs, so we only
kill the process that have obb dir mounted as tmpfs.
Bug:
148049767
Test: Able to boot without warnings
Change-Id: I5f862ad6f64f5df739b68ea7c9815352bae3be5c
Merged-In: I45d9a63ed47cbc27aebb63357a43f51ad62275db
Ricky Wai [Fri, 30 Apr 2021 13:49:13 +0000 (13:49 +0000)]
Merge "Only kill apps with storage app data isolation enabled" into sc-dev
Ricky Wai [Thu, 29 Apr 2021 16:47:28 +0000 (17:47 +0100)]
Only kill apps with storage app data isolation enabled
Originally it kills all the apps with obb and data mounted.
Due to recent changes, all apps will have obb and data dirs mounted
in default root namespace. Hence all apps will be killed by
by KillProcessesWithMounts().
To fix this, we also check if the dir is mounted as tmpfs,
as the default namespace one is bind mounted to lowerfs,
which app data isolation is mounted as tmpfs, so we only
kill the process that have obb dir mounted as tmpfs.
Bug:
148049767
Test: Able to boot without warnings / errors
Ignore-AOSP-First: Merge it along with other CLs, will cherry-pick to
AOSP afterwards.
Change-Id: I45d9a63ed47cbc27aebb63357a43f51ad62275db
Ricky Wai [Tue, 23 Mar 2021 18:13:07 +0000 (18:13 +0000)]
Change mounting storage data and obb flag to on by default
Change mounting storage data and obb flag to on by default
Test: unbundled/launcher/nexus_unit_test_multi_device_platform
Test: atest android.appsecurity.cts.ExternalStorageHostTest
Test: atest AdoptableHostTest
Test: pass cts/cts_postsubmit_cf_stable-cloud-tf
Bug:
148049767
Ignore-AOSP-First: Merge it along with other CLs, will cherry-pick to
AOSP afterwards.
Change-Id: I6391b7381699b4ffdbf715b67938bc3f79a5210c
Songchun Fan [Tue, 27 Apr 2021 19:46:02 +0000 (12:46 -0700)]
[vold] pass sysfs_name to mount options
Ignore-AOSP-First: Will cherry-pick to AOSP
Test: manual
BUG:
184844615
Change-Id: I216210132f49f55098c0f2d1b8d4e571b22cfcc4
android-build-team Robot [Tue, 27 Apr 2021 01:10:03 +0000 (01:10 +0000)]
Snap for
7314842 from
ee2f2e081da301b4bf7c2888618f70985bb6746f to sc-v2-release
Change-Id: I3e48430516098873738e8166065c6e7f9eea2be8
Treehugger Robot [Mon, 26 Apr 2021 20:27:50 +0000 (20:27 +0000)]
Merge "Fix cryptfs RSA signing with keystore2" am:
d2bb367549 am:
97455f85b0 am:
f04542fcac
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1684055
Change-Id: I0762df0881f194acd1d1a13dc1eae54647ac02f6
Treehugger Robot [Mon, 26 Apr 2021 19:50:00 +0000 (19:50 +0000)]
Merge "Fix cryptfs RSA signing with keystore2" am:
d2bb367549 am:
97455f85b0
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1684055
Change-Id: Ia25afd08bb0a0400d24343f37aeea4246f3ec1e8
Treehugger Robot [Mon, 26 Apr 2021 19:13:28 +0000 (19:13 +0000)]
Merge "Fix cryptfs RSA signing with keystore2" am:
d2bb367549
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1684055
Change-Id: Ib91a29bf3d216c09ece619b9554c8f391efbe5fd
Treehugger Robot [Mon, 26 Apr 2021 18:51:13 +0000 (18:51 +0000)]
Merge "Fix cryptfs RSA signing with keystore2"
android-build-team Robot [Sat, 24 Apr 2021 03:10:09 +0000 (03:10 +0000)]
Snap for
7310088 from
33f9b160a20dbd219967e40f6bba61e76da443ae to sc-v2-release
Change-Id: Ie48dbbd26b52d74c49553083ec9d42aa5e55e8c4
Hasini Gunasinghe [Fri, 23 Apr 2021 23:48:18 +0000 (23:48 +0000)]
Merge "Make vold use the updated keystore 2 API for storage keys." am:
68bdb45cf8 am:
0e9eb8ebca am:
d14ab5c35c
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1681547
Change-Id: I26878bfc82857c05539c1a2705ddcb3fad0c3fb4
Hasini Gunasinghe [Fri, 23 Apr 2021 23:25:35 +0000 (23:25 +0000)]
Merge "Make vold use the updated keystore 2 API for storage keys." am:
68bdb45cf8 am:
0e9eb8ebca
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1681547
Change-Id: I8ee13ffd60784cee2ffbe8ff640b30a0f7716f5f
Hasini Gunasinghe [Fri, 23 Apr 2021 23:03:46 +0000 (23:03 +0000)]
Merge "Make vold use the updated keystore 2 API for storage keys." am:
68bdb45cf8
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1681547
Change-Id: Ib4156e85984c903cf521977e39522d013daf140c
Hasini Gunasinghe [Fri, 23 Apr 2021 22:39:04 +0000 (22:39 +0000)]
Merge "Make vold use the updated keystore 2 API for storage keys."
Eric Biggers [Thu, 22 Apr 2021 23:36:58 +0000 (16:36 -0700)]
Fix cryptfs RSA signing with keystore2
Fix KeymasterOperation::updateCompletely() to not treat an empty output
as an error, since for RSA signing (used by cryptfs / FDE) it is
expected that the output from update() be empty. The output is instead
produced at the end by finish().
This is one of a set of changes that is needed to get FDE working again
so that devices that launched with FDE can be upgraded to Android 12.
Bug:
186165644
Change-Id: Icf120f8b9526d051d0ebe16bc8ad1edf712241e1
android-build-team Robot [Thu, 22 Apr 2021 01:10:18 +0000 (01:10 +0000)]
Snap for
7302914 from
5b6c40e3c0dbc8e6626c70ec3475905dcec9d11c to sc-v2-release
Change-Id: I46ef3025af28df7ba47b26ae000796acd4b5c023
Jaegeuk Kim [Tue, 20 Apr 2021 23:20:48 +0000 (23:20 +0000)]
Merge "mkfs_f2fs: give the log in kernel" am:
177b9db866 am:
b79f93bea9 am:
52b6cc4a8a
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1677035
Change-Id: Idc20fc59694a4fefb0118c9e18c948e3af8cd8fe
Jaegeuk Kim [Tue, 20 Apr 2021 22:54:45 +0000 (22:54 +0000)]
Merge "mkfs_f2fs: give the log in kernel" am:
177b9db866 am:
b79f93bea9
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1677035
Change-Id: I10b8cf99a771b28e66a2c9a391b7c9d00281d492
Jaegeuk Kim [Tue, 20 Apr 2021 22:26:22 +0000 (22:26 +0000)]
Merge "mkfs_f2fs: give the log in kernel" am:
177b9db866
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1677035
Change-Id: I55cce35d98afdf058854746e90c42be6c4f7d52c
Jaegeuk Kim [Tue, 20 Apr 2021 22:08:26 +0000 (22:08 +0000)]
Merge "mkfs_f2fs: give the log in kernel"
Janis Danisevskis [Tue, 20 Apr 2021 19:50:58 +0000 (12:50 -0700)]
Make vold use the updated keystore 2 API for storage keys.
This CL updates vold to use the updated storage key API that provides an
optional upgraded key blob. In this patch the upgraded key blob is not
yet stored by vold.
Bug:
185811713
Test: N/A
Change-Id: I39eeb20df0eb2b023479f3adebab264d29d00048
Jaegeuk Kim [Wed, 14 Apr 2021 19:02:41 +0000 (12:02 -0700)]
mkfs_f2fs: give the log in kernel
It's very useful to see the mkfs log in console to debug any issues.
Bug:
172378121
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: Icdac3609860cf0bba3fa758cead885bd4960f2c0
android-build-team Robot [Fri, 16 Apr 2021 01:10:07 +0000 (01:10 +0000)]
Snap for
7286185 from
73eda071ef9c19d8631841c116ce127a614b3c15 to sc-v2-release
Change-Id: I43e8199c75b4209569e6ff74638e95305fad02ec
Treehugger Robot [Thu, 15 Apr 2021 04:42:14 +0000 (04:42 +0000)]
Merge "vold: add getUnlockedUsers() method to Binder interface" am:
5e5819a761 am:
ffcb495f2c am:
b22fa25e7b
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1674805
Change-Id: I46101eff7eaa690af8c3dc53442ba05d9a30bb8b
Treehugger Robot [Thu, 15 Apr 2021 03:52:14 +0000 (03:52 +0000)]
Merge "vold: add getUnlockedUsers() method to Binder interface" am:
5e5819a761 am:
ffcb495f2c
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1674805
Change-Id: I6a28604fbf87bc8e299596eaed5261f2925676dd
Treehugger Robot [Thu, 15 Apr 2021 03:06:01 +0000 (03:06 +0000)]
Merge "vold: add getUnlockedUsers() method to Binder interface" am:
5e5819a761
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1674805
Change-Id: I6b491e5939d3c878351bdfed3452e95ca8f19a89
Treehugger Robot [Thu, 15 Apr 2021 02:33:22 +0000 (02:33 +0000)]
Merge "vold: add getUnlockedUsers() method to Binder interface"
android-build-team Robot [Wed, 14 Apr 2021 01:09:51 +0000 (01:09 +0000)]
Snap for
7280565 from
23d93638c5708dc924eac99367fe4b9caf7a9b3f to sc-v2-release
Change-Id: Ib68a4a92077d2d5a7495bc73cdc2ca99c0c24afc
Eric Biggers [Tue, 6 Apr 2021 19:02:56 +0000 (12:02 -0700)]
vold: add getUnlockedUsers() method to Binder interface
This is needed so that system_server can remind itself about which users
have their storage unlocked, if system_server is restarted due to a
userspace reboot (soft restart).
Bug:
146206679
Test: see I482ed8017f7bbc8f7d4fd5a2c0f58629317ce4ed
Change-Id: I02f0494d827094bd41bcfe5f63c24e204b728595
(cherry picked from commit
1799debfd6561ca7348880bb59ad8c059f4891b0)
Eric Biggers [Tue, 13 Apr 2021 17:52:02 +0000 (17:52 +0000)]
Merge "vold: add getUnlockedUsers() method to Binder interface" into sc-dev
android-build-team Robot [Fri, 9 Apr 2021 01:10:29 +0000 (01:10 +0000)]
Snap for
7269314 from
dcfeaa1d7640f04bbf738f26b680895ca0b5ff38 to sc-v2-release
Change-Id: Ifba84e7e094607a9a5592537ab5381ab55814187
Eric Biggers [Tue, 6 Apr 2021 19:02:56 +0000 (12:02 -0700)]
vold: add getUnlockedUsers() method to Binder interface
This is needed so that system_server can remind itself about which users
have their storage unlocked, if system_server is restarted due to a
userspace reboot (soft restart).
Bug:
146206679
Test: see I482ed8017f7bbc8f7d4fd5a2c0f58629317ce4ed
Change-Id: I02f0494d827094bd41bcfe5f63c24e204b728595
Alex Buynytskyy [Thu, 1 Apr 2021 20:43:14 +0000 (13:43 -0700)]
Adding an option to shorten the read timeout.
E.g. during installation to protect the system.
Ignore-AOSP-First: this depends on changes to framework and/or incfs and does not make sense without them. We'll merge it at a single large scale merge later.
Bug:
160635296
Test: atest PackageManagerShellCommandTest PackageManagerShellCommandIncrementalTest IncrementalServiceTest PackageManagerServiceTest ChecksumsTest
Change-Id: I5851e1e9dbc8e8c2b331c407002cf7133bf6e35a
Satya Tangirala [Thu, 8 Apr 2021 02:21:37 +0000 (02:21 +0000)]
Merge changes from topic "vold-use-keystore2" am:
08873d0d7d am:
54460f0635 am:
10912a295f
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1649730
Change-Id: I3f8ea815c5c3de2678c11815ddaf41776d470552
Satya Tangirala [Thu, 8 Apr 2021 02:21:36 +0000 (02:21 +0000)]
Make vold use keystore2 instead of keymaster am:
e8de4ffd73 am:
7a8ac746a2 am:
b79360f80c
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1640885
Change-Id: I7445d17137f563c5cb3f6d8e62f4bb92da2c2fa1
Satya Tangirala [Thu, 8 Apr 2021 02:21:34 +0000 (02:21 +0000)]
Remove HardwareAuthToken support from vold::Keymaster am:
e13617100d am:
695fadddf3 am:
57e480b3d5
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1640884
Change-Id: Ia1d707a541b18d29ad9643294f6868d48422fa78
Satya Tangirala [Thu, 8 Apr 2021 01:36:42 +0000 (01:36 +0000)]
Merge changes from topic "vold-use-keystore2" am:
08873d0d7d am:
54460f0635
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1649730
Change-Id: I8a70c04881275aa5e3bf4cf629316870798df27a
Satya Tangirala [Thu, 8 Apr 2021 01:36:41 +0000 (01:36 +0000)]
Make vold use keystore2 instead of keymaster am:
e8de4ffd73 am:
7a8ac746a2
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1640885
Change-Id: I7a45fdb9ed25c5543d0a9dda80106241f90e53db
Satya Tangirala [Thu, 8 Apr 2021 01:36:40 +0000 (01:36 +0000)]
Remove HardwareAuthToken support from vold::Keymaster am:
e13617100d am:
695fadddf3
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1640884
Change-Id: I84747f3ea29f6b78f8f1a9bb11959a46ec8c3189
Satya Tangirala [Thu, 8 Apr 2021 00:52:41 +0000 (00:52 +0000)]
Merge changes from topic "vold-use-keystore2" am:
08873d0d7d
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1649730
Change-Id: Ie7db671fc7e90fa86cf84773786ea6afaab37a7f
Satya Tangirala [Thu, 8 Apr 2021 00:52:40 +0000 (00:52 +0000)]
Make vold use keystore2 instead of keymaster am:
e8de4ffd73
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1640885
Change-Id: I0a9b288902f5bb0f27d524dcf509ce461e4495fe
Satya Tangirala [Thu, 8 Apr 2021 00:52:35 +0000 (00:52 +0000)]
Remove HardwareAuthToken support from vold::Keymaster am:
e13617100d
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1640884
Change-Id: Id8528a10d976e94e8bdb4e308d91107b1afdced6
Satya Tangirala [Thu, 8 Apr 2021 00:48:19 +0000 (00:48 +0000)]
Merge changes from topic "vold-use-keystore2"
* changes:
Remove Keymaster::isSecure() and simplify callers
Make vold use keystore2 instead of keymaster
Remove HardwareAuthToken support from vold::Keymaster
Satya Tangirala [Tue, 23 Mar 2021 06:29:15 +0000 (23:29 -0700)]
Remove Keymaster::isSecure() and simplify callers
Now that isSecure() always returns true, we can remove it and simplify
all the callers (i.e. cryptfs). Refer to the commit description for
Iaebfef082eca0da8a305043fafb6d85e5de14cf8 for why this function always
return true.
Bug:
181910578
Test: Cuttlefish and bramble boot
Change-Id: I185dd8180bd7842b05295263f0b1aa7205329a88
Satya Tangirala [Mon, 1 Mar 2021 06:32:07 +0000 (22:32 -0800)]
Make vold use keystore2 instead of keymaster
Make vold use keystore2 for all its operations instead of directly using
keymaster. This way, we won't have any clients that bypass keystore2,
and we'll no longer need to reserve a keymaster operation for vold.
Note that we now hardcode "SecurityLevel::TRUSTED_ENVIRONMENT" (TEE)
when talking to Keystore2 since Keystore2 only allows TEE and STRONGBOX.
Keystore2 presents any SOFTWARE implementation as a TEE to callers when
no "real" TEE is present. As far as storage encryption is concerned,
there's no advantage to using a STRONGBOX when a "real" TEE is present,
and a STRONGBOX can't be present if a "real" TEE isn't, so asking
Keystore2 for a TEE is the best we can do in any situation.
The difference in behaviour only really affects the full disk encryption
code in cryptfs.cpp, which used to explicitly check that the keymaster
device is a "real" TEE (as opposed to a SOFTWARE implementation) before
using it (it can no longer do so since Keystore2 doesn't provide a way
to do this).
A little code history digging (
7c49ab0a0b in particular) shows that
cryptfs.cpp cared about two things when using a keymaster.
- 1) that the keys generated by the keymaster were "standalone" keys -
i.e. that the keymaster could operate on those keys without
requiring /data or any other service to be available.
- 2) that the keymaster was a non-SOFTWARE implementation so that things
would still work in case a "real" TEE keymaster was ever somehow
added to the device after first boot.
Today, all "real" TEE keymasters always generate "standalone" keys, and
a TEE has been required in Android devices since at least Android N. The
only two exceptions are Goldfish and ARC++, which have SOFTWARE
keymasters, but both those keymasters also generate "standalone" keys.
We're also no longer worried about possibly adding a "real" TEE KM to
either of those devices after first boot. So there's no longer a reason
cryptfs.cpp can't use the SOFTWARE keymaster on those devices.
There's also already an upgrade path in place (see
test_mount_encrypted_fs() in cryptfs.cpp) to upgrade the kdf that's
being used once a TEE keymaster is added to the device. So it's safe for
cryptfs.cpp to ask for a TEE keymaster from Keystore2 and use it
blindly, without checking whether or not it's a "real" TEE, which is why
Keymaster::isSecure() just returns true now. A future patch will remove
that function and simplify its callers.
Bug:
181910578
Test: cuttlefish and bramble boot. Adding, switching between, stopping
and removing users work.
Change-Id: Iaebfef082eca0da8a305043fafb6d85e5de14cf8
Satya Tangirala [Mon, 15 Mar 2021 22:33:08 +0000 (15:33 -0700)]
Remove HardwareAuthToken support from vold::Keymaster
HardwareAuthTokens are no longer used by vold since Android P. So remove
the auth token parameter from vold. This patch doesn't remove the token
from IVold.aidl, and the methods in VoldNativeService.cpp return an
error if a non-empty auth token is passed to them.
Bug:
181910578
Test: cuttlefish and bramble boot with patch
Change-Id: I1a9f54e10f9efdda9973906afd0a5de5a699ada5
android-build-team Robot [Wed, 24 Mar 2021 01:10:04 +0000 (01:10 +0000)]
Snap for
7230642 from
186143cb40069b837f6eb0f0d784f9db261ceb6e to sc-v2-release
Change-Id: I77af4f78bf3475affef2e11b39aedcc9ac4d51de
Alan Stokes [Tue, 23 Mar 2021 19:14:47 +0000 (19:14 +0000)]
Merge "Vold will always bind mount obb and data dirs to lowerfs" am:
159a11f600 am:
fab8b2835b am:
00a48a7a99
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1647187
Change-Id: I4e22134f7590e94e619361b7d7814b6b4b0585f8
Alan Stokes [Tue, 23 Mar 2021 18:52:12 +0000 (18:52 +0000)]
Merge "Vold will always bind mount obb and data dirs to lowerfs" am:
159a11f600 am:
fab8b2835b
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1647187
Change-Id: I1cba8f70b47d325e7dd8ae005bff12db7a8f3b3f
Alan Stokes [Tue, 23 Mar 2021 18:12:19 +0000 (18:12 +0000)]
Merge "Vold will always bind mount obb and data dirs to lowerfs" am:
159a11f600
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1647187
Change-Id: I23b628c92b76f84511f0c8fc87b7b8aa52eb20a6
Alan Stokes [Tue, 23 Mar 2021 17:25:18 +0000 (17:25 +0000)]
Merge "Vold will always bind mount obb and data dirs to lowerfs"
Ricky Wai [Fri, 19 Mar 2021 15:35:49 +0000 (15:35 +0000)]
Vold will always bind mount obb and data dirs to lowerfs
So shell / root will always access to them directly not via fuse.
And zygote will be unmount these directories to prevent them being
abused for leaking app visibility.
Also, /mnt/androidwritable is not very useful now as it's the same as
/mnt/installer, but we should make shell / root to access /mnt/androidwritable
later and /mnt/installer should only access obb but not data dir.
Bug:
182997439
Test: Able to boot without errors
Test: df on /sdcard/Android/data shows it's no on fuse.
Change-Id: I2ad10b1e80c135f637d37ddf502ee010f89f4946
android-build-team Robot [Sat, 20 Mar 2021 01:09:46 +0000 (01:09 +0000)]
Snap for
7222037 from
36c6e252a13103ff9c99099afde1411c3858cca0 to sc-v2-release
Change-Id: I654e12df95a16ea82a63392375da7cee1c749584
Ricky Wai [Fri, 19 Mar 2021 16:03:55 +0000 (16:03 +0000)]
Merge "Revert "Change mounting storage data and obb to on by default"" into sc-dev
Ricky Wai [Fri, 19 Mar 2021 14:21:46 +0000 (14:21 +0000)]
Revert "Change mounting storage data and obb to on by default"
Revert "Change mounting storage data and obb to on by default"
Revert submission
13469849-turn_on_iso-sc-dev
Reason for revert: Failing existing CTS b/
182843583
Reverted Changes:
If819ee161:Change mounting storage data and obb to on by defa...
I46a095448:Change mounting storage data and obb to on by defa...
Change-Id: Ic5156df1cac3a5ecd661b5f3bfa0095b2b767d5d
Martijn Coenen [Fri, 19 Mar 2021 09:44:14 +0000 (09:44 +0000)]
Merge "vold: do not acquire lock when abort fuse" am:
717c1926fc am:
d616d6e1ba am:
c678a95db2
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1639945
Change-Id: I7c52c6ce39a37ce8fbc719fd8f242d2106e344bf
Martijn Coenen [Fri, 19 Mar 2021 09:01:27 +0000 (09:01 +0000)]
Merge "vold: do not acquire lock when abort fuse" am:
717c1926fc am:
d616d6e1ba
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1639945
Change-Id: Id114cc272baabc99d6d9985761f7cec578dcd896
Martijn Coenen [Fri, 19 Mar 2021 08:42:45 +0000 (08:42 +0000)]
Merge "vold: do not acquire lock when abort fuse" am:
717c1926fc
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1639945
Change-Id: I137677f0625e3d46cc8d5a50aa3327e274676589
Martijn Coenen [Fri, 19 Mar 2021 08:21:00 +0000 (08:21 +0000)]
Merge "vold: do not acquire lock when abort fuse"
lijiazi [Wed, 17 Mar 2021 08:51:16 +0000 (16:51 +0800)]
vold: do not acquire lock when abort fuse
reboot maybe cause a deadlock scenario:
1:init->vdc->vold for abort_fuse blocked on futex hold by another
vold binder_x
2:binder_x blocked in binder_ioctl_write_read wait a dead service's
response
3:dead service is exiting and schedule a deferred work for put files
in binder_vma_close, after put files is completed, the binder_x will
eventually wake up
4:kworker execute binder_deferred_work is blocked on fuse request:
crash> bt 1707
PID: 1707 TASK:
ffffffe366175e80 CPU: 2 COMMAND: "kworker/2:4"
#0 [
ffffff801b8b3ac0] __switch_to at
ffffff962ce88a60
#1 [
ffffff801b8b3b10] __schedule at
ffffff962e2d3d30
#2 [
ffffff801b8b3b70] schedule at
ffffff962e2d3ff4
#3 [
ffffff801b8b3bc0] __fuse_request_send at
ffffff962d20e008
#4 [
ffffff801b8b3c00] fuse_request_send at
ffffff962d20deac
#5 [
ffffff801b8b3c30] fuse_flush at
ffffff962d217fa4
#6 [
ffffff801b8b3c80] filp_close at
ffffff962d0bd7b4
#7 [
ffffff801b8b3cb0] put_files_struct at
ffffff962d0e7658
#8 [
ffffff801b8b3d30] binder_deferred_func at
ffffff962dc9e60c
#9 [
ffffff801b8b3d90] process_one_work at
ffffff962cee761c
#10 [
ffffff801b8b3e00] worker_thread at
ffffff962cee7a68
#11 [
ffffff801b8b3e60] kthread at
ffffff962ceecc14
waiting for init abort_fuse
suggested by maco, do not acquire lock when abort fuse.
Test: reboot stress test
Change-Id: If6dd7f5e9c413a16ba047204c33d82d6ff41c4ae
Signed-off-by: lijiazi <lijiazi@xiaomi.com>
android-build-team Robot [Wed, 17 Mar 2021 01:09:49 +0000 (01:09 +0000)]
Snap for
7213262 from
36b86e50bd08e310e0ddbe5168d76194edf74b8f to sc-v2-release
Change-Id: I0468063b5ec74148463f6537e9f5d64783642b69
Eric Biggers [Tue, 16 Mar 2021 18:39:40 +0000 (18:39 +0000)]
Merge "KeyStorage: improve logging for key generation" into sc-dev
Eric Biggers [Tue, 16 Mar 2021 01:55:59 +0000 (01:55 +0000)]
Merge "KeyStorage: improve logging for key generation" am:
759022d0f1 am:
209084f877 am:
514cce99b8
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1638259
Change-Id: If6e766b8699fb2b05de7d33c1c6d3ce569a18b11
android-build-team Robot [Tue, 16 Mar 2021 01:09:56 +0000 (01:09 +0000)]
Snap for
7209903 from
a67a37ddac13c7cb77d84cb6ec8db9a9dd39dedc to sc-v2-release
Change-Id: Id4977ae401892a04abdb850c5e2adf56b88fbb03
Eric Biggers [Tue, 16 Mar 2021 00:56:21 +0000 (00:56 +0000)]
Merge "KeyStorage: improve logging for key generation" am:
759022d0f1 am:
209084f877
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1638259
Change-Id: I1982ef32bdf67ccfa655f2f973a70dacbba284d4
Eric Biggers [Tue, 16 Mar 2021 00:17:24 +0000 (00:17 +0000)]
Merge "KeyStorage: improve logging for key generation" am:
759022d0f1
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1638259
Change-Id: I7d44cdbf632751092ed63ca7084b6ce26180a2bc
Eric Biggers [Mon, 15 Mar 2021 19:44:36 +0000 (12:44 -0700)]
KeyStorage: improve logging for key generation
The error messages that are printed when probing for rollback resistance
support on a device that doesn't support rollback-resistant keys can
make it sound like something is going wrong. Print a WARNING message
afterwards to try to make it clear what is going on. Also adjust or add
DEBUG messages when starting to generate each key so that it's easier to
distinguish the log messages for different key generation operations.
Bug:
182815123
Test: boot on device that doesn't support rollback-resistant keys and
check log.
Change-Id: I37a13eb5c1e839fb94581f3e7ec1cd8da0263d2b
Merged-In: I37a13eb5c1e839fb94581f3e7ec1cd8da0263d2b
Eric Biggers [Mon, 15 Mar 2021 23:46:54 +0000 (23:46 +0000)]
Merge "KeyStorage: improve logging for key generation"
Eric Biggers [Mon, 15 Mar 2021 19:44:36 +0000 (12:44 -0700)]
KeyStorage: improve logging for key generation
The error messages that are printed when probing for rollback resistance
support on a device that doesn't support rollback-resistant keys can
make it sound like something is going wrong. Print a WARNING message
afterwards to try to make it clear what is going on. Also adjust or add
DEBUG messages when starting to generate each key so that it's easier to
distinguish the log messages for different key generation operations.
Bug:
182815123
Test: boot on device that doesn't support rollback-resistant keys and
check log.
Change-Id: I37a13eb5c1e839fb94581f3e7ec1cd8da0263d2b
Ricky Wai [Mon, 15 Mar 2021 14:03:44 +0000 (14:03 +0000)]
Merge "Change mounting storage data and obb to on by default" into sc-dev
android-build-team Robot [Sat, 6 Mar 2021 02:09:30 +0000 (02:09 +0000)]
Snap for
7188367 from
106a1792667b8f880654bf510dd64cc59063ebec to sc-v2-release
Change-Id: I49fcc363706560fcc03c0d7eeb02718bcecc111e
Treehugger Robot [Fri, 5 Mar 2021 20:39:30 +0000 (20:39 +0000)]
Merge "Avoid killing the FUSE daemon during unmount" am:
05bb5cc71e am:
5e953c70fc am:
a02960e5ed
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1614817
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I789eb902ba1a686753d85a6d57efeb5741423ce3
Treehugger Robot [Fri, 5 Mar 2021 19:57:22 +0000 (19:57 +0000)]
Merge "Avoid killing the FUSE daemon during unmount" am:
05bb5cc71e am:
5e953c70fc
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1614817
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I769ded970fbf021c241043063e34758bfebada98
Treehugger Robot [Fri, 5 Mar 2021 18:47:05 +0000 (18:47 +0000)]
Merge "Avoid killing the FUSE daemon during unmount" am:
05bb5cc71e
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1614817
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I25ce3bb0d699478ac00ca25a72d3b4dd0c63d2c1
Treehugger Robot [Fri, 5 Mar 2021 18:08:14 +0000 (18:08 +0000)]
Merge "Avoid killing the FUSE daemon during unmount"
Zim [Thu, 4 Mar 2021 12:21:24 +0000 (12:21 +0000)]
Avoid killing the FUSE daemon during unmount
The FUSE daemon is often holding fds on behalf of other apps and if a
volume is ejected the daemon would often get killed first while vold
is walking /proc/<pid>/fd to kill pids with open fds on the
volume. This is required for the volume unmount successfully.
To mitigate this, we avoid killing the FUSE daemon during the usual
/proc walk. This ensures that we first send SIGINT, SIGTERM and
SIGKILL to other apps first. There is an additional SIGKILL attempt
and on that last attempt, we kill the FUSE daemon as a last resort
Test: Manual
Bug:
171673908
Change-Id: I100d2ce4cb4c145cbb49e0696842e97dfba2c1c9
android-build-team Robot [Thu, 4 Mar 2021 02:09:35 +0000 (02:09 +0000)]
Snap for
7183400 from
371213f4da99cf0a1b4c133f0785b065738da878 to sc-v2-release
Change-Id: If6c0ef925204dd1d4e93ca5088e04ebbff9b4d71
Abhijeet Kaur [Wed, 3 Mar 2021 13:32:00 +0000 (13:32 +0000)]
Merge "Remove unused mount modes and re-number the modes for consistency" am:
2d0ea90538 am:
6111dc99fe am:
7d0b75e407
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1605433
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I83fd80266a5b558b899963554950b20f5bf56e83
Abhijeet Kaur [Wed, 3 Mar 2021 13:02:43 +0000 (13:02 +0000)]
Merge "Remove unused mount modes and re-number the modes for consistency" am:
2d0ea90538 am:
6111dc99fe
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1605433
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ic29cce9e12067fdc7ea4827bb25210af7420cd4e
Abhijeet Kaur [Wed, 3 Mar 2021 11:12:54 +0000 (11:12 +0000)]
Merge "Remove unused mount modes and re-number the modes for consistency" am:
2d0ea90538
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1605433
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I958437ce02963f69c3498ef829e9bcbef27dabd4
Abhijeet Kaur [Wed, 3 Mar 2021 10:09:46 +0000 (10:09 +0000)]
Merge "Remove unused mount modes and re-number the modes for consistency"
android-build-team Robot [Wed, 3 Mar 2021 02:09:51 +0000 (02:09 +0000)]
Snap for
7180829 from
703bc8788942f3c0edaa6687d4510bcecdc12977 to sc-v2-release
Change-Id: I6257688ec0739683d6e5d4d96dca64614e3cdf83
Treehugger Robot [Tue, 2 Mar 2021 20:40:14 +0000 (20:40 +0000)]
Merge "Set a default ACL on /data/media/userId." am:
f6546171af am:
ca3fbd1e4b am:
541c8e03f2
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1603534
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I935e9217d592818c5df46941e2b303134a15f0f7
Treehugger Robot [Tue, 2 Mar 2021 19:47:14 +0000 (19:47 +0000)]
Merge "Set a default ACL on /data/media/userId." am:
f6546171af am:
ca3fbd1e4b
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1603534
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ib4f7ecc6b6e53fc9f61a4e83027ebb7a86b69b86
Treehugger Robot [Tue, 2 Mar 2021 19:03:54 +0000 (19:03 +0000)]
Merge "Set a default ACL on /data/media/userId." am:
f6546171af
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1603534
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I13d1ee215c805b25d73e3d39508ea05cdc60b703
Treehugger Robot [Tue, 2 Mar 2021 09:25:52 +0000 (09:25 +0000)]
Merge "Set a default ACL on /data/media/userId."