OSDN Git Service
Xin Li [Sat, 8 May 2021 01:48:49 +0000 (01:48 +0000)]
[automerger skipped] Merge "DO NOT MERGE - Mark RQ2A.210105.001 as merged." am:
ef439c5367 -s ours
am skip reason: Merged-In Ic37985f98e6cbfe4fa38b981d3332c4dfc40c5b8 with SHA-1
5f2a9fee66 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1699301
Change-Id: Icb4c65c9d0b4e9f1dfefb9d7bdf3e68a799e7fa2
Xin Li [Sat, 8 May 2021 01:28:13 +0000 (01:28 +0000)]
Merge "DO NOT MERGE - Mark RQ2A.210105.001 as merged."
Xin Li [Fri, 7 May 2021 21:32:31 +0000 (14:32 -0700)]
DO NOT MERGE - Mark RQ2A.210105.001 as merged.
Bug:
180401296
Merged-In: Ic37985f98e6cbfe4fa38b981d3332c4dfc40c5b8
Change-Id: Ic82b58f8975ae7b5410d87536342f83e827a7893
rickywai [Thu, 6 May 2021 08:25:13 +0000 (08:25 +0000)]
Merge "Always unmount data and obb directory that mounted" am:
ae11ab712f
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1697365
Change-Id: I44aaffd7ecd95ec60af7559592d684460b32c5da
rickywai [Thu, 6 May 2021 08:09:05 +0000 (08:09 +0000)]
Merge "Always unmount data and obb directory that mounted"
Ricky Wai [Wed, 5 May 2021 14:43:45 +0000 (14:43 +0000)]
Always unmount data and obb directory that mounted
Otherwise, when system removes user's volume, it will hang
as there are mounts (obb and data mounts) still remain mounted in system.
Bug:
187122943
Test: atest UserLifecycleTests#managedProfileUnlock_stopped, it's not blocked anymore
Change-Id: Ic37985f98e6cbfe4fa38b981d3332c4dfc40c5b8
Alan Stokes [Wed, 5 May 2021 14:30:21 +0000 (14:30 +0000)]
Merge "Only kill apps with storage app data isolation enabled" am:
b2678b6654
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1690874
Change-Id: I063073d4419566c11207a147ac3260d4cee671a3
Alan Stokes [Wed, 5 May 2021 14:16:00 +0000 (14:16 +0000)]
Merge "Only kill apps with storage app data isolation enabled"
Eric Biggers [Tue, 4 May 2021 16:19:11 +0000 (16:19 +0000)]
Merge "Log error message if setting project quota ID fails" am:
7505efbd5d
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1694189
Change-Id: I64ee98eb6505837197aa509a8b9e21a952739966
Eric Biggers [Tue, 4 May 2021 16:06:14 +0000 (16:06 +0000)]
Merge "Log error message if setting project quota ID fails"
Eric Biggers [Mon, 3 May 2021 19:29:40 +0000 (12:29 -0700)]
Log error message if setting project quota ID fails
Otherwise, the only sign of what went wrong may be system_server
logging a "ServiceSpecificException".
Bug:
187079978
Change-Id: I59b2ba2b0e679dfd1ec1fd8fff6790256fbfdf29
Ricky Wai [Fri, 30 Apr 2021 08:53:07 +0000 (09:53 +0100)]
Only kill apps with storage app data isolation enabled
Originally it kills all the apps with obb and data mounted.
Due to recent changes, all apps will have obb and data dirs mounted
in default root namespace. Hence all apps will be killed by
by KillProcessesWithMounts().
To fix this, we also check if the dir is mounted as tmpfs,
as the default namespace one is bind mounted to lowerfs,
which app data isolation is mounted as tmpfs, so we only
kill the process that have obb dir mounted as tmpfs.
Bug:
148049767
Test: Able to boot without warnings
Change-Id: I5f862ad6f64f5df739b68ea7c9815352bae3be5c
Merged-In: I45d9a63ed47cbc27aebb63357a43f51ad62275db
Treehugger Robot [Mon, 26 Apr 2021 19:13:28 +0000 (19:13 +0000)]
Merge "Fix cryptfs RSA signing with keystore2" am:
d2bb367549
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1684055
Change-Id: Ib91a29bf3d216c09ece619b9554c8f391efbe5fd
Treehugger Robot [Mon, 26 Apr 2021 18:51:13 +0000 (18:51 +0000)]
Merge "Fix cryptfs RSA signing with keystore2"
Hasini Gunasinghe [Fri, 23 Apr 2021 23:03:46 +0000 (23:03 +0000)]
Merge "Make vold use the updated keystore 2 API for storage keys." am:
68bdb45cf8
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1681547
Change-Id: Ib4156e85984c903cf521977e39522d013daf140c
Hasini Gunasinghe [Fri, 23 Apr 2021 22:39:04 +0000 (22:39 +0000)]
Merge "Make vold use the updated keystore 2 API for storage keys."
Eric Biggers [Thu, 22 Apr 2021 23:36:58 +0000 (16:36 -0700)]
Fix cryptfs RSA signing with keystore2
Fix KeymasterOperation::updateCompletely() to not treat an empty output
as an error, since for RSA signing (used by cryptfs / FDE) it is
expected that the output from update() be empty. The output is instead
produced at the end by finish().
This is one of a set of changes that is needed to get FDE working again
so that devices that launched with FDE can be upgraded to Android 12.
Bug:
186165644
Change-Id: Icf120f8b9526d051d0ebe16bc8ad1edf712241e1
Jaegeuk Kim [Tue, 20 Apr 2021 22:26:22 +0000 (22:26 +0000)]
Merge "mkfs_f2fs: give the log in kernel" am:
177b9db866
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1677035
Change-Id: I55cce35d98afdf058854746e90c42be6c4f7d52c
Jaegeuk Kim [Tue, 20 Apr 2021 22:08:26 +0000 (22:08 +0000)]
Merge "mkfs_f2fs: give the log in kernel"
Janis Danisevskis [Tue, 20 Apr 2021 19:50:58 +0000 (12:50 -0700)]
Make vold use the updated keystore 2 API for storage keys.
This CL updates vold to use the updated storage key API that provides an
optional upgraded key blob. In this patch the upgraded key blob is not
yet stored by vold.
Bug:
185811713
Test: N/A
Change-Id: I39eeb20df0eb2b023479f3adebab264d29d00048
Jaegeuk Kim [Wed, 14 Apr 2021 19:02:41 +0000 (12:02 -0700)]
mkfs_f2fs: give the log in kernel
It's very useful to see the mkfs log in console to debug any issues.
Bug:
172378121
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: Icdac3609860cf0bba3fa758cead885bd4960f2c0
Treehugger Robot [Thu, 15 Apr 2021 03:06:01 +0000 (03:06 +0000)]
Merge "vold: add getUnlockedUsers() method to Binder interface" am:
5e5819a761
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1674805
Change-Id: I6b491e5939d3c878351bdfed3452e95ca8f19a89
Treehugger Robot [Thu, 15 Apr 2021 02:33:22 +0000 (02:33 +0000)]
Merge "vold: add getUnlockedUsers() method to Binder interface"
Eric Biggers [Tue, 6 Apr 2021 19:02:56 +0000 (12:02 -0700)]
vold: add getUnlockedUsers() method to Binder interface
This is needed so that system_server can remind itself about which users
have their storage unlocked, if system_server is restarted due to a
userspace reboot (soft restart).
Bug:
146206679
Test: see I482ed8017f7bbc8f7d4fd5a2c0f58629317ce4ed
Change-Id: I02f0494d827094bd41bcfe5f63c24e204b728595
(cherry picked from commit
1799debfd6561ca7348880bb59ad8c059f4891b0)
Satya Tangirala [Thu, 8 Apr 2021 00:52:41 +0000 (00:52 +0000)]
Merge changes from topic "vold-use-keystore2" am:
08873d0d7d
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1649730
Change-Id: Ie7db671fc7e90fa86cf84773786ea6afaab37a7f
Satya Tangirala [Thu, 8 Apr 2021 00:52:40 +0000 (00:52 +0000)]
Make vold use keystore2 instead of keymaster am:
e8de4ffd73
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1640885
Change-Id: I0a9b288902f5bb0f27d524dcf509ce461e4495fe
Satya Tangirala [Thu, 8 Apr 2021 00:52:35 +0000 (00:52 +0000)]
Remove HardwareAuthToken support from vold::Keymaster am:
e13617100d
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1640884
Change-Id: Id8528a10d976e94e8bdb4e308d91107b1afdced6
Satya Tangirala [Thu, 8 Apr 2021 00:48:19 +0000 (00:48 +0000)]
Merge changes from topic "vold-use-keystore2"
* changes:
Remove Keymaster::isSecure() and simplify callers
Make vold use keystore2 instead of keymaster
Remove HardwareAuthToken support from vold::Keymaster
Satya Tangirala [Tue, 23 Mar 2021 06:29:15 +0000 (23:29 -0700)]
Remove Keymaster::isSecure() and simplify callers
Now that isSecure() always returns true, we can remove it and simplify
all the callers (i.e. cryptfs). Refer to the commit description for
Iaebfef082eca0da8a305043fafb6d85e5de14cf8 for why this function always
return true.
Bug:
181910578
Test: Cuttlefish and bramble boot
Change-Id: I185dd8180bd7842b05295263f0b1aa7205329a88
Satya Tangirala [Mon, 1 Mar 2021 06:32:07 +0000 (22:32 -0800)]
Make vold use keystore2 instead of keymaster
Make vold use keystore2 for all its operations instead of directly using
keymaster. This way, we won't have any clients that bypass keystore2,
and we'll no longer need to reserve a keymaster operation for vold.
Note that we now hardcode "SecurityLevel::TRUSTED_ENVIRONMENT" (TEE)
when talking to Keystore2 since Keystore2 only allows TEE and STRONGBOX.
Keystore2 presents any SOFTWARE implementation as a TEE to callers when
no "real" TEE is present. As far as storage encryption is concerned,
there's no advantage to using a STRONGBOX when a "real" TEE is present,
and a STRONGBOX can't be present if a "real" TEE isn't, so asking
Keystore2 for a TEE is the best we can do in any situation.
The difference in behaviour only really affects the full disk encryption
code in cryptfs.cpp, which used to explicitly check that the keymaster
device is a "real" TEE (as opposed to a SOFTWARE implementation) before
using it (it can no longer do so since Keystore2 doesn't provide a way
to do this).
A little code history digging (
7c49ab0a0b in particular) shows that
cryptfs.cpp cared about two things when using a keymaster.
- 1) that the keys generated by the keymaster were "standalone" keys -
i.e. that the keymaster could operate on those keys without
requiring /data or any other service to be available.
- 2) that the keymaster was a non-SOFTWARE implementation so that things
would still work in case a "real" TEE keymaster was ever somehow
added to the device after first boot.
Today, all "real" TEE keymasters always generate "standalone" keys, and
a TEE has been required in Android devices since at least Android N. The
only two exceptions are Goldfish and ARC++, which have SOFTWARE
keymasters, but both those keymasters also generate "standalone" keys.
We're also no longer worried about possibly adding a "real" TEE KM to
either of those devices after first boot. So there's no longer a reason
cryptfs.cpp can't use the SOFTWARE keymaster on those devices.
There's also already an upgrade path in place (see
test_mount_encrypted_fs() in cryptfs.cpp) to upgrade the kdf that's
being used once a TEE keymaster is added to the device. So it's safe for
cryptfs.cpp to ask for a TEE keymaster from Keystore2 and use it
blindly, without checking whether or not it's a "real" TEE, which is why
Keymaster::isSecure() just returns true now. A future patch will remove
that function and simplify its callers.
Bug:
181910578
Test: cuttlefish and bramble boot. Adding, switching between, stopping
and removing users work.
Change-Id: Iaebfef082eca0da8a305043fafb6d85e5de14cf8
Satya Tangirala [Mon, 15 Mar 2021 22:33:08 +0000 (15:33 -0700)]
Remove HardwareAuthToken support from vold::Keymaster
HardwareAuthTokens are no longer used by vold since Android P. So remove
the auth token parameter from vold. This patch doesn't remove the token
from IVold.aidl, and the methods in VoldNativeService.cpp return an
error if a non-empty auth token is passed to them.
Bug:
181910578
Test: cuttlefish and bramble boot with patch
Change-Id: I1a9f54e10f9efdda9973906afd0a5de5a699ada5
Alan Stokes [Tue, 23 Mar 2021 18:12:19 +0000 (18:12 +0000)]
Merge "Vold will always bind mount obb and data dirs to lowerfs" am:
159a11f600
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1647187
Change-Id: I23b628c92b76f84511f0c8fc87b7b8aa52eb20a6
Alan Stokes [Tue, 23 Mar 2021 17:25:18 +0000 (17:25 +0000)]
Merge "Vold will always bind mount obb and data dirs to lowerfs"
Ricky Wai [Fri, 19 Mar 2021 15:35:49 +0000 (15:35 +0000)]
Vold will always bind mount obb and data dirs to lowerfs
So shell / root will always access to them directly not via fuse.
And zygote will be unmount these directories to prevent them being
abused for leaking app visibility.
Also, /mnt/androidwritable is not very useful now as it's the same as
/mnt/installer, but we should make shell / root to access /mnt/androidwritable
later and /mnt/installer should only access obb but not data dir.
Bug:
182997439
Test: Able to boot without errors
Test: df on /sdcard/Android/data shows it's no on fuse.
Change-Id: I2ad10b1e80c135f637d37ddf502ee010f89f4946
Martijn Coenen [Fri, 19 Mar 2021 08:42:45 +0000 (08:42 +0000)]
Merge "vold: do not acquire lock when abort fuse" am:
717c1926fc
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1639945
Change-Id: I137677f0625e3d46cc8d5a50aa3327e274676589
Martijn Coenen [Fri, 19 Mar 2021 08:21:00 +0000 (08:21 +0000)]
Merge "vold: do not acquire lock when abort fuse"
lijiazi [Wed, 17 Mar 2021 08:51:16 +0000 (16:51 +0800)]
vold: do not acquire lock when abort fuse
reboot maybe cause a deadlock scenario:
1:init->vdc->vold for abort_fuse blocked on futex hold by another
vold binder_x
2:binder_x blocked in binder_ioctl_write_read wait a dead service's
response
3:dead service is exiting and schedule a deferred work for put files
in binder_vma_close, after put files is completed, the binder_x will
eventually wake up
4:kworker execute binder_deferred_work is blocked on fuse request:
crash> bt 1707
PID: 1707 TASK:
ffffffe366175e80 CPU: 2 COMMAND: "kworker/2:4"
#0 [
ffffff801b8b3ac0] __switch_to at
ffffff962ce88a60
#1 [
ffffff801b8b3b10] __schedule at
ffffff962e2d3d30
#2 [
ffffff801b8b3b70] schedule at
ffffff962e2d3ff4
#3 [
ffffff801b8b3bc0] __fuse_request_send at
ffffff962d20e008
#4 [
ffffff801b8b3c00] fuse_request_send at
ffffff962d20deac
#5 [
ffffff801b8b3c30] fuse_flush at
ffffff962d217fa4
#6 [
ffffff801b8b3c80] filp_close at
ffffff962d0bd7b4
#7 [
ffffff801b8b3cb0] put_files_struct at
ffffff962d0e7658
#8 [
ffffff801b8b3d30] binder_deferred_func at
ffffff962dc9e60c
#9 [
ffffff801b8b3d90] process_one_work at
ffffff962cee761c
#10 [
ffffff801b8b3e00] worker_thread at
ffffff962cee7a68
#11 [
ffffff801b8b3e60] kthread at
ffffff962ceecc14
waiting for init abort_fuse
suggested by maco, do not acquire lock when abort fuse.
Test: reboot stress test
Change-Id: If6dd7f5e9c413a16ba047204c33d82d6ff41c4ae
Signed-off-by: lijiazi <lijiazi@xiaomi.com>
Eric Biggers [Tue, 16 Mar 2021 00:17:24 +0000 (00:17 +0000)]
Merge "KeyStorage: improve logging for key generation" am:
759022d0f1
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1638259
Change-Id: I7d44cdbf632751092ed63ca7084b6ce26180a2bc
Eric Biggers [Mon, 15 Mar 2021 23:46:54 +0000 (23:46 +0000)]
Merge "KeyStorage: improve logging for key generation"
Eric Biggers [Mon, 15 Mar 2021 19:44:36 +0000 (12:44 -0700)]
KeyStorage: improve logging for key generation
The error messages that are printed when probing for rollback resistance
support on a device that doesn't support rollback-resistant keys can
make it sound like something is going wrong. Print a WARNING message
afterwards to try to make it clear what is going on. Also adjust or add
DEBUG messages when starting to generate each key so that it's easier to
distinguish the log messages for different key generation operations.
Bug:
182815123
Test: boot on device that doesn't support rollback-resistant keys and
check log.
Change-Id: I37a13eb5c1e839fb94581f3e7ec1cd8da0263d2b
Treehugger Robot [Fri, 5 Mar 2021 18:47:05 +0000 (18:47 +0000)]
Merge "Avoid killing the FUSE daemon during unmount" am:
05bb5cc71e
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1614817
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I25ce3bb0d699478ac00ca25a72d3b4dd0c63d2c1
Treehugger Robot [Fri, 5 Mar 2021 18:08:14 +0000 (18:08 +0000)]
Merge "Avoid killing the FUSE daemon during unmount"
Zim [Thu, 4 Mar 2021 12:21:24 +0000 (12:21 +0000)]
Avoid killing the FUSE daemon during unmount
The FUSE daemon is often holding fds on behalf of other apps and if a
volume is ejected the daemon would often get killed first while vold
is walking /proc/<pid>/fd to kill pids with open fds on the
volume. This is required for the volume unmount successfully.
To mitigate this, we avoid killing the FUSE daemon during the usual
/proc walk. This ensures that we first send SIGINT, SIGTERM and
SIGKILL to other apps first. There is an additional SIGKILL attempt
and on that last attempt, we kill the FUSE daemon as a last resort
Test: Manual
Bug:
171673908
Change-Id: I100d2ce4cb4c145cbb49e0696842e97dfba2c1c9
Abhijeet Kaur [Wed, 3 Mar 2021 11:12:54 +0000 (11:12 +0000)]
Merge "Remove unused mount modes and re-number the modes for consistency" am:
2d0ea90538
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1605433
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I958437ce02963f69c3498ef829e9bcbef27dabd4
Abhijeet Kaur [Wed, 3 Mar 2021 10:09:46 +0000 (10:09 +0000)]
Merge "Remove unused mount modes and re-number the modes for consistency"
Treehugger Robot [Tue, 2 Mar 2021 19:03:54 +0000 (19:03 +0000)]
Merge "Set a default ACL on /data/media/userId." am:
f6546171af
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1603534
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I13d1ee215c805b25d73e3d39508ea05cdc60b703
Treehugger Robot [Tue, 2 Mar 2021 09:25:52 +0000 (09:25 +0000)]
Merge "Set a default ACL on /data/media/userId."
Treehugger Robot [Fri, 26 Feb 2021 04:33:56 +0000 (04:33 +0000)]
Merge "[vold] expose binder headers to dependent modules" am:
51ff06df22
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1607482
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I32b3d8d656a07491b644c8fd05aa38b8031597a4
Treehugger Robot [Fri, 26 Feb 2021 03:35:10 +0000 (03:35 +0000)]
Merge "[vold] expose binder headers to dependent modules"
Songchun Fan [Thu, 25 Feb 2021 23:16:11 +0000 (23:16 +0000)]
[vold] expose binder headers to dependent modules
This allows libincremental_aidl-cpp to be built via cc_library instead
of aidl_interface.
BUG:
181266844
Test: builds
Change-Id: I4f0bc82629c0df758467aa074274b30f9dc6718d
Kalesh Singh [Wed, 24 Feb 2021 22:14:06 +0000 (22:14 +0000)]
Merge "vold: Use Wakelock::tryGet()" am:
8439ab27d6
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1600813
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I4b028c047da40cbbd20c0a99d4c957d87bfcf0c2
Kalesh Singh [Wed, 24 Feb 2021 18:49:58 +0000 (18:49 +0000)]
Merge "vold: Use Wakelock::tryGet()"
Abhijeet Kaur [Wed, 24 Feb 2021 12:33:25 +0000 (12:33 +0000)]
Remove unused mount modes and re-number the modes for consistency
Also, add REMOUNT_MODE_ANDROID_WRITABLE to return "/mnt/runtime/write".
Bug:
148454884
Test: builds
Change-Id: I5a38c88f46034c494604bb001cf4d4c400c8f73e
Martijn Coenen [Mon, 1 Feb 2021 07:57:02 +0000 (07:57 +0000)]
Set a default ACL on /data/media/userId.
This directory is used as a root for external storage on adopted storage
devices. It needs to be writable by processes holding the AID_MEDIA_RW
GID permission; in particular, it should be writable by the FUSE daemon.
On devices with sdcardfs, this was ensured automatically, because
sdcardfs presented a view of this directory that was writable, that we
could use for the FUSE daemon. But on devices without sdcardfs, the FUSE
daemon sees the raw filesystem and its permissions. This also means that
files created by the FUSE daemon will have their uid/gid set to the uid
of the FUSE daemon; to ensure these files stay writable to other system
applications that have AID_MEDIA_RW, use a default ACL to make sure the
gid stays AID_MEDIA_RW.
In particular, this fixes an issue with app cloning, where we want the
FUSE daemon of user 0 to be able to access the files of the app clone
user, and vice versa.
Bug:
154057120
Test: inspect uid/gid of /data/media/0 and contents
Change-Id: Ic5d63457ec917ea407b900dbb7773d89311780c6
Kalesh Singh [Mon, 22 Feb 2021 20:10:45 +0000 (15:10 -0500)]
vold: Use Wakelock::tryGet()
Acquiring a wakelock can fail if the suspend service is unavailable.
Explicitly check that wakelock was acquired before performing
operations that require the device to stay on.
Bug: b/
179229598
Test: Boot test on Pixel 4 device
Change-Id: If30087223e44098801a31d1bfd239ac22e891abe
Xin Li [Sat, 20 Feb 2021 08:24:42 +0000 (00:24 -0800)]
Mark ab/
7061308 as merged in stage.
Bug:
180401296
Merged-In: I7124285f41c6a854ad5c86677bc94d78ddca5a97
Change-Id: Icf8db3d8557a3835e0834eec134bb4b111ec3af0
Treehugger Robot [Fri, 19 Feb 2021 19:54:09 +0000 (19:54 +0000)]
Merge changes from topic "fsync-fixes" am:
6c36c6f421
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1590896
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ifacc42ef9b4abe897a598e3cd8dcef4650b8f5ff
Treehugger Robot [Fri, 19 Feb 2021 19:23:47 +0000 (19:23 +0000)]
Merge changes from topic "fsync-fixes"
* changes:
Add syncs when creating parent directories
Sync parent directory in storeKeyAtomically()
Move pathExists() to Utils.cpp
Dhiraj Jadhav [Thu, 18 Feb 2021 18:45:58 +0000 (18:45 +0000)]
Merge "Revert "Revert "Revert "Set a default ACL on /data/media/userId."""" am:
a98846d8d5
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1592902
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I7c3c8bd230bcc14471d127ddc2276634cd2b2a43
Dhiraj Jadhav [Thu, 18 Feb 2021 17:38:20 +0000 (17:38 +0000)]
Merge "Revert "Revert "Revert "Set a default ACL on /data/media/userId.""""
Dhiraj Jadhav [Thu, 18 Feb 2021 04:57:03 +0000 (04:57 +0000)]
Revert "Revert "Revert "Set a default ACL on /data/media/userId."""
This reverts commit
ea9681e4cdf30340b583dc27cb6c6474926ddaee.
Reason for revert: storage Permission causing b/
179362637 adb push to fail
Change-Id: Ibc1d8b5b685c22545b7e2d15de58059960b87e14
Eric Biggers [Tue, 16 Feb 2021 23:59:17 +0000 (15:59 -0800)]
Add syncs when creating parent directories
vold creates some directories for storing encryption keys if they don't
already exist, potentially including parent directories:
/metadata/vold/metadata_encryption
/data/misc/vold/volume_keys/$volume_uuid
/data/misc_de/$user/vold/volume_keys/$volume_uuid
/data/misc_ce/$user/vold/volume_keys/$volume_uuid
Currently fs_mkdirs() is used for this. However, fs_mkdirs() doesn't
include the fsync()s of the parent directories that are needed to ensure
that the new directories are persisted to disk right away -- which is
important for encryption keys.
Add a utility function MkdirsSync() which does what is needed, and make
the appropriate places call it.
Test: Booted and checked log for "Created directory" message.
Also ran 'atest vold_tests' to run the new unit test.
Change-Id: Ie9917b616433080139b8db3fd6877203ee6faf77
Eric Biggers [Tue, 16 Feb 2021 23:59:17 +0000 (15:59 -0800)]
Sync parent directory in storeKeyAtomically()
When an FBE or metadata encryption key is created, it's important that
it be persisted to disk right away; otherwise the device may fail to
boot after an unclean shutdown. storeKey() has the needed fsync()s.
However, storeKeyAtomically() doesn't, as it doesn't fsync() the parent
directory of key_path after it renames tmp_path to it.
Two callers do fsync() the parent directory themselves, but others
don't. E.g., the metadata encryption key doesn't get properly synced.
Therefore, add the needed fsync() to storeKeyAtomically() so that it
gets done for everyone.
Also remove the now-unneeded fsync()s from the two callers that did it
themselves.
Change-Id: I342ebd94f0a3d2bf3a7a443c35b6bda0f12e1ab2
Eric Biggers [Tue, 16 Feb 2021 23:59:17 +0000 (15:59 -0800)]
Move pathExists() to Utils.cpp
This is useful as a general utility function.
Change-Id: Id43fc106dc6c544c6e4ce65f10c7d4246b99e54a
Treehugger Robot [Mon, 15 Feb 2021 23:48:04 +0000 (23:48 +0000)]
Merge "[LSC] Add LOCAL_LICENSE_KINDS to system/vold" am:
810bcca4d0
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1589008
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: If9313dcc2a75e117374543fb9050aa1a7e0410f4
Treehugger Robot [Mon, 15 Feb 2021 23:21:47 +0000 (23:21 +0000)]
Merge "[LSC] Add LOCAL_LICENSE_KINDS to system/vold"
Bob Badour [Fri, 12 Feb 2021 22:24:10 +0000 (14:24 -0800)]
[LSC] Add LOCAL_LICENSE_KINDS to system/vold
Added SPDX-license-identifier-Apache-2.0 to:
Android.bp
bench/inodeop_bench/Android.bp
tests/Android.bp
Bug:
68860345
Bug:
151177513
Bug:
151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: I91823c7097d7bee39a363a0c0cc30de13e4d7539
Treehugger Robot [Sat, 13 Feb 2021 09:09:08 +0000 (09:09 +0000)]
Merge "Obtain incfs features early in the booting sequence." am:
915f6227a7
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1585413
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I695d55952de65a940602efd2387611e00bbde0ec
Treehugger Robot [Sat, 13 Feb 2021 06:32:14 +0000 (06:32 +0000)]
Merge "Obtain incfs features early in the booting sequence."
Alex Buynytskyy [Fri, 12 Feb 2021 03:09:10 +0000 (19:09 -0800)]
Obtain incfs features early in the booting sequence.
Has to be done before SystemConfig initialization to set correct
Incremental version feature.
Bug:
180010901
Test: atest PackageManagerShellCommandTest PackageManagerShellCommandIncrementalTest IncrementalServiceTest PackageManagerServiceTest ChecksumsTest
Change-Id: I262d1f06aecb481f37bf82005c85fed02c476510
Martijn Coenen [Mon, 1 Feb 2021 13:47:40 +0000 (13:47 +0000)]
Merge "Revert "Revert "Set a default ACL on /data/media/userId.""" am:
2e8f0d438b
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1566179
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I4464d2bcb23434832a7448ef59d079079a5c809d
Martijn Coenen [Mon, 1 Feb 2021 13:30:04 +0000 (13:30 +0000)]
Merge "Revert "Revert "Set a default ACL on /data/media/userId."""
Martijn Coenen [Mon, 1 Feb 2021 07:57:02 +0000 (07:57 +0000)]
Revert "Revert "Set a default ACL on /data/media/userId.""
This reverts commit
b276e80aec54c139587bbc510f503ced9414cf0f.
Reason for revert: b/
177926359 is now fixed
Change-Id: I8ec5d80a44fc9e491ab3430592e17d10a82f40ea
Seth Moore [Wed, 27 Jan 2021 01:16:34 +0000 (01:16 +0000)]
Merge "Add support for binding storage encryption to a seed" am:
6207c9cde4
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1553317
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I0d60971d77f26bb43a73938895f9e343ced7081a
Seth Moore [Wed, 27 Jan 2021 00:40:35 +0000 (00:40 +0000)]
Merge "Add support for binding storage encryption to a seed"
Treehugger Robot [Tue, 26 Jan 2021 23:29:27 +0000 (23:29 +0000)]
Merge "Specify version for aidl_interface explicitly" am:
8e10f698ef
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1560413
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I3038929c8745731c9292540e846d6ca34de7cdb7
Treehugger Robot [Tue, 26 Jan 2021 22:28:23 +0000 (22:28 +0000)]
Merge "Specify version for aidl_interface explicitly"
Seth Moore [Tue, 19 Jan 2021 17:51:51 +0000 (17:51 +0000)]
Add support for binding storage encryption to a seed
With this change, vold exposes an API that may be used to bind key
storage encryption keys to a given seed value. The seed value passed to
vold must be consistent across reboots, or key storage keys will not be
derived consistently. The seed is expected to be set very early in boot,
prior to the use of any key storage encryption keys.
This feature is intended to be used for embedded applications such as
in autos, where the seed may be provided by some other component of the
system. In such systems, there is a default user that is automatically
signed in without a PIN or other credentials. By binding the file
encryption to a platform-provided seed, the default user's data gains
additional protection against removal of the Android embedded device
from the integrated system.
Bug:
157501579
Test: Set seed at startup via init.rc. Seed changes fail as expected.
Change-Id: I9b048ec5e045b84c45883724ace2356d4ef6244d
Jeongik Cha [Tue, 26 Jan 2021 13:35:14 +0000 (22:35 +0900)]
Specify version for aidl_interface explicitly
Bug:
150578172
Test: m
Change-Id: Ie51caa503b6b1e5c29372b85d0357be292144126
Martijn Coenen [Thu, 21 Jan 2021 09:40:48 +0000 (09:40 +0000)]
Merge "Revert "Set a default ACL on /data/media/userId."" am:
d9cf8590cb
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1555317
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I7b2a139c70a8eb29ade6afed2f89cc9141ff149b
Martijn Coenen [Thu, 21 Jan 2021 08:19:20 +0000 (08:19 +0000)]
Merge "Revert "Set a default ACL on /data/media/userId.""
Yifan Hong [Wed, 20 Jan 2021 20:00:06 +0000 (20:00 +0000)]
Merge changes from topic "health_storage_aidl" am:
3355ff7790
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1550388
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I054f6f4345d96f9be12934bb5632951f24ee0ba0
Yifan Hong [Wed, 20 Jan 2021 19:59:59 +0000 (19:59 +0000)]
Refactor HIDL HAL Dev GC invocation am:
8f0d45441c
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1550387
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I2aeabbe25b138bf43eb1c6ba221126c1f520c227
Yifan Hong [Wed, 20 Jan 2021 19:45:16 +0000 (19:45 +0000)]
Merge changes from topic "health_storage_aidl"
* changes:
Use AIDL HAL for Dev GC
Refactor HIDL HAL Dev GC invocation
Martijn Coenen [Wed, 20 Jan 2021 15:51:44 +0000 (15:51 +0000)]
Revert "Set a default ACL on /data/media/userId."
This reverts commit
a71323ec0ea0927464c7e6f62770ef43f649b3fb.
Reason for revert: b/
177926359 - note that this is a Google testing infrastructure issue, and no issue with this patch. Partners can keep using this patch. It will be resubmitted in a few weeks.
Change-Id: Ia13279ac1aafa2e4425c4527aeadd5d0fadbc2e4
Treehugger Robot [Wed, 20 Jan 2021 11:16:01 +0000 (11:16 +0000)]
Merge "Revert^4 "Customize StubVolume implementation for ARC"" am:
69c97b6d12
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1554975
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I726bc94861fb18e38501ce30ee4d77d2d08eddc0
Treehugger Robot [Wed, 20 Jan 2021 10:33:52 +0000 (10:33 +0000)]
Merge "Revert^4 "Customize StubVolume implementation for ARC""
Risan [Wed, 20 Jan 2021 05:53:15 +0000 (05:53 +0000)]
Revert^4 "Customize StubVolume implementation for ARC"
This reverts commit
8ed81fd9ca4e58231e71a5c59c839d7ba5ca4b3f.
Reason for revert: Let me try one last time more carefully. According to https://googleplex-android-review.git.corp.google.com/q/%2522customize+stubvolume%2522 - this CL will flow to aosp branches (without vendor images) and 2 branches with vendor images. I have submitted the vendor CL for both branches now (ag/
13366009 and ag/
13371672). This should not break anything now.
Change-Id: I69aacceabfb70053387a3c156b49e06be65fe6e4
Maurice Lam [Tue, 19 Jan 2021 21:14:04 +0000 (21:14 +0000)]
Merge "Revert "Revert "Revert "Customize StubVolume implementation for ARC"""" am:
922af320dd
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1554441
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I7ed3af5a90858ebdb33581d4b63a4a2e5dc58105
Maurice Lam [Tue, 19 Jan 2021 19:28:36 +0000 (19:28 +0000)]
Merge "Revert "Revert "Revert "Customize StubVolume implementation for ARC""""
Maurice Lam [Tue, 19 Jan 2021 19:03:56 +0000 (19:03 +0000)]
Revert "Revert "Revert "Customize StubVolume implementation for ARC"""
This reverts commit
3164c0a2385c9e27f21a6de346de15216d652ec7.
Reason for revert: b/
177917240
Change-Id: I69f541698a3068d59553d555846ba45d169fbbed
rickywai [Tue, 19 Jan 2021 15:58:01 +0000 (15:58 +0000)]
Merge "Call setupAppDir before EnsureDirExists" am:
d4de02ed14
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1553602
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I1bcb3c452b77bf46e9b3ce4e9e8ca609470c96a1
rickywai [Tue, 19 Jan 2021 15:24:02 +0000 (15:24 +0000)]
Merge "Call setupAppDir before EnsureDirExists"
Risan [Tue, 19 Jan 2021 11:59:22 +0000 (11:59 +0000)]
Merge "Revert "Revert "Customize StubVolume implementation for ARC""" am:
a8ebbe77a0
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1553860
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ifed0e9026edb4ef80354e245336c11d4748dc491
Ricky Wai [Tue, 19 Jan 2021 11:27:36 +0000 (11:27 +0000)]
Call setupAppDir before EnsureDirExists
So we can ensure Android/ dir is created,
otherwise EnsureDirExists may return false if Android/ doesn't exist
Bug:
177281374
Test: Able to boot without errors
Change-Id: I02e816b60530ac9d3d3b978a7c9028d2c0e34bad
Risan [Tue, 19 Jan 2021 11:20:08 +0000 (11:20 +0000)]
Merge "Revert "Revert "Customize StubVolume implementation for ARC"""
Martijn Coenen [Tue, 19 Jan 2021 10:25:01 +0000 (10:25 +0000)]
Merge "Set a default ACL on /data/media/userId." am:
14782046f3
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1535015
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ife277259b3f3ff0e69976cafc8c45db5c3901759
Martijn Coenen [Tue, 19 Jan 2021 09:38:55 +0000 (09:38 +0000)]
Merge "Set a default ACL on /data/media/userId."
Risan [Tue, 19 Jan 2021 02:24:38 +0000 (02:24 +0000)]
Revert "Revert "Customize StubVolume implementation for ARC""
This reverts commit
0cf77b025dd7e9fd92ddf3259de800c19e5db73d.
Reason for revert: The requird libarcvolume has been submitted to master (ag/
13366009)
Change-Id: I86fada53aad2ec5faa497a9bcbce5435c35d040e
Mariia Sandrikova [Mon, 18 Jan 2021 18:18:08 +0000 (18:18 +0000)]
Merge "Revert "Customize StubVolume implementation for ARC"" am:
5558a72d03
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1553535
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I5c7f898a1229e2c859a6add61b0024bb95c7d8ce