OSDN Git Service
Paul Lawrence [Tue, 19 Apr 2016 14:50:07 +0000 (14:50 +0000)]
Merge "Don\'t start defaultcrypto twice" into nyc-dev am:
0264d8f
am:
e72c338
* commit '
e72c33872e2105ca1e63ba4f891ac68a6330dffa':
Don't start defaultcrypto twice
Change-Id: Ibad904c5df684b03b80771a6a90c6a1ee49e073f
Paul Lawrence [Tue, 19 Apr 2016 14:47:08 +0000 (14:47 +0000)]
Merge "Don\'t start defaultcrypto twice" into nyc-dev
am:
0264d8f
* commit '
0264d8ff7c2d5a2cdb4faaf9a3493103138373dd':
Don't start defaultcrypto twice
Change-Id: Ief95c3bf7798cf6090f68fb2eac124677d448187
Paul Lawrence [Tue, 19 Apr 2016 14:44:26 +0000 (14:44 +0000)]
Merge "Don't start defaultcrypto twice" into nyc-dev
Paul Lawrence [Fri, 15 Apr 2016 22:41:33 +0000 (15:41 -0700)]
Don't start defaultcrypto twice
The old way (using triggers) starts defaultcrypto twice because
queue_property_triggers_action retriggers the action.
Bug:
27452459
Change-Id: I715d5441f8ae0b820b680f6a75f51694c4420992
Jeff Sharkey [Mon, 18 Apr 2016 20:15:17 +0000 (20:15 +0000)]
Consistent creation/destruction of user data. am:
be70c9a
am:
c85be2f
* commit '
c85be2fc40ec7d7a70fee4b19325de21ff085724':
Change-Id: I93288ad9c962639dbfa63e33395f0ac3952b045b
Jeff Sharkey [Mon, 18 Apr 2016 20:05:56 +0000 (20:05 +0000)]
Consistent creation/destruction of user data. am:
be70c9a
am:
30b0a1f
* commit '
30b0a1fcdd2c7a60c104ffcd3dca4c9c2c1e682b':
Consistent creation/destruction of user data.
Change-Id: I72e91bbf15eaf91c72a61a26baf2e6908934958a
Jeff Sharkey [Mon, 18 Apr 2016 19:59:55 +0000 (19:59 +0000)]
Consistent creation/destruction of user data.
am:
be70c9a
* commit '
be70c9ae2251ac8f3bfbbe75146f8c533d64e01b':
Consistent creation/destruction of user data.
Change-Id: I55f4fe88a8c02d019fa92028e6ad358fc0f75aeb
Jeff Sharkey [Mon, 18 Apr 2016 19:59:50 +0000 (19:59 +0000)]
Consistent creation/destruction of user data.
am:
be70c9a
* commit '
be70c9ae2251ac8f3bfbbe75146f8c533d64e01b':
Consistent creation/destruction of user data.
Change-Id: Iddb906f6df0587faf95198446c376b2e8d550bec
Jeff Sharkey [Fri, 15 Apr 2016 02:45:16 +0000 (20:45 -0600)]
Consistent creation/destruction of user data.
Preparing and destroying users currently needs to be split across
installd, system_server, and vold, since no single party has all the
required SELinux permissions.
Bug:
27896918,
25861755
Change-Id: Ieec14ccacfc7a3a5ab00df47ace7318feb900c38
Elliott Hughes [Tue, 12 Apr 2016 23:44:04 +0000 (16:44 -0700)]
resolve merge conflicts of
81fd991 to nyc-dev-plus-aosp
Change-Id: Iabda2c9ad05ed4aa0a078c5da40b887f36dd9328
Mattias Nissler [Tue, 12 Apr 2016 23:27:37 +0000 (23:27 +0000)]
Merge "Switch to BoringSSL crypto."
am:
af458c4
* commit '
af458c478a9f333fa39bdddb9a7aa097a2196b64':
Switch to BoringSSL crypto.
Change-Id: Ie3c9a05bfd05dfa9b1a79fe42b59d0dfb3346843
Elliott Hughes [Tue, 12 Apr 2016 23:12:35 +0000 (23:12 +0000)]
Merge "Switch to BoringSSL crypto."
Dan Austin [Tue, 12 Apr 2016 22:35:50 +0000 (22:35 +0000)]
Merge "Address const issues in preparation for libcxx rebase." am:
a4f7dad
am:
3cc69fa
* commit '
3cc69faa6797ae0cfe43f4243d564fbe14f4cfe4':
Address const issues in preparation for libcxx rebase.
Change-Id: I58f814d71e5d5c067ade613d0bf8a88911d53424
Dan Austin [Tue, 12 Apr 2016 22:33:13 +0000 (22:33 +0000)]
Merge "Address const issues in preparation for libcxx rebase."
am:
a4f7dad
* commit '
a4f7dadd389e25d2b5749d1edf65081b3a4e6961':
Address const issues in preparation for libcxx rebase.
Change-Id: I63c3a205db98d956c3c02a4f4f6fd87fd4e052e8
Dan Austin [Tue, 12 Apr 2016 22:21:17 +0000 (22:21 +0000)]
Merge "Address const issues in preparation for libcxx rebase."
Yabin Cui [Sat, 9 Apr 2016 01:09:55 +0000 (01:09 +0000)]
Merge "vold: write bootloader message directly." into nyc-dev
am:
cbedcc3
* commit '
cbedcc30b32d79d77d89f23074da4dc76bf5e26d':
vold: write bootloader message directly.
Change-Id: Ib8f63a49a86c0e9e7a231cb5d22f6bb9a14e820f
Yabin Cui [Fri, 8 Apr 2016 21:03:42 +0000 (21:03 +0000)]
Merge "vold: write bootloader message directly." into nyc-dev
Daichi Hirono [Thu, 7 Apr 2016 08:16:07 +0000 (08:16 +0000)]
Add log flag for verbose AppFuse log for nyc-dev.
am:
2d6555f
* commit '
2d6555f33a5b0fd1e9f0db87e3a2146c3c26add0':
Add log flag for verbose AppFuse log for nyc-dev.
Change-Id: I8a2325c0dfd70888e635994f8aa5901fbf57efac
Daichi Hirono [Thu, 7 Apr 2016 05:59:32 +0000 (14:59 +0900)]
Add log flag for verbose AppFuse log for nyc-dev.
Change-Id: I60ca596e32f8668ae5895e671d92c4978ede6314
Fixed:
28055420
Yabin Cui [Thu, 7 Apr 2016 00:21:38 +0000 (17:21 -0700)]
vold: write bootloader message directly.
Bug:
27176738
Change-Id: I09bfe777e383325809d7ecc2dcb9129fe234053f
Mattias Nissler [Thu, 31 Mar 2016 14:32:59 +0000 (16:32 +0200)]
Switch to BoringSSL crypto.
This replaces the libmincrypt dependency with libcrypto_utils, which
is needed due to libfec and fs_mgr switching to BoringSSL.
Change-Id: I4f6f4d8cc5e200679331a9bcdf2cc3bad1082dd6
Jeff Sharkey [Thu, 31 Mar 2016 03:47:49 +0000 (03:47 +0000)]
Kill apps using PublicVolume when unmounting.
am:
8aff854
* commit '
8aff854b940039cce5fa2a227b19e39de6787b20':
Kill apps using PublicVolume when unmounting.
Change-Id: I12332ee8d416eb2bba0f940a5f8bf64c5766c774
Jeff Sharkey [Thu, 31 Mar 2016 02:37:28 +0000 (20:37 -0600)]
Kill apps using PublicVolume when unmounting.
Bug:
24863778
Change-Id: I86a482c6de78afe2e09ca91165000e1b10a42058
Paul Crowley [Tue, 29 Mar 2016 20:30:13 +0000 (20:30 +0000)]
Don\'t fail if the CE key isn\'t loaded in destroy_user_key
am:
71ee662
* commit '
71ee662ec3f82db66f1a34579aff75cc27d4b205':
Don't fail if the CE key isn't loaded in destroy_user_key
Change-Id: I7700f07dfa3421e57149aacf1a98b0a5eb8bf917
Paul Crowley [Fri, 25 Mar 2016 22:50:01 +0000 (15:50 -0700)]
Don't fail if the CE key isn't loaded in destroy_user_key
Users don't have to be unlocked to be deleted, so don't worry if we
don't have their key to evict.
Bug:
26847403
Bug:
27441228
Change-Id: Ifd93f620926630aa102a3bb4a5d2d45d34f9b75d
Dan Austin [Thu, 24 Mar 2016 19:26:39 +0000 (12:26 -0700)]
Address const issues in preparation for libcxx rebase.
Change-Id: I5199c1eb4e874fd354beefa1232707949483e88d
Paul Crowley [Thu, 17 Mar 2016 19:57:36 +0000 (19:57 +0000)]
Support Keymaster2 with lots of clever template logic :)
am:
0323afd
* commit '
0323afd69d82ce900d520f4611f56e6c06fc08a1':
Support Keymaster2 with lots of clever template logic :)
Paul Crowley [Wed, 16 Mar 2016 00:04:39 +0000 (17:04 -0700)]
Support Keymaster2 with lots of clever template logic :)
Bug:
27718275
Change-Id: I0b2aa74f45fd07a121ce0c342b27426a3fe593ce
Paul Lawrence [Fri, 11 Mar 2016 23:45:29 +0000 (23:45 +0000)]
Fix some static analyser issues
am:
300dae7c38
* commit '
300dae7c38e6853148a998dfc1030b2be40490b5':
Fix some static analyser issues
Paul Lawrence [Fri, 11 Mar 2016 19:02:52 +0000 (11:02 -0800)]
Fix some static analyser issues
Bug:
27099772
Change-Id: Ic96777edf4ea282be2b8f53525226396c01e023c
Paul Lawrence [Fri, 11 Mar 2016 01:51:11 +0000 (01:51 +0000)]
Merge "Make sure encryption type is set on first boot" into nyc-dev
am:
439034b8cc
* commit '
439034b8cc510a95d25c53c8606f88a40ddcbb0b':
Make sure encryption type is set on first boot
Paul Lawrence [Fri, 11 Mar 2016 01:42:55 +0000 (01:42 +0000)]
Merge "Make sure encryption type is set on first boot" into nyc-dev
Jeff Sharkey [Fri, 11 Mar 2016 00:19:11 +0000 (00:19 +0000)]
Merge "Print size as unsigned when sending to framework." into nyc-dev
am:
f84fe90714
* commit '
f84fe907141bcdb76425d5ba42913576f018a11c':
Print size as unsigned when sending to framework.
Jeff Sharkey [Fri, 11 Mar 2016 00:07:25 +0000 (00:07 +0000)]
Merge "Print size as unsigned when sending to framework." into nyc-dev
Paul Lawrence [Thu, 10 Mar 2016 23:44:21 +0000 (15:44 -0800)]
Make sure encryption type is set on first boot
Bug:
27599622
Change-Id: I2f38c03941ac8cdba40baf7421132f572866e296
Jeff Sharkey [Thu, 10 Mar 2016 19:11:09 +0000 (12:11 -0700)]
Print size as unsigned when sending to framework.
Otherwise we might output negative numbers that confuse the rest
of the recovery stack.
Bug:
26007445
Change-Id: Ic99b49360732e5389c6330be065e1222e25b60ca
Yu Ning [Thu, 10 Mar 2016 17:16:57 +0000 (17:16 +0000)]
Merge "Support emulator\'s virtio-blk based SD card" into nyc-dev
am:
828d386c7d
* commit '
828d386c7de04c6f33c1e998fd9d4630f90d5be4':
Support emulator's virtio-blk based SD card
Prathmesh Prabhu [Thu, 10 Mar 2016 17:12:59 +0000 (17:12 +0000)]
Merge "Support emulator's virtio-blk based SD card" into nyc-dev
Daniel Rosenberg [Thu, 10 Mar 2016 00:05:52 +0000 (00:05 +0000)]
Merge "Add information to error message" into nyc-dev
am:
19d76fda3a
* commit '
19d76fda3ada9bce91ac95110b10b6e075bc6726':
Add information to error message
Daniel Rosenberg [Wed, 9 Mar 2016 23:58:12 +0000 (23:58 +0000)]
Merge "Add information to error message" into nyc-dev
Paul Crowley [Wed, 9 Mar 2016 22:11:05 +0000 (22:11 +0000)]
Run clang-format over ext4crypt related code
am:
df528a7011
* commit '
df528a7011b302c91579898c4a37361214ab05bb':
Run clang-format over ext4crypt related code
Paul Crowley [Wed, 9 Mar 2016 22:11:05 +0000 (22:11 +0000)]
Use pointers not references for out arguments
am:
a051eb7a22
* commit '
a051eb7a22b7cd97e66d2f22b64884f8ebc73952':
Use pointers not references for out arguments
Paul Crowley [Wed, 9 Mar 2016 22:11:05 +0000 (22:11 +0000)]
Require the auth token for decryption.
am:
320e5e15b6
* commit '
320e5e15b621da57a947adc896f7bb8357038bee':
Require the auth token for decryption.
Daniel Rosenberg [Sat, 27 Feb 2016 00:44:36 +0000 (16:44 -0800)]
Add information to error message
Bug:
27452459
Change-Id: I89e813755da0946de4effd827799681df7e12d82
Paul Crowley [Wed, 9 Mar 2016 19:26:02 +0000 (19:26 +0000)]
Fix memory leak in generate_key wrapper. Other fixes.
am:
d9b9295b8c
* commit '
d9b9295b8c2f17448f4eb3ea2c6f7d4a5c207c3f':
Fix memory leak in generate_key wrapper. Other fixes.
Paul Crowley [Wed, 9 Mar 2016 17:31:37 +0000 (09:31 -0800)]
Run clang-format over ext4crypt related code
The formatting here is inconsistent with Android house style; use
clang-format to bring it back into line.
Change-Id: Id1fe6ff54e9b668ca88c3fc021ae0a5bdd1327eb
Paul Crowley [Wed, 9 Mar 2016 00:08:32 +0000 (16:08 -0800)]
Use pointers not references for out arguments
Google/Android C++ style requires that arguments passed in for writing
should be pointers, not references, so that it's visible in the caller
that they'll be written to.
Bug:
27566014
Change-Id: I5cd55906cc4b2f61c8b97b223786be0b3ce28862
Paul Crowley [Fri, 4 Mar 2016 22:07:05 +0000 (14:07 -0800)]
Require the auth token for decryption.
A bug meant that the auth token wasn't being used; it turns out that
in order to use it we need to do things slightly differently.
Bug:
27496553
Change-Id: I0f0ab77fed31b92a79eba4acf488cb098691b4be
Paul Crowley [Fri, 4 Mar 2016 21:45:00 +0000 (13:45 -0800)]
Fix memory leak in generate_key wrapper. Other fixes.
- catch errors in looking for the keyring
- static_assert to prevent a buffer overrun
- remove obsolete, misleading comment
- dial down priority of some log messages
- explain why we ignore some errors
- idiomatic C++11
Bug:
27552432
Change-Id: Ic3ee05b41eae45e7c6b571a459b326a483663526
Yu Ning [Fri, 8 Jan 2016 09:36:47 +0000 (17:36 +0800)]
Support emulator's virtio-blk based SD card
Currently, vold only supports MMC (for SD cards) and SCSI (for USB
drives) devices. It does not recognize any device whose major number is
not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one
such device. It is used by the new Android emulator (a.k.a. qemu2,
featuring the "ranchu" virtual board) for SD card emulation.
In order to make this virtio-blk based SD card device appear in Android
and appear as an SD card (rather than a USB drive), changes have to be
made to both vold (wherever the device major number is checked) and
ranchu's storage configuration. This CL implements former.
This is a stop-gap solution for emulator in nyc.
A longer term solution in-tune with upstream kernel is in the pipes.
Updated from aosp/master version.
BUG:
27431753
Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c
Signed-off-by: Yu Ning <yu.ning@intel.com>
(cherry picked from commit
5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
Paul Crowley [Wed, 2 Mar 2016 19:09:01 +0000 (19:09 +0000)]
Merge "Use a proper key length for the mode." into nyc-dev
am:
ad8e26297b
* commit '
ad8e26297b07f26376bd3125b11ae280304c22e8':
Use a proper key length for the mode.
Calin Juravle [Wed, 2 Mar 2016 19:08:54 +0000 (19:08 +0000)]
Prepare profile directories only for the internal storage
am:
d1ee944f08
* commit '
d1ee944f0839d60b014722c7facbb4a66bd4f2c3':
Prepare profile directories only for the internal storage
Paul Crowley [Wed, 2 Mar 2016 18:59:58 +0000 (18:59 +0000)]
Merge "Use a proper key length for the mode." into nyc-dev
Paul Crowley [Wed, 2 Mar 2016 17:15:07 +0000 (09:15 -0800)]
Use a proper key length for the mode.
Bug:
27440526
Change-Id: I818450252dcd39f21948fc2e70856659eba5f50f
Calin Juravle [Wed, 2 Mar 2016 18:36:50 +0000 (18:36 +0000)]
Prepare profile directories only for the internal storage
Bug:
27444691
Change-Id: I0d30e8883fe655c90cda47ab167a878764ea0802
Calin Juravle [Tue, 1 Mar 2016 21:43:43 +0000 (21:43 +0000)]
Create profile folder for foreign dex markers.
am:
493f5aa160
* commit '
493f5aa16075eec6948f476b3fe0d29de063ee85':
Create profile folder for foreign dex markers.
Calin Juravle [Wed, 24 Feb 2016 16:27:19 +0000 (16:27 +0000)]
Create profile folder for foreign dex markers.
This is a special profile folder where apps will leave profile markers
for the dex files they load and don't own. System server will read the
markers and decide if the apks should be fully compiled instead of
profile guide compiled.
Bug:
27334750
Bug:
26080105
Change-Id: Ib18f20cf78a8dbfc465610ec6ceec52699c5420a
Calin Juravle [Mon, 22 Feb 2016 11:49:06 +0000 (11:49 +0000)]
Prepare user profile folder
am:
79f55a461f
* commit '
79f55a461f1edf90b769824c6a69dcb520614d83':
Prepare user profile folder
Calin Juravle [Wed, 17 Feb 2016 20:14:46 +0000 (20:14 +0000)]
Prepare user profile folder
Bug:
26719109
Bug:
26563023
Change-Id: I4737b7f73df74b2b787a62db2e231f136115b359
Bill Yi [Wed, 17 Feb 2016 20:46:47 +0000 (20:46 +0000)]
Bill Yi [Wed, 17 Feb 2016 17:51:20 +0000 (09:51 -0800)]
Dimitry Ivanov [Sat, 13 Feb 2016 01:31:49 +0000 (01:31 +0000)]
Merge "Add missing liblog dependency"
am:
6e8a931d54 -s ours
* commit '
6e8a931d54c4d67e39cf0a22bf496bd4ab9822f7':
Add missing liblog dependency
Dimitry Ivanov [Sat, 13 Feb 2016 00:37:26 +0000 (00:37 +0000)]
Merge "Add missing liblog dependency"
Dimitry Ivanov [Sat, 13 Feb 2016 00:10:22 +0000 (16:10 -0800)]
Add missing liblog dependency
Bug: http://b/
27171986
Change-Id: I03c5f9375ca46a81250ac00493a4f3f1eebf3156
Paul Crowley [Wed, 10 Feb 2016 17:56:05 +0000 (17:56 +0000)]
Log a warning if old creds passed to change_user_key don't work.
Bug:
26948053
Change-Id: I8c117bfe5e85e73af72b6ecafea39924f3561c7c
Paul Crowley [Wed, 10 Feb 2016 14:02:47 +0000 (14:02 +0000)]
Add scrypt-based password stretching.
Bug:
27056334
Change-Id: Ifa7f776c21c439f89dad7836175fbd045e1c603e
Paul Lawrence [Tue, 9 Feb 2016 19:32:44 +0000 (19:32 +0000)]
Merge "Fix encryption on non-default devices" into nyc-dev
Paul Lawrence [Tue, 9 Feb 2016 19:24:28 +0000 (11:24 -0800)]
Fix encryption on non-default devices
Bug:
27061863
Change-Id: Id998bb4534f657079e95718ef52af3f23100fb10
Paul Crowley [Tue, 9 Feb 2016 10:04:39 +0000 (10:04 +0000)]
Prefer bool returns to int throughout
Change-Id: Ib3592b598ee07bc71a6f9507570bf4623c1cdd6a
Paul Crowley [Tue, 9 Feb 2016 09:50:32 +0000 (09:50 +0000)]
Refactor now that global DE has been reworked
Change-Id: I4d6156332cfc847e25e7c8863fd6a50fa325fb87
Paul Crowley [Tue, 9 Feb 2016 09:30:23 +0000 (09:30 +0000)]
Fix some "false" returns to be "-1" where appropriate in e4crypt_enable
Also fix a PLOG that should be a LOG.
Change-Id: Ic5ae288c37b6e236172f9e38349c2d0d530bfd4d
Jeff Sharkey [Tue, 9 Feb 2016 01:10:34 +0000 (18:10 -0700)]
e4crypt_unlock_user_key no longer likes nullptr.
Bug:
27075797
Change-Id: I835d17d02ea50a88ef0a5322a30e04f3d0237019
Paul Crowley [Mon, 8 Feb 2016 22:40:34 +0000 (22:40 +0000)]
Add new argument to unlock_user_key, fixing merge-caused error.
Change-Id: Ic51f375e500cd61bda926e3b039126a840ed89f0
Paul Crowley [Mon, 8 Feb 2016 21:45:46 +0000 (21:45 +0000)]
Merge "Password security for FBE disk encryption keys" into nyc-dev
Paul Crowley [Mon, 8 Feb 2016 15:55:41 +0000 (15:55 +0000)]
Password security for FBE disk encryption keys
Added a new call change_user_key which changes the way that disk
encryption keys are protected; a key can now be protected with a
combination of an auth token and a secret which is a hashed password.
Both of these are passed to unlock_user_key.
This change introduces a security bug, b/
26948053, which must be fixed
before we ship.
Bug:
22950892
Change-Id: Iac1e45bb6f86f2af5c472c70a0fe3228b02115bf
Jeff Sharkey [Mon, 8 Feb 2016 19:21:42 +0000 (12:21 -0700)]
Emulation fixes: mics dirs, recover after disable.
Add new misc directories to list of paths that we lock/unlock in
emulation mode. When booting a device without native-FBE and without
emulation, make sure we "unlock" any emulated settings on user 0;
MountService handles this for secondary users later during boot.
Bug:
27069522
Change-Id: I15c7cf00a7231ce99b2e4e11a25106d7b87e70cc
Daichi Hirono [Sun, 7 Feb 2016 04:01:24 +0000 (04:01 +0000)]
Merge "Add context mount option for appfuse."
Jeff Sharkey [Tue, 2 Feb 2016 00:02:29 +0000 (17:02 -0700)]
Allow callers to prepare CE/DE user storage.
Give callers the option of preparing CE and/or DE storage. The
framework will only prepare CE storage after the CE keys have been
unlocked for that user.
When init is calling enablecrypto, kick off the work in a thread so
that we can make other calls back into vold without causing
deadlock. Leaves blocking call intact for framework callers.
Clean up 'vdc' tool to send useful transaction numbers, and
actually watch for the matching result to come back. This fixes
race conditions when there are multiple 'vdc' callers.
Also add other system and misc directories to match spec.
Bug:
25796509
Change-Id: Ie4f853db6e387916b845d2b5fb92925d743b063d
Daichi Hirono [Tue, 26 Jan 2016 01:27:45 +0000 (10:27 +0900)]
Add context mount option for appfuse.
BUG=
26147865
Change-Id: I1812c46d0f80eaea9a9a3fa944bc4d0126ae8ba1
Paul Lawrence [Thu, 4 Feb 2016 16:18:52 +0000 (08:18 -0800)]
Remove unencrypted_properties
Change-Id: I5728f03dbde6621e410efcda1d93054915793407
Paul Lawrence [Wed, 3 Feb 2016 21:39:13 +0000 (13:39 -0800)]
Fix minor issues with previous change
New style logging
Remove set/get field from e4crypt
Save keys to temp file then rename
See https://googleplex-android-review.git.corp.google.com/#/c/858922/
Change-Id: I454c3f78489b491ffc1230a70dce64935e4e0f8a
Paul Lawrence [Wed, 3 Feb 2016 18:52:41 +0000 (10:52 -0800)]
Use consistent method for device key
Change-Id: I420f548115c1b55e62b193c60d569fdda518af1a
Paul Lawrence [Tue, 2 Feb 2016 19:14:59 +0000 (11:14 -0800)]
Remove support for non-default root passwords in FBE
Change-Id: Ie179cb09f9f24382afd0fe0f3aa2a1ad943a7f5d
Daichi Hirono [Tue, 2 Feb 2016 10:14:29 +0000 (10:14 +0000)]
Merge "Mount appfuse in process namespace."
Daichi Hirono [Fri, 29 Jan 2016 05:33:51 +0000 (14:33 +0900)]
Mount appfuse in process namespace.
BUG=
26148108
Change-Id: I2297fd227a4c607054e0403e73bd9c857f580a1c
Jeff Vander Stoep [Mon, 1 Feb 2016 23:24:58 +0000 (15:24 -0800)]
resolve merge conflicts of
2b6f9ce823 to master.
Change-Id: I69f36f560334b11b099f2eb15999603dd2469d4f
Jeffrey Vander Stoep [Mon, 1 Feb 2016 23:10:31 +0000 (23:10 +0000)]
Merge "cryptfs: run e2fsck/fsck.f2fs in fsck domain"
am:
6f69ee094c
* commit '
6f69ee094cabcd052a4742089fcae8e92cf7f924':
cryptfs: run e2fsck/fsck.f2fs in fsck domain
Jeffrey Vander Stoep [Mon, 1 Feb 2016 23:05:55 +0000 (23:05 +0000)]
Merge "cryptfs: run e2fsck/fsck.f2fs in fsck domain"
Jeff Vander Stoep [Fri, 29 Jan 2016 23:34:43 +0000 (15:34 -0800)]
cryptfs: run e2fsck/fsck.f2fs in fsck domain
e2fsck and fsck.f2fs must run in the fsck domain. Add call to
setexeccon() to tell selinux to run in the fsck domain on exec.
Addresses:
avc: denied { execute_no_trans } for path="/system/bin/e2fsck" dev="mmcblk0p41" ino=241 scontext=u:r:vold:s0 tcontext=u:object_r:fsck_exec:s0 tclass=file
Bug:
26872236
Change-Id: Ib2a583aeefc667f8aa67532e0ac0ff9619b65461
Paul Crowley [Mon, 1 Feb 2016 14:10:43 +0000 (14:10 +0000)]
Add support for per-user DE keys.
FBE devices need a factory reset after this change.
Bug:
26704408
Change-Id: I150b82a13a4a007d9a8997ef6a676e96576356b2
Paul Crowley [Thu, 28 Jan 2016 10:09:46 +0000 (10:09 +0000)]
Refactor of Ext4Crypt.cpp in preparation for DE keys
Mainly a refactor, but with a substantive change: Keys are created in
a temporary location, then moved to their final destination, for
atomicity.
Bug:
26704408
Change-Id: I0b2dc70d6bfa1f8a65536dd05b73c4b36a4699cf
Paul Crowley [Mon, 1 Feb 2016 14:28:12 +0000 (14:28 +0000)]
Add init_user0 command.
Change-Id: Icf746ec1968a073fde707ecc788b648f5803fd38
Paul Crowley [Thu, 28 Jan 2016 12:23:53 +0000 (12:23 +0000)]
Create disk encryption keys only when FBE enabled
Our code for creating disk encryption keys doesn't work everywhere,
and it doesn't need to; only on platforms that support FBE. Don't
create them elsewhere.
Bug:
26842807
Change-Id: I686d0ffd7cb3adbddfce661c22ce18f66acb1aba
Paul Crowley [Wed, 27 Jan 2016 14:30:22 +0000 (14:30 +0000)]
Improvements to the key storage module
The key storage module didn't comply with Android coding standards
and had room for improvemnet in a few other ways, so have cleaned up.
Change-Id: I260ccff316423169cf887e538113b5ea400892f2
Paul Crowley [Wed, 27 Jan 2016 10:19:54 +0000 (10:19 +0000)]
Merge "Use a keymaster-based key storage module"
Paul Crowley [Thu, 21 Jan 2016 20:26:12 +0000 (20:26 +0000)]
Use a keymaster-based key storage module
Instead of writing raw keys, encrypt the keys with keymaster. This
paves the way to protecting them with auth tokens and passwords later.
In addition, fold in the hash of a 16k file into their encryption, to
ensure secure deletion works properly.
Now even C++ier!
Bug:
22502684
Bug:
22950892
Change-Id: If70f139e342373533c42d5a298444b8438428322
Narayan Kamath [Thu, 21 Jan 2016 12:26:05 +0000 (12:26 +0000)]
Unmount emulated filesystems before killing the fuse process.
Avoid ENOTCONN for file system operations.
bug:
26645585
bug:
26070583
Change-Id: I19b00db37ef7ba85a2cae16c7c4204826653f559
Paul Crowley [Thu, 21 Jan 2016 17:24:49 +0000 (17:24 +0000)]
Don't fail on unlock if we're not even emulating FBE
As a precaution, we do the work of emulating an unlock even on devices
that aren't emulating FBE. However, we don't care if it fails, so
don't fail the calling command in that instance.
Bug:
26713622
Change-Id: I8c5fb4b9a130335ecbb9b8ea6367f1c59835c0f1
Paul Crowley [Wed, 20 Jan 2016 13:12:38 +0000 (13:12 +0000)]
Rework FBE crypto to match the N way of doing things
Major rework and refactor of FBE code to load the keys at the right
time and in a natural way. The old code was aimed at our goals for M,
with patches on top, and didn't quite work.
Bug:
22358539
Change-Id: I9bf7a0a86ee3f2abf0edbd5966f93efac2474c2c
Jeff Sharkey [Tue, 12 Jan 2016 23:52:16 +0000 (16:52 -0700)]
Offer to enforce "locked" state using SELinux.
Bug:
26466827
Change-Id: Id5f05298c2cb5f3cf288df37ddf0a196ca49949b
OSDN Git Service
