OSDN Git Service
Eric Biggers [Wed, 4 Nov 2020 19:53:11 +0000 (19:53 +0000)]
Merge changes from topic "encryptinplace-cleanup" am:
91e4f1dd76 am:
ee175c954a
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1467990
Change-Id: If0f5196b66387b3a195b10c1b48d030f7bb8eb5a
Eric Biggers [Wed, 4 Nov 2020 19:15:05 +0000 (19:15 +0000)]
Merge changes from topic "encryptinplace-cleanup" am:
91e4f1dd76
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1467990
Change-Id: I50e47bd1cb102b9013542b0676258a79ac44b6b1
Eric Biggers [Wed, 4 Nov 2020 18:47:05 +0000 (18:47 +0000)]
Merge changes from topic "encryptinplace-cleanup"
* changes:
Refactor EncryptInplace.cpp
Correctly calculate tot_used_blocks on ext4 with uninit_bg
Fix memory leak of f2fs_info
Remove special handling for missing crypto_blkdev
Check return value of create_crypto_blk_dev()
Remove unused support for partial encryption
Eric Biggers [Tue, 3 Nov 2020 22:11:02 +0000 (14:11 -0800)]
Refactor EncryptInplace.cpp
Refactor EncryptInplace.cpp to simplify and improve it a lot. This is
everything that didn't fit into prior commits, including:
- Share a lot more code between ext4, f2fs, and full encryption.
- Improve the log messages. Most importantly, don't spam the log with
huge numbers of messages, and don't log errors in expected cases.
Note: generate_f2fs_info() is still too noisy, but that's part of
"system/extras", not vold, so this change doesn't change that.
- When possible, do 32K reads/writes for f2fs and for full encryption,
not just for ext4. This might improve performance.
- Take advantage of C++ functionality.
- Be more careful about edge cases. E.g. if the calculation of the
number of blocks to encrypt was wrong, don't set vold.encrypt_progress
to > 99 until we're actually done.
The net change is over 200 lines removed.
Before-after comparison of log when enabling metadata encryption:
ext4 before:
I vold : Beginning inplace encryption, nr_sec:
16777216
D vold : cryptfs_enable_inplace(/dev/block/dm-8, /dev/block/by-name/userdata,
16777216, 0)
D vold : Opening/dev/block/by-name/userdata
D vold : Opening/dev/block/dm-8
I vold : Encrypting ext4 filesystem in place...
[omitted 6387 log messages]
I vold : Encrypted to sector
822084608
D vold : cryptfs_enable_inplace_ext4 success
I vold : Inplace encryption complete
ext4 after:
D vold : encrypt_inplace(/dev/block/dm-8, /dev/block/by-name/userdata,
16777216, false)
D vold : ext4 filesystem has 64 block groups
I vold : Encrypting ext4 filesystem on /dev/block/by-name/userdata in-place via /dev/block/dm-8
I vold : 50327 blocks (206 MB) of
2097152 blocks are in-use
D vold : Encrypted 10000 of 50327 blocks
D vold : Encrypted 20000 of 50327 blocks
D vold : Encrypted 30000 of 50327 blocks
D vold : Encrypted 40000 of 50327 blocks
D vold : Encrypted 50000 of 50327 blocks
D vold : Encrypted 50327 of 50327 blocks
I vold : Successfully encrypted ext4 filesystem on /dev/block/by-name/userdata
f2fs before:
I vold : Beginning inplace encryption, nr_sec:
16777216
D vold : cryptfs_enable_inplace(/dev/block/dm-8, /dev/block/by-name/userdata,
16777216, 0)
D vold : Opening/dev/block/by-name/userdata
D vold : Opening/dev/block/dm-8
E vold : Reading ext4 extent caused an exception
D vold : cryptfs_enable_inplace_ext4()=-1
[omitted logspam from f2fs_sparseblock]
I vold : Encrypting from block 0
I vold : Encrypted to block 15872
I vold : Encrypting from block 16384
I vold : Encrypted to block 16385
I vold : Encrypting from block 17408
I vold : Encrypted to block 17412
D vold : cryptfs_enable_inplace_f2fs success
I vold : Inplace encryption complete
f2fs after:
D vold : encrypt_inplace(/dev/block/dm-8, /dev/block/by-name/userdata,
16777216, false)
[omitted logspam from f2fs_sparseblock]
I vold : Encrypting f2fs filesystem on /dev/block/by-name/userdata in-place via /dev/block/dm-8
I vold : 15880 blocks (65 MB) of
2097152 blocks are in-use
D vold : Encrypted 10000 of 15880 blocks
D vold : Encrypted 15880 of 15880 blocks
I vold : Successfully encrypted f2fs filesystem on /dev/block/by-name/userdata
Test: Booted Cuttlefish with metadata encryption enabled and with the
userdata filesystem using (1) ext4, (2) f2fs, and (3) f2fs but
with EncryptInplace.cpp patched to not recognize the filesystem
and fall back to the "full" encryption case. Checked that the log
messages were as expected and that /data was mounted.
I've had no luck testing FDE yet; it doesn't work even without
these changes. Suggestions appreciated...
Change-Id: I08fc8465f7962abd698904b5466f3ed080d53953
Eric Biggers [Tue, 3 Nov 2020 22:11:01 +0000 (14:11 -0800)]
Correctly calculate tot_used_blocks on ext4 with uninit_bg
The calculated number of blocks to encrypt is too high on ext4
filesystems that have the uninit_bg feature. This is because the
calculation assumes that all blocks not counted in bg_free_blocks_count
need to encrypted. But actually, uninitialized block groups have inode
blocks which vold doesn't encrypt since they are uninitialized, but they
are "allocated" and thus reduce bg_free_blocks_count.
Therefore, add a helper function num_base_meta_blocks_in_group() which
returns the number of blocks to encrypt in an uninitialized block group.
Use it both for the encryption and for calculating 'tot_used_blocks'.
Also compute 'tot_used_blocks' additively rather than subtractively, as
this is easier to understand.
Test: see I08fc8465f7962abd698904b5466f3ed080d53953
Change-Id: I4d2cb40291da67dd1bafd61289ccb9e6343bfda3
Eric Biggers [Tue, 3 Nov 2020 22:11:01 +0000 (14:11 -0800)]
Fix memory leak of f2fs_info
'struct f2fs_info' from system/extras/f2fs_utils is supposed to be
freed using free_f2fs_info(), not just free().
Test: see I08fc8465f7962abd698904b5466f3ed080d53953
Change-Id: If6e75e5c604b40be24538b156a37cc76f4f0d4f7
Eric Biggers [Tue, 3 Nov 2020 22:11:01 +0000 (14:11 -0800)]
Remove special handling for missing crypto_blkdev
This logic is no longer necessary, since the code that creates the
crypto_blkdev (create_crypto_blk_dev() in MetadataCrypt.cpp or in
cryptfs.cpp) now waits for the block device to appear before continuing.
It's also worth noting that the retry loop was only present for ext4,
not for f2fs, yet most Android devices are using f2fs these days.
Test: see I08fc8465f7962abd698904b5466f3ed080d53953
Change-Id: I173ca6cc187a810e008990dfa22aede58632db25
Eric Biggers [Tue, 3 Nov 2020 22:11:00 +0000 (14:11 -0800)]
Check return value of create_crypto_blk_dev()
cryptfs_enable_internal() forgot to check the return value of
create_crypto_blk_dev(), so it was continuing to
cryptfs_enable_inplace() when creating the dm-crypt device failed, which
doesn't make sense.
Test: see I08fc8465f7962abd698904b5466f3ed080d53953
Change-Id: If9f20069d0f084150aa887a350f7c0c31a6d80f2
Eric Biggers [Tue, 3 Nov 2020 22:11:00 +0000 (14:11 -0800)]
Remove unused support for partial encryption
Commit
87999173dd79 ("Don't corrupt ssd when encrypting and power
fails") added a lot of code to handle pausing in-place conversion from
unencrypted => FDE when the battery was low, and resuming it later.
It was eventually decided that this wasn't needed, and commit
7e17e2d22678 ("Don't worry about battery levels when encrypting")
removed the checks for low battery.
This made the partial encryption code unused. So remove it.
Note that this was cluttering up the metadata encryption code too, since
EncryptInplace.cpp is now shared by both FDE and metadata encryption.
Bug:
16868177
Test: see I08fc8465f7962abd698904b5466f3ed080d53953
Change-Id: Ibd2eb08a2aa15938097abcb8a67b5a813c4d76c7
Eric Biggers [Tue, 3 Nov 2020 18:04:23 +0000 (18:04 +0000)]
Merge changes I8d2bd67d,I704522b2 am:
27f3ab89d0 am:
5a9feb48fa
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1484498
Change-Id: Ia206b84e8b2ec96882da9c51102f955161ca06f3
Eric Biggers [Tue, 3 Nov 2020 17:48:09 +0000 (17:48 +0000)]
Merge changes I8d2bd67d,I704522b2 am:
27f3ab89d0
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1484498
Change-Id: I28ef08b0fe9b3c94b02769f43e21f574e524da57
Eric Biggers [Tue, 3 Nov 2020 17:02:46 +0000 (17:02 +0000)]
Merge changes I8d2bd67d,I704522b2
* changes:
FsCrypt: silently skip "." and ".." when loading keys
Utils: add IsDotOrDotDot() and use it in the appropriate places
Eric Biggers [Tue, 3 Nov 2020 00:23:55 +0000 (00:23 +0000)]
Merge "KeyUtil: don't use keepOld=true for system DE and volume keys" am:
4a969dba60 am:
1d692f3b7b
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1480696
Change-Id: Idec4eb2c0afca69c0b322935397bea009f5683f1
Eric Biggers [Tue, 3 Nov 2020 00:08:56 +0000 (00:08 +0000)]
Merge "KeyUtil: don't use keepOld=true for system DE and volume keys" am:
4a969dba60
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1480696
Change-Id: I45f11f64c84b540a27cdc39af493a2ee4e552bce
Eric Biggers [Mon, 2 Nov 2020 23:11:06 +0000 (15:11 -0800)]
FsCrypt: silently skip "." and ".." when loading keys
Avoid logging useless messages like:
D vold : Skipping non-key .
D vold : Skipping non-key ..
D vold : Skipping non-de-key .
D vold : Skipping non-de-key ..
Change-Id: I8d2bd67d554605a5ab9faadd3730870dfe0881f6
Eric Biggers [Mon, 2 Nov 2020 23:31:56 +0000 (15:31 -0800)]
Utils: add IsDotOrDotDot() and use it in the appropriate places
Change-Id: I704522b26acfb3e7c423d9a14d69ede513b50482
Eric Biggers [Mon, 2 Nov 2020 23:31:23 +0000 (23:31 +0000)]
Merge "KeyUtil: don't use keepOld=true for system DE and volume keys"
Eric Biggers [Thu, 29 Oct 2020 19:59:28 +0000 (12:59 -0700)]
KeyUtil: don't use keepOld=true for system DE and volume keys
Commit
77df7f207dce / http://aosp/
1217657 ("Refactor to use
EncryptionPolicy everywhere we used to use raw_ref") unintentionally
made fscrypt_initialize_systemwide_keys() start specifying keepOld=true
(via default parameter value) when retrieving the system DE key, and
likewise for read_or_create_volkey() and volume keys.
As a result, if the associated Keymaster key needs to be upgraded, the
upgraded key blob gets written to "keymaster_key_blob_upgraded", but it
doesn't replace the original "keymaster_key_blob", nor is the original
key deleted from Keymaster. This happens at every boot, eventually
resulting in the RPMB partition in Keymaster becoming full.
Only the metadata encryption key ever needs keepOld=true, since it's the
only key that isn't stored in /data, and the purpose of keepOld=true is
to allow a key that isn't stored in /data to be committed or rolled back
when a userdata checkpoint is committed or rolled back.
So, fix this bug by removing the default value of keepOld, and
specifying false everywhere except the metadata encryption key.
Note that when an affected device gets this fix, it will finally upgrade
its system DE key correctly. However, this fix doesn't free up space in
Keymaster that was consumed by this bug.
Test: On bramble:
- Flashed rvc-d1-dev build, with wiping userdata
- Flashed a newer build, without wiping userdata
- Log expectedly shows key upgrades:
$ adb logcat | grep 'Upgrading key'
D vold : Upgrading key: /metadata/vold/metadata_encryption/key
D vold : Upgrading key: /data/unencrypted/key
D vold : Upgrading key: /data/misc/vold/user_keys/de/0
D vold : Upgrading key: /data/misc/vold/user_keys/ce/0/current
- Rebooted
- Log unexpectedly shows the system DE key being upgraded again:
$ adb logcat | grep 'Upgrading key'
D vold : Upgrading key: /data/unencrypted/key
- "keymaster_key_blob_upgraded" unexpectedly still exists:
$ adb shell find /data /metadata -name keymaster_key_blob_upgraded
/data/unencrypted/key/keymaster_key_blob_upgraded
- Applied this fix and flashed, without wiping userdata
- Log shows system DE key being upgraded (expected because due to the
bug, the upgraded key didn't replace the original one before)
$ adb logcat | grep 'Upgrading key'
D vold : Upgrading key: /data/unencrypted/key
- "keymaster_key_blob_upgraded" expectedly no longer exists
$ adb shell find /data /metadata -name keymaster_key_blob_upgraded
- Rebooted
- Log expectedly doesn't show any more key upgrades
$ adb logcat | grep 'Upgrading key'
Bug:
171944521
Bug:
172019387
Change-Id: I42d3f5fbe32cb2ec229f4b614cfb271412a3ed29
Eric Biggers [Wed, 28 Oct 2020 16:50:42 +0000 (16:50 +0000)]
Merge "Fix argument type for FS_IOC_GETFLAGS and FS_IOC_SETFLAGS" am:
569fb8365e am:
524e094991
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1472321
Change-Id: I7d9b20e25b93c0f9707714027ab6c15fa9d224f7
Eric Biggers [Wed, 28 Oct 2020 16:26:09 +0000 (16:26 +0000)]
Merge "Fix argument type for FS_IOC_GETFLAGS and FS_IOC_SETFLAGS" am:
569fb8365e
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1472321
Change-Id: I5cb2651ee48ab2a9afb9ec5ded8259cd006ecbfe
Eric Biggers [Wed, 28 Oct 2020 16:16:26 +0000 (16:16 +0000)]
Merge "Fix argument type for FS_IOC_GETFLAGS and FS_IOC_SETFLAGS"
Eric Biggers [Fri, 23 Oct 2020 23:32:58 +0000 (16:32 -0700)]
Fix argument type for FS_IOC_GETFLAGS and FS_IOC_SETFLAGS
These ioctls take a pointer to an 'int' (or an 'unsigned int', it
doesn't matter), not an 'unsigned long'. See 'man ioctl_iflags'.
Presumably it happened to work anyway because Android only runs on
little endian platforms.
Bug:
146419093
Bug:
163453310
Change-Id: I73099dafd4ee8d497c0a754149271871a37454f6
Signed-off-by: Eric Biggers <ebiggers@google.com>
Yo Chiang [Mon, 26 Oct 2020 06:20:25 +0000 (06:20 +0000)]
Merge "Add IVold::destroyDsuMetadataKey()" am:
cb581cc8de am:
3ae0c6737c
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1452395
Change-Id: I7cb2b806de2f70e6ce569001d79f07a4ce6c8556
Yo Chiang [Mon, 26 Oct 2020 05:49:35 +0000 (05:49 +0000)]
Merge "Add IVold::destroyDsuMetadataKey()" am:
cb581cc8de
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1452395
Change-Id: I6241d71e331eebe0222696a052e40d2222a9c537
Yo Chiang [Mon, 26 Oct 2020 05:27:36 +0000 (05:27 +0000)]
Merge "Add IVold::destroyDsuMetadataKey()"
Treehugger Robot [Thu, 22 Oct 2020 00:32:21 +0000 (00:32 +0000)]
Merge "Set media folder +F for adopted storage as well" am:
739ca2c298 am:
19adff5f27
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1397560
Change-Id: I855399600230f5a27d8058ec7fee0df9b2d22f22
Treehugger Robot [Wed, 21 Oct 2020 23:12:51 +0000 (23:12 +0000)]
Merge "Set media folder +F for adopted storage as well" am:
739ca2c298
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1397560
Change-Id: I90d0e56e260094661217dd20135f9fde6da96e98
Treehugger Robot [Wed, 21 Oct 2020 22:04:11 +0000 (22:04 +0000)]
Merge "Set media folder +F for adopted storage as well"
Daniel Rosenberg [Thu, 13 Aug 2020 01:31:43 +0000 (18:31 -0700)]
Set media folder +F for adopted storage as well
We previously only set +F for /data/media, but adopted storage needs
this as well. Instead we add support for adding attrs to PrepareDir.
Bug:
163453310
Test: sm set-virtual-disk true
follow UI setup and confirm +F on /mnt/expand/*/media
Change-Id: I08f13b57a4de3538e88b38eb95b0ac115a5a5ce8
Merged-In: I08f13b57a4de3538e88b38eb95b0ac115a5a5ce8
Eric Biggers [Wed, 21 Oct 2020 00:02:21 +0000 (00:02 +0000)]
Merge "vold: Generate storage key without rollback resistance" am:
4f5e9c196f am:
b6d1a31949
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1426109
Change-Id: Iaab2239444df05a089224bd145fe6d9c4baee436
Eric Biggers [Tue, 20 Oct 2020 23:45:41 +0000 (23:45 +0000)]
Merge "vold: Generate storage key without rollback resistance" am:
4f5e9c196f
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1426109
Change-Id: Ibf06476010946d799c4b1fa5143ed4eac96f301a
Eric Biggers [Tue, 20 Oct 2020 23:17:22 +0000 (23:17 +0000)]
Merge "vold: Generate storage key without rollback resistance"
Gaurav Kashyap [Fri, 11 Sep 2020 22:24:01 +0000 (15:24 -0700)]
vold: Generate storage key without rollback resistance
Generate a storage key without rollback_resistance when device doesnt
support the corresponding tag.
Bug:
168527558
Change-Id: Iaf27c64dba627a31c9cbd9178458bf6785d00251
Eric Biggers [Mon, 19 Oct 2020 17:30:11 +0000 (17:30 +0000)]
Merge changes Idc575106,Id6457a2b am:
3e0e53dbe5 am:
8671044a64
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1462712
Change-Id: I9c673f9b4bf31b88c8ffa74e6f32f8eb4d2f9045
Eric Biggers [Mon, 19 Oct 2020 17:30:00 +0000 (17:30 +0000)]
Merge "MetadataCrypt: remove unnecessary retry loop" am:
80fdc5a4e3 am:
5a1e03f705
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1462708
Change-Id: I5211d2aba15fcd8e201862428f79eb282ecff889
Eric Biggers [Mon, 19 Oct 2020 17:28:34 +0000 (17:28 +0000)]
Merge "Silence useless LOOP_GET_STATUS64 warnings" am:
6f70c92aee am:
4d0d21e69d
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1462709
Change-Id: Iacf84a01d4937c62befac52cd1f0eb6ab6104663
Eric Biggers [Mon, 19 Oct 2020 16:26:21 +0000 (16:26 +0000)]
Merge changes Idc575106,Id6457a2b am:
3e0e53dbe5
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1462712
Change-Id: If01239e184cd19de660fa158d599c9826ea0cf71
Eric Biggers [Mon, 19 Oct 2020 16:26:15 +0000 (16:26 +0000)]
Merge "MetadataCrypt: remove unnecessary retry loop" am:
80fdc5a4e3
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1462708
Change-Id: Id26dbda854480c74d07fcec87f1d045325bf625a
Eric Biggers [Mon, 19 Oct 2020 16:26:06 +0000 (16:26 +0000)]
Merge "Silence useless LOOP_GET_STATUS64 warnings" am:
6f70c92aee
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1462709
Change-Id: I75d169008b857848c314598cac4d87f27d6919b1
Eric Biggers [Mon, 19 Oct 2020 16:08:02 +0000 (16:08 +0000)]
Merge changes Idc575106,Id6457a2b
* changes:
IdleMaint: skip swap space, bind mounts, and virtual filesystems
IdleMaint: use fstab_default from VoldUtil
Eric Biggers [Mon, 19 Oct 2020 16:05:53 +0000 (16:05 +0000)]
Merge "MetadataCrypt: remove unnecessary retry loop"
Eric Biggers [Mon, 19 Oct 2020 16:05:17 +0000 (16:05 +0000)]
Merge "Silence useless LOOP_GET_STATUS64 warnings"
Eric Biggers [Thu, 15 Oct 2020 23:54:38 +0000 (16:54 -0700)]
IdleMaint: skip swap space, bind mounts, and virtual filesystems
When the idle maintenance task runs on Cuttlefish, there are several
warnings printed to logcat after the expected messages:
D vold : Starting trim of /data
I vold : Trimmed 0 bytes on /data in 36ms
D vold : Starting trim of /cache
I vold : Trimmed
58662912 bytes on /cache in 0ms
D vold : Starting trim of /metadata
I vold : Trimmed
7725056 bytes on /metadata in 12ms
D vold : Starting trim of none
W vold : Failed to open none: No such file or directory
D vold : Starting trim of /sdcard
W vold : Failed to open /sdcard: Not a directory
D vold : Starting trim of /mnt/vendor/shared
W vold : Trim failed on /mnt/vendor/shared: Inappropriate ioctl for device
This is because vold gathers the filesystems to trim from the fstab, but
it fails to exclude some entries that aren't appropriate to trim:
/dev/block/zram0 none swap defaults zramsize=75%
/tmp /sdcard none defaults,bind recoveryonly
shared /mnt/vendor/shared virtiofs nosuid,nodev,noatime nofail
These should be excluded because they are swap space, a bind mount, and
a virtual filesystem respectively.
Fix addFromFstab() to exclude the above cases.
Afterwards, the messages on Cuttlefish are:
D vold : Starting trim of /data
I vold : Trimmed 0 bytes on /data in 39ms
D vold : Starting trim of /cache
I vold : Trimmed
58662912 bytes on /cache in 0ms
D vold : Starting trim of /metadata
I vold : Trimmed
9822208 bytes on /metadata in 12ms
Change-Id: Idc575106fe6f81c737f684429d58dba4bd5478ad
Eric Biggers [Thu, 15 Oct 2020 23:54:38 +0000 (16:54 -0700)]
IdleMaint: use fstab_default from VoldUtil
vold already reads the default fstab into memory when starting up, and
the default fstab isn't allowed to change later. So in IdleMaint.cpp,
just use 'fstab_default' instead of reading it again.
This also has the advantage that fstab entries for "logical partitions"
now get a properly updated blk_device, which is needed in order to start
using blk_device to exclude virtual filesystems in addFromFstab().
Change-Id: Id6457a2b7972d01dde4bca0c5f2da86374d930af
Eric Biggers [Thu, 15 Oct 2020 21:52:54 +0000 (14:52 -0700)]
Silence useless LOOP_GET_STATUS64 warnings
When vold starts up, there are lots of warnings like:
W vold : Failed to LOOP_GET_STATUS64 /dev/block/loop30: No such device or address
W vold : Failed to LOOP_GET_STATUS64 /dev/block/loop29: No such device or address
W vold : Failed to LOOP_GET_STATUS64 /dev/block/loop28: No such device or address
vold is iterating through all loop devices and unbinding the file from
any vold-managed ones.
It's expected that not all loop devices have a file bound to them,
however. On these, LOOP_GET_STATUS64 fails with ENXIO.
Don't print a warning in such cases.
Change-Id: I91755259dc2c09b1869627259d1e59d5edd6f145
Eric Biggers [Thu, 15 Oct 2020 21:39:34 +0000 (14:39 -0700)]
MetadataCrypt: remove unnecessary retry loop
As per the discussion at http://aosp/
1456266, the retry loop in
create_crypto_blk_dev() doesn't appear to be needed. Remove it.
For now don't bother removing the same retry loop in cryptfs.cpp, since
the FDE code isn't really being updated anymore and eventually will be
removed entirely.
Change-Id: Iba0b046f9cdd9723ea1a2ae70f4d4aed4355b97b
Yo Chiang [Wed, 7 Oct 2020 06:20:00 +0000 (14:20 +0800)]
Add IVold::destroyDsuMetadataKey()
destroyDsuMetadataKey() / destroy_dsu_metadata_key() calls
android::gsi::GetDsuMetadataKeyDir() to query the DSU metadata
encryption key dir and destroy the key.
This releases the resource and allows consecutive DSU installations to
use the same key *directory*, but not the same key *blob*.
Bug:
168571434
Test: 1. Install a DSU system.
2. Boot the DSU system and reboot back to the host system.
3. Wipe the DSU installation.
4. DSU metadata key dir /metadata/vold/metadata_encryption/dsu/dsu is
destroyed.
Change-Id: Ib851177315a5a266807f46ccfd446de1848232cf
Martijn Coenen [Mon, 12 Oct 2020 19:04:22 +0000 (19:04 +0000)]
Merge "Use dm.CreateDevice() with a timeout." am:
e9023dc7bb am:
7da18c97ef
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1456266
Change-Id: If3c48689e76062c7819bba9a8ac43c2e14e4d189
Martijn Coenen [Mon, 12 Oct 2020 18:46:02 +0000 (18:46 +0000)]
Merge "Use dm.CreateDevice() with a timeout." am:
e9023dc7bb
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1456266
Change-Id: Id232a623d6aa3beaa3fdb5b31c722e96da6d75c9
Martijn Coenen [Mon, 12 Oct 2020 18:07:39 +0000 (18:07 +0000)]
Merge "Use dm.CreateDevice() with a timeout."
Martijn Coenen [Mon, 12 Oct 2020 11:26:52 +0000 (13:26 +0200)]
Use dm.CreateDevice() with a timeout.
Using the regular CreateDevice() variant with getDmDeviceByName() has a
race-condition that is documented in libdm/dm.h; instead, use the
variant with a timeout, which guarantees that the block device exists
when it returns.
Test: atest AdoptableHostTest
Bug:
150935323
Change-Id: Ic06cad9af7c44e23359d95b262f68dba27ddfb3a
Xin Li [Fri, 9 Oct 2020 03:39:50 +0000 (03:39 +0000)]
[automerger skipped] Skip ab/
6749736 in stage. am:
fd4abc5e72 -s ours
am skip reason: Change-Id I876aaf6bba933c964a3573d8053cc60829b3a5fa with SHA-1
e9317d2d74 is in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/
12796992
Change-Id: I5f4fa754fe9a8963880bfaf851aff7eb30dad4cb
Xin Li [Fri, 9 Oct 2020 00:24:08 +0000 (17:24 -0700)]
Skip ab/
6749736 in stage.
Merged-In: I876aaf6bba933c964a3573d8053cc60829b3a5fa
Change-Id: I4c8616d3c17e3b9818bde3299fcc79f5444a95f5
Alan Stokes [Mon, 5 Oct 2020 09:32:58 +0000 (09:32 +0000)]
Merge "Enable vold to set level from user." am:
dd66de13ea am:
cfc66f28b1 am:
77894409cf
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1437215
Change-Id: I6dbacaf42ed2651f2f65ceb2a011eed08987d644
Alan Stokes [Mon, 5 Oct 2020 08:57:55 +0000 (08:57 +0000)]
Merge "Enable vold to set level from user." am:
dd66de13ea am:
cfc66f28b1
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1437215
Change-Id: I63fa1f6301d457540c5243ba621d2efcacc9641f
Alan Stokes [Mon, 5 Oct 2020 08:38:49 +0000 (08:38 +0000)]
Merge "Enable vold to set level from user." am:
dd66de13ea
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1437215
Change-Id: I4e09204e7b0e2a0c3028ba38238bf65636144ad2
Alan Stokes [Mon, 5 Oct 2020 08:23:08 +0000 (08:23 +0000)]
Merge "Enable vold to set level from user."
Alan Stokes [Fri, 7 Feb 2020 09:29:38 +0000 (09:29 +0000)]
Enable vold to set level from user.
We want various per-user directories to have their SELinux MLS level
set to restrict access from other users, as an improvement to user
isolation.
We extend vold_prepare_subdirs to implement this if a flag is
set. vold itself then sets the flag based on a new property,
ro.vold.level_from_user. This is to allow testing of further
incremental work to ensure system apps correctly handle the new
restriction on different devices rather than causing immediate
breakage. Eventually this will go away and the restriction will apply
everywhere.
Bug:
141677108
Test: Manual, with and without propery set.
Change-Id: I8e2207bd94b487bdcc09fd4d80b031027dfea1e3
Treehugger Robot [Thu, 24 Sep 2020 17:22:32 +0000 (17:22 +0000)]
Merge "vold: remove unused stop() methods" am:
d70e2b4ea9 am:
27a747b8ab am:
406cabf717
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1434595
Change-Id: Ibb68550d81667178461c4ac990228fcb02a2a8a4
Treehugger Robot [Thu, 24 Sep 2020 16:54:24 +0000 (16:54 +0000)]
Merge "vold: remove unused stop() methods" am:
d70e2b4ea9 am:
27a747b8ab
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1434595
Change-Id: I41c720b7260e7fa2b4d0c460df630c7fce8bd135
Treehugger Robot [Thu, 24 Sep 2020 16:25:43 +0000 (16:25 +0000)]
Merge "vold: remove unused stop() methods" am:
d70e2b4ea9
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1434595
Change-Id: Ifb529e76791d98c76c549bfb93c5abcf4096e685
Treehugger Robot [Thu, 24 Sep 2020 16:06:58 +0000 (16:06 +0000)]
Merge "vold: remove unused stop() methods"
Eric Biggers [Wed, 23 Sep 2020 17:00:40 +0000 (10:00 -0700)]
vold: remove unused stop() methods
NetlinkManager::stop() and VolumeManager::stop() are never called, so
remove them.
Change-Id: I868aa2ad24066d2830816984afcc10000cbabad1
Treehugger Robot [Mon, 21 Sep 2020 11:17:39 +0000 (11:17 +0000)]
Merge "bench: Add fail-fast error path to inodeop_bench" am:
5a99d3cfbb am:
2cfe561129 am:
c0eded67a6
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1429775
Change-Id: Ic736a201f65a83ce82495177e26313d44bce15c8
Treehugger Robot [Mon, 21 Sep 2020 10:26:38 +0000 (10:26 +0000)]
Merge "bench: Add fail-fast error path to inodeop_bench" am:
5a99d3cfbb am:
2cfe561129
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1429775
Change-Id: I6ec04c8a1f8f4e1c6a6a96fb7e7b38813a0add3b
Treehugger Robot [Mon, 21 Sep 2020 10:07:55 +0000 (10:07 +0000)]
Merge "bench: Add fail-fast error path to inodeop_bench" am:
5a99d3cfbb
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1429775
Change-Id: I6bd94ca9e8ec62660b716d319ae949cdc578f6a3
Treehugger Robot [Mon, 21 Sep 2020 09:44:03 +0000 (09:44 +0000)]
Merge "bench: Add fail-fast error path to inodeop_bench"
Stefano Duo [Fri, 18 Sep 2020 09:00:42 +0000 (09:00 +0000)]
bench: Add fail-fast error path to inodeop_bench
If one of the repeated operations specified by a command fails, report
the error to the user and don't export its metric.
Test: Manual run on physical device
Bug:
165903680
Signed-off-by: Stefano Duo <stefanoduo@google.com>
Change-Id: I3a8caeb6d878b004d89e425bc166c8505fda938a
Treehugger Robot [Wed, 16 Sep 2020 03:14:02 +0000 (03:14 +0000)]
Merge "vold: remove unused code for CONFIG_HW_DISK_ENCRYPTION" am:
4e6e7e6c70 am:
c9548b9d9e am:
48b6b1c767
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1427711
Change-Id: I8704dc372c1deebd87f2e5e52c781fbe3f46978b
Treehugger Robot [Wed, 16 Sep 2020 02:26:57 +0000 (02:26 +0000)]
Merge "vold: remove unused code for CONFIG_HW_DISK_ENCRYPTION" am:
4e6e7e6c70 am:
c9548b9d9e
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1427711
Change-Id: I65c09190aa8f6e61bda750980bfdcc06e0306d4b
Treehugger Robot [Wed, 16 Sep 2020 02:04:55 +0000 (02:04 +0000)]
Merge "vold: remove unused code for CONFIG_HW_DISK_ENCRYPTION" am:
4e6e7e6c70
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1427711
Change-Id: I0254ee7e493f98a78476f2e939884185b04d10c0
Treehugger Robot [Wed, 16 Sep 2020 01:24:16 +0000 (01:24 +0000)]
Merge "vold: remove unused code for CONFIG_HW_DISK_ENCRYPTION"
Eric Biggers [Tue, 15 Sep 2020 18:55:40 +0000 (11:55 -0700)]
vold: remove unused code for CONFIG_HW_DISK_ENCRYPTION
Nothing defines CONFIG_HW_DISK_ENCRYPTION, so remove the unused code
that's conditional on it being defined.
Change-Id: Ie435e138686eb4eac47d9aa762ae06f1645a117f
Daeho Jeong [Tue, 15 Sep 2020 01:13:08 +0000 (01:13 +0000)]
Merge "secdiscard: use F2FS_IOC_SEC_TRIM_FILE for secure discard" am:
c5ff520a01 am:
58383d92c6 am:
79dfe789d9
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1420895
Change-Id: Ie7763c4b57b5e4d78eb5e5e8f31a7dd78f550aae
Daeho Jeong [Tue, 15 Sep 2020 00:45:22 +0000 (00:45 +0000)]
Merge "secdiscard: use F2FS_IOC_SEC_TRIM_FILE for secure discard" am:
c5ff520a01 am:
58383d92c6
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1420895
Change-Id: I51b4ca860a8222a2a978ea96cbd68d53262ac2e3
Daeho Jeong [Tue, 15 Sep 2020 00:13:38 +0000 (00:13 +0000)]
Merge "secdiscard: use F2FS_IOC_SEC_TRIM_FILE for secure discard" am:
c5ff520a01
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1420895
Change-Id: I84cf17d8dd07c72a67beba46a814f51969a159ac
Daeho Jeong [Mon, 14 Sep 2020 23:50:17 +0000 (23:50 +0000)]
Merge "secdiscard: use F2FS_IOC_SEC_TRIM_FILE for secure discard"
Daeho Jeong [Tue, 8 Sep 2020 03:59:28 +0000 (12:59 +0900)]
secdiscard: use F2FS_IOC_SEC_TRIM_FILE for secure discard
A new interface, F2FS_IOC_SEC_TRIM_FILE, has been added to F2FS
filesystem to send secure discard command to a specific file,
not to block device. We can use this interface for better discard
command handling on a file basis.
[how to use F2FS_IOC_SEC_TRIM_FILE]
start: start offset in byte (should be aligned with 4096)
len: length in byte (should be aligned with 4096, except designating EOF)
-1 also means till EOF.
flags: F2FS_TRIM_FILE_DISCARD - sending secure discard command. If the
device doesn't support it, send normal
discard.
F2FS_TRIM_FILE_ZEROOUT - overwrite zero data in the file.
Bug:
140759142
Test: execute "secdiscard -- <file_path>" and check the content of file
Signed-off-by: Daeho Jeong <daehojeong@google.com>
Change-Id: I6ee44a047d291274c9d70ae5e4ccccfc06a52f89
Treehugger Robot [Fri, 11 Sep 2020 10:14:30 +0000 (10:14 +0000)]
[automerger skipped] Merge "Add '-unstable' to solve ODR violation" am:
f7794b5dc1 am:
5724e15454 -s ours am:
95177aab00 -s ours
am skip reason: Change-Id Id3c4bbc9149ba7c3e0a0d728026f02f60cb17424 with SHA-1
44b2f954be is in history
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1400407
Change-Id: If5b9d639b35b8c3017fb3b3dc316fb648951a737
Treehugger Robot [Fri, 11 Sep 2020 09:29:33 +0000 (09:29 +0000)]
[automerger skipped] Merge "Add '-unstable' to solve ODR violation" am:
f7794b5dc1 am:
5724e15454 -s ours
am skip reason: Change-Id Id3c4bbc9149ba7c3e0a0d728026f02f60cb17424 with SHA-1
44b2f954be is in history
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1400407
Change-Id: Iba1f2ef22059f905091e742f8041e675a6f76d77
Treehugger Robot [Fri, 11 Sep 2020 08:40:46 +0000 (08:40 +0000)]
Merge "Add '-unstable' to solve ODR violation" am:
f7794b5dc1
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1400407
Change-Id: I44aea35571e4dff7f9f1010325f51d0e98dc01f1
Treehugger Robot [Fri, 11 Sep 2020 08:19:44 +0000 (08:19 +0000)]
Merge "Add '-unstable' to solve ODR violation"
Jeongik Cha [Fri, 14 Aug 2020 14:51:36 +0000 (23:51 +0900)]
Add '-unstable' to solve ODR violation
The interface which is imported by an unstable interface is 'unstable'
as well. Until now, the ODR violation checker in aidl has omitted an
interface imported, but it will be checked, accordingly, fix the current
problem
Bug:
146436251
Test: m nothing
Change-Id: Id3c4bbc9149ba7c3e0a0d728026f02f60cb17424
Merged-In: Id3c4bbc9149ba7c3e0a0d728026f02f60cb17424
Exempt-From-Owner-Approval: cp from internal
Xin Li [Fri, 11 Sep 2020 03:33:34 +0000 (03:33 +0000)]
[automerger skipped] Merge "Merge Android R" am:
141c2027e2 -s ours am:
789d1d0866 -s ours am:
a56f7d2608 -s ours
am skip reason: Change-Id I477d2dfba05718c829fdb2099248a8baba1125ab with SHA-1
8743ef4ea6 is in history
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1422563
Change-Id: Ib0d73f9b471d4cb9834da5c25aaeae2a53ade075
Xin Li [Fri, 11 Sep 2020 02:02:43 +0000 (02:02 +0000)]
[automerger skipped] Merge "Merge Android R" am:
141c2027e2 -s ours am:
789d1d0866 -s ours
am skip reason: Change-Id I477d2dfba05718c829fdb2099248a8baba1125ab with SHA-1
8743ef4ea6 is in history
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1422563
Change-Id: Ic319ade87dab6280b771d6f8d91d7bfde3a056fe
Xin Li [Fri, 11 Sep 2020 00:40:18 +0000 (00:40 +0000)]
[automerger skipped] Merge "Merge Android R" am:
141c2027e2 -s ours
am skip reason: Change-Id I477d2dfba05718c829fdb2099248a8baba1125ab with SHA-1
8743ef4ea6 is in history
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1422563
Change-Id: I78dff452b759e863b082f44b76fb5ae9a83cb704
Xin Li [Thu, 10 Sep 2020 17:22:31 +0000 (17:22 +0000)]
Merge "Merge Android R"
Xin Li [Thu, 10 Sep 2020 03:21:28 +0000 (20:21 -0700)]
Merge Android R
Bug:
168057903
Merged-In: I477d2dfba05718c829fdb2099248a8baba1125ab
Change-Id: Ib60b99425dc79ca4c5b23772f32036f4e17ad11f
Treehugger Robot [Wed, 9 Sep 2020 14:17:24 +0000 (14:17 +0000)]
Merge "bench: Add inodeop_bench benchmark" am:
e804806d79 am:
8743ef4ea6 am:
6bc12b0352
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1421048
Change-Id: I4207b03f8683cc3e8f0e9419f2102332d9fd36d9
Treehugger Robot [Wed, 9 Sep 2020 13:50:13 +0000 (13:50 +0000)]
Merge "bench: Add inodeop_bench benchmark" am:
e804806d79 am:
8743ef4ea6
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1421048
Change-Id: I1071fd34394aefcc2fc2e5bfd29e97df6dc28072
Treehugger Robot [Wed, 9 Sep 2020 13:34:41 +0000 (13:34 +0000)]
Merge "bench: Add inodeop_bench benchmark" am:
e804806d79
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1421048
Change-Id: I477d2dfba05718c829fdb2099248a8baba1125ab
Treehugger Robot [Wed, 9 Sep 2020 13:03:12 +0000 (13:03 +0000)]
Merge "bench: Add inodeop_bench benchmark"
Stefano Duo [Mon, 7 Sep 2020 16:30:49 +0000 (16:30 +0000)]
bench: Add inodeop_bench benchmark
Add new benchmark capable of generating specific inode operations
workloads. Currently, it supports create, delete, move, hardlink and
symlink.
Test: Manual run on cuttlefish and physical device
Bug:
165903680
Signed-off-by: Stefano Duo <stefanoduo@google.com>
Change-Id: Ia47f259b7ccea5fe1665b272c3cbc9ec1bf2eb56
Xin Li [Tue, 1 Sep 2020 21:46:46 +0000 (21:46 +0000)]
[automerger skipped] Merge Android R (rvc-dev-plus-aosp-without-vendor@
6692709) am:
24ae202734 -s ours am:
f13d17f2b8 -s ours
am skip reason: Change-Id Id417587a550b0f4abf5a6a3e4b4535011b21f627 with SHA-1
dd8b695c61 is in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/
12470406
Change-Id: I81c76af55e45dde815acb9138570e6ca627597a3
Xin Li [Tue, 1 Sep 2020 20:37:11 +0000 (20:37 +0000)]
[automerger skipped] Merge Android R (rvc-dev-plus-aosp-without-vendor@
6692709) am:
24ae202734 -s ours
am skip reason: Change-Id Id417587a550b0f4abf5a6a3e4b4535011b21f627 with SHA-1
dd8b695c61 is in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/
12470406
Change-Id: Id0bdc9b0190233ed0384b52a5844597b337833e1
Jeongik Cha [Fri, 28 Aug 2020 01:49:42 +0000 (01:49 +0000)]
Add '-unstable' to solve ODR violation am:
44b2f954be
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/
12377824
Change-Id: I9f3d00625a59390efdb926cde389729a71be7fa7
Xin Li [Thu, 27 Aug 2020 17:17:42 +0000 (10:17 -0700)]
Merge Android R (rvc-dev-plus-aosp-without-vendor@
6692709)
Bug:
166295507
Merged-In: Id417587a550b0f4abf5a6a3e4b4535011b21f627
Change-Id: Ibb5e8cf5f36dad408cf047dd0498aba24249b695
Jeongik Cha [Fri, 14 Aug 2020 14:51:36 +0000 (23:51 +0900)]
Add '-unstable' to solve ODR violation
The interface which is imported by an unstable interface is 'unstable'
as well. Until now, the ODR violation checker in aidl has omitted an
interface imported, but it will be checked, accordingly, fix the current
problem
Bug:
146436251
Test: m nothing
Change-Id: Id3c4bbc9149ba7c3e0a0d728026f02f60cb17424
Treehugger Robot [Tue, 11 Aug 2020 11:28:19 +0000 (11:28 +0000)]
Merge "Add maco@ to vold OWNERS." am:
157a08bb92 am:
3d1b6ac7c0 am:
abd6f5a165
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1396467
Change-Id: I857784ab0f24771c96ad0ecf48ddec659c650f9c
Treehugger Robot [Tue, 11 Aug 2020 11:13:35 +0000 (11:13 +0000)]
Merge "Add maco@ to vold OWNERS." am:
157a08bb92 am:
3d1b6ac7c0
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/
1396467
Change-Id: I02184aa11a783fb3201812d2a8f64faca981cbc2