OSDN Git Service
Iliyan Malchev [Fri, 21 Nov 2014 02:42:23 +0000 (18:42 -0800)]
fall back to dm-crypt if device already encrypted
Devices already encrypted with aes-cbc-essiv:sha256 will continue to be
decrypted in software, until a factory data reset. New devices that
implement CONFIG_HW_DISK_ENCRYPTION will switch to aes-xts.
b/
17475056 Enable hardware crypto for userdata encryption
Change-Id: I62d1583bdaf7ff06b87e386e758fa3b18c719bca
Signed-off-by: Iliyan Malchev <malchev@google.com>
Ajay Dudani [Thu, 18 Sep 2014 04:02:52 +0000 (21:02 -0700)]
Adding support of dm-req-crypt
Currently Android provides disk encryption support using dm-crypt
which is based on bios. dm-crypt uses 512 bytes packet size for
crypto operations. While 512 bytes size packet is ok for SW based
disk encryption, it is inefficient for HW based crypto engines.
dm-req-crypt is similar to dm-crypt except it uses block requests
rathe bios for crypto operations. block requests when unpacked
carries data upto 512KB. Hence, HW based crypto engine can be used
more efficiently.
Also move create disk encryption key before framework start as
HW based disk encryption creates key in secure side. Key creation
can take sometime to create the key securely. If framework is
started before creating the key, it is possible that framework
requests service from secure side. Secure side can serve mostly one
request at a time. Secure side may reject framework request if key
creation request is still going on. This may cause problem in the
system
b/
17475056 Enable hardware crypto for userdata encryption
Change-Id: I5480ab72a37c02532218a18faaba598a824589fd
Signed-off-by: Iliyan Malchev <malchev@google.com>
Shawn Willden [Thu, 30 Oct 2014 14:12:32 +0000 (08:12 -0600)]
Modify vold to check for hardware keymaster.
vold should only use hardware keymaster implementations to protect the
disk encryption key, because there's little value in using the software
implementation. More importantly, if we allow vold to use softkeymaster
in the absence of a HW keymaster and (somehow) a HW keymaster is added
to a device, the HW version will be loaded, and will be unable to use
the softkeymaster key found in the crypto footer, forcing a factory
reset.
This CL will not break devices without HW keymaster, because
softkeymaster currently reports its keys as non-standalone (which isn't
correct). After this CL is in, I will fix softkeymaster.
Bug:
17362157
Change-Id: I98b169e7a59ff7d44b72069b87743463ec823ea2
Rubin Xu [Wed, 29 Oct 2014 15:41:23 +0000 (15:41 +0000)]
Merge "Make persistent field in cryptofs support longer values." into lmp-mr1-dev
Rubin Xu [Mon, 13 Oct 2014 11:49:54 +0000 (12:49 +0100)]
Make persistent field in cryptofs support longer values.
Store long field values in multiple underlying fixed-length entries
and concatenate them together when reading back.
Bug:
17556485
Change-Id: I2f8033d18c208993fa1b010712be0dad5d8b646b
JP Abgrall [Fri, 17 Oct 2014 18:50:39 +0000 (18:50 +0000)]
am
512f0d52: cryptfs: [HACK] reboot if the crypto block dev failed to open
* commit '
512f0d52ac5f85b327872e085d9fe6f02517eadf':
cryptfs: [HACK] reboot if the crypto block dev failed to open
JP Abgrall [Fri, 17 Oct 2014 18:41:56 +0000 (11:41 -0700)]
resolved conflicts for merge of
7776871d to lmp-mr1-dev
This change was already in lmp-mr1-dev
JP Abgrall [Sat, 11 Oct 2014 01:43:41 +0000 (18:43 -0700)]
cryptfs: [HACK] reboot if the crypto block dev failed to open
There are cases where the /dev/block/dm-0 fails to open.
This leads to the device not completing the boot up sequence.
Currently, the only way out is to reboot.
Bug:
17898962
Change-Id: If4583ebb1ef1ebdbaf680d69b876459aaec2f4ce
(cherry picked from commit
7fc1de8a44307d6c51826ab90f804702e08d1e6d)
JP Abgrall [Sat, 11 Oct 2014 01:43:41 +0000 (18:43 -0700)]
cryptfs: [HACK] reboot if the crypto block dev failed to open
There are cases where the /dev/block/dm-0 fails to open.
This leads to the device not completing the boot up sequence.
Currently, the only way out is to reboot.
Bug:
17898962
Change-Id: If4583ebb1ef1ebdbaf680d69b876459aaec2f4ce
JP Abgrall [Fri, 10 Oct 2014 22:52:11 +0000 (15:52 -0700)]
cryptfs: extra debugging around crypto blockdev dm-... errors.
Some times the /dev/block/dm-0 fails to open after it has been setup.
Log why.
Bug:
17576594
Bug:
17942270
Change-Id: If0bbfe22d84137f2029bacb10873832038f0d36c
JP Abgrall [Fri, 10 Oct 2014 22:52:11 +0000 (15:52 -0700)]
cryptfs: extra debugging around crypto blockdev dm-... errors.
Some times the /dev/block/dm-0 fails to open after it has been setup.
Log why.
Bug:
17576594
Bug:
17942270
Change-Id: If0bbfe22d84137f2029bacb10873832038f0d36c
Paul Lawrence [Sat, 4 Oct 2014 22:32:29 +0000 (15:32 -0700)]
Remove possibility of zero chars from passwords
scrypt pads the password with zeros. Our patterns use 0 to represent
the top left dot. So patterns that end there are equivalent to ones
that end one short.
After much thought, the best solution is to change the way we
represent patterns in keyguard. This, however, is a big change.
The short term solution is to change the pattern representation in vold
so that we are storing the correct thing. Later we will change keyguard
to handle patterns correctly and remove quite a few hacks from vold
(use of hex, this code). b/
17840293 created to track this.
Bug:
17751714
Change-Id: I30cdffb0f0db406d2e2b6c54d4153d120d975318
Paul Lawrence [Sun, 5 Oct 2014 23:24:46 +0000 (23:24 +0000)]
Merge "Reset failed decryption count on successful decryptions" into lmp-dev
Paul Lawrence [Sun, 5 Oct 2014 19:57:37 +0000 (12:57 -0700)]
Reset failed decryption count on successful decryptions
Bug:
17866359
Change-Id: I1af2ff1ac4f5243afba0cfa2f2d3a1d0b029091b
Greg Hackmann [Fri, 3 Oct 2014 00:18:20 +0000 (17:18 -0700)]
cryptfs: kill processes with open files on tmpfs /data
cryptfs will fail to remount /data at boot if any processes (e.g.
dex2oat) have files open on the tmpfs /data partition. Since these
files are about to be destroyed anyway, just kill the offending
processes: first with SIGHUP and finally with SIGKILL.
Also remove a stray i++ that effectively cut the number of retries in
half.
Bug:
17576594
Change-Id: I76fb90ce2e52846ffb9de706e52b7bde98b4186a
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Paul Lawrence [Tue, 30 Sep 2014 16:12:51 +0000 (09:12 -0700)]
Use monotonic clock for cryptfs progress
Otherwise we get strange results when the time changes. Worst
effect is that the encryption takes a lot longer since we are
calling the logging code far more frequently.
Bug:
17625981
Change-Id: Ice29f28b3720e9e4a1ea28e45eeab574d1959ec1
Greg Hackmann [Wed, 24 Sep 2014 23:32:00 +0000 (23:32 +0000)]
Merge "cryptfs: log umount() failure reason" into lmp-dev
Greg Hackmann [Wed, 24 Sep 2014 23:31:50 +0000 (23:31 +0000)]
Merge "print information about opened files when failed unmount" into lmp-dev
Greg Hackmann [Wed, 24 Sep 2014 21:55:20 +0000 (14:55 -0700)]
cryptfs: log umount() failure reason
Bug:
17576594
Change-Id: I7320aa597210896b4db6e663e1b2cb0c24d96557
Signed-off-by: Greg Hackmann <ghackmann@google.com>
jessica_yu [Mon, 22 Sep 2014 07:57:40 +0000 (15:57 +0800)]
print information about opened files when failed unmount
Change-Id: I88ae719cdae490433390d624f75612a9f4f96677
Cryptfs : Enabling support for allow_discards in dmcrypt.
Cryptfs : Password matches
Cryptfs : test_mount_encrypted_fs(): Master key saved
TrustyKeymaster: Creating device
TrustyKeymaster: Device address: 0x7f8f416100
Cryptfs : keymaster version is 3
Cryptfs : Just asked init to shut down class main
ServiceManager: service 'drm.drmManager' died
ServiceManager: service 'media.audio_flinger' died
ServiceManager: service 'media.player' died
ServiceManager: service 'media.camera' died
ServiceManager: service 'android.security.keystore' died
Cryptfs : unmounting /data failed
Bug:
17576594
Jeff Sharkey [Wed, 24 Sep 2014 18:46:51 +0000 (11:46 -0700)]
Include reason when wiping data.
This will help us track down who requested a data wipe.
Bug:
17412160
Change-Id: I5ab39a4de03c973ed151d703d6462a172ee043fd
Paul Lawrence [Mon, 22 Sep 2014 18:33:54 +0000 (11:33 -0700)]
Reduce cryptfs logspam
Bug:
17572886
Change-Id: I91302ccc284e0f908299852650db5bf645f2ff71
Paul Lawrence [Mon, 8 Sep 2014 17:11:17 +0000 (10:11 -0700)]
HACK: Retry/reboot when mount reports busy.
This is a hack because we don't know why mount() reports busy.
Requires dependent change in syste/core:
https://googleplex-android-review.git.corp.google.com/#/c/543125/
Bug:
17358530
Change-Id: I8d3078bc68f8c450adce2c3a4101b6a958f1c4a0
Paul Lawrence [Tue, 9 Sep 2014 21:47:53 +0000 (14:47 -0700)]
Don't worry about battery levels when encrypting
This is a deliberately minimalistic change. There is another
defect to remove all this code - removing some of it will (IMO)
simply confuse the issue.
Bug:
16868177
Bug:
17180951
Change-Id: I57d7a4fb3a881d62eb73419cd639a6e3ca567f91
Shawn Willden [Mon, 8 Sep 2014 19:04:08 +0000 (13:04 -0600)]
Change cryptfs keymaster padding to ensure the high bit is never 1,
to ensure the padded message is never larger than the RSA public
modulus.
Bug:
17358530
Change-Id: I4dc488399c4ecfa2d24cacb839a9087e65475947
Paul Lawrence [Mon, 8 Sep 2014 18:28:19 +0000 (11:28 -0700)]
Fix Shamus bricked by encryption upgrade
Bug:
17358530
Change-Id: I95207b62131224a2ed7ae3b75621a09acd69ea79
Shawn Willden [Wed, 3 Sep 2014 23:07:06 +0000 (17:07 -0600)]
Pad object to proper size before signing.
Correct implementations of keymaster should reject using an n-bit
RSA key to sign less than n bits of data, because we specify that
keymaster should not perform padding.
Change-Id: Ibdff1bbfbee84fd5bdbfb3149a124dbbaa7827fc
Paul Lawrence [Tue, 2 Sep 2014 17:52:15 +0000 (10:52 -0700)]
Correctly remove asecs for full disk encryption
Previously this would fail if the framework wasn't stopped. The failure
would then stop full disk encryption. The fact that the unmount worked,
however, would then stop the second attempt from achieving anything.
Fix in line with current retry philosophy
We still need to figure out why Devmapper::destroy() fails at first.
Bug:
17301843
Change-Id: I405a36c832ccdebf2d904bef77f15eea174a6bfb
Paul Lawrence [Thu, 28 Aug 2014 22:54:10 +0000 (15:54 -0700)]
Don't test mount when we can use the crypto footer to test the password
Note that this also changes the boot sequence, and moves the test for corrupted
data to cryptfs_restart_internal.
Bug:
17213613
Change-Id: I0f86e8fe3d482e2d1373bd0f4d0d861e63ad8904
Paul Lawrence [Mon, 25 Aug 2014 20:28:46 +0000 (20:28 +0000)]
Merge "Don't reboot after default encrypting" into lmp-dev
Paul Lawrence [Wed, 13 Aug 2014 21:55:55 +0000 (14:55 -0700)]
Show correct remaining time
In field reports, sometimes the remaining time gets stuck for many
minutes. This has to be caused by a spurious low reading early on which
cannot be overridded because of old logic.
Solution: allow time to increase but only by large amounts (avoid time
jittering up and down).
Bug:
16973374
Change-Id: I49d23ae8c54ded416cbedf383a3c03b33dc02e1c
Jeff Sharkey [Fri, 22 Aug 2014 19:29:05 +0000 (12:29 -0700)]
ASEC resize tweaking, allow read-write mounting.
Resize is no-op when sector count is unchanged; the caller can't
anticipate how vold does its sector calculations.
After resizing, we need to mount the container read-write, so allow
the caller to request "ro" or "rw" mode.
Handle ENOTSUP when trying to fallocate() on some filesystems
Bug:
16514385
Change-Id: I0d3a378280d4c36d14f8108ff428102283d583fa
Paul Lawrence [Fri, 15 Aug 2014 14:37:28 +0000 (07:37 -0700)]
Don't reboot after default encrypting
Instead trigger normal default encryption mount
Requires matching change to system/core: https://googleplex-android-review.git.corp.google.com/#/c/527286/
Bug:
17041092
Change-Id: Ifcf023386e08325db7dce61395fbb056f7d9815b
Daniel Rosenberg [Fri, 15 Aug 2014 22:19:23 +0000 (22:19 +0000)]
Revert "Revert "cryptfs: Added support for f2fs fast encryption""
This reverts commit
a70abc60091aed3c3eaf8bc8e1766e233c1c3a2f.
Change-Id: Ic41d1924638586cf9b2297f91ed5417f3b0303c6
Jim Miller [Fri, 15 Aug 2014 02:00:45 +0000 (02:00 +0000)]
Revert "cryptfs: Added support for f2fs fast encryption"
This reverts commit
74c01201dec12b5de43ba0f20a2f38e835cd00af.
Change-Id: Ib397a2b5812179ee2e2b68de5d718077563adc1c
Daniel Rosenberg [Wed, 13 Aug 2014 08:56:18 +0000 (01:56 -0700)]
cryptfs: Added support for f2fs fast encryption
Bug:
15749466
Change-Id: I25452a05e1cbe90ac6603a89db9b720c7ab17e55
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Paul Lawrence [Fri, 8 Aug 2014 21:28:10 +0000 (14:28 -0700)]
Wipe userdata when password is good but it won't mount
Store salted scrypt of intermediate key in crypto header
When mount fails, check if matches, and if it does return error
code prompting a wipe
Bug:
11477689
Change-Id: I3dcf9e0c64f2a01c8ba8eaf58df82cbe717d421b
JP Abgrall [Fri, 8 Aug 2014 01:44:37 +0000 (18:44 -0700)]
fstrim: Use a local definition of the IOCTL FIDTRIM number
As it is not upstream, it doesn't belong in the external/kernel-headers
... or in bionic's cleaned up copy.
It matches what is in common/android-3.10.
Bug:
15593563
Change-Id: I6fa22cd823a88805ec57f973813ac69291069c7d
JP Abgrall [Thu, 7 Aug 2014 23:50:44 +0000 (16:50 -0700)]
fstrim: fix typo in log message for FIDTRIM case
Bug:
15593563
Change-Id: I2b5fbbfb694e1b87de6c14ab63f1a5f803bbbc36
Paul Lawrence [Mon, 28 Jul 2014 19:47:22 +0000 (12:47 -0700)]
When encryption fails, reboot into recovery
Set flag on starting encryption to say it failed, and only clear
when we get into a recoverable state (partially or fully encrypted.)
Go to recovery on seeing this flag on boot
Bug:
16552363
Change-Id: I7e452b653edf3a087ecfaba8f81f41765a1c8daf
JP Abgrall [Tue, 29 Jul 2014 20:24:56 +0000 (13:24 -0700)]
fstrim: prep for supporting a deep trim ioctl
This adds an "fstrim dodtrim" command which will attempt to use
the FIDTRIM ioctl() if FIDTRIM is defined in the uapi/linux/fs.h.
If not, it will fail with EINVAL.
If no FIDTRIM is defined, it does not affect the "fstrim dotrim".
Change-Id: Icbfd621abb592b170db06f749e5eedfd1175f723
Cylen Yao [Tue, 22 Jul 2014 02:34:49 +0000 (10:34 +0800)]
Fix failure erasing SD in Factory reset
Initialize mIsDecrypted to prevent from formatting SD failure
Change-Id: I30851e6b01b0999bf0b8c1e4b8e3f3a976a41ad1
Signed-off-by: Cylen Yao <cylen.yao@mediatek.com>
(cherry picked from commit
5dbcbd03149af50db42dadeebf565333ce399182)
JP Abgrall [Fri, 25 Jul 2014 01:02:16 +0000 (18:02 -0700)]
vold: support "volume list [broadcast]" command
Sometimes when an sdcard is already mounted,
some info like uuid and label are not re-broadcast to new listeners.
The extra argument to list allows late listeners to catch up by asking
volume list to broadcast that info again.
Bug:
16253597
Bug:
16306775
Change-Id: Ie7d0c1132c22d307a5b2a0e50075a3716138d00b
Signed-off-by: Benson Huang <benson.huang@mediatek.com>
(cherry picked from commit
85f4700f44170b772697e627b3075dcb9137e1b7)
Daniel Rosenberg [Thu, 26 Jun 2014 22:35:24 +0000 (15:35 -0700)]
Fat.cpp: Tuned FAT parameters according to SD Association recommendations.
Updated cluster size to be 32k, and aligned the starting cluster of the root
directory to be cluster aligned.
Change-Id: I759997569f7a0263a076cc462b235a6cf54e0c5f
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Elliott Hughes [Thu, 26 Jun 2014 01:36:19 +0000 (18:36 -0700)]
Fix an accidental PRId64 to PRIx64.
Change-Id: Ic5313289d826bac74c3466b33f1f167a8f0955ad
Elliott Hughes [Thu, 26 Jun 2014 01:25:11 +0000 (18:25 -0700)]
resolved conflicts for merge of
afa60cee to master
Change-Id: I1568def8839bed4d4d2dadbd97194d5603edc627
Elliott Hughes [Thu, 26 Jun 2014 00:37:45 +0000 (00:37 +0000)]
am
c0c28675: Merge "Fix vold %lld to PRId64."
* commit '
c0c2867518eed4539444434c95fad8185a6ac08e':
Fix vold %lld to PRId64.
Elliott Hughes [Thu, 26 Jun 2014 00:28:33 +0000 (00:28 +0000)]
Merge "Fix vold %lld to PRId64."
Elliott Hughes [Thu, 26 Jun 2014 00:27:42 +0000 (17:27 -0700)]
Fix vold %lld to PRId64.
Change-Id: I6eb9f21fff124b8b22f4fae2ac74c2b41d93b384
JP Abgrall [Mon, 16 Jun 2014 20:01:23 +0000 (13:01 -0700)]
cryptfs: makefs F2FS if the partition type is F2FS.
When a crypto is enabled with a wipe flag (obsolete?),
it will correctly handle the fstab's choice for the fs type.
Remove the dead code for FAT_FS which was un-invocable.
Change-Id: I8d141a0d4d14df9fe84d3b131484e9696fcd8870
Signed-off-by: JP Abgrall <jpa@google.com>
Daniel Rosenberg [Wed, 11 Jun 2014 00:16:03 +0000 (17:16 -0700)]
Increase asec image size for reflecting ext4 reserved clusters
From Shawn Heo's patch:
Ext4 introduced reserved clusters to prevent costly zeroout, or
unexpected ENOSPC. The size is 2% or 4096 clusters, whichever
is smaller (http://lwn.net/Articles/546473/).
So, we need to allocate additionally this amount of free space
to asecs when vold create asec images. This is required when
Android runs on Linux kernel 3.10 or later.
see: https://android-review.git.corp.google.com/#/c/96160
Change-Id: Iacff16b8cf0314493c355fa741bcfa519f744d6c
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Daniel Rosenberg [Thu, 22 May 2014 18:23:56 +0000 (11:23 -0700)]
Added support for ext4 ASEC resizing.
ASECs formatted as ext4 can now be resized using vdc asec resize.
Refactored some common code.
Requires resize2fs.
Change-Id: Ie78bb6015114a7bc4af42b16d1f299322ffc1e2a
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Paul Lawrence [Mon, 9 Jun 2014 21:10:09 +0000 (14:10 -0700)]
On low power turn off rather than rebooting to allow device to charge
The code was using encrypted_upto == 0 as an indicator that encryption
has succeeded. This meant that if no encryption happened, we would reboot
continually.
We now set encrypted_upto to fs_size when encryption is complete.
Also don't start to encrypt unless we are at 10% power. Stop when we
get to 5% power. This should lead to partial encryptions only very
rarely.
Bug:
15513202
Change-Id: I6214d78579d1fbbe2f63ee8862473d86a89d29b3
The Android Automerger [Fri, 6 Jun 2014 15:42:06 +0000 (15:42 +0000)]
am
df293f14: merge in master-release history after reset to
b31f33b5e41bf295705b8f0c1582c6277e8fec64
* commit '
df293f14f5bdb4f572c7f836ebb0802a177836ff':
Fix encryption on Nakasi
Dan Albert [Thu, 5 Jun 2014 20:33:07 +0000 (20:33 +0000)]
am
ea256025: am
45faade2: Merge "Replaces uses of index() with strchr()."
* commit '
ea256025669f4a5dd8c59e4c70ec7154a198be48':
Replaces uses of index() with strchr().
Dan Albert [Thu, 5 Jun 2014 20:29:33 +0000 (20:29 +0000)]
am
45faade2: Merge "Replaces uses of index() with strchr()."
* commit '
45faade28ae9e245e7c611c26990254aba006d2a':
Replaces uses of index() with strchr().
Dan Albert [Thu, 5 Jun 2014 19:56:03 +0000 (19:56 +0000)]
Merge "Replaces uses of index() with strchr()."
Paul Lawrence [Wed, 4 Jun 2014 21:05:01 +0000 (14:05 -0700)]
Calculate time to go while encrypting
@bug
15159008
Change-Id: I6a96eeab180dceb0613202ba5d252036a0d5376f
Paul Lawrence [Wed, 4 Jun 2014 20:12:21 +0000 (13:12 -0700)]
Show correct percentage when encrypting used blocks only
Bug:
12975202
Change-Id: I7e4adfa2c4951055bbb2c11986a7784f465f586f
Dan Albert [Thu, 5 Jun 2014 18:44:40 +0000 (11:44 -0700)]
Replaces uses of index() with strchr().
Bionic is removing index() because it was removed from POSIX 2008.
Change-Id: I704fb8962ff2c08b8f12245d2db2118d410826b0
Daniel Rosenberg [Fri, 23 May 2014 20:47:00 +0000 (13:47 -0700)]
Fixed bugs with ASEC filesystem.
Changed ext4 to be 4kb aligned, and fat to be 32kb aligned.
Fixed issue that could potentially cause unencrypted ext4
ASECS to overwrite the ASEC super block when filled.
Change-Id: I890426c82ac9cbc65add85a8e3f5063504193c31
Signed-off-by: Daniel Rosenberg <drosen@google.com>
JP Abgrall [Tue, 27 May 2014 19:28:07 +0000 (19:28 +0000)]
am
099b20f3: am
1881395b: am
c6752b06: Merge "vold: wildcard support for device path matching"
* commit '
099b20f3ce42a49ba49a1a70a818047ea59612ad':
vold: wildcard support for device path matching
JP Abgrall [Tue, 27 May 2014 19:24:03 +0000 (19:24 +0000)]
am
1881395b: am
c6752b06: Merge "vold: wildcard support for device path matching"
* commit '
1881395b696017dfb40a01e718cc8dc2ea7a38e9':
vold: wildcard support for device path matching
JP Abgrall [Tue, 27 May 2014 19:21:48 +0000 (19:21 +0000)]
am
c6752b06: Merge "vold: wildcard support for device path matching"
* commit '
c6752b06987207bd69b12ad1feadd358e296d52e':
vold: wildcard support for device path matching
JP Abgrall [Tue, 27 May 2014 19:19:32 +0000 (19:19 +0000)]
Merge "vold: wildcard support for device path matching"
The Android Automerger [Thu, 22 May 2014 14:22:42 +0000 (07:22 -0700)]
merge in master-release history after reset to
b31f33b5e41bf295705b8f0c1582c6277e8fec64
The Android Automerger [Thu, 22 May 2014 12:51:14 +0000 (05:51 -0700)]
merge in master-release history after reset to
b31f33b5e41bf295705b8f0c1582c6277e8fec64
The Android Automerger [Wed, 21 May 2014 12:51:09 +0000 (05:51 -0700)]
merge in master-release history after reset to
b31f33b5e41bf295705b8f0c1582c6277e8fec64
The Android Automerger [Tue, 20 May 2014 12:51:25 +0000 (05:51 -0700)]
merge in master-release history after reset to
b31f33b5e41bf295705b8f0c1582c6277e8fec64
The Android Automerger [Mon, 19 May 2014 12:50:25 +0000 (05:50 -0700)]
merge in master-release history after reset to
b31f33b5e41bf295705b8f0c1582c6277e8fec64
The Android Automerger [Sun, 18 May 2014 12:50:13 +0000 (05:50 -0700)]
merge in master-release history after reset to
b31f33b5e41bf295705b8f0c1582c6277e8fec64
The Android Automerger [Sat, 17 May 2014 12:51:52 +0000 (05:51 -0700)]
merge in master-release history after reset to
b31f33b5e41bf295705b8f0c1582c6277e8fec64
Cylen Yao [Mon, 12 May 2014 07:56:14 +0000 (15:56 +0800)]
Support non-sequential partition index
Add support for the storage with non-sequential partition index
Ex: if using extended partition, the index of the partition will be greater than 5
[toddpoynor@google.com: fixup mPendingPartCount data type]
Change-Id: I5dbc870fbaac24045f5b994fcb899d5df73c6a55
Todd Poynor [Tue, 13 May 2014 02:10:53 +0000 (19:10 -0700)]
Updates for BatteryProperty 64-bit property values
Change-Id: I4838d384e14a7c2c0b607c0bd693e9c7bef75fb7
The Android Automerger [Thu, 15 May 2014 12:51:29 +0000 (05:51 -0700)]
merge in master-release history after reset to
8c008397141bf9a7d619eb2c53452bf3e397da39
Cylen Yao [Fri, 2 May 2014 11:23:42 +0000 (19:23 +0800)]
avoid fs_mkdirs when SD card removed
Must limit vold calls to fs_mkdirs() only when the volume is mounted.
If NOT, it will trigger selinux warning as follows.
audit(
1398835637.785:8): avc: denied { write } for pid=137 comm="vold" name="sdcard0" dev="rootfs" ino=3191 scontext=u:r:vold:s0 tcontext=u:object_r:rootfs:s0 tclass=dir
Change-Id: I1113fc961cbdd8bbd2fcbf740c2f504628c8399d
Signed-off-by: Cylen Yao <cylen.yao@mediatek.com>
The Android Automerger [Wed, 14 May 2014 12:51:48 +0000 (05:51 -0700)]
merge in master-release history after reset to
8c008397141bf9a7d619eb2c53452bf3e397da39
The Android Automerger [Tue, 13 May 2014 12:51:16 +0000 (05:51 -0700)]
merge in master-release history after reset to
8c008397141bf9a7d619eb2c53452bf3e397da39
The Android Automerger [Mon, 12 May 2014 12:50:20 +0000 (05:50 -0700)]
merge in master-release history after reset to
8c008397141bf9a7d619eb2c53452bf3e397da39
The Android Automerger [Sun, 11 May 2014 12:50:08 +0000 (05:50 -0700)]
merge in master-release history after reset to
8c008397141bf9a7d619eb2c53452bf3e397da39
The Android Automerger [Sat, 10 May 2014 12:51:27 +0000 (05:51 -0700)]
merge in master-release history after reset to
8c008397141bf9a7d619eb2c53452bf3e397da39
The Android Automerger [Thu, 8 May 2014 12:51:02 +0000 (05:51 -0700)]
merge in master-release history after reset to
8c008397141bf9a7d619eb2c53452bf3e397da39
Paul Lawrence [Tue, 6 May 2014 21:02:48 +0000 (14:02 -0700)]
Fix encryption on Nakasi
We need to make sure we don't try to read the flags on keymaster
version 2 or below, or we get random junk.
Requires
https://googleplex-android-review.git.corp.google.com/#/c/460689/
Bug:
14384714
Change-Id: I5a4ede1bec0347b8319cedaae6535201c122cf48
Paul Lawrence [Tue, 6 May 2014 21:02:48 +0000 (14:02 -0700)]
Fix encryption on Nakasi
We need to make sure we don't try to read the flags on keymaster
version 2 or below, or we get random junk.
Requires
https://googleplex-android-review.git.corp.google.com/#/c/460689/
Bug:
14384714
Change-Id: I5a4ede1bec0347b8319cedaae6535201c122cf48
Octavian Purdila [Mon, 5 May 2014 12:13:12 +0000 (15:13 +0300)]
vold: wildcard support for device path matching
Switching the kernel to the new sysfs layout (unselecting
CONFIG_SYSFS_DEPRECATED) complicates VolD block device recognition.
The uevents are reporting full specific paths, such as:
/devices/pci0000:0e/0000:0e:18.0/mmc_host/mmc0/mmc0:1234/block/mmcblk0
Because the full device path may contain variable IDs (in this MMC
case "1234") using full path entries in fstab does not work. Android
supports partial matches but only as a prefix at the beginning of the
path.
This patch adds support for matching shell wildcard patterns via
fnmatch(). The prefix matching rule is preserved, but if it is
detected a warning is issued.
Change-Id: Ia0c5eddec06bd71bec6ce838be3b5345278e0bab
Author: Octavian Purdila <octavian.purdila@intel.com>
Signed-off-by: Radu Moisan <radu.moisan@intel.com>
Signed-off-by: Jim Bride <jim.bride@intel.com>
Reviewed-by: Bergeron, Michael <michael.bergeron@intel.com>
Tested-by: Uyyala, Sridhar <sridhar.uyyala@intel.com>
Reviewed-by: Leung, Daniel <daniel.leung@intel.com>
Reviewed-by: Uyyala, Sridhar <sridhar.uyyala@intel.com>
JP Abgrall [Wed, 30 Apr 2014 12:50:51 +0000 (12:50 +0000)]
am
2d3c0c05: am
a821d50b: am
470f0b3f: Merge "Avoid segv by checking argc in "storage user <mountpoint>""
* commit '
2d3c0c05e9cce7bad6afd3ceacca85b297367894':
Nick Kralevich [Wed, 30 Apr 2014 12:50:50 +0000 (12:50 +0000)]
am
a7a612bf: am
15c3e01e: am
3c0d02aa: Merge "Convert all selinux_android_restorecon and _setfilecon calls to new API."
* commit '
a7a612bf9b302962908f709ccc27a781356ac73b':
Mark Salyzyn [Wed, 30 Apr 2014 12:50:50 +0000 (12:50 +0000)]
am
598fdf7a: am
3d9b98cc: am
1dc1fb4a: Merge "vold: suppress unused argument warning messages"
* commit '
598fdf7abe087a3f45b5ab0c932ad339b2e5bb4a':
Nick Kralevich [Wed, 30 Apr 2014 12:50:49 +0000 (12:50 +0000)]
am
e8a19bdb: am
9aace96c: am
311edc8c: Merge "Add SELinux restorecon calls on ASEC containers."
* commit '
e8a19bdba03cdb323732fc9d4178456a87ee11d5':
Colin Cross [Wed, 30 Apr 2014 12:50:49 +0000 (12:50 +0000)]
am
02cb9f5e: am
4c20805a: am
1d8e3ce8: Merge "vold: fix errors inside ALOGV"
* commit '
02cb9f5ea3c1177f89e7403bc253164e4a65cbfe':
JP Abgrall [Wed, 30 Apr 2014 01:00:10 +0000 (01:00 +0000)]
am
a821d50b: am
470f0b3f: Merge "Avoid segv by checking argc in "storage user <mountpoint>""
* commit '
a821d50bd43809414521590ebe65601b823f8095':
Nick Kralevich [Wed, 30 Apr 2014 01:00:10 +0000 (01:00 +0000)]
am
15c3e01e: am
3c0d02aa: Merge "Convert all selinux_android_restorecon and _setfilecon calls to new API."
* commit '
15c3e01e05359fb11ce5e63934d7c3d54d0d6e93':
Mark Salyzyn [Wed, 30 Apr 2014 01:00:09 +0000 (01:00 +0000)]
am
3d9b98cc: am
1dc1fb4a: Merge "vold: suppress unused argument warning messages"
* commit '
3d9b98cc833dc7c07da6bb0cc27926c68b63c276':
Nick Kralevich [Wed, 30 Apr 2014 01:00:09 +0000 (01:00 +0000)]
am
9aace96c: am
311edc8c: Merge "Add SELinux restorecon calls on ASEC containers."
* commit '
9aace96cd0f4606d48d7d9052fb134f80a5c961c':
Colin Cross [Wed, 30 Apr 2014 01:00:08 +0000 (01:00 +0000)]
am
4c20805a: am
1d8e3ce8: Merge "vold: fix errors inside ALOGV"
* commit '
4c20805a33ff194454e5cce3de44943a245e5a44':
Paul Lawrence [Fri, 18 Apr 2014 20:26:10 +0000 (20:26 +0000)]
Merge "Add keymaster support to cryptfs"
Paul Lawrence [Mon, 14 Apr 2014 19:17:14 +0000 (12:17 -0700)]
Add keymaster support to cryptfs
Use keymaster to wrap the cryptfs keys.
Requires selinux change
https://googleplex-android-review.git.corp.google.com/#/c/449411
Bug:
9467042
Change-Id: If25a01cb85ed193a271d61382de0560d85553b7e
Mohamad Ayyash [Wed, 16 Apr 2014 17:54:35 +0000 (17:54 +0000)]
Merge "vdc: fix segfault"
Mohamad Ayyash [Wed, 16 Apr 2014 01:08:05 +0000 (18:08 -0700)]
vdc: fix segfault
Change-Id: I1a35fe15b311d3f5203c5bc02d3db87e942cf554
Paul Lawrence [Fri, 4 Apr 2014 18:11:56 +0000 (18:11 +0000)]
Revert "Revert "Encrypt phone even if pattern or no keyguard""
Don't block based on keyguard type, and pass type to encryption function.
Requires:
https://googleplex-android-review.git.corp.google.com/#/c/444201/
or encryption will no longer work.
This reverts commit
efec3f2927c45979db2b78e7a6228d08aafb5e42.
Change-Id: I431589a56eb11118027e0a5a84f55e973b1084aa