OSDN Git Service
Luis Hector Chavez [Tue, 5 Jun 2018 17:10:08 +0000 (10:10 -0700)]
resolve merge conflicts of
7bf98aa8a0c122aec9f3262fe1a24238d57ae8d0 to pi-dev-plus-aosp
BUG: None
Test: I solemnly swear I tested this conflict resolution.
Change-Id: I08252155f04e8b414f2149d8b29e5e2fff6bcc82
Luis Hector Chavez [Mon, 4 Jun 2018 23:22:48 +0000 (16:22 -0700)]
Merge "vold: Avoid SIGSEGVs when fstab lacks /data"
am:
e3017e0b18
Change-Id: Ib426ece8c295f58750de2526e9ca91c24791b731
Treehugger Robot [Mon, 4 Jun 2018 20:49:41 +0000 (20:49 +0000)]
Merge "vold: Avoid SIGSEGVs when fstab lacks /data"
Luis Hector Chavez [Wed, 30 May 2018 22:47:50 +0000 (15:47 -0700)]
vold: Avoid SIGSEGVs when fstab lacks /data
This change adds null-checks for all the places where cryptfs tries to
access the /data entry in fstab, to avoid crashes.
Bug:
80493321
Test: No crashes in Android-in-Chrome OS (which lacks /data in fstab)
Change-Id: Id6cdfe01cdd336cebf8afb9bdd07135811115182
Merged-In: Id6cdfe01cdd336cebf8afb9bdd07135811115182
Jeff Sharkey [Fri, 1 Jun 2018 23:03:58 +0000 (16:03 -0700)]
[automerger skipped] Merge commit '
635193ab36302e5f65e99c7df2f256cfd37068c7' into am-
b7f1a67b-2024-4274-aa7d-
e88e8cceb407 am:
9a35ab6a4f am:
f707f1bb88 am:
2b9a343319 -s ours
am:
8e7c2624bb
Change-Id: Id3d4b780bab0e36da7d6bb3abf932c947a8fad86
Jeff Sharkey [Fri, 1 Jun 2018 22:57:36 +0000 (15:57 -0700)]
[automerger skipped] Merge commit '
635193ab36302e5f65e99c7df2f256cfd37068c7' into am-
b7f1a67b-2024-4274-aa7d-
e88e8cceb407 am:
9a35ab6a4f am:
f707f1bb88
am:
2b9a343319 -s ours
Change-Id: Ibdcc6722750cfe7cb394a52d21de8e73ecdfd650
Jeff Sharkey [Fri, 1 Jun 2018 22:31:32 +0000 (15:31 -0700)]
Merge commit '
635193ab36302e5f65e99c7df2f256cfd37068c7' into am-
b7f1a67b-2024-4274-aa7d-
e88e8cceb407 am:
9a35ab6a4f
am:
f707f1bb88
Change-Id: I4d9e269f34cab043a7c437781187d9a47e0fa652
Jeff Sharkey [Fri, 1 Jun 2018 22:19:33 +0000 (15:19 -0700)]
Merge commit '
635193ab36302e5f65e99c7df2f256cfd37068c7' into am-
b7f1a67b-2024-4274-aa7d-
e88e8cceb407
am:
9a35ab6a4f
Change-Id: I273dc86e0b0580bef81e272a94043b269d7df402
Jeff Sharkey [Fri, 1 Jun 2018 22:03:06 +0000 (16:03 -0600)]
Merge commit '
635193ab36302e5f65e99c7df2f256cfd37068c7' into am-
b7f1a67b-2024-4274-aa7d-
e88e8cceb407
* commit '
635193ab36302e5f65e99c7df2f256cfd37068c7':
Require quotes when searching for blkid keys.
Bug:
80436257
Test: manual
Change-Id: I4cbae2d594edefa10e5e2c5236d17fe3d37818cd
Android Build Merger (Role) [Fri, 1 Jun 2018 21:46:12 +0000 (21:46 +0000)]
[automerger] Require quotes when searching for blkid keys. am:
ee5c7318d7 am:
98bb129cd3 am:
0c5a0d65c9 am:
7e51f8d0c4 am:
53fe89bbad am:
5716ee6d7a am:
4de0e883d0 am:
a7946bf9c6
Change-Id: I831bc503b1fdcf5a6a0c31ac0ded46d301c410ef
Android Build Merger (Role) [Fri, 1 Jun 2018 21:46:11 +0000 (21:46 +0000)]
[automerger] Require quotes when searching for blkid keys. am:
ee5c7318d7 am:
98bb129cd3 am:
0c5a0d65c9 am:
7e51f8d0c4 am:
53fe89bbad am:
5716ee6d7a am:
4de0e883d0
Change-Id: I66ce047987d59d1344cd46e14e07ae0d3cb4bf9a
Android Build Merger (Role) [Fri, 1 Jun 2018 21:46:09 +0000 (21:46 +0000)]
[automerger] Require quotes when searching for blkid keys. am:
ee5c7318d7 am:
98bb129cd3 am:
0c5a0d65c9 am:
7e51f8d0c4 am:
53fe89bbad am:
5716ee6d7a
Change-Id: Icf5c0c0a0c4f4aec605182111dcedf16f5a4ab95
Android Build Merger (Role) [Fri, 1 Jun 2018 21:46:08 +0000 (21:46 +0000)]
[automerger] Require quotes when searching for blkid keys. am:
ee5c7318d7 am:
98bb129cd3 am:
0c5a0d65c9 am:
7e51f8d0c4 am:
53fe89bbad
Change-Id: I87042d7d1d7b2cf9baeb3f28fd9ab31e5f97f62a
Android Build Merger (Role) [Fri, 1 Jun 2018 21:46:06 +0000 (21:46 +0000)]
[automerger] Require quotes when searching for blkid keys. am:
ee5c7318d7 am:
98bb129cd3 am:
0c5a0d65c9 am:
7e51f8d0c4
Change-Id: I5f21e49be9c536e51dbaadde0bd53545dc8cbaae
Android Build Merger (Role) [Fri, 1 Jun 2018 21:46:05 +0000 (21:46 +0000)]
[automerger] Require quotes when searching for blkid keys. am:
ee5c7318d7 am:
98bb129cd3 am:
0c5a0d65c9
Change-Id: I585336447c06e09b499ad2656b731105f1ebc4c4
Android Build Merger (Role) [Fri, 1 Jun 2018 21:46:04 +0000 (21:46 +0000)]
[automerger] Require quotes when searching for blkid keys. am:
ee5c7318d7 am:
98bb129cd3
Change-Id: I91516dfd0a046aa2763df3c09ef6e8570d7f1b55
Android Build Merger (Role) [Fri, 1 Jun 2018 21:46:02 +0000 (21:46 +0000)]
[automerger] Require quotes when searching for blkid keys. am:
ee5c7318d7
Change-Id: If8422cf170db4e05dbe4cf6c1ed4ebf8126b0c71
Jeff Sharkey [Fri, 1 Jun 2018 17:31:39 +0000 (11:31 -0600)]
Require quotes when searching for blkid keys.
In combination with a blkid change, this prevents the parsing logic
from getting confused by key names appearing inside values. (The
blkid change suppresses any quotes that appear inside values.)
Bug:
80436257
Test: manual
Change-Id: I9480ef6eb78254b812c671950875d0b8918a27c6
Shawn Willden [Thu, 17 May 2018 22:36:25 +0000 (15:36 -0700)]
Explain the rationale for not using StrongBox in vold.
am:
e763ed2aa3
Change-Id: I38d70389cec085fa44760ebe8bb0bd264b475e69
Shawn Willden [Thu, 17 May 2018 21:24:56 +0000 (15:24 -0600)]
Explain the rationale for not using StrongBox in vold.
Bug:
77338527
Test: Comment-only change.
Change-Id: I9f87e34854eabcc4c183553cf56a033970bb867e
Wei Wang [Thu, 17 May 2018 18:50:46 +0000 (11:50 -0700)]
Add rc file for wait_for_keymaster
am:
f5b085c13a
Change-Id: I67ed38f476466a284cf6090929d5c7ac8016b7e0
Wei Wang [Tue, 15 May 2018 23:12:20 +0000 (16:12 -0700)]
Add rc file for wait_for_keymaster
Similar to update_verifier, define higher prio and use exec_start for
this binary.
Bug:
79492334
Test: Reboot test
Change-Id: I8d3133cabcc8d4cee8bdead310f2c18d8d07e9dd
Dmitry Shmidt [Tue, 15 May 2018 20:35:52 +0000 (13:35 -0700)]
Merge "vold: Add nvme disk support" am:
6054bc3ded
am:
3a920e3f6e
Change-Id: Ie4946e65924fffae8b810b54658b64e34a543fb4
Dmitry Shmidt [Tue, 15 May 2018 20:25:50 +0000 (13:25 -0700)]
Merge "vold: Add nvme disk support"
am:
6054bc3ded
Change-Id: I1e4cfc3eaea77220c132e5e08683576059e8fe15
Treehugger Robot [Tue, 15 May 2018 19:33:57 +0000 (19:33 +0000)]
Merge "vold: Add nvme disk support"
Dmitry Shmidt [Sat, 12 May 2018 00:22:42 +0000 (17:22 -0700)]
vold: Add nvme disk support
Bug:
77482940
Test: Manual
Change-Id: Id0e7b3a0aa2083276109b0b2c9d1bcb81852582f
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Shawn Willden [Fri, 11 May 2018 16:45:32 +0000 (09:45 -0700)]
Merge "Do Keymaster HMAC key agreement in vold." into pi-dev
am:
a229dac0e7
Change-Id: I7fd1bc843ca31ca33e569e93047b1ce9e24e439c
TreeHugger Robot [Fri, 11 May 2018 16:38:40 +0000 (16:38 +0000)]
Merge "Do Keymaster HMAC key agreement in vold." into pi-dev
Paul Crowley [Fri, 11 May 2018 00:12:05 +0000 (17:12 -0700)]
Fix spurious error
am:
98a23a19d1
Change-Id: I82fbe9e616624917a9a8d2b7b968a4b0408eba58
Paul Crowley [Wed, 9 May 2018 20:01:16 +0000 (13:01 -0700)]
Fix spurious error
Bug:
79542247
Test: error no longer appears
Change-Id: I2cf91c8cd937b81041a47e4b64a882445a80eb0b
Paul Crowley [Thu, 10 May 2018 06:55:46 +0000 (23:55 -0700)]
add wait_for_keymaster
am:
8f82879901
Change-Id: I2f92e97d8f94b82500be3c371c84a5d3520bb643
Shawn Willden [Wed, 9 May 2018 14:12:10 +0000 (08:12 -0600)]
Do Keymaster HMAC key agreement in vold.
Bug:
79307225
Test: Boot
Change-Id: I6682e86076aa568907d94024ef175dbdede86557
Paul Crowley [Wed, 7 Feb 2018 22:41:26 +0000 (14:41 -0800)]
add wait_for_keymaster
Bug:
79228237
Test: boots with patch
Change-Id: I581bcd4c4dd92c5b7be70eb351ecba20225e1eee
Logan Chien [Tue, 8 May 2018 05:49:20 +0000 (22:49 -0700)]
[automerger skipped] Merge changes I3c14cfcf,I9d2ea66c,I9930105e am:
14540d9ceb
am:
b053bc0716 -s ours
Change-Id: I137a24f649b17abfba49d7f2f1d0a464d504aca4
Logan Chien [Tue, 8 May 2018 05:43:03 +0000 (22:43 -0700)]
Merge changes I3c14cfcf,I9d2ea66c,I9930105e
am:
14540d9ceb
Change-Id: I5fb6d27b98e0308f181f5bd2be8f1af967d37e42
Logan Chien [Tue, 8 May 2018 05:28:08 +0000 (05:28 +0000)]
Merge changes I3c14cfcf,I9d2ea66c,I9930105e
* changes:
Replace library headers with angle quotations
Reorder the include directives in cryptfs.cpp
Add linux/types.h to cryptfs.h
Logan Chien [Wed, 2 May 2018 03:39:03 +0000 (11:39 +0800)]
Replace library headers with angle quotations
This commit replaces the double quotations for library headers with
angle quotations.
Test: cd system/vold && mma
Change-Id: I3c14cfcf80f29173669409df548af84c1b39b96d
Merged-In: I3c14cfcf80f29173669409df548af84c1b39b96d
Logan Chien [Wed, 2 May 2018 03:36:45 +0000 (11:36 +0800)]
Reorder the include directives in cryptfs.cpp
This commit reorders the include directives in cryptfs.cpp so that
upcoming <cutils/log.h> change can be obvious.
Test: lunch aosp_walleye-userdebug && cd system/vold && mma
Change-Id: I9d2ea66c15b7b68014a67ba7c1420075953459ba
Merged-In: I9d2ea66c15b7b68014a67ba7c1420075953459ba
Logan Chien [Wed, 2 May 2018 02:57:56 +0000 (10:57 +0800)]
Add linux/types.h to cryptfs.h
This commit adds <linux/types.h> to cryptfs.h because cryptfs.h uses
`__le16` and `__le32` which are defined in <linux/types.h>.
The absence of <linux/types.h> will become an error after we sort the
headers in the upcoming commits.
Test: cd system/vold && mma
Change-Id: I9930105ee86f80a29295b59596b21335c68a8e23
Merged-In: I9930105ee86f80a29295b59596b21335c68a8e23
Logan Chien [Mon, 23 Apr 2018 05:37:39 +0000 (13:37 +0800)]
Deprecate <cutils/log.h> and <utils/Log.h>
This commit replaces <cutils/log.h> and <utils/Log.h> with <log/log.h>.
Background:
<cutils/log.h> has been moved to <log/log.h> for a while. Both
<cutils/log.h> and <utils/Log.h> simply includes <log/log.h> for
backward compatibility. This commit is a part of the effort to remove
<cutils/log.h> and <utils/Log.h> from the source tree eventually.
Bug:
78370064
Test: lunch aosp_walleye-userdebug && cd system/vold && mma
Change-Id: I1f9b7b132f9c35469e97556a30b521cc47e829d7
Logan Chien [Wed, 2 May 2018 03:39:03 +0000 (11:39 +0800)]
Replace library headers with angle quotations
This commit replaces the double quotations for library headers with
angle quotations.
Test: cd system/vold && mma
Change-Id: I3c14cfcf80f29173669409df548af84c1b39b96d
Logan Chien [Wed, 2 May 2018 03:36:45 +0000 (11:36 +0800)]
Reorder the include directives in cryptfs.cpp
This commit reorders the include directives in cryptfs.cpp so that
upcoming <cutils/log.h> change can be obvious.
Test: lunch aosp_walleye-userdebug && cd system/vold && mma
Change-Id: I9d2ea66c15b7b68014a67ba7c1420075953459ba
Logan Chien [Wed, 2 May 2018 02:57:56 +0000 (10:57 +0800)]
Add linux/types.h to cryptfs.h
This commit adds <linux/types.h> to cryptfs.h because cryptfs.h uses
`__le16` and `__le32` which are defined in <linux/types.h>.
The absence of <linux/types.h> will become an error after we sort the
headers in the upcoming commits.
Test: cd system/vold && mma
Change-Id: I9930105ee86f80a29295b59596b21335c68a8e23
Jaegeuk Kim [Sat, 21 Apr 2018 00:31:08 +0000 (17:31 -0700)]
Merge "vold: Idle-maint calls device GC" into pi-dev
am:
4a04cad4ec
Change-Id: I6a88f69f4eb1e9108ac0bf28a4066606000e1911
TreeHugger Robot [Fri, 20 Apr 2018 23:42:04 +0000 (23:42 +0000)]
Merge "vold: Idle-maint calls device GC" into pi-dev
Tri Vo [Tue, 17 Apr 2018 20:42:34 +0000 (13:42 -0700)]
Merge "Exclude /mnt/vendor from vold's ownership." into pi-dev
am:
b244714eea
Change-Id: Iefcaf167fe242f90ac715905f15dc88de0b154c8
TreeHugger Robot [Tue, 17 Apr 2018 19:16:55 +0000 (19:16 +0000)]
Merge "Exclude /mnt/vendor from vold's ownership." into pi-dev
Tri Vo [Mon, 16 Apr 2018 21:27:10 +0000 (14:27 -0700)]
Exclude /mnt/vendor from vold's ownership.
Addresses this selinux denial:
avc: denied { search } for name="vendor" dev="tmpfs" ino=11069
scontext=u:r:vold:s0 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir
permissive=0
Bug:
64905218
Test: fixes above denial.
Change-Id: I670b2148e65c7e0fcabd1e11f5bace0c4f4e18bd
Jaegeuk Kim [Tue, 13 Feb 2018 05:57:04 +0000 (21:57 -0800)]
vold: Idle-maint calls device GC
This activates device GCs in idle time.
F2FS GC = 7 mins
Trim = 1 mins
Dev GC = 2 mins
Bug:
63264275
Bug:
68721792
Change-Id: I843a742ef192ebe00d77c47a216d4200bc9ccb9d
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Jaegeuk Kim [Wed, 11 Apr 2018 04:08:04 +0000 (21:08 -0700)]
vold: set f2fs feature bit
am:
7db02ab5d1
Change-Id: I7c3bc9a276bb0cb1221465589a26b689600069b2
Jaegeuk Kim [Fri, 6 Apr 2018 05:43:25 +0000 (22:43 -0700)]
vold: set f2fs feature bit
Bug:
74604441
Bug:
67380979
Change-Id: Ifcb43fb4f8fbdf79e70cfa208af73073d815e254
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Daniel Rosenberg [Tue, 3 Apr 2018 20:49:04 +0000 (13:49 -0700)]
Merge "Remove waitpid on UnMount" am:
f6dbba8846
am:
1584dc0d1d
Change-Id: I6c2562f6fc075e8be7db2986e461f2c2dd092650
Daniel Rosenberg [Tue, 3 Apr 2018 20:37:19 +0000 (13:37 -0700)]
Merge "Remove waitpid on UnMount"
am:
f6dbba8846
Change-Id: I4e96e702bc9b2251cc2801a037177a2f7a154c75
Treehugger Robot [Tue, 3 Apr 2018 20:23:59 +0000 (20:23 +0000)]
Merge "Remove waitpid on UnMount"
Shawn Willden [Mon, 2 Apr 2018 20:50:49 +0000 (20:50 +0000)]
Disable use of StrongBox for encryption
am:
c1903ad3d6
Change-Id: Id3f2e2e0f695ebd8eaa1c3883f636a4773b96859
Shawn Willden [Fri, 30 Mar 2018 23:06:14 +0000 (17:06 -0600)]
Disable use of StrongBox for encryption
Until VerificationTokens are wired up, StrongBox can't work. Also,
this will reduce complications for early StrongBox testing.
Bug:
77338527
Test: Boot the device
Change-Id: I44a1577c388703aeecb2886e7db52084c17e2afd
Paul Crowley [Thu, 29 Mar 2018 23:23:58 +0000 (23:23 +0000)]
Gate use of allow_encrypt_override behind ro.crypto property
am:
385cb8c4d6
Change-Id: I91f057b853902b63028897640ba6bb8e3d13e223
Paul Crowley [Thu, 29 Mar 2018 20:27:23 +0000 (13:27 -0700)]
Gate use of allow_encrypt_override behind ro.crypto property
Test: use adb set-virtual-disk to create a virtual partition
Bug:
25861755
Change-Id: I6a227a083c82321c8d4d2d9188091a6f7f0451f0
Daniel Rosenberg [Mon, 12 Mar 2018 22:47:23 +0000 (15:47 -0700)]
Remove waitpid on UnMount
Since we no longer have the Fuse Daemon, we won't ever
need to stop the daemon when unmounting.
Bug:
33808187
Test: Run "adb shell ps | grep -w Z"
The sdcard daemon should not be listed.
Change-Id: I6bb9341785b711d81553393f7c3b56115c435236
Rubin Xu [Tue, 6 Mar 2018 23:07:19 +0000 (23:07 +0000)]
Remove secdiscard IPC call
am:
eb850f93ab
Change-Id: If4f758f34519cd7bf328a431dc9b14af5e475eed
Rubin Xu [Thu, 1 Mar 2018 16:48:27 +0000 (16:48 +0000)]
Remove secdiscard IPC call
No longer used by the framework, hence removing.
Bug:
62140539
Test: builds
Change-Id: I17b9818ea6121d84223a502949186cf679a83a90
Risan [Thu, 1 Mar 2018 02:19:51 +0000 (11:19 +0900)]
Remove libarcmounter dependency in Vold
Due to rerouting ArcBridge call through System Server, Vold doesn't need
to depend on ArcBridge-related C++ library anymore.
Bug:
64500663
Test: Compiled.
Change-Id: Ic93cbc8cec8496784960d5093fb7b12d43574ced
TreeHugger Robot [Sun, 25 Feb 2018 02:45:33 +0000 (02:45 +0000)]
Merge "Use unique_ptr<DIR> to safely release resources."
Jeff Sharkey [Sun, 25 Feb 2018 01:23:35 +0000 (18:23 -0700)]
Trim whitespace from sysfs values.
Test: builds, boots
Bug:
72740079
Change-Id: If364927ea762c7dee99bff5dc307e3b9b5355c2b
Jeff Sharkey [Sun, 25 Feb 2018 01:09:21 +0000 (18:09 -0700)]
Use unique_ptr<DIR> to safely release resources.
Test: builds, boots
Bug:
66995913
Change-Id: Ib580501fc979b63295b180250581dc7527de76b2
TreeHugger Robot [Fri, 23 Feb 2018 20:52:22 +0000 (20:52 +0000)]
Merge "Add ArcService AIDL in Vold"
Risan [Thu, 22 Feb 2018 23:12:37 +0000 (08:12 +0900)]
Add ArcService AIDL in Vold
This is needed to allow ARC++ Vold to interact with ArcBridgeService
through SystemServer.
Bug:
64500663
Test: Compiled, tested on device + cts in master-arc-dev (ag/
3488659)
Change-Id: I3b05b0f456ec99be9163877a2d83cdbf2bb94991
Jaegeuk Kim [Fri, 23 Feb 2018 03:39:10 +0000 (03:39 +0000)]
Merge "vold: Idle-maint issues discards fully"
Jaegeuk Kim [Sat, 17 Feb 2018 14:02:30 +0000 (06:02 -0800)]
vold: Idle-maint issues discards fully
Change-Id: Ib20a55e8761aa740b530803f029ecb36256fe9aa
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Greg Kaiser [Fri, 16 Feb 2018 21:35:35 +0000 (13:35 -0800)]
cryptfs: Optionally get crypto type as a property
Instead of hardcoding to "aes-cbc-essiv:sha256" with a 16 byte
key, we introduce a new property, "ro.crypto.fde_algorithm",
to allow the use of different crypto types. The only other
method we currently support is "speck128-xts-plain64" with
a 32 byte key, although new crypto types are easily added.
We intentionally derive things like the crypto name and the
keysize from the given property name. This means the code
must be changed for each new crypto type we want to support,
but that's worth it to remove the exploit vector of crypto
types with incorrect key sizes.
Due to previous refactoring CLs, this has minimal impact on
the current code other than changing what we return for
cryptfs_get_{keysize,crypto_name}.
Bug:
73079191
Test: Flashed onto a gobo device with the property set for SPECK, and confirmed via kernel debug output we were using SPECK on the device.
Change-Id: I9c9df61590344c5f62114dfbf679031b0c2ceb1f
Greg Kaiser [Fri, 16 Feb 2018 21:13:58 +0000 (13:13 -0800)]
cryptfs: Require ext disk crypt to match code
Our external partitions have no crypto header/footer, so we
only get the keysize and key. Our code has been implicitly
assuming that this keysize off of disk matches the crypto
type we have in our code (and thus matches the keysize our
code is using as well). We now make this assumption
explicit, and check for this and no longer allow external
code to pass a keysize in to cryptfs.
Bug:
73079191
Test: Compiled and tested in combination with other CLs.
Change-Id: I1a1996187e1aaad6f103982652b1bcdfd5be33ce
Greg Kaiser [Fri, 16 Feb 2018 21:01:36 +0000 (13:01 -0800)]
cryptfs: Use the crypt_mnt_ftr keysize
Our code has places where we were reading in the crypt_mnt_ftr
struct from disk, but then proceeding to use a hardcoded constant
for the keysize. We plan to allow crypto with different sized
keys in the future, so we want to just trust the keysize we get
off of disk.
While doing this, we reject any crypt_mnt_ftr we read from disk
which has a keysize in excess of MAX_KEY_LEN. This defends us
against buffer overflows in the case of corrupt disk data.
Bug:
73079191
Test: Compiled and tested in combination with other CLs.
Change-Id: Id6f192b905960e5508833e9cd3b4668d4754dc7e
Gao Xiang [Fri, 16 Feb 2018 01:42:39 +0000 (01:42 +0000)]
Merge "mFusePid should be cleared after waitpid successfully" am:
456483d193 am:
8be3be3167
am:
8fe7f3104b
Change-Id: I18199ce5f972f0a403728e34dec608a01fceb183
Gao Xiang [Fri, 16 Feb 2018 01:24:40 +0000 (01:24 +0000)]
Merge "mFusePid should be cleared after waitpid successfully" am:
456483d193
am:
8be3be3167
Change-Id: Ib55467c9719d5c578a51b0fc49b03dbc9bbe0870
Gao Xiang [Fri, 16 Feb 2018 01:04:45 +0000 (01:04 +0000)]
Merge "mFusePid should be cleared after waitpid successfully"
am:
456483d193
Change-Id: I61bf49cea396ebc8009a54740d7322249025acf0
Treehugger Robot [Thu, 15 Feb 2018 23:46:14 +0000 (23:46 +0000)]
Merge "mFusePid should be cleared after waitpid successfully"
Greg Kaiser [Thu, 15 Feb 2018 04:15:18 +0000 (20:15 -0800)]
cryptfs: Don't use bare integers for key size
Rather than use an integer and have a comment, we use a named
constant for sizing these master key buffers. This will help
avoid confusion when we switch to allowing different sized
master keys.
Bug:
73079191
Test: Build
Change-Id: Ifaffdd94d337bb2d5a178f818dfe00f9386ae03b
Greg Kaiser [Thu, 15 Feb 2018 04:05:54 +0000 (20:05 -0800)]
cryptfs: Clarify sizing of intermediate key
Some parts of the code were intermingling constants for the master
key and the intermediate key. That works at the moment because
these are the same size. But we'll be introducing logic allowing
different sized master keys, while keeping the intermediate the
same. To aid that introduction, we use separate constants for
the intermediate key.
Bug:
73079191
Test: Build
Change-Id: I22b1dbf18aff2f76229df1c898fc606d6c1af3ca
Greg Kaiser [Wed, 14 Feb 2018 19:26:12 +0000 (11:26 -0800)]
Revert "cryptfs: Don't hardcode ikey buffer size"
This reverts commit
f45a70c416e74437bfc10e7a1dab55746f3edf25.
Greg Kaiser [Wed, 14 Feb 2018 19:26:08 +0000 (11:26 -0800)]
Revert "cryptfs: Make decrypted key buffers large enough"
This reverts commit
4a35ef0a53d1f8041adc8bf49585e700bb7af803.
Greg Kaiser [Wed, 14 Feb 2018 19:26:00 +0000 (11:26 -0800)]
Revert "cryptfs: Optionally get crypt type from properties"
This reverts commit
291fec178925fe7cd724b3d345bfcfbb98d87f52.
Greg Kaiser [Sat, 10 Feb 2018 02:24:59 +0000 (18:24 -0800)]
cryptfs: Optionally get crypt type from properties
Instead of hardcoding to "aes-cbc-essiv:sha256", we introduce a
new property, "ro.crypto.crypt_type_name", to allow the use of
different crypt methods. The only other method we currently
support is "speck128-xts-plain64", although new methods are
easily added.
We intentionally derive things like the keysize from the given
crypt name, to reduce exploit vectors. We also only accept
crypt names the code has whitelisted.
The biggest impact is replacing the hard-coded KEY_LEN_BYTES.
For compile-time buffers, we use the MAX_KEY_LEN to assure they
will be big enough for any crypt type. For run-time sizing,
we use the value derived from our property.
Bug:
73079191
Test: On an encrypted gobo, booted successfully with (1) no property set, (2) proproperty set to invalid value (and confirmed we defaulted to aes), and (3) after wiping userdata, with property set to "speck128-xts-plain64", confirmed we were using SPECK.
Change-Id: Ic4e10840d6ee2a4d4df58582448e0f768e6f403f
Greg Kaiser [Sat, 10 Feb 2018 01:01:06 +0000 (17:01 -0800)]
cryptfs: Make decrypted key buffers large enough
Looking at the EVP_DecryptUpdate() documentation, we need a
buffer which isn't just the keysize, but also provides the
cipher block length minus one byte extra. For EVP_aes_128_cbc(),
that block length is 16, but we use the maximum block length to
be safe for any future cipher change.
For two of our decrypted_master_key usages, the buffer was
already sufficiently sized. But for one of our instances,
in cryptfs_enable_internal(), the buffer was previously
smaller than this. So this CL represents a possible behavior
change if we were ever overrunning that buffer.
Bug:
73079191,
73176599
Test: Flashed an encrypted sailfish and it booted.
Change-Id: Ic5043340910dc7d625e6e5baedbca5bd4b2bfb03
Greg Kaiser [Sat, 10 Feb 2018 00:11:38 +0000 (16:11 -0800)]
cryptfs: Don't hardcode ascii buffer size
We're removing hardcoded buffer sizes in anticipation of allowing
different keysizes. In this case, our buffer was sufficiently
large for all current cases. But if we ever changed the
crypt_mnt_ftr struct to allow larger keys, this code will adjust
with the change.
Bug:
73079191
Test: Flashed an encrypted sailfish and it booted.
Change-Id: I261e729a77b351e287fbb55327564fe512a23d47
Greg Kaiser [Fri, 9 Feb 2018 21:41:12 +0000 (13:41 -0800)]
cryptfs: Don't hardcode ikey buffer size
We were hardcoding the size of the ikey buffer, but then had logic
which used KEY_LEN_BYTES and IV_LEN_BYTES to offset into the array
and describe the length of its contents.
In anticipation of allowing the keysize to be set via a property,
instead of at compile time, we change this code to make the relation
between the keysize and the buffer size explicit.
Bug:
73079191
Test: Flashed an encrypted sailfish and it booted.
Change-Id: I109a5dc812662220e53163bfb4b5e51bf5abf185
Greg Kaiser [Fri, 9 Feb 2018 17:19:54 +0000 (09:19 -0800)]
cryptfs: Fix format string
Test: None
Change-Id: Id16acb4ed5e89e759b69ec2d2f2db54cc54f1959
Greg Kaiser [Fri, 9 Feb 2018 17:15:50 +0000 (09:15 -0800)]
cryptfs: Remove unused variable
We'll be allowing modifyable key sizes in the near future,
and want to remove this variable to reduce confusion with this
change.
Bug:
73079191
Test: None
Change-Id: I7047bb375553d8c46ff0724add697a5105ebc68c
Shawn Willden [Wed, 7 Feb 2018 22:06:06 +0000 (15:06 -0700)]
Prevent spurious call to keymaster abort().
During the analysis of b/
72953784 it was noticed that vold was calling
keymaster abort() and failing, though vold was succeeding with its
keymaster operation. This had nothing to do with the bug, but the
presence of the error appeared to implicate keymaster, and it's bad
form in any case. This CL correctly clears the mDevice member during
a move, so the destructor will not attempt to call abort.
Test: Build & boot
Bug:
72953784
Change-Id: Ib0700f829e87f19b089396087085585ddd6b96a5
Paul Crowley [Tue, 30 Jan 2018 17:48:19 +0000 (09:48 -0800)]
Add a mount with metadata encryption service
Don't use the FDE flow to support metadata encryption; just provide a
vold service which directly mounts the volume and use that.
Bug:
63927601
Test: Boot Taimen to SUW with and without metadata encryption.
Change-Id: Ifc6a012c02c0ea66893020ed1d0da4cba6914aed
Paul Crowley [Thu, 1 Feb 2018 17:53:27 +0000 (09:53 -0800)]
Refactor logging in EncryptInplace.cpp
Done as part of work towards metadata encryption.
Bug:
63927601
Test: Boot Taimen to SUW
Change-Id: I0f5fda0e002944ab658756c7cfcb386c3658a446
Shawn Willden [Mon, 22 Jan 2018 16:08:32 +0000 (09:08 -0700)]
Support Keymaster4
This CL changes vold from using a KM3 device directly to using the KM4
support wrapper from the KM4 support library, which supports both KM3
and KM4 devices (KM0, 1 and 2 devices are still supported as well,
because the default KM3 device is a wrapper that uses them).
In addition, I found myself getting confused about which "Keymaster"
types were locally-defined vold keymaster types and which were from
the KM4 HAL and support library, so I changd the approach to
referencing the latter, so all of them are qualified with the "km::"
namespace reference.
Test: Build & boot
Change-Id: I08ed5425641e7496f8597d5716cb3cd0cbd33a7f
Shawn Willden [Sat, 20 Jan 2018 16:37:36 +0000 (09:37 -0700)]
Clang-format Key{cpp|h} and KeyStorage.{cpp|h}
Test: Build & boot
Change-Id: I92bb107409f493770028cf6fd637d34af7644262
Andreas Huber [Mon, 22 Jan 2018 19:25:29 +0000 (11:25 -0800)]
Fingerprint data is now stored in one of two ways depending on the
shipping API version:
For devices shipped before Android P nothing changes, data
is stored under /data/system/users/<user-id>/fpdata/...
Devices shipped from now on will instead store
fingerprint data under /data/vendor_de/<user-id>/fpdata.
Support for /data/vendor_de and /data/vendor_ce has been added to vold.
Bug:
36997597
Change-Id: I615e90d1c9ab08e768a8713968fa043598a0a526
Test: manually
Risan [Mon, 22 Jan 2018 02:04:25 +0000 (11:04 +0900)]
[VOLD] Add ARC++ ObbMount shared lib
Unfortunately, static library dependency is not transitive (even if the
dependency is a shared library). So I am wrapping the libarcobbvolume's
dependency as libarcmounter shared library.
Bug:
64500663
Test: Compile
Change-Id: I12be7a9d885c7c1c043185bd134e0148d420c6fd
Jeff Sharkey [Fri, 19 Jan 2018 01:55:18 +0000 (10:55 +0900)]
Add basic exFAT support.
Several partners have been requesting exFAT support. Android doesn't
natively support exFAT, but we're at least willing to try mounting an
exFAT filesystem if we detect the Linux kernel supports it, and if
helper binaries are present.
This CL is simple scaffolding, and it provides no actual
implementation of exFAT.
Test: builds, boots
Bug:
67822822
Change-Id: Id4f8ec3967b32de6e1c0e3c4b47fe6e43a6291ab
TreeHugger Robot [Thu, 18 Jan 2018 01:39:19 +0000 (01:39 +0000)]
Merge "No double encryption on FDE+FBE SD cards"
Jeff Sharkey [Sat, 13 Jan 2018 02:12:30 +0000 (02:12 +0000)]
Merge "Add "default_normal" support to vold."
Jeff Sharkey [Fri, 12 Jan 2018 20:51:43 +0000 (20:51 +0000)]
Merge "Remove FIDTRIM." am:
35829f3968 am:
c1d81682e1
am:
bf0ab0439c -s ours
Change-Id: I9ad9f730409747a0c8b724bdb81eb93802425309
Jeff Sharkey [Fri, 12 Jan 2018 20:48:45 +0000 (20:48 +0000)]
Merge "Remove FIDTRIM." am:
35829f3968
am:
c1d81682e1
Change-Id: Ic16dc5e6347a5cfbe444401b5374c7682db551e4
Jeff Sharkey [Fri, 12 Jan 2018 20:43:37 +0000 (20:43 +0000)]
Merge "Remove FIDTRIM."
am:
35829f3968
Change-Id: I02bb4438d08a34cf0f8e41a8a7fd2123c492be38