| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, vold only supports MMC (for SD cards) and SCSI (for USB
drives) devices. It does not recognize any device whose major number is
not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one
such device. It is used by the new Android emulator (a.k.a. qemu2,
featuring the "ranchu" virtual board) for SD card emulation.
In order to make this virtio-blk based SD card device appear in Android
and appear as an SD card (rather than a USB drive), changes have to be
made to both vold (wherever the device major number is checked) and
ranchu's storage configuration. This CL implements former.
This is a stop-gap solution for emulator in nyc.
A longer term solution in-tune with upstream kernel is in the pipes.
Updated from aosp/master version.
BUG:27431753
Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c
Signed-off-by: Yu Ning <yu.ning@intel.com>
(cherry picked from commit 5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
|
|\ |
|
| |
| |
| |
| |
| | |
Bug: 27440526
Change-Id: I818450252dcd39f21948fc2e70856659eba5f50f
|
|/
|
|
|
| |
Bug: 27444691
Change-Id: I0d30e8883fe655c90cda47ab167a878764ea0802
|
|
|
|
|
|
|
|
|
|
|
| |
This is a special profile folder where apps will leave profile markers
for the dex files they load and don't own. System server will read the
markers and decide if the apks should be fully compiled instead of
profile guide compiled.
Bug: 27334750
Bug: 26080105
Change-Id: Ib18f20cf78a8dbfc465610ec6ceec52699c5420a
|
|
|
|
|
|
| |
Bug: 26719109
Bug: 26563023
Change-Id: I4737b7f73df74b2b787a62db2e231f136115b359
|
|
|
|
|
| |
Bug: 26948053
Change-Id: I8c117bfe5e85e73af72b6ecafea39924f3561c7c
|
|
|
|
|
| |
Bug: 27056334
Change-Id: Ifa7f776c21c439f89dad7836175fbd045e1c603e
|
|\ |
|
| |
| |
| |
| |
| | |
Bug: 27061863
Change-Id: Id998bb4534f657079e95718ef52af3f23100fb10
|
| |
| |
| |
| | |
Change-Id: Ib3592b598ee07bc71a6f9507570bf4623c1cdd6a
|
| |
| |
| |
| | |
Change-Id: I4d6156332cfc847e25e7c8863fd6a50fa325fb87
|
|/
|
|
|
|
| |
Also fix a PLOG that should be a LOG.
Change-Id: Ic5ae288c37b6e236172f9e38349c2d0d530bfd4d
|
|
|
|
|
| |
Bug: 27075797
Change-Id: I835d17d02ea50a88ef0a5322a30e04f3d0237019
|
|
|
|
| |
Change-Id: Ic51f375e500cd61bda926e3b039126a840ed89f0
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added a new call change_user_key which changes the way that disk
encryption keys are protected; a key can now be protected with a
combination of an auth token and a secret which is a hashed password.
Both of these are passed to unlock_user_key.
This change introduces a security bug, b/26948053, which must be fixed
before we ship.
Bug: 22950892
Change-Id: Iac1e45bb6f86f2af5c472c70a0fe3228b02115bf
|
|/
|
|
|
|
|
|
|
|
| |
Add new misc directories to list of paths that we lock/unlock in
emulation mode. When booting a device without native-FBE and without
emulation, make sure we "unlock" any emulated settings on user 0;
MountService handles this for secondary users later during boot.
Bug: 27069522
Change-Id: I15c7cf00a7231ce99b2e4e11a25106d7b87e70cc
|
|\ |
|
| |
| |
| |
| |
| |
| | |
BUG=26147865
Change-Id: I1812c46d0f80eaea9a9a3fa944bc4d0126ae8ba1
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Give callers the option of preparing CE and/or DE storage. The
framework will only prepare CE storage after the CE keys have been
unlocked for that user.
When init is calling enablecrypto, kick off the work in a thread so
that we can make other calls back into vold without causing
deadlock. Leaves blocking call intact for framework callers.
Clean up 'vdc' tool to send useful transaction numbers, and
actually watch for the matching result to come back. This fixes
race conditions when there are multiple 'vdc' callers.
Also add other system and misc directories to match spec.
Bug: 25796509
Change-Id: Ie4f853db6e387916b845d2b5fb92925d743b063d
|
| |
| |
| |
| | |
Change-Id: I5728f03dbde6621e410efcda1d93054915793407
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
New style logging
Remove set/get field from e4crypt
Save keys to temp file then rename
See https://googleplex-android-review.git.corp.google.com/#/c/858922/
Change-Id: I454c3f78489b491ffc1230a70dce64935e4e0f8a
|
|/
|
|
| |
Change-Id: I420f548115c1b55e62b193c60d569fdda518af1a
|
|
|
|
| |
Change-Id: Ie179cb09f9f24382afd0fe0f3aa2a1ad943a7f5d
|
|\ |
|
| |
| |
| |
| |
| |
| | |
BUG=26148108
Change-Id: I2297fd227a4c607054e0403e73bd9c857f580a1c
|
|\ \
| | |
| | |
| | | |
Change-Id: I69f36f560334b11b099f2eb15999603dd2469d4f
|
| |\ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
am: 6f69ee094c
* commit '6f69ee094cabcd052a4742089fcae8e92cf7f924':
cryptfs: run e2fsck/fsck.f2fs in fsck domain
|
| | |\ \ |
|
| | |/ /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
e2fsck and fsck.f2fs must run in the fsck domain. Add call to
setexeccon() to tell selinux to run in the fsck domain on exec.
Addresses:
avc: denied { execute_no_trans } for path="/system/bin/e2fsck" dev="mmcblk0p41" ino=241 scontext=u:r:vold:s0 tcontext=u:object_r:fsck_exec:s0 tclass=file
Bug: 26872236
Change-Id: Ib2a583aeefc667f8aa67532e0ac0ff9619b65461
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
FBE devices need a factory reset after this change.
Bug: 26704408
Change-Id: I150b82a13a4a007d9a8997ef6a676e96576356b2
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Mainly a refactor, but with a substantive change: Keys are created in
a temporary location, then moved to their final destination, for
atomicity.
Bug: 26704408
Change-Id: I0b2dc70d6bfa1f8a65536dd05b73c4b36a4699cf
|
| |_|/
|/| |
| | |
| | | |
Change-Id: Icf746ec1968a073fde707ecc788b648f5803fd38
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Our code for creating disk encryption keys doesn't work everywhere,
and it doesn't need to; only on platforms that support FBE. Don't
create them elsewhere.
Bug: 26842807
Change-Id: I686d0ffd7cb3adbddfce661c22ce18f66acb1aba
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The key storage module didn't comply with Android coding standards
and had room for improvemnet in a few other ways, so have cleaned up.
Change-Id: I260ccff316423169cf887e538113b5ea400892f2
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Instead of writing raw keys, encrypt the keys with keymaster. This
paves the way to protecting them with auth tokens and passwords later.
In addition, fold in the hash of a 16k file into their encryption, to
ensure secure deletion works properly.
Now even C++ier!
Bug: 22502684
Bug: 22950892
Change-Id: If70f139e342373533c42d5a298444b8438428322
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Avoid ENOTCONN for file system operations.
bug: 26645585
bug: 26070583
Change-Id: I19b00db37ef7ba85a2cae16c7c4204826653f559
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As a precaution, we do the work of emulating an unlock even on devices
that aren't emulating FBE. However, we don't care if it fails, so
don't fail the calling command in that instance.
Bug: 26713622
Change-Id: I8c5fb4b9a130335ecbb9b8ea6367f1c59835c0f1
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Major rework and refactor of FBE code to load the keys at the right
time and in a natural way. The old code was aimed at our goals for M,
with patches on top, and didn't quite work.
Bug: 22358539
Change-Id: I9bf7a0a86ee3f2abf0edbd5966f93efac2474c2c
|
| | |
| | |
| | |
| | |
| | | |
Bug: 26466827
Change-Id: Id5f05298c2cb5f3cf288df37ddf0a196ca49949b
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
After DocumentsProvider opens FD on app fuse, DocumentProvider passes it
to other applications. To allow other applications to use the FD on app
fuse, we need to specify allow_other mount option.
BUG=25756419
Change-Id: I3c729f90e5b822a7b1032bf80726cc234c0936b1
|
|\ \ \ \
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
uninitialize block bitmap ." am: 1ae498e0d4
am: 9b5db9bcbe
* commit '9b5db9bcbe333b677ca18d2c1c398c8751cd0fd2':
cryptfs: Skip to encrtypt unused blocks into a block group which uninitialize block bitmap .
|
| |\ \ \
| | | |/
| | |/|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
uninitialize block bitmap ."
am: 1ae498e0d4
* commit '1ae498e0d4524aef6de2f1e3b639697ac24b29b2':
cryptfs: Skip to encrtypt unused blocks into a block group which uninitialize block bitmap .
|
| | |\ \
| | | | |
| | | | |
| | | | | |
uninitialize block bitmap ."
|
| | |/ /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
uninitialize block bitmap .
Bug: 198288
Change-Id: Iaa1a14fd916ddec8dc1a4be18d49732ebcba6884
Signed-off-by: liminghao <liminghao@xiaomi.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Much nicer C++ style logging, but the main reason is to clean up
AutoCloseFD.h so I don't have to use cutils to use it.
Change-Id: I7a7f227508418046eecce6c89f813bd8854f448a
|
| |_|/
|/| |
| | |
| | |
| | |
| | | |
BUG=25756420
Change-Id: I75b41f135c172d400e57a72a2be0473546781475
|