| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
* It's now a seprate project
Change-Id: I636fde1ff07333580aab7b8ace9a5a98174e306e
|
|
|
|
| |
Change-Id: I4c90f0054f8cc83b5384bc2a9550ab172b202f01
|
|
|
|
|
|
| |
We cannot popen() /sbin/blkid because selinux.
Change-Id: I0ba032c362dcfaa72443860071e5bd4d4d3b8270
|
|
|
|
| |
Change-Id: I62e8fb77e60944edfb2a626c99df516cf959c4cc
|
|
|
|
| |
Change-Id: I825b2840a03e5cdab9b68f13fd5170acbbcec2e5
|
|
|
|
| |
Change-Id: I772368c0ec054a2ba86cf0ba0e37f07ba2b82fd2
|
|
|
|
|
|
| |
* exfat-nofuse https://github.com/dorimanx/exfat-nofuse
Change-Id: I0b7d7b3f3e21defa83e08564b3fdb67a9957edc0
|
|
|
|
| |
Change-Id: I76045b8e95534e32e1304d535cd0b7d09eeebffc
|
|
|
|
|
|
|
|
|
|
|
| |
* Support nonremovable disks and expose a nonremovable flag in the
DiskCreated message.
* New DiskPartition class to hold single partitions. DiskPartition is
used when the fs_mgr entry has a partnum (eg. when fs_mgr_flags
contains voldmanaged=label:#). Override disk partitioning methods
to prevent destroying the emmc.
Change-Id: Id7ec3ea409b5c96e691730604e4b1e9cc3aa9d33
|
|
|
|
|
|
|
|
|
|
| |
* Add exfat and ntfs support based off f2fs and ported to use
fuse
* Add support for both along with f2fs and ext4 to PublicVolume
* Also attempt to mount any volume if it's been determined that
the kernel supports it
Change-Id: I0a83761cefd97791e3ec84a18e199dfd27a5ed0b
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Build static linked minivold
* Adjust tool paths for recovery
* Skip ASEC and FUSE in recovery
* Default volume label to fstab label
* Add label "emulated" to emulated volume
* Always send VolumeFsLabelChanged on volume creation
* Add detach option to volume unmount
Change-Id: I1a943dd3e606caa6bee6a0ec1df54fed365f769a
|
|\
| |
| |
| | |
Android 6.0.0 release 26
|
| |
| |
| |
| |
| |
| |
| |
| | |
Bug: 19706593
(based on work in commit 8d0cd7ffd903a753c6bb5c6f33987a7a66621cef)
Change-Id: I9699275a63f2d0a110435bd4a725d7dfcce4ed90
|
|/
|
|
| |
Change-Id: Id6623ee558a43600e474ef89f318574bdc6ba25f
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor fstrim code to be encapsulated in unique task object, and
give it option of benchmarking when finished. Trimming now includes
both storage from fstab and adopted private volumes. Cleaner timing
stats are logged for each unique volume.
Add wakelock during ongoing async move tasks. Push disk sysfs path
to framework so it can parse any SD card registers as desired.
Bug: 21831325
Change-Id: I76577685f5cae4929c251ad314ffdaeb5eb1c8bf
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When formatting volumes, pass along fsType string which can be "auto"
to let the volume select the best choice. For now, private volumes
assume that MMC devices (like SD cards) are best off using f2fs when
both kernel support and tools are present, otherwise fall back to
ext4. Use blkid when mounting to pick the right set of tools.
Move filesystem utility methods into namespaces and place in separate
directory to be more organized.
Bug: 20275581
Change-Id: Id5f82d8672dda2e9f68c35b075f28232b0b55ed4
|
|
|
|
|
|
|
|
|
|
|
| |
In order to prevent this bug from happening, we must allow vold cryptfs
commands to complete while a long running mount is underway.
While waiting for vold to be changed to a binder interface, we will simply
create two listeners, one for cryptfs and one for everything else.
Bug: 19197175
Change-Id: If74142aa81abd58f718a9de6c9e387f6ea442754
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(cherry-picked from commit 707fd6c7cccc31c0ab0ec1a6ac8b6077c632fc35)
Move all key management into vold
Reuse vold's existing key management through the crypto footer
to manage the device wide keys.
Use ro.crypto.type flag to determine crypto type, which prevents
any issues when running in block encrypted mode, as well as speeding
up boot in block or no encryption.
This is one of four changes to enable this functionality:
https://android-review.googlesource.com/#/c/148586/
https://android-review.googlesource.com/#/c/148604/
https://android-review.googlesource.com/#/c/148606/
https://android-review.googlesource.com/#/c/148607/
Bug: 18151196
Change-Id: I3c68691717a61b5e1df76423ca0c02baff0dab98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that we're offering to store private app data on adopted storage
devices, the performance of those devices is much more important to
overall user experience.
To help set user expectations, this change offers to execute a
real-world benchmark on a storage device, returning a metric that can
be used to compare internal and external storage. The benchmark is
generated from the strace-instrumented storage access patterns of
typical apps.
A typical device completes the benchmark in under two seconds on
internal storage, a UHS-3 SD card is even faster (!), but a very slow
Class 4 SD card takes about 30 seconds to complete, giving us a clear
signal.
The measured benchmark numbers are logged along with information
about the storage device, such as manufacturer, model, etc. Card
serial numbers are scrubbed from output.
Bug: 21172095
Change-Id: I9b2713dafdfdfcf5d97bf1bc21841f39409a7e54
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When requested, kick off a thread that will migrate storage contents
between two locations. This is performed in several steps that
also interact with the framework:
1. Take old and new volumes offline during migration
2. Wipe new location clean (10% of progress)
3. Copy files from old to new (60% of progress)
4. Inform framework that move was successful so it can persist
5. Wipe old location clean (15% of progress)
Derives a hacky progress estimate by using a rough proxy of free
disk space changes while a cp/rm is taking place.
Add new internal path for direct access to volumes to bypass any
FUSE emulation overhead, and send it to framework. Remove mutex
around various exec calls since setexeccon() is already per-thread.
Bug: 19993667
Change-Id: Ibcb4f6fe0126d05b2365f316f53e71dc3e79a2b8
|
|\
| |
| |
| |
| |
| |
| | |
fs_mgr dependency"
* commit '959de99af47dec9ed7a3499ce57e4097be399d7d':
Add dependency on libsquashfs_utils due to fs_mgr dependency
|
| |
| |
| |
| |
| | |
Change-Id: I894d18c2086a6532194f478853a9837eb4b6fc09
Signed-off-by: Mohamad Ayyash <mkayyash@google.com>
|
| |
| |
| |
| |
| | |
Bug: 19993667
Change-Id: I1f6519655c5a366eca25e2329e1bf95d81b3bf8c
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds support for private volumes which is just a filesystem
wrapped in a dm-crypt layer. For now we're using the exact same
configuration as internal encryption (aes-cbc-essiv:sha256), but we
don't store any key material on the removable media. Instead, we
store the key on internal storage, and use the GPT partition GUID
to identify which key should be used.
This means that private external storage is effectively as secure as
the internal storage of the device. That is, if the internal storage
is encrypted, then our external storage key is also encrypted.
When partitioning disks, we now support a "private" mode which has
a PrivateVolume partition, and a currently unused 16MB metadata
partition reserved for future use. It also supports a "mixed" mode
which creates both a PublicVolume and PrivateVolume on the same
disk. Mixed mode is currently experimental.
For now, just add ext4 support to PrivateVolume; we'll look at f2fs
in a future change. Add VolumeBase lifecycle for setting up crypto
mappings, and extract blkid logic into shared method. Sprinkle some
more "static" around the cryptfs code to improve invariants.
Bug: 19993667
Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
|
| |
| |
| |
| | |
Change-Id: I23b1281a63031a7481ea7b33c9ddbdbe7d3d6174
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the first in a series of changes that are designed to
introduce better support for dynamic block devices.
It starts by defining a new Volume object which represents a storage
endpoint that knows how to mount, unmount, and format itself. This
could be a filesystem directly on a partition, or it could be an
emulated FUSE filesystem, an ASEC, or an OBB.
These new volumes can be "stacked" so that unmounting a volume will
also unmount any volumes stacked above it. Volumes that provide
shared storage can also be asked to present themselves (through bind
mounts) into user-specific mount areas.
This change also adds a Disk class which is created based on block
kernel netlink events. Instead of waiting for partition events from
the kernel, it uses gptfdisk to read partition details and creates
the relevant Volume objects.
Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
|
|\
| |
| |
| |
| | |
* commit '269702997153cdf92c65cfee277c76afed44e9e5':
Remove superfluous OpenSSL include paths.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The libcrypto and libssl modules (and their respective static and host
versions) use LOCAL_EXPORT_C_INCLUDE_DIRS thus just including the module
is sufficient.
Additionally, cryptfs.h was including an OpenSSL header just to get the
length of a SHA-256 hash. Rather than force all users of this header to
also depend on libcrypto, it's easier just to define that value in the
header file.
Change-Id: I3e3e0db906a212e1093944b298e4a8ff2e2fb07d
|
|\|
| |
| |
| | |
Change-Id: Ie5ef819dd8168cb6a73f84a881a92c116705fffc
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since the dm_ioctl struct was being allocated on the stack as a large
character array, it was getting character alignment rather than the
proper alignment for the struct. GCC had been getting away with this
so far, but it's undefined behavior that clang managed to expose.
Bug: 18736778
Change-Id: Ied275dfad7fcc41d712b2d02c8a185f499221f57
|
|\|
| |
| |
| | |
Change-Id: If504710a618d8c3adf85297d5fd2909558ed57a3
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
-Wno-missing-field-initializers is used as well, but that is an
overzealous warning from initializing structs with {0} and not a
real warning.
bug 18736778 and 16868177
Change-Id: Iffde89cd7200d9a11193e1614f1819f9fcace30a
|
|\|
| |
| |
| |
| | |
* commit 'a20bb17e4c6095a77425418d7eb0c1ceb50d05f7':
Move vold to GCC.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It looks like clang might have a miscompile that is causing SIGBUS in
`ioctl_init` when the device is encrypted. Move back to GCC until we
can sort this out.
Bug: 18736778
Change-Id: I21ae3b9d7d9ebff8679ecc1a828b7c59f27d0903
|
|\ \
| |/
|/|
| | |
Change-Id: Ie873baff626fe786515497f2e81aa9db2329168d
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently Android provides disk encryption support using dm-crypt
which is based on bios. dm-crypt uses 512 bytes packet size for
crypto operations. While 512 bytes size packet is ok for SW based
disk encryption, it is inefficient for HW based crypto engines.
dm-req-crypt is similar to dm-crypt except it uses block requests
rathe bios for crypto operations. block requests when unpacked
carries data upto 512KB. Hence, HW based crypto engine can be used
more efficiently.
Also move create disk encryption key before framework start as
HW based disk encryption creates key in secure side. Key creation
can take sometime to create the key securely. If framework is
started before creating the key, it is possible that framework
requests service from secure side. Secure side can serve mostly one
request at a time. Secure side may reject framework request if key
creation request is still going on. This may cause problem in the
system
b/17475056 Enable hardware crypto for userdata encryption
Change-Id: I5480ab72a37c02532218a18faaba598a824589fd
Signed-off-by: Iliyan Malchev <malchev@google.com>
|
|\ \
| | |
| | |
| | |
| | | |
* commit '36859212614fd112e08dcf92065ee6db910769bb':
Move vold to libc++.
|
| | |
| | |
| | |
| | |
| | | |
Bug: 15193147
Change-Id: Ib868f1ed8145ca5cbfdb4cd60ed0c47a6182ac62
|
|\| |
| | |
| | |
| | |
| | | |
* commit '460a93a6d4d01bf0efa83acea0c84b4d43ab23c9':
Move vold to clang so ASAN_ALL works.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
ASAN_ALL uses ASAN for anything built with clang. Since some of vold's
dependencies use clang, they will have unresolved ASAN symbols unless
vold is also built with clang. There's no harm in just moving this
project to clang.
Change-Id: Ia6f412beb7bf092121bff2a5a980531636adcdb9
|
|\| |
| |/
|/|
| | |
Change-Id: I224499833777ef80d85c1199f475f5ed1568d053
|
| |
| |
| |
| |
| |
| | |
Don't manually include stlport, and don't use private bionic headers.
Change-Id: I44dd212fdd5874e625890c548e9d7bf3a9c27912
|
| |
| |
| |
| |
| |
| | |
This reverts commit a70abc60091aed3c3eaf8bc8e1766e233c1c3a2f.
Change-Id: Ic41d1924638586cf9b2297f91ed5417f3b0303c6
|
| |
| |
| |
| |
| |
| | |
This reverts commit 74c01201dec12b5de43ba0f20a2f38e835cd00af.
Change-Id: Ib397a2b5812179ee2e2b68de5d718077563adc1c
|
| |
| |
| |
| |
| | |
Bug: 15749466
Change-Id: I25452a05e1cbe90ac6603a89db9b720c7ab17e55
Signed-off-by: Daniel Rosenberg <drosen@google.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use keymaster to wrap the cryptfs keys.
Requires selinux change
https://googleplex-android-review.git.corp.google.com/#/c/449411
Bug: 9467042
Change-Id: If25a01cb85ed193a271d61382de0560d85553b7e
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Stop encryption when battery is low, mark position, and continue on reboot.
Note - support for multiple encrypted volumes removed as no devices seem
to exist with an fstab that uses this feature. If you want support for such
a device, contact me and we will re-add it with appropriate testing.
Bug: 13284213
Change-Id: I1f7178e4f7dd8ea816cbc03ab5c4f6543e98acaa
|
|\|
| |
| |
| |
| |
| |
| | |
containers."
* commit 'ca3593df3d48cb4b51acf89e6df4872b922fd51d':
Add SELinux restorecon calls on ASEC containers.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This will allow fine-grained labeling of the
contents of ASEC containers. Some of the contents
need to be world readable and thus should be
distinguishable in policy.
Change-Id: Iefee74214d664acd262edecbb4f981d633ff96ce
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
|
|\|
| |
| |
| |
| | |
* commit '8328e8150f4e7b785785754f2d44794e7bab3577':
vold: remove $(KERNEL_HEADERS) from include path
|