summaryrefslogtreecommitdiffstats
path: root/Android.mk
Commit message (Collapse)AuthorAgeFilesLines
* vold: Update path to cryptfs_hwreplicant-6.0-0004-rc1replicant-6.0-0003replicant-6.0-0002replicant-6.0-0001c4572017-02-121-1/+1
| | | | | | * It's now a seprate project Change-Id: I636fde1ff07333580aab7b8ace9a5a98174e306e
* vold: Fix tool paths for minivoldMichael Bestas2016-05-091-1/+1
| | | | Change-Id: I4c90f0054f8cc83b5384bc2a9550ab172b202f01
* minivold: Use libblkid for readMetadataTom Marshall2016-03-101-1/+2
| | | | | | We cannot popen() /sbin/blkid because selinux. Change-Id: I0ba032c362dcfaa72443860071e5bd4d4d3b8270
* cryptfs: Set HW FDE flags when building libvoldmyfluxi2016-01-131-7/+10
| | | | Change-Id: I62e8fb77e60944edfb2a626c99df516cf959c4cc
* vold: Native NTFS kernel driver supportdhacker292015-12-131-0/+4
| | | | Change-Id: I825b2840a03e5cdab9b68f13fd5170acbbcec2e5
* vold: Fix native exfat driver supportKetut Putu Kumajaya2015-12-051-4/+4
| | | | Change-Id: I772368c0ec054a2ba86cf0ba0e37f07ba2b82fd2
* vold: Native exfat driver supportKetut Putu Kumajaya2015-12-041-0/+4
| | | | | | * exfat-nofuse https://github.com/dorimanx/exfat-nofuse Change-Id: I0b7d7b3f3e21defa83e08564b3fdb67a9957edc0
* minivold: Build as static library for linkage into recoveryTom Marshall2015-12-021-23/+1
| | | | Change-Id: I76045b8e95534e32e1304d535cd0b7d09eeebffc
* vold: Support internal storage partitionsTom Marshall2015-11-241-0/+1
| | | | | | | | | | | * Support nonremovable disks and expose a nonremovable flag in the DiskCreated message. * New DiskPartition class to hold single partitions. DiskPartition is used when the fs_mgr entry has a partnum (eg. when fs_mgr_flags contains voldmanaged=label:#). Override disk partitioning methods to prevent destroying the emmc. Change-Id: Id7ec3ea409b5c96e691730604e4b1e9cc3aa9d33
* vold: add support for more filesystems for public storageDan Pasanen2015-11-241-0/+2
| | | | | | | | | | * Add exfat and ntfs support based off f2fs and ported to use fuse * Add support for both along with f2fs and ext4 to PublicVolume * Also attempt to mount any volume if it's been determined that the kernel supports it Change-Id: I0a83761cefd97791e3ec84a18e199dfd27a5ed0b
* vold: minivold for recoveryTom Marshall2015-11-241-11/+52
| | | | | | | | | | | | * Build static linked minivold * Adjust tool paths for recovery * Skip ASEC and FUSE in recovery * Default volume label to fstab label * Add label "emulated" to emulated volume * Always send VolumeFsLabelChanged on volume creation * Add detach option to volume unmount Change-Id: I1a943dd3e606caa6bee6a0ec1df54fed365f769a
* Merge tag 'android-6.0.0_r26' into cm-13.0Ricardo Cerqueira2015-11-051-0/+12
|\ | | | | | | Android 6.0.0 release 26
| * Add tool for scrubbing files with BLKSECDISCARD.Paul Crowley2015-07-131-0/+12
| | | | | | | | | | | | | | | | Bug: 19706593 (based on work in commit 8d0cd7ffd903a753c6bb5c6f33987a7a66621cef) Change-Id: I9699275a63f2d0a110435bd4a725d7dfcce4ed90
* | vold: Add linkage for fs_mgr changesSteve Kondik2015-10-161-1/+5
|/ | | | Change-Id: Id6623ee558a43600e474ef89f318574bdc6ba25f
* Trim both internal and adopted private storage.Jeff Sharkey2015-07-011-1/+1
| | | | | | | | | | | | | Refactor fstrim code to be encapsulated in unique task object, and give it option of benchmarking when finished. Trimming now includes both storage from fstab and adopted private volumes. Cleaner timing stats are logged for each unique volume. Add wakelock during ongoing async move tasks. Push disk sysfs path to framework so it can parse any SD card registers as desired. Bug: 21831325 Change-Id: I76577685f5cae4929c251ad314ffdaeb5eb1c8bf
* Add f2fs support for private volumes.Jeff Sharkey2015-06-081-2/+3
| | | | | | | | | | | | | | When formatting volumes, pass along fsType string which can be "auto" to let the volume select the best choice. For now, private volumes assume that MMC devices (like SD cards) are best off using f2fs when both kernel support and tools are present, otherwise fall back to ext4. Use blkid when mounting to pick the right set of tools. Move filesystem utility methods into namespaces and place in separate directory to be more organized. Bug: 20275581 Change-Id: Id5f82d8672dda2e9f68c35b075f28232b0b55ed4
* Move crypt commands to a different listener in voldPaul Lawrence2015-06-041-0/+1
| | | | | | | | | | | In order to prevent this bug from happening, we must allow vold cryptfs commands to complete while a long running mount is underway. While waiting for vold to be changed to a binder interface, we will simply create two listeners, one for cryptfs and one for everything else. Bug: 19197175 Change-Id: If74142aa81abd58f718a9de6c9e387f6ea442754
* DO NOT MERGE Securely encrypt the master keyPaul Lawrence2015-05-291-0/+1
| | | | | | | | | | | | | | | | | | | | | | (cherry-picked from commit 707fd6c7cccc31c0ab0ec1a6ac8b6077c632fc35) Move all key management into vold Reuse vold's existing key management through the crypto footer to manage the device wide keys. Use ro.crypto.type flag to determine crypto type, which prevents any issues when running in block encrypted mode, as well as speeding up boot in block or no encryption. This is one of four changes to enable this functionality: https://android-review.googlesource.com/#/c/148586/ https://android-review.googlesource.com/#/c/148604/ https://android-review.googlesource.com/#/c/148606/ https://android-review.googlesource.com/#/c/148607/ Bug: 18151196 Change-Id: I3c68691717a61b5e1df76423ca0c02baff0dab98
* Initial pass at storage benchmarks.Jeff Sharkey2015-05-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | Now that we're offering to store private app data on adopted storage devices, the performance of those devices is much more important to overall user experience. To help set user expectations, this change offers to execute a real-world benchmark on a storage device, returning a metric that can be used to compare internal and external storage. The benchmark is generated from the strace-instrumented storage access patterns of typical apps. A typical device completes the benchmark in under two seconds on internal storage, a UHS-3 SD card is even faster (!), but a very slow Class 4 SD card takes about 30 seconds to complete, giving us a clear signal. The measured benchmark numbers are logged along with information about the storage device, such as manufacturer, model, etc. Card serial numbers are scrubbed from output. Bug: 21172095 Change-Id: I9b2713dafdfdfcf5d97bf1bc21841f39409a7e54
* Migrate primary external storage.Jeff Sharkey2015-04-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | When requested, kick off a thread that will migrate storage contents between two locations. This is performed in several steps that also interact with the framework: 1. Take old and new volumes offline during migration 2. Wipe new location clean (10% of progress) 3. Copy files from old to new (60% of progress) 4. Inform framework that move was successful so it can persist 5. Wipe old location clean (15% of progress) Derives a hacky progress estimate by using a rough proxy of free disk space changes while a cp/rm is taking place. Add new internal path for direct access to volumes to bypass any FUSE emulation overhead, and send it to framework. Remove mutex around various exec calls since setexeccon() is already per-thread. Bug: 19993667 Change-Id: Ibcb4f6fe0126d05b2365f316f53e71dc3e79a2b8
* am 959de99a: am f8c905e0: Merge "Add dependency on libsquashfs_utils due to ↵Mohamad Ayyash2015-04-071-0/+1
|\ | | | | | | | | | | | | fs_mgr dependency" * commit '959de99af47dec9ed7a3499ce57e4097be399d7d': Add dependency on libsquashfs_utils due to fs_mgr dependency
| * Add dependency on libsquashfs_utils due to fs_mgr dependencyMohamad Ayyash2015-04-061-0/+1
| | | | | | | | | | Change-Id: I894d18c2086a6532194f478853a9837eb4b6fc09 Signed-off-by: Mohamad Ayyash <mkayyash@google.com>
* | Remove unused code.Jeff Sharkey2015-04-011-2/+0
| | | | | | | | | | Bug: 19993667 Change-Id: I1f6519655c5a366eca25e2329e1bf95d81b3bf8c
* | Support for private (adopted) volumes.Jeff Sharkey2015-04-011-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
* | Update for libbase.Dan Albert2015-03-161-1/+2
| | | | | | | | Change-Id: I23b1281a63031a7481ea7b33c9ddbdbe7d3d6174
* | Checkpoint of better dynamic device support.Jeff Sharkey2015-03-131-2/+7
|/ | | | | | | | | | | | | | | | | | | | | | This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
* am 26970299: Merge "Remove superfluous OpenSSL include paths."Kenny Root2015-01-231-1/+0
|\ | | | | | | | | * commit '269702997153cdf92c65cfee277c76afed44e9e5': Remove superfluous OpenSSL include paths.
| * Remove superfluous OpenSSL include paths.Adam Langley2015-01-221-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | The libcrypto and libssl modules (and their respective static and host versions) use LOCAL_EXPORT_C_INCLUDE_DIRS thus just including the module is sufficient. Additionally, cryptfs.h was including an OpenSSL header just to get the length of a SHA-256 hash. Rather than force all users of this header to also depend on libcrypto, it's easier just to define that value in the header file. Change-Id: I3e3e0db906a212e1093944b298e4a8ff2e2fb07d
* | resolved conflicts for merge of 88aba541 to lmp-mr1-dev-plus-aospDan Albert2014-12-181-9/+12
|\| | | | | | | Change-Id: Ie5ef819dd8168cb6a73f84a881a92c116705fffc
| * Fix alignment of buffer used for dm_ioctl.Dan Albert2014-12-181-8/+12
| | | | | | | | | | | | | | | | | | | | Since the dm_ioctl struct was being allocated on the stack as a large character array, it was getting character alignment rather than the proper alignment for the struct. GCC had been getting away with this so far, but it's undefined behavior that clang managed to expose. Bug: 18736778 Change-Id: Ied275dfad7fcc41d712b2d02c8a185f499221f57
* | resolved conflicts for merge of 4be36106 to lmp-mr1-dev-plus-aospTim Murray2014-12-171-1/+4
|\| | | | | | | Change-Id: If504710a618d8c3adf85297d5fd2909558ed57a3
| * Make vold compile with -Werror -Wall.Tim Murray2014-12-181-1/+3
| | | | | | | | | | | | | | | | | | -Wno-missing-field-initializers is used as well, but that is an overzealous warning from initializing structs with {0} and not a real warning. bug 18736778 and 16868177 Change-Id: Iffde89cd7200d9a11193e1614f1819f9fcace30a
* | am a20bb17e: Merge "Move vold to GCC."Dan Albert2014-12-131-3/+3
|\| | | | | | | | | * commit 'a20bb17e4c6095a77425418d7eb0c1ceb50d05f7': Move vold to GCC.
| * Move vold to GCC.Dan Albert2014-12-121-3/+3
| | | | | | | | | | | | | | | | | | It looks like clang might have a miscompile that is causing SIGBUS in `ioctl_init` when the device is encrypted. Move back to GCC until we can sort this out. Bug: 18736778 Change-Id: I21ae3b9d7d9ebff8679ecc1a828b7c59f27d0903
* | resolved conflicts for merge of 87701e27 to lmp-mr1-dev-plus-aospIliyan Malchev2014-11-211-0/+7
|\ \ | |/ |/| | | Change-Id: Ie873baff626fe786515497f2e81aa9db2329168d
| * Adding support of dm-req-cryptAjay Dudani2014-11-211-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently Android provides disk encryption support using dm-crypt which is based on bios. dm-crypt uses 512 bytes packet size for crypto operations. While 512 bytes size packet is ok for SW based disk encryption, it is inefficient for HW based crypto engines. dm-req-crypt is similar to dm-crypt except it uses block requests rathe bios for crypto operations. block requests when unpacked carries data upto 512KB. Hence, HW based crypto engine can be used more efficiently. Also move create disk encryption key before framework start as HW based disk encryption creates key in secure side. Key creation can take sometime to create the key securely. If framework is started before creating the key, it is possible that framework requests service from secure side. Secure side can serve mostly one request at a time. Secure side may reject framework request if key creation request is still going on. This may cause problem in the system b/17475056 Enable hardware crypto for userdata encryption Change-Id: I5480ab72a37c02532218a18faaba598a824589fd Signed-off-by: Iliyan Malchev <malchev@google.com>
* | am 36859212: Merge "Move vold to libc++."Dan Albert2014-11-061-2/+2
|\ \ | | | | | | | | | | | | * commit '36859212614fd112e08dcf92065ee6db910769bb': Move vold to libc++.
| * | Move vold to libc++.Dan Albert2014-11-051-2/+2
| | | | | | | | | | | | | | | Bug: 15193147 Change-Id: Ib868f1ed8145ca5cbfdb4cd60ed0c47a6182ac62
* | | am 460a93a6: Merge "Move vold to clang so ASAN_ALL works."Dan Albert2014-11-061-0/+3
|\| | | | | | | | | | | | | | * commit '460a93a6d4d01bf0efa83acea0c84b4d43ab23c9': Move vold to clang so ASAN_ALL works.
| * | Move vold to clang so ASAN_ALL works.Dan Albert2014-10-211-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | ASAN_ALL uses ASAN for anything built with clang. Since some of vold's dependencies use clang, they will have unresolved ASAN symbols unless vold is also built with clang. There's no harm in just moving this project to clang. Change-Id: Ia6f412beb7bf092121bff2a5a980531636adcdb9
* | | resolved conflicts for merge of 2b2a0bec to lmp-dev-plus-aospDan Albert2014-09-121-18/+5
|\| | | |/ |/| | | Change-Id: I224499833777ef80d85c1199f475f5ed1568d053
| * Remove makefile cruft.Dan Albert2014-09-121-18/+5
| | | | | | | | | | | | Don't manually include stlport, and don't use private bionic headers. Change-Id: I44dd212fdd5874e625890c548e9d7bf3a9c27912
* | Revert "Revert "cryptfs: Added support for f2fs fast encryption""Daniel Rosenberg2014-08-151-0/+2
| | | | | | | | | | | | This reverts commit a70abc60091aed3c3eaf8bc8e1766e233c1c3a2f. Change-Id: Ic41d1924638586cf9b2297f91ed5417f3b0303c6
* | Revert "cryptfs: Added support for f2fs fast encryption"Jim Miller2014-08-151-2/+0
| | | | | | | | | | | | This reverts commit 74c01201dec12b5de43ba0f20a2f38e835cd00af. Change-Id: Ib397a2b5812179ee2e2b68de5d718077563adc1c
* | cryptfs: Added support for f2fs fast encryptionDaniel Rosenberg2014-08-151-0/+2
| | | | | | | | | | Bug: 15749466 Change-Id: I25452a05e1cbe90ac6603a89db9b720c7ab17e55 Signed-off-by: Daniel Rosenberg <drosen@google.com>
* | Add keymaster support to cryptfsPaul Lawrence2014-04-181-2/+7
| | | | | | | | | | | | | | | | | | | | Use keymaster to wrap the cryptfs keys. Requires selinux change https://googleplex-android-review.git.corp.google.com/#/c/449411 Bug: 9467042 Change-Id: If25a01cb85ed193a271d61382de0560d85553b7e
* | Don't corrupt ssd when encrypting and power failsPaul Lawrence2014-03-211-3/+8
| | | | | | | | | | | | | | | | | | | | Stop encryption when battery is low, mark position, and continue on reboot. Note - support for multiple encrypted volumes removed as no devices seem to exist with an fstab that uses this feature. If you want support for such a device, contact me and we will re-add it with appropriate testing. Bug: 13284213 Change-Id: I1f7178e4f7dd8ea816cbc03ab5c4f6543e98acaa
* | am ca3593df: am 311edc8c: Merge "Add SELinux restorecon calls on ASEC ↵Nick Kralevich2014-02-111-1/+2
|\| | | | | | | | | | | | | containers." * commit 'ca3593df3d48cb4b51acf89e6df4872b922fd51d': Add SELinux restorecon calls on ASEC containers.
| * Add SELinux restorecon calls on ASEC containers.Robert Craig2014-02-061-1/+2
| | | | | | | | | | | | | | | | | | | | This will allow fine-grained labeling of the contents of ASEC containers. Some of the contents need to be world readable and thus should be distinguishable in policy. Change-Id: Iefee74214d664acd262edecbb4f981d633ff96ce Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
* | am 8328e815: Merge "vold: remove from include path"Colin Cross2014-01-231-2/+1
|\| | | | | | | | | * commit '8328e8150f4e7b785785754f2d44794e7bab3577': vold: remove $(KERNEL_HEADERS) from include path
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-18 07:46:30 +0000