Elliott Hughes
3097d0e151
am 6d24e086: Merge "Remove dead code."
...
* commit '6d24e0866f61aba0ac3023408ead083ad9b6cdab':
Remove dead code.
9 years ago
Elliott Hughes
6d24e0866f
Merge "Remove dead code."
9 years ago
Elliott Hughes
c569f528a2
Remove dead code.
...
Change-Id: I042f8aacfa8a7900b5684aaa24da368cdcb41b1f
9 years ago
Jeff Sharkey
7206b42bad
am eddf9bd6: Request specific tags from blkid.
...
* commit 'eddf9bd63c1f7e0f9709f7c58a1035fa43338325':
Request specific tags from blkid.
9 years ago
Jeff Sharkey
e7fead0424
am 0c4ce9b0: am 008c1ac2: am eddf9bd6: Request specific tags from blkid.
...
* commit '0c4ce9b030a8e72ca4c5c8580183bc0e94896a1b':
Request specific tags from blkid.
9 years ago
Jeff Sharkey
0c4ce9b030
am 008c1ac2: am eddf9bd6: Request specific tags from blkid.
...
* commit '008c1ac225c1ca29f38b57203d82a63f6f85b865':
Request specific tags from blkid.
9 years ago
Jeff Sharkey
008c1ac225
am eddf9bd6: Request specific tags from blkid.
...
* commit 'eddf9bd63c1f7e0f9709f7c58a1035fa43338325':
Request specific tags from blkid.
9 years ago
Jeff Sharkey
eddf9bd63c
Request specific tags from blkid.
...
Otherwise blkid can emit tags like SEC_TYPE which mess with the value
extraction code.
Bug: 23069906
Change-Id: Id2a588ff43a538747d1e44cd8218c96ebd0192c2
9 years ago
Jeff Sharkey
228f9509e1
am 47f0531e: am 4fc30636: am 1bd078fa: Protect runtime storage mount points.
...
* commit '47f0531ec9adf7a29873ccdb11a1ee7b11e76c80':
Protect runtime storage mount points.
9 years ago
Jeff Sharkey
47f0531ec9
am 4fc30636: am 1bd078fa: Protect runtime storage mount points.
...
* commit '4fc30636065aa819a866cfcb3962d55b37db3312':
Protect runtime storage mount points.
9 years ago
Jeff Sharkey
2b8f194f1a
am 1bd078fa: Protect runtime storage mount points.
...
* commit '1bd078fa7b5ca613cb3e793d67ccd86d2602787d':
Protect runtime storage mount points.
9 years ago
Jeff Sharkey
4fc3063606
am 1bd078fa: Protect runtime storage mount points.
...
* commit '1bd078fa7b5ca613cb3e793d67ccd86d2602787d':
Protect runtime storage mount points.
9 years ago
Jeff Sharkey
1bd078fa7b
Protect runtime storage mount points.
...
We have a bunch of magic that mounts the correct view of storage
access based on the runtime permissions of an app, but we forgot to
protect the real underlying data sources; oops.
This series of changes just bumps the directory heirarchy one level
to give us /mnt/runtime which we can mask off as 0700 to prevent
people from jumping to the exposed internals.
Also add CTS tests to verify that we're protecting access to
internal mount points like this.
Bug: 22964288
Change-Id: I83f09f0423f4993e766273c50389dd29b1c50589
9 years ago
Jeff Sharkey
a95e66afba
am 6d71977d: am 157ba435: am 8474ee32: Return useful path when not visible.
...
* commit '6d71977d142f42a4646f23c2fba79fed4fbfd7d7':
Return useful path when not visible.
9 years ago
Jeff Sharkey
6d71977d14
am 157ba435: am 8474ee32: Return useful path when not visible.
...
* commit '157ba4356da6d771194f0276ed1fdd69a14b85a5':
Return useful path when not visible.
9 years ago
Jeff Sharkey
157ba4356d
am 8474ee32: Return useful path when not visible.
...
* commit '8474ee323131fdadcc17f09eab25003a7ae934e0':
Return useful path when not visible.
9 years ago
Jeff Sharkey
3a60599ae8
am 8474ee32: Return useful path when not visible.
...
* commit '8474ee323131fdadcc17f09eab25003a7ae934e0':
Return useful path when not visible.
9 years ago
Jeff Sharkey
8474ee3231
Return useful path when not visible.
...
This allows apps like ExternalStorageProvider to still read/write
files on transient storage devices which aren't mounted as visible.
Bug: 22545248
Change-Id: Idacb15f2233245a8e1861d9be977535a82b218ec
9 years ago
Jeff Sharkey
72fbcfd909
am f628a0fd: am 4864af92: am d46687ee: Use random data for benchmark instead of zeros.
...
* commit 'f628a0fdae14e3e8fcc5c3b586045e06a2c03f9f':
Use random data for benchmark instead of zeros.
9 years ago
Jeff Sharkey
f628a0fdae
am 4864af92: am d46687ee: Use random data for benchmark instead of zeros.
...
* commit '4864af926d1ee6acc5a9853360af3d6b6e8a88ee':
Use random data for benchmark instead of zeros.
9 years ago
Jeff Sharkey
26934b0954
am d46687ee: Use random data for benchmark instead of zeros.
...
* commit 'd46687ee5da7c9847c6188241ccc699d3a0826c2':
Use random data for benchmark instead of zeros.
9 years ago
Jeff Sharkey
4864af926d
am d46687ee: Use random data for benchmark instead of zeros.
...
* commit 'd46687ee5da7c9847c6188241ccc699d3a0826c2':
Use random data for benchmark instead of zeros.
9 years ago
Jeff Sharkey
d46687ee5d
Use random data for benchmark instead of zeros.
...
If we always write zeros, we're leaving a giant pile of known
plaintext at an almost deterministic location on newly formatted
volumes. To avoid this, repeat a 64K chunk of random data.
Bug: 22816936
Change-Id: Iedc067a519bd676a93b9d74ea4f9f77c84c8461c
9 years ago
Jeff Sharkey
09b542f269
am 20642ae7: Give secondary users read-only physical cards.
...
* commit '20642ae71aa93ec2658d09c92a1ffc3844f5a555':
Give secondary users read-only physical cards.
9 years ago
Jeff Sharkey
c8df7fb173
am cd52cca7: am 27f98a12: am 20642ae7: Give secondary users read-only physical cards.
...
* commit 'cd52cca79c1fc96441d6348989722f4527875851':
Give secondary users read-only physical cards.
9 years ago
Jeff Sharkey
cd52cca79c
am 27f98a12: am 20642ae7: Give secondary users read-only physical cards.
...
* commit '27f98a12df1e9513124448d0d7464664d798cc60':
Give secondary users read-only physical cards.
9 years ago
Jeff Sharkey
27f98a12df
am 20642ae7: Give secondary users read-only physical cards.
...
* commit '20642ae71aa93ec2658d09c92a1ffc3844f5a555':
Give secondary users read-only physical cards.
9 years ago
Jeff Sharkey
20642ae71a
Give secondary users read-only physical cards.
...
Long ago, we mounted secondary physical cards as readable by all
users on the device, which enabled the use-case of loading media on
a card and viewing it from all users.
More recently, we started giving write access to these secondary
physical cards, but this created a one-directional channel for
communication across user boundaries; something that CDD disallows.
This change is designed to give us the best of both worlds: the
package-specific directories are writable for the user that mounted
the card, but access to those "Android" directories are blocked for
all other users. Other users remain able to read content elsewhere
on the card.
Bug: 22787184
Change-Id: I75dbd339f11402ae774c7e4b8f2b15ee216270e8
9 years ago
Yusuke Sato
70d8ef73a2
Merge "Stop doing full fsck on private f2fs partitions"
9 years ago
Jeff Sharkey
16b3ba4bd7
am 90db4d90: am 78003caf: am 32679a82: Create user directory on emulated storage.
...
* commit '90db4d909a95cb2a9c9143a4b116822dd6cf4707':
Create user directory on emulated storage.
9 years ago
Jeff Sharkey
90db4d909a
am 78003caf: am 32679a82: Create user directory on emulated storage.
...
* commit '78003caff32e8220ebd6ca89703916d9297b77b3':
Create user directory on emulated storage.
9 years ago
Jeff Sharkey
78003caff3
am 32679a82: Create user directory on emulated storage.
...
* commit '32679a82d9542ec26ea8b4e32d29dd7b02202611':
Create user directory on emulated storage.
9 years ago
Jeff Sharkey
15c6489aa9
am 32679a82: Create user directory on emulated storage.
...
* commit '32679a82d9542ec26ea8b4e32d29dd7b02202611':
Create user directory on emulated storage.
9 years ago
Yusuke Sato
0765cf98fc
Stop doing full fsck on private f2fs partitions
...
This is safe because we run 'f2fs.fsck -f' on all writable
/dev/block* paritions on shutdown.
Bug: 21853106
Change-Id: I368a8676093c97e70ad7c09e9b71665d3c445a16
9 years ago
Jeff Sharkey
32679a82d9
Create user directory on emulated storage.
...
When mounting a primary external storage device that is multi-user
aware, ensure that the user-specific directory actually exists before
moving forward.
Bug: 22472026
Change-Id: I33c8eed261a9c0d5acedd5be6133ed9990679d08
9 years ago
Paul Crowley
07897ad476
Restore setusercryptopolicies, lost in a merge.
...
Looks like when I merged the change that introduced
CryptCommandListener.cpp into my changes, I managed to lose this
function. Without it, non-primary users will stop working after
a reboot.
Change-Id: I9c959b6513698419bc09db69db943d01a296b35e
9 years ago
Paul Crowley
7331a963d5
am c93442ee: am 93363482: Evict the key before we delete it.
...
* commit 'c93442eea4b74858b0b45c69f0642d05bce7e8e8':
Evict the key before we delete it.
9 years ago
Paul Crowley
60aafe382d
am 95b5c3de: am e76d9e6b: Fix erroneous comment in secdiscard.cpp, plus style fixes.
...
* commit '95b5c3dedcec60ea8d31c192592e0cfdc26af730':
Fix erroneous comment in secdiscard.cpp, plus style fixes.
9 years ago
Paul Crowley
722afdd0f6
am c10f4331: am cd307b7c: Scrub the key from the disk with BLKSECDISCARD.
...
* commit 'c10f43311319b63e60fcdf8f29330f110504fc64':
Scrub the key from the disk with BLKSECDISCARD.
9 years ago
Paul Crowley
fcccd89378
am f4000e48: (-s ours) am 5bd0daf9: Add tool for scrubbing files with BLKSECDISCARD.
...
* commit 'f4000e480d5da9df8c0205b28160e60a0b47c77d':
Add tool for scrubbing files with BLKSECDISCARD.
9 years ago
Paul Crowley
a3f6e9714a
am 41ddfc15: (-s ours) am b33e8873: Add "cryptfs deleteuserkey" command to vold.
...
* commit '41ddfc151d6a071dc5343246e6d47c996364ddf7':
Add "cryptfs deleteuserkey" command to vold.
9 years ago
Paul Crowley
f62eae3aeb
am 17ceaff2: (-s ours) am 95376d61: Add vold commands for setting up per-user encrypted user directories
...
* commit '17ceaff271f735cc4827f34309ac035d61bb3aef':
Add vold commands for setting up per-user encrypted user directories
9 years ago
Paul Crowley
fcea94d592
am 2db4367d: am f25a35a1: (-s ours) Break key installation into its own function so we can install non-master keys.
...
* commit '2db4367d0af338dbf4db49aebf0dc9853ce8a23a':
Break key installation into its own function so we can install non-master keys.
9 years ago
Paul Crowley
c93442eea4
am 93363482: Evict the key before we delete it.
...
* commit '9336348200758d067fed164368636521b4e58621':
Evict the key before we delete it.
9 years ago
Paul Crowley
95b5c3dedc
am e76d9e6b: Fix erroneous comment in secdiscard.cpp, plus style fixes.
...
* commit 'e76d9e6be65c9af52a0ed722267521256269cc18':
Fix erroneous comment in secdiscard.cpp, plus style fixes.
9 years ago
Paul Crowley
c10f433113
am cd307b7c: Scrub the key from the disk with BLKSECDISCARD.
...
* commit 'cd307b7c6301593727892d1fa9bb92aadb5fdaca':
Scrub the key from the disk with BLKSECDISCARD.
9 years ago
Paul Crowley
f4000e480d
am 5bd0daf9: Add tool for scrubbing files with BLKSECDISCARD.
...
* commit '5bd0daf926ea8096dc091d7b99ff9e56cc5746aa':
Add tool for scrubbing files with BLKSECDISCARD.
9 years ago
Paul Crowley
41ddfc151d
am b33e8873: Add "cryptfs deleteuserkey" command to vold.
...
* commit 'b33e8873ea78b92e536aa33f48130a91ca150f0c':
Add "cryptfs deleteuserkey" command to vold.
9 years ago
Paul Crowley
17ceaff271
am 95376d61: Add vold commands for setting up per-user encrypted user directories
...
* commit '95376d612c91236c8cd751b9af02c9aa57f4870f':
Add vold commands for setting up per-user encrypted user directories
9 years ago
Paul Crowley
2db4367d0a
am f25a35a1: (-s ours) Break key installation into its own function so we can install non-master keys.
...
* commit 'f25a35a1c98d4fac118ee9abe34d6bbf2d3a2201':
Break key installation into its own function so we can install non-master keys.
9 years ago