cryptfs will fail to remount /data at boot if any processes (e.g.
dex2oat) have files open on the tmpfs /data partition. Since these
files are about to be destroyed anyway, just kill the offending
processes: first with SIGHUP and finally with SIGKILL.
Also remove a stray i++ that effectively cut the number of retries in
half.
Bug: 17576594
Change-Id: I76fb90ce2e52846ffb9de706e52b7bde98b4186a
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Otherwise we get strange results when the time changes. Worst
effect is that the encryption takes a lot longer since we are
calling the logging code far more frequently.
Bug: 17625981
Change-Id: Ice29f28b3720e9e4a1ea28e45eeab574d1959ec1
Change-Id: I88ae719cdae490433390d624f75612a9f4f96677
Cryptfs : Enabling support for allow_discards in dmcrypt.
Cryptfs : Password matches
Cryptfs : test_mount_encrypted_fs(): Master key saved
TrustyKeymaster: Creating device
TrustyKeymaster: Device address: 0x7f8f416100
Cryptfs : keymaster version is 3
Cryptfs : Just asked init to shut down class main
ServiceManager: service 'drm.drmManager' died
ServiceManager: service 'media.audio_flinger' died
ServiceManager: service 'media.player' died
ServiceManager: service 'media.camera' died
ServiceManager: service 'android.security.keystore' died
Cryptfs : unmounting /data failed
Bug: 17576594
This is a deliberately minimalistic change. There is another
defect to remove all this code - removing some of it will (IMO)
simply confuse the issue.
Bug: 16868177
Bug: 17180951
Change-Id: I57d7a4fb3a881d62eb73419cd639a6e3ca567f91
* commit 'e17a9c4ad3ebb4051853a4860b18973e1a01ce11':
Change cryptfs keymaster padding to ensure the high bit is never 1, to ensure the padded message is never larger than the RSA public modulus.
This change simply switches from the deprecated
EVP_{En|De}crypt{Init|Final} to the newer, _ex versions of the same.
There is no difference in behaviour, save for calling
EVP_CIPHER_CTX_init, as the deprecated versions are just wrappers around
the _ex functions. See
https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=crypto/evp/evp_enc.c;h=f705967a40ab92cdf3c2ba8dd6bc19680d6157d6;hb=HEAD#l274
This change is required for the transition to BoringSSL, which removes
the deprecated functions.
Bug: 17409664
Change-Id: I35c6cc2d86d0c876a9edaff1e5571170fe393d87
Signed-off-by: Adam Langley <agl@google.com>
Correct implementations of keymaster should reject using an n-bit
RSA key to sign less than n bits of data, because we specify that
keymaster should not perform padding.
Change-Id: Ibdff1bbfbee84fd5bdbfb3149a124dbbaa7827fc
Previously this would fail if the framework wasn't stopped. The failure
would then stop full disk encryption. The fact that the unmount worked,
however, would then stop the second attempt from achieving anything.
Fix in line with current retry philosophy
We still need to figure out why Devmapper::destroy() fails at first.
Bug: 17301843
Change-Id: I405a36c832ccdebf2d904bef77f15eea174a6bfb
Note that this also changes the boot sequence, and moves the test for corrupted
data to cryptfs_restart_internal.
Bug: 17213613
Change-Id: I0f86e8fe3d482e2d1373bd0f4d0d861e63ad8904
In field reports, sometimes the remaining time gets stuck for many
minutes. This has to be caused by a spurious low reading early on which
cannot be overridded because of old logic.
Solution: allow time to increase but only by large amounts (avoid time
jittering up and down).
Bug: 16973374
Change-Id: I49d23ae8c54ded416cbedf383a3c03b33dc02e1c
Resize is no-op when sector count is unchanged; the caller can't
anticipate how vold does its sector calculations.
After resizing, we need to mount the container read-write, so allow
the caller to request "ro" or "rw" mode.
Handle ENOTSUP when trying to fallocate() on some filesystems
Bug: 16514385
Change-Id: I0d3a378280d4c36d14f8108ff428102283d583fa
(full-disk: no partitions)
In Android, Vold recognizes a USB drive having a full-disk file system
and mounts it properly, but when the drive is removed from system Vold
won't unmount the device. This is because Vold only unmounts partitions.
For a FAT32 USB drive (with partitions), kernel will create two devices:
sda (disk device) and sda1 (partition device). When the drive is removed,
Vold will receive two netlink events: one for partition remove (sda1)
and one for disk remove (sda). The unmount occurs only when partition
remove event is received.
For a full-disk FS USB drive, kernel will only create one device: sda
(disk device). When the drive is removed, Vold will only receive one
netlink event for disk remove (sda) and it won't unmount the device.
This patch will verify if there is a currently mounted device when disk
remove event is received and will perform unmount, to properly unmount
the device.
Change-Id: I4866ab2482fddfb40a8fc73083f31df846bbb24f
Signed-off-by: Robert Chiras <robert.chiras@intel.com>