This vold command returns 0 if the given password matches the password
used to decrypt the device on boot. It returns 1 if they don't match,
and it returns -1 on an internal error, and -2 if the device is not encrypted.
Also check the uid of the sender of the command and only allow the root and
system users to issue cryptfs commands.
Change-Id: I5e5ae3b72a2d7814ae68c2d49aa9deb90fb1dac5
If a raw block is specified for key storage, do not try to force the size
of the file to 16 Kbytes when writing the keys, and do not complain if
the size is not 16 Kbytes when reading the keys. Only do them if the
keyfile is a regular file.
Change-Id: I4de1cb7c3614479d93289d4f2767ca6ce1bbbc73
Add the force_and_revert option to the unmount command which will force
the unmount, and revert a crypto mapping. This is used during factory
reset so that when the internal sdcard volume is formatted, it formats
the raw device, not the encrypted mapping.
Change-Id: I36b6ff9bb54863b121de635472a303bf4a2334a9
Mounting was already not allowed, but also unshare before starting
encryption, and don't allow sharing or formatting to be initiated
during encrytion.
Change-Id: Ida188d81f025739ba4dd90492b3e66088735991e
Forgot to include the size of the userdata partition when computing
the total size of vold managed volumes to encrypt.
Change-Id: I237548439d4380b4225ffbc603fa972c3b1c5bae
Works around a race condition between the vold and MountService uevent handlers
Change-Id: I71c92f2e9b92e1fefc192da166a91d81bc60e242
Signed-off-by: Mike Lockwood <lockwood@android.com>
To eliminate possible buffer overflows some strcpy,
sprintf and strcat have been changed to strlcpy,
snprintf and strlcat.
Change-Id: Ieb9d4b600c894946a6492f8629ff39f2fcc106d3
Signed-off-by: Oskar Andero <oskar.andero@sonyericsson.com>
Add support for keeping the keys in a separate file on another partition,
for devices with no space reserved for a footer after the userdata filesystem.
Add support for encrypting the volumes managed by vold, if they meet certain
criteria, namely being marked as nonremovable and encryptable in vold.fstab.
A bit of trickiness is required to keep vold happy.
Change-Id: Idf0611f74b56c1026c45742ca82e0c26e58828fe
* commit '9496945d0ded76031cb129de65be425cfa971673':
DO NOT MERGE Only create android_secure mountpoint on the primary external storage volume.
DO NOT MERGE Mount secondary external storage writable by AID_MEDIA_RW rather than AID_SDCARD_RW
* commit '4e00f1fa4d4e82bba4afe1c2a21bf0a56b3a4c8f':
DO NOT MERGE Only create android_secure mountpoint on the primary external storage volume.
DO NOT MERGE Mount secondary external storage writable by AID_MEDIA_RW rather than AID_SDCARD_RW