Jeff Sharkey
c36ffa0010
am 0deb385f: am 66270a21: Let\'s reinvent storage, yet again!
...
* commit '0deb385f85b4569d98ed9d1df96de1761b378c17':
Let's reinvent storage, yet again!
9 years ago
Jeff Sharkey
0deb385f85
am 66270a21: Let\'s reinvent storage, yet again!
...
* commit '66270a21df1058434e4d63691221f11ff5387a0f':
Let's reinvent storage, yet again!
9 years ago
Jeff Sharkey
66270a21df
Let's reinvent storage, yet again!
...
Now that we're treating storage as a runtime permission, we need to
grant read/write access without killing the app. This is really
tricky, since we had been using GIDs for access control, and they're
set in stone once Zygote drops privileges.
The only thing left that can change dynamically is the filesystem
itself, so let's do that. This means changing the FUSE daemon to
present itself as three different views:
/mnt/runtime_default/foo - view for apps with no access
/mnt/runtime_read/foo - view for apps with read access
/mnt/runtime_write/foo - view for apps with write access
There is still a single location for all the backing files, and
filesystem permissions are derived the same way for each view, but
the file modes are masked off differently for each mountpoint.
During Zygote fork, it wires up the appropriate storage access into
an isolated mount namespace based on the current app permissions. When
the app is granted permissions dynamically at runtime, the system
asks vold to jump into the existing mount namespace and bind mount
the newly granted access model into place.
Bug: 21858077
Change-Id: Iade538e4bc7af979fe20095f74416e8a0f165a4a
9 years ago
Makoto Onuki
2cd283ebf8
am 34507d60: am 5d268fda: Merge "Make sure volume is vfat before fsck\'ing." into mnc-dev
...
* commit '34507d60ad50f8953226a4699c67dd9f4e38a5b9':
Make sure volume is vfat before fsck'ing.
9 years ago
Makoto Onuki
34507d60ad
am 5d268fda: Merge "Make sure volume is vfat before fsck\'ing." into mnc-dev
...
* commit '5d268fdac49bd3174a7f0c6dbb042162ae87a695':
Make sure volume is vfat before fsck'ing.
9 years ago
Makoto Onuki
5d268fdac4
Merge "Make sure volume is vfat before fsck'ing." into mnc-dev
9 years ago
Makoto Onuki
c82c9ce18c
Make sure volume is vfat before fsck'ing.
...
Bug 21948137
Change-Id: I6843423fd8809d9e2f352059a810aa17dd83b3e3
9 years ago
Shawn Willden
55c09b2e6f
am 4fcd2fca: am 86af3557: Add purpose to vold-generated keymaster1 keys.
...
* commit '4fcd2fca225a5ca61bd9c7c38d0bc073946cec92':
Add purpose to vold-generated keymaster1 keys.
9 years ago
Shawn Willden
4fcd2fca22
am 86af3557: Add purpose to vold-generated keymaster1 keys.
...
* commit '86af3557e3dc0f6e4fa2c0d56f840eb4247f9f4f':
Add purpose to vold-generated keymaster1 keys.
9 years ago
Paul Crowley
32414c60e4
Merge "Fix erroneous comment in secdiscard.cpp, plus style fixes."
9 years ago
Shawn Willden
86af3557e3
Add purpose to vold-generated keymaster1 keys.
...
Also remove the app ID and additional padding and digest options.
Bug: 22009890
Change-Id: Ibff9bbd0e0c11d651d11fac85d4ac907588f1cd2
9 years ago
Paul Crowley
747e1f7a6d
Fix erroneous comment in secdiscard.cpp, plus style fixes.
...
Bug: 19706593
Change-Id: I9c1442f31cc6b6507225a5aa9ad07be6042d69ce
9 years ago
Jeff Sharkey
83434e3714
am b5e680ac: am bc40cc8f: Add method to forget private partition keys.
...
* commit 'b5e680ac377619286d4b8566a3b736fcf0ee7bb0':
Add method to forget private partition keys.
9 years ago
Jeff Sharkey
b5e680ac37
am bc40cc8f: Add method to forget private partition keys.
...
* commit 'bc40cc8f07f69e0e26fc41516e2a83f0a8becbe0':
Add method to forget private partition keys.
9 years ago
Jeff Sharkey
bc40cc8f07
Add method to forget private partition keys.
...
Report both the disk and the partition GUID for private volumes to
userspace, and offer to forget the encryption key for a given
partition GUID.
Bug: 21782268
Change-Id: Ie77a3a58e47bf3563cdb3e4b0edfab1de4d0e6b4
9 years ago
Shawn Willden
9825e45a33
am c6c5932c: am 0417060e: Use correct error code for rate limiting.
...
* commit 'c6c5932cf87a6c8976283c249f949b5ed2c1f1a0':
Use correct error code for rate limiting.
9 years ago
Shawn Willden
c6c5932cf8
am 0417060e: Use correct error code for rate limiting.
...
* commit '0417060e8ebfd28171fd0aaef8f4e42d9ddd482e':
Use correct error code for rate limiting.
9 years ago
Shawn Willden
0417060e8e
Use correct error code for rate limiting.
...
Note that this CL depends on cl 712195, which must be submitted first.
Bug: 21607106
Change-Id: Iafc42d1c8a1145a31ea252b33b404044f92ec62b
9 years ago
Shawn Willden
07e5c7ee9a
am 8087e116: am da6e899f: Add keymaster1 support to vold.
...
* commit '8087e1165586f6c5ef5474855458f4379c225622':
Add keymaster1 support to vold.
9 years ago
Shawn Willden
8087e11655
am da6e899f: Add keymaster1 support to vold.
...
* commit 'da6e899f4e1429add2ef023e0cc6b0fcca42c945':
Add keymaster1 support to vold.
9 years ago
Shawn Willden
da6e899f4e
Add keymaster1 support to vold.
...
Bug: 21607106
Change-Id: I498141b90888d4f0652912413b04519f61886935
9 years ago
Paul Crowley
53af81c60d
Scrub the key from the disk with BLKSECDISCARD.
...
Bug: 19706593
Change-Id: Ib91b5182413b5dca6d0e1fdda7990ea0973843bb
9 years ago
Paul Lawrence
5127edf709
am 4cc173e1: am b1ef4665: Improve boot time by 0.1s by reducing a polling sleep interval
...
* commit '4cc173e135d63bf1878dd853cef2950fdd678423':
Improve boot time by 0.1s by reducing a polling sleep interval
9 years ago
Paul Lawrence
4cc173e135
am b1ef4665: Improve boot time by 0.1s by reducing a polling sleep interval
...
* commit 'b1ef4665e8df4abf0f3f134bf3090415fc834606':
Improve boot time by 0.1s by reducing a polling sleep interval
9 years ago
Paul Lawrence
b1ef4665e8
Improve boot time by 0.1s by reducing a polling sleep interval
...
Bug: 21516860
Change-Id: I9e28f4d9cc20ec2a7d9e325c02ef85f0ad9b3d60
9 years ago
Paul Crowley
d7745b9286
Restore commands not carried over to new command listener.
...
Bug: 21743205
Change-Id: Icd4de4e75f7123ce937949499e5d4fc3c1e28ce7
9 years ago
Jeff Sharkey
7744be3ac7
am b75343ae: am 210228a0: Merge "Start tracking added users with serial numbers." into mnc-dev
...
* commit 'b75343ae9968326a7d93b3e8981fb3734a11b81d':
Start tracking added users with serial numbers.
9 years ago
Paul Lawrence
a4c92a4bc2
am 330f26ba: am 3bd36d5e: Remove hex encoding and password adjusting now that patterns are \'1\' based
...
* commit '330f26baea3ba998a52c88ad0cf0c115f4265923':
Remove hex encoding and password adjusting now that patterns are '1' based
9 years ago
Jeff Sharkey
b75343ae99
am 210228a0: Merge "Start tracking added users with serial numbers." into mnc-dev
...
* commit '210228a089cd215bc671b9fb664d869d2c5ad986':
Start tracking added users with serial numbers.
9 years ago
Jeff Sharkey
210228a089
Merge "Start tracking added users with serial numbers." into mnc-dev
9 years ago
Jeff Sharkey
bd3038df74
Start tracking added users with serial numbers.
...
vold will eventually use the serial numbers to clean up stale user
directories when mounting private storage devices.
Bug: 20275572
Change-Id: Ia29cb5da23e969f3087bb5caa5dc8f4e88f07613
9 years ago
Paul Lawrence
330f26baea
am 3bd36d5e: Remove hex encoding and password adjusting now that patterns are \'1\' based
...
* commit '3bd36d5e5f14dff4dadba88eb27664e495d0e16e':
Remove hex encoding and password adjusting now that patterns are '1' based
9 years ago
Paul Crowley
4716ee8af7
chmod a-x VolumeManager.cpp
...
Change-Id: Id4aa31efed1753d5c15446d8281f2decea28efca
9 years ago
Paul Lawrence
3bd36d5e5f
Remove hex encoding and password adjusting now that patterns are '1' based
...
Bug: 21606650
Change-Id: I3486ad394d563135c5171a1d4785f7a27eeea3ae
9 years ago
Jeff Sharkey
c104e34298
am 0eb991ea: am 34824129: Run restorecon over mounted private volumes.
...
* commit '0eb991ea0a932c79991d42bb817224cf9c5bb8d7':
Run restorecon over mounted private volumes.
9 years ago
Jeff Sharkey
0eb991ea0a
am 34824129: Run restorecon over mounted private volumes.
...
* commit '34824129de2c4a8bb0d1cb9011beff2c186a87d0':
Run restorecon over mounted private volumes.
9 years ago
Jeff Sharkey
34824129de
Run restorecon over mounted private volumes.
...
This ensures that we have consistent SELinux policy in place before
going any further, and it mirrors the way we restorecon /data when
first mounted.
Bug: 21121357
Change-Id: I2a7e3584ade655fe1fae8916cf54f9eae3a0f99d
9 years ago
Jeff Sharkey
4863ca6e84
am d6a77b51: am d0640f63: Add f2fs support for private volumes.
...
* commit 'd6a77b518ca951d8b527f97d3e3732756c641a74':
Add f2fs support for private volumes.
9 years ago
Jeff Sharkey
d6a77b518c
am d0640f63: Add f2fs support for private volumes.
...
* commit 'd0640f6358041f7e2657167560b357078db73526':
Add f2fs support for private volumes.
9 years ago
Jeff Sharkey
d0640f6358
Add f2fs support for private volumes.
...
When formatting volumes, pass along fsType string which can be "auto"
to let the volume select the best choice. For now, private volumes
assume that MMC devices (like SD cards) are best off using f2fs when
both kernel support and tools are present, otherwise fall back to
ext4. Use blkid when mounting to pick the right set of tools.
Move filesystem utility methods into namespaces and place in separate
directory to be more organized.
Bug: 20275581
Change-Id: Id5f82d8672dda2e9f68c35b075f28232b0b55ed4
9 years ago
Paul Lawrence
6bd412103c
Merge commit '5c18a675' into manualmerge
...
Change-Id: I6f39812ebc476351a103475e6844be1c20032939
9 years ago
Paul Lawrence
5c18a67579
Merge commit 'd0b4295c' into manualmerge
...
Change-Id: I6d7178edebf50663fa9622b539c8101627a84385
9 years ago
Paul Lawrence
d0b4295ccc
Move crypt commands to a different listener in vold
...
In order to prevent this bug from happening, we must allow vold cryptfs
commands to complete while a long running mount is underway.
While waiting for vold to be changed to a binder interface, we will simply
create two listeners, one for cryptfs and one for everything else.
Bug: 19197175
Change-Id: If74142aa81abd58f718a9de6c9e387f6ea442754
9 years ago
Paul Lawrence
3b5fa8a68e
am d095d867: am 0628fa25: Improve boot time
...
* commit 'd095d86705a42186c906db58486575b2d9060de6':
Improve boot time
9 years ago
Paul Lawrence
d095d86705
am 0628fa25: Improve boot time
...
* commit '0628fa25141261e549f06d1c6f9e9f3d29e2b8f0':
Improve boot time
9 years ago
Paul Lawrence
0628fa2514
Improve boot time
...
Bug: 21516860
Change-Id: I3153c7f9a414a8eeadc0118f0a642ad8e96c81ce
9 years ago
Paul Crowley
eebf44563b
Add "cryptfs deleteuserkey" command to vold.
...
Bug: 19706593
Change-Id: I8c97f23316d1a122e24e7627a0422fa180504ba1
9 years ago
Elliott Hughes
e1762fa8e0
am bb68c6f5: am d25e1074: Merge "Don\'t use TEMP_FAILURE_RETRY on close in vold." into mnc-dev
...
* commit 'bb68c6f57647a572808445ca3852a2b80e9ad91f':
Don't use TEMP_FAILURE_RETRY on close in vold.
9 years ago
Paul Lawrence
5225306843
am 9a795187: (-s ours) am 86c942a2: (-s ours) DO NOT MERGE Delete password as per block encryption
...
* commit '9a795187ee7cd75cf5398c8e7f3c6137a1913853':
DO NOT MERGE Delete password as per block encryption
9 years ago
Elliott Hughes
bb68c6f576
am d25e1074: Merge "Don\'t use TEMP_FAILURE_RETRY on close in vold." into mnc-dev
...
* commit 'd25e10744026e85e86e22ace8ec939611be3f367':
Don't use TEMP_FAILURE_RETRY on close in vold.
9 years ago