Crypto block device is needed for device mapper based data
encryption for any partition. Close the device file pointer
when data packet is encrypted.
CRs-Fixed: 2417032
Change-Id: I0fa7c4829665b8a505a5abf598bb54b7835f71e0
Use get_crypto_info instead of fs_mgr_*
Test: builds and boots
Original Change-Id: I9c6803fb228f4f62e67b05f24b849048216e2a63
Change-Id: I7242e33f39b7f0558c44a0328d10569cf1a64253
Metadata encryption essentially encrypts userdata filesystem metadata
using Inline crypto engine based block disk encryption concept. New
Inline crypto engine based block disk encryption design do not create
crypto block device. When metadata encryption was enabled it needed
crypto block device to encrypt the metadata. So if metadata partition
is mounted on device block disk encryption did not work. Fix this by
checking whether crypto block device was created or not to switch
between two data encryption calls.
CRs-Fixed: 2389467
Change-Id: Ic46244ab08f31e71865636f1a2470f914ca88547
Fix random failures while running CtsAppSecurityHostTestCases with
adoptable storage due to a format failure. The crypto_blkdev node
might not be immediately available after create sometimes. Adding
a wait in create to make sure the node is available.
CRs-Fixed: 2324063
Change-Id: I8a7599a9253ac530b05a97ed34829dad1f7f7a40
Crypto block device is not required for ICE based
HW FDE solution. This introduces additional delay
and is redundant since data is encrypted inline.
CRs-Fixed: 2210986
Change-Id: I67c044c35e92d2aa9413bc3448b6193f6b6a01d7
Add HW FDE changes to new tip along with soong rules for
conditional compilation.
Following changes for HW FDE as well ported:
- Restart Android framework after HW FDE key has been created
- Add support of Inline Cryto Engine
- Use new HW FDE apis to update password
- vold: Tie HW FDE keys with Root of Trust(ROT)
- vold: Fix HW FDE OTA support on SW FDE encrypted device
- vold: Fix return value from get_keymaster_hw_fde_passwd()
- vold: Remove creation of new keymaster key for password update
- vold: Fix password update issue with HW FDE
- vold: hw_fde: fix OTA issues from L to M
- vold: Branch out SW and HW FDE paths to improve boot up time
- cryptfs: Use lower case alphabets for hex key during OTA upgrades
- vold: Improve device boot up time (Tune sleep calls)
- Retry mount if mount fails after setting HW FDE key
- cryptfs: Fix compilation error
- cryptfs: Fix mount failure when encryption triggered from settings
- cryptfs: fix issue that caused problems with forced HW encryption
- cryptfs: fix wrong password set by user during bootup.
CRs-Fixed: 2210986
Change-Id: I77279fc7e309ac94535123a2b2dbcb228bb47251
During OTA upgrades if security state or ROT changes then Keymaster
keys requires upgrade. So for such usescases, if the FBE ephemeral
key export fails, check whether KM key requires upgrade and try for
exporting ephemeral key again.
CRs-Fixed: 2632902
Change-Id: I3ee2fcd97a56b628dc4304867c8f2b8da875f883
Signed-off-by: Neeraj Soni <neersoni@codeaurora.org>
Legacy wrapped key support was dropped while merging changes
to support multiple versions of dm-default key driver in kernel.
Fix this by calling legacy API to check wrapped key support for
metadata encryption.
CRs-Fixed: 2678344
Change-Id: I7d9efec09ddf7169cf0b1114b4e16b9fe38cad4b
Signed-off-by: Neeraj Soni <neersoni@codeaurora.org>
We previously only set +F for /data/media, but adopted storage needs
this as well. Instead we add support for adding attrs to PrepareDir.
Bug: 163453310
Test: sm set-virtual-disk true
follow UI setup and confirm +F on /mnt/expand/*/media
Change-Id: I08f13b57a4de3538e88b38eb95b0ac115a5a5ce8
Merged-In: I08f13b57a4de3538e88b38eb95b0ac115a5a5ce8
Block groups with EXT4_BG_BLOCK_UNINIT still have backup superblocks
(and backup block group descriptors). Fix EncryptInPlace to encrypt
these backup superblocks rather than leave them unencrypted.
Previously leaving the backup superblocks unencrypted didn't cause any
problems, but due to system/core commit 72abd7b246f7 ("Try to recover
corrupted ext4 /data with backup superblock") it is causing problems.
Bug: 162479411
Bug: 161871210
Merged-In: Ic090bf4e88193b289b04c5254ddf661ef40b037e
Change-Id: Ic090bf4e88193b289b04c5254ddf661ef40b037e
The emmc_optimized encryption flag is specifically designed for the
limitations of inline encryption hardware that follows the eMMC
standard. It isn't appropriate to use on other types of storage.
So, make vold enforce that it's not used on other types of storage.
Bug: 160639344
Test:
- Enabled emmc_optimized on Cuttlefish and verified it no longer boots
- Using a modified version of this change, verified that
IsEmmcStorage() works as expected on various devices including
Cuttlefish, Cuttlefish booted in GSI image mode, a device with eMMC
storage, and a device with UFS storage.
- Verified that VtsKernelEncryptionTest still passes
Change-Id: Ie27b80658db53b1a4207b3cbb4e309d05130812e
Merged-In: Ie27b80658db53b1a4207b3cbb4e309d05130812e
By default FUSE filesystems have a max_ratio of 1%, meaning only 1% of
dirty pages on the system can belong to a FUSE filesystem before we
start writing back pages (and throttling, if writeback can't keep up).
This limit is useful for untrusted filesystems, but in our case, we
trust the FUSE filesystem. Since FUSE writes result in writes to the
lower filesystem, FUSE should take at most 50%. Let's start with
changing max_ratio to 40%, to avoid needless throttling.
Bug: 159254170
Bug: 159770752
Test: inspect /sys/class/bdi manually after boot
Change-Id: I467e3770fc4afba0a08fa480c0b86aa054c8b875
Sometimes, during early boot, a public volume may be created before
the user is unlocked and the mount may fail. This mount failure does
not revert the lower fs mounts (sdcardfs and vfat). Subsequent
mount attempts will then fail because we'd attempt to mount vfat on
already mounted /mnt/media_rw/<volname>
Bug: 158489548
Test: Resilient to an artificial sleep in
StorageManagerService#completeUnlockUser to
delay user unlock longer than public volume mount
Change-Id: I9a1574596434a2eb6b2553c0c9220c2118c7e4fd
This is needed so "adb remount" can avoid writing to /data during a
checkpoint.
Bug: 157540389
Test: manual test
Change-Id: I33a691da3b99343acfc1e8ddf68a14504c3bfbe1
Merged-In: I33a691da3b99343acfc1e8ddf68a14504c3bfbe1
Bug: 156225476
Test: Build for f2fs and ext4 device, make sure checkpoints roll back
and commit
Merged-In: Ic15fadc67d306463dd0b554f679306d8f9081451
Change-Id: Ic15fadc67d306463dd0b554f679306d8f9081451
For fuse read ahead can be configured by writing a value to the
/sys/class/bdi/{MAJOR}:{MINOR}/read_ahead_kb file.
There are several different ways of getting {MAJOR}:{MINOR} values of
the filesystem:
* Look at st_dev of stat("/mnt/user/0/emulated").
* Parse /proc/self/mountinfo.
Stat'ing approach is used since it's easier to implement.
Bug: 157982297
Test: atest vold_tests
Test: adb shell cat /proc/self/mountinfo to get MAJOR:MINOR
Test: adb shell cat /sys/class/bdi/{MAJOR}:{MINOR}/read_ahead_kb
Test: created public volume, checked it's read_ahead_kb is also 256
Change-Id: Id0c149c4af1ceabf3afc33b4100563a512b38316
On devices without sdcardfs, /Android/data/com.foo and
/Android/obb/com.foo can be written by other processes (eg installers);
in those cases, file ownership may be wrong. To ensure that the original
app always has access to the files contained in this directory, add a
group to the default ACL that matches the UID of the app. Since all apps
have their own UID also as their group ID, this ensures that things keep
working correctly.
Bug: 157530951
Test: atest
android.appsecurity.cts.ExternalStorageHostTest#testExternalStorageUnsharedObb
Change-Id: I829a2a7c7b578a8328643f38681e68796adcd6b2
Change-Id: Ibbc333fb395507363830dfcf5dc6f1cfd55f008d
FuseDaemonHostTest is migrated to CTS and renamed to
CtsScopedStorageHostTest.
Bug: 142926859
Test: atest --test-mapping
Change-Id: I24c74e20909ccf8868d1487e1cc93f6f2c0108fc
This can be done through binder as well as vdc, using 'vdc volume
abort_fuse'.
Bug: 153411204
Test: adb shell vdc volume abort_fuse
Change-Id: I93e46dc1cd361729cc1162c63520cf73152ea409
This allows devices that have sdcardfs enabled in the kernel to not use
it. When external_storage.sdcardfs.enabled=0, sdcardfs will not be
mounted. This is treated as default true to not affect upgrading
devices. It does not use the old ro.sys.sdcardfs as that has been
repurposed over time and no longer can be relied on to turn off
sdcardfs. This is included within emulated_storage.mk
Bug: 155222498
Test: mount|grep "type sdcardfs" should find nothing after boot complete
if external_storage.sdcardfs.enabled=0
Change-Id: I23d75fb1225aeabbcb1a035ad62fd042b6b3c7b5