* Use const reference type for for-loop index variables
to avoid unnecessary copy.
Bug: 30413223
Change-Id: Id4d980ae8afec1374fc3be0b23f1c6a39bff86e0
Test: build with WITH_TIDY=1
Ephemeral users don't have keys stored on disk at all, so it's neither
necessary nor possible to manipulate the disk keys here.
Bug: 30038313
Change-Id: Idc7ec1bfe1e8a6ffa6cee2f284dbe378097b08da
Also add matching cleanup to EVP_EncryptInit_ex for symmetry (though I'm not
convinced it actually leaks memory)
Change-Id: Icf72dd9e0295d8b6ea55909266a43e684b16420f
On FBE devices, the filenames inside credential-encrypted directories
are mangled until the key is installed. This means the initial
restorecon at boot needs to skip these directories until the keys
are installed.
This CL uses an existing facility to request that init run a
recursive restorecon over a given path, and it requests that
operation for the CE directories that would have been omitted by
the SKIPCE flag earlier during boot.
Bug: 30126557
Change-Id: I8c7abea27215075a091f615a7185a82a2f4a4a95
Don't rely on cryptographic binding of secdiscard to key; securely
delete the other information needed to reconstruct the key too.
Bug: 26021231
Change-Id: If03d2c051b0ec2fdcb5c6f70bde7e3287424f216
On a device where we can't BLKSECDISCARD sectors, we "overwrite" them
with zeroes. This changes the FTL to remap those sectors to new
locations. With this done, the old contents are accessible only given
a compromise of flash firmware or a die level attack.
Bug: 26021231
Change-Id: Ia065921389886fac1ba456c19c138187237c2561
When "migrating" data failes due to insufficient space
at target location, the data copied so far is left in
target location, which in practice is now filled to the
brim.
If copy fails clean up the data copied so far since user
has the data in original location.
Bug: 26322200
Change-Id: Iab29a7f9e653e6857ee0e2723d151dfec81b14dd
Sometimes migrating data fails to mount the target
volume after operation is finished.
MoveTask is running in its own thread, copying data
between external card and internal memory.
After copying the data the method "bringOnline" is
run. This method destroys and creates the volumes.
When VolumeBase::create() is run it will notify
MountService, who upon receiving this notification
will send a mount command to mount the new primary
storage.
This command will sometimes run before
setState(State::kUnmounted); is called on the newly
created volume. This will cause the mount command to
fail.
VoldConnector: SND -> {10 volume mount emulated 3 -1}
vold : emulated flags change requires state unmounted or unmountable
vold : emulated user change requires state unmounted or unmountable
vold : emulated mount requires state unmounted or unmountable
Lock bringOnline so no volume commands will be processed
until volumes are (re-)created and have correct state.
Bug: 26322200
Change-Id: I4aba85c226d904c42ae9edcdfec21619218939d6
This had minimal impact on the results, since 95% of the writes were
performed through pwrite(), but it's important to fix this for future
benchmark suites.
Bug: 29759783
Change-Id: Ic628aab98b9f9def78508cc722899afdefed84ae