tequilaOS/platform_system_vold
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_vold/model/Disk.cpp

621 lines
20 KiB
C++
Raw Normal View History

Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
/*
* Copyright (C) 2015 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "Disk.h"
vold: rename from "ext4 encryption" to fscrypt We support file-based encryption on both ext4 and f2fs now, and the kernel API is the same. So rename things appropriately in vold: e4crypt => fscrypt ext4enc => fscrypt Ext4Crypt => FsCrypt EXT4_* => FS_* ext4_encryption_key => fscrypt_key Additionally, the common functions shared by 'vold' and 'init' are now in libfscrypt rather than ext4_utils. So update vold to link to libfscrypt and include the renamed headers. Note: there's a chance of 'fscrypt' being confused with the dm-crypt based encryption code in vold which is called 'cryptfs'. However, fscrypt is the name used in the kernel for ext4/f2fs/ubifs encryption, and it's preferable to use the same name in userspace. Test: built, booted device with f2fs encryption Change-Id: I2a46a49f30d9c0b73d6f6fe09e4a4904d4138ff6
2018-10-23 22:06:55 +02:00
#include "FsCrypt.h"
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
#include "PrivateVolume.h"
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
#include "PublicVolume.h"
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
#include "Utils.h"
#include "VolumeBase.h"
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
#include "VolumeManager.h"
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
Track rename from base/ to android-base/. Change-Id: I3096cfa50afa395d8e9a8043ab69c1e390f86ccb
2015-12-05 00:50:53 +01:00
#include <android-base/file.h>
Be more C++. volume UUID should always be std::string. Test: boots Bug: 67041047 Change-Id: I36d3944ae8de192703b9ee359900841b833fe3a1
2017-10-09 19:55:21 +02:00
#include <android-base/logging.h>
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
#include <android-base/parseint.h>
Progress towards FBE and adoptable storage. Offer to adopt storage devices on FBE devices, but keep it guarded behind a system property for now, since we still need to work out key storage details. When migrating shared storage, leave user-specific /data/media directories in place, since they already have the needed crypto policies defined. Enable journaling, quotas, and encrypt options when formatting newly adopted devices. installd already gracefully handles older partitions without quota enabled. Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 62290006, 36757864, 29117062, 37395736 Bug: 29923055, 25861755, 30230655, 37436961 Change-Id: Ibbeb6ec9db2394a279bbac221a2b20711d65494e
2017-06-21 21:52:23 +02:00
#include <android-base/properties.h>
Track rename from base/ to android-base/. Change-Id: I3096cfa50afa395d8e9a8043ab69c1e390f86ccb
2015-12-05 00:50:53 +01:00
#include <android-base/stringprintf.h>
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
#include <android-base/strings.h>
vold: rename from "ext4 encryption" to fscrypt We support file-based encryption on both ext4 and f2fs now, and the kernel API is the same. So rename things appropriately in vold: e4crypt => fscrypt ext4enc => fscrypt Ext4Crypt => FsCrypt EXT4_* => FS_* ext4_encryption_key => fscrypt_key Additionally, the common functions shared by 'vold' and 'init' are now in libfscrypt rather than ext4_utils. So update vold to link to libfscrypt and include the renamed headers. Note: there's a chance of 'fscrypt' being confused with the dm-crypt based encryption code in vold which is called 'cryptfs'. However, fscrypt is the name used in the kernel for ext4/f2fs/ubifs encryption, and it's preferable to use the same name in userspace. Test: built, booted device with f2fs encryption Change-Id: I2a46a49f30d9c0b73d6f6fe09e4a4904d4138ff6
2018-10-23 22:06:55 +02:00
#include <fscrypt/fscrypt.h>
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
cryptfs: Require ext disk crypt to match code Our external partitions have no crypto header/footer, so we only get the keysize and key. Our code has been implicitly assuming that this keysize off of disk matches the crypto type we have in our code (and thus matches the keysize our code is using as well). We now make this assumption explicit, and check for this and no longer allow external code to pass a keysize in to cryptfs. Bug: 73079191 Test: Compiled and tested in combination with other CLs. Change-Id: I1a1996187e1aaad6f103982652b1bcdfd5be33ce
2018-02-16 22:13:58 +01:00
#include "cryptfs.h"
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
#include <fcntl.h>
Fix 64 bit builds. Change-Id: I4e30ecff3c29d0f8351c6f43de1c979c8c792fab
2015-03-31 06:22:07 +02:00
#include <inttypes.h>
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
#include <stdio.h>
#include <stdlib.h>
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
#include <sys/mount.h>
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
#include <sys/stat.h>
vold should #include <sys/sysmacros.h> Bug: https://github.com/android-ndk/ndk/issues/398 Test: builds Change-Id: I7a1ca1701099886fb493cc5288d6ee867d5f520a
2017-05-18 18:08:24 +02:00
#include <sys/sysmacros.h>
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
#include <sys/types.h>
#include <vector>
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
Update for libbase. Change-Id: I23b1281a63031a7481ea7b33c9ddbdbe7d3d6174
2015-03-16 18:35:17 +01:00
using android::base::ReadFileToString;
using android::base::StringPrintf;
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
using android::base::WriteStringToFile;
Update for libbase. Change-Id: I23b1281a63031a7481ea7b33c9ddbdbe7d3d6174
2015-03-16 18:35:17 +01:00
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
namespace android {
namespace vold {
static const char* kSgdiskPath = "/system/bin/sgdisk";
static const char* kSgdiskToken = " \t\n";
Add a new "virtual disk" feature. It's extremely difficult to test storage related logic on devices that don't have physical SD card slots. So to support better debugging and testing, add a new "virtual disk" feature which mounts a 512MB file through loop device. It relies on the kernel having the "loop.max_part" value set to something other than 0 via the boot command line, since that allows all the existing partition logic to fall into place. Bug: 34903607 Test: builds, boots, virtual disk works Change-Id: I04c5b33e37319d867542985a56b7999a9b7cf35d
2017-03-26 06:49:13 +02:00
static const char* kSysfsLoopMaxMinors = "/sys/module/loop/parameters/max_part";
Workaround perdev_minors path change in Linux This upstream Linux change has been discussed at https://patchwork.kernel.org/patch/8281851/ And included in AOSP in https://android-review.googlesource.com/c/kernel/common/+/202752 Some devices have been released without it, so we need this change to have a working SDcard on those devices. Change-Id: I323d85bd8381f82b75db09493ddc22f432cec548
2017-11-28 15:42:56 +01:00
static const char* kSysfsMmcMaxMinorsDeprecated = "/sys/module/mmcblk/parameters/perdev_minors";
static const char* kSysfsMmcMaxMinors = "/sys/module/mmc_block/parameters/perdev_minors";
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
Add a new "virtual disk" feature. It's extremely difficult to test storage related logic on devices that don't have physical SD card slots. So to support better debugging and testing, add a new "virtual disk" feature which mounts a 512MB file through loop device. It relies on the kernel having the "loop.max_part" value set to something other than 0 via the boot command line, since that allows all the existing partition logic to fall into place. Bug: 34903607 Test: builds, boots, virtual disk works Change-Id: I04c5b33e37319d867542985a56b7999a9b7cf35d
2017-03-26 06:49:13 +02:00
static const unsigned int kMajorBlockLoop = 7;
Handle *ALL* the SCSI disks! Bug: 19993667 Change-Id: I47099c262686127f82dd376570d49cf0ad119842
2015-04-20 00:55:42 +02:00
static const unsigned int kMajorBlockScsiA = 8;
static const unsigned int kMajorBlockScsiB = 65;
static const unsigned int kMajorBlockScsiC = 66;
static const unsigned int kMajorBlockScsiD = 67;
static const unsigned int kMajorBlockScsiE = 68;
static const unsigned int kMajorBlockScsiF = 69;
static const unsigned int kMajorBlockScsiG = 70;
static const unsigned int kMajorBlockScsiH = 71;
static const unsigned int kMajorBlockScsiI = 128;
static const unsigned int kMajorBlockScsiJ = 129;
static const unsigned int kMajorBlockScsiK = 130;
static const unsigned int kMajorBlockScsiL = 131;
static const unsigned int kMajorBlockScsiM = 132;
static const unsigned int kMajorBlockScsiN = 133;
static const unsigned int kMajorBlockScsiO = 134;
static const unsigned int kMajorBlockScsiP = 135;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
static const unsigned int kMajorBlockMmc = 179;
Support emulator's virtio-blk based SD card Currently, vold only supports MMC (for SD cards) and SCSI (for USB drives) devices. It does not recognize any device whose major number is not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one such device. It is used by the new Android emulator (a.k.a. qemu2, featuring the "ranchu" virtual board) for SD card emulation. In order to make this virtio-blk based SD card device appear in Android and appear as an SD card (rather than a USB drive), changes have to be made to both vold (wherever the device major number is checked) and ranchu's storage configuration. This CL implements former. This is a stop-gap solution for emulator in nyc. A longer term solution in-tune with upstream kernel is in the pipes. Updated from aosp/master version. BUG:27431753 Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c Signed-off-by: Yu Ning <yu.ning@intel.com> (cherry picked from commit 5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
2016-01-08 10:36:47 +01:00
static const unsigned int kMajorBlockExperimentalMin = 240;
static const unsigned int kMajorBlockExperimentalMax = 254;
vold: Add nvme disk support Bug: 77482940 Test: Manual Change-Id: Id0e7b3a0aa2083276109b0b2c9d1bcb81852582f Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2018-05-12 02:22:42 +02:00
static const unsigned int kMajorBlockDynamicMin = 234;
static const unsigned int kMajorBlockDynamicMax = 512;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
static const char* kGptBasicData = "EBD0A0A2-B9E5-4433-87C0-68B6B72699C7";
static const char* kGptAndroidMeta = "19A710A2-B3CA-11E4-B026-10604B889DCF";
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
static const char* kGptAndroidExpand = "193D1EA4-B3CA-11E4-B075-10604B889DCF";
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
enum class Table {
kUnknown,
kMbr,
kGpt,
};
Support emulator's virtio-blk based SD card Currently, vold only supports MMC (for SD cards) and SCSI (for USB drives) devices. It does not recognize any device whose major number is not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one such device. It is used by the new Android emulator (a.k.a. qemu2, featuring the "ranchu" virtual board) for SD card emulation. In order to make this virtio-blk based SD card device appear in Android and appear as an SD card (rather than a USB drive), changes have to be made to both vold (wherever the device major number is checked) and ranchu's storage configuration. This CL implements former. This is a stop-gap solution for emulator in nyc. A longer term solution in-tune with upstream kernel is in the pipes. Updated from aosp/master version. BUG:27431753 Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c Signed-off-by: Yu Ning <yu.ning@intel.com> (cherry picked from commit 5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
2016-01-08 10:36:47 +01:00
static bool isVirtioBlkDevice(unsigned int major) {
/*
* The new emulator's "ranchu" virtual board no longer includes a goldfish
* MMC-based SD card device; instead, it emulates SD cards with virtio-blk,
* which has been supported by upstream kernel and QEMU for quite a while.
* Unfortunately, the virtio-blk block device driver does not use a fixed
* major number, but relies on the kernel to assign one from a specific
* range of block majors, which are allocated for "LOCAL/EXPERIMENAL USE"
* per Documentation/devices.txt. This is true even for the latest Linux
* kernel (4.4; see init() in drivers/block/virtio_blk.c).
*
* This makes it difficult for vold to detect a virtio-blk based SD card.
* The current solution checks two conditions (both must be met):
*
* a) If the running environment is the emulator;
* b) If the major number is an experimental block device major number (for
* x86/x86_64 3.10 ranchu kernels, virtio-blk always gets major number
* 253, but it is safer to match the range than just one value).
*
* Other conditions could be used, too, e.g. the hardware name should be
* "ranchu", the device's sysfs path should end with "/block/vd[d-z]", etc.
* But just having a) and b) is enough for now.
*/
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
return IsRunningInEmulator() && major >= kMajorBlockExperimentalMin &&
major <= kMajorBlockExperimentalMax;
Support emulator's virtio-blk based SD card Currently, vold only supports MMC (for SD cards) and SCSI (for USB drives) devices. It does not recognize any device whose major number is not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one such device. It is used by the new Android emulator (a.k.a. qemu2, featuring the "ranchu" virtual board) for SD card emulation. In order to make this virtio-blk based SD card device appear in Android and appear as an SD card (rather than a USB drive), changes have to be made to both vold (wherever the device major number is checked) and ranchu's storage configuration. This CL implements former. This is a stop-gap solution for emulator in nyc. A longer term solution in-tune with upstream kernel is in the pipes. Updated from aosp/master version. BUG:27431753 Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c Signed-off-by: Yu Ning <yu.ning@intel.com> (cherry picked from commit 5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
2016-01-08 10:36:47 +01:00
}
vold: Add nvme disk support Bug: 77482940 Test: Manual Change-Id: Id0e7b3a0aa2083276109b0b2c9d1bcb81852582f Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2018-05-12 02:22:42 +02:00
static bool isNvmeBlkDevice(unsigned int major, const std::string& sysPath) {
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
return sysPath.find("nvme") != std::string::npos && major >= kMajorBlockDynamicMin &&
major <= kMajorBlockDynamicMax;
vold: Add nvme disk support Bug: 77482940 Test: Manual Change-Id: Id0e7b3a0aa2083276109b0b2c9d1bcb81852582f Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2018-05-12 02:22:42 +02:00
}
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
Disk::Disk(const std::string& eventPath, dev_t device, const std::string& nickname, int flags)
: mDevice(device),
mSize(-1),
mNickname(nickname),
mFlags(flags),
mCreated(false),
mJustPartitioned(false) {
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
mId = StringPrintf("disk:%u,%u", major(device), minor(device));
mEventPath = eventPath;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
mSysPath = StringPrintf("/sys/%s", eventPath.c_str());
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
mDevPath = StringPrintf("/dev/block/vold/%s", mId.c_str());
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
CreateDeviceNode(mDevPath, mDevice);
}
Disk::~Disk() {
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
CHECK(!mCreated);
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
DestroyDeviceNode(mDevPath);
}
std::shared_ptr<VolumeBase> Disk::findVolume(const std::string& id) {
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
for (auto vol : mVolumes) {
if (vol->getId() == id) {
return vol;
}
auto stackedVol = vol->findVolume(id);
if (stackedVol != nullptr) {
return stackedVol;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
}
return nullptr;
}
vold: const-ify some of the API We make some of the C++ member functions 'const', to reflect how they (don't) affect the state of the class. Test: TreeHugger Change-Id: Iec1c2801bfe721e2741406ed1ac0ef95662840a6 Merged-In: Iec1c2801bfe721e2741406ed1ac0ef95662840a6
2018-12-18 17:42:08 +01:00
void Disk::listVolumes(VolumeBase::Type type, std::list<std::string>& list) const {
Fix clang-tidy performance warnings in system/vold. * Use const reference type for for-loop index variables to avoid unnecessary copy. Bug: 30413223 Change-Id: Id4d980ae8afec1374fc3be0b23f1c6a39bff86e0 Test: build with WITH_TIDY=1
2016-07-27 23:11:02 +02:00
for (const auto& vol : mVolumes) {
Trim both internal and adopted private storage. Refactor fstrim code to be encapsulated in unique task object, and give it option of benchmarking when finished. Trimming now includes both storage from fstab and adopted private volumes. Cleaner timing stats are logged for each unique volume. Add wakelock during ongoing async move tasks. Push disk sysfs path to framework so it can parse any SD card registers as desired. Bug: 21831325 Change-Id: I76577685f5cae4929c251ad314ffdaeb5eb1c8bf
2015-06-26 23:02:09 +02:00
if (vol->getType() == type) {
list.push_back(vol->getId());
}
// TODO: consider looking at stacked volumes
}
}
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
status_t Disk::create() {
CHECK(!mCreated);
mCreated = true;
Destroy vold socket interface completely. Long live Binder. Test: yes Bug: 13758960 Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
2017-09-16 00:50:28 +02:00
Move unsolicited vold events to Binder. Create IVoldListener and move most unsolicited vold events over to this new interface. The remaining events will be routed through method-specific listeners instead of a global one. Move to upstream DISALLOW_COPY_AND_ASSIGN macro. Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Bug: 13758960 Change-Id: Ib9293487db2d525a76b9b9c2e9ac18d98601c6cf
2017-09-13 19:49:44 +02:00
auto listener = VolumeManager::Instance()->getListener();
if (listener) listener->onDiskCreated(getId(), mFlags);
Destroy vold socket interface completely. Long live Binder. Test: yes Bug: 13758960 Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
2017-09-16 00:50:28 +02:00
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
readMetadata();
readPartitions();
return OK;
}
status_t Disk::destroy() {
CHECK(mCreated);
destroyAllVolumes();
mCreated = false;
Destroy vold socket interface completely. Long live Binder. Test: yes Bug: 13758960 Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
2017-09-16 00:50:28 +02:00
Move unsolicited vold events to Binder. Create IVoldListener and move most unsolicited vold events over to this new interface. The remaining events will be routed through method-specific listeners instead of a global one. Move to upstream DISALLOW_COPY_AND_ASSIGN macro. Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Bug: 13758960 Change-Id: Ib9293487db2d525a76b9b9c2e9ac18d98601c6cf
2017-09-13 19:49:44 +02:00
auto listener = VolumeManager::Instance()->getListener();
if (listener) listener->onDiskDestroyed(getId());
Destroy vold socket interface completely. Long live Binder. Test: yes Bug: 13758960 Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
2017-09-16 00:50:28 +02:00
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
return OK;
}
void Disk::createPublicVolume(dev_t device) {
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
auto vol = std::shared_ptr<VolumeBase>(new PublicVolume(device));
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
if (mJustPartitioned) {
LOG(DEBUG) << "Device just partitioned; silently formatting";
vol->setSilent(true);
vol->create();
Add f2fs support for private volumes. When formatting volumes, pass along fsType string which can be "auto" to let the volume select the best choice. For now, private volumes assume that MMC devices (like SD cards) are best off using f2fs when both kernel support and tools are present, otherwise fall back to ext4. Use blkid when mounting to pick the right set of tools. Move filesystem utility methods into namespaces and place in separate directory to be more organized. Bug: 20275581 Change-Id: Id5f82d8672dda2e9f68c35b075f28232b0b55ed4
2015-05-22 07:35:42 +02:00
vol->format("auto");
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
vol->destroy();
vol->setSilent(false);
}
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
mVolumes.push_back(vol);
Volumes know parent disks; unsupported disks. This is cleaner and more direct than the reverse of having the disk publish child volume membership. Rename state constants to match public API. Add state representing bad removal. Make it clear that volume flags are related to mounting. Send new unsupported disk event when we finish scanning an entire disk and have no meaningful volumes. Bug: 19993667 Change-Id: I08a91452ff561171a484d1da5745293ec893aec0
2015-04-18 02:35:20 +02:00
vol->setDiskId(getId());
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
vol->create();
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
}
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
void Disk::createPrivateVolume(dev_t device, const std::string& partGuid) {
std::string normalizedGuid;
Add method to forget private partition keys. Report both the disk and the partition GUID for private volumes to userspace, and offer to forget the encryption key for a given partition GUID. Bug: 21782268 Change-Id: Ie77a3a58e47bf3563cdb3e4b0edfab1de4d0e6b4
2015-06-18 23:25:08 +02:00
if (NormalizeHex(partGuid, normalizedGuid)) {
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
LOG(WARNING) << "Invalid GUID " << partGuid;
return;
}
std::string keyRaw;
if (!ReadFileToString(BuildKeyPath(normalizedGuid), &keyRaw)) {
PLOG(ERROR) << "Failed to load key for GUID " << normalizedGuid;
return;
}
LOG(DEBUG) << "Found key for GUID " << normalizedGuid;
Pass volume key as a KeyBuffer Not for security, but for consistency with the way we handle other keys, and to move the length check to where it belongs. Test: create private volume on Cuttlefish Bug: 147814592 Change-Id: I10fc4896183d050ce25ff174faf78f525cf62930
2020-02-07 20:49:09 +01:00
auto keyBuffer = KeyBuffer(keyRaw.begin(), keyRaw.end());
auto vol = std::shared_ptr<VolumeBase>(new PrivateVolume(device, keyBuffer));
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
if (mJustPartitioned) {
LOG(DEBUG) << "Device just partitioned; silently formatting";
vol->setSilent(true);
vol->create();
Add f2fs support for private volumes. When formatting volumes, pass along fsType string which can be "auto" to let the volume select the best choice. For now, private volumes assume that MMC devices (like SD cards) are best off using f2fs when both kernel support and tools are present, otherwise fall back to ext4. Use blkid when mounting to pick the right set of tools. Move filesystem utility methods into namespaces and place in separate directory to be more organized. Bug: 20275581 Change-Id: Id5f82d8672dda2e9f68c35b075f28232b0b55ed4
2015-05-22 07:35:42 +02:00
vol->format("auto");
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
vol->destroy();
vol->setSilent(false);
}
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
mVolumes.push_back(vol);
Volumes know parent disks; unsupported disks. This is cleaner and more direct than the reverse of having the disk publish child volume membership. Rename state constants to match public API. Add state representing bad removal. Make it clear that volume flags are related to mounting. Send new unsupported disk event when we finish scanning an entire disk and have no meaningful volumes. Bug: 19993667 Change-Id: I08a91452ff561171a484d1da5745293ec893aec0
2015-04-18 02:35:20 +02:00
vol->setDiskId(getId());
Add method to forget private partition keys. Report both the disk and the partition GUID for private volumes to userspace, and offer to forget the encryption key for a given partition GUID. Bug: 21782268 Change-Id: Ie77a3a58e47bf3563cdb3e4b0edfab1de4d0e6b4
2015-06-18 23:25:08 +02:00
vol->setPartGuid(partGuid);
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
vol->create();
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
}
void Disk::destroyAllVolumes() {
Fix clang-tidy performance warnings in system/vold. * Use const reference type for for-loop index variables to avoid unnecessary copy. Bug: 30413223 Change-Id: Id4d980ae8afec1374fc3be0b23f1c6a39bff86e0 Test: build with WITH_TIDY=1
2016-07-27 23:11:02 +02:00
for (const auto& vol : mVolumes) {
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
vol->destroy();
}
mVolumes.clear();
}
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
status_t Disk::readMetadata() {
mSize = -1;
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
mLabel.clear();
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
Add GetBlockDevSize, GetBlockDevSectors helpers Helpers to get a block device size in bytes or 512 byte sectors, using BLKGETSIZE64 and returning value of uint64_t type. This also removes get_blkdev_size(). Test: build, manual, mount exFAT volume Bug: 80202067 Change-Id: Ib07e8ac6ef7ff49de0ed570d1fa202e8b558b80c
2018-05-23 10:50:46 +02:00
if (GetBlockDevSize(mDevPath, &mSize) != OK) {
mSize = -1;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
Support emulator's virtio-blk based SD card Currently, vold only supports MMC (for SD cards) and SCSI (for USB drives) devices. It does not recognize any device whose major number is not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one such device. It is used by the new Android emulator (a.k.a. qemu2, featuring the "ranchu" virtual board) for SD card emulation. In order to make this virtio-blk based SD card device appear in Android and appear as an SD card (rather than a USB drive), changes have to be made to both vold (wherever the device major number is checked) and ranchu's storage configuration. This CL implements former. This is a stop-gap solution for emulator in nyc. A longer term solution in-tune with upstream kernel is in the pipes. Updated from aosp/master version. BUG:27431753 Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c Signed-off-by: Yu Ning <yu.ning@intel.com> (cherry picked from commit 5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
2016-01-08 10:36:47 +01:00
unsigned int majorId = major(mDevice);
switch (majorId) {
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
case kMajorBlockLoop: {
Support emulator's virtio-blk based SD card Currently, vold only supports MMC (for SD cards) and SCSI (for USB drives) devices. It does not recognize any device whose major number is not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one such device. It is used by the new Android emulator (a.k.a. qemu2, featuring the "ranchu" virtual board) for SD card emulation. In order to make this virtio-blk based SD card device appear in Android and appear as an SD card (rather than a USB drive), changes have to be made to both vold (wherever the device major number is checked) and ranchu's storage configuration. This CL implements former. This is a stop-gap solution for emulator in nyc. A longer term solution in-tune with upstream kernel is in the pipes. Updated from aosp/master version. BUG:27431753 Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c Signed-off-by: Yu Ning <yu.ning@intel.com> (cherry picked from commit 5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
2016-01-08 10:36:47 +01:00
mLabel = "Virtual";
break;
}
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
// clang-format off
case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC:
case kMajorBlockScsiD: case kMajorBlockScsiE: case kMajorBlockScsiF:
case kMajorBlockScsiG: case kMajorBlockScsiH: case kMajorBlockScsiI:
case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO:
case kMajorBlockScsiP: {
// clang-format on
std::string path(mSysPath + "/device/vendor");
vold: Add nvme disk support Bug: 77482940 Test: Manual Change-Id: Id0e7b3a0aa2083276109b0b2c9d1bcb81852582f Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2018-05-12 02:22:42 +02:00
std::string tmp;
if (!ReadFileToString(path, &tmp)) {
PLOG(WARNING) << "Failed to read vendor from " << path;
return -errno;
}
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
tmp = android::base::Trim(tmp);
vold: Add nvme disk support Bug: 77482940 Test: Manual Change-Id: Id0e7b3a0aa2083276109b0b2c9d1bcb81852582f Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2018-05-12 02:22:42 +02:00
mLabel = tmp;
break;
}
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
case kMajorBlockMmc: {
std::string path(mSysPath + "/device/manfid");
std::string tmp;
if (!ReadFileToString(path, &tmp)) {
PLOG(WARNING) << "Failed to read manufacturer from " << path;
return -errno;
}
tmp = android::base::Trim(tmp);
int64_t manfid;
if (!android::base::ParseInt(tmp, &manfid)) {
PLOG(WARNING) << "Failed to parse manufacturer " << tmp;
return -EINVAL;
}
// Our goal here is to give the user a meaningful label, ideally
// matching whatever is silk-screened on the card. To reduce
// user confusion, this list doesn't contain white-label manfid.
switch (manfid) {
// clang-format off
case 0x000003: mLabel = "SanDisk"; break;
case 0x00001b: mLabel = "Samsung"; break;
case 0x000028: mLabel = "Lexar"; break;
case 0x000074: mLabel = "Transcend"; break;
// clang-format on
}
break;
}
default: {
if (isVirtioBlkDevice(majorId)) {
LOG(DEBUG) << "Recognized experimental block major ID " << majorId
<< " as virtio-blk (emulator's virtual SD card device)";
mLabel = "Virtual";
break;
}
if (isNvmeBlkDevice(majorId, mSysPath)) {
std::string path(mSysPath + "/device/model");
std::string tmp;
if (!ReadFileToString(path, &tmp)) {
PLOG(WARNING) << "Failed to read vendor from " << path;
return -errno;
}
mLabel = tmp;
break;
}
LOG(WARNING) << "Unsupported block major type " << majorId;
return -ENOTSUP;
}
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
Move unsolicited vold events to Binder. Create IVoldListener and move most unsolicited vold events over to this new interface. The remaining events will be routed through method-specific listeners instead of a global one. Move to upstream DISALLOW_COPY_AND_ASSIGN macro. Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Bug: 13758960 Change-Id: Ib9293487db2d525a76b9b9c2e9ac18d98601c6cf
2017-09-13 19:49:44 +02:00
auto listener = VolumeManager::Instance()->getListener();
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
if (listener) listener->onDiskMetadataChanged(getId(), mSize, mLabel, mSysPath);
Destroy vold socket interface completely. Long live Binder. Test: yes Bug: 13758960 Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
2017-09-16 00:50:28 +02:00
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
return OK;
}
status_t Disk::readPartitions() {
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
int maxMinors = getMaxMinors();
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
if (maxMinors < 0) {
return -ENOTSUP;
}
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
destroyAllVolumes();
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
// Parse partition table
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
std::vector<std::string> cmd;
cmd.push_back(kSgdiskPath);
cmd.push_back("--android-dump");
cmd.push_back(mDevPath);
std::vector<std::string> output;
Refactor ForkExecvp to improve locking behaviour Do our own fork/exec rather than using a library. This leads to many improvements: - unite the output recording path with the other path - never concatenate arguments with spaces - never use the shell - move setexeccon after fork, so we don't need to take the lock - general code refactor while we're there My tests: - Ensure Marlin device boots and vold_prepare_subdirs is called successfully - Try adb shell sm set-virtual-disk true, see that eg sgdisk output is logged. weilongping@huawei.com's tests: - unlock a user's de and ce directory; - connect to a OTG storage device or a sdcard and ensure the mount logic be successful Bug: 26735063 Bug: 113796163 Test: details in commit Change-Id: I0976413529d7cbeebf5b8649660a385f9b036f04
2018-11-30 20:43:47 +01:00
status_t res = ForkExecvp(cmd, &output);
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
if (res != OK) {
LOG(WARNING) << "sgdisk failed to scan " << mDevPath;
Destroy vold socket interface completely. Long live Binder. Test: yes Bug: 13758960 Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
2017-09-16 00:50:28 +02:00
Move unsolicited vold events to Binder. Create IVoldListener and move most unsolicited vold events over to this new interface. The remaining events will be routed through method-specific listeners instead of a global one. Move to upstream DISALLOW_COPY_AND_ASSIGN macro. Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Bug: 13758960 Change-Id: Ib9293487db2d525a76b9b9c2e9ac18d98601c6cf
2017-09-13 19:49:44 +02:00
auto listener = VolumeManager::Instance()->getListener();
if (listener) listener->onDiskScanned(getId());
Destroy vold socket interface completely. Long live Binder. Test: yes Bug: 13758960 Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
2017-09-16 00:50:28 +02:00
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
mJustPartitioned = false;
return res;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
Table table = Table::kUnknown;
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
bool foundParts = false;
Fix clang-tidy performance warnings in system/vold. * Use const reference type for for-loop index variables to avoid unnecessary copy. Bug: 30413223 Change-Id: Id4d980ae8afec1374fc3be0b23f1c6a39bff86e0 Test: build with WITH_TIDY=1
2016-07-27 23:11:02 +02:00
for (const auto& line : output) {
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
auto split = android::base::Split(line, kSgdiskToken);
auto it = split.begin();
if (it == split.end()) continue;
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
if (*it == "DISK") {
if (++it == split.end()) continue;
if (*it == "mbr") {
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
table = Table::kMbr;
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
} else if (*it == "gpt") {
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
table = Table::kGpt;
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
} else {
LOG(WARNING) << "Invalid partition table " << *it;
continue;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
} else if (*it == "PART") {
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
foundParts = true;
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
if (++it == split.end()) continue;
int i = 0;
if (!android::base::ParseInt(*it, &i, 1, maxMinors)) {
LOG(WARNING) << "Invalid partition number " << *it;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
continue;
}
dev_t partDevice = makedev(major(mDevice), minor(mDevice) + i);
if (table == Table::kMbr) {
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
if (++it == split.end()) continue;
int type = 0;
if (!android::base::ParseInt("0x" + *it, &type)) {
LOG(WARNING) << "Invalid partition type " << *it;
continue;
}
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
switch (type) {
Add basic exFAT support. Several partners have been requesting exFAT support. Android doesn't natively support exFAT, but we're at least willing to try mounting an exFAT filesystem if we detect the Linux kernel supports it, and if helper binaries are present. This CL is simple scaffolding, and it provides no actual implementation of exFAT. Test: builds, boots Bug: 67822822 Change-Id: Id4f8ec3967b32de6e1c0e3c4b47fe6e43a6291ab
2018-01-19 02:55:18 +01:00
case 0x06: // FAT16
case 0x07: // HPFS/NTFS/exFAT
case 0x0b: // W95 FAT32 (LBA)
case 0x0c: // W95 FAT32 (LBA)
case 0x0e: // W95 FAT16 (LBA)
createPublicVolume(partDevice);
break;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
} else if (table == Table::kGpt) {
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
if (++it == split.end()) continue;
auto typeGuid = *it;
if (++it == split.end()) continue;
auto partGuid = *it;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
if (android::base::EqualsIgnoreCase(typeGuid, kGptBasicData)) {
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
createPublicVolume(partDevice);
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
} else if (android::base::EqualsIgnoreCase(typeGuid, kGptAndroidExpand)) {
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
createPrivateVolume(partDevice, partGuid);
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
}
}
}
// Ugly last ditch effort, treat entire disk as partition
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
if (table == Table::kUnknown || !foundParts) {
LOG(WARNING) << mId << " has unknown partition table; trying entire device";
Last ditch check for partition on raw disk. Some storage devices can be formatted as bare partitions, without an MBR or GPT header. If we found no partitions, try poking at the raw disk, and treat it as a public volume if we found a valid filesystem. Bug: 20503551 Change-Id: I80304e1ad865435321c341b667c0daf2daf4d56c
2015-06-26 20:16:14 +02:00
std::string fsType;
std::string unused;
Move to modern utility methods from android::base. Moves away from crufty char* operations to std::string utility methods, including android::base methods for splitting/parsing. Rewrite of how Process handles scanning procfs for filesystem references; now uses fts(3) for more sane traversal. Replace sscanf() with new FindValue() method, also has unit tests. Remove some unused methods. Switch almost everyone over to using modern logging library. Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 67041047 Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-07 02:02:53 +02:00
if (ReadMetadataUntrusted(mDevPath, &fsType, &unused, &unused) == OK) {
Last ditch check for partition on raw disk. Some storage devices can be formatted as bare partitions, without an MBR or GPT header. If we found no partitions, try poking at the raw disk, and treat it as a public volume if we found a valid filesystem. Bug: 20503551 Change-Id: I80304e1ad865435321c341b667c0daf2daf4d56c
2015-06-26 20:16:14 +02:00
createPublicVolume(mDevice);
} else {
LOG(WARNING) << mId << " failed to identify, giving up";
}
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
Volumes know parent disks; unsupported disks. This is cleaner and more direct than the reverse of having the disk publish child volume membership. Rename state constants to match public API. Add state representing bad removal. Make it clear that volume flags are related to mounting. Send new unsupported disk event when we finish scanning an entire disk and have no meaningful volumes. Bug: 19993667 Change-Id: I08a91452ff561171a484d1da5745293ec893aec0
2015-04-18 02:35:20 +02:00
Move unsolicited vold events to Binder. Create IVoldListener and move most unsolicited vold events over to this new interface. The remaining events will be routed through method-specific listeners instead of a global one. Move to upstream DISALLOW_COPY_AND_ASSIGN macro. Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest Bug: 13758960 Change-Id: Ib9293487db2d525a76b9b9c2e9ac18d98601c6cf
2017-09-13 19:49:44 +02:00
auto listener = VolumeManager::Instance()->getListener();
if (listener) listener->onDiskScanned(getId());
Destroy vold socket interface completely. Long live Binder. Test: yes Bug: 13758960 Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
2017-09-16 00:50:28 +02:00
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
mJustPartitioned = false;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
return OK;
}
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
status_t Disk::unmountAll() {
Fix clang-tidy performance warnings in system/vold. * Use const reference type for for-loop index variables to avoid unnecessary copy. Bug: 30413223 Change-Id: Id4d980ae8afec1374fc3be0b23f1c6a39bff86e0 Test: build with WITH_TIDY=1
2016-07-27 23:11:02 +02:00
for (const auto& vol : mVolumes) {
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
vol->unmount();
}
return OK;
}
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
status_t Disk::partitionPublic() {
Clean up any/all stale partition tables. When formatting media as a public volume, we write an MBR, but we might leave a stale GPT floating around. Some devices are configured to aggressively prefer GPT when detected, even if the checksums between primary/secondary don't match. To work around this, nuke both MBR and GPT tables from the media before we lay down our new MBR. Bug: 24112219 Change-Id: Ibf1be466a6877cbab925a24db5e5dbab0613bea7
2015-09-23 23:13:45 +02:00
int res;
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
destroyAllVolumes();
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
mJustPartitioned = true;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
Clean up any/all stale partition tables. When formatting media as a public volume, we write an MBR, but we might leave a stale GPT floating around. Some devices are configured to aggressively prefer GPT when detected, even if the checksums between primary/secondary don't match. To work around this, nuke both MBR and GPT tables from the media before we lay down our new MBR. Bug: 24112219 Change-Id: Ibf1be466a6877cbab925a24db5e5dbab0613bea7
2015-09-23 23:13:45 +02:00
// First nuke any existing partition table
std::vector<std::string> cmd;
cmd.push_back(kSgdiskPath);
cmd.push_back("--zap-all");
cmd.push_back(mDevPath);
// Zap sometimes returns an error when it actually succeeded, so
// just log as warning and keep rolling forward.
if ((res = ForkExecvp(cmd)) != 0) {
LOG(WARNING) << "Failed to zap; status " << res;
}
Use sgdisk to create better-aligned MBR tables. We heavily leverage sgdisk, which already has a bunch of logic to optimally align partitions. We've been using it for the adoptable storage GPT tables, and now we also use it for MBR tables. Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 63735902 Change-Id: I846a8c96930ec2c6ab12e54dc2d464b17f7c54a9
2017-10-18 22:09:52 +02:00
// Now let's build the new MBR table. We heavily rely on sgdisk to
// force optimal alignment on the created partitions.
cmd.clear();
cmd.push_back(kSgdiskPath);
cmd.push_back("--new=0:0:-0");
cmd.push_back("--typecode=0:0c00");
cmd.push_back("--gpttombr=1");
cmd.push_back(mDevPath);
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
Use sgdisk to create better-aligned MBR tables. We heavily leverage sgdisk, which already has a bunch of logic to optimally align partitions. We've been using it for the adoptable storage GPT tables, and now we also use it for MBR tables. Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 63735902 Change-Id: I846a8c96930ec2c6ab12e54dc2d464b17f7c54a9
2017-10-18 22:09:52 +02:00
if ((res = ForkExecvp(cmd)) != 0) {
LOG(ERROR) << "Failed to partition; status " << res;
return res;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
Use sgdisk to create better-aligned MBR tables. We heavily leverage sgdisk, which already has a bunch of logic to optimally align partitions. We've been using it for the adoptable storage GPT tables, and now we also use it for MBR tables. Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 63735902 Change-Id: I846a8c96930ec2c6ab12e54dc2d464b17f7c54a9
2017-10-18 22:09:52 +02:00
return OK;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
status_t Disk::partitionPrivate() {
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
return partitionMixed(0);
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
status_t Disk::partitionMixed(int8_t ratio) {
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
int res;
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
Progress towards dynamic storage support. Wire up new Disk and VolumeBase objects and events to start replacing older DirectVolume code. Use filesystem UUID as visible PublicVolume name to be more deterministic. When starting, create DiskSource instances based on fstab, and watch for kernel devices to appear. Turn matching devices into Disk objects, scan for partitions, and create any relevant VolumeBase objects. Broadcast all of these events towards userspace so the framework can decide what to mount. Keep track of the primary VolumeBase, and update the new per-user /storage/self/primary symlink for all started users. Provide a reset command that framework uses to start from a known state when runtime is restarted. When vold is unexpectedly killed, try recovering by unmounting everything under /mnt and /storage before moving forward. Remove UMS sharing support for now, since no current devices support it; MTP is the recommended solution going forward because it offers better multi-user support. Switch killProcessesWithOpenFiles() to directly take signal. Fix one SOCK_CLOEXEC bug, but SELinux says there are more lurking. Bug: 19993667 Change-Id: I2dad1303aa4667ec14c52f774e2a28b3c1c1ff6d
2015-03-14 00:09:20 +01:00
destroyAllVolumes();
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
mJustPartitioned = true;
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
// First nuke any existing partition table
std::vector<std::string> cmd;
cmd.push_back(kSgdiskPath);
cmd.push_back("--zap-all");
cmd.push_back(mDevPath);
Don't be picky about zap status. Bug: 19993667 Change-Id: Id125d9252bf7130516c0ec619d5f067fea24d560
2015-04-15 07:22:34 +02:00
// Zap sometimes returns an error when it actually succeeded, so
// just log as warning and keep rolling forward.
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
if ((res = ForkExecvp(cmd)) != 0) {
Don't be picky about zap status. Bug: 19993667 Change-Id: Id125d9252bf7130516c0ec619d5f067fea24d560
2015-04-15 07:22:34 +02:00
LOG(WARNING) << "Failed to zap; status " << res;
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
}
// We've had some success above, so generate both the private partition
// GUID and encryption key and persist them.
std::string partGuidRaw;
Progress towards FBE and adoptable storage. Offer to adopt storage devices on FBE devices, but keep it guarded behind a system property for now, since we still need to work out key storage details. When migrating shared storage, leave user-specific /data/media directories in place, since they already have the needed crypto policies defined. Enable journaling, quotas, and encrypt options when formatting newly adopted devices. installd already gracefully handles older partitions without quota enabled. Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 62290006, 36757864, 29117062, 37395736 Bug: 29923055, 25861755, 30230655, 37436961 Change-Id: Ibbeb6ec9db2394a279bbac221a2b20711d65494e
2017-06-21 21:52:23 +02:00
if (GenerateRandomUuid(partGuidRaw) != OK) {
LOG(ERROR) << "Failed to generate GUID";
return -EIO;
}
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
std::string keyRaw;
cryptfs: Require ext disk crypt to match code Our external partitions have no crypto header/footer, so we only get the keysize and key. Our code has been implicitly assuming that this keysize off of disk matches the crypto type we have in our code (and thus matches the keysize our code is using as well). We now make this assumption explicit, and check for this and no longer allow external code to pass a keysize in to cryptfs. Bug: 73079191 Test: Compiled and tested in combination with other CLs. Change-Id: I1a1996187e1aaad6f103982652b1bcdfd5be33ce
2018-02-16 22:13:58 +01:00
if (ReadRandomBytes(cryptfs_get_keysize(), keyRaw) != OK) {
Progress towards FBE and adoptable storage. Offer to adopt storage devices on FBE devices, but keep it guarded behind a system property for now, since we still need to work out key storage details. When migrating shared storage, leave user-specific /data/media directories in place, since they already have the needed crypto policies defined. Enable journaling, quotas, and encrypt options when formatting newly adopted devices. installd already gracefully handles older partitions without quota enabled. Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Bug: 62290006, 36757864, 29117062, 37395736 Bug: 29923055, 25861755, 30230655, 37436961 Change-Id: Ibbeb6ec9db2394a279bbac221a2b20711d65494e
2017-06-21 21:52:23 +02:00
LOG(ERROR) << "Failed to generate key";
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
return -EIO;
}
std::string partGuid;
StrToHex(partGuidRaw, partGuid);
if (!WriteStringToFile(keyRaw, BuildKeyPath(partGuid))) {
LOG(ERROR) << "Failed to persist key";
return -EIO;
} else {
LOG(DEBUG) << "Persisted key for GUID " << partGuid;
}
// Now let's build the new GPT table. We heavily rely on sgdisk to
// force optimal alignment on the created partitions.
cmd.clear();
cmd.push_back(kSgdiskPath);
// If requested, create a public partition first. Mixed-mode partitioning
// like this is an experimental feature.
if (ratio > 0) {
if (ratio < 10 || ratio > 90) {
LOG(ERROR) << "Mixed partition ratio must be between 10-90%";
return -EINVAL;
}
uint64_t splitMb = ((mSize / 100) * ratio) / 1024 / 1024;
cmd.push_back(StringPrintf("--new=0:0:+%" PRId64 "M", splitMb));
cmd.push_back(StringPrintf("--typecode=0:%s", kGptBasicData));
cmd.push_back("--change-name=0:shared");
}
// Define a metadata partition which is designed for future use; there
// should only be one of these per physical device, even if there are
// multiple private volumes.
cmd.push_back("--new=0:0:+16M");
cmd.push_back(StringPrintf("--typecode=0:%s", kGptAndroidMeta));
cmd.push_back("--change-name=0:android_meta");
// Define a single private partition filling the rest of disk.
cmd.push_back("--new=0:0:-0");
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
cmd.push_back(StringPrintf("--typecode=0:%s", kGptAndroidExpand));
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
cmd.push_back(StringPrintf("--partition-guid=0:%s", partGuid.c_str()));
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
cmd.push_back("--change-name=0:android_expand");
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
cmd.push_back(mDevPath);
Exclusive exec() path, format after partition. Sadly setexeccon() is process global, so we need to carefully ensure that all exec() are mutually exclusive to avoid transitioning into unwanted domains. Also, because we have several threads floating around, we need to guard all our FDs with O_CLOEXEC. Format all newly created volumes immediately after partitioning, but silence all events emitted from those volumes to prevent the framework from getting all excited. Unify all notify events under a single codepath to make them easy to silence. Sent SIGINT before escalating to SIGTERM when unmounting. Bug: 19993667 Change-Id: Idc6c806afc7919a004a93e2240b42884f6b52d6b
2015-04-09 06:07:21 +02:00
if ((res = ForkExecvp(cmd)) != 0) {
LOG(ERROR) << "Failed to partition; status " << res;
return res;
Support for private (adopted) volumes. This adds support for private volumes which is just a filesystem wrapped in a dm-crypt layer. For now we're using the exact same configuration as internal encryption (aes-cbc-essiv:sha256), but we don't store any key material on the removable media. Instead, we store the key on internal storage, and use the GPT partition GUID to identify which key should be used. This means that private external storage is effectively as secure as the internal storage of the device. That is, if the internal storage is encrypted, then our external storage key is also encrypted. When partitioning disks, we now support a "private" mode which has a PrivateVolume partition, and a currently unused 16MB metadata partition reserved for future use. It also supports a "mixed" mode which creates both a PublicVolume and PrivateVolume on the same disk. Mixed mode is currently experimental. For now, just add ext4 support to PrivateVolume; we'll look at f2fs in a future change. Add VolumeBase lifecycle for setting up crypto mappings, and extract blkid logic into shared method. Sprinkle some more "static" around the cryptfs code to improve invariants. Bug: 19993667 Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-03-31 19:35:33 +02:00
}
return OK;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
int Disk::getMaxMinors() {
// Figure out maximum partition devices supported
Support emulator's virtio-blk based SD card Currently, vold only supports MMC (for SD cards) and SCSI (for USB drives) devices. It does not recognize any device whose major number is not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one such device. It is used by the new Android emulator (a.k.a. qemu2, featuring the "ranchu" virtual board) for SD card emulation. In order to make this virtio-blk based SD card device appear in Android and appear as an SD card (rather than a USB drive), changes have to be made to both vold (wherever the device major number is checked) and ranchu's storage configuration. This CL implements former. This is a stop-gap solution for emulator in nyc. A longer term solution in-tune with upstream kernel is in the pipes. Updated from aosp/master version. BUG:27431753 Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c Signed-off-by: Yu Ning <yu.ning@intel.com> (cherry picked from commit 5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
2016-01-08 10:36:47 +01:00
unsigned int majorId = major(mDevice);
switch (majorId) {
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
case kMajorBlockLoop: {
std::string tmp;
if (!ReadFileToString(kSysfsLoopMaxMinors, &tmp)) {
LOG(ERROR) << "Failed to read max minors";
return -errno;
}
return std::stoi(tmp);
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
// clang-format off
case kMajorBlockScsiA: case kMajorBlockScsiB: case kMajorBlockScsiC:
case kMajorBlockScsiD: case kMajorBlockScsiE: case kMajorBlockScsiF:
case kMajorBlockScsiG: case kMajorBlockScsiH: case kMajorBlockScsiI:
case kMajorBlockScsiJ: case kMajorBlockScsiK: case kMajorBlockScsiL:
case kMajorBlockScsiM: case kMajorBlockScsiN: case kMajorBlockScsiO:
case kMajorBlockScsiP: {
// clang-format on
// Per Documentation/devices.txt this is static
Support emulator's virtio-blk based SD card Currently, vold only supports MMC (for SD cards) and SCSI (for USB drives) devices. It does not recognize any device whose major number is not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one such device. It is used by the new Android emulator (a.k.a. qemu2, featuring the "ranchu" virtual board) for SD card emulation. In order to make this virtio-blk based SD card device appear in Android and appear as an SD card (rather than a USB drive), changes have to be made to both vold (wherever the device major number is checked) and ranchu's storage configuration. This CL implements former. This is a stop-gap solution for emulator in nyc. A longer term solution in-tune with upstream kernel is in the pipes. Updated from aosp/master version. BUG:27431753 Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c Signed-off-by: Yu Ning <yu.ning@intel.com> (cherry picked from commit 5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
2016-01-08 10:36:47 +01:00
return 15;
}
clang-format many files. Test: Format-only changes; treehugger suffices. Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 22:30:21 +02:00
case kMajorBlockMmc: {
// Per Documentation/devices.txt this is dynamic
std::string tmp;
if (!ReadFileToString(kSysfsMmcMaxMinors, &tmp) &&
!ReadFileToString(kSysfsMmcMaxMinorsDeprecated, &tmp)) {
LOG(ERROR) << "Failed to read max minors";
return -errno;
}
return std::stoi(tmp);
}
default: {
if (isVirtioBlkDevice(majorId)) {
// drivers/block/virtio_blk.c has "#define PART_BITS 4", so max is
// 2^4 - 1 = 15
return 15;
}
if (isNvmeBlkDevice(majorId, mSysPath)) {
// despite kernel nvme driver supports up to 1M minors,
// #define NVME_MINORS (1U << MINORBITS)
// sgdisk can not support more than 127 partitions, due to
// #define MAX_MBR_PARTS 128
return 127;
}
vold: Add nvme disk support Bug: 77482940 Test: Manual Change-Id: Id0e7b3a0aa2083276109b0b2c9d1bcb81852582f Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2018-05-12 02:22:42 +02:00
}
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
}
Support emulator's virtio-blk based SD card Currently, vold only supports MMC (for SD cards) and SCSI (for USB drives) devices. It does not recognize any device whose major number is not one of those used by MMC and SCSI. Unfortunately, virtio-blk is one such device. It is used by the new Android emulator (a.k.a. qemu2, featuring the "ranchu" virtual board) for SD card emulation. In order to make this virtio-blk based SD card device appear in Android and appear as an SD card (rather than a USB drive), changes have to be made to both vold (wherever the device major number is checked) and ranchu's storage configuration. This CL implements former. This is a stop-gap solution for emulator in nyc. A longer term solution in-tune with upstream kernel is in the pipes. Updated from aosp/master version. BUG:27431753 Change-Id: I5014edec73be7c5b565d91542464c82cbe58992c Signed-off-by: Yu Ning <yu.ning@intel.com> (cherry picked from commit 5b1d1c7dfa13b4dca75213581dc8351b841b76c8)
2016-01-08 10:36:47 +01:00
LOG(ERROR) << "Unsupported block major type " << majorId;
Checkpoint of better dynamic device support. This is the first in a series of changes that are designed to introduce better support for dynamic block devices. It starts by defining a new Volume object which represents a storage endpoint that knows how to mount, unmount, and format itself. This could be a filesystem directly on a partition, or it could be an emulated FUSE filesystem, an ASEC, or an OBB. These new volumes can be "stacked" so that unmounting a volume will also unmount any volumes stacked above it. Volumes that provide shared storage can also be asked to present themselves (through bind mounts) into user-specific mount areas. This change also adds a Disk class which is created based on block kernel netlink events. Instead of waiting for partition events from the kernel, it uses gptfdisk to read partition details and creates the relevant Volume objects. Change-Id: I0e8bc1f8f9dcb24405f5e795c0658998e22ae2f7
2015-03-03 06:01:40 +01:00
return -ENOTSUP;
}
} // namespace vold
} // namespace android
Reference in a new issue Copy permalink