tequilaOS/platform_system_vold
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Support multiple partition for /data

Browse source 
Bug: 336319772
Change-Id: I92eca566063b7d8ad74a15c7b74d809b452ace72
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
This commit is contained in:
Jaegeuk Kim 2024-04-23 19:01:26 -07:00
parent e76fb7a810
commit 2091c878fd
9 changed files with 90 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
MetadataCrypt.cpp
View file

@ -47,6 +47,7 @@
namespace android { namespace android {
namespace vold { namespace vold {
using android::base::Basename;
using android::fs_mgr::FstabEntry; using android::fs_mgr::FstabEntry;
using android::fs_mgr::GetEntryForMountPoint; using android::fs_mgr::GetEntryForMountPoint;
using android::fscrypt::GetFirstApiLevel; using android::fscrypt::GetFirstApiLevel;
@ -63,7 +64,6 @@ struct CryptoOptions {
}; };
static const std::string kDmNameUserdata = "userdata"; static const std::string kDmNameUserdata = "userdata";
static const std::string kDmNameUserdataZoned = "userdata_zoned";
// The first entry in this table is the default crypto type. // The first entry in this table is the default crypto type.
constexpr CryptoType supported_crypto_types[] = {aes_256_xts, adiantum}; constexpr CryptoType supported_crypto_types[] = {aes_256_xts, adiantum};
@ -153,7 +153,7 @@ static bool get_number_of_sectors(const std::string& real_blkdev, uint64_t* nr_s
static bool create_crypto_blk_dev(const std::string& dm_name, const std::string& blk_device, static bool create_crypto_blk_dev(const std::string& dm_name, const std::string& blk_device,
const KeyBuffer& key, const CryptoOptions& options, const KeyBuffer& key, const CryptoOptions& options,
std::string* crypto_blkdev, uint64_t* nr_sec) { std::string* crypto_blkdev, uint64_t* nr_sec, bool is_userdata) {
if (!get_number_of_sectors(blk_device, nr_sec)) return false; if (!get_number_of_sectors(blk_device, nr_sec)) return false;
// TODO(paulcrowley): don't hardcode that DmTargetDefaultKey uses 4096-byte // TODO(paulcrowley): don't hardcode that DmTargetDefaultKey uses 4096-byte
// sectors // sectors
@ -204,7 +204,7 @@ static bool create_crypto_blk_dev(const std::string& dm_name, const std::string&
// If there are multiple partitions used for a single mount, F2FS stores // If there are multiple partitions used for a single mount, F2FS stores
// their partition paths in superblock. If the paths are dm targets, we // their partition paths in superblock. If the paths are dm targets, we
// cannot guarantee them across device boots. Let's use the logical paths. // cannot guarantee them across device boots. Let's use the logical paths.
if (dm_name == kDmNameUserdata || dm_name == kDmNameUserdataZoned) { if (is_userdata) {
*crypto_blkdev = "/dev/block/mapper/" + dm_name; *crypto_blkdev = "/dev/block/mapper/" + dm_name;
} }
return true; return true;
@ -246,11 +246,16 @@ static bool parse_options(const std::string& options_string, CryptoOptions* opti
bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::string& mount_point, bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::string& mount_point,
bool needs_encrypt, bool should_format, bool needs_encrypt, bool should_format,
const std::string& fs_type, const std::string& zoned_device) { const std::string& fs_type, bool is_zoned,
const std::vector<std::string>& user_devices) {
LOG(DEBUG) << "fscrypt_mount_metadata_encrypted: " << mount_point LOG(DEBUG) << "fscrypt_mount_metadata_encrypted: " << mount_point
<< " encrypt: " << needs_encrypt << " format: " << should_format << " with " << " encrypt: " << needs_encrypt << " format: " << should_format << " with "
<< fs_type << " block device: " << blk_device << fs_type << " block device: " << blk_device << " with zoned " << is_zoned;
<< " and zoned device: " << zoned_device;
for (auto& device : user_devices) {
LOG(DEBUG) << " - user devices: " << device;
}
auto encrypted_state = android::base::GetProperty("ro.crypto.state", ""); auto encrypted_state = android::base::GetProperty("ro.crypto.state", "");
if (encrypted_state != "" && encrypted_state != "encrypted") { if (encrypted_state != "" && encrypted_state != "encrypted") {
LOG(ERROR) << "fscrypt_mount_metadata_encrypted got unexpected starting state: " LOG(ERROR) << "fscrypt_mount_metadata_encrypted got unexpected starting state: "
@ -290,7 +295,7 @@ bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::
} }
auto default_metadata_key_dir = data_rec->metadata_key_dir; auto default_metadata_key_dir = data_rec->metadata_key_dir;
if (!zoned_device.empty()) { if (!user_devices.empty()) {
default_metadata_key_dir = default_metadata_key_dir + "/default"; default_metadata_key_dir = default_metadata_key_dir + "/default";
} }
auto gen = needs_encrypt ? makeGen(options) : neverGen(); auto gen = needs_encrypt ? makeGen(options) : neverGen();
@ -302,27 +307,28 @@ bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::
std::string crypto_blkdev; std::string crypto_blkdev;
uint64_t nr_sec; uint64_t nr_sec;
if (!create_crypto_blk_dev(kDmNameUserdata, blk_device, key, options, &crypto_blkdev, if (!create_crypto_blk_dev(kDmNameUserdata, blk_device, key, options, &crypto_blkdev, &nr_sec,
&nr_sec)) { true)) {
LOG(ERROR) << "create_crypto_blk_dev failed in mountFstab"; LOG(ERROR) << "create_crypto_blk_dev failed in mountFstab";
return false; return false;
} }
// create dm-default-key for zoned device // create dm-default-key for user devices
std::string crypto_zoned_blkdev; std::vector<std::string> crypto_user_blkdev;
if (!zoned_device.empty()) { for (auto& device : user_devices) {
auto zoned_metadata_key_dir = data_rec->metadata_key_dir + "/zoned"; std::string name = Basename(device);
auto metadata_key_dir = data_rec->metadata_key_dir + "/" + name;
if (!read_key(zoned_metadata_key_dir, gen, false, &key)) { if (!read_key(metadata_key_dir, gen, false, &key)) {
LOG(ERROR) << "read_key failed with zoned device: " << zoned_device; LOG(ERROR) << "read_key failed with zoned device: " << device;
return false; return false;
} }
if (!create_crypto_blk_dev(kDmNameUserdataZoned, zoned_device, key, options, std::string crypto_blkdev_arg;
&crypto_zoned_blkdev, &nr_sec)) { if (!create_crypto_blk_dev(name, device, key, options, &crypto_blkdev_arg, &nr_sec, true)) {
LOG(ERROR) << "fscrypt_mount_metadata_encrypted: failed with zoned device: " LOG(ERROR) << "fscrypt_mount_metadata_encrypted: failed with device: " << device;
<< zoned_device;
return false; return false;
} }
crypto_user_blkdev.push_back(crypto_blkdev_arg.c_str());
} }
if (needs_encrypt) { if (needs_encrypt) {
@ -332,7 +338,7 @@ bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::
if (fs_type == "ext4") { if (fs_type == "ext4") {
error = ext4::Format(crypto_blkdev, 0, mount_point); error = ext4::Format(crypto_blkdev, 0, mount_point);
} else if (fs_type == "f2fs") { } else if (fs_type == "f2fs") {
error = f2fs::Format(crypto_blkdev, crypto_zoned_blkdev); error = f2fs::Format(crypto_blkdev, is_zoned, crypto_user_blkdev);
} else { } else {
LOG(ERROR) << "Unknown filesystem type: " << fs_type; LOG(ERROR) << "Unknown filesystem type: " << fs_type;
return false; return false;
@ -344,8 +350,9 @@ bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::
} }
LOG(DEBUG) << "Format of " << crypto_blkdev << " for " << mount_point << " succeeded."; LOG(DEBUG) << "Format of " << crypto_blkdev << " for " << mount_point << " succeeded.";
} else { } else {
if (!zoned_device.empty()) { if (!user_devices.empty()) {
LOG(ERROR) << "encrypt_inplace cannot support zoned device; should format it."; LOG(ERROR) << "encrypt_inplace cannot support zoned or userdata_exp device; should "
"format it.";
return false; return false;
} }
if (!encrypt_inplace(crypto_blkdev, blk_device, nr_sec)) { if (!encrypt_inplace(crypto_blkdev, blk_device, nr_sec)) {
@ -384,7 +391,8 @@ bool defaultkey_setup_ext_volume(const std::string& label, const std::string& bl
CryptoOptions options; CryptoOptions options;
if (!get_volume_options(&options)) return false; if (!get_volume_options(&options)) return false;
uint64_t nr_sec; uint64_t nr_sec;
return create_crypto_blk_dev(label, blk_device, key, options, out_crypto_blkdev, &nr_sec); return create_crypto_blk_dev(label, blk_device, key, options, out_crypto_blkdev, &nr_sec,
false);
} }
bool destroy_dsu_metadata_key(const std::string& dsu_slot) { bool destroy_dsu_metadata_key(const std::string& dsu_slot) {

4
MetadataCrypt.h
View file

@ -28,8 +28,8 @@ namespace vold {
void defaultkey_precreate_dm_device(); void defaultkey_precreate_dm_device();
bool fscrypt_mount_metadata_encrypted(const std::string& block_device, bool fscrypt_mount_metadata_encrypted(const std::string& block_device,
const std::string& mount_point, bool needs_encrypt, const std::string& mount_point, bool needs_encrypt,
bool should_format, const std::string& fs_type, bool should_format, const std::string& fs_type, bool is_zoned,
const std::string& zoned_device); const std::vector<std::string>& user_devices);
bool defaultkey_volume_keygen(KeyGeneration* gen); bool defaultkey_volume_keygen(KeyGeneration* gen);

12
VoldNativeService.cpp
View file

@ -588,24 +588,24 @@ binder::Status VoldNativeService::initUser0() {
} }
binder::Status VoldNativeService::mountFstab(const std::string& blkDevice, binder::Status VoldNativeService::mountFstab(const std::string& blkDevice,
const std::string& mountPoint, const std::string& mountPoint, bool isZoned,
const std::string& zonedDevice) { const std::vector<std::string>& userDevices) {
ENFORCE_SYSTEM_OR_ROOT; ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_LOCK; ACQUIRE_LOCK;
return translateBool(fscrypt_mount_metadata_encrypted(blkDevice, mountPoint, false, false, return translateBool(fscrypt_mount_metadata_encrypted(blkDevice, mountPoint, false, false,
"null", zonedDevice)); "null", isZoned, userDevices));
} }
binder::Status VoldNativeService::encryptFstab(const std::string& blkDevice, binder::Status VoldNativeService::encryptFstab(const std::string& blkDevice,
const std::string& mountPoint, bool shouldFormat, const std::string& mountPoint, bool shouldFormat,
const std::string& fsType, const std::string& fsType, bool isZoned,
const std::string& zonedDevice) { const std::vector<std::string>& userDevices) {
ENFORCE_SYSTEM_OR_ROOT; ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_LOCK; ACQUIRE_LOCK;
return translateBool(fscrypt_mount_metadata_encrypted(blkDevice, mountPoint, true, shouldFormat, return translateBool(fscrypt_mount_metadata_encrypted(blkDevice, mountPoint, true, shouldFormat,
fsType, zonedDevice)); fsType, isZoned, userDevices));
} }
binder::Status VoldNativeService::setStorageBindingSeed(const std::vector<uint8_t>& seed) { binder::Status VoldNativeService::setStorageBindingSeed(const std::vector<uint8_t>& seed) {

6
VoldNativeService.h
View file

@ -106,10 +106,10 @@ class VoldNativeService : public BinderService<VoldNativeService>, public os::Bn
binder::Status initUser0(); binder::Status initUser0();
binder::Status mountFstab(const std::string& blkDevice, const std::string& mountPoint, binder::Status mountFstab(const std::string& blkDevice, const std::string& mountPoint,
const std::string& zonedDevice); bool isZoned, const std::vector<std::string>& userDevices);
binder::Status encryptFstab(const std::string& blkDevice, const std::string& mountPoint, binder::Status encryptFstab(const std::string& blkDevice, const std::string& mountPoint,
bool shouldFormat, const std::string& fsType, bool shouldFormat, const std::string& fsType, bool isZoned,
const std::string& zonedDevice); const std::vector<std::string>& userDevices);
binder::Status setStorageBindingSeed(const std::vector<uint8_t>& seed); binder::Status setStorageBindingSeed(const std::vector<uint8_t>& seed);

4
binder/android/os/IVold.aidl
View file

@ -83,8 +83,8 @@ interface IVold {
void fbeEnable(); void fbeEnable();
void initUser0(); void initUser0();
void mountFstab(@utf8InCpp String blkDevice, @utf8InCpp String mountPoint, @utf8InCpp String zonedDevice); void mountFstab(@utf8InCpp String blkDevice, @utf8InCpp String mountPoint, boolean isZoned, in @utf8InCpp String[] userDevices);
void encryptFstab(@utf8InCpp String blkDevice, @utf8InCpp String mountPoint, boolean shouldFormat, @utf8InCpp String fsType, @utf8InCpp String zonedDevice); void encryptFstab(@utf8InCpp String blkDevice, @utf8InCpp String mountPoint, boolean shouldFormat, @utf8InCpp String fsType, boolean isZoned, in @utf8InCpp String[] userDevices);
void setStorageBindingSeed(in byte[] seed); void setStorageBindingSeed(in byte[] seed);

12
fs/F2fs.cpp
View file

@ -71,7 +71,8 @@ status_t Mount(const std::string& source, const std::string& target) {
return res; return res;
} }
status_t Format(const std::string& source, const std::string& zoned_device) { status_t Format(const std::string& source, bool is_zoned,
const std::vector<std::string>& user_devices) {
std::vector<char const*> cmd; std::vector<char const*> cmd;
cmd.emplace_back(kMkfsPath); cmd.emplace_back(kMkfsPath);
@ -96,12 +97,13 @@ status_t Format(const std::string& source, const std::string& zoned_device) {
cmd.emplace_back("-C"); cmd.emplace_back("-C");
cmd.emplace_back("utf8"); cmd.emplace_back("utf8");
} }
if (!zoned_device.empty()) { if (is_zoned) {
cmd.emplace_back("-c");
cmd.emplace_back(zoned_device.c_str());
cmd.emplace_back("-m"); cmd.emplace_back("-m");
} }
for (auto& device : user_devices) {
cmd.emplace_back("-c");
cmd.emplace_back(device.c_str());
}
std::string block_size = std::to_string(getpagesize()); std::string block_size = std::to_string(getpagesize());
cmd.emplace_back("-b"); cmd.emplace_back("-b");
cmd.emplace_back(block_size.c_str()); cmd.emplace_back(block_size.c_str());

3
fs/F2fs.h
View file

@ -29,7 +29,8 @@ bool IsSupported();
status_t Check(const std::string& source); status_t Check(const std::string& source);
status_t Mount(const std::string& source, const std::string& target); status_t Mount(const std::string& source, const std::string& target);
status_t Format(const std::string& source, const std::string& zoned_device = ""); status_t Format(const std::string& source, const bool is_zoned,
const std::vector<std::string>& user_devices);
} // namespace f2fs } // namespace f2fs
} // namespace vold } // namespace vold

2
model/PrivateVolume.cpp
View file

@ -234,7 +234,7 @@ status_t PrivateVolume::doFormat(const std::string& fsType) {
return -EIO; return -EIO;
} }
} else if (resolvedFsType == "f2fs") { } else if (resolvedFsType == "f2fs") {
if (f2fs::Format(mDmDevPath)) { if (f2fs::Format(mDmDevPath, false, {})) {
PLOG(ERROR) << getId() << " failed to format"; PLOG(ERROR) << getId() << " failed to format";
return -EIO; return -EIO;
} }

44
vdc.cpp
View file

@ -86,6 +86,38 @@ static void bindkeys(std::vector<std::string>& args, const android::sp<android::
checkStatus(args, vold->setStorageBindingSeed(seed)); checkStatus(args, vold->setStorageBindingSeed(seed));
} }
static void mountFstab(std::vector<std::string>& args,
const android::sp<android::os::IVold>& vold) {
auto isZoned = android::base::ParseBool(args[4]);
if (isZoned == android::base::ParseBoolResult::kError) exit(EINVAL);
std::vector<std::string> userDevices = {};
if (args[5] != "") {
userDevices = android::base::Split(args[5], " ");
}
checkStatus(args,
vold->mountFstab(args[2], args[3], isZoned == android::base::ParseBoolResult::kTrue,
userDevices));
}
static void encryptFstab(std::vector<std::string>& args,
const android::sp<android::os::IVold>& vold) {
auto shouldFormat = android::base::ParseBool(args[4]);
if (shouldFormat == android::base::ParseBoolResult::kError) exit(EINVAL);
auto isZoned = android::base::ParseBool(args[6]);
if (isZoned == android::base::ParseBoolResult::kError) exit(EINVAL);
std::vector<std::string> userDevices = {};
if (args[7] != "") {
userDevices = android::base::Split(args[7], " ");
}
checkStatus(args,
vold->encryptFstab(args[2], args[3],
shouldFormat == android::base::ParseBoolResult::kTrue, args[5],
isZoned == android::base::ParseBoolResult::kTrue, userDevices));
}
int main(int argc, char** argv) { int main(int argc, char** argv) {
setenv("ANDROID_LOG_TAGS", "*:v", 1); setenv("ANDROID_LOG_TAGS", "*:v", 1);
if (getppid() == 1) { if (getppid() == 1) {
@ -128,14 +160,10 @@ int main(int argc, char** argv) {
LOG(INFO) << size; LOG(INFO) << size;
} else if (args[0] == "cryptfs" && args[1] == "bindkeys") { } else if (args[0] == "cryptfs" && args[1] == "bindkeys") {
bindkeys(args, vold); bindkeys(args, vold);
} else if (args[0] == "cryptfs" && args[1] == "mountFstab" && args.size() == 5) { } else if (args[0] == "cryptfs" && args[1] == "mountFstab" && args.size() == 6) {
checkStatus(args, vold->mountFstab(args[2], args[3], args[4])); mountFstab(args, vold);
} else if (args[0] == "cryptfs" && args[1] == "encryptFstab" && args.size() == 7) { } else if (args[0] == "cryptfs" && args[1] == "encryptFstab" && args.size() == 8) {
auto shouldFormat = android::base::ParseBool(args[4]); encryptFstab(args, vold);
if (shouldFormat == android::base::ParseBoolResult::kError) exit(EINVAL);
checkStatus(args, vold->encryptFstab(args[2], args[3],
shouldFormat == android::base::ParseBoolResult::kTrue,
args[5], args[6]));
} else if (args[0] == "checkpoint" && args[1] == "supportsCheckpoint" && args.size() == 2) { } else if (args[0] == "checkpoint" && args[1] == "supportsCheckpoint" && args.size() == 2) {
bool supported = false; bool supported = false;
checkStatus(args, vold->supportsCheckpoint(&supported)); checkStatus(args, vold->supportsCheckpoint(&supported));