Be more C++. volume UUID should always be std::string.
Test: boots Bug: 67041047 Change-Id: I36d3944ae8de192703b9ee359900841b833fe3a1
This commit is contained in:
parent
a7ca40bd70
commit
3b71fc5100
11 changed files with 69 additions and 74 deletions
|
@ -91,8 +91,8 @@ static bool e4crypt_is_emulated() {
|
||||||
return property_get_bool("persist.sys.emulate_fbe", false);
|
return property_get_bool("persist.sys.emulate_fbe", false);
|
||||||
}
|
}
|
||||||
|
|
||||||
static const char* escape_null(const char* value) {
|
static const char* escape_empty(const std::string& value) {
|
||||||
return (value == nullptr) ? "null" : value;
|
return value.empty() ? "null" : value.c_str();
|
||||||
}
|
}
|
||||||
|
|
||||||
static std::string get_de_key_path(userid_t user_id) {
|
static std::string get_de_key_path(userid_t user_id) {
|
||||||
|
@ -379,7 +379,7 @@ bool e4crypt_init_user0() {
|
||||||
// We can only safely prepare DE storage here, since CE keys are probably
|
// We can only safely prepare DE storage here, since CE keys are probably
|
||||||
// entangled with user credentials. The framework will always prepare CE
|
// entangled with user credentials. The framework will always prepare CE
|
||||||
// storage once CE keys are installed.
|
// storage once CE keys are installed.
|
||||||
if (!e4crypt_prepare_user_storage(nullptr, 0, 0, FLAG_STORAGE_DE)) {
|
if (!e4crypt_prepare_user_storage("", 0, 0, FLAG_STORAGE_DE)) {
|
||||||
LOG(ERROR) << "Failed to prepare user 0 storage";
|
LOG(ERROR) << "Failed to prepare user 0 storage";
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -491,8 +491,8 @@ static bool emulated_unlock(const std::string& path, mode_t mode) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool parse_hex(const char* hex, std::string* result) {
|
static bool parse_hex(const std::string& hex, std::string* result) {
|
||||||
if (strcmp("!", hex) == 0) {
|
if (hex == "!") {
|
||||||
*result = "";
|
*result = "";
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -503,10 +503,10 @@ static bool parse_hex(const char* hex, std::string* result) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const char* token_hex,
|
bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const std::string& token_hex,
|
||||||
const char* secret_hex) {
|
const std::string& secret_hex) {
|
||||||
LOG(DEBUG) << "e4crypt_add_user_key_auth " << user_id << " serial=" << serial
|
LOG(DEBUG) << "e4crypt_add_user_key_auth " << user_id << " serial=" << serial
|
||||||
<< " token_present=" << (strcmp(token_hex, "!") != 0);
|
<< " token_present=" << (token_hex != "!");
|
||||||
if (!e4crypt_is_native()) return true;
|
if (!e4crypt_is_native()) return true;
|
||||||
if (s_ephemeral_users.count(user_id) != 0) return true;
|
if (s_ephemeral_users.count(user_id) != 0) return true;
|
||||||
std::string token, secret;
|
std::string token, secret;
|
||||||
|
@ -543,10 +543,10 @@ bool e4crypt_fixate_newest_user_key_auth(userid_t user_id) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: rename to 'install' for consistency, and take flags to know which keys to install
|
// TODO: rename to 'install' for consistency, and take flags to know which keys to install
|
||||||
bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token_hex,
|
bool e4crypt_unlock_user_key(userid_t user_id, int serial, const std::string& token_hex,
|
||||||
const char* secret_hex) {
|
const std::string& secret_hex) {
|
||||||
LOG(DEBUG) << "e4crypt_unlock_user_key " << user_id << " serial=" << serial
|
LOG(DEBUG) << "e4crypt_unlock_user_key " << user_id << " serial=" << serial
|
||||||
<< " token_present=" << (strcmp(token_hex, "!") != 0);
|
<< " token_present=" << (token_hex != "!");
|
||||||
if (e4crypt_is_native()) {
|
if (e4crypt_is_native()) {
|
||||||
if (s_ce_key_raw_refs.count(user_id) != 0) {
|
if (s_ce_key_raw_refs.count(user_id) != 0) {
|
||||||
LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id;
|
LOG(WARNING) << "Tried to unlock already-unlocked key for user " << user_id;
|
||||||
|
@ -566,8 +566,8 @@ bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token_hex
|
||||||
// back into a known-good state.
|
// back into a known-good state.
|
||||||
if (!emulated_unlock(android::vold::BuildDataSystemCePath(user_id), 0771) ||
|
if (!emulated_unlock(android::vold::BuildDataSystemCePath(user_id), 0771) ||
|
||||||
!emulated_unlock(android::vold::BuildDataMiscCePath(user_id), 01771) ||
|
!emulated_unlock(android::vold::BuildDataMiscCePath(user_id), 01771) ||
|
||||||
!emulated_unlock(android::vold::BuildDataMediaCePath(nullptr, user_id), 0770) ||
|
!emulated_unlock(android::vold::BuildDataMediaCePath("", user_id), 0770) ||
|
||||||
!emulated_unlock(android::vold::BuildDataUserCePath(nullptr, user_id), 0771)) {
|
!emulated_unlock(android::vold::BuildDataUserCePath("", user_id), 0771)) {
|
||||||
LOG(ERROR) << "Failed to unlock user " << user_id;
|
LOG(ERROR) << "Failed to unlock user " << user_id;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -584,8 +584,8 @@ bool e4crypt_lock_user_key(userid_t user_id) {
|
||||||
// When in emulation mode, we just use chmod
|
// When in emulation mode, we just use chmod
|
||||||
if (!emulated_lock(android::vold::BuildDataSystemCePath(user_id)) ||
|
if (!emulated_lock(android::vold::BuildDataSystemCePath(user_id)) ||
|
||||||
!emulated_lock(android::vold::BuildDataMiscCePath(user_id)) ||
|
!emulated_lock(android::vold::BuildDataMiscCePath(user_id)) ||
|
||||||
!emulated_lock(android::vold::BuildDataMediaCePath(nullptr, user_id)) ||
|
!emulated_lock(android::vold::BuildDataMediaCePath("", user_id)) ||
|
||||||
!emulated_lock(android::vold::BuildDataUserCePath(nullptr, user_id))) {
|
!emulated_lock(android::vold::BuildDataUserCePath("", user_id))) {
|
||||||
LOG(ERROR) << "Failed to lock user " << user_id;
|
LOG(ERROR) << "Failed to lock user " << user_id;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -594,9 +594,9 @@ bool e4crypt_lock_user_key(userid_t user_id) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial,
|
bool e4crypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int serial,
|
||||||
int flags) {
|
int flags) {
|
||||||
LOG(DEBUG) << "e4crypt_prepare_user_storage for volume " << escape_null(volume_uuid)
|
LOG(DEBUG) << "e4crypt_prepare_user_storage for volume " << escape_empty(volume_uuid)
|
||||||
<< ", user " << user_id << ", serial " << serial << ", flags " << flags;
|
<< ", user " << user_id << ", serial " << serial << ", flags " << flags;
|
||||||
|
|
||||||
if (flags & FLAG_STORAGE_DE) {
|
if (flags & FLAG_STORAGE_DE) {
|
||||||
|
@ -610,7 +610,7 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
|
||||||
auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);
|
auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);
|
||||||
auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
|
auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
|
||||||
|
|
||||||
if (volume_uuid == nullptr) {
|
if (volume_uuid.empty()) {
|
||||||
if (!prepare_dir(system_legacy_path, 0700, AID_SYSTEM, AID_SYSTEM)) return false;
|
if (!prepare_dir(system_legacy_path, 0700, AID_SYSTEM, AID_SYSTEM)) return false;
|
||||||
#if MANAGE_MISC_DIRS
|
#if MANAGE_MISC_DIRS
|
||||||
if (!prepare_dir(misc_legacy_path, 0750, multiuser_get_uid(user_id, AID_SYSTEM),
|
if (!prepare_dir(misc_legacy_path, 0750, multiuser_get_uid(user_id, AID_SYSTEM),
|
||||||
|
@ -626,7 +626,7 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
|
||||||
if (e4crypt_is_native()) {
|
if (e4crypt_is_native()) {
|
||||||
std::string de_raw_ref;
|
std::string de_raw_ref;
|
||||||
if (!lookup_key_ref(s_de_key_raw_refs, user_id, &de_raw_ref)) return false;
|
if (!lookup_key_ref(s_de_key_raw_refs, user_id, &de_raw_ref)) return false;
|
||||||
if (volume_uuid == nullptr) {
|
if (volume_uuid.empty()) {
|
||||||
if (!ensure_policy(de_raw_ref, system_de_path)) return false;
|
if (!ensure_policy(de_raw_ref, system_de_path)) return false;
|
||||||
if (!ensure_policy(de_raw_ref, misc_de_path)) return false;
|
if (!ensure_policy(de_raw_ref, misc_de_path)) return false;
|
||||||
}
|
}
|
||||||
|
@ -641,7 +641,7 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
|
||||||
auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
|
auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
|
||||||
auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
|
auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
|
||||||
|
|
||||||
if (volume_uuid == nullptr) {
|
if (volume_uuid.empty()) {
|
||||||
if (!prepare_dir(system_ce_path, 0770, AID_SYSTEM, AID_SYSTEM)) return false;
|
if (!prepare_dir(system_ce_path, 0770, AID_SYSTEM, AID_SYSTEM)) return false;
|
||||||
if (!prepare_dir(misc_ce_path, 01771, AID_SYSTEM, AID_MISC)) return false;
|
if (!prepare_dir(misc_ce_path, 01771, AID_SYSTEM, AID_MISC)) return false;
|
||||||
}
|
}
|
||||||
|
@ -651,7 +651,7 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
|
||||||
if (e4crypt_is_native()) {
|
if (e4crypt_is_native()) {
|
||||||
std::string ce_raw_ref;
|
std::string ce_raw_ref;
|
||||||
if (!lookup_key_ref(s_ce_key_raw_refs, user_id, &ce_raw_ref)) return false;
|
if (!lookup_key_ref(s_ce_key_raw_refs, user_id, &ce_raw_ref)) return false;
|
||||||
if (volume_uuid == nullptr) {
|
if (volume_uuid.empty()) {
|
||||||
if (!ensure_policy(ce_raw_ref, system_ce_path)) return false;
|
if (!ensure_policy(ce_raw_ref, system_ce_path)) return false;
|
||||||
if (!ensure_policy(ce_raw_ref, misc_ce_path)) return false;
|
if (!ensure_policy(ce_raw_ref, misc_ce_path)) return false;
|
||||||
|
|
||||||
|
@ -669,8 +669,8 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int flags) {
|
bool e4crypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags) {
|
||||||
LOG(DEBUG) << "e4crypt_destroy_user_storage for volume " << escape_null(volume_uuid)
|
LOG(DEBUG) << "e4crypt_destroy_user_storage for volume " << escape_empty(volume_uuid)
|
||||||
<< ", user " << user_id << ", flags " << flags;
|
<< ", user " << user_id << ", flags " << flags;
|
||||||
bool res = true;
|
bool res = true;
|
||||||
|
|
||||||
|
@ -685,7 +685,7 @@ bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int
|
||||||
auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);
|
auto misc_de_path = android::vold::BuildDataMiscDePath(user_id);
|
||||||
auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
|
auto user_de_path = android::vold::BuildDataUserDePath(volume_uuid, user_id);
|
||||||
|
|
||||||
if (volume_uuid == nullptr) {
|
if (volume_uuid.empty()) {
|
||||||
res &= destroy_dir(system_legacy_path);
|
res &= destroy_dir(system_legacy_path);
|
||||||
#if MANAGE_MISC_DIRS
|
#if MANAGE_MISC_DIRS
|
||||||
res &= destroy_dir(misc_legacy_path);
|
res &= destroy_dir(misc_legacy_path);
|
||||||
|
@ -704,7 +704,7 @@ bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int
|
||||||
auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
|
auto media_ce_path = android::vold::BuildDataMediaCePath(volume_uuid, user_id);
|
||||||
auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
|
auto user_ce_path = android::vold::BuildDataUserCePath(volume_uuid, user_id);
|
||||||
|
|
||||||
if (volume_uuid == nullptr) {
|
if (volume_uuid.empty()) {
|
||||||
res &= destroy_dir(system_ce_path);
|
res &= destroy_dir(system_ce_path);
|
||||||
res &= destroy_dir(misc_ce_path);
|
res &= destroy_dir(misc_ce_path);
|
||||||
}
|
}
|
||||||
|
@ -715,6 +715,6 @@ bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool e4crypt_secdiscard(const char* path) {
|
bool e4crypt_secdiscard(const std::string& path) {
|
||||||
return android::vold::runSecdiscardSingle(std::string(path));
|
return android::vold::runSecdiscardSingle(path);
|
||||||
}
|
}
|
||||||
|
|
20
Ext4Crypt.h
20
Ext4Crypt.h
|
@ -14,29 +14,29 @@
|
||||||
* limitations under the License.
|
* limitations under the License.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include <string>
|
||||||
|
|
||||||
#include <stdbool.h>
|
#include <stdbool.h>
|
||||||
#include <sys/cdefs.h>
|
#include <sys/cdefs.h>
|
||||||
|
|
||||||
#include <cutils/multiuser.h>
|
#include <cutils/multiuser.h>
|
||||||
|
|
||||||
__BEGIN_DECLS
|
|
||||||
|
|
||||||
// General functions
|
// General functions
|
||||||
bool e4crypt_is_native();
|
|
||||||
bool e4crypt_initialize_global_de();
|
bool e4crypt_initialize_global_de();
|
||||||
|
|
||||||
bool e4crypt_init_user0();
|
bool e4crypt_init_user0();
|
||||||
bool e4crypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
|
bool e4crypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
|
||||||
bool e4crypt_destroy_user_key(userid_t user_id);
|
bool e4crypt_destroy_user_key(userid_t user_id);
|
||||||
bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const char* token,
|
bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const std::string& token,
|
||||||
const char* secret);
|
const std::string& secret);
|
||||||
bool e4crypt_fixate_newest_user_key_auth(userid_t user_id);
|
bool e4crypt_fixate_newest_user_key_auth(userid_t user_id);
|
||||||
|
|
||||||
bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token, const char* secret);
|
bool e4crypt_unlock_user_key(userid_t user_id, int serial, const std::string& token,
|
||||||
|
const std::string& secret);
|
||||||
bool e4crypt_lock_user_key(userid_t user_id);
|
bool e4crypt_lock_user_key(userid_t user_id);
|
||||||
|
|
||||||
bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial, int flags);
|
bool e4crypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int serial,
|
||||||
bool e4crypt_destroy_user_storage(const char* volume_uuid, userid_t user_id, int flags);
|
int flags);
|
||||||
|
bool e4crypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
|
||||||
|
|
||||||
bool e4crypt_secdiscard(const char* path);
|
bool e4crypt_secdiscard(const std::string& path);
|
||||||
__END_DECLS
|
|
||||||
|
|
|
@ -17,8 +17,6 @@
|
||||||
#ifndef ANDROID_VOLD_KEYMASTER_H
|
#ifndef ANDROID_VOLD_KEYMASTER_H
|
||||||
#define ANDROID_VOLD_KEYMASTER_H
|
#define ANDROID_VOLD_KEYMASTER_H
|
||||||
|
|
||||||
#ifdef __cplusplus
|
|
||||||
|
|
||||||
#include "KeyBuffer.h"
|
#include "KeyBuffer.h"
|
||||||
|
|
||||||
#include <memory>
|
#include <memory>
|
||||||
|
@ -127,8 +125,7 @@ class Keymaster {
|
||||||
} // namespace vold
|
} // namespace vold
|
||||||
} // namespace android
|
} // namespace android
|
||||||
|
|
||||||
#endif // __cplusplus
|
// FIXME no longer needed now cryptfs is in C++.
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The following functions provide C bindings to keymaster services
|
* The following functions provide C bindings to keymaster services
|
||||||
|
@ -138,7 +135,6 @@ class Keymaster {
|
||||||
* The sign_object function signes an object with the given keymaster
|
* The sign_object function signes an object with the given keymaster
|
||||||
* key.
|
* key.
|
||||||
*/
|
*/
|
||||||
__BEGIN_DECLS
|
|
||||||
|
|
||||||
int keymaster_compatibility_cryptfs_scrypt();
|
int keymaster_compatibility_cryptfs_scrypt();
|
||||||
int keymaster_create_key_for_cryptfs_scrypt(uint32_t rsa_key_size,
|
int keymaster_create_key_for_cryptfs_scrypt(uint32_t rsa_key_size,
|
||||||
|
@ -156,6 +152,5 @@ int keymaster_sign_object_for_cryptfs_scrypt(const uint8_t* key_blob,
|
||||||
uint8_t** signature_buffer,
|
uint8_t** signature_buffer,
|
||||||
size_t* signature_buffer_size);
|
size_t* signature_buffer_size);
|
||||||
|
|
||||||
__END_DECLS
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -23,10 +23,6 @@
|
||||||
#define SCRYPT_PROP "ro.crypto.scrypt_params"
|
#define SCRYPT_PROP "ro.crypto.scrypt_params"
|
||||||
#define SCRYPT_DEFAULTS "15:3:1"
|
#define SCRYPT_DEFAULTS "15:3:1"
|
||||||
|
|
||||||
__BEGIN_DECLS
|
|
||||||
|
|
||||||
bool parse_scrypt_parameters(const char* paramstr, int *Nf, int *rf, int *pf);
|
bool parse_scrypt_parameters(const char* paramstr, int *Nf, int *rf, int *pf);
|
||||||
|
|
||||||
__END_DECLS
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
28
Utils.cpp
28
Utils.cpp
|
@ -585,54 +585,54 @@ std::string BuildKeyPath(const std::string& partGuid) {
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataSystemLegacyPath(userid_t userId) {
|
std::string BuildDataSystemLegacyPath(userid_t userId) {
|
||||||
return StringPrintf("%s/system/users/%u", BuildDataPath(nullptr).c_str(), userId);
|
return StringPrintf("%s/system/users/%u", BuildDataPath("").c_str(), userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataSystemCePath(userid_t userId) {
|
std::string BuildDataSystemCePath(userid_t userId) {
|
||||||
return StringPrintf("%s/system_ce/%u", BuildDataPath(nullptr).c_str(), userId);
|
return StringPrintf("%s/system_ce/%u", BuildDataPath("").c_str(), userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataSystemDePath(userid_t userId) {
|
std::string BuildDataSystemDePath(userid_t userId) {
|
||||||
return StringPrintf("%s/system_de/%u", BuildDataPath(nullptr).c_str(), userId);
|
return StringPrintf("%s/system_de/%u", BuildDataPath("").c_str(), userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataMiscLegacyPath(userid_t userId) {
|
std::string BuildDataMiscLegacyPath(userid_t userId) {
|
||||||
return StringPrintf("%s/misc/user/%u", BuildDataPath(nullptr).c_str(), userId);
|
return StringPrintf("%s/misc/user/%u", BuildDataPath("").c_str(), userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataMiscCePath(userid_t userId) {
|
std::string BuildDataMiscCePath(userid_t userId) {
|
||||||
return StringPrintf("%s/misc_ce/%u", BuildDataPath(nullptr).c_str(), userId);
|
return StringPrintf("%s/misc_ce/%u", BuildDataPath("").c_str(), userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataMiscDePath(userid_t userId) {
|
std::string BuildDataMiscDePath(userid_t userId) {
|
||||||
return StringPrintf("%s/misc_de/%u", BuildDataPath(nullptr).c_str(), userId);
|
return StringPrintf("%s/misc_de/%u", BuildDataPath("").c_str(), userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Keep in sync with installd (frameworks/native/cmds/installd/utils.h)
|
// Keep in sync with installd (frameworks/native/cmds/installd/utils.h)
|
||||||
std::string BuildDataProfilesDePath(userid_t userId) {
|
std::string BuildDataProfilesDePath(userid_t userId) {
|
||||||
return StringPrintf("%s/misc/profiles/cur/%u", BuildDataPath(nullptr).c_str(), userId);
|
return StringPrintf("%s/misc/profiles/cur/%u", BuildDataPath("").c_str(), userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataPath(const char* volumeUuid) {
|
std::string BuildDataPath(const std::string& volumeUuid) {
|
||||||
// TODO: unify with installd path generation logic
|
// TODO: unify with installd path generation logic
|
||||||
if (volumeUuid == nullptr) {
|
if (volumeUuid.empty()) {
|
||||||
return "/data";
|
return "/data";
|
||||||
} else {
|
} else {
|
||||||
CHECK(isValidFilename(volumeUuid));
|
CHECK(isValidFilename(volumeUuid));
|
||||||
return StringPrintf("/mnt/expand/%s", volumeUuid);
|
return StringPrintf("/mnt/expand/%s", volumeUuid.c_str());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataMediaCePath(const char* volumeUuid, userid_t userId) {
|
std::string BuildDataMediaCePath(const std::string& volumeUuid, userid_t userId) {
|
||||||
// TODO: unify with installd path generation logic
|
// TODO: unify with installd path generation logic
|
||||||
std::string data(BuildDataPath(volumeUuid));
|
std::string data(BuildDataPath(volumeUuid));
|
||||||
return StringPrintf("%s/media/%u", data.c_str(), userId);
|
return StringPrintf("%s/media/%u", data.c_str(), userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataUserCePath(const char* volumeUuid, userid_t userId) {
|
std::string BuildDataUserCePath(const std::string& volumeUuid, userid_t userId) {
|
||||||
// TODO: unify with installd path generation logic
|
// TODO: unify with installd path generation logic
|
||||||
std::string data(BuildDataPath(volumeUuid));
|
std::string data(BuildDataPath(volumeUuid));
|
||||||
if (volumeUuid == nullptr && userId == 0) {
|
if (volumeUuid.empty() && userId == 0) {
|
||||||
std::string legacy = StringPrintf("%s/data", data.c_str());
|
std::string legacy = StringPrintf("%s/data", data.c_str());
|
||||||
struct stat sb;
|
struct stat sb;
|
||||||
if (lstat(legacy.c_str(), &sb) == 0 && S_ISDIR(sb.st_mode)) {
|
if (lstat(legacy.c_str(), &sb) == 0 && S_ISDIR(sb.st_mode)) {
|
||||||
|
@ -643,7 +643,7 @@ std::string BuildDataUserCePath(const char* volumeUuid, userid_t userId) {
|
||||||
return StringPrintf("%s/user/%u", data.c_str(), userId);
|
return StringPrintf("%s/user/%u", data.c_str(), userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string BuildDataUserDePath(const char* volumeUuid, userid_t userId) {
|
std::string BuildDataUserDePath(const std::string& volumeUuid, userid_t userId) {
|
||||||
// TODO: unify with installd path generation logic
|
// TODO: unify with installd path generation logic
|
||||||
std::string data(BuildDataPath(volumeUuid));
|
std::string data(BuildDataPath(volumeUuid));
|
||||||
return StringPrintf("%s/user_de/%u", data.c_str(), userId);
|
return StringPrintf("%s/user_de/%u", data.c_str(), userId);
|
||||||
|
|
8
Utils.h
8
Utils.h
|
@ -103,10 +103,10 @@ std::string BuildDataMiscCePath(userid_t userid);
|
||||||
std::string BuildDataMiscDePath(userid_t userid);
|
std::string BuildDataMiscDePath(userid_t userid);
|
||||||
std::string BuildDataProfilesDePath(userid_t userid);
|
std::string BuildDataProfilesDePath(userid_t userid);
|
||||||
|
|
||||||
std::string BuildDataPath(const char* volumeUuid);
|
std::string BuildDataPath(const std::string& volumeUuid);
|
||||||
std::string BuildDataMediaCePath(const char* volumeUuid, userid_t userid);
|
std::string BuildDataMediaCePath(const std::string& volumeUuid, userid_t userid);
|
||||||
std::string BuildDataUserCePath(const char* volumeUuid, userid_t userid);
|
std::string BuildDataUserCePath(const std::string& volumeUuid, userid_t userid);
|
||||||
std::string BuildDataUserDePath(const char* volumeUuid, userid_t userid);
|
std::string BuildDataUserDePath(const std::string& volumeUuid, userid_t userid);
|
||||||
|
|
||||||
dev_t GetDevice(const std::string& path);
|
dev_t GetDevice(const std::string& path);
|
||||||
|
|
||||||
|
|
|
@ -32,6 +32,7 @@
|
||||||
#include <android-base/logging.h>
|
#include <android-base/logging.h>
|
||||||
#include <android-base/stringprintf.h>
|
#include <android-base/stringprintf.h>
|
||||||
#include <android-base/strings.h>
|
#include <android-base/strings.h>
|
||||||
|
#include <ext4_utils/ext4_crypt.h>
|
||||||
#include <fs_mgr.h>
|
#include <fs_mgr.h>
|
||||||
#include <private/android_filesystem_config.h>
|
#include <private/android_filesystem_config.h>
|
||||||
#include <utils/Trace.h>
|
#include <utils/Trace.h>
|
||||||
|
@ -666,7 +667,7 @@ binder::Status VoldNativeService::addUserKeyAuth(int32_t userId, int32_t userSer
|
||||||
ENFORCE_UID(AID_SYSTEM);
|
ENFORCE_UID(AID_SYSTEM);
|
||||||
ACQUIRE_CRYPT_LOCK;
|
ACQUIRE_CRYPT_LOCK;
|
||||||
|
|
||||||
return translateBool(e4crypt_add_user_key_auth(userId, userSerial, token.c_str(), secret.c_str()));
|
return translateBool(e4crypt_add_user_key_auth(userId, userSerial, token, secret));
|
||||||
}
|
}
|
||||||
|
|
||||||
binder::Status VoldNativeService::fixateNewestUserKeyAuth(int32_t userId) {
|
binder::Status VoldNativeService::fixateNewestUserKeyAuth(int32_t userId) {
|
||||||
|
@ -681,7 +682,7 @@ binder::Status VoldNativeService::unlockUserKey(int32_t userId, int32_t userSeri
|
||||||
ENFORCE_UID(AID_SYSTEM);
|
ENFORCE_UID(AID_SYSTEM);
|
||||||
ACQUIRE_CRYPT_LOCK;
|
ACQUIRE_CRYPT_LOCK;
|
||||||
|
|
||||||
return translateBool(e4crypt_unlock_user_key(userId, userSerial, token.c_str(), secret.c_str()));
|
return translateBool(e4crypt_unlock_user_key(userId, userSerial, token, secret));
|
||||||
}
|
}
|
||||||
|
|
||||||
binder::Status VoldNativeService::lockUserKey(int32_t userId) {
|
binder::Status VoldNativeService::lockUserKey(int32_t userId) {
|
||||||
|
@ -696,7 +697,8 @@ binder::Status VoldNativeService::prepareUserStorage(const std::unique_ptr<std::
|
||||||
ENFORCE_UID(AID_SYSTEM);
|
ENFORCE_UID(AID_SYSTEM);
|
||||||
ACQUIRE_CRYPT_LOCK;
|
ACQUIRE_CRYPT_LOCK;
|
||||||
|
|
||||||
const char* uuid_ = uuid ? uuid->c_str() : nullptr;
|
std::string empty_string = "";
|
||||||
|
auto uuid_ = uuid ? *uuid : empty_string;
|
||||||
return translateBool(e4crypt_prepare_user_storage(uuid_, userId, userSerial, flags));
|
return translateBool(e4crypt_prepare_user_storage(uuid_, userId, userSerial, flags));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -705,7 +707,8 @@ binder::Status VoldNativeService::destroyUserStorage(const std::unique_ptr<std::
|
||||||
ENFORCE_UID(AID_SYSTEM);
|
ENFORCE_UID(AID_SYSTEM);
|
||||||
ACQUIRE_CRYPT_LOCK;
|
ACQUIRE_CRYPT_LOCK;
|
||||||
|
|
||||||
const char* uuid_ = uuid ? uuid->c_str() : nullptr;
|
std::string empty_string = "";
|
||||||
|
auto uuid_ = uuid ? *uuid : empty_string;
|
||||||
return translateBool(e4crypt_destroy_user_storage(uuid_, userId, flags));
|
return translateBool(e4crypt_destroy_user_storage(uuid_, userId, flags));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -713,7 +716,7 @@ binder::Status VoldNativeService::secdiscard(const std::string& path) {
|
||||||
ENFORCE_UID(AID_SYSTEM);
|
ENFORCE_UID(AID_SYSTEM);
|
||||||
ACQUIRE_CRYPT_LOCK;
|
ACQUIRE_CRYPT_LOCK;
|
||||||
|
|
||||||
return translateBool(e4crypt_secdiscard(path.c_str()));
|
return translateBool(e4crypt_secdiscard(path));
|
||||||
}
|
}
|
||||||
|
|
||||||
} // namespace vold
|
} // namespace vold
|
||||||
|
|
|
@ -38,6 +38,7 @@
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/sha.h>
|
#include <openssl/sha.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
|
#include <ext4_utils/ext4_crypt.h>
|
||||||
#include <ext4_utils/ext4_utils.h>
|
#include <ext4_utils/ext4_utils.h>
|
||||||
#include <linux/kdev_t.h>
|
#include <linux/kdev_t.h>
|
||||||
#include <fs_mgr.h>
|
#include <fs_mgr.h>
|
||||||
|
|
|
@ -42,6 +42,7 @@
|
||||||
#include <android-base/stringprintf.h>
|
#include <android-base/stringprintf.h>
|
||||||
#include <cutils/log.h>
|
#include <cutils/log.h>
|
||||||
#include <cutils/properties.h>
|
#include <cutils/properties.h>
|
||||||
|
#include <ext4_utils/ext4_crypt.h>
|
||||||
#include <logwrap/logwrap.h>
|
#include <logwrap/logwrap.h>
|
||||||
#include <selinux/selinux.h>
|
#include <selinux/selinux.h>
|
||||||
|
|
||||||
|
|
|
@ -23,10 +23,11 @@
|
||||||
#include "Ext4Crypt.h"
|
#include "Ext4Crypt.h"
|
||||||
|
|
||||||
#include <android-base/file.h>
|
#include <android-base/file.h>
|
||||||
|
#include <android-base/logging.h>
|
||||||
#include <android-base/properties.h>
|
#include <android-base/properties.h>
|
||||||
#include <android-base/stringprintf.h>
|
#include <android-base/stringprintf.h>
|
||||||
#include <android-base/logging.h>
|
|
||||||
#include <diskconfig/diskconfig.h>
|
#include <diskconfig/diskconfig.h>
|
||||||
|
#include <ext4_utils/ext4_crypt.h>
|
||||||
|
|
||||||
#include <vector>
|
#include <vector>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
|
|
|
@ -18,8 +18,6 @@
|
||||||
|
|
||||||
#include <selinux/selinux.h>
|
#include <selinux/selinux.h>
|
||||||
|
|
||||||
__BEGIN_DECLS
|
|
||||||
security_context_t secontextFsck();
|
security_context_t secontextFsck();
|
||||||
__END_DECLS
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
Loading…
Reference in a new issue