tequilaOS/platform_system_vold
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge changes Ia095340c,I464edc6e

Browse source 
* changes:
  Route error logs to the kernel during early boot.
  Improve vold logging.
This commit is contained in:
David Anderson 2021-11-08 22:46:35 +00:00 committed by Gerrit Code Review
commit 3d1a532efc
4 changed files with 64 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
KeyStorage.cpp
View file

@ -601,9 +601,15 @@ static bool storeKey(const std::string& dir, const KeyAuthentication& auth, cons
if (!generateKeyStorageKey(keystore, appId, &ksKey)) return false; if (!generateKeyStorageKey(keystore, appId, &ksKey)) return false;
if (!writeStringToFile(ksKey, dir + "/" + kFn_keymaster_key_blob)) return false; if (!writeStringToFile(ksKey, dir + "/" + kFn_keymaster_key_blob)) return false;
km::AuthorizationSet keyParams = beginParams(appId); km::AuthorizationSet keyParams = beginParams(appId);
if (!encryptWithKeystoreKey(keystore, dir, keyParams, key, &encryptedKey)) return false; if (!encryptWithKeystoreKey(keystore, dir, keyParams, key, &encryptedKey)) {
LOG(ERROR) << "encryptWithKeystoreKey failed";
return false;
}
} else { } else {
if (!encryptWithoutKeystore(appId, key, &encryptedKey)) return false; if (!encryptWithoutKeystore(appId, key, &encryptedKey)) {
LOG(ERROR) << "encryptWithoutKeystore failed";
return false;
}
} }
if (!writeStringToFile(encryptedKey, dir + "/" + kFn_encrypted_key)) return false; if (!writeStringToFile(encryptedKey, dir + "/" + kFn_encrypted_key)) return false;
if (!FsyncDirectory(dir)) return false; if (!FsyncDirectory(dir)) return false;
@ -648,9 +654,15 @@ bool retrieveKey(const std::string& dir, const KeyAuthentication& auth, KeyBuffe
Keystore keystore; Keystore keystore;
if (!keystore) return false; if (!keystore) return false;
km::AuthorizationSet keyParams = beginParams(appId); km::AuthorizationSet keyParams = beginParams(appId);
if (!decryptWithKeystoreKey(keystore, dir, keyParams, encryptedMessage, key)) return false; if (!decryptWithKeystoreKey(keystore, dir, keyParams, encryptedMessage, key)) {
LOG(ERROR) << "decryptWithKeystoreKey failed";
return false;
}
} else { } else {
if (!decryptWithoutKeystore(appId, encryptedMessage, key)) return false; if (!decryptWithoutKeystore(appId, encryptedMessage, key)) {
LOG(ERROR) << "decryptWithoutKeystore failed";
return false;
}
} }
return true; return true;
} }

5
KeyUtil.cpp
View file

@ -54,7 +54,10 @@ static bool randomKey(size_t size, KeyBuffer* key) {
} }
bool generateStorageKey(const KeyGeneration& gen, KeyBuffer* key) { bool generateStorageKey(const KeyGeneration& gen, KeyBuffer* key) {
if (!gen.allow_gen) return false; if (!gen.allow_gen) {
LOG(ERROR) << "Generating storage key not allowed";
return false;
}
if (gen.use_hw_wrapped_key) { if (gen.use_hw_wrapped_key) {
if (gen.keysize != FSCRYPT_MAX_KEY_SIZE) { if (gen.keysize != FSCRYPT_MAX_KEY_SIZE) {
LOG(ERROR) << "Cannot generate a wrapped key " << gen.keysize << " bytes long"; LOG(ERROR) << "Cannot generate a wrapped key " << gen.keysize << " bytes long";

26
MetadataCrypt.cpp
View file

@ -245,7 +245,8 @@ bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::
<< fs_type; << fs_type;
auto encrypted_state = android::base::GetProperty("ro.crypto.state", ""); auto encrypted_state = android::base::GetProperty("ro.crypto.state", "");
if (encrypted_state != "" && encrypted_state != "encrypted") { if (encrypted_state != "" && encrypted_state != "encrypted") {
LOG(DEBUG) << "fscrypt_enable_crypto got unexpected starting state: " << encrypted_state; LOG(ERROR) << "fscrypt_mount_metadata_encrypted got unexpected starting state: "
<< encrypted_state;
return false; return false;
} }
@ -282,12 +283,18 @@ bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::
auto gen = needs_encrypt ? makeGen(options) : neverGen(); auto gen = needs_encrypt ? makeGen(options) : neverGen();
KeyBuffer key; KeyBuffer key;
if (!read_key(data_rec->metadata_key_dir, gen, &key)) return false; if (!read_key(data_rec->metadata_key_dir, gen, &key)) {
LOG(ERROR) << "read_key failed in mountFstab";
return false;
}
std::string crypto_blkdev; std::string crypto_blkdev;
uint64_t nr_sec; uint64_t nr_sec;
if (!create_crypto_blk_dev(kDmNameUserdata, blk_device, key, options, &crypto_blkdev, &nr_sec)) if (!create_crypto_blk_dev(kDmNameUserdata, blk_device, key, options, &crypto_blkdev,
&nr_sec)) {
LOG(ERROR) << "create_crypto_blk_dev failed in mountFstab";
return false; return false;
}
if (needs_encrypt) { if (needs_encrypt) {
if (should_format) { if (should_format) {
@ -301,10 +308,17 @@ bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::
LOG(ERROR) << "Unknown filesystem type: " << fs_type; LOG(ERROR) << "Unknown filesystem type: " << fs_type;
return false; return false;
} }
LOG(DEBUG) << "Format (err=" << error << ") " << crypto_blkdev << " on " << mount_point; if (error != 0) {
if (error != 0) return false; LOG(ERROR) << "Format of " << crypto_blkdev << " for " << mount_point
<< " failed (err=" << error << ").";
return false;
}
LOG(DEBUG) << "Format of " << crypto_blkdev << " for " << mount_point << " succeeded.";
} else { } else {
if (!encrypt_inplace(crypto_blkdev, blk_device, nr_sec, false)) return false; if (!encrypt_inplace(crypto_blkdev, blk_device, nr_sec, false)) {
LOG(ERROR) << "encrypt_inplace failed in mountFstab";
return false;
}
} }
} }

25
main.cpp
View file

@ -52,8 +52,11 @@ typedef struct vold_configs {
static int process_config(VolumeManager* vm, VoldConfigs* configs); static int process_config(VolumeManager* vm, VoldConfigs* configs);
static void coldboot(const char* path); static void coldboot(const char* path);
static void parse_args(int argc, char** argv); static void parse_args(int argc, char** argv);
static void VoldLogger(android::base::LogId log_buffer_id, android::base::LogSeverity severity,
const char* tag, const char* file, unsigned int line, const char* message);
struct selabel_handle* sehandle; struct selabel_handle* sehandle;
android::base::LogdLogger logd_logger(android::base::SYSTEM);
using android::base::StringPrintf; using android::base::StringPrintf;
using android::fs_mgr::ReadDefaultFstab; using android::fs_mgr::ReadDefaultFstab;
@ -61,7 +64,7 @@ using android::fs_mgr::ReadDefaultFstab;
int main(int argc, char** argv) { int main(int argc, char** argv) {
atrace_set_tracing_enabled(false); atrace_set_tracing_enabled(false);
setenv("ANDROID_LOG_TAGS", "*:d", 1); // Do not submit with verbose logs enabled setenv("ANDROID_LOG_TAGS", "*:d", 1); // Do not submit with verbose logs enabled
android::base::InitLogging(argv, android::base::LogdLogger(android::base::SYSTEM)); android::base::InitLogging(argv, &VoldLogger);
LOG(INFO) << "Vold 3.0 (the awakening) firing up"; LOG(INFO) << "Vold 3.0 (the awakening) firing up";
@ -278,3 +281,23 @@ static int process_config(VolumeManager* vm, VoldConfigs* configs) {
} }
return 0; return 0;
} }
static void VoldLogger(android::base::LogId log_buffer_id, android::base::LogSeverity severity,
const char* tag, const char* file, unsigned int line, const char* message) {
logd_logger(log_buffer_id, severity, tag, file, line, message);
if (severity >= android::base::ERROR) {
static bool is_data_mounted = false;
// When /data fails to mount, we don't have adb to get logcat. So until /data is
// mounted we log errors to the kernel. This allows us to get failures via serial logs
// and via last dmesg/"fastboot oem dmesg" on devices that support it.
//
// As a very quick-and-dirty test for /data, we check whether /data/misc/vold exists.
if (is_data_mounted || access("/data/misc/vold", F_OK) == 0) {
is_data_mounted = true;
return;
}
android::base::KernelLogger(log_buffer_id, severity, tag, file, line, message);
}
}