Merge changes Icdff584e,I71fd98e6,If1e9e3ad,I05bc4dc9 am: 017e95fa6a am: 078a507c43

Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1887522

Change-Id: I6e2144b19a38d838595729b932d7bd3a9110b87e
This commit is contained in:
Eric Biggers 2021-11-11 21:49:56 +00:00 committed by Automerger Merge Worker
commit 54dd37692a
7 changed files with 0 additions and 137 deletions

View file

@ -41,7 +41,6 @@ cc_defaults {
"libfec_rs", "libfec_rs",
"libfs_avb", "libfs_avb",
"libfs_mgr", "libfs_mgr",
"libscrypt_static",
"libsquashfs_utils", "libsquashfs_utils",
"libvold_binder", "libvold_binder",
], ],
@ -130,7 +129,6 @@ cc_library_static {
"NetlinkHandler.cpp", "NetlinkHandler.cpp",
"NetlinkManager.cpp", "NetlinkManager.cpp",
"Process.cpp", "Process.cpp",
"ScryptParameters.cpp",
"Utils.cpp", "Utils.cpp",
"VoldNativeService.cpp", "VoldNativeService.cpp",
"VoldNativeServiceValidation.cpp", "VoldNativeServiceValidation.cpp",
@ -235,7 +233,6 @@ cc_binary {
static_libs: [ static_libs: [
"libvold_binder", "libvold_binder",
], ],
init_rc: ["vdc.rc"],
} }
cc_binary { cc_binary {

View file

@ -18,7 +18,6 @@
#include "Checkpoint.h" #include "Checkpoint.h"
#include "Keystore.h" #include "Keystore.h"
#include "ScryptParameters.h"
#include "Utils.h" #include "Utils.h"
#include <algorithm> #include <algorithm>
@ -45,11 +44,6 @@
#include <cutils/properties.h> #include <cutils/properties.h>
extern "C" {
#include "crypto_scrypt.h"
}
namespace android { namespace android {
namespace vold { namespace vold {

View file

@ -1,51 +0,0 @@
/*
* Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "ScryptParameters.h"
#include <stdlib.h>
#include <string.h>
bool parse_scrypt_parameters(const char* paramstr, int* Nf, int* rf, int* pf) {
int params[3] = {};
char* token;
char* saveptr;
int i;
/*
* The token we're looking for should be three integers separated by
* colons (e.g., "12:8:1"). Scan the property to make sure it matches.
*/
for (i = 0, token = strtok_r(const_cast<char*>(paramstr), ":", &saveptr);
token != nullptr && i < 3; i++, token = strtok_r(nullptr, ":", &saveptr)) {
char* endptr;
params[i] = strtol(token, &endptr, 10);
/*
* Check that there was a valid number and it's 8-bit.
*/
if ((*token == '\0') || (*endptr != '\0') || params[i] < 0 || params[i] > 255) {
return false;
}
}
if (token != nullptr) {
return false;
}
*Nf = params[0];
*rf = params[1];
*pf = params[2];
return true;
}

View file

@ -1,28 +0,0 @@
/*
* Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef ANDROID_VOLD_SCRYPT_PARAMETERS_H
#define ANDROID_VOLD_SCRYPT_PARAMETERS_H
#include <stdbool.h>
#include <sys/cdefs.h>
#define SCRYPT_PROP "ro.crypto.scrypt_params"
#define SCRYPT_DEFAULTS "15:3:1"
bool parse_scrypt_parameters(const char* paramstr, int* Nf, int* rf, int* pf);
#endif

View file

@ -26,7 +26,6 @@
#include <utils/Trace.h> #include <utils/Trace.h>
#include <stdio.h> #include <stdio.h>
#include <sys/vfs.h>
#include <fstream> #include <fstream>
#include <thread> #include <thread>
@ -912,42 +911,10 @@ static void initializeIncFs() {
incfs::features(); incfs::features();
} }
// This is missing from the kernel UAPI headers.
#define ST_RDONLY 0x0001
// FDE devices run the post-fs-data trigger (and hence also earlyBootEnded)
// multiple times, sometimes prior to the real /data being mounted. That causes
// keystore2 to try to open a file in /data, causing it to panic or have to be
// killed by vold later, causing problems (vold failing to connect to keystore2,
// or keystore2 operations erroring out later). As a workaround to keep FDE
// working, ignore these too-early calls to earlyBootEnded.
//
// This can be removed when support for FDE is removed.
static bool IgnoreEarlyBootEnded() {
// The statfs("/data") below should be sufficient by itself, but to be safe
// we also explicitly return false on FBE devices. (This really should be
// ro.crypto.type != "block" for "non-FDE devices", but on FDE devices this
// is sometimes called before ro.crypto.type gets set.)
if (fscrypt_is_native()) return false;
struct statfs buf;
if (statfs(DATA_MNT_POINT, &buf) != 0) {
PLOG(ERROR) << "statfs(\"/data\") failed";
return false;
}
if (buf.f_type == TMPFS_MAGIC || (buf.f_flags & ST_RDONLY)) {
LOG(INFO) << "Ignoring earlyBootEnded since real /data isn't mounted yet";
return true;
}
return false;
}
binder::Status VoldNativeService::earlyBootEnded() { binder::Status VoldNativeService::earlyBootEnded() {
ENFORCE_SYSTEM_OR_ROOT; ENFORCE_SYSTEM_OR_ROOT;
ACQUIRE_LOCK; ACQUIRE_LOCK;
if (IgnoreEarlyBootEnded()) return Ok();
initializeIncFs(); initializeIncFs();
Keystore::earlyBootEnded(); Keystore::earlyBootEnded();
return Ok(); return Ok();

View file

@ -22,10 +22,6 @@
#include "KeyBuffer.h" #include "KeyBuffer.h"
#include "KeyUtil.h" #include "KeyUtil.h"
// TODO(b/191796797): remove this once it is no longer referenced by system/core
// and bootable/recovery.
#define CRYPT_FOOTER_OFFSET 0x4000
int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev, int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev,
const android::vold::KeyBuffer& key, std::string* out_crypto_blkdev); const android::vold::KeyBuffer& key, std::string* out_crypto_blkdev);
const android::vold::KeyGeneration cryptfs_get_keygen(); const android::vold::KeyGeneration cryptfs_get_keygen();

12
vdc.rc
View file

@ -1,12 +0,0 @@
# One shot invocation to deal with encrypted volume.
on defaultcrypto
exec - root -- /system/bin/vdc --wait cryptfs mountdefaultencrypted
# vold will set vold.decrypt to trigger_restart_framework (default
# encryption) or trigger_restart_min_framework (other encryption)
# One shot invocation to encrypt unencrypted volumes
on encrypt
start surfaceflinger
exec - root -- /system/bin/vdc --wait cryptfs enablecrypto
# vold will set vold.decrypt to trigger_restart_framework (default
# encryption)