Merge changes Icdff584e,I71fd98e6,If1e9e3ad,I05bc4dc9 am: 017e95fa6a
am: 078a507c43
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1887522 Change-Id: I6e2144b19a38d838595729b932d7bd3a9110b87e
This commit is contained in:
commit
54dd37692a
7 changed files with 0 additions and 137 deletions
|
@ -41,7 +41,6 @@ cc_defaults {
|
|||
"libfec_rs",
|
||||
"libfs_avb",
|
||||
"libfs_mgr",
|
||||
"libscrypt_static",
|
||||
"libsquashfs_utils",
|
||||
"libvold_binder",
|
||||
],
|
||||
|
@ -130,7 +129,6 @@ cc_library_static {
|
|||
"NetlinkHandler.cpp",
|
||||
"NetlinkManager.cpp",
|
||||
"Process.cpp",
|
||||
"ScryptParameters.cpp",
|
||||
"Utils.cpp",
|
||||
"VoldNativeService.cpp",
|
||||
"VoldNativeServiceValidation.cpp",
|
||||
|
@ -235,7 +233,6 @@ cc_binary {
|
|||
static_libs: [
|
||||
"libvold_binder",
|
||||
],
|
||||
init_rc: ["vdc.rc"],
|
||||
}
|
||||
|
||||
cc_binary {
|
||||
|
|
|
@ -18,7 +18,6 @@
|
|||
|
||||
#include "Checkpoint.h"
|
||||
#include "Keystore.h"
|
||||
#include "ScryptParameters.h"
|
||||
#include "Utils.h"
|
||||
|
||||
#include <algorithm>
|
||||
|
@ -45,11 +44,6 @@
|
|||
|
||||
#include <cutils/properties.h>
|
||||
|
||||
extern "C" {
|
||||
|
||||
#include "crypto_scrypt.h"
|
||||
}
|
||||
|
||||
namespace android {
|
||||
namespace vold {
|
||||
|
||||
|
|
|
@ -1,51 +0,0 @@
|
|||
/*
|
||||
* Copyright (C) 2016 The Android Open Source Project
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "ScryptParameters.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
bool parse_scrypt_parameters(const char* paramstr, int* Nf, int* rf, int* pf) {
|
||||
int params[3] = {};
|
||||
char* token;
|
||||
char* saveptr;
|
||||
int i;
|
||||
|
||||
/*
|
||||
* The token we're looking for should be three integers separated by
|
||||
* colons (e.g., "12:8:1"). Scan the property to make sure it matches.
|
||||
*/
|
||||
for (i = 0, token = strtok_r(const_cast<char*>(paramstr), ":", &saveptr);
|
||||
token != nullptr && i < 3; i++, token = strtok_r(nullptr, ":", &saveptr)) {
|
||||
char* endptr;
|
||||
params[i] = strtol(token, &endptr, 10);
|
||||
|
||||
/*
|
||||
* Check that there was a valid number and it's 8-bit.
|
||||
*/
|
||||
if ((*token == '\0') || (*endptr != '\0') || params[i] < 0 || params[i] > 255) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
if (token != nullptr) {
|
||||
return false;
|
||||
}
|
||||
*Nf = params[0];
|
||||
*rf = params[1];
|
||||
*pf = params[2];
|
||||
return true;
|
||||
}
|
|
@ -1,28 +0,0 @@
|
|||
/*
|
||||
* Copyright (C) 2016 The Android Open Source Project
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#ifndef ANDROID_VOLD_SCRYPT_PARAMETERS_H
|
||||
#define ANDROID_VOLD_SCRYPT_PARAMETERS_H
|
||||
|
||||
#include <stdbool.h>
|
||||
#include <sys/cdefs.h>
|
||||
|
||||
#define SCRYPT_PROP "ro.crypto.scrypt_params"
|
||||
#define SCRYPT_DEFAULTS "15:3:1"
|
||||
|
||||
bool parse_scrypt_parameters(const char* paramstr, int* Nf, int* rf, int* pf);
|
||||
|
||||
#endif
|
|
@ -26,7 +26,6 @@
|
|||
#include <utils/Trace.h>
|
||||
|
||||
#include <stdio.h>
|
||||
#include <sys/vfs.h>
|
||||
#include <fstream>
|
||||
#include <thread>
|
||||
|
||||
|
@ -912,42 +911,10 @@ static void initializeIncFs() {
|
|||
incfs::features();
|
||||
}
|
||||
|
||||
// This is missing from the kernel UAPI headers.
|
||||
#define ST_RDONLY 0x0001
|
||||
|
||||
// FDE devices run the post-fs-data trigger (and hence also earlyBootEnded)
|
||||
// multiple times, sometimes prior to the real /data being mounted. That causes
|
||||
// keystore2 to try to open a file in /data, causing it to panic or have to be
|
||||
// killed by vold later, causing problems (vold failing to connect to keystore2,
|
||||
// or keystore2 operations erroring out later). As a workaround to keep FDE
|
||||
// working, ignore these too-early calls to earlyBootEnded.
|
||||
//
|
||||
// This can be removed when support for FDE is removed.
|
||||
static bool IgnoreEarlyBootEnded() {
|
||||
// The statfs("/data") below should be sufficient by itself, but to be safe
|
||||
// we also explicitly return false on FBE devices. (This really should be
|
||||
// ro.crypto.type != "block" for "non-FDE devices", but on FDE devices this
|
||||
// is sometimes called before ro.crypto.type gets set.)
|
||||
if (fscrypt_is_native()) return false;
|
||||
|
||||
struct statfs buf;
|
||||
if (statfs(DATA_MNT_POINT, &buf) != 0) {
|
||||
PLOG(ERROR) << "statfs(\"/data\") failed";
|
||||
return false;
|
||||
}
|
||||
if (buf.f_type == TMPFS_MAGIC || (buf.f_flags & ST_RDONLY)) {
|
||||
LOG(INFO) << "Ignoring earlyBootEnded since real /data isn't mounted yet";
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
binder::Status VoldNativeService::earlyBootEnded() {
|
||||
ENFORCE_SYSTEM_OR_ROOT;
|
||||
ACQUIRE_LOCK;
|
||||
|
||||
if (IgnoreEarlyBootEnded()) return Ok();
|
||||
|
||||
initializeIncFs();
|
||||
Keystore::earlyBootEnded();
|
||||
return Ok();
|
||||
|
|
|
@ -22,10 +22,6 @@
|
|||
#include "KeyBuffer.h"
|
||||
#include "KeyUtil.h"
|
||||
|
||||
// TODO(b/191796797): remove this once it is no longer referenced by system/core
|
||||
// and bootable/recovery.
|
||||
#define CRYPT_FOOTER_OFFSET 0x4000
|
||||
|
||||
int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev,
|
||||
const android::vold::KeyBuffer& key, std::string* out_crypto_blkdev);
|
||||
const android::vold::KeyGeneration cryptfs_get_keygen();
|
||||
|
|
12
vdc.rc
12
vdc.rc
|
@ -1,12 +0,0 @@
|
|||
# One shot invocation to deal with encrypted volume.
|
||||
on defaultcrypto
|
||||
exec - root -- /system/bin/vdc --wait cryptfs mountdefaultencrypted
|
||||
# vold will set vold.decrypt to trigger_restart_framework (default
|
||||
# encryption) or trigger_restart_min_framework (other encryption)
|
||||
|
||||
# One shot invocation to encrypt unencrypted volumes
|
||||
on encrypt
|
||||
start surfaceflinger
|
||||
exec - root -- /system/bin/vdc --wait cryptfs enablecrypto
|
||||
# vold will set vold.decrypt to trigger_restart_framework (default
|
||||
# encryption)
|
Loading…
Reference in a new issue