Fully switch to mke2fs; set policies everywhere.
Older make_ext4fs doesn't support enabling quotas, so switch everyone over to using mke2fs for adoptable storage. Remove UUID check so that we start setting ext4-crypto policies on adoptable storage devices; a future change will handle the actual key management. Bug: 30230655, 36757864 Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest Change-Id: I021f85b1be8431044c239521c37be96534682746
This commit is contained in:
Jeff Sharkey
parent
46bb69f49a
commit
d794526962
3 changed files with 5 additions and 24 deletions
|
|
@ -88,6 +88,8 @@ ifeq ($(TARGET_USERIMAGES_USE_EXT4), true)
|
|||
vold_cflags += -DTARGET_USES_MKE2FS
|
||||
required_modules += mke2fs
|
||||
else
|
||||
# Adoptable storage has fully moved to mke2fs, so we need both tools
|
||||
required_modules += mke2fs
|
||||
required_modules += make_ext4fs
|
||||
endif
|
||||
endif
|
||||
|
|
|
|||
|
|
@ -599,8 +599,7 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
|
|||
if (!prepare_dir(misc_de_path, 01771, AID_SYSTEM, AID_MISC)) return false;
|
||||
if (!prepare_dir(user_de_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
|
||||
|
||||
// For now, FBE is only supported on internal storage
|
||||
if (e4crypt_is_native() && volume_uuid == nullptr) {
|
||||
if (e4crypt_is_native()) {
|
||||
std::string de_raw_ref;
|
||||
if (!lookup_key_ref(s_de_key_raw_refs, user_id, &de_raw_ref)) return false;
|
||||
if (!ensure_policy(de_raw_ref, system_de_path)) return false;
|
||||
|
|
@ -621,8 +620,7 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
|
|||
if (!prepare_dir(media_ce_path, 0770, AID_MEDIA_RW, AID_MEDIA_RW)) return false;
|
||||
if (!prepare_dir(user_ce_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
|
||||
|
||||
// For now, FBE is only supported on internal storage
|
||||
if (e4crypt_is_native() && volume_uuid == nullptr) {
|
||||
if (e4crypt_is_native()) {
|
||||
std::string ce_raw_ref;
|
||||
if (!lookup_key_ref(s_ce_key_raw_refs, user_id, &ce_raw_ref)) return false;
|
||||
if (!ensure_policy(ce_raw_ref, system_ce_path)) return false;
|
||||
|
|
|
|||
21
fs/Ext4.cpp
21
fs/Ext4.cpp
|
|
@ -56,11 +56,7 @@ namespace vold {
|
|||
namespace ext4 {
|
||||
|
||||
static const char* kResizefsPath = "/system/bin/resize2fs";
|
||||
#ifdef TARGET_USES_MKE2FS
|
||||
static const char* kMkfsPath = "/system/bin/mke2fs";
|
||||
#else
|
||||
static const char* kMkfsPath = "/system/bin/make_ext4fs";
|
||||
#endif
|
||||
static const char* kFsckPath = "/system/bin/e2fsck";
|
||||
|
||||
bool IsSupported() {
|
||||
|
|
@ -171,7 +167,6 @@ status_t Format(const std::string& source, unsigned long numSectors,
|
|||
std::vector<std::string> cmd;
|
||||
cmd.push_back(kMkfsPath);
|
||||
|
||||
#ifdef TARGET_USES_MKE2FS
|
||||
cmd.push_back("-b");
|
||||
cmd.push_back("4096");
|
||||
|
||||
|
|
@ -191,24 +186,10 @@ status_t Format(const std::string& source, unsigned long numSectors,
|
|||
|
||||
cmd.push_back(source);
|
||||
|
||||
if (numSectors)
|
||||
cmd.push_back(StringPrintf("%lu", numSectors * (4096 / 512)));
|
||||
#else
|
||||
cmd.push_back("-J");
|
||||
|
||||
cmd.push_back("-a");
|
||||
cmd.push_back(target);
|
||||
|
||||
if (numSectors) {
|
||||
cmd.push_back("-l");
|
||||
cmd.push_back(StringPrintf("%lu", numSectors * 512));
|
||||
cmd.push_back(StringPrintf("%lu", numSectors * (4096 / 512)));
|
||||
}
|
||||
|
||||
// Always generate a real UUID
|
||||
cmd.push_back("-u");
|
||||
cmd.push_back(source);
|
||||
#endif
|
||||
|
||||
return ForkExecvp(cmd);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue