Fully switch to mke2fs; set policies everywhere.

Older make_ext4fs doesn't support enabling quotas, so switch everyone
over to using mke2fs for adoptable storage.

Remove UUID check so that we start setting ext4-crypto policies on
adoptable storage devices; a future change will handle the actual
key management.

Bug: 30230655, 36757864
Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Change-Id: I021f85b1be8431044c239521c37be96534682746
This commit is contained in:
Jeff Sharkey 2017-06-26 16:09:11 -06:00
parent 46bb69f49a
commit d794526962
3 changed files with 5 additions and 24 deletions

View file

@ -88,6 +88,8 @@ ifeq ($(TARGET_USERIMAGES_USE_EXT4), true)
vold_cflags += -DTARGET_USES_MKE2FS
required_modules += mke2fs
else
# Adoptable storage has fully moved to mke2fs, so we need both tools
required_modules += mke2fs
required_modules += make_ext4fs
endif
endif

View file

@ -599,8 +599,7 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
if (!prepare_dir(misc_de_path, 01771, AID_SYSTEM, AID_MISC)) return false;
if (!prepare_dir(user_de_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
// For now, FBE is only supported on internal storage
if (e4crypt_is_native() && volume_uuid == nullptr) {
if (e4crypt_is_native()) {
std::string de_raw_ref;
if (!lookup_key_ref(s_de_key_raw_refs, user_id, &de_raw_ref)) return false;
if (!ensure_policy(de_raw_ref, system_de_path)) return false;
@ -621,8 +620,7 @@ bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int
if (!prepare_dir(media_ce_path, 0770, AID_MEDIA_RW, AID_MEDIA_RW)) return false;
if (!prepare_dir(user_ce_path, 0771, AID_SYSTEM, AID_SYSTEM)) return false;
// For now, FBE is only supported on internal storage
if (e4crypt_is_native() && volume_uuid == nullptr) {
if (e4crypt_is_native()) {
std::string ce_raw_ref;
if (!lookup_key_ref(s_ce_key_raw_refs, user_id, &ce_raw_ref)) return false;
if (!ensure_policy(ce_raw_ref, system_ce_path)) return false;

View file

@ -56,11 +56,7 @@ namespace vold {
namespace ext4 {
static const char* kResizefsPath = "/system/bin/resize2fs";
#ifdef TARGET_USES_MKE2FS
static const char* kMkfsPath = "/system/bin/mke2fs";
#else
static const char* kMkfsPath = "/system/bin/make_ext4fs";
#endif
static const char* kFsckPath = "/system/bin/e2fsck";
bool IsSupported() {
@ -171,7 +167,6 @@ status_t Format(const std::string& source, unsigned long numSectors,
std::vector<std::string> cmd;
cmd.push_back(kMkfsPath);
#ifdef TARGET_USES_MKE2FS
cmd.push_back("-b");
cmd.push_back("4096");
@ -191,24 +186,10 @@ status_t Format(const std::string& source, unsigned long numSectors,
cmd.push_back(source);
if (numSectors)
cmd.push_back(StringPrintf("%lu", numSectors * (4096 / 512)));
#else
cmd.push_back("-J");
cmd.push_back("-a");
cmd.push_back(target);
if (numSectors) {
cmd.push_back("-l");
cmd.push_back(StringPrintf("%lu", numSectors * 512));
cmd.push_back(StringPrintf("%lu", numSectors * (4096 / 512)));
}
// Always generate a real UUID
cmd.push_back("-u");
cmd.push_back(source);
#endif
return ForkExecvp(cmd);
}