Commit graph

24 commits

Author SHA1 Message Date
Pawan Wagh
25effc38ff Set sehandle in voldFuzzer
Bug: 271649747
Test: m vold_native_service_fuzzer && adb sync && adb shell data/fuzz/x86_64/vold_native_service_fuzzer/vold_native_service_fuzzer
Change-Id: I55a17ffd631b0b85e2fc049bffe9a91623699e64
2023-03-15 20:54:42 +00:00
Pawan
be70861242 Adding fuzzer for VoldNativeService
vold_native_service_fuzzer is added to fuzz VoldNativeService.

BUG: 232439428
Test: m vold_native_service_fuzzer
Test: adb sync && adb shell data/fuzz/x86_64/vold_native_service_fuzzer/vold_native_service_fuzzer
Change-Id: I2bf33f68e2a51b4ac390b5a5ad47d07260e94122
2023-02-13 19:01:09 +00:00
Eric Biggers
0803ba0985 Remove most of FDE support
Since Android 10, new devices have been required to use FBE instead of
FDE.  Therefore, the FDE code is no longer needed.

Remove most of cryptfs.cpp.  A few parts of it need to be kept in order
to support the dm-crypt method of adoptable storage encryption.

Keep the FDE-specific binder methods stubbed out for now until their
callers can be removed.

Bug: 191796797
Change-Id: I90b1e4cacd2f3e5cce77a82a0af744fcc7da9400
2021-11-09 16:09:33 -08:00
Eric Biggers
fec0c0e472 Add syncs when creating parent directories
vold creates some directories for storing encryption keys if they don't
already exist, potentially including parent directories:

    /metadata/vold/metadata_encryption
    /data/misc/vold/volume_keys/$volume_uuid
    /data/misc_de/$user/vold/volume_keys/$volume_uuid
    /data/misc_ce/$user/vold/volume_keys/$volume_uuid

Currently fs_mkdirs() is used for this.  However, fs_mkdirs() doesn't
include the fsync()s of the parent directories that are needed to ensure
that the new directories are persisted to disk right away -- which is
important for encryption keys.

Add a utility function MkdirsSync() which does what is needed, and make
the appropriate places call it.

Test: Booted and checked log for "Created directory" message.
      Also ran 'atest vold_tests' to run the new unit test.
Change-Id: Ie9917b616433080139b8db3fd6877203ee6faf77
2021-02-16 16:18:53 -08:00
Bob Badour
8eb43ae497 [LSC] Add LOCAL_LICENSE_KINDS to system/vold
Added SPDX-license-identifier-Apache-2.0 to:
  Android.bp
  bench/inodeop_bench/Android.bp
  tests/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: I91823c7097d7bee39a363a0c0cc30de13e4d7539
2021-02-14 10:37:25 -08:00
Yurii Zubrytskyi
131365a3e5 [vold] Add argument verification to IncFS methods
+ Get rid of an extra string copy in path validation function

Bug: 152349257
Test: atest vold_tests
Change-Id: I03a8cab0dd6abd7d5c9dcbbc2acb651e818e6cd8
2020-03-25 14:33:24 -07:00
Janis Danisevskis
8c4eb2c2c0 Removed obsolete Test
The HidlizationEquivalenceTest was used to make sure the same key is
computed by the scrypt algorithm regardless of whether the old
(<= KM2 HAL pre treble) or the new (>= KM3.0 treble) HAL was used.
Since the treble is now the default, and old HAL don't even exist on
new devices, we should call the migration a success and drop this test
altogether.

Test: Removed obsolete Code
Bug: 68197448
Change-Id: If10c79bafac4d0c8268675cbb8e1c4b46974aab5
2019-11-18 22:53:30 +00:00
Paul Crowley
95abfa0cfd Fix search for values in blkId output
Bug: 122497152
Test: atest tests/Utils_test.cpp
Test: adb shell sm partition disk:7,32 private ; adb logcat -d
Change-Id: Ic7d32bdbc0c55ce1d21f7f9e74c6a6fb3dcf332a
2019-02-05 16:57:40 -08:00
Paul Crowley
14c8c0765a clang-format many files.
Test: Format-only changes; treehugger suffices.
Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 15:41:22 -07:00
Paul Crowley
6699e7b912 Merge "Key upgrading for FDE." am: 997e605563 am: 2b1b72d183
am: 78c9969299

Change-Id: I85740653a804707faca6becc77a16c3ce9990123
2017-11-27 21:05:35 +00:00
Paul Crowley
73473337d8 Key upgrading for FDE.
Correctly handle a key upgrade error from keymaster by upgrading the
FDE RSA key and writing the new key blob to disk.

Bug: 69792304
Test: Roll back PLATFORM_SECURITY_PATCH a month, wipe and reboot, roll
      forwards again, check logs with and without this patch.
Change-Id: I220d2dd4e3d791f636e9bc5f063064cecbf1b88a
2017-11-27 10:34:18 -08:00
Jeff Sharkey
d16dc5089b Move vold to Android.bp.
Test: builds, boots
Bug: 67041047
Change-Id: Ife9118d274fc92d30b38d216f815741a060a04b7
2017-10-23 17:27:49 -06:00
Chih-hung Hsieh
7718457dfc Merge "Use -Werror in system/vold/tests"
am: d6d0e91c62

Change-Id: Idc41239ba5d67954dfb7d6e61e31768dafdd3599
2017-10-19 23:18:12 +00:00
Chih-Hung Hsieh
8646da062a Use -Werror in system/vold/tests
* Comment out unused function.

Bug: 66996870
Test: build with WITH_TIDY=1
Change-Id: I7a23573af0d664a5f39f1cde3a22ac0001dac1ac
2017-10-19 11:51:20 -07:00
Chih-Hung Hsieh
27c0d952cb Use -Werror in system/vold/tests
Bug: 66996870
Test: build with WITH_TIDY=1
Change-Id: Ied1f6160124d10d81151d401ed4a0b089816abb3
2017-10-19 10:07:38 -07:00
Jeff Sharkey
3472e52fc2 Move to modern utility methods from android::base.
Moves away from crufty char* operations to std::string utility
methods, including android::base methods for splitting/parsing.

Rewrite of how Process handles scanning procfs for filesystem
references; now uses fts(3) for more sane traversal.

Replace sscanf() with new FindValue() method, also has unit tests.

Remove some unused methods.  Switch almost everyone over to using
modern logging library.

Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest
Test: cts-tradefed run commandAndExit cts-dev --abi armeabi-v7a -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Bug: 67041047
Change-Id: I70dc512f21459d1e25b187f24289002b2c7bc7af
2017-10-17 12:40:51 -06:00
Jeff Sharkey
95440ebd97 Enable "cert-err34-c" tidy checks.
Now that we've moved to Binder, we only have a few lingering atoi()
usages that are cleaned up in this CL.

Rewrite match_multi_entry() entirely, with tests to verify both old
and new implementations.

Test: adb shell /data/nativetest/vold_tests/vold_tests
Bug: 36655947
Change-Id: Ib79dc1ddc2366db4d5b4e1a1e2ed9456a06a983e
2017-09-20 13:29:48 -06:00
Jeff Sharkey
cbe69fc060 Destroy vold socket interface completely.
Long live Binder.

Test: yes
Bug: 13758960
Change-Id: If6be379b5a873f1b0c66dd1522b87413ad10fc46
2017-09-18 16:00:14 -06:00
Jeff Sharkey
11c2d380a7 Move even more vold commands over to Binder.
This moves fstrim, obb and appfuse commands over to the new Binder
interface.  This change also separates creating/destroying and
mounting/unmounting of OBB volumes, which means they finally flow
nicely into the modern VolumeInfo/VolumeBase design.

We now generate unique identifiers for all OBB volumes, instead of
using a shady MD5 hash.

Change all "loop" and "dm" devices to tag the kernel resources with
a vold-specific prefix so that we can clean them up if vold crashes;
there are new destroyAll() methods that handle this cleanup.

Move appfuse mounting/unmounting into VolumeManager so it can be
shared.  Move various model objects into a separate directory to
tidy things up.

Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest
Bug: 13758960
Change-Id: I7294e32b3fb6efe07cb3b77bd20166e70b66958f
2017-09-11 18:44:17 -06:00
Janis Danisevskis
2ad849b607 Add CryptfsScryptHidlizationEquivalenceTest
Disk encryption keys are derived using scrypt. If available, this is
done by means of keymaster. An RSA key is generated and password is
signed by that key. The signature is used as the key.

With the hidlization of the keymaster HAL, this code had to be ported.
This test checks the equivalence of the legacy implementation with
the new hildized one.

Test: run /data/nativetest/vold_cryptfs_scrypt_hidlization_equivalence_test/vold_cryptfs_scrypt_hidlization_equivalence_test

Bug: 35028230
Bug: 32020919
Change-Id: Iabf4686dbff5341791ba3a98d7c95c5058c234f9
2017-02-14 11:20:18 +00:00
Paul Crowley
4315c6a0c3 Enable building and running the vold_tests module as part of a
standard build; make it use only static libraries as per documented
limitations of APCT.

Bug: 33384925
Test: This is a test.
Change-Id: I794adbfa3376795120cfbca1e9322093960009b5
2016-12-06 08:22:04 -08:00
Adam Langley
41405bb3e5 Remove superfluous OpenSSL include paths.
The libcrypto and libssl modules (and their respective static and host
versions) use LOCAL_EXPORT_C_INCLUDE_DIRS thus just including the module
is sufficient.

Additionally, cryptfs.h was including an OpenSSL header just to get the
length of a SHA-256 hash. Rather than force all users of this header to
also depend on libcrypto, it's easier just to define that value in the
header file.

Change-Id: I3e3e0db906a212e1093944b298e4a8ff2e2fb07d
2015-01-22 16:45:28 -08:00
Dan Albert
b2aaf3afa1 Remove makefile cruft.
Don't manually include stlport, and don't use private bionic headers.

Change-Id: I44dd212fdd5874e625890c548e9d7bf3a9c27912
2014-09-12 10:48:12 -07:00
Kenny Root
acc9e7dcca Change ASCII conversion for hash and add tests
Hash was printed using snprintf(), but we can just write yet another hex
conversion utility!

Change-Id: I04f1992deaf5bf1b3e2751c8f07072f8ed6660e9
2010-06-20 22:03:10 -07:00