Vold was trusting system_server too much and allowed for pretty
much any path in mount()/bindMount() calls for incremental.
This CL adds validation to make sure it's only accessing own
directories. This includes enforcing no symlinks in the paths
Bug: 198657657
Bug: 216722132
Test: manual
Change-Id: I6035447f94ef44c4ae3294c3ae47de2d7210683a
Merged-In: I6035447f94ef44c4ae3294c3ae47de2d7210683a
Android should only abort fuse connections for fuse fs. It shouldn't
touch fuse connections for virtiofs.
Bug: 162284193
Test: manual - Restart zygote, no 'Transport endpoint is not connected' error.
Change-Id: Ie3536734531404e98ad1b6594ab3c52e919b22b7
Added interfaces required by smart idle maintenance service in
StorageManagerService, whose goal is to determine when to trigger
filesystem defragmentation while keeping the best user experience
as long as possible, and avoiding hurting UFS lifetime.
Test: check smart idle maintenance log every hour
Bug: 202283480
Bug: 181079477
Signed-off-by: Daeho Jeong <daehojeong@google.com>
Change-Id: I012cfb9b01e5d21ec71700c3c52ac9c096cd1a90
We need to load the partition table before we can wait on the userdata
dm device because the kernel (as of [1] doesn't send the KOBJ_ADD uevent
until after the partition table is loaded. The new flow needs to be:
CreateDevice() -> ioctl(DM_DEV_CREATE)
LoadTableAndActivate() -> ioctl(DM_TABLE_LOAD)
WaitForDevice()
This patch updates create_crypto_blk_dev() to first call
LoadTableAndActivate() before WaitForDevice().
[1] https://lore.kernel.org/all/20210804094147.459763-8-hch@lst.de/
Fixes: 156d9d2293 ("Pre-create userdata metadata encryption device.")
Bug: 210737958
Test: manually test booting raven with android13-5.15
Change-Id: Iab2214a62d44ba7e53b57f2cf0f08ac06c77b4fd
StubVolumes are managed from outside Android (e.g. from Chrome OS). So,
their disk recreation on vold reset events should also be handled from
outside by 1) listening to reset events, and 2) calling
createStubVolume() for existing StubVolumes on reset events.
Bug: 175281783
Test: m
Test: (Tested in R) Manually induce a vold reset event, and confirm that
Test: 1) vold does not crash, and 2) existing volumes are successfully
Test: mounted again (by calling createStubVolume() for StubVolumes).
Change-Id: I4628eabf809037a547aeef43faedf4dfa57529a6
FUSE BPF aims at achieving comparable performance to bind-mounts, with
the flexibility of FUSE.
Disable data and obb bind-mounts in favor of the FUSE filesystem if the
system implements the feature.
Bug: 202785178
Test: mount | grep obb
Signed-off-by: Alessio Balsini <balsini@google.com>
Change-Id: Ia8b289b84542125831a857b559bb6f93afbee494
This allows for easier bumping of the KeyMint/Keystore2 version level.
At the moment this change should have no effect: the same dependency
is used, just reached via a default rather than explicitly.
However, when the Keystore2 version increases in the near future, using
this default should mean that no change is needed here: the default
definition will change to -V2 and this will be referenced here.
Test: TreeHugger
Change-Id: I7cec2cd8fac137e5ac7e95db06e738e94a3cc567
IVold.MOUNT_FLAG_VISIBLE is split into MOUNT_FLAG_VISIBLE_FOR_READ and
MOUNT_FLAG_VISIBLE_FOR_WRITE.
Accordingly, VolumeBase::MountFlags::kVisible is split into
kVisibleForRead and kVisibleForWrite.
Bug: 206019156
Test: m
Change-Id: Ia55673400d9f713f221650e1335a46ba11f6f027
Merged-In: Ia55673400d9f713f221650e1335a46ba11f6f027
This has to be allowed as a workaround until there is a way for
userspace to check the maximum DUN size directly.
Bug: 207390665
Change-Id: Id5e51720ca963fe80e65dbae1965f777b3cd2ee4
Ensure fuse_media gets included in every build
Bug: 202785178
Test: /system/etc/bpf/fuse_media.o is present
Change-Id: Ic9f88a1905eca66f67b94ce75a04b9b26b6ca7ca
Now that FDE is no longer supported, the "defaultcrypto" and "encrypt"
events are never triggered. Therefore, the actions in vdc.rc aren't
needed anymore.
Bug: 191796797
Change-Id: Icdff584ec664b3e038f0accdc826437d261fed51
Since Android 10, new devices have been required to use FBE instead of
FDE. Therefore, the FDE code is no longer needed.
Remove most of cryptfs.cpp. A few parts of it need to be kept in order
to support the dm-crypt method of adoptable storage encryption.
Keep the FDE-specific binder methods stubbed out for now until their
callers can be removed.
Bug: 191796797
Change-Id: I90b1e4cacd2f3e5cce77a82a0af744fcc7da9400
This is needed to debug vold mounting errors before adb is up. It also
helps diagnose failures on devices that store dmesg persistently.
Tested by adding an error log with serial attached.
Bug: 205314634
Test: manual test
Change-Id: Ia095340c562e3f1f94bc44c5d13ad466a7a35345
This patch adds more error logging to mountFstab. In a few cases, the
were error paths with no existing error logs. In other cases, the log
messages are there to help understand error flow in logs (for example
when a function with lots of error paths returns false).
Bug: 205314634
Test: treehugger builds
Change-Id: I464edc6e74ea0d7419ee9d9b75fd238752c13f4f
Default buffer size of 4 pages causes many missed log records
because of ring buffer overflows. This change adds a dynamic
sizing, up to 32 pages, that has shown to decrease dropped
records pretty much to nil
Fallback code automatically decreases the buffer size in case
of kernel memory fragmentation - some logs are still much
better than no logs at all
Bug: 203551890
Test: manual, adb install <Apk>; checked for fallback by
increasing max size to 1024 pages
Change-Id: I0ea46c1ad2534b1dbb5faaead52afab88b66747b
http://aosp/1845900 creates the directory with the wrong permission
and context. And when we attempt to fix it in http://aosp/1860276, the
device would fail to boot if the device is already on the bad build.
As a temporarily fix, already delete that checkin directory in vold. And
we can revert the deletion when the droidfood daily polulation gets out
of the bad state.
Bug: 203742483
Test: Update from TP1A.211016.001 and make sure the boot doesn't fail
Change-Id: Iec74528c1fe0e5876acc601e5cd008f99852d269
