The previous problem of the framework not properly restarting after accepting
the password to decrypt the storage is also a problem when restarting the
framework to display the encryption progress screen. So like the previous
hacky fix, add a sleep to wait a few moments before proceeding. Also,
increase the sleep of the previous fix from 1 second to 2, as the problem
was seen once more in testing. A proper fix has been designed and hopefully
will work and be checked-in RSN.
Change-Id: Icc2c072ce7f7ebcdea22cd7ff8cb2b87a627c578
There is a race in the encryption code that after it accepts the
decryption password, it tells init to kill all the processes in
class "main", then it mounts the decrypted filesystem, preps it,
and restarts the framework. For an unknown reason on some devices,
the new framework sometimes starts up before init has killed and
reaped all the old processes. The proper fix is to make the killing
of the old framework synchronous, so vold waits till all the
processes have died. But with factory rom a few days away, the
much more pragmatic solution of adding a sleep of 1 second after
telling init to kill the old framework will suffice.
Bug: 7271212
Change-Id: Ie971cd04abbc6f3f6500b4acd79d3b3b26d9561c
There is a race in the encryption code that after it accepts the
decryption password, it tells init to kill all the processes in
class "main", then it mounts the decrypted filesystem, preps it,
and restarts the framework. For an unknown reason on some devices,
the new framework sometimes starts up before init has killed and
reaped all the old processes. The proper fix is to make the killing
of the old framework synchronous, so vold waits till all the
processes have died. But with factory rom a few days away, the
much more pragmatic solution of adding a sleep of 1 second after
telling init to kill the old framework will suffice.
Bug: 7271212
Change-Id: Ie971cd04abbc6f3f6500b4acd79d3b3b26d9561c
To support multi-user emulated storage, we mount rootfs as MS_SHARED,
which means we can't MS_MOVE existing mount points rooted in the
shared subtree. Initial staging is still able to MS_MOVE, since it's
rooted in a MS_PRIVATE tmpfs rooted at /mnt/secure.
This change fixes unmounting by operating in-place instead of trying
(and failing) to MS_MOVE back to staging.
Bug: 7127564
Change-Id: I4783db4319b61c0915da39361cbc7e8f4943d094
The kernel seems to return from umount(2) sometimes before it has
released the underlying block device. So until the kernel is fixed,
try up to 10 times to load the crypto mapping table, waiting 500 ms
between tries.
bug: 7220345
Change-Id: Iad3bbef37cbe2e01613bb8a8c4886babdecb8328
Mount OBB containers using shared app GID, so that an app can read
the mount point across users.
Bug: 7212801
Change-Id: Ia1be52df9854c259b20728111f3a2c9facf4beaa
Any ASEC or OBB files were unmounted when USB storage was set to UMS
mode. This changes it so only ASEC files on external storage and OBB
files mounted from external storage are unmounted.
(Cherry-pick of 93ecb38dad)
Bug: 6948035
Change-Id: Ib60727bd360caa32173797ff5b4e1e21fcf20054
Any ASEC or OBB files were unmounted when USB storage was set to UMS
mode. This changes it so only ASEC files on external storage and OBB
files mounted from external storage are unmounted.
Bug: 6948035
Change-Id: I91bc09ee5b792970b0eef895f6886f3ffad00e8f
When creating a new file using open(..., O_CREAT), it is an error
to fail to specify a creation mode. If a mode is not specified, a
random stack provided value is used as the "mode".
This will become a compile error in a future Android change.
Change-Id: I761708c001247d7a2faac2e286288b45bfecc6f7
Now that forward locked apps are stored on /data as asec image files
that are mounted, they need to be unmounted before /data can be unmounted
so it can be encrypted.
Change-Id: I7c87deb52aaed21c8ad8ce8aceb7c15c2338620a
Now that forward locked apps are stored on /data as asec image files
that are mounted, they need to be unmounted before /data can be unmounted
so it can be encrypted.
Change-Id: I7c87deb52aaed21c8ad8ce8aceb7c15c2338620a
* commit '2fdea0aa78cefce50c6f51be97084977f2a6ae69':
Native library loading needs to read directory
Only set permissions on dirs or files
Fix truncation of ASEC ids
When calling System.loadLibrary(), it needs to be able to read the
directory to load the file. We could probably fix that, but changing
permissions here is faster.
Bug: 6478606
Change-Id: I296b0805839da5a19950157f9a16755a4d258ca8
Traversal would mark directories with the correct permissions, but
they're visited again in post-order which is a different fts_info flag.
Then it would set that to regular file permissions.
Explicitly check to make sure we're looking at a file instead.
Bug: 6478606
Change-Id: I13cab3e69f451da6a994fa974d575ef366f82025
There appears to be a race condition from when the device mapper is
asked to create a device and when it actually appears. When we moved
ASECs to use Ext4, mount started winning the race more often.
Just insert a sleep-retry loop here to counter-act this race. We should
ideally look at the uevent replies, but it takes a bit more effort to
separate them out.
Change-Id: Ie8a5b36b1c9a26f2320a178d37312059d03a1281
When calling System.loadLibrary(), it needs to be able to read the
directory to load the file. We could probably fix that, but changing
permissions here is faster.
Bug: 6478606
Change-Id: I296b0805839da5a19950157f9a16755a4d258ca8
Traversal would mark directories with the correct permissions, but
they're visited again in post-order which is a different fts_info flag.
Then it would set that to regular file permissions.
Explicitly check to make sure we're looking at a file instead.
Bug: 6478606
Change-Id: I13cab3e69f451da6a994fa974d575ef366f82025
