tequilaOS/platform_system_vold
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
4913 commits 1 branch 0 tags 9.7 MiB
Commit graph

4913 commits

This branch
This branch
All branches
Author SHA1 Message Date
Haiping Yang
28f8d9e74e Revert "Add ROLLBACK_RESISTANCE tag to key usage" am: c0a46c8106 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15718439

Change-Id: Id48e98c471efd97e378d92f63f5808528d3fb1ae
 2021-09-01 17:34:30 +00:00
Haiping Yang
c0a46c8106 Revert "Add ROLLBACK_RESISTANCE tag to key usage" 
This reverts commit 2601eb7f8c.

Ignore-AOSP-First: reverted change was introduced in sc-dev
Bug: 196887752
Test: R11 boots on master
Reason for revert: R11 boot failure on master
Change-Id: I8d2f566f3991f30cd65c48d959d26df8b6c85f32
 2021-08-30 21:04:59 +00:00
Xin Li
7c343190da [automerger skipped] Merge sc-dev-plus-aosp-without-vendor@7634622 am: b9d97763d2 -s ours am: 8148068444 -s ours 
am skip reason: Merged-In I78039d08a9bc7d9a2d285744e6d64f4af6ac851a with SHA-1 e4190a395a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15571875

Change-Id: If64c19baccca5aff77620422c987a70423064398
 2021-08-17 19:46:29 +00:00
Xin Li
8148068444 [automerger skipped] Merge sc-dev-plus-aosp-without-vendor@7634622 am: b9d97763d2 -s ours 
am skip reason: Merged-In I78039d08a9bc7d9a2d285744e6d64f4af6ac851a with SHA-1 e4190a395a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15571875

Change-Id: I8578a86264433ab71215153d95274053e2def3c9
 2021-08-17 18:35:58 +00:00
Xin Li
b9d97763d2 Merge sc-dev-plus-aosp-without-vendor@7634622 
Merged-In: I78039d08a9bc7d9a2d285744e6d64f4af6ac851a
Change-Id: I958ef629f8ca43d6539ae90e037b846d9e0b44a3
 2021-08-14 06:31:09 +00:00
Paul Crowley
82daf3dcad [automerger skipped] Merge "Revert^2 "Detect factory reset and deleteAllKeys"" into sc-dev am: 1566a5bf00 -s ours am: 068fbe2ea9 -s ours 
am skip reason: skipped by user paulcrowley

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15547746

Change-Id: I04b3bfa639a8838f17ddb0cc642cb78c1baf186f
 2021-08-13 21:30:12 +00:00
Paul Crowley
23ba1a1b0d [automerger skipped] Merge "Revert^2 "Detect factory reset and deleteAllKeys"" into sc-dev am: 1566a5bf00 am: eae11551bd -s ours 
am skip reason: skipped by user paulcrowley

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15547746

Change-Id: I941ac01cb256a82ab9222f2bc66484713911aa9c
 2021-08-13 21:29:58 +00:00
Paul Crowley
068fbe2ea9 [automerger skipped] Merge "Revert^2 "Detect factory reset and deleteAllKeys"" into sc-dev am: 1566a5bf00 -s ours 
am skip reason: skipped by user paulcrowley

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15547746

Change-Id: Ib9daf1c3d27f913c99eddf09c29a45a9387fbca9
 2021-08-13 13:50:16 +00:00
Paul Crowley
eae11551bd Merge "Revert^2 "Detect factory reset and deleteAllKeys"" into sc-dev am: 1566a5bf00 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15547746

Change-Id: I89bdf3d65c2461f882d39089e64961537888955b
 2021-08-13 02:46:44 +00:00
Paul Crowley
1566a5bf00 Merge "Revert^2 "Detect factory reset and deleteAllKeys"" into sc-dev 2021-08-13 02:33:43 +00:00
Paul Crowley
d31f36d334 Revert^2 "Detect factory reset and deleteAllKeys" 
Revert submission 15536724-revert-15521094-vold-deleteAllKeys-GDJSMLXRVZ

Reason for revert: Underlying KM problem fixed
Reverted Changes:
I8e2621bef:Revert "Detect factory reset and deleteAllKeys"
I546b980bb:Revert "Add deleteAllKeys to IKeystoreMaintenance"...
I1ed68dd9e:Revert "Allow vold to deleteAllKeys in Keystore"

Bug: 187105270
Test: booted Cuttlefish twice
Merged-In: 1e6a5f5106
Change-Id: Id641444b4ebba951aa8c5474ed60844cfaae1e20
 2021-08-13 01:44:46 +00:00
Shawn Willden
22922e708e [automerger skipped] Merge "Revert "Detect factory reset and deleteAllKeys"" into sc-dev am: 90c818d9ee -s ours am: e4190a395a -s ours 
am skip reason: Merged-In I9c5c547140e8b1bbffb9c1d215f75251f0f1354e with SHA-1 1e6a5f5106 is already in history. Merged-In was found from reverted change.

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15536478

Change-Id: If244cf6c5bb06335d07781d1e02e4c3d52fb319f
 2021-08-12 01:57:45 +00:00
Shawn Willden
95b5da6fd4 [automerger skipped] Merge "Revert "Detect factory reset and deleteAllKeys"" into sc-dev am: 90c818d9ee am: fb0d651988 -s ours 
am skip reason: Merged-In I9c5c547140e8b1bbffb9c1d215f75251f0f1354e with SHA-1 1e6a5f5106 is already in history. Merged-In was found from reverted change.

Reverted change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15517876

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15536478

Change-Id: I2a63cf3373bf1e02062429dff5695b4e50083ecd
 2021-08-12 01:57:08 +00:00
Shawn Willden
fb0d651988 Merge "Revert "Detect factory reset and deleteAllKeys"" into sc-dev am: 90c818d9ee 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15536478

Change-Id: Ie0847281b708c9eb06d54a7078fd6476e65a4099
 2021-08-12 01:33:01 +00:00
Shawn Willden
e4190a395a [automerger skipped] Merge "Revert "Detect factory reset and deleteAllKeys"" into sc-dev am: 90c818d9ee -s ours 
am skip reason: Merged-In I9c5c547140e8b1bbffb9c1d215f75251f0f1354e with SHA-1 1e6a5f5106 is already in history. Merged-In was found from reverted change.

Reverted change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15517876

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15536478

Change-Id: I78039d08a9bc7d9a2d285744e6d64f4af6ac851a
 2021-08-12 01:31:31 +00:00
Shawn Willden
90c818d9ee Merge "Revert "Detect factory reset and deleteAllKeys"" into sc-dev 2021-08-12 01:17:13 +00:00
Shawn Willden
2bab97c368 Revert "Detect factory reset and deleteAllKeys" 
Revert "Add deleteAllKeys to IKeystoreMaintenance"

Revert "Enable deleteAllKeys from vold"

Revert "Allow vold to deleteAllKeys in Keystore"

Revert submission 15521094-vold-deleteAllKeys

Reason for revert: Causes infinite loop in Trusty KeyMint
Reverted Changes:
I9c5c54714:Detect factory reset and deleteAllKeys
I2fb0e94db:Allow vold to deleteAllKeys in Keystore
Id23f25c69:Add deleteAllKeys to IKeystoreMaintenance
Ife779307d:Enable deleteAllKeys from vold
I4312b9a11:Enable deleteAllKeys from vold

Bug: 187105270
Change-Id: I8e2621bef234d0a59be422b8d1d8d52a91378a5e
 2021-08-12 01:07:00 +00:00
TreeHugger Robot
a2a6fc14d2 Merge "Add ROLLBACK_RESISTANCE tag to key usage" into sc-dev am: 8f19fd90e3 am: 7c5c6d8b43 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15534270

Change-Id: I6ee2548ce8f7c854adc941b141c81dc3ed4ae652
 2021-08-11 23:33:15 +00:00
TreeHugger Robot
f7f01defb4 Merge "Add ROLLBACK_RESISTANCE tag to key usage" into sc-dev am: 8f19fd90e3 am: d7b96bc64f 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15534270

Change-Id: I5bd4e1cf55d6000fe8e0e06cc1ad7f54d9032761
 2021-08-11 23:32:53 +00:00
TreeHugger Robot
7c5c6d8b43 Merge "Add ROLLBACK_RESISTANCE tag to key usage" into sc-dev am: 8f19fd90e3 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15534270

Change-Id: I91b9f7520cd4b039ff43f728c6eef6357efeed65
 2021-08-11 23:18:07 +00:00
TreeHugger Robot
d7b96bc64f Merge "Add ROLLBACK_RESISTANCE tag to key usage" into sc-dev am: 8f19fd90e3 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15534270

Change-Id: Ieaa3ce08c20df998a8141c77a7f771e40e1c6d0a
 2021-08-11 23:16:01 +00:00
TreeHugger Robot
8f19fd90e3 Merge "Add ROLLBACK_RESISTANCE tag to key usage" into sc-dev 2021-08-11 22:59:40 +00:00
Paul Crowley
f54a94de16 [automerger skipped] Detect factory reset and deleteAllKeys am: 0f74bd4811 am: e00101c162 -s ours 
am skip reason: Merged-In I9c5c547140e8b1bbffb9c1d215f75251f0f1354e with SHA-1 0f74bd4811 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15517876

Change-Id: Ic2859085d504d98c16620f279ee4f820d0728248
 2021-08-11 22:16:44 +00:00
Paul Crowley
94a55ae9c0 [automerger skipped] Detect factory reset and deleteAllKeys am: 0f74bd4811 -s ours am: 2160b23d14 -s ours 
am skip reason: Merged-In I9c5c547140e8b1bbffb9c1d215f75251f0f1354e with SHA-1 1e6a5f5106 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15517876

Change-Id: Id349576b4c4bdb2c98961d45f24c21cdfac812f8
 2021-08-11 22:16:01 +00:00
Paul Crowley
e00101c162 Detect factory reset and deleteAllKeys am: 0f74bd4811 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15517876

Change-Id: I3ac68496357b62e0887b41780299166d01d8fe29
 2021-08-11 22:01:51 +00:00
Paul Crowley
2160b23d14 [automerger skipped] Detect factory reset and deleteAllKeys am: 0f74bd4811 -s ours 
am skip reason: Merged-In I9c5c547140e8b1bbffb9c1d215f75251f0f1354e with SHA-1 1e6a5f5106 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15517876

Change-Id: Idcba5a41ce50b3c043a8b80b74d90de0aef50f18
 2021-08-11 22:00:38 +00:00
[6;7~
2601eb7f8c Add ROLLBACK_RESISTANCE tag to key usage 
If KM is upgraded from a version that does not support rollback
resistance to one that does, we really want our upgraded keys to
include rollback resistance. By passing this tag in when we use the
keys, we ensure that the tag is passed into the upgradeKey request
whenever it is made, which some KM implementations can use to add
rollback resistance to our keys.

Bug: 187105270
Ignore-AOSP-First: no merge path to this branch from AOSP.
Test: Manual
Change-Id: I6154fe26a10b60cd686cc60dbc2e0a85c152f43b
 2021-08-11 14:22:41 -07:00
Paul Crowley
96b31a40b7 Merge "Detect factory reset and deleteAllKeys" am: 407b2c2386 am: 85961f7a9c am: c248576dad 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1789528

Change-Id: I85671247354c4bbfb5b8d35cac3780331ac0bcf1
 2021-08-11 18:28:39 +00:00
Paul Crowley
c248576dad Merge "Detect factory reset and deleteAllKeys" am: 407b2c2386 am: 85961f7a9c 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1789528

Change-Id: I7608e0cccc2c145f722e0fa85b922af9b1d2d8d6
 2021-08-11 18:13:25 +00:00
Paul Crowley
85961f7a9c Merge "Detect factory reset and deleteAllKeys" am: 407b2c2386 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1789528

Change-Id: Ibc05df1c5ceede35fdca6d1e6a5abd67e70519f5
 2021-08-11 17:52:00 +00:00
Paul Crowley
0f74bd4811 Detect factory reset and deleteAllKeys 
Where metadata encryption is enabled, if there is no metadata encryption
key present and we are generating one anew, then there has been a
factory reset, and this is the first key to be generated. We then call
deleteAllKeys to ensure data from before the factory reset is securely
deleted.

This shouldn't really be necessary; the factory reset call itself
should be doing this. However there are currently three factory reset
paths (settings, recovery, fastboot -w) and it is not clear that all
three are doing this correctly on all devices. Obviously an attacker
can prevent this code from being run by running a version of the OS
that does not include this change; however, if the bootloader is
locked, then keys will be version bound such that they will only work
on locked devices with a sufficiently recent version of the OS. If
every sufficiently recent signed version of the OS includes this change
the attack is defeated.

Bug: 187105270
Test: booted Cuttlefish twice, checked logs
Ignore-AOSP-First: no merge path to this branch from AOSP.
Merged-In: I9c5c547140e8b1bbffb9c1d215f75251f0f1354e
Change-Id: I9c5c547140e8b1bbffb9c1d215f75251f0f1354e
 2021-08-11 10:43:58 -07:00
Paul Crowley
407b2c2386 Merge "Detect factory reset and deleteAllKeys" 2021-08-11 17:39:55 +00:00
Paul Crowley
1e6a5f5106 Detect factory reset and deleteAllKeys 
Where metadata encryption is enabled, if there is no metadata encryption
key present and we are generating one anew, then there has been a
factory reset, and this is the first key to be generated. We then call
deleteAllKeys to ensure data from before the factory reset is securely
deleted.

This shouldn't really be necessary; the factory reset call itself
should be doing this. However there are currently three factory reset
paths (settings, recovery, fastboot -w) and it is not clear that all
three are doing this correctly on all devices. Obviously an attacker
can prevent this code from being run by running a version of the OS
that does not include this change; however, if the bootloader is
locked, then keys will be version bound such that they will only work
on locked devices with a sufficiently recent version of the OS. If
every sufficiently recent signed version of the OS includes this change
the attack is defeated.

Bug: 187105270
Test: booted Cuttlefish twice, checked logs
Change-Id: I9c5c547140e8b1bbffb9c1d215f75251f0f1354e
 2021-08-11 10:29:59 -07:00
Treehugger Robot
ff366fab5f Merge "Remove ndk_platform backend. Use the ndk backend." am: 85705f6c86 am: e66b2b4015 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1778413

Change-Id: I3bf1a2b23581bb543ec1496bb60f5d8052076fce
 2021-07-28 12:49:02 +00:00
Treehugger Robot
e66b2b4015 Merge "Remove ndk_platform backend. Use the ndk backend." am: 85705f6c86 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1778413

Change-Id: Ic80a30be678fd7427ee7239f8cdb758dfd483940
 2021-07-28 12:35:52 +00:00
Treehugger Robot
85705f6c86 Merge "Remove ndk_platform backend. Use the ndk backend." 2021-07-28 12:26:13 +00:00
Nikita Ioffe
78c9cba6a5 Merge "Remove vold logs related to block devices" am: cbf82ffa29 am: 9bf8553f8d 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1779986

Change-Id: I0f5f606384ccebf21e618617a2dd7e12cc4db7b6
 2021-07-28 11:26:30 +00:00
Nikita Ioffe
9bf8553f8d Merge "Remove vold logs related to block devices" am: cbf82ffa29 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1779986

Change-Id: I81accecbb47c158de761df31fe078aaa27332006
 2021-07-28 11:15:08 +00:00
Nikita Ioffe
cbf82ffa29 Merge "Remove vold logs related to block devices" 2021-07-28 11:01:01 +00:00
Nikita Ioffe
b881fc4feb Remove vold logs related to block devices 
Since every APEX requires at least one loop device, now most of the
block devices on a device are not managed by vold. This change removes
some log statements around block devices that vold is not aware of.

Test: device boots
Test: adb logcat
Change-Id: I8efa22023c1f888e75f40178fac464af4457df3c
 2021-07-28 02:58:57 +01:00
Jiyong Park
973e05938d Remove ndk_platform backend. Use the ndk backend. 
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same 'ndk' backend.

Bug: 161456198
Test: m
Change-Id: I87554ce86da0f862568c5aa84a21e6613655eb25
 2021-07-27 12:21:11 +09:00
Keith Mok
a3f7a54366 Merge "Add command for setting the key binding seed" am: 2d76731968 am: 7aec273c8d 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1757970

Change-Id: If53ae63a91b702e09297c1d916394aee99eee8d2
 2021-07-15 21:35:55 +00:00
Keith Mok
7aec273c8d Merge "Add command for setting the key binding seed" am: 2d76731968 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1757970

Change-Id: I4fe8e883754c0c8322fb8223cdb64904da516972
 2021-07-15 21:26:35 +00:00
Keith Mok
2d76731968 Merge "Add command for setting the key binding seed" 2021-07-15 20:47:42 +00:00
Sean Keys
8452f41d4a Add command for setting the key binding seed 
The seed value is passed to vold early in startup so that the
key-encryption keys are bound to the seed. This is useful for systems
like auto, in which the Android device may not require credentials to
use. In that case, the device should be bound to the rest of the system
(the car, in the case of auto) to guard against theft.

Test: manual
Change-Id: I2e16387b0752a30ef226b5ddf32ebf955aa9610a
 2021-07-13 23:41:50 +00:00
Eric Biggers
3746f5a475 [automerger skipped] Ignore too-early earlyBootEnded on FDE devices am: 2ddc1338d7 -s ours 
am skip reason: Merged-In I03f816db194a8276ad19ca99b3c8894e8a5fed23 with SHA-1 4859e0ca0f is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15109082

Change-Id: I0f1cde2384d1848bd4c5da8764dc5a350a56b1bd
 2021-06-25 21:06:58 +00:00
Eric Biggers
9f749bcb19 Merge "Ignore too-early earlyBootEnded on FDE devices" am: a3bd31c170 am: 979429e6c3 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1747633

Change-Id: Iff37e24d06efedebf682c37b79fdc8ec868b0739
 2021-06-25 20:11:40 +00:00
Eric Biggers
979429e6c3 Merge "Ignore too-early earlyBootEnded on FDE devices" am: a3bd31c170 
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1747633

Change-Id: Ida62bd5cdab40ce459ba45d20a13c09545b4d938
 2021-06-25 19:57:37 +00:00
Eric Biggers
2ddc1338d7 Ignore too-early earlyBootEnded on FDE devices 
Don't call IKeystoreMaintenance::earlyBootEnded() too early on FDE
devices, so that keystore2 doesn't have to be restarted.

Bug: 192090857
Test: Tested FDE on Cuttlefish, both first and non-first boots.
      Verified via log that earlyBootEnded is now called only when it
      should be, and that keystore2 no longer has to be restarted.
Change-Id: I03f816db194a8276ad19ca99b3c8894e8a5fed23
(cherry picked from commit 4859e0ca0f)
Merged-In: I03f816db194a8276ad19ca99b3c8894e8a5fed23
 2021-06-25 12:44:08 -07:00
Eric Biggers
a3bd31c170 Merge "Ignore too-early earlyBootEnded on FDE devices" 2021-06-25 19:43:02 +00:00