As per discussion default permissions are the correct ones.
Note that since we use logon keys, they cannot be read outside
the kernel.
Note also that we limit who can read/write keys in selinux policy.
Bug: 18151196
Change-Id: Icc916f430a70eff22e6b74c20ec361c8f3789c1c
The VolumeManager::mountObb() creates a mapping between
a loopback device and a dm device. However the device-mapper
carries it out asynchronously, so there is a possibility that
Vold accesses to the dm device which is being built. Added
waiting for completion of the mapping in that function, like
mountAsec().
To verify install FrameworksCoreTests.apk and do:
adb shell am instrument -r -w -e class android.os.storage.\
StorageManagerIntegrationTest#testMountTwoEncryptedObb \
com.android.frameworks.coretests/android.test.\
InstrumentationTestRunner
Change-Id: If42f4b7494bb2f8a8b72d106ad84b3e3bf91fd9b
ioctl(BLKGETSIZE) expects unsigned long
(8 bytes on 64 bit environment).
This is fixing fails in android.os.storage.StorageManagerIntegrationTest
(in FrameworkCoreTests).
To verify, install FrameworksCoreTests.apk and do:
adb shell am instrument -r -w -e class android.os.storage.\
StorageManagerIntegrationTest#testMountSingleEncryptedObb \
com.android.frameworks.coretests/android.test.InstrumentationTestRunner
Change-Id: Ib6d5c7490c02521c93f107c35ad0aac49f6a3f1a
Redirect all crypto calls to e4crypt equivalents if file level encryption
detected. Note this change implements only the ones needed for minimal
functionality.
Requires matching change:
https://googleplex-android-review.git.corp.google.com/#/c/642778/
Change-Id: I622d1a91704de4b3ab655486e6d38cd6718e6016
open(O_DIRECTORY) returns an error if the open attempt
is against anything other than a directory. This basically
duplicates the check that the stat() call was trying to do.
Eliminate the unnecessary stat() call and use O_DIRECTORY
instead.
Change-Id: I1821abbed325f29a7214fdc41ed27cd9e26817d0
If fstrim thread creation or detachment is failed, wakelock can be leaked.
So move wakelock acquire to do_fstrim_filesystems function
Change-Id: I4da3164343af83fae3e5b01700f43d1752661276
Signed-off-by: Young-ho Cha <ganadist@gmail.com>
This is to accomodate the new keymaster1_device_t, which has an entirely
different interface.
Soon I'll provide a libkeymaster which provides a unified (and nicer)
interface for dealing with both v0 and v1 keymaster implementations
using a v1 keymaster API. For now this change is just so that vold will
build and run.
Change-Id: I5c54282c12d1c4b8b22ed4929b6e6c724a94ede4
This reverts commit 6a69cfc411.
The original fix seems to have led to boot failures in QA. Rather than
risk shipping, revert the change. Bug 18764230 reopened.
Requires change
https://googleplex-android-review.git.corp.google.com/#/c/629950/
Bug: 19278390
Bug: 19199624
Change-Id: Ia858c4db0abb917f9364ec8048f59ca4fb48e233
Don't use faccessat(AT_SYMLINK_NOFOLLOW). In Android, AT_SYMLINK_NOFOLLOW
is ignored. In glibc, it returns counter intuitive results when a
symbolic link is encountered, returning true all the time even though
an open(O_NOFOLLOW) will eventually fail.
Instead, stat the file and check to see if it's a regular file,
not a directory or symlink or some other weirdness.
In addition, fix a bug where isAsecInDirectory would return
true ("-1") if the asec directory didn't exist. It should return
false.
Bug: 18867827
Change-Id: I33d90e9095fad36ce0f83fde105b70f72e4eaef4
The strncpy operation does not write a 0 termination
if the name is larger than the target buffer.
Ensure that zero termination is always written using
safe strlcpy function.
Change-Id: Idb68cdff7cd1a860c1dfac7494fa99f3d382cb91
Using lseek on 64-bit offset parameter caused failure
to write persistent data in crypto footer.
Changed calls to use lseek64 instead.
Change-Id: I4e4c397a6d36201b8b08be3017e17c9fac3b34e4
