Since Android 10, new devices have been required to use FBE instead of
FDE. Therefore, the FDE code is no longer needed.
Remove most of cryptfs.cpp. A few parts of it need to be kept in order
to support the dm-crypt method of adoptable storage encryption.
Keep the FDE-specific binder methods stubbed out for now until their
callers can be removed.
Bug: 191796797
Change-Id: I90b1e4cacd2f3e5cce77a82a0af744fcc7da9400
More consistency between MetadataCrypt and cryptfs, and steps towards
supporting Adiantum properly in MetadataCrypt.
Test: create private volume on Cuttlefish
Bug: 147814592
Change-Id: Ic3993c1fde11b4f5a9e6cc8ee588a7d92241c6ab
Abolish cryptfs_revert_ext_volume, handle in caller. This allows us to
use DeleteDeviceIfExists, avoiding a spurious error message.
Test: create private volume on Cuttlefish, eject, check logs
Bug: 147814592
Change-Id: I836d8bd11b29e32da0863aaa75144543bb9cab9c
Not for security, but for consistency with the way we handle other
keys, and to move the length check to where it belongs.
Test: create private volume on Cuttlefish
Bug: 147814592
Change-Id: I10fc4896183d050ce25ff174faf78f525cf62930
Move most of it into cryptfs.cpp, and include cryptfs.h in fewer files.
Bug: 147814592
Test: Treehugger
Change-Id: Ia3592d73e7abc1f07a60538e0978a3033bdea7de
This commit adds <linux/types.h> to cryptfs.h because cryptfs.h uses
`__le16` and `__le32` which are defined in <linux/types.h>.
The absence of <linux/types.h> will become an error after we sort the
headers in the upcoming commits.
Test: cd system/vold && mma
Change-Id: I9930105ee86f80a29295b59596b21335c68a8e23
Our external partitions have no crypto header/footer, so we
only get the keysize and key. Our code has been implicitly
assuming that this keysize off of disk matches the crypto
type we have in our code (and thus matches the keysize our
code is using as well). We now make this assumption
explicit, and check for this and no longer allow external
code to pass a keysize in to cryptfs.
Bug: 73079191
Test: Compiled and tested in combination with other CLs.
Change-Id: I1a1996187e1aaad6f103982652b1bcdfd5be33ce
Bug: 64766105
Test: FBE boots, forceencrypt boots, set pattern, reboots, encryptable
boots and can be encrypted
Change-Id: I8c6dc0acdc37c3a6f1bea28d5607ed8938a4eb0c
Remove lots of "extern C" and "ifdef __cplusplus" which are no longer
needed now all of vold is C++. Also turn on the cert-err58-cpp warning
we once had to disable.
Bug: 67041047
Test: compiles, boots
Change-Id: I8c6f9dd486f2409e0deed7bb648d959677465b21
Now that we've moved to Binder, we only have a few lingering atoi()
usages that are cleaned up in this CL.
Rewrite match_multi_entry() entirely, with tests to verify both old
and new implementations.
Test: adb shell /data/nativetest/vold_tests/vold_tests
Bug: 36655947
Change-Id: Ib79dc1ddc2366db4d5b4e1a1e2ed9456a06a983e
Prefix FDE related commands with "fde" to make it clear which devices
they apply to. This will also make it easier to remove once FDE
is fully deprecated in a future release.
To emulate the single-threaded nature of the old socket, introduce a
lock that is acquired for all encryption related methods.
Sprinkle some "const" around older files to make C++ happy.
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest
Bug: 13758960
Change-Id: I0a6ec6e3660bbddc61424c344ff6ac6da953ccf0
Change to use WaitForProperty API to wait for vold.post_fs_data_done
Also change cryptfs to C++
Bug: 35425974
Test: mma, marlin/angler boot
Change-Id: Id821f2035788fcc91909f296c83c871c67571de3
Make the vold changes needed to support specifying aes-256-heh filenames
encryption. The previous mode, aes-256-cts, remains supported as well.
The file /data/unencrypted/mode is updated to have the syntax
contents_encryption_mode[:filenames_encryption_mode] instead of just
contents_encryption_mode. This is consistent with the new fstab syntax.
Bug: 34712722
Change-Id: Ibc236d0ec4fdeda4e4e301f45fb996317692cfa3
Change encryption to happen after a reboot, not before. This
removes the problem whereby if data cannot be unmounted, we cannot
encrypt.
Bug: 25426629
Change-Id: I25d610204234ed8254330d001eb965e6e87a2fe9
This set of changes adds the screen that offers this conversion,
and the plumbing so the option is only available on suitable
devices.
It does not implement the conversion mechanism.
Change-Id: I801199c37b03436045d40bf8840a8746daf94d27
This adds support for private volumes which is just a filesystem
wrapped in a dm-crypt layer. For now we're using the exact same
configuration as internal encryption (aes-cbc-essiv:sha256), but we
don't store any key material on the removable media. Instead, we
store the key on internal storage, and use the GPT partition GUID
to identify which key should be used.
This means that private external storage is effectively as secure as
the internal storage of the device. That is, if the internal storage
is encrypted, then our external storage key is also encrypted.
When partitioning disks, we now support a "private" mode which has
a PrivateVolume partition, and a currently unused 16MB metadata
partition reserved for future use. It also supports a "mixed" mode
which creates both a PublicVolume and PrivateVolume on the same
disk. Mixed mode is currently experimental.
For now, just add ext4 support to PrivateVolume; we'll look at f2fs
in a future change. Add VolumeBase lifecycle for setting up crypto
mappings, and extract blkid logic into shared method. Sprinkle some
more "static" around the cryptfs code to improve invariants.
Bug: 19993667
Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
Redirect all crypto calls to e4crypt equivalents if file level encryption
detected. Note this change implements only the ones needed for minimal
functionality.
Requires matching change:
https://googleplex-android-review.git.corp.google.com/#/c/642778/
Change-Id: I622d1a91704de4b3ab655486e6d38cd6718e6016
This reverts commit 6a69cfc411.
The original fix seems to have led to boot failures in QA. Rather than
risk shipping, revert the change. Bug 18764230 reopened.
Requires change
https://googleplex-android-review.git.corp.google.com/#/c/629950/
Bug: 19278390
Bug: 19199624
Change-Id: Ia858c4db0abb917f9364ec8048f59ca4fb48e233
The libcrypto and libssl modules (and their respective static and host
versions) use LOCAL_EXPORT_C_INCLUDE_DIRS thus just including the module
is sufficient.
Additionally, cryptfs.h was including an OpenSSL header just to get the
length of a SHA-256 hash. Rather than force all users of this header to
also depend on libcrypto, it's easier just to define that value in the
header file.
Change-Id: I3e3e0db906a212e1093944b298e4a8ff2e2fb07d
Add maybeenabledefaultencryption function, that encrypts based
on the encryption flag and appropriate environment variable
Bug: 18764230
Change-Id: Id9a1967d09a7ae63a51240c0a5f3c41505af0e9a
Store long field values in multiple underlying fixed-length entries
and concatenate them together when reading back.
Bug: 17556485
Change-Id: I2f8033d18c208993fa1b010712be0dad5d8b646b
There are cases where the /dev/block/dm-0 fails to open.
This leads to the device not completing the boot up sequence.
Currently, the only way out is to reboot.
Bug: 17898962
Change-Id: If4583ebb1ef1ebdbaf680d69b876459aaec2f4ce
(cherry picked from commit 7fc1de8a44)
There are cases where the /dev/block/dm-0 fails to open.
This leads to the device not completing the boot up sequence.
Currently, the only way out is to reboot.
Bug: 17898962
Change-Id: If4583ebb1ef1ebdbaf680d69b876459aaec2f4ce
Correct implementations of keymaster should reject using an n-bit
RSA key to sign less than n bits of data, because we specify that
keymaster should not perform padding.
Change-Id: Ibdff1bbfbee84fd5bdbfb3149a124dbbaa7827fc
Note that this also changes the boot sequence, and moves the test for corrupted
data to cryptfs_restart_internal.
Bug: 17213613
Change-Id: I0f86e8fe3d482e2d1373bd0f4d0d861e63ad8904
Store salted scrypt of intermediate key in crypto header
When mount fails, check if matches, and if it does return error
code prompting a wipe
Bug: 11477689
Change-Id: I3dcf9e0c64f2a01c8ba8eaf58df82cbe717d421b
Set flag on starting encryption to say it failed, and only clear
when we get into a recoverable state (partially or fully encrypted.)
Go to recovery on seeing this flag on boot
Bug: 16552363
Change-Id: I7e452b653edf3a087ecfaba8f81f41765a1c8daf
