Commit graph

66 commits

Author SHA1 Message Date
Paul Crowley
14c8c0765a clang-format many files.
Test: Format-only changes; treehugger suffices.
Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 15:41:22 -07:00
Logan Chien
0267ccf8a4 Add linux/types.h to cryptfs.h
This commit adds <linux/types.h> to cryptfs.h because cryptfs.h uses
`__le16` and `__le32` which are defined in <linux/types.h>.

The absence of <linux/types.h> will become an error after we sort the
headers in the upcoming commits.

Test: cd system/vold && mma
Change-Id: I9930105ee86f80a29295b59596b21335c68a8e23
2018-05-02 10:57:56 +08:00
Greg Kaiser
57f9af6af4 cryptfs: Require ext disk crypt to match code
Our external partitions have no crypto header/footer, so we
only get the keysize and key.  Our code has been implicitly
assuming that this keysize off of disk matches the crypto
type we have in our code (and thus matches the keysize our
code is using as well).  We now make this assumption
explicit, and check for this and no longer allow external
code to pass a keysize in to cryptfs.

Bug: 73079191
Test: Compiled and tested in combination with other CLs.
Change-Id: I1a1996187e1aaad6f103982652b1bcdfd5be33ce
2018-02-16 15:23:56 -08:00
Paul Lawrence
7ee87cfcbe Remove all references to FDE enable wipe
Bug: 64766105
Test: FBE boots, forceencrypt boots, set pattern, reboots, encryptable
      boots and can be encrypted
Change-Id: I8c6dc0acdc37c3a6f1bea28d5607ed8938a4eb0c
2017-12-22 11:17:15 -08:00
Paul Crowley
b64933a502 Be even more C++. Switch on a warning.
Remove lots of "extern C" and "ifdef __cplusplus" which are no longer
needed now all of vold is C++. Also turn on the cert-err58-cpp warning
we once had to disable.

Bug: 67041047
Test: compiles, boots
Change-Id: I8c6f9dd486f2409e0deed7bb648d959677465b21
2017-10-31 08:40:23 -07:00
Paul Crowley
a7ca40bd70 Remove dead code; move code out of cryptfs that doesn't belong.
Test: Marlin boots
Change-Id: I5c3fc21fef336b301981d6eff6f6ea242f30f66c
2017-10-06 14:29:33 -07:00
Jeff Sharkey
95440ebd97 Enable "cert-err34-c" tidy checks.
Now that we've moved to Binder, we only have a few lingering atoi()
usages that are cleaned up in this CL.

Rewrite match_multi_entry() entirely, with tests to verify both old
and new implementations.

Test: adb shell /data/nativetest/vold_tests/vold_tests
Bug: 36655947
Change-Id: Ib79dc1ddc2366db4d5b4e1a1e2ed9456a06a983e
2017-09-20 13:29:48 -06:00
Jeff Sharkey
83b559ced4 Move all crypto commands over to Binder.
Prefix FDE related commands with "fde" to make it clear which devices
they apply to.  This will also make it easier to remove once FDE
is fully deprecated in a future release.

To emulate the single-threaded nature of the old socket, introduce a
lock that is acquired for all encryption related methods.

Sprinkle some "const" around older files to make C++ happy.

Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.DirectBootHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.AdoptableHostTest
Test: cts-tradefed run commandAndExit cts-dev -m CtsOsTestCases -t android.os.storage.cts.StorageManagerTest
Bug: 13758960
Change-Id: I0a6ec6e3660bbddc61424c344ff6ac6da953ccf0
2017-09-12 17:24:06 -06:00
Paul Crowley
f71ace310e Refactor to lay the groundwork for metadata encryption
Bug: 26778031
Test: Angler, Marlin build and boot
Change-Id: Ic136dfe6195a650f7db76d3489f36da6a1929dc5
2017-04-21 10:47:17 -07:00
Wei Wang
4375f1be4c Change to use new WaitForProperty API
Change to use WaitForProperty API to wait for vold.post_fs_data_done
Also change cryptfs to C++

Bug: 35425974
Test: mma, marlin/angler boot

Change-Id: Id821f2035788fcc91909f296c83c871c67571de3
2017-02-24 17:47:53 -08:00
Eric Biggers
b45caafbcc vold: allow specifying HEH filenames encryption
Make the vold changes needed to support specifying aes-256-heh filenames
encryption.  The previous mode, aes-256-cts, remains supported as well.

The file /data/unencrypted/mode is updated to have the syntax
contents_encryption_mode[:filenames_encryption_mode] instead of just
contents_encryption_mode.  This is consistent with the new fstab syntax.

Bug: 34712722
Change-Id: Ibc236d0ec4fdeda4e4e301f45fb996317692cfa3
2017-02-07 20:53:45 +00:00
Chih-Hung Hsieh
efe8b3de96 Merge \\\"Fix misc-macro-parentheses warnings in system/vold.\\\" am: 786c536e84 am: c83c87e681
am: f5e9bc9517

Change-Id: I1a505858b0a0407489e9adcdd894048e66cfc939
2016-06-22 21:36:05 +00:00
Chih-Hung Hsieh
c83c87e681 Merge \"Fix misc-macro-parentheses warnings in system/vold.\"
am: 786c536e84

Change-Id: Ida8cc5a6d17b526ff4f5af5f2406930333a385c8
2016-06-22 21:31:07 +00:00
Chih-Hung Hsieh
aae793802b Fix misc-macro-parentheses warnings in system/vold.
Add parentheses around macro arguments used beside operators.
Bug: 28705665

Change-Id: I44e954f15bf6b8279d0f857d5417b7cb457da779
2016-06-10 14:15:18 -07:00
Paul Lawrence
6e41059734 Set encryption mode in mode file
Bug: 28905864
Change-Id: Ie2a5c3e029075d53a86ef3afb7fe364c16d8d52b
2016-05-27 09:40:37 -07:00
Paul Crowley
63c18d3ba9 Add scrypt-based password stretching.
Bug: 27056334
Change-Id: Ifa7f776c21c439f89dad7836175fbd045e1c603e
2016-02-10 14:07:59 +00:00
Paul Lawrence
3d99ebad3d Encrypt on reboot
Change encryption to happen after a reboot, not before. This
removes the problem whereby if data cannot be unmounted, we cannot
encrypt.

Bug: 25426629

Change-Id: I25d610204234ed8254330d001eb965e6e87a2fe9
2015-11-23 12:40:17 -08:00
Paul Lawrence
0c24746627 Add developer option to convert from FDE to FBE
This set of changes adds the screen that offers this conversion,
and the plumbing so the option is only available on suitable
devices.

It does not implement the conversion mechanism.

Change-Id: I801199c37b03436045d40bf8840a8746daf94d27
2015-11-04 05:09:32 -08:00
Paul Lawrence
569649ff1d Don't show UI on default encryption
Bug: 22989588
Change-Id: I21403233d84031869d929c46c3c7b2ebefb3caff
2015-09-09 12:13:00 -07:00
Paul Lawrence
2f32cda63b DO NOT MERGE Retry unmounts in ext4 encryption
(cherry-picked from commit 29b54aab8e)

Bug: 18151196
Change-Id: I52ca23b2ce3adcff44bd003d4a12243a0bd6ac34
2015-05-29 14:20:51 -07:00
Paul Lawrence
731a7a242d DO NOT MERGE Securely encrypt the master key
(cherry-picked from commit 707fd6c7cc)

Move all key management into vold
Reuse vold's existing key management through the crypto footer
to manage the device wide keys.

Use ro.crypto.type flag to determine crypto type, which prevents
any issues when running in block encrypted mode, as well as speeding
up boot in block or no encryption.

This is one of four changes to enable this functionality:
  https://android-review.googlesource.com/#/c/148586/
  https://android-review.googlesource.com/#/c/148604/
  https://android-review.googlesource.com/#/c/148606/
  https://android-review.googlesource.com/#/c/148607/

Bug: 18151196

Change-Id: I3c68691717a61b5e1df76423ca0c02baff0dab98
2015-05-29 17:25:54 +00:00
Jeff Sharkey
9f18fe7807 Remove unused code.
Bug: 19993667
Change-Id: I1f6519655c5a366eca25e2329e1bf95d81b3bf8c
2015-04-01 23:33:26 -07:00
Jeff Sharkey
9c48498f45 Support for private (adopted) volumes.
This adds support for private volumes which is just a filesystem
wrapped in a dm-crypt layer.  For now we're using the exact same
configuration as internal encryption (aes-cbc-essiv:sha256), but we
don't store any key material on the removable media.  Instead, we
store the key on internal storage, and use the GPT partition GUID
to identify which key should be used.

This means that private external storage is effectively as secure as
the internal storage of the device.  That is, if the internal storage
is encrypted, then our external storage key is also encrypted.

When partitioning disks, we now support a "private" mode which has
a PrivateVolume partition, and a currently unused 16MB metadata
partition reserved for future use.  It also supports a "mixed" mode
which creates both a PublicVolume and PrivateVolume on the same
disk.  Mixed mode is currently experimental.

For now, just add ext4 support to PrivateVolume; we'll look at f2fs
in a future change.  Add VolumeBase lifecycle for setting up crypto
mappings, and extract blkid logic into shared method.  Sprinkle some
more "static" around the cryptfs code to improve invariants.

Bug: 19993667
Change-Id: Ibd1df6250735b706959a1eb9d9f7219ea85912a0
2015-04-01 10:45:05 -07:00
Paul Lawrence
05335c344d Adding e4crypt support
Redirect all crypto calls to e4crypt equivalents if file level encryption
detected. Note this change implements only the ones needed for minimal
functionality.

Requires matching change:
  https://googleplex-android-review.git.corp.google.com/#/c/642778/

Change-Id: I622d1a91704de4b3ab655486e6d38cd6718e6016
2015-03-19 09:46:47 -07:00
Paul Lawrence
a655b9a39f am 38394c7d: am 223fd1ca: Revert "Make encryption configurable"
* commit '38394c7d2d6d5bd8c7467155587a78b912e2b7ab':
  Revert "Make encryption configurable"
2015-02-09 04:14:28 +00:00
Paul Lawrence
38394c7d2d am 223fd1ca: Revert "Make encryption configurable"
* commit '223fd1cad8d627dc36e11da8cdd342c1a810d226':
  Revert "Make encryption configurable"
2015-02-07 00:11:29 +00:00
Paul Lawrence
223fd1cad8 Revert "Make encryption configurable"
This reverts commit 6a69cfc411.

The original fix seems to have led to boot failures in QA. Rather than
risk shipping, revert the change. Bug 18764230 reopened.

Requires change
    https://googleplex-android-review.git.corp.google.com/#/c/629950/

Bug: 19278390
Bug: 19199624

Change-Id: Ia858c4db0abb917f9364ec8048f59ca4fb48e233
2015-02-06 17:32:56 +00:00
Paul Lawrence
db3730c454 Remove kdfs that were only used internally in LMP
Bug: 17439091
Change-Id: I55f92984c8234362597be3976a10626a0ed8763f
2015-02-03 13:08:10 -08:00
Paul Lawrence
4a36ca0038 am 6a69cfc4: Make encryption configurable
* commit '6a69cfc411c086f15d59b7dc105763af16620414':
  Make encryption configurable
2015-01-26 15:53:01 +00:00
Kenny Root
ba5834dcea am 26970299: Merge "Remove superfluous OpenSSL include paths."
* commit '269702997153cdf92c65cfee277c76afed44e9e5':
  Remove superfluous OpenSSL include paths.
2015-01-23 01:17:16 +00:00
Adam Langley
41405bb3e5 Remove superfluous OpenSSL include paths.
The libcrypto and libssl modules (and their respective static and host
versions) use LOCAL_EXPORT_C_INCLUDE_DIRS thus just including the module
is sufficient.

Additionally, cryptfs.h was including an OpenSSL header just to get the
length of a SHA-256 hash. Rather than force all users of this header to
also depend on libcrypto, it's easier just to define that value in the
header file.

Change-Id: I3e3e0db906a212e1093944b298e4a8ff2e2fb07d
2015-01-22 16:45:28 -08:00
Paul Lawrence
6a69cfc411 Make encryption configurable
Add maybeenabledefaultencryption function, that encrypts based
on the encryption flag and appropriate environment variable

Bug: 18764230
Change-Id: Id9a1967d09a7ae63a51240c0a5f3c41505af0e9a
2015-01-21 10:00:17 -08:00
Rubin Xu
85c01f95c7 Make persistent field in cryptofs support longer values.
Store long field values in multiple underlying fixed-length entries
and concatenate them together when reading back.

Bug: 17556485
Change-Id: I2f8033d18c208993fa1b010712be0dad5d8b646b
2014-10-24 10:56:02 +01:00
JP Abgrall
512f0d52ac cryptfs: [HACK] reboot if the crypto block dev failed to open
There are cases where the /dev/block/dm-0 fails to open.
This leads to the device not completing the boot up sequence.
Currently, the only way out is to reboot.

Bug: 17898962
Change-Id: If4583ebb1ef1ebdbaf680d69b876459aaec2f4ce
(cherry picked from commit 7fc1de8a44)
2014-10-16 20:55:52 +00:00
JP Abgrall
7fc1de8a44 cryptfs: [HACK] reboot if the crypto block dev failed to open
There are cases where the /dev/block/dm-0 fails to open.
This leads to the device not completing the boot up sequence.
Currently, the only way out is to reboot.

Bug: 17898962
Change-Id: If4583ebb1ef1ebdbaf680d69b876459aaec2f4ce
2014-10-10 18:51:24 -07:00
Shawn Willden
e17a9c4ad3 Change cryptfs keymaster padding to ensure the high bit is never 1,
to ensure the padded message is never larger than the RSA public
modulus.

Bug: 17358530

Change-Id: I4dc488399c4ecfa2d24cacb839a9087e65475947
2014-09-09 16:11:35 +00:00
Shawn Willden
47ba10d6d5 Pad object to proper size before signing.
Correct implementations of keymaster should reject using an n-bit
RSA key to sign less than n bits of data, because we specify that
keymaster should not perform padding.

Change-Id: Ibdff1bbfbee84fd5bdbfb3149a124dbbaa7827fc
2014-09-05 10:43:02 -06:00
Paul Lawrence
74f29f1df7 Don't test mount when we can use the crypto footer to test the password
Note that this also changes the boot sequence, and moves the test for corrupted
data to cryptfs_restart_internal.

Bug: 17213613
Change-Id: I0f86e8fe3d482e2d1373bd0f4d0d861e63ad8904
2014-08-29 08:31:10 -07:00
Paul Lawrence
d0c7b17070 Wipe userdata when password is good but it won't mount
Store salted scrypt of intermediate key in crypto header

When mount fails, check if matches, and if it does return error
code prompting a wipe

Bug: 11477689
Change-Id: I3dcf9e0c64f2a01c8ba8eaf58df82cbe717d421b
2014-08-13 19:41:30 +00:00
Paul Lawrence
6bfed20c77 When encryption fails, reboot into recovery
Set flag on starting encryption to say it failed, and only clear
when we get into a recoverable state (partially or fully encrypted.)

Go to recovery on seeing this flag on boot

Bug: 16552363
Change-Id: I7e452b653edf3a087ecfaba8f81f41765a1c8daf
2014-08-07 13:14:35 -07:00
Paul Lawrence
69f4ebd81e Add keymaster support to cryptfs
Use keymaster to wrap the cryptfs keys.

Requires selinux change
  https://googleplex-android-review.git.corp.google.com/#/c/449411

Bug: 9467042
Change-Id: If25a01cb85ed193a271d61382de0560d85553b7e
2014-04-18 11:40:13 -07:00
Paul Lawrence
45f10533f8 Revert "Revert "Encrypt phone even if pattern or no keyguard""
Don't block based on keyguard type, and pass type to encryption function.

Requires:
  https://googleplex-android-review.git.corp.google.com/#/c/444201/
or encryption will no longer work.

This reverts commit efec3f2927.

Change-Id: I431589a56eb11118027e0a5a84f55e973b1084aa
2014-04-10 14:30:31 +00:00
Paul Lawrence
efec3f2927 Revert "Encrypt phone even if pattern or no keyguard"
This reverts commit 5cc86c5741.

Without two more commits, this will break encryption. I'll re-commit when the other two pass code review.

Change-Id: I71720d065c16cf0f7f534e74ffe883f1e113c477
2014-04-03 20:55:47 +00:00
Paul Lawrence
5cc86c5741 Encrypt phone even if pattern or no keyguard
Add option to enablecrypto to take type, allowing us to set type
when encrypting.

Bug: 13749169
Change-Id: If22fcfa93f1ebd1a5bd3b0077bb3bd8ae71fe819
2014-04-03 19:20:28 +00:00
Paul Lawrence
cc215381dd Merge "Store password in vold" 2014-03-21 20:40:36 +00:00
Paul Lawrence
87999173dd Don't corrupt ssd when encrypting and power fails
Stop encryption when battery is low, mark position, and continue on reboot.

Note - support for multiple encrypted volumes removed as no devices seem
to exist with an fstab that uses this feature. If you want support for such
a device, contact me and we will re-add it with appropriate testing.

Bug: 13284213
Change-Id: I1f7178e4f7dd8ea816cbc03ab5c4f6543e98acaa
2014-03-21 18:30:26 +00:00
Paul Lawrence
399317ede4 Store password in vold
If we are not to double prompt, we need to pass the password from
CryptKeeper to KeyStore. Since the entire framework is taken down
and restarted, we must store the password in a secure system daemon.
There seems no better way than holding it in vold.

Change-Id: Ia60f2f051fc3f87c4b6468465f17b655f43f97de
2014-03-21 11:15:39 -07:00
Paul Lawrence
684dbdf316 Infrastructure to securely allow only one prompt at boot when encrypted
Add a call to vold that says if we decrypted the data partition. Reset the
flag so that it only returns true the first time.

Bug: 12990752
Change-Id: Ib00be87137c00fb8ad29205c85a3ea187764b702
2014-02-14 17:41:18 +00:00
Paul Lawrence
1348603357 Enable auto-encrypt drive at startup
Modify enablecrypto command to make the password optional. When it is
not there, default encrypt the device.

Remove a warning by making at least some parts of this file const-correct.

Bug: 11985952
Change-Id: Ie27da4c4072386d9d6519d97ff46c6dc4ed188dc
2014-02-14 09:34:44 -08:00
Paul Lawrence
f4faa575c9 Support default, pattern, pin and password encryption types
Store encryption type in crypto footer, and provide functions to
manipulate it. Add mount_default_encrypted command to vdc to allow
mounting of default encrypted volumes at boot time.

Bug: 8769627
Change-Id: Ie41848f258e128b48b579e09789abfa24c95e2b2
2014-02-12 14:54:40 -08:00