This creates apexrollback directories under /data/misc_[de|ce]/<user>
which will hold snapshots of DE_n and CE_n apex data directories
(i.e. it will hold backups of data from /data/misc_[de|ce]/<user>/apexdata
for particular apexes).
See go/apex-data-directories for details.
Bug: 141148175
Test: Built and flashed, checked directory was created.
Change-Id: I468060b20dee0c50033b5f014ce8716582d5e6bc
It will be used during the userspace reboot to unmount all emulated
storages, which is a prerequisite to unmount+remount ext4 userdata into
checkpoint mode.
Test: adb shell /system/bin/vdc checkpoint startCheckpoint 1
Test: adb reboot userspace
Bug: 143970043
Bug: 135984674
Change-Id: I07491bc4be2f30debe21b764766c9def68548e16
This creates an apexdata directory under /data/misc_de/<user> and
/data/misc_ce/<user>, and also creates a directory under that for
every APEX that is installed.
See go/apex-data-directories.
APEXes are discovered by scanning the /apex directory. It may be better
to delegate this process to a library, but it is proposed to defer that
change to a future CL.
Bug: 141148175
Test: Built and flashed, checked directories were created.
Change-Id: I95a060b4f42241c91da25a779e61a8f85ca1914c
The HidlizationEquivalenceTest was used to make sure the same key is
computed by the scrypt algorithm regardless of whether the old
(<= KM2 HAL pre treble) or the new (>= KM3.0 treble) HAL was used.
Since the treble is now the default, and old HAL don't even exist on
new devices, we should call the migration a success and drop this test
altogether.
Test: Removed obsolete Code
Bug: 68197448
Change-Id: If10c79bafac4d0c8268675cbb8e1c4b46974aab5
The property is set to inform kernel to do a warm_reset on the next
reboot. This is useful to persist the logs to debug device boot
failures. After the slot has been marked as boot successful, we can drop
the warm_reset flag to avoid the performance overhead on the next
reboot.
Bug: 143489994
Test: check the property is set to 0 by vold
Change-Id: If7c922f40bcf9a6f7894af0a334ab23d88d40d17
Now that we include libfscrypt in libfs_mgr via whole_static_libs we
should not reference it directly.
Bug: 143307095
Test: treehugger
Change-Id: I4cd138b50131ec8ce7835d9604c89c99cae53212
am: be4ff998ac -s ours
am skip reason: change_id I7191bd73d8621831c5802e02817f459f1da32754 with SHA1 a2c2182b65 is in history
Change-Id: If1bc31b59c868707ff2b4ee406bcad0fa9da25d3
am: 8a9454c35c -s ours
am skip reason: change_id I7191bd73d8621831c5802e02817f459f1da32754 with SHA1 a2c2182b65 is in history
Change-Id: I0e4e568d378d9412f2239f37ba2c475ad4f5f30b
A little bit more self-explanatory name that explicitly says that root
is also allowed.
Test: builds
Change-Id: Ice20ffcba2a0994c599dbebace252138ffd827de
Merged-In: Ice20ffcba2a0994c599dbebace252138ffd827de
It will be used by userspace reboot to reset checkpoint state, to make
sure that when /data is remounted, it will be remounted in checkpointing
if a checkpoint was requested beforee userspace reboot.
Test: /system/bin/vdc startCheckpoint 1
/system/bin/vdc needsCheckpoint (returns 0)
/system/bin/vdc resetCheckpoint
/system/bin/vdc needsCheckpoint (returns 1)
Bug: 135984674
Change-Id: Ia29238686289b4eed93e2fb936a8b3d894b94dc9
Add support for setting v2 encryption policies when configured in the
fstab (for internal storage) or in system properties (for adoptable
storage), and for installing and evicting the keys for such policies.
v2 policies support the same encryption modes and flags as v1 policies,
but internally they use a more standard, secure, and flexible KDF. Due
to this, some future features will be supported by v2 policies only.
Bug: 140500999
Test: Configured a device to use v2 encryption policies (applied the
needed kernel patches and added
"fileencryption=aes-256-xts:aes-256-cts:v2" to fstab, and set the
corresponding system properties for adoptable storage). Wiped
userdata, booted device and checked logs to verify that v2
policies were being used.
Also enabled virtual SD card and formatted as adoptable storage;
verified it works and that v2 policies were being used on it.
Also created, started, and stopped a 2nd user and verified their
keys were evicted.
Also verified that the device comes up again after rebooting.
Also verified that a device using v1 encryption policies continues
to work, both with and without an updated kernel -- including
stopping a user so that their keys get evicted.
Change-Id: If64028d8580584b2c33c614cabd5d6b93657f608
When the kernel supports the new fscrypt key management ioctls, use them
instead of add_key() and keyctl_unlink().
This will be needed in order to support v2 encryption policies, since v2
encryption policies only support the new ioctls.
The new ioctls have other advantages too. For example,
FS_IOC_REMOVE_ENCRYPTION_KEY automatically evicts exactly the necessary
kernel objects, so the drop_caches sysctl is no longer needed. This
makes evicting keys faster and more reliable.
FS_IOC_REMOVE_ENCRYPTION_KEY also detects if any files are still open
and therefore couldn't be "locked", whereas this went undetected before.
Therefore, to start out this patch adds support for using the new ioctls
for v1 encryption policies, i.e. on existing devices.
(Originally based on a patch by Satya Tangirala <satyat@google.com>)
Bug: 140500828
Test: tested that a device using v1 policies continues to work, both
with and without an updated kernel. See
If64028d8580584b2c33c614cabd5d6b93657f608 for more details.
Also checked via the log that the filesystem-level keyring is in
fact used when supported.
Change-Id: I296ef78138578a3fd773797ac0cd46af1296b959
