Commit graph

12 commits

Author SHA1 Message Date
Daniel Rosenberg
690d6de5bf Add Support for metadata key with rollback
This adds the ability to upgrade a key and retain the
old one for rollback purposes. We delete the old key
if we boot successfully and delete the new key if we
do not.

Test: Enable checkpointing and test rolling back
      between two versions
Bug: 111020314

Change-Id: I19f31a1ac06a811c0644fc956e61b5ca84e7241a
2018-12-14 14:55:28 -08:00
Eric Biggers
ba997ee583 vold: get the fscrypt kernel API declarations from linux/fs.h
bionic now has linux/fs.h from the 4.14 kernel, which has the fscrypt
kernel API declarations.  Replace the manual declarations in vold,
except for FS_AES_256_XTS_KEY_SIZE which is not available.

Test: built, booted device with f2fs encryption
Change-Id: I6a0e3117eaebe3baac7385421afce2169d46ad55
2018-10-25 17:12:32 -07:00
Eric Biggers
a701c458ca vold: rename from "ext4 encryption" to fscrypt
We support file-based encryption on both ext4 and f2fs now, and the
kernel API is the same.  So rename things appropriately in vold:

    e4crypt => fscrypt
    ext4enc => fscrypt
    Ext4Crypt => FsCrypt
    EXT4_* => FS_*
    ext4_encryption_key => fscrypt_key

Additionally, the common functions shared by 'vold' and 'init' are now
in libfscrypt rather than ext4_utils.  So update vold to link to
libfscrypt and include the renamed headers.

Note: there's a chance of 'fscrypt' being confused with the dm-crypt
based encryption code in vold which is called 'cryptfs'.  However,
fscrypt is the name used in the kernel for ext4/f2fs/ubifs encryption,
and it's preferable to use the same name in userspace.

Test: built, booted device with f2fs encryption
Change-Id: I2a46a49f30d9c0b73d6f6fe09e4a4904d4138ff6
2018-10-25 17:12:32 -07:00
Paul Crowley
14c8c0765a clang-format many files.
Test: Format-only changes; treehugger suffices.
Change-Id: I23cde3f0bbcac13bef555d13514e922c79d5ad48
2018-09-18 15:41:22 -07:00
Paul Crowley
26a53888a4 When we forget a volume, forget per-volume key
Protect all per-volume-per-user keys with a per-volume key, which is
forgotten when the volume is forgotten. This means that the user's key
is securely lost even when their storage is encrypted at forgetting
time.

Bug: 25861755
Test: create a volume, forget it, check logs and filesystem.
Change-Id: I8df77bc91bbfa2258e082ddd54d6160dbf39b378
2017-10-26 12:19:09 -07:00
Chen, Luhai
5744dfe3cc Fix keyname generation issue
The keyname binded to keyring return a wrong string when there are binary char larger than 127,
the sign extension will introduce unexpect FFFFFF string to the keyname.

Bug: 65423023
Test: local build with boot test and device encryption status check. 

Change-Id: I26482c98ac1858a63b9f5c3f84a8699fd6a21cd7
Signed-off-by: Ai, Ting A <ting.a.ai@intel.com>
Signed-off-by: Chen, Luhai <luhai.chen@intel.com>
2017-09-11 18:39:01 -07:00
Pavel Grafov
e2e2d308df Zero memory used for encryuption keys.
std::vector with custom zeroing allocator is used instead of
std::string for data that can contain encryption keys.

Bug: 64201177
Test: manually created a managed profile, changed it's credentials
Test: manually upgraded a phone with profile from O to MR1.
Change-Id: Ic31877049f69eba9f8ea64fd99acaaca5a01d3dd
2017-08-10 17:31:03 +01:00
Paul Crowley
cd8bfe3d7f Label keys with all the possible FBE prefixes that might apply
We don't know which FS and kernel version is going to want these keys,
so put them in the kernel three times with all three possible prefixes.

Test: Marlin set up before this change successfully boots after it.
Change-Id: I6ccfe0894551ba068de9bf5e23fe4fd1e10e36b1
2017-06-20 10:10:08 -07:00
Elliott Hughes
c3bda18bda Switch to libkeyutils.
Bug: http://b/37991155
Test: builds+boots
Change-Id: I33a3ba0d59ffd504093dc94517815c1196e95e2b
2017-05-10 16:59:33 -07:00
Daniel Rosenberg
71c56f6dd5 Revert "Revert "Stop dropping caches now we have kernel fix""
This reverts commit 8ad0bef7b5.

Bug: 37231161
Test: Boot device with FBE enabled. ls /storage/emulated/0/Android
Unlock device. ls /storage/emulated/0/Android
1st will not be found. Second should be found.

Change-Id: I92c7ad0adaa7bd357e10661a47cc667ac0ff84b4
2017-04-28 16:04:11 -07:00
Paul Crowley
d5759811ff Add support for metadata encryption
Support encrypting metadata in /userdata using the dm-default-key
driver with a key in the /metadata partition.

Bug: 29189559
Test: Angler & Marlin build and boot
Change-Id: I716b117508d4bb4f6a4039293acb848cbc60f67b
2017-04-21 13:40:20 -07:00
Paul Crowley
f71ace310e Refactor to lay the groundwork for metadata encryption
Bug: 26778031
Test: Angler, Marlin build and boot
Change-Id: Ic136dfe6195a650f7db76d3489f36da6a1929dc5
2017-04-21 10:47:17 -07:00