Now that FDE support has been removed, encrypt_inplace() is only used by
metadata encryption, which passes false for the set_progress_properties
parameter. Therefore, remove the set_progress_properties parameter and
the associated code to update the "vold.encrypt_inplace" and
"vold.encrypt_time_remaining" system properties.
Note that encrypt_inplace() still keeps track of its progress to some
extent, for the purpose of printing log messages; that hasn't changed.
Bug: 208476087
Change-Id: If695db1c4e23f568ff865bccc9fc1b98148815be
We want to store sdk data on the same volume as app data. Since sdk data
is stored in misc_ce and misc_de directory, we need to ensure they exist
on adopted storage mounted at /mnt/expand/<volume-uuid>.
This CL creates `/mnt/expand/<volume-uuid>/misc_{ce,de}` directories
when disk is mouted and then when user storage is prepared, the sdk root
directory is created.
By having these directories, we can now move the sdk data to other
volume when app data is moved.
Bug: b/222034645
Test: atest SdkSandboxStorageHostTest (see ag/17120883)
Ignore-AOSP-First: End to end test added which exists in internal branch
only. Will cherry-pick this CL to aosp standalone once it is safely
merged to internal branch.
Change-Id: I0e73d9ce105abec4b77c378cde58aa7365258f01
In order to store supplemental data for apps, we want to create a root
directory at location `/data/misc_ce/<user-id>/supplmental` and
`/data/misc_de/<user-id>supplemental`. These directories will then host
supplemental data for each app based on package name, e.g,
`/data/misc_ce/0/supplemental/<app-name>`.
Since these are sub-directories of misc directory, vold should prepare
them for consistency.
Bug: 217543371
Test: atest SupplementalProcessStorageHostTest
Test: see ag/16681989
Ignore-AOSP-First: Feature is being developed in internal branch
Change-Id: I66ef7a7241c9f82cecedaeb6c9a91f127668300a
Merged-In: I66ef7a7241c9f82cecedaeb6c9a91f127668300a
(cherry picked from commit 0cf90d7ca0)
Mounting encrypted OBB files has never worked reliably across devices,
partly due to its reliance on Twofish encryption support in the kernel.
This is because Twofish support (CONFIG_CRYPTO_TWOFISH) has never been
required or even recommended for Android. It has never been enabled in
GKI, but even before GKI it wasn't required or recommended. Moreover,
this is now the only Android feature that still uses dm-crypt
(CONFIG_DM_CRYPT), and some devices don't have that enabled either.
Therefore, it appears that this feature is unused. That's perhaps not
surprising, considering that the documentation for OBBs
(https://developer.android.com/google/play/expansion-files) says that
they are deprecated, and also it explains OBBs as being app files that
are opaque to the platform; the ability of the platform to mount OBBs
that happen to be in a particular format is never mentioned. That means
that OBB mounting is probably rarely used even with unencrypted OBBs.
Finally, the usefulness of OBBs having their own encryption layer (in
addition to what the platform already provides via FBE) is not clear
either, especially with such an unusual choice of cipher.
To avoid the confusion that is being caused by having the broken code
for mounting encrypted OBBs still sitting around, let's remove it.
Test: atest StorageManagerTest # on Cuttlefish
Test: atest StorageManagerIntegrationTest # on Cuttlefish
Bug: 216475849
Change-Id: Iaef32cce90f95ea745ba2b143f89e66f533f3479
In order to store supplemental data for apps, we want to create a root
directory at location `/data/misc_ce/<user-id>/supplmental` and
`/data/misc_de/<user-id>supplemental`. These directories will then host
supplemental data for each app based on package name, e.g,
`/data/misc_ce/0/supplemental/<app-name>`.
Since these are sub-directories of misc directory, vold should prepare
them for consistency.
Bug: 217543371
Test: atest SupplementalProcessStorageHostTest
Test: see ag/16681989
Ignore-AOSP-First: Feature is being developed in internal branch
Change-Id: I66ef7a7241c9f82cecedaeb6c9a91f127668300a
These are no longer used.
Test: atest com.android.server.locksettings
Bug: 184723544
Ignore-AOSP-First: prerequisite changes in frameworks/base have merge
conflicts between AOSP and internal master
Change-Id: I6160d30deb138a5366532de84cbf6f02cbc69b8c
This is in conjunction with enabling the project id for internal directories. The check whether project ids should be used or not, is done in installd process. If they cannot be used, then the installd process falls back to previous approaches.
Bug: b/215154615
Test: atest installd/StorageHostTest
Test: atest installd/installd_service_test.cpp
Change-Id: I2c6672640295ebbc5ec78075290fc8e8703384ef
The userdata will be formatted by VOLD during bootup when the userdata
is not completed file system(EXT4 or F2FS).
For EXT4 on userdata and quota feature is enabled. the parameter quota
is incorrect in ext4::Format(). Change the parameter from
quotatype=prjquota to quotatype=usrquota:grpquota:prjquota.
Bug: 199802158
Bug: 211847181
Test: run cts-on-gsi -m CtsAppSecurityHostTestCases -t
android.appsecurity.cts.StorageHostTest
Change-Id: Ibff10e8e67b4e6ffabea97f534ff6551aed91963
Merged-In: Ibff10e8e67b4e6ffabea97f534ff6551aed91963
(cherry picked from commit 3101ac01ac)
(cherry picked from commit 344cd3337903c3b5da35df3dc3f15d4badc253a4)
Vold was trusting system_server too much and allowed for pretty
much any path in mount()/bindMount() calls for incremental.
This CL adds validation to make sure it's only accessing own
directories. This includes enforcing no symlinks in the paths
Bug: 198657657
Bug: 216722132
Test: manual
Change-Id: I6035447f94ef44c4ae3294c3ae47de2d7210683a
Merged-In: I6035447f94ef44c4ae3294c3ae47de2d7210683a
Android should only abort fuse connections for fuse fs. It shouldn't
touch fuse connections for virtiofs.
Bug: 162284193
Test: manual - Restart zygote, no 'Transport endpoint is not connected' error.
Change-Id: Ie3536734531404e98ad1b6594ab3c52e919b22b7
