Commit graph

71 commits

Author SHA1 Message Date
Treehugger Robot
f7794b5dc1 Merge "Add '-unstable' to solve ODR violation" 2020-09-11 08:19:44 +00:00
Jeongik Cha
f8f374a381 Add '-unstable' to solve ODR violation
The interface which is imported by an unstable interface is 'unstable'
as well. Until now, the ODR violation checker in aidl has omitted an
interface imported, but it will be checked, accordingly, fix the current
problem

Bug: 146436251
Test: m nothing
Change-Id: Id3c4bbc9149ba7c3e0a0d728026f02f60cb17424
Merged-In: Id3c4bbc9149ba7c3e0a0d728026f02f60cb17424
Exempt-From-Owner-Approval: cp from internal
2020-09-11 06:49:21 +00:00
Treehugger Robot
dd8b695c61 Merge "vold: restore -D__ANDROID_DEBUGGABLE__" am: 5de675c93b am: bb92ff6591
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1365586

Change-Id: Id417587a550b0f4abf5a6a3e4b4535011b21f627
2020-07-17 19:02:45 +00:00
Mark Salyzyn
865086debe vold: restore -D__ANDROID_DEBUGGABLE__
Regression introduced by
commit 7ebcc2bcfd
("Revert "[Vold] Conditional dependency to ARC++ ObbVolume"")
errantly removed the product_variables support for
-D__ANDROID_DEBUGGABLE__ when built for userdebug builds.

Restore stanza.

Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 161454607
Test: adb-remount-test no longer reports a problem
Change-Id: Ia7e55d1174fa7fac2d934d4aac06d15e8be388af
2020-07-17 08:20:00 -07:00
Eric Biggers
4cd238b900 Merge "vold: remove checkEncryption" am: 2d9777bfbf am: 15c0d3e5d0
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1363339

Change-Id: I23b9a01632b61a92896ae83e2152fa047dd85c48
2020-07-16 21:00:33 +00:00
Eric Biggers
2d9777bfbf Merge "vold: remove checkEncryption" 2020-07-16 20:30:35 +00:00
Treehugger Robot
9afa4c65d8 Merge "Revert "[Vold] Conditional dependency to ARC++ ObbVolume"" am: 6e6fc6b8d3 am: 11757842a3
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/1320919

Change-Id: Iec0c1190443f1366a0f105bb3eba3967635ff544
2020-07-16 12:03:40 +00:00
Eric Biggers
b7a14053c3 vold: remove checkEncryption
The testing-only "checkEncryption" command has been replaced with
VtsKernelEncryptionTest [1].  In particular, the metadata encryption
documentation [2] no longer mentions checkEncryption but rather
recommends running VtsKernelEncryptionTest.  Also, checkEncryption
hasn't really been maintained, and it has some known bugs; it's unclear
that many people ever really used it.

So, just remove it.

[1] https://android.googlesource.com/platform/test/vts-testcase/kernel/+/refs/heads/master/encryption/
[2] https://source.android.com/security/encryption/metadata#tests

Bug: 155037012
Change-Id: I258829c60768fd11aafdf2faad956cecc1ae9826
2020-07-15 11:21:33 -07:00
Satoshi Niwa
7ebcc2bcfd Revert "[Vold] Conditional dependency to ARC++ ObbVolume"
This reverts commit aedae617fe.

Reason for revert: ArcObbVolume is not needed by ARCVM R and above.

Bug: 157885448
Test: trybot
Change-Id: I16395ac8b6902cedea263f51e306b297d719043f
2020-07-13 05:07:18 +00:00
Treehugger Robot
bcbd085191 Merge "Revert "ARC++ swap for AppFuseUtil"" am: b6e2c14ed1 am: 4cf8ddeed2
Change-Id: I8d91ba35477d526ff886ed32c7c1357134dfca4d
2020-05-12 13:00:16 +00:00
Treehugger Robot
b6e2c14ed1 Merge "Revert "ARC++ swap for AppFuseUtil"" 2020-05-12 12:30:16 +00:00
Satoshi Niwa
601e7bd4e2 Revert "ARC++ swap for AppFuseUtil"
This reverts commit dcbd4fcad2.

Reason for revert: ARC is migrating to ARCVM on R, which doesn't use AppFuse any more.

Change-Id: Ifd0bf92a79c0ff25d782bea44dd593f9502f1959
2020-05-08 04:50:34 +00:00
Yurii Zubrytskyi
9e7482ece1 [vold] Add argument verification to IncFS methods
+ Get rid of an extra string copy in path validation function

Bug: 152349257
Test: atest vold_tests
Change-Id: I03a8cab0dd6abd7d5c9dcbbc2acb651e818e6cd8
Merged-In: I03a8cab0dd6abd7d5c9dcbbc2acb651e818e6cd8
2020-03-25 17:21:49 -07:00
Yurii Zubrytskyi
131365a3e5 [vold] Add argument verification to IncFS methods
+ Get rid of an extra string copy in path validation function

Bug: 152349257
Test: atest vold_tests
Change-Id: I03a8cab0dd6abd7d5c9dcbbc2acb651e818e6cd8
2020-03-25 14:33:24 -07:00
Automerger Merge Worker
7489ab6961 Merge changes from topics "metadata_wrapped_key_aosp", "volume_metadata" am: 36fd1ebfae am: 6891eb7e2d am: c14f46d114
Change-Id: I89f51bfaeb61c235aeccbe8a5a5a447ab14c46cb
2020-02-19 22:19:26 +00:00
Martijn Coenen
816f4d94f6 Add fixupAppDir() API.
This can be used to fixup application directories in case they have been
created by some other entity besides vold; the main use case for this
API right now is OBB directories, which can be created by installers
outside of vold; on devices without sdcardfs, such directories and the
files contained therein are not setup correctly. This API will make sure
everything is setup the way it needs to be setup.

Bug: 146419093
Test: inspect OBB dir after install
Change-Id: I2e35b7ac2992dbb21cc950e53651ffc07cfca907
2020-02-19 12:11:34 +01:00
Paul Crowley
886e572009 On newer devices, use dm-default-key to encrypt SD cards
The dm-crypt solution requires a kernel patch that won't be present in
the GKI kernel, while the new metadata encryption system in the GKI
kernel solves this problem in a much cleaner way.

Test: create private volume on Cuttlefish, setting property both ways.
Bug: 147814592
Change-Id: Ie02bd647c38d8101af2bbc47637f65845d312cea
2020-02-18 13:01:00 -08:00
Paul Crowley
85d1c77ff6 Merge changes Ic3993c1f,I06645bb4 am: ac34e9aa3e am: b62afed286 am: 54d05de798
Change-Id: Ib122e011bb7be162b76b94a31885863d2aff6d1e
2020-02-14 18:57:33 +00:00
Paul Crowley
220567c33a Generalize CryptoType infrastructure
More consistency between MetadataCrypt and cryptfs, and steps towards
supporting Adiantum properly in MetadataCrypt.

Test: create private volume on Cuttlefish
Bug: 147814592
Change-Id: Ic3993c1fde11b4f5a9e6cc8ee588a7d92241c6ab
2020-02-14 00:48:27 -08:00
Shawn Willden
35f0f22c9b Update vold to use KM4.1
This CL updates vold to use the Keymaster 4.1 interface, but does not
yet call any of the new methods.

Test: Boot the device
Change-Id: I4574a2f6eead3b71d1e89488b496b734694620c7
Merged-In: I4574a2f6eead3b71d1e89488b496b734694620c7
2020-02-11 15:51:04 -07:00
Automerger Merge Worker
cc64e0c9af Merge "Fixed a wrong AIDL import path" am: aa038e2f4d am: b35ead2c3a am: 3c78c789d6
Change-Id: Ifccc45bfaf67cc31f12902f56bcc50da238f8901
2020-01-23 03:53:23 +00:00
Shawn Willden
ae8f06fe1c Update vold to use KM4.1
This CL updates vold to use the Keymaster 4.1 interface, but does not
yet call any of the new methods.

Test: Boot the device
Change-Id: I4574a2f6eead3b71d1e89488b496b734694620c7
2020-01-21 06:58:19 -07:00
Jiyong Park
50c3ab6ac1 Fixed a wrong AIDL import path
AIDL import path should point to a root directory where relative path to
an AIDL file encodes the fully qualified name of the type in the file.

Since libvold_binder imports types like
android.os.incremental.IncrementalFileSystemControlParcel which are
under frameworks/base/core/java, the import path should set to the path,
not to the sub directory that directly has the AIDL files.

Bug: 147918827
Test: m
Change-Id: Ic4941578813eced5a7eb59a0656c10b76e902515
2020-01-20 12:37:52 +09:00
Songchun Fan
0583015a57 Merge "[incremental] use vold to mount/unmount IncrementalFileSystem" am: 6bdfb77d8b am: a0945f468a
am: 1119bc8531

Change-Id: I772667d5c43cdf1ff37b156db9f47b61820433c7
2019-12-06 01:16:26 -08:00
Songchun Fan
ab55cecdc1 [incremental] use vold to mount/unmount IncrementalFileSystem
Let vold mount IncFs onto directories under data and open control files.

Test: builds
Change-Id: Ibd96aae254b4fefaf56c9d549c4672a987c46221
2019-12-04 14:01:22 -08:00
Narayan Kamath
02efdf55d2 VolumeManager: limit the scope of remountUid post fork.
We want to be sure we're not allocating memory, holding locks
or otherwise preventing the child process from making progress.

This is a temporary fix of limited scope. In the medium term, it
would be preferable to exec a binary that performs this work for us
as soon as we fork.

Test: manual
Bug: 141678467

Change-Id: I57dbd9b3c887aa27e2dd609abf0ad43c66f4ef2a
2019-11-27 12:48:35 +00:00
Zim
5048b4b2bc Add mount callback
Mounting a FUSE path needs two steps:
1. Mounting the filesystem
2. Starting the FUSE session in the FUSE daemon

The second part requires retriving an fd from (1) and the mount paths
and passing it to the FUSE daemon.

Previously, we'd return from the Vold mount call and mark the volume
as mounted while we scramble to do (2). This means there's a time
period where the Volume is marked as MOUNTED but not actually ready
and any IO access on the paths will hang forever. This could also be
misleading when interpreting bug reports.

Now, we block the Vold mount call until the FUSE session is started

Test: atest AdoptableHostTest
Bug: 144275217

Change-Id: I45238a31df71286f67ef1c65c711d0085d72e97f
2019-11-22 17:06:04 +01:00
Paul Crowley
7ee93a66bb Merge "Remove libfscrypt now it's in libfs_mgr" am: 43f8298bdd am: ce187e7fd6
am: ff5ad94627

Change-Id: Ibeaec1d3fd09893706cd927ff715f5f76d516749
2019-10-30 20:44:43 -07:00
Paul Crowley
8bf310b9f3 Remove libfscrypt now it's in libfs_mgr
Now that we include libfscrypt in libfs_mgr via whole_static_libs we
should not reference it directly.

Bug: 143307095
Test: treehugger
Change-Id: I4cd138b50131ec8ce7835d9604c89c99cae53212
2019-10-30 13:34:49 -07:00
Tao Bao
8679d9e0e9 Merge "Mark libvold_headers as recovery_available." am: 4a13731f08 am: 51143b3555 am: 4ac5065a5d
am: 0ad2c38fc3

Change-Id: Icbaa1be2e9ad4c43e3a18f021fa01a247b21be83
2019-10-03 17:35:35 -07:00
Tao Bao
b1bbc7079c Mark libvold_headers as recovery_available.
recovery modules use <cryptfs.h> (in particular CRYPT_FOOTER_OFFSET).

Test: mmma bootable/recovery
Change-Id: I97b038476ccbeb0a5ac4a6cde86063325bdbb152
2019-10-02 10:50:53 -07:00
Steven Moreland
cbf87ff82c Merge "Remove libhwbinder/libhidltransport deps" am: 88a19b6fe1 am: e3b772e0f7 am: 149f8d0754
am: caeeec6490

Change-Id: Iad05e6116469acd0a2e019c577e5ab05ef6c99bd
2019-09-06 16:28:35 -07:00
Steven Moreland
4496ef9d34 Remove libhwbinder/libhidltransport deps
Since these were combined into libhidlbase.

Bug: 135686713
Test: build only (libhwbinder/libhidltransport are empty)
Change-Id: I890b572d537d66ecb49effd8efc782279c52956e
2019-09-05 14:18:22 -07:00
David Anderson
7cd6ceb835 Merge "libdm now requires linking to libext2_uuid." am: 9e821da9fe am: e91c2686e9 am: d26cb98c4d
am: 0be952d362

Change-Id: Icaa2f68ea5857df5dda76ebeb0ade0bbc9d26ccc
2019-07-12 17:34:58 -07:00
David Anderson
10de69d7bb libdm now requires linking to libext2_uuid.
Bug: 135771280
Test: mm vold -j
Change-Id: Id71c71926841581d4d3bc4a66f4c06294df21028
2019-06-27 13:41:03 -07:00
Janis Danisevskis
1e782f0277 Keymaster memory management is inconsistent
Objects derived from RefBase should always be owned by sp rather then
unique_ptr or other smart pointer implementations.

Bug: 79474587
Change-Id: I6a3ca04b3a3bab74c6114643ffdaeac537188d12
2019-06-12 13:27:20 -07:00
Treehugger Robot
94f300295d Merge "Match src paths with aidl package name" 2019-06-06 02:19:19 +00:00
Dan Willemsen
87c7f882dd Match src paths with aidl package name
In order for the build system to track updates to the header files
during incremental builds, always specify the src files using the same
path as the package for C++ compilations.

Bug: 112114177
Test: treehugger
Change-Id: I9a2d638cbde46f67e2d5761f5b5113cc7e068ec5
2019-06-05 17:03:31 +00:00
David Anderson
b92247368a Replace manual dm ioctls with libdm.
This mostly 1:1 replaces manual ioctls to device-mapper with calls to
libdm. There were two exceptions:

(1) There is a very old table-load-retry loop to workaround issues with
    umount (b/7220345). This loop has been preserved, however, it now
    includes DM_DEV_CREATE as well as DM_TABLE_LOAD.
(2) There was some ancient code to set DM_DEV_GEOMETRY for obb
    dm-devices. This never did anything since geometry must be set after
    loading a table. When setting it before (as vold was doing), the
    subsequent DM_TABLE_LOAD will clear it.

Bug: 132206403
Test: FBE device boots
      FBE device w/ metadata encryption boots
      FDE device boots
      atest StorageManagerIntegrationTest
Change-Id: Ib6db6b47329f093ac7084edaf604eddace8b9ac6
2019-05-13 13:07:12 -07:00
Nick Kralevich
d78fb53378 vold: add android-* to tidy_checks
Bug: 129350825
Test: compiles and boots
Change-Id: If5a6267cc56bfc0ba73602bfa520035197b4fb90
2019-03-29 16:07:58 -07:00
Jiyong Park
8d21c924d7 Don't unmount /storage for early native processes
Motivation:

Early processes launched before the runtime APEX - that hosts the bionic
libs - is activated can't use the bionic libs from the APEX, but from the
system partition (which we call the bootstrap bionic). Other processes
after the APEX activation should use the bionic libs from the APEX.
In order to let both types of processes to access the bionic libs via
the same standard paths /system/lib/{libc|libdl|libm}.so, some mount
namespace magic is used.

To be specific, when the device boots, the init initially bind-mounts
the bootstrap bionic libs to the standard paths with MS_PRIVATE. Early
processes are then executed with their own mount namespaces (via
unshare(CLONE_NEWNS)). After the runtime APEX is activated, init
bind-mounts the bionic libs in the APEX to the same standard paths.
Processes launched thereafter use the bionic libs from the APEX (which
can be updated.)

Important thing is that, since the propagation type of the mount points
(the standard paths) is 'private', the new bind-mount events for the
updated bionic libs should not affect the early processes. Otherwise,
they would experience sudden change of bionic libs at runtime. However,
other mount/unmounts events outside of the private mount points are
still shared across early/late processes as before. This is made possible
because the propagation type of / is 'shared' .

Problem:

vold uses the equality of the mount namespace to filter-out processes
that share the global mount namespace (the namespace of the init). However,
due to the aforementioned change, the early processes are not filtered
out because they have different mount namespaces. As a result,
umount2("/storage/") is executed on them and this unmount event
becomes visible to the global mount namespace (because as mentioned before /
is 'shared').

Solution:

Fiter-out the early processes by skipping a native (non-Java) process
whose UID is < AID_APP. The former condition is because all early
processes are native ones; i.e., zygote is started after the runtime
APEX is activated. The latter condition is to not filter-out native
processes created locally by apps.

Bug: 120266448
Test: m; device boots

Change-Id: I054deedc4af8421854cf35be84e14995523a259a
2019-03-04 16:22:41 +09:00
LongPing Wei
7f3ab95b8d Remove secontext.h, secontext.cpp, hash.h
cryptfs.cpp and MetadataCrypt.cpp can use android::vold::sFsckContext directly.
hash.h is unuseful.

Test: make
Change-Id: I7acdac97d6ed1c9b2a5dc367fcea8aa2942192e8
2019-01-30 16:28:02 +08:00
Michael Wright
ad232d6f84 Remove dependency on libparcelfiledescriptor
This library doesn't actually exist outside of ARC specific branches,
so it will break any ARC product builds.

Test: None
Change-Id: Ic73f470c93ea7d3590dc2b273624988291612344
2018-12-04 12:22:47 +00:00
Treehugger Robot
e7a9d5fbbd Merge "ARC++ swap for AppFuseUtil" 2018-12-01 07:22:19 +00:00
Treehugger Robot
13755d81be Merge "Includes new static libfs_avb" 2018-11-30 06:59:38 +00:00
Bowgo Tsai
549fd0e9ae Includes new static libfs_avb
Bug: 112103720
Test: boot crosshatch_mainline-userdebug
Change-Id: If33f6dbf7a31d57f61c0aca0296f2ff06c8b4a86
2018-11-29 22:17:24 +08:00
Risan
dcbd4fcad2 ARC++ swap for AppFuseUtil
Bug: 110379912
Test: Compiled.
Change-Id: Ib7910ba4df6c60d7125a07b07c62612ed4146ddb
Merged-In: Ib7910ba4df6c60d7125a07b07c62612ed4146ddb
2018-11-14 07:28:36 +00:00
Risan
ac02a4863f Extract AppFuse as a util
Bug: 110379912
Test: testOpenProxyFileDescriptor
Change-Id: I0429a498d7b54682efe9b05815f3470e8745609e
2018-11-14 07:28:06 +00:00
Risan
8c9f33242f StubVolume as first class Volume in Vold
StubVolume is a Volume that is maintained by external party such as the
ChromeOS processes in ARC++.

Bug: 110380403
Test: Tested on ARC++

Change-Id: I3198bd7283d5f60a524da3707dea7385ffec599d
2018-11-08 07:40:43 +00:00
Eric Biggers
a701c458ca vold: rename from "ext4 encryption" to fscrypt
We support file-based encryption on both ext4 and f2fs now, and the
kernel API is the same.  So rename things appropriately in vold:

    e4crypt => fscrypt
    ext4enc => fscrypt
    Ext4Crypt => FsCrypt
    EXT4_* => FS_*
    ext4_encryption_key => fscrypt_key

Additionally, the common functions shared by 'vold' and 'init' are now
in libfscrypt rather than ext4_utils.  So update vold to link to
libfscrypt and include the renamed headers.

Note: there's a chance of 'fscrypt' being confused with the dm-crypt
based encryption code in vold which is called 'cryptfs'.  However,
fscrypt is the name used in the kernel for ext4/f2fs/ubifs encryption,
and it's preferable to use the same name in userspace.

Test: built, booted device with f2fs encryption
Change-Id: I2a46a49f30d9c0b73d6f6fe09e4a4904d4138ff6
2018-10-25 17:12:32 -07:00