scrypt is a sequential memory-hard key derivation algorithm that makes
it more difficult for adversaries to brute force passwords using
specialized equipment. See http://www.tarsnap.com/scrypt/scrypt.pdf for
more details of the algorithm.
This adds support for initializing disk encryption using scrypt and
upgrading from the previous PBKDF2 algorithm.
Change-Id: I1d26db4eb9d27fea7310be3e49c8e6219e6d2c3b
In order to make it easier to upgrade the crypto footer, extract some
constants to a header file instead. Then the header can control what the
current version is and the upgrade_crypto_ftr code should be the only
thing that needs to be updated.
Change-Id: I3ed5a7d3b640419cd8af91388d94a00de8cc09db
In the future, we'd like to have the ability to upgrade from any
supported version to any future version. Change the upgrade function
slightly to support this.
Change-Id: I3b20ccfff51c4c86f1e5e08690c263dc95ff5ce4
The new wipe option to the vold format command will invoke BLKDISCARD
on the partition before invoking newfs_msdos. This will be used whenever
a full wipe of the device is wanted, as this is more secure than just
doing newfs_msdos.
Bug: 9392982
Change-Id: Ie106f1b9cc70abc61206006d1821641c27c7ccae
The new selinux_reload_policy command can take a while to complete on
some systems. The reason is being investigated, and hopefully a fix can
be found to improve performance, but for now, increase the timeout that
vold waits for the post_fs_data section to complete when decrypting a
device on boot.
Also, emit a decent error message if the device times out.
Bug: 8967715
Change-Id: Ifb01c983dffe095a9de752c17c467a1751e9ce99
Fstrim can take a while, so grab a wakelock so it finishes now,
not when the user picks up the device and wakes it back up.
This change does not protect against multiple calls to fstrim
before the first one completes. When the first one completes, it
will release the wakelock, and the device will go to sleep.
However, normal usage is this will not be invoked by the framework
more than once a day, so this should not be an issue.
Bug: 8781133
Change-Id: I8065d1380eaf52ca8a7ca308af66fb6e86d60a66
Fstrim can take a while, so grab a wakelock so it finishes now,
not when the user picks up the device and wakes it back up.
This change does not protect against multiple calls to fstrim
before the first one completes. When the first one completes, it
will release the wakelock, and the device will go to sleep.
However, normal usage is this will not be invoked by the framework
more than once a day, so this should not be an issue.
Bug: 8781133
Change-Id: I8065d1380eaf52ca8a7ca308af66fb6e86d60a66
In order to display the correct language, timezone, airplane
mode and other settings on the decrypt screen, a copy of those
settings needs to be stored unencrypted so the framework can
query them. This adds support to vold to store up to 32
property like key/value pairs that are not encrypted.
Change-Id: Id5c936d2c57d46ed5cff9325d92ba1e8d2ec8972
Some devices can take up to a few minutes to do fstrim. If done
in the same thread as the rest of the vold command listener, then
vold is blocked from responding to any other commands until the
trim is done. So create a thread to do the work, and return
immediately.
bug: 8688454
Change-Id: I780baae03ba7de2d3e805c3e9f103ec03be84c47
When mounting an encrypted filesystem vold calls fs_mgr, which
will call e2fsck on the fielsystem if it's configured to, and
fs_mgr will attempt to log the output the kernel log. However,
if won't log anything unless the klog level is set to 6, aka INFO.
Change-Id: I8ac34941330262ea3414681b872fbbeb75391461
The fstrim subsystem implements the dotrim command, which goes
through all the writable filesystems on the device, and invokes
the FITRIM ioctl() on them. This marks all the unused blocks on
the underlying flash device as unused, so the device performs better.
Change-Id: I5fc8c2f60e0bc823f162d0f89580fb288ecb2160
Change vold to use the unified fstab. This includes both
support for sdcards, and changes to the crypto code to work
with some changes to the fs_mgr library api.
Change-Id: Id5a8aa5b699afe151db6e31aa0d76105f9c95a80
The patch removes the following warnings:
system/vold/vdc.c: In function 'do_cmd':
system/vold/vdc.c:71:17: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
[...]
In file included from system/vold/Fat.cpp:34:0:
bionic/libc/kernel/common/linux/fs.h:109:0: warning: "MS_RMT_MASK" redefined [enabled by default]
In file included from system/vold/Fat.cpp:31:0:
bionic/libc/include/sys/mount.h:64:0: note: this is the location of the previous definition
[...]
Change-Id: I1e950dcec87f8bae0cec61a1611126b3abc0c90e
dm-crypt version 1.11.0 and later supports the allow_discards option
when setting up a crypto device. This passes discard requests from
the filesytem to the underlying block device. This helps make flash
based storage faster. So query the dm-crypt version, and pass the
option if the version is 1.11.0 or greater.
Change-Id: If30e9db5a2dbd6ea0281d91344e5b2c35e75131e
Add a monitoring thread that notifies the main parent thread when the child
process terminates. The return code from the child is then propagated back up
to the parent.
Change-Id: Idf46e100e8dee2e8f1aaa331317f3c4955632183
